首页 > 代码库 > LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】

LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】

REDHAT 5

常用服务配置实例

适用于初学者的朋友

测试时候注意防火墙和selinux哦!!

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

一、YUM服务的配置

1.为什么要首先配置YUM服务器

答:我们都知道,安装软件在装机的时候会加长装机时间,也可能造成物理存储空间的浪费,有些软件在后来

中不一定会用到。然后配置YUM服务器后会非常的方便,一旦需要什么软件(必须是光盘里面自带或者您自

行下载后放入软件库)就可以通过YUM方式安装。

2.YUM服务器的配置

[root@localhost ~]# cd /etc/yum.repos.d/

[root@localhost yum.repos.d]# ls

rhel-debuginfo.repo //请不要直接修改这个,如果您在以后打算购买红帽服务就会用到这个了。也可以作为

配置模板

[root@localhost yum.repos.d]# cp -p rhel-debuginfo.repo my.repo

具体的配置如下:

[mysoft] //这个地方必须改,改为你自己喜欢的

name=Red Hat Enterprise Linux //这个地方也要改为和原配置文件不一样

baseurl=file:///media/cdrom/Server //这里有很多中选择,可以用NFS 、FTP、文件存放路径,我这个就

是用文件存放路径,读者可以根据自己的喜好选择。

Enabled=1 //这里必须改为1,0不可用

gpgcheck=1 //这个是检测的,下面的就是key

gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release

把IOS里面的Server软件都复制到/media/cdrom/Server(路径就是配置文件中的baseurl,这个路径您可

以改为您自己创建,如果直接用我这样的话以后挂载时候可能会覆盖掉Server目录)下面,我直接用IOS挂

载到这个路径(mount /dev/cdrom /media/cdrom)。

最后用 yum list all测试成功。

注:如果没有关系依赖,请安装createrepo软件包配置依赖,详情请自行查阅相关资料配置。

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

二、DNS服务的配置

1.为什么要配置DNS

不想回答,都知道的。

2.具体配置如下:

?8?8 DNS

[root@localhost ~]# yum -y install bind-* //将会安装在IOS里面的所有BIND工具(包含chroot机制)

[root@localhost etc]# yum -y install caching-nameserver* //实际上就是模板

[root@localhost etc]# cd /var/named/chroot/

[root@localhost chroot]# ls

dev etc var

[root@localhost chroot]# cd etc/

[root@localhost etc]# ls

localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key

[root@localhost etc]# [root@localhost etc]# cp -p named.caching-nameserver.conf named.conf

[root@localhost etc]# cp -p named.rfc1912.zones named.zones

//切记如果不加-p要在配置后改属性

[root@localhost etc]# ll

total 48

-rw-r--r-- 1 root root 2819 Aug 16 2011 localtime

-rw-r----- 1 root named 1230 Jul 29 2009 named.caching-nameserver.conf

-rw-r----- 1 root named 1230 Jul 29 2009 named.conf

-rw-r----- 1 root named 955 Jul 29 2009 named.rfc1912.zones

-rw-r----- 1 root named 955 Jul 29 2009 named.zones

-rw-r----- 1 root named 113 Aug 16 07:47 rndc.key

named.conf配置内容如下:

/ // named.caching-nameserver.conf

//

// Provided by Red Hat caching-nameserver package to configure the

// ISC BIND named(8) DNS server as a caching only nameserver

// (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

// DO NOT EDIT THIS FILE - use system-config-bind or an editor

// to create named.conf - edits to this file will be lost on

// caching-nameserver package upgrade.

//

options {

listen-on port 53 { any; };//根据自己需要

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

// Those options should be used carefully because they disable port

// randomization

// query-source port 53;

// query-source-v6 port 53;

allow-query { any; };//根据自己需要

allow-query-cache { any; };//根据自己需要

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

view localhost_resolver {

match-clients { localhost; };

match-destinations { localhost; };

recursion yes;

include "/etc/named.zones";//必需和刚刚那个配置文件名一致

};

named.zones配置内容如下:

复制一下内容(命令是nyy [n为数字])

zone "localhost" IN {

type master;

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

改为以下内容:

zone "abc.com" IN {

type master;

file "abc.com.zone";

allow-update { none; };

};

zone "1.168.192.in-addr.arpa" IN {

type master;

file "192.168.1.local";

allow-update { none; };

};

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

[root@localhost etc]# cd ..

[root@localhost chroot]# cd var/named/

[root@localhost named]# ls

data localhost.zone named.ca named.local slaves

localdomain.zone named.broadcast named.ip6.local named.zero

[root@localhost named]# cp -p named.zero abc.com.zone

[root@localhost named]# cp -p named.local 192.168.1.local

//切记如果不加-p要在配置后改属性

[root@localhost named]# ll

total 88

-rw-r----- 1 root named 426 Jul 29 2009 192.168.1.local

-rw-r----- 1 root named 427 Jul 29 2009 abc.com.zone

drwxrwx--- 2 named named 4096 Aug 25 2004 data

-rw-r----- 1 root named 198 Jul 29 2009 localdomain.zone

-rw-r----- 1 root named 195 Jul 29 2009 localhost.zone

-rw-r----- 1 root named 427 Jul 29 2009 named.broadcast

-rw-r----- 1 root named 1892 Jul 29 2009 named.ca

-rw-r----- 1 root named 424 Jul 29 2009 named.ip6.local

-rw-r----- 1 root named 426 Jul 29 2009 named.local

-rw-r----- 1 root named 427 Jul 29 2009 named.zero

drwxrwx--- 2 named named 4096 Jul 27 2004 slaves

abc.com.zone配置内容如下:

$TTL 86400

@ IN SOA abc.com. root.abc.com. (

42 ; serial (d. adams)

3H ; refresh

15M ; retry

1W ; expiry

1D ) ; minimum

IN NS abc.com.

www IN A 192.168.1.10

ftp IN A 192.168.1.10

192.168.1.1.local配置内容如下:

$TTL 86400

@ IN SOA abc.com. root.abc.com. (

1997022700 ; Serial

28800 ; Refresh

14400 ; Retry

3600000 ; Expire

86400 ) ; Minimum

IN NS abc.com.

10 IN PTR www.abc.com.

10 IN PTR ftp.abc.com.

[root@localhost /]# vi /etc/resolv.conf

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

配置如下:

; generated by /sbin/dhclient-script

search localdomain

nameserver 192.168.1.10

服务启动:

[root@localhost /]# /etc/init.d/network restart

Shutting down interface eth0: [ OK ]

Shutting down loopback interface: [ OK ]

Bringing up loopback interface: [ OK ]

Bringing up interface eth0: [ OK ]

[root@localhost /]# /etc/init.d/named start

Starting named: [ OK ]

测试如下:

[root@localhost /]# nslookup

> www.abc.com

Server: 192.168.1.10

Address: 192.168.1.10#53

Name: www.abc.com

Address: 192.168.1.10

> ftp.abc.com

Server: 192.168.1.10

Address: 192.168.1.10#53

Name: ftp.abc.com

Address: 192.168.1.10

> 192.168.1.10

Server: 192.168.1.10

Address: 192.168.1.10#53

10.1.168.192.in-addr.arpa name = ftp.abc.com.

10.1.168.192.in-addr.arpa name = www.abc.com.

?8?8 DNSslaves

这个配置文档基于dns,我只把配置的各个文件内容发出来:

主机abc.com各个配置如下:

named.conf文件:

//

// named.caching-nameserver.conf

//

// Provided by Red Hat caching-nameserver package to configure the

// ISC BIND named(8) DNS server as a caching only nameserver

// (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

// DO NOT EDIT THIS FILE - use system-config-bind or an editor

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

// to create named.conf - edits to this file will be lost on

// caching-nameserver package upgrade.

//

options {

listen-on port 53 { any; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

allow-transfer { 192.168.1.1;};

// Those options should be used carefully because they disable port

// randomization

// query-source port 53;

// query-source-v6 port 53;

allow-query { any; };

allow-query-cache { any; };

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

view localhost_resolver {

match-clients { any; };

match-destinations { any; };

recursion yes;

include "/etc/named.zones";

};

其他和dns的配置一样。

主机dns.slaves.abc.com配置如下:

named.conf文件配置:

//

// named.caching-nameserver.conf

//

// Provided by Red Hat caching-nameserver package to configure the

// ISC BIND named(8) DNS server as a caching only nameserver

// (as a localhost DNS resolver only).

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

// DO NOT EDIT THIS FILE - use system-config-bind or an editor

// to create named.conf - edits to this file will be lost on

// caching-nameserver package upgrade.

//

options {

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

listen-on port 53 { any; };

listen-on-v6 port 53 { ::1; };

directory "/var/named";

dump-file "/var/named/data/cache_dump.db";

statistics-file "/var/named/data/named_stats.txt";

memstatistics-file "/var/named/data/named_mem_stats.txt";

// Those options should be used carefully because they disable port

// randomization

// query-source port 53;

// query-source-v6 port 53;

allow-query { any; };

allow-query-cache { any; };

};

logging {

channel default_debug {

file "data/named.run";

severity dynamic;

};

};

view localhost_resolver {

match-clients { localhost; };

match-destinations { localhost; };

recursion yes;

include "/etc/named.zones";

};

named.zones文件配置:

// named.rfc1912.zones:

//

// Provided by Red Hat caching-nameserver package

//

// ISC BIND named zone configuration for zones recommended by

// RFC 1912 section 4.1 : localhost TLDs and address zones

//

// See /usr/share/doc/bind*/sample/ for example named configuration files.

//

zone "." IN {

type hint;

file "named.ca";

};

zone "localdomain" IN {

type master;

file "localdomain.zone";

allow-update { none; };

};

zone "localhost" IN {

type master;

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

file "localhost.zone";

allow-update { none; };

};

zone "0.0.127.in-addr.arpa" IN {

type master;

file "named.local";

allow-update { none; };

};

zone "abc.com" IN { //这里必须和主DNS服务器一致

type slave;

masters {192.168.1.10;};

file "slaves/abc.com.zone"; //此处注意,不需要再手工创建该文件

allow-update { none; };

};

zone "1.168.192.in-addr.arpa" IN {

type slave;

masters {192.168.1.10;};

file "slaves/192.168.0.local"; //此处注意,不需要再手工创建该文件

allow-update { none; };

};

zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {

type master;

file "named.ip6.local";

allow-update { none; };

};

zone "255.in-addr.arpa" IN {

type master;

file "named.broadcast";

allow-update { none; };

};

zone "0.in-addr.arpa" IN {

type master;

file "named.zero";

allow-update { none; };

};

重启两台服务器的dns

/etc/init.d/named restart

成功后会如下显示:

[root@localhost slaves]# cd /var/named/chroot/var/named/slaves/

[root@localhost slaves]# ls

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

192.168.0.local abc.com.zone //会显示这两个文件,测试时候注意防火墙和selinux哦!!

[root@localhost slaves]#

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

三、PXE服务的配置

1.为什么要配置PXE

答:PXE服务那是相当好用的,也用的相当对,比如网吧,几百台电脑的情况,难道您要一台台安装?所以

PXE的设计就解决了这个问题。

2.具体配置如下:

[root@localhost isolinux]# yum -y install dhcp.i* tftp* vsftpd.i* system-config-kickstart

[root@localhost isolinux]# cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf

cp: overwrite `/etc/dhcpd.conf‘? y

[root@localhost isolinux]# vi /etc/dhcpd.conf

dhcpd.conf文件内容配置如下:

ddns-update-style interim;

ignore client-updates;

subnet 192.168.1.0 netmask 255.255.255.0 {

# --- default gateway

# option routers 192.168.0.1;

option subnet-mask 255.255.255.0;

filename "pxelinux.0";

next-server 192.168.1.10;

# option nis-domain "domain.org";

# option domain-name "domain.org";

# option domain-name-servers 192.168.1.10;

option time-offset -18000; # Eastern Standard Time

# option ntp-servers 192.168.1.1;

# option netbios-name-servers 192.168.1.1;

# --- Selects point-to-point node (default is hybrid). Don‘t change this unless

# -- you understand Netbios very well

# option netbios-node-type 2;

range dynamic-bootp 192.168.1.128 192.168.1.254;

default-lease-time 21600;

max-lease-time 43200;

# we want the nameserver to appear at a fixed address

# host ns {

# next-server marvin.redhat.com;

# hardware ethernet 12:34:56:78:AB:CD;

# fixed-address 207.175.42.254;

# }

}

[root@localhost isolinux]# vi /etc/xinetd.d/tftp

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

/etc/xinetd.d/tftp 文件配置如下:

# default: off

# description: The tftp server serves files using the trivial file transfer \

# protocol. The tftp protocol is often used to boot diskless \

# workstations, download configuration files to network-aware printers, \

# and to start the installation process for some operating systems.

service tftp

{

socket_type = dgram

protocol = udp

wait = yes

user = root

server = /usr/sbin/in.tftpd

server_args = -s /tftpboot

disable = no

per_source = 11

cps = 100 2

flags = IPv4

}

[root@localhost isolinux]# system-config-kickstart

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

 

配置好后将ks.cfg存放到/var/ftp/下面

 

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

[root@localhost isolinux]# ll /var/ftp/

total 26

dr-xr-xr-x 8 root root 10240 Aug 18 2009 cdrom

-rw-r--r-- 1 root root 759 Aug 16 22:58 ks.cfg

drwxr-xr-x 2 root root 4096 May 13 2009 pub

drwxrwxrwx 3 vuser vuser 4096 Aug 16 09:47 vuserdir

[root@localhost isolinux]# mkdir /var/ftp/cdrom

[root@localhost isolinux]# mount /dev/cdrom /var/ftp/cdrom

mount: block device /dev/cdrom is write-protected, mounting read-only

[root@localhost ~]# mount /dev/cdrom /media/cdrom/

mount: block device /dev/cdrom is write-protected, mounting read-only

[root@localhost ~]# mkdir /tftpboot

[root@localhost ~]# cd /media/cdrom/isolinux/

[root@localhost isolinux]# ls

boot.cat initrd.img memtest rescue.msg vmlinuz

boot.msg isolinux.bin options.msg splash.lss

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

general.msg isolinux.cfg param.msg TRANS.TBL

[root@localhost isolinux]# cp vmlinuz /tftpboot/

[root@localhost isolinux]# cp initrd.img /tftpboot/

[root@localhost isolinux]# cp /usr/lib/syslinux/pxelinux.0 /tftpboot/

[root@localhost isolinux]# mkdir /tftpboot/pxelinux.cfg

[root@localhost isolinux]# cp isolinux.cfg /tftpboot/pxelinux.cfg/default

[root@localhost isolinux]# vi /tftpboot/pxelinux.cfg/default

/tftpboot/pxelinux.cfg/default 文件配置如下:

default linux

prompt 1

timeout 600

label linux

kernel vmlinuz

append ks=ftp://192.168.1.10/kscfg initrd=initrd.img

[root@localhost isolinux]# /etc/init.d/dhcpd restart

Shutting down dhcpd: [ OK ]

Starting dhcpd: [ OK ]

[root@localhost isolinux]# /etc/init.d/vsftpd restart

Shutting down vsftpd: [ OK ]

Starting vsftpd for vsftpd: [ OK ]

[root@localhost isolinux]# /etc/init.d/xinetd restart

Stopping xinetd: [ OK ]

Starting xinetd: [ OK ]

[root@localhost isolinux]#

 

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

(如果您也是用虚拟机,个人建议用VM,VBOX可能会带来一点小问题。)

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

四、VSFTPD服务的配置

1.为什么选择vsftpd

答:号称史上最安全的FTP服务器工具

2.具体配置:

(本配置使用mysql作为虚拟用户,如果您想实现其他的功能,请自己参阅其他相关配置。本文需要名为:

pam_mysql-0.7RC1软件包)

[root@localhost Desktop]# yum -y install vsftpd.i*

[root@localhost Desktop]# yum -y install mysql-devel.i* mysql-server.i*

[root@localhost Desktop]# /etc/init.d/mysqld start

[root@localhost Desktop]# mysqladmin -u root password redhat

[root@localhost Desktop]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 3

Server version: 5.0.77 Source distribution

Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.

mysql> create database vftpdata;

Query OK, 1 row affected (0.01 sec)

mysql> show databases;

+--------------------+

| Database |

+--------------------+

| information_schema |

| mysql |

| test |

| vftpdata |

+--------------------+

4 rows in set (0.00 sec)

mysql> create table vuser(name char(16),pwd char(16));

Query OK, 0 rows affected (0.03 sec)

mysql> show tables;

+--------------------+

| Tables_in_vftpdata |

+--------------------+

| vuser |

+--------------------+

1 row in set (0.00 sec)

mysql> insert into vuser(name,pwd) values (‘abc‘,‘1234‘);

Query OK, 1 row affected (0.00 sec)

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

mysql> select * from vuser;

+------+------+

| name | pwd |

+------+------+

| abc | 1234 |

+------+------+

1 row in set (0.00 sec)

我们多加几个用户进来命令如下:

[root@localhost Desktop]# mysql -u root -p -e "use vftpdata;insert into vuser(name,pwd) values

(‘zhangsan‘,‘1234‘)";

Enter password:

[root@localhost Desktop]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 10

Server version: 5.0.77 Source distribution

Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.

mysql> use vftpdata;select * from vuser

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

-> ;

+----------+------+

| name | pwd |

+----------+------+

| abc | 1234 |

| zhangsan | 1234 |

+----------+------+

2 rows in set (0.00 sec)

mysql>

赋予vftpuser用户有查询mysql的vftpdata.vuser 表的权限

mysql> grant select on vftpdata.vuser to vftpuser@localhost identified by ‘redhat‘;

Query OK, 0 rows affected (0.00 sec)

测试 vftpuser用户能否执行查询任务

mysql> use vftpdata;select * from vuser;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

+----------+------+

| name | pwd |

+----------+------+

| abc | 1234 |

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

| zhangsan | 1234 |

+----------+------+

2 rows in set (0.00 sec)

安装pam_mysql-0.7RC1软件包如下:

[root@localhost pam_mysql-0.7RC1]# yum -y install pam-devel.i* //这个是在编译时候防止出现错误

[root@localhost ]# cd /root/Desktop/pam_mysql-0.7RC1

[root@localhost pam_mysql-0.7RC1]# ./configure

[root@localhost pam_mysql-0.7RC1]# make;make install

 

注意:有时候您在装完pam_mysql-0.7RC1后可能找不到上述pam_mysql.la 和pam_mysql.so文件,请您到

查看

[root@localhost ~]# ls /usr/lib/security/

classpath.security pam_mysql.la pam_mysql.so

把这两个文件复制到 /lib/security/下即可

创建虚拟映射用户

[root@localhost ~]# useradd -d /var/ftp/vuser -s /sbin/nologin vuser

[root@localhost ~]# chmod 757 /var/ftp/vuser

[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf

/etc/vsftpd/vsftpd.conf 文件修改此处(其他部分如有需要请您参考其他文档自行修改)为标记部分:

 

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

[root@localhost ~]# vi /etc/pam.d/vsftpd //与上图中文件名一致

/etc/pam.d/vsftpd文件配置内容如下:

auth required /lib/security/pam_mysql.so user=vftpuser passwd=redhat host=localhost db=vftpdata

table=vuser usercolumn=name passwdcolumn=pwd crypt=0

account required /lib/security/pam_mysql.so user=vftpuser passwd=redhat host=localhost

db=vftpdata table=vuser usercolumn=name passwdcolumn=pwd crypt=0

(本文采用crypt=0,请读者查看pam_mysql-0.7RC1软件包中的README文件选取适合您的加密方式)

[root@localhost ~]# /etc/init.d/mysqld restart

Stopping MySQL: [ OK ]

Starting MySQL: [ OK ]

[root@localhost ~]# /etc/init.d/vsftpd restart

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

Shutting down vsftpd: [ OK ]

Starting vsftpd for vsftpd: [ OK ]

[root@localhost ~]# ftp localhost

Connected to localhost.localdomain.

220 (vsFTPd 2.0.5)

530 Please login with USER and PASS.

530 Please login with USER and PASS.

KERBEROS_V4 rejected as an authentication type

Name (localhost:root): abc //采用mysql数据表中的用户

331 Please specify the password.

Password:

230 Login successful.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> bye

221 Goodbye.

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

五、NFS服务的配置

具体配置如下:

1.先看看系统有没有动安装NFS软件包

rpm -qa|grep nfs

如果没有请安装

2.创建共享目录

[root@localhost ~]# mkdir /home/nfsdir

[root@localhost ~]# ls /home/nfsdir

Screenshot.png text

3.编辑[root@localhost ~]# vi /etc/exports

/home/nfsdir 192.168.1.*(ro) //不管用户在客户端是什么身份,都将在本服务器以nsfnobody身份对共享目

录的权限 [默认是all_squash]

#/home/nfsdir 192.168.1.*(ro,no_root_squash) //如果用户在客户端以root登录,则服务器认为其有本机

root对共享目录的权限

#/home/nfsdir 192.168.1.*(ro,root_squash)//如果客户端是root用户,怎也会以nsfnobody身份对共享目录

的权限[root_squash只将root用户映射为nfsnobody]

#/home/nfsdir 192.168.1.*(ro,anonuid=509,anongid=510)//不管在客户端是什么身份,都会用本机509用

户,510用户组,两个可以不同时出现在配置中

#/home/nfsdir 192.168.1.*(ro,no_root_squash,anonuid=509,anongid=510)//两个权限的重合

#/home/nfsdir 192.168.1.*(ro,root_squash,anonuid=509,anongid=510)//两个权限的重合

查看本机注册

[root@localhost ~]# rpcinfo -p localhost

100003 2 udp 2049 nfs

100003 3 udp 2049 nfs

100003 4 udp 2049 nfs

100003 2 tcp 2049 nfs

100003 3 tcp 2049 nfs

100003 4 tcp 2049 nfs

在客户机挂载:

[root@localhost ~]# mount -t nfs 192.168.1.1:/home/nfsdir /media/nfs

[root@localhost ~]# ls /media/nfs/

Screenshot.png text

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

六、SAMBA服务的配置

1.SAMBA的介绍

这个不废话了。

2.具体配置

(由于SAMBA太过于强大,我只列举简单的一些,希望能抛砖引玉)

[root@localhost test]# gedit /etc/samba/smb.conf

在全局配置下面加如下,然后保存:

[global]

include = /etc/samba/%G.smb.conf

workgroup = WORKGROUP //这个是我在微软下面测试用的

; server string = Samba Server Version %v 这句请注释掉,因为有下发行版漏洞是已知的。

max connections =15 //最大同时链接数

security = user

passdb backend = tdbsam

自行创建如下:

[test]

comment = Directories

writable = yes

path=/test

public=yes

; valid users = %S

; valid users = MYDOMAIN\%S

然后保存。

[root@localhost ~]# mkdir /text

[root@localhost ~]# mkdir /subtext

[root@localhost ~]# chmod 777 /subtext

[root@localhost ~]# vi /etc/samba/abc.smb.conf

编辑内容如下:

[subtest]

comment = Home Directories

writable = yes

path=/subtest

public=yes

valid users = abc @abc

; valid users = MYDOMAIN\%S

创建用户

[root@localhost ~]# smbpasswd -a abc

启动服务

[root@localhost test]# /etc/init.d/smb restart

Shutting down SMB services: [ OK ]

Shutting down NMB services: [ OK ]

Starting SMB services: [ OK ]

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

Starting NMB services: [ OK ]

linux下测试:

[root@localhost test]# smbclient -L 192.168.1.10 -U abc

Password:

Domain=[LOCALHOST] OS=[Unix] Server=[Samba 3.0.33-3.14.el5]

Sharename Type Comment

--------- ---- -------

test Disk Directories

subtest Disk Home Directories

IPC$ IPC IPC Service (Samba 3.0.33-3.14.el5)

Domain=[LOCALHOST] OS=[Unix] Server=[Samba 3.0.33-3.14.el5]

Server Comment

--------- -------

Workgroup Master

--------- -------

WORKGROUP

Windows下测试:

 

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

 

hanbim520@msn.cn,欢迎交流,交流才能进步!!

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

七、WWW服务的配置

1.什么是www服务?

答:自行查阅相关文档

2.具体配置

(本文主要配置apache工具,且DNS已经配置好。)

1> 基本配置:

[root@localhost ~]# yum -y install httpd.i*

由于/etc/httpd/conf/httpd.conf文件中Global Environment包含Include conf.d/*.conf参数

所以我们在 /etc/httpd/conf.d/下建立www.conf文件

[root@localhost conf.d]# ls

proxy_ajp.conf README welcome.conf www.conf

www.conf配置内容如下:

NameVirtualHost 192.168.1.10:80

<VirtualHost 192.168.1.10:80>

DocumentRoot /var/www/html/

ServerName www.abc.com

ErrorLog logs/www.abc.com-error_log

CustomLog logs/www.abc.com-access_log common

</VirtualHost>

[root@localhost conf.d]# cd /var/www/html/

在/var/www/html/目录下建立index.html文件内容如下:

<html>

<head>

<title>This is a text page</title>

</head>

<body>

This is a text page.

</body>

</html>

重启服务:

[root@localhost html]# /etc/init.d/httpd restart

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

[root@localhost html]

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

2> htpasswd身份认证(本文是对单个文件进行访问控制,如果对目录,请在如下目录选项中加访问控制)

在/var/www/html/目录下面建立htpasswd.html文件内容如下:

<html>

<head>

<title>This is htpasswd page</title>

</head>

<body>

This is htpasswd page.

</body>

</html>

[root@localhost html]# gedit /etc/httpd/conf.d/www.conf

编辑www.conf 文件,内容如下:

NameVirtualHost 192.168.1.10:80

<VirtualHost 192.168.1.10:80>

# ServerAdmin webmaster@dummy-host.example.com

DocumentRoot /var/www/html/

ServerName www.abc.com

<Directory /var/www/html> //如果对目录访问控制,请在下面进行配置,内容与<Files></Files>一样

order Allow,Deny

Allow From All

<Files htpasswd.html>

AuthName Testpage

AuthType Basic

AuthUserFile /etc/httpd/.passwd/.htpasswd

Require valid-user

</Files>

</Directory>

ErrorLog logs/www.abc.com-error_log

CustomLog logs/www.abc.com-access_log common

</VirtualHost>

 

 

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

3> mysql身份验证

(请首先安装好mysql服务,安装方法本文不再讲解,请参阅VSFTP章节安装方法[本文不需要

pam_mysql-0.7RC1软件包])

具体配置如下:

[root@localhost html]# yum -y install mod_auth_mysql.i* //apache服务所需模块

[root@localhost html]# mysql -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 3

Server version: 5.0.77 Source distribution

Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.

mysql> create database websql;

Query OK, 1 row affected (0.01 sec)

mysql> show databases;

生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!

hanbim520@msn.cn,欢迎交流,交流才能进步!!

+--------------------+

| Database |

+--------------------+

| information_schema |

| mysql |

| test |

| vftpuser |

| websql |

+------------------

LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】