Home > Article > Operation and Maintenance > How to repair problems with historical Linux images
How to repair problems with historical Linux images
- 坏嘻嘻forward
- 2018-09-30 14:01:532240browse
This article introduces how to repair problems with historical Linux images, and focuses on the specific steps. The content of this article is compact, and I hope you can gain something from it.
Problem fixing plan for historical Linux images
ECS cloud servers created with historical Linux images may have NTP not configured, YUM not configured, and may also have security vulnerabilities that have recently been exposed. Please follow the steps below to repair it to make your cloud server more secure. You can also use the YUM service provided by Alibaba Cloud to install the software, and you can use the free NTP provided by Alibaba Cloud for time synchronization.
1. Configure NTP
Does not distinguish between distribution versions. First back up /etc/ntp.conf, and then replace its content with the following:
# ntp.conf # # ntpd config for aliyun ecs. # # 6LAN+6LAN+3WAN # shijun.cao@alibaba-inc.com # 2014.8.11 # driftfile /var/lib/ntp/drift pidfile /var/run/ntpd.pid logfile /var/log/ntp.log # Access Control Support restrict default ignore restrict -6 default ignore restrict 127.0.0.1 restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap nopeer noquery restrict 172.16.0.0 mask 255.240.0.0 nomodify notrap nopeer noquery restrict 100.64.0.0 mask 255.192.0.0 nomodify notrap nopeer noquery restrict 10.0.0.0 mask 255.0.0.0 nomodify notrap nopeer noquery restrict ntp1.aliyun.com nomodify notrap nopeer noquery restrict ntp2.aliyun.com nomodify notrap nopeer noquery restrict ntp3.aliyun.com nomodify notrap nopeer noquery restrict ntp4.aliyun.com nomodify notrap nopeer noquery restrict ntp5.aliyun.com nomodify notrap nopeer noquery restrict ntp6.aliyun.com nomodify notrap nopeer noquery # local clock server 127.127.1.0 fudge 127.127.1.0 stratum 10 #public ntp server server ntp1.aliyun.com iburst minpoll 4 maxpoll 10 server ntp2.aliyun.com iburst minpoll 4 maxpoll 10 server ntp3.aliyun.com iburst minpoll 4 maxpoll 10 server ntp4.aliyun.com iburst minpoll 4 maxpoll 10 server ntp5.aliyun.com iburst minpoll 4 maxpoll 10 server ntp6.aliyun.com iburst minpoll 4 maxpoll 10 #Private ntp server server ntp1.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp2.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp3.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp4.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp5.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp6.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 #New private ntp server server ntp7.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp8.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp9.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp10.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp11.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10 server ntp12.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
2. Update the software source
0. First confirm the current Linux system release and version number of the image.
If there is lsb_release command, execute:
lsb_release -a
Otherwise, execute
cat /etc/issue
1. For CentOS, backup /etc/yum.repos.d/ CentOS-Base.repo and epel.repo files under the CentOS version, execute the following corresponding commands according to the CentOS version:
CentOS 5:
wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-5.repo CentOS 6: wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo CentOS 7: wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
After the repo file is downloaded, execute:
yum makecache
2. For Aliyun 5.7, back up /etc/yum.repos.d/CentOS-Base.repo, and then execute:
wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/aliyun-5.repo
After the repo file is downloaded , execute:
yum makecache
3. For Ubuntu, back up the /etc/apt/sources.list file. According to the distribution version, execute the command:
ubuntu12.04: wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1204-lts.list ubuntu14.04: wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1404-lts.list
and then execute:
apt-get update
4. For Debian, back up the /etc/apt/sources.list file. According to the distribution version, execute the command:
debian6: wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian6-lts.list debian7: wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian7-lts.list
and then execute:
apt-get update
3. Security vulnerability repair patch
mainly repairs currently known major security vulnerabilities. Software that needs to be upgraded includes: bash, glibc, openssl, wget, ntp.
Before executing the following command, you need to ensure that the current software source of the system has been set correctly.
1. For CentOS and Aliyun Linux, execute:
yum update bash glibc openssl wget ntp
2. For Ubuntu and Debian, execute:
apt-get install bash libc6 libc-bin openssl wget ntp
The above is the detailed content of How to repair problems with historical Linux images. For more information, please follow other related articles on the PHP Chinese website!