◆当blogは、Linuxサーバ構築する際の実際の設定手順を個人的メモとして記載しております。LinuC試験の役に立つ情報があるかも…?
[PR]上記の広告は3ヶ月以上新規記事投稿のないブログに表示されています。新しい記事を書く事で広告が消えます。
[root@A]# fdisk -l /dev/sda
Disk /dev/sda: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = シリンダ数 of 16065 * 512 = 8225280 bytes
デバイス Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 1044 8281507+ 8e Linux LVM
[root@A]# cat /proc/mdstat
Personalities :
unused devices: <none>
[root@A]# lvscan
/dev/cdrom: read failed after 0 of 2048 at 0: 入力/出力エラーです
ACTIVE '/dev/VolGroup00/LogVol00' [4.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol03' [1.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol02' [1.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol01' [1.00 GB] inherit
[root@A]# df -T
Filesystem Type 1K-ブロック 使用 使用可 使用% マウント位置
/dev/mapper/VolGroup00-LogVol00
ext3 4062912 3460740 392460 90% /
/dev/mapper/VolGroup00-LogVol03
ext3 1015704 88808 874468 10% /tmp
/dev/mapper/VolGroup00-LogVol02
ext3 1015704 274912 688364 29% /var
/dev/sda1 ext3 101086 12074 83793 13% /boot
tmpfs tmpfs 257720 0 257720 0% /dev/shm
/dev/mapper/VolGroup00-LogVol02
ext3 1015704 274912 688364 29% /mnt
[root@A]# ls -l /dev/mapper/VolGroup00-LogVol0*
brw-rw---- 1 root disk 253, 0 1月 5 21:15 /dev/mapper/VolGroup00-LogVol00
brw-rw---- 1 root disk 253, 3 1月 5 21:15 /dev/mapper/VolGroup00-LogVol01
brw-rw---- 1 root disk 253, 2 1月 5 21:15 /dev/mapper/VolGroup00-LogVol02
brw-rw---- 1 root disk 253, 1 1月 5 21:15 /dev/mapper/VolGroup00-LogVol03
[root@A]# pvdisplay /dev/sda2
/dev/cdrom: read failed after 0 of 2048 at 0: 入力/出力エラーです
--- Physical volume ---
PV Name /dev/sda2
VG Name VolGroup00
PV Size 7.90 GB / not usable 23.41 MB
Allocatable yes
PE Size (KByte) 32768
Total PE 252
Free PE 28
Allocated PE 224
PV UUID NZOvJm-9UF6-sXaW-y1Fd-1pJ0-fpzW-OVk750
[root@A]# pvscan
/dev/cdrom: open failed: 読み込み専用ファイルシステムです
Attempt to close device '/dev/cdrom' which is not open.
PV /dev/sda2 VG VolGroup00 lvm2 [7.88 GB / 896.00 MB free]
Total: 1 [7.88 GB] / in use: 1 [7.88 GB] / in no VG: 0 [0 ]
[root@A]# vgdisplay
--- Volume group ---
VG Name VolGroup00
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 5
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 4
Open LV 4
Max PV 0
Cur PV 1
Act PV 1
VG Size 7.88 GB
PE Size 32.00 MB
Total PE 252
Alloc PE / Size 224 / 7.00 GB
Free PE / Size 28 / 896.00 MB
VG UUID V9Kj8z-YYNg-1nxg-WqfE-0c9v-kDrM-HlQ2Rs
[root@A]# lvdisplay /dev/VolGroup00/LogVol02
--- Logical volume ---
LV Name /dev/VolGroup00/LogVol02
VG Name VolGroup00
LV UUID JTByn9-eKq8-61Kj-f8Y0-aggW-gX1x-fo4XQa
LV Write Access read/write
LV Status available
# open 1
LV Size 1.00 GB
Current LE 32
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:2
[root@A]# pvs
PV VG Fmt Attr PSize PFree
/dev/sda2 VolGroup00 lvm2 a- 7.88G 896.00M
[root@A]# vgs
VG #PV #LV #SN Attr VSize VFree
VolGroup00 1 4 0 wz--n- 7.88G 896.00M
[root@A]# lvs
LV VG Attr LSize Origin Snap% Move Log Copy% Convert
LogVol00 VolGroup00 -wi-ao 4.00G
LogVol01 VolGroup00 -wi-ao 1.00G
LogVol02 VolGroup00 -wi-ao 1.00G
LogVol03 VolGroup00 -wi-ao 1.00G
[root@A]# hdparm /dev/sda
/dev/sda:
readonly = 0 (off)
readahead = 256 (on)
geometry = 1044/255/63, sectors = 16777216, start = 0
[root@A]# hdparm -tT /dev/sda
/dev/sda:
Timing cached reads: 30276 MB in 2.00 seconds = 15175.83 MB/sec
Timing buffered disk reads: 74 MB in 3.09 seconds = 23.98 MB/sec
[root@A]# cat /etc/fstab
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1
/dev/VolGroup00/LogVol03 /tmp ext3 defaults 1 2
/dev/VolGroup00/LogVol02 /var ext3 defaults,usrquota,grpquota 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
[root@A]# cat /proc/filesystems
nodev sysfs
nodev rootfs
nodev bdev
nodev proc
[root@A]# cat /etc/mtab
/dev/mapper/VolGroup00-LogVol00 / ext3 rw 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
[root@A]# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / ext3 rw,data=ordered 0 0
/dev /dev tmpfs rw 0 0
[root@A]# mount
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
[root@A]# sync
[root@A]# dd if=/dev/zero of=/tmp/swapfile bs=1M count=50
50+0 records in
50+0 records out
52428800 bytes (52 MB) copied, 0.117411 seconds, 447 MB/s
[root@A]# mkswap /tmp/swapfile
Setting up swapspace version 1, size = 52424 kB
[root@A]# swapon /tmp/swapfile
[root@A]# swapon -s
Filename Type Size Used Priority
/dev/mapper/VolGroup00-LogVol01 partition 1048568 0 -1
/tmp/swapfile file 51192 0 -2
[root@A]# cat /proc/swaps
Filename Type Size Used Priority
/dev/mapper/VolGroup00-LogVol01 partition 1048568 0 -1
/tmp/swapfile file 51192 0 -2
[root@A]# cdrecord -scanbus
Cdrecord-Clone 2.01 (cpu-pc-linux-gnu) Copyright (C) 1995-2004 Jg Schilling
Note: This version is an unofficial (modified) version with DVD support
Note: and therefore may have bugs that are not present in the original.
Note: Please send bug reports or support requests to http://bugzilla.redhat.com/bugzilla
Note: The author of cdrecord should not be bothered with problems in this version.
cdrecord: Invalid or incomplete multibyte or wide character. Cannot open SCSI driver.
cdrecord: For possible targets try 'cdrecord -scanbus'.
cdrecord: For possible transport specifiers try 'cdrecord dev=help'.
[root@A]# dumpe2fs /dev/sda1 | more
Inode count: 26104
Block count: 104388
Reserved block count: 5219
Free blocks: 89012
Free inodes: 26070
First block: 1
Block size: 1024
Group 1: (Blocks 8193-16384)
Backup superblock at 8193, Group descriptors at 8194-8194
[root@A]# fsck.ext3
Emergency help:
-p Automatic repair (no questions)
-n Make no changes to the filesystem
-y Assume "yes" to all questions
-c Check for bad blocks and add them to the badblock list
-f Force checking even if filesystem is marked clean
-v Be verbose
-b superblock Use alternative superblock
-B blocksize Force blocksize when looking for superblock
-j external_journal Set location of the external journal
-l bad_blocks_file Add to badblocks list
-L bad_blocks_file Set badblocks list
[root@A]# e2fsck
Emergency help:
-p Automatic repair (no questions)
-n Make no changes to the filesystem
-y Assume "yes" to all questions
-c Check for bad blocks and add them to the badblock list
-f Force checking even if filesystem is marked clean
-v Be verbose
-b superblock Use alternative superblock
-B blocksize Force blocksize when looking for superblock
-j external_journal Set location of the external journal
-l bad_blocks_file Add to badblocks list
-L bad_blocks_file Set badblocks list
[root@A]# tune2fs -l /dev/sda1
Inode count: 26104
Block count: 104388
Reserved block count: 5219
Free blocks: 89012
Free inodes: 26070
First block: 1
Block size: 1024
[root@A]# badblocks /dev/sda1
[root@A]# debugfs /dev/sda1
debugfs 1.39 (29-May-2006)
debugfs: ls
2 (12) . 2 (12) .. 11 (20) lost+found 16065 (36) grub
12 (16) message 17 (44) initrd-2.6.18-128.el5.img
13 (36) System.map-2.6.18-128.el5 14 (32) config-2.6.18-128.el5
15 (36) symvers-2.6.18-128.el5.gz 16 (780) vmlinuz-2.6.18-128.el5
debugfs: quit
[root@A]# cat /etc/auto.master
/misc /etc/auto.misc
[root@A]# /etc/init.d/autofs restart
automount を停止中: [ OK ]
automount を起動中: [ OK ]
[root@A]# ls -l /etc/auto.*
-rw-r--r-- 1 root root 717 1月 21 2009 /etc/auto.master
-rw-r--r-- 1 root root 581 1月 21 2009 /etc/auto.misc
-rwxr-xr-x 1 root root 1292 1月 21 2009 /etc/auto.net
-rwxr-xr-x 1 root root 715 1月 21 2009 /etc/auto.smb
[root@A]# cat /etc/auto.master
/misc /etc/auto.misc
[root@A]# cat /etc/auto.misc
cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
[root@A]# ls -l /dev/sda{,1,2}
brw-r----- 1 root disk 8, 0 1月 5 16:42 /dev/sda
brw-r----- 1 root disk 8, 1 1月 5 16:42 /dev/sda1
brw-r----- 1 root disk 8, 2 1月 5 16:42 /dev/sda2
[root@A]# ls -l /dev/{ttyS0,input/mice,lp0}
crw------- 1 root root 13, 63 1月 5 16:42 /dev/input/mice
crw-rw---- 1 root lp 6, 0 1月 5 16:42 /dev/lp0
crw-rw---- 1 root uucp 4, 64 1月 5 16:41 /dev/ttyS0
[root@A]# cat /proc/devices
Character devices:
1 mem
4 ttyS
5 /dev/tty
5 /dev/console
6 lp
10 misc
180 usb
189 usb_device
Block devices:
1 ramdisk
2 fd
8 sd
9 md
[root@A]# ls /etc/udev/rules.d
05-udev-early.rules 51-hotplug.rules 60-pcmcia.rules
61-uinput-stddev.rules 90-alsa.rules 95-pam-console.rules
40-multipath.rules 60-libsane.rules 60-raw.rules
[root@A]# cat /etc/udev/rules.d/50-udev.rules
KERNEL=="tty", NAME="%k", GROUP="tty", MODE="0666", OPTIONS="last_rule"
[root@A]# udevinfo -q path -n /dev/sda1
/block/sda/sda1
root@A]# udevinfo -q env -n /dev/sda1
ID_VENDOR=VMware,
ID_MODEL=VMware_Virtual_S
ID_REVISION=1.0
[root@A]# dmesg | more
Linux version 2.6.18-128.el5 (mockbuild@builder16.centos.org) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-44)) #1 SMP Wed
Jan 21 10:44:23 EST 2009
[root@A]# cat /etc/inittab
id:5:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
[root@A]# ls /etc/rc3.d
K01dnsmasq K35dovecot K88wpa_supplicant S08iptables
S19rpcgssd S50snmpd S90xfs K02NetworkManager
K35smb K89dund S08mcstrans S22messagebus
[root@A]# ls -l /etc/rc3.d/S85httpd
lrwxrwxrwx 1 root root 15 羈0 2010 /etc/rc3.d/S85httpd -> ../init.d/httpd
[root@A]# /etc/init.d/httpd start
httpd を起動中: [ OK ]
[root@A]# chkconfig --list httpd
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@A]# chkconfig httpd off
[root@A]# chkconfig httpd on
[root@A]# chkconfig --level 235 httpd on
[root@A]# ntsysv
[root@A]# cat /boot/grub/menu.lst
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-128.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-128.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet
initrd /initrd-2.6.18-128.el5.img
[root@A]# grub
Probing devices to guess BIOS drives. This may take a long time.
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]
grub> displaymem
EISA Memory BIOS Interface is present
Address Map BIOS Interface is present
Lower memory: 640K, Upper memory (to first chipset hole): 3072K
[Address Range Descriptor entries immediately follow (values are 64-bit)]
Usable RAM: Base Address: 0x0 X 4GB + 0x0,
Length: 0x0 X 4GB + 0xa0000 bytes
Reserved: Base Address: 0x0 X 4GB + 0xa0000,
Length: 0x0 X 4GB + 0x60000 bytes
Usable RAM: Base Address: 0x0 X 4GB + 0x100000,
Length: 0x0 X 4GB + 0x300000 bytes
grub> quit
[root@A]# cat /etc/lilo.conf
[root@A]# /sbin/lilo
[root@A]# cat /proc/cmdline
ro root=/dev/VolGroup00/LogVol00 rhgb quiet
[root@A]# uname -a
Linux sentos5.localdomain 2.6.18-128.el5 #1 SMP Wed Jan 21 10:44:23 EST 2009 i686 i686 i386 GNU/Linux
[root@A]# uname -r
2.6.18-128.el5
[root@A]# uname -m
i686
[root@A]# cat /proc/version
Linux version 2.6.18-128.el5 (mockbuild@builder16.centos.org) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-44)) #1 SMP Wed Jan 21 10:44:23 EST 2009
[root@A]# head -4 /usr/src/linux/Makefile
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL =18
EXTRAVERSION = -128.el5
[root@A]# ls /boot/vmlinuz*
/boot/vmlinuz-2.6.18-128.el5
[root@A]# ls -ld /lib/modules/2.6.18-128.el5/kernel/*
drwxr-xr-x 3 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/arch
drwxr-xr-x 39 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/drivers
drwxr-xr-x 30 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/fs
drwxr-xr-x 2 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/kernel
drwxr-xr-x 4 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/lib
drwxr-xr-x 21 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/net
[root@A]# lsmod
Module Size Used by
nfsd 202097 17
exportfs 9665 1 nfsd
lockd 61257 2 nfsd
nfs_acl 7617 1 nfsd
[root@A]# cat /proc/modules
nfsd 202097 17 - Live 0xe0c3a000
exportfs 9665 1 nfsd, Live 0xe0b72000
lockd 61257 2 nfsd, Live 0xe0bf7000
nfs_acl 7617 1 nfsd, Live 0xe0b6f000
auth_rpcgss 43105 1 nfsd, Live 0xe0bd7000
[root@A]# modinfo ext3
filename: /lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
license: GPL
description: Second Extended Filesystem with journaling extensions
author: Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
[root@A]# modinfo -n ext3
/lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
[root@A]# modinfo -l ext3
GPL
[root@A]# modinfo -d ext3
Second Extended Filesystem with journaling extensions
[root@A]# modinfo -a ext3
Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
[root@A]# insmod /lib/modules/2.6.18-128.el5/kernel/fs/ext2/ext2.ko
[root@A]# modprobe -c
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias eth0 pcnet32
[root@A]# modprobe -lt fs
/lib/modules/2.6.18-128.el5/kernel/fs/autofs4/autofs4.ko
/lib/modules/2.6.18-128.el5/kernel/fs/cachefiles/cachefiles.ko
/lib/modules/2.6.18-128.el5/kernel/fs/cifs/cifs.ko
[root@A]# modprobe --show-depends ext3
insmod /lib/modules/2.6.18-128.el5/kernel/fs/jbd/jbd.ko
insmod /lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
[root@A]# ls /lib/modules/2.6.18-128.el5/modules.dep
/lib/modules/2.6.18-128.el5/modules.dep
[root@A]# cat /etc/modprobe.conf
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias eth0 pcnet32
[root@A]# ls -l /etc/modprobe.d/*
-rw-r--r-- 1 root root 810 羚 2009 /etc/modprobe.d/blacklist
-rw-r--r-- 1 root root 83 羃2 2009 /etc/modprobe.d/blacklist-firewire
-rw-r--r-- 1 root root 6111 羃1 2009 /etc/modprobe.d/modprobe.conf.dist
[root@A]# cat /etc/modprobe.d/modprobe.conf.dist
alias usb-uhci uhci-hcd
alias usb-ohci ohci-hcd
install scsi_hostadapter /bin/true
install usbmouse /sbin/modprobe --first-time --ignore-install usbmouse && { /sbin/modprobe hid; /bin/true; }
remove usbmouse { /sbin/modprobe -r hid; } ; /sbin/modprobe -r --first-time --ignore-remove usbmouse
remove nfsd { /bin/umount /proc/fs/nfsd > /dev/null 2>&1 || :; } ; /sbin/modprobe -r --first-time --ignore-remove nfsd
[root@A]# ls -ld /proc/sys/kernel/*
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/ctrl-alt-del
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/domainname
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/hostname
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/hotplug
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/modprobe
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/osrelease
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/ostype
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/sem
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmall
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmmax
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmmni
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/sysrq
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/tainted
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/threads-max
[root@A]# ls -ld /proc/sys/fs/*
-rw-r--r-- 1 root root 0 羌 17:29 /proc/sys/fs/file-max
-r--r--r-- 1 root root 0 羌 17:29 /proc/sys/fs/file-nr
[root@A]# ls -ld /proc/sys/net/*
dr-xr-xr-x 6 root root 0 羌 17:30 /proc/sys/net/ipv4
dr-xr-xr-x 6 root root 0 羌 17:30 /proc/sys/net/ipv6
[root@A]# ls -ld /proc/sys/net/ipv4/*
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/ip_forward
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/icmp_echo_ignore_all
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
[root@A]# cat /etc/sysctl.conf
net.ipv4.ip_forward = 0
[root@A]# cat /etc/rc.local
net.ipv4.ip_forward = 0
[root@A]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
[root@A]# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@A]# sysctl -a
sunrpc.max_resvport = 1023
sunrpc.min_resvport = 665
sunrpc.tcp_slot_table_entries = 16
[root]# cd /etc/httpd/conf ←設定ディレクトリへ移動
[root]# openssl genrsa -des 1024 > server.key ←プライベート鍵作成
Generating RSA private key, 1024 bit long modulus
.++++++
..........++++++
e is 65537 (0x10001)
Enter pass phrase: ←パスフレーズ入力
Verifying - Enter pass phrase: ←再度パスフレーズ入力
[root]# openssl rsa -in server.key -out server.key ←パスフレーズ問い合わせ除去
Enter pass phrase for server.key: ←設定済みのパスフレーズ入力
writing RSA key
[root]# openssl req -new -days 365 -key server.key -out server.csr ←サイト証明書発行要求を作成
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:JP ←国名
State or Province Name (full name) [Berkshire]:KANAGAWA ←都道府県
Locality Name (eg, city) [Newbury]:HUJISAWA ←市区町村
Organization Name (eg, company) [My Company Ltd]:A ←会社名
Organizational Unit Name (eg, section) []:B ←部署名
Common Name (eg, your name or your server's hostname) []:www.example.com ←サーバ名
Email Address []:apache@example.com ←管理者のメールアドレス
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: ←チャレンジパスワードは設定不要
An optional company name []: ←追加の会社名は設定不要
[root]# openssl x509 -days 365 -in server.csr -out server.crt -req -signkey server.key ←サイト証明書を作成
Signature ok
subject=/C=JP/ST=KANAGAWA/L=HUJISAWA/O=A/OU=B/CN=www.example.com/emailAddress=apache@example.com
Getting Private key
[root]# chmod 0600 server.* ←所有者のみ読み書き可能
[root]# mv server.key /etc/httpd/conf/ssl.key/ ←サーバ鍵を格納
[root]# mv server.csr /etc/httpd/conf/ssl.csr/ ←サイト証明書発行要求を格納
[root]# mv server.crt /etc/httpd/conf/ssl.crt/ ←サイト証明書を格納
[root]# vi /etc/httpd/conf/httpd.conf ←httpd設定ファイル
■以下のように編集↓■
ServerName www.example.com:80
■以下の行追加↓■
<Directory "/var/www/shtml">
AllowOverride None
Order Allow,Deny
Allow from 192.168.0.0/24
AuthType Basic
AuthName "Secure Page"
AuthUserFile /etc/httpd/conf/passwd
Require valid-user
</Directory>
[root]# vi /etc/httpd/conf.d/ssl.conf ←SSL設定
■以下のように編集↓■
DocumentRoot "/var/www/shtml"
ServerName www.example.com:443
ServerAdmin apache@example.com
[root]# htpasswd -c passwd reverie ←パスワード設定
New password: ←パスワード入力
Re-type new password: ←再度パスワード入力
Adding password for user reverie
[root]# chown -R apache * ←所有者をapacheにする
[root]# mkdir /var/www/shtml ←ディレクトリ作成
[root]# chown apache /var/www/shtml ←所有者をapacheにする
[root]# vi /var/www/shtml/secure.shtml ←テストページ作成
■適当にテスト用shtml作成■
<HTML><HEAD><TITLE>SSL TEST</TITLE></HEAD>
<BODY>SSL TEST PAGE!!!</BODY></HTML>
[root]# chmod 0600 * ←所有者のみ読み書き可能
[root]# chown apache * ←所有者をapacheにする
[root]# /etc/rc.d/init.d/httpd restart
httpdを停止中: [ OK ]
httpdを起動中: [ OK ]
←Windowsからhttps://www.example.com/secure.shtmlにアクセス
[root]# tail /var/log/httpd/ssl_access_log ←SSLアクセスログを確認
win50.example.com - - [11/Dec/2010:19:08:14 +0900] "GET /secure.shtml HTTP/1.1" 401 1304
win50.example.com - reverie [11/Dec/2010:19:08:23 +0900] "GET /secure.shtml HTTP/1.1" 200 86
[root]# vi /etc/ssh/sshd_config ←SSHサーバ設定ファイル
■該当箇所を以下のように編集↓■
PasswordAuthentication no
AllowUsers reverie
[root]# su - reverie ←ユーザ切替
[reverie]$ ssh-keygen -t rsa1 ←SSHの鍵を作成
Generating public/private rsa1 key pair.
Enter file in which to save the key (/home/reverie/.ssh/identity):
Created directory '/home/reverie/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/reverie/.ssh/identity.
Your public key has been saved in /home/reverie/.ssh/identity.pub.
The key fingerprint is:
23:46:16:33:65:37:88:94:b4:f7:33:a0:5d:b5:4e:ad reverie@reverie.example.com
[reverie]$ cd /home/reverie/.ssh ←共通鍵の格納場所へ移動
[reverie]$ ls -al
合計 16
drwx------ 2 reverie reverie 4096 11月 29 14:22 .
drwx------ 11 reverie 500 4096 11月 29 14:21 ..
-rw------- 1 reverie reverie 542 11月 29 14:22 identity
-rw-r--r-- 1 reverie reverie 346 11月 29 14:22 identity.pub
[reverie]$ cat identity.pub >> authorized_keys ←サーバに渡す公開鍵
[reverie]$ chmod 0600 * ←所有者のみ読み書き可能
[reverie]$ ls -al
合計 20
drwx------ 2 reverie reverie 4096 11月 29 14:25 .
drwx------ 11 reverie 500 4096 11月 29 14:21 ..
-rw------- 1 reverie reverie 346 11月 29 14:25 authorized_keys
-rw------- 1 reverie reverie 542 11月 29 14:22 identity
-rw------- 1 reverie reverie 346 11月 29 14:22 identity.pub
[reverie]$ smbclient '\\win50\LINUX' -I 192.168.0.50 -U Administrator ←クライアントへ接続
params.c:OpenConfFile() - Unable to open configuration file "/etc/samba/smb.conf":
Permission denied
Can't load /etc/samba/smb.conf - run testparm to debug it
added interface ip=192.168.0.99 bcast=192.168.0.255 nmask=255.255.255.0
Password: ←パスワード入力
Domain=[EXAMPLE.COM] OS=[Windows 5.0] Server=[Windows 2000 LAN Manager]
smb: \> put identity ←クライアント側に秘密鍵を渡す
putting file identity as \identity (13.2 kb/s) (average 13.2 kb/s)
smb: \> quit ←smbclient終了
[reverie]$exit ←rootへ戻る
←WindowsクライアントからSSH接続する
[root]# tail /var/log/secure
Nov 23 14:04:06 reverie sshd[1042]: Server listening on 0.0.0.0 port 22.
Nov 23 14:27:57 reverie sshd[1345]: Accepted password for reverie from 192.168.0.21 port 57414 ssh2
Nov 23 15:32:10 reverie sshd[1347]: Received disconnect from 192.168.0.21: 2: disconnected by server request
Nov 23 15:32:11 reverie sshd[1042]: Received signal 15; terminating.
Nov 29 13:17:26 reverie sshd[1042]: Server listening on 0.0.0.0 port 22.
Nov 29 13:19:58 reverie sshd[1344]: Accepted password for reverie from 192.168.0.21 port 56761
Nov 29 13:22:39 reverie useradd[1416]: new user: name=testuser, uid=501, gid=501, home=/home/testuser, shell=/bin/bash
Nov 29 13:32:50 reverie sudo: testuser : command not allowed ; TTY=pts/0 ; PWD=/home/testuser ; USER=root ; COMMAND=/bin/more /etc/sudoers
Nov 29 13:33:39 reverie sudo: reverie : TTY=pts/0 ; PWD=/home/reverie ; USER=root ; COMMAND=/bin/more /etc/sudoers
Nov 29 14:37:59 reverie sshd[8082]: Accepted rsa for reverie from 192.168.0.50 port 3009
[root]# vi /etc/xinetd.conf←設定ファイル
■以下のように編集↓■
defaults
{
instances = 60
log_type = FILE /var/log/service.log←ログの出力先を指定
log_on_success = HOST PID EXIT DURATION
log_on_failure = HOST ATTEMPT
only_from = 192.168.0.0/24 127.0.0.1←ローカル、ループバック
no_access = 192.168.0.1←ルータのアドレス
cps = 25 30
}
includedir /etc/xinetd.d
[root]# touch /var/log/service.log←ログ用ファイル作成
[root]# chmod 0600 /etc/xinetd.conf←権限変更
[root]# ls -al /etc/xinetd.conf
ls -al /etc/xinetd.conf
-rw------- 1 root root 386 11月 23 14:37 /etc/xinetd.conf
[root]# vi /etc/xinetd.d/telnet←telnetをxinetd経由で起動する設定
■以下の箇所をコメント化↓■
# disable = yes
[root]# /etc/rc.d/init.d/xinetd restart←再起動
xinetdを停止中: [ OK ]
xinetdを起動中: [ OK ]
root]# tail /var/log/messages
Nov 23 14:04:23 reverie anacron: anacron startup succeeded
Nov 23 14:04:23 reverie atd: atd startup succeeded
Nov 23 14:04:28 reverie kernel: mice: PS/2 mouse device common for all mice
Nov 23 14:27:57 reverie sshd(pam_unix)[1347]: session opened for user reverie by (uid=500)
Nov 23 14:28:01 reverie 11月 23 14:28:01 su(pam_unix)[1377]: session opened for user root by reverie(uid=500)
Nov 23 14:51:50 reverie xinetd[1056]: Exiting...
Nov 23 14:51:50 reverie 11月 23 14:51:50 xinetd: xinetd停止 succeeded
Nov 23 14:51:51 reverie xinetd[1487]: xinetd Version 2.3.11 started with libwrap loadavg options compiled in.
Nov 23 14:51:51 reverie xinetd[1487]: Started working: 3 available services
Nov 23 14:51:53 reverie xinetd: ・ 鰯ucceeded
←Windowsクライアントからtelnetでログイン
[root]# tail /var/log/service.log
10/11/23@14:54:13: START: telnet pid=1491 from=192.168.0.50
10/11/23@14:54:58: EXIT: telnet status=0 pid=1491 duration=45(sec)
[root]# ls -l /etc/vsftpd*
-rw------- 1 root root 125 3月 1 2003 /etc/vsftpd.ftpusers←ftp禁止ユーザ一覧
-rw------- 1 root root 361 3月 1 2003 /etc/vsftpd.user_list←vsftpd禁止ユーザ一覧
/etc/vsftpd:
合計 4
-rw------- 1 root root 3854 3月 1 2003 vsftpd.conf
[root]# cp -p /usr/share/doc/vsftpd-1.1.3/vsftpd.xinetd /etc/xinetd.d/vsftpd←xinetd用にvsftpdをコピー
[root]# vi /etc/xinetd.d/vsftpd←vsftpdをxinetd経由で起動する設定
■以下のように編集↓■
server_args = /etc/vsftpd/vsftpd.conf←vsftpd設定ファイルを引数に設定
access_times = 00:00-23:59←接続許可時間
# disable = yes←コメントアウトで有効化
[root]# vi /etc/vsftpd/vsftpd.conf←vsftpdの設定
■以下のように編集↓■
ascii_upload_enable=YES←アップロード許可
ascii_download_enable=YES←ダウンロード許可
# listen=YES←スタンドアロンモードを無効化
[root]# /etc/rc.d/init.d/xinetd restart←再起動
xinetdを停止中: [ OK ]
xinetdを起動中: [ OK ]
[root]# tail /var/log/messages
Nov 23 14:55:13 reverie -- reverie[1523]: LOGIN ON pts/1 BY reverie FROM win50
Nov 23 14:56:16 reverie login(pam_unix)[1523]: session closed for user reverie
Nov 23 14:56:26 reverie login(pam_unix)[1552]: session opened for user reverie by (uid=0)
Nov 23 14:56:26 reverie -- reverie[1552]: LOGIN ON pts/1 BY reverie FROM win50
Nov 23 14:56:32 reverie login(pam_unix)[1552]: session closed for user reverie
Nov 23 15:16:57 reverie xinetd[1487]: Exiting...
Nov 23 15:16:57 reverie 11月 23 15:16:57 xinetd: xinetd停止 succeeded
Nov 23 15:16:58 reverie xinetd[1867]: xinetd Version 2.3.11 started with libwrap loadavg options compiled in.
Nov 23 15:16:58 reverie xinetd[1867]: Started working: 4 available services
Nov 23 15:17:00 reverie xinetd: ・ 鰯ucceeded
←Windowsクライアントからftp接続
[root]# tail /var/log/service.log←xinetdのログ
10/11/23@15:20:19: START: ftp pid=1884 from=192.168.0.50
10/11/23@15:21:34: EXIT: ftp status=0 pid=1884 duration=75(sec)
[root]# tail /var/log/vsftpd.log←vsftpdのファイル転送ログ
Tue Nov 23 15:21:29 2010 1 192.168.0.50 204 /home/reverie/.bash_profile a _ o r reverie ftp 0 * c
[root]# vi /etc/samba/smb.conf←SAMBAの設定
■↓以下のように編集■
workgroup = ドメイン名
server string = 表示させる文字列
hosts allow = 192.168.0. 127.←アクセス許可
security = user←認証方式
remote announce = 192.168.0.255←ローカルネットへ通知
■↓以下の行追記■
invalid users = root←禁止ユーザ
coding system = euc←文字コード
client code page = 932←クライアント側の文字コード
[root]# testparm -s←設定を確認する
[root]# cat /etc/passwd | mksmbpasswd.sh > smbpasswd←sambaパスワードファイル作成
[root]# chmod 0600 smbpasswd←rootのみ権限設定
[root]# chmod 0500 /etc/samba←rootのみ権限設定
[root]# smbpasswd reverie←sambaパスワード設定
New SMB password:←パスワード入力
Retype new SMB password:←確認の為にもう一度パスワード入力
Password changed for user reverie.
Password changed for user reverie.
[root]# tail /etc/samba/smbpasswd←sambaパスワードが追加されているのを確認
reverie:500:E52CAC67419A9A224A3B108F3FA6CB6D:8846F7EAEE8FB117AD06BDD830B7586C:[U ]:LCT-4CE39C83:reverie
[root]# more /etc/sysconfig/samba←samba起動パラメータの確認
# Options to smbd
SMBDOPTIONS="-D"
# Options to nmbd
NMBDOPTIONS="-D"
# Options for winbindd
WINBINDOPTIONS=""
[root]# /etc/rc.d/init.d/smb restart←samba再起動
SMBサービスを停止中: [失敗]
NMBサービスを停止中: [失敗]
SMBサービスを起動中: [ OK ]
NMBサービスを起動中: [ OK ]
[root]# tail /var/log/messages←システムログで起動確認
Nov 17 16:17:04 reverie xfs: ignoring font path element /usr/X11R6/lib/X11/fonts/cyrillic (unreadable)
Nov 17 16:17:08 reverie kernel: mice: PS/2 mouse device common for all mice
Nov 17 16:35:16 reverie sshd(pam_unix)[1339]: session opened for user reverie by (uid=500)
Nov 17 16:35:18 reverie 11月 17 16:35:18 su(pam_unix)[1369]: session opened for user root by reverie(uid=500)
Nov 17 18:11:43 reverie 11月 17 18:11:43 su(pam_unix)[1369]: session closed for user root
Nov 17 18:11:57 reverie 11月 17 18:11:57 su(pam_unix)[7908]: session opened for user root by reverie(uid=500)
Nov 17 18:19:59 reverie 11月 17 18:19:59 smb: smbd停止 failed
Nov 17 18:19:59 reverie 11月 17 18:19:59 smb: nmbd停止 failed
Nov 17 18:19:59 reverie 11月 17 18:19:59 smb: smbd起動 succeeded
Nov 17 18:19:59 reverie 11月 17 18:19:59 smb: nmbd起動 succeeded
[root]# more /var/log/samba/log.nmbd←nmbのログ
[2010/11/17 18:19:59, 0] nmbd/nmbd.c:main(794)
Netbios nameserver version 2.2.7a started.
Copyright Andrew Tridgell and the Samba Team 1994-2002
[2010/11/17 18:20:03, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235)
find_response_record: response packet id 14426 received with no matching record.
[2010/11/17 18:20:03, 0] nmbd/nmbd_responserecordsdb.c:find_response_record(235)
find_response_record: response packet id 14427 received with no matching record.
[root]# more /var/log/samba/log.smbd←smbのログ
[2010/11/17 18:19:59, 0] smbd/server.c:main(707)
smbd version 2.2.7a started.
Copyright Andrew Tridgell and the Samba Team 1992-2002
[root]# vi /etc/hosts
■↓以下のように追記■
192.168.0.50 win50.example.com win50←sambaクライアントのIP,ドメイン名,ホスト名
[root]# vi /etc/samba/lmhosts
■↓以下のように追記■
192.168.0.99 reverie←sambaサーバのIPとホスト名
192.168.0.50 win50←sambaクライアントのIPとホスト名
←Windowsクライアントからワークグループ内にあるsambaサーバへアクセスする
[root]# smbstatus←Windowsクライアントからのアクセスを確認
Samba version 2.2.7a
Service uid gid pid machine
----------------------------------------------
IPC$ reverie reverie 7999 win50 (192.168.0.50) Wed Nov 17 18:33:57 2010
IPC$ nobody nobody 7999 win50 (192.168.0.50) Wed Nov 17 18:34:00 2010
reverie reverie reverie 7999 win50 (192.168.0.50) Wed Nov 17 18:34:00 2010
No locked files
[root]# tail /var/log/messages←sambaセッションを確認
Nov 17 18:33:57 reverie samba(pam_unix)[7999]: session opened for user reverie by (uid=0)
[root]# vi /etc/squid/squid.conf←Squidの設定ファイル
■以下のように編集↓■
http_port 8080←ポート番号指定
acl our_networks src 192.168.1.0/24←アクセスリスト設定
acl working_time time 00:00-23:59←アクセスリスト設定
http_access deny !working_time←拒否条件
http_access allow our_networks←許可条件
[root]# /etc/rc.d/init.d/squid restart←設定反映の為、再起動
squidを停止中: [失敗]
init_cache_dir /var/spool/squid... squidを起動中: .. [ OK ]
[root]# tail /var/log/messages
Nov 12 17:16:20 reverie last message repeated 15 times
Nov 12 17:16:20 reverie cups: cupsd startup succeeded
Nov 12 17:16:20 reverie xfs: xfs startup succeeded
Nov 12 17:16:21 reverie anacron: anacron startup succeeded
Nov 12 17:16:21 reverie atd: atd startup succeeded
Nov 12 17:16:21 reverie xfs: ignoring font path element /usr/X11R6/lib/X11/fonts/cyrillic (unreadable)
Nov 12 17:16:25 reverie kernel: mice: PS/2 mouse device common for all mice
Nov 12 17:16:52 reverie sshd(pam_unix)[1316]: session opened for user reverie by (uid=500)
Nov 12 17:16:55 reverie 11月 12 17:16:55 su(pam_unix)[1346]: session opened for user root by reverie(uid=500)
Nov 12 17:40:15 reverie squid[1425]: Squid Parent: child process 1427 started←Squid起動を確認
[root]# ls -al /var/log/squid←Squidのログがあることを確認
合計 12
drwxr-x--- 2 squid squid 4096 11月 12 17:40 .
drwxr-xr-x 8 root root 4096 11月 12 17:16 ..
-rw-r--r-- 1 squid squid 0 11月 12 17:40 access.log
-rw-r--r-- 1 squid squid 1865 11月 12 17:40 cache.log
-rw-r--r-- 1 squid squid 0 11月 12 17:40 store.log
[root]# more /var/log/squid/cache.log←キャッシュログ確認
2010/11/12 17:40:15| Starting Squid Cache version 2.5.STABLE1 for i386-redhat-linux-gnu...
2010/11/12 17:40:15| Process ID 1427
2010/11/12 17:40:15| With 1024 file descriptors available
2010/11/12 17:40:15| DNS Socket created at 0.0.0.0, port 32770, FD 5
2010/11/12 17:40:15| Adding nameserver 192.168.0.99 from /etc/resolv.conf
2010/11/12 17:40:15| Unlinkd pipe opened on FD 10
2010/11/12 17:40:15| Swap maxSize 102400 KB, estimated 7876 objects
2010/11/12 17:40:15| Target number of buckets: 393
2010/11/12 17:40:15| Using 8192 Store buckets
2010/11/12 17:40:15| Max Mem size: 8192 KB
2010/11/12 17:40:15| Max Swap size: 102400 KB
2010/11/12 17:40:15| Rebuilding storage in /var/spool/squid (DIRTY)
2010/11/12 17:40:15| Using Least Load store dir selection
2010/11/12 17:40:15| Set Current Directory to /var/spool/squid
2010/11/12 17:40:15| Loaded Icons.
2010/11/12 17:40:17| Accepting HTTP connections at 0.0.0.0, port 8080, FD 11.
2010/11/12 17:40:17| WCCP Disabled.
2010/11/12 17:40:17| Ready to serve requests.
2010/11/12 17:40:17| Done scanning /var/spool/squid swaplog (0 entries)
2010/11/12 17:40:17| Finished rebuilding storage from disk.
2010/11/12 17:40:17| 0 Entries scanned
2010/11/12 17:40:17| 0 Invalid entries.
2010/11/12 17:40:17| 0 With invalid flags.
2010/11/12 17:40:17| 0 Objects loaded.
2010/11/12 17:40:17| 0 Objects expired.
2010/11/12 17:40:17| 0 Objects cancelled.
2010/11/12 17:40:17| 0 Duplicate URLs purged.
2010/11/12 17:40:17| 0 Swapfile clashes avoided.
2010/11/12 17:40:17| Took 2.0 seconds ( 0.0 objects/sec).
2010/11/12 17:40:17| Beginning Validation Procedure
2010/11/12 17:40:17| Completed Validation Procedure
2010/11/12 17:40:17| Validated 0 Entries
2010/11/12 17:40:17| store_swap_size = 0k
2010/11/12 17:40:19| storeLateRelease: released 0 objects
←Windows上でプロキシサーバを設定してWWWサーバへアクセスさせる
[root]# tail /var/log/httpd/access_log←ログ確認
192.168.0.50 - - [12/Nov/2010:17:53:02 +0900] "GET / HTTP/1.1" 304 0 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
192.168.0.50 - - [12/Nov/2010:17:53:05 +0900] "GET /index.html HTTP/1.1" 200 117 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
[root]# vi /etc/httpd/conf/httpd.conf←Apacheの設定ファイル
■下記の項目は必ず環境に合わせて設定する↓■
ServerAdmin apache@example.com←管理者メールアドレス
ServerName reverie.example.com:80←WWWサーバ名とポート番号
DocumentRoot "/var/www/html"←ドキュメントルートの場所
[root]# /etc/rc.d/init.d/httpd restart←設定反映のため、httpd再起動
httpdを停止中: [失敗]
httpdを起動中: [ OK ]
[root]# tail /var/log/messages
Nov 9 12:55:28 reverie xfs: xfs startup succeeded
Nov 9 12:55:28 reverie anacron: anacron startup succeeded
Nov 9 12:55:28 reverie atd: atd startup succeeded
Nov 9 12:55:28 reverie xfs: ignoring font path element /usr/X11R6/lib/X11/fonts/cyrillic (unreadable)
Nov 9 12:55:32 reverie kernel: mice: PS/2 mouse device common for all mice
Nov 9 12:57:49 reverie sshd(pam_unix)[1295]: authentication failure; logname= uid=0 euid=0 tty=NODEVssh ruser= rhost=192.168.0.21 user=reverie
Nov 9 12:57:53 reverie sshd(pam_unix)[1297]: session opened for user reverie by (uid=500)
Nov 9 12:57:55 reverie 11月 9 12:57:55 su(pam_unix)[1327]: session opened for user root by reverie(uid=500)
Nov 9 13:36:54 reverie 11月 9 13:36:54 httpd: httpd停止 failed
Nov 9 13:36:56 reverie 11月 9 13:36:56 httpd: httpd起動 succeeded
→Windowsから「http://www.example.com/」にアクセス
[root]# tail /var/log/httpd/access_log←この時点ではindex.htmlが無いためエラーとなる
192.168.0.50 - - [09/Nov/2010:13:43:29 +0900] "GET /index.html HTTP/1.1" 404 1057 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
192.168.0.50 - - [09/Nov/2010:13:43:38 +0900] "GET / HTTP/1.1" 403 2898 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
192.168.0.50 - - [09/Nov/2010:13:43:38 +0900] "GET /icons/apache_pb.gif HTTP/1.1" 200 2326 "http://www.example.com/" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
192.168.0.50 - - [09/Nov/2010:13:43:38 +0900] "GET /icons/powered_by.gif HTTP/1.1" 200 581 "http://www.example.com/" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
[root]# vi /var/www/html/index.html
■適当にHTMLを作成↓■
<HTML>
<HEAD><TITLE> test </TITLE></HEAD>
<BODY>
www server test...
</BODY>
</HTML>
→Windowsから「http://www.example.com/」にアクセス
[root]# tail /var/log/httpd/access_log←index.htmlにアクセスできることを確認する
192.168.0.50 - - [09/Nov/2010:13:57:23 +0900] "GET / HTTP/1.1" 200 117 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"
192.168.0.50 - - [09/Nov/2010:13:57:35 +0900] "GET /index.html HTTP/1.1" 200 117 "-" "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"