Linux常用服务的启动与配置(以redhat linux ES3为例)
1. TELNET服务的配置,如何加入自启动服务
linux配置telnet服务器(root下)
1. 安装telnet软件包。telnet-server-0.17-26.EL3.3.i386.rpm(安装盘2上) rpm -ivh telnet-server-0.17-26.EL3.3.i386.rpm
2. 设置telnet的启动运行
telnet server不作为独立的服务器程序运行,而是受xinetd程序的控制,启动配置文件为/etc/xinetd.d/telnet,默认xinetd程序并不启动该服务,可在chkconfig --list看出telnet是关闭的,/etc/xinetd.d/ telnet中disable=yes可通过下面的方式启动telnet:
1) chkconfig telnet on //该命令修改了/etc/xinetd.d/telnet的配置,设置disable=no
2) service xinetd restart
再次chkconfig --list看到telnet已经启动。
2. FTP服务的配置,如何加入自启动服务
linux配置ftp服务器(root下)
1. 安装ftp软件包。vsftpd-1.2.1-3E.1.rpm(安装盘2)
rpm –ivh vsftpd-1.2.1-3E.1.rpm
2. 设置ftp的启动运行
vsftpd为独立的服务器程序运行,文件为/etc/vsftpd/vsftpd.conf, 修改anonymous_enable,把YES改成NO
有时要执行 setsebool -P ftpd_disable_trans 1 如redhat5
可以通过ntsysv进行配置。
Service vsftpd restart
再次chkconfig --list看到vsftpd已经启动。
3. 远程图形界面的配置
采用vncserver
rpm ivh vnc-server-4.0-0.beta4.1.4.i386.rpm 安装vnc服务进行远程控制, 查看日志文件/root/.vnc/hostname:2.log,可以查看vnc服务的端口号。 vncpasswd设置vnc联接密码
通过配置文件/root/.vnc/xstartup配置显示模式,假设启动kde桌面 #!/bin/sh
# Uncomment the following two lines for normal desktop:
# unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &
#twm &
startkde &
先启动vncserver,然后启动vnc客户端软件。
关闭服务:vncserver -kill :number(进程号)
需要重启
4. 时钟服务的配置
date设定系统时间(date [-u] [-d datestr] [-s datestr] [--utc] [--universal]
[--date=datestr] [--set=datestr] [--help] [--version] [+FORMAT]
[MMDDhhmm[[CC]YY][.ss]])
Linux下NTP服务器的配置
? 第一步 安装软件包
安装ntp-4.1.2-4.EL3.1.i386.rpm安装包
rpm –ivh ntp-4.1.2-4.EL3.1.i386.rpm
举例,以192.168.11.5作为时钟服务器,把192.168.11-15.0网段的机器作为时钟服务的客户端,需要在服务端和客户端做如下的配置
? 第二步 时间服务器脚本配置(修改/etc/ntp.conf)
# Prohibit general access to this service.
# restrict default ignore
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.11.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.12.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.13.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.15.0 mask 255.255.255.0 notrust nomodify notrap
restrict 192.168.16.0 mask 255.255.255.0 notrust nomodify notrap
# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
# restrict mytrustedtimeserverip mask 255.255.255.255 nomodify notrap noquery # server mytrustedtimeserverip
# --- NTP MULTICASTCLIENT ---
#multicastclient # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or # another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server 127.127.1.0 # local clock
fudge 127.127.1.0 stratum 10
#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file # by creating a temporary in the same directory and then rename()'ing # it to the file.
#
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff # directory and figure out what this number should be on your machine. #
authenticate yes
#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote # systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
keys /etc/ntp/keys
? 第三步 客户端脚本配置
# Prohibit general access to this service.
restrict default ignore
restrict 192.168.11.5 mask 255.255.255.255 nomodify notrap noquery
# Permit all access over the loopback interface. This could
# be tightened as well, but to do so would effect some of
# the administrative functions.
restrict 127.0.0.1
# -- CLIENT NETWORK -------
# Permit systems on this network to synchronize with this
# time service. Do not permit those systems to modify the
# configuration of this service. Also, do not use those
# systems as peers for synchronization.
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# --- OUR TIMESERVERS -----
# or remove the default restrict line
# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
# restrict mytrustedtimeserverip mask 255.255.255.255 nomodify notrap noquery # server mytrustedtimeserverip
# --- NTP MULTICASTCLIENT ---
#multicastclient # listen on default 224.0.1.1
# restrict 224.0.1.1 mask 255.255.255.255 notrust nomodify notrap
# restrict 192.168.1.0 mask 255.255.255.0 notrust nomodify notrap
# --- GENERAL CONFIGURATION ---
#
# Undisciplined Local Clock. This is a fake driver intended for backup
# and when no outside source of synchronized time is available. The
# default stratum is usually 3, but in this case we elect to use stratum
# 0. Since the server line does not have the prefer keyword, this driver
# is never used for synchronization, unless no other other
# synchronization source is available. In case the local host is
# controlled by some external source, such as an external oscillator or
# another protocol, the prefer keyword would cause the local host to
# disregard all other synchronization sources, unless the kernel
# modifications are in use and declare an unsynchronized condition.
#
server 192.168.11.5
fudge 127.127.1.0 stratum 10
#
# Drift file. Put this in a directory which the daemon can write to.
# No symbolic links allowed, either, since the daemon updates the file # by creating a temporary in the same directory and then rename()'ing # it to the file.
#
driftfile /var/lib/ntp/drift
broadcastdelay 0.008
#
# Authentication delay. If you use, or plan to use someday, the
# authentication facility you should make the programs in the auth_stuff # directory and figure out what this number should be on your machine. #
authenticate yes
#
# Keys file. If you want to diddle your server at run time, make a
# keys file (mode 600 for sure) and define the key number to be
# used for making requests.
#
# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote # systems might be able to reset your clock at will. Note also that
# ntpd is started with a -A flag, disabling authentication, that
# will have to be removed as well.
#
keys /etc/ntp/keys
? 第四步 设置同步脚本
追加下面内容到crontab,这样,每过一个小时0分的时候就自动更新。 # crontab –e(编辑)
0 1 * * * root ntpdate [ntp server IP]
每天1点从时钟服务器更新时钟
5. 组的添加和删除
groupadd [-g gid [-o]] [-r] [-f] group
如输入以下命令
groupadd newgroup
系统将创建一个新的用户组newgroup
groupdel groupname
6. 用户的添加和删除
useradd [-u uid [-o]] [-g group] [-G group,...]
[-d home] [-s shell] [-c comment] [-m [-k template]]
[-f inactive] [-e expire ] [-p passwd] [-M] [-n] [-r] [-l] name useradd -D [-g group] [-b base] [-s shell]
[-f inactive] [-e expire ]
如输入以下命令
useradd oracle –g dba –d /oracle –p ora123
系统将创建一个用户oracle,oracle 用户组dba
home 目录/oracle 密码为ora123
userdel [-r] login
7. 附(查看服务) ntsysv
rpm -qa