如何在 Mac 上开启 Apache, PHP, MySQL

Apache

开启 Apache

  1. Applications > Utilities > Terminal > sudo apachectl start
  2. Open http://localhost with safari you can see “It’s works!”.

开启为系统的守护进程

1
$ launchctl load -w /System/Library/LaunchDaemons/org.apache.httpd.plist

配置 HTTPS 的详细步骤:

  1. 在配置文件中使能HTTPS/SSL:/private/etc/apache2/httpd.conf

    • 去掉 SSL 模块前的注释使能它:
      LoadModule ssl_module libexec/apache2/mod_ssl.so
    • 去掉包含 SSL 配置文件前的注释,以便顶层配置文件能包含它:
      Include /private/etc/apache2/extra/httpd-ssl.conf
  2. 定制/private/apache2/extra/httpd-ssl.conf

    • 更新 DocumentRoot 指向你的 Web 根目录:
      DocumentRoot "/Users/dongmeiliang/Sites"

    • 修改 ServerName 成类似这样:
      ServerName localhost:443

    • 指定 SSLCertificateFile
      SSLCertificateFile "/private/etc/apache2/ssl/ssl.crt"

    • 指定 SSLCertificateKeyFile
      SSLCertificateKeyFile "/private/etc/apache2/ssl/ssl.key"

    • 在 SSLCACertificatePath 和 SSLCARevocationPath 配置项前加上 # ,注释掉它们。
继续阅读

Enumerated Constants

Objective-C中的枚举常量大致有以下四种情形:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
// 1. unnamed enumerations
enum {
    NSBorderlessWindowMask      = 0,
    NSTitledWindowMask          = 1 << 0,
    NSClosableWindowMask        = 1 << 1,
    NSMiniaturizableWindowMask  = 1 << 2,
    NSResizableWindowMask       = 1 << 3
 
};

`- (void)setStyleMask:(NSUInteger)styleMask`

// 2 
typedef enum _NSMatrixMode {
    NSRadioModeMatrix           = 0,
    NSHighlightModeMatrix       = 1,
    NSListModeMatrix            = 2,
    NSTrackModeMatrix           = 3
} NSMatrixMode;

// 3
typedef NS_ENUM(NSInteger, UITableViewCellStyle) {
    UITableViewCellStyleDefault,
    UITableViewCellStyleValue1,
    UITableViewCellStyleValue2,
    UITableViewCellStyleSubtitle
};

// 4
typedef NS_OPTIONS(NSUInteger, NSLayoutFormatOptions) {
    NSLayoutFormatAlignAllLeft = (1 << NSLayoutAttributeLeft),
    NSLayoutFormatAlignAllRight = (1 << NSLayoutAttributeRight),
    NSLayoutFormatAlignAllTop = (1 << NSLayoutAttributeTop),
    NSLayoutFormatAlignAllBottom = (1 << NSLayoutAttributeBottom),
    NSLayoutFormatAlignAllLeading = (1 << NSLayoutAttributeLeading),
    NSLayoutFormatAlignAllTrailing = (1 << NSLayoutAttributeTrailing),
    NSLayoutFormatAlignAllCenterX = (1 << NSLayoutAttributeCenterX),
    NSLayoutFormatAlignAllCenterY = (1 << NSLayoutAttributeCenterY),
    NSLayoutFormatAlignAllBaseline = (1 << NSLayoutAttributeBaseline),
    NSLayoutFormatAlignAllLastBaseline = NSLayoutFormatAlignAllBaseline,
    NSLayoutFormatAlignAllFirstBaseline NS_ENUM_AVAILABLE_IOS(8_0) = (1 << NSLayoutAttributeFirstBaseline),
    
    NSLayoutFormatAlignmentMask = 0xFFFF,
    
    /* choose only one of these three
     */
    NSLayoutFormatDirectionLeadingToTrailing = 0 << 16, // default
    NSLayoutFormatDirectionLeftToRight = 1 << 16,
    NSLayoutFormatDirectionRightToLeft = 2 << 16,  
    
    NSLayoutFormatDirectionMask = 0x3 << 16,  
};

情形一相当于定义了常量,但不定义类型;
情形二定义了一个NSMatrixMode类型;

情形三定义了一个NSInteger的UITableViewCellStyle类型;
情形四支持C++的枚举特性。

The NS_OPTIONS macro is defined in different ways if compiling as C++ or not. If it’s not C++, it’s expanded out the same as NS_ENUM. However, if it is C++, it’s expanded out slightly differently. Why? The C++ compiler acts differently when two enumeration values are bitwise OR’ed together. This is something, as shown earlier, that is commonly done with the options type of enumeration. When two values are OR’ed together, C++ considers the resulting value to be of the type the enumeration represents: NSUInteger. It also doesn’t allow the implicit cast to the enumeration type.

Reference:
Effective Objective-C 2.0
NS_ENUM & NS_OPTIONS

Linux 使用笔记(一)

1.Create new account

1
sudo adduser --home /home/username --shell /bin/bash --ingroup git username

2.List all groups and the user names that were in each group

1
2
3
for u in `cut -f1 -d: /etc/passwd`; do echo -n $u:; groups $u; done | sort

groups $(cut -f1 -d":" /etc/passwd) | sort

3.How to set up ssh so you aren’t asked for a password

You can create a RSA authentication key to be able to log into a remote site from your account, without having to type your password.

Note that once you’ve set this up, if an intruder breaks into your account/site, they are given access to the site you are allowed in without a password, too! For this reason, this should never be done from root.

  • Run ssh-keygen(1) on your machine, and just hit enter when asked for a password. This will generate both a private and a public key. With older SSH versions, they will be stored in ~/.ssh/identity and ~/.ssh/identity.pub; with newer ones, they will be stored in ~/.ssh/id_rsa and ~/.ssh/id_rsa.pub.
  • Next, add the contents of the public key file into ~/.ssh/authorized_keys on the remote site (the file should be mode 600). If you are a developer and you want to access debian.org systems with such a key, it’s possible to have the developer database propagate your key to all of the debian.org machines. See the LDAP gateway documentation. You should then be able to use ssh to log in to the remote server without being asked for a password.

Reference:https://www.debian.org/devel/passwordlessssh

4.Finding all files containing a text string on Linux

1
2
3
$ grep -rnw 'directory' -e "pattern"
// eg:
$ grep -rnw source/_posts/  -e "pragma"

Reference: http://stackoverflow.com/questions/16956810/finding-all-files-containing-a-text-string-on-linux

5.Show bash script commands without executing them

There are two useful debug outputs for that task (both are written to stderr):

set -v mode (set -o verbose) prints commands to be executed to stderr just like they are read from input (script file or keyboard) prints everything before anything ( substitutions and expansions, …) big is applied set -x mode (set -o xtrace) prints everything like it really is executed, after substitutions and expansions applied indicates the depth-level of the subshell (by default by preceeding a + (plus) sign to the shown command) indicates the recognized words after word splitting by marking them like ‘x y’ in a 4.1 version of the shell, this debug output can be printed to a configurable file descriptor (by setting the BASH_XTRACEFD variable) rather than stdout

Hint: These modes can be entered when calling Bash:

from commandline: bash -vx ./myscript eventually (OS dependant) from shebang: #!/bin/bash -vx

Reference:http://wiki.bash-hackers.org/scripting/debuggingtips

6.Toggle Web Sharing on or off in OSX 10.10

1
2
3
4
5
6
7
8
9
10
11
12
13
// Start
sudo apachectl start

// Stop
sudo apachectl stop

// Restart
sudo apachectl restart

// find the Apache version
httpd -v

// After starting Apache – test to see if the webserver is working in the browser – http://localhost – you should see the “It Works!” text.

Reference:http://coolestguidesontheplanet.com/get-apache-mysql-php-phpmyadmin-working-osx-10-10-yosemite/

7.List open ports on your machine (Mac OS X)

1
sudo lsof -i -P | grep -i "listen"

Reference:http://juretta.com/log/2007/08/08/list_open_ports_on_your_machine_mac_os_x_/

8.What do the numbers in a man page mean?

1
2
3
4
5
6
7
8
9
10
11
12
13
14
MANUAL SECTIONS
    The standard sections of the manual include:

    1      User Commands
    2      System Calls
    3      C Library Functions
    4      Devices and Special Files
    5      File Formats and Conventions
    6      Games et. Al.
    7      Miscellanea
    8      System Administration tools and Deamons

    Distributions customize the manual section to their specifics,
    which often include additional sections.

9.jenkins

1
2
3
4
5
6
7
8
Note: When using launchctl the port will be 8080.

To have launchd start jenkins at login:
  ln -sfv /usr/local/opt/jenkins/*.plist ~/Library/LaunchAgents
Then to load jenkins now:
  launchctl load ~/Library/LaunchAgents/homebrew.mxcl.jenkins.plist
Or, if you don't want/need launchctl, you can just run:
  jenkins

10.Mac 上 Openssl 的配置文件路径

/System/Library/OpenSSL/openssl.cnf

11.Find

find的使用实例:

搜索当前目录(含子目录,以下同)中,所有文件名以my开头的文件:

1
$ find . -name 'my*'

搜索当前目录中,所有文件名以my开头的文件,并显示它们的详细信息:

1
$ find . -name 'my*' -ls

搜索当前目录中,所有过去10分钟中更新过的普通文件。如果不加-type f参数,则搜索普通文件+特殊文件+目录:

1
$ find . -type f -mmin -10

搜索当前目录中,所有以my开头的目录:

1
$ find ~ -type d -name 'my*'

Reference:http://www.ruanyifeng.com/blog/2009/10/5_ways_to_search_for_files_using_the_terminal.html

12.Enable Debian server pptpd’s log and debug

To diagnose faults, enable the options debug dump in /etc/ppp/pptpd-options. The change is effective on the next connection. The debug output goes to /var/log/debug, and the dump output and usual output to /var/log/messages.

Referenc:http://poptop.sourceforge.net/dox/debian-howto.phtml

13.iptables remove specific rules

Execute the same commands but replace the “-A” with “-D”. For example:

1
2
3
4
$ iptables -A INPUT -i eth0 -p tcp --dport 443 -j ACCEPT
becomes

$ iptables -D INPUT -i eth0 -p tcp --dport 443 -j ACCEPT

14.How to use tcpdump?

tcpdump can be used to capture the packets exchanged between the PPTP Client and the PPTP Server. By comparing the packets with what should be happening, you may determine what the cause of a problem might be. Give to tcpdump the name of the network interface that connects to the PPTP Server, which for dial-up users would be ppp0, and for ADSL users eth0. Then, in another window or console, start the tunnel.

Start tcpdump in one window: Then run pppd in the other window:

1
2
# tcpdump -i eth0
# pppd call tunnel

The tcpdump command should show you the packets as they are received or transmitted. Press Control/C when you do not need to capture any more packets.

You should see a connection to port 1723, followed by GRE packets in both directions. If you can see this, then you have full network connectivity. If you can’t, you must find the problem.

Note: if you get an error:

tcpdump: pcap_loop: read: Network is down then you may be using tcpdump on the wrong interface. Use ifconfig to list the available interfaces and choose the one through which your client must contact the server. See our diagrams if you’re still confused.

The above technique is useful for quick checking, but for detailed analysis a binary tcpdump is required.

Security Warning Internet addresses of your client and server, usernames and passwords are included in a binary tcpdump. This information may allow someone to gain equivalent access to protected networks. If you do not want to give away this information, convert it to text and remove it before sending the log to someone else. If you have been asked to capture a complete tcpdump packet trace, for analysis by someone else, you should:

add -w file to tell it to save the packets to the file file, add -s 0 to capture all of each packet, and add tcp port 1723 or proto 47 to keep only the PPTP packets, if the client is performing other network traffic at the time. For example:

1
# tcpdump -i eth0 -w my.tcpdump -s 0 tcp port 1723 or proto 47

Again, once the packets have been collected, use Control/C to stop the tcpdump process. The file containing the packets can then be e-mailed or analysed.

You may analyse it using ethereal.

1
# ethereal my.tcpdump

Note: when using ethereal, clicking on a byte in the hex dump will highlight the field name of the data in the packet, and vice versa. You may also analyse it using tcpdump:

1
# tcpdump -n -r my.tcpdump > my.tcpdump.txt

This converts it to text, saving the output into a file my.tcpdump.txt. This often hides the username and password. You may wish to globally substitute the IP addresses. Check your results to ensure your security.

15.Viewing all iptables rules

You just need to specify the appropriate table:

1
2
$ iptables --table nat --list
$ iptables -t nat -L

If you don’t specify a table, the filter table is used as the default. You can get even more information by including the -v or –verbose option.