Shulou(Shulou.com)06/02 Report--

Check to see if the Yum source is available first.

1 two hosts are configured with selinux

Vim / etc/sysconfig/selinux

Setenforce 1

Getenforce

2 restrictions on ssh by firewalls configured by two hosts

Firewall-config

Permanent

Rich rule

Family=ipv4

Element=service ssh

Action=accept

Source:172.25.0.0/24

Rich rule

Family=ipv4

Element=service ssh

Action=reject

With type=icmp-host-prohibited

Source:172.17.10.0/24

Options=reload firewall

3 configure IPv6 address

Nmcli connection modify eth0 ipv6.addresses fddb:fe2a:ab1e::c0a8:2/64 ipv6.method manual

Nmcli connection up eth0

Ip addr

Ping6 fddb:fe2a:ab1e::c0a8:1

Ping 172.25.0.11

4 configure link aggregation = it is normal for ping to fail.

Nmcli connection add con-name team0 ifname team0 autoconnect yes type team config'{"runner": {"name": "activebackup"}'

Nmcli connection add con-name team0-1 ifname eth2 type team-slave master team0

Nmcli connection add con-name team0-2 ifname eth3 type team-slave master team0

Nmcli connection show

Nmcli connection modify team0 ipv4.addresses 192.168.0.101/24 ipv4.method manual

Nmcli connection up team0

Ip addr

Ping 192.168.0.102

5 Custom user environment

Alias qstat='/bin/ps-Ao pid,tt,user,fname,rsz'

Qstat

Vi / etc/profile

Vi / etc/bashrc

Unalias qstat

Source / etc/profile

Qstat

Unalias qstat

Source / etc/bashrc

Qstat

6 configure local mail service

Yum-y install postfix

Systemctl enable postfix

Vi / etc/postfix/main.cf

165 mydestination =

116 inet_interfaces = loopback-only

316 relayhost = [classroom.example.com]

99 myorigin = $mydomain

83 mydomain = example.com

194 local_transport=error:only local transport

Systemctl start postfix

Systemctl status postfix

Mail-s lihb student@classroom.example.com

Tail / var/log/maillog

Firefox

7 configure port forwarding

Firewall-config

Permanent

Rich rule

Family=ipv4

Element=forward-port 5423/tcp > 80

Source=172.25.0.0/24

Rich rule

Family=ipv4

Element=forward-port 5423/udp > 80

Source=172.25.0.0/24

Options=reload firewall

8 share directories through SMB

Yum-y install samba samba-client cifs-utils

Systemctl enable nmb

Systemctl enable smb

Firewall-cmd-add-service=samba-permanent

Firewall-cmd-reload

Ll-d / common

Mkdir / common

Id rob

Id brian

Useradd rob

Useradd brian

Setfacl-m u:rob:r-x / common/

Setfacl-m u:brian:rwx / common/

Ll-Zd / common/

Semanage fcontext-a-t samba_share_t'/ common (/. *)?'

Restorecon-Rvv / common/

Ll-Zd / common/

Smbpasswd-a rob

Smbpasswd-a brian

Vim / etc/samba/smb.conf

89 workgroup = STAFF

94 interfaces = lo eth0 172.25.0.11 + 24

321 [common]

322 path = / common

323 writable = yes

324 browseable = yes

325 hosts allow = 172.25.0.

Systemctl start smb

Systemctl start nmb

Systemctl status smb

Systemctl status nmb

9 configure multi-user SMB mount

Yum-y install samba-client cifs-utils

Ll-d / mnt/multiuser

Mkdir / mnt/multiuser

Vi / etc/fstab

/ / 172.25.0.11/common / mnt/multiuser cifs defaults,username=brian,password=redhat,sec=ntlmssp,multiuser 0 0

Mount-a

Df-hT

10 configure NFS service

Yum-y install nfs-utils

Systemctl enable nfs-server

Systemctl enable nfs-secure-server

Firewall-cmd-add-service=nfs-permanent

Firewall-cmd-add-service=mountd-permanent

Firewall-cmd-add-service=rpc-bind-permanent

Firewall-cmd-reload

Ll-Zd / public

Ll-Zd / protected

Mkdir / public

Mkdir / protected

Semanage fcontext-a-t public_content_t'/ public (/. *)?'

Semanage fcontext-a-t public_content_rw_t'/ protected (/. *)?'

Restorecon-Rvv / public

Restorecon-Rvv / protected/

Ll-Zd / public

Ll-Zd / protected/

Vi / etc/exports

/ public 172.25.0.0 Compact 24 (ro,sync)

/ protected 172.25.0.0 Compact 24 (rw,sync,sec=krb5p)

Cd / protected/

Ls

Mkdir project

Id ldapuser0

Chown ldapuser0 project/

Ll

Vim / etc/sysconfig/nfs

13 RPCNFSDARGS= "- V4.2"

Wget-O / etc/krb5.keytab http://classroom.example.com/pub/keytabs/server0.keytab

Systemctl start nfs-server.service

Systemctl start nfs-secure-server.service

Systemctl status nfs-server.service

Systemctl status nfs-secure-server.service

Exportfs

11 Mount a NFS share

Yum-y install nfs-utils

Systemctl enable nfs-secure

Mkdir / mnt/nfsmount

Mkdir / mnt/nfssecure

Wget-O / etc/krb5.keytab http://classroom.example.com/pub/keytabs/desktop0.keytab

Vi / etc/sysconfig/nfs

13 RPCNFSDARGS= "- V4.2"

Vim / etc/fstab

172.25.0.11:/public / mnt/nfsmount nfs defaults 0 0

172.25.0.11:/protected / mnt/nfssecure nfs defaults,sec=krb5p 0 0

Systemctl start nfs-secure.service

Systemctl status nfs-secure.service

Showmount-e 172.25.0.11

Mount-a

Df-hT

12 implement a web server

Yum-y install httpd

Systemctl enable httpd

Firewall-cmd-add-service=http-permanent

Firewall-cmd-reload

Ll-Zd / var/www/

Cd / var/www/

Ls

Mkdir server0

Ll-Zd *

Wget-O / var/www/server0/index.html http://classroom.example.com/materials/station.html

Cd server0

Ll-Z

Vi / etc/httpd/conf.d/server0.conf

ServerName server0.example.com

DocumentRoot / var/www/server0

Require all granted

Require not host .my133t.org

Systemctl start httpd

Systemctl status httpd

Hostname

13 configure secure web service

Yum-y install mod_ssl

Firewall-cmd-add-service=https-permanent

Firewall-cmd-reload

Cd / etc/pki/tls/

Wget http://classroom.example.com/pub/tls/certs/server0.crt

Wget http://classroom.example.com/pub/tls/private/server0.key

Ls

Cd / etc/httpd/conf.d/

Vi ssl.conf

SSLCertificateFile / etc/pki/tls/server0.crt

SSLCertificateKeyFile / etc/pki/tls/server0.key

ServerName server0.example.com

DocumentRoot / var/www/server0

Require all granted

Require not host .my133t.org

Systemctl restart httpd

Systemctl status httpd

14 configure virtual host

Cd / var/www

Ls

Mkdir virtual

Wget-O / var/www/virtual/index.html http://classroom.example.com/materials/www.html

Cd / etc/httpd/conf.d/

Cp server0.conf www0.conf

Vi www0.conf

ServerName www0.example.com

DocumentRoot / var/www/virtual

Require all granted

Id floyd

Useradd floyd

Chown floyd / var/www/virtual/

Ll-Zd / var/www/virtual/

Semanage fcontext-a-t httpd_sys_rw_content_t'/ var/www/virtual (/. *)?'

Restorecon-Rvv / var/www/virtual

Ll-Zd / var/www/virtual/

15 configure access to web content = = how to verify?

Cd / var/www/virtual/

Mkdir private

Wget-O / var/www/virtual/index.html http://classroom.example.com/materials/private.html

Vi / etc/httpd/conf.d/www0.conf

Require local

Vi www0.conf

Systemctl restart httpd

Vi www0.conf

16 implement dynamic Web content

Yum-y install mod_wsgi

Cd / var/www/server0/

Wget http://classroom.example.com/materials/webinfo.wsgi

Ls

Cd / etc/httpd/conf.d/

Cp server0.conf app.conf

Vi app.conf

Listen 8908

ServerName webapp0.example.com

DocumentRoot / var/www/server0

Require all granted

WSGIScriptAlias / / var/www/server0/webinfo.wsgi

Semanage port-l | grep http

Semanage port-a-t http_port_t-p tcp 8908

Semanage port-l | grep http

Firewall-cmd-add-port=8908/tcp-permanent

Firewall-cmd-reload

Systemctl restart httpd.service

Systemctl status httpd.service

17 create a script

Vim / root/foo.sh

#! / bin/bash

Case $1 in

Redhat)

Echo "fedora"

Fedora)

Echo "redhat"

*)

Echo "$0 redhat | fedora"

Esac

Chmod axix / root/foo.sh

/ root/foo.sh redhat

/ root/foo.sh fedora

/ root/foo.sh

/ root/foo.sh sdfas

18 create a script to add users

Wget http://classroom.example.com/materials/userlist

Ls

Vi / root/batchusers

#! / bin/bash

If [$#-eq 1]

Then

If [- f $1]

Then

While read user

Do

/ usr/sbin/useradd-s / bin/false $user & > / dev/null

Echo "redhat" | passwd-- stdin $user & > / dev/null

Done

< $1 exit 0 else echo "Input file not found" exit 3 fi else echo "Usage: /root/batchusers userfile" exit 2 fi chmod a+x /root/batchusers cat userlist id roy /root/batchusers /root/userlist id roy 19 配置iSCSI服务端 服务器端 yum -y install targetd targetcli systemctl enable targetd fdisk -l pvcreate /dev/sdb vgcreate vgvg /dev/sdb lvcreate -L 3G -n lvlv vgvg firewall-cmd --add-port=3260/tcp --permanent firewall-cmd --reload 客户端： yum -y install iscsi-initiator-utils cd /etc/iscsi/ ls cat initiatorname.iscsi iqn.1994-05.com.redhat:9e96ff23da37 服务器端 targetcli />

Cd backstores/

/ backstores > cd block

/ backstores/block > create dev=/dev/vgvg/lvlv iscsi_store

/ > cd iscsi

/ iscsi > create iqn.2014-11.com.example:server0

/ iscsi > cd iqn.2014-11.com.example:server0/

/ iscsi/iqn.20...ample:server0 > cd tpg1/luns

/ iscsi/iqn.20...er0/tpg1/luns > create / backstores/block/iscsi_store

/ iscsi/iqn.20.../tpg1/portals > create 172.25.0.11

/ iscsi/iqn.20...er0/tpg1/acls > create iqn.1994-05.com.redhat:9e96ff23da37

/ > saveconfig

/ > exit

Systemctl start targetd.service

Systemctl status targetd.service = faid???

Netstat-antp | grep 3260

Client

Man iscsiadm

Iscsiadm-mode discoverydb-type sendtargets-portal 172.25.0.11-discover

Iscsiadm-- mode node-- targetname iqn.2014-11.com.example:server0-- portal 172.25.0.11 targetname iqn.2014 3260-- login

Fdisk-l

20 configure the client of iSCSI

Systemctl enable iscsi

Systemctl enable iscsid

Mkdir / mnt/data

Fdisk / dev/sdc

Create a 2100m partition / dev/sdc1

Mkfs.ext4 / dev/sdc1

Blkid

Vi / etc/fstab

172.25.0.11:/public / mnt/nfsmount nfs defaults,_netdev 0 0

172.25.0.11:/protected / mnt/nfssecure nfs defaults,sec=krb5p,_netdev 0 0

UUID=8d910022-c525-4c86-8b46-c658a1c25b6d / mnt/data ext4 defaults,_netdev 00

Mount-a

Df-hT

21 deploy MariaDB database

Yum-y install mariadb mariadb-server

Systemctl enable mariadb.service

Systemctl start mariadb.service

Mysql_secure_installation

Wget http://content.example.com/courses/rhce/rhel7.0/materials/mariadb/mariadb.dump

Mysql-u root-p

MariaDB [(none)] > create database legacy

MariaDB [(none)] > use legacy

MariaDB [legacy] > source / root/mariadb.dump

MariaDB [legacy] > show tables

MariaDB [legacy] > grant select on legacy.* to 'Mary'@'localhost' identified by' redhat'

MariaDB [legacy] > grant all on legacy.* to 'Legacy'@'localhost' identified by' redhat'

MariaDB [legacy] > grant select on legacy.* to 'Report'@'localhost' identified by' redhat'

MariaDB [legacy] > flush privileges

MariaDB [legacy] > exit

22 fill in the blanks by data query

Mysql-u root-p

MariaDB [(none)] > use legacy

MariaDB [legacy] > show tables

MariaDB [legacy] > desc product

MariaDB [legacy] > select id from product where name='RT-AC68U'

MariaDB [legacy] > desc category

MariaDB [legacy] > select count (*) from category,product where category.id=product.id_category and category.name='Servers'

MariaDB [legacy] > exit

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.