linux

A collection of 21 posts
linux

Ubuntu 20.04 lightdm 关闭休眠

禁用systemd休眠状态 sudo systemctl mask sleep.target suspend.target hibernate.target hybrid-sleep.target 修改lightdm的Time before suspend sudo -u lightdm dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-timeout 0 sudo -u lightdm dbus-launch gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-battery-timeout 0 sudo -u lightdm dbus-launch gsettings set org.gnome.settings-daemon.
1 min read
linux

树莓派Kiosk(展台模式)设置

安装Raspbian Buster lite 启用SSH boot分区下新建名称为ssh的空文本 添加WiFi信息 boot分区下新建wpa_supplicant.conf country=CN ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 network={ ssid="NETWORK-NAME" psk="NETWORK-PASSWORD" } 设置自动启动 sudo raspi-config 菜单中选择 Boot Options Desktop CLI Console Autologin 更换自动登录用户 nano /etc/systemd/system/getty@tty1.service.d/autologin.conf 替换
1 min read
linux

selinux 常用命令

查看是否有被selinux阻挡 sudo cat /var/log/audit/audit.log | grep denied boolean 查看boolean状态 sudo sestatus -b sudo sestatus -b | grep -i sendmail 设置boolean sudo setsebool -P $boolean名 $1或0 常用boolean boolean名意义httpd_can_network_connect允许httpd反向代理httpd_can_sendmail允许httpd发送邮件 semanager 安装semanager sudo yum install -y policycoreutils-python Centos 8 sudo yum install -y policycoreutils-python-utils 获取系统中的可用label sudo
1 min read
centos

centos 7 firewalld常用命令

将ip添加到zone sudo firewall-cmd --permanent --zone=work --add-source=192.168.0.0/24 将某个网口添加到zone sudo firewall-cmd --permanent --zone=work --add-interface=eth0 在某个zone打开端口 sudo firewall-cmd --permanent --zone=work --add-port=8080-8090/tcp 永久打开一个端口 firewall-cmd --permanent --add-port=8080/tcp 永久关闭一个端口 firewall-cmd --permanent --remove-port=8080/tcp 永久打开某项服务 firewall-cmd --permanent --add-service=http 永久关闭某项服务 firewall-cmd --permanent --remove-service=
1 min read
centos

systemd服务创建

在/etc/systemd/system中新建servicename.service文件。 按以下模板填入内容 [Unit] Description=servicedescription After=network.target [Service] Type=simple WorkingDirectory=/path/to/service User=http Group=http ExecStart=/usr/bin/service(startscript) ExecStop=/usr/bin/service(stopscript) Restart=always SyslogIdentifier=servicename [Install] WantedBy=multi-user.target 之后修改启动脚本/程序的selinux属性 semanage fcontext -a -t unconfined_exec_t
centos

hyper-v centos安装后优化

安装常用软件 包括nano文字编辑器、wget、curl、lsof、bash-completion和ifconfig sudo yum install -y nano bash-completion net-tools wget curl lsof policycoreutils-python 移除不用的服务 sudo systemctl stop iprdump iprinit iprupdate NetworkManager sudo systemctl disable iprdump iprinit iprupdate NetworkManager sudo yum remove -y btrfs-progs* iprutils ivtv* iwl*firmware libertas* NetworkManager* aic94xx-firmware* alsa-* 可选移除不用的服务 systemctl stop postfix avahi-daemon.
1 min read