Skip to main content

· One min read

How to debug a busy process (no response)

logging

error occured?

pstack $PID

whether there are many locks waiting

· One min read

iptables port map

  1. 需要先开启linux的数据转发功能
$ vi /etc/sysctl.conf,将net.ipv4.ip_forward=0更改为net.ipv4.ip_forward=1
$ sysctl -p  //使数据转发功能生效
  1. 更改iptables,使之实现nat映射功能

将外网访问192.168.75.5的80端口转发到192.168.75.3:8000端口。

$ iptables -t nat -A PREROUTING -d 192.168.75.5 -p tcp --dport 80 -j DNAT --to-destination 192.168.75.3:8000

将192.168.75.3 8000端口将数据返回给客户端时,将源ip改为192.168.75.5

$ iptables -t nat -A POSTROUTING -d 192.168.75.3 -p tcp --dport 8000 -j SNAT --to 192.168.75.5
  1. 查看nat,可以使用命令:iptables -t nat –list检查nat列表信息
  • references
  • [iptables实现端口映射][https://www.cnblogs.com/dongzhiquan/p/11427461.html]

· One min read

SSSD and Active Directory

  1. install packages:
$ sudo apt install sssd-ad sssd-tools realmd adcli sssd-tools sssd libnss-sss libpam-sss adcli packagekit
  1. join domain
$ sudo realm discover -v $DOMAIN
$ sudo realm join $DOMAIN
  1. edit /etc/sssd/sssd.conf
$ vim /etc/sssd/sssd.conf

[sssd]
domains = ad1.example.com
config_file_version = 2
services = nss, pam

[domain/ad1.example.com]
default_shell = /bin/bash
krb5_store_password_if_offline = True
cache_credentials = True
krb5_realm = AD1.EXAMPLE.COM
realmd_tags = manages-system joined-with-adcli
id_provider = ad
fallback_homedir = /home/%u@%d
ad_domain = ad1.example.com
use_fully_qualified_names = True
ldap_id_mapping = True
access_provider = ad

# the following is not shown in ubuntu documentation,
# but is necessary for version after 22
ad_gpo_ignore_unreadable = True
ad_gpo_access_control = permissive
  1. automatically create home directory

$ sudo pam-auth-update --enable mkhomedir
  1. check 
$ getent passwd $USERNAME@$DOMAIN
  1. login
$ sudo login

ad-client login: $USERNAME@$DOMAIN
Password: 
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-24-generic x86_64)
...
Creating directory '/home/john@ad1.example.com'.
john@ad1.example.com@ad-client:~

· One min read

Member Server in an Active Directory Domain

  1. Install packages:
$ sudo apt install realmd samba libnss-winbind samba-common-bin libpam-winbind winbind
  1. Edit /etc/resolv.conf 
nameserver # BD server ip address
  1. find realm
$ sudo realm discover
  1. Realm join
$ sudo realm join -v --membership-software=samba --client-software=winbind $DOMAIN REALM
  1. edit /etc/nsswitch.conf 
passwd:         files systemd winbind
group:          files systemd winbind
  1. automatically create home directory 
$ sudo pam-auth-update --enable mkhomedir
  1. see references for more detail

· One min read

the key information to implement a memory pool

  • boundary:

How to solve the boundaries between different different chunks

  • name:

How to get an allocated memory chunk

  • reference count

whether the chunk is still used. I want to free the memory only if the process termination or free, with threads free, only do reference count minus 1.

  • data structure:

which data structure will be efficient?

· One min read

find memory leak of a running process

$ cat /proc/$pid/smaps
  1. find out the PID of the process
$ ps -aux
  1. capture /proc/PID/smaps and save into some file like before_meminc.txt
  2. wait till memory gets increased
  3. try again step 2
  4. find the difference between first smaps and 2nd smaps, e.g. with
$ diff -u before_meminc.txt after_meminc.txt

  1. note down the address range where memory got increased

  2. use pstack and watch command to get the right call stack

$ watch -n 1 'pstack $PID | tee -a $PID.stack'

C-c when we caputred right stack

  1. check our stack file, find the functions between address range which we got from step 6.