第三十一章 Linux系统管理详解
一、Linux系统开机流程
1.按下电源
2.BIOS自检
3.MBR引导
4.进入GRUB菜单
5.加载内核kernel
6.systemd init进程
7.读取运行级别
[root@jindada ~]# ll /etc/systemd/system/default.target
lrwxrwxrwx 1 root root 37 Jul 6 02:16 /etc/systemd/system/default.target -> /lib/systemd/system/multi-user.target
[root@jindada ~]# ll /usr/lib/systemd/system/runlevel*.target
lrwxrwxrwx. 1 root root 15 Jul 6 02:14 /usr/lib/systemd/system/runlevel0.target -> poweroff.target
lrwxrwxrwx. 1 root root 13 Jul 6 02:14 /usr/lib/systemd/system/runlevel1.target -> rescue.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel2.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel3.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel4.target -> multi-user.target
lrwxrwxrwx. 1 root root 16 Jul 6 02:14 /usr/lib/systemd/system/runlevel5.target -> graphical.target
lrwxrwxrwx. 1 root root 13 Jul 6 02:14 /usr/lib/systemd/system/runlevel6.target -> reboot.target
8.初始化系统
[root@jindada ~]# ll /usr/lib/systemd/system/sysinit.target
-rw-r--r--. 1 root root 518 Oct 31 2018 /usr/lib/systemd/system/sysinit.target
9.并行启动开机自启动的服务
10.运行getty文件,显示登陆界面
[root@jindada ~]# ll /usr/lib/systemd/system/getty.target
-rw-r--r--. 1 root root 460 Oct 31 2018 /usr/lib/systemd/system/getty.target
二、Centos-6 和 Centos-7的区别
| Centos-6 | Centos-7 |
|---|---|
| init管理进程 | systemd管理进程 |
| 串行启动服务 | 并行启动服务 |
| 启动效率慢,容易故障 | 启动效率高,不容易出现故障 |
三、系统的运行级别
1.系统运行级别的相关文件
[root@jindada ~]# ll /usr/lib/systemd/system/runlevel*.target
lrwxrwxrwx. 1 root root 15 Jul 6 02:14 /usr/lib/systemd/system/runlevel0.target -> poweroff.target
lrwxrwxrwx. 1 root root 13 Jul 6 02:14 /usr/lib/systemd/system/runlevel1.target -> rescue.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel2.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel3.target -> multi-user.target
lrwxrwxrwx. 1 root root 17 Jul 6 02:14 /usr/lib/systemd/system/runlevel4.target -> multi-user.target
lrwxrwxrwx. 1 root root 16 Jul 6 02:14 /usr/lib/systemd/system/runlevel5.target -> graphical.target
lrwxrwxrwx. 1 root root 13 Jul 6 02:14 /usr/lib/systemd/system/runlevel6.target -> reboot.target
0 poweroff #关机
1 rescue #单用户模式
2 multi-user #多用户模式
3 multi-user #多用户模式
4 multi-user #多用户模式
5 graphical #图形界面模式 桌面模式
6 reboot #重启
2.如何查看系统运行级别
#1.Centos-6:
[root@jindada ~]# runlevel
N 3
[root@jindada ~]# init 5
[root@jindada ~]# runlevel
3 5
[root@jindada ~]# init 3
#2.Centos-7:
[root@jindada ~]# systemctl get-default
multi-user.target
3.修改系统运行级别
[root@jindada ~]# systemctl set-default graphical.target
Removed symlink /etc/systemd/system/default.target.
Created symlink from /etc/systemd/system/default.target to /usr/lib/systemd/system/graphical.target.
[root@jindada ~]# systemctl get-default
graphical.target
[root@jindada ~]# systemctl set-default multi-user.target
Removed symlink /etc/systemd/system/default.target.
Created symlink from /etc/systemd/system/default.target to /usr/lib/systemd/system/multi-user.target.
[root@jindada ~]# systemctl get-default
multi-user.target
四、管理系统服务-systemctl
1.含义
systemctl命令来自于英文词组”system control“的缩写,其功能是用于管理系统服务。从RHEL/CentOS7版本之后初始化进程服务init被替代成了systemd服务,systemd初始化进程服务的管理是通过systemctl命令完成的,从功能上涵盖了之前service、chkconfig、init、setup等多条命令的大部分功能。
语法格式:systemctl 参数 服务
2.相关文件目录
#1.主配置文件目录
[root@jindada ~]# ll /etc/systemd/system/ -d
drwxr-xr-x. 12 root root 4096 Aug 5 09:05 /etc/systemd/system/
#2.系统服务配置文件
[root@jindada ~]# ll /usr/lib/systemd/system/ -d
drwxr-xr-x. 26 root root 12288 Jul 30 19:51 /usr/lib/systemd/system/
#3.程序,进程运行时产生的一些文件
[root@jindada ~]# ll /run/systemd/system/ -d
drwxr-xr-x 5 root root 160 Aug 5 09:30 /run/systemd/system/
3.常用参数:
| start | 启动服务 |
|---|---|
| stop | 停止服务 |
| restart | 重启服务 |
| enable | 使某服务开机自启 |
| disable | 关闭某服务开机自启 |
| status | 查看服务状态 |
| list -units --type=service | 列举所有已启动服务 |
4.常见示例
启动指定的服务
[root@jindada ~]# systemctl start sshd
停止指定的服务
[root@jindada ~]# systemctl stop sshd
重启指定的服务
[root@jindada ~]# systemctl restart sshd
平滑重启指定的服务
[root@jindada ~]# systemctl reload nginx
禁用某个服务
[root@jindada ~]# systemctl mask nginx
解除禁用某个服务
[root@jindada ~]# systemctl unmask nginx
查看指定服务的运行状态
[root@jindada ~]# systemctl status sshd
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2022-10-15 15:14:56 CST; 1 months 0 days ago
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 1211 (sshd)
CGroup: /system.slice/sshd.service
└─1211 /usr/sbin/sshd -D
Nov 15 11:12:44 jindada sshd[24068]: Received disconnect from 159.89.29.240 po...h]
Nov 15 11:12:44 jindada sshd[24068]: Disconnected from 159.89.29.240 port 4437...h]
Nov 15 11:12:55 jindada sshd[24109]: Connection closed by 139.162.126.205 port...h]
Nov 15 11:13:57 jindada sshd[24337]: Invalid user testupload from 159.89.29.24...34
Nov 15 11:13:57 jindada sshd[24337]: input_userauth_request: invalid user test...h]
Nov 15 11:13:57 jindada sshd[24337]: pam_unix(sshd:auth): check pass; user unknown
Nov 15 11:13:57 jindada sshd[24337]: pam_unix(sshd:auth): authentication failu...40
Nov 15 11:13:59 jindada sshd[24337]: Failed password for invalid user testuplo...h2
Nov 15 11:14:00 jindada sshd[24337]: Received disconnect from 159.89.29.240 po...h]
Nov 15 11:14:00 jindada sshd[24337]: Disconnected from 159.89.29.240 port 3683...h]
Hint: Some lines were ellipsized, use -l to show in full.
# status状态:
active (running) #运行
Active: inactive (dead) #不在运行
disabled #开机不自启
enabled #开机自启
failed #失败
将指定的服务加入到开机启动项中
[root@jindada ~]# systemctl enable sshd
将指定的服务从开机启动项中取消
[root@jindada ~]# systemctl disable sshd
显示系统中所有已启动的服务列表信息
[root@jindada ~]# systemctl list-units --type=service
UNIT LOAD ACTIVE SUB DESCRIPTION
accounts-daemon.service loaded active running Accounts Service
atd.service loaded active running Job spooling tools
auditd.service loaded active running Security Auditing Service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
bolt.service loaded active running Thunderbolt system service
colord.service loaded active running Manage, Install and Gener>
crond.service loaded active running Command Scheduler
cups.service loaded active running CUPS Scheduler
5.使用system进行管理关机重启操作
[root@jindada ~]# systemctl reboot
[root@jindada ~]# systemctl poweroff
五、显示与设置主机名称-hostnamectl
1.含义
hostnamectl命令来自于英文词组“hostname control”的缩写,其功能是用于显示与设置主机名称。基于/etc/hostname文件修改主机名称需要重启服务器后才可生效,而hostnamectl命令设置过的主机名称可以立即生效,效率更高。
语法格式:hostnamectl [参数]
2.常用参数
| -H | 操作远程主机 |
|---|---|
| status | 显示当前主机名设置 |
| set-hostname | 设置系统主机名 |
3.常见示例
显示当前系统的主机名称及系统信息
[root@jindada ~]# hostnamectl status
Static hostname: jindada
Icon name: computer-vm
Chassis: vm
Machine ID: 5a69d41a9f284724b11c3784ed9a9709
Boot ID: 6513c9d3ab6649808b827f03d9b3754b
Virtualization: kvm
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1160.71.1.el7.x86_64
Architecture: x86-64
修改当前系统的主机名称为指定字符串
[root@jindada ~]# hostnamectl set-hostname jhno1
4.具体小案例
[root@jindada ~]# hostname
jindada
[root@jindada ~]# hostnamectl
Static hostname: jindada
Icon name: computer-vm
Chassis: vm
Machine ID: 6b11e94f1fe04eb89579c1c41f6f5307
Boot ID: 783be43c5a44420ead4bd26792a6d22c
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-957.el7.x86_64
Architecture: x86-64
[root@jindada ~]# hostnamectl set-hostname web01
[root@jindada ~]# logout
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(虚拟机-10.0.0.100) at 09:54:12.
Type `help' to learn how to use Xshell prompt.
[C:\~]$
Connecting to 10.0.0.100:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Wed Aug 5 17:51:59 2020 from 10.0.0.1
[root@web01 ~]#
[root@web01 ~]# cat /etc/hostname
web01
5.Centos-6修改 临时生效
[root@web01 ~]# hostname jindada
[root@web01 ~]# logout
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(虚拟机-10.0.0.100) at 09:55:10.
Type `help' to learn how to use Xshell prompt.
[C:\~]$
Connecting to 10.0.0.100:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Wed Aug 5 09:54:16 2020 from 10.0.0.1
[root@jindada ~]# cat /etc/hostname
web01
六、Linux系统字符集修改-localectl
1.含义
localectl命令可用于查询与修改系统的本地化(locale)与键盘布局的设置。 它通过与systemd-localed.service通信来修改例如 /etc/locale.conf 与 /etc/vconsole.conf 之类的配置文件。本地化设置控制着 用户界面的语言、字符类型与字符编码、 日期时间与货币符号的表达方式 等许多细节。
语法格式:localectl [参数]
2.常用参数
| --no-ask-password | 在执行特权操作时不向用户索要密码 |
|---|---|
| -H | 操作指定的远程主机 |
| --no-pager | 不将程序的输出内容管道(pipe)给分页程序 |
| status | 显示当前的本地化设置与键盘映射 |
| set-locale LOCALE | 设置系统的本地化环境变量 |
3.常见示例
使用localectl命令设置系统的本地化字符集环境变量
[root@jindada ~]# echo $LANG
en_US.UTF-8
[root@jindada ~]# localectl set-locale LANG=zh_CN.UTF-8
[root@jindada ~]# logout
Connection closing...Socket close.
Connection closed by foreign host.
Disconnected from remote host(虚拟机-10.0.0.100) at 09:57:21.
Type `help' to learn how to use Xshell prompt.
[C:\~]$
Connecting to 10.0.0.100:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Wed Aug 5 09:55:13 2020 from 10.0.0.1
[root@jindada ~]#
[root@jindada ~]# cat /etc/locale.conf
LANG=zh_CN.UTF-8
显示当前的本地化设置与键盘映射
[root@jindada ~]# localectl status
列出本地所有字符集
[root@jindada ~]# localectl list-locales
临时修改字符集
[root@jindada ~]# yum install -y sl
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
软件包 sl-5.02-1.el7.x86_64 已安装并且是最新版本
无须任何处理
#临时修改变量
[root@jindada ~]# export LANG=en_US.UTF-8
[root@jindada ~]# echo $LANG
en_US.UTF-8
七、Linux系统日志管理-journalctl
1.含义
journalctl命令来自于英文词组“journal control”的缩写,其功能是用于查看指定的日志信息。在RHEL7/CentOS7及以后版本的Linux系统中,Systemd服务统一管理了所有服务的启动日志,带来的好处就是可以只用journalctl一个命令,查看到全部的日志信息了。
语法格式: journalctl [参数]
2.常用参数
| -k | 查看内核日志 |
|---|---|
| -b | 查看系统本次启动的日志 |
| -u | 查看指定服务的日志 |
| -n | 指定日志条数 |
| -f | 追踪日志 |
| -xe | 查看当前服务的日志 |
| --disk-usage | 查看当前日志占用磁盘的空间的总大小 |
3.常见示例
查看系统中全部的日志信息
[root@jindada ~]# journalctl
-- Logs begin at Sat 2022-10-15 15:13:23 CST, end at Tue 2022-11-15 17:19:01 CST. --
Oct 15 15:13:23 VM-0-15-centos systemd[1]: Reloading.
Oct 15 15:13:23 VM-0-15-centos rsyslogd[1287]: imjournal: journal reloaded... [v8.24.0-57.el7_9
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: qemu ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: fstab-sys ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: iscsi ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: rootfs-block ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: terminfo ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: *** Including module: udev-rules ***
Oct 15 15:13:26 VM-0-15-centos dracut[1568]: Skipping udev rule: 40-redhat-cpu-hotplug.rules
Oct 15 15:13:27 VM-0-15-centos dracut[1568]: Skipping udev rule: 91-permissions.rules
………………省略部分输出信息………………
指定查看内核日志信息
[root@jindada ~]# journalctl -k
-- Logs begin at Sat 2022-10-15 15:13:23 CST, end at Tue 2022-11-15 17:19:01 CST. --
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpuset
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpu
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpuacct
Oct 15 15:14:50 VM-0-36-centos kernel: Linux version 3.10.0-1160.71.1.el7.x86_64 (mockbuild@kbu
Oct 15 15:14:50 VM-0-36-centos kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-1160.71.1.
Oct 15 15:14:50 VM-0-36-centos kernel: e820: BIOS-provided physical RAM map:
Oct 15 15:14:50 VM-0-36-centos kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] u
………………省略部分输出信息………………
指定查看本次系统启动的日志信息
[root@jindada ~]# journalctl -b
-- Logs begin at Sat 2022-10-15 15:13:23 CST, end at Tue 2022-11-15 17:20:01 CST. --
Oct 15 15:14:50 VM-0-36-centos systemd-journal[114]: Runtime journal is using 8.0M (max allowed
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpuset
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpu
Oct 15 15:14:50 VM-0-36-centos kernel: Initializing cgroup subsys cpuacct
Oct 15 15:14:50 VM-0-36-centos kernel: Linux version 3.10.0-1160.71.1.el7.x86_64 (mockbuild@kbu
Oct 15 15:14:50 VM-0-36-centos kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-3.10.0-1160.71.1.
Oct 15 15:14:50 VM-0-36-centos kernel: e820: BIOS-provided physical RAM map:
Oct 15 15:14:50 VM-0-36-centos kernel: BIOS-e820: [mem 0x0000000000000000-0x000000000009fbff] u
………………省略部分输出信息………………
查看当前服务的日志
[root@jindada ~]# journalctl -xe
[root@jindada ~]# tail /var/log/messages
Aug 5 10:01:32 jindada systemd: Stopped The nginx HTTP and reverse proxy server.
Aug 5 10:01:32 jindada systemd: Starting The nginx HTTP and reverse proxy server...
Aug 5 10:01:32 jindada nginx: nginx: [emerg] unknown directive "isten" in /etc/nginx/nginx.conf:39
Aug 5 10:01:32 jindada nginx: nginx: configuration file /etc/nginx/nginx.conf test failed
Aug 5 10:01:32 jindada systemd: nginx.service: control process exited, code=exited status=1
Aug 5 10:01:32 jindada systemd: Failed to start The nginx HTTP and reverse proxy server.
Aug 5 10:01:32 jindada systemd: Unit nginx.service entered failed state.
Aug 5 10:01:32 jindada systemd: nginx.service failed.
Aug 5 10:02:01 jindada systemd: Started Session 19 of user root.
Aug 5 10:03:01 jindada systemd: Started Session 20 of user root.
显示日志的级别日志
[root@jindada ~]# journalctl -p
alert crit debug emerg err info notice warning
[root@jindada ~]# journalctl -p err
-- Logs begin at Wed 2020-08-05 17:51:37 CST, end at Wed 2020-08-05 10:05:01 CST. --
Aug 05 17:51:41 jindada kernel: sd 2:0:0:0: [sda] Assuming drive cache: write through
Aug 05 17:51:41 jindada kernel: sd 2:0:1:0: [sdb] Assuming drive cache: write through
Aug 05 17:51:41 jindada kernel: sd 2:0:2:0: [sdc] Assuming drive cache: write through
Aug 05 17:51:44 jindada kernel: piix4_smbus 0000:00:07.3: SMBus Host Controller not enabled!
Aug 05 09:54:13 web01 sshd[7162]: error: Received disconnect from 10.0.0.1 port 50011:0:
Aug 05 09:55:11 jindada sshd[7333]: error: Received disconnect from 10.0.0.1 port 50033:0:
Aug 05 09:57:22 jindada sshd[7369]: error: Received disconnect from 10.0.0.1 port 50041:0:
Aug 05 09:59:29 jindada sshd[7419]: error: Received disconnect from 10.0.0.1 port 50067:0:
Aug 05 10:00:51 jindada sshd[7473]: error: Received disconnect from 10.0.0.1 port 50097:0:
Aug 05 10:01:32 jindada systemd[1]: Failed to start The nginx HTTP and reverse proxy server.
指定查看某个服务程序的日志信息
[root@jindada ~]# journalctl -u sshd
-- Logs begin at Wed 2020-08-05 17:51:37 CST, end at Wed 2020-08-05 10:06:01 CST. --
Aug 05 17:51:56 jindada systemd[1]: Starting OpenSSH server daemon...
Aug 05 17:51:56 jindada sshd[6981]: Server listening on 0.0.0.0 port 22.
Aug 05 17:51:56 jindada sshd[6981]: Server listening on :: port 22.
Aug 05 17:51:56 jindada systemd[1]: Started OpenSSH server daemon.
Aug 05 17:51:59 jindada sshd[7162]: Accepted password for root from 10.0.0.1 port 50011 ssh2
Aug 05 09:54:16 web01 sshd[7333]: Accepted password for root from 10.0.0.1 port 50033 ssh2
Aug 05 09:55:12 jindada sshd[7369]: Accepted password for root from 10.0.0.1 port 50041 ssh2
Aug 05 09:57:26 jindada sshd[7419]: Accepted password for root from 10.0.0.1 port 50067 ssh2
Aug 05 09:59:31 jindada sshd[7473]: Accepted password for root from 10.0.0.1 port 50097 ssh2
Aug 05 10:00:52 jindada sshd[7525]: Accepted password for root from 10.0.0.1 port 50111 ssh2
………………省略部分输出信息………………
指定查看最近10条日志信息
[root@jindada ~]# journalctl -n 10
-- Logs begin at Sat 2022-10-15 15:13:23 CST, end at Tue 2022-11-15 17:21:01 CST. --
Nov 15 17:20:48 jindada sshd[12647]: input_userauth_request: invalid user oracle [preauth]
Nov 15 17:20:48 jindada sshd[12647]: pam_unix(sshd:auth): check pass; user unknown
Nov 15 17:20:48 jindada sshd[12647]: pam_unix(sshd:auth): authentication failure; logname= uid=
Nov 15 17:20:49 jindada sshd[12647]: Failed password for invalid user oracle from 139.162.114.4
Nov 15 17:20:50 jindada sshd[12647]: Received disconnect from 139.162.114.41 port 37262:11: Nor
Nov 15 17:20:50 jindada sshd[12647]: Disconnected from 139.162.114.41 port 37262 [preauth]
Nov 15 17:21:01 jindada systemd[1]: Started Session 72202 of user root.
Nov 15 17:21:01 jindada systemd[1]: Started Session 72203 of user root.
Nov 15 17:21:01 jindada CROND[12698]: (root) CMD (sh /root/test.sh)
Nov 15 17:21:01 jindada CROND[12699]: (root) CMD (flock -xn /tmp/stargate.lock -c '/usr/local/q
持续追踪最新的日志信息,保持刷新内容
[root@jindada ~]# journalctl -f
-- Logs begin at Sat 2022-10-15 15:13:23 CST. --
Nov 15 17:20:50 jindada sshd[12647]: Received disconnect from 139.162.114.41 port 37262:11: Normal Shutdown, Thank you for playing [preauth]
Nov 15 17:20:50 jindada sshd[12647]: Disconnected from 139.162.114.41 port 37262 [preauth]
Nov 15 17:21:01 jindada systemd[1]: Started Session 72202 of user root.
Nov 15 17:21:01 jindada systemd[1]: Started Session 72203 of user root.
Nov 15 17:21:01 jindada CROND[12698]: (root) CMD (sh /root/test.sh)
Nov 15 17:21:01 jindada CROND[12699]: (root) CMD (flock -xn /tmp/stargate.lock -c '/usr/local/qcloud/stargate/admin/start.sh > /dev/null 2>&1 &')
Nov 15 17:22:01 jindada systemd[1]: Started Session 72205 of user root.
Nov 15 17:22:01 jindada CROND[12924]: (root) CMD (sh /root/test.sh)
Nov 15 17:22:01 jindada systemd[1]: Started Session 72204 of user root.
Nov 15 17:22:01 jindada CROND[12925]: (root) CMD (flock -xn /tmp/stargate.lock -c '/usr/local/qcloud/stargate/admin/start.sh > /dev/null 2>&1 &')
………………省略部分输出信息………………
八、Linux系统单用户模式
1.忘记root密码
开机在grub界面输入 e
在linux16开头的行的最后面输入 init=/bin/bash enforcing=0
按 ctrl键 + x
重新挂载根分区 mount -o rw,remount /
修改密码
重启 exec /sbin/init
2.运行级别被设置为重启
[root@web01 ~]# systemctl set-default reboot.target
Removed symlink /etc/systemd/system/default.target.
Created symlink from /etc/systemd/system/default.target to /usr/lib/systemd/system/reboot.target.
[root@web01 ~]# systemctl get-default
reboot.target
开机在grub界面输入 e
在linux16开头的行的最后面输入 rd.break
按 ctrl键 + x
重新挂载根分区 mount -o rw,remount /sysroot
赋予权限 chroot /sysroot
修改运行级别
exit
reboot
九、Linux系统救援模式
1.系统损坏了,数据很重要 需要把数据拷贝出来
先挂载光盘,然后选择光盘引导为第一位,如下图所示。
进入故障排除模式,然后选择救援模式,如下图所示。
挂载真实系统后,发现数据都还存在,之后就可以挂在磁盘,将数据备份出来。
2.MBR引导坏掉,修复MBR,主要出现在安装双系统的时候,后安装的系统把原来的MBR删除了,需要修复
破坏硬盘的前446字节,模拟MBR引导损坏,会发现重启无法启动系统
dd if=/dev/zero of=/dev/sda bs=1 count=446
重启,查看系统状态
进入救援模式,分配一个shell,进行修复系统
\#修复grub
bash-4.2# grub2-install /dev/sda
\#退出
bash-4.2# exit
\#重启进入系统
bash-4.2# reboot
3.CentOS-7 误删除grub文件,进行修复
模拟故障
\#删除grub2
rm -rf /boot/grub2/
\#重启
reboot
查看系统状态
进入救援模式,分配一个shell,进行修复系统
bash-4.2# grub2-install /dev/sda
bash-4.2# grub2-mkconfig -o /boot/grub2/grub.cfg
bash-4.2# ls /boot/grub2
bash-4.2# exit
sh-4.2# reboot
十、Linux系统网卡命名规则
1.概述
CentOS6之前基于传统的命名方式如:eth1,eth0....
Centos7提供了不同的命名规则,默认是基于固件、拓扑、位置信息来分配。这样做的优点是命名是全自动的、可预知的,缺点是比eth0更难读。比如ens33
2.网卡命名的策略
规则1:如果Firmware或者BIOS提供的设备索引信息可用就用此命名。比如eno1。否则使用规则2
规则2:如果Firmware或Bios的PCI-E扩展插槽可用就用此命名。比如ens1,否则使用规则3
规则3:如果硬件接口的位置信息可用就用此命名。比如enp2s0
规则4:根据MAC地址命名,比如enx7d3e9f。默认不开启。
规则5:上述均不可用时回归传统命名方式
上面的所有命名规则需要依赖于一个安装包:biosdevname
biosdevname和net.ifnames属于两种不同的命名规范
CentOS-7中默认biosdevname的值为0,net.ifnames的值为1。
3.命令行修改网卡命名规则
#命令行修改网卡命名规则
mv /etc/sysconfig/network-scripts/ifcfg-ens33 ifcfg-eth0
#修改网卡配置文件设备名称
sed -i "s#ens33#eth0#g" ifcfg-eth0
#GRUB添加kernel参数
vim /etc/sysconfig/grub
GRUB_CMDLINE_LINUX="...net.ifnames=0 biosdevname=0 quiet"
#加载到引导分区
grub2-mkconfig -o /boot/grub2/grub.cfg
#重启系统生效
reboot
十一、Linux系统基础优化
1.更改Yum源添加epel源
默认国外的yum源(软件仓库)比较慢,所以换成国内的。
#1、备份
[root@qls ~]# mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
#2、下载新的CentOS-Base.repo 到/etc/yum.repos.d/
[root@qls ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#3.添加epel源
[root@qls ~]# curl -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
2.关闭SELinux
SELinux(Security-Enhanced Linux)是美国国家安全局(NSA)对于强制访问控制的实现,这个功能让系统管理员又爱又恨,这里我们还是把它给关闭了吧,至于安全问题,后面通过其他手段来解决,这也是大多数生产环境的做法,如果非要开启也是可以的。
#临时关闭
[root@qls ~]# setenforce 0
#永久关闭
[root@qls ~]# sed 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
#检查结果
[root@qls ~]# grep "disabled" /etc/selinux/config
3.关闭防火墙(Firewalld)
关闭防火墙的目的是为了让初学者学习更方便,将来在学了Firewalld技术后可再统一开启。 在企业环境中,一般只有配置外网IP的linux服务器才需要开启防火墙,但即使是有外网IP,对于高并发高流量的业务服务器仍是不能开的,因为会有较大性能损失,导致网站访问很慢,这种情况下只能在前端加更好的硬件防火墙了。
#临时关闭
[root@qls ~]# systemctl stop firewalld
#永久关闭
[root@qls ~]# systemctl disable firewalld
4.关闭NetworkManager
在CentOS系统上,目前有NetworkManager和network两种网络管理工具。如果两种都配置会引起冲突,而且NetworkManager在网络断开的时候,会清理路由,如果一些自定义的路由,没有加入到NetworkManager的配置文件中,路由就被清理掉,网络连接后需要自定义添加上去。
network:对网卡的配置
NetworkManager:这个服务由几个部分组成;一个是管理系统网络连接;一个是允许用户管理网络连接的客户端程序,使用它可以更好的管理网络
#添加网卡
[root@jindada ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1
[root@jindada ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=none
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=172.16.1.100
PREFIX=24
[root@jindada ~]# ifconfig eth1 172.16.1.100/24
#临时关闭
[root@qls ~]# systemctl stop NetworkManager
#永久关闭
[root@qls ~]# systemctl disable NetworkManager
5.同步系统时间
#给定时任务加上注释
[root@qls ~]# echo '#Timing synchronization time' >>/var/spool/cron/root
#定时任务
[root@qls ~]# echo '*/5 * * * * /usr/sbin/ntpdate ntp1.aliyun.com &>/dev/null' >>/var/spool/cron/root
#检查结果
[root@qls ~]# crontab -l
6.加大文件描述
#配置文件介绍
<domain> <type> <item> <value>
<domain>表示要限制的用户
<type>设定类型
<item>表示可选的资源
<value>表示要限制的值
#加大文件描述符
[root@qls ~]# echo '* - nofile 65535 ' >>/etc/security/limits.conf
#检查结果
[root@qls ~]# tail -1 /etc/security/limits.conf
7.别名及环境变量优化
#设置
[root@qls ~]# cat>>/etc/profile.d/color.sh<<'EOF'
alias ll='ls -l --color=auto --time-style=long-iso'
PS1="\[\e[37;40m\][\[\e[32;1m\]\u\[\e[37;40m\]@\h \[\e[36;40m\]\w\[\e[0m\]]\[\e[32;1m\]\\$ \[\e[0m\]"
export HISTTIMEFORMAT='%F-%T '
EOF
#生效
[root@qls ~]# source /etc/profile
8.内核优化
#设置
[root@qls ~]# cat >>/etc/sysctl.conf<<EOF
net.ipv4.tcp_fin_timeout = 2
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_syncookies = 1
net.ipv4.tcp_keepalive_time = 600
net.ipv4.ip_local_port_range = 4000 65000
net.ipv4.tcp_max_syn_backlog = 16384
net.ipv4.tcp_max_tw_buckets = 36000
net.ipv4.route.gc_timeout = 100
net.ipv4.tcp_syn_retries = 1
net.ipv4.tcp_synack_retries = 1
net.core.somaxconn = 16384
net.core.netdev_max_backlog = 16384
net.ipv4.tcp_max_orphans = 16384
net.ipv4.ip_forward = 1
EOF
#生效
[root@qls ~]# sysctl -p
9.配置SSH远程管理服务
#禁止DNS进行反向解析
[root@qls ~]# sed -i 's/#UseDNS yes/UseDNS no/g' /etc/ssh/sshd_config
#检查结果
[root@qls ~]# grep 'UseDNS no' /etc/ssh/sshd_config
#禁止GSS认证,减少连接时产生的延迟
[root@qls ~]# sed -i 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
#检查结果
[root@qls ~]# grep 'GSSAPIAuthentication no' /etc/ssh/sshd_config
#生效
[root@qls ~]# systemctl restart sshd
10.修改主机名和IP脚本
#脚本如下
[root@qls ~]# cat>/root/hostname_ip.sh<<'EOF'
#!/usr/bin/sh
source /etc/init.d/functions
if [ $# -ne 2 ];then
echo "/bin/sh $0 New hostname New IP address"
exit 1
fi
hostnamectl set-hostname $1
if [ $? -eq 0 ];then
action "hostname update Successfull." /bin/true
else
action "hostname update Failed." /bin/false
fi
sed -ri "/^IPA/s#(.*\.).*#\1$2#g" /etc/sysconfig/network-scripts/ifcfg-eth[01]
if [ $? -eq 0 ];then
action "IP update Successfull." /bin/true
systemctl restart network
else
action "IP update Failed!" /bin/false
fi
EOF
11.安装常用软件
[root@qls ~]# yum -y install unzip wget tree nmap sysstat lrzsz telnet bash-completion bash-completion-extras vim lsof net-tools rsync ntpdate nfs-utils
12.Linux基础优化及安全小结
1)禁止root用户远程连接,不用root登录管理系统,而以普通用户登录通过sudo授权管理。
2)更改默认的远程连接SSH服务端口,甚至要更改SSH服务只监听内网IP。
3)定时自动更新服务器的时间,使其和互联网时间同步。
4)配置yum更新源,从国内更新源下载安装软件包。
5)关闭SELinux及Firewalld(在工作场景中,如果有外部IP一般要打开Firewalld,高并发高流量的服务器可能无法开启)。
6)调整文件描述符的数量,进程及文件的打开都会消耗文件描述符数量。
7)定时自动清理邮件临时目录垃圾文件,防止磁盘的inodes数被小文件占满。
8)Linux内核参数优化。
9)更改系统字符集为“zh_CN.UTF-8”,使其支持中文,防止出现乱码问题。
10)锁定系统主要文件,处理后把chattr、lsattr改名,转移走,这样就安全多了。
11)清空/etc/issue、/etc/issue.net,去除系统及内核版本登录前的屏幕显示。
12)清除多余的系统虚拟用户账号。
13)为grub引导菜单加密码。
14)禁止主机被ping。echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
15)打补丁并升级有已知漏洞的软件。
