Historical Linux image processing and repair solutions

The ECS cloud server created by the historical Linux image may have NTP and YUM not configured, and may also have security vulnerabilities that have been exposed recently. Please follow the steps below to repair them, which will make your cloud server more secure. You can also use the YUM service provided by Alibaba Cloud to install software, and use the free NTP provided by Alibaba Cloud for time synchronization.

1. Configure NTP

Regardless of the distribution, back up /etc/ntp.conf first, then replace its content with the following:

# ntp.conf
#
# ntpd config for aliyun ecs.
#
# 6LAN+6LAN+3WAN
# [email protected]
# 2014.8.11
#
driftfile /var/lib/ntp/drift
pidfile /var/run/ntpd.pid
logfile /var/log/ntp.log
# Access Control Support
restrict default ignore
restrict -6 default ignore
restrict 127.0.0.1
restrict 192.168.0.0 mask 255.255.0.0 nomodify notrap nopeer noquery
restrict 172.16.0.0 mask 255.240.0.0 nomodify notrap nopeer noquery
restrict 100.64.0.0 mask 255.192.0.0 nomodify notrap nopeer noquery
restrict 10.0.0.0 mask 255.0.0.0 nomodify notrap nopeer noquery
restrict ntp1.aliyun.com nomodify notrap nopeer noquery
restrict ntp2.aliyun.com nomodify notrap nopeer noquery
restrict ntp3.aliyun.com nomodify notrap nopeer noquery
restrict ntp4.aliyun.com nomodify notrap nopeer noquery
restrict ntp5.aliyun.com nomodify notrap nopeer noquery
restrict ntp6.aliyun.com nomodify notrap nopeer noquery
# local clock
server 127.127.1.0
fudge 127.127.1.0 stratum 10
#public ntp server
server ntp1.aliyun.com iburst minpoll 4 maxpoll 10
server ntp2.aliyun.com iburst minpoll 4 maxpoll 10
server ntp3.aliyun.com iburst minpoll 4 maxpoll 10
server ntp4.aliyun.com iburst minpoll 4 maxpoll 10
server ntp5.aliyun.com iburst minpoll 4 maxpoll 10
server ntp6.aliyun.com iburst minpoll 4 maxpoll 10
#Private ntp server
server ntp1.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp2.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp3.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp4.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp5.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp6.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
#New private ntp server
server ntp7.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp8.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp9.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp10.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp11.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp12.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10

2. Update software sources

0. First confirm the image's current Linux system distribution and version number.

If there is a lsb_release command, execute:

lsb_release -a

Otherwise execute

cat /etc/issue

1. For CentOS, back up the CentOS-Base.repo and epel.repo files in /etc/yum.repos.d/ and execute the following corresponding commands according to the CentOS version:

CentOS 5:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-5.repo
wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-5.repo
CentOS 6:
wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
CentOS 7:
wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -qO /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

After the repo file is downloaded, execute:

yum makecache

2. For Aliyun 5.7, back up /etc/yum.repos.d/CentOS-Base.repo, then execute:

wget -qO /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/aliyun-5.repo

After the repo file is downloaded, execute:

yum makecache

3. For Ubuntu, back up the /etc/apt/sources.list file and execute the command according to the distribution version:

Ubuntu 12.04:
wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1204-lts.list
Ubuntu 14.04:
wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/ubuntu1404-lts.list

Then execute:

apt-get update

4. For Debian, back up the /etc/apt/sources.list file and execute the command according to the distribution version:

debian6:
wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian6-lts.list
debian7:
wget -qO /etc/apt/sources.list http://mirrors.aliyun.com/repo/debian7-lts.list

Then execute:

apt-get update

3. Security vulnerability patch

It mainly repairs currently known major security vulnerabilities. The software that needs to be upgraded includes: bash, glibc, openssl, wget, and ntp.

Before executing the following commands, you need to ensure that the system's current software source has been set correctly.

1. For CentOS and Aliyun Linux, execute:

yum update bash glibc openssl wget ntp

2. For Ubuntu and Debian, execute:

apt-get install bash libc6 libc-bin openssl wget ntp

You may also be interested in:

Linux confirms that the data disk has been uninstalled and a new custom image can be created
How to use the "DD" command in Linux/OSX to create an ISO image operating system installation USB disk
Linux learning first virtual machine and image file installation and configuration
How to permanently modify the pip mirror source in Windows and Linux environments
Rsync Chinese manual: Using rsync to implement website mirroring and backup linux
Example analysis to fix problems in historical Linux images

<<: How to solve the mysql error 1033 Incorrect information in file: 'xxx.frm'

>>: Element-ui's built-in two remote search (fuzzy query) usage explanation

Data storage implementation method in WeChat applet

Historical Linux image processing and repair solutions

Data storage implementation method in WeChat applet

Analysis of Hyper-V installation CentOS 8 problem

Detailed explanation of Vue router routing guard

Tomcat obtains the client domain name of Nginx reverse proxy

VMware virtual machine installation CentOS 8 (1905) system tutorial diagram

WeChat applet uses canvas to draw clocks

How to build docker+jenkins+node.js automated deployment environment from scratch

Docker solves the problem that the terminal cannot input Chinese

How to implement n-grid layout in CSS

Detailed explanation of JS variable storage deep copy and shallow copy

Recommend

Tutorial on using prepare, execute and deallocate statements in MySQL

JavaScript to achieve dynamic color change of table

MySQL derived table (Derived Table) simple usage example analysis

Robots.txt detailed introduction

Mini Program to Implement Calculator Function

SQL implementation of LeetCode (182. Duplicate mailboxes)

Example code for evenly distributing elements using css3 flex layout

Explore VMware ESXI CLI common commands

MySQL reports an error: Can't find file: './mysql/plugin.frm' solution

How to design high-quality web pages Experience in designing high-quality web pages (pictures and text)

JavaScript to achieve drop-down menu effect

JS canvas realizes the functions of drawing board and signature board

Detailed explanation of mysql trigger example

Implementation of adding a mask layer effect when the CSS mouse hovers over the image

Implementation of mysql using mysqlbinlog command to restore accidentally deleted data