linux foundation system optimization
1 Network configuration
Linux is very powerful network functions, all of a sudden we can not understand the network command when configuring the server infrastructure environment, first understand the network parameter setting command.
- ifconfig query and set parameters such as network card and ip
- ifup, ifdown script commands, easier way to start off the network
- ip compliance with instructions directly modify the functional
1 # Edit profile card 2 Vim / etc / sysconfig / Network-scripts / in ifcfg- eth0 . 3 # modify the configuration parameters . 4 the ONBOOT = Yes
Detailed network card configuration file
Network configuration files: / etc / sysconfig / Network Network Interface configuration file: / etc / sysconfig / Network-scripts / in ifcfg- the INTERFACE_NAME the DEVICE = : name associated with the device, to be consistent with the rear half of the file name of "the INTERFACE_NAME"; BOOTPROTO {= static | none | DHCP | BOOTP}: Bootstrap protocol; to use a static address, the use of static or none; dhcp DHCP server to obtain the address indication; the IPADDR = : the IP address NETMASK = : subnet mask the GATEWAY = : default settings gateway; the ONBOOT = : whether to automatically activate the boot this network interface; the HWADDR = : hardware address, to be consistent with the hardware address; can be saved; USERCTL = {Yes | NO}: whether to allow ordinary users to control this interface; PEERDNS = {yes | no}: Specifies whether to accept the DNS address by the DHCP server to the DHCP BOOTPROTO;
ifconfig command
ifconfig see card ip address
ifup ifdown command
Start / shut down a network card
ifup eth0
ifdown eth0
ip command
ip is a command, not a TCP / IP that ip, ip This command is a combination of ifconfig and route features two commands.
ip ip addr show # View information
1 # View system version 2 CAT / etc / redhat- Release . 3 the CentOS the Linux Release 7.4 . 1708 (Core) . 4 # view kernel version . 5 the uname - R & lt . 6 3.10 . 0 - 693 .el7.x86_64 . 7 # View how many bits . 8 the uname - m . 9 the x86_64 10 # See all information kernel . 11 the uname -a
Two Linux-related permissions
The concept of computer users
Modern operating systems are generally multi-user operating system, that is, the same machine can create an account for multiple users, these users are usually for the average user, these ordinary users can log on to this computer at the same time, distribution of these computer users certain resources. Ordinary users perform their operations within the resources allocated to, each other is not affected. But these ordinary user's privileges are limited, and the user too much, management is inconvenient, thereby introducing the root user. This user is unique, and has all the permissions system. group root user is called root groups. "Group" is a collection of a plurality of users having similar rights.
root user
Features of the Linux system is to satisfy multiple users to work simultaneously, so the Linux system must have good security. In the installation root administrator password RHEL7 when set, this is the root of all UNIX systems administrator super user, it has the highest ownership of the system, to manage the various functions of the system, such as add / delete users, startup / shutdown process, Enable / disable hardware equipment. Therefore, "With great power comes great responsibility", root permissions must grasp well, otherwise a wrong command could destroy the entire system.
In the Linux system, users also have their own UID and unique identity account. System administrators UID is 0, the system user UID is 1 ~ 999, Linux installation service program will create a unique user is responsible for running. Average user UID from the beginning of 1000, have created an administrator.
User Group CID
In order to facilitate the management of users belonging to the same group, Linux system also introduces the concept of user groups. By using the user group number (GID, Group IDentification), we can put more users join the same group, making it easy for the user group of unified planning permission or a specified task.
In practice, a company has multiple departments, each department and there were a lot of employees. If you just want to let employees access to resources within the department, it is possible for the sector rather than specific employees to set permissions. By this time you can set permissions on the technology sector, making only technical department employees can access the company's database and other information.
note:
-
Linux administrator when creating the user, the user will automatically create a group with the same name, this user group is only one person that user
User-related operations
Create a regular user
Switch User
su command to switch the identity of the user needs, su - username su command middle - number is very important, which means completely switch to a new user, that is the environment variable information is also changed to the new user information
groupadd command
group command for creating user groups, in order to more efficiently assign permissions to each user system, several users often added to a group in which the work, so that the user can arrange for a class of rights. For example, companies need to add openLDAP user management, occasionally Taiwan, Shanghai American colleagues to collaborate, I have to give them added to the department set it inside, that they have rights to the server operations.
userdel Delete user
userdel to delete the general user
sudo command
sudo command is used to execute commands in other capacities, the default identity for the root. Sudo user executable instructions provided in / etc / sudoers in.
If its an unauthorized user attempts to use sudo, it will issue a warning message to the administrator. When users use sudo, you must first enter the password, and 5 minutes after the expiration date, the deadline you must re-enter the password.
Using the syntax: sudo [options] [parameters]
sudo [options] Parameters -b: executing instructions in the background; -h: Display help; -H: HOME environment variable to the HOME environment variable new identity; -k: the end of the password expiration date, which is next You will need to enter a password and then execute sudo;. -l: List current users of executable instructions can not be executed with; -p: password change prompt inquiry; -s <shell>: Executes the specified shell; -u <user>: to specify the user as a new identity . If coupled with this parameter, then the default as root as a new identity; -v: Password extend the validity of five minutes; -V: Display version information.
Modify / etc / sudoers / file
This is due to the configuration sudo must edit / etc / sudoers file, and only root can modify.
We can be edited by the visudo command directly sudoers file, use this command can also check the syntax, / sudoers safer than direct editing vim / etc.