First, let's build an experimental environment and download several installation packages to facilitate command demonstration:
[root@localhost ~]# cd /mnt/
[root@localhost mnt]# ls
[root@localhost mnt]# mkdir software 将软件包归纳到software
[root@localhost mnt]# ls
software
[root@localhost mnt]# cd software/
[root@localhost software]# ls
从桌面文件夹内将安装包传到虚拟机的/mnt/software/路径下面。
[kiosk@foundation84 Desktop]$ scp /home/kiosk/Desktop/1234/* root@172.25.254.121:/mnt/software
root@172.25.254.121's password:
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm 100% 29KB 29.2KB/s 00:00
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm 100% 29KB 29.1KB/s 00:00
linuxqq-v1.0.2-beta1.i386.rpm 100% 4928KB 4.8MB/s 00:00
wps-office-10.1.0.5672-1.a21.x86_64.rpm 100% 78MB 78.4MB/s 00:01
[root@localhost software]# ls 传递过去的安装包
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
The specific command demonstration is relatively simple. The remote transmission using scp is a simple command.
The format and parameters of the rpm command:
rpm
rpm -ivh name.rpm 安装,-v显示过程,-h指定加密方式为hash
rpm -e name 卸载,卸载写的是软件名字而不是安装包名字
rpm -ql 表示在系统哪些位置安装了软件
rpm -qc 查询软件的配置文件
rpm -qd 查询软件的文档,以及说明文件
rpm -qlp name.rpm 软件包如果安装了在系统安装位置
rpm -qa | grep httpd 查看安装了那些软件,| 表示过滤
rpm -q 查看软件安装了没有
rpm -qa |grep name 查看软件是否安装
rpm -qp name.rpm 查询软件包安装在系统之后叫什么名字
rpm -qf filename 查询某个文件属于哪个安装包
rpm -qi name 表示查看软件信息
rpm -p 表示查看软件包时加p
rpm -qp name.rpm --scripts 查询软件在安装或卸载过程中执行的动作
rpm -ivh name.rpm --force 强制安装,但不能忽略依赖性
rpm -ivh name.rpm --force --nodeps 忽略依赖性并强制安装
rpm -Kv name.rpm 检测软件包是否被篡改
A few points to note:
--nodeps means ignore dependencies.
–force stands for force, only for forced installation.
The difference between -qa and -q is that the former is vague and the latter is an exact match.
Demonstration of rpm command:
[root@localhost software]# rpm -ivh linuxqq-v1.0.2-beta1.i386.rpm --nodeps 忽略依赖性安装
Preparing... ################################# [100%]
file /usr/bin from install of linuxqq-v1.0.2-beta1.i386 conflicts with file from package filesystem-3.2-18.el7.x86_64
[root@localhost software]# rpm -ivh linuxqq-v1.0.2-beta1.i386.rpm --nodeps --force 忽略依赖性强制安装
Preparing... ################################# [100%]
Updating / installing...
1:linuxqq-v1.0.2-beta1 ################################# [100%]
[root@localhost software]# rpm -qc openssh-server 查看软件的配置文件
/etc/pam.d/sshd
/etc/ssh/sshd_config
/etc/sysconfig/sshd
[root@localhost software]# rpm -qd openssh-server 查看软件的说明文档
/usr/share/man/man5/moduli.5.gz
/usr/share/man/man5/sshd_config.5.gz
/usr/share/man/man8/sftp-server.8.gz
/usr/share/man/man8/sshd.8.gz
[root@localhost software]# rpm -Kv linuxqq-v1.0.2-beta1.i386.back.rpm 检测软件包是否被篡改
linuxqq-v1.0.2-beta1.i386.rpm:
Header SHA1 digest: OK (9893064ebb5d9966a7e061e1c2017d189f5a8100)
MD5 digest: OK (5b35ffaf802861b72c0f2a615effdfdc)
[ro[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# cp linuxqq-v1.0.2-beta1.i386.rpm linuxqq-v1.0.2-beta1.i386.back.rpm 复制一个安装包改名字进行篡改实验
[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.back.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# echo hello >>linuxqq-v1.0.2-beta1.i386.back.rpm 将hello重定向到安装包里面
[root@localhost software]# rpm -Kv linuxqq-v1.0.2-beta1.i386.back.rpm 检测安装包已经被损坏
linuxqq-v1.0.2-beta1.i386.back.rpm:
Header SHA1 digest: OK (9893064ebb5d9966a7e061e1c2017d189f5a8100)
MD5 digest: BAD Expected(5b35ffaf802861b72c0f2a615effdfdc) != (859a597856638c57ea82ed3056f2dcad)
ot@localhost software]# rpm -qf /bin/ls 查看文件属于哪个软件包
coreutils-8.22-11.el7.x86_64
Installation:
Change the contents of the installation package to tamper with:
The construction of third-party software warehouses, gpgcheck represents third-party software.
Put all rpm software packages in one directory, which can only store
rpm
files
vim /etc/yum.repos.d/xxx.repo (file content)
[software]
name=software
baseurl=file:///rpm storage directory
gpgcheck=0
yum clean all
Build network source, install httpd, close firewall, disable Turn off the firewall and enable httpd to start automatically at boot
[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# createrepo . 生成软件数据包
Spawning worker 0 with 4 pkgs
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Sqlite DBs complete
[root@localhost software]# ls
FluffyMcAwesome-A-6.4.0-11.r19335.x86_64.rpm
FluffyMcAwesome-B-6.4.0-11.r19335.x86_64.rpm
linuxqq-v1.0.2-beta1.i386.rpm
repodata 已经生成
wps-office-10.1.0.5672-1.a21.x86_64.rpm
[root@localhost software]# cd repodata/
[root@localhost software]# vim /etc/yum.repos.d/rhel_dvd.repo 编辑文件
[root@localhost software]# yum clean all
Loaded plugins: langpacks
Cleaning repos: software source7.0
Cleaning up everything
[root@localhost software]# yum repolist
Loaded plugins: langpacks
source7.0 | 4.1 kB 00:00
(1/2): source7.0/group_gz | 134 kB 00:00
(2/2): source7.0/primary_db | 3.4 MB 00:00
repo id repo name status
source7.0 source7.0 4,305
repolist: 4,305
[root@localhost software]# cp -r /mnt/software/ /var/www/html/
cp: cannot create directory ‘/var/www/html/’: No such file or directory 复制不了的原因就是我们必须下载共享然后打开httpd关闭防火墙
[root@localhost software]# yum install httpd -y 安装后就可以共享
Complete!
[root@localhost software]# systemctl start httpd 开启服务
[root@localhost software]# systemctl enable httpd 开机自启动
ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'
[root@localhost software]# systemctl stop firewalld 关闭防火墙
[root@localhost software]# systemctl disable firewalld 开机关闭
rm '/etc/systemd/system/basic.target.wants/firewalld.service'
rm '/etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service'
[root@localhost software]# cp -r /mnt/software/ /var/www/html/ 这样就可以复制
Generate software data package:
Build a third-party software source repository:
File content: To
build a network source, first install Apache
yum install httpd -y, and you can copy it after the build is complete.
Test whether it is set up well:
Since these operations are done on the virtual machine, we test on the real machine, open the Firefox browser and enter 172.25.254.121/software/ The ip entered here is the virtual machine.
If we don't want to view the software that we don't need when the software comes out, we need to shield some software in the yum repository.
[root@localhost ~]# yum list 内容较多不展示
[root@localhost ~]# vim /etc/yum.conf
写入exclude=*.i686
[root@localhost ~]# yum list 查看时就没有了32位的安装包
[root@localhost ~]# yum list linuxqq 查看Linuxqq的安装包
Loaded plugins: langpacks
Installed Packages
linuxqq.i386 v1.0.2-beta1 installed
[root@localhost ~]# vim /etc/yum.conf
写入exclude=*.i686 *.i386
[root@localhost ~]# yum list linuxqq 出来包的原因是linuxqq已经被我安装
Loaded plugins: langpacks
Installed Packages
linuxqq.i386 v1.0.2-beta1 installed
[root@localhost ~]# rpm -e linuxqq 卸载linuxqq
[root@localhost ~]# yum list linuxqq 查看包的时候已经被屏蔽
Loaded plugins: langpacks
Error: No matching Packages to list
Shielding 32-bit installation package file writing:
shielding linuxqq file writing:
Operation demonstration:
Kickstart Overview
Using kickstart, a system administrator can create a file that contains answers to all frequently asked questions during installation so that a virtual machine can be installed directly.
package system-config-kickstart
install yum install syatem-config-kickstart
[root@localhost software]# yum install httpd system-config-kickstart -y 安装阿帕奇和kickstart
Complete!
[root@localhost ~]# system-config-kickstart 打开设置问题答案界面,进行配置以保证虚拟机可以自动安装。(用真机连接虚拟机时必须加-X开启图形以显示界面)
[root@localhost mnt]# systemctl start httpd 打开阿帕奇
[root@localhost mnt]# systemctl stop firewalld 关闭防火墙
然后在真机输入172.25.254.121/ks.cfg就可以看到自己刚才的操作。
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# ls
ks.cfg software
[root@localhost html]# vim ks.cfg
%packages
@base
lftp
%end
[root@localhost html]# ksvalidator ks.cfg 只可以检查语法
Install Apache and kickstart, open the setting problem interface:
add -X when connecting to the virtual machine to open the graphics.
Set the first step, password:
set the second step, set the http
setting The third step:
set the fourth step:
click add at the bottom to add a partition:
set the fifth step, add a dynamic network:
set the sixth step, default:
set the seventh step, turn off the firewall.
The latter are all defaults, and then click the file to save it to /var/www/html, and then close.
Open Apache, close the firewall:
enter 172.25.254.121/ks.cfg on the real machine to test: the
virtual machine operation is completed:
edit the file content:
Next, operate on the real machine: this must be configured with dhcp before the experiment can be performed.
在真机:回去必须在有dhcp情况下实验。
[root@foundation21 mnt]# vim westos.sh 编辑脚本
#!/bin/bash
virt-install \
--ram 1024 \
--cpus 1 \
--disk /var/lib/libvirt/images/$1.qcow2,size=8,bus=virtio \
--name $1 \
--network source=br0,model=virtio \
--location http://172.25.254.21/source7.2 \
--extra-args "ks=http://172.25.254.121/ks.cfg" &
[root@foundation21 mnt]# chmod +x /mnt/westos.sh 赋予权限
[root@foundation21 mnt]# /mnt/westos.sh srr 调用
We can see that it will install itself by calling it.
My real machine is version 7.1, so the script writes 7.1.
Because it has been permanently mounted before, it can be viewed through the df command.
[root@foundation84 mnt]# df 查看挂载
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/sda12 124457600 56178124 68279476 46% /
devtmpfs 3863288 0 3863288 0% /dev
tmpfs 3873420 504 3872916 1% /dev/shm
tmpfs 3873420 9372 3864048 1% /run
tmpfs 3873420 0 3873420 0% /sys/fs/cgroup
/dev/sda10 198380 105644 92736 54% /boot
/dev/sda9 204580 9700 194880 5% /boot/efi
/dev/loop0 3654720 3654720 0 100% /var/www/html/source7.0
/dev/loop1 3798292 3798292 0 100% /var/www/html/source7.1
View Mount: The
installation process:
The login user password can enter the virtual machine, and the virtual machine is successfully established.