RockyLinux 9.3 練習(三)

vi 使用
-------------------------------------------------------------------------------------------------
一般模式：標記、刪除、搬移、複製
G：移到檔案最後。5G：移到檔案第5行。gg：移到檔案開頭
dd：刪除游標所在之行。5dd 表刪除自游標算起 5 行
yy：拷貝游標所在之行至緩衝區。5yy：拷貝游標所在之處以下 5 行至緩衝區。
p：把緩衝區之資料貼上來
u：復原至上一動作。
‧ : 重覆執行上個指令


編輯模式：
i (insert) 進入編輯模式、ESC離開編輯模式


命令模式：
:wq ( 寫入並離開 vi )。:q! ( 強迫離開並放棄編輯的檔案 )
:set nu (列出行號)  :set nonu (不列出行號)
/pattern (往下尋找pattern字串)，按"n"找下一個符合字串 ，按"N"找上一個符合字串
?pattern (往上尋找pattern字串)，按"n"找上一個符合字串 ，按"N"找下一個符合字串

Firewalld
-------------------------------------------------------------------------------------------------

[kk@BigRocky ~]$ sudo firewall-cmd --state
[sudo] kk 的密碼：
running

[kk@BigRocky ~]$ sudo firewall-cmd --get-zones
block dmz drop external home internal nm-shared public trusted work

[kk@BigRocky ~]$ ls /usr/lib/firewalld/zones
block.xml  dmz.xml  drop.xml  external.xml  home.xml  internal.xml  nm-shared.xml  public.xml  trusted.xml  work.xml

[kk@BigRocky ~]$ sudo firewall-cmd --get-active-zone
public
  interfaces: ens160

[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources:
  services: cockpit dhcpv6-client ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

[kk@BigRocky ~]$ sudo firewall-cmd --get-services | grep ftp
RH-Satellite-6 RH-Satellite-6-capsule afp amanda-client amanda-k5-client amqp amqps apcupsd audit ausweisapp2 bacula bacula-client bb bgp bitcoin bitcoin-rpc bitcoin-testnet bitcoin-testnet-rpc bittorrent-lsd ceph ceph-mon cfengine checkmk-agent cockpit collectd condor-collector cratedb ctdb dhcp dhcpv6 dhcpv6-client distcc dns dns-over-tls docker-registry docker-swarm dropbox-lansync elasticsearch etcd-client etcd-server finger foreman foreman-proxy freeipa-4 freeipa-ldap freeipa-ldaps freeipa-replication freeipa-trust ftp galera ganglia-client ganglia-master git gpsd grafana gre high-availability http http3 https ident imap imaps ipfs ipp ipp-client ipsec irc ircs iscsi-target isns jellyfin jenkins kadmin kdeconnect kerberos kibana klogin kpasswd kprop kshell kube-api kube-apiserver kube-control-plane kube-control-plane-secure kube-controller-manager kube-controller-manager-secure kube-nodeport-services kube-scheduler kube-scheduler-secure kube-worker kubelet kubelet-readonly kubelet-worker ldap ldaps libvirt libvirt-tls lightning-network llmnr llmnr-tcp llmnr-udp managesieve matrix mdns memcache minidlna mongodb mosh mountd mqtt mqtt-tls ms-wbt mssql murmur mysql nbd netbios-ns netdata-dashboard nfs nfs3 nmea-0183 nrpe ntp nut openvpn ovirt-imageio ovirt-storageconsole ovirt-vmconsole plex pmcd pmproxy pmwebapi pmwebapis pop3 pop3s postgresql privoxy prometheus prometheus-node-exporter proxy-dhcp ps3netsrv ptp pulseaudio puppetmaster quassel radius rdp redis redis-sentinel rpc-bind rquotad rsh rsyncd rtsp salt-master samba samba-client samba-dc sane sip sips slp smtp smtp-submission smtps snmp snmptls snmptls-trap snmptrap spideroak-lansync spotify-sync squid ssdp ssh steam-streaming svdrp svn syncthing syncthing-gui synergy syslog syslog-tls telnet tentacle tftp tile38 tinc tor-socks transmission-client upnp-client vdsm vnc-server wbem-http wbem-https wireguard ws-discovery ws-discovery-client ws-discovery-tcp ws-discovery-udp wsman wsmans xdmcp xmpp-bosh xmpp-client xmpp-local xmpp-server zabbix-agent zabbix-server zerotier

[kk@BigRocky ~]$ ls /usr/lib/firewalld/services | grep ftp
ftp.xml
tftp.xml

>>>>>>>>>>>>>>>>>>>> 將服務加入規則

[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --add-service=ftp
success
[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources:
  services: cockpit dhcpv6-client ftp ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

>>>>>>>>>>>>>>>>>>>>將埠口加入規則
[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --add-port=8080/tcp
success
[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources:
  services: cockpit dhcpv6-client ftp ssh
  ports: 8080/tcp
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

>>>>>>>>>>>>>>>>>>>>將服務與埠口移除
[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --remove-service=ftp
success

[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --remove-port=8080/tcp
 

success[kk@BigRocky ~]$ sudo firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: ens160
  sources:
  services: cockpit dhcpv6-client ssh
  ports:
  protocols:
  forward: yes
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

>>>>>>>>>>>>>>>>>>>>firewalld.service 狀態
[kk@BigRocky ~]$ systemctl status firewalld.service
● firewalld.service - firewalld - dynamic firewall daemon
     Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; preset: enabled)
     Active: active (running) since Mon 2024-04-29 13:25:14 CST; 1h 59min ago
       Docs: man:firewalld(1)
   Main PID: 710 (firewalld)
      Tasks: 2 (limit: 48646)
     Memory: 42.5M
        CPU: 2.348s
     CGroup: /system.slice/firewalld.service
             └─710 /usr/bin/python3 -s /usr/sbin/firewalld --nofork --nopid

>>>>>>>>>>>>>>>>>>>>firewalld.service 開機是否啟動
[kk@BigRocky ~]$ systemctl is-enabled firewalld.service
enabled

[kk@BigRocky ~]$ sudo systemctl disable firewalld.service
[sudo] kk 的密碼：
Removed "/etc/systemd/system/multi-user.target.wants/firewalld.service".
Removed "/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service".

[kk@BigRocky ~]$ systemctl is-enabled firewalld.service
disabled

[kk@BigRocky ~]$ sudo  systemctl enable firewalld.service
Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service → /usr/lib/systemd/system/firewalld.service.
Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service → /usr/lib/systemd/system/firewalld.service.

[kk@BigRocky ~]$ systemctl is-enabled firewalld.service
enabled 

 

>>>>>>>>>>>>>>>>>>>> 停止FirewallD服務
[kk@BigRocky ~]$ sudo systemctl stop firewalld.service
[kk@BigRocky ~]$ systemctl is-active firewalld.service
inactive

[kk@BigRocky ~]$ sudo systemctl start firewalld.service
[kk@BigRocky ~]$ systemctl is-active firewalld.service
active

>>>>>>>>>>>>>>>>>>>> firewalld.service 目錄位置所在
[kk@BigRocky ~]$ ls /usr/lib/systemd/system | grep firewall
firewalld.service

 

詳細使用手冊
-------------------------------------------------------------------------------------------------

# man man
MAN(1) Manual pager utils MAN(1)
NAME
man - an interface to the on-line reference manuals
SYNOPSIS    //摘要
DESCRIPTION
...

【Space】往前捲一個頁面
【b】       往後捲一個頁面

【PageDown】往前捲半個頁面
【PageUp】     往後捲半個頁面

【Enter】往下移行一行

【方向鍵】上下左右

【/關鍵字】往後搜尋關鍵字，【n】同方向繼續搜尋，【N】反方向繼續搜尋
【?關鍵字】往前搜尋關鍵字，【N】同方向繼續搜尋，【n】反方向繼續搜尋

【q】離開


[kk@BigRocky ~]$ man --help

[kk@BigRocky ~]$ man -help

[kk@BigRocky ~]$ man -h

行程
-------------------------------------------------------------------------------------------------

[kk@BigRocky ~]$ ps aux | column -t
USER    PID   %CPU  %MEM  VSZ     RSS    TTY    STAT  START  TIME  COMMAND
kk      1423  0.0   0.0   10140   3508   pts/0  R+    14:39  0:00  ps                                 aux                                                                                                                                   
kk      1424  0.0   0.0   5960    2164   pts/0  R+    14:39  0:00  column                             -t      

 

[kk@BigRocky ~]$ ls /
afs  boot  etc   lib    media  opt   root  sbin  sys  usr
bin  dev   home  lib64  mnt    proc  run   srv   tmp  var

#proc 是一種虛擬文件系統。儲存的是當前核心運行狀態的一系列特殊文件，用戶可以通過這些文件查看有關系統硬體及當前正在運行進程的信息。

[kk@BigRocky ~]$ cat /proc/cpuinfo
processor       : 0
vendor_id       : GenuineIntel
cpu family      : 6
model           : 94
model name      : Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
...

 

#run 程式或服務啟動後會將其 PID 放置於此，正在執行

[kk@BigRocky ~]$ cat /run/sshd.pid
830
 

[kk@BigRocky ~]$ ps aux
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root         830  0.0  0.1  15852  9180 ?        Ss   14:21   0:00 sshd: /usr/sb

更新
-------------------------------------------------------------------------------------------------

[kk@BigRocky ~]$ sudo dnf -y update

 

>>>>>>>>>>>>>>>>>>>>讓設備自動定期更新套件

[kk@BigRocky ~]$ sudo vi /etc/dnf/automatic.conf
...

#apply_updates = no
apply_updates = yes

...

 

[kk@BigRocky ~]$ sudo systemctl start dnf-automatic.timer
 

[kk@BigRocky ~]$ sudo systemctl enable dnf-automatic.timer
Created symlink /etc/systemd/system/timers.target.wants/dnf-automatic.timer → /usr/lib/systemd/system/dnf-automatic.timer.
 

[kk@BigRocky ~]$ systemctl status dnf-automatic.timer
● dnf-automatic.timer - dnf-automatic timer
     Loaded: loaded (/usr/lib/systemd/system/dnf-automatic.timer; enabled; pres>
     Active: active (waiting) since Wed 2024-05-01 15:23:30 CST; 54s ago
      Until: Wed 2024-05-01 15:23:30 CST; 54s ago
    Trigger: Thu 2024-05-02 06:57:32 CST; 15h left
   Triggers: ● dnf-automatic.service

>>>>>>>>>>>>>>>>>>>>看更新紀錄，知道那些套件更新

[kk@BigRocky ~]$ cat /var/log/dnf.rpm.log | more
...

2024-05-01T15:17:08+0800 INFO --- logging initialized ---
2024-05-01T15:17:09+0800 SUBDEBUG Installed: dnf-automatic-4.14.0-8.el9.noarch

[kk@BigRocky ~]$ tail -2 /var/log/dnf.rpm.log
2024-05-01T15:17:08+0800 INFO --- logging initialized ---
2024-05-01T15:17:09+0800 SUBDEBUG Installed: dnf-automatic-4.14.0-8.el9.noarch
 

[kk@BigRocky ~]$ cat /var/log/dnf.rpm.log | grep Installed
2024-04-29T13:56:32+0800 SUBDEBUG Installed: protobuf-c-1.3.3-13.el9.x86_64
...
2024-05-01T15:17:09+0800 SUBDEBUG Installed: dnf-automatic-4.14.0-8.el9.noarch

-------------------------------------------------------------------------------------------------

 

RockyLinux 9.3 練習(二)

 

 迴路介面 loopback interface
  ----------------------------------------------------------------------------------------------------------

 //ifconfig 替換為 ip addr
[kk@rocky ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
...
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:a8:fc:5a brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 163.32.145.69/24 brd 163.32.145.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
...

[kk@rocky ~]$ cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
 

[kk@rocky ~]$ ping localhost
PING localhost(localhost (::1)) 56 data bytes
64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.052 ms
...

 IP 修改網路設定
  ----------------------------------------------------------------------------------------------------------

>>>>>>>>>>>>>>Tool based:

 //nmcli - command-line tool for controlling NetworkManager
[kk@rocky ~]$ nmcli device status
DEVICE  TYPE      STATE                   CONNECTION
ens160  ethernet  已連線                  ens160
lo      loopback  connected (externally)  lo

[kk@rocky ~]$ nmcli device show ens160
GENERAL.DEVICE:                         ens160
GENERAL.TYPE:                           ethernet
GENERAL.HWADDR:                         00:0C:29:A8:FC:5A
GENERAL.MTU:                            1500
GENERAL.STATE:                          100 (已連線)
GENERAL.CONNECTION:                     ens160
GENERAL.CON-PATH:                       /org/freedesktop/NetworkManager/ActiveC>
WIRED-PROPERTIES.CARRIER:               開
IP4.ADDRESS[1]:                         163.32.145.69/24
IP4.GATEWAY:                            163.32.145.254
IP4.ROUTE[1]:                           dst = 163.32.145.0/24, nh = 0.0.0.0, mt>
IP4.ROUTE[2]:                           dst = 0.0.0.0/0, nh = 163.32.145.254, m>
IP4.DNS[1]:                             168.95.1.1
...

[kk@rocky ~]$ sudo nmcli connect modify ens160 ipv4.address 163.32.145.70/24
[sudo] kk 的密碼：
[kk@rocky ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
...
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:a8:fc:5a brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 163.32.145.69/24 brd 163.32.145.255 scope global noprefixroute ens160
...

[kk@rocky ~]$ sudo nmcli device connect ens160
裝置「ens160」已成功以「f8db373b-ebf8-3475-ac32-88976ada7f40」啟用。 

-----------------------------
[kk@rocky ~]$ sudo nmcli connect down ens160

[kk@rocky ~]$ sudo nmcli connect up ens160
-----------------------------

[kk@rocky ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
...
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:a8:fc:5a brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 163.32.145.70/24 brd 163.32.145.255 scope global noprefixroute ens160
...

 

 

 

>>>>>>>>>>>>>>File based:

[kk@rocky ~]$ sudo vi /etc/NetworkManager/system-connections/ens160.nmconnection
[sudo] kk 的密碼：
 

[connection]
id=ens160
uuid=f8db373b-ebf8-3475-ac32-88976ada7f40
type=ethernet
autoconnect-priority=-999
interface-name=ens160
timestamp=1714117009

[ethernet]

[ipv4]
address1=163.32.145.70/24,163.32.145.254
dns=168.95.1.1;
method=manual

[ipv6]
addr-gen-mode=eui64
method=auto

[proxy]
~
~
~
 

[kk@rocky ~]$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
...
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
...
    inet 163.32.145.69/24 brd 163.32.145.255 scope global noprefixroute ens160
 

[kk@rocky ~]$ sudo nmcli connect load /etc/NetworkManager/system-connections/ens160.nmconnection

[kk@rocky ~]$ sudo nmcli connect up /etc/NetworkManager/system-connections/ens160.nmconnection
 

>>>>>>>>>>>>>>CLI 下的圖形設計工具:

[kk@rocky ~]$ systemctl status NetworkManager
● NetworkManager.service - Network Manager
     Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; p>
     Active: active (running) since Fri 2024-04-26 14:28:37 CST; 7min ago
       Docs: man:NetworkManager(8)
   Main PID: 755 (NetworkManager)
      Tasks: 3 (limit: 48646)
     Memory: 11.3M
        CPU: 348ms
     CGroup: /system.slice/NetworkManager.service
             └─755 /usr/sbin/NetworkManager --no-daemon
 

[kk@rocky ~]$ ls /usr/lib/systemd/system
 ...
 NetworkManager.service
...

 

#Nmtui is a part of the NetworkManager package in Linux and provides a text-based user interface to manage your network settings. 

 [kk@rocky ~]$ nmtui edit ens160

 [kk@rocky ~]$ sudo systemctl restart NetworkManager.service

 

 

 

 

網路測試工具  ----------------------------------------------------------------------------------------------------------

>>>>>>>>>>>>>>hostnamectl 取替 hostname

[kk@rocky ~]$ hostnamectl
 Static hostname: rocky.kk
...

[kk@rocky ~]$ sudo hostnamectl set-hostname BigRocky.kk
[sudo] kk 的密碼：
[kk@rocky ~]$ hostnamectl
 Static hostname: BigRocky.kk
...

 

>>>>>>>>>>>>>>ss 取替 netstat

//ss is used to dump socket statistics. It allows showing information similar to netstat.  It can display more TCP  and  state  information  than other tools.

//t：tcp協定   u：udp協定   n：不用名稱以port顯示   p：連線由哪個行程處理   l：在傾聽的連線

[kk@BigRocky ~]$ ss -tunpl
Netid    State     Recv-Q    Send-Q                           Local Address:Port       Peer Address:Port   Process
udp      UNCONN    0         0                                    127.0.0.1:323             0.0.0.0:*
udp      UNCONN    0         0                                        [::1]:323                [::]:*
udp      UNCONN    0         0            [fe80::20c:29ff:fea8:fc5a]%ens160:546                [::]:*
tcp      LISTEN    0         128                                    0.0.0.0:22              0.0.0.0:*
tcp      LISTEN    0         128                                       [::]:22                 [::]:*

//檢視tcp連線
[kk@BigRocky ~]$ ss -t
State       Recv-Q       Send-Q              Local Address:Port                Peer Address:Port        Process
ESTAB       0            64                  163.32.145.69:ssh                163.32.145.99:61321

//  -u, --udp   Display UDP sockets.
[kk@BigRocky ~]$ ss -u
Recv-Q         Send-Q                  Local Address:Port                   Peer Address:Port         Process

>>>>>>>>>>>>>>tracepath 取替  traceroute/traceroute6

 

//tracepath, tracepath6 - traces path to a network host discovering MTU along this path
[kk@BigRocky ~]$ tracepath 168.95.1.1
 1?: [LOCALHOST]                      pmtu 1500
 1:  _gateway                                              0.903ms
 1:  _gateway                                              0.975ms
 2:  10.241.3.153                                          1.531ms
 3:
 ^C

 >>>>>>>>>>>>>>ip route 取替  route
[kk@BigRocky ~]$ ip route | column -t
default          via  163.32.145.254  dev    ens160  proto  static  metric  100
163.32.145.0/24  dev  ens160          proto  kernel  scope  link    src     163.32.145.69  metric  100

 
[kk@BigRocky ~]$ ip -6 route | column -t > RouteTable.text
[kk@BigRocky ~]$ cat RouteTable.text
::1                   dev  lo                        proto  kernel  metric  256   pref    medium
2001:288:8241:1::23c  dev  ens160                    proto  kernel  metric  100   pref    medium
2001:288:8241:1::/64  dev  ens160                    proto  ra      metric  100   pref    medium
fe80::/64             dev  ens160                    proto  kernel  metric  1024  pref    medium
default               via  fe80::ea1c:baff:fec9:968  dev    ens160  proto   ra    metric  100     pref  medium

>>>>>>>>>>>>>>ip neighbor 取替  arp
//ARP
//Address Resolution Protocol 位址解析協定，由已知的 IP 位址查問其相對應的網路實體位址MAC
 //RARP
//Reverse Address Resolution Protocol 反向位址解析協定,由已知的網路實體位址（MAC 位址）查詢其相對應的 IP 位址

[kk@BigRocky ~]$ ip neighbor show
163.32.145.254 dev ens160 lladdr e8:1c:ba:c9:09:68 STALE
163.32.145.253 dev ens160 lladdr 4c:ae:a3:29:75:10 STALE
163.32.145.99 dev ens160 lladdr 00:e0:4c:23:07:3a REACHABLE
fe80::ea1c:baff:fec9:968 dev ens160 lladdr e8:1c:ba:c9:09:68 router STALE

 >>>>>>>>>>>>>>yum、dnf

////
被淘汰的工具只是不在預設安裝所包含的，所以是可以利用 yum 把他安裝回來
Note：在 yum 中不知道套件的名稱，可以用 provides 和 list 直接搜尋 package 裡面的工具
////


//DNF  is the next upcoming major version of YUM

[kk@BigRocky ~]$ dnf provides */ifconfig
Rocky Linux 9 - BaseOS                          1.1 MB/s | 2.2 MB     00:02
Rocky Linux 9 - AppStream                       1.6 MB/s | 7.4 MB     00:04
Rocky Linux 9 - Extras                           15 kB/s |  14 kB     00:00
net-tools-2.0-0.62.20160912git.el9.x86_64 : Basic networking tools
軟體庫  ：baseos
符合來源：
檔案名稱：/usr/sbin/ifconfig

[kk@BigRocky ~]$ dnf list */ifconfig
上次中介資料過期檢查：0:01:08 前，時間點為西元2024年04月29日 (週一) 13時45分38秒。
可用的軟體包
net-tools.x86_64  

[kk@BigRocky ~]$ sudo dnf -y install net-tools
上次中介資料過期檢查：0:05:22 前，時間點為西元2024年04月29日 (週一) 13時54分50秒。

[kk@BigRocky ~]$ ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 163.32.145.69  netmask 255.255.255.0  broadcast 163.32.145.255
        inet6 2001:288:8241:1:20c:29ff:fea8:fc5a  prefixlen 64  scopeid 0x0<global>
        inet6 2001:288:8241:1::23c  prefixlen 128  scopeid 0x0<global>
        inet6 fe80::20c:29ff:fea8:fc5a  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:a8:fc:5a  txqueuelen 1000  (Ethernet)
        RX packets 22125  bytes 14068960 (13.4 MiB)
        RX errors 0  dropped 1089  overruns 0  frame 0
        TX packets 6588  bytes 640794 (625.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 4  bytes 156 (156.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 156 (156.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[kk@BigRocky ~]$ dnf provides */dig
上次中介資料過期檢查：0:07:08 前，時間點為西元2024年04月29日 (週一) 13時45分38秒。
bind-utils-32:9.16.23-14.el9_3.4.x86_64 : Utilities for querying DNS name servers
軟體庫  ：appstream
符合來源：
檔案名稱：/usr/bin/dig

[kk@BigRocky ~]$ dnf list */dig
上次中介資料過期檢查：0:09:19 前，時間點為西元2024年04月29日 (週一) 13時45分38秒。
可用的軟體包
bind-utils.x86_64

[kk@BigRocky ~]$ sudo dnf -y install bind-utils.x86_64
[sudo] kk 的密碼：
上次中介資料過期檢查：0:01:39 前，時間點為西元2024年04月29日 (週一) 13時54分50秒。
依賴關係解析完畢。

[kk@BigRocky ~]$  dig 168.95.1.1

; <<>> DiG 9.16.23-RH <<>> 168.95.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 20856
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;168.95.1.1.                    IN      A

;; AUTHORITY SECTION:
.                       2562    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2024042900 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 168.95.1.1#53(168.95.1.1)
;; WHEN: Mon Apr 29 13:58:46 CST 2024
;; MSG SIZE  rcvd: 114

 

  ----------------------------------------------------------------------------------------------------------

RockyLinux 9.3 練習(一)

Host:
CPU: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz   3.70 GHz

核心數目: 2
邏輯處理器: 4
L1: 128KB    L2: 512KB    L3: 3.0MB

RAM: 16.0 GB
OS: Windows 10 企業版
IP：163.32.145.99/24

Guest:
IP：163.32.145.69/24

 

 

安裝
  ----------------------------------------------------------------------------------------------------------
參考   2023年11月26日 星期日    RockyLinux 安裝

VMware Workstation 17 Player

 1.

 

 2.

 

3.

 

 4.

 

5.

 

 6.

 

 7.

 

8.

 

 

 

 

 

Rocky 安裝設定

1.

 

 

2.

 

 

3.

 

4.

 

 

5.

 

 

6.

 

 

7.

 

 

 

 

PuTTY 連結

1.

 

 

2.

 

 

3.

 

 

su 與 sudo

 ----------------------------------------------------------------------------------------------------------

 

//su 切換到root  (輸入root 密碼)

 [kk@rocky ~]$ su -
密碼：
[root@rocky ~]# shutdown now

//無法使用 sudo

//乃是系統安裝時，建立kk使用者未將：「讓使用者成為管理員」勾選。
//必須把使用者加入wheel這個群組，才可以用sudo (輸入 kk 密碼)

[kk@rocky ~]$ sudo shutdown now
[sudo] kk 的密碼：
kk 不在 sudoers 檔案中。此事件將會回報。

[kk@rocky ~]$ id
使用者id=1000(kk) id群組=1000(kk) 組=1000(kk) 上下文=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[root@rocky kk]# ls -l /etc/sudoers
-r--r-----. 1 root root 4328  4月 24  2023 /etc/sudoers

[root@rocky kk]# vi /etc/sudoers
...

root    ALL=(ALL)       ALL
kk      ALL=(ALL)       ALL
...
%wheel  ALL=(ALL)       ALL
...

:wq!

##因為唯讀，所以要強制存檔離開

[root@rocky kk]# usermod -aG wheel kk

[root@rocky kk]# su kk
[kk@rocky ~]$ id
使用者id=1000(kk) id群組=1000(kk) 組=1000(kk),10(wheel) 上下文=unconfined_u:unco
 

[kk@rocky ~]$ cat /etc/group
...
wheel:x:10:kk
...
kk:x:1000:

[kk@rocky ~]$ sudo shutdown now
[sudo] kk 的密碼：

 

 

 

 

 system information

  ----------------------------------------------------------------------------------------------------------

 [kk@rocky ~]$ uname -a
Linux rocky.kk 5.14.0-362.8.1.el9_3.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Nov 8 17:36:32 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

[kk@rocky ~]$ cat /etc/rocky-release
Rocky Linux release 9.3 (Blue Onyx)

[kk@rocky ~]$ cat /proc/version
Linux version 5.14.0-362.8.1.el9_3.x86_64 (mockbuild@iad1-prod-build001.bld.equ.         rockylinux.org) (gcc (GCC) 11.4.1 20230605 (Red Hat 11.4.1-2), GNU ld version 35.2-42.el9) #1 SMP PREEMPT_DYNAMIC Wed Nov 8 17:36:32 UTC 2023

 

 

關機、目錄

 ----------------------------------------------------------------------------------------------------------

 

Linux       根目錄 /
Windows 根目錄 \

 

 

[kk@rocky ~]$
kk：使用者
rocky：主機名
~ ：使用者家目錄

$ ：一班使用者
# ：最高權限管理者

//show who is logged on

[kk@rocky ~]$ who
kk       pts/0        2024-04-23 14:05 (163.32.145.99)

//Show who is logged on and what they are doing

[kk@rocky ~]$ w
 14:22:06 up 18 min,  1 user,  load average: 0.00, 0.00, 0.00
USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT
kk       pts/0     14:05    0.00s  0.05s  0.00s w

 

// 關機馬上 halt
# shutdown -h now

// 關機10分鐘後
# shutdown -h 10

//重開機 reboot
# shutdown -r

#reboot

 

//列出 檔案系統 根目錄 下

[kk@rocky ~]$ ls /
afs  boot  etc   lib    media  opt   root  sbin  sys  usr
bin  dev   home  lib64  mnt    proc  run   srv   tmp  var

 

[kk@rocky ~]$ pwd
/home/kk
 

//Change  the current directory to dir

[kk@rocky ~]$ cd /
[kk@rocky /]$ pwd
/
 

[kk@rocky /]$ ls
afs  boot  etc   lib    media  opt   root  sbin  sys  usr
bin  dev   home  lib64  mnt    proc  run   srv   tmp  var
 

 

 

//print name of current/working directory

[kk@rocky ~]$ pwd
/home/kk

 

//kk目錄底下

[kk@rocky ~]$ ls

[kk@rocky ~]$ ls .

[kk@rocky ~]$ ls ./

//home 目錄底下
[kk@rocky ~]$ ls ..
kk
[kk@rocky ~]$ ls ../
kk

 

 

檔案系統階層標準 Filesystem Hierarchy Standard FHS 說明檔案與目錄在 Linux 階層架構與擺放位置。

 

 

 

 

地區時間

 ----------------------------------------------------------------------------------------------------------

 

 

 

[kk@rocky /]$ date
西元2024年04月23日 (週二) 14時47分48秒 CST
 

[kk@rocky /]$ echo $LANG
zh_TW.UTF-8
 

 

//取得語區資料特定的資訊   locale --help

[kk@rocky /]$ locale
LANG=zh_TW.UTF-8
...

 

[kk@rocky /]$ cat /etc/hostname
rocky.kk
 

[kk@rocky /]$ vi /etc/hostname

rocky.kk
 

[kk@rocky /]$ hostnamectl
 Static hostname: rocky.kk
       Icon name: computer-vm
         Chassis: vm 🖴
      Machine ID: 97b2863dd3e344bfb13067a93c307344
         Boot ID: b6025d9b086b4c668e8bfcb3bdeee234
  Virtualization: vmware
Operating System: Rocky Linux 9.3 (Blue Onyx)
     CPE OS Name: cpe:/o:rocky:rocky:9::baseos
          Kernel: Linux 5.14.0-362.8.1.el9_3.x86_64
    Architecture: x86-64
 Hardware Vendor: VMware, Inc.
  Hardware Model: VMware Virtual Platform
Firmware Version: 6.00
 

 

[kk@rocky /]$ sudo hostnamectl set-hostname rocky22.kk
[sudo] kk 的密碼：
[kk@rocky /]$ hostnamectl
 Static hostname: rocky22.kk
       Icon name: computer-vm 

...

 

cp, mv, rm，mkdir
----------------------------------------------------------------------------------------------------------

[kk@rocky ~]$ ls

[kk@rocky ~]$ ls /etc/dnf
aliases.d  dnf.conf  modules.d  modules.defaults.d  plugins  protected.d  vars

//copy files and directories

[kk@rocky ~]$ cp /etc/dnf/dnf.conf ./
[kk@rocky ~]$ ls
dnf.conf

 

[kk@rocky ~]$ ls /etc/dnf/vars/
contentdir  rltype  sigcontentdir  stream
 

[kk@rocky ~]$ cp -r /etc/dnf/vars/ ./
[kk@rocky ~]$ ls
dnf.conf  vars

[kk@rocky ~]$ ls vars/
contentdir  rltype  sigcontentdir  stream
 

 

[kk@rocky ~]$ ls
dnf.conf  vars
 

// move (rename) files

[kk@rocky ~]$ mv dnf.conf ddd.conf
[kk@rocky ~]$ ls
ddd.conf  vars
 

//remove files or directories

[kk@rocky ~]$ rm ddd.conf
[kk@rocky ~]$ ls
vars
 

// --recursive   --force

[kk@rocky ~]$ rm -rf vars/
[kk@rocky ~]$ ls
[kk@rocky ~]$
 

 

// make directories
[kk@rocky ~]$ mkdir dir1
[kk@rocky ~]$ ls -l
drwxr-xr-x. 2 kk kk   6  4月 25 08:42 dir1

[kk@rocky ~]$ echo "HelloWorldlscat">dir1/readme.text
[kk@rocky ~]$ ls -l dir1/
總用量 4
-rw-r--r--. 1 kk kk 28  4月 25 08:44 readme.text
 

// -f, --force   -r, -R, --recursive

[kk@rocky ~]$ rm -r dir1
[kk@rocky ~]$ ls

 

 

 touch, cat, more, less, head, tail

 ----------------------------------------------------------------------------------------------------------

//產生空白檔案

[kk@rocky ~]$ touch test.txt
[kk@rocky ~]$ ls -l
總用量 4
-rw-r--r--. 1 kk kk   0  4月 24 15:26 test.txt
 

//change file timestamps

[kk@rocky ~]$ cp /etc/dnf/dnf.conf ./
[kk@rocky ~]$ ls -l
總用量 4
-rw-r--r--. 1 kk kk 108  4月 24 15:04 dnf.conf
 

[kk@rocky ~]$ touch dnf.conf
[kk@rocky ~]$ ls -l
總用量 4
-rw-r--r--. 1 kk kk 108  4月 24 15:07 dnf.conf
 

 

 

// concatenate files and print on the standard output

[kk@rocky ~]$ ls
dnf.conf
 

[kk@rocky ~]$ cat dnf.conf
[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=True
skip_if_unavailable=False
 

//--number

[kk@rocky ~]$ cat -n dnf.conf
     1  [main]
     2  gpgcheck=1
     3  installonly_limit=3
     4  clean_requirements_on_remove=True
     5  best=True
     6  skip_if_unavailable=False
 

 

// 產生 test.txt ， > 把輸入文字寫入 test.txt 中

[kk@rocky ~]$ cat>test.txt
I love linux !!            //輸入完成按 Ctrl+D
 

[kk@rocky ~]$ ls
dnf.conf  test.txt
 

[kk@rocky ~]$ cat test.txt
I love linux !!
 

 

 

 

 硬碟空間、檔案大小使用情形

 ----------------------------------------------------------------------------------------------------------

//report file system disk space usage 各分割區使用情況
//-h, --human-readable

[kk@rocky ~]$ df -h
檔案系統             容量  已用  可用 已用% 掛載點
devtmpfs             4.0M     0  4.0M    0% /dev
tmpfs                3.8G     0  3.8G    0% /dev/shm
tmpfs                1.5G  9.0M  1.5G    1% /run
/dev/mapper/rl-root   17G  1.5G   16G    9% /
/dev/nvme0n1p1       960M  223M  738M   24% /boot
tmpfs                765M     0  765M    0% /run/user/1000
 

 

//estimate file space usage 目前目錄下( 含子目錄)已用空間

[kk@rocky ~]$ ls -lh /home/kk
總用量 4.0K
-rwxr--r--. 1 kk kk 11  4月 25 09:01 runMe
[kk@rocky ~]$ du -h runMe
4.0K    runMe