CentOSのデフォルト設定内容-その1

Posted By: みなまち運営者 On:


現在、とある業務に従事しているが単純にLinuxのデフォルトの設定が必要になったので以下に取得してみたのでまとめる。
syslogやcron、カーネルパラメータの情報が必要になり、この辺りは普通に業務を行う上ではなかなか触らない部分であり、色々と勉強になる。
実際にはほかのディストリビューションとちがいデフォルトでは設定がされていない部分が多いように思われる。

1.CentOS7のデフォルトのsyslog設定について

CentOS7ではデフォルトでは、syslogに対応しておらず一度rsyslogのインストールが必要である。 こちらのコマンドでrsyslogのインストールを行う。

#yum install rsyslog

下記が/etc/rsyslog.confのデフォルト設定内容である。
# rsyslog configuration file

# For more information see /usr/share/doc/rsyslog-*
/rsyslog_conf.html
# If you experience problems, see http://www.rsyslog.com
/doc/troubleshoot.html

#### MODULES ####

# The imjournal module bellow is now used as a message source instead of imuxsock.
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imjournal # provides access to the systemd journal
#$ModLoad imklog # reads kernel messages (the same are read from journald)
#$ModLoad immark # provides –MARK– message capability

# Provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514

# Provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514


#### GLOBAL DIRECTIVES ####

# Where to place auxiliary files
$WorkDirectory /var/lib/rsyslog

# Use default timestamp format
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# File syncing capability is disabled by default. This feature is usually not required,
# not useful and an extreme performance hit
#$ActionFileEnableSync on

# Include all config files in /etc/rsyslog.d/
$IncludeConfig /etc/rsyslog.d/*.conf

# Turn off message reception via local log socket;
# local messages are retrieved through imjournal now.
$OmitLocalLogging on

# File to store the position in the journal
$IMJournalStateFile imjournal.state


#### RULES ####

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.* /dev/console
# Log anything (except mail) of level info or higher.
# Don’t log private authentication messages!
*.info;mail.none;authpriv.none;cron.none /var/log/messages
# The authpriv file has restricted access.
authpriv.* /var/log/secure
# Log all the mail messages in one place.
mail.* -/var/log/maillog
# Log cron stuff
cron.* /var/log/cron
# Everybody gets emergency messages
*.emerg :omusrmsg:*

2.定時実行設定内容

cronの設定内容

/etc/crontabの設定内容

SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root

# For details see man 4 crontabs

# Example of job definition:
# .—————- minute (0 – 59)
# | .————- hour (0 – 23)
# | | .———- day of month (1 – 31)
# | | | .——- month (1 – 12) OR jan,feb,mar,apr …
# | | | | .—- day of week (0 – 6) (Sunday=0 or 7) OR
sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

3.カーネルパラメータ:

この辺りは、よほどコアな部分の設定を行わない限りはノータッチなので正直これを触ろうとするのは怖い・・・
これを設定ミスするだけでOSが起動しないこともままある!

/boot/grub2/grub.cfgの設定内容

#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub2-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
set pager=1

if [ -s $prefix/grubenv ]; then
load_env
fi
if [ “${next_entry}” ] ; then
set default=”${next_entry}”
set next_entry=
save_env next_entry
set boot_once=true
else
set default=”${saved_entry}”
fi

if [ x”${feature_menuentry_id}” = xy ]; then
menuentry_id_option=”–id”
else
menuentry_id_option=””
fi

export menuentry_id_option

if [ “${prev_saved_entry}” ]; then
set saved_entry=”${prev_saved_entry}”
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi

function savedefault {
if [ -z “${boot_once}” ]; then
saved_entry=”${chosen}”
save_env saved_entry
fi
}

function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}

terminal_output console
if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=5
# Fallback normal timeout code in case the timeout_style feature is
# unavailable.
else
set timeout=5
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/00_tuned ###
set tuned_params=””
set tuned_initrd=””
### END /etc/grub.d/00_tuned ###

### BEGIN /etc/grub.d/01_users ###
if [ -f ${prefix}/user.cfg ]; then
source ${prefix}/user.cfg
if [ -n “${GRUB2_PASSWORD}” ]; then
set superusers=”root”
export superusers
password_pbkdf2 root ${GRUB2_PASSWORD}
fi
fi
### END /etc/grub.d/01_users ###

### BEGIN /etc/grub.d/10_linux ###
menuentry ‘CentOS Linux (3.10.0-1127.18.2.el7.x86_64) 7 (Core)’ –class centos –class gnu-linux –class gnu –class os –unrestricted $menuentry_id_option ‘gnulinux-3.10.0-1127.el7.x86_64-advanced-7b5e99d6-6309-458f-867d-1ccc8b5bc85e’ {
load_video
set gfxpayload=keep
insmod gzio
insmod part_msdos
insmod xfs
set root=’hd0,msdos1′
if [ x$feature_platform_search_hint = xy ]; then
search –no-floppy –fs-uuid –set=root –hint-bios=hd0,msdos1 –hint-efi=hd0,msdos1 –hint-baremetal=ahci0,msdos1 –hint=’hd0,msdos1′ 8f4fa40d-23df-427e-a689-08f07c67b8a9
else
search –no-floppy –fs-uuid –set=root 8f4fa40d-23df-427e-a689-08f07c67b8a9
fi
linux16 /vmlinuz-3.10.0-1127.18.2.el7.x86_64 root=/dev/mapper/centos-root ro crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet LANG=ja_JP.UTF-8
initrd16 /initramfs-3.10.0-1127.18.2.el7.x86_64.img
}
menuentry ‘CentOS Linux (3.10.0-1127.el7.x86_64) 7 (Core)’ –class centos –class gnu-linux –class gnu –class os –unrestricted $menuentry_id_option ‘gnulinux-3.10.0-1127.el7.x86_64-advanced-7b5e99d6-6309-458f-867d-1ccc8b5bc85e’ {
load_video
set gfxpayload=keep
insmod gzio
insmod part_msdos
insmod xfs
set root=’hd0,msdos1′
if [ x$feature_platform_search_hint = xy ]; then
search –no-floppy –fs-uuid –set=root –hint-bios=hd0,msdos1 –hint-efi=hd0,msdos1 –hint-baremetal=ahci0,msdos1 –hint=’hd0,msdos1′ 8f4fa40d-23df-427e-a689-08f07c67b8a9
else
search –no-floppy –fs-uuid –set=root 8f4fa40d-23df-427e-a689-08f07c67b8a9
fi
linux16 /vmlinuz-3.10.0-1127.el7.x86_64 root=/dev/mapper/centos-root ro crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet LANG=ja_JP.UTF-8
initrd16 /initramfs-3.10.0-1127.el7.x86_64.img
}
menuentry ‘CentOS Linux (0-rescue-b2973d4fb3804abfb7eae2da1ec22f82) 7 (Core)’ –class centos –class gnu-linux –class gnu –class os –unrestricted $menuentry_id_option ‘gnulinux-0-rescue-b2973d4fb3804abfb7eae2da1ec22f82-advanced-7b5e99d6-6309-458f-867d-1ccc8b5bc85e’ {
load_video
insmod gzio
insmod part_msdos
insmod xfs
set root=’hd0,msdos1′
if [ x$feature_platform_search_hint = xy ]; then
search –no-floppy –fs-uuid –set=root –hint-bios=hd0,msdos1 –hint-efi=hd0,msdos1 –hint-baremetal=ahci0,msdos1 –hint=’hd0,msdos1′ 8f4fa40d-23df-427e-a689-08f07c67b8a9
else
search –no-floppy –fs-uuid –set=root 8f4fa40d-23df-427e-a689-08f07c67b8a9
fi
linux16 /vmlinuz-0-rescue-b2973d4fb3804abfb7eae2da1ec22f82 root=/dev/mapper/centos-root ro crashkernel=auto
rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet initrd16 /initramfs-0-rescue-b2973d4fb3804abfb7eae2da1ec22f82.img
}

### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/20_linux_xen ###
### END /etc/grub.d/20_linux_xen ###

### BEGIN /etc/grub.d/20_ppc_terminfo ###
### END /etc/grub.d/20_ppc_terminfo ###

### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file provides an easy way to add custom menu entries. Simply type the
# menu entries you want to add after this comment. Be careful not to change
# the ‘exec tail’ line above.
### END /etc/grub.d/40_custom ###

### BEGIN /etc/grub.d/41_custom ###
if [ -f ${config_directory}/custom.cfg ]; then
source ${config_directory}/custom.cfg
elif [ -z “${config_directory}” -a -f $prefix/custom.cfg ]; then source $prefix/custom.cfg;
fi
### END /etc/grub.d/41_custom ###


Play Cover Track Title
Track Authors