用户和权限
chmod
#chmod u+r test.txt
#chmod go+rw test.txt
#chmod o-w test.txt
#chmod 555 test.txt
#chmod +t dir //粘带位权限
#chmod g+s file.txt //setuid
#chmod u+s file.txt //setgid
chown
#chown new_owner filename
#chown -R new_owner directoryname
chgrp
#chgrp new_group filename
#chgrp -R new_group filename
nice
#nice -20 dtterm //优先级增加到20 数值越大优先级越高
#nice --20 dtterm //优先级减少到20
groups
$ groups //显示自己所在的组
adm
$ groups root //显示该用户属于什么组
other root bin sys adm uucp mail tty lp nuucp daemon
newgrp
$newgrp adm //切换到其它的组
umask
% umask
22
起始权限-想得到的权限=umask值
useradd
#useradd user3
#useradd -u 1006 -g 4 -d /export/home/user3 -s /bin/sh -c "web user" user3 //完整的添加用户
#useradd -u 1006 -g 4 -d /export/home/user3 -m -s /bin/sh -c "web user" user3 //创建用户的同时创建主目录文件
参数 说明
-c 对每个用户的注释,记录每个用户的个人信息
-d 用户主目录路径
-m 用来创建用户的主目录,通常与-d路径名一起用
-g 用户的默认组
-g 用户的默认gid
-e 帐号不再有效,通常在创建临时帐号用
-f 许可用户的最大闲置天数,在创建临时帐号时用到
-u 用户的uid
-s 用户的shell路径
userdel
#userdel user7 //把user7删除,但是不删住目录
#userdel -r username //把主目录一起删除
usermod
# usermod -u 1005 -c adminisrator cole //修改用户的一些信息
#usermod -G group1 ,group2 username //把用户添加到多个组
# usermod -G sys,sysadmin cole
# groups cole
mail sys sysadmin
# usermod -g apache cole //主要组
# groups cole
apache
passwd
#passwd -f user //下次登陆时强制其改变密码
#passwd user //修改其密码
#passwd -l user //锁住用户不能登陆
#passwd -x 30 user //口令有效期为30天
#passwd -w 3 user //口令失效的前3天提醒用户修改
groupadd
# groupadd -g 2000 usergroup
groupdel
#groupdel groupname
groupmod
#groupmod -n newname oldname
#groupmod -g gid groupname //修改其gid
#groupmod -g gid -n newname oldname
进程管理
ps
字段概述:
F十六进制标志,它们加起来表示进程的当前状态。
如下所述:00 进程终止,而且它们在进程表中的空间已释放。01 系统进程,长驻内存02 进程被父进程跟踪04 进程被父进程跟踪而且已被停止08 该进程无法被信号量唤醒10 该进程当前在内存中,而且被锁定直到一个事件完成20 进程不能被交换出
S 进程当前状态,由以下字母之一显示:
O 当前正在处理器上运行
S 睡眠;等待I/O事件完成
R 运行结束I 空闲;进程被创建
Z 僵死。进程已终止
T由于父进程跟踪而停止
X 等待更多的内存
UID进程所有者的用户ID
PID进程ID
PPID父进程ID
C 进程的CPU使用情况(即进程占CPU时间的百分比)
PRI 进程优先权方案。较大的数表示较低的优先权
NI 进程的nice值,该值与优先权方案相关联。使一个进程"nicer"意指降低该进程的优先权,以使它不会用尽CPU的时间
SZ进程请求的虚拟内存量。这是该系统对内存需求的一个好的指标。
TTY 启动进程(或者父进程)的终端。带问号的进程无控制终端(通常为系统进程)
TIME自进程启动以来占CPU时间总量
COMD产生进程的命令
# ps -f
UID PID PPID C STIME TTY TIME CMD
keven 360 358 0 19:19:19 pts/2 0:00 -csh
keven 477 360 0 19:28:14 pts/2 0:00 ps -f
# ps -u wing //特定用户
PID TTY TIME CMD
368 pts/3 0:00 sh
# ps
PID TTY TIME CMD
360 pts/2 0:00 csh
475 pts/2 0:00 ps
# ps -e
PID TTY TIME CMD
0 ? 0:01 sched
1 ? 0:00 init
2 ? 0:00 pageout
3 ? 0:00 fsflush
328 ? 0:00 sac
331 ? 0:00 ttymon
153 ? 0:00 rpcbind
# ps -ecl //PRI为进程优先权,这里98为最高
F S UID PID PPID CLS PRI ADDR SZ WCHAN TTY TIME CMD
19 T 0 0 0 SYS 96 fec287cc 0 ? 0:00 sched
8 S 0 1 0 TS 59 de7a8808 319 dea06e16 ? 0:00 init
19 S 0 2 0 SYS 98 de7a8108 0 fec4d4b8 ? 0:00 pageout
19 S 0 3 0 SYS 60 de7a7a08 0 fecea0bc ? 0:01 fsflush
8 S 0 329 1 TS 59 de7a7308 448 deac8d68 ? 0:00 sac
8 S 0 256 1 TS 59 de7a6c08 1084 deeb7f02 ? 0:00 sendmail
$ ps -eaf
UID PID PPID C STIME TTY TIME CMD
root 0 0 0 19:18:44 ? 0:01 sched
root 1 0 0 19:18:44 ? 0:00 /etc/init -
root 2 0 0 19:18:44 ? 0:00 pageout
root 3 0 0 19:18:44 ? 0:00 fsflush
root 328 1 0 19:19:10 ? 0:00 /usr/lib/saf/sac -t 300
root 331 328 0 19:19:10 ? 0:00 /usr/lib/saf/ttymon
root 153 1 0 19:18:53 ? 0:00 /usr/sbin/rpcbind
#ps -eaf |grep wing
root 317 1 0 19:19:10 ? 0:00 /usr/lib/dmi/snmpXdmid -s wing
root 329 1 0 19:19:10 console 0:00 /usr/lib/saf/ttymon -g -h -p wing
console login: -T sun-color -d /dev/console
wing 368 366 0 19:19:47 pts/3 0:00 -sh
用法:ps [ -aAdeflcjLPy ] [ -o 格式 ] [ -t 项列表 ]
[ -u 用户列表 ] [ -U 用户列表 ] [ -G 组列表 ]
[ -p proclist ] [ -g pgrplist ] [ -s sidlist ]
选项 意义 功能
ps 无选项 显示在当前shell和终端窗口中的用户进程信息
ps -e every 显示系统中每一个进程的信息
ps -f full 生成一个长列表,显示每个进程的所有可用信息
ps -u userid user 显示特定用户的所有进程信息
$ ps -u wing //wing为用户名
PID TTY TIME CMD
368 pts/3 0:00 sh
494 pts/3 0:00 ps
$ ps -U wing
PID TTY TIME CMD
368 pts/3 0:00 sh
495 pts/3 0:00 ps
$ ps -G user //user为组名
PID TTY TIME CMD
360 pts/2 0:00 csh
# priocntl -l
CONFIGURED CLASSES
==================
SYS (System Class) 系统
TS (Time Sharing) 分式共享
Configured TS User Priority Range: -60 through 60
FX (Fixed priority)
Configured FX User Priority Range: 0 through 60
IA (Interactive) 交互
Configured IA User Priority Range: -60 through 60
对于分式共享级,用户提供的优先权范围为:-20~+20
# ps -ecl
F S UID PID PPID CLS PRI ADDR SZ WCHAN TTY TIME CMD
19 T 0 0 0 SYS 96 fec287cc 0 ? 0:00 sched
8 S 0 1 0 TS 59 de7a8808 319 dea06e16 ? 0:00 init
pgrep //查看进程
# pgrep -lf inetd
616 /usr/sbin/inetd -s -t
$ pgrep -l lp
217 lpsched
kill
signal:
1 暂停
2 中断
3 退出
4 非法指令
5 跟踪中断
6 Abort
7 EMT指令(Emulation竞争trap)
8 浮点格式的异常情况
9 kill(不能被捕获或忽略)
10 通道错误
11不合法的内存区段
12 错误系统调用
13 写入不可读的连通管道
14 alarm clock
15 软件结束信号
16 用户定义的信号1
17用户定义的信号2
18 子进程状态被改变
19 电源坏掉
20窗口(Window)的大小被改变
21Urgent(紧急的)Socket Condition
22 Pollable(可查询的)event
23 停止
24 由用户终止
25 继续执行
26 停止终端输入
27 停止终端输出
28 virtual Timer expired
29 Profiling time expired
30 超过CPU时间
31 超过文件大小限制
32 Socket I/O possible
#kill -9 368 //强行杀死一个进程
#kill 368 //杀死一个进程,使用15为默认值,为软杀死
kill -HUP ID //重启一个进程
$sleep 500&
$jobs
[1]+Running sleep 500
$sleep 500
^z
[1]+stopped sleep 00
$jobs
[1]+stopped sleep 500
$bg%1
[1]+Running sleep 500
$kill %1
[1]+ Terminated sleep 500
$jobs
$
java
# java -version
java version "1.4.0_03"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0
Java HotSpot(TM) Client VM (build 1.4.0_03-b04, mixed mode)
proc工具
$ ps
PID TTY TIME CMD
806 pts/3 0:00 ps
368 pts/3 0:00 sh
$ pflags 368
368: -sh
data model = _ILP32 flags = PR_ORPHAN
/1: flags = PR_PCINVAL
% pmap 823 //进程的地址空间分配,和需要执行的库
823: -csh
08043000 20K rw--- [ stack ]
08050000 128K r-x-- /usr/bin/csh
08070000 12K rwx-- /usr/bin/csh
08073000 68K rwx-- [ heap ]
DD9C0000 8K r-x-- /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
DD9D1000 4K rwx-- /usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
DD9E0000 324K r-x-- /usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
DDA40000 8K rwx-- /usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
DDA60000 4K rwx-- [ anon ]
DDA70000 628K r-x-- /usr/lib/libc.so.1
DDB1D000 24K rwx-- /usr/lib/libc.so.1
DDB23000 4K rwx-- /usr/lib/libc.so.1
DDB30000 152K r-x-- /usr/lib/libcurses.so.1
DDB66000 28K rwx-- /usr/lib/libcurses.so.1
DDB6D000 8K rwx-- /usr/lib/libcurses.so.1
DDB80000 4K r-x-- /usr/lib/libdl.so.1
DDB90000 292K r-x-- /usr/lib/ld.so.1
DDBE9000 16K rwx-- /usr/lib/ld.so.1
DDBED000 8K rwx-- /usr/lib/ld.so.1
total 1740K
$ pldd 830 //与每个进程链接的动态库列表
830: -sh
/usr/lib/libgen.so.1
/usr/lib/libc.so.1
/usr/lib/libdl.so.1
/usr/lib/locale/zh_CN.GB18030/zh_CN.GB18030.so.2
/usr/lib/locale/zh_CN.GB18030/methods_zh_CN.GB18030.so.2
$ psig 830 //与进程相关的的信号列表
830: -sh
HUP caught done 0
INT caught 0x8059a30 0
QUIT caught 0x8059a30 0
ILL caught done 0
TRAP caught done 0
ABRT caught done 0
EMT caught done 0
FPE caught done 0
KILL default
BUS caught done 0
SEGV caught 0x8059f70 ONSTACK,SIGINFO
$ pstack 830 //以十六进制格式查看进程堆栈跟踪
830: -sh
ddacedf7 waitid (0, 353, 8047d40, 83)
ddaeeea7 _waitpid (353, 8047df8, 80) + 66
ddb30581 waitpid (353, 8047df8, 80) + 21
08062319 ???????? (8078c44)
08062cef postjob (353, 1) + ce
0805d1e9 execute (8079374, 0, 0) + 801
08055b61 ???????? (0)
080559b5 main (1, 8047eb4, 8047ebc) + 4d9
08055427 ???????? ()
$ pfiles 830 //每个进程所打开的所有文件
830: -sh
Current rlimit: 256 file descriptors
0: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR
1: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR
2: S_IFCHR mode:0620 dev:102,0 ino:853 uid:1001 gid:7 rdev:24,2
O_RDWR
$ pwdx 830 //获取该进程当前的工作目录
830: /export/home/wing
$ ptree 830 //获父进程与子进程的关系
179 /usr/sbin/inetd -s
828 in.telnetd
830 -sh
854 ptree 830
lsof 工具-需下载安装,本身没有自带
软件管理
pkgadd
#pkgadd -d /tem softwarename
软件名gpw-6.94-sol8-intel-local.gz
#gunzip gpw-6.94-sol8-intel-local.gz
#head gpw-6.94-sol8-intel-local.gz //查看文件的版本信息
#pkgadd -d gpw-6.94-sol8-intel-local.gz
install
#install -c /opt/scripts -m 0755 -u bin -g sysadmin /tmp/setup_script
//目标路径 权限 用户 组 源路径
pkginfo
#pkginfo //安装了的软件包
pkgchk
#pkgchk pkginst //检查软件包的完整性
#pkgchk -f pkginst //处理软件包问题
#pkgchk -n pkginst //忽略包的不稳定性
#pkgchk -l -p /usr/bin/mydir //获取已安装文件的包属性
pkgrm
#pkgrm pkginst //删除软件包
#pkgrm pkginst1 pkginst2 //同时删除多个包
showrev
#showrev -p //显示已安装的补丁
patchadd
#patchadd patchname //安装补丁
#patchadd -M patch1 patch2 //同时安装多个补丁
#patchadd -d -R /export/mars /var/spool/patch/11102-12
//目的 源路径
//不允许对补丁安装进行现场恢复
补丁安装实例
2.6_Recommended.tar.z 补丁名
1
#df -k dir //查看该目录的大小
#tar xvf 2.6_Recommended.tar.z
#./install
参数 功能
-B 指定存储恢复现场信息的目录,而不是默认目录
-C 如果需要,指定需要打补丁的网络安装映象的路径
-d 不接受可恢复现场的补丁安装
-M 指定定位补丁的可选目录
-p 打印所有已安装的补丁列表
-u 不让文件安装生效
-R 为客户安装指定可选根目录
-S 从服务器为客户端安装补丁,客户机共享服务器操作系统目录
patchrm
#patchrm patchname // 删除补丁
#patchrm -C /export/solaris_2.9/tools/1065-15
//从客户端系统删除补丁
引导和启动过程、ok模式
#shutdown
#reboot
#init 0
#boot -r
ok setenv boot-device disk //将默认的启动设备改为disk
boot-device = disk
ok printenv boot-device //验正启动设备
boot-device disk disk
ok reset
ok test net //测试回路网络设备
ok watch-clock //测试时钟设备
ok boot -r //重新引导系统
ok boot net //从网络启动
ok boot cdrom //从光盘启动
ok boot floppy //从软盘启动
ok boot tape //从磁带引导系统
ok watch-net //检查网络是否联通
ok probe-scsi //检查系统检测出的所有磁盘设备,并得到可用的设备列表
ok banner //检测内存、系统固件的openboot版本信息
ok boot -s //进入单用户模式
#reboot -l -- -r //重新引导不在系统日记里记录
#shutdown - i 0 -g 120 -y
#sync;init 0
#traceroute www.abc.com
wall
#wall
init
#init q //重新初始化运行级别
#init 0 //硬件维护模式
#init 1 //单用户模式
#init 2 //NFS不可用
#init 3 //NFS可用
#init 4 //用户定义状态
#init 5 //关闭系统电源
#init 6 //挂起操作系统
#init s //进入管理状态
网络配置
etc/hostname.interface //是这块网卡的名字或机器的名字
# cat hostname.pcn0
wing
# cat hosts
#
# Internet host table
#
127.0.0.1 localhost
192.168.0.11 wing
# hostname
wing
# cat netmasks
192.168.0.0 255.255.255.0
#ifconfig le0 172.16.255.1 netmask 255.255.255.0
配置网络端口状态
#ifconfig le0 up/down
配置网络端口是否可用
#ifconfig le0 plumb/unplumb
#ifconfig -a 这个地址只有root用户使用时才显示。如果一个非root用户使用ifconfig命令,那么只有IP地址
# ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.10.25 netmask ffffff00 broadcast 192.168.10.255
ether 8:0:20:a2:11:de
#
#ifconfig le0 192.168.0.3 netmask 255.255.255.0 broadcast 192.168.0.255 up
banner
你也可以在系统还没有启动时在ok提示符下敲入banner来找到MAC地址,CPU 型号和频率。
ok banner
un Ultra 5/10 UPA/PCI (UltraSPARC-IIi 300MHz), Keyboard Present
OpenBoot 3.1.1 64 MB memory installed, Serial #9361102.
Ethernet address 8:0:20:8e:d6:ce, HostID: 808ed6ce.
# arp -a //登陆用户
Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
pcn0 192.168.0.1 255.255.255.255 00:03:0f:fd:6d:0c
pcn0 wing 255.255.255.255 SP 00:0c:29:19:a1:54
pcn0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
# netstat // 网络状态
TCP: IPv4
Local Address Remote Address Swind Send-Q Rwind Recv-Q State
-------------------- -------------------- ----- ------ ----- ------ -------
wing.telnet 192.168.0.1.1030 7168 0 66608 0 ESTABLISHED
wing.telnet 192.168.0.1.1032 6253 1 66608 0 ESTABLISHED
Active UNIX domain sockets
Address Type Vnode Conn Local Addr Remote Addr
df187cc0 stream-ord dee4c1c0 00000000 /tmp/.X11-unix/X0
df187de8 stream-ord 00000000 00000000
#
# netstat -r //查看路由表
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 wing U 1 3 pcn0
224.0.0.0 wing U 1 0 pcn0
default wing UG 1 0
localhost localhost UH 2 6 lo0
# netstat -g
Group Memberships: IPv4
Interface Group RefCnt
--------- -------------------- ------
lo0 224.0.0.1 1
pcn0 224.0.0.1 1
# netstat -p
Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
------ -------------------- --------------- ----- ---------------
pcn0 192.168.0.1 255.255.255.255 00:03:0f:fd:6d:0c
pcn0 solaris9 255.255.255.255 SP 00:0c:29:80:4c:0a
pcn0 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
#
# netstat -s
RAWIP
rawipInDatagrams = 0 rawipInErrors = 0
rawipInCksumErrs = 0 rawipOutDatagrams = 0
rawipOutErrors = 0
UDP
udpInDatagrams = 923 udpInErrors = 0
udpOutDatagrams = 928 udpOutErrors = 0
TCP tcpRtoAlgorithm = 4 tcpRtoMin = 400
tcpRtoMax = 60000 tcpMaxConn = -1
tcpActiveOpens = 18 tcpPassiveOpens = 21
tcpAttemptFails = 0 tcpEstabResets = 0
tcpCurrEstab = 31 tcpOutSegs = 715
tcpOutDataSegs = 524 tcpOutDataBytes = 52210
tcpRetransSegs = 0 tcpRetransBytes = 0
tcpOutAck = 191 tcpOutAckDelayed = 90
tcpOutUrg = 0 tcpOutWinUpdate = 0
tcpOutWinProbe = 0 tcpOutControl = 47
tcpOutRsts = 0 tcpOutFastRetrans = 0
tcpInSegs = 925
tcpInAckSegs = 505 tcpInAckBytes = 52216
tcpInDupAck = 7 tcpInAckUnsent = 0
tcpInInorderSegs = 524 tcpInInorderBytes = 45645
tcpInUnorderSegs = 0 tcpInUnorderBytes = 0
tcpInDupSegs = 0 tcpInDupBytes = 0
tcpInPartDupSegs = 0 tcpInPartDupBytes = 0
tcpInPastWinSegs = 0 tcpInPastWinBytes = 0
tcpInWinProbe = 0 tcpInWinUpdate = 0
tcpInClosed = 0 tcpRttNoUpdate = 0
tcpRttUpdate = 497 tcpTimRetrans = 0
tcpTimRetransDrop = 0 tcpTimKeepalive = 0
tcpTimKeepaliveProbe= 0 tcpTimKeepaliveDrop = 0
tcpListenDrop = 0 tcpListenDropQ0 = 0
tcpHalfOpenDrop = 0 tcpOutSackRetrans = 0
IPv4 ipForwarding = 2 ipDefaultTTL = 255
ipInReceives = 422 ipInHdrErrors = 0
ipInAddrErrors = 0 ipInCksumErrs = 0
ipForwDatagrams = 0 ipForwProhibits = 0
ipInUnknownProtos = 0 ipInDiscards = 0
ipInDelivers = 1832 ipOutRequests = 265
ipOutDiscards = 0 ipOutNoRoutes = 0
ipReasmTimeout = 60 ipReasmReqds = 0
ipReasmOKs = 0 ipReasmFails = 0
ipReasmDuplicates = 0 ipReasmPartDups = 0
ipFragOKs = 0 ipFragFails = 0
ipFragCreates = 0 ipRoutingDiscards = 0
tcpInErrs = 0 udpNoPorts = 20
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipsecInSucceeded = 0
ipsecInFailed = 0 ipInIPv6 = 0
ipOutIPv6 = 0 ipOutSwitchIPv6 = 8
IPv6 ipv6Forwarding = 2 ipv6DefaultHopLimit = 255
ipv6InReceives = 0 ipv6InHdrErrors = 0
ipv6InTooBigErrors = 0 ipv6InNoRoutes = 0
ipv6InAddrErrors = 0 ipv6InUnknownProtos = 0
ipv6InTruncatedPkts = 0 ipv6InDiscards = 0
ipv6InDelivers = 0 ipv6OutForwDatagrams= 0
ipv6OutRequests = 0 ipv6OutDiscards = 0
ipv6OutNoRoutes = 0 ipv6OutFragOKs = 0
ipv6OutFragFails = 0 ipv6OutFragCreates = 0
ipv6ReasmReqds = 0 ipv6ReasmOKs = 0
ipv6ReasmFails = 0 ipv6InMcastPkts = 0
ipv6OutMcastPkts = 0 ipv6ReasmDuplicates = 0
ipv6ReasmPartDups = 0 ipv6ForwProhibits = 0
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipv6InIPv4 = 0
ipv6OutIPv4 = 0 ipv6OutSwitchIPv4 = 0
ICMPv4 icmpInMsgs = 5 icmpInErrors = 0
icmpInCksumErrs = 0 icmpInUnknowns = 0
icmpInDestUnreachs = 5 icmpInTimeExcds = 0
icmpInParmProbs = 0 icmpInSrcQuenchs = 0
icmpInRedirects = 0 icmpInBadRedirects = 0
icmpInEchos = 0 icmpInEchoReps = 0
icmpInTimestamps = 0 icmpInTimestampReps = 0
icmpInAddrMasks = 0 icmpInAddrMaskReps = 0
icmpInFragNeeded = 0 icmpOutMsgs = 5
icmpOutDrops = 0 icmpOutErrors = 0
icmpOutDestUnreachs = 5 icmpOutTimeExcds = 0
icmpOutParmProbs = 0 icmpOutSrcQuenchs = 0
icmpOutRedirects = 0 icmpOutEchos = 0
icmpOutEchoReps = 0 icmpOutTimestamps = 0
icmpOutTimestampReps= 0 icmpOutAddrMasks = 0
icmpOutAddrMaskReps = 0 icmpOutFragNeeded = 0
icmpInOverflows = 0
ICMPv6 icmp6InMsgs = 0 icmp6InErrors = 0
icmp6InDestUnreachs = 0 icmp6InAdminProhibs = 0
icmp6InTimeExcds = 0 icmp6InParmProblems = 0
icmp6InPktTooBigs = 0 icmp6InEchos = 0
icmp6InEchoReplies = 0 icmp6InRouterSols = 0
icmp6InRouterAds = 0 icmp6InNeighborSols = 0
icmp6InNeighborAds = 0 icmp6InRedirects = 0
icmp6InBadRedirects = 0 icmp6InGroupQueries = 0
icmp6InGroupResps = 0 icmp6InGroupReds = 0
icmp6InOverflows = 0
icmp6OutMsgs = 0 icmp6OutErrors = 0
icmp6OutDestUnreachs= 0 icmp6OutAdminProhibs= 0
icmp6OutTimeExcds = 0 icmp6OutParmProblems= 0
icmp6OutPktTooBigs = 0 icmp6OutEchos = 0
icmp6OutEchoReplies = 0 icmp6OutRouterSols = 0
icmp6OutRouterAds = 0 icmp6OutNeighborSols= 0
icmp6OutNeighborAds = 0 icmp6OutRedirects = 0
icmp6OutGroupQueries= 0 icmp6OutGroupResps = 0
icmp6OutGroupReds = 0
IGMP:
0 messages received
0 messages received with too few bytes
0 messages received with bad checksum
0 membership queries received
0 membership queries received with invalid field(s)
0 membership reports received
0 membership reports received with invalid field(s)
0 membership reports received for groups to which we belong
0 membership reports sent
# netstat -M
Virtual Interface Table is empty
Multicast Forwarding Cache is empty
#
# netstat -r //网络接口状态
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 solaris9 U 1 1 pcn0
192.168.0.0 address2 U 1 0 pcn0:1
224.0.0.0 solaris9 U 1 0 pcn0
default 192.168.0.1 UG 1 0
localhost localhost UH 2 6 lo0
# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
192.168.0.0 192.168.0.3 U 1 1 pcn0
192.168.0.0 192.168.0.5 U 1 0 pcn0:1
224.0.0.0 192.168.0.3 U 1 0 pcn0
default 192.168.0.1 UG 1 0
127.0.0.1 127.0.0.1 UH 2 6 lo0
#
# netstat -i 1 5
input pcn0 output input (Total) output
packets errs packets errs colls packets errs packets errs colls
1187 0 1318 0 0 3699 0 3830 0 0
4 0 4 0 0 4 0 4 0 0
3 0 3 0 0 5 0 5 0 0
4 0 4 0 0 4 0 4 0 0
3 0 4 0 0 5 0 6 0 0
#
snoop
# snoop -c 3 //抓取3IP包
Using device /dev/pcn0 (promiscuous mode)
192.168.0.1 -> solaris9 TELNET C port=3013
solaris9 -> 192.168.0.1 TELNET R port=3013 Using device /dev/pc
192.168.0.1 -> solaris9 TELNET C port=3013
3 packets captured
#
# snoop -v -c 2 //抓取两个详细的IP包。
Using device /dev/pcn0 (promiscuous mode)
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 1 arrived at 1:43:41.42
ETHER: Packet size = 60 bytes
ETHER: Destination = 0:c:29:80:4c:a,
ETHER: Source = 0:3:f:fd:6d:c,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = not ECN capable transport
IP: .... ...0 = no ECN congestion experienced
IP: Total length = 40 bytes
IP: Identification = 1627
IP: Flags = 0x4
IP: .1.. .... = do not fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = 7320
IP: Source address = 192.168.0.1, 192.168.0.1
IP: Destination address = 192.168.0.3, solaris9
IP: No options
IP:
TCP: ----- TCP Header -----
TCP:
TCP: Source port = 3013
TCP: Destination port = 23 (TELNET)
TCP: Sequence number = 769864152
TCP: Acknowledgement number = 52297913
TCP: Data offset = 20 bytes
TCP: Flags = 0x10
TCP: 0... .... = No ECN congestion window reduced
TCP: .0.. .... = No ECN echo
TCP: ..0. .... = No urgent pointer
TCP: ...1 .... = Acknowledgement
TCP: .... 0... = No push
TCP: .... .0.. = No reset
TCP: .... ..0. = No Syn
TCP: .... ...0 = No Fin
TCP: Window = 17292
TCP: Checksum = 0x7b85
TCP: Urgent pointer = 0
TCP: No options
TCP:
TELNET: ----- TELNET: -----
TELNET:
TELNET: ""
TELNET:
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 2 arrived at 1:43:41.42
ETHER: Packet size = 97 bytes
ETHER: Destination = 0:3:f:fd:6d:c,
ETHER: Source = 0:c:29:80:4c:a,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: .... ..0. = not ECN capable transport
IP: .... ...0 = no ECN congestion experienced
IP: Total length = 83 bytes
IP: Identification = 50744
IP: Flags = 0x4
IP: .1.. .... = do not fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 60 seconds/hops
IP: Protocol = 6 (TCP)
IP: Header checksum = f717
IP: Source address = 192.168.0.3, solaris9
IP: Destination address = 192.168.0.1, 192.168.0.1
IP: No options
IP:
TCP: ----- TCP Header -----
TCP:
TCP: Source port = 23
TCP: Destination port = 3013
TCP: Sequence number = 52297913
TCP: Acknowledgement number = 769864152
TCP: Data offset = 20 bytes
TCP: Flags = 0x18
TCP: 0... .... = No ECN congestion window reduced
TCP: .0.. .... = No ECN echo
TCP: ..0. .... = No urgent pointer
TCP: ...1 .... = Acknowledgement
TCP: .... 1... = Push
TCP: .... .0.. = No reset
TCP: .... ..0. = No Syn
TCP: .... ...0 = No Fin
TCP: Window = 64240
TCP: Checksum = 0xd1f6
TCP: Urgent pointer = 0
TCP: No options
TCP:
TELNET: ----- TELNET: -----
TELNET:
TELNET: "Using device /dev/pcn0 (promiscuous mode)\r\n"
TELNET:
2 packets captured
#
# snoop host1 host2
host1 -> host2 ICMP Echo request
host2 -> host1 ICMP Echo reply
使用snoop实用程序判定系统间实际上传送的什么信,判断网络畅通
# snoop -a dhcp
Snoop 的使用
Snoop 是Solaris 系统中自带的工具, 是一个用于显示网络通讯的程序, 它
可捕获IP 包并将其显示或保存到指定文件. (限超级用户使用snoop)
Snoop 可将捕获的包以一行的形式加以总结或用多行加以详细的描述(有
调用不同的参数-v -V来实现). 在总结方式下(-V ) , 将仅显示最高层的相关协
议, 例如一个NFS 包将仅显示NFS 信息, 其低层的RPC, UDP, IP, Ethernet 帧信息将不会显示, 但是当加上相应的参数(-v ), 这些信息都能被显示出来.
参数简介:
[ -a ] # Listen to packets on audio
[ -d device ] # settable to le?, ie?, bf?, tr?
[ -s snaplen ] # Truncate packets
[ -c count ] # Quit after count packets
[ -P ] # Turn OFF promiscuous mode
[ -D ] # Report dropped packets
[ -S ] # Report packet size
[ -i file ] # Read previously captured packets
[ -o file ] # Capture packets in file
[ -n file ] # Load addr-to-name table from file
[ -N ] # Create addr-to-name table
[ -t r|a|d ] # Time: Relative, Absolute or Delta
[ -v ] # Verbose packet display
[ -V ] # Show all summary lines
[ -p first[,last] ] # Select packet(s) to display
[ -x offset[,length] ] # Hex dump from offset for length
[ -C ] # Print packet filter code
由于snoop 的使用非常灵活, 希望能通过下面一些例子的学习来其常见用法.
1. 监听所有以本机为源和目的的包并将其显示出来.
# snoop
2. 监听所有以主机A为源和目的的包并将其显示出来. ( A为主机名, 下同)
- 2 -
# snoop A
3. 监听所有A和B之间的包并将其保存到文件file.
# snoop -o file A B
4. 显示文件file 中指定的包(99-108)
# snoop - i file -p 99,108
99 0.0027 boutique -> sunroof NFS C GETATTR FH=8E6C
100 0.0046 sunroof -> boutique NFS R GETATTR OK
101 0.0080 boutique -> sunroof NFS C RENAME FH=8E6C MTra00192
to .nfs08
102 0.0102 marmot -> viper NFS C LOOKUP FH=561E screen.r.13.i386
103 0.0072 viper -> marmot NFS R LOOKUP No such file or directory
104 0.0085 bugbomb -> sunroof RLOGIN C PORT=1023 h
105 0.0005 kandinsky -> sparky RSTAT C Get Statistics
106 0.0004 beeblebrox -> sunroof NFS C GETATTR FH=0307
107 0.0021 sparky -> kandinsky RSTAT R
108 0.0073 office -> jeremiah NFS C READ FH=2584 at 40960 for 8192
5. 详细查看文件file 中第101 个包:
# snoop - i file - v -p101
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 101 arrived at 16:09:53.59
ETHER: Packet size = 210 bytes
ETHER: Destination = 8:0:20:1:3d:94, Sun
ETHER: Source = 8:0:69:1:5f:e, Silicon Graphics
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4, header length = 20 bytes
IP: Type of service = 00
IP: ..0. .... = routine
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 196 bytes
IP: Identification 19846
IP: Flags = 0X
IP: .0.. .... = may fragment
IP: ..0. .... = more fragments
?
- 3 -
?
6. 查看主机A和主机B之间的NFS 包(命令中的and 和or 为相应的逻辑运
算)
# snoop - i file rpc nfs and A and B
1 0.0000 A -> B NFS C GETATTR FH=8E6C
2 0.0046 B -> A NFS R GETATTR OK
3 0.0080 A -> B NFS C RENAME FH=8E6C MTra00192 to .nfs08
7. 将这些符合条件的包保存到另一文件file2 中:
# snoop - i file -o file2 rpc nfs A B
8. 监听主机A和主机B间所有TCP 80 端口或UDP80端口的包
# snoop A and B and (tcp or udp) and port 80
9. 监听所有的广播包
# snoop broadcast
Using device /dev/hme (promiscuous mode)
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10.10.10.50 -> BROADCAST UDP D=177 S=2541 LEN=35
10. 监听所有的多播包, 并显示详细内容.
#snoop -v multicast
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 1 arrived at 12:33:2.16
ETHER: Packet size = 69 bytes
ETHER: Destination = ff:ff:ff:ff:ff:ff, (broadcast)
ETHER: Source = 0:4:76:46:8f:50,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
- 4 -
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 55 bytes
IP: Identification = 14658
IP: Flags = 0x0
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = ed38
IP: Source address = 10.10.10.50, 10.10.10.50
IP: Destination address = 255.255.255.255, BROADCAST
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 2541
UDP: Destination port = 177
UDP: Length = 35
UDP: Checksum = 8E35
UDP:
ETHER: ----- Ether Header -----
ETHER:
ETHER: Packet 2 arrived at 12:33:12.16
ETHER: Packet size = 69 bytes
ETHER: Destination = ff:ff:ff:ff:ff:ff, (broadcast)
ETHER: Source = 0:4:76:46:8f:50,
ETHER: Ethertype = 0800 (IP)
ETHER:
IP: ----- IP Header -----
IP:
IP: Version = 4
IP: Header length = 20 bytes
IP: Type of service = 0x00
IP: xxx. .... = 0 (precedence)
IP: ...0 .... = normal delay
IP: .... 0... = normal throughput
IP: .... .0.. = normal reliability
IP: Total length = 55 bytes
IP: Identification = 14985
IP: Flags = 0x0
IP: .0.. .... = may fragment
IP: ..0. .... = last fragment
IP: Fragment offset = 0 bytes
IP: Time to live = 128 seconds/hops
IP: Protocol = 17 (UDP)
IP: Header checksum = ebf1
IP: Source address = 10.10.10.50, 10.10.10.50
- 5 -
IP: Destination address = 255.255.255.255, BROADCAST
IP: No options
IP:
UDP: ----- UDP Header -----
UDP:
UDP: Source port = 2541
UDP: Destination port = 177
UDP: Length = 35
UDP: Checksum = 8E35
UDP:
11.监听所有的NTP 协议包
# snoop |grep - i NTP
Using device /dev/hme (promiscuous mode)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:48:50 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:49:54 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:50:58 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:52:02 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:53:06 2002)
ts1 -> 224.0.1.1 NTP broadcast (Tue Jul 23 12:54:10 2002)
这里我们也可看到NTP server 每隔约一分钟即向多播地址广播一次.
date
# date
2003年10月12日 星期日 10时04分16秒 CST
(CST是Chinese Standard Time的缩写)
# date 10121003 设置时间为10月12日10时03分
设备管理
软盘
#volcheck
fdformat [-dDeEfHlLmMUqvx] [-b label] [-B filename] [-t dos-
type] [devname] //格式化
prtconf
# prtconf //配置信息
System Configuration: Sun Microsystems i86pc
Memory size: 128 Megabytes //内存
System Peripherals (Software Nodes):
i86pc
+boot (driver not attached)
memory (driver not attached)
aliases (driver not attached)
chosen (driver not attached)
i86pc-memory (driver not attached)
i86pc-mmu (driver not attached)
openprom (driver not attached)
options, instance #0
packages (driver not attached)
delayed-writes (driver not attached)
itu-props (driver not attached)
isa, instance #0
motherboard (driver not attached)
asy, instance #0
asy, instance #1
lp (driver not attached)
fdc, instance #0
fd, instance #0
fd, instance #1 (driver not attached)
i8042, instance #0
keyboard, instance #0
mouse, instance #0
PNP0C02 (driver not attached)
PNP0C02 (driver not attached)
PNP0C02 (driver not attached)
bios (driver not attached)
bios (driver not attached)
bios (driver not attached)
pci, instance #0
pci15ad,1976 (driver not attached)
pci8086,7191 (driver not attached)
pci15ad,1976 (driver not attached)
pci-ide, instance #0
ide, instance #0
cmdk, instance #0
ide, instance #1
sd, instance #0
pci15ad,1976, instance #0
pci15ad,1976 (driver not attached)
display, instance #0
pci1022,2000, instance #0
pci1274,1371 (driver not attached)
used-resources (driver not attached)
objmgr, instance #0
cpus (driver not attached)
cpu, instance #0 (driver not attached)
pseudo, instance #0
#
# prtconf | grep Memory //查看内存
Memory size: 128 Megabytes
arch
# arch -k //了解体系结构
i86pc
uname
# uname -m
i86pc
# uname
SunOS
# uname -a
SunOS wing 5.9 Generic_112234-03 i86pc i386 i86pc
eject
#eject floppy
eeprom
#eeprom selftest -#megs=64 //修改系统自检到的内存数
sysdef
#sysdef //更详细的体系机构
df
# df -k //显示当前所有已安装的文件系统上的文件数目和空闲块的数目
文件系统 千字节 用了 可用 容量 挂接在
/dev/dsk/c0d0s0 63127 36143 20672 64% /
/dev/dsk/c0d0s6 1201014 768820 372144 68% /usr
/proc 0 0 0 0% /proc
mnttab 0 0 0 0% /etc/mnttab
fd 0 0 0 0% /dev/fd
/dev/dsk/c0d0s3 55047 25258 24285 51% /var
swap 651040 24 651016 1% /var/run
swap 651016 0 651016 0% /tmp
/dev/dsk/c0d0s5 24239 15 21801 1% /opt
/dev/dsk/c0d0s7 2691830 122 2637872 1% /export/home
/dev/dsk/c0d0s1 462639 306816 109560 74% /usr/openwin
# df -a //打印所有文件系统的信息
/ (/dev/dsk/c0d0s0 ): 53968 块 30100 文件
/usr (/dev/dsk/c0d0s6 ): 864388 块 261705 文件
/proc (/proc ): 0 块 1878 文件
/etc/mnttab (mnttab ): 0 块 0 文件
/dev/fd (fd ): 0 块 0 文件
/var (/dev/dsk/c0d0s3 ): 59578 块 25450 文件
/var/run (swap ): 1