解决chrome浏览器访问时提示:ERR_UNSAFE_PORT

想在vps做个测试,看看是否25端口屏蔽是否生效,于是起了一个小web服务在25端口做测试,但是使用chrome访问时,提示:

Error 312 (net::ERR_UNSAFE_PORT): Unknown error

解决方法:
Mac:

/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --explicitly-allowed-ports=5000,6000,7000

Windows:

C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe --explicitly-allowed-ports=5000,6000,7000

限制tomcat仅响应本机请求

在VPS上搭建了nginx和tomcat应用,想通过nginx来反向代理127.0.0.1:8080的tomcat对外提供服务,但是8080端口始终对外所有地址提供监听,修改方法有以下三种:
方案一:使用防火墙拦截8080端口
这个是第一个能想到的做法,直接在iptables里做就可以了,不做过多陈述;

方案二:修改tomcat全局仅监听127.0.0.1
在$CATALINA_HOME/conf/server.xml中找到类似以下描述8080监听的标签段:

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />

在该标签中添加:address="127.0.0.1"
完成后为:

<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               address="127.0.0.1"
               redirectPort="8443" />

这样tomcat下发布的所有应用都只能被127.0.0.1访问到了

方案三:修改tomcat下的某一应用仅监听127.0.0.1
在$CATALINA_HOME/conf/server.xml中找到应用路径配置的标签,比如:

<context path="/blog" reloadable="true" docBase="/var/www/blog" />

在context标签中添加监听绑定后修改为:

<context path="/blog" reloadable="true" docBase="/var/www/blog">
    <value className="org.apache.catalina.values.RemoteAddrValue" allow="127.0.0.1" deny="" />
</context>

也可以设置为被特定地址段访问,比如只允许被192.168.1.0-192.168.5.255和192.168.10.0-192.168.15.255这样的IP段访问:

<context path="/blog" reloadable="true" docBase="/var/www/blog">
    <value className="org.apache.catalina.values.RemoteAddrValue"
        allow="192.168.[1-5].*,192.168.[10-15].*" deny="" />
</context>

以上针对tomcat配置文件修改的方案,均为重启tomcat后生效

解决insserv: warning: script '服务名' missing LSB tags and overrides的问题

编写了一个tomcat开机自启动脚本,执行没问题,但是在安装mysql的时候出现了大量的:

insserv: warning: script 'S20tomcat' missing LSB tags and overrides
insserv: warning: script 'tomcat' missing LSB tags and overrides
insserv: There is a loop at service rmnologin if started
insserv: There is a loop between service rmnologin and mountnfs if started
insserv:  loop involving service mountnfs at depth 6
insserv:  loop involving service networking at depth 5
insserv: There is a loop between service tomcat and hwclock if started
insserv:  loop involving service hwclock at depth 3
insserv:  loop involving service mountdevsubfs at depth 2
insserv: There is a loop between service tomcat and udev if started
insserv:  loop involving service udev at depth 1
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!
insserv: Starting tomcat depends on rmnologin and therefore on system facility `$all' which can not be true!

居然还导致mysql安装后的自动配置提示失败,按照LSB tags规范改写脚本如下(debian8环境):

#!/bin/bash
### BEGIN INIT INFO
# Provides:          bbzhh.com
# Required-Start:    $local_fs $network
# Required-Stop:     $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tomcat service
# Description:       tomcat service daemon
### END INIT INFO
#
# description: Apache Tomcat init script
# processname: tomcat
# chkconfig: 234 20 80
#
#
# Copyright (C) 2014 Miglen Evlogiev
#
# This program is free software: you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation, either version 3 of the License, or (at your option) any later
# version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of  MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this program.  If not, see <http://www.gnu.org/licenses/>.
#
# Initially forked from: gist.github.com/valotas/1000094
# Source: gist.github.com/miglen/5590986


#Location of JAVA_HOME (bin files)
export JAVA_HOME=/opt/jdk

#Add Java binary files to PATH
export PATH=$JAVA_HOME/bin:$PATH

#CATALINA_HOME is the location of the bin files of Tomcat
export CATALINA_HOME=/opt/tomcat

#CATALINA_BASE is the location of the configuration files of this instance of Tomcat
export CATALINA_BASE=/opt/tomcat
export CATALINA_BOOTSTRAP=/opt/tomcat/bin/bootstrap.jar

#TOMCAT_USER is the default user of tomcat
export TOMCAT_USER=tomcat

#TOMCAT_USAGE is the message if this script is called without any options
TOMCAT_USAGE="Usage: $0 {\e[00;32mstart\e[00m|\e[00;31mstop\e[00m|\e[00;31mkill\e[00m|\e[00;32mstatus\e[00m|\e[00;31mrestart\e[00m}"

#SHUTDOWN_WAIT is wait time in seconds for java proccess to stop
SHUTDOWN_WAIT=20

tomcat_pid() {
        echo `ps -fe | grep $CATALINA_BOOTSTRAP | grep -v grep | tr -s " "|cut -d" " -f2`
}

start() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo -e "\e[00;31mTomcat is already running (pid: $pid)\e[00m"
  else
    # Start tomcat
    echo -e "\e[00;32mStarting tomcat\e[00m"
    #ulimit -n 100000
    #umask 007
    #/bin/su -p -s /bin/sh $TOMCAT_USER
        if [ `user_exists $TOMCAT_USER` = "1" ]
        then
                /bin/su $TOMCAT_USER -c $CATALINA_HOME/bin/startup.sh
        else
                echo -e "\e[00;31mTomcat user $TOMCAT_USER does not exists. Starting with $(id)\e[00m"
                sh $CATALINA_HOME/bin/startup.sh
        fi
        status
  fi
  return 0
}

status(){
          pid=$(tomcat_pid)
          if [ -n "$pid" ]
            then echo -e "\e[00;32mTomcat is running with pid: $pid\e[00m"
          else
            echo -e "\e[00;31mTomcat is not running\e[00m"
            return 3
          fi
}

terminate() {
        echo -e "\e[00;31mTerminating Tomcat\e[00m"
        kill -9 $(tomcat_pid)
}

stop() {
  pid=$(tomcat_pid)
  if [ -n "$pid" ]
  then
    echo -e "\e[00;31mStoping Tomcat\e[00m"
    #/bin/su -p -s /bin/sh $TOMCAT_USER
        sh $CATALINA_HOME/bin/shutdown.sh

    let kwait=$SHUTDOWN_WAIT
    count=0;
    until [ `ps -p $pid | grep -c $pid` = '0' ] || [ $count -gt $kwait ]
    do
      echo -n -e "\n\e[00;31mwaiting for processes to exit\e[00m";
      sleep 1
      let count=$count+1;
    done

    if [ $count -gt $kwait ]; then
      echo -n -e "\n\e[00;31mkilling processes didn't stop after $SHUTDOWN_WAIT seconds\e[00m"
      terminate
    fi
  else
    echo -e "\e[00;31mTomcat is not running\e[00m"
  fi

  return 0
}

user_exists(){
        if id -u $1 >/dev/null 2>&1; then
        echo "1"
        else
                echo "0"
        fi
}

case $1 in
        start)
          start
        ;;
        stop)
          stop
        ;;
        restart)
          stop
          start
        ;;
        status)
                status
                exit $?
        ;;
        kill)
                terminate
        ;;
        *)
                echo -e $TOMCAT_USAGE
        ;;
esac
exit 0
                                                                                                      

其实解决办法就是在#!/bin/bash下面添加:

### BEGIN INIT INFO
# Provides:          bbzhh.com
# Required-Start:    $local_fs $network
# Required-Stop:     $local_fs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: tomcat service
# Description:       tomcat service daemon
### END INIT INFO

当然,也可以一劳永逸的:

apt-get remove insserv

解决 golang在macos编译时fatal error: MSpanList_Insert错误

mac自从抹盘安装macOS Sierra (version 10.12)之后,就一直没有安装golang环境,这几天想写一个运维小工具,思来想去还是golang最合适,编译后的体积虽然大了一些,但是胜在完全不依赖任何环境、任何第三方库,于是开始了golang环境的折腾。
按照以往惯例,安装golang 1.5+以上版本的时候,如果需要解决交叉编译环境的问题时,需要安装golang1.4.x,于是轻车熟路的先brew安装了gvm,然后gvm install go1.4.3,再然后设置$GOROOT_BOOTSTRAP环境变量为go1.4.3的安装路径,再来gvm install go1.7.3,报错如下:

failed MSpanList_Insert 0x905000 0x9b51f3c97b8 0x0 0x0
fatal error: MSpanList_Insert
runtime stack:
runtime.throw(0x5e5cf0, 0x10)
    /home/travis/.gimme/versions/go1.6.linux.amd64/src/runtime/panic.go:530 +0x90 fp=0x7fff5fbff0b0 sp=0x7fff5fbff098
runtime.(*mSpanList).insert(0x865d08, 0x905000)
    /home/travis/.gimme/versions/go1.6.linux.amd64/src/runtime/mheap.go:933 +0x293 fp=0x7fff5fbff0e0 sp=0x7fff5fbff0b0
runtime.(*mheap).freeSpanLocked(0x865500, 0x905000, 0x100, 0x0)
    /home/travis/.gimme/versions/go1.6.linux.amd64/src/runtime/mheap.go:809 +0x4be fp=0x7fff5fbff148 sp=0x7fff5fbff0e0
runtime.(*mheap).grow(0x865500, 0x8, 0x0)
以下省略……

网上找了一坨坨的解决方案,都说重新安装golang1.7云云
最后,抱着试一试的态度,从golang官方下载了go1.7.3的pkg包,安装后,将$GOROOT_BOOTSTRAP指向了go1.7.3的安装目录(/usr/local/go),问题解决

Linux下使用shell脚本执行需要交互的命令

有些命令或者安装程序在执行时是需要有交互的,比如选择安装路径、选择Y/N等等,如果想用shell脚本中执行该命令,而命令又没有提供默认执行/安装参数时,可以先安装expect,然后按照以下的范例编写:

#!/usr/bin/expect
#spawn sh fncbins.run.LINUX.20160927191846.bin
spawn bash -c "sh fncbins*"
#expect "*"
#send " fncb*.bin\n"
expect "请输入操作系统类型(AIX/HPUX/LINUX),直接回车默认(LINUX):"
send "LINUX\n"
expect "请输入数据库类型(ORACLE/DB2/INFORMIX/PGSQL/MYSQL),直接回车默认(ORACLE):"
send "ORACLE\n"
expect "请输入中间件类型(TUXEDO/FNCBTCP/CICS/MQ),直接回车默认(TUXEDO):"
send "TUXEDO\n"
expect "请输入运行环境类型(开发环境/测试环境/生产环境):(DEV/TST/PRO),直接回车默认(DEV):"
send "DEV\n"
expect "开始安装(Y/N),默认(N)"
send "Y\n"
expect "修改对应的环境变量后,请重新登录用户、启动系统、测试使用"
send "\n"
expect eof
exit

请注意expect后要加上期望匹配的回显