说明:
- 培训环境需要 lab * setup,考试环境不需要;
- 先将 RHCE7.html 文件拷贝到 FOUNDATION 桌面上,然后打开做练习;
- FOUNDATION 需安中文字体。
# yum list c*font*
# yum -y install cjkuni-uming-fonts.noarch
[Server]
开机
<e>
linux16 ... rd.break console=tty0
<Ctrl-x>
switch_root:/# mount | grep xfs
/dev/vda1 on /sysroot type xfs (ro,relatime,attr2,inode64,noquota)
switch_root:/# mount -o remount,rw /sysroot
switch_root:/# chroot /sysroot
sh-4.2# echo fedora | passwd --stdin root
Changing password for user root.
passwd: all authentication tokens updated successfully.
sh-4.2# touch /.autorelabel
sh-4.2# sync
sh-4.2# exit
switch_root:/# reboot
[Server]
# nmtui
# nmcli con mod 'System eth0' ipv4.addresses '172.25.0.11/16 172.25.0.254' ipv4.method static ipv4.dns 172.25.254.254 connection.autoconnect true
# service network restart
# ip add show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:00:00:0b brd ff:ff:ff:ff:ff:ff
inet 172.25.0.11/16 brd 172.25.255.255 scope global eth0
...
# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 172.25.254.254
# ip route
default via 172.25.0.254 dev eth0 proto static metric 1024
172.25.0.0/16 dev eth0 proto kernel scope link src 172.25.0.10
# hostnamectl set-hostname server0.example.com
# hostname
# cat /etc/hostname
[Server]
# vim /etc/selinux/config
/per yw /= p D ZZ
# cat /etc/selinux/config
# setenforce 0
# getenforce
[Server]
# yum-config-manager --add-repo http://classroom.example.com/content/rhel7.0/x86_64/dvd
# echo gpgcheck=0 >> /etc/yum.repos.d/ classroom.example.com_rhel7.0_x86_64_dvd.repo
# yum list
[Server]
# fdisk -l
# fdisk /dev/vdb
Command (m for help): <n>
Select (default p): <Enter>
Partition number (1-4, default 1): <Enter>
First sector (2048-20971519, default 2048): <Enter>
Last sector, +sectors or +size{K,M,G} (2048-20971519, default 20971519): +204M
Command (m for help): <t>
Hex code (type L to list all codes): 8e
Command (m for help): <w>
# pvcreate /dev/vdb1
# vgcreate vg1 /dev/vdb1
# lvcreate -n lv1 -L 200M vg1
# mkfs.xfs /dev/vg1/lv1
# mkdir /mnt/data
# vim /etc/fstab
...
/dev/vg1/lv1 /mnt/data xfs defaults 1 2
# mount -a
# df -h /mnt/data
[Server]
# fdisk /dev/vdb
Command (m for help): <n>
Select (default p): <Enter>
Partition number (2-4, default 2): <Enter>
First sector (419840-20971519, default 419840): <Enter>
Last sector, +sectors or +size{K,M,G} (419840-20971519, default 20971519): +104M
Command (m for help): <t>
Partition number (1,2, default 2): <Enter>
Hex code (type L to list all codes): 8e
Command (m for help): <w>
# partprobe
# pvcreate /dev/vdb2
# vgextend vg1 /dev/vdb2
# lvextend -L 300M /dev/vg1/lv1
xfs # xfs_growfs /mnt/data
ext4 # resize2fs -f /dev/vg0/data
# df -h /mnt/data
[Server]
# groupadd admin
# useradd -G admin natasha
# useradd -G admin harry
# useradd -s /sbin/nologin tom
[Server]
# usermod –u 1234 harry
# echo h1234 | passwd --stdin harry
[Server]
# mkdir /home/admins
# chgrp admin /home/admins
# chmod g=rwx /home/admins
# chmod o=--- /home/admins
# chmod g+s /home/admins
# su - harry
$ touch /home/admins/h.txt
$ ls -l /home/admins/h.txt
[Server]
# vim /etc/crontab
# crontab -e
23 14 * * * echo hello
# crontab -l
23 14 * * * echo hello
[Server]
# rpm -ivh http://172.25.0.254/content/rhel7.0/x86_64/errata/Packages/kernel-3.10.0-123.1.2.el7.x86_64.rpm
# shutdown -r 0
# uname –r
[Server]
# groupadd -g 1111 sales
# useradd -u 1111 -g sales user1
# id user1
uid=1111(user1) gid=1111(sales) groups=1111(sales)
[Server]
# yum -y install authconfig-gtk
# authconfig-gtk
"Identity & Authentication"
User Account Database: "LDAP"
[Install] / [Install] / [Force install]
[Install] / [Install] / [Force install]
[Cancel]
# authconfig-gtk
"Identity & Authentication"
User Account Database: "LDAP"
LDAP Search Base DN: "dc=example,dc=com"
LDAP Server: "classroom.example.com""
复选 "Use TLS encrypt connections"
"[Download CA Certificate...]"
Certificate URL: "http://classroom.example.com/pub/example-ca.crt" / [OK]
Authentication Method: "Kerberos password"
Realm: "EXAMPLE.COM"
KDCs: "classroom.example.com"
Admin Servers: "classroom.example.com"
取消复选 "Use DNS to resolve hosts to realms"
# getent passwd ldapuser0
ldapuser0:*:1700:1700:LDAP Test User 0:/home/guests/ldapuser0:/bin/bash
[Server]
# rpm -q autofs
# yum -y install autofs
# vim /etc/auto.master
...
/home /etc/auto.ldap
# vim /etc/auto.ldap
* -rw,soft,intr classroom:/home/&
# systemctl restart autofs
# systemctl enable autofs
# ssh ldapuser0@localhost
[Server]
# fdisk /dev/vdb
Command (m for help): <n>
Select (default p): <Enter>
Partition number (3,4, default 3): <Enter>
First sector (632832-20971519, default 632832): <Enter>
Last sector, +sectors or +size{K,M,G} (632832-20971519, default 20971519): +2G
Command (m for help): <t>
Partition number (1-3, default 3): <Enter>
Hex code (type L to list all codes): 82
Command (m for help): <w>
# partprobe
# mkswap /dev/vdb3
# vim /etc/fstab
...
/dev/vdb3 swap swap defaults 0 0
# swapon –a
# free
[Server]
# mkdir /opt/dir
# find / -type f -user harry -exec cp -a {} /opt/dir \;
[Server]
# grep -v ^$ /var/log/messages | grep -v httpd > /tmp/testfile
[Server]
# man tar
/-j /-J /-z
# tar -cjf /tmp/f.tar.gz /root/*
# tar -tjf /tmp/f.tar.gz
# file /tmp/f.tar.gz
[Server]
# vim /etc/chrony.conf
...
#server 0.rhel.pool.ntp.org iburst
#server 1.rhel.pool.ntp.org iburst
#server 2.rhel.pool.ntp.org iburst
#server 3.rhel.pool.ntp.org iburst
server classroom.example.com iburst
...
# service chronyd restart
# timedatectl set-ntp true
# timedatectl
...
Timezone: Asia/Shanghai (CST, +0800)
NTP enabled: yes
NTP synchronized: yes
[Server]
# setfacl -m u:natasha:rw /var/log/maillog
# setfacl -m u:harry:--- /var/log/maillog
# chmod o=r /var/log/maillog
# getfacl /var/log/maillog