[root@localhost ~]# mkdir /mnt/cdrom
[root@localhost ~]# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# cd /mnt/cdrom/Server/
[root@localhost Server]# rpm -ivh vsftpd-2.0.5-16.el5.i386.rpm
warning: vsftpd-2.0.5-16.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
package vsftpd-2.0.5-16.el5.i386 is already installed
[root@localhost Server]# rpm -ivh db4-utils-4.3.29-10.el5.i386.rpm
warning: db4-utils-4.3.29-10.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 37017186
Preparing... ########################################### [100%]
1:db4-utils ########################################### [100%]
[root@localhost Server]# useradd -d /ftphome -m ftphost
[root@localhost Server]# cp -p /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd
[root@localhost Server]# vim /etc/vsftpd/vsftpd.conf
[root@localhost Server]# touch /var/log/vsfptd.log
[root@localhost Server]# mkdir /etc/vsftpd/vconf
[root@localhost Server]# vim /etc/vsftpd/virtusers
[root@localhost Server]# cat /etc/vsftpd/virtusers
sale
123456
production
123456
humanr
123456
finance
123456
admin
654321
[root@localhost Server]# db_load -T -t hash -f /etc/vsftpd/virtusers /etc/vsftpd/virtusers.db
[root@localhost Server]# cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd.bak
[root@localhost Server]# vim /etc/pam.d/vsftpd
[root@localhost Server]# cat /etc/pam.d/vsftpd
#%PAM-1.0
session optional pam_keyinit.so force revoke
auth required pam_userdb.so db=/etc/vsftpd/virtusers
auth required pam_userdb.so db=/etc/vsftpd/virtusers
auth include system-auth
account include system-auth
session include system-auth
session required pam_loginuid.so
[root@localhost Server]# mkdir /ftphome/sales
[root@localhost Server]# mkdir /ftphome/production
[root@localhost Server]# mkdir /ftphome/humanr
[root@localhost Server]# mkdir /ftphome/finance
[root@localhost Server]# mkdir /ftphome/admin
[root@localhost Server]# vim /etc/vsftpd/vconf/vconf.tmp
[root@localhost Server]# cat /etc/vsftpd/vconf/vconf.tmp
local_root=/ftphome/virtuser
anonymous_enable=NO
anon_upload_enable=NO
anon_mkdir_write_enable=NO
max_clients=10
max_per_ip=5
local_max_rate=50000
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
[root@localhost Server]# chown -R ftphost:ftphost /ftphome
[root@localhost Server]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/sales
[root@localhost Server]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/
production
[root@localhost Server]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/
humanr
[root@localhost Server]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/
finance
[root@localhost Server]# cp /etc/vsftpd/vconf/vconf.tmp /etc/vsftpd/vconf/
admin
[root@localhost Server]# vim /etc/vsftpd/vconf/sales
[root@localhost Server]# cat /etc/vsftpd/vconf/sales
local_root=/ftphome/sales
同理,下面只修改第一行
[root@localhost Server]# vim /etc/vsftpd/vconf/production
[root@localhost Server]# vim /etc/vsftpd/vconf/humanr
[root@localhost Server]# vim /etc/vsftpd/vconf/finance
[root@localhost Server]# vim /etc/vsftpd/vconf/admin
[root@localhost Server]# chmod o+wt /ftphome/admin/
[root@localhost Server]# chmod o+wt /ftphome/finance/
[root@localhost Server]# chmod o+wt /ftphome/humanr/
[root@localhost Server]# chmod o+wt /ftphome/production/
[root@localhost Server]# chmod o+wt /ftphome/sales/
[root@localhost Server]# service vsftpd start
Starting vsftpd for vsftpd: [ OK ]
[root@localhost Server]# chkconfig vsftpd on
SNMP 代理:
配置yum服务器:
[root@localhost Server]# cat /etc/yum.repos.d/rhel-debuginfo.repo
[rhel-server]
name=Red Hat Enterprise Linux server
baseurl=file:///mnt/cdrom/Server
enabled=1
gpgcheck=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release
编辑配置文件/etc/snmp/snmpd.conf 。将第62 行的read字段对应的值改为all,表示可以访问所有的mib库;第85行定义“all”对应的mib是哪些;并设置配置沟通密码(团体名);设置陷阱,将陷阱信息发送至NMS(网络管理工作站)
[root@localhost ~]# vim /etc/snmp/snmpd.conf
62 access notConfigGroup "" any noauth exact all none none
85 view all included .1 80
50 rocommunity public
51 rwcommunity private
79 com2sec mynetwork 192.168.1.193/28 public
保存退出
启动snmp服务,并将snmp服务设置为开机自启动
[root@localhost ~]# service snmpd start 启动服务
Starting snmpd: [ OK ]
[root@localhost ~]# chkconfig snmpd on
查看snmp服务的端口号,有两个端口号:199和169
[root@localhost ~]# netstat -tupln |grep snmp
tcp 0 0 127.0.0.1:199 0.0.0.0:* LISTEN 12052/snmpd
udp 0 0 0.0.0.0:161 0.0.0.0:* 12052/snmpd
日志转发:
编辑系统日志配置文件/etc/syslog.conf,将需要转发的日志发送到指定的日志服务器上。咋日志类型后面加 @日志服务器的地址 即可将日志发送到指定的日志服务器上。
[root@mail ~]# vim /etc/syslog.conf
*.info;mail.none;authpriv.none;cron.none @192.168.1.194
重启日志服务
[root@mail ~]# service syslog restart
Shutting down kernel logger: [ OK ]
Shutting down system logger: [ OK ]
Starting system logger: [ OK ]
Starting kernel logger: [ OK ]