Групповые политики в доменах AD Александр Емельянов Gpedit.msc /gpcomputer: Имя_Компьютера ----------------------------------------------------------------------------------------------------------------- MOSS 2007: быстрая настройка и самые интересные возможности Нелли Садретдинова aspnet –regiis –r ----------------------------------------------------------------------------------------------------------------- PostgreSQL vs MySQL Андрей Шетухин # cat /proc/meminfo # ulimit -a mysql> select version(); postgres=# select version(); # InnoDB sync_binlog = 0 innodb_buffer_pool_size = 2048M innodb_additional_mem_pool_size = 64M innodb_log_files_in_group = 2 innodb_log_file_size = 512M innodb_log_buffer_size = 8M innodb_flush_log_at_trx_commit = 0 # MyISAM key_buffer = 1024M table_cache = 1024 sort_buffer_size = 16M read_buffer_size = 4M read_rnd_buffer_size = 4M myisam_sort_buffer_size = 4M query_cache_size = 16M shared_buffers = 500000 temp_buffers = 4000 max_prepared_transactions = 0 work_mem = 128000 maintenance_work_mem = 256000 max_stack_depth = 8192 max_fsm_pages = 200000 max_fsm_relations = 10000 max_files_per_process = 1000 stats_start_collector = on stats_command_string = off stats_row_level = on autovacuum = on CREATE TABLE users ( user_id bigint NOT NULL, user_name character varying(100) NOT NULL, CONSTRAINT users_pk PRIMARY KEY (user_id) ) WITHOUT OIDS; CREATE UNIQUE INDEX users_user_name_u ON users USING btree (user_name); CREATE TABLE friends ( user_id bigint NOT NULL, friend_id bigint NOT NULL, CONSTRAINT friends_pk PRIMARY KEY (user_id, friend_id), CONSTRAINT user_id_fk1 FOREIGN KEY (user_id) REFERENCES users (user_id), CONSTRAINT user_id_fk2 FOREIGN KEY (friend_id) REFERENCES users (user_id) ) WITHOUT OIDS; CREATE TABLE posts ( user_id bigint NOT NULL, post_id bigint NOT NULL, post_date bigint NOT NULL, post_title character varying(256) NOT NULL, post_body text, CONSTRAINT posts_pk PRIMARY KEY (user_id, posts_id), CONSTRAINT user_id_fk3 FOREIGN KEY (user_id) REFERENCES users (user_id) ) WITHOUT OIDS; CREATE TABLE comments ( user_id bigint NOT NULL, posts_id bigint NOT NULL, comments_id bigint NOT NULL, from_user_id bigint NOT NULL, comment_date bigint NOT NULL, comment_title character varying(256) NOT NULL, comment_body text, CONSTRAINT comments_pk PRIMARY KEY (user_id, posts_id, comments_id), CONSTRAINT user_posts_id_fk1 FOREIGN KEY (user_id, posts_id) REFERENCES posts (user_id, posts_id), CONSTRAINT from_user_id_fk2 FOREIGN KEY (user_id) REFERENCES users (user_id) ) WITHOUT OIDS; DROP TABLE IF EXISTS users; CREATE TABLE users ( user_id int(10) NOT NULL auto_increment, user_name varchar(100) NOT NULL, PRIMARY KEY (user_id) ) ENGINE=InnoDB; DROP TABLE IF EXISTS friends; CREATE TABLE friends ( user_id int(10) NOT NULL, friend_id int(10) NOT NULL, PRIMARY KEY (user_id, friend_id) ) ENGINE=InnoDB; DROP TABLE IF EXISTS posts; CREATE TABLE posts ( user_id int(10) NOT NULL, post_id int(10) NOT NULL, post_date int(10) NOT NULL, post_title varchar(100) NOT NULL, post_body text NOT NULL, PRIMARY KEY (user_id, post_id) ) ENGINE=InnoDB; DROP TABLE IF EXISTS comments; CREATE TABLE post_cmt ( user_id int(10) NOT NULL, post_id int(10) NOT NULL, comment_id int(10) NOT NULL, from_user_id int(10) NOT NULL, comment_date int(10) NOT NULL, comment_title varchar(250) NOT NULL, comment_body text NOT NULL, PRIMARY KEY (user_id, post_id, comment_id) ) ENGINE=InnoDB; SELECT user_id, MAX(posts_id) FROM posts WHERE user_id IN (SELECT friend_id FROM friends WHERE user_id = UserId) GROUP BY user_id; SELECT * FROM posts WHERE (posts_id = PostId); SELECT * FROM comments WHERE ((user_id = UserId) AND (posts_id = PostId)) ORDER BY comment_date; SELECT NewPost(UserId, Date, Title, Body); SELECT NewComment(UserId, Date, Title, Body); SELECT NewUser(UserName) SELECT ModifyUser(UserId, UserName); SELECT user_id, MAX(posts_id) FROM posts WHERE user_id IN (SELECT friend_id FROM friends WHERE user_id = UserId) GROUP BY user_id; UsersSet = SELECT friend_id FROM friends WHERE user_id = UserId SELECT user_id, MAX(post_id) FROM posts WHERE user_id in (UsersSet) GROUP BY user_id SELECT * FROM posts WHERE (posts_id = PostId); SELECT * FROM comments WHERE ((user_id = UserId) AND (posts_id = PostId)) ORDER BY comment_date; PostID = SELECT MAX(post_id) FROM posts; INSERT IGNORE INTO posts (user_id, post_id, post_date, post_title, post_body) VALUES (UserID, PostID, Date, Title, Body); SELECT COUNT(*) FROM users WHERE (user_id = iUserId); SELECT COUNT(*) FROM users WHERE (user_id = iPosterId); SELECT COUNT(*) FROM posts WHERE (post_id = iPostId); CommentId = SELECT MAX(comment_id) FROM commnets; INSERT IGNORE INTO comments (user_id, posts_id, comment_id, from_user_id, comment_date, comment_title, comment_body) VALUES (UserId, PostId, CommentId, PosterId, Date, Title, Body); SELECT COUNT(1) FROM users WHERE user_name = UserName; INSERT INTO users(user_name) VALUES (UserName); GET_LAST_INSERT_ID SELECT COUNT(1) FROM users WHERE user_id = UserId; UPDATE users SET user_name = UserName WHERE user_id = UserId; ----------------------------------------------------------------------------------------------------------------- OpenWRT – Linux для встраиваемых систем Дмитрий Столяров $ ls -l /bin/rm $ busybox $ echo $SHELL $ ls -l /usr/bin/dropbearkey $ /usr/bin/dropbearkey -t rsa -f /tmp/tmpkey -s 1024 # mount $ tftp 192.168.1.1 tftp> get ASUSSPACELINK\x01\x01\xa8\xc0 /dev/null tftp> binary tftp> put openwrt.trx ASUSSPACELINK tftp> quit $ tftp 192.168.1.1 tftp> rexmt 1 tftp> ntrace tftp> binary tftp> put openwrt.bin tftp> quit # telnet 192.168.1.1 root@OpenWrt # passwd root@OpenWrt # nvram set telnet_enable=0 root@OpenWrt # nvram set wan_hostname=router root@OpenWrt # nvram commit root@OpenWrt # reboot $ ssh 192.168.1.1 -l root # nvram set lan_proto=static # nvram set lan_ipaddr=192.168.2.2 # nvram set lan_gateway=192.168.2.1 # nvram set lan_dns=192.168.2.1 # nvram commit # ifup lan # ipkg update # ipkg install ipkg wan_ifname=eth1 lan_ifname=br0 lan_ifnames="eth0 eth2" vlan0hwname=eth0 vlan0ports="1 2 3 4 5*" vlan1hwname=eth0 vlan1ports="0 5*" wan_ifname=vlan1 lan_ifname=br0 lan_ifnames="vlan0 eth2" # ipkg install kmod-usb-uhci # insmod usbcore # insmod uhci # ipkg install kmod-usb-ohci # insmod usbcore # insmod usb-ohci # ipkg install kmod-usb2 # insmod usbcore # insmod ehci-hcd # ipkg remove <имя_пакета> # ipkg install kmod-usb-storage # insmod scsi_mod # insmod sd_mod # insmod usb-storage # ipkg install kmod-ext2 # insmod ext2 # ipkg install fdisk # echo "src kamikaze-backports http://downloads.openwrt.org/backports/rc5/" >> /etc/ipkg.conf # ipkg update # ipkg install e2fsprogs # ipkg install swap-utils # mkswap /dev/scsi/host0/bus0/target0/lun0/part1 # echo -e "#!/bin/sh\nswapon /dev/scsi/host0/bus0/target0/lun0/part1\n" > /etc/init.d/S20swap # chmod +x /etc/init.d/S20swap # free # mkfs.ext2 /dev/scsi/host0/bus0/target0/lun0/part2 # ln -s /proc/mounts /etc/mtab # mount /dev/scsi/host0/bus0/target0/lun0/part2 /mnt # mkdir /tmp/root # mount -o bind / /tmp/root # cp /tmp/root/* /mnt -a # umount /tmp/root # umount /mnt # rm /sbin/init #!/bin/sh for module in usbcore usb-ohci scsi_mod sd_mod usb-storage ext2; do { insmod $module }; done sleep 5s mount /dev/scsi/host0/bus0/target0/lun0/part2 /mnt [ -x /mnt/sbin/init ] && { mount -o move /proc /mnt/proc && \ pivot_root /mnt /mnt/mnt && { mount -o move /mnt/dev /dev mount -o move /mnt/tmp /tmp mount -o move /mnt/jffs2 /jffs2 2>&- mount -o move /mnt/sys /sys 2>&- } } exec /bin/busybox init # chmod +x /sbin/init # mount # df -h # ipkg install http://ftp.berlios.de/pub/xwrt/webif_latest_stable.ipk # ipkg install kmod-pppoe # ipkg install ppp # ipkg install ppp-mod-pppoe # ifup.pppoe wan # ifdown wan # ipkg install kmod-gre # ipkg install kmod-mppe # ipkg install pptp # echo 'somepear vpn.foo.bar someuser' >> /etc/ppp/pears.pptp # echo 'someuser pptp:somepear somepass *' >> /etc/ppp/chap-secrets # /etc/init.d/S90pptp start somepear # /etc/init.d/S90pptp stop somepear # cat > /etc/ppp/ip-up.d/somepear #!/bin/sh interface_name=$1 remote_ip=$4 ipparam=$5 if [ "${ipparam}" = "pptp:somepear" ]; then /sbin/route add -net 10.0.0.0 netmask 255.255.248.0 gw $remote_ip dev $interface_name fi nvram set wl0_mode=ap nvram set wl0_ssid=some_essid nvram set wl0_infra=1 nvram set wl0_channel=4 nvram set wl0_macmode=disabled nvram commit #!/bin/sh [ ! -f /tmp/dhcp.lease ] && { touch /tmp/dhcp.lease } dnsmasq -C /etc/dnsmasq.conf # ipkg install iptables-utils # iptables-save -A NEW -m limit --limit 50/sec --limit-burst 100 -j RETURN -A NEW -j DROP -A PREROUTING -m state --state NEW -j NEW -A POSTROUTING -o $WAN -j MASQUERADE -A INPUT -m state --state INVALID -j DROP -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp ! --tcp-option 2 --tcp-flags SYN SYN -j DROP -A INPUT -j input_rule -A INPUT -i $WAN -j input_wan -A INPUT -j LAN_ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -p tcp -j REJECT --reject-with tcp-reset -A INPUT -j REJECT --reject-with icmp-port-unreachable -A LAN_ACCEPT -i $LAN -j RETURN -A LAN_ACCEPT -j ACCEPT -A OUTPUT -m state --state INVALID -j DROP -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -j output_rule -A OUTPUT -j ACCEPT -A OUTPUT -p tcp -j REJECT --reject-with tcp-reset -A OUTPUT -j REJECT --reject-with icmp-port-unreachable -A FORWARD -m state --state INVALID -j DROP -A FORWARD -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -A FORWARD -j forwarding_rule -A FORWARD -i $WAN -j forwarding_wan -A FORWARD -i br0 -o br0 -j ACCEPT -A FORWARD -i $LAN -o $WAN -j ACCEPT # ipkg install pptpd mppe required,no40,no56,stateless nomppe echo "proxyarp" >> /etc/ppp/options.pptpd # cat /etc/ppp/options.pptpd | grep ^name # echo "testuser pptp-server testpass 192.168.1.201" >> /etc/ppp/chap-secrets iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 1723 -j ACCEPT iptables -A input_rule -i $WAN -p tcp --dport 1723 -j ACCEPT iptables -A output_rule -p 47 -j ACCEPT iptables -A input_rule -p 47 -j ACCEPT iptables -A forwarding_rule -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT iptables -A output_rule -o ppp+ -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT iptables -A input_rule -i ppp+ -s 192.168.1.0/24 -d 192.168.1.0/24 -j ACCEPT iptables -A forwarding_rule -i ppp+ -o $WAN -j ACCEPT # /etc/init.d/S50pptpd start # /etc/init.d/S50pptpd stop # ipkg install vsftpd background=YES listen=YES write_enable=YES local_umask=022 check_shell=NO local_enable=YES chroot_local_user=YES anonymous_enable=NO session_support=NO userlist_enable=YES userlist_deny=YES userlist_file=/etc/vsftpd.users # echo "users:x:100:" >> /etc/group # echo "someuser:*:2000:100:simple user:/data:/bin/false" >> /etc/passwd # echo "someuser" >> /etc/vsftpd.users # mkdir /data && chown someuser:users /data # passwd someuser iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 21 -j ACCEPT iptables -A input_rule -i $WAN -p tcp --dport 21 -j ACCEPT # mv /etc/init.d/vsftpd /etc/init.d/S65vsftpd # vsftpd # killall vsftpd # ipkg install ssmtp mailhub=mail.foo.bar.ru # ssmtp someuser@foo.bar.ru # nvram set cron_enable=1 && nvram commit # /etc/init.d/S60cron start # ipkg install ntpclient echo "0 * * * * /usr/sbin/ntpclient -h europe.pool.ntp.org -s" >> /etc/crontabs/root ----------------------------------------------------------------------------------------------------------------- BusyBox: швейцарский нож для встраиваемых Linux-систем Дмитрий Шурупов $ make config $ make menuconfig $ make defconfig $ make oldconfig $ make $ sudo make install $ bb $ busybox <функция> [аргументы] $ busybox ls -l / $ busybox --help <функция> ----------------------------------------------------------------------------------------------------------------- bugtraq, стр. 57 #1 #2 ----------------------------------------------------------------------------------------------------------------- Централизованная настройка UNIX-систем с помощью Puppet Сергей Яремчук file { "/etc/passwd": owner => root, group => root, mode => 644, } [config] path /var/puppet/config allow *.domain.com allow 127.0.0.1 allow 192.168.0.* allow 192.168.1.0/24 deny *.wireless.domain.com source => "puppet://server.domain.com/config/sshd_config" file { "/etc/passwd": alias => passwd } file { sshdconfig: name => $operatingsystem ? { solaris => "/usr/local/etc/ssh/sshd_config", default => "/etc/ssh/sshd_config" } service { sshd: ensure => true, subscribe => File[sshdconfig] } $homeroot = "/home" ${homeroot}/$name Exec { path => "/usr/bin:/bin:/usr/sbin:/sbin" } file { "/etc/apache2/conf.d": source => "puppet:// puppet://server.domain.com/config/apache/conf.d", recurse => "true" } class linux { file { "/etc/passwd": owner => root, group => root, mode => 644; "/etc/shadow": owner => root, group => root, mode => 440 } } class freebsd inherits linux { File["/etc/passwd"] { group => wheel }; File["/etc/shadow"] { group => wheel } } define user_homedir ($group, $fullname, $ingroups) { user { "$name": ensure => present, comment => "$fullname", gid => "$group", groups => $ingroups, membership => minimum, shell => "/bin/bash", home => "/home/$name", require => Group[$group], } exec { "$name homedir": command => "/bin/cp -R /etc/skel /home/$name; /bin/chown -R $name:$group /home/$name", creates => "/home/$name", require => User[$name], } } user_homedir { "sergej": group => "sergej", fullname => "Sergej Jaremchuk", ingroups => ["media", " admin] } schedule { daily: period => daily, range => [2, 4] } exec { "/usr/bin/apt-get update": schedule => daily } $ sudo apt-cache search puppet $ sudo apt-get install puppet puppetmaster $ ruby -ropenssl -e "puts :yep" ~$ ruby -rxmlrpc/client -e "puts :yep" $ sudo /usr/bin/puppetmasterd --nonodes class sudo { file { "/etc/sudoers": owner => root, group => root, mode => 440, } } node default { include sudo } $ sudo /usr/bin/puppetmasterd --mkusers [puppetd] server = grinder.com logdir = /var/log/puppet vardir = /var/lib/puppet rundir = /var/run # отсылаем отчет серверу report = true $ puppetd --genconfig > /etc/puppet/puppetd.conf $ puppetd --genmanifest > /etc/puppet/manifests/site.pp all: admin@domain.com $ sudo puppetd --server grinder.com --waitforcert 60 --test $ ps aux | grep puppet $ sudo puppetca --list $ sudo puppetca –sign nomad.grinder.com ----------------------------------------------------------------------------------------------------------------- Особенности инсталляции Solaris Владимир Василькин # uname -s -r $ pkginfo | grep SUNW | wc -l # uname -a; echo ; grep '/bash ' /var/sadm/install/contents netstat -rn ----------------------------------------------------------------------------------------------------------------- Построение отказоустойчивой системы с помощью Oracle Physical Standby Сергей Косько SQL>ALTER DATABASE FORCE LOGGING; Листинг 1. Добавление файлов Standby Redo #!/bin/sh # sqlplus "/ as sysdba" <ALTER DATABASE CREATE STANDBY CONTROLFILE AS '/tmp/standby.ctl'; SQL>STARTUP MOUNT; SQL> ALTER DATABASE SET STANDBY DATABASE TO MAXIMIZE AVAILABILITY; Листинг 4. Пуск и остановка БД Physical Standby #!/bin/sh # sqlplus "/ as sysdba" << EOF startup nomount; alter database mount standby database ; ALTER DATABASE RECOVER MANAGED STANDBY DATABASE USING CURRENT LOGFILE DISCONNECT FROM SESSION; exit EOF #!/bin/sh # sqlplus "/ as sysdba" << EOF ALTER DATABASE RECOVER MANAGED STANDBY DATABASE CANCEL; SHUTDOWN IMMEDIATE; exit EOF SQL>ALTER SYSTEM SWITCH LOGFILE; SQL> SELECT GROUP#,THREAD#,SEQUENCE#,ARCHIVED,STATUS FROM V$STANDBY_LOG; Листинг 5. Запуск БД standby в режиме read-only #!/bin/sh # sqlplus "/ as sysdba" << EOF spool readonly.log ALTER DATABASE RECOVER MANAGED STANDBY DATABASE CANCEL; alter database open read only; exit EOF Листинг 6. Обмена ролями между базами Poltava и Fastiv #!/bin/sh # sqlplus "/ as sysdba" <ALTER DATABASE SET STANDBY DATABASE TO MAXIMIZE PERFORMANCE; Листинг 7. Активация резервной базы данных в случае аварии #!/bin/sh # sqlplus "/ as sysdba" < SELECT THREAD#, LOW_SEQUENCE#, HIGH_SEQUENCE# FROM V$ARCHIVE_GAP; SQL>ALTER DATABASE REGISTER PHYSICAL LOGFILE 'filespec1'; Листинг 9. Скрипт, выполняющий поиск ошибок в файле alert.log #!/bin/sh # if [ -f /tmp/memsg_no ] then exit ; fi HOST=`/bin/hostname` MYMAIL="sergkosko@ua.fm" FILESLIST=`ls -R /ora/admin/*/bdump/*.log` for i in ${FILESLIST} do filename1=`basename ${i}` dir1=`dirname ${i}|sed 's/\/ora\/admin\///g s/\/bdump//g'` MSG=`/usr/local/bin/fetchlog -F 1:100:1000:s ${i} /var/adm/${filename1}.${dir1}` if [ $? -gt 0 ] then MSG1=`echo "${MSG}" | egrep -i "ora-"` if [ -n "$MSG1" ] then echo "\n${HOST}:${filename1}:${MSG1}\n"| /bin/mail ${MYMAIL} fi fi done testcase$EDITOR=vi;export EDITOR testcase$crontab -e testcase$0,15,30,45 * * * * /usr/local/bin/fetchalert >/dev/null 2>&1 ----------------------------------------------------------------------------------------------------------------- Библиотека Prototype – ваш путь в Web 2.0 Кирилл Сухов allNodes = $("firstDiv", "secondDiv"); for(i = 0; i < allNodes.length; i++) { alert(allNodes[i].innerHTML); }
Single class name
Multiple class names
  • List item 1
  • List item 2
  • List item 3
w('apples bananas kiwis') // возвращает массив ['apples', 'bananas', 'kiwis'] var h = $H({ name: 'Prototype', version: 1.5 }); var h = new Hash({ ... }); h.keys().sort().join(', ') h.merge({ version: '1.5 final', author: 'Sam Stephenson' }); h.each(function(pair) { alert(pair.key + ' = "' + pair.value + '"'); }); $H({ action: 'ship', order_id: 123, fees: ['fee1', 'fee2'] }).toQueryString() llNodes = Form.getElements("myform"); for(i = 0; i < allNodes.length; i++) { //операции над каждым элементом } 'field1=value1&field2=value2&field3=value3' var g_books = [ { id: 1, name: 'Code Generation in Action', first: 'Jack', last: 'Herrington', publisher: 'Manning' }, { id: 2, name: 'PHP Hacks', first: 'Jack', last: 'Herrington', publisher: 'O\'Reilly' }, { id: 3, name: 'Podcasting Hacks', first: 'Jack', last: 'Herrington', publisher: 'O\'Reilly' } ]; var person = '{ "name": "Violet", "occupation": "character" }'.evalJSON(); person.name; person = 'grabUserPassword()'.evalJSON(true); person = '/*-secure-\n{"name": "Violet", "occupation": "character"}\n*/'.evalJSON() person.name; '/*-secure-\n{"name": "Violet", "occupation": "character", "age": 25}\n*/'.unfilterJSON() // получаем на выходе: '{"name": "Violet", "occupation": "character", "age": 25}' var Person = Class.create(); Person.prototype = { initialize: function(name, age) { this.name = name; this.age = age; }, toJSON: function() { return ('My name is ' + this.name + ' and I am ' + this.age + ' years old.').toJSON(); } }; var john = new Person('John', 49); Object.toJSON(john);
var myOpts = {onComplete: showResponse, onLoaded: registerLoaded}; var win = new Window({className: "spread", title: "Ruby on Rails", top:70, left:100, width:300, height:200, url: "http://www.rubyonrails.org/", showEffectOptions: {duration:1.5}}) win.show(); -----------------------------------------------------------------------------------------------------------------