RHEL6
吕 lvbenfu@gmail.com
-
192.168.3.xx
ping 192.168.3.118
资源地址:\\192.168.3.118\rhel6
user:1 pass:1
笔记地址:http://192.168.3.118/rhel6.txt
-
abc-123
-
cd /etc/yum.repos.d
vi test.repo
[dvd]
name=dvd
baseurl=file://
gpgcheck=0
enabled=1
yum -y install system-config-kickstart
cp ks.cfg /var/www/html
cp -R /media/...../* /var/www/html
service httpd start 启动Apache服务
ifconfig eth1 192.168.71.62
http://192.168.71.61/ks.cfg
Tab
ks=http://192.168.71.61/ks.cfg
cd /var/www/html
vim ks1.cfg
将包选择拷贝到原来的ks.cfg里面
startx
windows -- linux
putty
yum -y install tigervnc-server
vncserver :88
vncpasswd
vncserver -kill :88
192.168.3.254 202.96.209.5
rm -rf p*
caching-nameserver
service httpd start
防火墙开HTTP(80)
id whoami who w
pwd
tty
hostname
ifconfig
文件操作命令:
cd -
家目录
普通用户的家目录:/home/username
root的家目录:/root
回家目录的方法:cd cd ~
cp
mv 移动或改名
mkdir -p
rm
rmdir
超级用户 UID=0
伪用户 1 - 499 (/sbin/nologin)
普通用户 500 - 60000
cat /etc/passwd
man
例1:给user01对文件file1
u:rwx g:rx o:r
chmod 754 file1
chown user01 file1
chmod u=rwx,g=rx,o=r file1
umask
pwunconv
pwconv
passwd
===========day2============
service service-name start|stop|restart|status|reload
独立服务:httpd,named,vsftpd,xinetd
托管服务:time,tftp
vim /etc/sysconfig/network-scripts/ifcfg-...
练习:
1.查询/etc目录下以host开头的文件
find /etc -name "host*"
2.查询当前目录下以2个小写字母和2个数字开头的txt文件
find . -name "[a-z][a-z][0-9][0-9]*.txt"
3.find . -perm 755
4.find . -type d
find . ! -type d
find . -size +1000000c
find /etc -mtime -9
正则表达式:
* 前一个字符出现0到多次
. 任意单个字符
【abc】
【^abc】
^ 行首 ^Test
$ 行尾 Test$
.*
\
1.[aiou]t
2.b[01][oa]t
3.grep --color 'root' /etc/passwd
4.grep ':/bin/bash$' /etc/passwd
5.grep ':/sbin/nologin$' /etc/passwd
sort
grep 'bash' /etc/passwd | cut -d: -f1 | sort
uniq
cut -d: -f7 /etc/passwd | sort | uniq
cut -d: -f7 /etc/passwd | sort | uniq -u
cut -d: -f7 /etc/passwd | sort | uniq -c
cut -d: -f7 /etc/passwd | sort | uni q -d
*.tar.gz
tar -xzvf *.tar.gz
tar -czvf /etc
dG
:q!
Ctrl+W w
mkdir /script
find / -perm -4000 -o -perm -2000 > /scripts/setuid.normal
vim test.sh
#!/bin/sh
/usr/bin/find / -perm -4000 -o -perm -2000 > /tmp/setuid.check
for file in `/bin/cat /tmp/setuid.check`;do
/bin/grep $file /script/setuid.normal > /dev/null
if [ "$?" != "0" ]; then
echo "$file isnt in list!danger!!!"
if
done
/bin/rm /tmp/setuid.check
logwatch
grub
device (hd0) /dev/sda
root (hd0,0)
setup (hd0)
quit
df -h
umount /dev/sda1
fsck /dev/sda1
mount /dev/sda1
mount -o remount /
vi /etc/fstab
reboot
passwd
echo redhat2 | passwd --stdin root
vi /boot/grub/grub.conf
password --md5 password
init
/etc/init.d
/etc/xinetd.d
yum -y install telnet-server
cd /etc/xinetd.d
ls
vim telnet
disable=yes --> disable=no
service xinetd restart
ssh-keygen
ssh-copy-id root@192.168.71.61
ssh root@192.168.71.61
ssh -L 本地端口:远程主机名:远程端口 sshhost
ssh -L 2025:localhost:25 192.168.71.61
3天后的下午4点执行任务:
at 4pm +3 days
在7月31日上午10点
at 10am Jul 31
明天下午1点
at 1pm tomorrow
cron示例:
05 * * * *
05 02 * * *
30 08 01 * *
00 07 25 12 *
30 16 * * 5
*/5 * * * *
*/10 9-16 1,15 * *
dhclient -1 == ipconfig /renew
设置IP地址:
ifconfig eth0 192.168.3.200
设置网关:
ip route add default via 192.168.3.254 dev eth0
设置DNS:
echo "nameserver=202.96.209.5" > /etc/resolv.conf
vi /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all = 1
sysctl -p
sudo写法:
%group1 ALL=(ALL) NOPASSWORD: ALL
定义别名组的方法:
User_Alias grp2=user1,user2,user3
grp2 ALL=(ALL) ALL
定义命令组的方法:
Cmnd_Alias cmdgrp1=useradd,userdel,usermod
zhang3 ALL=cmdgrp1
ifup ifdown
visudo
student ALL= NOPASSWD: /sbin/ifup,/sbin/ifdown
yum -y install scsi-target-utils
service tgtd start
chkconfig tgtd on
iscsi-initiator-utils
iscsiadm -m discovery -t st -p 192.168.71.61
iscsiadm -m node -T iqn-2012-06.... -p 192.168.71.61 -o delete
配额:
1.inode:限制用户可以建立的文件数量
2.block:限制用户磁盘的容量,以Kb为单位
3.soft:软限制
4.hard:硬限制
5.grace time:宽限时间
写一个备份脚本:
#!/bin/sh
tar -c $DIR | gzip -9 > $BACKUP
DNS的配置实验:
1.基本解析的实现
yum -y install bind
vim /etc/named.conf
listen-on port 53 {127.0.0.1;192.168.71.61; };
allow-query { any; };
vim /etc/named.rfc1912.zones
zone "abc.com" IN {
type master;
file "abc";
};
cd /var/named
cp -p named.localhost abc
vim abc
@ IN SOA @ ns1.abc.com. (...
@ IN NS ns1.abc.com.
ns1 IN A 192.168.71.61
www IN A 192.168.71.61
service named restart
vi /etc/resolv.conf
nameserver 192.168.71.61
nslookup
www.abc.com
2.轮巡的实现
vim /var/named/abc
www IN A 1.1.1.1
www IN A 2.2.2.2
www IN A 3.3.3.3
3.泛解析
sh.abc.com 5.5.5.5
gz.abc.com 6.6.6.6
bj.abc.com 7.7.7.7
*.abc.com 5.5.5.5
4.其它记录的实现
MX,反向
5.辅助域的实现
6.转发器
forwarders { 202.96.209.5; };
==========day4===========
vi /etc/httpd/conf/httpd.conf
<VirtualHost 192.168.71.61>
<VirtualHost 192.168.71.61>
ServerName www.baidu.com
DocumentRoot /var/www/baidu
</VirtualHost>
<VirtualHost 192.168.71.61>
ServerName www.sina.com
DocumentRoot /var/www/sina
</VirtualHost>
配置对CGI的支持:
vi /etc/httpd/conf/httpd.conf
331 ExecCGI
796 AddHandler cgi-script .cgi
service httpd restart
配置对PHP的支持:
yum -y install "php*"
service httpd restart
NFS共享与客户端的配置:
1.服务器的配置
(1)建立用于共享的测试文件夹和文件
mkdir -p /exports/read /exports/write
touch /exports/read/r1.txt
touch /exports/write/w1.txt
(2)设置本地权限
cd /exports
ll
getfacl write
setfacl -R -m o::rwx write
ll
getfacl write
(3)设置export输出及共享权限
vim /etc/exports
/exports/read 192.168.71.0/24(ro,sync)
/exports/write 192.168.71.0/24(rw,sync) 127.0.0.1(rw,sync)
service nfs start
chkconfig nfs on
(4)防火墙开NFS4的相应的端口
2.客户端的配置
mount -t nfs 192.168.71.61:/ /mnt
Samba的配置:
yum -y install samba
service smb start
useradd u1
passwd u1
smbpasswd -a u1
Drop-box
dropbox root ftp
rwx -wx ---
Postfix邮件服务器的配置:
1.配置DNS(Windows2003下做)
2.配置Postfix
yum -y install postfix mutt
inet_interfaces = all
myhostname = mail.lin.com
myorigin = lin.com
mydomain =lin.com
service postfix restart
rndc -dumpdb
/var/named/named_dump.db
3.配置Windows下的邮件服务器
4.测试邮件收发
第8章 通过GNUPG保护文件安全
OpenPGP
生成密钥 gpg --gen-key
列出公钥 gpg --list-keys
第9章 SELinux
三种模式:强制模式,许可模式,禁用模式
cat /etc/sysconfig/selinux