1、搭建php-fpm工作方式的LAMP环境,实现wordpress正常访问
安装php-fpm
- php php-mysql php-mbstring php-mcrypt php-fpm php-xcache
[root@web1 ~]# yum -y install php php-mysql php-mbstring php-mcrypt php-fpm php-xcache
配置文件
- php:/etc/php.ini /etc/php.d/*.conf
- php-fpm:/etc/php-fpm.conf /etc/php-fpm.d/*conf
- 修改/etc/php-fpm.d/www.conf
pm.status_path = /pmstatus
ping.path = /ping
ping.response = pong
[root@web1 ~]# cat /etc/php.d/xcache.ini
xcache.size = 60M
<VirtualHost _default_:443>
# General setup for the virtual host, inherited from global configuration
DocumentRoot "/home/www"
ServerName www.xlc.com:443
ProxyRequests off
ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/home/www/$1
ProxyPassMatch ^/(pm-status|ping) fcgi://127.0.0.1:9000/
DirectoryIndex index.html
<Directory "/home/www">
Options None
AllowOverride None
Require all granted
</Directory>
<Directory "/home/www/blog">
Options None
AllowOverride None
Require all granted
DirectoryIndex index.php
</Directory>
<location /server-status>
SetHandler server-status
<RequireAll>
Require ip 192.168.1.3
</RequireAll>
</location>
<location /pm-status>
<RequireAll>
Require ip 192.168.1.3
</RequireAll>
</location>
<location /ping>
SetHandler server-status
<RequireAll>
Require ip 192.168.1.3
</RequireAll>
</location>
</VirtualHost>
[root@web1 ~]# systemctl start php-fpm.service
[root@web1 ~]# systemctl enable php-fpm.service
[root@web1 ~]# systemctl restart httpd.service
2、什么是DML?常用SQL举例,每个命令至少1个例子,最多不超过3个例子
DML
- DATA MANIPULATION LANGUAGE
- 插入数据
- INSERT INTO tb_name() VALUE|VALUES ()|(),();
MariaDB [mydb]> INSERT INTO my_tb(name,gender) VALUES ('jason','M'),('vivian','F'),('jenson','M');
Query OK, 3 rows affected (0.04 sec)
Records: 3 Duplicates: 0 Warnings: 0
MariaDB [mydb]> SELECT * FROM my_tb;
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 1 | jason | M |
| 2 | vivian | F |
| 3 | jenson | M |
+----+--------+--------+
3 rows in set (0.01 sec)
- 替换插入数据
- REPLACE INTO tb_name() VALUE|VALUES ()|(),();
- 查看
- 顺序:FROM-WHERE-GROUP BY-HAVING-ORDER BY-SELECT-LIMIT
- 查看所有
- SELECT * FROM tb_name;
MariaDB [mydb]> SELECT * FROM my_tb;
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 1 | jason | M |
| 2 | vivian | F |
| 3 | jenson | M |
+----+--------+--------+
3 rows in set (0.01 sec)
MariaDB [mydb]> SELECT id,name,gender AS sex FROM my_tb;
+----+--------+------+
| id | name | sex |
+----+--------+------+
| 1 | jason | M |
| 2 | vivian | F |
| 3 | jenson | M |
+----+--------+------+
3 rows in set (0.00 sec)
- 查看WHERE条件取行
- col_name 操作符 value
- BETWEEN A AND B
- IS NULL
- IS NOT NULL
- IN (1,2,3)
- LIKE 'd%'
- RLIKE '^D'
MariaDB [mydb]> SELECT id,name,gender FROM my_tb WHERE gender IS NOT NULL;
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 1 | jason | M |
| 2 | vivian | F |
| 3 | jenson | M |
+----+--------+--------+
3 rows in set (0.00 sec)
MariaDB [mydb]> SELECT id,name,gender FROM my_tb WHERE gender='F';
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 2 | vivian | F |
+----+--------+--------+
1 row in set (0.00 sec)
MariaDB [mydb]> SELECT id,name,gender FROM my_tb WHERE name LIKE '%an%';
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 2 | vivian | F |
+----+--------+--------+
1 row in set (0.00 sec)
MariaDB [mydb]> SELECT id,name,gender FROM my_tb WHERE name RLIKE 'an';
+----+--------+--------+
| id | name | gender |
+----+--------+--------+
| 2 | vivian | F |
+----+--------+--------+
1 row in set (0.00 sec)
- GROUP BY分组,HAVING 分组后过滤
- ORDER BY 排序,LIMIT 只取前n行
- 聚合函数 count() sum(),avg(),max() min()
MariaDB [mydb]> SELECT gender,count(*) AS count FROM my_tb GROUP BY gender HAVING count=1 ORDER BY count LIMIT 1;
+--------+-------+
| gender | count |
+--------+-------+
| F | 1 |
+--------+-------+
1 row in set (0.01 sec)
MariaDB [mydb]> SELECT gender,count(*),sum(score),avg(score),max(score),min(score) FROM my_tb GROUP BY gender;
+--------+----------+------------+------------+------------+------------+
| gender | count(*) | sum(score) | avg(score) | max(score) | min(score) |
+--------+----------+------------+------------+------------+------------+
| M | 2 | 170 | 85.0000 | 100 | 70 |
| F | 1 | 80 | 80.0000 | 80 | 80 |
+--------+----------+------------+------------+------------+------------+
2 rows in set (0.00 sec)
- 删除行
- DELETE FROM tb_name WHERE
- 修改行
- UPDATE col_name SET col_name=value WHERE
MariaDB [mydb]> DELETE FROM my_tb WHERE id=3;
Query OK, 1 row affected (0.04 sec)
MariaDB [mydb]> SELECT * FROM my_tb;
+----+--------+--------+-------+
| id | name | gender | score |
+----+--------+--------+-------+
| 1 | jason | M | 70 |
| 2 | vivian | F | 80 |
+----+--------+--------+-------+
2 rows in set (0.00 sec)
MariaDB [mydb]> UPDATE my_tb SET score=90 WHERE id=2;
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [mydb]> SELECT * FROM my_tb;
+----+--------+--------+-------+
| id | name | gender | score |
+----+--------+--------+-------+
| 1 | jason | M | 70 |
| 2 | vivian | F | 90 |
+----+--------+--------+-------+
2 rows in set (0.00 sec)
3、简述ftp的主动和被动模式,并实现基于pam认证的vsftpd
- 数据连接两种模式:
- 主动模式:PORT,服务端20号端口请求客户端的命令端口+1
- 被动模式:PASV,服务端通知客户端,客户端请求服务端的随机端口
虚拟用户配置
- pam_mysql 编译安装
- yum -y install mariadb-devel pam-devel
- ./configure --with-mysql=/usr --with-pam=/usr --with-pam-mods-dir=/usr/lib64/security/
- make&&make install
- 配置文件
- 开启guest_enable来宾用户
- 开启guest_username=user
- mysql授权用户
- 新建/etc/pam.d/vsftpd.user
- 可以通过user_config_dir=...对每个用户分别配置权限
4、简述NFS服务原理及配置
nfs
- network file system
- 内核nfs模块
- 使用rpc,远程过程调用,充当端口中介
- 可以使用集中用户认证:nis,ldap
- 来宾账号:nfsnobody
- 是一种共享存储,可以多客户端访问一个服务端
- 四个服务
- 1.rpcbind端口注册
- 2.rpc.mountd 认证
- 3.rpc.locked 加锁
- 4.rpc.statd 状态
- 启动nfs.service 可以开启其他服务,2049的tcp端口,rpcbind是111端口
- 查看模块 lsmod|grep nfs
服务端安装并启动服务
- yum -y install nfs-utils
- systemctl start nfs.service
- systemctl enable nfs.service
- 修改固定端口:/etc/sysconfig/nfs
[root@center ~]# yum -y install nfs-utils
[root@center ~]# systemctl start nfs.service
[root@center ~]# systemctl enable nfs.service
发布目录
- 修改/etc/exports
- 格式:/PATH clients1(options1,option2) client2(options)
- 默认option是:ro,async,root_squash
- root_squash是将root压缩nfsnobody
- 可以将文件变为all_squash或anonuid= anongid=
- 修改后要exportfs -rav重新加载
[root@center ~]# cat /etc/exports
/home/xlc/ftp 192.168.1.0/24(rw,anonuid=1000,anongid=1000)
[root@center ~]# exportfs -rav
exporting 192.168.1.0/24:/home/xlc/ftp
客户端操作
- yum安装nfs-utils
- showmount -e ip 查看有哪些目录
- mount -t nfs 源 目的可以挂载
- 挂载到/etc/fstab里,要使用nfs格式挂载,建议使用/etc/rc.local挂载
- 可以指定挂载选项rsize wsize
- 使用完后可以关闭rpc-statd和rpcbind服务
[root@python ~]# yum -y install nfs-utils
[root@python ~]# showmount -e 192.168.1.9
Export list for 192.168.1.9:
/home/xlc/ftp 192.168.1.0/24
[root@python ~]# mount -t nfs 192.168.1.9:/home/xlc/ftp /mnt
[root@python ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 119G 2.0G 117G 2% /
devtmpfs 234M 0 234M 0% /dev
tmpfs 244M 0 244M 0% /dev/shm
tmpfs 244M 4.5M 240M 2% /run
tmpfs 244M 0 244M 0% /sys/fs/cgroup
/dev/sda1 197M 124M 73M 64% /boot
tmpfs 49M 0 49M 0% /run/user/1000
192.168.1.9:/home/xlc/ftp 119G 2.0G 117G 2% /mnt
[root@python ~]# cd /mnt/
[root@python mnt]# touch abc.txt
[root@python mnt]# ll
total 0
-rw-r--r-- 1 xlc xlc 0 Aug 6 22:22 abc.txt
[root@python ~]# systemctl stop rpc-statd
[root@python ~]# systemctl stop rpcbind
5、简述samba服务,并实现samba配置
samba
- 实现跨文件系统共享服务
- smb服务:service message block,实现cifs协议(common internet file system)
- windows需要netbios服务实现主机名解析
- 主程序:nmbd:实现netbios服务
- smbd:实现smb/cifs协议共享
安装
- 客户端:samba-client
- 服务端:samba
- 启动:nmb smb
- 配置文件:/etc/samba/smb.conf
- 端口:137 138的udp,139 445的tcp
- 客户端安装并挂载
[root@python ~]# yum -y install samba-client
[root@python ~]# mount -t cifs -o username=xuluchuan,password=123456 //192.168.1.3:/samba /mnt
- 服务端配置文件
- 网络段:interfaces固定网卡,hosts allow允许白名单
- 共享段:默认允许所有samba用户访问家目录
[root@center samba]# grep -Ev ";|^#|^$" smb.conf|grep -Ev "^[[:space:]]+#"
[global]
workgroup = MYGROUP
server string = Samba Server Version %v
interfaces = lo enp0s3
hosts allow = 127. 192.168.1.
log file = /var/log/samba/log.%m
max log size = 50
security = user
passdb backend = tdbsam
load printers = yes
cups options = raw
[homes]
comment = Home Directories
browseable = no
writable = yes
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = no
writable = no
printable = yes
[root@center samba]# smbpasswd -a xlc
New SMB password:
Retype new SMB password:
Added user xlc.
[root@center samba]# systemctl start nmb.service
[root@center samba]# systemctl start smb.service
[root@center samba]# systemctl enable nmb.service
Created symlink from /etc/systemd/system/multi-user.target.wants/nmb.service to /usr/lib/systemd/system/nmb.service.
[root@center samba]# systemctl enable smb.service
Created symlink from /etc/systemd/system/multi-user.target.wants/smb.service to /usr/lib/systemd/system/smb.service.
[root@python ~]# smbclient -L 192.168.1.9 -U xlc
Enter SAMBA\xlc's password:
Sharename Type Comment
--------- ---- -------
IPC$ IPC IPC Service (Samba Server Version 4.7.1)
xlc Disk Home Directories
Reconnecting with SMB1 for workgroup listing.
Server Comment
--------- -------
Workgroup Master
--------- -------
MYGROUP CENTER
[root@python ~]# smbclient //192.168.1.9/xlc -U xlc
Enter SAMBA\xlc's password:
Try "help" to get a list of possible commands.
smb: \> ls
. DR 0 Sun Aug 5 23:58:19 2018
.. D 0 Mon Jul 23 00:48:20 2018
.bash_logout H 18 Wed Apr 11 08:53:01 2018
.bash_profile H 193 Wed Apr 11 08:53:01 2018
.bashrc H 231 Wed Apr 11 08:53:01 2018
.bash_history H 1954 Mon Aug 6 00:02:31 2018
.ssh DH 0 Sun Aug 5 14:09:49 2018
.vimrc H 101 Sun Aug 5 13:48:14 2018
fenfa.sh N 520 Sun Aug 5 14:30:13 2018
.viminfo H 5926 Sun Aug 5 14:30:13 2018
ftp D 0 Mon Aug 6 22:24:18 2018
124513896 blocks of size 1024. 122451668 blocks available
smb: \> exit
- windows使用win+r \192.168.1.9\xlc查看
- 共享目录
- [shared_fs]:共享名
- comment:注释信息
- path:共享路径
- browseable:能否浏览
- guest ok:是否允许来宾用户
- public:是否公开
- writeable:是否可写
- read only:是否只读
- write list:可写用户名或组名
- 使用testparm检查配置文件
[root@center samba]# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Processing section "[ftp]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
# Global parameters
[global]
interfaces = lo enp0s3
log file = /var/log/samba/log.%m
max log size = 50
security = USER
server string = Samba Server Version %v
workgroup = MYGROUP
idmap config * : backend = tdb
cups options = raw
hosts allow = 127. 192.168.1.
[ftp]
browseable = No
comment = ftp files
path = /home/xlc/ftp
write list = xlc
[root@center samba]# systemctl restart nmb.service smb.service
mount -t cifs -o username=xlc,password=123456 //192.168.1.9:/ftp /mnt
[root@center samba]# pdbedit -L
xlc:1000:
[root@center samba]# smbstatus
Samba version 4.7.1
PID Username Group Machine Protocol Version Encryption Signing
----------------------------------------------------------------------------------------------------------------------------------------
12210 xlc xlc 192.168.1.3 (ipv4:192.168.1.3:49992) SMB2_10 - -
Service pid Machine Connected at Encryption Signing
---------------------------------------------------------------------------------------------
IPC$ 12210 192.168.1.3 Tue Aug 7 07:12:18 PM 2018 CST - -
ftp 12210 192.168.1.3 Tue Aug 7 07:12:17 PM 2018 CST - -
Locked files:
Pid Uid DenyMode Access R/W Oplock SharePath Name Time
--------------------------------------------------------------------------------------------------
12210 1000 DENY_ALL 0x100080 RDONLY NONE /home/xlc/ftp . Tue Aug 7 19:12:17 2018
12210 1000 DENY_NONE 0x100081 RDONLY NONE /home/xlc/ftp . Tue Aug 7 19:12:17 2018