分类标题

Autem vel eum iriure dolor in hendrerit in vulputate velit esse molestie consequat, vel illum dolore eu feugiat nulla facilisis at vero eros et dolore feugait.

分类归档 Linux

CentOS新装系统的后续工作

对于新装 CentOS 系统,我个人会通常做以下工作

1.换源

我一般换 中国科学技术大学镜像源 ,因为阿里源、华为源都放过我鸽子XDDD

2.基础环境

sudo yum install gcc gcc-c++ pcre openssh openssh-devel openssl openssl-devel libtools cmake autoconf tcl ntpdate -y

# 升级内核和所有软体
sudo yum update -y

3.同步时间服务器(server time.ustc.edu.cn)

[[email protected] ~]# cat /etc/ntp.conf | grep -v "^#" | grep -v "^$"
driftfile /var/lib/ntp/drift
restrict default nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict ::1
server time.ustc.edu.cn
includefile /etc/ntp/crypto/pw
keys /etc/ntp/keys
disable monitor

[[email protected] ~]# systemctl start ntpdate.service

CentOS安裝squid服務并配置http和yum代理

安裝squid服務

找一台可以訪問外網的服務器

# 安裝squid
yum install squid -y

修改配置文件 /etc/squid/squid.conf (重點是 http_access

[[email protected] local]#  cat /etc/squid/squid.conf | grep -v "^$" | grep -v "^#"
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access allow all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               0       20%     4320

# 啓動squid服務
systemctl start squid

# 加入開機自啓
systemctl enable squid

yum代理配置

# 在/etc/yum.conf配置文件[main]節點下追增以下配置

# squid代理服務
proxy=http://172.50.1.119:3128 

# 服務器賬號
proxy_name=root 

# 服務器密碼
proxy_password=2am#ue9P&.aqb*14 

http代理配置

# 創建配置文件
touch /etc/profile.d/proxy.sh

# 在 /etc/profile.d/proxy.sh 添加以下配置
# 格式: export http_proxy="http://user_name:[email protected]:PORT" username是squid服務器的賬號密碼,這裏沒有給squid服務配置賬號密碼認證
export http_proxy="http://root:2am#ue9P&.aqb*[email protected]:3128" 
export https_proxy="http://root:2am#ue9P&.aqb*[email protected]:3128"

# 刷新配置生效
source /etc/profile.d/proxy.sh

CentOS部署samba服務

服務端

# yum 安裝
[[email protected] ~]# yum install samba samba-client samba-swat -y

# 配置文件
[[email protected] ~]# cat /etc/samba/smb.conf

###########################################
[global]
        workgroup = MYGROUP
        server string = Samba Server Version %v
        hosts allow = 10.0.8.0/24 
        log file = /var/log/samba/log.%m
        max log size = 50
        security = share
        passdb backend = tdbsam
        load printers = yes
        cups options = raw

[share]
comment = share
path = /project/tools
browseable = yes
guest ok = yes
writable = yes


[homes]
        comment = Home Directories
        browseable = no
        writable = yes

[printers]
        comment = All Printers
        path = /var/spool/samba
        browseable = no
        guest ok = no
        writable = no
        printable = yes
###########################################

訪問

[[email protected] ~]# yum install cifs-utils -y

# 挂載
[[email protected] ~]# mkdir -p /samba_share
[[email protected] ~]# mount -t cifs //xxx.xxx.xxx.xx/share /samba_share

CentOS7根目录磁盘扩容(/dev/mapper/centos-root 空间不足)

0.查看根分区大小

[[email protected] ~]# df -h
Filesystem                      Size  Used Avail Use% Mounted on
devtmpfs                         63G     0   63G   0% /dev
tmpfs                            63G     0   63G   0% /dev/shm
tmpfs                            63G  1.3G   62G   2% /run
tmpfs                            63G     0   63G   0% /sys/fs/cgroup
/dev/mapper/cl_geekthings-root   50G   38G   13G  76% /
/dev/sda1                      1014M  311M  704M  31% /boot
/dev/mapper/cl_geekthings-home  918G   12G  906G   2% /home
tmpfs                            13G   12K   13G   1% /run/user/42
tmpfs                            13G     0   13G   0% /run/user/0
overlay                          50G   38G   13G  76% /var/lib/docker/overlay2/70dffe831895bb55d79b4a8f483364a4f736637ccb2f6694f1cf82ba7ff1743d/merged

1.查看磁盘编号

[[email protected] ~]# ls /dev/sd*
/dev/sda  /dev/sda1  /dev/sda2

2.这里在vMware vCenter中新增一块硬盘(编辑->新增设备) 再次查看磁盘

[[email protected] ~]# ls /dev/sd*
/dev/sda  /dev/sda1  /dev/sda2  /dev/sdb

3.对新增硬盘进行分区, 这里新增的磁盘名称叫 /dev/sdb

[[email protected] ~]# fdisk /dev/sdb

# 输入 m, 得到帮助,可以按照提示操作进行分区了
# 因为这块硬盘只有 100G,所以我只打算分一个区,这里是需要输入 n,然后接下来都按 Enter 键,默认即可,最后输入 w 保存退出
[[email protected] ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Command (m for help): m
Command action
   a   toggle a bootable flag
   b   edit bsd disklabel
   c   toggle the dos compatibility flag
   d   delete a partition
   g   create a new empty GPT partition table
   G   create an IRIX (SGI) partition table
   l   list known partition types
   m   print this menu
   n   add a new partition
   o   create a new empty DOS partition table
   p   print the partition table
   q   quit without saving changes
   s   create a new empty Sun disklabel
   t   change a partition's system id
   u   change display/entry units
   v   verify the partition table
   w   write table to disk and exit
   x   extra functionality (experts only)

4.将分区后的磁盘格式化成xfs类型

[[email protected] ~]# mkfs.xfs /dev/sdb1

5.创建pv

[[email protected] ~]# pvcreate /dev/sdb1
  Physical volume "/dev/sdb1" successfully created.

6.查看vg组

[[email protected] ~]# vgs
  VG            #PV #LV #SN Attr   VSize    VFree
  cl_geekthings   1   3   0 wz--n- <999.00g 4.00m

7.扩展vg

[[email protected] ~]# vgextend cl_geekthings /dev/sdb1
  Volume group "cl_geekthings" successfully extended

[[email protected] ~]# vgs
  VG            #PV #LV #SN Attr   VSize VFree  
  cl_geekthings   2   3   0 wz--n- 1.17t 200.00g

8.扩展lv

[[email protected] ~]# lvextend -L +200G /dev/mapper/cl_geekthings-root
  Size of logical volume cl_geekthings/root changed from 50.00 GiB (12800 extents) to 250.00 GiB (64000 extents).
  Logical volume cl_geekthings/root successfully resized.

9.系统重新读取大小

[[email protected] ~]# xfs_growfs /dev/mapper/cl_geekthings-root
meta-data=/dev/mapper/cl_geekthings-root isize=512    agcount=4, agsize=3276800 blks
         =                       sectsz=512   attr=2, projid32bit=1
         =                       crc=1        finobt=0 spinodes=0
data     =                       bsize=4096   blocks=13107200, imaxpct=25
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0 ftype=1
log      =internal               bsize=4096   blocks=6400, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=1
realtime =none                   extsz=4096   blocks=0, rtextents=0
data blocks changed from 13107200 to 65536000

10.查看扩容是否成功

[[email protected] ~]# df -h
Filesystem                      Size  Used Avail Use% Mounted on
devtmpfs                         63G     0   63G   0% /dev
tmpfs                            63G     0   63G   0% /dev/shm
tmpfs                            63G  1.3G   62G   2% /run
tmpfs                            63G     0   63G   0% /sys/fs/cgroup
/dev/mapper/cl_geekthings-root  250G   38G  213G  16% /
/dev/sda1                      1014M  311M  704M  31% /boot
/dev/mapper/cl_geekthings-home  918G   12G  906G   2% /home
tmpfs                            13G   12K   13G   1% /run/user/42
tmpfs                            13G     0   13G   0% /run/user/0
overlay                         250G   38G  213G  16% /var/lib/docker/overlay2/70dffe831895bb55d79b4a8f483364a4f736637ccb2f6694f1cf82ba7ff1743d/merged
[[email protected] ~]# lsblk
NAME                   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda                      8:0    0  1000G  0 disk 
├─sda1                   8:1    0     1G  0 part /boot
└─sda2                   8:2    0   999G  0 part 
  ├─cl_geekthings-root 253:0    0   250G  0 lvm  /
  ├─cl_geekthings-swap 253:1    0  31.5G  0 lvm  
  └─cl_geekthings-home 253:2    0 917.5G  0 lvm  /home
sdb                      8:16   0   200G  0 disk 
└─cl_geekthings-root   253:0    0   250G  0 lvm  /
sr0                     11:0    1   4.1G  0 rom

CentOS記錄所有用戶登陸操作詳細日志

setp1 : 在 /etc/profile 末尾追增以下代碼

############################ 用戶登陸操作歷史脚本 ############################

USER_IP=`who -u am i 2>/dev/null| awk '{print $NF}'|sed -e 's/[()]//g'`
HISTDIR=/tmp/log/history
DT=`date +%Y-%m-%d`

if [ -z $USER_IP ]; then
    USER_IP=`hostname`
fi

pdf="."
if [[ ! $USER_IP == *${pdf}* ]]; then
    USER_IP=`hostname`
fi

if [ ! -d $HISTDIR ]; then
    mkdir -p $HISTDIR
    chmod 300 $HISTDIR
fi

if [ ! -d $HISTDIR/${DT} ]; then
    mkdir -p $HISTDIR/${DT}
    chmod 300 $HISTDIR/${DT}
fi

export HISTFILESIZE=10000 # 定義文件中最多的只有HISTFILESIZE行
export HISTSIZE=10000 # 定義history命令輸出的記錄數
DT2=`date +%Y-%m-%d_%H:%M:%S`
export HISTFILE="$HISTDIR/${DT}/${LOGNAME}@${USER_IP}_$DT2"
export HISTTIMEFORMAT="%Y-%m-%-d_%H:%M:%S # "
chmod 600 $HISTDIR/${DT}/*_* 2>/dev/null

##############################################################################

step2: 刷新生效

[[email protected] ~]# source /etc/profile

CentOS两种方式安装7z命令

一、安装(以CentOS为例)

1.yum安装(能访问互联网的,用此方式)

建议更换国内源 :中国科学技术大学镜像源

2.二进制安装

7z 最新版本链接
7z 官网

  • 下载到/usr/local
    [[email protected] ~]# cd /usr/local && wget https://nchc.dl.sourceforge.net/project/p7zip/p7zip/16.02/p7zip_16.02_src_all.tar.bz2
  • 解压
    [[email protected] local]# sudo tar xjvf p7zip_16.02_src_all.tar.bz2
  • 安装
    [[email protected] local]# cd p7zip_16.02 && sh install.sh

二、命令

[[email protected] opt]# 7za x frontend_7_06_JsTest_0303.7z  -r -o./
# 参数含义:
# x  代表解压缩文件,并且是按原始目录树解压(还有个参数 e 也是解压缩文件,但其会将所有文件都解压到根下,而不是自己原有的文件夹下)
# frontend_7_06_JsTest_0303.7z是压缩文件,这里我用phpadmin做测试。这里默认使用当前目录下的phpMyAdmin-3.3.8.1-all-languages.7z
# -r 表示递归解压缩所有的子文件夹
# -o 是指定解压到的目录,-o后是没有空格的,直接接目录。

[[email protected] opt]# 7za a -t7z -r frontend_7_06_JsTest_0303.7z /opt/frontend_7_06_JsTest_0303/*
# 参数含义:
# a  代表添加文件/文件夹到压缩包
# -t 是指定压缩类型,这里定为7z,可不指定,因为7za默认压缩类型就是7z
# -r 表示递归所有的子文件夹
# frontend_7_06_JsTest_0303.7z 是压缩好后的压缩包名
# /opt/frontend_7_06_JsTest_0303/*   :是压缩目标。
# 7za不仅仅支持.7z压缩格式,还支持.tar.bz2等压缩类型的。如上所述,用-t指定即可。

CentOS7将新增硬盘挂载到已有目录下

已知在虚拟机 VMWare 给指定服务器新增一块 100G 大小的硬盘
以 /data 目录为例,将 /data 目录挂载到新增磁盘上

0.对新增磁盘进行分区(关于 Linux 分区知识,请点击这里)
# 这里新增的磁盘名称叫 /dev/sdb
[[email protected] ~]# fdisk /dev/sdb

# 输入 m, 得到帮助,可以按照提示操作进行分区了
# 因为这块硬盘只有 100G,所以我只打算分一个区,这里是需要输入 n,然后接下来都按 Enter 键,默认即可,最后输入 w 保存退出
[[email protected] ~]# fdisk /dev/sdb
Welcome to fdisk (util-linux 2.23.2).

Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.

Command (m for help): m
Command action
   a   toggle a bootable flag
   b   edit bsd disklabel
   c   toggle the dos compatibility flag
   d   delete a partition
   g   create a new empty GPT partition table
   G   create an IRIX (SGI) partition table
   l   list known partition types
   m   print this menu
   n   add a new partition
   o   create a new empty DOS partition table
   p   print the partition table
   q   quit without saving changes
   s   create a new empty Sun disklabel
   t   change a partition's system id
   u   change display/entry units
   v   verify the partition table
   w   write table to disk and exit
   x   extra functionality (experts only)
1.将分区后的磁盘格式化成xfs类型
[[email protected] ~]# mkfs.xfs /dev/sdb1
2.创建临时挂载点至该硬盘上
[[email protected] ~]# mkdir -p /mnt/data
[[email protected] ~]# mount /dev/sdb1  /mnt/data

# 查看有没有挂载成功
[[email protected] ~]# df -h
Filesystem           Size  Used Avail Use% Mounted on
devtmpfs             7.8G     0  7.8G   0% /dev
tmpfs                7.8G     0  7.8G   0% /dev/shm
tmpfs                7.8G   11M  7.8G   1% /run
tmpfs                7.8G     0  7.8G   0% /sys/fs/cgroup
/dev/mapper/cl-root   45G   39G  6.6G  86% /
/dev/sda1            3.0G  221M  2.8G   8% /boot
tmpfs                1.6G     0  1.6G   0% /run/user/0
/dev/sdb1            100G     0    0G   0% /mnt/data
3.将 /data/ 下面的数据迁移到临时目录 /mnt/data
[[email protected] ~]# rsync -avzP /data /mnt/data/
4.删除原来的 /data 目录下文件
[[email protected] ~]# rm -rf /data/*
5.卸载 /dev/sdb1 硬盘
[[email protected] ~]# umount /dev/sdb1
6.设置开机挂载
[[email protected] ~]# vim /etc/fstab

# 末尾追增一行 
/dev/sdb1     /data     xfs     defaults    1 2

# 保存退出
7.挂载 /etc/fstab 中未挂载的分区
[[email protected] ~]# mount -a
8.检查挂载是否成功
[[email protected] ~]# df -h
Filesystem           Size  Used Avail Use% Mounted on
devtmpfs             7.8G     0  7.8G   0% /dev
tmpfs                7.8G     0  7.8G   0% /dev/shm
tmpfs                7.8G   11M  7.8G   1% /run
tmpfs                7.8G     0  7.8G   0% /sys/fs/cgroup
/dev/mapper/cl-root   45G   39G  6.6G  86% /
/dev/sda1            3.0G  221M  2.8G   8% /boot
tmpfs                1.6G     0  1.6G   0% /run/user/0
/dev/sdb1            100G   15G   86G  15% /data

CentOS更换中国科学技术大学(USTC)yum源

CentOS8
sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' \
         -e 's|^#baseurl=http://mirror.centos.org/$contentdir|baseurl=https://mirrors.ustc.edu.cn/centos|g' \
         -i.bak \
         /etc/yum.repos.d/CentOS-Base.repo \
         /etc/yum.repos.d/CentOS-Extras.repo \
         /etc/yum.repos.d/CentOS-AppStream.repo
CentOS7 && CentOS6
sudo sed -e 's|^mirrorlist=|#mirrorlist=|g' \
         -e 's|^#baseurl=http://mirror.centos.org/centos|baseurl=https://mirrors.ustc.edu.cn/centos|g' \
         -i.bak \
         /etc/yum.repos.d/CentOS-Base.repo
update cache
yum makecache

epel

sudo yum install -y epel-release
sudo sed -e 's|^metalink=|#metalink=|g' \
         -e 's|^#baseurl=https\?://download.fedoraproject.org/pub/epel/|baseurl=https://mirrors.ustc.edu.cn/epel/|g' \
         -i.bak \
         /etc/yum.repos.d/epel.repo