1、一、 Fedora系统配置1. 【设置网卡IP】步骤如下:1) 用root用户登陆,打开/etc/sysconfig/network-scripts/ifcfg-eth0文件注意:打开的文件要根据网卡来设置,如:网卡eth1的配置文件就是ifcfg-eth1。2) 设置以下内容:DEVICE=eth0BOOTPROTO=staticIPADDR=10.128.32.36NETMASK=255.0.0.0ONBOOT=yesGATEWAY=10.128.32.102说明:网卡GATEWAY不一定要设置在这个网卡配置文件中,也可以配置到/etc/sysconfig/network文件中,如下所示:
2、NETWORKING=yesNETWORKING_IPV6=yesHOSTNAME=localhost.localdomainGATEWAY=10.128.32.1023) 重启network服务rootlocalhost:/etc/sysconfig# service network restartShutting down interface eth0: OK Shutting down loopback interface: OK Bringing up loopback interface: OK Bringing up interface eth0: OK 2. 【启动telnet服
3、务】telnet服务是由xinetd(扩展的网络守护进程服务程序)守护的,所以很多配置都是在xinetd下进行。具体步骤如下:1) 检测telnet、telnet-server的rpm包是否安装rootlocalhost:/etc/sysconfig# rpm -qa | grep telnettelnet-0.17-37telnet-server-0.17-37主要看telnet-server有没有安装,如果没有要先把telnet-server安装起来(具体安装方法略)。2) 修改telnet服务配置文件Fedora默认是不开通telnet服务的,所以需要手动配置开启:rootlocalho
4、st:/etc/sysconfig# vi /etc/xinetd.d/telnetservice telnet flags = REUSE socket_type = stream wait = no user = root server = /usr/sbin/in.telnetd log_on_failure += USERID disable = yes将disable项屏蔽或者改为no: disable = no3) 修改Fedora下另一个telnet配置文件对于Red-Hat系统,修改到telnet文件就可以了,但是Fedora对权限的管理比Red-Hat严格,还需要修改同一个目
5、录下的krb5-telnet,不然客户端会鉴权不通过而无法连接。rootlocalhost:/etc/xinetd.d# ls *telnet*ekrb5-telnet krb5-telnet telnetrootlocalhost:/etc/xinetd.d# vi krb5-telnetservice telnet flags = REUSE socket_type = stream wait = no user = root server = /usr/kerberos/sbin/telnetd log_on_failure += USERID disable = no将disable项
6、屏蔽或者改为no: disable = no注意:在权限和鉴权方面,Fedora和Red-Hat一样,都要让防火墙允许telnet连接。一般,可以直接关闭防火墙,否则就必须用setup工具配置一下。4) 重新启动xinetd守护进程rootlocalhost:/etc/xinetd.d# service xinetd restartStopping xinetd: OK Starting xinetd: OK 3. 【启动FTP服务】FTP守护进程是vsftpd,开启步骤如下:1) 检测ftp、lftp的rpm包是否安装rootlocalhost:/etc/xinetd.d# rpm -qa
7、| grep ftpgftp-2.0.18-3.2.2lftp-3.5.1-2.fc6vsftpd-2.0.5-8tftp-server-0.42-3.1ftp-0.17-33.fc6tftp-0.42-3.12) 配置开启ftp服务运行setup,在system service中选中vsftpd按空格选中,然后quit。3) 关闭SeLinux的安全设置和Red-Hat不同,Fedora存在一个SELinux的安全机制管理,需要撤销SELinux对ftp的安全设置,FTP才能正常登陆,不然会报“500OOPS:cannotchangedirectory”的错误。执行下面的语句即可:rootl
8、ocalhost:/etc/xinetd.d# setsebool ftpd_disable_trans 1注意:一旦重启该命令就会失效,所以最好的办法是在X界面下,点击菜单“System”“Administration”“Security Level and Firewall”,将选项SELinux设置为“Disable”,然后重启系统,就可以保持这个设置了。4)重启FTP服务rootlocalhost:/etc/xinetd.d# service vsftpd restartShutting down vsftpd: OK Starting vsftpd for vsftpd: OK 4.
9、 【设置开机自动执行】设置方法如下:1)用root用户登陆2)vi /etc/rc.local3)添加要开机执行的语句,如果是一个脚本文件,注意要绝对路径#!/bin/sh# This script will be executed *after* all the other init scripts.# You can put your own initialization stuff in here if you dont# want to do the full Sys V style init stuff.touch /var/lock/subsys/localsetsebool ft
10、pd_disable_trans 1service vsftpd restart5. 【设置自动关机】自动关机可以在crontab中设置。假设希望每天23:50关机,设置方法如下:1)用root登陆2)vi /etc/crontab3)在文件最后添加以下语句:50 23 * * * root shutdown -h now6. 【设置允许root登陆telnet】设置方法如下:1)用root登陆2)vi /etc/pam.d/login3)注释该文件第一行内容: #%PAM-1.0 #auth required /lib/security/pam_securetty.so auth requi
11、red /lib/security/pam_stack.so service=system-auth auth required /lib/security/pam_nologin.so account required /lib/security/pam_stack.so service=system-auth password required /lib/security/pam_stack.so service=system-auth session required /lib/security/pam_stack.so service=system-auth session optio
12、nal /lib/security/pam_console.so 7. 【设置允许root登陆ftp】普通方式下,如果/etc/vsftpd/vsftpd.conf文件中有如下内容:userlist_enable=YESuserlist_file=/etc/vsftpd.user_listpam_service_name=vsftpd只需在/etc/vsftpd/user_list和/etc/vsftpd/ftpuser文件中删除root即可做到root用户ftp登陆。具体方法如下:1)用root登陆2)vi /etc/vsftpd/user_list,注释root:# vsftpd user
13、list# If userlist_deny=NO, only allow users in this file# If userlist_deny=YES (default), never allow users in this file, and# do not even prompt for a password.# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers# for users that are denied.#rootbindaemonadmlpsyncshutdownhaltma
14、ilnewsuucpoperatorgamesnobody3)vi /etc/vsftpd/ftpusers,注释root:# Users that are not allowed to login via ftp#rootbindaemonadmlpsyncshutdownhaltmailnewsuucpoperatorgamesnobody8. 【设置提示符】Bash下具体设置方法如下:1)用户登陆2)vi .profile或者vi .bashrc3)添加如下语句(该设置的效果是“用户名主机名:路径名#”):export PS1=uh:w# (注意,如果对所有用户设定,以上语句追加到/et
15、c/profile。)4)重新登陆,登陆显示为:chyylocalhost:/Documents/ftp资料# 顺便提一下,在CSH或TCSH下,应该修改.cshrc或.tcshrc文件,修改语句是:set prompt=whoamihostname:pwd# 9. 【设置默认语言】设置方法如下:1)用root用户登陆2)vi /etc/sysconfig/i18n该文件内容是:LANG=zh_CN.UTF-8SYSFONT=latarcyrheb-sun16SUPPORTED=zh_CN.UTF-8:zh_CN:zh3)修改为:LANG=en_US.UTF-8SUPPORTED=en_US.
16、UTF-8:en_US:enSYSFONT=latarcyrheb-sun1610. 【设置默认启动系统】设置方法如下:1)用root用户登陆2)cp /boot/grub/menu.lst /boot/grub/menu.lst.bak3)vi /boot/grub/menu.lst4)从0开始数title,那个title下的操作系统是默认,就将default设置为该title对应的序数示例,以下内容中,如果default为0,代表默认从Fedora启动;为1,代表从Windows启动:#boot=/dev/hdadefault=0timeout=5splashimage=(hd0,6)/b
17、oot/grub/splash.xpm.gzhiddenmenutitle Fedora Core (2.6.18-1.2798.fc6xen) root (hd0,6) kernel /boot/xen.gz-2.6.18-1.2798.fc6 module /boot/vmlinuz-2.6.18-1.2798.fc6xen ro root=LABEL=/1 rhgb quiet module /boot/initrd-2.6.18-1.2798.fc6xen.imgtitle Dos rootnoverify (hd0,0) chainloader +111. 【设置Telnet下的Vi
18、m颜色】设置方法如下:1)用户登陆2)cp /usr/share/vim/vim70/vimrc_example.vim .vimrc3)vi .vimrc,添加如下蓝色语句(最好手动敲入,的输入方式是Ctrl-v然后输入Esc)if &t_Co 2 | has(gui_running) syntax on set hlsearchendif added by chyyif !has(gui_running) syntax on set t_Co=8 set t_Sf=3%p1%dm set t_Sb=4%p1%dm colorscheme desertendif4)在SecureCRT的模拟
19、终端类型选择ANSI,并钩上ANSI Color5)如果需要更换颜色设置,更改colorscheme一句即可,例如:colorscheme default小窍门:如果不清楚有哪些颜色选项的话,可以用vi打开一个.c文件,键入”: colorscheme“,键入空格,然后敲TAB按钮,vi会自动切换各种颜色选项的名称。6)注意,某些vimrc_example.vim文件中有个bug: In an xterm the mouse should work quite well, thus enable it.set mouse=a在非xterm环境(如Telnet)下,该句会导致vi无法正常运行,建
20、议修改如下: In an xterm the mouse should work quite well, thus enable it.if has(gui_running) set mouse=aendif12. 【启动samba服务】设置方法如下:1)启动smb服务service smb start2)开启suseLinux权限setsebool -P samba_enable_home_dirs on注意:如果想开机自动启动smb服务,将上述两句命令加入/etc/rc.d/rc.local即可。二、 Linux常用系统命令1. 【crontab定时任务设置】Crontab文件放在/etc
21、/下,其内容一般是:rootlocalhost:/etc# cat crontabSHELL=/bin/bashPATH=/sbin:/bin:/usr/sbin:/usr/binMAILTO=rootHOME=/# run-parts01 * * * * root run-parts /etc/cron.hourly02 4 * * * root run-parts /etc/cron.daily22 4 * * 0 root run-parts /etc/cron.weekly42 4 1 * * root run-parts /etc/cron.monthly格式说明如下:第一道第五个字
22、段的整数取值范围及意义是:059 表示分123 表示小时131 表示日112 表示月份06 表示星期(其中0表示星期日)2. 【shutdown关机】用man查询命令:rootlocalhost:/etc# man shutdownSHUTDOWN(8) Linux System Administrator鈥檚 Manual SHUTDOWN(8)NAME shutdown - bring the system downSYNOPSIS /sbin/shutdown -t sec -arkhncfFHP time warning-messageDESCRIPTION shutdown brin
23、gs the system down in a secure way. All logged-in users are notified that the system is going down, and login(1) is blocked. It is possible to shut the system down immediately or after a specified delay. All processes are first notified that the system is going down by the signal SIGTERM. This gives
24、 programs like vi(1) the time to save the file being edited, mail and news pro-cessing programs a chance to exit cleanly, etc. shutdown does its job by signalling the init pro- cess, asking it to change the runlevel. Runlevel 0 is used to halt the system, runlevel 6 is used to reboot the system, and
25、 runlevel 1 is used to put to system into a state where administrative tasks can be performed; this is the default if neither the -h or -r flag is given to shutdown. To see which actions are taken on halt or reboot see the appropriate entries for these runlevels in the file /etc/inittab.OPTIONS -a U
26、se /etc/shutdown.allow. -t sec Tell init(8) to wait sec seconds between sending processes the warning and the kill signal, before changing to another runlevel. -k Don鈥檛 really shutdown; only send the warning messages to everybody. -r Reboot after shutdown. -h Halt or poweroff after shutdown. -H Halt
27、 action is to halt or drop into boot monitor on systems that support it. -P Halt action is to turn off the power. -n DEPRECATED Don鈥檛 call init(8) to do the shutdown but do it ourself. The use of this option is discouraged, and its results are not always what you鈥檇 expect. -f Skip fsck on reboot. -F
28、 Force fsck on reboot. -c Cancel an already running shutdown. With this option it is of course not possible to give the time argument, but you can enter a explanatory message on the command line that will be sent to all users. time When to shutdown. warning-message Message to send to all users. The
29、time argument can have different formats. First, it can be an absolute time in the format hh:mm, in which hh is the hour (1 or 2 digits) and mm is the minute of the hour (in two digits). Second, it can be in the format +m, in which m is the number of minutes to wait. The word now is an alias for +0.
30、命令示例:shutdown -h now 立即关机shutdown -h 50 50分钟后关机shutdown t 54000 15小时后自动关机3. 【rpm软件安装卸载工具】1) 查询rpm软件包:rpm -qa | grep xxx2) 安装rpm软件包:rpm -ivh xxx.rpm3) 卸载rpm软件包:rpm -e xxx4) 修复rpm库(执行以前先备份/var/lib/rpm目录):rpm-rebuilddb4. 【mount挂载磁盘】1)挂载u盘:mount-tvfat/dev/sda1/mnt/u2)挂载Windows磁盘:mount -t vfat /dev/hda1
31、/mnt/c -o iocharset=cp936, codepage=9363)挂载iso系统:mount /mnt/e/linux/fc6.iso /root/iso/ -o loop4)挂载光盘:mount /dev/cdrom -t iso9660 /media/cdrom4)挂载远程Windows共享目录:mount -t cifs -o username=administrator,password=123456 192.168.1.20:Download /mnt/share 其中administrator和123456分别是用户名和密码,192.168.1.20是Win IP,
32、Download是共享目录,/mnt/share是挂载目录(必须首先创建好)5. 【date查询和设置系统时间】用man查询命令:NAME date - print or set the system date and timeSYNOPSIS date OPTION. +FORMAT date -u|-utc|-universal MMDDhhmmCCYY.ssDESCRIPTION Display the current time in the given FORMAT, or set the system date. -d, -date=STRING display time descr
33、ibed by STRING, not 鈥榥ow鈥? -f, -file=DATEFILE like -date once for each line of DATEFILE -s, -set=STRING set time described by STRING -u, -utc, -universal print or set Coordinated Universal Time示例一,查询系统时间:chenyaya:# dateMon Feb 1 11:52:33 CST 2010示例二,设置系统时间:chenyaya:# date -s 12:31:00Mon Feb 1 12:31:
34、00 CST 2010示例二,设置系统时间:chenyaya:# date -u 0201123110Mon Feb 1 12:31:00 UTC 2010chenyaya:# dateMon Feb 1 20:31:00 CST 20106. 【groupadd增加用户组】语法结构是:groupadd-ggidgroup说明: g制定组的ID号 gid组的ID号(不能与现有的组ID号重复) group组名 示例:#groupaddg100sun7. 【netstat查询网络端口】语法结构是:rootlocalhost # netstat -helpusage: netstat -veenNc
35、CF -r netstat -V|-version|-h|-help netstat -vnNcaeol . netstat -veenNac -I | -veenNac -i | -cnNe -M | -s delay -r, -route display routing table -I, -interfaces= display interface table for -i, -interfaces display interface table -g, -groups display multicast group memberships -s, -statistics display
36、 networking statistics (like SNMP) -M, -masquerade display masqueraded connections -v, -verbose be verbose -n, -numeric dont resolve names -numeric-hosts dont resolve host names -numeric-ports dont resolve port names -numeric-users dont resolve user names -N, -symbolic resolve hardware names -e, -ex
37、tend display other/more information -p, -programs display PID/Program name for sockets -c, -continuous continuous listing -l, -listening display listening server sockets -a, -all, -listening display all sockets (default: connected) -o, -timers display timers -F, -fib display Forwarding Information B
38、ase (default) -C, -cache display routing cache instead of FIB -T, -notrim stop trimming long addresses -Z, -context display SELinux security context for sockets : Name of interface to monitor/list. =-t|-tcp -u|-udp -S|-sctp -w|-raw -x|-unix -ax25 -ipx -netrom =Use -A or -; default: inet List of poss
39、ible address families (which support routing): inet (DARPA Internet) inet6 (IPv6) ax25 (AMPR AX.25) netrom (AMPR NET/ROM) ipx (Novell IPX) ddp (Appletalk DDP) x25 (CCITT X.25)示例:查询所有端口和相应的程序,不解析主机名rootlocalhost # netstat -anpActive Internet connections (servers and established)Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program nametcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 822/rpcbindtcp 0 0 0.0.0.0:56912 0.0.0.0:* LISTEN 835/rpc.statdtcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1405/sshdtcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 902/cupsdtcp 0 0 127.0.0.1:25
浙ICP备2021020529号-1 | 浙B2-20240490 
