Start system
Usually, LILO is installed on the MBR. After the computer is started, the program on the MBR is executed, and one is not very beautiful graphic: the left is a small red hat image, listed on the right, you can use the keyboard arrow Switch. After the installation is installed, the default is Linux, that is, you don't choose, you will start Linux for a while.
If you want the default choice is Windows, then you can modify the Lilo.conf file under the / etc directory after starting Linux, plus default = windows, then execute / sbin / lilo to regenerate LILO.
2. User Login
Linux is a multi-user operating system that users should use, first must log in, after using the system, you must exit. When the user logs in to the system, in order to enable the system to recognize the user, the username and password must be entered, and the system can be used until the system is verified.
There are two users under Linux:
1) Root users: Super Permissions, the owner of the system, there is only one root user in the Linux system, which can be in the system. The password set when the system is installed is the password of the root user.
2) Ordinary users: Linux system can create many ordinary users and specify corresponding permissions to make it limited to use the Linux system.
With regard to the management of users, we will explain in detail later.
User login is divided into two steps:
1) Enter the user's login name, the system identifies the user according to the login name;
2) Enter the user's password, the password is a string of the user yourself, fully confidential to other users, is the only basis for identifying users when logging in to the system, so each user should protect their password!
At the beginning of the system, only root users, other users are created by root users. Since root users have too much permissions, if the Root user misuse will cause great losses. Therefore, it is recommended that the system administrator serves since the newly built a user, and only the root user is logged in when you need to do system maintenance.
Below is a login example: (in which the black body is input)
Red Hat Linux Release 7.1 (Seawolf)
Kernerl 2.4.2-2 on AN i686
HOME login: root
PASSWORD:
In the above example, we found that it is empty behind Password, which is not a password, but when entering it, the Linux system does not display it, so that the password is used to protect the password!
If you log in, we will get the shell (shell is a program used to interact with the user, it is like command.com in DOS, but there can be multiple shell options, such as Bash, CSH, KSH, etc.) The prompt, if you log in with the root user, the obtained prompt is "#", otherwise it will be "$".
Tip: If the setting is set to a graphical interface at that time, then the system is started, the user login interface will be graphical, a bit like Windows, and when you enter the correct username and password, it will enter directly X window. This setting can be modified:
There is an inittab file in the / etc directory, where there is a line configuration:
ID: 3: DEFAULT
Among them, the number 3 is representing a startup to enter the character terminal. If it is changed to 5, it will start to enter X Window. 3. Modify the password
In order to better protect the security of the user account, Linux allows the user to modify its own password at any time after logging in. Modify the password needs to experience:
1) Enter the original password, if the password is lost, the procedure will not be modified;
2) Enter a new password;
3) Tips Repeat a new password. If the password entered twice, the password is successfully modified.
It should be noted that Red Hat Linux 7.1 is to better protect the password, if the new password you entered is too simple, it will refuse to modify it. Below is an example of a modification of the password: (the black body in it is input)
$ Passwd
Changing Password for User1
(CURRENT) UNIX Password:? In some input passwords
New unix password:? Enter a new password
Retype New Unix Password:? Enter a new password again
Passwd: All Authentication Tokens Updated SuccessFully? Modify success!
Note that the password input here will not be displayed.
And if the root user modifies the password, you don't need to enter your old password! That is, it can modify the password of any user.
4. Exit Login
Whether you are a root user or a normal user, you can quit the login simply execute the exit command.
5. Turn off the machine
In the Linux system, ordinary users are universal shutdown systems! Only root users can close it. Of course, if you are pressing the shutdown button, don't be true. We can implement the following methods:
1) Press the Ctrl Alt DEL key button so that the system will restart!
2) Execute the reboot command so the system will also restart!
3) Execute the shutdown -h now command so that the system will turn off the computer!
4) Execute the HALT command to turn off the computer.
Pay attention to not use a hard shut-off, restart key, etc., which will cause the Linux file system to damage!
6. Virtual Console
Linux is a real multi-user operating system that can accept remote and local logins at the same time, and allow the same user to log in multiple times. Linux is a local user (that is, users doing in front of the computer) provide virtual console access, allowing users to log in multiple times from different consoles at the same time.
The selection of the virtual console can be implemented by pressing the ALT key plus F1-F6 six function keys. For example, after the user logs in, press the Alt F2 combination key, and the user can see "Login:" prompt, which is actually the second virtual console, and then press the Alt F1 combination key, the user It can also return to the first virtual console.
You can experience multi-user characteristics of Linux systems by using a virtual console. For example, the user can switch to another job on another virtual console on another virtual console on a virtual console. For example, when developing software, you can edit the program on a console, compiling on another console, check the information on the third console.
3.2 Files and Directory Operations
Like other operating systems, the data and programs of the user under the Linux system are also saved in the form of a file. So in the process of using Linux, it is often necessary to operate with the directory. Now we learn the files and directory operation methods under Linux with a WINDOW user. 1. File name and file type
File name is an identifier of a file. From this perspective, the rules of the file name are substantially the same as Windows 9x. It is also composed of letters, numbers, underscores, and dots, and the maximum length is 255 characters.
Like Windows 9x, there are normal files and directory files in the Linux system, but the directory file is referred to as a directory in Window. There is a special file in the Linux system, that is, device files. In the Linux system, each I / O setting is mapped into a file, which can be processed as normal files, which makes the operation of files and devices as much as possible. From the user's users, the use of the I / O device is almost the same as the usage of the general file, so you don't have to know the details of the I / O device.
2. Directory structure
As with Windows, in Linux is also organized by a directory. But the difference is that there is only one root directory under Linux, not as one partition in Windows. If there are multiple partitions, you need to use other partition mount to the root directory.
Everyone recalls that when it is partitioned for the Linux, there is a option to fill, that is, Mount Point, we write one "/", which is the root directory (this is the opposite of Windows, one is "/", one is " / "It's really natural. Other probably/ home, / usr.
After installing the system, you will find / home, / usr is the Home, USR directory below the root directory! Yes, the entire partition is used for this directory.
After installing Linux, there is a lot of directory, let's explain some important directories:
/ bin: The command, tools that store more than 100 Linux
/ dev: All device files under Linux!
/ Home: User Home Directory, once a user, will create a directory with the same name as the user, give the user a space
/ Lost Found: As the name suggests, some missing files may be found here
/ MNT: The hookpoint of external equipment, usually two subdirectors with cdrom with FLOPPY! Its existence simplifies the use of disc and floppy disk. You only need to run in the CD, you can visit the content mount to / mnt / cdrom on the CD, you can visit the contents of the CD to / MNT / CDROM. However, after you use it, you should leave this directory and perform Umount / MNT / CDROM. Similarly, the floppy disk is Mount / MNT / FLOPPY and Umount / MNT / FLOPPY.
/ proc: This is actually a fake directory, and you can access the content in memory by here.
/ sbin: The system level command and tool is stored here.
/ usr: Places usually used to install a variety of software
/ usr / x11r6 x window directory
/ usr / bin and / usr / sbin some post-installed commands and tools
/ usr / include, / usr / lib and / usr / share are stored some shared link libraries
/ usr / local commonly used to install new software
/ usr / src linux source program
/ boot: Linux is started here
/ etc: store most of Linux most configuration files
/ lib: static link library / root: root user's home directory, this is one of privileges!
/ var: Usually used to store things in some changes!
/ var / log: Storage system log
/ var / spool: Store some emails, news, print queues, etc.
In addition, it is to be explained that the concept of "current directory", "path", etc. under Linux is the same as WINDOWS.
3. Display the contents of the file
People who have used DOS commands should know that we can use the Type command to view the contents of a file. There are five related commands under Linux, and the functions have a thousand autumn, but they are as used as the Type command, can only be used to view text files.
1) CAT command
The CAT command is the most icon of the TYPE command, the method used is simple: "CAT file name". However, more powerful than the Type command is that it can view multiple files at the same time: "CAT file name is a document name."
2) more command
If the text file is relatively long, the screen cannot be displayed, so you may not be able to see using the CAT command. Here we can simply use more to replace the CAT command. Its effect is similar to the Type file name / P. Using the more command will display a screen text, after the display is full, stopped, and prompt the percentage that has been displayed, press the space bar to see the next screen.
3) LESS command
The ability of the LESS command is almost the same as the more command, but also the page display file, the difference is that the LESS command allows the user to pass back the file forward and backwards.
? Turn forward: press B;
? Backward rule: press P to;
? Specify location: input percentage
? Exit: Q
I often use more and less, almost not using CAT to view files.
4) HEAD command
You can view only the first few lines of a file via the head command, the format is:
HEAD line number file name
If the number of rows is not specified, the default value is used.
5) tail command
Compared with the head command, we can use the TAIL command to view the contents of the file tail. Usually used to monitor whether a file is modified in real time, usually used to observe the log. Such as:
Tail -f maillog
4. Edit the file
There are many text editing tools in Red Hat Linux 7, which is the most commonly used VI, which is an editor that is widely used in all UNIX systems. Its use is specifically:
First, you can open a file using the "VI file name".
When you just start, the VI is in the command state and cannot enter any character. In this state, you can use the arrow keys to move, and when you need to enter content, you need to enter the "I" or "A" command to enter the editing state. Once the editing is complete, you need to press the "ESC" button to return to the command status.
In the command state, you can enter ": q!" Does not store it, enter the ": WQ" storage exit.
5. Document copy, delete and move
Everyone is already familiar with under DOS. We can use the COPY, DEL, Move command to implement file copy, delete, and move. Let's talk about how to do more in the Linux system.
1) CP command: File / Directory copy command
Its syntax format is: CP [option] source file or directory target file or directory
Common options are:
? a This option is often used when copying the directory. It retains the link, file properties, and recursively copy the directory, just like Xcopy / s in DOS.
? f If the target file or directory already exists, you will overwrite it and do not prompt
• I with the F option, is the opposite of the F, which is overwritten, let the user answer "Y" to confirm? P Use this option, copy the file and access to access.
• R If the source gives a directory, the CP will recursively copy all the subdirectory and files in the directory, but this requires the target is also a directory name.
In addition, everyone should pay attention to that if the source is the file name, the target is the directory name, then the multiple source files can be specified using the CP command. Such as:
$ cp a.txt b.txt / home / user1
This command will copy the A.TXT and B.TXT files to the / home / usr1 directory.
2) RM command: file / directory delete command
Its syntax format is: RM [Options] File ...
Common options are:
? f does not give any instructions during the deletion process, directly delete
? r indicates that the RM deletes all directories and subdirectories listed in the parameters.
? I interactively delete, each file gives a prompt when deleting
Be careful when using the RM command, especially when logging in with the root user, I have seen a friend when using the RM command to delete the / home / tmp, the command "RM-RF / HOME / TMP" misuse " RM-RF / Home / TMP ", the result is waiting for him to go back to the computer, the entire system is deleted!
3) MV command: file / directory mobile command
Its syntax format is: MV [option] source file or directory target file or directory
Common options are:
? f Do not give any instructions when you operate to override some destination files
• Interactual operation, if the operation is to overwrite an existing target file, ask the user to overwrite
The execution effect of the MV command is different from the parameter type!
First parameter (source) second parameter (target) result
File name file name change the source file name to the target file name
File Name Directory Name Move the file to the target directory
Directory Name Directory Name Target Directory already exists: source directory moves to the target directory
Target directory does not exist: rename
Directory name file name error
6. Directory related operations
1) Create a new directory: mkdir, its use is the same as the MD under DOS: MKDIR directory name;
2) Delete the empty directory: RMDir, its use is the same as the RD under DOS: the RMDir directory name;
3) Change the directory: CD, its use is basically the same as the CD command under DOS, the only difference is that the CD and the directory name must have spaces regardless of the directory name, that is,: "cd /", " Cd .. "," CD. "is illegal, and should be entered:" CD / "," CD .. "," CD. ", if you enter the command" CD "directly, do not add any parameters, will return Go to the home directory of this user.
4) Display the current directory: PWD
5) Column directory command: LS, equivalent to DIR under DOS
Its syntax is: ls [option] [directory or file]
Common options are:
? a Displays all subdirectories and files in the specified directory, including hidden files;
? c Sort by the modification time of the file
? l Use a long format to display the details of the file, each file a row of information, its content is: File Type and Permissions Link Document The owner file genus file size recently modified time file name
7. Files and directory permission operations
In the Linux system, each file and directory have corresponding access license privileges, we can use it to determine who can access and operate files and directories. The access rights of the file or directory are divided into readable, writable, and can be implemented, respectively, with R, W, X, meaning: r w x
File readable can be writable
Directory can list the directory to do write in the directory to access the directory
When the file is created, the file owner can set the permissions of the file.
For a document, users can divide them into three and give different privileges respectively:
1) File owner
2) Same users with file owners
3) Other users
There are three groups of access to each file or directory, and each group is represented by three, such as:
D rwx r-x r -
The first part: D represents the directory here, other: - represents the normal file C represent the character device file;
Part II: The rights word of the file owner, here is R w x, which represents readable, writable, executable (can be executed by the directory);
Part III: The authority of the user's authority with the file owner, here is R-X representing readable, not writable, executable. Due to more communication between the same group users, let him look at the file, don't change it.
Part IV: Other users' permissions word, here - - -, of course, people who have nothing to do, my files don't just write you, not let you read.
1) File / Directory Permission Settings Command: chmod
This is one of the most common commands that Linux system administrators, which are used to change the access rights of files or directories. There are two usage of this command:
• Use text settings containing letters and operator expressions
Its grammar format is: chmod [who] [opt] [mode] file / directory name
Where who represents an object, it is one or a combination in the following:
u: Represents file owner
g: Represents the same group of users
o: Represents other users
A: Represents all users
OPT is a representative operation, which is:
: Add a permission
-: Cancel a permission
=: Give a given permissions and cancel the original permissions
And Mode represents permission:
R: readable
W: can be written
x: Executable
For example: adding read and write permissions to file a.txt for the same group of users:
CHMOD G RW A.txt
? Using digital settings
The digital setting method is simpler: chmod [mode] file name
The key is the value of MODE. At the beginning, many beginners will be confused. It is actually very simple. We look at the binary number. If there is one represented, there is no 0, then rwx rx r-- It is said:
111 101 100
Then convert each of the three digits into a decimal number, that is, 754.
For example, we want to let A.TXT's permissions:
Other users of themselves
Ready is
Can be written
Executable
Then we get the right string according to the above table: RW-RW-R -, then converted into a binary number is 110 110 100, and then every three-digit conversion becomes a decimal number, so we will execute the command:
CHMOD 664 A.TXT
2) Master command to change the file: chown
The syntax format is very simple: Chown [Option] User name file / directory name where the most common option is "R", plus this parameter, you can change all the subdirectories and files of the entire directory into designated users.
3) Change the file genus command: ChGRP
This command is also very simple: CHGRP group name file name
3.3 User Management
User management, the main job is to establish a legal user account, setting up, and managing the user's password, modify the properties of the user account, and delete the abandoned user account when necessary.
Add a new user
In the Linux system, only root users can create a new user, the following command will create a user of the login User1.
# UserAdd User1
However, this user cannot be logged in because it has not been given to the initial password, and the user without a password is not able to log in to the system. By default, a user main directory that is the same as the username will be created under the / home directory. If you need another to specify the user's home directory, then you can use the following command:
# ueradd -d / home / xf user1
At the same time, the user will get a shell program when logging in: / bin / bash, and if you don't want this user to log in, you can specify the user's shell program as: / bin / false, so that the user does not log in, nor Ability to perform commands under Linux:
# useradd -s / bin / false user1
In Linux, a new group is created simultaneously, this group is the same name with the user, and this user is a member of the group. If you want new users to belong to a group already existing group, you can use the following command:
# useradd -g user user1
This user is a member of the User group. And if you just want it to belong to a group, you should use:
# useradd -g user user1
Once this is done, you should use the passwd command to set an initial password.
2. Delete a user
Delete users, just use a simple command "UserDel user name". However, it is best to remove it on the system, and you can use the "UserDel -r User Name" to achieve this.
3. Modify user properties
In front, we see how to specify its user home directory when newing a user, how to specify its shell, how to set the group to which it belongs ... and so on. Provide a command in Linux to implement:
UserMod -g Group name -g Group name -D User main directory - S User Shell
There is also a direct way to modify the / etc / passwd file, and each user occupies a line in this file, its content is:
Username: Password: User ID: Group ID: User Full Name: User Home Cateral: User Shell
However, it is worth noting that the password is usually replaced with a * number, you can't see it.
4. Add a group
Remember that Linux files can set different access rights for those who are in groups, non-group people? We can create user groups according to your needs:
GroupAdd group name
5. Delete a group
Similarly, we sometimes need to delete a group, and its command is the groupDel group name.
6. Modify group members
If we need to add a user to a group, just edit the / etc / group file, write the user name to the group name. For example, add NewUser users to the SoftDevelop group, just find SoftDevelop this line:
SoftDevelop: x: 506: User1, user2
Then add Newuser in the back to form:
SoftDevelop: x: 506: User1, user2, newuser
In addition, in Red Hat
5.1 Common Network Command
In the Red Hat Linux 7.1 system, it provides tools related to the network, mastering these tools are necessary:
First Class: Settings Tools
1.NetConf:
NetConf is part of the LinuxConf provided by Red Hat Linux, mainly for setting up parameters related to the network. It can run under consLle (text menu) or run in X-WINDOW (graphical interface). In front, we introduced some of NetConf's applications, and its use is relatively simple, as long as you know the English above, so there is no more to say it here. BTW, if you set up x-window, use NetConf with the graphical interface, it will be more beautiful.
2.ifconfig
Ifconfig is the most commonly used tool in the Linux system to display and set up network devices. Where "if" is an abbreviation of "interface". It can be used to device network card status, or display the current settings.
Below we briefly explain the common command combinations:
1) Set the IP address of the first block to 192.168.0.1:
IFCONFIG ETH0 192.168.0.1 (Format: ifconfig network device name IP address)
2) Temporarily close or enable NIC:
Close the first block: ifconfig eth0 down
Enable the first network card: ifconfig eth0 Up
3) Set the subnet mask of the first block to 255.255.255.0:
Ifconfig eth0 netmask 255.255.255.0 (format: ifconfig network device name Netmask subnet mask)
We can also set the IP address and subnet mask at the same time:
Ifconfig Eth0 192.168.0.1 Netmask 255.255.255.0
4) Set the broadcast address of the first block to 192.168.0.255:
Ifconfig eth0 -Broadcast 192.168.0.255
5) Set the first block to not receive multicast packets:
IFConifg Eth0 AllMulti
If you want to receive it, use the command: ifconfig eth0 -allmulti
6) View the status of the first network card:
Ifconfig Eth0
If you want to see all NIC status, use the ifconfig command without parameters directly.
The status information of ifconfig output is useful, below, we will briefly explain:
There are several states that are more important:
• UP / DOWN: Whether the network card is started, if it is Down, then it is certainly unused;
• The number of ErrorS packets in RX Packets If you have a problem with the network card;
• The number of ErrorS package in tx packets If the network card is issued during transmission;
3.Route
The route command is used to view and set routing information for the Linux system to implement communication with other networks. To achieve network communication between two different subnets, a gateway connected to two network routers or at the same time is located in two networks.
In the Linux system, we usually set the route to address the following questions: This Linux machine has a gateway in a local area network, which allows your machine to access the Internet, then we need to set the IP address of this machine to The default route for the Linux machine. 1) Add a default route:
Route Add 0.0.0.0 GW Gateway Address
2) Delete a default route:
Route del 0.0.0.0 GW gateway address
3) Show current routing tables
Route
Second Category: Diagnostic Tools
One
Ping is a most commonly used detection to establish a network communication connection with the remote machine. It is implemented by Internet Control Packet Protocol ICMP. Some hosts are now filtered to ICMP. In this particular case, it is possible to make some host ping, but can establish network connections. This is a special case, which is described here.
Similarly, all optional parameters of the ping command are not listed in the example, but through example, some commonly used combinations need to be learned in more detail, which can be
Www.linuxaid.com.cn website online training command query tool.
1) Detect whether the connection to a machine is normal:
Ping 192.168.0.1
ping
Www.linuxaid.com.cn
That is, we can specify the machine with an IP address or domain name.
2) Specify the number of ping responses to 4:
Under Linux, if you don't specify the number of responses, the ping command will continue to send ICMP information to the remote machine. We can limit the -c parameters: ping -c 4 192.168.0.1
3) Ping through a specific network card:
Sometimes we need to detect a block (multiple blocks in the system) can ping the farm machine. We need to point out when executing the ping command:
Ping -i eth0 192.168.0.1
2.Traceroute
If you ping universally far more machine, I want to know where it is there; or you want to know what route you have passed by your information to the remote machine, you can use the traceroute command. As the name suggests: Trace is tracking, Route is routed, that is, tracking routes.
Using this command is simple:
Traceroute remote host IP address or domain name
The output of this command is similar:
1 Rouler (gateway) IP address access required time 1 Access required time 2 access time 3
2 Router (gateway) IP address access required Time 1 Access required time 2 access time 3
.........
1) The first number represents "through the first few stations";
2) The IP address of the router (gateway) is the IP address of "the station";
3) Accessing time 1, 2, 3 refers to the time required to access this router (gateway).
3.NetStat
In the Linux system, a tool that is very powerful to view the network status: NetStat. It allows you to know the network of Linux systems.
1) Statistics all network devices transmit, receive data packets:
Use command: netstat -i
This command will output a table, including:
IFACE: Network Interface Name MTU: Maximum Transmission Unit
RX-OK: How many packages have been successfully received RX-ERR: How many error packages have received in the received package
RX-DRP: How many packages are lost when receiving, how many collision packs TX-OK have received a total of how many packages TX-ERR: send a total of multiple erroneous packages
TX-DRP: How many packages TX-OVR are lost when pounding TX-OVR: How many collision packages have been received
2) Display the statistics of the network
Use command: netstat -s
With this command, communication information in the form of IP, ICMP, TCP, UDP, TcPext will be statistics in the form of a summary.
3) Display the network connection of the TCP transport protocol:
Use command: netstat -t
The output of this command is also a table, including:
Local Address: Local address, format is an IP address: port number
Foreign Address: Remote address, format is also an IP address: port number
State: Connection status, including Listen, Established, Time_Wait, etc.
4) Only network connection using UDP:
Use command: netstat -t
The output format is also the same.
5) Display the routing table:
Use command: netstat -r
The output of this command is the same as the Route command.
5.2 Network Profile
There are some files for storing network configuration in Red Hat Linux 7.1:
1. (TEC/Hosts
In this file, a list of IP addresses and hostnames is stored. If you point out the IP address of a host in this list, it will not be necessary to perform DNS parsing when accessing the host.
2./etc/host.conf
This file is used to specify the order of the domain name resolution method, such as:
ORDER HOSTS, BIND
It illustrates that by analyzing the / etc / hosts file, if there is no corresponding relationship with the IP address in this file, the domain name server BIND is parsed.
3./etc/resolv.conf
The IP address of the domain name server is stored in this file.
4./etc/protocols
Red Hat Linux 7.1 System Use this file to identify this host and pass the mapping between the protocols and the protocol numbers, users should not modify the file.
5./etc/services
The user is used to define existing network services, and users do not need to modify it, which is usually maintained by programs that install the network service. This file includes a network service name, network port number, and useful protocol type, where there is a slash between the network port number and the protocol type used, and some service alias can be added to the final setting of the line.
5./etc/xinetd.d directory
In the Linux system, there is a super service outd, most of the network services are started by it, such as Chargen, Echo, Finger, Talk, Telnet, Wu-ftpd, etc., the version is between 7.0, its setting is In /etc/inetd.conf, it is changed to a xinetd.d directory after Red Hat 7.0.
In the xinetd.d directory, each service has a corresponding profile, we take Telnet as an example, explain the meaning of each configuration line:
Service telnet
{
Socket_type = stream
Wait = NO
User = root
Server = / usr / sbin / in.telnetd
LOG_ON_FAILURE = UserID
Disable = yes
}
The first line describes the configuration to set the Telnet service.
The second line, indicating that the Socket connection type is stream, which is the third line of TCP, refers to not waiting to start complete
The fourth line refers to the ROOT user starts the service process.
The fifth line means that the service process is /usr/sbin/in.telnetd
The sixth line is used to do something wrong
The seventh line refers to the disabled Telnet, and if it is not open, it will be changed to: disable = no
Modify the XINETD configuration, you need to restart the xinetd to take effect, there are two ways to implement:
1) Perform the following command:
/etc/rc.d/init.d/xinetd Restart
2) Perform the following command:
Killall-Hup Xinetd
5.3 Network Service Access Limit
In Red Hat Linux 7.1, network security is strengthened. If you are installed, the security level is not at the lowest level, then all access outside the unit may be rejected. This is because some default IPChains settings are made in Red Hat 7.1, which is a Linux built-in firewall mechanism that can use some rules to allow or disable access.
Its rules are stored in the / etc / sysconfig / ipchains file, if you want it to temporarily do not take effect, then you can run /etc/rc.d/init.d/ipchains stop, then all rules are canceled, all Network access will be allowed.
You can run /etc/rc.d/init.d/ipchains status to know the restrictions on network access. With regard to this knowledge, this article is limited to the space unable to introduce, interested readers can refer to the "Linux firewall" book.
5.4 Web Server
The Apache 1.3.19 is integrated in the Linux system, and the Red Hat Linux 7.1 is integrated, and you will automatically complete the installation of the Apache server as long as you select the web server during installation. The WWW service has been launched.
If you don't have a web server package when you install, it doesn't matter, you only need to perform the following command:
1) Put the RED HAT Linux 7.1 Install the first place to the optical drive, then execute the following command:
# mount / mnt / cdrom
2) Go to the directory where the Apache installation file is located:
# cd / mnt / cdrom / redhat / rpms
3) Use RPM to complete the installation:
# rpm -ivh apache-1.3.19-5.i386.rpm
Now, you already have a Linux-based web server. Its configuration file is located in the / etc / httpd / conf directory, you can make a corresponding modification as needed, and then execute: /etc/rc.d/init .d / httpd restart. The main directory of the web service is in the / var / www / html directory, you can update your web page to here.
And if each user wants to have a home page, then:
1) First, build a public_html directory in your own home directory:
# CD
# MKDIR PUBLIC_HTML
2) Then change the permissions of your user's home directory to everyone to read
# chmod 755 User Home Directory
3) This allows you to use "localhost / ~ username /" to access the homepage of each user.
5.5 FTP server
In Red Hat Linux 7.1, WU-FTP 2.6.1 is integrated as an FTP server, as long as you choose an FTP package, then your Linux server is an FTP server. If there is no installation, there is no The relationship, like installing Apache: 1) put the Red Hat Linux 7.1 Install the first place to the optical drive, then execute the following command:
# mount / mnt / cdrom
2) Go to the Copy of the WU-FTP installation file:
# cd / mnt / cdrom / redhat / rpms
3) Use RPM to complete the installation:
# rpm -ivh wu-ftp-2.6.1-16.i386.rpm
Since the FTP service is created by the Xinetd Super Server, the configured FTP server is configured in the /etc/xinetd.d directory in the wu-ftpd file:
Service ftp
{
Socket_type = stream
Wait = NO
User = root
Server = / usr / sbin / in.ftpd
Server_args = -l -a
LOG_ON_SUCCESS = DURATION UserID
LOG_ON_FAILURE = UserID
Nice = 10
Disable = no
}
Below, we introduce some management methods for FTP servers:
1. Temporarily turn off the FTP service
There are two ways to pause the FTP service:
1) Execute as root user:
# ftpshut now
This will generate a SHUTMSG file in the / etc directory, and the FTP server will not be able to use until you delete this file.
2) Modify the configuration file /etc/xinetd.d/wu-ftpd, change disable = no to disable = yes, then restart Xinetd.
2, prohibiting a user from using FTP service
There are two ways to ban a user from using the FTP server:
1) Write the user account name in / etc / ftpuser
2) Write a line configuration in / etc / ftpaccess:
Deny-UID username
Use this method to prohibit one group of users from using
Deny-GID group name
3, prohibiting anonymous users (anonymous) login FTP server
There are many ways to achieve, but I think the simplest and effective way is to write anonymous to the configuration file: / etc / ftpuser, it is possible.
5.6 file server
We can also use the Red Hat Linux 7.1 Samba to make a file server for the Windows host in the LAN. If the SMB server package is selected when installing the system, then the Samba service has ready after installation.
However, in order to facilitate configuration, it is recommended to install SWAT, which provides a configuration tool for a web interface. Its installation package is the second CD /red/rpms/samba-swat-2.0.7-36.i386.rpm.
After installation, it will create a new SWAT file in the xinetd.d directory, and its content is:
Service Swat
{
Port = 901
Socket_type = stream
Wait = NO
ONLY_FROM = 127.0.0.1
Server = / usr / sbin / swat
LOG_ON_FAILURE = UserID
Disable = yes
}
We see that the value of disable is Yes, that is, SWAT is now not enabled, so we need to change it to disable = no, then restart xinted. In addition, since there is a sentence here: ONLY_FROM = 127.0.0.1
Note You can only use SWAT in this unit, and if you want to use IE to configure in Windows, please email or delete this sentence.
Below, we take the HOMES directory that you can access by everyone, explain the setting method of SWAT:
1) Open the IE browser and enter Linux hostname or IP and ": 901" on the address bar, for example:
http://192.168.0.1:901
2) If the connection is normal, a login prompt window will be entered, and enter the username and password, here, use root as the username, and enter the password of the root user, then click OK;
3) If the input is correct, the configuration interface of SAMBA will appear: SWAT's home page;
We can see that in the SWAT interface, there are 7 icons on the top, namely HOME (Home), GlobalS, Shars, Printers, Status, View (view) , Password (password)
4) First, we click the GlobalS icon, which will appear in the Global Set page, where we set the following:
? BaseOption à Workgroup: In some input working group names (such as Working Group in NetBIOS)
? BaseOption à Netbios Name: Host Name
? SecurityOption à security: Select the security level, in some choice "Share"
• SecurityOption à hosts allow: Allowed host, usually written to your network number, such as 192.168.0.
? SecurityOption à hosts deny: If you don't let a machine to use, write it to its IP address
After the modification, click the "Commit Changes" button (some of the 7 icons), save the settings.
5) Then, click the Shars icon to make a sharing setting:
Step 1: Enter the shared name you want to set in the right text box of the CREATE SHARE button.
Step 2: Click the "CREATE SHARE" button;
Step 3: Confirm "BaseOptions à Path value for you to share the directory, such as / home / SMB / TEST (Note that this must be the existing directory);
Step 4: Set the value of "securityOptions à writeable" to YES, so that the directory is shared;
Step 5: Set the value of "SecurityOptions à Guest OK" to YES, so that the directory does not require password access;
Step 6: Set the corresponding host IP in "SecurityOptionsàhosts Allow, Hosts Deny";
Step 7: Set "BrowseOptionsàBrowSeable" to YES so that it is easy to use, click the "Commit Changes" button to save the settings.
Now, we can access this Samba server through the network neighbor on Windows 9x, and have a readable and writable shared directory.
In normal time, the system administrator can click the "Status" button to switch to the status page to monitor it, on this page, you can:
1) Start (START SMBD button), stop Samba (STOP SMBD button) service, and restart the service (Restart SMBD button);
2) In addition, you can see the connection (Active Connections) established with the Samba server, and you can press the "X" button to abort its access;
3) At the same time, you can also detect an Active Shars that are being accessed, which is open file (Open files).
Samba services can also be certified by users, integrating with the Window NT domain. In order to introduce some of the spaces, interested readers can refer to "actual combat Samba" book.
