背景:一般来讲Linux对明文登录用户的密码在CentOS里有多种,但是MD5长度在36位以下。容量被破解,正向算法、碰撞等,特别是那个万能Wifi钥匙,我去。CentOS5和CentOS6的想法是更安全,但为了兼容统一管理密码Shadow,批量刷一样的,往往会用MD5这种方式,但是被破解后也是很容易给被攻下的一种弱的加密验证方式。
当用户发出useradd命令时,useradd命令读取/ etc / default / useradd和/etc/login.defs并确定useradd的默认值。 要显示/ etc / defaults / useradd的值,请参阅显示useradd的默认值

#使用MD5或DES加密密码? 红帽默认使用MD5。
MD5_CRYPT_ENAB是的

ENCRYPT_METHOD MD5

背景:原来是因为Jenkins的组不对,再把组修正了下,再加上chmod a+s /bin/su ,后来发现是因为/etc/passwd 里面的shell是 :/bin/false导致没法sudo 成功。
su jenkins
id
uid=0(root) gid=0(root) 组=0(root)

试了下Su到其它用户可以,于是查了一下 vi /etc/passwd :
jenkins:x:1012:1010:Jenkins Continuous Integration Server:/data/jenkins:/bin/false
原来是这儿/bin/false,不是su的问题:
jenkins:x:497:601:Jenkins Continuous Integration Server:/data/jenkins:/bin/bash

于是就好了:
[root@iZ2zehnf4lbq2wf83bmzk1Z ~]# su jenkins
[jenkins@iZ2zehnf4lbq2wf83bmzk1Z root]$ id
uid=1012(jenkins) gid=1010(jenkins) 组=1010(jenkins)
==================================================

[root@iZ2zehnf4lbq2wf83bmzk1Z ~]# su jenkins
[root@iZ2zehnf4lbq2wf83bmzk1Z ~]# id
uid=0(root) gid=0(root) 组=0(root)
[root@iZ2zehnf4lbq2wf83bmzk1Z ~]# whoami
root
[root@iZ2zehnf4lbq2wf83bmzk1Z ~]# id jenkins
uid=984(jenkins) gid=990(jenkins) 组=990(jenkins)

========================================
原因1
/bin/su文件没有s位权限


chmod a+s /bin/su


来自:http://blog.itpub.net/26432034/viewspace-1688391/

解决办法
感谢csdn用户jeecg-scott分享的博文《su 切换,提示:“密码不正确”》以下是连接
http://blog.csdn.net/zhangdaiscott/article/details/18666471

step1
检查/etc目录下passwd的权限
[root@dev /]# ll /etc/passwd
-rw-r--r--. 1 root root 1975 5月  27 06:04 /etc/passwd
如果普通用户不能读请改成644权限
[root@dev /]# chmod 644 /etc/passwd

step2
检查/bin/su文件是否有s位权限
[root@dev ~]# ll /bin/su
-rwxrwxrwx. 1 root root 34904 10月 17 2013 /bin/su
如果不存在则添加上
[root@dev /]# chmod a+s /bin/su
[root@dev /]# ll /bin/su
-rwsrwsrwx. 1 root root 34904 10月 17 2013 /bin/su

step3
测试成功否
[oracle@dev ~]$ su - root
密码:
[root@dev ~]#

背景:频繁调用itv投票和调查接口,导致 redis 频繁bgsave ,进而引起大量磁盘io报警,在一些大型的活动,如奥运会、世界杯一些业务会量比较大,在后端肯定是Redis来扛了,而出现了大量的bgsave,导致Redis在刷磁盘时会出现性能陡然下降,触发了Zabbix的报警,鉴于此,得临时性关掉Redis,redis如何关闭持久化?

bgsave的进程在Fork时会生成一样的内存数据,
操作系统认为太多,导致内存不给分派于是出现,fork: Cannot allocate memory :
https://jee-appy.blogspot.com/2016/04/can-not-save-in-background-fork-redis.html?m=1


修改redis配置文件,redis.conf 第115行左右。

1.注释掉原来的持久化规则
#save 900 1
#save 300 10
#save 60 10000

2.设置为空

save ""

然后重启redis服务即可,Bgsave放在备份Redis里,这样就不会因为主Redis挂了导致宕机。

ls  -lart /data/redis6413 |less
-rw-r--r--  1 redis redis 211841024 Jan  9 14:00 temp-33345.rdb
-rw-r--r--  1 redis redis 212078592 Jan  9 15:00 temp-53462.rdb
-rw-r--r--  1 redis redis 220446720 Jan  9 16:00 temp-8399.rdb
-rw-r--r--  1 redis redis 212865024 Jan  9 17:00 temp-28516.rdb

http://blog.csdn.net/opens_tym/article/details/10097805

摘自 :https://blog.csdn.net/tomisaboy/article/details/53763537
背景:听说Lumen起家是以一个叫av的框架,larvael。以Auth2.0起步,Lumen是精简版本,于是想了解一下。发现居然边TM路由就卡住了,Fuck,不光是我老外也有这个问题,都没有解决,主要是一个Nginx的转写问题,这块在Lumen的文档里写的很垃圾,我都不知这些人是怎么写文档的,有用Apache,有Nginx的就不能写细一点么,说一下原理啥的,关键是Nginx配置文件里面的:location /里面的重写。
From:http://blog.csdn.net/wowkk/article/details/52104689

Lumen 5.5.*版本的Lumen,目录:lumen-clear-edition
composer create-project laravel/lumen lumen-clear-edition --prefer-dist  "5.5.*"  # proc_open,

vi ms/survey/bootstrap/app.php
require __DIR__.'/../config/providers.php'

vi ms/survey/config/providers.php
<?php
$app->register(Common\Providers\RedisServiceProvider::class);
$app->register(Common\Providers\MysqlServiceProvider::class);
$app->register(Common\Providers\KafkaServiceProvider::class);
$app->register(Common\Providers\EventServiceProvider::class);
$app->register(Common\Providers\QueueServiceProvider::class);

注册的文件在:
ls ./lumen-clear-edition/common/Providers
EventServiceProvider.php  MysqlServiceProvider.php  RedisServiceProvider.php

启动方法:
启动方法#服务提供者中注册一个视图 composer 则应该在 boot 方法中完成。此方法会在所有其它的服务提供者被注册后才被调用,意味着你能访问已经被框架注册的所有其它服务:https://lumen.laravel-china.org/docs/5.3/providers,ServiceProvider类,和绑定easy_kafka类:
lumen-clear-edition/common/Providers/KafkaServiceProvider.php

vi lumen-clear-edition/common/Service/Kafka/Kafka.php   #自己写这个类的方法。


绑定的easy_kafka在这儿:
lumen-clear-edition/common/Facades/Kafka.php


ms/survey/app/Http/Controllers/Api/V1/ActivityController.php  #路由@./ms/survey/routes/web.php
$router->group(['namespace'=>'Api\V1'], function () use ($router) {
    $router->post('activity/form', ['uses' => 'ActivityController@form']);


ms/survey/app/Helpers/Client/SurveyClient.php  


类的加载,common文件夹位置:
    "autoload": {
        "psr-4": {
            "App\\": "app/",
            "Common\\": "common/"
        }
    },
#composer dump-autoload --optimize
Do not run Composer as root/super user! See https://getcomposer.org/root for details
Generating optimized autoload files

生成文件在这儿(挪动一下文件放到新目录,建议重新运行一下这个:composer dump-autoload --optimize,再就是如果有PHP的OPcache得重新启动一下PHP-FPM或关闭掉Opcache,/usr/local/php/etc/php.d/opcache.ini ,opcache.enable=0):
./lumen-clear-edition/vendor/composer/autoload_psr4.php:    'Common\\' => array($baseDir . '/common'),
More:


#find ./ -mtime 0 -type f
./composer.json   <== "Common\\": "common/"
./app/Http/Controllers/Api/V1/ActivityController.php
./app/Helpers/Client/SurveyClient.php
./common/Providers/UserServiceProvider.php
./common/Facades/User.php
./common/Services/User/User.php
./config/providers.php


composer dump-autoload --optimize改动的:
./vendor/autoload.php  ==》return ComposerAutoloaderInit7d1969d6b0c0a5e119f2b7e0932178e2::getLoader();
./vendor/composer/autoload_psr4.php
./vendor/composer/autoload_static.php
./vendor/composer/autoload_classmap.php
./vendor/composer/autoload_files.php
./vendor/composer/ClassLoader.php
./vendor/composer/autoload_namespaces.php
./vendor/composer/autoload_real.php

访问URL: http://47.93.207.136/activity/survey
最后,这个Provider的类如何使用参考,但写得不是很明白,最新版本的和实际使用并不定一模一样的:http://www.cnblogs.com/cxscode/p/7569856.html



路由:https://lumen.laravel.com/docs/5.4
中文文档:http://laravelacademy.org/laravel-docs-5_4
5.4这个路由,老外写得很简单,这帮人可能是想你去看他的代码吧,有很多人在问:
http://www.thinksaas.cn/ask/question/22000/
class KafkaServiceProvider extends ServiceProvider{
return new \Common\Service\Kafka\Kafka(); #lumen-clear-edition/common/Service/Kafka/Kafka.php
lumen-clear-edition/common/Service/Kafka/Kafka.php 里:




做微服务:/usr/local/nginx/conf/vhosts/ms.conf

server_name  10.70.**.142;
root /data/www/ms/;
rewrite ^/(survey)/.*$ /$1/public/index.php last;
http://10.70.33.140/survey/public/index.php
/data/www/ms/survey/public/index.php
路由:
/data/www/ms/survey/routes/web.php

一)$app->group(['prefix' => 'private','namespace'=>'Api\V1'], function () use ($app) {
    $app->get('survey/list', ['uses' => 'SurveyController@list']);
http://47.93.207.136/private/survey/list
app/Http/Controllers/Api/V1/SurveyController.php

二)$app->group(['namespace'=>'Api\V1'], function () use ($app) {
    $app->get('activity/survey', ['uses' => 'ActivityController@survey']);
http://47.93.207.136/activity/survey
app/Http/Controllers/Api/V1/ActivityController.php 里有一行:
$client = new SurveyClient();
./app/Helpers/Client/SurveyClient.php:class SurveyClient{

Lumen (5.5.2) (Laravel Components 5.5.*),路由的写法有点不一样:
$router->group(['prefix' => 'private','namespace'=>'Api\V1'], function () use ($router) {
        $router->get('survey/list', ['uses' => 'SurveyController@list']);

$router->group(['namespace'=>'Api\V1'], function () use ($router) {
        $router->get('activity/survey', ['uses' => 'ActivityController@survey']);


调用层级及配置文件的一个情况,二是如何引入框架目录的入口:
./app/Http/Controllers/Api/V1/SurveyController.php:class SurveyController extends Controller{
/**
* 删除互动
*/
public function delete(Request $request){
  $iid = intval($request->input('iid'));
  $res = Survey::deleteSurvey($iid);#调用Models
  return $this->out($res?1:0,$res?"success":"failed");
}

调用Models位置:
./app/Models/Survey.php:        public static function deleteSurvey($iid){

配置文件:
/data/www/ms/survey/config_production/database.php
/data/www/ms/survey/config_production/kafka.php
/data/www/ms/survey/config_production/redis.php

vi /data/htdocs/lumen.levoo.com/bootstrap/app.php   #引入框架目录



======================================================================================
Lumen 中可以使用的 Facades,查看源代码,可用清单如下(https://segmentfault.com/a/1190000002902055):
/survey/bootstrap/app.php:$app->withFacades();  $app->withFacades();
./lumen-clear-edition/vendor/laravel/lumen-framework/src/Application.php:    public function withFacades($aliases = true, $userAliases = [])
./vendor/laravel/lumen-framework/src/Application.php
public function withAliases($userAliases = [])
if (! static::$aliasesRegistered) {
  static::$aliasesRegistered = true;

  $merged = array_merge($defaults, $userAliases);

  foreach ($merged as $original => $alias) {
    class_alias($original, $alias);
  }
}


==========================================================================================
/usr/local/composer/composer.phar  global require "laravel/lumen-installer"
https://lumen.laravel.com/docs/5.4#server-requirements 下面的:
chmod a+x /root/.config/composer/vendor/laravel/lumen-installer/lumen
/root/.config/composer/vendor/bin/lumen new lumen.levoo.com

/data/htdocs/lumen.levoo.com/blog/routes/web.php

你可以将所有路由都定义在routes/web.php中。最基本的 Lumen 路由接收:
http://laravelacademy.org/post/6337.html



$app->group(['prefix'=>'test'],function($app){
    $app->get("/index",["uses" => "TestController@index"]);
                                                                                                                                                                                                              
});


【lumen】基础点记录使用:blog.csdn.net/imdingding/article/details/48679359
app/Http/routes.php中进行路由配置可以使用如下路由组的形式,在路由上lumen和laravel有一些区别
$app->group(['prefix' => 'scrollnews','namespace' => 'App\Http\Controllers'],function($app) {
$app->get('/','NewsController@showall');
$app->get('/{time}_{newpage}.htm','NewsController@showtime');
$app->get('/{newpage}.htm', 'NewsController@show');

});


http://123.57.252.183/test/index
hello Lumen (5.4.5) (Laravel Components 5.4.*)
/data/htdocs/lumen.levoo.com/app/Http/Controllers/TestController.php

<?php

namespace App\Http\Controllers;

use App\user;   //新增部分
use Laravel\Lumen\Routing\Controller as BaseController;
use Illuminate\Http\Request;

class TestController extends BaseController
{
    //直接传人sql方式操作数据库
    function index(Request $request){
        echo "hello Lumen (5.4.5) (Laravel Components 5.4.*)。";die;                                                                                                                                          
        return User::all();
    }
}


以上实践来源及变通参看了:http://blog.5ibc.net/p/87952.html

PHP message: PHP Fatal error:  Uncaught UnexpectedValueException: The stream or file "/data/htdocs/lumen.levoo.com/storage/logs/lumen.log" could not be opened: failed to open stream: Permission denied in /data/htdocs/lumen.levoo.com/vendor/monolog/monolog/src/Monolog/Handler/StreamHandler.php:107
mkdir
chmod -R 755 /data/htdocs/lumen.levoo.com/storage
chown -R www /data/htdocs/lumen.levoo.com/storage


Controller类的写法:https://segmentfault.com/q/1010000002727820
/data/htdocs/lumen.levoo.com/blog/app/Http/Controllers/AccountController.php



关于数据库配置文件:
默认情况下, Lumen 使用单一的 .env 文件来配置你的应用, 然而, 你也可以使用 Laravel 风格 的配置方法.
/data/htdocs/lumen.levoo.com/vendor/laravel/lumen-framework/config/database.php
文件夹下对应的配置文件复制到根目录下的 config 文件里面就行.
https://lumen.laravel-china.org/docs/5.3/configuration#configuration-files

Redis:
CACHE_DRIVER=file
SESSION_DRIVER=redis
QUEUE_DRIVER=sync

REDIS_HOST=192.168.1.248
REDIS_PASSWORD=null
REDIS_PORT=6379



今天在部署服务器的时候,使用composer来安装依赖。遇到了如下情况,这块出错好像和Redis配置有关,得在.env里配置好并运行起来。
  The Process class relies on proc_open, which is not available on your PHP installation.
  [ErrorException]                                          
  proc_get_status() has been disabled for security reasons
  开始的时候,我有些不知所措,于是冷静下来思考一番,然后goolge了一下
解决方法:
  在php.ini中,找到disable_functions选项,看看后面是否有proc_open函数被禁用了,如果有的话,去掉即可
  其实如果php的文档熟悉的话,你应该马上就能知道proc_open实际上是一个函数,是php用来和shell交互的函数,一般这种可以直接作用于操作系统的函数是非常不安全的,对于这种不安全的函数,总是要做一些措施来进行保护

php artisan make:migration create_table_cars --create=cars
php artisan make:migration create_table_cars --create=cars
Created Migration: 2017_03_04_160644_create_table_cars
/data/htdocs/lumen.levoo.com/database/migrations/2017_03_04_160644_create_table_cars.php

    public function up()
    {
        Schema::create('cars', function (Blueprint $table) {
            $table->increments('id');
            $table->string('make');                                                                                                                                  
            $table->string('model');
            $table->string('year');
            $table->timestamps();
        });
    }



php artisan migrate
Migrated: 2017_03_04_161708_create_table_cars

migrations记录历史 /car 两个表:
id int(10) UNSIGNED
make  varchar(255)
model varchar(255)
year varchar(255)
create d_attimestamp


问题实践来源:http://www.cnblogs.com/crisenchou/p/6237781.html
打开方法来自:http://www.codesec.net/view/497671.html?winzoom=1



Model这块和Controll层的配置:
1)Controll层, /data/htdocs/lumen.levoo.com/app/Http/Controllers/TestController.php

<?php

namespace App\Http\Controllers;
use App\Models\Information;
use App\Models\Collection;

//use App\User;     //新增部分APP目录下
use App\Models\User; //App\Models\User目录下
use Laravel\Lumen\Routing\Controller as BaseController;
use Illuminate\Http\Request;

class TestController extends BaseController
{
    //直接传人sql方式操作数据库
    function index(Request $request){
        /*
            $UserModel = new User();
            $result = $User::all(); //这样也成
            $result2 = $UserModel::all2(); //这样也成
        */
        $result = User::all();
        $result2 = User::all2();//这个在Model自定义的all2也能被调用输出结果

        print_r($result);
        echo "<hr>";                                                                                                                                                                                          
        print_r($result2);
    }
}


2)Model层:/data/htdocs/lumen.levoo.com/app/Models/User.php

<?php
//namespace App; //这个得注释掉,容易和App/User.php发生错误引用。
namespace App\Models;

use Illuminate\Database\Eloquent\Model;
//默认操作数据库的users表,需要定制的话请看文档,下面有自己的配置。
class User extends Model
{
    /**
    * The connection name for the model.
    *
    * @var string
    */
    protected $connection = 'mysql';

    /**
    * 表名
    *
    * @var string
    */
    protected $table = 'levoo_sns_user'; //指定操作表名
    protected $primaryKey = "id";        //指定主键
    public $timestamps = false;
    protected $dateFormat = 'U';

    static public function all2(){
        $User = User::all();
        return $User;                                                                                                                                                                                          
    }
}


=================MVC模板学习=============================
/data/htdocs/lumen.levoo.com/app/Http/Controllers/TestController.php

<?php

namespace App\Http\Controllers;
use App\Models\Information;
use App\Models\Collection;

//use App\User;     //新增部分APP目录下
use App\Models\User; //App\Models\User目录下
use Laravel\Lumen\Routing\Controller as BaseController;
use Illuminate\Http\Request;

class TestController extends BaseController
{
    //直接传人sql方式操作数据库
    function index(Request $request){
        /*
            $UserModel = new User();
            $result = $User::all(); //这样也成
            $result2 = $UserModel::all2(); //这样也成
        */
        $result = User::all();
        //$result2 = User::all2();//这个在Model自定义的all2也能被调用输出结果
        /*
        print_r($result);                                                                                                                                            
        echo "<hr>";
        print_r($result2);
        */
        //view()->exists('user');
        return view('test', ['name' => 'jackX','results' => $result]);
    }
}


vi /data/htdocs/lumen.levoo.com/resources/views/test.blade.php


<!-- 该视图存放 resources/views/greeting.php -->

<html>
    <body>
        <h1>Hello, {{ $name }}</h1>
        <h1>Hello, {{ $name2 or 'Default' }}</h1>
        <h1>Hello, {!! $name !!}</h1>
        <h1>Array, {{ $results}}</h1>
        <h1>Array, {!! $results !!}</h1>
        Blade for each:<br>
        <h1>
            @foreach ($results as $user)
                <ul>
                <li>This is user {{ $user->id }}</li>
                <li>This is user {{ $user->mobile }}</li>
                <li>This is user {{ $user->fansmobile }}</li>
                <li>This is user {{ $user->followedTime }}</li>
                </ul>
            @endforeach
        </h1>
        <h1>
            @foreach ($results as $user)
                <ul>
                @if ($user->id == 1)
                   用户Id=1,标识一下:
                @endif
                <li>This is user {{ $user->id }}</li>
                <li>This is user {{ $user->mobile }}</li>
                <li>This is user {{ $user->fansmobile }}</li>
                <li>This is user {{ $user->followedTime }}</li>
                </ul>
            @endforeach
        </h1>
        <h1>只显示id=1的区块:</h1>
        <h1>
            @foreach ($results as $user)
                <ul>
                 @continue($user->id == 2)
                <li>This is user {{ $user->id }}</li>
                <li>This is user {{ $user->mobile }}</li>
                <li>This is user {{ $user->fansmobile }}</li>
                <li>This is user {{ $user->followedTime }}</li>
                </ul>
                 @break($user->id == 1)
            @endforeach
        </h1>
    </body>
</html>




模板输出:http://123.57.252.183/test/index
Hello, jackX

Hello, Default

Hello, jackX

Array, [{"id":1,"mobile":"1881**65108","fansmobile":"18810322234","followedTime":1211212121},{"id":2,"mobile":"1881**65108","fansmobile":"18810322232","followedTime":121212}]

Array, [{"id":1,"mobile":"1881**65108","fansmobile":"18810322234","followedTime":1211212121},{"id":2,"mobile":"1881**65108","fansmobile":"18810322232","followedTime":121212}]

Blade for each:
This is user 1
This is user 1881**65108
This is user 18810322234
This is user 1211212121
This is user 2
This is user 1881**65108
This is user 18810322232
This is user 121212
用户Id=1,标识一下:
This is user 1
This is user 1881**65108
This is user 18810322234
This is user 1211212121
This is user 2
This is user 1881**65108
This is user 18810322232
This is user 121212
只显示id=1的区块:

This is user 1
This is user 1881**65108
This is user 18810322234
This is user 1211212121

这个叫Blade的模板引擎解析成PHP的,也就是相当于没有啥大的损耗,如果它的算法还算先进的前提下,位置在:
/data/htdocs/lumen.levoo.com/storage/framework/views/9e3b647aebb6a248d1ae42408e87c3fc7f5bc520.php
为什么这么说呢,如下,我在想为何要搞成这样,PHP裸写不也一样么,像Ci框架啥的,思考思考,这样也算是能模板和程序分离罢:


        <h1>只显示id=1的区块:</h1>
        <h1>
            <?php $__currentLoopData = $results; $__env->addLoop($__currentLoopData); foreach($__currentLoopData as $user): $__env->incrementLoopIndices(); $loop = $__env->getLastLoop(); ?>
                <ul>
                 <?php if($user->id == 2) continue; ?>
                <li>This is user <?php echo e($user->id); ?></li>
                <li>This is user <?php echo e($user->mobile); ?></li>
                <li>This is user <?php echo e($user->fansmobile); ?></li>
                <li>This is user <?php echo e($user->followedTime); ?></li>
                </ul>
                 <?php if($user->id == 1) break; ?>
            <?php endforeach; $__env->popLoop(); $loop = $__env->getLastLoop(); ?>
        </h1>



主要是对这个模板有一个大体理解,和Smarty啥的有一个初步了解,参考自:
http://laravelacademy.org/post/6780.html




======================================================================
Nginx配置文件:

server
{
    listen       80 default_server;
    server_name  101.200.189.210 lumen.levoo.com;
    index index.html index.htm index.php;
    root  /data/htdocs/lumen.levoo.com/blog/public;
    autoindex on;
    autoindex_exact_size off;
    autoindex_localtime on;


    location ~ .*\.(php|php5)?$
    {
        fastcgi_pass unix:/dev/shm/php-fcgi.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    location / {
        try_files $uri $uri/ /index.php?$query_string;
        #if (!-f $request_filename){                                                                                                  
        #    rewrite ^/(.+)$ /index.php?s=$1 last;
        #    break;
        #}
    }
    access_log /data/logs/nginx/access_lumen_levoo.log;
}



上面location / {里被注释掉的也成,只是优雅度不够,这块好像手册有说明,我当时把 try_files $uri $uri/ /index.php?$query_string;放到location ~ .*\.(php|php5)?$ 里了,发现不对。

http://123.57.252.183/foo
Hello World


老外:
http://stackoverflow.com/questions/32281294/lumen-simple-route-request-doesnt-work
老外也有这个问题:
http://laravel.io/forum/05-08-2014-nginx-laravel-routing-shows-404?page=1

主从数据库配置(多台读库配置):
http://blog.sina.com.cn/s/blog_9bbafb790102win1.html
基于Lumen搭建一个OAUTH2认证的API框架:
http://www.bibihub.com/php/lumen-mobile-api-oauth-2-authentication/

========DB学习=========
基本使用
注意:如果你想要使用DB门面,应该取消bootstrap/app.php文件中$app->withFacades()调用前的注释
vi bootstrap/app.php

下面这个需要门面:

$app->get('/foo', function () use ($app) {