标签:linux基础优化
版权声明: ########################################################################### 本文的所有内容均来自作者刘春凯的学习总结,未经本人许可,禁止私自转发及使用。 QQ:1151887353 E-mail:dakai517@163.com 1151887353@qq.com ########################################################################## 第1章 关闭SElinux的方法 1.1 操作前备份 法一: [root@oldboyedu-36-02 ~]# cp/etc/selinux/config /etc/selinux/config.bak [root@oldboyedu-36-02 ~]# ls /etc/selinux config config.bak restorecond.conf restorecond_user.conf semanage.conf targeted 法二: [root@oldboyedu-36-02 ~]# sed -i.ori‘s#SELINUX=enforcing#SELINUX=disabled#g‘ /etc/selinux/config===-i.ori替换前备份文件; [root@oldboyedu-36-02 ~]# ls /etc/selinux config config.bak config.ori restorecond.conf restorecond_user.conf semanage.conf targeted 1.2 永久关闭SElinux(修改配置文件) [root@oldboyedu-36-02 ~]# cat /etc/selinux/config # This file controls the state of SELinux on thesystem. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=enforcing # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls -Multi Level Security protection. SELINUXTYPE=targeted [root@oldboyedu-36-02 ~]# sed -i ‘s#SELINUX=enforcing#SELINUX=disabled#g‘/etc/selinux/config [root@oldboyedu-36-02 ~]# cat /etc/selinux/config # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - No SELinux policy is loaded. SELINUX=disabled # SELINUXTYPE= can take one of these two values: # targeted - Targeted processes are protected, # mls -Multi Level Security protection. SELINUXTYPE=targeted ===需要重启服务器才能生效(工作场景中不要以任何理由重启服务器); 1.3 临时关闭 [root@oldboyedu-36-02 ~]# getenforce ===查看selinux状态 Enforcing [root@oldboyedu-36-02 ~]# setenforce ===查看selinux设置选项 usage: setenforce [ Enforcing | Permissive | 1 | 0 ]===1:开启;0:提醒但不阻止; [root@oldboyedu-36-02 ~]# setenforce 0===设置为0 [root@oldboyedu-36-02 ~]# getenforce Permissive 1.4 恢复SElinux的方法 法一:命令行恢复 setenforce 1; 法二:文件回复 1、通过vi、sed直接修改配置文件 2、mv/etc/selinux/config.bak /etc/selinux/config==直接覆盖配置文件 第2章 关闭防火墙iptables 2.1 临时关闭iptables 查看防火墙状态 法一: /etc/init.d/iptables status 法二: service iptables status 临时关闭防火墙 法一: /etc/init.d/iptables stop /etc/init.d/iptables stop ===执行关闭两次,确保关闭; 法二: service iptables stop service iptables stop /etc/init.d/iptables status或者service iptables status ===修改完成后,再次查看iptables状态; 2.2 永久关闭iptables(开机自启动项关闭iptables) 查看iptables是否开机自启动 chkconfig | grep ipt 或者chkconfig --list iptables 关闭iptables的开机自启动项 chkconfig iptables off 再次查看iptables开机自启动是否关闭 chkconfig | grep ipt 或者chkconfig --list iptables
标签:linux基础优化
原文地址:http://dakaige517.blog.51cto.com/11912621/1922398