1、系統安裝至少選擇的五個包
@ system-tools
@ development-tools
@ text-internet
@ server-cfg
@ admin-tools
@ network-server
@ kernel-development
@ system-tools
@ development-tools
@ text-internet
@ server-cfg
@ admin-tools
@ network-server
@ kernel-development
2、通過命令setup,設置系統運行必要服務
crond
network
xinetd
iptables
ssh
syslog
3、更改Shell提示符
vi /etc/profile
PS1='${USER}:${PWD}>'
vi /etc/profile
PS1='${USER}:${PWD}>'
4、將服務器的配置寫入文件motd,登錄服務器就可以看到。
vi /etc/motd
HOSTNAME: vmware.host
IP : 192.168.1.123
MEM : 256M
CPU : Intel(R) Pentium(R) M processor 1600MHz
DISK : 250G
vi /etc/motd
HOSTNAME: vmware.host
IP : 192.168.1.123
MEM : 256M
CPU : Intel(R) Pentium(R) M processor 1600MHz
DISK : 250G
5、爲了方便管理用戶,加入用戶時將其加入同一個組。
root:/usr/local>groupadd admins
root:/usr/local>useradd -G admins fei
root:/usr/local>id fei
uid=580(fei) gid=580(fei) groups=580(fei),505(admins)
6、安裝sudo
tar zxvf bak/sudo-1.6.6.tar.gz
cd sudo-1.6.6/
./configure --help
./configure
make
make install (root)
/usr/local/sbin/visudo
# sudoers file.
#
# This file MUST be edited with the 'visudo' command as root.
#
# See the sudoers man page for the details on how to write a sudoers file.
#
# Host alias specification
# User alias specification
User_Alias USERADMIN=shell,test,aian,lei 添加一行修改成需要的用戶
# Cmnd alias specification
Cmnd_Alias USERADMIN_COM=/usr/local/sbin/suroot 添加一行
# User privilege specification
root ALL=(ALL) ALL
USERADMIN ALL=USERADMIN_COM
注:在執行時使用sudo
5、防火牆
6、設置用戶登錄自動發郵件到指定的郵箱
如果所有用戶登錄自動發自動到指定郵箱就編輯/etc/porfile文件,如果是某個用戶登錄自動發郵件到指定郵箱就編輯用戶主目錄下.bash_prefile文件。
bo:/home/bo>vi .bash_profile
# .bash_profile
# Get the aliases and functions
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
# User specific environment and startup programs
PATH=$PATH:$HOME/bin
#MAIL=/bin/mail
w > /tmp/wcheck
/bin/mail -s "$HOSTNAME $USER Login `date +%m%d-%R`" [email][email protected][/email] </tmp/wcheck -- -f $USER@$HOSTNAME
#MAIL=/bin/mail
w > /tmp/wcheck
/bin/mail -s "$HOSTNAME $USER Login `date +%m%d-%R`" [email][email protected][/email] </tmp/wcheck -- -f $USER@$HOSTNAME
export PATH
unset USERNAME
unset USERNAME
針對所有用戶登錄自動發郵件到指定用戶
# /etc/profile
# System wide environment and startup programs, for login setup
# Functions and aliases go in /etc/bashrc
# Functions and aliases go in /etc/bashrc
pathmunge () {
if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then
if [ "$2" = "after" ] ; then
PATH=$PATH:$1
else
PATH=$1:$PATH
fi
fi
}
if ! echo $PATH | /bin/egrep -q "(^|:)$1($|:)" ; then
if [ "$2" = "after" ] ; then
PATH=$PATH:$1
else
PATH=$1:$PATH
fi
fi
}
# Path manipulation
if [ `id -u` = 0 ]; then
pathmunge /sbin
pathmunge /usr/sbin
pathmunge /usr/local/sbin
fi
if [ `id -u` = 0 ]; then
pathmunge /sbin
pathmunge /usr/sbin
pathmunge /usr/local/sbin
fi
pathmunge /usr/X11R6/bin after
# No core files by default
ulimit -S -c 0 > /dev/null 2>&1
USER="`id -un`"
LOGNAME=$USER
MAIL="/var/spool/mail/$USER"
#setup JDK environment variable
JAVA_HOME=/home/jdk/jdk1.5.0_11
CLASSPATH=$JAVA_HOME/lib/tools.jar:JAVA_HOME/lib:JAVA_HOME/bin
LOGNAME=$USER
MAIL="/var/spool/mail/$USER"
#setup JDK environment variable
JAVA_HOME=/home/jdk/jdk1.5.0_11
CLASSPATH=$JAVA_HOME/lib/tools.jar:JAVA_HOME/lib:JAVA_HOME/bin
HOSTNAME=`/bin/hostname`
HISTSIZE=1000
if [ -z "$INPUTRC" -a ! -f "$HOME/.inputrc" ]; then
INPUTRC=/etc/inputrc
fi
PS1='${USER}:${PWD}>'
w > /tmp/wcheck
/bin/mail -s "$HOSTNAME $USER Login `date +%m%d-%R`" [email][email protected][/email] </tmp/wcheck
export PATH USER LOGNAME MAIL HOSTNAME HISTSIZE INPUTRC JAVA_HOME CLASSPATH
for i in /etc/profile.d/*.sh ; do
if [ -r "$i" ]; then
. $i
fi
done
if [ -r "$i" ]; then
. $i
fi
done
unset i
unset pathmunge
unset pathmunge
注:1、 -- -f 是指定發件人的地址 (不知爲什麼不啓作用) 2、如果要更改發件人地址與/etc/postfix/main.cf 文件中mydomain = testbo.com 參數有關。
7、troubleshooting
該服務器是做DNS服務器的,工作需要要對服務器重新啓動。執行reboot命令後,在公司就連接不上了。於是到機房服務器終端出現以下信息WARNING: couldn't open /etc/fstab: No such file or directory
fsck.ext2: Is a directory/:
………………
………………
………………
Give root password for maintenance
(or type Control-D to continue):
fsck.ext2: Is a directory/:
………………
………………
………………
Give root password for maintenance
(or type Control-D to continue):
感覺事情不妙,既然是fstab文件沒有了,就要從新創建這個文件,以前這個文件有備份,所以方便多了。
採取措施:
(Repair filesystem) 1 # mv /etc/fstab.old /etc/fstab
mv: cannot move '/etc/fstab.old' to '/etc/fstab': Read-only file system
mv: cannot move '/etc/fstab.old' to '/etc/fstab': Read-only file system
(Repair filesystem) 2 # mount -o remount,rw /dev/sda1
Warning: can't open /etc/fstab: No such file or directory
(Repair filesystem) 3 #
Warning: can't open /etc/fstab: No such file or directory
(Repair filesystem) 3 #
(Repair filesystem) 4 # mv /etc/fstab.old /etc/fstab
(Repair filesystem) 5 #
(Repair filesystem) 5 #
藉助Live CD(G4L):
# mount -t proc none /mnt/gentoo/proc# mount -o bind /dev /mnt/gentoo/dev -o options 主要用來描述設備或檔案的掛接方式。常用的參數有: loop:用來把一個文件當成硬盤分區掛接上系統 ro:採用只讀方式掛接設備 rw:採用讀寫方式掛接設備 iocharset:指定訪問文件系統所用字符集# mount -t ext3 /dev/sda1 /mnt/sda1# chroot /mnt/gentoo /bin/bash (切入硬盤Linux 系統) # env-update >>> Regenerating /etc/ld.so.cache... # source /etc/profile # export PS1="(chroot) $PS1"
更改ssh 端口
[root@localhost ~]# vim /etc/ssh/sshd_config
# possible, but leave them commented. Uncommented options change a
# default value.
Port 45678 加入
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
# default value.
Port 45678 加入
#Port 22
#Protocol 2,1
Protocol 2
#AddressFamily any
[root@localhost ~]# /etc/init.d/sshd restart
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@localhost ~]#
Stopping sshd: [ OK ]
Starting sshd: [ OK ]
[root@localhost ~]#