UbuntuServer20的常⽤设置
⽂章⽬录
♦ Ubuntu server的安装
镜像⽂件:ubuntu-20.04.1-live-server-amd64.iso
需要注意的要点:
Configure proxy配置页⾯的Proxy address⽆需配置。
Configure Ubuntu Archive mirror需要填写:
mirrors.aliyun/ubuntu
最好在安装界⾯中就完成磁盘分区和⽹卡静态地址配置。
建议在Installer update available界⾯中进⾏更新。
重启后可查看版本信息并修改root密码
linkedblockingqueue
cat /etc/os-release
lsb_release -a
# 修改root密码
sudo passwd root
♦取消ssh的登陆欢迎界⾯
touch$HOME/.hushlogin
或者
touch ~/.hushlogin
♦修改hostname
# 查看主机名
hostnamectl
# ⽆需重启,注销并登陆即可。
hostnamectl ample
# 修改本地域名解析
vim /etc/hosts
如果在云实例上运⾏Ubuntu,并且cloud-init已安装软件包,则还需要编辑该/etc/cloud/cloud.cfg⽂件。通常,该软件包通常默认安装在云提供商提供的映像中,并且⽤于处理云实例的初始化。
vim /etc/cloud/cloud.cfg
# 搜索preserve_hostname,并将值从false更改为true:
# This will cause the set+update hostname module to not operate (if true)
preserve_hostname: true
快穿白莲花在线教程♦配置静态IP
cd /etc/netplan/
vim /etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
ethernets:
ens33:
addresses:
- 192.168.74.150/24
gateway4: 192.168.74.2
nameservers:
addresses:
- 114.114.114.114
version: 2
====================================或者=====================================
network:
version: 2
ethernets:
ens33:
addresses:
- 192.168.74.150/24
gateway4: 192.168.74.2
nameservers:
addresses: [221.3.131.11, 221.3.131.12]
常⽤的DNS:
114.114.114.114 电信
114.114.115.115 电信
119.29.29.29 POD
182.254.116.116 POD
182.254.118.118 POD
180.76.76.76 百度
223.5.5.5 阿⾥
223.6.6.6 阿⾥
1.2.4.8 CNNIC
210.2.4.8 CNNIC
8.8.8.8 Google
8.8.4.4 Google
netplan apply 命令可以让配置直接⽣效。详细可参考man netplan 或者
使⽤ netplan generate 可以校验配置。netplan --debug apply命令可以⽤于启⽤配置时的调错。
使⽤systemd-resolve --status | grep ‘DNS Server’ 可以查看当前的DNS。或者使⽤等价的命令resolvectl status,或⼲脆resolvectl。
当然networkctl status也可以综合地看IP地址和DNS。
静态路由等其他配置⽅法可以参考
ip路由命令可参考:man ip-route
其他可参考
♦修改更新源
ll /etc/apt/sources.list
-rw-r--r-- 1 root root 2717 Jan 1115:23 /etc/apt/sources.list
vim /etc/apt/sources.list
==============================================================
# See help.ubuntu/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb mirrors.aliyun/ubuntu focal main restricted
# deb-src mirrors.aliyun/ubuntu focal main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb mirrors.aliyun/ubuntu focal-updates main restricted
# deb-src mirrors.aliyun/ubuntu focal-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb mirrors.aliyun/ubuntu focal universe
# deb-src mirrors.aliyun/ubuntu focal universe
deb mirrors.aliyun/ubuntu focal-updates universe
# deb-src mirrors.aliyun/ubuntu focal-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb mirrors.aliyun/ubuntu focal multiverse
# deb-src mirrors.aliyun/ubuntu focal multiverse
deb mirrors.aliyun/ubuntu focal-updates multiverse
# deb-src mirrors.aliyun/ubuntu focal-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb mirrors.aliyun/ubuntu focal-backports main restricted universe multiverse
# deb-src mirrors.aliyun/ubuntu focal-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb archive.canonical/ubuntu focal partner
# deb-src archive.canonical/ubuntu focal partner
deb mirrors.aliyun/ubuntu focal-security main restricted
# deb-src mirrors.aliyun/ubuntu focal-security main restricted
deb mirrors.aliyun/ubuntu focal-security universe
# deb-src mirrors.aliyun/ubuntu focal-security universe
deb mirrors.aliyun/ubuntu focal-security multiverse
# deb-src mirrors.aliyun/ubuntu focal-security multiverse
sudo apt-get update
sudo apt-get upgrade
♦修改时区并同步时间
修改时区
# 输⼊数字按回车
tzselect
# 查看时区
timedatectl
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
或者
# 打印当前系统时区
timedatectl
# 系统时区通过链接⽂件/etc/localtime配置,该链接指向/usr/share/zoneinfo⽬录下的⼀个⼆进制时区标识⽂件。ls -l /etc/localtime
# 显⽰当前系统时区
cat /etc/timezone
# 列出所有可⽤的时区
timedatectl list-timezones
# 修改时区(⼀条命令搞定!)
timedatectl set-timezone Asia/Shanghai
同步时间
apt install -y ntpdate
ntpdate -sc.ac
timedatectl
# 开启cron同步
crontab -e
添加如下内容
*/60 * * * * /usr/sbin/sc.ac >/dev/null 2>&1
# 显⽰添加的内容
crontab -l
♦修改时间戳的显⽰格式
修改⽇志⽂件的时间戳显⽰格式
vim /f
notification of acceptance# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
# 下⼀⾏是原来的配置,将它注释
# $ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat
# 添加下⾯两⾏
$template CustomFormat,"%$NOW% %TIMESTAMP:8:15% %HOSTNAME% %syslogtag% %msg%\n" $ActionFileDefaultTemplate CustomFormat
# 重启 rsyslog 服务
systemctl restart rsyslog.service
修改ls命令的输出⽇期格式
vim /etc/profile
export TIME_STYLE='+%Y/%m/%d %H:%M:%S'
source /etc/profile
ls -lrt
♦修改时间为24⼩时制
# ⾸先修改为东⼋区的时区
tzselect
4→9→1→1
rm /etc/localtime
ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime
# 然后配置⽂件
vim /etc/default/locale
LANG=en_US.UTF-8
LC_TIME=en_DK.UTF-8 # 关键是添加这⼀⾏
♦修改系统⽇志
可以参考
⽇志⽂件对⽐:
操作系统⽇志⽂件操作系统⽇志⽂件⽤途
CentOS/var/log/messages Ubuntu/var/log/syslog记录系统或服务程序的⽇志CentOS/var/log/secure Ubuntu/var/log/auth.log登陆,安全审计⽇志
⽇志配置⽂件
# /etc/rsyslog.d下
# f 配置系统默认⽇志
# 修改系统默认⽇志
vim /etc/rsyslog.f
因为⽇志在logrotate的作⽤下会被压缩成zip⽂件(扩展名.gz)。可以使⽤下述命令简单查看其内容:
zcat |less
或者
zless /var/log/
♦添加新⽤户并授权sudo
# 禁⽌⽤户的登陆功能 -s /sbin/nologin
useradd -r -m -s /bin/bash newuser
里微服务在哪里getent passwd
# 只有sudo组的⽤户才能使⽤sudo命令
usermod -aG sudo newuser
♦限制⽤户对su命令的使⽤
只允许admin组的⽤户newuser能使⽤su命令来切换登陆⽤户。
groupadd admin
usermod -aG admin newuser
id newuser
dpkg-statoverride --update --add root admin 4750 /bin/su
♦删除⽤户取消附加组
# 删除⽤户newuser(包括他的家⽬录及spool⽬录)
userdel -r newuser
# 取消newuser⽤户的附加组admin(把⽤户newuser从附加组admin中删除)
gpasswd -d newuser admin
# 查看附加组admin中有哪些⽤户centos和ubuntu
getent group |grep admin
或者
cat /etc/group |grep admin
# 查看⽤户的所有组信息
id newuserexcel row函数的使用方法
发表评论