openEuler 系统及进程管理1

Other 其他技术问题
1

6.1 实验介绍

6.1.1 实验介绍

本实验主要介绍 openEuler 的计划任务、系统管理和服务管理等内容。

6.1.2 实验目标

掌握系统任务管理方法;

掌握 openEuler 网络管理配置;

掌握 openEuler 系统服务管理。

6.2 任务管理

6.2.1 临时任务管理

步骤 1

使用 putty 登录虚拟机。

步骤 2

执行如下命令添加单次任务,输入完成后按组合键 Ctrl-D。

[root@openEuler ~]# at now+5min

warning: commands will be executed using /bin/sh

at> echo “aaa” >> /tmp/at.log

at> echo “bbb” >> /tmp/at.log

at> date >> /tmp/at.log

at>

#此处按 Ctrl+D 组合键

job 1 at Thu Jul 2 11:21:00 2020

[root@openEuler ~]# at 22:00

warning: commands will be executed using /bin/sh

at> pwd >> /tmp/check.log

at>

#此处按 Ctrl+D 组合键

job 2 at Thu Jul 2 22:00:00 2020

步骤 3

执行如下命令查询任务列表。

[root@openeuler ~]# atq

#左侧数字表示任务 ID

2 Thu Jul 2 22:00:00 2020 a root

1 Thu Jul 2 11:21:00 2020 a root

步骤 4

执行如下命令查看任务详细信息。HCIA-openEuler 实验指导手册

第 107 页

[root@openEuler ~]# at -c 1

#!/bin/sh

atrun uid=0 gid=0

mail root 0

umask 77

SHELL=/bin/bash; export SHELL

HISTCONTROL=; export HISTCONTROL

HISTSIZE=1000; export HISTSIZE

HOSTNAME=openEuler; export HOSTNAME

HISTTIMEFORMAT=; export HISTTIMEFORMAT

GOMP_CPU_AFFINITY=0-1; export GOMP_CPU_AFFINITY

PWD=/root; export PWD

LOGNAME=root; export LOGNAME

XDG_SESSION_TYPE=tty; export XDG_SESSION_TYPE

HOME=/root; export HOME

SSH_ASKPASS=/usr/libexec/openssh/gnome-ssh-askpass; export SSH_ASKPASS

LANG=en_US.UTF-8; export LANG

PROMPT_COMMAND=openEuler_history; export PROMPT_COMMAND

SSH_CONNECTION=172.19.130.180\ 51500\ 192.168.110.248\ 22; export SSH_CONNECTION

XDG_SESSION_CLASS=user; export XDG_SESSION_CLASS

SELINUX_ROLE_REQUESTED=; export SELINUX_ROLE_REQUESTED

USER=root; export USER

SELINUX_USE_CURRENT_RANGE=; export SELINUX_USE_CURRENT_RANGE

SHLVL=1; export SHLVL

XDG_SESSION_ID=3; export XDG_SESSION_ID

XDG_RUNTIME_DIR=/run/user/0; export XDG_RUNTIME_DIR

SSH_CLIENT=172.19.130.180\ 51500\ 22; export SSH_CLIENT

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin; export PATH

SELINUX_LEVEL_REQUESTED=; export SELINUX_LEVEL_REQUESTED

DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/0/bus; export

DBUS_SESSION_BUS_ADDRESS

MAIL=/var/spool/mail/root; export MAIL

SSH_TTY=/dev/pts/0; export SSH_TTY

OLDPWD=/root; export OLDPWD

cd /root || {

echo ‘Execution directory inaccessible’ >&2

exit 1

}

${SHELL:-/bin/sh} << ‘marcinDELIMITER42ada33e’

echo “aaa” >> /tmp/at.log

echo “bbb” >> /tmp/at.log

date >> /tmp/at.log

marcinDELIMITER42ada33e

步骤 5

执行如下命令删除临时任务。

[root@openEuler ~]# atrm 2

[root@openEuler ~]# atq

#若前述步骤操作的慢,可能导致此处查询没有任务

[root@openEuler ~]# cat /tmp/at.log #可以查看第一个临时任务执行结果HCIA-openEuler 实验指导手册

第 108 页

aaa

bbb

Thu Jul 2 11:21:00 CST 2020

6.2.2 周期任务管理

步骤 1

执行如下步骤管理周期任务。

[root@openeuler ~]# crontab -l #查询系统当前用户的 cron 定时任务

no crontab for root

[root@openeuler ~]#crontab -e #crontab 将会打开一个编辑器,请在编辑器中输入如下内容,保存

退出

5 * * * * date >> /tmp/croncheck.log

*/2 * * * * id >> /tmp/cronuser.log

[root@openeuler ~]# crontab -l #查询系统当前用户的 cron 定时任务

5 * * * * date >> /tmp/croncheck.log

*/2 * * * * id >> /tmp/cronuser.log

[root@openEuler ~]# crontab -r #删除当前用户的所有计划任务

[root@openEuler ~]# crontab -l

no crontab for root

任务:创建一个计划任务,周一到周五的晚上 1 点到 2 点,每隔五分钟执行

往/mnt/test.txt 里面记录一下当前系统时间。

6.3 网络管理

6.3.1 主机名管理

步骤 1

执行如下命令查看主机名。

[root@openEuler ~]# hostname

openEuler

[root@openEuler ~]# cat /etc/hostname

#这个文件是主机名的配置文件

openEuler

步骤 2

执行如下命令临时修改主机名。

[root@openEuler ~]# hostname huawei

#临时修改主机名,重启失效

[root@openEuler ~]# hostname

huawei

[root@openEuler ~]# bash

#重新启动一个会话

Welcome to 4.19.90-2003.4.0.0036.oe1.x86_64

System information as of time: Thu Jul 2 11:45:09 CST 2020

System load: 0.00

Processes: 178

Memory used: 18.5%

Swap used: 0.0%

Usage On: 9%

IP address: 192.168.110.248

Users online: 2HCIA-openEuler 实验指导手册

第 109 页

[root@huawei ~]#

#可以看到前面的提示符里,主机名已经变成了 huawei

[root@huawei ~]# exit

exit

[root@openEuler ~]#

步骤 3

执行如下步骤永久修改主机名。

方法一:

[root@openEuler ~]# hostnamectl set-hostname huawei

#此种方法不需要重启,重新登 即

方法二:

[root@openEuler ~]# vim /etc/hostname

#修改此文件中主机名,保存退出即可,需要重启才可以生效。

[root@openEuler ~]# reboot

6.3.2 网 络管理

步骤 1

执行如下步骤使用 IP 命令修改网卡 IP 地址。

[root@openEuler ~]# ip addr show #显示当前主机的 IP 信息

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default

qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group

default qlen 1000

link/ether 28:6e:d4:8a:2b:b6 brd ff:ff:ff:ff:ff:ff

inet 192.168.110.247/24 brd 192.168.110.255 scope global dynamic noprefixroute enp4s0

valid_lft 847084sec preferred_lft 847084sec

inet6 fe80::382e:b477:10e8:f0b6/64 scope link noprefixroute

valid_lft forever preferred_lft forever

3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0

valid_lft forever preferred_lft forever

4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

[root@openEuler ~]# ip addr add 192.168.110.100/24 dev enp4s0

[root@openEuler ~]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default

qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope hostHCIA-openEuler 实验指导手册

第 110 页

valid_lft forever preferred_lft forever

2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group

default qlen 1000

link/ether 28:6e:d4:8a:2b:b6 brd ff:ff:ff:ff:ff:ff

inet 192.168.110.247/24 brd 192.168.110.255 scope global dynamic noprefixroute enp4s0

valid_lft 846990sec preferred_lft 846990sec

inet 192.168.110.100/24 scope global secondary enp4s0

valid_lft forever preferred_lft forever

inet6 fe80::382e:b477:10e8:f0b6/64 scope link noprefixroute

valid_lft forever preferred_lft forever

3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0

valid_lft forever preferred_lft forever

4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

[root@openEuler ~]# ip addr del 192.168.110.100/24 dev enp4s0

[root@openEuler ~]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default

qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group

default qlen 1000

link/ether 28:6e:d4:8a:2b:b6 brd ff:ff:ff:ff:ff:ff

inet 192.168.110.247/24 brd 192.168.110.255 scope global dynamic noprefixroute enp4s0

valid_lft 846884sec preferred_lft 846884sec

inet6 fe80::382e:b477:10e8:f0b6/64 scope link noprefixroute

valid_lft forever preferred_lft forever

3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0

valid_lft forever preferred_lft forever

4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc fq_codel master virbr0 state DOWN

group default qlen 1000

link/ether 52:54:00:69:ec:cd brd ff:ff:ff:ff:ff:ff

步骤 2

执行如下命令配置静态路由。

[root@openEuler ~]# ip route

default via 192.168.110.254 dev enp4s0 proto dhcp metric 100

192.168.110.0/24 dev enp4s0 proto kernel scope link src 192.168.110.247 metric 100

192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

[root@openEuler ~]# ip route add 192.168.2.1 via 192.168.110.254 dev enp4s0HCIA-openEuler 实验指导手册

第 111 页

[root@openEuler ~]# ip route

default via 192.168.110.254 dev enp4s0 proto dhcp metric 100

192.168.2.1 via 192.168.110.254 dev enp4s0

192.168.110.0/24 dev enp4s0 proto kernel scope link src 192.168.110.247 metric 100

192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown

步骤 3

执行如下步骤使用 nmcli 命令修改主机 IP 地址。

[root@openEuler ~]# nmcli general status

STATE CONNECTIVITY WIFI-HW WIFI WWAN-HW WWAN

connected full enabled enabled enabled enabled

[root@openEuler ~]# nmcli connection show

NAME UUID TYPE DEVICE

enp4s0 90dbef32-15b2-3400-81c7-f98ece257a55 ethernet enp4s0

virbr0 d798e4ce-2296-4b6e-9dba-9a4b994d0b82 bridge virbr0

[root@openEuler ~]# nmcli device status

DEVICE TYPE STATE CONNECTION

enp4s0 ethernet connected enp4s0

virbr0 bridge connected virbr0

lo loopback unmanaged –

virbr0-nic tun unmanaged –

[root@openEuler ~]# nmcli con add type ethernet con-name net-static ifname enp4s0

ip4 192.168.110.10/24 gw4 192.168.110.254

[root@openEuler ~]# nmcli con up net-static ifname enp4s0

步骤 4

执行如下步骤使用 nmcli 命令配置静态路由。

[root@openEuler ~]# nmcli connection modify enp4s0 +ipv4.routes "192.168.100.0/24

192.168.110.254"

步骤 5

执行如下步骤通过修改 ifcfg 文件修改主机 IP 地址。

[root@openEuler ~]# cat /etc/sysconfig/network-scripts/ifcfg-enp4s0

TYPE=Ethernet

#配置文件接口类型

PROXY_METHOD=none

#代理方式

BROWSER_ONLY=no

#只浏览

BOOTPROTO=dhcp

#系统启动地址协议

DEFROUTE=yes

#默认路由

IPV4_FAILURE_FATAL=no

#是否一定要进行 ipv4 检查

IPV6INIT=yes

#是否执行 IPv6

IPV6_AUTOCONF=yes

#IPv6 自动配置

IPV6_DEFROUTE=yes

#IPv6 默认路由

IPV6_FAILURE_FATAL=no

#是否一定要进行 ipv6 检查

IPV6_ADDR_GEN_MODE=stable-privacy

#I Pv6 地址生成方式

NAME=enp4s0

#网络连接的名字

UUID=90dbef32-15b2-3400-81c7-f98ece257a55

#设备 UUID

ONBOOT=yes

#随系统启动

AUTOCONNECT_PRIORITY=-999

#自动连接优先级

DEVICE=enp4s0

#物理设备的名字

###配置网络时可以将 dhcp 修改成 static 或者 none,然后增加如下信息:

IPADDR=192.168.100.11HCIA-openEuler 实验指导手册

第 112 页

NETMASK=255.255.255.0

GATEWAY=192.168.110.254

DNS1=114.114.114.114

###如何生效

[root@openEuler ~]# ifdown enp4s0

[root@openEuler ~]# ifup enp4s0

步骤 6

执行如下命令修改/etc/resolv.conf,用来指向 DNS 服务器地址。

[root@openEuler ~]# dnf -y install bind-utils

[root@openEuler ~]# vim /etc/resolv.conf

nameserver 192.168.137.1

#改文件的格式是 nameserver IP ,IP 地址为 DNS 服务器 IP

#修改完成后保存退出

[root@openEuler ~]# nslookup openeuler.org

Server: 192.168.137.1

Address: 192.168.137.1#53

Non-authoritative answer:

Name: openeuler.org

Address: 159.138.7.136

[root@openEuler ~]# ping openeuler.org -c 3

PING openeuler.org (159.138.7.136) 56(84) bytes of data.

64 bytes from ecs-159-138-7-136.compute.hwclouds-dns.com (159.138.7.136): icmp_seq=1

ttl=40 time=52.3 ms

64 bytes from ecs-159-138-7-136.compute.hwclouds-dns.com (159.138.7.136): icmp_seq=2

ttl=40 time=51.8 ms

64 bytes from ecs-159-138-7-136.compute.hwclouds-dns.com (159.138.7.136): icmp_seq=3

ttl=40 time=52.5 ms

openeuler.org ping statistics —

3 packets transmitted, 3 received, 0% packet loss, time 2005ms

rtt min/avg/max/mdev = 51.764/52.157/52.452/0.289 ms

步骤 7

执行如下命令修改/etc/hosts。

[root@openEuler ~]# vim /etc/hosts #hosts 是系统中一个负责 IP 地址与域名快速解析的文件,在最

后新增一行,输入如下信息:

159.138.7.136 server

#新增这一行,完成后保存退出

[root@openEuler ~]# ping server -c 3

PING server (159.138.7.136) 56(84) bytes of data.

64 bytes from server (159.138.7.136): icmp_seq=1 ttl=40 time=53.3 ms

64 bytes from server (159.138.7.136): icmp_seq=2 ttl=40 time=51.3 ms

64 bytes from server (159.138.7.136): icmp_seq=3 ttl=40 time=52.4 ms

— server ping statistics —

3 packets transmitted, 3 received, 0% packet loss, time 2005ms

rtt min/avg/max/mdev = 51.288/52.351/53.338/0.838 msHCIA-openEuler 实验指导手册

第 113 页

6.4 防火墙管理

步骤 1

查看防火墙状态。

[root@openEuler ~]# service iptables save

iptables: Saving firewall rules to /etc/sysconfig/iptables: [ OK ]

[root@openEuler ~]# systemctl status firewalld.service

● firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)

Active: inactive (dead) since Fri 2020-07-31 10:51:17 CST; 5h 17min ago

Docs: man:firewalld(1)

Main PID: 1908 (code=exited, status=0/SUCCESS)

Jul 08 11:19:39 localhost.localdomain systemd[1]: Starting firewalld - dynamic firewall

daemon…

Jul 08 11:19:40 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.

Jul 31 10:51:15 openEuler systemd[1]: Stopping firewalld - dynamic firewall daemon…

Jul 31 10:51:17 openEuler systemd[1]: firewalld.service: Succeeded.

Jul 31 10:51:17 openEuler systemd[1]: Stopped firewalld - dynamic firewall daemon.

[root@openEuler ~]# iptables -L

Chain INPUT (policy ACCEPT)

target prot opt source destination

Chain FORWARD (policy ACCEPT)

target prot opt source destination

Chain OUTPUT (policy ACCEPT)

target prot opt source destination

######iptables 默认的规则链######

INPUT:处理入站数据包

OUTPUT:处理出站数据包

FORWARD:处理转发数据包

POSTROUTING 链:在进行路由选择后处理数据包

PREROUTING 链:在进行路由选择前处理数据包

步骤 2

启动防火墙

[root@openEuler ~]# systemctl start firewalld.service

#启动防火墙服务

[root@openEuler ~]# firewall-cmd --version

#查看防火墙 firewalld 版本

0.6.2

[root@openEuler ~]# firewall-cmd --help

#查看帮助

[root@openEuler ~]# firewall-cmd --state

#查看运行状态

running

[root@openEuler ~]# firewall-cmd --list-all

#查看防火墙配置信息

public (active)

target: default

icmp-block-inversion: no

interfaces: enp4s0HCIA-openEuler 实验指导手册

第 114 页

sources:

services: ssh mdns dhcpv6-client

ports:

protocols:

masquerade: no

forward-ports:

source-ports:

icmp-blocks:

rich rules:

步骤 3

配置防火墙放通规则

[root@openEuler ~]# firewall-cmd --panic-on

#拒绝所有包

[root@openEuler ~]# firewall-cmd --panic-off

#取消拒绝所有包

[root@openEuler ~]# firewall-cmd --query-panic

#查看是否拒绝

[root@openEuler ~]# firewall-cmd --reload

#更新防火墙规则,无需断开

[root@openEuler ~]# firewall-cmd --zone=public --add-interface=enp4s0

#将网口添加到

区域,默认都在 public

[root@openEuler ~]# firewall-cmd --set-default-zone=public

#设置默认接口区域

[root@openEuler ~]# [root@openEuler ~]# firewall-cmd --zone=public --list-ports

#查

看所有打开的端口

[root@openEuler ~]# firewall-cmd --zone=public --add-port=8080/tcp --permanent #永久打

开 tcp 8080 端口

[root@openEuler ~]# [root@openEuler ~]# firewall-cmd --zone=public --add-service=http

#打开一个服务

[root@openEuler ~]# systemctl restart firewalld.service

[root@openEuler ~]# firewall-cmd --list-all

public (active)

target: default

icmp-block-inversion: no

interfaces: enp4s0

sources:

services: ssh mdns dhcpv6-client http

ports: 8080/tcp

protocols:

masquerade: no

forward-ports:

source-ports:

icmp-blocks:

rich rules:

6.5 服务管理

6.5.1 管理系 服统 务

步骤 1

显示当前服务。

[root@openEuler ~]# systemctl list-units --type service

UNIT

LOAD ACTIVE SUB DESCRIPTIONHCIA-openEuler 实验指导手册

第 115 页

atd.service

loaded

active

running Deferred execution scheduler

auditd.service

loaded active

running Security Auditing Service

chronyd.service

loaded active

running NTP client/server

crond.service

loaded active

running Command Scheduler

dbus.service

loaded active

running D-Bus System Message Bus

dkms.service

loaded active

exited Builds and install new kernel modules

throug

dracut-shutdown.service

loaded active

exited Restore /run/initramfs on shutdown

firewalld.service

loaded active

running firewalld - dynamic firewall daemon

getty@tty1.service

loaded active

running Getty on tty1

gssproxy.service

loaded active

running GSSAPI Proxy Daemon

hwclock-save.service

loaded active

exited Update RTC With System Clock

步骤 2

显示服务状态,如防火墙服务。

[root@openEuler ~]# systemctl status firewalld.service

#查看服务状态

● firewalld.service - firewalld - dynamic firewall daemon

Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)

Active: active (running) since Mon 2020-07-06 09:52:14 CST; 5h 33min ago

Docs: man:firewalld(1)

Main PID: 1863 (firewalld)

Tasks: 2

Memory: 61.3M

CGroup: /system.slice/firewalld.service

└─1863 /usr/bin/python3 /usr/sbin/firewalld --nofork --nopid

Jul 06 09:52:13 openEuler systemd[1]: Starting firewalld - dynamic firewall daemon…

Jul 06 09:52:14 openEuler systemd[1]: Started firewalld - dynamic firewall daemon.

[root@openEuler ~]# systemctl is-active firewalld.service #查看服务是否运行

active

[root@openEuler ~]# systemctl is-enabled firewalld.service

#查看服务是否被启用

enabled

步骤 3

终止服务,如防火墙服务。

[root@openEuler ~]# systemctl stop firewalld.service

[root@openEuler ~]# systemctl is-active firewalld.service

inactive

步骤 4

重启服务,如防火墙。

[root@openEuler ~]# systemctl restart firewalld.service

[root@openEuler ~]# systemctl is-active firewalld.service

active

步骤 5

禁用服务,如防火墙。

[root@openEuler ~]# systemctl disable firewalld.service

Removed /etc/systemd/system/multi-user.target.wants/firewalld.service.

Removed /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

[root@openEuler ~]# systemctl is-enabled firewalld.serviceHCIA-openEuler 实验指导手册

第 116 页

disabled

步骤 6

启用服务,如防火墙

[root@openEuler ~]# systemctl enable firewalld.service

Created symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service →

/usr/lib/systemd/system/firewalld.service.

Created symlink /etc/systemd/system/multi-user.target.wants/firewalld.service →

/usr/lib/systemd/system/firewalld.service.

[root@openEuler ~]# systemctl is-enabled firewalld.service

enabledHCIA-openEuler 实验指导手册

第 117 页

7