學習筆記二 ： 系統環境配置

一 切換環境變量爲中文的方法

1.查看當前環境變量信息 

localectl list-locales 

2.設置環境變量

vi /etc/locale.conf

LANG="zh_CN.utf8"

或者

[root@server ~]# localectl set-locale LANG="en_US.UTF-8"

3.從新加載環境變量

. /etc/profile

二 時間和日期設置

timedatectl

hwclock

[root@server ~]# timedatectl

      Local time: Tue 2016-08-23 18:13:05 CST

  Universal time: Tue 2016-08-23 10:13:05 UTC

        RTC time: Tue 2016-08-23 10:13:05

        Timezone: Asia/Chongqing (CST, +0800)

     NTP enabled: n/a

NTP synchronized: no

 RTC in local TZ: no

      DST active: n/a

[root@server ~]# 

2.2 更改日期

[root@server ~]# timedatectl set-time 2017-06-02

[root@server ~]# date

Fri Jun  2 00:00:01 CST 2017

[root@server ~]#

2.3 更改時間

root@server ~]# timedatectl set-time 10:15:15

[root@server ~]# date

Fri Jun  2 10:15:17 CST 2017

[root@server ~]# 

2.3 更改時區

顯示時區

timedatectl list-timezones

更改時區

[root@server ~]# timedatectl set-timezone America/Inuvik

[root@server ~]# date

Thu Jun  1 20:18:00 MDT 2017

[root@server ~]# date

Thu Jun  1 20:18:02 MDT 2017

[root@server ~]# timedatectl

      Local time: Thu 2017-06-01 20:18:06 MDT

  Universal time: Fri 2017-06-02 02:18:06 UTC

        RTC time: Fri 2017-06-02 02:18:06

        Timezone: America/Inuvik (MDT, -0600)

     NTP enabled: n/a

NTP synchronized: no

 RTC in local TZ: no

      DST active: yes

 Last DST change: DST began at

                  Sun 2017-03-12 01:59:59 MST

                  Sun 2017-03-12 03:00:00 MDT

 Next DST change: DST ends (the clock jumps one hour backwards) at

                  Sun 2017-11-05 01:59:59 MDT

                  Sun 2017-11-05 01:00:00 MST

[root@server ~]# 

2.4 date命令

date --utc

date +"format"

date +"%Y-%m-%d %H:%M"

date更改日期命令

[root@server ~]# date +%F -s 2017-08-23

2017-08-23

[root@server ~]# date

Wed Aug 23 00:00:01 MDT 2017

[root@server ~]# date +"%Y-%m-%d %H:%M"

2017-08-23 00:00

[root@server ~]# 

2.5 hwclock更改系統時間

[root@server ~]# hwclock --localtime

Fri 02 Jun 2017 02:21:26 AM MDT  -0.226614 seconds

[root@server ~]# 

設置

hwclock --set --date "2016-08-23 10:22:00"

同步

[root@server ~]# hwclock --systohc --localtime

[root@server ~]# date

Wed Aug 23 00:02:49 MDT 2017

[root@server ~]# hwclock

Wed 23 Aug 2017 12:02:56 AM MDT  -0.615255 seconds

[root@server ~]#

2.6  配置和監控chronyd

/etc/chrony.conf

systemctl restart chronyd

chronyc sources -v

2.7 案例：調整系統時間

timedatectl list-timezones

chronyc sources

chronyd  /etc/chrony.conf

timedatectl

timedatectl set-timezone

restart the chronyd service.

2.8 案例： 分析日誌系統

• 配置日誌文件

• 顯示全部systemd 最近30分鐘的日誌來自服務器serverX

• 配置rsyslogd規則/etc/rsyslog.d/auth-errors.conf,根據優先級，輸出到/var/log/auth-errors

  使用logger命令驗證

• 
  

 

三 包管理

1. 檢查升級包

yum check-update

yum update rpm

2.搜索包

yum search meld kompare

3.列出包

yum list all

4.列出倉庫

yum repolist

yum repoinfo

yum repolist -v

yum info abrt

yumdb info yum

yum install /usr/sbin/named

5. 列出組包

yum groups summary

yum groups  list bolb

yum group list ids

yum group install roupid

yum group install "GOME Desktop"

yum history list

6. 建立一個創庫

 yum install createrepo

createrepo --database /mnt/local_repo

7. 安裝圖形界面

yum group install "GNOME Desktop"

配置自動啓動：

ln -sf /lib/systemd/system/runlevel5.target /etc/systemd/system/default.target

四 用戶管理

1 usermod

-c 

-g

-G

-a

-d

-m

-s

-L      lock a user account

-U      unlock a user account

2.userdel 

userdel -r username   removes the user and the user's home direcotry

3. passwd

change password

4. UID

uid 0 root

uid 1-200  a range of "system users"

uid 201-999 a range of "system users"

uid 1000+ 

5. change

change -d 0 username   will force a password update on next login.

change -l username    will list a username's current settings.

change -e YYYY-MM-DD  will expire an account on a specific day.

6.權限

r

w

x

chmod

chown

umask

umask案例實驗

7. ACL

ACL能夠更加細化設置權限，知足用戶訪問需求。

1. 怎麼開啓ACL，設置ACL權限

查看文件的ACL

getfacl file

設置ACL setfacl

setfacl -m u:name:rX file

案例：設置目錄/shares/cases/* ,經過ACL須要知足下面條件。

  bakerstreet組能夠訪問cases目錄

  在羣組scotlandyard全部成員能夠執行，除jones只能讀外，其它人能夠讀寫cases目錄。

 再目錄新建一個文件將自動分配getfacl和擁有者

bakerstreet group:  holmes,watson

scotlandyard group: lestrade,gregson,jones

cases  directory: adventures.txt and moriarty.txt

chgrp -R bakerstreet /shares/cases

chmod g+s /shares/cases

chmod 660 /shares/cases/*

setfacl -Rm g:scotlandyard:rwX /shares/cases

setfacl -Rm u:jones:rX /shares/cases

setfacl -m d:g:scotlandyard:rwx /shares/cases

setfacl -m d:u:jones:rx /shares/cases

echo hello > holmes.txt

cat adventures.txt

mkdir holmes.dir

echo hello > holmes.dir/test.txt

getfacl holmes.dir

acl_spec has the pattern type:name:perms

五 LOG

systemd-journald  daemon provides an improved log management service that collects messages from kernel

rsyslog  service then sorts the syslog messages by type and priority,and writes them to persistent files in the /var/log directory

syslog priorities:

emerg,alert,crit,err ,warning,notice,info,debug

vi /etc/rsyslog.conf

*.emerg         /var/log/messages

2. log循環使用

可使用 logrotate

3.send調試信息logger

logger -p local7.notice "Log entry created on server"

案例：學習自定義日誌

4. journalctl

journalctl -n 5  show the last 10 log entries

journalctl -p err 

journalctl -f

journalctl --since "2016-08-20" --until "2016-09-20"

journalctl --since 9:00 _SYSTEMD_UNIT="sshd.service"

6.配置文件

/etc/systemd/journald.conf

五 啓動grub

POST 自檢

根據UEFI或MBR啓動BIOS

系統固件從硬盤讀取啓動配置grub

grub2-install

加載配置

/etc/grub.d  /etc/default/grub

1. 啓動模式
   

graphical.target

multi-user.target

rescue.target

emergency.target

systemctl list-dependencies graphical.target

systemctl list-units --type=target --all

2.設置默認配置

/etc/systemd/system/

systemctl get-default graphical.target

3.設置啓動時間

systemctl isolate multi-user.target

systemctl set-default multi-user.target

systemctl reboot

4.恢復root密碼

input : e

  linux16

rd.break

5.修復啓動程序