ubuntu server guide 学习笔记
1. 软件包
1.1. dpkg
dpkg -l dpkg -l | grep apache2 dpkg -L ufw dpkg -S /etc/host.conf dpkg -i zip_3.0-4_i386.deb dpkg -r zip
1.2. Apt-Get
1.2.1. apt的相关文件
|
/etc/apt/sources.list |
设置软件包的获取来源 |
|
/etc/apt/apt.conf |
apt配置文件 |
|
/etc/apt/apt.conf.d/ |
apt的零碎配置文件 |
|
/etc/apt/preferences |
版本参数 |
|
/var/cache/apt/archives/ |
存放已经下载的软件包 |
|
/var/cache/apt/archives/partial |
存放正在下载的软件包 |
|
/var/lib/apt/lists/ |
存放已经下载的软件包详细信息 |
|
/var/lib/apt/lists/partial/ |
存放正在下载的软件包详细信息 |
1.2.2. apt-get命令的子命令
|
update |
更新软件包列表 |
|
upgrade |
升级系统中的所有软件包 |
|
install |
安装软件包 |
|
remove |
卸载软件包 |
|
autoremove |
仅删除不需要再次下载的软件包 |
|
purge |
彻底删除软件包(包括配置文件) |
|
source |
下载源代码 |
|
build-dep |
自动下载安装编译某个软件所需要的软件包 |
|
dist-upgrade |
升级整个发行版 |
|
dselect-upgrade |
安装dselect的选择进行升级 |
|
clean |
删除本地缓存的所有升级包 |
|
autoclean |
删除本地缓存中无用的软件包 |
|
check |
检查是否存在有问题的依赖关系 |
|
例:$ sudo apt-get install php5-mysql apache2 $ sudo apt-get update && sudo apt-get upgrade |
|
1.2.3. apt-get命令选项
|
-d,--download-only |
仅下载,不安装 |
|
-f,--fix-broken |
修复依赖问题(用于install和remove子命令) |
|
-m,--ignore-missing,--fix-missing |
忽略缺失的软件包。遇到无法下载的软件包,自动忽略 |
|
--no-download |
禁止下载软件包。与-m配合,可以使apt只使用已经下载的软件包 |
|
-q,--quiet |
静默模式,输出的信息适合做日志 |
|
-s,--simulate,--just-print |
模拟测试,不做出实际操作,不改变系统 |
|
-y,--yes,--assume-yes |
在系统提问时,自动应答yes |
|
-u,--show-upgraded |
显示已升级的软件包 |
|
-V,--verbose-versions |
显示已安装和已升级的软件包的完整版本号 |
|
-b,--compile,--build |
在源码包下载完成后进行编译 |
|
--ignore-hold |
忽略被保留的软件包 |
|
--no-upgrade |
不要升级软件包 |
|
--force-yes |
强制回答yes |
|
--print-uris |
仅答应软件包地址,不安装 |
|
--purge |
彻底删除,包括配置文件 |
|
--reinstall |
重新安装软件包 |
1.2.4. apt-cache命令
|
功能:搜索某个软件包的名字或显示某个软件包的详细信息 |
|
|
搜索mysql的软件包 |
$ apt-cache search mysql |
|
查看ssh软件包的详细版本号 |
$ apt-cache show ssh |
1.2.5. Red Hat、Fedora和Ubuntu软件包操作对比
|
任务 |
Red Hat、Fedora |
Ubuntu |
|
基本信息 |
|
|
|
软件包后缀 |
*.rpm |
*.deb |
|
软件源配置文件 |
/etc/yum.conf |
/etc/apt/sources.list |
|
安装、删除、升级软件包 |
|
|
|
更新软件包列表 |
每次运行yum时自动执行 |
apt-get update |
|
从软件仓库软件安装软件 |
yum install package |
apt-get install package |
|
安装一个已下载的软件包 |
yum install pkg.rpm rpm -i pkg.rpm |
dpkg -i pkg.deb pkg --install pkg.deb |
|
删除软件包 |
rpm -e package |
apt-get remove package |
|
软件包升级检查/测试 |
yum check-update |
apt-get -s upgrade apt-get -s dist-upgrade |
|
升级软件包 |
yum update rpm -Uvh [args] |
apt-get upgrade |
|
升级整个系统 |
yum upgrade |
apt-get dist-upgrade |
|
软件包信息 |
|
|
|
获取某软件包的信息 |
yum search package |
apt-cache show package |
|
获取所有软件包的信息 |
yum list available |
apt-cache dumpavail |
|
显示所有已安装的软件 |
yum list installed rpm -qa |
dpkg -l dpkg --list |
|
获取某个已安装软件包的信息 |
yum info package rpm -qi package |
dpkg --status package |
|
列出某个已安装软件包所包含的文件列表 |
rpm -ql package |
|
|
列出某个已安装软件包所包含的文档 |
rpm -qd package |
无 |
|
列出某个已安装软件包所包含的配置文件 |
rpm -qc package |
无 |
|
显示某个软件包所依赖的软件包列表 |
rpm -qR package |
apt-cache depends package |
|
显示某个软件包的反向依赖关系 |
rpm -q -whatrequires [args] |
apt-cache rdepends package |
|
软件包文件信息 |
|
|
|
获取某个软件包文件的信息 |
rpm -qpi pkg.rpm |
dpkg --info pkg.deb |
|
获取某个软件包文件所包含的文件列表 |
rpm -qpl pkg.rpm |
dpkg --contents pkg.deb |
|
获取某个软件包文件所包含的文档 |
rpm -qpd pkg.rpm |
无 |
|
获取某个软件包文件所包含的配置文件 |
rpm -qpc pkg.rpm |
无 |
|
软件包解压 |
rpm2cpio pkg.rpm | cpio -vid |
dpkg-deb --extract pkg.deb |
|
搜索某个文件是由哪个软件包安装的 |
rpm -qf /file/name |
dpkg -S /file/name dpkg --search /file/name |
|
搜索所有提供某个文件的软件包 |
yum provides /file/name |
apt-file search /file/name |
|
杂项 |
|
|
|
显示本地软件包缓存的状态 |
无 |
apt-cache stats |
|
校验所有已安装的软件包 |
rpm -Va |
debsums |
|
删除本地缓存的所有软件包 |
yum clean packages |
apt-get clean |
|
仅删除本地缓存中过时的软件包 |
无 |
apt-get autoclean |
|
删除所有软件包信息 |
yum clean headers |
apt-file purge |
1.2.6. apt源
apt-get install nmap
apt-get remove nmap
apt-get update --更新源
apt-get upgrade --升级软件包
deb 软件的位置
deb-src 软件的源代码的位置
限定词:
main:完全的自由软件。
restricted:不完全的自由软件。
universe:ubuntu官方不提供支持与补丁,全靠社区支持。
muitiverse:非自由软件,完全不提供支持和补丁。
1、原文件备份
sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak
2、编辑源列表文件
deb https://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse deb https://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse deb-src https://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse ## Not recommended # deb https://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse # deb-src https://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
3、运行sudo apt-get update
1.3. Aptitude
aptitude
aptitude install nmap
aptitude remove nmap
2. Network
ifconfig|grep eth
lshw -class network
apt-get install ethtool
ethtool eth0
2.1. ip设置
临时设置:
ifconfig eth0 10.0.0.100 netmask 255.255.255.0 route add default gw 10.0.0.1 eth0 route -n
ip addr flush eth0 --清除ip设置
dhcp获取ip
auto eth0 iface eth0 inet dhcp
静态ip
auto eth0 iface eth0 inet static address 10.0.0.100 netmask 255.255.255.0 gateway 10.0.0.1
ifdown eth0 && ifup eth0 --重启网络
2.2. dns设置
vim /etc/resolv.conf
nameserver 8.8.8.8 nameserver 8.8.4.4
网卡配置文件
iface eth0 inet static
address 192.168.3.3
netmask 255.255.255.0
gateway 192.168.3.1
dns-search example.com
dns-nameservers 192.168.3.45 192.168.8.10
2.3. 静态主机名
vim /etc/hosts
127.0.0.1 localhost 127.0.1.1 ubuntu-server 10.0.0.11 server1 server1.example.com vpn 10.0.0.12 server2 server2.example.com mail 10.0.0.13 server3 server3.example.com www 10.0.0.14 server4 server4.example.com file
2.4. 域名解析顺序
vim /etc/nsswitch.conf
hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 • files first tries to resolve static hostnames located in /etc/hosts . • mdns4_minimal attempts to resolve the name using Multicast DNS. • [NOTFOUND=return] means that any response of notfound by the preceding mdns4_minimal process should be treated as authoritative and that the system should not try to continue hunting for an answer. • dns represents a legacy unicast DNS query. • mdns4 represents a Multicast DNS query.
2.5. 桥接
apt-get install bridge-utils
vim /etc/network/interfaces
auto lo
iface lo inet loopback
auto br0
iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
brctl show
2.6. man
2.6.1. man interfaces
pre-up command
Run command before bringing the interface up. If this command fails then ifup aborts, refraining from marking the interface as configured, prints an error
message, and exits with status 0. This behavior may change in the future.
post-up command
Run command after bringing the interface up. If this command fails then ifup aborts, refraining from marking the interface as configured (even though it has really been configured), prints an error message, and exits with status 0.This behavior may change in the future.
pre-down command
Run command before taking the interface down. If this command fails then ifdown aborts, marks the interface as deconfigured (even though it has not really been deconfigured), and exits with status 0. This behavior may change in the future.
post-down command
Run command after taking the interface down. If this command fails then ifdown aborts, marks the interface as deconfigured, and exits with status 0.This behavior may change in the future.
2.6.2. man ifup
ifup -a
ifdown -a
ifquery -l
-i FILE, --interfaces=FILE
Read interface definitions from FILE instead of from /etc/network/interfaces.
2.6.3. man resolvconf
# vim /etc/resolv.conf
dns-nameservers 192.168.1.254 8.8.8.8 dns-search foo.org bar.com
# ll /etc/resolv.conf
lrwxrwxrwx 1 root root 29 Jun 14 02:40 /etc/resolv.conf -> ../run/resolvconf/resolv.conf
2.7. dhcp
apt-get install isc-dhcp-server
# vim /etc/dhcp/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.150 192.168.1.200;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "mydomain.example";
}
2.8. ntp
ntpdate -s ntp.ubuntu.com
apt-get install ntp
#vim /etc/ntp.conf
server 0.ubuntu.pool.ntp.org server 1.ubuntu.pool.ntp.org server 2.ubuntu.pool.ntp.org server 3.ubuntu.pool.ntp.org
# ntpq -p
remote refid st t when poll reach delay offset jitter ============================================================================== +stratum2-2.NTP. 129.70.130.70 2 u 5 64 377 68.461 -44.274 110.334 +ntp2.m-online.n 212.18.1.106 2 u 5 64 377 54.629 -27.318 78.882 *145.253.66.170 .DCFa. 1 u 10 64 377 83.607 -30.159 68.343 +stratum2-3.NTP. 129.70.130.70 2 u 5 64 357 68.795 -68.168 104.612 +europium.canoni 193.79.237.14 2 u 63 64 337 81.534 -67.968 92.792
3. multipath
service multipath-tools stop
multipath -F
service multipath-tools start
service multipath-tools reload
multipathd help --显示相关命令
multipathd -k 进入命令输入界面
echo 'show config' | multipathd -k
Every time either /etc/lvm.conf or /etc/multipath.conf is updated, the initrd should be rebuilt toreflect these changes.
update-initramfs -u -k all
Before setting up DM-Multipath on your system, ensure that your system has been updated and includes the multipath-tools package. If boot from SAN is desired, then the multipath-tools-boot package is also required.
3.1. Resizing an Online Multipath Device
If you need to resize an online multipath device, use the following procedure
1. Resize your physical device. This is storage platform specific.
2. Use the following command to find the paths to the LUN:
# multipath -l
3. Resize your paths. For SCSI devices, writing 1 to the rescan file for the device causes the SCSI driver to
rescan, as in the following command:
# echo 1 > /sys/block/device_name/device/rescan
4. Resize your multipath device by running the multipathd resize command:
# multipathd -k 'resize map mpatha'
5. Resize the file system (assuming no LVM or DOS partitions are used):
# resize2fs /dev/mapper/mpatha
3.2. troubleshotting
# multipathd -k
> > show config
> > CTRL-D
The following command sequence ensures that multipath has picked up any changes to the multipath.conf,
# multipathd -k
> > reconfigure
> > CTRL-D
Use the following command sequence to ensure that the path checker is working properly.
# multipathd -k
> > show paths
> > CTRL-D
Commands can also be streamed into multipathd using stdin like so:
# echo 'show config' | multipathd -k
4. 远程管理
4.1. ssh
apt-get install openssh-client
apt-get install openssh-server
备份配置文件
cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
chmod a-w /etc/ssh/sshd_config.original
service ssh restart
ssh-keygen -t rsa
ssh-copy-id username@remotehost
chmod 600 .ssh/authorized_keys
4.2. puppet
Puppet server's /etc/hosts file add:
127.0.0.1 localhost.localdomain localhost puppet
192.168.1.17 puppetclient.example.com puppetclient
On each Puppet client, add an entry for the server:
192.168.1.16 puppetmaster.example.com puppetmaster puppet
apt-get install puppetmaster --服务端
apt-get install puppet --客户端
服务端
mkdir -p /etc/puppet/modules/apache2/manifests
# vim /etc/puppet/modules/apache2/manifests/init.pp
containing the following:
class apache2 {
package { 'apache2':
ensure => installed,
}
service { 'apache2':
ensure => true,
enable => true,
require => Package['apache2'],
}
}
# vim /etc/puppet/manifests/site.pp
node 'puppetclient.example.com' {
include apache2
}
service puppetmaster restart
客户端
First, configure the Puppet agent daemon to start. Edit /etc/default/puppet ,changing START to yes:
START=yes
Then start the service:
sudo service puppet start
View the client cert fingerprint
sudo puppet agent --fingerprint
Back on the Puppet server, view pending certificate signing requests:
sudo puppet cert list
On the Puppet server, verify the fingerprint of the client and sign puppetclient's cert:
sudo puppet cert sign puppetclient.example.com
On the Puppet client, run the puppet agent manually in the foreground. This step isn't strictly speaking necessary, but it is the best way to test and debug the puppet service.
sudo puppet agent --test
Check /var/log/syslog on both hosts for any errors with the configuration. If all goes well the apache2 package and it's dependencies will be installed on the Puppet client.
5. DNS
sudo apt-get install bind9
sudo apt-get install dnsutils --测试和排障
/etc/bind/named.conf
/etc/bind/named.conf.options
/etc/bind/db.root
6. 安全
6.1. 用户管理
开启root
sudo passwd
禁用root密码
sudo passwd -l root
禁用root账号
usermod --expiredate 1
man sudo
/etc/sudoers
6.1.1. 用户操作
创建和删除用户
sudo adduser username
sudo deluser username
锁住和解锁用户
sudo passwd -l username
sudo passwd -u username
增加和删除组
sudo addgroup groupname
sudo delgroup groupname
添加用户到组
sudo adduser username groupname
用户属性
ls -ld /home/username
sudo chmod 0750 /home/username
vim /etc/adduser.conf
DIR_MODE=0750
6.1.2. 密码策略
密码长度
/etc/pam.d/common-password
password [success=1 default=ignore] pam_unix.so obscure sha512 minlen=8
查看用户密码状态
sudo chage -l username
设置密码策略
sudo chage username
sudo chage -E 01/31/2015 -m 5 -M 90 -I 30 -W 14 username
6.1.3. ssh连接
who | grep username (to get the pts/# terminal)
sudo pkill -f pts/#
6.2. console安全
6.2.1. Disable Ctrl+Alt+Delete
/etc/init/control-alt-delete.conf
#exec shutdown -r now "Control-Alt-Delete pressed"
6.3. Firewall
sudo ufw enable
sudo ufw allow 22
sudo ufw insert 1 allow 80
sudo ufw deny 22
sudo ufw delete deny 22
sudo ufw allow proto tcp from 192.168.0.2 to any port 22
sudo ufw --dry-run allow http --测试
sudo ufw disable
sudo ufw status
6.3.1. ufw Application Integration
配置文件 /etc/ufw/applications.d
sudo ufw app list
sudo ufw allow Samba
ufw allow from 192.168.0.0/24 to any app Samba
ufw app info Samba
6.3.2. IP Masquerading
1) ufw Masquerading
First, packet forwarding needs to be enabled in ufw. Two configuration files will need to be adjusted, in /etc/default/ufw change the DEFAULT_FORWARD_POLICY to “ACCEPT”:
DEFAULT_FORWARD_POLICY="ACCEPT"
Then edit /etc/ufw/sysctl.conf and uncomment:
net/ipv4/ip_forward=1
Now add rules to the /etc/ufw/before.rules file. The default rules only configure the filter table, and to enable masquerading the nat table will need to be configured. Add the following to the top of the file just after the header comments:
# nat Table rules *nat :POSTROUTING ACCEPT [0:0] # Forward traffic from eth1 through eth0. -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE # don't delete the 'COMMIT' line or these nat table rules won't be processed COMMIT
重启ufw
sudo ufw disable && sudo ufw enable
2) iptables Masquerading
Similar to ufw, the first step is to enable IPv4 packet forwarding by editing /etc/sysctl.conf and
uncomment the following line:
net.ipv4.ip_forward=1
sudo sysctl -p
sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE
sudo iptables -A FORWARD -s 192.168.0.0/16 -o ppp0 -j ACCEPT
sudo iptables -A FORWARD -d 192.168.0.0/16 -m state \
--state ESTABLISHED,RELATED -i ppp0 -j ACCEPT
6.3.3. Logs
sudo ufw logging on
sudo ufw logging off
If using iptables instead of ufw, enter:
sudo iptables -A INPUT -m state --state NEW -p tcp --dport 80 \ -j LOG --log-prefix "NEW_HTTP_CONN: "
A request on port 80 from the local machine, then, would generate a log in dmesg that looks like this (single line split into 3 to fit this document):
[4304885.870000] NEW_HTTP_CONN: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:00 SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=58288 DF PROTO=TCP SPT=53981 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0
The above log will also appear in /var/log/messages , /var/log/syslog , and /var/log/kern.log
7. 文件服务
7.1. vsftpd
sudo apt-get install vsftpd
edit /etc/vsftpd.conf by changing:
anonymous_enable=Yes
修改ftp家目录
sudo mkdir /srv/files/ftp
sudo usermod -d /srv/files/ftp ftp
重启服务
sudo restart vsftpd
7.2. nfs
sudo apt-get install nfs-kernel-server
vim /etc/exports
/ubuntu *(ro,sync,no_root_squash)
/home *(rw,sync,no_root_squash)
sudo service nfs-kernel-server start
客户端
sudo apt-get install nfs-common
sudo mount example.hostname.com:/ubuntu /local/ubuntu
vim /etc/fstab
example.hostname.com:/ubuntu /local/ubuntu nfs rsize=8192,wsize=8192,timeo=14,intr
7.3. iSCSI Initiator
sudo apt-get install open-iscsi
edit /etc/iscsi/iscsid.conf
node.startup = automatic
sudo iscsiadm -m discovery -t st -p 192.168.0.10
192.168.0.10:3260,1 iqn.1992-05.com.emc:sl7b92030000520000-2
sudo iscsiadm -m node --login
sudo fdisk /dev/sdb
n
p
enter
w
sudo mkfs.ext4 /dev/sdb1
sudo mount /dev/sdb1 /srv
vim /etc/fstab
/dev/sdb1 /srv ext4 defaults,auto,_netdev 0 0
8. 备份
#!/bin/bash #################################### # # Backup to NFS mount script. # #################################### # What to backup. backup_files="/home /var/spool/mail /etc /root /boot /opt" # Where to backup to. dest="/mnt/backup" # Create archive filename. day=$(date +%A) hostname=$(hostname -s) archive_file="$hostname-$day.tgz" # Print start status message. echo "Backing up $backup_files to $dest/$archive_file" date echo # Backup the files using tar. tar czf $dest/$archive_file $backup_files # Print end status message. echo echo "Backup finished" date # Long listing of files in $dest to check file sizes. ls -lh $dest
chmod u+x backup.sh
sudo ./backup.sh
sudo crontab -e
0 0 * * * bash /usr/local/bin/backup.sh
还原
tar -tzvf /mnt/backup/host-Monday.tgz
tar -xzvf /mnt/backup/host-Monday.tgz -C /tmp etc/hosts
另外一个shell脚本
#!/bin/bash
####################################
#
# Backup to NFS mount script with
# grandfather-father-son rotation.
#
####################################
# What to backup.
backup_files="/home /var/spool/mail /etc /root /boot /opt"
# Where to backup to.
dest="/mnt/backup"
# Setup variables for the archive filename.
day=$(date +%A)
hostname=$(hostname -s)
# Find which week of the month 1-4 it is.
day_num=$(date +%d)
if (( $day_num <= 7 )); then
week_file="$hostname-week1.tgz"
elif (( $day_num > 7 && $day_num <= 14 )); then
week_file="$hostname-week2.tgz"
elif (( $day_num > 14 && $day_num <= 21 )); then
week_file="$hostname-week3.tgz"
elif (( $day_num > 21 && $day_num < 32 )); then
week_file="$hostname-week4.tgz"
fi
# Find if the Month is odd or even.
month_num=$(date +%m)
month=$(expr $month_num % 2)
if [ $month -eq 0 ]; then
month_file="$hostname-month2.tgz"
else
month_file="$hostname-month1.tgz"
fi
# Create archive filename.
if [ $day_num == 1 ]; then
archive_file=$month_file
elif [ $day != "Saturday" ]; then
archive_file="$hostname-$day.tgz"
else
archive_file=$week_file
fi
# Print start status message.
echo "Backing up $backup_files to $dest/$archive_file"
date
echo
# Backup the files using tar.
tar czf $dest/$archive_file $backup_files
# Print end status message.
echo
echo "Backup finished"
date
# Long listing of files in $dest to check file sizes.
ls -lh $dest/
9. kvm
kvm-ok --检查是否支持kvm
sudo apt-get install qemu-kvm libvirt-bin
sudo adduser $USER libvirtd
sudo apt-get install virtinst
sudo virt-install -n web_devel -r 256 \ --disk path=/var/lib/libvirt/images/web_devel.img,bus=virtio,size=4 -c \ ubuntu-14.04-server-i386.iso --network network=default,model=virtio \ --graphics vnc,listen=0.0.0.0 --noautoconsole -v
sudo virt-clone -o web_devel -n database_devel -f /path/to/database_devel.img \
--connect=qemu:///system
virsh -c qemu:///system list virsh -c qemu:///system start web_devel virsh -c qemu:///system autostart web_devel virsh -c qemu:///system reboot web_devel virsh -c qemu:///system save web_devel web_devel-022708.state virsh -c qemu:///system restore web_devel-022708.state virsh -c qemu:///system shutdown web_devel virsh -c qemu:///system attach-disk web_devel /dev/cdrom /media/cdrom
sudo apt-get install virt-manager
virt-manager -c qemu:///system
virt-manager -c qemu+ssh://virtnode1.mydomain.com/system --用其他主机连接
sudo apt-get install virt-viewer
virt-viewer -c qemu:///system web_devel
virt-viewer -c qemu+ssh://virtnode1.mydomain.com/system web_devel
10. 开机启动项
sudo update-rc.d -f boa remove --删除启动项
sudo update-rc.d boa default --添加启动项
sudo apt-get install bum #图形界面
sudo apt-get install sysv-rc-conf #字符界面
sudo bum
sudo sysv-rc-conf #进入交互界面
sudo sysv-rc-conf --list #直接打印列表
11. 图形桌面
apt install xinit
apt install gdm
apt install ubuntu-desktop --gnome桌面
apt install kubuntu-desktop --kde桌面
ubuntu系统运行级别,runlevel
0 系统停机状态
1 单用户或系统维护状态
2~5 多用户状态
6 重新启动
修改系统运行级别
vim /etc/init/rc-sysinit.conf
entry env DEFAULT_RUNLEVEL=2
