Beginner's Must-Know: Linux Log File Viewing Commands
This article introduces 5 essential log viewing commands for Linux server beginners, applicable to daily problem diagnosis and monitoring. The core commands and their uses are as follows: 1. **tail**: View the end of a file. Use `-n 数字` to specify the number of lines, `-f` for real-time monitoring (e.g., website access logs), and `-q` to suppress the filename display. 2. **head**: View the start of a file. The `-n 数字` parameter specifies the number of lines, suitable for initial logs (e.g., system startup logs). 3. **cat**: Quickly view the entire content of small files. Use `-n`/`-b` to display line numbers. Not recommended for large files (risk of screen overflow). 4. **less**: Page through large files. Supports up/down navigation, search (`/关键词`), and `+G` to jump to the end. 5. **grep**: Filter content by keyword. Use `-n` to show line numbers, `-i` for case-insensitive matching, and `-v` for inverse filtering. Often combined with `tail` (e.g., `tail -f log | grep error`). Combination tips: For example, `tail -n 100 log | grep error` quickly locates errors, and `less +G log` jumps to the end of the log.
Read MoreData Backup Strategy: Ensuring Data Security for Linux Servers
The data on Linux servers (such as website files, business logs, etc.) is crucial and requires reliable backup to mitigate risks of data loss caused by hardware failures, misoperations, and other issues. The core of backup involves formulating a strategy that combines frequency (real-time data with daily increments, critical data with daily increments plus full backups), type (recommended for beginners: full + incremental combination), and storage locations (local + offsite). Common tools include rsync (incremental synchronization), tar (file archiving), and cron (scheduled tasks). Beginner strategies: Basic version (local hard drive + USB flash drive, daily increments + weekly full backups, executed via cron); Advanced version (offsite cloud storage, daily increments + full backups, multi-copy protection). Key best practices: Regularly test restoration, encrypt sensitive data, implement multi-copy storage, manage permissions, and monitor backup status to ensure backups are effective and accessible.
Read MoreLinux Server Security Hardening: 5 Essential Tasks for Beginners
This article addresses Linux server security issues and summarizes 5 simple hardening steps for beginners: 1. **System Update and Patch Management**: Regularly update system packages (use `apt update` + `upgrade` + `autoremove` for Ubuntu/Debian, and `yum`/`dnf update` for CentOS) to fix known vulnerabilities. 2. **Strengthen User Permissions and Authentication**: Disable direct root login, create regular users with sudo privileges, and recommend SSH key-based login (generate key pairs locally and upload public keys to the server). 3. **Configure Firewall**: Only open necessary ports (e.g., SSH, HTTP/HTTPS). For Ubuntu, use `ufw` (enable and allow specified services); for CentOS, use `firewalld` (reload after opening ports), with default rejection of other connections. 4. **Close Unnecessary Services and Ports**: Disable insecure services like FTP and Telnet. Check open ports with `ss -tuln` and remove non-business-essential ports/services. 5. **Log Auditing and Monitoring**: Monitor critical logs such as `/var/log/auth.log` and use `tail -f` for real-time login attempt tracking. Install `fail2ban` to automatically ban repeatedly failed IPs.
Read MoreBeginner's Guide: Linux Disk Space Cleaning Tips
When the disk space on a Linux server is insufficient, you can resolve it by following these steps: First, execute `df -h` to check partition usage, focusing on the root directory or system directories like `/var`. Next, use `du -sh` to locate large directories (e.g., `/var/cache`), and `find / -type f -size +100M 2>/dev/null` to search for large files. For targeted cleanup: Logs in `/var/log` can be rotated using logrotate or old compressed packages deleted; temporary cache files in `/tmp` and `/var/tmp` can be cleared after running `sync`, or system cache can be released by `echo 3 > /proc/sys/vm/drop_caches`; uninstall unnecessary software packages (via `yum` or `apt`); and large files in user directories (e.g., under `/home`) can be directly deleted. **Note**: Do not delete system-critical files. Confirm no programs are using files before deletion, and follow the procedures for safe and efficient operation.
Read MoreLinux User Management: Creation, Deletion, and Permission Assignment
Linux user management is fundamental to system maintenance, distinguishing permissions through user (UID) and group (GID) identifiers to ensure security and resource isolation. Core operations include: User creation requires administrative privileges, using `useradd -m username` (-m creates a home directory) followed by `passwd username` to set a password. Viewing user information uses `id`, and switching users is done with `su -`. User deletion is performed via `userdel -r username` (-r removes the home directory). Permission management is achieved through `chmod` (letter/numeric method), `chown`/`chgrp` (change owner/group), with the `-R` flag for recursive directory permission changes. Temporary privilege elevation with `sudo` requires adding the user to the `wheel` (CentOS) or `sudo` (Ubuntu) group using `usermod -aG`. Caution is advised during operations to avoid accidental user deletion or incorrect permission assignments.
Read MoreSystem Monitoring Tools: A Guide to Linux Server Performance Viewing
This article introduces 6 essential performance monitoring tools for Linux server beginners, helping them quickly grasp the "health status" of servers. System monitoring is crucial for ensuring service stability, requiring regular checks of CPU, memory, disk, and other resources. Core tools include: `top` for real-time monitoring of CPU, memory, and processes; sort by P/M to quickly identify high resource-consuming processes. `vmstat` analyzes overall system performance, focusing on the number of runnable processes (r), IO blocking processes (b), and swap partition usage (swpd). `iostat` specializes in disk IO, using tps and %util to determine bottlenecks. `free -h` provides a quick view of memory usage and available space. `df -h` and `du -sh` monitor disk partition space and directory/file sizes respectively. Tool selection scenarios: Use `top` for a quick overview, `free` when memory is tight, `iostat` to diagnose disk IO bottlenecks, `df` when space is insufficient, and `du` to locate large files. Mastering these tools enables timely detection and resolution of resource issues through targeted monitoring, ensuring stable server operation.
Read MoreMounting Linux File Systems: Essential Steps for Beginners
Mounting in Linux is a crucial operation to connect external storage devices (such as hard drives and USB flash drives) to the directory structure, enabling the system to read data from external devices as if they were local files. Since Linux directories follow a tree structure, external devices must be attached to the system's directory tree through a mount point (an empty directory). **Core Concepts**: Device name (e.g., `/dev/sdb1`) and mount point (e.g., `/mnt/usb`). Before operation, confirm the device name using `lsblk` or `fdisk -l`, and create the mount point with `sudo mkdir`. **Mounting Steps**: 1. Execute `sudo mount [device name] [mount point]`; 2. Verify success with `df -h` or `mount`; 3. Unmount using `sudo umount [mount point]`, ensuring no programs are accessing the device. **Common Issues**: Non-existent mount points, incorrect device names, and "device busy" during unmounting. Solutions include creating the directory, confirming the device, and exiting programs using the device. Temporary mounts are not persistent across reboots; permanent mounts require modifying `/etc/fstab`. **Summary**: By mastering device names, mount points, and the `mount/umount` commands, combined with `lsblk` to verify devices, you can successfully mount and access external storage.
Read MoreNginx Reverse Proxy: An Introduction to Load Balancing on Linux Servers
### Introduction to Nginx Reverse Proxy and Load Balancing **Core Functions**: Reverse proxy hides backend servers and unifies user access; load balancing distributes pressure across multiple servers to avoid single-point overload. **Reverse Proxy**: Similar to a "front desk receptionist," it receives user requests and forwards them to backend servers. Users need not know the specific backend servers, enhancing security and management efficiency. **Load Balancing**: When there are multiple backend servers, Nginx uses the `upstream` module to distribute requests. The default "round-robin" strategy can be adjusted as needed: - **Weighted Round-Robin**: Distributes requests by `weight` (e.g., `server 192.168.1.101 weight=5`); - **IP Hash**: Fixes user requests to a specific server (`ip_hash` directive). **Configuration Steps**: 1. Define backend server group: `upstream backend_servers { server 192.168.1.101; server 192.168.1.102; }`; 2. Configure reverse proxy: `proxy_pass http://backend_servers;` with `proxy_set_header` to forward request headers; 3. Test configuration.
Read MoreApache Virtual Host Configuration: Setting Up Multiple Websites on Linux
### Guide to Virtual Hosting and Apache Multi-Site Configuration This article introduces configuring virtual hosts on Linux servers using Apache to run multiple websites on a single server, which saves resources and is suitable for individuals/small teams. Virtual hosts are divided into domain-based and IP-based, with a core focus on domain-based configuration. Steps: 1. **Install Apache** (Ubuntu: `sudo apt install apache2`; CentOS: `sudo yum install httpd`), then start and enable auto-start on boot; 2. **Create website directories and files** (e.g., `/var/www/site1/public`), and write a test homepage; 3. **Configure virtual hosts**: Create an independent configuration file (e.g., `site1.conf`) in Apache's configuration directory (e.g., Ubuntu's `/etc/apache2/sites-available`), setting parameters like `ServerName` and `DocumentRoot`; 4. **Enable the configuration** (e.g., `a2ensite` for Ubuntu), then restart Apache to apply changes. Testing: Locally simulate domain access by modifying the `hosts` file; publicly, resolve the domain to the server IP via DNS. Common issues like insufficient permissions or configuration errors can be resolved through permission settings or syntax checks. Summary: After completing installation, directory creation, virtual host configuration, and testing, multiple sites can run in isolation.
Read MoreCommon Issues for Beginners: Methods to Update Linux Systems
### Why Update the Linux System? Updates fix security vulnerabilities, add new features (e.g., support for new hardware), optimize performance, and enhance system security and usability. ### Pre-Update Preparation 1. **Backup Data**: Back up important files in advance (e.g., via USB copy). 2. **Identify the Distribution**: - For Ubuntu/Debian-based systems: Use `lsb_release -a` or `cat /etc/os-release`. - For CentOS/RHEL-based systems: Use `cat /etc/redhat-release`. ### General Update Steps (Mainstream Distributions) - **Ubuntu/Debian-based**: - `sudo apt update` (Update package lists) → - `sudo apt upgrade` (Upgrade software); use `full-upgrade` for complex dependencies. - **CentOS/RHEL-based**: `sudo dnf update` (yum is also supported, but dnf is recommended). ### Common Issues and Solutions - **Insufficient Permissions**: Add `sudo` before commands. - **Download Failures**: Switch to a domestic mirror source (e.g., Alibaba Cloud) or check the network. - **Black Screen After Update**: Restart; if ineffective, boot into recovery mode for repair. - **Rollback**: Ubuntu
Read MoreSetting Environment Variables in Linux: A Beginner's Guide
This article introduces the core knowledge of Linux environment variables. Environment variables are variables that store system or program runtime information, such as software paths, language settings, etc. They allow the system to "remember" configurations without repeatedly entering complex information. Setting environment variables is mainly used to enable the system to locate executable programs (such as the PATH variable) or to control language, user information, etc. To view variables: use `echo $VARIABLE_NAME` for a single variable, and `env` or `printenv` for all variables. Temporary settings (valid only in the current terminal) use `export VARIABLE_NAME=value`, for example, `export MY_VAR="hello"`. For permanent settings, there are user-level configurations (modify `~/.bashrc` or `~/.profile` and require `source` to take effect) and system-level configurations (requires `sudo` to modify files like `/etc/profile`, applicable to all users). The `PATH` variable is critical, as it lists the paths the system searches for executable files. To temporarily add a path, use `export PATH=$PATH:/new/path`, and permanent configuration follows the same logic. Common variables also include `HOME` (home directory), `LANG` (language), etc. Note: Use `export` for temporary settings and configuration files for permanent ones; `sudo` is required for system-level modifications; variable values... (Note: The original text ends abruptly here.)
Read MoreIntroduction to Server Security: Fundamentals of Linux Firewalls
**Summary:** This article introduces Linux firewalls, which act as the "gatekeepers" of servers to restrict network access and primarily protect servers from attacks. The mainstream tools are categorized into three types: ufw (for Ubuntu/Debian, simple and based on iptables), firewalld (for CentOS/RHEL, supporting dynamic rules and zone management), and iptables (low-level, suitable for advanced users). In basic operations, ufw uses `enable` to turn on and `allow` to open ports; for firewalld, `--permanent` must be added to ensure rule persistence, and `reload` is required to apply changes. Common pitfalls for beginners include forgetting to add `--permanent` (resulting in temporary rule失效), setting the default policy to "deny inbound" for enhanced security, and only allowing specific IPs to access high-risk ports (e.g., 22). Conclusion: Firewalls are a security barrier; it is essential to clarify requirements, configure rules, ensure persistence, and conduct regular checks. (注:原文中“规则忘加`--permanent`会临时失效”中的“失效”翻译为“rule invalidation”更精准,已修正。) **Final Translation:** **Summary:** This article introduces Linux firewalls, which act as the "gatekeepers" of servers to restrict network access and primarily protect servers from attacks. The mainstream tools are categorized into three types: ufw (for Ubuntu/Debian, simple and based on iptables), firewalld (for CentOS/RHEL, supporting dynamic rules and zone management), and iptables (low-level, suitable for advanced users). In basic operations, ufw uses `enable` to turn on and `allow` to open ports; for firewalld, `--permanent` must be added to ensure rule persistence, and `reload` is required to apply changes. Common pitfalls for beginners include forgetting to add `--permanent` (resulting in temporary rule invalidation), setting the default policy to "deny inbound" for enhanced security, and only allowing specific IPs to access high-risk ports (e.g., 22). Conclusion: Firewalls are a security barrier; it is essential to clarify requirements, configure rules, ensure persistence, and conduct regular checks.
Read MoreEssential for Beginners: Basics of Linux Network Configuration
This article introduces the necessity and practical methods of Linux network configuration. For newcomers, mastering network configuration is fundamental for using servers and setting up services. They need to first understand four key elements: IP address (the "ID" of a device), subnet mask (network segment identifier), gateway (entrance/exit between internal and external networks), and DNS (domain name translation). Common commands to check network status include: `ip addr` to view IP addresses, `route -n` to check routes, and `ping` to test connectivity (including local loopback and external network verification). For dynamic IP configuration (DHCP), use the `nmcli` tool to modify connection parameters and activate them. For static IP configuration, prepare parameters such as IP, subnet mask, gateway, and DNS in advance. On CentOS, set static IPs in the `/etc/sysconfig/network-scripts/ifcfg-eth0` file, while Ubuntu uses `netplan` to configure the `01-netcfg.yaml` file. After configuration, verification steps include: using `ip addr` to confirm the IP, `ping` to test local/gateway/external network connectivity, and `nslookup` to test DNS. Common issues like IP conflicts or failure to ping the gateway can be troubleshooted by following the steps: "check IP → verify routes → ping tests". The core lies in understanding the four key elements and practicing commands like `ip` and `ping` regularly.
Read MoreA Comprehensive Guide to Starting and Stopping Linux Services
This article introduces the core methods for managing Linux services. Services are background - running programs, and management is fundamental to system maintenance. Modern Linux uses the systemctl tool of systemd for management. The core operations include: starting a service with `sudo systemctl start <service name>`, stopping it with `stop`, restarting with `restart`, and checking the status with `status`; setting it to start automatically at boot with `enable` and disabling it with `disable`. The self - starting status can be viewed through `list - unit - files`. Practical operations include: reloading the configuration (without restarting) with `reload` and viewing logs with `journalctl -u <service name>`. Precautions: `sudo` privilege elevation is required, the service name must be accurate (e.g., Nginx is `nginx`), and ensure the service is installed before operation. `stop` will forcefully terminate the service and may lose data; `restart` or `reload` (safer) is preferred. Mastering these can meet basic operation and maintenance needs.
Read MoreLinux Server Data Backup: Simple and Practical Strategies
The core of Linux server backup is to create data copies to mitigate risks such as accidental deletion and system failures. Backups are categorized by content into three types: full (copies all data), incremental (only new/modified data), and differential (data added/modified since the last full backup). Efficient data replication is key. For beginners, recommended tools include `tar` for archiving and compression (e.g., `tar -czvf backup.tar.gz /data`), and `rsync` for incremental synchronization (local or cross-server, e.g., `rsync -av /data/ /backup/`). Strategies should be selected based on needs: individuals/small servers can use weekly full backups + daily incremental backups; enterprises require daily full backups + offsite storage (e.g., cloud storage) with encryption for sensitive data. Automation is achieved via `crontab` to execute scripts regularly. Post-backup verification is essential (e.g., restore testing or `rsync --dry-run`). Key considerations include encryption, offsite storage, regular recovery testing, and permission control (e.g., directory permissions set to 700). Core principle: Prioritize simplicity and practicality, selecting a solution that matches your data volume and specific use case.
Read MoreLearn Linux Disk Partitioning and Mounting in 5 Minutes
Partitioning and mounting disks in Linux are fundamental operations for managing storage, analogous to closet organization and entry points. The steps are as follows: 1. **Check Disks**: Use `lsblk` or `sudo fdisk -l` to identify hard drives/partitions, and `df -h` to view currently mounted partitions. 2. **Create Partition**: Enter the tool with `sudo fdisk /dev/sdb`, input `n` to create a new primary partition, specify the size (e.g., `+20G`), and save with `w`. 3. **Format**: Format with `sudo mkfs.ext4 /dev/sdb1` (e.g., using the ext4 filesystem). **Always back up data before formatting**. 4. **Temporary Mount**: Create a mount point with `sudo mkdir /mnt/mynewdisk`, then mount with `sudo mount /dev/sdb1 /mnt/mynewdisk`. 5. **Permanent Mount**: Use `sudo blkid` to get the UUID, edit `/etc/fstab` to add an entry (format: `UUID=... 挂载点 ext4 defaults 0 0`), and verify with `sudo mount -a`. Key points: Partition → Format → Mount → Persistence. Back up data before operations, and use `umount` for unmounting.
Read MoreEssential for Beginners: Methods to Open Ports in Linux Firewall
This article introduces the necessity and common methods for opening ports on Linux servers, helping beginners get started quickly. Opening ports is fundamental for services to communicate externally (e.g., Web on port 80, SSH on port 22); otherwise, connection refusals will occur. Common tools are categorized into three types: UFW is suitable for Ubuntu/Debian with minimal operations, following steps: installation, allowing ports (e.g., `allow 22/tcp`), enabling, and verification; firewalld applies to CentOS/RHEL with zone management, steps: checking status, adding port rules (specify a zone like `public`), reloading, and verification; iptables is a universal underlying tool with powerful functions but complex syntax, requiring adding rules, saving (to avoid loss after restart), and verification. Port openness can be verified using telnet, nc (netcat), or curl. Beginners should note: prefer UFW/firewalld, avoid opening high-risk ports, ensure rules take permanent effect, and confirm the service is running.
Read MoreNTP Time Synchronization: Linux Server Clock Configuration
Linux server time synchronization is a fundamental and critical task. The Network Time Protocol (NTP) is the core tool that addresses issues such as log chaos, service authentication failures, and data conflicts. NTP achieves time synchronization through a hierarchical structure (Stratum 1-16, where lower strata are more authoritative). Common tools include NTPD (classic but resource-intensive) and Chrony (lightweight, fast to start, suitable for servers with limited memory). Taking NTPD as an example for installation: For CentOS/RHEL (below 7.9), use `yum install ntp -y`. For Ubuntu/Debian, use `apt install ntp -y` (Note: CentOS 7+ requires uninstalling Chrony first). Configure `/etc/ntp.conf` by adding authoritative servers (e.g., `ntp.aliyun.com`), and open the UDP 123 port in the firewall. Start the service with `systemctl start ntpd && enable`. Verify synchronization status using `ntpq -p`, and perform manual synchronization with `ntpdate -u`. Chrony follows a similar basic configuration and startup process; verification is done via `chronyc sources`. Common issues like service startup failures or slow synchronization can be resolved by checking ports, network connectivity, or replacing servers. Time synchronization is essential for server
Read MoreDetailed Explanation of Linux System User and User Group Management
This article introduces the core knowledge of Linux user and user group management, aiming to achieve permission control and resource isolation. Users are categorized into root (UID 0, highest privilege), system users (UID 1-999, for running services), and ordinary users (UID ≥ 1000, for daily operations). Groups include primary groups (default ownership) and supplementary groups (additional memberships). Key configuration files: `/etc/passwd` stores user information (UID, GID, home directory, etc.), `/etc/group` stores group information (GID, members), and `/etc/shadow` stores encrypted passwords. Common commands: User management commands include `useradd` (-m to create home directory), `usermod` (-g to change primary group, -aG to add supplementary group), `userdel` (-r to delete home directory), and `passwd` (to set password); group management commands include `groupadd` and `groupdel`. Practical operation examples: Creating an ordinary user and adding them to a group, setting up a shared directory with the group ownership and assigning group read/write permissions. Note that for multi-user sharing, users should be in the same group, and when deleting a user while preserving files, manually clean the home directory after removing the user.
Read MoreHow to Configure SSH Key-based Login (Passwordless Login) on Linux
SSH key-based login (passwordless login) ensures security through asymmetric encryption and eliminates the need to enter passwords, making it suitable for Linux server management. Traditional password login is vulnerable to brute-force attacks, while key-based login is more reliable and convenient. Prerequisites: The client must have an SSH tool installed (Linux/macOS have it pre-installed; Windows needs Git Bash/PuTTY). The server must have the SSH service installed (check with `ssh -V`). Steps: 1. Generate a key pair on the client: Run `ssh-keygen -t rsa -b 4096` to create `id_rsa` (private key, keep it secret with permissions set to 600) and `id_rsa.pub` (public key, can be shared). 2. Copy the public key to the server: For Linux/macOS, use `ssh-copy-id -i ~/.ssh/id_rsa.pub username@server-IP`; for Windows, manually paste the public key content into the server's `~/.ssh/authorized_keys` and set permissions `chmod 600 authorized_keys`. 3. Configure the server: Edit `sshd_config` to ensure `PubkeyAuthentication yes`, then restart `sshd`. 4. Test the connection: Directly execute `ssh username@
Read MoreIntroduction to Linux Log Analysis: Tools for System Fault Diagnosis
Linux logs are the "system diaries" that record system operation events and anomalies, serving as the core clue for fault diagnosis (e.g., web service failures can be located via logs for 404 errors or connection failures). Core log files include: /var/log/messages (system routine events and errors), /var/log/auth.log (authentication, login, and permission changes), /var/log/dmesg (kernel hardware initialization and driver errors), and application-specific service logs. Commonly used viewing commands are: tail -f for real-time tracking, grep for filtering keywords (e.g., "error"), and cat/less for file processing. Fault diagnosis follows the process: "phenomenon → locate logs → keyword analysis": for user login failure, check auth.log (keyword "Failed password"); for web service startup failure, check service error logs (keyword "port occupied"); for system lag, check messages/dmesg (keywords "out of memory" or "IO error"). Key points to master: selecting the right log, filtering keywords, and paying attention to timestamps. Advanced tools include journalctl and the ELK Stack.
Read MoreMust-Know: Quick Reference for Linux Process Management Commands
This article introduces the core process management commands in the Linux system, helping beginners quickly solve daily problems. **Viewing Processes**: The `ps` command lists process statuses. A common usage is `ps -aux`, with key columns including PID (Process ID), USER (user), %CPU/%MEM (resource usage), STAT (status, e.g., R for running, S for sleeping), and COMMAND (start command). **Real-time Monitoring**: `top` dynamically updates process information. Press `P`/`M` to sort by CPU/memory usage, `k` to terminate a process, and `q` to exit. **Terminating Processes**: `kill` terminates processes by PID (e.g., `kill 1234`, use `-9` for forceful termination), and `killall` terminates by process name (e.g., `killall -9 firefox`). **Other Tools**: `pstree` displays process relationships in a tree structure. `jobs`/`bg`/`fg` manage background jobs (e.g., after pausing with `Ctrl+Z`, `bg %1` resumes background execution, and `fg %1` brings it back to the foreground). **Note for Beginners**: Avoid terminating
Read MoreYum/Apt Package Managers: Powerful Tools for Linux Software Installation
To install software on Linux, Yum or Apt package managers are required, which automatically handle downloading, dependencies, and updates. Yum is used for RHEL/CentOS/Fedora, managing .rpm packages. Its core commands include: `sudo yum install/search/remove/clean all`. Software sources are located in `/etc/yum.repos.d/`, and additional sources can be added via `epel-release`. Apt is for Debian/Ubuntu, managing .deb packages. Its commands are: `sudo apt install/search/remove/clean`. Before using `upgrade`, the sources must be updated with `update` first. Software sources are in `/etc/apt/sources.list` and `/etc/apt/sources.list.d/`, and Ubuntu users can switch to domestic mirror sources. Both managers rely on correct software sources. Beginners should first run `cat /etc/os-release` to confirm the distribution. If dependency issues occur, update the sources first; if software sources are incorrect, back them up and test. In summary: Use Yum for RHEL/CentOS/Fedora and Apt for Debian/Ubuntu. Familiarity is achieved through practice.
Read MoreIntroduction to Shell Scripting: Automating Tasks on Linux Servers
Shell scripts are automated execution tools in Linux that write commands into a text file in sequence to replace repetitive manual operations and improve efficiency. They are essential skills for server management. Their basic syntax includes variable assignment (no spaces around the equals sign), conditional judgment (if-else), and loops (for/while). The first "Hello World" script requires defining variables, adding execution permissions (chmod +x), and running the script. Practical scripts, such as disk monitoring, extract the root partition usage rate using commands like `df -h` and trigger an alert when it exceeds 80%. Precautions: Execute permission must be granted before running, no spaces in variable assignment, and use `./` to specify the current directory when executing. Learning can start with basic exercises, and after mastering variables, conditions, and loops, one can advance to learning `crontab` for scheduled tasks to achieve automated operations and maintenance.
Read MoreFTP Service Setup: A Guide to File Transfer on Linux Servers
This article introduces the method of setting up an vsftpd FTP server on Linux systems. FTP is a standard protocol for network file transfer, and vsftpd has become a popular choice for Linux due to its security and stability. The steps include: 1. Preparation: A Linux server (e.g., CentOS/Ubuntu), administrator privileges, and network configuration are required. 2. Installation: For CentOS, use `sudo yum install vsftpd -y`, and for Ubuntu, use `sudo apt install vsftpd -y`. 3. Start the service and set it to start on boot: `systemctl start/ enable vsftpd`. 4. Firewall configuration: Open port 21 (control connection) and passive ports 50000-60000 (data transfer). 5. Create FTP users: Root login is prohibited. Use `useradd` to set the home directory, and `chown`/`chmod` to modify permissions. 6. Configure vsftpd.conf: Enable local user login and write permissions, restrict users to their own home directories, and specify the passive port range. 7. Testing: Connect locally using `ftp localhost`, or remotely with tools like FileZilla. Common issues such as connection timeouts and permission errors require checking the firewall, service status, and directory permissions. The above steps can complete the basic setup.
Read More