首页 > 代码库 > LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】
LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】
REDHAT 5
常用服务配置实例
适用于初学者的朋友
测试时候注意防火墙和selinux哦!!
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
一、YUM服务的配置
1.为什么要首先配置YUM服务器
答:我们都知道,安装软件在装机的时候会加长装机时间,也可能造成物理存储空间的浪费,有些软件在后来
中不一定会用到。然后配置YUM服务器后会非常的方便,一旦需要什么软件(必须是光盘里面自带或者您自
行下载后放入软件库)就可以通过YUM方式安装。
2.YUM服务器的配置
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
rhel-debuginfo.repo //请不要直接修改这个,如果您在以后打算购买红帽服务就会用到这个了。也可以作为
配置模板
[root@localhost yum.repos.d]# cp -p rhel-debuginfo.repo my.repo
具体的配置如下:
[mysoft] //这个地方必须改,改为你自己喜欢的
name=Red Hat Enterprise Linux //这个地方也要改为和原配置文件不一样
baseurl=file:///media/cdrom/Server //这里有很多中选择,可以用NFS 、FTP、文件存放路径,我这个就
是用文件存放路径,读者可以根据自己的喜好选择。
Enabled=1 //这里必须改为1,0不可用
gpgcheck=1 //这个是检测的,下面的就是key
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
把IOS里面的Server软件都复制到/media/cdrom/Server(路径就是配置文件中的baseurl,这个路径您可
以改为您自己创建,如果直接用我这样的话以后挂载时候可能会覆盖掉Server目录)下面,我直接用IOS挂
载到这个路径(mount /dev/cdrom /media/cdrom)。
最后用 yum list all测试成功。
注:如果没有关系依赖,请安装createrepo软件包配置依赖,详情请自行查阅相关资料配置。
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
二、DNS服务的配置
1.为什么要配置DNS
不想回答,都知道的。
2.具体配置如下:
?8?8 DNS
[root@localhost ~]# yum -y install bind-* //将会安装在IOS里面的所有BIND工具(包含chroot机制)
[root@localhost etc]# yum -y install caching-nameserver* //实际上就是模板
[root@localhost etc]# cd /var/named/chroot/
[root@localhost chroot]# ls
dev etc var
[root@localhost chroot]# cd etc/
[root@localhost etc]# ls
localtime named.caching-nameserver.conf named.rfc1912.zones rndc.key
[root@localhost etc]# [root@localhost etc]# cp -p named.caching-nameserver.conf named.conf
[root@localhost etc]# cp -p named.rfc1912.zones named.zones
//切记如果不加-p要在配置后改属性
[root@localhost etc]# ll
total 48
-rw-r--r-- 1 root root 2819 Aug 16 2011 localtime
-rw-r----- 1 root named 1230 Jul 29 2009 named.caching-nameserver.conf
-rw-r----- 1 root named 1230 Jul 29 2009 named.conf
-rw-r----- 1 root named 955 Jul 29 2009 named.rfc1912.zones
-rw-r----- 1 root named 955 Jul 29 2009 named.zones
-rw-r----- 1 root named 113 Aug 16 07:47 rndc.key
named.conf配置内容如下:
/ // named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };//根据自己需要
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };//根据自己需要
allow-query-cache { any; };//根据自己需要
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.zones";//必需和刚刚那个配置文件名一致
};
named.zones配置内容如下:
复制一下内容(命令是nyy [n为数字])
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
改为以下内容:
zone "abc.com" IN {
type master;
file "abc.com.zone";
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "192.168.1.local";
allow-update { none; };
};
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
[root@localhost etc]# cd ..
[root@localhost chroot]# cd var/named/
[root@localhost named]# ls
data localhost.zone named.ca named.local slaves
localdomain.zone named.broadcast named.ip6.local named.zero
[root@localhost named]# cp -p named.zero abc.com.zone
[root@localhost named]# cp -p named.local 192.168.1.local
//切记如果不加-p要在配置后改属性
[root@localhost named]# ll
total 88
-rw-r----- 1 root named 426 Jul 29 2009 192.168.1.local
-rw-r----- 1 root named 427 Jul 29 2009 abc.com.zone
drwxrwx--- 2 named named 4096 Aug 25 2004 data
-rw-r----- 1 root named 198 Jul 29 2009 localdomain.zone
-rw-r----- 1 root named 195 Jul 29 2009 localhost.zone
-rw-r----- 1 root named 427 Jul 29 2009 named.broadcast
-rw-r----- 1 root named 1892 Jul 29 2009 named.ca
-rw-r----- 1 root named 424 Jul 29 2009 named.ip6.local
-rw-r----- 1 root named 426 Jul 29 2009 named.local
-rw-r----- 1 root named 427 Jul 29 2009 named.zero
drwxrwx--- 2 named named 4096 Jul 27 2004 slaves
abc.com.zone配置内容如下:
$TTL 86400
@ IN SOA abc.com. root.abc.com. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS abc.com.
www IN A 192.168.1.10
ftp IN A 192.168.1.10
192.168.1.1.local配置内容如下:
$TTL 86400
@ IN SOA abc.com. root.abc.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS abc.com.
10 IN PTR www.abc.com.
10 IN PTR ftp.abc.com.
[root@localhost /]# vi /etc/resolv.conf
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
配置如下:
; generated by /sbin/dhclient-script
search localdomain
nameserver 192.168.1.10
服务启动:
[root@localhost /]# /etc/init.d/network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
[root@localhost /]# /etc/init.d/named start
Starting named: [ OK ]
测试如下:
[root@localhost /]# nslookup
> www.abc.com
Server: 192.168.1.10
Address: 192.168.1.10#53
Name: www.abc.com
Address: 192.168.1.10
> ftp.abc.com
Server: 192.168.1.10
Address: 192.168.1.10#53
Name: ftp.abc.com
Address: 192.168.1.10
> 192.168.1.10
Server: 192.168.1.10
Address: 192.168.1.10#53
10.1.168.192.in-addr.arpa name = ftp.abc.com.
10.1.168.192.in-addr.arpa name = www.abc.com.
>
?8?8 DNSslaves
这个配置文档基于dns,我只把配置的各个文件内容发出来:
主机abc.com各个配置如下:
named.conf文件:
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-transfer { 192.168.1.1;};
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { any; };
match-destinations { any; };
recursion yes;
include "/etc/named.zones";
};
其他和dns的配置一样。
主机dns.slaves.abc.com配置如下:
named.conf文件配置:
//
// named.caching-nameserver.conf
//
// Provided by Red Hat caching-nameserver package to configure the
// ISC BIND named(8) DNS server as a caching only nameserver
// (as a localhost DNS resolver only).
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
// DO NOT EDIT THIS FILE - use system-config-bind or an editor
// to create named.conf - edits to this file will be lost on
// caching-nameserver package upgrade.
//
options {
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
listen-on port 53 { any; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
// Those options should be used carefully because they disable port
// randomization
// query-source port 53;
// query-source-v6 port 53;
allow-query { any; };
allow-query-cache { any; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.zones";
};
named.zones文件配置:
// named.rfc1912.zones:
//
// Provided by Red Hat caching-nameserver package
//
// ISC BIND named zone configuration for zones recommended by
// RFC 1912 section 4.1 : localhost TLDs and address zones
//
// See /usr/share/doc/bind*/sample/ for example named configuration files.
//
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "abc.com" IN { //这里必须和主DNS服务器一致
type slave;
masters {192.168.1.10;};
file "slaves/abc.com.zone"; //此处注意,不需要再手工创建该文件
allow-update { none; };
};
zone "1.168.192.in-addr.arpa" IN {
type slave;
masters {192.168.1.10;};
file "slaves/192.168.0.local"; //此处注意,不需要再手工创建该文件
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
重启两台服务器的dns
/etc/init.d/named restart
成功后会如下显示:
[root@localhost slaves]# cd /var/named/chroot/var/named/slaves/
[root@localhost slaves]# ls
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
192.168.0.local abc.com.zone //会显示这两个文件,测试时候注意防火墙和selinux哦!!
[root@localhost slaves]#
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
三、PXE服务的配置
1.为什么要配置PXE
答:PXE服务那是相当好用的,也用的相当对,比如网吧,几百台电脑的情况,难道您要一台台安装?所以
PXE的设计就解决了这个问题。
2.具体配置如下:
[root@localhost isolinux]# yum -y install dhcp.i* tftp* vsftpd.i* system-config-kickstart
[root@localhost isolinux]# cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample /etc/dhcpd.conf
cp: overwrite `/etc/dhcpd.conf‘? y
[root@localhost isolinux]# vi /etc/dhcpd.conf
dhcpd.conf文件内容配置如下:
ddns-update-style interim;
ignore client-updates;
subnet 192.168.1.0 netmask 255.255.255.0 {
# --- default gateway
# option routers 192.168.0.1;
option subnet-mask 255.255.255.0;
filename "pxelinux.0";
next-server 192.168.1.10;
# option nis-domain "domain.org";
# option domain-name "domain.org";
# option domain-name-servers 192.168.1.10;
option time-offset -18000; # Eastern Standard Time
# option ntp-servers 192.168.1.1;
# option netbios-name-servers 192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don‘t change this unless
# -- you understand Netbios very well
# option netbios-node-type 2;
range dynamic-bootp 192.168.1.128 192.168.1.254;
default-lease-time 21600;
max-lease-time 43200;
# we want the nameserver to appear at a fixed address
# host ns {
# next-server marvin.redhat.com;
# hardware ethernet 12:34:56:78:AB:CD;
# fixed-address 207.175.42.254;
# }
}
[root@localhost isolinux]# vi /etc/xinetd.d/tftp
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
/etc/xinetd.d/tftp 文件配置如下:
# default: off
# description: The tftp server serves files using the trivial file transfer \
# protocol. The tftp protocol is often used to boot diskless \
# workstations, download configuration files to network-aware printers, \
# and to start the installation process for some operating systems.
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /tftpboot
disable = no
per_source = 11
cps = 100 2
flags = IPv4
}
[root@localhost isolinux]# system-config-kickstart
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
配置好后将ks.cfg存放到/var/ftp/下面
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
[root@localhost isolinux]# ll /var/ftp/
total 26
dr-xr-xr-x 8 root root 10240 Aug 18 2009 cdrom
-rw-r--r-- 1 root root 759 Aug 16 22:58 ks.cfg
drwxr-xr-x 2 root root 4096 May 13 2009 pub
drwxrwxrwx 3 vuser vuser 4096 Aug 16 09:47 vuserdir
[root@localhost isolinux]# mkdir /var/ftp/cdrom
[root@localhost isolinux]# mount /dev/cdrom /var/ftp/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# mount /dev/cdrom /media/cdrom/
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# mkdir /tftpboot
[root@localhost ~]# cd /media/cdrom/isolinux/
[root@localhost isolinux]# ls
boot.cat initrd.img memtest rescue.msg vmlinuz
boot.msg isolinux.bin options.msg splash.lss
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
general.msg isolinux.cfg param.msg TRANS.TBL
[root@localhost isolinux]# cp vmlinuz /tftpboot/
[root@localhost isolinux]# cp initrd.img /tftpboot/
[root@localhost isolinux]# cp /usr/lib/syslinux/pxelinux.0 /tftpboot/
[root@localhost isolinux]# mkdir /tftpboot/pxelinux.cfg
[root@localhost isolinux]# cp isolinux.cfg /tftpboot/pxelinux.cfg/default
[root@localhost isolinux]# vi /tftpboot/pxelinux.cfg/default
/tftpboot/pxelinux.cfg/default 文件配置如下:
default linux
prompt 1
timeout 600
label linux
kernel vmlinuz
append ks=ftp://192.168.1.10/kscfg initrd=initrd.img
[root@localhost isolinux]# /etc/init.d/dhcpd restart
Shutting down dhcpd: [ OK ]
Starting dhcpd: [ OK ]
[root@localhost isolinux]# /etc/init.d/vsftpd restart
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@localhost isolinux]# /etc/init.d/xinetd restart
Stopping xinetd: [ OK ]
Starting xinetd: [ OK ]
[root@localhost isolinux]#
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
(如果您也是用虚拟机,个人建议用VM,VBOX可能会带来一点小问题。)
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
四、VSFTPD服务的配置
1.为什么选择vsftpd
答:号称史上最安全的FTP服务器工具
2.具体配置:
(本配置使用mysql作为虚拟用户,如果您想实现其他的功能,请自己参阅其他相关配置。本文需要名为:
pam_mysql-0.7RC1软件包)
[root@localhost Desktop]# yum -y install vsftpd.i*
[root@localhost Desktop]# yum -y install mysql-devel.i* mysql-server.i*
[root@localhost Desktop]# /etc/init.d/mysqld start
[root@localhost Desktop]# mysqladmin -u root password redhat
[root@localhost Desktop]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.0.77 Source distribution
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.
mysql> create database vftpdata;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| test |
| vftpdata |
+--------------------+
4 rows in set (0.00 sec)
mysql> create table vuser(name char(16),pwd char(16));
Query OK, 0 rows affected (0.03 sec)
mysql> show tables;
+--------------------+
| Tables_in_vftpdata |
+--------------------+
| vuser |
+--------------------+
1 row in set (0.00 sec)
mysql> insert into vuser(name,pwd) values (‘abc‘,‘1234‘);
Query OK, 1 row affected (0.00 sec)
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
mysql> select * from vuser;
+------+------+
| name | pwd |
+------+------+
| abc | 1234 |
+------+------+
1 row in set (0.00 sec)
我们多加几个用户进来命令如下:
[root@localhost Desktop]# mysql -u root -p -e "use vftpdata;insert into vuser(name,pwd) values
(‘zhangsan‘,‘1234‘)";
Enter password:
[root@localhost Desktop]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 5.0.77 Source distribution
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.
mysql> use vftpdata;select * from vuser
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
-> ;
+----------+------+
| name | pwd |
+----------+------+
| abc | 1234 |
| zhangsan | 1234 |
+----------+------+
2 rows in set (0.00 sec)
mysql>
赋予vftpuser用户有查询mysql的vftpdata.vuser 表的权限
mysql> grant select on vftpdata.vuser to vftpuser@localhost identified by ‘redhat‘;
Query OK, 0 rows affected (0.00 sec)
测试 vftpuser用户能否执行查询任务
mysql> use vftpdata;select * from vuser;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
+----------+------+
| name | pwd |
+----------+------+
| abc | 1234 |
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
| zhangsan | 1234 |
+----------+------+
2 rows in set (0.00 sec)
安装pam_mysql-0.7RC1软件包如下:
[root@localhost pam_mysql-0.7RC1]# yum -y install pam-devel.i* //这个是在编译时候防止出现错误
[root@localhost ]# cd /root/Desktop/pam_mysql-0.7RC1
[root@localhost pam_mysql-0.7RC1]# ./configure
[root@localhost pam_mysql-0.7RC1]# make;make install
注意:有时候您在装完pam_mysql-0.7RC1后可能找不到上述pam_mysql.la 和pam_mysql.so文件,请您到
查看
[root@localhost ~]# ls /usr/lib/security/
classpath.security pam_mysql.la pam_mysql.so
把这两个文件复制到 /lib/security/下即可
创建虚拟映射用户
[root@localhost ~]# useradd -d /var/ftp/vuser -s /sbin/nologin vuser
[root@localhost ~]# chmod 757 /var/ftp/vuser
[root@localhost ~]# vi /etc/vsftpd/vsftpd.conf
/etc/vsftpd/vsftpd.conf 文件修改此处(其他部分如有需要请您参考其他文档自行修改)为标记部分:
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
[root@localhost ~]# vi /etc/pam.d/vsftpd //与上图中文件名一致
/etc/pam.d/vsftpd文件配置内容如下:
auth required /lib/security/pam_mysql.so user=vftpuser passwd=redhat host=localhost db=vftpdata
table=vuser usercolumn=name passwdcolumn=pwd crypt=0
account required /lib/security/pam_mysql.so user=vftpuser passwd=redhat host=localhost
db=vftpdata table=vuser usercolumn=name passwdcolumn=pwd crypt=0
(本文采用crypt=0,请读者查看pam_mysql-0.7RC1软件包中的README文件选取适合您的加密方式)
[root@localhost ~]# /etc/init.d/mysqld restart
Stopping MySQL: [ OK ]
Starting MySQL: [ OK ]
[root@localhost ~]# /etc/init.d/vsftpd restart
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
Shutting down vsftpd: [ OK ]
Starting vsftpd for vsftpd: [ OK ]
[root@localhost ~]# ftp localhost
Connected to localhost.localdomain.
220 (vsFTPd 2.0.5)
530 Please login with USER and PASS.
530 Please login with USER and PASS.
KERBEROS_V4 rejected as an authentication type
Name (localhost:root): abc //采用mysql数据表中的用户
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> bye
221 Goodbye.
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
五、NFS服务的配置
具体配置如下:
1.先看看系统有没有动安装NFS软件包
rpm -qa|grep nfs
如果没有请安装
2.创建共享目录
[root@localhost ~]# mkdir /home/nfsdir
[root@localhost ~]# ls /home/nfsdir
Screenshot.png text
3.编辑[root@localhost ~]# vi /etc/exports
/home/nfsdir 192.168.1.*(ro) //不管用户在客户端是什么身份,都将在本服务器以nsfnobody身份对共享目
录的权限 [默认是all_squash]
#/home/nfsdir 192.168.1.*(ro,no_root_squash) //如果用户在客户端以root登录,则服务器认为其有本机
root对共享目录的权限
#/home/nfsdir 192.168.1.*(ro,root_squash)//如果客户端是root用户,怎也会以nsfnobody身份对共享目录
的权限[root_squash只将root用户映射为nfsnobody]
#/home/nfsdir 192.168.1.*(ro,anonuid=509,anongid=510)//不管在客户端是什么身份,都会用本机509用
户,510用户组,两个可以不同时出现在配置中
#/home/nfsdir 192.168.1.*(ro,no_root_squash,anonuid=509,anongid=510)//两个权限的重合
#/home/nfsdir 192.168.1.*(ro,root_squash,anonuid=509,anongid=510)//两个权限的重合
查看本机注册
[root@localhost ~]# rpcinfo -p localhost
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
在客户机挂载:
[root@localhost ~]# mount -t nfs 192.168.1.1:/home/nfsdir /media/nfs
[root@localhost ~]# ls /media/nfs/
Screenshot.png text
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
六、SAMBA服务的配置
1.SAMBA的介绍
这个不废话了。
2.具体配置
(由于SAMBA太过于强大,我只列举简单的一些,希望能抛砖引玉)
[root@localhost test]# gedit /etc/samba/smb.conf
在全局配置下面加如下,然后保存:
[global]
include = /etc/samba/%G.smb.conf
workgroup = WORKGROUP //这个是我在微软下面测试用的
; server string = Samba Server Version %v 这句请注释掉,因为有下发行版漏洞是已知的。
max connections =15 //最大同时链接数
security = user
passdb backend = tdbsam
自行创建如下:
[test]
comment = Directories
writable = yes
path=/test
public=yes
; valid users = %S
; valid users = MYDOMAIN\%S
然后保存。
[root@localhost ~]# mkdir /text
[root@localhost ~]# mkdir /subtext
[root@localhost ~]# chmod 777 /subtext
[root@localhost ~]# vi /etc/samba/abc.smb.conf
编辑内容如下:
[subtest]
comment = Home Directories
writable = yes
path=/subtest
public=yes
valid users = abc @abc
; valid users = MYDOMAIN\%S
创建用户
[root@localhost ~]# smbpasswd -a abc
启动服务
[root@localhost test]# /etc/init.d/smb restart
Shutting down SMB services: [ OK ]
Shutting down NMB services: [ OK ]
Starting SMB services: [ OK ]
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
Starting NMB services: [ OK ]
linux下测试:
[root@localhost test]# smbclient -L 192.168.1.10 -U abc
Password:
Domain=[LOCALHOST] OS=[Unix] Server=[Samba 3.0.33-3.14.el5]
Sharename Type Comment
--------- ---- -------
test Disk Directories
subtest Disk Home Directories
IPC$ IPC IPC Service (Samba 3.0.33-3.14.el5)
Domain=[LOCALHOST] OS=[Unix] Server=[Samba 3.0.33-3.14.el5]
Server Comment
--------- -------
Workgroup Master
--------- -------
WORKGROUP
Windows下测试:
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
七、WWW服务的配置
1.什么是www服务?
答:自行查阅相关文档
2.具体配置
(本文主要配置apache工具,且DNS已经配置好。)
1> 基本配置:
[root@localhost ~]# yum -y install httpd.i*
由于/etc/httpd/conf/httpd.conf文件中Global Environment包含Include conf.d/*.conf参数
所以我们在 /etc/httpd/conf.d/下建立www.conf文件
[root@localhost conf.d]# ls
proxy_ajp.conf README welcome.conf www.conf
www.conf配置内容如下:
NameVirtualHost 192.168.1.10:80
<VirtualHost 192.168.1.10:80>
DocumentRoot /var/www/html/
ServerName www.abc.com
ErrorLog logs/www.abc.com-error_log
CustomLog logs/www.abc.com-access_log common
</VirtualHost>
[root@localhost conf.d]# cd /var/www/html/
在/var/www/html/目录下建立index.html文件内容如下:
<html>
<head>
<title>This is a text page</title>
</head>
<body>
This is a text page.
</body>
</html>
重启服务:
[root@localhost html]# /etc/init.d/httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
[root@localhost html]
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
2> htpasswd身份认证(本文是对单个文件进行访问控制,如果对目录,请在如下目录选项中加访问控制)
在/var/www/html/目录下面建立htpasswd.html文件内容如下:
<html>
<head>
<title>This is htpasswd page</title>
</head>
<body>
This is htpasswd page.
</body>
</html>
[root@localhost html]# gedit /etc/httpd/conf.d/www.conf
编辑www.conf 文件,内容如下:
NameVirtualHost 192.168.1.10:80
<VirtualHost 192.168.1.10:80>
# ServerAdmin webmaster@dummy-host.example.com
DocumentRoot /var/www/html/
ServerName www.abc.com
<Directory /var/www/html> //如果对目录访问控制,请在下面进行配置,内容与<Files></Files>一样
order Allow,Deny
Allow From All
<Files htpasswd.html>
AuthName Testpage
AuthType Basic
AuthUserFile /etc/httpd/.passwd/.htpasswd
Require valid-user
</Files>
</Directory>
ErrorLog logs/www.abc.com-error_log
CustomLog logs/www.abc.com-access_log common
</VirtualHost>
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
3> mysql身份验证
(请首先安装好mysql服务,安装方法本文不再讲解,请参阅VSFTP章节安装方法[本文不需要
pam_mysql-0.7RC1软件包])
具体配置如下:
[root@localhost html]# yum -y install mod_auth_mysql.i* //apache服务所需模块
[root@localhost html]# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3
Server version: 5.0.77 Source distribution
Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the buffer.
mysql> create database websql;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
生活其实很精彩~~本文版权保留,任何人不得利用本文获取利益!!!
hanbim520@msn.cn,欢迎交流,交流才能进步!!
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| test |
| vftpuser |
| websql |
+------------------
LINUX服务部分配置【带图的可以在csdn上找 hanbim520账号下载,我做成的是PDF】