Linux pro pokrocile

Osnova: Den prvni

  • zakladni prace - ssh a editor vi, less, tail -f, logy, mc
  • dhcp - vysvetleni na tabuli, zminka o PXE, nastaveni dhcp serveru
  • samba - v zakladnim nejhloupejsim modu “share” pro domaci pouziti
  • DNS - bind9 a zminka o utocich (podle sily skupiny) a dns-sec
  • apache - zakladni instalace a vytvoreni virtual hosta
  • FTP - vsftpd

Den druhy

  • sledovani vykonu - nastroje top, vmstat, ps, pstree, collectd, swap?
  • mysql - zakladni ukazka SQL, instalace, pridani uzivatelu a prav
  • FTP - pure-ftpd a napojeni na sql
  • postix - ten bude na dele cca 2 hodiny, zakladni server pro odesilani
  • snmp - a obecne mereni switchu pres mrtg

Den treti:

  • samba - vice hardcore - security - “user”, acl
  • firewall - zakladni nastaveni
  • RAID - no raid5, no raid5, no raid5

Problem:

perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
	LANGUAGE = (unset),
	LC_ALL = (unset),
	LANG = "en_US.UTF-8"
    are supported and installed on your system.

Mozna reseni:

LANG=C
nebo
apt-get install locales
vi /etc/locale.gen

A odkomentovat jen radek en_US.UTF8 a pregenerovat locales prikazem

  locale-gen

Uvolnovani mista na disku

 apt-get install localepurge
 localepurge

V nasem temer cistem systemu bylo uvolneno 70MB.

Dalsi misto muzeme ziskat vycistenim stazenych baliku od apt

 ls -al /var/cache/apt/archives/
 apt-get clean

DHCP

 apt-get install isc-dhcp-server

Erroru se nebojte, zadne site nemate zatim definovane.

pripojili jsme novy bridge

 brctl addbr dh0
 xm network-attach xen-skoleni-10 bridge=dh0
 ifconfig dh0 up
 
 

PXE nastaveni dhcp snooping+server na cisco (dopsat presny priklad)

Samba

security=share
[starlab] 
   comment = Starlab funny easy share folder 
   browsable = yes 
   read only = no 
   path = /srv/data 
   guest ok = yes 

DNS

 apt-get install bind9

file /etc/bind/named.conf.local

zone "zdenek.cz" {
        file "zdenek.cz";
        type master;
};

Ukazka zonoveho souboru

/var/cache/bind/zdenek.cz
$ORIGIN zdenek.cz.
$TTL 12345
zdenek.cz.      IN      SOA haleluja. skoleni.zdenek.cz. (
                0001; serial
                1234; refresh
                1234; retry
                1234; expire
                1234; minimum
                )
 
                NS      ibm.zdenek.cz.
                MX      10      ibm.zdenek.cz.
                MX      20      ja.zdenek.cz.
 
ibm             A       10.0.4.187
ja              A       10.0.4.161

Zakazat AXFR prenos cele zony:

options {
   ....
   // ban everyone by default
   allow-transfer {"none";};
};
...
zone "example.com" in{
  ....
  // explicity allow the slave(s) in each zone
  allow-transfer {192.168.0.3;};
};

Apache2

/etc/apache2/ports.conf
   NameVirtualHost *:80

SWAP

dd if=/dev/zero of=/swapik bs=1M count=200
mkswap /swapik
swapon /swapik

SuPHP

MySQL

 apt-get install mysql-server

pure-ftpd-mysql

apt-get install pure-ftpd-mysql
 mysql> use ftp
Database changed
mysql> create table ftp (
    -> name char(20),
    -> pass char(20),
    -> uid int,
    -> gid int,
    -> dir char(50)
    -> );

Mereni a ladeni vykonu

vi /etc/collectd/collectd.conf 

locate collection.cgi
  /usr/share/doc/collectd-core/examples/collection.cgi
cp /usr/share/doc/collectd-core/examples/collection.cgi /usr/lib/cgi-bin/

MRTG a SNMPd

/etc/snmp/snmpd.conf
#       sec.name  source      community
com2sec readonly  default     public
 
# GrupnSex.Name   sec.model   sec.name
group MyROGroup   v1          readonly
group MyROGroup   v2c         readonly
group MyROGroup   usm         readonly
 
#           incl/excl subtree                          mask
view  all    included  .1                              80
 
#                context sec.model sec.level match  read   write  notif
access MyROGroup ""      any       noauth    exact  all    none   none

cfgmaker –zero-speed=1000000000 public@127.0.0.1 >/etc/mrtg.cfg

Rucni spusteni mrtg misto /etc/cron.d/mrtg

 env LANG=C /usr/bin/mrtg /etc/mrtg.cfg
 

Firewall Iptables

tcpdump -i eth0 -n tcp port 25

 indexmaker /etc/mrtg.cfg  >/var/www/mrtg/index.html

Bonus

 cat nagiclick 
export DISPLAY=:0.0
WID=$(xdotool search nagios)
xdotool windowactivate --sync $WID
sleep 0.5
xdotool key --window $WID F5 
sleep 0.5
# next line needs tweaking when nagios changes its layout - XY coordinates of the click
xdotool mousemove --sync 50 330
sleep 0.5
xdotool click 1
 
linux/skoleni/start.txt · Last modified: 2014/06/27 09:26 by vondra