ubuntu basic

2023-11-11 2601 words 6 minutes

Contents

ubuntu 基础

一、apt源

修改apt源为国内源，主配置文件：/etc/apt/sources.list，配置文件目录：/etc/apt/sources.d，以1804为例。

# 修改 /etc/apt/sources.list

deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

修改命令

sudo sed -i "s@http://.*archive.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list
sudo sed -i "s@http://.*security.ubuntu.com@http://repo.huaweicloud.com@g" /etc/apt/sources.list

apt 使用问题

1）apt-get安装中的E: Sub-process /usr/bin/dpkg returned an error code (1)问题

参考网址：https://www.cnblogs.com/orzs/p/10844869.html

cd /var/lib/dpkg/
sudo mv info/ info_bak          # 现将info文件夹更名
sudo mkdir info                 # 再新建一个新的info文件夹
sudo apt-get update             # 更新
sudo apt-get -f install         # 修复
sudo mv info/* info_bak/        # 执行完上一步操作后会在新的info文件夹下生成一些文件，现将这些文件全部移到info_bak文件夹下
sudo rm -rf info                # 把自己新建的info文件夹删掉
sudo mv info_bak info           # 把以前的info文件夹重新改回名

2）Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend)

解决办法：
第一种情况：
进程中存在与apt相关的正在运行的进程：
首先检查是否在运行apt,apt-get相关的进程
ps aux | grep -i apt
如果存在与apt相关的正在运行的进程，kill掉进程；

sudo kill -9 <process id>
或者直接简单粗暴的：

sudo killall apt apt-get 
如果进行完上面的步骤还是无法顺利执行apt-get 操作，则属于第二种情况：

第二种情况：
进程列表中已经没有与apt,apt-get相关的进程在运行，但依然报错，在这种情况下，产生错误的根本原因是lock file。 loack file用于防止两个或多个进程使用相同的数据。 当运行apt或apt-commands时，它会在几个地方创建lock files。 当前一个apt命令未正确终止时，lock file未被删除，因此它们会阻止任何新的apt / apt-get命令实例，比如正在执行apt-get upgrade，在执行过程中直接ctrl+c取消了该操作，很有可能就会造成这种情况。
要解决此问题，首先要删除lock file。
使用lsof命令获取持有lock file的进程的进程ID,依次运行如下命令：
lsof /var/lib/dpkg/lock
lsof /var/lib/apt/lists/lock
lsof /var/cache/apt/archives/lock
需要注意的是，以上命令执行结果如果无返回，说明没有正在运行的进程；如果返回了相应的进程，需要kill掉。

删除所有的lock file
sudo rm /var/lib/apt/lists/lock
sudo rm /var/cache/apt/archives/lock
sudo rm /var/lib/dpkg/lock
最后重新配置一下dpkg：

sudo dpkg --configure -a
如果上述命令不出任何错误，就万事大吉了。（我是到这里问题就解决了）

但是有时候，生活总是嫌你不够惨，执行配置命令时可能会出现以下错误：

dpkg: error: dpkg frontend is locked by another process
这需要我们额外进行一些操作：

找出正在锁定lock file的进程：
lsof /var/lib/dpkg/lock-frontend
kill掉输出的进程（如果输出为空则忽略）
sudo kill -9 PID
删除lock file并重新配置dpkg:
sudo rm /var/lib/dpkg/lock-frontend
sudo dpkg --configure -a

升级系统

ubuntu 1804 升级到2004

1）切换apt源

deb http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-security main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-updates main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-proposed main restricted universe multiverse

deb http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ bionic-backports main restricted universe multiverse

2）更新和重启系统

apt update
apt upgrade 

reboot

3）更新系统

do-release-upgrade

Reading cache

Checking package manager

Continue running under SSH? 

This session appears to be running under ssh. It is not recommended 
to perform a upgrade over ssh currently because in case of failure it 
is harder to recover. 

If you continue, an additional ssh daemon will be started at port 
'1022'. 
Do you want to continue? 

Continue [yN] y

Starting additional sshd 

To make recovery in case of failure easier, an additional sshd will 
be started on port '1022'. If anything goes wrong with the running 
ssh you can still connect to the additional one. 
If you run a firewall, you may need to temporarily open this port. As 
this is potentially dangerous it's not done automatically. You can 
open the port with e.g.: 
'iptables -I INPUT -p tcp --dport 1022 -j ACCEPT'

二、安装 docker

ubuntu与红帽系列系统不同，在配置apt源时需要先配置要添加的密钥的证书

root@harbor:~# curl -fsSL https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu/gpg | sudo apt-key add -
root@harbor:~# sudo apt-get install software-properties-common
root@harbor:~# add-apt-repository "deb [arch=amd64] https://mirrors.huaweicloud.com/docker-ce/linux/ubuntu $(lsb_release -cs) stable"
root@harbor:~# apt-get update
root@harbor:~# apt-get install docker-ce

三、vim 设置

ubuntu上默认的许多文件的编辑器是nano，其使用非常不友好，可以修改为vim

root@ubuntu:~# sudo select-editor

Select an editor.  To change later, run 'select-editor'.
  1. /bin/nano        <---- easiest
  2. /usr/bin/vim.basic
  3. /usr/bin/vim.tiny
  4. /bin/ed

Choose 1-4 [1]: 2


# 先择vim.basic，设置好后就可以在编辑一些文件或服务时使用vim

四、exsi 配置

exsi 安装ubuntu2004

报错

multipathd[651]: sda: add missing path
multipathd[651]: sda: failed to get udev uid: Invalid argument
multipathd[651]: sda: failed to get sysfs uid: Invalid argument
multipathd[651]: sda: failed to get sgio uid: No such file or directory
multipathd[651]: sda: add missing path
multipathd[651]: sda: failed to get udev uid: Invalid argument
multipathd[651]: sda: failed to get sysfs uid: Invalid argument
multipathd[651]: sda: failed to get sgio uid: No such file or directory

解决办法：

https://askubuntu.com/questions/1242731/ubuntu-20-04-multipath-configuration

方法一：

exsi虚拟机配置文件中增加

disk.EnableUUID = "TRUE"

方法二：

# vim
defaults {
    user_friendly_names yes
}

blacklist {
    device {
        vendor "VMware"
        product "Virtual disk"
    }
}


# 重启
/etc/init.d/multipath-tools restart

# 或者
systemctl restart multipathd

defaults {
    user_friendly_names yes
}
blacklist {
    devnode "^(ram|raw|loop|fd|md|dm-|sr|scd|st|sda)[0-9]*"
}

五、network配置

静态IP

1、配置静态ip

root@ubuntu:/etc/netplan# pwd
/etc/netplan

root@ubuntu:/etc/netplan# vim 50-cloud-init.yaml
network:
    version: 2
    renderer: networkd
    ethernets:
        ens160:
            dpch4: no
            addresses:
            - 192.168.100.17/24
            gateway4: 192.168.100.1
            nameservers:
                addresses:
                - 223.5.5.5

或者

network:
    ethernets:
        ens3:
            dhcp4: no
            addresses: [192.168.100.141/24]
            gateway4: 192.168.100.1
            nameservers:
              addresses: [114.114.114.114,8.8.8.8]
    version: 2

2204开始

network:
  version: 2
  ethernets:
    ens3:
      dhcp4: false
      addresses: [192.168.100.141/24]
      routes:
        - to: default
          via: 192.168.100.1
      nameservers:
        addresses: [114.114.114.114,8.8.8.8]

2、加载配置

root@ubuntu:~# netplan apply

#测试网络
root@ubuntu:~# ping baidu.com

3、连接wifi

network:
  version: 2
  wifis:
    wlan0:
      dhcp4: true
      access-points:
        "sugar":  # ssid name
          password: "password"

六、rc.local 设置

[root@tc ~]# cat /etc/systemd/system/rc-local.service
[Unit]
Description=/etc/rc.local Compatibility
Documentation=man:systemd-rc-local-generator(8)
ConditionFileIsExecutable=/etc/rc.local
After=network.target

[Service]
Type=forking
ExecStart=/etc/rc.local
TimeoutStartSec=0
TimeoutStopSec=30
RemainAfterExit=yes
GuessMainPID=no

[Install]
WantedBy=multi-user.target

[root@tc rc.d]# cat rc.local 
#!/bin/bash

date >> /tmp/data.txt

exit 0

七、ssh 服务配置

ubuntu默认不安装openssh-server

1、安装openssl-server

root@ubuntu:~# apt-get install openssh-sevrer 
root@ubuntu:~# systemctl start ssh
root@ubuntu:~# systemctl enable ssh

# 查询可安装的包所有版本
apt list -a ssh
Listing... Done
ssh/jammy-updates,jammy-security 1:8.9p1-3ubuntu0.6 all
ssh/jammy 1:8.9p1-3 all

apt install ssh=1:8.9p1-3 all

2、允许root用户远程登陆

ubuntu默认不允许root用户远程登陆

root@ubuntu:~# vim /etc/ssh/sshd_config
32 #PermitRootLogin prohibit-password
修改为
33 PermitRootLogin yes
 
打开密钥认证
56 #PasswordAuthentication yes
修改为
57 PasswordAuthentication yes
 
为root用户设置密码
root@ubuntu:~# passwd root


重启ssh服务
root@ubuntu:~# systemctl restart ssh

八、unsnapd

ubuntu 系统卸载snap

停止开机自启

sudo systemctl disable snapd.service
sudo systemctl disable snapd.socket
sudo systemctl disable snapd.seeded.service

卸载snap安装的软件

# 查询当前系统上snap安装了哪些app
snap list

# 卸载
sudo snap remove xxxxx_app

禁止重新安装snap

sudo vim /etc/apt/preferences.d/nosnap.pref

Package: snapd
Pin: release a=*
Pin-Priority: -10

九、用户管理

1、用户

Ubuntu系统中存在的是nobody和nogroup

在使用useradd命令创建用户的时候，ubuntu不会为主动为用户创建家目录，其默认的shell也不是bash

创建一个具有家目录的用户，其shell为bash

root@ubuntu:~# useradd -m test3 -s /bin/bash

# 若没有指定shell，可以进行修改
root@ubuntu:~# chsh -s /bin/bash test1

2、创建用户，非交互式更改密码

root@ubuntu:~# useradd tom

root@ubuntu:~# echo tom:jerry | chpasswd

格式：echo username:password   | chpasswd

3、sudo权限免密

root@ubuntu:~# vim /etc/sudoers
ops_serialt ALL=(ALL) NOPASSWD: ALL

4、ubuntu 2004重置密码

参考链接：https://blog.51cto.com/u_15169172/2793265

1）重启服务器后按e进入grub菜单

2）在linux的一行的最后修改为rw init=/bin/bash

3）按ctrl + x启动系统

按下Ctrl+c可以撤销登录

4）查看根目录是否有写的权限：mount | grep -w /

5）重置密码

确认根目录正处于rw状态后，那就可以直接重置或破解Ubuntu 20.04任何用户的密码了。

重置root密码：

passwd root

6）重启

完成重置密码或者破解密码的工作后，重启Ubuntu 20.04，执行以下命令重启服务器：

exec /sbin/init