[CONTENT] Linux common parameters of /etc/fstab file

/dev/vg/lv_var /var xfs nodev,nosuid,noexec 0 0
/dev/vg/lv_var_log /var/log xfs nodev,nosuid,noexec,x-systemd.requires-mounts-for=/var 0 0

(
Add:
1) nodev parameter here means this directory can not be interpreted by devices or blocks
2) nosuid parameter here means no setuid files can be created in this directory
3) noexec parameter here means no files can be executed in this directory
4) x-systemd.requires-mounts-for=/var here parameter means /var/log directory can not be mounted until /var directory has been mounted
)

[STEP] Linux Audit Log join /var/log/message

Main Content:

Step One: Modify /audit/plugins.d/syslog.conf file

# vim /audit/plugins.d/syslog.conf

Modify part content as follow:

Modify part content as follow:
......
active = no
......

Step Two: Restart auditd Service

# service auditd restart

Reference:

https://access.redhat.com/solutions/637863

[DEBUG] Linux resolve error code ‘DB version too old ……, expected …… for domain implicit_files!’

Error Code:

# useradd <account name>
DB version too old ......, expected ...... for domain implicit_files!
......

Or:

# chage -l <user name>
DB version too old ......, expected ...... for domain implicit_files!
......

Solution:

Step One: Create /etc/sssd/sssd.conf file

# vim /etc/sssd/sssd.conf

Add follow lines:

[sssd]
enable_files_domain = true

Step Two: Give /etc/sssd/sssd.conf file properly privilege

# chmod 600 /etc/sssd/sssd.conf

Step Three: Restart sssd service

# systemctl restart sssd

Reference:

https://access.redhat.com/solutions/7031304

[步骤] Linux 网络的设置 (禁用 IPv6) (openSUSE & SLES 版)

内容一:显示 IPv6 是否启用

1.1 方法一:通过 ifconfig 命令实现

# ifconfig

1.2 方法二:通过 ip 命令实现

# ip a s

(补充:如果出现了 inet6 则 IPv6 是激活的)

1.3 方法三:通过 sysctl -a 命令实现

# sysctl -a | grep -i ipv6|grep -i disable
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
net.ipv6.conf.eth1.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

(补充:从输出结果中可以看出 IPv6 已经被禁用)

内容二:临时禁用 IPv6

2.1 临时禁用本地所有的 IPv6

# sysctl -w net.ipv6.conf.all.disable_ipv6=1

2.2 临时禁用某 1 张网卡的 IPv6

# sudo echo 1 > /proc/sys/net/ipv6/conf/ens32/disable_ipv6 


补充:
1) 这里的 ens32 是要禁用 IPv6 的网卡名称
2) 系统或者网卡重启后禁用失效

内容三:永久禁用 IPv6

# yast lan

Global Options –> IPv6 Protocol Settings –> 取消勾选 IPv6