Example analysis to fix problems in historical Linux images

Fix for issues with historical Linux images

The ECS cloud server created by the historical Linux image may have NTP and YUM not configured, and may also have security vulnerabilities that have been exposed recently. Please follow the steps below to repair them, which will make your cloud server more secure. You can also use the YUM service provided by Alibaba Cloud to install software, and use the free NTP provided by Alibaba Cloud for time synchronization.

1. Configure NTP

Regardless of the distribution, back up /etc/ntp.conf first, then replace its content with the following:

# ntp.conf

#

# ntpd config for aliyun ecs.

#

# 6LAN+6LAN+3WAN

# [email protected]

# 2014.8.11

#

driftfile /var/lib/ntp/drift

pidfile /var/run/ntpd.pid

logfile /var/log/ntp.log

# Access Control Support

restrict default ignore

restrict -6 default ignore

restrict 127.0.0.1

restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap nopeer noquery

restrict 172.16.0.0 mask 255.240.0.0 nomodify notrap nopeer noquery

restrict 100.64.0.0 mask 255.192.0.0 nomodify notrap nopeer noquery

restrict 10.0.0.0 mask 255.0.0.0 nomodify notrap nopeer noquery

restrict ntp1.aliyun.com nomodify notrap nopeer noquery

restrict ntp2.aliyun.com nomodify notrap nopeer noquery

restrict ntp3.aliyun.com nomodify notrap nopeer noquery

restrict ntp4.aliyun.com nomodify notrap nopeer noquery

restrict ntp5.aliyun.com nomodify notrap nopeer noquery

restrict ntp6.aliyun.com nomodify notrap nopeer noquery

# local clock

server 127.127.1.0

fudge 127.127.1.0 stratum 10

#public ntp server

server ntp1.aliyun.com iburst minpoll 4 maxpoll 10

server ntp2.aliyun.com iburst minpoll 4 maxpoll 10

server ntp3.aliyun.com iburst minpoll 4 maxpoll 10

server ntp4.aliyun.com iburst minpoll 4 maxpoll 10

server ntp5.aliyun.com iburst minpoll 4 maxpoll 10

server ntp6.aliyun.com iburst minpoll 4 maxpoll 10

#Private ntp server

server ntp1.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp2.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp3.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp4.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp5.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp6.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

#New private ntp server

server ntp7.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp8.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp9.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp10.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp11.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

server ntp12.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

2. Update software sources

0. First confirm the image's current Linux system distribution and version number.

If there is a lsb_release command, execute:

lsb_release -a

Otherwise execute

cat /etc/issue

1. For CentOS, back up the CentOS-Base.repo and epel.repo files in /etc/yum.repos.d/ and execute the following corresponding commands according to the CentOS version:

CentOS 5:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo

wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-5.repo

CentOS 6:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo

wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo

CentOS 7:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

After the repo file is downloaded, execute:

yum makecache

2. For Aliyun 5.7, back up /etc/yum.repos.d/CentOS-Base.repo, then execute:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/aliyun-5.repo

After the repo file is downloaded, execute:

yum makecache

3. For Ubuntu, back up the /etc/apt/sources.list file and execute the command according to the distribution version:

Ubuntu 12.04:

wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1204-lts.list

Ubuntu 14.04:

wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1404-lts.list

Then execute:

apt-get update

4. For Debian, back up the /etc/apt/sources.list file and execute the command according to the distribution version:

debian6:

wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian6-lts.list

debian7:

wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian7-lts.list

Then execute:

apt-get update

3. Security vulnerability patch

It mainly repairs currently known major security vulnerabilities. The software that needs to be upgraded includes: bash, glibc, openssl, wget, and ntp.

Before executing the following commands, you need to ensure that the system's current software source has been set correctly.

1. For CentOS and Aliyun Linux, execute:

yum update bash glibc openssl wget ntp

2. For Ubuntu and Debian, execute:

apt-get install bash libc6 libc-bin openssl wget ntp

You may also be interested in:

Historical Linux image processing and repair solutions
Linux confirms that the data disk has been uninstalled and a new custom image can be created
How to use the "DD" command in Linux/OSX to create an ISO image operating system installation USB disk
Linux learning first virtual machine and image file installation and configuration
How to permanently modify the pip mirror source in Windows and Linux environments
Rsync Chinese manual: Using rsync to implement website mirroring and backup linux

<<: How to solve "Unable to start mysql service error 1069"

>>: Detailed explanation of react setState

Example analysis to fix problems in historical Linux images

Learn javascript iterator

Case analysis of several MySQL update operations

Docker FAQ

Apache Calcite code for dialect conversion

Installation and use of Apache stress testing tools

Vue custom encapsulated button component

Detailed explanation of the reasons why MySQL connections are hung

Quickly get started with VUE 3 teleport components and usage syntax

Detailed explanation on how to avoid the pitfalls of replacing logical SQL in MySQL

How to display the border when td is empty

Recommend

A graphic tutorial on how to install redhat 8.0 system (a must-have for beginners)

MySQL 8.0.11 Community Green Edition Installation Steps Diagram for Windows

Vuex implements simple shopping cart function

Solutions to the Problem of Creating XHTML and CSS Web Pages

How to use nginx to intercept specified URL requests through regular expressions

MYSQL slow query and log settings and testing

MySQL scheduled task example tutorial

Layui implements sample code for multi-condition query

Detailed analysis of several situations in which MySQL indexes fail

You may not know these things about Mysql auto-increment id

Detailed explanation of sshd service and service management commands under Linux

Use mysql to record the http GET request data returned from the url

Method and introduction of table index definition in MySQL

Implementing a simple carousel based on JavaScript

Vue3 based on script setup syntax $refs usage