chg1f's blog

路漫漫其修远兮吾将上下而求索

name = "chongiofai"
alias = "chg1f"
email = "chongiofai@gmail.com"
title = "security r&d"
from = "macau"
live = "beijing"

[stack]
  languages = ["golang", "python", "bash"]
  operation_systems = ["archlinux", "debian", "centos", "darwin"]

[interesting]

title: "Bug Mount Android Image File" date: 2020-12-09T13:12:12+08:00 categories:

bug tags:
android
mount

Question

$ file system.img
system.img: Linux rev 1.0 ext2 filesystem data, UUID=4a50462e-52cf-5fab-87a1-49824cdf6b4f (extents) (large files) (huge files)
$ sudo mount -t auto system.img system
mount: system: failed to setup loop device for system.img.
$ sudo mount -t ext2 system.img system
mount: system: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error.

Tried

mount with loop,offset

$ file system.img
system.img: Linux rev 1.0 ext2 filesystem data, UUID=4a50462e-52cf-5fab-87a1-49824cdf6b4f (extents) (large files) (huge files)
$ parted system.img print
WARNING: You are not superuser.  Watch out for permissions.
Model:  (file)
Disk system.img: 1840MB
Sector size (logical/physical): 512B/512B
Partition Table: loop
Disk Flags:

Number  Start  End     Size    File system  Flags
 1      0.00B  1840MB  1840MB  ext2
$ sudo mount -o loop,offset=0 system.img system
mount: system: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error.
$ sudo mount -t ext2 -o loop,offset=0 system.img system
mount: system: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error.

mount with losetup

$ ls /dev/loop0
/dev/loop0
$ sudo losetup -f
/dev/loop0
$ sudo losetup /dev/loop0 system.img
$ sudo mount /dev/loop0 system
mount: system: wrong fs type, bad option, bad superblock on /dev/loop0, missing codepage or helper program, or other error.
$ sudo losetup  -d /dev/loop0
``
> ```bash
> [10021.208192] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (4000)
> [10247.432930] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (4000)
> [10319.835415] EXT4-fs (loop0): couldn't mount as ext2 due to feature incompatibilities
> [10390.662357] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (4000)
> [10757.923783] EXT4-fs (loop0): couldn't mount RDWR because of unsupported optional features (4000)
> ```

title: "Ngrok Customized" date: 2019-11-07 categories:

note tags:
ngrok

client

Run-SetupModel-newClientModel建立ngrokd-ngroko信道

好像無加密

ctl-clientModel.Run-control開始使用model向ngrokd建立連接

newClientModel??為什么給configPath不是config,因為服务器給出新authToken更新

clientModel.update更新control

tunnel下分拆可能會引到重復NewTunnel Proxy Agent SaveAuthToken保存完Token不更新內存中的conifg???

asset脚本會先把asset文件的數据生成assets_release.go二進制導入版,然后編譯時直接放進程序中,在請求時會直接把路徑換成已轉二進制數据寫入

ngrok->ngrokd <-msg.Auth驗証建立信道 ->msg.AuthResp請求結果 <-msg.ReqTunnel請求建立Tunnel ->NewTunnel註冊結果 ** ->Pong心跳 ** ->ReqProxy請求 #<-如果有設HTTPPROXY測轉發連接,失敗結束 <-msg.ReqProxy确認 ->msg.StartProxy服务器确認返回URL比對自已URL

Control
ClientModel ###ENV DEBUG

server

net.Listen-conn.Listen-http.startHttpListener
tunnelListener開启註冊監听 !TODO: 加密 !TODO: HTTP信道 !TODO: 一個服务多個同協議
ctl.manager核心
ctl.in讀入ctl,ctl.out ctl寫出???有點困暈
ctl.stopper等待其他gorounit shutdown信号
轉發請求dstip會是進入网卡內网地址,註冊請求dstip會是127.0.0.1/0.0.0.0,或者知道服务器主机請況下設的某网卡內网地址, 0.0.0.0可以任何地址,127.0.0.1只能本地->先試用轉發DIP失敗再0.0.0.0->失敗,因為127.0.0.1本机回環,DIP亦會回環,同時覆蓋註冊网卡情況更新startTcp/HttpListener註冊一個對外提供服务的Listener,使用conn.Listener包裝的net.Listener tcp/httpHandler處理請求 tunnel要怎确定?getTunnelKey NewTunnel分別處理http/tcp請求,getTunnelKey->getListener/StartListen->initTunnel 隱患:只重构server,client沒有理清conn,net有可能會資源泄漏 *名字沒有整理好..公開私有亂來中..
ControlRegistry: map client id to control
TunnelRegistry: map tunnel url to tunnel

主程序關閉沒關到監听tunnel grouting...

ENV

conn.Conn連接處理,通過网絡壙 conn.Tee連接處理,通過本地內存IO

ENV PS1影响了VSCODE DEBUG

title: "Using Vim" description: "" tags:

vim TODO:

Cursor

.	.
h,j,k,l
w,b
W,B
e,ge
E,gE
gg,G
0,$
H,M,L

Search

Page

|C-f,C-b|| |C-e,C-y|| |zt,zz,zb|

Tab

.	.
gt,gT

Window

.	.
C-wh,C-wj,C-wk,C-wl
C-wH,C-wJ,C-wK,C-wL

Command

.	.
:tabe
:tabn,:tabp
:e

title: "Vim Note" description: "Vim笔记" date: 2021-07-17T21:35:41+08:00 lastmod: 2021-07-17T21:35:41+08:00 tags:

备忘

在为了在多机器、环境下，最大限度上令体验一致。使用了bash+readline+tmux+vim+fzf作为基本的工具链
在Vim上，为了对大文件等编缉，尽可能减少非常用必要设置及插件，或者可以可以简易打开/关闭的，保持体验，或者使用vim -u NONE {filepath}用裸配置模式打开
对于日常开发上，目标只补存上Linter（语法检测）、Fixer/Fomatter（格式化或自动校正）、Completer（代码补全）,及一些快捷辨识及工具

键盘映射

http://yyq123.blogspot.com/2010/12/vim-map.html?m=1

设置键盘映射 | command | normal | visual | operator | insert only | command | | - | - | - | - | - | - | | :map,:noremap | 1 | 1 | 1 | | | | :map!,:noremap! | | | | 1 | 1 | | :nmap,:nnoremap | 1 | | | | | | :vmap,:vnoremap | | 1 | | | | | :omap,:onoremap | | | 1 | | | | :imap,:inoremap | | | | 1 | | | :cmap,:cnoremap | | | | | 1 |
取消键盘映射 | command | normal | visual | operator | insert only | command | | - | - | - | - | - | - | | :unmap | 1 | 1 | 1 | | | | :unmap! | | | | 1 | 1 | | :nunmap | 1 | | | | | | :vunmap | | 1 | | | | | :ounmap | | | 1 | | | | :iunmap | | | | 1 | | | :cunmap | | | | | 1 |
查看键盘映射:help key-notation

关于quickfix list及location list

https://stackoverflow.com/questions/20933836/what-is-the-difference-between-location-list-and-quickfix-list-in-vim

关于buffer、window、tab

https://dev.to/iggredible/using-buffers-windows-and-tabs-efficiently-in-vim-56jc

buffer
- :n
- :ls,:buffers
- :bn,:bnext
- :bp,:bprev
- :bd,:bdelete
window
- :sp,:split,<C-w>s
- :vs,:vsplit,<C-w>v
- <C-w>c - close the current window
- <C-w>o - make the current window the only one on the screen, all other windows are closed
- <C-w>h/j/k/l
tab
- :tabnew
- :tabn,:tabnext
- :tabp,:tabprev
- :tabc,:tabclose

我的配置文件

https://github.com/chongiofai/dots/blob/main/.vimrc

插件

YouCompleteMe 代码补全
ale 语法检查，格式化/修正
- f - 格式化/修正
- l - 启用/取消语法检查
- j - 错误/警告跳转下一个
- k - 错误/警告跳转上一个
vim-colorschemes 配置方案
vim-bookmarks 书签管理
eregex.vim 本文件正则匹配
ack.vim 多文件匹配
fzf,fzf.vim
editorconfig-vim
nerdcommenter
vim-go
undotree
tagbar
nerdtree
vim-gitbranch

title: "hello world" description: "renew again..." date: "2022-07-15" tags:

hello TODO:

WHY

via gatsby, with javascript ...learning javascript

title: "Redis Data Structure" description: "Redis数据结据" tags:

redis

Docs

https://github.com/redis/redis-doc/blob/master/topics/data-types-intro.md

https://github.com/redis/redis-doc/blob/master/topics/data-types.md

Learning Test Env

docker run --rm -dt --name learning redis:5.0.9 redis-cli && docker exec -it learning redis-cli

Note

About key

KEY设置太长不是一件好事，如大于1024byte，对于内存及寻找都会有影响，建议可以用SHA1压缩
KEY设置太短不是一件好事，因为可读性会变低
KEY的最大值为512MB

About creation and removal of keys

当添加值到不存在键中，添加时会创建一个相应数据结构
当删除值使键中数据类型为空，键会自动销毁，Stream除外
调用如LLEN空键只读命令或删除命令，总返回与空链一致结果

127.0.0.1:6379> get a
(nil)
127.0.0.1:6379> lpush a a
(integer) 1
127.0.0.1:6379> get a
(error) WRONGTYPE Operation against a key holding the wrong kind of value
127.0.0.1:6379> lpop a
"a"
127.0.0.1:6379> get a
(nil)

Commands

EXISTS KEY [KEY ...]
TYPE KEY
DEL KEY [KEY ...]
EXPIRE KEY SECONDS
TTL KEY
PEXPIRE KEY MILLISECONDS
PTTL KEY
PERSIST KEY

127.0.0.1:6379> set ex a
OK
127.0.0.1:6379> del ne
(integer) 0
127.0.0.1:6379> type ex
string
127.0.0.1:6379> type ne
none
127.0.0.1:6379> exists ex
(integer) 1
127.0.0.1:6379> exists ne
(integer) 0
127.0.0.1:6379> del ex
(integer) 1
127.0.0.1:6379> del ne
(integer) 0
127.0.0.1:6379> set ep a
OK
127.0.0.1:6379> expire ep 5
(integer) 1
127.0.0.1:6379> get ep
"a"
127.0.0.1:6379> get ep
(nil)
127.0.0.1:6379> set ep a
OK
127.0.0.1:6379> expire ep 100
(integer) 1
127.0.0.1:6379> ttl ep
(integer) 97
127.0.0.1:6379> pttl ep
(integer) 82937
127.0.0.1:6379> persist ep
(integer) 1
127.0.0.1:6379> persist ep
(integer) 0
127.0.0.1:6379> pttl ep
(integer) -1
127.0.0.1:6379> ttl ep
(integer) -1

String

Binary-safe strings.

Commands

SET KEY VALUE [expiration EX seconds|PX milliseconds] [NX|XX]
GET KEY
INCR KEY
INCRBY KEY INCREMENT
DECR KEY
DECRBY KEY DECREMENT
MSET KEY VALUE [KEY VALUE ...]
MGET KEY [KEY ...]

127.0.0.1:6379> set t1 1
OK
127.0.0.1:6379> get t1
"1"
127.0.0.1:6379> incr t2
(integer) 1
127.0.0.1:6379> incrby t2 10
(integer) 11
127.0.0.1:6379> decr t2
(integer) 10
127.0.0.1:6379> decrby t2 10
(integer) 0
127.0.0.1:6379> decr t2
(integer) -1
127.0.0.1:6379> incr t1
(integer) 2
127.0.0.1:6379> get t1
"2"
127.0.0.1:6379> set t3 a
OK
127.0.0.1:6379> incr t3
(error) ERR value is not an integer or out of range
127.0.0.1:6379> mset t4 1 t5 b
OK
127.0.0.1:6379> mget t4 t5 t6
1) "1"
2) "b"
3) (nil)
127.0.0.1:6379> set t7 c nx
OK
127.0.0.1:6379> set t8 c xx
(nil)
127.0.0.1:6379> mget t7 t8
1) "c"
2) (nil)

List

collections of string elements sorted according to the order of insertion. They are basically linked lists.

Commands

LPUSH KEY VALUE [VALUE ...]
RPUSH KEY VALUE [VALUE ...]
LRANGE KEY START STOP
LTRIM KEY START STOP
LPOP KEY
RPOP KEY
BLPOP KEY [KEY ...] TIMEOUT
BRPOP KEY [KEY ...] TIMEOUT
LLEN KEY

127.0.0.1:6379> lpush tl 1 2 3 4 a b c d
(integer) 8
127.0.0.1:6379> rpush tl q w e r 5 6 7 8
(integer) 16
127.0.0.1:6379> lrange tl 0 -1
 1) "d"
 2) "c"
 3) "b"
 4) "a"
 5) "4"
 6) "3"
 7) "2"
 8) "1"
 9) "q"
10) "w"
11) "e"
12) "r"
13) "5"
14) "6"
15) "7"
16) "8"
127.0.0.1:6379> ltrim tl 1 -2
OK
127.0.0.1:6379> lrange tl 0 -1
 1) "c"
 2) "b"
 3) "a"
 4) "4"
 5) "3"
 6) "2"
 7) "1"
 8) "q"
 9) "w"
10) "e"
11) "r"
12) "5"
13) "6"
14) "7"
127.0.0.1:6379> lpop tl
"c"
127.0.0.1:6379> rpop tl
"7"
127.0.0.1:6379> lrange tl 0 -1
 1) "b"
 2) "a"
 3) "4"
 4) "3"
 5) "2"
 6) "1"
 7) "q"
 8) "w"
 9) "e"
10) "r"
11) "5"
12) "6"
127.0.0.1:6379> del tl
(integer) 1
127.0.0.1:6379> lrange tl 0 -1
(empty list or set)
127.0.0.1:6379> blpop tl 1
(nil)
(1.00s)
127.0.0.1:6379> blpop tl 10
1) "tl"
2) "10"
(8.31s)
127.0.0.1:6379> brpop tl ne 10
1) "tl"
2) "ee"
(5.93s)
127.0.0.1:6379> brpop tl ne 10
1) "tl"
2) "e2"
127.0.0.1:6379> lpush tl 1 2 3
127.0.0.1:6379> llen tl
(integer) 3

Set

collections of unique, unsorted string elements.

similar to Sets but where every string element is associated to a floating number value, called score. The elements are always taken sorted by their score, so unlike Sets it is possible to retrieve a range of elements (for example you may ask: give me the top 10, or the bottom 10).

Hashe

which are maps composed of fields associated with values. Both the field and the value are strings. This is very similar to Ruby or Python hashes.

Bit Array

it is possible, using special commands, to handle String values like an array of bits: you can set and clear individual bits, count all the bits set to 1, find the first set or unset bit, and so forth.

HyperLogLogs

this is a probabilistic data structure which is used in order to estimate the cardinality of a set. Don't be scared, it is simpler than it seems... See later in the HyperLogLog section of this tutorial.

Streams

append-only collections of map-like entries that provide an abstract log data type. They are covered in depth in the Introduction to Redis Streams.

title: "GO解释YAML错误" date: 2019-11-06 categories:

bug tags:
golang
yaml

问题/Problem

TODO

原因/Reason

因为解释调用了第三方包，但解释结构体中的属性为非公开属性，第三方包无法读职这些字段

解决/Fix

结构体中需解释字段修改为公开

title: "How To Root Android" description: "安卓手机获取ROOT权限"

https://source.android.com/setup/build/running

adb devi
adb reboot

Unlocking Bootloader

https://source.android.com/devices/bootloader/locking_unlocking

fastboot flashing unlock

Flashing boot partition

bootloader root permission

recovery fastboot adb

如何从OTA升级包获取boot.img

$ unzip {OTA package}
$ cd {OTA package}
$ git clone https://github.com/vm03/payload_dumper.git
$ pip install -r payload_dumper/requirements.txt
$ python payload_dumper/payload_dumper.py payload.bin
$ file output/boot.img

magisk

https://github.com/topjohnwu/Magisk

edxposed

https://github.com/ElderDrivers/EdXposed

title: "Protobuf在C/CPP下字符串截断" date: 2019-11-12 categories:

bug tags:
protobuf

问题/Problem

程序在使用gRPC,protobuf時因為字符串中出現\0發現截斷現象

原因/Reason

\0為C及C++中的字符串結束符 protobuf中的byte,string等連續內存型數據類型在C/CPP都是以string為轉換類型,無法只修改自身代碼FIX

proto2 proto3

解决/Fix

因為不存在其他連續內存型數據類型,只能對字符串進行處理,把\0隱去,在最后轉換回來,且自身C/CPP處理中也不能使用string類型處理己轉換類型,要使用字符流
原想用hex編碼修改,有人提醒想起用base64更好,壓縮能力..

title: "Git Conventions" description: "" date: "2022-07-19" tags:

git TODO:

REF: https://git-scm.com/book/en/v3

Branch

REF: https://www.atlassian.com/git/tutorials/comparing-workflows/gitflow-workflow

REF: https://github.com/nvie/gitflow

REF: https://nvie.com/posts/a-successful-git-branching-model/

type	description
feature/<FEATURE_SUMMARY>	Feature branches are created from develop, When a feature is complete it is merged into the develop branch
bugfix/<BUG_SUMMARY>(or hotfix/<BUG_SUMMARY>)	If an issue in main is detected a hotfix branch is created from main
release/	A release branch is created from develop, When the release branch is done it is merged into develop and main
develop	A develop branch is created from main
master(or main)	The main branch stores the official release history, and the develop branch serves as an integration branch for features. It's also convenient to tag all commits in the main branch with a version number.

@GitFlow

Commit

REF: https://github.com/angular/angular/blob/master/CONTRIBUTING.md#-commit-message-format

REF: https://github.com/commitizen/conventional-commit-types/blob/master/index.json

REF: https://www.conventionalcommits.org/en/v1.0.0/

<type>(<scope>)[!]: <short summary>
  │       │     │        │
  │       │     │        └─⫸ Summary in present tense. Not capitalized. No period at the end.
  │       │     │
  │       │     └─⫸ If ! is used, BREAKING CHANGE: MAY be omitted from the footer section, and
  │       │         the commit description SHALL be used to describe the breaking change.
  │       │
  │       └─⫸ Commit Scope: animations|bazel|benchpress|common|compiler|compiler-cli|core|
  │                          elements|forms|http|language-service|localize|platform-browser|
  │                          platform-browser-dynamic|platform-server|router|service-worker|
  │                          upgrade|zone.js|packaging|changelog|docs-infra|migrations|ngcc|ve|
  │                          devtools
  │
  └─⫸ Commit Type

type	description
feat	A new feature
fix	A bug fix
test	Adding missing tests or correcting existing tests
ci	Changes to our CI configuration files and scripts (examples:CircleCi, SauceLabs)
build	Changes that affect the build system or external dependencies (example scopes:gulp, broccoli, npm)
docs	Documentation only changes
perf	A code change that improves performance
refactor	A code change that neither fixes a bug nor adds a feature
style	Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
chore	Other changes that don't modify src or test files (version.txt and release changes)
misc	Miscellaneous types
wip	Working in process

title: "Openresty WAF via p0pr0ck5/lua-resty-waf" description: "使用开源的WAF规则引擎简单搭一个Openresty WAF DEMO" lead: "" date: 2021-04-21T10:23:51+08:00 lastmod: 2021-04-21T10:23:51+08:00 weight: 50 tags:

WAF
openresty

Environment

Ubuntu 18.04
Openresty-1.19.3.1

GO

Get Openresty

$ curl -O https://openresty.org/download/openresty-1.19.3.1.tar.gz
$ tar xf openresty-1.19.3.1.tar.gz
$ cd openresty-1.19.3.1.tar.gz

Install Depends

$ sudo apt udpate
$ apt install -y gcc make liblua5.1 libpcre3-dev libssl-dev zlib1g-dev

Compile Openresty

$ ./configure --prefix=/usr/local/openresty --with-luajit --with-http_stub_status_module --with-pcre --with-pcre-jit
$ make
$ sudo make install
$ ldd bin/openresty
        linux-vdso.so.1 (0x00007fff2b9df000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007ff8091ee000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007ff808fcf000)
        libcrypt.so.1 => /lib/x86_64-linux-gnu/libcrypt.so.1 (0x00007ff808d97000)
        libluajit-5.1.so.2 => /usr/local/openresty/luajit/lib/libluajit-5.1.so.2 (0x00007ff808b16000)
        libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007ff8088a4000)
        libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007ff808617000)
        libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007ff80814c000)
        libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007ff807f2f000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007ff807b3e000)
        /lib64/ld-linux-x86-64.so.2 (0x00007ff8097d4000)
        libm.so.6 => /lib/x86_64-linux-gnu/libm.so.6 (0x00007ff8077a0000)
        libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1 (0x00007ff807588000)

Get Waf Lua Script ( Via p0pr0ck5/lua-resty-waf to test )

$ git clone https://github.com/p0pr0ck5/lua-resty-waf.git
$ cd lua-resty-waf
$ sudo apt install python luarocks
$ git submodule update --init --recursive
$ make
# FAQ: https://github.com/p0pr0ck5/lua-resty-waf/pull/334
$ sudo PATH=/usr/local/openresty/bin:$PATH make install
# Makefile default openresty prefix is /usr/local/openresty

Configure Nginx

nginx.conf

https://github.com/p0pr0ck5/lua-resty-waf#synopsis

https://github.com/p0pr0ck5/lua-resty-waf#mode

http {
    lua_package_path "...";

    init_by_lua_block {
        -- use resty.core for performance improvement, see the status note above
        require "resty.core"

        -- require the base module
        local lua_resty_waf = require "resty.waf"

        -- perform some preloading and optimization
        lua_resty_waf.init()
    }

    server {
        location / {

            access_by_lua_block {
                local lua_resty_waf = require "resty.waf"

                local waf = lua_resty_waf:new()

                -- define options that will be inherited across all scopes
                waf:set_option("debug", true)
                waf:set_option("mode", "ACTIVE")

                -- this may be desirable for low-traffic or testing sites
                -- by default, event logs are not written until the buffer is full
                -- for testing, flush the log buffer every 5 seconds
                --
                -- this is only necessary when configuring a remote TCP/UDP
                -- socket server for event logs. otherwise, this is ignored
                waf:set_option("event_log_periodic_flush", 5)

                -- run the firewall
                waf:exec()
            }

            header_filter_by_lua_block {
                local lua_resty_waf = require "resty.waf"

                -- note that options set in previous handlers (in the same scope)
                -- do not need to be set again
                local waf = lua_resty_waf:new()

                waf:exec()
            }

            body_filter_by_lua_block {
                local lua_resty_waf = require "resty.waf"

                local waf = lua_resty_waf:new()

                waf:exec()
            }

            log_by_lua_block {
                local lua_resty_waf = require "resty.waf"

                local waf = lua_resty_waf:new()

                waf:exec()
            }
        }

        ....
    }
}

Test WAF

$ curl -IL "http://localhost?a=alert(1)"
HTTP/1.1 403 Forbidden
Server: openresty/1.19.3.1
Date: Wed, 21 Apr 2021 09:44:57 GMT
Content-Type: text/html
Content-Length: 159
Connection: keep-alive

$ curl -IL "http://localhost?a=1"
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Wed, 21 Apr 2021 09:45:01 GMT
Content-Type: text/html
Content-Length: 1097
Last-Modified: Wed, 21 Apr 2021 07:43:55 GMT
Connection: keep-alive
ETag: "607fd7bb-449"
Accept-Ranges: bytes

$ curl -IL "http://localhost"
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Wed, 21 Apr 2021 09:45:03 GMT
Content-Type: text/html
Content-Length: 1097
Last-Modified: Wed, 21 Apr 2021 07:43:55 GMT
Connection: keep-alive
ETag: "607fd7bb-449"
Accept-Ranges: bytes

title: "Adb Device No Permissions" date: 2020-12-09T13:06:13+08:00 categories:

bug tags:
android

Question

$ adb devices
List of devices attached
00000000        no permissions (user in plugdev group; are your udev rules wrong?); see [http://developer.android.com/tools/device.html]

Fixed

$ sudo adb kill-server
$ sudo pkill adb
$ sudo adb start-server
$ adb devices
List of devices attached
00000000        unauthorized

title: "CUPS" draft: true

FAQ

Add Printer

sudo usermod -a -G lpadmin username

title: "Nginx502错误" date: 2019-12-09 categories:

bug tags:
nginx

问题/Problem

nginx 在轉發中報錯日志為 ... upstream sent too big header while reading response header from upstream ...

原因/Reason

反向代理的源站HTTP頭太大了

proxy_buffer_size proxy_buffers proxy_busy_buffers_size

http://nginx.org/en/docs/http/ngx_http_proxy_module.html

解决/Fix

location \ {
    proxy_buffer_size 4k;
    proxy_buffers 4 256k;
    proxy_busy_buffers_size 256k;
}

title: "Iwlwifi Intel AX210" description: "Intel AX210网卡兼容问题" tags:

linux
kernel
iwlwifi

Environment

Intel® Wi-Fi 6 AX210 160MHz

$ lspci
...
09:00.0 Network controller [0280]: Intel Corporation Device [8086:2725] (rev 1a)
...

Kali

Question

$ sudo dmesg
iwlwifi .. Timeout waiting for PNVM load!
iwlwifi .. Failed to start RT ucode: -110
iwlwifi .. iwl_trans_send_cmd bad state = 0
iwlwifi .. Failed to run INIT ucode: -110
$ ip a
...
(no exists wlan)
...

Debugging

https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi

https://www.intel.com/content/www/us/en/support/articles/000005511/wireless.html

$ ls /lib/firmware/iwlwifi-*.ucode
...
iwlwifi-ty-59.601f3a66.0.tgz
...

https://community.intel.com/t5/Wireless/Linux-driver-Wifi-6-AX210-NGW/td-p/1249283

https://www.reddit.com/r/pop_os/comments/khhufu/is_there_a_way_to_make_intel_ax210_wifi_6e/

https://www.kernel.org/

https://www.kali.org/docs/development/recompiling-the-kali-linux-kernel/

$ ls /usr/src/linux-5.12.3
$ cp /boot/config-...kali...-amd64 .config
$ make menuconfig
# $ make
$ make deb-pkg LOCALVERSION=-custom KDEB_PKGVERSION=$(make kernelversion)-1
$ sudo dpkg -i ../linux-image-5.12.3-custom_5.12.3-1_amd64.deb
$ reboot

Fixed

一开始以为是linux-firmware/iwlwifi没有最新版本的躯动，检查后发现有然后是在看发现相关躯动要在5.11+和5.12在支持

$ apt search linux-source                        c1f@CIFT14
Sorting... Done
Full Text Search... Done
linux-source/kali-rolling 5.10.28-1kali1 all
  Linux kernel source (meta-package)

linux-source-4.19/oldstable 4.19.181-1~deb9u1 all
  Linux kernel source for version 4.19 with Debian patches

linux-source-4.9/oldstable 4.9.258-1 all
  Linux kernel source for version 4.9 with Debian patches

linux-source-5.10/kali-rolling 5.10.28-1kali1 all
  Linux kernel source for version 5.10 with Debian patches

Kali官方上没有支持，自已编译一个，解决

title: "Concurency" description: "关于并发" draft: true weight: 50

Concurrency And Parallelism

Concurrency / 并发

Parallelism / 并行

I/O Bound And CPU Bound Programme

IO Bound / IO密集型

CPU Bound / CPU密集型

Process, Thread And Coroutine

Process / 进程

Thread / 线程

Coroutine / 协程

Language

Python

https://docs.python.org/3/library/concurrency.html

mitlprocesses
threading
[asyncio]({{< relref "blog/techstack/python_coroutine" >}})

Golang

title: "Install Gentoo/Archlinux" date: 2020-12-06T09:13:12+08:00 toc: true categories:

note tags:
linux
gentoo
archlinux
install

这理又重装了Gentoo,Archlinux是之前安装的,只在记忆中简单对比一下大概的

约定名词 安装环境: 安装Gentoo/Archlinux的操作环境,非安装后的新系统环境,通常为LiveCD的Live环境中目标环境: 安装Gentoo/Archlinux的新系统环境,为安装后结果,此文以/mnt为挂载目标(与Archlinux一致,Gentoo官方文档是以/mnt/gentoo为例)

一点小理解

https://www.gentoo.org/ https://www.archlinux.org/

	Gentoo	Archlinux
一句话	配置自由度极高(也有人说OverEninerring)	KISS(Keep it Simple, Stupid)
硬件支持	反正内核自已编译程序自已编译...	官方支持x86
INIT	OpenRC(default)/Systemd	Systemd
包管理	portage(源码编译,提供`USE`,`SLOT`等超赞功能)	pacman(二进制分发)
安装环境	基本完全不依赖LiveCD,可在任何安装环境下使用stage包开始构建新系统	依赖LiveCD一些工具

玩起来

Gentoo

https://wiki.gentoo.org/wiki/Installation https://wiki.gentoo.org/wiki/Handbook:Main_Page
Archlinux

https://wiki.archlinux.org/index.php/installation_guide

安装介质

制作LiveUSB

TODO:

Gentoo

https://www.gentoo.org/downloads/
Archlinux

https://archlinux.org/download/

配置安装环境

Network
```
$ ip address
```
Date
```
$ date
$ ntpdate -u cn.pool.ntp.org
```
Keymap

磁盘分区

Disk Partitional

准备安装磁盘

# 查看当前磁盘挂载情况,确定使用哪块磁盘
$ sudo lsblk
$ sudo blkid
# 磁盘分区,以`/dev/sda`为例,简单区分`/`,`/home`,`/boot`,`/boot/efi`,此处使用UEFI方式躯动
$ gdisk /dev/sda

磁盘格式化/加密/逻辑分区

# 此处只作普通分区
$ mkfs.ext4 -L GENTOO /dev/sda1
$ mkfs.vfat -L  /dev/sda2
$ mkswap -L SWAP /dev/sda3
$ mkfs.ext4 -L GENTOO /dev/sda4
$ mkfs.ext4 -L GENTOO /dev/sda5

挂载磁盘

$ mount /dev/sda4 /
$ mkdir -p /mnt/boot/efi
$ mkdir -p /mnt/home
$ mount /dev/sda1 /mnt/boot
$ mount /dev/sda2 /mnt/boot/efi
$ mount /dev/sda5 /mnt/home
$ swapon /dev/sda3
# 下方在Archlinux中可以使用LiveCD工具`arch-chroot /mnt`时自动完成,Gentoo需自行手动操作
$ mount --types proc /proc /mnt/proc
$ mount --rbind /sys /mnt/sys
$ mount --make-rslave /mnt/sys  # 使用Systemd时必须
$ mount --rbind /dev /mnt/dev
$ mount --make-rslave /mnt/dev  # 使用Systemd时必须

安装工具链

Gentoo

$ tar xvf stage3-amd64-20201230T214503Z.tar.xz -C /mnt
# 选择校验下载源
$ mirrorselect -i -o >> /mnt/etc/portage/make.conf
# 复制

进入环境后

# 配置下载源
$ mkdir -p /etc/portage/repors.conf
$ cp /usr/share/portage/config/repos.conf /etc/portage/repors.conf/gentoo.conf
$ cat /etc/portage/repors.conf/gentoo.conf
# 时间同步,Gentoo安装拉取会使用到`rsync`等依赖系统时间
$ ntpdate -u cn.pool.ntp.org
# 下载文件校验码
$ emerge-webrsync
# 下载文件目录
$ emerge --sync
# 确定portage配置
$ cat /etc/portage/make.conf
# 选择配置文件
$ eselect profile list
$ eselect profile set 1
$ eselect profile list

Archlinux
```
$ pacstrap /mnt base
```

安装内核

Gentoo

https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Kernel

$ emerge --ask --verbose sys-apps/pciutils app-admin/mcelog
$ emerge --ask --verbose sys-kernel/gentoo-sources
$ cd /usr/src/linux
$ make menuconfig
$ cat /usr/src/linux/.config
$ make
$ make modules_install
$ make install
$ ls /boot/vmlinuz-*-gentoo-*  /boot/config-*-gentoo-* /boot/System.map-*-gentoo-*
$ genkenerl
$ ls /boot/initramfs-*-gentoo-*

Archlinux
```
$ pacstrap /mnt linux
```

安装驱动

Gentoo

$ emerge --ask --verbose sys-kernel/linux-firmware

Archlinux
```
$ pacstrap /mnt linux-firmware
```

安装引导

Boot Device

Gentoo

$ emerge --ask --verbose sys-boot/grub:2

Archlinux

个人化

locale,keymap
hostname, domain
hosts
passwd,useradd

其他

图形化

Linux Graphics

Gentoo
Archlinux
安装发行版工具链,如init(Archlinux的Systemd和Gentoo可选的Systemd及OpenRC)、包管理工具(Archlinux的pacman和Gentoo的portage)等等
- Archlinux
```
pacstrap /mnt base
```
- Gentoo
  
  https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Stage
```
tar xf stage3-amd64-20201202T214503Z.tar.xz  # 这里使用OpenRC版本init
```
工具链配置
安装Linux的内核

安装基本驱动集合

Archlinux
```
pacstrap /mnt linux-firmware
```
Gentoo
```
emerge --ask sys-kernel/linux-firmware
```

启动 grub-install --efi.... update-grub
本地化
网络配置
图形化(Optional)

TODO:

参考资料

https://wiki.gentoo.org/

http://wiki.archlinux.org/

https://www.thegeekstuff.com/2011/02/linux-boot-process/

后续

title: "LiveCD" date: 2020-12-06T09:13:12+08:00 categories:

note tags:
livecd
kali
linux

LiveCD

Install LiveCD

dd status=progress if=livecd.iso of=/dev/sdaX bs=512
fdisk ... # TODO: fix disk size
cryptsetup luksFormt /dev/sdaX
cryptsetup open persistence /dev/sdaX
mkfs.ext4 -L persistence /dev/mapper/persistence
mount /dev/mapper/persistence /mnt/livecd
echo "/ union" > /mnt/livecd/persistence.conf
umount /dev/mapper/persistence
cryptsetup close persistence

backup dick images

$ fdisk -l
$ blkid
$ dd status=progress bs=512 if=/dev/sda1 | gzip -nc -6 > backup.img.gz
# status
# bs
# if

参考资料

https://www.kali.org/downloads/

https://www.kali.org/docs/usb/kali-linux-live-usb-install-linux/

https://www.kali.org/docs/usb/kali-linux-live-usb-persistence/

后续

TODO: 先把记得的先写下,用了一下Kali好像用了个一次性的内核,然后每次rsync到持久化分区保存文件,有空也可以再探究一下

title: "I3" description: "" draft: true tags:

i3
linux

i3wm

https://i3wm.org/docs/userguide.html

i3status

https://i4wm.org/i3status/manpage.html

title: "Linux Graphics" # Title of the blog post. date: 2020-12-23T10:57:01+08:00 # Date of post creation.

description: "Article description." # Description used for search engine.

featured: true # Sets if post is a featured post, making appear on the home page side bar.

featureImage: "/images/path/file.jpg" # Sets featured image on blog post.

thumbnail: "/images/path/thumbnail.png" # Sets thumbnail image appearing inside card on homepage.

codeMaxLines: 10 # Override global value for how many lines within a code block before auto-collapsing.

codeLineNumbers: false # Override global value for showing of line numbers within code block.

figurePositionShow: true # Override global value for showing the figure label.

comment: false # Disable comment if false.

toc: true # Controls if a table of contents should be generated for first-level links automatically. categories:

note tags:

X11

xorg

Linux图形化上有一个框架/标准/协议(?)叫X11,其中Xorg就是他的实现,在各种DM,DE,WM上都使用相应接口进行,也是对多个不同之间框架模块兼容的理由

DE Desktop Environment

DM Display Manage

WM Window Manage

title: "URI Schema" description: "" tags:

uri TODO:

<SCHEME>://<NETLOC><PATH>?<PARAMS>#<FRAGMENT>

<NETLOC> => <HOST>:<PORT>
<HOST> => <DOMAIN>/<IPv4>/<IPv6>
<DOMAIN> => <SUBDOMAIN>.<FLD>
<FLD> => #.<SLD>.<TLD>

e.g. www.example.com
TLD => com.
SLD => example.com.
FLD => example.com.
e.g. www.example.com.cn
TLD => cn.
SLD => com.cn.
FLD=> example.com.cn.

part	description
TLD	Top level domain ()
gTLD
SLD	Second level domain
FLD	Free level domain

REF: List of Top-Level Domains

// TODO:

title: "Linux Keyboard Configure" description: "Linux键盘配置" tags:

linux
keyboard

之前一直在使用LControl和CapsLock交换的Keyboard Layout，但还没好好清晰地理一遍Linux相关的Keyboaed设置，此文章使用Linux发行版为Kali，以Debian为基础

常用设置

CapsLock及LControl互换

GUI

$ grep -E "(ctrl|caps):" /usr/share/X11/xkb/rules/base.lst
  ctrl:nocaps          Caps Lock as Ctrl
  ctrl:lctrl_meta      Left Ctrl as Meta
  ctrl:swapcaps        Swap Ctrl and Caps Lock
  ctrl:swapcaps_hyper  Caps Lock as Control, Control as Hyper
  ctrl:ac_ctrl         At left of 'A'
  ctrl:aa_ctrl         At bottom left
  ctrl:rctrl_ralt      Right Ctrl as Right Alt
  ctrl:menu_rctrl      Menu as Right Ctrl
  ctrl:swap_lalt_lctl  Swap Left Alt with Left Ctrl
  ctrl:swap_lwin_lctl  Swap Left Win with Left Ctrl
  ctrl:swap_rwin_rctl  Swap Right Win with Right Ctrl
  ctrl:swap_lalt_lctl_lwin Left Alt as Ctrl, Left Ctrl as Win, Left Win as Left Alt
  caps:internal        Caps Lock uses internal capitalization; Shift "pauses" Caps Lock
  caps:internal_nocancel Caps Lock uses internal capitalization; Shift does not affect Caps Lock
  caps:shift           Caps Lock acts as Shift with locking; Shift "pauses" Caps Lock
  caps:shift_nocancel  Caps Lock acts as Shift with locking; Shift does not affect Caps Lock
  caps:capslock        Caps Lock toggles normal capitalization of alphabetic characters
  caps:shiftlock       Caps Lock toggles ShiftLock (affects all keys)
  caps:swapescape      Swap ESC and Caps Lock
  caps:escape          Make Caps Lock an additional Esc
  caps:escape_shifted_capslock Make unmodified Caps Lock an additional Esc, but Shift + Caps Lock behaves like regular Caps Lock
  caps:backspace       Make Caps Lock an additional Backspace
  caps:super           Make Caps Lock an additional Super
  caps:hyper           Make Caps Lock an additional Hyper
  caps:menu            Make Caps Lock an additional Menu key
  caps:numlock         Make Caps Lock an additional Num Lock
  caps:ctrl_modifier   Caps Lock is also a Ctrl
  caps:none            Caps Lock is disabled
$ setxkbmap -option ctrl:swapcpas  # enbale swap caps and ctrl, multiple option sep with `,`
$ setxkbmap -option  # disable xkb options

CLI

TODO...

$ cat personal.map
...
keycode 29 = Caps_Lock
keycode 58 = Control
...
$ loadkeys personal.map

参考资料

title: "Serial Connection" description: "串行连接" draft: true

title: "PyYaml解释‘21:21`错误" date: 2019-12-09 categories:

bug tags:
yaml
docker-compose

问题/Problem

在docker-compose.yml中有
```
- 21:21
```
解析解果為int(1281)非str("21:21")

原因/Reason

在python中pyyaml解釋中發現21:21會解釋為時間類型,再轉為秒數輸出

X:Y X為小時,Y為分鐘

解决/Fix

在yaml文件中指定為字符串
```
 - "21:21"
```

title: "c1f"

About

I Am ... Security R&D Engineer, Learning Slowly ...

Contact

Blog

Email

Github

title: "Python Coroutine" description: "Python协程" draft: true

Python 3.6+

`asyncio`

awaitable
- coroutine
- task
- future
gather
wait
wait_for

title: "MITM Attack Via V2ray" date: 2020-03-28 categories:

note tags:
hacker

前两天有新闻JD和GITHUB被劫持，和最近生活中有些情况令我想到关于劫持页面重导向试试实现(其实想指定情况下在我手机上劫持微信跳转页面到我自己的页面下

环境

V2Ray 4.22.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13.8 linux/amd64)

实现

v2配置设置outbounds规则，设置劫持转发的目标点，在routing设置转发

https://www.v2fly.org/chapter_02/protocols/freedom.html

    "outbounds": [
        {
            "protocol": "freedom",
            "settings": {
                "redirect": "127.0.0.1:58885"
            },
            "tag": "mitm"
        }
    ],

https://www.v2fly.org/chapter_02/03_routing.html

    "routing": {
        "rules": [
            {
                "domain": [
                    "<劫持页面>"
                ],
                "outboundTag": "mitm",
                "type": "field"
            }
        ]

写了个简单劫持指定了在固定情况下发生劫持..其他情况正常

@app.route(path, methods=["GET"])
def hpass():
    if query == parse_qs(request.query_string):
        return page, 200
    url = list(urlsplit(request.url))
    url[1] = netloc
    url = urlunsplit(url)
    resp = requests.get(url)
    return resp.content, resp.status_code


if __name__ == "__main__":
    basicConfig(level=DEBUG)
    app.run(port=58885,
            ssl_context=('./signature/device.crt',
                         './signature/device.key'))

最后.. 因为HTTPS关系,劫持成功了,自己的小实验失败了,因为证书,之后自签也无法通过,也是预料之内..就这样吧,挺好玩的

title: "Kali localectl list-keymaps get no such file or directory Error" description: "" date: 2021-05-03T22:14:49+08:00 lastmod: 2021-05-03T22:14:49+08:00 tags:

keyboard
linux
debian

Environment

$ cat /etc/*release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"
ID=kali
VERSION="2021.1"
VERSION_ID="2021.1"
VERSION_CODENAME="kali-rolling"
ID_LIKE=debian
ANSI_COLOR="1;31"
HOME_URL="https://www.kali.org/"
SUPPORT_URL="https://forums.kali.org/"
BUG_REPORT_URL="https://bugs.kali.org/"

Question

$ localectl list-keymaps
Failed to read list of keymaps: No such file or directory

Debugging

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790955

$ ls /usr/share/keymaps/
ls: cannot access '/usr/share/keymaps/': No such file or directory
$ ls /usr/share/kbd/keymaps
ls: cannot access '/usr/share/kbd/keymaps': No such file or directory
$ strace localectl list-keymaps 2>&1 | less
...
lstat("/usr/share/kbd/keymaps", 0x7ffe375fa420) = -1 ENOENT (No such file or directory)
lstat("/usr/lib/kbd/keymaps", 0x7ffe375fa420) = -1 ENOENT (No such file or directory)
lstat("/lib/kbd/keymaps", 0x7ffe375fa420) = -1 ENOENT (No such file or directory)
...
$ sudo mv /usr/share/keymaps/i386/qwerty/us.kmap.gz /usr/share/keymaps/i386/qwerty
/us.map.gz
$ localectl list-keymaps
us

Fixed

/usr/share/keymaps等没有keymap文件是因为没安装console-data

$ sudo apt install console-data

根据上面的引用issus好像是debian一些兼容性的不同,官方推荐使用别的方式去设置键盘

https://benohead.com/blog/2012/04/27/debian-change-the-keyboard-layout-from-the-console/

https://wiki.debian.org/Keyboard

$ dpkg-reconfigure console-data
$ dpkg-reconfigure keyboard-configuration

title: "Postwoman CORS错误" date: 2020-04-06 categories:

bug tags:
postwoman

问题/Problem

postwoman发送请求一直出现CORS，使用了postwoman extensions后只能在postwoman.io中成功，自建失败

原因/Reason

浏览器安全策略，引至CORS
原生postwoman extensions只能对postwoman官方项目生效

      "matches": [
        "https://postwoman.io/",
        "https://postwoman.io/*",
        "https://postwoman.netlify.com/*",
        "https://postwoman.netlify.com/"
      ],

解决/Fix

修改postwoman extensions，对自建增加支持

title: "Partition Disk" # Title of the blog post. date: 2021-01-02 updated: 2021-01-02 toc: true categories:

note tags:
partition
disk
hardware

Partition Tool

fdisk和parted都是分区实用程序。 fdisk是众所周知的，稳定的，并且推荐用于MBR分区布局，而parted是支持GPT分区的第一个Linux块设备管理实用程序之一。喜欢fdisk的用户界面的用户可以使用 gdisk （GPT fdisk）作为parted的替代。

parted

fdisk

gdisk

Partition Table

MBR

主引导记录MBR (Master Boot Record)对分区的起始扇区和长度使用32比特的标识符，它支持三种分区类型：主分区、扩展分区和逻辑分区。主分区把它们的信息存储在主引导记录里一个非常小的空间里，通常是512字节，因为这个空间太小了，所以系统只支持四个主分区。（例如从 /dev/sda1 到/dev/sda4）

GPT

GPT(GUID Partition Table)为分区使用64比特标识符，它用来存储分区信息的空间也远比MBR的512字节要大，GPT磁盘它也不对分区的数量作限制。分区的大小限制可以达到8ZiB。译者注：

1ZiB = 1,024 EiB
1EiB = 1024 PiB
1PiB = 1024 TiB
1TiB = 1024 GiB
1GiB = 1024 MiB
1MiB = 1024 KiB
1KiB = 1024 B

当操作系统和系统固件之间的软件接口是UEFI (相对于BIOS)时，GPT几乎是必选的，因为这里MBR会引起很多兼容性问题。

GPT还利用校验和和冗余。它携带CRC32校验和以检测报头和分区表中的错误，并在磁盘的末尾有一个备份GPT。此备份表可用于恢复磁盘开头附近主GPT的损坏。

Partition Foramt

btrfs

是下一代文件系统，提供了许多高级功能，如快照，通过校验和自我修复、透明压缩、子卷和集成 RAID。几个发行版已经开始将它作为一个默认的选项,但它还未为生产工作做好准备。文件系统报告崩溃是常见的。其开发人员敦促人们运行最新的内核版本来解决安全问题,以及老的问题。这种情况已经很多年了,现在使用它还为时过早。如果出现变更，以及发生了变化，解决错误问题，都很少往旧内核注入补丁。请谨慎使用这个文件系统!

ext2

是经考验证明可靠的Linux文件系统，但是没有元数据日志，这意味这在启动系统时的ext2文件系统的日常检查相当耗时。现在相当一部分的新一代的日志文件系统都可以非常迅速检查一致性，因此比那些非日志文件系统更受欢迎。当你启动系统碰巧遇到文件系统状态不一致时，日志文件系统不会在那里耽搁很长时间。

ext3

是ext2文件系统的带日志版本，提供了元数据日志模式以快速恢复数据。此外还提供了其他增强的日志模式，如完整数据日志模式和有序数据日志模式。它使用了HTree索引，在几乎所有的情况下都能保持高性能。简而言之，ext3是非常好及可靠的文件系统。

ext4

最初创建为ext3的一个分支，EXT4带来了新的功能，性能改进和去除中度更改磁盘格式大小限制。它可以跨越体积高达1的EB并用16 TB最大文件大小。取而代之的是经典的ext2/3位块分配的ext4的使用范围，这对提高大文件的性能，并减少碎片。的Ext4还提供了更为复杂的块分配算法（延迟分配和多嵌段分配）给文件系统驱动更多的方式来优化数据的布局在磁盘上。 EXT4是推荐的通用所有平台的文件系统。

f2fs

这个文件系统最初由三星创建用于NAND闪存，是一种闪存文件系统从直到2016年第二季度起，这个文件系统仍然被认为不成熟。把Gentoo安装到microSD卡，USB驱动器或其他基于闪存的存储设备时使用它是一个不错的选择。

JFS

是IBM的高性能日志文件系统。JFS是一个轻量级的、快速的和稳定的基于B+树的文件系统，在很多情况下都有很好的表现。

ReiserFS

是基于B+树的文件系统，它有着非常全面的性能，特别时在处理很多小文件的时候，虽然会占用多一点CPU。ReiserFS相比其他文件系统显得受维护的不够。

XFS

是一种带元数据日志的文件系统，它有一个健壮的特性集，并且对可伸缩性进行了优化。XFS似乎对各种各样的硬件问题显得不够宽容。

vfat

也称为FAT32，被支持Linux，但不支持任何权限设置。它主要用于互操作性与其他操作系统（主要是微软的Windows），但也是很有必要的一些系统固件（如UEFI）的支持。

NTFS

这个“新技术”的文件系统是Microsoft Windows的旗舰文件系统。与上面的vfat类似，它不存储BSD或Linux正常工作所需的权限设置或扩展属性，因此它不能用作根文件系统。它应该'只'用于与Microsoft Windows系统的互操作性（注意只强调）。

Other

LVM

https://wiki.archlinux.org/index.php/LVM_
https://en.wikipedia.org/wiki/Logical_Volume_Manager_(Linux)

PV

pvs
pvdisplay

VG

vgs
vgdisplay

LV

lvs
lvdisplay
lvextend

LUKS

Mount

Fstab

/etc/fstab
https://wiki.gentoo.org/wiki/Fstab
https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/System#About_fstab
<filesystem> <mountpoint> <type> <options> <dump> <pass>

filesystem

第一个字段显示要挂载的特殊 block 设备或远程文件系统。有几种设备标识符可用于特殊块设备节点，包括设备文件路径，文件系统标签，UUID，分区标签以及UUID。

UUID
LABEL

mountpoint

第二个字段是分区挂载点，也就是分区应该挂载到的地方

type

第三个字段给出分区所用的文件系统
Partition Format

options

第四个字段给出的是挂载分区时mount命令所用的挂载选项。由于每个文件系统都有自己的挂载选项，我们建议你阅读mount手册（man mount）以获得所有挂载选项的列表。多个挂载选项之间是用逗号分隔的。
https://wiki.gentoo.org/wiki/Mount
http://www.skrenta.com/rt/man/mount.8.html

dump

第五个字段是给dump使用的，用以决定这个分区是否需要dump。一般情况下，你可以把该字段设为0（零）。

pass

第六个字段是给fsck使用的，用以决定系统非正常关机之后文件系统的检查顺序。根文件系统应该为1，而其它的应该为2（如果不需要文件系统自检的话可以设为0）。

References

https://wiki.gentoo.org/wiki/Handbook:AMD64/Installation/Disks/zh-cn#%E6%96%87%E4%BB%B6%E7%B3%BB%E7%BB%9F

title: "Ssl Disable Connect" # Title of the blog post. date: 2020-12-28T16:10:20+08:00 # Date of post creation.

description: "Article description." # Description used for search engine.

featured: true # Sets if post is a featured post, making appear on the home page side bar.

featureImage: "/images/path/file.jpg" # Sets featured image on blog post.

thumbnail: "/images/path/thumbnail.png" # Sets thumbnail image appearing inside card on homepage.

codeMaxLines: 10 # Override global value for how many lines within a code block before auto-collapsing.

codeLineNumbers: false # Override global value for showing of line numbers within code block.

figurePositionShow: true # Override global value for showing the figure label.

comment: false # Disable comment if false.

toc: true # Controls if a table of contents should be generated for first-level links automatically. categories:

bug tags:
ssl

Insert Lead paragraph here.

Question

$ curl https://...
curl: (35) error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
$ python with_ssl_session.py
[DEBUG] SSL connection error occurred ('[SSL: WRONG_SSL_VERSION] wrong ssl version (_ssl.c:727)')
[DEBUG] SSL connection error occurred ('[Errno 0] Error')
[WARNING] can't establish SSL connection

Reason

Fixed

$ vim /etc/ssl/openssl.cnf

disable protocol minimum version constraints

[system_default_sect]
# MinProtocol = TLSv1.2

title: "Grub" date: 2020-01-26 categories:

note tags:
grub

之前grub搞了个在U盘上引就安装系统，不过引导不了windows的安装装，和和和之前又洗了，之后再玩玩，也想想要怎么玩，因为也想搞个linux在U盘上不过今天看到双系统的引导,一来想把倒数关了,免自己老要开机时守那几秒,和上想是找方法想弄成,自动启动上次开启的系统,和和也再好好看看grub

All executable files in this directory are processed in shell expansion order.

  00_*: Reserved for 00_header.
  10_*: Native boot entries.
  20_*: Third party apps (e.g. memtest86+).

  The number namespace in-between is configurable by system installer and/or
   administrator.  For example, you can add an entry to boot another OS as
   01_otheros, 11_otheros, etc, depending on the position you want it to occupy in
   the menu; and then adjust the default setting via /etc/default/grub.

大概定义了一下各文件的渲染上的任务

  .
├── 00_header
├── 05_debian_theme
├── 10_linux
├── 20_linux_xen
├── 20_memtest86+
├── 30_os-prober
├── 30_uefi-firmware
├── 40_custom
#!/bin/sh
exec tail -n +3 $0
# This file provides an easy way to add custom menu entries.  Simply type the
# menu entries you want to add after this comment.  Be careful not to change
# the 'exec tail' line above.
├── 41_custom
#!/bin/sh
if [ -f  \${config_directory}/custom.cfg ]; then
  source \${config_directory}/custom.cfg
elif [ -z "\${config_directory}" -a -f  \$prefix/custom.cfg ]; then
  source \$prefix/custom.cfg;
fi
└── README

就如上。。基本就这样，按他格化式加下配置就好，优雅点

/etc/default/grub 这就是渲染grub.cfg时的环境变量，原版（我好像没改过）就酱，改个timeout为0，先把那个倒数启动关了

  # If you change this file, run 'update-grub' afterwards to update
  # /boot/grub/grub.cfg.
  # For full documentation of the options in this file, see:
  #   info -f grub -n 'Simple configuration'

  GRUB_DEFAULT=0
  GRUB_TIMEOUT_STYLE=hidden
  GRUB_TIMEOUT=10
  GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
  GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"
  GRUB_CMDLINE_LINUX=""

  # Uncomment to enable BadRAM filtering, modify to suit your needs
  # This works with Linux (no patch required) and with any kernel that obtains
  # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...)
  #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef"

  # Uncomment to disable graphical terminal (grub-pc only)
  #GRUB_TERMINAL=console

  # The resolution used on graphical terminal
  # note that you can use only modes which your graphic card supports via VBE
  # you can see them in real GRUB with the command `vbeinfo'
  #GRUB_GFXMODE=640x480

  # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux
  #GRUB_DISABLE_LINUX_UUID=true

  # Uncomment to disable generation of recovery mode menu entries
  #GRUB_DISABLE_RECOVERY="true"

  # Uncomment to get a beep at grub start
  #GRUB_INIT_TUNE="480 440 1"

命令

update-grub 重新渲染/boot/grub/grub.cfg

title: "network protocol" description: "review and note network protocol" date: "2022-07-19" tags:

network
protocol TODO:

TCP/IP Model

Internet Layer

IP

REF: https://datatracker.ietf.org/doc/html/rfc791

Format

Header

   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |Version|  IHL  |Type of Service|          Total Length         |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |         Identification        |Flags|      Fragment Offset    |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |  Time to Live |    Protocol   |         Header Checksum       |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                       Source Address                          |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                    Destination Address                        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                    Options                    |    Padding    |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Transport Layer

TCP

REF: https://datatracker.ietf.org/doc/html/rfc793

Format

Header

   0                   1                   2                   3
   0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |          Source Port          |       Destination Port        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                        Sequence Number                        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                    Acknowledgment Number                      |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |  Data |           |U|A|P|R|S|F|                               |
  | Offset| Reserved  |R|C|S|S|Y|I|            Window             |
  |       |           |G|K|H|T|N|N|                               |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |           Checksum            |         Urgent Pointer        |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                    Options                    |    Padding    |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
  |                             data                              |
  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

IPLayer

   0      7 8     15 16    23 24    31
  +--------+--------+--------+--------+
  |           Source Address          |
  +--------+--------+--------+--------+
  |         Destination Address       |
  +--------+--------+--------+--------+
  |  zero  |  PTCL  |    TCP Length   |
  +--------+--------+--------+--------+

Flow

                                +---------+ ---------\      active OPEN
                                |  CLOSED |            \    -----------
                                +---------+<---------\   \   create TCB
                                  |     ^              \   \  snd SYN
                     passive OPEN |     |   CLOSE        \   \
                     ------------ |     | ----------       \   \
                      create TCB  |     | delete TCB         \   \
                                  V     |                      \   \
                                +---------+            CLOSE    |    \
                                |  LISTEN |          ---------- |     |
                                +---------+          delete TCB |     |
                     rcv SYN      |     |     SEND              |     |
                    -----------   |     |    -------            |     V
   +---------+      snd SYN,ACK  /       \   snd SYN          +---------+
   |         |<-----------------           ------------------>|         |
   |   SYN   |                    rcv SYN                     |   SYN   |
   |   RCVD  |<-----------------------------------------------|   SENT  |
   |         |                    snd ACK                     |         |
   |         |------------------           -------------------|         |
   +---------+   rcv ACK of SYN  \       /  rcv SYN,ACK       +---------+
     |           --------------   |     |   -----------
     |                  x         |     |     snd ACK
     |                            V     V
     |  CLOSE                   +---------+
     | -------                  |  ESTAB  |
     | snd FIN                  +---------+
     |                   CLOSE    |     |    rcv FIN
     V                  -------   |     |    -------
   +---------+          snd FIN  /       \   snd ACK          +---------+
   |  FIN    |<-----------------           ------------------>|  CLOSE  |
   | WAIT-1  |------------------                              |   WAIT  |
   +---------+          rcv FIN  \                            +---------+
     | rcv ACK of FIN   -------   |                            CLOSE  |
     | --------------   snd ACK   |                           ------- |
     V        x                   V                           snd FIN V
   +---------+                  +---------+                   +---------+
   |FINWAIT-2|                  | CLOSING |                   | LAST-ACK|
   +---------+                  +---------+                   +---------+
     |                rcv ACK of FIN |                 rcv ACK of FIN |
     |  rcv FIN       -------------- |    Timeout=2MSL -------------- |
     |  -------              x       V    ------------        x       V
      \ snd ACK                 +---------+delete TCB         +---------+
       ------------------------>|TIME WAIT|------------------>| CLOSED  |
                                +---------+                   +---------+

UDP

REF: https://datatracker.ietf.org/doc/html/rfc768

Format

Header

   0      7 8     15 16    23 24    31
  +--------+--------+--------+--------+
  |     Source      |   Destination   |
  |      Port       |      Port       |
  +--------+--------+--------+--------+
  |                 |                 |
  |     Length      |    Checksum     |
  +--------+--------+--------+--------+
  |
  |          data octets ...
  +---------------- ...

IPLayer

   0      7 8     15 16    23 24    31
  +--------+--------+--------+--------+
  |          source address           |
  +--------+--------+--------+--------+
  |        destination address        |
  +--------+--------+--------+--------+
  |  zero  |protocol|   UDP length    |
  +--------+--------+--------+--------+

title: "U盘制作" date: 2020-10-12T10:53:57+08:00

做一个多分区，有加密盘的U盘

# find mount point
mount -l 
# umount
umount <mount-point>
# make partional
sudo fidsk <disk> # input m get help
# format usb disk
sudo mke2fs -j -F -L unencrypted <unencrypted disk>

sudo cryptsetup luksFormat <encrypted disk>
sudo cryptsetup luksOpen <encrypted> encrypted
sudo mke2fs -j -F -L encrypted /dev/mapper/encrypted
sudo cryptsetup luksClose encrypted

https://linux.cn/article-9640-1.html

title: "Network Topology" description: "网络拓扑" draft: true

Bridge

Proxy

Forward Proxy / 正向代理

Reverse Proxy / 反向代理

Transport Proxy / 正向代理

Tools

ethernet internet

ebtable

https://blog.csdn.net/u013485792/article/details/76522551
iptable
netfilter

https://arthurchiao.art/blog/deep-dive-into-iptables-and-netfilter-arch-zh/

dhcpclient

$ dhcpclient {interface} -v  # get dhcp

title: "sed bad flag in substitute command" description: "" date: 2021-07-16T10:31:08+08:00 tags:

sed
cli
macOS

Environment

$ sw_vers
ProductName:    macOS
ProductVersion: 11.4
BuildVersion:   20F71

Question

$ echo "abcdefg" > test
$ sed "s/b/d/g" test
adcdefg
$ sed -i "s/b/d/g" test
... error
# undefined label
# bad flag in substiute command

Debugging

Fixed

$ sed -i.bak "s/b/d/g" test
$ gsed -i "s/b/d/g" test

title: "Docker有权限但权限不足" date: 2019-12-09 categories:

bug tags:
docker

问题/Problem

Docker容器中已分配權限,但無法訪問文件

原因/Reason

Selinux限制

解决/Fix

Selinux關閉或添加權限

title: "OWASP Top 10 Web Application Security Risks" description: "OWASP前10 Web应用安全风险" date: 2021-04-19T12:58:50+08:00

https://owasp.org/www-project-top-ten/

http://www.owasp.org.cn/owasp-project

https://github.com/owasp-top

OWASP Top 10 Web Application Security Risks Versions

	2017	2013	2010	2007	2004	2003
A1	注入	注入	注入	跨站脚本（XSS）	不安全的配置管理	未验证的参数
A2	失效的身份认证	失效的身份认证和会话管理	失效的身份认证和会话管理	注入漏洞	错误的访问控制	错误的访问控制
A3	敏感数据泄露	跨站脚本（XSS）	跨站脚本（XSS）	恶意文件执行	错误的验证和会话管理	错误的验证和会话管理
A4	XML 外部实体（XXE）	不安全的直接对象引用	不安全的直接对象引用	不安全的直接对象引用	注入漏洞	跨站脚本
A5	失效的访问控制	安全配置错误	安全配置错误	跨站请求伪造（CSRF）	缓冲溢出	缓冲溢出
A6	安全配置错误	敏感信息泄漏	不安全的加密存储	信息泄漏和不恰当的错误处理	注入式漏洞	命令注入式漏洞
A7	跨站脚本（XSS）	功能级访问控制缺失	没有限制URL访问	失效的身份认证和会话管理	不正确的错误处理	错误处理的问题
A8	不安全的反序列化	跨站请求伪造（CSRF）	跨站请求伪造（CSRF）	不安全的加密存储	不安全的存储	密码学的不安全的使用
A9	使用含有已知漏洞的组件	使用含有已知漏洞的组件	未验证的重定向和转发	不安全的通信	拒绝访问	远程管理漏洞
A10	不足的日志记录和监控	未验证的重定向和转发	传输层保护不足	没有限制 URL 访问	未验证的输入	Web 和应用服务器的错误配置

2017

http://www.owasp.org.cn/owasp-project/download/2010_OWASP_Top_10 https://github.com/owasp-top/owasp-top-2017

注入

可利用性: 易
普遍性: 常见
可利用性: 平均
影响: 严重

注入攻击漏洞，例如SQL，OS 以及LDAP注入。这些攻击发生在当不可信的数据作为命令或者查询语句的一部分，被发送给解释器的时候。攻击者发送的恶意数据可以欺骗解释器，以执行计划外的命令或者在未被恰当授权时访问数据。

失效的身份认证

可利用性:
普遍性:
可利用性:
影响:

与身份认证和会话管理相关的应用程序功能往往得不到正确的实现，这就导致了攻击者破坏密码、密匙、会话令牌或攻击其他的漏洞去冒充其他用户的身份。

敏感数据泄露

可利用性:
普遍性:
可利用性:
影响:

当应用程序收到含有不可信的数据，在没有进行适当的验证和转义的情况下，就将它发送给一个网页浏览器，这就会产生跨站脚本攻击（简称XSS）。XSS允许攻击者在受害者的浏览器上执行脚本，从而劫持用户会话、危害网站、或者将用户转向至恶意网站。

XML 外部实体（XXE）

可利用性:
普遍性:
可利用性:
影响:

当开发人员暴露一个对内部实现对象的引用时，例如，一个文件、目录或者数据库密匙，就会产生一个不安全的直接对象引用。在没有访问控制检测或其他保护时，攻击者会操控这些引用去访问未授权数据。

失效的访问控制

可利用性:
普遍性:
可利用性:
影响:

好的安全需要对应用程序、框架、应用程序服务器、web服务器、数据库服务器和平台定义和执行安全配置。由于许多设置的默认值并不是安全的，因此，必须定义、实施和维护这些设置。这包含了对所有的软件保持及时地更新，包括所有应用程序的库文件。

安全配置错误

可利用性:
普遍性:
可利用性:
影响:

许多Web应用程序没有正确保护敏感数据，如信用卡，税务ID和身份验证凭据。攻击者可能会窃取或篡改这些弱保护的数据以进行信用卡诈骗、身份窃取，或其他犯罪。敏感数据值需额外的保护，比如在存放或在传输过程中的加密，以及在与浏览器交换时进行特殊的预防措施。

跨站脚本（XSS）

可利用性:
普遍性:
可利用性:
影响:

大多数Web应用程序在功能在UI中可见以前，验证功能级别的访问权限。但是，应用程序需要在每个功能被访问时在服务器端执行相同的访问控制检查。如果请求没有被验证，攻击者能够伪造请求以在未经适当授权时访问功能。

不安全的反序列化

可利用性:
普遍性:
可利用性:
影响:

一个跨站请求伪造攻击迫使登录用户的浏览器将伪造的HTTP请求，包括该用户的会话cookie和其他认证信息，发送到一个存在漏洞的web应用程序。这就允许了攻击者迫使用户浏览器向存在漏洞的应用程序发送请求，而这些请求会被应用程序认为是用户的合法请求。

使用含有已知漏洞的组件

可利用性:
普遍性:
可利用性:
影响:

组件，比如：库文件、框架和其它软件模块，几乎总是以全部的权限运行。如果一个带有漏洞的组件被利用，这种攻击可以造成更为严重的数据丢失或服务器接管。应用程序使用带有已知漏洞的组件会破坏应用程序防御系统，并使一系列可能的攻击和影响成为可能。

不足的日志记录和监控

可利用性:
普遍性:
可利用性:
影响:

Web应用程序经常将用户重定向和转发到其他网页和网站，并且利用不可信的数据去判定目的页面。如果没有得到适当验证，攻击者可以重定向受害用户到钓鱼软件或恶意网站，或者使用转发去访问未授权的页面

2013

http://www.owasp.org.cn/owasp-project/download/mobile-top-10-2013-2

2010

http://www.owasp.org.cn/owasp-project/download/2010_OWASP_Top_10

2007

https://owasp.org/www-pdf-archive/OWASP_Top_10_2007.pdf

2004

2003

title: "Boot Device" # Title of the blog post. date: 2020-12-23T10:57:10+08:00 # Date of post creation.

description: "Article description." # Description used for search engine.

featured: true # Sets if post is a featured post, making appear on the home page side bar.

featureImage: "/images/path/file.jpg" # Sets featured image on blog post.

thumbnail: "/images/path/thumbnail.png" # Sets thumbnail image appearing inside card on homepage.

codeMaxLines: 10 # Override global value for how many lines within a code block before auto-collapsing.

codeLineNumbers: false # Override global value for showing of line numbers within code block.

figurePositionShow: true # Override global value for showing the figure label.

comment: false # Disable comment if false.

toc: true # Controls if a table of contents should be generated for first-level links automatically. categories:

note tags:

UEFI/BIOS

Insert Lead paragraph here.

Linux After Press Power Button

https://www.thegeekstuff.com/2011/02/linux-boot-process/

6 Stages of Linux Boot Process

BIOS - Basic Input/Output system executes MBR

MBR - Master Boot Record executes GRUB

GRUB - Grand Unified Bootloader executes Kernel

Kernel - Kernel executes /sbin/init

Init - Init executes runlevel programs

Runlevel - Runlevel programs are executes from /etc/rc.d/rc*.d/

OpenRC VS Systemd

https://wiki.archlinux.org/index.php/Systemd

https://wiki.gentoo.org/wiki/OpenRC

对于Gentoo默认是使用OpenRC,现在大量的Linux发行版都使用Systemd(Archlinux也是使用Systemd),在看了一些资料后了解,这两个都是作为PID1的init(其中其实还有一个SysVinit,也是大量发行版以前的init),且gnome也是绑定了Systemd,对于Systemd可以理解为有高度集成的一个init,其中包括timedatectl,systemctl,journalctl,hostnamectl等等,还有对很多的操作,有很多对于Systemd的负面评价,在看完后装Gentoo时决定,再学习一次试一下OpenRC看看还需要什么服务的...

title: "Distribution" description: "" draft: true

title: "Ngrok Tunnel No Found" date: 2019-11-05 categories:

bug tags:
ngrok
dns

问题/Problem

TODO

原因/Reason

ngrokd服務器無法路由請求,在ngrok1.X中subdomain為三級域名,DNS需設置三級域名解析到ngrokd服務器,或使用hostname重寫為二級域名

解决/Fix

解決路由問題
godday dns的三級域名解析方法為主机: .

title: "base64在Windows及Linux下错误" date: 2019-12-09 categories:

bug tags:
linux
windows
base64

问题/Problem

在linux上echo "STRING"|base時與decode結果不一致,在python base64.b64encode下正常

原因/Reason

因為首先關于換行符, echo會打印換行,在Windows下為\r\n,在*nix為\n,在早期Mac下為\r,因為這個引至第一個BUG點
echo 可以用-n消行echo出來自身的換行,用-e可以解釋字符中的替換符

解决/Fix

echo -en "STRING\r\n"|base64

title: "Netfilter" Description: "Netfilter" tags:

linux
network
netfilter
kernel draft: true

Netfilter

Intro

iptables, ebtable, ..

HOOK

NF_IP_PRE_ROUTING
NF_IP_LOCAL_IN
NF_IP_FORWARD
NF_IP_LOCAL_OUT
NF_IP_POST_ROUTING

Chain

PREROUTING
INPUT
FORWARD
OUTPUT
POSTROUTING

Table

FILTER
NAT
MANGLE
RAW
SECURITY

Priority

GetAndLocal
1. PREROUTING
2. INPUT
GetAndOther
1. PREROUTING
2. FORWARD
3. POSTROUTING
Produce
1. OUTPUT
2. POSTROUTING

title: "rDNS and PTR" description: "reverse dns resolve and ptr record" tags:

protocol
dns TODO:

REF: https://www.cloudflare.com/zh-cn/learning/dns/dns-records/dns-ptr-record/

REF: https://zh.m.wikipedia.org/zh-hans/%E5%8F%8D%E5%90%91DNS

// TODO:

title: "Android Flashing Device" date: 2020-11-23T19:18:05+08:00 toc: true categories:

note tags:
android
adb
fastboot
root
oneplus

Android刷机

环境

OnePlus8Pro
Kali Rolling
adb

Android Debug Bridge version 1.0.39 Version 1:8.1.0+r23-8 Installed as /usr/lib/android-sdk/platform-tools/adb

sudo apt install android-tools-adb
fastboot

fastboot version 1:8.1.0+r23-8 Installed as /usr/lib/android-sdk/platform-tools/fastboot

sudo apt install android-tools-fastboot

基础

解锁OEM

https://source.android.com/setup/build/running
进入FastbootMode
进入RecoveryMode
安装Magisk/MagiskManager

官方网站：　https://magiskmanager.com/

玩起来

官方OTA全量包中解压，此处使用OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e.zip

https://www.oneplus.com/cn/support/softwareupgrade

https://www.oneplus.com/support/softwareupgrade

$ unzip OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e.zip -d OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e
$ tree OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e
OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e
├── META-INF
│   └── com
├── payload.bin
└── payload_properties.txt

其中payload.bin是使用protobuf压缩的二进制img文件，使用payload_dumper解压出来boot.img、recovery.img及其他img文件

https://github.com/vm03/payload_dumper

$ git clone https://github.com/vm03/payload_dumper.git payload_dumper
$ pip install -r requirements.txt
$ python payload_dumper.py payload.bin
$ tree payload_dumper
payload_dumper
├── old
├── output
│   ├── abl.img
│   ├── aop.img
│   ├── bluetooth.img
│   ├── boot.img
│   ├── cmnlib64.img
│   ├── cmnlib.img
│   ├── devcfg.img
│   ├── dsp.img
│   ├── dtbo.img
│   ├── featenabler.img
│   ├── hyp.img
│   ├── imagefv.img
│   ├── keymaster.img
│   ├── logo.img
│   ├── mdm_oem_stanvbk.img
│   ├── modem.img
│   ├── multiimgoem.img
│   ├── odm.img
│   ├── product.img
│   ├── qupfw.img
│   ├── recovery.img
│   ├── reserve.img
│   ├── spunvm.img
│   ├── storsec.img
│   ├── system_ext.img
│   ├── system.img
│   ├── tz.img
│   ├── uefisecapp.img
│   ├── vbmeta.img
│   ├── vbmeta_system.img
│   ├── vendor.img
│   ├── xbl_config.img
│   └── xbl.img
├── payload_dumper.py
├── README.md
├── requirements.txt
└── update_metadata_pb2.py

其中在刷Magisk比较有用的是boot.img及recovery.img，可以使用Magisk对boot.img或recovery.img进行修改，修改为magisk_patch.img然后对相应分区flash

$ adb push boot.img /storage/emulated/0/Download/
# 手机操作`MagiskManager`修改`img`文件
$ adb pull /storage/emulated/0/Download/magisk_patch.img
$ adb reboot-fastboot
# 手机重启至`FastbootMode`
$ sudo fastboot flash boot magisk_patch.img
$ sudo fastboot continue # sudo fastboot reboot # 也可

研究一下

$ adb shell
OnePlus8Pro:/ $ mount
/dev/block/dm-10 on / type ext4 (ro,seclabel,relatime,discard)
tmpfs on /dev type tmpfs (rw,seclabel,nosuid,relatime,size=3837280k,nr_inodes=959320,mode=755)
devpts on /dev/pts type devpts (rw,seclabel,relatime,mode=600,ptmxmode=000)
proc on /proc type proc (rw,relatime,gid=3009,hidepid=2)
sysfs on /sys type sysfs (rw,seclabel,relatime)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
tmpfs on /mnt type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755,gid=1000)
tmpfs on /mnt/installer type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755,gid=1000)
tmpfs on /mnt/androidwritable type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755,gid=1000)
/dev/block/sda19 on /metadata type ext4 (rw,sync,seclabel,nosuid,nodev,noatime,discard)
/dev/block/dm-11 on /system_ext type ext4 (ro,seclabel,relatime,discard)
/dev/block/dm-12 on /product type ext4 (ro,seclabel,relatime,discard)
/dev/block/dm-13 on /vendor type ext4 (ro,seclabel,relatime,discard)
/dev/block/dm-14 on /odm type ext4 (ro,seclabel,relatime,discard)
overlay on /system/etc/buildinfo type overlay (ro,context=u:object_r:system_file:s0,relatime,lowerdir=/odm/etc/buildinfo:/system/etc/buildinfo)
tmpfs on /apex type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755)
tmpfs on /linkerconfig type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755)
none on /dev/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
none on /dev/cg2_bpf type cgroup2 (rw,nosuid,nodev,noexec,relatime)
none on /dev/cpuctl type cgroup (rw,nosuid,nodev,noexec,relatime,cpu)
none on /acct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct)
none on /dev/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,noprefix,release_agent=/sbin/cpuset_release_agent)
none on /dev/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
none on /dev/iolimit type cgroup (rw,nosuid,nodev,noexec,relatime,iolimit)
none on /dev/memcg type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
none on /dev/stune type cgroup (rw,nosuid,nodev,noexec,relatime,schedtune)
tracefs on /sys/kernel/tracing type tracefs (rw,seclabel,relatime)
none on /config type configfs (rw,nosuid,nodev,noexec,relatime)
binder on /dev/binderfs type binder (rw,relatime,max=1048576,stats=global)
none on /sys/fs/fuse/connections type fusectl (rw,relatime)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime)
pstore on /sys/fs/pstore type pstore (rw,seclabel,nosuid,nodev,noexec,relatime)
none on /sys/fs/cgroup type tmpfs (rw,seclabel,relatime,size=3837280k,nr_inodes=959320,mode=750,gid=1000)
none on /sys/fs/cgroup/freezer type cgroup (rw,relatime,freezer)
/dev/block/sda9 on /mnt/vendor/modemdump type ext4 (rw,seclabel,nosuid,nodev,noatime)
/dev/block/sda2 on /mnt/vendor/persist type ext4 (rw,seclabel,nosuid,nodev,noatime)
/dev/block/sde4 on /vendor/firmware_mnt type vfat (ro,context=u:object_r:firmware_file:s0,relatime,uid=1000,gid=1000,fmask=0337,dmask=0227,codepage=437,iocharset=iso8859-1,shortname=lower,errors=remount-ro)
/dev/block/sde9 on /vendor/dsp type ext4 (ro,seclabel,nosuid,nodev,relatime)
/dev/block/sde5 on /vendor/bt_firmware type vfat (ro,context=u:object_r:bt_firmware_file:s0,relatime,uid=1002,gid=3002,fmask=0337,dmask=0227,codepage=437,iocharset=iso8859-1,shortname=lower,errors=remount-ro)
/dev/block/sda10 on /mnt/vendor/op2 type ext4 (rw,seclabel,nosuid,nodev,noatime,data=ordered)
/dev/block/dm-15 on /data type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
/dev/block/loop6 on /system/reserve type ext4 (ro,context=u:object_r:system_file:s0,relatime)
tmpfs on /linkerconfig type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755)
/dev/block/dm-15 on /data/user/0 type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
tmpfs on /data_mirror type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=700,gid=1000)
/dev/block/dm-15 on /data_mirror/data_ce/null type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
/dev/block/dm-15 on /data_mirror/data_ce/null/0 type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
/dev/block/dm-15 on /data_mirror/data_de/null type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
/dev/block/dm-15 on /data_mirror/cur_profiles type f2fs (rw,lazytime,seclabel,nosuid,nodev,noatime,background_gc=on,discard,no_heap,user_xattr,inline_xattr,acl,inline_data,inline_dentry,extent_cache,mode=adaptive,active_logs=6,reserve_root=32768,resuid=0,resgid=1065,inlinecrypt,alloc_mode=default,fsync_mode=nobarrier)
/dev/block/dm-16 on /apex/com.android.os.statsd@300901600 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/dm-16 on /apex/com.android.os.statsd type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop8 on /apex/com.android.adbd@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop8 on /apex/com.android.adbd type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop9 on /apex/com.android.i18n@1 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop9 on /apex/com.android.i18n type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop10 on /apex/com.android.art@1 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop10 on /apex/com.android.art type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop11 on /apex/com.android.tethering@300208500 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop11 on /apex/com.android.tethering type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop12 on /apex/com.android.conscrypt@300900703 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop12 on /apex/com.android.conscrypt type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop13 on /apex/com.android.wifi@300208500 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop13 on /apex/com.android.wifi type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop14 on /apex/com.android.runtime@1 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop14 on /apex/com.android.runtime type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop15 on /apex/com.android.resolv@300208500 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop15 on /apex/com.android.resolv type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop16 on /apex/com.android.tzdata@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop16 on /apex/com.android.tzdata type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop17 on /apex/com.android.sdkext@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop17 on /apex/com.android.sdkext type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop18 on /apex/com.android.neuralnetworks@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop18 on /apex/com.android.neuralnetworks type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop19 on /apex/com.android.ipsec@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop19 on /apex/com.android.ipsec type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop20 on /apex/com.android.apex.cts.shim@1 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop20 on /apex/com.android.apex.cts.shim type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop21 on /apex/com.android.media.swcodec@300900714 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop21 on /apex/com.android.media.swcodec type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop22 on /apex/com.android.extservices@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop22 on /apex/com.android.extservices type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop23 on /apex/com.android.mediaprovider@300900729 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop23 on /apex/com.android.mediaprovider type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop24 on /apex/com.android.vndk.v30@1 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop24 on /apex/com.android.vndk.v30 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop25 on /apex/com.android.permission@300208500 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop25 on /apex/com.android.permission type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop26 on /apex/com.android.media@300900700 type ext4 (ro,dirsync,seclabel,nodev,noatime)
/dev/block/loop26 on /apex/com.android.media type ext4 (ro,dirsync,seclabel,nodev,noatime)
tmpfs on /storage type tmpfs (rw,seclabel,nosuid,nodev,noexec,relatime,size=3837280k,nr_inodes=959320,mode=755,gid=1000)
adb on /dev/usb-ffs/adb type functionfs (rw,relatime)
diag on /dev/ffs-diag type functionfs (rw,relatime)
diag_mdm on /dev/ffs-diag-1 type functionfs (rw,relatime)
diag_mdm2 on /dev/ffs-diag-2 type functionfs (rw,relatime)
/data/media on /mnt/runtime/default/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/runtime/read/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=23,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/runtime/write/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/runtime/full/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/dev/fuse on /storage/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/installer/0/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/androidwritable/0/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/user/0/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/data/media on /mnt/pass_through/0/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/dev/fuse on /mnt/installer/999/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/androidwritable/999/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/user/999/emulated type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/data/media on /mnt/pass_through/999/emulated type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/pass_through/0/ace-999 type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/pass_through/999/ace-0 type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
/dev/fuse on /mnt/installer/999/ace-0 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/androidwritable/999/ace-0 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/user/999/ace-0 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/data/media on /mnt/androidwritable/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/999/ace-0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/ace-0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/emulated/0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/ace-0/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/999/ace-0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/ace-0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/emulated/0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/ace-0/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/dev/fuse on /storage/ace-999 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/installer/0/ace-999 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/androidwritable/0/ace-999 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/dev/fuse on /mnt/user/0/ace-999 type fuse (rw,lazytime,nosuid,nodev,noexec,noatime,user_id=0,group_id=0,allow_other)
/data/media on /mnt/androidwritable/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/0/ace-999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/ace-999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/ace-999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/emulated/999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/ace-999/Android/data type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/androidwritable/0/ace-999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/0/ace-999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /storage/ace-999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/user/0/ace-999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=1015,multiuser,mask=6,derive_gid,default_normal,unshared_obb)
/data/media on /mnt/installer/999/emulated/999/Android/obb type sdcardfs (rw,nosuid,nodev,noexec,noatime,fsuid=1023,fsgid=1023,gid=9997,multiuser,mask=7,derive_gid,default_normal,unshared_obb)
OnePlus8Pro:/ $ df
Filesystem        1K-blocks     Used Available Use% Mounted on
/dev/block/dm-10    1771636  1766260         0 100% /
tmpfs               3837280     1300   3835980   1% /dev
tmpfs               3837280        0   3837280   0% /mnt
/dev/block/dm-11    1095456  1092176         0 100% /system_ext
/dev/block/dm-12     460352   458972         0 100% /product
/dev/block/dm-13    1565912  1561168         0 100% /vendor
/dev/block/dm-14      86616    86356         0 100% /odm
overlay               86616    86356         0 100% /system/etc/buildinfo
tmpfs               3837280        0   3837280   0% /apex
none                3837280        0   3837280   0% /sys/fs/cgroup
/dev/block/sda2       27632     5012     21644  19% /mnt/vendor/persist
/dev/block/dm-15  105515340 36082176  69302092  35% /data
/dev/block/loop6    1606296  1469000    104260  94% /system/reserve
/dev/block/dm-16       1696     1668         0 100% /apex/com.android.os.statsd@300901600
/dev/block/loop8       7728     7700         0 100% /apex/com.android.adbd@300900700
/dev/block/loop9      24640    24608         0 100% /apex/com.android.i18n@1
/dev/block/loop10     81560    81532         0 100% /apex/com.android.art@1
/dev/block/loop11       748      720        16  98% /apex/com.android.tethering@300208500
/dev/block/loop12      4744     4716         0 100% /apex/com.android.conscrypt@300900703
/dev/block/loop13      4564     4536         0 100% /apex/com.android.wifi@300208500
/dev/block/loop14      5116     5080         0 100% /apex/com.android.runtime@1
/dev/block/loop15      2388     2356         0 100% /apex/com.android.resolv@300208500
/dev/block/loop16       844      816        12  99% /apex/com.android.tzdata@300900700
/dev/block/loop17       332      300        28  92% /apex/com.android.sdkext@300900700
/dev/block/loop18      5360     5328         0 100% /apex/com.android.neuralnetworks@300900700
/dev/block/loop19       560      532        20  97% /apex/com.android.ipsec@300900700
/dev/block/loop20       232       92       136  41% /apex/com.android.apex.cts.shim@1
/dev/block/loop21     18144    18116         0 100% /apex/com.android.media.swcodec@300900714
/dev/block/loop22      3988     3960         0 100% /apex/com.android.extservices@300900700
/dev/block/loop23      3884     3856         0 100% /apex/com.android.mediaprovider@300900729
/dev/block/loop24    110756   110724         0 100% /apex/com.android.vndk.v30@1
/dev/block/loop25     18520    18488         0 100% /apex/com.android.permission@300208500
/dev/block/loop26      4488     4460         0 100% /apex/com.android.media@300900700
/dev/fuse         105515340 36082176  69302092  35% /storage/emulated
/dev/fuse         105515340 36082176  69302092  35% /storage/ace-999
$ diff OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/abl.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/abl.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/aop.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/aop.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/bluetooth.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/bluetooth.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/boot.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/boot.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/cmnlib64.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/cmnlib64.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/cmnlib.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/cmnlib.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/devcfg.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/devcfg.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/dsp.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/dsp.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/dtbo.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/dtbo.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/featenabler.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/featenabler.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/hyp.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/hyp.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/imagefv.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/imagefv.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/keymaster.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/keymaster.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/logo.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/logo.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/mdm_oem_stanvbk.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/mdm_oem_stanvbk.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/modem.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/modem.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/multiimgoem.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/multiimgoem.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/odm.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/odm.img differ
Only in OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/: opproduct.img
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/product.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/product.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/qupfw.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/qupfw.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/recovery.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/recovery.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/reserve.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/reserve.img differ
Only in OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output: storsec.img
Only in OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output: system_ext.img
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/system.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/system.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/tz.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/tz.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/uefisecapp.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/uefisecapp.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/vbmeta.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/vbmeta.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/vbmeta_system.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/vbmeta_system.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/vendor.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/vendor.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/xbl_config.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/xbl_config.img differ
Binary files OnePlus8ProHydrogen_15.H.31_OTA_0310_all_2010291922_15e1f3321849475e/payload_dumper/output/xbl.img and OnePlus8ProOxygen_15.E.23_OTA_023_all_2008300442_568e6/payload_dumper/output/xbl.img differ

后续

在后/system分区发现系统装不可删的APP，网上说提权后可删，因为Android11用Magisk21.1卡死了暂时没有继续尝试

查看img文件，其实就是ext格式文件，在使用mount system.img system失败，好像还有一些格式问题，看有些说要用simg2img转一下，或者是么改完用extfstools重新打回img

https://github.com/anestisb/android-simg2img

https://github.com/nlitsme/extfstools

$ file boot.img
boot.img: Android bootimg, kernel (0x8000), ramdisk (0x1000000), page size: 4096, cmdline (androidboot.hardware=qcom androidboot.console=ttyMSM0 androidboot.memcg=1 lpm_levels.sleep_disa)
$ file system.img
system.img: Linux rev 1.0 ext2 filesystem data, UUID=4a50462e-52cf-5fab-87a1-49824cdf6b4f (extents) (large files) (huge files)

对于其他，好像说华为分区方法不同，刷法也有不同，还有现在Android的boot分区有用slot a及slot b可以用fastboot flash boot_a boot.img或flashboot flash boot boot.img --slot all指定分区或者全刷
还有好些可以玩的，对于各img文件解释分析，对system.img的修改，各种第三方ROM和使用不同的Kernel，先做得笔记# TODO:一下，之后的未完待续

缺陷

Android11+Magisk20有严重卡顿无法正常使用

参考资料

https://forum.xda-developers.com/showthread.php?t=2277112

https://forum.xda-developers.com/oneplus-8-pro

https://forum.xda-developers.com/oneplus-8-pro/how-to/guide-how-to-root-oneplus-8-pro-twrp-t4083981

https://magiskmanager.com/

https://topjohnwu.github.io/Magisk/install.html

https://topjohnwu.github.io/Magisk/install.html#magisk-in-recovery

https://source.android.com/setup/build/running

目标周更Blog的第一篇...不过写好了发布脚本了,为周更的懒又...溜了溜了

TODO:

OP8P system rollback to android 10 O2 OS
install magisk to root
install adblock
modify system partition to install H2 applications

title: "Reinstall Manjaro From Archlinux FAQ And Think" description: "" tags:

faq
archlinux
manjaro
systemd

REF: https://github.com/chg1f/dots

Linux Distro, Manjaro And Archlinux ...

REF: https://distrowatch.com/

About Manjaro And Archlinux
About Archlinux And Gentoo
About Debian, CentOS/RTHL, Archlinux, Gentoo And LFS

Sysinid, Systemd And OpenRC ...

About Systemd And OpenRC

Disk Encrypted And Partition

ESP, Boot, Root, Home And Others
Encrypted Boot with GRUB

Systemd Service

Systemd User Unit No User And Group

service: Failed to determine supplementary groups: Operation not permitted
service: Failed at step GROUP spawning : Operation not permitted

-. Systemd Enable Service And Unit WantedBy

Fonts

Mono Font
Emoji Font Unable Calculate

-. URxvt Font Unable to calculate

urxvt: unable to calculate font width for 'Twitter Color Emoji:slant=0:weight=100:pixelsize=40:minspace=True', ignoring.

Browen, Firefox & Chrome & Chromium
WM, DM ...
Bashrc Profile XProfile
Keyboard
AWK Using
i3 Like Mac Copy&Paste

xdotool

ACPI Battery Status With i3Bar Via i3Status&Conky
Tmux StatusBar And i3Bar
Manjaro And Archlinux
NAS via SFTP
SSH Configure

... TODO:

title: "Fastboot Fake Plaseholder" # Title of the blog post. date: 2020-12-28T16:17:35+08:00 # Date of post creation.

description: "Article description." # Description used for search engine.

featured: true # Sets if post is a featured post, making appear on the home page side bar.

featureImage: "/images/path/file.jpg" # Sets featured image on blog post.

thumbnail: "/images/path/thumbnail.png" # Sets thumbnail image appearing inside card on homepage.

codeMaxLines: 10 # Override global value for how many lines within a code block before auto-collapsing.

codeLineNumbers: false # Override global value for showing of line numbers within code block.

figurePositionShow: true # Override global value for showing the figure label.

comment: false # Disable comment if false.

toc: true # Controls if a table of contents should be generated for first-level links automatically. categories:

bug tags:

Insert Lead paragraph here.

note tags:
linux
tmux
CLI

Insert Lead paragraph here.

Tmux笔记

配置文件

我的Tmux配置

操作

Default Commands

attach-session (attach) [-dErx] [-c working-directory] [-t target-session]
bind-key (bind) [-nr] [-T key-table] [-N note] key command [arguments]
break-pane (breakp) [-dP] [-F format] [-n window-name] [-s src-pane] [-t dst-window]
capture-pane (capturep) [-aCeJNpPq] [-b buffer-name] [-E end-line] [-S start-line] [-t target-pane]
choose-buffer [-NrZ] [-F format] [-f filter] [-O sort-order] [-t target-pane] [template]
choose-client [-NrZ] [-F format] [-f filter] [-O sort-order] [-t target-pane] [template]
choose-tree [-GNrswZ] [-F format] [-f filter] [-O sort-order] [-t target-pane] [template]
clear-history (clearhist) [-t target-pane]
clock-mode [-t target-pane]
command-prompt [-1kiN] [-I inputs] [-p prompts] [-t target-client] [template]
confirm-before (confirm) [-p prompt] [-t target-client] command
copy-mode [-eHMuq] [-t target-pane]
delete-buffer (deleteb) [-b buffer-name]
detach-client (detach) [-aP] [-E shell-command] [-s target-session] [-t target-client]
display-menu (menu) [-c target-client] [-t target-pane] [-T title] [-x position] [-y position] name key command ...
display-message (display) [-aIpv] [-c target-client] [-F format] [-t target-pane] [message]
display-panes (displayp) [-b] [-d duration] [-t target-client] [template]
find-window (findw) [-CNrTZ] [-t target-pane] match-string
has-session (has) [-t target-session]
if-shell (if) [-bF] [-t target-pane] shell-command command [command]
join-pane (joinp) [-bdfhv] [-l size] [-s src-pane] [-t dst-pane]
kill-pane (killp) [-a] [-t target-pane]
kill-server
kill-session [-aC] [-t target-session]
kill-window (killw) [-a] [-t target-window]
last-pane (lastp) [-deZ] [-t target-window]
last-window (last) [-t target-session]
link-window (linkw) [-dk] [-s src-window] [-t dst-window]
list-buffers (lsb) [-F format]
list-clients (lsc) [-F format] [-t target-session]
list-commands (lscm) [-F format] [command]
list-keys (lsk) [-1aN] [-P prefix-string] [-T key-table] [key]
list-panes (lsp) [-as] [-F format] [-t target-window]
list-sessions (ls) [-F format]
list-windows (lsw) [-a] [-F format] [-t target-session]
load-buffer (loadb) [-b buffer-name] path
lock-client (lockc) [-t target-client]
lock-server (lock)
lock-session (locks) [-t target-session]
move-pane (movep) [-bdhv] [-p percentage|-l size] [-s src-pane] [-t dst-pane]
move-window (movew) [-dkr] [-s src-window] [-t dst-window]
new-session (new) [-AdDEPX] [-c start-directory] [-F format] [-n window-name] [-s session-name] [-t target-session] [-x width] [-y height] [command]
new-window (neww) [-adkP] [-c start-directory] [-e environment] [-F format] [-n window-name] [-t target-window] [command]
next-layout (nextl) [-t target-window]
next-window (next) [-a] [-t target-session]
paste-buffer (pasteb) [-dpr] [-s separator] [-b buffer-name] [-t target-pane]
pipe-pane (pipep) [-IOo] [-t target-pane] [command]
previous-layout (prevl) [-t target-window]
previous-window (prev) [-a] [-t target-session]
refresh-client (refresh) [-cDlLRSU] [-C XxY] [-F flags] [-t target-client] [adjustment]
rename-session (rename) [-t target-session] new-name
rename-window (renamew) [-t target-window] new-name
resize-pane (resizep) [-DLMRUZ] [-x width] [-y height] [-t target-pane] [adjustment]
resize-window (resizew) [-aADLRU] [-x width] [-y height] [-t target-window] [adjustment]
respawn-pane (respawnp) [-k] [-c start-directory] [-e environment] [-t target-pane] [command]
respawn-window (respawnw) [-k] [-c start-directory] [-e environment] [-t target-window] [command]
rotate-window (rotatew) [-DUZ] [-t target-window]
run-shell (run) [-b] [-t target-pane] shell-command
save-buffer (saveb) [-a] [-b buffer-name] path
select-layout (selectl) [-Enop] [-t target-pane] [layout-name]
select-pane (selectp) [-DdeLlMmRUZ] [-T title] [-t target-pane]
select-window (selectw) [-lnpT] [-t target-window]
send-keys (send) [-FHlMRX] [-N repeat-count] [-t target-pane] key ...
send-prefix [-2] [-t target-pane]
set-buffer (setb) [-a] [-b buffer-name] [-n new-buffer-name] data
set-environment (setenv) [-gru] [-t target-session] name [value]
set-hook [-agRu] [-t target-session] hook [command]
set-option (set) [-aFgopqsuw] [-t target-pane] option [value]
set-window-option (setw) [-aFgoqu] [-t target-window] option [value]
show-buffer (showb) [-b buffer-name]
show-environment (showenv) [-gs] [-t target-session] [name]
show-hooks [-g] [-t target-session]
show-messages (showmsgs) [-JT] [-t target-client]
show-options (show) [-AgHpqsvw] [-t target-pane] [option]
show-window-options (showw) [-gv] [-t target-window] [option]
source-file (source) [-nqv] path ...
split-window (splitw) [-bdefhIPv] [-c start-directory] [-e environment] [-F format] [-l size] [-t target-pane] [command]
start-server (start)
suspend-client (suspendc) [-t target-client]
swap-pane (swapp) [-dDUZ] [-s src-pane] [-t dst-pane]
swap-window (swapw) [-d] [-s src-window] [-t dst-window]
switch-client (switchc) [-ElnprZ] [-c target-client] [-t target-session] [-T key-table]
unbind-key (unbind) [-an] [-T key-table] key
unlink-window (unlinkw) [-k] [-t target-window]
wait-for (wait) [-L|-S|-U] channel

title: "docker-compose网络配置" date: 2020-07-29 categories:

note tags:
docker-compose
dokcer