7 Red Hat Enterprise Linux Hat Enterprise Linux 7 システム管理者のガイド Red Hat...

Maxim Svistunov Marie Doleelov Stephen WadeleyTom apek Jaromr Hradlek Douglas SilasJana Heves Petr Kov Peter OndrejkaPetr Boko Martin Prpi Elika SlobodovEva Kopalov Miroslav Svoboda David O'BrienMichael Hideo Don Domingo John Ha

Red Hat Enterprise Linux7

Red Hat Enterprise Linux 7



Maxim SvistunovRed Hat Customer Content [email protected]

Marie DoleelovRed Hat Customer Content [email protected]

Stephen WadeleyRed Hat Customer Content [email protected]

Tom apekRed Hat Customer Content [email protected]

Jaromr HradlekRed Hat Customer Content Services

Douglas SilasRed Hat Customer Content Services

Jana HevesRed Hat Customer Content Services

Petr KovRed Hat Customer Content Services

Peter OndrejkaRed Hat Customer Content Services

Petr BokoRed Hat Customer Content Services

Martin PrpiRed Hat Product Security

Elika SlobodovRed Hat Customer Content Services

Eva KopalovRed Hat Customer Content Services

Miroslav SvobodaRed Hat Customer Content Services

David O'BrienRed Hat Customer Content Services

Michael HideoRed Hat Customer Content Services

Don DomingoRed Hat Customer Content Services

John HaRed Hat Customer Content Services

Copyright 2016 Red Hat, Inc.

This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0Unported License. If you distribute this document, or a modified version of it, you must provideattribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hattrademarks must be removed.

Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert,Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.

Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, OpenShift, Fedora, the Infinitylogo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and othercountries.

Linux is the registered trademark of Linus Torvalds in the United States and other countries.

Java is a registered trademark of Oracle and/or its affiliates.

XFS is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United Statesand/or other countries.

MySQL is a registered trademark of MySQL AB in the United States, the European Union andother countries.

Node.js is an official trademark of Joyent. Red Hat Software Collections is not formally related toor endorsed by the official Joyent Node.js open source or commercial project.

The OpenStack Word Mark and OpenStack logo are either registered trademarks/service marksor trademarks/service marks of the OpenStack Foundation, in the United States and other countriesand are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed orsponsored by the OpenStack Foundation, or the OpenStack community.

All other trademarks are the property of their respective owners.

Red Hat Enterprise Linux 7 Red Hat System Administration I (RH124)Red Hat SystemAdministration II (RH134)Red Hat System Administration III (RH254) RHCSA RapidTrack (RH199)

http://creativecommons.org/licenses/by-sa/3.0/

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

I.

1 1.1. 1.2. 1.3.

2 2.1. timedatectl 2.2. date 2.3. hwclock 2.4.

3 3.1. 3.2. 3.3. 3.4.

4 4.1. 4.2. ACL 4.3. ACL 4.4. ACL 4.5. ACL 4.6. 4.7. ACL

5 5.1. su 5.2. sudo 5.3.

II.

6 6.1. 6.2. 6.3. 6.4.

7 Red Hat Support Tool 7.1. Red Hat Support Tool 7.2. Red Hat Support Tool 7.3. Red Hat Support Tool 7.4. Red Hat Support Tool 7.5. 7.6. 7.7.

III.

8 Yum8.1. 8.2.

6

779

10

1212151719

2121222429

3131313333343435

36363738

40

4141424243

4545454545474949

50

515157

1

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

8.2. 8.3. 8.4. 8.5. Yum Yum 8.6. Yum 8.7.

IV.

9 systemd 9.1. systemd 9.2. 9.3. systemd 9.4. 9.5. systemd 9.6. 9.7.

10 OpenSSH10.1. SSH 10.2. OpenSSH 10.3. OpenSSH 10.4. 10.5.

11 TigerVNC11.1. VNC 11.2. 11.3. VNC 11.4.

V.

12 Web 12.1. Apache HTTP

13 13.1. 13.2. 13.3. (MTA)13.4. (MDA)13.5. (Mail User Agents)13.6.

14 14.1. Samba14.2. FTP14.3.

15 chrony NTP 15.1. chrony 15.2. chrony 15.3. chrony 15.4. chrony 15.5. chronyc 15.6.

576670768891

93

949496

104108110111126

129129132140143144

146146148149152

153

154154

179179182183195202203

206206220227

245245246252257258259

2

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

16 ntpd NTP 16.1. NTP 16.2. NTP Strata ()16.3. NTP 16.4. 16.5. UTC DST16.6. NTP 16.7. 16.8. 16.9. ntpd 16.10. ntpd Sysconfig 16.11. chrony 16.12. NTP 16.13. NTP (ntpd) 16.14. NTP 16.15. NTP 16.16. ntpdate 16.17. NTP 16.18. 16.19. 16.20.

17 ptp4l PTP 17.1. PTP 17.2. PTP 17.3. PTP 17.4. 17.5. PTP 17.6. 17.7. 17.8. NTP PTP 17.9. PTP NTP 17.10. timemaster PTP NTP 17.11. 17.12.

VI.

18 18.1. 18.2. 18.3. CPU 18.4. 18.5. 18.6. 18.7. Net-SNMP 18.8.

19 OpenLMI19.1. OpenLMI 19.2. OpenLMI 19.3. OpenPegasus SSL 19.4. LMIShell 19.5. OpenLMI

261261261262263263263264264264266266267267267268268269275276276

278278280283283284285286288288289292293

294

295295298299300305307308322

323323324326330368

3

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

19.6.

20 20.1. 20.2. Rsyslog 20.3. 20.4. Rsyslog (Queue) 20.5. rsyslog 20.6. Rsyslog 20.7. Rsyslog Journal 20.8. Rsyslog 20.9. Rsyslog 20.10. Journal 20.11. 20.12.

21 21.1. Cron Anacron21.2. At Batch 21.3.

22 (ABRT)22.1. ABRT 22.2. ABRT 22.3. ABRT 22.4. 22.5. 22.6.

23 OProfile23.1. 23.2. operf 23.3. OProfile 23.4. OProfile 23.5. 23.6. 23.7. /dev/oprofile/ 23.8. 23.9. Java OProfile 23.10. 23.11. OProfile SystemTap23.12.

VII.

24 GRUB 2 24.1. GRUB 2 24.2. GRUB 2 24.3. GRUB 2 24.4. grubby GRUB 2 24.5. GRUB 2 24.6. GRUB 2 24.7. GRUB 2 24.8. GRUB 224.9.

369

371371371385388397400406407410410416421

423423429432

434434434436443445447

449449450453459459460465466466467470470

472

473473474474475477482483485486

4

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

24.10. Unified Extensible Firmware Interface (UEFI) 24.11.

25 25.1. 25.2. 25.3. 25.4. 25.5. RAM 25.6.

26 26.1. 26.2. 26.3. 26.4. 26.5. 26.6. 26.7. 26.8. 26.9.

VIII.

27 Relax-and-Recover (ReaR)27.1. ReaR 27.2. ReaR

A RPMA.1. RPM A.2. RPM A.3. RPM A.4. RPM A.5.

B

492493

494494495496497497500

502502503506507507509509512518

519

520520526

530530531537538539

540

540

5

1

/etc/locale.conf localectl Red Hat Enterprise Linux 7

1.1.

/etc/locale.conf systemd /etc/locale.conf

/etc/locale.conf /etc/locale.conf

LANG=de_DE.UTF-8LC_MESSAGES=C

LC_MESSAGES /etc/locale.conf 1.1/etc/locale.conf locale(7) man LC_ALL /etc/locale.conf

1.1 /etc/locale.conf

LANG LC_COLLATE

LC_CTYPE

LC_NUMERIC

LC_TIME 2412

LC_MESSAGES

1.1.1.

localectl status

localectl status

1

7

https://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/

1.1

X11

~]$ localectl status System Locale: LANG=en_US.UTF-8 VC Keymap: us X11 Layout: n/a

1.1.2.

localectl list-locales

1.2

~]$ localectl list-locales | grep en_en_AGen_AG.utf8en_AUen_AU.iso88591en_AU.utf8en_BWen_BW.iso88591en_BW.utf8

output truncated

1.1.3.

root

localectl set-locale LANG=locale

locale localectl list-locales 1.1/etc/locale.conf

1.3

British English list-locales root

~]# localectl set-locale LANG=en_GB.utf8

8

1.2.

1.2.1.

localectl status

1.4

X11

~]$ localectl status System Locale: LANG=en_US.utf8 VC Keymap: us X11 Layout: us

1.2.2.

localectl list-keymaps

1.5

grep Czech

~]$ localectl list-keymaps | grep czczcz-cp1250cz-lat2cz-lat2-progcz-qwertycz-us-qwertzsunt5-cz-ussunt5-us-cz

1.2.3.

1

9

root

localectl set-keymap map

map localectl list-keymaps --no-convert X11 X11 root

localectl set-x11-keymap map

X11 --no-convert

localectl --no-convert set-x11-keymap map

X11

1.6 X11

German US root

~]# localectl --no-convert set-x11-keymap de

~]$ localectl status System Locale: LANG=de_DE.UTF-8 VC Keymap: us X11 Layout: de

(map) 3

localectl set-x11-keymap map model variant options

model variant options X11 X11 X11 kbd(4) man

1.3.

Red Hat Enterprise Linux

10

localectl(1) localectl man

loadkeys(1) loadkeys man

5 su sudo

9systemd systemd systemctl

1

11

2

2

(RTC)

(UTC) (DST)

Red Hat Enterprise Linux 7 3 timedatectl Red Hat Enterprise Linux 7 systemd date hwclock

2.1. timedatectl

timedatectl systemd

date

2.1.1.

timedatectl

timedatectl

RTC (NTP) DST

2.1

NTP timedatectl

~]$ timedatectl Local time: Mon 2013-09-16 19:30:24 CEST Universal time: Mon 2013-09-16 17:30:24 UTC Timezone: Europe/Prague (CEST, +0200) NTP enabled: noNTP synchronized: no RTC in local TZ: no DST active: yes Last DST change: DST began at

12

Sun 2013-03-31 01:59:59 CET Sun 2013-03-31 03:00:00 CEST Next DST change: DST ends (the clock jumps one hour backwards) at Sun 2013-10-27 02:59:59 CEST Sun 2013-10-27 02:00:00 CET

chrony ntpd timedatectl

~]# systemctl restart systemd-timedated.services

2.1.2.

root

timedatectl set-time HH:MM:SS

HH MM SS 2

date --set hwclock --systohc

NTP

2.2

11 26 root

~]# timedatectl set-time 23:26:00

UTC root timedatectl set-local-rtc

timedatectl set-local-rtc boolean

boolean yes ( ytruet 1) UTC boolean no( nfalsef 0) no

2.1.3.

root

2

13

timedatectl set-time YYYY-MM-DD

YYYY 4 MM 2 DD 2

00:00:00

2.3

2013 6 2 (11:26 p.m.) root

~]# timedatectl set-time '2013-06-02 23:26:00'

2.1.4.

timedatectl list-timezones

root

timedatectl set-timezone time_zone

time_zone timedatectl list-timezones

2.4

timedatectl list-timezones

~]# timedatectl list-timezones | grep EuropeEurope/AmsterdamEurope/AndorraEurope/AthensEurope/BelgradeEurope/BerlinEurope/Bratislava

Europe/Prague root

~]# timedatectl set-timezone Europe/Prague

2.1.5.

timedatectl NTP NTP chronyd ntpd

14

NTP

timedatectl set-ntp boolean

NTP boolean yes ()boolean no

2.5

~]# timedatectl set-ntp yes

NTP chrony

2.2. date

date Linux

timedatectl

2.2.1.

date

date

date UTC --utc -u

date --utc

+"format"

date +"format"

format 2.6 1 2.1 date(1) man

2.1

2

15

%H HH (: 17)%M MM (: 30)%S SS (: 24)%d DD (: 16)%m MM (: 09)%Y YYYY (: 2013)%Z (: CEST)%F YYYY-MM-DD (:2013-09-16)

%Y-%m-%d %T HH:MM:SS (: 17:30:24)

%H:%M:%S

2.6

~]$ dateMon Sep 16 17:30:24 CEST 2013

UTC

~]$ date --utcMon Sep 16 15:30:34 UTC 2013

date

~]$ date +"%Y-%m-%d %H:%M"2013-09-16 17:30

2.2.2.

root date --set -s

date --set HH:MM:SS

HH MM SS 2

date UTC --utc -u

date --set HH:MM:SS --utc

2.7

11 26 root

~]# date --set 23:26:00

16

2.2.3.

root date --set -s

date --set YYYY-MM-DD

YYYY 4 MM 2 DD 2

00:00:00

2.8

2013 6 2 (11:26 p.m.) root

~]# date --set 2013-06-02 23:26:00

2.3. hwclock

hwclock (RTC) hwclock

(UTC) (DST)

hwclock /etc/adjtime

Red Hat Enterprise Linux 6 hwclock Red Hat Enterprise Linux 7 Network Time Protocol (NTP) Precision Time Protocol (PTP) 11

NTP 15chrony NTP 16ntpd NTP PTP 17ptp4l PTP ntpdate

2.3.1.

root hwclock

2

17

hwclock

hwclock --utc --localtime UTC hwclock --utc hwclock --local /etc/adjtime /etc/adjtime hwclock(8) man

2.9

root

~]# hwclockTue 15 Apr 2014 04:23:46 PM CEST -0.329272 seconds

CEST (Central European Summer Time)

2.3.2.

--set --date

hwclock --set --date "dd mmm yyyy HH:MM"

dd 2 mmm 3 yyyy 4 HH 2 MM 2

--utc --localtime UTC UTC LOCAL /etc/adjtime

2.10

2014 10 21 21:17 UTC root

~]# hwclock --set --date "21 Oct 2014 21:17" --utc

2.3.3.

18

hwclock --systohc

NTP 11

hwclock --hctosys

--utc --localtime UTC --set UTC LOCAL /etc/adjtime

hwclock --systohc --utc timedatectl set-local-rtc false hwclock --systohc --local timedatectl set-local-rtc true

2.11

root

~]# hwclock --systohc --localtime

DST UTC 2.11Windows

2.4.


timedatectl(1) timedatectl man

date(1) date man

hwclock(8) hwclock man

1

2

19

5 su sudo

9systemd systemd systemctl

20

3


3.1.

()

ID (UID) ID ID (GID) root root

Red Hat Enterprise Linux (ACL) 4

ID

Red Hat Enterprise Linux 1000 ID ID ID setup

cat /usr/share/doc/setup*/uidgid

5,000 ID ID 5,000 /etc/login.defs UID_MIN GID_MIN

UID_MIN 5000GID_MIN 5000

UID_MIN GID_MIN UID 1000

ID 5,000 ID 10001000

3.1.1.

3

21

Red Hat Enterprise Linux UPG () UNIX

umask /etc/bashrc UNIX umask 022 UPG

/etc/group

3.1.2.

shadow-utils

UNIX

/etc/passwd root /etc/shadow

/etc/login.defs

shadow-utils /etc/shadow

chage Red HatEnterprise Linux 7 Security Guide () Password Security ()

/etc/group gpasswd

-e--expiredate -f--inactive usermod

-e--expiredate -f--inactive useradd

3.2.

Users

22

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/chap-Hardening_Your_System_with_Tools_and_Services.html#sec-Password_Security

3.2.1.

Super Users Enter Users Super Windows Command Settings () Users

Unlock () root + - wheel Account Type () Standard () Administrator () ()

3.1

Password() (3.2 )

3

23

3.2

3.3.

Users () 3.1

3.1

id ID useradd, usermod, userdel

groupadd, groupmod, groupdel

gpasswd newgrp /etc/gshadow

pwck, grpck

pwconv, pwunconv

grpconvgrpunconv pwconvpwunconv

24

3.3.1.

root :

useradd [options] username

options 3.2 useradd

useradd root :

passwd username

Red Hat Enterprise Linux 7 SecurityGuide () Password Security ()

3.2 useradd

-c 'comment' comment

-d home_directory /home/username/

-e date YYYY-MM-DD -f days 0

-1

-g group_name ()

-G group_list ()

-m -M -N -p password crypt -r UID 1000

-s /bin/bash

-u uid ID 999

usermod -a, --append -G usermod -G

3

25


Red Hat Enterprise Linux 7 ID UID 1 499 1 - 999 UID GID 500 999 Red Hat Enterprise Linux 7 UID GID /etc/login.defs

useradd juan

1. /etc/passwd juan

juan:x:1001:1001::/home/juan:/bin/bash

juan

x

999 UID Red Hat Enterprise Linux 7 1000 UID

999 GID Red Hat Enterprise Linux 7 1000 GID

GECOS GECOS

juan /home/juan/

/bin/bash

2. juan /etc/shadow

juan:!!:14798:0:99999:7:::

juan

2 (!!) /etc/shadow

26

-p /etc/shadow

3. juan /etc/group

juan:x:1001:

/etc/group

juan

x

GID /etc/passwd juan GID

4. juan /etc/gshadow

juan:!::

juan

1 (!) /etc/gshadow

5. juan /home

~]# ls -ld /home/juandrwx------. 4 juan juan 4096 Mar 3 18:23 /home/juan

juan juan juan

6. /etc/skel/ () /home/juan/

~]# ls -la /home/juantotal 28drwx------. 4 juan juan 4096 Mar 3 18:23 .drwxr-xr-x. 5 root root 4096 Mar 3 18:23 ..

3

27

-rw-r--r--. 1 juan juan 18 Jun 22 2010 .bash_logout-rw-r--r--. 1 juan juan 176 Jun 22 2010 .bash_profile-rw-r--r--. 1 juan juan 124 Jun 22 2010 .bashrcdrwxr-xr-x. 4 juan juan 4096 Nov 23 15:09 .mozilla

juan passwd (Red HatEnterprise Linux 7 Security Guide () Password Security () )

3.3.2.

root

groupadd [options] group_name

options 3.3 groupadd

3.3 groupadd

-f, --force -g gid gid groupadd gid

-g gid ID 999

-K, --key key=value /etc/login.defs -o, --non-unique GID -p, --password password -r GID 1000

3.3.3.

1 UPG setgidsetgid

/opt/myproject/

1. root /opt/myproject/

mkdir /opt/myproject

28


2. myproject

groupadd myproject

3. /opt/myproject/ myproject

chown root:myproject /opt/myproject

4. setgid

chmod 2775 /opt/myproject

myproject /opt/myproject/

~]# ls -ld /opt/myprojectdrwxrwsr-x. 3 root myproject 4096 Mar 3 18:31 /opt/myproject

5. myproject

usermod -aG myproject username

3.4.


man

useradd(8) useradd man

userdel(8) userdel man

usermod(8) usermod man

groupadd(8) groupadd man

groupdel(8) groupdel man

groupmod(8) groupmod man

gpasswd(1) gpasswd man /etc/group

3

29

grpck(8) grpck man /etc/group

pwck(8) pwck man /etc/passwd /etc/shadow

pwconv(8) The manual page for the pwconvpwunconvgrpconv grpunconv man

id(1) id man ID

group(5) /etc/group man

passwd(5) /etc/passwd man

shadow(5) /etc/shadow man

Red Hat Enterprise Linux 7 Security Guide Red Hat Enterprise Linux 7 Security Guide

5 su sudo

30

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html

4

(ACL)

Red Hat Enterprise Linux ext3 NFS ACL ACL Samba ext3

acl ACL ACL

cp mv ACL

4.1.

ACL ACL ext3

mount -t ext3 -o acl device-name partition

:

mount -t ext3 -o acl /dev/VolGroup00/LogVol02 /work

/etc/fstab acl

LABEL=/work /work ext3 acl 1 2

ext3 Samba ACL ACL Samba --with-acl-support Samba

4.1.1. NFS

NFS ACL NFS ACL ACL

NFS ACL /etc/exports no_acl NFS ACL /etc/fstab no_acl

4.2. ACL

ACL ACL ACL 2 ACL ACL ACL ACL ACL

4

31

ACL

1.

2.

3. (effective rights)

4.

setfacl ACL -m ACL

# setfacl -m rules files

(rules)

u:uid:perms

ACL UID

g:gid:perms

ACL GID

m:perms

o:perms

ACL

(perms) rw x

ACL setfacl ACL

4.1

andrius

# setfacl -m u:andrius:rw /project/somefile

-x

# setfacl -x rules files

4.2

32

UID 500

# setfacl -x u:500 /project/somefile

4.3. ACL

ACL d:

4.3 ACL

/share/ ACL ( ACL )

# setfacl -m d:o:rx /share

4.4. ACL

ACL getfacl getfacl ACL

4.4 ACL

# getfacl home/john/picture.png

# file: home/john/picture.png # owner: john # group: john user::rw- group::r-- other::r--

ACL ACL getfacl home/sales/

# file: home/sales/ # owner: john # group: john user::rw- user:barryg:r-- group::r-- mask::r-- other::r-- default:user::rwx

4

33

default:user:john:rwx default:group::r-x default:mask::rwx default:other::r-x

4.5. ACL

dump ACL tar --acls ACL cp ACL --preserve=mode ACL cp -a (-dR --preserve=all )SELinux ACL dumptar cp man

star tar 4.1star man star star

4.1 star

-c -n -x

-r

-t -u

-x -U

-help -xhelp -/

-acl ACL

4.6.

34

ACL ext_attr

# tune2fs -l filesystem-device

ext_attr ACL

1.22 e2fsprogs (Red Hat Enterprise Linux 2.1 4 ) e2fsck ext_attr

4.7. ACL

man

man acl ACL

man getfacl

man setfacl

man star star

4

35

5

() root su sudo setuid root

Red Hat Enterprise Linux 7 Security Guide

5.1. su

su root root

su root SELinux root su

wheel root

~]# usermod -a -G wheel username

username wheel

1. Super Enter Super Windows Command

2.

3.

4. wheel

wheel su su/etc/pam.d/su PAM () #

#auth required pam_wheel.so use_uid

36

wheel su

root wheel

5.2. sudo

sudo sudo root

sudo

sudo command

command root mount

sudo /etc/sudoers sudo root Red Hat Enterprise Linux 7 root

sudo /var/log/messages /var/log/secure /etc/pam.d/system-auth pam_tty_audit TTY

session required pam_tty_audit.so disable=pattern enable=pattern

pattern root TTY

session required pam_tty_audit.so disable=* enable=root

TTY pam_tty_audit PAM TTY pam_tty_audit /var/log/audit/audit.log pam_tty_audit(8) man

sudo

5

37

sudo /etc/sudoers visudo

visudo

juan ALL=(ALL) ALL

juan sudo

sudo

%users localhost=/usr/sbin/shutdown -h now

users /sbin/shutdown -h now

sudoers man

sudo visudo /etc/sudoers /etc/sudoers wheel root

sudo sudo 5 /etc/sudoers

Defaults timestamp_timeout=value

value value 0 sudo

sudo sudo

sudo /bin/bash

root /etc/sudoers sudo

5.3.

38

su(1) su man

sudo(8) sudo man

pam(8) man Linux Pluggable Authentication Modules (PAM)

Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 7 setuid

3

5

39

https://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Security_Guide/index.html

II.

Red Hat Enterprise Linux Red Hat Content DeliveryNetwork (CDN) Red Hat Content Delivery Network

Red Hat Red Hat Support Tool

40

http://www.redhat.com/en/services/support

6

Red Hat yum Red HatEnterprise Linux 7 Red Hat

Red Hat Enterprise Linux 7 X Window System

6.1.

Red Hat Subscription Management 1 subscription-manager root

1. Red Hat

subscription-manager register

2. ID

subscription-manager list --available

ID --all ID Pool ID

3.

subscription-manager attach --pool=pool_id

pool_id ID

subscription-manager list --consumed

Red Hat Red Hat Subscription Management

6

41

https://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/index.htmlhttps://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/chap-initial-setup.htmlhttps://access.redhat.com/ja/solutions/417183https://access.redhat.com/documentation/ja/red-hat-subscription-management/

6.2.

Red Hat /etc/yum.repos.d/ yum

yum repolist

Red Hat Subscription Management Red Hat

subscription-manager repos --list


rhel-variant-rhscl-version-rpmsrhel-variant-rhscl-version-debug-rpmsrhel-variant-rhscl-version-source-rpms

variant Red Hat Enterprise Linux (server workstation) version Red Hat Enterprise Linux (6 7)

rhel-server-rhscl-7-eus-rpmsrhel-server-rhscl-7-eus-source-rpmsrhel-server-rhscl-7-eus-debug-rpms

subscription-manager repos --enable repository

repository

subscription-manager repos --disable repository

Yum Yum yum

6.3.

1.

subscription-manager list --consumed

42

serial 744993814251016831

SKU: ES0113909Contract: 01234567Account: 1234567Serial: 744993814251016831Pool ID: 8a85f9894bba16dc014bccdd905a5e23Active: FalseQuantity Used: 1Service Level: SELF-SUPPORTService Type: L1-L3Status Details: Subscription Type: StandardStarts: 02/27/2015Ends: 02/27/2016System Type: Virtual

2.

subscription-manager remove --serial=serial_number

serial_number

subscription-manager remove --all

6.4.

Red Hat Subscription Management

subscription-manager(8) Red Hat Subscription Management man

Red Hat Subscription Management Red Hat SubscriptionManagement

5 su sudo

6

43

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/https://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/index.htmlhttps://access.redhat.com/documentation/ja-JP/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/chap-initial-setup.html

8Yum yum

44

7 Red Hat Support Tool

redhat-support-tool Red Hat Support Tool SSH RedHat Red Hat

7.1. Red Hat Support Tool

Red Hat Support Tool Red Hat Enterprise Linux root

~]# yum install redhat-support-tool


Red Hat Support Tool

1. ~]# redhat-support-tool config user username

username Red Hat

2. ~]# redhat-support-tool config passwordPlease enter the password for username:


~]$ redhat-support-toolWelcome to the Red Hat Support Tool.Command (? for help):

() root

? q e Red Hat Red Hat


config --help

~]# redhat-support-toolWelcome to the Red Hat Support Tool.


45

Command (? for help): config --help

Usage: config [options] config.option

Use the 'config' command to set or get configuration file values.Options: -h, --help show this help message and exit -g, --global Save configuration option in /etc/redhat-support-tool.conf. -u, --unset Unset configuration option.

The configuration file options which can be set are: user : The Red Hat Customer Portal user. password : The Red Hat Customer Portal password. debug : CRITICAL, ERROR, WARNING, INFO, or DEBUG url : The support services URL. Default=https://api.access.redhat.com proxy_url : A proxy server URL. proxy_user: A proxy server user. proxy_password: A password for the proxy server user. ssl_ca : Path to certificate authorities to trust during communication. kern_debug_dir: Path to the directory where kernel debug symbols should be downloaded and cached. Default=/var/lib/redhat-support-tool/debugkernels

Examples:- config user- config user my-rhn-username- config --unset user

7.1 Red Hat Support Tool

Red Hat Support Tool

1.

~]# redhat-support-tool

2. Red Hat

Command (? for help): config user username

-g

3. Red Hat

Command (? for help): config passwordPlease enter the password for username:

7.4.1.

Red Hat Support Tool ~/.redhat-support-tool/redhat-support-tool.conf ()

46

/etc/redhat-support-tool.conf

/etc/redhat-support-tool.conf base64

-g, --global

Command (? for help): config setting -g value

-g, --global Red Hat Support Tool root /etc/redhat-support-tool.conf

-u, --unset

Command (? for help): config setting -u value

()

-u, --unset -g, --global -u, --unset root -g, --global -u, --unset

7.5.

7.2

1.


2. opencase


47

Command (? for help): opencase

3.

4.

5. Ctrl+D

6.

7.

8.

Support case 0123456789 has successfully been opened

9. SOS

10.

7.3

1.


2. getcase

Command (? for help): getcase case-number

case-number

3.

7.4

1.


2. modifycase

Command (? for help): modifycase case-number

case-number

3.

Type the number of the attribute to modify or 'e' to return to the

48

previous menu. 1 Modify Type 2 Modify Severity 3 Modify Status 4 Modify Alternative-ID 5 Modify Product 6 Modify VersionEnd of options.

1

4. 3

Selection: 3 1 Waiting on Customer 2 Waiting on Red Hat 3 Closed Please select a status (or 'q' to exit):

7.6.

~]# redhat-support-tool getcase case-number

case-number

7.7.

Red Hat Red Hat Support Tool


49

https://access.redhat.com/articles/445443

III.

Red Hat Enterprise Linux RPM Yum Red Hat Enterprise Linux

50

8 Yum

Yum Red Hat Yum Yum ////

Yum Yum RPM Yum 1

Red Hat Enterprise Linux 7 Red Hat 6

Yum GPG (Gnu Privacy Guard: GnuPG) GPG () Yum GPG RPM Red Hat Yum Yum Yum GPG RPM

Yum RPM yum

Yu Yum PackageKit

yum su sudo

8.1.

Yum

8.1.1.

8 Yum

51

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Installation_Guide/

:

yum check-update

8.1 yum check-update

yum check-update

~]# yum check-updateLoaded plugins: product-id, search-disabled-repos, subscription-managerdracut.x86_64 033-360.el7_2 rhel-7-server-rpmsdracut-config-rescue.x86_64 033-360.el7_2 rhel-7-server-rpmskernel.x86_64 3.10.0-327.el7 rhel-7-server-rpmsrpm.x86_64 4.11.3-17.el7 rhel-7-server-rpmsrpm-libs.x86_64 4.11.3-17.el7 rhel-7-server-rpmsrpm-python.x86_64 4.11.3-17.el7 rhel-7-server-rpmsyum.noarch 3.4.3-132.el7 rhel-7-server-rpms

dracut dracut

dracut

x86_64 CPU

033

360.el7

_2 z-stream

rhel-7-server-rpms

yum (kernel )Yum RPM (yum rpm ) (rpm-libsrpm-python )

8.1.2.

1 1

root :

52

yum update package_name

8.2 rpm

rpm

~]# yum update rpmLoaded plugins: langpacks, product-id, subscription-managerUpdating Red Hat repositories.INFO:rhsm-app.repolib:repos updated: 0Setting up Update ProcessResolving Dependencies--> Running transaction check---> Package rpm.x86_64 0:4.11.1-3.el7 will be updated--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-libs-4.11.1-3.el7.x86_64--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-python-4.11.1-3.el7.x86_64--> Processing Dependency: rpm = 4.11.1-3.el7 for package: rpm-build-4.11.1-3.el7.x86_64---> Package rpm.x86_64 0:4.11.2-2.el7 will be an update--> Running transaction check...--> Finished Dependency Resolution

Dependencies Resolved============================================================================= Package Arch Version Repository Size=============================================================================Updating: rpm x86_64 4.11.2-2.el7 rhel 1.1 MUpdating for dependencies: rpm-build x86_64 4.11.2-2.el7 rhel 139 k rpm-build-libs x86_64 4.11.2-2.el7 rhel 98 k rpm-libs x86_64 4.11.2-2.el7 rhel 261 k rpm-python x86_64 4.11.2-2.el7 rhel 74 k

Transaction Summary=============================================================================Upgrade 1 Package (+4 Dependent packages)

Total size: 1.7 MIs this ok [y/d/N]:

8 Yum

53

1. Loaded plugins: langpacks, product-id, subscription-manager yum Yum Yum Yum yum

2. rpm.x86_64 rpm

3. yum yum yum -y yum yes ()yum d

yum history Yum

yum update yum install Yum

RPM rpm -u kernel ( ) rpm -i kernel () RPM

root

yum group update group_name

group_name

Yum upgrade obsoletes update ([main] )obsoletes /etc/yum.conf on 2

yum update

yum update

54

root

yum update --security

root

yum update-minimal --security

kernel-3.10.0-1

kernel-3.10.0-2

kernel-3.10.0-3

yum update-minimal --security kernel-3.10.0-2 yum update --security kernel-3.10.0-3

8.1.3.

Red Hat Enterprise Linux Yum RPM

8.1.4. ISO Yum

Red Hat Network yum update Red Hat Enterprise Linux ISO

1. ISO root

mkdir mount_dir

mount_dir /media

2. Red Hat Enterprise Linux 7 ISO root

mount -o loop iso_name mount_dir

iso_name ISO mount_dir -o loop

3. media.repo /etc/yum.repos.d/ .repo

8 Yum

55

cp mount_dir/media.repo /etc/yum.repos.d/new.repo

yum new.repo (: rhel7.repo)

4. Red Hat Enterprise Linux ISO /etc/yum.repos.d/new.repo

baseurl=file:///mount_dir

mount_dir

5. /etc/yum.repos.d/new.repo yum root

yum update

ISO

6. ISO root

umount mount_dir

mount_dir root

rmdir mount_dir

7. root

rm /etc/yum.repos.d/new.repo

8.3 Red Hat Enterprise Linux 7.0 7.1

ISO (: rhel-server-7.1-x86_64-dvd.iso) /media/rhel7/ root ISO

~]# mount -o loop rhel-server-7.1-x86_64-dvd.iso /media/rhel7/

media.repo yum

~]# cp /media/rhel7/media.repo /etc/yum.repos.d/rhel7.repo

yum /etc/yum.repos.d/rhel7.repo

56

baseurl=file:///media/rhel7/

yum rhel-server-7.1-x86_64-dvd.iso root

~]# yum update

~]# umount /media/rhel7/

~]# rmdir /media/rhel7/

~]# rm /etc/yum.repos.d/rhel7.repo

8.2.

Yum

8.2.1.

RPM

yum search term

term

8.4

vim gvim emacs

~]$ yum search vim gvim emacsLoaded plugins: langpacks, product-id, search-disabled-repos, subscription-manager============================= N/S matched: vim ==============================vim-X11.x86_64 : The VIM version of the vi editor for the X Window Systemvim-common.x86_64 : The common files needed by any version of the VIM editor[]

============================ N/S matched: emacs =============================emacs.x86_64 : GNU Emacs text editor

8 Yum

57

emacs-auctex.noarch : Enhanced TeX modes for Emacs[]

Name and summary matches mostly, use "search all" for everything.Warning: No matches found for: gvim

yum search yum search yum search all

Yum 1 glob glob 1 * () ? ( 1 )

yum glob glob bash glob yum glob yum

glob

8.2.2.

yum list all

glob

yum list glob_expression

8.5 ABRT

ABRT abrt-addon- abrt-plugin-

~]$ yum list abrt-addon\* abrt-plugin\*Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerInstalled Packagesabrt-addon-ccpp.x86_64 2.1.11-35.el7 @rhel-7-server-rpmsabrt-addon-kerneloops.x86_64 2.1.11-35.el7 @rhel-7-server-rpmsabrt-addon-pstoreoops.x86_64 2.1.11-35.el7 @rhel-

58

7-server-rpmsabrt-addon-python.x86_64 2.1.11-35.el7 @rhel-7-server-rpmsabrt-addon-vmcore.x86_64 2.1.11-35.el7 @rhel-7-server-rpmsabrt-addon-xorg.x86_64 2.1.11-35.el7 @rhel-7-server-rpms

installed

yum list installed glob_expression

8.6 krb

krb 1 glob

~]$ yum list installed "krb?-*"Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerInstalled Packageskrb5-libs.x86_64 1.13.2-10.el7 @rhel-7-server-rpms

yum list available glob_expression

8.7 gstreamer

gstreamer plugin

~]$ yum list available gstreamer\*plugin\*Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerAvailable Packagesgstreamer-plugins-bad-free.i686 0.10.23-20.el7 rhel-7-server-rpmsgstreamer-plugins-base.i686 0.10.36-10.el7 rhel-7-server-rpmsgstreamer-plugins-good.i686 0.10.31-11.el7 rhel-7-server-rpmsgstreamer1-plugins-bad-free.i686 1.4.5-3.el7 rhel-7-server-rpmsgstreamer1-plugins-base.i686 1.4.5-2.el7 rhel-7-server-rpms

8 Yum

59

gstreamer1-plugins-base-devel.i686 1.4.5-2.el7 rhel-7-server-rpmsgstreamer1-plugins-base-devel.x86_64 1.4.5-2.el7 rhel-7-server-rpmsgstreamer1-plugins-good.i686 1.4.5-2.el7 rhel-7-server-rpms

ID

yum repolist

-v URL repoinfo

yum repolist -v

yum repoinfo

yum repolist all

disabled ID glob ID enabled disabled

8.2.3.

1 ( glob )

yum info package_name

package_name

8.8 abrt

abrt

~]$ yum info abrtLoaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerInstalled PackagesName : abrt

60

Arch : x86_64Version : 2.1.11Release : 35.el7Size : 2.3 MRepo : installedFrom repo : rhel-7-server-rpmsSummary : Automatic bug detection and reporting toolURL : https://fedorahosted.org/abrt/License : GPLv2+Description : abrt is a tool to help users to detect defects in applications and : to create a bug report with all information needed by maintainer to fix : it. It uses plugin system to extend its functionality.

yum info package_name rpm -q --info package_name RPM yum ( From repo: )

yumdb

Yum

yumdb info package_name

( SHA-256 ) () (user dep )

8.9 yum yumdb

yum

~]$ yumdb info yumLoaded plugins: langpacks, product-idyum-3.4.3-132.el7.noarch changed_by = 1000 checksum_data = a9d0510e2ff0d04d04476c693c0313a11379053928efd29561f9a837b3d9eb02 checksum_type = sha256 command_line = upgrade from_repo = rhel-7-server-rpms from_repo_revision = 1449144806 from_repo_timestamp = 1449144805 installed_by = 4294967295 origin_url = https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/os/Packages/yum-3.4.3-132.el7.noarch.rpm reason = user releasever = 7Server var_uuid = 147a7d49-b60a-429f-8d8f-3edb6ce6f4a1

8 Yum

61

yumdb yumdb(8) man

8.2.4.

root

yum install package_name

root

yum install package_name package_name

AMD64 Intel64 multilib . arch ()

yum install package_name.arch

8.10 multilib

i686 sqlite

~]# yum install sqlite.i686

glob root

yum install glob_expression

8.11 audacious

glob audacious

~]# yum install audacious-plugins-\*

glob yum install yum install root

yum install /usr/sbin/named

yum /usr/sbin/named yum

62

yum install glob yum

yum install-n name

yum install-na name.architecture

yum install-nevra name-epoch:version-release.architecture

install-n yum name install-na yuminstall-nevra yum name-epoch:version-release.architecture yum remove-nyum remove-na yum remove-nevra

named bin/ sbin/ glob yum provides

~]# yum provides "*bin/named"Loaded plugins: langpacks, product-id, search-disabled-repos, subscription- : manager32:bind-9.9.4-14.el7.x86_64 : The Berkeley Internet Name Domain (BIND) DNS : (Domain Name System) serverRepo : rhel-7-server-rpmsMatched from:Filename : /usr/sbin/named

yum provides "*/file_name" file_name

8.12

yum httpd root

~]# yum install httpdLoaded plugins: langpacks, product-id, subscription-managerResolving Dependencies--> Running transaction check---> Package httpd.x86_64 0:2.4.6-12.el7 will be updated---> Package httpd.x86_64 0:2.4.6-13.el7 will be an update

8 Yum

63

--> Processing Dependency: 2.4.6-13.el7 for package: httpd-2.4.6-13.el7.x86_64--> Running transaction check---> Package httpd-tools.x86_64 0:2.4.6-12.el7 will be updated---> Package httpd-tools.x86_64 0:2.4.6-13.el7 will be an update--> Finished Dependency Resolution

Dependencies Resolved

yum httpd httpd httpd-tools

================================================================================ Package Arch Version Repository Size================================================================================Updating: httpd x86_64 2.4.6-13.el7 rhel-x86_64-server-7 1.2 MUpdating for dependencies: httpd-tools x86_64 2.4.6-13.el7 rhel-x86_64-server-7 77 k

Transaction Summary================================================================================Upgrade 1 Package (+1 Dependent package)

Total size: 1.2 MIs this ok [y/d/N]:

yum y () N () d () y

Downloading packages:Running transaction checkRunning transaction testTransaction test succeededRunning transaction Updating : httpd-tools-2.4.6-13.el7.x86_64 1/4 Updating : httpd-2.4.6-13.el7.x86_64 2/4 Cleanup : httpd-2.4.6-12.el7.x86_64 3/4 Cleanup : httpd-tools-2.4.6-12.el7.x86_64 4/4 Verifying : httpd-2.4.6-13.el7.x86_64

64

1/4 Verifying : httpd-tools-2.4.6-13.el7.x86_64 2/4 Verifying : httpd-tools-2.4.6-12.el7.x86_64 3/4 Verifying : httpd-2.4.6-12.el7.x86_64 4/4

Updated: httpd.x86_64 0:2.4.6-13.el7

Dependency Updated: httpd-tools.x86_64 0:2.4.6-13.el7

Complete!

yum localinstall path

path

8.2.5.

8.12

...Total size: 1.2 MIs this ok [y/d/N]: ...

With the d option, yum downloads the packages without installing them immediately. You can install thesepackages later offline with the yum localinstall command or you can share them with a different device.Downloaded packages are saved in one of the subdirectories of the cache directory, by default /var/cache/yum/$basearch/$releasever/packages/. The downloading proceeds in backgroundmode so that you can use yum for other operations in parallel.

8.2.6.

yum root

yum remove package_name

8.13

8 Yum

65

totem

~]# yum remove totem

install remove

glob

Yum RPM RPM

8.3.

yum groups yum

8.3.1.

summary

yum groups summary

8.14 yum groups summary

~]$ yum groups summary Loaded plugins: langpacks, product-id, subscription-managerAvailable Environment Groups: 12Installed Groups: 10Available Groups: 12

yum list

yum group list glob_expression

66

hidden ids ID languageenvironmentinstalledavailable

yum group info glob_expression

8.15 LibreOffice

~]$ yum group info LibreOfficeLoaded plugins: langpacks, product-id, subscription-manager

Group: LibreOffice Group-Id: libreoffice Description: LibreOffice Productivity Suite Mandatory Packages: =libreoffice-calc libreoffice-draw -libreoffice-emailmerge libreoffice-graphicfilter =libreoffice-impress =libreoffice-math =libreoffice-writer +libreoffice-xsltfilter Optional Packages: libreoffice-base libreoffice-pyuno

" - "

" + " yum upgrade yum group upgrade

" = "

yum group remove

group_command objects yum "" "="

yum group mark yum group mark packages yum group mark

8 Yum

67

blacklist yum group mark yum(8) man

@^ @ yum group listinfoinstall remove @group_name @^group_name group_name

8.3.2.

ID (groupid) ID ()

yum group list ids

8.16 groupid

(: KDE ) ID

~]$ yum group list ids kde\*Available environment groups: KDE Plasma Workspaces (kde-desktop-environment)Done

hidden

~]$ yum group list hidden ids kde\*Loaded plugins: product-id, subscription-managerAvailable Groups: KDE (kde-desktop)Done

group install (groupid ) root

yum group install "group name"

groupid root

yum group install groupid

groupid @ install group install yum root

68

yum install @group

group groupid

yum install @^group

8.17 KDE Desktop 4

4 KDE Desktop

~]# yum group install "KDE Desktop"~]# yum group install kde-desktop~]# yum install @"KDE Desktop"~]# yum install @kde-desktop

8.3.3.

ID install root

yum group remove group_name

yum group remove groupid

groupid @ remove group remove yum root

yum remove @group

group groupid

yum remove @^group

8.18 KDE Desktop 4

4 KDE Desktop

~]# yum group remove "KDE Desktop"~]# yum group remove kde-desktop~]# yum remove @"KDE Desktop"~]# yum remove @kde-desktop

8.4.

8 Yum

69

yum history list

ID

Login user Full Name () System

Date and time

Action(s) 8.1Action

Altered 8.2Altered

8.1 Action

Action Downgrade D 1

Erase E 1 Install I 1 Obsoleting O 1 Reinstall R 1 Update U 1

8.2 Altered

< rpmdb yum

> rpmdb yum

* # yum

E P rpmdb

s --skip-broken

rpmdb yumdb rpmdb yumdb

yum history sync

8 Yum

71

yum history stats

8.20 yum history stats

~]# yum history statsLoaded plugins: langpacks, product-id, subscription-manager File : //var/lib/yum/history/history-2012-08-15.sqliteSize : 2,766,848Transactions: 41Begin time : Wed Aug 15 16:18:25 2012End time : Wed Feb 27 14:52:30 2013Counts : NEVRAC : 2,204 NEVRA : 2,204 NA : 1,759 NEVR : 2,204 rpm DB : 2,204 yum DB : 2,204history stats

Yum root

yum history summary

yum history summary start_id..end_id

yum history list glob

yum history summary glob_expression

8.21 5

~]# yum history summary 1..5Loaded plugins: langpacks, product-id, subscription-managerLogin user | Time | Action(s) | Altered -------------------------------------------------------------------------------Jaromir ... | Last day | Install | 1Jaromir ... | Last week | Install | 1Jaromir ... | Last 2 weeks | I, U | 73System | Last 2 weeks | I, U | 1107history summary

72

yum history summary yum history list

yum history list yum history summary root

yum history package-list glob_expression

8.22

subscription-manager

~]# yum history package-list subscription-manager\*Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerID | Action(s) | Package------------------------------------------------------------------------------- 2 | Updated | subscription-manager-1.13.22-1.el7.x86_64 EE 2 | Update | 1.15.9-15.el7.x86_64 EE 2 | Obsoleted | subscription-manager-firstboot-1.13.22-1.el7.x86_64 EE 2 | Updated | subscription-manager-gui-1.13.22-1.el7.x86_64 EE 2 | Update | 1.15.9-15.el7.x86_64 EE 2 | Obsoleting | subscription-manager-initial-setup-addon-1.15.9-15.el7.x86_64 EE 1 | Install | subscription-manager-1.13.22-1.el7.x86_64 1 | Install | subscription-manager-firstboot-1.13.22-1.el7.x86_64 1 | Install | subscription-manager-gui-1.13.22-1.el7.x86_64history package-list

subscription-managersubscription-manager-firstbootsubscription-manager-gui 3 3 1.10.11 1.10.17

8.4.2.

root yum history summary

yum history summary id

id ID

8 Yum

73

root

yum history info id

id yum

yum history info start_id..end_id

8.23 yum history info

2 1

~]# yum history info 4..5Loaded plugins: langpacks, product-id, search-disabled-repos, subscription-managerTransaction ID : 4..5Begin time : Mon Dec 7 16:51:07 2015Begin rpmdb : 1252:d2b62b7b5768e855723954852fd7e55f641fbad9End time : 17:18:49 2015 (27 minutes)End rpmdb : 1253:cf8449dc4c53fc0cbc0a4c48e496a6c50f3d43c5User : Maxim Svistunov Return-Code : SuccessCommand Line : install tigervnc-server.x86_64Command Line : reinstall tigervnc-serverTransaction performed with: Installed rpm-4.11.3-17.el7.x86_64 @rhel-7-server-rpms Installed subscription-manager-1.15.9-15.el7.x86_64 @rhel-7-server-rpms Installed yum-3.4.3-132.el7.noarch @rhel-7-server-rpmsPackages Altered: Reinstall tigervnc-server-1.3.1-3.el7.x86_64 @rhel-7-server-rpmshistory info

root

yum history addon-info id

yum history info id yum last

yum history addon-info last

8.24 yum history addon-info

74

4 yum history addon-info

~]# yum history addon-info 4Loaded plugins: langpacks, product-id, subscription-managerTransaction ID: 4Available additional history information: config-main config-repos saved_tx

history addon-info

yum history addon-info 3

config-main yum [main]

config-repos yum [repository]

saved_tx yum load-transaction ()

root

yum history addon-info id information

8.4.3.

yum history root

yum history undo id

root

yum history redo id

last

yum history undo yum history redo yum history undo ()

yum 1 root

8 Yum

75

yum -q history addon-info id saved_tx > file_name

root

yum load-transaction file_name

rpmdb load-transaction yum.conf(5) man

8.4.4.

Yum SQLite root

yum history new

/var/lib/yum/history/

8.5. Yum Yum

Red Hat System Administration III (RH254) RHCSARapid Track (RH199)

yum /etc/yum.conf [main] 1 yum 1 [repository] /etc/yum.repos.d/ .repo /etc/yum.conf [repository] [main]

/etc/yum.conf [main] yum

/etc/yum.conf [repository] /etc/yum.repos.d/ .repo

/etc/yum.conf yum /etc/yum.repos.d/

yum

yum

8.5.1. [main]

76

http://www.redhat.com/en/services/training/rh254-red-hat-system-administration-iii?cr=cp|tr|pdtxt|00004http://www.redhat.com/en/services/training/rh199-rhcsa-rapid-track-course?cr=cp|tr|pdtxt|00004

/etc/yum.conf 1 [main] yum yum /etc/yum.conf [main]

/etc/yum.conf

[main]cachedir=/var/cache/yum/$basearch/$releaseverkeepcache=0debuglevel=2logfile=/var/log/yum.logexactarch=1obsoletes=1gpgcheck=1plugins=1installonly_limit=3[ ]

# PUT YOUR REPOS HERE OR IN separate files named file.repo# in /etc/yum.repos.d

[main]

assumeyes=value

assumeyes yum value

0 ()yum

1 yum assumeyes=1 yum -y --assumeyes

cachedir=directory

yum directory yum /var/cache/yum/$basearch/$releasever/

$basearch $releasever yum Yum

debuglevel=value

yum value 1 10 debuglevel yum debuglevel=0 debuglevel=2

exactarch=value

yum value

0

8 Yum

77

1 () yum 64 32

exclude=package_name [more_package_names]

exclude glob (* ? )

gpgcheck=value

gpgcheck yum GPG value

0 GPG

1 () GPG gpgcheck

/etc/yum.conf [main] GPG gpgcheck=value GPG .repo gpgcheck=value /etc/yum.conf

GPG

group_command=value

group_command yum group installyum group upgradeyum group remove value

simple

compat simple yum upgrade

objects ()yum 8.15LibreOffice

group_package_types=package_type [more_package_types]

yum group install (optionaldefault mandatory) default mandatory

history_record=value

78

yum value

0 yum

1 () yum yum history history_record=1

yum history

yum yum rpmdb yum rpmdb history_record yum

installonlypkgs=space separated list of packages

yum yum.conf(5) man

installonlypkgs /etc/yum.conf yum.conf(5) installonlypkgs installonlypkgs () installonly_limit 2

installonly_limit=value

installonlypkgs value installonlypkgs

installonlypkgs installonly_limit /etc/yum.conf installonly_limit=3 2

keepcache=value

keepcache yum value

0 ()

1

8 Yum

79

logfile=file_name

file_name yum yum /var/log/yum.log

max_connenctions=number

value 5

multilib_policy=value

multilib_policy value

best AMD64 multilib_policy=best yum 64-bit

all AMD64 multilib_policy all yum i686 AMD64

obsoletes=value

obsoletes obsoletes obsoletes value

0 yum obsoletes

0 () yum obsoletes

plugins=value

yum value

0 yum

yum product-id subscription-manager Content Delivery Network (CDN) yum

1 () yum plugins=1 yum enabled=0

80

yum Yum Yum

reposdir=directory

directory .repo .repo (/etc/yum.conf [repository] ) yum .repo /etc/yum.conf [repository] reposdir yum /etc/yum.repos.d/

retries=value

yum value 0 0yum 10

[main] yum.conf(5) man [main] OPTIONS

8.5.2. [repository]

[repository] yum repository my_personal_repo () ID Red Hat

[repository]

[repository]name=repository_namebaseurl=repository_url

[repository]

name=repository_name

repository_name

baseurl=repository_url

repository_url repodata URL

HTTP http://path/to/repo

FTP ftp://path/to/repo

file:///path/to/local/repo

HTTP username:password@link URL http://www.example.com/repo/

8 Yum

81

user password baseurl http://user:[email protected]/repo/

URL HTTP

baseurl=http://path/to/repo/releases/$releasever/server/$basearch/os/

yum URL $releasever$arch$basearch yum Yum

[repository]

enabled=value

yum value

0

1

--enablerepo=repo_name --disablerepo=repo_name yum PackageKit /

async=value

value

auto () yum

on

off

[repository] [main] yum.conf(5) man [repository] OPTIONS

8.25 /etc/yum.repos.d/redhat.repo

/etc/yum.repos.d/redhat.repo :

## Red Hat Repositories# Managed by (rhsm) subscription-manager#

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/os

82

enabled = 1gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-source-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Source RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/source/SRPMSenabled = 0gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem

[red-hat-enterprise-linux-scalable-file-system-for-rhel-6-entitlement-debug-rpms]name = Red Hat Enterprise Linux Scalable File System (for RHEL 6 Entitlement) (Debug RPMs)baseurl = https://cdn.redhat.com/content/dist/rhel/entitlement-6/releases/$releasever/$basearch/scalablefilesystem/debugenabled = 0gpgcheck = 1gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-releasesslverify = 1sslcacert = /etc/rhsm/ca/redhat-uep.pemsslclientkey = /etc/pki/entitlement/key.pemsslclientcert = /etc/pki/entitlement/11300387955690106.pem

8.5.3. Yum

yum yum ( /etc/yum.conf /etc/yum.repos.d/ .repo )

$releasever

Red Hat Enterprise Linux yum /etc/yum.conf distroverpkg=value $releasever /etc/yum.conf yum redhat-release redhat-releaseproduct

$arch

Python os.uname() CPU$arch i586i686x86_64

8 Yum

83

$basearch

$basearch i686 i586 i386 AMD64 Intel64 x86_64

$YUM0-9

10 ( /etc/yum.conf )

/etc/yum/vars/ ($ ) 1

$osname1 Red Hat Enterprise Linux /etc/yum/vars/osname

~]# echo "Red Hat Enterprise Linux 7" > /etc/yum/vars/osname

.repo Red Hat Enterprise Linux 7

name=$osname $releasever

8.5.4.

yum ( /etc/yum.conf [main] ) yum-config-manager

yum-config-manager

yum-config-manager section

glob

yum-config-manager glob_expression

8.26 main

~]$ yum-config-manager main \*Loaded plugins: langpacks, product-id, subscription-manager================================== main ===================================[main]alwaysprompt = True

84

assumeyes = Falsebandwith = 0bugtracker_url = https://bugzilla.redhat.com/enter_bug.cgi?product=Red%20Hat%20Enterprise%20Linux%206&component=yumcache = 0[]

8.5.5. Yum

Red Hat System Administration III (RH254)

[repository] yum yum-config-manager

Red Hat Subscription Management Content Delivery Network(CDN) /etc/yum.repos.d/redhat.repo Red Hat

Yum

[repository] /etc/yum.conf /etc/yum.repos.d/ .repo yum .repo /etc/yum.conf

Red Hat Content Delivery Network (CDN)

Yum .repo root

yum-config-manager --add-repo repository_url

repository_url .repo

8.27 example.repo

8 Yum

85

http://www.redhat.com/en/services/training/rh254-red-hat-system-administration-iii?cr=cp|tr|pdtxt|00004

http://www.example.com/example.repo

~]# yum-config-manager --add-repo http://www.example.com/example.repoLoaded plugins: langpacks, product-id, subscription-manageradding repo from: http://www.example.com/example.repograbbing file http://www.example.com/example.repo to /etc/yum.repos.d/example.repoexample.repo | 413 B 00:00repo saved to /etc/yum.repos.d/example.repo

Yum

root

yum-config-manager --enable repository

repository ID ( ID yum repolist all )glob

yum-config-manager --enable glob_expression

8.28 /etc/yum.conf

[example][example-debuginfo][example-source]

~]# yum-config-manager --enable example\*Loaded plugins: langpacks, product-id, subscription-manager============================== repo: example ==============================[example]bandwidth = 0base_persistdir = /var/lib/yum/repos/x86_64/7Serverbaseurl = http://www.example.com/repo/7Server/x86_64/cache = 0cachedir = /var/cache/yum/x86_64/7Server/example[]

8.29

/etc/yum.conf /etc/yum.repos.d/

~]# yum-config-manager --enable \*Loaded plugins: langpacks, product-id, subscription-manager============================== repo: example ==============================[example]bandwidth = 0

86

base_persistdir = /var/lib/yum/repos/x86_64/7Serverbaseurl = http://www.example.com/repo/7Server/x86_64/cache = 0cachedir = /var/cache/yum/x86_64/7Server/example[]

yum-config-manager --enable

Yum

yum root

yum-config-manager --disable repository

repository ID ( ID yum repolist all )yum-config-manager --enable glob

yum-config-manager --disable glob_expression

8.30

/etc/yum.conf /etc/yum.repos.d/

~]# yum-config-manager --disable \*Loaded plugins: langpacks, product-id, subscription-manager============================== repo: example ==============================[example]bandwidth = 0base_persistdir = /var/lib/yum/repos/x86_64/7Serverbaseurl = http://www.example.com/repo/7Server/x86_64/cache = 0cachedir = /var/cache/yum/x86_64/7Server/example[]

yum-config-manager --disable

8.5.6. Yum

yum

1. root createrepo

yum install createrepo

2. /mnt/local_repo/ 1

3.

createrepo --database /mnt/local_repo

8 Yum

87

yum sqlite yum

8.5.7. Optional Supplementary

Optional Supplementary (Optional ) (Supplementary ) Red Hat Enterprise Linux

Optional Supplementary Red Hat Optional Supplementary -devel

8.6. Yum

Yum yum Yum

~]# yum info yumLoaded plugins: langpacks, product-id, subscription-manager[]

Loaded plugins --disableplugins=plugin_name

8.6.1. Yum

yum plugins= /etc/yum.conf [main] 1

plugins=1

plugins=0

yum product-id subscription-manager Content Delivery Network (CDN) yum

/etc/yum/pluginconf.d/ aliases aliases.conf

[main]enabled=1

88

https://access.redhat.com/support/offerings/production/scope_moredetail/https://access.redhat.com/solutions/392003

/etc/yum.conf enabled= yum [main]

/etc/yum.conf enabled=0

1 yum yum --noplugins

1 yum 1 yum --disableplugin=plugin_name aliases

~]# yum update --disableplugin=aliases

--disableplugin= yum Loaded plugins glob

~]# yum update --disableplugin=aliases,lang*

8.6.2. Yum

yum yum-plugin-plugin_name kabi kabi-yum-plugins yum yum-aliases

~]# yum install yum-plugin-aliases

8.6.3. yum

yum

search-disabled-repos (subscription-manager)

search-disabled-repos Yum Yum subscription-manager

8 Yum

89

yum --assumeyes -y assumeyes /etc/yum.conf

search-disabled-repos /etc/yum/pluginconf.d/search-disabled-repos.conf [main]

8.3 search-disabled-repos.conf

enabled=value value 1 () 0 ()

notify_only=value value 1 (Yum ) 0 (Yum )

ignored_repos=repositories

kabi (kabi-yum-plugins)

kabi Red Hat kernel Application BinaryInterface (kABI) enforcing

kabi /etc/yum/pluginconf.d/kabi.conf [main]

8.4 kabi.conf

enabled=value value 1 () 0 ()

whitelists=directory directory kabi kernel-abi-whitelists (/usr/lib/modules/kabi-rhel70/ )

enforce=value enforcing value 1 () 0 () kabi

product-id (subscription-manager)

90

product-id Content Delivery Network () product-id

langpacks (yum-langpacks)

langpacks langpacks

aliases (yum-plugin-aliases)

aliases yum alias

yum-changelog (yum-plugin-changelog)

yum-changelog --changelog

yum-tmprepo (yum-plugin-tmprepo)

yum-tmprepo URL 1 --tmprepo gpg

yum-verify (yum-plugin-verify)

yum-verify verifyverify-rpmverify-all

yum-versionlock (yum-plugin-versionlock)

yum-versionlock versionlock

8.7.


yum(8) yum man

yumdb(8) yumdb man yum

yum.conf(5) yum.conf man yum

yum-utils(1) yum-utils man yum yum

8 Yum

91

Yum Guides Yum Guides

Red Hat Access Labs Red Hat Access Labs Yum Repository Configuration Helper

5 su sudo

A RPM Red Hat Enterprise Linux RPM PackageManager (RPM)

92

http://yum.baseurl.org/wiki/Guideshttps://access.redhat.com/labs/

IV.


IV.

93

9 systemd

9.1. systemd

Systemd Linux SysV initRed Hat Enterprise Linux 7 systemd Upstart init

Systemd systemd units unit 9.2Systemd Unit 1 unit init systemd unit 9.1 systemd Unit

9.1 systemd Unit

Unit Service unit .service Target unit .target systemd unit Automount unit .automount Device unit .device Mount unit .mount Path unit .path

Scope unit .scope Slice unit .slice

unit Snapshot unit .snapshot systemd Socket unit .socket Swap unit .swap Timer unit .timer systemd

9.2 Systemd Unit

/usr/lib/systemd/system/ RPM systemdunit

/run/systemd/system/ systemd unit unit

/etc/systemd/system/ systemctl enable systemd unit unit runtime unit

9.1.1.

Red Hat Enterprise Linux 7 systemd

94

systemd systemd

Systemd socket units

D-Bus Systemd D-Bus

Systemd device units

Systemd pa

7 Red Hat Enterprise Linux Hat Enterprise Linux 7 システム管理者のガイド Red Hat...

Documents

Transcript of 7 Red Hat Enterprise Linux Hat Enterprise Linux 7 システム管理者のガイド Red Hat...