linux | Chia-An Lee

DHCP 設定

Server CentOS CentOS 7: Install dhcpd and run DHCP server lease: /var/lib/dhcpd/dhcpd.leases config: /etc/dhcp/dhcpd.conf option domain-name "calee.xyz"; option domain-name-servers 140.113.235.1, 1.1.1.1, 9.9.9.9, 8.8.8.8; default-lease-time 600; max-lease-time 7200; # Use this to send dhcp log messages to a different log file (you also # have to hack syslog.

file system

fstab mount NTFS find here /etc/fstab UUID=989CE0C49CE09E4E /home/calee/stg ntfs-3g defaults 0 0 Find UUID it’s a symbolic link to /dev/sd_ find here ls -l /dev/disk/by-uuid 檢視分割磁碟區 sudo apt install gparted sudo gparted link ln -s TARGET(src) LINK_NAME(dst) # soft link

firewalld 設定

firewalld sudo firewall-cmd --get-default-zone sudo firewall-cmd --set-default-zone=internal sudo firewall-cmd --get-active-zones sudo firewall-cmd --list-all-zones 換腳 firewal-cmd --permanent --zone=public --remove-interface=ens34 firewall-cmd --permanent --zone=internal --add-interface=ens34 Allow / Deney port sudo firewall-cmd --zone=public --add-port=12345/tcp --permanent sudo firewall-cmd --zone=public --remove-port=12345/tcp --permanent Introduction to FirewallD on CentOS

iptables 使用小記

iptables 參考 iptables [-t table] command CHAIN [NUM] match criteria -j ACTION CHAIN -N: (new) new a chain -X: delete chain -F: flush all chain -Z: zero the pkg counter -P: policy of chain -E: rename rule -A: append rule -I: insert rule to number -R: replace -D: delete LIST -L: list -S: Specification -n: user number to show -v: verbose -x: show msg –line number: show line number DST-NAT sudo sysctl net.

LDAP

freeIPA OpenLDAP Server NFS NIS LDAP Client NFS NIS LDAP 需要下載 sudo yum update && yum install openldap openldap-clients nss-pam-ldapd 複製 server 端的 CAe 產生 config authconfig --enableldap --enableldapauth --ldapserver=ldaps://ldaps.

Linux 上密碼相關設定

Password Policy 密碼品質檢查，這個功能是透過 pam 時做，避免 user 弱密碼導致 ssh 或其他服務被破解 (man pam_pwquality) 修改方法 Debian 系統預設沒有 pwquality，需要先安裝: sudo apt-get install libpam-pwquality 可以直接修改 /etc/pam.d/ 檔案，直接接在 pam_unix.so 當行最後用空白隔開修改 /etc/security/pwquality.conf 檔案 [rpm_pam] 或用 authconfig 指令 (Red Hat 系列，自己 man ㄅ)，可以寫在 /etc/pam.

Linux 上的 NVIDIA 驅動

Nvidia driver on Ubuntu find here 到這裡查看最新版本 nvidia release 34x: 傳統架構版本 387: 新版短期 384: 新版長期刪除舊版 sudo apt-get purge nvidia* 安裝新版 sudo add-apt-repository ppa:graphics-drivers sudo apt-get update sudo apt-get install nvidia-387 sudo reboot # 重開機檢查 lsmod | grep nvidia nvidia-smi cuda sudo apt install cuda-9 sudo apt install cuda-nvcc-9-1 手動安裝到這裡下載 runfile(local) sudo sh cuda_9.

Linux 小指令

Change default editor For global sudo update-alternatives --config editor # 然後選擇數字 For one user select-editor or in .bashrc export EDITOR='vim' export VISUAL='vim' Add groups Change main group sudo groupadd mynewgroup # Add a new group usermod -g groupname username groups username Add secondary group sudo usermod -aG groupname username password policy find here find here find here vim /etc/pam.

NGINX 好用設定

Certbot (let’s encrypt 簽 https) Install find here Ubuntu $ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo add-apt-repository ppa:certbot/certbot $ sudo apt-get update $ sudo apt-get install python-certbot-nginx Fedora sudo dnf install certbot-nginx 簽署自動幫改 nginx 設定檔 sudo certbot --nginx 手動改 nginx 設定檔 sudo certbot --nginx certonly 自動更新憑證 sudo certbot renew --dry-run 手動更新憑證 certbot renew Redirect to https 301 server { listen 443 ssl; # managed by Certbot ssl_certificate /etc/letsencrypt/live/notebook.

Package Manager

Ubuntu ppa Sourse List find here find here /etc/apt/sources.list.d/ deb basic find here sudo apt update sudo apt upgrade sudo apt remove sudo apt-get --purge remove [name]: 連設定檔一起移除 sudo apt-get clean: 清除 /var/cache/apt/archives/ 下的所有 DEB 套件檔 (白話文：清除已經下載的套件) sudo apt-get autoclean: 清除 /var/cache/apt/archives/ 下已經過期的 DEB 套件檔未滿足相依關係系統處理 sudo apt --fix-broken install 尋找那個套件是那一套件需要用的，把套件刪掉 `sudo apt remove xxx