我给倪一分服务器设置的手顺书
一定要给分!
目录:
<1. Redhat Install>
<2. PostgreSQL Install>
<3. Aapche Install>
<4. Php4 Install>
<5. Proftpd Install>
<6. daemontools Install>
< 7.cdb-0.75 install>
<8. tcpsever Install>
<9. tcpwrapper 设定>
<10. openssh Install>
<11. qmail Install>
<12.rsync install>
<13. xntp install >
<14. analog>
<15. fml >
安装所需软件:(软件放在/home/dico/sysad/src下)
apache_1.3.19.tar.gz
postgreSQL7.1.2.tar.gz
openssl-0.9.5a.tar.gz
mod_ssl-2.8.3-1.3.19.tar.gz
php-4.0.4.tar.gz
php-4.0RC2_jstring-1.0.tar.gz
rsync-2.4.6.tar.gz
proftpd-1.2.1.tar.gz
openssh-1.2.1pre22.tar
xntp3-5.93-4.i386.rpm
daemontools-0.76.tar.gz
ucspi-tcp-0.88.tar.gz
cdb-0.75.tar.gz
qmail-1.03.tar.gz
vpopmail-4.9.tar.gz
<1. Redhat Install>
1. 设置CMOS为光盘启动;
2. 光盘放入光驱中;
3. Welcome to Red Hat Linux 显示后,回车;
4. Keyboard Configuration 页面,点击 Next;
5. Mouse Configuration页面,选择 2 Buttons Mouse ( Ps/2 ), 点击 Next;
6. Welcome to Red Hat Linux页面,点击 Next;
7. Install Options页面,选择 Custom System,点击 Next;
8. Disk Partitioning页面,选择Manually Partition with Fdisk ;
9. Using Fdisk 中,Select drive to run fdisk on ----had----中,点击----had----;
10. Partition with Fdisk;
1) 删除分区(从后往前删除已经存在的分区);
2) 新建分区
Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :1<enter>
First cylinder (1---1868,default 1) :<enter>
Last cylinder or +size or +sizeM or +sizeK: +256M<enter>(该PC 内存倍数)Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :2<enter>
First cylinder (18---1868,default 18) :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :3<enter>
First cylinder (149---1868,default 149) :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>Command(m for help):n<enter>
e extend
p primary partition (1---4)
e<enter>
Partition number (1---4) :4<enter>
First cylinder (280---1868,default 280) :<enter>
Last cylinder or +size or +sizeM or +sizeK default 1868:<enter>#此处,将剩余空间全部#给extend
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+2048M<enter>Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余空间的3/5
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余空间的1/2
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余全部空间
3) 改变分区ID:
Command(m for help):t<enter>
Partition number (1---9): 1<enter>
Hex code (type L to list codes):82<enter>
Command(m for help):t<enter>
Partition number (1---9): 4<enter>
Hex code (type L to list codes):85<enter>
Command(m for help):a<enter>
Partition number (1---9): 2<enter>
4)保存分区信息:
Command(m for help):w<enter>
点击Next
11. Partitions中,点击Edit,修改分区名称。修改结果如下:
Mount Point Device Requested Actual Type
<swap> hda1 133M 133M linux swap
/ * hda2 1027M 1027M linux native
/home hda3 2055M 2055M linux native
/usr hda4 1027M 1027M linux native
/var hda5 1027M 1027M linux native
/user1 hda6 5710M 5710M linux native
/user2 hda7 1882M 1882M linux native
/user3 hda8 1788M 1788M linux native12. Choose Partitions to Format, 点击 Next;
13. Lilo Configuration, 点击 Next;
14. Network Configuration, 根据要求在各项中填写正确的IP,Netmask, Hostname, Gate way 与 Primary DNS 信息,例如:
(不选DHCP)
IP: 192.168.10.207
Netmask: 255.255.255.0
Hostname: dragon.qddico.com.cn
Gate way: 192.168.10.254
Primary DNS: 192.168.10.254
15. Fire Wall Configuration, 选择 No Fire Wall, 点击 Next;
16. Language Support Selection, 选择具体语言环境;
17. Time Zone Selection, 选择“shanghai (China coast )”;
18. Account Configuration,填写所需项目,例如:
Root Password: qingdao
Confirm Password: qingdao
点击 Next;
19. Authentication Configuration, 点击 Next;
20. Selecting Package Groups, 选择:
i. Anonymous FPT Server
ii. DNS Name Server
iii. Authoring / Publishing
iv. Emacs
v. Development
vi. Kernel Deverlopment
vii. Utilities
点击 Next;
21. About to Install, 点击 Next ( 期间,程序提示更换第二张光盘 );
22. Boot Disk Creation(制作启动盘), 根据要求选择
Skip boot disk creation (跳过启动盘制作)
23. Congratulations, installation is complete,点击 Exit.
24. 取出光盘,软盘。
25. Linux 7.1安装结束。
1-2-1)
添加一个标准用户:g-dico
# /usr/sbin/groupadd –g 700 dico
# /usr/sbin/useradd –g dico –u 700 –d /home/dico g-dico
# chmod 755 /home/dico
# passwd g-dico
New UNIX password: dico1234
Retype new UNIX password:dico1234
Passwd: all authentication tokens updated successfully,添加用户及密码设定成功
1-2-2) 密码设定后将其规整:
/usr/sbin/pwconv
/usr/sbin/grpconv
# su g-dico
$ mkdir /home/dico/sysad
$ mkdir /home/dico/sysad/src
1-2-4) 建立原始目录:
# mkdir /usr/local/dico-bin
# chgrp dico /usr/local/dico-bin
# chmod 770 /usr/local/dico-bin# mkdir /usr/local/dico-sbin
# chgrp dico /usr/local/dico-sbin
# chmod 770 /usr/local/dico-sbin# mkdir /etc/named
# chown named.named /etc/named
# chmod 775 /etc/named# mkdir /var/usrlog
# chgrp daemon /var/usrlog
# chmod 775 /var/usrlog1-2-5)链接/usr/vi与/usr/bin/vi:
# ln /bin/vi /usr/bin/vi1-2-6)链接perl
# ln -s /usr/bin/perl /usr/local/bin/perl2-1) postgreSQL7.1.2
#groupadd –g 71 postgres
#useradd -d /home/postgres -g postgres -u 16 postgres
#/usr/bin/pwconv
#/usr/sbin/grpconv
#mkdir /home/postgres
#chown postgres.postgres
#mkdir /usr/local/pgsql
#chown postgres.postgres /usr/local/pgsql
# tar zxvf postgressql-7.1.2.tar.gz
# chown –R postgres.postgres postgresql-7.1.2
# cd postgressql-7.1.2
# su – postgres
$ ./configure - -enable-multibyte - - with-perl
$ make all
如果出现“all of PostgreSQL is successfully made. Ready to install.”执行,
$ make install
vi /home/postgres/.bash_profile
export PATH="$PATH":/usr/local/pgsql/bin
export POSTGRES_HOME=/usr/local/pgsql
export PGLIB=$POSTGRES_HOME/lib
export PGDATA=$POSTGRES_HOME/data
export MANPATH="$MANPATH":$POSTGRES_HOME/man
export LD_LIBRARY_PATH="$LD_LIBRARY_PATH":"$PGLIB"
$ cd /home/psotgres
$ source .bash_progfile
$ initdb 初始化数据库
重新启动设定
$su – root
#vi /etc/rc.d/rc.local 在末尾添加:
#PostgreSQL
rm /tmp/.s.PGSQL.*
su – postgres –c “/usr/local/pgsql/bin/postmaster –S -i”#sync:sync:sync:/sbin/reboot 测试postgresql:
# su – postgres
$cd /usr/local/src/postgres-7.1.2/src/test/regress
$ make all runtest
各个项目都有“ok”和“failed”的表示
如果只有几个“failed”的话没有什么问题
比如说) abstime .. failed
2-2)安装perl5
#su - postgres
$cd /usr/local/src/postgres-7.1.2/src/interface/perl5
$perl Makefile.PL
$make
$make test
$su – root
#cd /usr/local/src/postgres-7.1.2/src/interface/perl5
#make install
perl5安装完成。
3)apache install>
# cd /home/dico/sysad/src
# tar xzvf apache_1.3.19.tar.gz
# tar xvfz mod_ssl-2.8.3-1.3.19.tar.gz
# tar xzvf php-4.0.4.tar.gz
# tar xzvf php-4.0RC2_jstring-1.0.tar.gz
# tar xvfz openssl-0.9.5a.tar.gz3-1) apache_1.3.19 + mod_ssl install
openssl的安装:
# cd openssl-0.9.5a
# ./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl/conf
# make
# make test
# make install3-2)mod_ssl-2.8.3-1.3.19 动态安装的设定
# cd mod_ssl-2.8.3-1.3.19
# ./configure --with-apache=../apache_1.3.193-3)apache的安装
# cd ../apache_1.3.19
# SSL_BASE=/usr/local/openssl
# ./configure --enable-module=so --disable-rule=WANTHSREGEX --prefix=/usr/local/apache
--sysconfdir=/etc/httpd --logfiledir=/var/log/httpd --enable-shared=max --enable-module=ssl –datadir=/home/httpd
# cd src
# cp Configuration.apaci Configuration
# ./Configure
# cd ..
# make
***重要,没有TYPE=custom的话会造成密钥交换失败
# make certificate TYPE=custom
______________________________________________________________________
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Tokyo
3. Locality Name (eg, city) [Snake Town]:Chiyoda-ku
4. Organization Name (eg, company) [Snake Oil, Ltd]:Digital Cosmos, Inc.
5. Organizational Unit Name (eg, section) [Certificate Authority]:Network Solution
6. Common Name (eg, CA name) [Snake Oil CA]:ds4test.qddico.com.cn
7. Email Address (eg, name@FQDN) [[email protected]]:[email protected]
8. Certificate Validity (days) [365]:365
______________________________________________________________________STEP 3: Generating X.509 certificate for CA signed by itself [ca.crt]
Certificate Version (1 or 3) [3]:1
----------------------------------------------
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Tokyo
3. Locality Name (eg, city) [Snake Town]:Chiyoda-ku
4. Organization Name (eg, company) [Snake Oil, Ltd]:Digital Cosmos, Inc.
5. Organizational Unit Name (eg, section) [Webserver Team]:ds4test.qddico.com.cn
6. Common Name (eg, FQDN) [www.snakeoil.dom]:ds4test.qddico.com.cn
7. Email Address (eg, name@fqdn) [[email protected]]:[email protected]
8. Certificate Validity (days) [365]:365
______________________________________________________________________STEP 6: Generating X.509 certificate signed by own CA [server.crt]
Certificate Version (1 or 3) [3]:1
Encrypt the private key now? [Y/n]: y
read RSA key
writing RSA key
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:dico1234
Fine, you're using an encrypted private key.dico1234
Encrypt the private key now? [Y/n]: y
read RSA key
writing RSA key
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:dico1234
Fine, you're using an encrypted private key.dico1234
_____________________________________________________________________# make install
***测试:
#/usr/local/apache/bin/httpd –l
应该出现:
Compiled-in modules:
http_core.c
mod_so.c
suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec,说明安装成功。
***启动apache_ssl
# /usr/local/apache/bin/apachectl startssl
***检验
# cat /var/log/httpd/error.log
文件内容中有
Apache/1.3.19(Unix) mod_ssl/2.8.3 openssl/0.9.5a configured -- resuming normal operations
即为成功.
# cd ..4> php-4.0.4 安装
4-1) php-4.0.4 install
# cd php-4.0.4
# ./configure --with-apxs=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/lib/php.ini
# vi /etc/httpd/httpd.conf
将其中的:
# AddType application/x-httpd-php .php
# AddType application/x-httpd-php-source .phps
修改为:
AddType application/x-httpd-php .php .php3 .php4
AddType application/x-httpd-php-source .phps
# /etc/rc.d/init.d/httpd restart
# ./configure
# make
# make install
# ln -s /usr/local/apache/bin/apachectl /etc/rc.d/init.d/httpd
# /etc/rc.d/init.d/httpd restart
# cd ..4-2> php4.0.4日文补丁安装 php-4.0RC2_jstring-1.0 install
# cd jstring/
# phpize
# ./configure --enable-jstring
# make
# make install
# cp /usr/local/lib/php/extensions/no-debug-non-zts-20001214/jstring.so /usr/local/lib/php/extensions/
# vi /usr/local/lib/php.ini
将:
extension_dir = ./
修改为:
extension_dir = /usr/local/lib/php/extensions
查找:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
然后在:
; needs to go here. Specify the location of the extension with the extension_dir directive above.
这一行后面另起一行添加:
extension=jstring.so后,保存退出。
# /etc/rc.d/init.d/httpd restart ------------重新启动httpd,让设定生效;
***检验:
# /usr/local/bin/php -m
显示:
Zend Engine v1.0.4, Copyright (c) 1998-2000 Zend Technologies
[PHP Modules]
jstring
xml
standard
session
posix
pcre
mysql
[Zend Modules]
表示jstring模块安装正确***做成一测试页面:
# vi /usr/local/apache/htdocs/test.php
-----------------------------
<HTML>
<TITLE>php test page</TITLE>
<BODY>
<?
phpinfo();
?>
</BODY>
</HTML>
-----------------------------
在IE打开此页面http://hostname/test.php将显示PHP安装设定的信息,说明php4安装成功
All install end5)proftp安装>
$ cd /home/dico/sysad/src
$ tar xvfz proftpd-1.2.1.tar.gz
$ cd proftpd-1.2.1
$ ./configure
$ make
$ su
# make install
5-1)设定proftpd.conf文件
# vi /usr/local/etc/proftpd.conf
修改文件内容为如下方式
=======================================================
ServerName "ProFTPD Default Installation"
DeferWelcome on
ServerType inetd
DefaultServer on
DefaultRoot ~!admin
Systemlog /var/log/proftpd.log
ExtendedLog /var/log/proftpd.log ALL
<Limit LOGIN>
AllowGroup profuser
AllowUser ftp
DenyAll
</Limit>Umask 022
MaxInstances 30
User nobody
Group nobody
<Directory /*>
AllowOverwrite on
</Directory>
<Anonymous ~ftp>
User ftp
Group ftp
RequireValidShell off
UserAlias anonymous ftp
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
=======================================================
5-2) 进行proftp用户管理设定,添加一个允许组内用户ftp的组
# /usr/sbin/groupadd -g 777 profuser
5-3) ftplog设定
# cd /etc/logrotate.d/
# cp ftpd proftpd
# vi proftpd
5-4) 修改proftp ftplog控制文件为如下
====================================================
/var/log/proftpd.log {
# ftpd doesn't handle SIGHUP properly
nocompress
}
====================================================
5-5) 用proftp程序替换wu-ftp程序
# cp /usr/local/sbin/in.proftpd /usr/sbin/
# cd /etc/xinetd.d/
# mv wu-ftp proftp
# vi proftp
5-6) 将守护进程配置文件改写成如下样式
===================================================
service ftp
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.proftpd
server_args =
log_on_success += DURATION USERID
log_on_failure += USERID
nice = 10
disable = no
}
===================================================
5-7) 启动proftp
# /etc/rc.d/init.d/xinetd stop
# /etc/rc.d/init.d/xinetd start
# vi /etc/group
在profuser:x:777: 行加入希望给予ftp权限的用户,用户名之间用,分隔。
6) daemontools-0.76 Install>
$ cd /home/dico/sysad/src
$ tar xzfv daemontools-0.76.tar.gz
$ mv admin/daemontools-0.76 ./
$ rm -fr admin
$ cd daemontools-0.76
$ su
# ./packge/install
# mkdir /var/service
# ln -s /var/service /service
/etc/rc.d/init.d/svscanctl 做成
# vi /etc/rc.d/init.d/svscanctl
----------------------------------------------------
#!/bin/sh
# Startup script for svscan
PATH=/usr/local/bin:/usr/bin:/bin
SVDIR=/service
case "$1" in
start)
echo -n "Starting svscan: "
cd $SVDIR || exit 1
csh -cf 'exec env - PATH="$PATH" svscan &
echo $! > /var/run/svscan.pid'
touch /var/lock/subsys/svscan
echo "done"
;;
stop)
echo -n "Shutting down svscan: "
if [ -f /var/run/svscan.pid ]; then
kill `cat /var/run/svscan.pid`
svc -dx $SVDIR/*
svc -dx $SVDIR/*/log
rm -f /var/run/svscan.pid
rm -f /var/lock/subsys/svscan
fi
echo "done"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
exit 0
----------------------------------------------------
# chmod +x /etc/rc.d/init.d/svscanctl
# ln -s /etc/rc.d/init.d/svscanctl /etc/rc.d/rc3.d/S80svscanctl
# ln -s /etc/rc.d/init.d/svscanctl /etc/rc.d/rc6.d/K30svscanctl7)cdb-0.75 install)
$ cd /home/dico/sysad/src
$ gzip -dc cdb-0.75.tar.gz | tar xvf -
$ cd /home/dico/sysad/src/cdb-0.75
$ make
# su
# cp cdbget /usr/local/bin
# cp cdbmake /usr/local/bin
# cp cdbdump /usr/local/bin
# cp cdbstats /usr/local/bin
# cp cdbtest /usr/local/bin8) tcpserver Install>
$ cd /home/dico/sysad/src
$ gzip -dc ucspi-tcp-0.88.tar.gz | tar xvf -
$ cd /home/dico/sysad/src/ucspi-tcp-0.88
$ make
$ su
# make setup check
# exit9) tcpwapper>
# vi /etc/hosts.allow
输入如下
ALL: 127.0.0.1 : ALLOW
ALL: 210.239.155.173 210.12.102.194: ALLOW
ALL: 192.168.10.0/255.255.255.0 : ALLOW
in.telnetd: 211.10.3.77 211.10.3.78 211.10.3.79 : DENY
ALL: 211.10.3.64/255.255.255.192 61.121.252.128/255.255.255.192 192.168.20.0/255.255.255.0
192.168.10.0/255.255.255.0: ALLOW
in.proftpd: ALL: ALLOW
in.telnetd: ALL: DENY
in.fingerd: 211.10.3.66: ALLOW
ALL: ALL: DENY# mkdir /home/dico/sysad/bin
# vi /home/dico/sysad/bin/tcpwrap1.sh
输入如下内容
#! /bin/sh
echo --- Service ---
echo $1
echo --- Client address ---
echo $2
echo --- Client info ---
echo $3
echo --- Client User info ---
echo $4
echo --- finger ---
/usr/sbin/safe_finger -l $510)openssh install
# cd /home/dico/sysad/src
# tar xvfz openssh-1.2.1pre22.tar.gz
# cd openssh
# cd /home/dico/sysad/src/openssh-1.2.1pre22
# ./configure --with-tcp-wrappers --sysconfdir=/etc/ssh
# make
# make install
# cp sshd.pam.generic /etc/pam.d/sshd
# vi /etc/pam.d/sshd
加入如下内容:
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_pwdb.so shadow nullok
# auth required /lib/security/pam_unix.so shadow nodelay nullok
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_pwdb.so
# account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
# password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
# session required /lib/security/pam_unix.so
session required /lib/security/pam_limits.so
# /usr/local/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
# vi /etc/services
查看是否有如下内容:
ssh 22/tcp
ssh 22/udp
# vi /etc/ssh_known_hosts
加入如下内容:
210.12.102.194
210.12.102.195
210.12.102.196
210.12.102.197
210.233.100.217
210.239.155.173
210.239.155.162
# mkdir /service/ssh
# touch /service/ssh/down
# vi /service/ssh/run加入如下内容:
#!/bin/sh
exec /usr/local/bin/tcpserver 0 ssh /usr/local/sbin/sshd –I
# chmod +x /service/ssh/run
# rm /service/ssh/down
# cd
# mkdir .ssh
# cd .ssh
# /usr/local/bin/ssh-keygen,出现如下提示:
Enter file in which to save the key (/home/dico/.ssh/identity): <-- 可直接回车
Enter passphrase (empty for no passphrase): <-- 输入密码
Enter same passphrase again: <-- 确认密码
生成identity,identitiy.pub两个文件
# cp identity.pub authorized_keys
测试:1、# ssh 本机域名
2、将identitiy.pub下载到本机,再用ssh方式+identitiy.pub登录本机域名11) qmail Install >
11-1)目录准备
$ cd /home/dico/sysad/src
$ gzip -dc qmail-1.03.tar.gz | tar xvf –
$ cd /home/dico/sysad/src/qmail-1.03
$ make setup check
11-2)安装配置
$ su
# mkdir /var/qmail
# /usr/sbin/groupadd -g 602 nofiles
# /usr/sbin/useradd -u 603 -g nofiles -d /var/qmail/alias alias
# /usr/sbin/useradd -u 604 -g nofiles -d /var/qmail qmaild
# /usr/sbin/useradd -u 605 -g nofiles -d /var/qmail qmaill
# /usr/sbin/useradd -u 606 -g nofiles -d /var/qmail qmailp
# /usr/sbin/groupadd -g 603 qmail
# /usr/sbin/useradd -u 607 -g qmail -d /var/qmail qmailq
# /usr/sbin/useradd -u 608 -g qmail -d /var/qmail qmailr
# /usr/sbin/useradd -u 609 -g qmail -d /var/qmail qmails
# ./config-fast new.qddico.com.cn # < new.qddico.com.cn 是当前主机的默认邮件域名
# ./config
-> /var/qmail/control/locals 被生成
-> /var/qmail/control/rcpthosts 被生成
# cd ~alias
# touch .qmail-postmaster .qmail-mailer-daemon .qmail-root
# chmod 644 .qmail*
# cp /var/qmail/boot/home /var/qmail/rc
# vi /etc/tcp.smtp
输入如下行内容
127.0.0.:allow,RELAYCLIENT=""
# /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
# vi /etc/group
添加如下行
vchkpw:x:690:
#vi /etc/passwd
添加如下行
vpopmail:x:690:690::/home/vpopmail:/bin/false
# /usr/sbin/pwconv
# /usr/sbin/grpconv
11-3)安装vpopmail
11-3-1)准备目录:
# cd /home/dico/sysad/src
# gzip -dc vpopmail-4.9.tar.gz | tar xvf -
# cd vpopmail-4.9
11-3-2)安装:
# ./configure --enable-roaming-users=y --enable-logging=y
# make
# make install-strip
11-3-4)配置:
# mkdir /service/qmail
# cd /service/qmail
# touch down
# vi run
输入如下内容
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" /var/qmail/bin/qmail-start ./Maildir/ splogger qmail
# chmod +x run
# mkdir /service/smtpd
# cd /service/smtpd
# touch down
# vi run
输入如下内容:
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" /usr/local/bin/tcpserver -v -R -c 400 -x /etc/tcp.smtp.cdb -u 604
-g 602 0 smtp qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtp 4
# chmod +x run
# mkdir /service/pop-3
# cd /service/pop-3
# touch down
# vi run
输入如下内容
#!/bin/sh
exec /usr/local/bin/tcpserver -R 0 pop-3 /var/qmail/bin/qmail-popup new.qddico.com.cn
/home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 | /var/qmail/bin/splogger qmail
注意点:new.qddico.com.cn要替换成当前主机的域名
# chmod +x run
# cd /etc/rc.d/rc3.d
# mv S80sendmail org.S80sendmail
# kill -9 ` ps ax | grep sendmail | awk '{print $1}'`
# chmod 0 /usr/lib/sendmail
# chmod 0 /usr/sbin/sendmail
# mv /usr/lib/sendmail /usr/lib/sendmail.bak
# mv /usr/sbin/sendmail /usr/sbin/sendmail.bak
# ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
# cd /var/qmail/alias
# vi .qmail-mailer-daemon
写入
sysad
# vi .qmail-root
写入
sysad
# vi .qmail-postmaster
写入
sysad
# vi .qmail-sysad
写入
[email protected]
# vi /var/qmail/control/rcpthosts
写入
localhost
dico.co.jp
qddico.com.cn
# vi /var/qmail/control/defaultdomain
写入主机名,这里写入
new.qddico.com.cn -------------------- 替换成当前主机的域名
# rm /service/qmail/down
# rm /service/smtpd/down
# rm /service/pop-3/down
# sync;sync;sync;/sbin/reboot
# crontab -e
写入如下内容
10,25,40,55 * * * * /home/vpopmail/bin/clearopensmtp12) rsync install>
$cd /home/dico/sysad/src
$ tar xvfz rsync-2.4.6.tar.gz
$ cd rsync-2.4.6
$ ./configure
$ make all
$ su
# make install
12-1) 设定rsync.conf文件
# vi /etc/rsync.conf
在其中添加如下内容
==========================================================
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
==========================================================
12-2) 设定servers文件添加rsync端口
# vi /etc/servers
添加如下两行
==========================================================
rsync 873/tcp # rsync server mirror tools
rsync 873/udp # rsync server mirror tools
==========================================================
执行如下命令将rsync守护进程加入到启动组
# echo "rsync --daemon" >> /etc/rc.d/rc.local
-----------------------------------------------------------------------
13)xntp install>
# cd /home/dico/sysad/src
# rpm -ivv xntp3-5.93-4.i386.rpm
确认:/usr/sbin 内包含 ntpdate ntpq ntptrace xntpd
-----------------------------------------------------------------
安装后设定
13-1) 设定前要做的准备
创建 /etc/ntp.conf
# vi /etc/ntp.conf
写入如下内容
===========================================================================
server 133.100.9.2 #clock.nc.fukuoka-u.ac.jp
server 203.139.30.195 #ntp.cyber-fleet.net
server 207.126.103.204 #US CA nist1.sjc.certifiedtime.com
server 216.152.68.20 #US CA tock.gpsclock.com
server 209.81.9.7 #US CA clock.via.net
#其他服务器地址参照 http://www.eecis.udel.edu/~mills/ntp/servers.htm
driftfile /etc/ntp.drift
============================================================================
13-2)设定为自动启动
# cd /etc/rc.d/rc3.d
# ln -s /etc/rc.d/init.d/xntpd S85xntpd
13-3) 修改 /etc/rc.d/init.d/xntpd
# vi /etc/rc.d/init.d/xntpd
将第31行修改为
daemon xntpd -p /var/run/xntpd.pid -A -l /var/log/ntp.log
13-4)确认正常工作:
# /etc/rc.d/init.d/xntpd start
# ps ax | grep xntpd
显示如下表示xntp服务启动
31603 ? S 0:00 xntpd -p /var/run/xntpd.pid -A -l /var/log/ntp.log
13-5) 其它设定(将系统事件写入硬件时钟)
# echo "/sbin/clock --systohc" >> /etc/rc.d/rc.local
# crontab -e
追加:0 0 * * * /sbin/clock –systohcanalog-5.03安装手顺
目录<14-1 analog>
$ cd /home/dico/sysad/src
$ tar zxvf analog-5.03.tar.gz 放入最新的analog源文件包
# su
# cd analog-5.03
确认设置和目录
本机的主机名 new.qddico.com.cn (根据主机不同而改变)
本机apache的DocumentRoot /home/httpd/htdocs/
analog的主目录 /usr/local/sbin/analog-5.03/
apache的log目录 /var/log/httpd/httpsd_access_log
analog的images目录 /home/httpd/htdocs/analogimages/
修改analhead.h
# cd /home/dico/sysad/src/analog-5.03/src/
# vi anlghead.h
#define HOSTNAME "[dns1.dico.co.jp]"
#define ANALOGDIR "/usr/local/sbin/analog-5.03/"
#define LOGFILE "/var/log/httpd/httpsd_access_log"
#define IMAGEDIR "/analogimages/"
修改anlghea2.h
# vi anlghea2.h
#define LANGUAGE (ENGLISH)
修改anlfrom.pl
# cd /home/dico/sysad/src/analog-5.03/
# vi anlgform.pl
$analog = '/usr/local/sbin/analog-5.03/analog';
修改analog.cfg
LOGFILE /var/log/httpd/httpsd_access_log
HOSTNAME "[dns1.dico.co.jp]"
UNCOMPRESS *.gz,*.Z "/usr/bin/gzip -cd"
# make clean
# make
# cd /home/dico/sysad/src/analog-5.03/images
# mkdir /home/httpd/htdocs/analogimages/
# cp *.* /home/httpd/htdocs/analogimages/
# chmod 644 /home/httpd/htdocs/analogimages/*.gif
# mkdir /usr/local/sbin/analog-5.03/
# cp analog /usr/local/sbin/analog-5.03/analog
# cp anlgform.pl /home/httpd/cgi-bin/anlgform.pl
# cp -R lang /usr/local/sbin/analog-5.03/lang
# chmod 0755 /usr/local/sbin/analog-5.03/lang
# chmod 0644 /usr/local/sbin/analog-5.03/lang/??*
# cp /usr/local/sbin/analog-5.03/lang/jpform.html /home/httpd/htdocs/anlgform.html
# chmod 644 /home/httpd/htdocs/anlgform.html
修改analog的主显示文件
# vi /home/httpd/htdocs/anlgform.html
<img src="/analogimages/analogo.gif" alt="">
<form action="/cgi-bin/anlgform.pl" method="GET">
<input type=hidden name="IMAGEDIR" value="/analogimages/">
<input type=hidden name="LOGFILE" value="/var/log/httpd/httpsd_access_log">
# cp analog.cfg /usr/local/sbin/analog-5.03
# chmod 644 /usr/local/sbin/analog-5.03/analog.cfg
修改httpsd.conf
# vi /etc/httpd/httpsd.conf
CustomLog /var/log/httpd/httpsd_access_log combined
重起apache进程
# /etc/rc.d/init.d/httpsdctl restart
-----------------------------------
<14-2 测试>
IE 浏览 url: http://new.qddico.com.cn/anlgform.html15) fml設定>
安装方法>
# ln -s /usr/bin/perl /usr/local/bin/perl
15-1) 准备用户
# groupadd fml
# useradd -g fml fml
# mkdir /usr/local/fml /var/spool/ml
15-2) 安装
$ cd /home/dico/sysad/src
装入fml-4.0-stable-20010902.tar.gz
$ tar zxvf fml-4.0-stable-20010902.tar.gz
$ cd fml-4.0-stable-20010902
$ make install
15-3) install fml
Personal,Group,Fmlserv (personal/group/fmlserv) [personal]
DOMAIN NAME [dico.co.jp] 域名
FQDN [ii101.dico.co.jp(主机名)] mail.域名
EXEC FILES DIRECTORY [/usr/local/fml] /home/dico/fml
TOP LEVEL ML DIRECTORY [/var/spool/ml] /home/dico/ml
Language (Japanease or English) [Japanease]
TimeZone (TZ: e.g. +0900, -0300) [+0900]
---Install the Fml system to / home /组/fml (y/n) [n] y
# chown -R fml.fml /usr/local/fml /var/spool/ml
15-2)安装后設定
15-2-1) 邮件列表作成
$ cd /home/dico/fml
$ ./makefml newml test
15-2-2) config.ph 編集
$ ./makefml config test
[POST]
1 把PERMIT_POST_FROM 的项目由members_only 变为 moderator
有菜单提示,选择1
然后再选择1
然后再选择3
然后不断选择0退出到提示符下
15-2-3) qmail設定
$ cd /user1/dico/ml/etc/qmail/alias
$ su root
# mv .qmail-test* /user1/dico/ii--book.com/
# cd /user1/dico/ii-book.com/
# chown -R vpopmail.vchkpw .qmail-test*
# vi .qmail-test-admin
在里面输入管理者的邮件地址
# vi .qmail-test-request
在里面输入管理者的邮件地址
# cd /user1/dico/
15-2-4) 管理人登録
# cd /home/dico/fml
# ./makefml addadmin test [email protected]
或者是
# vi /user1/dico/ii-book.com/.qmail-test-admin
加入[email protected]
15-2-5) 用户登録
# cd /home/dico/fml
# ./makefml add test [email protected](这里是你需要发的信箱)
# vi /user1/dico/ml/test/actives
加入所要的信箱
# chown -R vpopmail.vchkpw /user1/用户/ml
# ps ax | grep qmail
qmail-lspawn ./Maildir/ 检索
# kill -HUP [PID]
15-2-6) 发送邮件方法
向邮件列表送信、转发器(这次设为、[email protected])会收到邮件,内容如下:
给转发者:
有以下的请求。
如果以下的邮件是适当的并且要发到邮件列表的话,
请把以下的KEY WORD 发送到<[email protected]>。
moderator certified 2000073117495214215.866786
只把KEYWORD这行发送到[email protected],这样就可以向邮件列表发送信息了.
一定要给分!
目录:
<1. Redhat Install>
<2. PostgreSQL Install>
<3. Aapche Install>
<4. Php4 Install>
<5. Proftpd Install>
<6. daemontools Install>
< 7.cdb-0.75 install>
<8. tcpsever Install>
<9. tcpwrapper 设定>
<10. openssh Install>
<11. qmail Install>
<12.rsync install>
<13. xntp install >
<14. analog>
<15. fml >
安装所需软件:(软件放在/home/dico/sysad/src下)
apache_1.3.19.tar.gz
postgreSQL7.1.2.tar.gz
openssl-0.9.5a.tar.gz
mod_ssl-2.8.3-1.3.19.tar.gz
php-4.0.4.tar.gz
php-4.0RC2_jstring-1.0.tar.gz
rsync-2.4.6.tar.gz
proftpd-1.2.1.tar.gz
openssh-1.2.1pre22.tar
xntp3-5.93-4.i386.rpm
daemontools-0.76.tar.gz
ucspi-tcp-0.88.tar.gz
cdb-0.75.tar.gz
qmail-1.03.tar.gz
vpopmail-4.9.tar.gz
<1. Redhat Install>
1. 设置CMOS为光盘启动;
2. 光盘放入光驱中;
3. Welcome to Red Hat Linux 显示后,回车;
4. Keyboard Configuration 页面,点击 Next;
5. Mouse Configuration页面,选择 2 Buttons Mouse ( Ps/2 ), 点击 Next;
6. Welcome to Red Hat Linux页面,点击 Next;
7. Install Options页面,选择 Custom System,点击 Next;
8. Disk Partitioning页面,选择Manually Partition with Fdisk ;
9. Using Fdisk 中,Select drive to run fdisk on ----had----中,点击----had----;
10. Partition with Fdisk;
1) 删除分区(从后往前删除已经存在的分区);
2) 新建分区
Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :1<enter>
First cylinder (1---1868,default 1) :<enter>
Last cylinder or +size or +sizeM or +sizeK: +256M<enter>(该PC 内存倍数)Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :2<enter>
First cylinder (18---1868,default 18) :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>Command(m for help):n<enter>
e extend
p primary partition (1---4)
p<enter>
Partition number (1---4) :3<enter>
First cylinder (149---1868,default 149) :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>Command(m for help):n<enter>
e extend
p primary partition (1---4)
e<enter>
Partition number (1---4) :4<enter>
First cylinder (280---1868,default 280) :<enter>
Last cylinder or +size or +sizeM or +sizeK default 1868:<enter>#此处,将剩余空间全部#给extend
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+2048M<enter>Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+1024M<enter>
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余空间的3/5
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余空间的1/2
Command(m for help):n<enter>
First cylinder :<enter>
Last cylinder or +size or +sizeM or +sizeK:+xxxxM<enter> #此处,使用剩余全部空间
3) 改变分区ID:
Command(m for help):t<enter>
Partition number (1---9): 1<enter>
Hex code (type L to list codes):82<enter>
Command(m for help):t<enter>
Partition number (1---9): 4<enter>
Hex code (type L to list codes):85<enter>
Command(m for help):a<enter>
Partition number (1---9): 2<enter>
4)保存分区信息:
Command(m for help):w<enter>
点击Next
11. Partitions中,点击Edit,修改分区名称。修改结果如下:
Mount Point Device Requested Actual Type
<swap> hda1 133M 133M linux swap
/ * hda2 1027M 1027M linux native
/home hda3 2055M 2055M linux native
/usr hda4 1027M 1027M linux native
/var hda5 1027M 1027M linux native
/user1 hda6 5710M 5710M linux native
/user2 hda7 1882M 1882M linux native
/user3 hda8 1788M 1788M linux native12. Choose Partitions to Format, 点击 Next;
13. Lilo Configuration, 点击 Next;
14. Network Configuration, 根据要求在各项中填写正确的IP,Netmask, Hostname, Gate way 与 Primary DNS 信息,例如:
(不选DHCP)
IP: 192.168.10.207
Netmask: 255.255.255.0
Hostname: dragon.qddico.com.cn
Gate way: 192.168.10.254
Primary DNS: 192.168.10.254
15. Fire Wall Configuration, 选择 No Fire Wall, 点击 Next;
16. Language Support Selection, 选择具体语言环境;
17. Time Zone Selection, 选择“shanghai (China coast )”;
18. Account Configuration,填写所需项目,例如:
Root Password: qingdao
Confirm Password: qingdao
点击 Next;
19. Authentication Configuration, 点击 Next;
20. Selecting Package Groups, 选择:
i. Anonymous FPT Server
ii. DNS Name Server
iii. Authoring / Publishing
iv. Emacs
v. Development
vi. Kernel Deverlopment
vii. Utilities
点击 Next;
21. About to Install, 点击 Next ( 期间,程序提示更换第二张光盘 );
22. Boot Disk Creation(制作启动盘), 根据要求选择
Skip boot disk creation (跳过启动盘制作)
23. Congratulations, installation is complete,点击 Exit.
24. 取出光盘,软盘。
25. Linux 7.1安装结束。
1-2-1)
添加一个标准用户:g-dico
# /usr/sbin/groupadd –g 700 dico
# /usr/sbin/useradd –g dico –u 700 –d /home/dico g-dico
# chmod 755 /home/dico
# passwd g-dico
New UNIX password: dico1234
Retype new UNIX password:dico1234
Passwd: all authentication tokens updated successfully,添加用户及密码设定成功
1-2-2) 密码设定后将其规整:
/usr/sbin/pwconv
/usr/sbin/grpconv
# su g-dico
$ mkdir /home/dico/sysad
$ mkdir /home/dico/sysad/src
1-2-4) 建立原始目录:
# mkdir /usr/local/dico-bin
# chgrp dico /usr/local/dico-bin
# chmod 770 /usr/local/dico-bin# mkdir /usr/local/dico-sbin
# chgrp dico /usr/local/dico-sbin
# chmod 770 /usr/local/dico-sbin# mkdir /etc/named
# chown named.named /etc/named
# chmod 775 /etc/named# mkdir /var/usrlog
# chgrp daemon /var/usrlog
# chmod 775 /var/usrlog1-2-5)链接/usr/vi与/usr/bin/vi:
# ln /bin/vi /usr/bin/vi1-2-6)链接perl
# ln -s /usr/bin/perl /usr/local/bin/perl2-1) postgreSQL7.1.2
#groupadd –g 71 postgres
#useradd -d /home/postgres -g postgres -u 16 postgres
#/usr/bin/pwconv
#/usr/sbin/grpconv
#mkdir /home/postgres
#chown postgres.postgres
#mkdir /usr/local/pgsql
#chown postgres.postgres /usr/local/pgsql
# tar zxvf postgressql-7.1.2.tar.gz
# chown –R postgres.postgres postgresql-7.1.2
# cd postgressql-7.1.2
# su – postgres
$ ./configure - -enable-multibyte - - with-perl
$ make all
如果出现“all of PostgreSQL is successfully made. Ready to install.”执行,
$ make install
vi /home/postgres/.bash_profile
export PATH="$PATH":/usr/local/pgsql/bin
export POSTGRES_HOME=/usr/local/pgsql
export PGLIB=$POSTGRES_HOME/lib
export PGDATA=$POSTGRES_HOME/data
export MANPATH="$MANPATH":$POSTGRES_HOME/man
export LD_LIBRARY_PATH="$LD_LIBRARY_PATH":"$PGLIB"
$ cd /home/psotgres
$ source .bash_progfile
$ initdb 初始化数据库
重新启动设定
$su – root
#vi /etc/rc.d/rc.local 在末尾添加:
#PostgreSQL
rm /tmp/.s.PGSQL.*
su – postgres –c “/usr/local/pgsql/bin/postmaster –S -i”#sync:sync:sync:/sbin/reboot 测试postgresql:
# su – postgres
$cd /usr/local/src/postgres-7.1.2/src/test/regress
$ make all runtest
各个项目都有“ok”和“failed”的表示
如果只有几个“failed”的话没有什么问题
比如说) abstime .. failed
2-2)安装perl5
#su - postgres
$cd /usr/local/src/postgres-7.1.2/src/interface/perl5
$perl Makefile.PL
$make
$make test
$su – root
#cd /usr/local/src/postgres-7.1.2/src/interface/perl5
#make install
perl5安装完成。
3)apache install>
# cd /home/dico/sysad/src
# tar xzvf apache_1.3.19.tar.gz
# tar xvfz mod_ssl-2.8.3-1.3.19.tar.gz
# tar xzvf php-4.0.4.tar.gz
# tar xzvf php-4.0RC2_jstring-1.0.tar.gz
# tar xvfz openssl-0.9.5a.tar.gz3-1) apache_1.3.19 + mod_ssl install
openssl的安装:
# cd openssl-0.9.5a
# ./config --prefix=/usr/local/openssl --openssldir=/usr/local/openssl/conf
# make
# make test
# make install3-2)mod_ssl-2.8.3-1.3.19 动态安装的设定
# cd mod_ssl-2.8.3-1.3.19
# ./configure --with-apache=../apache_1.3.193-3)apache的安装
# cd ../apache_1.3.19
# SSL_BASE=/usr/local/openssl
# ./configure --enable-module=so --disable-rule=WANTHSREGEX --prefix=/usr/local/apache
--sysconfdir=/etc/httpd --logfiledir=/var/log/httpd --enable-shared=max --enable-module=ssl –datadir=/home/httpd
# cd src
# cp Configuration.apaci Configuration
# ./Configure
# cd ..
# make
***重要,没有TYPE=custom的话会造成密钥交换失败
# make certificate TYPE=custom
______________________________________________________________________
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Tokyo
3. Locality Name (eg, city) [Snake Town]:Chiyoda-ku
4. Organization Name (eg, company) [Snake Oil, Ltd]:Digital Cosmos, Inc.
5. Organizational Unit Name (eg, section) [Certificate Authority]:Network Solution
6. Common Name (eg, CA name) [Snake Oil CA]:ds4test.qddico.com.cn
7. Email Address (eg, name@FQDN) [[email protected]]:[email protected]
8. Certificate Validity (days) [365]:365
______________________________________________________________________STEP 3: Generating X.509 certificate for CA signed by itself [ca.crt]
Certificate Version (1 or 3) [3]:1
----------------------------------------------
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Tokyo
3. Locality Name (eg, city) [Snake Town]:Chiyoda-ku
4. Organization Name (eg, company) [Snake Oil, Ltd]:Digital Cosmos, Inc.
5. Organizational Unit Name (eg, section) [Webserver Team]:ds4test.qddico.com.cn
6. Common Name (eg, FQDN) [www.snakeoil.dom]:ds4test.qddico.com.cn
7. Email Address (eg, name@fqdn) [[email protected]]:[email protected]
8. Certificate Validity (days) [365]:365
______________________________________________________________________STEP 6: Generating X.509 certificate signed by own CA [server.crt]
Certificate Version (1 or 3) [3]:1
Encrypt the private key now? [Y/n]: y
read RSA key
writing RSA key
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:dico1234
Fine, you're using an encrypted private key.dico1234
Encrypt the private key now? [Y/n]: y
read RSA key
writing RSA key
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:dico1234
Fine, you're using an encrypted private key.dico1234
_____________________________________________________________________# make install
***测试:
#/usr/local/apache/bin/httpd –l
应该出现:
Compiled-in modules:
http_core.c
mod_so.c
suexec: disabled; invalid wrapper /usr/local/apache/bin/suexec,说明安装成功。
***启动apache_ssl
# /usr/local/apache/bin/apachectl startssl
***检验
# cat /var/log/httpd/error.log
文件内容中有
Apache/1.3.19(Unix) mod_ssl/2.8.3 openssl/0.9.5a configured -- resuming normal operations
即为成功.
# cd ..4> php-4.0.4 安装
4-1) php-4.0.4 install
# cd php-4.0.4
# ./configure --with-apxs=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/lib/php.ini
# vi /etc/httpd/httpd.conf
将其中的:
# AddType application/x-httpd-php .php
# AddType application/x-httpd-php-source .phps
修改为:
AddType application/x-httpd-php .php .php3 .php4
AddType application/x-httpd-php-source .phps
# /etc/rc.d/init.d/httpd restart
# ./configure
# make
# make install
# ln -s /usr/local/apache/bin/apachectl /etc/rc.d/init.d/httpd
# /etc/rc.d/init.d/httpd restart
# cd ..4-2> php4.0.4日文补丁安装 php-4.0RC2_jstring-1.0 install
# cd jstring/
# phpize
# ./configure --enable-jstring
# make
# make install
# cp /usr/local/lib/php/extensions/no-debug-non-zts-20001214/jstring.so /usr/local/lib/php/extensions/
# vi /usr/local/lib/php.ini
将:
extension_dir = ./
修改为:
extension_dir = /usr/local/lib/php/extensions
查找:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
; Dynamic Extensions ;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
然后在:
; needs to go here. Specify the location of the extension with the extension_dir directive above.
这一行后面另起一行添加:
extension=jstring.so后,保存退出。
# /etc/rc.d/init.d/httpd restart ------------重新启动httpd,让设定生效;
***检验:
# /usr/local/bin/php -m
显示:
Zend Engine v1.0.4, Copyright (c) 1998-2000 Zend Technologies
[PHP Modules]
jstring
xml
standard
session
posix
pcre
mysql
[Zend Modules]
表示jstring模块安装正确***做成一测试页面:
# vi /usr/local/apache/htdocs/test.php
-----------------------------
<HTML>
<TITLE>php test page</TITLE>
<BODY>
<?
phpinfo();
?>
</BODY>
</HTML>
-----------------------------
在IE打开此页面http://hostname/test.php将显示PHP安装设定的信息,说明php4安装成功
All install end5)proftp安装>
$ cd /home/dico/sysad/src
$ tar xvfz proftpd-1.2.1.tar.gz
$ cd proftpd-1.2.1
$ ./configure
$ make
$ su
# make install
5-1)设定proftpd.conf文件
# vi /usr/local/etc/proftpd.conf
修改文件内容为如下方式
=======================================================
ServerName "ProFTPD Default Installation"
DeferWelcome on
ServerType inetd
DefaultServer on
DefaultRoot ~!admin
Systemlog /var/log/proftpd.log
ExtendedLog /var/log/proftpd.log ALL
<Limit LOGIN>
AllowGroup profuser
AllowUser ftp
DenyAll
</Limit>Umask 022
MaxInstances 30
User nobody
Group nobody
<Directory /*>
AllowOverwrite on
</Directory>
<Anonymous ~ftp>
User ftp
Group ftp
RequireValidShell off
UserAlias anonymous ftp
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message
<Limit WRITE>
DenyAll
</Limit>
</Anonymous>
=======================================================
5-2) 进行proftp用户管理设定,添加一个允许组内用户ftp的组
# /usr/sbin/groupadd -g 777 profuser
5-3) ftplog设定
# cd /etc/logrotate.d/
# cp ftpd proftpd
# vi proftpd
5-4) 修改proftp ftplog控制文件为如下
====================================================
/var/log/proftpd.log {
# ftpd doesn't handle SIGHUP properly
nocompress
}
====================================================
5-5) 用proftp程序替换wu-ftp程序
# cp /usr/local/sbin/in.proftpd /usr/sbin/
# cd /etc/xinetd.d/
# mv wu-ftp proftp
# vi proftp
5-6) 将守护进程配置文件改写成如下样式
===================================================
service ftp
{
socket_type = stream
wait = no
user = root
server = /usr/sbin/in.proftpd
server_args =
log_on_success += DURATION USERID
log_on_failure += USERID
nice = 10
disable = no
}
===================================================
5-7) 启动proftp
# /etc/rc.d/init.d/xinetd stop
# /etc/rc.d/init.d/xinetd start
# vi /etc/group
在profuser:x:777: 行加入希望给予ftp权限的用户,用户名之间用,分隔。
6) daemontools-0.76 Install>
$ cd /home/dico/sysad/src
$ tar xzfv daemontools-0.76.tar.gz
$ mv admin/daemontools-0.76 ./
$ rm -fr admin
$ cd daemontools-0.76
$ su
# ./packge/install
# mkdir /var/service
# ln -s /var/service /service
/etc/rc.d/init.d/svscanctl 做成
# vi /etc/rc.d/init.d/svscanctl
----------------------------------------------------
#!/bin/sh
# Startup script for svscan
PATH=/usr/local/bin:/usr/bin:/bin
SVDIR=/service
case "$1" in
start)
echo -n "Starting svscan: "
cd $SVDIR || exit 1
csh -cf 'exec env - PATH="$PATH" svscan &
echo $! > /var/run/svscan.pid'
touch /var/lock/subsys/svscan
echo "done"
;;
stop)
echo -n "Shutting down svscan: "
if [ -f /var/run/svscan.pid ]; then
kill `cat /var/run/svscan.pid`
svc -dx $SVDIR/*
svc -dx $SVDIR/*/log
rm -f /var/run/svscan.pid
rm -f /var/lock/subsys/svscan
fi
echo "done"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
;;
esac
exit 0
----------------------------------------------------
# chmod +x /etc/rc.d/init.d/svscanctl
# ln -s /etc/rc.d/init.d/svscanctl /etc/rc.d/rc3.d/S80svscanctl
# ln -s /etc/rc.d/init.d/svscanctl /etc/rc.d/rc6.d/K30svscanctl7)cdb-0.75 install)
$ cd /home/dico/sysad/src
$ gzip -dc cdb-0.75.tar.gz | tar xvf -
$ cd /home/dico/sysad/src/cdb-0.75
$ make
# su
# cp cdbget /usr/local/bin
# cp cdbmake /usr/local/bin
# cp cdbdump /usr/local/bin
# cp cdbstats /usr/local/bin
# cp cdbtest /usr/local/bin8) tcpserver Install>
$ cd /home/dico/sysad/src
$ gzip -dc ucspi-tcp-0.88.tar.gz | tar xvf -
$ cd /home/dico/sysad/src/ucspi-tcp-0.88
$ make
$ su
# make setup check
# exit9) tcpwapper>
# vi /etc/hosts.allow
输入如下
ALL: 127.0.0.1 : ALLOW
ALL: 210.239.155.173 210.12.102.194: ALLOW
ALL: 192.168.10.0/255.255.255.0 : ALLOW
in.telnetd: 211.10.3.77 211.10.3.78 211.10.3.79 : DENY
ALL: 211.10.3.64/255.255.255.192 61.121.252.128/255.255.255.192 192.168.20.0/255.255.255.0
192.168.10.0/255.255.255.0: ALLOW
in.proftpd: ALL: ALLOW
in.telnetd: ALL: DENY
in.fingerd: 211.10.3.66: ALLOW
ALL: ALL: DENY# mkdir /home/dico/sysad/bin
# vi /home/dico/sysad/bin/tcpwrap1.sh
输入如下内容
#! /bin/sh
echo --- Service ---
echo $1
echo --- Client address ---
echo $2
echo --- Client info ---
echo $3
echo --- Client User info ---
echo $4
echo --- finger ---
/usr/sbin/safe_finger -l $510)openssh install
# cd /home/dico/sysad/src
# tar xvfz openssh-1.2.1pre22.tar.gz
# cd openssh
# cd /home/dico/sysad/src/openssh-1.2.1pre22
# ./configure --with-tcp-wrappers --sysconfdir=/etc/ssh
# make
# make install
# cp sshd.pam.generic /etc/pam.d/sshd
# vi /etc/pam.d/sshd
加入如下内容:
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth required /lib/security/pam_pwdb.so shadow nullok
# auth required /lib/security/pam_unix.so shadow nodelay nullok
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_pwdb.so
# account required /lib/security/pam_unix.so
password required /lib/security/pam_cracklib.so
password required /lib/security/pam_pwdb.so shadow nullok use_authtok
# password required /lib/security/pam_unix.so shadow nullok use_authtok
session required /lib/security/pam_pwdb.so
# session required /lib/security/pam_unix.so
session required /lib/security/pam_limits.so
# /usr/local/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
# vi /etc/services
查看是否有如下内容:
ssh 22/tcp
ssh 22/udp
# vi /etc/ssh_known_hosts
加入如下内容:
210.12.102.194
210.12.102.195
210.12.102.196
210.12.102.197
210.233.100.217
210.239.155.173
210.239.155.162
# mkdir /service/ssh
# touch /service/ssh/down
# vi /service/ssh/run加入如下内容:
#!/bin/sh
exec /usr/local/bin/tcpserver 0 ssh /usr/local/sbin/sshd –I
# chmod +x /service/ssh/run
# rm /service/ssh/down
# cd
# mkdir .ssh
# cd .ssh
# /usr/local/bin/ssh-keygen,出现如下提示:
Enter file in which to save the key (/home/dico/.ssh/identity): <-- 可直接回车
Enter passphrase (empty for no passphrase): <-- 输入密码
Enter same passphrase again: <-- 确认密码
生成identity,identitiy.pub两个文件
# cp identity.pub authorized_keys
测试:1、# ssh 本机域名
2、将identitiy.pub下载到本机,再用ssh方式+identitiy.pub登录本机域名11) qmail Install >
11-1)目录准备
$ cd /home/dico/sysad/src
$ gzip -dc qmail-1.03.tar.gz | tar xvf –
$ cd /home/dico/sysad/src/qmail-1.03
$ make setup check
11-2)安装配置
$ su
# mkdir /var/qmail
# /usr/sbin/groupadd -g 602 nofiles
# /usr/sbin/useradd -u 603 -g nofiles -d /var/qmail/alias alias
# /usr/sbin/useradd -u 604 -g nofiles -d /var/qmail qmaild
# /usr/sbin/useradd -u 605 -g nofiles -d /var/qmail qmaill
# /usr/sbin/useradd -u 606 -g nofiles -d /var/qmail qmailp
# /usr/sbin/groupadd -g 603 qmail
# /usr/sbin/useradd -u 607 -g qmail -d /var/qmail qmailq
# /usr/sbin/useradd -u 608 -g qmail -d /var/qmail qmailr
# /usr/sbin/useradd -u 609 -g qmail -d /var/qmail qmails
# ./config-fast new.qddico.com.cn # < new.qddico.com.cn 是当前主机的默认邮件域名
# ./config
-> /var/qmail/control/locals 被生成
-> /var/qmail/control/rcpthosts 被生成
# cd ~alias
# touch .qmail-postmaster .qmail-mailer-daemon .qmail-root
# chmod 644 .qmail*
# cp /var/qmail/boot/home /var/qmail/rc
# vi /etc/tcp.smtp
输入如下行内容
127.0.0.:allow,RELAYCLIENT=""
# /usr/local/bin/tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
# vi /etc/group
添加如下行
vchkpw:x:690:
#vi /etc/passwd
添加如下行
vpopmail:x:690:690::/home/vpopmail:/bin/false
# /usr/sbin/pwconv
# /usr/sbin/grpconv
11-3)安装vpopmail
11-3-1)准备目录:
# cd /home/dico/sysad/src
# gzip -dc vpopmail-4.9.tar.gz | tar xvf -
# cd vpopmail-4.9
11-3-2)安装:
# ./configure --enable-roaming-users=y --enable-logging=y
# make
# make install-strip
11-3-4)配置:
# mkdir /service/qmail
# cd /service/qmail
# touch down
# vi run
输入如下内容
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" /var/qmail/bin/qmail-start ./Maildir/ splogger qmail
# chmod +x run
# mkdir /service/smtpd
# cd /service/smtpd
# touch down
# vi run
输入如下内容:
#!/bin/sh
exec env - PATH="/var/qmail/bin:$PATH" /usr/local/bin/tcpserver -v -R -c 400 -x /etc/tcp.smtp.cdb -u 604
-g 602 0 smtp qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtp 4
# chmod +x run
# mkdir /service/pop-3
# cd /service/pop-3
# touch down
# vi run
输入如下内容
#!/bin/sh
exec /usr/local/bin/tcpserver -R 0 pop-3 /var/qmail/bin/qmail-popup new.qddico.com.cn
/home/vpopmail/bin/vchkpw /var/qmail/bin/qmail-pop3d Maildir 2>&1 | /var/qmail/bin/splogger qmail
注意点:new.qddico.com.cn要替换成当前主机的域名
# chmod +x run
# cd /etc/rc.d/rc3.d
# mv S80sendmail org.S80sendmail
# kill -9 ` ps ax | grep sendmail | awk '{print $1}'`
# chmod 0 /usr/lib/sendmail
# chmod 0 /usr/sbin/sendmail
# mv /usr/lib/sendmail /usr/lib/sendmail.bak
# mv /usr/sbin/sendmail /usr/sbin/sendmail.bak
# ln -s /var/qmail/bin/sendmail /usr/lib/sendmail
# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
# cd /var/qmail/alias
# vi .qmail-mailer-daemon
写入
sysad
# vi .qmail-root
写入
sysad
# vi .qmail-postmaster
写入
sysad
# vi .qmail-sysad
写入
[email protected]
# vi /var/qmail/control/rcpthosts
写入
localhost
dico.co.jp
qddico.com.cn
# vi /var/qmail/control/defaultdomain
写入主机名,这里写入
new.qddico.com.cn -------------------- 替换成当前主机的域名
# rm /service/qmail/down
# rm /service/smtpd/down
# rm /service/pop-3/down
# sync;sync;sync;/sbin/reboot
# crontab -e
写入如下内容
10,25,40,55 * * * * /home/vpopmail/bin/clearopensmtp12) rsync install>
$cd /home/dico/sysad/src
$ tar xvfz rsync-2.4.6.tar.gz
$ cd rsync-2.4.6
$ ./configure
$ make all
$ su
# make install
12-1) 设定rsync.conf文件
# vi /etc/rsync.conf
在其中添加如下内容
==========================================================
log file = /var/log/rsyncd.log
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
==========================================================
12-2) 设定servers文件添加rsync端口
# vi /etc/servers
添加如下两行
==========================================================
rsync 873/tcp # rsync server mirror tools
rsync 873/udp # rsync server mirror tools
==========================================================
执行如下命令将rsync守护进程加入到启动组
# echo "rsync --daemon" >> /etc/rc.d/rc.local
-----------------------------------------------------------------------
13)xntp install>
# cd /home/dico/sysad/src
# rpm -ivv xntp3-5.93-4.i386.rpm
确认:/usr/sbin 内包含 ntpdate ntpq ntptrace xntpd
-----------------------------------------------------------------
安装后设定
13-1) 设定前要做的准备
创建 /etc/ntp.conf
# vi /etc/ntp.conf
写入如下内容
===========================================================================
server 133.100.9.2 #clock.nc.fukuoka-u.ac.jp
server 203.139.30.195 #ntp.cyber-fleet.net
server 207.126.103.204 #US CA nist1.sjc.certifiedtime.com
server 216.152.68.20 #US CA tock.gpsclock.com
server 209.81.9.7 #US CA clock.via.net
#其他服务器地址参照 http://www.eecis.udel.edu/~mills/ntp/servers.htm
driftfile /etc/ntp.drift
============================================================================
13-2)设定为自动启动
# cd /etc/rc.d/rc3.d
# ln -s /etc/rc.d/init.d/xntpd S85xntpd
13-3) 修改 /etc/rc.d/init.d/xntpd
# vi /etc/rc.d/init.d/xntpd
将第31行修改为
daemon xntpd -p /var/run/xntpd.pid -A -l /var/log/ntp.log
13-4)确认正常工作:
# /etc/rc.d/init.d/xntpd start
# ps ax | grep xntpd
显示如下表示xntp服务启动
31603 ? S 0:00 xntpd -p /var/run/xntpd.pid -A -l /var/log/ntp.log
13-5) 其它设定(将系统事件写入硬件时钟)
# echo "/sbin/clock --systohc" >> /etc/rc.d/rc.local
# crontab -e
追加:0 0 * * * /sbin/clock –systohcanalog-5.03安装手顺
目录<14-1 analog>
$ cd /home/dico/sysad/src
$ tar zxvf analog-5.03.tar.gz 放入最新的analog源文件包
# su
# cd analog-5.03
确认设置和目录
本机的主机名 new.qddico.com.cn (根据主机不同而改变)
本机apache的DocumentRoot /home/httpd/htdocs/
analog的主目录 /usr/local/sbin/analog-5.03/
apache的log目录 /var/log/httpd/httpsd_access_log
analog的images目录 /home/httpd/htdocs/analogimages/
修改analhead.h
# cd /home/dico/sysad/src/analog-5.03/src/
# vi anlghead.h
#define HOSTNAME "[dns1.dico.co.jp]"
#define ANALOGDIR "/usr/local/sbin/analog-5.03/"
#define LOGFILE "/var/log/httpd/httpsd_access_log"
#define IMAGEDIR "/analogimages/"
修改anlghea2.h
# vi anlghea2.h
#define LANGUAGE (ENGLISH)
修改anlfrom.pl
# cd /home/dico/sysad/src/analog-5.03/
# vi anlgform.pl
$analog = '/usr/local/sbin/analog-5.03/analog';
修改analog.cfg
LOGFILE /var/log/httpd/httpsd_access_log
HOSTNAME "[dns1.dico.co.jp]"
UNCOMPRESS *.gz,*.Z "/usr/bin/gzip -cd"
# make clean
# make
# cd /home/dico/sysad/src/analog-5.03/images
# mkdir /home/httpd/htdocs/analogimages/
# cp *.* /home/httpd/htdocs/analogimages/
# chmod 644 /home/httpd/htdocs/analogimages/*.gif
# mkdir /usr/local/sbin/analog-5.03/
# cp analog /usr/local/sbin/analog-5.03/analog
# cp anlgform.pl /home/httpd/cgi-bin/anlgform.pl
# cp -R lang /usr/local/sbin/analog-5.03/lang
# chmod 0755 /usr/local/sbin/analog-5.03/lang
# chmod 0644 /usr/local/sbin/analog-5.03/lang/??*
# cp /usr/local/sbin/analog-5.03/lang/jpform.html /home/httpd/htdocs/anlgform.html
# chmod 644 /home/httpd/htdocs/anlgform.html
修改analog的主显示文件
# vi /home/httpd/htdocs/anlgform.html
<img src="/analogimages/analogo.gif" alt="">
<form action="/cgi-bin/anlgform.pl" method="GET">
<input type=hidden name="IMAGEDIR" value="/analogimages/">
<input type=hidden name="LOGFILE" value="/var/log/httpd/httpsd_access_log">
# cp analog.cfg /usr/local/sbin/analog-5.03
# chmod 644 /usr/local/sbin/analog-5.03/analog.cfg
修改httpsd.conf
# vi /etc/httpd/httpsd.conf
CustomLog /var/log/httpd/httpsd_access_log combined
重起apache进程
# /etc/rc.d/init.d/httpsdctl restart
-----------------------------------
<14-2 测试>
IE 浏览 url: http://new.qddico.com.cn/anlgform.html15) fml設定>
安装方法>
# ln -s /usr/bin/perl /usr/local/bin/perl
15-1) 准备用户
# groupadd fml
# useradd -g fml fml
# mkdir /usr/local/fml /var/spool/ml
15-2) 安装
$ cd /home/dico/sysad/src
装入fml-4.0-stable-20010902.tar.gz
$ tar zxvf fml-4.0-stable-20010902.tar.gz
$ cd fml-4.0-stable-20010902
$ make install
15-3) install fml
Personal,Group,Fmlserv (personal/group/fmlserv) [personal]
DOMAIN NAME [dico.co.jp] 域名
FQDN [ii101.dico.co.jp(主机名)] mail.域名
EXEC FILES DIRECTORY [/usr/local/fml] /home/dico/fml
TOP LEVEL ML DIRECTORY [/var/spool/ml] /home/dico/ml
Language (Japanease or English) [Japanease]
TimeZone (TZ: e.g. +0900, -0300) [+0900]
---Install the Fml system to / home /组/fml (y/n) [n] y
# chown -R fml.fml /usr/local/fml /var/spool/ml
15-2)安装后設定
15-2-1) 邮件列表作成
$ cd /home/dico/fml
$ ./makefml newml test
15-2-2) config.ph 編集
$ ./makefml config test
[POST]
1 把PERMIT_POST_FROM 的项目由members_only 变为 moderator
有菜单提示,选择1
然后再选择1
然后再选择3
然后不断选择0退出到提示符下
15-2-3) qmail設定
$ cd /user1/dico/ml/etc/qmail/alias
$ su root
# mv .qmail-test* /user1/dico/ii--book.com/
# cd /user1/dico/ii-book.com/
# chown -R vpopmail.vchkpw .qmail-test*
# vi .qmail-test-admin
在里面输入管理者的邮件地址
# vi .qmail-test-request
在里面输入管理者的邮件地址
# cd /user1/dico/
15-2-4) 管理人登録
# cd /home/dico/fml
# ./makefml addadmin test [email protected]
或者是
# vi /user1/dico/ii-book.com/.qmail-test-admin
加入[email protected]
15-2-5) 用户登録
# cd /home/dico/fml
# ./makefml add test [email protected](这里是你需要发的信箱)
# vi /user1/dico/ml/test/actives
加入所要的信箱
# chown -R vpopmail.vchkpw /user1/用户/ml
# ps ax | grep qmail
qmail-lspawn ./Maildir/ 检索
# kill -HUP [PID]
15-2-6) 发送邮件方法
向邮件列表送信、转发器(这次设为、[email protected])会收到邮件,内容如下:
给转发者:
有以下的请求。
如果以下的邮件是适当的并且要发到邮件列表的话,
请把以下的KEY WORD 发送到<[email protected]>。
moderator certified 2000073117495214215.866786
只把KEYWORD这行发送到[email protected],这样就可以向邮件列表发送信息了.
真是一位大好人