KALI安装备份

此篇不是教程,只是个人备份,注意切换到root环境运行

花屏解决

xfconf-query -c xfwm4 -p /general/vblank_mode -t string -s "xpresent" --create

• 个人碰到问题的解决办法

开启蓝牙

service bluetooth start
update-rc.d bluetooth enable

更改默认dir名

vim ~/.config/user-dirs.dirs

XDG_DESKTOP_DIR="$HOME/Desktop"
XDG_DOWNLOAD_DIR="$HOME/Downloads"
XDG_TEMPLATES_DIR="$HOME/Templates"
XDG_PUBLICSHARE_DIR="$HOME/Public"
XDG_DOCUMENTS_DIR="$HOME/Documents"
XDG_MUSIC_DIR="$HOME/Music"
XDG_PICTURES_DIR="$HOME/Pictures"
XDG_VIDEOS_DIR="$HOME/Videos"

cd ~
mv 公共 Public
mv 模板 Templates
mv 视频 Videos
mv 图片 Pictures
mv 文档 Documents
mv 下载 Downloads
mv 音乐 Music
mv 桌面 Desktop

更改默认python为3

update-alternatives --install /usr/bin/python python /usr/bin/python2 100

update-alternatives --install /usr/bin/python python /usr/bin/python3 150

或者
apt install python-is-python3

更改默认源

vim /etc/apt/sources.list

deb https://mirrors.huaweicloud.com/kali kali-rolling main non-free contrib
deb https://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
deb https://http.kali.org/kali kali-rolling main non-free contrib
 


#deb-src https://mirrors.huaweicloud.com/kali kali-rolling main non-free contrib 
#deb-src https://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
#deb-src https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib

安装apt-fast加速更新源

vim /etc/apt/sources.list.d/apt-fast.list

deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/apt-fast.gpg] http://ppa.launchpad.net/apt-fast/stable/ubuntu bionic main 
#deb-src [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/apt-fast.gpg] http://ppa.launchpad.net/apt-fast/stable/ubuntu bionic main

添加签名

apt install -y gnupg2
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys A2166B8DE8BDC3367D1901C11EE2FF37CA8DA16B
apt-key export CA8DA16B|sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/apt-fast.gpg
mv /etc/apt/trusted.gpg.d/apt-fast.gpg~ /etc/apt/trusted.gpg.d/apt-fast.gpg
ls /etc/apt/trusted.gpg.d/
# 如果后缀有问题就重命名
apt-key del CA8DA16B
apt update
apt install apt-fast

依次选择 apt — 16 — 是

修改apt-fast设置

vim /etc/apt-fast.conf
#添加以下配置

MIRRORS=( 'https://mirrors.huaweicloud.com/kali,https://mirrors.ustc.edu.cn/kali,https://mirrors.aliyun.com/kali,https://mirrors.tuna.tsinghua.edu.cn/kali,https://http.kali.org/kali' )

更改apt-fast为af

sudo vim ~/.zshrc
#添加如下
alias af='sudo apt-fast'
#更新.zshrc文件
source .zshrc

更新系统

af update
af upgrade

安装python3-pip

af install python3-pip
sudo mkdir ~/.pip
sudo vim ~/.pip/pip.conf
#添加如下内容
[global]
index-url = https://mirrors.huaweicloud.com/repository/pypi/simple
trusted-host = mirrors.huaweicloud.com
timeout = 120

root账户自动登录

vim /etc/lightdm/lightdm.conf

autologin-user=root
autologin-user-timeout=0


vim /etc/pam.d/lightdm-autologin

注释下面这段
auth required pam_succeed_if.so user != root quiet_success

开启ssh root账户密钥登录

// 修改ssh配置
vim /etc/ssh/sshd_config

PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes

// 添加公钥 id_rsa.pub 自备
mkdir ~/.ssh
cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
chmod 700 ~/.ssh
// 设置开机自启
/etc/init.d/ssh start
update-rc.d ssh enable

配置欢迎信息

目前显示的信息
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Oct  9 17:04:06 2022 from 10.0.0.1
┏━(Message from Kali developers)
┃
┃ This is a minimal installation of Kali Linux, you likely
┃ want to install supplementary tools. Learn how:
┃ ⇒ https://www.kali.org/docs/troubleshooting/common-minimum-setup/
┃
┗━(Run: “touch ~/.hushlogin” to hide this message)

❯ cat /etc/issue
Kali GNU/Linux Rolling \n \l

删除issue里的信息
无变化,是因为我是远程登录的
/etc/issue 本地登陆显示的信息，本地登录前

❯ cat /etc/issue.net
Kali GNU/Linux Rolling
网络登陆显示的信息，登录后显示，需要由sshd配置

❯ cat /etc/motd

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

ls /etc/profile.d/
查看这里的文件
❯ ls /etc/profile.d/
kali.sh  sysinfo.sh

发现还有信息
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64
Last login: Sun Oct  9 17:32:27 2022 from 10.0.0.1


接着查找
grep -nr "Linux kali 5.18.0-kali7-amd64" /

发现 此文件
/run/motd.dynamic
❯ cat /run/motd.dynamic
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

发现删除后会重新生成
于是尝试查找
❯ find / -name "*motd*"
/usr/lib/python3/dist-packages/samba/__pycache__/vgp_motd_ext.cpython-310.pyc
/usr/lib/python3/dist-packages/samba/vgp_motd_ext.py
/usr/lib/x86_64-linux-gnu/security/pam_motd.so
/usr/share/man/man8/pam_motd.8.gz
/usr/share/man/man5/motd.5.gz
/usr/share/base-files/motd
/run/motd.dynamic
/etc/motd
/etc/update-motd.d

发现可以文件夹/etc/update-motd.d

❯ cat /etc/update-motd.d/10-uname
#!/bin/sh
uname -snrvm


❯ uname -snrvm
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

确认就是此文件

关闭last login信息
vim /etc/ssh/sshd_config

去掉注释
改为
PrintLastLog no
重启ssh服务,这时就不会显示任何信息

配置显示系统信息

在/etc/profile.d/目录下新建sysinfo.sh文件

#!/bin/bash

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export LANG=zh_CN.UTF-8

THIS_SCRIPT="sysinfo"
MOTD_DISABLE=""

SHOW_IP_PATTERN="^[ewr].*|^br.*|^lt.*|^umts.*"

DATA_STORAGE=/userdisk/data
MEDIA_STORAGE=/userdisk/snail


# don't edit below here
function display()
{
        # $1=name $2=value $3=red_limit $4=minimal_show_limit $5=unit $6=after $7=acs/desc{
        # battery red color is opposite, lower number
        if [[ "$1" == "Battery" ]]; then
                local great="<";
        else
                local great=">";
        fi
        if [[ -n "$2" && "$2" > "0" && (( "${2%.*}" -ge "$4" )) ]]; then
                printf "%-14s%s" "$1:"
                if awk "BEGIN{exit ! ($2 $great $3)}"; then
                        echo -ne "\e[0;91m $2";
                else
                        echo -ne "\e[0;92m $2";
                fi
                printf "%-1s%s\x1B[0m" "$5"
                printf "%-11s%s\t" "$6"
                return 1
        fi
} # display


function get_ip_addresses()
{
        local ips=()
        for f in /sys/class/net/*; do
                local intf=$(basename $f)
                # match only interface names starting with e (Ethernet), br (bridge), w (wireless), r (some Ralink drivers use ra<number> format)
                if [[ $intf =~ $SHOW_IP_PATTERN ]]; then
                        local tmp=$(ip -4 addr show dev $intf | awk '/inet/ {print $2}' | cut -d'/' -f1)
                        # add both name and IP - can be informative but becomes ugly with long persistent/predictable device names
                        #[[ -n $tmp ]] && ips+=("$intf: $tmp")
                        # add IP only
                        [[ -n $tmp ]] && ips+=("$tmp")
                fi
        done
        echo "${ips[@]}"
} # get_ip_addresses


function storage_info()
{
        # storage info
        RootInfo=$(df -h /)
        root_usage=$(awk '/\// {print $(NF-1)}' <<<${RootInfo} | sed 's/%//g')
        root_total=$(awk '/\// {print $(NF-4)}' <<<${RootInfo})
} # storage_info


# query various systems and send some stuff to the background for overall faster execution.
# Works only with ambienttemp and batteryinfo since A20 is slow enough :)
storage_info
critical_load=$(( 1 + $(grep -c processor /proc/cpuinfo) / 2 ))

# get uptime, logged in users and load in one take
UptimeString=$(uptime | tr -d ',')
time=$(awk -F" " '{print $3" "$4}' <<<"${UptimeString}")
load="$(awk -F"average: " '{print $2}'<<<"${UptimeString}")"
case ${time} in
        1:*) # 1-2 hours
                time=$(awk -F" " '{print $3" 小时"}' <<<"${UptimeString}")
                ;;
        *:*) # 2-24 hours
                time=$(awk -F" " '{print $3" 小时"}' <<<"${UptimeString}")
                ;;
        *day) # days
                days=$(awk -F" " '{print $3"天"}' <<<"${UptimeString}")
                time=$(awk -F" " '{print $5}' <<<"${UptimeString}")
                time="$days "$(awk -F":" '{print $1"小时 "$2"分钟"}' <<<"${time}")
                ;;
esac


# memory and swap
mem_info=$(LC_ALL=C free -w 2>/dev/null | grep "^Mem" || LC_ALL=C free | grep "^Mem")
memory_usage=$(awk '{printf("%.0f",(($2-($4+$6))/$2) * 100)}' <<<${mem_info})
memory_total=$(awk '{printf("%d",$2/1024)}' <<<${mem_info})
swap_info=$(LC_ALL=C free -m | grep "^Swap")
swap_usage=$( (awk '/Swap/ { printf("%3.0f", $3/$2*100) }' <<<${swap_info} 2>/dev/null || echo 0) | tr -c -d '[:digit:]')
swap_total=$(awk '{print $(2)}' <<<${swap_info})

c=0
while [ ! -n "$(get_ip_addresses)" ];do
[ $c -eq 3 ] && break || let c++
sleep 1
done
ip_address="$(get_ip_addresses)"

# display info
display "系统负载" "${load%% *}" "${critical_load}" "0" "" "${load#* }"
printf "运行时间:  \x1B[92m%s\x1B[0m\t\t" "$time"
echo "" # fixed newline


display "内存已用" "$memory_usage" "70" "0" " %" " of ${memory_total}MB"
display "交换内存" "$swap_usage" "10" "0" " %" " of $swap_total""Mb"
printf "IP  地址:  \x1B[92m%s\x1B[0m" "$ip_address"
echo "" # fixed newline

display "系统存储" "$root_usage" "90" "1" "%" " of $root_total"
printf "CPU 信息:  \x1B[92m%s\x1B[0m\t" "$(echo `cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c`)"
echo ""
echo ""

安装docker-ce

af install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian buster stable"
af update
af install -y docker-ce
service docker start
update-rc.d docker enable



// 设置镜像加速
vim /etc/docker/daemon.json

{
	"registry-mirrors":[
		"https://docker.mirrors.ustc.edu.cn/",
		"https://hub-mirror.c.163.com/"
	]
}
// 重启docker服务
systemctl daemon-reload
systemctl restart docker

搭建vulfocus靶场

docker pull vulfocus/vulfocus:latest
docker run -d -p 80:80 -v /var/run/docker.sock:/var/run/docker.sock  -e VUL_IP=scp.com --restart always vulfocus/vulfocus

vul_ip  为靶场网址(这里scp.com 是ge'rf'ue'vi [ge'ren'she'zhi]本地hosts  方便访问)

开机自动进入cli

systemctl set-default multi-user.target

禁用读文件时访问时间戳的写操作

#为除swap之外的每个分区增加noatime选项
sudo vim /etc/fstab
noatime,errors=remount-ro
#重启生效

使用TRIM定期清理硬盘(ssd)

查看是否支持

sudo hdparm -I /dev/sda | grep TRIM
#有返回则支持
sudo systemctl status fstrim

手动执行

sudo fstrim -V /
#多块可选择硬盘挂载目录

每天清理(默认每周) —SSD

sudo mkdir -V /etc/systemd/system/fstrim.timer.d
sudo touch /etc/systemd/system/fstrim.timer.d/override.conf
sudo vim admin:///etc/systemd/system/fstrim.timer.d/override.conf
	[Timer]
	OnCalendar=
	OnCalendar=daily

提高性能,安全补丁

#intel
sudo apt install intel-microcode
#amd
sudo apt install amd64-microcode

交换分区/文件

• Swappiness 内核参数(0-100)
• 决定RAM写入SWAP的百分比
• 减少使用SWAP可以提高性能

cat /proc/sys/vm/swappiness #默认60
sudo sysctl -w vm.swappiness=1  #设置为1    1-10 都行

限制firefox磁盘读写

• 将firefox网络缓存放入RAM可提高运行速度

  -------内存不足2GB不建议使用

地址栏输入about:config

搜索: brower.cache.disk.enable #更改为false 双击

搜索: brower.cache.memory.enable #true

搜索 browser.cache.memory.capacity 数值更改为204800

禁用firefox无必要的网络活动

地址栏输入about:config

搜索: network.captive-portal-service.enabled #更改为false

禁用休眠/碎片整理

禁用休眠

• 磁盘挂旗会导致大量的写操作
• 对SSD尤其不利

不要碎片整理

• 碎片整理会导致大量的写操作,短时间内毁坏SSD

优化启动项

删除不需要的启动项

显示隐藏启动项

sudo sed -i 's/NoDisplay=true/NoDisplay=false/g' /etc/xdg/autostart/*.desktop

系统清理

stacer

af install stacer

bleachbit

af install bleachbit

优化笔记本电池寿命

手动优化非常复杂

#推荐软件
af install tlp tlp-rdw
sudo tlp start
sudo tlp-stat

我用服务器演示

┌──(root💀kali)-[~]
└─# af install tlp tlp-rdw


61b4c3|OK  |   1.9MiB/s|/var/cache/apt/apt-fast/tlp_1.3.1-2_all.deb

状态标识：
(OK)：下载已完成。
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成
建议安装：
  tp-smapi-dkms acpi-call-dkms linux-cpupower
下列【新】软件包将被安装：
  tlp tlp-rdw
升级了 0 个软件包，新安装了 2 个软件包，要卸载 0 个软件包，有 4 个软件包未被升级。
需要下载 0 B/87.4 kB 的归档。
解压缩后会消耗 403 kB 的额外空间。
正在选中未选择的软件包 tlp。
(正在读取数据库 ... 系统当前共安装有 467060 个文件和目录。)
准备解压 .../archives/tlp_1.3.1-2_all.deb  ...
正在解压 tlp (1.3.1-2) ...
正在选中未选择的软件包 tlp-rdw。
准备解压 .../tlp-rdw_1.3.1-2_all.deb  ...
正在解压 tlp-rdw (1.3.1-2) ...
正在设置 tlp (1.3.1-2) ...
update-rc.d: We have no instructions for the tlp init script.
update-rc.d: It looks like a non-network service, we enable it.
正在设置 tlp-rdw (1.3.1-2) ...
正在处理用于 man-db (2.9.4-2) 的触发器 ...
正在处理用于 kali-menu (2021.2.0) 的触发器 ...

┌──(root💀kali)-[~]
└─# sudo tlp start
TLP started in AC mode (auto).

┌──(root💀kali)-[~]
└─# sudo tlp-stat
--- TLP 1.3.1 --------------------------------------------

+++ Configured Settings:
defaults.conf L0004: TLP_ENABLE="1"
defaults.conf L0005: TLP_PERSISTENT_DEFAULT="0"
defaults.conf L0006: DISK_IDLE_SECS_ON_AC="0"
defaults.conf L0007: DISK_IDLE_SECS_ON_BAT="2"
defaults.conf L0008: MAX_LOST_WORK_SECS_ON_AC="15"
defaults.conf L0009: MAX_LOST_WORK_SECS_ON_BAT="60"
defaults.conf L0010: CPU_ENERGY_PERF_POLICY_ON_AC="balance_performance"
defaults.conf L0011: CPU_ENERGY_PERF_POLICY_ON_BAT="balance_power"
defaults.conf L0012: SCHED_POWERSAVE_ON_AC="0"
defaults.conf L0013: SCHED_POWERSAVE_ON_BAT="1"
defaults.conf L0014: NMI_WATCHDOG="0"
defaults.conf L0015: DISK_DEVICES="nvme0n1 sda"
defaults.conf L0016: DISK_APM_LEVEL_ON_AC="254 254"
defaults.conf L0017: DISK_APM_LEVEL_ON_BAT="128 128"
defaults.conf L0018: DISK_IOSCHED="keep keep"
defaults.conf L0019: SATA_LINKPWR_ON_AC="med_power_with_dipm max_performance"
defaults.conf L0020: SATA_LINKPWR_ON_BAT="med_power_with_dipm min_power"
defaults.conf L0021: AHCI_RUNTIME_PM_TIMEOUT="15"
defaults.conf L0022: PCIE_ASPM_ON_AC="default"
defaults.conf L0023: PCIE_ASPM_ON_BAT="default"
defaults.conf L0024: RADEON_POWER_PROFILE_ON_AC="default"
defaults.conf L0025: RADEON_POWER_PROFILE_ON_BAT="default"
defaults.conf L0026: RADEON_DPM_PERF_LEVEL_ON_AC="auto"
defaults.conf L0027: RADEON_DPM_PERF_LEVEL_ON_BAT="auto"
defaults.conf L0028: WIFI_PWR_ON_AC="off"
defaults.conf L0029: WIFI_PWR_ON_BAT="on"
defaults.conf L0030: WOL_DISABLE="Y"
defaults.conf L0031: SOUND_POWER_SAVE_ON_AC="0"
defaults.conf L0032: SOUND_POWER_SAVE_ON_BAT="1"
defaults.conf L0033: SOUND_POWER_SAVE_CONTROLLER="Y"
defaults.conf L0034: BAY_POWEROFF_ON_AC="0"
defaults.conf L0035: BAY_POWEROFF_ON_BAT="0"
defaults.conf L0036: BAY_DEVICE="sr0"
defaults.conf L0037: RUNTIME_PM_ON_AC="on"
defaults.conf L0038: RUNTIME_PM_ON_BAT="auto"
defaults.conf L0039: RUNTIME_PM_DRIVER_BLACKLIST="amdgpu mei_me nouveau nvidia pcieport radeon"
defaults.conf L0040: USB_AUTOSUSPEND="1"
defaults.conf L0041: USB_BLACKLIST_BTUSB="0"
defaults.conf L0042: USB_BLACKLIST_PHONE="0"
defaults.conf L0043: USB_BLACKLIST_PRINTER="1"
defaults.conf L0044: USB_BLACKLIST_WWAN="0"
defaults.conf L0045: USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN="0"
defaults.conf L0046: RESTORE_DEVICE_STATE_ON_STARTUP="0"
defaults.conf L0047: RESTORE_THRESHOLDS_ON_BAT="0"
defaults.conf L0048: NATACPI_ENABLE="1"
defaults.conf L0049: TPACPI_ENABLE="1"
defaults.conf L0050: TPSMAPI_ENABLE="1"

+++ System Info
System         = Tencent Cloud 3.0 CVM
BIOS           = seabios-1.9.1-qemu-project.org
Release        = Kali GNU/Linux Rolling
Kernel         = 5.10.0-kali5-amd64 #1 SMP Debian 5.10.24-1kali1 (2021-03-23) x86_64
/proc/cmdline  = BOOT_IMAGE=/boot/vmlinuz-5.10.0-kali5-amd64 root=UUID=c8ace5dc-4db8-438d-be1f-bfe23e0fba66 ro quiet splash
Init system    = systemd v247 (247.3-3)
Boot mode      = BIOS (CSM, Legacy)
SELinux status = disabled

+++ TLP Status
State          = enabled
RDW state      = enabled
Last run       = 14时57分20秒,      4 sec(s) ago
Mode           = AC
Power source   = unknown

Notice: tlp.service is not enabled -- invoke "systemctl enable tlp.service" to correct this!

+++ Processor
CPU model      = AMD EPYC 7K62 48-Core Processor

/sys/devices/system/cpu/cpufreq/boost                  = (not available)

Intel EPB: unsupported CPU.

/sys/module/workqueue/parameters/power_efficient       = N
/proc/sys/kernel/nmi_watchdog                          = 0

+++ Temperatures
Fan speed              = (not available)

+++ File System
/proc/sys/vm/laptop_mode               =     0
/proc/sys/vm/dirty_writeback_centisecs =  1500
/proc/sys/vm/dirty_expire_centisecs    =  1500
/proc/sys/vm/dirty_ratio               =    20
/proc/sys/vm/dirty_background_ratio    =    10

+++ Storage Devices
Devices = nvme0n1 sda

/dev/nvme0n1: not present.

/dev/sda: not present.

+++ AHCI Link Power Management (ALPM)
No AHCI-enabled host controller detected.

+++ AHCI Host Controller Runtime Power Management
/sys/bus/pci/devices/0000:00:01.1/ata1/power/control = on
/sys/bus/pci/devices/0000:00:01.1/ata2/power/control = on

+++ Wireless
bluetooth = none (no device)
wifi      = none (no device)
wwan      = none (no device)

+++ Audio

+++ PCIe Active State Power Management
/sys/module/pcie_aspm/parameters/policy = [default] performance powersave powersupersave (using BIOS preferences)

+++ Runtime Power Management
Device blacklist = (not configured)
Driver blacklist = amdgpu mei_me nouveau nvidia pcieport radeon

/sys/bus/pci/devices/0000:00:00.0/power/control = on   (0x060000, Host bridge, no driver)
/sys/bus/pci/devices/0000:00:01.0/power/control = on   (0x060100, ISA bridge, no driver)
/sys/bus/pci/devices/0000:00:01.1/power/control = on   (0x010180, IDE interface, ata_piix)
/sys/bus/pci/devices/0000:00:01.2/power/control = on   (0x0c0300, USB controller, uhci_hcd)
/sys/bus/pci/devices/0000:00:01.3/power/control = on   (0x068000, Bridge, piix4_smbus)
/sys/bus/pci/devices/0000:00:02.0/power/control = on   (0x030000, VGA compatible controller, cirrus)
/sys/bus/pci/devices/0000:00:03.0/power/control = on   (0x060400, PCI bridge, no driver)
/sys/bus/pci/devices/0000:00:04.0/power/control = on   (0x060400, PCI bridge, no driver)
/sys/bus/pci/devices/0000:00:05.0/power/control = on   (0x020000, Ethernet controller, virtio-pci)
/sys/bus/pci/devices/0000:00:06.0/power/control = on   (0x010000, SCSI storage controller, virtio-pci)
/sys/bus/pci/devices/0000:00:07.0/power/control = on   (0x00ff00, Unclassified device [00ff], virtio-pci)

+++ USB
Autosuspend         = enabled
Device whitelist    = (not configured)
Device blacklist    = (not configured)
Bluetooth blacklist = disabled
Phone blacklist     = disabled
WWAN blacklist      = disabled

Bus 001 Device 001 ID 1d6b:0001 control = auto, autosuspend_delay_ms =    0 -- Linux Foundation 1.1 root hub (hub)

+++ Battery Features: Charge Thresholds and Recalibrate
natacpi    = inactive (no kernel support)
tpacpi-bat = inactive (laptop not supported)
tp-smapi   = inactive (laptop not supported)

+++ Battery Status
No battery data available.

限制inode缓存

建议大于4g内存的计算机限制inode缓存

代价是某些系统项将在RAM内存中保留更长的时间

这将减少用于一般任务的可用RAM数量

gedit admin:///etc/sysctl.conf
#添加如下
vm.vfs_cache_pressure=50

/tmp 放到内存里

内存大于8g计算机

sudo cp -v /usr/share/systemd/tmp.mount /etc/systemd/system/
sudo systemctl enable tmp.mount && reboot

查看状态

systemctl status tmp.mount

取消使用/tmpfs

sudo rm -v /etc/systemd/system/tmp.mount

禁用无线芯片电源管理

以提高用电量为代价,提高速度和无线质量

gedit admin:///etc/NetworkManager/conf.d/default-wifi-powersave-on.conf
#修改
wifi.powersave = 2
#重启

partial reboot /部分重启

linux如果死机,可尝试partial reboot (ctrl + alt + back)

gedit admin:///etc/default/keyboard
#修改
XKBOPTIONS="terminate:ctrl_alt_bksp"
#重启

firejail沙箱

#安装
af install firejail
#使用
firejail firefox
#验证
firejail --tree

开启数据库

service postgresql start
msfdb init

anaconda 安装

wget https://mirrors.tuna.tsinghua.edu.cn/anaconda/archive/Anaconda3-2021.11-Linux-x86_64.sh
chmod +x Anaconda*
./Anaconda*

npm安装及picgo-core

apt -y install npm
#换源
npm config set registry  https://registry.npm.taobao.org
#验证
npm config get registry
#安装picgo
npm install -g picgo

安装smb

apt install samba
vim /etc/samba/smb.conf 

[root]
  comment = share
  path = /root
  available = yes
  browsable = yes
  writable = yes
  create mask = 0777
  directory mask = 0777
  valid users = root
  
/etc/init.d/smbd restart   

未完待续