mysql -u username -p DatabaseName
Enter password: YourPassword
...
mysql> REPAIR TABLE tablename;
...
mysql> exit
在centos中,如果selinux级别为强制,某些web访问可能会出现403 forbidden的访问错误,selinux中会提示:“SELinux is preventing the httpd from using potentially mislabeled files ()。”按照提示restorecon -v不起作用。
SELinux引入了文件的Context概念,每个文件的属性中都包含着一个Context,而这个Context又包括了 User,Role,Range,Type四种类型。传统的Linux访问控制只会通过user/group/other来实现访问控制,而 SELinux却是通过文件的Context来控制访问的。
用ls -Z可以查看文件夹中的文件的context属性,通过查看可以得知被禁止访问的文件夹属性不为httpd_sys_content_t,所以禁止访问,通过命令改变context属性即可:
chcon -t httpd_sys_content_t ‘文件夹’ -R
发生这种错误的原因需要修改/etc/php.ini
error_reporting=E_ALL^E_NOTICE
Quick fix:
chcon -R -t httpd_sys_content_t
Now for the meat:
So in Fedora Core 3 we now have SELinux enabled by default in the
installation. I decided to leave it enabled because security is a “Good
Thing” (right?) and I knew I was going to have to get familiar with it
at some point. So this was all fine and good until I ran into the first
piece of the system I wanted to work with that was affected by the
default policy that’s called “targeted”.
The “targeted” policy confines certain network daemons to run in their
own specific “security domain”. These daemons include dhcpd, httpd
(apache), named, nscd, ntpd, portmap, snmpd, squid, and syslogd.
When I setup apache on a system where it wil be utilized, I have a
habit of not using /var/www/html as my starting point for document
roots, but rather create a dir at /home/websites and place my document
roots in there. In the good ol’ days of Discretionary Access Controls
(DAC) just making sure that apache had the perms it needed to read the
documents in there was enough (using chmod, chown, and the like).
Not so with SELinux enabled. In addition to the regular DAC we’re
all used to, we now have Mandatory Access Controls (MAC) that define
security contexts for files/directories etc. Turns out it looks like by
default, apache only has access to /var/www/html when it’s fired up….
I’m guessing that and probably /var/log/httpd (which is exactly as it
should be). To enable apache to view my files in /home/websites, I had
to apply a new security context to these files. The answer to this is
the chcon command. To be brief, the full command I executed was:
chcon -R -t httpd_sys_content_t /home/websites
After executing this, apache could read my files.
Important links I found in troubleshooting:
http://fedora.redhat.com/docs/selinux-apache-fc3
http://fedora.redhat.com/docs/selinux-faq-fc3/
http://lwn.net/Articles/105409/
I like where this SELinux thing is going. Permissions done right,
for sure. This doesn’t come with out growing pains though. It’s complex
(or so it seems to me after only working with it for a couple days) and
will take some time to learn. I’m prepared for some frustration….
Now many of you are probably asking yourself why would anyone (let
alone me) want to bother with this? Well I think a simple example of
one of the cool things is that even though something like /etc/passwd
has DAC octal perms of 644 (rw-r–r–), apache still can’t read it
because that file is not with in apache’s security context. So any
users on your system can’t write a little script that reads your
/etc/passwd file and basically posts it on a web page for the world to
see (giving potential crackers a list of valid user accounts on the
system).
老子首先是人民,某些人自称是我儿子,其实我是你妈(=mlgb,不是他母亲)的奴隶,既然做奴隶,也得梦想着选个有钱的主吧,一个傻穷逼,还天天吹牛逼,当这种人的奴隶有什么前途?
凤凰网转:
如果, 一说’民主’, 你就骂人家是 ‘西奴’, 那么我问你:
你现在享受的网络和通讯, 不是西方先发明的?
你生活得以方便的所有现代设施, 不是西方先发明的?
你和领导们穿的西服,皮鞋…..不是西方先发明的?
你所崇拜和学习的科学, 不是西方来的?
你的代表在那里开会的大会堂, 不但是西方的, 而且是西方古代式的!
你口口声声说的马克思, 不是西方的?
你和你老婆接吻, 不也是西方的?
…….
好啦, 不用我多说了! 你自己看看吧, 你身处的世界, 什么不是西方先发明的?
其实, 谁先发明的并不重要, 重要的是, 人类的发明,被人类所用!!
如果, 当年的中国能早点吸纳科学, 而不顽固坚持自己的’理学’, 那中国就不会有什么’鸦片战争’, 我们更不可能现在才发展起来! 现如今, 你还反对科学吗?
放弃你那东西方的偏见吧! 就算你抗拒了民主, 你的子孙后代也一定会接受的……不过是代价高一点而已!
一个网友的回答:人类也是西方的神造出来的….圣经里是有记载的…
VNC是Virtual Network Computing的简称,可以跨平台实现远程桌面连接,比如windows系统连接linux桌面。
1、检查是否安装了vnc server
[tchung@tchung101 tchung]$ rpm -q vnc vnc-server
vnc-4.0-0.beta4.3.2
vnc-server-4.0-0.beta4.3.2
[tchung@tchung101 tchung]$
2、在配置文件中添加上用户名
[tchung@tchung101 tchung]$ sudo vi /etc/sysconfig/vncservers
# The VNCSERVERS variable is a list of display:user pairs.
#
# Uncomment the line below to start a VNC server on display :1
# as my 'myusername' (adjust this to your own). You will also
# need to set a VNC password; run 'man vncpasswd' to see how
# to do that.
#
# DO NOT RUN THIS SERVICE if your local area network is
# untrusted! For a secure way of using VNC, see
# URL:http://www.uk.research.att.com/vnc/sshvnc.html
# VNCSERVERS="1:myusername"
VNCSERVERS="1:tchung"
3、设置密码
在启动vnc服务之前,先用vncpasswd命令建一个密码。将有一个隐藏的.vnc文件夹在/home下,文件名为passwd,这个文件内有你设置的密码。
[tchung@tchung101 tchung]$ vncpasswd Password: Verify: [tchung@tchung101 tchung]$ ls -d .vnc .vnc [tchung@tchung101 tchung]$ ls .vnc passwd [tchung@tchung101 tchung]$ Read More »