DeBugFs

lsof是一款异常强大的命令行工具，尤其是在处理安全和性能问题时能给运维带来很多帮助，下面就简单介绍几个使用lsof的技巧
1. 列出httpd进程的pid，-t选项表示使用简洁输出，即只打印pid

lsof -t `which httpd`

2. 列出监听80端口的进程

lsof -i:80

3.列出特定命令的进程，-c选项可以用来搜索所有以该命令为开头的进程

lsof -c httpd
lsof -c m

4. 查找属于某一用户的进程

lsof -u root
lsof -u apache,nobody

5. 列出某一pid进程打开的所有文件

lsof +p $pid

6. 列出打开某一目录下文件的所有进程

lsof +D /tmp

当我们需要对某个目录下的所有目录修改权限为755时，我们通常会使用find与chmod的组合

find . -type d -exec chmod 755 {} \;

除此之外，我们还可以使用chmod中的+X来更简单的实现

chmod -R a+X *

这里+X表示只对目录或具有x权限的文件进行操作

今天在使用man查询命令帮助时，遇到了这样的问题：

$ man man
Reformatting man(1), please wait...
iconv: conversion from utf8 unsupported
iconv: try 'iconv -l' to get the list of supported encodings
$ iconv -l | grep -i utf
UTF-8

这个问题，主要是由于groff这个包

$ rpm -qa | grep groff
groff-1.18.1.1-29.2

groff中包含一个utf8.patch的文件作为nroff.sh的补丁，后续会安装为/usr/bin/nroff
在这个不定脚本中，会在iconv后面使用utf8参数，而这里应该为utf-8
修改方式就是将/usr/bin/nroff中的

iconv -s -c -f utf8 -t $LEGACY_ENCODING < $TMPDIR/input > $TMPDIR/input.new

替换为

iconv -s -c -f utf-8 -t $LEGACY_ENCODING < $TMPDIR/input > $TMPDIR/input.new

今天配置了一个域名解析需求，在把正确的nameserver写入/etc/resolve.conf后，发现仍然无法ping通相关域名，但执行nslookup $domainname,可以查询到相关ip。
这个问题的罪魁祸首就是/etc/nsswitch.conf文件
需要特别关注如下几行：

hosts:          files dns
networks:       files dns

一般是由于没有在hosts和networks后面配置dns参数，导致系统只从local file查询域名有关的信息，而不去尝试nameserver解析
修改配置，重启nscd服务

service nscd restart
或者
rcnscd restart

可以分成两步走：
1. 获取进程id

ps -ef | grep -i PROCES_NAME

2. 根据进程id查找线程个数

ps uH p <PID_OF_PROCESS> | wc -l

源文章位于：http://www.readwriteweb.com/enterprise/2011/08/devops-what-it-is-why-it-exist.php
我把其中一些内容摘录下来，一般翻译，一边思考

通常情况下，运营团队中开发和运维都具有各自的KPI，看似很合理，又往往给业务发展带来很多的阻碍。这两个团队应该有一个共同的目标：保证关键业务在具有可靠醒，可扩展性的同时能够更快更有效率的部署。

运维经常会使用一次性脚本类的工具，虽然有时候显得比较原始，但更糟糕的情况是把工具和流程搞的很重，看上去像为了做工具而做工具，而不是用工具去解决问题。这种情况的后果就是运维无法清晰的定义一个可部署的应用究竟是什么样子，从而开发也很难持续提供一个稳定可部署的线上版本。

当前很多运维工具是在“刚性自动化”的指导思想下建设的，它期望软件完成所有的关键任务，从而把人与环境隔离开。但现代的一些devops工具意识到，优秀的人需要的是强大的工具，而不是限制级工具，工具本身不提供过多限制隔离功能，而是提供优秀的故障恢复能力。

作为一个运维，要理解公司为什么存在，了解自己负责的产品，了解这些产品能够用户带来什么样的价值，也要为公司提供商业价值。

Devops意味着责任共享

理想情况下，应该是谁出错谁承担责任。运维对开发矛盾主要是因为开发不特别在意他们程序的安全性，部署过程的复杂性，持续稳定运行的困难性，异常重启的频繁型，这都是因为运维总是为这些问题买单，而不是开发。在很多公司里，开发的任务是完成一个单机版程序，如果这个程序不能很好的运行在大规模线上服务器中，这笔帐通常会算在运维头上。

针对这个问题，google有个比较好的做法就是交换这个过程，当有新程序部署时，由开发接收报警，直到系统稳定，然后再交付给运维团队。

#!/usr/bin/perl

use strict;
use warnings;
use Time::Local;
use POSIX qw(strftime);

# 得到当前的时间戳
my $timestamp = time();
print "timestamp: $timestamp\n";

# 将时间戳转换成时间
my $t_now = strftime("%Y%m%d %H:%M:%S", localtime($timestamp));
print "time : $t_now\n";

# 得到具体的日，月，年信息
my $today = strftime("%d",localtime(time()));
my $yesterday = strftime("%d",localtime(time() - 86400));
my $month = strftime("%m",localtime(time()));
my $year = strftime("%Y",localtime(time()));

#将特定的时间转换成时间戳
my $tm2   = timelocal(0, 0, 0, $today, $month-1, $year-1900);
print "tm2: $tm2\n";

一个变量保存有多行的输出，那么我们如何从变量中遍历这些行呢？
一种方式是使用进程替换:

while read  line
do
    echo "$line"
done < <(ls -l)

如果已经将输出保存到变量后，我们还可以使用heredocument：

result="$(ls -l)"
while read line
do
echo "$line"
done <<< "$result"

对于上次未传完的文件，rsync默认会删除已经下载的，然后重新传输
但它同时也提供了一个–partial参数来实现续传功能，还是挺方便的
而–partial-dir可以用来设置续传文件的保存路径，man中的说明如下：

–partial
By default, rsync will delete any partially transferred file if the transfer is interrupted. In some circumstances it is more desirable to keep partially transferred files. Using the –partial option tells rsync to keep the partial file which should make a subsequent transfer of the rest of the file much faster.

–partial-dir=DIR
A better way to keep partial files than the –partial option is to specify a DIR that will be used to hold the partial data (instead of writing it out to the destination file). On the next transfer, rsync will use a file found in this dir as data to speed up the resumption of the transfer and then delete it after it has served its purpose.

Note that if –whole-file is specified (or implied), any partial-dir file that is found for a file that is being updated will simply be removed (since rsync is sending files without using the incremental rsync algorithm).

Rsync will create the DIR if it is missing (just the last dir — not the whole path). This makes it easy to use a relative path (such as “–partial-dir=.rsync-partial”) to have rsync create the partial-directory in the destination file’s directory when needed, and then remove it again when the partial file is deleted.

If the partial-dir value is not an absolute path, rsync will add an exclude rule at the end of all your existing excludes. This will prevent the sending of any partial-dir files that may exist on the sending side, and will also prevent the untimely deletion of partial-dir items on the receiving side. An example: the above –partial-dir option would add the equivalent of “–exclude=.rsync-partial/” at the end of any other filter rules.

If you are supplying your own exclude rules, you may need to add your own exclude/hide/protect rule for the partial-dir because (1) the auto-added rule maybe ineffective at the end of your other rules, or (2) you may wish to override rsync’s exclude choice. For instance, if you want to make rsync clean-up any left-over partial-dirs that may be lying around, you should specify –delete-after and add a “risk” filter rule, e.g. -f ‘R .rsync-partial/’. (Avoid using –delete-before or –delete-during unless you don’t need rsync to use any of the left-over partial-dir data during the current run.)

IMPORTANT: the –partial-dir should not be writable by other users or it is a security risk. E.g. AVOID “/tmp”.

You can also set the partial-dir value the RSYNC_PARTIAL_DIR environment variable. Setting this in the environment does not force –partial to be enabled, but rather it affects where partial files go when –partial is specified. For instance, instead of using –partial-dir=.rsync-tmp along with –progress, you could set RSYNC_PARTIAL_DIR=.rsync-tmp in your environment and then just use the -P option to turn on the use of the .rsync-tmp dir for partial transfers.
The only times that the –partial option does not look for this environment value are (1) when –inplace was specified (since –inplace conflicts with –partial-dir), and (2) when –delay-updates was specified (see below).

For the purposes of the daemon-config’s “refuse options” setting, –partial-dir does not imply –partial. This is so that a refusal of the –partial option can be used to disallow the overwriting of destination files with a partial transfer, while still allowing the safer idiom provided by –partial-dir.

用rrdtool画图后，其中的单位经常能让人看不明白，所以特定去cacti的官方网站，找到了如下资料：

-18  a - atto
-15  f - femto
-12  p - pico
-9   n - nano
-6   µ - micro
-3   m - milli
0    (no unit)
3    k - kilo
6    M - mega
9    G - giga
12   T - tera
15   P - peta
18   E - exa