◆当blogは、Linuxサーバ構築する際の実際の設定手順を個人的メモとして記載しております。LinuC試験の役に立つ情報があるかも…?
[PR]上記の広告は3ヶ月以上新規記事投稿のないブログに表示されています。新しい記事を書く事で広告が消えます。
BATファイルからパワーシェルスクリプトを実行するサンプル作りました。
※パワーシェルスクリプトをBATから呼び出す為には、
管理者権限でコマンドプロンプトを実行し、
実行ポリシーのセキュリティをRemotesignedに変更する等が必要なことに留意する
(※Windows2012の場合、Remotesignedがデフォルト値の為、変更する必要なし)
ファイル名:A.bat
@echo off
echo 実行ポリシー保存
powershell Get-ExecutionPolicy
for /f "delims=" %%a in ('powershell -Command Get-ExecutionPolicy') do @set backupPolicy=%%a
echo 実行ポリシー変更
powershell Set-ExecutionPolicy Remotesigned
powershell Get-ExecutionPolicy
echo スクリプト実行
pause
powershell %CD%\A.ps1
echo 実行ポリシー戻し
powershell -Command Set-ExecutionPolicy %backupPolicy%
powershell Get-ExecutionPolicy
pause
ローカルアカウント作成するスクリプトのサンプル作ってみました。
※パワーシェルを実行する為には色々な条件が必要な為、実際に上記スクリプトを実行する際には環境を整えてから実行してください。
ファイル名:A.ps1
# //変数格納//
$computer = $Env:ComputerName
$cdpath = (Get-Location).Path
# //text⇒CSV変換//
$csv = import-csv -path $cdpath\A.txt
# //テキスト情報の読込み//
foreach($strUser in $csv)
{
# //情報取得//
$user = $struser.user
$password = $struser.password
$description = $struser.description
$group = $struser.group
# //初期化//
Clear-Host
# //ユーザー作成//
$ObjOU = [ADSI]"WinNT://$computer"
$objUser = $objOU.Create("User", $user)
$objUser.setpassword($password)
$objUser.put("description",$description)
$objUser.UserFlags = 0x10000 #パスワードを無期限に設定
$objUser.SetInfo()
# //グループ設定//
$objGroup = [ADSI]"WinNT://$computer/$group"
$objGroup.add("WinNT://$computer/$user")
$objGroup.SetInfo()
}
【報告】
2011/12/28(水)
301取得だぜ☆
【得点】
630点
【感想】
何これ?日本語の問題?状態だった。
【その他】
302を目指す予定
【試験に役立つアドバイス】
茶本・黒本・赤本、全て読もう!
【報告】
2011/1/28(金)
201試験に合格しました☆(ヤッホー)
【得点】
590点
【感想】
運と勘を頼りに頑張ってみたら何とかなりました。
【その他】
次は202試験だな・・・(遠い目)
【試験に役立つアドバイス】
やっぱり茶本は基本なので、絶対読むことが大事です。
(ただし、基本なので応用力は実力でカバーしてくだしぁ)
[root@sentos5 ~]# nslookup www.lpi.or.jp
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: www.lpi.or.jp
Address: 202.218.212.222
[root@sentos5 ~]# nslookup
> server 192.168.0.1
Default server: 192.168.0.1
Address: 192.168.0.1#53
> www.isc.org
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: www.isc.org
Address: 149.20.64.42
> exit
[root@sentos5 ~]# host sv1.lpi.jp
sv1.lpi.jp has address 203.174.74.34
[root@sentos5 ~]# host 203.174.74.34
34.74.174.203.in-addr.arpa domain name pointer sv1.lpi.jp.
[root@sentos5 ~]# host -t mx lpi.org
lpi.org mail is handled by 10 mail.lpi.org.
[root@sentos5 ~]# host -t ns lpi.org
lpi.org name server server1.moongroup.com.
lpi.org name server ns.starnix.com.
[root@sentos5 ~]# host www.lpi.org 172.17.0.1
Using domain server:
Name: 192.168.0.1
Address: 192.168.0.1#53
Aliases:
www.lpi.org has address 24.215.7.162
[root@sentos5 ~]# dig lpi.org mx
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> lpi.org mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63305
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;lpi.org. IN MX
;; ANSWER SECTION:
lpi.org. 3600 IN MX 10 mail.lpi.org.
;; AUTHORITY SECTION:
lpi.org. 3600 IN NS server1.moongroup.com.
lpi.org. 3600 IN NS ns.starnix.com.
;; ADDITIONAL SECTION:
mail.lpi.org. 3600 IN A 24.215.7.168
ns.starnix.com. 3600 IN A 24.215.7.99
;; Query time: 1870 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Mon Jan 10 16:30:53 2011
;; MSG SIZE rcvd: 138
[root@sentos5 ~]# cat /etc/named.rfc1912.zones
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
[root@sentos5 named]# cat /etc/named.caching-nameserver.conf
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@sentos5 etc]# dig @m.root-servers.net ns > /var/named/named.ca
[root@sentos5 etc]# cat /var/named/named.ca
;; ANSWER SECTION:
. 518400 IN NS m.root-servers.net.
. 518400 IN NS c.root-servers.net.
;; ADDITIONAL SECTION:
b.root-servers.net. 3600000 IN A 192.228.79.201
c.root-servers.net. 3600000 IN A 192.33.4.12
[root@sentos5 etc]# rndc status
number of zones: 6
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
[root@sentos5 etc]# cat /var/named/named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
[root@sentos5 etc]# dig @localhost version.bind chaos txt
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2"
[root@sentos5 etc]# ps -f -C named
UID PID PPID C STIME TTY TIME CMD
named 2495 1 0 15:26 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot
[root@sentos5 etc]# dnssec-keygen -a RSA -b 1024 -n ZONE example.net.
[root@sentos5 etc]# dnssec-keygen -a RSA -b 4096 -n ZONE example.net.
[root@sentos5 etc]# dnssec-signzone -k Kexample.net.+005+28778.key example.net
[root@sentos5 etc]# dig +dnssec @localhost smtp.exaple.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> +dnssec @localhost smtp.exaple.com
[root@A]# tar -cvzf software.tar.gz software
software
[root@A]# tar -cvjf software.tar.bz2 software
software
[root@A]# gzip -dc software.tar.gz | tar xvf -
software
[root@A]# bzip2 -dc software.tar.bz2 | tar xvf -
software
/// Makefile作成~コンパイル~インストールの手順 ///
[user@A]# ./configure
[user@A]# make
[user@A]$ su
パスワード:
[root@sentos5 user]#make install
/// Makefile作成~コンパイル~インストールの手順 ///
[root@A]# ls -ld /usr/local/bin
drwxr-xr-x 2 root root 4096 3月 10 2009 /usr/local/bin
[root@A]# ls -ld /usr/local/sbin
drwxr-xr-x 2 root root 4096 3月 10 2009 /usr/local/sbin
/// バックアップ予備知識 ///
完全「full」
差分「incremental」
増分「differential」
/// バックアップ予備知識 ///
/// バックアップ媒体 ///
追記不可:「DVD-R,DVD-R DL」
追記可能:「DVD-RW,DVD-RAM,DVD+R,DVD+R DL,DVD+RW」
容量:4.7~8.54GB
「DDS4」 40GB
「DLT-320」 320GB
「LTO」 800GB
/// バックアップ媒体 ///
/// バックアップ方法 ///
「AMANDA,Bacura」ネットワーク経由バックアップツール
「NAS」でネットワーク接続バックアップ
「SAN」ファイバーチャネルのストレージ専用ネットワーク
「tar,cpio,dd,dump,restore」バックアップコマンド
/// バックアップ方法 ///
[root@A]# tar cjvf /tmp/home.tar.bz2 /home/user
tar: メンバ名から先頭の `/' を取り除きます
/home/user/
/home/user/.gnome/
[root@A]# tar tjf /tmp/home.tar.bz2
home/user/
home/user/.gnome/
[root@A]# tar vjf /tmp/home.tar.bz2 --delete readtest.sh
アボートしました
[root@sentos5 /]# tar xjf /tmp/home.tar.bz2
[root@sentos5 /]# tar xvf /dev/st0 var/log/secure
[root@sentos5 testuser]# ls | cpio -o > /tmp/backup
1 block
[root@sentos5 testuser]# dd if=/dev/sr0 /of=/tmp/cdrom.iso
[root@sentos5 testuser]# dump 0uf /dev/nst0 /dev/sda2
DUMP: Date of this level 0 dump: Sat Jan 8 17:13:14 2011
DUMP: Dumping /dev/sda2 (an unlisted file system) to /dev/nst0
/dev/sda2: Bad magic number in super-block while opening filesystem
DUMP: The ENTIRE dump is aborted.
[root@sentos5 testuser]# cat /etc/dumpdates
/dev/mapper/VolGroup00-LogVol02 0 Wed Jun 2 00:50:26 2010 +0900
[root@sentos5 testuser]# restore rf /dev/st0
[root@sentos5 testuser]# rsync -auv --delete dir /backup
building file list ... rsync: link_stat "/root/home/testuser/dir" failed: No such file or directory (2)
done
sent 29 bytes received 20 bytes 98.00 bytes/sec
total size is 0 speedup is 0.00
[root@A]# dmesg | grep eth
eth0: registered as PCnet/PCI II 79C970A
eth0: link up
eth0: no IPv6 routers present
[root@A]# lspci
02:01.0 Ethernet controller: Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE] (rev 10)
[root@A]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C9:99:4C
inet addr:192.168.0.55 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec9:994c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3702 errors:0 dropped:0 overruns:0 frame:0
TX packets:2489 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:360938 (352.4 KiB) TX bytes:301017 (293.9 KiB)
Interrupt:75 Base address:0x2000
[root@A]# ifconfig eth0:0 192.168.0.56 netmask 255.255.255.0 up
[root@A]# ifconfig eth0:0
eth0:0 Link encap:Ethernet HWaddr 00:0C:29:C9:99:4C
inet addr:192.168.0.56 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:75 Base address:0x2000
[root@A]# arp
Address HWtype HWaddress Flags Mask Iface
192.168.0.21 ether E0:CB:4E:11:FC:EC C eth0
buffalo.setup ether 00:0D:0B:B6:0A:B6 C eth0
[root@A]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.0.21 ether E0:CB:4E:11:FC:EC C eth0
192.168.0.1 ether 00:0D:0B:B6:0A:B6 C eth0
[root@A]# traceroute sentos5
traceroute to sentos5 (127.0.0.1), 30 hops max, 40 byte packets
1 sentos5.localdomain (127.0.0.1) 0.019 ms 0.011 ms 0.009 ms
[root@A]# traceroute -n sentos5
traceroute to sentos5 (127.0.0.1), 30 hops max, 40 byte packets
1 127.0.0.1 0.018 ms 0.009 ms 0.013 ms
[root@A]# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:50:53.721877 IP 192.168.0.55.ssh > 192.168.0.21.52146: P 2187861119:2187861235(116) ack 2768986704 win 7504
22:50:53.722047 IP 192.168.0.55.ssh > 192.168.0.21.52146: P 116:232(116) ack 1 win 7504
[root@A]# tcpdump -nli eth0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:52:56.040693 IP 192.168.0.21.53094 > 192.168.0.1.domain: 17340+ A? www.nicovideo.jp. (34)
22:52:56.073466 IP 192.168.0.1.domain > 192.168.0.21.53094: 17340 1/2/1 A 202.248.110.243 (116)
[root@A]# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 sentos5.localdomain:2208 *:* LISTEN
tcp 0 0 *:nfs *:* LISTEN
[root@A]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 8091 0 0 0 8978 0 0 0 BMRU
lo 16436 0 3180 0 0 0 3180 0 0 0 LRU
[root@A]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 buffalo.setup 255.255.255.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default buffalo.setup 0.0.0.0 UG 0 0 0 eth0
[root@A]# nc 192.168.0.55 25
220 sentos5.localdomain ESMTP Postfix
[root@A]# nc -vz 192.168.0.55 1-1000
nc: connect to 192.168.0.55 port 1 (tcp) failed: Connection refused
nc: connect to 192.168.0.55 port 2 (tcp) failed: Connection refused
[root@A]# nc -vzu 192.168.0.55 1-1000
Connection to 192.168.0.55 111 port [udp/sunrpc] succeeded!
Connection to 192.168.0.55 161 port [udp/snmp] succeeded!
[root@A]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
[root@A]# route add default gw 192.168.0.1
[root@A]# route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1
[root@A]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 buffalo.setup 255.255.255.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default buffalo.setup 0.0.0.0 UG 0 0 0 eth0
[root@A]# ip route show
192.168.0.0/24 via 192.168.0.1 dev eth0
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.55
default via 192.168.0.1 dev eth0
[root@A]# iwconfig
lo no wireless extensions.
eth0 no wireless extensions.
sit0 no wireless extensions.
[root@A]# iwconfig wlan0
wlan0 No such device
[root@A]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 sentos5.localdomain sentos5 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
[root@A]# cat /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files ldap dns
[root@A]# cat /etc/resolv.conf
nameserver 192.168.0.1
[root@A]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=sentos5.localdomain
[root@A]# ls -l /etc/sysconfig/network-scripts/*
-rw-r--r-- 3 root root 193 羌 2010 /etc/sysconfig/network-scripts/ifcfg-eth0
[root@A]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
HWADDR=00:0c:29:c9:99:4c
NETMASK=255.255.255.0
IPADDR=192.168.0.55
GATEWAY=192.168.0.1
TYPE=Ethernet
[root@A]# cat /etc/hosts.allow
[root@A]# cat /etc/hosts.deny
[root@A]# tracepath 192.168.0.55
1: 192.168.0.55 (192.168.0.55) 0.079ms pmtu 16436
1: 192.168.0.55 (192.168.0.55) 0.021ms reached
Resume: pmtu 16436 hops 1 back 1
[root@A]# cat /etc/issue
CentOS release 5.3 (Final)
Kernel \r on an \m
[root@A]# cat /etc/issue.net
CentOS release 5.3 (Final)
Kernel \r on an \m
[root@A]# cat /etc/motd
[root@A]# wall "Test Message !"
Broadcast message from root (pts/2) (Wed Jan 5 23:28:43 2011):
Test Message !
[root@A]# shutdown -k now "Test Message!!!"
Broadcast message from root (pts/2) (Wed Jan 5 23:29:23 2011):
Test Message!!!
The system is going down to maintenance mode NOW!
Shutdown cancelled.