郭進電腦使用筆記: 9月 2020

此篇已經重新謄錄完成!!

可以作廢。

HostOS：
windows10
192.168.2.100

若無法 ping ：

控制台\系統及安全性\Windows Defender 防火牆-->進階設定-->輸入規則

啟用檔案及印表機共用(回應要求-ICMPv4-IN) 設定檔：私人 -->啟用規則

GuestOS：
CentOS8
192.168.2.103

# ping 192.168.2.100
PING 192.168.2.100 (192.168.2.100) 56(84) bytes of data.
64 bytes from 192.168.2.100: icmp_seq=1 ttl=128 time=0.367 ms

----------------------------------------------- 啟用網卡

# ip addr

# ip -s link

# ip link set ens33 up //啟用網路介面卡 up：開 down：關

# nmcli device status

DEVICE TYPE STATE CONNECTION

ens33 ethernet 已連線 ens33

lo loopback 不受管理 --

# nmcli device connect ens33 //啟用網卡停用網卡：disconnect

裝置「ens33」已成功以「9cb77588-c78e-40b0-acbe-3be164c3e385」啟用。

# nmtui //啟用連線

----------------------------------------------- 路由

# ip route | column -t

default via 192.168.2.1 dev ens33 proto static metric 100

192.168.2.0/24 dev ens33 proto kernel scope link src 192.168.2.103 metric 100

# ip route | column -t > kkRouteTable.txt

# ls

kkRouteTable.txt

# cat kkRouteTable.txt

# ip -6 route | column -t //IPv6 Route Table

::1 dev lo proto kernel metric 256 pref medium

fe80::/64 dev ens33 proto kernel metric 100 pref medium

# tracepath 168.95.1.1 //traceroute

# ss -antp |column -t //對應 netstat -antp

# ss -t

-----------------------------------------------

# systemctl list-unit-files //查詢服務啟動或是關閉狀態，以檔名顯示

# systemctl list-units //查詢目前所有已啟動的服務
UNIT LOAD ACTIVE SUB DESCRIPTION
...
crond.service loaded active running Command Scheduler

...
firewalld.service loaded active running firewalld - dynamic firew>
...
NetworkManager.service loaded active running Network Manager
...
sshd.service loaded active running OpenSSH server daemon
...

# systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2020-03-03 07:47:29 CST; 1h 40min ago

# systemctl stop firewalld.service //立即停止xxx.service

# systemctl start firewalld.service //立即啟動xxx.service

# systemctl is-active firewalld.service

active

# systemctl disable firewalld.service //設定開機不啟動xxx.service

# systemctl enable firewalld.service //設定開機啟動xxx.service

# chkconfig firewalld off //設定 firewalld 開機時不要啟動

# chkconfig firewalld on //設定 firewalld 開機時啟動，且不加.service

# systemctl is-enabled firewalld.service

enabled

-----------------------------------------------

# sestatus
SELinux status: enabled
SELinuxfs mount: /sys/fs/selinux
SELinux root directory: /etc/selinux
Loaded policy name: targeted
Current mode: enforcing
...

# vi /etc/sysconfig/selinux //關閉SELINUX

...

SELINUX=disabled
...

-----------------------------------------------

# journalctl //日誌檢視說明
# journalctl -n10 //列出最後10行資料
# journalctl -xn //列出最後事件，並提供相關解決問題資訊

# journalctl --follow //持續列出最後10行事件記錄
-- Logs begin at Tue 2020-03-03 07:47:06 CST. --
3月 03 09:31:32 Ku.CentOS8 systemd[1]: Stopped firewalld - dynamic firewall daemon.

...

# tail -n 10 -f /var/log/messages
Mar 3 09:31:43 kk systemd[1]: Stopping firewalld - dynamic firewall daemon...
Mar 3 09:31:44 kk systemd[1]: Stopped firewalld - dynamic firewall daemon.

-----------------------------------------------

(一)使用者的設定

# whereis ls
ls: /usr/bin/ls /usr/share/man/man1/ls.1.gz

# crontab -e
53 07 * * * /usr/bin/ls

# crontab -l
53 07 * * * /usr/bin/ls

# cat /var/spool/cron/root
53 07 * * * /usr/bin/ls

# journalctl -n 10
...

3月 04 07:51:52 Ku.CentOS8 crontab[1733]: (root) BEGIN EDIT (root)

3月 04 07:52:43 Ku.CentOS8 crontab[1733]: (root) REPLACE (root)

3月 04 07:52:43 Ku.CentOS8 crontab[1733]: (root) END EDIT (root)

3月 04 07:53:01 Ku.CentOS8 crond[967]: (root) RELOAD (/var/spool/cron/root)

3月 04 07:53:01 Ku.CentOS8 systemd[1]: Started Session 3 of user root.

3月 04 07:53:01 Ku.CentOS8 CROND[1737]: (root) CMD (/usr/bin/ls )

...

# cat /var/log/cron
...
Mar 4 07:51:52 Ku crontab[1733]: (root) BEGIN EDIT (root)
Mar 4 07:52:43 Ku crontab[1733]: (root) REPLACE (root)
Mar 4 07:52:43 Ku crontab[1733]: (root) END EDIT (root)
Mar 4 07:53:01 Ku crond[967]: (root) RELOAD (/var/spool/cron/root)
Mar 4 07:53:01 Ku CROND[1737]: (root) CMD (/usr/bin/ls )

...

# tail /var/log/cron
...

(二)系統的設定檔

# vi /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

00 08 * * * root /usr/bin/ls

# systemctl list-units
UNIT LOAD ACTIVE SUB DESCRIPTION
proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable >
...
crond.service loaded active running Command Scheduler
...
firewalld.service loaded active running firewalld - dynamic firewall daemon
...
NetworkManager.service loaded active running Network Manager
...
sshd.service loaded active running OpenSSH server daemon

# systemctl restart crond

# tail /var/log/cron
...
Mar 5 08:00:01 Ku crond[974]: (*system*) RELOAD (/etc/crontab)
Mar 5 08:00:01 Ku CROND[1765]: (root) CMD (/usr/bin/ls)
Mar 5 08:00:01 Ku CROND[1764]: (root) CMDOUT (anaconda-ks.cfg)
Mar 5 08:00:01 Ku CROND[1764]: (root) CMDOUT (kkRouteTable.txt)
...

# journalctl -n 10
-- Logs begin at Thu 2020-03-05 07:42:10 CST, end at Thu 2020-03-05 08:01:01 CS>
3月 05 08:00:01 Ku.CentOS8 crond[974]: (*system*) RELOAD (/etc/crontab)
3月 05 08:00:01 Ku.CentOS8 CROND[1765]: (root) CMD (/usr/bin/ls)
3月 05 08:00:01 Ku.CentOS8 CROND[1764]: (root) CMDOUT (anaconda-ks.cfg)
3月 05 08:00:01 Ku.CentOS8 CROND[1764]: (root) CMDOUT (kkRouteTable.txt)

...

-----------------------------------------------

# date
四 3月 5 11:06:39 CST 2020

// 更改日期間： MMDDhhmmYYYY 月日時分年
# date 040608302020
一 4月 6 08:30:00 CST 2020

//查看 BIOS 時間
# hwclock -r
2020-03-05 11:13:12.171152+08:00

//將電腦日期時間寫入到 BIOS 時間
# hwclock -w

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-----------------------------------------------

-------------------------------------------------

// DNF is the next upcoming major version of YUM, a package manager for
RPM-based Linux distributions.
# dnf -y install httpd

# rpm -qa | grep httpd
httpd-tools-2.4.37-16.module_el8.1.0+256+ae790463.x86_64
centos-logos-httpd-80.5-2.el8.noarch
httpd-2.4.37-16.module_el8.1.0+256+ae790463.x86_64
httpd-filesystem-2.4.37-16.module_el8.1.0+256+ae790463.noarch

//執行檔
# ls /usr/sbin | grep httpd
httpd

//設定檔

# ls /etc/httpd/conf

httpd.conf

//站台預設跟目錄

# ls /var/www/

html

# systemctl start httpd.service

# systemctl enable httpd.service

# systemctl status httpd.service

//displays information about a selection of the active processes.
//To see every process on the system using BSD syntax:
# ps -axu | grep httpd
root 958 0.0 0.5 280208 10988 ? Ss 14:30 0:00 /usr/sbin/httpd -DFOREGROUND
apache 991 0.0 0.4 292424 8252 ? S 14:30 0:00 /usr/sbin/httpd -DFOREGROUND

...

# ls /usr/lib/systemd/system | grep httpd
httpd.service
httpd@.service
httpd.service.d
httpd.socket
httpd.socket.d

# firewall-cmd --state

running

# firewall-cmd --get-service | grep http

# ls /usr/lib/firewalld/services/ | grep http

https.xml

http.xml

wbem-https.xml

wbem-http.xml

# firewall-cmd --permanent --zone=public --add-service=http
# firewall-cmd --reload

# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens32
sources:
services: cockpit dhcpv6-client http ssh

...

HostOS
http://192.168.1.4/

-------------------------------------------------設定虛擬目錄 Alias-------在其他的系統目錄 /opt

# ls -l /
...
drwxr-xr-x. 2 root root 6 5月 11 2019 opt
...

# mkdir /opt/web

# echo Hello Alias > /opt/web/index.html

# ls -l /opt
drwxr-xr-x. 2 root root 24 3月 26 14:59 web

# ls -l /opt/web/
-rw-r--r--. 1 root root 12 3月 26 14:59 index.html

# vi /etc/httpd/conf/httpd.conf

...

Alias /kk1web /opt/web

Require all granted

</Directory>

# systemctl restart httpd.service

HostOS

http://192.168.1.4/kk1web/
Hello Alias

-------------------------------------------------設定虛擬目錄 Alias-------在 /home

# vi /var/www/html/1.html
This is /var/www/html/1.html

HostOS
http://192.168.1.4/1.html
This is /var/www/html/1.html

# mkdir /home/web

# vi /home/web/1.html
This is One Web on /home/web

# vi /etc/httpd/conf/httpd.conf

...

Alias /web01 /home/web

Require all granted

</Directory>

# systemctl restart httpd.service

HostOS

http://192.168.1.4/web01/1.html

Forbidden
You don't have permission to access /web01/1.html on this server.

# tail -1 /var/log/httpd/error_log
[Thu Mar 26 15:15:25.107073 2020] [core:error] [pid 2426:tid 139987941058304] (13)Permission denied: [client 192.168.1.2:52012] AH00132: file permissions deny server access: /home/web/1.html

# ls -Z /var/www

system_u:object_r:httpd_sys_content_t:s0 html

# ls -Z /var/www/html

unconfined_u:object_r:httpd_sys_content_t:s0 1.html

# ls -Z /

...

system_u:object_r:usr_t:s0 opt

# ls -Z /home

unconfined_u:object_r:user_home_dir_t:s0 web

# ls -Z /home/web/

unconfined_u:object_r:user_home_t:s0 1.html

# chcon -t httpd_sys_content_t /home/web

# ls -Z /home

unconfined_u:object_r:httpd_sys_content_t:s0 web

郭進電腦使用筆記

內容選單標籤

2020年9月19日星期六

CentOS8 參照 2015年7月3日 CentOS7練習

Python 程式設計

CentOS8 Apache

內容選單標籤

2020年9月19日 星期六

CentOS8 參照 2015年7月3日 CentOS7練習

Python 程式設計

CentOS8 Apache

2020年9月19日星期六