linux基本操作和自己组装服务器
1、CentOS 网卡命名规则
在 CentOS 8 中,网卡命名规则采用了一种新的方式,称为 Predictable Network Interface Names(可预测的网络接口命名)。这种命名方式基于设备的物理位置、MAC 地址、总线信息等,旨在提供更加一致和可预测的网卡命名。
根据该规则,网卡的命名可以有以下几种形式:
-
ens:以
ens
开头,表示以太网(Ethernet)设备。 -
enp:以
enp
开头,表示 PCI Express 设备。 -
enx:以
enx
开头,表示通过 MAC 地址绑定的设备。
例如,ens192
表示以太网设备,enp0s3
表示 PCI Express 设备,enx001122334455
表示通过 MAC 地址绑定的设备。
这种命名规则的目的是使网卡命名更具可读性和一致性,有助于管理多个网络接口的系统。但请注意,具体的命名可能因系统配置和硬件环境而有所不同。你可以使用以下命令来查看系统中的网卡命名情况:
[root@fishman-160 ~]# ls /sys/class/net
ens33 lo virbr0
该命令将列出系统中的所有网络接口及其对应的命名。
2、网络配置相关
[root@fishman-160 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 #UP:接口已启用。BROADCAST:接口可以广播数据包。RUNNING:接口正在运行,即已经激活并可用。MULTICAST:接口可以接收和发送多播数据包。
inet 192.168.52.160 netmask 255.255.255.0 broadcast 192.168.52.255
inet6 fe80::20c:29ff:fec5:b8f8 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:c5:b8:f8 txqueuelen 1000 (Ethernet)
RX packets 2436 bytes 216165 (211.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1471 bytes 156119 (152.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 48 bytes 3968 (3.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48 bytes 3968 (3.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:3e:b7:41 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
1、ifconfig
命令的输出通常包括以下信息:
-
网络接口的名称:通常以
eth
、en
、wlan
或wlp
开头,后面跟着数字,例如eth0
、enp0s3
。 -
MAC地址:是网络接口的物理地址,用于唯一标识网络设备。
-
IP地址:是网络接口的逻辑地址,用于在网络中标识设备。可以显示一个或多个IPv4或IPv6地址。
-
子网掩码:用于定义网络中主机部分和网络部分的边界。
-
广播地址:用于向网络中的所有设备广播消息。
-
MTU(最大传输单元):指定可以在单个数据包中传输的最大字节数。
-
网络接口状态:包括 UP(启用)和 DOWN(禁用)。
-
数据统计信息:包括接收的数据包数量、发送的数据包数量、错误的数据包数量等
每个网络接口的信息由一个以接口名称开头的行开始,后跟该接口的配置和统计信息。每行的开头可能包含一些标志(flags),用于指示接口的状态(例如启用、广播、运行、多播等)。然后是一些配置信息,如IP地址、子网掩码、广播地址、IPv6地址等。接下来是一些统计信息,如接收和发送的数据包数量、字节数、错误信息等
2、临时修改ip地址
NetworkManager 是一个守护进程,负责管理网络连接和网络设备的配置。它提供了一种统一的方式来管理和配置系统中的网络连接,包括有线网络、无线网络、移动数据等。NetworkManager可以自动检测和配置网络接口,处理网络连接的自动连接、断开、重新连接,支持网络认证、VPN、移动宽带等功能。
[root@fishman-160 ~]# ifconfig ens33 192.168.52.170
#重启网卡 的 三种方法
[root@fishman-160 ~]# nmcli c reload #重新加载 NetworkManager 的连接配置。
[root@fishman-160 ~]# nmcli device reapply ens33 重新应用 ens33 网络设备的配置。reapply 参数告诉 NetworkManager 重新应用设备的配置,以确保配置生效。
成功重新应用连接到设备 "ens33"。
[root@fishman-160 ~]# nmcli connection up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/4)
[root@fishman-160 ~]# nmcli d connect ens33
成功用 "ens33156f4136-48d7-4189-b075-ff03703358b7" 激活了设备 ""。
3、删除临时IP地址
root@fishman-160 ~]# ip addr delete 192.168.52.170 dev ens33:0 #ip addr delete:表示删除 IP 地址的操作。192.168.52.170:要删除的 IP 地址。dev ens33:0:指定要从哪个网络接口中删除 IP 地址。其中 ens33 是网络接口的名称,0 是别名(或子接口)的标识符。
Warning: Executing wildcard deletion to stay compatible with old scripts.
Explicitly specify the prefix length (192.168.52.170/32) to avoid this warning.
This special behaviour is likely to disappear in further releases,
fix your scripts!
[root@fishman-160 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::20c:29ff:fec5:b8f8 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:c5:b8:f8 txqueuelen 1000 (Ethernet)
RX packets 19409 bytes 21248699 (20.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5867 bytes 452771 (442.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
4、永久修改ip地址
[root@fishman-160 ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
1 TYPE=Ethernet
2 PROXY_METHOD=none
3 BROWSER_ONLY=no
4 BOOTPROTO=none #none代表不指定,缺省值静态static;dhcp代表动态获取ip;static代表静态获取ip
5 DEFROUTE=yes
6 IPV4_FAILURE_FATAL=no
7 IPV6INIT=yes
8 IPV6_AUTOCONF=yes
9 IPV6_DEFROUTE=yes
10 IPV6_FAILURE_FATAL=no
11 IPV6_ADDR_GEN_MODE=eui64
12 NAME=ens33
13 UUID=156f4136-48d7-4189-b075-ff03703358b7
14 DEVICE=ens33
15 ONBOOT=yes
16 IPADDR=192.168.52.160
17 PREFIX=24
18 GATEWAY=192.168.52.2
19 DNS1=8.8.8.8
5、查看DNS服务器配置
[root@fishman-160 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 8.8.8.8
3、修改主机名
临时修改主机名
[root@fishman-160 ~]# hostname daemon
[root@fishman-160 ~]# hostname
daemon
永久修改主机名
[root@fishman-160 ~]# hostnamectl set-hostname fishname-161
[root@fishman-160 ~]# hostname
fishname-161
[root@fishman-160 ~]# #终端bash提示符中的主机名,下次重启后生效
4、关闭防火墙
1、查看防火墙状态
[root@fishman-160 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2023-07-13 10:43:57 CST; 4h 11min ago
Docs: man:firewalld(1)
Main PID: 907 (firewalld)
Tasks: 2 (limit: 12048)
Memory: 25.4M
CGroup: /system.slice/firewalld.service
└─907 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid
7月 13 10:43:56 fishman-160 systemd[1]: Starting firewalld - dynamic firewall daemon...
7月 13 10:43:57 fishman-160 systemd[1]: Started firewalld - dynamic firewall daemon.
7月 13 10:43:57 fishman-160 firewalld[907]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.
2、查看iptables的策略
[root@fishman-160 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
LIBVIRT_INP all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
target prot opt source destination
LIBVIRT_FWX all -- 0.0.0.0/0 0.0.0.0/0
LIBVIRT_FWI all -- 0.0.0.0/0 0.0.0.0/0
LIBVIRT_FWO all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
LIBVIRT_OUT all -- 0.0.0.0/0 0.0.0.0/0
Chain LIBVIRT_INP (1 references)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
Chain LIBVIRT_OUT (1 references)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
Chain LIBVIRT_FWO (1 references)
target prot opt source destination
ACCEPT all -- 192.168.122.0/24 0.0.0.0/0
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain LIBVIRT_FWI (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain LIBVIRT_FWX (1 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
3、 临时关闭iptables
[root@fishman-160 ~]# systemctl stop firewalld.service
[root@fishman-160 ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: inactive (dead) since Thu 2023-07-13 14:58:02 CST; 5s ago
Docs: man:firewalld(1)
Process: 907 ExecStart=/usr/sbin/firewalld --nofork --nopid $FIREWALLD_ARGS (code=exited, status=0/SUCCESS)
Main PID: 907 (code=exited, status=0/SUCCESS)
[root@fishman-160 ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
4、开机不启动firewalld
[root@fishman-160 ~]# systemctl disable firewalld.service
Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@fishman-160 ~]# systemctl is-enabled firewalled #判断是否开机不启动
Failed to get unit file state for firewalled.service: No such file or directory
5、 开机启动firewalld
[root@fishman-160 ~]# systemctl enable firewalld
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.
6、列出系统中运行的单元的状态和相关信息
[root@fishman-160 ~]# systemctl list-units
[root@fishman-160 ~]# systemctl list-units --type service #获取系统中所有服务单元的信息,包括服务名称、状态、描述、所属 slice 或分组以及加载状态等
7、查看selinux状态
[root@fishman-160 ~]# getenforce
Enforcing
8、临时关闭selinux
[root@fishman-160 ~]# setenforce 0 #关闭selinux
[root@fishman-160 ~]# getenforce
Permissive
9、永久关闭selinux
[root@fishman-160 ~]# vim /etc/selinux/config
1
2 # This file controls the state of SELinux on the system.
3 # SELINUX= can take one of these three values:
4 # enforcing - SELinux security policy is enforced.
5 # permissive - SELinux prints warnings instead of enforcing.
6 # disabled - No SELinux policy is loaded.
7 SELINUX=disable #disable 彻底关闭;permissive 告警但放行
8 # SELINUXTYPE= can take one of these three values:
9 # targeted - Targeted processes are protected,
10 # minimum - Modification of targeted policy. Only selected processes are protected.
11 # mls - Multi Level Security protection.
12 SELINUXTYPE=targeted
[root@fishman-160 ~]# reboot #需要重启
5、永久挂载光驱
[root@fishman-160 ~]# vim /etc/fstab
1
2 #
3 # /etc/fstab
4 # Created by anaconda on Thu Jul 6 04:58:45 2023
5 #
6 # Accessible filesystems, by reference, are maintained under '/dev/disk/'.
7 # See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info.
8 #
9 # After editing this file, run 'systemctl daemon-reload' to update systemd
10 # units generated from this file.
11 #
12 UUID=75bbfbae-a006-489e-95ee-214aa24d94ff / xfs defaults 0 0
13 UUID=627e70f9-0231-4474-bfd5-45b509a672da /boot xfs defaults 0 0
14 UUID=46d0c215-3841-4a96-aa8f-53574afc8b8d none swap defaults 0 0
15 /dev/sdr0 /mnt iso9660 defaults 0 0 #填写挂载光驱
[root@fishman-160 ~]# mount -a
mount: /mnt: WARNING: device write-protected, mounted read-only. #确认挂载成功
mount: (hint) your fstab has been modified, but systemd still uses
the old version; use 'systemctl daemon-reload' to reload.
[root@fishman-160 ~]# ls /mnt
EFI images isolinux LICENSE TRANS.TBL #可以成功访问
[root@fishman-160 ~]# mount | grep sr0 #查看挂载情况
/dev/sr0 on /mnt type iso9660 (ro,relatime,nojoliet,check=s,map=n,blocksize=2048)
6、配置yum源
1、查看yum源
[root@fishman-160 ~]# ls /etc/yum.repos.d/ #CentOS 自带的yum源
CentOS-Stream-AppStream.repo CentOS-Stream-Debuginfo.repo CentOS-Stream-Extras.repo CentOS-Stream-Media.repo CentOS-Stream-PowerTools.repo CentOS-Stream-ResilientStorage.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-Extras-common.repo CentOS-Stream-HighAvailability.repo CentOS-Stream-NFV.repo CentOS-Stream-RealTime.repo CentOS-Stream-Sources.repo
[root@fishman-160 ~]# vim /etc/yum.repos.d/CentOS-Stream-BaseOS.repo
1 # CentOS-Stream-BaseOS.repo
2 #
3 # The mirrorlist system uses the connecting IP address of the client and the
4 # update status of each mirror to pick current mirrors that are geographically
5 # close to the client. You should use this for CentOS updates unless you are
6 # manually picking other mirrors.
7 #
8 # If the mirrorlist does not work for you, you can try the commented out
9 # baseurl line instead.
10
11 [baseos]
12 name=CentOS Stream $releasever - BaseOS
13 mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=BaseOS&infra=$infra #CentOS8提供的是镜像列表,其中包揽了国内的yum源
14 #baseurl=http://mirror.centos.org/$contentdir/$stream/BaseOS/$basearch/os/
15 gpgcheck=1
16 enabled=1
17 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
2、备份yum源
[root@fishman-160 ~]# sudo cp /etc/yum.repos.d/CentOS-Stream-BaseOS.repo /etc/yum.repos.d/CentOS-Stream-BaseOS.repo.bak
[root@fishman-160 ~]# ls /etc/yum.repos.d/
CentOS-Stream-AppStream.repo CentOS-Stream-Debuginfo.repo CentOS-Stream-HighAvailability.repo CentOS-Stream-PowerTools.repo CentOS-Stream-Sources.repo
CentOS-Stream-BaseOS.repo CentOS-Stream-Extras-common.repo CentOS-Stream-Media.repo CentOS-Stream-RealTime.repo
CentOS-Stream-BaseOS.repo.bak CentOS-Stream-Extras.repo CentOS-Stream-NFV.repo CentOS-Stream-ResilientStorage.rep
3、编辑原有yum源
[root@fishman-160 ~]# vim /etc/yum.repos.d/CentOS-Stream-BaseOS.repo #改aliyun源
1 # CentOS-Stream-BaseOS.repo
2 #
3 # The mirrorlist system uses the connecting IP address of the client and the
4 # update status of each mirror to pick current mirrors that are geographically
5 # close to the client. You should use this for CentOS updates unless you are
6 # manually picking other mirrors.
7 #
8 # If the mirrorlist does not work for you, you can try the commented out
9 # baseurl line instead.
10
11 [baseos]
12 name=CentOS Stream $releasever - BaseOS
13 #mirrorlist=http://mirrorlist.centos.org/?release=$stream&arch=$basearch&repo=BaseOS&infra=$infra
14 baseurl=http://mirrors.aliyun.com/centos/$releasever/BaseOS/$basearch/os/ #改为aliyun源
15 #baseurl=http://mirror.centos.org/$contentdir/$stream/BaseOS/$basearch/os/
16 gpgcheck=1
17 enabled=1
18 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[root@fishman-160 ~]# vim /etc/yum.repos.d/CentOS-Stream-BaseOS.repo #改光盘为本地源
1 # CentOS-Stream-BaseOS.repo
2 #
3 # The mirrorlist system uses the connecting IP address of the client and the
4 # update status of each mirror to pick current mirrors that are geographically
5 # close to the client. You should use this for CentOS updates unless you are
6 # manually picking other mirrors.
7 #
8 # If the mirrorlist does not work for you, you can try the commented out
9 # baseurl line instead.
10
11 [LocalRepo]
12 name=CentOS 8 Local Repository
13 baseurl=file:///BaseOS
14 gpgcheck=0
15 enabled=1
16 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial
[root@fishman-160 ~]# vim /etc/yum.repos.d/CentOS-Stream-Appstream.repo
1 # CentOS-Stream-AppStream.repo
2 #
3 # The mirrorlist system uses the connecting IP address of the client and the
4 # update status of each mirror to pick current mirrors that are geographically
5 # close to the client. You should use this for CentOS updates unless you are
6 # manually picking other mirrors.
7 #
8 # If the mirrorlist does not work for you, you can try the commented out
9 # baseurl line instead.
10
11 [LocalRepo]
12 name=CentOS 8 Local Repository
13 baseurl=file:///mnt/AppStream
14 gpgcheck=0
15 enabled=1
16 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial #校验用的公钥
4、清除yum缓存
[root@fishman-160 ~]# sudo dnf clean all
27 个文件已删除
5、生成新的缓存
[root@fishman-160 ~]# sudo dnf makecache
CentOS Stream 8 - AppStream 1.0 MB/s | 31 MB 00:31
CentOS Stream 8 - BaseOS 631 kB/s | 4.6 MB 00:07
CentOS Stream 8 - Extras 9.7 kB/s | 18 kB 00:01
CentOS Stream 8 - Extras common packages 7.6 kB/s | 6.6 kB 00:00
元数据缓存已建立。
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】凌霞软件回馈社区,博客园 & 1Panel & Halo 联合会员上线
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】博客园社区专享云产品让利特惠,阿里云新客6.5折上折
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek “源神”启动!「GitHub 热点速览」
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· C# 集成 DeepSeek 模型实现 AI 私有化(本地部署与 API 调用教程)
· DeepSeek R1 简明指南:架构、训练、本地部署及硬件要求
· 2 本地部署DeepSeek模型构建本地知识库+联网搜索详细步骤