Академический Документы
Профессиональный Документы
Культура Документы
conf options { # make it comment ( listen all interfaces on the server ) # listen-on port 53 { 127.0.0.1; }; # change ( if not use IPv6 ) listen-on-v6 { none; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; # query range ( set internal server and so on ) allow-query { localhost; 10.0.0.0/24; }; # transfer range ( set it if you have secondary DNS ) allow-transfer { localhost; 10.0.0.0/24; }; recursion yes; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; /* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key"; };
logging { channel default_debug { file "data/named.run"; severity dynamic; }; };
IN
255.255.255.248
Iniciar BIND
[root@dlp ~]# /etc/rc.d/init.d/named start Starting named: [ OK ] [root@dlp ~]# chkconfig named on
Chroot Environment
[root@dlp ~]# yum -y install bind-chroot [root@dlp ~]# /etc/rc.d/init.d/named restart Stopping named: [ OK ] Starting named: [ OK ] [root@dlp ~]# ll /var/named/chroot/etc
total 28 -rw-r--r-drwxr-x---rw-r-----rw-r--r--rw-r----drwxr-xr-x -rw-r----1 2 1 1 1 3 1 root root root root root root root root 331 Jul 9 11:17 localtime named 4096 Nov 11 2010 named named 1550 Jul 9 23:19 named.conf named 601 Nov 11 2010 named.iscdlv.key named 931 Jun 21 2007 named.rfc1912.zones root 4096 Jul 9 23:30 pki named 77 Jul 9 23:02 rndc.key
2010 slaves
Set CNAME
# update serial
2011071002 3600 1800 604800 86400 ) IN IN IN dlp IN NS A MX 10 A dlp.server.world. 10.0.0.30 dlp.server.world. 10.0.0.30 ;Serial ;Refresh ;Retry ;Expire ;Minimum TTL
[root@dlp ~]# rndc reload server reload successful [root@dlp ~]# dig ftp.server.world. ; <<>> DiG 9.7.0-P2-RedHat-9.7.0-5.P2.el6 <<>> ftp.server.world. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;ftp.server.world. IN A ;; ANSWER SECTION: ftp.server.world. 86400 IN CNAME dlp.server.world.
dlp.server.world. 86400 IN A 10.0.0.30 ;; AUTHORITY SECTION: server.world. 86400 IN NS dlp.server.world. ;; Query time: 0 msec ;; SERVER: 10.0.0.30#53(10.0.0.30) ;; WHEN: Sun Jul 10 23:32:48 2011 ;; MSG SIZE rcvd: 82
Instalar y Configurar DHCP [root@dlp ~]# yum -y install dhcp [root@dlp ~]# vi /etc/dhcp/dhcpd.conf # create new # specify domain name option domain-name "server.world"; # specify DNS's hostname or IP address option domain-name-servers dlp.server.world; # default lease time default-lease-time 600; # max lease time max-lease-time 7200; # this DHCP server to be declared valid authoritative; # specify network address and subnet mask subnet 10.0.0.0 netmask 255.255.255.0 {
# specify the range of lease IP address range dynamic-bootp 10.0.0.200 10.0.0.254; # specify broadcast address option broadcast-address 10.0.0.255; # specify default gateway option routers 10.0.0.1; } [root@dlp ~]# /etc/rc.d/init.d/dhcpd start Starting dhcpd: [ OK ] [root@dlp ~]# chkconfig dhcpd on
Instalar y Configurar Apache Instalar: [root@www ~]# yum -y install httpd # remove welcome page [root@www ~]# rm -f /etc/httpd/conf.d/welcome.conf # remove default error page [root@www ~]# rm -f /var/www/error/noindex.html # create a link for Perl [root@www ~]# ln -s /usr/bin/perl /usr/local/bin/perl
Configurar:
# line 76: change to ON KeepAlive On # line 262: Admin's address ServerAdmin root@server.world # line 276: change to your server's name ServerName www.server.world:80 # line 331: change (enable CGI and disable Indexes) Options FollowSymLinks ExecCGI # line 338: change AllowOverride All # line 402: add file name that it can access only with directory's name DirectoryIndex index.html index.cgi index.php # line 536: change ServerSignature Off # line 759: make it comment # AddDefaultCharset UTF-8 # line 796: uncomment and add file-type that apache looks them CGI AddHandler cgi-script .cgi .pl [root@www ~]# /etc/rc.d/init.d/httpd start Starting httpd: [ OK ] [root@www ~]# chkconfig httpd on
Instalar FTP
[root@www ~]# yum -y install vsftpd [root@www ~]# vi /etc/vsftpd/vsftpd.conf # line 12: no anonymous anonymous_enable= NO # line 80,81: uncomment ( allow ascii mode ) ascii_upload_enable=YES ascii_download_enable=YES # line 95, 96: uncomment ( enable chroot ) chroot_local_user=YES chroot_list_enable=YES # line 98: uncomment ( specify chroot list ) chroot_list_file=/etc/vsftpd/chroot_list # line 104: uncomment ls_recurse_enable=YES # add at the last line # specify root directory ( if don't specify, users' home directory become FTP home directory) local_root=public_html # use localtime use_localtime=YES [root@www ~]# vi /etc/vsftpd/chroot_list # add users you allow to move over their home directory cent [root@www ~]# /etc/rc.d/init.d/vsftpd start Starting vsftpd for vsftpd: [ OK ] [root@www ~]# chkconfig vsftpd on
[root@lan ~]# yum -y install samba [root@lan ~]# mkdir /home/share [root@lan ~]# chmod 777 /home/share [root@lan ~]# vi /etc/samba/smb.conf # near line 58: add unix charset = UTF-8 dos charset = CP932 # line 75: change (Windows' default) workgroup = WORKGROUP # line 81: uncomment and change IP address you allow hosts allow = 127. 10.0.0. # line 102: change (no auth) security = share # add at the bottom [Share] # any name you like path = /home/share # shared directory writable = yes # writable guest ok = yes # guest OK guest only = yes # guest only create mode = 0777 # fully accessed directory mode = 0777 # fully accessed
share modes = yes # warn if some people access to a file [root@lan ~]# /etc/rc.d/init.d/smb start Starting SMB services: [ OK ] [root@lan ~]# /etc/rc.d/init.d/nmb start Starting NMB services: [ OK ] [root@lan ~]# chkconfig smb on [root@lan ~]# chkconfig nmb