About SUSE linux

1. About the prompt

In SUSElinux:

localhost:~ # set|grep PS1PS1=$'\\[\E[1m\E[31m\\]\\h:\\w # \\[\E(B\E[m\\]'localhost:~ #

In centos Linux:

[root@localhost ~]# set|grep PS1PS1='[\u@\h \W]\$ '[root@localhost ~]#

2. Modify the Host Name

In SUSElinux:

night:~ # cat /etc/HOSTNAMEnightnight:~ #

In centos Linux:

[root@localhost ~]# cat /etc/sysconfig/networkNETWORKING=yesNETWORKING_IPV6=noHOSTNAME=localhost.localdomainGATEWAY=192.168.100.1[root@localhost ~]#

3. About ip/gateway/dns

In SUSElinux:

Night :~ # Cat/etc/sysconfig/network/ifcfg-eth0BOOTPROTO = 'static '// obtain BROADCAST = ''ethtool _ OPTIONS = ''IPADDR = '2017 in static mode. 168.100.210/24 '// ip address and subnet mask MTU = ''NAME = '82540em Gigabit Ethernet Controller' NETWORK ='' REMOTE _ IPADDR = ''STARTMODE = 'auto' // boot activate Nic USERCONTROL = 'no' night: ~ # Cat/etc/sysconfig/network/routesdefault 192.168.100.1--night :~ # Cat/etc/resolv. conf ###/etc/resolv. conf file autogenerated by netconfig! # Before you change this file manually, consider to define the # static DNS configuration using the following variables in the #/etc/sysconfig/network/config file: # NETCONFIG_DNS_STATIC_SEARCHLIST # tables # NETCONFIG_DNS_FORWARDER # or disable DNS configuration updates via netconfig by setting: # NETCONFIG_DNS_POLICY = ''# See also the netconfig (8) manual page and other documentat Ion. # Note: Manual change of this file disables netconfig too, but # may get lost when this file contains comments or empty lines # only, the netconfig settings are same with settings in this # file and in case of a "netconfig update-f" call. #### Please remove (at least) this line when you modify the file! Search localdomainnameserver 192.168.100.1nameserver 8.8.8night :~ #

In centos Linux:

[Root @ localhost ~] # Cat/etc/sysconfig/network-scripts/ifcfg-eth0 # Intel Corporation 82540EM Gigabit Ethernet ControllerDEVICE = eth0 // device name BOOTPROTO = static // static mode BROADCAST = 192.168.100.255 // BROADCAST address HWADDR = 08: 00: 27: 8E: 37: 90 // NIC address IPADDR = 192.168.100.200 // ip address NETMASK = 255.255.255.0 // subnet mask NETWORK = 192.168.100.0 // NETWORK address ONBOOT = yes // enable Nic upon startup [root @ localhost ~] # Cat/etc/sysconfig/networkNETWORKING = yesNETWORKING_IPV6 = noHOSTNAME = localhost. localdomainGATEWAY = 192.168.100.1 [root @ localhost ~] # Cat/etc/resolv. confnameserver 192.168.100.1nameserver 8.8.8.8search localhost [root @ localhost ~] #

The method for restarting the network is the same:/etc/init. d/networkstart | stop | restart

4. View versions

In SUSElinux:

night:~ # cat /etc/issueWelcome to SUSE Linux Enterprise Server 11 SP2  (x86_64) - Kernel \r (\l).night:~ # lsb_release -aLSB Version:    core-2.0-noarch:core-3.2-noarch:core-4.0-noarch:core-2.0-x86_64:core-3.2-x86_64:core-4.0-x86_64:desktop-4.0-amd64:desktop-4.0-noarch:graphics-2.0-amd64:graphics-2.0-noarch:graphics-3.2-amd64:graphics-3.2-noarch:graphics-4.0-amd64:graphics-4.0-noarchDistributor ID: SUSE LINUXDescription:    SUSE Linux Enterprise Server 11 (x86_64)Release:        11Codename:       n/anight:~ #

In centos Linux:

[root@localhost ~]# cat /etc/issueCentOS release 5.9 (Final)Kernel \r on an \m[root@localhost ~]# cat /etc/redhat-releaseCentOS release 5.9 (Final)[root@localhost ~]# lsb_release -aLSB Version:    :core-4.0-amd64:core-4.0-ia32:core-4.0-noarch:graphics-4.0-amd64:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-amd64:printing-4.0-ia32:printing-4.0-noarchDistributor ID: CentOSDescription:    CentOS release 5.9 (Final)Release:        5.9Codename:       Final[root@localhost ~]#

5. About the hosts file

The two are the same

6. Manage Software Packages

In SUSElinux:

night:~ # rpm -qa | grep sshdyast2-sshd-2.17.2-1.21night:~ #

In centos Linux:

[root@localhost ~]# rpm -qa | grep sshopenssh-clients-4.3p2-82.el5openssh-askpass-4.3p2-82.el5openssh-4.3p2-82.el5openssh-server-4.3p2-82.el5[root@localhost ~]#

In SUSElinux:

night:~ # zypper search ftpLoading repository data...Reading installed packages...S | Name              | Summary                                       | Type--+-------------------+-----------------------------------------------+-----------| atftp             | Advanced TFTP Server and Client               | package| atftp             | Advanced TFTP Server and Client               | srcpackagei | lukemftp          | Enhanced FTP Client                           | package| lukemftp          | Enhanced FTP Client                           | srcpackage| ncftp             | A Comfortable FTP Program                     | package| ncftp             | A Comfortable FTP Program                     | srcpackage| php5-ftp          | PHP5 Extension Module                         | package| php53-ftp         | PHP5 Extension Module                         | package| pure-ftpd         | A Lightweight, Fast, and Secure FTP Server    | package| pure-ftpd         | A Lightweight, Fast, and Secure FTP Server    | srcpackage| tftp              | Trivial File Transfer Protocol (TFTP)         | package| tftp              | Trivial File Transfer Protocol (TFTP)         | srcpackage| vsftpd            | Very Secure FTP Daemon - Written from Scratch | package| vsftpd            | Very Secure FTP Daemon - Written from Scratch | srcpackagei | yast2-ftp-server  | YaST2 - FTP configuration                     | package| yast2-ftp-server  | YaST2 - FTP configuration                     | srcpackagei | yast2-tftp-server | YaST2 - TFTP Server Configuration             | package| yast2-tftp-server | YaST2 - TFTP Server Configuration             | srcpackagenight:~ # zypper install vsftpdLoading repository data...Reading installed packages...Resolving package dependencies...The following NEW package is going to be installed:vsftpd1 new package to install.Overall download size: 126.0 KiB. After the operation, additional 290.0 KiB will be used.Continue? [y/n/?] (y): nnight:~ # yast2 -i vsftpdnight:~ #

In centos Linux:

[Root @ localhost ~] # Yum search ftpLoaded plugins: fastestmirror, securityLoading mirror speeds from cached hostfile * base: mirrors.neusoft.edu.cn * extras: mirrors.neusoft.edu.cn * updates: mirrors.neusoft.edu.cn ========================================== ========================================================== Matched: ftp ======================================================== ================================================================ bug-buddy.x86_64: A bug reporting utility For GNOMEesound. i386: allows several audio streams to be played on a single audio device. Esound. x86_64: allows several audio streams to be played on a single audio device. Esound-devel.i386: Development files for the EsounD program. Esound-devel.x86_64: Development files for the EsounD program. TPD. x86_64: GNOME Display Manager ....... Omitted ......

7. About user management

In SUSElinux:

night:~ # useradd --helpUsage: useradd ...useradd - create a new user-c comment     Set the GECOS field for the new account--show-defaults Print default values--save-defaults Save modified default values-D binddn      Use dn "binddn" to bind to the LDAP directory-d homedir     Home directory for the new user-e expire      Date on which the new account will be disabled-f inactive    Days after a password expires until account is disabled-G group,...   List of supplementary groups-g gid         Name/number of the users primary group-k skeldir     Specify an alternative skel directory-m             Create home directory for the new user-o             Allow duplicate (non-unique) UID-P path        Search passwd, shadow and group file in "path"-p password    Encrypted password as returned by crypt(3)-u uid         Force the new userid to be the given number-U umask       Umask value used for creating home directory-r, --system   Create a system account-s shell       Name of the user's login shell--service srv   Add account to nameservice 'srv'--help     Give this help list--usage    Give a short usage message-v, --version  Print program versionValid services for --service are: files, ldapnight:~ # useradd --show-defaultsGROUP=100HOME=/homeINACTIVE=-1EXPIRE=SHELL=/bin/bashSKEL=/etc/skelGROUPS=video,dialoutCREATE_MAIL_SPOOL=noUMASK=022night:~ # useradd testnight:~ # id testuid=1000(test) gid=100(users) groups=16(dialout),33(video),100(users)night:~ # grep test /etc/passwdtest:x:1000:100::/home/test:/bin/bashnight:~ # cat /etc/default/useraddGROUP=100HOME=/homeINACTIVE=-1EXPIRE=SHELL=/bin/bashSKEL=/etc/skelGROUPS=video,dialoutCREATE_MAIL_SPOOL=nonight:~ #

In centos Linux:

[root@localhost ~]# useradd --helpUsage: useradd [options] LOGINOptions:-b, --base-dir BASE_DIR       base directory for the new user accounthome directory-c, --comment COMMENT         set the GECOS field for the new user account-d, --home-dir HOME_DIR       home directory for the new user account-D, --defaults                print or save modified default useraddconfiguration-e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE-f, --inactive INACTIVE       set password inactive after expirationto INACTIVE-g, --gid GROUP               force use GROUP for the new user account-G, --groups GROUPS           list of supplementary groups for the newuser account-h, --help                    display this help message and exit-k, --skel SKEL_DIR           specify an alternative skel directory-K, --key KEY=VALUE           overrides /etc/login.defs defaults-m, --create-home             create home directory for the new useraccount-l,                       do not add user to lastlog database file-M,                       do not create user's home directory(overrides /etc/login.defs)-r,                       create system account-o, --non-unique              allow create user with duplicate(non-unique) UID-p, --password PASSWORD       use encrypted password for the new useraccount-s, --shell SHELL             the login shell for the new user account-u, --uid UID                 force use the UID for the new user account-Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping[root@localhost ~]# useradd -DGROUP=100HOME=/homeINACTIVE=-1EXPIRE=SHELL=/bin/bashSKEL=/etc/skelCREATE_MAIL_SPOOL=yes[root@localhost ~]# useradd test[root@localhost ~]# id testuid=500(test) gid=501(test) groups=501(test) context=root:system_r:unconfined_t:SystemLow-SystemHigh[root@localhost ~]# grep test /etc/passwdtest:x:500:501::/home/test:/bin/bash[root@localhost ~]# cat /etc/default/useradd# useradd defaults fileGROUP=100HOME=/homeINACTIVE=-1EXPIRE=SHELL=/bin/bashSKEL=/etc/skelCREATE_MAIL_SPOOL=yes[root@localhost ~]#

The Default User Group is quite different. At this time, we will find that SUSElinux does not generate a home directory for users. This can be done at this time.

night:~ # useradd -m testnight:~ # ll -d /home/test/drwxr-xr-x 5 test users 4096 Sep 26 19:42 /home/test/night:~ #

The permissions of this folder are different from those of CentOS.

8. About Firewall

In SUSElinux:

About the control program

night:~ # chkconfig --list | grep fireSuSEfirewall2_init        0:off  1:off  2:off  3:on   4:off  5:on   6:offSuSEfirewall2_setup       0:off  1:off  2:off  3:on   4:off  5:on   6:offnight:~ # which rcSuSEfirewall2/sbin/rcSuSEfirewall2night:~ # file /sbin/rcSuSEfirewall2/sbin/rcSuSEfirewall2: symbolic link to `/etc/init.d/SuSEfirewall2_setup'night:~ # /etc/init.d/SuSEfirewall2_initUsage: /etc/init.d/SuSEfirewall2_init {start|stop|status|restart|reload|force-reload}night:~ # /etc/init.d/SuSEfirewall2_setupUsage: /etc/init.d/SuSEfirewall2_setup {start|stop|status|restart|reload|force-reload}night:~ #

About the configuration file

Night :~ # Cat/etc/sysconfig/SuSEfirewall2 | grep-v ^ # | grep-v ^ $ FW_DEV_EXT = "any eth0" FW_DEV_INT = "" Scheme = "" FW_ROUTE = "no" FW_MASQUERADE = "no" FW_MASQ_DEV = "zone: ext "FW_MASQ_NETS =" 0/0 "FW_NOMASQ_NETS =" "FW_PROTECT_FROM_INT =" no "FW_SERVICES_EXT_TCP =" 22 "// modify the tcp port, multiple ports are separated by spaces. FW_SERVICES_EXT_UDP = "" FW_SERVICES_EXT_IP = "" FW_SERVICES_EXT_RPC = "" FW_CONFIGURATIONS_EXT = "" comment = "" comment = "" FW_SERV ICES_DMZ_IP = "" Bandwidth = "" FW_CONFIGURATIONS_DMZ = "" Bandwidth = "" FW_CONFIGURATIONS_INT = "" FW_SERVICES_DROP_EXT = "" Bandwidth = "" FW_SERVICES_DROP_INT = "" FW_SERVICES_REJECT_EXT = "" comment = "" FW_SERVICES_REJECT_INT = "" comment = "" FW_SERVICES_ACCEPT_INT = "FW_SERVICE" Warning = "" FW_FORWARD = "" FW_FORWARD_REJECT = "" FW_FORWARD_DROP = "" FW_FORWARD_MASQ = "" FW_REDIRECT = "" response = "yes" FW_LOG_DROP_ALL = "no" response = "yes" response = "no" FW_LOG_LIMIT = "" FW_LOG = "" FW_KERNEL_SECURITY = "yes" FW_STO P_KEEP_ROUTING_STATE = "no" FW_ALLOW_PING_FW = "yes" comment = "no" FW_ALLOW_PING_EXT = "no" comment = "" comment = "no" comment = "yes" leading = "no" leading = "no" leading = "" FW_CUSTOMRULES = "" FW_REJECT = "" FW_REJECT_INT = "yes" FW_HTB_TUNE_DEV = "" FW_IPv6 = "" Authorization = "" FW_IPSEC_TRUST = "no" FW_ZONES = "" Authorization = "" FW_LOAD_MODULES = "Authorization" leading = "" Authorization = "" FW_BOOT_FULL_INIT = "" night :~ #

In addition, you can define iptables rules as a shellscript and place it in/etc/init. d. Use chkconfig to manage iptables, which is more convenient and can be defined as a way to manage iptables similar to redhatcentos.

Alternatively, the commands to be started can be placed in the script/etc/init. d/after. local; the script does not exist by default. You can create it by yourself, after. local is called during system startup.

Note: If you use iptables scripts or iptables commands, set/etc/init. d/SuSEfirewall2_setup to off when starting the system!

Supplement: Some commands renamed by users in SUSElinux are stored in/etc/bash. bashrc, while those renamed in CentOS are stored in/etc/profile.

In centos Linux:

[root@localhost ~]# chkconfig --list|grep iptablesiptables        0:off   1:off   2:on    3:on    4:on    5:on    6:off[root@localhost ~]# /etc/init.d/iptablesUsage: /etc/init.d/iptables {start|stop|reload|restart|condrestart|status|panic|save}[root@localhost ~]# cat /etc/sysconfig/iptables# Firewall configuration written by system-config-securitylevel# Manual customization of this file is not recommended.*filter:INPUT ACCEPT [0:0]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [0:0]:RH-Firewall-1-INPUT - [0:0]-A INPUT -j RH-Firewall-1-INPUT-A FORWARD -j RH-Firewall-1-INPUT-A RH-Firewall-1-INPUT -i lo -j ACCEPT-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT-A RH-Firewall-1-INPUT -p 50 -j ACCEPT-A RH-Firewall-1-INPUT -p 51 -j ACCEPT-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibitedCOMMIT[root@localhost ~]#

9. About management tools

In SUSElinux, yast2 can do most of the work.

650) this. width = 650; "title =" 1.png" alt = "201134456.png" src =" http://www.bkjia.com/uploads/allimg/131227/2326104213-0.png "/>

In centos Linux:

650) this. width = 650; "title =" 2.png" alt = "201246451.png" src =" http://img1.51cto.com/attachment/201309/201246451.png "/>

10. Additional instructions: When securecrt is connected to SUSElinux, the system prompts key authentication. You can perform the following operations at this time:

Linux-08wz :~ # Vim/etc/ssh/sshd_configPubkeyAuthentication no # <= by default, it is annotated and yes. You only need to remove the annotation and change it to no ...... Linux-08wz :~ # Rcsshd restartShutting down SSH daemon doneStarting SSH daemon donelinux-08wz :~ #

This article is from "night★Linux O & M | DBA blog, please be sure to keep this source http://thinkdba.blog.51cto.com/7492507/1302340