“This is the 17th day of my participation in the Gwen Challenge in November. Check out the details: The Last Gwen Challenge in 2021.”
Basic optimization of the system
[root@fu ~]# #01. Check the system version
[root@fu ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[root@fu ~]# #02. View system architecture information (64-bit, 32-bit)
[root@fu ~]# uname
Linux
[root@fu ~]# uname -m
x86_64
[root@fu ~]# #03. View kernel information
[root@fu ~]# uname -r
2.632.- 696.el6.x86_64
Copy the code1. System optimization – Create a system management user
User classification: A root user, super administrator, emperor B Oldboy user, common user, common user, useradd Oldboy User, password information: Interactive password creation passwd oldboy -- Set password for oldboy user passwd -- Change password for current user. Note: If the user needs to reset password. You need to run the passwd command as root to avoid interactive password creation.root@fu ~]# useradd oldgirl
[root@fu ~]# # echo "password information" | passwd -- stdin oldgirl
Changing password for user oldgirl.
passwd: all authentication tokens updated successfully.
Copy the codeHow to use oldboy:
1) Switch from root to oldboy
su - oldboy
[root@fu ~]# useradd oldboy
[root@fu ~]# su - oldboy
[oldboy@fu ~]$ whoami
oldboy
[oldboy@fu ~]$ logout
[root@fu ~]#
Copy the code2) Directly use the user name and password to log in to the system
Summary: su - Switch user command description01.The root user does not need a password to switch to a common user02.A common user needs a password to switch to the root user03.Switching between common users Common users require password informationCopy the code3) System basic optimization — command prompt information
Variable information Environment variable Information variable Practice description X =4X given number ==> Variable = (assignment) Variable value == = x+y=10 y=6Variables can be named arbitrarily, but should not conflict with existing variables in the system.root@fu ~]# oldboy=123456
[root@fu ~]# echo $oldboy
123456
[root@fu ~]# oldboy=adcd
[root@fu ~]# echo $oldboy
adcd
Copy the codeEnvironment variable Information that has been defined in the system, and the variable information that has been defined in the system, usually in upper case letters to represent the PS1 environment variable setting command prompt information
3. Modify environment variables
1) temporary changes/root @ fu ~ 02:04:24 $echo $PS1 [\ u @ \ \ W h \ T] $/ root @ fu ~ $export PS1 = "[\ u @ \ \ W h \] A \ $" [root @ fu ~ 11:49] $date Sun Jun 21 11:49:48 CST 2020 [root@fu ~11:49]$export PS1="[\u@\h \W \T]\$" [root@fu ~ 11:50:12]$2) permanently modified [root@fu ~ 11:59:35] $tail - 1 / etc/profile export PS1 = "[\ u @ \ \ W h \ T] \ $" [root @ fu ~ 12:02:20] $set | grep PS1 - all environment variables set command to check the system information PS1='[\u@\h \W \T]$' 3) System basic optimization -- security optimization 1. Security services software -- Selinux (limited root permissions to some extent) 2. Security service software --iptables (Firewalls are network security isolated services) PS: Disable the security services as early as possible during system initializationCopy the code4. How do I close selinux software first
01.Temporarily shut down the system selinux service status [root@fu ~ 12:03:38]$getenforce -- Check whether selinux is enabled or disabled Enforcing head /etc/selinux-config# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.The Selinux service is enabled# permissive - SELinux prints warnings instead of enforcing.Selinux is temporarily disabled and a security alarm is displayed# disabled - No SELinux policy is loaded.Selinux completely closed [root@fu ~ 01:32:41]$setenforce
usage: setenforce [ Enforcing | Permissive | 1 | 0 ]
[root@fu ~ 01:37:01]$setenforce 0
[root@fu ~ 01:37:51]$getenforce
Permissive
Copy the codeThe Selinux service has its own configuration file, which can be modified to make the configuration changes permanent
1Vim /etc/selinux/config -- selinux software configuration file selinux =enforcing change to selinux =disabled???? sed's#enforcing#disabled#g' /etc/selinux/config
sed -n '7p' /etc/selinux/config
????
sed '7s#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
sed 's#SELINUX=enforcing#SELINUX=disabled#g' /etc/selinux/config
sed -i.bak 's#SELINUX=enforcing#SELINUX=disabled#g'How do I disable ll /etc/selinux/config iptablesinit.d/
drwxr-xr-x. 2 root root 4096 Jun 19 12:25 /etc/init.d/
This directory usually stores service program script files
01.Temporary closure [root@fu ~]# /etc/init.d/iptables
Usage: iptables {start|stop|reload|restart|condrestart|status|panic|save}
[root@fu ~]# /etc/init.d/iptables status -- (status indicates whether the current firewall status is enabled.)
iptables: Firewall is not running.
[root@fu ~]# /etc/init.d/iptables stop --
[root@fu ~]# /etc/init.d/iptables start --
iptables: Applying firewall rules: [ OK ]
[root@fu ~]# /etc/init.d/iptables stop
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
02.Permanent closure [root@fu ~]# chkconfig|grep "ipt"
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off Description: Run the chkconfig command to check the startup status of the startup service [root@fu ~]# chkconfig|grep "ipt"
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@fu ~]# chkconfig iptables off
[root@fu ~]# chkconfig|grep "ipt"
iptables 0:off 1:off 2:off 3:off 4:off 5:off 6:off Description: Run the chkconfig command to disable the iptables service permanentlyCopy the code5. System basic optimization — prevent system garble
Modify a character set environment variable LANG=ADJAFAJFAJ echo $LANG setup Inconsistent character set Settings - Modify the character set correctlyCopy the code1) temporarily modify LANG= en_us.utf- 8 -
2Permanently modify export LANG= en_us.utf- 8 ->>/etc/profile Default character set configuration file vim /etc/syscomfig/i18n LANG="en_US.UTF-8"After the character set configuration file is modified, Source /etc/syscomfig/i18n (source means to reload the file) source configuration that can be loaded frequently /etc/peofile /etc/bashrc ~/.bash_profile ~/.bashrc /etc/syscomfig/i18n3) modified into Chinese Character set [root@fu ~]# vim /etc/sysconfig/i18n
#LANG="en_US.UTF-8"
LANG="zh_CN.UTF-8"
SYSFONT="latarcyrheb-sun16"
[root@fu ~]# source /etc/sysconfig/i18n
[root@fu ~]# echo $LANG
zh_CN.UTF- 8 -
[root@fu ~]# chkconfig|grep ipt
iptables 0Closed:1Closed:2Closed:3Closed:4Closed:5Closed:6: shut down [root@fu ~]# /etc/init.d/iptables statusIptables: No firewall is running.Copy the code