此爲本人在Linux運維學習期間整理的虛擬機安裝Linux須知,會不斷補充修正,整理以備後用。

最小化安裝CentOS7後進行的簡單配置。

Preparation

System Images

  • CentOS
    • CentOS-6.7-x86_64-minimal.iso
    • CentOS-7-x86_64-Everything-1511.iso

Virtualization Platform


Configurations

Create Normal User && Add into /etc/sudoers

1
2
useradd USERNAME
passwd USERNAME 或 echo "PASSWORD" | passwd --stdin USERNAME
1
sed -i '/Allow root to run any commands anywhere/a\$USERNAME  ALL=(ALL)  NOPASSWD:ALL' /etc/sudoers

免密码登录的格式

1
2
3
4
5
#CentOS中设置
USERNAME ALL=(ALL) NOPASSWD:ALL

#Debian中设置
USERNAME ALL=NOPASSWD:ALL

Disable selinux

1
[[ -f /etc/selinux/config ]] && sed -i -r '[email protected](SELINUX=)[email protected]\[email protected];[email protected]#*(SELINUXTYPE=.*)@#\[email protected]' /etc/selinux/config
  • 查看SELinux狀態
1
2
sestatus
getenforce
1
2
3
4
5
[[email protected] ~]$ sestatus
SELinux status: disabled
[[email protected] ~]$ getenforce
Disabled
[[email protected] ~]$
  • 使用setenforce [Enforcing|Permissive|1|0]可更改SELinux運行模式

Enable Ethernet Card Onboot && Configure IP Address

  • /etc/sysconfig/network-scripts/
1
sed -i -r '[email protected](ONBOOT=)[email protected]\[email protected]' /etc/sysconfig/network-scripts/ifcfg-eth0

DHCP 或 Manual Configuration

Replace Repository && Update OS

1
2
3
4
5
6
7
8
9
10
11
12
13
sudo yum -y -q install epel-release
sudo yum -y -q update

sudo yum -y -q install wget
mkdir /etc/yum.repos.d/bak
mv -f /etc/yum.repos.d/CentOS*.repo /etc/yum.repos.d/bak

#CentOS7
wget -P /etc/yum.repos.d/ -O CentOS-Base.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
#CentOS6
wget -P /etc/yum.repos.d/ -O CentOS-Base.repo http://mirrors.163.com/.help/CentOS6-Base-163.repo

yum clean all && yum -y update

或者

1
2
3
4
5
6
7
8
#判斷當前系統6or7
# majorVersion=$(awk '{print gensub(/[^[:digit:]]*([[:digit:]]{1}).*/,"\\1","g",$0)}' /etc/redhat-release) # awk version > 3
majorVersion=$(sed -r -n '[email protected][^[:digit:]]*([[:digit:]]{1}).*@\[email protected]' /etc/redhat-release
)

wget -P /etc/yum.repos.d/ -O CentOS-Base.repo http://mirrors.163.com/.help/CentOS"$majorVersion"-Base-163.repo

unset majorVersion

Remove Older Kernel

1
2
3
4
shutdown -r now
uname -r
rpm -qa | grep Kernel
yum remove Old_Kernel

Install Essential Packages

1
2
3
4
5
6
sudo yum -y install man vim mlocate gcc

#CentOS7
sudo yum -y install psmisc

#CentOS6
  • Install mlocate just for locate command
1
2
locate: can not stat () `/var/lib/mlocate/mlocate.db': No such file or directory
[[email protected] ~]# updatedb
  • Install psmisc just for pstree command

Configure VIM

  • Configuration File
    • /etc/vimrc
    • ~/.vimrc

具體參數配置參見本人Blog VIM Editor Configuration

Change TimeZone & Sync Networking Time

設置時區,同步網絡時間

1
2
3
4
5
6
7
8
9
10
11
12
#更改時區爲 Asia/Shanghai
sudo timedatectl set-timezone Asia/Shanghai

#安裝chrony進行時間同步
sudo yum install chrony -y

#啓動chrony服務並設置爲開機自動啓動
sudo systemctl start chronyd
sudo systemctl enable chronyd

#啓用NTP
sudo timedatectl set-ntp true

Change GRUB2 Menu Timeout

參考

更改文件/etc/default/grub的指令GRUB_TIMEOUT的值,更改完成後執行

1
2
3
4
sudo grub2-mkconfig -o /boot/grub2/grub.cfg

#UEFI Based System
sudo grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg

如果想要Default Boot Entry,具體可見上面列出的參考文檔。


Shell Script

此爲腳本實現
腳本作廢

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
#!/bin/bash
# 2016.01.29 21:33 Fri
# https://lempstacker.com/
# lempstacker

echo -e 'Welcome to use this script to configure your system!'

#判斷執行當前腳本的用戶
if [ -n $USER ] && [ -z $SUDO_USER ];then
nowUser="$USER"
else
nowUser="$SUDO_USER"
fi

if [ "$nowUser" != 'root' ];then
echo -e "\e[31mSorry, the user running this script is not root\nPlease su root user to rerun it. Bye\e[0m"
exit 2
fi

# #獲取用戶家目錄 模式引用中引用外部變量 '"$extvar"'
# userHomeDir=`cat /etc/passwd | awk -F: '$1~/^'"$nowUser"'/{print user$6}'`

#判斷當前系統6or7
osVersion=`cat /etc/redhat-release | grep -E -o '\<([[:digit:]].)*' | cut -d. -f1`

echo -e "Current System is \e[31m `cat /etc/redhat-release`\e[0m\n\nThe Script is working harding, please be patient!\nWorking..."

#備份原有的repo
yum -y -q install wget man &> /dev/null
echo -e 'Successfully install wget'
yum clean all -q

mkdir -p /etc/yum.repos.d/bak
mv -f /etc/yum.repos.d/CentOS*.repo /etc/yum.repos.d/bak
#下載aliyun repo
if [ $osVersion -eq 7 ];then
wget -q -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
else
wget -q -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-6.repo
fi

#更改yum源,並安裝epel倉庫
yum -y -q install epel-release &> /dev/null
yum update -y -q && yum upgrade -y -q

echo -e 'Successfully yum makecache'


#設置網卡開機啓動,針對CentOS6.x
if [ $osVersion -eq 6 ];then
sed -i -r '[email protected](ONBOOT=)[email protected]\[email protected]' /etc/sysconfig/network-scripts/ifcfg-eth0
#重啓網路服務
service restart network
fi

#禁用selinux
sed -i -r '[email protected][email protected][email protected];[email protected](SELINUXTYPE=targeted)@#\[email protected]' /etc/selinux/config

echo -e 'Disable SElinux'

#假設需要添加的用戶是`flying`是否存在,密碼是`12345`
newUser='flying'
newUserPass='12345'
id $newUser &> /dev/null
if [ $? -ne 0 ];then
useradd $newUser
echo $newUserPass | passwd --stdin $newUser
fi

#賦予用戶sudo權限
sed -i '/Allow root to run any commands anywhere/a\'"$newUser"' ALL=(ALL) NOPASSWD:ALL' /etc/sudoers

echo -e "Grant user \e[31m$newUser\e[0m the privilege of sudo"

#安裝並配置vim
yum -y -q install vim &> /dev/null
echo -e 'set tabstop=4\nset softtabstop=4\nset shiftwidth=4\nset backspace=2\nsyntax enable\nsyntax on\nset smartindent\nset smarttab\nset wrap' >> /etc/vimrc

echo -e 'Configuring vim finished'


echo -e '\e[34mPlease restart you system, then remove old kernel, Bye!\e[0m'
##暫時就這些

Relevent Packages

此操作根據需求自行決定是否需要安裝

1
sudo yum -y install htop glances dstat
  • sysvinit-tools

    The sysvinit-tools package contains various tools used for process management.

  • coreutils

    These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages. nice


1
2
3
4
5
6
7
sudo yum -y install nmap tcpdump hping3 traceroute ftp lftp

#CentOS7
sudo yum -y install net-tools procps-ng

#CentOS6
sudo yum -y install
  • net-tools

    The net-tools package contains basic networking tools, including ifconfig, netstat, route, and others. Most of them are obsolete. For replacement check iproute package.

  • iproute

    The iproute package contains networking utilities (ip and rtmon, for example) which are designed to use the advanced networking capabilities of the Linux 2.4.x and 2.6.x kernel.

  • procps-ng

    The procps package contains a set of system utilities that provide system information. Procps includes ps, free, skill, pkill, pgrep, snice, tload, top, uptime, vmstat, w, watch and pwdx. The ps command displays a snapshot of running processes. The top command provides a repetitive update of the statuses of running processes. The free command displays the amounts of free and used memory on your system. The skill command sends a terminate command (or another specified signal) to a specified set of processes. The snice command is used to change the scheduling priority of specified processes. The tload command prints a graph of the current system load average to a specified tty. The uptime command displays the current time, how long the system has been running, how many usersare logged on, and system load averages for the past one, five, and fifteen minutes. The w command displays a list of the users who are currently logged on and what they are running. The watch program watches a running program. The vmstat command displays virtual memory statistics about processes, memory, paging, block I/O, traps, and CPU activity. The pwdx command reports the current working directory of a process or processes.

File Permission

文件權限查看,可使用命令namei

1
2
3
4
5
6
[[email protected] ~]$ namei -om /etc/ansible/
f: /etc/ansible/
dr-xr-xr-x root root /
drwxr-xr-x root root etc
drwxr-xr-x root root ansible
[[email protected] ~]$

References


Change Logs

  • 2015.12.26 18:45 Sat Asia/Beijing
    • 第一版完稿
  • 2016.01.25 22:55 Mon Asia/Beijing
    • 勘誤,上傳至lempstacker部落格
  • 2016.01.30 00:47 Sat Asia/Beijing
    • 增加Shell腳本
  • 2016.02.25 00:17 Thu Asia/Beijing
    • 添加SELinux狀態查看命令
  • 2016.03.28 16:30 Mon Asia/Beijing
    • 添加File Permission
  • 2016.08.02 14:12 Tue Asia/Shanghai
    • 修改sudoer免密碼登錄
  • 2016.12.12 15:00 Mon Asia/Shanghai
    • 修改標題,添加時區設置、GRUB2設置

  • Note Time:2015.12.26 18:45 Sat
  • Note Location: Asia/Beijing
  • Writer:lempstacker