kk Blog —— 通用基础


date [-d @int|str] [+%s|"+%F %T"]
netstat -ltunp
sar -n DEV 1

kdump conf

cat /etc/kdump.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
# Configures where to put the kdump /proc/vmcore files
#
# This file contains a series of commands to perform (in order) when a
# kernel crash has happened and the kdump kernel has been loaded.  Directives in
# this file are only applicable to the kdump initramfs, and have no effect if
# the root filesystem is mounted and the normal init scripts are processed
#
# Currently only one dump target and path may be configured at a time. If dump
# to configured dump target fails, the default action will be preformed.
# Default action may be configured with the "default" directive below.
#
# Basics commands supported are:
# path <path>           - Append path to the filesystem device which you are
#                         dumping to.  Ignored for raw device dumps.
#                         If unset, will default to /var/crash.
#
# core_collector <command> <options>
#                       - This allows you to specify the command to copy the
#                         vmcore.  You could use the dump filtering program
#                         makedumpfile, the default one, to retrieve your core,
#                         which on some arches can drastically reduce core file
#                         size. See /usr/sbin/makedumpfile --help for a list of
#                         options. Note that the -i and -g options are not
#                         needed here, as the initrd will automatically be
#                         populated with a config file appropriate for the
#                         running kernel.
#                         For ssh dump, scp should be used instead of cp.
#
# raw <partition>       - Will write /proc/vmcore into raw <partition>.
#
# nfs <nfs mount>       - Will mount fs and copy /proc/vmcore to
#                         <mnt>/<path>/%HOST-%DATE/, supports DNS.
#
# nfs4 <nfs mount>      - Will use NFSv4 instead of NFSv3
#
# net <nfs mount>       - This is a deprecated option to transfer vmcore over
#                         nfs.  Use "nfs" option instead.
#
# ssh <user@server>     - Will copy /proc/vmcore to
#                         <user@server>:<path>/%HOST-%DATE/ via SSH,
#                         supports DNS. If makedumpfile is the core_collector,
#                         it is piped to an "ssh" shell, otherwise use the
#                         specified core_collector like scp.
#                         NOTE: make sure user has necessary write
#                         permissions on server
#
# net <user@server>     - This is a deprecated option to transfer vmcore over
#                         ssh.  Use "ssh" option instead.
#
# <fs type> <partition> - Will mount -t <fs type> <partition> /mnt and copy
#                         /proc/vmcore to /mnt/<path>/127.0.0.1-%DATE/.
#                         NOTE: <partition> can be a device node, label or uuid.
#
# disk_timeout <seconds>
#                       - Number of seconds to wait for disks to appear prior
#                         to continue to save dump. By default kdump waits
#                         180 seconds for the disks to show up it needs. This
#                         can be useful in some cases if disk never shows up
#                         (Either because disk was removed or because kdump is
#                         waiting on wrong disk).
#
# link_delay <seconds>
#                       - Some network cards take a long time to initialize, and
#                         some spanning tree enabled networks do not transmit
#                         user traffic for long periods after a link state
#                         changes.  This optional parameter defines a wait
#                         period after a link is activated in which the
#                         initramfs will wait before attempting to transmit
#                         user data.
#
# kdump_post <binary | script>
#                       - This directive allows you to run a specified
#                         executable just after the memory dump process
#                         terminates. The exit status from the dump process
#                         is fed to the kdump_post executable, which can be
#                         used to trigger different actions for success or
#                         failure.
#
# kdump_pre <binary | script>
#                       - works just like the kdump_post directive, but instead
#                         of running after the dump process, runs immediately
#                         before.  Exit status of this binary is interpreted
#                         as follows:
#                         0 - continue with dump process as usual
#                         non 0 - reboot/halt the system
#
# extra_bins <binaries | shell scripts>
#                       - This directive allows you to specify additional
#                         binaries or shell scripts you'd like to include in
#                         your kdump initrd. Generally only useful in
#                         conjunction with a kdump_post binary or script that
#                         relies on other binaries or scripts.
#
# extra_modules <module(s)>
#                       - This directive allows you to specify extra kernel
#                         modules that you want to be loaded in the kdump
#                         initrd, typically used to set up access to
#                         non-boot-path dump targets that might otherwise
#                         not be accessible in the kdump environment. Multiple
#                         modules can be listed, separated by a space, and any
#                         dependent modules will automatically be included.
#                         Module name should be specified without ".ko" suffix.
#
# options <module> <option list>
#                       - This directive allows you to specify options to apply
#                         to modules in the initramfs.  This directive overrides
#                         options specified in /etc/modprobe.conf. Module name
#                         should be specified without ".ko" suffix.
#
# blacklist <module|directory>
#                       - Prevents modules from being loaded in the initframfs,
#                         either directly during auto-created insmod calls or as
#                         a dependency of another module load. A specific module
#                         or a directory can be specified. In the latter case,
#                         all modules found below the specified directory will
#                         be excluded. This directive can be specified multiple
#                         times or as a space separated list. Module name should
#                         be specified without ".ko" suffix.
#
# sshkey <path>
#                       - Specifies the path of the ssh identity file you want
#                         to use when doing ssh dump. It must be a private key,
#                         the default value is /root/.ssh/kdump_id_rsa. When
#                         progagating public key, the key is assumed to be
#                         identity_file.pub which by default is
#                         /root/.ssh/kdump_id_rsa.pub.
#
# default <reboot | halt | poweroff | shell | mount_root_run_init>
#                       - Action to preform in case dumping to intended target
#                         fails. If no default action is specified, "reboot"
#                         is assumed default.
#
#                         reboot: If the default action is reboot simply reboot
#                                 the system and loose the core that you are
#                                 trying to retrieve.
#                         halt:   If the default action is halt, then simply
#                                 halt the system after attempting to capture
#                                 a vmcore, regardless of success or failure.
#                         poweroff: The system will be powered down
#                         shell:  If the default action is shell, then drop to
#                                 an hush session inside the initramfs from
#                                 where you can try to record the core manually.
#                                 Exiting this shell reboots the system.
#            mount_root_run_init: Mount root filesystem and run init. Kdump
#                                   initscript will try to save dump to root
#                                   filesystem in /var/crash dir. This will
#                                   likely require a lot more memory to
#                                   be reserved for kdump kernel.
#
# debug_mem_level <0-3>
#                       - Turns on debug/verbose output of kdump scripts
#                         regarding free/used memory at various points of
#                         execution. Higher level means more debugging output.
#                         0 - no output
#                         1 - partial /proc/meminfo
#                         2 - /proc/meminfo
#                         3 - /proc/meminfo + /proc/slabinfo
#
# force_rebuild <0 | 1>
#                       - By default, kdump initrd only will be rebuilt when
#                         necessary. Specify 1 here to force rebuilding kdump
#                         initrd every time when kdump service starts.

debug, kdump、crash

« 暴力密码破解工具--关键在于字典 log_buf(ring buffer)(syslog)(printk) »