SELinux概述
•Security-Enhanced Linux
–美国NSA国家安全局主导开发,一套增强Linux系统安全的强制访问控制体系
–集成到Linux内核(2.6及以上)中运行
–RHEL7基于SELinux体系针对用户、进程、目录和文件提供了预设的保护策略,以及管理工具SELinux的运行模式
–enforcing(强制)、permissive(宽松)
–disabled(彻底禁用)
任何模式编程disabled(彻底禁用)都要经历重启系统
[root@localhost~]#getenforce #查看当前系统SELinux模式
[root@localhost~]#setenforce 0 #临时设置
[root@localhost~]#getenforce #查看当前系统SELinux模式
[root@localhost~]#vim /etc/selinux/config #每次开机默认模式
SELINUX=permissive
[root@localhost~]#cd /etc/yum.repos.d
[root@localhost yum.repos.d]#mkdir abc
[root@localhost yum.repos.d]#mv *.repo abc
[root@localhost yum.repos.d]#vi abc.repo
[abc]
name=abc
baseurl=file:///mnt
enabled=1
gpgcheck=0[root@localhost yum.repos.d]#yum clean all
[root@localhost yum.repos.d]#mount /dev/cdrom /mntlsblk mount /dev/sr0 /mnt
[root@localhost ~]# yum repolist
已加载插件:fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
Determining fastest mirrors
源标识 源名称 状态
!abc abc 9,911
repolist: 9,911开机自动挂载
[root@localhost yum.repos.d]#vim /etc/fstab
/dev/cdrom /mnt iso9660 defaults 0 0
linux设置静态ip
vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
ONBOOT="yes"
NM_CONTROLLED="no"
TYPE="Ethernet"
BOOTPROTO="static"
IPADDR="192.168.2.100"
NETMASK="255.255.255.0"
GATEWAY="192.168.2.254"
设置dns
vim /etc/resolv.conf
nameserver 114.114.114.114
nameserver 8.8.8.8
禁用 swap 分区
如果你想禁用这个 swap 分区,可以按照以下步骤操作:
备份 /etc/fstab 文件:在进行任何更改之前,建议创建文件的备份,以便在出现问题时进行恢复。你可以通过以下命令创建备份:
bash
Copy code
sudo cp /etc/fstab /etc/fstab.bak
编辑 /etc/fstab 文件:使用文本编辑器(比如 nano 或 vim)打开 /etc/fstab 文件:
bash
Copy code
sudo nano /etc/fstab
禁用 swap 分区:在打开的文件中找到包含 swap 分区的行(类似于下面这行):
bash
Copy code
/dev/mapper/centos-swap swap swap defaults 0 0
将这行的内容进行注释或者直接删除。在行首添加 # 符号注释掉这行,或者删除这行。
保存并退出:在 nano 编辑器中按下 Ctrl + X,然后输入 Y 以确认保存,最后按下 Enter。
应用更改:运行以下命令重新加载 /etc/fstab 文件以应用更改:
sudo mount -a
验证:最后,再次使用 free -h 命令验证 swap 是否已被禁用。应该不再显示任何 swap 分区的信息。
如果你已经在 /etc/fstab 中注释或删除了 swap 分区的条目,但是系统仍然显示有 swap 分区,可能需要手动执行 swapoff 命令来禁用 swap 分区:
sudo swapoff -a
[root@localhost ~]# free -h
total used free shared buff/cache available
Mem: 974M 115M 676M 7.6M 183M 681M
Swap: 0B 0B 0B
根据你的输出结果,已经成功禁用了 swap 分区。free -h 命令显示 Swap 已经为 0B,表示 swap 分区已被彻底禁用,系统不再使用 swap 空间。
设置yum源
[root@localhost ~]# cat /etc/yum.repos.d/CentOS-Base.repo
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
不用管
# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus&infra=$infra
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
方法2
镜像放在/mnt下
sudo mkdir /mnt/iso
sudo mount -o loop CentOS-7.5-1804.iso /mnt/iso
/etc/yum.repos.d 下只留一个.repo
[root@localhost yum.repos.d]# cat abc.repo
[abc]
name=abc
baseurl=file:///mnt/iso
enabled=1
gpgcheck=0
yum clean all && yum makecache
yum repolist