此篇不是教程,只是个人备份,注意切换到root环境运行

花屏解决

1
xfconf-query -c xfwm4 -p /general/vblank_mode -t string -s "xpresent" --create
  • 个人碰到问题的解决办法

开启蓝牙

1
2
service bluetooth start
update-rc.d bluetooth enable

更改默认dir名

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
vim ~/.config/user-dirs.dirs

XDG_DESKTOP_DIR="$HOME/Desktop"
XDG_DOWNLOAD_DIR="$HOME/Downloads"
XDG_TEMPLATES_DIR="$HOME/Templates"
XDG_PUBLICSHARE_DIR="$HOME/Public"
XDG_DOCUMENTS_DIR="$HOME/Documents"
XDG_MUSIC_DIR="$HOME/Music"
XDG_PICTURES_DIR="$HOME/Pictures"
XDG_VIDEOS_DIR="$HOME/Videos"

cd ~
mv 公共 Public
mv 模板 Templates
mv 视频 Videos
mv 图片 Pictures
mv 文档 Documents
mv 下载 Downloads
mv 音乐 Music
mv 桌面 Desktop

更改默认python为3

1
2
3
4
5
6
update-alternatives --install /usr/bin/python python /usr/bin/python2 100

update-alternatives --install /usr/bin/python python /usr/bin/python3 150

或者
apt install python-is-python3

更改默认源

1
vim /etc/apt/sources.list
1
2
3
4
5
6
7
8
9
10
11
12
13
deb https://mirrors.huaweicloud.com/kali kali-rolling main non-free contrib
deb https://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
deb https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
deb https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
deb https://http.kali.org/kali kali-rolling main non-free contrib



#deb-src https://mirrors.huaweicloud.com/kali kali-rolling main non-free contrib
#deb-src https://mirrors.ustc.edu.cn/kali kali-rolling main non-free contrib
#deb-src https://mirrors.aliyun.com/kali kali-rolling main non-free contrib
#deb-src https://mirrors.tuna.tsinghua.edu.cn/kali kali-rolling main contrib non-free
#deb-src http://http.kali.org/kali kali-rolling main non-free contrib

安装apt-fast加速更新源

1
vim /etc/apt/sources.list.d/apt-fast.list
1
2
deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/apt-fast.gpg] http://ppa.launchpad.net/apt-fast/stable/ubuntu bionic main 
#deb-src [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/apt-fast.gpg] http://ppa.launchpad.net/apt-fast/stable/ubuntu bionic main

添加签名

1
2
3
4
5
6
7
8
9
apt install -y gnupg2
apt-key adv --keyserver keyserver.ubuntu.com --recv-keys A2166B8DE8BDC3367D1901C11EE2FF37CA8DA16B
apt-key export CA8DA16B|sudo gpg --dearmour -o /etc/apt/trusted.gpg.d/apt-fast.gpg
mv /etc/apt/trusted.gpg.d/apt-fast.gpg~ /etc/apt/trusted.gpg.d/apt-fast.gpg
ls /etc/apt/trusted.gpg.d/
# 如果后缀有问题就重命名
apt-key del CA8DA16B
apt update
apt install apt-fast

依次选择 apt — 16 — 是

修改apt-fast设置

1
2
3
4
vim /etc/apt-fast.conf
#添加以下配置

MIRRORS=( 'https://mirrors.huaweicloud.com/kali,https://mirrors.ustc.edu.cn/kali,https://mirrors.aliyun.com/kali,https://mirrors.tuna.tsinghua.edu.cn/kali,https://http.kali.org/kali' )

更改apt-fast为af

1
2
3
4
5
sudo vim ~/.zshrc
#添加如下
alias af='sudo apt-fast'
#更新.zshrc文件
source .zshrc

更新系统

1
2
af update
af upgrade

安装python3-pip

1
2
3
4
5
6
7
8
af install python3-pip
sudo mkdir ~/.pip
sudo vim ~/.pip/pip.conf
#添加如下内容
[global]
index-url = https://mirrors.huaweicloud.com/repository/pypi/simple
trusted-host = mirrors.huaweicloud.com
timeout = 120

root账户自动登录

1
2
3
4
5
6
7
8
9
10
vim /etc/lightdm/lightdm.conf

autologin-user=root
autologin-user-timeout=0


vim /etc/pam.d/lightdm-autologin

注释下面这段
auth required pam_succeed_if.so user != root quiet_success

开启ssh root账户密钥登录

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
// 修改ssh配置
vim /etc/ssh/sshd_config

PermitRootLogin yes
RSAAuthentication yes
PubkeyAuthentication yes

// 添加公钥 id_rsa.pub 自备
mkdir ~/.ssh
cat id_rsa.pub >> authorized_keys
chmod 600 authorized_keys
chmod 700 ~/.ssh
// 设置开机自启
/etc/init.d/ssh start
update-rc.d ssh enable

配置欢迎信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
目前显示的信息
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Sun Oct 9 17:04:06 2022 from 10.0.0.1
┏━(Message from Kali developers)

┃ This is a minimal installation of Kali Linux, you likely
┃ want to install supplementary tools. Learn how:
┃ ⇒ https://www.kali.org/docs/troubleshooting/common-minimum-setup/

┗━(Run: “touch ~/.hushlogin” to hide this message)
1
2
3
4
5
6
cat /etc/issue
Kali GNU/Linux Rolling \n \l

删除issue里的信息
无变化,是因为我是远程登录的
/etc/issue 本地登陆显示的信息,本地登录前
1
2
3
cat /etc/issue.net
Kali GNU/Linux Rolling
网络登陆显示的信息,登录后显示,需要由sshd配置
1
2
3
4
5
6
7
8
cat /etc/motd

The programs included with the Kali GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Kali GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
1
2
3
4
ls /etc/profile.d/
查看这里的文件
ls /etc/profile.d/
kali.sh sysinfo.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
发现还有信息
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64
Last login: Sun Oct 9 17:32:27 2022 from 10.0.0.1


接着查找
grep -nr "Linux kali 5.18.0-kali7-amd64" /

发现 此文件
/run/motd.dynamic
cat /run/motd.dynamic
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

发现删除后会重新生成
于是尝试查找
❯ find / -name "*motd*"
/usr/lib/python3/dist-packages/samba/__pycache__/vgp_motd_ext.cpython-310.pyc
/usr/lib/python3/dist-packages/samba/vgp_motd_ext.py
/usr/lib/x86_64-linux-gnu/security/pam_motd.so
/usr/share/man/man8/pam_motd.8.gz
/usr/share/man/man5/motd.5.gz
/usr/share/base-files/motd
/run/motd.dynamic
/etc/motd
/etc/update-motd.d

发现可以文件夹/etc/update-motd.d

cat /etc/update-motd.d/10-uname
#!/bin/sh
uname -snrvm


uname -snrvm
Linux kali 5.18.0-kali7-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.16-1kali1 (2022-08-31) x86_64

确认就是此文件
1
2
3
4
5
6
7
关闭last login信息
vim /etc/ssh/sshd_config

去掉注释
改为
PrintLastLog no
重启ssh服务,这时就不会显示任何信息

配置显示系统信息

在/etc/profile.d/目录下新建sysinfo.sh文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/bin/bash

export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
export LANG=zh_CN.UTF-8

THIS_SCRIPT="sysinfo"
MOTD_DISABLE=""

SHOW_IP_PATTERN="^[ewr].*|^br.*|^lt.*|^umts.*"

DATA_STORAGE=/userdisk/data
MEDIA_STORAGE=/userdisk/snail


# don't edit below here
function display()
{
# $1=name $2=value $3=red_limit $4=minimal_show_limit $5=unit $6=after $7=acs/desc{
# battery red color is opposite, lower number
if [[ "$1" == "Battery" ]]; then
local great="<";
else
local great=">";
fi
if [[ -n "$2" && "$2" > "0" && (( "${2%.*}" -ge "$4" )) ]]; then
printf "%-14s%s" "$1:"
if awk "BEGIN{exit ! ($2 $great $3)}"; then
echo -ne "\e[0;91m $2";
else
echo -ne "\e[0;92m $2";
fi
printf "%-1s%s\x1B[0m" "$5"
printf "%-11s%s\t" "$6"
return 1
fi
} # display


function get_ip_addresses()
{
local ips=()
for f in /sys/class/net/*; do
local intf=$(basename $f)
# match only interface names starting with e (Ethernet), br (bridge), w (wireless), r (some Ralink drivers use ra<number> format)
if [[ $intf =~ $SHOW_IP_PATTERN ]]; then
local tmp=$(ip -4 addr show dev $intf | awk '/inet/ {print $2}' | cut -d'/' -f1)
# add both name and IP - can be informative but becomes ugly with long persistent/predictable device names
#[[ -n $tmp ]] && ips+=("$intf: $tmp")
# add IP only
[[ -n $tmp ]] && ips+=("$tmp")
fi
done
echo "${ips[@]}"
} # get_ip_addresses


function storage_info()
{
# storage info
RootInfo=$(df -h /)
root_usage=$(awk '/\// {print $(NF-1)}' <<<${RootInfo} | sed 's/%//g')
root_total=$(awk '/\// {print $(NF-4)}' <<<${RootInfo})
} # storage_info


# query various systems and send some stuff to the background for overall faster execution.
# Works only with ambienttemp and batteryinfo since A20 is slow enough :)
storage_info
critical_load=$(( 1 + $(grep -c processor /proc/cpuinfo) / 2 ))

# get uptime, logged in users and load in one take
UptimeString=$(uptime | tr -d ',')
time=$(awk -F" " '{print $3" "$4}' <<<"${UptimeString}")
load="$(awk -F"average: " '{print $2}'<<<"${UptimeString}")"
case ${time} in
1:*) # 1-2 hours
time=$(awk -F" " '{print $3" 小时"}' <<<"${UptimeString}")
;;
*:*) # 2-24 hours
time=$(awk -F" " '{print $3" 小时"}' <<<"${UptimeString}")
;;
*day) # days
days=$(awk -F" " '{print $3"天"}' <<<"${UptimeString}")
time=$(awk -F" " '{print $5}' <<<"${UptimeString}")
time="$days "$(awk -F":" '{print $1"小时 "$2"分钟"}' <<<"${time}")
;;
esac


# memory and swap
mem_info=$(LC_ALL=C free -w 2>/dev/null | grep "^Mem" || LC_ALL=C free | grep "^Mem")
memory_usage=$(awk '{printf("%.0f",(($2-($4+$6))/$2) * 100)}' <<<${mem_info})
memory_total=$(awk '{printf("%d",$2/1024)}' <<<${mem_info})
swap_info=$(LC_ALL=C free -m | grep "^Swap")
swap_usage=$( (awk '/Swap/ { printf("%3.0f", $3/$2*100) }' <<<${swap_info} 2>/dev/null || echo 0) | tr -c -d '[:digit:]')
swap_total=$(awk '{print $(2)}' <<<${swap_info})

c=0
while [ ! -n "$(get_ip_addresses)" ];do
[ $c -eq 3 ] && break || let c++
sleep 1
done
ip_address="$(get_ip_addresses)"

# display info
display "系统负载" "${load%% *}" "${critical_load}" "0" "" "${load#* }"
printf "运行时间: \x1B[92m%s\x1B[0m\t\t" "$time"
echo "" # fixed newline


display "内存已用" "$memory_usage" "70" "0" " %" " of ${memory_total}MB"
display "交换内存" "$swap_usage" "10" "0" " %" " of $swap_total""Mb"
printf "IP 地址: \x1B[92m%s\x1B[0m" "$ip_address"
echo "" # fixed newline

display "系统存储" "$root_usage" "90" "1" "%" " of $root_total"
printf "CPU 信息: \x1B[92m%s\x1B[0m\t" "$(echo `cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c`)"
echo ""
echo ""

安装docker-ce

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
af install apt-transport-https ca-certificates curl gnupg2 software-properties-common
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
sudo add-apt-repository "deb [arch=amd64] https://mirrors.tuna.tsinghua.edu.cn/docker-ce/linux/debian buster stable"
af update
af install -y docker-ce
service docker start
update-rc.d docker enable



// 设置镜像加速
vim /etc/docker/daemon.json

{
"registry-mirrors":[
"https://docker.mirrors.ustc.edu.cn/",
"https://hub-mirror.c.163.com/"
]
}
// 重启docker服务
systemctl daemon-reload
systemctl restart docker

搭建vulfocus靶场

1
2
3
4
docker pull vulfocus/vulfocus:latest
docker run -d -p 80:80 -v /var/run/docker.sock:/var/run/docker.sock -e VUL_IP=scp.com --restart always vulfocus/vulfocus

vul_ip 为靶场网址(这里scp.com 是ge'rf'ue'vi [ge'ren'she'zhi]本地hosts 方便访问)

开机自动进入cli

1
systemctl set-default multi-user.target

禁用读文件时访问时间戳的写操作

1
2
3
4
#为除swap之外的每个分区增加noatime选项
sudo vim /etc/fstab
noatime,errors=remount-ro
#重启生效

image-20210403141007165

使用TRIM定期清理硬盘(ssd)

查看是否支持

1
2
3
sudo hdparm -I /dev/sda | grep TRIM
#有返回则支持
sudo systemctl status fstrim

手动执行

1
2
sudo fstrim -V /
#多块可选择硬盘挂载目录

每天清理(默认每周) —SSD

1
2
3
4
5
6
sudo mkdir -V /etc/systemd/system/fstrim.timer.d
sudo touch /etc/systemd/system/fstrim.timer.d/override.conf
sudo vim admin:///etc/systemd/system/fstrim.timer.d/override.conf
[Timer]
OnCalendar=
OnCalendar=daily

提高性能,安全补丁

1
2
3
4
#intel
sudo apt install intel-microcode
#amd
sudo apt install amd64-microcode

image-20210403142423911

交换分区/文件

  • Swappiness 内核参数(0-100)
  • 决定RAM写入SWAP的百分比
  • 减少使用SWAP可以提高性能
1
2
cat /proc/sys/vm/swappiness #默认60
sudo sysctl -w vm.swappiness=1 #设置为1 1-10 都行

image-20210403143153171

限制firefox磁盘读写

  • 将firefox网络缓存放入RAM可提高运行速度

    1
    -------内存不足2GB不建议使用

地址栏输入about:config

搜索: brower.cache.disk.enable #更改为false 双击

搜索: brower.cache.memory.enable #true

搜索 browser.cache.memory.capacity 数值更改为204800

image-20210403144456822

禁用firefox无必要的网络活动

地址栏输入about:config

搜索: network.captive-portal-service.enabled #更改为false

禁用休眠/碎片整理

禁用休眠

  • 磁盘挂旗会导致大量的写操作
  • 对SSD尤其不利

不要碎片整理

  • 碎片整理会导致大量的写操作,短时间内毁坏SSD

优化启动项

删除不需要的启动项

显示隐藏启动项

1
sudo sed -i 's/NoDisplay=true/NoDisplay=false/g' /etc/xdg/autostart/*.desktop

系统清理

stacer

1
af install stacer

bleachbit

1
af install bleachbit

优化笔记本电池寿命

手动优化非常复杂

1
2
3
4
#推荐软件
af install tlp tlp-rdw
sudo tlp start
sudo tlp-stat

我用服务器演示

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
┌──(root💀kali)-[~]
└─# af install tlp tlp-rdw


61b4c3|OK | 1.9MiB/s|/var/cache/apt/apt-fast/tlp_1.3.1-2_all.deb

状态标识:
(OK):下载已完成。
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成
建议安装:
tp-smapi-dkms acpi-call-dkms linux-cpupower
下列【新】软件包将被安装:
tlp tlp-rdw
升级了 0 个软件包,新安装了 2 个软件包,要卸载 0 个软件包,有 4 个软件包未被升级。
需要下载 0 B/87.4 kB 的归档。
解压缩后会消耗 403 kB 的额外空间。
正在选中未选择的软件包 tlp。
(正在读取数据库 ... 系统当前共安装有 467060 个文件和目录。)
准备解压 .../archives/tlp_1.3.1-2_all.deb ...
正在解压 tlp (1.3.1-2) ...
正在选中未选择的软件包 tlp-rdw。
准备解压 .../tlp-rdw_1.3.1-2_all.deb ...
正在解压 tlp-rdw (1.3.1-2) ...
正在设置 tlp (1.3.1-2) ...
update-rc.d: We have no instructions for the tlp init script.
update-rc.d: It looks like a non-network service, we enable it.
正在设置 tlp-rdw (1.3.1-2) ...
正在处理用于 man-db (2.9.4-2) 的触发器 ...
正在处理用于 kali-menu (2021.2.0) 的触发器 ...

┌──(root💀kali)-[~]
└─# sudo tlp start
TLP started in AC mode (auto).

┌──(root💀kali)-[~]
└─# sudo tlp-stat
--- TLP 1.3.1 --------------------------------------------

+++ Configured Settings:
defaults.conf L0004: TLP_ENABLE="1"
defaults.conf L0005: TLP_PERSISTENT_DEFAULT="0"
defaults.conf L0006: DISK_IDLE_SECS_ON_AC="0"
defaults.conf L0007: DISK_IDLE_SECS_ON_BAT="2"
defaults.conf L0008: MAX_LOST_WORK_SECS_ON_AC="15"
defaults.conf L0009: MAX_LOST_WORK_SECS_ON_BAT="60"
defaults.conf L0010: CPU_ENERGY_PERF_POLICY_ON_AC="balance_performance"
defaults.conf L0011: CPU_ENERGY_PERF_POLICY_ON_BAT="balance_power"
defaults.conf L0012: SCHED_POWERSAVE_ON_AC="0"
defaults.conf L0013: SCHED_POWERSAVE_ON_BAT="1"
defaults.conf L0014: NMI_WATCHDOG="0"
defaults.conf L0015: DISK_DEVICES="nvme0n1 sda"
defaults.conf L0016: DISK_APM_LEVEL_ON_AC="254 254"
defaults.conf L0017: DISK_APM_LEVEL_ON_BAT="128 128"
defaults.conf L0018: DISK_IOSCHED="keep keep"
defaults.conf L0019: SATA_LINKPWR_ON_AC="med_power_with_dipm max_performance"
defaults.conf L0020: SATA_LINKPWR_ON_BAT="med_power_with_dipm min_power"
defaults.conf L0021: AHCI_RUNTIME_PM_TIMEOUT="15"
defaults.conf L0022: PCIE_ASPM_ON_AC="default"
defaults.conf L0023: PCIE_ASPM_ON_BAT="default"
defaults.conf L0024: RADEON_POWER_PROFILE_ON_AC="default"
defaults.conf L0025: RADEON_POWER_PROFILE_ON_BAT="default"
defaults.conf L0026: RADEON_DPM_PERF_LEVEL_ON_AC="auto"
defaults.conf L0027: RADEON_DPM_PERF_LEVEL_ON_BAT="auto"
defaults.conf L0028: WIFI_PWR_ON_AC="off"
defaults.conf L0029: WIFI_PWR_ON_BAT="on"
defaults.conf L0030: WOL_DISABLE="Y"
defaults.conf L0031: SOUND_POWER_SAVE_ON_AC="0"
defaults.conf L0032: SOUND_POWER_SAVE_ON_BAT="1"
defaults.conf L0033: SOUND_POWER_SAVE_CONTROLLER="Y"
defaults.conf L0034: BAY_POWEROFF_ON_AC="0"
defaults.conf L0035: BAY_POWEROFF_ON_BAT="0"
defaults.conf L0036: BAY_DEVICE="sr0"
defaults.conf L0037: RUNTIME_PM_ON_AC="on"
defaults.conf L0038: RUNTIME_PM_ON_BAT="auto"
defaults.conf L0039: RUNTIME_PM_DRIVER_BLACKLIST="amdgpu mei_me nouveau nvidia pcieport radeon"
defaults.conf L0040: USB_AUTOSUSPEND="1"
defaults.conf L0041: USB_BLACKLIST_BTUSB="0"
defaults.conf L0042: USB_BLACKLIST_PHONE="0"
defaults.conf L0043: USB_BLACKLIST_PRINTER="1"
defaults.conf L0044: USB_BLACKLIST_WWAN="0"
defaults.conf L0045: USB_AUTOSUSPEND_DISABLE_ON_SHUTDOWN="0"
defaults.conf L0046: RESTORE_DEVICE_STATE_ON_STARTUP="0"
defaults.conf L0047: RESTORE_THRESHOLDS_ON_BAT="0"
defaults.conf L0048: NATACPI_ENABLE="1"
defaults.conf L0049: TPACPI_ENABLE="1"
defaults.conf L0050: TPSMAPI_ENABLE="1"

+++ System Info
System = Tencent Cloud 3.0 CVM
BIOS = seabios-1.9.1-qemu-project.org
Release = Kali GNU/Linux Rolling
Kernel = 5.10.0-kali5-amd64 #1 SMP Debian 5.10.24-1kali1 (2021-03-23) x86_64
/proc/cmdline = BOOT_IMAGE=/boot/vmlinuz-5.10.0-kali5-amd64 root=UUID=c8ace5dc-4db8-438d-be1f-bfe23e0fba66 ro quiet splash
Init system = systemd v247 (247.3-3)
Boot mode = BIOS (CSM, Legacy)
SELinux status = disabled

+++ TLP Status
State = enabled
RDW state = enabled
Last run = 14时57分20秒, 4 sec(s) ago
Mode = AC
Power source = unknown

Notice: tlp.service is not enabled -- invoke "systemctl enable tlp.service" to correct this!

+++ Processor
CPU model = AMD EPYC 7K62 48-Core Processor

/sys/devices/system/cpu/cpufreq/boost = (not available)

Intel EPB: unsupported CPU.

/sys/module/workqueue/parameters/power_efficient = N
/proc/sys/kernel/nmi_watchdog = 0

+++ Temperatures
Fan speed = (not available)

+++ File System
/proc/sys/vm/laptop_mode = 0
/proc/sys/vm/dirty_writeback_centisecs = 1500
/proc/sys/vm/dirty_expire_centisecs = 1500
/proc/sys/vm/dirty_ratio = 20
/proc/sys/vm/dirty_background_ratio = 10

+++ Storage Devices
Devices = nvme0n1 sda

/dev/nvme0n1: not present.

/dev/sda: not present.

+++ AHCI Link Power Management (ALPM)
No AHCI-enabled host controller detected.

+++ AHCI Host Controller Runtime Power Management
/sys/bus/pci/devices/0000:00:01.1/ata1/power/control = on
/sys/bus/pci/devices/0000:00:01.1/ata2/power/control = on

+++ Wireless
bluetooth = none (no device)
wifi = none (no device)
wwan = none (no device)

+++ Audio

+++ PCIe Active State Power Management
/sys/module/pcie_aspm/parameters/policy = [default] performance powersave powersupersave (using BIOS preferences)

+++ Runtime Power Management
Device blacklist = (not configured)
Driver blacklist = amdgpu mei_me nouveau nvidia pcieport radeon

/sys/bus/pci/devices/0000:00:00.0/power/control = on (0x060000, Host bridge, no driver)
/sys/bus/pci/devices/0000:00:01.0/power/control = on (0x060100, ISA bridge, no driver)
/sys/bus/pci/devices/0000:00:01.1/power/control = on (0x010180, IDE interface, ata_piix)
/sys/bus/pci/devices/0000:00:01.2/power/control = on (0x0c0300, USB controller, uhci_hcd)
/sys/bus/pci/devices/0000:00:01.3/power/control = on (0x068000, Bridge, piix4_smbus)
/sys/bus/pci/devices/0000:00:02.0/power/control = on (0x030000, VGA compatible controller, cirrus)
/sys/bus/pci/devices/0000:00:03.0/power/control = on (0x060400, PCI bridge, no driver)
/sys/bus/pci/devices/0000:00:04.0/power/control = on (0x060400, PCI bridge, no driver)
/sys/bus/pci/devices/0000:00:05.0/power/control = on (0x020000, Ethernet controller, virtio-pci)
/sys/bus/pci/devices/0000:00:06.0/power/control = on (0x010000, SCSI storage controller, virtio-pci)
/sys/bus/pci/devices/0000:00:07.0/power/control = on (0x00ff00, Unclassified device [00ff], virtio-pci)

+++ USB
Autosuspend = enabled
Device whitelist = (not configured)
Device blacklist = (not configured)
Bluetooth blacklist = disabled
Phone blacklist = disabled
WWAN blacklist = disabled

Bus 001 Device 001 ID 1d6b:0001 control = auto, autosuspend_delay_ms = 0 -- Linux Foundation 1.1 root hub (hub)

+++ Battery Features: Charge Thresholds and Recalibrate
natacpi = inactive (no kernel support)
tpacpi-bat = inactive (laptop not supported)
tp-smapi = inactive (laptop not supported)

+++ Battery Status
No battery data available.

限制inode缓存

建议大于4g内存的计算机限制inode缓存

代价是某些系统项将在RAM内存中保留更长的时间

这将减少用于一般任务的可用RAM数量

1
2
3
gedit admin:///etc/sysctl.conf
#添加如下
vm.vfs_cache_pressure=50

/tmp 放到内存里

内存大于8g计算机

1
2
sudo cp -v /usr/share/systemd/tmp.mount /etc/systemd/system/
sudo systemctl enable tmp.mount && reboot

查看状态

1
systemctl status tmp.mount

取消使用/tmpfs

1
sudo rm -v /etc/systemd/system/tmp.mount

禁用无线芯片电源管理

以提高用电量为代价,提高速度和无线质量

1
2
3
4
gedit admin:///etc/NetworkManager/conf.d/default-wifi-powersave-on.conf
#修改
wifi.powersave = 2
#重启

partial reboot /部分重启

linux如果死机,可尝试partial reboot (ctrl + alt + back)

1
2
3
4
gedit admin:///etc/default/keyboard
#修改
XKBOPTIONS="terminate:ctrl_alt_bksp"
#重启

firejail沙箱

1
2
3
4
5
6
#安装
af install firejail
#使用
firejail firefox
#验证
firejail --tree

开启数据库

1
2
service postgresql start
msfdb init

anaconda 安装

1
2
3
wget https://mirrors.tuna.tsinghua.edu.cn/anaconda/archive/Anaconda3-2021.11-Linux-x86_64.sh
chmod +x Anaconda*
./Anaconda*

npm安装及picgo-core

1
2
3
4
5
6
7
apt -y install npm
#换源
npm config set registry https://registry.npm.taobao.org
#验证
npm config get registry
#安装picgo
npm install -g picgo

安装smb

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
apt install samba
vim /etc/samba/smb.conf

[root]
comment = share
path = /root
available = yes
browsable = yes
writable = yes
create mask = 0777
directory mask = 0777
valid users = root

/etc/init.d/smbd restart


未完待续