ETC Common configuration information under Linux

Source: Internet
Author: User
Tags hostname lookup nameserver fully qualified domain name

These are more practical system configuration, collection, in case of a rainy future! The following are the important configuration files explained under etc:


#文件格式: IPaddress hostname aliases

#文件功能: Provide the host name to the IP address of the corresponding relationship, it is recommended to use their own frequently used host

# Join this file, you can also add a machine without DNS records to this file, it will be convenient for network applications

The system has the following two default, it is recommended to keep:

#cat/etc/hosts127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4    :: 1         localhost localhost.localdomain localhost6 localhost6.localdomain6

New additions such as: {Must have three fields: IP, FQDN (fully qualified domain name/full name), HOSTNAME} JX


File Features: DNS client configuration file, setting the IP address and DNS domain name of the DNS server

Files associated with it:/etc/host.conf

File format:

DomainName Domain Name

Search domain

NameServer primary_dns_server_ip_address

NameServer second_dns_server_ip_address

where domainname and search can exist at the same time, there can be only one; nameserver can specify multiple

Sample file Contents:




Function: Specifies the hostname lookup method, which usually refers to finding the file/etc/hosts, and then requesting the DNS server when it is not found.

(For most users, do not change this file content)

The file contents can have the following:

Order Bind,hosts

Multi on

Nospoof on


Order bind,hosts--> Specifies the sequence of host name queries, where DNS is used to resolve domain names before querying "/etc/hosts" files (or vice versa)
Multi on--> Specifies whether the host specified in the "/etc/hosts" file can have more than one address, and a host with multiple IP addresses is generally called a multi-homed host
Nospoof on--> means IP address spoofing is not allowed on this server (IP spoofing is a means of attacking system security by disguising IP addresses as other computers to obtain trust from other computers)


Old version or other version is inetd.conf, in Redhat new version/etc/inetd.conf file is gone, instead of/etc/ XINETD.D files, each file is a service launched in inetd mode, the same as the previous inetd.conf, just changed the format of the file

It is the Internet's Super server, which holds the database that the system provides the Internet service, through which you can control the services, such as turning on/off a service to make them run more safely. Related programs:/usr/sbin/inetd

Corresponding services:

Telnet, FTP, Nrpe, POP3

Each valid entry in the base should contain the following fields:
* Service Name
* Socket Type
* Protocol Type
* Wait/nowait[.max]
* User name [. Group]
* Service Procedure
* Parameters of the service program

--The service name is a valid service name defined in the/etc/services file (such as Telnet,echo, etc.)

--The Socket Type field contains the following types of fields:
* Stream-stram
* Dgram-datagram
* Raw-raw
* rdm-reliabl! Y delivered message
* seqpacket-sequenced Packet

--The protocol type field must be a type that has already been defined in the/etc/protocols file (for example, TCP and UDP), and the SUN-RPC service should precede the protocol with "rpc/" (such as rpc/tcp or RPC/UDP)

--wait are used only for packet sockets, others use the nowait parameter. If the service is multithreaded, it means that the socket XINETD process can receive more messages with "nowait" entries after the connection is established with the peer. If the service is single-threaded, the service will handle all incoming packets in the same socket until the timeout, in which case the "Wait" entry is used. Max parameter, separated by a point and wait/nowait, defines the maximum number of instances that the inetd process produces in a minute

--user domain defines the consumer of the service. Group parameter, separated by a point and user name, defines the group ID that can run the service except in the/etc/passwd file

--The service program is the full path of the program that executes when the socket is requested. If it is a service built into the inted process, it should be "internally" here

---The service program parameter provider runs the required parameters, similarly, if it is a built-in service, it is also "internally"

Look at a Telnet instance:

/USR/SBIN/TCPD in.telnetd
* Service Name: Telnet
* Socket Type: Stream
* Protocol type: TCP
* Wait/nowait[.max]: Nowait
* User name [. Group]: Root
* Service procedure:/USR/SBIN/TCPD
* Parameter: in.telnetd

Opening and closing of services

Very simple, just add a # comment before the service you want to close, such as:
#telnet Stream TCP nowait ROOT/USR/SBIN/TCPD in.telnetd
At this point, the Telnet service is closed! If you want to open it, just remove the #

5,/etc/hosts.allow and/etc/hosts.deny
/etc/hosts.allow settings allow machines that use the XINETD service, such as all:210.38 to allow all requests from 210.38.x.x
/etc/hosts.deny setting a machine that does not allow the use of XINETD services


Older or other versions of Linux will also have this file/etc/netmasks

The main function of the file is routing table, other functions, such as adding static route, delete route, etc. can refer to man

Some examples:

#route add-net dlrin GW DLRIN-GW#route add-net netmask eth0#route add-net 210.38.2 06.23 netmask GW        #route add-net * * GW Add default GW

  7,/etc/passwd --User password file

   /etc/issue System Station TIP information (for main console)

/etc/ Display information when Telnet

   /ETC/MOTD message (can be empty) after the user enters the system

 /etc/ dynamic link library file directory list



The NFS (Network file system) Server output filesystem table, which defines the format:

/mnt/iso (Rw,sync)

Among the parameters are:

Set options Description

Sync sets the NFS server to synchronize the write disk so that data is not easily lost and NFS server recommends this option

Ro Set Output shared directory read-only, with RW pick-up can be used simultaneously

RW Set the output of the shared directory can read and write, and RO can not be used together


9,/ETC/BASHRC and/ETC/CSH.CSHRC and/etc/profile
where/ETC/BASHRC [all called BASH (Bourne Again Shell) RunTime Command Shell Script] uses the most
Default environment settings for system users: PATH, umask, term Type
/ETC/CSH.CSHRC [csh Runtime COmmand]


Root list of devices to log in, Tty[1-8] device on the main console, ttyp* (LINUX) Telnet terminal (telnet, SSH) device

The system does not want users to log in when they want to shut down, resulting in this file, the content of the file is displayed to the user about the denial of connection information, the user can not enter the system at this time. If this file is present when the system restarts, no user can use the system after the machine starts, consider removing the file from a floppy disk or CD-ROM boot, and then restarting the system

Set those terminals can let the root login, generally set to only the console users may use root, and in Redhat use the PAM mechanism, the corresponding file is/etc/securetty

/etc/x11/* XFree86 window configuration file

A shell list that the user can use, and if you forcibly modify the/etc/passwd file, you can also use a shell program that is not in the list, but for a user who is not in the shell, you will not be able to connect to the system using FTP

The information file that the system creates at startup, content is the file system that already mount, this file content is updated dynamically, can refer to/proc/mounts

ETC Common configuration information under Linux

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.