Linux Course 14th Day study notes

################### #3. Disk Encryption ####################
1. Disk Encryption
Fdisk/dev/vdb
Cryptsetup LUKSFORMAT/DEV/VDB1
Cryptsetup OPEN/DEV/VDB1 Westos
Mkfs.xfs/dev/mapper/westos
mount/dev/mapper/westos/mnt/
umount/mnt/
Cryptsetup Close Westos

Disk encryption improves security performance, but increases CPU load
Usually only important areas are encrypted

Process:
First Encrypt (install a lid), unlock (open the lid), format (installation file system), mount, lift, lock (buckle the lid)

2. Permanent Mount of encrypted disks
Vim/etc/crypttab
Decryption Device management file device encryption character store file
Redhat/dev/vdb1/root/lukspsfile

Vim/root/lukspsfile
Password

chmod 600/root/lukspsfile
Cryptsetup Luksaddkey/dev/vdb1/root/lukspsfile

Vim/etc/fstab
/dev/mapper/redhat/mnt XFS Defaults 0 0

Reboot

3. Encryption Erase
Vim/etc/fstab
Delete "/dev/mapper/redhat/mnt xfs defaults 0 0"

>/etc/crypttab
Rm-fr/root/lukspsfile
umount/mnt/
Cryptsetup Close Redhat
Mkfs.xfs/dev/vdb1-f

################### #4. Disk array ####################
Watch-n 1 Cat/proc/mdstat # #监控命令
Baidu "/proc/mdstat":
This file contains RAID device information controlled by the MD device driver.

Fdisk/dev/vdb
t # #修改分区功能id
FD # #Linux RAID Auto

Mdadm-c/dev/md0-a yes-l 1-n 2-x 1/dev/vdb{1..3} # #create
-A # #没有md0 is automatically created
-L # #级别 (example: 0,1,5)
-N # #用两块硬盘做raid
-X # #闲置一块

Mkfs.xfs/dev/md0
mount/dev/md0/mnt/
Mdadm-f/DEV/MD0/DEV/VDB1 # #set Faulty
mdadm-d/dev/md0 # #detail
Mdadm-r/DEV/MD0/DEV/VDB1 # #delete
Mdadm-a/DEV/MD0/DEV/VDB1 # #add
umount/mnt/
Mdadm-s/dev/md0 # #stop

--raid--
Soft raid: Software-implemented raid
Hard raid: Commonly used in enterprises, requires a RAID card

RAID0: Two disks in half, write fast
RAID1: Two disks are full data, read fast
RAID5: Two disks to do RAID0, and another to do RAID1, a fee disk

################### #5. Quota ####################
Mount-o Usrquota/dev/vdb1/pub # #设置挂载参数
QUOTAON-UV/DEV/VDB1 # #激活磁盘配额功能; "-u" user, default parameter; "-V" displays information
Edquota-u student # #编辑用户配额; "-u" user, default parameter
Disk Quotas for User student (UID 1000):
Filesystem blocks soft hard inodes soft hard
/DEV/VDB1 0 0 51200 0 0 0

"Soft" soft limit, hard limit, soft limit cannot be greater than hard limit

Su-student

DD If=/dev/zero of=/pub/file bs=1m count=51
Dd:error writing '/pub/file ': Disk quota exceeded # #提示超出配额
51+0 Records in
50+0 Records out
52428800 bytes (* MB) copied, 0.039447 s, 1.3 GB/s

Quota
Disk Quotas for User student (UID 1000):
Filesystem blocks Quota limit grace files quota limit Grace
/DEV/VDB1 51200* 0 51200 1 0 0

QUOTAOFF/DEV/VDB1 # #取消磁盘配额功能

Quotas are for partitioning, setting how much data a user can write to this partition

Vim/etc/fstab
/dev/vdb1/pub XFS Defaults,usrquota 0 0

#####################
##### 5.LVM #####
#####################

LVM # #逻辑卷管理, full name is "Logical Volume Manager"
PV # #物理卷, installing the physical partitions of the LVM software
VG # #物理卷组
PE # #物理拓展

1. Divide the physical partition and change the partition ID to 8e

Pvs|pvdisplay
Vgs|vgdisplay
Lvs|lvdisplay

Monitoring command:
Watch-n 1 \
' echo ' = = = Pvinfo = = = "; \
PVs \
echo "= = = Vginfo = = ="; \
VGs \
echo "= = = Lvinfo = = ="; \
LVs \
echo "= = =/mnt = = ="; \
Df-h/mnt; '

2.
Pvcreate/dev/vdb1
Vgcreate WESTOS/DEV/VDB1
Lvcreate-l 100m-n lv0 Westos
Mkfs.xfs/dev/westos/lv0
mount/dev/westos/lv0/mnt/

3.
Lvextend-l 200m/dev/westos/lv0
Xfs_growfs/dev/westos/lv0
Pvcreate/dev/vdb2
Vgextend WESTOS/DEV/VDB2
Lvextend-l 600m/dev/westos/lv0

4.
umount/mnt/
E2fsck-f/dev/westos/lv0
Resize2fs/dev/westos/lv0 550M
Lvreduce-l 550m/dev/westos/lv0
Pvmove/dev/vdb1/dev/vdb2
Vgreduce WESTOS/DEV/VDB1
Pvremove/dev/vdb1

This article from the "Schue Linux Learning Notes" blog, declined reprint!

Linux Course 14th Day study notes