Linux基础设置
来自CloudWiki
目录
安全设置
selinux配置
(关闭高级安全功能)
修改配置文件:永久生效,但是需重启;执行setenforce 0 立即生效
[root@controller ~]# sed -i 's/SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config 永久性生效 或者用vi /etc/selinux/config把配置改成如下配置,其余项不变: SELINUX=permissive [root@controller ~]# getenforce Enforcing [root@controller ~]# setenforce 0 仅当前生效 [root@controller ~]# getenforce Permissive
修改配置文件永久生效 需要重启 执行setenforce 0 立即生效
关闭防火墙
[root@controller ~]# systemctl stop iptables //暂时性关闭 [root@controller ~]# systemctl disable iptables //永久性关闭 Removed symlink /etc/systemd/system/basic.target.wants/iptables.service. [root@controller ~]# systemctl stop firewalld.service [root@controller ~]# systemctl disable firewalld.service
验证
重启节点,
sudo reboot
执行以下命令
[root@controller ~]# getenforce Permissive [root@controller ~]# systemctl status firewalld.service â— firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Nov 19 17:08:01 controller systemd[1]: Starting... Nov 19 17:08:04 controller systemd[1]: Started ... Nov 19 18:45:25 controller systemd[1]: Stopping... Nov 19 18:45:26 controller systemd[1]: Stopped ... Hint: Some lines were ellipsized, use -l to show in full.
网络设置
关闭NetworkManager
[root@controller ~]# systemctl stop NetworkManager [root@controller ~]# systemctl disable NetworkManager
删除软件包
yum remove -y NetworkManager firewalld
启动传统网络管理
service network restart
配置网络安装仓库(yum源)
挂载iso文件
在光驱上挂载iso文件(CentOS-7-x86_64-DVD-1511.iso或类似文件):
把右下角的光盘连接按钮连接上:
重启电脑
【挂载CentOS-7-x86_64-DVD-1511.iso】
[root@controller ~]# mkdir /mnt/centos [root@controller ~]# mount -o loop /dev/sr0 /mnt/centos(此命令没有任何输出,如果有输出就说明发生了错误) [root@controller ~]# ls /mnt/centos CentOS_BuildTag EULA images LiveOS repodata RPM-GPG-KEY-CentOS-Testing-7 EFI GPL isolinux Packages RPM-GPG-KEY-CentOS-7 TRANS.TBL
配置自动挂载:
vi /etc/fstab
# # /etc/fstab # Created by anaconda on Tue Oct 22 19:20:51 2019 # # Accessible filesystems, by reference, are maintained under '/dev/disk' # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info # UUID=c02a9b7b-9e56-4580-b5e4-583aaf573d42 / xfs defaults 0 0 UUID=45a950fe-c13c-4cc6-8d96-78c2e49e8e9e /boot xfs defaults 0 0 UUID=a436eb7c-f073-4c52-809c-ec1a83bad38c swap swap defaults 0 0 /dev/sr0 /mnt/centos iso9660 defaults 0 0
重启之后 ls /mnt/centos验证
配置repo文件
控制节点
yum源备份
[root@controller ~]mv /etc/yum.repos.d/* /opt/
创建repo文件
[root@controller ~]# cd /etc/yum.repos.d
[root@controller yum.repos.d]# ls
[root@controller yum.repos.d]# pwd
/etc/yum.repos.d
确保当前目录是此目录
[root@controller yum.repos.d]# vi local.repo
[centos] name=centos baseurl=file:///mnt/centos gpgcheck=0 enabled=1
验证:
清除缓存,验证yum源
yum clean all
yum repolist
Loaded plugins: fastestmirror centos | 3.6 kB 00:00 iaas | 2.9 kB 00:00 (1/3): centos/group_gz | 155 kB 00:00 (2/3): centos/primary_db | 2.8 MB 00:00 (3/3): iaas/primary_db | 2.3 MB 00:00 Determining fastest mirrors repo id repo name status centos centos 3,723 iaas iaas 1,681 repolist: 5,404
排错
错误1 yum repolist 输出文件过多
[root@localhost ~]# ls /etc/yum.repos.d local.repo [root@localhost ~]# cd /etc/yum.repos.d [root@localhost yum.repos.d]# rm -rf Cen*.repo
错误2 yum repolist输出文件为0
做如下检查:
[root@localhost yum.repos.d]# cat /etc/yum.repos.d/local.repo [centos] name=centos baseurl=file:///mnt/centos gpgcheck=0 enabled=1 [root@localhost yum.repos.d]# ls /mnt/centos CentOS_BuildTag images repodata EFI isolinux RPM-GPG-KEY-CentOS-7 EULA LiveOS RPM-GPG-KEY-CentOS-Testing-7 GPL Packages TRANS.TBL [root@localhost yum.repos.d]# mount -o loop /dev/sr0 /mnt/centos
做快照时一般做关机快照,不建议做开机快照
