RockyLinux 安裝

 Host:
CPU: Intel® Core™ i3-2100 CPU @ 3.10GHz × 4
RAM: 8.0 GiB
OS: Ubuntu 22.04.3 LTS
IP：163.32.145.99/24

 

 

Guest:
IP：163.32.145.69/24

kk@ubun:~$ mkdir VM
cp
kk@ubun:~$ cd VM
kk@ubun:~/VM$ ls -l
總用量 1402136
-rwxr-xr-x 1 kk kk 943718400 11月 24 09:58 Rocky-9.3-x86_64-boot.iso
-rwxr-xr-x 1 kk kk 492059802 11月 25 13:29 VMware-Player-Full-17.5.0-22583795.x86_64.bundle
kk@ubun:~/VM$ sudo ./VMware-Player-Full-17.5.0-22583795.x86_64.bundle
顯示應用程式，執行VMwarePlayer

解决Ubuntu系统啟動 VMware Workstation player 提示 Kernel Module Updater 問题
需要執行以下命令安装 gcc compiler 和 linux header
kk@ubun:~/VM$ sudo apt-get update
kk@ubun:~/VM$ sudo apt-get install build-essential linux-headers-$(uname -r) -y

開始使用 Vmware Workstation 17 Player
create a New Virtual Machine
I will install the operating system later
Guest Operating system --> Linux --> Rocky Linux 64-bit
Virtual Machine Name --> Name: Rocky Linux 64-bit --> Location: /home/kk/VM/Rocky
Disk Size --> Maximum disk size(in GB):20 --> Split virtual disk into multiple files
Customize Hardware... --> Memory:4096MB --> Processors:2 --> New CD/DVD(IDE) --> Use ISO image:/home/kk/VM/Rocky-9.3-x86_64-boot.iso
Network Adapter:NAT
Power ON

移除
kk@ubun:~$ sudo /usr/bin/vmware-installer -u vmware-player

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Host
CPU：Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz   3.70 GHz
RAM：16.0 GB
OS：Windows 10 企業版 22H2

Guest
RockyLinux

setup VC_redist.x86

install VMware-player-full-17.5.0-22583795

開始使用 Vmware Workstation 17 Player
create a New Virtual Machine
I will install the operating system later
Guest Operating system --> Linux --> Rocky Linux 64-bit
Virtual Machine Name --> Name: Rocky Linux 64-bit --> Location: C:\VM\Rocky
Disk Size --> Maximum disk size(in GB):20 --> Split virtual disk into multiple files
Customize Hardware... --> Memory:4096MB --> Processors:2 --> New CD/DVD(IDE) --> Use ISO image:C:\VM\Rocky-9.2-x86_64-boot.iso
Network Adapter:Bridged:Connected directly to the physical network
Play virtual machine

------------------------------------------------------------------------------------------------------------------

setup RockyLinux

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

https://ithelp.ithome.com.tw/articles/10220102

sudo怎麼用
用法:
sudo [command]
看到這裡也許你已經迫不及待照著這樣打了。但是理論上是會出現錯誤的，因為要用sudo你必須把使用者加入wheel這個群組才行，而你有兩個辦法:
adduser
pw usermod [user] -G wheel
第一個顯然太誇張了，而且他需要在invite to another group打wheel；而第二個會讓使用者加入wheel這個群組，而pw的詳細使用方式請參閱此處，因為真的多到我也不知從何講起。
如果不太確定你的使用者有沒有再wheel裡面，可以用id，看一下裡面有沒有wheel，如果有會類似這樣:uid=1001(sk) gid=1001(sk) groups=1001(sk),0(wheel)
好這時候不管你用了哪一種方式，總之你有了一個在wheel的user，於是你開始用sudo了，但是你卻看到:
[user] is not in the sudoers file. This incident will be reported.
這是因為我們還需要改一個sudo的設定檔:sudoers
讓我們先cd /usr/local/etc
然後你會在裡面看到有一個叫做sudoers的檔案，用vim打開他，然後搜尋wheel(/wheel)。然後應該會在第90行左右看到#%wheel ALL=(ALL) ALL。把他的#拿掉(取消註解)，然後再存檔退出。這樣子應該就可以用sudo囉~

 

 

 

------------------------------------------------------------------------------------------------------------------

RockyLinux update

 

 

 

## sudo substitute user [或superuser] do

[kk@rocky ~]$ id
使用者id=1000(kk) id群組=1000(kk) 組=1000(kk) 上下文=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[kk@rocky ~]$ sudo dnf -y update

我們相信您已經從本機系統管理員取得
日常注意事項。注意事項通常可以歸結為三件事情：

    #1) 尊重他人隱私。
    #2) 輸入指令前先三思。
    #3) 權力越大則責任越大。

[sudo] kk 的密碼：
kk 不在 sudoers 檔案中。此事件將會回報。 

##以上結果乃是系統安裝時，建立kk使用者未將：「讓使用者成為管理員」勾選。
必須把使用者加入wheel這個群組，才可以用sudo

 

 

 

[kk@rocky ~]$ ls -l /etc/sudoers
-r--r-----. 1 root root 4328  4月 24  2023 /etc/sudoers
 

 

#su - run a command with substitute user and group ID

 

[kk@rock ~]$ su root
密碼：

[root@rocky kk]# ls -l /etc/sudoers
-r--r-----. 1 root root 4328  4月 24  2023 /etc/sudoers
 

  

[root@rock kk]# vi /etc/sudoers

...

## Allow root to run any commands anywhere
root    ALL=(ALL)       ALL
kk      ALL=(ALL)       ALL    #加上這行
...

## Allows people in group wheel to run all commands
%wheel  ALL=(ALL)       ALL
...

:wq!
##因為唯讀，所以要強制存檔離開 

 

[root@rock kk]# usermod -aG wheel kk

 

[root@rocky kk]# su kk
[kk@rocky ~]$ id
使用者id=1000(kk) id群組=1000(kk) 組=1000(kk),10(wheel) 上下文=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
 

[kk@rocky ~]$ cat /etc/passwd
...
kk:x:1000:1000:kk:/home/kk:/bin/bash

 

[kk@rocky ~]$ cat /etc/group
...
wheel:x:10:kk
...
kk:x:1000:
 

 

[kk@rocky ~]$ sudo dnf -y update
[sudo] kk 的密碼：
 

 

 

 

--------------------------------wget

 

[kk@rock ~]$ sudo dnf install wget
[kk@rock ~]$ wget http://ftp.kh.edu.tw/APPL/dnf/RockyLinux9/fix-dnf_repo-RockyLinux9.sh

 

--------------------------------或 使用lftp

[kk@rock ~]$ sudo dnf -y install lftp

[kk@rock ~]$ lftp ftp.kh.edu.tw

lftp ftp.kh.edu.tw:/> dir
drwxr-xr-x   9 ftp      ftp          4096 Nov 22 08:16 pub
lftp ftp.kh.edu.tw:/> cd pub/APPL/dnf/RockyLinux9/
lftp ftp.kh.edu.tw:/pub/APPL/dnf/RockyLinux9> dir
...

lftp ftp.kh.edu.tw:/pub/APPL/dnf/RockyLinux9> get fix-dnf_repo-RockyLinux9.sh

lftp ftp.kh.edu.tw:/pub/APPL/dnf/RockyLinux9> quit

[kk@rock ~]$ ls -l
-rw-r--r--. 1 kk kk 1743 12月  9  2022 fix-dnf_repo-RockyLinux9.sh

 

--------------------------------

 

 

[kk@rock ~]$ ls -l
-rw-r--r--. 1 kk kk  467 12月  1  2022 check_reboot.sh
-rw-r--r--. 1 kk kk 1743 12月  9  2022 fix-dnf_repo-RockyLinux9.sh
-rw-r--r--. 1 kk kk  411 11月  6  2020 install-ime_chrome.sh
-rw-r--r--. 1 kk kk  142 12月 21  2019 install_run-cockpit.sh

[kk@rock ~]$ chmod 755 *.sh
[kk@rock ~]$ ls -l
-rwxr-xr-x. 1 kk kk  467 12月  1  2022 check_reboot.sh
-rwxr-xr-x. 1 kk kk 1743 12月  9  2022 fix-dnf_repo-RockyLinux9.sh
-rwxr-xr-x. 1 kk kk  411 11月  6  2020 install-ime_chrome.sh
-rwxr-xr-x. 1 kk kk  142 12月 21  2019 install_run-cockpit.sh

[kk@rock ~]$ sudo dnf clean all
[kk@rock ~]$ sudo dnf clean packages

[kk@rock ~]$ sudo dnf update

 

[kk@rock ~]$ sudo ./fix-dnf_repo-RockyLinux9.sh

 

[kk@rock ~]$ sudo dnf -y update

 

 

------------------------------------------------------------------------------------------------------------------

讓設備自動定期更新所有的套件

[kk@rock ~]$ sudo dnf install dnf-automatic

[kk@rock ~]$ ls -l /etc/dnf/automatic.conf
-rw-r--r--. 1 root root 3147 11月 29 10:28 /etc/dnf/automatic.conf
[kk@rock ~]$ sudo vi /etc/dnf/automatic.conf
...
##apply_updates = no
apply_updates = yes

啟動 dnf-automatic.timer 服務，即可讓系統每天定時去更新
[kk@rock ~]$ sudo systemctl start dnf-automatic.timer
[kk@rock ~]$ sudo systemctl enable dnf-automatic.timer
[sudo] kk 的密碼：
Created symlink /etc/systemd/system/timers.target.wants/dnf-automatic.timer → /usr/lib/systemd/system/dnf-automatic.timer.
[kk@rock ~]$ sudo systemctl status dnf-automatic.timer
● dnf-automatic.timer - dnf-automatic timer
     Loaded: loaded (/usr/lib/systemd/system/dnf-automatic.ti>
     Active: active (waiting) since Wed 2023-11-29 11:05:22 C>
      Until: Wed 2023-11-29 11:05:22 CST; 21s ago
    Trigger: Thu 2023-11-30 06:51:54 CST; 19h left
   Triggers: ● dnf-automatic.service
...

[kk@rock ~]$ tail /var/log/dnf.rpm.log






------------------------------------------------------------------------------------------------------------------
WebConsole 主要用於監控，減少命令模式打指令

[kk@rock ~]$ wget http://ftp.kh.edu.tw/APPL/dnf/RockyLinux9/install_run-cockpit.sh
[kk@rock ~]$ ls -l
-rw-r--r--. 1 kk kk  142 12月 21  2019 install_run-cockpit.sh

[kk@rock ~]$ chmod 755 install_run-cockpit.sh
[kk@rock ~]$ ls -l
-rwxr-xr-x. 1 kk kk  142 12月 21  2019 install_run-cockpit.sh

[kk@rock ~]$ sudo ./install_run-cockpit.sh

[kk@rock ~]$ sudo systemctl status cockpit.socket
● cockpit.socket - Cockpit Web Service Socket
     Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; preset: disabled)
     Active: active (listening) since Wed 2023-11-29 11:33:21 CST; 52s ago
      Until: Wed 2023-11-29 11:33:21 CST; 52s ago
   Triggers: ● cockpit.service
       Docs: man:cockpit-ws(8)
     Listen: [::]:9090 (Stream)
    Process: 18408 ExecStartPost=/usr/share/cockpit/motd/update-motd  localhost (code=exited, status=0/SUCCESS)
    Process: 18448 ExecStartPost=/bin/ln -snf active.motd /run/cockpit/motd (code=exited, status=0/SUCCESS)
      Tasks: 0 (limit: 22879)
     Memory: 8.0K
        CPU: 18ms
     CGroup: /system.slice/cockpit.socket

11月 29 11:33:21 rock.linux.chinku systemd[1]: Starting Cockpit Web Service Socket...
11月 29 11:33:21 rock.linux.chinku systemd[1]: Listening on Cockpit Web Service Socket.

--------------------------------
Host --> chrome
https://163.32.145.98:9090/system

Turn on administrator acess

------------------------------------------------------------------------------------------------------------------
套件安裝方法

1. 安裝套件
2. 修改設定檔
3. 測試設定檔及資料設定防火牆(1. 本機防火牆   2. 雲端服務安全性規則)
4. 啟動服務
5. 測試
6. 設成開機啟動

rpm：單一套件管理

dnf：所有套件管理 (層次較 rpm 高)

[kk@rock ~]$ sudo rpm -q httpd
[sudo] kk 的密碼：
軟體包 httpd 尚未安裝

[kk@rock ~]$ sudo dnf list | grep httpd
...
httpd.x86_64                      2.4.57-5.el9   appstream
httpd-core.x86_64              2.4.57-5.el9   appstream
httpd-devel.x86_64            2.4.57-5.el9   appstream
httpd-filesystem.noarch     2.4.57-5.el9   appstream
httpd-manual.noarch         2.4.57-5.el9   appstream
httpd-tools.x86_64            2.4.57-5.el9   appstream

...

[kk@rock ~]$ sudo dnf install httpd

[kk@rock ~]$ rpm -qa | grep httpd
httpd-tools-2.4.57-5.el9.x86_64
httpd-filesystem-2.4.57-5.el9.noarch
rocky-logos-httpd-90.14-2.el9.noarch
httpd-core-2.4.57-5.el9.x86_64
httpd-2.4.57-5.el9.x86_64

[kk@rock ~]$ rpm -ql httpd
/etc/httpd/conf.modules.d/00-brotli.conf
/etc/httpd/conf.modules.d/00-systemd.conf
...

[kk@rock ~]$ ls -l /etc/httpd/conf/
-rw-r--r--. 1 root root 12005 10月 28 17:32 httpd.conf

 

##[kk@rock ~]$ sudo vi /etc/httpd/conf/httpd.conf

[kk@rocky ~]$ sudo vi /etc/httpd/conf.d/userdir.conf
[sudo] kk 的密碼：
...

##    UserDir disabled
      UserDir public_html
...

[kk@rock ~]$ sudo systemctl start httpd
[kk@rock ~]$ sudo systemctl status httpd

[kk@rock ~]$ mkdir public_html
[kk@rock ~]$ vi public_html/index.html
This page is on /home/kk/public_html ...

----------------------
Host --> windows --> chrome -->163.32.145.69/~kk
----------------------

[kk@rock ~]$ sudo tail -1 /var/log/httpd/error_log
[sudo] kk 的密碼：
[Wed Nov 29 15:53:16.701484 2023] [core:notice] [pid 1997:tid 1997] AH00094:
Command line: '/usr/sbin/httpd -D FOREGROUND'

[kk@rock ~]$ sudo firewall-cmd --permanent --zone=public --add-service=http
[sudo] kk 的密碼：
success

[kk@rock ~]$ sudo firewall-cmd --permanent --zone=public --list-all
public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: cockpit dhcpv6-client http ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

[kk@rock ~]$ sudo firewall-cmd --reload
success

----------------------
Host --> windows --> chrome -->163.32.145.69/~kk
Forbidden
You don't have permission to access this resource.
----------------------

[kk@rock ~]$ ls -Z /var/www
system_u:object_r:httpd_sys_script_exec_t:s0 cgi-bin
system_u:object_r:httpd_sys_content_t:s0 html

[kk@rock ~]$ ls -Z /home/kk/
unconfined_u:object_r:user_home_t:s0 fix-dnf_repo-RockyLinux9.sh
unconfined_u:object_r:user_home_t:s0 install_run-cockpit.sh
unconfined_u:object_r:httpd_user_content_t:s0 public_html

 

[kk@rock ~]$ chcon -t httpd_sys_content_t /home/kk/public_html
[kk@rock ~]$ ls -Z /home/kk/
unconfined_u:object_r:user_home_t:s0 fix-dnf_repo-RockyLinux9.sh
unconfined_u:object_r:user_home_t:s0 install_run-cockpit.sh
unconfined_u:object_r:httpd_sys_content_t:s0 public_html