Linux课程第二十三天学习笔记

Posted 2020-08-23

####################10.HTTPS虚拟主机####################
>测试：https://news.westos.com/
-->I Understand the Risks-->Add Exception-->Confirm Security Exception
>显示：www.westos.com

[[email protected] conf.d]# vim news.conf
-----------------------------------------------
:sp /etc/httpd/conf.d/ssl.conf        ##将两个文件分屏显示，使用"ctrl+w 上|下"来切换

  9 <Virtualhost *:443>
 10         Servername news.westos.com
 11         Documentroot /var/www/virtual/news/html
 12         Customlog logs/news-443.log combined
 13         SSLEngine on
 14         SSLCertificateFile /etc/pki/tls/certs/www.westos.com.crt
 15         SSLCertificateKeyFile /etc/pki/tls/private/www.westos.com.key
 16 </Virtualhost>
:wq
-----------------------------------------------
/13行到15行的内容是从"ssl.conf"中拷贝过来的，以切换分屏来实现复制粘贴
[[email protected] conf.d]# systemctl reload httpd

>测试：https://news.westos.com（需清空缓存：ctrl+shift+delete）
>显示：news.westos.com

####################11.网页重写####################
[[email protected] conf.d]# vim news.conf
-----------------------------------------------
  1 <Virtualhost *:80>
  2         Servername news.westos.com
  3         RewriteEngine on
  4         RewriteRule ^(/.*)$ https://%{HTTP_HOST}$1 [redirect=301]
  5 </Virtualhost>
:wq
-----------------------------------------------
[[email protected] conf.d]# systemctl reload httpd

>测试：news.westos.com
>重定向到：https://news.westos.com

####################12.php####################
http默认支持html，php，cgi，wsgi

[[email protected] conf.d]# ls
autoindex.conf  manual.conf  news.conf  ssl.conf    userdir.conf
default.conf    music.conf   README     tmprequest  welcome.conf
[[email protected] conf.d]# cd /var/www/html/
[[email protected] html]# ls
index.html
[[email protected] html]# vim index.php
-----------------------------------------------
  1 <?php
  2 phpinfo ();
  3 ?>
:wq
-----------------------------------------------
[[email protected] html]# vim /etc/httpd/conf/httpd.conf
-----------------------------------------------
164     DirectoryIndex index.php index.html
:wq
-----------------------------------------------
[[email protected] html]# systemctl reload httpd.service

>测试：http://172.25.50.100（需清空缓存：ctrl+shift+delete）
>无任何显示

[[email protected] html]# yum install php -y
......
[[email protected] html]# ls /etc/httpd/conf.d/
autoindex.conf  manual.conf  news.conf  README    tmprequest    welcome.conf
default.conf    music.conf   php.conf   ssl.conf  userdir.conf
##多了php.conf
[[email protected] html]# systemctl reload httpd.service     ##"reload"无法使php生效

>测试：http://172.25.50.100
>无任何显示

[[email protected] html]# systemctl restart httpd.service     ##"restart"才能使php生效

>测试：http://172.25.50.100
>显示：php测试页面

####################13.cgi####################
[[email protected] html]# mkdir cgi
[[email protected] html]# ls
cgi  index.html  index.php
[[email protected] html]# cd cgi/

>firefox打开http://172.25.50.100/manual/-->CGI: Dynamic Content

[[email protected] cgi]# vim index.cgi
-----------------------------------------------
  1 #!/usr/bin/perl
  2 print "Content-type: text/html\n\n";
  3 print `date`;
:wq
-----------------------------------------------
/以上内容是从Apache手册中拷贝过来的，并将"Hello, World."改为`date`
[[email protected] cgi]# perl index.cgi     ##使用perl命令执行
Content-type: text/html

Mon Dec 12 20:30:14 EST 2016        ##执行成功！表示index.cgi的内容正确，可以使用
[[email protected] cgi]# chmod +x index.cgi
[[email protected] cgi]# cd /etc/httpd/conf.d/
[[email protected] conf.d]# vim default.conf
-----------------------------------------------
  5 <Directory "/var/www/html/cgi">
  6     Options +ExecCGI
  7     AddHandler cgi-script .cgi
  8 </Directory>
:wq
-----------------------------------------------
[[email protected] conf.d]# systemctl reload httpd

>测试：http://172.25.50.100/cgi/inde.cgi
>显示：Internal Server Error

[[email protected] conf.d]# ls -Zd /var/www/cgi-bin/
drwxr-xr-x. root root system_u:object_r:httpd_sys_script_exec_t:s0 /var/www/cgi-bin/
[[email protected] conf.d]# ls -Zd /var/www/html/cgi/
drwxr-xr-x. root root unconfined_u:object_r:httpd_sys_content_t:s0 /var/www/html/cgi/
[[email protected] conf.d]# semanage fcontext -a -t httpd_sys_script_exec_t ‘/var/www/html/cgi(/.*)?‘
[[email protected] conf.d]# restorecon -FvvR /var/www/html/cgi/
restorecon reset /var/www/html/cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0
restorecon reset /var/www/html/cgi/index.cgi context unconfined_u:object_r:httpd_sys_content_t:s0->system_u:object_r:httpd_sys_script_exec_t:s0

>测试：http://172.25.50.100/cgi/index.cgi
>显示：Mon Dec 12 20:59:34 EST 2016
>点击刷新
>显示：Mon Dec 12 20:59:52 EST 2016
>点击刷新
>显示：Mon Dec 12 20:59:59 EST 2016

####################14.搭建论坛####################
[[email protected] conf.d]# yum install mariadb-server -y
......
[[email protected] conf.d]# vim /etc/my.cnf
-----------------------------------------------
 10 skip-networking=1
:wq
-----------------------------------------------
[[email protected] conf.d]# systemctl start mariadb

[[email protected] conf.d]# mysql_secure_installation
......
>Set root password "westos"
[[email protected] conf.d]# cd /var/www/html/
[[email protected] html]# ls
cgi  index.html  index.php

[[email protected] pub]# pwd
/root/Documents/RHCE/老李LFTP/pub
[[email protected] pub]# scp Discuz_X3.2_SC_UTF8.zip [email protected]:/var/www/html/
[email protected]‘s password:
Discuz_X3.2_SC_UTF8.zip                       100%   12MB  11.9MB/s   00:01    

[[email protected] html]# ls
cgi  Discuz_X3.2_SC_UTF8.zip  index.html  index.php
[[email protected] html]# unzip Discuz_X3.2_SC_UTF8.zip
......
[[email protected] html]# ls
cgi  Discuz_X3.2_SC_UTF8.zip  index.html  index.php  readme  upload  utility
[[email protected] html]# less readme/readme.txt
-----------------------------------------------
截取重要内容：

+----------------------------------+
 Discuz! X 社区软件的安装
+----------------------------------+
1. 上传 upload 目录中的文件到服务器
2. 设置目录属性（windows 服务器可忽略这一步）
        以下这些目录需要可读写权限
        ./config
        ./data 含子目录
3. 执行安装脚本 /install/
   请在浏览器中运行 install 程序，即访问 http://您的域名/论坛目录/install/
4. 参照页面提示，进行安装，直至安装完毕

-----------------------------------------------
[[email protected] html]# chmod 777 upload/data/ upload/config/

>测试：http://172.25.50.100/upload/
-->我同意
>所有文件不可写，mysql不支持

[[email protected] html]# setenforce 0

>刷新网页
>只有前4个文件显示可写，mysql不支持

[[email protected] html]# chmod 777 upload/ -R

>刷新网页
>所有文件可写，mysql不支持

[[email protected] html]# yum install php-mysql -y
......
[[email protected] html]# systemctl reload httpd

>刷新网页
>所有文件可写，mysql支持
-->下一步-->下一步
-->数据库密码：westos-->管理员密码：（自行设定）-->下一步
>等待安装完成，重新输入网址：http://172.25.50.100/upload/
>安装成功！！！

--安装完成，以下为体验--
-->输入管理员密码-->登陆-->输入验证码-->登陆
-->用户组：管理员
-->模块管理
-->管理中心

####################15.squid正向代理####################
[[email protected] ~]# ls /etc/httpd/conf.d/
autoindex.conf  README  userdir.conf  welcome.conf
[[email protected] ~]# yum install squid -y
......
[[email protected] ~]# ls /etc/httpd/conf.d/
autoindex.conf  README  squid.conf  userdir.conf  welcome.conf
[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
 56 http_access allow all

 62 cache_dir ufs /var/spool/squid 100 16 256
:wq
-----------------------------------------------
[[email protected] ~]# ls /var/spool/squid/
##什么都没有
[[email protected] ~]# systemctl start squid
[[email protected] ~]# systemctl enable squid.service
Created symlink from /etc/systemd/system/multi-user.target.wants/squid.service to /usr/lib/systemd/system/squid.service.
[[email protected] ~]# netstat -antlpe |grep squid
tcp6       0      0 :::3128                 :::*                    LISTEN      0          531476     7398/(squid-1)

[[email protected] conf.d]# firefox &
>测试：www.baidu.com
>提示：一直是"Connecting..."状态
-->Edit-->Preferences-->Advanced-->Network-->Settings...
-->Manual proxy configuration-->HTTP Proxy:172.25.50.250-->Port:3128
-->OK-->Close
>再次测试：www.baidu.com
>打开百度成功！！！

--取消代理--
-->Edit-->Preferences-->Advanced-->Network-->Settings...
-->Manual proxy configuration-->No proxy
-->OK-->Close

--删除squid服务--
[[email protected] ~]# systemctl stop squid
[roo[email protected] ~]# yum remove squid -y
......
[[email protected] ~]# rm -fr /etc/squid/

在亚马逊租一台Linux服务器，装上squid，然后在本机指定代理后，就能访问国外的网站

####################16.squid反向代理####################
CDN加速

交叉存储

[[email protected] ~]# yum remove httpd -y
......
[[email protected] ~]# netstat -antlpe |grep :80
[[email protected] ~]# yum install squid -y
......
[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
 56 http_access allow all

 59 http_port 80 vhost vport
 60 cache_peer 172.25.50.165 parent 80 0 no-query

 62 cache_dir ufs /var/spool/squid 100 16 256
:wq
-----------------------------------------------
[[email protected] ~]# systemctl start squid
[[email protected] ~]# netstat -antlpe |grep :80
tcp6       0      0 :::80                   :::*                    LISTEN      0          41808      2069/(squid-1)

>分别为虚拟机172.25.50.165和虚拟机172.25.50.171搭建好http服务，然后使用真机进行测试
[[email protected] Desktop]# firefox &
>测试：172.25.50.165
>显示：172.25.50.165
>测试：172.25.50.171
>显示：172.25.50.171

注意：同时开启三台虚拟机会有点卡，可以使用"init 3"关闭图形。需要时，再使用"init 5"打开图形

>测试：172.25.50.100
>显示：172.25.50.165

[[email protected] ~]# vim /etc/squid/squid.conf
-----------------------------------------------
/修改
 60 cache_peer 172.25.50.165 parent 80 0 no-query originserver round-robin name=web1
/插入
 61 cache_peer 172.25.50.171 parent 80 0 no-query originserver round-robin name=web2
 62 cache_peer_domain web1 web2 www.taobao.com
:wq
-----------------------------------------------
[[email protected] ~]# systemctl restart squid

[[email protected] Desktop]# vim /etc/hosts
-----------------------------------------------
  4 172.25.50.100   www.taobao.com
:wq
-----------------------------------------------

>真机断开外网
[[email protected] Desktop]# firefox &
--> Ctrl+Shift+Delete --> 把最后两项打钩 --> Clear Now（清空缓存）
>测试：172.25.50.100
>显示：172.25.50.165
>刷新
>显示：172.25.50.171
>刷新
>显示：172.25.50.165
>刷新
>显示：172.25.50.171

轮询生效！！！

#####################
#####  bash脚本    #####
#####################
/lib是系统库文件存放的位置，所谓"库"就是函数的集合

执行脚本是打开一个新的shell，完成后关闭这个shell

==bash==
[[email protected] mnt]# vim 1.sh
-----------------------------------------------
#!/bin/bash
echo hello world
:wq
-----------------------------------------------
[[email protected] mnt]# sh 1.sh
hello world
[[email protected] mnt]# chmod +x 1.sh
[[email protected] mnt]# /mnt/1.sh
hello world
[[email protected] mnt]# ./1.sh
hello world

==tcsh==
[[email protected] ~]# ps aux |grep tcsh
root      2118  0.0  0.0 112640   936 pts/1    R+   22:03   0:00 grep --color=auto tcsh

[[email protected] mnt]# vim 2.sh
-----------------------------------------------
#!/bin/tcsh
watch -n 1 date
:wq
-----------------------------------------------
[[email protected] mnt]# sh 2.sh

[[email protected] ~]# ps aux |grep tcsh
root      2142  0.0  0.0 112640   940 pts/1    R+   22:04   0:00 grep --color=auto tcsh

[[email protected] mnt]# chmod +x 2.sh
[[email protected] mnt]# /mnt/2.sh

[[email protected] ~]# ps aux |grep tcsh
root      2255  0.1  0.2 120228  2112 pts/0    S+   22:05   0:00 /bin/tcsh /mnt/2.sh
root      2283  0.0  0.0 112640   940 pts/1    S+   22:05   0:00 grep --color=auto tcsh
[[email protected] ~]#

==env==
[[email protected] mnt]# which env
/usr/bin/env
[[email protected] mnt]# vim 1.sh
-----------------------------------------------
#!/usr/bin/env bash            ##表示不知道bash在哪儿，通过env去找
echo hello world
:wq
-----------------------------------------------
[[email protected] mnt]# ./1.sh
hello world
[[email protected] mnt]# vim 2.sh
-----------------------------------------------
#!/usr/bin/env tcsh            ##表示不知道tcsh在哪儿，通过env去找
watch -n 1 date
:wq
-----------------------------------------------
[[email protected] mnt]# ./1.sh
>开启watch监控

==脚本调式模式"-x"==
[[email protected] mnt]# sh -x 1.sh
+ echo hello world
hello world
[[email protected] mnt]# vim 3.sh
-----------------------------------------------
#!/bin/bash -x
cat /mnt/3.sh
:wq
-----------------------------------------------
[[email protected] mnt]# sh 3.sh
#!/bin/bash -x
cat /mnt/3.sh
[[email protected] mnt]# chmod +x 3.sh
[[email protected] mnt]# ./3.sh
+ cat /mnt/3.sh
#!/bin/bash -x
cat /mnt/3.sh

==单引用和双引用==
单引号是强引用，引号内全部被引用
双引用是弱引用，不能引用$ ! `` \

[[email protected] mnt]# echo $USER
root
[[email protected] mnt]# echo "$USER"
root
[[email protected] mnt]# echo ‘$USER‘
$USER
[[email protected] mnt]# echo ‘"$USER"‘
"$USER"
[[email protected] mnt]# echo "‘$USER‘"
‘root‘
[[email protected] mnt]# echo $5

[[email protected] mnt]# echo $"5"
5
[[email protected] mnt]# echo "$"5
$5
[[email protected] mnt]# echo ‘$‘5
$5
[[email protected] mnt]# echo \$5        ##\和‘‘的作用差不多
$5
[[email protected] mnt]# echo "\$5"
$5
[[email protected] mnt]# echo ‘\$5‘
\$5
[[email protected] mnt]# echo ‘‘‘‘        ##单引号就近引用

[[email protected] mnt]# echo """"        ##双引号就近引用

[[email protected] mnt]# echo ‘""‘
""
[[email protected] mnt]# echo "‘‘"
‘‘
[[email protected] mnt]# echo \‘\‘
‘‘
[[email protected] mnt]# echo # hello #

[[email protected] mnt]# echo \# hello #
# hello
[[email protected]ocalhost mnt]# echo \# hello \#
# hello #
[[email protected] mnt]# echo ‘`date`‘
`date`
[[email protected] mnt]# echo "`date`"
Tue Dec 13 22:45:05 EST 2016
[[email protected] mnt]# echo *        ##"*"显示当前目录下的所有文件名
1.sh 2.sh 3.sh
[[email protected] mnt]# echo * *
1.sh 2.sh 3.sh 1.sh 2.sh 3.sh
[[email protected] mnt]# echo "*"
*
[[email protected] mnt]# echo "*****`date`*****"
*****Tue Dec 13 22:56:52 EST 2016*****

==变量==
--1.shell下直接定义--
[[email protected] mnt]# a=1
[[email protected] mnt]# echo $a
1
[[email protected] mnt]# echo $ab

[[email protected] mnt]# echo ${a}b
1b
[[email protected] mnt]# a=`date`
##`date`当下已被执行，所以a的值恒定
[[email protected] mnt]# echo $a
Wed Dec 14 01:28:12 EST 2016
[[email protected] mnt]# echo $a
Wed Dec 14 01:28:12 EST 2016

--2.export--
[[email protected] mnt]# vim 4.sh
-----------------------------------------------
#!/bin/bash
echo $a
:wq
-----------------------------------------------
[[email protected] mnt]# chmod +x 4.sh
[[email protected] mnt]# ./4.sh

[[email protected] mnt]# export a=1
[[email protected] mnt]# ./4.sh
1
[[email protected] mnt]# exit
logout
Connection to 172.25.50.100 closed.
[[email protected] Desktop]# ssh [email protected]
[email protected]‘s password:
[[email protected] ~]# /mnt/4.sh


--3.环境变量配置文件--
~/.bash_profile        ##用户级别
/etc/profile        ##系统级别

[[email protected] ~]# vim .bash_profile
-----------------------------------------------
 13 export a=1
:wq
-----------------------------------------------
[[email protected] ~]# source .bash_profile
[[email protected] ~]# /mnt/4.sh
1
##用户级别生效
[[email protected] ~]# su - student
[[email protected] ~]$ /mnt/4.sh

[[email protected] ~]$ logout
[[email protected] ~]# vim /etc/profile
-----------------------------------------------
 77 export a=5
:wq
-----------------------------------------------
[[email protected] ~]# source /etc/profile
[[email protected] ~]# /mnt/4.sh
5
##这是因为"/etc/profile"是后读的，所以后读的生效
[[email protected] ~]# logout
Connection to 172.25.50.100 closed.
[[email protected] Desktop]# ssh [email protected]
[email protected]‘s password:
[[email protected] ~]# /mnt/4.sh
1
##重新登陆，用户级别的生效。所以一般情况下，用户级别优先于系统级别
[[email protected] ~]# su - student
[[email protected] ~]$ /mnt/4.sh
5
##系统级别生效
[[email protected] ~]$ logout

--4.PATH--
[[email protected] ~]# 4.sh
bash: 4.sh: command not found...
[[email protected] ~]# 1.sh
bash: 3.sh: command not found...
[[email protected] ~]# vim .bash_profile
-----------------------------------------------
 14 export PATH=$PATH:/mnt
:wq
-----------------------------------------------
[[email protected] ~]# source .bash_profile
[[email protected] ~]# 4.sh
1
[[email protected] ~]# 1.sh
hello world
[[email protected] ~]# echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/root/bin:/mnt
##包含"/mnt"

--5.故意写错，测试效果--
[[email protected] ~]# vim .bash_profile
-----------------------------------------------
 14 export PATH=$PAITH:/mnt        ##故意写错成"PAITH"
:wq
-----------------------------------------------
[[email protected] ~]# source .bash_profile
[[email protected] ~]# ls
bash: ls: command not found...
Similar command is: ‘lz‘
[[email protected] ~]# /bin/ls
anaconda-ks.cfg
[[email protected] ~]# echo $PATH
:/mnt                    ##只有"/mnt"
[[email protected] ~]# 4.sh
1
[[email protected] ~]# /bin/vim .bash_profile
-----------------------------------------------
/删除
 14 export PATH=$PAITH:/mnt
:wq
-----------------------------------------------
[[email protected] ~]# /bin/source .bash_profile
-bash: /bin/source: No such file or directory
[[email protected] ~]# /sbin/source .bash_profile
-bash: /sbin/source: No such file or directory
......（各种尝试）
##找不到source命令
[[email protected] ~]# logout
Connection to 172.25.50.100 closed.
[[email protected] Desktop]# ssh [email protected]
[email protected]‘s password:
[[email protected] ~]# which source
/usr/bin/which: no source in (/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin)
##因为source命令是shell里的内建命令，所以找不着

本文出自 “施超Linux学习笔记” 博客，谢绝转载！