LINUX 基础
常用命令样例
find
#文件类型:f 文件 d 目录
find . -name flag -type f
systemctl
systemctl list-units --type=service
systemctl list-unit-files --type=service --state=enabled
端口
netstat
ss
mysql
-- 禁止root用户从非本地连接
UPDATE mysql.user SET Host='localhost' WHERE User='root';
FLUSH PRIVILEGES;
-- 创建只读用户并赋予SELECT权限
CREATE USER 'readonly_user'@'localhost' IDENTIFIED BY 'StrongPassword123!';
GRANT SELECT ON mydatabase.* TO 'readonly_user'@'localhost';
-- 创建管理员用户并赋予所有权限
CREATE USER 'admin_user'@'localhost' IDENTIFIED BY 'AnotherStrongPassword!';
GRANT ALL PRIVILEGES ON *.* TO 'admin_user'@'localhost' WITH GRANT OPTION;
-- 设置密码策略,最小长度为12,且包含数字和字母
SET GLOBAL validate_password.policy=MEDIUM;
SET GLOBAL validate_password.length=12;
-- 设置密码过期时间为90天
ALTER USER 'readonly_user'@'localhost' PASSWORD EXPIRE INTERVAL 90 DAY;
ssl
# 生成SSL证书(使用OpenSSL)
openssl req -newkey rsa:2048 -nodes -keyout mysql-ssl.key -x509 -days 365 -out mysql-ssl.cert
# 将证书放到MySQL配置文件中
[mysqld]
ssl-ca=/path/to/ca-cert.pem
ssl-cert=/path/to/mysql-ssl.cert
ssl-key=/path/to/mysql-ssl.key
-- 强制用户使用SSL连接
ALTER USER 'readonly_user'@'localhost' REQUIRE SSL;
# 使用mysqldump进行备份
mysqldump -u root -p mydatabase > /backups/mydatabase.sql
# 恢复数据库
mysql -u root -p mydatabase < /backups/mydatabase.sql
my.cnf
[mysqld]
symbolic-links=0 #禁用符号链接
local_infile=0 #禁用LOAD DATA本地加载功能
[mysqld]
general_log=1
general_log_file=/var/log/mysql/mysql.log
[mysqld]
log_error=/var/log/mysql/error.log
php
防止sql注入攻击
$username = addslashes($username);
$password = addslashes($password);
这两行代码是对用户输入的 $username 和 $password 字符串进行处理,确保其中的特殊字符(如单引号、双引号等)被正确地转义
python
import sqlite3
def safe_login(username, password):
query = "SELECT * FROM users WHERE username = ? AND password = ?"
cursor.execute(query, (username, password))
return cursor.fetchone()
# 示例调用
user = safe_login("admin", "password123")
if user:
print("Login successful!")
else:
print("Login failed!")
import re
username = "admin123"
if re.match("^[a-zA-Z0-9_-]{3,20}$", username):
print("Valid username")
else:
print("Invalid username")
伪是随机数
import secrets
app.config['SECRET_KEY'] = str(secrets.randbelow(10000000000))
linux 主机测试
# 融合怪
bash <(wget -qO- bash.spiritlhl.net/ecs)
# 只测速
bash <(wget -qO- https://bench.im/hyperspeed)
Linux xrdp
debian xfce4
apt update && sudo apt apt upgrade -y
apt install xfce4 xfce4-goodies -y
apt install xrdp -y
systemctl status xrdp.service
vim ~/.xsession
#!/bin/sh
# This file is executed by /etc/X11/Xsession to launch the desktop environment.
exec startxfce4
chmod +x ~/.xsession
#/etc/xrdp/xrdp.ini
ufw allow 3389
可能遇到报错: dbus-launch not found, the desktop will not work properly!
apt-get install dbus-x11
xrdp + xfce4 搭建 Linux 远程桌面
1. 安装 xrdp和xface4
apt update && sudo apt -y upgrade && \
apt-get purge xrdp && \
apt update
apt install xfce4 xfce4-goodies xorg dbus-x11 x11-xserver-utils
apt install xrdp
2. 配置
cp /etc/xrdp/xrdp.ini /etc/xrdp/xrdp.ini.bak
sed -i 's/max_bpp=32/#max_bpp=32\nmax_bpp=128/g' /etc/xrdp/xrdp.ini
sed -i 's/xserverbpp=24/#xserverbpp=24\nxserverbpp=128/g' /etc/xrdp/xrdp.ini
xfce4-session > ~/.xsession
vim /etc/xrdp/startwm.sh
!以下这两行注释掉:
#test -x /etc/X11/Xsession && exec /etc/X11/Xsession
#exec /bin/sh /etc/X11/Xsession
!添加这一行:
# xfce
startxfce4
3. 重启xrdp
systemctl start xrdp && \
systemctl enable xrdp
#当重复进行远程访问时,可能出现闪退的情况,查看用户目录下 .xsession-errors 文件,发现报错:
# 删除会话
pkill xfce4-session
4. 配置中文
sudo apt install fcitx fcitx-googlepinyin
fcitx-autostart
# 安装中文语言
sudo apt install -y language-pack-zh-hans
# 导入中文环境
export LC_ALL=zh_CN.UTF-8
# 修改LOCALE
sudo vim /etc/default/locale
修改:
LANG=zh_CN.UTF-8
LANGUAGE="zh_CN:zh"
ubuntu 24.04 gnome 自带
好像卡的要死,但是不知道是不是因为配置差,先记录一下
apt install xrdp
systemctl status xrdp
adduser xrdp ssl-cert
systemctl restart xrdp
ubuntu xrdp 闪退解决
# 修改 .ICEauthority 文件权限
ls -al
sudo chown username:username .ICEauthority
sudo service xrdp restart
# 设置正确的桌面环境
echo xfce4-session > ~/.xsession
chmod +x ~/.xsession
sudo systemctl restart xrdp.service
# 重装xrdp
sudo apt-get install xrdp
sudo systemctl disable xrdp
sudo systemctl stop xrdp
sudo apt purge xrdp xserver-xorg-core xserver-xorg-input-all xorgxrdp
sudo apt install xrdp xserver-xorg-core xserver-xorg-input-all xorgxrdp
sudo adduser xrdp ssl-cert
sudo systemctl start xrdp
sudo systemctl enable xrdp
sudo reboot
debian 升级 13
1. 备份
sudo tar czf /backup_bookworm.tar.gz \
--exclude=/backup_bookworm.tar.gz \
--exclude=/dev --exclude=/run \
--exclude=/mnt --exclude=/proc \
--exclude=/sys --exclude=/tmp \
--exclude=/media --exclude=/lost+found /
2. 更新现有软件包
sudo apt update
sudo apt upgrade
sudo apt full-upgrade
sudo apt --purge autoremove
sudo reboot
3. 检查非官方软件包
sudo apt list '?narrow(?installed, ?not(?origin(Debian)))'
# 解锁被hold的软件包
sudo apt-mark unhold <软件包名称>
4. 修改软件源为 Trixie
mkdir ~/apt_backup
cp /etc/apt/sources.list ~/apt_backup/
cp -r /etc/apt/sources.list.d/ ~/apt_backup/
sudo sed -i 's/bookworm/trixie/g' /etc/apt/sources.list
sudo sed -i 's/bookworm/trixie/g' /etc/apt/sources.list.d/*
5. 更新软件包
sudo apt update
sudo apt upgrade --without-new-pkgs
6. 完整升级
sudo apt full-upgrade
sudo reboot
7. 清理
sudo apt --purge autoremove
sudo apt autoclean
sudo reboot