1. tcp-keepalive,顾名思义,它可以尽量让 TCP 连接“活着”,或者让一些对方无响应的 TCP 连接“宣告死亡”。
2. 一些特定环境,防火墙会自动断开长期无活动的 TCP 连接,tcp-keepalive 可以在连接无活动一段时间后,发送一个空 ack,使 TCP 连接不会被防火墙关闭。
3. 一些时候,对方的服务器可能出现宕机或者网络中断等问题, tcp-keepalive 可以帮助断开这些无响应的连接。
4. tcp-keepalive 需要在应用程序层面针对其所用到的 Socket 进行开启。操作系统层面无法强制所有 socket 启用 tcp-keepalive. (本文在 CentOS/RHEL 6/7 环境进行测试)
请留意:本文所述的方法仅是经过资料收集和讨论所提出的一种原理假设,并非微信/支付宝官方披露的具体方法。
在信息时代,路边摊都能接受支付宝付款。于是,我一直有个疑问。
1. 微信/支付宝/Paypal 的条形码支付/二维码支付是如何实现的?它们安全吗?
2. 为什么用户不需要联网,也能完成支付?
二维码支付主要有“用户扫码”和“商家扫码”(反扫)两种。“用户扫码”是商家提供二维码,用户手机客户端扫码,确认购物信息后进行支付。“商家扫码”(“刷卡支付”)则是用户出示二维码,商户扫描该二维码进行扣款。
“用户扫码”的二维码实际是个购物网站的链接,扫描后的流程与我们通常的网上购物差异不大。
“商家扫码”(“刷卡支付”)则是由用户的手机客户端生成一串“支付码”(如下图),商家读取支付码后,交由支付网关进行清算。据观察,它有如下特点:
1. 用户的手机客户端不需要联网,即可生成支付码并完成交易(第一次使用时,需要联网验证支付密码,来开启扫码支付功能);
2. 这串18位的支付码是动态变化的,大约30秒动态变化一次。
本文将探讨“商家扫码”(“刷卡支付”)背后的原理。
1. umask 设置的不是默认权限,而是针对新建文件的一种权限限制。
2. 应用程序在创建文件时,会指定文件的权限 (mode)。而最终这个新建的文件的权限会是 (mode & ~umask).
# man 2 open
O_CREAT
If the file does not exist it will be created. The owner (user ID) of the file is set to the effective user ID of the process. The group
ownership (group ID) is set either to the effective group ID of the process or to the group ID of the parent directory (depending on file
system type and mount options, and the mode of the parent directory, see the mount options bsdgroups and sysvgroups described in mount(8)).
mode specifies the permissions to use in case a new file is created. This argument must be supplied when O_CREAT is specified in flags; if
O_CREAT is not specified, then mode is ignored. The effective permissions are modified by the process’s umask in the usual way: The permis-
sions of the created file are (mode & ~umask). Note that this mode only applies to future accesses of the newly created file; the open()
call that creates a read-only file may well return a read/write file descriptor.
Linux 系统中,可以用 xwd 进行 X-window 的截图。下面记录下几个简单的命令,方便日后使用。详情请参考 xwd 的文档。
(更多…)
This is a very simple and buggy TCP socket example in Linux C. For demo only.
(更多…)
With default signal handling, I observe that when a child process keeps in D-state, I can terminate it parent process, and then the D-state child process would become a child of init (pid-1).
(更多…)
I observed that when terminating a process with D-state thread(s), the process would keep in zombie state, instead of being reclaimed by init (pid-1). Here comes the steps to reproduce this behavior.
(更多…)
There’s no explicit definition of CPU utilization. Usually, we see CPU time as CPU utilization. The %id, %us, %sy etc seen in vmstat/iostat are CPU time.
~~~
CPU
These are percentages of total CPU time.
us: Time spent running non-kernel code. (user time, including nice time)
sy: Time spent running kernel code. (system time)
id: Time spent idle. Prior to Linux 2.5.41, this includes IO-wait time.
wa: Time spent waiting for IO. Prior to Linux 2.5.41, included in idle.
st: Time stolen from a virtual machine. Prior to Linux 2.6.11, unknown.
~~~
(更多…)
首先,在 Linux 下清理缓存是毫无意义的,只有弊,没有利。原因可参考下文。
[Linux ate my ram!]
http://www.linuxatemyram.com/
(更多…)
守护进程运行在背景,其父进程 pid=1(init/systemd). 创建守护进程的主要思路,就是 fork 一个子进程,然后父进程挂掉让子进程变为孤儿,最终孤儿被 pid=1 的进程领养。
1. Fork
fork off the parent process & let it terminate if forking was successful. -> Because the parent process has terminated, the child process now runs in the background.
2. Setsid
setsid – Create a new session. The calling process becomes the leader of the new session and the process group leader of the new process group. The process is now detached from its controlling terminal (CTTY).
3. Signal
Catch signals – Ignore and/or handle signals.
4. Fork again
fork again & let the parent process terminate to ensure that you get rid of the session leading process. (Only session leaders may get a TTY again.)
5. chdir
chdir – Change the working directory of the daemon.
6. umask
umask – Change the file mode mask according to the needs of the daemon.
7. Close FDs
close – Close all open file descriptors that may be inherited from the parent process.