Ubuntu使用备忘

新机配置

1. 使能root用户会话登录

• 设置root账户密码sudo passwd root
• 允许会话登录时手动输入账户密码

root@hy:/home/work/xml# cat /usr/share/lightdm/lightdm.conf.d/50-ubuntu.conf
[Seat:*]
greeter-show-manual-login=true
user-session=ubuntu
all-guest=false

• 放开登录权限

root@hy:/home/work/xml# cat /etc/pam.d/gdm-autologin 
#%PAM-1.0
auth    requisite       pam_nologin.so
#auth   required        pam_succeed_if.so user != root quiet_success
root@hy:/home/work/xml# cat /etc/pam.d/gdm-password 
#%PAM-1.0
auth    requisite       pam_nologin.so
#auth   required        pam_succeed_if.so user != root quiet_success

• 禁掉shell报错

root@hy:/home/work/xml# cat /root/.profile 
# ~/.profile: executed by Bourne-compatible login shells.

if [ "$BASH" ]; then
  if [ -f ~/.bashrc ]; then
    . ~/.bashrc
  fi
fi

tty -s && mesg n || true

• 重启 reboot

2. 主机利用iptables NAT功能供虚机上网

• 网络拓扑

主机物理网卡：enp2s0，配置网络代理上分配的ip，作为nat对外出口。IP:192.168.31.214
主机ovs桥：vswitch0，桥接所有虚机网卡关联到主机的tap设备vnet0 vnet1。IP:192.168.0.1
root@hy:/home/work/xml# ovs-vsctl show
8ba97384-2c99-4ae7-95e6-f6991d85565e
    Bridge "vswitch0"
        Port "vnet1"
            Interface "vnet1"
        Port "vnet0"
            Interface "vnet0"
        Port "vswitch0"
            Interface "vswitch0"
                type: internal
    ovs_version: "2.10.0"
虚机网卡：客户端。IP:192.168.0.2/3

• 主机iptables配置

1）生成iptables 规则，保存到特定目录，本人保存到/etc/iptables.roles
root@hy:/home/work/xml# cat /etc/iptables.roles 
# Generated by iptables-save v1.6.1 on Sat Nov 10 19:30:57 2018
*mangle
:PREROUTING ACCEPT [5925:2996030]
:INPUT ACCEPT [5925:2996030]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [5979:842671]
:POSTROUTING ACCEPT [6088:850803]
-A POSTROUTING -o virbr0 -p udp -m udp --dport 68 -j CHECKSUM --checksum-fill
COMMIT
# Completed on Sat Nov 10 19:30:57 2018
# Generated by iptables-save v1.6.1 on Sat Nov 10 19:30:57 2018
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [4:279]
:POSTROUTING ACCEPT [3:206]
-A POSTROUTING -o enp2s0 -j MASQUERADE
COMMIT
# Completed on Sat Nov 10 19:30:57 2018
# Generated by iptables-save v1.6.1 on Sat Nov 10 19:30:57 2018
*filter
:INPUT ACCEPT [15:1143]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [20:1471]
-A INPUT -i virbr0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i virbr0 -p udp -m udp --dport 67 -j ACCEPT
-A INPUT -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT
-A FORWARD -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 192.168.122.0/24 -i virbr0 -j ACCEPT
-A FORWARD -i virbr0 -o virbr0 -j ACCEPT
-A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -s 192.168.0.0/24 -i vswitch0 -o enp2s0 -m conntrack --ctstate NEW -j ACCEPT	
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT
COMMIT
# Completed on Sat Nov 10 19:30:57 2018
2）将iptable配置文件持久化，下次开机自启动，自动应用iptables规则进行NAT转发
root@hy:/home/work/xml# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

auto vswitch0
iface vswitch0 inet static
address 192.168.0.1
netmask 255.255.255.0

pre-up iptables-restore < /etc/iptables.roles	// 开机时自动应用iptable规则

• 客户机配置

1）centos
a 添加路由默认指向主机vswitch0的ip 192.168.0.1
b 指定dns服务器ip地址
c service network restart

CentOS虚机网络配置截图

2）ubuntu
a 添加路由默认指向主机vswitch0的ip 192.168.0.1
b /etc/systemd/resolved.conf指定dns服务器ip地址
c systemctl restart systemd-resolved

ubunut虚机网络配置

# cat /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback

auto ens5 
iface ens5 inet static 

dns-nameservers 172.16.40.114 
address 192.168.0.3
netmask 255.255.255.0
gateway 192.168.0.1

3. 允许ssh root用户登录

apt-get install openssh-client
apt-get install openssh-server
root@hy:/home/work/xml# cat  /etc/ssh/sshd_config  |grep Root
PermitRootLogin yes
PasswordAuthentication yes
重启使生效
service ssh restart
测试
ssh 127.0.0.1

4. 配置搜狗输入法

• 安装fcitx输入法框架，搜狗输入法需要此框架
  
• 设置fcitx框架
  
• 重启
• 安装sougou包

dpkg -i sogoupinyin_2.2.0.0108_amd64.deb

• 添加input method
  
• 重启

5. ubuntu开启自动补全

cat /etc/bash.bashrc 
# enable bash completion in interactive shells
if ! shopt -oq posix; then
  if [ -f /usr/share/bash-completion/bash_completion ]; then
    . /usr/share/bash-completion/bash_completion
  elif [ -f /etc/bash_completion ]; then
    . /etc/bash_completion
  fi
fi

6. 升级当前系统到最新版本

do-release-upgrade

7. 安装代码索引工具

apt-get install -y ctags
apt-get install -y cscope

组件编译

16.04源升级

• 设置源为18.04源并打开配置source源 /etc/apt/sources.list

# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://us.archive.ubuntu.com/ubuntu/ bionic universe
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic universe
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates universe
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu 
## team, and may not be under a free licence. Please satisfy yourself as to 
## your rights to use the software. Also, please note that software in 
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://us.archive.ubuntu.com/ubuntu/ bionic multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic multiverse
deb http://us.archive.ubuntu.com/ubuntu/ bionic-updates multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-updates multiverse

## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb http://us.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse
# deb-src http://us.archive.ubuntu.com/ubuntu/ bionic-backports main restricted universe multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu bionic partner
# deb-src http://archive.canonical.com/ubuntu bionic partner

deb http://security.ubuntu.com/ubuntu bionic-security main restricted
deb-src http://security.ubuntu.com/ubuntu bionic-security main restricted
deb http://security.ubuntu.com/ubuntu bionic-security universe
deb-src http://security.ubuntu.com/ubuntu bionic-security universe
deb http://security.ubuntu.com/ubuntu bionic-security multiverse
deb-src http://security.ubuntu.com/ubuntu bionic-security multiverse

• 升级16.04到18.04

apt-get update

qemu

• 源码编译

apt-get install build-essential
apt-get build-dep qemu
git clone git://git.qemu.org/qemu.git 
git submodule update --init

日常命令

1. 弹出光驱eject r
2. 光驱制作mkisofs -o $iso $path
3. 免密

a ssh-keygen	
b ssh-copy-id ip

4. 代码编译

a apt-get source 
b apt-get build-dep linux	// 安装编译内核需要的包
c dpkg-buildpackage 		// 源码目录运行