1.本地儲存設備的識別
fdisk -l ##真實存在的設備
cat /proc/partitions ##系統識別的設備
blkid ##系統可使用的設備
df ##查看系統正在掛載的設備
2.設備的掛載和卸載
1)設備名稱
/dev/xdx ##dev/hd0 /dev/hd1 /dev/sda /dev/sdb /dev/sda1 /dev/sda2 /dev/sdb1
/dev/sr0 ##光驅
/dev/mapper/* ##虛擬設備
2)設備的掛載
mount 設備 掛載點
mount /dev/sdb1 /mnt/ ##掛載sdb1到/mnt
mount -o ro /dev/sdb1 ##只讀掛載
mount ##查看掛載信息
mount -o remount,rw /dev/sda1 ##重新讀寫掛載(形式1)
mount -o remount,rw /mnt
umount /mnt | /dev/sdb1 ##卸載
3)解決設備正忙情況
當掛載的設備正在佔用,卸載時就會彈出設備正忙的提示
解決方法:
##方法一
fuser -kvm /mnt
umount /mnt
##方法二
lsof /mnt
kill -9 id
umount /mnt
3.磁盤分區
硬盤0磁道,1扇區的512個字節中:512=446+64 +2
446: MBR:主引導記錄(引導程序:446字節) 最多能劃4個主分區
64: MPT:主分區表,大小:64字節
2: 55aa:硬盤的有效性標識
硬盤分區表(64),1個分區佔用16個字節,1塊硬盤上最多可以劃分4個主分區
主分區:主分區表記錄
擴展分區:主分區表記錄(不能直接使用)記錄磁盤的信息
邏輯分區:不是由主分區表記錄的
1)開始分區,查看幫助
[root@server ~]# fdisk /dev/vdb
Welcome to fdisk (util-linux 2.23.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table
Building a new DOS disklabel with disk identifier 0x47ec6281.
Command (m for help): m
Command action
a toggle a bootable flag
b edit bsd disklabel
c toggle the dos compatibility flag
d delete a partition ##刪除分區
g create a new empty GPT partition table
G create an IRIX (SGI) partition table
l list known partition types
m print this menu
n add a new partition ##新建分區
o create a new empty DOS partition table
p print the partition table ##顯示分區信息
q quit without saving changes ## 退出並且不保存分區信息
s create a new empty Sun disklabel
t change a partition's system id ##修改分區id
u change display/entry units
v verify the partition table
w write table to disk and exit ##保存分區配置信息
x extra functionality (experts only)
2)新建主分區
Command (m for help): n
Partition type:
p primary (2 primary, 0 extended, 2 free)
e extended
Select (default p):
Using default response p
Partition number (3,4, default 3):
First sector (1435648-20971519, default 1435648):
Using default value 1435648
Last sector, +sectors or +size{K,M,G} (1435648-20971519, default 20971519): +800M
Partition 3 of type Linux and of size 800 MiB is set
3)新建擴展分區
Command (m for help): n
Partition type:
p primary (3 primary, 0 extended, 1 free)
e extended
Select (default e):
Using default response e
Selected partition 4
First sector (3074048-20971519, default 3074048):
Using default value 3074048
Last sector, +sectors or +size{K,M,G} (3074048-20971519, default 20971519):
Using default value 20971519
Partition 4 of type Extended and of size 8.5 GiB is set
4)新建邏輯分區
Command (m for help): n
All primary partitions are in use
Adding logical partition 5
First sector (3076096-20971519, default 3076096):
Using default value 3076096
Last sector, +sectors or +size{K,M,G} (3076096-20971519, default 20971519): +500M
Partition 5 of type Linux and of size 500 MiB is set
Command (m for help): wq ##退出保存,使分區信息配置生效
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
4.安裝文件系統
格式化就是安裝文件系統的過程
blkid ##查看可以使用的磁盤
mkfs.xfs /dev/vdb1 ##格式化/dev/vdb1
mount /dev/vdb1 /mnt ##掛載
2)自動文件系統掛載策略
vim /etc/fstab
/dev/vdb1 /mnt xfs defaults 0 0
#設備 掛載點 文件系統 掛載參數 是否備份 是否檢測
mount -a ##使/etc/fstab文件生效
5.配額管理
配額管理是針對於分區的(並非用戶)
[root@server ~]# mount /dev/vdb5 /pub/ ##將/dev/vdb5掛載到/pub/下
[root@server ~]# mount ##看當前的掛載情況
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=469332k,nr_inodes=117333,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel,size=484920k,nr_inodes=121230)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,size=484920k,nr_inodes=121230,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,seclabel,size=484920k,nr_inodes=121230,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/vda1 on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
sunrpc on /proc/fs/nfsd type nfsd (rw,relatime)
##可以看到沒有開啓配額管理
/dev/vdb5 on /pub type xfs (rw,relatime,seclabel,attr2,inode64,noquota) ## <---未開啓配額
[root@server ~]# umount /pub/ ##卸載/pub/下掛載的/dev/vdb5
[root@server ~]# df ##查看當前的掛載情況
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3213484 7260416 31% /
devtmpfs 469332 0 469332 0% /dev
tmpfs 484920 80 484840 1% /dev/shm
tmpfs 484920 12760 472160 3% /run
tmpfs 484920 0 484920 0% /sys/fs/cgroup
[root@server ~]# mount -o usrquota /dev/vdb5 /pub/ ##將/dev/vdb5掛載到/pub/下,並開啓用戶配額
[root@server ~]# ls -ld /pub/ ##查看/pub的權限
drwxr-xr-x. 2 root root 6 Jan 21 22:28 /pub/
[root@server ~]# chmod 1777 /pub/
[root@server ~]# ls -ld /pub/
drwxrwxrwt. 2 root root 6 Jan 21 22:28 /pub/
[root@server ~]# mount ##查看開啓配額管理是否成功
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=469332k,nr_inodes=117333,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel,size=484920k,nr_inodes=121230)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,size=484920k,nr_inodes=121230,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,seclabel,size=484920k,nr_inodes=121230,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/vda1 on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=300,minproto=5,maxproto=5,direct)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel)
sunrpc on /proc/fs/nfsd type nfsd (rw,relatime)
配額管理成功開啓
/dev/vdb5 on /pub type xfs (rw,relatime,seclabel,attr2,inode64,usrquota)
[root@server ~]# edquota -u student /dev/vdb5
Disk quotas for user student (uid 1000):
Filesystem blocks soft hard inodes soft hard
/dev/vdb5 0 0 20 0 0 0
管理的磁盤 文件的大小 軟限制 硬限制 文件的個數 軟限制 硬限制
##單位爲K
##管理student用戶在/pub所掛載的分區上面的配額
##配置配額大小爲20480K ,即20M
配額成功後,切換student用戶,測試配額管理
[root@server ~]# su - student
[student@server ~]$ dd if=/dev/zero of=/pub/studentfile bs=1M count=10 ##每個包1M,填充10個,即填充10M
10+0 records in
10+0 records out
10485760 bytes (10 MB) copied, 0.00458486 s, 2.3 GB/s ##正常完成
##清空 /pub/studentfile 再次測試:
[student@server ~]$ dd if=/dev/zero of=/pub/studentfile bs=1M count=21 ##每個包1M,填充21個,即填充21M
dd: error writing ‘/pub/studentfile’: Disk quota exceeded
101+0 records in
100+0 records out
104857600 bytes (20 MB) copied, 0.0549257 s, 1.9 GB/s ##只能裝20M,測試成功
##可以看到 /dev/vdb5的大小爲500M,而student用戶的配額只有20M,故以student用戶在/pub/下掛載的/dev/vdb5中只可用20M
6.磁盤加密
1)一次磁盤加密
[root@server ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3213580 7260320 31% /
devtmpfs 469332 0 469332 0% /dev
tmpfs 484920 80 484840 1% /dev/shm
tmpfs 484920 12788 472132 3% /run
tmpfs 484920 0 484920 0% /sys/fs/cgroup
[root@server ~]# fdisk -l
Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x00013f3e
Device Boot Start End Blocks Id System
/dev/vda1 * 2048 20970332 10484142+ 83 Linux
Disk /dev/vdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x78bf7daf
Device Boot Start End Blocks Id System
/dev/vdb1 2048 411647 204800 83 Linux
/dev/vdb2 411648 1435647 512000 83 Linux
/dev/vdb3 1435648 3074047 819200 83 Linux
/dev/vdb4 3074048 20971519 8948736 5 Extended
/dev/vdb5 3076096 4100095 512000 83 Linux
[root@server ~]# cryptsetup luksFormat /dev/vdb5 ##開啓磁盤加密管理
WARNING!
========
This will overwrite data on /dev/vdb5 irrevocably
Are you sure? (Type uppercase yes): YES ##大寫鍵入YES
Enter passphrase: ##設定磁盤密碼
Verify passphrase:
[root@server ~]# cryptsetup open /dev/vdb5 westos ##解密磁盤
Enter passphrase for /dev/vdb5:
[root@server ~]# ls -ld /dev/mapper/* ##查看解密後的磁盤
crw-------. 1 root root 10, 236 Jan 21 22:47 /dev/mapper/control
lrwxrwxrwx. 1 root root 7 Jan 22 02:09 /dev/mapper/westos -> ../dm-0
[root@server ~]# mkfs.xfs /dev/mapper/westos ##格式化解密後的磁盤,設定文件系統
meta-data=/dev/mapper/westos isize=256 agcount=4, agsize=31872 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=127488, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@server ~]# mount /dev/mapper/westos /pub/ ##掛載解密後的磁盤到/pub/下
[root@server ~]# vim /pub/file
[root@server ~]# cat /pub/file
westos redhat
[root@server ~]# umount /pub/ ##卸載/pub的掛載設備
[root@server ~]# cryptsetup close westos ##再次加密磁盤
2)加密磁盤開機自動掛載
vim /etc/fstab
/dev/mapper/westos /mnt xfs defaults 0 0
vim /etc/crypttab
westos /dev/vdb5 /root/disk_key
reboot查看配置情況