实验室freebsd server 搭建手记

由 nicosoft 在 06-21-2003 20:54 发表:

实验室freebsd server 搭建手记

注意:这是我的安装手记,没有经过精心的校对,只是给有需要的兄弟一些配置系统的思路参考,如果安装过程中有问题的话,可以发信到[email protected]讨论

OS

---------------------------------------------------------

FreeBSD 4.8

DNS

---------------------------------------------------------

bind-9.2.0rc1.tar.gz

named.root

FAMP system

---------------------------------------------------------

httpd-2.0.45.tar.gz

php-4.3.0.tar.gz

mysql-3.23.53.tar.gz

systools

---------------------------------------------------------

phpMyAdmin-2.5.0-php.zip

phpSysInfo-2.1.tar.gz

mail system

---------------------------------------------------------

autorespond-2.0.0.tar.gz

autorespond.tar.gz

checkpassword-0.90.tar.gz

cmd5checkpw-0.22.tar.gz

daemontools-0.76.tar.gz

en-us.txt

ezmlm-0.53.tar.gz

ezmlm-idx-0.40.tar.gz

ezmlm-idx-0.53.400.unified_41.patch

igenus_2_20030516_snap.tgz

qmail-1.03.tar.gz

qmail-103.patch

qmail-smtpd-auth-0.30.tar.gz

sqwebmail-3.5.0-CN.tar.gz

ucspi-tcp-0.88.nobase.patch

ucspi-tcp-0.88.tar.gz

vpopmail-5.3.16.tar.gz

qmailadmin-1.0.6.tar.gz

FTP service

---------------------------------------------------------

proftpd-1.2.8.tar.tar

proftpd-mod-quotatab-1.2.4.tar.gz

openssl-0.9.6.tar.gz

install then freebsd4.8

---------------------------------------------------------

机器硬件配置

CPU Celeron 400 MHZ

RAM 128 MHZ

DISK 4GB

安装freebsd 4.8

选择安装种类kernel developer +developer

硬盘划分

/ 300m

/boot 30m

/usr 1500m

/var 1300m

/tmp 700m

swap 256M

IP-addr 202.119.209.70/24

Gateway 202.119.209.1

nameserver 202.119.209.70

安装freebsd的时候最好是跟着安装提示做,我个人认为freebsd的安装

程序不是很稳定,如果不按步就班地做,经常会出问题,尤其是fdisk

和disklabel那部分。

安装时顺便将bash,lynx,unzip安装上

bash

linux的标准shell,我觉得它比freebsd默认的tcsh友好,所以我比较喜欢使用

但是请不要将你的root的shell改成bash,因为这样可能导致root不能登陆,我只在

系统维护时使用它。

lynx

在没有图形界面时,是个不可缺少的浏览器,爱死它了

定制内核

添加用户

pw useradd nico -g wheel

将用户加入wheel组是为了,能让用户使用su,成为root

freebsd默认的ssh策略是不让root登陆的,所以这个改动

对远程管理非常有用。

vi ~/.cshrc

添加

alias ls ls -G

alias la ls -aG

alias lf ls -FAG

alias ll ls -lAG

alias rm rm -i

alias cp cp -i

alias mv mv -i

对cp,rm,mv设置别名,添加参数-i,是为了防止误删除和覆盖文件

对ls添加-G是为了让终端能以彩色显示文件与目录

建立/tmp/software

以存放下载的软件

安装bind

---------------------------------------------------------------------------------

tar zxvf bind-9.2.0rc1.tar.gz

cd bind-9.2.0rc1

./configure \

--prefix=/usr/local/named \

make

make install

make clean

cd /usr/local/named

mkdir etc

cd etc

创建 named.conf//参考附件

/usr/local/named/sbin/rndc-confgen > /usr/local/named/etc/rndc.conf

将rndc.conf文件里的key拷贝到named.conf,实现rndc对named的管理

tail -n10 rndc.conf | head -n9 | sed -e s/#\ //g >> named.conf

mkdir /var/namedb/

将准备好的db.202.119.209 localhost.rev nsn.com.zone拷贝到/var/namedb

//文件设置参考附件

启动named

./named -gc ../etc/named.conf &

/usr/local/named/sbin/rndc status

number of zones: 5

debug level: 0

xfers running: 0

xfers deferred: 0

soa queries in progress: 0

query logging is OFF

server is up and running

ok!named已经成功启动并运行了

设置启动运行

ehco "/usr/local/named/sbin/named -gc /usr/local/named/etc/named.conf &" >> /etc/rc.local

因为一装好的时候我不小心运行了named

所以在用" ./named -gc ../etc/named.conf &"启动时失败

ps -ax

有两个进程,杀掉后再启动就可以了

-----------------------------------------------------------------------------

安装mysql

tar zxvf mysql-3.23.53.tar.gz

cd mysql-3.23.53

./configure --prefix=/usr/local

make && make install

make clean

pw groupadd mysql

pw useradd mysql -g mysql -d /usr/local/mysql -s /sbin/nologin

cd /usr/local/mysql

mkdir var

chown -R root:mysql .

chown -R mysql:mysql var

./bin/mysql_install_db

./bin/safe_mysqld -u mysql

./bin/mysqladmin -u root password 'mypassword'

ln -s /usr/local/mysql/bin/mysql /bin/mysql

==============================================================================

安装apache+php

-----------------------------------------------------

tar zxvf httpd-2.0.45.tar.gz

tar zxvf php-4.3.0.tar.gz

cd httpd-2.0.45

./configure \

--prefix=/usr/local/apache \

--enable-modules=max \

--enable-so \

--enable-shared=max \

make

make install

make clean

cd /tmp/software/php-4.3.0

./configure \

--with-mysql=/usr/local/mysql \

--with-apxs2=/usr/local/apache/bin/apxs \

--enable-track-vars \

--enable-force-cgi-redirect \

--enable-pic \

--enable-inline-optimitation \

--enable-memory-limit \

--enable-bcmath \

--enable-calendar \

--enable-dbx \

--enable-dio \

--enable-mcal \

--with-config-file-path=/usr/local/apache/conf

make && make install

cd /usr/local/apache/conf

cp /tmp/software/php-4.3.0/php.ini-dist ./php.ini

配置基本的服务器设置

-----------------------------------------------------

pw groupadd apache

pw useradd apache -g apache -s /sbin/nologin

建立web服务的目录

mkdir /var/wwwroot

mkdir /var/wwwroot/html

mkdir /var/wwwroot/cgi-bin

建立邮件系统的web目录

mkdir /var/mailwebroot

mkdir /var/mailwebroot/html

mkdir /var/mailwebroot/cgi-bin

vi httpd.conf

设置主机信息,修改如下:

User apache

Group apache

ServerAdmin [email protected]

ServerName www.nsn.com

DocumentRoot "/var/wwwroot/html"

设置虚拟主机,建立mail.nsn.com www.nsn.com

apachectl start

touch info.php

用phpinfo()测试一下,ok!

安装管理工具

-----------------------------------------------------

mkdir /var/wwwroot/nsn_admin_page/

安装phpsys,phpmyadmin

tar zxvf phpSysInfo-2.1.tar.gz

unzip phpMyAdmin-2.5.0-php.zip

mv phpSysInfo-2.1 /var/wwwroot/nsn_admin_page/phpsysinfo

mv phpMyAdmin-2.5.0-php /var/wwwroot/nsn_admin_page/phpmyadmin

配置管理工具的安全

-----------------------------------------------------

设置/var/wwwroot/nsn_admin_page/管理的安全认证

 1<directory "="" html="" nsn_admin_page"="" var="" wwwroot="">   
 2  
 3Options Indexes   
 4  
 5AllowOverride None   
 6  
 7Order Allow,Deny   
 8  
 9Allow from all   
10  
11AuthType Basic   
12  
13AuthName "nsn administration zone!"   
14  
15AuthUserFile /var/wwwroot/.htUsers   
16  
17AuthGroupFile /var/wwwroot/.htGroups   
18  
19Require group administrator   
20  
21</directory>

cd /var/wwwroot/

touch /var/wwwroot/.htUsers

touch /var/wwwroot/.htGroups

chmod 600 .ht*

chown -R apache:apache .

/usr/local/apache/bin/htpasswd -c touch .htUsers administrator

echo "administrtor:administrator" > .htGroups

防止未经过认证的人访问目录下的文件,保护管理工具的安全

==============================================================================

添加qmail系统帐户

pw groupadd nofiles

pw useradd alias -g nofiles -d /var/qmail/alias -s /nonexistent

pw useradd qmaild -g nofiles -d /var/qmail -s /nonexistent

pw useradd qmaill -g nofiles -d /var/qmail -s /nonexistent

pw useradd qmailp -g nofiles -d /var/qmail -s /nonexistent

pw groupadd qmail

pw useradd qmailq -g qmail -d /var/qmail -s /nonexistent

pw useradd qmailr -g qmail -d /var/qmail -s /nonexistent

pw useradd qmails -g qmail -d /var/qmail -s /nonexistent

安装qmail

tar zxvf qmail-1.03.tar.gz

patch -p0 < qmail-103.patch //DNS补丁

tar zxvf qmail-smtpd-auth-0.30.tar.gz

cd qmail-smtpd-auth-0.30 //smtp验证补丁

cp * ../qmail-1.03

patch -d ../qmail-1.03 < auth.patch

cd ../qmail-1.03

make setup check

cd /var/qmail/alias

touch .qmail-postmaster .qmail-root .qmail-mailer-daemon

chown alias:nofiles .qmail*

chmod 600 .qmail*

/var/qmail/bin/maildirmake /etc/skel/

echo ./Maildir/ > .qmail

cd /var/qmail

cp boot/home rc

vi rc

将Mailbox改成Maildir,如下

------------------------------------------

exec env - PATH="/var/qmail/bin:$PATH" \

qmail-start ./Maildir splogger qmail

-------------------------------------------

chown qmaild:qmail rc

chmod u+x rc

ln -s /var/qmail /usr/local/qmail

cd /usr/sbin

mv sendmail sendmail.bak

ln -s /var/qmail/bin/sendmail .

cd ../lib

mv sendmail sendmail.bak

ln -s /var/qmail/bin/sendmail .

安装

checkpassword-0.90.tar.gz

cmd5checkpw-0.22.tar.gz

ucspi-tcp-0.88.tar.gz

-----------------------------------------------------

tar zxvf checkpassword-0.90.tar.gz

tar zxvf cmd5checkpw-0.22.tar.gz

tar zxvf ucspi-tcp-0.88.tar.gz

cd ucspi-tcp-0.88

make

make setup check

cd ../checkpassword-0.90

make

make setup check

cd ../cmd5checkpw-0.22

make

make install

安装vpopmail

-----------------------------------------------------

pw groupadd vchkpw

pw useradd vpopmail -g vchkpw -s /sbin/nologin

create database vpopmail

mysql: grant all on vpopmail.* to vpopmail@localhost identified by 'yourpassword'

tar zxvf vpopmail-5.3.16.tar.gz

vi vmysql.h

填写好你的user和password

./configure \

--enable-roaming-users=y \

--enable-default-domain=nsn.com \

--enable-mysql=y \

--enable-file-sync=n \

--enable-auth-logging=y \

--enable-passwd=n \

--enable-sqwebmail-pass=y \

--enable-defaultquota=10000000 \

--enable-ip-alias-dmain=n \

--enable-incdir=/usr/local/mysql/include/mysql \

--enable-libdir=/usr/local/mysql/lib/mysql

make install-strip

cd /home/vpopmail

chmod +s bin/vchkpw

echo ":allow" >> etc/tcp.smtp

mkdir /etc/qmail

touch smtp.sh pop.sh

cp etc/tcp.smtp /etc/qmail

cd /etc/qmail/

tcprules tcp.smtp.cdb tcp.smtp <tcp.smtp

home/vpopmail/bin/vadddomain mail.nsn.com

建立[email protected]的帐户

cp qmail /sbin

qmail start

用outlook收发[email protected]的信笺,发现错误

编辑/var/qmail/rcpthosts

添加nsn.com

ok

安装sqwebmail

-----------------------------------------------------

停止qmail

qmail stop

tar zxvf sqwebmail-3.5.0-CN.tar.gz

cd sqwebmail-3.5.0

./configure \

--without-authpam --with-db=db --enable-webpass=yes --without-authpwd \

--with-authshadow --without-authmysql --with-authuserdb --with-authpwd \

--with-authvchkpw --without-authdaemon \

--enable-cgibindir=/var/mailwebroot/cgi-bin/ \

--enable-imagedir=/var/mailwebroot/html/webmail

make configure-check

make

make install-strip

make install-configure

http://mail.nsn.com/cgi-bin/sqwebmail

-----------------------------------------------------

mkdir autorespond

tar zxvf autorespond -C autorespond

gcc -Wall -o autorespond autorespond.c

cp autorespond /usr/local/sbin/

-----------------------------------------------------

mysql:

create database ezmlm

grant all

Published At
Categories with 服务器类
Tagged with
comments powered by Disqus