zoukankan      html  css  js  c++  java
  • CentOS8.2基础配置

    1、添加普通用户

    [1] 要在CentOS服务器上添加普通用户帐户,请按以下步骤设置。

    [root@lianglab ~]# useradd centos
    [root@lianglab ~]# passwd centos
    Changing password for user centos.
    New password:                               #输入您要设置的任何密码  
    Retype new password:
    passwd: all authentication tokens updated successfully. #所有身份验证令牌已成功更新
    
    
    

    [2] 如果您想从普通用户切换到root用户帐户,请使用[su]命令。

    [root@lianglab ~]# su - centos   #切换centos账号
    [centos@lianglab ~]$ su -        #切换root账号
    Password:                        #输入root密码
    [root@lianglab ~]#               #切换到root账号
    
    

    [3] 如果您想限制用户运行[su]命令,请进行如下设置。
    在以下示例中,只有[wheel]组中的用户可以运行[su]命令。

    [root@lianglab ~]# usermod -G wheel centos
    [root@lianglab ~]# vi /etc/pam.d/su
    [root@lianglab ~]# cat  /etc/pam.d/su
    #%PAM-1.0
    auth            required        pam_env.so
    auth            sufficient      pam_rootok.so
    # Uncomment the following line to implicitly trust users in the "wheel" group.
    #auth           sufficient      pam_wheel.so trust use_uid   #我们添加的配置项
    # Uncomment the following line to require a user to be in the "wheel" group.
    auth            required        pam_wheel.so use_uid
    auth            substack        system-auth
    auth            include         postlogin
    account         sufficient      pam_succeed_if.so uid = 0 use_uid quiet
    account         include         system-auth
    password        include         system-auth
    session         include         system-auth
    session         include         postlogin
    session         optional        pam_xauth.so
    auth          sufficient      pam_rootok.so debug
    
    [root@lianglab ~]# groups centos   #查看账号所在的组
    centos : centos wheel
    
    我们可以创建一个账号user01没有在wheel组,并尝试切换到root账号
    [root@lianglab ~]# useradd user01
    [root@lianglab ~]# passwd user01
    Changing password for user user01.
    New password:
    Retype new password:
    passwd: all authentication tokens updated successfully.
    [root@lianglab ~]#
    [root@lianglab ~]# su - user01
    [user01@lianglab ~]$
    [user01@lianglab ~]$ su -
    Password:
    su: Permission denied   #通常是被拒绝的
    [user01@lianglab ~]$
    
    
    
    

    [4] 如果您要删除用户帐户,请按以下步骤设置。

    [root@lianglab ~]# userdel -r user01  #删除用户[user01](仅删除的用户帐户)
    userdel: user 'user01' does not exist
    [root@lianglab ~]# ll /home/
    total 4
    drwxr-xr-x.  3 admin    admin      78 Sep 28 10:09 admin
    drwx------.  4 centos   centos    113 Dec  4 13:56 centos
    drwx------. 15 lianglab lianglab 4096 Sep 27 16:42 lianglab
    drwx------.  3 tddev    users      78 Sep 28 10:09 tddev
    drwx------.  5 tdops    users     143 Oct 15 16:10 tdops
    drwx------.  3 tdsec    users      78 Sep 28 10:09 tdsec
    drwx------.  4     1006     1006  113 Dec  4 14:16 user01
    #删除用户[user01](已删除的用户帐户和他的主目录)
    [root@lianglab ~]# userdel -r user01
    userdel: user 'user01' does not exist
    [root@lianglab ~]# userdel -r lianglab
    
    

    [5] 添加到wheel组用户免密切换root账号设置步骤。

     vi /etc/sudoers
    
    ## Same thing without a password
    %wheel        ALL=(ALL)       NOPASSWD: ALL  #添加这段内容后,wheel组用户,切换到root不需要知道root密码。
    
    
    
    [root@lianglab ~]# su - centos
    [centos@lianglab ~]$ id
    uid=1005(centos) gid=1005(centos) groups=1005(centos),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
    [centos@lianglab ~]$
    [centos@lianglab ~]$ sudo su -  ##免密切换到root账号。
    [root@lianglab ~]#
    
    
    
    2、防火墙和SELinux

    [1] 可以如下所示显示FireWall服务状态。(默认启用)

    [root@lianglab ~]#  systemctl status firewalld
    ● firewalld.service - firewalld - dynamic firewall daemon
       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
       Active: active (running) since Fri 2020-12-04 14:23:39 CST; 1h 10min ago
         Docs: man:firewalld(1)
     Main PID: 199682 (firewalld)
        Tasks: 2 (limit: 49642)
       Memory: 28.1M
       CGroup: /system.slice/firewalld.service
               └─199682 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid
    
    Dec 04 14:23:38 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
    Dec 04 14:23:39 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
    Dec 04 14:23:39 lianglab firewalld[199682]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option.
    
    
    
    

    [活动:活动(正在运行)***]表示firewalld正在运行
    [2] 如果您使用FireWall服务,则它需要手动修改FireWall设置,因为默认情况下大多数情况下不允许传入服务请求。

    有关防火墙的基本操作和设置,请参见此处。

    [3] 如果由于某些原因(例如某些FireWall计算机在您的本地Netowrk中运行)而不需要FireWall服务,则可以像下面这样在CentOS服务器上停止和禁用FireWall服务。
    #停止服务

    停止防火墙、并禁用防火墙
    
    [root@lianglab ~]# systemctl stop firewalld
    [root@lianglab ~]# systemctl disable firewalld
    [root@lianglab ~]# systemctl status  firewalld
    ● firewalld.service - firewalld - dynamic firewall daemon
       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
       Active: inactive (dead)
         Docs: man:firewalld(1)
    
    Dec 04 14:23:38 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
    Dec 04 14:23:39 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
    Dec 04 14:23:39 lianglab firewalld[199682]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will b>
    Dec 04 15:36:01 lianglab systemd[1]: Stopping firewalld - dynamic firewall daemon...
    Dec 04 15:36:01 lianglab systemd[1]: Stopped firewalld - dynamic firewall daemon.
    
    
    

    [4] 可以如下显示当前的SELinux(增强安全性的Linux)状态。(默认启用)

    [root@lianglab ~]# getenforce
    Permissive #允许
    [root@lianglab ~]#

    [5] 如果启用SELinux,则有时会手动修改SELinux策略,因为SELinux有时会停止应用程序。
    有关SELinux的基本操作和设置,请参见此处。
    该站点上CentOS 8的配置示例基于SELinux始终在执行的环境。

    [6] 如果由于某些原因(例如您的服务器仅在本地安全网络中运行)或某些其他原因而不需要SELinux功能,则可以如下禁用SELinux。

    vi  /etc/selinux/config
    
    SELINUX=disabled
    

    #重新启动计算机以应用设置

    [root@lianglab ~]# reboot
    
    
    3、网络设置
    [root@lianglab ~]# hostnamectl set-hostname www.lianglab.cn    ##设置主机名
    #显示设备
    [root@lianglab ~]#  nmcli device
    DEVICE       TYPE      STATE      CONNECTION
    ens3         ethernet  connected  ens3
    cni-podman0  bridge    connected  cni-podman0
    lo           loopback  unmanaged  --
    
    
    #设置IPv4地址
    [root@lianglab ~]# nmcli connection modify ens3 ipv4.addresses 10.0.0.30/24
    #设置网关
    [root@lianglab ~]# nmcli connection modify ens3 ipv4.gateway 10.0.0.1
    #设置DNS
    [root@lianglab ~]# nmcli connection modify ens3 ipv4.dns 10.0.0.1
    #设置手动进行静态设置(对于DHCP为[auto])
    [root@lianglab ~]# nmcli connection modify ens3 ipv4.method manual
    #重新启动界面以重新加载设置
    [root@lianglab ~]# nmcli connection down ens3; nmcli connection up ens3
    
    
    #显示设置
    [root@lianglab ~]#  nmcli device show ens3
    GENERAL.DEVICE:                         ens3
    GENERAL.TYPE:                           ethernet
    GENERAL.HWADDR:                         FA:57:3D:27:AB:00
    GENERAL.MTU:                            1500
    GENERAL.STATE:                          100 (connected)
    GENERAL.CONNECTION:                     ens3
    GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveConnection/1
    WIRED-PROPERTIES.CARRIER:               on
    IP4.ADDRESS[1]:                         192.168.6.58/24
    IP4.GATEWAY:                            192.168.6.1
    IP4.ROUTE[1]:                           dst = 0.0.0.0/0, nh = 192.168.6.1, mt = 100
    IP4.ROUTE[2]:                           dst = 169.254.169.254/32, nh = 192.168.6.194, mt = 100
    IP4.ROUTE[3]:                           dst = 192.168.6.0/24, nh = 0.0.0.0, mt = 100
    IP4.DNS[1]:                             223.5.5.5
    IP6.ADDRESS[1]:                         fe80::63b:d0b2:2d5b:e779/64
    IP6.GATEWAY:                            --
    IP6.ROUTE[1]:                           dst = fe80::/64, nh = ::, mt = 100
    [root@lianglab ~]#
    
    #显示状态
    [root@lianglab ~]# ip addr show
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
    2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
        link/ether fa:57:3d:27:ab:00 brd ff:ff:ff:ff:ff:ff
        inet 192.168.6.58/24 brd 192.168.6.255 scope global noprefixroute ens3
           valid_lft forever preferred_lft forever
    3: cni-podman0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
        link/ether 0a:2f:7d:c4:06:59 brd ff:ff:ff:ff:ff:ff
        inet 10.88.0.1/16 brd 10.88.255.255 scope global cni-podman0
           valid_lft forever preferred_lft forever
    [root@lianglab ~]#
    

    [2] 如果您不需要IPv6,则可以如下禁用它。

    [root@lianglab ~]# cat /etc/default/grub
    GRUB_TIMEOUT=5
    GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
    GRUB_DEFAULT=saved
    GRUB_DISABLE_SUBMENU=true
    GRUB_TERMINAL_OUTPUT="console"
    GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet ipv6.disable=1"
    GRUB_DISABLE_RECOVERY="true"
    GRUB_ENABLE_BLSCFG=true
    [root@lianglab ~]#  grub2-mkconfig -o /boot/grub2/grub.cfg
    Generating grub configuration file 
    done
    
    [root@lianglab ~]# reboot
    
    
    
    4、启动或禁用服务

    [1] 可以如下显示服务状态。
    #现在活动的服务列表

    [root@lianglab ~]#  systemctl -t service
    UNIT                                                                                      LOAD   ACTIVE SUB     DESCRIPTION
    atd.service                                                                               loaded active running Job spooling tools
    auditd.service                                                                            loaded active running Security Auditing Service
    avahi-daemon.service                                                                      loaded active running Avahi mDNS/DNS-SD Stack
    crond.service                                                                             loaded active running Command Scheduler
    cups.service                                                                              loaded active running CUPS Scheduler
    dbus.service                                                                              loaded active running D-Bus System Message Bus
    dracut-shutdown.service                                                                   loaded active exited  Restore /run/initramfs on shutdown
    getty@tty1.service                                                                        loaded active running Getty on tty1
    gssproxy.service                                                                          loaded active running GSSAPI Proxy Daemon
    import-state.service                                                                      loaded active exited  Import network configuration from initramfs
    irqbalance.service                                                                        loaded active running irqbalance daemon
    iscsi-shutdown.service                                                                    loaded active exited  Logout off all iSCSI sessions on shutdown
    
    
    

    #所有服务清单

    [root@lianglab ~]# systemctl list-unit-files -t service
    UNIT FILE                                  STATE
    accounts-daemon.service                    enabled
    alsa-restore.service                       static
    alsa-state.service                         static
    anaconda-direct.service                    static
    anaconda-nm-config.service                 static
    anaconda-noshell.service                   static
    anaconda-pre.service                       static
    anaconda-shell@.service                    static
    anaconda-sshd.service                      static
    anaconda-tmux@.service                     static
    anaconda.service                           static
    arp-ethers.service                         disabled
    atd.service                                enabled
    auditd.service                             enabled
    auth-rpcgss-module.service                 static
    autovt@.service                            enabled
    avahi-daemon.service                       enabled
    blivet.service                             static
    blk-availability.service                   disabled
    bluetooth.service                          enabled
    bolt.service                               static
    brltty.service                             disabled
    btattach-bcm@.service                      static
    canberra-system-bootup.service             disabled
    canberra-system-shutdown-reboot.service    disabled
    canberra-system-shutdown.service           disabled
    chrony-dnssrv@.service                     static
    chrony-wait.service                        disabled
    chronyd.service                            disabled
    clean-mount-point@.service                 static
    cockpit-motd.service                       static
    cockpit-wsinstance-http-redirect.service   static
    cockpit-wsinstance-http.service            static
    
    

    [2] 如果需要,请停止并关闭服务的自动启动设置。

    [root@lianglab ~]# systemctl status  smartd
    ● smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
       Loaded: loaded (/usr/lib/systemd/system/smartd.service; enabled; vendor preset: enabled)
       Active: active (running) since Thu 2020-11-19 14:57:30 CST; 2 weeks 1 days ago
         Docs: man:smartd(8)
               man:smartd.conf(5)
     Main PID: 691 (smartd)
        Tasks: 1 (limit: 49642)
       Memory: 2.8M
       CGroup: /system.slice/smartd.service
               └─691 /usr/sbin/smartd -n -q never
    
    Nov 19 14:57:30 centos8 systemd[1]: Started Self Monitoring and Reporting Technology (SMART) Daemon.
    Nov 19 14:57:31 centos8 smartd[691]: smartd 6.6 2017-11-05 r4594 [x86_64-linux-4.18.0-193.el8.x86_64] (local build)
    Nov 19 14:57:31 centos8 smartd[691]: Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
    Nov 19 14:57:31 centos8 smartd[691]: Opened configuration file /etc/smartmontools/smartd.conf
    Nov 19 14:57:31 centos8 smartd[691]: Configuration file /etc/smartmontools/smartd.conf was parsed, found DEVICESCAN, scanning devices
    Nov 19 14:57:31 centos8 smartd[691]: DEVICESCAN failed: glob(3) aborted matching pattern /dev/discs/disc*
    Nov 19 14:57:31 centos8 smartd[691]: In the system's table of devices NO devices found to scan
    Nov 19 14:57:31 centos8 smartd[691]: Monitoring 0 ATA/SATA, 0 SCSI/SAS and 0 NVMe devices
    [root@lianglab ~]# systemctl stop   smartd
    [root@lianglab ~]# systemctl disable  smartd
    Removed /etc/systemd/system/multi-user.target.wants/smartd.service.
    [root@lianglab ~]# systemctl status  smartd
    ● smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
       Loaded: loaded (/usr/lib/systemd/system/smartd.service; disabled; vendor preset: enabled)
       Active: inactive (dead)
         Docs: man:smartd(8)
               man:smartd.conf(5)
    
    Nov 19 14:57:30 centos8 systemd[1]: Started Self Monitoring and Reporting Technology (SMART) Daemon.
    Nov 19 14:57:31 centos8 smartd[691]: smartd 6.6 2017-11-05 r4594 [x86_64-linux-4.18.0-193.el8.x86_64] (local build)
    Nov 19 14:57:31 centos8 smartd[691]: Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
    Nov 19 14:57:31 centos8 smartd[691]: Opened configuration file /etc/smartmontools/smartd.conf
    Nov 19 14:57:31 centos8 smartd[691]: Configuration file /etc/smartmontools/smartd.conf was parsed, found DEVICESCAN, scanning devices
    Nov 19 14:57:31 centos8 smartd[691]: DEVICESCAN failed: glob(3) aborted matching pattern /dev/discs/disc*
    Nov 19 14:57:31 centos8 smartd[691]: In the system's table of devices NO devices found to scan
    Nov 19 14:57:31 centos8 smartd[691]: Monitoring 0 ATA/SATA, 0 SCSI/SAS and 0 NVMe devices
    Dec 04 16:37:19 lianglab systemd[1]: Stopping Self Monitoring and Reporting Technology (SMART) Daemon...
    Dec 04 16:37:19 lianglab systemd[1]: Stopped Self Monitoring and Reporting Technology (SMART) Daemon.
    [root@lianglab ~]#
    
    
    5、更新CentOS系统

    RHEL 8 / CentOS 8上的软件包管理工具DNF(Dandified YUM)已设置为默认值。
    但是,[yum]命令也作为指向[dnf]的链接而存在,因此可以以相同的用法使用[yum]或[dnf]。

    实际上,RedHat上的官方文档使用RHEL 8的[yum]命令给出了示例

    (此站点上的文档使用[dnf]命令提供了示例)。

    [1] [yum]和[dnf]链接到[dnf-3]命令。

    [root@lianglab ~]# which yum
    /usr/bin/yum
    [root@lianglab ~]# ll /usr/bin/yum
    lrwxrwxrwx. 1 root root 5 Apr 25  2020 /usr/bin/yum -> dnf-3
    [root@lianglab ~]# which dnf
    /usr/bin/dnf
    [root@lianglab ~]# ll /usr/bin/dnf
    lrwxrwxrwx. 1 root root 5 Apr 25  2020 /usr/bin/dnf -> dnf-3
    [root@lianglab ~]# ll /usr/bin/dnf-3
    -rwxr-xr-x. 1 root root 1954 Apr 25  2020 /usr/bin/dnf-3
    [root@lianglab ~]#
    [root@lianglab ~]#
    [root@lianglab ~]#
    [root@lianglab ~]# rpm -aq | grep yum
    yum-utils-4.0.12-3.el8.noarch
    yum-4.2.17-6.el8.noarch
    [root@lianglab ~]# rpm -q yum
    yum-4.2.17-6.el8.noarch
    [root@lianglab ~]# rpm -ql yum
    /etc/dnf/protected.d/yum.conf
    /etc/yum.conf
    /etc/yum/pluginconf.d
    /etc/yum/protected.d
    /etc/yum/vars
    /usr/bin/yum
    /usr/share/man/man1/yum-aliases.1.gz
    /usr/share/man/man5/yum.conf.5.gz
    /usr/share/man/man8/yum-shell.8.gz
    /usr/share/man/man8/yum.8.gz
    [root@lianglab ~]# ll  /etc/yum.conf
    lrwxrwxrwx. 1 root root 12 Apr 25  2020 /etc/yum.conf -> dnf/dnf.conf
    [root@lianglab ~]# ll /etc/yum/vars
    lrwxrwxrwx. 1 root root 11 Apr 25  2020 /etc/yum/vars -> ../dnf/vars
    [root@lianglab ~]# rpm -aq | grep dnf
    python3-dnf-plugin-spacewalk-2.8.5-11.module_el8.1.0+211+ad6c0bc7.noarch
    python3-dnf-plugins-core-4.0.12-3.el8.noarch
    dnf-plugins-core-4.0.12-3.el8.noarch
    dnf-data-4.2.17-6.el8.noarch
    libdnf-0.39.1-5.el8.x86_64
    python3-dnf-4.2.17-6.el8.noarch
    dnf-plugin-spacewalk-2.8.5-11.module_el8.1.0+211+ad6c0bc7.noarch
    dnf-4.2.17-6.el8.noarch
    python3-libdnf-0.39.1-5.el8.x86_64
    dnf-plugin-subscription-manager-1.26.16-1.el8.0.1.x86_64
    [root@lianglab ~]# rpm -ql dnf
    /usr/bin/dnf
    /usr/lib/systemd/system/dnf-makecache.service
    /usr/lib/systemd/system/dnf-makecache.timer
    /usr/share/bash-completion
    /usr/share/bash-completion/completions
    /usr/share/bash-completion/completions/dnf
    
    

    [2] 在CentOS服务器成为生产系统之后,可能很难更新系统,但是至少在安装后,将CentOS服务器更新为最新版本。

    anaconda-ks.cfg  initial-setup-ks.cfg
    [root@lianglab ~]# dnf -y upgrade
    Last metadata expiration check: 0:47:05 ago on Fri 04 Dec 2020 03:57:36 PM CST.
    Dependencies resolved.
    ==================================================================================================================================================
     Package                                          Architecture     Version                                              Repository           Size
    ==================================================================================================================================================
    Installing:
     kernel                                           x86_64           4.18.0-193.28.1.el8_2                                base                2.8 M
     kernel-core                                      x86_64           4.18.0-193.28.1.el8_2                                base                 28 M
     kernel-modules                                   x86_64           4.18.0-193.28.1.el8_2                                base                 23 M
    Upgrading:
    
    Installing dependencies:
     lttng-ust                                        x86_64           2.8.1-11.el8                                         AppStream           259 k
    --------------------------------------省略------------------------------------
    
    Transaction Summary
    ==================================================================================================================================================
    Install    4 Packages
    Upgrade  106 Packages
    
    Total download size: 256 M
    Downloading Packages:
    (1/110): kernel-4.18.0-193.28.1.el8_2.x86_64.rpm                                                                   26 MB/s | 2.8 MB     00:00
    (2/110): lttng-ust-2.8.1-11.el8.x86_64.rpm                                                                         12 MB/s | 259 kB     00:00
    (3/110): librados2-14.2.15-0.el8.x86_64.rpm                                                                        13 MB/s | 3.5 MB     00:
    --------------------------------------省略------------------------------------
    (110/110): firefox-78.4.0-1.el8_2.x86_64.rpm                                                                                                                                     49 MB/s | 105 MB     00:02
    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total                                                                                                                                                                            67 MB/s | 256 MB     00:03
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
      Preparing        :                                                                                                                                                                                        1/1
      Running scriptlet: zlib-1.2.11-16.el8_2.x86_64                                                                                                                                                            1/1
      Upgrading        : zlib-1.2.11-16.el8_2.x86_64                                                                                                                                                          1/216
      Upgrading        : glusterfs-libs-6.0-37.el8.x86_64                                                                                                                                                     2/216
      Running scriptlet: glusterfs-libs-6.0-37.el8.x86_64                                                                                                                                                     2/216
    
    
    --------------------------------------省略------------------------------------
    
      teamd-1.29-1.el8_2.2.x86_64                                                                             tzdata-2020d-1.el8.noarch
      unbound-libs-1.7.3-11.el8_2.x86_64                                                                      yum-4.2.17-7.el8_2.noarch
      yum-utils-4.0.12-4.el8_2.noarch                                                                         zlib-1.2.11-16.el8_2.x86_64
    
    Installed:
      kernel-4.18.0-193.28.1.el8_2.x86_64               kernel-core-4.18.0-193.28.1.el8_2.x86_64               kernel-modules-4.18.0-193.28.1.el8_2.x86_64               lttng-ust-2.8.1-11.el8.x86_64
    
    Complete!
    
    
    
    6、使用Moduler存储库

    可以在首次集成到Fedora 28中的RHEL 8 / CentOS 8上使用Moduler信息库。
    [1] 显示可用的模块。

    [root@lianglab ~]# dnf module list
    
    CentOS-8 - AppStream
    Name                   Stream        Profiles                                  Summary
    389-ds                 1.4                                                     389 Directory Server (base)
    ant                    1.10 [d]      common [d]                                Java build tool
    container-tools        rhel8 [d][e]  common [d]                                Common tools and dependencies for container runtimes
    container-tools        1.0           common [d]                                Common tools and dependencies for container runtimes
    container-tools        2.0           common [d]                                Common tools and dependencies for container 
    rust-toolset           rhel8 [d]     common [d]                                Rust
    satellite-5-client     1.0 [d][e]    common [d], gui                           Red Hat Satellite 5 client packages
    scala                  2.10 [d]      common [d]                                A hybrid functional/object-oriented language for the JVM
    squid                  4 [d]         common [d]                                Squid - Optimising Web Delivery
    subversion             1.10 [d]      common [d], server                        Apache Subversion
    swig                   3.0 [d]       common [d], complete                      Connects C/C++/Objective C to some high-level programming languages
    varnish                6 [d]         common [d]                                Varnish HTTP cache
    virt                   rhel [d][e]   common [d]                                Virtualization module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    
    
    
    
    
    

    [2] 要安装可用模块,请按如下所示进行配置。

    [root@lianglab ~]# dnf module list postgresql
    CentOS-8 - AppStream
    Name                            Stream                      Profiles                                Summary
    postgresql                      9.6                         client, server [d]                      PostgreSQL server and client module
    postgresql                      10 [d]                      client, server [d]                      PostgreSQL server and client module
    postgresql                      12                          client, server [d]                      PostgreSQL server and client module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    [root@lianglab ~]#
    
    #安装 postgresql 10 这个版本
    [root@lianglab ~]# dnf module install postgresql:10
    Dependencies resolved.
    ============================================================================================================================================================
     Package                              Architecture              Version                                                  Repository                    Size
    ============================================================================================================================================================
    Installing group/module packages:
     postgresql-server                    x86_64                    10.14-1.module_el8.2.0+487+53cc39ce                      AppStream                    5.0 M
    Installing dependencies:
     libpq                                x86_64                    12.4-1.el8_2                                             AppStream                    195 k
     postgresql                           x86_64                    10.14-1.module_el8.2.0+487+53cc39ce                      AppStream                    1.5 M
    Installing module profiles:
     postgresql/server
    Enabling module streams:
     postgresql                                                     10
    
    Transaction Summary
    ============================================================================================================================================================
    Install  3 Packages
    
    Total download size: 6.7 M
    Installed size: 26 M
    Is this ok [y/N]: y
    Downloading Packages:
    (1/3): libpq-12.4-1.el8_2.x86_64.rpm                                                                                        609 kB/s | 195 kB     00:00
    (2/3): postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64.rpm                                                            3.5 MB/s | 1.5 MB     00:00
    (3/3): postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64.rpm                                                     8.6 MB/s | 5.0 MB     00:00
    ------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total                                                                                                                       5.4 MB/s | 6.7 MB     00:01
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
      Preparing        :                                                                                                                                    1/1
      Installing       : libpq-12.4-1.el8_2.x86_64                                                                                                          1/3
      Installing       : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                              2/3
      Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                       3/3
      Installing       : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                       3/3
      Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                       3/3
      Verifying        : libpq-12.4-1.el8_2.x86_64                                                                                                          1/3
      Verifying        : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                              2/3
      Verifying        : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                       3/3
    Installed products updated.
    
    Installed:
      libpq-12.4-1.el8_2.x86_64     postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64     postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
    
    Complete!
    [root@lianglab ~]#
    
    [root@lianglab ~]# dnf module list postgresql
    
    CentOS-8 - AppStream
    Name                           Stream                       Profiles                                  Summary
    postgresql                     9.6                          client, server [d]                        PostgreSQL server and client module
    postgresql                     10 [d][e]                    client, server [d] [i]                    PostgreSQL server and client module
    postgresql                     12                           client, server [d]                        PostgreSQL server and client module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    [root@lianglab ~]#  dnf module provides postgresql
    
    postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
    Module   : postgresql:10:8020020200917114337:6a468ee4:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    
    postgresql-12.1-2.module_el8.1.0+273+979c16e6.x86_64
    Module   : postgresql:12:8010020200205032101:cdc1202b:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    
    postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
    Module   : postgresql:9.6:8000020190628020724:55190bc5:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    [root@lianglab ~]# postgres -V
    postgres (PostgreSQL) 10.14
    [root@lianglab ~]#
    
    
    #首先重设切换
    

    [3] 如果您想更改为已安装模块的另一个版本,请按以下步骤进行配置。
    例如,从上面[2]上安装的PostgreSQL 10切换到PostgreSQL 9.6。

    
    [root@lianglab ~]#
    [root@lianglab ~]# dnf module list postgresql   ###
    
    Last metadata expiration check: 0:28:05 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    CentOS-8 - AppStream
    Name                                          Stream                                       Profiles                                                  Summary
    postgresql                                    9.6                                          client, server [d]                                        PostgreSQL server and client module
    postgresql                                    10 [d][e]                                    client, server [d] [i]                                    PostgreSQL server and client module
    postgresql                                    12                                           client, server [d]                                        PostgreSQL server and client module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    [root@lianglab ~]# dnf module reset postgresql      ####首先重设切换
    Last metadata expiration check: 0:28:46 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    Dependencies resolved.
    ==========================================================================================================================================================================================================================
     Package                                              Architecture                                        Version                                              Repository                                            Size
    ==========================================================================================================================================================================================================================
    Disabling module profiles:
     postgresql/server
    Resetting modules:
     postgresql
    
    Transaction Summary
    ==========================================================================================================================================================================================================================
    
    Is this ok [y/N]: y
    Complete!
    [root@lianglab ~]# postgres -V
    postgres (PostgreSQL) 10.14
    [root@lianglab ~]# dnf module list postgresql 
    Last metadata expiration check: 0:29:19 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    CentOS-8 - AppStream
    Name                                            Stream                                      Profiles                                               Summary
    postgresql                                      9.6                                         client, server [d]                                     PostgreSQL server and client module
    postgresql                                      10 [d]                                      client, server [d]                                     PostgreSQL server and client module
    postgresql                                      12                                          client, server [d]                                     PostgreSQL server and client module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    [root@lianglab ~]# dnf module install postgresql:9.6        #安装PostgreSQL 9.6
    Last metadata expiration check: 0:29:38 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    Dependencies resolved.
    ==========================================================================================================================================================================================================================
     Package                                              Architecture                              Version                                                                Repository                                    Size
    ==========================================================================================================================================================================================================================
    Downgrading:
     postgresql                                           x86_64                                    9.6.10-1.module_el8.0.0+16+7a9f6089                                    AppStream                                    1.4 M
     postgresql-server                                    x86_64                                    9.6.10-1.module_el8.0.0+16+7a9f6089                                    AppStream                                    5.0 M
    Installing module profiles:
     postgresql/server
    Enabling module streams:
     postgresql                                                                                     9.6
    
    Transaction Summary
    ==========================================================================================================================================================================================================================
    Downgrade  2 Packages
    
    Total download size: 6.4 M
    Is this ok [y/N]: y
    Downloading Packages:
    (1/2): postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64.rpm                                                                                                                          4.0 MB/s | 1.4 MB     00:00
    (2/2): postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64.rpm                                                                                                                   9.4 MB/s | 5.0 MB     00:00
    --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
    Total                                                                                                                                                                                     6.5 MB/s | 6.4 MB     00:00
    Running transaction check
    Transaction check succeeded.
    Running transaction test
    Transaction test succeeded.
    Running transaction
      Preparing        :                                                                                                                                                                                                  1/1
      Running scriptlet: postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                            1/1
      Downgrading      : postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                            1/4
      Running scriptlet: postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                     2/4
      Downgrading      : postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                     2/4
      Running scriptlet: postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                     2/4
      Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                     3/4
      Cleanup          : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                     3/4
      Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                     3/4
      Cleanup          : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                            4/4
      Running scriptlet: postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                            4/4
      Verifying        : postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                            1/4
      Verifying        : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                            2/4
      Verifying        : postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                                                                                                     3/4
      Verifying        : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64                                                                                                                                     4/4
    Installed products updated.
    
    Downgraded:
      postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64                                                    postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
    
    Complete!
    [root@lianglab ~]# dnf module list postgresql        #[PostgreSQL 9.6]的状态变为[e]启用
    Last metadata expiration check: 0:29:58 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    CentOS-8 - AppStream
    Name                                           Stream                                     Profiles                                                  Summary
    postgresql                                     9.6 [e]                                    client, server [d] [i]                                    PostgreSQL server and client module
    postgresql                                     10 [d]                                     client, server [d]                                        PostgreSQL server and client module
    postgresql                                     12                                         client, server [d]                                        PostgreSQL server and client module
    
    Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
    ###提示:[d]故障,[e]启用,[x]禁用,[i]安装
    [root@lianglab ~]# dnf module provides postgresql
    Last metadata expiration check: 0:30:12 ago on Fri 04 Dec 2020 04:51:39 PM CST.
    postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
    Module   : postgresql:10:8020020200917114337:6a468ee4:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    
    postgresql-12.1-2.module_el8.1.0+273+979c16e6.x86_64
    Module   : postgresql:12:8010020200205032101:cdc1202b:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    
    postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
    Module   : postgresql:9.6:8000020190628020724:55190bc5:x86_64
    Profiles : client
    Repo     : AppStream
    Summary  : PostgreSQL server and client module
    [root@lianglab ~]# postgres -V
    postgres (PostgreSQL) 9.6.10
    
    
    
    
    7、使用web管理控制台

    Cockpit管理控制台与CentOS 8基本环境[服务器]或其他一起安装。可以在Web浏览器上管理CentOS服务器以启用它。
    [1] 在控制台登录提示上,如[激活Web控制台***]之类的消息所示,可以使用管理控制台启用它。

    启动cockpit 服务并配置firwalld

    [root@lianglab yum.repos.d]#  systemctl enable --now cockpit.socket
    Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.
    [root@lianglab yum.repos.d]#
    [root@lianglab yum.repos.d]#
    [root@lianglab yum.repos.d]#
    [root@lianglab yum.repos.d]#
                                              users:(("systemd",pid=1,fd=27))
    [root@lianglab yum.repos.d]# ss -napt
    State     Recv-Q    Send-Q       Local Address:Port        Peer Address:Port
    LISTEN    0         128                0.0.0.0:5355             0.0.0.0:*         users:(("systemd-resolve",pid=907,fd=13))
    LISTEN    0         128                0.0.0.0:111              0.0.0.0:*         users:(("rpcbind",pid=653,fd=4),("systemd",pid=1,fd=100))
    LISTEN    0         511                0.0.0.0:80               0.0.0.0:*         users:(("nginx",pid=1073,fd=10),("nginx",pid=1070,fd=10),("nginx",pid=1068,fd=10),("nginx",pid=1067,fd=10),("nginx",pid=1059,fd=10))
    LISTEN    0         128                0.0.0.0:22               0.0.0.0:*         users:(("sshd",pid=739,fd=4))
    LISTEN    0         5                127.0.0.1:631              0.0.0.0:*         users:(("cupsd",pid=733,fd=9))
    ESTAB     0         0             192.168.6.58:22          10.57.237.13:53974     users:(("sshd",pid=196985,fd=5),("sshd",pid=196937,fd=5))
    ESTAB     0         0             192.168.6.58:22          10.57.237.13:57232     users:(("sshd",pid=194458,fd=5),("sshd",pid=194373,fd=5))
    ESTAB     0         48            192.168.6.58:22          10.57.237.13:53973     users:(("sshd",pid=196938,fd=5),("sshd",pid=196933,fd=5))
    ESTAB     0         0             192.168.6.58:22          10.57.237.13:57231     users:(("sshd",pid=194390,fd=5),("sshd",pid=194369,fd=5))
    LISTEN    0         128                   [::]:5355                [::]:*         users:(("systemd-resolve",pid=907,fd=15))
    LISTEN    0         128                   [::]:111                 [::]:*         users:(("rpcbind",pid=653,fd=6),("systemd",pid=1,fd=102))
    LISTEN    0         128                   [::]:22                  [::]:*         users:(("sshd",pid=739,fd=6))
    LISTEN    0         5                    [::1]:631                 [::]:*         users:(("cupsd",pid=733,fd=8))
    LISTEN    0         128                      *:9090                   *:*         users:(("systemd",pid=1,fd=27))
    [root@lianglab yum.repos.d]# firewall-cmd --list-service
    FirewallD is not running
    [root@lianglab yum.repos.d]# systemctl start firewalld
    [root@lianglab yum.repos.d]# firewall-cmd --list-service
    cockpit dhcpv6-client ssh
    [root@lianglab yum.repos.d]# systemctl stop firewalld
    [root@lianglab yum.repos.d]# systemctl start firewalld
    [root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
    Warning: ALREADY_ENABLED: cockpit
    success
    [root@lianglab yum.repos.d]# firewall-cmd --reload
    success
    [root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
    Warning: ALREADY_ENABLED: cockpit
    success
    [root@lianglab yum.repos.d]# systemctl enable --now cockpit.socket
    [root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
    Warning: ALREADY_ENABLED: cockpit
    success
    [root@lianglab yum.repos.d]# systemctl status firewalld
    ● firewalld.service - firewalld - dynamic firewall daemon
       Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
       Active: active (running) since Fri 2020-12-04 17:37:44 CST; 1min 1s ago
         Docs: man:firewalld(1)
     Main PID: 249340 (firewalld)
        Tasks: 3 (limit: 49642)
       Memory: 26.3M
       CGroup: /system.slice/firewalld.service
               └─249340 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid
    
    Dec 04 17:37:43 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
    Dec 04 17:37:44 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
    Dec 04 17:37:44 lianglab firewalld[249340]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.
    Dec 04 17:37:50 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
    Dec 04 17:37:59 lianglab firewalld[249340]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.
    Dec 04 17:38:02 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
    Dec 04 17:38:26 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
    [root@lianglab yum.repos.d]# systemctl status cockpit.socket
    ● cockpit.socket - Cockpit Web Service Socket
       Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
       Active: active (listening) since Fri 2020-12-04 17:36:29 CST; 2min 26s ago
         Docs: man:cockpit-ws(8)
       Listen: [::]:9090 (Stream)
        Tasks: 0 (limit: 49642)
       Memory: 992.0K
       CGroup: /system.slice/cockpit.socket
    Dec 04 17:36:29 lianglab systemd[1]: Starting Cockpit Web Service Socket.
    Dec 04 17:36:29 lianglab systemd[1]: Listening on Cockpit Web Service Socket.
    [root@lianglab yum.repos.d]#
    
    
    
    
    

    [2] 使用Web浏览器从本地主机或客户端计算机访问[https://(服务器的主机名或IP地址):9090 /],然后显示Cockpit登录表单,如下所示。使用服务器上的本地用户登录。在此示例中,显示了使用root用户登录。

    [3] 这是座舱索引页面。可以在此处管理各种系统设置。

    [4] 对于左窗格中的[日志],可以管理或操作作为日志管理工具的[日志]服务。

    [5] 对于左窗格中的[存储],可以管理或操作存储。

    [6] 对于左窗格中的[网络],可以管理或操作网络设置。

    [7] 对于左窗格中的[帐户],可以管理或操作系统帐户。

    [8] 对于左窗格中的[服务],可以管理或操作系统服务。

    [9] 对于左窗格中的[Applications],可以安装或删除应用程序。

    [10] 对于左窗格上的[诊断报告],可以创建或查看系统诊断报告。

    [11] 对于左窗格中的[SELinux],可能会看到SELinux警报日志。(基于SELinux启用状态)

    [12] 对于左窗格上的[软件更新],可以确认更新或运行更新程序包。

    [13] 对于左窗格中的[Terminal],可以直接使用命令来操作系统。

    8、vim设置
    9、其他个性化设置

    广告时间:


    • 关于我 :全国7*24高效代维服务
    • 微信:lianglab
    • QQ:867266199
    • 淘宝店全国7*24高效代维服务
    • 全国高效代维:为中小型企业,提供云计算咨询代维、架构设计、降低成本。
  • 相关阅读:
    你现在的技能,是不是只剩下给别人点赞了?
    web编码(转)
    Android 官方文档:(二)应用清单 —— 2.26 &lt;uses-permission&gt;标签
    BackTrack5 (BT5)无线password破解教程之WPA/WPA2-PSK型无线password破解
    开源 java CMS
    EM算法原理
    OpenCV2马拉松第14圈——边缘检測(Sobel,prewitt,roberts)
    winzip15.0注冊码
    什么是积分墙?
    Bitmap工具类
  • 原文地址:https://www.cnblogs.com/lianglab/p/14086530.html
Copyright © 2011-2022 走看看