作者归档:flyinweb

Linux: TMOUT To Automatically Log Users Out

How do I auto Logout my shell user in Linux after certain minutes of inactivity?

Linux bash shell allows you to define the TMOUT environment variable. Set TMOUT to automatically log users out after a period of inactivity. The value is defined in seconds. For example,

export TMOUT=120

export TMOUT=120

The above command will implement a 2 minute idle time-out for the default /bin/bash shell. You can edit your ~/.bash_profile or /etc/profile file as follows to define a 5 minute idle time out:

# set a 5 min timeout policy for bash shell
TMOUT=300
readonly TMOUT
export TMOUT

# set a 5 min timeout policy for bash shell TMOUT=300 readonly TMOUT export TMOUT

Save and close the file. The readonly command is used to make variables and functions readonly i.e. you user cannot change the value of variable called TMOUT.

How Do I Disable TMOUT?

To disable auto-logout, just set the TMOUT to zero or unset it as follows:
$ export TMOUT=0
or
$ unset TMOUT
Please note that readonly variable can only be disabled by root in /etc/profile or ~/.bash_profile.

A Note About TCSH SHELL and OpenSSH Server/Client

SSH allows administrators to set an idle timeout interval in /etc/ssh/sshd_config file. TCSH user should use autologout variable. Please see our previous FAQ “Linux / UNIX Automatically Log BASH / TCSH / SSH Users Out After a Period of Inactivity” for more information.

use MySQL on Django with Python3.6

My environment: Windows 10, Python 3.6, Django 1.11.4., PyMySQL 0.6.1, MySQL Server 5.7 on Windows

How to make it work:

  1. Install PyMySQL version 0.7.11 (https://github.com/PyMySQL/PyMySQL/): you can install it either by using pip, i.e. : pip install PyMySQL or by manually downloading the package; there is a good documentation on their website on how to do that.
  2. Open your Django App __init__.py and paste the following lines:
    import pymysql
    pymysql.install_as_MySQLdb() 
    
  3. Now, open settings.py and make sure your DATABASE property looks like this:
    DATABASES = {
       'default': {
           'ENGINE': 'django.db.backends.mysql',
           'NAME': 'mydb',
           'USER': 'dbuser',
           'PASSWORD': 'dbpassword',
           'HOST': 'dbhost',
           'PORT': '3306'
        }
    }
    
  4. That’s it, you should be able to execute python manage.py syncdb to init your MySQL DB; see the sample output below:
    Creating tables ...
    Creating table django_admin_log
    Creating table auth_permission
    Creating table auth_group_permissions
    ...
    ...
    Creating table socialaccount_socialtoken
    
    You just installed Django's auth system, which means you don't have any superusers defined.
    ...
    
  5. you should be able to execute python manage.py migrate to creates any necessary database tables according
    to the database settings in your mysite/settings.py file and the database migrations shipped with the app; see the sample output below:

    
    Operations to perform:
      Apply all migrations: admin, auth, contenttypes, sessions
    Running migrations:
      Applying contenttypes.0001_initial... OK
      Applying auth.0001_initial... OK
      Applying admin.0001_initial... OK
      Applying admin.0002_logentry_remove_auto_add... OK
      Applying contenttypes.0002_remove_content_type_name... OK
      Applying auth.0002_alter_permission_name_max_length... OK
      Applying auth.0003_alter_user_email_max_length... OK
      Applying auth.0004_alter_user_username_opts... OK
      Applying auth.0005_alter_user_last_login_null... OK
      Applying auth.0006_require_contenttypes_0002... OK
      Applying auth.0007_alter_validators_add_error_messages... OK
      Applying auth.0008_alter_user_username_max_length... OK
      Applying sessions.0001_initial... OK
    

apache禁止访问文件或目录执行权限、禁止运行脚本PHP文件的设置方法

我们来看俩段通常对上传目录设置无权限的列子,配置如下:

代码如下:

<Directory “/var/www/upload”>
<FilesMatch “.php”>
Order Allow,Deny
Deny from all
</FilesMatch>
</Directory>

这些配置表面上看起来是没什么问题的,确实在windows下可以这么说。
但是linux就不同了,大家都是知道的linux操作系统是区分大小写的,这里如果换成大写后缀名*.phP一类就pass了 继续阅读

File System Redirector

The %windir%\System32 directory is reserved for 64-bit applications. Most DLL file names were not changed when 64-bit versions of the DLLs were created, so 32-bit versions of the DLLs are stored in a different directory. WOW64 hides this difference by using a file system redirector.

In most cases, whenever a 32-bit application attempts to access %windir%\System32, the access is redirected to %windir%\SysWOW64. Access to %windir%\lastgood\system32 is redirected to %windir%\lastgood\SysWOW64. Access to %windir%\regedit.exe is redirected to %windir%\SysWOW64\regedit.exe.

If the access causes the system to display the UAC prompt, redirection does not occur. Instead, the 64-bit version of the requested file is launched. To prevent this problem, either specify the SysWOW64 directory to avoid redirection and ensure access to the 32-bit version of the file, or run the 32-bit application with administrator privileges so the UAC prompt is not displayed. 继续阅读

ubuntu修改mysql 5.7数据存储目录datadir

环境:Ubuntu 16.04、mysql5.7

在16.04版本的MySQL数据库,默认是5.7版本的;
想要修改MySQL数据库存储的目录,需要了解mysql配置文件,以及apparmor的配置文件。
这里提一下apparnor 是控制访问权限的,而mysql依赖它,所以不单单是改完mysql配置文件的内容,同样的需要修改apparmor的相应的配置文件。
1.创建MySQL另外存储的目录
mkdir /database/mysql
chmod 700 /database/mysql
chowd mysql:mysq /database/mysql
2.将以前的数据库复制到新的存储目录 (这样避免了再次初始化,并且数据还在)
cp -av /var/lib/mysql/* /database/mysql
3.删除日志 (不删除会报错)
rm -rf /database/mysql/ib_logfile0
rm -rf /database/mysql/ib_logfile1

继续阅读

Auditd – Linux 服务器安全审计工具

安全防护是首先要考虑的问题。为了避免别人盗取我们的数据,我们需要时刻关注它。安全防护包括很多东西,审计是其中之一。

我们知道Linux系统上有一个叫 auditd 的审计工具。这个工具在大多数Linux操作系统中是默认安装的。那么auditd 是什么?该如何使用呢?下面我们开始介绍。

继续阅读

tcpdump使用技巧

一般情况下,非HTTP协议的网络分析,在服务器端用tcpdump比较多,在客户端用wireshark比较多,两个抓包软件的语法是一样的。

一、基本语法

1.1、过滤主机

  • 抓取所有经过eth1,目的或源地址是192.168.1.1的网络数据
tcpdump -i eth1 host 192.168.1.1
  • 指定源地址
tcpdump -i eth1 src host 192.168.1.1
  • 指定目的地址
tcpdump -i eth1 dst host 192.168.1.1

1.2、过滤端口

继续阅读

Python fabric远程自动部署简介

Fabric是一个Python(2.5-2.7)库,用于简化使用SSH的应用程序部署或系统管理任务。

它提供的操作包括:执行本地或远程shell命令,上传/下载文件,以及其他辅助功能,如提示用户输入、中止执行等。

本文主要介绍CentOS 6.3上使用fabric进行自动部署的基本方法。 继续阅读

How To: Set the proxy for the WebBrowser control in .NET

Source:https://blogs.msdn.microsoft.com/jpsanders/2011/04/26/how-to-set-the-proxy-for-the-webbrowser-control-in-net/

I see some horrible solutions for this out on the web.  Most involve setting the proxy for the entire machine and then toggling it back off.  Here is a class that will allow you to set it ONLY FOR THE PROCESS that the control is hosted in.  You could call it like this:

WinInetInterop.SetConnectionProxy(“localhost:8888”);

and then restore it to the default set in IE with this call:

// read the default settings for IE and restore these as the proxy
WinInetInterop.RestoreSystemProxy();
Let me know if you thought this was useful! 继续阅读

Python:使用代理proxy爬虫

Python:使用代理proxy爬虫