RHEL 7--RHCSA Notes

First, reset the root password

Grub-->e---to "linux16" at the beginning of the line, and finally add "Rd.break" (virtual machine requires additional console=tty0)-->ctrl+x--Single user mode

switch_root:/# Mount-o Remount,rw/sysroot

switch_root:/# Chroot/sysroot

sh-4.2# echo Password | passwd--stdin Root

sh-4.2# Touch/.autorelabel (SELinux must be created when enabled)

sh-4.2# exit

switch_root:/# reboot

Second, NetworkManager management

Graphical command: Nm-connection-editor (ssh-x user name @IP address: Can be used for remote graphics applications)

Terminal command: NMCLI (all profiles added, modified, need to stop/start the configuration file for it to take effect)

(1) View, query

[[email protected] ~]# NMCLI device show(displays all currently active equipment information; same as IP a command display)

[[email protected] ~]# NMCLI connection show(Show all configurations)

[[email protected] ~]# NMCLI connection show--active(shows the configuration currently in effect)

[[email protected] ~]# NMCLI device Show "one Configuration"(only one configuration information is displayed)

(2) Add, delete, start/stop

[[email protected] ~]# NMCLI Connection Add con-name "configuration file name" type (Ethernet) ifname interface (eth0)(add a new profile)

[[email protected] ~]# NMCLI connection Add con-name "Profile name" IfName interface AutoConnect whether the configuration is applied by default, type IP4 IP address /Subnet Mask gw4 Gateway (add a new configuration file and set IP address information)

[[email protected] ~]# nmcli connection down "profile name"(Stop app for one profile)

[[email protected] ~]# nmcli connection up "profile name"(app that launches a profile)

[[Email Protected]rver0 ~]# nmcli Connection Show ' Profile name ' | Grep-i Auto(see if a configuration is automatically applied, yes if yes)

[[email protected] ~]# nmcli Connection Delete "profile name"(delete a profile)

(3) Modification

[[email protected] ~]# nmcli Connection Modify "Profile name" ipv4.addresses "IP address/Subnet mask gateway"(modifies the IP and gateway of an existing configuration file)

[[email protected] ~]# nmcli Connection Modify "Profile name" ipv4.addresses "+IP address/Subnet Mask gateway"(add a new IP and gateway in an existing configuration file Other addresses can use "+" to set multiple addresses on an existing address before the address)

[[email protected] ~]# nmcli Connection Modify "Profile name" Ipv4.dns "DNS Address"(modifies the DNS address of an existing configuration file)

[[email protected] ~]# nmcli Connection Modify "Profile name" Ipv4.method manual(modified address is static)

Third, start-level management

[[email protected] ~]# systemctl get-default(get default init level; multi-user.target multi-user, Graphical.target graphical)

[[email protected] ~]# systemctl set-default multi-user.target(set default boot level for multi-user)

Iv. Yun Source Add and Red Hat public key import

[[email protected] ~]# yum-config-manager--add-repo= "yum Source Address" (or vim handwriting)

[Email protected] ~]# rpm--import/etc/pki/rpm-gpg/rpm-gpg-key-redhat-*

V. Management of LVM

[[email protected] ~]# PVS(query PV size)

[[email protected] ~]# VGS(query VG size)

[[email protected] ~]# LVS(query LV size)

[[email protected] ~]# pvcreate/dev/partition (new PV)

[[email protected] ~]# vgextend volume group PV(extended volume group)

[[email protected] ~]# lvextend-l size Logical Volume (extended logical volume to specified size)

[[email protected] ~]# xfs_growfs Logical Volume (xfs file system extension)

[[email protected] ~]# resize2fs Logical Volume (EXT3/4 file system extension)

Vi. ACL permission settings

[[email protected] ~]# setfacl-m u: User name: Permissions file (set user ACL permissions on file)

[[email protected] ~]# setfacl-m g: Group name: Permissions file (set ACL permissions for group files)

[[email protected] ~]# setfacl-x g/u: username/Group name file (remove ACL permissions for user/group on this file)

[[email protected] ~]# getfacl file (view ACL permissions for files)

Vii. Genus Group and suid (mainly for files; file is run as owner), SGID (mainly for directories, all files under directory inherit directory genus), sticky bits (mainly for files; only file owner, folder owner can be deleted, except root)

[[email protected] ~]# chgrp Group file/directory (set genus)

[[email protected] ~]# chmod u+s file (set suid)

[[email protected] ~]# chmod g+s directory (set Sgid)

[[email protected] ~]# chmod o+t directory (set sticky bit)

Eight, default boot kernel adjustment and grub re-generation

[[email protected] ~]# grub2-editenv list(view the current default boot kernel)

[[email protected] ~]# grep "menuentry"/boot/grub2/grub.cfg(get all current grub boot entries)

[[email protected] ~]# Grub2-set-default ' menuentry entry single quote contents '(set default boot kernel)

[[email protected] ~]# grub2-mkconfig-o/boot/grub2/grub.cfg(Update grub configuration file)

Ix. using LDAP as the local user authentication method (if an error occurs: Date is out of sync, cert certificate error)

[[email protected] ~]# yum-y install SSSD (access a variety of authentication servers, such as Ldap,kerberos, and provide authorization) AUTHCONFIG-GTK (graphical configuration client) Krb5-workstatio N (Kerberos client software)

[[email protected] ~]# AUTHCONFIG-GTK(open graphical configuration)

(1) First case: User information in LDAP, password authentication in Kerberos

Identity & Authentication(tab)

User Account Database:ldap

LDAP Search Base DN: reference DN, specifying the starting DN of LDAP search, which is the DN under which to start the search

LDAP SERVER:LDAP Server domain name

Authentication Method:kerberos Password

Realm:kerberos field (must be capitalized)

KDCs: Key Distribution Center/ad address

Admin Servers:kerberos Management Server address

(2) Second situation: User information in LDAP, password authentication also in LDAP

Identity & Authentication(tab)

User Account Database:ldap

LDAP Search Base DN: reference DN, specifying the starting DN of LDAP search, which is the DN under which to start the search

LDAP SERVER:LDAP Server domain name

Authentication Method:ldap Password

[[email protected] ~]# getent passwd user name (Get account information from passwd Library; support AD, NIS and other user accounts)

(3) Home directory to solve the two methods; default home directory cannot be created

Method one, manually create

[Email protected] ~]# AUTHCONFIG-GTK

Advanced Options(tab)

Tick "Create home directories on the first login"(it will create a home directory locally at the time of landing, but will not be created on the remote server, only locally)

Method two, automatically mount via AutoFS, use the folder on the remote server

[[email protected] ~]# yum-y install autofs(Install package)

[[email protected] ~]# vim/etc/auto.master(monitoring file, default every five minutes check, no access to automatic uninstall, the next visit and then automatically mount)

[[email protected] ~]# vim/etc/sysconfig/autofs(timeout inside defines the monitoring time)

Add to:

Parent directory mount point, monitoring directory (such as:/home/guests)/etc/auto.* (suffix name pickup; specific loading parts)

[Email protected] ~]# vim/etc/auto.*

subdirectory mount points, keywords (such as: LDAPUSER0)-rw,sync (option) hostname: The location of the Mounted home directory (mount a user's home directory)

*-rw,sync (option) hostname: The location of the Mounted home directory/& (represents the same directory as the subdirectory mount point)(mounts the home directory for multiple users)

[Email protected] ~]# Systemctl enable AutoFS

[Email protected] ~]# systemctl restart AutoFS

Ten, NTP Client configuration

[[email protected] ~]# yum-y install chrony(NTP package)

[[email protected] ~]# vim/etc/chrony.conf(NTP config file)

[Email protected] ~]# Systemctl enable Chronyd

[Email protected] ~]# systemctl restart Chronyd

[[email protected] ~]# timedatectl status(NTP status, whether NTP is started, synchronized, etc.)

XI. Create a new swap partition, write to Fstab auto-boot mount

[[email protected] ~]# swapon-s(check if there is currently a swap partition)

(1) Partation creation

[[email protected] ~]# fdisk/dev/device (partition; set type to 82)

[[email protected] ~]# partprobe(refresh partition information)

[[email protected] ~]# mkswap/dev/device (formatted partition for swap)

[[email protected] ~]# vim/etc/fstab(add swap partition information for power-on self-mounting)

[[email protected] ~]# swapon-a(start all swap partitions; Read the swap contents in the Fstab file)

Verify

[[email protected] ~]# swapon-s(see swap size)

(2) file creation

[[email protected] ~]# dd If=/dev/zero of=/swap.img bs=1m count= times (Generate swap file)

[Email protected] ~]# mkswap/swap.img

[Email protected] ~]# Vim/etc/fstab

[Email protected] ~]# chmod 0600/swap.img

[Email protected] ~]# swapon-a

[Email protected] ~]# swapon-s

12. Find the user who owns the file and copy it

Need to create a directory to store files beforehand

[[email protected] ~]# Find/-user User (lookup user)-exec (followed by command to be used, alias not supported) Cp-a {} (-A For all properties of the copied file)/copy location (= match all previous files) \; (Terminator)

13. Create a logical volume and specify the physical expansion unit (physical extent) size

[[email protected] ~]# fdisk/dev/device

[Email protected] ~]# Partprobe

[[email protected] ~]# pvcreate/dev/device partition (Create new PV)

[[email protected] ~]# vgcreate-s physical expansion Unit size Volume group name/dev/device partition (Create new VG and specify physical expansion unit)

[[email protected] ~]# lvcreate-l LV Size-N Logical Volume name volume group name (Create a new LV and specify its size)

[[email protected] ~]# MKFS. Partition format/dev/Logical volume name/volume group name (format LVM)

This article from "Painting" blog, reproduced please contact the author!

RHEL 7--RHCSA Notes