知乎专栏 |
# service nginx Usage: nginx {start|stop|restart|condrestart|try-restart|force-reload|upgrade|reload|status|help|configtest} # service nginx stop # service nginx start # service nginx restart
[ ] NetworkManager 自动在多种网络连接中进行转换,如果你的电脑有Wireless WiFi 和 Ethernet多种网络连接类型的话,可以选择开启。 [ ] acpid (Advanced Configuration and Power Interface)是为替代传统的APM电源管理标准而推出的新型电源管理标准。通常笔记本电脑需要启动电源进行管理。 [*] anacron 自动化运行任务守护进程 [*] atd 自动化运行任务守护进程 [ ] auditd 审核信息,将消息写入控制台以及 audit_warn 电子邮件别名。用于存放内核生成的系统审查记录,这些记录会被一些程序使用。特别是对于SELinux用户来说。 [ ] autofs 自动挂载/卸载文件系统服务,可以自动挂载想访问但还未挂载的文件系统,自动卸载长期不访问的文件系统,自动安装管理进程automount,与NFS 相关,依赖于NIS [ ] avahi-daemon Zeroconf service discovery守护进程,Avahi是zeroconf协议的实现。它可以在没有DNS服务的局域网里发现基于zeroconf协议的设备和服务。它跟mDNS一样。除非你有兼容的设备或使用 zeroconf 协议的服务,否则就可以关闭。 [ ] avahi-dnsconfd /etc/avahi/dnsconf.action脚本守护进程 [ ] bluetooth 蓝牙 [ ] conman 控制台管理 [ ] cpuspeed 监测系统空闲百分比,降低或加快CPU时钟速度和电压 [*] crond 一个传统的UNIX程序crontab,可以周期地运行用户调度的任务。 [ ] cups 通用UNIX打印守护进程,(Common UNIX Printing System)公共UNIX打印支持,为Linux提供打印功能。 安装打印机时需要的服务。 [ ] dnsmasq Dns cache server守护进程 [ ] dund 蓝牙拨号网络 [ ] firstboot 安装完之后的用户配置向导,用于第一次设置系统 [ ] gpm 为文本模式下的Linux程序提供鼠标支持、拷贝、粘贴操作、弹出式菜单 [ ] haldaemon 硬件监控系统 [ ] hidd 蓝牙H.I.D.服务器 [ ] httpd Apache服务器 [ ] ip6tables 防火墙守护进程 [*] iptables 防火墙守护进程 [ ] irda 红外端口守护进程 [*] irqbalance 多系统处理器环境下的系统中断请求进行负载平衡,单CPU无用 [ ] kudzu 硬件自动检测程序,如不增加新硬件,可以关闭 [ ] lvm2-monitor LVM2 mirror devices守护进程 [ ] mcstrans SELinux Context Translation System Daemon [ ] mdmonitor RAID相关设备的守护程序 [ ] mdmpd RAID相关设备的守护程序 [*] messagebus 事件监控服务,在必要时向所有用户发送广播信息 [ ] microcode_ctl 可编码以及发送新微代码到内核以更新Intel IA32系列处理器守护进程 [ ] multipathd Manage device-mapper multipath devices [ ] netconsole Initializes network console logging [ ] netfs 安装和卸载NFS、SAMBA和NCP网络文件系统 [ ] netplugd 服务监控网络界面,根据信号关闭或启动它,用于手提电脑 [*] network 激活已配置网络接口的脚本程序 [ ] nfs 网络文件系统守护进程 [ ] nfslock NFS文件锁定功能 [ ] nscd 密码与群查找服务 [ ] ntpd 网络时间同步 [ ] oddjobd [ ] pand 蓝牙个人区域网络 [ ] pcscd 智能卡支持 [ ] portmap 用来支持RPC连接,RPC被用于NFS以及NIS 等服务 [ ] psacct 进程审计守护进程 [ ] rawdevices rawdevices to block devices。Oracle数据库使用 [ ] rdisc discovers routers守护进程 [ ] readahead_early 开机内存载入优化 [ ] readahead_later 开机内存载入优化 [ ] restorecond SELinux相关联 [ ] rpcgssd manages RPCSEC GSS contexts for the NFSv4 server [ ] rpcidmapd rpcidmapd for NFSv4 that maps user names to UID and GID nu [ ] rpcsvcgssd rpcsvcgssd manages RPCSEC GSS contexts for the NFSv4 server [ ] saslauthd 使用SASL的认证守护进程 [*] sendmail 邮件服务器sendmail守护进程 [*] smartd 监控硬盘故障 [*] sshd OpenSSH服务器守护进程 [*] syslog 系统日志 [ ] winbind 用于Samba服务器 [ ] wpa_supplicant 无线设备支持 [ ] xfs X Window字型服务器守护进程,为本地和远程X服务器提供字型集 [ ] ypbind 为NIS客户机激活ypbind服务进程 [ ] yum-updatesd RPM操作系统自动升级和软件包管理守护进程
chkconfig acpid off
[root@development ~]# chkconfig --add mysqld [在服务清单中添加mysql服务] [root@development ~]# chkconfig mysqld on [设置mysql服务开机启动] [root@development ~]# chkconfig --list mysqld [设置mysql启动级别] mysqld 0:off 1:off 2:on 3:on 4:on 5:on 6:off
chkconfig --level 3 mysqld on chkconfig --level 3 mysqld off
# yum -y install xinetd
# yum install -y tftp-server tftp
/etc/xinetd.d/tftp
# vim /etc/xinetd.d/tftp # default: off # description: The tftp server serves files using the trivial file transfer \ # protocol. The tftp protocol is often used to boot diskless \ # workstations, download configuration files to network-aware printers, \ # and to start the installation process for some operating systems. service tftp { socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = -s /tftpboot disable = yes per_source = 11 cps = 100 2 flags = IPv4 }
disable = yes 改为 disable = no
mkdir /tftpboot /etc/init.d/xinetd restart
# yum install -y atftp-server atftp
/etc/xinetd.d/tftp
# cat /etc/xinetd.d/tftp # default: off # description: The tftp server serves files using the trivial file transfer protocol. The tftp protocol is often used to boot diskless workstations, download configuration files to network-aware printers, and to start the installation process for some operating systems. service tftp { disable = no socket_type = dgram protocol = udp wait = yes user = root server = /usr/sbin/in.tftpd server_args = /tftpboot per_source = 11 cps = 100 2 flags = IPv4 }
atftp-server 是一个可以不依赖xinetd的tftp服务器
# vim /etc/xinetd.d/rsync # default: off # description: The rsync server is a good addition to an ftp server, as it \ # allows crc checksumming etc. service rsync { disable = no socket_type = stream wait = no user = root server = /usr/bin/rsync server_args = --daemon log_on_failure += USERID }
/etc/xinetd.d/rsh
# cat /etc/xinetd.d/rsh # default: on # description: The rshd server is the server for the rcmd(3) routine and, \ # consequently, for the rsh(1) program. The server provides \ # remote execution facilities with authentication based on \ # privileged port numbers from trusted hosts. service shell { socket_type = stream wait = no user = root log_on_success += USERID log_on_failure += USERID server = /usr/sbin/in.rshd disable = no }
访问权限配置
# cat /etc/hosts.allow # # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # in.rshd : your.example.com 192.168.0.1
# cat /etc/hosts.deny # # hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # # The portmap line is redundant, but it is left to remind you that # the new secure portmap uses hosts.deny and hosts.allow. In particular # you should know that NFS uses portmap! all : all
访问主机设置
# cat ~/.rhosts your.example.com user 192.168.0.1 user
# rpcinfo -p 192.168.187.75 program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 697 status 100024 1 tcp 700 status 100011 1 udp 864 rquotad 100011 2 udp 864 rquotad 100011 1 tcp 867 rquotad 100011 2 tcp 867 rquotad 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100021 1 udp 32778 nlockmgr 100021 3 udp 32778 nlockmgr 100021 4 udp 32778 nlockmgr 100021 1 tcp 35837 nlockmgr 100021 3 tcp 35837 nlockmgr 100021 4 tcp 35837 nlockmgr 100005 1 udp 880 mountd 100005 1 tcp 883 mountd 100005 2 udp 880 mountd 100005 2 tcp 883 mountd 100005 3 udp 880 mountd 100005 3 tcp 883 mountd