# systemd

https://www.freedesktop.org/software/systemd/man/systemd.exec.html

# exec

参考<network/network>

replace the shell by given command 执行完端口shell,有点类似scp

比如exec ls 执行完退出

也可以加非命令:

exec 8<> /dev/tcp/www.baidu.com/80

find /home/ -type f -size +512M -exec ls -lh {} \;

# jail

参考<buildingblock/haproxy>

chroot最佳实践 www.unixwiz.net/techtips/chroot-practices.html

How to break out of a chroot jail http://www.unixwiz.net/techtips/mirror/chroot-break.html

Setuid Demystified https://people.eecs.berkeley.edu/~daw/papers/setuid-usenix02.pdf

chroot

http://www.voidcn.com/article/p-upddvejj-bam.html

https://baike.baidu.com/item/chroot/3267609?fr=aladdin

https://blog.csdn.net/napolunyishi/article/details/21078799

setuid

http://www.selinuxplus.com/?tag=setuid

https://www.cs.utexas.edu/~shmat/courses/cs380s_fall09/09setuid.pdf

错误用法会导致attacker可以越权

# watch

实时监控


watch ss -tunpl4

watch -n 5 "netstat -anp | grep ESTAB"

# fc-cache

$ yum install gcc
$ yum install gcc-c++
$ yum install xorg-x11-fonts-Type1

$ cat /etc/fonts/fonts.conf
...
<!-- Font directory list -->

        <dir>/usr/share/fonts</dir>
        <dir>/usr/share/X11/fonts/Type1</dir> <dir>/usr/share/X11/fonts/TTF</dir> <dir>/usr/local/share/fonts</dir>
        <dir prefix="xdg">fonts</dir>
        <!-- the following element will be removed in the future -->
        <dir>~/.fonts</dir>
...
$ fc-cache --force
$ ll ~/.cache/fontconfig/
如果访问比如java程序验证码则会对应生成
~/.java/fonts/1.8.0_40/fcinfo-1-sghc2-prod-acs-app-v02.novalocal-RedHat-7.9-en.properties