=========================================================================
실습> 우리만의 쉘을 만들어보자.
# install /dev/null /bin/myshell
# ls -l /bin/myshell
-rwxr-xr-x 1 root root 0 Feb 26 16:45 /bin/myshell
# vi /bin/myshell
-- /bin/myshell --
<root@localhost.localdomain ~># cat /bin/myshell
#!/bin/sh
prompt=" => "
while :
do
read -p $prompt cmd
$cmd
done
-- /bin/myshell --
# myshell
=> ls
1.txt 2.txt a.sh a.txt all.txt rpm1.txt rpm2.txt test.sh
=> pwd
/root
=> rm -f 1.txt
=> ls
2.txt a.sh a.txt all.txt rpm1.txt rpm2.txt test.sh
=> exit
=========================================================================
=========================================================================
실습> my 쉘의 문제점을 확인해보자.
# useradd test1
useradd: user test1 exists
# usermod -s /bin/myshell test1
# grep test1 /etc/passwd
test1:x:502:502::/home/test1:/bin/myshell
# su - test1
=>
=>ps &
/bin/myshell: line 14: /bin/ps: Permission denied
=>
=> A=10
/bin/myshell: line 14: A=10: command not found
=>
=>echo 123 | wc -c
123 | wc -c
=>
=> exit
=========================================================================
=========================================================================
실습> background 연습
#
# top &
[1] 26531
[1]+ Stopped top
# vi &
[2] 26537
[2]+ Stopped vi
# jobs
[1]- Stopped top
[2]+ Stopped vi
# fg
vi
Ctrl + Z
[2]+ Stopped vi
# jobs
[1]- Stopped top
[2]+ Stopped vi
# jobs
[1]- Stopped top
[2]+ Stopped vi
# kill %1
#
[1]- Terminated top
# jobs
[2]+ Stopped vi
# kill %2
# jobs
[2]+ Stopped vi
# kill -9 %2
[2]+ Stopped vi
[2]+ Killed vi
# jobs
=========================================================================
=========================================================
LAB> 좀비 프로세스를 생성해보자.
# vi zombie.c
-- zombie.c --
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
int main()
{
pid_t pid;
pid = fork();
if(pid == 0)
printf("Child process\n");
else
sleep(30);
return 0;
}
-- zombie.c --
# gcc -o zombie zombie.c
# ./zombie &
[1] 3065
# Child process
# ps -ef | grep zombie
root 3065 2708 0 12:33 pts/0 00:00:00 ./zombie
root 3066 3065 0 12:33 pts/0 00:00:00 [zombie] <defunct>
root 3068 2708 0 12:33 pts/0 00:00:00 grep zombie
# ps aux | grep zombie
root 3065 0.0 0.1 1608 280 pts/0 S 12:33 0:00 ./zombie
root 3066 0.0 0.0 0 0 pts/0 Z 12:33 0:00 [zombie] <defunct>
root 3070 0.0 0.1 1944 504 pts/0 R+ 12:33 0:00 grep zombie
# pstree -p | grep zombie
| `-zombie(3065)---zombie(3066)
#
[1]+ Done ./zombie
=========================================================
=========================================================
LAB> 리눅스의 기본 TTL 값을 sysctl 을 이용해서 변경하시오.
# sysctl -w net.ipv4.icmp_echo_ignore_all=0
net.ipv4.icmp_echo_ignore_all = 0
# cat /proc/sys/net/ipv4/ip_default_ttl
64
# sysctl -w net.ipv4.ip_default_ttl=128
net.ipv4.ip_default_ttl = 128
# cat /proc/sys/net/ipv4/ip_default_ttl
128
# vi /etc/sysctl.conf
-- /etc/sysctl.conf --
:
net.ipv4.ip_default_ttl=128 <-- 추가 (부팅후에도 인식)
-- /etc/sysctl.conf --
=========================================================
o 데몬 프로세스 제어
ntsysv, chkconfig
# ntsysv
crond
iptables
network
sendmail
sshd
syslog
reboot 하면 적용됨
# vi /etc/inittab
-- /etc/inittab --
:
:
1:2345:respawn:/sbin/mingetty tty1 --noclear
2:2345:respawn:/sbin/mingetty tty2
#3:2345:respawn:/sbin/mingetty tty3
#4:2345:respawn:/sbin/mingetty tty4
#5:2345:respawn:/sbin/mingetty tty5
#6:2345:respawn:/sbin/mingetty tty6
-- /etc/inittab --
사용법 :
# chkconfig --list | grep 3:on
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig --list smartd
smartd 0:off 1:off 2:on 3:off 4:on 5:on 6:off
# chkconfig smartd on
# chkconfig --list smartd
smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig --list | grep smar
smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# rpm -q coreutils
coreutils-5.97-34.el5
# rpm -qa | grep coreu
policycoreutils-1.33.12-14.13.el5
coreutils-5.97-34.el5
policycoreutils-gui-1.33.12-14.13.el5
--> 단어가 다 생각 안날땐 grep 을 활용하자!
# chkconfig smartd off
# chkconfig --list smartd
smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# chkconfig --level 3 smartd on
# chkconfig --list smartd
smartd 0:off 1:off 2:off 3:on 4:off 5:off 6:off
# chkconfig --level 3 smartd off
# chkconfig --list smartd
smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# chkconfig --list | grep 3:on
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
===========================================================
LAB> chkconfig 데몬을 리스트에서 삭제/추가 해보자.
# chkconfig --list smartd
smartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# chkconfig --del smartd
# chkconfig --list smartd
service smartd supports chkconfig, but is not referenced in any runlevel (run 'chkconfig --add smartd')
# chkconfig --add smartd
# chkconfig --list smartd
smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
===========================================================
===========================================================
LAB> 데몬/데몬실행 스크립트 파일을 생성해보자.
-- 순서 --
1. 데몬파일 작성
2. 스크립트 파일 작성
3. chkconfig 등록
4. 데몬시작/확인
1. 데몬파일 작성
# install /dev/null /usr/sbin/mydaemon.sh
# vi /usr/sbin/mydaemon.sh
-- /usr/sbin/mydaemon.sh --
#!/bin/sh
while :
do
sleep 1
done
-- /usr/sbin/mydaemon.sh --
2. 스크립트 파일 작성
# install /dev/null /etc/init.d/mydaemon
# vi /etc/init.d/mydaemon
-- /etc/init.d/mydaemon --
#!/bin/sh
#형식 :
#chkconfig: <런레벨> <시작번호> <종료번호>
#description: 설명
#chkconfig: 2345 77 78
#description: My daemon program!
if [ $# -eq 0 ]; then
echo Usage: $0 {start|stop|restart}
exit 1
fi
case $1 in
"start") setsid /usr/sbin/mydaemon.sh & ;;
"stop" ) killall -9 mydaemon.sh ;;
"restart") /etc/init.d/mydaemon stop
/etc/init.d/mydaemon start & ;;
esac
-- /etc/init.d/mydaemon --
3. chkconfig 등록
# chkconfig --add mydaemon
# chkconfig --list mydaemon
4. 데몬시작/확인
!!! 데몬스크립트를 시작하는 여러가지 방법
!!! /etc/init.d/mydaemon start
!!! /etc/rc.d/init.d/mydaemon start
!!! service mydaemon start
--> 똑같은 의미
# /etc/init.d/mydaemon start
# ps aux | grep mydaemon
root 2205 0.0 0.4 5704 1112 ? Ss 15:40 0:00 /bin/sh /usr/sbin/mydaemon.sh
# /etc/init.d/mydaemon stop
# ps aux | grep mydaemon
===========================================================
LAB> chkconfig 를 명령어를 이용해서 등록시켜보자
!!! 참고 : # strace chkconfig --add mydaemon !!!
-- 순서 --
1. 등록된 mydaemon을 삭제
2. mydaemon 삭제 확인
3. 명령어(ln)를 이용해서 링크 생성
4. 등록된 mydaemon을 확인
1. 등록된 mydaemon을 삭제
# LANG=C
# chkconfig --del mydaemon
2. mydaemon 삭제 확인
# chkconfig --list mydaemon
service mydaemon supports chkconfig, but is not referenced in any runlevel (run 'chkconfig --add mydaemon')
3. 명령어(ln)를 이용해서 링크 생성
# cd /etc/rc.d/rc0.d
# ln -s ../init.d/mydaemon K78mydaemon
# cd ../rc1.d
# ln -s ../init.d/mydaemon K78mydaemon
# cd ../rc2.d
# ln -s ../init.d/mydaemon S77mydaemon
# cd ../rc3.d
# ln -s ../init.d/mydaemon S77mydaemon
# cd ../rc4.d
# ln -s ../init.d/mydaemon S77mydaemon
# cd ../rc5.d
# ln -s ../init.d/mydaemon K78mydaemon
# cd ../rc6.d
# ln -s ../init.d/mydaemon K78mydaemon
4. 등록된 mydaemon을 확인
# chkconfig --list mydaemon
mydaemon 0:off 1:off 2:on 3:on 4:on 5:off 6:off
--> chkconfig --add mydaemon 실행 안했지만 직접 링크를 걸어주어 등록되었음
--> strace chkconfig --add mydaemon을 보면 chkconfig --add mydaemon이 어떤 행동을 하는지 알 수 있음
--> 그걸 직접 해준거임
--> 그러므로 chkconfig --add mydaemon 실행한 것과 같은 결과를 얻을 수 있음
===========================================================
=========================================================================
실습> xinetd 방식의 데몬을 이용해서 telnet 서비스를 실행해보자.
ssh와 telnet 의 차이점
sshd : 원격접속
- stanalone 방식의 데몬 or xinetd 방식으로도 구동할 수도 있다.
- DATA를 전송할때 암호화해서 전송한다.
telnet : 원격접속
- 반드시 xinetd 방식으로 구동
- DATA를 전송할때 평문으로 전송한다.
# yum -y install xinetd
# yum search telnet
# yum -y install telnet-server
# /etc/init.d/xinetd start <-- 주인장
# cd /etc/xinetd.d <-- 웨이터의 대기실
# vi telnet
4 service telnet <-- 서비스명 /etc/services 안에 존재!!!
5 {
6 flags = REUSE
7 socket_type = stream
8 wait = no
9 user = root
10 server = /usr/sbin/in.telnetd
11 log_on_failure += USERID
12 disable = no <-- yes -> no 로 변경
13 }
# /etc/init.d/xinetd restart <-- 23번 포트가 열린다.
# netstat -nat
...
tcp 0 0 0.0.0.0:23 0.0.0.0:* LISTEN
...
# useradd telnetuser
# echo '1234&*((' | passwd --stdin telnetuser
-- 윈도우에서 telnet 으로 접속 --
1. xshell or putty 로 접속
2. cmd 창에서 접속 <-- !!! cmd 에서 telnet 으로 접속하는것 중요 !!!
=========================================================================
===========================================================
LAB> /proc 디렉토리에서 실행되고 있는 프로세스를 확인해보자.
/proc/PID/exe -> 실행되는프로그램
# ls -l /proc/*/exe 2>/dev/null
===========================================================