[CONTENT] Linux common parameters of /etc/fstab file

/dev/vg/lv_var /var xfs nodev,nosuid,noexec 0 0
/dev/vg/lv_var_log /var/log xfs nodev,nosuid,noexec,x-systemd.requires-mounts-for=/var 0 0

1) nodev parameter here means this directory can not be interpreted by devices or blocks
2) nosuid parameter here means no setuid files can be created in this directory
3) noexec parameter here means no files can be executed in this directory
4) x-systemd.requires-mounts-for=/var here parameter means /var/log directory can not be mounted until /var directory has been mounted

[STEP] Linux Audit Log join /var/log/message

Main Content:

Step One: Modify /audit/plugins.d/syslog.conf file

# vim /audit/plugins.d/syslog.conf

Modify part content as follow:

Modify part content as follow:
active = no

Step Two: Restart auditd Service

# service auditd restart



[DEBUG] Linux resolve error code ‘DB version too old ……, expected …… for domain implicit_files!’

Error Code:

# useradd <account name>
DB version too old ......, expected ...... for domain implicit_files!


# chage -l <user name>
DB version too old ......, expected ...... for domain implicit_files!


Step One: Create /etc/sssd/sssd.conf file

# vim /etc/sssd/sssd.conf

Add follow lines:

enable_files_domain = true

Step Two: Give /etc/sssd/sssd.conf file properly privilege

# chmod 600 /etc/sssd/sssd.conf

Step Three: Restart sssd service

# systemctl restart sssd



[步骤] Linux 网络的设置 (禁用 IPv6) (openSUSE & SLES 版)

内容一:显示 IPv6 是否启用

1.1 方法一:通过 ifconfig 命令实现

# ifconfig

1.2 方法二:通过 ip 命令实现

# ip a s

(补充:如果出现了 inet6 则 IPv6 是激活的)

1.3 方法三:通过 sysctl -a 命令实现

# sysctl -a | grep -i ipv6|grep -i disable
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
net.ipv6.conf.eth1.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

(补充:从输出结果中可以看出 IPv6 已经被禁用)

内容二:临时禁用 IPv6

2.1 临时禁用本地所有的 IPv6

# sysctl -w net.ipv6.conf.all.disable_ipv6=1


2.2 临时禁用某 1 张网卡的 IPv6

# sudo echo 1 > /proc/sys/net/ipv6/conf/ens32/disable_ipv6 

1) 这里的 ens32 是要禁用 IPv6 的网卡名称
2) 系统或者网卡重启后禁用失效

内容三:永久禁用 IPv6

# yast lan

Global Options –> IPv6 Protocol Settings –> 取消勾选 IPv6

[排错] openSUSE & SLES 解决开机后 wicked 不能设置 IP 地址


开机后 wicked 不能自动设置 IP 地址

# cat /var/log/messages
...... wickedd-nanny[1218]: device eth0: call to org.opensuse.Network.Protocol.IPv6.changeProtocol() failed: General failure
...... wickedd-nanny[1218]: eth0: failed to bring up device, still continuing
...... lo              up
...... eth0            device-not-running
...... Finished wicked managed network interfaces.

解决方法一:将 wicked 软件降级到较低版本


解决方法二:取消 ipv6.disable=1 参数

2.1 修改 /etc/default/grub 文件

# /etc/default/grub



2.2 使刚刚修改的配置生效

# grub2-mkconfig -o /boot/grub2/grub.cfg

2.3 检查刚刚设置的配置

# grep "^\s*ipv6.disable" /boot/grub2/grub.cfg