Skip to content

给nagios增加监控当前php进程数的插件,并用pnp出图

脚本说明 脚本默认监控为php-fpm 以TCP方式运行在本机的端口php php-fpm.conf例

127.0.0.1:9000/value>

其它地址需在脚本中修改相应地址127.0.0.1:9000

最终输出的$total processes为当前正在执行或等待的php数,此数为0或越少越好.

vi check_phpprocs.sh

#!/bin/bash ######################################################################### # # File: check_phpprocs.sh # Description: Nagios check plugins to check php process in *nix. # Language: GNU Bourne-Again SHell # Version: 1.0.0 # Date: 2015-1-16 # Author: C1g # Bog: http://blog.C1gStudio.com ######################################################################### path=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin export PATH STATE_OK=0 STATE_WARNING=1 STATE_CRITICAL=2 STATE_UNKNOWN=3 warn_num=100 critical_num=200 usage(){ echo -e “Usage: $0 -w|–warning warning threshold -c|–critical critical threshold” } select_arg(){ if [ $# -eq 0 ];then return 1 fi until [ $# -eq 0 ];do case $1 in -w|–warning) [ $# -lt 2 ] && return 1 if ! echo $2 |grep -E -q “^[1-9][0-9]*$”;then return 1 fi warn_num=$2 shift 2 ;; -c|–critical) [ $# -lt 2 ] && return 1 if ! echo $2 |grep -E -q “^[1-9][0-9]*$”;then return 1 fi critical_num=$2 shift 2 ;; *) return 1 ;; esac done return 0 } select_arg $@ [ $? -ne 0 ] && usage && exit $STATE_UNKNOWN #echo “warn :$warn_num” #echo “critical :$critical_num” if [ $critical_num -lt $warn_num ];then usage exit $STATE_UNKNOWN fi total=`netstat -n | grep 127.0.0.1:9000 | wc -l` if [ $total -lt $warn_num ];then echo “PHP OK – $total processes |PHP=$total;$warn_num;$critical_num;0” exit $STATE_OK elif [ $total -ge $warn_num -a $total -lt $critical_num ];then echo “PHP WARNING – $total processes |PHP=$total;$warn_num;$critical_num;0” exit $STATE_WARNING elif [ $total -ge $critical_num ];then echo “PHP CRITICAL – $total processes |PHP=$total;$warn_num;$critical_num;0” exit $STATE_CRITICAL else echo “UNKNOWN STATE” exit $STATE_UNKNOWN fi

增加执行权限,宫户端nrpe路径为/opt/nagios/ chown nagios:nagios check_phpprocs.sh chmod 755 check_phpprocs.sh mv ./check_phpprocs.sh /opt/nagios/libexec/

编辑宫户端nrpe.cfg增加监控命令,这里设置waring阀值为100,critical阀值为200 vi /opt/nagios/etc/nrpe.cfg

command[check_phpprocs]=/opt/nagios/libexec/check_phpprocs.sh -w 100 -c 200

重启宫户端nrpe

kill `cat /var/run/nrpe.pid` /opt/nagios/bin/nrpe -c /opt/nagios/etc/nrpe.cfg -d

编辑监控端主机文件c1gstudio.cfg,添加监控服务 vi /usr/local/nagios/etc/objects/c1gstudio.cfg

define service{ use local-service,srv-pnp ; Name of service template to use host_name c1gstudio service_description PHP Processes check_command check_nrpe!check_phpprocs notifications_enabled 1 } pnp4nagios已配好,srv-pnp为配好的模板 可以直接出图 templates.cfg

define service { name srv-pnp register 0 action_url /pnp/index.php?host=$HOSTNAME$&srv=$SERVICEDESC$ process_perf_data 1

参见:https://blog.c1gstudio.com/archives/552

重启nagios /etc/init.d/nagios reload

查看状态 nagios_checkphpprocs

下载check_phpprocs.zip check_phpprocs

参考:http://blog.csdn.net/xluren/article/details/17724043

Posted in Nagios.

Tagged with , , , .

rev="post-1748" No comments

By C1G 2015/01/16

用js创建隐藏来源不带referer的超链接

最直接的是用window.open,对IE9以下有效,Firefox无效

function openwin2(strurl){ window.open(strurl, “newwin”, “height=650,width=778,scrollbars=10,resizable=yes”); }

进阶版,IE6会报错

function open_new_window(full_link){ window.open(‘javascript:window.name;’, ‘

高级版,用基于HTML5标准rel=”noreferrer” 并配合noreferrer.js 可以自动识别浏览器并选择最优方案 分为prototype.js

和jquery版 external link 注意将nofrerrer.js中的google地址改成百度的. http://www.baidu.com/link?url?q 参考: http://zhongfox.github.io/blog/javascript/2013/08/16/remove-referer-using-js/ https://github.com/knu/noreferrer

Posted in JavaScript/DOM/XML.

Tagged with , .

rev="post-1742" No comments

By C1G 2014/12/09

解决discuzx3.2论坛群发短消息(pm)

一开始以为是程序有漏洞,看了source\include\spacecp\spacecp_pm.php代码才知道有开关可以控制.

后台->站点功能->其它-> 全站是否默认只接受好友短消息: 是 否 选择“是”将在个人短消息设置中,默认只接收好友的短消息

选择”是”

用户->用户组->(选择起始的几个用户组)->基本设置->允许发送短消息: 是否可以给任何人发短消息: 是 否 选择否的话,当对方设置为只接受好友短消息,将无法对其发送短消息

选择”否”

并可以相应结合24小时内发布短消息最大数,并设置发送短消息需消耗积分能设置.

Posted in Discuz/Uchome/Ucenter.

Tagged with , .

rev="post-1737" No comments

By C1G 2014/11/21

使用HAProxy给MySQL slave群进行负载均衡和状态监控

blog_haproxy

一.安装haproxy

haproxy机器 http://haproxy.1wt.deu 需翻墙

tar zxvf haproxy-1.4.25.tar.gz cd haproxy-1.4.25 make TARGET=linux26 make install mkdir -p /usr/local/haproxy/ chown nobody:nobody /usr/local/haproxy/ mkdir /etc/haproxy/ cp examples/haproxy.cfg /etc/haproxy/ cp examples/haproxy.init /etc/init.d/haproxy chown root:root /etc/init.d/haproxy chmod 700 /etc/init.d/haproxy

修改haproxy启动脚本

/usr/sbin/$BASENAME 改成 /usr/local/sbin/$BASENAME

sed -i -r ‘s|/usr/sbin|/usr/local/sbin|’ /etc/init.d/haproxy

编辑配置文件 vi /etc/haproxy/haproxy.cfg

global #log 127.0.0.1 local0 log 127.0.0.1 local3 info #log loghost local0 info maxconn 4096 chroot /usr/local/haproxy uid nobody gid nobody daemon debug #quiet defaults log global mode tcp #option httplog option dontlognull retries 3 option redispatch maxconn 2000 contimeout 5000 clitimeout 50000 srvtimeout 50000 frontend mysql bind 192.168.0.107:3306 maxconn 3000 default_backend mysql_slave backend mysql_slave #cookie SERVERID rewrite mode tcp balance roundrobin #balance source #balance leastconn contimeout 10s timeout check 2s option httpchk OPTIONS * HTTP/1.1\r\nHost:\ www server mysql_192_168_0_104_3306 192.168.0.104:3306 weight 1 check port 9300 inter 5s rise 2 fall 3 server mysql_192_168_0_104_3307 192.168.0.104:3307 weight 1 check port 9301 inter 5s rise 2 fall 3 #server mysql_192_168_0_106_3306 192.168.0.106:3306 weight 1 check port 9300 inter 5s rise 2 fall 3 listen admin_status mode http bind 192.168.0.107:8000 option httplog log global stats enable stats refresh 30s stats hide-version stats realm Haproxy\ Statistics stats uri /admin-status stats auth admin:123456 stats admin if TRUE

打开监控的iptables

iptables -A INPUT -p tcp -m tcp -s 192.168.0.0/24 –dport 8000 -j ACCEPT

添加自启动并启动haproxy服务

chkconfig –add haproxy chkconfig haproxy on service haproxy start

被监控机上

我这里是单机双实例,所以有2个脚本,单机只需一个脚本和一个服务端口就行 编辑mysql检测3306脚本 vi /opt/shell/mysqlchk_status_3306.sh

#!/bin/bash # # /usr/local/bin/mysqlchk_status.sh # # This script checks if a mysql server is healthy running on localhost. It will # return: # # “HTTP/1.x 200 OK\r” (if mysql is running smoothly) # # – OR – # # “HTTP/1.x 503 Internal Server Error\r” (else) # MYSQL_HOST=”localhost” MYSQL_PORT=”3306″ MYSQL_USERNAME=”mysqlcheck” MYSQL_PASSWORD=”paSSword” MYSQL_PATH=”/opt/mysql/bin/” # # We perform a simple query that should return a few results #${MYSQL_PATH}mysql -h${MYSQL_HOST} -P${MYSQL_PORT} -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show slave status\G;” >/tmp/rep${MYSQL_PORT}.txt ${MYSQL_PATH}mysql -h${MYSQL_HOST} -P${MYSQL_PORT} -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show full processlist;” >/tmp/processlist${MYSQL_PORT}.txt ${MYSQL_PATH}mysql -h${MYSQL_HOST} -P${MYSQL_PORT} -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show slave status\G;” >/tmp/rep${MYSQL_PORT}.txt iostat=`grep “Slave_IO_Running” /tmp/rep${MYSQL_PORT}.txt |awk ‘{print $2}’` sqlstat=`grep “Slave_SQL_Running” /tmp/rep${MYSQL_PORT}.txt |awk ‘{print $2}’` result=$(cat /tmp/processlist${MYSQL_PORT}.txt|wc -l) echo iostat:$iostat and sqlstat:$sqlstat # if slave_IO_Running and Slave_sql_Running ok,then return 200 code if [ “$result” -gt “3” ] && [ “$iostat” = “Yes” ] && [ “$sqlstat” = “Yes” ]; then # mysql is fine, return http 200 /bin/echo -e “HTTP/1.1 200 OK\r\n” else # mysql is down, return http 503 /bin/echo -e “HTTP/1.1 503 Service Unavailable\r\n” fi

vi /opt/shell/mysqlchk_status_3307.sh

#!/bin/bash # # /usr/local/bin/mysqlchk_status.sh # # This script checks if a mysql server is healthy running on localhost. It will # return: # # “HTTP/1.x 200 OK\r” (if mysql is running smoothly) # # – OR – # # “HTTP/1.x 503 Internal Server Error\r” (else) # MYSQL_HOST=”localhost” MYSQL_PORT=”3307″ MYSQL_USERNAME=”mysqlcheck” MYSQL_PASSWORD=”paSSword” MYSQL_PATH=”/opt/mysql/bin/” # # We perform a simple query that should return a few results #${MYSQL_PATH}mysql -h${MYSQL_HOST} -P${MYSQL_PORT} -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show slave status\G;” >/tmp/rep${MYSQL_PORT}.txt ${MYSQL_PATH}mysql -S/data/mysql/mysql.sock -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show full processlist;” >/tmp/processlist${MYSQL_PORT}.txt ${MYSQL_PATH}mysql -S/data/mysql/mysql.sock -u${MYSQL_USERNAME} -p${MYSQL_PASSWORD} -e “show slave status\G;” >/tmp/rep${MYSQL_PORT}.txt iostat=`grep “Slave_IO_Running” /tmp/rep${MYSQL_PORT}.txt |awk ‘{print $2}’` sqlstat=`grep “Slave_SQL_Running” /tmp/rep${MYSQL_PORT}.txt |awk ‘{print $2}’` result=$(cat /tmp/processlist${MYSQL_PORT}.txt|wc -l) #echo iostat:$iostat and sqlstat:$sqlstat echo $result # if slave_IO_Running and Slave_sql_Running ok,then return 200 code if [ “$result” -gt “3” ] && [ “$iostat” = “Yes” ] && [ “$sqlstat” = “Yes” ]; then # mysql is fine, return http 200 /bin/echo -e “HTTP/1.1 200 OK\r\n” else # mysql is down, return http 503 /bin/echo -e “HTTP/1.1 503 Service Unavailable\r\n” fi

chmod 775 /opt/shell/mysqlchk_status_3306.sh chmod 775 /opt/shell/mysqlchk_status_3307.sh

在mysql slave另行建立一个具有process和slave_client权限的账号。

CREATE USER ‘mysqlcheck’@’localhost’ IDENTIFIED BY ‘PaSSword’; GRANT PROCESS , REPLICATION CLIENT ON * . * TO ‘mysqlcheck’@’localhost’ IDENTIFIED BY ‘PaSSword’ WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ; flush privileges;

测试脚本 ./mysqlchk_status_3306.sh

添加服务 绑定内网ip,运行于930端口,只开放给192.168.0内网 yum install -y xinetd vim /etc/xinetd.d/mysql_status

service mysqlchk_status3306 { flags = REUSE socket_type = stream bind = 192.168.0.104 port = 9300 wait = no user = nobody server = /opt/shell/mysqlchk_status_3306.sh log_type = FILE /dev/null log_on_failure += USERID disable = no only_from = 192.168.0.0/24 } service mysqlchk_status3307 { flags = REUSE socket_type = stream bind = 192.168.0.104 port = 9301 wait = no user = nobody server = /opt/shell/mysqlchk_status_3307.sh log_type = FILE /dev/null log_on_failure += USERID disable = no only_from = 192.168.0.0/24 }

bind和only_from的ip地址要有haproxy能请求的权限,使用drbd用0.0.0.0 user要用server脚本的执行权限 port端口要在/etc/service 中声明

chattr -i /etc/services vi /etc/services

mysqlchk_status3306 9300/tcp #haproxy mysql check mysqlchk_status3307 9301/tcp #haproxy mysql check

services中的mysqlchk_status3306 要和xinetd.d中service名对应

打开iptables

iptables -A INPUT -p tcp -m tcp -s 192.168.0.0/24 –dport 9300 -j ACCEPT iptables -A INPUT -p tcp -m tcp -s 192.168.0.0/24 –dport 9301 -j ACCEPT

/etc/init.d/iptables save

添加自启动及启动服务 chkconfig xinetd –level 345 on /etc/init.d/xinetd start

查看是否运行 netstat -lntp

Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:9300 0.0.0.0:* LISTEN 4863/xinetd tcp 0 0 0.0.0.0:9301 0.0.0.0:* LISTEN 4863/xinetd

如果没有的话注意检测下bind地址及服务端口

在监控机运行测试 telnet 192.168.0.104 9300

Trying 192.168.0.104… Connected to 192.168.0.104 (192.168.0.104). Escape character is ‘^]’. /opt/shell/mysqlchk_status_3306.sh: line 24: /tmp/processlist3306.txt: Permission denied /opt/shell/mysqlchk_status_3306.sh: line 25: /tmp/rep3306.txt: Permission denied HTTP/1.1 200 OK Connection closed by foreign host.

之前用root运行过所以报错,在被监控机删除临时文件

rm -f /tmp/processlist3306.txt /tmp/processlist3307.txt rm -f /tmp/rep3306.txt /tmp/rep3307.txt

没有输出则需检查mysqlchk_status_3306.sh脚本执行权限

启动后/var/log/messages 中会有很多日志

Oct 23 14:37:00 lova xinetd[11057]: START: mysqlchk_status3306 pid=11464 from=192.168.0.22 Oct 23 14:37:00 lova xinetd[11057]: EXIT: mysqlchk_status3306 status=0 pid=11464 duration=0(sec) Oct 23 14:37:05 lova xinetd[11057]: START: mysqlchk_status3306 pid=11494 from=192.168.0.22 Oct 23 14:37:05 lova xinetd[11057]: EXIT: mysqlchk_status3306 status=0 pid=11494 duration=0(sec)

在haproxy配置中将日志输出到黑洞 log_type = FILE /dev/null

查看监控

直接访问localhost是503 http://localhost/ 503 Service Unavailable

No server is available to handle this request.

加上admin-status http://localhost/admin-status

应用时需在slave mysql上的mysql添加通过haproxy的用户权限

haproxy的命令 /etc/init.d/haproxy Usage: haproxy {start|stop|restart|reload|condrestart|status|check}

附 优化time_wait,防止端口耗尽 vi /etc/sysctl.conf

net.ipv4.ip_local_port_range = 1025 65000 net.ipv4.tcp_tw_reuse = 1 net.ipv4.tcp_tw_recycle = 1 net.ipv4.tcp_fin_timeout = 15 net.ipv4.tcp_max_tw_buckets = 35000

sysctl -p

使用nginx反向代理haprox后台

#省略 listen admin_status mode http bind 192.168.0.107:8000 option httplog log global stats enable stats refresh 30s stats hide-version stats realm Haproxy\ Statistics #stats uri /admin-status stats uri /haproxy/ #stats auth admin:123456 #stats admin if TRUE

nginx.conf

#省略 location ~* ^/haproxy/ { proxy_pass http://192.168.0.107:8000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-For $remote_addr; proxy_redirect off; } #省略

参考: http://linux.die.net/man/5/xinetd.conf http://adslroot.blogspot.com/2013/12/haproxy-mysql.html

Posted in haproxy/Atlas, 技术.

Tagged with , , , .

rev="post-1728" No comments

By C1G 2014/11/07

linux查看和改变网卡工作速率

同一机柜其它机器都在千兆模式但有几台却是百兆,调整速度后还自动降速到百兆. 最后让机房换了网线立马解决问题,数据库的进程排队也降低了

查看网卡信息,网卡支持千兆但工作在百兆. ethtool eth2

Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: No Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full

调整到千兆 ethtool -s eth2 speed 1000 duplex full

tail /var/log/messages

Oct 23 10:17:22 C1g kernel: e1000e: eth2 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None Oct 23 10:17:23 C1g kernel: e1000e: eth2 NIC Link is Down Oct 23 10:17:33 C1g kernel: e1000e: eth2 NIC Link is Up 100 Mbps Full Duplex, Flow Control: None Oct 23 10:17:33 C1g kernel: 0000:03:00.1: eth2: 10/100 speed: disabling TSO

又变回到百兆

ethtool备注 ethtool ethX //查询ethX网口基本设置 ethtool –h //显示ethtool的命令帮助(help) ethtool –i ethX //查询ethX网口的相关信息 ethtool –d ethX //查询ethX网口注册性信息 ethtool –r ethX //重置ethX网口到自适应模式 ethtool –S ethX //查询ethX网口收发包统计 ethtool –s ethX [speed 10|100|1000]\ //设置网口速率10/100/1000M [duplex half|full]\ //设置网口半/全双工 [autoneg on|off]\ //设置网口是否自协商

Posted in linux 维护优化.

Tagged with , , .

rev="post-1721" No comments

By C1G 2014/10/23

禁止微软搜索蜘蛛

禁止微软蜘蛛,爬的太疯狂了,还不带流量… 同时降低频率到60秒间隔. 在web根目录下编辑robots.txt

User-agent: Bingbot Disallow: / User-agent: Adidxbot Disallow: / User-agent: MSNBot Disallow: / User-agent: BingPreview Disallow: / User-agent: * Disallow: Crawl-delay: 60 Disallow: /api/ Disallow: /data/

参考: http://www.bing.com/webmaster/help/which-crawlers-does-bing-use-8c184ec0 http://tool.chinaz.com/robots/

Posted in SEO, 网站建设.

Tagged with , , .

rev="post-1717" No comments

By C1G 2014/10/23

mysql多列索引使用注意

MySQL可以为多个列创建索引。一个索引可以包括15个列。 CREATE TABLE test ( id INT NOT NULL, cola CHAR(30) NOT NULL, colb CHAR(30) NOT NULL, PRIMARY KEY (id), INDEX name (cola ,colb ) );

select from tables where colb=’2014′; select from tables where cola=’c1g’ or colb=’2014′;

SELECT * from tbltables where keycola LIKE ‘%c1g%’;

select from tables order by cola asc,colb desc; select from tables order by cola desc,colb asc; 以上是用不到索引的

select from tables where cola=’c1g’ select from tables where cola=’c1g’ and colb=’2014′; select from tables where cola=’c1g’ and colb>’2000′ and colb<'2015'; select from tables where cola=’c1g’ and (colb=’2000′ and colb=’2015′);

SELECT * from tbltables where keycola LIKE ‘c1g%’;

select from tables order by cola asc,colb asc; select from tables order by cola desc,colb desc; 以上是可以用到索引的.

用于排序的column的排序顺序必须一致。

Posted in Mysql.

Tagged with .

rev="post-1714" No comments

By C1G 2014/10/16

mysql连接本地非默认端口

今天需DUMP个本地MYSQL db时遇到的奇怪问题,用mysql_multi起的多实例,连接到localhost时-P端口无效. mysqldump和mysql一样无效

常规连接mysql数据库命令为,没问题 mysql -hlocalhost -uroot -p

连接本地其它端口老是跑到3306去,但是用其它机器加IP是可以连接. mysql -hlocalhost -P3308 -uroot -p

暂时用socket连接解决问题,只导出结构. mysqldump -s/tmp/mysql_3308.sock -uroot -p -d mydb > mydb createdb.sql

Posted in Mysql.

Tagged with .

rev="post-1712" No comments

By C1G 2014/10/15

OpenSSH SFTP远程溢出漏洞

近日曝出OpenSSH SFTP 远程溢出漏洞。OpenSSH服务器中如果OpenSSH服务器中没有配置”ChrootDirectory”,普通用户就可以访问所有文件系统的资源,包括 /proc,在>=2.6.x的Linux内核上,/proc/self/maps会显示你的内存布局,/proc/self/mem可以让你任意在当前进程上下文中读写,而综合两者特性则可以造成远程溢出。

目前受影响的版本是<=OpenSSH 6.6,安恒信息建议使用该系统的用户尽快升级到最新版本OpenSSH 6.7, OpenSSH 6.7包含了降低风险的方案:sftp-server使用prctl()来阻止直接访问/proc/self/{mem,maps}。Grsecurity/PaX直接禁止了/proc/pid/mem的可写,所以如果您的生产环境中部署了Grsecurity/PaX的话这个漏洞可以不用担心。

OpenSSH 6.7下载地址:

ftp://ftp.openbsd.com/pub/OpenBSD/OpenSSH/portable/openssh-6.7p1.tar.gz

参考信息:

http://seclists.org/fulldisclosure/2014/Oct/35

注:首先你需要有权限登录的用户才能干点事。

Posted in 安全通告.

Tagged with , , .

rev="post-1710" No comments

By C1G 2014/10/11

曝Bash安全漏洞 比心血还严重 附测试及补救

20140925曝出的来的漏洞,该漏洞对电脑用户构成的威胁可能比今年4月发现的“心脏流血”(Heartbleed)漏洞更大. 网络安全公司Rapid7工程部经理托德·贝尔德斯利(Tod Beardsley)警告称,Bash漏洞的严重级别为“10”,意味着它对用户电脑的威胁最大。Bash漏洞的利用复杂度级别为“低”,意味着黑客可以相对轻松地利用它发动攻击。

测试方法,执行下面命令

$ env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” vulnerable this is a test

出现上面文字侧需要打补丁了.

我试了下centos5.4 5.5 6.0等都有问题 GNU bash, version 3.2.25(1)-release-(x86_64-redhat-linux-gnu) GNU bash, version 4.1.2(1)-release-(x86_64-unknown-linux-gnu)

补救

yum -y update bash

升级后再测

env x='() { :;}; echo vulnerable’ bash -c “echo this is a test” bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x’ this is a test

如上显示就已修复

参考: https://securityblog.redhat.com/2014/09/24/bash-specially-crafted-environment-variables-code-injection-attack/

Posted in 安全通告.

Tagged with , .

rev="post-1707" No comments

By C1G 2014/09/25