linux命令备忘录

名词

1
2
3
4
5
pie: position-independent executable
pic: position-independent code
aslr: address space layout randomization
got: global offset table
vdso: virtual dynamic shared object

swap文件

1
2
3
4
dd if=/dev/zero of=./swap_file bs=1G count=1
mkswap ./swap_file
swapon ./swap_file
swapoff ./swap_file

objcopy

1
2
3
objcopy -I binary -O elf32-i386 -B i386 test.jpg test.o
objdump -s -b binary test.o
readelf -s test.o

静态链编stdc++

1
-Bstatic -lstdc++ -Bdynamic

工具

1
2
3
systemtap
inotify-tools
windres

refer to:
http://blog.chinaunix.net/uid-28461677-id-5766451.html
https://blog.csdn.net/weixin_33842304/article/details/91443399

linux驱动备忘录

驱动签名

1
2
3
4
5
CONFIG_MODULE_SIG=y
# CONFIG_MODULE_SIG_FORCE is not set
CONFIG_MODULE_SIG_ALL=y
 
${KERNEL_SRC}/scripts/sign-file sha512 ${KERNEL_SRC}/certs/signing_key.pem ${KERNEL_SRC}/certs/signing_key.x509 hello.ko

驱动调试

debugee

1
2
3
4
5
6
7
MOD_NAME=simple_mod
insmod ./${MOD_NAME}.ko
MOD_TEXT=`cat /sys/module/${MOD_NAME}/sections/.text`
MOD_DATA=`cat /sys/module/${MOD_NAME}/sections/.data`
MOD_BSS=`cat /sys/module/${MOD_NAME}/sections/.bss`
MOD_ADD="add-symbol-file /path/to/${MOD_NAME}.ko ${MOD_TEXT} -s .data ${MOD_DATA} -s .bss ${MOD_BSS}"
echo ${MOD_ADD}

debugger

1
(gdb) ${MOD_ADD}

refer to:
https://www.cnblogs.com/rivsidn/p/9481037.html
https://www.cnblogs.com/powerrailgun/p/12161295.html
https://blog.csdn.net/chdhust/article/details/8820628

vmware linux共享文件夹未启动

1
2
3
4
# 若vmhgfs-fuse -e执行成功时执行
vmhgfs-fuse -o subtype=vmhgfs-fuse,allow_other /mnt/hgfs/
# mvhgfs-fuse -e 执行失败时执行
mount -f vmhgfs .host:/ /mnt/hgfs

如果还不行,比如更新内核后,就要重新加载linux.iso重装VMWareTools。

refer to: https://www.cnblogs.com/woodyoilove/p/8479458.html

linux关闭或开启网络端口

关闭80端口

1
iptables -A INPUT -ptcp --dport 80 -j DROP

而开启80端口要看情况,不能简单的一句

1
iptables -A INPUT -ptcp --dport 80 -j ACCEPT

因为其中的-A表示append一条规则到规则链上,之前存在一条DROP链,其后再加一条ACCEPT链,80端口还是会被禁掉。

先用如下命令看一下规则链

1
iptables -L

把DROP那一链删掉

1
2
iptables -D INPUT -ptcp --dport 80 -j ACCEPT
iptables -D INPUT -ptcp --dport 80 -j DROP

如果默认是所有端口都禁用,那就在空链里加一条ACCEPT链。

最后保存

1
iptables-save

Linux禁止用户访问某个目录

比如root用户生成了一个文件夹dir0,再执行

1
chmod o-rwx dir0

那么当非root权限用户usr0访问此目录

1
2
cd dir0/
bash: cd: dir0/: Permission denied