centos7

 

 

从阅读官方文档开始

centos7.1406　　faq,release notes

centos7.1503　　faq,release notes

centos7.1511

 

直接在命令行下,下面一条命令就制作完成了u盘启动盘
dd if=xxx.iso of=/dev/sdb
不能装win8,只能装linux

 

 

用u盘安装centos7.2时，到语言选择界面时只能看到鼠标，其余黑屏，无法安装，

解决办法是进入排障安装的基本图形模式安装就可以了

 

systemctl,journalctl命令

journalctl - Query the systemd journal

 

cs7.2一块磁盘上总共只能创建5个vg

启动时进入命令行，并修改启动
追加这个内核参数。init=/bin/bash
进去之后就是下面的
mount -o remount,rw /
vi /etc/inittab 

 

包比较

[root@my bin]# rpm -qa|wc -l
297
[root@my bin]# rpm -qa|grep firmware|wc -l
21
[root@my ~]# rpm -qa|grep Net|wc -l
4



[root@manage ~]# cat /etc/redhat-release
CentOS release 6.5 (Final)

[root@manage ~]# rpm -qa|grep firmware
kernel-firmware-2.6.32-431.el6.noarch

 

 

http://www.server-world.info/en/ 这个站点还比较清晰 

 

问题1：xrdp

yum install tigervnc-server
systemctl stop firewalld
systemctl disable firewalld
systemctl list-unit-files
cd /lib/systemd/system
cp vncserver@.service vncserver@:3.service
vi vncserver@:3.service
将<USER>替换为相应的账户名，例如wjk，然后下面的命令开机自动启动
systemctl enable vncserver@:3.service

Install Xrdp Server to connect to CentOS from the Windows Remote Desktop function. 
Install and start Xrdp Server. Xrdp for CentOS 7 is not provided by official now, so use Xrdp RPM package for CentOS 6 instead now. 

yum -y install tigervnc-server。xrdp需要有vncserver的支持
rpm -ivh http://dl.fedoraproject.org/pub/epel/7/x86_64/x/xrdp-0.9.0-4.el7.x86_64.rpm或者下面的
yum -y install http://dl.fedoraproject.org/pub/epel/7/x86_64/x/xrdp-0.9.0-4.el7.x86_64.rpm
systemctl start xrdp
systemctl status xrdp
chkconfig xrdp on
windows的mstsc要配置色深为16才可以连接，因为对方不支持更多的颜色

 

 

问题2：mysql

wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm
rpm -ivh mysql-community-release-el7-5.noarch.rpm
yum install mysql-server

 CentOS 7的yum源中貌似没有正常安装mysql时的mysql-sever文件，需要去官网上下载
# wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
# rpm -ivh mysql-community-release-el7-5.noarch.rpm
# yum install mysql-community-server

成功安装之后重启mysql服务
# service mysqld restart

初次安装mysql是root账户是没有密码的

设置密码的方法
# mysql -uroot
mysql> set password for ‘root’@‘localhost’ = password('mypasswd');
mysql> exit

先从ftp-100上将mysql相关包上传到目标机器上，再做如下操作
[root@test-mysql ~]# curl -O ftp://192.168.1.100/01%CA%FD%BE%DD%BF%E2/MySQL/mysql-5.7.10-1.1.el7.x86_64.zip
   60  rpm -e --nodeps mariadb-libs
   33  yum install perl unzip net-tools
   46  unzip -d mysql mysql-5.7.10-1.1.el7.x86_64.zip
   45  cd mysql
   66  rpm -ivh mysql-commercial-client-5.7.10-1.1.el7.x86_64.rpm mysql-commercial-server-5.7.10-1.1.el7.x86_64.rpm mysql-commercial-libs-* mysql-commercial-common-5.7.10-1.1.el7.x86_64.rpm
   67  systemctl status mysqld
   68  systemctl start mysqld
   69  systemctl status mysqld
   77  vi /etc/my.cnf
方法一：
   在[mysqld]中加入skip-grant-tables,就可以不用密码进入数据库中了，然后修改root密码
mysql> use mysql
mysql> select * from user\G;
mysql> UPDATE user SET authentication_string=PASSWORD("123456") WHERE User='root';
mysql> update user set authentication_string=PASSWORD("1234567") where User="root";
mysql> flush privileges;
mysql> exit

方法二：
安装并启动后查看临时密码
   17  grep "password" /var/log/mysqld.log
   18  less /var/log/mysqld.log
   19  mysql -p    用这个临时密码
mysql> show databases;
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
mysql> update user set authentication_string=PASSWORD("1234567") where User="root";
ERROR 1046 (3D000): No database selected
mysql> use mysql
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
mysql> SET PASSWORD FOR 'root'@'localhost'= "******";
Query OK, 0 rows affected (0.00 sec)
mysql> quit

 

问题3：ssh

Beginning with Redhat Enterprise Linux and CentOS 7, the default settings for sshd do not create a DSA host key. This can result in the following error: sshd[pid]: fatal: no hostkey alg [preauth]. This can cause session setup failures for older ssh clients. To allow those connections, perform the below steps. Bear in mind that this change was made to improve security, and this workaround allows weaker encryptions on the affected connections.
cd /etc/ssh
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
vi /etc/ssh/sshd_config
Uncomment this line:
HostKey /etc/ssh/ssh_host_dsa_key
chgrp ssh_keys ssh_host_dsa_key
service sshd restart
Then retry the connection with the older client. 

 

rhel7 网络

systemctl list-unit-files    查看正在运行服务的状态报告
systemctl show httpd.service 显示服务或任务的属性
systemctl list-dependencies  httpd.service  检查服务依赖关系
systemctl is-enabled  httpd.service  检查服务是否开机启动及级别
systemctl -H 192.168.117.128 start httpd.service   启动192.168.117.128机器上的httpd服务


NetworkManager Text User Interface，即nmtui
通过文本工具nmtui修改网络配置(RHEL7/CentOS7默认安装,前提需要开启NetworkManager.service才可以使用)
systemctl start NetworkManager
systemctl restart network
systemctl status network

nmtui
nmtui edit eth0
nmtui-connect eth0

[root@service-test1 ~]# rpm -qa|grep Networ
NetworkManager-team-1.0.0-14.git20150121.b4ea599c.el7.x86_64
NetworkManager-libnm-1.0.0-14.git20150121.b4ea599c.el7.x86_64
NetworkManager-1.0.0-14.git20150121.b4ea599c.el7.x86_64
NetworkManager-tui-1.0.0-14.git20150121.b4ea599c.el7.x86_64

 

 

nfs

systemctl start rpcbind nfs-server

 

 

 

rhel7 认证与审计(与6相差不大)

支持windows ad,支持unix ldap,支持动态第三方密码，支持ldap+kerberos认证

rhel6的相关命令是：authconfig-gtk,authconfig-tui

 

rhel7 服务升级

apache2.4替换2.2

mariaDB 5.5替换mysql 5.1

 

 

 

 

cs66
Enhanced SCSI unit attention handling to enable responding to certain unit commands.

The OpenvSwitch module is now available as a kernel module.
New HyperV daemons have been added to enable/improve running CentOS in Microsoft HyperV hosts.
As a technology preview 6.6 can be run as a 2nd generation VM on Microsoft's 2012R2 HyperV.
keepalived and haproxy are now fully supported.
Support added for the Intel Wildcat platform.
OpenJDK 8 has been added as technology preview.

cs67
sssd has a number of new capabilities
Support for udev rules to restrict removable media to be mounted read-only for security
LVM caching is now fully supported
New package clufter can be used for analyzing and transforming cluster configuration formats
SSLv3 and older insecure protocols are disabled by default, and various packages now have more configuration options to select the desired protocols
vim has been rebased to version 7.4, with improvements to undo and regular expressions
libreoffice has been upgraded to 4.2.8.2
The KVM hypervisor can now handle up to 240 virtual CPUs per virtual machine
IPv6 IP sets are now allowed in firewall rules
squid has been rebased to version 3.1.23 and now supports HTTP/1.1 POST and PUT responses with no message body
mdadm has been rebased to version 3.3.2, improving support for RAID level migrations and automatic array rebuilding
the package yum-plugin-downloadonly is now superseded by the main yum package, as the feature has been integrated


cs68

If you use the SCL or Xen4CentOS repositories the locations of these have changed as these repos are now being maintained by Special Interest Groups. If you get errors updating your SCLs, do: yum remove centos-release-SCL then yum install centos-release-scl-rh. Xen should update as part of the normal update process.

libreswan replaces openswan as VPN endpoint solution (support added in NetworkManager)
sssd has a number of new capabilities and now supports smart cards, support for SSL v2 has been disabled
XFS support increased to a maximum file system size of 300TB
various applications now support TLS 1.2, i.e. OpenLDAP, yum, stunnel, vsftpd, git, postfix and others. Also TLS 1.2 has been enabled by default in various packages

various applications now support elliptic-curve parameters, i.e. Perl Net:SSLeay or Perl IO::Socket::SSL
dmidecode now supports SMBIOS 3.0.0
kickstart files can now be pulled from https sources
chrony has been added as an alternative to NTPd
squid 3.4 is available as a replacement to squid 3.1
enhancements have been made for guests running Hyper-V i.e. reporting kernel crashes to the hypervisor or running as a generation 2 guest
New package rear can be used to continuously create recovery images
SSL v3 and older insecure protocols are disabled by default, and various packages now have more configuration options to select the desired protocols
libreoffice has been rebased to 4.3.7.2

various packages have been rebased to more current version i.e. elfutils, SystemTap, ipmitool, memtest86+, icedtea-web, various hardware drivers, shadow utils, virt-who and others