====== Linux pro pokrocile ======
Osnova:
Den prvni
* zakladni prace - ssh a editor vi, less, tail -f, logy, mc
* dhcp - vysvetleni na tabuli, zminka o PXE, nastaveni dhcp serveru
* samba - v zakladnim nejhloupejsim modu "share" pro domaci pouziti
* DNS - bind9 a zminka o utocich (podle sily skupiny) a dns-sec
* apache - zakladni instalace a vytvoreni virtual hosta
* FTP - vsftpd
Den druhy
* sledovani vykonu - nastroje top, vmstat, ps, pstree, collectd, swap?
* mysql - zakladni ukazka SQL, instalace, pridani uzivatelu a prav
* FTP - pure-ftpd a napojeni na sql
* postix - ten bude na dele cca 2 hodiny, zakladni server pro odesilani
* snmp - a obecne mereni switchu pres mrtg
Den treti:
* samba - vice hardcore - security - "user", acl
* firewall - zakladni nastaveni
* RAID - no raid5, no raid5, no raid5
Problem:
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
LANGUAGE = (unset),
LC_ALL = (unset),
LANG = "en_US.UTF-8"
are supported and installed on your system.
Mozna reseni:
LANG=C
nebo
apt-get install locales
vi /etc/locale.gen
A odkomentovat jen radek en_US.UTF8 a pregenerovat locales prikazem
locale-gen
====== Uvolnovani mista na disku =======
apt-get install localepurge
localepurge
V nasem temer cistem systemu bylo uvolneno 70MB.
Dalsi misto muzeme ziskat vycistenim stazenych baliku od apt
ls -al /var/cache/apt/archives/
apt-get clean
====== DHCP ======
apt-get install isc-dhcp-server
Erroru se nebojte, zadne site nemate zatim definovane.
pripojili jsme novy bridge
brctl addbr dh0
xm network-attach xen-skoleni-10 bridge=dh0
ifconfig dh0 up
PXE
nastaveni dhcp snooping+server na cisco (dopsat presny priklad)
====== Samba=====
security=share
[starlab]
comment = Starlab funny easy share folder
browsable = yes
read only = no
path = /srv/data
guest ok = yes
===== DNS =====
apt-get install bind9
file /etc/bind/named.conf.local
zone "zdenek.cz" {
file "zdenek.cz";
type master;
};
Ukazka zonoveho souboru
$ORIGIN zdenek.cz.
$TTL 12345
zdenek.cz. IN SOA haleluja. skoleni.zdenek.cz. (
0001; serial
1234; refresh
1234; retry
1234; expire
1234; minimum
)
NS ibm.zdenek.cz.
MX 10 ibm.zdenek.cz.
MX 20 ja.zdenek.cz.
ibm A 10.0.4.187
ja A 10.0.4.161
Zakazat AXFR prenos cele zony:
options {
....
// ban everyone by default
allow-transfer {"none";};
};
...
zone "example.com" in{
....
// explicity allow the slave(s) in each zone
allow-transfer {192.168.0.3;};
};
====== Apache2 ======
NameVirtualHost *:80
====== SWAP ======
dd if=/dev/zero of=/swapik bs=1M count=200
mkswap /swapik
swapon /swapik
===== SuPHP ======
====== MySQL ======
apt-get install mysql-server
====== pure-ftpd-mysql =======
apt-get install pure-ftpd-mysql
mysql> use ftp
Database changed
mysql> create table ftp (
-> name char(20),
-> pass char(20),
-> uid int,
-> gid int,
-> dir char(50)
-> );
====== Mereni a ladeni vykonu ======
vi /etc/collectd/collectd.conf
locate collection.cgi
/usr/share/doc/collectd-core/examples/collection.cgi
cp /usr/share/doc/collectd-core/examples/collection.cgi /usr/lib/cgi-bin/
===== MRTG a SNMPd =====
# sec.name source community
com2sec readonly default public
# GrupnSex.Name sec.model sec.name
group MyROGroup v1 readonly
group MyROGroup v2c readonly
group MyROGroup usm readonly
# incl/excl subtree mask
view all included .1 80
# context sec.model sec.level match read write notif
access MyROGroup "" any noauth exact all none none
cfgmaker --zero-speed=1000000000 public@127.0.0.1 >/etc/mrtg.cfg
Rucni spusteni mrtg misto /etc/cron.d/mrtg
env LANG=C /usr/bin/mrtg /etc/mrtg.cfg
===== Firewall Iptables ======
tcpdump -i eth0 -n tcp port 25
indexmaker /etc/mrtg.cfg >/var/www/mrtg/index.html
====== Bonus ======
cat nagiclick
export DISPLAY=:0.0
WID=$(xdotool search nagios)
xdotool windowactivate --sync $WID
sleep 0.5
xdotool key --window $WID F5
sleep 0.5
# next line needs tweaking when nagios changes its layout - XY coordinates of the click
xdotool mousemove --sync 50 330
sleep 0.5
xdotool click 1