Posted by wxianfeng
Thu, 02 Sep 2010 18:20:43 GMT
为了更好的调试,今天把我远程服务器上的blog数据同步到本地了,一切都是手动做的,要能够有自动化工具就好了,就像 capistrano 部署一样,通过ssh隧道实现远程操作,暂且这样,以后再想想办法。。。
1,备份远程数据库的数据,注意只是数据,没有表结构
>mysqldump -t -uroot -proot wxianfeng_com > db.txt
2,清空本地数据库中所有表的数据 (ruby脚本)
require 'rubygems'
require 'active_record'
ActiveRecord::Base.establish_connection(
:adapter => "mysql",
:host => "localhost",
:database => "wxianfeng_com",
:encoding => "utf8",
:username => "root",
:password => "root"
)
begin
ActiveRecord::Base.connection.tables.each do |table|
p "TRUNCATEing #{table}"
ActiveRecord::Base.connection.execute("TRUNCATE #{table}")
end
rescue
$stderr.puts "Ooops Error"
end
3,导入 数据
>mysql -uroot -proot wxianfeng_com < db.txt
4,备份远程服务器上的资源文件 (图片,文件等)
>tar -zcvf directory.tar.gz directory
5,用 windows 下ssh客户端,例如 ssh secure shell client ,把远程文件down到本地
6,ok。。。搞定~!
最近写的比较多 哈, 权当笔记了,同时加大google收录数,提升流量,为下一步 计划 打好准备…………………………………..
Posted in Mysql | Tags blog, Mysql | no comments | no trackbacks
Posted by wxianfeng
Thu, 02 Sep 2010 17:53:10 GMT
最近blog换了皮肤,以前是最大宽度,现在宽度限制死了,有的图片超过了宽度,很丑陋,于是用minimagick对所有的图片统一缩放了下,这下图片的大小刚刚好,缩放比resize的效果要好,图片不会扭曲难看,
minimagick和rmagick都是调用imagemagick的ruby接口,使用起来很方便。。。。
1,缩放 (也就是我用来处理我blog里图片的脚本)
require 'rubygems'
require 'mini_magick'
# path = "E:/Rubyproject/wxianfeng_com/public/files/" # windows路径
path = "/usr/local/system/www/wxianfeng_com/shared/public/files/"
files = Dir.open(path).to_a.select{|x| x != '.' && x!= '..' && x != '.svn' && x != 'Thumbs.db'}
imgs = files.select { |f| f !~ /^(thumb_|middle_)/ }
imgs.each do |ele|
p ele
img_path = path + ele
img = MiniMagick::Image.from_file(img_path)
w,h = img[:width],img[:height]
percent = ((480/w.to_f) * 100).to_i
img.combine_options do |c|
c.sample "#{percent}%" # 缩放
end
img.write(img_path)
end
2,resize
image = MiniMagick::Image.from_file("input.jpg") # or MiniMagick::Image.new("input.jpg")
image.resize "100x100" # or image.thumbnail "100x100"
image.write("output.jpg")
3,裁剪
require ‘mini_magick’
img = MiniMagick::Image.from_file “1.jpg” #取得宽度和高度
w,h = img[:width],img[:height] #=> [2048, 1536]
shaved_off = ((w-h)/2).round #=> 256
img.shave “#{shaved_off}x0″ #此处表示宽度上左右各截取256个像素,高度上截取0像素
img.write “2.jpg”
4,旋转
image = MiniMagick::Image.from_file("input.jpg")
image.combine_options do |c|
c.rotate "-90>" # 旋转 90 度
end
image.write("input.jpg") # 同名 替换掉原来的
SEE:
http://github.com/probablycorey/mini_magick
http://www.blogkid.net/archives/2154.html
Posted in Ruby | Tags ImageMagick, mini_magick, ruby | no comments | no trackbacks
Posted by wxianfeng
Tue, 31 Aug 2010 15:51:37 GMT
环境:centos 5.5
在这之前我的服务器密码很简单,感觉不安全,于是改的复杂一点了,顺手对我的登录日志分析了一下,还真发现了很多来破解root密码的远程ip,还记得之前在公司有一次上下班忘记打卡,行政找到我必须找出证据,于是从 我工作电脑中调出当天的登入登出信息 最好不过了 ,记得当时不太熟悉,还是在同事帮助下立即解决的, 另外合理的分析登录日志对你服务器的安全也有很大的作用~!
1,来看看你的服务器被哪些ip登录过(root密码错误的)
[root@li165-150 log]# grep "Failed password for root" /var/log/secure | awk '{print $9}' | uniq -c | sort -nr # awk分割,uniq -c 剔重 + 显示重复次数 , sort -nr 降序(-r) + 数值排序(-n)
3116 69.162.125.77
224 173.230.145.104
111 184.106.229.209
84 60.217.234.142
76 222.237.78.139
51 210.193.16.75
46 88.191.73.232
13 109.169.56.3
4 220.165.28.67
2 115.248.49.217
1 88.191.52.74
1 221.221.173.88
1 220.181.147.187
从上面可以看出来有许多ip试图登录我的服务器,其中 69.162.125.77 就有 3116次失败记录 , 总共统计下:
[root@li165-150 log]# grep "Failed password for root" /var/log/secure | awk '{print $9}' | wc -l
13730
哈,原来这么多人喜欢扫描我的服务器啊。。。。。
2,从 系统日志里查找 root 的相关信息
[root@li165-150 log]# cd /var/log
[root@li165-150 log]# find ./ -type f -name "messages*" | xargs grep "root" | more
./messages:2010-08-30T12:54:25.987395-04:00 li165-150 avahi-daemon[2862]: Successfully dropped root privileges.
./messages:2010-08-30T12:54:26.023483-04:00 li165-150 avahi-daemon[2862]: Successfully called chroot().
./messages.1:2010-08-20T22:55:03.457101-04:00 li165-150 avahi-daemon[2928]: Successfully dropped root privileges.
./messages.1:2010-08-20T22:55:03.504958-04:00 li165-150 avahi-daemon[2928]: Successfully called chroot().
./messages.1:2010-08-20T22:56:22.025464-04:00 li165-150 avahi-daemon[3047]: Successfully dropped root privileges.
./messages.1:2010-08-20T22:56:22.054287-04:00 li165-150 avahi-daemon[3047]: Successfully called chroot().
./messages.1:2010-08-21T14:21:13.824695-04:00 li165-150 avahi-daemon[2816]: Successfully dropped root privileges.
./messages.1:2010-08-21T14:21:13.907610-04:00 li165-150 avahi-daemon[2816]: Successfully called chroot().
3,当前登录用户的信息记录在文件/var/run/utmp 中,这是一个二进制文件 用普通的 tail , cat 等工具是无法查看的 , 但是可以通过一些命令来查看文件的信息,例如who
当前登录用户:
[root@li165-150 log]# who # 或者 users 命令
root ttyp1 Aug 31 12:13 (220.181.147.187)
root ttyp2 Aug 31 12:53 (220.181.147.187)
[root@li165-150 log]# who -b # 上次启动时间
system boot Aug 30 12:54
更多的who命令请>who —help
4,所有登录进入和退出纪录在文件/var/log/wtmp中,也是二进制文件
[root@li165-150 log]# last -10 root # 查看root用户最后10次的登录情况
root ttyp2 220.181.147.187 Tue Aug 31 12:53 still logged in
root ttyp1 220.181.147.187 Tue Aug 31 12:13 still logged in
root ttyp0 220.181.147.187 Tue Aug 31 09:06 - 13:16 (04:10)
root ttyp0 221.221.173.88 Mon Aug 30 22:40 - 22:42 (00:01)
root ttyp0 220.181.147.187 Mon Aug 30 12:55 - 13:11 (00:16)
root ttyp0 220.181.147.187 Mon Aug 30 12:51 - down (00:01)
root ttyp1 221.221.8.126 Fri Aug 27 03:01 - 04:14 (01:12)
root ttyp0 125.34.211.119 Fri Aug 27 01:47 - 04:21 (02:33)
root ttyp0 125.34.211.119 Wed Aug 25 23:41 - 23:41 (00:00)
root ttyp0 221.221.8.126 Wed Aug 25 21:44 - 21:46 (00:01)
wtmp begins Wed Jun 2 09:10:09 2010
[root@li165-150 log]# last # last命令往回搜索wtmp,来显示自从文件第一次创建以来登录过的用户
root ttyp2 220.181.147.187 Tue Aug 31 12:53 still logged in
root ttyp1 220.181.147.187 Tue Aug 31 12:13 still logged in
root ttyp0 220.181.147.187 Tue Aug 31 09:06 - 13:16 (04:10)
root ttyp0 221.221.173.88 Mon Aug 30 22:40 - 22:42 (00:01)
root ttyp0 220.181.147.187 Mon Aug 30 12:55 - 13:11 (00:16)
reboot system boot 2.6.32.16-linode Mon Aug 30 12:54 (1+00:55)
root ttyp0 220.181.147.187 Mon Aug 30 12:51 - down (00:01)
root ttyp1 221.221.8.126 Fri Aug 27 03:01 - 04:14 (01:12)
root ttyp0 125.34.211.119 Fri Aug 27 01:47 - 04:21 (02:33)
root ttyp0 125.34.211.119 Wed Aug 25 23:41 - 23:41 (00:00)
root ttyp0 221.221.8.126 Wed Aug 25 21:44 - 21:46 (00:01)
root ttyp0 125.34.211.119 Wed Aug 25 21:34 - 21:37 (00:02)
5,最后一次登录记录在 /var/log/lastlog 这个文件中,可以用lastlog查看
[root@li165-150 log]# lastlog
Username Port From Latest
root ttyp2 220.181.147.187 Tue Aug 31 12:53:34 -0400 2010
6,清除登录log
>rm -f /var/log/wtmp
>cat /dev/null > /var/log/lastlog
另外今天学了一招历史命令的用法,之前都是用上箭头调出,若是调到前面第10个就需要10下,麻烦,可以用history命令搞定
[root@li165-150 log]# history 10 # 最近10条
1085 last
1086 last
1087 last
1088 lastlog
1089 lastlog -u wxianfeng
1090 lastlog
1091 last
1092 rm -f /var/log/wtmp
1093 last
1094 history 10
SEE:
http://zhiwei.li/text/2010/06/linux%E7%99%BB%E5%BD%95%E6%97%A5%E5%BF%97/
Posted in Centos | Tags Centos | no comments | no trackbacks
Posted by wxianfeng
Mon, 23 Aug 2010 18:17:27 GMT
环境:centos 5.5 + imagemagick 6.2.8 + rmagick 1.15.17
原本想安装最新版的rmagick的,但是发现编译ImageMagick安装不是少这个就是少那个,一汽之下,最后还是 yum 安装的比较快。。。。
如果你已经yum安装了,但是想再编译安装,需要先卸载原来的:
安装过程:
yum install ImageMagick
yum install ImageMagick-devel
gem install rmagick -v=1.15.17 --no-rdoc --no-ri -- --disable-htmldoc # 注意后面的参数需要加上,没加上会报错
安装 rmagick时主要还有版本问题,出错的话,会提示你ImageMagick必须大于多少版本,那么如何查看ImageMagick版本?
SEE:
http://stackoverflow.com/questions/1254366/problem-installing-rmagick-rubygem-on-centos-5
Posted in Centos, Ruby | Tags Centos, ImageMagick, RMagick | no comments | no trackbacks
Posted by wxianfeng
Sun, 22 Aug 2010 08:54:43 GMT
环境:centos 5.5 + postfix 2.3.3
[root@li165-150 ~]# postconf mail_version
mail_version = 2.3.3
上次,http://wxianfeng.com/2010/08/20/linode-mysql-got-error-28-from-storage-engine,刚刚解决了blog不能访问的问题 , 由于磁盘占满的原因 ,一天时间没到我的磁盘又被占满了,还是maillog在一直增长的原因,经过查找原因,原来我的mail server变成了肉鸡,被人拿来发送大量的垃圾邮件了,刚开始配的时候不太懂,没注意 open relay的情况 , http://wxianfeng.com/2010/08/01/centos-install-mail-server,所以,必须关系open replay功能~!
1,什么是open – relay ?
顾名思义,relay的转发的意思 , Open-Relay(开放转发或匿名转发)是指由于邮件服务器不理会邮件发送者或邮件接受者的是否为系统所设定的用户,而对所有的入站邮件一律进行转发(RELAY)的功能。通常,若邮件服务器的此功能开放,则我们一般称此邮件服务器是Open-Relay的
2,怎么测我的mail server 是不是 open relay 的 ?
[root@li165-150 ~]# telnet mail.wxianfeng.com 25
Trying 173.230.155.150...
Connected to mail.wxianfeng.com.
Escape character is '^]'.
220 mail.wxianfeng.com ESMTP Postfix
mail from:ss@163.com
250 2.1.0 Ok
rcpt to:wang.fl_1429@gmail.com
554 5.7.1 <wang.fl_1429@gmail.com>: Relay access denied
上面出现了 Relay access denied , 则说明你的mail server 不是 open replay的 ,如果可以成功发送email , 则说明 你的mail server 是 open replay的 ,另外 , 还可以通过以下网址测试:
http://verify.abuse.net/relay.html
直接输入 mail.wxianfeng.com 测试
3,open-relay 后 , 被人盗寄的症状
>mailq 查看邮件队列,会发现里面有大量的邮件等待发送
>tail -f /var/log/maillog
出现了大量的像下面这样的log:
2010-08-21T05:52:31.424284-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<xlgaga@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.04/0/0, dsn=4.7.1, status=deferred
(delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be permanently
deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.425279-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<xocy@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.04/0/0, dsn=4.7.1, status=deferred
(delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be permanently
deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.426311-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<xup6ru4vm0@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.04/0/0, dsn=4.7.1,
status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be
permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.427198-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<y2003625@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.05/0/0, dsn=4.7.1,
status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be
permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.428079-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<yck1012.tw@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.05/0/0, dsn=4.7.1,
status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be
permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.429149-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<yfjtommu@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.05/0/0, dsn=4.7.1,
status=deferred (delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be
permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.430203-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<yfk134@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.05/0/0, dsn=4.7.1, status=deferred
(delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be permanently
deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
2010-08-21T05:52:31.431290-04:00 li165-150 postfix/qmgr[8366]: 0C50427536: to=<yi05@yahoo.com.tw>, relay=none, delay=141354, delays=141354/0.05/0/0, dsn=4.7.1, status=deferred
(delivery temporarily suspended: host mx2.mail.tw.yahoo.com[203.188.197.10] refused to talk to me: 421 4.7.1 [TS03] All messages from 173.230.155.150 will be permanently
deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/errors/421-ts03.html)
从log中可以看出 , 你的mail server 正在发往yahoo的email,但是全部被拒绝了 ,
4,为什么 会被人盗寄?
网络上 会有很多人用 port scan工具扫描端口 , 当你的25端口, 被人测出是open relay的,这些人就会 充分利用你的mail server 来发垃圾邮件 ,发垃圾邮件的后果 ,可能会导致你的 ip被封 , 被世界垃圾邮件组织 把你ip 拉入黑名单 , 这时你的mail server 也就是废物了。
5,如果关闭 盗寄 的邮件?
我的mail server 有大量的 发送队列, 怎么清除 ,用下面命令
[root@li165-150 mail]# postsuper -d ALL
postsuper: Deleted: 61178 messages
发现我清楚了 61178 封垃圾邮件队列 , 这样你的log 应该会停止了, 不会再狂刷了。。。
6,如何关闭open-relay ?
配置 postfix的 mynetworks
mynetworks = 127.0.0.1/32 # ip/netmask
我的整个 postfix main.cf 配置 :
[root@li165-150 ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
home_mailbox = Maildir/
html_directory = no
inet_interfaces = $myhostname, localhost , 173.230.155.150 # 设置postfix服务监听的网络接口 通常是将所有的网络接口都开放,以便接收任何网络接口的邮件
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname,$mydomain,localhost.$mydomain , localhost , $mydomain,mail.$mydomain,www.$mydomain # 设置可接收邮件的主机名称或域名
mydomain = wxianfeng.com # 邮件域名
myhostname = mail.wxianfeng.com # 邮件主机名
mynetworks = 127.0.0.1/32 # 设置可转发(Relay)哪些网络的邮件
myorigin = $mydomain # 由本机寄出的域名
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relay_domains = $mydestination # 设置可转发哪些网域的邮件
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
smtpd_sasl_auth_enable = yes # SASL来完成SMTP的SMTP-AUTH功能,postfix 本身没有认证机制
smtpd_sasl_local_domain = wxianfeng.com
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains = $mydomain
See:
http://www.raidenhttpd.com/jlbb/viewtopic.php?p=82160&sid=661a10a71ded2a6280fdd5ad6ba20101
http://www.linuxgoo.com/2005/66127/10433644999.html
http://blog.csdn.net/daisy_cheung/archive/2009/01/16/3795087.aspx
http://www.cnblogs.com/newversion/articles/1490910.html
Posted in Centos | Tags mail_server, open_relay, postfix | no comments | no trackbacks
Posted by wxianfeng
Sat, 21 Aug 2010 03:42:50 GMT
环境:linode(16G磁盘) + centos 5.5
前些天一直收到 linode的 磁盘IO 警告的邮件,工作繁忙 , 也没有管它,殊不知 隔了一天 我的blog 不能访问了 , ssh进入linode跟踪log ,mysql报 Got error 28 from storage engine ,后来查出是磁盘已经用完的原因,解决过程如下:
1,查看磁盘占用情况
[root@li165-150 system]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 16G 15G 0 100% /
发现磁盘已经占满 , 接下来需要找出谁占用了这么大的空间
[root@li165-150 system]# cd /
[root@li165-150 /]# du -sh *
5.4M bin
4.0K boot
32K dev
13M etc
56M home
21M lib
16K lost+found
4.0K media
4.0K mnt
4.0K opt
15G var
发现 var 目录占用最大 ,继续跟踪 cd /var , du -sh * 最后跟踪到是 /var/log/maillog 占用最大 ,足足有 14G,删除之
此时 使用 df -h 查看空间占用情况 还是 15G , 需要释放删除的空间
2,重启 centos ,释放空间
登入 linode.com reboot 你的centos , 就可以 释放删除文件的磁盘了 , 还有 就是发现 linode。com的显示的磁盘占用情况依然还是 100% ,实际我进入系统查看 , 空闲磁盘已经有 9G了
3,重启之前已经开启的服务
/etc/init.d/mysqld start # 启动mysql
/usr/local/system/nginx/sbin/nginx # 启动nginx
thin start -C /etc/thin/thin.yml # 启动thin
/etc/init.d/httpd start # 启动 apache
/etc/init.d/postfix start # 启动邮件相关服务
/etc/init.d/dovecot start
/etc/init.d/saslauthd start
cd /usr/local/system/www/short_url/lib
nohup ruby mongoshort.rb -e production & # 启动sinatra
cd /usr/local/system
nohup mongodb/bin/mongod --dbpath=/usr/local/system/mongodb/data & # 启动mongodb
cd /usr/local/system
svnserve -d -r vcs # 启动svn server
在启mongodb的时候 , 报文件锁定 , 无法启动 , 需要 repair 一下
mongodb/bin/mongod --repair
4,ok,大功告成
See:
http://www.mongodb.org/display/DOCS/Durability+and+Repair
http://www.fufuok.com/mysql-got-error-28.html
Posted in Linode, Mysql | Tags Linode, Mysql | no comments | no trackbacks
