Linux – 良的世界 https://www.lemonary.cn Thu, 27 Mar 2025 06:33:58 +0000 zh-Hans hourly 1 https://www.lemonary.cn/wp-content/uploads/2024/12/profile-150x150.jpg Linux – 良的世界 https://www.lemonary.cn 32 32 find命令之-perm参数 https://www.lemonary.cn/find%e5%91%bd%e4%bb%a4%e4%b9%8b-perm%e5%8f%82%e6%95%b0/ https://www.lemonary.cn/find%e5%91%bd%e4%bb%a4%e4%b9%8b-perm%e5%8f%82%e6%95%b0/#respond Thu, 27 Mar 2025 06:31:58 +0000 https://www.lemonary.cn/?p=1816 一、准备工作

find命令的-perm参数选项有三种写法。下面创建一些文件,作为准备工作。

注意:每个文件的文件名与其权限呈对应状态,便于我们观察现象。

二、三种写法

(1)不带任何符号,表示精确匹配指定的权限

[root@shine find-perm]# find . -perm 333
./333
[root@shine find-perm]# find . -perm 666
没有匹配到文件

(2)权限前加一个“-”

[root@shine find-perm]# find . -perm -444
./777
./644
./444
./755
./555

可以看到匹配到5个文件,需要注意的是,这里并不是比大小,用755为例:

  • User:7=4+2+1。r+w+x
  • Group:5=4+1。w+x
  • Other:5=4+1。w+x

-perm -444表示3个权限位都至少要有4。也就是三个权限都必须包括写权限。

(3)权限前加一个“/”

[root@shine find-perm]# find . -perm /444
./777
./750
./400
./644
./444
./500
./755
./555
./700
./600

可以看到相比于“-”匹配到了更多的文件。以600为例:

  • User:6=4+2。r+w
  • Group:0。
  • Other:0。

只有User权限下符合要求,仍然匹配成功,则说明“/”表示或者的意思,所以-perm /444就表示3个权限位中只要有一个符合匹配条件,剩下两个权限位就忽略不判断了。

三、总结

  • find . -perm -444:3个权限位都必须至少匹配指定的权限
  • find . -perm /444:3个权限位中的任意一个匹配指定的权限
  • find . -perm 444:精确匹配指定的权限
]]> https://www.lemonary.cn/find%e5%91%bd%e4%bb%a4%e4%b9%8b-perm%e5%8f%82%e6%95%b0/feed/ 0 Linux脚本之登录系统时显示重要的指标状态 https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e7%99%bb%e5%bd%95%e7%b3%bb%e7%bb%9f%e6%97%b6%e6%98%be%e7%a4%ba%e9%87%8d%e8%a6%81%e7%9a%84%e6%8c%87%e6%a0%87%e7%8a%b6%e6%80%81/ https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e7%99%bb%e5%bd%95%e7%b3%bb%e7%bb%9f%e6%97%b6%e6%98%be%e7%a4%ba%e9%87%8d%e8%a6%81%e7%9a%84%e6%8c%87%e6%a0%87%e7%8a%b6%e6%80%81/#respond Thu, 27 Mar 2025 01:40:20 +0000 https://www.lemonary.cn/?p=1807 一、脚本效果

另外指标可以根据数值显示不同的颜色,以提示指标的严重程度。

二、脚本内容

关注公众号,回复“systemstatus”获取脚本。

三、脚本使用方法

将脚本赋予执行权限后放到/etc/profile.d目录下,该目录下的脚本会在用户登录时自动执行。

]]> https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e7%99%bb%e5%bd%95%e7%b3%bb%e7%bb%9f%e6%97%b6%e6%98%be%e7%a4%ba%e9%87%8d%e8%a6%81%e7%9a%84%e6%8c%87%e6%a0%87%e7%8a%b6%e6%80%81/feed/ 0 集群间服务器配置免密 https://www.lemonary.cn/%e9%9b%86%e7%be%a4%e9%97%b4%e6%9c%8d%e5%8a%a1%e5%99%a8%e9%85%8d%e7%bd%ae%e5%85%8d%e5%af%86/ https://www.lemonary.cn/%e9%9b%86%e7%be%a4%e9%97%b4%e6%9c%8d%e5%8a%a1%e5%99%a8%e9%85%8d%e7%bd%ae%e5%85%8d%e5%af%86/#respond Tue, 25 Mar 2025 02:47:30 +0000 https://www.lemonary.cn/?p=1804 一、环境说明

集群中包括三台服务器

  • 192.168.241.131(dwp)
  • 192.168.241.132(dws)
  • 192.168.241.133(dwm)

二、配置免密

(1)配置主机名映射(三台服务器均需操作)

vim /etc/hosts
192.168.241.131 dwp
192.168.241.132 dws
192.168.241.133 dwm

重启ssh服务

systemctl start sshd

(2)生成SSH密钥对(三台服务器均需操作)

[root@dwp ~]# ssh-keygen
多次回车
[root@dwp ~]# ssh-copy-id 192.168.241.131
[root@dwp ~]# ssh-copy-id 192.168.241.132
[root@dwp ~]# ssh-copy-id 192.168.241.133
或者
[root@dwp ~]# ssh-copy-id dwp
[root@dwp ~]# ssh-copy-id dws
[root@dwp ~]# ssh-copy-id dwm

如下:

[root@dwp ~]# ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/root/.ssh/id_rsa): 
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in /root/.ssh/id_rsa
Your public key has been saved in /root/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:n4866Plm9ba0Z7jBmeii0Rru6SIyJK6wnU53oI+HR+M root@dwp
The key's randomart image is:
+---[RSA 3072]----+
|                 |
|                 |
|                 |
|                 |
|    .   S        |
|.. .o. . ..+ o   |
|= o+..+...+.*.   |
|+=o=Eo.*=. ++oo  |
|++=+.=X=o+o.==   |
+----[SHA256]-----+
[root@dwp ~]# ssh-copy-id 192.168.241.131
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
The authenticity of host '192.168.241.131 (192.168.241.131)' can't be established.
ECDSA key fingerprint is SHA256:Y2mowFFYesLVUdYE7bDew7pLShtEuOYMCNVgilHds/o.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.241.131's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.241.131'"
and check to make sure that only the key(s) you wanted were added.

[root@dwp ~]# ssh-copy-id 192.168.241.132
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.241.132's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.241.132'"
and check to make sure that only the key(s) you wanted were added.

[root@dwp ~]# ssh-copy-id 192.168.241.133
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys

Authorized users only. All activities may be monitored and reported.
root@192.168.241.133's password: 

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh '192.168.241.133'"
and check to make sure that only the key(s) you wanted were added.

另外两台的执行过程略。

三、登录验证

[root@dwp ~]# ssh dws

Authorized users only. All activities may be monitored and reported.

Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Tue Mar 25 10:32:26 2025 from 192.168.241.131
[root@dws ~]# 注销
Connection to dws closed.
[root@dwp ~]# ssh dwm

Authorized users only. All activities may be monitored and reported.

Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Tue Mar 25 10:32:36 2025 from 192.168.241.131
[root@dwm ~]# ssh dws

Authorized users only. All activities may be monitored and reported.

Authorized users only. All activities may be monitored and reported.
Activate the web console with: systemctl enable --now cockpit.socket

Last login: Tue Mar 25 10:33:09 2025 from 192.168.241.131
[root@dws ~]#
]]> https://www.lemonary.cn/%e9%9b%86%e7%be%a4%e9%97%b4%e6%9c%8d%e5%8a%a1%e5%99%a8%e9%85%8d%e7%bd%ae%e5%85%8d%e5%af%86/feed/ 0 SecureCRT软件的一些便捷的使用技巧 https://www.lemonary.cn/securecrt%e8%bd%af%e4%bb%b6%e7%9a%84%e4%b8%80%e4%ba%9b%e4%be%bf%e6%8d%b7%e7%9a%84%e4%bd%bf%e7%94%a8%e6%8a%80%e5%b7%a7/ https://www.lemonary.cn/securecrt%e8%bd%af%e4%bb%b6%e7%9a%84%e4%b8%80%e4%ba%9b%e4%be%bf%e6%8d%b7%e7%9a%84%e4%bd%bf%e7%94%a8%e6%8a%80%e5%b7%a7/#respond Tue, 17 Dec 2024 03:11:22 +0000 https://www.lemonary.cn/?p=1080 一、问题概述

用了多年的Xshell5,今天闲来无事安装了SecureCRT软件试试,还有些意外收获。用欲善其事必先利其器,接下来就记录一下今天了解的一些小技巧。

二、技巧详述

2.1 默认会话

SecureCRT软件同Xshell一样,可以配置软件启动时自动连接的会话,即默认会话。配置方法:

Options——Global Options…——General——Default Session——Add…——选择想要添加的会话即可

配置好后,下一次启动SecureCRT的时候软件就会自动连接该默认会话。

2.2 按钮栏

按钮栏能够自定义按钮,将一些常用的命令添加到按钮中,例如查看当前CPU和内存使用率,切换用户等等命令。配置完成后,便可用点击按钮来代替手动敲击命令,非常地方便。

View——Button Bar

开启后,便可从下方看到按钮栏,右键即可添加按钮

示例

注意:如按上图输入,点击按钮时,free -m命令并不会直接执行,还需敲击回车,所以如果想要让命令直接执行,需要在命令后接上一个\r(上图Send String commands下是部分特殊字符的标识,例如\r表示回车)。故:

便可以实现点击按钮快速查看内存使用情况,点击OK,即新增按钮成功。

2.3 反空闲

在连接某些设备时,如果一段时间内设备没有收到输入,就会自动断开连接。此时,我们可以通过设置反空闲,让SecureCRT定时发送一个反空闲字符,一般情况下,此字符采用空格键。为了让大家看清,我此处配置的是回车,如下图:

如果配置空格,就直接在填框里输入一个空格即可。

三、总结

目前只了解到这三个比较实用的功能,后续使用,如有发现新功能,随时添加到本文章。

]]> https://www.lemonary.cn/securecrt%e8%bd%af%e4%bb%b6%e7%9a%84%e4%b8%80%e4%ba%9b%e4%be%bf%e6%8d%b7%e7%9a%84%e4%bd%bf%e7%94%a8%e6%8a%80%e5%b7%a7/feed/ 0 服务器内存被php-fpm占满导致网站变慢 https://www.lemonary.cn/%e6%9c%8d%e5%8a%a1%e5%99%a8%e5%86%85%e5%ad%98%e8%a2%abphp-fpm%e5%8d%a0%e6%bb%a1%e5%af%bc%e8%87%b4%e7%bd%91%e7%ab%99%e5%8f%98%e6%85%a2/ https://www.lemonary.cn/%e6%9c%8d%e5%8a%a1%e5%99%a8%e5%86%85%e5%ad%98%e8%a2%abphp-fpm%e5%8d%a0%e6%bb%a1%e5%af%bc%e8%87%b4%e7%bd%91%e7%ab%99%e5%8f%98%e6%85%a2/#respond Mon, 16 Dec 2024 05:13:22 +0000 https://www.lemonary.cn/?p=1076 一、问题描述

过了个周末发现博客网站变得很慢,发布文章特别迟钝。经过登录服务器查看资源使用情况发现是php-fpm进程将内存全部占用,才导致了变慢的情况。通过查找了解了其中的部分原理:

LNMP架构中PHP是运行在FastCGI模式下,按照官方的说法,php-cgi会在每个请求结束的时候会回收脚本使用的全部内存,但是并不会释放给操作系统,而是继续持有以应对下一次PHP请求。而php-fpm是FastCGI进程管理器,用于控制php的内存和进程等。

所以,解决的办法就是通过php-fpm优化总的进程数和单个进程占用的内存,从而解决php-fpm进程占用内存大和不释放内存的问题。

二、分析思路

查看服务器内存

[root@dameng linuxscript]# free -m
              total        used        free      shared  buff/cache   available
Mem:           3736        3469         114           1         151          72
Swap:          4095        2131        1964

占用CPU最多的10个进程

[root@dameng linuxscript]# ps aux|head -1;ps aux|sort -rn -k +3|head
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
www        87009  0.0  1.9 424552 73072 ?        S    Dec13   1:30 php-fpm: pool www
www        77548  0.0  0.1  97456  4200 ?        S    Dec12   0:11 nginx: worker process
www        77547  0.0  0.1  97460  5780 ?        S    Dec12   0:11 nginx: worker process
www         7384  0.0  2.4 436428 91832 ?        S    Dec09   6:26 php-fpm: pool www
www        73344  0.0  2.4 428988 93996 ?        S    Dec12   3:25 php-fpm: pool www
www         6787  0.0  2.4 441144 92476 ?        S    Dec09   6:29 php-fpm: pool www
www         6785  0.0  2.4 446040 92264 ?        S    Dec09   6:30 php-fpm: pool www
www         6738  0.0  1.9 441812 76064 ?        S    Dec09   6:43 php-fpm: pool www
www         6737  0.0  2.3 434280 90192 ?        S    Dec09   6:29 php-fpm: pool www
www         6736  0.0  2.4 460112 93820 ?        S    Dec09   6:29 php-fpm: pool www

占用内存最多的10个进程

[root@dameng linuxscript]# ps aux|head -1;ps aux|sort -rn -k +4|head
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
www         1183  0.0  2.6 445260 100948 ?       S    Dec09   7:05 php-fpm: pool www
www         1177  0.0  2.6 457820 99796 ?        S    Dec09   6:54 php-fpm: pool www
www         1176  0.0  2.6 456788 100032 ?       S    Dec09   6:31 php-fpm: pool www
www         1179  0.0  2.5 438904 98660 ?        S    Dec09   6:32 php-fpm: pool www
www         7384  0.0  2.4 436428 91832 ?        S    Dec09   6:26 php-fpm: pool www
www        73344  0.0  2.4 428988 93996 ?        S    Dec12   3:25 php-fpm: pool www
www         6787  0.0  2.4 441144 92476 ?        S    Dec09   6:29 php-fpm: pool www
www         6785  0.0  2.4 446040 92264 ?        S    Dec09   6:30 php-fpm: pool www
www         6736  0.0  2.4 460112 93820 ?        S    Dec09   6:29 php-fpm: pool www
www         1191  0.0  2.4 440416 94024 ?        S    Dec09   7:10 php-fpm: pool www

可以看到除去nginx的两个进程,其余全部是php-fpm。

查看当前php-fpm总进程数

[root@dameng ~]# ps -ylC php-fpm --sort:rss
S   UID     PID    PPID  C PRI  NI   RSS    SZ WCHAN  TTY          TIME CMD
S     0     900       1  0  80   0  4268 59433 -      ?        00:00:10 php-fpm
S  1005    1174     900  0  80   0 10196 97401 -      ?        00:07:09 php-fpm
S  1005    1185     900  0  80   0 11732 100252 -     ?        00:06:29 php-fpm
S  1005  107461     900  0  80   0 31796 97600 -      ?        00:00:19 php-fpm
S  1005  107459     900  0  80   0 66224 104786 -     ?        00:00:20 php-fpm
S  1005  107452     900  0  80   0 73024 104239 -     ?        00:00:20 php-fpm
S  1005  107451     900  0  80   0 76952 108688 -     ?        00:00:19 php-fpm
S  1005    6463     900  0  80   0 79508 108117 -     ?        00:06:31 php-fpm
S  1005    6576     900  0  80   0 82336 113815 -     ?        00:06:32 php-fpm
S  1005   73344     900  0  80   0 82372 107247 -     ?        00:03:25 php-fpm
S  1005    1193     900  0  80   0 82636 109523 -     ?        00:06:28 php-fpm
S  1005    1184     900  0  80   0 84272 109207 -     ?        00:06:32 php-fpm
S  1005    1180     900  0  80   0 84936 109765 -     ?        00:06:50 php-fpm
S  1005    1189     900  0  80   0 85408 113732 -     ?        00:06:32 php-fpm
S  1005    6737     900  0  80   0 85636 108570 -     ?        00:06:29 php-fpm
S  1005    1191     900  0  80   0 86452 110104 -     ?        00:07:10 php-fpm
S  1005  107467     900  0  80   0 86716 105308 -     ?        00:00:19 php-fpm
S  1005  107436     900  0  80   0 86920 106680 -     ?        00:00:20 php-fpm
S  1005    1178     900  0  80   0 88236 108623 -     ?        00:06:29 php-fpm
S  1005    1187     900  0  80   0 88968 108701 -     ?        00:06:33 php-fpm
S  1005    1188     900  0  80   0 89208 109055 -     ?        00:06:30 php-fpm
S  1005   87009     900  0  80   0 89692 105626 -     ?        00:01:31 php-fpm
S  1005    1181     900  0  80   0 91280 108432 -     ?        00:06:31 php-fpm
S  1005  107466     900  0  80   0 91612 106331 -     ?        00:00:20 php-fpm
S  1005    7384     900  0  80   0 91716 109107 -     ?        00:06:26 php-fpm
S  1005    6787     900  0  80   0 92396 110286 -     ?        00:06:29 php-fpm
S  1005  107462     900  0  80   0 93112 105760 -     ?        00:00:19 php-fpm
S  1005    1182     900  0  80   0 93404 108442 -     ?        00:06:32 php-fpm
S  1005    6736     900  0  80   0 93448 115028 -     ?        00:06:29 php-fpm
S  1005    6785     900  0  80   0 93800 111510 -     ?        00:06:30 php-fpm
S  1005  107460     900  0  80   0 94540 107895 -     ?        00:00:20 php-fpm
S  1005    1190     900  0  80   0 94812 108684 -     ?        00:06:29 php-fpm
S  1005    1177     900  0  80   0 95120 114455 -     ?        00:06:54 php-fpm
S  1005    1186     900  0  80   0 95132 119251 -     ?        00:06:34 php-fpm
S  1005  107468     900  0  80   0 95508 107337 -     ?        00:00:20 php-fpm
S  1005    6738     900  0  80   0 96216 109941 -     ?        00:06:44 php-fpm
S  1005    1192     900  0  80   0 96412 108828 -     ?        00:06:28 php-fpm
S  1005    1175     900  0  80   0 96776 110023 -     ?        00:07:17 php-fpm
S  1005    1179     900  0  80   0 97792 109726 -     ?        00:06:32 php-fpm
S  1005    1183     900  0  80   0 98208 111315 -     ?        00:07:05 php-fpm
S  1005    1176     900  0  80   0 98856 114197 -     ?        00:06:31 php-fpm
[root@dameng ~]# ps -ylC php-fpm --sort:rss|wc -l
42
[root@dameng ~]# ps -fe |grep "php-fpm"|grep "pool"|wc -l
40

查看当前php-fpm进程的内存占用情况及启动时间

[root@dameng ~]# ps -e -o 'pid,comm,args,pcpu,rsz,vsz,stime,user,uid'|grep www|sort -nrk5
  87009 php-fpm         php-fpm: pool www            0.0 89692 422504 Dec13 www       1005
  77548 nginx           nginx: worker process        0.0  3932  97456 Dec12 www       1005
  77547 nginx           nginx: worker process        0.0  5472  97460 Dec12 www       1005
   7384 php-fpm         php-fpm: pool www            0.0 91716 436428 Dec09 www       1005
  73344 php-fpm         php-fpm: pool www            0.0 82372 428988 Dec12 www       1005
   6787 php-fpm         php-fpm: pool www            0.0 92396 441144 Dec09 www       1005
   6785 php-fpm         php-fpm: pool www            0.0 93800 446040 Dec09 www       1005
   6738 php-fpm         php-fpm: pool www            0.0 96216 439764 Dec09 www       1005
   6737 php-fpm         php-fpm: pool www            0.0 85636 434280 Dec09 www       1005
   6736 php-fpm         php-fpm: pool www            0.0 93448 460112 Dec09 www       1005
   6576 php-fpm         php-fpm: pool www            0.0 82336 455260 Dec09 www       1005
   6463 php-fpm         php-fpm: pool www            0.0 79508 432468 Dec09 www       1005
   1193 php-fpm         php-fpm: pool www            0.0 82636 438092 Dec09 www       1005
   1192 php-fpm         php-fpm: pool www            0.0 96412 435312 Dec09 www       1005
   1191 php-fpm         php-fpm: pool www            0.0 86452 440416 Dec09 www       1005
   1190 php-fpm         php-fpm: pool www            0.0 94812 434736 Dec09 www       1005
   1189 php-fpm         php-fpm: pool www            0.0 85408 454928 Dec09 www       1005
   1188 php-fpm         php-fpm: pool www            0.0 89208 436220 Dec09 www       1005
   1187 php-fpm         php-fpm: pool www            0.0 88968 434804 Dec09 www       1005
   1186 php-fpm         php-fpm: pool www            0.0 95132 477004 Dec09 www       1005
   1185 php-fpm         php-fpm: pool www            0.0 11732 401008 Dec09 www       1005
   1184 php-fpm         php-fpm: pool www            0.0 84272 436828 Dec09 www       1005
   1183 php-fpm         php-fpm: pool www            0.0 98208 445260 Dec09 www       1005
   1182 php-fpm         php-fpm: pool www            0.0 93404 433768 Dec09 www       1005
   1181 php-fpm         php-fpm: pool www            0.0 91280 433728 Dec09 www       1005
   1180 php-fpm         php-fpm: pool www            0.0 84936 439060 Dec09 www       1005
   1179 php-fpm         php-fpm: pool www            0.0 97792 438904 Dec09 www       1005
   1178 php-fpm         php-fpm: pool www            0.0 88236 434492 Dec09 www       1005
   1177 php-fpm         php-fpm: pool www            0.0 95120 457820 Dec09 www       1005
   1176 php-fpm         php-fpm: pool www            0.0 98856 456788 Dec09 www       1005
   1175 php-fpm         php-fpm: pool www            0.0 96776 440092 Dec09 www       1005
   1174 php-fpm         php-fpm: pool www            0.0 10196 389604 Dec09 www       1005
 110196 grep            grep --color=auto www        0.0  1108  12140 10:57 root         0
 107468 php-fpm         php-fpm: pool www            0.0 95508 429348 Dec15 www       1005
 107467 php-fpm         php-fpm: pool www            0.0 86716 421232 Dec15 www       1005
 107466 php-fpm         php-fpm: pool www            0.0 91612 425324 Dec15 www       1005
 107462 php-fpm         php-fpm: pool www            0.0 93112 423040 Dec15 www       1005
 107461 php-fpm         php-fpm: pool www            0.0 31796 390400 Dec15 www       1005
 107460 php-fpm         php-fpm: pool www            0.0 94540 431580 Dec15 www       1005
 107459 php-fpm         php-fpm: pool www            0.0 66224 419144 Dec15 www       1005
 107452 php-fpm         php-fpm: pool www            0.0 73024 416956 Dec15 www       1005
 107451 php-fpm         php-fpm: pool www            0.0 76952 434752 Dec15 www       1005
 107436 php-fpm         php-fpm: pool www            0.0 86920 426720 Dec15 www       1005

查看当前php-fpm进程平均占用内存情况

[root@dameng ~]# ps --no-headers -o "rss,cmd" -C php-fpm | awk '{ sum+=$1 } END { printf ("%d%s\n", sum/NR/1024,"M") }'
79M

所以,罪魁祸首就是php-fpm。

三、解决方法

php-fpm.conf就是php-fpm的配置文件,一般路径为:/usr/local/php/etc/php-fpm.conf

修改如下参数

pm = dynamic
pm.start_servers = 20
pm.min_spare_servers = 10
pm.max_spare_servers = 30
pm.max_requests = 100
  • pm = dynamic #指定进程管理方式,有3种可供选择:static、dynamic和ondemand。
  • pm.max_children = 30 #static模式下创建的子进程数或dynamic模式下同一时刻允许最大的php-fpm子进程数量。
  • pm.start_servers = 20 #动态方式下的起始php-fpm进程数量。
  • pm.min_spare_servers = 10 #动态方式下服务器空闲时最小php-fpm进程数量。
  • pm.max_spare_servers = 30 #动态方式下服务器空闲时最大php-fpm进程数量。
  • pm.max_requests = 300 #php-fpm子进程能处理的最大请求数。

其中pm.max_requests是设置每个子进程重生之前服务的请求数,对于可能存在内存泄漏的第三方模块来说是非常有用的。

注意
pm.max_requests设置得太小也容易出现无进程可用(502状态),一般来说,普通网站设置max_requests 300~500 合适,但也要结合pm.start_servers和你的网站访问量来看,也可以适当调大和减少,这个是因情况而异的。

修改完配置文件后,保存退出,检测配置文件语法是否正确

[root@dameng ~]# /usr/local/php/sbin/php-fpm -t
[16-Dec-2024 13:07:50] NOTICE: configuration file /usr/local/php/etc/php-fpm.conf test is successful

重启php-fpm

[root@dameng etc]# service php-fpm restart
Gracefully shutting down php-fpm . done
Starting php-fpm  done

再次查看服务器内存使用情况

[root@dameng etc]# free -m
              total        used        free      shared  buff/cache   available
Mem:           3736         289        3160           2         285        3224
Swap:          4095         895        3200

可以看到服务器内存使用率已经降下来了,后续再做观察。

经过一周的观察,服务器内存可以稳定下来,available始终保持在1000左右,表现还算良好。但是,在我使用WordPress插件Duplicator进行备份后发现,available又减少了一百多,看着不是很舒服。所以决定在服务器添加定时任务,每天凌晨1点重启php-fpm服务以释放内存。

crontab -e
## 新增内容
0 1 * * *               service php-fpm restart
## 保存退出

这样服务器内存可以始终保持在一个健康的水平。

]]> https://www.lemonary.cn/%e6%9c%8d%e5%8a%a1%e5%99%a8%e5%86%85%e5%ad%98%e8%a2%abphp-fpm%e5%8d%a0%e6%bb%a1%e5%af%bc%e8%87%b4%e7%bd%91%e7%ab%99%e5%8f%98%e6%85%a2/feed/ 0 Linux如何查看命令执行后哪些文件被修改了 https://www.lemonary.cn/linux%e5%a6%82%e4%bd%95%e6%9f%a5%e7%9c%8b%e5%91%bd%e4%bb%a4%e6%89%a7%e8%a1%8c%e5%90%8e%e5%93%aa%e4%ba%9b%e6%96%87%e4%bb%b6%e8%a2%ab%e4%bf%ae%e6%94%b9%e4%ba%86/ https://www.lemonary.cn/linux%e5%a6%82%e4%bd%95%e6%9f%a5%e7%9c%8b%e5%91%bd%e4%bb%a4%e6%89%a7%e8%a1%8c%e5%90%8e%e5%93%aa%e4%ba%9b%e6%96%87%e4%bb%b6%e8%a2%ab%e4%bf%ae%e6%94%b9%e4%ba%86/#respond Mon, 16 Dec 2024 02:38:20 +0000 https://www.lemonary.cn/?p=1072 示例

查看dnf makecache;命令修改了哪些文件

[root@dameng linuxscript]# T="$(date "+%F %T.%N")"; dnf makecache; find / -xdev -newermt "$T"
CentOS-8.5.2111 - Base - mirrors.aliyun.com                                                                                                                             279 kB/s | 3.9 kB     00:00    
CentOS-8.5.2111 - Extras - mirrors.aliyun.com                                                                                                                           119 kB/s | 1.5 kB     00:00    
CentOS-8.5.2111 - AppStream - mirrors.aliyun.com                                                                                                                        331 kB/s | 4.3 kB     00:00    
Metadata cache created.
/tmp
/var/log/dnf.log
/var/log/dnf.librepo.log
/var/log/dnf.rpm.log
/var/log/hawkey.log
/var/lib/rpm/__db.002
/var/lib/rpm/__db.001
/var/lib/rpm/__db.003
/var/cache/dnf
/var/cache/dnf/extras-e503dfa263573efa/repodata/86501a1d822eea269ca494f23adb73be14166b426a1a2bcdaaacf5cef2859b5e-primary.xml.gz
/var/cache/dnf/AppStream-c40f4caedb6d900a/repodata/d8472d61c5e53a3e9cbffb68e0dddbd04a07c2b7d864b07ddd211c6ad1380c6e-primary.xml.gz
/var/cache/dnf/base-c446c86678567d00/repodata/ca039bbfe8297c592cdc0e7251689f5d597771d39b2ddede01106ad0a7f0ba60-primary.xml.gz
/var/cache/dnf/expired_repos.json

验证

[root@dameng linuxscript]# T="$(date "+%F %T.%N")"; tarthis ;find / -xdev -newermt "$T"
/root/#linuxscript#-2024-12-16.tgz
/tmp
/usr/local/uniagent/log/uniagent.log
/var/log/hostguard/hostwatch.log

延伸方法

查看某脚本script.sh修改的文件

[root@dameng ~]# T="$(date "+%F %T.%N")"; ./script.sh; find / -xdev -newermt "$T"

例如:

[root@dameng linuxscript]# T="$(date "+%F %T.%N")"; ./file_size_distribution.sh /dmbak/; find / -xdev -newermt "$T"
From    To      Count                                                                                                                                                                                  

1KB	10KB	2
10KB	100KB	5
100KB	1MB	13
1MB	10MB	2
10MB	100MB	1
100MB	1GB	1

Total: 281.9 MB in 24 files
/usr/local/hostguard/run/heartbeat.tick
/var/log/hostguard/containers.log
/var/log/hostguard/hostguard.log

由于上述脚本file_size_distribution.sh没有操作文件的步骤,所以只列出了系统执行日志变化的文件。

]]> https://www.lemonary.cn/linux%e5%a6%82%e4%bd%95%e6%9f%a5%e7%9c%8b%e5%91%bd%e4%bb%a4%e6%89%a7%e8%a1%8c%e5%90%8e%e5%93%aa%e4%ba%9b%e6%96%87%e4%bb%b6%e8%a2%ab%e4%bf%ae%e6%94%b9%e4%ba%86/feed/ 0 Linux脚本之快速分析文件大小分布情况 https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e5%bf%ab%e9%80%9f%e5%88%86%e6%9e%90%e6%96%87%e4%bb%b6%e5%a4%a7%e5%b0%8f%e5%88%86%e5%b8%83%e6%83%85%e5%86%b5/ https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e5%bf%ab%e9%80%9f%e5%88%86%e6%9e%90%e6%96%87%e4%bb%b6%e5%a4%a7%e5%b0%8f%e5%88%86%e5%b8%83%e6%83%85%e5%86%b5/#respond Mon, 16 Dec 2024 02:20:45 +0000 https://www.lemonary.cn/?p=1067

注意:本脚本不计算软链接的真实文件大小

一、脚本内容

#!/bin/sh
set -eu

tabs -8

# 检查输入参数,如果没有指定目录,则默认为根目录
dir=${1:-/}

# 使用find命令统计文件大小,排除指定目录
find "$dir" \( -path "/proc/*" -o -path "/sys/*" -o -path "/boot/*" -o -path "/run/*" -o -path "/dev/*" \) -prune -o -type f -exec du -b -- {} + | awk -vOFS='\t' '
BEGIN {split("KB MB GB TB PB", u); u[0] = "B"}
{
    ++hist[$1 ? length($1) - 1 : -1]
    total += $1
}
END {
    max = -2
    for (i in hist)
        max = (i > max ? i : max)

    print "From", "To", "Count\n"
    for (i = -1; i <= max; ++i)
    {
        if (i in hist)
            {
                if (i == -1)
                    print "0B", "0B", hist[i]
                else
                    print 10 ** (i       % 3) u[int(i       / 3)],
                          10 ** ((i + 1) % 3) u[int((i + 1) / 3)],
                    hist[i]
            }
    }
    base = 1024
    unit = "B"
    if (total >= base) {
        total /= base
        unit = "KB"
    }
    if (total >= base) {
        total /=base
        unit = "MB"
    }
    if (total >= base) { 
       	total /=base
       	unit = "GB"
    }
    if (total >= base) { 
       	total /=base
       	unit = "TB"
    }
    printf "\nTotal: %.1f %s in %d files\n", total, unit, NR
}'

二、使用方法

[root@dameng linuxscript]# ./file_size_distribution.sh /home/wwwroot/wordpress/
From    To      Count                                                                                                                                                                                  

0B	0B	27
1B	10B	8
10B	100B	296
100B	1KB	3309
1KB	10KB	6629
10KB	100KB	4444
100KB	1MB	1225
1MB	10MB	54
10MB	100MB	1
100MB	1GB	3

Total: 1.8 GB in 15996 files
[root@dameng linuxscript]# find /home/wwwroot/wordpress/ -type f -size +10M
/home/wwwroot/wordpress/wp-content/plugins/yaya-comment-ip/ip-data/qqwry.dat
/home/wwwroot/wordpress/wp-content/backups-dup-lite/WordPress_Backup_202411281540_743e9f6d5a6adcd51101_20241128074043_archive.zip
/home/wwwroot/wordpress/wp-content/backups-dup-lite/WordPress_Backup_202411281540_2d35e6e0f53082cd2170_20241204031044_archive.zip
/home/wwwroot/wordpress/wp-content/backups-dup-lite/WordPress_First_Backup_849864da946d7fcc5140_20241125093438_archive.zip

效果图如下

如图,脚本分析结果大于10M的文件共有1+3=4个,与find命令查找到的文件数一致。

]]> https://www.lemonary.cn/linux%e8%84%9a%e6%9c%ac%e4%b9%8b%e5%bf%ab%e9%80%9f%e5%88%86%e6%9e%90%e6%96%87%e4%bb%b6%e5%a4%a7%e5%b0%8f%e5%88%86%e5%b8%83%e6%83%85%e5%86%b5/feed/ 0 Linux三剑客之巧用sed转换MAC地址 https://www.lemonary.cn/linux%e4%b8%89%e5%89%91%e5%ae%a2%e4%b9%8b%e5%b7%a7%e7%94%a8sed%e8%bd%ac%e6%8d%a2mac%e5%9c%b0%e5%9d%80/ https://www.lemonary.cn/linux%e4%b8%89%e5%89%91%e5%ae%a2%e4%b9%8b%e5%b7%a7%e7%94%a8sed%e8%bd%ac%e6%8d%a2mac%e5%9c%b0%e5%9d%80/#respond Mon, 16 Dec 2024 02:06:57 +0000 https://www.lemonary.cn/?p=1064 原始MAC地址文件

[root@dameng linuxscript]# cat maclist 
D7:53:20:B3:E3:FE
1E:91:79:0D:B1:DB
4E:B0:1A:0D:11:D2
BF:59:7F:40:EF:6E
02:2D:F7:1A:90:EF
01:C6:16:66:B8:75
3F:09:9C:35:C4:B8
A0:B2:AC:30:04:31
D9:5D:1D:12:98:7A
9A:EE:FA:CD:39:90

首先,去掉冒号(准备工作)

[root@dameng linuxscript]# sed 's/://g' maclist 
D75320B3E3FE
1E91790DB1DB
4EB01A0D11D2
BF597F40EF6E
022DF71A90EF
01C61666B875
3F099C35C4B8
A0B2AC300431
D95D1D12987A
9AEEFACD3990

IEEE格式

[root@dameng linuxscript]# sed 's/://g' maclist | sed 's/\(..\)/\1-/g;s/-$//'
D7-53-20-B3-E3-FE
1E-91-79-0D-B1-DB
4E-B0-1A-0D-11-D2
BF-59-7F-40-EF-6E
02-2D-F7-1A-90-EF
01-C6-16-66-B8-75
3F-09-9C-35-C4-B8
A0-B2-AC-30-04-31
D9-5D-1D-12-98-7A
9A-EE-FA-CD-39-90

华为交换机格式

[root@dameng linuxscript]# sed 's/://g' maclist | sed 's/\(....\)/\1-/g;s/-$//'
D753-20B3-E3FE
1E91-790D-B1DB
4EB0-1A0D-11D2
BF59-7F40-EF6E
022D-F71A-90EF
01C6-1666-B875
3F09-9C35-C4B8
A0B2-AC30-0431
D95D-1D12-987A
9AEE-FACD-3990

思科交换机格式

[root@dameng linuxscript]# sed 's/://g' maclist | sed 's/\(....\)/\1./g;s/.$//'
D753.20B3.E3FE
1E91.790D.B1DB
4EB0.1A0D.11D2
BF59.7F40.EF6E
022D.F71A.90EF
01C6.1666.B875
3F09.9C35.C4B8
A0B2.AC30.0431
D95D.1D12.987A
9AEE.FACD.3990
]]> https://www.lemonary.cn/linux%e4%b8%89%e5%89%91%e5%ae%a2%e4%b9%8b%e5%b7%a7%e7%94%a8sed%e8%bd%ac%e6%8d%a2mac%e5%9c%b0%e5%9d%80/feed/ 0 Linux中如何巧妙恢复被进程锁定的已删除文件 https://www.lemonary.cn/linux%e4%b8%ad%e5%a6%82%e4%bd%95%e5%b7%a7%e5%a6%99%e6%81%a2%e5%a4%8d%e8%a2%ab%e8%bf%9b%e7%a8%8b%e9%94%81%e5%ae%9a%e7%9a%84%e5%b7%b2%e5%88%a0%e9%99%a4%e6%96%87%e4%bb%b6/ https://www.lemonary.cn/linux%e4%b8%ad%e5%a6%82%e4%bd%95%e5%b7%a7%e5%a6%99%e6%81%a2%e5%a4%8d%e8%a2%ab%e8%bf%9b%e7%a8%8b%e9%94%81%e5%ae%9a%e7%9a%84%e5%b7%b2%e5%88%a0%e9%99%a4%e6%96%87%e4%bb%b6/#respond Fri, 13 Dec 2024 02:17:03 +0000 https://www.lemonary.cn/?p=1045 一、模拟场景

(1)编写脚本test_del.sh,并执行

脚本内容

#!/bin/bash

while true; do

  sleep 10000000

done

(2)删除执行中的脚本

[root@dameng linuxscript]# rm test_del.sh 
rm: remove regular file 'test_del.sh'? yes
[root@dameng linuxscript]#

二、恢复过程

(1)查看进程状态

[root@dameng linuxscript]# lsof | grep -i delete | grep test_del.sh
test_del. 85885                    root  255r      REG              253,1         52     524386 /root/linuxscript/test_del.sh (deleted)
  • test_del:进程名
  • 85885:进程号

(2)寻找进程文件

[root@dameng linuxscript]# cd /proc/85885/fd

如图

图中能够看到对应deleted状态的程序(闪烁)。

(3)恢复进程文件

[root@dameng fd]# cat 255 >~/linuxscript/test_delv2.sh
[root@dameng fd]# ll ~/linuxscript/test_delv2.sh 
-rw-r--r-- 1 root root 52 Dec 13 10:06 /root/linuxscript/test_delv2.sh

(4)查看恢复的脚本文件

[root@dameng fd]# cat ~/linuxscript/test_delv2.sh
#!/bin/bash

while true; do

  sleep 10000000

done

恢复的脚本文件和初始执行的脚本文件一致,恢复文件成功。

]]> https://www.lemonary.cn/linux%e4%b8%ad%e5%a6%82%e4%bd%95%e5%b7%a7%e5%a6%99%e6%81%a2%e5%a4%8d%e8%a2%ab%e8%bf%9b%e7%a8%8b%e9%94%81%e5%ae%9a%e7%9a%84%e5%b7%b2%e5%88%a0%e9%99%a4%e6%96%87%e4%bb%b6/feed/ 0 Linux中自定义命令实现随时随地归档目录 https://www.lemonary.cn/linux%e4%b8%ad%e8%87%aa%e5%ae%9a%e4%b9%89%e5%91%bd%e4%bb%a4%e5%ae%9e%e7%8e%b0%e9%9a%8f%e6%97%b6%e9%9a%8f%e5%9c%b0%e5%bd%92%e6%a1%a3%e7%9b%ae%e5%bd%95/ https://www.lemonary.cn/linux%e4%b8%ad%e8%87%aa%e5%ae%9a%e4%b9%89%e5%91%bd%e4%bb%a4%e5%ae%9e%e7%8e%b0%e9%9a%8f%e6%97%b6%e9%9a%8f%e5%9c%b0%e5%bd%92%e6%a1%a3%e7%9b%ae%e5%bd%95/#respond Fri, 13 Dec 2024 01:51:10 +0000 https://www.lemonary.cn/?p=1040 alias tarthis='( ( D=`builtin pwd`; F=$(date +$HOME/`sed "s,[/ ],#,g" <<< ${D/${HOME}/}`#-%F.tgz); tar --ignore-failed-read --transform "s,^${D%/*},`date +${D%/*}.%F`,S" -czPf "$F" "$D" &>/dev/null ) & )'

将上述命令添加到环境变量中,保存退出,使其生效source .bash_profile。便可使用tarthis命令归档当前目录。

验证:

[root@dameng linuxscript]# pwd
/root/linuxscript
[root@dameng linuxscript]# tarthis 
[root@dameng linuxscript]# cd
[root@dameng ~]# ll \#linuxscript#-2024-12-13.tgz 
-rw-r--r-- 1 root root 21505 Dec 13 09:48 '#linuxscript#-2024-12-13.tgz'
[root@dameng ~]# tar -zxvf \#linuxscript#-2024-12-13.tgz 
tar: Removing leading `/' from member names
/root.2024-12-13/linuxscript/
/root.2024-12-13/linuxscript/newfile.sh
/root.2024-12-13/linuxscript/nmap-bootstrap.xsl
/root.2024-12-13/linuxscript/list-cronjobs.sh
/root.2024-12-13/linuxscript/user-cpu.sh
/root.2024-12-13/linuxscript/test.txt
/root.2024-12-13/linuxscript/autobak.sh
/root.2024-12-13/linuxscript/demo.sh
/root.2024-12-13/linuxscript/qmql/
/root.2024-12-13/linuxscript/qmql/danshu.tar
/root.2024-12-13/linuxscript/qmql/shuangshu.tar
/root.2024-12-13/linuxscript/~ip.txt
/root.2024-12-13/linuxscript/invoke.sh
/root.2024-12-13/linuxscript/file_size_distribution.sh
/root.2024-12-13/linuxscript/demo.log
/root.2024-12-13/linuxscript/scan.xml
/root.2024-12-13/linuxscript/backup.sh
/root.2024-12-13/linuxscript/demo.sh.crypt
/root.2024-12-13/linuxscript/cpu.sh
/root.2024-12-13/linuxscript/maclist
/root.2024-12-13/linuxscript/hosts
/root.2024-12-13/linuxscript/firewall-audit

执行效果图:

执行 tarthis 即可在 $HOME 目录中生成当前目录的压缩包。

]]> https://www.lemonary.cn/linux%e4%b8%ad%e8%87%aa%e5%ae%9a%e4%b9%89%e5%91%bd%e4%bb%a4%e5%ae%9e%e7%8e%b0%e9%9a%8f%e6%97%b6%e9%9a%8f%e5%9c%b0%e5%bd%92%e6%a1%a3%e7%9b%ae%e5%bd%95/feed/ 0