NO13 Linux Basic optimization

Install Linux system after tuning and security settings:

1 Turn off the SELinux feature:

[[email protected] data]# sed ' s#selinux=enforcing#selinux=disabled#g '/etc/selinux/config (Use the SED command to modify the output, plus-I to modify the contents of the file, in the production environment is also to do so)

# This file controls the state of the SELinux on the system.
# selinux= can take one of the these three values:
#     enforcing-selinux security Policy is ENF orced.
#     permissive-selinux Prints warnings instead of enforcing.
#     disabled-no SELinux policy is loaded.
selinux=disabled
# selinuxtype= can take one of the three values:
#     targeted-targeted Processes is protected,
#     minimum-modification of targeted policy. Only selected processes is protected.
#     Mls-multi level Security protection.
selinuxtype=targeted

[Email protected] data]# sed-i ' s#selinux=enforcing#selinux=disabled#g '/etc/selinux/config (Confirm that the output is successful, then add-I to change the contents of the file)
[[email protected] data]# grep "selinux=disabled"/etc/selinux/config (check again with grep command)
Selinux=disabled

* The above only modifies the configuration file and requires a reboot to take effect, but the production environment is not allowed to restart the server, affecting customer access, then need another command.

1 getenforce   (view selinux status)2enforcing3[[email protected] data]# Setenforce   (Set status)4 usage:  10  ]  (enforcing is 1, Permissive is 0 meaning)506[[email protected] data]# Getenforce7 Permissive

• Do this: Before restarting is permissive, but before the configuration file is changed to Disabled, once the restart is disabled, but because it is actually not allowed to restart, so the configuration file and command line are changed, and disabled and permissive are not affected by the state.

II: 7 Types of Linux operating level, and the corresponding role.

• Enterprise Scene questions : 7 types of Linux operating levels, and the corresponding role. (To keep in mind)
• Enterprise Scene questions : To change the operating level of Linux from 3 to 5, which file to modify?
Answer:/etc/inittab

Default RunLevel. The runlevels used is:
0-halt (do not set Initdefault to this) shuts down.
1-single user mode single State, need to maintain server, such as password loss.
2-multiuser,without NFS (the same as 3,if you don't have networking) multiuser mode.
3-full multiuser mode full multi-user, command-line mode. The working environment generally uses 3 levels.
4-unused not used, reserved.
5-xll with desktop mode.
6-reboot (do not set Initdefault to this) restarts.

To view the current Linux operating mode:
[Email protected] ~]# RunLevel
N 5
The runlevel can be toggled:
[[Email protected] ~]# init Enter the number 0-6 and switch to the mode you want.

runlevel: View the current operating level of the system.
Init: Switch The RunLevel, followed by the corresponding level of numbers, such as Init 6 is to restart the Linux server.

Three: Power off restart Command and firewall settings:

· Shutdown #关机. Halt,init0 is also a command to shut down the machine.
Shutdown: shutdown-h now (or specified time).
· Rboot #重启. Init6 is also a reboot.
Restart: Shutdowm-r Now

Shutdown Firewall command: [[email protected] ~]#/etc/init.d/iptables stop temporary shutdown
Permanently shut down the firewall: [[email protected] ~]# chkconfig iptables off the next boot will not start automatically.
View Firewall command: [[email protected] ~]#/etc/init.d/iptables status

CentOS 7 defaults to using firewall as the firewall
# service FIREWALLD status; #查看防火墙状态
(disabled indicates that the boot enabled enable is disabled, inactive indicates that the firewall shutdown state activated (running) is turned on)
# service FIREWALLD start; or #systemctl start firewalld.service; #开启防火墙
# service FIREWALLD stop; or #systemctl stop Firewalld.service; #关闭防火墙
# service FIREWALLD Restart;  or #systemctl restart Firewalld.service; #重启防火墙
# systemctl Disable firewalld.service# Disable firewall on self-start

# Systemctl Enable firewalld# set up firewall boot
#yum Remove firewalld# Uninstall firewall

Linux Chinese display settings:
This optimization is optional, which is to adjust the character set settings of the Linux system.
A character set is a set of text symbols and their encodings. The currently used character sets under Linux are:
· GBKL: Fixed-length, double-byte, not international standards, support a lot of systems, the actual enterprise use is not much.
· UTF-8: Non-fixed length, 1-4 bytes, widely supported, MySQL also use UTF-8, enterprise widely used.

In previous versions of CentOS 7, the path to the default character set is typically saved in the/etc/sysconfig/i18n file.
However, in the CentOS 7 release, the character set configuration file is located in/etc/locale.conf.

The following demo makes Linux Chinese display in Centos7:

1[Email protected] ~]# cat/etc/locale.conf (view character Set configuration file)2lang="en_US. UTF-8"3[email protected] ~]# CP//Etc/locale.conf/etc/locale.conf.ori (best Backup)4[Email protected] ~]# Echo'lang= "ZH_CN. UTF-8 "'>/etc/locale.conf (Append output with echo command, replace content)5[Email protected] ~]# cat/etc/locale.conf (view character Set configuration file)6lang="ZH_CN. UTF-8"7[[Email protected] ~]# Echo $LANG (view character Set configuration file)8en_US. utf-89[Email protected] ~]#. /etc/locale.conf (You also need to use the. or source command to make the changes effective)Ten[[Email protected] ~]# echo $LANG (view variable $lang) OneZh_cn. utf-8 A[Email protected] ~]# source/etc/locale.conf -[[Email protected] ~]# Echo $LANG -Zh_cn. utf-8

Finally, the properties of this virtual machine-the appearance of the character encoding to UTF-8, reconnect, so that the server-side and client counterparts, to ensure that the dialog characters are consistent.

1 [[email protected] ~]# echo $LANG2 zh_cn. utf-83 [[email protected] ~]# cat/etc/locale.conf4 lang="zh_cn. UTF-8"5 [[email protected] ~]# touch old boy. TXT6 [[email protected] ~]# ls7 anaconda-ks.cfg  initial-setup-  Ks.cfg  oldboy.txt  old boy. TXT8

Note: Do not use any Chinese information in the Linux system.

To set the idle account timeout time only for temporary effect:
[Email protected] ~]# export tmout=5
[[email protected] ~]# timed out waiting for input:auto-logout

Lu Qing Empty All historical commands:
[Email protected] ~]# history-c
To delete a specified command:
[[email protected] ~]# history-d number (the number of the line to be deleted)

[[email protected] ~]# Export histsize=5 set command line record display number
[[email protected] ~]# cat ~/.bash_bash_history (but you can still see all the history commands from the command-line file)
[[email protected] ~]# export Histfilesize=5 (set the number of command-line file history)

History #查看及清理历史记录. -C clears all,-D deletes the specified history.

     Export history=5      command line history number. (Linux special variable).      export Histfilesize=5 The      number of command-line file history. ~/.bash_bash_history Viewing command-line file history         

Put the above command into the configuration file to make it permanent:

1[Email protected] ~]# Echo'Export tmout=300'>>/etc/ Profile2[Email protected] ~]# Echo'Export Histsize=5'>>/etc/ Profile3[Email protected] ~]# Echo'Export Histfilesize=5'>>/etc/ Profile4[Email protected] ~]# tail-3/etc/ Profile5Export tmout= -6Export histsize=57Export histfilesize=58[Email protected] ~]#source/etc/profile (Make configuration file effective)

Seven hidden Linux version information displays:

1 [[email protected] ~]# cat/etc/ view version information 2\s3Kernel \ r on an \m 4 [[email protected] ~]# cat/etc/issue.net5\s6Kernel \ r on a \m  7 [[email protected] ~]# >/etc/issue  use > to clear out the information 8

NO13 Linux Basic optimization