yum install smartmontools -y -q
smartctl -a -d megaraid,N /dev/sdX
N代表硬盘的设备ID, 可以用storcli和MegaCli查找到.
X则代表存储设备的顺序ID. 第一个存储设备以a开始排列.
查看硬盘的设备ID方法如下:
用MegaCli
#第一种
#MegaCli -PDList -aAll|grep "Device Id"
Device Id: 0
Device Id: 1
Device Id: 2
Device Id: 3
Device Id: 4
Device Id: 5
Device Id: 6
Device Id: 7
Device Id: 8
Device Id: 9
#第二种(LSI ID就是设备ID)
#curl -sS http://dl.kvm.la/lsi/megaclisas-status | python
-- Controller information --
-- ID | H/W Model | RAM | Temp | BBU | Firmware
c0 | PERC H710 Mini | 512MB | 76C | Good | FW: 21.0.1-0132
-- Array information --
-- ID | Type | Size | Strpsz | Flags | DskCache | Status | OS Path | CacheCade |InProgress
c0u0 | RAID-10 | 5455G | 256 KB | RA,WB | Disabled | Optimal | 0 | Type : Read Only |None
-- Disk information --
-- ID | Type | Drive Model | Size | Status | Speed | Temp | Slot ID | LSI ID
c0u0s0p0 | HDD | HGST HUC101212CSS600 A469KZJ0M2DG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:0] | 0
c0u0s0p1 | HDD | HGST HUC101212CSS600 A469KZJ0LJRG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:1] | 1
c0u0s1p0 | HDD | HGST HUC101212CSS600 A469KZHZX1ZG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 30C | [32:2] | 2
c0u0s1p1 | HDD | HGST HUC101212CSS600 A469KZJ076SG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:3] | 3
c0u0s2p0 | HDD | HGST HUC101212CSS600 A469KZJ0B6PG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 30C | [32:4] | 4
c0u0s2p1 | HDD | HGST HUC101212CSS600 A469KZJ0WWJG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:5] | 5
c0u0s3p0 | HDD | HGST HUC101212CSS600 A469KZJ0LT4G | 1.090 TB | Online, Spun Up | 6.0Gb/s | 30C | [32:6] | 6
c0u0s3p1 | HDD | HGST HUC101212CSS600 A469KZJ0A5KG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:7] | 7
c0u0s4p0 | HDD | HGST HUC101212CSS600 A469KZJ0LRLG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 30C | [32:8] | 8
c0u0s4p1 | HDD | HGST HUC101212CSS600 A469KZJ0DUGG | 1.090 TB | Online, Spun Up | 6.0Gb/s | 31C | [32:9] | 9
基于storcli命令查找
#storcli /c0 /eall /sall show
----------------------------------------------------------------------------
EID:Slt DID State DG Size Intf Med SED PI SeSz Model Sp Type
----------------------------------------------------------------------------
252:0 14 Onln 0 5.456 TB SAS HDD N N 512B ST6000NM0034 U -
252:1 16 Onln 0 5.456 TB SAS HDD N N 512B ST6000NM0034 U -
252:2 15 Onln 0 5.456 TB SAS HDD N N 512B ST6000NM0034 U -
252:3 17 Rbld 0 5.456 TB SAS HDD N N 512B ST6000NM0034 U -
----------------------------------------------------------------------------
DID就是硬盘的设备ID
附:MegaCli和storcli安装
yum install -y -q http://dl.kvm.la/lsi/MegaCli_All_OS/Linux/MegaCli-8.07.06-1.noarch.rpm
ln -s /opt/MegaRAID/MegaCli/MegaCli64 /usr/bin/MegaCli
yum -y -q install http://dl.kvm.la/lsi/storcli_All_OS/Linux/storcli-1.23.02-1.noarch.rpm
ln -s /opt/MegaRAID/storcli/storcli64 /usr/bin/storcli
由于官方改动了一些文件位置,没有及时更新安装引导说明, 导致最后几步安装找不到文件,故自己抄写了一份.
原文地址http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-centos7.html
#yum安装基础环境
yum install -y -q nss curl git autoconf automake libtool make cmake readline-devel texinfo net-snmp-devel groff pkgconfig json-c-devel pam-devel bison flex pytest c-ares-devel python-devel systemd-devel python-sphinx libcap-devel
groupadd -g 92 frr
groupadd -r -g 85 frrvty
useradd -u 92 -g 92 -M -r -G frrvty -s /sbin/nologin -c "FRR FRRouting suite" -d /var/run/frr frr
#安装libyang
#由于centos7没有
cd /tmp
git clone https://github.com/CESNET/libyang.git
cd libyang
mkdir build; cd build
cmake -DENABLE_LYD_PRIV=ON -DCMAKE_INSTALL_PREFIX:PATH=/usr -D CMAKE_BUILD_TYPE:String="Release" ..
make
make install
#安装frr
cd /tmp
git clone https://github.com/frrouting/frr.git frr
cd frr
./bootstrap.sh
./configure \
--bindir=/usr/bin \
--sbindir=/usr/lib/frr \
--sysconfdir=/etc/frr \
--libdir=/usr/lib/frr \
--libexecdir=/usr/lib/frr \
--localstatedir=/var/run/frr \
--with-moduledir=/usr/lib/frr/modules \
--enable-snmp=agentx \
--enable-multipath=64 \
--enable-user=frr \
--enable-group=frr \
--enable-vty-group=frrvty \
--enable-systemd=yes \
--disable-exampledir \
--disable-ldpd \
--enable-fpm \
--with-pkg-git-version \
--with-pkg-extra-version=-MyOwnFRRVersion \
SPHINXBUILD=/usr/bin/sphinx-build
make
make install
install -p -m 644 ./tools/etc/frr/daemons /etc/frr/
install -p -m 644 tools/frr.service /usr/lib/systemd/system/frr.service
install -p -m 644 tools/frrinit.sh.in /usr/lib/frr/frr
#创建FRR空白配置文件和权限
mkdir /var/log/frr
mkdir /etc/frr
touch /etc/frr/zebra.conf
touch /etc/frr/bgpd.conf
touch /etc/frr/ospfd.conf
touch /etc/frr/ospf6d.conf
touch /etc/frr/isisd.conf
touch /etc/frr/ripd.conf
touch /etc/frr/ripngd.conf
touch /etc/frr/pimd.conf
touch /etc/frr/nhrpd.conf
touch /etc/frr/eigrpd.conf
touch /etc/frr/babeld.conf
touch /etc/frr/vtysh.conf
chown -R frr:frr /etc/frr/
chown frr:frrvty /etc/frr/vtysh.conf
chown frr:frr /etc/frr/daemons
chmod 640 /etc/frr/*.conf
cat>/etc/sysctl.d/90-routing-sysctl.conf<<EOF
net.ipv4.conf.all.forwarding=1
net.ipv6.conf.all.forwarding=1
EOF
sysctl -p /etc/sysctl.d/90-routing-sysctl.conf
#注册启用和启动FRR
systemctl preset frr.service
systemctl enable frr
systemctl start frr
安装步骤到此结束
需要配置zebra后再用telnet连接
zebra配置文件
#cat /etc/frr/zebra.conf
! Zebra configuration file
!
frr version 6.0
frr defaults traditional
!
hostname Router
password zebra
enable password zebra
!
log stdout
!
!
更多配置和指引参考官方引导文章
telnet 127.0.0.1 2601
然后和思科的配置方式差不多
Juniper sflow配置:
set protocols sflow agent-id {agent IP地址}
set protocols sflow polling-interval 30
set protocols sflow sample-rate ingress 3000
set protocols sflow sample-rate egress 3000
set protocols sflow collector {接受数据的IP}
set protocols sflow interfaces {ge-0/1/1.0 指定端口}
H3C sflow配置:
sflow agent ip 10.193.1.1 !设置此设备的某端口地址为agent地址
sflow source ip 10.193.1.1 !设置此设备的某端口地址为发送源地址
sflow collector 1 vpn-instance mgmt ip 10.5.0.208 !设置collector1服务器地址,端口号默认6343
int te1/0/0/7 !进入需要采集的接口
sflow flow collector 1 !与collector 1 绑定
sflow sampling-rate 1000 !设置采样率
sflow counter collector 1 !计数器绑定collector1
sflow counter interval 60 !计数器间隔60s
!
Cisco Netflow设置
flow record yst !配置netflow记录器yst
match ipv4 source address !记录内容ipv4源地址
match ipv4 destination address !记录目标地址
collect counter bytes !计数器单位bytes
collect counter packets !计数器单位packets
!
!
flow exporter yst !配置netflow输出器
destination 10.5.0.208 !设置服务器地址
source TenGigabitEthernet0/0/0 !设置发包源地址
dscp 63 !设置qos dscp
ttl 15 !设置ttl
transport udp 6343 !配置端口号
export-protocol netflow-v5 !配置版本为v5,各版本区别百度
template data timeout 30 超时时间30
!
!
flow monitor yst !设置监视器yst
exporter yst !绑定输出器yst
record yst !绑定记录器yst
int gi1/0/1 !开启接口flow
ip flow monitor yst input
ip flow monitor yst output
yum install -y epel-release wget
wget http://packages.ntop.org/centos/ntop.repo -O /etc/yum.repos.d/ntop.repo
yum install -y pfring-dkms n2disk nprobe ntopng cento
service redis start
service ntopng start
bird实例
log syslog all;
debug protocols off;
debug commands 0;
router id 1.1.1.1;
protocol static rtbh {
route 99.99.99.99/32 blackhole;
route 88.88.88.88/32 blackhole;
}
filter export_rtbh_out {
# Limit to static routes
if (proto = "rtbh") then
{
# Limit to /32 host routes (for now)
if net.len = 32 then
{
bgp_community.add((65001,9999));
bgp_next_hop = 192.0.2.1;
accept;
}
}
reject;
}
protocol bgp ER3 {
description "iBGP to Edge Router 3 for RTBH";
debug { states, events };
local 1.1.1.1 as 65001;
neighbor 3.3.3.3 as 65001;
import none;
export filter export_rtbh_out;
}
protocol bgp ER4 {
description "iBGP to Edge Router 4 for RTBH";
debug { states, events };
local 1.1.1.1 as 65001;
neighbor 4.4.4.4 as 65001;
import none;
export filter export_rtbh_out;
}
JUNOS 配置实例
routing-options {
static {
route 192.0.2.1/32 discard;
}
}
protocols {
bgp {
group RTBH {
type internal;
import import-from-rs;
expor deny-all;
neighbor 1.1.1.1;
}
}
}
policy-options {
policy-statement deny-all {
term 1 {
then reject;
}
}
policy-statement import-from-rs {
term 1 {
from {
community RTBH;
route-filter 0.0.0.0/0 prefix-length-range /32-/32;
}
then accept;
}
term reject {
then reject;
}
}
community RTBH members 65001:9999;
}
抄录自https://gist.github.com/floatingstatic/854aa504a92ab8bc3e044e434ec378c4
1、运行、停止、禁用firewalld
启动:# systemctl start firewalld
查看状态:# systemctl status firewalld 或者 firewall-cmd --state
停止:# systemctl disable firewalld
禁用:# systemctl stop firewalld
查看firewall是否运行,下面两个命令都可以
systemctl status firewalld.servicefirewall-cmd --state
查看default zone和active zone
我们还没有做任何配置,default zone和active zone都应该是public
firewall-cmd --get-default-zonefirewall-cmd --get-active-zones
查看当前开了哪些端口
其实一个服务对应一个端口,每个服务对应/usr/lib/firewalld/services下面一个xml文件。
firewall-cmd --list-services
查看还有哪些服务可以打开
firewall-cmd --get-services
查看所有打开的端口:
firewall-cmd --zone=public --list-ports
更新防火墙规则:
firewall-cmd --reload
添加一个服务到firewalld
firewall-cmd --add-service=http //http换成想要开放的service
这样添加的service当前立刻生效,但系统下次启动就失效,可以测试使用。要永久开发一个service,加上 --permanent
firewall-cmd --permanent --add-service=http
如果要添加的端口并没有服务对应
就要新建一个服务,在/usr/lib/firewalld/services,随便拷贝一个xml文件到一个新名字,比如myservice.xml,把里面的
<?xml version="1.0" encoding="utf-8"?>
<service>
<short>Transmission-client</short>
<description>Transmission is a lightweight GTK+ BitTorrent client.</description>
<port protocol="tcp" port="51413"/>
</service>
short改为想要名字(这个名字只是为了人来阅读,没有实际影响。重要的是修改 protocol和port。修改完保存。
我的经验是这是要重启firewalld服务,systemctl restart firewalld.service,否则可能提示找不到刚才新建的service。
然后把新建的service添加到firewalld
firewall-cmd --permanent --add-service=myservice
重启firewalld 生效
5分钟理解Centos7防火墙firewalld http://www.cnblogs.com/stevenzeng/p/5152324.html
-------------------------------------------------------------------------------------------------------------
1、firewalld的基本使用
启动: systemctl start firewalld
查看状态: systemctl status firewalld
停止: systemctl disable firewalld
禁用: systemctl stop firewalld
2.systemctl是CentOS7的服务管理工具中主要的工具,它融合之前service和chkconfig的功能于一体。
启动一个服务:systemctl start firewalld.service
关闭一个服务:systemctl stop firewalld.service
重启一个服务:systemctl restart firewalld.service
显示一个服务的状态:systemctl status firewalld.service
在开机时启用一个服务:systemctl enable firewalld.service
在开机时禁用一个服务:systemctl disable firewalld.service
查看服务是否开机启动:systemctl is-enabled firewalld.service
查看已启动的服务列表:systemctl list-unit-files|grep enabled
查看启动失败的服务列表:systemctl --failed
3.配置firewalld-cmd
查看版本: firewall-cmd --version
查看帮助: firewall-cmd --help
显示状态: firewall-cmd --state
查看所有打开的端口: firewall-cmd --zone=public --list-ports
更新防火墙规则: firewall-cmd --reload
查看区域信息: firewall-cmd --get-active-zones
查看指定接口所属区域: firewall-cmd --get-zone-of-interface=eth0
拒绝所有包:firewall-cmd --panic-on
取消拒绝状态: firewall-cmd --panic-off
查看是否拒绝: firewall-cmd --query-panic
那怎么开启一个端口呢
添加
firewall-cmd --zone=public --add-port=80/tcp --permanent (--permanent永久生效,没有此参数重启后失效)
重新载入
firewall-cmd --reload
查看
firewall-cmd --zone=public --query-port=80/tcp
删除
firewall-cmd --zone=public --remove-port=80/tcp --permanent
转载自:https://www.cnblogs.com/hubing/p/6058932.html
curl https://openresty.org/package/centos/openresty.repo -so /etc/yum.repos.d/openresty.repo
yum -y -q install wget vim-enhanced tcpdump iftop net-tools rsync
yum -y -q install openresty
systemctl enable openresty
ln -s /usr/local/openresty/nginx/sbin/nginx /usr/sbin/ #把nginx文件引用到常规sbin目录
ln -s /usr/local/openresty/nginx/conf /etc/nginx #把目录软连接到常规目录
ln -s /usr/lib/systemd/system/openresty.service /usr/lib/systemd/system/nginx.service #Centos7的服务启动管理nginx别名
firewall-cmd --permanent --add-service=http
firewall-cmd --permanent --add-service=https
firewall-cmd --reload
基础部署完成后,用rsync同步数据后再做其他基础配置基本完成管理.
for VM in `lvs|grep img|grep -v snap | awk -F_ '{ print $1}'` ;
do
echo "lvcreate -L 50G -s -n "$VM"_snap /dev/vg0/"$VM"_img "
echo "dd if=/dev/vg0/"$VM"_snap conv=sync,noerror bs=64K | gzip -c | ssh root@服务器IP "gzip -d |dd of=/dev/vg0/"$VM"_img conv=sync,noerror bs=64K"
echo "lvremove /dev/vg0/"$VM"_snap -f"
echo "echo $VM done \`date\` >>/root/m.log"
echo " "
done
输出可以直接写入新服务器的已建立好的分区, 也可以设置目录保存为文件。
lvcreate -L 50G -s -n kvm10000_snap /dev/vg0/kvm10000_img
dd if=/dev/vg0/kvm1220_snap conv=sync,noerror bs=64K | gzip -c | ssh root@新服务器IP "gzip -d |dd of=/dev/vg0/kvm10000_img conv=sync,noerror bs=64K"
lvremove /dev/vg0/kvm10000_snap -f
echo kvm10000 done `date` >>/root/m.log
从6升级到7,建议按步骤走一遍弄个机器测试升级,玩坏了自己买单。
#!/bin/bash
cat>/root/fix.sh<<EOF
rm -f /lib64/libpcre.so.0 /usr/lib64/libpcre.so.0 /usr/lib64/libsasl2.so.2 /lib64/libsasl2.so.2
ln -s /usr/lib64/libpcre.so.1.2.0 /lib64/libpcre.so.0
ln -s /usr/lib64/libpcre.so.1.2.0 /usr/lib64/libpcre.so.0
ln -s /usr/lib64/libsasl2.so.3.0.0 /usr/lib64/libsasl2.so.2
ln -s /usr/lib64/libsasl2.so.3.0.0 /lib64/libsasl2.so.2
yum -y downgrade grep
mv root/fix.sh root/fix.txt
EOF
chmod 755 /root/fix.sh
echo "/root/fix.sh">> /etc/rc.local
cat>/etc/yum.repos.d/upgradetool.repo<<EOF
[upg]
name=CentOS-$releasever - Upgrade Tool
baseurl=http://buildlogs.centos.org/centos/6/upg/x86_64/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
EOF
yum -y erase openscap
yum -y install redhat-upgrade-tool preupgrade-assistant-contents --disablerepo=base
preupg -s CentOS6_7 <<EOF
y
EOF
rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-7
centos-upgrade-tool-cli --network 7 --instrepo=http://vault.centos.org/centos/7.2.1511/os/x86_64/ <<EOF
y
EOF
reboot
yum -y -q install gcc gcc-c++ glibc-static libstdc++-static kernel-devel lbzip2
wget ftp://gcc.gnu.org/pub/gcc/releases/gcc-9.2.0/gcc-9.2.0.tar.gz -O -|tar xz
cd gcc-9.2.0
./contrib/download_prerequisites
./configure --enable-checking=release --enable-languages=c,c++ --disable-multilib
make
make install
yum -y -q install nss-tools gcc
VER=$(curl -Ss https://api.github.com/repos/FiloSottile/mkcert/releases/latest|grep tag_name|grep -Po '[0-9]+\.[0-9]+\.[0-9]+.*(?=")')
wget -O /usr/bin/mkcert https://github.com/FiloSottile/mkcert/releases/download/v${VER}/mkcert-v${VER}-linux-amd64
chmod +x /usr/bin/mkcert
mkcert -install
mkcert 域名.后缀 '*.域名.后缀 ' 域名2.后缀 localhost 127.0.0.1 ::1
随后生成pem和key 直接在http服务器上绑定即可以使用。
原文地址:http://jtwo.me/use-lua-to-protect-nginx-away-from-cc-attack
好像原文出处的页面已经打不开了,原生的nginx需要编译lua,openresty可以直接用。
location ~ \.php$ {
rewrite_by_lua '
local md5token = ngx.md5(ngx.var.remote_addr .. ngx.var.http_user_agent)
if (ngx.var.cookie_humanflag ~= md5token) then
ngx.header["Set-Cookie"] = "humanflag=" .. md5token
return ngx.redirect(ngx.var.scheme .. "://" .. ngx.var.host .. ngx.var.uri)
end
';
... ...
}
location ~ \.php$ {
if ($cookie_ipaddr != "$remote_addr"){
add_header Set-Cookie "ipaddr=$remote_addr";
rewrite .* "$scheme://$host$uri" redirect;
}
... ...
}
iptables -A INPUT -p tcp -m multiport --dport 25,110,465:587,993:995 -j DROP
iptables -A INPUT -p udp -m multiport --dport 25,110,465:587,993:995 -j DROP
iptables -A OUTPUT -p tcp -m multiport --dport 25,110,465:587,993:995 -j DROP
iptables -A OUTPUT -p udp -m multiport --dport 25,110,465:587,993:995 -j DROP
/etc/init.d/iptables save
yum -y -q install wget gcc patch
wget https://ftp.gnu.org/gnu/bash/bash-5.0.tar.gz -O - | tar xz
cd bash-5.0
wget -r -nd -np http://ftp.gnu.org/gnu/bash/bash-5.0-patches/
for BP in `ls bash50-*|grep -v sig`; do patch -p0 < $BP; done
./configure
make
make install
yum -y install epel-release -y
yum -y --skip-broken install gcc vim-enhanced gcc-c++ libtool-libs libtool autoconf subversion zip unzip wget crontabs iptables file bison patch mlocate flex diffutils automake imake make cmake kernel-devel cpp zlib-devel \
libevent-devel libxml2-devel freetype-devel gd gd-devel libjpeg-devel libpng-devel ncurses-devel \
curl-devel readline-devel openssl-devel glibc-devel glib2-devel bzip2-devel e2fsprogs-devel libidn-devel gettext-devel expat-devel libcap-devel libtool-ltdl-devel pam-devel \
libxslt-devel libc-client-devel freetds-devel unixODBC-devel libXpm-devel krb5-devel libicu-devel icu sqlite-devel oniguruma-devel
cd /tmp
wget https://nih.at/libzip/libzip-1.2.0.tar.gz -O - | tar xz
cd libzip-*
./configure --prefix=/usr
make && make install
cp /usr/lib/libzip/include/zipconf.h /usr/local/include/zipconf.h
ldconfig
cd /tmp
wget -c http://us2.php.net/distributions/php-7.3.10.tar.gz -O - | tar xz
cd php-7.3*
./configure --with-config-file-path=/opt/php7/etc --with-config-file-scan-dir=/opt/php7/etc/php.d --prefix=/opt/php7/usr --enable-fpm --enable-bcmath --enable-exif --enable-ftp --enable-mbstring --enable-soap --enable-sockets --enable-zip --with-curl --with-freetype-dir=/usr --with-gettext --with-openssl --with-xmlrpc --with-png-dir --with-jpeg-dir --with-gd --with-libxml-dir=/usr --with-mhash --with-mysql-sock=/var/lib/mysql/mysql.sock --with-pdo-mysql=mysqlnd --with-mysqli=mysqlnd --with-imap --with-imap-ssl --with-kerberos --with-zlib --enable-intl=shared --enable-xml --disable-rpath --enable-shmop --enable-sysvsem --enable-mbregex --with-iconv-dir --enable-pcntl --enable-opcache --enable-exif --with-sqlite3 --with-pdo-sqlite --enable-calendar --enable-wddx --with-libdir=lib64 ;
make -j `grep name /proc/cpuinfo|wc -l`
make install
mkdir -p /opt/php7/etc/
cp php.ini-production /opt/php7/etc/php.ini
#cp ./sapi/fpm/php-fpm /etc/init.d/php-fpm
cp ./sapi/fpm/php-fpm.service /usr/lib/systemd/system/
sed -i 's#expose_php = On#expose_php = Off#' /opt/php7/etc/php.ini
sed -i 's/;date.timezone =/date.timezone = PRC/g' /opt/php7/etc/php.ini
sed -i 's/;cgi.fix_pathinfo=1/cgi.fix_pathinfo=0/g' /opt/php7/etc/php.ini
sed -i 's#enable_dl = Off#enable_dl = On#' /opt/php7/etc/php.ini
sed -i 's#short_open_tag = Off#short_open_tag = On#' /opt/php7/etc/php.ini
sed -i 's#output_buffering = Off#output_buffering = On#' /opt/php7/etc/php.ini
sed -i 's/memory_limit = 32M/memory_limit = 128M/g' /opt/php7/etc/php.ini
sed -i 's/post_max_size = 8M/post_max_size = 32M/g' /opt/php7/etc/php.ini
sed -i 's/upload_max_filesize = 2M/upload_max_filesize = 16M/g' /opt/php7/etc/php.ini
sed -i 's#allow_call_time_pass_reference = Off#allow_call_time_pass_reference = On#' /opt/php7/etc/php.ini
sed -i 's/disable_functions =/disable_functions="exec,system,passthru,shell_exec,escapeshellarg,escapeshellcmd,ini_alter,dl,popen,chown,chroot,chgrp,ini_restore,dbmopen,dbase_open"/g' /opt/php7/etc/php.ini
- «
- 1
- ...
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- ...
- 63
- »
