Information Retrieval Blog » Linux

Figure format conversion in Linux

yezheng — Mon, 22 Feb 2010 18:54:20 +0000

EPS 2 PNG

Manual conversion

Open the file in the GIMP (make sure you have ghostscript installed! — Windows Ghostscript installation instructions)
- Enter 500 in the “resolution” input box
- You may need to uncheck “try bounding box”, since the bounding box sometimes cuts off part of the image.
  - Enter large values for Height and Width if not using the bounding box
- Select color
- Select strong anti-aliasing for both graphics and text
Crop off extra whitespace (shift+C if you can’t find it in the toolbox)
Image → Transform → Rotate 90 degrees clockwise
Filters → Blur → Gaussian blur (No need to blur if you use strong anti-aliasing during conversion. No significant difference between end results.)
- 2.0 px
Image → Scale Image…
- 25%
- Cubic interpolation
You can view at normal size if you want by pressing 1, Ctrl+E
Save as File_name.png

The GIMP documentation

Command-line method

Another route to convert a PS or EPS file (postscript) in png is to use ImageMagick, available on many operating systems. A single command is needed:

convert -density 300 file.ps file.png

The density parameter is the output resolution, expressed in dots per inch. With the standard 5×3.5in size of a gnuplot graph, this results in a 1500×1050 pixels PNG image. ImageMagick automatically applies antialiasing, so no post-processing is needed, making this technique especially suited to batch processing. The following Makefile automatically compiles all gnuplot files in a directory to EPS figures, converts them to PNG and then clears the intermediate EPS files. It assumes that all gnuplot files have a “.plt” extension and that they produce an EPS file with the same name, and the “.eps” extension:

GNUPLOT_FILES = $(wildcard *.plt)
# create the target file list by substituting the extensions of the plt files
FICHIERS_PNG = $(patsubst %.plt,%.png,  $(GNUPLOT_FILES))

all: $(FICHIERS_PNG)

%.eps: %.plt
	@ echo "compillation of "$<
	@gnuplot $<

%.png: %.eps
	@echo "conversion in png format"
	@convert -density 300 $< $*.png
	@echo "end"

What is EPS file format?

Encapsulated PostScript (EPS) is a standard file format for importing and exporting PostScript files. It is usually a single page PostScript program that describes an illustration or an entire page. The purpose of an EPS file is to be included in other pages. Sometimes EPS files are called EPSF files. EPSF simply stands for Encapsulated PostScript Format.

An EPS file can contain any combination of text, graphics and images. Since it is actually a PostScript file, it is one of the most versatile file formats that are available. EPS-files usually contain a small preview image that is used to visualize the content of the file.

命令行解压＆压缩全集 –Linux

yezheng — Mon, 22 Feb 2010 17:25:35 +0000

Commands for Compress and Decompress

.tar

解包： tar xvf FileName.tar
打包：tar cvf FileName.tar DirName
（注：tar是打包，不是压缩！）
———————————————

.gz

解压1：gunzip FileName.gz
解压2：gzip -d FileName.gz
压缩：gzip FileName
.tar.gz
解压：tar zxvf FileName.tar.gz
压缩：tar zcvf FileName.tar.gz DirName

———————————————

.bz2

解压1：bzip2 -d FileName.bz2
解压2：bunzip2 FileName.bz2
压缩： bzip2 -z FileName
.tar.bz2
解压：tar jxvf FileName.tar.bz2
压缩：tar jcvf FileName.tar.bz2 DirName

———————————————

.bz

解压1：bzip2 -d FileName.bz
解压2：bunzip2 FileName.bz
压缩：未知
.tar.bz
解压：tar jxvf FileName.tar.bz
压缩：未知
———————————————

.Z

解压：uncompress FileName.Z
压缩：compress FileName
.tar.Z
解压：tar Zxvf FileName.tar.Z
压缩：tar Zcvf FileName.tar.Z DirName

———————————————

.tgz

解压：tar zxvf FileName.tgz
压缩：未知
.tar.tgz
解压：tar zxvf FileName.tar.tgz
压缩：tar zcvf FileName.tar.tgz FileName
———————————————

.zip

解压：unzip FileName.zip
压缩：zip FileName.zip DirName

compress a directory

zip -r FileName.zip DirName
———————————————

.rar

解压：rar a FileName.rar
压缩：r ar e FileName.rar

rar请到：http://www.rarsoft.com/download.htm 下载！
解压后请将rar_static拷贝到/usr/bin目录（其他由$PATH环境变量指定的目录也可以）：
[root@www2 tmp]# cp rar_static /usr/bin/rar
command: unrar
———————————————

.lha

解压：lha -e FileName.lha
压缩：lha -a FileName.lha FileName

lha请到：http://www.infor.kanazawa-it.ac.jp/…/lhaunix/下载！
>解压后请将lha拷贝到/usr/bin目录（其他由$PATH环境变量指定的目录也可以）：
[root@www2 tmp]# cp lha /usr/bin/
———————————————

.rpm

解包：rpm2cpio FileName.rpm | cpio -div

———————————————
.tar .tgz .tar.gz .tar.Z .tar.bz .tar.bz2 .zip .cpio .rpm .deb .slp .arj .rar .ace .lha .lzh
.lzx .lzs .arc .sda .sfx .lnx .zoo .cab .kar .cpt .pit .sit .sea
解压：sEx x FileName.*
压缩：sEx a FileName.* FileName

sEx只是调用相关程序，本身并无压缩、解压功能，请注意！
sEx请到： http://sourceforge.net/projects/sex下载！
解压后请将sEx拷贝到/usr/bin目录（其他由$PATH环境变量指定的目录也可以）：
[root@www2 tmp]# cp sEx /usr/bin/

backup and sync with lftp

yezheng — Sun, 21 Feb 2010 07:07:20 +0000

lftp is an amazing command line ftp tool, which lets you operate remote files just like in a local filesystem in a terminal (bash). If you work a lot with command line, I bet you would like it. A frequently used functionality with lftp is backup or sync a remote directory with a local one.

Here is simple synchronization script using lftp.

#/bin/bash

lftp -u user,password publish.163.com <

set ftp:ssl-allow no

#a slash “/” in local dir is used to keep the dir structure

mirror print/ ~/tmp_install/print/

mirror -R ~/tmp_install/print/ print/

quit 0

EOF

To write the script, you need to know how to use lftp to connect to an FTP server and synchronize a remote directory with a local one. If your FTP server supports anonymous connections, you can connect to it using the simple command:

lftp ftpsite

If the server requires a user name and password, the connection command would look like:

lftp -u username,password ftpsite.

To synchronize a remote directory with a folder on your hard disk, lftp utilizes the mirror command. Used without switches, this command syncs the current local and remote directories. You can also specify explicitly the source and target directories:

mirror path/to/source_directory path/to/target_directory

The mirror command offers a comprehensive set of switches, which you can use to control the synchronization process. For example, used with the –delete switch, the mirrorcommand deletes the files in the local folder that are not present in the remote directory, while the –only-newer option forces lftp to download only newer files. Another handy switch is –exclude; it allows you to specify which files and directories to skip during synchronization. And if you prefer to keep an eye on the syncing process, you can use the –verboseswitch.

Typing all those switches every time you want to synchronize two directories can be a bit of a bother. Fortunately, lftp understands complex commands that can perform several actions in one fell swoop. All you have to do is to use the -e switch, so lftp stays connected and runs the specified commands:

lftp -u username,password -e "mirror --delete --only-newer --verbose path/to/source_directory path/to/target_directory" ftpsite

Using this command, lftp connects to the FTP server using the provided credentials, and then runs the command(s) in the quotes. You can save the entire command in a text file, then run it by pointing lftp to it using the -f switch:

lftp -f /home/user/ftpscript.txt

lftp has a few other clever tricks up its sleeve. The at switch can come in handy when you want to run the backup at a specific time. The following command, for example, runs at midnight:

lftp at 00:00 -u username,password -e "mirror --delete --only-newer --verbose path/to/source_directory path/to/target_directory" ftpsite &

Notice the ampersand, which sends the command to the background so you don’t have to keep the terminal window open.

Now you know how to create local backup of files and directories stored on an FTP server. But how do you restore the data if disaster strikes? Quite easily, actually. All you have to do is to add the –reverse switch to the mirror command:

lftp -u username,password -e "mirror --reverse --delete --only-newer --verbose path/to/source_directory path/to/target_directory" ftpsite

As the name suggests, the switch reverses the source and target directories, so lftp uploads files from the local directory to the remote FTP server.

vi/vim command summary

yezheng — Sat, 28 Nov 2009 20:33:50 +0000

vi/vim command summary

The following tables contain all the basic vi commands.
Starting vi

Command	Description
vi *file*	start at line 1 of *file*
vi +n *file*	start at line n of *file*
vi + *file*	start at last line of *file*
vi +/*pattern* *file*	start at *pattern* in *file*
vi -r *file*	recover *file* after a system crash

Saving files and quitting vi

Command	Description
:e *file*	edit *file* (save current file with :w first)
:w	save (write out) the file being edited
:w *file*	save as *file*
:w! *file*	save as an existing *file*
:q	quit vi
:wq	save the file and quit vi
	save the file if it has changed and quit vi
:q!	quit vi without saving changes

Moving the cursor

Keys pressed	Effect
h	left one character
l or	right one character
k	up one line
j or	down one line
b	left one word
w	right one word
(	start of sentence
)	end of sentence
{	start of paragraph
}	end of paragraph
1G	top of file
nG	line n
G	end of file
W	first character of insertion
U	up ½ screen
D	down ½ screen
B	up one screen
F	down one screen

Inserting text

Keys pressed	Text inserted
a	after the cursor
A	after last character on the line
i	before the cursor
I	before first character on the line
o	open line below current line
O	open line above current line

Changing and replacing text

Keys pressed	Text changed or replaced
cw	word
3cw	three words
cc	current line
5cc	five lines
r	current character only
R	current character and those to its right
s	current character
S	current line
~	switch between lowercase and uppercase

Deleting text

Keys pressed	Text deleted
x	character under cursor
12x	12 characters
X	character to left of cursor
dw	word
3dw	three words
d0	to beginning of line
d$	to end of line
dd	current line
5dd	five lines
d{	to beginning of paragraph
d}	to end of paragraph
:1,. d	to beginning of file
:.,$ d	to end of file
:1,$ d	whole file

Using markers and buffers

Command	Description
mf	set marker named “f”
`f	go to marker “f”
´f	go to start of line containing marker “f”
“s12yy	copy 12 lines into buffer “s”
“ty}	copy text from cursor to end of paragraph into buffer “t”
“ly1G	copy text from cursor to top of file into buffer “l”
“kd`f	cut text from cursor up to marker “f” into buffer “k”
“kp	paste buffer “k” into text

Searching for text

Search	Finds
/and	next occurrence of “and”, for example, “and”, “stand”, “grand”
?and	previous occurrence of “and”
/^The	next line that starts with “The”, for example, “The”, “Then”, “There”
/^The>	next line that starts with the word “The”
/end$	next line that ends with “end”
/[bB]ox	next occurrence of “box” or “Box”
n	repeat the most recent search, in the same direction
N	repeat the most recent search, in the opposite direction

Searching for and replacing text

Command	Description
:s/pear/peach/g	replace all occurrences of “pear” with “peach” on current line
:/orange/s//lemon/g	change all occurrences of “orange” into “lemon” on next line containing “orange”
:.,$/	replace all words starting with “file” by “directory” on every line from current line onward, for example, “filename” becomes “directoryname”
:g/one/s//1/g	replace every occurrence of “one” with 1, for example, “oneself” becomes “1self”, “someone” becomes “some1”

Matching patterns of text

Expression	Matches
.	any single character
	zero or more of the previous expression
.	zero or more arbitrary characters
<	beginning of a word
>	end of a word
	quote a special character
	the character “”
^	beginning of a line
$	end of a line
[*set*]	one character from a set of characters
[XYZ]	one of the characters “X”, “Y”, or “Z”
[[:upper:]][[:lower:]]*	one uppercase character followed by any number of lowercase characters
[^*set*]	one character not from a set of characters
[^XYZ[:digit:]]	any character except “X”, “Y”, “Z”, or a numeric digit

Options to the :set command

Option	Effect
all	list settings of all options
ignorecase	ignore case in searches
list	display and end-of-line characters
mesg	display messages sent to your terminal
nowrapscan	prevent searches from wrapping round the end or beginning of a file
number	display line numbers
report=5	warn if five or more lines are changed by command
term=ansi	set terminal type to “ansi”
terse	shorten error messages
warn	display “[No write since last change]” on shell escape if file has not been saved

Download Whole Website or Directories by using wget in Linux

yezheng — Sat, 19 Sep 2009 18:43:41 +0000

Download Whole Website or Directories by using wget in Linux

You might have googled a software for downloading a specified website or directory on either Windows or Linux platform . Yes, a bunch of tools can do this for you. Actually, we can do this by using a simple command, wget, on Linux platform. It is highly customizable, just a powerful crawler. You will find it fantastic and really cool. Let me just show you how!

wget

–recursive

–no-clobber

–page-requisites

–html-extension

–convert-links

–restrict-file-names=windows

–domains techstroke.com

–no-parent

www.techstroke.com/Windows/

The command above let you download the “windows” directory at the domain of “techstroke.com” recursively, starting from the url www.techstroke.com/Windows/

How do you like it? Hah, really cool?

Finally, let me explain a bit more about the parameters. Of course, you can refer to its documentation.

The options are:

–recursive: download the entire Web site.

–domains-techstroke.com: don’t follow links outside techstroke.com.

–no-parent: don’t follow links outside the directory /Windows/.

–page-requisites: get all the elements that compose the page (images, CSS and so on).

–html-extension: save files with the .html extension.

–convert-links: convert links so that they work locally, off-line.

–restrict-file-names=windows: modify filenames so that they will work in Windows as well.

–no-clobber: don’t overwrite any existing files (used in case the download is interrupted and

resumed).

How to prevent SSH terminal timeout

yezheng — Fri, 07 Aug 2009 18:05:19 +0000

If you use ssh a lot, you may have noticed that your ssh session times out and you’re logged out every once in a while. Annoying isn’t it? Here I will tutor how to avoid ssh timeout.

Read from remote host ocaoimh.ie: Connection reset by peer
Connection to ocaoimh.ie closed.

There’s a quick fix for that. Actually, there are 2 ways to fix it. You only need to do one of them so choose whichever one is easiest for you. You’ll need root access, so for most people it’s probably safer to do the client fix rather than the server fix.

On the server, login as root and edit /etc/ssh/sshd_config and add the line:

ClientAliveInterval 60

According to man sshd_config, this line,

Sets a timeout interval in seconds after which if no data has been received from the client, sshd(8) will send a message through the encrypted channel to request a response from the client. The default is 0, indicating that these messages will not be sent to the client. This option applies to protocol version 2 only.

Don’t forget to restart sshd on the server after you save the file.
The other way, and easier and safer way is for your desktop machine to send those keep alive messages. As root on your desktop (or client) machine, edit /etc/ssh/ssh_config and add the line:

ServerAliveInterval 60

That will send send a message to the server every 60 seconds, keeping the connection open. I prefer this way because I login to several machines every day, and I don’t have root access to all of them.

SCP –copy among machines

yezheng — Fri, 07 Aug 2009 07:43:17 +0000

SCP

The scp command allows you to copy files over ssh connections. This is pretty useful if you want to transport files between computers, for example to backup something. The scp command uses the ssh command and they are very much alike. However, there are some important differences.

The scp command can be used in three* ways: to copy from a (remote) server to your computer, to copy from your computer to a (remote) server, and to copy from a (remote) server to another (remote) server. In the third case, the data is transferred directly between the servers; your own computer will only tell the servers what to do. These options are very useful for a lot of things that require files to be transferred, so let’s have a look at the syntax of this command:

[rechosen@localhost ~]$ scp examplefile yourusername@yourserver:/home/yourusername/

Looks quite familiar, right? But there are differences. The command above will transfer the file “examplefile” to the directory “/home/yourusername/” at the server “yourserver”, trying to get ssh acces with the username “yourusername”. That’s quite a lot information, but scp really needs it all. Well, almost all of it. You could leave out the “yourusername@” in front of “yourserver”, but only if you want to login on the server with your current username on your own computer. Let’s have a closer look at the end of the command. There’s a colon over there, with a directory after it. Just like Linux’s normal cp command, scp will need to know both the source file(s) and the target directory (or file). For remote hosts, the file(s)/directory are given to the scp command is this way.

You can also copy a file (or multiple files) from the (remote) server to your own computer. Let’s have a look at an example of that:

[rechosen@localhost ~]$ scp yourusername@yourserver:/home/yourusername/examplefile .

Note: The dot at the end means the current local directory. This is a handy trick that can be used about everywhere in Linux. Besides a single dot, you can also type a double dot ( .. ), which is the parent directory of the current directory.

This will copy the file “/home/yourusername/examplefile” to the current directory on your own computer, provided that the username and password are correct and that the file actually exists.

You probably already guessed that the following command copies a file from a (remote) server to another (remote) server:

[rechosen@localhost ~]$ scp yourusername@yourserver:/home/yourusername/examplefile yourusername2@yourserver2:/home/yourusername2/

Please note that, to make the above command work, the servers must be able to reach each other, as the data will be transferred directly between them. If the servers somehow can’t reach each other (for example, if port 22 is not open on one of the sides) you won’t be able to copy anything. In that case, copy the files to your own computer first, then to the other host. Or make the servers able to reach each other (for example by opening the port).

Well, those are the main uses of scp. We’ll now go a bit more in-depth about the differences between ssh and scp.

*: Actually you can also use it just like the normal cp command, withhout any ssh connections in it, but that’s quite useless. It requires you to type an extra ‘s’ =).

Specifying a port with scp

The scp command acts a little different when it comes to ports. You’d expect that specifying a port should be done this way:

[rechosen@localhost ~]$ scp -p yourport yourusername@yourserver:/home/yourusername/examplefile .

However, that will not work. You will get an error message like this one:

cp: cannot stat `yourport’: No such file or directory

This is caused by the different architecture of scp. It aims to resemble cp, and cp also features the -p option. However, in cp terms it means ‘preserve’, and it causes the cp command to preserve things like ownership, permissions and creation dates. The scp command can also preserve things like that, and the -p option enables this feature. The port specification should be done with the -P option. Therefore, the following command will work:

[rechosen@localhost ~]$ scp -P yourport yourusername@yourserver:/home/yourusername/examplefile .

Also note that the -P option must be in front of the (remote) server. The ssh command will still work if you put -p yourport behind the host syntax, but scp won’t. Why? Because scp also supports copying between two servers and therefore needs to know which server the -P option applies to.

Another difference between scp and ssh

Unlike ssh, scp cannot be used to run a command on a (remote) server, as it already uses that feature of ssh to start the scp server on the host. The scp command does have an option that accepts a program (the -S option), but this program will then be used instead of ssh to establish the encrypted connection, and it will not be executed on the remote host.

Tips & Tricks with ssh and scp

Quite a handy thing about scp is that it supports asterisks. You can copy all files in a remote directory in a way like this:

[rechosen@localhost ~]$ scp yourusername@yourserver:/home/yourusername/* .

And you can also just copy a whole directory by specifying the -r (recursive) option:

[rechosen@localhost ~]$ scp -r yourusername@yourserver:/home/yourusername/ .

Both of these also work when copying to a (remote) server or copying between a (remote) server and another (remote) server.

The ssh command can come in handy if you don’t know the exact location of the file you want to copy with scp. First, ssh to the (remote) server:

[rechosen@localhost ~]$ ssh yourusername@yourserver

Then browse to the right directory with cd. This is essential Linux terminal knowledge, so I won’t explain it here. When you’re in the right directory, you can get the full path with this command:

[rechosen@localhost ~]$ pwd

Note: pwd is an abbreviation of Print Working Directory, which is a useful way to remember the command.

You can then copy this output, leave the ssh shell by pressing Ctrl + D, and then paste the full directory path in your scp command. This saves a lot of remembering and typing!

You can also limit the bandwidth scp may use when copying. This is very useful if you’re wanting to copy a huge amount of data without suffering from slow internet for a long time. Limiting bandwidth is done this way:

scp -l bandwidthlimit yourusername@yourserver:/home/yourusername/* .

The bandwidth is specified in Kbit/sec. What does this mean? Eight bits is one byte. If you want to copy no faster than 10 Kbyte/sec, set the limit to 80. If you want to copy no faster than 80 Kbyte/sec, set the limit to 640. Get it? You should set the limit to eight times the maximum Kbyte/sec you want it to be. I’d recommend to set the -l option with all scp’ing you do on a connection that other people need to use, too. A big amount of copying can virtually block a whole 10 Mbit network if you’re using hubs.

vi, vim 显示行号或行数

yezheng — Fri, 31 Jul 2009 01:08:36 +0000

在命令模式输入以下命令

1. 显示行号
:set number
2. 取消行号显示
:set nonumber
3. 跳到一特定行（必须得在命令模式，好像必须每次都得先按Esc键）

回到第一行： G

跳到特定行如99行： 99G

ubuntu ftp server配置

yezheng — Fri, 26 Jun 2009 21:12:40 +0000

vsftpd 启动

vsftpd problem – 500 OOPS: could not bind listening IPv4 socket

sudo /etc/init.d/vsftpd sta

sudo /etc/init.d/vsftpd stop

1）安装vsftpd

sudo apt-get install vsftpd

2）设置 vsftpd.conf文件

注意：设置之前请备份！！

sudo cp /etc/vsftpd.conf /etc/vsftpd.conf.old

.1.1、监听地址与控制端口

　　listen_address=ip address
此参数在VSFTPD使用单独(standalone)模式下有效。此参数定义了在主机的哪个IP地址上监听FTP请求，即在哪个IP地址上提供 FTP服务。对于只有一个IP地址的主机，不需要使用此参数。对于多址主机，不设置此参数，则监听所有IP地址。默认值为无。

listen_port=port_value
指定FTP服务器监听的端口号(控制端口)，默认值为21。此选项在standalone模式下生效。

5.1.2、FTP模式与数据端口
port_enable=YES|NO
如果你要在数据连接时取消PORT模式时，设此选项为NO。默认值为YES。

connetc_from_port_20=YES|NO
控制以PORT模式进行数据传输时是否使用20端口(ftp-data)。YES使用，NO不使用。默认值为NO，但RHL自带的vsftpd.conf文件中此参数设为YES。

ftp_data_port=port number
设定ftp数据传输端口(ftp-data)值。默认值为20。此参数用于PORT FTP模式。

port_promiscuous=YES|NO
默认值为NO。为YES时，取消PORT安全检查。该检查确保外出的数据只能连接到客户端上。小心打开此选项。

pasv_enable=YES|NO
YES，允许数据传输时使用PASV模式。NO，不允许使用PASV模式。默认值为YES。

pasv_min_port=port number
pasv_max_port=port number
设定在PASV模式下，建立数据传输所可以使用port范围的下界和上界，0 表示任意。默认值为0。把端口范围设在比较高的一段范围内，比如50000-60000，将有助于安全性的提高。

pasv_promiscuous=YES|NO
此选项激活时，将关闭PASV模式的安全检查。该检查确保数据连接和控制连接是来自同一个IP地址。小心打开此选项。此选项唯一合理的用法是存在于由安全隧道方案构成的组织中。默认值为NO。

pasv_address=
此选项为一个数字IP地址，作为PASV命令的响应。默认值为none，即地址是从呼入的连接套接字(incoming connectd socket)中获取。

5.2.2 负载控制

max_clients=numerical value
此参数在VSFTPD使用单独(standalone)模式下有效。此参数定义了FTP服务器最大的并发连接数，当超过此连接数时，服务器拒绝客户端连接。默认值为0，表示不限最大连接数。

max_per_ip=numerical value
此参数在VSFTPD使用单独(standalone)模式下有效。此参数定义每个IP地址最大的并发连接数目。超过这个数目将会拒绝连接。此选项的设置将影响到象网际快车这类的多进程下载软件。默认值为0，表示不限制。

anon_max_rate=value
设定匿名用户的最大数据传输速度value，以Bytes/s为单位。默认无。

local_max_rate=value
设定用户的最大数据传输速度value，以Bytes/s为单位。默认无。此选项对所有的用户都生效。此外，也可以在用户个人配置文件中使用此选项，以指定特定用户可获得的最大数据传输速率。
步骤如下：
①在vsftpd.conf中指定用户个人配置文件所在的目录，如：
user_config_dir=/etc/vsftpd/userconf
②生成/etc/vsftpd/userconf目录。
③用户个人配置文件是在该目录下，与特定用户同名的文件，如：
/etc/vsftpd/userconf/xiaowang
④在用户的个人配置文件中设置local_max_rate参数，如：
local_max_rate=80000
以上步骤设定FTP用户xiaowang的最大数据传输速度为80KBytes/s。

VSFTPD 对于速度控制的变化范围大概在80%到120%之间。比如我们限制最高速度为100KBytes/s，但实际的速度可能在80KBytes/s 到120KBytes/s 之间。当然，若是线路带宽不足时，速率自然会低于此限制。

5.3 用户选项

VSFTPD的用户分为三类：匿名用户、本地用户（local user）以及虚拟用户（guest）。

5.3.1、匿名用户

anonymous_enable=YES|NO
控制是否允许匿名用户登录，YES允许，NO不允许，默认值为YES。

ftp_username=
匿名用户所使用的系统用户名。默认下，此参数在配置文件中不出现，值为ftp。

no_anon_password=YES|NO
控制匿名用户登入时是否需要密码，YES不需要，NO需要。默认值为NO。

deny_email_enable=YES|NO
此参数默认值为NO。当值为YES时，拒绝使用banned_email_file参数指定文件中所列出的e-mail地址进行登录的匿名用户。即，当匿名用户使用banned_email_file文件中所列出的e-mail进行登录时，被拒绝。显然，这对于阻击某些Dos攻击有效。当此参数生效时，需追加banned_email_file参数

banned_email_file=/etc/vsftpd.banned_emails
指定包含被拒绝的e-mail地址的文件，默认文件为/etc/vsftpd.banned_emails。

anon_root=
设定匿名用户的根目录，即匿名用户登入后，被定位到此目录下。主配置文件中默认无此项，默认值为/var/ftp/。

anon_world_readable_only=YES|NO
控制是否只允许匿名用户下载可阅读文档。YES，只允许匿名用户下载可阅读的文件。NO，允许匿名用户浏览整个服务器的文件系统。默认值为YES。

anon_upload_enable=YES|NO
控制是否允许匿名用户上传文件，YES允许，NO不允许，默认是不设值，即为NO。除了这个参数外，匿名用户要能上传文件，还需要两个条件：一，write_enable参数为YES;二，在文件系统上，FTP匿名用户对某个目录有写权限。

anon_mkdir_write_enable=YES|NO
控制是否允许匿名用户创建新目录，YES允许，NO不允许，默认是不设值，即为NO。当然在文件系统上，FTP匿名用户必需对新目录的上层目录拥有写权限。

anon_other_write_enable=YES|NO
控制匿名用户是否拥有除了上传和新建目录之外的其他权限，如删除、更名等。YES拥有，NO不拥有，默认值为NO。

chown_uploads=YES|NO
是否修改匿名用户所上传文件的所有权。YES，匿名用户所上传的文件的所有权将改为另外一个不同的用户所有，用户由chown_username参数指定。此选项默认值为NO。

chown_username=whoever
指定拥有匿名用户上传文件所有权的用户。此参数与chown_uploads联用。不推荐使用root用户。

5.3.2、本地用户

在使用FTP服务的用户中，除了匿名用户外，还有一类在FTP服务器所属主机上拥有账号的用户。VSFTPD中称此类用户为本地用户（local users），等同于其他FTP服务器中的real用户

local_enable=YES|NO
控制vsftpd所在的系统的用户是否可以登录vsftpd。默认值为YES。

local_root=
定义所有本地用户的根目录。当本地用户登入时，将被更换到此目录下。默认值为无。

user_config_dir=
定义用户个人配置文件所在的目录。用户的个人配置文件为该目录下的同名文件。个人配置文件的格式与vsftpd.conf格式相同。例如定义 user_config_dir=/etc/vsftpd/userconf，并且主机上有用户xiaowang,lisi，那我们可以在 user_config_dir的目录新增名为xiaowang、lisi的两个文件。当用户lisi 登入时，VSFTPD则会读取user_config_dir下lisi这个文件中的设定值，应用于用户lisi。默认值为无。

5.3.3、虚拟用户

guest_enable=YES|NO
若是启动这项功能，所有的非匿名登入者都视为guest。默认值为关闭。

guest_username=
定义VSFTPD的guest用户在系统中的用户名。默认值为ftp。

5.4、安全措施

5.4.1、用户登录控制

pam_service_name=vsftpd
指出VSFTPD进行PAM认证时所使用的PAM配置文件名，默认值是vsftpd，默认PAM配置文件是/etc/pam.d/vsftpd。

/etc/vsftpd.ftpusers
VSFTPD禁止列在此文件中的用户登录FTP服务器。这个机制是在/etc/pam.d/vsftpd中默认设置的。

userlist_enable=YES|NO
此选项被激活后，VSFTPD将读取userlist_file参数所指定的文件中的用户列表。当列表中的用户登录FTP服务器时，该用户在提示输入密码之前就被禁止了。即该用户名输入后，VSFTPD查到该用户名在列表，VSFTPD就直接禁止掉该用户，不会再进行询问密码等后续步聚。默认值为 NO。

userlist_file=/etc/vsftpd.user_list
指出userlist_enable选项生效后，被读取的包含用户列表的文件。默认值是/etc/vsftpd.user_list。

userlist_deny=YES|NO
决定禁止还是只允许由userlist_file指定文件中的用户登录FTP服务器。此选项在userlist_enable 选项启动后才生效。YES，默认值，禁止文件中的用户登录，同时也不向这些用户发出输入口令的提示。NO，只允许在文件中的用户登录FTP服务器。

tcp_wrappers=YES|NO
在VSFTPD中使用TCP_Wrappers远程访问控制机制，默认值为YES。

5.4.2、目录访问控制

chroot_list_enable=YES|NO
锁定某些用户在自家目录中。即当这些用户登录后，不可以转到系统的其他目录，只能在自家目录(及其子目录)下。具体的用户在chroot_list_file参数所指定的文件中列出。默认值为NO。

chroot_list_file=/etc/vsftpd/chroot_list
指出被锁定在自家目录中的用户的列表文件。文件格式为一行一用户。通常该文件是/etc/vsftpd/chroot_list。此选项默认不设置。

chroot_local_users=YES|NO
将本地用户锁定在自家目录中。当此项被激活时，chroot_list_enable和chroot_local_users参数的作用将发生变化，chroot_list_file所指定文件中的用户将不被锁定在自家目录。本参数被激活后，可能带来安全上的冲突，特别是当用户拥有上传、 shell访问等权限时。因此，只有在确实了解的情况下，才可以打开此参数。默认值为NO。

passwd_chroot_enable
当此选项激活时，与chroot_local_user选项配合，chroot()容器的位置可以在每个用户的基础上指定。每个用户的容器来源于/etc/passwd中每个用户的自家目录字段。默认值为NO。

5.4.3、文件好作控制

hide_ids=YES|NO
是否隐藏文件的所有者和组信息。YES，当用户使用”ls -al”之类的指令时，在目录列表中所有文件的拥有者和组信息都显示为ftp。默认值为NO。

ls_recurse_enable=YES|NO
YES，允许使用”ls -R” 指令。这个选项有一个小的安全风险，因为在一个大型FTP站点的根目录下使用”ls -R”会消耗大量系统资源。默认值为NO。

write_enable=YES|NO
控制是否允许使用任何可以修改文件系统的FTP 的指令，比如STOR、DELE、RNFR、RNTO、MKD、RMD、APPE 以及SITE。默认值为NO，不过自带的简单配置文件中打开了该选项。

secure_chroot_dir=
这选项指向一个空目录，并且ftp用户对此目录无写权限。当vsftpd不需要访问文件系统时，这个目录将被作为一个安全的容器，用户将被限制在此目录中。默认目录为/usr/share/empty。

5.4.4、新增文件权限设定

anon_umask=
匿名用户新增文件的umask 数值。默认值为077。

file_open_mode=
上传档案的权限，与chmod 所使用的数值相同。如果希望上传的文件可以执行，设此值为0777。默认值为0666。

local_umask=
本地用户新增档案时的umask 数值。默认值为077。不过，其他大多数的FTP服务器都是使用022。如果您的用户希望的话，可以修改为022。在自带的配置文件中此项就设为了022。

5.5、提示信息

ftpd_banner=login banner string
此参数定义了login banner string（登录欢迎语字符串）。用户可以自行修改。预设值为无。当ftpd_banner设置后，将取代系统原来的欢迎词。

banner_file=/directory/vsftpd_banner_file
此项指定一个文本文件，当使用者登入时，会显示此该文件的内容，通常为欢迎话语或是说明。默认值为无。与ftpd_banner相比，banner_file是文本文件的形式，而ftpd_banner是字串格式。banner_file选项将取代ftpd_banner选项。

dirmessage_enable=YES|MO
控制是否启用目录提示信息功能。YES启用，NO不启用，默认值为YES。此功能启用后，当用户进入某一个目录时，会检查该目录下是否有message_file选项所指定的文档，若是有，则会出现此文档的内容，通常这个档案会放置欢迎话语，或是对该目录的说明。

message_file=
此选项，仅在dirmessage_enable选项激活方生效。默认值为.message。

5.6、好志设置

xferlog_enable=YES|NO
控制是否启用一个好志文件，用于详细记录上传和下载。该好志文件由xferlog_file选项指定。默认值为NO，但简单配置文件中激活此选项。

xferlog_file=
这个选项设定记录传输好志的文件名。默认值为/var/log/vsftpd.log。

xferlog_std_format=YES|NO
控制好志文件是否使用xferlog的标准格式，如同wu-ftpd一样。使用xferlog格式，可以重新使用已经存在的传输统计生成器。然而，默认的好志格式更为可读性。默认值为NO，但自带的配置文件中激活了此选项。

log_ftp_protocol=YES|NO
当此选项激活后，所有的FTP请求和响应都被记录到好志中。提供此选项时，xferlog_std_format不能被激活。这个选项有助于调试。默认值为NO。

5.7、其他设置

setproctitle_enable=YES|NO
YES，VSFTPD将在系统进程列表中显示每个会话(session)的状态。也就是说，进程报告将显示每个vsftpd会话在做什么(挂起、下载等)，如用ps -ef|grep ftp。出于安全的目的，可以考虑将此选项关闭。NO，进程报告只显示一个vsftpd进程在运行。默认值为NO。

text_userdb_names=YES|No
当使用者登入后使用ls -al 之类指令时，目录列表的用户和组信息域，默认是出现拥有者的UID，而不是该档案拥有者的名称。若是希望出现拥有者的名称，则将此功能开启。默认值为NO。

user_localtime=YES|NO
默认为NO。YES，VSFTPD显示目录列表时使用你本地时区的时间。默认是显示GMT时间。同样，由ftp命令“MDTM”返回的时间值也受此选项影响。

check_shell=YES|NO
此选项仅对不使用PAM方式的VSFTPD生效。当此选项关闭后，当本地用户登录时，VSFTPD不会检查/etc/shells文件以寻找一个有效的用户shell。默认为YES。

nopriv_user=
指定一个用户，当VSFTPD不想要什么权限时，使用此用户身份。这用户最好是一个专用的用户，而不是用户nobody。在大多数的机器上，nobody用户被用于大量重要的事情。默认值为nobody。

pam_service_name=
指明VSFTPD使用用PAM验证服务时的PAM配置文件名。默认值为ftp。

6、VSFTPD应用

本部分介绍VSFTPD的具体应用方法。

6.1、允许匿名用户上传文件
在vsftpd.conf文件中修改或增加以下选项：
write_enable=YES
anon_world_readable_only=NO
anon_upload_enable=YES
anon_mkdir_write_enable=YES

然后创建供匿名用户上传文件的目录，并设定权限：
# mkdir /var/ftp/incoming
# chmod o+w /var/ftp/incoming
由于匿名用户（ftp）上传文件，需要对incoming目录进行好作，而incoming为root所有，匿名用户（ftp）对于incoming来说是其他用户，所以要加入其他用户（o）的写权限。

6.2、限制用户在自家目录

在默认配置中，本地用户可以切换到自家目录以外的目录进行浏览，并在权限范围内进行上传和下载，这无疑是个不安全因素。
我们可以设置chroot，让本地用户登录后只能访问自家目录，无法访问其他目录。相关的选项有三个：chroot_local_user、chroot_list_enable、chroot_list_file。限制用户在自家目录有两种做法：
1、限制所有的本地用户在自家目录
chroot_local_user=YES
这种做法，可能会带来一些安全性上的冲突。参见前面的chroot_local_user选项描述。
2、限制部分本地用户在自家目录
chroot_local_user=NO
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd.chroot_list
在/etc/vsftpd.chroot_list文件中加入要限制的本地用户名。注意一个用户名一行。

6.3、配置高安全级别的匿名FTP服务器

VSFTPD自带的简单配置文件已经自称是偏执狂了，这里看看能否更加偏执一些，。有些选项默认已经采用安全性的设置，这里就不再写出了。

#只允许匿名访问，不允许本地用户访问
anonymous_enable=YES
local_enable=NO

#使用ftpd_banner取代VSFTPD默认的欢迎词，免得泄漏相关信息
ftpd_banner=Welcome to this FTP Server
#只让匿名用户浏览可阅读的文件，不可以浏览整个系统
anon_world_readable_only=YES
#隐藏文件的所有者和组信息，匿名用户看到的文件的所有者和组全变为ftp
hide_ids=YES

#取消写权限
write_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
anon_other_write_enable=NO

#使用单独模式，并指定监听的IP地址
listen_address=ip address
#对连接进行控制，还有超时时间，那就根据具体情况再说了。
connect_from_port_20=YES
pasv_min_port=50000
pasv_max_port=60000
#控制并发数，限定每个IP地址的并发数，这个嘛，根据用户自已定了。
max_clients=numerical value
max_per_ip=numerical value
#限定下载速度，具体限多大，就由用户自己定了，80KB/s，也很快了吧。
anon_max_rate=80000

#启用详细的好志记录格式
xferlog_enable=YES

6.4、基于IP地址的虚拟FTP服务器

假定服务器有两个IP地址，192.168.0.1和192.168.0.2。VSFTPD是建立在192.168.0.1上的，现在我们在192.168.0.2上再提供一个虚拟FTP服务器。如何在一台服务器上使用多个IP 地址，请参考相关文档。

1、创建虚拟FTP服务器的根目录。
mkdir -p /var/ftp2/pub
确保/var/ftp2和/var/ftp2/pub目录的拥有者和组均为root，掩码为755。

2、增加虚拟FTP服务器的匿名用户帐号。原先的FTP服务器使用系统用户ftp作为其匿名用户帐号。我们要增加一个ftp2用于虚拟FTP服务器。
useradd -d /var/ftp2 -M ftp2

3、创建虚拟FTP服务器的配置文件。复制原来的vsftpd.conf作为虚拟FTP服务器的配置文件，并修改相关参数。
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd2.conf
新添或修改以下参数：
listen=YES
listen_address=192.168.0.2
ftp_username=ftp2

注：由于VSFTPD默认是监听所有的IP地址，当我们设定基于IP的虚拟FTP服务器时，为防止原来的FTP服务器与虚拟FTP服务器发生监听上的冲突，原FTP服务器需要指定监听的IP地址。在这里，原来的配置文件中就要设置listen_address=192.168.0.1。

4、启动虚拟FTP服务器。

/etc/rc.d/init.d/vsftpd脚本在启动时，扫描/etc/vsftpd/目录下所有的*.conf文件，按照*.conf文件的先后，依次启用vsftpd进程，每个vsftpd进程对应一个.conf文件。即，“ls /etc/vsftpd/”列表的次序与“ps -aux |grep vsftpd”中的顺序一样。当然了，“ps -aux | grep vsftpd”中也显示出vsftpd所使用的配置文件，从中也可以看哪个vsftpd进程对应哪个FTP服务器。如果没有列出配置文件，那就是默认的 vsftpd.conf，那么该进程也就是原来的FTP服务器进程。
由于第3步中虚拟FTP服务器的配置文件被命名为vsftpd2.conf文件，所以我们可以用/etc/rc.d/init.d/vsftpd脚本同时启动或关闭原FTP服务器和新加的虚拟FTP服务器。
以下命令单独启动虚拟FTP服务器：
/usr/sbin/vsftpd /etc/vsftpd/vsftpd2.conf &
单独关闭虚拟FTP服务器，用“ps -aux | grep vsftpd”查出进程号，再用kill指令杀死虚拟FTP的进程。

6.4、基于IP地址的虚拟FTP服务器

　　假定服务器有两个IP地址，192.168.0.1和192.168.0.2。VSFTPD是建立在192.168.0.1上的，现在我

们在192.168.0.2上再提供一个虚拟FTP服务器。如何在一台服务器上使用多个IP 地址，请参考相关文档

。

　　1、创建虚拟FTP服务器的根目录。
mkdir -p /var/ftp2/pub
确保/var/ftp2和/var/ftp2/pub目录的拥有者和组均为root，掩码为755。

　　2、增加虚拟FTP服务器的匿名用户帐号。原先的FTP服务器使用系统用户ftp作为其匿名用户帐号。我

们要增加一个ftp2用于虚拟FTP服务器。
useradd -d /var/ftp2 -M ftp2

　　3、创建虚拟FTP服务器的配置文件。复制原来的vsftpd.conf作为虚拟FTP服务器的配置文件，并修改

相关参数。
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd2.conf
新添或修改以下参数：
listen=YES
listen_address=192.168.0.2
ftp_username=ftp2

　　注：由于VSFTPD默认是监听所有的IP地址，当我们设定基于IP的虚拟FTP服务器时，为防止原来的FTP

服务器与虚拟FTP服务器发生监听上的冲突，原FTP服务器需要指定监听的IP地址。在这里，原来的配置文

件中就要设置listen_address=192.168.0.1。

　　4、启动虚拟FTP服务器。

　　/etc/rc.d/init.d/vsftpd脚本在启动时，扫描/etc/vsftpd/目录下所有的*.conf文件，按照*.conf

文件的先后，依次启用vsftpd进程，每个vsftpd进程对应一个.conf文件。即，“ls /etc/vsftpd/”列表

的次序与“ps -aux |grep vsftpd”中的顺序一样。当然了，“ps -aux | grep vsftpd”中也显示出

vsftpd所使用的配置文件，从中也可以看哪个vsftpd进程对应哪个FTP服务器。如果没有列出配置文件，

那就是默认的vsftpd.conf，那么该进程也就是原来的FTP服务器进程。
由于第3步中虚拟FTP服务器的配置文件被命名为vsftpd2.conf文件，所以我们可以

用/etc/rc.d/init.d/vsftpd脚本同时启动或关闭原FTP服务器和新加的虚拟FTP服务器。
以下命令单独启动虚拟FTP服务器：
/usr/sbin/vsftpd /etc/vsftpd/vsftpd2.conf &
单独关闭虚拟FTP服务器，用“ps -aux | grep vsftpd”查出进程号，再用kill指令杀死虚拟FTP的

进程。

Ubuntu Server 安装图形界面

yezheng — Sat, 13 Jun 2009 00:15:30 +0000

Ubuntu Server 安装图形界面

1、安装 X 窗口系统：sudo apt-get install x-window-system-core

2、安装登录管理器：sudo apt-get install xdm/gdm/kdm[注]。最常见的图形化登录管理器包括 XDM、GDM、KDM，用户可根据自己的需要选择其中之一

3、安装桌面环境或窗口管理器：sudo apt-get install ubuntu-desktop/kubuntu-desktop/xubuntu-desktop。这将分别安装 GNOME、KDE、XFCE 桌面环境。对于 GNOME、KDE、XFCE 这些桌面环境来说，为了获得更强的定制效果，也可仅安装最基本的组件，如：sudo apt-get install gnome-core/kde-core/xfce4。

如果不需要桌面环境，也可选择安装窗口管理器代替。那样的话，可以执行指令 sudo apt-get install fluxbox/icewm/enlightenment/fvwm

Information Retrieval Blog » Linux

Figure format conversion in Linux

EPS 2 PNG

Manual conversion

Command-line method

See also:

命令行解压＆压缩 全集 –Linux

.tar

.gz

.bz2

.bz

.Z

.tgz

.zip

.rar

.lha

.rpm

backup and sync with lftp

vi/vim command summary

vi/vim command summary

Download Whole Website or Directories by using wget in Linux

Download Whole Website or Directories by using wget in Linux

How to prevent SSH terminal timeout

SCP –copy among machines

vi, vim 显示行号或行数

ubuntu ftp server配置

vsftpd 启动

1）安装vsftpd

2）设置 vsftpd.conf文件

Ubuntu Server 安装图形界面

Ubuntu Server 安装图形界面

命令行解压＆压缩全集 –Linux