由 nicosoft 在 06-21-2003 20:54 发表:
实验室freebsd server 搭建手记
注意:这是我的安装手记,没有经过精心的校对,只是给有需要的兄弟一些配置系统的思路参考,如果安装过程中有问题的话,可以发信到[email protected]讨论
OS
---------------------------------------------------------
FreeBSD 4.8
DNS
---------------------------------------------------------
bind-9.2.0rc1.tar.gz
named.root
FAMP system
---------------------------------------------------------
httpd-2.0.45.tar.gz
php-4.3.0.tar.gz
mysql-3.23.53.tar.gz
systools
---------------------------------------------------------
phpMyAdmin-2.5.0-php.zip
phpSysInfo-2.1.tar.gz
mail system
---------------------------------------------------------
autorespond-2.0.0.tar.gz
autorespond.tar.gz
checkpassword-0.90.tar.gz
cmd5checkpw-0.22.tar.gz
daemontools-0.76.tar.gz
en-us.txt
ezmlm-0.53.tar.gz
ezmlm-idx-0.40.tar.gz
ezmlm-idx-0.53.400.unified_41.patch
igenus_2_20030516_snap.tgz
qmail-1.03.tar.gz
qmail-103.patch
qmail-smtpd-auth-0.30.tar.gz
sqwebmail-3.5.0-CN.tar.gz
ucspi-tcp-0.88.nobase.patch
ucspi-tcp-0.88.tar.gz
vpopmail-5.3.16.tar.gz
qmailadmin-1.0.6.tar.gz
FTP service
---------------------------------------------------------
proftpd-1.2.8.tar.tar
proftpd-mod-quotatab-1.2.4.tar.gz
openssl-0.9.6.tar.gz
install then freebsd4.8
---------------------------------------------------------
机器硬件配置
CPU Celeron 400 MHZ
RAM 128 MHZ
DISK 4GB
安装freebsd 4.8
选择安装种类kernel developer +developer
硬盘划分
/ 300m
/boot 30m
/usr 1500m
/var 1300m
/tmp 700m
swap 256M
IP-addr 202.119.209.70/24
Gateway 202.119.209.1
nameserver 202.119.209.70
安装freebsd的时候最好是跟着安装提示做,我个人认为freebsd的安装
程序不是很稳定,如果不按步就班地做,经常会出问题,尤其是fdisk
和disklabel那部分。
安装时顺便将bash,lynx,unzip安装上
bash
linux的标准shell,我觉得它比freebsd默认的tcsh友好,所以我比较喜欢使用
但是请不要将你的root的shell改成bash,因为这样可能导致root不能登陆,我只在
系统维护时使用它。
lynx
在没有图形界面时,是个不可缺少的浏览器,爱死它了 
定制内核
添加用户
pw useradd nico -g wheel
将用户加入wheel组是为了,能让用户使用su,成为root
freebsd默认的ssh策略是不让root登陆的,所以这个改动
对远程管理非常有用。
vi ~/.cshrc
添加
alias ls ls -G
alias la ls -aG
alias lf ls -FAG
alias ll ls -lAG
alias rm rm -i
alias cp cp -i
alias mv mv -i
对cp,rm,mv设置别名,添加参数-i,是为了防止误删除和覆盖文件
对ls添加-G是为了让终端能以彩色显示文件与目录
建立/tmp/software
以存放下载的软件
安装bind
---------------------------------------------------------------------------------
tar zxvf bind-9.2.0rc1.tar.gz
cd bind-9.2.0rc1
./configure \
--prefix=/usr/local/named \
make
make install
make clean
cd /usr/local/named
mkdir etc
cd etc
创建 named.conf//参考附件
/usr/local/named/sbin/rndc-confgen > /usr/local/named/etc/rndc.conf
将rndc.conf文件里的key拷贝到named.conf,实现rndc对named的管理
tail -n10 rndc.conf | head -n9 | sed -e s/#\ //g >> named.conf
mkdir /var/namedb/
将准备好的db.202.119.209 localhost.rev nsn.com.zone拷贝到/var/namedb
//文件设置参考附件
启动named
./named -gc ../etc/named.conf &
/usr/local/named/sbin/rndc status
number of zones: 5
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
server is up and running
ok!named已经成功启动并运行了
设置启动运行
ehco "/usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &" >> /etc/rc.local
因为一装好的时候我不小心运行了named
所以在用" ./named -gc ../etc/named.conf &"启动时失败
ps -ax
有两个进程,杀掉后再启动就可以了
-----------------------------------------------------------------------------
安装mysql
tar zxvf mysql-3.23.53.tar.gz
cd mysql-3.23.53
./configure --prefix=/usr/local
make && make install
make clean
pw groupadd mysql
pw useradd mysql -g mysql -d /usr/local/mysql -s /sbin/nologin
cd /usr/local/mysql
mkdir var
chown -R root:mysql .
chown -R mysql:mysql var
./bin/mysql_install_db
./bin/safe_mysqld -u mysql
./bin/mysqladmin -u root password 'mypassword'
ln -s /usr/local/mysql/bin/mysql /bin/mysql
==============================================================================
安装apache+php
-----------------------------------------------------
tar zxvf httpd-2.0.45.tar.gz
tar zxvf php-4.3.0.tar.gz
cd httpd-2.0.45
./configure \
--prefix=/usr/local/apache \
--enable-modules=max \
--enable-so \
--enable-shared=max \
make
make install
make clean
cd /tmp/software/php-4.3.0
./configure \
--with-mysql=/usr/local/mysql \
--with-apxs2=/usr/local/apache/bin/apxs \
--enable-track-vars \
--enable-force-cgi-redirect \
--enable-pic \
--enable-inline-optimitation \
--enable-memory-limit \
--enable-bcmath \
--enable-calendar \
--enable-dbx \
--enable-dio \
--enable-mcal \
--with-config-file-path=/usr/local/apache/conf
make && make install
cd /usr/local/apache/conf
cp /tmp/software/php-4.3.0/php.ini-dist ./php.ini
配置基本的服务器设置
-----------------------------------------------------
pw groupadd apache
pw useradd apache -g apache -s /sbin/nologin
建立web服务的目录
mkdir /var/wwwroot
mkdir /var/wwwroot/html
mkdir /var/wwwroot/cgi-bin
建立邮件系统的web目录
mkdir /var/mailwebroot
mkdir /var/mailwebroot/html
mkdir /var/mailwebroot/cgi-bin
vi httpd.conf
设置主机信息,修改如下:
User apache
Group apache
ServerAdmin [email protected]
ServerName www.nsn.com
DocumentRoot "/var/wwwroot/html"
设置虚拟主机,建立mail.nsn.com www.nsn.com
apachectl start
touch info.php
用phpinfo()测试一下,ok!
安装管理工具
-----------------------------------------------------
mkdir /var/wwwroot/nsn_admin_page/
安装phpsys,phpmyadmin
tar zxvf phpSysInfo-2.1.tar.gz
unzip phpMyAdmin-2.5.0-php.zip
mv phpSysInfo-2.1 /var/wwwroot/nsn_admin_page/phpsysinfo
mv phpMyAdmin-2.5.0-php /var/wwwroot/nsn_admin_page/phpmyadmin
配置管理工具的安全
-----------------------------------------------------
设置/var/wwwroot/nsn_admin_page/管理的安全认证
1<directory "="" html="" nsn_admin_page"="" var="" wwwroot="">
2
3Options Indexes
4
5AllowOverride None
6
7Order Allow,Deny
8
9Allow from all
10
11AuthType Basic
12
13AuthName "nsn administration zone!"
14
15AuthUserFile /var/wwwroot/.htUsers
16
17AuthGroupFile /var/wwwroot/.htGroups
18
19Require group administrator
20
21</directory>
cd /var/wwwroot/
touch /var/wwwroot/.htUsers
touch /var/wwwroot/.htGroups
chmod 600 .ht*
chown -R apache:apache .
/usr/local/apache/bin/htpasswd -c touch .htUsers administrator
echo "administrtor:administrator" > .htGroups
防止未经过认证的人访问目录下的文件,保护管理工具的安全
==============================================================================
添加qmail系统帐户
pw groupadd nofiles
pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent
pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent
pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent
pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent
pw groupadd qmail
pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent
pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent
pw useradd qmails -g qmail -d /var/qmail -s /nonexistent
安装qmail
tar zxvf qmail-1.03.tar.gz
patch -p0 < qmail-103.patch //DNS补丁
tar zxvf qmail-smtpd-auth-0.30.tar.gz
cd qmail-smtpd-auth-0.30 //smtp验证补丁
cp * ../qmail-1.03
patch -d ../qmail-1.03 < auth.patch
cd ../qmail-1.03
make setup check
cd /var/qmail/alias
touch .qmail-postmaster .qmail-root .qmail-mailer-daemon
chown alias:nofiles .qmail*
chmod 600 .qmail*
/var/qmail/bin/maildirmake /etc/skel/
echo ./Maildir/ > .qmail
cd /var/qmail
cp boot/home rc
vi rc
将Mailbox改成Maildir,如下
------------------------------------------
exec env - PATH="/var/qmail/bin:$PATH" \
qmail-start ./Maildir splogger qmail
-------------------------------------------
chown qmaild:qmail rc
chmod u+x rc
ln -s /var/qmail /usr/local/qmail
cd /usr/sbin
mv sendmail sendmail.bak
ln -s /var/qmail/bin/sendmail .
cd ../lib
mv sendmail sendmail.bak
ln -s /var/qmail/bin/sendmail .
安装
checkpassword-0.90.tar.gz
cmd5checkpw-0.22.tar.gz
ucspi-tcp-0.88.tar.gz
-----------------------------------------------------
tar zxvf checkpassword-0.90.tar.gz
tar zxvf cmd5checkpw-0.22.tar.gz
tar zxvf ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88
make
make setup check
cd ../checkpassword-0.90
make
make setup check
cd ../cmd5checkpw-0.22
make
make install
安装vpopmail
-----------------------------------------------------
pw groupadd vchkpw
pw useradd vpopmail -g vchkpw -s /sbin/nologin
create database vpopmail
mysql: grant all on vpopmail.* to vpopmail@localhost identified by 'yourpassword'
tar zxvf vpopmail-5.3.16.tar.gz
vi vmysql.h
填写好你的user和password
./configure \
--enable-roaming-users=y \
--enable-default-domain=nsn.com \
--enable-mysql=y \
--enable-file-sync=n \
--enable-auth-logging=y \
--enable-passwd=n \
--enable-sqwebmail-pass=y \
--enable-defaultquota=10000000 \
--enable-ip-alias-dmain=n \
--enable-incdir=/usr/local/mysql/include/mysql \
--enable-libdir=/usr/local/mysql/lib/mysql
make install-strip
cd /home/vpopmail
chmod +s bin/vchkpw
echo ":allow" >> etc/tcp.smtp
mkdir /etc/qmail
touch smtp.sh pop.sh
cp etc/tcp.smtp /etc/qmail
cd /etc/qmail/
tcprules tcp.smtp.cdb tcp.smtp <tcp.smtp
home/vpopmail/bin/vadddomain mail.nsn.com
建立[email protected]的帐户
cp qmail /sbin
qmail start
用outlook收发[email protected]的信笺,发现错误
编辑/var/qmail/rcpthosts
添加nsn.com
ok
安装sqwebmail
-----------------------------------------------------
停止qmail
qmail stop
tar zxvf sqwebmail-3.5.0-CN.tar.gz
cd sqwebmail-3.5.0
./configure \
--without-authpam --with-db=db --enable-webpass=yes --without-authpwd \
--with-authshadow --without-authmysql --with-authuserdb --with-authpwd \
--with-authvchkpw --without-authdaemon \
--enable-cgibindir=/var/mailwebroot/cgi-bin/ \
--enable-imagedir=/var/mailwebroot/html/webmail
make configure-check
make
make install-strip
make install-configure
http://mail.nsn.com/cgi-bin/sqwebmail
-----------------------------------------------------
mkdir autorespond
tar zxvf autorespond -C autorespond
gcc -Wall -o autorespond autorespond.c
cp autorespond /usr/local/sbin/
-----------------------------------------------------
mysql:
create database ezmlm
grant all