¾Ç¥Í¥Î¦øªA¾¹«Ø¸m¬yµ{¡]for Fedora Core 3¡^
|
µù¡Gºô¶À£ÁYÀÉ(2MB)¡A¦¹¤å¥ó¤º©Ò´£¨ìªº¬Y¨ÇÀÉ®×¥i¥H ¦Ü¦¹ ¤U¸ü |
2005.01.18 by ·¨ÀA©÷ |
|
¥Ø¿ý
ºô¸ô¦w¸Ë¬ÛÃöÀɮסG
¦w¸ËÃþ«¬¿ï FTP ªº³]©w¡G FTP ¯¸¥x¦WºÙ¡G163.19.1.81¡]©Î apt.nc.hcc.edu.tw¡^ Fedora Core 2 ©Ò¦b¥Ø¿ý¡Gpub/fedora/linux/core/3/i386/os ©Î FTP ¯¸¥x¦WºÙ¡G140.127.177.17¡]©Î ftp.isu.edu.tw¡^ Fedora Core 2 ©Ò¦b¥Ø¿ý¡Gpub/Linux/Fedora/linux/core/3/i386/os µù¡G
¦w¸Ë¹Lµ{ª`·N¨Æ¶µ¡G
PuTTY¡GMicrosoft Windows ¤U¦n¥Îªº ssh ³s½u¤u¨ã PuTTY ©x¤èºô¯¸¡Ghttp://www.chiark.greenend.org.uk/~sgtatham/putty/ ¤U¸ü¡Ghttp://the.earth.li/~sgtatham/putty/latest/x86/putty.exe
קï¡G
vi (or vim )¬O Unix-like §@·~¨t²Î¤U³Ì³q¥Î¡B±j®«ªº¤å¦r½s¿è¾¹¡A¾¨ºÞ¤Jªù§xÃø¡A«Øij¤@©wnªá®É¶¡±N¨ä°ò¥»¾Þ§@¾Ç·| ¿é¤J¡Ga¡Bi¡Bo
¨ì²Ä¤@¦æ¡Ggg ¨ì³Ì«á¤@¦æ¡GG ¨ì¬Y¤@¦æ¡GxxG ¨ì¦æº¡G0 ¨ì¦æ¥½¡G$
½Æ»s¡Gyy ¶K¤W¡Gp ´_ì¡Gu
§R¤@Ó¦r¡Gx §R¾ã¦æ¡Gdd
Åã¥Ü¦æ¼Æ¡G:set nu ¤£Åã¥Ü¦æ¼Æ¡G:set nonu
vi ªº·j´M¡G/¡B¦A¦¸·j´M¡Gn ¨ì shell¡G:sh¡]¦b shell ¤¤¦^¨ì vi¡Gexit¡^
Àx¦s¡G:w Â÷¶}¡G:q ±j¨îÂ÷¶}¡]¤£Àx¦s¡^¡G:q! µù¡G 1.¦w¸Ë vim-common¡Bvim-enhanced ³o¨âÓ®M¥ó¥i¥H¥[±j vi ªº¥\¯à 2.Vim ©x¤è¤å¥ó¡Ghttp://www.vim.org/docs.php #·s¼W sysadm ±b¸¹¡G useradd sysadm passwd sysadm
#¤£¤¹³\ root ¨Ï¥Î ssh µn¤J¡G cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak vi /etc/ssh/sshd_config 37¦æ #PermitRootLogin yes §ï¦¨--> PermitRootLogin no
#¨î¥u¦³ wheel ¸s²Õªº¤H¥i¥H¨Ï¥Î su¡G cp /etc/pam.d/su /etc/pam.d/su.bak vi /etc/pam.d/su 6¦æ #auth required /lib/security/$ISA/pam_wheel.so use_uid #¨ú®ø³o¤@¦æ«e±ªº #
#§â sysadm ±b¸¹¥[¤J wheel ¸s²Õ¡G cp /etc/group /etc/group.bak vi /etc/group root:x:0:root,sysadm wheel:x:10:root,sysadm
/etc/rc.d/init.d/sshd restart
¥Î sysadm ±b¸¹µn¤J«á¡A¦A¥Î su - «ü¥OÅܦ¨ root
OpenSSH ©x¤è¤å¥ó¡Ghttp://www.openssh.com/manual.html cp /etc/sysconfig/i18n /etc/sysconfig/i18n.bak vi /etc/sysconfig/i18n LANG="zh_TW.Big5" SUPPORTED="zh_TW.UTF-8:zh_TW:zh" SYSFONT="latarcyrheb-sun16"
µn¥X¦Aµn¤J
locale
µù¡G¦b¾ãÅé¤jÀô¹Ò©|¥¼µLªk§¹¥þ°t¦X unicode ªºª¬ªp¤U¡A¤j¤½X¡]big5¡^ÁÙ¬O¦³µÛ¸û¦nªº¬Û®e©Ê קï IP ¡BFQDN¡]¦w¸Ë¹Lµ{³]©w¥¿½Tªº¸Ü¡A¬O¤£¥Î§@¥ô¦óק諸¡A¦³»Ýn¤~קï¡^ ¬d¬Ý IP¡Gifconfig קï IP¡Gnetconfig¡]©Îק惡ÀÉ¡G/etc/sysconfig/network-scripts/ifcfg-eth0¡^
FQDN ³]©w¡G hostname vi /etc/hosts vi /etc/sysconfig/network DNS ³]©w¡G vi /etc/resolv.conf¡]for ·s¦Ë¿¤¾Ç®Õ¡^ nameserver 163.19.1.1 nameserver 163.19.3.1 «·s±Ò°Êºô¥d¡G Ãö³¬ºô¥d¡Gifdown eth0 ±Ò°Êºô¥d¡Gifup eth0 /etc/rc.d/init.d/network restart ping ¤¶²Ð¡Gping -c 5 www.nc.hcc.edu.tw traceroute ¤¶²Ð¡Gtraceroute www.nc.hcc.edu.tw vi /etc/hosts.deny ALL:ALL
vi /etc/hosts.allow ALL:192.168.1.0/255.255.255.0:allow sshd:ALL:allow vsftpd:ALL:allow sendmail:ALL:allow °õ¦æ ntsysv «ü¥O¡A¥u¯d¤U¥H¤UªA°È
runlevel ¤¶²Ð¡G
chkconfig ¤¶²Ð
man ¤¶²Ð netstat ¤¶²Ð¡Gnetstat -tl ¦w¸Ë Fedora Core¡Bfreshrpms ªº GPG KEY ¡G rpm --import /usr/share/doc/fedora-release-3/RPM-GPG-KEY-fedora rpm --import ftp://apt.nc.hcc.edu.tw/pub/freshrpms/RPM-GPG-KEY
µù¡G¸Ë¤F Fedora Core¡Bfreshrpms ªº GPG key ¤§«á¡A¦b¦w¸Ë¥L̺ûÅ@ªº rpm ªº®ÉÔ¤~¤£·|¥X²{ĵ§i°T®§¡AY¤£¦b¥G³o¨Ç°T®§¡A¨S¦³¦w¸Ë¤]¬O¨S¦³Ãö«Yªº rpm -ivh ftp://apt.nc.hcc.edu.tw/pub/apt/fedora/linux/3/i386/RPMS.extra/apt-0.5.15cnc6-1.1.fc3.hcc.i386.rpm
apt-get update apt-get -y dist-upgrade ¤É¯Å®Ö¤ß uname -r
apt-get install kernel apt-get install kernel#2.6.10-1.741_FC3 #½Ð¦w¸Ë³Ì·sª©¥»ªº®Ö¤ß #¹Lµ{¦³ÂI¤[¡A@¤ßµ¥Ô
rpm -qa | grep kernel
vi /etc/grub.conf default=0 timeout=5
reboot¡]©Î init 6¡^
apt-get install tree tree / -d -L 2
/ |-- bin |-- boot |-- dev |-- etc | |-- cron.d | |-- cron.daily | |-- cron.hourly | |-- cron.monthly | |-- cron.weekly | |-- init.d -> rc.d/init.d | |-- rc.d | |-- rc0.d -> rc.d/rc0.d | |-- rc1.d -> rc.d/rc1.d | |-- rc2.d -> rc.d/rc2.d | |-- rc3.d -> rc.d/rc3.d | |-- rc4.d -> rc.d/rc4.d | |-- rc5.d -> rc.d/rc5.d | |-- rc6.d -> rc.d/rc6.d | |-- sysconfig | `-- yum.repos.d |-- home |-- initrd |-- lib |-- media | |-- cdrom | `-- floppy |-- misc |-- mnt |-- opt |-- proc |-- root |-- sbin |-- selinux |-- sys |-- tmp |-- usr `-- var |-- ftp |-- log |-- mail -> spool/mail |-- spool `-- www Apache ©x¤èºô¯¸¡Ghttp://www.apache.org/
apt-get -y install httpd mod_ssl
cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak vi /etc/httpd/conf/httpd.conf #vi ¦æ¼ÆÅã¥Ü¡G:set nu¡B¨ì²Ä¡H¦æ¡G¼Æ¦r + G 235¦æ ServerAdmin root@localhost 339¦æ UserDir disable ק令--> #UserDir disable 375¦æ DirectoryIndex index.html index.html.var ק令--> DirectoryIndex index.html index.htm index.php index.html.var 730¦æ AddDefaultCharset UTF-8 ק令--> AddDefaultCharset big5
/etc/rc.d/init.d/httpd start chkconfig httpd on
ª`·N¡G web server ¬[³]¦n¤§«á¡AÓ¤Hºô¶ªº¥\¯à¤]±Ò°Ê¤F¡A¥un¿é¤J¡uhttp://IP/~xxx¡v§Y¥iÂsÄý¡A¤£¹L½Ð½T©w SELinux ªº¥\¯à¬OÃö³¬ªº¡A§_«h±NµLªk¥¿±`ÂsÄýÓ¤Hºô¶¡C Y¦w¸Ë¨t²Îªº®ÉÔ¡A¦b¨¾¤õÀð³]©wªº¦a¤è¡A¨S¦³Ãö³¬ SELinux¡A½Ð¨Ì·Ó¤U±¤èªkÃö³¬¡G vi /etc/sysconfig/selinux SELINUX=enforcing ק令--> SELINUX=disabled
«·s±Ò°Ê¹q¸£¡Greboot
Apache ©x¤è¤å¥ó¡Ghttp://httpd.apache.org/docs-project/ w3m ©x¤èºô¯¸¡Ghttp://w3m.sourceforge.net/index.en.html
apt-get -y install w3m w3m tw.yahoo.com
¦^¤W¤@¶¡GShift+b
µù¡G
apt-get install lynx lynx tw.yahoo.com
lynx ¤¤¤å³]©w¡G«ö o ¶i¤J³]©wµe± [UNICODE (UTF-8)________________] ק令--> [Taipei (Big5)__________________] [iso-8859-1______] ק令--> [big5____________] mkdir /var/www/html/test1 vi /etc/httpd/conf/httpd.conf <Directory /var/www/html/test1> Deny from all Allow from 192.168.1.0/255.255.255.0 Options Indexes FollowSymLinks </Directory>
/etc/rc.d/init.d/httpd restart vi /etc/httpd/conf/httpd.conf 311¦æ AllowOverride None ק令--> AllowOverride All
/etc/rc.d/init.d/httpd restart
mkdir /var/www/html/test2 cd /var/www/html/test2 htpasswd -c .htpasswd sysadm
vi .htaccess AuthUserFile /var/www/html/test2/.htpasswd AuthName "Top Secret" AuthType Basic require valid-user
·s¼W¨Ï¥ÎªÌ¡Ghtpasswd .htpasswd user2 קï±K½X¡Ghtpasswd -m .htpasswd sysadm Webalizer ©x¤èºô¯¸¡Ghttp://www.mrunix.net/webalizer/
log¦ì¸m¡G/var/log/httpd/
apt-get -y install webalizer
cp /etc/httpd/conf.d/webalizer.conf /etc/httpd/conf.d/webalizer.conf.bak vi /etc/httpd/conf.d/webalizer.conf Alias /usage /var/www/usage <Location /usage> Order deny,allow Deny from all Allow from 127.0.0.1 ק令--> Allow from 192.168.1.0/255.255.255.0 Allow from ::1 # Allow from .example.com </Location>
/usr/bin/webalizer /etc/rc.d/init.d/httpd restart ´ú¸Õ¡Ghttp://IP/usage/
Webalizer ©x¤è¤å¥ó¡Gftp://ftp.mrunix.net/pub/webalizer/README vsftpd ©x¤èºô¯¸¡Ghttp://vsftpd.beasts.org/
apt-get -y install vsftpd
cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.bak vi /etc/vsftpd/vsftpd.conf 12¦æ anonymous_enable=YES ק令--> anonymous_enable=NO 51¦æ #xferlog_file=/var/log/vsftpd.log ק令--> xferlog_file=/var/log/xferlog 96¦æ #chroot_list_enable=YES ק令--> chroot_list_enable=YES 98¦æ #chroot_list_file=/etc/vsftpd.chroot_list ק令--> chroot_list_file=/etc/vsftpd.chroot_list #¦bÀɮ׳̫ᱥ[¤W¤U±³o¤@¦æ chroot_local_user=YES
echo 'sysadm' >> /etc/vsftpd.chroot_list
/etc/rc.d/init.d/vsftpd start chkconfig vsftpd on
cd /home/sysadm touch ftptest.txt
´ú¸Õ¡Glftp -u sysadm IP¡]©Î lftp sysadm@IP¡^
lftp ¤¶²Ð¡Gget¡Bmget¡Bput¡Bmput¡Bmirror¡Bexit bg¡B!<shell-command>
¨î¨CÓ IP ³Ì¤j³s½u¼Æ¶q¡Gmax_per_ip=5 ¨î¶Ç¿é³t²v¡Glocal_max_rate=30000¡]30000 ªí 30KB¡^
vsftpd ©x¤è¤å¥ó¡Ghttp://vsftpd.beasts.org/vsftpd_conf.html ¦]¬°¦b /etc/vsftpd/vsftpd.conf ¤º§Ú̦³³]©w chroot_local_user=YES °Ñ¼Æ¡A³oӰѼƪº³]©w¦b¨î¨Ï¥ÎªÌ¥u¯à¦b¦Û¤vªº®a¥Ø¿ý¬¡°Ê¡A¬°¤FÅý sysadm ³oÓ±b¸¹¥i¥H¤W¶Çºô¶¨ì /var/www/html ¡A©Ò¥H§Ú̥Πmount --bind ªº¤è¦¡±N /home/sysadm/web ¸ê®Æ§¨³sµ²¨ì /var/www/html¡A³o¼Ë§ÚÌ´N¥i¥H¥Î sysadm ±b¸¹¤W¶Çºô¶¤F
µù¡G¦b ftp ¤U¡Aln -s¡]symbolic link¡^¬OµLªk§@¥Îªº¡]¦]¬° chroot ªºÃö«Y¡^¡A©Ò¥H¤~¥Î mount --bind ªº¤è¦¡
mkdir /home/sysadm/web chown sysadm.sysadm /home/sysadm/web mount --bind /var/www/html /home/sysadm/web
chmod 775 /var chmod 775 /var/www chmod 775 /var/www/html
#¶}¾÷´N¦Û°Ê±N /var/www/html ±¾¸ü¨ì /home/sysadm/web¡G echo 'mount --bind /var/www/html /home/sysadm/web' >> /etc/rc.local
#¥H«á¥un±Nºô¶¤W¶Ç¨ì /home/sysadm/web´N¥i¥H¤F
#¦p¦ó mount ISO ÀÉ¡G mkdir /media/iso mount -o loop xxx.iso /media/iso #¹î¬ÝÀɮרt²ÎºÏºÐªÅ¶¡¨Ï¥Îª¬ªp¡Gdf -h FileZilla¡]Microsoft Windows ¤U¦n¥Îªº ftp ¦Û¥Ñ³nÅé¡^ FileZilla ©x¤èºô¯¸¡Ghttp://filezilla.sourceforge.net/
¤U¸ü¡Ghttp://umn.dl.sourceforge.net/sourceforge/filezilla/FileZilla_2_2_10_setup.exe
ª`·N¡GFileZilla ªº¶Ç¿é¹Lµ{¹w³]¬O¨S¦³¥[±Kªº¡A¦³¦w¥þ©Êªº·ÀI¡A©Ò¥H¾Þ§@ªº®ÉÔ°O±o¦b¡u¦øªA¾¹«¬ºA¡vªº¦a¤è¤Ä¿ï¡u³]©wSFTP¨Ï¥ÎSHH2¡v¡A¬°¶Ç¿é¹Lµ{¥[±K¡]¹Ï¡^
FileZilla ©x¤è¤å¥ó¡Ghttp://filezilla.sourceforge.net/documentation/ Sendmail ©x¤èºô¯¸¡Ghttp://www.sendmail.org/
apt-get -y install sendmail sendmail-cf m4 cyrus-sasl
cp /etc/mail/sendmail.mc /etc/mail/sendmail.mc.bak vi /etc/mail/sendmail.mc 48¦æ dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl 49¦æ dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl #§R±¼³o¨â¦æ«e±ªº dnl¡Aª`·N¡GTRUST_AUTH_METH¡Bdefine«e±¤£n¯d¦³ªÅ®æ¡]vi §R±¼¦r¡Gx¡^ 105¦æ DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl ק令--> DAEMON_OPTIONS(`Port=smtp,Addr=0.0.0.0, Name=MTA')dnl
cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.bak m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
vi /etc/mail/access sqes.hcc.edu.tw RELAY 192.1.68.1 RELAY #¥[¤J¥H¤W¨â¦æ¡]½Ð¨Ì¦Û¤v¾Ç®Õª¬ªpקï¡^
makemap hash /etc/mail/access < /etc/mail/access
/etc/rc.d/init.d/saslauthd start /etc/rc.d/init.d/sendmail start chkconfig saslauthd on chkconfig sendmail on
´ú¸Õ¡Gtelnet localhost 25¡]Â÷¶}¡Gquit¡^
Sendmail ©x¤è¤å¥ó¡Ghttp://www.sendmail.org/~ca/email/sm-X/ Dovecot ©x¤èºô¯¸¡Ghttp://www.dovecot.org/
apt-get -y install dovecot
/etc/rc.d/init.d/dovecot start chkconfig dovecot on
POP3 ´ú¸Õ¡Gtelnet localhost 110¡]Â÷¶}¡Gquit¡^ IMAP ´ú¸Õ¡Gtelnet localhost 143
mutt ¤¶²Ð¡Gapt-get install mutt netstat ¤¶²Ð¡Gnetstat -anp¡Bnetstat -tl nmap ¤¶²Ð¡Gapt-get install nmap
Dovecot ©x¤è¤å¥ó¡Ghttp://wiki.dovecot.org/ Open Webmail tar ball ¦w¸Ë¬yµ{¡G Open Webmail ©x¤èºô¯¸¡Ghttp://openwebmail.org/
ª`·N¡Gn¬[³] Open Webmail «e¡A½Ð°È¥²¥ý±N sendmail¡Bdovecot ¬[³]¦n
apt-get -y install perl-suidperl perl-Compress-Zlib gcc
wget http://turtle.ee.ncku.edu.tw/openwebmail/download/current/openwebmail-current.tar.gz wget http://turtle.ee.ncku.edu.tw/openwebmail/download/packages/MIME-Base64-3.01.tar.gz wget http://turtle.ee.ncku.edu.tw/openwebmail/download/packages/Text-Iconv-1.2.tar.gz
#¦w¸Ë MIME-Base64 cd .. tar zxvf MIME-Base64-3.01.tar.gz cd MIME-Base64-3.01 perl Makefile.PL make make test make install
µù¡GÁöµM±zªº¾÷¾¹¥i¯à¤w¸g¦w¸Ë¤F MIME-Base64 ³oÓ®M¥ó¡AÁÙ¬O«Øij±z±q source «·s¸Ë¤@¦¸¡C³o¼Ë°µªº¸Ü¡A¥i¥H½T©w MIME-Base64 ¤¤ªº XS ¤ä´©¦³³Q±Ò°Ê¡A¥i¥H¤j´T¦a¼W¥[³B²z MIME ªþ¥ó½s½X»P¸Ñ½Xªº³t«×¡C #¦w¸Ë Text-Iconv cd .. tar -zxvf Text-Iconv-1.2.tar.gz cd Text-Iconv-1.2 perl Makefile.PL make make test make install #¦w¸Ë Open WebMail 1.¸Ñ¶} openwebmail-current.tgz cd .. cp openwebmail-current.tar.gz /var/www cd /var/www tar zxvfBp openwebmail-current.tar.gz mv data/openwebmail html/ rm -rf openwebmail-current.tar.gz data 2.קï auth_unix.pl cp /var/www/cgi-bin/openwebmail/auth/auth_unix.pl /var/www/cgi-bin/openwebmail/auth/auth_unix.pl.bak vi /var/www/cgi-bin/openwebmail/auth/auth_unix.pl 24¦æ my $passwdfile_encrypted = $conf{'passwdfile_encrypted'} || '/etc/master.passwd'; ק令--> my $passwdfile_encrypted = "/etc/shadow"; 25¦æ my $passwdmkdb = $conf{'passwdmkdb'} || '/usr/sbin/pwd_mkdb'; ק令--> my $passwdmkdb = "none"; 3.קï openwebmail.conf cp /var/www/cgi-bin/openwebmail/etc/openwebmail.conf /var/www/cgi-bin/openwebmail/etc/openwebmail.conf.bak vi /var/www/cgi-bin/openwebmail/etc/openwebmail.conf 13¦æ mailspooldir /var/mail ק令--> mailspooldir /var/spool/mail 14¦æ ow_cgidir /usr/local/www/cgi-bin/openwebmail ק令--> ow_cgidir /var/www/cgi-bin/openwebmail 16¦æ ow_htmldir /usr/local/www/data/openwebmail ק令--> ow_htmldir /var/www/html/openwebmail #¦b 19 ¦æ«á±·s¼W spellcheck /usr/bin/ispell default_iconset Cool3D.Chinese.Traditional enable_sshterm no enable_changepwd no
¦¹³]©wÀɳ̫ᱬO¨Ï¥ÎªÌ±H«Hªº¹w³] ñ¦WÀÉ¡A½Ð¦Û¦æקï¬õ¦r³¡¤À <default_signature> -- XX°ê¤pºô¸ô¶l§½ Open WebMail Project (http://openwebmail.org) </default_signature> 4.קï dbm.conf cp /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf /var/www/cgi-bin/openwebmail/etc/dbm.conf.bak vi /var/www/cgi-bin/openwebmail/etc/defaults/dbm.conf dbm_ext .db dbmopen_ext .db dbmopen_haslock no 5.קï syslog Åý°O¿ýÀɽü´À vi /etc/logrotate.d/syslog #¦b¦¹Àɮ׳̫á¥[¤W /var/log/openwebmail.log { postrotate /usr/bin/killall -HUP syslogd endscript } 6.ªì©l¤Æ /var/www/cgi-bin/openwebmail/openwebmail-tool.pl --init µù¡G·í°õ¦æ¦¹µ{¦¡ªº®ÉÔ¡AY¥X²{¥ô¦ó°ÝÃDªº¸Ü¡A½Ð¨Ì·ÓÅã¥Ü°T®§×§ï 7.´ú¸Õ¡Ghttps://IP/cgi-bin/openwebmail/openwebmail.pl 8.ÁYµu Open WebMail ³sµ²ºô§} vi /etc/httpd/conf/httpd.conf #¦b³]©wÀɳ̫ᱥ[¤W ScriptAlias /mail "/var/www/cgi-bin/openwebmail/openwebmail.pl" /etc/rc.d/init.d/httpd restart 9.´ú¸Õ¡Ghttps://IP/mail/
µù¡G
Squid©x¤èºô¯¸¡Ghttp://www.squid-cache.org/
apt-get -y install squid
cp /etc/squid/squid.conf /etc/squid/squid.conf.bak vi /etc/squid/squid.conf #קï 695 ¦æ¡A±N # ¨ú®ø¡A100 §ï¬° 1000¡]½Ðµø¨Ï¥Î¤H¼Æ¥[¤j cache ¸ê®Æ§¨®e¶q¡^ # cache_dir ufs /var/spool/squid 100 16 256 ק令--> cache_dir ufs /var/spool/squid 1000 16 256
#1817ªº¦a¤è¥[¤J¤U±³o¤@¦æ¡A¨î¤¹³\³s½u½d³ò¡A¬õ¦â³¡¤À½Ð¨Ì¦Û¤v¾Ç®Õª¬ªpקï acl school src 192.168.1.0/255.255.255.0
#1863¡B1864 ¦æ¤¤¶¡¥[¤J¬õ¦â³o¤@¦æ http_access allow localhost http_access allow school http_access deny all
/etc/rc.d/init.d/squid start chkconfig squid on
´ú¸Õ¡G 1.¬° w3m ±¾¤W proxy cp /etc/w3m/config /etc/w3m/config.bak vi /etc/w3m/config http_proxy http://IP:3128 w3m tw.yahoo.com 2.¬° lynx ±¾¤W proxy vi /etc/lynx.cfg #¦b 1595 ¦æªº¦a¤è·s¼W¤U±³o¤@¦æ http_proxy:http://IP:3128/ lynx tw.yahoo.com log ¦ì¸m¡G/var/log/squid/access.log
Squid ©x¤è¤å¥ó¡Ghttp://www.squid-cache.org/Doc/ DHCP ©x¤èºô¯¸¡Ghttp://www.isc.org/sw/dhcp/
apt-get -y install dhcp
vi /etc/dhcpd.conf #קï¦p¤U¡A¬õ¦â³¡¤À½Ð¨Ì¦Û¤v¾Ç®Õª¬ªpקï ddns-update-style interim; ignore client-updates; subnet 192.168.1.0 netmask 255.255.255.0 { option routers 192.168.1.254; option subnet-mask 255.255.255.0; option domain-name "sqes.hcc.edu.tw"; option domain-name-servers 163.19.1.1; range dynamic-bootp 192.168.1.100 192.168.1.200; }
/etc/rc.d/init.d/dhcpd start chkconfig dhcpd on
more /var/lib/dhcp/dhcpd.leases man dhcpd.conf man dhcpd.leases
DHCP ©x¤è¤å¥ó¡Ghttp://www.isc.org/index.pl?/sw/dhcp/dhcpv3-README.php Samba ©x¤èºô¯¸¡Ghttp://www.samba.org/samba/samba.html
apt-get -y install samba samba-client samba-common
mv /etc/samba/smb.conf /etc/samba/smb.conf.bak vi /etc/samba/smb.conf [global] netbios name = STUDENT #samba ¥D¾÷¦bºô¸ô¤WªºªÚ¾F¥X²{ªº¦W¦r¡G¹w³]¬°¦øªA¾¹ªº hostname¡A¥i¦Û¨ú¡A¤j¤p¼g¤£©ë¡A¤£¹L¡Anetbios name ©M workgroup ¤£n³]¦¨¤@¼Ëªº¦W¦r
workgroup = STUDENT_SAMBA #¬Û·í©ó Windows ¤Uªº¤u§@¸s²Õ¡A¥i¦Û¨ú¡A½Ð¥Î^¤å
server string = Samba %v on %L #samba server ªºµù¸Ñ¡G¥i¦Û©w
hosts allow = 192.168.1.0/255.255.255.0 #¤¹³\³s½uªº¥D¾÷¡G¬°¤F¦w¥þ°_¨£¡A¤@©wn¨î¤¹³\³s½uªº½d³ò¡A³o¸Ì¬O¥H¤@Ó Class C ¬°¨Ò¡A½Ð¨Ì¦Û¤v¾Ç®Õª¬ªp³]©w
log file = /var/log/samba/%m.log #³]©w log ¦ì¸m©M®æ¦¡¡A%m ªí¾÷¾¹¦WºÙ¡A³o¼Ë¨C¥x client ³£¦³¿W¥ßªº¬ö¿ýÀÉ
max log size = 50 #¬ö¿ýÀɳ̤j®e¶q¡A³æ¦ìKb
security = user #¦w¥þµ¥¯Å³]©w¡G¥Ñ´£¨ÑªA°Èªº samba ÅçÃҨϥΪ̪º±b¸¹¡B±K½X #security °Ñ¼Æ¦³¥|ºØ¡Gshare¡Buser¡Bserver¡Bdomain
encrypt passwords = yes #¨Ï¥Î¥[±Kªº¤è¦¡¶Ç°e±K½X¡GWindows ¦Û 95 OSR2¡BNT SP3 ¥H«á³£¬O±Ä¥Î¥[±Kªº±K½X¡A°£«DÁÙ¦b¨Ï¥Î¤ñ³o¦ªº¥j¸³¯Å§@·~¨t²Î¡A§_«h³oӰѼƤ@©wn³]
domain master = yes #¦¨¬°ºô°ì¥DÂsÄý¾¹¡G¦¹°Ñ¼Æ¥i¥HºÞ²z¸ó¤lºô°ìªºÂsÄýªA°È
local master = yes #¦¨¬°°Ï°ì¥DÂsÄý¾¹¡G´£¨Ñ°Ï°ì¤º¥D¾÷ªºÂsÄýªA°È
preferred master = yes #¶}¾÷´N±j¢Á|¦æÂsÄýÅv¿ïÁ|¡A¦¹°Ñ¼Æ¥i¥H´£°ª samba ¦¨¬°°Ï°ì¥DÂsÄý¾¹ªº¾÷·| #Y¦P¤@°Ï°ì¤º¦³¦h¥x samba server¡A¤W±¤TӰѼơA¥un³]©w¦b¤@¥x§Y¥i
os level = 255 #NT ªº OS level ¬O 32¡AWindows 2000 «h¬O 64¡Asamba ªº os level n¤j©ó¥¦Ì¡A¤~¯à¨ú¥N ¥¦Ì¦¨¬° PDC¡]¥Dºô°ì±±¨îªÌ¡^¡A¦¹³]©wȳ̤j¬°255
domain logons = yes #§â Samba ·í¦¨ºô°ì¥D±±¯¸
logon drive = x: #¨Ï¥ÎªÌ®a¥Ø¿ýºô¸ôºÏºÐ¾÷ªº¥N¸¹¡G¥i¦Û¨ú¡A³o¸Ì¬O¥H x ¬°¨Ò¡A¹w³]Ȭ°Z
logon home = \\%L\%U logon script = U.bat #µn¤J§å¦¸Àɳ]©w ¡G·í¨Ï¥ÎªÌµn¤Jºô°ì«á¡A·|¦b¨Ï¥ÎªÌºÝ¹q¸£¦Û°Ê°õ¦æ¦¹ M$-DOS ®æ¦¡§å¦¸ÀÉ¡A #¹w³]ȬO logon script = %U.bat¡A»Ýn¬°¨CÓ¤H«Ø¥ß logon script ¡A¤H¼Æ¤@¼W¦hªº®ÉÔ¡A·|¦¨¬°¨H«ªºt¾á¡A³]¦¨ U.bat ªº¸Ü¥un¤@Ó´N¥i¥H¤F #¡]¦¹³]©wÈ©M¤U±ªº [netlogon] ¤À¨É°Ï¦³Ãö¡^
time server = yes #±Ò°Ê time server ¥\¯à¡G§âsamba ·í¦¨ time server¡A¥un client ³s¶i¨Ó´N¥i¥H®Õ®É¡A»Ýn login script ªº°t¦X
wins support = yes #±Ò°Ê wins server ¥\¯à¡G¤@Óºô°ì¤º¥u¯à¦³¤@Ó wins server¡AYºô°ì¤º¤w¸g¦³¨ä¥L wins server¡A½Ð¤Å³]©w¦¹°Ñ¼Æ #WINS=Windows Internet Name Serving
deadtime = 20 #¨Ï¥ÎªÌ20 ¤ÀÄÁ¨S¦³°Ê§@ samba ´N¦Û°Ê¤¤Â_³s½u
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #³o°Ñ¼Æ¥i¥H¼W¶i³s½u³t²v
dos charset = CP950 unix charset = BIG5 #samba 3.0 ¹w³]¦r¤¸¶°¬° unicode¡A¥[¤W¦¹°Ñ¼Æ¤£¤ä´© unicode ªº§@·~¨t²Î¤~¯à¥¿±`Åã¥Ü¤¤¤å #¥H«eªº³]©w client code page = 950 ²{¦b¨S¦³¥Î¤F #¹w³]È¡Gunix charset = UTF8
admin users = sysadm #³]©wºÞ²zªÌ¡G³o¸Ì¬O¥H sysadm ¬°¨Ò¡A¨t²Î¤º¥²¶·¦³¶}³]³oÓ±b¸¹
############### ©³¤U¬°n¤À¨Éªº¸ê®Æ§¨¡]ºô¸ôºÏºÐ¾÷¡^############# [homes] comment = %U's Home Directories browseable = no writable = yes force create mode = 0755
[netlogon] comment = Network Logon Service path = /home/samba/netlogon write list = sysadm #½Ö¥i¥H¼g¤J netlogon ¸ê®Æ§¨¡A³o¸Ì¬O¥H sysadm ¬°¨Ò¡A§A¥i¥H¦Û¨ú¡A¤£¹Ln°O±o«Ø¥ß³oÓ±b¸¹
[§@·~ú¥æ] comment = §@·~ú¥æ path = /home/homework valid users = sysadm,@s91,@s90,@s89,@s88 write list = sysadm,@s91,@s90,@s89,@s88 force create mode = 0755
[¸ê·½¤À¨É] comment = ¸ê·½¤À¨É¡]³o¸Ì©ñ¦³¤W½Ò¥Îªº±Ð§÷¡B³nÅé¡^ path = /home/share valid users = sysadm,@s91,@s90,@s89,@s88 #valid users ªí¥Ü½Ö¥i¥H¶i¤J³oÓ¸ê®Æ§¨ #¥[ @ ªí¸s²Õ¡A @s90 ªí s90 ³oÓ¸s²Õ¡A·íµM¨t²Î¤º»Ýn¹w¥ý«Ø¦³ s90 ³oÓ¸s²Õ write list = sysadm force create mode = 0755
³]©wÀÉÀˬd¡Gtestparm
#«Ø¥ß netlogon ¸ê®Æ§¨©MקïÅv mkdir -p /home/samba/netlogon chmod 755 /home/samba/netlogon chown sysadm.sysadm /home/samba/netlogon #«Ø¥ß U.bat µn¤J§å¦¸ÀÉ©MקïÅv cd /home/samba/netlogon vi U.bat net time \\IP /set /yes net use w: /home net use x: \\IP\¸ê·½¤À¨É net use y: \\IP\§@·~ú¥æ chmod 755 U.bat chown sysadm.sysadm U.bat unix2dos U.bat Àˬd¡God -c U.bat #«Ø¥ß homework¡Bshare ¸ê®Æ§¨©MקïÅv mkdir /home/homework /home/share chmod 777 /home/homework chmod 755 /home/share chown sysadm.sysadm /home/homework /home/share #·s¼W samba ±K½X¡B±Ò°Ê samba smbpasswd -a sysadm #±Ò°Ê /etc/rc.d/init.d/smb start chkconfig smb on #´ú¸Õ ¶}±ÒÀÉ®×Á`ºÞ¡G\\IP #for Windows XP ºô¸ôºÏºÐ¾÷§å¦¸ÀÉ¡G #¦b®à±½s¿è µn¤J¾Ç¥Í¥D¾÷.bat §å¦¸ÀÉ net use w: \\IP\homes net use x: \\IP\¸ê·½¤À¨É net use y: \\IP\§@·~ú¥æ net time \\IP /set /yes
#ª½±µ±N±b¸¹±K½X¼g¶i§å¦¸Àɪº¼gªk net use w: \\IP\homes /user:username password net use x: \\IP\¸ê·½¤À¨É net use y: \\IP\§@·~ú¥æ net time \\IP /set /yes #¦b Linux ¤å¦r¼Ò¦¡¤Uªº±¾¸ü¤è¦¡¡G mkdir /media/smb smbclient -L IP mount //IP/¸ê·½¤À¨É /media/smb -o username=sysadm mount //IP/¸ê·½¤À¨É /media/smb -o username=sysadm,password=password smbstatus - report on current Samba connections Official Samba-3 HOWTO¡Ghttp://us2.samba.org/samba/docs/man/Samba-HOWTO-Collection/
#¥úºÐ¬M¹³ÀÉ»s§@³nÅé¡]for Windows¡^¡G
#¥úºÐ¬M¹³Àɱ¾¸ü³nÅé¡]for Windows¡^¡G
#¤G«°ê¤p DAEMON tools À³¥Î¹ê¨Ò¡]ÀɮפU¸ü¡^
The Official Samba-3 HOWTO and Reference Guide¡Ghttp://us4.samba.org/samba/docs/man/Samba-HOWTO-Collection/ PHP©x¤èºô¯¸¡Ghttp://www.php.net/ MySQL ©x¤èºô¯¸¡Ghttp://www.mysql.com/
apt-get -y install php mysql mysql-server php-mysql php-gd php-mbstring
cp /etc/php.ini /etc/php.ini.bak vi /etc/php.ini 244¦æ max_execution_time = 300 245¦æ max_input_time = 600 246¦æ memory_limit = 80M 388¦æ post_max_size = 80M 501¦æ upload_max_filesize = 20M #¤W±³]©wÈ¡A½Ðµø¦Û¤v»Ý¨Dקï
vi /etc/httpd/conf.d/php.conf 18¦æ DirectoryIndex index.php ק令--> #DirectoryIndex index.php
/etc/rc.d/init.d/httpd restart
cd /var/www/html vi phpinfo.php <?php phpinfo(); ?>
´ú¸Õ¡Glynx http://IP/phpinfo.php
#±Ò°Ê MySQL /etc/rc.d/init.d/mysqld start chkconfig mysqld on µù¡G¦b³o¸Ì§ÚÌ¥ý¤£³]©w MySQL ªº root ±K½X¡Aµ¥¸Ë¤F¤U±ªº phpMyAdmin ¤§«á¡A¦A¨Ï¥Î phpMyAdmin קï
#MySQLªº root ±K½X§Ñ¤F«ç»ò¿ì¡H /etc/rc.d/init.d/mysqld stop /usr/bin/safe_mysqld --skip-grant-tables & mysql -u root -p mysql update user set password=password("·s±K½X") where user="root" and host="localhost"; flush privileges; quit
/etc/rc.d/init.d/mysqld stop /etc/rc.d/init.d/mysqld start #¦p¦ó«·s¦w¸Ë MySQL¡H /etc/rc.d/init.d/mysqld stop apt-get remove mysql rm -rf /var/lib/mysql apt-get -y install php mysql mysql-server php-mysql php-gd /etc/rc.d/init.d/mysqld start ³]©w±K½X¡Gmysqladmin -u root password '±K½X' PHP ©x¤è¤å¥ó¡Ghttp://www.php.net/docs.php MySQL ©x¤è¤å¥ó¡Ghttp://dev.mysql.com/doc/ phpMyAdmin ©x¤èºô¯¸¡Ghttp://www.phpmyadmin.net/
wget http://umn.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.6.0-pl3.tar.gz tar zxvf phpMyAdmin-2.6.0-pl3.tar.gz mv phpMyAdmin-2.6.0-pl3 /var/www/html/phpMyAdmin cd /var/www/html/phpMyAdmin/
cp config.inc.php config.inc.php.bak vi config.inc.php 39 ¦æ $cfg['PmaAbsoluteUri'] = ''; ק令--> $cfg['PmaAbsoluteUri'] = 'http://IP/phpMyAdmin/'; 83 ¦æ $cfg['Servers'][$i]['auth_type'] = 'config'; ק令--> $cfg['Servers'][$i]['auth_type'] = 'http';
´ú¸Õ¡Ghttp://IP/phpMyAdmin/¡A±b¸¹ root¡A±K½XªÅ¥Õ ¤Á°O קï MySQL ªº root ±K½X
phpMyAdmin ©x¤è¤å¥ó¡Ghttp://www.phpmyadmin.net/home_page/docs.php phpSysInfo ©x¤èºô¯¸¡Ghttp://phpsysinfo.sourceforge.net/
wget http://umn.dl.sourceforge.net/sourceforge/phpsysinfo/phpsysinfo-2.3.tar.gz tar zxvf phpsysinfo-2.3.tar.gz mv phpsysinfo-dev /var/www/html/phpSysInfo cd /var/www/html/phpSysInfo/
cp config.php.new config.php vi config.php 23¦æ $default_lng='en'; ק令--> $default_lng='tw'; 24¦æ $default_template='classic';
´ú¸Õ¡Ghttp://IP/phpSysInfo/ ¾Ç®Õ¾ã¦X¼Ò²Õ¡]µ{¦¡¼¶¼g¡G·s¦Ë¿¤ ³Õ·R°ê¤¤ ´¿µY´I¦Ñ®v¡^ ©x¤èºô¯¸¡Ghttp://dyna.hcc.edu.tw/dyna/menu/index.php?account=dyna ¤¶²Ð¡Ghttp://dyna.nc.hcc.edu.tw/php/class1_4.htm
apt-get install unzip gd
¥Î phpMyAdmin ·s¼W school ¸ê®Æ®w
wget http://dyna.hcc.edu.tw/dyna/data/user/dyna/files/school.zip unzip -d /var/www/html school.zip
cp /var/www/html/school/config.inc.php /var/www/html/school/config.inc.php.bak vi /var/www/html/school/config.inc.php ²Ä10¦æ $db_passwd = '1234'; //*MySQL username ªº±K½X ²Ä11¦æ $install_passwd = '1234'; //*¦w¸Ë¥»µ{¦¡±K½X¡]°È¥²§ó´«) ²Ä21¦æ $use_unix_command = 0; ק令--> $use_unix_command = 1; ²Ä22¦æ $unzip_command = '/usr/local/bin/unzip'; ק令--> $unzip_command = '/usr/bin/unzip'; ²Ä40¦æ $self_url = 'http://localhost/school/'; //*³]©w¥»µ{¦¡©ñ¸m URL ²Ä43¦æ $self_place = 'c:/appserv/www/school/'; ק令--> $self_place = '/var/www/html/school/';
chmod -R 777 /var/www/html/school/data
¦w¸Ë¡Ghttp://IP/school/install.php ÂsÄý¡Ghttp://IP/school/
¨t²ÎºÞ²zªÌ¹w³]±b¸¹±K½X§¡¬° admin קïºÞ²zªÌ±K½X¡G°ò¥»¸ê®Æ/µêÀÀ±b¸¹ºÞ²z °ò¥»¸ê®Æ/¾Ç®Õ¸ê®Æ½s× ©x¤èºô¯¸¡Ghttp://dyna.hcc.edu.tw/dyna/menu/index.php?account=dyna ¤¶²Ð¡Ghttp://dyna.hcc.edu.tw/php/class9_1.htm
¥Î phpMyAdmin ·s¼W dyna ¸ê®Æ®w
wget http://dyna.hcc.edu.tw/dyna/data/user/dyna/files/dyna.zip unzip -d /var/www/html dyna.zip
cp /var/www/html/dyna/config.inc.php /var/www/html/dyna/config.inc.php.bak vi /var/www/html/dyna/config.inc.php 10¦æ $db_passwd = '1234'; //*MySQL username ªº±K½X 11¦æ $install_passwd = '1234'; //*¦w¸Ë¥»µ{¦¡±K½X¡]°È¥²§ó´«) 26¦æ $use_unix_command = 0; ק令--> $use_unix_command = 1; 27¦æ $unzip_command = '/usr/local/bin/unzip'; ק令--> $unzip_command = '/usr/bin/unzip'; 32¦æ $self_url = 'http://localhost/dyna/'; //*³]©w¥»µ{¦¡©ñ¸m URL 35¦æ $self_place = 'c:/appserv/www/dyna/'; ק令--> $self_place = '/var/www/html/dyna/';
chmod -R 777 /var/www/html/dyna/data
¦w¸Ë¡Ghttp://IP/dyna/install.php ÂsÄý¡Ghttp://IP/dyna/
¨t²ÎºÞ²zªÌ¹w³]±b¸¹±K½X§¡¬° admin קïºÞ²zªÌ±K½X¡G±b¸¹°ò¥»³]©w #®Õ®É¡G apt-get install ntp ntpdate watch.stdtime.gov.tw;clock -w
®É¶¡»PÀW²v°ê®a¼Ð·Ç¹êÅç«Ç¡Ghttp://www.stdtime.gov.tw/chinese/home.htm NTP ®Õ®É³nÅé¡]for Windows¡^¡Ghttp://www.stdtime.gov.tw/chinese/EXE/NTPClock.exe
vi /etc/crontab #¥H¤U³]©w¶È¨Ñ°Ñ¦Ò¡A½Ðµø¦Û¤vª¬ªp³]©w 0 0-23 * * * root /usr/sbin/ntpdate watch.stdtime.gov.tw > /dev/null 2>&1 #¨CÓ¤p®É®Õ®É¤@¦¸¡]stdtime.sinica.edu.tw¡^
0 3 * * * root apt-get clean > /dev/null 2>&1 0 4 * * * root yum clean > /dev/null 2>&1 #¨C¤Ñ¦¤W¤T¡B¥|ÂI²M°£ apt¡Byum ¼È¦sÀÉ®×
0 6 * * * root /bin/sync;/bin/sync;/bin/sync;/sbin/shutdown -r now > /dev/null 2>&1 #¨C¤Ñ¦¤W¤»ÂI¹q¸£«·s¶}¾÷ Webmin¡G¦n¥Îªºweb¤¶±§@·~¨t²ÎºÞ²z¤u¨ã Webmin ©x¤èºô¯¸¡Ghttp://www.webmin.com
wget http://umn.dl.sourceforge.net/sourceforge/webadmin/webmin-1.170-1.noarch.rpm rpm -ivh webmin-1.170-1.noarch.rpm
´ú¸Õ¡Ghttp://IP:10000 ¤¤¤å¤Æ¡GWebmin Configuration / Language / Traditional Chinese(ZH_TW.BIG5) ¶}¾÷ªº®ÉÔ¤£±Ò°Ê¡Gchkconfig webmin off Using SSL With Webmin¡G apt-get -y install gcc openssl-devel
#¦w¸Ë OpenSSL library wget http://www.openssl.org/source/openssl-0.9.7e.tar.gz tar zxvf openssl-0.9.7e.tar.gz cd openssl-0.9.7e ./config make make install #¹Lµ{¦³ÂI¤[¡A½Ð@¤ßµ¥Ô #¦w¸Ë Net::SSLeay module cd .. wget http://www.cpan.org/modules/by-module/Net/Net_SSLeay.pm-1.25.tar.gz tar zxvf Net_SSLeay.pm-1.25.tar.gz cd Net_SSLeay.pm-1.25 perl Makefile.PL make install #´ú¸Õ SSL perl -e 'use Net::SSLeay' #¨S¦³¥X²{¥ô¦ó°T®§´N¬O¦¨¥\¤F #±Ò°Ê Webmin ªº SSL ¤ä´©¡GWebmin ²ÕºA / SSL¥[±K
#¦p¦ó³]©w¨Ï webmin ¤¤ªº·s¼W¨Ï¥ÎªÌ±b¸¹³oӼҲո̱¹w³]µ¹©wªºshell¬O/bin/false¦Ó¤£¬O/bin/sh? vi /usr/libexec/webmin/useradmin/edit_user.cgi 23¦æ "/bin/sh", "/bin/csh", "/bin/false"); ק令--> "/bin/false", "/bin/sh", "/bin/csh"); usermin usermin©x¤èºô¯¸¡Ghttp://www.webmin.com/index6.html wget http://umn.dl.sourceforge.net/sourceforge/webadmin/usermin-1.100-1.noarch.rpm rpm -ivh usermin-1.100-1.noarch.rpm ´ú¸Õ¡Ghttps://IP:20000
Webmin ©x¤è¤å¥ó¡Ghttp://www.webmin.com/index2.html ¦øªA¾¹ / Sambaµøµ¡ÀɮפÀ¨É / ²ÕºA Unix ©M Samba ¨Ï¥ÎªÌ¦Û°Ê¦P¨B¡G¤Ä¿ï¸Ì±ªº©Ò¦³¿ï¶µ ª`·N¡G³oÂI«D±`«n
#«Ø¥ßÓ¤Hºô¶¸ê®Æ§¨¡B½d¥»ÀÉ mkdir /etc/skel/public_html touch /etc/skel/public_html/index.html #«Ø¥ß¸s²Õ ¨Ï¥Î webmin «Ø¥ß ¸s²Õ¦WºÙ¡G¨t²Î / ¨Ï¥ÎªÌ»P¸s²Õ ¦b /home ¤º«Ø¥ß¸s²Õªº¸ê®Æ§¨¡Gmkdir /home/s94 #«Ø¥ß§å¦¸¶×¤JÀɮס]½d¨ÒÀɤ@¡B½d¨ÒÀɤG¡^ create:¨Ï¥ÎªÌ¦WºÙ:±K½X:uid:gid:¯u¹ê©m¦W:®a¥Ø¿ý:shell:³Ì¤p:³Ì ¤j:ĵ§i:«D¨Ï¥Î:¹L´Á #¨Ï¥Î§å¦¸Àɫإߤj§å¨Ï¥ÎªÌ ª`·N¡Gquota ¥u¯à°w¹ï partition ¨Ó¨î¡A¦Ó¤£¯à°w¹ï¬YÓ¸ê®Æ§¨¨Ó°µ¨î¡A³q±`§Ú̱N¨Ï¥ÎªÌ«Ø¦b /home ¡]¥¼§ó§ï user home directory ªºª¬ªp¤U¡^¡A©Ò¥H°w¹ï /home ¨Ó°µ quota ±±ºÞ¬O¥²¶·ªº
vi /etc/fstab #¦bn±Ò°Ê quota ªººÏ°Ï¤º¥[¤J¬õ¦r³¡¤À¡A©³¤U¬O¥H /home ¬°¨Ò LABEL=/home /home ext3 defaults,usrquota 1 2
mount -o remount /home
quotacheck -avmcu # ¶¶§Qªº¸Ü¦b /home ¤º·|¥X²{ aquota.user ÀÉ®×
quotaon /home
½s¿è¨Ï¥ÎªÌ quota¡Gedquota ¨Ï¥ÎªÌ±b¸¹ Disk quotas for user s940002 (uid 502): Filesystem blocks soft hard inodes soft hard /dev/hda2 5 35000 40000 6 0 0
½Æ»s quota¡Gedquota -p ½d¥»±b¸¹ * µù¡Gedquota ¹w³]·|±Ò°Ê vi
repquota -a
#Åý¨Ï¥ÎªÌ©|¥¼¦¬ªº mail ¤]¨ü quota ªººÞ¨î mkdir /home/mail chown root.mail /home/mail chmod 775 /home/mail cp -p /var/spool/mail/* /home/mail mv /var/spool/mail /var/spool/mail.bak ln -s /home/mail /var/spool/mail #Ó¤H®a¥Ø¿ý¨Ï¥Î¶q¶W¹L°tÃB¨î¨Ï¥ÎªÌ¦W³æ script ì©l¨Ó·½¡Ghttp://home.csjh.tcc.edu.tw/home_exceed.htm
¤U¸ü quota_exceed.zip unzip -d /root quota_exceed.zip chmod 755 -R /root/quota_exceed /root/quota_exceed/home_create
echo '0 */6 * * * root /root/quota_exceed/home_create' >> /etc/crontab
´ú¸Õ¡Ghttp://IP/home_exceed.htm /etc/passwd¡B/etc/shadow¡B/etc/group¡B/etc/skel ¤¶²Ð symbolic link ¤¶²Ð¡Gln -s ¯u °² chown¡Bchmod¤¶²Ð ©x¤èºô¯¸¡Ghttp://changepassword.sourceforge.net/
wget http://umn.dl.sourceforge.net/sourceforge/changepassword/changepassword-0.9.tar.gz tar zxvf changepassword-0.9.tar.gz cd changepassword-0.9
./configure --enable-cgidir=/var/www/cgi-bin --enable-language=TChinese \ --enable-smbpasswd=/etc/samba/smbpasswd --disable-squidpasswd make make install
´ú¸Õ¡Ghttp://IP/cgi-bin/changepassword.cgi
ChangePassword ©x¤è¤å¥ó¡Ghttp://changepassword.sourceforge.net/README.txt YUM - Yellowdog Updater Modified YUM ©x¤èºô¯¸¡Ghttp://linux.duke.edu/projects/yum/
cd /etc/yum.repos.d/
cp fedora.repo fedora.repo.bak vi fedora.repo [base] name=Fedora Core $releasever - $basearch - Base baseurl=ftp://apt.nc.hcc.edu.tw/pub/fedora/linux/core/$releasever/$basearch/os/ #mirrorlist=http://fedora.redhat.com/download/mirrors/fedora-core-$releasever enabled=1 gpgcheck=1
cp fedora-updates.repo fedora-updates.repo.bak vi fedora-updates.repo [updates-released] name=Fedora Core $releasever - $basearch - Released Updates baseurl=ftp://apt.nc.hcc.edu.tw/pub/fedora/linux/core/updates/$releasever/$basearch/ #mirrorlist=http://fedora.redhat.com/download/mirrors/updates-released-fc$releasever enabled=1 gpgcheck=1
rpm --import /usr/share/doc/fedora-release-3/RPM-GPG-KEY-fedora yum update
yum install xxx yum remove xxx
yum grouplist yum groupinstall "KDE" yum clean all¡]/var/cache/yum/¡^
/etc/rc.d/init.d/yum start chkconfig yum on VMware - Microsoft Windows¡BLinux ¤U¬Ò¥i¨Ï¥Îªº§@·~¨t²Î¼ÒÀÀ¾¹¡A¦n¥Îªº´ú¸Õ¥¥x VMware ©x¤èºô¯¸¡Ghttp://www.vmware.com
apt-get install gcc rpm -ivh VMware-workstation-4.5.2-8848.i386.rpm
³]©w¡Gvmware-config.pl °õ¦æ¡G/usr/bin/vmware ¦p¦óÂ÷¶} Guest operating system¡GCtrl + Alt µù¡GY¦³¤É¯Å kernel ªº¸Ü¡Avmware-config.pl ´N¥²¶·«·s°õ¦æ¹L
VMware ©x¤è¤å¥ó¡Ghttp://www.vmware.com/support/pubs/ VNC¡]Virtual Network Computing¡^- »·ºÝ»»±±³nÅé VNC ©x¤èºô¯¸¡Ghttp://www.realvnc.com
apt-get install vnc-server /etc/rc.d/init.d/vncserver start vncserver ²Ä¤@¦¸°õ¦æ·|n¨D³]©w±K½X
vi ~/.vnc/xstartup ¨ú®ø¦¹¨â¦æ«e±ªº # unset SESSION_MANAGER exec /etc/X11/xinit/xinitrc
vi /etc/sysconfig/vncservers # VNCSERVERS="1:myusername" ק令--> VNCSERVERS="1:root" # VNCSERVERARGS[1]="-geometry 800x600"
/etc/rc.d/init.d/vncserver restart
´ú¸Õ¡G ¨Ï¥Îºô¶ÂsÄý¾¹»·ºÝ»»±± Fedora Core 3¡Ghttp://IP:5801
µù¡G
MRTG - Multi Router Traffic Grapher MRTG ©x¤èºô¯¸¡Ghttp://people.ee.ethz.ch/~oetiker/webtools/mrtg/
apt-get -y install net-snmp mrtg gd libpng zlib
#²£¥Í³]©wÀÉ mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.bak vi /etc/snmp/snmpd.conf com2sec local localhost public com2sec mynetwork 192.168.1.0/24 public group MyRWGroup v1 local group MyROGroup v1 mynetwork view all included .1 80 access MyROGroup "" any noauth 0 all none none access MyRWGroup "" any noauth 0 all all all syslocation Fedora Core 3 syscontact rondo <rondo@msa.sqes.hcc.edu.tw> #±Ò°Ê snmpd¡G /etc/rc.d/init.d/snmpd start chkconfig snmpd on #«Ø¥ß©ñ¸mºô¶ªº¸ê®Æ§¨¡G mkdir /var/www/mrtg/web #²£¥Í mrtg.cfg¡G cfgmaker --global 'WorkDir: /var/www/mrtg/web' \ --global 'Options[_]: growright' \ --output /etc/mrtg/mrtg.cfg \ public@IP #קï mrtg.cfg¡G cp /etc/mrtg/mrtg.cfg /etc/mrtg/mrtg.cfg.bak vi /etc/mrtg/mrtg.cfg ¦b Options[_]: growright ³o¤@¦æ¤U±¥[¤W Language:big5 µù¡Gק惡Àɮתº¤º®e¡]°²¦p¦³»Ýnªº¸Ü¡^ #²£¥Íºô¶¡G /usr/bin/mrtg /etc/mrtg/mrtg.cfg #³oÓ«ü¥O«e¨â´X¦¸°õ¦æ·|¦³¿ù»~°T®§¡A¦h°õ¦æ´X¦¸´N¤£·|¦³¿ù»~¤F #²£¥Í¯Á¤Þ¶¡G Y¦³¦hÓ¾÷¾¹nºÊ±±¡A¥i¥H¥Î¯Á¤Þ¶¨Ó©ñ¸m¦hÓ¾÷¾¹ªº¹Ïªí cd /var/www/mrtg/web indexmaker /etc/mrtg/mrtg.cfg > index.html #¶}©ñÂsÄý½d³ò¡G cp /etc/httpd/conf.d/mrtg.conf /etc/httpd/conf.d/mrtg.conf.bak vi /etc/httpd/conf.d/mrtg.conf Alias /mrtg /var/www/mrtg <Location /mrtg> Order deny,allow Deny from all Allow from 127.0.0.1 ק令--> Allow from 192.168.1.0/255.255.255.0 Allow from ::1 # Allow from .example.com </Location>
/etc/rc.d/init.d/httpd restart #´ú¸Õ¡Ghttp://IP/mrtg/web/
more /etc/cron.d/mrtg MailScanner ©x¤èºô¯¸¡Ghttp://www.sng.ecs.soton.ac.uk/mailscanner/ Clam AntiVirus ©x¤èºô¯¸¡Ghttp://www.clamav.net/
#¦w¸Ë ClamAV apt-get -y install clamav
cp /etc/clamd.conf /etc/clamd.conf.bak vi /etc/clamd.conf 221¦æ #ScanRAR ק令--> ScanRAR
/etc/init.d/clamd start chkconfig clamd on
/etc/init.d/freshclam start chkconfig freshclam on #´ú¸Õ¡Gclamscan /usr/share/doc/clamav-0.80/test
#¦w¸Ë MailScanner apt-get -y install rpm-build gcc-c++ rpm-devel zlib-devel libstdc++-devel bzip2-devel \ docbook-utils beecrypt-devel elfutils-devel gettext ncurses-devel readline-devel libselinux-devel
wget http://www.sng.ecs.soton.ac.uk/mailscanner/files/4/rpm/MailScanner-4.37.7-1.rpm.tar.gz tar zxvf MailScanner-4.37.7-1.rpm.tar.gz cd MailScanner-4.37.7-1 ./install.sh #¦³ÂI¤[¡A@¤ßµ¥Ô #קï MailScanner ³]©wÀÉ cp /etc/MailScanner/MailScanner.conf /etc/MailScanner/MailScanner.conf.bak vi /etc/MailScanner/MailScanner.conf 56¦æ %org-name% = yoursite 63 %org-long-name% = Your Organisation Name Here 70 %web-site% = www.your-organisation.com 412¦æ Virus Scanners = none ק令--> Virus Scanners = clamav #±Ò°Ê service sendmail stop chkconfig sendmail off
service MailScanner start chkconfig MailScanner on MailScanner ©x¤è¤å¥ó¡Ghttp://www.sng.ecs.soton.ac.uk/mailscanner/docs.html Clam AntiVirus ©x¤è¤å¥ó¡Ghttp://www.clamav.net/doc/ samba-vscan ©x¤èºô¯¸¡Ghttp://www.openantivirus.org/ Clam AntiVirus ©x¤èºô¯¸¡Ghttp://www.clamav.net/
#¬d¸ß©Ò¦w¸Ëªº samba ª©¥» rpm -qa | grep samba samba-common-3.0.10-1.fc3 samba-client-3.0.10-1.fc3 samba-3.0.10-1.fc3 #¤U¸ü¬Û¹ïÀ³ªº samba ì©lÀÉ wget http://us4.samba.org/samba/ftp/samba-3.0.10.tar.gz tar zxvf samba-3.0.10.tar.gz #¦w¸Ë Samba-vscan wget http://voxel.dl.sourceforge.net/sourceforge/openantivirus/samba-vscan-0.3.5.tar.bz2 tar jxvf samba-vscan-0.3.5.tar.bz2 mv samba-vscan-0.3.5 samba-3.0.10/examples/VFS cd samba-3.0.10/source ./configure make headers
cd ../examples/VFS/samba-vscan-0.3.5 ./configure make
cp vscan-clamav.so /usr/lib/samba/vfs cp clamav/vscan-clamav.conf /etc/samba
cp /etc/samba/vscan-clamav.conf /etc/samba/vscan-clamav.conf.bak vi /etc/samba/vscan-clamav.conf 38¦æ infected file action = nothing ק令--> infected file action = delete 62¦æ clamd socket name = /var/run/clamd ק令--> clamd socket name = /var/run/clamav/clamd.sock #¦¹³]©wªº¸ô®|n©M /etc/clamd.conf ùØ²Ä 72 ¦æªº¸ô®|¤@¼Ë #¦w¸Ë Clam AV apt-get -y install clamav
cp /etc/clamd.conf /etc/clamd.conf.bak vi /etc/clamd.conf 221¦æ #ScanRAR ק令--> ScanRAR
/etc/init.d/clamd start chkconfig clamd on
/etc/init.d/freshclam start chkconfig freshclam on #קïsmb.conf cp /etc/samba/smb.conf /etc/samba/smb.conf.bak2 vi /etc/samba/smb.conf #¦b [global] °Ï¬q¤¤¡A¥[¤J¥H¤U¨â¦æ vfs object = vscan-clamav vscan-clamav: config-file = /etc/samba/vscan-clamav.conf
/etc/rc.d/init.d/smb restart AWStats ©x¤èºô¯¸¡Ghttp://awstats.sourceforge.net/
wget http://awstats.sourceforge.net/files/awstats-6.2.tgz tar zxvf awstats-6.2.tgz mv awstats-6.2 /usr/local/awstats cd /usr/local/awstats/tools #²£¥Í¤ÀªR apache log ªº AWStats ³]©wÀÉ perl awstats_configure.pl ----- AWStats awstats_configure 1.0 (build 1.3) (c) Laurent Destailleur ----- This tool will help you to configure AWStats to analyze statistics for one web server. You can try to use it to let it do all that is possible in AWStats setup, however following the step by step manual setup documentation (docs/index.html) is often a better idea. Above all if: - You are not an administrator user, - You want to analyze downloaded log files without web server, - You want to analyze mail or ftp log files instead of web log files, - You need to analyze load balanced servers log files, - You want to 'understand' all possible ways to use AWStats... Read the AWStats documentation (docs/index.html).
-----> Running OS detected: Linux, BSD or Unix
-----> Check for web server install
Enter full config file path of your Web server. Example: /etc/httpd/httpd.conf Example: /usr/local/apache2/conf/httpd.conf Example: c:\Program files\apache group\apache\conf\httpd.conf Config file path ('none' to skip web server setup): >/etc/httpd/conf/httpd.conf #¿é¤J apache ªº³]©wÀɦì¸m
-----> Check and complete web server config file '/etc/httpd/conf/httpd.conf' AWStats directives already present.
-----> Update model config file '/usr/local/awstats/wwwroot/cgi-bin/awstats.model.conf' File awstats.model.conf updated.
-----> Need to create a new config file ? Do you want me to build a new AWStats config/profile file (required if first install) [y/N] ? y #¿é¤J y¡A½T©w²£¥Í AWStats ³]©wÀÉ
-----> Define config file name to create What is the name of your web site or profile analysis ? Example: www.mysite.com Example: demo Your web site, virtual server or profile name: > www #¿é¤J www¡A¬°³]©wÀɨúÓ¦W¦r¡A¦¹ÀɦW¥i¦Û¨ú
-----> Define config file path In which directory do you plan to store your config file(s) ? Default: /etc/awstats Directory path to store config file(s) (Enter for default): > #ª½±µ«ö¤U Enter¡A¨Ï¥Î¹w³]¸ê®Æ§¨¨Ó©ñ¸m³]©wÀÉ
-----> Create config file '/etc/awstats/awstats.www.conf' Config file /etc/awstats/awstats.www.conf created.
-----> Restart Web server with '/sbin/service httpd restart' °±¤î httpd: [ ½T©w ] ±Ò°Ê httpd: [ ½T©w ]
-----> Add update process inside a scheduler Sorry, configure.pl does not support automatic add to cron yet. You can do it manually by adding the following command to your cron: /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -update -config=www Or if you have several config files and prefer having only one command: /usr/local/awstats/tools/awstats_updateall.pl now Press ENTER to continue... #«ö¤U Enter Ä~Äò
A SIMPLE config file has been created: /etc/awstats/awstats.www.conf You should have a look inside to check and change manually main parameters. You can then manually update your statistics for 'www' with command: > perl awstats.pl -update -config=www You can also read your statistics for 'www' with URL: > http://localhost/awstats/awstats.pl?config=www
Press ENTER to finish... #«ö¤U Enter µ²§ô
chmod 755 /usr/local/awstats mkdir /var/lib/awstats #קï³]©wÀÉ cp /etc/awstats/awstats.www.conf /etc/awstats/awstats.www.conf.bak vi /etc/awstats/awstats.www.conf 51¦æ LogFile="/var/log/httpd/mylog.log" ק令--> LogFile="/var/log/httpd/access_log" 147¦æ SiteDomain="www" ק令--> SiteDomain="xxx.xxx.edu.tw" 182¦æ DNSLookup=2 ק令--> DNSLookup=1
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=www -update /etc/rc.d/init.d/httpd restart
´ú¸Õ¡Ghttp://IP/awstats/awstats.pl?config=www #©w®É§ó·s vi /etc/crontab 50 3 * * * root /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=www -update >/dev/null 2>&1
#²£¥Í¤ÀªR vsftp log ªº AWStats ³]©wÀÉ vi /etc/awstats/awstats.ftp.conf LogFile="/var/log/xferlog" LogType=F LogFormat="%time3 %other %host %bytesd %url %other %other %method %other %logname %other %code %other %other" LogSeparator="\s"
SiteDomain="ftp.xxx.xxx.edu.tw" HostAliases="192.168.1.100 localhost 127.0.0.1" DNSLookup=1 DirData="/var/lib/awstats" DirIcons="/awstatsicons" AllowToUpdateStatsFromBrowser=0
NotPageList="" LevelForBrowsersDetection=0 LevelForOSDetection=0 LevelForRefererAnalyze=0 LevelForRobotsDetection=0 LevelForWormsDetection=0 LevelForSearchEnginesDetection=0 ShowLinksOnUrl=0 ShowMenu=1 ShowMonthStats=UVHB ShowDaysOfMonthStats=HB ShowDaysOfWeekStats=HB ShowHoursStats=HB ShowDomainsStats=HB ShowHostsStats=HBL ShowAuthenticatedUsers=HBL ShowRobotsStats=0 ShowEMailSenders=0 ShowEMailReceivers=0 ShowSessionsStats=1 ShowPagesStats=PBEX ShowFileTypesStats=HB ShowFileSizesStats=0 ShowBrowsersStats=0 ShowOSStats=0 ShowOriginStats=0 ShowKeyphrasesStats=0 ShowKeywordsStats=0 ShowMiscStats=0 ShowHTTPErrorsStats=0 ShowSMTPErrorsStats=0
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=ftp -update
´ú¸Õ¡Ghttp://IP/awstats/awstats.pl?config=ftp #©w®É§ó·s vi /etc/crontab 50 4 * * * root /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=ftp -update >/dev/null 2>&1
#²£¥Í¤ÀªR sendmail log ªº AWStats ³]©wÀÉ vi /etc/awstats/awstats.mail.conf LogFile="perl /usr/local/awstats/tools/maillogconvert.pl standard < /var/log/maillog |" LogType=M LogFormat="%time2 %email %email_r %host %host_r %method %url %code %bytesd" LevelForBrowsersDetection= LevelForOSDetection=0 LevelForRefererAnalyze=0 LevelForRobotsDetection=0 LevelForWormsDetection=0 LevelForSearchEnginesDetection= LevelForFileTypesDetection= AllowToUpdateStatsFromBrowser=0
SiteDomain="mail.xxx.xxx.edu.tw" HostAliases="192.168.1.100 localhost 127.0.0.1" DirData="/var/lib/awstats" DirIcons="/awstatsicons"
ShowMenu=1 ShowMonthStats=HB ShowDaysOfMonthStats=HB ShowDaysOfWeekStats=HB ShowHoursStats=HB ShowDomainsStats=0 ShowHostsStats=HBL ShowAuthenticatedUsers=0 ShowRobotsStats=0 ShowEMailSenders=HBML ShowEMailReceivers=HBML ShowSessionsStats=0 ShowPagesStats=0 ShowFileTypesStats=0 ShowFileSizesStats=0 ShowBrowsersStats=0 ShowOSStats=0 ShowOriginStats=0 ShowKeyphrasesStats=0 ShowKeywordsStats=0 ShowMiscStats=0 ShowHTTPErrorsStats=0 ShowSMTPErrorsStats=1
/usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=mail -update
´ú¸Õ¡Ghttp://IP/awstats/awstats.pl?config=mail #©w®É§ó·s vi /etc/crontab 50 5 * * * root /usr/local/awstats/wwwroot/cgi-bin/awstats.pl -config=mail -update >/dev/null 2>&1
µù¡G 1.AWStats ©x¤è¤å¥ó¡Ghttp://awstats.sourceforge.net/docs/index.html 2.Y¦³¦hÓ³]©wÀÉn°õ¦æªº¸Ü¥i¥H°õ¦æ /usr/local/awstats/tools/awstats_updateall.pl now
vi /etc/crontab 0 6 * * * root /usr/local/awstats/tools/awstats_updateall.pl now >/dev/null 2>&1 ntop ©x¤èºô¯¸¡Ghttp://www.ntop.org/
apt-get -y install libpcap gdbm-devel gd-devel libpng-devel zlib-devel
#¦w¸Ë wget http://voxel.dl.sourceforge.net/sourceforge/ntop/ntop-3.1.tgz tar zxvf ntop-3.1.tgz cd ntop ./configure make make install #¬° ntop ³]©w±K½X¡G¦¹«ü¥O·|n¨D§ÚÌ¿é¤J admin ªº±K½X /usr/local/bin/ntop -A #±Ò°Ê¡G/usr/local/bin/ntop -d -L #¶}¾÷´N°õ¦æ ntop¡G echo '/usr/local/bin/ntop -d -L' >> /etc/rc.local #´ú¸Õ¡Ghttp://IP:3000
ntop ©x¤è¤å¥ó¡Ghttp://www.ntop.org/documentation.html |
|
| ||
|
|
¡i¦^º¶¡j |
¡ýºô¶ì©l¥X³B¡ý³Ì«áקï¤é´Á¡G2005.01.22 |
