Lab QTM Linux - 910266t

Trng H Tn c Thng Khoa Cng ngh thng tin & Ton ng dng
LAB QUN TR H THNG MNG LINUX

Version 1.0
Tp. H Ch Minh, 12/2008
Qun tr mng Linux
V1.0
MC LC
MC LC.................................................................................................................. 1 PHN 1: QUN TR MNG LINUX CN BN.................................................... 3
BI 1: Cu Cu Cu Cu Cu BI 2: Cu Cu BI 3: Cu BI 4: Cu BI 5: Cu Cu BI 6: Cu BI 7: Cu Cu Cu BI 8: Cu Cu BI 9: Cu BI 1: Cu BI 2: Cu Cu BI 3: Cu Cu Cu Cu BI 4: Cu Cu Cu Cu BI 5: CI T H IU HNH..................................................................3 1: Hng dn ci t Fedora 9....................................................... 3 1: Tm hiu giao din Fedora 9.....................................................22 2: Tm hiu mt s lnh cn bn.................................................. 27 3: Ci t my in, modem, card mng......................................... 30 4: Ci t Font, b g xvnkb.........................................................38 H THNG TP TIN.......................................................................40 1: Cc thao tc trn file system....................................................40 2: Chia Partition, s dng Cdrom, Usb..........................................42 CI T V QUN L PHN MM..................................................44 1: Ci t phn mm 44 CC TRNH TIN CH.....................................................................45 1: Trnh tin ch vi, gom file, gii nn .......................................... 45 QUN L NGI DNG TRN LINUX............................................ 47 1: Qun l ngi dng trn giao din text....................................47 2: Thit lp quyn ngi dng trn file.........................................50 QUN L TI NGUYN A............................................................ 52 1: Thit lp hn ngch a cho ngi dng...................................52 CU HNH MNG CN BN............................................................55 1: Cu hnh mng 55 2: Cu hnh Telnet, ssh, vnc......................................................... 57 3: Cu hnh DHCP 59 CU HNH SAMBA.........................................................................61 1: Chia s ti nguyn dng chung, my in................................... 61 2: Cu hnh Samba qua web.........................................................65 CU HNH NFS.............................................................................. 68 1: Cu hnh NFS qua giao din text............................................. 68 QUN L TIN TRNH....................................................................70 1: Qun l hot ng ca tin trnh..............................................70 DCH V DNS................................................................................73 1: Cu hnh DNS qun l tn min cc b.................................... 73 2: Thit lp DNS lin kt nhiu tn min......................................76 DCH V FTP.................................................................................78 1: Chia s ti nguyn dng chung qua FTP.................................. 78 2: Upload d liu ln FPT Server...................................................80 3: Thit lp FTP hosting................................................................83 4: Gii hn truy cp ti nguyn dng chung................................ 86 DCH V WEB................................................................................88 1: Thit lp Webservice cho h thng.......................................... 88 2: Publish ti nguyn dng chung qua Web................................. 91 3: Thit lp website cho ngi dng.............................................93 4: Thit lp webhosting cho ngi dng.......................................95 DCH V MAIL...............................................................................99
PHN 2: CC DCH V MNG............................................................................ 70
Trang: 1
Qun tr mng Linux
V1.0
Cu Cu Cu BI 6: Cu BI 7: Cu Cu Cu Cu BI 8: Cu Cu
1: Thit lp h thng mail cho tn min cc b........................... 99 2: Thit lp h thng mail lin kt nhiu tn min.....................103 3: Gii hn s dng mail.............................................................106 DCH V PROXY..........................................................................107 1: Chia s kt ni internet..........................................................107 LINUX SECURITY.........................................................................110 1: Kim sot HTTP, SSH, SMTP, POP3........................................110 2: Thit lp Firewall chia s kt ni internet ..............................114 3: Thit lp m hnh Public my ch...........................................117 4: Thit lp m hnh Public cc my ch....................................119 WEBMIN 120 1: Qun l linux qua web............................................................120 2: Thit lp mi trng lm vic qua web cho ngi dng ........122
Trang: 2
1:
QUN TR MNG LINUX CN BN

BI 1:
CI T H IU HNH
Hng dn ci t Fedora 9
Fedora gi l phin bn 9- mt phin bn di hi .Kernel 2.6.25 ,h tr ext4 filesystem v ti tin n cn c nhiu l do hn bn dng th v cm nhn Hng dn ci t : - Hy download phin bn KDE DVD live hoc KDE CD live t trang trn .Burn ra 1 ci a - Bn cn 1 phn vng trng trn 10GB khng cha bt c h iu hnh hoc d liu no k c Windows Bt u ci t ; Cc bn s c gii thiu mt s tu chn mn hnh u tin.Nu cc bn khng hiu r th c nhn Enter .
cc bn chn Skip b qu bc kim tra ca Fedora v nhn Enter
Sau khi nhn Enter bn s nhn thy mn hnh cho mng ca Fedora .Hy click Next tip tc
Chn ngn ng thng l English v nhn Next
La chn bn phm .V hu ht bn phm Vit nam l bn phm US.English .
y l lc ci t cc thit lp mng cho bn .Nu bn bit r v 1 a ch IP tnh , DHCP, Host name. Hy Click vo nt Edit v thit t theo cc ch dn sau Fedora 9 h tr c IPv6 -cha xi c (Hin ang l IPv4). Nhn Next sang bc tip theo nu cc bn khng hiu r.
y l phn dao din edit cu hnh mng :
La chn quc gia ,vng lnh th ,thnh ph .Nhn Next
Ca s k tip ny yu cu bn nhp Password cho ti khon root .Hy nhp li Password Confirm v ghi nh ly n
Bc quan trng .Nu bn tip tc nhn Next tc l bn giao ph cc thit lp cho Fedora 9.Mi phn vng s b xa to ra 1 cng trng hon ton nhm ci Fedora 9.Chc chn l bn khng mun th ri .Vy th bn phi t chn ly phn vng ti thiu l 10GB .Hy nhn vo du mi tn tr xung th Remove all partitions on selected and create defauld layout chn Create custom layout sau hy nhn Advanced Storage thit lp .
Tuyt vi l Fedora 9 s cho php bn m ho phn vng ci n .Hy chn Password m ha v click OK (S dng hay khng l tuy cc bn)
Click Write changes to disk nu c hi
Ngay sau bc ny cc phn vng m bn to ra bc trn s c nh dng ci Fedora 9
Gi bn c th la chn nhng gi m bn mong mun Fedora 9 s ci t cho bn.
Click Next v cho Fedora lm nhng g bn thit lp trn v ci t vo cng cho bn .Hy thng thc 1 tch c ph v i t 30-60 pht tu theo s gi m bn chn v cu hnh my ca bn.
Khi ci t hon tt .Click Reboot khi ng li h thng ca bn
nh ly DVD Fedora 9 ra khi DVD v cho Linux Fedora 9 mi tinh bt u chinh phc bn
Nu bn chn m ho h thng file ca bn ri th gi l lc bn c nhc Password
Ok ! H thng s khi ng
Chc bn thnh cng v mong l bn yu thch Fedora 9
Tm hiu giao din Fedora 9
Fedora 9 a ra nhn Linux 2.6.25 c trang b cc tnh nng v ng dng cp nht nht dnh cho ngi dng my tnh. ln ra mt ny, GNOME 2.22 c mt vi ci tin quan trng nh lp h thng tp tin o GVFS. Qu trnh khi ng Fedora 9
Mn hnh ng nhp :
Mn hinh chnh ca Fedora 9 :
Chng trnh h tr ci t ng dng.
Cp nht h thng vi PakageKit
Nodoka, theme mc nh trong Fedora 9
Tm hiu mt s lnh cn bn
Cc bn vo terminal nh hnh :
V d cu lnh to user :
Tng t cc bn c th cu hnh mt vi cu lnh cn bn : Ti ch a ra lnh v chc nng tham s cc bn t xem nh
1.
cu hnh mng, chy lnh: netconfig
cu hnh my in, chy lnh: system-config-printer 3. khi ng v ngng dch v, dng: service XYZ start service XYZ stop
2. 4.
cu hnh mng, chy lnh: netconfig cu hnh my in, chy lnh: system-config-printer server. Mun m bo cho cc dch v ny c chy ngay t khi khi ng my, thc hin cc lnh sau: chkconfig --levels 235 httpd on Lnh man, info v apropos : thng tin v lnh Lnh cd : chuyn th mc Lnh cd : chuyn th mc Lnh file : xem thng tin loi file ca 1 file file <tn file> Lnh more v less : xem ni dung file more <tn file> Lnh cat v tail : xem ni dung file cat <tn file> Lnh cp : lnh copy .Lnh mv : lnh di chuyn hoc i tn file, th mc Lnh mkdir : to th mc mi Lnh rm v rmdir : xa file v xa th mc rng Lnh dir : bng vi ls l Lnh pwd : xem v tr th mc hin thi Lnh date : xem ngy Lnh cal : xem lich, v d cal 2006 Lnh exit : thot khi terminal
5.
6.
7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21.
Ci t my in, modem, card mng
bi: Hy cu hnh mt s thit b nh MODEM, Printer, NIC, hiu chnh Boot Loader: Hng dn : Ci t my in cc b cho h thng (chn my in default) s dng lnh v s dng giao din ha. o nh lnh : # setup o Chn : Printer configuration Run Tool
Tip theo cc bn chn New:
Sau cc bn chn tn thit b, loi thit b. y ti chon Local
Tip theo h thng hi cc bn chn Device cho my in, ti chn /dev/lp0:
Tip tc chn loi my in :
Thng tin chi tip v setup my in : o
o Nhn Finish hon tt vic setup : Cc bn c th chnh sa cu hnh : Edit, Default, Test
Ci t my in s dng giao din ha: o Trc tin cc bn phi m bo gn cng my in LPT o Chn System/Printing:
Tip tc cc bn chn: New Printer / Devices / LPT#1 => Forward
Nu cc bn cn chia s my in vi Wndown th chn : Windows Printer via SAMBA. o Cc bc tip theo cc bn chn loi my in , tn my in . ..
Chn Apply hon tt ci t :
Ci t v s dng modem (chn modem mu nu khng c modem tht) s dng giao din ha. o Chn : system / administration / network:
Tip tc chn : New/Modem conection => Forward
Chn modem :
Chn nh cung cp :
Hon thnh :
Ci t card mng v cu hnh a ch cho my cc b vi yu cu sau: (s dng c hai giao din ha v giao din lnh) o Gn card mng vo sau cc bn khi ng li my.
Linux s hi cc bn mun lm g vi thit b mi ny :
Nu cc bn chn Configure th h thng s yu cu cu hnh TCP/IP:
o o
Vic setup card mng trn linux l rt n gian. Nu nh h thng khng c kh nng nhn ra th chng ta phi tin hnh ci t driver (Nu c h tr trn Linux). a s card mng u c h tr nn cc bn khng phi lo vn ny.
Ci t Font, b g xvnkb
bi ng nhp vo h thng di ch Xwindow v thc cc yu cu sau: Ci t FONT UNICODE v VNI cho h thng. Ci t b g xvnkb v s dng. S dng cc phn mm vn phng (OpenOffice.org Writer, Draw).
Mc tiu Gip cho hc vin ci t font ch VNI v Unicode, ci t b g Vit Key cho Linux, s dng ng dng vn phng OpenOffice. Hng dn thc hnh c bi tp ny hc vin cn chun b b ngun font, xvnkb. Tt c cc b ngun ny c ly t Internet hoc t my ch ca trung tm o to. Ci t Font cho h thng: Gi s ta c hai file Unicode.zip, vni.zip, ta dng lnh unzip unicode.zip v lnh unzip vni.zip gii nn hai file trn.
Chp file unicode v vni vo ng v tr : o Chp vo th mc /usr/share/fonts/unicode, /usr/share/fonts/vni. => S dng cho b OpenOffice o Chp vo th mc /usr/share/fonts/default => Nu cc bn mun s dng cho tt c cc chng trnh trong Linux Chy lnh: # fc-cache Ci b g xvnbk (ci t file *.tar.gz):
m c b g chng ta c nhiu cch, ti ch gii thiu 1 cch thi nh:
o o
Cc bn khng cn quan tm n Warning u Sau khi nh song lnh xvnkb trn desktop s c biu tng Telex . Cc bn chnh sa cch g y nh.
Ch : Nu lm n y m cc bn vn cha nh c ting vit th cc bn reboot li h thng, kch hot li. Chc l ok ! :D Tm li cc bn cn nh cc thao tc : Chp file unicode v vni vo ng v tr Ci b g xvnkb Dng lnh init 6 reboot li h thng. Dng lnh xvnkb kch hot Vit Key Linux.
BI 2: u
H THNG TP TIN
Cc thao tc trn file system
Mc tiu Gip chng ta lm quen vi c ch t chc filesystem, cc tp lnh lin quan, quyn hn truy cp file, qun l filesystem. Hng dn Xc nh th mc hin hnh ca user root ta login vo bng user root di ch dng lnh v dng lnh pwd. Mount a CD3 ca Fedora Core 2 vo th mc /mnt/cdrom ta dng lnh #mount /dev/cdrom /mnt/cdrom. to th mc /root/software, /root/dataserver, ta dng lnh mkdir /root/software, mkdir /root/dataserver. chp file bt u bng chui mc trong th mc /mnt/cdrom/Fedora/RPMS ca a CDROM vo th mc /root/software, trc tin ta phi dng lnh cd /mnt/cdrom/Fedora/RPMS, sau dng lnh cp mc* /software/ Dng lnh #find / -name passwd tm kim file passwd c tn ti trong h thng hay khng, nu c ta chp n vo th mc /root/datacenter. Dng lnh mkdir /root/data to th mc data trong th mc root. copy tp tin passwd thnh tp tin pwd ta c nhiu cch dng, c th dng lnh cp passwd pwd. to file lylich.txt c nm dng thng qua lnh cat ta thc hin theo c php sau: #cat >lylich.txt, sau ghi ni dung ca file, kt thc bng phm CTRL+D. thm chui vo cui file ta dng lnh cat >>lylich.txt . sau g chui sau: Chao cac ban lop M20TA. Kt thc bng phm CTRL+D. gom cc tp tin trong th mc data thnh tp tin bakup.tar, ta dng lnh sau: tar backup.tar /root/data/*. nn file backup.tar ta dng lnh gzip backup.tar. gii nn v bung file backup.tar.gz vo th mc /root ta dng lnh tar zxvf backup.tar.gz. xem tr gip ca lnh no ta dng man <tn lnh>. Sau khi ta tm hiu xong ta dng lnh vi /mancmd g ngha ca cc lnh tail, head, wc, tty. xem ton b ni dung tp tin /etc/passwd ta dng lnh more /etc/passwd. hin th 10 dng u tin ca tp tin ca tp tin /etc/group ta dng lnh head /etc/group. hin th 10 dng cui cng ca tp tin /etc/group ta dng lnh tail /etc/group. xem ni dung hai tp tin pwd v grp ng thi ta dng lnh cat pwd grp. Tnh tng s dng trong file ta dng lnh wc l <tn lnh>, xem tng s k t trong file ta dng lnh wc c <tn file>. tm trong tp tin /etc/passwd v hin th ra mn hnh nhng dng c chui root ta dng lnh grep root /etc/passwd. tm trong h thng c cc file no c dung lng ln hn 200KB hay khng? Nu c th in ra mn hnh ta dng lnh #find / -size +200k. xem v ghi nhn tt cc cc thuc tnh lin quan ti file /etc/passwd (ch s lin kt, ch s hu, nhm s hu, quyn ca u,g,o trn file, dung lng ca file), ta dng lnh ls ll /etc/passwd v ghi cc thng tin trn vo v. cp quyn cho file /permissiontest.txt ch cho ngi dng root mi c quyn xem ni dung file ny ta dng lnh chmod 600 /permissiontest.txt. xem tt c cc ch s inode ca cc file v th mc ca th mc /root ta dng lnh ls i /root. lit k tt c cc file v th mc trong th mc /etc/ theo tng trang mn hnh ta dng lnh ls al /etc/ |more.
xem trong th mc /root c bao nhiu file n, hin th chi tit thng tin ca cc file ny, sau cho kt xut ra file /root/filelist.txt ta dng lnh ls al /root >/root/filelist.txt.
Chia Partition, s dng Cdrom, Usb
bi: ng nhp vo h thng v dng trnh tin ch FDISK thc hin cc thao tc sau: To thm mt partition trn a cng c dung lng l 500MB. Gn kt t ng partition ny vo th mc /mnt/ext. Xem cc mount point trong h thng. Cho bit file thit b ca swap partition, file system no l boot partition. Xem tt c cc partition trong h thng.
Hy gn kt cdrom, a mm, usb vo h thng theo cc mount point tng ng sau: cdrom /mnt/cdrom. floppy /mnt/floppy. usb /mnt/usb.
Mc tiu: Gip hc vin tm hiu v lm quen vi trnh tin ch qun l phn vng a, s dng cc thit b lu tr. Hng dn: TO PARTITION : xem cc mount point c trong h thng ta dng lnh : # df qun l a ta thng dng tin ch fdisk, ta c th xem file thit b ca a cng thng qua lnh:fd l (fdisk - l) # fdisk /dev/sda (S dng tin ch fdisk to partition) o p (sau khi nh lnh p cc bn s bit c danh sch cc partition s dng ) o n (nh lnh n to mi) o first cylinder (bc ny chng ta chn mc nh) o +500M (kch thc ca partition mi, cc bn ch l a ca chng ta phi cn nh) o w (dng lnh ny lu li partiton va to) o reboot ( reboot li h thng) o # mkfs.ext3 /dev/sda9 (format parittion sda9 m ta va to theo loi ext3) o mkdir /mnt/ext (to th mc mount) o mount /dev/sda9 /mnt/ext (umount : khng mount) = > y l c ch mount bng tay khi no ta cn s dng th mi mount o mount t ng: Vim /etc/fstab (m file cu hnh ) sau thm dng /dev/sda9 /mnt/ext default auto 1 1 (loi file system) (ty chon lin quan) (kim tra)
S DNG USB :
xem cc mount point c trong h thng ta dng lnh : # df Xem s dng h thng sda,had : nu ang s dng sda th usb s l sdb nu ang s dng had th usb s l sda mount /dev/sdb /mnt/usb # cd /mnt/usb ( c thng tin trong usb)
umount
/dev/sdb (khng s dng usb na)
BI 3: u bi:
CI T V QUN L PHN MM
Ci t phn mm
Ci t qua Internet: Ci t t DVD dng file rpm: Ci t dng file *.gz v *.bz2
Mc tiu: Gip hc vin qun l cc phn mm c ci t trong h thng, ci t phn mm dng m ngun. Cc phn mm cn thit: B a cdrom ca Fedora Core 2 Phn mm xvnkb.*.tar.gz Phn mm xvnkb.*.rpm
Hng dn: Cc lnh c bn: o # rpm qa |more (xem tt c cc gi phn mm ci trn h thng) o # rpm qa filename (xem c th gi filename c ci cha?) o # rpm e fullfilename ( xa gi phn mm,fullfilename:tn y lnh trn) Cc cch ci t: o Ci t qua Internet: yum install <tn gi phn mm> o Ci t t DVD dng file rpm: # cd Fedora\ 9\ i386\ DVD/ (tn ca a DVD) # cd packages (th mc cha cc gi phm mm) # rpm ivh filename (tn gi phn mm mun ci t) o Ci t dng file *.gz v *.bz2
Ni ti : http://sourceforge.net or http://freshmeat.net Gii nn (thng nm trong th mc : /tmp) : i vi gi *.gz: # tar zxvf filename.gz i vi gi *.bz2: # tar jxvf filename.bz2 Vo th mc gii nn dng lnh: ../configure .make .make install
BI 4: u
CC TRNH TIN CH
Trnh tin ch vi, gom file, gii nn
bi hy ng nhp vo h thng v s dng tin ch VI, gom, nn v gii nn file theo cc yu cu sau: To hai th mc /root/bt04 v /root/data. Dng vi to tp tin /root/bt04/cadao vi ni dung sau. Bu i thng ly b cng Tuy rng khc ging nhng chung mt gin Dng vi son tho tp tin /root/bt04/tucngu c ni dung sau: C cng mi st c ngy nn kim Dng tin ch vi to file /root/bt04/overview.txt, ni dung ca file ny m t chc nng mt s th mc trong h thng nh: /, /boot, /usr, /var, /home, /proc, /bin. Lit k ni dung ca th mc /root, nhng kt qu xut ra tp tin data/kqroot Gom v nn cc tp tin trong th mc bt04 vi tn cadaotucngu.tar.gz. Sau , di chuyn n vo th mc data. Bung v gii nn tp tin cadaotucngu.tar.gz Dng lnh vi /etc/passwd, sau s dng lnh /n tm kim chui adm c tn ti trong file ny khng.
Mc tiu Gip hc vin s dng thnh tho tin ch VIM (vi) to vo son tho ni dung, s dng thnh tho cng c backup v nn file.
M hnh
Hng dn Dng lnh mkdir /root/bt04 v lnh mkdir /root/data hai th mc bt04 v data.
Dng lnh vi /root/bt04/cadao to v son tho file cadao o Bm phm I trc khi son ni dung cho file ny. o Son ni dung o Mun thot khi ch son tho v quay v du nhc lnh bm phm esc Sau l phm :wq (thot v lu ni dung) hoc phm :q (thot khng lu ni dung). to file /root/bt04/tucngu ta dng lnh vi /root/bt04/tucngu son tho ni dung. gom cc file trong th mc bt04: o # tar cvf cadaotucngu.tar /root/bt04. o # gzip /root/cadaotucngu.tar ( nn file ny thnh cadaotucngu.tar.gz) tm kim chui trong file s dng tin ch vi: o Ta dng lnh: # /filename (filename: tn chui cn tm)
BI 5: u
QUN L NGI DNG TRN LINUX
Qun l ngi dng trn giao din text
bi ng nhp vo h thng v thc hin cc yu cu sau: Xem ni dung tp tin /etc/passwd v cho bit c bao nhiu ngi dng do h thng to ra. Cho bit c bao nhiu ngi dng c UID=0, GID=0. Dng vi ghi nhn danh sch nhng ngi dng ny vo tp tin /baitap/dsuser. Xem ni dung tp tin /etc/group v cho bit c bao nhiu nhm do h thng to ra. Cc thao tc cn bn cho ngi dng.
Mc tiu Gip hc vin lm quen cch to v qun l ngi dng trn mi trng Linux. Hng dn Xem ni dung tp tin /etc/passwd:
Mi ngi dng c m t trong 1 dng, c 7 trng: user:pass:UID:Group:thng tin m t: home directory:bash shell Xem ni dung tp tin /etc/group:
Mi nhm ngi dng c m t trong 1 dng, c 4 trng: Tn nhm : t kha i din nhm : group ID : danh sch cc ngi dng Xem ni dung tp tin /etc/shadow:
M t thng tin password ca user, chi tit nh sau :
To user v nhm :
Cc thao tc khc ln quan ti user:
Thit lp quyn ngi dng trn file
bi ng nhp vo h thng my ch Linux v thc hin cc yu cu sau: Chp file /etc/passwd thnh file /data/dsuser. Cp quyn hn cho tp tin /data/dsuser nh sau : ch s hu c quyn c, ghi; nhm s hu c quyn c; nhng ngi khc khng c quyn truy cp. Cp quyn hn cho th mc /baitap nh sau: ngi s hu c quyn c, ghi, thc thi; nhm s hu c quyn c, thc thi; nhng ngi khc khng c quyn truy cp. To quyn hn mc nh cho tp tin nh sau : ngi s hu c quyn c, ghi; nhm s hu c quyn c; nhng ngi khc khng c quyn. Th to tp tin, th mc v so snh quyn hn mc nh vi nhng tp tin v th mc trc khi t li quyn hn mc nh. Thay i ch s hu v nhm s hu ca tp tin /data/dsuser thnh ngi dng user1 v nhm user.
Mc tiu Gip hc vin thit lp quyn hn ca ngi dng ln file, chuyn i ch s hu, nhm s hu, Hng dn Cc thao tc c bn :
chp file /etc/passwd thnh file /data/dsuser o Dng lnh: # cp /etc/passwd /data/dsuser. cp quyn hn cho tp tin /data/dsuser sao cho: ngi s hu c quyn c, ghi; nhm c quyn c; nhng ngi khc khng c quyn g c. o Ta dng lnh chmod 640 /data/dsuser. cp p quyn hn cho th mc /baitap sao cho: ch s hu c quyn c, ghi, thc thi; nhm c quyn c, thc thi; nhng ngi khc khng c quyn g c. o Ta dng lnh chmod 750 /baitap. to quyn hn mc nh cho tp tin sao cho : ch s hu c quyn c, ghi; nhm c quyn c; nhng ngi khc khng c quyn. o Ta dng lnh: # umask 020. o Ta to file kim tra bng lnh touch /data/test.txt, o Tip theo dng lnh ls -al /data/test.txt xem quyn hn. thay i ch s hu v nhm s hu ca tp tin /data/dsuser thnh ngi dng user1. o Thay i ch s hu : #chown user1 /data/dsuser o Thay i nhm s hu: # chgrp user /data/dsuser.
BI 6: u bi:
QUN L TI NGUYN A
Thit lp hn ngch a cho ngi dng
Kim tra xem th mc /home c phi l mt mount point ca mt filesystem ring bit hay khng? Nu khng phi bn nn to mi mt filesystem bng tin ch fdisk v mount n vo th mc /home. To nhm hocvien gm cc thnh vin hv1, hv2; nhm admin gm cc thnh vin admin1, admin2. Cu hnh quota cho th mc /home v cp quota sao cho: o Mi ngi dng trong nhm hocvien c cp 10MB dung lng a lu d liu. o Mi ngi dng trong nhm admin c cp 15MB dung lng a lu d liu. o Nu cc ngi dng s dng vt qu dung lng cho php th gi mt thng bo n ngi dng v sau mt tun s hy d liu. ng nhp vo vi ngi dng hv1 th sao chp d liu vo home directory ca mnh vt 10MB, xem cnh bo ca quota. Theo di v thng k thng tin s dng ti nguyn h thng ca User.
Mc tiu Gip hc vin hoch nh hn ngch a cung cp. Hng dn Dng lnh df L kim tra s tn ti ca filesystem /home trong h thng.
Nu khng tn ti ta dng cng c fdisk to partition, sau mount vo filesystem /home (tham kho trong bi tp s dng tin ch fdisk)
Dng lnh useradd v groupadd to ngi dng v nhm ngi dng
Cu hnh quota
Kim tra quota.
BI 7: u
CU HNH MNG CN BN
Cu hnh mng
bi ng nhp vo h thng bng ngi dng root v thc hin cc yu sau: Xem tn my, sau i tn thnh linuxserver. Xem thng tin v a ch mng ca card eth0 v lo Xem trng thi vt l card mng. t a ch mng c thng tin sau: o IP: 10.10.10.10 o SM: 255.0.0.0 o GW: 10.10.10.1 o DNS: 10.100.100.254 Kim tra my cc b c lin thng vi my 10.10.10.1. Thay i a ch ip trn thnh a 192.168.100.1/24, gw: 192.168.100.10
Mc tiu Gip hc vin s dng cc thao tc c bn v mng trn mi trng Linux. Hng dn: M hnh :
M t cu hnh : ng nhp vi quyn user root. i tn my thnh LinuxServer: # hostname linuxserver (ch i tm thi) i mi mi chng ta m t li thng tin trong file: o # vim /etc/sysconfig/network
# init 6 : Cp nht li
Cc thng tin cu hnh khc:
u bi
Cu hnh Telnet, ssh, vnc
ng nhp vo h thng bng ngi dng root v thc hin cc yu cu sau: Cho php mi ngi c th truy cp server qua dch v TELNET. Cho php mi ngi truy cp t xa my ch qua dch v SSH Cho php mi ngi truy cp my ch Linux qua dch v VNC.
M hnh:
Mc tiu Gip hc vin cu hnh Linux h tr c ch truy xut t xa thng qua dch v TELNET, SSH, VNC. Hng dn
Cho php mi ngi c th truy cp server qua dch v TELNET. o Ci gi telnet-server. o # chkconfig level 35 telnet on (bt) o telnet dng lnh : # telnet <IP>
Cho php mi ngi truy cp t xa my ch qua dch v SSH (hay dng) o Ci gi openssh-server o # chkconfig level 35 sshd on (bt) o S dng ssh: # ssh <IP> -l root (root: user qun tr) Cho php mi ngi truy cp my ch Linux qua dch v VNC. ( ha=>nng) o Ci gi vnc-server o Bt vnc : # chkconfig level 35 vncserver on service vncserver service vncserver restart vncserver o kt ni bng vnc: telnet ti linux server
service vncserver restart # vncpasswd (t pass cho vnc) vncserver (t kt ni dng desktop) vim /root/.vnc/xstartup
S dng chng trnh tightvnc: Chng trnh ny dng kt ni vi my Linux c ci trn my windows
Cu hnh DHCP
bi Hy ng nhp vo my ch Linux v thc hin cc yu cu sau: Thit lp DHCP server theo cc yu cu sau: o Scope : 192.168.100.50 192.168.100.100 o SM: 255.255.255.0 o GW: 192.168.100.1 o DNS: 192.168.100.10 o Domain: tut.vn Kim tra cng ng dng ca DHCP. Xem thng tin thng k a ch IP cp pht.
M hnh
Mc tiu Gip hc vin cu hnh v qun l dch v DHCP cp pht a ch IP ng. Hng dn
# rpm qa dhcp : Kim tra xem dhcp ci t cha # rpm ql dhcp : Kim tra cc gi lin
quan n dhcp
copy file dhcp.conf.sample thnh file dhcp.conf sa cu hnh:
# vim /etc/dhcp.conf : m cu hnh
# service dhcp restart : reboot li dch v # netstat an|more : kim tra dhcp hot ng cha?
=> Vy l cc bn cu hnh thnh cng ri .
BI 8: u
CU HNH SAMBA
Chia s ti nguyn dng chung, my in
bi ng nhp vo my ch Linux thc hin cc yu cu sau: To ngi dng v nhm sau: o hocvien : hv1, hv2, hv3 o giaovien: gv1, gv2 o admin: admin1, admin2 Cu hnh SAMBA server vi cc yu cu sau: o Chia s home directory cho tng ngi dng. o Chia s th mc /home/public vi tn Public sao cho cc ngi dng trong nhm hocvien c quyn read, write. Nhng ngi khc c quyn read. o Chia s my in cc b cho mi ngi trong nhm hocvien s dng. T Linux khc truy cp n nhng ti nguyn dng chung ny thng qua lnh smbclient. Cm mt my tnh 192.168.10.1 truy cp vo ti nguyn dng chung trn Linux Server. Mount ti nguyn dng chung vo mount point /mnt/smb s dng.
Mc tiu Gip hc vin cu hnh SAMBA chia s ti nguyn dng chung cho ngi dng. M hnh
Hng dn:
# rpm qa samba : Kim tra gi phn mm c ci cha To cc user nh yu cu bi (cc bn t to nh) Cu hnh samba chia s ti nguyn:
# vim /etc/samba/smb.conf
Ch nh ra th mc lu password cho ngi dng c php truy cp ti nguyn thng qua dch v samba
M t chi tit cu hnh samba:
bo mt ta khng hin th th mc home ca user lc ta tm kim trn mng:
Import user ca h thng vo user ca samba: # cat /etc/passwd|mksmbpasswd.sh >/etc/samba/smbpasswd # smbpasswd u1 : share cho u1 (tng t cho cc user khc) Nu chng ta mun public cho tt c cc user th sa file smb.conf l :
service smb restart Import user ca h thng vo user ca samba. # testparm (Kim tra cu hnh)
o o
Mc nhin cc user trong h thng c: share trong th mc /home # sbmclient //IP/tailieu U u1 (test bng lnh) Chng ta cng c th s dng windows kim tra
Cu hnh samba chia s my in: o Ci t my in trn Linux o cu hnh trong file sbm.conf o # vim /etc/samba/sbm.conf
o o
service sbm restart Ci t share my in cho users trn windows : run://IP/printers in username v password Tin hnh ci t my in tng ng vi loi my in trn Linux
Cu hnh Samba qua web
bi ng nhp vo h thng v thc hin cc thao tc sau: Cu hnh SAMBA SWAT sao cho ngi dng root c th qun l samba qua giao din web trn port 8090. To ngi dng v nhm sau: o hocvien : hv1, hv2, hv3 o giaovien: gv1, gv2 o admin: admin1, admin2 Thng qua SAMBA SWAT cu hnh: o Chia s home directory cho tng ngi dng. o Chia s th mc /usr/share vi tn test sao cho cc ngi dng trong nhm admin c quyn read, write. Nhng ngi khc c quyn read. T my ch Linux hoc Windows kim tra cu hnh trn.
Mc tiu Gip hc vin cu hnh dch v SAMBA quan giao web. M hnh
Hng dn
# rpm qa samba-awat : Kim tra ci t dch v cha
Cu hnh : o # vim /etc/xinetd.d/swat
# vim /etc/services (cc bn cn phi thay i thng tin port y na)
o o o
# service xinetd restart # netstat an|grep :8090 (kim tra port hot ng cha) Truy cp samba qua giao din web:
o o
y l giao din sau khi ng nhp thnh cng (cc bn t tm hiu cc chc nng nh, ch cn cc bn hiu v dch v samba th cu hnh rt d dng) Sau y ti hng dn cc bn share th mc dng chung :
chn Share :
cu hnh cc thng s share
restart li dch v:
BI 9: u
CU HNH NFS
Cu hnh NFS qua giao din text
bi Cu hnh NFS chia s ti nguyn dng chung:

To ngi dng v nhm sau: o hocvien : hv1, hv2, hv3 o giaovien: gv1, gv2 Cu hnh NFS server theo cc yu cu sau: o Export th mc /user/share/doc cho ngi dng trong nhm mng 192.168.100.0/24 c quyn truy xut o Export th mc /public cho mi ngi dng trong nhm hocvien c ton quyn truy xut. Cu hnh NFS Client mount cc ti nguyn /public vo mount point /mnt/nfs.
Mc tiu Gip hc vin cu hnh NFS chia s ti nguyn dng chung cho ngi dng mng s dng. M hnh
Hng dn - Ci t : nfs v portmap - To ngi dng v nhm sau: o hocvien : hv1, hv2, hv3 o giaovien: gv1, gv2 Cu hnh NFS server theo cc yu cu sau: (vim /etc/exports )
Export th mc /user/share/doc cho ngi dng trong nhm mng 192.168.100.0/24 c quyn truy xut
Export th mc /public cho mi ngi dng trong nhm hocvien c ton quyn truy xut.
Khi ng NFS Server :
or cp nht li s thay i : exportfs -a Cu hnh NFS Client mount cc ti nguyn /public vo mount point /mnt/nfs. to th mc v cu hnh :
Cu hnh :
To th mc mount point : mkdir /mnt/nfs Cp nht li : mount a Kim tra xem mount
2:
CC DCH V MNG
BI 1:
QUN L TIN TRNH
Qun l hot ng ca tin trnh
bi: Hy ng nhp vo h thng Linux bng ngi dng qun tr v thc hin cc yu cu sau: Xem PID ca tin trnh init. Xem PID v PPID ca tin trnh login Xem tin trnh con ca tin trnh login. Xem trong h thng c nhng tin trnh no ang hot ng. Xem cu trc cy tin trnh, cho bit chc nng ca tin trnh init. m xem c bao nhiu tin trnh ang hot ng trong h thng. Khi to tin trnh c tn named, sendmail. Xem PID ca tin trnh named v sendmail. Kim tra xem tin trnh xinetd c ang hot ng v cho bit PID. Hy tin trnh named v sendmail sau kim tra. Kim tra xem user c tn hv ang s dng nhng chng trnh no.
Mc tiu: Gip hc vin qun l v theo di chng trnh, dch v, hot ng ca ngi dng. Hng dn: Dng lnh pgrep init xem PID ca tin trnh init Dng lnh ps ax|more xem cc tin trnh ang hot ng trong h thng.
# ps ef |more : Xem tin trnh tra ca 1 tin trnh no (PPID)
# pstree np|more (Nhnh r phn cp tin trnh cha v con)
Thng k tng s tin trnh ang hot ng trong h thng ta dng lnh ps ax | wc l
Dng o o Dng
lnh service khi to tin trnh named v sendmail. service named restart service sendmail restart lnh pgrep <tn tin trnh> kim tra tin trnh.
Dng lnh kill hoc lnh pkill hy tin trnh.
Dng lnh ps u <tn user> xem user ang to ra nhng tin trnh no.
BI 2: u
DCH V DNS
Cu hnh DNS qun l tn min cc b
bi 1: Phn gii tn ra a ch IP Trung tm o to tin hc TUT va thu mt tn min tut.vn t t chc qun l tn min VNNIC. Anh/Ch hy t chc DNS server trn my ch Linux theo m hnh sau:
Mc tiu: Gip hc vin cu hnh dch v DNS phn gii tn min ni b v Internet. Hng dn: Cu hnh my : 192.168.15.3 qun l DNS Kim tra gi bind c c ci hay khng : rpm qa bind* // y l gi chnh ca dch v DNS Xem chi tit cc file: - /etc/named.conf : file mu khai bo zone - /var/named/named.ca:file mu cha cc root name server -/var/named/localhost.zone:file mu cha zone thun ca localhost - /var/named/named.local : file mu cha zone nghch ca localhost Mi thao tc m t nm trong : -/var/named/chroot/var/name (nu c ci gi bind-chroot) - /var/named/elage (ngc li nu khng ci bind-chroot)
Khai bo zone thun v zone nghch trong file /etc/named.conf /
M t c s d liu trong file /var/named/chroot/var/named/tut.vn.hosts. (tip tc copy localhost.zone thnh tut.vn.hosts v chnh sa) o Zone thun.
Zone nghch. (tip tc copy named.local thnh tut.vn.local v chnh sa) 1D IN SOA dnssrv.tut.vn root.tut.vn 1D:1 ngy SOA:tn ca server DNS 2008120203 : s ln chnh sa zone trong ngy 03 1D IN NS dnssrv.tut.vn.
o o
3 1D IN PTR dnssrv.tut.vn Khi to li dch v: sevice named restart (pgrep named) Theo di khai bo c li ko: tail /var/log/messages => Tng ng mi zone thun nn c 1 zone nghch
Khai bo dns client. vi /etc/resolv.conf nameserver 222.222.255.3 domain tut.vn Kim tra phn gii tn min. host t ns tut.vn : kim tra hot ng ca dns host t a www.tut.vn host t mx tut.vn hoc nslookup set type = any //mx : mail tut.vn
Thit lp DNS lin kt nhiu tn min
bi: Hy thit lp DNS lin kt cho hai min con cntt.tut.vn v kttt.tut.vn theo yu cu c m t c th trong m hnh sau:
Mc tiu: Gip hc vin cu hnh DNS lin kt phn gii cho nhiu min con thng qua c ch u quyn. Hng dn: Cu hnh DNS cho min tut.vn ( cu hnh) y quyn hai min con cntt.tut.vn v kttt.tut.vn o Khai bo record NS v A tr v min cntt.tut.vn v min kttt.tut.vn (# vim /var/named/chroot/var/named/tut.vn.hosts.) dnscntt.tut.vn IN NS cntt.tut.vn cntt.tut.vn IN A 192.168.15.5 dnskttt.tut.vn IN NS kttt.tut.vn kttt.tut.vn IN A 192.168.15.6 o Khai bo v PTR tng ng vi record A. (# vim /var/named/chroot/var/named/tut.vn.local) 1D IN SOA dnssrv.tut.vn root.tut.vn 1D IN NS dnssrv.tut.vn. 3 1D IN PTR dnssrv.tut.vn 5 1D IN PTR dnssrv.cntt.tut.vn 6 1D IN PTR dnssrv.kttt.tut.vn
Ch : Nu cc bn mun t mnh qun l th khai bo cc min trong file tut.vn.host nh bnh thng.
Khi to v kim tra hot ng
o # service named restart o # nslookup . Cu hnh DNS cho min cntt.tut.vn o Forwarders v my ch dnssvr. (# vim /etc/named.conf)
o Cu hnh DNS cho cntt.tut.vn tng t nh ca tut.vn Cu hnh DNS cho min kttt.tut.vn o Forwarders v my ch dnssvr. (# vim /etc/named.conf) o
o Cu hnh DNS cho kttt.tut.vn tng t nh ca tut.vn Kim tra phn gii tn min o S dng lnh nslookup kim tra phn gii cho tt c cc tn min
BI 3: u
DCH V FTP
Chia s ti nguyn dng chung qua FTP
bi 1: Hy login vo my ch Linux v thc hin cc yu cu sau chia s ti nguyn dng chung thng qua giao thc FTP. - Cho php mi ngi c th truy xut vo ti nguyn /var/ftp thng qua tn site ftp.tut.vn - Mi ngi dng cc b c th truy xut ti nguyn ca mnh qua FTP. Mc tiu: Gip hc vin cu hnh File server c ch chia s, truy cp v upload ti nguyn dng chung qua giao thc truyn file FTP. M hnh:
ftp.tut.vn : 222.222.255.1 Hng dn:
Cp tn DNS cho FTP site. o m file cu hnh dns thm dng : # ftp IN CNAME www.tut.vn o # service named restart o kim tra dns : # host t a ftp.tut.vn (ping ) To ngi dng cc b. o ci t : # rpm ivh vsftpd o to user : vh (pass hv), hv1 (pass hv1) : # useradd hv c hoc vien Khi to dch v FTP. o # service vsftpd restart o # chkconfig --level 35 vsftpd on (nu cc bn cn thn hn mi ln h thng khi ng li th ko phi khi ng li dch v FTP) Kim tra hot ng. o Kim tra tin trnh vsftpd. # pgrep vsftpd (tr v ID nu c hot ng)
Login bng ngi dng anonymous. # ftp ftp.tut.vn Name : anonymous (l user mc nh truy cp vo ftp m khng cn pass) Login bng ngi dng cc b. ftp ftp.tut.vn Name : vh put filename (chp d liu ln server) ftp://hv:hv@ftp.tut.vn (truy cp vo ftp : user vh c pass l hv) (nn m chng trnh test th bng windown explorer)
ch :
-
Mc nh tt c cc user cc b c cp quyn upload d liu th mc gc public ti nguyn : /var/ftp/pub Th mc lu tr ti liu ca cc user l : /home Trong tt c cc bi v FTP ny cc bn nn lin tc kim tra DNS v hot ng ca FTP server: o kim tra DNS : # nslookup o kim tra FTP : # pgrep vsftpd v # service vsftpd restart
Upload d liu ln FPT Server
bi 2: Hy cu hnh cho php mi ngi dng c quyn upload d liu qua FTP theo yu cu sau:

Cho php ngi dng login bng anonymous c upload vo th mc /upload. Cho php mi ngi dng c quyn upload vo home directory ca mnh qua FTP.
Mc tiu: Gip hc vin cu hnh FTP cho php upload d liu dng chung hoc d liu cho tng ngi dng ln FTP server. M hnh:
Hng dn:

To ngi dng cc b (user hv, pass hv). o Cc bn t to nh Kim tra DNS o kim tra xem DNS c phn gii ng IP ca ftpserver ko? Cho anonymous c quyn ghi v to th mc. (cp quyn write, anon_upload_enable)
M file cu hnh : # vim /etc/vsftpd/vsftpd.conf
Vn tip tc cu hnh trong file trn (vsftpd.conf) D:
Thay i th mc gc : ti /ftproot (nm cui nh)
Cp quyn th mc upload cho anonymous: Dng lnh chmod 755 /ftproot/upload hoc chown ftp upload
anonymous v ftp l 1 v ch c upload vo th mc upload
Khi to dch v FTP. service vsftpd restart Kim tra hot ng. (Cc bn t kim tra nh) o Kim tra tin trnh vsftpd. # service vsftpd restart o Login bng ngi dng anonymous. # fpt ftp.tut.vn or ftp://user:pass@ftp.tut.vn ( trong windown) o Upload file. ftp> put filename or copy,pass (trong windown) o Login bng ngi dng cc b. o Upload file.
Thit lp FTP hosting
bi 3: Hy cu hnh FTP server sao cho c th cung cp hai FTP site c tn ftp.tut.vn, v vftp.tut.vn.
Mc tiu: Gip hc vin thit lp nhiu FTP site trn cng my ch Linux, cung cp c ch hosting FTP cho ngi dng. Hng dn:
To IP alias cho vftp site. o Copy file cu hnh cho vftp site (sub interface)
y l file m t cu hnh cho card mng chnh
# vim ifcfg-eth0:0 (m file va copy cu hnh)
Ch mi site phi c 1 a ch
o # service network restart Cu hnh ftp site 1: ftp.tut.vn
copy file file cu hnh FTP chnh to site 1
Sa file vsftpd.conf cho site 1 # vim vsftpd.conf
y l thng tin quan trng nht :
Cu hnh ftp site 2: vftp.tut.vn Sa file vftpd.conf cho site 2 vim vftpd.conf
Khai bo a ch (quan trng)
Th mc /ftproot l ni cha file ca site 2.
Khai bo thm cho DNS phn gii tn : o Thun :
Nghch :
Kim tra hot ng o Kim tra tin trnh vsftpd.
Login bng ngi dng anonymous. # ftp ftp.tut.vn # ftp vftp.tut.vn
ch : tng to ra FTP l to ra nhiu a ch IP sau nh x vo cc virtual FTP tng ng.
Gii hn truy cp ti nguyn dng chung
bi 4: Hy cu hnh FTP server theo cc yu cu sau:

Cu hnh ch cho php ngi dng cc b truy cp vo FTP server ngoi tr ngi dng hv. Cm host 222.222.255.10 truy cp vo FTP server.
Mc tiu: Gip hc vin gii hn ngi dng/host truy xut vo ti nguyn dng chung qua FTP. M hnh:
Hng dn:

To ngi dng cc b. (hv,hv1) Cu hnh FTP o Gii hn ngi dng anonymous. # service vsftpd restart # chkconfig vsftpd on # vim /etc/vsftpd/vsftpd.conf
gii hn user hv : M file : vim /etc/vsftpd.ftpusers
Nhng user b cm s nm trong file ny
Gii hn host truy xut FTP server. M file : # vim /etc/host.deny
Bt tnh nng Fireware (ci ny c th khng lm ): # lokkip cc bn ngn host v 1 vi th khc (nhng bi sau s hc chi tit hn) enable firewate v chn customes (s dng giao din ha) Trusted Devices
# service xinetd restart # service iptables restart Khi to dch v FTP o service vsftpd restart Kim tra hot ng (Cc bn t kim tra) o Kim tra tin trnh vsftpd. pgrep vsftpd o Login bng ngi dng anonymous. o Login bng ngi dng cc b. o Login t host 222.222.255.10

BI 4: u bi 1 :
DCH V WEB
Thit lp Webservice cho h thng

Hy cu hnh web service thit lp web site www.tut.vn theo m hnh sau:
Mc tiu: Gip hc vin thit lp Web service load web site cho mi ngi truy cp. Nguyn tc hot ng : Client gi 1 yu cu n webserver, webserver nhn v x l thng tin HTTP s gi 1 web response ti Browser
Hng dn: Dng chng trnh secure shell server cu hnh Chun b ni dung Web site. Nn webdata thnh file .zip Copy webdata.zip vao thu muc root Dng lnh: unzip webdata.zip gii nn folder webdata ng k tn Web site trn DNS server. o khai bo record (ng k trc tip trn DNS server) vi /var/named/chroot/var/named/tut.vn.hosts to ci record www : www ID IN A 222.222.225.1
restart li dch v : service named restart kim tra xem phn gii c tn min: ping www.t2h.edu.vn Cu hnh Apache Web server. o Kim tra ci apache : rpm qa httpd o cu hnh thng qua file : vi /etc/httpd/conf/httpd.conf ( bm I insert khi vo vi) o Khai bo ServerName. ch nh server name : ServerName www.tut.vn:80 o Khai bo DocumentRoot. ch nh th mc lu tr web: DocumentRoot /webdata
o Khai bo Directory: <Directory /webdata>
Ch nh quyn hn truy cp trn webData: chmod R 755 /webdata ( -R: p t mi quyn hn 755 cho tt c cc trang web trong th mc webdata cng nh cc th mc con trong ).Khai bo DirectoryIndex. (nh cui SSH Secure Shell) Khai bo DiretoryIndex: DiretoryIndex index.html index.html.var index.htm
Dng lnh service httpd restart. o service httpd restart o pgrep httpd ( cn thn hn kim tra tin trnh c hot ng) Kim tra. o Kim tra httpd c hot ng khng: pgrep httpd o Kim tra httpd hot ng: lynx www.tut.vn o M trnh duyt kim tra a ch www.tut.vn
Publish ti nguyn dng chung qua Web
bi: Hy cu hnh web service publish ti nguyn /soft sao cho mi ngi dng c th truy cp qua URL: http://www.tut.vn/tailieu.
Mc tiu: Gip hc vin chia s ti nguyn dng chung cho mi ngi s dng web.
Hng dn: Kim tra webservice c hot ng khng: lynx www.tut.vn To Virtual Directory. o Khai bo Alias. Cu hnh file vi /etc/httpd/conf/httpd.conf Thm ng dn ch n ti nguyn: Alias /tailieu /soft Ch nh quyn hn: Options Indexes Multiviews (cho pht tm dng lit k khng cn tm kim trang ch). o Reload Web service: service httpd restart
Kim tra thng qua vic truy xut URL: http://www.tut.vn/tailieu hoc dng lnh: lynx www.tut.vn/tailieu
Chu y : echo 0 > /selinux/enforce : tat tam thoi che do selinux
Thit lp website cho ngi dng
bi: Hy cu hnh Web service cho mi ngi dng trong h thng u c mt web site ring theo a ch URL http://<a ch Web site> /~username
Mc tiu: Gip hc vin cu hnh web service cung cp web site cho tng ngi dng trong h thng.
Hng dn: Kim tra webservice c hot ng khng: lynx www.tut.vn Cu hnh Userdir trong file httpd.conf: vi /etc/httpd/conf/httpd.conf To UserDir. o Khai bo UserDir. o Cp quyn hn truy cp.
chmod 755 R /home/* //Cho php mi ngi c th truy cp vo wec ca cc user Reload Web service: service httpd restart. To cc trang web tng ng cho tng user: u1, u2, u3 vo th mc webdata. o
Kim tra trn my linux tn ti cc user u1, u2, u3 cha: grep u1 /etc/passwd (nu khng hin ra thng tin g ngha l cha tn ti user . Thm User useradd u1 c user1. Password: 123 . Lm tng t cho cc user khc. Khi to dch v ftp user c th upload qua ftp: service vsftpd restart Vo windows explorer g a ch: ftp://u1:123@ftp.tut.vn to th mc mi l : html, dng lnh paste upload website ca u1. lm tng t cho cc user khc. Cp quyn cho mi ngi c th truy cp n trang web ca tng user: chmod 775 R /home/* Kim tra: truy cp vo trang web ca user: www.tut.vn/~u1.
Thit lp webhosting cho ngi dng
bi 6 : (VIRTUAL HOST) Trung tm o to tin hc ang duy tr web site c tn www.tut.vn nhm cung cp mi thng tin cn thit cho ngi dng bn ngoi, ITDEP v PCM l hai chi nhnh ca Trung Tm c nhu cu, thu server ny t chc hai Website c tn ln lt l: www.itdep.tut.vn, www.pcm.tut.vn. Anh/Ch hy t chc Web service theo yu cu trn. Mc tiu: Gip hc vin cu hnh Web hosting cho thu Web site trn my ch Web server.
Hng dn: To ra cc tn www.itdep www.pcm m t trn DNS
vi /var/named/chroot/var/named/tut.vn.hosts www.pcm 1D IN CNAME www.tut.vn. // To alias nh x v server chnh: www.itdep 1D IN CNAME www.tut.vn.
service named restart ping www.pcm.tut.vn v www.itdep.tut.vn
mkdir /webhosting To user th mc ton quyn trn th mc ca mnh useradd d /webhosting/pcm pcm // to user pcm ton quyn trong th mc pcm useradd d /webhosting/itdep itdep
pass mcp // i password cho user pcm v itdep service vsftpd restart // khi to dch v upload cc trang web M IE truy cp vo FTP upload web: ftp://pcm:pcm@ftp.tut.vn (username v mt khu) : copy trang web hin th
11 /webhosting/
// kim tra quyn truy cp
t quyn truy cp ngi khc c th gh thm: chmod R 755 /webhosting/ chmod R 755 /webhosting/*
Cu hnh Apache Web server

Khai bo NameVirtualHost:( cho php thc hin webhosting trn apache server vi /etc/httpd/conf/httpd.conf /Virtualhost : tm kim khai bo NameVirtualHost 222.222.255.1 (b du # trc ) ch nh quyn: <VirtualHost 222.222.255.1 > ServerAdmin webmaster@tut.vn // a ch ca ngi qun l DocumentRoot /webdata ServerName www.tut.vn o Khai bo Virtualhost. <VirtualHost 222.222.255.1 > //virtual host cho pcm v itdep ServerAdmin webmaster@tut.vn // a ch ca ngi qun l DocumentRoot /webhosting/pcm ServerName www.pcm.tut.vn Reload Web service o service httpd restart Kim tra. o Truy cp vo cc web va to o
Ch :
Chung ta co hai loai Virtual Host: + IP-based Virtual Hosting: s dung nhng a ch IP khac nhau cho tng domain. + Named-based Virtual Hosting: nhieu domain chia se tren mot a ch IP. V D: Cau hnh virtual host bang IP-based Virtual host. <VirtualHost 203.162.40.1> ServerAdmin webmaster@net.com DocumentRoot /home/www/net ServerName www.net.com </VirtualHost> <VirtualHost 203.162.40.2> ServerAdmin webmaster@soft.com DocumentRoot /home/www/soft ServerName www.soft.com </VirtualHost> V d: Cau hnh virtual host bang Named-based Virtual host. NameVirtualHost 203.162.40.1 <VirtualHost 203.162.40.1> ServerAdmin webmaster@net.com DocumentRoot /home/www/net ServerName www.net.com </VirtualHost> <VirtualHost 203.162.40.1> ServerAdmin webmaster@soft.com DocumentRoot /home/www/soft ServerName www.soft.com </VirtualHost> i. phn bit 2 loi? ii. cu hnh cn bng ti (web, file server) ? iii. chc nng tng t domain controller trong windown ? iv. VPN remote desktop?
BI 5: u
DCH V MAIL
Thit lp h thng mail cho tn min cc
b
bi : Hy thit lp h thng Mail cho min tut.vn sao cho mi ngi c th trao i thng tin qua Email.
Mail server : 222.222.255.1 Mc tiu: Gip hc vin thit lp h thng th in t trn mi trng Linux. Hng dn: Kim tra DNS. o dng lnh nslook kim tra phn gii tn www.tut.vn Ci t : sendmail o # jum install sendmail* Cu hnh Khai bo sendmail o # vim /etc/mail/sendmail.mc o Cu hnh local domain :
Cu hnh DAEMON_OPTION :
o # service sendmail restart Cu hnh dovecot (pop3). o Ci gi dovecot m dch v pop3 or imap
add port 110 trong firewall cho php pop3 hot ng:
M file cu hnh : # vim /etc/dovecot.conf
# service dovecot restart (cp nht dch v)
kim tra cu hnh :
Cu hnh mail client. o to account : a v b (useradd - passwd) Kim tra : o Gi mail : # telnet 222.222.255.1 25 helo tut.vn mail from: a@tut.vn rcpt to: b@tut.cn da ta cc bn nhp ni dung y th) o quit (dng thot) Nhn mail : # telnet 222.222.255.1 110 user b pass bbbb (bbbb: password ca user b) list (hin th danh sch th) retr 1 ( c th s 1) dele 1 ( xa th s 1) quit (thot) Cc bn c th dng outlook express ca windown r hn.
. (y l du nm ring bit trn dng kt thc ni dung
Ghi ch :
gi mail ra ngoi internet : - cu hnh gi mail trong ni b thnh cng - Cu hnh c th ra ngoi internet - m file sendmail.mc : o sa : dnl FEATERE (relay_entire_domain) o to file thm file : relay-domains : thm cc domain mun gi th ti(vn ; abc.com )
Thit lp h thng mail lin kt nhiu tn min
bi : Hy thit lp h thng Mail cho php ngi dng c th trao i Email ra mng ngoi v ngc li. Yu cu c th trong m hnh sau:
tut.vn : 222.222.255.1 itdep.tut.vn : 222.222.255.5 pcm.tut.vn : 222.222.255.6 Mc tiu: Gip hc vin cu hnh relay mail thit lp h thng trao i Email trong mng cc b v mng Internet. Hng dn: Kim tra DNS. (ng t 3 min kim tra) Cu hnh relay mail cho hai min con t min tut.vn (222.222.255.1) o Khai bo trong file : vim /access
cp nht : # makemap hash access<access # service sendmail restart
Cu hnh mail gateway cho itdep.tut.vn (222.222.255.5) vim /etc/mail/sendmail.cf
# service sendmail restart
Cu hnh mail gateway cho pcm.tut.vn (222.222.255.6) vim /etc/mail/sendmail.cf
o # service sendmail restart Khi to dch v. o # tail f /var/log/maillog (xem qu trnh chuyn mail) Kim tra. o to cc user : u1,u2 (itdep) ; gv (pcm) o logon vo user cn gi (u1): U1 gi mail : cc: (thng bo qu trnh gi)
Gv xem mail :
tip tc ta gi : Gv-> U1, U1<->test . Gv<->test Ngi tut.vn ta cng c th c mail : vim /var/spool/mail/test (test l user ca tut.vn
Gii hn s dng mail
bi :

Hy thit lp h thng Email theo yu cu sau: Mi ngi dng gi email vi kch thc ti a 5MB. Cm ngi dng hv1@tut.vn s dng email. Cm host c a ch 192.168.100.1 s dng mail.
Mc tiu:
Gip hc vin qun kim sot vic s dng Email ca ngi dng.
Hng dn:
Kim tra li cu hnh DNS. (Nh trn) Cu hnh Sendmail qun l Mail cho min cc b. ngn ngi dng hoc host hoc subnet s dng Email ta m t file: /etc/mail/access o # vim /etc/mail/access
C php: <a ch> REJECT Sau khi m t chng ta phi cp nht li thng tin : - # service sendmail restart ch nh kch thc gii hn ta dng t kha MaxMessageSize <Size(byte)> o M file cu hnh : # vim /etc/mail/sendmail.mc
o o
Cc bn ch n v tnh y l byte nh. Cp nht li dch v ;
# m4 sendmail.mc sendmail.cf # service sendmail restart n y cc bn t kim tra nh. BI 6:
DCH V PROXY
Chia s kt ni internet
bi: Hy cu hnh cache_proxy chia s kt ni Internet cho mng cc b theo m hnh sau:
Mc tiu: Gip hc vin thit lp h thng bo mt cho mng cc b bng cch s dng proxy chia s kt ni Internet. Hng dn: # rpm qa squid (Kim tra ci squid proxy) Cu hnh Squid. o # vim /etc/squid/squid.conf (mi file cu hnh) o Ch nh http_port
Ch nh ACL (ch nh nhng mng cc b no c php truy cp internet)
Ch nh Visible_hostname (ch nh hostname)
To squid cache. (to th mc swap directory cha cc thng tin v cache ) # squid z o # service squid restart : khi to dch v o # netstat an|more : Kim tra port 8080 c hot ng khng ? Khai bo Proxy cho trnh duyt. o
Truy cp Internet v kim tra.
Theo di squid log (theo di qu tnh truy cp ca client) o # tail f /var/log/squid/access.log
BI 7: u bi:
LINUX SECURITY
Kim sot HTTP, SSH, SMTP, POP3
Hy thit lp Firewall trn my ch Linux ch cho php bn ngoi c th truy xut vo mt s loi dch v theo m hnh sau:
Mc tiu: Gip hc vin c th thc hin cc thao tc c bn v cu hnh mng. Hng dn: Cu hnh iptables o Kch hot. # lokkit sau chn Enable Nu nh cc bn kch hot thnh cng th mn hnh s hin th nh sau:
Nu nh cc bn kch hot khng thnh cng tc l my bn cha ci firewall. ci cc bn dng cu lnh: # yum install iptables*
Thit lp lut. Chn customize :
Trusted divices : danh sch cc interface. => Nu chng ta chn interface no th c ngha l chng ta cho php mi traffic qua interface . Allown incomming : cho php s dng nhng dch v chn Sau khi chn OK ! h thng s to ra file config : /etc/sysconfig/iptables y l file :
:IN PUT ACCEPT [0:0] : defaul rule ca nhng gi tin i vo. :FORWARD ACCEPT [0:0] : defaul rule ca nhng gi tin i qua. :OUTPUT ACCEPT [0:0] : defaul rule ca nhng gi i ra . -A INPUT j RH-Firewall-1-INPUT : nh ngha rule cho d liu vo
=> -j : jum ; RH-Firewall-1-INPUT : tn rule

Cc rule s hot ng theo nguyn tc t trn xung di .
Theo yu cu ca bi ta s phi m t file cu hnh nh sau :
- A RH-Firewall-1-INPUT m state state ESTABLISHED,RELATED J ACCEPT :
=> Cho php firewall thit lp kt ni i ra v chp nhn kt ni tr v

Ch thch port : - POP3 : 110 - SSH : 22 - SMTP: 25 - HTTP : 80 - HTTPS : 443 Khi to dch v. o # service iptables restart Kim tra (phn ny cc bn t kim tra nh): o T cc Client login vo cc dch v trn. o Ping vo my ch Linux v cho nhn xt.
Thit lp Firewall chia s kt ni internet
bi: Hy thit lp m hnh chia s Internet thng qua Firewall theo m hnh sau:
Mc tiu: Gip hc vin thit lp NAT trn iptables chia s kt ni Internet. Hng dn:s Thit lp cu hnh kernel. Ch nh default route. o Bt tnh nng nh tuyn. # vim /etc/syscrl.conf Bt tnh nng cho php forward
kim tra li : # sysctl p o o Modifile cho php nh tuyn gia 2 card mng (swiching) # echo 1>/proc/sys/net/ipv4/ip_forward Cu hnh route : # route : kim tra ng route
Cu hnh iptables nat. # lokki : tcu hnh firewall cho php tt c cc gi tin i qua. => Mc ch ch cu hnh NAT m chng ta khng quan tm firewall
# iptables t nat A POSTROUTING s 10.0.0.0/8 d 0/0 o eth0 j MASQUERADE POSTROUTING : thao tc i a ch ngun 10.0.0.0 : a ch ngun 0/0 : i din cho a ch bt k trong internet eth0 : i ra cng eth0 Lu cu hnh li khi boot li my vn khng b mt iptables save
Kim tra. o # iptables L |more o # vim /etc/sysconfig/iptables
# setup : kim tra v cu hnh TCP/IP:
Thit lp m hnh Public my ch
bi: Hy publish my ch c a ch 10.0.0.12 cho php Internet c th truy xut vo mi ng dng trn my ny.
Mc tiu: Gip hc vin thit lp h thng kt ni Internet v cho php publish my ch Internet c th truy xut vo d liu trn mng cc b. Hng dn: Thit lp cu hnh kernel. (nh bi trc) Ch nh default route (nh bi trc) Cu hnh iptables nat tnh (1-1).
# lokki : tcu hnh firewall cho php tt c cc gi tin i qua. => Mc ch ch cu hnh NAT m chng ta khng quan tm firewall
o o
# service iptables restart : Cp nht li dch v i cc gi a ch i t bn ngoi vo bn trong mng ni b:
cho php trong ni b i ra ngoi internet :
To lut cho php gi tin i qua firewall:
Cho php t ni b v firewall c th m kt ni ra ngoi :
Lu cu hnh li khi boot li my vn khng b mt iptables save >/etc/sysconfig/iptables service iptables restart
Kim tra. o Cc bn ng t my bn ngoi internet v truy nhp cc ng dng vo a ch 255.255.121.137. Nu ng dng ny c chuyn vo my 10.0.0.12 l thnh cng.
Thit lp m hnh Public cc my ch
bi: Hy thit lp m hnh publish ng dng c cung cp trong s sau:
Mc tiu: Gip hc vin thc hin m hnh publish ng dng mng ra ngoi Internet Internet c th truy xut ng dng mng c t chc trong mng cc b. Hng dn: Thit lp cu hnh kernel (nh bi trc). Ch nh default route (nh bi trc). Cu hnh iptables nat tnh (Port Direction). o # lokki : tcu hnh firewall cho php tt c cc gi tin i qua. o NAT tnh cho Web Service. NAT tnh cho Mail.
# iptables t nat A POSTROUTING s 10.0.0.0/8 d 0/0 o eth0 j MASQUERADE iptables save >/etc/sysconfig/iptables service iptables restart
Kim tra: o Cc bn ng ngoi kim tra cc ng dng.
BI 8: u
WEBMIN
Qun l linux qua web
bi 1: Qun l Linux qua web Hy thit lp h thng Webmin cho php cc ngi dng qun tr c th qun l Linux qua Web:
Mc tiu: Gip hc vin thit lp mi trng qun l h thng qua Web. Hng dn: Download v ci t webmin. o www.webmin.com ng nhp. o Truy cp a ch http://<a ch>:10000 <a ch> : a ch IP ca my server. 10000 : webmin giao tip qua cng 10000. o Login bng ngi dng root. Sau khi nh a ch cc bn in username v password ca root vo. o Cc bn cng c th nh user c quyn qun tr.
y l giao din web khi kt ni thnh cng:
c th truy cp bng tn cc phi cu hnh DNS Cu hnh DNS truy cp webserver qua tn: server.tut.vn :
Thit lp mi trng lm vic qua web cho ngi dng
bi : Hy thc hin mt s thao tc qun tr sau qua giao din Web: To thm a ch 1.1.1.1 trn card eth0 Khai bo my ch DNS c a ch 203.162.4.190 Ch nh gateway cho h thng cc b c a ch 222.255.121.254 Chia s ti nguyn /usr/share/doc cho mi ngi dng s dng qua NFS.
Mc tiu: Gip hc vin dng giao din Web cu hnh mng cho h thng Linux. Hng dn: ng nhp vo h thng thng qua URL http://server.tut.vn:10000 qua ngi dng root. Chn module Networking.
Chn module Network Configuration cu hnh cc thng tin lin qua v mng.
To thm a ch 1.1.1.1 trn card eth0 (vo Network Interface)
n y th qu r ri : Kt qu :
Ch : eth0:0 l card mng o ca eth0
Khai bo my ch DNS c a ch 203.162.4.190 Chn DNS Client
Hnh chi tit :
server : tn ca my ch 203.162.4.190 : a ch IP ca my ch
Ch nh gateway cho h thng cc b c a ch 222.255.121.254 Chn Routing and Gateways:
Sau cu hnh :
Ghi ch : Sau khi cu hnh song cc bn nh apply configuration
Chn module NFS Exports chia s ti nguyn.
Chn create exports : Th mc export l : /usr/share/doc
Nu nh cc bn mun chia s ti nguyn thng qua dch v sambam th vo server:
Sau chn mc : samba windows file sharing
Tip tc chn file m bn mun chia s : tainguyen (tn ng dn truy cp): /usr/share/doc : Th mc share

Lab QTM Linux - 910266t

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Lab QTM Linux - 910266t

Uploaded by

Copyright:

Available Formats

Trng H Tn c Thng Khoa Cng ngh thng tin & Ton ng dng

LAB QUN TR H THNG MNG LINUX

Tp. H Ch Minh, 12/2008

Qun tr mng Linux

PHN 2: CC DCH V MNG............................................................................ 70

Qun tr mng Linux

QUN TR MNG LINUX CN BN

cc bn chn Skip b qu bc kim tra ca Fedora v nhn Enter

Chn ngn ng thng l English v nhn Next

La chn bn phm .V hu ht bn phm Vit nam l bn phm US.English .

y l phn dao din edit cu hnh mng :

La chn quc gia ,vng lnh th ,thnh ph .Nhn Next

Click Write changes to disk nu c hi

Ngay sau bc ny cc phn vng m bn to ra bc trn s c nh dng ci Fedora 9

Gi bn c th la chn nhng gi m bn mong mun Fedora 9 s ci t cho bn.

Khi ci t hon tt .Click Reboot khi ng li h thng ca bn

Nu bn chn m ho h thng file ca bn ri th gi l lc bn c nhc Password

Chc bn thnh cng v mong l bn yu thch Fedora 9

Tm hiu giao din Fedora 9

Mn hinh chnh ca Fedora 9 :

Chng trnh h tr ci t ng dng.

Cp nht h thng vi PakageKit

Nodoka, theme mc nh trong Fedora 9

Tng t cc bn c th cu hnh mt vi cu lnh cn bn : Ti ch a ra lnh v chc nng tham s cc bn t xem nh

cu hnh mng, chy lnh: netconfig

Ci t my in, modem, card mng

Tip theo cc bn chn New:

Sau cc bn chn tn thit b, loi thit b. y ti chon Local

Tip theo h thng hi cc bn chn Device cho my in, ti chn /dev/lp0:

Tip tc chn loi my in :

Thng tin chi tip v setup my in : o

Tip tc cc bn chn: New Printer / Devices / LPT#1 => Forward

Chn Apply hon tt ci t :

Tip tc chn : New/Modem conection => Forward

Linux s hi cc bn mun lm g vi thit b mi ny :

Nu cc bn chn Configure th h thng s yu cu cu hnh TCP/IP:

m c b g chng ta c nhiu cch, ti ch gii thiu 1 cch thi nh:

Cc thao tc trn file system

Chia Partition, s dng Cdrom, Usb

/dev/sdb (khng s dng usb na)

Trnh tin ch vi, gom file, gii nn

QUN L NGI DNG TRN LINUX

Qun l ngi dng trn giao din text

M t thng tin password ca user, chi tit nh sau :

Cc thao tc khc ln quan ti user:

Thit lp quyn ngi dng trn file

Thit lp hn ngch a cho ngi dng

Dng lnh useradd v groupadd to ngi dng v nhm ngi dng

Kim tra quota.

Cc thng tin cu hnh khc:

Cu hnh Telnet, ssh, vnc

copy file dhcp.conf.sample thnh file dhcp.conf sa cu hnh:

# vim /etc/dhcp.conf : m cu hnh

=> Vy l cc bn cu hnh thnh cng ri .

Chia s ti nguyn dng chung, my in

M t chi tit cu hnh samba:

bo mt ta khng hin th th mc home ca user lc ta tm kim trn mng:

Cu hnh Samba qua web

# rpm qa samba-awat : Kim tra ci t dch v cha

Cu hnh : o # vim /etc/xinetd.d/swat

# vim /etc/services (cc bn cn phi thay i thng tin port y na)

cu hnh cc thng s share

Cu hnh NFS qua giao din text