redhat7学习笔记-rhce

ssh f0

redhat

begin_rhce_uplooking 30

ssh [email protected] -X

/etc/firewalld/zones/public.xml

1/2##################################2

echo uplooking |passwd --stdin root

sed -i "s/SELINUX=permissive/SELINUX=enforcing/" /etc/selinux/config

setenforce 1

3######################################2

firewall-config

选permanent

public->servces->选ssh->rich rules->

add->ipv4->element->service->ssh->action->accept->source->172.25.0.0/24->

add->ipv4->element->service->ssh->action->reject->source->172.17.0.0/24->ok->reload

firewall-cmd --list-all

4######################################

firewall-config

选permanent

public->rich rules->add->ipv4->element->forward-port->tcp->3410->选中localforwarding->80

->ok->source->172.25.0.0/24->ok-reload

5#####################################

yum -y install nm-connection-editor

nm-connection-editor

add->Etnernet->connection name:ens7->General:选中前两个框->ethnernet ->DeviceMACA;ems7->

ipv4->method->manual->ip->24-不用写网关->ipv6>ip->64->网关

6###################################

nm-connection-editor

Team->connection name:team0->General:选中前两个框->

add->Etnernet->connection name:team0_slave_1->General:选中前两个框->ethnernet-> DeviceMACA;ems7->save->

add->Etnernet->connection name:team0_slave_2->General:选中前两个框->ethnernet-> DeviceMACA;ems8->save->

JSON config->{"runner": {"name": "activeback"}}->IPv4->192.168.0.101->24->IPv6->ip6->64->网关-》save

teamdctl team0 stat

7##################################2

vi /etc/bashrc

alias show="ls -al; pwd ; echo ok"

source !$或者source /etc/bashrc

8#######################################

cd /usr/share/doc/postfix-2.10.1/README_FILES/

vi STANDARD_CONFIGURATION_README#(事例)

/null client#搜索找到myhostname = hostname.example.com处

postconf -e "myhostname = server30.example.com"

postconf -e "myorigin = desktop30.example.com"

postconf -e "relayhost = smtp30.example.com"

postconf -e "inet_interfaces = loopback-only"

postconf -e "mydestination ="

firewall-config->permanent->public->servces->勾选smtp->options->Reload Firewalld

firewall-cmd --permanent --add-service=smtp #desktop30

firewall-cmd --reload

mail student

Subject:test

mail info

.

EOF

mailq

mail -u student#desktop30

9/10########################################

yum install samba samba-client -y#服务器

yum instal samba-client cifs-utils#客服端

firewall-cmd --permanent --add-service=samba

firewall-cmd --reload

systemctl enable smb nmb

mkdir /common

mkdir /practice

semanage fcontext -a -t samba_share_t "/common(/.*)?"

semanage fcontext -a -t samba_share_t "/practice(/.*)?"

restorecon -r /common/

restorecon -r /practice/

ls -lZd /common/

ls -lZd /practice/

vi /etc/samba/smb.conf

workgroup = STAFF

[common]

path = /common

public = yes

browseable = yes

[practice]

path = /practice

public = yes

writeable = yes

write list = alice

hosts allow = 172.25.0.0/16

systemctl restart smb nmb

grep alice /etc/passwd

adduser alice

adduser bob

smbpasswd -a bob

smbpasswd -a alice

smbclient -L //server0#客户端

smbclient  //server0/common -U bob#客户端,不能写,通过put测试

smbclient  //server0/practice -U bob#客户端,不能写

smbclient  //server0/practice -U alice#客户端,不能写

setfacl -m u:alice:rwx /practice/

vi /etc/multi.user#客户端

username=alice

password=postroll

vi /etc/fstab#客户端

//server0/practice /mnt/practice cifs defaults ,cred=/ect/multi.user,multiuser,sec=ntlmssp 0 0

mkdir /mnt/practice#客户端

mount -a#客户端

df -m#客户端

11/12/13#######################################NFS

服务器端

mkdir /nfstest

mkdir /nfsprivate

systemctl enable nfs-server nfs-scrure-server.service

vi /etc/exports

/nfstest 172.25.0.0/16(ro)

/nfsprivate 172.25.0.0/16(rw,sec=krb5p)

cd /etc

wget  http://classroom.example.com/pub/keytabs/server30.keytab -O krb5.keytab

ls -lZ krb5.keytab

cd

systemctl start nfs-server nfs-scrure-server.service

exportfs -v

firewall-config

permanent->public->servces->nfs->reload

客户端

mkdir /nfstest

mkdir /nfsprivate

vi /etc/fstab

server0:/nfstest  /nfstest    nfs  defaults 0 0

server0:/nfsprivate /nfsprivate nfs defauts,sec=krb5p 0 0

cd /etc

wget http://classroom.example.com/pub/keytabs/desktop30.keytab -O krb5.keytab

ls -lZ krb5.keytab

systemctl enable nfs-secure

systemctl start nfs-secure.service

mount -a

14#############################################

yum install httpd mod_ssl mod_wsgi -y

systemctl enable httpd

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --reload

cd  /srv

mkdir www

cd www

mkdir www.server0.example.com

mkdir www0.example.com

mkdir server0.example.com

ls -lZ

restorecon -r /srv/www

ls -lZ

cd /etc/httpd/conf.d

vi server0.example.com.conf#more /usr/share/doc/http-2.4.6/httpd-vhosts.conf找虚拟主机

#more /etc/httpd/conf/httpd.conf找<Directory>

<VirtualHost *:80>

#ServerAdmin [email protected]

DocumentRoot /srv/www/server0.example.com

ServerName server0.example.com

ErrorLog "/var/log/httpd/server0.example.com-error_log"

CustomLog "/var/log/httpd/server0.example.com-access_log" common

</VirtualHost>

<VirtualHost *:443>

#ServerAdmin [email protected]

DocumentRoot /srv/www/server0.example.com

ServerName server0.example.com

ErrorLog "/var/log/httpd/server0.example.com-ssl-error_log"

CustomLog "/var/log/httpd/server0.example.com-ssl-access_log" common

SSLEngine on

SSLCertificateFile /etc/pki/tls/certs/server30.crt

SSLCertificateKeyFile /etc/pki/tls/private/server0.key

SSLCertificateChainFile /etc/pki/tls/certs/server0.pem

</VirtualHost>

<Directory /srv/www/server0.example.com>

#AllowOverride none

Require all granted

</Directory>

cd /srv/www/server0.example.com

wget http://classroom.example.com/pub/html/server30.html -O index.html

cd /etc/pki/tls/certs/

wget http://classroom.example.com/pub/tls/server30.crt

chmod 600 server30.crt

wget http://classroom.example.com/pub/tls/server30.pem

chmod 600 server30.pem

cd /etc/pki/tls/private/

wget http://classroom.example.com/pub/tls/server30.key

chmod 600 server30.key

17###################################

cd /etc/httpd/conf.d

vi www.server0.example.com.conf

Listen 8009

<VirtualHost *:8009>

WSGIScriptAlias /  /srv/www/www.server0.example.com/webapp.wsgi

ServerName www.server0.example.com

ErrorLog "/var/log/httpd/www.server0.example.com-error_log"

CustomLog "/var/log/httpd/www.server0.example.com-access_log" common

</VirtualHost>

<Directory /srv/www/www.server0.example.com>

#AllowOverride none

Require all granted

</Directory>

cd /srv/www/www.server0.example.com

wget http://classroom.example.com/pub/webapp.wsgi

firewall-cmd --permanent --add-port=8009/tcp

firewall-cmd --reload

18#######################################

cd /var/www/html/virtual/

mkdir restricted

cd /etc/httpd/conf.d

vi www0.example.com.conf

<VirtualHost *:80>

DocumentRoot /var/www/html/virtual

ServerName www0.example.com

ErrorLog "/var/log/httpd/www0.example.com-error_log"

CustomLog "/var/log/httpd/www0.example.com-access_log" common

</VirtualHost>

<Directory "/var/www/html/virtual">

#AllowOverride none

Require all granted

</Directory>

<Directory "/var/www/html/virtual/restricted">

#AllowOverride none

Require ip 172.25.30.10

</Directory>

systemctl start httpd

journalctl -xn

tail -20 /var/log/messages

semanage port -a t http_port_t -p tcp 8009

19#################################

#!/bin/bash

case $1 in

kernel)echo user ;;

user)  echo kernel;;

*) echo "/root/program kernel|user"

esac

#!/bin/bash

20##################################################

yum install targetcli -y

yum install iscsi-initiator-utils#客户端

systemctl enable iscsid#客户端

systemctl enable target

systemctl start target

fdisk /dev/vdb

n->p->1G->w

pvcreate /dev/vdb1

vgcreate exam /dev/vdb1

lvcreate -L 500M -n rhel7ce exam

targetcli

/backstores/block create rhel7 /dev/exam/rhel7ce

/iscsi create  iqn.2014-09.com.example.server30:rhel7

/iscsi/$iqn/tpg/luns create /backstores/block/rhel7

/iscsi/$iqn/tpg/acls create iqn.1994-05.com.redhat:d15b2c54Bac #客户端more /etc/iscsi/initiatorname.iscsi

/iscsi/$iqn/tpg/portals create 172.25.30.11  3260

ls

saveconfig

exit

firewall-cmd  --permanent --add-port=3260/tcp

firewall-cmd --reload

_______________________________

客户端

iscsiadm -m discovery -t st  -p 172.25.30.11

systemctl restart iscsi

yum install lsscsi

lsscsi

fdisk /dev/sda

n->p->300M->w

mkfs.xfs /dev/sda1

mkdir /iscsitest

lsblk#找到/dev/sda1的UUID

vi /etc/fstab

UUID=      /iscsitest xfs    _netdev  0 0

mount -a

22##########################################

yum groupinstall mariadb

systemctl enable mariadb

systemctl start mariadb

mysql

create database legacy;

quit

wget http://classroom.example.com/pub/mariadb.dmp

head -40 mariadb.dmp

mysql < mariadb.dmp

mysql

show databases;

use legacy

show tables;

grant select on legacy.* to [email protected]‘localhost‘ identified by "12345";

grant select,update,insert,delete on legacy.* to [email protected]‘localhost‘ identified by "12345";

grant select on legacy.* to [email protected]‘localhost‘ identified by "12345";

flush privileges;

quit

mysql_secure_installation

Y

mysql -u root -p

show database;

use legacy

show tables;

select * from manufacturer;

时间: 2024-10-12 12:34:36

redhat7学习笔记-rhce的相关文章

redhat7学习笔记之从零到部署javaweb项目

REDHAT7学习笔记 1. 安装vmware10 安装过程略,下载地址:链接: https://pan.baidu.com/s/16odKKkRYBxGWDVo1cz_wxA 注意,10以上版本不在支持32位,只有10这个版本支持32位同时支持redhat7  64位 2.下载Redhat7  64位 地址:链接: https://pan.baidu.com/s/1NLtT9wuwZDo5IdU33oWCxA 3.查看ip Pifconfig: 在命令行中输入ifconfig是没有用的, 在R

redhat7学习笔记-rhcsa

lab examrhcsa grade 你的虚拟机的网络应该按照以下要求配置: * Hostname: serverN.example.com * IP address: 172.25.N.11 * Netmask: 255.255.255.0 * Gateway: 172.25.N.254 * Name server: 172.25.N.254 1########################## 正常登录 serverN.example.com 系统,保证其 root 密码为 ooxx95

redhat7学习笔记

############################################# rpm不解决依赖关系 yum可以解决依赖关系 rpm -ivh rpm包   #rpm方式安装软件 which sshd #查询服务sshd的路径 rpm -qf /usr/sbin/sshd #查询服务sshd的安装包 rpm -ql openssh-server-6.4p1-8.el7.x86_64#安装查看openssh-server-6.4p1-8.el7.x86_64所生成的所有文件 rpm -

RHCE 学习笔记(38 ) - Shell

Shell脚本的参考书从基础到高级可以找几百本出来,豆子这里过为了整个学习笔记的完整性,还是厚颜把最最基本的语法回顾一遍.最基本包括变量,比较,运算符,条件语句,循环语句. 变量分为本地变量,环境变量,位置变量 首先看看本地变量, 变量名=值的方式赋值,不过只在当前的shell里面有效 比如,子shell里面就无法识别了 可以通过export的方式配置环境变量,这样子shell里面也可以识别 不过上面的配置只是临时生效,重启就没了 可以通过修改配置文件的方式永久生效.登录家目录的时候,会自动加载

vector 学习笔记

vector 使用练习: /**************************************** * File Name: vector.cpp * Author: sky0917 * Created Time: 2014年04月27日 11:07:33 ****************************************/ #include <iostream> #include <vector> using namespace std; int main

Caliburn.Micro学习笔记(一)----引导类和命名匹配规则

Caliburn.Micro学习笔记(一)----引导类和命名匹配规则 用了几天时间看了一下开源框架Caliburn.Micro 这是他源码的地址http://caliburnmicro.codeplex.com/ 文档也写的很详细,自己在看它的文档和代码时写了一些demo和笔记,还有它实现的原理记录一下 学习Caliburn.Micro要有MEF和MVVM的基础 先说一下他的命名规则和引导类 以后我会把Caliburn.Micro的 Actions IResult,IHandle ICondu

jQuery学习笔记(一):入门

jQuery学习笔记(一):入门 一.JQuery是什么 JQuery是什么?始终是萦绕在我心中的一个问题: 借鉴网上同学们的总结,可以从以下几个方面观察. 不使用JQuery时获取DOM文本的操作如下: 1 document.getElementById('info').value = 'Hello World!'; 使用JQuery时获取DOM文本操作如下: 1 $('#info').val('Hello World!'); 嗯,可以看出,使用JQuery的优势之一是可以使代码更加简练,使开

[原创]java WEB学习笔记93:Hibernate学习之路---Hibernate 缓存介绍,缓存级别,使用二级缓存的情况,二级缓存的架构集合缓存,二级缓存的并发策略,实现步骤,集合缓存,查询缓存,时间戳缓存

本博客的目的:①总结自己的学习过程,相当于学习笔记 ②将自己的经验分享给大家,相互学习,互相交流,不可商用 内容难免出现问题,欢迎指正,交流,探讨,可以留言,也可以通过以下方式联系. 本人互联网技术爱好者,互联网技术发烧友 微博:伊直都在0221 QQ:951226918 -----------------------------------------------------------------------------------------------------------------

Activiti 学习笔记记录(三)

上一篇:Activiti 学习笔记记录(二) 导读:上一篇学习了bpmn 画图的常用图形标记.那如何用它们组成一个可用文件呢? 我们知道 bpmn 其实是一个xml 文件