Red Hat Linux - Archive RedHat
advertisement
Red Hat Linux 9
Red Hat Linux
½
Red Hat Linux 9: Red Hat Linux
‘
‘
2003 Red Hat, Inc.
ÇY
½
Red Hat, Inc.
1801 Varsity Drive
Raleigh NC 27606-2072 USA
+1 919 754 3700
888 733 4281
+1 919 754 3701
PO Box 13588
Research Triangle Park NC 27709 USA
Õ
Õ
]Õ
rhl-cg(ZH-CN)-9-Print-RHI (2003-02-20T01:08)
© 2003 Red Hat, Inc.
Open Publication License V1.0
http://www.opencontent.org/openpub/
ÇY
Ç
ýýîãó8ñÇ,Ã
Ä ÝÍcÇý{Qq
Ã!cÇýø
Ä
ÇYÄV{Òh,Ç¢q©l{ÕÁ{Çý
ø:/,ÇYÄVÿÜz,Ç¢&~[)ïÃ\ÄV÷Â*Ûø{q*¬Ý,*¬Msñ{*
¬
Red HatRed Hat dRed HatShadow ManÀ)RPMMaximum RPMRPM À)Linux
LibraryPowerToolsLinux UndercoverRHmemberRHmember MoreRough CutsRawhide 1ùÄäRed Hat
{Û)ZÀ)4Û)ÝRed Hat, Inc. ó)ZÙÇ){Õ~Û)
Linux 4Linus Torvalds {Õ~Û)
Motif ZUNIX 4The Open Group {Õ~Û)
Intel ZPentium 4Intel Corporation {Õ~Û)Itanium ZCeleron 4Intel Corporation {Û)
AMDAMD AthlonAMD Duron1ùAMD K6 4Advanced Micro Devices, Inc. {Û)
Netscape 4Netscape Communications Corporation ó)ZÙÇ){Õ~Û)
Windows 4Microsoft Corporation {Õ~Û)
SSH ZSecure Shell 4SSH Communications Security, Inc.{Û)
FireWire 4Apple Computer Corporation {Û)
ýV¥ÄZ~{ÄÙÇÛ)ZÇYþaÙpVÄ
security@redhat.com ·Ø{GPG «4Õ
CA 20 86 86 2B D6 9D FC 65 F6 EC C4 21 91 80 CD DB 42 A6 0E
ø9
ë ........................................................................................................................................................ i
1. ýV{Í# ............................................................................................................................. i
2. ©lÕ½................................................................................................................................ ii
3. u{jß ........................................................................................................................... iv
3.1. b{'b ........................................................................................................ iv
4. Õ~|Ñ................................................................................................................................ v
I. ©Gø: ............................................................................................................................................. i
1. ext3 ©Gø: ........................................................................................................................ 1
1.1. ext3 {u ............................................................................................................ 1
1.2. OÇext3 ©Gø: .......................................................................................... 1
1.3. ݦtext3 ©Gø: ............................................................................................. 2
1.4. ¤Ætext2 ©Gø: ............................................................................................. 2
2. b¦8-................................................................................................................................ 3
2.1. b¦8-4 ..................................................................................................... 3
2.2. b¦8- ......................................................................................................... 3
2.3. Íøb¦8- ......................................................................................................... 4
2.4. #Äb¦8- ......................................................................................................... 5
3. ÕÁcjïÃRAIDÄ ............................................................................................... 7
3.1. RAID 4?........................................................................................................ 7
3.2. xa&~RAID ................................................................................................... 7
3.3. mGRAID ZGRAID ........................................................................................ 7
3.4. RAID ÿ/Z"o|Ñ .......................................................................................... 8
4. \öò®ìÃLVMÄ ...................................................................................................... 11
5. ®cÑ?K .................................................................................................................. 13
5.1. IK, ........................................................................................................... 13
5.2. OIK............................................................................................................... 14
5.3. ÍøIK............................................................................................................... 16
5.4. ­cIIKLB................................................................................................ 16
6. "c{ ...................................................................................................................... 19
6.1. {c{ ....................................................................................................... 19
6.2. ®c{ ....................................................................................................... 21
6.3. ÙÇýî............................................................................................................... 23
II. ¦ã#{få ......................................................................................................................... 25
7. kickstart ã ...................................................................................................................... 27
7.1. kickstart ã4Ú ........................................................................................ 27
7.2. [qkickstart ã ........................................................................................ 27
7.3. Okickstart ©G ................................................................................................ 27
7.4. kickstart 1 ....................................................................................................... 28
7.5. GÝ ........................................................................................................... 41
7.6. ½ãlý ........................................................................................................... 42
7.7. ãlý ........................................................................................................... 43
7.8. [&kickstart ©G,ú¼~ ............................................................................. 44
7.9. Øãd ........................................................................................................... 45
7.10. )kickstart ã .............................................................................................. 46
8. Kickstart {ì ................................................................................................................ 49
8.1. äý{............................................................................................................... 49
8.2. ã0............................................................................................................... 50
8.3. ZsãñÇ 1................................................................................................ 51
8.4. IKfå............................................................................................................... 52
8.5. d{............................................................................................................... 54
8.6. èy ...................................................................................................................... 55
8.7. 3Û{ ........................................................................................................... 56
8.8. X { .................................................................................................................. 57
GÝ ........................................................................................................... 60
½ãlý ......................................................................................................... 60
ãlý ......................................................................................................... 61
â?©G............................................................................................................. 63
9. äýø:Á
...................................................................................................................... 65
9.1. D¯............................................................................................................... 65
9.2. ZsÍÇÜ* ................................................................................................... 65
9.3. Zs\~Ü*................................................................................................ 67
9.4. ZsúÜ* ................................................................................................... 67
10. GRAID { ................................................................................................................. 69
11. LVM {.......................................................................................................................... 73
III. ¦d#{{ ........................................................................................................................ 77
12. d{............................................................................................................................ 79
12.1. .................................................................................................................... 79
12.2. OÁ1ÔËz ................................................................................................. 80
12.3. OÁISDN Ëz .................................................................................................. 81
12.4. OÁ®®ìËz .......................................................................................... 83
12.5. OÁxDSL Ëz .................................................................................................. 84
12.6. OÁY)¢Ëz ................................................................................................. 86
12.7. OÁCIPE Ëz ................................................................................................... 87
12.8. OÁÃ"Ëz ..................................................................................................... 88
12.9. ®DNS ÷.................................................................................................... 89
12.10. ®Ìå........................................................................................................... 90
12.11. íÙ÷÷........................................................................................................... 91
12.12. &~{©G ................................................................................................... 92
12.13. ÷÷/Ö........................................................................................................... 93
13. äý3Û{ ................................................................................................................ 95
13.1. \ÿ/{Óä.............................................................................................. 95
13.2. GNOME Lokkit ............................................................................................... 97
13.3. íÙiptables qÖ ........................................................................................ 100
14. ;éqÖ{6¯........................................................................................................... 101
14.1. äqÿ/........................................................................................................... 101
14.2. TCP ÌwÇ .................................................................................................. 102
14.3. qÖ{Óä ................................................................................................... 102
8.9.
8.10.
8.11.
8.12.
14.4. ntsysv............................................................................................................... 104
14.5. chkconfig ...................................................................................................... 104
14.6.
........................................................................................................... 105
15. OpenSSH......................................................................................................................... 107
15.1.
SSH ............................................................................................ 107
15.2.
OpenSSH
...................................................................................... 107
15.3.
OpenSSH
.......................................................................................... 107
15.4.
........................................................................................................... 111
16.
NFS ................................................................................................... 113
16.1.
NFS ............................................................................................ 113
16.2.
NFS
........................................................................................... 113
16.3.
NFS
........................................................................................... 114
16.4.
........................................................................................................... 118
17. Samba.............................................................................................................................. 119
17.1.
Samba ........................................................................................ 119
17.2.
Samba
........................................................................................... 119
17.3.
Samba
............................................................................................... 124
17.4.
........................................................................................................... 125
18.
DHCP ........................................................................................ 127
18.1.
DHCP ............................................................................................ 127
18.2.
DHCP
........................................................................................... 127
ÙÇýî
&~ Ú
{
qÖì
{
0
ÙÇýî
d©Gø:Ã Ä
&~ Ú
ñ ©Gø:
sñ ©Gø:
ÙÇýî
&~ Ú
{
qÖì
Ëz
á0
ÙÇýî
ÄÕÌå{NFÃ Ä
&~
{
qÖì
{
0
ÙÇýî
qÖì{
äý÷
å÷
Ìå÷
qÖì÷
®ru
â?÷
ÙÇýî
\qÖì{
ë
¦\#{GÝc
yVZ\c
&~.?ØÒZyV
yV¡n
ÄØÒ
ÄÉ {yV>F
Oü{yV
AyV
6¯qÖì
ÙÇýî
{
t5ÌK
5ÌK
,KL
èy{
~få
èy
×qÇý
GQS®Ã Ä{
IV. ø:{
;Ñ6¯
¢~/,
å
¢~;ÑÇ6¯
¢~Ä;Ñ6¯
½B;Ñ
&©G,,;Ñ6¯
ÙÇa~Çé~;Ñ6¯
k
~Zk{
c~
~au
ck
kau
×q{
éÇ{:
Bøø:få
ø:Ç
?~Þ
©Gø:
mG
ÙÇýî
K\å{
ýK\å
18.3.
DHCP
............................................................................................... 131
18.4.
........................................................................................................... 132
19. Apache HTTP
.............................................................................................. 133
19.1.
........................................................................................................... 133
19.2.
........................................................................................................... 135
19.3.
................................................................................................... 140
19.4.
....................................................................................................... 143
19.5.
........................................................................................................... 144
19.6.
........................................................................................................... 145
19.7.
........................................................................................................... 145
20. Apache HTTP
...................................................................................... 147
20.1.
.................................................................................................................. 147
20.2.
................................................................................ 147
20.3.
............................................................................................... 149
20.4.
........................................................................................ 149
20.5.
........................................................................................................... 150
20.6.
........................................................................................................... 151
20.7.
CA
............................................................................. 152
20.8.
............................................................................................... 153
20.9.
........................................................................................................... 154
20.10.
..................................................................................................... 154
20.11.
......................................................................................................... 155
21. BIND
...................................................................................................................... 157
21.1.
................................................................................................... 157
21.2.
................................................................................................... 159
21.3.
....................................................................................................... 161
22.
.......................................................................................................................... 163
22.1.
........................................................................................................... 163
22.2.
.................................................................................................................. 164
22.3.
....................................................................................................... 166
23.
MTA
........................................................................................... 169
..................................................................................................................................... 171
24.
...................................................................................................................... 173
24.1.
Ctrl-Alt-Del
.............................................................................. 173
24.2.
........................................................................................ 173
24.3.
........................................................................................ 174
24.4.
....................................................................................................... 174
24.5.
.................................................................................... 174
24.6.
..................................................................... 175
24.7. floppy
.................................................................................................... 175
25.
.............................................................................................................. 177
25.1.
....................................................................................................... 177
25.2.
................................................................................................... 178
25.3.
....................................................................................................... 179
25.4.
................................................................................................... 179
25.5.
....................................................................................................... 180
25.6.
................................................................................................... 183
26.
.................................................................................................................. 185
26.1.
........................................................................................................... 185
26.2.
........................................................................................................... 187
26.3.
........................................................................................................... 188
26.4.
.................................................................................................................. 189
26.5.
........................................................................................................... 190
27.
...................................................................................................................... 193
27.1.
............................................................................................... 194
ÇIPP K\å ........................................................................................ 195
ÏÇUNIX (LPD) K\å ......................................................................... 196
Samba (SMB) K\å ............................................................................... 197
Novell NetWare (NCP) K\å ................................................................ 198
JetDirect K\å ....................................................................................... 199
K\ånRZe .................................................................................... 200
K\A ....................................................................................................... 201
?K\å ............................................................................................... 201
â?{©G ................................................................................................. 203
×q{ ..................................................................................................... 204
®K\* ................................................................................................. 205
á0K\å ..................................................................................................... 207
#¦K\ø: ................................................................................................. 210
ÙÇýî......................................................................................................... 210
28. Ä{Ö .................................................................................................................. 213
27.2.
27.3.
27.4.
27.5.
27.6.
27.7.
27.8.
27.9.
27.10.
27.11.
27.12.
27.13.
27.14.
27.15.
28.1. cron .................................................................................................................. 213
28.2. anacron............................................................................................................. 215
28.3. at batch ......................................................................................................... 216
28.4.
........................................................................................................... 218
29.
.......................................................................................................................... 219
29.1.
................................................................................................... 219
29.2.
................................................................................................... 219
29.3.
................................................................................................... 220
30.
.......................................................................................................................... 221
30.1. 2.4
................................................................................................. 221
30.2.
........................................................................................................... 221
30.3.
............................................................................................ 222
30.4.
........................................................................................................... 223
30.5.
RAM
................................................................................. 223
30.6.
............................................................................................ 223
31.
.......................................................................................................................... 227
31.1.
................................................................................................... 227
31.2.
........................................................................................................... 229
................................................................................................................................... 231
32.
RPM
................................................................................................. 233
32.1. RPM
............................................................................................. 233
32.2.
RPM.......................................................................................................... 234
32.3.
............................................................................................ 238
32.4. RPM
........................................................................... 240
32.5.
........................................................................................................... 241
33.
.............................................................................................................. 243
33.1.
....................................................................................................... 243
33.2.
....................................................................................................... 244
34. Red Hat
................................................................................................................... 247
............................................................................................................................................. 251
A.
................................................................................................................... 253
A.1.
............................................................................................................ 253
A.2.
............................................................................................................ 253
A.3.
................................................................................................ 255
A.4.
............................................................................................................ 256
B. Gnu Privacy Guard
.................................................................................................. 257
B.1.
............................................................................................................ 257
B.2.
............................................................................................................ 257
B.3.
........................................................................................................ 258
B.4.
............................................................................................. 260
Z
ÙÇýî
©G
½ ©G
©G
5©G
ÿX
Çý{X
ï÷ÿ
ñÿê{X
qÿ
Dèð) cn4
DèZsãñÇ
XÜL
XÜLÓä
ÙÇýî
V. GÝ®
&~ u®GÝ
{÷ø)
&~
5GÝ{üÖ
~ óÁLüC
ÙÇýî
GÝ®Óä
ãGÝ
ÍøGÝ
d
VI. 9
Oè½X
Oèê÷
OèX
Oè\X
ÙÇýî
{©G
´·>å
ÄØÒé
ÄPBïyV
ÂZ
sñÚØ
sÚØ
jhüÖóý°Ú
ÙÇýî
B.5.
............................................................................................................ 260
B.6.
............................................................................................................ 262
B.7.
............................................................................................. 262
B.8.
............................................................................................................ 263
................................................................................................................................................... 265
................................................................................................................................................... 275
ë
¡h&~Red Hat Linux ½
Red Hat Linux ½Ý9[½Red Hat Linux ø:uw{{få*
ýZ½IÒÁ5Ö{uÐÏ{Z½ø:ÇYýVÒ4{®. ýVÿ
Xêõ¥
Ý{1ÇÇ¢ÝiÕ
• ÷ÃNICÄ
• qkickstart ã
• {Samba á0
• &~RPM u®G
• g½ø:få
• ÿX
ýVúIÄÁÇÌ\IÕ
• ¦ã#{få
• ¦d#{{
• ø:{
• GÝ®
"½éRed Hat Linux ø:.äý{ê*õùäý1{kýîÇ
{óÁÝB8QªcÇ>kÝRed Hat Linux *Í°ÿ{©lÇ
Red Hat Linux ©Gø:Ç>kÝRed Hat Linux k
Red Hat Linux C ~ {HTML ZPDF Ç ý ó © l c Þ , 1 I t Ç Ç ¢ , 1
óhttp://www.redhat.com/docs/ 5¥It
Õ
¯lýV¦,'nê!cfåÇaÝÖRed Hat Linux qÕuÜzó·¢{©l½¶
¤uzùÝi{fåÇ¢,1óRed Hat Linux {<cÞItÇ,1ó1ÞItÕ
http://www.redhat.com/docs/manuals/linux
1.
ýV{Í#
ýVó,{äúÞ)êJVÇÝiêRed Hat Linux 9 ¥{cÕÇ1ùõúÖVF{1
ýV¥{­#ÝiÕ
"c{
‘
cêY9u:[{Z®c{
èy{
‘
cêY9u:[&~èy{Óä
ë
ii
~{
‘
ý9új0uÝi®~Zk{×qÓäÇ?%:êø:Þêc~{<
o
Samba
ý9újßuÝic{Samba qÖì{Óä
K\å{
‘
ý9c{K\å{ÓäÁGNOME K\®ì1ùÁÆÞ{V8K\åC)­
cÞU
‘
Kickstart
1.úÍcuÝiRed Hat Linux 9 ¥{c 1Kickstart {ìY9ú
ÍcuÝiJcÕ
d{
‘
ý9.!c{d®ÓäÁZÕÍc
-ZÏ{
‘
ý9.ú#tRed Hat Linux
‘
2.
kickstart
©lÕ½
óÝÖYýC~{ÇÌÕ?tìJ#&~êX3{LBZ/ûY«Bñ+4
Ý,¬{Ö~3ZÂuS,X3#1,ÒÇ¢a3¡n~Y«0*uS,{È«#
¡nÝiÕ
command
‘
×Ã1ùÙÇv*ø:{×Ç¥&~{Ä~Y«0*S,Ç5,Ò,1ó
×q¥E#Ý#l[Enter] Eué~×Ç×¥ÌÝia~«0*
+{#þ©GÖÄÇóY«<YÇÇ¢ú@×{\IÇOrÇ#ÑÌú
+×¾Õ
&~cat testfile ×uhÓ*ø9¥Çw)testfile {©G
Linux
filename
‘
©GÖø9Ö4»1ùRPM GÝÖ~Y«0*S,Ç,Òó{Red Hat Linux
ø:Þ?óøÇwYÇÖÁ{©GÝø9¾Õ
{Ìø9¥{.bashrc ©GÝi~{bash shell ½BZ/Ö
/etc/fstab ©GÝiX3ø:÷÷Z©Gø:{få
*.&~ÇyqÖì©GIÛÇ{Çãwebalizer RPM
application
‘
Y«0*5,ÒÇ4Ǫà~{a~Çæø:G#éľÕ
&~Mozilla u¨y
ë
iii
[key]
‘
EcÞ{E~Y«0*S,¾Õ
&~[Tab] EV\ÇEÇnl[Tab] E{ªàåÞÒÌ+ø9¥åD
Çn{©Gï,
[key]-[combination]
ÇâE{\~Y«0*S,¾Õ
[Ctrl]-[Alt]-[Backspace] âE\ÌRñ{CoÌDz(ÃtCo~9¶ôÝ;Ñ
GUI ÁÞ{©ý
‘
óGUI Á¶ôÝ=¥{)#ÎÝáªÌ~Y«0*+Ç~u)ÒìÇGUI ¶
ôÝGUI ¶ôÞ{ìÇãæ
'Ýã#{©ýľÕ
*.ó{¶ôâÇ*F={Ç =
'
GUI ¶ôÝ=Þ{!Þÿh\
‘
~Y«0*,+{#Î,ÒÇ Çnh\{!Þÿ*óGUI ¶ôÞâêYÇ
#Çañh\{ÙÇ\I¾Õ
óGNOME ªà{©GÇÌtcO)ü 1ÇÇãó3=¥Kõ
Çshell +
*óGUI h\Þâøï×{ÇÇ¢ÌÁ{¾¥Ä+Õ
âÁÆÞ{Ìh\=> Ç => EmacsuéÄEmacs ©ýöì
GUI ¶ôÝ=¥{<
‘
Y«0*,ÒÇ4GUI ¶ôÞ,â{<¾Õ
âR<u(Ãt¦b{
‘
computer output
‘
Y¡0*{©ý,ÒÇ4®åó×q¥+{QñE×{'aFصå1
ùÇÝlý¥5FQ{Ä*
+ÇÑ4~Y«Â*uS,{¾Õ
&~ls ×u+ø9{Õ
$ ls
Desktop
Mail
about.html
backupfiles
logs
mail
paulwesterberg.png
reports
×(Ã{QñÃóÞÁ{¾¥Ç4ø9{Ä~Y«0*u+
prompt
‘
+4®åó5,ÒÇóV{QÇÌ~Y«0*u+¾Õ
$
#
[stephen@maturin stephen]$
leopard login:
user input
‘
~E{©ýÃX4ó×q¥¤4óGUI ¶ôÞ{©ý'{QÑÌ~Y«0*u
+óÁ{¾¥Çtext ~Y«0*+Õ
²{ø:Zsä©ý{ãÇÇóboot: +Etext ×
ë
iv
ø$iÇ·¢¤&~«X3{0*u®ìJfåLfåé{ø:{­ÇÝÇÇ¢ú
)Õ" ­BeÝ´·¾Õ
Õ
#ÇLinux KILBU¦éÇrose X4ROSE ÝrOsE
" ø9/usr/share/doc Ýiê{ø:Þã{GÝ{få
­
*êDHCP {©GÇYJ#ó­éDHCP EÇbÌH
Be
X1Ê~üPuqÖ— &~Ç{~ARÇø:&~ÊARuqø:®
Ö
´·
* XqCÓIKÇqÖìãÌÍøÄãê{mcPÄìÞ{?IKø:hf
â{jâÇ>X Y«ã¡n
3.
u{jß
Red Hat Linux ½4Red Hat Red Hat Linux ~
ØùH{|ÑÄ)ñ{ËL¥
{\I±øcÓäZcÇ{qÇýÌújßuÝiYJcÓäZcÇ
3.1.
b{'b
*óRed Hat Linux ½¥êF/ÇÝVýV{OFÇ·¢iæB
t3{u<¼>5BugzillaÃhttp://bugzilla.redhat.com/bugzilla/Ä
bPrhl-cg {ç·
ó
bç·{Ç>Òh½ýV{)Õ
rhl-cg(ZH-CN)-9-Print-RHI (2003-02-20T01:08)
½Yý{)Ç·¢bh#ê3{{Çý
ë
v
*ýV{OFÇ>¦,-ûÒ*êFØÇ>ÝiÄó9ùãaÇO
$·¢,144It
4.
Õ~|Ñ
*PRed Hat Linux 9 {t*ÇýÇ>ÔÕ~1"ÜzRed Hat ú0,10I{ÃõY
C
âéo{Red Hat Linux ¬½Ç,10I\IÝ\\1ïÞ{YCÕ
• Red Hat |Ñ— ,Red Hat, Inc. {|Ñ¥Üzã¯{ÐÏ
• Red Hat d— 4Íc{GÝÇ1ùzB{ø:½{\/-<>k
Ýhttp://rhn.redhat.com
• Under the Brim: The Red Hat E-Newsletter — ÇÛ,z,Red Hat ÜR!c{cªZ¬f
å
Õ~Ç>6¯Õhttp://www.redhat.com/apps/activate/,1óRed Hat Linux ¬]{g
ºyºZ¸º{~ÞIt{¬ID
Red Hat Linux {b|Ñ{-ûýîÇ>kÝRed Hat Linux ã¥{9ÕÜR
b|Ñ
¡\3 êRed Hat Linux¼Ö3#~¼¼
Red Hat ©l
vi
ë
I.
©Gø:
©Gø:ÃFile systemÄSÑ?ó®åÞ{©GZø9©Gø:,1X3{Â*Çw)©
Gø:¡nÃfile system typesÄYJÂ*û½få4[úÑ?©GZø9ìJ©Gø:
¡nÑ?­
jâÇìJ©Gø:¡nOmcPÄì{?R¤ÝYÇ\IÿXext3b¦
KRAIDZLVM ©Gø:¡nǤÿXêparted YÇ~®IK{Óä
ø9
©Gø: ................................................................................................................................... 1
b¦8-............................................................................................................................................ 3
ÕÁcjïÃRAIDÄ ........................................................................................................... 7
\öò®ìÃLVMÄ.................................................................................................................. 11
®cÑ?K .............................................................................................................................. 13
"c{ .................................................................................................................................. 19
1. ext3
2.
3.
4.
5.
6.
1.
ext3
©Gø:
,Red Hat Linux 7.2 qÇý)Çå{©Gø:.,ext2 Â*ݦÄ~*ext3 ©Gø:
1.1. ext3
{u
Ó1Çext3 ©Gø:4ext2 ©Gø:{ÇýYJ
Øê1ÖuÕ
,~u
‘
óIäÝø:ÿdÃÁXø:åÇunclean system shutdownÄÇÇóø:
Þñê{ext2 ©Gø:&~e2fsck Çu5ÙuY4ÇiD{,ÇÇ
/4ó5Ý9LÞ©G{jL©GòÇÇÌLLYºZs-óYÏ-Ç©GòÞ
{ÄjâÑXú6¯
ext3 ©Gø:
Ø{~ç,0*?øXø:åòq$¡©Gø:5
&~ext3 ø:Çu5óìJ>D{mGHÃmcPÄìHÄ<Yb
Xø:åÇext ©Gø:{Á
-XÊâ©Gø:{LBÝ©G{jÞ½Ç
4Êâ~u{~ÃjournalÄ{LB½Êâ{mG¤ÝÇå{~
LÕƨuÁ
jâqPu
‘
ext3 ©Gø:óêXø:å
ØÍH{jâqPuext3 ©Gø:ã {jâzI{â¡nZÿ/Red Hat Linux 9 å{ext3 ©GòuâÑj⦩Gø
:çÕ{°Ýu
¤Ý
‘
¦ext3 ²jâUX'ÇÇ{ÿ®Åóõj<YB
ext2 ø:°Y4O
ext3 {~ç,0*êmcPÄì{>äÄ,1,®«~Ü*¥ u¤
ÝÇb4Y)ÌóâÑjâqPu0Á)ñJã
;4ݦ
‘
,144ÞX²­cÂ*²ext2 ݦext3 ø:Ç,ÜzH{~*©Gø
:{Öu>kÝ1.3 uÜR[qÄYÖ{Ò
*qRed Hat Linux 9 {qrãÇúI{Éø:{Linux IK{å©Gø:Ò4ext3
*,ìÇ&~ext2 IK{Red Hat Linux Çý¥ÿÇãÇÒÌã²YJIKݦ
ext3 IKÇ?%XÌ¿jâû>kÝRed Hat Linux ã{9ÿ?ø
:
1ÈÌsqext3 IK{OZ®*ext2 IKÇ?óäqRed Hat Linux 9Ç
,1!,1{IKZÂ*9ÇzÝt1.3
1.2.
OÇext3 ©Gø:
ãÇÌOÇc{ext3 ©GÇ*ÉRed Hat Linux ø:ê
Çc{cPÄìÇ,.ÉYÇcPÄìIKÇ?&~ext3 ©Gø:
Oext3 ©Gø:{Z½ÄïÕ
1. &~parted Ýfdisk uOIK
2. &~mkfs u²IKÂ*ext3 ©Gø:
2
1. ext3
©Gø:
&~e2label ÉIK)ü
Oñ
5. ²IKt/etc/fstab ©G¥
qYJZ½{fåÇ>kÝ59
3.
4.
1.3.
ݦtext3 ©Gø:
ÇêX#IKÞ{.?jâuÉ?{ext2 ©Gø:Ç~ç,*©
Gø:ó¦Ï-.úñÇ~ç,ÒÌú+©Gø:{Êø9¥{.journal ©G
*©Gø:úñÇ~ç,ÒÌú[uÇÊýÒXÌñó©Gø:¥
²ext2 ©Gø:ݦÄext3Ç~9Ê~EÕ
tune2fs
/sbin/tune2fs -j /dev/hdbX
ó1ÞץDz/dev/hdb ¦Ä÷÷ÖDzX ¦ÄIKRh
1Þ×qqÇ>h½²/etc/fstab ©G¥{ext2 ©Gø:Äext3 ©Gø:
*óݦ{Ê©Gø:ÇR&~Çinitrd n4ÃÝRAM cÄuZsO
ÇÇäqmkinitrd Ç&~mkinitrd ×{fåÇ>Eman mkinitrd¤>h½
{GRUB ÝLILO {Ìñinitrd
*¦ÄÕÇø:
ÎêZsÇX,©Gø:RÌúñext2 X4ext3
1.4.
¤Ætext2 ©Gø:
Oext3 #éuvcÇìJcÓä,¤X|ÑǾÇ,&~resize2fs u
ÀBìIKÇ×X|Ñext3óY«<YÇ,̲©Gø:ö¤ÆÄext2
¤ÆIKÇDWñIK04~9Ê~ÇlEÕ
umount /dev/hdbX
ó1ÞץDz/dev/hdb ¦Ä÷÷ÖÁDzX ¦ÄIKRhý1{+¾×RÌ&
~hdb1 uS,÷÷ZIK
ZDz©Gø:¡nÃext2Ç1Ê~üPE1×Õ
/sbin/tune2fs -O ^has_journal /dev/hdb1
1Ê~üPE1×u5IK{FØÕ
/sbin/e2fsck -y /dev/hdb1
l/,E1×u²IK­cñext2 ©Gø:Õ
mount -t ext2 /dev/hdb1 /mount/point
ó1ÞץDz/mount/point ¦ÄIK{ñ
ZÇÍøÊø9{.journal ©G04ݦtIK{ñø9¥ÇlEÕ
rm -f .journal
óÒÇext2 IKê
*{ȲIK¦Äext2Ç>ÔÍc/etc/fstab ©G
2.
b¦82.1.
b¦8-4
¥{b¦8-ÃSwap spaceÄóÔ®?ÃRAMÄúßwú&~*ø:Íõ{
?ýÍÇÔ®?.²ßwÇ?¥XÙ×{ÒÌú#tb¦8-V¯lb¦8-,1
QèÞ?{åì
ØÐÏÇb4Y«0Xaúh)4é?{RSb¦8- mcP
ÄìÞÇÇÔ®?z
b¦8-,14ÇÛ~{b¦IKÃM?{0ÄÇb¦©GÇÝÜV{\
b¦8-{LBa#h{®å?{ÜõZ32 MBYÜÇ¥vL{ÇÇb4ÇX
§,2048 MBÃ2 GBÄ
Linux
2.2.
b¦8-
ÇÌóãÍõ{b¦8-¾Ç²ø:?,64 MB ÿt128 MBÇ
b4128 MB {b¦?*q{4LÞ&~?{v*ÝäqLÞ?{Ç
Dzb¦Kt256 MB ,Ìé¼
Ü« ÕÇb¦IKÝÇb¦©GM?Çb¦IKÇX,Ç¥
õè88-,~ÇOb¦IK,ÌXL4
Çb¦IKÃ"÷/dev/hdb2 4.{b¦IKÄÕ
1. mcPÄìXóú&~ÃIKXúñÇb¦IKXúé~ÄHtYø{{!
;\04óÍÇÜ*Zs{ø:>kÝ99uÜzRø:ZsÍÇÜ*{Ò
h
+ñ©Gø:Ç !,
*PÄìXÝ9[ú&~{IKǤ,1WñYJIKÇ&~swapoff ×um
cPÄìÞ{Äb¦8-
2. &~parted Ýfdisk uOb¦IKparted fdisk &~åuÍ0"ÇO$Ç
parted óY°ÌúÒ&~parted uOb¦IKÕ
• óshell +1Ê~üPE×Õparted /dev/hdbY°{/dev/hdb 4{Q
88-{mcPÄì{÷÷ÖÁ
• ó(parted) +ÇEprint u?{IKZ88-{jÞå1MB
\ g½mcPÄìÞ{88-jÞÇ1ù.ÉcO{b¦IKI{{8-jÞ
• ó(parted) + Ç E mkpartfs part-type linux-swap start end Ç
Y°{part-type 4primaryextendedlogical ¥{ÇÇstart 4IK{å)
Çend 4IK{ª
´·
#ÌÁýÇóE>,/
•
Equit uRñparted
óÇÒ,1Ob¦IKêÇ&~mkswap ×u÷b¦IKóshell +1Ê~
üPE1×Õ
mkswap /dev/hdb2
4. Áýé~b¦IKÇE1×Õ
3.
4
2.
b¦8-
swapon /dev/hdb2
óZsé~Çö/etc/fstab ©GuÝi1qÕ
/dev/hdb2
swap
swap defaults
00
óø:'ZsÇÇÒÌé~cO{b¦IK
6. cêb¦IK?é~ÇÇ>cat /proc/swaps Ýfree ×{Qñuhâb¦
IK.úé~ê
b¦©GÕ
1. g½cb¦©G{LBÇRLBÆ11024 ug½L{LB¾ÇLB{64 MB {b¦©
G{LLB65536
2. óshell +1Ê~üPE1×ÇÙ¥{count .{LLBÕ
dd if=/dev/zero of=/swapfile bs=1024 count=65536
3. &~1×u÷b¦©GÕ
mkswap /swapfile
4. Áýé~b¦©GX4óZsÄé~Ç&~1×Õ
swapon /swapfile
5. óZsé~Çö/etc/fstab ©GuÝ91qÕ
/swapfile
swap
swap defaults
00
ø:'ZsÇÇÒÌé~cO{b¦©G
6. cêb¦IK?é~ÇÇ>cat /proc/swaps Ýfree ×{Qñuhâb¦
IK.úé~ê
5.
2.3.
Íøb¦8-
Íøb¦IKÕ
1. mcPÄìXóú&~ÃIKXúñÇb¦IKXúé~ÄHtYø{{!
;\04óÍÇÜ*Zs{ø:>kÝ99uÜzRø:ZsÍÇÜ*{Ò
h
+ñ©Gø:Ç !,
*PÄìXÝ9[ú&~{IKǤ,1WñYJIKÇ&~swapoff ×um
cPÄìÞ{Äb¦8-
2. óshell +1Ê~üPE1×uh½b¦IK.ú¢~ÃY°{/dev/hdb2 4
b¦IKÄÕ
swapoff /dev/hdb2
3. ,/etc/fstab ©G¥ÍøYÇ1ø
4. &~parted Ýfdisk uÍøIKparted óY°ÌúÒ&~parted uÍøI
KÕ
• óshell +1Ê~üPE×Õparted /dev/hdbY°{/dev/hdb 4{Q
b¦8-{mcPÄì{÷÷ÖÁ
• ó(parted) +ÇEprint u?{IK?g½.Íø{b¦IK{'R
h
• ó(parted) +ÇErm MINORÇY°{MINOR 4.Íø{IK{'Rh
2.
b¦8-
5
´·
#ÌÁýÇEth{'Rh
•
Equit uRñparted
Íøb¦©GÕ
1. óshell +1Ê~üPq1×u¢~b¦©GÃY°{/swapfile 4b¦©
GÄÕ
swapoff /swapfile
2. ,/etc/fstab ¥Íø1ø
3. Íø"©GÕ
rm /swapfile
2.4.
#Äb¦8-
²b¦8-,ìÿ#tÿÇ>D$¬Íøb¦8-{ÒÇò$¬b¦8-{Ò
6
2.
b¦8-
3.
ÕÁcjïÃRAIDÄ
3.1. RAID
4?
{äýø{4²õÇBnÍ${cPÄì\?ÄjïuHtLn"{PÄìÄÃ
Ht{uÝuYÇPÄìjïó®åÚ¥Ò3Ç\{\öÑ?\ÃÝPÄì
RAID 4«óõÇcÞI±få{0Ç&~cIÃdisk stripingÇRAID ÿ/0Ä
cº4Ãdisk mirroringÇRAID ÿ/1ÄZQÛSDè{cIÃdisk striping with parityÇRAID ÿ/5Ä¡{buHtuÇ>o-Ç?%ÃÝVÄcÖU{Q
PÇ
°,mcÿd¥Á
{Å
RAID {äýÆ®4Çjâ&~{o*úI±tjï¥{PÄìÞKtYÇø{Çj
âúI¿ÄLB{LÃLB/432K Ý64KÇ,&~X3LBÄLÑÌÊ
âÄ~{RAID ÿ/UÙ¥{ÇmcPÄìhjâúÖRÇYÇÇÒÌ',u
qÇÄÇõÇPÄìP64ÇLPÄì{"6
RAID
3.2.
xa&~RAID
3.3.
mGRAID ZGRAID
[&LÞjâþC,ù{|ÃÄ{ø:®ÊÄÑ,1,RAID b¥IC&
~RAID {ÌÆOÝiÕ
• O¤Ý
• &~ÇcÇ,Ñ?Þ
• >ècHQu{X¼k/
RAID
bÜ«ÕmGRAID ZGRAID
3.3.1.
mGRAID
3.3.2.
GRAID
ämG{ø:ÕÁÌåiu®RAID ø:Ç?%ÇóÌåÿ~ÇcuS,
RAID jï
ËztSCSI ;ì{DzRAID jï,+\ÇSCSI PÄì{÷÷Ò4ÇmGRAID {¾
Çi\{RAID ø:²ÄRAID ÿ®ÑÝ#t \cø:¥{;ì¥r
Çø:Ñ4/,ÇÊ/{SCSI ;ìËztÌåÞÇéÌåÓÇÇÒ6Ç\{c
RAID ;ì¤1{o*ñÇßhv*ø:{SCSI ;ìÇbe;ÄPÄìýü{"
/µóYJ<YDzPÄìtRAID ;ì¥ÇÒ3SCSI ;ìÄÇb4Çó
YDzǢtRAID ;ì{{°Çv*ø:ûXÌwÙ¥{K/
GRAID óXcÃL÷÷Äh¥"È¡RAID ÿ/OÇX"{c;ì
Ýyb¦c ÇGRAID Øê!Í${û0Ǥ,1~óv"({IDE c1ùSCSI
c&~{O¤CPUÇGRAID {uê§ñmGRAID
1
1.
yb¦cãXÉø:ä#ømcPÄì
8
3.
ÕÁcjïÃRAIDÄ
X{MD PÄÇ4RAID û0{ǾÇq\ÕÁmGäG{jï{
uÕÁqÖìCPU {uZñÞi
óRed Hat Linux ãÇ¥{GRAID {fåÇ>kÝ109
1 JéGRAID Õ¡lU{~ïÞêJÇ{!­{uÕ
• &~"Ç{­OÇ
• äX{{
• X­O,óLinux åì-#jï
• &~8{ø:ýÍóÑ­Ojï
• é,yb¦{PÄì{|Ñ
• éCPU {Ä51"¼~ìJCPU Õ
Linux
3.4. RAID
ÿ/Z"o|Ñ
|ÑÈ¡{ÇÝiÿ/0145Z"oYJRAID ¡n{½BÕ
ÿ/0 — RAID ÿ/0DzúÁ*IÇÇ4Á5u{IjânóbY?øú
Ujï{jâúI¿ÄÇlúUjï¥{ÙÇcÄÊÇ,ãD~{°ÝI/O u
Çb4ÇX
Øuÿ/0 jï{Ñ?ÅmGRAID ÄÄÊc{ÅÝ
GRAID ¥ÄÄÊIK{Å
ÿ/1 — RAID ÿ/1Çݺ4Çú&~{Ï[ÙÇo*{RAIDÿ/1 /,ój
ï¥{ÇÄÊcÞU#3{jâÃócÞǺ4ýÄu
Øuº
4{;\uZ°Ý{jâ,~uÇÇø
liq&~ÜÇ1Þcv*{ÿ/1 ,Ìó
ÖR&~?q6¯uÜz°¤jâQÇb4ÇÍ~{4ÕÁv*1
Ø°¤I/O QG
ÿ/1 Øêô{jâ,"uÇ?
°êÖRÖ$­{Ç{quÇb4Ç#é{D~
v° ÿ/1 jï{Ñ?ŦmGRAID ¥º4{mcÝGRAID ¥º4{IK
{û?Å#3
ÿ/4 — ÿ/4 &~ø¥t\ÇcPÄìÞ{ÛSDè uâjâÇÍ7\/Öu{I/O
X4Ln©GQÛ
{ÛSDècS,êû´¶Çÿ/4 ôèóUÃ¥?
¡{bz3{<Y&~¯lÿ/4 óìJIK0¥4«, 1øÇÇóRed Hat Linux
RAID ã¥eX4Çã{ 1 mGÿ/4 {Ñ?Å#éÄÄÊcV«Ç
{Ñ?ÅGÿ/4 {Ñ?Å#éÄÄÊIKV«Ç{Ñ?ÅÃ*Ç¢{L
B#3{Ä
ÿ/5 — Y4!Ê({RAID ¡n/,óìJÝ\\jïÄÊcPÄì¥IYÛSD
èÇRAID ÿ/5 ½êÿ/4 ¥û{U´¶{u´¶4ÛS®Ç&~S
{CPU ZGRAIDÇY«<Y/X4L¯¦ÿ/4 øÇÙ*4:éÁuÇÖ
RLL§,êUuÿ/5 ²¦UÃ¥?å&~u>Y«:éÁumGÿ/5 {
Ñ?Å#hÄÄÊcV«Ç{Ñ?ÅGRAID ÿ/5 {Ñ?Å#hÄ
ÄÊIKV«Ç{Ñ?ÅÃ*Ç¢{LB#3Ä
RAID
•
•
2
•
3
4
•
RAID ÿ/1 {S$i°ÇO²#3{fåUjï¥{ÄcÇYDêPÄì8-Ç
*÷ÁêRAID ÿ/1ÇO{ÊIKÃ/Ä?óÜÇ40G {PÄìÞǯlá80G 8-Çe
6¯Ù¥{40GÇOi{40G Ò340G {º4ø
3. ÛSDè{få4äjï¥{ÙÇcÄÊ{u®{hjï¥{ìÇcÞ{jâHÇ
YfåÒÌú~u­OjâlÇó¦HcÇú­O{jâ,1~uw½cÞ{I/O >
FÖó¦HcÇÇ,1~uóccÞ­Ojâ
4. RAID ÿ/4 ¦ÿ/5 Ä38-#3Çb4ÿ/5 eÿ/4YÇÆOÇÿ/4 Xú|Ñ
2.
3.
•
ÕÁcjïÃRAIDÄ
9
"oRAID — "oRAID 4«;\{PÄìà1"OÇvL{PÄìó"
oRAID ¥ÇKL,ÇÄÊPÄìtÇÄÊPÄìú'I{ÇóÇPÄìúq
\ßÇbÝtÇPÄìY«à
Ø[u0Á{¼CÇOI/O v*XÔ,
óÄÊPÄì-úI"oRAID
Ø[uÇ/"ÞÇÇ\ê,"u—
*[ÇÄÊPÄìHêÇrÇjïÑXú&~Ç{Ñ?Å4ÄÄÊc{Z
10
3.
ÕÁcjïÃRAIDÄ
4.
\öò®ìÃLVMÄ
,Red Hat Linux 8.0 )Ç\öò®ìÃLVMÄ,1ómcPÄìI{Þ&~
LVM 4«²mcPÄì8-I{Ä\öò{0ÇYømcÒX&~IKú;4­L
B
&~LVMÇmcPÄìÝmcPÄìø\ÒÌI{ÉÇÝõÇÔ®òÃphysical volumesÄÔ
®òÃJÖÇ1ÞPÄì
Ô®òú\?Ä\öòÃlogical volume groupÄÇ{¾i4/boot IK/boot IKX
\öòÇOZsãñÇÃÖRÇ*.²/ IK8ó\öòÞÇOÇ
I{/boot IKÇÇXaò{\I
Ô®òÃJÖÇ1ÞPÄìÇ*.t\öòJÖÇ1ÞPÄìÇÒaóPÄ
ìÞOÇÝõÇÔ®ò
C4-1. \öò
\öòúIÄ\öòÃlogical volumesÄÇÇ¢úI{êñÃ/home Z/ÄÇ1ù©Gø
:¡nÃext3ÄhIKHtêÇ¢{ô!Ç\öò¥{88-Ò,1úÉ\öò
uIK{LBhìÇc{mcPÄìútø:ÞÇÇ,1út\öò¥Ç\öò
4,1j0{IK
C4-2. \öò
12
4.
\öò®ìÃLVMÄ
0ÁÇ*ø:&~ext3 ©Gø:uIKÇmcPÄìRúIÅĽLB{IK*ìI
KúwÇj0IK{LB?X 4ý"ìIKú#tÇmcPÄìÞÇÆu{m
cPÄì8-zú­cI{X3{IKÝXú&~
LVM |ÑúHXå{Red Hat Linux 9 X¥.HêLVM |Ñ
êóRed Hat Linux ã,Ç¥{LVM {-<Ç>kÝ119
5.
®cÑ?K
óãêRed Hat Linux ø:Ç,.?{IK,Ç#IK{LBÇÍøIKÇÝ
,88-Ý{mcPÄìÞIKparted ÓäÌãqYJÖý9ÿX[
&~parted ×uq©Gø:Ö$iǤ,1&~fdisk uqõj$¡ÖÃø­c
IIK1iÄÜzfdisk {ÍõfåÇ>ÝÖÙÒVÃmanÄÝfåÃinfoÄ
*.Ý)@ø:{c8-~ÞÇ>k26.3
ãêparted GÝb&~parted ÓäéÄpartedÇóshell +1Ê~
üPE×parted /dev/hdbÇY°{/dev/hdb 4.{{÷÷ÖÁÌt
Ç(parted) +Ehelp u,~×{ï,
*.OÍøIKÝ­cIIKLBÇIKÄó÷÷Xtóú&~ÃIKXú
ñÇ?%b¦8-Xúé~ÄHtYÇø{{!;\04óÍÇÜ*¥Zsø:>k
99uÜzZstÍÇÜ*{Òh
+ñ©Gø:Ç !,
*PÄìXÝ9[tóú&~{IKÇ,1&~umount ×uWñIKÇ&~swapoff ×
umcPÄìÞ{b¦8-
,5-1Ý9ï!~{parted ×±{9-û:êÙ¥{\I
×
check minor-num
cp from to
help
mklabel label
mkfs minor-num file-system-type
mkpart part-type fs-type start-mb
end-mb
mkpartfs part-type fs-type start-mb
end-mb
move minor-num start-mb end-mb
print
quit
resize minor-num start-mb end-mb
rm minor-num
select device
set minor-num flag state
,5-1. parted ×
Ãc
q©Gø:{;\5
²©Gø:,ÇIK
tÇI
KÖfrom Zto 4IK{'Rh
+,~{×ï,
IK,Oc)ü
O¡nfile-system-type {©Gø:
XOc©Gø:*IK
*IK?O½{©Gø:
#ÄIK
+IK,
Quit parted
­cIIKLBÇ,start-mb tend-mb
ÍøIK
Ç÷÷u{
óIKÞ÷)Östate 4onÇ
4off
14
5.
5.1.
®cÑ?K
IK,
éÄêparted ÇE1×uIK,Õ
print
A table similar to the following will appear:
Disk geometry for /dev/hda: 0.000-9765.492 megabytes
Disk label type: msdos
Minor Start
End Type Filesystem Flags
1
0.031 101.975 primary ext3
boot
2
101.975 611.850 primary linux-swap
3
611.851 760.891 primary ext3
4
760.891 9758.232 extended
lba
5
760.922 9758.232 logical ext3
q+êc{LBÖq+êc)ü¡nÖ{Qñ+êIK
, ó I K , ¥ ÇMinorà ' Ä ) ü 4 I K R h ¾ Ç ' R h 1 { I K
Z/dev/hda1 # é Startà ) Ä ZEndà e Ä 1MB \ Typeà ¡ n Ä
4primaryextendedlogical ¥ { Ç Filesystemà © G ø : Ä 4 © G ø : { ¡ n Ç
Ç , 1 4ext2ext3FAThfsjfslinux-swapntfsreiserfshp-ufssun-ufs
Ýxfs Flagsà ) Ä ï ï ñ ê I K ú ÷ { ) ï , ~ { )
Õbootrootswaphiddenraidlvm Ýlba
" X­céÄparted u X3{÷÷Ç&~select ×ÇòË÷÷ÖÇ/dev/hdblÇ",
1Ý{Ç{IK,
5.2.
OIK
´·
XACótóú&~{÷÷ÞOIK
óOIKÇZsÍÇÜ*ÃÝWñ÷÷Þ{ÄIK?÷÷Þ{b¦8-Ä
éÄpartedÇ/dev/hda 4óÙ¥OIK{÷÷Õ
parted /dev/hda
h{IK,ug½÷÷Þ4dê{88-
print
*88-XêÇ,1­cI?IK{LB-<>kÝ5.4
5.
®cÑ?K
5.2.1.
15
*IK
ÊâIK,uû½cIK{åZIK¡nÇ÷÷ÞÇÌIKÃÃj0IKÄ
*.Ç1ÞIKÇ,1®ÇÌIKÇÇj0IKÇój0IK,1õÇ\öI
KcIK{cÇ>kÝRed Hat Linux ã¥{9An Introduction to Disk
Partitions
¾ÇóìÇmcPÄìÞ,1024 MB t2048 MB -OÇ©Gø:ext2 {ÌIKÇE
1×Õ
mkpart primary ext3 1024 2048
" *&~mkpartfs ×ÇIKO©Gø:ÌúOlÇparted X|ÑOext3 ©Gø:
O$Ç*.OÇext3 ©Gø:Ç>&~mkpartÇl&~ãÌÒ{mkfs ×uO©Gø
:mkpartfs ,1ólinux-swap ©Gø:¡nÞ&~
[Enter]EÇ#ÒÌÇO$óq>5×
OêIKÇ&~print ×uhÄOIKóIK,¥Ç?ä÷th{IK¡n©Gø:¡
nZLB¤ÔcIK{'RhÇYøb,1ÉÇÕ1)üa
cat /proc/partitions
{Qñuh½Xê#/YÇcIK
5.2.2.
Â*IK
IKó¤©Gø:~Á{×uO©Gø:Õ
/sbin/mkfs -t ext3 /dev/hdb3
´·
Â*IKÌ{È» ø?óIKÞ{[jâ
5.2.3.
ÉIKÕÒ)ü
ZÇÉIKÕÒ)ü¾Ç*cIK4/dev/hda3Ç.²Ç)/workÕ
e2label /dev/hda3 /work
ãÇå&~IK{ñ*IK{)üuh½)ü{Õu,1&~
[.~{)ü
Red Hat Linux
16
5.
5.2.4.
®cÑ?K
Oñ
1Ê~üPOñÕ
mkdir /work
5.2.5.
t/etc/fstab
1Ê~üPö/etc/fstab ©GuÝicIKc{Yqa¡Õ
LABEL=/work
/work
ext3
defaults
12
ïaÝ9LABEL=Çl˱ÉIKÕÒ{)üïaÝ9cIK{ñÇ
ïa4©Gø:¡nÃext3 ÝswapÄ*.êÍõÂ*{fåÇ>ÝÖman
fstab {ÒVÃmanÄ
*ï4defaults YÇ#ÇIKÒÌóZsúñX­cZsñIKÇ1Ê~
üPE1×Õ
mount /work
5.3.
ÍøIK
´·
XACÍøtóú&~{÷÷Þ{IK
óÍøIKÇZsÍÇÜ*ÃÝWñ÷÷Þ{ÄIKÇ÷÷Þ{b¦8-Ä
éÄpartedÇY°{/dev/hda 4óÙ¥ÍøIK{÷÷Õ
parted /dev/hda
h{IK,ug½Íø{IK{'RhÕ
print
&~rm uÍøIK¾ÇÍø'Rh3 {IKÕ
rm 3
[Enter]EÇ#ÒÌÇO$óq>5×
ÍøêIKÇ&~print ×uhIKóIK,¥.úÍø¤a
cat /proc/partitions
{Qñuh½XwIK.úÍø
!Z4²Ç,/etc/fstab ©G¥ÍøItZ.úÍø{IK#a{qÇl,©G¥Íø
Ç
5.
®cÑ?K
5.4.
17
­cIIKLB
´·
XAC­cItóú&~{÷÷Þ{IK{LB
ó­cIIKLBÇZsÍÇÜ*ÃÝWñ÷÷Þ{ÄIK?÷÷Þ{b¦8-Ä
éÄpartedÇ/dev/hda 4óÙ¥­cIIKLB{÷÷Õ
parted /dev/hda
h{IK,ug½­LB{IK{'Rh1ùÇ{åÕ
print
´·
­LB{IKÞ.~{8-LcO{LB
­cIIKLBÇ&~resize ×Çl˱IK{'RhÇ1MB \ {å)Zª
¾Õ
resize 3 1024 2048
IKú­cIêLBÇ&~print ×uhIK.úth­cIêLBÇ?%ä÷th
{IK¡nZ©Gø:¡n
ótÜ*­cZsêø:Ç&~df ×uh½IK.úñÇ?%Ç¢{cLB.ú#
/
18
5.
®cÑ?K
6.
"c{
øê)@ø:Þ&~{c8-Ã>kÝ26.3.1 ÄǤ,1/,"c{u!c8
-ÇO$h~&~ê,õ{c8-ÝIKRßwÇø:®ÊÒÌzt´·
c{,1Ç~{,1~{Y«ÙuêÉÇ~I{ÇvB{
{uÿ®Ç|©GÃ
GZç·ÄÇãêÆ¢t,/{1øêpvL{{
Ã"½1ø{kÄ
ø$1iÇ{Xêú÷ÄéÄ~cLjÞ{;Ǥêú÷ÄéjÞ{;
Ý9©G#{fåÇé{;ê;,úO{©GjÞ
"c{Çquota RPM óø:ÞúããRPM GÝ{-<Ç>kÝV \
I
6.1.
{c{
"c{Ç>&~1Z½Õ
1. /etc/fstabué~Ç©Gø:{{
2. ­cñ©Gø:
3. O{©GÇ­cÄc~Þ,
4. I{{
1ÞZ½óÁÈ¥ú-ûÿX
6.1.1.
é~{
1Ê~üP&~õ¡{öìuÉ{{©Gø:usrquota ZÃÝÄgrpquota 1Õ
LABEL=/
/
ext3 defaults
11
LABEL=/boot
/boot
ext3 defaults
12
none
/dev/pts
devpts gid=5,mode=620 0 0
LABEL=/home
/home
ext3 defaults,usrquota,grpquota 1 2
none
/proc
proc defaults
00
none
/dev/shm
tmpfs defaults
00
/dev/hda2
swap
swap defaults
00
/dev/cdrom
/mnt/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0
/dev/fd0
/mnt/floppy auto noauto,owner,kudzu 0 0
óÞÁ{¾¥Ç/home ©Gø:Þé~ê~Zk{
6.1.2.
­cñ©Gø:
êuserquota Zgrpquota 1Ç­cñÇ#afstab øú{©Gø:*
ì©Gø:ú[Ç&~Ç&~umount ×òËømount ×u­cñYÇ©Gø
:*ì©Gø:tóú&~Ç­cñ©Gø:{!;04­cZsø:
20
6.
6.1.3.
"c{
O{©G
­cñêÇé~ê{{©Gø:Çø:óÒê&~c{êX,Ç©Gø:ýü
ß%X|Ñ{Z4äqquotacheck ×
quotacheck ×5é~ê{{©Gø:Ç?Ç©Gø:OÁÇhc~u{,
,Ìú~uÍcv*ø:{c~Þ©G$iÇ©Gø:{c{©GúÍc
ó©Gø:ÞO{©GÃaquota.user Zaquota.groupÄÇ&~quotacheck ×{-c
1¾Ç*~Zk{Ñ/home IKé~êÇó/home ø9OYJ©GÕ
quotacheck -acug /home
1?øó/etc/mtab ¥Äñê{:NFS ©Gø:ÑÌú5uû½4dé~ê{
-c 1½Çé~ê{{©Gø:ÑaO{©GÇ-u 1½5~{Ç-g
1½5k{
*-u Ý-g 1ú½Ç~{©GúO*½ê-g 1Çk{©G
ÌúO
©GúOÇäq1×uÄÇé~ê{{©Gø:{hc~Þ,Õ
-a
quotacheck -avug
Ä~ 1Õ
• a — 5Äé~ê{{óýñ{©Gø:
• v — ó5{,Ç¥+-û{çÕfå
• u — 5~c{få
• g — 5kc{få
quotacheck äqqÇZé~{Ã~Z/ÝkÄ#a{{©G¥ÒÌU~Çé
~ê{{©Gø:Ã/homeÄ{jâ
6.1.4.
~I{{
!Z4&~edquota ×I{c{
~{{Ç1Ê~üPóshell +q1×Õ
edquota username
Ç . " { { ~ q Z ½ ¾ Ç * ó/etc/fstab ¥ /home I K
Ã/dev/hda3Äé~ê{Çqêedquota testuser ×Çø:å{öì¥ÒÌ
+Õ
Disk quotas for user testuser (uid 501):
Filesystem
blocks
soft
hard inodes
/dev/hda3
440436
0
0 37418
0
soft
0
hard
Õ
&~EDITOR ¢¸#ÞĽB{©ýöì#YÇöìDzEDITOR ¢¸#Þ÷t
¥{öì{qr4»
edquota
6.
"c{
21
ï4é~ê{{©Gø:{ÖÁï+ê~h&~{Lj±{Üï~u÷
~ó©Gø:Þ{mL!Ýinodes ï+ê~h&~{jÞ!Üï~u
÷~ó©Gø:Þ{m!Ý
m!4~Ýk,1&~{c8-{ýé!LHtê!ÝÇc8-ÒXòú~
Ýk&~ê
!½B,ú&~{!Lc8-ÞZm!X3{4Ç!,1óãÏú§,YãÏ
úÁ,ÞÏÃgrace periodÄ,ÞÏ,1~ƨI¨Bj±jÝÛj,+
*1Þ¥{[Çú÷0Ç Ç!ÝÒXÌú÷ó©ýöì¥Ç#.{!
ÝÕ,
Disk quotas for user testuser (uid 501):
Filesystem
blocks
soft
hard inodes soft
/dev/hda3
440436 500000 550000 37418
0
hard
0
Dè~{{4dú÷Ç&~1×Õ
quota testuser
6.1.5.
kI{{
{¤,1ÊâkuI{¾Çdevel k÷k{Ç&~1×Ãó÷k{
Çk?óÄÕ
edquota -g devel
1Þ×ó©ýöì¥+?{k{Õ
Disk quotas for group devel (gid 505):
Filesystem
blocks
soft
hard inodes
/dev/hda3
440400
0
0 37418
0
soft
0
hard
!ÝÇâ?©GÇl{{
Dèk{4dú÷Ç&~1×Õ
quota -g devel
6.1.6.
©Gø:I{{
ÊâÇé~êk{©Gø:uI{{Ç&~1×Õ
edquota -t
ZÇedquota ×#ÇYÇ×Ìó©ýöì¥Kh{©Gø:{Õ
Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
Filesystem
Block grace period Inode grace period
/dev/hda3
7days
7days
#L,ÞÏÝ,ÞÏÇâ?é©G{#ÇlRñ©ýöì
22
6.2.
6.
"c{
®c{
*{ú"ÇÇ¢Òú— Ì0*4
{4dú§ñ?hâ{{
thuhlÇ*~B'§ñÆ¢{{ÝVÑHtÆ¢{!Çø:®ÊÒ,1Êâ
~¡nZc8-éÆ¢Ó*{k/u)ñ«û|®Ê,1ÐÏ~u5Âéc8-{
&~Ç,1~{{
6.2.1.
ç·c{
Oc~Þç·äqrepquota Óä¾Çrepquota /home ×ÌÄ1QñÕ
*** Report for user quotas on device /dev/hda3
Block grace time: 7days; Inode grace time: 7days
Block limits
File limits
User
used soft hard grace used soft hard grace
---------------------------------------------------------------------root -36
0
0
4 0 0
tfox -- 540
0
0
125 0 0
testuser -- 440400 500000 550000
37418 0 0
Äé~ê{{©Gø:{c~ÞÇ&~1×Õ
repquota -a
YPç·¯låui;\Ç
)Ò+óÇ~Á{-- 4«gä~
4d§ñÙL!ÝÝ!Ý{O¤0*[Ç!ú§ñÇ#a{- qÒÌú- S
ÖÇ- S,L!ÝÇÇS,!Ý
grace ï/48¸*ìÇ!ú§ñÇYïÒÌÝ9,ÞÏ¥{-*,ÞÏ.
§,êÇÙ¥ÒÌ+none
6.2.2.
âÑ{{thu
hì©Gø:úqrWñÃÇø:ÿdÄÇYÒäqquotacheckX,Çý
"ø:ÿdÇquotacheck ,1ú½Ï²äq½Ïäq1×uâÑ{{thu
ÃÄ~ 1ó6.1.1 ¥úÃcÄÕ
quotacheck -avug
½ÏäqÇ{!;\04&~cron1Ê~üPÇ,1&~crontab -e ×u®Ý
½Ï{quotacheckÇ,1ó1ø98Çäqquotacheck {lýÃ&~!
{-ÅÏ-ÄÕ
• /etc/cron.hourly
• /etc/cron.daily
• /etc/cron.weekly
• /etc/cron.monthly
!°h{{:jâ,1óÄIÛ{©Gø:úÙ×&~ÜzO$Çcron Öaó
©Gø:ú!è&~®Ý*Y-ó&~{{©Gø:¥?X:Ç&~õÇcron
ÖóX3{-Ç©Gø:äqquotacheck
>k289uÜR{cron {-<
6.
"c{
6.2.3.
23
é~Z¢~
,1X²{÷0 u¢~Ç¢~Zk{Ç&~1×Õ
quotaoff -vaug
*-u Ý-g 1ú½Ç~{ú¢~*½ê-g 1Çk{Ìú
¢~
­cé~{Ç&~Q3ø 1{quotaon ×
¾ÇÄ©Gø:é~~Zk{Õ
quotaon -vaug
½©Gø:Ã/homeÄé~{Õ
quotaon -vug /home
*-u Ý-g 1½Ç ~{Ìúé~*½ê-g 1Çk{Ìú
é~
6.3.
ÙÇýî
c{{ÍõfåÇ>k1ýî
6.3.1.
ãê{©l
• quotacheck
6.3.2.
•
edquotarepquotaquotaquotaon quotaoff {ÒVÃmanÄ
#V÷
Red Hat Linux ø:®é¤C~ — óhttp://www.redhat.com/docs ù©lcÞ,1I
tC~Ý9cRed Hat Linux ø:®Ê
Ø{Ñ?®ÃÝ9c{Ä{òµf
å
24
6.
"c{
II.
¦ã#{få
Red Hat Linux ãÿXêRed Hat Linux {ãZJäý{ãùF\ølÇ°
ÿã 1eóýV¥úÿXYÇ\I
ØêékickstartëÄãbÄ{Òø:
Á
Ü*Ãótäqÿ/¥ÃZs[Zsø:Ä[óã¥{RAID1ù[
óã¥{LVMÝÖRed Hat Linux ã{3kLYÇ\Iuq1Þ
ù{°ÿ
ãÖ
ø9
ã
{ì
äýø:Á
G {
{
7. kickstart
................................................................................................................................. 27
8. Kickstart
............................................................................................................................ 49
9.
.................................................................................................................................. 65
10.
RAID
............................................................................................................................ 69
11. LVM
..................................................................................................................................... 73
7.
kickstart
7.1. kickstart
ã
ã4Ú
õø:®ÊÍ65&~Ä{ã0uóÆ¢{åìÞãRed Hat LinuxwY
«ÇRed Hat êkickstart ã0&~kickstart Çø:®Ê,1O\Ç©GÇ©
GÝiénRed Hat Linux ã¥Ä®¯{¯{ÃI
kickstart ©G,1úâó\ÇqÖìø:ÞÇ?,1úÇ®åóã,Ç¥ÖRY«ã
0ê|Ñ&~\Çkickstart ©GuóõÑåìÞãRed Hat LinuxÇ,ÄdZø:
®Ê{®. kickstart tÄL\IRed Hat Linux {ãÖ
7.2.
[qkickstart ã
ã,1&~ýcýmcPÄìÝ/,NFSFTPHTTP uq
&~kickstart ÇÕ
1. OÇkickstart ©G
2. OÇQkickstart ©G{ZscÇÝódÞ
Ø©G
3. ê÷ãd
4. )kickstart ã
ý9-û:êYJZ½
kickstart
7.3.
Okickstart ©G
©G4Ç;\{©ý©GÇÝ9Ç1øï,ÇÇ1øÑ~E)Ò,1/,
ø9°{sample.ks ©GÇ&~kickstart {ìuO
ö
©lc¥
ÇÖÝ,>U
ãǤÊâóã¥{ OêÇkickstart ©G{¾
ÇúU©G/root/anaconda-ks.cfg ¥a,1&~[©ýöìݲ©Gû
?ASCII ©ý{©ÿ®ìuöÇ
DÇóOkickstart ©G?ï¯Õ
• B~½ø:/ùÒÇ{1øX\ïB{~Õ
×— kÝ7.4 uÜRkickstart 1{ï,ÝiF{ 1
%packages — -<>kÝ7.5
%pre Z%post — YÜX~ÇX4{-<>kÝ7.6 Z7.7
kickstart
RH-DOCS
Red Hat Linux
Red Hat Linux
•
•
•
•
•
•
•
X{1ø,1úQ
Q[{1øÌsãÇ
+~QéYÇ1ø{ÃIÇÒ3~ón{ã
,Ç¥ú
+{øÉ£ÃIÇãbÌÄqÃø:ÇÇQ{1
øÄ
1³RÃ#Ä>{éqúh*Õ:úQ
ékickstart ÿÇï1ø4{Õ
28
7. kickstart
ã
ªÓ
ªÓ|Ñ
ã0
÷÷{b)Ã¥÷÷4qãÄ{Ä
Ec÷
upgrade E
ZsãñÇ{
¥éÿ½êÙÇ1øÇ J1øRúQÃÕ?ÇYÝiGÝ Ä
•
•
•
•
•
•
•
7.4. kickstart
1
ï 1,1ú8ókickstart ©G¥*Íõ¡&~CoÁuOkickstart ©GÇ,
1&~ kickstart {ìa~Ç-<>kÝ89
Õ?
*ì 1Á˱êÇRÃ=ÄÇÇÁÒ½Çó+¾×¥ÇiRÃ[]Ä¥{ 14
×{, kj
Ã, Ä
Zinteractive #ÇX,ÇÄÝt¶ôÇLõ~®A
auth ÝauthconfigÃÄ
‘
ø:÷èy 1ÇZauthconfig ×#ÇV,1óãäqLå÷Ç
=/4·{e?X4¶{
autostep
‘
--enablemd5
‘
Ç~=Ñ&~md5 ·
--enablenis
‘
é~NIS |ÑLå÷Ç--enablenis &~ÇódÞ{[­óÄ
<YÇ­Ña&~--nisdomain= 1uCÓ÷
--nisdomain=
‘
~óNIS qÖ{NIS ­Ö
--nisserver=
~u
ØNIS qÖ{qÖìÃå/,BÄ
--useshadow Ý--enableshadow
‘
&~¶=
‘
7. kickstart
ã
29
--enableldap
‘
é~/etc/nsswitch.conf ¥{LDAP |ÑÇã{ø:,LDAP ø9¥5Â~
{fåÃUIDÌø9shell Ä&~ 1Çãênss_ldap G
ݤz&~--ldapserver= Z--ldapbasedn= u½qÖìZäïDN
--enableldapauth
‘
&~LDAP èy0Çé~êpam_ldap ÜLZLDAP ø9uèyù#=
&~ 1Çãênss_ldap Gݤz&~--ldapserver= Z-ldapbasedn= u½qÖìZäïDN
--ldapserver=
‘
*½ê--enableldap Ý--enableldapauthÇ&~ 1u½&~
{LDAP qÖì{ÖÁ 1ó/etc/ldap.conf ©G¥ú÷
--ldapbasedn=
‘
*½ê--enableldap Ý--enableldapauthÇ 1½êÑ?~få
{LDAP ø9d¥{DNÃ#/ÖÁÄÇ÷ó/etc/ldap.conf ©G¥
--enableldaptls
‘
&~TLSÃQ\į 1ãLDAP óèy5LDAP qÖì·{
~ÖZ=
--enablekrb5
‘
&~Kerberos 5 uèy~Kerberos ü?XwÌø9UIDÝshell {f
åO$Ç*é~êKerberosÇR&Ó*5êYJ~AR{fåÇ0
4&~/usr/sbin/useradd ×ÇÝé~LDAPNISÝHesiod*&~
1Çãpam_krb5 GÝ
--krb5realm=
‘
{Ó*5Äa{Kerberos 5 ­
--krb5kdc=
‘
­>F
ØqÖ{KDC*{­õÇKDCÇ&~ÏRÃ,ÄuIÅÇ¢
--krb5adminserver=
‘
{­¤äqkadmind {KDCqÖìÿ®#=1ùÙÇ®>F*
XÇKDCÇqÖì4ÌKDC
--enablehesiod
‘
¯~Ìø9UIDZshell é~Hesiod |Ñ[ó{dÞ÷Z
&~Hesiod {-<Ç>kÝ/usr/share/doc/glibc-2.x.x/README.hesiod ©G
ÇÝióglibc GÝ¥Hesiod 4DNS {Çj0ÇÇ&~DNS 9uÑ?~
k1ùÙÇ1ø{få
--hesiodlhs
‘
Ã&DÇleft-hand sideÄ 1Ç÷ó/etc/hesiod.conf ¥ 1
ú
E~ug½ó¯DNS få~uÂ{ÖÁǦLDAP &~äïDN {?B
#
Hesiod LHS
Hesiod
30
7. kickstart
ã
--hesiodrhs
‘
Hesiod RHSÃDÇright-hand sideÄ 1Ç÷ó/etc/hesiod.conf ©G¥
1úHesiod E~ug½ó¯DNS få~uÂ{ÖÁǦLDAP &~äïDN
{?B#
" ¯ ~ jim { f å ÇHesiod E ¯jim.passwd<LHS><RHS>Ç Ç a
ú Û Ä ¡ Æ {passwd 1 ø {TXT 9 Ãjim:*:501:501:Jungle
Jim:/home/jim:/bin/bashÄ k { < Y 4 $ Ç X , & ~ {
4jim.group<LHS><RHS>
Rhu¯~Zkǽ501.uidjim.passwd{CNAMEǽ501.gid
jim.group{CNAMEÕ?ÇóEg½ÂÖÁÇLHS ZRHS {ÁX8[.]Ç
O$LHS ZRHS /~>
--enablesmbauth
‘
&~SMB qÖìÃnSamba ÝWindows qÖìÄuèy~SMB èy|ÑX
wÌø9UIDÝshell {fåO$Ç¥é~ 1ÇR&Ó*5ê
YJ~AR{fåÇ04&~/usr/sbin/useradd ×ÇÝé~LDAPNIS
ÝHesiod*&~ 1Çãpam_smb GÝ
--smbservers=
‘
~u)SMB èy{qÖìÖÁ½XÇqÖìÇ~ÏRÃ,ÄuIÅÇ¢
--smbworkgroup=
‘
SMB
qÖì{Ó*ÖÁ
--enablecache
‘
é~nscd qÖnscd qÖ¥?~kZÈ¡ÙÇfå* /,
dÇ&~LDAPNISÝhesiod u~Zk{fåÇ¥?ÒÌ/~
ÃÄ
½ZsãñÇa[úãÇ1ùaãLILO ¤4GRUBãZÿÑYÇ
1éÿÓÇ*½--useLiloÇ%LILO 4h{ZsãñÇÇZsãñ
ÇÒÌúGRUBóÿâLILOÇ&~bootloader --upgrade 1
bootloader
‘
--append=
‘
½Xkj½õÇkjÇ&~8ÂIÅÇ¢¾Õ
bootloader --location=mbr --append="hdd=ide-scsi ide=nodma"
--location=
‘
½UZs9{ HÕmbrÃåÄÖpartitionÃóÝ9XI
K{Ç×KÞãZsãñÇÄÖÝnoneÃXãZsÝñÇÄ
--password=
‘
*&~GRUBÇ&~YÇ 1u÷GRUB ZsãñÇ=Çaú~u!
éGRUB shell {6¯ÇOó °,1?X 1
7. kickstart
ã
31
--md5pass=
‘
¥&~GRUBÇZ--password= #ÇX,=a.²ú·
--useLilo
‘
&~LILO :GRUB ZsãñÇ
--linear
‘
¥&~LILOÇ&~linear
~linearÄ
LILO
1ÖÇ{ø{45/Ãóå&
--nolinear
‘
¥&~LILOÇ&~nolinear LILO 1Ölinear 4å
--lba32
‘
¥&~LILOÇ&~lba32 Ü*:Ä5
--upgrade
‘
ÿ?{ZsãñÇ{ÇâÙ¥Æ{1ø 1,~ÿ
Ã, Ä
óOcIKÇ,ø:ÞÍøIKåXÌÍø[IK
clearpart
‘
Õ
*&~êclearpart ×Ç --onpart ×ÒXú~ó\öIKÞ
--linux
‘
ÍøÄLinux IK
--all
‘
Íøø:ÞÄIK
--drives=
‘
½,¥ÍøIK{PÄì¾Ç1×ÍøÌIDE ;ìÞ{ÜÇPÄì
Þ{IKÕ
clearpart --drives hda,hdb
--initlabel
‘
²cò)ð){ø{åþÕx86 &~msdosÇItanium &~gptÄY
Ç 1i~ÇOóãêcmcPÄìÇãÇÒX̯4dað)cò
)
32
7. kickstart
ã
Ã, Ä
óõjPCI ø:ÞÇãÇÌthÄæt1ÔZSCSI lÇóv{ø:
ÞZìJPCI ø:ÞÇkickstart
+bItth{÷÷device ×·ªãÇ
uãi{ÜLÇÇ{Â*4Õ
device
‘
device <type> <moduleName> --opts=<options>
<type>
‘
&~scsi Ýeth u¦
<moduleName>
‘
&~aúã{XÜL{ÖÁu¦
--opts=
‘
ÉXÜL{ 1Õ?Ç*² 18óZR°Ç,1õÇ 1Õ
--opts="aic152x=0x340 io=11"
Ã, Ä
æPCI "Ç?Ä÷÷ñ,~{ÜL
driverdiskÃ, Ä
‘
PÄÇc,1ókickstart ã¥&~²PÄÇc{
tø:mcPÄìì
IK{Êø9¥lÇ&~driverdisk ×u·ªãÇtý°K¯IPÄÇ
c
deviceprobe
‘
driverdisk <partition> [--type=<fstype>]
<partition>
‘
Ý9PÄÇc{IK
--type=
‘
©Gø:¡nÃÕvfatext2ext3Ä
Ã, Ä
3Û 1,1ókickstart ¥{{ZãÇ¥{3Û{ ¶ô#éaÕ
firewall
‘
firewall <securitylevel> [--trust=] <incoming> [--port=]
<securitylevel>
‘
&~1\ÿ/u¦Õ
• --high
• --medium
• --disabled
--trust=
‘
óY°ïñ÷÷Çeth0ÇÌãÄu÷÷{b/,3ÛïñX
Ç÷÷Ç&~--trust eth0 --trust eth1úyX&~6--trust eth0, eth1
Yø~ÏRIÅ{Â*
7. kickstart
ã
33
<incoming>
‘
&~1qÖu¦Ç,ã½{qÖ,3Û
• --dhcp
• --ssh
• --telnet
• --smtp
• --http
• --ftp
--port=
‘
,1&~à=ÕNF{Â*u½ã,3Û{à=Ç*.ã
IMAP 6¯/,3ÛÇ,1½imap:tcp¤,1ä½jà=ÇÇ
ãUDP Ýóà=1234 Þ/,ǽ1234:udp½õÇà=Ç~ÏRIÅÇ
¢
Ã, Ä
·ªø:­cãX4ÿø:Y4åÜ*éãÓÇ
,cdromharddrivenfsÝurlÃ~ftp Ýhttp ãÄ¥½Çã¡ninstall
×Zã0×óI{qÞ
install
‘
cdrom
‘
,ø:Þ{ÇcPÄì¥ã
harddrive
‘
,ýPÄì{Red Hat ãd¥ãÇÇ4vfat Ýext2
• --partition=
,¥ã{IKÃsdb2Ä
•
--dir=
Ý9ãd{RedHat ø9{ø9
¾Õ
harddrive --partition=hdb2 --dir=/tmp/install-tree
nfs
‘
,½{NFS qÖìã
• --server=
,¥ã{qÖìÃÌåÖÝIPÄ
• --dir=
Ý9ãd{RedHat ø9{ø9
¾Õ
nfs --server=nfsserver.example.com --dir=/tmp/install-tree
34
7. kickstart
url
‘
ã
/,FTP ÝHTTP ,ÏÇqÖìÞ{ãd¥ã
¾Õ
url --url http://<server>/<dir>
ÝÕ
url --url ftp://<username>:<password>@<server>/<dir>
Ã, Ä
óã¥&~kickstart ©G¥
Ø{fåÇb4ãZɽÌtãÇ¥
{ǶôÇÙ¥½êkickstart ©G¥ ½{Ç,1âZuzIYJÇ
,1#YJòâZu>kÝautostep
keyboardÃÄ
‘
÷ø:Ec¡nY°4i386ItaniumZAlpha åìÞ,~Ec{ï,Õ
interactive
‘
be-latin1, bg, br-abnt2, cf, cz-lat2, cz-us-qwertz, de,
de-latin1, de-latin1-nodeadkeys, dk, dk-latin1, dvorak, es, et,
fi, fi-latin1, fr, fr-latin0, fr-latin1, fr-pc, fr_CH, fr_CH-latin1,
gr, hu, hu101, is-latin1, it, it-ibm, it2, jp106, la-latin1, mk-utf,
no, no-latin1, pl, pt-latin1, ro_win, ru, ru-cp1251, ru-ms, ru1, ru2,
ru_win, se-latin1, sg, sg-latin1, sk-qwerty, slovene, speakup,
speakup-lt, sv-latin1, sg, sg-latin1, sk-querty, slovene, trq, ua,
uk, us, us-acentos
©G/usr/lib/python2.2/site-packages/rhpl/keyboard_models.py ¥Ý9êY
Çï,ÇÇ4rhpl GÝ{\I
langÃÄ
‘
÷ã¥&~{ªÓDzªÓ÷]ªÇkickstart ©GaÝiÁqÕ
lang en_US
©G/usr/share/redhat-config-language/locale-list {q{ï
Øê
H{ªÓSR{ï,ÇÇ4redhat-config-languages GÝ{\I
langsupportÃÄ
‘
÷óø:Þã{ªÓÇ&~{ªÓSRZlang ø
*.㫪ÓÇ>½ÇÇãZ&~ªfr_FRÕ
langsupport fr_FR
--default=
*.ãX«ªÓ|ÑǽåªÓ
Çã]ªZªÇ?&~]ªåªÓÕ
langsupport --default=en_US fr_FR
*&~--defaultÇÁË«ªÓÇ ÇĪÓRÌúãǽ{ªÓå
liloÃúbootloader ¦Ä
‘
‘
´·
1.úbootloader SÇÇ{ø{4
Ø5/>kÝbootloader
7. kickstart
ã
35
½ZsãñÇa[óø:ÞúãLå÷ÇLILO ãó<cÞ
{MBR ÞÇ*DOS IK?óÇåãvZsø:Ã*~óLILO: +E
dosÇDOS/Windows ø:ÒÌúZsÄ
--append <params>
‘
½Xkj
--linear
‘
&~linear LILO 1ÖÇ{ø{4
Ø5/Ãóå&~linearÄ
--nolinear
‘
&~nolinear LILO 1Öóå&~linear
--location=
‘
½ULILO Zs9{ H{Õmbr ÃåÄÝpartitionÃóÝ9
X{IKÞ{Ç×KÞãZsãÇÄ*X½ ÇLILO ÒXÌú
ã
--lba32
‘
&~lba32 Ü*:Ä5
Ã, Ä
*lilocheck ?óÇãÇÒÌóÇmcPÄì{MBR Þ5LILOÇ¥ItÇÒ
Ì­cZsø:— óY«<YÇXÌq[ãYÌ3kickstart ­cãÇ.
ãê{ø:
logvolÃÄ
‘
&~1ªu\öò®ÃLVMÄO\öòÕ
logvol mountpoint --vgname=name --size=size --name=name
DOIKÇlO\öòÇòO\öò¾Õ
lilocheck
‘
part pv.01 --size 3000
volgroup myvg pv.01
logvol / --vgname=myvg --size=2000 --name=rootvol
ÃÄ
ø:{GUI Z©ýÜ*{`) 1Õ
mouse
‘
--device=
‘
`)Äó{÷÷Ã--device=ttyS0Ä
--emulthree
¥?óÇ3â`){&ÜEÒÌúX =ø:h)âê`){¥-<*
ÇÜE`)Ça&~ 1
ó 1Ç`)¡n,&~1¡nÕ
‘
alpsps/2, ascii, asciips/2, atibm, generic, generic3, genericps/2,
generic3ps/2, genericwheelps/2, genericusb, generic3usb, genericwheelusb,
geniusnm, geniusnmps/2, geniusprops/2, geniusscrollps/2, geniusscrollps/2+,
thinking, thinkingps/2, logitech, logitechcc, logibm, logimman,
logimmanps/2, logimman+, logimman+ps/2, logimmusb, microsoft, msnew,
36
7. kickstart
ã
msintelli, msintellips/2, msintelliusb, msbm, mousesystems, mmseries,
mmhittab, sun, none
YÇï,,1ó/usr/lib/python2.2/site-packages/rhpl/mouse.py ©G¥It
©G4rhpl GÝ{\I
*Éñ{`)×Q[kjÇÝYÇ×úQÇãÇÒÌACÄ5`
)Ç,~õjS`)
networkÃ, Ä
‘
ø : { d f å *kickstart ã X É Ã ¦ é Ç Ç X 4 /
,NFSHTTPÝFTP ã{ÄÇø:{ÉÒXÌú{*ãh"ÉÇb
dfåókickstart ©G¥ú
ØÇRed Hat Linux ãÇÌ"½ãa/,eth0 ZÄ
ÕIP uqÃBOOTP/DHCPÄÇ?²!ª{ãê{ø:{ÄÄÕg½IP
network 1kickstart ãZ.ãø:/,d{Éfå
--bootproto=
‘
bootpÝstatic ¥{Ç
Çådhcpbootp Zdhcp ú3éV
DHCP 0&~DHCP qÖìø:uÜRÇ{É{,1Ì_tÇBOOTP 0
ZÇi#ÇFBOOTP qÖìu
Ød{+ø:&~DHCPÕ
network --bootproto=dhcp
+ìåì&~BOOTP uÜRÇ{É{Çókickstart ©G¥&~1qÕ
network --bootproto=bootp
·Õ0Fókickstart ©G¥QÄ{ÉfåÇ{ÖÁÄ+ÇYJ
få4·Õ{ÇRÌóã¥Zã&~~·ÕÉ{Yqv
ìÇO
²Äd{fåóqÝi½IP ÙhZÖÁq
Öì¾Ã\,ÒÇ¢óqÄÕ
dhcp
network --bootproto=static --ip=10.0.2.15 --netmask=255.255.255.0 \
--gateway=10.0.2.254 --nameserver=10.0.2.1
*&~·Õ0Ç>Õ?1ÜÇ!Õ
• Ä·ÕÉ{fåÑóqÞ½ÖX&~'R"u¦q
• ó$½ÇÖÁqÖìX,Ç¥Ç,1&~kickstart file {%post
Ãó7.7 ¥úÃcÄuÍõÖÁqÖì
--device=
‘
~ u ~ ã { ½ 1 Ô ÷ ÷ Õ ? Ç ø :kickstart © G 4 ý © G
Ãks=floppyÄÇ&~--device= RXÌHÇOãÇRÌ{du¯
Ikickstart ©G¾Õ
network --bootproto=dhcp --device=eth0
--ip=
‘
ã{åì{IP
--gateway=
‘
IP
o*{å
--nameserver=
‘
ÌÖÁqÖìÇIP Â*
7. kickstart
ã
37
--nodns
‘
X{[DNS qÖì
--netmask=
‘
ã{ø:{Ùh
--hostname=
‘
ã{ø:{ÌåÖ
ÝpartitionÃãÄ{ÇÿÄQ{Ä
óø:ÞOIK
*ø:Þ{X3IKÞ?óXÇRed Hat Linux ãÇãÇÌ®¯~aÿý
Çã
part
‘
´·
ø:&~ê--noformat Z--onpartÇÄO{IKÑÌúÂ*ÇY4ã,Ç{\I
<mntpoint>
‘
<mntpoint>
4IKRñ{ Ç&~1Â*Õ
• /<path>
¾Õ//usr/home
• swap
IKRú~*b¦8-
Äû½b¦K{LBÇ&~--recommended 1Õ
swap --recommended
ÄÄ{b¦K{!BRXÌBø:{?ÇXÌLø:?{Üõ
• raid.<id>
IKRÌú~*GRAIDÃ>kDraidÄ
• pv.<id>
RÌ~LVM {IKÃ>kDlogvolÄ
--size=
‘
1MB \ {IK!Bó$ÿ½ÇrjÇ500XójÁMB
--grow
‘
·ªIK&~Ä,~8-Ã¥ÄÇÝ&~÷{!L
--maxsize=
‘
hIKú÷,jßÇ1MB \ {IK!LóY°½ÇrjÇX
ójMB
--noformat
‘
·ªãÇXÂ*IKÇZ--onpart ×å&~
38
7. kickstart
ã
--onpart= or --usepart=
²IK8ó.?ó{÷÷Þ¾Õ
̲/home 8ó/dev/hda1 ÞÇYÇIK.²?ó
--ondisk= Ý--ondrive=
‘
IKó½cÞOÇ--ondisk sdb ̲IK8óø:{ÇSCSI cÞ
‘
partition /home --onpart=hda1
--asprimary
‘
²IKqÄ`ÌIKÇdIK,ÇÒ̽
--bytes-per-inode=
½{jS,©Gø:ÞÇóO{jÇ&~Â*é
.©Gø:Þ{jÞ{a~ÇÇ 1ÒÌi~
--type=Ãúfstype ¦Ä
‘
1.Xò,~>&~fstype
‘
--fstype=
‘
IK÷©Gø:¡n\Õext2ext3swapZvfat
--start=
‘
½IK{å)ÎÁÇF&~--ondisk Ýondrive u½PÄìǤF&
~--end u½ªÎÁÇÝ&~--size u½IKLB
--end=
‘
½IK{ªÎÁÇF&~--start u½IK{å)ÎÁ
--badblocks
‘
½IKa5 Lsectors.
Õ
*ì«ÆOÇIK½êÇfä·åÌ+ó®R;ÑÞ
Ã, Ä
ÄGRAID ÷÷×{Â*4Õ
raid
‘
raid <mntpoint> --level=<level> --device=<mddevice> <partitions*>
<mntpoint>
‘
ñRAID ©Gø:{ *Ç4/ÇRAID ÿ/41Çø:ZsIKÃ/bootÄ
?ó*ZsIK?óÇ/boot IK4ÿ/1ÇÊÃ/ÄIK,14[,~
{¡n<partitions*>ÃS,õÇIK,1úïÞÄïÞêtRAID jï
{RAID )
--level=
‘
&~{RAID ÿ/Ã01Ý5Ä
7. kickstart
ã
39
--device=
‘
&~{RAID ÷÷{ÖÁÃmd0 Ýmd1ÄRAID ÷÷{),md0 tmd7ÇÇ
÷÷ú&~'
--spares=
‘
½RAID jïaú`N Ç÷~PÄì÷~PÄì,1ú~uóPÄì½­
Ojï
--fstype=
‘
RAID jï÷©Gø:¡n\Õext2ext3swapZvfat
--noformat
XÂ*RAID jï
Á{¾+ê[/ ORAID ÿ/1 IKÇ/usr ORAID ÿ/5 IKÇ"½{
ø:Þ®ÇSCSI cǤO®Çb¦IKÇÇPÄìÞÇ
‘
part raid.01 --size=60 --ondisk=sda
part raid.02 --size=60 --ondisk=sdb
part raid.03 --size=60 --ondisk=sdc
part swap --size=128 --ondisk=sda
part swap --size=128 --ondisk=sdb
part swap --size=128 --ondisk=sdc
part raid.11 --size=1 --grow --ondisk=sda
part raid.12 --size=1 --grow --ondisk=sdb
part raid.13 --size=1 --grow --ondisk=sdc
raid / --level=1 --device=md0 raid.01 raid.02 raid.03
raid /usr --level=5 --device=md1 raid.11 raid.12 raid.13
Ã, Ä
ãqÄ­cZsø:ÃÃkjÄ/Çkickstart +>åÇ?V~?E
b­cZs
rootpwÃÄ
‘
²ø:{Ê=÷<password> kj
reboot
‘
rootpw [--iscrypted] <password>
--iscrypted
‘
* 1?óÇ=ÒÌ"½.ú·
Ã, Ä
*?óÇã{ø:ÞÒXÌ{X
textÃ, Ä
‘
ó©ýÜ*qkickstart ãkickstart ãåóCoÜ*ã
timezoneÃÄ
‘
²ø:{K÷<timezone>ÇÇ,14timeconfig ïÞ{[K
skipx
‘
timezone [--utc] <timezone>
40
7. kickstart
ã
--utc
‘
*?óÇø:ÒÌ"½mG¨ú÷UTCÃÂõ
£)ïÄ-
Ã, Ä
·ªø:ÿ?ø:ÇX4ãÇcø:,cdromharddrivenfs
ÝurlÃ~ftp ZhttpÄ¥½ãd{ -<>kDinstall
xconfigÃ, Ä
‘
{X =ø:* 1ÉñÇX úãêÇ~Róã,Ç¥CÓ{
XÖ*{!ªø:ÞãXÇXa&~ 1
upgrade
‘
--noprobe
‘
Xæ+ì
--card=
‘
& ~ ½ { @ ª Ö { Ö Á a u hwdata G Ý
{/usr/share/hwdata/Cards ¥{@ªï,YÇï,¤,1óKickstart {ì
{X {ì¶ôÞIt*kj
ØÇãÇÌæ{PCI "
AGP 4PCI "{\IÇ¥|ÑÇAGP ÒÌúætæ~ñÆ{PCI ·
Ã~û½
--videoram=
‘
½@ª{@ª?jÞ
--monitor=
‘
&~½+ìÖ+ì{ÖÁauhwdata {/usr/share/hwdata/MonitorsDB
¥{+ìï,YÇï,¤,1óKickstart {ì{X {ì¶ôÞIt*
Ø
ê--hsync Ý--vsyncÇ 1ÌúQ*
Ø+ìfåÇãÇÌA
CÄæÇ
--hsync=
‘
½+ì{y²ªG
--vsync=
‘
½+ì{ªG
--defaultdesktop=
‘
²åóÁ÷ÄGNOME ÝKDEÃ"½GNOME Z/ÝKDE /,%packages úã
êÄ
--startxonboot
‘
óã{ø:Þ&~Co~9
--resolution=
‘
½ ã { ø : ÞX = ø : { å I % G H
Õ640x480800x6001024x7681152x8641280x10241400x10501600x1200
>h½½¦@ªZ+ì/{I%G
7. kickstart
ã
41
--depth=
½ã{ø:Þ{X =ø:{åºgýÝHÕ81624Z32>h½
½¦@ªZ+ì/{ºgýÝ
‘
Ã, Ä
~uO\öò®ÃLVMÄÇÙªÂ*Õ
volgroup name partition
DOIKÇlO\öòÇòO\öò¾Õ
volgroup
‘
part pv.01 --size 3000
volgroup myvg pv.01
logvol / --vgname=myvg --size=2000 --name=rootvol
Ã, Ä
*zerombr ú½ÇÇ{kj4yesÇÄócÞ{ÃHIK,ÒÌúð)
YÌ» QÃHIK,{cÞ{Äjâ×{Â*Õ
zerombr yes
ÙÇÂ*þÃH
zerombr
‘
%include
‘
&~%include /path/to/file ×uókickstart ©G¥ÝiÇ©G{ÇÒP4Y
JýuÒókickstart ©G°%include Äó{ ¥ø
7.5.
GÝ &~%packages ×u)kickstart ©G¥ïÞã{GÝ{\IÃ!ãÇOÿ
¥GÝ Xú|ÑÄ
,1&~\ÇGÝÖÁÝGÝ{ÖÁu½Ç¢ãǽBêõÝ9#GÝ
{GÝ>kD<Red Hat Linux cÞ{RedHat/base/comps.xml ©GuÜRGÝ
{ï,Ñid~,DuÖÁÃc1ùÙ¥Ý9{GÝï,óGÝï,
¥Ç¥ú ½ãÇú){GÝ4úãú)å{GÝÌúå Ç
), {GÝúä½búãÇý".² ½úã
óõj<YÇïÞ.{GÝÇXïÞ\ÇGÝÕ?ÇCore ZBase
GÝ4úå ÇO$Xó%packages \I¥½Ç¢
14%packages \I{+¾Õ
%packages
@ X Window System
@ GNOME Desktop Environment
@ Graphical Internet
@ Sound and Video
galeon
ÞÄ+Çkúqq½Ç1@ nRåDÇl48ÂÇl4comps.xml ©G¥½
{k{\ÖXQ{åDnR̽\ÇGÝÃ1Þ¾¥{galeon q½{4\Ç
GÝÄ
¤,1,å{GÝï,¥½Xã{GÝÕ
@ Games and Entertainment
-kdegames
42
7. kickstart
%packages
ã
ÜÇ,~ 1
--resolvedeps
ãïÞ{GÝÇ?ÄûGÝvø* 1ú½ÇGÝv
øe?óÇÄãÒÌö*?
+~¾Õ
‘
%packages --resolvedeps
--ignoredeps
Qû{vøÇ?ãÄïÞ{vø{GݾÕ
‘
%packages --ignoredeps
--ignoremissing1
Qbè{GÝÝGÝÇX4ö*ãu5~®¯4¥¤4ã¾Õ
‘
%packages --ignoremissing
7.6.
½ãlý
,1ø:óÛks.cfg ©GÁýäq{×Y kickstart ©G{
ÿÃó×ÄÇ%1%pre ×>Õ?Çó%pre \I,16¯dÖlÇÖÁ
qÖÃname serviceÄó$¤ú{ÇO$IP bH
Õ
Õ?ǽãlýXó¦ê{Ê¢¸ÃchrootÄ¥äq
--interpreter /usr/bin/python
ã½X3{lýªÓÇPython²/usr/bin/python ¦Ä.&~{lýª
Ó
‘
7.6.1.
)¾
14%pre {+¾Õ
%pre
#!/bin/sh
hds=""
mymedia=""
for file in /proc/ide/h*
do
mymedia=‘cat $file/media‘
if [ $mymedia == "disk" ] ; then
hds="$hds ‘basename $file‘"
fi
done
1.
14Red Hat Linux 9 ¥c{
7. kickstart
ã
43
set $hds
numhd=‘echo $#‘
drive1=‘echo $hds | cut -d’ ’ -f1‘
drive2=‘echo $hds | cut -d’ ’ -f2‘
#Write out partition scheme based on whether there are 1 or 2 hard drives
if [ $numhd == "2" ] ; then
#2 drives
echo "#partitioning scheme generated in %pre for 2 drives" > /tmp/part-include
echo "clearpart --all" >> /tmp/part-include
echo "part /boot --fstype ext3 --size 75 --ondisk hda" >> /tmp/part-include
echo "part / --fstype ext3 --size 1 --grow --ondisk hda" >> /tmp/part-include
echo "part swap --recommended --ondisk $drive1" >> /tmp/part-include
echo "part /home --fstype ext3 --size 1 --grow --ondisk hdb" >> /tmp/part-include
else
#1 drive
echo "#partitioning scheme generated in %pre for 1 drive" > /tmp/part-include
echo "clearpart --all" >> /tmp/part-include
echo "part /boot --fstype ext3 --size 75" >> /tmp/part-includ
echo "part swap --recommended" >> /tmp/part-include
echo "part / --fstype ext3 --size 2048" >> /tmp/part-include
echo "part /home --fstype ext3 --size 2048 --grow" >> /tmp/part-include
fi
lýg½ø:Þ{mcPÄì{jÞÇ?Êâø:ÞǤ4ÜÇPÄìUQX3IK
0{©ý©G¦Ùókickstart ©G¥IK×Ç,1Ýi1qÕ
%include /tmp/part-include
ólý¥ {IK×Ìú&~
7.7.
ãlý
,1ø:óãqÄäq{×Y kickstart ©G{ÿÇ%
1%post ×>ÇéãiGÝÝ{iÖÁqÖìÖiÐÏ
Õ
*&~·ÕIP få{êdÇÝiÖÁqÖìÇ,1ó%post \I¥6¯d?ÛIP
*&~DHCP {dÇhãqt%post \IÇ/etc/resolv.conf ©G¤qÄ,16
¯dÇb4XÛIP O$Ç*&~DHCPÇó%post Y¥½IP
Õ
ãlýóchroot ¢¸¥äqÖO$Ç6
ã¥{lýÝRPM ¡{ÖRXúq
44
7. kickstart
ã
--nochroot
‘
ã½.óchroot ¢¸iäq{×
Á{¾²/etc/resolv.conf ©G
t¦¦ãê{©Gø:Þ
%post --nochroot
cp /etc/resolv.conf /mnt/sysimage/etc/resolv.conf
--interpreter /usr/bin/python
‘
ã½X3{lýªÓÇPython~.~{lýªÓu¦/usr/bin/python
7.7.1.
)¾
éÄZqÖÕ
/sbin/chkconfig --level 345 telnet off
/sbin/chkconfig --level 345 finger off
/sbin/chkconfig --level 345 lpd off
/sbin/chkconfig --level 345 httpd on
,NFS á0¥äqw)runme {lýÕ
mkdir /mnt/temp
mount 10.10.0.2:/usr/new-machines /mnt/temp
open -s -w -- /mnt/temp/runme
umount /mnt/temp
Éø:~Õ
/usr/sbin/useradd bob
/usr/bin/chfn -f "Bob Smith" bob
/usr/sbin/usermod -p ’kjdf$04930FTH/ ’ bob
7.8.
[&kickstart ©G,ú¼~
©G 1Ç Õ
• óZscÞ
• óZscÞ
• ódÞ
/Çkickstart ©Gú
tZscÞÇÝódÞ
Øäd{0&~!Ê(ÇOõ
jkickstart ã4óÉ{®åÞq{
t·¢Íý?8kickstart ©G{
kickstart
7.8.1.
OKickstart Zsc
qäc{kickstart ãÇkickstart ©Gú×Öks.cfgÇ% Zsc{!Þ
ÿø9°OZsc{Ò>kÝRed Hat Linux ã¥{*ãZscY
Ç9ORed Hat Linux Zsc&~MS-DOS Â*ÇO$,1&~mcopy ×uóLinux ¥
kickstart ©GÕ
mcopy ks.cfg a:
7. kickstart
ã
45
iÇ,1&~Windows u
©G¤,1&~©G¡nvfat uóRed Hat Linux ñMS-DOS ZscÇl&~cp ×u
©G
7.8.2.
Okickstart Zsc
7.8.3.
ódÞ
ØKickstart ©G
qäc{kickstart ãÇkickstart ©Gú×Öks.cfgÇ% Zsc{
!Þÿø9¥Oc4Ö{ÇYÇ©GútúUc{~uOn4{ø9
¥OZsc{ÒÇ>kÝRed Hat Linux ã¥{*ãZscY
9X,Çó*file.iso n4©GÇ>²ks.cfg kickstart ©G
tisolinux/ ø
9¥
&~kickstart {dãvÊ(ÇOø:®Ê,1O¤4ÄõÉ®å{
ãÄuÇY«0éóÛ­ÞäBOOTP/DHCP ZNFS qÖì{®ÊuÇ&~!
Ê(BOOTP/DHCP qÖì~uÉ0
ØÉfåÇóã¥&~{©GNFS qÖì
ØYÜ1qÖ²ó3\åìÞäqÇb4Y?X4{
qäd{kickstart ãÇ{dÞÇBOOTP/DHCP qÖìÇ%ÇÝi
óÙÞãRed Hat Linux {åì{{fåBOOTP/DHCP qÖìÌÉ0
ØÇ{
Éfå1ùkickstart ©G{
*kickstart ©GúBOOTP/DHCP qÖì½Ç0ø:ÒÌAC&~NFS uñ©G
{4»Ç?²½©G
t0ÞDzÇ~*kickstart ©GÄ{h#÷&~
{BOOTP/DHCP qÖì½
Á4,~Red Hat Linux ±Q{DHCP qÖì{dhcpd.conf ©G¥Ä!9{qÕ
filename "/usr/new-machine/kickstart/";
next-server blarg.redhat.com;
Õ?Ça²filename Á{¦kickstart ©G{ÖÁÃÝkickstart ©GÄó{ø9ÄÇ
²next-server Á{¦ÄNFS qÖì{ÖÁ
*BOOTP/DHCP qÖì(Ã{©G1R"Ã/ÄeÇÇÒÌúh)4»óY«<YÇ
0ø:Ì&~NFS uñ4»ÇlÂ콩G0Â{©GÖ4Õ
<ip-addr>-kickstart
©GÖ{<ip-addr> \Iaú*{0IP ¦ÇIP 10.10.0.1 {®å{
©GÖa10.10.0.1-kickstart
Õ?Ç*X½qÖìÖÁÇ0ø:ÒÌAC&~ÃIBOOTP/DHCP >F{qÖìu
*Ç{NFS qÖì*X½4»Ý©GÖÇ0ø:ÌAC,BOOTP/DHCP qÖ
ìñ/kickstartÇl&~ZÁÃc{<ip-addr>-kickstart ©GÖ#3{0u
Âkickstart ©G
7.9.
Øãd
ã&~ãdÃinstallation treeÄãd4Red Hat Linux c{
Ç
Çä÷¦c#3{ø9è
*q{4äc{ãÇó)kickstart ã²Red Hat Linux c#1 ®å
*q{4mcPÄìãÇ>h½Red Hat Linux c{n4 ®å{mcPÄ
ìÞ
kickstart
46
7. kickstart
ã
*q{4ädÃNFSFTPÝHTTPÄãÇ/,du
Øãd-<>
kÝRed Hat Linux ã¥{ê÷dãY9
7.10.
)kickstart ã
)kickstart ãÇ,Red Hat Linux ZscRed Hat Linux ZscÝRed Hat
Linux ãc#1 ¥ãÇóZs
+QÇO{Zs×*ks ×qkjúÉ
XÇãÇÒ̯Ikickstart ©G
Zsc
‘
*kickstart ©G ZscÞÇ7.8.1 ¥ÄÃcÇ&~PÄì¥{cuZsÇl
óboot: Q1×Õ
linux ks=floppy
c#1 Zc
‘
*ks.cfg ©G cÞ{vfat Ýext2 ©Gø:ÞÇ,Red Hat Linux ãc#1
¥ZsÇ,1&~linux ks=floppy ×
«,q{Zs×4,Red Hat Linux c#1 ¥ZsÇ?²kickstart ©G8óc{vfat
Ýext2 ©Gø:ÞHtYÇø{Çóboot: +Q1×Õ
linux ks=hd:fd0:/ks.cfg
&~PÄÇc
‘
*kickstart &~PÄÇcǤ½dd 1¾Ç,Zsc¥ZsÇ?&
~PÄÇcÇóboot: +Q1×Õ
linux ks=floppy dd
Zsc
‘
*kickstart ©G ZscÞÇ7.8.2 ¥ÄÃcDzcø:ÇZsø:Çl
óboot: +Q1×Ãks.cfg 4kickstart ©G{ÖÁÄÕ
linux ks=cdrom:/ks.cfg
ÙÇéÄkickstart ã{0ïÞÕ
ks=nfs:<server>:/<path>
‘
ã Ç Ì óNFS q Ö ì<server> Þ {<path> ¥ ¯ Ikickstart ©
G ã Ç Ì & ~DHCP u { 1 Ô Ç * {NFS q Ö ì
4server.example.comÇkickstart ©G NFS á0/mydir/ks.cfg ÞÇth{Zs×a
4Õks=nfs:server.example.com:/mydir/ks.cfg
ks=http://<server>/<path>
‘
ã Ç Ì óHTTP q Ö ì<server> Þ {<path> ¥ ¯ Ikickstart ©
G ã Ç Ì & ~DHCP u { 1 Ô Ç * {HTTP q Ö ì
4server.example.comÇkickstart ©G HTTP ø9/mydir/ks.cfg ¥Çth{Zs×a
4Õks=http://server.example.com/mydir/ks.cfg
ks=floppy
‘
ãÇÌó/dev/fd0 PÄì¥{cÞ{vfat Ýext2 ©Gø:¥¯Iks.cfg ©G
ks=floppy:/<path>
‘
ãÇÌó/dev/fd0 PÄì¥{cÞ{vfat Ýext2 ©Gø:¥¯IÖÁ<path>
{kickstart ©G
7. kickstart
ã
47
ks=hd:<device>:/<file>
‘
ãÇÌó<device> Þñ©Gø:Ã4vfat Ýext2ÄÇló©Gø:¥¯
Ikickstart {©G<file>ÃÇks=hd:sda3/mydir/ks.cfgÄ
Õ
ÇR4Red Hat Linux 9 ¥{ª#
ks=file:/<file>
‘
ãÇÌAC,©Gø:¥ÖR<file> ©GÖXqñY/ókickstart ©G.
² initrd n4&~
ks=cdrom:/<path>
‘
ks
‘
ãÇÌóc¥¯Ikickstart ©G<path>
*ks ú\Õ&~ÇãÇÌ{ø:{1Ô&~DHCPø:RÌ&~DHCP Ã
a{bootServer*NFS qÖìÇ?,¥ÖRkickstart ©GÃÇå¦DHCP qÖì#
3Äkickstart ©G{ÖÁ,14Á«Õ
• *DHCP ú½Çbootfile 1/ >ÇDHCP Ø{bootfile ÒÌóNFS qÖìÞú
I
• *DHCP ú½Çbootfile X1/ >ÇDHCP Ø{bootfile ÒÌóNFS qÖìÞ
{/kickstart ø9¥úI
• *DHCP
½bootfileÇ ã Ç Ò Ì A C Ö R ©
G/kickstart/1.2.3.4-kickstartÇY°{1.2.3.4 4ã{åì{IP
ksdevice=<device>
‘
ãÇÌ&~d÷÷uËztdÇ&~/,eth1 ÷÷Ëztø
: Þ {NFS q Ö ì Þ {kickstart © G u é Äkickstart ã Ç óboot: + &
~ks=nfs:<server:>/<path> ksdevice=eth1 ×
48
7. kickstart
ã
8.
Kickstart
{ì
{ìã&~Co~ÁuOkickstart ©GÇO$XÔ©G{thª
&~Kickstart {ìÇäqX =ø:éÄKickstart {ìÇ ÁÆÞ{Ì
h\ => ø:Óä => KickstartÇÝE/usr/sbin/redhat-config-kickstart ×
óOkickstart ©G{Ç,1± ©G => ½uµh{ Kickstart
8.1.
äý{
C8-1. äý{
,ªÓh\¥ óã¥&~Ç?óã~)å{ªÓ
,Ech\¥ ø:{Ec¡n
,`)h\¥ ø:{`)¡n* êÃ`)Ç`)ÒXÌú{* êæ`)ÇãÇÒÌACÄæ`)õjS`)Ñ,1úæt
*ÇÜE`)Ç,1 Ü®EuÜ®E`)* 1ú Ç3â`
){&ÜEÒÌú4âê`){¥-<
,Kh\¥Ç ø:&~{K{ø:&~UTCÇ &~UTC ¨
óÊ=©ýãQ.~{Ê=*.ó©G¥â?=·Ç ·Ê
=*· 1ú Çh©Gúâ?ÇE{Ê/©ýÒÌú·?Ukickstart ©G
¥XE.²·{=l ÉÇ·
50
8. Kickstart
{ì
øêóªÓnh\¥ {ªÓiÇãÙǪÓÇóªÓ|Ñï,¥ Ç
¢,ªÓnh\¥ {ªÓóãú~*åªÓX,ÇåªÓ,1óã&
~ªÓ{ÓäÃredhat-config-languageÄu#
ã­cZsø:ÌóãeÄ­cZsø:
kickstart ãå&~CoÜ*q§Öå&~©ýÜ*Ç ó©ýÜ*¥q
ã 1
,1&~ÄÜ*qkickstart ãY?øãÇÌ&~Äókickstart ©G¥½÷{ 1Çb4ÇãótǶô½ 1tǶôÞÇó3?÷
âZ<*é½÷{ 1Xw?Ç,1óã#Ç¢*Íõ¡Y
¡ãÇ óÄÜ*¥qã<
8.2.
ã0
C8-2. ã0
ã0¶ôã qcãÝÿã* ÿÇIKfåZGÝ
1ÒÌú¢~Ç¢Xúkickstart ÿÄ|Ñ
óYǶôÞǤ kickstart ã{¡n, {¡nÕ
• cPÄì — YÇ 1u,Red Hat Linux c¥ãRed Hat Linux
• NFS — *K®,NFS á0ø9¥ãRed Hat LinuxÇ 1ÜÇFQ
NFS qÖìZø9{©ýã'ÌñQNFS qÖì{qr­ÖÝIP Ö1ùÝ9
ãd{RedHat ø9Ç*{NFS qÖìÝ9/mirrors/redhat/i386/RedHatÇó
FNFS ø9{ãQ/mirrors/redhat/i386
• FTP — *K®,FTP qÖìãRed Hat LinuxÇ 1ÜÇFQFTP
qÖìZø9{©ýã'ÌñQFTP qÖì{qr­ÖÝIP Ö1ùÝ9RedHat
ø9{FTP ø9ÖÇ*{FTP qÖìÝ9/mirrors/redhat/i386/RedHatÇó
8. Kickstart
•
•
{ì
51
FFTP ø9{ãQ/mirrors/redhat/i386*FTP qÖìF~ÖZ=Ç>
½Ç¢
HTTP — * K ® ,HTTP q Ö ì ãRed Hat LinuxÇ 1 Ü Ç
F Q HTTP q Ö ì Z ø 9 { © ý ã ' Ì ñ Q HTTP q Ö ì { q r
­ Ö ÝIP Ö 1 ù Ý 9RedHat ø 9 {HTTP ø 9 Ö Ç * {HTTP
q Ö ì Ý 9/mirrors/redhat/i386/RedHatÇ ó FHTTP ø 9 { ã Q
/mirrors/redhat/i386
mcPÄì — *K®,mcPÄìãRed Hat LinuxÇ 1ÜÇFQ
mcPÄìIKZø9{©ýã'ÌñmcPÄìã&~ISOÃÝcÄn4>
óãh½DèISO n4{qruDèÇ¢Ç&~md5sum ÇZRed Hat Linux ã
¥ÿX{linux mediacheck Zs 1ómcPÄìIK©ý'QÝ9ISO
n4{mcIKÃ/dev/hda1ÄÇlómcPÄìø9©ý'QÝ9ISO n4{
ø9
8.3.
ZsãñÇ 1
C8-3. ZsãñÇ 1
,1 ãGRUB ÝLILO *ZsãñÇ*X.ãZsãñÇÇ X
ãZsãñÇ* XãZsãñÇÇ>h½OêZscÝÙÇZsRed
Hat Linux ø:{0î0ZsãñÇÄ
* ãZsãñÇǤz ãýÇÃGRUB ÝLILOÄ1ùãó
ý°ÃÌZs9Ý/boot IK{Ç×KÄ*K®²Ç~*ZsãñÇDzÇã
tMBR ÞÇ*~{4X3{ZsãñÇDzLILO ÝGRUB ãó/boot IK{Ç×K
ÞÇ?{ÙÇZsãñÇuZsRed Hat Linux
óø:Zs5XOkjDzǢQtXkj©ýãÇ*
ÇIDE c/9ìÇ,1·ªXó&~cdrecord zñSCSI ÜPÄÇÇ04
²hdd=ide-scsi QXkjÃY°{hdd 4c÷÷Ä
52
8. Kickstart
{ì
* {ZsãñÇ4GRUBÇ,1{ÇGRUB =uâÇó&~GRUB =
©ýãQYÇ=*.ó©G¥²=·â?Ç ·GRUB =
h©Gú?cÇE{Ê/©ý=ÒÌú·Ukickstart ©GXE.·{=l
ÉÇ·
* {ZsãñÇ4LILOÇ 4d&~"oÜ*Ç1ù4d&~lba32 Ü
*
*óã0Þ êÿãÇ ÿZsãñÇuÿ?{
ZsãñÇ{?âÙ¥Æ{1ø
8.4.
IKfå
C8-4. IKfå
4d8øÌZs9ÃMBRĤ,1 ÍøÄIKÍøÄ?{Linux I
KÝâ?IK
,1²cò)ð)ø:ø{åþÇx86 &~msdosÇItanium &~gptÄ*
óÇ/c{mcPÄìÞãÇ ð)c)ü
8.4.1.
OIK
OIKÇâ<C8-5Ä+{IK 1=ÒÌñcIK ñ
©Gø:¡nZIKLB¤,1,ï 1¥ Õ
• ó{LB 1\I¥Ç IK&~û½LB½LB¤4&~PÄìÞ{\\
8-*²©Gø:¡n b¦KÃswapÄÇ,1 tãÇ&~OF
X4½{LBuOb¦IK
• IKúOÌIK
8. Kickstart
•
•
•
{ì
53
ó½mcPÄìÞOIKÇóÇIDE mcÃ/dev/hdaÄÞ*IKDzhda
½PÄìXóPÄìÖÁ¥Ýi/dev
&~?IKÇóÇIDE mcÞ{ÇIKÃ/dev/hda1ÄÞ*IKÇ
²hda1 ½IKXóIKÖ¥Ýi/dev
²IKÂ* ½{©Gø:¡n
C8-5. OIK
öì?IKÇ,ï,¥ ÇÇlâö<ÇZIK#3{IK
1=ÌñÇC8-5Ä+ÇX,ÇÞÁ{.ú½IK 1Çlâh
½
Íøì?IKÇ,ï,¥ ÇÇlâÍø <
OGRAID IK
ÝÖ39u¦óRAID ZRAID ÿ/{#,1{RAID 01Z5
OGRAID IKÇ&~1Z½Õ
1. âRAID<
2. OGRAID IK
3. ÁÃc{0u{IKÇX, GRAID*©Gø:¡n$iÇ
½*IK{mcPÄìݽ&~{?IK
8.4.1.1.
54
8. Kickstart
{ì
C8-6. OGRAID IK
­
YJZ½u{RAID ÷OÄ{IKX4Ä{IKѽ4RAID IK
OêèÄRAID ÷÷Ä{ÄIKÇ$¬1Z½Õ
1. âRAID<
2. ORAID ÷÷
3. ñ©Gø:¡nRAID ÷÷ÖÁRAID ÿ/RAID ÄÊGRAID ÷÷{
÷GjÞ1ù4dÂ*RAID ÷÷
C8-7. OGRAID ÷÷
4.
âh½u²÷÷tï,¥
8. Kickstart
8.5.
{ì
55
d{
C8-8. d{
*/,kickstart ã{ø:1ÔÇXód{Þ{Ç
ó êd¡n{ã0ÃNFSFTP ÝHTTPÄbÉÉ,1±óã
&~d®ÓäÃredhat-config-networkÄu{-<>kÝ129
éø:Þ{Ç1ÔÇâd÷÷Çl d÷÷Z÷÷{d¡n
Ç1Ô eth0 *d÷÷ÇÇ1Ô eth1Ç$¡M
56
8.6.
8. Kickstart
{ì
èy
C8-9. èy
óèy\IÇ ~=4d&~¶ZMD5 ·M?&~YJ 1ÇÇ¢úå èy{ 1ã{ïèy0Õ
•
NIS
•
LDAP
•
Kerberos 5
•
Hesiod
•
SMB
ÖÁ#¦¥?
YJ0Xúåé~é~«Ýõ«0Çâôh{)üÇlâé~k{
'ÇzøQ~èy0{7hfå
•
8. Kickstart
8.7.
{ì
57
3Û{
C8-10. 3Û{
3Û{=¦Red Hat Linux ãÇZ\ÿ/{Óä¥{¶ôÜøó°
ÿ¥ÿZ.¢~YJÿ/¥ YJ\ÿ/{-ûfåÇ>kÝ13.1
8.8. X
{
*ãX =ø:Ç,1ókickstart ã,Ç¥{Ç04ÇóC8-11Ä+
{X {=Þ {X =ø:<* 1ú ÇX { 1ÒÌú
¢~Çskipx 1ÒÌúUkickstart ©G
8.8.1.
{X {Z4 å{ºgýÝZI%G,#a{nh\¥ Ç¢>h½½¦
{@ªZ+ì/{ºgýÝùI%G
58
8. Kickstart
{ì
C8-11. X {-
*²GNOME ZKDE óÁÑãêÇ Çå{óÁ*ãêÇ
óÁÇ>h½ Çhø:úãÇ~,1 Æ¢.å&~{óÁGNOME
ZKDE {-ûfåÇ>kÝRed Hat Linux ãZRed Hat Linux
ZÇ óø:Zs4déÄX =ø: 1ÌóQCo~9¶ô{äqÿ
/5 ¥éÄø:óø:úãÇ,1/etc/inittab {©Gu#Y 1
8.8.2.
@ª
æ@ªúå *.tãÇóã¥æ@ªÇzIå÷õj
S@ªÑúæt* ê 1Ç?%ãÇÃÄÕæ@ªÇãÇÒ
Ìó@ª{¶ôÞ¥ãÇÇ,@ªï,¥ ÇÇlâZ
iÇ,1,@ª )üÞ{ï,¥ ÇC8-12Ä+ó@ª?nh\
¥ @ª?jÞYJÌúãÇ~u{X =ø:
8. Kickstart
{ì
C8-12. X {- @ª
8.8.3.
+ì
{ê@ªÇâ+ì)üÇC8-13Ä+
C8-13. X {- +ì
59
60
8. Kickstart
{ì
æ+ìúå *.tãÇóã¥æ+ìÇzIåõjS
+ìÑúæt* ê 1Ç?%ãÇÃÄÕæ+ìÇãÇÒÌ
ó+ì{¶ôÞ¥ãÇÇ,+ìï,¥ ÇÇlâZ
iÇ,1,ï,¥ +ì¤,1 ½y²ªGùªGX4+ì 1u½+ì{y²ZªGYó{+ìóï,¥ïñ{<Y~Õ?ÇhY
Ç 1úé~Ç+ìï,ÒÌú¢~
8.9.
GÝ C8-14. GÝ GÝ =ã ã{GÝ
¤J 1êÐÏÄûÝQGÝvø
øÇKickstart {ìXã \ÇGÝã\ÇGÝÇóâ?êkickstart ©G
ÇÙ¥{%packages \I-<>kÝ7.5
8. Kickstart
8.10.
{ì
61
½ãlý
C8-15. ½ãlý
,1ø:óÛkickstart ©GÇã)äq{×*ókickstart ©G¥{
êdÇÉóY\Iúÿ®Ìúé~*.ÝiǽãlýÇó©ýK­QÇ
½~uqlý{ªÓÇ &~:ì 1Ç?óÇk{©ý'QǾÇ
,1Python lý½/usr/bin/python2.2 1Zó{kickstart ©G¥&~%pre
--interpreter /usr/bin/python2.2 #éa
Be
XÝi%pre ×ÇÌÄ
62
8. Kickstart
8.11.
{ì
ãlý
C8-16. ãlý
¤,1ø:óãeq{×*ókickstart ©G¥th{êdÇÉ
ÒÌúé~Çlý¥Ò,1Ý96¯dýÍ{×*.ÝiÇãlýÇó©ýK
­QÇ
Be
XÝi%post ×ÇÌÄ
Ç#cã{ø:Þ{>åÃmessage of the dayÄÇó%post \I1×Õ
echo "Hackers will be punished!" > /etc/motd
" ,1ó7.7.1 ¥ItÍõ)¾
8.11.1. Chroot
¢¸
*.tãlýóchroot ¢¸iäqÇâã=ºà 1k{
'Y
Z&~%post \I¥{--nochroot 1H*#3
8. Kickstart
{ì
63
*.óã\IÇóchroot ¢¸iécã{©Gø:)J#Ç
ó/mnt/sysimage ÁÞø9Ö
Ç* êóchroot ¢¸iäqÇÁ{¾ÒúÕ
echo "Hackers will be punished!" > /mnt/sysimage/etc/motd
8.11.2.
&~:ì
½~uqlý{ªÓÇ &~:ì 1Ç?óÇk{©ý'QǾÇ
,1Python lý½/usr/bin/python2.2 1Zó{kickstart ©G¥&~%pre
--interpreter /usr/bin/python2.2 #éa
8.12.
â?©G
qÄêkickstart 1{ ǵkickstart ©G{Ç ©G => ½
C8-17. ½
â?kickstart ©GÇâ½=¥{â?t©G<X½â?©GÇ ©
G => â?©GÝ[Ctrl]-[S]ÇéUÌñ â?©G{
â?©GÇ>kÝ7.10 uÜR[éÄkickstart ã{få
64
8. Kickstart
{ì
9.
äýø:Á
¯°tÌ4ǯñÌ#a{ûÍÇb4YJûÍeF®?Yç
ø:ý9Ãcê[ZsÍÇÜ*Z\~Ü*Ç,1óYJÜ*¥&~{#ZÅu
ø:
9.1.
D¯
,ÌA1ÇÆOZs«Á
Ü*Õ
• ÃtZsRed Hat LinuxÃäqÿ/3 Ý5Ä
• ±têmGÝG¯Ç?%.²Ç­{©G,ø:mc¥Rñ
• êÊ=
9.1.1.
ÃZsRed Hat Linux
9.1.2.
mGÝG¯
9.1.3.
Ê=
Yǯ/4óãêRed Hat Linux ãÇv*ø:Ä{ìJv*ø:"½
{®åÞã[ÙÇv*ø:ÇO!ðÝ9GRUB ÝLILO ZsãñÇ{ÌZ
s9ÃMBRÄ*ZsãñÇúY«0*êÇø:ÍÇÜ*?­c{Zsã
ñÇÇRÃZsRed Hat Linux
ÇD¯ñó&~IKÓäu­IKLBÝóã,88-¥OcIK,#
êIK{~*{/ IK{IKRh#êÇZsãñÇRÃItÇuñYÇI
KûYǯÇZsÍÇÜ*Ç¥&~GRUBÇ/boot/grub/grub.conf ©GÇ¥
&~LILO /etc/lilo.conf ©GóLILO {©G¤äq/sbin/lilo ×
Y¡Ýi{<Yv-٥ܫ,{<Y4mcPÄìHÝóZsãñÇ{{©G
¥½êÃH{÷÷ÝX*1Þ[«<YêÇRÃZsRed Hat Linuxl
Ç*Zsø:Á
Ü*ÇêûYǯÇÝèÍñ{!­{©
G
*êÊ=Íڲǭ÷Ç=ÇZsÍÇÜ*Ý\~Ü*Ç?&
~passwd ×u­÷Ê=
9.2.
ZsÍÇÜ*
ÍÇÜ*
Øêq\,ccÝÙÇZs0*X4,ø:mcPÄì¥ZsÇBnRed
Hat Linux ¢¸{Å
Ç{ÖÁÄ+ÇÍÇÜ*4~u²,ì«<Y¥Íñu{Ü*ótv*¥Ç{Red
Hat Linux ø:&~ ø:mcÞ{©Guÿ®#/Ö— äqÇÖÑ?©GÖÃ$¡
66
9.
äýø:Á
lÇóJ<YÇ,Ã&Red Hat Linux äqzqrt,16¯ø:mcÞ©G{Ç
Ý&~ÍÇÜ*Çý"Ã,mcÞäqRed Hat LinuxÇ,1?RÑ?óø:mcÞ
{©G
ZsÍÇÜ*Çê&~10uZsø:Õ
• /,,Êâbootdisk.img n4*{ãZscuZsø:
• /,,ãZsc ¥Zs
• /,,Red Hat Linux c#1 ¥Zs
&~1Þ0ZsÇóãZs
+Q1×Õ
1
2
linux rescue
Ìú
+ÃIÇäý{¯ÇÝi&~{ªÓǤ
+ HÍÇn4{
,ýcmcPÄìNFS n4FTPÝHTTP¥ Ä
¥Ý9ÇH{ãdÇYÇãdZ~uZs{c#1 ¥{Red Hat Linux Çý#
3*&~ÇZscÝcuéÄÍÇÜ*ÇYÇãdZOÄ~{ãd#
3[ómcPÄìNFS qÖìFTP qÖìÝHTTP qÖìÞ÷ãd{fåÇ
>kÝRed Hat Linux ã
* {ÍÇn4XdËzÇÌún®4dOÁdËz*.²©G÷Pt
Ñ®åÞÝ,á0d ÞãJPRM GÝÇdËzÌi~
¤Ìt1>åÕ
The rescue environment will now attempt to find your Red Hat
Linux installation and mount it under the directory
/mnt/sysimage. You can then make any changes required to your
system. If you want to proceed with this step choose
’Continue’. You can also choose to mount your file systems
read-only instead of read-write by choosing ’Read-only’.
If for some reason this process fails you can choose ’Skip’
and this step will be skipped and you will go directly to a
command shell.
* ÇÇÌAC²{©Gø:ñt/mnt/sysimage ø9*ÇñIK
½ÇÇÌ/* ÖÇÇÌACó/mnt/sysimage ø9ñ{©Gø
:Çb4ñÜ*Ö* !,Ç{©Gø:RXÌúñ*Ö{©
Gø:.» Ç !,
`{ø:êÍÇÜ*ÇóVCÃ;ÑÄ1 ZVC 2Ã&~[Ctrl]-[Alt]-[F1] \Eu
VC 1Ç[Ctrl]-[Alt]-[F2] uVC 2ÄÞÌñ
+Õ
-/bin/sh-2.05b#
* êuÄñ{IKÇ?%Ç¢úÄÕñêÇ ÒÌ\~Ü
*
ý"{©Gø:úñÇÍÇÜ*¥{åÊIKX,4Çø{ÊIKÇX4t~
Ü*Ãäqÿ/3 Ý5Ä¥{©Gø:ÊIK* ñ©Gø:Ç?%ÇúÄÕñ
êÇ,1/,q1×u²ÍÇÜ*{ÊIK#{©Gø:{ÊIKÕ
chroot /mnt/sysimage
OãZscÇ<8¸cÇ&~Red Hat Linux c1 Þ{images/bootdisk.img ©GÇ
?q×Õdd if=bootdisk.img of=/dev/fd0
2. OãZscÇ>kÝRed Hat Linux ã¥{Ò
1.
9.
äýø:Á
67
*äqrpm ¡{×Ç#ÊIKÒÌi~ÇOY¡×F{ÊIKúñ
/Rñchroot ¢¸ÇEexitÇÒÌ(Ãt
+
* !,Ç
,1ACóÍÇÜ*¥CÓñIKÇ04ÕOÇø9Ç,
/fooÇlE1×Õ
mount -t ext3 /dev/hda5 /foo
ó1Þ×¥Ç/foo 4O{ø9Ç/dev/hda5 4.ñ{IK*IK{¡n
4ext2Dzext3 ¦ext2
*XwIK{ÖÁÇ&~1×uïÞÇ¢Õ
fdisk -l
,
+Ç,1äqõ~{×ǾÕ
• list-harddrivesÇïÞø:¥{mcPÄì
• sshscp ZpingÇd4dúéÄ
• dump ZrestoreÇ~QQPÄì{~
• parted ZfdiskÇ~u®IK
• rpmÇ~ãÝÿG
• joeÇ~uö{©GÃ*ACéÄÙÇ~{öìÇemacspico ÝviÇjoe öì
ÌúéÄÄ
9.3.
Zs\~Ü*
\~Ü*{Öu4X&~ZscÝZscÖX,ÇÇ
ÎÉ
Ø격Gø:
ñÖÜ*Ý9XñYÜ« ó\~Ü*¥Ç{®åZsäqÿ/1{ý©Gø:úñÇb4{dXÌú
íÙÇ,~{ø:shellZÍÇÜ*X3Ç\~Ü*ÌÄACñ{©Gø
:Ö*{©Gø:ÃúÄÕñÇX&~\~Ü**{ø:Þ{äqÿ/1 {{
ú» ÇÒX&~\~Ü*
*{ø:ZsêÇb4óZseXã~9Ç,1Aø&~\~Ü*
*&~{4GRUBÇ&~1Z½uZs\~Ü*Õ
1. *{êGRUB =ÇEp ?Q=
2. Q.Zs{XÇý{Red Hat LinuxÇlEe uöÌt~Ä ò
){{©G¥{Ç1øï,
3. åDkernel {qÇlEe uö q
4. ÝtqÇlEsingleÃ[8Â]EÇlEsingleÄ[Enter] uRñöÜ
*
5. ÃtêGRUB ¶ôÇEb uZs\~Ü*
*&~{4LILOÇóLILO Zs
+Ã*&~{4CoLILOÇ[Ctrl]-[x] uR
ñCo¶ôòboot: +ÄEÕ
linux single
68
9.4.
9.
ZsúÜ*
äýø:Á
óúÜ*¥ÇÌúZs¦,è{ø:¢¸¥Ê©Gø:RÌúñÖÜ*Ç%
ÑXÌú÷úÜ*\~Ü*ÿóÕóúÜ*¥Çinit ©Gúñ
*init ú» Ý*äqÇ
,1ñ©GuÁ
ó­cã¥Ì¿{jâ
ZsúÜ*Ç&~ó9.3 ¥Ãc{Zs\~{0٥ǾiDzE
single ¦ÄEemergency
10.
GRAID {
D>ÝÖ39uêRAIDmGZGRAID -{K/1ùRAID 01Z5 -{K
/
GRAID êóRed Hat Linux {CoãÏ-Ýkickstart ãÏ-{ý9ÿX[&
~Disk Druid ÁuóãÏ-{GRAID
óORAID ÷÷ÇDORAID IKÇl$¬1Z½Õ
1. ócIK÷¶ôÞÇ ~Disk Druid CÓIK
2. óDisk Druid ¥Ç cOuOÇcIK
3. XQÇñÃóOêRAID ÷÷b,1)Ä
4. ,©Gø:¡nnh\¥ GRAIDÇC10-1Ä+
C10-1. OÇcRAID IK
éã{PÄìÇ óÙÞORAID {PÄì*õÇPÄìÇÄP
ÄìÑÌóY°ú ÇR> X.óÞÁORAID {PÄì
6. Q.{IKLB
7. û½LBu&Ô®òä÷½LBÇ ½8-LB(MB)ÇQ1MB
\ {LBuÉÔ®òLBÇ)ÇÝ &~\\,~8-u&Ç{LBjßt
wrÇmc{,~8-*XÇ,j0{IKÇÇ¢ÌI0cÞ{,~88
-
8. *.tYÇIKÄÌIKÇ ÌIK
9. *.tãÇóÂ*mcPÄì5c LÇ 5c L
10. âh½u(Ãt̶ô
­
YJZ½uO{RAID ÷Ä{IKÕ?ÇX4Ä{IKÑ4RAID IK
Ç,1²/home IK{GRAID ÷÷
`OêÄÄ{GRAIDIKÇ$¬1Z½Õ
1. óDisk Druid {ÌIK¶ôÞÃkDC10-3Ä RAID<
2. zøÇC10-2ÒÌñÇ,1óY°*RAID ÷÷
5.
70
10.
GRAID {
C10-2. *RAID ÷÷
Qñ
IK ©Gø:¡n
5. RAID ÷÷ ÷÷ÖÁÇÕmd0
6. {RAID ÿ/,Ø {ÕRAID 0 RAID 1ZRAID 5
3.
4.
Õ
*.²/boot ÄRAID IKÇ RAID ÿ/1Ç%Ç&~ÜÇPÄì
ÃDIDEÇÙ'SCSIÄ*X.²/boot ÄRAID IKÇb4²/ ÄRAID IKÇÇ
4RAID ÿ/1Ç%Ç4ÜÇPÄìÃDIDEÇÙ'SCSIÄ
¦¦O{RAID IKÌñóRAID ÄÊï,¥,YÇï,¥ ORAID
÷÷{IK
8. *{{4RAID 1 ZRAID 5Ç>½÷~IK{jÞ*ìÇGRAID IKH
êÇYÇ÷~{IKÌÄú~*¦IKéÇ.½{÷~IKÇ*
Çi{GRAID IKÃRAID ÷÷¥{IK1i{ÄóZ½¥ÇRAID ÷÷1ù
÷G IK
9. âêh½ÇRAID ÷÷ÌñóPÄì!ï,¥ÇC10-3Ä+YÇ
,1ãÇÜRZÒÇ>kÝRed Hat Linux ã
7.
10.
GRAID {
C10-3. RAID jï.O
71
72
10.
GRAID {
11.
LVM
{
,1óRed Hat Linux {Coã,Ç¥Ýkickstart ã,Ç¥ú{¤,1&~lvm
GÝ¥{ÓäuO{LVM {b4ý9Ìø¥Ò[óRed Hat Linux ã,Ç¥&
~Disk Druid uqÄY1Ö
D>ÝÖ49uêLVM14é{LVM ÄZ½{cÕ
• ,mcPÄì¥OÔ®òÃphysical volumesÄ
• ,Ô®ò¥OòÃvolume groupsÄ
• ,ò¥O\öòÃlogical volumesÄÇ?I`\öòñ
LVM
Õ
óGUI ãÜ*¥öLVM òó©ýãÜ*¥Ç,1É.?\öòI`ñ
óRed Hat Linux ã,Ç¥OQ\öò{\öòÇZ½Õ
1. ócIK÷¶ôÞÇ ~Disk Druid CÓIK.
2. cO.
3. RXêQñÃOêò",1QÄ
4. ,©Gø:¡nnh\¥ Ô®ò(LVM)ÇC11-1Ä+
C11-1. OÔ®ò
Ô®òÛ!ÇPÄìÞéã{PÄì1øÇ óÙÞOÔ®ò
{PÄì*õÇPÄìÇÄPÄìÑÌóY°ú ÇR> ÙÇ{P
ÄìÇâÇ.óÞÁOÔ®ò{PÄì
6. QÄ{Ô®ò{LB
7. û½LBu&Ô®òä÷½LBÇ ½8-LB(MB)ÇQ1MB \
{LBuÉÔ®òLBÇ)ÇÝ &~\\,~8-u&Ç{LBjßtw
5.
74
11. LVM
{
rÇmc{,~8-*XÇ,j0{Ô®òÇÇ¢ÌI0cÞ{,~88
-
8. *.tYÇIKÄÌIKÇ ÌIK
9. *.tãÇóÂ*mcPÄì5c LÇ 5c L
10. âh½u(Ãt̶ô
­
YJZ½uO{LVM ÷Ä{Ô®ò¾Ç*.tòJÖXÇPÄìÇ
óÇPÄìÞÑOÇÔ®ò
´·
IKXê ò¥ÇOZsãñÇÃ,¥ÖRÇ*.tÊIK \öò¥Ç
OI{Xaò{/boot IK
/boot
OêÄ{Ô®òÇ>$¬1Z½Õ
1. âLVM<u²Ô®òÎøtò¥äýÞÇò4Ô®ò{ø\,1õ
Ç\öòÇb4ÇÔ®ò Çò¥
Õ
ó\öò¥âêJc8-*®D~Ô®ò{Z,Zò{LBX#ÖX,ÇÄ
+{\öò{LB4th{
C11-2. OLVM ÷÷
*Ç,1#òÖÁ
ò{Ä\öòÔ®)Ãphysical extentÄ\ úI{Lå÷ÇÔ®)
ú÷4 MBÖO$Ç\öò{LBêú4 MB rø*Q{LBX44 MB
{rõjÇãÇRÌÄ !z£4 MB rõj{jOFX#YÇ÷
4. ~óò¥{Ô®ò
5. OQ/home ¡ñ{\öò#Ç/boot Xê4\öò\öòÇ
â\öò\I¥{<ÇC11-3Ä+{=ÒÌñ
2.
3.
11. LVM
{
C11-3. O\öò
Ç.O{\öò­
1ÞZ½
" ,.ó\öò¥âJ88-ÇO$1,1j0\öò
C11-4. \öòúO
75
76
11. LVM
{
III.
¦d#{{
:ê[{dÇY9ÿX¦É#{1ǾÕ[ãÏÇ~9Ö[ód
Þá0©GZø9Ö[÷yqÖì
ø9
d{
äý3Û{
;éqÖ{6¯
d©Gø:Ã Ä
ÄÕÌå{NFÃ
Ä
qÖì{
\qÖì{
{
èy{
GQS®Ã Ä{
12.
........................................................................................................................................ 79
13.
............................................................................................................................ 95
14.
....................................................................................................................... 101
15. OpenSSH.................................................................................................................................... 107
16.
NFS ............................................................................................................... 113
17. Samba......................................................................................................................................... 119
18.
DHCP .................................................................................................... 127
19. Apache HTTP
........................................................................................................ 133
20. Apache HTTP
................................................................................................. 147
21. BIND
.................................................................................................................................. 157
22.
...................................................................................................................................... 163
23.
MTA
...................................................................................................... 169
12.
d{
®ådËzbZÙÇ®å/µY4/,v*ø:#/z=ÃÕ1Ô
ISDN ®®ìY)¢ÄÇ?{z=uËztdÞu"{
d®Óä,1~u{1¡n{dz=Õ
• 1Ô
•
ISDN
•
®®ì
•
xDSL
•
Y)¢
•
CIPE
Ã"÷÷
&~d®ÓäÇä÷ÊYéÄYÇÇÇâÁÆÞ{Ìh\ => ø
:÷ => dÇÝóshell +ÃXTerm ÝGNOME ªàÄEredhat-confignetwork ×*EêYÇ×Ç¥X óäqÇCoÇýÌú+ÇdÇä©ý
{ÇýÌú+äqä©ý{ÇýÇ&~redhat-config-network-tui ×
•
C12-1. d®Óä
*Íõ¡z{©GÇ>kÝRed Hat Linux kuÜRYJ{©G{
Z{få
" 6¯Red Hat mG/uï,Ãhttp://hardware.redhat.com/hcl/Äug½Red Hat Linux 4d|Ñ{m
G÷÷
80
12.
12.1.
12.2.
OÁ1ÔËz
d{
&~d®Óäu{dËzÇq1Z½Õ
1. ²Ô®mG÷÷tmGï,¥
2. ZÔ®mG÷÷#{d÷÷
3. {ÌåÖZDNS ÷
4. {Ã/,DNS ¯{Ìå
ý9RÌbé¡dËzuÿX1Þ{ÇZ½
OÁ1ÔËzÇ<ÃNICÄÇdÃ/4CAT5 ÄÇ1ùËz
{dX3{d{&~X3{¤ÝÇ>h½{NIC ¦.Ëz{d/
1ÔËzÇq1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ 1ÔËzÇlâ
4. *.²²têmGï,¥Ç,1Ôï,¥ ÇdÇ Ù
Ç1ÔumG÷÷
Õ
ãÇ/Ì5|Ñ{1Ô÷÷Ç?
+{Ç¢*óã¥.{ê1Ô÷÷Ç
Ç¢ÌñómG)ü{mGï,
* êÙÇ1ÔÇ 1Ô7{ì=ÒÌñ 1Ô{
ÛZnR ÷÷{ÖÁ*Ç4ø:{Ç1ÔDzeth0 *÷÷ÖÖ
*Ç4Ç1ÔDzeth1 *÷÷ÖÖ$¡Md®Óä¤ãNIC {
ýÍâu
6. ó{d÷ÞÃC12-2Ä+ÄÇ,1 DHCP Ý·ÕIP *÷÷
ó'déÄÑú½X3{IP ÇÒXÙ½ÌåÖâu
7. âO1Ô÷÷Þ{a~<
5.
12.
d{
81
C12-2. 1Ô÷
{ê1Ô÷÷ÇÇÒÌñóC12-3Ä+{÷÷ï,¥
C12-3. 1Ô÷÷
>h½ ©G => â?uâ?#
ê1Ô÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{Çh
ì÷÷úÇÇúå{ÄZséÄ#YÇ÷Ç ö÷÷Çh®å
éÄíÙ÷÷{Çlâ?#
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
*ìÇ1ÔÄÉ{÷÷XÇÇ1{÷÷Ò4÷÷/ÖÃdevice aliasesÄ÷÷/Öã
ÉÇÔ®÷÷÷õÇ÷÷ÇO$ÇÔ®÷÷,1õÇIP ¾Ç,1{
eth1 ÷÷Zeth1:1 ÷÷-<>kÝ12.13
12.3.
OÁISDN Ëz
Ëz4&~ISDN ®®ì/,Úã{O"OÁ{ÉËzISDN
ËzóN³iq
ISDN
82
12.
d{
ISDN ËzÇ$¬1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ ISDN ËzÇlâ
4. ,nh\¥ ISDN 7{ìl7{ì{ýÍZD ªwNFâu
C12-4. ISDN ÷
*{ISP ó½{{ï,¥Ç ÇdÇQ{ISP AR{få*X
êYJfåÇ>Éø{ISPâ
6. óIP ÷=ÞÇ &~{UãÜ*Ç1ù4/,DHCP uÜRIP ¤4
·Õ÷Çeâ
7. óOÁCRËzÞÇâa~
{êISDN ÷÷ÇÇÌó÷÷ï,¥1ISDN ÷÷ñÇC12-5Ä+
>h½ ©G => â?uâ?#
êISDN ÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{Çh
ì÷÷úÇÇúå{ÄZséÄ,1öÇ{{uY1÷¸ÀPPP 1~9Ö=Ñ,1ú#
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
5.
12.
d{
83
C12-5. ISDN ÷÷
12.4.
OÁ®®ìËz
®®ì,1~u{/,Ù×"q{ÉËzÇÉqÖ
ØV
ÃISPÄARÃÁCRARÄ
®®ìËzÇ$¬1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ ®®ìËzÇlâ
4. *ómGï,¥.Ç{ê{®®ìÃómG)üÞÄÇd®Óä"
½~ÇuOÁ®®ìËz*.{ê{®®ìÇÇÌAC5ø:¥
{®®ìæ,Ìã-*ItêÇ®®ìÇ>åÌ+Ç´
·Ä+{÷X4æ¥It{
5. æÇC12-6Ä+{=ÒÌ+
C12-6. ®®ì÷
6.
{®®ìEG;1ù®®ìQÞ*XwYJÇb4®
®ìúÄÕætÇzIå*E*Ë"0*ÇR> #a{
'â
84
12.
d{
*{ISP ó½{{ï,¥Ç ÇdÇQ{ISP AR{få*X
êYJfåÇ>Éø{ISPâ
8. óIP ÷=ÞÇ &~{UãÜ*Ç1ù4/,DHCP uÜRIP ¤4
·Õ÷Çeâ
9. óOÁCRËzÞÇâa~
{ê®®ì÷÷ÇÇÌó÷÷ï,¥1®®ì ÷÷ñÇC12-7Ä+
7.
C12-7. ®®ì÷÷
>h½ ©G => â?uâ?#
ê®®ì÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{
Çhì÷÷úÇÇúå{ÄZséÄ,1öÇ{{uY1÷¸
ÀPPP 1~9Ö=Ñ,1ú#
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
12.5.
OÁxDSL Ëz
S,jh~"4ÃDigital Subscriber LinesÄÇ{¡nADSLIDSLZSDSLd
®Óä&~xDSL YÇbªuSÄ¡n{DSL Ëz
ìJDSL ØVF&~1Ôu{ø:/,DHCP ÜRIP ìJDSL ØVF
&~1Ôu{PPPoEÃ1ÔÞ{éNFÄ>5{DSL ØVü®a&~{0
*úF&~DHCPÇ>kÝ12.2 u{{1Ô
*úF&~PPPoEÇ$¬1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ xDSL ËzÇlâ
4. *{1ÔómGï,¥Ç,Y{nh\¥ 1Ô÷÷ÇC12-8Ä
+dÇ 1Ô7{ì=Ìñ
DSL
12.
d{
85
Õ
ãÇ/Ì5|Ñ{1Ô÷÷Ç?
+{Ç¢*óã¥.{ê1Ô÷÷Ç
Ç¢ÌñómG)ü{mGï,
C12-8. xDSL ÷
* 1Ô7{ì=ñÇ 1Ô{ÛZnR ÷÷{Ö
Á*Ç4ø:{Ç1ÔDzeth0 *÷÷ÖÖ*Ç4Ç1ÔÇ
²eth1 *÷÷ÖÖ$¡Md®Óä¤ãNIC {ýÍâu
6. Q
ØÛÖÁ~9ÖZ=*ÇT-Online BRǦÙóå
=¥Q~9ÖZ=Ç,1âT-Online BR÷<Ç?QÄf
åâu
7. óOÁDSL ËzÞÇâa~
{êDSL ËzÇÇÌñóC12-7Ä+{ï,¥
5.
C12-9. xDSL ÷÷
86
12.
d{
>h½ ©G => â?uâ?#
ê1Ô÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{Çh
ì÷÷úÇÇúå{ÄZséÄ#YÇ÷ÇöÇ{{
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
12.6.
OÁY)¢Ëz
óY)¢d¥ÇÄ{®åÑ1Ë¢0*ËzY)ÃtokenÄÇÝOdÝÇóY)¢°
ÄÇ,ã®å
$få
" óLinux & ~ Y ) ¢ { - û f å Ç > k ÝLinux
Õhttp://www.linuxtr.net/
Token Ring Project
Ç5 Y)¢ËzÇ$¬1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ Y)¢ËzÇlâ
4. *.²ómGï,¥êÇY)¢Ç,1Ôï,¥ ÇdÇ ÙÇY)¢umG÷÷
5. * êÙÇY)¢ÇC12-10 Ä+{ Y)¢7{ì=Ìñ 7{ì{ÛZnR ÷÷ÖÁ*Ç4ø:{<Y)¢Ç tr0Ö*
Ç4<Y)¢Ç tr1Ç$¡Md®Óä¤ã~7{ì{ýÍ
âu
C12-10. Y)¢÷
12.
d{
87
ó{d÷ÞÇ DHCP Ý·ÕIP ,1÷÷½ÇÌåÖ*
÷÷ó'éÄdÑzBtÇÄÕIP ÇX½ÌåÖâu
7. óOY)¢÷÷ÞÇâa~
{êY)¢÷÷ÇÇÌñóC12-11Ä+{÷÷ï,¥
6.
C12-11. Y)¢÷÷
>h½ ©G => â?uâ?#
ê÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{Ç,1{
4dóZséÄÇ
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
12.7.
OÁCIPE Ëz
S,·IP UãÃCrypto IP EncapsulationÄÇ~u{IP ¸w÷÷ÇCIPE ,1~
u,iÛ~dÃVPNÄ*÷CIPE ÷÷Ç>5{ø:®Ê®¯th
{÷
CIPE
88
12.
d{
C12-12. CIPE ÷
" CIPE Z÷CIPE {ÍõfåÇ>kÝRed Hat Linux \
12.8.
OÁÃ"Ëz
Ã"1Ô÷÷óÖuÖq{Z1Ô{#ÇX,Çã{SSID ÷Ç
1ù{Ã"÷÷{ØÒ
Ã"1ÔËzÇ$¬1Z½Õ
1. â÷÷)ü
2. âÓäyÞ{cO<
3. ,÷÷¡nï,¥ Ã"ËzÇlâ
4. *.²²Ã"têmGï,Ç,1Ôï,¥ ÇdÇ Ù
ÇÃ"umG÷÷
Õ
ãÇ/Ì5|Ñ{Ã"1Ô÷÷Ç?
+{Ç¢*óã¥.{ê1Ô÷
÷ÇÇ¢ÌñómG)ü{mGï,
* êÙÇÃ"Ç 1Ô7{ì=Ìñ 1Ô{
ÛZnR*Ç4ø:{Ç1ÔDzeth0 *÷÷ÖÖ*Ç4Ç1Ô
Dzeth1 *÷÷ÖÖ$¡Md®Óä¤ãÃ"{ýÍâ
u
6. óC12-13Ä+{{Ã"ËzÞÇÃ"÷÷{÷
5.
12.
d{
89
C12-13. Ã"÷
ó{d÷ÞÇ DHCP Ý·ÕIP ,1÷÷½ÇÌåÖ*
÷÷ó'éÄdÑzBtÇÄÕIP ÇX½ÌåÖâu
8. óOÃ"ËzÞÇâa~
{êÃ"÷÷ÇÇÒÌñóC12-14Ä+{÷÷ï,Þ
7.
C12-14. Ã"÷÷
>h½ ©G => â?uâ?#
êÃ"÷÷Ç,1,÷÷ï,¥ ÇÇlâöuöÇ{{Ç,
1{4dóZséÄÇ
h÷÷úÇÇXÌúÁýíÙÇÌtXÙ×çÕíÙì÷÷Ç,÷÷ï,¥ ÇÇlâíÙ<*ø:{êó®åéÄ4íÙ÷÷ÃåÄÇX­c
qYZ½
90
12.
12.9.
d{
®DNS ÷
)üã{ø:{ÌåÖ­ÖÁqÖìZ­ÖÁqÖì~u¯dÞ{Ù
ÇÌå
*DNS qÖì,DHCP ÝPPPoE ¥5ÂtÃÝ,ISP ¥5ÂÄÇXÌ'Ý
®DNS qÖì
*ÌåÖúÄÕ,DHCP ÝPPPoE ¥5ÂÃÝ,ISP ¥5ÂÄÇ>X#Ç
DNS
C12-15. DNS {
Õ
ÖÁqÖì\IX4~u²ø:{ÄÖÁqÖì{Ç4~u{ø:ÛIP ZÌåÖÄ~{ÖÁ
qÖì
12.10.
®Ìå
Ìå)üã,/etc/hosts ©G¥öÝÍøÌå©GÝ9IP ZÇ¢
#éa{ÌåÖ
h{ø:AC²ÌåÖÛIP Ýg½IP {ÌåÖÇÇó&~ÖÁqÖì
DkL/etc/hosts ©GÃ¥&~{4å{Red Hat Linux {Ä*IP úï
ó/etc/hosts ©G¥ÇÖÁqÖìÒXÌú&~*{dÝiïóDNS {IP
ÇM?²Ç¢t/etc/hosts ©G¥
ó/etc/hosts ©G¥1øÇâÌå)ü{cO<Ç
ØF{fåÇl
âh½ ©G => â?Ý[Ctrl]-[S] u²#â?t/etc/hosts ©G¥
X­céÄdÝdqÖÇO©GóÇúÛÑÌúkL
´·
XÍølocalhost 1øý"ø:dËzÝÑäq{dËzÇìJÇ
/,localhost
¢ÃÁuËzø:
12.
d{
91
C12-16. Ìå{
" #¯~Çö/etc/host.conf ©Gorder hosts, bind Yq½/etc/hosts Ö
ÁqÖì²Yqorder bind, hosts Ì{{ø:D&~ÖÁqÖìuÛÌåÖZIP
*IP Ã/,ÖÁqÖìúÛÇ{ø:Ìó/etc/hosts ©G¥¯IP
12.11.
íÙ÷÷
d÷÷,1ú{óZsÙ×ÝXÙ׾Ǯ®ìËz{d÷÷/XóZs
úéÄÖ1ÔËz/óZsúéÄ*{d÷÷ú{ÄXóZséÄÇ,1
&~Red Hat ;dÇuóZsíÙÇéÄÇÇâÁÆÞ{Ìh\ => ø:Ó
ä => d÷÷;ÇÝE×redhat-control-network.
C12-17. íÙ÷÷
íÙì÷÷Ç,ï,¥ ÇÇâíÙ<*÷÷Ç,ï,¥ ÇÇâ
ø
92
12.
d{
*{êXÇd{©GÇÇ¢óÁ¥úïñÇ?,1úíÙ-<>kÝ12.12
12.12.
&~{©G
ÇÔ®mG÷÷,1OõÇ\öd÷÷¾Ç*{ø:ÞÇ1ÔÃeth0ÄÇ
,1&~X3{RZX3{{ 1u{\öd÷÷YJ÷÷ÑZeth0 #É
\öd÷÷¦÷÷/ÖX3Z3Ô®÷÷#É{\öd÷÷?óX3{{©G
¥Ç?%Xú3íÙ÷÷/Ö¦3Ô®mG÷÷#ÉÇb4Z3Ô®mG#É{
÷÷/Öê3úíÙO÷÷/Ö{-<Ç>kÝ12.13
{©GÃProfilesÄ,1ú~uX3{dOõÇ{ø\{ø\¥øêÌåZDNS ÷
i¤,1Ý9\ö÷÷{ê{©GÇ,1&~d®Óä uóÇ¢-#¦&
~
Lå÷ÇÙ¥Ç{©GÚ~Oc{©GÇ {©G => c
OÇl{©GQÇÕ{ÖÁ
ótóÌ=\{çÕyÄ+{c{©G
â.²óï,¥{ìÇ?÷÷Çlâ
<u²ìÇ?÷÷
t\öd
÷÷*&~cO<ÇO{Ì4d/ÖÇY4Xth{#\ö÷÷{a
uÇ,ï,¥ ÇÇlâö¾ÇR,1úÄÇÍäÃcu{ÖÁÇ
eth0_officeÇO$Ç,1úÍ4ú#/
ó÷÷ï,¥Çïú){©G{
'éÇ{©GÇÑ,1 ÝR> ÷÷ úÝióh ¥{©G¥{÷÷¾Ç*óÇw)Office {{©G
¥OêÇw)eth0_office {\ö÷÷Ç?.ó{©Gú íÙYÇ\ö÷÷ÇR
> eth0 ÷÷Ç eth0_office ÷÷
¾ÇC12-18+êÇQ\ö÷÷eth0_office {w)Office {{©GÇ{&~DHCP
uíÙÇ1Ô
C12-18. Office {©G
Õ?ÇC12-19Ä+{Home {©GíÙeth0_home \ö÷÷Ç÷÷¦eth0 #É
12.
d{
93
C12-19. Home {©G
¤,1{eth0 uíÙOffice {©GÇóHome {©G¥íÙpppî®ìÄ÷
÷Ǿ4tÚ~{©GíÙeth0Ç&~Away {©Gó@q~uíÙppp ÷
÷
ZsXíÙ{©GóÚ~{©GÃå{{©GÄ¥ú÷óZsíÙ
{÷÷bóZsúíÙø:ZsÇâÁÆÞ{Ìh\ (on the Panel) => ø:Ó
ä => d÷÷;ÃÝEredhat-control-network ×Äu Ç{©G?í
ÙÇíÙ{©G\Ióøêå{Ú~{©GiǤÙÇ{©G{<Yb
Ìñód÷÷;Á¥
ÝVÇ&~1×ué~{©Gò<profilename> ¦{©G{ÖÁÄÕ
redhat-config-network-cmd --profile <profilename> --activate
12.13.
÷÷/Ö
÷÷/ÖÃDevice aliasesÄ4Z3Ô®mG#É{÷÷Çb4Ç¢,13úíÙÇ?
pX3{IP Ç¢/&~÷÷ÖRZjuS,þÕeth0:1ÄÇ¢ó.Éø
:õÇIP eÇi~ÿ
{ê1Ô÷÷Çeth0 Ç&~·ÕIP ÃDHCP X&~/ÖÄÇÝt÷÷)
üÇ?âcO {ê/Ö{1ÔÇ÷/Ö{·ÕIP Çlâa~
uOÇO1Ô{÷÷.²?óǦ¦O{X,4Ç/ÖÇeth0:1
´·
*É1Ô÷÷{/ÖÇ YÇ÷÷Z/ÖÑX{&~DHCPCÓ{IP
C12-20+êeth0 ÷÷{Ç/ÖÕ?eth0:1 ÷÷— eth0 {Ç/Öeth0 {Ç
/Ö{÷÷ÖÌ4eth0:2Ç$¡M÷÷/Ö{÷Ç4dóZsíÙÇÝ/Ö
RhÇ,ï,¥ ÇÇlâö<
94
12.
d{
C12-20. d÷÷/Ö+¾
ìÇ/ÖÇâíÙ<uíÙYÇ/Ö*{êõÇ{©GÇ ÝiÇ{
{©G
Dè/Ö4dúíÙÇ&~/sbin/ifconfig ×ÙQa+÷÷Z÷÷/ÖpX
3{IP Õ
eth0
Link encap:Ethernet HWaddr 00:A0:CC:60:B7:G4
inet addr:192.168.100.5 Bcast:192.168.100.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:161930 errors:1 dropped:0 overruns:0 frame:0
TX packets:244570 errors:0 dropped:0 overruns:0 carrier:0
collisions:475 txqueuelen:100
RX bytes:55075551 (52.5 Mb) TX bytes:178108895 (169.8 Mb)
Interrupt:10 Base address:0x9000
eth0:1 Link encap:Ethernet HWaddr 00:A0:CC:60:B7:G4
inet addr:192.168.100.42 Bcast:192.168.100.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:10 Base address:0x9000
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5998 errors:0 dropped:0 overruns:0 frame:0
TX packets:5998 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1627579 (1.5 Mb) TX bytes:1627579 (1.5 Mb)
13.
äý3Û{
3OÓÔ¥{3ÛÌAC3Û3xÒÇ®å¥{3ÛÌAC3®å>ÓxÒt{
ø:¥Ç¤3²GY{~{ø:3Û?ó{®åZd-ÇÇ,1
g½{®åÞýJqÖ,1údÞ{ÏÇ~6¯Çth{{3ÛêôL
{ø:\u·¢
FÄ1ËztÉÞ{Red Hat Linux ø:{Ç3Û
13.1.
\ÿ/{Óä
ã¥{3Û{¶ôÉ
ØêÇ,Ø { 1Õ°ÿ¥ÿÃ3
ÛÖ¤,1 ã{½÷÷qÖZà=
ãÇ,1&~\ÿ/{Óäu#ø:{\ÿ/*Íõ¡&~ä5s{Ç
Ç>kÝ13.2
éÄYÇÇÇ ÁÆÞ{Ìh\ => ø:÷ => \ÿ/ÇÝ
óshellÃXTerm ÝGNOME ªàÄEredhat-config-securitylevel ×
Red Hat Linux
C13-1. \ÿ/{Óä
,nh\¥ .{\ÿ/
°ÿ
‘
* °ÿÇ{ø:RXÌzIú/?½B{ËzÃå÷1i{Ë
zÄLå÷Ç1ËzÌúãÕ
• DNS Ãa
• DHCP — O$Ç[&~DHCP {dÁÑ,1úth{{
* °ÿÇ{3ÛRXÌã1ËzÕ
96
13.
•
•
•
äý3Û{
Ù×çÕFTPÃóõj0å¥å&~{úÄçÕFTPÇaêtäqÄ
IRC DCC ©GQ
RealAudio™
ÏÇX =ø:0
*²ø:ËztÉÞÇb4XK®²Çh*qÖìuäqÇY4!\{ *i{qÖÇ,1 ½uã½{qÖ,3Û
•
Õ
* ê¥ÿÝ°ÿ3ÛÇdèy0ÃNIS ZLDAPÄRÃH
¥ÿ
‘
* ¥ÿÇ{3ÛRXÌãÏÇåì6¯{ø:Þ{ìJýÍLå
÷Çé1ýÍ{6¯4åXã{Õ
• 1023 { à =— Y J 4 ) ï â { à = Ç Ì ú J ø : q Ö Ä & ~ Ç
ÕFTPSSHtelnetÇHTTP ZNIS
• NFS qÖìà=(2049) — NFS éÏÇqÖìZý0Ñ.¢~
• ÏÇX 0å÷Á{ýX =ø:+
• X qÖìà=ÃLå÷Çxfs X)&dÖÇóqÖì¥ú¢~Ä
*3.ïtRealAudio™ ¡ýÍ{6¯Çb
׬tÊ/ø:qÖ{6¯Ç ¥ÿ3,1 ½uãä½{qÖ,3Û
Õ
* ê¥ÿÝ°ÿ3ÛÇdèy0ÃNIS ZLDAPÄRÃH
Ã3Û
‘
Ã3ÛÉ£q\6¯Y?X)[\5ø:54éìJqÖ{¢~OF
óÇ,f{dÃ:ÉÄ¥äqÇÝV.ãòq-û{3Û{b $1
½uf{÷÷Ýã{qÖ
f{÷÷
‘
[Çf{÷÷ÌãÄu÷÷{t{ø:{b/ÇXó3Û
{!Ç*óäqÇýdÇb4/,PPP CRËztêÉÞÇ
,1 eth0ÇÄu{ýd{b/ÒÌúã²eth0 f{
÷÷?ÍÄ/,1Ô{b/ÑÌúãÇb4/,ppp0 z={b/
I3Û{!
*.óìÇz=Þ{b/ÇÒX Ç
OFX²ËztÚádÇÉÇÞ{÷÷ f{÷÷
ã
‘
é~YJ 1Rãä½{qÖ,3ÛÕ?ÇóÓ*5¡nã¥ÇLõjY¡
qÖóø:X?ó
13.
äý3Û{
97
DHCP
‘
*ã{DHCP ®ZÃaÇÌã[&~DHCP ug½ÙIP {d
z=DHCP /4é~{*DHCP úé~Ç{®åÒXòêÜRIP
SSH
‘
Secure Ã\ÄSHell (SSH) 4~uóÏÇåìÞ~9ùq×{NF G*
&~SSH Óä/,3Ûu{åìÇé~ 1ãopensshserver GÝb&~SSH ÓäuÏÇ{åì
Telnet
‘
Telnet 4«ÏÇ~9åì{NFTelnet {/f4X·{Ç
Ø[3d
%æ¡{\DOFXã{Telnet 6¯*.ã{Telnet 6
¯Çãtelnet-server GÝ
WWW (HTTP)
‘
HTTP NFúApacheÃ1ùÙÇyqÖìÄ~u
Ø*K®&{y
qÖìÚ,~Ç>é~ 1Xé~ 1uýÝ
*.
ØÇãapache GÝ
é~WWW (HTTP)XÌHTTPS KÇà=é~HTTPSÇóÙÇà=
㥽Ç
G(SMTP)
‘
*.ã{
G,{3ÛÇO${ÏÇÌåêzËzt{åì
u±
GÇé~ 1*.,&~POP3 ÝIMAP {ISP qÖìuBR
GÇÝ&~fetchmail ¡{ÓäÇXé~YÇ 1Õ?ÇXth{{SMTP
qÖìÌãÏÇåì&~{qÖìumã
G
FTP
‘
FTP NFú~uódÞ{åì-Q©G*K®&{FTP qÖìÚ,~Ç
é~ 1ãvsftpd GÝb4 1ê*~
âh½uíÙ3Ûâêh½Ç ½{ 1ÒÌúݦÄiptables ×?U
/etc/sysconfig/iptables ©Giptables qÖúéÄÇO$Çâ?ê ½ 1Ç3
ÛÒÌúÁýíÙ
´·
*ó/etc/sysconfig/iptables ©G¥{êÇ3ÛÝ3ÛÇó êÃ3Û
?âêh½uâ?#ÇYÇ©GÒÌúÍø
½{ 1¤úU/etc/sysconfig/redhat-config-securitylevel ©GÇO$YJ÷
óÇ'éÄúÁ
>XCÓö©G
íÙiptables qÖÇ?óZsÄéÄÇ>kÝ13.3 uÜR-<
98
13.
äý3Û{
13.2. GNOME Lokkit
ã/,OÁäý{ipchains ÉuÊ/~{3Û÷
XUYJÇÇÌ5
ñøï[&~ø:{¯Çl²Ç¢U
/etc/sysconfig/ipchains ©G
Xa&~GNOME Lokkit uÄ
ì{3ÛÇ{ø{4ÐÏÊ/~ó&~
®®ìÝDSL ËztÉÞq·â{{3ÛÇ>k
ÝRed Hat Linux k V¥{&~iptables uOÁ3ÛY9
¢~½{qÖÝáý½{ÌåZ~Ç>kÝ149
éÄCo{f GNOME LokkitÇ Ìh\ => ø:Óä => Íõø:Óä =>
LokkitÇÝóshell +1Ê~üPEgnome-lokkit ×*ãX =ø:Ç
ÝV ä©ý{ÇÇóshell +Elokkit ×uéÄYÇÇ{©ýÜ*
GNOME Lokkit
13.2.1.
äý
C13-2. äý
óéÄÇÇ{ø: #a{\ÿ/Õ
• High Security — Y 1Ì¢~ÄíÙdÄ{DNS ÃaZDHCP i{d
ËzIRCICQÙÇý>åqÖ1ùRealAudio™ óS®{<YÑÃä
q
• Low Security — 1RXÌãtø:{ÏÇËzÇÝiNFS ËzZÏÇX =ø:Ì
óà=1023 äq{qÖRXÌzIËzÇÝiFTPSSHTelnet1ùHTTP
• Disable Firewall — 1XÌO[\OFóf{dÃ:ÉÄ
¥äqÇÝóLn3ÛäqÇÝqU½{3Ûb 1*
½êYÇ 1?âêZÇ>!t13.3 Y{ø:{\ÿ/RXÌú
#
13.2.2.
ýÌå
*ø:Þ1Ô÷÷ÇLocal HostsÌã{3Û4da~tÉ
Ç÷÷{Ëz>F*÷÷²ø:Ëzt3Û{Û­Ç?XzËztÉÇ Yes*1Ô²ø:ËztÝDSL ®®ìÇ·¢
F No
13.
äý3Û{
99
C13-3. Local HostsÃýÌåÄ
13.2.3. DHCP
*&~DHCP uíÙø:Þ{[1Ôz=ÇéDHCP ¯ÃIYes*
ÃIêNoÇRÃ&~1Ôz=uOÁËzõZDSL É
ØVF&
~DHCP uOÁÉËz
C13-4. DHCP
13.2.4.
{qÖ
¤ãéÄÝ*Ê/qÖ*ó{qÖÃIê4ÇÒÌzt
ïqÖ{
+Õ
• Web Server — *K®t~Ëztó{ø:Þäq{yqÖìÃApacheÄÇ
> 1Ö*K®{ø:ÝdÞÙÇqÖìÞ{ÇX 1
GNOME Lokkit
100
13.
äý3Û{
Incoming Mail — *{ø:zI{
GÇ 1*K®&
~IMAPPOP3Ýfetchmail u5Â
GÇX 1
• Secure Shell — \ShellÇÝSSHÇ4Ç~uóÏÇåìÞ/,·Ëzu~9Zq
×{Óä G*/,ssh uÏÇ6¯{åìÇ 1
• Telnet — Telnet ãÏÇ~9t{åìÞÇX,ÇÇ?X\Çód¥{4
©ýÃÝi=ÄM?&~SSH ó{åìÞÏÇ~9*&~telnet u6¯
{ø:Ç 1
¢~X{ÙÇqÖÇ&~qÖ{ÓäÃkÝ14.3 ÄÝntsysv ÃkÝ14.4 ÄÇ
ÝchkconfigÃkÝ14.5 Ä
•
13.2.5.
íÙ3Û
âe̲3ÛU/etc/sysconfig/iptables ©GÇ?/,éÄiptables q
ÖuéÄ3Û
´·
*{ê3ÛÇÝ ó/etc/sysconfig/iptables ©G¥{ê3ÛÇ ¥ êDisable Firewall?âeuâ?Ä)#ÇYJ3ÛÒÌúÍø
·¢ñOF,åìX4ÏÇX Ì¥äqGNOME Lokkit*¢~êt{åì{Ï
Ç6¯ÇRÃòø:u¢~3Û
*X.U3ÛÇâR>
GÝ
GÝÃmail relayÄ4ãÙÇø:/,Çu
G{ø:*{ø:4Ç
G
Ý5ÇìJ|",~Çu/,{åì±mã
G
* ½é~
GqÖÇóActivate FirewallÞâeÇÌú
+4d5
GÝ*ÃIêYesu5
GÝÇGNOME Lokkit ÒÌACËzMail Abuse
Prevention System 5Ãhttp://www.mail-abuse.org/ÄÇ?äq
GÝAÇA*Ìó
e+*{ø:5
GÝ8ÇñM?{Sendmail u½Ç{
13.2.5.1.
13.3.
íÙiptables qÖ
3Ûóiptables qÖäq{búíÙCÓéÄqÖÇ&~1×Õ
/sbin/service iptables restart
hâÇóø:ZséÄÇ&~1×Õ
/sbin/chkconfig --level 345 iptables on
ipchains
qÖXZiptables qÖ3äqh½ipchains qÖú¢~Çq1×Õ
/sbin/chkconfig --level 345 ipchains off
¤,1&~qÖ{ÓäuíÙiptables Zipchains qÖÇ-<>kÝ14.3
14.
;éqÖ{6¯
Red Hat Linux ø:{\uôà­®ø:\{04®éø:qÖ{&
~{ø:,
ØéìJqÖ{Ú¼~ÃhttpdÇ*óäqyqÖì{
ÄlÇ*X
Øì1qÖÇa²Ç— YÌ\é,Ìñ{<åR
<Y{ÍG
®éø:qÖ6¯{0P«ÊâqÖø:{1ùéLinux {=ºÇÝu
û½a&~ý«0
áýéìqÖ{&~{!;"04RÙXX4xinetd÷¢Ìóý9Á-ûÿ
XÄ®{qÖǤ4ó/etc/rc.d '¥{qÖÇÑ,1&~1®«X3{a~Çu{
ÙéÄÝ*Õ
• qÖ{Óä — ÇCoa~ÇÇÇ+ê1qÖ{ÃcÇ1ù1qÖ4dóZs
éÄÃäqÿ/345ÄÇ?ãéÄ*Ý­céÄ1qÖ
• ntsysv — ä©ý{ÇÇãÇäqÿ/{ZséÄ{qÖéXa
xinetd {qÖÓÇ#XÌÁýHX&~YÇÇuéÄ*Ý­céÄX
axinetd {qÖqÖ
• chkconfig — ÇãóX3äqÿ/éÄZqÖ{×qÓäéXaxinetd
{qÖÓÇ#XÌÁýHX&~YÇÓäÇuéÄ*Ý­céÄXa
xinetd {qÖqÖ
,Ì1ÞÓä&~ÁYJ0Í;\— CÓö /etc/rc.d ø9{LÞnR
ÓzÇÝVö/etc/xinetd.d ¥{xinetd {©G
®éø:qÖ{&~{«04/,&~iptables u{IP 3Û*4Linux c
CÇ>Õ?Çiptables ,X4{!ûÍ÷iptables 41
ì{*Ç!P
²èT{Linux ø:®Êuq
,nÝÓÇiptables {Öu4Ç{ÙuÇ*ǽ{û0u
ìJÌå
ØtìJqÖ{&~YÇiptables ê
Øiptables {-<Ç>k
ÝRed Hat Linux kZRed Hat Linux \
$iÇ*¯I{4ê{~åì÷6¯{ÓäÇÇ?%ÃÝVĤ
4Linux cCÇaA&~\ÿ/{ÓäÃredhat-config-securitylevelÄÓ
äãø: \ÿ/ÇÇZRed Hat Linux ãÇ¥{3Û{¶ô#¤
,1&~GNOME LokkitGNOME Lokkit 4«GUI ÓäÇÇÌ5®¯J[&~
{åì{¯Êâ{ÃIÇÇÌ{Ç;\{3ÛYJÓä{-<Ç>k
Ý139*ÍÒh{3ÛÇ>kÝRed Hat Linux k¥{iptables Y
9
14.1.
äqÿ/
ó{tqÖ{6¯Ç®Linux äqÿ/äqÿ/4«çÕÇÝÜ*
ÃmodeÄÇÇïó/etc/rc.d/rc<x>.d ø9¥{qÖu½BÇÙ¥<x> 4äqÿ/{j
Red Hat Linux &~ïäqÿ/Õ
• 0 — *ä
• 1 — \~Ü*
• 2 — &~Ã,~½BÄ
102
14.
;éqÖ{6¯
q\{õ~Ü*
&~Ã,~½BÄ
• 5 — q\{õ~Ü*ÃQäX {~9¶ôÄ
• 6 — ­cZs
*&~{4©ý~9¶ôÇ4óäqÿ/3 ¥v**&~{4Co~9¶ôÇ4
óäqÿ/5 ¥v*
å{äqÿ/,1/,/etc/inittab ©Gu#Ç©Góz£>{0q¦
Á#Õ
•
3—
•
4—
id:5:initdefault:
²Yq¥{jÄ.{äqÿ/Ä)#óø:­cZsbÌH
Áý#äqÿ/Ç&~×telinitÇÙ˱äqÿ/j4Ê~b&~Y1
×
14.2. TCP
ÌwÇ
õUNIX ø:®Êé&~TCP ÌwÇu®éìJdqÖ{&~vYç
xinetdÃ1ù[QOlibwrap |Ñ{ÇÄ®{qÖê&~TCP ÌwÇu®
&~Yxinetd ê&~/etc/hosts.allow Z/etc/hosts.deny ©Gu{tø:q
Ö{&~©G{ÖÁÄ+Çhosts.allow Ý9Çã0&~úxinetd Ä;{
dqÖ{ï,Çhosts.deny ©GÝ9áý&~Y{hosts.allow ©G
hosts.deny ©Gé&~Y!{G£Ýáý,1ÊâÇ/IP ÃÝÌåÖÄÝ¡0
½-<>kÝRed Hat Linux kZhosts_access {ÒVÃmanÄÊ9Ãman
5 hosts_accessÄ
14.2.1. xinetd
;tÉqÖ{6¯Ç&~xinetdÇ4inetd {\¦¬xinetd EÇâ?ø
:ýÍÇ
Ø6¯;Z9Ç?,1~uéÄOø{{qÖìxinetd ê~u
Øt
ìJÌå{6¯ÖáýtìJqÖ{6¯Ö!Ëz{ªGZÃÝÄËzÄ{ñÞ
xinetd ÃXóäq?)&ÇÄ®{Äà=Þ{qÖhìÇËzÇ®{ì1qÖ{>
FtHÇxinetd ÒÌqÖéÄ\7{qÖì
xinetd {{©G4/etc/xinetd.confÇb4ÇÝiÇå1ùÝ9/etc/xinetd.d
ø 9 ¥ { { © G * ø 9 { é ~ Ý ¢ ~ ì 1xinetd q Ö Ç ö /etc/xinetd.d ø9¥{{©G*disable auú÷yesÇ1qÖ.¢~
*disable auú÷noÇ1qÖ.úé~,1&~qÖ{Óäntsysv
Ýchkconfig uö[Çxinetd {©GÝ#Ç{é~çÕÜzxinetd ;{
dqÖï,Ç&~ls /etc/xinetd.d ×uïÞ/etc/xinetd.d ø9{
14.3.
qÖ{Óä
qÖ{Óä4Coa~ÇÇRed Hat Ç~u{/etc/rc.d/init.d ¥óZs
Ãéäqÿ/345 ÓÄéÄýJSysV qÖÇýJxinetd qÖÇãéÄ*Z
­céÄSysV qÖ1ù­céÄxinetd
,óÁéÄqÖ{ÓäÇâÁÆÞ{Ìh\ => ø:÷ => qÖì÷
=> qÖÇÝóshell +ÃXTerm ÝGNOME ªàÄÇE×redhat-configservices
14.
;éqÖ{6¯
103
C14-1. qÖ{Óä
qÖ{Óä+häqÿ/1ùøtö{äqÿ/öX3{äqÿ/Ç,
nh\¥ öäqÿ/Çl äqÿ/34Ý5éäqÿ/{ÃcÇ>k
Ý14.1
qÖ{ÓäXbïñê/etc/rc.d/init.d ¥{qÖǤïñêxinetd ;{qÖâ&
}ï,¥{qÖÖu+qÖ{;áÃc1ùÇ{qÖçÕ*YÇqÖX4xinetd qÖÇ
çÕ=Ì+qÖø4dóäq*qÖúxinetd Ä;ÇçÕ=Ì+xinetd
qÖYÇáª
ÁýéÄ*Ý­céÄì1qÖÇ,ï,¥ 1qÖÇlâÓäyÞ{#a<
ÃÝ,qÄnh\¥ qÄÄ*qÖ4Çxinetd qÖÇqÄ<Ìú¢~ÇO
Ç¢Xú\ÇéÄÝ*
*/, ÝR> qÖÖk{
'ué~Ý¢~êxinetd qÖÇ,nh\
¥ ©G => â?#u­céÄxinetdÇ?Áýé~Ý¢~Ä#{xinetd q
Öxinetd ¤ú{ÄÄA÷,13é~Ý¢~õÇxinetd qÖÇóeòâ
?#
Ç"÷ óäqÿ/3 ¥é~rsyncÇ?â?ê#rsync qÖÌÁ/úé~
'xinetd úéÄÇrsync
Ìúé~
´·
hâ?êxinetd qÖ¥Ä){#Ç­céÄêxinetd Ç#ÒÌÁýHhâ?êéÙÇq
Ö{#Çäqÿ/Ìú­c{Çb4#XÌÁýH
óZsh ¥{äqÿ/é~Xaxinetd {qÖÇ ï,¥qÖÖk{
'
{êäqÿ/Ç/, nh\Þ{©G => â?#ua~#äqÿ/{
Ìú#Çb4XÌú­céÄÖYøÇ#ÒXÌÁýH
Ç"½ó{äqÿ/3*²anacron qÖ{çÕ,ú ÄX Çl â?#Çäqÿ/3 {{Ìú#ÇO$anacron óZsÒXÌúéÄb4Çäq
ÿ/3 ú­cð)ÇO$anacron
óäqYÇ,ï ¥ ÇÕ
1. *anacron qÖ— qÖÇ,ï,¥ ÇÇlâ*<Ò
qÖ.úÄÕ*{>åÒÌú+ñu
104
14.
;éqÖ{6¯
­cð)äqÿ/— ­cð)äqÿ/{04ÕKshell +ÇlE×
telinit 3ÃY°{3 4äqÿ/jÄ*#êõÇqÖ{ZséÄ
Ç?.ÁýíÙ#ÇM?&~Y«0
3. ÑX)— X*anacron qÖ,1tø:­cZsb*qÖóø
:'ZsÇäqÿ/ÒÌúð)Xäqanacron qÖ
2.
14.4. ntsysv
ÓäíÙÝ*äqÖ
Øê;\{Á,1&~ntsysv uéÄÝxinetd ®{qÖ¤,1&~ntsysv u{äqÿ/Lå÷Çhäqÿ/Ìú{
{X3{äqÿ/Ç&~--level 1u½ÇÝõÇäqÿ/Ç×ntsysv
--level 345 {äqÿ/34Z5
ntsysv {ÁZ©ýÜ*{ãÇ{Ó*0*#5&~ÞF>uÞï,&~8ÂE
u ÝR> qÖÇÝ~uh½ZR><óqÖï,Zh½R
><¥#¦Ç&~[Tab]E* )ÒìqÖú÷éÄ[F1] EÌfñ1qÖ{;áÃc
ntsysv
´·
xinetd ®{qÖÌÁýItntsysv {k/ÙÇqÖXÌÁýH&~service daemon stop ×u*ì1qÖóÁ{¾¥Ç²daemon ¦Ä.*{qÖÖÁÇÇhttpd
²stop ¦Ästart Ýrestart uéÄÝ­céÄìqÖ
14.5. chkconfig
×,1~uíÙZ*äqÖ*&~chkconfig --list ×ÇÌt
Çø:qÖï,Ç1ùÇ¢óäqÿ/0 t6 ¥.úéÄÃonÄÝ*ÃoffÄóï,âàÇ
Ìtxinetd ®{qÖ\I
*&~chkconfig --list u®xinetd ®{qÖÇÌtxinetd qÖ4úé~
ÃonĤ4úÃoffÄêÇ×chkconfig --list finger (ÃêïQñÕ
chkconfig
finger
on
ÞÄ+Çfinger *xinetd qÖúé~*xinetd óäqÇfinger ÒÌúé~
*&~chkconfig --list u®/etc/rc.d ¥{qÖÇÌtqÖóÇäqÿ/¥{
÷Ç×chkconfig --list anacron (ÃêïQñÕ
anacron
0:off 1:off 2:on
3:on
4:on
5:on
6:off
chkconfig ¤~u÷ìqÖóì½{äqÿ/úéĤ4ú*äÇóäq
ÿ/345 ¥*änscd qÖÇ&~Á{×Õ
chkconfig --level 345 nscd off
´·
xinetd ®{qÖÌÁýúchkconfig k/Ç*xinetd óäqÇfinger ú¢~Ç q
êchkconfig finger on ×Çfinger ÒXCÓ­céÄxinetd uÁýúé~éÙÇqÖ{
#ó&~chkconfig XÌÁýH&~service daemon stop ×u*Ç/qÖó
14.
;éqÖ{6¯
105
Á{¾¥Ç²daemon ¦Ä.*{qÖÖÁÇhttpd²stop ¦Ästart Ýrestart uéÄÝ
­céÄqÖ
14.6.
ÙÇýî
-ûfå>kïýî
14.6.1.
ãê{©l
• ntsysv
chkconfigxinetd Zxinetd.conf {ÒVÃmanÄ
— Ìå6¯;©GÂ*{ÒVÃmanÄÃó5 9Ä
• man 5 hosts_access
14.6.2.
•
http://www.xinetd.org — xinetd
14.6.3.
•
~{5
ÇÝ9Í-û{Õï,Z{©G)¾
#V÷
Red Hat Linux k, Red Hat, Inc. — YýC~Ý9êTCP ÌwÇZxinetd
[ãÝáý6¯{-ûfåÇ[&~Ç¢u{d6¯{-ûfåÇ1ù
Oiptables 3Û{Ò
106
14.
;éqÖ{6¯
15.
OpenSSH
4SSH ÃSecure SHellÄNF{½DÍ"Ç~\·{dËzÓäS
êtelnetftprloginrsh Zrcp ÓäOpenSSH |ÑSSH NF{Çý1.31.5Z2
,OpenSSH {Çý2.9 1uÇå{NF4Çý2ÇNFå&~RSA ØÒ
OpenSSH
15.1.
&~SSHÚ
15.2.
{OpenSSH qÖì
&~OpenSSH ÓäRÌ{ø:\uÄ&~OpenSSH Óä{/µÇÝi=ÇÑÌú
·telnet Zftp &~©ý=Ç?úÒ©YJfå,ÌúRÇ=,Ìú5
ÂÇl²GY{|Ê,Ì&~R{=~9{ø:é{ø:Ä3a¦
,&~OpenSSH {Óäø\u½YJ\¯
Ç&~OpenSSH {ÆO4ÇÇIJDISPLAY #ÞÝÉ0åì¦éÇ*ó
ýåìÞäqX =ø:Ç?%&~ssh ×~9têÏÇåìÞÇhóÏÇåìÞqÇ
X {ÇÇÇÌ+ó{ýåìÞ* Coø:®ÓäÇeXê4*
ü6¯qÖìÇYÒÌ{Ó*L0" äqOpenSSH qÖìÇDh½ãêth{RPM GÝopenssh-server G
Ý4X,è{Ç?%Çvopenssh GÝ{ã¦d
OpenSSH EÇ&~/etc/ssh/sshd_config {©GRed Hat Linux 9 ã{å{©
Góõj<Ya1*.&~úå{sshd_config ©G
Ø{0*u{
EÇÇ>ÝÖsshd {ÒVÃmanÄuÜRêó{©G¥½B{Eï,
éÄOpenSSH qÖÇ&~/sbin/service sshd start ×*OpenSSH qÖìÇ&
~/sbin/service sshd stop ×*.tEÇóZsÄéÄÇ>kÝ149u
ÜR[®qÖ{få
*­cãêRed Hat Linux ø:Ç[óÇú­ã&~OpenSSH ÓäËztYÇø:Þ{
0óÇú­ãRÌtï>åÕ
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
­ã{ø:ÌOc{üP)#ØÒÖO$0ÌtRSA ÌåØÒ#{´·
*.â?ø:Æ{ÌåØÒÇ÷P/etc/ssh/ssh_host*key* ©GÇlóø:­ãÁ
Ç,ÇÌâø:{üPh0åóø:­ãACËzÇÇÇ¢ÒXÌt1Þ{´
·få
15.3.
{OpenSSH 0
,0åËztOpenSSH qÖìÞÇó0åìÞãopenssh-clients Zopenssh
GÝ
108
15.3.1.
15. OpenSSH
&~ssh ×
×4rloginrsh Ztelnet ×{\¦ÇãóÏÇåìÞ~9?óÙÞq×
&~ssh u~9tÏÇåìZ&~telnet #~9tÇw)penguin.example.net {ÏÇå
ìÇóshell +EÁ{×Õ
ssh
ssh penguin.example.net
'&~ssh óÏÇåìÞ~9ÇÌtZÁ#5{>åÕ
The authenticity of host ’penguin.example.net’ can’t be established.
DSA key fingerprint is 94:68:3a:3a:bc:f3:9a:9b:01:5d:b3:07:38:e2:11:0c.
Are you sure you want to continue connecting (yes/no)?
Eyes uY̲qÖìt{.Ìå{ï,¥ÇÁ{>åÄ+Õ
Warning: Permanently added ’penguin.example.net’ (RSA) to the list of known hosts.
ZÇÌt5®¯ÏÇÌå={
+óQ=ÇÒÌóÏÇÌå{shell +
ê*½~ÖÇóý0åìÞ~9~{~ÖÒÌúÉÏÇåì*
.½X3{~ÖÇ&~Á{×Õ
ssh username@penguin.example.net
¤,1&~ssh -l username penguin.example.net
ssh ×,1~uóÏÇåìÞX²shell +~9q×Ç{ªÂ*4Õ ssh hostname command Ç*.óÏÇÌåpenguin.example.net Þqls /usr/share/doc ×
Çóshell +EÁ{×Õ
ssh penguin.example.net ls /usr/share/doc
óQêth{=Ç/usr/share/doc YÇÏÇø9¥{ÒÌú+ÇlÒÌ
ú(Ãt{ýshell +
15.3.2.
&~scp ×
×,1~u/,\·{Ëzóåì-Q©GǦrcp #
²ý©GQÉÏÇø:{Ī4Õ
scp
scp localfile username@tohostname:/newfilename
½Í©GÇusername@tohostname:/newfilename ½ø)©G
²ý©Gshadowman tópenguin.example.net Þ{BRÇóshell +E
òusername ¦Ä{~ÖÄÕ
localfile
scp shadowman username@penguin.example.net:/home/username
Y̲ý©Gshadowman QÉpenguin.example.net Þ{/home/username/shadowman ©
G
²ÏÇ©GQÉýø:{Ī4Õ
scp username@tohostname:/remotefile /newlocalfile
remotefile
½Í©GÇnewlocalfile ½ø)©G
15. OpenSSH
109
Í © G , 1 õ Ç © G Ä Ç ² ø 9/downloads { Q t Ï Ç å
ìpenguin.example.net Þ?{uploads ø9Çóshell +Eï×Õ
scp /downloads/* username@penguin.example.net:/uploads/
15.3.3.
&~sftp ×
Óä,1~uK'\Ä{FTP ÌǦftp #ÇX,ÇÇ&~\·{
ËzÇ{Ī4Õsftp username@hostname.com`/,èyÇ,1&~Z&
~FTP #{×>kÝsftp {ÒVÃmanÄuÜRYJ×{ï,ÝÖÒVÇ
óshell +qman sftp ×sftp ÓäóOpenSSH Çý2.5.0p1 1Þb
sftp
15.3.4.
ÄØÒé
*X.'&~sshscp Ýsftp ÑQ=uËzÏÇåìÇ,1ÄéGYØ
Ò
ØÒÇ~Äì~ÄØÒÇ~.ËztÏÇåì{~üPu$¬Á{Z
½*~Ê~{üPqÄêïZ½ÇÒÊ~b&~YéØÒ
,OpenSSH Ç ý3.0 ) Ç~/.ssh/authorized_keys2~/.ssh/known_hosts2
Z/etc/ssh_known_hosts2 Ò Ì , SSH N F1 Z2 á
0~/.ssh/authorized_keys~/.ssh/known_hosts Z/etc/ssh/ssh_known_hosts ©
G
Red Hat Linux 9 å&~SSH NF2 ZRSA ØÒ
" *­ãêRed Hat LinuxÇb4.â{ØÒéÇ÷P{Ìø9¥{.ssh ø9­ãDz
ø9
ÃÌø9Ç,ø:Þ{Ä~qÇÝiÊ~
Çý2 ÄRSA ØÒé
&~ïZ½uSSH NF{Çý2 ÄRSA ØÒé,OpenSSH 2.9 )ÇÇ.Äå÷
1. ÄRSA ØÒé¦NF{Çý2 \*Çóshell +Eï×Õ
ssh-keygen -t rsa
zI~/.ssh/id_rsa {å QǦ{AR=X3{=éÇòQ'u
h
ÚØúU~/.ssh/id_rsa.pub·ØúU~/.ssh/id_rsaûX²·Øñ+É[
|
2. &~chmod 755 ~/.ssh ×#{.ssh ø9{,Y!
3. ²~/.ssh/id_rsa.pub {
t.Ëz{åìÞ{~/.ssh/authorized_keys ©
G¥*~/.ssh/authorized_keys X?óÇ,1²~/.ssh/id_rsa.pub ©G
t ÇåìÞ{~/.ssh/authorized_keys ©G¥
4. *äq{4GNOMEÇ!t15.3.4.4 *óäqX =ø:Ç!t15.3.4.5
15.3.4.1.
110
15. OpenSSH
Çý2 ÄDSA ØÒé
&~Á{Z½uSSH NF{Çý2 ÄDSA ØÒé
1. Ä~NF{Çý2 {DSA ØÒéÇóshell +EÁ{×Õ
ssh-keygen -t dsa
zI~/.ssh/id_dsa {å QǦ{AR=X3{=éÇòQ'u
h
15.3.4.2.
" =é4~uèy~{#ÎZn=éZÄ={X3ÿóÕó=é¥,1&
~8ÂÝ,n=é/Ä=ÇOÇ¢/&~áªX~Ç#
ÚØúU~/.ssh/id_dsa.pub·ØúU~/.ssh/id_dsaûX²·Øñ+É[
|ÇYi­
2. &~chmod 755 ~/.ssh ×#{.ssh ø9{,Y!
3. ²~/.ssh/id_dsa.pub {
t.Ëz{åì¥{~/.ssh/authorized_keys ©
G¥*©G~/.ssh/authorized_keys X?óÇ,1²~/.ssh/id_dsa.pub ©G
t ÇåìÞ{~/.ssh/authorized_keys©G¥
4. *äq{4GNOMEÇ!t15.3.4.4 *óäqX =ø:Ç!t15.3.4.5
Çý1.3 Z1.5 ÄDSA ØÒé
&~Á{Z½uÄ~SSH NFÇý1 {RSA ØÒé*ó&~DSA {ø:-ËzÇ
XRSA Çý1.3 ÝRSA Çý1.5 ØÒé
1. ÄRSA ÃÇý1.3 Z1.5 NFÄØÒéÇóshell +Eï×Õ
ssh-keygen -t rsa1
zIå{ Ã~/.ssh/identityÄQZ{AR=X3{=éòQ'
uh
ÚØúU~/.ssh/identity.pub·ØúU~/.ssh/identityX²{·Øñ
+É[|
2. &~chmod 755 ~/.ssh Zchmod 644 ~/.ssh/identity.pub ×#{.ssh ø9
Z·Ø{,Y!
3. ²~/.ssh/identity.pub {
t.Ëz{åì¥{~/.ssh/authorized_keys
©G¥*©G~/.ssh/authorized_keys X?óÇ,1²~/.ssh/identity.pub
©G
tÏÇåìÞ{~/.ssh/authorized_keys ©G¥
4. *äq{4GNOMEÇ!t15.3.4.4 *óäqGNOMEÇ!t15.3.4.5
15.3.4.3.
óGNOME ¥{ssh-agent
ssh-agent Óä,1~uâ?{=éÇO$Xó'Zssh Ýscp ËzÑQ=
*ó&~GNOMEÇopenssh-askpass-gnome Óä,1~uó~9tGNOME +Q=éÇ?²Çât,GNOME ¥Õ=Xý'GNOME Ì¥
[ssh Ýscp ËzQ=Ý=é*XK®&~GNOMEÇ>kÝ15.3.4.5
óGNOME Ì¥â?=éÇ$¬ïZ½Õ
15.3.4.4.
15. OpenSSH
111
ãopenssh-askpass-gnome GÝÖ,1&~rpm -q openssh-askpassgnome ×ug½GÝ4d.úã*ÇúãÇ,{Red Hat Linux c
ø\Red Hat FTP º45Ý&~Red Hat duãÇ
2. âÌh\ÃóÁÆÞÄ=> D 1 => ÍõD 1 => Ìl
âéÄÇ)üâÇóéÄשýãQ/usr/bin/sshadd²Ç{ÿ÷[?×Ñ°{j1hâÇ!bqssh-add {
ÿj!P470 ÝÍ°ÿjÖ°ÇÿÖ*ïñêÙÇÇÇÇ{
ÿa!âuRñÇ
3. Õ=ò~9GNOMEÖ¦éÇ­céÄX qÖìóGNOME éÄÇÇ
+Q=é{éUÒÌñQF{=é*²DSA ZRSA ÜVÑ{
êÇÌú
+ÜVÑQ,óåÇÒXÌússhscp Ýsftp +Q=ê
1.
{ssh-agent
,1~uû?{=éÇO$ó'&~ssh Ýscp ËzÒX4QÇ
*XóäqX =ø:Çóshell +¥$¬YJZ½*óäqGNOMEÇb4X.
{Çuó~9
+Q=ÃkÝ15.3.4.4 ÄÇYÇ,Ç,1ó¡xterm {ªà
=¥q*óäqX eX4GNOMEÇYÇ,Ç,1óªà¥q,4Ç{=ó
ªà=¥úÔÇÇX4\Û÷
1. óshell +ÇEÁ{×Õ
exec /usr/bin/ssh-agent $SHELL
2. lÇEÁ{×Õ
ssh-add
zøÇQ{=*{êXÇØÒéÇÌú
+QÇ=
3. hÕ=Ç=éÒÌúó'~9t;ÑÝKªà=Ñq
YÜ×
15.3.4.5.
ssh-agent
15.4.
ÙÇýî
Z
ÓÇÿXä¥ÇO$Ç¢{!cfå/ Ç¢{05
Óä{ÒVÃmanÄ4ÇÜR-ûfå{P0
OpenSSH OpenSSL
OpenSSH OpenSSL
¥
15.4.1.
Z
ãê{©l
scpsftpsshd Zssh-keygen {ÒVÃmanÄ— Ç¢{ÒVÝi[
&~YJ×{fåÇ1ùĦǢå&~{kj
• ssh
15.4.2.
•
•
•
~{5
FØç·
Gï,ÓÇ1ù
http://www.openssl.org — OpenSSL FAQ
Gï,1ùéÓÇ{Ãc
http://www.freessh.org — ~ÙDzÑ{SSH 0G
http://www.openssh.com — OpenSSH FAQ
\Õ{Íbu{:
112
15. OpenSSH
16.
d©Gø:ÃNFSÄ
d©Gø:ÃNFSÄ4«ódÞ{åì-á0©G{0Ç©GÒ3 0{ýmc
PÄìÞøRed Hat Linux ,14NFS qÖì,14NFS 0ÇY?øÇ,1²©Gø
:sñÉÙÇø:Ç,1ñ,ÙÇåìÞs{©Gø:
16.1.
&~NFSÚ
16.2.
ñNFS ©Gø:
NFS éó3dÞ{õÇ~-á0ø9i~EÇÅ3ÓÇ1ø{~
,1/,&~NFS ©Gø:Ã/úÁ*NFS á0Ä¥{Çñ/myproject {á0ø9u
?RÓÇ1ø{©G?Rá0{©GÇ~ÈåìÞ{/myproject ø9Y«0
X~Q=X~AO×ÇÒ5cø9 ~{ýåìÞø
&~mount ×uñÇåìÞ{NFS ©Gø:Õ
mount shadowman.example.com:/misc/export /misc/local
´·
ýåìÞ{ñø9Ã1Þ¾¥{/mnt/localÄ?ó
óY1×¥Çshadowman.example.com 4NFS ©GqÖì{ÌåÖÖ/misc/export
4shadowman sñ{©Gø:Ö/misc/local 4©Gø:óýåìÞ{ñ mount
×äqÃ%*0äushadowman.example.com NFS qÖì{thY!
{ Ä Ç 0 ~ , 1 qls /misc/local × u +shadowman.example.com Þ
{/misc/export ø9¥{©Gï,
16.2.1.
&~/etc/fstab uñNFS ©Gø:
ñÙÇåìÞ{NFS á0{«04ó/etc/fstab ©G¥qYq¥
ÒNFS qÖì{ÌåÖÇsñ{ø9Ç1ùñNFS á0{ýåìø94Ê~
b/etc/fstab ©G
/etc/fstab ¥q{ĪÄ+Õ
server:/usr/local/pub /pub nfs rsize=8192,wsize=8192,timeo=14,intr
ñ/pub ó0åìÞ?óó0ø:{/etc/fstab ©G¥²YqqÇ
óshell +E×mount /pubÇ1ùRÌ,qÖì¥ñ{ñ/pub
16.2.2.
&~autofs uñNFS ©Gø:
ñNFS á0{®«04&~autofsautofs &~automount EÇu®{ñÇÇ
ó©Gø:ú6¯bÄÕñÇ¢
114
16.
d©Gø:ÃNFSÄ
ü®Ìnó{©G/etc/auto.master uû½½BýJñlÇÇ&~7~
ÈÇñ{kjuéÄautomount ÇÌnó{¥{qѽBÇñÇÇI{
nó©G½Bóññ{©Gø:Ç/etc/auto.misc ©G,̽B/misc
ø9¥{ñÖY«øó/etc/auto.master ©G¥Ìú½B
auto.master ©G¥{Ç1øÑ®ÇãÇã4ñÇã4nó©G{
Ç®Çã, ®Çã,1Ýi§j¡{få
Çó{åìÞ{/misc/myproject ñÞñÏÇåìpenguin.example.net Þ
{/project52 ø9Çóauto.master ©G¥1qÕ
autofs
/misc /etc/auto.misc --timeout 60
ó/etc/auto.misc ©G¥1qÕ
myproject -rw,soft,intr,rsize=8192,wsize=8192 penguin.example.net:/proj52
¥{Çã4/misc ø9{ÖÁø9úautomount ÄÕOÇ
Xaó0åìÞ"?óÇãÝiñ 1ÇÕrw S,ÖU6¯Y®Çã
4sñ{NFS { ÇÝiÌåÖZø9
/etc/auto.misc
Õ
ø9/misc óý©Gø:¥?óóý©Gø:{/misc ø9¥Xaø9
autofs
4«qÖéÄY1qÖÇóshell +ÇE1×Õ
/sbin/service autofs restart
Ù×{ñÇóshell +E1×Õ
/sbin/service autofs status
*óautofs äqê/etc/auto.master {©GÇóshell +E1×
u/automount EÇ­cñ{©GÕ
/sbin/service autofs reload
¥.ê[{autofs 1"óZséÄÇ>kÝ149 ¥®qÖ{få
16.3.
sñNFS ©Gø:
,NFS qÖì¥á0©GÁsñø9NFS qÖì{Óä,1~u²ø:{ÄNFS qÖ
ì
&~NFS qÖì{ÓäÇäqX =ø:Çä÷ÊYÇ?%ãêredhatconfig-nfs RPM GÝéÄYÇÇÇâÁÆÞ{Ìh\ => ø:÷ =>
qÖì÷ => NFS qÖìÇÝEredhat-config-nfs ×
16.
d©Gø:ÃNFSÄ
115
C16-1. NFS qÖì{Óä
NFS á0Çâ<C16-2Ä+{éUÌñ
äýÙ)üF1fåÕ
• ø9 — ½á0{ø9Ç/tmp
• Ìå — ½á0ø9{Ìå>kÝ16.3.2 uÜRéÂ*{:
• äýY! — ½ø9aÖY!¤4ÖUY!
C16-2. á0
1Ù)üã{1 1Õ
• ãu°1024 {à={Ëz — óRhB1024 {à=ÞéÄ{qÖ1Ê~ü
PéÄ YÇ 1uãÊ~1i{~uéÄNFS qÖ 1Zinsecure #éa
• ãX\{©Gý — Xý>F 1Zinsecure_locks #éa
116
•
•
16.
d©Gø:ÃNFSÄ
¢~d5 — *ì©Gø:{ø9úsñÇb4rÇ©Gø:úsñÇqÖì
Ì5Ä>F{©G4dósñ{ø9¥Y«5w)d5Ãsubtree checkingÄ YÇ 1u¢~d5*rÇ©Gø:úsñÇ ¢~d5,1
°QG
1Zno_subtree_check #éa
F3ZUv* — åúé~Ç 1XãqÖìó>FúUcÃ
YJ>
F 1Zsync #éa*Çú Çasync 1Ìú&~
Áý3ZUv* — XMÔUc{v* 1Zno_wdelay #éa
•
~6¯Ù)üã{1 1Õ
• ²ÏÇÊ~h*ýÊ~ — Lå÷ÇÊ~{~ID ZkID Ñ40ÊY!
¸ÀÃRoot squashingIJ~ID 0 ZkID 0 nóÖ{~ZkIDÇO$0Þ{Ê~
ÒXÌóNFS qÖìÞä÷ÊY*YÇ 1ú ÇÊ~ÒXÌúnóÖ~Ç
0Þ{Ê~ÒÌésñ{ø9pÊY YÇ 1ÌLL\ø:{\uø:ý
éÇ>X Ç 1Zno_root_squash #éa
• ²Ä0~h*Ö~ — * 1ú ÇÄ~ZkID ÑÌúnóÖ~
1Zall_squash #éa
Ö~½ý~ID — *²Ä0~h*Ö~ú ÇYÇ 1Ì
tÖ~½Ç~ID 1Zcorresponds to anonuid #éa
Ö~½ýkID — *²Ä0~h*Ö~ú ÇYÇ 1Ì
tÖ~½ÇkID 1Zcorresponds to anongid #éa
•
•
öNFS á0Ç,ï,¥ ÇÇlâau<ÍøìÇ?NFS á0Ç,ï,
¥ ÇÇlâÍø<
âêh½u,ï,¥öÝÍøìÇNFS á0Ç#ÒÌÁýH— q
ÖìEÇú­céÄÇÆ{{©Gúâ?/etc/exports.bakc{{©GúU
/etc/exports
NFS qÖì{ÓäzÖU/etc/exports {©GO$ÇYÇ©Gó&~Óä,1ú
CÓÖCÓê©G,1&~YÇÓäÃ"½CÓ&~êth{ªÄ
16.3.1.
×q{
*Íõ¡&~©ýöìuö{©GÝVãX =ø:Ç,1z{©
G
/etc/exports ©G;NFS qÖìsñýJø9Ç{Â*Õ
directory hostname(options)
½{ 14sync Zasync ÃOF&~sync is recommendedÄ*½
êsyncÇqÖìó>FÄ){#úUcÒXÌÃ
YJ>F
¾Õ
/misc/export
speedy.example.com(sync)
Ìãuspeedy.example.com {~&~å{ÖY!uñ/misc/exportÇb4Õ
/misc/export
speedy.example.com(rw,sync)
RÌãuspeedy.example.com {~&~ÖUY!uñ/misc/export
>kÝ16.3.2 uÜRÌåÖÂ*{:
16.
d©Gø:ÃNFSÄ
117
>kÝRed Hat Linux kuÜR,1ú½{ 1{ï,
Be
>ÿ®/etc/exports ©G¥{8Â*ÌåÖZiR{ 1-8ÂÇYJ 1Òa~
YÇÌåÖ*óÌåÖZ 1-8ÂÇYJ 1Ò4\Ûa~{¾Ç>û1qÕ
/misc/export speedy.example.com(rw,sync)
/misc/export speedy.example.com (rw,sync)
q É u speedy.example.com { ~ 1 Ö U Y ! ? á ý Ä Ù Æ ~ q É u
speedy.example.com {~1ÖY!Ãå÷ÄÇ?É£ÄÙÆ~1ÖUY!
ó'#/etc/exports {Dz#/ÉNFS EÇÇÝ&~1×u­
cñ{©GÕ
/sbin/service nfs reload
16.3.2.
ÌåÖÂ*
16.3.3.
éÄZ*qÖì
Ìå,1&~1Â*Õ
• \Çåì— Ç\!½­ÖÃêúqÖìÛ{ÄÇÌåÖÃêúqÖìÛ{ÄÇÝIP
• &~/{n½{øïåì— &~*Ý?nu½n{/{nXú
~óIP ¥Ö*5DNS ¯½êÇ/{n,ÌHhó\!½­Ö
¥½/{nÇÃ.ÄXÝió/{n{{1ø¾Õ*.example.com Ý
ione.example.comÇbXÝione.two.example.com.
• IP d— & ~a.b.c.d/zÇ Y ° {a.b.c.d 4 d Çz 4 Ù h ¥ { j
Ã192.168.0.0/24Ä«,1zI{Â*4a.b.c.d/netmaskÇY°{a.b.c.d 4
dÇnetmask 4ÙhÃ192.168.100.8/255.255.255.0Ä
• Netgroups — Â*@group-nameÇY°{group-name 4NIS netgroup {ÖÁ
ósñNFS ©Gø:{qÖìÞÇnfs qÖóäq
&~1×uNFS EÇ{çÕÕ
/sbin/service nfs status
&~1×uéÄNFS EÇÕ
/sbin/service nfs start
&~1×u*NFS EÇÕ
/sbin/service nfs stop
óZséÄnfs qÖÇ&~1×Õ
/sbin/chkconfig --level 345 nfs on
118
16.
d©Gø:ÃNFSÄ
¤,1&~chkconfigntsysv ÝqÖ{Óäu{óZséÄýJqÖ-<>k
Ý149
16.4.
ÙÇýî
ý9ÿXê&~NFS {äý#ÜzÍ-¦{fåÇ>kÝïýî
16.4.1.
ãê{©l
mountdexportsauto.masterZautofsÃóÒV{5 Z8 Ä{ÒV
ÃmanÄ— YJÒV5ÒêNFS Zautofs {©G{thª
• nfsd
16.4.2.
•
http://www.tldp.org/HOWTO/NFS-HOWTO/index.html —
NFS-HOWTO
16.4.3.
•
~{5
u Linux © l {Linux
#V÷
Ç*VÕHal SternÖO’Reilly & Associates, Inc.
Managing NFS and NIS Services
17.
Samba
&~SMB NF/,dËzuá0©GZK\å. |ÑNF{v*ø:ÝiMicrosoft
Ã/,Ç{Network NeighborhoodÄOS/2ZLinux
Samba
Windows
17.1.
&~SambaÚ
17.2.
{Samba qÖì
*{d¥Windows åìLinux åìÇSamba Ò̾*~Samba Ìã©G
ZK\åú{d¥{Äø:á0*K®óRed Hat Linux åì-á0©GÇ>k
Ý169*K®óRed Hat Linux åì-á0K\åÇ>kÝ279
å{{©GÃ/etc/samba/smb.confÄã~*Samba á0uÆ¢{Red Hat
Linux Ìø9Ǥ²Red Hat Linux {{K\å*Samba á0K\åuá0¦é
Ç,1ó{Red Hat Linux ø:ÞËzK\åÇl,dÞ{Windows åìuK\
17.2.1.
Co{
&~CoÁu{SambaÇ&~Samba qÖì{Óä&~×qu{Ç>!
t17.2.2
Samba qÖì{Óä4~u®Samba á0~1ùäýqÖì÷{CoÁÇ
/etc/samba/ ø9¥{{©G&~Çq{#ÑÌúâ
&~ÇÇóäqX =ø:Çä÷ÊYÇ?%ãêredhat-config-samba
RPM GÝ,óÁéÄSamba qÖì{ÓäÇâÁÆÞ{Ìh\ => ø:÷
=> qÖì÷ => Samba qÖìÇÝóshell +ÃXTerm ÝGNOME ªàÄE
redhat-config-samba ×
C17-1. Samba qÖì{Óä
Õ
qÖì{ÓäX+ã~óSamba qÖìÞÆ¢{Ìø9{á0K\åÝå©
Gã
Samba
120
17. Samba
{qÖì÷
{Samba qÖì{Z4{qÖì{äý÷ZÇ\ 1éÄêa~ÇÇ D 1 => qÖì÷äýÙ)üC17-2Ä+
17.2.1.1.
C17-2. {äýqÖì÷
óäý)üÞǽ®åaó{Ó*1ùé®å{;áÃcÇ¢¦smb.conf ¥
{workgroup Zserver string 1#éa
C17-3. {\qÖì÷
\)üÝ91 1Õ
• èyÜ* — ÇZsecurity 1#éa 1èyÜ*¥{«
­ — Samba qÖìvWindows NT ÌÝ÷P­;ìuDè~qÖì²~
ÖZ=É;ìÇlVÇ¢ú(ÃóèyqÖì㥽ÌÝ÷P­
;ì{NetBIOS ÖÁ
·= 1*ú ÇÇú÷4
qÖì — Samba qÖìAC/,²~ÖZ=\ÉÇSamba qÖìuDè
Ç¢*ÇÃDèÇqÖìÌAC&~~èyÜ*uDèÇ¢óèyqÖì
㥽ÇSamba qÖì{NetBIOS ÖÁ
á0 — Samba ~XÇSamba qÖìÑQ~ÖZ=\Ç¢óACË
zSamba qÖìÞ{½á0bÌú
+Q~ÖZ=
~ — ÃåÄSamba ~ÇSamba qÖì
ØÇH{~ÖZ=
*.tWindows ~Ö 1HÇ YÇ 1-<>kÝ17.2.1.2
•
•
•
•
17. Samba
121
·= — Ãå4Ä*~,Windows 98QqÖÝ{Windows NT 4.0
ÝÙÇ!£Çý{Microsoft Windows ¥ËzÇ 1úé~=óqÖìZ0-&~
·Â*:,úR{©ýÂ*QÇZencrypted passwords 1#éa
·Samba ={-<Ç>kÝ17.2.3
• u5BR — h~Ýu5~~9Samba qÖìÇÆ¢únótqÖìÞ{
H~ ø:Þ{?~Ö*u5Samba BRh~&~u5BR~9Samba
qÖìÇÆ¢pZYÇ~#3{Y 1Zguest account 1#éa
âêh½ÇÄ)#ÌúU{©GÇEÇÌú­céÄÖO$#ÌÁýH
•
®Samba ~
Samba qÖì{ÓäFóSamba ~ÇóßhSamba qÖì{Red Hat Linux ø:
Þ?óÇÙ×{?~BRSamba ~ZYÇ?{Red Hat Linux ~BR#É
17.2.1.2.
C17-4. ®Samba ~
Samba ~Ç D 1 => Samba ~Çlâ~<ó
OcSamba ~=¥{ýø:Þ{?~ï,¥ Unix ~Ö
*~óWindows åìÞÇX3{~ÖÇ?R,Windows åìÞ~9Samba qÖìÇ
>óWindows ~Ö㥽Windows ~ÖqÖì÷D 1{\ÙÞ
{èyÜ* ú÷~b4YÇ 1H
¤Samba ~{ÇSamba =Ç?òE'uhYÇ=ý" ê
Samba &~·=Ç
OFÄ~÷{Samba =X3Æ¢{Red Hat Linux ø:
=
öìÇ?~Ç,ï,¥ ÇÇlâö~ÍøìÇ?{Samba ~
Ç YÇ~ÇlâÍø~<ÍøSamba ~XÌÍø#{Red Hat Linux
~BR
âêh½<Ç~ÒÌúÁý
122
17. Samba
17.2.1.3.
á0
C17-5. á0
á0Çâ<äýÙ)ü{1 1Õ
• ø9 — /,Samba á0{ø9YÇø9?ó
• Ãc — éá0{;áÃc
• äýY! — ~aêÖRá0ø9¥{©G¤4aêÖUá0ø9¥{©G
ó6¯Ù)üÞÇ 4dã½{~u6¯á0¤4ãÄSamba ~u6
¯á0* êã½~6¯Ç,,~{Samba ~ï,¥ YJ~
âêh½<Çá0ÒÌÁýú
17.2.2.
×q{
&~/etc/samba/smb.conf *Ç{{©G*#êYÇ{©GÇYÇ#
t&~service smb restart ×­éSamba EÇbÌH
½Windows Ó*ZéÇ{;áÃcÇösmb.conf ©G¥{1qÕ
Samba
workgroup = WORKGROUPNAME
server string = BRIEF COMMENT ABOUT SERVER
²WORKGROUPNAME ¦Ä{åìÄa{Windows Ó*ÖBRIEF COMMENT ABOUT
SERVER 4, {ÇÇú~*Samba ø:{Windows Õ:
ó{Linux ø:ÞOSamba á0ø9Çósmb.conf ©G¥1qÃÊâZ{ø
:ê©GÄÕ
[sharename]
comment = Insert a comment here
path = /home/share/
valid users = tfox carole
public = no
writable = yes
printable = no
create mask = 0765
ÞÁ{¾ã~tfox Zcarole ,Samba 0¥ÖUSamba qÖìÞ{ø9/home/share
17. Samba
17.2.3.
123
·=
óRed Hat Linux 9 ¥Ç·=úåé~ÇOÇÍ\*·=ú&~Ç©ý
=ÒÌú&~ÇÇêú/|&~dIæìuROF&~·=
Microsoft SMB NF!ð&~©ý=lÇQqÖÝ3 ÝÍ°{Windows NT
4.0Windows 98Windows 2000Windows ME1ùWindows XP F·{Samba =
óRed Hat Linux ø:Zäq1ÞWindows v*ø:{ø:-&~SambaÇ,1öWindows Õ
~ìu&~©ý=,{{Linux ø:{Samba u&~·=* {Õ
~ìÇ{\\Windows åìY)— YiÇ,sZ{àBêÍ°
{\uÇM?&~·=
ó{Red Hat Linux ø:Þ{Samba &~·=Ç$¬1Z½Õ
1. Samba OÇ\Õ{=©GÊâ{?/etc/passwd ©GuOÇóshell +E1×Õ
cat /etc/passwd | mksmbpasswd.sh > /etc/samba/smbpasswd
*ø:&~NISÇE1×Õ
ypcat passwd | mksmbpasswd.sh > /etc/samba/smbpasswd
mksmbpasswd.sh lýZsamba GÝåúãó{/usr/bin ø9Þ
2. #Samba =©G{Y!,ÇO$Ê~bÖUY!Õ
chmod 600 /etc/samba/smbpasswd
3. YÇlýX̲~=
tc©GÇSamba ~BRó÷=XÌúíÙ
êÍ°{\uÇOF²~{Samba =÷X3~{Red Hat Linux ={
=÷ÇSamba ~{=Ç&~1×òusername ¦Ç~{~
ÖÄÕ
smbpasswd username
4. ·=óSamba {©G¥úé~ósmb.conf ©G¥Ç>h½1qúÕ:
«Õ
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
5.
6.
óshell +Eservice smb restart uh½smb qÖúéÄ
*.tsmb qÖúÄéÄÇ&~ntsysvchkconfigÝqÖ{Óäuóäqé~Ç-<>kÝ149
" ÝÖ/usr/share/doc/samba-<version>/docs/htmldocs/ENCRYPTION.html uZê
·={fåò<version> ¦ãê{Samba ÇýRhÄ
h&~êpasswd ×Çpam_smbpass PAM ÜLêú~u3Z~{Samba =ZÆ¢{
ø:=*~é~êpasswd ×ÇÆ~u~9tRed Hat Linux ø:{=1ùÆË
zSamba á0Ä
Ø{=ÒÌú#
éÄYÇÕDz1qt/etc/pam.d/system-auth {éÄpam_cracklib.so Õ
password required /lib/security/pam_smbpass.so nullok use_authtok try_first_pass
124
17. Samba
17.2.4.
éÄZ*qÖì
ó/,Samba á0ø9{qÖìÞäqsmb qÖ
&~1×uSamba EÇ{çÕÕ
/sbin/service smb status
&~1×uéÄEÇÕ
/sbin/service smb start
&~1×u*EÇÕ
/sbin/service smb stop
óZséÄsmb qÖÇ&~1×Õ
/sbin/chkconfig --level 345 smb on
¤,1&~chkconfigntsysv ÝqÖ{Óäu{óZséÄ{qÖ-<>k
Ý149
17.3.
ËzSamba á0
,Microsoft Windows åìÞËzLinux Samba á0Ç&~Network Neighborhood ÝCo©
G®ì
,Linux ø:¥ËzSamba á0Ç,shell +ÇE1×Õ
smbclient //hostname/sharename -U username
²hostname ¦.Ëz{Samba qÖì{ÌåÖÝIP Dzsharename ¦.¨
{á0ø9{ÖÁDzusername ¦Äø:{Samba ~ÖQth{=Ý[Enter] E
Ã¥XF~{=Ä
*têsmb:\> +ÇÒ.ÄÕ~9ê~9ÇEhelp uÜzÇ×ï,
*.¨{Ìø9{Dzsharename ¦Ä{~Ö*&~-U 1Çh
~{~ÖÒÌúÉSamba
RñsmbclientÇósmb:\> +Eexit
¤,1&~Nautilus u{dÞ{,~Samba á0 ÁÆÞ{Ìh\ =>
dqÖìu{dÞ{Samba Ó*{ï,¤,1óNautilus { Õy°E
smb: uÓ*
C17-6Ä+ÇódÞÇ,~SMB Ó*kÑÌñÇC)
17. Samba
125
C17-6. Nautilus ¥{SMB Ó*
vâÓ*C)uýÇÓ*{®å{ï,
C17-7. Nautilus ¥{SMB åì
óC17-7¥ÄDÇÓ*ÇåìÑÇC)vâìÇC)uåìÞ{Samba á
0*~ÖZ=\ÇÌú
+QÇ¢
, 1 ó Õ y & ~ 1 ª Ã ²userpasswordservername
Zsharename ¦Ä#aÄu½~ÖZ={\Õ
smb://user:password@servername/sharename/
17.4.
ÙÇýî
éY°õùt{{ 1Ç>kÝ1ýî
126
17.4.1.
17. Samba
ãê{©l
{ÒVÃmanÄ— :[{Samba {©G
{ÒVÃmanÄ—ÃcSamba EÇ{Ó*Æ®
/usr/share/doc/samba-<version-number>/docs/ — Ýiósamba GÝ¥{HTML
Z©ýÐÏ©G
• smb.conf
• smbd
•
17.4.2.
•
~{5
http://www.samba.org — Samba
l
ÇÝ9õ
Gï,ZGUI Áï,få{~©
18.
ÄÕÌå{NFÃDHCPÄ
ÄÕÌå{NFÃDHCPÄ4~uÄÉ0åìI{TCP/IP få{dNFÇDHCP 0
ÑËzt¥ê {DHCP qÖìÇqÖìÌ(ÃÝiIP ZDNS qÖìfå{0
d{
18.1.
&~DHCP
óO¤0d{0Ái~h{0ø:Ç®Ê,1 DHCPÇ?X
QIP ÙhÝDNS qÖì0,DHCP qÖì¥5ÂYJfåDHCP
ó®Ê.#LÞø:{IP L~E¦Ù­c{Äø:Ç®ÊöqÖ
ìÞ{ÇDHCP {©Gý,ÜzcIP ø\*ìåè{DNS qÖì#êÇY«#
óDHCP qÖìÞXóDHCP 0Þq`0{dú­céÄÃÝ0­cZ
sø:ÄÇ#ÒÌH
ø$iÇ*"PÝ[¡n{,#®åú{&~DHCPÇÇÍÚ?ÑÇã
ÇÉ{DHCP qÖìÇÇÒ,1X­c{óÍÚ?-#Ä
DHCP
18.2.
{DHCP qÖì
,1&~{©G/etc/dhcpd.conf u{DHCP qÖì
DHCP ¤&~/var/lib/dhcp/dhcpd.leases ©GuÑ?0ÏjâE-<>kÝ18.2.2
18.2.1.
{©G
{DHCP qÖì{Z4OÑ?0dfå{{©G\Û 1,1Ä0ÒÇ
, 1,1Ç0ø:Ò
{©G,1&~[{,nÝ8quq;\Â*E4KILBU{ÇåD
³RÃ#Ä{q4Õ:
ø"êÜ«DNS Íc0— ODNS ÍcÜ*Z,ÞuDHCP-DNS ÄzCÍcÜ*
*YÜ«Ü*úzIIETF )ïÇ{\IÇÒÌñ®ÇÜ*— )ïDNS Íc0
DHCP qÖì{&~YÜ«h0¥{«Çý3.0b2pl11 1ùÍ {Çý&~
OÜ*ÖX,ÇY«Ü*.²,*.â#3{q0*Çó{©G{>1
qÕ
ddns-update-style ad-hoc;
&~M?{Ü*Çó{©G{>1qÕ
ddns-update-style interim;
>ÝÖdhcpd.conf {ÒVÃmanÄuÜzX3Ü*{û
{©G¥Ü¡½cÕ
• kj— ,Ò[qÖÇ4dqÖÇÝRýJd{ 1É0
• Ò— Ãcd{YÛÖÃc0Ö
Ø0{Öݲkja~tÒ¥
128
18.
ÄÕÌå{NFÃDHCPÄ
ìJkj1option E>ÇÇ¢úÁ 1 1{DHCP {, 1Ökj{
{4 {Ý;DHCP qÖìq{
ó&~LiRÃ{ }Ä{\IÒ{kjÃÝi 1Ä/úh)\Ûkj\Ûkja~ Ù{Ä\I
­
*#ê{©GÇYJ#ó&~service dhcpd restart ×u­céÄDHCP EÇ
bÌH
ó¾18-1¥
Çrouterssubnet-mask domain-namedomain-name-servers
Ztime-offset 1ú~ÄóÇ¢ÁÒ{host Ò¥
¾18-1Ä+Ç,1Òsubnet{d¥{ÇÝiÇsubnet ÒÇd
ÇDHCP qÖì,ÃéÄ
óYǾ¥Ç¥{ÇDHCP 0ÑQ\Û 1Ç?%Òêrange0úI{
Érange {IP
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers
192.168.1.254;
option subnet-mask
255.255.255.0;
option domain-name
"example.com";
option domain-name-servers
192.168.1.1;
option time-offset
-18000;
# Eastern Standard Time
range 192.168.1.10 192.168.1.100;
}
¾18-1. Ò
Äá03Ô®d{aóshared-network ÒÒǾ18-2Ä+
óshared-network Ç b ó ú Ý å u {subnet Ò i { k j ú h ) \ Û k
jshared-network {ÖÁa4édÃcu{)ǾÇ&~test-lab uÃcÄÿ
"è?Ãtest labÄ¢¸¥{
shared-network name {
option domain-name
"test.redhat.com";
option domain-name-servers
ns1.redhat.com, ns2.redhat.com;
option routers
192.168.1.254;
more parameters for EXAMPLE shared-network
subnet 192.168.1.0 netmask 255.255.255.0 {
parameters for subnet
range 192.168.1.1 192.168.1.31;
}
subnet 192.168.1.32 netmask 255.255.255.0 {
parameters for subnet
range 192.168.1.33 192.168.1.63;
}
}
¾18-2. á0dÒ
18.
ÄÕÌå{NFÃDHCPÄ
129
¾18-3¥ÄÜ+Çgroup Ò,1~u²\Ûkja~tÒ¥,1\á0{d
ÌåÝÙÇk
group {
option routers
option subnet-mask
192.168.1.254;
255.255.255.0;
option domain-name
"example.com";
option domain-name-servers
192.168.1.1;
option time-offset
-18000;
# Eastern Standard Time
host apex {
option host-name "apex.example.com";
hardware ethernet 00:A0:78:8E:9E:AA;
fixed-address 192.168.1.4;
}
host raleigh {
option host-name "raleigh.example.com";
hardware ethernet 00:A1:DD:74:C3:F2;
fixed-address 192.168.1.6;
}
}
¾18-3. kÒ
{RÄÕIP Éø:{DHCP qÖìÇ~{ju¾18-4Ç0Ò
ÇåÏ!Ï1ùd{)¾¥²range 192.168.1.10 Z192.168.1.100 {IP I{É0
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "example.com";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
}
¾18-4. )kj
Êâ{MAC É0I{IP Ç&~host Ò{hardware ethernet kj
¾18-5¥ÄÜ+Çhost apex Ò,ÒÕ{MAC 00:A0:78:8E:9E:AA {ø:ÄI{
{IP R4192.168.1.4
Õ?Ǥ,1&~, {kjhost-name u0I{ÌåÖ
130
18.
ÄÕÌå{NFÃDHCPÄ
host apex {
option host-name "apex.example.com";
hardware ethernet 00:A0:78:8E:9E:AA;
fixed-address 192.168.1.4;
}
¾18-5. &~DHCP {·ÕIP
" ,1&~Red Hat Linux 9 {{©G)¾*øÆÇlóÙÞ½{{ 1&~Á
{ײÇ
tth{ °Õ
cp /usr/share/doc/dhcp-<version-number>/dhcpd.conf.sample /etc/dhcpd.conf
ÃY°{<version-number> 4&~{DHCP ÇýÄ
ÜR 1½cùÙ*~{qrï,Ç>kÝdhcp-options {ÒVÃmanÄ
18.2.2.
ÏjâE
18.2.3.
éÄZ*qÖì
óDHCP qÖìÞÇ/var/lib/dhcp/dhcpd.leases ©G¥?8øDHCP {0ÏjâE
©GXaúCÓÇc£I{{IP {DHCP ÏfåÑÌÄû?óÏjâE
¥fåÝiÏ{ÝÖIP úI{{é6ÖÏ{)ZªÏÖ1ù~u5ÂÏ
{{MAC
ÏjâE¥Ä~{-4Âõ
£)ï-ÃGMTÄÇX4ý-
ÏjâEXú­OÇO$ÇX®ÔLDÇÄ.{ÏÌúû?tÇø{
ÏjâE¥Çdhcpd.leases ©Gú­×Ödhcpd.leases~ÇlÇøÏjâEúU
dhcpd.leases ©G
óÏjâEú­×Ö÷P©GÇc©GúUÇDHCP EÇ,úÀÇø:
,Ìÿd*êY«<YÇéÄqÖÄ{dhcpd.leases ©GÒXÌ?óYÇ>
XOcÏ©GOYø)Ì¿ÄÆ{ÎÏ©GÇ,sÍõ¯th{Í
4²dhcpd.leases~ ÷P©G­×Ödhcpd.leasesÇlòéÄEÇ
­
óD'éÄDHCP qÖìÇø:ø:Þ?ódhcpd.leases ©GÇqÖìRÃúéÄ*YÇ
©GX?ó{Ç&~touch /var/lib/dhcp/dhcpd.leases ×uOÇ
éÄDHCP qÖÇ&~/sbin/service dhcpd start ×*DHCP qÖìÇ&
~/sbin/service dhcpd stop ×*.tEÇóZsÄéÄÇ>kÝ149
¥[®qÖ{få
*{ø:ËzêXÇdÁÇb4.tDHCP qÖìéÄÙ¥Ç,1
{DHCP qÖìó Ç÷÷ÞéÄó/etc/sysconfig/dhcpd ¥Ç²Á{ÖÁ
tDHCPDARGS {ï,¥Õ
18.
ÄÕÌå{NFÃDHCPÄ
131
# Command line options here
DHCPDARGS=eth0
*ÇQÜÇ{3ÛåìÇY«0ÒÌL`~Ç,1ú{ÄDHCP
0u,ÉÞ5ÂIP ÖÇ,1ú~*3Û{\d{DHCP qÖì
½Ëzt\d{&ø:Í\ÇO~Ã/,ÉuËzÇ{EÇ
ÙÇ,ó/etc/sysconfig/dhcpd ¥½{×q 1ÝiÕ
• -p <portnum> — ½dhcpd a)&{udp à=Rhå67DHCP qÖìó½
{udp à=L {à=RhÞ²ÃaQÉDHCP 0Ç*zIêå{à=67Ç
qÖìóà=67 Þ)&>FÇlóà=68 ÞÃa0*ó$ÿ½êÇà=Rh
u&~DHCP ÝS®ÇĽ{DHCP ÝS®{)&à=43à=-<>k
Ý18.2.4
• -f — ²EÇ*ÑÇäqYó®A!~
• -d — ²DCHP qÖìEÇ9t)ïFØÃcì¥Yó®A!~*Ç
½ÇRúU/var/log/messages
• -cf filename — ½{©G{ å 4/etc/dhcpd.conf
• -lf filename — ½ÏjâE©G{ *ÏjâE©G.?óÇóDHCP qÖì
'éÄ&~3Ç©G­ñOFóÃ{åìÞ®Aø{b&~ 1å{ 4/var/lib/dhcp/dhcpd.leases.
• -q — óéÄEÇÇX+rÇYfå
18.2.4. DHCP
ÝS®
{ÝS®ÃdhcrelayÄã²ÃDHCP qÖì{{DHCP ZBOOTP >FÝ
ÉÙÇ{ÇÝõÇDHCP qÖì
hìÇDHCP 0>FfåÇDHCP ÝS®²>FÝÉDHCP ÝS®éÄĽ{
ïDHCP qÖìhìÇDHCP qÖì(ÃÇÃaÇÃaúBÝ\BÉ!ð>F
{d
ø:&~INTERFACES ó/etc/sysconfig/dhcrelay ©G¥½êz=ÇDHCP ÝS®
)&Äz=Þ{DHCP >F
éÄDHCP ÝS®Ç&~service dhcrelay start ×
DHCP
18.3.
{DHCP 0
{DHCP 0{Z4h½Xê#/õjÌóã,Ç¥ú#/Çø
:Ì{ôh{XÜL*óããê<ÇKudzu aÌ#/
ÇÇ?
+Ç{#a{XÜL>h½Red Hat Linux {mG/ï,ÇÇ http://hardware.redhat.com/hcl/*X4ãÇÝKudzu {{Ç%w
ÇñýÇXÜLÇ >kÝ319¥ñXÜL{û
CÓ{DHCP 0Ç/etc/sysconfig/network ©Gué~ÉÖ?
/etc/sysconfig/network-scripts ø9¥Çd÷÷{{©Góø9¥ÇÇ÷
÷ÑÇw)ifcfg-eth0 {{©GÇY°{eth0 4d÷÷{ÖÁ
/etc/sysconfig/network ©GaÝ91qÕ
1
NETWORKING=yes
1.
Kudzu
4óø:Zsäq{mGæÓäÇÇ~ug½ø:ÞÝ#øêýJmG
132
18.
ÄÕÌå{NFÃDHCPÄ
{YÇ©G¥,ÍõfåÇb4*.óZséÄÉÇNETWORKING #Þú÷
yes
/etc/sysconfig/network-scripts/ifcfg-eth0 ©GaÝ91qÕ
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
Ç.{&~DHCP {÷÷ÑÇ{©G
*D CoÁu{DHCP 0Ç>kÝ129 uÜR&~d®Óäu{
dz=&~DHCP {-<
18.4.
ÙÇýî
ÜRY°õù{{ 1{fåÇ>kïýî
18.4.1.
ãê{©l
{ÒVÃmanÄ— ÃcDHCP EÇ{äqÆ®
{ÒVÃmanÄ— :[{DHCP {©GÖÝiJ¾
dhcpd.leases {ÒVÃmanÄ— :[{DHCP Ï©GÖÝiJ¾
dhcp-options {ÒVÃmanÄ— :ódhcpd.conf ¥ÒDHCP 1{ªÖÝi
J¾
dhcrelay {ÒVÃmanÄ— :DHCP ÝS®ZÇ{{ 1
• dhcpd
• dhcpd.conf
•
•
•
19.
Apache HTTP
qÖì{
óRed Hat Linux 8.0 ¥ÇApache HTTP qÖìúÍctÇý2.0ÇÇ&~X3{{ 1,Red
Hat Linux 7.3 )ÇRPM GÝú­c×Öhttpd*.CÓû#?{{©GÇ
>kÝ/usr/share/doc/httpd-<ver>/migration.html ÝRed Hat Linux k¥{
û#5s
*ó1{Red Hat Linux Çý¥&~HTTP {Óä{êApache HTTP qÖìÇlq
ÿÇ,1&~YÇa~Çu²{©Gû#tÇý2.0 {cÂ*éÄHTTP {ÓäÇ
#{Çlâ?Äâ?{{©GÒ̦Çý2.0 /
HTTP {ÓäãApache HTTP qÖì{/etc/httpd/conf/httpd.conf {©G
ÇX&~Î{srm.conf Ýaccess.conf {©GֲǢ8¸,1/,CoÁu
{ǾÌå9auZ!LjÞËz
ÝióRed Hat Linux ¥{ÜL,1&~HTTP {Óäu{*ãêi{ÜLÇ
Ç¢X&~YÇÓäuã
ãhttpd Zredhat-config-httpd RPM GÝb&~HTTP {ÓäǤX
=ø:ZÊY!éÄYÇÇÇâÌh\ => ø:÷ => qÖì÷
=> HTTP qÖìÇÝóshellþÇXTerm ÝGNOME ªàÄ
+¥Eredhat-confighttpd ×
Be
*.&~YÇÓäÇ>XCÓö/etc/httpd/conf/httpd.conf {©GHTTP {Óäó
â?#?RñÇÄÄYÇ©G*.HTTP {Óä ¥{iÜLÝ{ 1ÇX&~YÇÓä
&~HTTP {Óäu{Apache HTTP qÖì{ÄZ½ÄcÕ
1. óÌ)ü{äý÷
2. âÌå)üu{å÷
3. óÌå)üÇ{å{Ìå
4. *.XÇURL ÝÌå
ØqÖÇi{Ìå
5. óqÖì)ü{qÖì÷
6. óu®)ü{Ëz÷
7. ²Ä{©G
tDocumentRoot Zcgi-bin ø9¥
8. RñÇ?â?{÷
19.1.
äý÷
&~Ì)üu{äýqÖì÷
134
19. Apache HTTP
qÖì{
C19-1. äý÷
óqÖìÖÁ©ýã¥QY&~{qr­Ö 1Zhttpd.conf ¥
{ServerName #éaServerName ÷yqÖì{ÌåÖÇ~uOURL {
­s5*½BqÖìÖÁÇyqÖìÌAC,ø:¥{IP uÛÇqÖì
ÖÁX½:4Ç{IP Ç,.²{qÖìÖÁ÷www.example.comÇ
{qÖì{"DNS ÖÁe4foo.example.com.
óÌ
G©ýã¥QyqÖìV{
G 1
Zhttpd.conf ¥{ServerAdmin #éa*{qÖì{FØÝ9
G
ÇRÌú~~u5qÖì{®Ê
b¯å{4Õroot@localhost
&~,~©ýãu½BqÖìzIËz>F{à= 1Zhttpd.conf ¥
{Listen #éaRed Hat å{Apache HTTP qÖìóà=80 Þ)&:\y/
µ
â<u½BzI>F{ÙÇà=ÇC19-2Ä+{=Ìñ,1 )
&Ä 1uó½B{à=Þ)&ÄIP Ç,1ó㥽qÖìÌz
I>F{Çà=½ÇIP *.ó3à=RhÞ½õÇIP Ç
>ÇIP I/Oø*,Ç&~IP X4­ÖÇYø̽DNS ¯
½-<>kÝhttp://httpd.apache.org/docs-2.0/dns-caveats.html ¥{Issues Regarding DNS and
Apache
ó ã¥QhRÃ*Ä{H*Z )&Äøâ,~U%¥
{ö<Zâ <Ä+{=#3ÇX,V=¥{ã.ú½÷Í
øìøÇ ÇlâÍø<
" *÷êqÖìu)&1024 1{à=Ç4Ê~béÄÇé1024 Z1Þ{à
=Çhttpd ,1úÊ/~éÄ
19. Apache HTTP
qÖì{
135
C19-2. ,~
19.2.
å÷
½BêqÖìÖÁÌ
G1ù,~ÇâÌå )
üÇlâÞÁ{öå÷ <C19-3Ä+{=Ìñó=¥{y
qÖì{å÷*êÇÌåÇÌå{{÷Ìúf
~éÌå½B{ÇÒÌ&~å
19.2.1.
5{
ø9Âï,ZFØ¥{åéõjqÖìÑ7~*X2½YJ÷Ç
>XÇ¢
C19-3. 5{
ø9Âï,¥ïñ{1ø½BDirectoryIndex DirectoryIndex 4~/,ó
ø9Ö½tR"Ã/ Äu>Fø9ÂZÇqÖì
Ø{å
Ç h ì ~ > F http://www.example.com/this_directory/ Ç Æ Ì z
tDirectoryIndex à ¥ ? ó Ä Ç Ý q Ö ì Ä { ø 9 ï , q Ö ì Ì A C ¯
136
19. Apache HTTP
qÖì{
IDirectoryIndex ¥ïñ{©GÇ?
ØÇIt{Ç©G *ÇIt[©GÇ
?%Options Indexes ø9÷ÇqÖìÒÌÄ?(ÃÇHTML Â*{ï,Çïñ
ø9¥{ø9Z©G
&~FØSRYu{Apache HTTP qÖìóñFØZ¯²0­s5ÉýÝ
i\URL 1ZErrorDocument #éa*h0ACËzApache HTTP qÖì
ñê¯ÝFØÇåqÄ4+FØSRï¥{;\FØ·åRSå{Ç
FØSRÇlâö < åu+å{;áFØ·å URL u
²0­s5tÇi\URLÇ?ó ã¥QÝihttp:// ó{URL ©Gu
²0­s5tÇ\URLÇ?óyqÖì{©lÊQ©G{4» 1R"
Ã/Ä>Ç?#é©lÊ{
Dz404 ItFØSR­s5tó404.html ©G¥O{Dz404.html
tDocumentRoot/errors/404.htmlóYǾ°ÇDocumentRoot 4½B{©lÊ
ø9Ãå/var/www/htmlÄlÇ ©G*404 - It FØSR{qÇ
lQ/errors/404.html *
,åFØlh\¥Ç,1 ï 1Õ
• +lZ
G — óÄFØ¥+ål1ùóServerAdmin ¥
½{5V{
G{ServerAdmin {-ûfåÇ>kÝ19.3.1.1
• +l — óFØ{\+å{l
• Ãl — óFØ{\X+l
19.2.2.
9
q Ö ì å ² Q U /var/log/httpd/access_log © G Ç ² F Ø U
/var/log/httpd/error_log ©G
QÝ9ÇÄéyqÖìËzèC{ï,Ç9ACËz{0{IP ÇA
CËz{ÏZ-Ç1ùAC5Â{yqÖìÞ{©GQÑ?få{4»Z©G
Ö*4»Z©GÖX1R"Ã/Ä>Ç4»Ò4#é{{qÖìÊø9Ó 1
¦TransferLog #éa
19. Apache HTTP
qÖì{
137
C19-4. 9
,1{½{Â*04Ç &~½9÷Çló½
ã¥Q½{nÇ{LogFormat >kÝ http://httpd.apache.org/docs2.0/mod/mod_log_config.html#formats uÜR{Â*få
FØÝ9Ä{qÖìFØ{ï,QÑ?få{4»Z©GÖ*4»Z©G
ÖX1R"Ã/Ä>Ç4»Ò4#é{{qÖìÊø9Ó 1¦ErrorLog #
éa
&~ÿ/h\u÷FØ¥FØ·å{-ûÇÝÇ,1ú÷ÄÃ,!;Qt!ûÄemergalertcriterrorwarnnoticeinfo Ýdebug 1ZLogLevel #éa
5DNS ¯ h\¥ ½{½BHostnameLookups Ã5¯Ì
Ç 5¯Ìé~Ç v­5¯²÷v­
* ê5¯Ç{qÖìÌÄÇ,{yqÖì>F©l{ËzÛIP
ÛIP ?ø{qÖìÌËzDNS u¯IZìIP #éa{ÌåÖ
* êv­5¯Ç{qÖìÌqv­5¯DNS¦éÇqê
'5¯ÇqÖìÌó*Þòq't5¯ót5¯¥ÇèaÇIP
{'5¯¥{
/uÇa² 1÷Ã5¯ÇODNS >FÌÉ{qÖìñÞÇ{
qÖì{¤Ý,Ì>z*{qÖ:$ÇACq5¯Ýv­5¯{k/ÒÌ
:Ò
5¯Zv­5¯,ÉrÞu4ǯįÌåÖ{Ç/Ëzóå{
HaX@O$Ç{yqÖìDÇrÇÉ{¼CDÇa² 1÷Ã5¯
19.2.3.
¢¸#Þ
êCGI lýÝqÖìàÃSSIÄÇ¢¸#ÞApache HTTP qÖì,1&
~mod_env ÜLu{úÉCGI lýZSSI {¢¸#Þ&~¢¸#ÞuÜL
{
138
19. Apache HTTP
qÖì{
C19-5. ¢¸#Þ
&~CGI lý÷\Iu÷ÉCGI lýZSSI {¢¸#ÞDz¢¸#
ÞMAXNUM ÷50ÇâCGI lý÷{<ÇC19-5Ä+ló¢¸#
Þ©ýãEMAXNUMÇó÷{ ©ýãE50âh½CGI l
ý÷\I{SetEnv
&~ÉCGI lý \IuóqÖìD'éÄCGI lý¢¸#Þ¢¸#
ÞÇóshell +EenvâÉCGI lý{ <Çófñ{éU¥Q
¢¸#Þ{ÖÁâh½u²Çtï,¥ÉCGI lý \I{PassEnv
*.ÍøìÇ¢¸#ÞÇO$Ç{ÒXÌÉCGI lýZSSI Ç&~CGI lýR
>÷ \IâÙ¥{<ÇlQR>÷{¢¸#ÞÖÁÇZUnsetEnv
#éa
öYJ¢¸#ÞÇ,ï,¥ ÇÇlâ#a{ö<,ï,¥Íø1
øÇâ#a{ö<
ZêApache HTTP qÖì¥{¢¸#ÞÇ>kÁ{Õ
http://httpd.apache.org/docs-2.0/env.html
19.2.4.
ø9
&~ø9u½ø9{ 1Ǧ<Directory> #éa
19. Apache HTTP
qÖì{
139
C19-6. ø9
âÞn{ö<uÄóÁ{ø9ï,¥½{ø9{åø9 1 { 1úïÞó <Directory> { Options ¥,1{ï 1Õ
• ExecCGI — ãqCGI lý* 1ú ÇCGI lýÒXÌúq
• FollowSymLinks — ãê±nRÓz
• Includes — ãqÖìà
• IncludesNOEXEC — ãqÖìàÇb4óCGI lý¥¢~#exec Z#include ×
• Indexes — *>F{ø9¥X?óDirectoryIndexÃindex.htmlÄÇ+ø9{
Â*ê{ï,
• Multiview — |Ñcontent-negotiated multiviewsÖ 1úå¢~
• SymLinksIfOwnerMatch — óø)©GÝø9ZÓz{ÄV#3Çbê±nRÓ
z
½ø9½ 1Çâø9ï,'k{<C19-7 Ä+{=Ìñ
ó=\{ø9©ýãQ{{ø9,D{ï,¥ 1Ç?~&D
{ 1{Order Order ;allow Zdeny úµ${~óãÌåu
ZáýÌåu©ýãÇ,1½ïÕ
• ãÄÌå— Eall uãtÄÌå{6¯
• \I­Ö— ãÄÖÁ{½nÝ1½ne{Ìå{6¯
• qrIP — ãt½IP {6¯
• — 192.168.1.0/255.255.255.0
• dCIDR ä)— 10.3.0.0/16
140
19. Apache HTTP
qÖì{
C19-7. ø9÷
* êt.htaccess ©GRSø9 1Ç.htaccess ©G¥{{ÒÌú ~
19.3.
Ìå÷
,1&~HTTP {Óäu{ÌåÌåãX3{IP ÌåÖÝ3
åìÞ{X3à=äqX3{qÖìÇ,1ó3ÇyqÖìÞ&~Ìåuä
qhttp://www.example.com Zhttp://www.anotherexample.com YÜÇ5éå{Ìå
ZäIP {ÌåÇ 1Z<VirtualHost> #éaÖéäÖÁ{ÌåÇ 1
Z<NameVirtualHost> #éa
ìÇÌå÷{a~Ìå*ì&~öå÷ <r
ÇqÖì\Û÷ÇÌå÷¥eú½BÇ å÷ÒÌú&~Ç,1
óÌ)ü¥½BÌ
GÇXóÇÌå¥Ç/½B
G
HTTP {Óä ÝiC19-8Ä+{åÌå
19. Apache HTTP
qÖì{
C19-8. Ìå
http://httpd.apache.org/docs-2.0/vhosts/
õÌå{få
19.3.1.
141
Zó{åìÞã{Apache HTTP qÖì©l
ØêÍ
ZöÌå
ÌåÇâÌå )üÇlâ <¤,1,ï,¥ Ç
ÌåÇlâö<uöÇ
1
1÷a~tó{{ÌåóÌåÖÁ©ýã÷Ìå
{ÖÁÖÁúHTTP {Óä~uK/X3{Ìå
² © l Ê ø 9 { ÷ Ý 9 Ì å Ê © l à index.htmlÄ { ø 9 1
Z <VirtualHost> {DocumentRoot #éaóRed Hat Linux 7 ÇÄ
Ø
{Apache HTTP qÖì&~/home/httpd/html *DocumentRoot,4óRed Hat Linux 9
¥Çå{DocumentRoot 4/var/www/html
Ì
GZVirtualHost {ServerAdmin #éa* êóFØ
°+lZ
G{Çú~óFØ{lÞ
óÌåfå\IÇ åÌåäIP {ÌåÝäÖÁ{Ì
å
åÌå
‘
a{ÇåÌåÃ#ÇåÇ÷Äh>F{IP ó
ÇÌå¥h#ïñÇå{ÌåÒÌú&~*åÌåú½BÇÌ
qÖì÷ÒÌú&~
äIP {Ìå
‘
* êäIP {ÌåÇÇÊâqÖì{IP u{<VirtualHost>
{¶ôÒÌñóIP ã½IP ½õÇIP Ç~8²Ç
¢I½à=Ç&~IP Address:Port Â*&~:*uIP {Äà
=óqÖìÌåÖ㥽Ìå{ÌåÖ
19.3.1.1.
142
19. Apache HTTP
qÖì{
äÖÁ{Ìå
‘
* ê ä Ö Á { Ì å Ç Ç Ê â q Ö ì { Ì å Ö Á u {
NameVirtualHost {=ÒÌñóIP ã½IP ½õ
ÇIP Ç~8²ǢI½à=Ç&~IP Address:Port Â*&~:*
uIP {Äà=óqÖìÌåÖ㥽Ìå{ÌåÖó/
Ö\IÇâuÌåÖ{/Ö/ÖÌó NameVirtualHost
ServerAlias
19.3.1.2. SSL
Õ
X,1óSSL ¥&~äÖÁ{ÌåÇOSSL ºCèìzI\yqÖì{yVÄ
ó#/th{äÖÁ{Ìå{HTTP >F*.&~äÖÁ{ÌåÇÇ¢ó
{:\yqÖì¥&~
C19-9. SSL |Ñ
*Apache HTTP qÖì{SSL |ÑÇApache HTTP qÖìZÇ{0-{/fÒXÌ
ú·YéXÝi|Ýâ·få{5u4,q{ÇqÍGZ©l{Í
5ÒX&~\/µlÇÂFf~få{ÛÖ5Òa&~Apache SSL |Ñu
·/µé~Apache SSL |ÑÌé~mod_ssl \ÜL/,HTTP {Óäué~ÇÇ
óÌ)ü=> ,~¥ã/,à=443 {6¯-<>kÝ19.1 lÇ
óÌå)ü¥ ÌåÖÇâö<Ç,&D{h\¥ SSLÇ?%
é~SSL |Ñ 1ÇC19-9Ä+SSL {\Iú½{êè{jhyVj
hyV{\yqÖì
ØèyÇ?50y¨ì,Ò\qÖì{üP
19. Apache HTTP
qÖì{
143
qéo{jhyVXó{5&~Red Hat Linux ¥
Ø{èyVéoCA
,{jhyV{-<Ç>kÝ209
ÙÇÌå 1
Ìå{5{¢¸#Þ1ùø9 1Zâêöå÷<1
ÄD{#3X,ÇY°{{~tó{{Ç/ÌåYJ 1{û
Ç>kÝ19.2
19.3.1.3.
19.4.
qÖì÷
qÖì)üã{äý{qÖì÷å÷óõj<YÑ47~{
C19-10. qÖì{
éG{ZLockFile #éaóqÖì&~USE_FCNTL_SERIALIZED_ACCEPT
ÝUSE_FLOCK_SERIALIZED_ACCEPT HDz4»÷éGÄ~{4»Ç
Ñ?óýcÞø:logs ø9 NFS á0Þ*/"$Ça²åý
cÞìÿúÊ~ÖR{ø9
PID ©G{ZPidFile #éa÷qÖì9ÇIDÃPIDÄ{©G©
GaêúÊ~ÖRõj<YÇa&~å
XeÝûø9{ZCoreDumpDirectory #éaApache HTTP qÖìóÝûXe
ÌACݦtø9¥å4ServerRootlÇ*äqqÖì{~Ä&~{üP
tø9{UY!ÇXeÝûÒÃúU*.²XeÝûUc1~®Aø{Ç>²
YÇêúqÖì{äqüPU{ø9
~{ZUser #éaÇ÷qÖìÃI>FÄ~{userid~{÷û½qÖì
{6¯Y!~ÄÃ6¯{©GÇ{5u5Xê6¯å{User 4apache
~ap½YÇO$Çê?Ri\~,1D{©G~¤4ÄúqÖì
ñ{CGI Ç{ÄVÇXaúãq[ø{X4ÃIHTTP >F{h
144
19. Apache HTTP
qÖì{
´·
ø:wó)ÇX²User ÷Ê~²User ÷Ê~Ì{yqÖì
ôL{\&É
ótv*¥Çhttpd ÇD1Ê~üPuäqÇb4ÇÇÌÁýúbÉapache ~q
Öì1Ê~éÄ{ÆO4ÇÇÉt1024 1{à=1024 1{à=4ø:&~
â{ÇO$Ê~b&~Y`qÖì²ËztÇ{à=ÇÇÒÌózI[Ë
z>F²ÇbÉapache ~
Group {¦Group #éaGroup ZUser i#Ç÷qÖìÃI>FÄ~{
kåk4apache
19.5.
®ru
â®ru)üu{.&~{qÖìÇ{!LjÞÇ1ù0Ëz0Á{Apache
qÖì 1YJ 1{å÷óõj<Y4ôh{#YJ÷Ìk/{y
qÖì{ru
HTTP
C19-11. ®ru
²!õËzjÞ÷qÖìê3ÿ®{0>F{!õjÞqÖìÇËzO
Çhttpd ÇÇjÞHt!L!ÝÇtìÇeÇyqÖìbêzIc0
Ëz*X­cHApacheÇ 1÷{RX§°256 1¦MaxClients
#éa
Ëz§½B{qÖìó/fQZÃa{Æj/4ÇËz§½B{
qÖìózBGET >FõÈÇózBPOST ÝPUT >F{TCP ÝõÈÇ1ùóÃ
aTCP Ý{ACK -õÈËz§úå÷300 ÆÇYóõj<YÑ47~{
1¦TimeOut #éa
²'Ëz!õ>FjÞ÷ÇÑËzÄã{!õ>F'jå100ÇYaó
õj<YÑ7~ 1¦MaxRequestsPerChild #éa
* êã'Ëz,Ã!>F 1ÇMaxKeepAliveRequests {ÒÌ
40ÇYÌãÃ!{>F'j
*R> êãÑÈuËz 1ÇKeepAlive ÒÌú÷false* ê
ÇÇKeepAlive ÒÌú÷trueÇ?%KeepAliveTimeout {Ìú÷'Ëz{
19. Apache HTTP
qÖì{
145
§-¥ ½{÷{§Æj4{qÖìóÃIê1>FÇËz
ÇVÇ>FÌ{Æj`zBt>FÇqÖìÒÌ~Ëz§¥{
²ÑËz÷ÇvL{j,ÌsqÖì¤Ý>zÇYâACËzqÖì{~
jÞ½ 1{jÖLÇÇ~ò'Ëz{qÖìÇÒÖõ
19.6.
â?÷
*X.â?Ä){Apache HTTP qÖì{ÇâHTTP {Óä=n{R>
<Ìú
+h*âê4uh Ç{÷ÒXÌúâ?
* . â ? Ä ) {Apache HTTP q Ö ì { Ç âHTTP { Ó ä = n
{h½<ÇéUÒÌñ*âê4Ç{÷ÒÌúâ?
ó/etc/httpd/conf/httpd.conf ¥#Ç{Æ{Ìú
*Y4'&~HTTP {ÓäÇÌtÇ´·{©G.²úCÓ{é
U*HTTP {Óä5thttpd.conf {©G.úCÓÇÇ̲CÓ{©Gâ
?/etc/httpd/conf/httpd.conf.bak
­
â?÷Ç&~service httpd restart ×u­céÄhttpd EÇ4Ê~
bq×
19.7.
ÙÇýî
ZêApache HTTP qÖìÇ>kïýî
19.7.1.
•
•
Apache HTTP qÖì©l— *ãêhttpd-manual GÝÇ?%óäqApache HTTP
qÖìEÇÃhttpdÄÇ,1Apache HTTP qÖì{©lKÇy¨
ìÇlóäqApache HTTP qÖì{qÖìÞ!tURLÕhttp://localhostzuÇâ©
l Óz
/usr/share/docs/httpd-<version> — Apache Migration HOWTO ©lÝ9ê,Çý1.3
tÇý2.0 {øï#1ù[CÓû#{©G{få
19.7.2.
•
•
•
•
•
ãê{©l
~{5
GäÌApache HTTP qÖìÇý2.0 {©
lÇÝi
qÖì
http://localhost/manual/index.html — ó{ýø:ÞéÄêApache HTTP qÖìqÖìÇ
,1&~URL uApache HTTP qÖìÇý2.0 {©l
http://www.redhat.com/support/resources/web_ftp/apache.html — Red Hat {b|ÑÇ
~{Apache HTTP qÖìÓz{ï,
http://www.redhat.com/support/docs/faqs/RH-apache-FAQ/book1.html —Red Hat H{Red
Hat Linux Apache Centralized Knowledgebase http://www.apache.org — The Apache Software Foundation
http://httpd.apache.org/docs-2.0/ — Apache
Apache HTTP
Version 2.0 User’s Guide
146
19.7.3.
•
•
19. Apache HTTP
qÖì{
#V÷
Apache: The Definitive GuideÇ*VÕBen Laurie ZPeter LaurieÖO’Reilly & Associates, Inc. ñ
Ç
Red Hat Linux k; Red Hat, Inc. — YýkÝiê,Apache HTTP qÖìÇý1.3 C
Óû#tApache HTTP qÖìÇý2.0 {ÒÇApache HTTP qÖì{Í-ûfåÇ
1ùóApache HTTP qÖì¥ÜL{Ò
20.
Apache HTTP
20.1.
ë
20.2.
¦\#{GÝc
\qÖì{
ý9
Øêé~êmod_ssl \ÜLu&~OpenSSL EZÓäÝ{Apache HTTP qÖìqÖ
ì{äýfåRed Hat Linux Ø{Y®Ç\G{\óý9¥RÌúÁ\yqÖìÝ
\qÖì
mod_ssl ÜL4Apache HTTP qÖì{\ÜLmod_ssl ÜL&~OpenSSL
Ø{Ó
äuÉApache HTTP qÖì1­Õ— ·/f{Ŧ#'Ç&~HTTPÇ
¨ìZyqÖì-{/µÒÌ&~©ýÇÇ¢ó¨ìZqÖì-{4"Þ,ÌúÙ
Ç|R?<Ý
ý9?X4YJÇ{q\Ý{©l¥.ÜRìÌ{Íý{©lÇý9ó\7{
0ÌZE»
ý9RÌ5+[ãYJǤ=ºÄ·ØyV>F[Ä·üÖ{y
V1ù[ãyVu~{\qÖì{Z½
mod_ssl {©G /etc/httpd/conf.d/ssl.confñYÇ©G&mod_ssl ê
Ó*Çó/etc/httpd/conf/httpd.conf ¥ÝiInclude conf.d/*.conf YÒ
óRed Hat Linux 9¥ÇÒúåÝióå{Apache HTTP qÖì{©G¥
é~\qÖìÇèã1GÝÕ
httpd
‘
GÝÝ9httpd EÇZ#{Óä{©GC)Apache HTTP qÖìÜ
LÒVÃmanÄZÙÇúApache HTTP qÖì&~{©G
httpd
mod_ssl
‘
mod_ssl GÝÝimod_ssl ÜLÇÇ/,\ zÃSSLÄZQ\ÃTLSÄN
FApache HTTP qÖì
ØêL{·Å
openssl
openssl GÝÝ9OpenSSL ÓäÝOpenSSL ÓäÝ"SSL ZTLS NFǤÝiÇ
ø{{·E
ø$iÇÙÇÝióRed Hat Linux ¥{GÝ,1
ؽÇÝ{\ÕÃbX4\q
ÖìäqÄ{ÄÕ
‘
httpd-devel
‘
GÝÝ9Apache HTTP qÖì{Ý9©G>©GZAPXS ÓäÇ*
K®ñi{ÜLÃX4¬Ä
Ø{ÄÇ1ÞÄ©GZÇ>kÝRed
Hat Linux k uÜR&~Apache HTTP qÖì{DSO Õu²ÜLñ\q
Öì{-ûfå
*XK®óApache HTTP qÖì¥ñiÜLÇXãGÝ
httpd-devel
148
20. Apache HTTP
\qÖì{
httpd-manual
GÝÝ9HTML Â*{Apache {Apache User’s Guide Ò
¤,óhttp://httpd.apache.org/docs-2.0/ ¥It
OpenSSH GÝ
‘
The OpenSSH GÝ
Øê~uóÏÇåìÞ~9Zq×{OpenSSH dËzÓä
ø\OpenSSH Óä·Äb/ÃÝi=ÄÇO$,1½ú'&Ç3)RËzZ
ÙÇé{åìZÏÇåì-/f{Ôâ
openssh GÝÝiOpenSSH 0ÇZqÖìÑ{Xe©Gopenssh GݤÝ
iscpÇÇ4rcpÃ~uóåì-
©GÄZftpÃ~uóåì-Q©GÄ{\¦
openssh-askpass GÝ|ÑéU={+=ó&~OpenSSH S®
+Q
=
openssh-askpass-gnome GÝ,1óOpenSSH Ç
+Q=ZGNOME óÁ¢
¸å&~u+Coé=*äq{4GNOMEÇ?&~OpenSSH ÓäÇa
ãGÝ
openssh-server GÝÝisshd \shell EÇZ#©G\shell EÇ
4OpenSSH G{qÖì0Ç*.ãSSH 0Ëzt{ÌåÇóÌå
ÞãGÝ
openssh-clients G Ý Ý 9 q ·SSH q Ö ì Ë z Ä { 0 Ç Ç Ù ¥
Ý i ÕsshÃrsh { \ ¦ Ä ÖsftpÃftp { \ ¦ Ç ~ u ó å ì - Q ©
GÄÖsloginÃ~ÏÇ~9{rlogin Z/,Telnet NF¦Ìå/f{telnet {\
¦Ä
OpenSSH {-ûfåÇ>kÝ159Red Hat Linux k1ùOpenSSH {
5Õhttp://www.openssh.com
‘
httpd-manual
openssl-devel
‘
GÝÝ9HQÈ¡·®*ZNF|Ñ{a~ÇÄ{·ÕEZÝ
9©GóÝiSSL |Ñ{a~ÇÇbãGÝ— &~SSL X
ãGÝ
openssl-devel
stunnel
GÝ
ØêStunnel SSL ÌwÇStunnel |ÑTCP Ëz{SSL ·ÇO$Ç,
1ÃSSL {EÇZNFÃPOPIMAP ZLDAPÄ
Ø·ÇeXéEÇ{
h)[
,20-1 +ê\qÖìGÝ{!Ç?5,ÒÇGÝé\yqÖã4dX
,è
‘
stunnel
GÝÖÁ
httpd
mod_ssl
openssl
httpd-devel
httpd-manual
openssh
openssh-askpass
4d, ,X Ú
d
d
d
4
4
4
4
20. Apache HTTP
\qÖì{
GÝÖÁ
openssh-askpass-gnome
openssh-clients
openssh-server
openssl-devel
stunnel
,20-1. \GÝ
20.3.
yVZ\c
20.4.
&~.?ØÒZyV
149
4d, ,X Ú
4
4
4
4
4
{\qÖì&~\ zÃSSLÄZÃõj<YÄuyVY
ÃCAÄ{jhyV{
\u
Ø\uSSL ÿ®¨ìZ{\qÖì-{·/µZ#èyCA ,{jh
yV{\qÖì
ØèyÃCA 1Ç{Ö¹Zâé{åèüP{yÄh{¨
ì&~SSL ·/µÇÌtsJyÞ{ýͽ ÃURLÄ{>Çhttps://
í
·vØÒ{&~Ã,1²Ç¢h)jâÂ*{³·hZhØÒÄ:{ÝéÁ{
·b¥Ç/Ö{ÜàÑ&~3²ØÒÇÇ¢,1~Y²ØÒu»H
${QóÚáÝ:éÁ
·b¥ÇܲØÒ??ÕÚØZ·Øì|Ýìåè²Æ¢{·Øâ·ÇÚYÆ¢{ÚØÖ
&~·Øh{jâ~ÚØbh
÷{\qÖìÇRÌ&~Úá·buOÚØZ·Øéóõj<YÇÌ5
ìCA yV>FÃÝi{ÚØÄ{ÚüP{yâ1ùQCA RÌDè{yV
>FZüPÇl²{\yyVÃÉ
\qÖì&~yVu5y¨ì)ÒüP,1Ä{yVÃw)üy
VÄÇÝV,1,yVY
¥ÜRyVu{CA {yVÌZâ¦ì½ÚÝåè
#Ë{5{üP
iÇ,1O{üyVl>Õ?ÇüyVXaú~óõj¢¸¥
üyVXÌú~{¨ìÄzI— ¨ìRÌn®~4dzIyV?O\Ëz
>kÝ20.5 uÜRüZCA üÖ{yVK/{-ûfå
óêü{yVÝuCA {yVDzÇãó{\qÖìÞ
*.?{ØÒZyVþÇ*ã\qÖìu¦Ú{\qÖì
¬ÄÇ,Rêó\qÖì¥&~?{ØÒZyVóÁYÜ«<YÇRÃ&
~?{ØÒZyVÕ
• *#ê{IP Z­Ö — yV45½IP Z­ÖéÅ{*#ê­Ö
ÝIP Çù>PcyV
• *PuVeriSign {yVÇb.#qÖìG — VeriSign 4&~v-{CA*
.PÙÇÆOÜz{VeriSign yVÇ,ÌDó{c\qÖì¥&~
{VeriSign yVÇlÇRXÌúã&~ÇY4OVeriSign â½qÖìGZIP
/­Ö\uÅyV
*#ê1ÞkjÃÇ,&~êÇ\qÖì¬Çó.&~YÇ
\qÖìÄÇ,{{ÄÜR{VeriSign yVRÃóc{¥&~ÜRPc
yV
150
20. Apache HTTP
\qÖì{
*,1&~{.?ØÒZyVÇRXÄcØÒÝÜRcyVlÇ,Ý#
?ÍÖÝ9ØÒZyV{©G
²{?ØÒ©GÝ#tÕ
/etc/httpd/conf/ssl.key/server.key
R{?yV©GÝ#tÕ
/etc/httpd/conf/ssl.crt/server.crt
óÝ#êØÒZyVÇ!t20.9
*ÿRed Hat \yqÖìÇ{ÎØÒÃhttpsd.keyÄZyVÃhttpsd.crtÄ
RÌ /etc/httpd/conf/ RÝ#?­×Ö{ØÒZyVÇO$\qÖìb
&~Ç¢&~1ÜÇ×uÝ#?­×ÖØÒZyV©GÕ
mv /etc/httpd/conf/httpsd.key /etc/httpd/conf/ssl.key/server.key
mv /etc/httpd/conf/httpsd.crt /etc/httpd/conf/ssl.crt/server.crt
lÇ&~Á{×uéÄ\qÖìÕ
/sbin/service httpd start
éÄ\qÖìÇÌú
+Q=éhE=é[Enter] EÇqÖìÒÌéÄ
20.5.
yV¡n
*,Red Hat Linux Ø{RPM ¥ãê\qÖìÇDZåØÒZAyVÒÌúÄ?
8ó7h{ø9¥lÇó&~\qÖìÇÄ{ØÒ?ÜRth#/
{qÖì{yV
ØÒZyVbv*\yqÖ— Y?ø,1ÄÇü{yVÝ,ìCA ÿé
oPCA üÖ{yVYÜV-K/Ú
CA üÖ{yV{qÖì
ØÜ1­ÅÕ
• ¨ìÃ/ÄÌÄ#/yVÇ?%X
+~Òêã/\Ëz
• hìCA ÅêüÖ{yVÇÆ¢4ó5¨ìZâ
Ø{åè{üP
*{\qÖìúLÚ¯Ä6¯Ç{\qÖìCA üÖ{yVÇO$6¯{
5{~,1f5{h4ÒpÇ{OèÄpóüyVÇCA Dèù>yV{å
èh"Æ¢ÄÓ
õj|ÑSSL {y¨ìÇÇ¢ÌÄzIyV{CA ï,*¨ì±tPuï
,i{GYCA {yVǨìÌ®¯~4dzIËz
,1{\qÖìÄPü{yVÇb4>?ÇüyVRXÌ
ØZCA ü{y
V#3{ÕüyVRXÌú~{¨ìÄ#/Ç%ÇRXÌZâ
Ø5{åè{ü
PCA ü{yV\qÖì
ØYÜ1­{Å*{\qÖìRÌ~ó¢
¸¥Ç,ÌCA ü{yV
,CA ÜRyV{C:;\Á4éÙZ½{;\ÃcÕ
1. O·{ÚØZ·Øé
2. ÊâÚØOyV>FyV>FÝi{qÖìZÌÑÇ{Ú{få
3. 5ìCA yV>FÇ1ùyÒ{üP{©l·¢X5OF ýÇCA{
û½,1OÁó,V{²èÞÇÝV{Ý3/{²èÞÇÝV\,²ÞD
20. Apache HTTP
\qÖì{
151
h ½êÇCA Ç$¬Æ¢
Ø{ÒuÜRyV
hCA é{üP{]"uw?ÇÆ¢ÒÌÉPjhyV
5. ó{\qÖìÞãyVÇl)ÿ®\/Ö
XX4,CA ÿÜRyVǤ4&~ü{yVÇÇZ½Ñ4ÄØÒ>kÝ20.6 u
ÜRÄØÒ{+
4.
20.6.
ÄØÒ
4Ê~bÄØÒ
DÇcd t/etc/httpd/conf ø9¥Ç&~Á{×Íøóã¥Ä{"ØÒZyVÕ
rm ssl.key/server.key
rm ssl.crt/server.crt
Ù'ÇÄ{±åØÒ¦t/usr/share/ssl/certs ø9¥ÇE1×Õ
make genkey
{ø:Ì+Z1Qñ#{>åÕ
umask 77 ; \
/usr/bin/openssl genrsa -des3 1024 > /etc/httpd/conf/ssl.key/server.key
Generating RSA private key, 1024 bit long modulus
.......++++++
................................................................++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
óÇE=éÜz!\uÇ{=aèÝi¬ÇnÇÝijZ)Ç
%X4#¥{Ä#Îi>ÔÇ{=4KILBU{
Õ
ó'éÄ\qÖì{ÑQYÇ=ÇO$>RÇóe
­cE=uDèÇ4dth`thEêÇÇÝi{ØÒÇw
)>/etc/httpd/conf/ssl.key/server.key {©GÒÌúO
Õ?Ç*X.ó'éÄ\qÖì{ÑQ=ÇRÁYÜ×ÇX
4make genkey uOØÒ
&~Á{×uO{ØÒÕ
/usr/bin/openssl genrsa 1024 > /etc/httpd/conf/ssl.key/server.key
l&~Y×uh½ØÒ{Y!úth÷Õ
chmod go-rwx /etc/httpd/conf/ssl.key/server.key
ó&~1Þ×OØÒÇRX&~=éuéÄ\qÖì
152
20. Apache HTTP
\qÖì{
Be
ó{\qÖ쥢~=Õ4«\Z·¢X
¦¢~\qÖì{=Õ
X&~=ÄÄ{¯ZÌå{\~Ò#Ç¥|3êÌåÞ{UNIX
\ø:ÇÆÒ,1ÜR{·ØÃserver.key ©G{ÄØÒ,1~u
Ø4u
{\qÖì{
*UNIX \ø:óÌåÞú]Ãùãv*ø:{V¶ZÍcÖXv*X{Ý
{qÖÄÇ\qÖì{=,ÒX4ilÇ{\qÖìaú
ª$­céÄÇQ=ÄQu{iâóõj<Y4zq{
server.key ©Gaúø:{Ê~pÇXaúÙÇ~6¯É©G÷PÇR÷Pý
?8ó\ÿ÷P{ÆO4Ç*ó&~ØÒOêyV>F¿êserver.key
©GÇ{yVÒXÌòHÇCA é$ãÏòù>Ã?éoÄPcyV
*K®,CA ÿéoyVÇ>ÝÖ20.7 *K®Äü{yVÇ>Ý
Ö20.8
20.7.
ÄÉCA {yV>F
`OêØÒÇZÒ4ÄyV>FDz>FÉ ¥{CA>h½ /usr/share/ssl/certs ø9Ç?EÁ{×Õ
make certreq
{ø:Ì+ïQñÇl¤Ì>Q=éÃø:¢~ê= 1ÄÕ
umask 77 ; \
/usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key
-out /etc/httpd/conf/ssl.csr/server.csr
Using configuration from /usr/share/ssl/openssl.cnf
Enter PEM pass phrase:
EóÄØÒ {={ø:RÌ+J+Çl5®¯øï¯{Q
ÌúÝióyV>F¥Ä+{QñZ+¾ÃIÇåuZÁ#Õ
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
----Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:North Carolina
Locality Name (eg, city) [Newbury]:Raleigh
Organization Name (eg, company) [My Company Ltd]:Test Company
Organizational Unit Name (eg, section) []:Testing
Common Name (your name or server’s hostname) []:test.example.com
Email Address []:admin@example.com
Please enter the following ’extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
20. Apache HTTP
\qÖì{
153
åÃI±ó1FÁ{iRÃ[]ľÇ1F{få4yVú~{)
ÇÄ+Õ
Country Name (2 letter code) [GB]:
å{QñóiRÇ4GBzIåÇ[Enter]ÇÝ{){ÜÇñ{
SR
zE{YJQÑ4XÓ²{Çb4$,1ïÕ
• X~­Ý²{ÀU~\ÁÃÇSt. Louis aúUÄSaint LouisÄ
• * ² CSR ÉCAÇ > h â ó Ä { ã Ñ Ø ê t h { f å Ç /
4Organization Name ZCommon Name YÜ1CA 5CSR ¥
Ø{få1g½{åè
4déÄ
Ø{Common Name CA RÌáýÝiÆ¢ÃH{få{CSR
• éCommon NameÇ>h½Eê{\qÖì{]"ÖÁÃH{DNS ÖÁÄÇX4
qÖì{/Ö
• Email Address a4ÌÝø:®Ê{
G
• >½@#&! ¡{OnìJCA RÌáýÝ9On{>FO$Ç*{
ÚÖÁÝ9&DzǩUandX&~&
• X&~YÜ1auÕA challenge password ZAn optional company nameX
QYJãÇ[Enter] EuzI8¸{åý,
fåQqÇÇw)/etc/httpd/conf/ssl.csr/server.csr {©GÒÌúO©
G4{yV>FÇ,1±É{CA
ó ½êCA ÇLÆ¢ó5
Ø{Òq/YJÒÌ·ª[yV>FǤ
ýJ©l1ùQfå
ówêCA {FÇÆ¢ÒÌÉyVÃ//,
GÄRÇ¢{yVâ?
ÃÝ="Ä/etc/httpd/conf/ssl.crt/server.crt>h½É©GâP÷P
20.8.
Oü{yV
,1Oü{yV>Õ?Çü{yVRXÌ
ØCA ü{yVÄ
Ø{\Zâ
yV{-ûfåÇ>kÝ20.5
*.*ü{yVÇDL20.6 ¥
Ø{+uO±åØÒ`OêØ
ÒÇ>h½ /usr/share/ssl/certs ø9¥ÇòEÁ{×Õ
make testcert
RÌt1QñÇÌú
+Q=éÃø:ÄêÃ={ØÒÄÕ
umask 77 ; \
/usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key
-x509 -days 365 -out /etc/httpd/conf/ssl.crt/server.crt
Using configuration from /usr/share/ssl/openssl.cnf
Enter PEM pass phrase:
Q=éÃ*OêÃ={ØÒ
+ÄÇÌúFQÍõfå®å{Q
ñ1ù+¾Q¦1{+#5Ã{ÌåZåè
Øth{fåÄÕ
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a
DN.
154
20. Apache HTTP
\qÖì{
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ’.’, the field will be left blank.
----Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:North Carolina
Locality Name (eg, city) [Newbury]:Raleigh
Organization Name (eg, company) [My Company Ltd]:My Company, Inc.
Organizational Unit Name (eg, section) []:Documentation
Common Name (your name or server’s hostname) []:myhost.example.com
Email Address []:myemail@example.com
ØêthfåÇü{yVÒÌó/etc/httpd/conf/ssl.crt/server.crt ¥úO
ÄyVÇ&~1×u­céÄ\qÖìÕ
/sbin/service httpd restart
20.9.
AyV
Aåã{AyVCA ü{yV1ùü{yVDz{yqÖìÝt1Ì
òserver.example.com ¦Ä{­ÖÄÕ
https://server.example.com
Õ
Õ?http Á{shttps: íú~ó\HTTP /Ö¥
*&~{4ÖCA ü{yVÇ{¨ì,ÌÄzIyVÃX
+QÄ?
O\Ëz{¨ìXÌÄ#/AÝü{yVÇOYJyVX4CA ü{
*&~uCA {yVÇ>$¬¨ì{+uzIyV
{¨ìzIêyVÇ{\qÖìÒÌ+å{Ì
20.10.
6¯qÖì
6¯{\qÖìÇ&~Z1#{URLÕ
https://server.example.com
{:\qÖì,1&~Z1#{URL u6¯Õ
http://server.example.com
\y/µ{)ïà=4à=443:\y/µ{)ïà=4à=80\qÖìå
{éYÜÇà=Ñ)&O$ÇXóURL ¥½à=RhÃà=RhÌú"½Ä
lÇ*{ê{qÖì)&:)ï{à=Ãø80 Z443 i{ÄÇóÇURL ¥
½ó:)ïà=ÞËzqÖì{à=Rh
20. Apache HTTP
\qÖì{
155
¾Ç,É{qÖì)ê#a{ÇO$óà=12331 ÞäqÇ:\{Ìå
[óËzÌå{URL ÑóURL ¥½à=RhÁ{URL ¾ÌACËzóà
=12331 )&{:\yqÖìÕ
http://server.example.com:12331
20.11.
ÙÇýî
Apache HTTP qÖì{ikýî>kÝ19.7
20.11.1.
ãê{©l
— óãêhttpd-manual GÝ?äqApache HTTP qÖì{
qÖìÞKy¨ìÇlÝtURL http://localhost/manual/mod/mod_ssl.html
• mod_ssl documentation
20.11.2.
•
•
http://www.redhat.com/mailing-lists/ — ,1óYÇURL Þ¾Ýredhat-secure-server
Gï
,
¤,1/,É<redhat-secure-server-request@redhat.com> YÇ
GÇ
?óÌy¥Ýisubscribe YÇ#u¾Ýredhat-secure-server
Gï,
http://www.modssl.org — mod_ssl 54mod_ssl {Y
ufå5äT{©l
ýîÇÙ¥ÝiUser ManualÇ http://www.modssl.org/docs
20.11.3.
•
~{5
#V÷
ÇÇÇ*VÕBen Laurie ZPeter LaurieÖO’Reilly & Asso-
Apache: The Definitive Guide
ciates, Inc.
156
20. Apache HTTP
\qÖì{
21.
BIND
{
ý9"½.²=ºêBIND ZDNS {äý#ÇOóY°·¢XÌAC:BIND ZDNS
{'ý95:[&~Bind {ÓäÃredhat-config-bindÄu{äý{BIND q
ÖìKLBind {Óäó'a~#O/etc/named.conf {©GZ/var/named
ø9¥{KL{©G
­
Xö/etc/named.conf {©GBind {Óäóa~#Ä©G*.{&
~Bind {ÓäÃ{{÷Ç>²Ç¢t/etc/named.custom ¥
{Óä X =ø:ZÊ6¯YéÄBind {ÓäÇâÁÆÞ{Ìh\ =>
ø:÷ => qÖì÷ => ­ÖqÖÇÝóshell +ÃXTerm ÝGNOME ªàÄ
Eredhat-config-bind ×
Bind
C21-1. Bind {Óä
Bind {Óä ²å{KLø9{Ä/var/namedĽ{KL©GÑ4#éø9Ä
ÓBind {Óä¤ÝiéQ{äýª5Ç*Ç\{1øa4IP Ç
"úãó©ýK­¥EjZÃ.Än
Bind {ÓäãÇt5ÌKÇÇ5ÌKÇZÇ,KêYJKLÇÒ
,1,Ì=¥öÝÍøÇ¢ÇC21-1Ä+
öÍøìKÇââ?<Ý ©G => â?uU
/etc/named.conf {©GZ/var/named ø9¥{ÇKL©Ga~YJ#¤Ì
named qÖ­cñ{©G ©G => RñÌóRñ©Gâ?Ä)#
21.1.
t5ÌK
t5ÌKÃÁDÌKÄÇâcO<Ç t5ÌKLÇló­Ö©
ýKQÌK{­Ö
158
21. BIND
{
Ç¡C21-2{c=ÌñÇÙ¥Ýi1 1Õ
• ÖÁ — óÇ=¥Q{­Ö
• ©GÖ — DNS jâE©G{©GÖÇ#é/var/named ÓÇú½÷Vê.zone
{­Ö
• Éø — ÌK{Ì
GÉø
• ÌÖÁqÖì(SOA) — GYçÕÃSOAÄ9ǽ!7\­få{ÖÁqÖì
• ïRh — DNS jâE©G{ïRhó'©G#ÇYÇRhÑa5
ÇO$KL{'ÖÁqÖìÒê5Ât!c{jâBind {Óäó'{
#{ÑÌRhǤ,1úCÓÇ04âïRhk{÷
<
• -÷ — Ñ?óDNS jâE©G¥{mc­A,ÏZè
TTLÃÙ×-ÄÄÑ1Æ\ • 9 — öZÍøÌå/ÖZÖÁqÖì¡{ýÍ
9
C21-2. t5ÌK
ÌÖÁqÖì(SOA)ú½Çâ9\I{<uè½ÇÖ
ÁqÖì9
{êt5ÌKÇâh½u(ÃtC21-1Ä+{Ì=,nh\¥Çââ?
uU/etc/named.conf {©GÇ1ù/var/named ø9¥Ä\Õ{KL©GÇ?&E
Ç­cñ{©G
{ó/etc/named.conf ©G¥OêZ1#{1øÕ
zone "forward.example.com" {
type master;
file "forward.example.com.zone";
};
21. BIND
{
159
ǤOêQ1få{/var/named/forward.example.com.zone ©GÕ
$TTL 86400
@
IN
SOA ns.example.com. root.localhost (
2 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttl
)
IN
21.2.
NS
192.168.1.1.
5ÌK
5ÌKÇâcO<? 5ÌKLQ.{{IP ){®
Ǭ Ç*.{{IP )4192.168.10.0/255.255.255.0ÇóIP Ã3
Ǭ Ä©ýK­Q192.168.10
ÇC21-3Ä+{c=ÒÌñÇÙ¥Ýiï 1Õ
1. IP — ¦¦óÇ=Q{®Ç¬ 2. 5IP — X,öÊâQ{IP ½{
3. Éø —ÌK{Ì
GÉø
4. ©GÖ — /var/named ø9¥DNS jâE©G{ÖÁ
5. ÌÖÁqÖì(SOA) — GYçÕÃSOAÄ9ǽ!7\­få{ÖÁqÖì
6. ïRh — DNS jâE©G{ïRhó'©G#ÇYÇRhÑa
5ÇO$KL{'ÖÁqÖìÒê5Ât!c{jâBind {Óäó'{
#{ÑÌRhǤ,1úCÓÇ04âïRhk
{÷<
7. -÷ — Ñ?óDNS jâE©G¥{mc­A,ÏZè
TTLÃÙ×-ÄÄÑ1Æ\ 8. ÖÁqÖì — 5ÌKöÝÍøÖÁqÖìèÇÖÁqÖì
9. 5 , — ó 5 Ì K Z Ç ¢ { Ì å Ö {IP ï , Ç é
5 Ì K192.168.10Ç , 1 ó 5 , ¥ 192.168.10.1Ç 1 ù Ì å
Öone.example.com.ÌåÖ½1Ã.Äeu,ÒÇ4Ìå{\Ö
160
21. BIND
{
C21-3. 5ÌK
ÌÖÁqÖì(SOA)ú½Çâ9\I{<uè½ÇÖ
ÁqÖì9
{ê5ÌKÇâh½u(ÃtC21-1Ä+{Ì=,nh\¥Çââ?
uU/etc/named.conf {©GÇ1ù/var/named ø9¥Ä\Õ{KL©GÇ?&E
Ç­cñ{©G
{ó/etc/named.conf ©G¥OêZ1#{1øÕ
zone "10.168.192.in-addr.arpa" {
type master;
file "10.168.192.in-addr.arpa.zone";
};
ǤOêQ1få{/var/named/10.168.192.in-addr.arpa.zone ©GÕ
$TTL 86400
@
IN
SOA ns.example.com. root.localhost (
2 ; serial
28800 ; refresh
7200 ; retry
604800 ; expire
86400 ; ttk
)
@
IN
NS
ns2.example.com.
21. BIND
{
1
2
PTR
PTR
IN
IN
21.3.
161
one.example.com.
two.example.com.
,KL
,KLÃÁ'ÌKÄÇâcO<? ,KLó­Ö©ýK­Q
,KL{­Ö
ÇC21-4Ä+{c=ÒÌñÇÙ¥Ýiï 1Õ
• ÖÁ — óÇ=¥Q{­Ö
• ÌKLï, — ,KL,¥5Âjâ{ÖÁqÖì4H{IP ó©
ýK­QjZÃ.Ä
• ©GÖ — /var/named ø9¥DNS jâE©G{ÖÁ
C21-4. ,KL
{ê,KLÇâh½u(ÃtC21-1Ä+{Ì=,nh\¥Çââ?u
U/etc/named.conf {©GÇ1ù/var/named ø9¥Ä\Õ{KL©GÇ?&EÇ
­cñ{©G
{ó/etc/named.conf ©G¥OêZ1#{1øÕ
zone "slave.example.com" {
type slave;
file "slave.example.com.zone";
masters {
1.2.3.4;
};
};
{©G/var/named/slave.example.com.zone ónamed qÖ,ÌKLqÖì¥ñKLj
âúO
162
21. BIND
{
22.
èy{
h~~9Red Hat Linux ø:ÇÙ~ÖZ={\úDèÝèyÃauthenticatedÄ1
g½Æ4dH{Ù×~Ç~Dè~{få ýø:ÖÇø:²èyMÒ
ÉÏÇø:Þ{~jâE
èy{Óä
Øê{NISLDAPZHesiod u5Â~fåÇ1ù²LDAPKerberos
ZSMB {ÄèyNF{CoÁ
Õ
*óã¥Ý&~\ÿ/{Óä{ê¥ÿÝ°ÿ\ÿ/ÇÝóGNOME Lokkit Ç¥ ê
°ÿÝÿ\ÇÝiNIS ZLDAP ó{dèy0ÒXúã,3Û
ý9?X-û:«X3{èy¡nÇ:ê[&~èy{Óäu{YJèy¡n
,óÁÞéÄCoÇý{èy{ÓäÇ ÁÆÞ{Ìh\ => ø:÷ => è
yÇÝóshell +ÃXTerm ÝGNOME ªàÄEauthconfig-gtk ×éÄä
©ý{ÇýÇóshell +Eauthconfig ×
­
RñêèyÇÇ#ÌÁýH
22.1.
~få
~få)üÞÇ 1é~ 1ÇâÇk{8¸
'¢~ 1ÇâÇk
{
'u88Çâh½uRñÇ?a~#
164
22.
èy{
C22-1. ~få
1{ï,:êÇ 1Ä{{1øÕ
• ¥?~få — 1ué~ÖÁqÖ¥?EÇÃnscdÄÇ?{ÇóZsé
Ä
ãênscd GÝb&YÇ 1H
• é~NIS |Ñ — 1u²ø:{ÄËzNIS qÖìuèy~Z={NIS 0
â{NIS<u½NIS ­ZNIS qÖì*NIS qÖìú½ÇEÇ
ÌAC/,Bu¯IÇ
ãêypbind GÝb&YÇ 1H*é~êNIS |ÑÇportmap Zypbind
qÖÌúéÄÇÇ¢ÌóZsúé~
• é~LDAP |Ñ — YÇ 1u{ø:u/,LDAP 5Â~fåâ{
LDAP<u½LDAP ÂäïDNZLDAP qÖì*&~TLS u
·Ëzú ÇQ\ÒÌú~u·ÉLDAP qÖì{=
ãopenldap-clients GÝb&YÇ 1H
LDAP {ÍõfåÇ>kÝRed Hat Linux k
• é~Hesiod |Ñ — YÇ 1u{ø:u,ÏÇHesiod jâE¥5ÂfåÇÝi~
få
ãhesiod GÝ
22.2.
èy
èy)üã{dèy0é~ 1ÇâÇk{8¸
'¢~ 1Ç
âÇk{
'u88Ç
22.
èy{
165
C22-2. èy
1:êÇ 1Ä{{1øÕ
• &~¶= — YÇ 1uó/etc/shadow©G¥X4/etc/passwd ©G²=
Ñ?¶=Â*¶=óã¥úåé~ÇÇ4·¢ôÅM?~uø:\
u{D
ãêshadow-utils GÝb&YÇ 1H¶={ÍõfåÇ>k
ÝRed Hat Linux k¥{~ZkY9
• &~MD5 = — YÇ 1ué~MD5 =ÇÌãH256 Çn{=X3
4/{è¬Çn{= óã¥úå ÇÇ4·¢ôÅM?~uø
:\u{D
• é~LDAP |Ñ — YÇ 1ut)ï{é~PAM {a~Ç&~LDAP uèy
â{LDAP<u½1fåÕ
&~TLS u·Ëz — &~Q\u·ÉLDAP qÖì{=
LDAP ÂäïDN — /,Ç{#/ÖÁÃDNÄu5Â~få
LDAP qÖì — ½LDAP qÖì{IP
ãêopenldap-clients GÝb&YÇ 1HLDAP {-<>kÝRed
Hat Linux k
• é~Kerberos |Ñ — YÇ 1ué~Kerberos èyâ{Kerberos<u
{Õ
­ — {Kerberos qÖì{­­4&~Kerberos {dÇÇÝõÇKDCÇ
1ùLÞ0Ä
KDC — ½B·ØI¥eÃKDCÄÇ4IKerberos ¦{åì
®qÖì — ½äqkadmind {®qÖì
ãkrb5-libs Zkrb5-workstation GÝb&YÇ 1HKerberos {<>kÝRed Hat Linux k
• é~SMB |Ñ — 1{PAM &~SMB qÖìuèy~â{SMB<
u½Õ
Ó* — ½&~{SMB Ó*
•
•
•
•
•
•
•
166
•
22.
èy{
­;ì — ½&~{SMB ­;ì
22.3.
×qÇý
èy{Óä¤ê*Á{×qÓäuäq×qÇý,1ú~ó{lý
Ýkickstart lý¥èy 1ó,22-1¥ú;QÃc
1
--enableshadow
--disableshadow
--enablemd5
--disablemd5
--enablenis
--disablenis
--nisdomain=<domain>
--nisserver=<server>
--enableldap
--disableldap
--enableldaptls
--disableldaptls
--enableldapauth
--disableldapauth
--ldapserver=<server>
--ldapbasedn=<dn>
--enablekrb5
--disablekrb5
--krb5kdc=<kdc>
--krb5adminserver=<server>
--krb5realm=<realm>
--enablesmbauth
--disablesmbauth
--smbworkgroup=<workgroup>
--smbservers=<server>
--enablehesiod
--disablehesiod
--hesiodlhs=<lhs>
Ãc
é~¶=
¢~¶=
é~MD5 =
¢~MD5 =
é~NIS
¢~NIS
½NIS ­
½NIS qÖì
~fåé~LDAP
~få¢~LDAP
LDAP é~TLS
LDAP ¢~TLS
èyé~LDAP
èy¢~LDAP
½LDAP qÖì
½LDAP äïDN
é~Kerberos
¢~Kerberos
½Kerberos KDC
½Kerberos ®qÖì
½Kerberos ­
é~SMB
¢~SMB
½SMB Ó*
½SMB qÖì
é~Hesiod
¢~Hesiod
½Hesiod LHS
22.
èy{
1
--hesiodrhs=<rhs>
--enablecache
--disablecache
--nostart
--kickstart
--probe
,22-1. ×q 1
167
Ãc
½Hesiod RHS
é~nscd
¢~nscd
X)Ý*portmapypbind Znscd qÖÇý"
Ç¢.²ú{
X+~Á
æZ+då
" YJ 1¤,1óauthconfig {ÒVÃmanÄÝóshell +Eauthconfig --help uIt
168
22.
èy{
23.
GQS®ÃMTAÄ{
GQS®ÃMail Transport AgentÇMTAÄ4,Red Hat Linux ø:¥
G{ւ
G~S®ÃMail User AgentÇMUAÄÇEvolutionMozilla MailMuttÇú~uÝÖZU
Gh~,MUA ¥P
GÇ
GútMTAÇlMTA ²YP
GÉ
øïMTAÇtÇtHÇ{!ªø)
ý"~XK®,ø:¥
GÇJÄ{ÖÝø:Ç,Ì&~/bin/mail ×
u²Ý9>å{
GÉýø:{Ê~
Red Hat Linux 9 ØêÜÇMTAÕSendmail ZPostfix*ÜVþãêÇsendmail Ò4å
{MTA
GQS®#¦ì ã~ sendmail Ýpostfix *ø:{åMTA
&~ä©ý{
GQS®#¦ìÇÇ{ø:Þãredhat-switch-mail RPM
GÝ*.&~CoÇýÇredhat-switch-mail-gnome GÝúã
ãRPM GÝ{-<Ç>kÝV \I
éÄ
GQS®#¦ìÇ ÁÆÞ{Ìh\=> ø:Óä => Íõø:Óä =>
GQS®#¦ìÇÝóshell +ÃXTerm ÝGNOME ªàÄ¥Eredhat-switchmail ×
ÇÌÄ5X =ø:4dóäq*ÇóäqÇÇÒÌóCoÜ*¥éÄÇ
C23-1Ä+*5tXÇÇÒÌó©ýÜ*¥éÄ
GQS®#¦ì ó©ý
Ü*äqÇ&~redhat-switch-mail-nox ×
C23-1.
GQS®#¦ì
* h½u#MTAÇú ¥{
GEÇÒÌóZsúéÄÇú ¥{
G
EÇÌú¢~ÇYøÇÇÒXÌóZsúé~Öú ¥{
GEÇúéÄÇÙÇ
GE
Çú*ÇYøÇ#ÒÌÁý
GNFZMTA {-ûýîÇ>kÝRed Hat Linux kMUA {-<Ç
>kÝRed Hat Linux
170
23.
GQS®ÃMTAÄ{
IV.
ø:{
ÿXê;Ñ6¯1ù[,Red Hat Linux ø:ÞBøGZmGfåÇY\I:êD
{ø:{Ö
ø9
24.
25.
26.
27.
28.
29.
30.
31.
;Ñ6¯ .................................................................................................................................. 173
~Zk{ .......................................................................................................................... 177
Bøø:få .............................................................................................................................. 185
K\å{ .................................................................................................................................. 193
Ä{Ö .............................................................................................................................. 213
©G...................................................................................................................................... 219
ÿX...................................................................................................................................... 221
XÜL...................................................................................................................................... 227
24.
;Ñ6¯
hÊ/~Ã:Ê~Äóý~9t®åÞÇÆ¢úG£Ü¡OY!Õ
1. Æ¢,1äqìJ/Ãäq{Ç
2. Æ¢,16¯ìJ/Ã6¯{©GÃ/4~u6¯cc{O÷÷©GÄ
\Ç®åõÇ;ÑÇõ ~,1ó3-ó®åÞý~9ÇÙ¥½ó
6¯YJ©G{nÅ¥ÜÇó;Ñ~9{~q\p J©G`Ç~
Õ=ÇÇ~9{~ÒÌpYJ©G
¦#'ÇÇó;Ñ~9{~Ñúãäq/!Ê~{ÇuqÄÖ*X ó
äqÇYJqÄ,1úÝióCo~Á{h\óqÇý¥Ç,,;Ñ6¯{Ç
ÝihaltpoweroffZreboot
24.1.
¢~/,Ctrl-Alt-Del å
Lå÷Ç/etc/inittab ©G½{ø:,ó;Ñ&~[Ctrl]-[Alt]-[Del] E\u
?­éø:*.q\¢~Y1ÅDz/etc/inittab ©G¥Áq#ÄÕ:Ç
04óédzRÃ#ÄÕ
ca::ctrlaltdel:/sbin/shutdown-t3-rnow
iÇ,4.G£Ç/:Ê~,;Ñ&~[Ctrl]-[Alt]-[Del] u­éø:{Y¼,1
/,Á{Z½u²Y!½ÉìJ~&~Õ
1. óÞÁ+{/etc/inittab { q¥-a 1ÇÄ+Õ
ca::ctrlaltdel:/sbin/shutdown -a -t3 -r now
-a )/shutdown ×V¯I/etc/shutdown.allow ©GÇ·¢óZ½¥RÌ
O©G
2. ó/etc ø9¥OÇw)shutdown.allow {©Gshutdown.allow ©Gaïñ
ã&~[Ctrl]-[Alt]-[Del] uø:{~Ö/etc/shutdown.allow ©G&~ï,Â
*ÇqïñÖ~ÇÄ+Õ
stephen
jack
sophie
Êâ1Þshutdown.allow ©G{¾ÇstephenjackZsophie úã&~[Ctrl]-[Alt]-[Del]
u,;Ñø:hYÇE\ú&~Ç/etc/inittab ¥{shutdown -a ÒÌ
/etc/shutdown.allow ¥ïñ{~ÃÝÊ~Ä4dó;ÑÞ~9ê*~9V
4Ù¥Çø:ÒÌÖdÇø:;ÑÞÒÌ+ñFØ>å
shutdown.allow {-ûfåÇ>kÝshutdown {ÒVÃmanÄ
24.2.
¢~;ÑÇ6¯
ê¢~~é;ÑÇ{6¯Ça1Ê~üPäqÁ{×Õ
rm -f /etc/security/console.apps/*
174
24.
;Ñ6¯
ó;Ñúâ{¢¸ÃBIOS ZZsãñÇ{=ú÷Ö[Ctrl]-[Alt]-[Delete] E
\ú¢~ÖÍZ­÷ú¢~ÄÇ,X.ã[~ó;ÑÞäqY
Jå,1,;ÑÞ&~{×ÕpoweroffhaltZreboot
R>YJÅÇ1Ê~üPäqÁ{×Õ
rm -f /etc/security/console.apps/poweroff
rm -f /etc/security/console.apps/halt
rm -f /etc/security/console.apps/reboot
24.3.
¢~Ä;Ñ6¯
PAM pam_console.so ÜL®;Ñ©G{Y!ZèyÃ{PAM {-<Ç>k
ÝRed Hat Linux kÄ*.¢~Ä{;Ñ6¯ÇÝiÇZ©G{6¯Ç²
Ä/etc/pam.d ø9¥Z~pam_console.so {éÑÕ:1Ê~&~Á{lýÒ
,1HtYø{Õ
cd /etc/pam.d
for i in * ; do
sed ’/[^#].*pam_console.so/s/^/#/’ < $i > foo && mv foo $i
done
24.4.
½B;Ñ
ÜL&~/etc/security/console.perms ©Gug½ø:;ÑÞ~{Y
!©G{ª:ÙÖ,1ö©G1"Xòa~YJ+lÇå©G¥q
åuÕ
pam_console.so
<console>=tty[0-9][0-9]* :[0-9]\.[0-9] :[0-9]
h ~ ~ 9 Ç Æ ¢ Ì ú Ë z t ì « Ö Á { ª à Ç 4 Ö Á ¡ :0
Ýmymachine.example.com:1.0 {X qÖìÇ4¡/dev/ttyS0 Ý/dev/pts/2 {÷
÷å÷¥Çý;ÑZýX qÖìú½BýÇb4*.²Z#ù{
à=/dev/ttyS1 Þ{"ªàh*ýÇ,1²ÞÁqÕ
<console>=tty[0-9][0-9]* :[0-9]\.[0-9] :[0-9] /dev/ttyS1
24.5.
&©G,,;Ñ6¯
/etc/security/console.perms
©G¥{ìãÝ91qÕ
<floppy>=/dev/fd[0-1]*\
/dev/floppy/*/mnt/floppy*
<sound>=/dev/dsp*/dev/audio*/dev/midi*\
/dev/mixer*/dev/sequencer\
/dev/sound/*/dev/beep
<cdrom>=/dev/cdrom*/dev/cdroms/*/dev/cdwriter*/mnt/cdrom*
*Ç,1óYã°U{é>h½{é¥ÄS{4th{÷
÷Ç,11YqÕ
<scanner>=/dev/scanner/dev/usb/scanner*
24.
;Ñ6¯
175
ÃhlÇ>h½/dev/scanner {h4{·Ã$÷÷ÇX4{mcPÄìÄ
Y4ZZ4½B[ÿ J©Gó/etc/security/console.perms ©G{!
ã¯I¦1¡{éÕ
<console>0660<floppy>0660root.floppy
<console>0600<sound>0640root
<console>0600<cdrom>0600root.disk
lÇZ1¡{qÕ
<console> 0600 <scanner> 0600 root
hó;Ñ~9ÇÒÌúÉ£/dev/scanner ÷÷{ÄYÇÙY!40600Ã,úÖ
UÄhÕ=Ç÷÷ÒÌúÊ~ÄÇY!Î40600ÃóRúÊ~ÖUÄ
24.6.
ÙÇa~Çé~;Ñ6¯
*.&ÙÇa~Çú;Ñ~6¯ÇfR{Z½ÒÌõJ
DÇ×ó/sbin Ý/usr/sbin ¥{a~Çbó;ÑÞ6¯ÇO$.äq{Ç
úâ?ó ÜÇø9¥wêÞÁ{GÇqÁ{Z½Õ
1. OÇ,{a~ÇÃ1¾¥{fooÄt/usr/bin/consolehelper {ÓzÕ
cd /usr/bin
ln -s consolehelper foo
O©G/etc/security/console.apps/fooÕ
touch /etc/security/console.apps/foo
3. ó/etc/pam.d/ ø9¥foo qÖOÇPAM {©G)tÇ{;\04&~halt
qÖ{PAM {©G{ýÇ*.#q{Ç©GÕ
cp /etc/pam.d/halt /etc/pam.d/foo
ó Ç h ä q/usr/bin/foo Ç Ç Ò Ì ® ~consolehelperÇ × Ì
Ï/usr/sbin/userhelper u è y ~ è y ~ Çconsolehelper Ì ® ¯ ~ {
= Ã ¥/etc/pam.d/foo 4/etc/pam.d/halt © G { ý { Ç d Ç Ç Ì q
ó/etc/pam.d/foo ¥{×ÄÇl&~ÊY!uäq/usr/sbin/foo
óPAM {©G¥Ça~Ç,1ú{&~pam_timestamp ÜLuÔÃ¥?Ä'ÄÕ{
Aha~ÇúéÄ?
Øêth{èyÃÊ=ÄÇÇ-©GÒÌúO
Lå÷ÇÄÕèyÌú¥?ÊI¨óYãÏÇó3Ì¥äq{ÙÇ{&
~pam_timestamp {a~ÇÌÄ~èy— ~XòQÊ=
ÜLúÝiópam GÝ¥é~Y1ÕÇetc/pam.d/ ¥{PAM {©GÝi1
qÕ
2.
authsufficient/lib/security/pam_timestamp.so
sessionoptional/lib/security/pam_timestamp.so
Ç1auth >{qaó[auth sufficient qÇ1session >{qaóÄ
session optional q
*{&~pam_timestamp {,ÁÆÞ{Ìh\<éÄ{a~ÇúÄÕèyÇ
C)ÒÌ+óÁÆ{/K­Ã¥äq{4GNOME óÁ¢¸Äèy,ÏÃåÊI
¨ÄÇC)ÒÌ>
~,1/,âC)? èy 1u¥?èy
176
24.7. floppy
24.
k
;Ñ6¯
*ì«ÆOÇ;Ñ6¯éX7~ÇÉ:Ê~
Øtø:cPÄì{6¯ÇY
,1/,&~floppy kuHt&~ ½{Óä²~tfloppy kÒ,1êY°
5
ØêÇ[&~gpasswd u²~fred tfloppy k{¾Õ
[root@bigdog root]# gpasswd -a fred floppy
Adding user fred to group floppy
[root@bigdog root]#
óÇ~fred Ò,1/,;Ñ6¯ø:{cPÄìê
25.
~Zk{
~®ì ãZÍøý~Zk
&~~®ìÇäqX =ø:Çä÷ÊYÇ?%ãêredhat-config-users
RPM GÝ,óÁéÄ~®ìÇâÁÆÞ{Ìh\ => ø:÷ => ~Z
kÇÝóshell +ÃXTerm ÝGNOME ªàÄEredhat-config-users ×
C25-1. Red Hat ~®ì
Ýiø:\\ý~{ï,Çâ~)üÝiø:\\ýk{ï
,Çâk)ü
*¯I½{~ÝkÇóÂ,HìãEÖÁ{Çn[Enter]
EÝâa~,Hì<ú,H{ï,ÒÌú+
É~Zk\ÇâïÖ~ÝkÒÌLï{fåú\
Red Hat Linux ²500 1{~ID âÉø:~~®ìåX+ø:~Ý
iø:~ó{Ä~Ç,nh\¥R> D 1 => ,Hø:~Zk
~Zk{ifåÇ>kÝRed Hat Linux k1ùRed Hat Linux ø:®é
¤C~.
25.1.
c~
c~Çâ~<ÇC25-2 Ä+{=ÒÌñó7h{ãE
c~{~ÖZ\Áó=Zh=ãE==èÇ
n
" ~{=ÖÇÙÆ|ÒÖX4_tYÇ=Ç,X²,~9t~{BR¥·¢¤OFX
ÊâÄ#u =Ç=!P4ñjZOn{\
178
25.
~Zk{
Ç~9shell*Xh½a ýÇshellÇÒ>zIå{/bin/bashå{
Ìø94/home/~Ö,1#~O{Ìø9ÇÝV/,R> OÌø9u
X~OÌø9
* OÌø9Çå{{©GÒÌ,/etc/skel ø9¥
tc{Ìø9¥
Red Hat Linux &~~|kÃuser private groupÇUPGÄ0UPG 0?XÝ
#UNIX ÿ®k{)ï0ÖÇX,
ØêÇcÕ½Lå÷ÇhOÇc~
{ÇǦ~Ö#3{ÕkÒÌúO*X.OYÇkÇR>
~O|k
~½~IDÇ CÓ½~ID*YÇ 1ú Ç,Rh500 ){
Ç,~~ID ÒÌúI`Éc~Red Hat Linux ²500 {~ID âÉø:~
âh½uO~
C25-2. Oc~
{Í°ÿ{~auÃ=,ÏÄÇÝó~~auÇ>kÝ25.2
²~tÍõ{~k¥Çâ~)üÇ ~Çlâauó~
au=¥Ç k)ü .t~{kÇ1ù~{ÌkÇl
âh½
25.2.
~au
ìÇ?~{auÇâ~)üÇ,~ï,¥ ~Çló<h\¥
âauÃÝV,nh\¥ qÄ => auÄÇ¡C25-3{=ÒÌñ
25.
~Zk{
179
C25-3. ~au
~au=úIÅÄõÇQ)ü{ÙÕ
• ~jâ — +ó~{{äý~få&~YÇ)üu#~{\Á
=Ìø9Ý~9shell
• BRfå — *.tBRtHìû½Ï,ÏÇ é~BR,Ïó
Ø{
ãQÏ ~BR.úÃ uÃÔ~BRÇ,&~Ãóø:~9
• =få — YÇ)ü+ê~=!'ú#{Ï~ó½j
#=Ç é~=,Ϥ,1÷ã~#=²,{jÇ~ú
´·V#=²,{jÇ1ùBR#XÙײ,{j
• k — .t~{k1ù~{Ìk
25.3.
ck
c~kÇâk <Ç¡C25-4{=ÒÌñEck{Ö
ÁuOck½kIDÇ CÓ½kIDÇl GIDRed Hat Linux ²
500 {kID âÉø:k
âh½uOkckÒÌñókï,¥
C25-4. Ock
ók¥~Ç>kÝ25.4
25.4.
kau
ì?k{auÇ,kï,¥ kÇló<h\¥âau ÃÝ nh\©G => auÄÇ¡C25-5{=ÒÌñ
180
25.
~Zk{
C25-5. kau
k~)ü+êýJ~4k{ÄÊ ÙÆ~u²Æ¢tk¥ÇÝR> ~u²Æ¢,k¥#øâh½Ýa~uk¥{~
25.5.
×q{
*Íõ¡&~×qÓäÇÝVãX =ø:Ç>ký91Èu{~Z
k
25.5.1.
~
óø:Þ~Õ
1. &~useradd ×uOÇý{~BRÕ
useradd <username>
2. &~passwd ×Ç/,`=Z=uÉìBRÃÕ
passwd <username>
useradd {×q 1ó,25-1¥úïñ
1
-c comment
-d home-dir
-e date
-f days
-g group-name
-G group-list
-m
-M
Ãc
~{Õ:
~uRSå{/home/username Ìø9
¢~BR{ÏÇÂ*ÕYYYY-MM-DD
=,ÏÇBR¢~{jÃ¥½ê0ÇBRó=,ÏÌ
úÁ/¢~¥½ê-1Ç=,ÏÇBRRXÌú¢~Ä
~åk{kÖÝkRhÃkó½?óÄ
~4Ù¥ÄÊ{ikÖÝkRhÃå1i{Äï,Ç~Ï
RIÅÃkó½?óÄ
¥Ìø9X?óOÇ
XOÌø9
25.
~Zk{
1
-n
-r
-p password
-s
-u uid
,25-1. useradd ×q 1
25.5.2.
181
Ãc
X~O~|k
OÇUID B500 {XQÌø9{ø:BR
&~crypt ·{=
~{~9shellÇå/bin/bash
~{UIDÇÇ4Õ{Ç%L499
k
Éø:kÇ&~groupadd ×Õ
groupadd <group-name>
groupadd
{×q ó,25-2¥úïñ
1
Ãc
-g gid
k{GIDÇÇ4Õ{Ç%L499
-r
OB500 {ø:k
-f
¥k.?óÇRñ?+FØÃkXÌú#Ä*½
ê-g Z-f 1Çk.?óÇ-g 1ÒÌúQ
,25-2. groupadd ×q 1
25.5.3.
=
\åDÇF~½Ï#Æ¢{=4ÒÞY,1ó~®ì{=få)ü
ÞÝö~)t
,shell +~{=,ÏÇ&~chage ×DZ&~,25-3¥{ 1Ç1ù~{
~Ö
­
&~chage ×Ƕ=½úé~
1
-m days
-M days
-d days
Ãc
½~#=Ä-Å{!èj*0,Ç=ÒXÌ
,Ï
½=H{!õjh 1½{jÞ-d 1½{
jBh{ÏÇ~ó&~BRÒ#=
½,1970 #1 Û1 åÇ=ú#{j
182
25.
1
-I days
-E date
-W days
,25-3. change ×q 1
~Zk{
Ãc
½=,ÏÇBRúÃXÙ×{j*0ÇBRó=
,ÏÒXÌúÃ
½BRúÃ{ÏÇÏÂ*YYYY-MM-DD¥X~ÏÇ
,1&~1970 #1Û1²,{j
½=,Ï´·~{j
" *chage ×Ëø~ÖÃÃÙÇ 1ÄÇÇÌ+h={j?äqYJjú#
*ø:®Ê.t~óD'~9÷=Ç~{=,1ú÷Áý,ÏÇ,~
óD'~9Áý#Ç
~óD'~9t;Ñ{=Ç>$¬1Z½Õ?Ç¥~&~SSH NFu~
9ÇYÇ,ÇÒqX/
1. ÃÔ~{= — *~X?óÇ&~useradd ×uOYÇ~BRÇb4XÉ
Ç[=ÇÄ1Ç
ÎúÃ
*=.²úé~Ç&~Á{×uÃÔÇÕ
usermod -L username
2. ý/=,Ï — EÁ{×Õ
chage -d 0 username
ײ=!'#{Ï÷epochÃ1970#1Û1ÄX=,Ï|Q4d?
óÇYÇÌ=Áý,Ï
3. ÉBRà — HtYø{Ü«~0®Ê,1`Çð)=Ý8=
´·
X&~passwd u÷=ÇOÇÌ¢~¦¦{{=ý/,Ï
`ð)=Ç$¬1Z½Õ
• &~python ×uéÄ×qpython :ìÇ{+Õ
Python 2.2.2 (#1, Dec 10 2002, 09:57:09)
[GCC 3.2.1 20021207 (Red Hat Linux 8.0 3.2.1-2)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
ó
+ÇE1×òpassword ¦Ä·{=Dzsalt ¦ÄôÜÇ
LUÝBUñjnÝR"nÇ+ ab Ý+ 12ÄÕ
import crypt; print crypt.crypt("password","salt")
ÙQñ{·=¡12CsGd8FRcMSM
• E[Ctrl]-[D] uRñPython :ì
• ²·={Qñ="t1×¥ÃXQ>{8ÂÄÕ
usermod -p "encrypted-password" username
¦Ù`ð)=Ǥ,1&~1×u`8=Õ
•
usermod-p""username
25.
~Zk{
183
Be
&~8=é~Z®ÊuÑi0"ÇbÇeQÇ4{u®0,1ÌD~9
?ø:>BY«
SÇM?®ÊóÉBRÃ{Dè~.²)Pê~9ï÷
ÃX4ý«<YÇD'~9Ç~ÑÌú
+Qc=
25.6.
éÇ{:
ïZ½Ü+êóé~¶={ø:Þ&~useradd juan ×{<oÕ
1. ó/etc/passwd ©G¥cêjuan {qYq{Õ
• Ç1~Öjuan >
• =ãÇxÇ,+ø:&~¶=
• 500 Ý500 1Þ{UID úOÃóRed Hat Linux ¥Ç500 1{UID ZGID úâ
ø:&~Ä
• 500 Ý500 1Þ{GID úO
• , {GECOS fåú8¸
• juan {Ìø9ú÷/home/juan/
• å{shell ú÷/bin/bash
2.
ó/etc/shadow ©G¥cêjuan {qYq{Õ
• Ç1~Öjuan >
• ñó/etc/shadow ©G¥=ã{ÜÇçRÃ!!ÄÌÃÔBR
Õ
*ìÇ·{=&~ê-p )úÇYÇ=Ìú8ó/etc/shadow ©G¥~~
{ q¥
•
3.
4.
=ú÷{X,Ï
ó/etc/group ©G¥cêqjuan k{fåZ~Ö#3{kw)~|
kÃuser private groupÄ~|k{-<Ç>kÝ25.1
ó/etc/group ©G¥c{YqäÕ
• Ç1kÖjuan >
• =ãÇxÇ,+ø:&~¶=
• GID ¦ïÞ/etc/passwd ©G¥~juan q¥{#3
ó/etc/gshadow ©G¥cêjuan k{qYq{Õ
• Ç1kÖjuan >
• ñó/etc/gshadow ©G¥=ã{ÇçRÃ!ÄÌÃÔk
• ÄÙÇãÑ8¸
184
25.
~Zk{
~~juan {ø9úOó/home/ ø9ø9~juan Zkjuan ÄÇ
{ÖUZqY!~juan ÄÄÙÇY!Ñúáý
6. /etc/skel/ ø9ÃÝ9å~÷Ä{©Gú
tcO{/home/juan/ ø9¥
YÇø:ÞÒ?óêÇw)juan {úÃ{BRíÙÇÇ®Ê&~passwd ×
BR`Ç=ÇÝV¤,1÷=
5.
26.
Bøø:få
ó¦ó[{ø:Ça¦ó[Bøäý{ø:fåÇaw[Iñ
8?{jÞ,~mcPÄì8-{jÞÇmcIK0Ç1ùtóäqÇ{fåý9
RÿX[&~Ç;\×ZÇu,{Red Hat Linux ø:¥5ÂY¡få
26.1.
ø:Ç
×+Çhø:Ç{ï,Çï,¥ÝiÙÆ~p{Ç+Ç1ùÇ
¢{ÄVÇ&~ps aux ×ï,4Ç·Õï,Ö¦éÇÇ4óé~Y1×
tóäq{Ç{OL*Ç/Íc{äqÇï,Ç&~ÁÃc{top ×
ps {QñÌi3ÇO¤,¶ô¥,Ç,1²ÇwQñÉless ×Õ
ps ax
ps aux | less
,1&~ps ×Zgrep ×{\uìÇ4dóäqÇg½emacs 4dóä
qÇ&~ÁYÇ×Õ
ps ax | grep emacs
×+êhtäq{Ç1ùÇ¢{­fåÇÝiÇ¢{?ZCPU ~Þï
,4]"-{4Ä{1
ØêÇtop {Qñ+¾Õ
top
00:53:01 up 6 days, 14:05, 3 users, load average: 0.92, 0.87, 0.71
71 processes: 68 sleeping, 2 running, 1 zombie, 0 stopped
CPU states: 18.0% user 0.1% system 16.0% nice 0.0% iowait 80.1% idle
Mem: 1030244k av, 985656k used, 44588k free,
0k shrd, 138692k buff
424252k actv, 23220k in_d, 252356k in_c
Swap: 2040212k av, 330132k used, 1710080k free
521796k cached
PID USER
15775 joe
14429 root
17372 joe
17356 joe
1 root
2 root
3 root
4 root
5 root
347 root
357 root
372 bin
388 root
389 root
414 root
476 root
PRI NI SIZE RSS SHARE STAT %CPU %MEM TIME COMMAND
5 0 11028 10M 3192 S 1.5 4.2 0:46 emacs
15 0 63620 62M 3284 R 0.5 24.7 63:33 X
11 0 1056 1056 840 R 0.5 0.4 0:00 top
2 0 4104 4104 3244 S 0.3 1.5 0:00 gnome-terminal
0 0 544 544 476 S 0.0 0.2 0:06 init
0 0 0 0 0 SW 0.0 0.0 0:00 kflushd
1 0 0 0 0 SW 0.0 0.0 0:24 kupdate
0 0 0 0 0 SW 0.0 0.0 0:00 kpiod
0 0 0 0 0 SW 0.0 0.0 0:29 kswapd
0 0 556 556 460 S 0.0 0.2 0:00 syslogd
0 0 712 712 360 S 0.0 0.2 0:00 klogd
0 0 692 692 584 S 0.0 0.2 0:00 portmap
0 0 0 0 0 SW 0.0 0.0 0:00 lockd
0 0 0 0 0 SW 0.0 0.0 0:00 rpciod
0 0 436 432 372 S 0.0 0.1 0:00 apmd
0 0 592 592 496 S 0.0 0.2 0:00 automount
RñtopÇ[q] E
,1Ztop å&~{Ä×ÝiÕ
186
26.
×
×
[Space]
[h]
[k]
[n]
[u]
[M]
[P]
,26-1. Ä{top ×
Bøø:få
Ãc
Ãc
Áýmc+
+Ð϶ô
ÀìÇÌú
+QÇID 1ù
ÉÇ{fR
#+{ÇjÞÌú
+QjÞ
~\
?~Þ\
CPU ~Þ\
" ¡Mozilla ZNautilus {a~Çä÷"Ç¡Ãthread-awareÄ — õÇ"ÇÌúOuÿ®õÇ
~ÝõÇ>FÇ%Ç"ÇÑ{PIDLå÷Çps Ztop +ÌÃð)Ä"Ç
Ä"ÇÇ&~ps -m ×Ýótop ¥E[Shift]-[H]\E
*Ztop #ÇÍõ¡&~CoÁÇ,1&~GNOME ø:)@ì,óÁÞéÄ
ÇÇ ÁÆÞ{Ìh\ => ø:Óä => ø:)@ìÝóX =ø:{shell +
Egnome-system-monitorl Çï,)ü
GNOME ø:)@ìãótäq{Çï,¥ÂÇǤ,1ÄÇp{
ÇÝÙ×{Ç
êÍõìÇ{<YÇ ÇÇlâÍõfå<Ç{ûÒÌ
+ó={\
*ìÇÇ ÇÇlâeÇYÏeé~Q.Xò)ñ'a{
Ç
½ï{fåu\Çâï{ÖÁfåú\{ ïÌ~ý½º+
Lå÷ÇGNOME ø:);ìX+"Ç#YÇD 1Ç ö => D 1ÇâÇï,)üÇl +"ÇD 1¤ã{Íc-ÅÖÇÇ
å+{fåÖ1ùø:)@ìC,{Ôº
26.
Bøø:få
187
C26-1. GNOME ø:)@ì
26.2.
?~Þ
×+ø:{Ô®?Zb¦K{ÞÇ1ù.&~{8{á0{óX¥à
{Zú¥?{?jÞ
free
total
used
free shared buffers cached
Mem:
256812 240668
16144 105176
50520 81848
-/+ buffers/cache: 108300 148512
Swap:
265032
780 264252
free -m
×+{fåZÁ#3Çb4Ç1MB \ Ç"ÝÖ
total
used
Mem:
250
235
-/+ buffers/cache:
Swap:
258
0
free
15
105
258
shared buffers cached
102
49
79
145
*Zfree #ÇÍõ¡&~CoÁÇ,1&~GNOME ø:)@ì,óÁÞéÄ
ÇÇ ÁÆÞ{Ìh\ => ø:Óä => ø:)@ìÝóX =ø:{shell +
Egnome-system-monitorl Çï,)ü
188
26.
Bøø:få
C26-2. GNOME ø:)@ì
26.3.
df
©Gø:
×ç·ø:{c8-~Þ*óshell +Eêdf ×ÇÇ{Qñ¦Á#Õ
Filesystem
/dev/hda2
/dev/hda1
/dev/hda3
none
1k-blocks Used Available Use% Mounted on
10325716 2902060 6899140 30% /
15554 8656
6095 59% /boot
20722644 2664256 17005732 14% /home
256796
0 256796 0% /dev/shm
Lå÷ÇÓä²IKLB+1KB {LÇ.~{Z,~{c8-1KB \ +
1MB ZGB \ {fåÇ&~df -h ×-h 1S,|,ÖÂ*Ç{Qñ¡Õ
Filesystem
Size Used Avail Use% Mounted on
/dev/hda2
9.8G 2.8G 6.5G 30% /
/dev/hda1
15M 8.5M 5.9M 59% /boot
/dev/hda3
20G 2.6G 16G 14% /home
none
251M 0 250M 0% /dev/shm
óIKï,¥Ç14/dev/shm1øS,ø:{?©Gø:
du ×+úø9¥{©G&~{ï8-jÞ*óshell +Eêdu ×ÇÇ
ø9{~ÞÑÌóï,¥+Çhø9Zø9{ZÌóï,{!q¥ú+*
X.Çø9{~ÞÇ&~du -hs ×u&~|,Ö{Â*ïñø9~ÞZ&~du
--help ×uÍõ 1
Co{ø:IKZc8-~ÞÇ&~ø:)@ì)üÇC26-2{\Ä+
26.
Bøø:få
189
" "c{{fåÇ>kÝ69
26.3.1.
);©Gø:
ØêÇw)diskcheck {ÓäÇÇÇ)@ø:Þ{8c8-jÞÊâ
{©G{½ÇhÇÝõÇcPÄìÞ{~ÞHt½ÇÝÇÇÌ5ø:®Ê
G&~ÓäÇãêdiskcheck RPM GÝ
Óä*Bcron Öäq
1#Þ,1ó/etc/diskcheck.conf ©G¥ú½BÕ
• defaultCutoff — hcPÄì{~ÞHtYǺIÇÇÒÌúç·Ç
*defaultCutoff = 90 ú½ÇcPÄì{~ÞHt90%Ç
GÒÌúñ
• cutoff[/dev/partition]
—
§ Ö I K {defaultCutoff ¾ Ç
*cutoff[’/dev/hda3’] = 50 ú½Çh/dev/hda3 IK{~ÞHt50%Çdiskcheck Ò
Ì´·ø:®Ê
• cutoff[/mountpoint] — §Öñ{defaultCutoffÇ*cutoff[’/home’] =
50 ú½Çh/home ñ{~ÞHt50%Çdiskcheck ÒÌ´·ø:®Ê
• exclude — ½diskcheck Q{ÇÝõÇIKÇ*exclude = "/dev/sda2
/dev/sda4" ú½Çó/dev/sda2 Ý/dev/sda4 {~ÞHt½{#äºI{<Y
Çdiskcheck RXÌ´·ø:®Ê
• ignore — ½Q{ÇÝõÇ©Gø:ÇÂ*-x filesystem-typeÇ
*ignore = "-x nfs -x iso9660" ú½êÇónfs Ýiso9660 ©Gø:{~ÞHt!
Çø:®ÊRXÌú´·
• mailTo — hIKÝñHt!Ç5ø:®Êñ´·{
G
Ç *mailTo = "webmaster@example.com" ú ½ ê Ç ´ · Ò Ì ú
Éwebmaster@example.com
• mailFrom — ½
GV{üPYÏø:®Ê,Hudiskcheck {
G
Ç*mailFrom = "Disk Usage Monitor" ú½êÇÉø:®Ê{
G
{VÒ4c~Þ);ì
• mailProg — ½
G ´ · & ~ {
Ç Ç *mailProg =
"/usr/sbin/sendmail" ú½êÇSendmail ÒÌú~*
Ç
*#ê{©GÇX­céÄqÖÇO'cron Öäq{ÑÌ­Ö
{©Gäqcrond qÖbqcron Ög½EÇ4dóäqÇ&
~/sbin/service crond status ×M?óZséÄqÖóZsÄé
Äcron qÖ{-ûfåÇ>kÝ149
Red Hat Linux
1
26.4.
mG
*ó{mG±t¯ÇÝV4.ê{ø:¥ýJmGÇ,1&~mG¨
ìÇu+úæt{mGóóÁ¢¸éÄÇÇâÌh\ => ø:Óä
=>mG¨ìÇÝóshell +EhwbrowserC26-3Ä+ÇÇ+ê{c÷÷
cmcPÄìZÇ¢{IKd÷÷+÷÷ø:÷÷1ù@ªâ&}h\Þ
{¡/ÖÁÇfåÒÌú+
1.
cron {-<>kÝ289
190
26.
Bøø:få
C26-3. mG¨ì
¤,1&~lspci ×uïÞÄ{PCI ÷÷&~lspci -v ×uÜz-û{fåÇÝ&
~lspci -vv ×uÜzÍ-û{Qñ
Çlspci ×,1ú~ug½ø:@ª{¢ÛnR1ù?LBÕ
01:00.0 VGA compatible controller: Matrox Graphics, Inc. MGA G400 AGP (rev 04) (prog-if 00 [VGA])
Subsystem: Matrox Graphics, Inc. Millennium G400 Dual Head Max
Flags: medium devsel, IRQ 16
Memory at f4000000 (32-bit, prefetchable) [size=32M]
Memory at fcffc000 (32-bit, non-prefetchable) [size=16K]
Memory at fc000000 (32-bit, non-prefetchable) [size=8M]
Expansion ROM at 80000000 [disabled] [size=64K]
Capabilities: [dc] Power Management version 2
Capabilities: [f0] AGP version 2.0
*Xwø:{ÛÝnRÇlspci ,1ÐÏug½YJfå
26.5.
ÙÇýî
¦óÍõBøø:få{#Ç>kïýî
26.5.1.
ãê{©l
+êÇê¦ps å&~{ 1ï,
top {ÒV— Eman top u¦ótop ZÇ{ 1{#
free {ÒV— Eman free u¦ófree ZÇ{ 1{#
• ps --help
•
•
—
26.
Bøø:få
{ÒV— Eman df u¦ódf ZÇ{ 1{#
{ÒV— Eman du u¦ódu ZÇ{ 1{#
lspci {ÒV— Eman lspci u¦óÍõlspci ×ZÇ{õ 1{få
/proc — /proc ø9{,1~uBøÍ-û{ø:få/proc ø9{ifåÇ
>kÝRed Hat Linux k
• df
• du
•
•
26.5.2.
•
191
#V÷
Red Hat Linux
ø:®é¤C~; Red Hat, Inc. — ÝiÇ)@ýÍ{9
192
26.
Bøø:få
27.
K\å{
K\å{Óäã~óRed Hat Linux Þ{K\åÇÓäK\å{©GK\"
Xåø9ZK\,Hì
ØNÏ
,Çý9 )ÇRed Hat Linux å&~CUPS K\ø:,{åK\ø:LPRng
ú
Ø
ê*ø:4,1{&~LPRng {Red Hat Linux ¥ÿu{Çÿ,ÇXÌ&~CUPS u
SLPRngÖø:
Ì&~LPRng
*ø:4,1{&~CUPS {Red Hat Linux Çýÿu{Çÿ,ÇÌâ{{èïÇ
ø:
Ì&~CUPS
K\å{Óäê{CUPSÇê{LPRng K\ø:Êâ{ø:{½ÇÇÌ{
Ù×{K\ø:
&~K\å{ÓäÇä÷ÊYéÄYÇa~ÇÇ ÁÆÞ{Ìh\ =>
ø:÷ => K\ÇÝEredhat-config-printer ××ÌÊâÇÄq{¢
¸4CoX =ø:¤4ä©ý{;ÑuÄg½Ça1Co¤4©ýo*uäqÇ
¤,1/,óshell +Eredhat-config-printer-tui uK\å{Óä*ä
©ý{Çäq
­
Xö/etc/printcap ©GÝ/etc/cups/ ø9¥{©GK\åEÇÃlpd ÝcupsÄó'é
ÄÝ­céÄÇc{{©GÑÌúÄÕOhóK\å{Óä¥a~Ä)#Ç{©GÌ
úÄÕO
* ó & ~LPRngÇ ? . X & ~K \ å { Ó ä Ç K \ å Ç > ö/etc/printcap.local ©G/etc/printcap.local ©G¥{1ø+óK\å{
Óä¥Çb4ÌúK\åEÇÖR*,1{Red Hat Linux ¥ÍcÇ?{{©
GÒÌúݦtúYÇÇ&~{cÂ*hc{©GúÄÇÎ{©GÑÌúâ?
/etc/printcap.old
*ó&~CUPSÇK\å{ÓäXÌ+[&~K\å{Óä{{èïÝá0Ö
X,ÇÇX̲Ǣ,{©G¥Íø
C27-1. K\å{Óä
194
27.
K\å{
,1{1¡n{K\èïÕ
• ýËz — z/,?qÝUSB à=Ëzt®åÞ{K\å
• É{CUPS (IPP) — Ëztê/,TCP/IP d&~ÉK\NF{K\åÇ
ÁIPPþÇËztdÞÇäqCUPS {Red Hat Linux ø:{K\åÄ
• É{UNIX (LPD) — Ëztê/,TCP/IP d{ÙÇUNIX ø:Þ{K\åþ
ÇËztdÞÇäqLPD {Red Hat Linux ø:{K\åÄ
• É{Windows (SMB) — Ëzt/,SMB duá0K\å{ÙÇø:Þ{K\åþ
ÇËztMicrosoft Windows™ åìÞ{K\åÄ
• É{Novell (NCP) — Ëzt&~Novell’s NetWare db{ÙÇø:Þ{K\å
• É{JetDirect — /,HP JetDirect zËztdX4®åÞ{K\å
­
*ÇcèïÝÇ?èïÇa~YJ#b&Ç¢H
âa~<uâ?Ä){#?­céÄK\åEÇYJ#óEÇú­cé
ÄXÌúU{©G$iÇ,1 qÄ => qÄ
27.1.
ýK\å
ýK\åÇ/,?qà=ÝUSB à=Ëzt{®åÞ{K\åÇâK\å{
ÓäÌ=Þ{cO<ÇC27-2Ä+{=ÒÌñâu
C27-2. K\å
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
27.
K\å{
195
C27-3. èïÖÁ
âêÇC27-4Ä+{=ÒÌñ, èï¡n¥ ýËzÇl
÷÷YÇ÷÷/4/dev/lp0Ã?qK\åÄÝ/dev/usb/lp0ÃUSB K\åÄ*
ï,¥÷÷Çâ­·Ã÷÷u­c·Ã®åÝâ½÷÷uCÓ½Ç
âu
C27-4. ýK\å
Z4 K\å¡n>Ýt27.7 u
27.2.
ÇIPP K\å
K\å4ËztäqCUPS {3dÞ{X3Linux ø:Þ{K\åLå{ÇK\
å{Óä¨du¯Iá0{CUPS K\åà 1,1/, qÄ => á0u
#ÄÄÉ{IPP K\åÑ1¨èï{o*ñóÌ=¥
*óK\qÖìÞ{ê3ÛÇÇêó{UDP à=631 ÞZzBËz
*ó0ÃK\>F{®åÄÞ{ê3ÛÇÇúãóà=631 ÞZzBË
z
*¢~êĨÕÇ
,1/,K\å{ÓäÌ=Þ{cO<uÇÉ
{CUPS K\åÇÌ+ÇC27-2Ä+{=âu
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
IPP
196
27.
K\å{
âêÇC27-5ÒÌñ, èï¡nh\¥ É{CUPS (IPP)
C27-5. ÇIPP K\å
~1 1{©ýãÌñÕ
• qÖì — K\åÄËz{ÏÇåì{ÌåÖÝIP
• 4» — tÏÇåìÞ{K\èï{4»
âu
Z4 K\å¡n>Ýt27.7 u
­
É{IPP K\qÖìãuýø:{Ëz-<>kÝ27.13
27.3.
ÏÇUNIX (LPD) K\å
ÏÇUNIX K\åÇËzó3dÞ{X3Linux ø:Þ{K\åÇâK\å{Ó
äÌ=Þ{cO<C27-2Ä+{=ÒÌñâu
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
, èï¡nh\Þ É{UNIX (LPD)Çlâ
27.
K\å{
197
C27-6. ÏÇLPD K\å
~1 1{©ýãÌñÕ
• qÖì — K\åÄËz{ÏÇåì{ÌåÖÝIP
• èï — ÏÇK\åèïåK\åèï/4lp
âu
Z4 K\å¡n>Ýt27.7 u
­
ÏÇK\qÖì,ýø:zIK\*-<>kÝ27.13.1
27.4.
Samba (SMB) K\å
&~SMB NF6¯{K\åÃËztMicrosoft Windows ø:Þ{K\åÄÇâK\
å{ÓäÌ=¥{cO<C27-2Ä+{=ÒÌñâu
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
, èï¡nh\¥ É{Windows (SMB)Çlâ*K\åË
z{4Microsoft Windows ø:Ç YÇèï¡n
198
27.
K\å{
C27-7. SMB K\å
C27-7Ä+ÇSMB á0úÄ5t?ïñâÇá0ÖÁk{F>uj0ï,,j0
ï,¥ ÇK\å
*óI{K\åóï,¥ñÇâ}{½<~1 1{©ýãÌñ
Õ
• Ó* — á0K\å{Samba Ó*{ÖÁ
• qÖì —á0K\å{qÖì{ÖÁ
• á0 — .~uK\{á0K\å{ÖÁYÇÖÁZÏÇWindows åìÞ½B
{Samba K\å{ÖÁ#3
• ~Ö — 6¯K\åÄ~9&~{~ÖÁ~óWindows ø:Þ
?óÇ?%6¯K\å{Y!å{~ÖnguestÃWindows qÖìÄ
ÝnobodyÃSamba qÖìÄ
• = — ó~Ö㥽{~{=Ã¥Ä
âulÇK\å{ÓäÌACËzá0K\å*YÇá0K\å~
ÖZ=ÇÇéUÌñu
+QH{á0K\å{~ÖZ=*½êth
{á0ÖÁǤ,1óY°#Ç*&~Ó*ÖÁuËzá0ÇÇ,1óYÇéU
°½YÇéUZâ½<Ä+{=#3
Z4 K\å¡n>Ýt27.7 u
´·
*&~~ÖZ=ÇÇ¢úÒ©Ñ?óúÊ~Zlpd ÖR{©G¥YøÇ*/|ä÷
ÊYÇÆ¢Ò,Üç~ÖZ=½Y«<Y{Ç6¯K\å{~ÖZ=aX3
ýRed Hat Linux ø:Þ{~BR*Ç¢X3Ç ,ñ{\&ÉÌ4²GY{éK
\å{&~*qÖìÞ¤©Gá0ÇOF&~X3K\åèï{=
27.5.
Novell NetWare (NCP) K\å
Novell NetWare (NCP) K\åÇâK\å{ÓäÌ=Þ{cO<C27-1Ä
+{=Ìñâu
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
27.
K\å{
199
, èï¡nh\¥ É{Novell (NCP)
C27-8. NCP K\å
~1 1{©ýãÌñÕ
• qÖì — K\åÄËz{NCP ø:{ÌåÖÝIP
• èï — NCP ø:Þ{K\å{ÏÇèï
• ~ — &~K\åÄ~9{~Ö
• = — 1Þ~ã½{=
Z4 K\å¡n>Ýt27.7 u
´·
*&~~ÖZ=ÇÇ¢úÒ©Ñ?óúÊ~Zlpd ÖR{©G¥YøÇ*/|ä÷
ÊYÇÆ¢Ò,Üç~ÖZ=½Y«<Y{Ç6¯K\å{~ÖZ=aX3
ýRed Hat Linux ø:Þ{~BR*Ç¢X3Ç ,ñ{\&ÉÌ4²GY{éK
\å{&~*qÖìÞ¤©Gá0ÇOF&~X3K\åèï{=
27.6.
JetDirect K\å
JetDirect K\åÇâK\å{ÓäÌ=Þ{cO <C27-1Ä+{=Ò
Ìñâu
óC27-3Ä+{=¥ÇóÖÁ©ýã¥QÇÕÖÁK\åÖÁXÝ98ÂÇ
1ñ>K\åÖÁ,1Ý9ñjá"Ã-ÄZ"Ã_Ĥ,1Q
K\å{;áÃcÇÙ¥,1Ý98Â
, èï¡nh\¥ É{JetDirectÇlâ
200
27.
K\å{
C27-9. JetDirect K\å
~1 1{©ýãÌñÕ
• K\å —JetDirect K\å{ÌåÖÝIP
• à= — JetDirect K\å)&K\*{à=åà=9100
Z4 K\å¡n>Ýt27.7 u
27.7.
K\ånRZe
êK\å{èï¡nÇZÒ4 K\ånR
ÌtÇZC27-10#{=*ÇúÄ5tÇ,ï,¥ ÇK\åL
¢I¡,nh\¥ K\å{¢{ÖÁh êÇX3{¢ÇK
\ånRï,ÑÌúÍc,ï,¥ K\ånR
C27-10. K\ånR
M?{K\PÄÇ4Êâ ½{K\ånR {K\PÄDz.K\{jâÿ®ÄK
\åê®{Â*ýK\å4zËzt{®åÞ{ÇÇK\PÄÇu
ÿ®ÉK\å{jâ
*ó{ÏÇK\åÃIPPLPDSMB ÝNCPÄÇÏÇK\qÖì/Ç{K\PÄ
Ç*ó{ý®åÞ i{K\PÄÇÇjâÒÌúõ',H?úݦÄK\
åÄî{Â*
27.
K\å{
201
h½jâXÌúõ',HÇD>ó¢Þ /~ÇóK\ånRÞ Æ)K\
èïÝPostscript K\åa~ê#ÇK\<AuAèc{*A½ÇÏÇ
K\qÖì,{K\PÄÇAøÊâÏÇK\å{¢ZnRu K\PÄÇ
Ça~#ÇòK\<A
" ,1óêK\å ÇX3{K\PÄÇ04ÇéÄK\å{ÓäÇ,ï,¥ K\
åÇâöÇâPÄÇ)üÇ ÇX3{K\PÄÇÇla~YJ#
27.7.1.
hK\å{
!Z4h{K\å{*÷thÇâa~uK\èïÇdÇ
âRuK\å{
óÌ=¥âa~<uâ?{#?­céÄK\åEÇa~ê#ÇK\
<Auh½{{thu-<>kÝ27.8
*K\äý{ASCII ø\1i{nÃÝi~©¡{ªÓ¥{nÄÇÃú
{PÄÇ 1Ç? ½ÑPostscript-<>kÝ27.9 *óêK
\èïöÇǤ,1{<LB¡{ 1
27.8.
K\A
{êK\åÇaK\<Auh½K\åêtäqK\AÇ,K\åï
,¥ .Aè{K\åÇl,Anh\¥ \7{A
*#êK\PÄÇÝêPÄÇ 1ÇaK\<AuAX3{{
C27-11. A 1
27.9.
?K\å
ÍøìÇ?K\åÇ YÇK\åÇlâÓäyÞ{Íø<K\åÒÌ,K\
åï,¥Íøâa~<uâ?#?­céÄK\åEÇ
202
27.
K\å{
÷åK\åÇ,K\åï,¥ K\åÇl ÓäyÞ{å<åK\å
C) Ìóï,¥åK\å{åïñ
êK\åǤ,1öÇ¢{÷,K\åï,¥ ö{K\åÇlâ
ö<C27-12Ä+{QÙ)ü{=ÒÌñ=Ý9 ¥K\å{hq
ê#Çâh½<âK\å{ÓäÌ=¥{a~uâ?#?­cé
ÄK\åEÇ
C27-12. öK\å
27.9.1.
èïÖÁ
27.9.2.
èï¡n
27.9.3.
K\åPÄÇ
27.9.4.
PÄÇ 1
­×ÖK\åÝ#Ç{;áÃcÇ#èïÖÁ)ü¥{âh½u(ÃtÌ
=K\å{ÖÁaÌóK\åï,¥ú#âa~uâ?#?­céÄK\åE
Ç
èï¡n)ü+êóK\åZÇ{÷ ¥{èï¡n,1#K\å¡nÝ
#Ç{÷Çâh½u(ÃtÌ=âh½uâ?#?­céÄK\
EÇ
Êâ {èï¡nÇX3{ 1Ìú+YJ 1{ÃcÇ>k#a{K\å9
K\åPÄÇ)ü+êh&~{K\PÄÇ*Çú#êÇâh½uÃt
Ì=âa~uâ?#?­céÄK\EÇ
PÄÇ 1)ü+ê°ÿK\å 1ÇK\PÄì{ 1ÌQX3Ú~ 1Õ
27.
K\å{
203
*K\*{!,K\å¥fñþǦ+})ÐÄÇa ¦fR(FF)*ÇXå*~ÇAø QefR(EOT)<ìJK\
å¦fR(FF)Z¦fR(FF)ÜVufñ!YÇ 1é
LPRng K\ø:~
• *¦fRXå*~Ça QefR(EOT)>k1Þ{¦
fR(FF)\IYÇ 1óLPRng K\ø:¥,~
• *K\PÄÇÃ#/ìJÉÇ{jâÇa "½jâ©ýó
±t¯b YÇ 1* 1ú ÇK\PÄÇÌ"½ÄÉÇ{Ã#/{
jâ©ý* 1ZR©ýݦÄPostscript 1åú ÇK\PÄÇÌ"½
jâ©ýÇl²ÇݦÄPostScript 1óLPRng K\ø:¥~
• *äýASCII ø\i{núÉK\åeúthK\énÄÇa ½ÑPostscript 1½Ñ:)ï{PostScript ÇO$Ç¢êúthK\
*K\åX|ÑACK\{Ç,1Aø YÇ 1¾Ç YÇ 1u²©
K\t:©K\åÞ
q1ÞqÄõJ-ø:óK\th±t¯Ç>X&~YÇ 1
¤Ç*K\åÃÿ®PostScript ÿ/3 Ç,1 YÇ 1 1̲Çݦ
ÄPostScript ÿ/1
• GhostScript ½,H — ãóK\åÃÿ®ìÇPostScript ÿ/ ý,
HݦtPS ÿ/1ÝݦtPS ÿ/2 1óCUPS K\ø:¥&~
êPostScript PÄÇb,~
• R©ýݦÄPostscriptúå *K\åêK\©ýÇAøóK\©ý©l
R> 1uÀáK\-*&~{4CUPS K\ø:ÇÇÒX4Ç, {1øÇ
O©ý4ÌúݦÄPostScript
• <LBã <{LB 1ÝiUS LetterUS LegalA3 ZA4
• H{,HKåC*K\©nÇ ja_JPdÇzBå{C ª
K
• ÍåK\ååYÇ 1,1ú&~ÇWc¥{<
PÄÇ 1Çâh½u(ÃtÌ=âa~uâ?#?­céÄK\E
Ç
•
27.10.
â?{©G
h&~K\å{Óäâ?K\å{Ça~ÇÒÌOÇ{{©GYÇ{©
Gú~uO/etc/cupsø9¥{©GÃÝlpd ÖR{/etc/printcap ©GÄ,1&~×
q 1uâ?ÝÁ
K\å{Óä©G*/etc/cupsø9Ý/etc/printcap ©Gúâ
??Á
t3 ÇK\å{ÒXÌúÁ
Y4K\åEÇó'­céÄ
ÑÌ,K\å{Óä{O{©G¥OÇc{/etc/printcap ©GhOø:{
©G{÷PÇ&~10uâ?K\å{©G*ø:&~{4LPRng K\ø:Ç?
ó/etc/printcap.local ©G¥ê½÷ÇÇaúâ?÷Pø:{\I
â?{K\å{Ç1Ê~üPEÕ
/usr/sbin/redhat-config-printer-tui --Xexport > settings.xml
{{ÒÌúâ?tsettings.xml ©G¥
*YÇ©Gúâ?ÇÇ,1ú~Á
K\å÷YóK\å{úÍø{<YÖÝó­c
ãêRed Hat Linux {<YÖÝóõÇø:Þ3K\å{{<Y/~ó­c
ãÇYÇ©Gaúâ?óX3{ø:ÞÁ
{Ç1Ê~üPE1×Õ
204
27.
K\å{
/usr/sbin/redhat-config-printer-tui --Ximport < settings.xml
*.êÇ{©GÃ.²óø:Þ{êÇÝõÇK\åÄÇ?.ACsÇ{
©GÇ?{{©GÒÌú*.â?{Ç?óâ?{©G¥{Ç,
1&~1×u\?©GÃ1Ê~üPÄÕ
/usr/sbin/redhat-config-printer-tui --Ximport --merge < settings.xml
lÇ{K\åï,ÒÌÝ9óø:Þ{{K\å1ù,â?{{©G¥s{K\
å*s{{©G¥ÇZø:Þ?K\èï3Ö{èïÇs©G¥{èïÒ̧Ö
?K\å
sê{©GÃXmerge ×ÄÇÑ­céÄEÇ*&~{
4CUPSÇq1×Õ
/sbin/service cups restart
*&~{4LPRngÇq1×Õ
/sbin/service lpd restart
27.11.
×q{
*ãXÇ?%X.&~ä©ý{ÇÇ,1/,×quK\åY«0ó
,lý¥Ýkickstart ã{%post \I°K\å{i~
27.11.1.
ýK\å
K\åÇäqÕ
redhat-config-printer-tui --Xadd-local options
Ù 1Õ
--device=node
‘
ÃÄ&~{÷÷¾Õ/dev/lp0
--make=make
‘
ÃÄIEEE 1284 MANUFACTURER nÝfoomatic jâE¥{K\å¢Û{ÖÁ
Ã¥Ãmanufacturer nÄ
--model=model
‘
ÃÄIEEE 1284 MODEL nÝfoomatic jâE¥ïñ{K\ånRÃ¥Ãmodel n
Ä
--name=name
‘
Ã, Äcèï{ÖÁ*ɽÇRÌ&~ä÷÷Ólp0”Ä{ÖÁ
--as-default
Ã, IJÇ÷åèï
*&~{4CUPS K\ø:ÃåÄÇóêK\åÇ&~1×uéÄÝ­céÄK
\åEÇÕ
‘
27.
K\å{
205
service cups restart
*&~{4LPRng K\ø:ÇóêK\åÇ&~1×uéÄÝ­céÄK\åE
ÇÕ
service lpd restart
27.11.2.
ÍøýK\å
¤,1/,×quÍøK\åèï
1Ê~üPuÍøìÇK\åèïÇäqÕ
redhat-config-printer-tui --Xremove-local options
Ù 1Õ
--device=node
‘
ÃÄÄ~{÷÷Ç/dev/lp0
--make=make
‘
ÃÄIEEE 1284 MANUFACTURER nÝfoomatic jâE¥{K\å¢Û{ÖÁ
Ã¥Ãmanufacturer nÄ
--model=model
ÃÄIEEE 1284 MODEL nÝfoomatic jâE¥ïñ{K\ånRÃ¥Ãmodel n
Ä
*&~{4CUPS K\ø:ÃåÄÇ,K\å{Óä{¥ÍøêK\åÇ&~1×
u­céÄK\åEÇ&#HÕ
‘
service cups restart
*&~{4LPRng K\ø:Ç,K\å{Óä{¥ÍøêK\åÇ&~1×u­
céÄK\åEÇ&#HÕconfiguration, restart the printer daemon for the changes to
take effect:
service lpd restart
*&~{4CUPSÇÍøêÄK\åÇXK®òäqK\åEÇêÇq1×
Õ
service cups stop
*&~{4LPRngÇÍøêÄK\åÇXK®òäqK\åEÇêÇq1×
Õ
service lpd stop
206
27.12.
27.
K\å{
®K\*
hÉK\åEÇK\*þ,Emacs ¥K\©ý©GÝ,The GIMP ¥K\C
4ÄÇYÇK\*útK\"Xåèï¥K\"Xåèï4ÇúÉK\å{K\*
1ùÇK\>F{få{ï,YJfåÝiK\>F{çÕ>F{~Ö
>F{ø:ÌåÖ*Rh
*äq{4CoóÁ¢¸ÇâÁÆÞ{K\å®ìC)uéÄGNOME K\®
ìÇC27-13Ä+
C27-13. GNOME K\®ì
Ǥ,1,ÁÆÞéÄâÌh\ => ø:Óä => K\®ì
#K\å÷ÇâK\åC)Çl auK\å{ÓäÒÌúéÄ
vâÇ.{{K\åuK\"XåÇC27-14Ä+
C27-14. K\*ï,
R>óGNOME K\®ì¥ïñ{ì*Ç,ï,¥ ÇÇl ö => R>
©l
*K\"Xå¥Ù×{K\*ÇK\å/C),ÌñóóÁÁÆÞ{ÁÆ/K
­ÇC27-15Ä+OÇÅÊÆæ'K\*Çvá{K\*,XÌ+C)
27.
K\å{
207
C27-15. K\å/C)
âK\å/C)ÌéÄGNOME K\®ìu+hK\*{ï,
ÁÆÞ¤ÇK\®ìC),Nautilus K\ì©GǨ©G{ DzÇV8t
ÁÆÞ{K\®ìC)C27-16Ä+{=ÒÌñâh½u)K\YÇ©
G
C27-16. K\Dè=
,shell +K\"Xå¥{K\*ï,ÇElpq ×!qZ1Qñ#Õ
Rank Owner/ID
Class Job Files
Size Time
active user@localhost+902 A 902 sample.txt 2050 01:20:46
¾27-1. lpq {Qñ+¾
*.R>ìÇK\*Ç&~lpq ×IñYÇ*{RhÇl&~lprm *Rh¾
Çlprm 902 ÌR>¾27-1Ä+{K\*ä÷th{Y!bêR>ìÇK\*
ø:óK\åÄËz{®åÞ~9Ê~ÇXR>úÙÆ~){K\*
¤,1z,shell +K\©G¾Çlpr sample.txt ×ÌK\sample.txt YÇ©
ý©GK\,Hìû½©G{¡n?RÙݦÄK\åê®{Â*
27.13.
á0K\å
K\å{Óä{á0{ 1Åó&~CUPS K\ø:bH{LPRng {á
0Ç>kÝ27.13.1
ãdÞX3®åÞ{~K\t{ø:Þw)á0ÃsharingÄ{K\åå÷Ç
&~K\å{Óä{{K\åX4á0K\å
208
27.
K\å{
á0Ç{ê{K\åÇéÄK\å{ÓäÇ,ï,¥ ÇK\ål qÄ
=> á0
Õ
* K\åÇqÄ => á0+ø:){á0 1ÇÇ¢Ä+óqÄÙ
)ü¥
óèïÙ)üÞÇ &èï,úÙÆ~¼~{ 1
C27-17. èï 1
êá0èïÇLå÷ÇÄÌåÑÌúãK\tá0K\åãdÞ{Ä
ø:ÑêK\tèï¥,ÌiÇ/4óø:zËztÉ{<YM?#Y
Ç 1Ç04Õ ÄÌåÇâö<u+C27-18Ä+{=
*óK\qÖìÞ{ê3ÛÇÇêó{UDP à=631 ÞZzBËz
*ó0ÃK\>F{®åÄÞ{ê3ÛÇúãóà=631 ÞZzBË
z
27.
K\å{
209
C27-18. ã{Ìå
)üÄK\å{÷ÇÝi JK\å{Óä¥Xt{K\åÙ¥ÜÇ 1Õ
C27-19. ø:){á0 1
•
•
įIÏÇá0èï — úå YÇ 1é~IPP ¨ÇY?øhdÞÙÇå
ìBÇ¢p{èïÇYJèïÌúÄtø:{K\åï,¥ÖIPP ¨Ä{
K\åXi{{ 1XÄá0ýø:Þ{{K\å
é~LPD NF — 1ãK\å&~cups-lpd qÖ,{&~LPD NF{0¥z
BK\*cups-lpd qÖ4«xinetd qÖ
´·
*é~ê 1Ç,LPD 0zBt{ÄÌå¥{ÄK\*ÑÌúzI
27.13.1.
&~LPRng á0K\å
*äq{4LPRng K\ø:Ç,1CÓ{á0ãdÞ{ø:K\tRed Hat
Linux ø:Þ{{K\åÇ&~1Z½Õ
210
27.
K\å{
O/etc/accepthost ©GóYÇ©G¥Ç.ãK\6¯{ø:{IP ÝÌ
åÖqÇIP ÝÌåÖ
2. ó/etc/lpd.perms ¥R>1q{Õ:nRÕ
ACCEPT SERVICE=X REMOTEHOST=</etc/accepthost
3. ­céÄEÇu&#HÕ
1.
service lpd restart
27.14.
#¦K\ø:
#¦K\ø:ÇäqK\åø:#¦ìÇ ÁÆÞ{Ìh\ => ø:÷ =>
Íõø:÷ => K\åø:#¦ìÇÝóshell +ÃXTerm ÝGNOME ªàÄE
redhat-switch-printer ×
YÇÇÄ5X =ø:4dóäq*ÇóäqÇÇÒÌóCoÜ*¥éÄÇ
C27-20Ä+*X ú5tÇÇÒÌó©ýÜ*¥éÄó©ýÜ*¥éÄÇ
Ç&~redhat-switch-printer-nox ×
C27-20. K\åø:#¦ì
LPRng ÝCUPS K\ø:óRed Hat Linux 9 ¥ÇCUPS 4å{K\ø:*ã
êÇK\ø:ÇÇÒ4Ä+{ 1
* h½u#K\ø:Ç ½{K\EÇÒêóZsúéÄÇ ½{K\
EÇÌú¢~ÇO$ÇXÌóZsúéÄ ½{K\EÇý/úé~Ç ½{K\
EÇý/ú*~ÇO$#ÌÁýH
27.15.
ÙÇýî
êÍõóRed Hat Linux ÞK\{fåÇ>kïýî
27.
K\å{
27.15.1.
211
ãê{©l
— /etc/printcap K\å{©G{ÒV
ã,×qK\©G{lpr ×{ÒV
man lpd — LPRng K\åEÇ{ÒV
man lprm — ~u,LPRng "Xåèï¥ÍøK\*{×qÓä{ÒV
man mpage — ~uó<ÞK\õ{×qÓä{ÒV
man cupsd — CUPS K\åEÇ{ÒV
man cupsd.conf — CUPS K\åEÇ{©G{ÒV
man classes.conf — CUPS ¡/{©G{ÒV
• man printcap
• map lpr
•
•
•
•
•
•
27.15.2.
•
•
—
~{5
Ý9êLÞóLinux ÞK\{få
http://www.cups.org/ — CUPS {©lFAQZcª
http://www.linuxprinting.org — GNU/Linux Printing
212
27.
K\å{
28.
Ä{Ö
óLinux ¥ÇÖ,1ú{ó½{-ã½{ÏÝø:²þñÞ½{jÞ
ÄäqRed Hat Linux ½{êé­ø:Ö{äqÇ1"&ø:êúÍcÇ
úlocate ×&~{slocate jâEÑúÍcø:®Ê,&~Ä{Öuq½Ï÷
P);ø:äq½lý
Red Hat Linux ±QÇÄÖ{ÓäÕcronanacronatZbatch
28.1. cron
4Ç,1~uÊâ-ÏÛPhÏ{\u®Ýé­
Ö{q{EÇ
"½ø:Ñäq*hìÖú®Ýø:XóäqÇÖÒXÌúqÊâ
-ã:h#-u{ÖÇ>kÝ28.2 ®Ý'u{ÖÇ>kÝ28.3
&~cron qÖÇãêvixie-cron RPM GÝÇ%óäqcrond qÖ
g½GÝ4d.ãÇ&~rpm -q vixie-cron ×g½qÖ4dóäqÇ&
~/sbin/service crond status ×
cron
cron
28.1.1.
cron
{cron Ö
{Ì{©G4/etc/crontabÇÇÝiÁqÕ
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
HOME=/
# run-parts
01 * * * * root run-parts /etc/cron.hourly
02 4 * * * root run-parts /etc/cron.daily
22 4 * * 0 root run-parts /etc/cron.weekly
42 4 1 * * root run-parts /etc/cron.monthly
q4~u{cron Öäq¢¸{#ÞSHELL #Þ{·ªø:&~ýÇshell ¢¸
ÃóYǾ°4bash shellÄÖPATH #Þ½B~uq×{4»cron Ö{Qñú
ÉMAILTO #Þ½B{~Ö*MAILTO #Þú½B8¸nÃMAILTO=""ÄÇ
G
ÒXÌúñHOME #Þ,1~u÷óq×Ýlý&~{Ìø9
/etc/crontab ©G¥{qÑS,1ÖÇÇ{Â*4Õ
minute hour day month dayofweek command
I¨Ç,0 t59 -{[rj
BÇ,0 t23 -{[rj
day — ÏÇ,1 t31 -{[rjÃ*½êÛPÇ4ÛP{HÏÄ
month — ÛPÇ,1 t12 -{[rjÃÝ&~ÛP{]©;Ujanfeb Ä
dayofweek — hÏÇ,0 t7 -{[rjÇY°{0 Ý7 S,hÏÃÝ&~hÏ{]©;
Usunmon Ä
• minute
• hour
•
•
•
—
—
214
28.
Ä{Ö
— q{×Ã×,14ls /proc >> /tmp/proc ¡{×Ç,14q
qU{lý{×Ä
ó1Þ[¥ÇhRÃ*Ä,1~uS,ÄH{ÇÛP¥{hR?øówÙ
ÇÕGÛÑq×
rj-{á"Ã-ĽÇrj)Ç1-4 ?ørj1234
~ÏRÃ,ÄÅ{øï½Çï,Ç3, 4, 6, 8 )ÒYǽ{rj
tR"Ã/Ä,1~u½-ŪGó)Þ/<integer> ?øó),1!
,integerÇ0-59/2 ,1~uóI¨ã½BÜI¨-ŪG¤,1ZhRå
&~¾Ç*/3 {,1~óÛPã¥,+®ÇÛäq'Ö
>³RÃ#Ä{q4Õ:ÇXÌúÿ®
ó/etc/crontab © G ¥ Ä D Ç Ç & ~run-parts l ý u
q/etc/cron.hourly/etc/cron.daily/etc/cron.weekly Z/etc/cron.monthly ø
9¥{lýÇYJlýú#aB±ÝÛqYJø9¥{©Ga4shell
lý
*ìcron ÖÊâ®ÝuqÇX4B±ÝÛqÇÇ,1ú
t/etc/cron.d ø9¥ø9¥{Ä©G&~Z/etc/crontab ¥ø{ª)¾>k
D¾28-1
• command
# record the memory usage of the system every monday
# at 3:30AM in the file /tmp/meminfo
30 3 * * mon cat /proc/meminfo >> /tmp/meminfo
# run custom script the first day of every month at 4:10AM
10 4 1 * * /root/scripts/backup.sh
¾28-1. crontab {¾
Ê~1i{~,1&~crontab Óäu{cron ÖÄ~½B{crontab Ñúâ?
ó/var/spool/cron ø9¥Ç?&~OÇ¢{~üPuq1ì~üPO
Çcrontab 1øÇ~9~ÇlEcrontab -e ×Ç&~VISUAL ÝEDITOR ¢
¸#Þ½{öìuö~{crontab©G&~{Â*Z/etc/crontab #3
hécrontab Ä){#úâ?Çcrontab ©GÒÌÊâ~Öúâ?Ç?U©
G/var/spool/cron/username ¥
cron EÇI¨Ñ5/etc/crontab ©Getc/cron.d/ ø91ù/var/spool/cron
ø9¥{#*ê#ÇÇ¢ÒÌúñ?YøÇhìÇcrontab ©G#ÒX
­céÄEÇê
28.1.2.
;écron {&~
Z/etc/cron.deny ©Gú~u!écron {&~YÜÇ&~;©G{
Â*Ñ4qÇ~ÜÇ©GÑXã8Â*&~;©GúêÇcron EÇ
ÃcrondÄXú­é&~;©Gó'~ÝÍø1cron ÖÑÌúÖR
ÃX&~;©G¥{½[ÇÊ~Ñ4,1&~cron
*cron.allow ©G?óÇÙ¥ïñ{~búã&~cronÇ?%cron.deny ©GÌú
Q
*cron.allow ©GX?óÇÄócron.deny ¥ïñ{~Ñú¢&~cron
/etc/cron.allow
28.
Ä{Ö
28.1.3.
215
éÄZ*qÖ
é Äcron q Ö Ç & ~/sbin/service crond start × * q Ö Ç &
~/sbin/service crond stop ×M?óZséÄqÖ[óZsÄé
Äcron qÖ{-<Ç>kÝ149
28.2. anacron
anacron 4Zcron #{Ö®ÝìÇX,Ç?XFø:ÑäqÇ,1~uäq/
cron äq{±ZÛ{*
&~anacron qÖÇãêanacron RPM GÝÇ%anacron qÖóäq
g½GÝ4dúãÇ&~rpm -q anacron ×g½qÖ4dóäqÇ&
~/sbin/service anacron status ×
28.2.1.
anacron
{anacron Ö
Öúïó{©G/etc/anacrontab ¥©G¥{qÑS,1ÖÇÂ*4Õ
period delay job-identifier command
×q{ªGÃjÄ
ÒÔ-ÃI¨Ä
• job-identifier — Ö{ÃcÇ~óanacron {>å¥Ç?**-©G{ÖÁÇ
Ýi:8¸{nÃøR"iÄ
• command — q{×
é1ÖÇanacron g½Ö4d.ó{©G{period 㥽{Ï-úq
ê*ÇóɽÏ-¤úqÇanacron ÌVdelay 㥽{I¨jÇl
qcommand 㥽{×
ÖqÄÇanacron ó/var/spool/anacron ø9{-©G¥9ÏÏú
9ÃÃ-ÄÇ%job-identifier {ú~*-©G{ÖÁ
Zcron {©GøÇSHELL ZPATH ¡{¢¸#Þ,1ó/etc/anacrontab ©G{\½
B
å{{©GåuZ1#Õ
• period
• delay
—
—
# /etc/anacrontab: configuration file for anacron
# See anacron(8) and anacrontab(5) for details.
SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
# These entries are useful for a Red Hat Linux system.
1
5
cron.daily
run-parts /etc/cron.daily
7
10
cron.weekly
run-parts /etc/cron.weekly
30 15
cron.monthly
run-parts /etc/cron.monthly
C28-1. å{anacrontab
216
28.
Ä{Ö
óC28-1 ¥ÄDÇ{Red Hat Linux anacron {ø{4hâ±ZÛ{cron Ö
Ñúäq
28.2.2.
éÄZ*qÖ
é Äanacron q Ö Ç & ~/sbin/service anacron start × * q Ö Ç &
~/sbin/service anacron stop ×M?óZséÄqÖóZsÄé
Äanacron {-<Ç>kÝ149
28.3. at
Zbatch
Zanacron ú~u®Ý­
{ÖÇat ×ú~uó½-®Ý'u{Öbatch
×ú~uóø:²þñÞ\t0.8 1q'u{Ö
&~at Ýbatch ×Çãêat RPM GÝÇ?%atd qÖóäqg½
GÝ4dúãêÇ&~rpm -q at ×g½qÖ4dóäqÇ&~/sbin/service
atd status ×
cron
28.3.1.
{at *
óì½-®Ý1'u*ÇEat time ×Y°{time 4q×{-
time kj,14ÁÂ*¥[«Õ
• HH:MM Â*— Ç04:00 S,4:00AM*-.,ÇÇÒÌó{Y-q
• midnight — S,12:00AM
• noon — S,12:00PM
• teatime — S,4:00PM
• ]©ÛÖÏ#PÂ*— ÇJanuary 15 2002 S,2002 #1 Û15 #P,,Ã
• MMDDYYMM/DD/YYÝMM.DD.YY Â*— Ç011502 S,2002 #1 Û15
• now + -— -1minuteshoursdaysÝweeks \ Çnow + 5 days S,×a
ó5 {$$/q
-ú½Çzø4,,Ã{Ï-Â*{-<Ç>Ý
Ö/usr/share/doc/at-<version> /timespec ©ý©G
Eêat ×ZÇ{-kjÇat> +ÒÌñEq{×Ç[Enter] EÇl
ECtrl-D,1½õ×Ç04E×[Enter] EEÄ×Ç
[Enter] EÝÇ8qÇlòECtrl-DÝVÇ,1ó
+Qshell lýÇólý
{q[Enter] EÇló8qÿECtrl-D uRñ*Q{4lýÇÄ~{shell ÒÌ
4~{SHELL ¢¸#Þ¥÷{Ç~{~9shellÇÝ4/bin/shÃ&~!{Ä
*Y×ÝlýACó)ïQñ¥+fåÇQñÌ~
G0*ú
É~
&~×atq uVäq{*-<>kÝ28.3.3
at ×{~êúÕ-<>kÝ28.3.5
Ä{Ö
28.
28.3.2.
{batch *
28.3.3.
Väq{*
28.3.4.
ÙÇ{×q 1
217
óø:²þñÞ\t0.8 1qì1'u{ÖÇ&~batch ×
Ebatch ×Çat> +ÒÌñEq{×Ç[Enter] EÇlECtrl-D
,1½õ×Ç04E×[Enter] EEÄ×Ç[Enter] EÝ
Ç8qÇlòECtrl-DÝVÇ,1ó
+Qshell lýÇólý{q[Enter]
EÇló8qÿECtrl-D uRñ*Q{4lýÇÄ~{shell ÒÌ4~{SHELL ¢¸
#Þ¥÷{Ç~{~9shellÇÝ4/bin/shÃ&~!{Äø:²þñÞ\t0.8
1ÇY×ÝlýÒÌúq
*Y×ÝlýACó)ïQñ¥+fåÇQñÌ~
G0*ú
É~
&~×atq uVäq{*-<>kÝ28.3.3
batch ×{~êúÕ-<>kÝ28.3.5
Väq{at Zbatch *Ç&~atq ×Ç+ïVäq{*Ç1*3
âqq{Â*Ñ4Õ*RhÏB*¡/1ù~Ö~Æ¢
{**Ê~qatq ×ÇÄ~{\\*ÑÌú+
at
Zbatch {ÙÇ×q 1ÝiÕ
1
Ãc
,©G¥ÖR×Ýshell lýÇ:ó
+½Ç¢
-m
ó*qÄÇÉ~
G
-v
+*Rúq{-
,28-1. at Zbatch {×q 1
-f
28.3.5.
;éat Zbatch {&~
28.3.6.
éÄZ*qÖ
/etc/at.allow Z/etc/at.deny ©G,1~u!éat Zbatch ×{&~YÜÇ&~;
©G{Â*Ñ4qÇ~ÜÇ©GÑXã&~8¸n*&~;©Gú
êÇat EÇÃatdÄXú­é'~ACqat Ýbatch ×Ç&~;©GÑÌ
úÖR
XX&~;©G[½ÇÊ~Ñ4,1qat Zbatch ×
*at.allow ©G?óÇÙ¥ïñ{~b&~at Ýbatch ×Çat.deny ©GÌú
Q
*at.allow ©GX?óÇÄóat.deny ©G¥ïñ{~Ñú¢&~at Zbatch ×
éÄat qÖÇ&~/sbin/service atd start ×*qÖÇ&~/sbin/service
atd stop ×OFóZséÄqÖóZsÄéÄat qÖ{-<Ç>k
Ý149
218
28.4.
28.
Ä{Ö
ÙÇýî
êÍõ{ÄÖ{#Ç>kÝïýî
28.4.1.
ãê{©l
{ÒVÃmanÄ— écron {c
{ÒVÃmanÄÇ1 Z5 9— 1 9{ÒVÝ9écrontab ©G{c
5 9Ý9©G{Â*Ç1ùJ)¾
/usr/share/doc/at-<version>/timespec Ý9ê,cron *½{-Â*{Í
-ûfå
anacron {ÒVÃmanÄ— éanacron ZÇ{×q 1{Ãc
anacrontab {ÒVÃmanÄ— éanacron {©G{c
/usr/share/doc/anacron-<version>/README — Ãcêanacron ùÙ~E
at {ÒVÃmanÄ— éat Zbatch ×1ùÇ¢{×q 1{Ãc
• cron
• crontab
•
•
•
•
•
29.
©G
©GÃLog filesÄ4Ý9ø:>å{©GÇÝiXqÖóø:Þäq{a~Ç
X3{©GñX3{få¾Ç{4å{ø:©GÇ{~\>åÇ
{ñcron Ö{
hóACfäZûø:¯ÇACñXPÄÇݯIéø:²GY{&~èC
Ç©GÌi~ý9ÿXtý°V¯I©GÇ[©GÇ1ùó©G
¥
ìJ©Gúw)syslogd {EÇ;úsyslogd {>åï,,1
ó/etc/syslog.conf {©G¥It
29.1.
½ ©G
29.2.
©G
õj©G /var/log ø9¥ìJÇhttpd Zsamba ó/var/log ¥\Õ{?8Ç
¢{©G{ø9
Õ?Ç©Gø9¥ÌõÇÁQj{©GYJ©G4ó©Gú¬¢O
{©Gú¬¢&~ÇO$©GXÌ#zÔLlogrotate GÝ¥Ý9ÇêÄÊ
â/etc/logrotate.conf {©GZ/etc/logrotate.d ø9¥{{©Gu¬¢©G
{cron ÖLå{DZÑú¬¢Ç?úâ±È
õj©G&~©ýÂ*,1&~[©ýöìVi ÝEmacs uÇ¢ìJ
©G,1úø:ÞÄ~ÖX,ÇpÊYuÝÖõj©G
óÄ{]"-{a~Ç¥ø:©GÇ&~ìéÄYÇa~Ç
ÇâÁÆÞ{Ìh\ => ø:Óä => ø:ÇÝóshell +Eredhatlogviewer ×
C29-1. ì
YÇa~Ç+?ó{©GÖO$ÇÙï,,̦C29-1Ä+{QX3Ç
ê{qrï,Ç>kD{©G/etc/sysconfig/redhat-logviewer
220
29.
©G
Lå÷Çh{,{©GÅ30 Æúmc'#mcGÇ,nh\¥ ö => D 1C29-2Ä+{=Ìñó©G)ü¥ÇâmcGk
{ÞF>u#Çâu(ÃtÌ=mcGÌúÁý#CÓmch,
1{©GÇ ©G => ý/mcÝ[Ctrl]-[R]
,H©G{uIEÇó,HÕ©ýã¥QEÇlâ,H
ìâ­÷u­÷
,1ó©G)ü¥#ÇÄI©G{ ,ï,¥ ©GÇl
â# <E©G{c ÇÝâ¨<u,©G éU¥½ ©
G âh½u(ÃtD 1=Çlâu(ÃtÌ=
C29-2. ©G{
29.3.
5©G
ì,1ú{óÝ9´·E{qku+´·C)´·#Ç,nh\¥
ö => D 1Çlâ´·)üâ<u´·#Íø
Ç´·#Ç,ï,¥ ÇÇlâÍø
C29-3. ´·
30.
ÿX
êhâX{qruZéÇÄ|Ñ{mG{/uÇRed Hat Linux XRed Hat XB½
OèóXúRed Hat qÇǽ/,øïÎÂ{ÞâyA
Red Hat Linux X&~RPM Â*KÝÇOÇ¢4ÿZDè¾ÇRed Hat, Inc. q
{kernel RPM GÝúãÇinitrd n4ÌúOÖYøÇóãêX3{XÇÒ
&~mkinitrd ×*ãêGRUB ÝLILO {ÇǤÌZsãñÇ{{
©GuÝiYÇcX
ý9ÿXóx86 ø:ÞÿX{Z½
´·
Oèq½{X4XúRed Hat Linux ã|Ñ|Ñ{,Íh¥Oè½X{-<Ç>k
Ý9A
30.1. 2.4
Çý{X
±Q½{2.4 XÇÇÝi1ÕÕ
XÍh{ø94/usr/src/linux-2.4/ÇX4/usr/src/linux/
éext3 ©Gø:{|Ñ
éõ­ÿ®ìÃSMPÄ{|Ñ
éUSB {|Ñ
éIEEE 1394 ÷÷ÃÁFireWire™Ä{ðZ|Ñ
Red Hat Linux
•
•
•
•
•
30.2.
ï÷ÿ
óÿXÇafR1½3DZ4h½<7~{ø:{,äq
{Zsc13yñ¯*ZsãñÇúth{uZscXÇø:ZscÇ
dÒÃZsø:
OZscÇóshell +~9Ê~ÇlE1×Õ
/sbin/mkbootdisk ‘uname -r‘
" >kmkbootdisk {ÒVÃmanÄuÝÖÍõ 1
óÇ&~Zscu­cZs{åì1Dèc{,äqu
bÑX&~ZscÇb4a²Ç?8óÇ\{013y
g½.ãêýJXGÝÇóshell +qÁ{×Õ
222
30.
ÿX
rpm -qa | grep kernel
âq{ã¡n½Ã{ÇýRhZGÝ,X3ÄÇ×{QñÌÝiìJÝ\\
óÁïñ{GÝÕ
kernel-2.4.20-2.47.1
kernel-debug-2.4.20-2.47.1
kernel-source-2.4.20-2.47.1
kernel-doc-2.4.20-2.47.1
kernel-pcmcia-cs-3.1.31-13
kernel-smp-2.4.20-2.47.1
,Qñ¥Ç,1g½ñýJGÝuqXÿé\ÿ®ìø:ÓÇ
kernel GÝ4{
*{®åXÇÿ®ìÇÝi|Ñõÿ®ì{kernel-smp GÝñOF
ãkernel GÝÇ13yõÿ®ìXXó{ø:¥thäq
*{®å{?§,ê4GBÇãkernel-bigmem GÝb&ø:&~õ4GB
{?ñOF
Îãkernel GÝ1~®Akernel-bigmem GÝi686 ø
Oè
*PCMCIA |Ñþó"PÞÄÇkernel-pcmcia-cs GÝÒX,è
ø:.­cHXÇݲø:~XÇXkernel-source GÝ
kernel-doc GÝÝiX©lÇÇX4{*{ø:ú~XÇM?
ãÇ
kernel-util GÝÝiê~u;XÝø:mG{ÓäÇÇÇX4{
Red Hat Oè{XX3{x86 Çý)ê 1Õ~AMD Athlon™ ZAMD Duron™ ø
:{athlonÖ~Intel® Pentium® IIIntel® Pentium® IIIZIntel® Pentium® 4 ø:{i686Ö
~Intel® Pentium® ZAMD K6™ ø:{i586*Xw{x86 ø:{ÇýÇ&~
i386 ÇýOè{XÖÇ4Ääx86 {ø:Oè{
RPM GÝ{x86 ÇýúÝió©GÖ¥¾Õkernel-2.4.20-2.47.1.athlon.rpm 4
AMD Athlon™ ZAMD Duron™ ø : { Çkernel-2.4.20-2.47.1.i686.rpm 4
Intel® Pentium® IIIntel® Pentium® IIIZIntel® Pentium® 4 ø:{óg½êG
ÝÇÿXÇkernelkernel-smpZkernel-bigmem GÝ th{
øÙÇGÝ&~i386 Çý
30.3.
ñÿê{X
g½4d,~{ø:{ÿXÇ0P«
• http://www.redhat.com/apps/support/errata/ 5Ç &~{Red Hat Linux ÇýÇl
Ç{ØXØ/ó\ú¯ÃSecurity AdvisoriesÄ \I,Øï,¥â
XØuÇ{-ûØç·óØç·¥ÇÇ{RPM ï,Ç1ù,Red Hat
FTP 5ñÇ¢{Óz¤,1,Red Hat FTP {º45¥ñÇ¢º45{ï,
óhttp://www.redhat.com/download/mirror.html ¥
• &~Red Hat duñXRPM GÝ?ãÇ¢Red Hat dêñ!c{X
ÿø:Þ{X*ÇOð)RAM n4Ç?{ZsãñÇuñcXÜ
RÍõfåÇ>kÝ http://www.redhat.com/docs/manuals/RHNetwork/ Þ{Red Hat dUser
Reference Guide
*,Red Hat Linux {ØÞñêRPM GÝÇÝ&~êRed Hat duñ
GÝÇÝÖ30.4 *&~êRed Hat duñ?ãÍcê{XÇ$¬30.5
Z30.6 ¥{ÒX,ÇX²XÄåZs1ÇORed Hat dÌIJå
XÄ!cÇý
30.
ÿX
30.4.
223
qÿ
5ÂtÄ{GÝÇÒ,1)ÿ?Xêóshell +~9Ê~Çݦ
tÝ9XRPM GÝ{ø9¥Ç$¬1Z½Õ
­
ñOFâÎXÇ13ycXñ¯
&~rpm ×{-i 1uâÒX*&~ê-U 1uÿkernelGÝÇÇÌh
ãê{X×ÃXÇýZx86 ÇýÌÄX3ÄÕ
rpm -ivh kernel-2.4.20-2.47.1.i386.rpm
*ø:4õÿ®ìø:Ǥãkernel-smp GÝÃXÇýZx86 ÇýÌÄX3ÄÕ
rpm -ivh kernel-smp-2.4.20-2.47.1.i386.rpm
*ø:4äi686 {Ç?Ý9§,4GB {?Ǥãi686 øOè{kernel-bigmem
GÝÃXÇýZx86 ÇýÌÄX3ÄÕ
rpm -ivh kernel-bigmem-2.4.20-2.47.1.i686.rpm
*K®ÿkernel-sourcekernel-docsÝkernel-utils GÝÇ,Xâ
Çý&~Á{×uÿYJGÝÃÇýÌÄX3ÄÕ
rpm -Uvh kernel-source-2.4.20-2.47.1.i386.rpm
rpm -Uvh kernel-docs-2.4.20-2.47.1.i386.rpm
rpm -Uvh kernel-utils-2.4.20-2.47.1.i386.rpm
*ø:PCMCIA |Ñþ"PÄǤãkernel-pcmcia-cs ?âÇ
ý*&~ê-i 1ÇÇ,Ì(ÃàBÇOXGÝuZsQPCMCIA |
Ñ{ø:w,YǯÇ&~--force 1ÇÄ+ÃÇýÌÄX3ÄÕ
rpm -ivh --force kernel-pcmcia-cs-3.1.24-2.i386.rpm
Z4Dèð)RAM cn44dúO-<>kÝ30.5
30.5.
Dèð)RAM cn4
*ø:&~ext3 ©Gø:ÝSCSI ;ìÇÒð)RAM cð)RAM c{ø{4ã
ÜL{XóÇêÜL/×{÷÷ä÷X,÷÷Zs{ÜL{
Å
ð)RAM c/,&~mkinitrd ×uOlÇ*XùÙ#©G4,Red Hat, Inc.
q{RPM GÝ¥ãÝÿ{ÇYÇZ½ÌúÄqÖO$ÇÇXúCÓqD
èÇ4dúOêÇ&~ls -l /boot ×uh½initrd-2.4.20-2.47.1.img©GúOê
ÃÇýa{¦¦ãê{X{ÇýÄ
Z4DèZsãñÇ.ú{uZscX-<>kÝ30.6
224
30.6.
30.
ÿX
DèZsãñÇ
*ãêGRUB ÝLILO ZsãñÇÇkernel RPM GÝ{Ç¢uZs¦¦ã{
XÇb4Ç?X{ZsãñÇåZscX
hZsãñÇ.ú{ÄZscX4z
¦{Y4­{Z*Zsã
ñÇú{zXthÇRÃZs{ø:¥Y«<YêÇ&~,O{Zscu
Zs{ø:ÇlòAC{{ZsãñÇ
30.6.1. GRUB
* êGRUB *ZsãñÇÇ>h/boot/grub/grub.conf ©G¥Ý9{title \
I¥{Çý¦¦¦ã{kernel GÝ{Çý#3Ã*ãêkernel-smp Z/ÝkernelbigmemÇÌtYÇ\IÄÕ
# Note that you do not have to rerun grub after making changes to this file
# NOTICE: You have a /boot partition. This means that
#
all kernel and initrd paths are relative to /boot/, eg.
#
root (hd0,0)
#
kernel /vmlinuz-version ro root=/dev/hda2
#
initrd /initrd-version.img
#boot=/dev/hda
default=3
timeout=10
splashimage=(hd0,0)/grub/splash.xpm.gz
title Red Hat Linux (2.4.20-2.47.1)
root (hd0,0)
kernel /vmlinuz-2.4.20-2.47.1 ro root=LABEL=/
initrd /initrd-2.4.20-2.47.1.img
title Red Hat Linux (2.4.20-2.30)
root (hd0,0)
kernel /vmlinuz-2.4.20-2.30 ro root=LABEL=/
initrd /initrd-2.4.20-2.30.img
*Oê\Õ{/boot IKÇtX¦initrd n4{4»4#é/boot IKÓ{
Õ?ÇåZs1øú÷cX{GRUB uåZscXDzdefault #Þ{
ÄÝ9cX{title \I{RhYÇRh,0 )¾Ç*cX4Çtitle \IÇ
²default ÷1
,1­cZs®åu)AYÇcXÇ
¶ôÞ{>åuhâmGúth5tê
30.6.2. LILO
* êLILO *ZsãñÇÇ>h/etc/lilo.conf ©G¥Ý9{image \I¥
{Çý¦¦¦ã{kernel GÝ{Çý#3Ã*ãêkernel-smp Z/ÝkernelbigmemÇÌtYÇ\IÄÕ
prompt
timeout=50
default=2.4.20-2.30
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
message=/boot/message
linear
image=/boot/vmlinuz-2.4.20-2.47.1
label=2.4.20-2.47.1
30.
ÿX
225
initrd=/boot/initrd-2.4.20-2.47.1.img
read-only
append="root=LABEL=/"
image=/boot/vmlinuz-2.4.20-2.30
label=2.4.20-2.30
initrd=/boot/initrd-2.4.20-2.30.img
read-only
append="root=LABEL=/"
Õ?ÇåZs1øú÷cX{LILO uåZscXDzdefault #Þ{
ÄÝ9cX{image \I¥{label {1Ê~üPäq/sbin/lilo ×ué~
#äqÇÙQñ̦#Õ
Added 2.4.20-2.47.1 *
Added linux
Á{* ?Í \I¥{X4LILO ÌåZs{X
,1­cZs®åu)AYÇcXÇ
¶ôÞ{>åuhâmGúth5tê
2.4.20-2.47.1
226
30.
ÿX
31.
XÜL
XäÜL÷óZsÇèÞ{×Xúñ?YÇÃX[~
F&~×X¥{ÕÇìXÜLÃkernel moduleÄÇÁPÄÇÃdriverÄ
ÒÌúÄÕñ?
óã,Ç¥Çø:Þ{mGÌúæäæ*Z~
Ø{fåÇãÇÌû½ýJÜ
LóZsúñãÇÌ÷ÄÕñåu?Òäq
*ãêcmGÇYÇmGÇXÜLÇø:ú{ucmGñth
{XÜLhø:&~cmGZsÇKudzu ÇÌäqÇ*cmGú|ÑÇÇÒÌú5
tÇǤÌÇ{ÜL,1/,öÜL{©G/etc/modules.conf uCÓ½
YÇÜL
Linux
Õ
~u+X =ø:Á{@ªÜL4XFree86 GÝ{\IÇX4X{\IÖO$Çý9?
Xa~ÜL
¾Ç*ìø:ÝiêÇSMC EtherPower 10 PCI ÇÜL{©GÝ91qÕ
alias eth0 tulip
*ø:ÞêÇÇÇZÇÜøÇó/etc/modules.conf ¥Y
qÕ
alias eth1 tulip
ÜzXÜL{ñ~ï,1ùYJÜLÄ|Ñ{mGÇ>kÝRed Hat Linux k
31.1.
XÜLÓä
*ãêmodutils GÝǤ,1&~®XÜL{×&~YJ×ug½ÜL
4dúÄÕñêÇÝGcmGAèX3{ÜL
/sbin/lsmod ×+êhñê{ÜLï,¾Õ
Module
Size Used by Not tainted
iptable_filter
2412 0 (autoclean) (unused)
ip_tables
15864 1 [iptable_filter]
nfs
84632 1 (autoclean)
lockd
59536 1 (autoclean) [nfs]
sunrpc
87452 1 (autoclean) [nfs lockd]
soundcore
7044 0 (autoclean)
ide-cd
35836 0 (autoclean)
cdrom
34144 0 (autoclean) [ide-cd]
parport_pc
19204 1 (autoclean)
lp
9188 0 (autoclean)
parport
39072 1 (autoclean) [parport_pc lp]
autofs
13692 0 (autoclean) (unused)
e100
62148 1
228
microcode
keybdev
mousedev
hid
input
usb-uhci
usbcore
ext3
jbd
31.
XÜL
5184 0 (autoclean)
2976 0 (unused)
5656 1
22308 0 (unused)
6208 0 [keybdev mousedev hid]
27468 0 (unused)
82752 1 [hid usb-uhci]
91464 2
56336 2 [ext3]
éqÓÇï4ÜLÖÁÖï4ÜLLBÖ®ï4~Þj
~ÞjÁ{fåéÇÜLÓÑÄX3*(unused) úïóìÜL{ q¥ÇÜL
hÒó&~*(autoclean) úïóìÜL{ q¥ÇÜL,1úrmmod -a ×Ä
8÷hYÇ×úqÇÄ,Þ'úÄ8÷ú&~{ú)êautoclean{ÜL
ÑÌúWñRed Hat Linux XåqÄ8÷qÄ
*ÜLÖÁúïÞóq{iRÇiR{ÜLÒvïÞóYq{ï¥{ÜL¾
Çó1q¥Õ
usbcore
82752 1 [hid usb-uhci]
Zusb-uhci XÜLvusbcore ÜL
/sbin/lsmod QñZ/proc/modules {Qñ#3
ñXÜLÇ&~/sbin/modprobe ×ÇlËøXÜL{ÖÁLå÷
Çmodprobe AC,/lib/modules/<kernel-version>/kernel/drivers/ ø9¥ñ
ÜL¡ÜLÑÇø9Ç~dz=PÄÇ{net/ ø9ìJXÜLÜL
vøÇY?øDñÙÇÜLbñYJÜL/sbin/modprobe ×5Y
JvøÇ?óñ½ÜLñwYJvø{ÜL
¾Õ
hid
/sbin/modprobe hid
YÇ×ñ[wvø{ÜLÇlòñhid ÜL
ó/sbin/modprobe q×{²Ç¢Ñ+ó¶ôÞÇ&~-v 1¾Õ
/sbin/modprobe -v hid
Ä+{QñZÁ#Õ
/sbin/insmod /lib/modules/2.4.20-2.47.1/kernel/drivers/usb/hid.o
Using /lib/modules/2.4.20-2.47.1/kernel/drivers/usb/hid.o
Symbol version prefix ’smp_’
¤,1&~/sbin/insmod ×uñXÜLÖX,ÇXûvøO$ÇM?&
~/sbin/modprobe ×
WñXÜLÇ&~/sbin/rmmod ×ZÜLÖÁrmmod ÓäWñXó&~{ZX4ú
t&~{ÜLÄv{ÜL
¾Õ
/sbin/rmmod hid
YÇ×Wñhid XÜL
Ç~{ÜLÓä4modinfo&~/sbin/modinfo ×u+XÜL{fåÄ
ª4Õ
31.
XÜL
229
/sbin/modinfo [options] <module>
Ýi-d ó{ 1+êÜL{;áÃcÇ-p 1ïÞêÜLÄ|Ñ{kjÜR 1{
qrï,Ç>kÝmodinfo {ÒVÃman modinfoÄ
31.2.
ÙÇýî
XÜLZÇ¢{Óä{ÍõfåÇ>k1ýî
31.2.1.
ãê{©l
{ÒVÃmanÄ— éÇ{Qñ{ÃcZ:
{ÒVÃmanÄ— é×q 1{ÃcZïÞ
modprobe {ÒVÃmanÄ— é×q 1{ÃcZïÞ
rmmod {ÒVÃmanÄ— é×q 1{ÃcZïÞ
modinfo {ÒVÃmanÄ— é×q 1{ÃcZïÞ
/usr/src/linux-2.4/Documentation/modules.txt — [HZ&~XÜL
• lsmod
• insmod
•
•
•
•
31.2.2.
•
~{5
http://www.redhat.com/mirrors/LDP/HOWTO/Module-HOWTO/index.html —
Linux Loadable Kernel Module HOWTO
{
uLinux ©l
230
31.
XÜL
V.
GÝ®
ø:Þ{ÄGÑúIÄ,úãÿÝÍø{RPM GÝYÇ\IÃc
ê[&~CoZ×qÓäu®Red Hat Linux ø:Þ{RPM GÝ
Red Hat Linux
ø9
&~ u®GÝ ............................................................................................................ 233
GÝ®Óä .......................................................................................................................... 243
d.............................................................................................................................. 247
32.
RPM
33.
34. Red Hat
32.
&~RPM u®GÝ
RPM GÝ®ìÃRPMÄ48KÝø:Ç[|Ñ,1&~ÇóRed Hat LinuxÇ1ùÙ
ÇLinux ZUNIX ø:ÞäqRed Hat, Inc. ó¹ÙÇ=HÛóÆ¢{¬Þ&~RPM bRPM LGPL Qúq
éªà~uÇRPM ;êø:ÍcãÍøãÿRPM GÝ,1&~;á{×
Ò,qÄRPM Ç.ãGÝZÇ¢{©G{jâEÇO$Ç,1óø:Þ&~Õ
L{®ZDè*Íõ¡CoÁÇ,1&~GÝ®ÓäuqõRPM ×
-<>kÝ339
óÿ¥ÇRPM ÿ®{©G:ÇO$ûXÌ¿½{{— Y4~Ê/
{.tar.gz ©GÄÃHt{
éVuÇRPMã²GhZÇKÝÇl
Øɪà~YÇÇ:;
\ÇÇ,O{\Ç©GÝV¶¥PÄY«é{ÀÍhV¶ZOè{8ßÃ
c>4êqGcÇýÄQu{Z
Õ
ORPM é{ø:)7h#Ç4Ê~bãÍøÝÿìÇRPM GÝ
32.1. RPM
{÷ø)
ê®[&~RPMÇ·¢auêRPM {÷ø)Õ
,ÿu
‘
&~RPMÇ,1X\c­ãÒ,1óø:ÞÿÇ/GhztÇäRPM {v
*ø:{cqÇýÃRed Hat LinuxÄÇX­cã{ø:ÃäÙÇKÝø:{
v*ø:­ãÄRPM ãÄÒÿ{ø:GÝ¥{{©G
óÿ¥úâÇO$XÌ¿½{÷XO{ÿ©GuÿìGÝÇ
Oóø:ÞãZÿGÝ&~3ø{RPM ©G
L{®Õ
‘
RPM ú÷u
ØL{®Õ,1órÇjâE¥ÂGÝÝìJ½©G
¤,144êtýÇ©GaýÇGÝÇGÝuý°RPM GÝ{©GÝió
ú¸À{l¥ÇÙ¥½{l>Çl>Ý9GÝùÙ{fåÇã
O¤;®ÇGÝ
ø:Dè
‘
1L{Õ4GÝDè*Ze,ÍøêìGÝÞ{Ç­©GÇ
DèGÝý,[I<YÑÌ5/tÇ,1ó­ãGÝ
,{{©Gó­ã¥Ìúâ
ÀÍh
‘
Ç­{÷ø)4ã&~¦G{ÆVÄqÍh{ÀGÍh&
~RPMÇÌÀÍh&~,{V¶1ùqr{OèY4Ç­{Öu
DÇ*Ç{cÇýúMñÇX,>)H,1V¶ug½,
234
32.
&~RPM u®GÝ
)&~Y«bÇÄH{åÇ1ùthOèGq{[#Ñ
øêl
âÑÍhÀ{ø{éVu4­{Çb4ÇÌɪà~Qu°Þ{
G·¢.ó$¡\BOGUS {q|ÊÇ¡\Æ¢!êÀÍhY'
32.2.
&~RPM
Ê«äýv*Ü*ÃXÝiGÝOèÄÕãÍøãÿ®ZDèý9
ÝiéÜ*{.êqr{ 1ZûÇ>&~rpm --help ×ÇÝÝÖ32.5 ¥
RPM {få
RPM
32.2.1.
¯IRPM GÝ
32.2.2.
ã
ó&~RPM Çwtý°V¯IÇ¢óÉÞÂÌ(ÃõRPM sEÇb4
*I{4Red Hat Oè{RPM GÝÇ,1óÁÇ0ItÇ¢Õ
• Red Hat Linux c
• Red Hat ØÕhttp://www.redhat.com/apps/support/errata/
• Red Hat FTP º45Õhttp://www.redhat.com/download/mirror.html
• Red Hat d— Red Hat d{-<Ç>kÝ349
n{RPM GÝÖÁ¡foo-1.0-1.i386.rpm©GÖÝiGÝÖÁÃfooÄÇ
ýÃ1.0ÄqÇýÃ1Ä1ùøÃi386ÄãGÝ;\ôÇ~9Ê~Çl
óshell +EÁ{×Õ
rpm -Uvh foo-1.0-1.i386.rpm
*ãÄÕÇÌtÄ+{QñÕ
Preparing...
1:foo
########################################### [100%]
########################################### [100%]
ÞÁÄ+ÇRPM +GÝ{ÖÁÇlóGÝúãó¶ôÞK\³Ru+ã
Ý
,RPM Çý4.1 )ÇóãÝÿGÝÌ5GÝ{üÖ*üÖDè½ÇÒÌ
tÄ+{FØ>åÕ
error: V3 DSA signature: BAD, key ID 0352860f
*Ç4c{bé©G>{üÖÇÌtÄ+{FØ>åÕ
error: Header V3 DSA signature: BAD, key ID 0352860f
*ã\7{ØÒuDèüÖÇ>å¥ÒÌÝ9NOKEYÇÕ
warning: V3 DSA signature: NOKEY, key ID 0352860f
DèGÝüÖ{-ûfåÇ>kÝ32.3
32.
&~RPM u®GÝ
235
Õ
*ãXGÝÇa&~rpm -ivh-<>kÝ309
¯lãGÝó;\4qÇb4ÌtFØ
GÝ.ã
*ìGÝ{3Çý.²ãÇÒÌtÕ
32.2.2.1.
Preparing...
########################################### [100%]
package foo-1.0-1 is already installed
*óGÝ.ã{<Y
K®ã3Çý{GÝÇ,1&~--replacepkgs 1ÇÇ·ªRPM uQYÇFØÕ
rpm -ivh --replacepkgs foo-1.0-1.i386.rpm
*,RPM ã{©GúÍøêÇÝV.ãRPM ¥{!ð{©GÇ 1ÒÌi~
©GàB
*ACã{GÝ¥Ý9.úÇGÝÝ3GÝ{ ÏÇýãê{©GÇÌ
tÕ
32.2.2.2.
Preparing...
########################################### [100%]
file /usr/bin/foo from install of foo-1.0-1 conflicts with file from package bar-2.0.20
&RPM QYÇFØÇ&~--replacefiles 1Õ
rpm -ivh --replacefiles foo-1.0-1.i386.rpm
û{vø
GÝ,vÙÇGÝÇY?øÇ¢ãÙÇGÝbthäq*
ACãäûvø{GÝÇÌtÕ
32.2.2.3.
RPM
Preparing...
########################################### [100%]
error: Failed dependencies:
bar.so.2 is needed by foo-1.0-1
Suggested resolutions:
bar-2.0.20-3.i386.rpm
*ã{4Red HatÇÇ/Ì5OFûvøÄ{GÝóRed Hat Linux c
ÝRed Hat FTP 5Ãݺ4ÄÞItYÇGÝÇ&~1×uÕ
rpm -ivh foo-1.0-1.i386.rpm bar-2.0.20-3.i386.rpm
*YÜÇGÝÑãÄÕÇÌtÕ
Preparing...
1:foo
2:bar
########################################### [100%]
########################################### [ 50%]
########################################### [100%]
236
32.
&~RPM u®GÝ
*ÇX5OFûvøÄ{GÝÇ,1A~--redhatprovides 1ug½ýÇ
GÝÝ9Ä{©Gãrpmdb-redhat GÝb&~YÇ 1
rpm -q --redhatprovides bar.so.2
*Ý9bar.so.2 {GÝóurpmdb-redhat GÝ{ãê{jâE¥ÇGÝ{ÖÁ
ÒÌú+Õ
bar-2.0.20-3.i386.rpm
*.ãÃX4PÍÇOGÝ,XêthäqÄÇ&~--nodeps 1
32.2.3.
Íøã
ÍøGÝZãGÝø;\óshell +EÁ{×Õ
rpm -e foo
Õ
Õ?Ç·¢&~GÝÖÁ fooÇX4Æ){GÝ©G foo-1.0-1.i386.rpmÍøìGÝÇ
²foo ¦ÄÆ)GÝ{"ÖÁ
óÍøãìGÝ̱tvøFØÇhÇ.ã{GÝvACÍø{
GÝÇvøFØÒ̾Õ
Preparing...
########################################### [100%]
error: removing these packages would break dependencies:
foo is needed by bar-2.0.20-3.i386.rpm
&RPM QYÇFØÇ?ÍøGÝÃX4ÇPÍÇOvÇ{GÝ,Ã
täqÄÇ&~--nodeps 1
32.2.4.
ÿ
ÿGÝZã¡óshell +E1×Õ
rpm -Uvh foo-2.0-1.i386.rpm
óÞÁ{¾°Xt{4ÇRPM ÄÍøfoo GÝ{[Çý/"ÞÇ,.
&~-U uãGÝÇOý"ãGÝ{[ÇýÇÇ,1~uãGÝ
ORPM éGÝZ{©GqÿÇ,ÌtZÁ#{>åÕ
saving /etc/foo.conf as /etc/foo.conf.rpmsave
Y>å?øé{©GÄ*{#,XÌZGÝ¥{c{©G5/ÇO
$ÇRPM â?ê{Æ)©GÇ?ãêÇc©Ga®YÜÇ{©G{K/Ç
l¦OûYJK/uhâø:thäq
ÿ"Þ4ÍøZã{\ÇO$ÇóRPM ÿ¥Çøê±tÍøZã¥Ì±t{FØ
iǤÌtÇFØ*RPM ACÿtGÝ{ÇýÇÌtÕ
32.
&~RPM u®GÝ
237
package foo-2.0-1 (which is newer than foo-1.0-1) is already installed
&RPM ÿÇ&~--oldpackage 1Õ
rpm -Uvh --oldpackage foo-1.0-1.i386.rpm
32.2.5.
mc
mcGÝZÿGÝ#óshell +E1×Õ
rpm -Fvh foo-1.2-1.i386.rpm
{mc 1vó×qÞ½{GÝ{ÇýZ{ø:Þ.ã{ÇýhRPM {mc
1ÿ®{Çý.ã{ÇýÍcÇÇÒÌúÿtÍc{ÇýlÇ*ìGÝ
ãÇRPM {mc 1RXÌãGÝYZRPM {ÿ 1X3ÇOXGÝ{
Çý4d.úãÇÿ 1ÑÌãGÝ
RPM {mc 1,1~\ÇGÝÝGÝ*¦¦ñêLÞX3{GÝÇ
.ÿ J.ãó{ø:Þ{GÝÇmcý,Htø{*&~mcÇXó&
~RPM ,ñ{GÝ¥ÍøX{GÝ
óY«<YÇ\&~Á{×Ò,1êÕ
RPM
rpm -Fvh *.rpm
RPM
RÌÄÿ J.²óø:Þã{GÝ
32.2.6.
®
&~rpm -q ×u®ã{GÝ{jâErpm -q foo ×Ì+ã{GÝfoo {Ö
ÁÇýZqRhÕ
foo-2.0-1
Õ
Õ?Ç·¢&~{4GÝÖÁ foo®GÝDzfoo ¦Ä"GÝÖÁ
¦Ù½GÝÖÁÇ,1Z-q å&~ï 1u½®{GÝÇ¢w)GÝ
½ 1
• -a ®Ä.ã{GÝ
• -f <file> Ì®p<file> {GÝh½©Gǽ©G{qr4»
Ã/usr/bin/lsÄ
• -p <packagefile> ®GÝ<packagefile>
½ú®{GÝ+ýJfå{0õ«õø1 1~u Â{få¡nÇ
¢w)få 1
• -i +GÝfåÇÝiÖÁÃcqÇýLBÏÛÇ1ùÙÇì1
238
32.
&~RPM u®GÝ
+GÝÄ9{©Gï,
+GݥĩG{çÕ
• -d +ú)©lÃman info README Ä{©Gï,
• -c +ú){©G{©Gï,óã#YJ©Gu&GÝ7~{ø:
ÃÇsendmail.cfpasswdinittab Ä
é~u+©Gï,{ 1Ç,1ó×-v u~Yç{ls -l Â*u+©Gï
,
• -l
• -s
32.2.7.
Dè
DèGÝv,ìGÝã{©GZÆ)GÝ¥{3©G{fåÇDèÇ©G{L
BMD5 Y!¡nÄV1ùk
rpm -V ×DèGÝ,1®[GÝ 1ïÞ{øu½Dè{GÝ
Dè{!;\~4rpm -V fooÇÇDèÄófoo GÝ{©G4dZ!ðãø¾
Õ
• DèÝ9콩G{GÝÕ
rpm -Vf /bin/vi
• DèÄãê{GÝÕ
rpm -Va
• ÊâRPM GÝ©GuDèãê{GÝÕ
rpm -Vp foo-1.0-1.i386.rpm
*&RPM jâE.ú» Ç×ÒÌi~
*#ÑúDèthÇÒXÌQñ*ññÇÇ¢ÒÌú+Qñ{Â*Ýi¬Ç
n{nÃc S,{©GÄÇl4©GÖÁY¬Çn{ÇnÑS,«©Gau
{v*ÇÄv{4©G{auZRPM jâE¥9{au\~Ç.ÃÄ?øA/
,ïnS,ì¡A½Õ
• 5 — MD5 DèZ
• S — ©GLB
• L — nRÓz
• T — ©G• D — ÷÷
• U — ~
• G — k
• M — Ü*ÃÝiY!Z©G¡nÄ
• ? — X,Ö©G
*t[QñÇ!PÄugä4aÍø¤4­cãGÝÇÝ~«0u
ûYǯ
32.
&~RPM u®GÝ
32.3.
239
5GÝ{üÖ
*.DèìGÝ4dú» Ý4,Ç5md5sumóshell +EÁ{×
òcoolapp ¦ÄRPM GÝ{©GÖÄÕ
rpm -K --nogpg <rpm-file>
Ìt>å<rpm-file>: md5 OKY>å?ø©Góñ¥ú» tÍ
-û{>åDzץ{-K ¦Ä-Kvv
0ÁÇOGÝ{V4X4zfÚ*GÝ&~V{GnuPG ØÒÃkeyÄ
úüÖÃsignedÄÇÒÌwY V{üPh"Æ¢ÄÓ
RPM GÝ,1&~Gnu [¥,ÃÝÁGnuPGÄuüÖÇ,ÐÏ2½ñGÝ{,f
u
GnuPG 4\/µÓäÖÇ4PGPë[ÇÄ·b{q\Z½D{¦¬&
~GnuPGÇ,1èy©l{HuÇóÙÇ/µV-·Ý·jâGnuPG ¤ä·Z
DèPGP 5.x ©G{Å
óRed Hat Linux {ã,Ç¥ÇGnuPG úåãYøÇ",1Áý)&~GnuPG uD
è,Red Hat Bt{GÝDÇsRed Hat {ÚØ
32.3.1.
sØÒ
DèRed Hat GÝÇsRed Hat GPG ÚØsÚØÇóshell +q1×
Õ
rpm --import /usr/share/rhn/RPM-GPG-KEY
+~uDèRPM ã{ØÒï,Çq1×Õ
rpm -qa gpg-pubkey*
éRed Hat ÚØÓÇÙQñaÝiÕ
gpg-pubkey-db42a60e-37ea5438
+ì½ØÒ{ûÇ&~rpm -qiÇÙ˱×{QñÕ
rpm -qi gpg-pubkey-db42a60e-37ea5438
32.3.2.
DèGÝ{üÖ
sêOèV{GnuPG ÚØÇ5RPM ©G{GnuPG üÖÇ&~1×ò<rpmfile> ¦ÄRPM GÝ{ÖÁÄÕ
rpm -K <rpm-file>
*#~¼ÇÌtY>åÕmd5 gpg OKY?øGÝ{üÖ.úDèÇGÝ
ú» " GnuPG {-ûfåÇ>kÝ9B
240
32.4.
32.
&~RPM u®GÝ
~RPM óÁLüC
é®ø:fäZt¯Ñô~E®Ç{ 1{!E»4/,+)
,XBeÍøêJ©GÇeX2½ÍøêýJ©G*.DèrÇø:ub
èýJ©GÇ,1AAÁ{×Õ
rpm -Va
*bèìJ©GÝÇ¢ú» Ç,a­cãGÝÝÍøãlò­cã
GÝ
Ç,ÌtX#{©GýÇGÝpÇÇ,1QÕ
rpm -qf /usr/X11R6/bin/ghostview
Ç{QñZ1#Õ
gv-3.5.8-22
·¢,1ó1{".<Y\1Þ{ÜǾ"÷{/usr/bin/paste ñê¯Ç
.DèpÇ{GÝÇb4XwýÇGÝppasteQ1×Ò,1
êÕ
rpm -Vf /usr/bin/paste
YøÇ7h{GÝÒÌúDè
.wì½{Ç{-ûfåmÚ,1A~Á{×uIpÇ{GÝ
ÄQ{©lÕ
rpm -qdf /usr/bin/free
Ç{QñZ1#Õ
RPM
•
•
•
•
/usr/share/doc/procps-2.0.11/BUGS
/usr/share/doc/procps-2.0.11/NEWS
/usr/share/doc/procps-2.0.11/TODO
/usr/share/man/man1/free.1.gz
/usr/share/man/man1/oldps.1.gz
/usr/share/man/man1/pgrep.1.gz
/usr/share/man/man1/pkill.1.gz
/usr/share/man/man1/ps.1.gz
/usr/share/man/man1/skill.1.gz
/usr/share/man/man1/snice.1.gz
/usr/share/man/man1/tload.1.gz
/usr/share/man/man1/top.1.gz
/usr/share/man/man1/uptime.1.gz
/usr/share/man/man1/w.1.gz
/usr/share/man/man1/watch.1.gz
/usr/share/man/man5/sysctl.conf.5.gz
/usr/share/man/man8/sysctl.8.gz
/usr/share/man/man8/vmstat.8.gz
•
,ÌÇc{RPMÇb4XwÇ{~E¯IÇ{fåÇ&~Á{×
Õ
rpm -qip crontabs-1.10-5.noarch.rpm
Ç{QñåuZ1#Õ
Name
: crontabs
Relocations: (not relocateable)
Version : 1.10
Vendor: Red Hat, Inc.
Release : 5
Build Date: Fri 07 Feb 2003 04:07:32 PM EST
Install date: (not installed)
Build Host: porky.devel.redhat.com
Group
: System Environment/Base
Source RPM: crontabs-1.10-5.src.rpm
Size
: 1004
License: Public Domain
Signature : DSA/SHA1, Tue 11 Feb 2003 01:46:46 PM EST, Key ID fd372689897da07a
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Summary : Root crontab files used to schedule the execution of programs.
Description :
The crontabs package contains root crontab files. Crontab is the
32.
&~RPM u®GÝ
241
program used to install, uninstall, or list the tables used to drive the
cron daemon. The cron daemon checks the crontab files to see when
particular commands are scheduled to be executed. If commands are
scheduled, then it executes them.
•
.½crontabs RPM ÌãýJ©G,1QÁ{×Õ
rpm -qlp crontabs-1.10-5.noarch.rpm
Ç{QñåuZÁ#Õ
Name
: crontabs
Relocations: (not relocateable)
Version : 1.10
Vendor: Red Hat, Inc.
Release : 5
Build Date: Fri 07 Feb 2003 04:07:32 PM EST
Install date: (not installed)
Build Host: porky.devel.redhat.com
Group
: System Environment/Base
Source RPM: crontabs-1.10-5.src.rpm
Size
: 1004
License: Public Domain
Signature : DSA/SHA1, Tue 11 Feb 2003 01:46:46 PM EST, Key ID fd372689897da07a
Packager : Red Hat, Inc. <http://bugzilla.redhat.com/bugzilla>
Summary : Root crontab files used to schedule the execution of programs.
Description :
The crontabs package contains root crontab files. Crontab is the
program used to install, uninstall, or list the tables used to drive the
cron daemon. The cron daemon checks the crontab files to see when
particular commands are scheduled to be executed. If commands are
scheduled, then it executes them.
1ÞX,4Ǿ±ø{&~²è{ÇÌÍõRPM {~E
32.5.
ÙÇýî
4Ç:
ì{ÓäÇõ®ãÿ1ùÍøGÝ{ 1Z0>k
Á{ýîuZêRPM bRPM.
RPM
32.5.1.
ãê{©l
• rpm --help
å
• man rpm
32.5.2.
—
×+RPM kj{O¤k
{ÒVÃmanÄÌÉ
Ørpm --help ×Í-û{RPM kjf
— RPM
~{5
5
Gï,{l $ÿ¾ÝÇÉ<rpm
GÇóÌq¥ÕÒsubscribe
•
http://www.rpm.org/ — RPM
•
http://www.redhat.com/mailing-lists/rpm-list/ —
list-request@redhat.com>
32.5.3.
•
#V÷
Ç*V
Ö
Maximum RPM
Ed Bailey Red Hat Press —
http://www.redhat.com/docs/books/
Z
¥It
V{ó"Çý,óhttp://www.rpm.org/
242
32.
&~RPM u®GÝ
33.
GÝ®Óä
óã¥Ç~ Ó*5ÝqÖì¡{ã¡nGÝÒ4ÊâYÇ uã
{O~&~®å{0ø{X3ÇÇ¢,óã.òãÝÍøìJGÝG
Ý®Óäã~qY¡v*
äqGÝ®ÓäX =ø:éÄYÇÇÇâÁÆÞ{Ìh\ => ø:÷
=> /Íøa~ÇÇÝóshell +Eredhat-config-packages ×
*ó®å¥êRed Hat Linux c#1ÇÌt#3{Á
C33-1. GÝ®Óä
Ç{ÁZã¥&~{#GÝúIÄGÝÇÝ9ï)ïGÝ
Ãstandard packagesÄZïI0Ú~Õ{iGÝÃextra packagesľÇCo
ÉÝ9y¨ì
G01ùÙÇ~uËztÉ{ÇXÍø)
ïGÝÇø:rÇGÝÑúÍøGÝú ÇÙ¥{iGÝ4ê ãÝÍø{, GÝ
Ìh\+êGÝ{ï,*GÝk{
'Ç nRÇYÒh.
úãÙ¥{\ÇGÝï,ÇâÇk{û<Q nR{\ÇGÝ
h.úã
33.1.
ãGÝ
ãGÝ¥øßã{)ïGÝÇ Çk{
'½GÝ¥ã
{GÝÇâÇk{û<ÇÝ9)ïZiGÝ{ï,Ìú+ÇC33-2Ä
+âGÝÖÁÌó=\+ãÇÄ{c8- Çk{
'̲Ç)
ã{GÝ
244
33.
GÝ®Óä
¤,1,.ã{GÝ¥ \ÇGÝÇ04âû<Çl ?ú
ã{iGÝ
C33-2. \ÇGÝ{ êã{GÝZ\ÇGÝÇâÌ=Þ{Íc<lÇÇÌ®
ãYJGÝÄ{c8-Ç1ùGÝvøÇ?+Ç=*GÝvø
?óÇÇ¢ÌúÄtã{GÝï,¥â+û<uã{GÝ
{qrï,
C33-3. GÝã
âuéÄãÇhÇeÇÍcq>åÌñ
" *&~Nautilus u¨®åÞ{©GZø9Ǥ,1~ÇuãGÝóNautilus ¥ÇÝtÝ
9RPM GÝÃÇ¢/1.rpm Ä{ø9¥ÇlvâRPM C)
33.
GÝ®Óä
33.2.
245
ÍøGÝ
ÍøìÇGÝ{ÄGÝÇR> Çk{
'Íø\ÇGÝÇâ
GÝk{û<ÇlR> \ÇGÝ
h ½êÍø{GÝÇâÌ=¥{Íc<ÇÌ®ÇÌñ{881ùGÝvø*ÙÇGÝv Íø{GÝÇÇ¢ÌúÄtúÍ
ø{GÝï,¥â+û<uÍø{GÝï,
C33-4. GÝÍø
âuéÄÍøÇhÇeÇÍcq>åÌñ
" ,13qGÝ{ãZÍøÇ04Ç ãÝÍø{GÝÝGÝÇlâÍ
cø:ê÷q=Ì+ãZÍø{GÝjÞ
246
33.
GÝ®Óä
34.
Red Hat
d
d4~u®ÇÝõÇRed Hat Linux ø:{Éû0Ä{\´·F
Øt´·1ù´·Ã/ÁØ´·Ä,,Red Hat ÞzñÇ,1&~Red Hat Íc
S®YÇÕÁÇÇ,1/,RHN yÁuñÕhttp://rhn.redhat.com/.
Red Hat
C34-1. {RHN
Red Hat d~-ÇOóÍcGÝq~ÒÌBt
G/~Xó
yÞC¯Íc{GÝÝ\´·Lå÷ÇRed Hat d¤ãYJGÝ~X
¦ó[&~RPMÇXûGÝvøh¦ÖRHN \cÝÍ
ÇRed Hat dARÑQÕ
• Ø´·— /,äýÁÜç~{d¥Äø:{\´·FØt´·Z
´·ó[Ìúñ
248
34. Red Hat
d
C34-2. #Ø
• Ä
G/— 5{ø:ñØ´·ÄBt
G/
• ®Ý{ØÍc— ®ÝØÍc{=
• ãGÝ— âÇ<Ò,1óÇÝõÇø:Þ®ÝGÝ{ã
• Red Hat ÍcS® — &~Red Hat ÍcS®u{ø:ñ!c{GÝä,1ãG
ÝÄ
• Red Hat d5— /,[®åÞ{\y¨ìu®õÇø:ñ\ÇGÝÇ
1ù®ÝØÍc¡{Ö
)&~Red Hat dÇ>$¬Á®ÇäýZ½Õ
1. &~10uOÇø:lÕ
• óø:ã{D'Zsäq{÷S®¥²ø:Õ~tRHN ¥
• ó{óÁÞ Ìh\ => ø:Óä => Red Hat d
• ,shell +qup2date ×
óRHN {5http://rhn.redhat.com/ Þ~9Ç?&ø:YÜzÄ
Ø{qÖÇ|Ñ,
1½DÜz~Çø:{Red Hat dBRiBR,1/,éoÜz
3. )/,RHN 5u®ÝÍcÇÝ&~Red Hat ÍcS®uñ?ãØÍc
Ü z Í - û { Ò Ç > Ý ÖRed Hat Network User Reference GuideÇ Ç http://www.redhat.com/docs/manuals/RHNetwork/
2.
34. Red Hat
" d
Ýiê
dÍc/ÓäÇÇ4Ç0"{ÁÆC)Çh~{Red Hat
ø:{Íc,~ÇYÇC)ÒÌ+Ç,@{´·G{-ûfåÇ>k
Red Hat Linux
Red Hat
Linux
http://rhn.redhat.com/help/basic/applet.html
DÕ
249
250
34. Red Hat
d
VI.
9
YÇ\IÝ9,Red Hat, Inc. Ø{Í©GuOè½X{ÒǤÝ9Gnu Privacy
Guard YÇ~\/f{Óä{få
ø9
Oè½X
A.
............................................................................................................................... 253
B. Gnu Privacy Guard
........................................................................................................... 257
9A.
Oè½X
õLinux {c~²Ì¯Õ·aOè{XÚAóXÜL&~Þ{
0ÇéYǯ!ôh{ÃIa4Õø:.²wOè{XÇ,
Y)
Red Hat Linux Z/,Red Hat Linux Øø:Ä
Ø{X
ØêéõjSmG|Ñ1ùX
Õéõj~uÇÇXú­cHý94Ç.­cHÆ¢{XÇ?.
Z¦ó#{~1ù.²Aèu{ÕHX{~
Ø{
&~Red Hat, Inc. q{XGÝuÿXÇ>kÝ309
´·
Oè½XXúRed Hat Linux ã|ÑÄ|ÑÜzÍõ&~Red Hat, Inc. q{RPM
GÝuÿX{fåÇ>kÝ309
A.1.
Oèê÷
óOè½XÇ!­{Z½4h½<,äq{úZscÇ13yñF*
ÇRÌ&~häq{XuZs{ZscÇq1×Õ
/sbin/mkbootdisk ‘uname -r‘
*êcÇ>AÇ1h½ÇêZsø:
­cHXÇãêkernel-source GÝé~×Õ
rpm -q kernel-source
ug½Ç4dúã*ÇúãÇ,Red Hat Linux cRed Hat FTP 5
Ãftp://ftp.redhat.comÇÙº4ï, http://www.redhat.com/mirrors.htmlÄÝRed Hat d¥
ãÇãRPM GÝ{-<Ç>kÝV \I
A.2.
OèX
ý{Òa~Oè½{ÜLXOè\XÇ>kÝA.3 uÜzOèZ
ã\X{È0Á{:
Õ
YǾ&~2.4.20-2.47.1 *XÇýÃXÇý,ÌÄX3Äg½XÇýÇEuname
-r ×Çl~(Ã{XÇýuS2.4.20-2.47.1
Oè~x86 ø{XÇ$¬1Z½Ã.Ê~üPqÄÕ
254
9A. Oè½X
KÇshell +Ǧtø9/usr/src/linux-2.4 ,$1{×Ñóø
9q
2. aÒhOèXÄ&~{Íhd{çYÇY­O$ÇOF,×make
mrproper )øCÇÌÍøÄ{{©GÇ1ù±aóÍhd±{,Oè{Çý
"ì*.Ç?ó{{©G/usr/src/linux-2.4/.configÇóäqY1×
²Ç÷PtÇø9¥Ç×äqò²Ç
Ãu
3. M?,åRed Hat Linux X{{øCÙZ½4Dzø:ø{{©G
,/usr/src/linux-2.4/configs/ ø9¥
t/usr/src/linux-2.4/.config ø9
¥*ø:{?L4GBÇ
Ý9bigmem {©G
4. Zǽ÷*X =ø:,~ÇOF{04&~make xconfig ×uä
qLinux Kernel Configuration
1.
Õ
&~make xconfig ×ÄéÄ{CoÓäÇã
Øêwish ×{tk GÝ
ãRPM GÝ{-<Ç>kÝV \I
CA-1. {XG{¡/
CA-1Ä+ÇâÇ¡/u ÇóÇ¡/¥Ý9{4G Gk
{yÃ4ÄmÃÜLÄÝnÃdÄu²ÇHXHÄXÜLÝXHÇ
ZêìGÇâÇk{help<
âMain Menuu(Ãt¡/ï,
qÄê{ÇâÌh\¥{Save and Exit<uO{©G/usr/src/linux2.4/.config ?RñLinux Kernel Configuration Ç
ý"é÷q[#Çóäqmake xconfig ×ÃÝÙÇX{
0Ä
ÙÇ,~{X{0ÝiÕ
• make config — Ä©ýÇG1"oÂ*ñÇ?úÇÇÃIY«0
XäqX =ø:Ç%Xã#éÁ¯{ÃI
• make menuconfig — ©ýÜ*h\PÄ{ÇG1¡/h\{Â*ú+Ö&~
Z©ýÜ*Red Hat Linux ãÇÄ~{3ø0u .{GvÕ#¦ZÝ
i{1ø#éa{)üÕ[*]ÃOÄ[ ]Ã\øÄ<M>ÃÜLÄÝ< >Ãä÷ÜL
ÅÄY«0XX =ø:
• make oldconfig — Y4Ç:Ä{lýÇ÷{©GuÝ9å{÷*
ø:&~{4åRed Hat Linux XÇÇÌ~ø{Red Hat Linux Ýi{X
9A. Oè½X
255
OÇ{©GYêÐÏL.{Ó*åu÷XÇlX.&~
{Õ
Õ
& ~kmod Z X Ü L Ç ó { ¥ ékmod support Zmodule version
(CONFIG_MODVERSIONS) support ÃIYes
Oê/usr/src/linux-2.4/.config ©GÇ&~make dep ×uth÷v
ø
6. &~make clean ×uï÷Oè{Íhd
7. M ? É ½ X Ç Ç ý R h Ç O $ ? X X Ì ú $ÿÃc{04,?/G¥Á
{!;40ÙÇ,uÇ
>
k
Ýhttp://www.redhat.com/mirrors/LDP/HOWTO/Kernel-HOWTO.html
Ý/usr/src/linux-2.4 ¥{Makefile {-<
Lå÷Ç/usr/src/linux-2.4/Makefile ó1EXTRAVERSION >{q{
ÿÝicustom YÇ#VYÇ#Ìãø:3pÆ{Ó*XZcXÃÇ
ý2.4.20-2.47.1customÄ
*ø:Ý9Xǽ{XÇK/Ç¢{PÍ4óÁÏÃÝÙÇ)#n
RÄ
8. &~make bzImage uOèX
9. Oè&~make modules Ä{{ÜL
10. & ~make modules_install × u ã X Ü L Ã ý " / " Þ O è Ä > e × ¥ { " Ã_Ä Y Ì ² X Ü L
9
ã
/lib/modules/<KERNELVERSION>/kernel/drivers ø
ÃKERNELVERSION 4Makefile ¥ ½ { Ç ý Ä ó Y Ç ¾ °
4/lib/modules/2.4.20-2.47.1custom/kernel/drivers/
11. &~make install u²cXZ#©G
tth{ø9¥
øêó/boot ø9¥ãX©GÇYÇפq/sbin/new-kernel-pkg lýl
ýÌOèÇc{initrd n4Ç?óZsãñÇ{{©G¥Çc1ø
*ø:ÇSCSI 7{ìÇSCSI PÄÇú*ÜLHêÖÝóOèX²ext3
|Ñ*ÜLÃRed Hat Linux {å÷ÄHÇÒinitrd n4
12. ý"initrd n4ZZsãñÇúêÇaDèYJ{thuÇ?h½&~
½{XÇýX42.4.20-2.47.1DèYJ{fåÇ>kÝ30.5 Z30.6
5.
A.3.
Oè\X
Oè\XÇøêǾi1iÇÙZ½ZZOèÜLX#3
• h{XÇX²#ÑHÄÜL¦éÇé¯ÃIYes ÝNo¤Ça
ékmod support Zmodule version (CONFIG_MODVERSIONS) support ÃINo
• QÁÇZ½Õ
make modules
make modules_install
•
ógrub.conf © G ¥ {kernel q Vnomodules Ý ölilo.conf u Ý
iappend=nomodules q
9A. Oè½X
256
A.4.
ÙÇýî
ÜRÍõLinux X{fåÇ>kÁ{ýî
A.4.1.
ãê{©l
— Linux XZÇ{ÜL{°ÿ©lYJ©l
4 J®Xäq?K®éXÍh)Jà{~Þ{
• /usr/src/linux-2.4/Documentation
A.4.2.
~{5
http://www.redhat.com/mirrors/LDP/HOWTO/Kernel-HOWTO.html —
•
{The Linux Kernel HOWTO
•
http://www.kernel.org/pub/linux/docs/lkml/ — linux-kernel
Gï,
u Linux © l
9B.
Gnu Privacy Guard ¯,Ç
GóQ,Ç¥ÌXÌú/|ÖRÚXs{4Çý"4é|,1XÄ
ºR4{
G
ó:{
0*ÃÁ´:Ä¥ÇfG/4UófUÇ"Þ
¦Çló
Û-Ç
tÇ¢tHÙø{/,Éu
fG:0*\Ö
G/óqÖì-Ò©
QÇfR[/Du3/fú/|<Ý4
ÐÏâÇ|[YÇRed Hat Linux 9 ÝiêGnuPG - GNU Privacy GuardÃGNU [¥
,Ä- ÇónRed Hat Linux ã¥úåãÇÁGPG.
GnuPG 4~\/f{ÓäÖÇ4éPGPÃPretty Good PrivacyÇ«I¡h{·ÇÄ
·b{q\Z½D{S&~GnuPGÇ,1É{jâZ/f·Ç?,1&~jhüÖ
Ãdigitally signingÄuèy{/fGnuPG ¤ê·ùDèPGP 5.x
OGnuPG ZÙÇ·)ï/Ç{\/f,̦ÙÇv*ø:ÃWindows
ZMacintoshÄÞ{
GÇ/
GnuPG &~ÚØ·bÃpublic key cryptographyÄu~
Ø\{jâb¦óÚØ·b
0¥ÇÄܲØÒÕÚØZ·ØZ/fé0ÝØÒqÖì¦{ÚØÇûXañ
+{·Ø
·véØÒ{&~ó:{ÝéÁ{·b¥ÇQv0Ñ#3{ØÒÇÆ¢,1&~
Y²#3{ØÒuÉ
${Q·óÚØ·b¥ÇܲØÒ??Õ²ÚØDz·ØÇ
|ݲƢ{·Øâ·Çb4ÚYÆ¢{ÚØ~ÚØ·{jâ~·Øb·Ö~·
Ø·{jâ~ÚØb·
­
ÔÇ,1²ÚØÉ[.¦q\/f{|Çb4ûX5[|
Ø{·Ø
·b{õj#.§ñýVõù{)ÖÇ{Íc{4óý9¥Ç·¢æ
éGnuPG ê{êÇOó{/f¥)&~·bGnuPGPGP Z·
b{-ûfåÇ>kDB.8
B.1.
{©G
ó'äqGnuPG ×{Ç{Ìø9¥ÌOÇ.gnupg ø9,Çý1.2 åÇÙ
{ © G Ö . ,.gnupg/options .gnupg/gpg.conf * ó { Ì ø 9 ¥ I X
t.gnupg/gpg.confÇ.gnupg/options ©GÒÌú&~*&~Çý1.2 ÝÍ°ÇM?
&~1Â*­c×Ö{{©GÕ
mv ~/.gnupg/options ~/.gnupg/gpg.conf
*,1.0.7 1{Çý¥ÿÇ,1ó{ØÒW¥OüÖ¥?u>áØÒW{6¯
-qYv*Çq'1×Õ
gpg --rebuild-keydb-caches
9B. Gnu Privacy Guard 258
B.2.
´·>å
óqGnuPG ×Ç,ÌtY>åÕ
gpg: Warning: using insecure memory!
ñ´·4:Ê~Ãý?*~Ãý?ÇÆ¢,1
q ? i { á ý q Ö ÃDoSÄ Ô â Ö Y Ò , Ì Ä \ ¯ û > k
Ýhttp://www.gnupg.org/(en)/documentation/faqs.html#q6.1
,Ìt1>åÕ
gpg: WARNING: unsafe permissions on configuration file "/home/username/.gnupg/gpg.conf"
*{{©G{Y!ú÷ãÙÆ|ÖRÇY>åÒÌú+*tY´·Ç
M?q1×u#©G{Y!Õ
chmod 600 ~/.gnupg/gpg.conf
D{´·>å4Õ
gpg: WARNING: unsafe enclosing directory permissions on configuration file
"/home/username/.gnupg/gpg.conf"
*{{©GÄó{ø9{Y!ú÷ãÙÆ|ÖRÇY>åÒÌú+*t
Y´·ÇM?q1×u#©G{Y!Õ
chmod 700 ~/.gnupg
*,1{Çý¥ÿGnuPGÇ,Ìt1>åÕ
gpg: /home/username/.gnupg/gpg.conf:82: deprecated option "honor-http-proxy"
gpg: please use "keyserver-options honor-http-proxy" instead
ñ´·4O{~/.gnupg/gpg.conf ©GÝ91qÕ
honor-http-proxy
Çý1.0.7 ZÍ°õ¡&~«ª²1ÞqÄÕ
keyserver-options honor-http-proxy
B.3.
ÄØÒé
)&~GnuPGÇDÄc{ØÒéÕ²ÚØZ²·Ø
ÄØÒéÇóshell +ÇE1×Õ
gpg --gen-key
O&~!ª${4{~ARÇa~9t{~ARÃX4ÊARÄq×
ÌtÇë¶ôÇÙ¥ØÒ 1ÇÝiÇM?{ 1ÃåÄǶô¡Õ
gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc.
This program comes with ABSOLUTELY NO WARRANTY.
This is free software, and you are welcome to redistribute it
9B. Gnu Privacy Guard 259
under certain conditions. See the file COPYING for details.
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(5) RSA (sign only)
Your selection?
õjF 1{¶ôÌóiRïñå 1,1[Enter] EuzIå 1
óǶôÞÇazIå 1Õ(1) DSA and ElGamal 1ÌãÄjhü
ÖÇ?~Ü«bu·ÃZ·ÄE1 l[Enter] E
ZÇ ØÒLBÝá/ÇØÒÖÇ{>å´Ôâ{ÅÒÖå{1024
éõj~u.ê§ÇO$[Enter] EuzIå
Ç 1>½ØÒ{HÏÇ/Ç&~åÃ0 = key does not expireÄÒ,
1*.÷ÁÇ,ÏÏÇ>ÔÇ/Z¦ÚØ{|ÊYÇ,ÏÏ?5Æ¢
زcÚØ*X÷Á,ÏÏÇÌúFhYÇû½[y] uh{û½
{ÇÖ4
Ø~IDÇYÝi{vÖ
GÇ1ùÙÇ, Õhe
Ç{ÁÒÌñQ{få{!
`zIê{ ǤQÇ=é
" Z{AR=øÇP{#=4GnuPG \âF{äýGÇ,1ó=¥×ZLBU
ñjÝ)nR
Q?Dè=éÇ{ØÒÒÄêÌtZ1#5{>åÕ
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
+++++.+++++.++++++++....++++++++++..+++++.+++++.+++++++.+++++++
+++.++++++++++++++++++++++++++++++++++++++..........................++++
h¶ôÙÄ*Ç{cØÒÒ*ÄÕ?ú8ó{Ìø9{.gnupg ø9¥ïÞ
{ØÒÇ&~Á{×Õ
gpg --list-keys
ÌtZ1#{QñÕ
/home/username/.gnupg/pubring.gpg
----------------------------------------pub 1024D/B7085C8A 2000-06-18 Your Name <you@example.com>
sub 1024g/E12AF9C4 2000-06-18
*&~1.0.6 {ÇýuÄGnuPG ØÒDz{·ØsñsÇcØÒÇä
f{·ØuÉ&~°1.0.7 Çý{1øüÖf{ØÒÇE1{×Ã>
¦<user-id>ÄÕ
gpg --edit-key <user-id>
óCommand> +EtrustÇl 5 = I trust ultimately uf{·Ø
9B. Gnu Privacy Guard 260
B.4.
ÄPBïyV
óÄêØÒéÇa{ÚØOPBïyV*ê{=éÇÝ=
é.ú'RÇaÚYYPyVu/~{ÚØXaòú&~
Õ
óÄBïyVÇX4óB簾Ä{ØÒÇ#'ÇÉ
Øê«*ØÒúÚ&
~{\0óê=ͦêISPÃÄÇÝmcPÄìÿd{<YÇYPBïyVÒ,1
~u·Æu{ÚØÃH
óØÒúBïÇ{üÖé JÝÖñ{fG{|HÇ?,1úÆ¢~u·Bt{>
åÄBïyVÇ&~--gen-revoke 1Õ
gpg --output revoke.asc --gen-revoke <you@example.com>
Õ?Ç*óÞÁQê--output revoke.asc 1Ç{BïyVÒÌú+ó)ïQ
ñÇý+¶ôÞ¯l,1&~©ýöìu²Ç¢="tÇ©ý©G¥Çb4z²Qñ
ÝU~9ø9¥{©G,Í;4,qYøÇÒ,1â?yV1÷Ru~ÇÝRÙ#t
c¥Ç?8óÇ\ÿ
ÙQñÌ¡Õ
sec 1024D/823D25A9 2000-04-26 Your Name <you@example.com>
Create a revocation certificate for this key?
[Y] uOïñØÒ{BïyVZÇÌúF BïÆOÝ
ØÃchêÆO
ÇQ~uÄØÒ{=é
BïyVÃrevoke.ascÄOqÇÇÌ {~9ø9¥a²Ç
t<c
¥Ç??8óÇ\{0Ã*Xw[óRed Hat Linux ¥²©G
tcÞÇ>
kÝRed Hat Linux Ä
B.5.
sñÚØ
ó&~ÚØ·bÇÙÆ|P{Úز{ÚØ
ØÉ/fé0ÝØÒqÖ
ìÇsñÃexportÄY²ØÒ
sñÚØbóÞ+ÇÝó
G¥*"ÇÇE1×Õ
gpg --armor --export <you@example.com> > mykey.asc
XÌt[QñÇOósñÚØ{3¤²QñÝUÇ©GÇÇw
)mykey.asc {©GÃ¥×¥X> mykey.ascÇØÒÒÌú+ó)ïQñý¶ôÞÄ
óÇmykey.asc ©GÒ,1ú
GÝsñtØÒqÖì¥Y²ØÒÇE
less mykey.asc uóIì¥K©GÃE[q] uRñ¦ìÄÇa¦Á{Qñ#
Õ
-----BEGIN PGP PUBLIC KEY BLOCK----Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
mQGiBDkHP3URBACkWGsYh43pkXU9wj/X1G67K8/DSrl85r7dNtHNfLL/ewil10k2
q8saWJn26QZPsDVqdUJMOdHfJ6kQTAt9NzQbgcVrxLYNfgeBsvkHF/POtnYcZRgL
9B. Gnu Privacy Guard 261
tZ6syBBWs8JB4xt5V09iJSGAMPUQE8Jpdn2aRXPApdoDw179LM8Rq6r+gwCg5ZZa
pGNlkgFu24WM5wC1zg4QTbMD/3MJCSxfL99Ek5HXcB3yhj+o0LmIrGAVBgoWdrRd
BIGjQQFhV1NSwC8YhN/4nGHWpaTxgEtnb4CI1wI/G3DK9olYMyRJinkGJ6XYfP3b
cCQmqATDF5ugIAmdditnw7deXqn/eavaMxRXJM/RQSgJJyVpbAO2OqKe6L6Inb5H
kjcZA/9obTm499dDMRQ/CNR92fA5pr0zriy/ziLUow+cqI59nt+bEb9nY1mfmUN6
SW0jCH+pIQH5lerV+EookyOyq3ocUdjeRYF/d2jl9xmeSyL2H3tDvnuE6vgqFU/N
sdvby4B2Iku7S/h06W6GPQAe+pzdyX9vS+Pnf8osu7W3j60WprQkUGF1bCBHYWxs
YWdoZXIgPHBhdWxnYWxsQHJlZGhhdC5jb20+iFYEExECABYFAjkHP3UECwoEAwMV
AwIDFgIBAheAAAoJEJECmvGCPSWpMjQAoNF2zvRgdR/8or9pBhu95zeSnkb7AKCm
/uXVS0a5KoN7J61/1vEwx11poLkBDQQ5Bz+MEAQA8ztcWRJjW8cHCgLaE402jyqQ
37gDT/n4VS66nU+YItzDFScVmgMuFRzhibLblfO9TpZzxEbSF3T6p9hLLnHCQ1bD
HRsKfh0eJYMMqB3+HyUpNeqCMEEd9AnWD9P4rQtO7Pes38sV0lX0OSvsTyMG9wEB
vSNZk+Rl+phA55r1s8cAAwUEAJjqazvk0bgFrw1OPG9m7fEeDlvPSV6HSA0fvz4w
c7ckfpuxg/URQNf3TJA00Acprk8Gg8J2CtebAyR/sP5IsrK5l1luGdk+l0M85FpT
/cen2OdJtToAF/6fGnIkeCeP1O5aWTbDgdAUHBRykpdWU3GJ7NS6923fVg5khQWg
uwrAiEYEGBECAAYFAjkHP4wACgkQkQKa8YI9JamliwCfXox/HjlorMKnQRJkeBcZ
iLyPH1QAoI33Ft/0HBqLtqdtP4vWYQRbibjW
=BMEc
-----END PGP PUBLIC KEY BLOCK-----
B.5.1.
sñtØÒqÖì
*¦/f{|ççÃÇ,1sñÚØÅÉÆ¢,4Ç*{(Y
0ÇÅÚØÒ:DDÅêÇ,1&~ØÒqÖìuûYǯ
ØÒqÖì4ÇóÉÞ[|Ñ?ZÚØ{sE,~{ØÒqÖìiõÇõjÑ
ACâÑ
$3ZÖ5ÇØÒqÖìÚØÒ35ÄØÒqÖìÚØø/f|,
1,ØÒqÖì¥>F{ÚØDzÇstÆ¢{ØÒWÞÇlÆ¢Ò,1Zq\/f
ê
" OõjØÒqÖì43Z{Ç5ÇØÒqÖì{ÚØZ5ÄØÒqÖìÚØ{H
*øX,Ç,1IIX3{ØÒqÖì¯Ç{!å4Keyserver.Net ÇÇ http://www.keyserver.net
,1,shell +ݨì¥{ÚØÖlÇó"bÝ,ØÒqÖìzBØ
Ò
• óshell +ÇE1×Õ
gpg --keyserver search.keyserver.net --send-key you@example.com
• ó¨ì¥ÇÝtKeyserver.NetÃhttp://www.keyserver.netÄÇl u{PGP Ú
Ø
{ÇÖ4²ÚØ
?*"tÞôh{ ¥*YÇ,Ç{ÒÇ&~
ïZ½Õ
&~IìKsñ{ÚØ©GÃB.5 ¥O{mykey.ascÄ— Ç&~less
mykey.asc ×
~`)Bñ+,BEGIN PGP tEND PGP -{Äq?
Ç¢ÃkDCB-1Ä
²mykey.asc ©G{*"tKeyserver.Net Þ{ôh ¥Ç04â`){¥
-<Ã¥&~ÜE`)Ç3&ÜÇ<ÄlóØÒqÖìÞSubmit
<Ã*ñêFÇÞ{Reset <u8ø*"{ØÒÄ
•
•
•
9B. Gnu Privacy Guard 262
CB-1.
ÚØ
Õ?Ç*5Çä5{ØÒqÖì
bÚØÇ0Z1ÞZ½äýÞ#3
$"LÕ·ÄX&~{4shell +¤4yÇÑÌt>å/ØÒ.ú
ÄÕ
b— Ýóshell +ÇÝóØÒqÖì{5Þ,óåÇ.Z\/f{~Ò,
1s{ÚØ?²ÇtÆ¢{ØÒWÞê
B.6.
sÚØ
ØÒ¦{0Á4²/|{ÚØst{ØÒWÞ— ÇZsñÚØø;\hs/
|{ÚØÇÒ,1~Çu·Æ¢u{
G?ÊâØÒWÞÆ¢{ÚØu5Æ¢{jh
üÖ
sØÒ{!;\{04,5ÞñÝâ?Ç
ÚØúñ?â?tkey.asc ©GÇ&~ï×u²Çt{ØÒWÞ
gpg --import key.asc
«â?ØÒ{04&~¨ì{Save AsÃ?ÄÕ*&~Mozilla ¡
{¨ìÇ,1óØÒqÖì¥ItìØÒDz?©ý©GÃâFile => Save Page
AsÄóFiles of Type k{nh\¥Ç Text Files (*.txt)lÇÒ,1sØÒ—
b4/êû?{©GÖÇ*²ØÒ?w)newkey.txt {©ý©GÇs©
GÇóshell +ÇEÁ{×Õ
gpg --import newkey.txt
Ç{Qñ̦Á#Õ
gpg: key F78FFE84: public key imported
gpg: Total number processed: 1
gpg:
imported: 1
5,Ç4dÄÕÇ&~gpg --list-keys ×Öat{ØÒWÞïñê²cs
{ØÒ
hsÚØDzÇt{ØÒWÃkeyringÄÞÇÇ4Çâ?ÚØZ·Ø{©Gl
Çh,"¥ñ©lÝ©GÇ,1Êât{ØÒWÞ{ØÒuDè Ç©l
9B. Gnu Privacy Guard B.7.
jhüÖóý°Ú
B.8.
ÙÇýî
263
jhüÖ,1~uZCU{üÖ)vZ:{/f0*X3Ç:üÖ,úÇjh
üÖeÃúY4OüÖ4~{Õ·Ø*{ÇBf|,1&~{ÚØuDè
Ç
jhüÖÌÉ©lÕ-ÖY?øóÉ©lüÖ{-4üÖ{\IO$Ç*
ì|èC©lÇüÖDèÒ̽ìJ
GÇÇExmh ÝKDE {KMailÇóÇ
{Á¥Ýiê&~GnuPG uÉ©lüÖ{Õ
Ü«~{jhüÖ4ÕÀüÃclearsignedÄ©lZI¬üÖÃdetached signaturesÄYÜ¡ü
ÖÑ&~3ø{èyâÇXFBf|É{r>å·
óÀü>å¥Ç{üÖÌófGÌ1©ýLo*ñÖI¬üÖ4Z{/fåñ{
ÇI{©G
·b¥,1ÏÄÿXÿôõÇY°éGnuPG üîyëê*.ýê
Y0Á{#Ç,1kÁ{ýî
B.8.1.
ãê{©l
• man gpg
B.8.2.
•
•
•
Zinfo gpg — GnuPG ×Z 1{Ok
~{5
http://www.gnupg.org — GnuPG 5ÇÙ¥t!cGnuPG qÇý/¢4Ã{~
1ùÙÇ·ýÍ{Óz
http://hotwired.lycos.com/webmonkey/backend/security/tutorials/tutorial1.html
—
6
¯Webmonkey {Encryption Tutorial uZ¦ó·b1ù[a~Y1b
http://www.eff.org/pub/Privacy — × ä Ì ÃElectronic Frontier FoundationÄ Ç
Privacy, Security, Crypto, & Surveillance{l
B.8.3.
#V÷
Ç*VPhilip R. ZimmermanÖMIT Press ñÇ
Ç*VSimson GarfinkelÖO’Reilly & Associates, Inc. ñÇ
E-Mail Security: How to Keep Your Electronic Messages PrivateÇ*VBruce SchneierÖJohn Wiley & Sons ñÇ
•
The Official PGP User’s Guide
•
PGP: Pretty Good Privacy
•
264
9B. Gnu Privacy Guard ÂZ
GZnR
/dev/shm, ?
/etc/auto.master, ?
/etc/cups/, ?
/etc/exports, ?
/etc/fstab, 2, ?
/etc/fstab
©G
&~é~c{, 19
/etc/hosts, 90
/etc/httpd/conf/httpd.conf, ?
/etc/named.custom, ?
/etc/printcap, ?
/etc/printcap.local, ?
/etc/sysconfig/dhcpd, ?
/etc/sysconfig/iptables, ?, ?
/proc directory, ?
/var/spool/cron, ?
,?
\
\qÖì
URL, ?
\u
:, ?
ã, ?
ãê{©l, ?
à=Rh, ?
é\u{:, ?
6¯, ?
Ëz, ?
GÝ, ?
ÿ, ?
V÷, ?
ØyV, ?
5, ?
~{URL, ?
ØÒ
Ä, ?
yV
A, ?
AüÖü, ?
O>F, ?
Y
, ?
ÿÝ#, ?
CA, ?
.?, ?
ü, ?
\ÿ/
(D\ÿ/{Óä)
\ÿ/{Óä
iptables qÖ, ?
\ÿ/
°ÿ, 95
Ã3Û, ?
¥ÿ, ?
½f{÷÷, ?
ã
kickstart
(Dkickstart ã)
LVM, 73
GRAID, 69
c{, 19
®, 22
quotacheck ×Ç~u5, 22
ç·, 22
,ÞÏ, 21
¢~, 23
ÙÇýî, 23
é~, 19, 23
/etc/fstabÇ, 19
quotacheckÇäq, 20
O{©G, 20
!, 21
©Gø:I{, 21
~I{, 20
kI{, 21
m!, 21
cÑ?K
(Dc{)
parted
(Dparted)
K\å{, ?
CUPS, ?
GNOME K\®ì, ?
#K\å÷, ?
IPP K\å, ?
JetDirect K\å, ?
Novell NetWare (NCP) K\å, ?
Samba (SMB) K\å, ?
²{â?t©G, ?
ýK\å, ?
öPÄÇ, ?
ö?K\å, ?
A, ?
K\"Xå, ?
K\"XåÇ×q, ?
,×qK\, ?
sñ÷, ?
á0, ?
úã{Ìå, ?
&~LPRng, ?
ø:) 1, ?
®K\*, ?
ä©ý{a~Ç, ?
É{CUPS (IPP) K\å, ?
×q 1, ?
â?{, ?
Á
{, ?
ÍøK\å, ?
K\å, ?
åK\å, ?
266
PÄÇ 1, ?
GhostScript ½,H, ?
QefR(EOT), ?
¦fRÃFFÄ, ?
"½jâ©ý, ?
R©ýݦÄPostscript, ?
Í, ?
H{,HK, ?
½ÑPostscript, ?
<LB, ?
R>K\*, ?
Íø?K\å, ?
CUPS (IPP) K\å, ?
IPP K\å, ?
JetDirect K\å, ?
LPD K\å, ?
Novell NetWare (NCP) K\å, ?
Samba (SMB) K\å, ?
ýK\å, ?
/C), ?
?K\å, ?
ÏÇLPD K\å, ?
­×Ö?K\å, ?
­÷, ?
K\å{Óä
(DK\å{)
K\åø:#¦ì, ?
\~Ü*, 67
sñNFS ©Gø:, 114
®®ìËz
(Dd{)
ÄÕÌå{NF
(DDHCP)
'b, iv
3Û{
(DGNOME Lokkit)
IK
)ü
e2label, 15
ï,, 14
O, 14
Â*
mkfs, 15
Íø, 16
*
mkpart, 15
­cILB, 17
IK,
, 14
I
RAID äú, 7
qÖ
;6¯, ?
qÖ{Óä, ?
ñ
NFS ©Gø:, ?
å
¢~CtrlAltDel , ?
ÉËz
(Dd{)
·
&~GnuPG, ?
b¦8-, 3
:, 3
Íø, 4
, 3
M?LB, 3
#Ä, 5
·
&~GnuPG, ?
ë, i
úÜ*, 68
Ç, 185
ÍÇÜ*
½B, 65
,~Óä, 67
ò, 11, 73
GÝ, 147
;Ñ
&©G,,6¯, ?
;Ñ6¯
½B, ?
¢~, ?
{, ?
é~, ?
\\¢~, ?
=
, ?
,Ï, ?
=,ÏÇ, 181
\öò, 11, 74
\öò®ì
(DLVM)
\öò, 11, 73
×q 1
,K\, ?
?~Þ, ?
X
Ln?|Ñ, ?
\, ?
½, ?
Oè, ?
½, ?
õÿ®ì|Ñ, ?
Oè, ?
ÜL, ?
ÜL, ?
ÿ, ?
ñ, ?
XÜL
ïÞ, ?
267
Wñ, ?
ñ, ?
{
NFS, ?
;Ñ6¯, ?
¶=, ?
Y)¢Ëz
(Dd{)
ì
,H, ?
´·, ?
©G , ?
mcG, ?
Â, ?
©G, ?
(Dì)
syslogd, ?
, ?
½ , ?
5, ?
Ãc, ?
¢, ?
GRAID
(DRAID)
GÝ
ã, ?
&~GÝ®Óä, ?
â{©G, ?
®, ?
®úÍø{, ?
,IÍø{©G, ?
½ ©l, ?
ÜR©Gï,, ?
" , ?
Íø, ?
&~GÝ®Óä, ?
ÿ, ?
&~g½©G{ÄV, ?
Dè, ?
vø, ?
~RPM mc, ?
GÝ®Óä, ?
ãGÝ, ?
ÍøGÝ, ?
d®Óä
(Dd{)
d{
CIPE Ëz, 87
íÙ, 89
DHCP, 80
ISDN Ëz, 81
íÙ, 82
PPPoE Ëz, 84
xDSL Ëz, 84
íÙ, 86
®®ìËz, 83
íÙ, 84
®/etc/hosts, 90
®DNS ÷, 90
®Ìå, 90
íÙ÷÷, 91
·ÕIP, 80
\öd÷÷, 92
{©G, 92
íÙ, 93
Y)¢Ëz, 86
íÙ, 87
÷÷/Ö, 93
Ã"Ëz, 88
1ÔËz, 80
íÙ, 81
, 80
d÷÷;, 91
d©Gø:
(DNFS)
©l
It.ã{, ?
©Gø:, ?
ext2
(Dext2)
ext3
(Dext3)
LVM
(DLVM)
NFS
(DNFS)
);, ?
Ô®), 74
Ô®ò, 11, 73
ø:Á
, 65
D¯, 65
Ê=, 65
ÃZsRed Hat Linux, 65
mGÝG¯, 65
ø:få
Ç, ?
häq{, ?
?~Þ, ?
Bø, ?
©Gø:, ?
/dev/shm, ?
);, ?
mG, ?
få
{få, ?
èy, ?
èy{Óä, ?
×qÇý, ?
èy, ?
Kerberos |Ñ, ?
LDAP |Ñ, ?
MD5 =, ?
268
|Ñ, ?
¶=, ?
~få, ?
SMB
cÇ&~, ?
k{
groupadd, ?
Hesiod, ?
LDAP, ?
NIS, ?
,?
¥?
1ÔËz
(Dd{)
Zs
\~Ü*, 67
úÜ*, 68
ÍÇÜ*, 66
Zsc, ?
mG
, ?
mGRAID
(DRAID)
mG¨ì, ?
~
(D~{)
~®ì
(D~{)
~{
²~tk, ?
~ï,, ?
#~9shell, ?
#=, ?
#\Á, ?
#Ìø9, ?
,H~ï,, ?
=
,Ï, ?
=,Ï, ?
×q{, ?
passwd, ?
useradd, ?
÷~BR,Ï, ?
ý~BR, ?
~, ?
~k, ?
~, ?
GQS®
(DMTA)
GQS®#¦ì, ?
ó©ýÜ*¥éÄ, ?
G~S®, 169
Õ½
©l, ii
äqÿ/, ?
äqÿ/1, 67
ñXÜL, ?
ÌZs9, 65
Ä{Ö, ?
k
(Dk{)
kï,, ?
,Hkï,, ?
k, ?
~k, ?
kau, ?
k¥{~, ?
A
anacron
ÙÇýî, ?
qÖì
D {Óä)
\, ?
ÙÇýî, ?
#V÷, ?
Apache HTTP
( HTTP
APXS, ?
at, ?
ÙÇýî, ?
authconfig
Dèy{Óä)
(
authconfig-gtk
Dèy{Óä)
(
autofs, 113
/etc/auto.master, ?
B
batch, ?
ÙÇýî, ?
{, ?
åø9, ?
,KL, ?
5ÌK, ?
t5ÌK, ?
a~#, ?
BIND
269
C
E
CA
(
chage
D\qÖì)
×
=,Ï, ?
chkconfig, ?
CIPE Ëz
(DdËz)
cron, ?
crontab {¾, ?
{©G, ?
ÙÇýî, ?
~½B{Ö, ?
e2fsck, 2
e2label, 15
exports, ?
ext2
ext3
ext3
,1
ext2
,1
crontab, ?
CtrlAltDel
floppy
free, ?
ftp, ?
åÇ¢~, ?
, ¤Æt, 2
O
, ݦt, 2
u
F
kÇ&~, ?
CUPS, ?
G
D
df, ?
DHCP, 127
dhcpd.conf, ?
dhcpd.leases, ?
dhcrelay, ?
shared-network, ?
,?
,?
,?
,?
,?
,?
,?
,?
,?
,?
,?
,?
,?
dhcpd.conf, ?
dhcpd.leases, ?
dhcrelay, ?
diskcheck, ?
DSA
,?
DSOs
,?
du, ?
qÖì{
0{
Ëzt
×q 1
ÙÇýî
éÄqÖì
\Ûkj
&~ÆO
*qÖì
1
ÝS®
k
ØÒ
Ä
ñ
GNOME Lokkit
DHCP, ?
iptables
,?
,?
qÖ
ýÌå
äý3Û{, ?
íÙ3Û, ?
{Ê/qÖ, ?
GÝ, ?
GNOME K\®ì, ?
#K\å÷, ?
GNOME ø:)@ì, ?
gnome-lokkit
(DGNOME Lokkit)
gnome-system-monitor, ?
Gnu Privacy Guard
( GnuPG)
GnuPG
,?
,?
,?
,?
RPM
,?
, ?, ?
,?
,?
,?
,?
,?
GPG
( GnuPG)
D
sñÚØ
tØÒqÖì
sÚØ
:\?´·
5 GÝüÖ
ë
´·>å
ÙÇýî
ÄPBïyV
ÄØÒé
jhüÖ
D
270
H
hesiod, ?
HTTP
{Óä
Q, ?
FØ, ?
ÜL, ?
(DHTTP )
HTTP
DirectoryIndex, ?
ErrorDocument, ?
ErrorLog, ?
Group, ?
HostnameLookups, ?
KeepAlive, ?
KeepAliveTimeout, ?
Listen, ?
LogFormat, ?
LogLevel, ?
MaxClients, ?
MaxKeepAliveRequests, ?
Options, ?
ServerAdmin, ?
ServerName, ?
TimeOut, ?
TransferLog, ?
User, ?
httpd, ?
hwbrowser, ?
I
insmod, ?
ISDN
(
Ëz
Dd{)
K
Kerberos, ?
kickstart
©G[úIt
ã
ãd
äc
äc
äd
)
,Zsc¥
,Zsc
&~c,c ¥, 46
©GÂ*
©G
{ì
, 46
kickstart
, 27
LVM, 35
, 45
, 45
, 44
, 45, 45
, 46
, 46
, 46
#1
, 27
, 44
Kickstart
, 49
lý
lý
{
â?
3Û{
IK
G
Ê=
·
Ä*
äý{
Ec
GÝ K
`)
d{
©ýÜ*ã
ã0
èy 1
ZsãñÇ
ZsãñÇ 1, 51
ªÓ, 49
ªÓ|Ñ, 49
½, 49
­cZs, 50
kickstart ©G
%post
, 62
%pre
, 61
X
, 57
, 63
, 57
, 52
RAID, 53
, 49
, 49
, 50
, 49
, 49
, 60
, 49
, 49
, 55
, 50
, 50
, 56
, 51
%include, 41
%post, 43
%pre, 42
auth, 28
authconfig, 28
autostep, 28
bootloader, 30
clearpart, 31
device, 32
deviceprobe, 32
driverdisk, 32
firewall, 32
install, 33
interactive, 34
keyboard, 34
lang, 34
langsupport, 34
lilo, 34
lilocheck, 35
logvol, 35
mouse, 35
network, 36
part, 37
partition, 37
raid, 38
reboot, 39
rootpw, 39
skipx, 39
text, 39
timezone, 39
271
upgrade, 40
volgroup, 41
xconfig, 40
zerombr, 41
, 27
, 33
, 43
{Â*
ã0
ã{
ÝiÇ©G{, 41
O, 28
äc, 45
äc, 44
äd, 45, 45
GÝ {ä½, 41
Ç{)¾, 27
1, 28
½ã{, 42
L
LDAP, ?, ?
logrotate, ?
lpd, ?
LPRng, ?
lsmod, ?
lspci, ?
LVM, 11
kickstart, 35
, 11
, 11, 74
, 11, 73
, 74
, 11, 73
Z
:
\öò
\öò
Ô®)
Ô®ò
óã,Ç¥{LVM, 73
M
Maximum RPM, ?
MD5
,?
mkfs, 15
mkpart, 15
modprobe, ?
modules.conf, ?
MTA
,?
=
֌
&~
GQS®#¦ìu#¦, ?
MUA, ?
N
named.conf, ?
neat
(
)
netcfg
(
)
Network Device Control, 93
NFS
/etc/fstab, ?
autofs
( autofs)
,?
,?
,?
,?
,?
,?
,?
,?
,?
NFS
,?
NIS, ?
ntsysv, ?
Dd{
Dd{
D
sñ
qÖìçÕ
ñ
×q{
{
ÙÇýî
éÄqÖì
*qÖì
ÌåÖÂ*
qÖì{Óä
O
O’Reilly & Associates, Inc., ?, ?, ?
OpenLDAP, 164, 165
openldap-clients, ?
OpenSSH, ?
DSA
,?
RSA
1
,?
RSA
,?
ssh-add, ?
ssh-agent, ?
GNOME , ?
ssh-keygen
DSA, ?
RSA, ?
RSA
1, ?
,?
/etc/ssh/sshd_config, ?
,?
,?
scp, ?
sftp, ?
ssh, ?
,?
,?
OpenSSL
,?
ØÒ
Ä
Çý ØÒ
Ä
ØÒ
Ä
¥
Çý
qÖì
éÄZ*
0
ÙÇýî
ÄØÒé
ÙÇýî
272
P
pam_smbpass, ?
pam_timestamp, ?
parted, 13
, 14
, 14
, 13
, 16
, 14
IK,
OIK
×,
ÍøIK
÷÷
­cIIKLB, 17
, 13
PCI ÷÷
ïÞ, ?
postfix, ?
PPPoE, 84
printconf
(
printtool
(
ps, ?
DK\å{)
DK\å{)
Q
quotacheck, 20
quotacheck
×
~5{thu, 22
quotaoff, 23
quotaon, 23
R
RAID, 7
,8
0, 8
1, 8
4, 8
5, 8
,7
ÿ/
ÿ/
ÿ/
ÿ/
ÿ/
:
{GRAID, 69
GRAID, 7
&~ÆO, 7
mGRAID, 7
RAM, ?
rcp, ?
Red Hat
,?
Red Hat
,?
redhat-config-httpd
( HTTP
)
redhat-config-kickstart
( Kickstart
)
redhat-config-network
(
)
redhat-config-network-cmd, 93
redhat-config-network-tui
ÍcS®
d
D {Óä
D
{ì
Dd{
Dd{
DGÝ®Óä
DK\å{
D\ÿ/{Óä
D~{Zk{
Dd÷÷;
Dì
D
GQS®#¦ì
D
GQS®#¦ì
DK\åø:#¦ì
(
)
redhat-config-packages
(
)
redhat-config-printer
(
)
redhat-config-securitylevel
(
)
redhat-config-users
(
)
redhat-control-network
(
)
redhat-logviewer
(
)
redhat-switch-mail
(
)
redhat-switch-mail-nox
(
)
redhat-switch-printer
(
)
resize2fs, 2
RHN
( Red Hat
)
rmmod, ?
RPM, ?
GnuPG, ?
md5sum, ?
,?
,?
,?
,?
,?
,?
,?
,?
,?
D
d
ã
&~GÝ®Óä
â{©G
®
®úÍø{GÝ
®©Gï,
5GÝüÖ
ÙÇýî
" R>ã
&~GÝ®Óä, ?
Íøã, ?
÷ø), ?
ÿ, ?
&~, ?
&~g½©G{ÄV, ?
V÷, ?
mc, ?
mcGÝ, ?
CoÁ, ?
5, ?
©l, ?
©GàB
û, ?
Dè, ?
vø, ?
~IÍø{©G, ?
RPM GÝ®ì
(DRPM)
RSA Çý1 ØÒ
273
Ä, ?
ØÒ
Ä, ?
U
RSA
×
&~O~BR, ?
useradd
S
V
Samba, 119
pam_smbpass, ?
,?
VeriSign
qÖìçÕ
á0
Ëz, ?
&~Nautilus uËz, ?
ZWindows NT 4.02000ME1ùXP, ?
·=, ?
{, ?, ?
smb.conf, ?
å, ?
ÙÇýî, ?
éÄqÖì, ?
&~passwd u3Z=, ?
&~ÆO, ?
*qÖì, ?
Co{, ?
®Samba ~, ?
{qÖì÷, ?
á0, ?
scp
(DOpenSSH)
sendmail, 169
sftp
( OpenSSH)
SMB, 119, ?
smb.conf, ?
ssh
( OpenSSH)
ssh-add, ?
ssh-agent, ?
GNOME , ?
syslogd, ?
D
D
¥
T
ÌwÇ, ?
TCP
telinit, ?
telnet, ?
top, ?
tune2fs
&~¤Ætext2, 2
&~ݦtext3, 2
&~?yV, ?
W
Windows
©GZK\á0, ?
&~
Ëzá0, ?
&~
Ëzá0, ?
&~
Ëzá0, ?
&~
Ëzá0, ?
&~
Ëzá0, ?
Windows 2000
Samba
Windows 98
Samba
Windows ME
Samba
Windows NT 4.0
Samba
Windows XP
Samba
X
Ëz
Dd{)
xDSL
(
xinetd, ?
Y
ypbind, ?
C~&~DocBook SGML v4.1 Â*UHTML ZPDF Â*&~½
{
ZÂ,\Z½{jade ÌwlýuU
Marianne Pecci <goddess@ipass.net> Oê´CoÃÕ" ­BeZ´·Ä
óÜzMarianne Pecci ZRed Hat, Inc. {VÁ,ÇÇ¢,1ú­cq
Red Hat Linux ¬©l{ÄÊÕ
Sandra A. Moore — Red Hat Linux x86 ã {ÌÞU|ZVÖRed Hat Linux
{k¦ÞU|
Tammy Fox — Red Hat Linux ½ {ÌÞU|ZVÖRed Hat Linux
{k¦ÞU|ÖDocBook {½ZÂ,Zlý{U|ZV
Edward C. Bailey — Red Hat Linux x86 ã {k¦ÞU|
Johnray Fuller — Red Hat Linux k{ÌÞU|ZVÖRed Hat Linux \
{k¦ÞU|ZV
John Ha — Red Hat Linux {ÌÞU|ZVÖRed Hat Linux \{k
¦ÞU|ZV
Sarah SmithÃ|­]Ä — Red Hat Linux x86 ãRed Hat Linux
ZRed Hat Linux ½ {;¥© HV
Red Hat Linux
DSSSL
276
