Chinaunix首页 | 论坛 | 博客
  • 博客访问: 2520078
  • 博文数量: 609
  • 博客积分: 10061
  • 博客等级: 上将
  • 技术积分: 5920
  • 用 户 组: 普通用户
  • 注册时间: 2008-06-25 08:30
文章分类

全部博文(609)

文章存档

2010年(13)

2009年(39)

2008年(558)

我的朋友

分类: LINUX

2008-09-13 22:17:21

centos's initial configuration

[1]     Add a new user. I used user name as 'cent' on following examples, but Set any names you like to use.

[root@ns ~]# useradd cent  // add a user 'cent'

[root@ns ~]# passwd cent   // set password for cent

Changing password for user cent.
New UNIX password:         // input password you want to set

Retype new UNIX password:  // verify

passwd: all authentication tokens updated successfully.

[root@ns ~]# exit          // logout



[2]     Try to switch by user that was added in section [1].

ns login: cent             // input user name
password:                  // input password

[cent@ns ~]$ su -          // switch to root
Password:                  // input password for root

[root@ns ~]#               // done to switching to root


[3]     Make 'cent' user that was added in section [1] be only a user who can switch to root.

[root@ns ~]# vi /etc/group    // open the file with vi

wheel:x:10:root ,cent         // line 11: add user
 
[root@ns ~]# vi /etc/pam.d/su
 
#%PAM-1.0
auth sufficient pam_rootok.so
# Uncomment the following line to implicitly trust users in the "wheel" group.
#auth sufficient pam_wheel.so trust use_uid
# Uncomment the following line to require a user to be in the "wheel" group.
auth required pam_wheel.so use_uid 
// remove '#' that was on the head of line

auth include system-auth
account sufficient pam_succeed_if.so uid = 0 use_uid quiet
account include system-auth
password include system-auth
session include system-auth
session optional pam_xauth.so
 
[root@ns ~]# vi /etc/login.defs

SU_WHEEL_ONLY yes          // add this line at the bottom
Forwarding email for root


[4]     Set config to forward mails for root to a user who is a system administrator you set as.

[root@ns ~]# vi /etc/aliases
 
# Person who should get root's mail
root:    cent              // bottom: remove '#' and add user name
 
[root@ns ~]# newaliases    // set new aliases

/etc/aliases: 77 aliases, longest 10 bytes, 776 bytes total

-----------------------------------------------
songbei6 notes:
# visudo
uncommented the following line
%wheel ALL=(ALL)       ALL
become to
wheel ALL=(ALL)       ALL
-----------------------------------------------


[5]     It's unnecessarry to enable FireWall because it's enable on the Routers, so Change it to disabled.

[root@ns ~]# /etc/rc.d/init.d/iptables stop

Flushing firewall rules:    [ OK ]

Setting chains to policy ACCEPT: filter [ OK ]

Unloading iptables modules: [ OK ]

[root@ns ~]# chkconfig iptables off

[root@ns ~]# chkconfig ip6tables off


[6]     Change to disabled SELinux (Security-Enhanced Linux).

[root@ns ~]# vi /etc/sysconfig/selinux

 
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing.

# disabled - SELinux is fully disabled.

SELINUX=disabled // change

# SELINUXTYPE= type of policy in use. Possible values are:
# targeted - Only targeted network daemons are protected.

# strict - Full SELinux protection.

SELINUXTYPE=targeted

[8]     Stop unnecessary services for your system which are enabled on the default settings. First, Output the list of services with following commands.

[root@ns ~]# chkconfig --list | less

[9]     Stop unnecessary services. Following example, a service 'yum-updatesd' is stopped and Disable autostart function.

[root@ns ~]# /etc/rc.d/init.d/yum-updatesd stop

Stopping yum-updatesd [ OK ]

[root@ns ~]# chkconfig yum-updatesd off


[10]     Or if a service is not needed for your system, Uninstall it. If you don't know the service which how to work, output documents of it. Following example, documents of 'yum-updatesd' is outputed and uninstalled.

[root@ns ~]# man yum-updatesd
 
yum-updatesd(8)
 
NAME
 
yum-updatesd - Update notifier daemon

 
SYNOPSIS
 
yum-updatesd

 
DESCRIPTION
 
yum-updatesd provides notification of updates which are available to be applied to your system. This notification can be either via syslog, email or over dbus. Configuration is done via the yum-updatesd.conf (5) file.

SEE ALSO
 
yum (8)
yum-updatesd.conf (5)


Jeremy Katz 2006 June 26 yum-updatesd(8)
 
[root@ns ~]# rpm -e yum-updatesd


[11]     Following lists are all services on the default settings if you would installed with the same way to this site. The one which has marked '*' is the one I turned on for autostart.

NetworkManager The NetworkManager daemon attempts to keep an active network connection available at all times.  
NetworkManagerDispatcher The NetworkManagerDispatcher daemon runs commands in the /etc/NetworkManager/dispatcher.d directory in response to interfaces coming up and down.  
acpid Advanced Configuration and Power Interface event daemon.  
anacron Anacron can be used to execute commands periodically, with a frequency specified in days.  
apmd Advanced Power Management (APM) BIOS utilities for laptops.  
atd atd runs jobs queued by at.  
auditd The audit package contains the user space utilities for storing and searching the audit records generate by the audit subsystem in the Linux 2.6 kernel. *
autofs autofs controls the operation of the automount(8) daemons running on the Linux system.  
avahi-daemon Avahi mDNS/DNS-SD daemon Avahi is a fully LGPL framework for Multicast DNS Service Discovery.  
avahi-dnsconfd avahi-dnsconfd is a small daemon which may be used to configure conventional DNS servers using mDNS in a DHCP-like fashion.  
bluetooth It provids wireless connections among computers.  
conman ConMan is a serial console management program designed to support a large number of console devices and simultaneous users.  
cpuspeed This program monitors the system
阅读(684) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~