auditd 只能监控比它后启动的进程,恶意软件如果比它先启动则无法被其监控
在这一行里:
GRUB_CMDLINE_LINUX="......"添加:
GRUB_CMDLINE_LINUX="...... audit=1"# grub2-mkconfig -o /boot/grub2/grub.cfghttps://access.redhat.com/solutions/971883
Red Hat Satellite 通常使用指定版本的软件。所以在安装或升级 Red Hat Satellite 时,我们需要设置 Red Hat Satellite 的模块流,在设置模块流以后,相应的软件就被锁定制在对应版本无法升级了。
我们可以通过查看 Red Hat Satellite 的模块流,确认有哪些软件被锁定在了哪些版本里
# dnf module enable satellite或者:
# dnf module enable satellite:el8
......
Requires : pki-core:[]
: platform:[el8]
: postgresql:[12]
: ruby:[2.7](补充:这里设置 el8 版本的 Red Hat Satellite 模块流为例)
# dnf module info或者:
# dnf module info satellite:el8
......
Requires : pki-core:[]
: platform:[el8]
: postgresql:[12]
: ruby:[2.7](补充:这里查看 el8 版本的 Red Hat Satellite 模块流为例)
https://docs.redhat.com/en/documentation/red_hat_satellite/6.15/html/installing_satellite_server_in_a_connected_network_environment/installing_server_connected_satellite#configuring-repositories_satellite
# vim /audit/plugins.d/syslog.confModify part content as follow:
Modify part content as follow:
......
active = no
......# service auditd restarthttps://access.redhat.com/solutions/637863
Input df command and the command is stuck
Can not us cd / command to access /(root) directory
Can not us ls / command to display /(root) directory
There may be some network storage disconnected
# mount(Add: At this moment, we can see at least one remote storage mount to local directory. If we cd to this directory, system command prompt will output target is busy)
# umount -f <nfs storage which is stuck>Or:
# umount -l <nfs storage which is stuck>Or:
# umount -f -l <nfs storage which is stuck>在启用或禁用 SLES 的软件库前,要先注册此 SLES
# SUSEConnect --list-extensions# SUSEConnect -p sle-module-live-patching/15.3/x86_64(补充:这里以启用 sle-module-live-patching/15.3/x86_64 软件库为例)
# SUSEConnect -d -p sle-module-basesystem/15.3/x86_64(补充:这里以禁用用 sle-module-live-patching/15.3/x86_64 软件库为例)