安装 Rocky Linux 9.0
设置语言为:中文 — 简体中文(中国)
注意: 默认 Rocky Linux 9.0 安全设置禁用了 SSH 使用 root 密码登录了,所以在设置 root 用户密码的时候,记得勾选[允许 root 用户使用密码进行 SSH 登录]
开始安装
安装完成,点击[重启系统]
内核升级到了5.14
登录成功
防火墙配置
# 启动防火墙
[root@localhost ~]# systemctl start firewalld
# 停止防火墙
[root@localhost ~]# systemctl stop firewalld
# 禁用防火墙
[root@localhost ~]# systemctl disable firewalld
# 启用防火墙
[root@localhost ~]# systemctl enable firewalld
SELinux配置
# 禁用SELinux[root@localhost ~]# setenforce 0
[root@localhost ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config
# 内核层禁用
[root@localhost ~]# grubby --update-kernel ALL --args selinux=0
# 查看是否禁用
[root@localhost ~]# grubby --info DEFAULT
index=0
kernel="/boot/vmlinuz-5.14.0-70.13.1.el9_0.x86_64"
args="ro crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap selinux=0"
root="/dev/mapper/rl-root"
initrd="/boot/initramfs-5.14.0-70.13.1.el9_0.x86_64.img"
title="Rocky Linux (5.14.0-70.13.1.el9_0.x86_64) 9.0 (Blue Onyx)"
id="0af0a3c0bc4946a6bb4cc8daa8c8a1f7-5.14.0-70.13.1.el9_0.x86_64"
# 回滚内核层禁用操作
[root@localhost ~]# grubby --update-kernel ALL --remove-args selinux
网络配置
配置 IPv4
在登录 Rocky Linux 9.0 后,您可用会发现以前传统的通过/etc/sysconfig/network-scripts
配置网卡信息,Rocky Linux 9.0 下已经没有对应网卡的配置文件了,我们可以通过nmcli
命令进行配置。
# 查看设备信息
[root@localhost ~]# nmcli device
DEVICE TYPE STATE CONNECTION
ens18 ethernet connecting (getting IP configuration) ens18
lo loopback unmanaged --
# 配置 IPv4 地址
[root@localhost ~]# nmcli connection modify ens18 ipv4.addresses 192.168.11.144/24
# 配置 IPv4网关
[root@localhost ~]# nmcli connection modify ens18 ipv4.gateway 192.168.11.254
# 配置 IPv4 DNS,多个 DNS IP 之间使用双引号 + 空格
[root@localhost ~]# nmcli connection modify ens18 ipv4.dns "114.114.114.114 223.6.6.6"
# 设置 DNS 基础搜索,多个域名之间使用双引号 + 空格
[root@localhost ~]# nmcli connection modify ens18 ipv4.dns-search "rockylinux.cn rockylinux.org"
# 重新加载网络配置
[root@localhost ~]# nmcli connection down ens18; nmcli connection up ens18
# 查看接口配置信息
[root@localhost ~]# nmcli device show ens18
GENERAL.DEVICE: ens18
GENERAL.TYPE: ethernet
GENERAL.HWADDR: AA:6C:33:A3:47:FE
GENERAL.MTU: 1500
GENERAL.STATE: 70 (connecting (getting IP configuration))
GENERAL.CONNECTION: ens18
GENERAL.CON-PATH: /org/freedesktop/NetworkManager/ActiveConnection/15
WIRED-PROPERTIES.CARRIER: on
IP4.ADDRESS[1]: 192.168.11.144/24
IP4.GATEWAY: 192.168.11.254
IP4.ROUTE[1]: dst = 172.16.11.0/24, nh = 0.0.0.0, mt = 100
IP4.ROUTE[2]: dst = 0.0.0.0/0, nh = 192.168.11.254, mt = 100
IP4.DNS[1]: 114.114.114.114
IP6.ADDRESS[1]: fe80::a86c:33ff:fea3:47fe/64
IP6.GATEWAY: --
IP6.ROUTE[1]: dst = fe80::/64, nh = ::, mt = 1024
# 查看IP[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether aa:6c:33:a3:47:fe brd ff:ff:ff:ff:ff:ff
altname enp0s18
inet 192.168.11.144/24 brd 172.16.11.255 scope global noprefixroute ens18
valid_lft forever preferred_lft forever
inet6 fe80::a86c:33ff:fea3:47fe/64 scope link noprefixroute
valid_lft forever preferred_lft forever
# 配置DHCP
[auto][root@localhost ~]# nmcli connection modify enp1s0 ipv4.method manual
# 查看配置文件,如果需要配置多IP,可以修改此配置文件。
[root@localhost ~]# cat /etc/NetworkManager/system-connections/ens18.nmconnection
[connection]
id=ens18
uuid=7f49fd62-02d9-323e-8f35-0c8249647a74
type=ethernet
autoconnect-priority=-999
interface-name=ens18
timestamp=1669365850
[ethernet]
[ipv4]address1=192.168.11.144/24,192.168.11.254
# address2=192.168.11.145/24,192.168.11.254
dns=114.114.114.114;223.6.6.6;
dns-search=rockylinux.cn;rockylinux.org;
method=auto
[ipv6]
addr-gen-mode=eui64
method=auto
[proxy]
# 查看网络连接
[root@localhost ~]# nmcli connection
NAME UUID TYPE DEVICE
ens18 7f49fd62-02d9-323e-8f35-0c8249647a74 ethernet ens18
# 重启网络
[root@localhost ~]# systemctl restart NetworkManager
[root@localhost ~]# systemctl status NetworkManager
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-11-25 03:52:19 EST; 5s ago
Docs: man:NetworkManager(8)
Main PID: 2002 (NetworkManager)
Tasks: 4 (limit: 48930)
Memory: 2.9M
CPU: 105ms
CGroup: /system.slice/NetworkManager.service
└─2002 /usr/sbin/NetworkManager --no-daemon
禁用 IPv6
# 因为我们用不到IPv6,所以禁用IPv6
[root@localhost ~]# grubby --update-kernel ALL --args ipv6.disable=1
# 回滚内核层禁用操作
[root@localhost ~]# grubby --update-kernel ALL --remove-args ipv6.disable
# 验证内核参数是否禁用IPv6
[root@localhost ~]# grubby --info DEFAULT
index=0kernel="/boot/vmlinuz-5.14.0-70.13.1.el9_0.x86_64"
args="ro crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap ipv6.disable=1"
root="/dev/mapper/rl-root"
initrd="/boot/initramfs-5.14.0-70.13.1.el9_0.x86_64.img"
title="Rocky Linux (5.14.0-70.13.1.el9_0.x86_64) 9.0 (Blue Onyx)"
id="0af0a3c0bc4946a6bb4cc8daa8c8a1f7-5.14.0-70.13.1.el9_0.x86_64"
# 重启,生效配置
[root@localhost ~]# reboot
设置时区
timedatectl set-timezone Asia/Shanghai
文章来源:https://www.cnaaa.net,转载请注明出处:https://www.cnaaa.net/archives/7907