Mosebetsi ona o sa reng letho o ile oa hlaha ka Labohlano thapama 'me o ne o lokela ho nka metsotso e 2-3. Ka kakaretso, joalo ka kamehla.
Mosebetsi-'moho o ile a nkōpa hore ke lokise script ho seva sa hae. Ke ile ka e etsa, ka mo fa eona eaba ke oela fatše ke sa ikemisetsa: “Nako e potlakile ka metsotso e 5.” Lumella seva hore e sebetsane le kamahanyo ka boeona. Ha feta halofo ea hora, hora, 'me a ntse a ikhohomosa a bile a rohaka a khutsitse.
“Sethoto! - Ke ile ka nahana, ke fetohela ho komporo ea seva - ho lokile, ke tla phomola metsotso e seng mekae. "
Ha re bone ntp, date, sdwdate ha ea kengoa linako e holofetseng ebile e sa sebetse.
# timedatectl
Local time: Sun 2019-08-25 20:44:39 +03
Universal time: Sun 2019-08-25 17:44:39 UTC
RTC time: Sun 2019-08-25 17:39:52
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Mona ke tla hlokomela hang-hang hore nako ea hardware e nepahetse: ho tla ba bonolo ho tsamaea ho ea pele.
Mona ke moo letoto la liphoso le qalileng.
Phoso ea pele. Boiketsi ba ho itshepa
Click-click...
# systemctl enable systemd-timesyncd.service && systemctl start systemd-timesyncd.service && ntpdate 0.ru.pool.ntp.org && timedatectl set-ntp on && timedatectl
25 Aug 21:00:10 ntpdate[28114]: adjust time server 195.210.189.106 offset -249.015251 sec
Local time: Sun 2019-08-25 21:00:10 +03
Universal time: Sun 2019-08-25 18:00:10 UTC
RTC time: Sun 2019-08-25 18:00:10
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Ntho e ngoe le e ngoe e lokile, nako e hokahantsoe, nako ea sistimi e ts'oana le ea hardware. “E nke,” ke ile ka rialo eaba ke khutlela khoebong ea ka.
“Nka eng? - mosebetsi-'moho o ne a halefile. “Ke nako e tšoanang!”
Ha u ntse u rarolla mathata a tloaelehileng, ke moo monahano oa hau o ntseng o panya 'me ha u sa nahana hore boemo ba lekholo kapa la sekete bo tla fapana, empa eseng lekhetlong lena.
# timedatectl
Local time: Sun 2019-08-25 21:09:15 +03
Universal time: Sun 2019-08-25 18:09:15 UTC
RTC time: Sun 2019-08-25 18:05:04
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Nako ea sistimi e fosahetse hape.
Ha re leke hape:
# ntpdate 0.ru.pool.ntp.org && timedatectl && sleep 1 && timedatectl
25 Aug 21:07:37 ntpdate[30350]: step time server 89.175.20.7 offset -249.220828 sec
Local time: Sun 2019-08-25 21:07:37 +03
Universal time: Sun 2019-08-25 18:07:37 UTC
RTC time: Sun 2019-08-25 18:07:37
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:11:46 +03
Universal time: Sun 2019-08-25 18:11:46 UTC
RTC time: Sun 2019-08-25 18:07:37
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Ha re e etseng ka tsela e fapaneng:
# date -s "2019-08-25 21:10:30" && date && sleep 1 && timedatectl
Sun Aug 25 21:10:30 +03 2019
Sun Aug 25 21:10:30 +03 2019
Local time: Sun 2019-08-25 21:14:36 +03
Universal time: Sun 2019-08-25 18:14:36 UTC
RTC time: Sun 2019-08-25 18:10:30
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Mme joalo ka sena:
# hwclock --hctosys && timedatectl && sleep 1 && timedatectl
Local time: Sun 2019-08-25 21:11:31 +03
Universal time: Sun 2019-08-25 18:11:31 UTC
RTC time: Sun 2019-08-25 18:11:31
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: yes
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:15:36 +03
Universal time: Sun 2019-08-25 18:15:36 UTC
RTC time: Sun 2019-08-25 18:11:32
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: yes
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Nako e behiloe bakeng sa motsotsoana o arohaneng, 'me hang-hang o qala ho "potlaka" hape.
Ka nako e ts'oanang, ho li-logs, nakong ea phetoho e joalo ea matsoho, re bona litlaleho tsa tsamaiso feela hore nako e fetohile, ka ho latellana, ka tsela e nepahetseng / e fosahetseng le ka linako tse ling. Ho lumellana hape ho tloha ho systemd-timesyncd.
Aug 25 21:18:51 wisi systemd[1]: Time has been changed
Aug 25 21:18:51 wisi systemd-timesyncd[29258]: System time changed. Resyncing.
Aug 25 21:18:51 wisi systemd[1187]: Time has been changed
Aug 25 21:18:51 wisi systemd[1]: Time has been changed
Aug 25 21:18:51 wisi systemd[1187]: Time has been changed
mona
# ps afx | grep "[1]187"
1187 ? Ss 0:02 /lib/systemd/systemd --user
Nakong ena, ho ne ho se ho ntse ho hlokahala ho batla lebaka, empa ka lilemo tse 18 tsa tsamaiso, boko bo bokelletse lipalo-palo ka liphoso tsa "nako" 'me, ka mokhoa o tloaelehileng, hape o beha molato oa ho lumellana.
Ha re e time ka botlalo.
# timedatectl set-ntp off && systemctl stop systemd-timesyncd.service
# hwclock --hctosys && timedatectl && sleep 1 && timedatectl
Local time: Sun 2019-08-25 21:25:40 +03
Universal time: Sun 2019-08-25 18:25:40 UTC
RTC time: Sun 2019-08-25 18:25:40
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
Local time: Sun 2019-08-25 21:29:31 +03
Universal time: Sun 2019-08-25 18:29:31 UTC
RTC time: Sun 2019-08-25 18:25:41
Time zone: Europe/Minsk (+03, +0300)
NTP enabled: no
NTP synchronized: no
RTC in local TZ: no
DST active: n/a
le ka har'a lifate
Aug 25 21:25:40 wisi systemd[1]: Time has been changed
Aug 25 21:25:40 wisi systemd[1187]: Time has been changed
Aug 25 21:29:30 wisi systemd[1]: Time has been changed
Aug 25 21:29:30 wisi systemd[1187]: Time has been changed
Ho lumellana hape e ile ea nyamela 'me ho seng joalo lifate li hloekile.
Ho hlahloba liphetho tcpdump boema-kepeng ba 123 lihokelong tsohle. Ha ho na likopo, empa nako e ntse e baleha.
Phoso ea bobeli. Potlako
Ho na le hora e setseng ho fihlela qetellong ea beke ea mosebetsi, 'me ha ke batle ho tsamaea mafelo-beke ka bothata bo sa rarolloang bo sa reng letho (u se ke ua ela hloko nako ea khoutu, sehlooho se ngotsoe matsatsing a latelang. ).
'Me mona hape, ho e-na le ho batla lebaka, ke ile ka qala ho leka ho hlahisa tlhaloso ea sephetho. Ke re "ho qapa" hobane ho sa tsotellehe hore na tlhaloso ea sephetho e ka ba e utloahalang hakae, ke mokhoa o fosahetseng oa ho rarolla bothata.
Seva ena ke seva ea ho phallela 'me e fetola molaetsa oa DVB-S2 ho IP. Molapo oa DVB-S o na le litempe tsa linako, kahoo ba amohelang, li-multiplexer, li-scrambler le lithelevishene hangata li li sebelisa ho hokahanya oache ea sistimi. Bakhanni ba boto ea DVB-S ba hahiloe ka har'a kernel, kahoo tsela e potlakileng ea ho netefatsa hore molapo oa DVB-S2 o tlosoa ke ho khaola likhoele tse tsoang "lipoleiti". Ka lehlohonolo, seva se ka morao ho lebota, ho be joalo.
Ha e le hantle, haeba lifate li ne li e-na le se lokelang ho ba teng, sena se ka be se sa etsahala, empa ho feta moo, hape, qetellong ea sehlooho.
Joale, kaha re se re tlositse matšoao ohle a sathelaete, re tla boela re tlose tsa lefatše - ka nako e ts'oanang re hula likhoele tsohle tsa marang-rang. Seva e khaoha ho tsoa lefats'eng le kantle mme e sebetsa ka mokhoa o ikemetseng, empa oache ea sistimi e ntse e potlakile.
Beke ea mosebetsi e felile, 'me taba ea letsatsi / nako ka boeona ha e bohlokoa, kahoo u ka khutlela hae, empa mona ke etsa phoso e ncha.
Phoso ea boraro. Baeletsi
Le ka mohla! Le ka mohla u se ke ua botsa lipotso ka liforamu le libaka tse khethehileng (a la stackoverflow) haeba karabo ea eona e hloka ho fetang ho ithuta leqephe la pele la Google le ho bala leqephe la motho a le mong.
Ba tla u khutlisetsa ho Google, ba bale monna a le mong 'me ba hlalose ka mokhoa o tloaelehileng melao ea seboka / sebaka, empa ba ke ke ba u fa karabo.
Mona ke lintlha tse ling tsa sepheo:
- ha ho motho ntle le uena ea ka tsebang bothata hape;
- ha ho motho ea ka etsang liteko tlas'a maemo a tšoanang le a hau
le subjective:
- u ka 'na ua se ke ua fana ka maikutlo ohle bakeng sa ho rarolla bothata, hobane u se u tlile ka tataiso e "nepahetseng"' me u fana ka moelelo oa taba e tsepamisitseng maikutlo ho eona;
- foromane (mookameli, motho wa kgale, admin) o nepile kamehla, ha foromane a fositse ... hantle, o ya tseba...
Haeba, ha u araba litlhaloso, u ne u lula ka har'a meeli ea mantsoe a hlahlobiloeng, joale u na le methapo e matla.
u etsa qeto ea
Ha ho hlokahale ho arola mesebetsi ka bonolo le e rarahaneng.
Re khaotsa ho itšetleha ka phihlelo ea rona, lipalo-palo, baeletsi 'me re qala ho se "hlalosa" sephetho sa qetello, empa ho lula re batla lebaka.
Kaha ho na le motho ea behang nako, mohala o tsamaisanang le sistimi o tlameha ho etsahala.
Joalo ka litokomaneng tsa software litokomane tse ntle ke mehloli, ka hona tsamaisong ea sistimi mothusi ea molemo ka ho fetisisa ke tlhahlobo, molemong oa rona. auditd.
Motsotswana wa pelaeloKe ile ka feta mana, empa ke ne ke sa tiisehe ka ho feletseng hore nako ea Linux e ka behoa feela clock_settime и settimeofday, kahoo bakeng sa teko ea pele ke khethile mehala eohle e "loketseng":
# man syscalls | col | grep -F '(2)' | grep -vE '(:|;)' | grep -E '(time|date|clock)' | sed "s/(2).*//" | xargs -I SYSCALL echo "-S SYSCALL " | xargs echo
-S adjtimex -S clock_adjtime -S clock_getres -S clock_gettime -S clock_nanosleep -S clock_settime -S futimesat -S getitimer -S gettimeofday -S mq_timedreceive -S mq_timedsend -S rt_sigtimedwait -S s390_runtime_instr -S setitimer -S settimeofday -S stime -S time -S timer_create -S timer_delete -S timer_getoverrun -S timer_gettime -S timer_settime -S timerfd_create -S timerfd_gettime -S timerfd_settime -S times -S utime -S utimensat -S utimes
le ho lahla s390_runtime_instr, stime, timerfd_create, eo auditctl ha baa ka ba e hlokomela, qalong ba ile ba thakhola tlhahlobo ka mokhoa o latelang:
auditctl -a exit,always -S adjtimex -S clock_adjtime -S clock_getres -S clock_nanosleep -S clock_settime -S futimesat -S getitimer -S gettimeofday -S mq_timedreceive -S mq_timedsend -S rt_sigtimedwait -S semtimedop -S setitimer -S settimeofday -S time -S timer_create -S timer_delete -S timer_getoverrun -S timer_gettime -S timer_settime -S timerfd_gettime -S timerfd_settime -S times -S utime -S utimensat -S utimesKa mor'a ho etsa bonnete ba hore ha ho na li-logs tse ling libakeng tsa log tseo ke li thahasellang syscalls Ntle le tsena tse peli, ke ile ka li sebelisa feela ho feta.
Ho etsa tlhahlobo ea mohala oa sistimi clock_settime и settimeofday ebe o leka ho fetola letsatsi:
# auditctl -a exit,always -S clock_settime -S settimeofday && date -s "2019-08-22 12:10:00" && sleep 5 && auditctl -D
Ho lieha ha metsotsoana e mehlano ho eketsoa e le hore "parasite" ea rona e tiisetsoe ho lokisa nako.
Ha re shebe tlaleho:
# aureport -s -i
Syscall Report
=======================================
# date time syscall pid comm auid event
=======================================
Warning - freq is non-zero and incremental flushing not selected.
1. 08/22/2019 12:10:00 settimeofday 3088 chkcache_proces root 479630
2. 08/26/2019 09:37:06 clock_settime 1538 date root 479629
Mona re bona tsa rona letsatsi le tseo re sa di tsebeng chkcache_mekhoa. E qetelletse tlalehong e kaholimo hobane aureport e hlophisitse tlhahiso ka letsatsi ha e fetolela ho tsoa ho binary, mme ketsahalo e etsahetse ka nako eo re e behileng. letsatsi -s "2019-08-22 12:10:00".
O tswetswe ke mang?
# ausearch -sc settimeofday --comm "chkcache_proces"
----
time->Thu Aug 22 12:10:00 2019
type=PROCTITLE msg=audit(1566465000.000:479630): proctitle="/usr/local/bin/oscam"
type=SYSCALL msg=audit(1566465000.000:479630): arch=c000003e syscall=164 success=yes exit=0 a0=7fde0dfc6e60 a1=0 a2=136cf a3=713ba56 items=0 ppid=3081 pid=3088 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts20 ses=68149 comm="chkcache_proces" exe="/usr/local/bin/oscam" key=(null)
/usr/local/bin/oscam - likokoana-hloko tsa rona li fumanoe. Ho sa tsotellehe boitšoaro ba eona bo "lonya", ho ke ke ha khoneha ho hana mokhoa oa ho fumana maemo, empa ke ntse ke rata ho tseba oscam, WTF?
Karabo e fumaneha kapele ho :
#if defined(CLOCKFIX)
if (tv.tv_sec > lasttime.tv_sec || (tv.tv_sec == lasttime.tv_sec && tv.tv_usec >= lasttime.tv_usec)) // check for time issues!
{
lasttime = tv; // register this valid time
}
else
{
tv = lasttime;
settimeofday(&tv, NULL); // set time back to last known valid time
//fprintf(stderr, "*** WARNING: BAD TIME AFFECTING WHOLE OSCAM ECM HANDLING, SYSTEMTIME SET TO LAST KNOWN VALID TIME **** n");
}
E shebahala e le ntle hakakang mona a fana ka maikutlo mola temoso...
Source: www.habr.com