linux vsftp中的local_umask和anon_umask Linux文件系统中：r：4（读）w：2（写）x：1（执行） umask是在linux中常见的一个东西，它其实是一个掩码。当然，也有umask这样一个命令，它是对用户建立的文件的默认属性的定义。该 定义为：假设umask为022，则对于一个文件夹的话，它的默认属性为 777-022=755,这也就是我们平时建立文件夹的权限。而对于一般的文件的话，则是用 666-022=644.umask是unix操作系统的概念，umask决定目录和文件被创建时得到的初始权限umask = 022 时，新建的目录 权限是755，文件的权限是 644umask = 077 时，新建的目录 权限是700，文件的权限时 600vsftpd的local_umask和anon_umask借鉴了它默认情况下vsftp上传之后文件的权限是600，目录权限是700想要修改上传之后文件的权限，有两种情况如果使用vsftp的是本地用户则要修改配置文件中的 local_umask 的值如果使用vsftp的是虚拟用户则要修改配置文件中的 anon_umask 的值

.grap_1{ color:#000000; } .gray { color: #999999; }1秒就能解决的Excel问题，有人竟花了9小时！ 这个灾难跟一个「世纪难题」有关，那就是——「Excel 到底有多少行？」 为了找到这一问题的结果，2017 年 1 月 11 日，一外国小哥勇敢地站了出来，亲手进行手动计数实验。 令人「感动」的是， 9 小时 36 分之后，他终于成功滚到了最后一行！ 只是，小哥如果知道 Ctrl+↓ 可以到最后一行，会不会气的吐血？ 在嘲笑小哥之前，你知道么，其实有些常用的 Excel 操作，明明可以 1 秒完成，你却和小哥一样，选择了最慢的方式。 明明是谁 O.O 你不信？我赌 2毛 5 压岁钱，你会输光你的棒棒糖！ 在 Excel 中，如果说「求和」是使用次数最多的函数应该没人不...

针对CVE-2017-12615和CVE-2017-12616: Tomcat安全漏洞问题做重要预警。如您尚未完成相关漏洞的修复工作，强烈建议您参考下文立即执行解决方案。Apache Tomcat于2017年09月19日发布漏洞修复公告：CVE-2017-12615：运行在Windows主机上Tomcat，如果开启了HTTP请求的PUT方法，利用精心构造的请求，可向服务器上传任意JSP文件；当该JSP文件被请求访问时，文件中代码将在服务器执行；CVE-2017-12616：当Tomcat启用VirtualDirContext时，利用精心构造的请求，不但可以绕过安全相关的限制，还可以读取到由VirtualDirContext提供支持资源的JSP源代码；漏洞危害：CVE-2017-12615： 该漏洞可导致远程代码执行，进而获取服务器权限；CVE-2017-12616： 该漏洞可导致JSP源代码泄露；漏洞影响：CVE-2017-12615： Apache Tomcat 7.0.0-7.0.79CVE-2017-12616： Apache Tomcat 7.0.0-7.0.80修复方案：建议升级Tomcat到7.0.81；漏洞来源：https://tomcat.apache.org/security-7.html

How to configure DRBD On CentOS 6.5 IntroductionThe Distributed Replicated Block Device (DRBD) is a distributed replicated storage system for the Linux platform. It is implemented as several userspace management applications and some shell scripts and is normally used on high availability (HA) computer clusters. DRBD refers as well to the logical block devices provided by the scheme and to software that implements it. The DRBD software is free software released under the terms of the GNU General Public License version 2. DRBD is part of the Lisog open source stack initiative. Distributed Replicated Block Device is actually a network based RAID 1. If you need to secure data on certain disk and are therefore mirroring your data to another disk via network, you have to configure DRBD on your system.In this tutorial, let us see how to install and configure DRBD on CentOS 6.5.Requirements– Two disks  (preferably same size)– Networking b...

How To Configure A High Available Load-balancer With HAProxy And Keepalived This tutorial explains how to set up a two-node load balancer with HAProxy and keepalived on CentOS 7. The load balancer sits between the user and two (or more) backend Apache web servers that hold the same content.  If one of them is down, all requests will automatically be redirected to the remaining backend server. which means the users will not notice any disruption of the service.For configuring HA-Load balanceer, You need 2 virtual/physical servers for the load-balancers and 2 virtual/physical servers to load-balance. In addition to the 4 IP addresses needed by the servers themselves, a fifth virtual IP address (VIP) is necessary. The two load-balanc...

Configuring A High Availability Apache Cluster With Pacemaker On CentOS 7 Hello everyone.Today we will learn how we can setup & configure Pacemaker on two CentOS 7 Linux servers for high availability purposes. I will stuck with the very basic fundamental and I will not dive deep on it over here for this tutorial.Let’s begin then.First, we need to know what is CentOS, Pacemaker and High Availability and why we need them.Why CentOS?CentOS Linux is a community-supported distribution derived from sources freely provided to the public by Red Hat for Red Hat Enterprise Linux (RHEL). As such, CentOS Linux aims to be functionally compatible with RHEL. The CentOS Project mainly changes packages to remove upstream vendor branding and artwork. CentOS Linux is no-cost and free to redistribute. Each CentOS version is maintained for up to 10 years (by means of security updates — the duration of the support interval by Red Hat has varied...

Install GFS2 In CentOS 6.5 In computing, the Global File System 2 or GFS2 is a shared disk file system for Linux computer clusters. GFS2 differs from distributed file systems (such as AFS, Coda, InterMezzo, or GlusterFS) because GFS2 allows all nodes to have direct concurrent access to the same shared block storage. In addition, GFS or GFS2 can also be used as a local filesystem. GFS  has no disconnected operating-mode, and no client or server roles. All nodes in a GFS cluster function as peers. Using GFS in a cluster requires hardware to allow access to the shared storage, and a lock manager to control access to the storage. The lock manager operates as a separate module: thus GFS and GFS2 can use the Distributed Lock Manager (DLM) for cluster configurations and the “nolock” lock manager for local filesystems. Older versions of GFS also support GULM, a server based lock manager which implements redundancy via failover.Here is my t...

Nginx配置文件主要分成四部分：main（全局设置）、server（主机设置）、upstream（上游服务器设置，主要为反向代理、负载均衡相关配置）和 location（URL匹配特定位置后的设置），每部分包含若干个指令。    main部分设置的指令将影响其它所有部分的设置；server部分的指令主要用于指定虚拟主机域名、IP和端口；upstream的指令用于设置一系列的后端服务器，设置反向代理及后端服务器的负载均衡；location部分用于匹配网页位置（比如，根目录“/”,“/images”,等等）。    他们之间的关系式：server继承main，location继承server；upstream既不会继承指令也不会被继承。它有自己的特殊指令，不需要在其他地方的应用。######Nginx配置文件nginx.conf中文详解##### #定义Nginx运行的用户和用户组 user www www; #nginx进程数，建议设置为等于CPU总核心数。 worker_processes 8; #全局错误日志定义类型，[ debug | info | notice | warn | error | crit ] error_log /usr/localinx/logs/error.log info; #进程pid文件 pid ...

应用部署到weblogic下（Tomcat下无问题），filter执行时报错： java.lang.IllegalStateException: Cannot resize buffer - 299 bytes have already been written (Servlet 2.3, sec. 5.1)at weblogic.servlet.internal.ServletResponseImpl.setBufferSize(ServletResponseImpl.java:346)at weblogic.servlet.jsp.PageContextImpl.initialize(PageContextImpl.java:74)at weblogic.servlet.jsp.PageContextImpl.<init>(PageContextImpl.java:110)at weblogic.servlet.jsp.JspFactoryImpl.getPageContext(JspFactoryImpl.java:40)at jsp_servlet.__index._jspService(__index.java:65)原因：调用了response.sendRedirect()之后，再调用了filterChain.doFilter(request, response)解决：修改代码，确保 sendRedirect 之后 return 或 doFilter 之前无 sendRedirect。Jetty下，post 1个表单数据时报错： java.lang.IllegalStateException: Form too large210799>200000原因： Jetty对form post data的大小有限制，默认为200000bytes解决： 修改Jetty的默认限制值。1. Jetty: 默认限制为200000bytes(约200KB).修改默认限制值的方法如下：参考：http:/...

下载Nginx到官网下载源码文件，地址：http://nginx.org/en/download.html，选择最新版本。本人下载的地址为：http://nginx.org/download/nginx-1.10.2.tar.gz，可用wget命令下载，也可以在windows系统上下载好再传到linux上。卸载httpd如果系统默认安装了httpd服务，卸载之。不卸载也没关系，这里只是方便默认80端口的处理。yum -y remove httpd解压tar -xzvf nginx-xxxxxx.tar.gz安装编译器和依赖库yum install gcc gcc-c++ zlib-devel pcre-devel openssl-devel openssl-libs openssl -y如果已经安装，就不必了安装前配置cd命令转到解压后的目录下。./configure --prefix=/usr/local/nginx这样安装时系统就会把Nginx安装到/usr/local/nginx目录下。编译make安装make install安装完成，接下来配置环境变量以后就不用使用绝对路径来操作Nginx了：vim /etc/profile.d/http.sh加入以下内容：export PATH=/usr/local/nginx/sbin:$PATH生效配置：source !$启动Nginxnginxnginx -s 后跟stop、reload来关闭和重载nginx，直接运行nginx则启动服务。  如果启动时提示端口被占用，则需要找出被占用的进程，或者更改/usr/local/nginx/conf/nginx.conf文件里的侦听端口。访问Nginx在...