第三次笔记

###自动安装RED HAT ENTERPRISE LINUX#######

 

1.Kickstart

v1:使用kickstart,系统管理员可以创建一个包含安装期间所有常见问题的答案的文件，以自动安装Red Hat Enterprise Linux

v2:Kickstart 类似与 Oracle solaris 中的Jumpstart 或 Microsoft Windows的无人值守安装

 

2.Kickstart制作工具安装

v1:软件包

-system-config-kickstart                     ##自动应答脚本制作工具

v2:安装

-yum install system-config-kickstart

vim /etc/www/html/ks.cfg                             ##编辑ks.cfg文件

%packages      ##安装包

@base      

lftp

%end      ##目的结束

ksvalidator /var/www/html/ks.cfg                     ##检查语法是否错误

安装源进行配置

#!/bin/bash

virt-install \

--name $1 \

--ram 1024 \

--file /var/lib/libvirt/images/$1.qcow2 \

--file-size 8 \

--location  http://172.25.254.47/rhel7.2 \

--extra-args "ks=http://172.25.254.147/ks.cfg"  &

 

网络服务器：ftp、http、nfs

dhcp/tftp服务器

usb磁盘或CD-ROM

本地磁盘

 

 

3. FIST CONFIG DHCP ##配置dhcp配置文件

config /etc/dhcpd/dhcpd.conf

===============================================================

option domain-name "example.com"; ##域名

option domain-name-servers 172.25.254.250; ##dns

default-lease-time 600; ##默认租约期

max-lease-time 7200; ##最长租约期

log-facility local7; ##日志级别

subnet 172.25.254.0 netmask 255.255.255.0 { ##网段，子网掩码

  range 172.25.254.200 172.25.254.220; ##地址范围

  option routers 172.25.254.254; ##网关

  filename "pxelinux.0"; ##pxe启动程序

  next-server 172.25.254.147; ##tftp主机地址

}

systemctl restart dhcpd

systemctl stop firewalld

 

4.SED CONFIG TFTP

yum install tftp-server -y                              ##安装tftp服务

vim /etc/xinetd.d/tftp :

service tftp

{

        socket_type        = dgram

        protocol           = udp

        wait               = yes

        user               = root

        server             = /usr/sbin/in.tftpd

        server_args        = -s /var/lib/tftpboot

        disable            = <<<<<<<<<yes--->no>>>>>>

        per_source         = 11

        cps                     = 100 2

        flags                   = IPv4

}

systemctl restart xinetd

 

5. TRD MAKE SOME FILES AND PXEWORKDIRECTORY

1)

cd /var/lib/tftpboot/

mkdir pxelinux.cfg

2)

mount the iso of the rhel7

cp isolinux/* /var/lib/tftpboot

3)

cp /var/lib/tftpboot/isolinux.cfg   /var/lib/tftpboot/pxelinux.cfg/default

cp /usr/share/syslinux/pxelinux.0 /var/lib/tftpboot/

4)

make a userfully install source and kickstart,my of this is in the ftp's pub

ftp://192.168.0.252/pub/rhel6

ftp://192.168.0.252/pub/ks.cfg

5)

vim /var/lib/tftpboot/pxelinux.cfg/default

========================================================================================

default vesamenu.c32

timeout 600 ##等待时间

 

display boot.msg

 

# Clear the screen when exiting the menu, instead of leaving the menu displayed.

# For vesamenu, this means the graphical background is still displayed without

# the menu itself for as long as the screen remains in graphics mode.

menu clear

menu background splash.png

menu title Red Hat Enterprise Linux 7.0 ##大标题

menu vshift 8

menu rows 18

menu margin 8

#menu hidden

menu helpmsgrow 15

menu tabmsgrow 13

 

# Border Area

menu color border * #00000000 #00000000 none

 

# Selected item

menu color sel 0 #ffffffff #00000000 none

 

# Title bar

menu color title 0 #ff7ba3d0 #00000000 none

 

# Press [Tab] message

menu color tabmsg 0 #ff3a6496 #00000000 none

 

# Unselected menu item

menu color unsel 0 #84b8ffff #00000000 none

 

# Selected hotkey

menu color hotsel 0 #84b8ffff #00000000 none

 

# Unselected hotkey

menu color hotkey 0 #ffffffff #00000000 none

 

# Help text

menu color help 0 #ffffffff #00000000 none

 

# A scrollbar of some type? Not sure.

menu color scrollbar 0 #ffffffff #ff355594 none

 

# Timeout msg

menu color timeout 0 #ffffffff #00000000 none

menu color timeout_msg 0 #ffffffff #00000000 none

 

# Command prompt text

menu color cmdmark 0 #84b8ffff #00000000 none

menu color cmdline 0 #ffffffff #00000000 none

 

# Do not display the actual menu unless the user presses a key. All that is displayed is a timeout message.

 

menu tabmsg Press Tab for full configuration options on menu items.

 

menu separator # insert an empty line

menu separator # insert an empty line

 

label linux

  menu label ^Install Red Hat Enterprise Linux 7.0 ##小标题

   menu default ##默认标题设定

  kernel vmlinuz

  append initrd=initrd.img repo=http://172.25.254.47/rhel7.2 ks=http://172.25.254.147/ks.cfg ##安装源和ks

 

label check

  menu label Test this ^media & install Red Hat Enterprise Linux 7.0

  #menu default

  kernel vmlinuz

  append initrd=initrd.img inst.stage2=hd:LABEL=RHEL-7.0\x20Server.x86_64 rd.live.check quiet

 

menu separator # insert an empty line

 

# utilities submenu

menu begin ^Troubleshooting

  menu title Troubleshooting

 

label vesa

  menu indent count 5

  menu label Install Red Hat Enterprise Linux 7.0 in ^basic graphics mode

  text help

Try this option out if you're having trouble installing

Red Hat Enterprise Linux 7.0.

  endtext

  kernel vmlinuz

  append initrd=initrd.img inst.stage2=hd:LABEL=RHEL-7.0\x20Server.x86_64 xdriver=vesa nomodeset quiet

 

label rescue

  menu indent count 5

  menu label ^Rescue a Red Hat Enterprise Linux system

  text help

If the system will not boot, this lets you access files

and edit config files to try to get it booting again.

  endtext

  kernel vmlinuz

  append initrd=initrd.img inst.stage2=hd:LABEL=RHEL-7.0\x20Server.x86_64 rescue quiet

 

label memtest

  menu label Run a ^memory test

  text help

If your system is having issues, a problem with your

system's memory may be the cause. Use this utility to

see if the memory is working correctly.

  endtext

  kernel memtest

 

menu separator # insert an empty line

 

label local

  menu label Boot from ^local drive

  localboot 0xffff

 

menu separator # insert an empty line

menu separator # insert an empty line

 

label returntomain

  menu label Return to ^main menu

  menu exit

 

menu end

 

#################控制对文件的访问#################

 

[root@localhost ~]# getfacl -a /mnt/file

getfacl: Removing leading '/' from absolute path names

# file: mnt/file                   ##文件名称

# owner: root    ##文件所有人

# group: root                    ##文件所有组

user::rw-                          ##用户权限

user：student:rwx                  ##特殊指派用户及权限

group::r--                         ##组权限

mask::rwx                          ##可指派最大权限

other::r--                         ##其他人权限

 

2.setfacl用于设置或修改文件的ACL

setfacl -m u:student:rw file       ##授予用户student读写权限

setfacl -m g:westos:rw file        ##授予组westos读写权限

setfacl -m g:linux:r    file       ##授予组Linux读的权限

setfacl -x u:student    file       ##删除用户student的ACL权限

setfacl -m o::-         file       ##修改其他所有人的权限为空

 

3.ACL掩码及继承

 

v1:具有ACL的文件拥有一个"mask"（掩码）,这个掩码既能够限制拥有该文件的组的最大权限,有能够限制ACL中的补充用户

 

v2:目录可以有"默认ACL"条目，系统自动针对该目录中创建的新文件设置这些条目,这类似setgid权限的方法（针对目录时）,使得在该目录中创建的新文件归拥有该目录的组所有。

 

4.设备权限列表加载

 

v1:挂载文件系统之后，必须启用对POSIX ACL条目的支持

 

v2:安装程序会配置它创建的所有ext4文件系统，以自动启用ACL支持

 

v3:如果手动格式化文件系统，则需要使用acl挂载选项该系统

 

4.

mkfs.ext3                            ##创建ext3文件系统

mkfa.ext3  /dev/vda6                 ##将/dev/vda6分区格式化成ext3文件系统

tune2fs                              ##显示和调整文件系统参数

        -o                           ##设置或清除所指示的默认系统文件的挂载选项

blkid                                ##显示块设备属性（包括交换分区）所使用的文件系统类型、卷标等