Différences
Ci-dessous, les différences entre deux révisions de la page.
Les deux révisions précédentesRévision précédente | |||
elearning:workbooks:centos:8:avance:l112 [2024/10/01 07:43] – created admin | elearning:workbooks:centos:8:avance:l112 [2024/10/01 08:07] (Version actuelle) – admin | ||
---|---|---|---|
Ligne 5: | Ligne 5: | ||
Dernière mise-à-jour : ~~LASTMOD~~ | Dernière mise-à-jour : ~~LASTMOD~~ | ||
- | ======LCF604 - Gestion du Réseau====== | + | ======LCF604 - Gestion |
+ | |||
+ | < | ||
+ | [root@centos8 ~]# sed -i ' | ||
+ | [root@centos8 ~]# sed -i ' | ||
+ | </ | ||
=====Contenu du Module===== | =====Contenu du Module===== | ||
- | * **LCF604 - Gestion du Réseau** | + | * **LCF604 - Gestion |
* Contenu du Module | * Contenu du Module | ||
- | * Présentation | + | * Présentation |
- | * La Commande nmcli | + | * LAB #1 - Découvrir le Matériel |
- | * LAB #1 - Configuration du Réseau | + | * 1.1 - La Commande lspci |
- | * 1.1 - Connections et Profils | + | * 1.2 - La Commande lsusb |
- | * 1.2 - Résolution des Noms | + | * 1.3 - La Commande lsblk |
- | * 1.3 - Ajouter une Deuxième Adresse IP à un Profil | + | * 1.4 - La Commande |
- | * 1.4 - La Commande | + | * 1.5 - La Commande |
- | * 1.5 - La Commande | + | * 1.6 - La Commande lshw |
- | * 1.6 - Activer/ | + | * 1.7 - La Commande dmidecode |
- | * 1.7 - Routage Statique | + | * 1.8 - La Commande smartctl |
- | * La commande ip | + | * 1.9 - Les Commandes accton et dump-acct |
- | * Activer/ | + | * 1.10 - La Commande lastcomm |
- | * LAB #2 - Diagnostique du Réseau | + | * 1.11 - La Commande sa |
- | * 2.1 - ping | + | * 1.12 - La Commande ac |
- | * 2.2 - netstat -i | + | * LAB #2 - La Commande sysctl |
- | * 2.3 - traceroute | + | * 2.1 - Répertoire /proc |
- | * LAB #3 - Connexions à Distance | + | * Fichiers |
- | * 3.1 - Telnet | + | * Processeur |
- | * 3.2 - wget | + | * Interruptions système |
- | * 3.3 - ftp | + | * Canaux DMA |
- | * 3.4 - SSH | + | * Plages d' |
- | * Présentation | + | * Périphériques |
- | * SSH-1 | + | * Modules |
- | * SSH-2 | + | * Statistiques de l' |
- | * Authentification par mot de passe | + | * Partitions |
- | * Authentification par clef asymétrique | + | * Espaces de pagination |
- | * Configuration du Serveur | + | * Statistiques d' |
- | * Configuration du Client | + | * Statistiques d' |
- | * Tunnels SSH | + | * Version du noyau |
- | * 3.5 - SCP | + | * Répertoires |
- | * Présentation | + | * ide/scsi |
- | * Utilisation | + | * acpi |
- | * 3.6 - Mise en Place des Clefs Asymétriques | + | * bus |
- | + | * net | |
- | =====Présentation===== | + | * sys |
+ | * 2.2 - Utilisation de la Commande sysctl | ||
+ | * LAB #3 - Interprétation des informations dans /proc | ||
+ | * 3.1 - free | ||
+ | * 3.2 - uptime ou w | ||
+ | * 3.3 - iostat | ||
+ | * 3.4 - hdparm | ||
+ | * 3.5 - vmstat | ||
+ | * 3.6 - mpstat | ||
+ | * 3.7 - sar | ||
+ | * Modules usb | ||
+ | * udev | ||
+ | * La Commande udevadm | ||
+ | * Système de fichiers /sys | ||
+ | * LAB #4 - Limiter les Ressources | ||
+ | * 4.1 - ulimit | ||
+ | * 4.2 - Groupes de Contrôle | ||
+ | * La Limitation de la Mémoire | ||
+ | * La Commande cgcreate | ||
+ | * La Commande cgdelete | ||
+ | * Le Fichier / | ||
+ | * La Commande cgconfigparser | ||
- | RHEL/CentOS 8 utilise **Network Manager** pour gérer le réseau. Network Manager est composé de deux éléments : | + | =====Présentation des Fichiers Spéciaux===== |
- | * un service | + | Dans l' |
- | | + | |
<WRAP center round important 60%> | <WRAP center round important 60%> | ||
- | **Important** : Notez qu'avec cette version de NetworkManager, | + | **Important** : Les périphériques qui nécessitent à ce que l'ordinateur soit éteint afin des les brancher/ |
</ | </ | ||
- | Le service NetworkManager doit toujours être lancé | + | Consultez le contenu du répertoire /dev : |
< | < | ||
- | [root@centos8 ~]# systemctl status NetworkManager.service | + | [root@centos8 ~]# ls -l /dev | more |
- | ● NetworkManager.service | + | total 0 |
- | Loaded: loaded (/ | + | crw-r--r--. 1 root root 10, 235 Jun 28 02:04 autofs |
- | Active: active (running) since Thu 2021-07-22 05:05:29 EDT; 1 months 7 days ago | + | drwxr-xr-x. 2 root root 180 Jun 28 02:04 block |
- | Docs: man:NetworkManager(8) | + | drwxr-xr-x. 2 root root 100 Jun 28 02:04 bsg |
- | Main PID: 1002 (NetworkManager) | + | drwxr-xr-x. |
- | | + | lrwxrwxrwx. 1 root root 3 Jun 28 02:04 cdrom -> sr0 |
- | Memory: 6.8M | + | drwxr-xr-x. |
- | CGroup: /system.slice/ | + | drwxr-xr-x. 2 root root 80 Jun 28 02:04 cl_centos8 |
- | └─1002 | + | crw-------. |
+ | lrwxrwxrwx. | ||
+ | drwxr-xr-x. 10 root root 200 Jun 28 02:04 cpu | ||
+ | crw-------. | ||
+ | drwxr-xr-x. | ||
+ | brw-rw----. | ||
+ | brw-rw----. | ||
+ | drwxr-xr-x. | ||
+ | crw-rw----. | ||
+ | lrwxrwxrwx. 1 root root 13 Jun 28 02:04 fd -> / | ||
+ | crw-rw-rw-. | ||
+ | crw-rw-rw-. 1 root root 10, 229 Jun 28 02:04 fuse | ||
+ | crw-------. 1 root root 245, 0 Jun 28 02:04 hidraw0 | ||
+ | crw-------. | ||
+ | drwxr-xr-x. | ||
+ | crw-------. | ||
+ | lrwxrwxrwx. | ||
+ | drwxr-xr-x. | ||
+ | crw-r--r--. | ||
+ | lrwxrwxrwx. | ||
+ | crw-rw----. 1 root disk 10, 237 Jun 28 02:04 loop-control | ||
+ | crw-rw----. | ||
+ | crw-rw----. | ||
+ | crw-rw----. | ||
+ | crw-rw----. | ||
+ | drwxr-xr-x. | ||
+ | crw-------. | ||
+ | crw-r-----. | ||
+ | drwxrwxrwt. | ||
+ | drwxr-xr-x. | ||
+ | crw-rw-rw-. | ||
+ | --More-- | ||
+ | </ | ||
- | Warning: Journal has been rotated since unit was started. Log output is incomplete or> | + | On peut noter dans la sortie de la commande que certains fichiers sont de type **bloc** (**b**), tandis que d' |
- | lines 1-11/11 (END) | + | |
- | [^q] | + | <code> |
+ | ... | ||
+ | brw-rw----. | ||
+ | ... | ||
+ | crw-rw-rw-. | ||
+ | ... | ||
</ | </ | ||
- | ===La Commande nmcli=== | + | La différence entre les deux repose sur le type de communication entre le système et le module. Dans le premier cas le système accède au périphérique par des coordonnées du bloc de données sur le support tandis que dans le deuxième cas la communication d' |
- | La commande | + | Les deux informations clefs du fichier spécial sont situées à la place de la taille d'un fichier normal et se nomment le **majeur** et le **mineur** : |
- | Les options | + | * le **majeur** identifie le pilote du périphérique |
+ | * le **mineur** identifie le périphérique ou une particularité du périphérique telle une partition d'un disque. | ||
- | < | + | =====LAB |
- | [root@centos8 ~]# nmcli help | + | |
- | Usage: nmcli [OPTIONS] OBJECT { COMMAND | help } | + | |
- | OPTIONS | + | ====1.1 - La Commande lspci==== |
- | -a, --ask ask for missing parameters | + | |
- | -c, --colors auto|yes|no | + | |
- | -e, --escape yes|no | + | |
- | -f, --fields <field,...> | + | |
- | -g, --get-values < | + | |
- | -h, --help | + | |
- | -m, --mode tabular|multiline | + | |
- | -o, --overview | + | |
- | -p, --pretty | + | |
- | -s, --show-secrets | + | |
- | -t, --terse | + | |
- | -v, --version | + | |
- | -w, --wait < | + | |
- | OBJECT | + | Cette commande vous renseigne sur les adaptateurs reliés aux bus PCI, AGP et PCI express : |
- | g[eneral] NetworkManager' | + | |
- | n[etworking] | + | < |
- | r[adio] NetworkManager radio switches | + | [root@centos8 ~]# lspci |
- | c[onnection] | + | 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02) |
- | d[evice] | + | 00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/ |
- | a[gent] NetworkManager secret agent or polkit agent | + | 00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/ |
- | m[onitor] monitor NetworkManager changes | + | 00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/ |
+ | 00:01.3 Bridge: Intel Corporation 82371AB/ | ||
+ | 00:02.0 VGA compatible controller: Device 1234:1111 (rev 02) | ||
+ | 00:03.0 Unclassified device | ||
+ | 00:07.0 SATA controller: Intel Corporation 82801IR/ | ||
+ | 00:12.0 Ethernet controller: Red Hat, Inc. Virtio network device | ||
+ | 00:1e.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge | ||
+ | 00:1f.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge | ||
</ | </ | ||
- | =====LAB #1 - Configuration du Réseau===== | + | Pour obtenir de l' |
- | ====1.1 - Connections et Profils==== | + | < |
+ | [root@centos8 ~]# lspci -v -s 00:03.0 | ||
+ | 00:03.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon | ||
+ | Subsystem: Red Hat, Inc. Device 0005 | ||
+ | Physical Slot: 3 | ||
+ | Flags: bus master, fast devsel, latency 0, IRQ 10 | ||
+ | I/O ports at e000 [size=64] | ||
+ | Memory at fe400000 (64-bit, prefetchable) [size=16K] | ||
+ | Capabilities: | ||
+ | Capabilities: | ||
+ | Capabilities: | ||
+ | Capabilities: | ||
+ | Capabilities: | ||
+ | Kernel driver in use: virtio-pci | ||
+ | </ | ||
- | NetworkManager inclus la notion de **connections** | + | ou : |
< | < | ||
- | [root@centos8 ~]# nmcli c show | + | [root@centos8 ~]# lspci -vv -s 00:03.0 |
- | NAME UUID TYPE DEVICE | + | 00:03.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon |
- | ens18 | + | |
- | virbr0 | + | Physical Slot: 3 |
+ | Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx- | ||
+ | | ||
+ | Latency: 0 | ||
+ | Interrupt: pin A routed to IRQ 10 | ||
+ | Region 0: I/O ports at e000 [size=64] | ||
+ | Region 4: Memory at fe400000 (64-bit, prefetchable) [size=16K] | ||
+ | Capabilities: | ||
+ | BAR=0 offset=00000000 size=00000000 | ||
+ | Capabilities: | ||
+ | BAR=4 offset=00003000 size=00001000 multiplier=00000004 | ||
+ | Capabilities: | ||
+ | BAR=4 offset=00002000 size=00001000 | ||
+ | Capabilities: | ||
+ | BAR=4 offset=00001000 size=00001000 | ||
+ | Capabilities: | ||
+ | BAR=4 offset=00000000 size=00001000 | ||
+ | Kernel driver in use: virtio-pci | ||
</ | </ | ||
- | Créez donc un profil IP fixe rattaché au périphérique **ens18** | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli connection add con-name ip_fixe ifname ens18 type ethernet ip4 10.0.2.46/ | + | [root@centos8 ~]# lspci --help |
- | Connection | + | lspci: invalid option -- '-' |
+ | Usage: lspci [< | ||
+ | |||
+ | Basic display modes: | ||
+ | -mm | ||
+ | -t Show bus tree | ||
+ | |||
+ | Display options: | ||
+ | -v Be verbose (-vv or -vvv for higher verbosity) | ||
+ | -k Show kernel drivers handling each device | ||
+ | -x Show hex-dump of the standard part of the config space | ||
+ | -xxx Show hex-dump of the whole config space (dangerous; root only) | ||
+ | -xxxx Show hex-dump of the 4096-byte extended config space (root only) | ||
+ | -b Bus-centric view (addresses and IRQ's as seen by the bus) | ||
+ | -D Always show domain numbers | ||
+ | -P Display bridge path in addition to bus and device number | ||
+ | -PP | ||
+ | |||
+ | Resolving of device ID's to names: | ||
+ | -n Show numeric ID's | ||
+ | -nn Show both textual and numeric ID's (names & numbers) | ||
+ | -q Query the PCI ID database for unknown ID's via DNS | ||
+ | -qq As above, but re-query locally cached entries | ||
+ | -Q Query the PCI ID database for all ID's via DNS | ||
+ | |||
+ | Selection of devices: | ||
+ | -s [[[[< | ||
+ | -d [< | ||
+ | |||
+ | Other options: | ||
+ | -i < | ||
+ | -p < | ||
+ | -M Enable `bus | ||
</ | </ | ||
- | Constatez sa présence | + | ====1.2 - La Commande lsusb==== |
+ | |||
+ | Cette commande vous renseigne sur les adaptateurs reliés au bus usb : | ||
< | < | ||
- | [root@centos8 ~]# nmcli c show | + | [root@centos8 ~]# lsusb |
- | NAME | + | Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd |
- | ens18 fc4a4d23-b15e-47a7-bcfa-b2e08f49553e | + | Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub |
- | virbr0 | + | |
- | ip_fixe | + | [root@centos8 ~]# lsusb -vt |
+ | /: Bus 01.Port 1: Dev 1, Class=root_hub, | ||
+ | | ||
</ | </ | ||
- | Notez que la sortie n' | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli d show | + | [root@centos8 ~]# lsusb --help |
- | GENERAL.DEVICE: ens18 | + | Usage: lsusb [options]... |
- | GENERAL.TYPE: | + | List USB devices |
- | GENERAL.HWADDR: | + | -v, --verbose |
- | GENERAL.MTU: 1500 | + | Increase verbosity |
- | GENERAL.STATE: | + | -s [[bus]:][devnum] |
- | GENERAL.CONNECTION: ens18 | + | Show only devices with specified device and/or |
- | GENERAL.CON-PATH: | + | bus numbers (in decimal) |
- | WIRED-PROPERTIES.CARRIER: on | + | -d vendor:[product] |
- | IP4.ADDRESS[1]: | + | Show only devices with the specified vendor and |
- | IP4.GATEWAY: | + | |
- | IP4.ROUTE[1]: | + | .LAB#1 |
- | IP4.ROUTE[2]: | + | -D device |
- | IP4.DNS[1]: | + | |
- | IP6.ADDRESS[1]: | + | -t, --tree |
- | IP6.GATEWAY: | + | Dump the physical USB device hierarchy as a tree |
- | IP6.ROUTE[1]: | + | -V, --version |
- | IP6.ROUTE[2]: | + | Show version of program |
+ | -h, --help | ||
+ | Show usage and help | ||
+ | </code> | ||
- | GENERAL.DEVICE: | + | ====1.3 - La Commande lsblk==== |
- | GENERAL.TYPE: | + | |
- | GENERAL.HWADDR: | + | |
- | GENERAL.MTU: | + | |
- | GENERAL.STATE: | + | |
- | GENERAL.CONNECTION: | + | |
- | GENERAL.CON-PATH: | + | |
- | IP4.ADDRESS[1]: 192.168.122.1/ | + | |
- | IP4.GATEWAY: | + | |
- | IP4.ROUTE[1]: | + | |
- | IP6.GATEWAY: | + | |
- | GENERAL.DEVICE: lo | + | Cette commande vous rensigne sur les partitions des disques |
- | GENERAL.TYPE: | + | |
- | GENERAL.HWADDR: | + | |
- | GENERAL.MTU: | + | |
- | GENERAL.STATE: | + | |
- | GENERAL.CONNECTION: | + | |
- | GENERAL.CON-PATH: | + | |
- | IP4.ADDRESS[1]: | + | |
- | IP4.GATEWAY: | + | |
- | IP6.ADDRESS[1]: | + | |
- | IP6.GATEWAY: | + | |
- | IP6.ROUTE[1]: | + | |
- | GENERAL.DEVICE: virbr0-nic | + | < |
- | GENERAL.TYPE: tun | + | [root@centos8 ~]# lsblk |
- | GENERAL.HWADDR: 52:54:00:79:02:66 | + | NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT |
- | GENERAL.MTU: 1500 | + | sda |
- | GENERAL.STATE: 10 (unmanaged) | + | ├─sda1 |
- | GENERAL.CONNECTION: -- | + | └─sda2 |
- | GENERAL.CON-PATH: -- | + | ├─cl_centos8-root 253:0 0 27.8G 0 lvm / |
- | lines 28-50/50 (END) | + | |
- | [q] | + | sdb 8:16 |
+ | sdc 8:32 | ||
+ | └─sdc1 | ||
+ | sdd 8:48 | ||
+ | sr0 11:0 1 1024M 0 rom | ||
+ | |||
+ | [root@centos8 ~]# lsblk -l | ||
+ | NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT | ||
+ | sda 8:0 0 | ||
+ | sda1 8:1 0 1G 0 part /boot | ||
+ | sda2 8:2 0 | ||
+ | sdb 8:16 | ||
+ | sdc 8:32 | ||
+ | sdc1 8:33 | ||
+ | sdd | ||
+ | sr0 11:0 1 1024M 0 rom | ||
+ | cl_centos8-root 253:0 0 27.8G 0 lvm | ||
+ | cl_centos8-swap 253:1 0 3.2G 0 lvm | ||
</ | </ | ||
- | Pour activer le profil ip_fixe, utilisez | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli connection up ip_fixe | + | [root@centos8 ~]# lsblk --help |
+ | Usage: | ||
+ | lsblk [options] [< | ||
+ | |||
+ | List information about block devices. | ||
+ | |||
+ | Options: | ||
+ | -a, --all print all devices | ||
+ | -b, --bytes | ||
+ | -d, --nodeps | ||
+ | -D, --discard | ||
+ | -z, --zoned | ||
+ | -e, --exclude < | ||
+ | -f, --fs | ||
+ | -i, --ascii | ||
+ | -I, --include < | ||
+ | -J, --json | ||
+ | -l, --list | ||
+ | -T, --tree | ||
+ | -m, --perms | ||
+ | -n, --noheadings | ||
+ | -o, --output < | ||
+ | -O, --output-all | ||
+ | -p, --paths | ||
+ | -P, --pairs | ||
+ | -r, --raw use raw output format | ||
+ | -s, --inverse | ||
+ | -S, --scsi | ||
+ | -t, --topology | ||
+ | -x, --sort < | ||
+ | |||
+ | -h, --help | ||
+ | -V, --version | ||
+ | |||
+ | Available output columns: | ||
+ | NAME device name | ||
+ | | ||
+ | | ||
+ | FSTYPE | ||
+ | MOUNTPOINT | ||
+ | | ||
+ | UUID filesystem UUID | ||
+ | PARTTYPE | ||
+ | | ||
+ | PARTUUID | ||
+ | | ||
+ | RA read-ahead of the device | ||
+ | RO read-only device | ||
+ | RM removable device | ||
+ | | ||
+ | | ||
+ | SERIAL | ||
+ | SIZE size of the device | ||
+ | | ||
+ | | ||
+ | | ||
+ | MODE device node permissions | ||
+ | | ||
+ | MIN-IO | ||
+ | OPT-IO | ||
+ | | ||
+ | | ||
+ | ROTA rotational device | ||
+ | | ||
+ | | ||
+ | TYPE device type | ||
+ | DISC-ALN | ||
+ | | ||
+ | DISC-MAX | ||
+ | | ||
+ | | ||
+ | | ||
+ | RAND adds randomness | ||
+ | PKNAME | ||
+ | HCTL Host: | ||
+ | TRAN device transport type | ||
+ | SUBSYSTEMS | ||
+ | | ||
+ | VENDOR | ||
+ | | ||
+ | |||
+ | For more details see lsblk(8). | ||
</ | </ | ||
- | Notez que votre terminal est bloqué à cause du changement de l' | + | ====1.4 - La Commande lsscsi==== |
- | <WRAP center round todo 60%> | + | Cette commmande |
- | **A faire** - Revenez à l' | + | |
- | </ | + | |
- | Le profil ip_fixe est maintenant activé tandis que le profil enp0s3 a été désactivé | + | < |
+ | [root@centos8 ~]# lsscsi | ||
+ | [1: | ||
+ | [2: | ||
+ | [3: | ||
+ | [4: | ||
+ | [5: | ||
+ | </ | ||
+ | |||
+ | ===Options de la commande=== | ||
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli c show | + | [root@centos8 ~]# man lsscsi |
- | NAME | + | [root@centos8 ~]# lsscsi --help |
- | ip_fixe | + | Usage: lsscsi |
- | virbr0 | + | [--help] [--hosts] [--kname] [--list] [--long] [--long-unit] |
- | ens18 fc4a4d23-b15e-47a7-bcfa-b2e08f49553e | + | [--lunhex] [--no-nvme] [--pdt] [--protection] [--prot-mode] |
- | + | [--scsi_id] [--size] [--sz-lbs] [--sysfsroot=PATH] [--transport] | |
- | [root@centos8 ~]# nmcli d show | + | |
- | GENERAL.DEVICE: ens18 | + | where: |
- | GENERAL.TYPE: ethernet | + | |
- | GENERAL.HWADDR: 4E: | + | --classic|-c |
- | GENERAL.MTU: 1500 | + | --controllers|-C |
- | GENERAL.STATE: | + | like SCSI hosts |
- | GENERAL.CONNECTION: | + | --device|-d |
- | GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ | + | --generic|-g |
- | WIRED-PROPERTIES.CARRIER: | + | --help|-h |
- | IP4.ADDRESS[1]: | + | --hosts|-H |
- | IP4.GATEWAY: | + | --kname|-k |
- | IP4.ROUTE[1]: | + | --list|-L |
- | IP4.ROUTE[2]: | + | attribute=value per line |
- | IP6.ADDRESS[1]: fe80::5223:aee1:998e:9f27/64 | + | --long|-l |
- | IP6.GATEWAY: -- | + | --long-unit|-U |
- | IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100 | + | '.naa', 'eui.', 'uuid.' or 't10.' |
- | IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255 | + | --lunhex|-x |
+ | use twice to get full 16 digit hexadecimal LUN | ||
+ | --no-nvme|-N | ||
+ | --pdt|-D | ||
+ | --protection|-p | ||
+ | --protmode|-P | ||
+ | --scsi_id|-i | ||
+ | | ||
+ | twice for power of two (e.g. 2.7 GiB), | ||
+ | | ||
+ | --sysfsroot=PATH|-y PATH set sysfs mount point to PATH (def: /sys) | ||
+ | --sz-lbs|-S | ||
+ | adds comma followed by logical block size in bytes | ||
+ | --transport|-t | ||
+ | given, for initiator | ||
+ | | ||
+ | --verbose|-v | ||
+ | --version|-V | ||
+ | --wwn|-w | ||
+ | <h:c:t:l> | ||
+ | < | ||
+ | <' | ||
- | GENERAL.DEVICE: | + | List SCSI devices or hosts, followed by NVMe namespaces or controllers. |
- | GENERAL.TYPE: | + | Many storage devices (e.g. SATA disks and USB attached storage) use SCSI |
- | GENERAL.HWADDR: | + | command sets and hence are also listed by this utility. Hyphenated long |
- | GENERAL.MTU: 1500 | + | options can also take underscore |
- | GENERAL.STATE: | + | </code> |
- | GENERAL.CONNECTION: | + | |
- | GENERAL.CON-PATH: | + | |
- | IP4.ADDRESS[1]: | + | |
- | IP4.GATEWAY: | + | |
- | IP4.ROUTE[1]: | + | |
- | IP6.GATEWAY: | + | |
- | GENERAL.DEVICE: | + | ====1.5 - La Commande lscpu==== |
- | GENERAL.TYPE: | + | |
- | GENERAL.HWADDR: | + | |
- | GENERAL.MTU: | + | |
- | GENERAL.STATE: | + | |
- | GENERAL.CONNECTION: | + | |
- | GENERAL.CON-PATH: | + | |
- | IP4.ADDRESS[1]: 127.0.0.1/8 | + | |
- | IP4.GATEWAY: | + | |
- | IP6.ADDRESS[1]: | + | |
- | IP6.GATEWAY: | + | |
- | IP6.ROUTE[1]: | + | |
- | GENERAL.DEVICE: virbr0-nic | + | Cett commande vous renseigne sur l' |
- | GENERAL.TYPE: tun | + | |
- | GENERAL.HWADDR: 52:54:00:79:02:66 | + | < |
- | GENERAL.MTU: 1500 | + | [root@centos8 ~]# lscpu |
- | GENERAL.STATE: | + | Architecture: |
- | GENERAL.CONNECTION: | + | CPU op-mode(s): |
- | GENERAL.CON-PATH: -- | + | Byte Order: |
- | lines 27-49/49 (END) | + | CPU(s): 8 |
- | [q] | + | On-line CPU(s) list: 0-7 |
+ | Thread(s) per core: 1 | ||
+ | Core(s) per socket: 4 | ||
+ | Socket(s): 2 | ||
+ | NUMA node(s): 1 | ||
+ | Vendor ID: GenuineIntel | ||
+ | BIOS Vendor ID: | ||
+ | CPU family: | ||
+ | Model: | ||
+ | Model name: Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz | ||
+ | BIOS Model name: pc-i440fx-7.0 | ||
+ | Stepping: | ||
+ | CPU MHz: 3791.998 | ||
+ | BogoMIPS: | ||
+ | Virtualization: | ||
+ | Hypervisor vendor: | ||
+ | Virtualization type: full | ||
+ | L1d cache: | ||
+ | L1i cache: | ||
+ | L2 cache: | ||
+ | L3 cache: | ||
+ | NUMA node0 CPU(s): 0-7 | ||
+ | Flags: | ||
</ | </ | ||
- | Pour consulter les paramètres du profil **ens18**, utilisez | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli -p connection show ens18 | + | [root@centos8 ~]# lscpu --help |
- | =============================================================================== | + | |
- | | + | Usage: |
- | =============================================================================== | + | lscpu [options] |
- | connection.id: ens18 | + | |
- | connection.uuid: | + | Display information about the CPU architecture. |
- | connection.stable-id: | + | |
- | connection.type: 802-3-ethernet | + | Options: |
- | connection.interface-name: | + | -a, --all print both online and offline CPUs (default |
- | connection.autoconnect: yes | + | -b, --online |
- | connection.autoconnect-priority: | + | -c, --offline |
- | connection.autoconnect-retries: | + | -J, --json use JSON for default or extended format |
- | connection.multi-connect: | + | -e, --extended[=< |
- | connection.auth-retries: | + | -p, --parse[=< |
- | connection.timestamp: | + | -s, --sysroot < |
- | connection.read-only: no | + | -x, --hex |
- | connection.permissions: | + | -y, --physical |
- | connection.zone: | + | |
- | connection.master: | + | -h, --help display this help |
- | connection.slave-type: | + | -V, --version |
- | connection.autoconnect-slaves: | + | |
- | connection.secondaries: | + | Available output columns: |
- | connection.gateway-ping-timeout: | + | CPU logical CPU number |
- | connection.metered: | + | |
- | connection.lldp: | + | |
- | connection.mdns: | + | CLUSTER |
- | connection.llmnr: | + | |
- | connection.wait-device-timeout: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | 802-3-ethernet.port: | + | CACHE shows how caches are shared between CPUs |
- | 802-3-ethernet.speed: | + | |
- | 802-3-ethernet.duplex: | + | ADDRESS |
- | 802-3-ethernet.auto-negotiate: | + | |
- | 802-3-ethernet.mac-address: | + | |
- | 802-3-ethernet.cloned-mac-address: | + | |
- | 802-3-ethernet.generate-mac-address-mask: | + | |
- | 802-3-ethernet.mac-address-blacklist: | + | |
- | 802-3-ethernet.mtu: | + | For more details see lscpu(1). |
- | 802-3-ethernet.s390-subchannels: | + | |
- | 802-3-ethernet.s390-nettype: | + | |
- | 802-3-ethernet.s390-options: | + | |
- | 802-3-ethernet.wake-on-lan: | + | |
- | 802-3-ethernet.wake-on-lan-password: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | ipv4.method: | + | |
- | ipv4.dns: | + | |
- | ipv4.dns-search: | + | |
- | ipv4.dns-options: | + | |
- | ipv4.dns-priority: | + | |
- | ipv4.addresses: | + | |
- | ipv4.gateway: | + | |
- | ipv4.routes: | + | |
- | ipv4.route-metric: | + | |
- | ipv4.route-table: | + | |
- | ipv4.routing-rules: | + | |
- | ipv4.ignore-auto-routes: | + | |
- | ipv4.ignore-auto-dns: | + | |
- | ipv4.dhcp-client-id: | + | |
- | ipv4.dhcp-iaid: | + | |
- | ipv4.dhcp-timeout: | + | |
- | ipv4.dhcp-send-hostname: | + | |
- | ipv4.dhcp-hostname: | + | |
- | ipv4.dhcp-fqdn: | + | |
- | ipv4.dhcp-hostname-flags: | + | |
- | ipv4.never-default: | + | |
- | ipv4.may-fail: yes | + | |
- | ipv4.dad-timeout: | + | |
- | ipv4.dhcp-vendor-class-identifier: | + | |
- | ipv4.dhcp-reject-servers: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | ipv6.method: | + | |
- | ipv6.dns: -- | + | |
- | ipv6.dns-search: | + | |
- | ipv6.dns-options: | + | |
- | ipv6.dns-priority: | + | |
- | ipv6.addresses: | + | |
- | ipv6.gateway: | + | |
- | ipv6.routes: | + | |
- | ipv6.route-metric: | + | |
- | ipv6.route-table: | + | |
- | ipv6.routing-rules: | + | |
- | ipv6.ignore-auto-routes: | + | |
- | ipv6.ignore-auto-dns: | + | |
- | ipv6.never-default: | + | |
- | ipv6.may-fail: | + | |
- | ipv6.ip6-privacy: | + | |
- | ipv6.addr-gen-mode: | + | |
- | ipv6.ra-timeout: | + | |
- | ipv6.dhcp-duid: | + | |
- | ipv6.dhcp-iaid: | + | |
- | ipv6.dhcp-timeout: | + | |
- | ipv6.dhcp-send-hostname: | + | |
- | ipv6.dhcp-hostname: | + | |
- | ipv6.dhcp-hostname-flags: | + | |
- | ipv6.token: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | proxy.method: | + | |
- | proxy.browser-only: | + | |
- | proxy.pac-url: | + | |
- | proxy.pac-script: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | lines 56-100/100 (END) | + | |
- | [q] | + | |
</ | </ | ||
- | De même, pour consulter les paramètres du profil | + | ====1.6 - La Command lshw==== |
+ | |||
+ | Cette commande vous renseigne sur le matériel selon la **classe** de celui-ci. Commencez par visualiser les périphériques et leurs classes répectives | ||
< | < | ||
- | [root@centos8 ~]# nmcli -p connection show ip_fixe | + | [root@centos8 ~]# lshw -businfo |
- | =============================================================================== | + | Bus info Device |
- | Connection profile details | + | ==================================================== |
- | =============================================================================== | + | |
- | connection.id: | + | |
- | connection.uuid: | + | |
- | connection.stable-id: | + | cpu@0 processor |
- | connection.type: | + | cpu@1 processor |
- | connection.interface-name: | + | |
- | connection.autoconnect: | + | |
- | connection.autoconnect-priority: | + | pci@0000:00:00.0 bridge |
- | connection.autoconnect-retries: | + | pci@0000:00:01.0 bridge |
- | connection.multi-connect: | + | |
- | connection.auth-retries: | + | |
- | connection.timestamp: | + | |
- | connection.read-only: | + | |
- | connection.permissions: | + | pci@0000:00:01.1 scsi1 |
- | connection.zone: | + | scsi@1: |
- | connection.master: | + | pci@0000:00:01.2 bus 82371SB PIIX3 USB [Natoma/ |
- | connection.slave-type: | + | usb@1 |
- | connection.autoconnect-slaves: | + | usb@1:1 input5 |
- | connection.secondaries: | + | pci@0000:00:01.3 bridge |
- | connection.gateway-ping-timeout: | + | pci@0000:00:02.0 / |
- | connection.metered: | + | pci@0000:00:03.0 generic |
- | connection.lldp: | + | virtio@0 |
- | connection.mdns: | + | pci@0000:00:07.0 scsi2 |
- | connection.llmnr: | + | scsi@2:0.0.0 |
- | connection.wait-device-timeout: | + | scsi@2:0.0.0,1 |
- | ------------------------------------------------------------------------------- | + | scsi@2:0.0.0,2 /dev/sda2 |
- | 802-3-ethernet.port: -- | + | scsi@3:0.0.0 / |
- | 802-3-ethernet.speed: | + | scsi@4:0.0.0 /dev/ |
- | 802-3-ethernet.duplex: | + | scsi@4:0.0.0,1 / |
- | 802-3-ethernet.auto-negotiate: no | + | scsi@5: |
- | 802-3-ethernet.mac-address: -- | + | pci@0000: |
- | 802-3-ethernet.cloned-mac-address: | + | virtio@1 |
- | 802-3-ethernet.generate-mac-address-mask:-- | + | pci@0000:00:13.0 network |
- | 802-3-ethernet.mac-address-blacklist: -- | + | virtio@2 |
- | 802-3-ethernet.mtu: auto | + | pci@0000:00:1e.0 bridge |
- | 802-3-ethernet.s390-subchannels: | + | pci@0000:00:1f.0 bridge |
- | 802-3-ethernet.s390-nettype: | + | |
- | 802-3-ethernet.s390-options: | + | input1 |
- | 802-3-ethernet.wake-on-lan: | + | input3 |
- | 802-3-ethernet.wake-on-lan-password: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | ipv4.method: | + | |
- | ipv4.dns: -- | + | |
- | ipv4.dns-search: | + | |
- | ipv4.dns-options: | + | |
- | ipv4.dns-priority: | + | |
- | ipv4.addresses: | + | |
- | ipv4.gateway: 10.0.2.1 | + | |
- | ipv4.routes: | + | |
- | ipv4.route-metric: | + | |
- | ipv4.route-table: | + | |
- | ipv4.routing-rules: | + | |
- | ipv4.ignore-auto-routes: | + | |
- | ipv4.ignore-auto-dns: | + | |
- | ipv4.dhcp-client-id: | + | |
- | ipv4.dhcp-iaid: | + | |
- | ipv4.dhcp-timeout: | + | |
- | ipv4.dhcp-send-hostname: | + | |
- | ipv4.dhcp-hostname: -- | + | |
- | ipv4.dhcp-fqdn: -- | + | |
- | ipv4.dhcp-hostname-flags: | + | |
- | ipv4.never-default: | + | |
- | ipv4.may-fail: yes | + | |
- | ipv4.dad-timeout: | + | |
- | ipv4.dhcp-vendor-class-identifier: | + | |
- | ipv4.dhcp-reject-servers: -- | + | |
- | ------------------------------------------------------------------------------- | + | |
- | ipv6.method: | + | |
- | ipv6.dns: -- | + | |
- | ipv6.dns-search: -- | + | |
- | ipv6.dns-options: -- | + | |
- | ipv6.dns-priority: | + | |
- | ipv6.addresses: | + | |
- | ipv6.gateway: -- | + | |
- | ipv6.routes: -- | + | |
- | ipv6.route-metric: | + | |
- | ipv6.route-table: | + | |
- | ipv6.routing-rules: -- | + | |
- | ipv6.ignore-auto-routes: no | + | |
- | ipv6.ignore-auto-dns: | + | |
- | ipv6.never-default: | + | |
- | ipv6.may-fail: | + | |
- | ipv6.ip6-privacy: | + | |
- | ipv6.addr-gen-mode: stable-privacy | + | |
- | ipv6.ra-timeout: | + | |
- | ipv6.dhcp-duid: | + | |
- | ipv6.dhcp-iaid: | + | |
- | ipv6.dhcp-timeout: | + | |
- | ipv6.dhcp-send-hostname: | + | |
- | ipv6.dhcp-hostname: | + | |
- | ipv6.dhcp-hostname-flags: | + | |
- | ipv6.token: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | proxy.method: | + | |
- | proxy.browser-only: | + | |
- | proxy.pac-url: | + | |
- | proxy.pac-script: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | =============================================================================== | + | |
- | Activate connection details (0f48c74d-5d16-4c37-8220-24644507b589) | + | |
- | =============================================================================== | + | |
- | GENERAL.NAME: ip_fixe | + | |
- | GENERAL.UUID: | + | |
- | GENERAL.DEVICES: | + | |
- | GENERAL.IP-IFACE: | + | |
- | GENERAL.STATE: | + | |
- | GENERAL.DEFAULT: | + | |
- | GENERAL.DEFAULT6: | + | |
- | GENERAL.SPEC-OBJECT: | + | |
- | GENERAL.VPN: | + | |
- | GENERAL.DBUS-PATH: | + | |
- | GENERAL.CON-PATH: / | + | |
- | GENERAL.ZONE: -- | + | |
- | GENERAL.MASTER-PATH: | + | |
- | ------------------------------------------------------------------------------- | + | |
- | IP4.ADDRESS[1]: | + | |
- | IP4.GATEWAY: 10.0.2.1 | + | |
- | IP4.ROUTE[1]: dst = 10.0.2.0/24, nh = 0.0.0.0, | + | |
- | IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 10.0.2.1, mt = 100 | + | |
- | ------------------------------------------------------------------------------- | + | |
- | IP6.ADDRESS[1]: fe80::5223:aee1: | + | |
- | IP6.GATEWAY: | + | |
- | IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100 | + | |
- | IP6.ROUTE[2]: dst = ff00::/8, nh = ::, mt = 256, table=255 | + | |
- | ------------------------------------------------------------------------------- | + | |
- | lines 83-127/127 (END) | + | |
- | [q] | + | |
</ | </ | ||
- | Pour consulter | + | Consultez maintenant le matériel de la classe **system** |
< | < | ||
- | [root@centos8 ~]# nmcli -f CONNECTIONS device show ens18 | + | [root@centos8 ~]# lshw -c system |
- | CONNECTIONS.AVAILABLE-CONNECTION-PATHS: / | + | centos8.ittraining.loc |
- | CONNECTIONS.AVAILABLE-CONNECTIONS[1]: fc4a4d23-b15e-47a7-bcfa-b2e08f49553e | ens18 | + | description: Computer |
- | CONNECTIONS.AVAILABLE-CONNECTIONS[2]: 0f48c74d-5d16-4c37-8220-24644507b589 | ip_fixe | + | product: Standard PC (i440FX + PIIX, 1996) |
+ | | ||
+ | version: pc-i440fx-7.0 | ||
+ | | ||
+ | capabilities: | ||
+ | configuration: boot=normal uuid=95bd69e3-4a74-44a7-b58c-b74fbfb86df2 | ||
+ | *-pnp00: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
</ | </ | ||
- | Les fichiers de configuration pour le periphérique **ens18** se trouvent dans le répertoire **/ | + | Consultez maintenant |
< | < | ||
- | [root@centos8 ~]# ls -l /etc/sysconfig/network-scripts/ | grep ifcfg | + | [root@centos8 ~]# lshw -c memory |
- | -rw-r--r--. 1 root root 417 Jun 16 06:39 ifcfg-ens18 | + | *-firmware |
- | -rw-r--r--. 1 root root 326 Aug 29 03:58 ifcfg-ip_fixe | + | |
+ | | ||
+ | | ||
+ | | ||
+ | date: 04/01/2014 | ||
+ | size: 96KiB | ||
+ | *-memory | ||
+ | | ||
+ | | ||
+ | size: 16GiB | ||
+ | | ||
+ | | ||
+ | | ||
+ | description: | ||
+ | vendor: QEMU | ||
+ | physical id: 0 | ||
+ | slot: DIMM 0 | ||
+ | |||
+ | [root@centos8 ~]# lshw -c video | ||
+ | *-display | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: pci@0000: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | |||
+ | [root@centos8 ~]# lshw -c storage | ||
+ | *-pnp00: | ||
+ | | ||
+ | | ||
+ | | ||
+ | *-ide | ||
+ | | ||
+ | | ||
+ | vendor: Intel Corporation | ||
+ | | ||
+ | bus info: pci@0000: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | *-sata | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: pci@0000: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | |||
+ | [root@centos8 ~]# lshw -c disk | ||
+ | *-cdrom | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@1: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | *-disk:0 | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@2:0.0.0 | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 32GiB (34GB) | ||
+ | | ||
+ | | ||
+ | *-disk:1 | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@3: | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 4GiB (4294MB) | ||
+ | | ||
+ | *-disk:2 | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@4: | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 64GiB (68GB) | ||
+ | | ||
+ | | ||
+ | *-disk:3 | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@5: | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 32GiB (34GB) | ||
+ | | ||
+ | |||
+ | |||
+ | [root@centos8 ~]# lshw -c volume | ||
+ | *-volume:0 | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@2: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 1GiB | ||
+ | | ||
+ | | ||
+ | | ||
+ | *-volume:1 | ||
+ | | ||
+ | | ||
+ | bus info: scsi@2: | ||
+ | | ||
+ | | ||
+ | size: 30GiB | ||
+ | | ||
+ | | ||
+ | *-volume | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: scsi@4:0.0.0,1 | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | size: 63GiB | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | [root@centos8 ~]# lshw -c network | ||
+ | *-network:0 | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: pci@0000: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | description: | ||
+ | physical id: 0 | ||
+ | bus info: virtio@1 | ||
+ | logical name: ens18 | ||
+ | serial: 5e: | ||
+ | capabilities: | ||
+ | configuration: | ||
+ | *-network: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | bus info: pci@0000: | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | description: | ||
+ | physical id: 0 | ||
+ | bus info: virtio@2 | ||
+ | logical name: ens19 | ||
+ | serial: ea: | ||
+ | capabilities: | ||
+ | configuration: | ||
</ | </ | ||
- | ====1.2 - Résolution des Noms==== | + | ===Options de la commande=== |
- | L' | + | Les options |
< | < | ||
- | [root@centos8 ~]# cat / | + | [root@centos8 ~]# lshw -h |
- | TYPE=Ethernet | + | Hardware Lister (lshw) - B.02.19.2 |
- | PROXY_METHOD=none | + | usage: lshw [-format] [-options ...] |
- | BROWSER_ONLY=no | + | lshw -version |
- | BOOTPROTO=none | + | |
- | IPADDR=10.0.2.46 | + | -version |
- | PREFIX=24 | + | |
- | GATEWAY=10.0.2.1 | + | format can be |
- | DEFROUTE=yes | + | |
- | IPV4_FAILURE_FATAL=no | + | |
- | IPV6INIT=yes | + | |
- | IPV6_AUTOCONF=yes | + | |
- | IPV6_DEFROUTE=yes | + | -businfo |
- | IPV6_FAILURE_FATAL=no | + | |
- | IPV6_ADDR_GEN_MODE=stable-privacy | + | options can be |
- | NAME=ip_fixe | + | |
- | UUID=0f48c74d-5d16-4c37-8220-24644507b589 | + | |
- | DEVICE=ens18 | + | |
- | ONBOOT=yes | + | -c CLASS same as ' |
+ | | ||
+ | -enable TEST enable a test (like pci, isapnp, cpuid, etc. ) | ||
+ | -quiet | ||
+ | -sanitize | ||
+ | -numeric | ||
+ | -notime | ||
</ | </ | ||
- | La résolution des noms est donc inactive | + | ====1.7 - La Commande dmidecode==== |
+ | |||
+ | La commande **dmidecode** lit la table **DMI** (//Desktop Management Interface// | ||
+ | |||
+ | * l' | ||
+ | * les extensions possibles. | ||
< | < | ||
- | [root@centos8 ~]# ping www.free.fr | + | [root@centos8 ~]# dmidecode |
- | ping: www.free.fr: Name or service | + | # dmidecode 3.2 |
+ | Getting SMBIOS data from sysfs. | ||
+ | SMBIOS 2.8 present. | ||
+ | 11 structures occupying 511 bytes. | ||
+ | Table at 0x000F5870. | ||
+ | |||
+ | Handle 0x0000, DMI type 0, 24 bytes | ||
+ | BIOS Information | ||
+ | Vendor: SeaBIOS | ||
+ | Version: rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org | ||
+ | Release Date: 04/ | ||
+ | Address: 0xE8000 | ||
+ | Runtime Size: 96 kB | ||
+ | ROM Size: 64 kB | ||
+ | Characteristics: | ||
+ | BIOS characteristics | ||
+ | Targeted content distribution is supported | ||
+ | BIOS Revision: 0.0 | ||
+ | |||
+ | Handle 0x0100, DMI type 1, 27 bytes | ||
+ | System Information | ||
+ | Manufacturer: | ||
+ | Product Name: Standard PC (i440FX + PIIX, 1996) | ||
+ | Version: pc-i440fx-5.2 | ||
+ | Serial Number: Not Specified | ||
+ | UUID: 95bd69e3-4a74-44a7-b58c-b74fbfb86df2 | ||
+ | Wake-up Type: Power Switch | ||
+ | SKU Number: Not Specified | ||
+ | Family: Not Specified | ||
+ | |||
+ | Handle 0x0300, DMI type 3, 22 bytes | ||
+ | Chassis Information | ||
+ | Manufacturer: | ||
+ | Type: Other | ||
+ | Lock: Not Present | ||
+ | Version: pc-i440fx-5.2 | ||
+ | Serial Number: Not Specified | ||
+ | Asset Tag: Not Specified | ||
+ | Boot-up State: Safe | ||
+ | Power Supply State: Safe | ||
+ | Thermal State: Safe | ||
+ | Security Status: Unknown | ||
+ | OEM Information: | ||
+ | Height: Unspecified | ||
+ | Number Of Power Cords: Unspecified | ||
+ | Contained Elements: 0 | ||
+ | SKU Number: Not Specified | ||
+ | |||
+ | Handle 0x0400, DMI type 4, 42 bytes | ||
+ | Processor Information | ||
+ | Socket Designation: | ||
+ | Type: Central Processor | ||
+ | Family: Other | ||
+ | Manufacturer: | ||
+ | ID: 61 0F 00 00 FF FB 8B 07 | ||
+ | Version: pc-i440fx-5.2 | ||
+ | Voltage: Unknown | ||
+ | External Clock: Unknown | ||
+ | Max Speed: 2000 MHz | ||
+ | Current Speed: 2000 MHz | ||
+ | Status: Populated, Enabled | ||
+ | Upgrade: Other | ||
+ | L1 Cache Handle: Not Provided | ||
+ | L2 Cache Handle: Not Provided | ||
+ | L3 Cache Handle: Not Provided | ||
+ | Serial Number: Not Specified | ||
+ | Asset Tag: Not Specified | ||
+ | Part Number: Not Specified | ||
+ | Core Count: 4 | ||
+ | Core Enabled: 4 | ||
+ | Thread Count: 1 | ||
+ | Characteristics: | ||
+ | |||
+ | Handle 0x0401, DMI type 4, 42 bytes | ||
+ | Processor Information | ||
+ | Socket Designation: | ||
+ | Type: Central Processor | ||
+ | Family: Other | ||
+ | Manufacturer: | ||
+ | ID: 61 0F 00 00 FF FB 8B 07 | ||
+ | Version: pc-i440fx-5.2 | ||
+ | Voltage: Unknown | ||
+ | External Clock: Unknown | ||
+ | Max Speed: 2000 MHz | ||
+ | Current Speed: 2000 MHz | ||
+ | Status: Populated, Enabled | ||
+ | Upgrade: Other | ||
+ | L1 Cache Handle: Not Provided | ||
+ | L2 Cache Handle: Not Provided | ||
+ | L3 Cache Handle: Not Provided | ||
+ | Serial Number: Not Specified | ||
+ | Asset Tag: Not Specified | ||
+ | Part Number: Not Specified | ||
+ | Core Count: 4 | ||
+ | Core Enabled: 4 | ||
+ | Thread Count: 1 | ||
+ | Characteristics: | ||
+ | |||
+ | Handle 0x1000, DMI type 16, 23 bytes | ||
+ | Physical Memory Array | ||
+ | Location: Other | ||
+ | Use: System Memory | ||
+ | Error Correction Type: Multi-bit ECC | ||
+ | Maximum Capacity: 4 GB | ||
+ | Error Information Handle: Not Provided | ||
+ | Number Of Devices: 1 | ||
+ | |||
+ | Handle 0x1100, DMI type 17, 40 bytes | ||
+ | Memory Device | ||
+ | Array Handle: 0x1000 | ||
+ | Error Information Handle: Not Provided | ||
+ | Total Width: Unknown | ||
+ | Data Width: Unknown | ||
+ | Size: 4 GB | ||
+ | Form Factor: DIMM | ||
+ | Set: None | ||
+ | Locator: DIMM 0 | ||
+ | Bank Locator: Not Specified | ||
+ | Type: RAM | ||
+ | Type Detail: Other | ||
+ | Speed: Unknown | ||
+ | Manufacturer: | ||
+ | Serial Number: Not Specified | ||
+ | Asset Tag: Not Specified | ||
+ | Part Number: Not Specified | ||
+ | Rank: Unknown | ||
+ | Configured Memory Speed: Unknown | ||
+ | Minimum Voltage: Unknown | ||
+ | Maximum Voltage: Unknown | ||
+ | Configured Voltage: Unknown | ||
+ | |||
+ | Handle 0x1300, DMI type 19, 31 bytes | ||
+ | Memory Array Mapped Address | ||
+ | Starting Address: 0x00000000000 | ||
+ | Ending Address: 0x000BFFFFFFF | ||
+ | Range Size: 3 GB | ||
+ | Physical Array Handle: 0x1000 | ||
+ | Partition Width: 1 | ||
+ | |||
+ | Handle 0x1301, DMI type 19, 31 bytes | ||
+ | Memory Array Mapped Address | ||
+ | Starting Address: 0x00100000000 | ||
+ | Ending Address: 0x0013FFFFFFF | ||
+ | Range Size: 1 GB | ||
+ | Physical Array Handle: 0x1000 | ||
+ | Partition Width: 1 | ||
+ | |||
+ | Handle 0x2000, DMI type 32, 11 bytes | ||
+ | System Boot Information | ||
+ | Status: No errors detected | ||
+ | |||
+ | Handle 0x7F00, DMI type 127, 4 bytes | ||
+ | End Of Table | ||
</ | </ | ||
- | Modifiez donc la configuration du profil **ip_fixe** | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 | + | [root@centos7 |
+ | Usage: dmidecode [OPTIONS] | ||
+ | Options are: | ||
+ | -d, --dev-mem FILE Read memory from device FILE (default: /dev/mem) | ||
+ | -h, --help | ||
+ | -q, --quiet | ||
+ | -s, --string KEYWORD | ||
+ | -t, --type TYPE Only display the entries of given type | ||
+ | -u, --dump | ||
+ | | ||
+ | | ||
+ | -V, --version | ||
</ | </ | ||
- | L' | + | ====1.8 - La Commande smartctl==== |
+ | |||
+ | **smartctl** contrôle le système SMART (Self-Monitoring, | ||
< | < | ||
- | [root@centos8 ~]# cat /etc/sysconfig/ | + | [root@centos8 ~]# smartctl --smart=on --saveauto=on --offlineauto=on |
- | TYPE=Ethernet | + | |
- | PROXY_METHOD=none | + | [root@centos8 ~]# smartctl |
- | BROWSER_ONLY=no | + | smartctl 7.1 2020-04-05 r5049 [x86_64-linux-4.18.0-305.7.1.el8_4.x86_64] (local build) |
- | BOOTPROTO=none | + | Copyright (C) 2002-19, Bruce Allen, Christian Franke, www.smartmontools.org |
- | IPADDR=10.0.2.46 | + | |
- | PREFIX=24 | + | === START OF INFORMATION SECTION === |
- | GATEWAY=10.0.2.1 | + | Device Model: |
- | DEFROUTE=yes | + | Serial Number: |
- | IPV4_FAILURE_FATAL=no | + | Firmware Version: 2.5+ |
- | IPV6INIT=yes | + | User Capacity: |
- | IPV6_AUTOCONF=yes | + | Sector Size: 512 bytes logical/ |
- | IPV6_DEFROUTE=yes | + | Device is: Not in smartctl database [for details use: -P showall] |
- | IPV6_FAILURE_FATAL=no | + | ATA Version is: |
- | IPV6_ADDR_GEN_MODE=stable-privacy | + | Local Time is: Sun Nov 13 09:12:18 2022 CET |
- | NAME=ip_fixe | + | SMART support is: Available - device has SMART capability. |
- | UUID=0f48c74d-5d16-4c37-8220-24644507b589 | + | SMART support is: Enabled |
- | DEVICE=ens18 | + | |
- | ONBOOT=yes | + | === START OF READ SMART DATA SECTION === |
- | DNS1=8.8.8.8 | + | SMART overall-health self-assessment test result: PASSED |
+ | |||
+ | General SMART Values: | ||
+ | Offline data collection status: | ||
+ | was completed without error. | ||
+ | Auto Offline Data Collection: Disabled. | ||
+ | Self-test execution status: | ||
+ | without error or no self-test has ever | ||
+ | been run. | ||
+ | Total time to complete Offline | ||
+ | data collection: | ||
+ | Offline data collection | ||
+ | capabilities: | ||
+ | No Auto Offline data collection support. | ||
+ | Suspend Offline collection upon new | ||
+ | command. | ||
+ | Offline surface scan supported. | ||
+ | Self-test supported. | ||
+ | No Conveyance Self-test supported. | ||
+ | No Selective Self-test supported. | ||
+ | SMART capabilities: | ||
+ | power-saving mode. | ||
+ | Supports SMART auto save timer. | ||
+ | Error logging capability: | ||
+ | No General Purpose Logging support. | ||
+ | Short self-test routine | ||
+ | recommended polling time: ( 2) minutes. | ||
+ | Extended self-test routine | ||
+ | recommended polling time: ( 54) minutes. | ||
+ | |||
+ | SMART Attributes Data Structure revision number: 1 | ||
+ | Vendor Specific SMART Attributes with Thresholds: | ||
+ | ID# ATTRIBUTE_NAME | ||
+ | 1 Raw_Read_Error_Rate | ||
+ | 3 Spin_Up_Time | ||
+ | 4 Start_Stop_Count | ||
+ | 5 Reallocated_Sector_Ct | ||
+ | 9 Power_On_Hours | ||
+ | 12 Power_Cycle_Count | ||
+ | 190 Airflow_Temperature_Cel 0x0003 | ||
+ | |||
+ | SMART Error Log Version: 1 | ||
+ | No Errors Logged | ||
+ | |||
+ | SMART Self-test log structure revision number 1 | ||
+ | No self-tests have been logged. [To run self-tests, use: smartctl -t] | ||
+ | |||
+ | Selective Self-tests/ | ||
</ | </ | ||
- | Afin que la modification du serveur DNS soit prise en compte, re-démarrez le service NetworkManager | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | root@centos8 ~]# systemctl restart NetworkManager.service | + | [root@centos8 ~]# smartctl --help |
- | [root@centos8 ~]# systemctl status NetworkManager.service | + | smartctl 7.1 2020-04-05 r5049 [x86_64-linux-4.18.0-305.7.1.el8_4.x86_64] |
- | ● NetworkManager.service | + | Copyright |
- | | + | |
- | Active: active | + | |
- | Docs: man: | + | |
- | Main PID: 973390 (NetworkManager) | + | |
- | Tasks: 4 (limit: 23535) | + | |
- | | + | |
- | | + | |
- | | + | |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: <info> [1630224912.2235] device | + | Usage: smartctl |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: | + | |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | ============================================ SHOW INFORMATION OPTIONS ===== |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | -h, --help, --usage |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: | + | |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | -V, --version, --copyright, |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | Print license, copyright, and version information and exit |
- | Aug 29 04:15:12 centos8.ittraining.loc NetworkManager[973390]: < | + | |
- | lines 1-20/20 (END) | + | -i, --info |
- | [q] | + | Show identity information for device |
+ | |||
+ | --identify[=[w][nvb]] | ||
+ | Show words and bits from IDENTIFY DEVICE data | ||
+ | |||
+ | | ||
+ | Get device setting: all, aam, apm, dsn, lookahead, security, | ||
+ | wcache, rcache, wcreorder, wcache-sct | ||
+ | |||
+ | -a, --all | ||
+ | Show all SMART information for device | ||
+ | |||
+ | -x, --xall | ||
+ | Show all information for device | ||
+ | |||
+ | --scan | ||
+ | Scan for devices | ||
+ | |||
+ | --scan-open | ||
+ | Scan for devices and try to open each device | ||
+ | |||
+ | ================================== SMARTCTL RUN-TIME BEHAVIOR OPTIONS ===== | ||
+ | |||
+ | -j, --json[=[cgiosuv]] | ||
+ | Print output in JSON format | ||
+ | |||
+ | -q TYPE, --quietmode=TYPE | ||
+ | Set smartctl quiet mode to one of: errorsonly, silent, noserial | ||
+ | |||
+ | | ||
+ | Specify device type to one of: | ||
+ | ata, scsi[+TYPE], nvme[,NSID], sat[,auto][,N][+TYPE], usbcypress[, | ||
+ | |||
+ | -T TYPE, --tolerance=TYPE | ||
+ | | ||
+ | |||
+ | -b TYPE, --badsum=TYPE | ||
+ | Set action on bad checksum to one of: warn, exit, ignore | ||
+ | |||
+ | -r TYPE, --report=TYPE | ||
+ | | ||
+ | |||
+ | -n MODE[,STATUS], --nocheck=MODE[,STATUS] | ||
+ | No check if: never, sleep, standby, idle (see man page) | ||
+ | |||
+ | ============================== DEVICE FEATURE ENABLE/ | ||
+ | |||
+ | -s VALUE, --smart=VALUE | ||
+ | Enable/ | ||
+ | |||
+ | | ||
+ | Enable/ | ||
+ | |||
+ | | ||
+ | | ||
+ | |||
+ | -s NAME[,VALUE], --set=NAME[,VALUE] | ||
+ | Enable/ | ||
+ | dsn, | ||
+ | standby, | ||
+ | | ||
+ | |||
+ | ======================================= READ AND DISPLAY DATA OPTIONS ===== | ||
+ | |||
+ | -H, --health | ||
+ | Show device | ||
+ | |||
+ | -c, --capabilities | ||
+ | Show device SMART capabilities | ||
+ | |||
+ | -A, --attributes | ||
+ | Show device | ||
+ | |||
+ | -f FORMAT, --format=FORMAT | ||
+ | Set output format for attributes: old, brief, hex[,id|val] | ||
+ | |||
+ | -l TYPE, --log=TYPE | ||
+ | Show device log. TYPE: error, selftest, selective, directory[, | ||
+ | | ||
+ | sasphy[, | ||
+ | scttempint, | ||
+ | gplog, | ||
+ | |||
+ | -v N,OPTION , --vendorattribute=N, | ||
+ | Set display OPTION for vendor Attribute N (see man page) | ||
+ | |||
+ | -F TYPE, --firmwarebug=TYPE | ||
+ | Use firmware bug workaround: | ||
+ | none, nologdir, samsung, samsung2, samsung3, xerrorlba, swapid | ||
+ | |||
+ | -P TYPE, --presets=TYPE | ||
+ | Drive-specific presets: use, ignore, show, showall | ||
+ | |||
+ | -B [+]FILE, --drivedb=[+]FILE | ||
+ | Read and replace [add] drive database from FILE | ||
+ | [default is +/ | ||
+ | and then / | ||
+ | |||
+ | ============================================ DEVICE SELF-TEST OPTIONS ===== | ||
+ | |||
+ | -t TEST, --test=TEST | ||
+ | Run test. TEST: offline, short, long, conveyance, force, vendor,N, | ||
+ | | ||
+ | |||
+ | -C, --captive | ||
+ | Do test in captive mode (along with -t) | ||
+ | |||
+ | -X, --abort | ||
+ | Abort any non-captive test on device | ||
+ | |||
+ | =================================================== SMARTCTL EXAMPLES ===== | ||
+ | |||
+ | smartctl --all /dev/ | ||
+ | |||
+ | smartctl --smart=on --offlineauto=on --saveauto=on /dev/sda | ||
+ | (Enables SMART on first disk) | ||
+ | |||
+ | smartctl --test=long / | ||
+ | |||
+ | smartctl --attributes --log=selftest --quietmode=errorsonly /dev/sda | ||
+ | (Prints Self-Test & Attribute errors) | ||
+ | smartctl --all --device=3ware, | ||
+ | smartctl --all --device=3ware, | ||
+ | smartctl --all --device=3ware, | ||
+ | smartctl --all --device=3ware, | ||
+ | (Prints all SMART info for 3rd ATA disk on 3ware RAID controller) | ||
+ | smartctl --all --device=hpt, | ||
+ | (Prints all SMART info for the SATA disk attached to the 3rd PMPort | ||
+ | of the 1st channel on the 1st HighPoint RAID controller) | ||
+ | smartctl --all --device=areca, | ||
+ | (Prints all SMART info for 3rd ATA disk of the 1st enclosure | ||
+ | on Areca RAID controller) | ||
</ | </ | ||
- | Vérifiez que le fichier **/ | + | ====1.9 - Les Commandes accton et dump-acct==== |
+ | |||
+ | Cette commande permet d' | ||
< | < | ||
- | [root@centos8 ~]# cat /etc/resolv.conf | + | [root@centos8 ~]# accton on |
- | # Generated by NetworkManager | + | Turning on process accounting, file set to the default '/ |
- | search | + | [root@centos8 ~]# systemctl status psacct |
- | nameserver 8.8.8.8 | + | ● psacct.service - Kernel process accounting |
+ | | ||
+ | | ||
+ | ...skipping... | ||
+ | ● psacct.service - Kernel process accounting | ||
+ | | ||
+ | | ||
+ | |||
+ | [root@centos8 ~]# systemctl enable psacct | ||
+ | Created symlink | ||
+ | |||
+ | [root@centos8 ~]# systemctl start psacct | ||
+ | |||
+ | [root@centos8 ~]# systemctl status psacct | ||
+ | ● psacct.service - Kernel process accounting | ||
+ | | ||
+ | | ||
+ | Process: 39765 ExecStart=/ | ||
+ | Process: 39763 ExecStartPre=/ | ||
+ | Main PID: 39765 (code=exited, | ||
+ | |||
+ | Nov 13 09:35:16 centos8.ittraining.loc | ||
+ | Nov 13 09:35:16 centos8.ittraining.loc accton[39765]: | ||
+ | Nov 13 09:35:16 centos8.ittraining.loc systemd[1]: Started Kernel process accounting. | ||
</ | </ | ||
- | Dernièrement vérifiez la resolution des noms : | + | Par contre le fichier **/ |
< | < | ||
- | [root@centos8 ~]# ping www.free.fr | + | [root@centos8 ~]# cat / |
- | PING www.free.fr | + | #pcKaccton pcEusleep%$pcu, |
- | 64 bytes from www.free.fr (212.27.48.10): | + | |
- | 64 bytes from www.free.fr (212.27.48.10): icmp_seq=2 ttl=47 time=29.4 ms | + | |
- | 64 bytes from www.free.fr | + | |
- | 64 bytes from www.free.fr | + | |
- | ^C | + | |
- | --- www.free.fr ping statistics | + | |
- | 4 packets transmitted, 4 received, 0% packet loss, time 3005ms | + | |
- | rtt min/ | + | |
</ | </ | ||
- | <WRAP center round important 60%> | + | La commande |
- | **Important** : Notez qu'il existe un front-end graphique en mode texte, **nmtui**, pour configurer NetworkManager. | + | |
- | </ | + | |
- | ====1.3 - Ajouter une Deuxième Adresse IP à un Profil==== | + | < |
+ | [root@centos8 ~]# dump-acct / | ||
+ | accton | ||
+ | sleep | ||
+ | awk | ||
+ | ksmtuned | ||
+ | pgrep | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | awk | ||
+ | ksmtuned | ||
+ | less |v3| | ||
+ | systemctl | ||
+ | sleep | ||
+ | awk | ||
+ | ksmtuned | ||
+ | pgrep | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | awk | ||
+ | ksmtuned | ||
+ | rpc-pipefs-gene |v3| | ||
+ | nfs-server-gene |v3| | ||
+ | systemd-cryptse |v3| | ||
+ | systemd-system- |v3| | ||
+ | systemd-hiberna |v3| | ||
+ | ... | ||
+ | </ | ||
- | Pour ajouter une deuxième adresse IP à un profil sous RHEL/CentOS 8, il convient d' | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli connection mod ip_fixe +ipv4.addresses 192.168.1.2/ | + | [root@centos8 ~]# dump-acct --help |
+ | Usage: dump-acct [-hrR] [-n < | ||
+ | [--num < | ||
+ | [--format < | ||
+ | [--ahz < | ||
+ | |||
+ | The system' | ||
</ | </ | ||
- | Rechargez la configuration du profil | + | ====1.10 - La Commande lastcomm==== |
+ | |||
+ | Cette commande vous renseigne sur l' | ||
< | < | ||
- | [root@centos8 ~]# nmcli con up ip_fixe | + | [root@centos8 ~]# lastcomm |
+ | bash F root | ||
+ | gdbus X root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | kworker/ | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | kworker/ | ||
+ | kworker/ | ||
+ | kworker/ | ||
+ | dump-acct | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | dump-acct | ||
+ | man root | ||
+ | less | ||
+ | kworker/ | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | man | ||
+ | nroff root | ||
+ | groff root | ||
+ | grotty | ||
+ | troff root | ||
+ | nroff | ||
+ | locale | ||
+ | tbl root | ||
+ | preconv | ||
+ | man | ||
+ | man | ||
+ | man | ||
+ | man | ||
+ | man | ||
+ | man | ||
+ | man | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | dump-acct | ||
+ | kworker/ | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | cat root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | kworker/ | ||
+ | systemctl | ||
+ | less | ||
+ | systemd-cgroups | ||
+ | systemd-cgroups | ||
+ | systemctl | ||
+ | systemd-tty-ask | ||
+ | accton | ||
+ | accton | ||
+ | accton-create | ||
+ | systemctl | ||
+ | (sd-executor) | ||
+ | systemd-gpt-aut | ||
+ | systemd-getty-g | ||
+ | systemd-veritys | ||
+ | systemd-sysv-ge | ||
+ | systemd-debug-g | ||
+ | selinux-autorel | ||
+ | grep | ||
+ | ostree-system-g | ||
+ | systemd-rc-loca | ||
+ | anaconda-genera | ||
+ | lvm2-activation | ||
+ | kdump-dep-gener | ||
+ | selinuxenabled | ||
+ | lvmconfig | ||
+ | grep | ||
+ | readlink | ||
+ | systemd-fstab-g | ||
+ | systemd-hiberna | ||
+ | systemd-system- | ||
+ | systemd-cryptse | ||
+ | nfs-server-gene | ||
+ | rpc-pipefs-gene | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | systemctl | ||
+ | less | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | ksmtuned | ||
+ | ksmtuned | ||
+ | pgrep root | ||
+ | ksmtuned | ||
+ | awk root | ||
+ | sleep root | ||
+ | accton | ||
+ | |||
+ | [root@centos8 ~]# lastcomm grep | ||
+ | grep | ||
+ | grep | ||
+ | grep | ||
+ | grep | ||
</ | </ | ||
- | Saisissez ensuite | + | ===Options de la commande=== |
+ | |||
+ | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# nmcli connection show ip_fixe | + | [root@centos8 ~]# lastcomm |
- | connection.id: | + | Usage: lastcomm [-hpV] [-f file] [command] |
- | connection.uuid: | + | [--forwards] [--file < |
- | connection.stable-id: | + | [--user < |
- | connection.type: 802-3-ethernet | + | [--show-paging] [--pid] [--ahz < |
- | connection.interface-name: | + | |
- | connection.autoconnect: | + | The system' |
- | connection.autoconnect-priority: | + | |
- | connection.autoconnect-retries: | + | |
- | connection.multi-connect: | + | |
- | connection.auth-retries: | + | |
- | connection.timestamp: | + | |
- | connection.read-only: | + | |
- | connection.permissions: | + | |
- | connection.zone: | + | |
- | connection.master: | + | |
- | connection.slave-type: | + | |
- | connection.autoconnect-slaves: | + | |
- | connection.secondaries: | + | |
- | connection.gateway-ping-timeout: | + | |
- | connection.metered: | + | |
- | connection.lldp: | + | |
- | connection.mdns: | + | |
- | connection.llmnr: | + | |
- | connection.wait-device-timeout: | + | |
- | 802-3-ethernet.port: | + | |
- | 802-3-ethernet.speed: | + | |
- | 802-3-ethernet.duplex: | + | |
- | 802-3-ethernet.auto-negotiate: | + | |
- | 802-3-ethernet.mac-address: | + | |
- | 802-3-ethernet.cloned-mac-address: | + | |
- | 802-3-ethernet.generate-mac-address-mask: | + | |
- | 802-3-ethernet.mac-address-blacklist: | + | |
- | 802-3-ethernet.mtu: | + | |
- | 802-3-ethernet.s390-subchannels: | + | |
- | 802-3-ethernet.s390-nettype: | + | |
- | 802-3-ethernet.s390-options: | + | |
- | 802-3-ethernet.wake-on-lan: | + | |
- | 802-3-ethernet.wake-on-lan-password: | + | |
- | ipv4.method: | + | |
- | ipv4.dns: | + | |
- | ipv4.dns-search: | + | |
- | ipv4.dns-options: | + | |
- | ipv4.dns-priority: | + | |
- | ipv4.addresses: | + | |
- | ipv4.gateway: | + | |
- | ipv4.routes: | + | |
- | ipv4.route-metric: | + | |
- | ipv4.route-table: | + | |
- | ipv4.routing-rules: | + | |
- | ipv4.ignore-auto-routes: | + | |
- | ipv4.ignore-auto-dns: | + | |
- | ipv4.dhcp-client-id: | + | |
- | ipv4.dhcp-iaid: | + | |
- | ipv4.dhcp-timeout: | + | |
- | ipv4.dhcp-send-hostname: | + | |
- | ipv4.dhcp-hostname: | + | |
- | ipv4.dhcp-fqdn: | + | |
- | ipv4.dhcp-hostname-flags: | + | |
- | ipv4.never-default: | + | |
- | ipv4.may-fail: | + | |
- | ipv4.dad-timeout: | + | |
- | ipv4.dhcp-vendor-class-identifier: | + | |
- | ipv4.dhcp-reject-servers: | + | |
- | ipv6.method: | + | |
- | ipv6.dns: | + | |
- | ipv6.dns-search: | + | |
- | ipv6.dns-options: | + | |
- | ipv6.dns-priority: | + | |
- | ipv6.addresses: | + | |
- | ipv6.gateway: | + | |
- | ipv6.routes: | + | |
- | ipv6.route-metric: | + | |
- | ipv6.route-table: | + | |
- | ipv6.routing-rules: | + | |
- | ipv6.ignore-auto-routes: | + | |
- | ipv6.ignore-auto-dns: | + | |
- | ipv6.never-default: | + | |
- | ipv6.may-fail: | + | |
- | ipv6.ip6-privacy: | + | |
- | ipv6.addr-gen-mode: | + | |
- | ipv6.ra-timeout: | + | |
- | ipv6.dhcp-duid: | + | |
- | ipv6.dhcp-iaid: | + | |
- | ipv6.dhcp-timeout: | + | |
- | ipv6.dhcp-send-hostname: | + | |
- | ipv6.dhcp-hostname: | + | |
- | ipv6.dhcp-hostname-flags: | + | |
- | ipv6.token: | + | |
- | proxy.method: | + | |
- | proxy.browser-only: | + | |
- | proxy.pac-url: | + | |
- | proxy.pac-script: | + | |
- | GENERAL.NAME: | + | |
- | GENERAL.UUID: | + | |
- | GENERAL.DEVICES: | + | |
- | GENERAL.IP-IFACE: | + | |
- | GENERAL.STATE: | + | |
- | GENERAL.DEFAULT: | + | |
- | GENERAL.DEFAULT6: | + | |
- | GENERAL.SPEC-OBJECT: | + | |
- | GENERAL.VPN: | + | |
- | GENERAL.DBUS-PATH: | + | |
- | GENERAL.CON-PATH: | + | |
- | GENERAL.ZONE: | + | |
- | GENERAL.MASTER-PATH: | + | |
- | IP4.ADDRESS[1]: | + | |
- | IP4.ADDRESS[2]: | + | |
- | IP4.GATEWAY: | + | |
- | IP4.ROUTE[1]: | + | |
- | IP4.ROUTE[2]: | + | |
- | IP4.ROUTE[3]: | + | |
- | IP4.DNS[1]: | + | |
- | IP6.ADDRESS[1]: | + | |
- | IP6.GATEWAY: | + | |
- | IP6.ROUTE[1]: | + | |
- | IP6.ROUTE[2]: | + | |
- | lines 72-116/116 (END) | + | |
- | [q] | + | |
</ | </ | ||
- | <WRAP center round important 60%> | + | ====1.11 - La Commande sa==== |
- | **Important** : Notez l' | + | |
- | </ | + | |
- | Consultez maintenant le contenu du fichier **/ | + | Cette commande vous renseigne sur les statistiques sur les processus lancés et leurs ressources systèmes: |
< | < | ||
- | [root@centos8 ~]# cat / | + | [root@centos8 ~]# sa -u | egrep " |
- | TYPE=Ethernet | + | root 0.00 cpu 1090k mem 0 io accton |
- | PROXY_METHOD=none | + | root 0.00 cpu 1827k mem 0 io sleep |
- | BROWSER_ONLY=no | + | root 0.00 cpu 6378k mem 0 io awk |
- | BOOTPROTO=none | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | IPADDR=10.0.2.46 | + | root 0.00 cpu 11276k mem 0 io pgrep |
- | PREFIX=24 | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | GATEWAY=10.0.2.1 | + | root 0.00 cpu 6528k mem 0 io ksmtuned |
- | DEFROUTE=yes | + | root 0.00 cpu 6344k mem 0 io awk |
- | IPV4_FAILURE_FATAL=no | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | IPV6INIT=yes | + | root 0.00 cpu 2426k mem 0 io less |
- | IPV6_AUTOCONF=yes | + | root 0.00 cpu 23376k mem 0 io systemctl |
- | IPV6_DEFROUTE=yes | + | root 0.00 cpu 1827k mem 0 io sleep |
- | IPV6_FAILURE_FATAL=no | + | root 0.00 cpu 6378k mem 0 io awk |
- | IPV6_ADDR_GEN_MODE=stable-privacy | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | NAME=ip_fixe | + | root 0.00 cpu 11276k mem 0 io pgrep |
- | UUID=0f48c74d-5d16-4c37-8220-24644507b589 | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | DEVICE=ens18 | + | root 0.00 cpu 6528k mem 0 io ksmtuned |
- | ONBOOT=yes | + | root 0.00 cpu 6344k mem 0 io awk |
- | DNS1=8.8.8.8 | + | root 0.00 cpu 6658k mem 0 io ksmtuned |
- | IPADDR1=192.168.1.2 | + | root 0.00 cpu 9688k mem 0 io rpc-pipefs-gene |
- | PREFIX1=24 | + | root 0.00 cpu 9720k mem 0 io nfs-server-gene |
+ | root 0.00 cpu 22592k mem 0 io systemd-cryptse | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-system- | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-hiberna | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-fstab-g | ||
+ | root 0.00 cpu 1098k mem 0 io readlink | ||
+ | root 0.00 cpu 2302k mem 0 io grep | ||
+ | root 0.00 cpu 16260k mem 0 io lvmconfig | ||
+ | root 0.00 cpu 3350k mem 0 io selinuxenabled | ||
+ | root 0.00 cpu 5862k mem 0 io kdump-dep-gener | ||
+ | root 0.00 cpu 8406k mem 0 io lvm2-activation | ||
+ | root 0.00 cpu 5764k mem 0 io anaconda-genera | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-rc-loca | ||
+ | root 0.01 cpu 38192k mem 0 io ostree-system-g | ||
+ | root 0.00 cpu 2302k mem 0 io grep | ||
+ | root 0.00 cpu 5764k mem 0 io selinux-autorel | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-debug-g | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-sysv-ge | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-veritys | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-getty-g | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-gpt-aut | ||
+ | root 0.00 cpu 63728k mem 0 io (sd-executor) | ||
+ | root 0.00 cpu 23632k mem 0 io systemctl | ||
+ | root 0.00 cpu 6496k mem 0 io accton-create | ||
+ | root 0.00 cpu 0k mem 0 io accton | ||
+ | root 0.00 cpu 1090k mem 0 io accton | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-tty-ask | ||
+ | root 0.00 cpu 23376k mem 0 io systemctl | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-cgroups | ||
+ | root 0.00 cpu 22592k mem 0 io systemd-cgroups | ||
+ | root 0.00 cpu 2426k mem 0 io less | ||
+ | root 0.00 cpu 23376k mem 0 io systemctl | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 1828k mem 0 io cat | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 1994k mem 0 io dump-acct | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 4582k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4844k mem 0 io man * | ||
+ | root 0.00 cpu 4186k mem 0 io preconv | ||
+ | root 0.00 cpu 3476k mem 0 io tbl | ||
+ | root 0.00 cpu 1831k mem 0 io locale | ||
+ | root 0.00 cpu 3182k mem 0 io nroff * | ||
+ | root 0.00 cpu 4186k mem 0 io troff | ||
+ | root 0.00 cpu 3674k mem 0 io grotty | ||
+ | root 0.00 cpu 3496k mem 0 io groff | ||
+ | root 0.00 cpu 3182k mem 0 io nroff | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 2426k mem 0 io less | ||
+ | root 0.01 cpu 4770k mem 0 io man | ||
+ | root 0.00 cpu 1994k mem 0 io dump-acct | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 2094k mem 0 io dump-acct | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 93648k mem 0 io gdbus | ||
+ | root 0.00 cpu 6888k mem 0 io bash * | ||
+ | root 0.00 cpu 5410k mem 0 io lastcomm | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 4570k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4844k mem 0 io man * | ||
+ | root 0.00 cpu 4186k mem 0 io preconv | ||
+ | root 0.00 cpu 3476k mem 0 io tbl | ||
+ | root 0.00 cpu 1831k mem 0 io locale | ||
+ | root 0.00 cpu 3182k mem 0 io nroff * | ||
+ | root 0.00 cpu 4186k mem 0 io troff | ||
+ | root 0.00 cpu 3706k mem 0 io grotty | ||
+ | root 0.00 cpu 3496k mem 0 io groff | ||
+ | root 0.00 cpu 3182k mem 0 io nroff | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 2426k mem 0 io less | ||
+ | root 0.00 cpu 4770k mem 0 io man | ||
+ | root 0.00 cpu 4604k mem 0 io man * | ||
+ | root 0.00 cpu 4760k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 4844k mem 0 io man * | ||
+ | root 0.00 cpu 4186k mem 0 io preconv | ||
+ | root 0.00 cpu 3476k mem 0 io tbl | ||
+ | root 0.00 cpu 1831k mem 0 io locale | ||
+ | root 0.00 cpu 3182k mem 0 io nroff * | ||
+ | root 0.00 cpu 4186k mem 0 io troff | ||
+ | root 0.00 cpu 3700k mem 0 io grotty | ||
+ | root 0.00 cpu 3496k mem 0 io groff | ||
+ | root 0.00 cpu 3182k mem 0 io nroff | ||
+ | root 0.00 cpu 4804k mem 0 io man * | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
+ | root 0.00 cpu 2426k mem 0 io less | ||
+ | root 0.00 cpu 4770k mem 0 io man | ||
+ | root 0.00 cpu 5312k mem 0 io sa | ||
+ | root 0.00 cpu 3034k mem 0 io grep | ||
+ | root 0.00 cpu 5312k mem 0 io sa | ||
+ | root 0.00 cpu 1827k mem 0 io sleep | ||
+ | root 0.00 cpu 6378k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 11276k mem 0 io pgrep | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6528k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 6344k mem 0 io awk | ||
+ | root 0.00 cpu 6658k mem 0 io ksmtuned | ||
+ | root 0.00 cpu 0k mem 0 io kworker/ | ||
</ | </ | ||
- | <WRAP center round important 60%> | + | ===Options |
- | **Important** : Notez l' | + | |
- | </ | + | |
- | ====1.4 - La Commande hostname==== | + | Les options de cette commande sont : |
- | La procédure | + | < |
+ | [root@centos8 ~]# sa --help | ||
+ | |||
+ | Usage: sa [ options ] [ file ] | ||
+ | |||
+ | options: [-abcdfiljkmnprstuDKP] [-v < | ||
+ | [--other-acct-file < | ||
+ | [--print-seconds] [--dont-read-summary-files] [--debug] | ||
+ | | ||
+ | | ||
+ | [--list-all-names] [--not-interactive] [--threshold < | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | The system' | ||
+ | |||
+ | raw process accounting data: / | ||
+ | summary by command name: / | ||
+ | summary by username: / | ||
+ | </ | ||
+ | |||
+ | ====1.12 - La Commande ac==== | ||
+ | |||
+ | Cette commande vous renseigne sur les statistiques des temps de connexion des utilisateurs | ||
< | < | ||
- | [root@centos8 ~]# hostname | + | [root@centos8 ~]# ac -p |
- | centos8.ittraining.loc | + | |
+ | total 247.51 | ||
- | [root@centos8 ~]# nmcli general hostname centos.ittraining.loc | + | [root@centos8 ~]# ac -d |
+ | Jun 16 total 6.41 | ||
+ | Jun 17 total 12.09 | ||
+ | Jul 19 total 6.94 | ||
+ | Jul 20 total | ||
+ | Sep 2 total 0.03 | ||
+ | Sep 3 total 0.01 | ||
+ | Sep 5 total | ||
+ | Oct 9 total 0.92 | ||
+ | Oct 11 total 4.17 | ||
+ | Oct 12 total 5.45 | ||
+ | Nov 7 total | ||
+ | Nov 8 total | ||
+ | Nov 9 total | ||
+ | Nov 10 total 8.48 | ||
+ | Nov 11 total 3.01 | ||
+ | Today | ||
+ | </ | ||
- | [root@centos8 ~]# cat / | + | ===Options de la commande=== |
- | centos.ittraining.loc | + | |
- | [root@centos8 ~]# hostname | + | Les options de cette commande sont : |
- | centos.ittraining.loc | + | |
+ | < | ||
+ | [root@centos8 ~]# ac --help | ||
- | [root@centos8 ~]# nmcli general hostname centos8.ittraining.loc | + | Usage: ac [OPTION] ... |
- | [root@centos8 ~]# cat / | + | OPTIONS: |
- | centos8.ittraining.loc | + | -d, --daily-totals |
+ | -p, --individual-totals | ||
+ | -f, --file < | ||
+ | --complain | ||
+ | --reboots | ||
+ | --supplants | ||
+ | --timewarps | ||
+ | --compatibility | ||
+ | -a, --all-days | ||
+ | --tw-leniency < | ||
+ | --tw-suspicious < | ||
+ | --print-year | ||
+ | --print-zeros | ||
+ | --debug | ||
+ | -V, --version | ||
+ | -h, --help | ||
- | [root@centos8 ~]# hostname | + | The system' |
- | centos8.ittraining.loc | + | |
</ | </ | ||
- | ====1.5 - La Commande ip==== | + | =====LAB #2 - La commande sysctl===== |
- | Sous RHEL/CentOS 8 la commande **ip** | + | ====2.1 - Répertoire |
+ | |||
+ | Le répertoire /proc contient des fichiers et des répertoires virtuels. Le contenu de ces fichiers | ||
< | < | ||
- | [root@centos8 ~]# ip address | + | [root@centos8 ~]# ls /proc |
- | 1: lo: < | + | 1 |
- | link/ | + | 10 |
- | inet 127.0.0.1/8 scope host lo | + | 1007 |
- | valid_lft forever preferred_lft forever | + | 11 |
- | | + | 11805 16593 |
- | valid_lft forever preferred_lft forever | + | 12 |
- | 2: ens18: < | + | 1219 |
- | | + | 1228 |
- | | + | 1232 |
- | valid_lft forever preferred_lft forever | + | 1234 |
- | | + | 1235 |
- | valid_lft forever preferred_lft forever | + | 1247 |
- | | + | 13 |
- | valid_lft forever preferred_lft forever | + | 1307 |
- | 3: virbr0: <NO-CARRIER, | + | 1339 |
- | | + | 1356 |
- | | + | 14 |
- | valid_lft forever preferred_lft forever | + | 1441 |
- | 4: virbr0-nic: < | + | 1443 |
- | | + | 1444 |
+ | 1446 | ||
+ | 14977 1828 | ||
+ | 15 | ||
+ | 15067 183 2167 2330 2571 422 | ||
+ | 1536 | ||
+ | 1553 | ||
+ | 15594 186 2187 2358 259 | ||
+ | 15735 187 2190 2373 2593 427 | ||
+ | 16 | ||
+ | 16165 1883 | ||
+ | 16167 1888 | ||
</ | </ | ||
- | ===Options de la Commande ip=== | + | ===Fichiers=== |
- | Les options de cette commande sont : | + | ==Processeur== |
< | < | ||
- | [root@centos8 ~]# ip --help | + | [root@centos8 ~]# cat / |
- | Usage: ip [ OPTIONS ] OBJECT { COMMAND | help } | + | processor |
- | ip [ -force ] -batch filename | + | vendor_id |
- | where OBJECT | + | cpu family |
- | tunnel | tuntap | maddress | mroute | mrule | monitor | xfrm | | + | model : 6 |
- | netns | l2tp | fou | macsec | tcp_metrics | token | netconf | ila | | + | model name : Common KVM processor |
- | vrf | sr | nexthop | mptcp } | + | stepping |
- | OPTIONS | + | microcode |
- | | + | cpu MHz : 1999.987 |
- | | + | cache size : 16384 KB |
- | -4 | -6 | -I | -D | -M | -B | -0 | | + | physical id : 0 |
- | | + | siblings |
- | | + | core id : |
- | | + | cpu cores : 4 |
- | | + | apicid |
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
- | </ | + | processor |
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 0 | ||
+ | siblings | ||
+ | core id : 1 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
- | ====1.6 - Activer/ | + | processor |
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 0 | ||
+ | siblings | ||
+ | core id : 2 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
- | Deux commandes existent pour désactiver et activer manuellement une interface réseau | + | processor |
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 0 | ||
+ | siblings | ||
+ | core id : 3 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
+ | |||
+ | processor | ||
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 1 | ||
+ | siblings | ||
+ | core id : 0 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
+ | |||
+ | processor | ||
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 1 | ||
+ | siblings | ||
+ | core id : 1 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
+ | |||
+ | processor | ||
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 1 | ||
+ | siblings | ||
+ | core id : 2 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
+ | |||
+ | processor | ||
+ | vendor_id | ||
+ | cpu family | ||
+ | model : 6 | ||
+ | model name : Common KVM processor | ||
+ | stepping | ||
+ | microcode | ||
+ | cpu MHz : 1999.987 | ||
+ | cache size : 16384 KB | ||
+ | physical id : 1 | ||
+ | siblings | ||
+ | core id : 3 | ||
+ | cpu cores : 4 | ||
+ | apicid | ||
+ | initial apicid | ||
+ | fpu : yes | ||
+ | fpu_exception | ||
+ | cpuid level : 13 | ||
+ | wp : yes | ||
+ | flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti | ||
+ | bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit | ||
+ | bogomips | ||
+ | clflush size : 64 | ||
+ | cache_alignment : 128 | ||
+ | address sizes : 40 bits physical, 48 bits virtual | ||
+ | power management: | ||
+ | </ | ||
+ | |||
+ | ==Interruptions système== | ||
< | < | ||
- | # nmcli device disconnect enp0s3 | + | [root@centos8 ~]# cat / |
- | # nmcli device connect enp0s3 | + | CPU0 |
+ | 0: 109 0 0 0 0 0 0 0 | ||
+ | 1: 0 0 0 0 9 0 0 0 | ||
+ | 8: 0 0 0 0 0 1 0 0 | ||
+ | 9: 0 0 0 0 0 0 0 0 | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | NMI: 0 0 0 0 0 0 0 0 | ||
+ | LOC: | ||
+ | SPU: 0 0 0 0 0 0 0 0 | ||
+ | PMI: 0 0 0 0 0 0 0 0 | ||
+ | IWI: 0 0 0 0 2 0 0 0 IRQ work interrupts | ||
+ | RTR: 0 0 0 0 0 0 0 0 APIC ICR read retries | ||
+ | RES: | ||
+ | CAL: 11095 11007 10841 10343 14679 | ||
+ | TLB: | ||
+ | TRM: 0 0 0 0 0 0 0 0 | ||
+ | THR: 0 0 0 0 0 0 0 0 | ||
+ | DFR: 0 0 0 0 0 0 0 0 | ||
+ | MCE: 0 0 0 0 0 0 0 0 | ||
+ | MCP: 288 288 288 288 288 288 288 288 | ||
+ | HYP: 0 0 0 0 0 0 0 0 | ||
+ | HRE: 0 0 0 0 0 0 0 0 | ||
+ | HVS: 0 0 0 0 0 0 0 0 | ||
+ | ERR: 0 | ||
+ | MIS: 0 | ||
+ | PIN: 0 0 0 0 0 0 0 0 | ||
+ | NPI: 0 0 0 0 0 0 0 0 | ||
+ | PIW: 0 0 0 0 0 0 0 0 | ||
</ | </ | ||
<WRAP center round important 60%> | <WRAP center round important 60%> | ||
- | **Important** : Veuillez ne **PAS** exécuter ces deux commandes. | + | **Important** : Un pilote de périphérique demande au processeur de fournir un service en utilisant un IRQ. Quand la demande est faite, le processeur interrompe ses activités et passe le contrôle au pilote identifié par l'IRQ. Techniquement l' |
- | </ | + | </ |
- | ====1.7 - Routage Statique==== | + | ==Canaux DMA== |
- | ===La commande ip=== | + | < |
+ | [root@centos8 ~]# cat /proc/dma | ||
+ | 4: cascade | ||
+ | </ | ||
- | Sous RHEL/CentOS 8, pour supprimer la route vers le réseau 192.168.1.0 il convient | + | ==Plages |
< | < | ||
- | [root@centos8 ~]# ip route | + | root@centos8 ~]# cat / |
- | default via 10.0.2.1 dev ens18 proto static metric 100 | + | 0000-0cf7 : PCI Bus 0000:00 |
- | 10.0.2.0/24 dev ens18 proto kernel scope link src 10.0.2.46 metric 100 | + | 0000-001f : dma1 |
- | 192.168.1.0/24 dev ens18 proto kernel scope link src 192.168.1.2 metric 100 | + | 0020-0021 : pic1 |
- | 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown | + | 0040-0043 : timer0 |
+ | 0050-0053 : timer1 | ||
+ | 0060-0060 : keyboard | ||
+ | 0064-0064 : keyboard | ||
+ | 0070-0077 : rtc0 | ||
+ | 0080-008f : dma page reg | ||
+ | 00a0-00a1 : pic2 | ||
+ | 00c0-00df : dma2 | ||
+ | 00f0-00ff : fpu | ||
+ | 0170-0177 : 0000:00:01.1 | ||
+ | 0170-0177 : ata_piix | ||
+ | 01f0-01f7 : 0000:00:01.1 | ||
+ | 01f0-01f7 : ata_piix | ||
+ | 0376-0376 : 0000:00:01.1 | ||
+ | | ||
+ | 03c0-03df : vga+ | ||
+ | 03f6-03f6 : 0000:00:01.1 | ||
+ | 03f6-03f6 : ata_piix | ||
+ | --More-- | ||
+ | </code> | ||
+ | |||
+ | <WRAP center round alert 60%> | ||
+ | **Important** - Si deux périphériques ont le même port, les **deux** périphériques seront inutilisables. | ||
+ | </ | ||
+ | |||
+ | ==Périphériques== | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# cat / | ||
+ | Character devices: | ||
+ | | ||
+ | 4 /dev/vc/0 | ||
+ | 4 tty | ||
+ | 4 ttyS | ||
+ | 5 /dev/tty | ||
+ | | ||
+ | 5 /dev/ptmx | ||
+ | 7 vcs | ||
+ | 10 misc | ||
+ | 13 input | ||
+ | 21 sg | ||
+ | 29 fb | ||
+ | 128 ptm | ||
+ | 136 pts | ||
+ | 162 raw | ||
+ | 180 usb | ||
+ | 188 ttyUSB | ||
+ | 189 usb_device | ||
+ | 202 cpu/msr | ||
+ | 203 cpu/cpuid | ||
+ | 226 drm | ||
+ | 244 aux | ||
+ | 245 hidraw | ||
+ | 246 usbmon | ||
+ | 247 bsg | ||
+ | 248 watchdog | ||
+ | 249 ptp | ||
+ | 250 pps | ||
+ | 251 rtc | ||
+ | 252 dax | ||
+ | 253 tpm | ||
+ | 254 gpiochip | ||
- | root@centos8 ~]# ip route del 192.168.1.0/ | + | Block devices: |
- | [root@centos8 ~]# ip route | + | 8 sd |
- | default via 10.0.2.1 dev ens18 proto static metric 100 | + | 9 md |
- | 10.0.2.0/24 dev ens18 proto kernel scope link src 10.0.2.46 metric 100 | + | 11 sr |
- | 192.168.122.0/ | + | 65 sd |
+ | 66 sd | ||
+ | 67 sd | ||
+ | 68 sd | ||
+ | 69 sd | ||
+ | 70 sd | ||
+ | 71 sd | ||
+ | 128 sd | ||
+ | 129 sd | ||
+ | 130 sd | ||
+ | 131 sd | ||
+ | 132 sd | ||
+ | 133 sd | ||
+ | 134 sd | ||
+ | 135 sd | ||
+ | 253 device-mapper | ||
+ | 254 mdp | ||
+ | 259 blkext | ||
</ | </ | ||
- | Pour ajouter la route vers le réseau 192.168.1.0 : | + | ==Modules== |
< | < | ||
- | [root@centos8 ~]# ip route add 192.168.1.0/24 via 10.0.2.1 | + | [root@centos8 ~]# cat /proc/ |
- | [root@centos8 ~]# ip route | + | xt_CHECKSUM 16384 1 - Live 0xffffffffc09a8000 |
- | default via 10.0.2.1 dev ens18 proto static metric 100 | + | ipt_MASQUERADE 16384 3 - Live 0xffffffffc09a3000 |
- | 10.0.2.0/24 dev ens18 proto kernel scope link src 10.0.2.46 metric 100 | + | xt_conntrack 16384 1 - Live 0xffffffffc099e000 |
- | 192.168.1.0/24 via 10.0.2.1 dev ens18 | + | ipt_REJECT 16384 2 - Live 0xffffffffc0999000 |
- | 192.168.122.0/ | + | nft_compat 20480 16 - Live 0xffffffffc0993000 |
+ | nf_nat_tftp 16384 0 - Live 0xffffffffc098b000 | ||
+ | nft_objref 16384 1 - Live 0xffffffffc0986000 | ||
+ | nf_conntrack_tftp 16384 3 nf_nat_tftp, | ||
+ | nft_counter 16384 33 - Live 0xffffffffc097c000 | ||
+ | tun 53248 1 - Live 0xffffffffc096e000 | ||
+ | bridge 192512 | ||
+ | stp 16384 1 bridge, Live 0xffffffffc0939000 | ||
+ | llc 16384 2 bridge,stp, Live 0xffffffffc0930000 | ||
+ | nft_fib_inet 16384 1 - Live 0xffffffffc08f5000 | ||
+ | nft_fib_ipv4 16384 1 nft_fib_inet, | ||
+ | nft_fib_ipv6 16384 1 nft_fib_inet, | ||
+ | nft_fib 16384 3 nft_fib_inet, | ||
+ | nft_reject_inet 16384 5 - Live 0xffffffffc08de000 | ||
+ | nf_reject_ipv4 16384 2 ipt_REJECT, | ||
+ | nf_reject_ipv6 16384 1 nft_reject_inet, | ||
+ | nft_reject 16384 1 nft_reject_inet, | ||
+ | --More-- | ||
</ | </ | ||
- | <WRAP center round important 60%> | + | ==Statistiques de l' |
- | **Important** - La commande utilisée pour ajouter une passerelle par défaut prend la forme suivante **ip route add default via //adresse ip//**. | + | |
- | </ | + | |
- | ===Désactiver/Activer le routage sur le serveur=== | + | < |
+ | [root@centos8 ~]# cat /proc/ | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | 11 0 sr0 10 0 4 2 0 0 0 0 0 9 2 0 0 0 0 | ||
+ | | ||
+ | | ||
+ | </ | ||
- | Pour désactiver le routage sur le serveur, il convient de désactiver la retransmission des paquets. | + | ==Partitions== |
+ | |||
+ | < | ||
+ | [root@centos8 ~]# cat / | ||
+ | major minor # | ||
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | 11 0 1048575 sr0 | ||
+ | | ||
+ | | ||
+ | </ | ||
- | Pour IPv4 : | + | ==Espaces de pagination== |
< | < | ||
- | [root@centos8 ~]# cat /proc/sys/ | + | [root@centos8 ~]# cat /proc/swaps |
- | 1 | + | Filename |
- | [root@centos8 ~]# echo 0 > /proc/sys/ | + | /dev/dm-1 |
- | [root@centos8 ~]# cat / | + | |
</ | </ | ||
- | Pour activer le routage sur le serveur, il convient | + | ==Statistiques |
< | < | ||
- | [root@centos8 ~]# echo 1 > / | + | [root@centos8 ~]# cat /proc/loadavg |
- | [root@centos8 ~]# cat /proc/sys/ | + | 0.00 0.00 0.00 1/697 16936 |
- | 1 | + | |
</ | </ | ||
- | Pour IPv6 : | + | ==Statistiques d' |
< | < | ||
- | [root@centos8 ~]# cat /proc/sys/ | + | [root@centos8 ~]# cat /proc/meminfo |
- | 1 | + | MemTotal: |
- | [root@centos8 ~]# echo "0" > / | + | MemFree: |
- | [root@centos8 ~]# cat / | + | MemAvailable: |
+ | Buffers: | ||
+ | Cached: | ||
+ | SwapCached: | ||
+ | Active: | ||
+ | Inactive: | ||
+ | Active(anon): | ||
+ | Inactive(anon): | ||
+ | Active(file): | ||
+ | Inactive(file): | ||
+ | Unevictable: | ||
+ | Mlocked: | ||
+ | SwapTotal: | ||
+ | SwapFree: | ||
+ | Dirty: | ||
+ | Writeback: | ||
+ | AnonPages: | ||
+ | Mapped: | ||
+ | Shmem: | ||
+ | KReclaimable: | ||
+ | Slab: | ||
+ | SReclaimable: | ||
+ | SUnreclaim: | ||
+ | KernelStack: | ||
+ | PageTables: | ||
+ | NFS_Unstable: | ||
+ | Bounce: | ||
+ | WritebackTmp: | ||
+ | CommitLimit: | ||
+ | Committed_AS: | ||
+ | VmallocTotal: | ||
+ | VmallocUsed: | ||
+ | VmallocChunk: | ||
+ | Percpu: | ||
+ | HardwareCorrupted: | ||
+ | AnonHugePages: | ||
+ | ShmemHugePages: | ||
+ | ShmemPmdMapped: | ||
+ | FileHugePages: | ||
+ | FilePmdMapped: | ||
+ | HugePages_Total: | ||
+ | HugePages_Free: | ||
+ | HugePages_Rsvd: | ||
+ | HugePages_Surp: | ||
+ | Hugepagesize: | ||
+ | Hugetlb: | ||
+ | DirectMap4k: | ||
+ | DirectMap2M: | ||
</ | </ | ||
- | Pour activer le routage sur le serveur, il convient d' | + | ==Version du noyau== |
< | < | ||
- | [root@centos8 ~]# echo " | + | [root@centos8 ~]# cat /proc/version |
- | [root@centos8 ~]# cat / | + | Linux version 4.18.0-305.3.1.el8.x86_64 (mockbuild@kbuilder.bsys.centos.org) (gcc version 8.4.1 20200928 (Red Hat 8.4.1-1) (GCC)) |
- | 1 | + | |
</ | </ | ||
- | =====LAB #2 - Diagnostique du Réseau===== | + | ===Répertoires=== |
- | ====2.1 - ping==== | + | ==ide/scsi== |
- | Pour tester | + | Ce répertoire contient des répertoires dans lesquels se trouvent des informations sur la capacité, le type et la géométrie des disques. |
+ | |||
+ | ==acpi== | ||
+ | |||
+ | Ce répertoire contient des informations sur la gestion de l'énérgie, les températures, | ||
+ | |||
+ | ==bus== | ||
+ | |||
+ | Ce répertoire contient un sous-répertoire par bus. | ||
+ | |||
+ | ==net== | ||
+ | |||
+ | Ce répertoire contient des informations sur le réseau. | ||
+ | |||
+ | ==sys== | ||
+ | |||
+ | Ce répertoire contient des paramètres du noyau. Certains des fichiers dans ce répertoire sont accessibles en écriture par root en temps réel. Par exemple pour éviter des attaques réseau **%%DoS%%** utilisant | ||
+ | |||
+ | # echo 1 > / | ||
+ | |||
+ | Cette commande a pour résultat d' | ||
+ | |||
+ | ====2.2 - Utilisation de la Commande sysctl==== | ||
+ | |||
+ | Les fichiers dans le répertoire **/ | ||
+ | |||
+ | La commande **sysctl** applique les règles consignés dans le fichier **/ | ||
+ | |||
+ | Saisissez la commande | ||
< | < | ||
- | [root@centos8 ~]# ping -c4 10.0.2.1 | + | [root@centos8 ~]# cat /etc/sysctl.conf |
- | PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data. | + | # sysctl settings are defined through files in |
- | 64 bytes from 10.0.2.1: icmp_seq=1 ttl=64 time=0.104 ms | + | # / |
- | 64 bytes from 10.0.2.1: icmp_seq=2 ttl=64 time=0.325 ms | + | # |
- | 64 bytes from 10.0.2.1: icmp_seq=3 ttl=64 time=0.250 ms | + | # Vendors settings live in / |
- | 64 bytes from 10.0.2.1: icmp_seq=4 ttl=64 time=0.123 ms | + | # To override a whole file, create a new file with the same in |
+ | # /etc/sysctl.d/ and put new settings there. To override | ||
+ | # only specific settings, add a file with a lexically later | ||
+ | # name in /etc/sysctl.d/ and put new settings there. | ||
+ | # | ||
+ | # For more information, | ||
- | --- 10.0.2.1 ping statistics | + | [root@centos8 ~]# ls -l / |
- | 4 packets transmitted, 4 received, 0% packet loss, time 3083ms | + | total 0 |
- | rtt min/avg/max/mdev = 0.104/0.200/0.325/0.092 ms | + | lrwxrwxrwx. 1 root root 14 Mar 16 15:42 99-sysctl.conf |
+ | [root@centos8 ~]# ls -l / | ||
+ | total 24 | ||
+ | -rw-r--r--. 1 root root 1810 Dec 22 2020 10-default-yama-scope.conf | ||
+ | -rw-r--r--. 1 root root 524 Mar 16 15:42 50-coredump.conf | ||
+ | -rw-r--r--. 1 root root 1270 Mar 16 15:42 50-default.conf | ||
+ | -rw-r--r--. 1 root root 246 Jun 15 2020 50-libkcapi-optmem_max.conf | ||
+ | -rw-r--r--. 1 root root 636 Mar 16 15:42 50-pid-max.conf | ||
+ | -rw-r--r--. 1 root root 499 Nov 26 2019 60-libvirtd.conf | ||
+ | |||
+ | [root@centos8 ~]# cat / | ||
+ | # This file is part of systemd. | ||
+ | # | ||
+ | # systemd is free software; you can redistribute it and/or modify it | ||
+ | # under the terms of the GNU Lesser General Public License as published by | ||
+ | # the Free Software Foundation; either version 2.1 of the License, or | ||
+ | # (at your option) any later version. | ||
+ | |||
+ | # See sysctl.d(5) and core(5) for documentation. | ||
+ | |||
+ | # To override settings in this file, create a local file in /etc | ||
+ | # (e.g. /etc/sysctl.d/90-override.conf), | ||
+ | # there. | ||
+ | |||
+ | # System Request functionality of the kernel (SYNC) | ||
+ | # | ||
+ | # Use kernel.sysrq | ||
+ | # See https://www.kernel.org/doc/ | ||
+ | # of values and keys. | ||
+ | kernel.sysrq = 16 | ||
+ | |||
+ | # Append the PID to the core filename | ||
+ | kernel.core_uses_pid = 1 | ||
+ | |||
+ | # https:// | ||
+ | kernel.kptr_restrict = 1 | ||
+ | |||
+ | # Source route verification | ||
+ | net.ipv4.conf.all.rp_filter = 1 | ||
+ | |||
+ | # Do not accept source routing | ||
+ | net.ipv4.conf.all.accept_source_route = 0 | ||
+ | |||
+ | # Promote secondary addresses when the primary address is removed | ||
+ | net.ipv4.conf.all.promote_secondaries = 1 | ||
+ | |||
+ | # Fair Queue CoDel packet scheduler to fight bufferbloat | ||
+ | net.core.default_qdisc = fq_codel | ||
+ | |||
+ | # Enable hard and soft link protection | ||
+ | fs.protected_hardlinks = 1 | ||
+ | fs.protected_symlinks = 1 | ||
</ | </ | ||
- | ===Options de la commande | + | Les options de la commande **sysctl** sont : |
+ | |||
+ | < | ||
+ | [root@centos8 ~]# sysctl --help | ||
+ | |||
+ | Usage: | ||
+ | | ||
+ | |||
+ | Options: | ||
+ | -a, --all display all variables | ||
+ | -A alias of -a | ||
+ | -X alias of -a | ||
+ | --deprecated | ||
+ | -b, --binary | ||
+ | -e, --ignore | ||
+ | -N, --names | ||
+ | -n, --values | ||
+ | -p, --load[=< | ||
+ | -f alias of -p | ||
+ | --system | ||
+ | -r, --pattern < | ||
+ | | ||
+ | -q, --quiet | ||
+ | -w, --write | ||
+ | -o does nothing | ||
+ | -x does nothing | ||
+ | -d alias of -h | ||
+ | |||
+ | -h, --help | ||
+ | -V, --version | ||
+ | |||
+ | For more details see sysctl(8). | ||
+ | </ | ||
+ | |||
+ | <WRAP center round important 60%> | ||
+ | **Important** : Consultez la page de la traduction du manuel de **sysctl** **[[http:// | ||
+ | </ | ||
+ | |||
+ | =====LAB#3 - Interprétation des informations dans / | ||
+ | |||
+ | Les informations brutes stockées dans /proc peuvent être interprétées grâce à l' | ||
+ | |||
+ | * free, | ||
+ | * uptime et w, | ||
+ | * iostat, | ||
+ | * hdparm, | ||
+ | * vmstat, | ||
+ | * mpstat, | ||
+ | * sar. | ||
+ | |||
+ | ====3.1 - La Commande free==== | ||
+ | |||
+ | La commande **free** permet de donner l’état de la mémoire totale, libre, partagée, swap et bufferisée. Saisissez donc la commande suivante : | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# free -m | ||
+ | total used free shared | ||
+ | Mem: | ||
+ | Swap: 3279 | ||
+ | </ | ||
+ | |||
+ | Dans le cas de cet exemple, nous pouvons constater que l’affichage montre : | ||
+ | |||
+ | * 3735 Mo de mémoire physique totale, | ||
+ | * 1135 Mo de mémoire physique utilisée et 1818 Mo de mémoire physique libre, | ||
+ | * 3279 Mo de mémoire swap totale et 0 Mo de swap utilisé | ||
Les options de cette commande sont : | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# ping --help | + | [root@centos8 ~]# free --help |
- | ping: invalid option | + | |
- | Usage: ping [-aAbBdDfhLnOqrRUvV64] [-c count] [-i interval] [-I interface] | + | Usage: |
- | [-m mark] [-M pmtudisc_option] [-l preload] [-p pattern] [-Q tos] | + | free [options] |
- | [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp_option] | + | |
- | [-w deadline] [-W timeout] [hop1 ...] destination | + | Options: |
- | Usage: ping -6 [-aAbBdDfhLnOqrRUvV] [-c count] [-i interval] [-I interface] | + | -b, --bytes show output in bytes |
- | [-l preload] [-m mark] [-M pmtudisc_option] | + | |
- | [-N nodeinfo_option] [-p pattern] [-Q tclass] [-s packetsize] | + | --mega show output in megabytes |
- | [-S sndbuf] [-t ttl] [-T timestamp_option] [-w deadline] | + | |
- | [-W timeout] destination | + | --tera show output in terabytes |
+ | --peta show output in petabytes | ||
+ | -k, --kibi show output in kibibytes | ||
+ | -m, --mebi | ||
+ | -g, --gibi show output in gibibytes | ||
+ | | ||
+ | --pebi show output in pebibytes | ||
+ | -h, --human show human-readable output | ||
+ | | ||
+ | -l, --lohi show detailed low and high memory statistics | ||
+ | -t, --total show total for RAM + swap | ||
+ | -s N, --seconds N | ||
+ | -c N, --count N | ||
+ | -w, --wide | ||
+ | |||
+ | --help | ||
+ | -V, --version | ||
+ | |||
+ | For more details see free(1). | ||
</ | </ | ||
- | ====2.2 - netstat -i==== | + | ====3.2 - Les Commandes uptime et w==== |
- | Pour visualiser les statistiques réseaux, vous disposez de la commande **netstat** | + | Chacune des ces commandes indique |
< | < | ||
- | [root@centos8 ~]# netstat -i | + | [root@centos8 ~]# uptime |
- | Kernel Interface table | + | 04:39:03 up 1 day, 2:34, 1 user, load average: |
- | Iface | + | |
- | ens18 1500 | + | [root@centos8 ~]# w |
- | lo 65536 10936 0 0 0 10936 | + | |
- | virbr0 | + | USER |
+ | trainee | ||
</ | </ | ||
- | ===Options | + | Les valeurs **load average** ou //charge moyenne// indiquent le nombre moyen de processus en cours de traitement ou en attente pour la période concernée. |
- | Les options de cette commande | + | Par exemple si les valeurs sur un système muni d'un seul processeur étaient **3, |
+ | |||
+ | * 2,48 processus en attente dans la dernière minute, | ||
+ | * 3,00 processus en attente dans les dernières 5 minutes, | ||
+ | * 2,85 processus en attente dans les dernières 15 minutes. | ||
+ | |||
+ | Les options de ces commandes | ||
< | < | ||
- | [root@centos8 ~]# netstat | + | [root@centos8 ~]# uptime |
- | usage: netstat [-vWeenNcCF] [< | + | |
- | | + | |
- | | + | |
- | -r, --route | + | Usage: |
- | -I, --interfaces=< | + | uptime [options] |
- | -i, --interfaces | + | |
- | -g, --groups | + | |
- | -s, --statistics | + | |
- | -M, --masquerade | + | |
- | | + | Options: |
- | -W, --wide | + | -p, --pretty |
- | -n, --numeric | + | -h, --help |
- | --numeric-hosts don't resolve host names | + | -s, --since system up since |
- | --numeric-ports | + | -V, --version |
- | --numeric-users don't resolve user names | + | |
- | -N, --symbolic | + | For more details see uptime(1). |
- | -e, --extend | + | |
- | -p, --programs | + | [root@centos8 ~]# w --help |
- | -o, --timers | + | |
- | -c, --continuous | + | Usage: |
+ | w [options] | ||
+ | |||
+ | Options: | ||
+ | -h, --no-header | ||
+ | -u, --no-current | ||
+ | -s, --short short format | ||
+ | -f, --from show remote hostname field | ||
+ | -o, --old-style | ||
+ | -i, --ip-addr | ||
- | | + | --help display |
- | -a, --all display all sockets (default: connected) | + | -V, --version |
- | -F, --fib display Forwarding Information Base (default) | + | |
- | -C, --cache | + | |
- | -Z, --context | + | |
- | < | + | For more details see w(1). |
- | | + | |
- | < | + | |
- | List of possible address families | + | |
- | inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) | + | |
- | netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) | + | |
- | x25 (CCITT X.25) | + | |
</ | </ | ||
- | ====2.3 - traceroute==== | + | ====3.3 - La Commande iostat==== |
- | La commande ping est à la base de la commande **traceroute**. Cette commande sert à découvrir la route empruntée pour accéder à un site donné | + | La commande **iostat** affiche des statistiques sur l' |
< | < | ||
- | [root@centos8 ~]# traceroute www.ittraining.network | + | [root@centos8 ~]# iostat |
- | bash: traceroute: command not found... | + | bash: iostat: command not found... |
- | Install package 'traceroute' to provide command 'traceroute'? [N/y] y | + | Install package 'sysstat' to provide command 'iostat'? [N/y] y |
* Waiting in queue... | * Waiting in queue... | ||
The following packages have to be installed: | The following packages have to be installed: | ||
- | traceroute-3:2.1.0-6.el8.x86_64 | + | lm_sensors-libs-3.4.0-22.20180522git70f7e08.el8.x86_64 Lm_sensors core libraries |
+ | | ||
Proceed with changes? [N/y] y | Proceed with changes? [N/y] y | ||
Ligne 1109: | Ligne 2666: | ||
* Testing changes... | * Testing changes... | ||
* Installing packages... | * Installing packages... | ||
- | traceroute to www.ittraining.network (109.228.56.52), | + | Linux 4.18.0-305.3.1.el8.x86_64 |
- | | + | |
- | | + | avg-cpu: |
- | | + | |
- | 4 10.50.0.16 (10.50.0.16) | + | |
- | 5 10.73.248.192 (10.73.248.192) | + | Device |
- | | + | sda 0.28 7.67 1.49 |
- | 7 fra-fr5-sbb1-nc5.de.eu (213.251.128.113) | + | sdb 0.00 0.03 0.00 2995 0 |
- | | + | scd0 |
- | 9 decix.bb-a.fra3.fra.de.oneandone.net (80.81.192.123) | + | dm-0 0.26 7.25 1.55 |
- | 10 ae-14.bb-b.fr7.fra.de.oneandone.net (212.227.120.149) | + | dm-1 0.00 0.02 0.00 |
- | 11 port-channel-3.gw-ngcs-1.dc1.con.glo.gb.oneandone.net (88.208.255.131) | + | |
- | 12 109.228.63.209 (109.228.63.209) | + | |
- | 13 * 109.228.63.209 (109.228.63.209) | + | |
- | 14 * * * | + | |
- | 15 * * * | + | |
- | 16 * * * | + | |
- | 17 * * * | + | |
- | 18 * * * | + | |
- | 19 * * * | + | |
- | 20 * * * | + | |
- | 21 * * * | + | |
- | 22 * * * | + | |
- | 23 * * * | + | |
- | 24 * * * | + | |
- | 25 * * * | + | |
- | 26 * * * | + | |
- | 27 * * * | + | |
- | 28 * * * | + | |
- | 29 * * *^C | + | |
</ | </ | ||
- | ===Options | + | Au-dessous |
+ | |||
+ | * **%user** - Pourcentage de temps passé en mode utilisateur (exécutant des applications, | ||
+ | * **%nice** - Pourcentage de temps passé en mode utilisateur (pour les processus qui ont modifié leur priorité de programmation à l'aide de la commande nice) | ||
+ | * **%system** - Pourcentage de temps passé en mode noyau | ||
+ | * **%steal** - Pourcentage du temps passé par des CPU virtuels en attendant que l' | ||
+ | * **%iowait** - Pourcentage du temps passé à attendre les entrées et les sorties des disques. | ||
+ | * **%idle** - Pourcentage de temps passé en inactivité | ||
+ | |||
+ | Notez la valeur de **%iowait**. Dans le cas où ce pourcentage est trop élévé, ceci indique que le processeur passe son temps à attendre les entrées et les sorties de disque. | ||
+ | |||
+ | Au-dessous du rapport d' | ||
+ | |||
+ | * La spécification du périphérique. | ||
+ | * Le nombre de transferts (ou opérations d'E/S) par seconde. | ||
+ | * Le nombre de blocs de KB lus par seconde. | ||
+ | * Le nombre de blocs de KB écrits par seconde. | ||
+ | * Le nombre total de KB lus. | ||
+ | * Le nombre total de KB écrits. | ||
+ | |||
+ | Dernièrement, | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# iostat -d -x | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
+ | |||
+ | Device | ||
+ | sda 0.20 0.16 | ||
+ | sdb 0.00 0.00 0.02 0.00 | ||
+ | scd0 | ||
+ | dm-0 | ||
+ | dm-1 | ||
+ | </ | ||
Les options de cette commande sont : | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# traceroute | + | [root@centos8 ~]# iostat |
- | Usage: | + | Usage: |
- | traceroute | + | Options are: |
- | Options: | + | [ -c ] [ -d ] [ -h ] [ -k | -m ] [ -N ] [ -s ] [ -t ] [ -V ] [ -x ] [ -y ] [ -z ] |
- | | + | [ -j { ID | LABEL | PATH | UUID | ... } ] [ --human ] [ -o JSON ] |
- | -6 Use IPv6 | + | [ [ -H ] -g < |
- | -d --debug | + | [ <device> [...] | ALL ] |
- | -F --dont-fragment | + | </ |
- | -f first_ttl | + | |
- | Start from the first_ttl hop (instead from 1) | + | |
- | | + | |
- | Route packets through the specified gateway | + | |
- | (maximum 8 for IPv4 and 127 for IPv6) | + | |
- | -I --icmp | + | |
- | -T --tcp Use TCP SYN for tracerouting (default port is 80) | + | |
- | -i device | + | |
- | Specify a network interface to operate with | + | |
- | -m max_ttl | + | |
- | Set the max number of hops (max TTL to be | + | |
- | reached). Default is 30 | + | |
- | -N squeries | + | |
- | Set the number of probes to be tried | + | |
- | simultaneously (default is 16) | + | |
- | -n Do not resolve IP addresses to their domain names | + | |
- | -p port --port=port | + | |
- | initial udp port value for " | + | |
- | (incremented by each probe, default is 33434), or | + | |
- | initial seq for " | + | |
- | default from 1), or some constant destination | + | |
- | port for other methods (with default of 80 for | + | |
- | " | + | |
- | -t tos --tos=tos | + | |
- | traffic class) value for outgoing packets | + | |
- | -l flow_label | + | |
- | Use specified flow_label for IPv6 packets | + | |
- | -w MAX, | + | |
- | Wait for a probe no more than HERE (default 3) | + | |
- | times longer than a response from the same hop, | + | |
- | or no more than NEAR (default 10) times than some | + | |
- | next hop, or MAX (default 5.0) seconds (float | + | |
- | point values allowed too) | + | |
- | -q nqueries | + | |
- | Set the number of probes per each hop. Default is | + | |
- | 3 | + | |
- | -r Bypass the normal routing and send directly to a | + | |
- | host on an attached network | + | |
- | -s src_addr | + | |
- | Use source src_addr for outgoing packets | + | |
- | -z sendwait | + | |
- | Minimal time interval between probes (default 0). | + | |
- | If the value is more than 10, then it specifies a | + | |
- | number in milliseconds, | + | |
- | seconds (float point values allowed too) | + | |
- | -e --extensions | + | |
- | -A --as-path-lookups | + | |
- | print results directly after the corresponding | + | |
- | addresses | + | |
- | -M name --module=name | + | |
- | for traceroute operations. Most methods have | + | |
- | their shortcuts (`-I' means `-M icmp' etc.) | + | |
- | -O OPTS, | + | |
- | Use module-specific option OPTS for the | + | |
- | traceroute module. Several OPTS allowed, | + | |
- | separated by comma. If OPTS is " | + | |
- | about available options | + | |
- | --sport=num | + | |
- | `-N 1' | + | |
- | --fwmark=num | + | |
- | -U --udp Use UDP to particular port for tracerouting | + | |
- | (instead of increasing the port per each probe), | + | |
- | default port is 53 | + | |
- | -UL Use UDPLITE for tracerouting (default dest port | + | |
- | is 53) | + | |
- | -D --dccp | + | |
- | is 33434) | + | |
- | -P prot --protocol=prot | + | |
- | --mtu | + | |
- | `-F -N 1' | + | |
- | --back | + | |
- | print if it differs | + | |
- | -V --version | + | |
- | --help | + | |
- | Arguments: | + | ====3.4 - La Commande hdparm==== |
- | + | + | |
- | | + | Pour surveiller la vitesse des entrées et des sorties du disque, vous pouvez utiliser la commande **hdparm** |
- | | + | |
- | | + | < |
+ | [root@centos8 ~]# hdparm -t /dev/sda | ||
+ | |||
+ | /dev/sda: | ||
+ | | ||
</ | </ | ||
- | =====LAB #3 - Connexions à Distance===== | + | ====3.5 - La Commande vmstat==== |
- | ==== 3.1 - Telnet ==== | + | La commande **vmstat** affiche des statistiques sur la mémoire, la pagination et la charge ponctuelle du processeur : |
- | <WRAP center round important> | + | <code> |
- | **Important** | + | [root@centos8 ~]# vmstat 1 10 |
- | </WRAP> | + | procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu----- |
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | | ||
+ | </code> | ||
- | La commande **telnet** est utilisée pour établir une connexion | + | La première ligne subdivise le champ en six catégories |
- | < | + | Les champs relatifs aux processus sont les suivants : |
- | # telnet numero_ip | + | |
- | </ | + | |
- | <WRAP center round important 60%> | + | |
- | **Important** - Le service telnet revient à une redirection des canaux standards | + | |
- | </ | + | |
- | ===Options de la commande telnet=== | + | Les champs relatifs à la mémoire sont les suivants : |
+ | |||
+ | * swpd — La quantité de mémoire virtuelle utilisée | ||
+ | * free — La quantité de mémoire libre | ||
+ | * buff — La quantité de mémoire utilisée par les tampons (ou buffers) | ||
+ | * cache — La quantité de mémoire utilisée comme cache de pages | ||
+ | |||
+ | Les champs relatifs au swap sont les suivants : | ||
+ | |||
+ | * si — La quantité de mémoire chargée depuis le disque | ||
+ | * so — La quantité de mémoire déchargée sur le disque | ||
+ | |||
+ | Les champs relatifs aux Entrées/ | ||
+ | |||
+ | * bi — Blocs envoyés vers un périphérique blocs | ||
+ | * bo— Blocs reçus d'un périphérique blocs | ||
+ | |||
+ | Les champs relatifs au système sont les suivants : | ||
+ | |||
+ | * in — Nombre d' | ||
+ | * cs — Nombre de changements de contexte par seconde | ||
+ | |||
+ | Les champs relatifs au CPU sont les suivants : | ||
+ | |||
+ | * us — Le pourcentage de temps pendant lequel le CPU exécute un code de niveau utilisateur | ||
+ | * sy — Le pourcentage de temps pendant lequel le CPU exécute un code de niveau système | ||
+ | * id — Le pourcentage de temps pendant lequel le CPU était inoccupé | ||
+ | * wa — Attente d'E/S | ||
Les options de cette commande sont : | Les options de cette commande sont : | ||
< | < | ||
- | [[root@centos8 ~]# telnet | + | [root@centos8 ~]# vmstat |
- | telnet: invalid option -- ' | + | |
- | Usage: | + | Usage: |
- | | + | |
- | [host-name [port]] | + | |
+ | Options: | ||
+ | -a, --active | ||
+ | -f, --forks | ||
+ | -m, --slabs | ||
+ | -n, --one-header | ||
+ | -s, --stats | ||
+ | -d, --disk disk statistics | ||
+ | -D, --disk-sum | ||
+ | -p, --partition < | ||
+ | -S, --unit <char> define display unit | ||
+ | -w, --wide | ||
+ | -t, --timestamp | ||
+ | |||
+ | -h, --help | ||
+ | -V, --version | ||
+ | |||
+ | For more details see vmstat(8). | ||
</ | </ | ||
- | ==== 3.2 - wget ==== | + | <WRAP center round important 60%> |
+ | **Important** : Par défaut la commande vmstat affiche des informations depuis le démarrage du système. | ||
+ | </ | ||
+ | |||
+ | ====3.6 - La Commande mpstat==== | ||
- | La commande **wget** est utilisée pour récupérer un fichier via http, https ou ftp : | + | La commande **mpstat** affiche des statistiques détaillées sur le CPU : |
< | < | ||
- | [root@centos8 ~]# wget https://www.dropbox.com/ | + | [root@centos8 ~]# mpstat |
- | ... | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) |
- | [root@centos8 ~]# cat wget_file.txt | + | 04: |
- | This is a file retrieved by the wget command. | + | 04: |
</ | </ | ||
- | ===Options | + | Dans le cas où vous avez plusieurs processeurs ou coeurs, vous pouvez visualiser ces mêmes informations par unité |
+ | |||
+ | < | ||
+ | [root@centos8 ~]# mpstat -P ALL | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | </ | ||
+ | |||
+ | Pour afficher 5 jeux de statistiques à des intervales de 2 secondes pour tous les unités de traitement, il convient d' | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# mpstat -P ALL 2 5 | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | |||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | 04: | ||
+ | |||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | </ | ||
Les options de cette commande sont : | Les options de cette commande sont : | ||
< | < | ||
- | [root@centos8 ~]# wget --help | + | [root@centos8 ~]# mpstat |
- | GNU Wget 1.19.5, a non-interactive network retriever. | + | Usage: |
- | Usage: | + | Options are: |
+ | [ -A ] [ -n ] [ -u ] [ -V ] [ -I { SUM | CPU | SCPU | ALL } ] | ||
+ | [ -N { < | ||
+ | </ | ||
- | Mandatory arguments to long options are mandatory for short options too. | + | ====3.7 - La Commande sar==== |
- | Startup: | + | La commande **sar** (**S**ystem **A**ctivity **R**eporter) permet de surveiller toutes les ressources du système selon l'option qui est passée en argument à la commande. |
- | -V, --version | + | |
- | -h, --help | + | |
- | -b, --background | + | |
- | -e, --execute=COMMAND | + | |
- | Logging and input file: | + | Sous RHEL/CentOS 8 la commande **/ |
- | -o, --output-file=FILE | + | |
- | -a, --append-output=FILE | + | |
- | -d, --debug | + | |
- | -q, --quiet | + | |
- | -v, --verbose | + | |
- | -nv, --no-verbose | + | |
- | | + | |
- | -i, --input-file=FILE | + | |
- | | + | |
- | -F, --force-html | + | |
- | -B, --base=URL | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | Download: | + | < |
- | | + | [root@centos8 ~]# ls /usr/ |
- | | + | sa1 sa2 sadc |
- | | + | </code> |
- | -O, --output-document=FILE | + | |
- | -nc, --no-clobber | + | |
- | | + | |
- | | + | |
- | -c, --continue | + | |
- | | + | |
- | | + | |
- | | + | |
- | -N, --timestamping | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | the one on the server | + | |
- | -S, --server-response | + | |
- | | + | |
- | -T, --timeout=SECONDS | + | |
- | | + | |
- | | + | |
- | | + | |
- | -w, --wait=SECONDS | + | |
- | | + | |
- | | + | |
- | | + | |
- | -Q, --quota=NUMBER | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | one of IPv6, IPv4, or none | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | Directories: | + | Le script **/usr/ |
- | -nd, --no-directories | + | |
- | -x, --force-directories | + | |
- | -nH, --no-host-directories | + | |
- | | + | |
- | -P, --directory-prefix=PREFIX | + | |
- | | + | |
- | HTTP options: | + | ^ Option ^ Description ^ |
- | | + | | -t | L'intervalle entre les collectes | |
- | | + | | -n | Nombre de collectes | |
- | | + | |
- | | + | |
- | this is 'index.html' | + | |
- | -E, --adjust-extension | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | -U, --user-agent=AGENT | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | HTTPS (SSL/TLS) options: | + | Le script **/usr/lib64/sa/sa2** exécute la commande **sar** et consigne les informations dans un fichier au format **/var/ |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | of base64 encoded sha256 hashes preceded by | + | |
- | ' | + | |
- | peer against | + | |
- | | + | < |
- | Use with care. This option overrides --secure-protocol. | + | [root@centos8 ~]# ls /var/log/sa/ |
- | The format and syntax of this string depend on the specific SSL/TLS engine. | + | sa29 s |
- | HSTS options: | + | |
- | | + | |
- | --hsts-file | + | |
- | FTP options: | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | | ||
- | FTPS options: | + | ar29 |
- | --ftps-implicit | + | </code> |
- | | + | |
- | opening a data connection | + | Sous CentOS / RHEL 8, l' |
- | --ftps-clear-data-connection | + | |
- | --ftps-fallback-to-ftp | + | < |
- | WARC options: | + | [root@centos8 ~]# cat / |
- | | + | # / |
- | | + | # (C) 2014 Tomasz Torcz < |
- | --warc-max-size=NUMBER | + | # |
- | --warc-cdx | + | # sysstat-11.7.3 systemd unit file: |
- | | + | # Activates activity collector every 10 minutes |
- | --no-warc-compression | + | |
- | | + | |
- | | + | |
- | | + | |
- | WARC writer | + | |
- | Recursive download: | + | [Unit] |
- | | + | Description=Run system activity accounting tool every 10 minutes |
- | -l, --level=NUMBER | + | |
- | | + | |
- | -k, --convert-links | + | |
- | local files | + | |
- | | + | |
- | | + | |
- | -K, --backup-converted | + | |
- | -m, --mirror | + | |
- | -p, --page-requisites | + | |
- | | + | |
- | Recursive accept/ | + | [Timer] |
- | | + | OnCalendar=*:00/10 |
- | -R, --reject=LIST | + | |
- | | + | |
- | | + | |
- | | + | |
- | -D, --domains=LIST | + | |
- | | + | |
- | | + | |
- | | + | |
- | | + | |
- | -H, --span-hosts | + | |
- | -L, --relative | + | |
- | -I, --include-directories=LIST | + | |
- | | + | |
- | | + | |
- | -X, --exclude-directories=LIST | + | |
- | -np, --no-parent | + | |
- | Email bug reports, questions, discussions to < | + | [Install] |
- | and/or open issues at https:// | + | WantedBy=sysstat.service |
</ | </ | ||
- | ==== 3.3 - ftp ==== | + | La valeur de **OnCalendar** indique un collecte toutes les dix minutes. |
+ | |||
+ | Pour modifier l' | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# systemctl edit sysstat-collect.timer | ||
+ | [root@centos8 ~]# cat / | ||
+ | [Unit] | ||
+ | Description=Run system activity accounting tool every 2 minutes | ||
+ | |||
+ | [Timer] | ||
+ | OnCalendar= | ||
+ | OnCalendar=*:00/2 | ||
+ | AccuracySec=0 | ||
+ | </ | ||
<WRAP center round important 60%> | <WRAP center round important 60%> | ||
- | **Important** | + | **Important** |
</ | </ | ||
- | La commande **ftp** est utilisée pour le transfert de fichiers. Une fois connecté, il convient d' | + | Vérifiez ensuite |
< | < | ||
- | ftp> help | + | [root@centos8 ~]# systemctl status sysstat-collect.timer |
- | Commands may be abbreviated. | + | ● sysstat-collect.timer - Run system activity accounting tool every 2 minutes |
+ | | ||
+ | Drop-In: / | ||
+ | | ||
+ | | ||
+ | Trigger: Tue 2021-06-29 09:20:00 EDT; 1min 19s left | ||
- | ! debug mdir sendport site | + | Jun 29 06:16:04 centos8.ittraining.loc systemd[1]: Started Run system |
- | $ dir mget put size | + | |
- | account disconnect mkdir pwd status | + | |
- | append exit mls quit struct | + | |
- | ascii form mode quote system | + | |
- | bell get modtime recv sunique | + | |
- | binary glob mput reget tenex | + | |
- | bye hash newer rstatus tick | + | |
- | case help nmap rhelp trace | + | |
- | cd idle nlist rename type | + | |
- | cdup image ntrans reset user | + | |
- | chmod lcd open restart umask | + | |
- | close ls prompt rmdir verbose | + | |
- | cr macdef passive runique ? | + | |
- | delete mdelete proxy send | + | |
- | ftp> | + | |
</ | </ | ||
- | Le caractère **!** permet d' | + | < |
+ | [root@centos8 ~]# journalctl -g sysstat-collect.service | ||
+ | -- Logs begin at Mon 2021-06-28 02:04:10 EDT, end at Tue 2021-06-29 09:18:00 EDT. -- | ||
+ | Jun 29 06:20:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 06:26:29 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 06:30:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 06:40:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 06:50:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:00:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:10:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:20:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:30:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:40:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:50:33 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:53:56 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:54:00 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:56:00 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 07:58:00 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | Jun 29 08:00:00 centos8.ittraining.loc systemd[1]: sysstat-collect.service: | ||
+ | ... | ||
+ | </ | ||
+ | |||
+ | Saisissez | ||
< | < | ||
- | ftp> !pwd | + | [root@centos8 ~]# sar |
- | /root | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) |
+ | |||
+ | 06: | ||
+ | |||
+ | 06: | ||
+ | 06: | ||
+ | 06: | ||
+ | 06: | ||
+ | 06: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | Average: | ||
+ | |||
+ | 07: | ||
+ | |||
+ | 07: | ||
+ | 07: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 08: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | |||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | Average: | ||
</ | </ | ||
- | Pour transférer un fichier vers le serveur, il convient | + | ===Statistiques |
- | < | + | Visualisez maintenant les statistiques d' |
- | ftp> put nom_fichier_local nom_fichier_distant | + | |
- | </ | + | |
- | Vous pouvez également transférer plusieurs fichiers à la fois grâce à la commande **mput**. Dans ce cas précis, il convient de saisir la commande suivante: | + | < |
+ | [root@centos8 ~]# sar -u 5 3 | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
- | < | + | 09: |
- | ftp> mput nom*.* | + | 09: |
- | </file> | + | 09: |
+ | 09: | ||
+ | Average: | ||
+ | </code> | ||
- | Pour transférer un fichier du serveur, il convient d'utiliser la commande | + | D'avantage de statistiques peuvent être obtenues en utilisant l' |
- | <file> | + | <code> |
- | ftp> get nom_fichier | + | [root@centos8 ~]# sar -u ALL 5 3 |
- | </file> | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) |
- | Vous pouvez également transférer plusieurs fichiers à la fois grâce à la commande **mget** ( voir la commande **mput** ci-dessus ). | + | 01: |
+ | 01: | ||
+ | 01: | ||
+ | 01: | ||
+ | Average: | ||
+ | </ | ||
- | Pour supprimer | + | Pour consulter les statistiques d'un coeur spécifique, utilisez l'option |
- | <file> | + | <code> |
- | ftp> del nom_fichier | + | [root@centos8 ~]# sar -u -P 1 5 3 |
- | </file> | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) |
- | Pour fermer la session, il convient | + | 01: |
+ | 01: | ||
+ | 01: | ||
+ | 01: | ||
+ | Average: | ||
+ | [root@centos8 ~]# sar -u -P 5 5 3 | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
+ | |||
+ | 01: | ||
+ | 01: | ||
+ | 01: | ||
+ | 01: | ||
+ | Average: | ||
+ | </ | ||
+ | |||
+ | ===Statistiques | ||
+ | |||
+ | Utilisez l' | ||
< | < | ||
- | ftp> quit | + | [root@centos8 |
- | [root@centos7 | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) |
+ | |||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | Average: | ||
</ | </ | ||
- | ====3.4 | + | Utilisez l' |
- | ===Présentation=== | + | < |
+ | [root@centos8 ~]# sar -S 5 3 | ||
+ | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) | ||
- | La commande **[[wpfr> | + | 07: |
+ | 07: | ||
+ | 07:32:08 3358716 | ||
+ | 07: | ||
+ | Average: | ||
+ | </ | ||
- | * Le **serveur SSH** | + | ===Statistiques |
- | * le démon sshd, qui s' | + | |
- | * Le **client SSH** | + | |
- | * ssh ou scp, qui assure la connexion et le dialogue avec le serveur, | + | |
- | * La **session** qui représente la connexion courante et qui commence juste après l' | + | |
- | * Les **clefs** | + | |
- | * **Couple de clef utilisateur asymétriques** et persistantes qui assurent l' | + | |
- | * **Clef hôte asymétrique et persistante** garantissant l' | + | |
- | * **Clef serveur asymétrique et temporaire** utilisée par le protocole SSH1 qui sert au chiffrement de la clé de session, | + | |
- | * **Clef de session symétrique qui est générée aléatoirement** et qui permet le chiiffrement de la communication entre le client et le serveur. Elle est détruite en fin de session. SSH-1 utilise une seule clef tandis que SSH-2 utilise une clef par direction de la communication, | + | |
- | * La **base de données des hôtes connus** qui stocke les clés des connexions précédentes. | + | |
- | SSH fonctionne de la manière suivante pour la la mise en place d'un canal sécurisé: | + | Utilisez l'option **-b** pour visualiser les statistiques concernant les E/ |
- | * Le client contacte le serveur sur son port 22, | + | < |
- | * Les client et le serveur échangent leur version de SSH. En cas de non-compatibilité de versions, l'un des deux met fin au processus, | + | [root@centos8 ~]# sar -b 5 3 |
- | * Le serveur SSH s' | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) 29/ |
- | * Sa clé hôte, | + | |
- | * Sa clé serveur, | + | |
- | * Une séquence aléatoire de huit octets à inclure dans les futures réponses du client, | + | |
- | * Une liste de méthodes de chiffrage, compression et authentification, | + | |
- | * Le client et le serveur produisent un identifiant identique, un haché MD5 long de 128 bits contenant la clé hôte, la clé serveur et la séquence aléatoire, | + | |
- | * Le client génère sa clé de session symétrique et la chiffre deux fois de suite, une fois avec la clé hôte du serveur et la deuxième fois avec la clé serveur. Le client envoie cette clé au serveur accompagnée de la séquence aléatoire et un choix d' | + | |
- | * Le serveur déchiffre la clé de session, | + | |
- | * Le client et le serveur mettent en place le canal sécurisé. | + | |
- | ==SSH-1== | + | 09: |
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | Average: | ||
+ | </ | ||
- | SSH-1 utilise une paire de clefs de type RSA1. Il assure l' | + | ===Statistiques |
- | Afin de s'identifier, le client essaie chacune des six méthodes suivantes | + | Utilisez l'option **-d** pour visualiser les statistiques concernant les E/S par disque |
- | * **Kerberos**, | + | < |
- | * **Rhosts**, | + | [root@centos8 ~]# sar -d 5 3 |
- | * **%%RhostsRSA%%**, | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) 29/ |
- | * Par **clef asymétrique**, | + | |
- | * **TIS**, | + | |
- | * Par **mot de passe**. | + | |
- | ==SSH-2== | + | 09: |
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
- | SSH-2 utilise **DSA** ou **RSA**. Il assure l' | + | 09: |
+ | 09: | ||
+ | 09: | ||
+ | 09:25:55 dev11-0 | ||
+ | 09: | ||
+ | 09: | ||
- | | + | 09: |
- | * **SSH-AUTH** – Authentification Protocol, | + | 09: |
- | * **SSH-CONN** – Connection Protocol. | + | 09: |
+ | 09: | ||
+ | 09: | ||
+ | 09: | ||
- | SSH-2 diffère de SSH-1 essentiellement dans la phase authentification. | + | Average: |
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | </ | ||
- | Trois méthodes d'authentification | + | La colonne **DEV** indentifie les disques par leurs majeurs et mineurs. Pour voir les informations avec les noms des disques, ajoutez l'option **-p** |
- | * Par **clef asymétrique**, | + | < |
- | * Identique à SSH-1 sauf avec l' | + | [root@centos8 ~]# sar -p -d 5 3 |
- | * **%%RhostsRSA%%**, | + | Linux 4.18.0-305.3.1.el8.x86_64 (centos8.ittraining.loc) 30/ |
- | * Par **mot de passe**. | + | |
- | ==Options de la commande== | + | 07: |
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
- | Les options de cette commande sont : | + | 07: |
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | |||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | 07: | ||
+ | |||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | Average: | ||
+ | </ | ||
+ | |||
+ | Les options de la commande | ||
< | < | ||
- | [root@centos8 ~]# ssh --help | + | [root@centos8 ~]# sar --help |
- | unknown option -- - | + | Usage: sar [ options |
- | usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface] | + | Main options and reports (report name between square brackets): |
- | [-b bind_address] | + | |
- | [-E log_file] | + | -b I/O and transfer rate statistics |
- | | + | |
- | | + | -F [ MOUNT ] |
- | | + | Filesystems statistics |
- | [-w local_tun[:remote_tun]] destination | + | -H Hugepages utilization statistics |
+ | | ||
+ | | ||
+ | | ||
+ | Power management statistics | ||
+ | Keywords are: | ||
+ | CPU CPU instantaneous clock frequency | ||
+ | FAN Fans speed | ||
+ | FREQ CPU average clock frequency | ||
+ | IN Voltage inputs | ||
+ | TEMP Devices temperature | ||
+ | USB USB devices plugged into the system | ||
+ | | ||
+ | | ||
+ | Keywords are: | ||
+ | DEV | ||
+ | EDEV Network interfaces (errors) | ||
+ | NFS NFS client | ||
+ | NFSD NFS server | ||
+ | SOCK Sockets (v4) | ||
+ | IP IP traffic | ||
+ | EIP IP traffic | ||
+ | ICMP ICMP traffic | ||
+ | EICMP ICMP traffic | ||
+ | TCP TCP traffic | ||
+ | ETCP TCP traffic | ||
+ | UDP UDP traffic | ||
+ | SOCK6 | ||
+ | IP6 IP traffic | ||
+ | EIP6 IP traffic | ||
+ | ICMP6 ICMP traffic | ||
+ | EICMP6 | ||
+ | UDP6 UDP traffic | ||
+ | FC Fibre channel HBAs | ||
+ | SOFT Software-based network processing | ||
+ | -q Queue length and load average statistics | ||
+ | | ||
+ | | ||
+ | -S Swap space utilization statistics | ||
+ | | ||
+ | CPU utilization statistics | ||
+ | -v Kernel tables statistics | ||
+ | | ||
+ | -w Task creation and system switching statistics | ||
+ | -y TTY devices statistics | ||
</ | </ | ||
- | ===Authentification par mot de passe=== | + | =====Modules usb===== |
- | L'utilisateur fournit | + | L'**USB** (// |
- | Avantage: | + | ^ Version USB ^ Module ^ Nom Complet ^ |
- | * Aucune configuration de clef asymétrique n'est nécessaire. | + | | 1.0\1.1 |
+ | | | ||
+ | | 2.0 | **EHCI** | //Enhanced Host Controller Interface// | | ||
+ | | 3.0 | **XHCI** | // | ||
- | Inconvénients: | + | Le tableau suivant liste les modules courrament chargés en fonction du périphérique utilisé |
- | * L' | + | |
- | * Moins sécurisé qu'un système par clef asymétrique. | + | |
- | ===Authentification par clef asymétrique=== | + | ^ Module ^ Type de Périphérique ^ |
+ | | **usb_storage** | ||
+ | | **usbhid** | ||
+ | | **snd-usb-audio** | ||
+ | | **usbvidéo** | ||
+ | | **irda-usb** | ||
+ | | **usbnet** | ||
- | * Le **client** envoie au serveur une requête d' | + | Les modules peuvent être chargés |
- | * Le **serveur** recherche une correspondance pour ce module dans le fichier des clés autorisés **~/ | + | |
- | * Dans le cas où une correspondance n'est pas trouvée, le serveur met fin à la communication, | + | |
- | * Dans le cas contraire le serveur génère une chaîne aléatoire de 256 bits appelée | + | |
- | * Le **client** reçoit le challenge et le décrypte avec la partie privée de sa clé. Il combine le challenge avec l' | + | |
- | * Le **serveur** génère le même haché et le compare avec celui reçu du client. Si les deux hachés sont identiques, l' | + | |
- | ===Configuration | + | * INITrd, |
+ | * Le processus init (systemd), | ||
+ | * kmod, d'une manière dynamique et transparente lors du branchement du périphérique, | ||
+ | * udev, | ||
+ | * manuellement. | ||
- | La configuration du serveur s' | + | =====udev===== |
- | < | + | Depuis le noyau Linux 2.6 Linux est capable de détecter des périphériques branchés à chaud. Cette technologie s' |
- | [root@centos8 ~]# cat /etc/ssh/sshd_config | + | |
- | # | + | |
- | # This is the sshd server system-wide configuration file. See | + | * Udev, |
- | # sshd_config(5) for more information. | + | * HAL, |
+ | * Dbus. | ||
- | # This sshd was compiled with PATH=/ | + | Les rôles de chaque composant sont les suivants |
- | # The strategy used for options in the default sshd_config shipped with | + | * Udev se charge de créer et supprimer d'une manière dynamique les nœuds dans le répertoire **/dev**, |
- | # OpenSSH is to specify options with their default value where | + | * HAL obtient des informations à partir d'Udev et créé un fichier au format XML représentant le périphérique branché. Il informe ensuite Nautilus en utilisant le Dbus, |
- | # possible, but leave them commented. | + | * Dbus joue le rôle d'un bus système qui est utilisé pour la communication inter-processus. |
- | # default value. | + | |
- | # If you want to change the port on a SELinux system, you have to tell | + | Lors de démarrage de Linux, Udev joue un rôle important : |
- | # SELinux about this change. | + | |
- | # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER | + | * Au démarrage **tmpfs** est monté sur /dev, |
+ | * Udev copie les éventuels nœuds statiques de **/ | ||
+ | * le démon **udevd** collecte des données appelées **uevents** du noyau et cherche une règle correspondante dans le répertoire **/ | ||
+ | * Udev crée les nœuds et liens symboliques spécifiés dans la règle identifiée, | ||
+ | * Udev stocke les règles contenues dans **/ | ||
+ | * En cas de modification des ces règles, Udev met à jour la mémoire. | ||
+ | |||
+ | Udev repose sur le filesystem **sysfs** monté sur /sys qui permet de rendre les périphériques visibles à Udev dans l'// | ||
+ | |||
+ | Le fichier de configuration principal d'Udev est **/ | ||
+ | |||
+ | < | ||
+ | [root@centos8 ~]# cat / | ||
+ | # see udev.conf(5) for details | ||
# | # | ||
- | #Port 22 | + | # udevd is also started in the initrd. |
- | #AddressFamily any | + | # also want to rebuild the initrd, so that it will include the modified configuration. |
- | # | + | |
- | # | + | |
- | HostKey / | + | # |
- | HostKey / | + | </code> |
- | HostKey /etc/ssh/ssh_host_ed25519_key | + | |
- | # Ciphers and keying | + | Les fichiers de règles se trouvent dans **/ |
- | #RekeyLimit default none | + | |
- | # This system is following system-wide crypto policy. The changes to | + | < |
- | # crypto properties (Ciphers, MACs, ...) will not have any effect here. | + | [root@centos8 ~]# ls / |
- | # They will be overridden by command-line options passed to the server | + | 01-md-raid-creating.rules 70-uaccess.rules |
- | # on command line. | + | 10-dm.rules 70-wacom.rules |
- | # Please, check manual pages for update-crypto-policies(8) and sshd_config(5). | + | 11-dm-lvm.rules 71-biosdevname.rules |
+ | 11-dm-mpath.rules | ||
+ | 11-dm-parts.rules 71-prefixdevname.rules | ||
+ | 13-dm-disk.rules | ||
+ | 39-usbmuxd.rules | ||
+ | 40-elevator.rules | ||
+ | 40-libgphoto2.rules | ||
+ | 40-redhat.rules | ||
+ | 40-usb-blacklist.rules | ||
+ | 40-usb_modeswitch.rules | ||
+ | 50-udev-default.rules | ||
+ | 60-alias-kmsg.rules | ||
+ | 60-block.rules | ||
+ | 60-cdrom_id.rules | ||
+ | 60-drm.rules | ||
+ | 60-evdev.rules | ||
+ | 60-fido-id.rules | ||
+ | 60-input-id.rules | ||
+ | 60-libfprint-2-autosuspend.rules | ||
+ | 60-net.rules | ||
+ | 60-persistent-alsa.rules | ||
+ | 60-persistent-input.rules | ||
+ | 60-persistent-storage.rules | ||
+ | 60-persistent-storage-tape.rules | ||
+ | 60-persistent-v4l.rules | ||
+ | 60-raw.rules | ||
+ | 60-rdma-ndd.rules | ||
+ | 60-rdma-persistent-naming.rules | ||
+ | 60-sensor.rules | ||
+ | 60-serial.rules | ||
+ | 60-tpm-udev.rules | ||
+ | 61-gdm.rules | ||
+ | 61-gnome-bluetooth-rfkill.rules | ||
+ | 61-gnome-settings-daemon-rfkill.rules | ||
+ | 61-scsi-sg3_id.rules | ||
+ | 62-multipath.rules | ||
+ | 63-fc-wwpn-id.rules | ||
+ | 63-md-raid-arrays.rules | ||
+ | 63-scsi-sg3_symlink.rules | ||
+ | 64-btrfs.rules | ||
+ | 64-md-raid-assembly.rules | ||
+ | 65-libwacom.rules | ||
+ | 65-md-incremental.rules | ||
+ | 65-sane-backends.rules | ||
+ | 66-kpartx.rules | ||
+ | 68-del-part-nodes.rules | ||
+ | 69-btattach-bcm.rules | ||
+ | 69-cd-sensors.rules | ||
+ | 69-dm-lvm-metad.rules | ||
+ | 69-libmtp.rules | ||
+ | 69-md-clustered-confirm-device.rules | ||
+ | 70-hypervfcopy.rules | ||
+ | 70-hypervkvp.rules | ||
+ | 70-hypervvss.rules | ||
+ | 70-joystick.rules | ||
+ | 70-mouse.rules | ||
+ | 70-nvmf-autoconnect.rules | ||
+ | 70-power-switch.rules | ||
+ | 70-printers.rules | ||
+ | 70-spice-vdagentd.rules | ||
+ | 70-touchpad.rules | ||
+ | </ | ||
- | # Logging | + | <WRAP center round important 60%> |
- | # | + | **Important** : Il vous est possible d' |
- | SyslogFacility AUTHPRIV | + | </ |
- | #LogLevel INFO | + | |
- | # Authentication: | + | Comme indique le nom de chaque fichier, le contenu est composé de règles à l' |
- | # | + | < |
- | PermitRootLogin yes | + | [root@centos8 ~]# cat / |
- | # | + | # do not edit this file, it will be overwritten on update |
- | #MaxAuthTries 6 | + | |
- | #MaxSessions 10 | + | |
- | #PubkeyAuthentication yes | + | # run a command on remove events |
+ | ACTION==" | ||
+ | ACTION==" | ||
- | # The default is to check both .ssh/authorized_keys and .ssh/ | + | SUBSYSTEM==" |
- | # but this is overridden so installations will only check .ssh/ | + | |
- | AuthorizedKeysFile | + | |
- | #AuthorizedPrincipalsFile none | + | # select " |
+ | SUBSYSTEM==" | ||
+ | SUBSYSTEM==" | ||
- | # | + | SUBSYSTEM==" |
- | # | + | ENV{MODALIAS}!="", |
- | # For this to work you will also need host keys in / | + | ACTION!=" |
- | # | + | |
- | # Change to yes if you don't trust ~/ | + | |
- | # HostbasedAuthentication | + | |
- | # | + | |
- | # Don't read the user's ~/.rhosts and ~/.shosts files | + | |
- | # | + | |
- | # To disable tunneled clear text passwords, change to no here! | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | PasswordAuthentication yes | + | SUBSYSTEM==" |
+ | SUBSYSTEM==" | ||
+ | SUBSYSTEM==" | ||
+ | SUBSYSTEM==" | ||
+ | KERNEL==" | ||
- | # Change to no to disable s/key passwords | + | SUBSYSTEM==" |
- | # | + | |
- | ChallengeResponseAuthentication no | + | |
- | # Kerberos options | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | # | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | # GSSAPI options | + | SUBSYSTEM==" |
- | GSSAPIAuthentication yes | + | SUBSYSTEM==" |
- | GSSAPICleanupCredentials no | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | # | + | SUBSYSTEM==" |
- | # Set this to ' | + | SUBSYSTEM==" |
- | # and session processing. If this is enabled, PAM authentication will | + | SUBSYSTEM==" |
- | # be allowed through the ChallengeResponseAuthentication and | + | |
- | # PasswordAuthentication. | + | |
- | # PAM authentication via ChallengeResponseAuthentication may bypass | + | |
- | # the setting of "PermitRootLogin without-password". | + | |
- | # If you just want the PAM account and session checks to run without | + | |
- | # PAM authentication, then enable this but set PasswordAuthentication | + | |
- | # and ChallengeResponseAuthentication to ' | + | |
- | # WARNING: ' | + | |
- | # problems. | + | |
- | UsePAM yes | + | |
- | # | + | SUBSYSTEM==" |
- | # | + | |
- | # | + | --More-- |
- | X11Forwarding yes | + | </ |
- | # | + | |
- | # | + | |
- | #PermitTTY yes | + | |
- | # It is recommended to use pam_motd in / | + | Chaque règle prend la forme suivante : |
- | # as it is more configurable and versatile than the built-in version. | + | |
- | PrintMotd no | + | |
- | # | + | KEY, [KEY, ...] NAME [, SYMLINK] |
- | # | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | #UseDNS no | + | |
- | #PidFile / | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | # | + | |
- | # no default banner path | + | Chaque KEY est un champ au format **type=valeur** qui doit correspondre à un périphérique unique. La valeur de type peut prendre plusieurs formes : |
- | #Banner none | + | |
- | # Accept locale-related environment variables | + | ^ Type ^ Description ^ Exemples ^ |
- | AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | + | | BUS | Type de bus | usb, scsi, ide | |
- | AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | + | | KERNEL | Le nom par défault du périphérique donné par le noyau | hda, ttyUSB0, lp0 | |
- | AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | + | | SUBSYSTEM | Le nom noyau du sous-système, généralement identique à la valeur du BUS | usb, scsi | |
- | AcceptEnv XMODIFIERS | + | | DRIVER | Le nom du pilote qui contrôle le périphérique | usb-storage | |
+ | | ID | Le numéro du périphérique sur son bus | PCI bus id, USB id | | ||
+ | | PLACE | Ne concerne que les périphériques USB et donne la position topologique du périphérique sur son bus | S/O | | ||
+ | | SYSFS{filename} | Le nom du fichier dans /sys pour le périphérique. Ce fichier contient le fabricant, le label, le numéro de série et UUID du périphérique. La vérification de jusqu' | ||
+ | | PROGRAM | Ceci permet à Udev d' | ||
+ | | RESULT | Valeur à comparer au résultat de PROGRAM | S/O | | ||
- | # override default of no subsystems | + | NAME et SYMLINK sont utilisées pour stipuler ce que Udev doit faire avec le périphérique : |
- | Subsystem | + | |
- | # Example of overriding settings on a per-user basis | + | ^ Type ^ Description ^ Exemples ^ |
- | #Match User anoncvs | + | | NAME | Le nome du nœud dans /dev | S/O | |
- | # | + | | SYMLINK | Le ou les lien(s) symbolique(s) qui pointe(nt) vers le NAME | S/O | |
- | # | + | |
- | # | + | ====La commande udevadm==== |
- | # | + | |
- | </ | + | |
- | Pour ôter les lignes | + | Pour obtenir |
< | < | ||
- | [root@centos8 ~]# cd /tmp ; grep -E -v ' | + | [root@centos8 ~]# udevadm info --query=all -n /dev/sda |
- | [root@centos8 tmp]# cat sshd_config | + | P: /devices/ |
- | HostKey | + | N: sda |
- | HostKey | + | S: disk/by-id/ata-QEMU_HARDDISK_QM00005 |
- | HostKey | + | S: disk/by-id/ |
- | SyslogFacility AUTHPRIV | + | S: disk/by-id/scsi-1ATA_QEMU_HARDDISK_QM00005 |
- | PermitRootLogin yes | + | S: disk/by-id/ |
- | AuthorizedKeysFile | + | S: disk/by-path/pci-0000: |
- | PasswordAuthentication yes | + | E: DEVLINKS=/dev/ |
- | ChallengeResponseAuthentication no | + | E: DEVNAME=/ |
- | GSSAPIAuthentication yes | + | E: DEVPATH=/ |
- | GSSAPICleanupCredentials no | + | E: DEVTYPE=disk |
- | UsePAM yes | + | E: ID_ATA=1 |
- | X11Forwarding yes | + | E: ID_ATA_FEATURE_SET_SMART=1 |
- | PrintMotd no | + | E: ID_ATA_FEATURE_SET_SMART_ENABLED=1 |
- | AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | + | E: ID_ATA_SATA=1 |
- | AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | + | E: ID_ATA_WRITE_CACHE=1 |
- | AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | + | E: ID_ATA_WRITE_CACHE_ENABLED=1 |
- | AcceptEnv XMODIFIERS | + | E: ID_BUS=ata |
- | Subsystem | + | E: ID_MODEL=QEMU_HARDDISK |
+ | E: ID_MODEL_ENC=QEMU\x20HARDDISK\x20\x20\x20 | ||
+ | E: ID_PART_TABLE_TYPE=dos | ||
+ | E: ID_PART_TABLE_UUID=b39ec5c8 | ||
+ | E: ID_PATH=pci-0000: | ||
+ | E: ID_PATH_TAG=pci-0000_00_07_0-ata-1 | ||
+ | E: ID_REVISION=2.5+ | ||
+ | E: ID_SCSI=1 | ||
+ | E: ID_SCSI_INQUIRY=1 | ||
+ | E: ID_SERIAL=QEMU_HARDDISK_QM00005 | ||
+ | E: ID_SERIAL_SHORT=QM00005 | ||
+ | E: ID_TYPE=disk | ||
+ | E: ID_VENDOR=ATA | ||
+ | E: ID_VENDOR_ENC=ATA\x20\x20\x20\x20\x20 | ||
+ | E: MAJOR=8 | ||
+ | E: MINOR=0 | ||
+ | E: SCSI_IDENT_LUN_ATA=QEMU_HARDDISK_QM00005 | ||
+ | E: SCSI_IDENT_LUN_T10=ATA_QEMU_HARDDISK_QM00005 | ||
+ | E: SCSI_IDENT_LUN_VENDOR=QM00005 | ||
+ | E: SCSI_IDENT_SERIAL=QM00005 | ||
+ | E: SCSI_MODEL=QEMU_HARDDISK | ||
+ | E: SCSI_MODEL_ENC=QEMU\x20HARDDISK\x20\x20\x20 | ||
+ | E: SCSI_REVISION=2.5+ | ||
+ | E: SCSI_TPGS=0 | ||
+ | E: SCSI_TYPE=disk | ||
+ | E: SCSI_VENDOR=ATA | ||
+ | E: SCSI_VENDOR_ENC=ATA\x20\x20\x20\x20\x20 | ||
+ | E: SUBSYSTEM=block | ||
+ | E: TAGS=: | ||
+ | E: USEC_INITIALIZED=8735808 | ||
</ | </ | ||
- | Pour sécuriser le serveur ssh, ajoutez ou modifiez les directives suivantes : | + | ===Les options de la commande=== |
- | < | + | Les options de la commande udevadm sont : |
- | AllowGroups adm | + | |
- | Banner / | + | |
- | HostbasedAuthentication no | + | |
- | IgnoreRhosts yes | + | |
- | LoginGraceTime 60 | + | |
- | LogLevel INFO | + | |
- | PermitEmptyPasswords no | + | |
- | PermitRootLogin no | + | |
- | PrintLastLog yes | + | |
- | Protocol 2 | + | |
- | StrictModes yes | + | |
- | X11Forwarding no | + | |
- | </ | + | |
- | + | ||
- | Votre fichier ressemblera à celui-ci | + | |
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | [root@centos8 tmp]# cat sshd_config | + | udevadm |
- | AllowGroups adm | + | |
- | Banner /etc/issue.net | + | Send control commands or test the device manager. |
- | HostbasedAuthentication no | + | |
- | IgnoreRhosts yes | + | Commands: |
- | LoginGraceTime 60 | + | |
- | LogLevel INFO | + | |
- | PermitEmptyPasswords no | + | |
- | PermitRootLogin no | + | |
- | PrintLastLog yes | + | |
- | Protocol 2 | + | |
- | StrictModes yes | + | |
- | X11Forwarding no | + | |
- | HostKey / | + | [root@centos8 ~]# udevadm info --help |
- | HostKey / | + | udevadm info [OPTIONS] [DEVPATH|FILE] |
- | HostKey / | + | |
- | SyslogFacility AUTHPRIV | + | Query sysfs or the udev database. |
- | AuthorizedKeysFile | + | |
- | PasswordAuthentication yes | + | -h --help |
- | ChallengeResponseAuthentication no | + | -V --version |
- | GSSAPIAuthentication yes | + | -q --query=TYPE |
- | GSSAPICleanupCredentials no | + | name Name of device node |
- | UsePAM yes | + | symlink |
- | PrintMotd no | + | path sysfs device path |
- | AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES | + | property |
- | AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT | + | all All values |
- | AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE | + | -p --path=SYSPATH |
- | AcceptEnv XMODIFIERS | + | -n --name=NAME |
- | Subsystem | + | -r --root |
+ | -a --attribute-walk | ||
+ | of parent devices | ||
+ | -d --device-id-of-file=FILE Print major:minor of device containing this file | ||
+ | -x --export | ||
+ | -P --export-prefix | ||
+ | -e --export-db | ||
+ | -c --cleanup-db Clean up the udev database | ||
</ | </ | ||
- | Renommez le fichier | + | =====Système de fichiers /sys===== |
+ | |||
+ | Le système de fichiers virtuel | ||
+ | |||
+ | Saisissez la commande suivante | ||
< | < | ||
- | [root@centos8 | + | [root@centos8 |
+ | total 0 | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. | ||
+ | drwxr-xr-x. 153 root root 0 Jul 12 08:15 module | ||
+ | drwxr-xr-x. 2 root root 0 Jul 12 08:15 power | ||
</ | </ | ||
- | Copiez le fichier | + | Chaque répertoire contient des informations : |
+ | |||
+ | | ||
+ | | ||
+ | | ||
+ | * contient des informations sur les bus de données | ||
+ | * **class** | ||
+ | * contient des informations sur des classes de matériel | ||
+ | * **devices** | ||
+ | * contient des informations sur la position des périphériques sur les bus | ||
+ | * **firmware** | ||
+ | * contient, entre autre, des informations sur l' | ||
+ | * **module** | ||
+ | * contient des informations sur les modules du noyau | ||
+ | * **power** | ||
+ | * contient des informations sur la gestion de l' | ||
+ | * **fs** | ||
+ | * contient des informations sur les systèmes de fichiers | ||
+ | |||
+ | Pour illustrer ceci, saisissez la commande suivante | ||
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | cp: overwrite '/ | + | 2097152 |
</ | </ | ||
- | Redémarrez le service sshd : | + | Ce chiffre correspond aux nombre de secteurs. |
+ | |||
+ | =====LAB #4 - Limitation des ressources===== | ||
+ | |||
+ | ====4.1 - ulimit==== | ||
+ | |||
+ | Les ressources disponibles aux utilisateurs peuvent être limitées par l' | ||
+ | |||
+ | La commande **ulimit** gère deux types de limite, la limite //hard// en utilisant l' | ||
+ | |||
+ | La limite //soft// est la limite imposée à l' | ||
+ | |||
+ | L' | ||
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | [root@centos8 tmp]# systemctl status sshd | + | # / |
- | ● sshd.service - OpenSSH server daemon | + | # |
- | Loaded: loaded (/usr/lib/systemd/ | + | #This file sets the resource limits for the users logged in via PAM. |
- | Active: active (running) since Mon 2021-08-30 02:17:00 EDT; 11s ago | + | #It does not affect resource limits of the system services. |
- | Docs: man:sshd(8) | + | # |
- | man: | + | #Also note that configuration files in /etc/security/limits.d directory, |
- | Main PID: 1042039 | + | #which are read in alphabetical order, override the settings in this |
- | | + | #file in case the domain is the same or more specific. |
- | Memory: 1.1M | + | #That means for example that setting a limit for wildcard domain here |
- | CGroup: /system.slice/ | + | #can be overriden with a wildcard setting in a config file in the |
- | └─1042039 / | + | # |
+ | #with a user specific setting in the subdirectory. | ||
+ | # | ||
+ | #Each line describes a limit for a user in the form: | ||
+ | # | ||
+ | #< | ||
+ | # | ||
+ | #Where: | ||
+ | #< | ||
+ | # | ||
+ | # | ||
+ | # - the wildcard *, for default entry | ||
+ | # - the wildcard %, can be also used with %group syntax, | ||
+ | # for maxlogin limit | ||
+ | # | ||
+ | #< | ||
+ | # - " | ||
+ | # - " | ||
+ | # | ||
+ | #< | ||
+ | # - core - limits the core file size (KB) | ||
+ | # - data - max data size (KB) | ||
+ | # - fsize - maximum filesize | ||
+ | # - memlock - max locked-in-memory address space (KB) | ||
+ | # - nofile - max number of open file descriptors | ||
+ | # - rss - max resident set size (KB) | ||
+ | # - stack - max stack size (KB) | ||
+ | # - cpu - max CPU time (MIN) | ||
+ | # - nproc - max number of processes | ||
+ | # - as - address space limit (KB) | ||
+ | # - maxlogins - max number of logins for this user | ||
+ | # - maxsyslogins - max number of logins on the system | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # | ||
+ | # - nice - max nice priority allowed to raise to values: [-20, 19] | ||
+ | # - rtprio - max realtime priority | ||
+ | # | ||
+ | #<domain> < | ||
+ | # | ||
- | Aug 30 02:17:00 centos8.ittraining.loc systemd[1]: Starting OpenSSH server daemon... | + | #* |
- | Aug 30 02:17:00 centos8.ittraining.loc sshd[1042039]: Server listening on 0.0.0.0 port 22. | + | #* |
- | Aug 30 02:17:00 centos8.ittraining.loc sshd[1042039]: | + | # |
- | Aug 30 02:17:00 centos8.ittraining.loc systemd[1]: Started OpenSSH server daemon. | + | # |
- | [q] | + | # |
- | </code> | + | #ftp |
+ | # | ||
+ | |||
+ | # End of file | ||
+ | </ | ||
+ | |||
+ | <WRAP center round important 60%> | ||
+ | **Important** | ||
+ | </ | ||
+ | |||
+ | Par exemple, si root inscrit les deux ligne suivantes dans le fichier / | ||
+ | |||
+ | < | ||
+ | ... | ||
+ | trainee | ||
+ | trainee | ||
+ | ... | ||
+ | </file> | ||
- | Mettez l' | + | la limite du nombre de fichiers ouverts simultanément par trainee |
< | < | ||
- | [root@centos8 tmp]# groups trainee | + | $ ulimit |
- | trainee : trainee | + | |
- | [root@centos8 tmp]# usermod | + | |
- | [root@centos8 tmp]# groups trainee | + | |
- | trainee : trainee adm | + | |
</ | </ | ||
- | Pour générer les clefs du serveur, saisissez | + | Pour consulter la liste des limites actuelles, il convient d' |
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | Generating public/ | + | core file size |
- | Enter file in which to save the key (/ | + | data seg size (kbytes, -d) unlimited |
- | Enter passphrase | + | scheduling priority |
- | Enter same passphrase again: | + | file size |
- | Your identification has been saved in / | + | pending signals |
- | Your public key has been saved in / | + | max locked memory |
- | The key fingerprint is: | + | max memory size |
- | SHA256: | + | open files (-n) 1024 |
- | The key's randomart image is: | + | pipe size (512 bytes, -p) 8 |
- | +---[DSA | + | POSIX message queues |
- | | | | + | real-time priority |
- | | . | | + | stack size (kbytes, |
- | |.o . o.+ | | + | cpu time |
- | |E. o.*.. . | + | max user processes |
- | |+ooo.o +S o o | | + | virtual memory |
- | |X==++ o o o | | + | file locks (-x) unlimited |
- | |B/ | + | </ |
- | |Ooo++ | + | |
- | |. .o | | + | ====Options de la commande==== |
- | +----[SHA256]-----+ | + | |
- | </ | + | |
- | De la même façon, il est possible | + | Les options |
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | Generating public/ | + | ulimit: ulimit [-SHabcdefiklmnpqrstuvxPT] [limit] |
- | Enter file in which to save the key (/ | + | |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | Provides control over the resources available |
- | Your identification has been saved in / | + | it creates, on systems that allow such control. |
- | Your public key has been saved in / | + | |
- | The key fingerprint is: | + | |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +---[RSA 3072]----+ | + | -a all current limits are reported |
- | | | + | |
- | | o oo o=+ . | | + | |
- | |.. oo=+=o . + | | + | |
- | |oo .+E++.+ = * | | + | |
- | |o.. +.S B * . | | + | |
- | |. B + = | | + | |
- | | = | | + | |
- | | | + | |
- | | . | | + | |
- | +----[SHA256]-----+ | + | |
- | [root@centos8 tmp]# ssh-keygen | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/ | + | -r the maximum real-time scheduling priority |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | -t the maximum amount of cpu time in seconds |
- | Your identification has been saved in / | + | |
- | Your public key has been saved in / | + | |
- | The key fingerprint is: | + | -x the maximum number of file locks |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +---[ECDSA 256]---+ | + | |
- | |++*=+ | + | |
- | |oX.=o+ o o | | + | |
- | |o %.B + + | | + | |
- | |...O.= o | + | |
- | |..E.o . S o | | + | |
- | |. . o = | | + | |
- | | | + | no option |
- | | . ... o | | + | |
- | | ..ooo.. | + | |
- | +----[SHA256]-----+ | + | |
- | [root@centos8 tmp]# ssh-keygen -t ed25519 | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/root/.ssh/ | + | Exit Status: |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | |
- | Your identification has been saved in / | + | |
- | Your public key has been saved in / | + | |
- | The key fingerprint | + | |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +--[ED25519 256]--+ | + | |
- | | | + | |
- | | . .. . o| | + | |
- | | . . . +.| | + | |
- | | o . oB ..o.=| | + | |
- | | o o S*+=o* *+| | + | |
- | | . . .o.*o*.+.B| | + | |
- | | . o o +o++| | + | |
- | | o =o| | + | |
- | | . o| | + | |
- | +----[SHA256]-----+ | + | |
</ | </ | ||
- | Les clefs publiques générées possèdent | + | ====4.2 - Groupes de Contrôle==== |
+ | |||
+ | Les **Groupes de Contrôles** (//Control Groups//) aussi appelés **CGroups**, | ||
+ | |||
+ | Les groupes de contrôle sont organisés de manière hiérarchique, | ||
+ | |||
+ | Ces hiérarchies multiples et séparés sont necéssaires parce que chaque hiérarchie est attaché à un ou plusieurs **sous-système(s)** aussi appelés des **Contrôleurs de Ressources** ou simplement des **Contrôleurs**. Les contrôleurs disponibles sous RHEl/CentOS 7 sont : | ||
+ | |||
+ | * **blkio** - utilisé pour établir des limites sur l'accès des entrées/ | ||
+ | * **cpu** - utilisé pour fournir aux tâches des groupes de contrôle accès au CPU grâce au planificateur, | ||
+ | * **cpuacct** - utilisé pour produire des rapports automatiques sur les ressources CPU utilisées par les tâches dans un groupe de contrôle, | ||
+ | * **cpuset** - utilisé pour assigner des CPU individuels sur un système multicoeur et des noeuds de mémoire à des tâches dans un groupe de contrôle, | ||
+ | * **devices** - utilisé pour autoriser ou pour refuser l' | ||
+ | * **freezer** - utilisé pour suspendre ou pour réactiver les tâches dans un groupe de contrôle, | ||
+ | * **memory** - utilisé pour établir les limites | ||
+ | * **net_cls** - utilisé pour repèrer les paquets réseau avec un identifiant de classe (// | ||
+ | * **perf_event** | ||
+ | * **hugetlb** - utilisé pour limiter des ressources sur des pages de mémoire virtuelle de grande taille. | ||
+ | |||
+ | Pour visualiser les hiérarchies, | ||
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | moduli | + | bash: lssubsys: command not found... |
- | ssh_config | + | Install package ' |
+ | |||
+ | |||
+ | * Waiting in queue... | ||
+ | The following packages have to be installed: | ||
+ | | ||
+ | | ||
+ | Proceed with changes? [N/y] y | ||
+ | |||
+ | |||
+ | * Waiting in queue... | ||
+ | * Waiting for authentication... | ||
+ | * Waiting in queue... | ||
+ | * Downloading packages... | ||
+ | * Requesting data... | ||
+ | * Testing changes... | ||
+ | * Installing packages... | ||
+ | cpuset / | ||
+ | cpu,cpuacct / | ||
+ | blkio / | ||
+ | memory / | ||
+ | devices / | ||
+ | freezer / | ||
+ | net_cls, | ||
+ | perf_event / | ||
+ | hugetlb / | ||
+ | pids / | ||
+ | rdma / | ||
</ | </ | ||
- | Re-démarrez ensuite | + | < |
+ | [root@centos8 ~]# lssubsys | ||
+ | cpuset / | ||
+ | cpu,cpuacct / | ||
+ | blkio / | ||
+ | memory / | ||
+ | devices / | ||
+ | freezer / | ||
+ | net_cls, | ||
+ | perf_event / | ||
+ | hugetlb / | ||
+ | pids / | ||
+ | rdma / | ||
+ | </ | ||
+ | |||
+ | Sous RHEL/CentOS 8, **Systemd** organise les processus dans chaque CGroup. Par exemple tous les processus démarrés par le serveur Apache se trouveront dans le même CGroup, y compris les scripts CGI. Ceci implique que la gestion des ressources en utilisant des hiérarchies est couplé avec l' | ||
+ | |||
+ | En haut de l' | ||
+ | |||
+ | * le **system.slice** - l' | ||
+ | * le **user.slice** - l' | ||
+ | * le **machine.slice** - l' | ||
+ | |||
+ | En dessous des tranches peuvent se trouver : | ||
+ | |||
+ | * des **scopes** - des processus crées par **fork**, | ||
+ | * des **services** - des processus créés par une **Unité**. | ||
+ | |||
+ | Les slices peuvent être visualisés avec la commande suivante | ||
< | < | ||
- | [root@centos8 | + | [root@centos8 |
- | [root@centos8 tmp]# systemctl status sshd.service | + | UNIT LOAD |
- | ● sshd.service | + | -.slice |
- | Loaded: | + | machine.slice |
- | Active: | + | system-getty.slice loaded active active system-getty.slice |
- | Docs: man:sshd(8) | + | system-lvm2\x2dpvscan.slice |
- | | + | system-sshd\x2dkeygen.slice |
- | Main PID: 1042204 (sshd) | + | system-systemd\x2dfsck.slice |
- | Tasks: 1 (limit: 23535) | + | system-systemd\x2dhibernate\x2dresume.slice loaded active active system-systemd\x2dhibernate\x2dresume.slice |
- | | + | system-user\x2druntime\x2ddir.slice |
- | CGroup: /system.slice/sshd.service | + | system-vncserver.slice |
- | └─1042204 / | + | system.slice |
+ | user-1000.slice | ||
+ | user-42.slice | ||
+ | user.slice | ||
- | Aug 30 02:24:57 centos8.ittraining.loc systemd[1]: Starting OpenSSH server | + | LOAD = Reflects whether the unit definition was properly loaded. |
- | Aug 30 02:24:57 centos8.ittraining.loc sshd[1042204]: Server listening on 0.0.0.0 port 22. | + | ACTIVE = The high-level unit activation state, i.e. generalization of SUB. |
- | Aug 30 02:24:57 centos8.ittraining.loc sshd[1042204]: | + | SUB = The low-level unit activation state, values depend on unit type. |
- | Aug 30 02:24:57 centos8.ittraining.loc systemd[1]: Started OpenSSH | + | |
- | [q] | + | 13 loaded units listed. Pass --all to see loaded but inactive units, too. |
+ | To show all installed unit files use ' | ||
+ | </ | ||
+ | |||
+ | L' | ||
+ | |||
+ | < | ||
+ | [root@centos8 | ||
+ | Control group /: | ||
+ | -.slice | ||
+ | ├─user.slice | ||
+ | │ ├─user-42.slice | ||
+ | │ │ ├─session-c1.scope | ||
+ | │ │ │ ├─1317 gdm-session-worker | ||
+ | │ │ │ ├─1459 / | ||
+ | │ │ │ ├─1856 / | ||
+ | │ │ │ ├─1882 / | ||
+ | │ │ │ ├─2059 / | ||
+ | │ │ │ ├─2132 ibus-daemon | ||
+ | │ │ │ ├─2135 / | ||
+ | │ │ │ ├─2138 / | ||
+ | │ │ │ ├─2251 / | ||
+ | │ │ │ ├─2261 / | ||
+ | │ │ │ ├─2268 / | ||
+ | │ │ │ ├─2271 / | ||
+ | │ │ │ ├─2272 / | ||
+ | │ │ │ ├─2273 / | ||
+ | │ │ │ ├─2274 / | ||
+ | │ │ │ ├─2275 / | ||
+ | │ │ │ ├─2280 / | ||
+ | │ │ │ ├─2281 / | ||
+ | │ │ │ ├─2283 / | ||
+ | │ │ │ ├─2284 / | ||
+ | │ │ │ ├─2285 / | ||
+ | │ │ │ ├─2290 / | ||
+ | │ │ │ ├─2321 / | ||
+ | │ │ │ ├─2328 / | ||
+ | │ │ │ ├─2333 / | ||
+ | │ │ │ └─2432 / | ||
+ | │ │ └─user@42.service | ||
+ | │ │ | ||
+ | │ │ │ └─2170 / | ||
+ | │ │ | ||
+ | │ │ │ └─1455 / | ||
+ | │ │ | ||
+ | │ │ │ ├─1357 / | ||
+ | │ │ │ └─1377 (sd-pam) | ||
+ | │ │ | ||
+ | │ │ │ ├─2090 / | ||
+ | │ │ │ ├─2095 / | ||
+ | │ │ │ └─2098 / | ||
+ | │ │ | ||
+ | │ │ | ||
+ | │ │ | ||
+ | │ └─user-1000.slice | ||
+ | │ | ||
+ | │ │ ├─gvfs-goa-volume-monitor.service | ||
+ | │ │ │ └─2369 / | ||
+ | │ │ ├─xdg-permission-store.service | ||
+ | │ │ │ └─2191 / | ||
+ | │ │ ├─tracker-store.service | ||
+ | │ │ │ └─2653 / | ||
+ | │ │ ├─evolution-calendar-factory.service | ||
+ | │ │ │ ├─2605 / | ||
+ | │ │ │ └─2706 / | ||
+ | │ │ ├─pulseaudio.service | ||
+ | │ │ │ └─1456 / | ||
+ | │ │ ├─gvfs-daemon.service | ||
+ | │ │ │ ├─1896 / | ||
+ | │ │ │ └─1901 / | ||
+ | │ │ ├─evolution-source-registry.service | ||
+ | │ │ │ └─2206 / | ||
+ | │ │ ├─gvfs-udisks2-volume-monitor.service | ||
+ | │ │ │ └─2243 / | ||
+ | │ │ ├─init.scope | ||
+ | │ │ │ ├─1239 / | ||
+ | │ │ │ └─1318 (sd-pam) | ||
+ | │ │ ├─gvfs-gphoto2-volume-monitor.service | ||
+ | │ │ │ └─2269 / | ||
+ | │ │ ├─at-spi-dbus-bus.service | ||
+ | │ │ │ ├─1964 / | ||
+ | │ │ │ ├─1969 / | ||
+ | │ │ │ └─1972 / | ||
+ | │ │ ├─dbus.service | ||
+ | │ │ │ ├─1786 / | ||
+ | │ │ │ ├─2183 / | ||
+ | │ │ │ ├─2201 / | ||
+ | │ │ │ ├─2225 / | ||
+ | │ │ │ ├─2397 / | ||
+ | │ │ │ └─2721 / | ||
+ | │ │ ├─evolution-addressbook-factory.service | ||
+ | │ │ │ ├─2727 / | ||
+ | │ │ │ └─2771 / | ||
+ | │ │ ├─gvfs-mtp-volume-monitor.service | ||
+ | lines 44-86 | ||
</ | </ | ||
- | ===Configuration du Client=== | + | En utilisant Systemd, plusieurs ressources peuvent être limitées : |
- | Saisissez maintenant les commandes suivantes | + | * **CPUShares** - par défault 1024, |
+ | * **MemoryLimit** - limite exprimée | ||
+ | * **BlockIOWeight** - valeur entre 10 et 1000. Pas de valeur par défaut, | ||
+ | * **StartupCPUShares** - comme CPUShares mais uniquement appliqué pendant le démarrage, | ||
+ | * **StartupBlockIOWeight** - comme BlockIOWeight mais uniquement appliqué pendant le démarrage, | ||
+ | * **CPUQuota** - utilisé pour limiter le temps CPU, même quand le système ne fait rien. | ||
<WRAP center round important 60%> | <WRAP center round important 60%> | ||
- | **Important** - Lors de la génération des clefs, la passphrase doit être **vide**. | + | **Important** |
</ | </ | ||
- | < | + | ===Limitation de la Mémoire=== |
- | [root@centos8 tmp]# exit | + | |
- | logout | + | |
- | [trainee@centos8 ~]$ ssh-keygen -t dsa | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/ | + | |
- | Created directory '/ | + | |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | |
- | Your identification has been saved in / | + | |
- | Your public key has been saved in / | + | |
- | The key fingerprint is: | + | |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +---[DSA 1024]----+ | + | |
- | | | + | |
- | | o +o=o oo=| | + | |
- | | . +.+oB+ | | + | |
- | | o o.& | + | |
- | | S o o.*.o| | + | |
- | | o o o.| | + | |
- | | . + + | | + | |
- | | + . o | | + | |
- | | E .| | + | |
- | +----[SHA256]-----+ | + | |
- | [trainee@centos8 ~]$ ssh-keygen -t rsa | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/ | + | Commencez par créer le script **hello-world.sh** qui servira à générer un processus pour travailler avec les CGroups : |
- | Enter same passphrase again: | + | |
- | Your identification has been saved in / | + | < |
- | Your public key has been saved in / | + | [root@centos8 ~]# vi hello-world.sh |
- | The key fingerprint is: | + | [root@centos8 ~]# cat hello-world.sh |
- | SHA256: | + | #!/bin/bash |
- | The key's randomart image is: | + | while [ 1 ]; do |
- | +---[RSA 3072]----+ | + | |
- | |o+o++oo | + | |
- | |=+o.oo . .=B . | | + | done |
- | |=. ..o o+... | | + | |
- | |. =.o o.. . | | + | |
- | | oS= = o | | + | |
- | | .. = = | | + | |
- | | | + | |
- | | +...E | | + | |
- | | . o+... | | + | |
- | +----[SHA256]-----+ | + | |
- | [trainee@centos8 ~]$ ssh-keygen -t ecdsa | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/ | + | |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | |
- | Your identification has been saved in / | + | |
- | Your public key has been saved in / | + | |
- | The key fingerprint is: | + | |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +---[ECDSA 256]---+ | + | |
- | |o.. | | + | |
- | |.oo | | + | |
- | |.*o . . | | + | |
- | |+.++ B | | + | |
- | |+o =B + S | | + | |
- | |=*oo.* = | | + | |
- | |B.* o O . | | + | |
- | |.= = = o.. | | + | |
- | |. E o oo+. | | + | |
- | +----[SHA256]-----+ | + | |
- | [trainee@centos8 ~]$ ssh-keygen -t ed25519 | + | |
- | Generating public/ | + | |
- | Enter file in which to save the key (/home/trainee/ | + | |
- | Enter passphrase (empty for no passphrase): | + | |
- | Enter same passphrase again: | + | |
- | Your identification has been saved in / | + | |
- | Your public key has been saved in / | + | |
- | The key fingerprint is: | + | |
- | SHA256: | + | |
- | The key's randomart image is: | + | |
- | +--[ED25519 256]--+ | + | |
- | | | + | |
- | | o==O+Boo | | + | |
- | | o ooE.O. | | + | |
- | | | + | |
- | | S + ...| | + | |
- | | | + | |
- | | . + o.o| | + | |
- | | + +.oo| | + | |
- | | o..o.| | + | |
- | +----[SHA256]-----+ | + | |
</ | </ | ||
- | Les clés générées seront placées dans le répertoire **~/ | + | Rendez le script exécutable et testez-le : |
< | < | ||
- | [trainee@centos8 ~]$ ls .ssh | + | [root@centos8 ~]# chmod u+x hello-world.sh |
- | id_dsa | + | [root@centos8 ~]# ./ |
+ | hello world | ||
+ | ^C | ||
</ | </ | ||
- | ===Tunnels SSH=== | + | Créez maintenant un CGroup dans le sous-système **memory** appelé **helloworld** : |
- | Le protocole SSH peut être utilisé pour sécuriser les protocoles tels telnet, pop3 etc.. En effet, on peut créer un //tunnel// SSH dans lequel passe les communications du protocole non-sécurisé. | + | < |
+ | [root@centos8 ~]# mkdir /sys/fs/cgroup/memory/ | ||
+ | </ | ||
- | La commande pour créer un tunnel ssh prend la forme suivante | + | Par défaut, ce CGroup héritera de l' |
- | ssh -N -f compte@hôte -Lport-local: | + | < |
+ | [root@centos8 ~]# echo 40000000 > / | ||
+ | [root@centos8 ~]# cat / | ||
+ | 39997440 | ||
+ | </ | ||
- | Dans votre cas, vous allez créer | + | <WRAP center round important 60%> |
+ | **Important** - Notez que les 40 000 000 demandés sont devenus 39 997 440 ce qui correspond à un nombre entier de pages mémoire du noyau de 4Ko. ( 39 997 440 / 4096 = 9 765 ). | ||
+ | </ | ||
+ | |||
+ | Lancez maintenant | ||
< | < | ||
- | [root@centos8 ~]# ssh -N -f trainee@localhost | + | [root@centos8 ~]# ./hello-world.sh & |
- | \S | + | [1] 35148 |
- | Kernel \r on an \m | + | |
- | trainee@localhost' | + | [root@centos8 ~]# hello world |
+ | [Entrée] | ||
+ | |||
+ | [root@centos8 ~]# ps aux | grep hello-world | ||
+ | root | ||
+ | root | ||
</ | </ | ||
- | Installez maintenant le serveur telnet | + | Notez qu'il n'y a pas de limite de la mémoire, ce qui implique l' |
< | < | ||
- | [root@centos8 ~]# dnf install telnet-server | + | [root@centos8 ~]# ps -ww -o cgroup 35148 |
+ | CGROUP | ||
+ | 12: | ||
</ | </ | ||
- | Telnet n'est ni démarré ni activé. Il convient donc de le démarrer et de l' | + | Insérer |
< | < | ||
- | [root@centos8 ~]# systemctl status telnet.socket | + | [root@centos8 ~]# echo 35148 > /sys/fs/cgroup/memory/helloworld/ |
- | ● telnet.socket - Telnet Server Activation Socket | + | </ |
- | | + | |
- | Active: inactive (dead) | + | |
- | Docs: man: | + | |
- | | + | |
- | | + | |
- | + | ||
- | [root@centos8 ~]# systemctl start telnet.socket | + | |
- | [root@centos8 ~]# systemctl status telnet.socket | + | Notez maintenant l' |
- | ● telnet.socket | + | |
- | | + | |
- | | + | |
- | Docs: man: | + | |
- | | + | |
- | | + | |
- | | + | |
- | Aug 30 02:44:01 centos8.ittraining.loc systemd[1]: Listening on Telnet Server Activation Socket. | + | < |
- | + | [root@centos8 ~]# ps -ww -o cgroup 35148 | |
- | [root@centos8 ~]# systemctl enable telnet.socket | + | CGROUP |
- | Created symlink | + | 12:memory:/helloworld, |
</ | </ | ||
- | Connectez-vous | + | Constatez |
< | < | ||
- | [root@centos8 ~]# telnet localhost 15023 | + | [root@centos8 ~]# cat / |
- | Trying ::1... | + | 274432 |
- | Connected to localhost. | + | </ |
- | Escape character is ' | + | |
- | Kernel 4.18.0-305.7.1.el8.i2tch.x86_64 on an x86_64 | + | Tuez le script **hello-world.sh** : |
- | centos8 login: trainee | + | |
- | Password: | + | < |
- | Last login: Mon Aug 30 02:37:00 from ::1 | + | [root@centos8 ~]# kill 35148 |
- | [trainee@centos8 ~]$ whoami | + | [root@centos8 ~]# ps aux | grep hello-world |
- | trainee | + | root |
- | [trainee@centos8 ~]$ pwd | + | [1]+ Terminated |
- | /home/trainee | + | |
</ | </ | ||
- | <WRAP center round important 60%> | + | Créez un second CGroup beaucoup plus restrictif : |
- | **Important** - Notez bien que votre communication telnet passe par le tunnel SSH. | + | |
- | </ | + | |
- | ====3.5 - SCP==== | + | < |
+ | [root@centos8 ~]# mkdir / | ||
+ | [root@centos8 ~]# echo 6000 > / | ||
+ | [root@centos8 ~]# cat / | ||
+ | 4096 | ||
+ | </ | ||
- | ===Présentation=== | + | Relancez le script **hello-world.sh** et insérez-le dans le nouveau CGroup : |
- | La commande **scp** est le successeur et la remplaçante de la commande **rcp** de la famille des commandes **remote**. Il permet de faire des transferts sécurisés à partir d'une machine distante : | + | < |
+ | [root@centos8 ~]# ./ | ||
+ | [1] 35389 | ||
- | $ scp compte@numero_ip(nom_de_machine):/ | + | [root@centos8 ~]# hello world |
+ | [Entrée] | ||
- | ou vers une machine distante : | + | [root@centos8 ~]# echo 35389 > / |
+ | </ | ||
- | $ scp / | + | Attendez la prochaine sortie de **hello world** sur le canal standard puis constatez que le script s' |
- | ===Utilisation=== | + | < |
+ | [root@centos8 ~]# hello world | ||
+ | [Entrée] | ||
+ | [1]+ Killed | ||
+ | </ | ||
- | Nous allons maintenant utiliser **scp** pour chercher un fichier sur le << | + | ===La Commande cgcreate=== |
- | Créez le fichier **/ | + | Cette commande permet la création d'un CGroup |
< | < | ||
- | [trainee@centos8 ~]$ touch scp-test | + | [root@centos8 ~]# cgcreate |
- | [trainee@centos8 ~]$ exit | + | [root@centos8 ~]# ls -l / |
- | logout | + | total 0 |
- | Connection closed by foreign host. | + | -rw-rw-r--. 1 root root 0 Jul 13 10:39 cgroup.clone_children |
- | [root@centos8 ~]# | + | --w--w----. 1 root root 0 Jul 13 10:39 cgroup.event_control |
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 cgroup.procs | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.failcnt | ||
+ | --w--w----. 1 root root 0 Jul 13 10:39 memory.force_empty | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.kmem.slabinfo | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.tcp.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.tcp.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.kmem.tcp.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.kmem.tcp.usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.kmem.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.max_usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.memsw.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.memsw.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.memsw.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.memsw.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.move_charge_at_immigrate | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.numa_stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.oom_control | ||
+ | ----------. 1 root root 0 Jul 13 10:39 memory.pressure_level | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.soft_limit_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.swappiness | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:39 memory.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 memory.use_hierarchy | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 notify_on_release | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:39 tasks | ||
</ | </ | ||
- | Récupérez le fichier **scp_test** en utilisant scp : | + | Il n' |
< | < | ||
- | [root@centos8 ~]# scp trainee@127.0.0.1: | + | [root@centos8 ~]# echo 40000000 > /sys/fs/cgroup/memory/helloworld2/memory.limit_in_bytes |
- | The authenticity of host ' | + | |
- | ECDSA key fingerprint is SHA256:Q7T/CP0SLiMbMAIgVzTuEHegYS/spPE5zzQchCHD5Vw. | + | |
- | Are you sure you want to continue connecting (yes/no/ | + | |
- | Warning: Permanently added ' | + | |
- | \S | + | |
- | Kernel \r on an \m | + | |
- | trainee@127.0.0.1' | + | |
- | scp-test | + | |
- | + | ||
- | [root@centos8 ~]# ls -l | + | |
- | total 32 | + | |
- | -rw-------. 1 root root 1358 Jun 16 06:40 anaconda-ks.cfg | + | |
- | drwxr-xr-x. 3 root root 21 Jun 16 06:39 home | + | |
- | -rw-r--r--. 1 root root 1749 Aug 24 11:20 I2TCH.asc | + | |
- | -rw-r--r--. 1 root root 1853 Jun 16 06:54 initial-setup-ks.cfg | + | |
- | -rw-r--r--. 1 root root 31 Aug 24 11:22 message.txt | + | |
- | -rw-r--r--. 1 root root 561 Aug 24 11:32 message.txt.asc | + | |
- | -rw-r--r--. 1 root root 367 Aug 24 11:30 message.txt.gpg | + | |
- | -rw-r--r--. 1 root root 329 Aug 24 11:23 message.txt.sig | + | |
- | -rw-r--r--. 1 root root 0 Aug 30 03:55 scp-test | + | |
- | -rw-r--r--. 1 root root 46 Aug 29 06:22 wget_file.txt | + | |
</ | </ | ||
- | ====3.6 - Mise en Place des Clefs Asymétriques==== | + | ==La Commande cgexec== |
- | Il convient maintenant | + | Cette commande permet d' |
< | < | ||
- | [root@centos8 ~]# ssh -l trainee 127.0.0.1 | + | [root@centos8 ~]# cgexec |
- | \S | + | [1] 37670 |
- | Kernel \r on an \m | + | |
- | trainee@127.0.0.1's password: trainee | + | |
- | Activate the web console with: systemctl enable --now cockpit.socket | + | |
- | [trainee@centos8 ~]$ ls -la | grep .ssh | + | [root@centos8 ~]# hello world |
- | drwx------. | + | [Entrée] |
+ | |||
+ | [root@centos8 ~]# | ||
</ | </ | ||
- | <WRAP center round important 60%> | + | ==La Commande cgdelete== |
- | **Important** - Si le dossier distant .ssh n' | + | |
- | </ | + | |
- | Ensuite, il convient | + | Une fois le script terminé, cette commande permet |
< | < | ||
- | [trainee@centos8 ~]$ exit | + | [root@centos8 ~]# ps aux | grep *.sh |
- | logout | + | root |
- | Connection to 127.0.0.1 | + | root |
- | [root@centos8 ~]# exit | + | [root@centos8 ~]# kill 37670 |
- | logout | + | |
- | [trainee@centos8 ~]$ scp .ssh/ | + | root@centos8 ~]# ps aux | grep *.sh |
- | The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established. | + | root |
- | ECDSA key fingerprint is SHA256:Q7T/ | + | [1]+ Terminated |
- | Are you sure you want to continue connecting (yes/no/[fingerprint])? yes | + | |
- | Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts. | + | [root@centos8 ~]# cgdelete memory:helloworld2 |
- | \S | + | |
- | Kernel \r on an \m | + | [root@centos8 ~]# ls -l /sys/ |
- | trainee@127.0.0.1' | + | ls: cannot access '/ |
- | id_ecdsa.pub | + | |
</ | </ | ||
- | Connectez-vous via telnet : | + | ==Le Fichier / |
- | < | + | Afin de les rendre persistants, |
- | [trainee@centos8 ~]$ ssh -l trainee localhost | + | |
- | The authenticity of host 'localhost (::1)' can't be established. | + | |
- | ECDSA key fingerprint is SHA256:Q7T/CP0SLiMbMAIgVzTuEHegYS/spPE5zzQchCHD5Vw. | + | |
- | Are you sure you want to continue connecting (yes/ | + | |
- | Warning: Permanently added ' | + | |
- | \S | + | |
- | Kernel \r on an \m | + | |
- | Activate the web console with: systemctl enable --now cockpit.socket | + | |
- | Last login: Mon Aug 30 03:57:14 2021 from 127.0.0.1 | + | < |
- | [trainee@centos8 ~]$ | + | [root@centos8 ~]# vi / |
+ | [root@centos8 ~]# cat / | ||
+ | # | ||
+ | # Copyright IBM Corporation. 2007 | ||
+ | # | ||
+ | # Authors: | ||
+ | # This program is free software; you can redistribute it and/or modify it | ||
+ | # under the terms of version 2.1 of the GNU Lesser General Public License | ||
+ | # as published by the Free Software Foundation. | ||
+ | # | ||
+ | # This program is distributed in the hope that it would be useful, but | ||
+ | # WITHOUT ANY WARRANTY; without even the implied warranty of | ||
+ | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | ||
+ | # | ||
+ | # | ||
+ | # By default, we expect systemd mounts everything on boot, | ||
+ | # so there is not much to do. | ||
+ | # See man cgconfig.conf for further details, how to create groups | ||
+ | # on system boot using this file. | ||
+ | group helloworld2 { | ||
+ | cpu { | ||
+ | cpu.shares = 100; | ||
+ | } | ||
+ | memory { | ||
+ | memory.limit_in_bytes = 40000; | ||
+ | } | ||
+ | } | ||
</ | </ | ||
<WRAP center round important 60%> | <WRAP center round important 60%> | ||
- | **Important** - Lors de la connexion au serveur, l' | + | **Important** - Notez la création de **deux** limitations, une de 40 000 octets |
</ | </ | ||
- | Insérez maintenant | + | Créez donc les deux CGroups concernés |
< | < | ||
- | [trainee@centos8 ~]$ cd .ssh | + | [root@centos8 ~]# cgcreate -g memory: |
- | [trainee@centos8 | + | [root@centos8 |
- | authorized_keys | + | total 0 |
- | [trainee@centos8 | + | -rw-rw-r--. 1 root root 0 Jul 13 10:46 cgroup.clone_children |
- | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHDrzSXP+Ecxf/ | + | --w--w----. 1 root root 0 Jul 13 10:46 cgroup.event_control |
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 cgroup.procs | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.failcnt | ||
+ | --w--w----. 1 root root 0 Jul 13 10:46 memory.force_empty | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.kmem.slabinfo | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.tcp.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.tcp.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.kmem.tcp.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.kmem.tcp.usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.kmem.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.max_usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.memsw.failcnt | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.memsw.limit_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.memsw.max_usage_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.memsw.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.move_charge_at_immigrate | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.numa_stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.oom_control | ||
+ | ----------. 1 root root 0 Jul 13 10:46 memory.pressure_level | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.soft_limit_in_bytes | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.swappiness | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:46 memory.usage_in_bytes | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 memory.use_hierarchy | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 notify_on_release | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:46 tasks | ||
+ | </ | ||
- | [trainee@centos8 | + | < |
- | [trainee@centos8 | + | [root@centos8 |
- | [trainee@centos8 | + | [root@centos8 |
+ | total 0 | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cgroup.clone_children | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cgroup.procs | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpuacct.usage | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_all | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_percpu | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_percpu_sys | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_percpu_user | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_sys | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpuacct.usage_user | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpu.cfs_period_us | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpu.cfs_quota_us | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpu.rt_period_us | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpu.rt_runtime_us | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 cpu.shares | ||
+ | -r--r--r--. 1 root root 0 Jul 13 10:47 cpu.stat | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 notify_on_release | ||
+ | -rw-rw-r--. 1 root root 0 Jul 13 10:47 tasks | ||
+ | </code> | ||
- | [trainee@centos8 | + | ==La Commande cgconfigparser== |
- | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHDrzSXP+Ecxf/sQ18VwCRNm7rrSrrsaJmuIw/RgTH5puKF5E+Yy15cvAAKBXpJPxUmrOaOyhab84PevV7XSHcI= trainee@centos8.ittraining.loc | + | |
- | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQD3ZSMn/GIAHtaDFc6ZNnKJam9hzq8TxqMN5IopUr8QhwODyPadbB+FgH4r50qTux4ubwr1BlymgIdqRVWy32mE15M8tdtKc3j8DNMpUwPGEh+s/PT7GW+3E3shoyPvpLc1kKaKXKGl/JwfCK/8IYsubk2BmiiJYkzLECotPlaaxm4w1K0AtlnZQuLHt1HK3/rHChxo2o2w1t59/QwNcMLiKve1Z+zQ1POKo8VJ/ | + | Appliquez le contenu du fichier **/ |
- | ssh-dss AAAAB3NzaC1kc3MAAACBALIdwEEqHrMWSUdzARm9ldsZK9ebbtZShtmwgdjphOk77fxymK0y6wV7QEmLL25LOcLb12uZ1F0LtRt/t2oqgrwqk3vUSpCPLr09AXpcD/nxL9kc+rUxHyl6u1mHtyfCVLCPSvavCMR8TaA8egVMk3EwGRfHTiuDOKi7Iwus7gXPAAAAFQDHEQPGVRI7gVYKzCT6nrjDsQQ6jwAAAIEAhhhH7fEjdldASXY0qTWkCvcs3cfK9/Ff315zByn47O02y9Vdo3QG5nOr1Oo8fc2xEkIBNmFr8Rr2g60cpvEev5hy4XZ1ghxnQ53iwKuiS72ZATwhD6bZBrsiH0k1Et25gRcj5KCvDe/jHhbxCxsCuHUH2qvWsQNVwztE7hD0sxkAAACAQ8Dkpy8zXj7jW8o1txxf2W6J4r2+1lPldymA45ywZokN4SCwvXlpPAuyBt0/HiU0R2PI9aqOAMosCLcy9WmnSwLQ2Z7QcD2i3XlAih2+1q9NJP22sPT3jSK9UZcdRjoZ/eNiz84sXZucNape32tFxjvcV4txobH/ | + | |
- | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfFQULLU8IZyKiSU63D2Zz6yGLqyHcBHnCRdSR9JSmc trainee@centos8.ittraining.loc | + | < |
+ | [root@centos8 | ||
+ | [root@centos8 | ||
+ | 36864 | ||
+ | [root@centos8 | ||
+ | 100 | ||
</ | </ | ||
----- | ----- | ||
Copyright © 2024 Hugh Norris. | Copyright © 2024 Hugh Norris. |