目錄
1、添加普通用戶
[1] 要在CentOS服務器上添加普通用戶帳戶,請按以下步驟設置。
[root@lianglab ~]# useradd centos
[root@lianglab ~]# passwd centos
Changing password for user centos.
New password: #輸入您要設置的任何密碼
Retype new password:
passwd: all authentication tokens updated successfully. #所有身份驗證令牌已成功更新
[2] 如果您想從普通用戶切換到root用戶帳戶,請使用[su]命令。
[root@lianglab ~]# su - centos #切換centos賬號
[centos@lianglab ~]$ su - #切換root賬號
Password: #輸入root密碼
[root@lianglab ~]# #切換到root賬號
[3] 如果您想限制用戶運行[su]命令,請進行如下設置。
在以下示例中,只有[wheel]組中的用戶可以運行[su]命令。
[root@lianglab ~]# usermod -G wheel centos
[root@lianglab ~]# vi /etc/pam.d/su
[root@lianglab ~]# cat /etc/pam.d/su
#%PAM-1.0
auth required pam_env.so
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid #我們添加的配置項
# Uncomment the following line to require a user to be in the "wheel" group.
auth required pam_wheel.so use_uid
auth substack system-auth
auth include postlogin
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session include postlogin
session optional pam_xauth.so
auth sufficient pam_rootok.so debug
[root@lianglab ~]# groups centos #查看賬號所在的組
centos : centos wheel
我們可以創建一個賬號user01沒有在wheel組,並嘗試切換到root賬號
[root@lianglab ~]# useradd user01
[root@lianglab ~]# passwd user01
Changing password for user user01.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
[root@lianglab ~]#
[root@lianglab ~]# su - user01
[user01@lianglab ~]$
[user01@lianglab ~]$ su -
Password:
su: Permission denied #通常是被拒絕的
[user01@lianglab ~]$
[4] 如果您要刪除用戶帳戶,請按以下步驟設置。
[root@lianglab ~]# userdel -r user01 #刪除用戶[user01](僅刪除的用戶帳戶)
userdel: user 'user01' does not exist
[root@lianglab ~]# ll /home/
total 4
drwxr-xr-x. 3 admin admin 78 Sep 28 10:09 admin
drwx------. 4 centos centos 113 Dec 4 13:56 centos
drwx------. 15 lianglab lianglab 4096 Sep 27 16:42 lianglab
drwx------. 3 tddev users 78 Sep 28 10:09 tddev
drwx------. 5 tdops users 143 Oct 15 16:10 tdops
drwx------. 3 tdsec users 78 Sep 28 10:09 tdsec
drwx------. 4 1006 1006 113 Dec 4 14:16 user01
#刪除用戶[user01](已刪除的用戶帳戶和他的主目錄)
[root@lianglab ~]# userdel -r user01
userdel: user 'user01' does not exist
[root@lianglab ~]# userdel -r lianglab
[5] 添加到wheel組用戶免密切換root賬號設置步驟。
vi /etc/sudoers
## Same thing without a password
%wheel ALL=(ALL) NOPASSWD: ALL #添加這段內容后,wheel組用戶,切換到root不需要知道root密碼。
[root@lianglab ~]# su - centos
[centos@lianglab ~]$ id
uid=1005(centos) gid=1005(centos) groups=1005(centos),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[centos@lianglab ~]$
[centos@lianglab ~]$ sudo su - ##免密切換到root賬號。
[root@lianglab ~]#
2、防火牆和SELinux
[1] 可以如下所示顯示FireWall服務狀態。(默認啟用)
[root@lianglab ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2020-12-04 14:23:39 CST; 1h 10min ago
Docs: man:firewalld(1)
Main PID: 199682 (firewalld)
Tasks: 2 (limit: 49642)
Memory: 28.1M
CGroup: /system.slice/firewalld.service
└─199682 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid
Dec 04 14:23:38 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
Dec 04 14:23:39 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 04 14:23:39 lianglab firewalld[199682]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option.
[活動:活動(正在運行)***]表示firewalld正在運行
[2] 如果您使用FireWall服務,則它需要手動修改FireWall設置,因為默認情況下大多數情況下不允許傳入服務請求。
有關防火牆的基本操作和設置,請參見此處。
[3] 如果由於某些原因(例如某些FireWall計算機在您的本地Netowrk中運行)而不需要FireWall服務,則可以像下面這樣在CentOS服務器上停止和禁用FireWall服務。
#停止服務
停止防火牆、並禁用防火牆
[root@lianglab ~]# systemctl stop firewalld
[root@lianglab ~]# systemctl disable firewalld
[root@lianglab ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Dec 04 14:23:38 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
Dec 04 14:23:39 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 04 14:23:39 lianglab firewalld[199682]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will b>
Dec 04 15:36:01 lianglab systemd[1]: Stopping firewalld - dynamic firewall daemon...
Dec 04 15:36:01 lianglab systemd[1]: Stopped firewalld - dynamic firewall daemon.
[4] 可以如下顯示當前的SELinux(增強安全性的Linux)狀態。(默認啟用)
[root@lianglab ~]# getenforce
Permissive #允許
[root@lianglab ~]#
[5] 如果啟用SELinux,則有時會手動修改SELinux策略,因為SELinux有時會停止應用程序。
有關SELinux的基本操作和設置,請參見此處。
該站點上CentOS 8的配置示例基於SELinux始終在執行的環境。
[6] 如果由於某些原因(例如您的服務器僅在本地安全網絡中運行)或某些其他原因而不需要SELinux功能,則可以如下禁用SELinux。
vi /etc/selinux/config
SELINUX=disabled
#重新啟動計算機以應用設置
[root@lianglab ~]# reboot
3、網絡設置
[root@lianglab ~]# hostnamectl set-hostname www.lianglab.cn ##設置主機名
#顯示設備
[root@lianglab ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens3 ethernet connected ens3
cni-podman0 bridge connected cni-podman0
lo loopback unmanaged --
#設置IPv4地址
[root@lianglab ~]# nmcli connection modify ens3 ipv4.addresses 10.0.0.30/24
#設置網關
[root@lianglab ~]# nmcli connection modify ens3 ipv4.gateway 10.0.0.1
#設置DNS
[root@lianglab ~]# nmcli connection modify ens3 ipv4.dns 10.0.0.1
#設置手動進行靜態設置(對於DHCP為[auto])
[root@lianglab ~]# nmcli connection modify ens3 ipv4.method manual
#重新啟動界面以重新加載設置
[root@lianglab ~]# nmcli connection down ens3; nmcli connection up ens3
#顯示設置
[root@lianglab ~]# nmcli device show ens3
GENERAL.DEVICE: ens3
GENERAL.TYPE: ethernet
GENERAL.HWADDR: FA:57:3D:27:AB:00
GENERAL.MTU: 1500
GENERAL.STATE: 100 (connected)
GENERAL.CONNECTION: ens3
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/1
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.6.58/24
IP4.GATEWAY: 192.168.6.1
IP4.ROUTE[1]: dst = 0.0.0.0/0, nh = 192.168.6.1, mt = 100
IP4.ROUTE[2]: dst = 169.254.169.254/32, nh = 192.168.6.194, mt = 100
IP4.ROUTE[3]: dst = 192.168.6.0/24, nh = 0.0.0.0, mt = 100
IP4.DNS[1]: 223.5.5.5
IP6.ADDRESS[1]: fe80::63b:d0b2:2d5b:e779/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 100
[root@lianglab ~]#
#顯示狀態
[root@lianglab ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq state UP group default qlen 1000
link/ether fa:57:3d:27:ab:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.6.58/24 brd 192.168.6.255 scope global noprefixroute ens3
valid_lft forever preferred_lft forever
3: cni-podman0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 0a:2f:7d:c4:06:59 brd ff:ff:ff:ff:ff:ff
inet 10.88.0.1/16 brd 10.88.255.255 scope global cni-podman0
valid_lft forever preferred_lft forever
[root@lianglab ~]#
[2] 如果您不需要IPv6,則可以如下禁用它。
[root@lianglab ~]# cat /etc/default/grub
GRUB_TIMEOUT=5
GRUB_DISTRIBUTOR="$(sed 's, release .*$,,g' /etc/system-release)"
GRUB_DEFAULT=saved
GRUB_DISABLE_SUBMENU=true
GRUB_TERMINAL_OUTPUT="console"
GRUB_CMDLINE_LINUX="crashkernel=auto rhgb quiet ipv6.disable=1"
GRUB_DISABLE_RECOVERY="true"
GRUB_ENABLE_BLSCFG=true
[root@lianglab ~]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file
done
[root@lianglab ~]# reboot
4、啟動或禁用服務
[1] 可以如下顯示服務狀態。
#現在活動的服務列表
[root@lianglab ~]# systemctl -t service
UNIT LOAD ACTIVE SUB DESCRIPTION
atd.service loaded active running Job spooling tools
auditd.service loaded active running Security Auditing Service
avahi-daemon.service loaded active running Avahi mDNS/DNS-SD Stack
crond.service loaded active running Command Scheduler
cups.service loaded active running CUPS Scheduler
dbus.service loaded active running D-Bus System Message Bus
dracut-shutdown.service loaded active exited Restore /run/initramfs on shutdown
getty@tty1.service loaded active running Getty on tty1
gssproxy.service loaded active running GSSAPI Proxy Daemon
import-state.service loaded active exited Import network configuration from initramfs
irqbalance.service loaded active running irqbalance daemon
iscsi-shutdown.service loaded active exited Logout off all iSCSI sessions on shutdown
#所有服務清單
[root@lianglab ~]# systemctl list-unit-files -t service
UNIT FILE STATE
accounts-daemon.service enabled
alsa-restore.service static
alsa-state.service static
anaconda-direct.service static
anaconda-nm-config.service static
anaconda-noshell.service static
anaconda-pre.service static
anaconda-shell@.service static
anaconda-sshd.service static
anaconda-tmux@.service static
anaconda.service static
arp-ethers.service disabled
atd.service enabled
auditd.service enabled
auth-rpcgss-module.service static
autovt@.service enabled
avahi-daemon.service enabled
blivet.service static
blk-availability.service disabled
bluetooth.service enabled
bolt.service static
brltty.service disabled
btattach-bcm@.service static
canberra-system-bootup.service disabled
canberra-system-shutdown-reboot.service disabled
canberra-system-shutdown.service disabled
chrony-dnssrv@.service static
chrony-wait.service disabled
chronyd.service disabled
clean-mount-point@.service static
cockpit-motd.service static
cockpit-wsinstance-http-redirect.service static
cockpit-wsinstance-http.service static
[2] 如果需要,請停止並關閉服務的自動啟動設置。
[root@lianglab ~]# systemctl status smartd
● smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
Loaded: loaded (/usr/lib/systemd/system/smartd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2020-11-19 14:57:30 CST; 2 weeks 1 days ago
Docs: man:smartd(8)
man:smartd.conf(5)
Main PID: 691 (smartd)
Tasks: 1 (limit: 49642)
Memory: 2.8M
CGroup: /system.slice/smartd.service
└─691 /usr/sbin/smartd -n -q never
Nov 19 14:57:30 centos8 systemd[1]: Started Self Monitoring and Reporting Technology (SMART) Daemon.
Nov 19 14:57:31 centos8 smartd[691]: smartd 6.6 2017-11-05 r4594 [x86_64-linux-4.18.0-193.el8.x86_64] (local build)
Nov 19 14:57:31 centos8 smartd[691]: Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
Nov 19 14:57:31 centos8 smartd[691]: Opened configuration file /etc/smartmontools/smartd.conf
Nov 19 14:57:31 centos8 smartd[691]: Configuration file /etc/smartmontools/smartd.conf was parsed, found DEVICESCAN, scanning devices
Nov 19 14:57:31 centos8 smartd[691]: DEVICESCAN failed: glob(3) aborted matching pattern /dev/discs/disc*
Nov 19 14:57:31 centos8 smartd[691]: In the system's table of devices NO devices found to scan
Nov 19 14:57:31 centos8 smartd[691]: Monitoring 0 ATA/SATA, 0 SCSI/SAS and 0 NVMe devices
[root@lianglab ~]# systemctl stop smartd
[root@lianglab ~]# systemctl disable smartd
Removed /etc/systemd/system/multi-user.target.wants/smartd.service.
[root@lianglab ~]# systemctl status smartd
● smartd.service - Self Monitoring and Reporting Technology (SMART) Daemon
Loaded: loaded (/usr/lib/systemd/system/smartd.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:smartd(8)
man:smartd.conf(5)
Nov 19 14:57:30 centos8 systemd[1]: Started Self Monitoring and Reporting Technology (SMART) Daemon.
Nov 19 14:57:31 centos8 smartd[691]: smartd 6.6 2017-11-05 r4594 [x86_64-linux-4.18.0-193.el8.x86_64] (local build)
Nov 19 14:57:31 centos8 smartd[691]: Copyright (C) 2002-17, Bruce Allen, Christian Franke, www.smartmontools.org
Nov 19 14:57:31 centos8 smartd[691]: Opened configuration file /etc/smartmontools/smartd.conf
Nov 19 14:57:31 centos8 smartd[691]: Configuration file /etc/smartmontools/smartd.conf was parsed, found DEVICESCAN, scanning devices
Nov 19 14:57:31 centos8 smartd[691]: DEVICESCAN failed: glob(3) aborted matching pattern /dev/discs/disc*
Nov 19 14:57:31 centos8 smartd[691]: In the system's table of devices NO devices found to scan
Nov 19 14:57:31 centos8 smartd[691]: Monitoring 0 ATA/SATA, 0 SCSI/SAS and 0 NVMe devices
Dec 04 16:37:19 lianglab systemd[1]: Stopping Self Monitoring and Reporting Technology (SMART) Daemon...
Dec 04 16:37:19 lianglab systemd[1]: Stopped Self Monitoring and Reporting Technology (SMART) Daemon.
[root@lianglab ~]#
5、更新CentOS系統
RHEL 8 / CentOS 8上的軟件包管理工具DNF(Dandified YUM)已設置為默認值。
但是,[yum]命令也作為指向[dnf]的鏈接而存在,因此可以以相同的用法使用[yum]或[dnf]。
實際上,RedHat上的官方文檔使用RHEL 8的[yum]命令給出了示例
(此站點上的文檔使用[dnf]命令提供了示例)。
[1] [yum]和[dnf]鏈接到[dnf-3]命令。
[root@lianglab ~]# which yum
/usr/bin/yum
[root@lianglab ~]# ll /usr/bin/yum
lrwxrwxrwx. 1 root root 5 Apr 25 2020 /usr/bin/yum -> dnf-3
[root@lianglab ~]# which dnf
/usr/bin/dnf
[root@lianglab ~]# ll /usr/bin/dnf
lrwxrwxrwx. 1 root root 5 Apr 25 2020 /usr/bin/dnf -> dnf-3
[root@lianglab ~]# ll /usr/bin/dnf-3
-rwxr-xr-x. 1 root root 1954 Apr 25 2020 /usr/bin/dnf-3
[root@lianglab ~]#
[root@lianglab ~]#
[root@lianglab ~]#
[root@lianglab ~]# rpm -aq | grep yum
yum-utils-4.0.12-3.el8.noarch
yum-4.2.17-6.el8.noarch
[root@lianglab ~]# rpm -q yum
yum-4.2.17-6.el8.noarch
[root@lianglab ~]# rpm -ql yum
/etc/dnf/protected.d/yum.conf
/etc/yum.conf
/etc/yum/pluginconf.d
/etc/yum/protected.d
/etc/yum/vars
/usr/bin/yum
/usr/share/man/man1/yum-aliases.1.gz
/usr/share/man/man5/yum.conf.5.gz
/usr/share/man/man8/yum-shell.8.gz
/usr/share/man/man8/yum.8.gz
[root@lianglab ~]# ll /etc/yum.conf
lrwxrwxrwx. 1 root root 12 Apr 25 2020 /etc/yum.conf -> dnf/dnf.conf
[root@lianglab ~]# ll /etc/yum/vars
lrwxrwxrwx. 1 root root 11 Apr 25 2020 /etc/yum/vars -> ../dnf/vars
[root@lianglab ~]# rpm -aq | grep dnf
python3-dnf-plugin-spacewalk-2.8.5-11.module_el8.1.0+211+ad6c0bc7.noarch
python3-dnf-plugins-core-4.0.12-3.el8.noarch
dnf-plugins-core-4.0.12-3.el8.noarch
dnf-data-4.2.17-6.el8.noarch
libdnf-0.39.1-5.el8.x86_64
python3-dnf-4.2.17-6.el8.noarch
dnf-plugin-spacewalk-2.8.5-11.module_el8.1.0+211+ad6c0bc7.noarch
dnf-4.2.17-6.el8.noarch
python3-libdnf-0.39.1-5.el8.x86_64
dnf-plugin-subscription-manager-1.26.16-1.el8.0.1.x86_64
[root@lianglab ~]# rpm -ql dnf
/usr/bin/dnf
/usr/lib/systemd/system/dnf-makecache.service
/usr/lib/systemd/system/dnf-makecache.timer
/usr/share/bash-completion
/usr/share/bash-completion/completions
/usr/share/bash-completion/completions/dnf
[2] 在CentOS服務器成為生產系統之后,可能很難更新系統,但是至少在安裝后,將CentOS服務器更新為最新版本。
anaconda-ks.cfg initial-setup-ks.cfg
[root@lianglab ~]# dnf -y upgrade
Last metadata expiration check: 0:47:05 ago on Fri 04 Dec 2020 03:57:36 PM CST.
Dependencies resolved.
==================================================================================================================================================
Package Architecture Version Repository Size
==================================================================================================================================================
Installing:
kernel x86_64 4.18.0-193.28.1.el8_2 base 2.8 M
kernel-core x86_64 4.18.0-193.28.1.el8_2 base 28 M
kernel-modules x86_64 4.18.0-193.28.1.el8_2 base 23 M
Upgrading:
Installing dependencies:
lttng-ust x86_64 2.8.1-11.el8 AppStream 259 k
--------------------------------------省略------------------------------------
Transaction Summary
==================================================================================================================================================
Install 4 Packages
Upgrade 106 Packages
Total download size: 256 M
Downloading Packages:
(1/110): kernel-4.18.0-193.28.1.el8_2.x86_64.rpm 26 MB/s | 2.8 MB 00:00
(2/110): lttng-ust-2.8.1-11.el8.x86_64.rpm 12 MB/s | 259 kB 00:00
(3/110): librados2-14.2.15-0.el8.x86_64.rpm 13 MB/s | 3.5 MB 00:
--------------------------------------省略------------------------------------
(110/110): firefox-78.4.0-1.el8_2.x86_64.rpm 49 MB/s | 105 MB 00:02
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 67 MB/s | 256 MB 00:03
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: zlib-1.2.11-16.el8_2.x86_64 1/1
Upgrading : zlib-1.2.11-16.el8_2.x86_64 1/216
Upgrading : glusterfs-libs-6.0-37.el8.x86_64 2/216
Running scriptlet: glusterfs-libs-6.0-37.el8.x86_64 2/216
--------------------------------------省略------------------------------------
teamd-1.29-1.el8_2.2.x86_64 tzdata-2020d-1.el8.noarch
unbound-libs-1.7.3-11.el8_2.x86_64 yum-4.2.17-7.el8_2.noarch
yum-utils-4.0.12-4.el8_2.noarch zlib-1.2.11-16.el8_2.x86_64
Installed:
kernel-4.18.0-193.28.1.el8_2.x86_64 kernel-core-4.18.0-193.28.1.el8_2.x86_64 kernel-modules-4.18.0-193.28.1.el8_2.x86_64 lttng-ust-2.8.1-11.el8.x86_64
Complete!
6、使用Moduler存儲庫
可以在首次集成到Fedora 28中的RHEL 8 / CentOS 8上使用Moduler信息庫。
[1] 顯示可用的模塊。
[root@lianglab ~]# dnf module list
CentOS-8 - AppStream
Name Stream Profiles Summary
389-ds 1.4 389 Directory Server (base)
ant 1.10 [d] common [d] Java build tool
container-tools rhel8 [d][e] common [d] Common tools and dependencies for container runtimes
container-tools 1.0 common [d] Common tools and dependencies for container runtimes
container-tools 2.0 common [d] Common tools and dependencies for container
rust-toolset rhel8 [d] common [d] Rust
satellite-5-client 1.0 [d][e] common [d], gui Red Hat Satellite 5 client packages
scala 2.10 [d] common [d] A hybrid functional/object-oriented language for the JVM
squid 4 [d] common [d] Squid - Optimising Web Delivery
subversion 1.10 [d] common [d], server Apache Subversion
swig 3.0 [d] common [d], complete Connects C/C++/Objective C to some high-level programming languages
varnish 6 [d] common [d] Varnish HTTP cache
virt rhel [d][e] common [d] Virtualization module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[2] 要安裝可用模塊,請按如下所示進行配置。
[root@lianglab ~]# dnf module list postgresql
CentOS-8 - AppStream
Name Stream Profiles Summary
postgresql 9.6 client, server [d] PostgreSQL server and client module
postgresql 10 [d] client, server [d] PostgreSQL server and client module
postgresql 12 client, server [d] PostgreSQL server and client module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@lianglab ~]#
#安裝 postgresql 10 這個版本
[root@lianglab ~]# dnf module install postgresql:10
Dependencies resolved.
============================================================================================================================================================
Package Architecture Version Repository Size
============================================================================================================================================================
Installing group/module packages:
postgresql-server x86_64 10.14-1.module_el8.2.0+487+53cc39ce AppStream 5.0 M
Installing dependencies:
libpq x86_64 12.4-1.el8_2 AppStream 195 k
postgresql x86_64 10.14-1.module_el8.2.0+487+53cc39ce AppStream 1.5 M
Installing module profiles:
postgresql/server
Enabling module streams:
postgresql 10
Transaction Summary
============================================================================================================================================================
Install 3 Packages
Total download size: 6.7 M
Installed size: 26 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): libpq-12.4-1.el8_2.x86_64.rpm 609 kB/s | 195 kB 00:00
(2/3): postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64.rpm 3.5 MB/s | 1.5 MB 00:00
(3/3): postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64.rpm 8.6 MB/s | 5.0 MB 00:00
------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 5.4 MB/s | 6.7 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libpq-12.4-1.el8_2.x86_64 1/3
Installing : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 2/3
Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/3
Installing : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/3
Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/3
Verifying : libpq-12.4-1.el8_2.x86_64 1/3
Verifying : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 2/3
Verifying : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/3
Installed products updated.
Installed:
libpq-12.4-1.el8_2.x86_64 postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
Complete!
[root@lianglab ~]#
[root@lianglab ~]# dnf module list postgresql
CentOS-8 - AppStream
Name Stream Profiles Summary
postgresql 9.6 client, server [d] PostgreSQL server and client module
postgresql 10 [d][e] client, server [d] [i] PostgreSQL server and client module
postgresql 12 client, server [d] PostgreSQL server and client module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@lianglab ~]# dnf module provides postgresql
postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
Module : postgresql:10:8020020200917114337:6a468ee4:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
postgresql-12.1-2.module_el8.1.0+273+979c16e6.x86_64
Module : postgresql:12:8010020200205032101:cdc1202b:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
Module : postgresql:9.6:8000020190628020724:55190bc5:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
[root@lianglab ~]# postgres -V
postgres (PostgreSQL) 10.14
[root@lianglab ~]#
#首先重設切換
[3] 如果您想更改為已安裝模塊的另一個版本,請按以下步驟進行配置。
例如,從上面[2]上安裝的PostgreSQL 10切換到PostgreSQL 9.6。
[root@lianglab ~]#
[root@lianglab ~]# dnf module list postgresql ###
Last metadata expiration check: 0:28:05 ago on Fri 04 Dec 2020 04:51:39 PM CST.
CentOS-8 - AppStream
Name Stream Profiles Summary
postgresql 9.6 client, server [d] PostgreSQL server and client module
postgresql 10 [d][e] client, server [d] [i] PostgreSQL server and client module
postgresql 12 client, server [d] PostgreSQL server and client module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@lianglab ~]# dnf module reset postgresql ####首先重設切換
Last metadata expiration check: 0:28:46 ago on Fri 04 Dec 2020 04:51:39 PM CST.
Dependencies resolved.
==========================================================================================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================================================================================
Disabling module profiles:
postgresql/server
Resetting modules:
postgresql
Transaction Summary
==========================================================================================================================================================================================================================
Is this ok [y/N]: y
Complete!
[root@lianglab ~]# postgres -V
postgres (PostgreSQL) 10.14
[root@lianglab ~]# dnf module list postgresql
Last metadata expiration check: 0:29:19 ago on Fri 04 Dec 2020 04:51:39 PM CST.
CentOS-8 - AppStream
Name Stream Profiles Summary
postgresql 9.6 client, server [d] PostgreSQL server and client module
postgresql 10 [d] client, server [d] PostgreSQL server and client module
postgresql 12 client, server [d] PostgreSQL server and client module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
[root@lianglab ~]# dnf module install postgresql:9.6 #安裝PostgreSQL 9.6
Last metadata expiration check: 0:29:38 ago on Fri 04 Dec 2020 04:51:39 PM CST.
Dependencies resolved.
==========================================================================================================================================================================================================================
Package Architecture Version Repository Size
==========================================================================================================================================================================================================================
Downgrading:
postgresql x86_64 9.6.10-1.module_el8.0.0+16+7a9f6089 AppStream 1.4 M
postgresql-server x86_64 9.6.10-1.module_el8.0.0+16+7a9f6089 AppStream 5.0 M
Installing module profiles:
postgresql/server
Enabling module streams:
postgresql 9.6
Transaction Summary
==========================================================================================================================================================================================================================
Downgrade 2 Packages
Total download size: 6.4 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64.rpm 4.0 MB/s | 1.4 MB 00:00
(2/2): postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64.rpm 9.4 MB/s | 5.0 MB 00:00
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 6.5 MB/s | 6.4 MB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 1/1
Downgrading : postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 1/4
Running scriptlet: postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 2/4
Downgrading : postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 2/4
Running scriptlet: postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 2/4
Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/4
Cleanup : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/4
Running scriptlet: postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 3/4
Cleanup : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 4/4
Running scriptlet: postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 4/4
Verifying : postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 1/4
Verifying : postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 2/4
Verifying : postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 3/4
Verifying : postgresql-server-10.14-1.module_el8.2.0+487+53cc39ce.x86_64 4/4
Installed products updated.
Downgraded:
postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64 postgresql-server-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
Complete!
[root@lianglab ~]# dnf module list postgresql #[PostgreSQL 9.6]的狀態變為[e]啟用
Last metadata expiration check: 0:29:58 ago on Fri 04 Dec 2020 04:51:39 PM CST.
CentOS-8 - AppStream
Name Stream Profiles Summary
postgresql 9.6 [e] client, server [d] [i] PostgreSQL server and client module
postgresql 10 [d] client, server [d] PostgreSQL server and client module
postgresql 12 client, server [d] PostgreSQL server and client module
Hint: [d]efault, [e]nabled, [x]disabled, [i]nstalled
###提示:[d]故障,[e]啟用,[x]禁用,[i]安裝
[root@lianglab ~]# dnf module provides postgresql
Last metadata expiration check: 0:30:12 ago on Fri 04 Dec 2020 04:51:39 PM CST.
postgresql-10.14-1.module_el8.2.0+487+53cc39ce.x86_64
Module : postgresql:10:8020020200917114337:6a468ee4:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
postgresql-12.1-2.module_el8.1.0+273+979c16e6.x86_64
Module : postgresql:12:8010020200205032101:cdc1202b:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
postgresql-9.6.10-1.module_el8.0.0+16+7a9f6089.x86_64
Module : postgresql:9.6:8000020190628020724:55190bc5:x86_64
Profiles : client
Repo : AppStream
Summary : PostgreSQL server and client module
[root@lianglab ~]# postgres -V
postgres (PostgreSQL) 9.6.10
7、使用web管理控制台
Cockpit管理控制台與CentOS 8基本環境[服務器]或其他一起安裝。可以在Web瀏覽器上管理CentOS服務器以啟用它。
[1] 在控制台登錄提示上,如[激活Web控制台***]之類的消息所示,可以使用管理控制台啟用它。
啟動cockpit 服務並配置firwalld
[root@lianglab yum.repos.d]# systemctl enable --now cockpit.socket
Created symlink /etc/systemd/system/sockets.target.wants/cockpit.socket → /usr/lib/systemd/system/cockpit.socket.
[root@lianglab yum.repos.d]#
[root@lianglab yum.repos.d]#
[root@lianglab yum.repos.d]#
[root@lianglab yum.repos.d]#
users:(("systemd",pid=1,fd=27))
[root@lianglab yum.repos.d]# ss -napt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 0.0.0.0:5355 0.0.0.0:* users:(("systemd-resolve",pid=907,fd=13))
LISTEN 0 128 0.0.0.0:111 0.0.0.0:* users:(("rpcbind",pid=653,fd=4),("systemd",pid=1,fd=100))
LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1073,fd=10),("nginx",pid=1070,fd=10),("nginx",pid=1068,fd=10),("nginx",pid=1067,fd=10),("nginx",pid=1059,fd=10))
LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=739,fd=4))
LISTEN 0 5 127.0.0.1:631 0.0.0.0:* users:(("cupsd",pid=733,fd=9))
ESTAB 0 0 192.168.6.58:22 10.57.237.13:53974 users:(("sshd",pid=196985,fd=5),("sshd",pid=196937,fd=5))
ESTAB 0 0 192.168.6.58:22 10.57.237.13:57232 users:(("sshd",pid=194458,fd=5),("sshd",pid=194373,fd=5))
ESTAB 0 48 192.168.6.58:22 10.57.237.13:53973 users:(("sshd",pid=196938,fd=5),("sshd",pid=196933,fd=5))
ESTAB 0 0 192.168.6.58:22 10.57.237.13:57231 users:(("sshd",pid=194390,fd=5),("sshd",pid=194369,fd=5))
LISTEN 0 128 [::]:5355 [::]:* users:(("systemd-resolve",pid=907,fd=15))
LISTEN 0 128 [::]:111 [::]:* users:(("rpcbind",pid=653,fd=6),("systemd",pid=1,fd=102))
LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=739,fd=6))
LISTEN 0 5 [::1]:631 [::]:* users:(("cupsd",pid=733,fd=8))
LISTEN 0 128 *:9090 *:* users:(("systemd",pid=1,fd=27))
[root@lianglab yum.repos.d]# firewall-cmd --list-service
FirewallD is not running
[root@lianglab yum.repos.d]# systemctl start firewalld
[root@lianglab yum.repos.d]# firewall-cmd --list-service
cockpit dhcpv6-client ssh
[root@lianglab yum.repos.d]# systemctl stop firewalld
[root@lianglab yum.repos.d]# systemctl start firewalld
[root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
Warning: ALREADY_ENABLED: cockpit
success
[root@lianglab yum.repos.d]# firewall-cmd --reload
success
[root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
Warning: ALREADY_ENABLED: cockpit
success
[root@lianglab yum.repos.d]# systemctl enable --now cockpit.socket
[root@lianglab yum.repos.d]# firewall-cmd --add-service=cockpit --permanent
Warning: ALREADY_ENABLED: cockpit
success
[root@lianglab yum.repos.d]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since Fri 2020-12-04 17:37:44 CST; 1min 1s ago
Docs: man:firewalld(1)
Main PID: 249340 (firewalld)
Tasks: 3 (limit: 49642)
Memory: 26.3M
CGroup: /system.slice/firewalld.service
└─249340 /usr/libexec/platform-python -s /usr/sbin/firewalld --nofork --nopid
Dec 04 17:37:43 lianglab systemd[1]: Starting firewalld - dynamic firewall daemon...
Dec 04 17:37:44 lianglab systemd[1]: Started firewalld - dynamic firewall daemon.
Dec 04 17:37:44 lianglab firewalld[249340]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.
Dec 04 17:37:50 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
Dec 04 17:37:59 lianglab firewalld[249340]: WARNING: AllowZoneDrifting is enabled. This is considered an insecure configuration option. It will be removed in a future release. Please consider disabling it now.
Dec 04 17:38:02 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
Dec 04 17:38:26 lianglab firewalld[249340]: WARNING: ALREADY_ENABLED: cockpit
[root@lianglab yum.repos.d]# systemctl status cockpit.socket
● cockpit.socket - Cockpit Web Service Socket
Loaded: loaded (/usr/lib/systemd/system/cockpit.socket; enabled; vendor preset: disabled)
Active: active (listening) since Fri 2020-12-04 17:36:29 CST; 2min 26s ago
Docs: man:cockpit-ws(8)
Listen: [::]:9090 (Stream)
Tasks: 0 (limit: 49642)
Memory: 992.0K
CGroup: /system.slice/cockpit.socket
Dec 04 17:36:29 lianglab systemd[1]: Starting Cockpit Web Service Socket.
Dec 04 17:36:29 lianglab systemd[1]: Listening on Cockpit Web Service Socket.
[root@lianglab yum.repos.d]#
[2] 使用Web瀏覽器從本地主機或客戶端計算機訪問[https://(服務器的主機名或IP地址):9090 /],然后顯示Cockpit登錄表單,如下所示。使用服務器上的本地用戶登錄。在此示例中,顯示了使用root用戶登錄。
[3] 這是座艙索引頁面。可以在此處管理各種系統設置。
[4] 對於左窗格中的[日志],可以管理或操作作為日志管理工具的[日志]服務。
[5] 對於左窗格中的[存儲],可以管理或操作存儲。
[6] 對於左窗格中的[網絡],可以管理或操作網絡設置。
[7] 對於左窗格中的[帳戶],可以管理或操作系統帳戶。
[8] 對於左窗格中的[服務],可以管理或操作系統服務。
[9] 對於左窗格中的[Applications],可以安裝或刪除應用程序。
[10] 對於左窗格上的[診斷報告],可以創建或查看系統診斷報告。
[11] 對於左窗格中的[SELinux],可能會看到SELinux警報日志。(基於SELinux啟用狀態)
[12] 對於左窗格上的[軟件更新],可以確認更新或運行更新程序包。
[13] 對於左窗格中的[Terminal],可以直接使用命令來操作系統。
8、vim設置
9、其他個性化設置
廣告時間:
- 關於我 :全國7*24高效代維服務
- 微信:lianglab
- QQ:867266199
- 淘寶店:全國7*24高效代維服務
- 全國高效代維:為中小型企業,提供雲計算咨詢代維、架構設計、降低成本。