(1)系统架构
查看内核
- # uname -s -r
- Linux 2.6.32-358.el6.x86_64
查看发布版本
- # cat /etc/redhat-release
- CentOS release 6.4 (Final)
查看CPU架构
- # arch
- x86_64(x86_64表示64位机器/i686表示32位机器)
- # getconf LONG_BIT
- 64
(2)用户设置
添加用户
- # /usr/sbin/useradd user1 -d /home/user1 -G nobody
- # passwd user1
- New password: 123456
- Retype new password: 123456
- passwd: all authentication tokens updated successfully.
确认用户
- # id user1
删除用户
- # userdel -r user1
赋予root权限
- # usermod -G wheel hoge
- # vi /etc/pam.d/su
- auth required pam_wheel.so use_uid # <= 取消注释
用户一览
- # cat /etc/passwd
(3)网络设置
设置IP
- # vi /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE="eth0"
- OTPROTO="static" # <=
- HWADDR="00:0C:29:53:A5:AE"
- IPV6INIT="no" # <=
- NM_CONTROLLED="yes"
- ONBOOT="yes"
- TYPE="Ethernet"
- UUID="1ca6acf4-ebce-415a-a89b-bf89a67819ff"
- IPADDR="xxx.xxx.xx.xx" # <=
- NETMASK="255.255.255.0" # <=
- GATEWAY="xxx.xxx.xx.xx" # <=
- DNS1="xxx.xxx.xx.xx" # <=
- # service network restart
- Shutting down interface eth0:
- ......
- Connection activated [ OK ]
- # ifconfig
- eth0 Link encap:Ethernet HWaddr 00:0C:29:2F:D5:58
- inet addr:xxx.xxx.xx.xx Bcast:xxx.xxx.xx.xx Mask:255.255.255.0
- ......
卸载NestworkManager服务
- # chkconfig NetworkManager off
- # yum -y remove NetworkManager
关闭IPv6
- # service ip6tables stop
- # chkconfig ip6tables off
- # echo "install ipv6 /bin/true" >> /etc/modprobe.d/disable-ipv6.conf
- # vi /etc/sysconfig/network
- NETWORKING_IPV6=no
- IPV6INIT=no
- # vi /etc/sysconfig/network-scripts/ifcfg-eth0
- # shutdown -r now
- # lsmod | grep ipv6
- 没有ipv6模块
- # netstat -an | grep ffff
- 没有:ffff:开始的IP
- # ifconfig
- 没有inet6 addr开始的文字
(4)包管理设置
yum清理
- # yum clean all
- Loaded plugins: fastestmirror, security
- Cleaning repos: base extras updates
- Cleaning up Everything
- # yum makecache
- Loaded plugins: fastestmirror, security
- Determining fastest mirrors
- ………….
- Metadata Cache Created
yum更新
- # yum -y update
自动更新
- # yum -y install yum-cron
- # vi /etc/sysconfig/yum-cron
- CHECK_ONLY=yes
- DOWNLOAD_ONLY=yes
- # /etc/rc.d/init.d/yum-cron start
- # chkconfig yum-cron on
- # chkconfig --list yum-cron
自动查找最快镜像
- # yum -y install yum-plugin-fastestmirror
- # vi /etc/yum/pluginconf.d/fastestmirror.conf
- enabled=0 ←0:无效 1:有效
添加repository
- # vi /etc/yum.repos.d/CentOS-Base.repo
- # rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
- # vi /etc/yum.repos.d/rpmforge.repo
- enabled=0
- # yum --enablerepo=rpmforge install xxxx
- # rpm -Uvh http://ftp.riken.jp/Linux/fedora/epel/6/x86_64/epel-release-6-8.noarch.rpm
- # vi /etc/yum.repos.d/epel.repo
- enabled=0
- # yum --enablerepo=epel install xxxx
(5)设置vim
- # yum -y install vim-enhanced
- # vi /etc/profile
- alias vi='vim'
- # source /etc/profile
- # vi /etc/vimrc
(6)安全设置
关闭SELinux
- # getenforce
- # setenforce 0 ←临时关闭
- # vi /etc/sysconfig/selinux
- SELINUX=enforcing
- ↓
- SELINUX=disabled
停止iptables
- # /etc/rc.d/init.d/iptables stop
- iptables: Flushing firewall rules: [ OK ]
- iptables: Setting chains to policy ACCEPT: filter [ OK ]
- iptables: Unloading modules: [ OK ]
- # chkconfig iptables off
- # chkconfig --list iptables
- iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off
(7)系统运行情况
磁盘使用情况
- # df -h
- # yum -y install sysstat
- # iostat
内存使用情况
- # free -m
CPU和内存
- # cat /proc/cpuinfo
- # cat /proc/meminfo
(8)其他
本地语言化
- # yum -y groupinstall "Japanese Support"
- # vi /etc/sysconfig/i18n
- LANG="en_US.UTF-8"
- ↓
- LANG="ja_JP.UTF-8"
- # source /etc/sysconfig/i18n
- # echo $LANG
- ja_JP.UTF-8
- # shutdown -r now
停止不必要的服务
- # chkconfig --list | grep 3:on
- # service ip6tables stop
- # chkconfig ip6tables off
编码转换nkf(Network Kanji Filter)
- # yum -y install nkf
- # vi readme.txt
- test
- 漢字
- # nkf -g readme.txt
- UTF-8 (LF)
- # nkf -s --overwrite readme.txt
- # nkf -g readme.txt
- Shift_JIS (LF)
- # nkf -j --overwrite readme.txt
- # nkf -g readme.txt
- ISO-2022-JP (LF)
安装gcc
- # rpm -qa gcc
- # yum -y install gcc gcc-c++
- # gcc -v
- Using built-in specs.
- Target: i686-redhat-linux
- …………
- gcc version 4.4.7 20120313 (Red Hat 4.4.7-4) (GCC)
安装PCRE
- # cd /usr/local/src
- # wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.35.tar.gz
- # tar zxvf pcre-8.35.tar.gz
- # cd /usr/local/src/pcre-8.35
- # ./configure --prefix=/usr/local/pcre/8.35
- # make clean
- # make && make install
- # PATH=/usr/local/pcre/8.35/bin:$PATH
- # vi /etc/ld.so.conf
- /usr/local/pcre/8.35/lib ←末尾追加
- # ldconfig
- # rpm -qa pcre
- pcre-7.8-6.el6.x86_64
- # pcretest -C
- PCRE version 7.8 2008-09-05
安装OpenSSL
- # cd /usr/local/src
- # wget http://www.openssl.org/source/openssl-1.0.1h.tar.gz
- # tar xzvf openssl-1.0.1h.tar.gz
- # cd openssl-1.0.1h
- # ./config shared -fPIC
- # make && make install
- # vi /etc/ld.so.conf
- /usr/local/ssl/lib ←末尾追加
- # ldconfig
- # ldconfig -f /etc/ld.so.conf -vp|grep ssl/lib
- libssl.so.1.0.0 (libc6) => /usr/local/ssl/lib/libssl.so.1.0.0
- libssl.so (libc6) => /usr/local/ssl/lib/libssl.so
- libcrypto.so.1.0.0 (libc6) => /usr/local/ssl/lib/libcrypto.so.1.0.0
- libcrypto.so (libc6) => /usr/local/ssl/lib/libcrypto.so
- # /usr/local/ssl/bin/openssl version
- OpenSSL 1.0.1h 5 Jun 2014
NTP同步时间
引用
# yum -y install ntp
# mv /etc/ntp.conf /etc/ntp.conf.org
# vi /etc/ntp.conf
driftfile /var/lib/ntp/drift
server 0.jp.pool.ntp.org
server 1.jp.pool.ntp.org
server 2.jp.pool.ntp.org
server 3.jp.pool.ntp.org
# ntpdate 0.jp.pool.ntp.org
# /etc/init.d/ntpd start
# ntpq -p
# ntpstat
# mv /etc/ntp.conf /etc/ntp.conf.org
# vi /etc/ntp.conf
driftfile /var/lib/ntp/drift
server 0.jp.pool.ntp.org
server 1.jp.pool.ntp.org
server 2.jp.pool.ntp.org
server 3.jp.pool.ntp.org
# ntpdate 0.jp.pool.ntp.org
# /etc/init.d/ntpd start
# ntpq -p
# ntpstat
GHOST: glibc vulnerability (CVE-2015-0235)
- # yum update glibc
- # rpm -qa | grep glibc
- 2.12-1.149.el6_6.5