前几天CentOS 8 发布了正式版本,全新安装后发现时间同步和防火墙让我恼火了一下午,因为弄些不可描述的服务,所以用的大佬DD脚本,所以记录一下CentOS 8 下如何时间自动同步和关闭自带的selinux、Firewall。
时间同步
在CentOS 8只能用chrony 来同步时间。
安装chrony:
yum -y install chrony
运行 chrony
systemctl enable chronyd
查看是否设置了开机启动:
systemctl is-enabled chronyd
如果现实enabled
说明成功运行。开启chrony:
systemctl start chronyd
时区的设置:
timedatectl list-timezones # 列出所有时区
timedatectl set-local-rtc 1 # 将硬件时钟调整为与本地时钟一致, 0 为设置为 UTC 时间
timedatectl set-timezone Asia/Shanghai # 设置系统时区为上海
timedatectl set-ntp yes # 设置开启自动同步
关闭SELINUX、firewalld
大部分时间对折两个自带的防火墙用不着,所以直接关闭:
查看运行状态:
systemctl status firewalld
禁止开机启动:
systemctl disable firewalld
停止运行
systemctl stop firewalld
关闭SElinux
查看运行状态:
getenforce
如果现实Enforcing
说明是开启状态。
编辑配置文件:
vim /etc/selinux/config
内容大概如下:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=enforcing
# SELINUXTYPE= can take one of these three values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
将SELINUX=enforcing
修改为 SELINUX=disabled
即可。