1.设置主机名
1)更改主机名#显示当前主机名
[root@localhost ~]# hostname
localhost.localdomain
#改变主机名
[root@localhost ~]# hostname zby
[root@localhost ~]# hostname
zby #只是改变
2)永久改变主机名[root@localhost ~]# hostnamectl set-hostname zby
#显示状态
[root@localhost ~]# hostnamectl
Static hostname: zby
Icon name: computer-vm
Chassis: vm
Machine ID: 1f96150fe7c04420b9e71c154be8c01b
Boot ID: 35495cc567584fd19646472d8e853fcc
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
#显示计算机名
[root@localhost ~]# su - root
Last login: Sun Mar 11 21:48:43 CST 2018 from 172.31.253.253 on pts/0
[root@zby ~]#
2.添加用户
1)添加一个用户“zhang”作为下面的示例。[root@zby ~]# useradd zhang
[root@zby ~]# passwd zhang
New password: #设置密码
BAD PASSWORD: The password fails the dictionary check - it is based on a dictionary word
Retype new password: #确认
passwd: all authentication tokens updated successfully.
[root@zby ~]# exit #注销当前用户
2)尝试切换新添加用户zby login: zhang #输入用户名password: #输入密码
#查看当前用户
[zhang@zby ~]$ whoami
zhang
[zhang@zby ~]$ su - root #切换到root用户
Password: #输入root用户密码
[root@zby ~]# #已切换到root用户
3)使用户只能够作为管理用户切换到root用户。[root@zby ~]# usermod -G wheel zhang
[root@zby ~]# vi /etc/pam.d/su
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth required pam_wheel.so use_uid
auth substack system-auth
auth include postlogin
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session include postlogin
session optional pam_xauth.so
4)转发到根用户的电子邮件到另一个用户,设置如下。[root@zby ~]# vi /etc/aliases
# Person who should get root's mail
#最后一行:取消和更改用户
root: zhang
[root@zby ~]# newaliases #加载
3.防火墙设置
1)可以显示防火墙的服务状态,如下所示。(默认启用)[root@zby ~]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: active (running) since Sun 2018-03-11 22:36:39 CST; 3s agoMain PID: 13164 (firewalld)
CGroup: /system.slice/firewalld.service
└─13164 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
Mar 11 22:36:38 zby systemd[1]: Starting firewalld - dynamic firewall daemon...
Mar 11 22:36:39 zby systemd[1]: Started firewalld - dynamic firewall daemon.
2)如果您使用防火墙服务,它需要修改它的设置,因为默认情况下不允许对服务的传入请求。在这里是指基本的操作和设置配置firewalld服务。
3)如果你因为一些原因不需要防火墙服务,需要停止并禁用它如下。#停止服务
[root@zby ~]# systemctl stop firewalld
#关闭服务
[root@zby ~]# systemctl disable firewalld
4)显示SELinux的状态(安全增强的Linux)如下。(默认启用)[root@zby ~]# getenforce
Enforcing #selinux是开启的
#关闭selinux
[root@zby ~]# vi /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
#重新启动应用新设置
[root@zby ~]# reboot
4.网络设置
1)设置静态IP,替换接口名称为"eth0"#设置主机名
[root@zby ~]# hostnamectl set-hostname zby
#显示网络设备
[root@zby ~]# nmcli d
DEVICE TYPE STATE CONNECTIONeth0 ethernet connected eth0lo loopback unmanaged --
#设置IPV4地址
[root@zby ~]# nmcli c modify eth0 ipv4.addresses 172.31.253.63/24
#设置默认网关
[root@zby ~]# nmcli c modify eth0 ipv4.gateway 172.31.253.1
#设置域名解析
[root@zby ~]# nmcli c modify eth0 ipv4.dns 211.138.24.6