10. 네트워크 상태 확인
- 서버의 기본 사용 포트를 유지하며, ProjYj Web 서버는 8070 포트를 사용하도록 함
- 포트 확인 :
netstat -ltnp | grep 8070
- 포트 죽이기 :
kill -9 [PID]
10-1. 네트워크 상태 확인
netstat
> 모든 수신 소켓과 연결을 확인
lsof
> TCP port 접속 정보 확인 및 요약 보기
[root@localhost home]
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:44321 0.0.0.0:* LISTEN 2195/pmcd
tcp 0 0 127.0.0.1:5910 0.0.0.0:* LISTEN 349956/Xvnc
tcp 0 0 127.0.0.1:4330 0.0.0.0:* LISTEN 3175/pmlogger
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 351164/sshd: /usr/s
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1/systemd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1324/cupsd
tcp6 0 0 :::9090 :::* LISTEN 1/systemd
tcp6 0 0 ::1:44321 :::* LISTEN 2195/pmcd
tcp6 0 0 ::1:4330 :::* LISTEN 3175/pmlogger
tcp6 0 0 ::1:5910 :::* LISTEN 349956/Xvnc
tcp6 0 0 :::33060 :::* LISTEN 549541/mysqld
tcp6 0 0 :::22 :::* LISTEN 351164/sshd: /usr/s
tcp6 0 0 :::111 :::* LISTEN 1/systemd
tcp6 0 0 :::3389 :::* LISTEN 345161/xrdp
tcp6 0 0 :::3306 :::* LISTEN 549541/mysqld
tcp6 0 0 ::1:631 :::* LISTEN 1324/cupsd
tcp6 0 0 ::1:3350 :::* LISTEN 345160/xrdp-sesman
[root@localhost home]
systemd 1 root 80u IPv4 777988 0t0 TCP *:111 (LISTEN)
systemd 1 root 84u IPv6 777019 0t0 TCP *:111 (LISTEN)
systemd 1 root 248u IPv6 802458 0t0 TCP *:9090 (LISTEN)
cupsd 1324 root 6u IPv6 20817 0t0 TCP localhost:631 (LISTEN)
cupsd 1324 root 7u IPv4 20818 0t0 TCP localhost:631 (LISTEN)
pmcd 2195 pcp 0u IPv4 17264 0t0 TCP localhost:44321 (LISTEN)
pmcd 2195 pcp 3u IPv6 17265 0t0 TCP localhost:44321 (LISTEN)
pmlogger 3175 pcp 7u IPv4 1337160 0t0 TCP localhost:4330 (LISTEN)
pmlogger 3175 pcp 8u IPv6 1337161 0t0 TCP localhost:4330 (LISTEN)
xrdp-sesm 345160 root 11u IPv6 742974 0t0 TCP localhost:3350 (LISTEN)
xrdp 345161 root 11u IPv6 746744 0t0 TCP *:3389 (LISTEN)
Xvnc 349956 root 6u IPv4 760993 0t0 TCP localhost:5910 (LISTEN)
Xvnc 349956 root 7u IPv6 760994 0t0 TCP localhost:5910 (LISTEN)
sshd 351164 root 3u IPv4 763481 0t0 TCP *:22 (LISTEN)
sshd 351164 root 4u IPv6 763483 0t0 TCP *:22 (LISTEN)
mysqld 549541 mysql 21u IPv6 1688602 0t0 TCP *:33060 (LISTEN)
mysqld 549541 mysql 24u IPv6 1684797 0t0 TCP *:3306 (LISTEN)
[root@localhost home]
*:111 systemd
*:111 systemd
127.0.0.1:4330 pmlogger
127.0.0.1:44321 pmcd
127.0.0.1:5910 Xvnc
127.0.0.1:631 cupsd
[::1]:3350 xrdp-sesm
[::1]:4330 pmlogger
[::1]:44321 pmcd
[::1]:5910 Xvnc
[::1]:631 cupsd
*:22 sshd
*:22 sshd
*:33060 mysqld
*:3306 mysqld
*:3389 xrdp
*:9090 systemd
11. Tomcat 설치
- 8.0.36 버전을 기준으로 설치
- rpm 배포 파일이 없고, 압축 파일로만 제공됨 > wget 으로 다운로드 진행
[root@localhost /]
[root@localhost /]
[root@localhost Downloads]
/root/Downloads
[root@localhost Downloads]
--2024-03-28 09:45:52-- https://archive.apache.org/dist/tomcat/tomcat-8/v8.0.36/bin/apache-tomcat-8.0.36.tar.gz
Resolving archive.apache.org (archive.apache.org)... 65.108.204.189, 2a01:4f9:1a:a084::2
Connecting to archive.apache.org (archive.apache.org)|65.108.204.189|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 9277365 (8.8M) [application/x-gzip]
Saving to: ‘apache-tomcat-8.0.36.tar.gz’
apache-tomcat-8.0.36.tar.gz 100%[============================================================================>] 8.85M 939KB/s in 11s
2024-03-28 09:46:04 (831 KB/s) - ‘apache-tomcat-8.0.36.tar.gz’ saved [9277365/9277365]
[root@localhost Downloads]
apache-tomcat-8.0.36/bin/catalina.sh
apache-tomcat-8.0.36/bin/configtest.sh
apache-tomcat-8.0.36/bin/daemon.sh
11-1. Tomcat 설정
server.xml
: 8080 포트를 8070 로 변경하고 저장
[root@localhost conf]
/tomcat/apache-tomcat-8.0.36/conf
[root@localhost conf]
<Connector port="8070" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
[root@localhost conf]
Local time: Thu 2024-03-28 09:51:11 KST
Universal time: Thu 2024-03-28 00:51:11 UTC
RTC time: Thu 2024-03-28 09:51:11
Time zone: Asia/Seoul (KST, +0900)
System clock synchronized: yes
NTP service: active
RTC in local TZ: yes
- 방화벽 8070 포트 열기 (8888 이었다가 변경함)
[root@localhost ~]
success
[root@localhost ~]
success
[root@localhost ~]
3306/tcp 3389/tcp 8070/tcp 8888/tcp
- Java Version 확인 :
openjdk version "1.8.0_362"
[root@localhost conf]
openjdk version "1.8.0_362"
OpenJDK Runtime Environment (build 1.8.0_362-b08)
OpenJDK 64-Bit Server VM (build 25.362-b08, mixed mode)
🔶 환경변수 설정
- 환경변수 설정 진행하진 않았으나, 일단 기록해둔 것임
/etc/profile
을 직접 수정
[root@localhost etc]
[root@localhost etc]
JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.362.b09-4.el9.x86_64/jre
CATALINA_HOME=/tomcat/apache-tomcat-8.0.36
11-2. Tomcat 구동
[root@localhost bin]
/tomcat/apache-tomcat-8.0.36/bin
[root@localhost bin]
Using CATALINA_BASE: /tomcat/apache-tomcat-8.0.36
Using CATALINA_HOME: /tomcat/apache-tomcat-8.0.36
Using CATALINA_TMPDIR: /tomcat/apache-tomcat-8.0.36/temp
Using JRE_HOME: /usr
Using CLASSPATH: /tomcat/apache-tomcat-8.0.36/bin/bootstrap.jar:/tomcat/apache-tomcat-8.0.36/bin/tomcat-juli.jar
Tomcat started.
12. CentOS IP 변경
[root@localhost network-scripts]
12-1. 이더넷 세팅
- 네트워크 인터페이스 name 확인 :
eno1
[root@localhost bin]
eno1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.999 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::dabb:c1ff:fe4d:c443 prefixlen 64 scopeid 0x20<link>
ether d8:bb:c1:4d:c4:43 txqueuelen 1000 (Ethernet)
RX packets 480472 bytes 169286658 (161.4 MiB)
RX errors 0 dropped 32337 overruns 0 frame 0
TX packets 249470 bytes 258333052 (246.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 16 memory 0xa1200000-a1220000
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 62902 bytes 3802084 (3.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 62902 bytes 3802084 (3.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@localhost bin]
eno1 lo
ifcfg-eno1
파일이 없어서 새로 생성
BOOTPROTO
: dhcp 대신 static 으로 설정 (dhcp: 자동할당 / static: 수동으로 설정)
IPADDR
: 설정할 IP 주소
NETMASK
: 서브넷 마스크 주소
GATEWAY
: 게이트웨이 주소
DNS
: DNS주소 (웹 사이트 연결하지 않을 경우 필요 없음)
ONBOOT
: no일 경우 yes로 바꾸기 (부팅할 때 자동 네트워크 활성화 설정하는 것)
DEVICE
: 위의 name 값 eno1
[root@localhost network-scripts]
[root@localhost network-scripts]
[root@localhost network-scripts]
[root@seob network-scripts]
TYPE=Ethernet
PROXY_METHOD=none
BOOTPROTO=static
IPADDR=192.168.1.111
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
ONBOOT=yes
DEVICE=eno1
NAME=eno1
12-2. Network Server 재시작
service network restart
, systemctl restart network
명령어로 재시작
- CentOS 8 이상에서는 서비스 명칭이
Network
대신 NetworkManager
로 변경됨
[root@localhost ~]
Redirecting to /bin/systemctl restart network.service
Failed to restart network.service: Unit network.service not found.
service NetworkManager restart
명령어로 재시작
[root@localhost network-scripts]
Redirecting to /bin/systemctl restart NetworkManager.service
12-3. 재시작 전후로 상태 확인
[root@localhost network-scripts]
[ 1.524205] e1000e 0000:00:1f.6 eth0: (PCI Express:2.5GT/s:Width x1) d8:bb:c1:4d:c4:43
[ 1.524207] e1000e 0000:00:1f.6 eth0: Intel(R) PRO/1000 Network Connection
[ 1.524356] e1000e 0000:00:1f.6 eth0: MAC: 13, PHY: 12, PBA No: FFFFFF-0FF
[ 1.719672] e1000e 0000:00:1f.6 eno1: renamed from eth0
[root@localhost network-scripts]
[ 1.719672] e1000e 0000:00:1f.6 eno1: renamed from eth0
[ 25.238976] e1000e 0000:00:1f.6 eno1: NIC Link is Up 100 Mbps Full Duplex, Flow Control: Rx/Tx
[ 25.239153] IPv6: ADDRCONF(NETDEV_CHANGE): eno1: link becomes ready
[root@localhost network-scripts]
00:1f.6 Ethernet controller: Intel Corporation Ethernet Connection (10) I219-V (rev 11)
[root@localhost ~]
● NetworkManager.service - Network Manager
Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service; enabled; preset: enabled)
Active: active (running) since Thu 2024-03-28 10:57:46 KST; 45s ago
Docs: man:NetworkManager(8)
Main PID: 118424 (NetworkManager)
Tasks: 3 (limit: 202236)
Memory: 5.4M
CPU: 39ms
CGroup: /system.slice/NetworkManager.service
└─118424 /usr/sbin/NetworkManager --no-daemon
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7788] device (lo): Activation: successful, device activated.
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7792] policy: set 'eno1' (eno1) as default for IPv4 routing and DNS
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7804] device (eno1): state change: ip-config -> ip-check (reason 'none', s>
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7863] device (eno1): state change: ip-check -> secondaries (reason 'none',>
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7864] device (eno1): state change: secondaries -> activated (reason 'none'>
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7866] manager: NetworkManager state is now CONNECTED_SITE
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7869] device (eno1): Activation: successful, device activated.
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7873] manager: NetworkManager state is now CONNECTED_GLOBAL
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7874] manager: startup complete
Mar 28 10:57:46 localhost.localdomain NetworkManager[118424]: <info> [1711591066.7921] policy: set-hostname: set hostname to 'localhost.localdomain' (no ho>
...skipping...
[root@localhost network-scripts]
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d8:bb:c1:4d:c4:43 brd ff:ff:ff:ff:ff:ff
altname enp0s31f6
inet 192.168.1.999/24 brd 192.168.1.255 scope global noprefixroute eno1
valid_lft forever preferred_lft forever
inet6 fe80::dabb:c1ff:fe4d:c443/64 scope link noprefixroute
valid_lft forever preferred_lft forever
- 사용 가능한 모든 장치의 상태 표시 :
nmcli dev status
/ 사용 가능한 모든 연결의 상태를 표시 : nmcli con show
[root@localhost network-scripts]
DEVICE TYPE STATE CONNECTION
eno1 ethernet connected eno1
lo loopback connected (externally) lo
- 네트워크 정보 확인 (IP 주소만 보기) :
ifconfig eno1 | grep inet
🔶 기타 작업
- 네트워크 재시작 후에도 IP 주소가 변경되지 않아 장치 비활성화 시도
eno1
장치 활성화/비활성화 : ifup eno1
, ifdown eno1
[root@localhost network-scripts]
bash: ifdown: command not found...
Install package 'NetworkManager-initscripts-updown' to provide command 'ifdown'? [N/y] y
* Waiting in queue...
* Loading list of packages....
The following packages have to be installed:
NetworkManager-initscripts-updown-1:1.47.2-1.el9.noarch Legacy ifup/ifdown scripts for NetworkManager that replace initscripts (network-scripts)
Proceed with changes? [N/y] y
- 설치하라는 문구가 나와 설치 진행
- 아래와 같은 오류 발생
[root@localhost network-scripts]
Error: '/etc/sysconfig/network-scripts/ifcfg-eno1' is not an active connection.
Error: no active connection provided.
Failure to deactivate file "eno1"!
See all profiles with `nmcli connection`.
Reload files from disk with `nmcli connection reload`
Deactivate the desired profile with `nmcli connection down \"$NAME\"`
13. CentOS IP 변경
eno1.nmconnection
파일 > IP 주소 변경
[root@localhost system-connections]
[root@localhost system-connections]
eno1.nmconnection
[root@localhost system-connections]
[ipv4]
address1=192.168.1.111/24,192.168.1.1
dns=210.94.0.73;210.220.163.82;
ignore-auto-dns=true
method=manual
[root@localhost system-connections]
Redirecting to /bin/systemctl restart NetworkManager.service
- IP 주소 확인하기 (
inet 192.168.1.111
가 추가됨)
[root@localhost network-scripts]
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d8:bb:c1:4d:c4:43 brd ff:ff:ff:ff:ff:ff
altname enp0s31f6
inet 192.168.1.999/24 brd 192.168.1.255 scope global noprefixroute eno1
valid_lft forever preferred_lft forever
inet 192.168.1.111/24 brd 192.168.1.255 scope global secondary noprefixroute eno1
valid_lft forever preferred_lft forever
inet6 fe80::dabb:c1ff:fe4d:c443/64 scope link noprefixroute
valid_lft forever preferred_lft forever
14. 계정 생성
projyj
추가로 생성
adduser
: 사용자 홈 디렉토리를 포함한 사용자 관련 설정을 자동 생성 / 사용자가 설정한 기본 쉘을 사용자의 쉘로 지정
useradd
: 사용자 홈 디렉토리를 포함한 사용자 관련 설정을 자동생성 하지 않음 / 홈 디렉토리와 패스워드 그 외에도 여러가지 설정을 따로 해줘야 함 / 기본 쉘인 sh가 할당됨
[root@localhost ~]
root
[root@localhost home]
[root@localhost projyj]
uid=1001(projyj) gid=1001(projyj) groups=1001(projyj)
[root@localhost home]
Changing password for user projyj.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
🔶 생성 계정 확인
[root@localhost home]
root
projyj
🔶 계정 삭제
-r
: 계정의 home directory 등을 포함한 완전 삭제
userdel [user] // 사용자 계정만 삭제
userdel -r [user] // home directory 등을 포함한 완전 삭제
14-1. 계정 권한 부여
visudo
또는 vi /etc/sudoers
로 해당 파일 확인
- sudoers 수정 시에는
visudo
사용을 권고하고 있음
[root@localhost home]
visudo: /etc/sudoers.tmp unchanged
[root@localhost home]
root ALL=(ALL) ALL
projyj ALL=(ALL) ALL