ls /proc http://www.lsproc.com/blog lsproc.com Fri, 21 May 2010 14:29:46 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Nginx/PHP 文件类型错误解析漏洞:fix_pathinfo http://www.lsproc.com/blog/nginx_php_pathinfo_securit/ http://www.lsproc.com/blog/nginx_php_pathinfo_securit/#comments Fri, 21 May 2010 03:34:47 +0000 lostsnow http://www.lsproc.com/blog/?p=410 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/nginx_php_pathinfo_securit/

漏洞介绍:nginx是一款高性能的web服务器,使用非常广泛,其不仅经常被用作反向代理,也可以非常好的支持PHP的运行。80sec发现其中存在一个较为严重的安全问题,默认情况下可能导致服务器错误的将任何类型的文件以PHP的方式进行解析,这将导致严重的安全问题,使得恶意的攻击者可能攻陷支持php的nginx服务器。

漏洞分析:nginx默认以cgi的方式支持php的运行,譬如在配置文件当中可以以

location ~ \.php$ {
    root html;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
    include fastcgi_params;
}

的方式支持对php的解析,location对请求进行选择的时候会使用URI环境变量进行选择,其中传递到后端Fastcgi的关键变量 SCRIPT_FILENAME由nginx生成的$fastcgi_script_name决定,而通过分析可以看到$fastcgi_script_name是直接由URI环境变量控制的,这里就是产生问题的点。而为了较好的支持PATH_INFO的提取,在PHP 的配置选项里存在cgi.fix_pathinfo选项,其目的是为了从SCRIPT_FILENAME里取出真正的脚本名。
那么假设存在一个http://www.lsproc.com/a.jpg,我们以如下的方式去访问


http://www.lsproc.com/a.jpg/xxx.php

将会得到一个URI

/a.jpg/xxx.php

经过location指令,该请求将会交给后端的fastcgi处理,nginx为其设置环境变量SCRIPT_FILENAME,内容为

/scripts/a.jpg/xxx.php

而在其他的webserver如lighttpd当中,我们发现其中的SCRIPT_FILENAME被正确的设置为

/scripts/a.jpg

所以不存在此问题。
后端的fastcgi在接受到该选项时,会根据fix_pathinfo配置决定是否对SCRIPT_FILENAME进行额外的处理,一般情况下如果不对fix_pathinfo进行设置将影响使用PATH_INFO进行路由选择的应用,所以该选项一般配置开启。Php通过该选项之后将查找其中真正的脚本文件名字,查找的方式也是查看文件是否存在,这个时候将分离出SCRIPT_FILENAME和PATH_INFO分别为

/scripts/a.jpg和xxx.php

最后,以/scripts/a.jpg作为此次请求需要执行的脚本,攻击者就可以实现让nginx以php来解析任何类型的文件了。

PHP为什么会接受这样的参数, 并且把a.jpg解析呢?
这就要说到PHP的cgi SAPI中的参数, fix_pathinfo了:

; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's
; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok
; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting
; this to 1 will cause PHP CGI to fix it's paths to conform to the spec. A setting
; of zero causes PHP to behave as before. Default is 1. You should fix your scripts
; to use SCRIPT_FILENAME rather than PATH_TRANSLATED.
cgi.fix_pathinfo=1

如果开启了这个选项, 那么就会触发在PHP中的如下逻辑:

/*
 * if the file doesn't exist, try to extract PATH_INFO out
 * of it by stat'ing back through the '/'
 * this fixes url's like /info.php/test
 */
if (script_path_translated &&
     (script_path_translated_len = strlen(script_path_translated)) > 0 &&
     (script_path_translated[script_path_translated_len-1] == '/' ||
//....以下省略.

到这里, PHP会认为SCRIPT_FILENAME是a.jpg, 而xxx.php是PATH_INFO, 然后PHP就把a.jpg当作一个PHP文件来解释执行… So…

POC: 访问一个nginx来支持php的站点,在一个任何资源的文件如robots.txt后面加上/xxx.php,这个时候你可以看到如下的区别:

访问http://www.lsproc.com/robots.txt

HTTP/1.1 200 OK
Server: nginx/0.6.32
Date: Thu, 20 May 2010 10:05:30 GMT
Content-Type: text/plain
Content-Length: 18
Last-Modified: Thu, 20 May 2010 06:26:34 GMT
Connection: keep-alive
Keep-Alive: timeout=20
Accept-Ranges: bytes

访问http://www.lsproc.com/robots.txt/xxx.php

HTTP/1.1 200 OK
Server: nginx/0.6.32
Date: Thu, 20 May 2010 10:06:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.2.6

其中的Content-Type的变化说明了后端负责解析的变化,该站点就可能存在漏洞。

漏洞厂商:http://www.nginx.org

解决方案:

1. 修改php.ini中的cgi.fix_pathinfo为0 (即使你在php.ini中没有找到,也要设置,默认为1)
2. 把nginx的判断正则修改为去除/

if ( $fastcgi_script_name ~ \..*\/.*php ) {
    return 403;
}

3. 如果上传的文件类型为图片, 使用 gd/imagemagick 等进行处理后再保存, 原始文件务必删除
4. 上传的文件放到一个静态文件server, 此 server 不允许php 文件执行

本文参考链接

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/nginx_php_pathinfo_securit/feed/ 2 复制到剪切板 - 兼容 ie, firefox, chrome & flash10 http://www.lsproc.com/blog/copy_to_clipboard/ http://www.lsproc.com/blog/copy_to_clipboard/#comments Tue, 13 Apr 2010 06:48:44 +0000 lostsnow http://www.lsproc.com/blog/?p=397 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/copy_to_clipboard/

从 discuz! 里扒出来的(简易实现), 代码如下:

var clipboardswfdata;

var setcopy_gettext = function(){
    clipboardswfdata = document.getElementById('data').value;
    window.document.clipboardswf.SetVariable('str', clipboardswfdata);
}

var floatwin = function(){
    alert('copy success, ' + clipboardswfdata);
}

<input type="text" name="data" value="xxxxx11111" id ="data" />
<div id="clipboard_content">
<span class="clipinner" id="clipinner">点此复制到剪贴板
<embed name="clipboardswf" class="clipboardswf" id="clipboardswf" onmouseover="setcopy_gettext()" devicefont="false" src="./clipboard.swf" menu="false" allowscriptaccess="sameDomain" swliveconnect="true" wmode="transparent" type="application/x-shockwave-flash" height="20" width="100"></span>
</div>

<style type="text/css">
body {font-size:12px;}
.clipinner {position:relative;}
.clipboardswf {position:absolute; left:0; top:0;}
</style>

实现稍微有些恶心, 用了个 onmouseover 事件往 flash 中传递数据

演示地址: http://www.lsproc.com/demo/clipboard/demo.html

另: google code 上有个 zeroclipboard 的项目, 如果想要方便的话, 也可以使用
地址: http://code.google.com/p/zeroclipboard/

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/copy_to_clipboard/feed/ 2 nginx userid 模块客户端 cookie 解码 http://www.lsproc.com/blog/nginx_userid_decode/ http://www.lsproc.com/blog/nginx_userid_decode/#comments Mon, 12 Apr 2010 01:59:32 +0000 lostsnow http://www.lsproc.com/blog/?p=387 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/nginx_userid_decode/

在网上看到用 ruby 解码的一段程序
http://forum.nginx.org/read.php?2,52592,52592

> cookie_uid = "0Cvz4ktwVPEdbRcMAwMFAg=="; cc = cookie_uid.unpack('m*').first; rr = cc.split("").map{|c| c[0].to_i}.inject([]) {|v,s| v.push sprintf("%02X", s); v; }.values_at(3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12).join("")
=> "E2F32BD0F154704B0C176D1D02050303"

我用 PHP 写了一个

<?php
function nginx_userid_decode($str)
{
    $str_unpacked =  unpack('h*', base64_decode(str_replace(' ', '+', $str)));
    $str_split = str_split(current($str_unpacked), 8);
    $str_map = array_map('strrev', $str_split);
    $str_dedoded = strtoupper(implode('', $str_map));

    return $str_dedoded;
}

// uid=8380A8C09A7E8C4B0A112CC202030303
echo nginx_userid_decode('wKiAg0uMfprCLBEKAwMDAg==');

update:

如果 base64 后的编码中含有 '+' , 在 url 传递中或是 $_COOKIE 数组读取中会被转换为空格

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/nginx_userid_decode/feed/ 0 nginx+factcgi 下使用 ob_flush http://www.lsproc.com/blog/use_ob_flush_on_nginx_fastcgi/ http://www.lsproc.com/blog/use_ob_flush_on_nginx_fastcgi/#comments Mon, 08 Mar 2010 03:45:23 +0000 lostsnow http://www.lsproc.com/blog/?p=376 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/use_ob_flush_on_nginx_fastcgi/

Nginx与php-cgi是两个独立的程序,通过TCP或Unix套接字通信,不像Apache那样是集成在一起的。所以,Nginx有fastcgi 缓冲区,数据超出缓冲区大小、或程序执行完,才会将内容输出到客户端。如果要使用ob_flush,不能开启gzip压缩输出。

nginx.conf:

fastcgi_buffer_size 4k;
fastcgi_buffers 8 4k;
gzip off;

php.ini:

output_buffering = Off

<?php
set_time_limit(0);
ob_end_clean();
ob_implicit_flush(1);

for($i = 0; $i < 10; $i++)
{
    echo $i . "<br />\n";
    echo str_repeat('', 1024*4);
    sleep(1);
}

其中 echo str_repeat('', 1024*4);
使得fastcgi_buffer_size 4k; 的缓冲区满,从而输出内容到浏览器

参考: http://blog.s135.com/nginx_php_v6/2/1/

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/use_ob_flush_on_nginx_fastcgi/feed/ 0 python 抓取页面 http://www.lsproc.com/blog/python_spider/ http://www.lsproc.com/blog/python_spider/#comments Mon, 01 Feb 2010 06:34:31 +0000 lostsnow http://www.lsproc.com/blog/?p=363 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/python_spider/

#coding=utf-8

import sys
import urllib2
import gzip
import StringIO

# 页面url
url = "http://china.toocle.com/company/show/pdetail--1000436--10532651.html"
# 页面编码
page_encode = "gbk"

request = urllib2.Request(url)
request.add_header("Accept-encoding", "gzip")
usock = urllib2.urlopen(request)
page = usock.read()
# 处理gzip过的页面
if usock.headers.get('content-encoding', None) == 'gzip':
    page = gzip.GzipFile(fileobj=StringIO.StringIO(page)).read()

# 转unicode(gbk/utf8)
if not isinstance(page, unicode):
    page = unicode(page, page_encode)

print(page)

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/python_spider/feed/ 0 firefox crashes again and again http://www.lsproc.com/blog/firefox_crashes_again_and_again/ http://www.lsproc.com/blog/firefox_crashes_again_and_again/#comments Tue, 26 Jan 2010 02:49:21 +0000 lostsnow http://www.lsproc.com/blog/?p=356 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/firefox_crashes_again_and_again/

有图有真相

http://crash-stats.mozilla.com/report/index/4e66ca79-89a8-476c-a394-f824d2100125
yslow 是罪魁祸首

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/firefox_crashes_again_and_again/feed/ 0 accessibility hosts http://www.lsproc.com/blog/accessibility_hosts/ http://www.lsproc.com/blog/accessibility_hosts/#comments Tue, 26 Jan 2010 01:58:51 +0000 lostsnow http://www.lsproc.com/blog/?p=350 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/accessibility_hosts/

New: add dropbox

# dropbox
174.36.30.71 dropbox.com
174.36.30.71 www.dropbox.com
75.101.129.115 dl.dropbox.com
75.101.159.151 dl-web.dropbox.com
174.36.30.71 forums.dropbox.com

#Search
74.125.39.99 www.google.com
74.125.39.103 www.google.com
74.125.39.104 www.google.com
74.125.39.105 www.l.google.com

#Images
74.125.39.99 images.google.com
74.125.39.103 images.google.com
74.125.39.104 images.google.com
74.125.39.105 images.google.com
74.125.39.106 images.google.com
74.125.39.147 images.google.com
74.125.77.99 tbn0.google.com
74.125.77.99 tbn1.google.com
74.125.77.103 tbn2.google.com
74.125.77.104 tbn3.google.com
74.125.77.105 tbn4.google.com
74.125.77.106 tbn5.google.com
74.125.77.147 tbn6.google.com

#Shopping
74.125.39.99 base0.googlehosted.com
74.125.39.103 base1.googlehosted.com
74.125.39.104 base2.googlehosted.com
74.125.39.105 base3.googlehosted.com
74.125.39.106 base4.googlehosted.com
74.125.39.147 base5.googlehosted.com

#Books
74.125.39.100 books.google.com
74.125.39.101 books.google.com
74.125.39.102 books.google.com
74.125.39.113 books.google.com
74.125.39.138 books.google.com
74.125.39.139 books.google.com
74.125.39.100 bks0.books.google.com
74.125.39.100 bks1.books.google.com
74.125.39.101 bks2.books.google.com
74.125.39.102 bks3.books.google.com
74.125.39.113 bks4.books.google.com
74.125.39.138 bks5.books.google.com
74.125.39.139 bks6.books.google.com
74.125.39.113 bks7.books.google.com
74.125.39.138 bks8.books.google.com
74.125.39.139 bks9.books.google.com

#Video
74.125.39.100 video.google.com
74.125.39.101 video.google.com
74.125.39.102 video.google.com
74.125.39.113 video.google.com
74.125.39.138 video.google.com
74.125.39.139 video.google.com
74.125.39.100 0.gvt0.com
74.125.39.101 1.gvt0.com
74.125.39.102 2.gvt0.com
74.125.39.113 3.gvt0.com
74.125.39.138 4.gvt0.com
74.125.39.139 5.gvt0.com

#Mail(POP3/SMTP)
209.85.147.109 pop.gmail.com
209.85.147.109 smtp.gmail.com

#WebMail
64.233.189.18 mail.google.com
64.233.189.19 mail.google.com
64.233.189.83 mail.google.com
64.233.189.18 www.gmail.com
64.233.189.19 www.gmail.com
64.233.189.83 www.gmail.com
64.233.189.19 googlemail.l.google.com

#Docs
64.233.189.101 writely-china.l.google.com
64.233.189.101 writely.l.google.com
64.233.189.102 docs.google.com
64.233.189.101 docs.google.com
64.233.189.100 docs.google.com

#Map
64.233.189.104 map.google.com
64.233.189.99 map.google.com
64.233.189.147 map.google.com
64.233.189.104 maps.google.com
64.233.189.99 maps.google.com
64.233.189.147 maps.google.com
64.233.189.99 maps.gstatic.com
203.208.39.93 khm.google.com
203.208.39.91 mt0.google.com
203.208.39.93 mt1.google.com
203.208.39.91 mt2.google.com
203.208.39.91 mt.l.google.com
64.233.189.99 maps.l.google.com

#Scholar
64.233.189.99 scholar.google.com
64.233.189.104 scholar.google.com
64.233.189.147 scholar.google.com
64.233.189.104 scholar.l.google.com

#Group
64.233.189.102 groups.google.com
64.233.189.100 groups.google.com
64.233.189.101 groups.google.com
64.233.189.101 groups.l.google.com

#Picasa
74.125.39.147 picasa.google.com
74.125.39.91 photos.google.com
74.125.39.91 picasaweb.google.com
74.125.39.93 picasaweb.google.com
74.125.39.136 picasaweb.google.com
74.125.39.190 picasaweb.google.com
74.125.39.91 lh0.ggpht.com
74.125.39.93 lh1.ggpht.com
74.125.39.136 lh2.ggpht.com
74.125.39.190 lh3.ggpht.com
74.125.39.91 lh4.ggpht.com
74.125.39.93 lh5.ggpht.com
74.125.39.136 lh6.ggpht.com
74.125.39.190 lh7.ggpht.com
203.208.39.104 picadaweb.google.com
203.208.39.104 lh1.ggpht.com
203.208.39.104 lh2.ggpht.com
203.208.39.104 lh3.ggpht.com
203.208.39.104 lh4.ggpht.com
203.208.39.104 lh5.ggpht.com
203.208.39.104 lh6.ggpht.com

#Translate
74.125.39.100 translate.google.com
74.125.39.101 translate.google.com
74.125.39.102 translate.google.com
74.125.39.113 translate.google.com
74.125.39.138 translate.google.com
74.125.39.139 translate.google.com

#Reader
74.125.39.99 reader.google.com
74.125.39.103 reader.google.com
74.125.39.104 reader.google.com
74.125.39.105 reader.google.com
74.125.39.106 reader.google.com

#Sites
64.233.161.9 sites.google.com
74.125.53.9 sites.google.com
74.125.39.102 sites.google.com
74.125.39.139 sites.google.com
74.125.45.9 sites.google.com
74.125.39.139 sites.google.com

#Code
74.125.53.9 code.google.com
74.125.45.9 code.google.com
64.233.161.9 code.google.com
74.125.39.102 code.google.com
209.85.137.9 code.google.com
74.125.39.139 code.l.google.com

#Labs
74.125.39.141 www.googlelabs.com
74.125.39.141 appspot.l.google.com
74.125.39.100 labs.google.com
74.125.39.101 labs.google.com
74.125.39.102 labs.google.com
74.125.39.113 labs.google.com
74.125.39.138 labs.google.com
74.125.39.139 labs.google.com

#Knol
74.125.39.100 knol.google.com
74.125.39.101 knol.google.com
74.125.39.102 knol.google.com
74.125.39.113 knol.google.com
74.125.39.138 knol.google.com
74.125.39.139 knol.google.com

#Sketchup
74.125.39.99 sketchup.google.com
74.125.39.103 sketchup.google.com
74.125.39.104 sketchup.google.com
74.125.39.105 sketchup.google.com
74.125.39.106 sketchup.google.com

#Pack
74.125.39.99 pack.google.com
74.125.39.103 pack.google.com
74.125.39.104 pack.google.com
74.125.39.105 pack.google.com
74.125.39.106 pack.google.com

#News
74.125.39.99 news.google.com
74.125.39.103 news.google.com
74.125.39.104 news.google.com
74.125.39.105 news.google.com
74.125.39.106 news.google.com
74.125.39.147 news.google.com
74.125.39.99 nt0.ggpht.com
74.125.39.103 nt1.ggpht.com
74.125.39.104 nt2.ggpht.com
74.125.39.105 nt3.ggpht.com
74.125.39.106 nt4.ggpht.com
74.125.39.147 nt5.ggpht.com

#Calendar
74.125.39.100 calendar.google.com
74.125.39.101 calendar.google.com
74.125.39.102 calendar.google.com
74.125.39.113 calendar.google.com
74.125.39.138 calendar.google.com
74.125.39.139 calendar.google.com

#Blogger
74.125.39.191 www.blogger.com
74.125.39.191 blogger.l.google.com
74.125.39.191 blogger.google.com

#Orkut
74.125.47.85 www.orkut.com
74.125.47.86 www.orkut.com
74.125.47.85 orkut.google.com
74.125.47.86 orkut.l.google.com

#Youtube
74.125.39.100 www.youtube.com
74.125.39.101 www.youtube.com
74.125.39.102 www.youtube.com
74.125.39.113 www.youtube.com

#Toolbar
74.125.39.100 toolbar.google.com
74.125.39.101 toolbar.google.com
74.125.39.102 toolbar.google.com
74.125.39.113 toolbar.google.com

#Apps
74.125.39.99 apps.google.com
74.125.39.103 apps.google.com
74.125.39.104 apps.google.com
74.125.39.115 apps.google.com

#Chrome
74.125.39.99 chrome.google.com
74.125.39.103 chrome.google.com
74.125.39.104 chrome.google.com
74.125.39.115 chrome.google.com

#Finance
74.125.39.99 finance.google.com
74.125.39.103 finance.google.com
74.125.39.104 finance.google.com
74.125.39.115 finance.google.com

#Desktop
74.125.39.99 desktop.google.com
74.125.39.103 desktop.google.com
74.125.39.104 desktop.google.com
74.125.39.115 desktop.google.com

#Ajax
74.125.53.9 ajax.googleapis.com
74.125.45.9 ajax.googleapis.com
64.233.161.9 ajax.googleapis.com
209.85.137.9 ajax.googleapis.com
72.14.203.9 googleapis-ajax.l.google.com

#Modules
74.125.39.132 1.ig.gmodules.com
74.125.39.132 2.ig.gmodules.com
74.125.39.132 3.ig.gmodules.com
74.125.39.132 4.ig.gmodules.com
74.125.39.132 5.ig.gmodules.com
74.125.39.132 6.ig.gmodules.com

#Misc
64.233.189.101 id.google.com
64.233.189.102 id.google.com
64.233.189.100 id.google.com
64.233.189.100 id.l.google.com
74.125.39.132 skins.gmodules.com
74.125.39.132 googlehosted.l.google.com
74.125.39.132 img0.gmodules.com
74.125.39.99 blogsearch.google.com
74.125.39.99 www2.l.google.com
74.125.39.99 www.gstatic.com
74.125.39.100 www3.l.google.com
74.125.39.99 buttons.googlesyndication.com

#twitter
168.143.161.20 twitter.com
168.143.161.20 www.twitter.com
128.121.146.229 assets0.twitter.com
128.121.146.229 assets1.twitter.com
128.121.146.101 static.twitter.com
128.121.146.229 assets2.twitter.com
128.121.146.229 assets3.twitter.com
65.74.185.41 twitter.zendesk.com
65.74.185.41 help.twitter.com
168.143.162.107 search.twitter.com

#facebook
124.40.42.105 www.facebook.com
69.63.180.173 login.facebook.com
69.192.34.110 s-static.ak.facebook.com
69.63.176.69 secure-profile.facebook.com
69.63.176.59 secure-media-sf2p.facebook.com
69.63.178.13 ssl.facebook.com
96.6.122.57 profile.ak.facebook.com
64.211.21.152 b.static.ak.facebook.com

#wikipedia
208.80.152.2 wikipedia.org
208.80.152.2 www.wikipedia.org
208.80.152.2 en.wikipedia.org
208.80.152.2 zh.wikipedia.org

to be continued.......

-- EOF --

Random Posts

]]> http://www.lsproc.com/blog/accessibility_hosts/feed/ 0 bash if条件判断参数 http://www.lsproc.com/blog/bash_if_parameters/ http://www.lsproc.com/blog/bash_if_parameters/#comments Fri, 15 Jan 2010 06:10:44 +0000 lostsnow http://www.lsproc.com/blog/?p=348 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/bash_if_parameters/

[ -a FILE ] 如果 FILE 存在则为真。

[ -b FILE ] 如果 FILE 存在且是一个块特殊文件则为真。

[ -c FILE ] 如果 FILE 存在且是一个字特殊文件则为真。

[ -d FILE ] 如果 FILE 存在且是一个目录则为真。

[ -e FILE ] 如果 FILE 存在则为真。

[ -f FILE ] 如果 FILE 存在且是一个普通文件则为真。

[ -g FILE ] 如果 FILE 存在且已经设置了SGID则为真。

[ -h FILE ] 如果 FILE 存在且是一个符号连接则为真。

[ -k FILE ] 如果 FILE 存在且已经设置了粘制位则为真。

[ -p FILE ] 如果 FILE 存在且是一个名字管道(F如果O)则为真。

[ -r FILE ] 如果 FILE 存在且是可读的则为真。

[ -s FILE ] 如果 FILE 存在且大小不为0则为真。

[ -t FD ] 如果文件描述符 FD 打开且指向一个终端则为真。

[ -u FILE ] 如果 FILE 存在且设置了SUID (set user ID)则为真。

[ -w FILE ] 如果 FILE 如果 FILE 存在且是可写的则为真。

[ -x FILE ] 如果 FILE 存在且是可执行的则为真。

[ -O FILE ] 如果 FILE 存在且属有效用户ID则为真。

[ -G FILE ] 如果 FILE 存在且属有效用户组则为真。

[ -L FILE ] 如果 FILE 存在且是一个符号连接则为真。

[ -N FILE ] 如果 FILE 存在 and has been mod如果ied since it was last read则为真。

[ -S FILE ] 如果 FILE 存在且是一个套接字则为真。

[ FILE1 -nt FILE2 ] 如果 FILE1 has been changed more recently than FILE2, or 如果 FILE1FILE2 does not则为真。

exists and [ FILE1 -ot FILE2 ] 如果 FILE1 比 FILE2 要老, 或者 FILE2 存在且 FILE1 不存在则为真。

[ FILE1 -ef FILE2 ] 如果 FILE1 和 FILE2 指向相同的设备和节点号则为真。

[ -o OPTIONNAME ] 如果 shell选项 “OPTIONNAME” 开启则为真。

[ -z STRING ] “STRING” 的长度为零则为真。

[ -n STRING ] or [ STRING ] “STRING” 的长度为非零 non-zero则为真。

[ STRING1 == STRING2 ] 如果2个字符串相同。 “=” may be used instead of “==” for strict POSIX compliance则为真。

[ STRING1 != STRING2 ] 如果字符串不相等则为真。

[ STRING1 < STRING2 ] 如果 “STRING1” sorts before “STRING2” lexicographically in the current locale则为真。

[ STRING1 > STRING2 ] 如果 “STRING1” sorts after “STRING2” lexicographically in the current locale则为真。

原文(已失效): http://hi.baidu.com/starlotus/blog/item/5707aeca34af14f753664f38.html

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/bash_if_parameters/feed/ 0 cacti 图片中文乱码问题 http://www.lsproc.com/blog/cacti_graph_with_chinese/ http://www.lsproc.com/blog/cacti_graph_with_chinese/#comments Mon, 11 Jan 2010 09:02:56 +0000 lostsnow http://www.lsproc.com/blog/?p=343 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/cacti_graph_with_chinese/

首先你需要一个中文字体
如simsun 等
将它放进 /usr/share/fonts目录中

然后执行下面的命令刷新字体缓存

fc-cache -f -v

然后再cacti 中设置 默认字体的路径为你使用的中文字体的路径

测试发现, 字体只能放到系统字体路径当中, 并要刷新字体缓存

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/cacti_graph_with_chinese/feed/ 2 linux timeline http://www.lsproc.com/blog/linux_timeline/ http://www.lsproc.com/blog/linux_timeline/#comments Sat, 09 Jan 2010 05:45:42 +0000 lostsnow http://www.lsproc.com/blog/?p=335 转载时请标明文章原始出处和作者信息, 作者: lostsnow.
http://www.lsproc.com/blog/linux_timeline/

linux timeline

linux timeline

-- EOF --

Related Posts

]]> http://www.lsproc.com/blog/linux_timeline/feed/ 2