# # #selinux # #
1. What is SELinux
SELinux kernel-level enhanced firewall
2. Managing SELinux Levels
Vim/etc/sysconfig/selinux
Selinux=disable # #关闭状态
Selinux=enforcing # #强制状态
Selinux=permissive # #警告状态
Getenforce # #查看状态
Setenforce 0|1 # #更改linux运行级别
3. Change the security context
Temporary changes
CHCON-T Security Context Directory-R
Permanent changes
Semanage fcontext-l
Semanage Fcontext-a-T security context ' directory (/.*)? '
RESTORECON-FVVR file
4. Control the SELinux switch to the service function
getsebool-a | grep Service Name
setsebool-p function bool Value On|off
# # #系统恢复 # #
1. System Startup process
Power
||
BIOS Hardware Detection
||
Grub System Boot (two stages)
1) Loading MBR (master boot record), MBR recorded in 0 tracks, 1 sector total 512b=446 master boot +64 hard disk partition table +2 disk valid flag 446 bytes notifies the computer how to access the partition table and locate the operating system
*) dd If=/dev/zero Of=/dev/vda bs=446 count=1 empty 446 bytes
*) Enter rescue mode, chroot/mnt/sysimage switch to real environment and execute GRUB2-INSTALL/DEV/VDA
2) Grub File boot phase
Find/boot partition read/boot/grub2/grub.cfg
*) file is missing, Grub-mkconfig >/boot/grub2/grub.cfg
||
Boot the kernel
Detecting devices, initializing device drivers
*) kernel is missing, reinstall kernel install package to resolve
||
System initialization
Load INITRD Mirror
Open initialization Process Systemd
Start SELinux
Load Kernel parameters
Initialize clock, keyboard, host name
Re-read and write mounted devices
Activating RAID,LVM
Activate quotas
Turn on multi-user. All services in Target.wants
Turn on the Virtual Console
*) initramfs-' uname-r '. IMG is missing
With MKINITRD initramfs-' uname-r '. img ' uname-r ' recovery
2. Change the root password
# # #dns # #
There are three types of DNS servers in Linux
1) Cache name servers, also called cache servers. No zone is responsible for parsing, just cache domain name query results cached locally, increasing the speed of customer repeat access.
2) The primary domain server is responsible for parsing one or several zones, and can also act as a cache name server
3) from the Domain Name server primary domain server backup, all data from the primary domain name server
A record: How many IP addresses a domain name corresponds to?
NS records: Description of which servers in the zone are responsible for parsing
SOA record: Indicates which server is responsible for parsing and which one is the primary server
MX record: Mail exchange record
CNAME record: Alias record
PTR record: Reverse record of a record
# # #dns高速缓存 # #
1. Installing the Software
BIND provides DNS functionality, the BIND counterpart service process is named named
Named default listener for TCP,UDP 53 ports
Yum Install Bind-y
Firewall-cmd--permanent--add-service=dns
Firewall-cmd--reload
Systemctl Start named
Systemctl Enable named
2. Setting up the configuration file
Vim/etc/named.conf
Listen-on Port: (any;}; # #从任何地址可以监听
allow-query {any;}; # #接受所有人的提问
Forwarders {172.25.254.250;}; # #缓存谁的答案
Dnssec-validation No #在查询dns过程是否加密
Vim/etc/named.rfc1912.zones
Zone "Westos.com" in {
Type master;
File "Westos.com.zone"
allow-update {none;};
};
Cp-p/var/named/localhost/var/named/westos.com.zone
Vim/etc/named/westos.com.zone
3. Testing
Dig www.westos.com
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tLCze9u8AABs70D1PZU491.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:16:34.png "alt=" Wkiol1g1tlcze9u8aabs70d1pzu491.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tLCCdm2jAAA0dfdorVk177.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:17:02.png "alt=" Wkiom1g1tlccdm2jaaa0dfdorvk177.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8A/9F/wKioL1g1tLCT9pi2AABQtTNvgGE394.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:18:32.png "alt=" Wkiol1g1tlct9pi2aabqttnvgge394.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8A/A3/wKiom1g1tLGTFzBTAABAcsKV4AY099.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:18:47.png "alt=" Wkiom1g1tlgtfzbtaabacskv4ay099.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/8A/9F/wKioL1g1tLGwm8UmAAA_afMJFYc384.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:25:01.png "alt=" Wkiol1g1tlgwm8umaaa_afmjfyc384.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8A/A3/wKiom1g1tLHi7yC8AABChGct_rc921.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:55:17.png "alt=" Wkiom1g1tlhi7yc8aabchgct_rc921.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tLGA2TL7AAAgXTV4QQM393.png "style=" float: none; "Title=" screenshot from 2016-11-21 17:55:28.png "alt=" Wkiol1g1tlga2tl7aaagxtv4qqm393.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M00/8A/9F/wKioL1g1tLLAktVoAADi_K6axII641.png "style=" float: none; "Title=" screenshot from 2016-11-21 18:46:31.png "alt=" Wkiol1g1tllaktvoaadi_k6axii641.png "/>
650) this.width=650; "src=" Http://s4.51cto.com/wyfs02/M01/8A/A3/wKiom1g1tLOxGISLAABbkpbfxTw400.png "style=" float: none; "Title=" screenshot from 2016-11-21 18:46:45.png "alt=" Wkiom1g1tloxgislaabbkpbfxtw400.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tLOB_eJTAAAlZJfh8ZI774.png "style=" float: none; "Title=" screenshot from 2016-11-21 18:46:57.png "alt=" Wkiol1g1tlob_ejtaaalzjfh8zi774.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tLTzFIifAADJMp8CB3g815.png "style=" float: none; "Title=" screenshot from 2016-11-21 18:47:06.png "alt=" Wkiom1g1tltzfiifaadjmp8cb3g815.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tLTCTpFiAAB1TJeWi7E927.png "style=" float: none; "Title=" screenshot from 2016-11-21 18:47:20.png "alt=" Wkiom1g1tltctpfiaab1tjewi7e927.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/9F/wKioL1g1tLSwrPZSAAAbX9H8zPs390.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:22:18.png "alt=" Wkiol1g1tlswrpzsaaabx9h8zps390.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8A/9F/wKioL1g1tLijEY6CAAE62knQtIs003.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:23:28.png "alt=" Wkiol1g1tlijey6caae62knqtis003.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8A/A3/wKiom1g1tLmwKlK6AAAaUKeObv4745.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:23:49.png "alt=" Wkiom1g1tlmwklk6aaaaukeobv4745.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8A/9F/wKioL1g1tLnQbv7oAAAhC3DNpLc093.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:24:08.png "alt=" Wkiol1g1tlnqbv7oaaahc3dnplc093.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8A/A3/wKiom1g1tLrwt-5PAAApAF2INTA856.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:24:51.png "alt=" Wkiom1g1tlrwt-5paaapaf2inta856.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tLqxWsMZAAAd7Q6O1Rk491.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:25:06.png "alt=" Wkiol1g1tlqxwsmzaaad7q6o1rk491.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tLqjoRkjAAAUAMpbNfs869.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:25:16.png "alt=" Wkiom1g1tlqjorkjaaauampbnfs869.png "/>
650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/8A/A3/wKiom1g1tLrAdCj4AAAiWpQ4Rh8205.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:26:27.png "alt=" Wkiom1g1tlradcj4aaaiwpq4rh8205.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8A/9F/wKioL1g1tLvg7YeeAAD89vCYIok172.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:27:02.png "alt=" Wkiol1g1tlvg7yeeaad89vcyiok172.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M02/8A/9F/wKioL1g1tLyz0u_DAAAxmllPXcA607.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:33:56.png "alt=" Wkiol1g1tlyz0u_daaaxmllpxca607.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M00/8A/A3/wKiom1g1tL2SgfpcAADP7PtaHlw868.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:36:02.png "alt=" Wkiom1g1tl2sgfpcaadp7ptahlw868.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/8A/9F/wKioL1g1tL2DMVXMAAAZw9ZT4FE194.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:42:12.png "alt=" Wkiol1g1tl2dmvxmaaazw9zt4fe194.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M01/8A/A3/wKiom1g1tL2Q1s6TAABgdsq-IQ4106.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:44:39.png "alt=" Wkiom1g1tl2q1s6taabgdsq-iq4106.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tL6gW6qKAAAoFRL7Og0750.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:46:46.png "alt=" Wkiol1g1tl6gw6qkaaaofrl7og0750.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8A/A3/wKiom1g1tL7xEnaZAABMNX7Db14057.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:52:28.png "alt=" Wkiom1g1tl7xenazaabmnx7db14057.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M01/8A/9F/wKioL1g1tL6Ryl4nAAAglYqLQDg722.png "style=" float: none; "Title=" screenshot from 2016-11-21 20:57:50.png "alt=" Wkiol1g1tl6ryl4naaaglyqlqdg722.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tL_SkBVGAAAgiJkoeJo544.png "style=" float: none; "Title=" screenshot from 2016-11-21 21:03:02.png "alt=" Wkiom1g1tl_skbvgaaagijkoejo544.png "/>
650) this.width=650; "src=" Http://s2.51cto.com/wyfs02/M02/8A/9F/wKioL1g1tL_BKtWbAABpKeT2vCQ398.png "style=" float: none; "Title=" screenshot from 2016-11-21 21:09:20.png "alt=" Wkiol1g1tl_bktwbaabpket2vcq398.png "/>
650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M00/8A/A3/wKiom1g1tMDB4noHAABrB8weqRM858.png "style=" float: none; "Title=" screenshot from 2016-11-21 21:10:12.png "alt=" Wkiom1g1tmdb4nohaabrb8weqrm858.png "/>
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/8A/A3/wKiom1g1tMHB7oKNAAEHc-XOKnE032.png "style=" float: none; "Title=" screenshot from 2016-11-21 21:54:25.png "alt=" Wkiom1g1tmhb7oknaaehc-xokne032.png "/>
Linux Learning Summary (8)