Press "Enter" to skip to content

Tag: FreeBSD

Linux/FreeBSD 下tar加密压缩命令

热度 64 度

加密压缩

tar -czvf - file | openssl des3 -salt -k password -out kiccleaf.tar.gz

解密解压

openssl des3 -d -k password -salt -in kiccleaf.tar.gz | tar zxvf -

file:可以是文件或是目录,多文件/目录空格隔开
password:需要设定的密码

需要注意事项:
在命令行直接输入命令进行加密操作,一般系统在用户的命令历史Linux【.bash_history】/FreeBSD下【.history】文件里面会记录了命令行也就知道了密码,所以如果系统记录了操作的命令行则需要清掉涉及的历史记录或清空,也可以在加密时候不要使用 -k 参数以及后面的密码串,等询问时候再进行输入,解压输入 密码串,这样就不会泄漏密串。如下操作:

加密码提示输入密串,需要输入两次
[root@kiccleaf ~]# tar -czvf - kiccleaf | openssl des3 -salt -out kiccleaf.tar.gz
test.sh
enter des-ede3-cbc encryption password:
Verifying - enter des-ede3-cbc encryption password:

直接解压不可以咯
[root@kiccleaf ~]# tar zxvf kiccleaf.tar.gz 

gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now

解压提示输入密串
[root@kiccleaf ~]# openssl des3 -d -salt -in kiccleaf.tar.gz | tar zxvf -
enter des-ede3-cbc decryption password:
test.sh

Leave a Comment

CentOS8/FreeBSD12的Nginx+php-fpm.conf优化配置

热度 98 度

首先优化配置会结合机器硬件的配置进行的,不能无限制无目的的进行,所以先了解自己的cpu,内存,硬盘等信息,然后进行系统的优化,再然后才到应用类的优化设置。

测试环境:CPU E3-1231 V3 四核八线程,内存32G

FreeBSD中Nginx.conf文件配置

user  www www;
worker_processes  auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 51200;

#worker_rlimit_nofile 是nginx能打开文件的最大句柄数,我们需要把这个数字设大一点。
#linux系统的文件查看数限制查看是用 ulimit -n ,修改这个限制是用 ulimit -HSn 65535

events {
        worker_connections 51200;
}

#开启gzip减少带宽
http {

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";
}

CentOS8中的Nginx.conf文件配置

user  www www;

worker_processes auto;
worker_cpu_affinity auto;
worker_rlimit_nofile 51200;
#worker_rlimit_nofile 是nginx能打开文件的最大句柄数,我们需要把这个数字设大一点。
#linux系统的文件查看数限制查看是用 ulimit -n ,修改这个限制是用 ulimit -HSn 65535
events
    {
        use epoll;
        worker_connections 51200;
        multi_accept off;
        accept_mutex off;
    }
http
    {
        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.1;
        gzip_comp_level 2;
        gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
        gzip_vary on;
        gzip_proxied   expired no-cache no-store private auth;
        gzip_disable   "MSIE [1-6]\.";

events模块中use设置说明
use epoll
使用epoll的I/O 模型(值得注意的是如果你不知道Nginx该使用哪种轮询方法的话,它会选择一个最适合你操作系统的)
补充说明:与apache相类,nginx针对不同的操作系统,有不同的事件模型
A)标准事件模型
Select、poll属于标准事件模型,如果当前系统不存在更有效的方法,nginx会选择select或poll
B)高效事件模型
Kqueue:使用于FreeBSD 4.1+, OpenBSD 2.9+, NetBSD 2.0 和 MacOS X.使用双处理器的MacOS X系统使用kqueue可能会造成内核崩溃。
Epoll:使用于Linux内核2.6版本及以后的系统。
/dev/poll:使用于Solaris 7 11/99+, HP/UX 11.22+ (eventport), IRIX 6.5.15+ 和 Tru64 UNIX 5.1A+。
Eventport:使用于Solaris 10. 为了防止出现内核崩溃的问题, 有必要安装安全补丁
查看linux版本号可以使用 cat /proc/version命令

worker_processes,工作进程数
1.默认:worker_processes: 1
这里直接设置为auto,根据需求自动调整

worker_cpu_affinity auto;
允许将工作进程自动绑定到可用的CPU

worker_connections,单个工作进程可以允许同时建立外部连接的数量,数字越大,能同时处理的连接越多
1.默认:worker_connections: 1024

worker_connections解析
1.connections不是随便设置的,而是与两个指标有重要关联,一是内存,二是操作系统级别的“进程最大可打开文件数”。
2.进程最大可打开文件数:进程最大可打开文件数受限于操作系统,可通过 ulimit -n 命令查询,以前是1024,现在是65535。(常规系统都配置成65535)

这些官方信息更全面,我这里只讲我优化配置的点,因为服务器需求不同,这些配置会做相应调整,不能盲目的认为这些值是固定的。

接下去说一下php-fpm.conf文件的配置

FreeBSD文件配置默认情况在:/usr/local/etc/php-fpm.d/www.conf

CentOS8文件配置默认情况在:/usr/local/php/etc/php-fpm.conf

#最大子进程数量,一般每个php-cgi所耗费的内存为20M左右
#如果这个值设置的比较小,那么等待的请求时间会出现502超时
#32G内存服务器可以设置1600,但实际应用中不会这样配置,而是根据自己需求进行设定
pm.max_children = 800

#启动时创建的子进程数,常规10~20之间就可以,20个的话是400M内存
pm.start_servers = 40

#为避免内存泄露,php-fpm有这么一个机制,
#当一个php-cgi进程处理的请求数达到这个配置后,则会自动重启该进程,
#所以在高并发中,经常导致502错误,解决方法就是把这个值设置大一些,
#减少进程重启次数,减少高并发情况下502错误。
pm.max_requests = 10240

#单个请求的超时中止时间,超时后会终止进程,nginx发现信号断了,
#就会给客户端返回502错误。和php.ini的max_execution_time配置不冲突,
#谁先达到时间谁先起作用。
request_terminate_timeout = 100

#保证空闲进程数最小值,如果空闲进程小于此值,则创建新的子进程
pm.min_spare_servers = 40

#保证空闲进程数最大值,如果空闲进程大于此值,此进行清理
pm.max_spare_servers = 80

#空闲进程超时时间10秒
pm.process_idle_timeout = 10s

#状态页,可以通过该状态页了解监控 php-fpm 的状态,status可以修改成自己的名称
#pm.status_path = /status
pm.status_path = /kiccleaf
    server {
        listen       80;
        server_name  localhost;
        #Nginx状态页,监控Nginx状态增加以下内容
        location /nginx_status {
                stub_status on;
                access_log off;
                #允许内网访问IP
                allow 192.168.1.8;
                allow 127.0.0.1;
                deny all;
        }
        #php-fpm监控页,增加以下内容
        location = /kiccleaf {
                include fastcgi_params;
                fastcgi_pass unix:/tmp/php-cgi.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }
}

打开http://网址/nginx_status 显示:

Active connections: 2 
server accepts handled requests
 6 6 78 
Reading: 0 Writing: 1 Waiting: 1 

打开http://网址/kiccleaf 显示:

pool:                 www
process manager:      dynamic
start time:           31/Aug/2020:15:59:56 +0800
start since:          12
accepted conn:        14
listen queue:         0
max listen queue:     0
listen queue len:     0
idle processes:       39
active processes:     1
total processes:      40
max active processes: 1
max children reached: 0
slow requests:        0
Leave a Comment

FreeBSD12安装Nginx1.18+PHP7.4+MariaDB10.4的网站环境

热度 95 度

个人很喜欢FreeBSD系统,简单,占用资源少,在网站大并发处理方面性能比Linux要好很多,稳定运行三五年都不用重启,因为之前做广告投放系统,每天大并发300多万,Linux并发一上来压力就大系统就慢下来,搞不好就挂机了,然而FreeBSD安然无恙,所以还有什么理由不选择这么优秀的系统来做大并发服务呢?(当然这里还涉及到很多系统安全及优化操作,等空了再分享给大家,先记录一下基本环境的搭建)

常用的工具
pkg install vim wget screen
编译扩展时用到的
pkg install autoconf

这里需要的扩展就自己选择增加吧,不知道的可以用才下工具查出你想要的扩展吧

pkg search php74

开始NGINX+PHP7.4.9+MARIADB的安装:

pkg install php74 php74-zlib php74-exif php74-gd php74-mbstring php74-xml php74-pdo php74-pdo_mysql php74-pdo_pgsql php74-mysqli php74-curl php74-opcache php74-intl php74-sockets php74-zip php74-openssl php74-bz2 php74-pecl-redis php74-session php74-json php74-dom php74-fileinfo php74-simplexml php74-simplexml php74-pdo_sqlite php74-iconv php74-pecl-imagick-im7 php74-filter php74-phar php74-calendar php74-ctype php74-exif php74-bcmath php74-dba php74-tokenizer php74-extensions php73-zip nginx-full mariadb104-server-10.4.13_4 mariadb104-client-10.4.13_4

开机启动项/etc/rc.conf增加:

php_fpm_enable="yes"
nginx_enable="yes"
mysql_enable="yes"
mysql_pidfile="/var/db/mysql/mysql.pid"
mysql_optfile="/usr/local/etc/my.cnf"

PHP配置/usr/local/etc/php-fpm.d/www.conf

[www]
user = www
group = www

;listen = 127.0.0.1:9000
 (注释掉或删除,添加以下这一行/tmp/php-cgi.sock)
listen = /tmp/php-cgi.sock

开启以下三行
listen.owner = www
listen.group = www
listen.mode = 0660

为什么要用unix:/tmp/php-cgi.sock替代127.0.0.1:9000呢?最主要的就是unix socket比tcp快,所以对大并发的网站优化过后性能提升不少,这一点你GET到了吗?启动php-fpm自动生成/tmp/php-cgi.sock。

对php.ini文件的修改,增加重要的函数进行屏蔽

disable_functions = passthru,system,chroot,scandir,chgrp,chown,shell_exec,proc_open,proc_get_status,popen,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,stream_socket_server
根据服务器内存大小调整
memory_limit = 128M
上传文件最大5M
upload_max_filesize = 5M

根据需要开启opcache缓存,能提升性能
[opcache]
opcache.enable=1
opcache.enable_cli=1
opcache.memory_consumption=128
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.max_wasted_percentage=5
opcache.validate_timestamps=1
opcache.revalidate_freq=10

validate_timestamps配置项用于验证是否要重新生成缓存脚本, 如果设置为 0(性能最佳),需要手动在每次 PHP 代码更改后手动清除 opcache。除了重启php-fpm的进程可以清理opcache缓存外, 通过PHP函数可以手动清除:

<?php opcache_reset();?>

网络上其他朋友说,当PHP以PHP-FPM的方式运行的时候,opcache的缓存是无法通过php命令进行清除的,只能通过http或cgi到php-fpm进程的方式来清除缓存(此说法本人未验证过)。我配置的生产环境一般都会通过重启php-fpm进程来清除缓存,所以一般一直缓存着高效。

validate_timestamps配置项如果值为 0,那么 revalidate_freq 将失去作用。
revalidate_freq 用于控制 opcache 多久生成一次缓存字节码,这里配置了默认 10s。所以一般我们在开发环境中将上面两个值配置为:

opcache.validate_timestamps=1;
opcache.revalidate_freq=1;

php.net上有人提供的方法存放到 /usr/local/bin/opcache-clear ,需要重置的时候执行一下: “opcache-clear”(仅供参考):

#!/bin/bash
WEBDIR=/var/www/html/
RANDOM_NAME=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 13)
echo "<?php opcache_reset(); ?>" > ${WEBDIR}${RANDOM_NAME}.php
curl http://localhost/${RANDOM_NAME}.php
rm ${WEBDIR}${RANDOM_NAME}.php

PHP开发的针对opcache进行图形化的参考:

https://github.com/rlerdorf/opcache-status

https://github.com/PeeHaa/OpCacheGUI

nginx.conf中修改

# fastcgi_pass 127.0.0.1:9000;

改为:
fastcgi_pass unix:/tmp/php-cgi.sock;

# fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
改为:
fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;

默认WEB目录:/usr/local/www/nginx-dist 执行PHP可能需要添加相应的执行权限及目录用户归www
保存后重启php-fpm和nginx:

root@kiccleaf:/home # service php-fpm restart
root@kiccleaf:/home # service nginx restart

启动Mysql,正常情况下

root@kiccleaf:/usr/local/etc # service mysql-server start
Installing MariaDB/MySQL system tables in '/var/db/mysql' ...
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system


Two all-privilege accounts were created.
One is root@localhost, it has no password, but you need to
be system 'root' user to connect. Use, for example, sudo mysql
The second is mysql@localhost, it has no password either, but
you need to be the system 'mysql' user to connect.
After connecting you can set the password, if you would need to be
able to connect as any of these users with a password and without sudo

See the MariaDB Knowledgebase at http://mariadb.com/kb or the
MySQL manual for more instructions.

You can start the MariaDB daemon with:
cd '/usr/local' ; /usr/local/bin/mysqld_safe --datadir='/var/db/mysql'

You can test the MariaDB daemon with mysql-test-run.pl
cd '/usr/local/mysql-test' ; perl mysql-test-run.pl

Please report any problems at http://mariadb.org/jira

The latest information about MariaDB is available at http://mariadb.org/.
You can find additional information about the MySQL part at:
http://dev.mysql.com
Consider joining MariaDB's strong and vibrant community:
https://mariadb.org/get-involved/

Starting mysql.

mysql如果进程中没有看到说明启动失败,可以看错误信息文件:/var/log/mysql/mysqld.err

2020-08-29 22:52:52 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
2020-08-29 22:52:52 0 [Note] InnoDB: Uses event mutexes
2020-08-29 22:52:52 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
2020-08-29 22:52:52 0 [Note] InnoDB: Number of pools: 1
2020-08-29 22:52:52 0 [Note] InnoDB: Using SSE2 crc32 instructions
2020-08-29 22:52:52 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
2020-08-29 22:52:52 0 [Note] InnoDB: Completed initialization of buffer pool
2020-08-29 22:52:52 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
2020-08-29 22:52:52 0 [Note] InnoDB: Creating shared tablespace for temporary tables
2020-08-29 22:52:52 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2020-08-29 22:52:52 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
2020-08-29 22:52:52 0 [Note] InnoDB: Waiting for purge to start
2020-08-29 22:52:52 0 [Note] InnoDB: 10.4.13 started; log sequence number 61026; transaction id 21
2020-08-29 22:52:52 0 [Note] InnoDB: Loading buffer pool(s) from /var/db/mysql/ib_buffer_pool
2020-08-29 22:52:52 0 [Note] InnoDB: Buffer pool(s) load completed at 200829 22:52:52
2020-08-29 22:52:52 0 [Note] Plugin 'FEEDBACK' is disabled.
2020-08-29 22:52:52 0 [Note] Server socket created on IP: '127.0.0.1'.
2020-08-29 22:52:52 0 [ERROR] Can't start server : Bind on unix socket: Permission denied
2020-08-29 22:52:52 0 [ERROR] Do you already have another mysqld server running on socket: /var/run/mysql/mysql.sock ?
2020-08-29 22:52:52 0 [ERROR] Aborting

关键的错误信息已经提示:Can’t start server : Bind on unix socket: Permission denied 和Do you already have another mysqld server running on socket: /var/run/mysql/mysql.sock ?启动权限有关,需要找到启动:/var/run/mysql目录 权限:root wheel需要修改成mysql用户权限,然后重启mysql就成功了。

原目录权限
drwxr-xr-x  2 root  wheel      512 Aug 29 22:09 mysql/

变更目录所有者权限
root@kiccleaf:/var/run # chown -R mysql:mysql mysql/

运行mysql
root@kiccleaf:/var/run # service mysql-server start
Starting mysql.
查看一下mysql目录下是否生成了mysql.sock文件
root@kiccleaf:/var/run # ll mysql/
total 0
srwxrwxrwx  1 mysql  mysql  0 Aug 29 23:03 mysql.sock=
查看进程是否已经启动,找到mysqld_safe 
root@kiccleaf:/var/run # ps aux
mysql 1092   0.0  0.0  11988  2976  -  Ss   23:03     0:00.99 /bin/sh /usr/local/bin/mysqld_safe --defaults-extra-file=/usr/local/etc/my.cnf --user=mysql

接下去初始mysql操作

root@kiccleaf:/var/run # /usr/local/bin/mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

In order to log into MariaDB to secure it, we'll need the current
password for the root user. If you've just installed MariaDB, and
haven't set the root password yet, you should just press enter here.

#输入mysql的root密码。默认没有,直接回车
Enter current password for root (enter for none): 
OK, successfully used password, moving on...

Setting the root password or using the unix_socket ensures that nobody
can log into the MariaDB root user without the proper authorisation.

You already have your root account protected, so you can safely answer 'n'.

#是否切换到unix套接字身份验证[Y/n]
Switch to unix_socket authentication [Y/n] n
 ... skipping.

You already have your root account protected, so you can safely answer 'n'.

#是否设置root密码,选Y,输入2次需要设定的密码
Change the root password? [Y/n] Y
New password: 
Re-enter new password: 
Password updated successfully!
Reloading privilege tables..
 ... Success!


By default, a MariaDB installation has an anonymous user, allowing anyone
to log into MariaDB without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

#是否删除匿名用户?果断删除
Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

#是否不允许远程root登录,正式环境下应该选择Y,我是在测试环境需要连接。
Disallow root login remotely? [Y/n] n
 ... skipping.

By default, MariaDB comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

#是否删除test数据库
Remove test database and access to it? [Y/n] Y
 - Dropping test database...
 ... Success!
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

#是否加载权限使之生效
Reload privilege tables now? [Y/n] Y
 ... Success!

Cleaning up...

All done!  If you've completed all of the above steps, your MariaDB
installation should now be secure.

Thanks for using MariaDB!

在默认的WEB目录下/usr/local/www/nginx-dist创建index.php内容:

<?php
phpinfo();
?>

打开浏览器,输入http://IP地址/index.php,可以看到成功的页面了。到此FreeBSD12系统下的基础配置已经完成。

Leave a Comment

FreeBSD12.1中 NTP 时间同步

热度 105 度

做测试环境有时候关掉了vm主机,再开启时,时间和当天已经不同步了,所以需要同步,简单的执行一下命令:

/usr/sbin/ntpdate cn.pool.ntp.org

以上命令在其他低版本中也适用,每次执行也有点麻烦,直接放到启动项里,之后开机自动同步时间了,在/etc/rc.conf增加如下配置:

ntpdate_enable="YES" 
ntpdate_program="/usr/sbin/ntpdate"
ntpdate_flags="cn.pool.ntp.org"
Leave a Comment

Linux及FreeBSD下用C语言获取CPU核数

热度 103 度
root@kiccleaf:~ # vim getcpu.c
#include <stdio.h>
#include <unistd.h>

void main(){
    printf("%d\n", sysconf(_SC_NPROCESSORS_ONLN));
}

保存退出后,进行编译

root@kiccleaf:~ # gcc getcpu.c -o getcpu
执行
root@kiccleaf:~ # ./getcpu 
8

显示八核CPU

在Linux CentOS8和FreeBSD12系统下测试通过

Leave a Comment

个性化Linux/FreeBSD字符界面,登录输出显示信息

热度 75 度

很多年以前写过Linux登录时输出个性信息,被各大平台及个人博客转载,遗憾的是他们从来没有写上原文从哪里转载过来,我个人支持大家相互学习和转载,但请转载注明一下出处可以吗?怎么说也是我的小小劳动成果。

Linux及FreeBSD下编辑/etc/motd

vi /etc/motd

         Welcome to Linux
  _     _            _                 ___
 | |   (_)          | |               / __)
 | |  _ _  ____ ____| | _____ _____ _| |__
 | |_/ ) |/ ___) ___) || ___ (____ (_   __)
 |  _ (| ( (__( (___| || ____/ ___ | | |
 |_| \_)_|\____)____)\_)_____)_____| |_|

FreeBSD就添加相应的提示信息(清空原FreeBSD下/etc/motd文件自带的信息,会比较多,全清掉即可)

FreeBSD 12.1-RELEASE r354233 GENERIC
  
          Welcome to FreeBSD!
   _     _            _                 ___
  | |   (_)          | |               / __)
  | |  _ _  ____ ____| | _____ _____ _| |__
  | |_/ ) |/ ___) ___) || ___ (____ (_   __)
  |  _ (| ( (__( (___| || ____/ ___ | | |
  |_| \_)_|\____)____)\_)_____)_____| |_|

欢迎转载,请注明出处,谢谢!

原来《个性化Linux字符界面,登录输出显示信息》中有颜色更漂亮,但是针对使用WinSCP软件SFTP登录时会有错误提示:WinSCP登陆服务器提示收到了太大的SFTP包 支持的最大包大小1024000B,总有得失,看个人喜欢。

Leave a Comment

xshell无法在FreeBSD系统下vim中复制粘贴解决方法

热度 93 度

ssh xshell 连接FreeBSD系统下使用编辑器vim中无法用 ctrl+insert 实现复制粘贴,可以用以下方法来解决。

编辑文件(默认没有这个文件)
vim ~/.vimrc
或者你当前登录如果是root用户的话可以vim /root/.vimrc

set mouse=c
syntax on

说明:
第一行:设置成命令行模式,设置完成后代码高亮会消失;
第二行:设置代码高亮。

顺道记录一下Xshell中的复制粘贴和我们常用的不同Ctrl+v,Ctrl+C,Xshell中用的是Ctrl+Insert是复制,Shift+Insert 粘贴,改一下菜单就可统一成我们自己习惯的方式了。

第一步:打开“工具”–“选项”

再打开“编辑”后弹出以下菜单:

“新建”一个组合键,Ctrl+V,在编辑窗体中选择类型和操作后确定

新建Ctrl+V,Ctrl+C操作好后确定即可使用了。非常方便

写在最后的话,Ctrl+C不建议用这个快捷键,因为Linux或是FreeBSD系统下有时需要用Ctrl+C进行终止程序,所以可以修改成自己喜欢的快捷键如:Ctrl+Shift+C

Leave a Comment

FreeBSD升级Nginx

热度 1,201 度

最新nginx版本解决了SSL漏洞,所以需要升级一下nginx版本至最新,以下是FreeBSD下用pkg升级的方法。

root@kiccleaf:~ # nginx -v
nginx version: nginx/1.12.0
root@kiccleaf:~ # pkg upgrade nginx
Updating FreeBSD repository catalogue...
Fetching meta.txz: 100%    944 B   0.9kB/s    00:01    
Fetching packagesite.txz: 100%    6 MiB  95.5kB/s    01:11    
Processing entries: 100%
FreeBSD repository update completed. 33333 packages processed.
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	nginx: 1.12.0_1,2 -> 1.14.0_13,2
	pcre: 8.40_1 -> 8.42

The process will require 178 KiB more space.
2 MiB to be downloaded.

Proceed with this action? [y/N]: y
Fetching nginx-1.14.0_13,2.txz: 100%  416 KiB 425.5kB/s    00:01    
Fetching pcre-8.42.txz: 100%    1 MiB   1.2MB/s    00:01    
Checking integrity... done (0 conflicting)
[1/2] Upgrading pcre from 8.40_1 to 8.42...
[1/2] Extracting pcre-8.42: 100%
[2/2] Upgrading nginx from 1.12.0_1,2 to 1.14.0_13,2...
You may need to manually remove /usr/local/etc/nginx/nginx.conf if it is no longer needed.
===> Creating groups.
Using existing group 'www'.
===> Creating users
Using existing user 'www'.
[2/2] Extracting nginx-1.14.0_13,2: 100%
Message from nginx-1.14.0_13,2:
===================================================================
Recent version of the NGINX introduces dynamic modules support.  In
FreeBSD ports tree this feature was enabled by default with the DSO
knob.  Several vendor's and third-party modules have been converted
to dynamic modules.  Unset the DSO knob builds an NGINX without
dynamic modules support.

To load a module at runtime, include the new `load_module'
directive in the main context, specifying the path to the shared
object file for the module, enclosed in quotation marks.  When you
reload the configuration or restart NGINX, the module is loaded in.
It is possible to specify a path relative to the source directory,
or a full path, please see
https://www.nginx.com/blog/dynamic-modules-nginx-1-9-11/ and
http://nginx.org/en/docs/ngx_core_module.html#load_module for
details.

Default path for the NGINX dynamic modules is

/usr/local/libexec/nginx.
===================================================================
root@kiccleaf:~ # nginx -v
nginx version: nginx/1.14.0
Comments closed

FreeBSD 升级PHP版本

热度 3,031 度

使用到的命令
pkg update 更新下软件库的信息,这样可以知道软件库中个套件的最新版本。
pkg upgrade 是升级你安装的套件
pkg info 显示软件包信息

第一步升级PHP版本

root@kiccleaf:~ # php -v  #查看升级前PHP版本
PHP 7.1.4 (cli) (built: Nov 25 2017 01:17:11) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.1.4, Copyright (c) 1999-2017, by Zend Technologies

root@kiccleaf:~ # pkg upgrade php71
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 2 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
	php71: 7.1.4 -> 7.1.12
	pcre: 8.37_4 -> 8.40_1

The process will require 84 KiB more space.
3 MiB to be downloaded.

Proceed with this action? [y/N]: y   #同意更新
Fetching php71-7.1.12.txz: 100%    2 MiB 103.2kB/s    00:21    
Fetching pcre-8.40_1.txz: 100%    1 MiB 165.7kB/s    00:07    
Checking integrity... done (0 conflicting)
[1/2] Upgrading pcre from 8.37_4 to 8.40_1...
[1/2] Extracting pcre-8.40_1: 100%
[2/2] Upgrading php71 from 7.1.4 to 7.1.12...
You may need to manually remove /usr/local/etc/php-fpm.d/www.conf if it is no longer needed.
[2/2] Extracting php71-7.1.12: 100%
root@kiccleaf:~ # php -v  #查看升级后版本
PHP 7.1.12 (cli) (built: Nov 25 2017 01:17:11) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.1.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.1.4, Copyright (c) 1999-2017, by Zend Technologies

第二步升级下PHP扩展

pkg upgrade -y php71-ctype php71-dom php71-filter php71-hash php71-iconv php71-json php71-mysqli php71-opcache php71-pdo php71-pdo_mysql php71-pdo_sqlite php71-phar php71-posix php71-session php71-simplexml php71-sqlite3 php71-tokenizer php71-xml php71-xmlreader php71-xmlwriter

Comments closed

FreeBSD下更改csh为bash后root无法登录解决办法

热度 6,521 度

FreeBSD下为了判断一个进程是否存在,执行了chsh -s /bin/bash命令,不巧的是刚好断线,于是再次链接时没办法su root进去管理权限了。可悲的事情,只好请机房来帮忙操作。

chsh -s /bin/bash

查看/etc/passwd内容时发现

root:*:0:0:Charlie &:/root:/bin/bash
这一句被改了
原来是
root:*:0:0:Charlie &:/root:/bin/csh

利用cat命令查看/etc/passwd

kiccleaf# cat /etc/passwd
# $FreeBSD: src/etc/master.passwd,v 1.40.22.2.2.1 2012/03/03 06:15:13 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/bash

原来的内容是:

kiccleaf# cat /etc/passwd
# $FreeBSD: src/etc/master.passwd,v 1.40.22.2.2.1 2012/03/03 06:15:13 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh

结果FreeBSD的/bin/目录下并没有bash这个命令存在,于是登录时错误提示:

login:/bin/bash:No such file or directory

把root的shell改成了bash,而导致进不去系统了,可以通过以下几种方式解决:

系统启动时,选择“4”,进入“单用户”模式,输入“boot -s”进入单用户的提示符“#”,依次键入如下命令:

  fsck -p
  mount -u /
  mount -a -t ufs
  swapon -a
  chsh -s /bin/csh

然后就重启系统吧,这样就可以重新登录root管理帐号了。

Leave a Comment