Linux systemctl service firewall

记录下常用命令

View all units

systemctl list-unit-files
proc-sys-fs-binfmt_misc.automount             static  
dev-hugepages.mount                           static  
dev-mqueue.mount                              static  
proc-fs-nfsd.mount                            static  
proc-sys-fs-binfmt_misc.mount                 static  
sys-fs-fuse-connections.mount                 static                 brandbot.path                                 enabled 
systemd-ask-password-console.path             static  
systemd-ask-password-plymouth.path            static  
systemd-ask-password-wall.path                static  
session-1.scope                               static  
acpid.service                                 enabled 
amazon-ssm-agent.service                      enabled 
amzn2-early-relabel-modules.service           enabled 
arp-ethers.service                            disabled
atd.service                                   enabled 
auditd.service                                enabled 

View service

systemctl list-units -t service --state active
acpid.service                      loaded active running ACPI Event Daemon
amazon-ssm-agent.service           loaded active running amazon-ssm-agent
atd.service                        loaded active running Job spooling tools
auditd.service                     loaded active running Security Auditing Service
chronyd.service                    loaded active running NTP client/server
cloud-config.service               loaded active exited  Apply the settings specified in cloud-config
cloud-final.service                loaded active exited  Execute cloud user/final scripts
cloud-init-local.service           loaded active exited  Initial cloud-init job (pre-networking)
cloud-init.service                 loaded active exited  Initial cloud-init job (metadata service crawler)

restart daemon

systemctl deamon-reload

service operations

systemctl enable docker
systemctl start docker
systemctl stop docker
systemctl restart docker

User and Group

view system groups

cat /etc/group
root:x:0:
bin:x:1:
daemon:x:2:
sys:x:3:
adm:x:4:ec2-user
tty:x:5:
disk:x:6:
lp:x:7:
mem:x:8:
kmem:x:9:
wheel:x:10:ec2-user
cdrom:x:11:
mail:x:12:postfix
man:x:15:
dialout:x:18:
floppy:x:19:

create group

groupadd docker

add user to group

usermod -aG docker user-name

view user groups

groups
ec2-user adm wheel systemd-journal docker

Firewall

open ports

sudo firewall-cmd --permanent --add-port=6443/tcp
sudo firewall-cmd --permanent --add-port=10250/tcp