◆当blogは、Linuxサーバ構築する際の実際の設定手順を個人的メモとして記載しております。LinuC試験の役に立つ情報があるかも…?
【報告】
2011/1/28(金)
201試験に合格しました☆(ヤッホー)
【得点】
590点
【感想】
運と勘を頼りに頑張ってみたら何とかなりました。
【その他】
次は202試験だな・・・(遠い目)
【試験に役立つアドバイス】
やっぱり茶本は基本なので、絶対読むことが大事です。
(ただし、基本なので応用力は実力でカバーしてくだしぁ)
[root@sentos5 ~]# nslookup www.lpi.or.jp
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: www.lpi.or.jp
Address: 202.218.212.222
[root@sentos5 ~]# nslookup
> server 192.168.0.1
Default server: 192.168.0.1
Address: 192.168.0.1#53
> www.isc.org
Server: 192.168.0.1
Address: 192.168.0.1#53
Non-authoritative answer:
Name: www.isc.org
Address: 149.20.64.42
> exit
[root@sentos5 ~]# host sv1.lpi.jp
sv1.lpi.jp has address 203.174.74.34
[root@sentos5 ~]# host 203.174.74.34
34.74.174.203.in-addr.arpa domain name pointer sv1.lpi.jp.
[root@sentos5 ~]# host -t mx lpi.org
lpi.org mail is handled by 10 mail.lpi.org.
[root@sentos5 ~]# host -t ns lpi.org
lpi.org name server server1.moongroup.com.
lpi.org name server ns.starnix.com.
[root@sentos5 ~]# host www.lpi.org 172.17.0.1
Using domain server:
Name: 192.168.0.1
Address: 192.168.0.1#53
Aliases:
www.lpi.org has address 24.215.7.162
[root@sentos5 ~]# dig lpi.org mx
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> lpi.org mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63305
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;lpi.org. IN MX
;; ANSWER SECTION:
lpi.org. 3600 IN MX 10 mail.lpi.org.
;; AUTHORITY SECTION:
lpi.org. 3600 IN NS server1.moongroup.com.
lpi.org. 3600 IN NS ns.starnix.com.
;; ADDITIONAL SECTION:
mail.lpi.org. 3600 IN A 24.215.7.168
ns.starnix.com. 3600 IN A 24.215.7.99
;; Query time: 1870 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Mon Jan 10 16:30:53 2011
;; MSG SIZE rcvd: 138
[root@sentos5 ~]# cat /etc/named.rfc1912.zones
zone "." IN {
type hint;
file "named.ca";
};
zone "localdomain" IN {
type master;
file "localdomain.zone";
allow-update { none; };
};
zone "localhost" IN {
type master;
file "localhost.zone";
allow-update { none; };
};
zone "0.0.127.in-addr.arpa" IN {
type master;
file "named.local";
allow-update { none; };
};
zone "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa" IN {
type master;
file "named.ip6.local";
allow-update { none; };
};
zone "255.in-addr.arpa" IN {
type master;
file "named.broadcast";
allow-update { none; };
};
zone "0.in-addr.arpa" IN {
type master;
file "named.zero";
allow-update { none; };
};
[root@sentos5 named]# cat /etc/named.caching-nameserver.conf
options {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { localhost; };
allow-query-cache { localhost; };
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
view localhost_resolver {
match-clients { localhost; };
match-destinations { localhost; };
recursion yes;
include "/etc/named.rfc1912.zones";
};
[root@sentos5 etc]# dig @m.root-servers.net ns > /var/named/named.ca
[root@sentos5 etc]# cat /var/named/named.ca
;; ANSWER SECTION:
. 518400 IN NS m.root-servers.net.
. 518400 IN NS c.root-servers.net.
;; ADDITIONAL SECTION:
b.root-servers.net. 3600000 IN A 192.228.79.201
c.root-servers.net. 3600000 IN A 192.33.4.12
[root@sentos5 etc]# rndc status
number of zones: 6
debug level: 0
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is OFF
recursive clients: 0/1000
tcp clients: 0/100
server is up and running
[root@sentos5 etc]# cat /var/named/named.local
$TTL 86400
@ IN SOA localhost. root.localhost. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS localhost.
1 IN PTR localhost.
[root@sentos5 etc]# dig @localhost version.bind chaos txt
;; ANSWER SECTION:
version.bind. 0 CH TXT "9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2"
[root@sentos5 etc]# ps -f -C named
UID PID PPID C STIME TTY TIME CMD
named 2495 1 0 15:26 ? 00:00:00 /usr/sbin/named -u named -t /var/named/chroot
[root@sentos5 etc]# dnssec-keygen -a RSA -b 1024 -n ZONE example.net.
[root@sentos5 etc]# dnssec-keygen -a RSA -b 4096 -n ZONE example.net.
[root@sentos5 etc]# dnssec-signzone -k Kexample.net.+005+28778.key example.net
[root@sentos5 etc]# dig +dnssec @localhost smtp.exaple.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> +dnssec @localhost smtp.exaple.com
[root@A]# tar -cvzf software.tar.gz software
software
[root@A]# tar -cvjf software.tar.bz2 software
software
[root@A]# gzip -dc software.tar.gz | tar xvf -
software
[root@A]# bzip2 -dc software.tar.bz2 | tar xvf -
software
/// Makefile作成~コンパイル~インストールの手順 ///
[user@A]# ./configure
[user@A]# make
[user@A]$ su
パスワード:
[root@sentos5 user]#make install
/// Makefile作成~コンパイル~インストールの手順 ///
[root@A]# ls -ld /usr/local/bin
drwxr-xr-x 2 root root 4096 3月 10 2009 /usr/local/bin
[root@A]# ls -ld /usr/local/sbin
drwxr-xr-x 2 root root 4096 3月 10 2009 /usr/local/sbin
/// バックアップ予備知識 ///
完全「full」
差分「incremental」
増分「differential」
/// バックアップ予備知識 ///
/// バックアップ媒体 ///
追記不可:「DVD-R,DVD-R DL」
追記可能:「DVD-RW,DVD-RAM,DVD+R,DVD+R DL,DVD+RW」
容量:4.7~8.54GB
「DDS4」 40GB
「DLT-320」 320GB
「LTO」 800GB
/// バックアップ媒体 ///
/// バックアップ方法 ///
「AMANDA,Bacura」ネットワーク経由バックアップツール
「NAS」でネットワーク接続バックアップ
「SAN」ファイバーチャネルのストレージ専用ネットワーク
「tar,cpio,dd,dump,restore」バックアップコマンド
/// バックアップ方法 ///
[root@A]# tar cjvf /tmp/home.tar.bz2 /home/user
tar: メンバ名から先頭の `/' を取り除きます
/home/user/
/home/user/.gnome/
[root@A]# tar tjf /tmp/home.tar.bz2
home/user/
home/user/.gnome/
[root@A]# tar vjf /tmp/home.tar.bz2 --delete readtest.sh
アボートしました
[root@sentos5 /]# tar xjf /tmp/home.tar.bz2
[root@sentos5 /]# tar xvf /dev/st0 var/log/secure
[root@sentos5 testuser]# ls | cpio -o > /tmp/backup
1 block
[root@sentos5 testuser]# dd if=/dev/sr0 /of=/tmp/cdrom.iso
[root@sentos5 testuser]# dump 0uf /dev/nst0 /dev/sda2
DUMP: Date of this level 0 dump: Sat Jan 8 17:13:14 2011
DUMP: Dumping /dev/sda2 (an unlisted file system) to /dev/nst0
/dev/sda2: Bad magic number in super-block while opening filesystem
DUMP: The ENTIRE dump is aborted.
[root@sentos5 testuser]# cat /etc/dumpdates
/dev/mapper/VolGroup00-LogVol02 0 Wed Jun 2 00:50:26 2010 +0900
[root@sentos5 testuser]# restore rf /dev/st0
[root@sentos5 testuser]# rsync -auv --delete dir /backup
building file list ... rsync: link_stat "/root/home/testuser/dir" failed: No such file or directory (2)
done
sent 29 bytes received 20 bytes 98.00 bytes/sec
total size is 0 speedup is 0.00
[root@A]# dmesg | grep eth
eth0: registered as PCnet/PCI II 79C970A
eth0: link up
eth0: no IPv6 routers present
[root@A]# lspci
02:01.0 Ethernet controller: Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE] (rev 10)
[root@A]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:C9:99:4C
inet addr:192.168.0.55 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fec9:994c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3702 errors:0 dropped:0 overruns:0 frame:0
TX packets:2489 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:360938 (352.4 KiB) TX bytes:301017 (293.9 KiB)
Interrupt:75 Base address:0x2000
[root@A]# ifconfig eth0:0 192.168.0.56 netmask 255.255.255.0 up
[root@A]# ifconfig eth0:0
eth0:0 Link encap:Ethernet HWaddr 00:0C:29:C9:99:4C
inet addr:192.168.0.56 Bcast:192.168.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:75 Base address:0x2000
[root@A]# arp
Address HWtype HWaddress Flags Mask Iface
192.168.0.21 ether E0:CB:4E:11:FC:EC C eth0
buffalo.setup ether 00:0D:0B:B6:0A:B6 C eth0
[root@A]# arp -n
Address HWtype HWaddress Flags Mask Iface
192.168.0.21 ether E0:CB:4E:11:FC:EC C eth0
192.168.0.1 ether 00:0D:0B:B6:0A:B6 C eth0
[root@A]# traceroute sentos5
traceroute to sentos5 (127.0.0.1), 30 hops max, 40 byte packets
1 sentos5.localdomain (127.0.0.1) 0.019 ms 0.011 ms 0.009 ms
[root@A]# traceroute -n sentos5
traceroute to sentos5 (127.0.0.1), 30 hops max, 40 byte packets
1 127.0.0.1 0.018 ms 0.009 ms 0.013 ms
[root@A]# tcpdump -i eth0
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:50:53.721877 IP 192.168.0.55.ssh > 192.168.0.21.52146: P 2187861119:2187861235(116) ack 2768986704 win 7504
22:50:53.722047 IP 192.168.0.55.ssh > 192.168.0.21.52146: P 116:232(116) ack 1 win 7504
[root@A]# tcpdump -nli eth0 port 53
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
22:52:56.040693 IP 192.168.0.21.53094 > 192.168.0.1.domain: 17340+ A? www.nicovideo.jp. (34)
22:52:56.073466 IP 192.168.0.1.domain > 192.168.0.21.53094: 17340 1/2/1 A 202.248.110.243 (116)
[root@A]# netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 sentos5.localdomain:2208 *:* LISTEN
tcp 0 0 *:nfs *:* LISTEN
[root@A]# netstat -i
Kernel Interface table
Iface MTU Met RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg
eth0 1500 0 8091 0 0 0 8978 0 0 0 BMRU
lo 16436 0 3180 0 0 0 3180 0 0 0 LRU
[root@A]# netstat -r
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
192.168.0.0 buffalo.setup 255.255.255.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default buffalo.setup 0.0.0.0 UG 0 0 0 eth0
[root@A]# nc 192.168.0.55 25
220 sentos5.localdomain ESMTP Postfix
[root@A]# nc -vz 192.168.0.55 1-1000
nc: connect to 192.168.0.55 port 1 (tcp) failed: Connection refused
nc: connect to 192.168.0.55 port 2 (tcp) failed: Connection refused
[root@A]# nc -vzu 192.168.0.55 1-1000
Connection to 192.168.0.55 111 port [udp/sunrpc] succeeded!
Connection to 192.168.0.55 161 port [udp/snmp] succeeded!
[root@A]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
[root@A]# route add default gw 192.168.0.1
[root@A]# route add -net 192.168.0.0 netmask 255.255.255.0 gw 192.168.0.1
[root@A]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 buffalo.setup 255.255.255.0 UG 0 0 0 eth0
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default buffalo.setup 0.0.0.0 UG 0 0 0 eth0
[root@A]# ip route show
192.168.0.0/24 via 192.168.0.1 dev eth0
192.168.0.0/24 dev eth0 proto kernel scope link src 192.168.0.55
default via 192.168.0.1 dev eth0
[root@A]# iwconfig
lo no wireless extensions.
eth0 no wireless extensions.
sit0 no wireless extensions.
[root@A]# iwconfig wlan0
wlan0 No such device
[root@A]# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 sentos5.localdomain sentos5 localhost.localdomain localhost
::1 localhost6.localdomain6 localhost6
[root@A]# cat /etc/nsswitch.conf
passwd: files ldap
shadow: files ldap
group: files ldap
hosts: files ldap dns
[root@A]# cat /etc/resolv.conf
nameserver 192.168.0.1
[root@A]# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=sentos5.localdomain
[root@A]# ls -l /etc/sysconfig/network-scripts/*
-rw-r--r-- 3 root root 193 羌 2010 /etc/sysconfig/network-scripts/ifcfg-eth0
[root@A]# cat /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
HWADDR=00:0c:29:c9:99:4c
NETMASK=255.255.255.0
IPADDR=192.168.0.55
GATEWAY=192.168.0.1
TYPE=Ethernet
[root@A]# cat /etc/hosts.allow
[root@A]# cat /etc/hosts.deny
[root@A]# tracepath 192.168.0.55
1: 192.168.0.55 (192.168.0.55) 0.079ms pmtu 16436
1: 192.168.0.55 (192.168.0.55) 0.021ms reached
Resume: pmtu 16436 hops 1 back 1
[root@A]# cat /etc/issue
CentOS release 5.3 (Final)
Kernel \r on an \m
[root@A]# cat /etc/issue.net
CentOS release 5.3 (Final)
Kernel \r on an \m
[root@A]# cat /etc/motd
[root@A]# wall "Test Message !"
Broadcast message from root (pts/2) (Wed Jan 5 23:28:43 2011):
Test Message !
[root@A]# shutdown -k now "Test Message!!!"
Broadcast message from root (pts/2) (Wed Jan 5 23:29:23 2011):
Test Message!!!
The system is going down to maintenance mode NOW!
Shutdown cancelled.
[root@A]# fdisk -l /dev/sda
Disk /dev/sda: 8589 MB, 8589934592 bytes
255 heads, 63 sectors/track, 1044 cylinders
Units = シリンダ数 of 16065 * 512 = 8225280 bytes
デバイス Boot Start End Blocks Id System
/dev/sda1 * 1 13 104391 83 Linux
/dev/sda2 14 1044 8281507+ 8e Linux LVM
[root@A]# cat /proc/mdstat
Personalities :
unused devices: <none>
[root@A]# lvscan
/dev/cdrom: read failed after 0 of 2048 at 0: 入力/出力エラーです
ACTIVE '/dev/VolGroup00/LogVol00' [4.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol03' [1.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol02' [1.00 GB] inherit
ACTIVE '/dev/VolGroup00/LogVol01' [1.00 GB] inherit
[root@A]# df -T
Filesystem Type 1K-ブロック 使用 使用可 使用% マウント位置
/dev/mapper/VolGroup00-LogVol00
ext3 4062912 3460740 392460 90% /
/dev/mapper/VolGroup00-LogVol03
ext3 1015704 88808 874468 10% /tmp
/dev/mapper/VolGroup00-LogVol02
ext3 1015704 274912 688364 29% /var
/dev/sda1 ext3 101086 12074 83793 13% /boot
tmpfs tmpfs 257720 0 257720 0% /dev/shm
/dev/mapper/VolGroup00-LogVol02
ext3 1015704 274912 688364 29% /mnt
[root@A]# ls -l /dev/mapper/VolGroup00-LogVol0*
brw-rw---- 1 root disk 253, 0 1月 5 21:15 /dev/mapper/VolGroup00-LogVol00
brw-rw---- 1 root disk 253, 3 1月 5 21:15 /dev/mapper/VolGroup00-LogVol01
brw-rw---- 1 root disk 253, 2 1月 5 21:15 /dev/mapper/VolGroup00-LogVol02
brw-rw---- 1 root disk 253, 1 1月 5 21:15 /dev/mapper/VolGroup00-LogVol03
[root@A]# pvdisplay /dev/sda2
/dev/cdrom: read failed after 0 of 2048 at 0: 入力/出力エラーです
--- Physical volume ---
PV Name /dev/sda2
VG Name VolGroup00
PV Size 7.90 GB / not usable 23.41 MB
Allocatable yes
PE Size (KByte) 32768
Total PE 252
Free PE 28
Allocated PE 224
PV UUID NZOvJm-9UF6-sXaW-y1Fd-1pJ0-fpzW-OVk750
[root@A]# pvscan
/dev/cdrom: open failed: 読み込み専用ファイルシステムです
Attempt to close device '/dev/cdrom' which is not open.
PV /dev/sda2 VG VolGroup00 lvm2 [7.88 GB / 896.00 MB free]
Total: 1 [7.88 GB] / in use: 1 [7.88 GB] / in no VG: 0 [0 ]
[root@A]# vgdisplay
--- Volume group ---
VG Name VolGroup00
System ID
Format lvm2
Metadata Areas 1
Metadata Sequence No 5
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 4
Open LV 4
Max PV 0
Cur PV 1
Act PV 1
VG Size 7.88 GB
PE Size 32.00 MB
Total PE 252
Alloc PE / Size 224 / 7.00 GB
Free PE / Size 28 / 896.00 MB
VG UUID V9Kj8z-YYNg-1nxg-WqfE-0c9v-kDrM-HlQ2Rs
[root@A]# lvdisplay /dev/VolGroup00/LogVol02
--- Logical volume ---
LV Name /dev/VolGroup00/LogVol02
VG Name VolGroup00
LV UUID JTByn9-eKq8-61Kj-f8Y0-aggW-gX1x-fo4XQa
LV Write Access read/write
LV Status available
# open 1
LV Size 1.00 GB
Current LE 32
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:2
[root@A]# pvs
PV VG Fmt Attr PSize PFree
/dev/sda2 VolGroup00 lvm2 a- 7.88G 896.00M
[root@A]# vgs
VG #PV #LV #SN Attr VSize VFree
VolGroup00 1 4 0 wz--n- 7.88G 896.00M
[root@A]# lvs
LV VG Attr LSize Origin Snap% Move Log Copy% Convert
LogVol00 VolGroup00 -wi-ao 4.00G
LogVol01 VolGroup00 -wi-ao 1.00G
LogVol02 VolGroup00 -wi-ao 1.00G
LogVol03 VolGroup00 -wi-ao 1.00G
[root@A]# hdparm /dev/sda
/dev/sda:
readonly = 0 (off)
readahead = 256 (on)
geometry = 1044/255/63, sectors = 16777216, start = 0
[root@A]# hdparm -tT /dev/sda
/dev/sda:
Timing cached reads: 30276 MB in 2.00 seconds = 15175.83 MB/sec
Timing buffered disk reads: 74 MB in 3.09 seconds = 23.98 MB/sec
[root@A]# cat /etc/fstab
/dev/VolGroup00/LogVol00 / ext3 defaults 1 1
/dev/VolGroup00/LogVol03 /tmp ext3 defaults 1 2
/dev/VolGroup00/LogVol02 /var ext3 defaults,usrquota,grpquota 1 2
LABEL=/boot /boot ext3 defaults 1 2
tmpfs /dev/shm tmpfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
sysfs /sys sysfs defaults 0 0
proc /proc proc defaults 0 0
/dev/VolGroup00/LogVol01 swap swap defaults 0 0
[root@A]# cat /proc/filesystems
nodev sysfs
nodev rootfs
nodev bdev
nodev proc
[root@A]# cat /etc/mtab
/dev/mapper/VolGroup00-LogVol00 / ext3 rw 0 0
proc /proc proc rw 0 0
sysfs /sys sysfs rw 0 0
[root@A]# cat /proc/mounts
rootfs / rootfs rw 0 0
/dev/root / ext3 rw,data=ordered 0 0
/dev /dev tmpfs rw 0 0
[root@A]# mount
/dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
[root@A]# sync
[root@A]# dd if=/dev/zero of=/tmp/swapfile bs=1M count=50
50+0 records in
50+0 records out
52428800 bytes (52 MB) copied, 0.117411 seconds, 447 MB/s
[root@A]# mkswap /tmp/swapfile
Setting up swapspace version 1, size = 52424 kB
[root@A]# swapon /tmp/swapfile
[root@A]# swapon -s
Filename Type Size Used Priority
/dev/mapper/VolGroup00-LogVol01 partition 1048568 0 -1
/tmp/swapfile file 51192 0 -2
[root@A]# cat /proc/swaps
Filename Type Size Used Priority
/dev/mapper/VolGroup00-LogVol01 partition 1048568 0 -1
/tmp/swapfile file 51192 0 -2
[root@A]# cdrecord -scanbus
Cdrecord-Clone 2.01 (cpu-pc-linux-gnu) Copyright (C) 1995-2004 Jg Schilling
Note: This version is an unofficial (modified) version with DVD support
Note: and therefore may have bugs that are not present in the original.
Note: Please send bug reports or support requests to http://bugzilla.redhat.com/bugzilla
Note: The author of cdrecord should not be bothered with problems in this version.
cdrecord: Invalid or incomplete multibyte or wide character. Cannot open SCSI driver.
cdrecord: For possible targets try 'cdrecord -scanbus'.
cdrecord: For possible transport specifiers try 'cdrecord dev=help'.
[root@A]# dumpe2fs /dev/sda1 | more
Inode count: 26104
Block count: 104388
Reserved block count: 5219
Free blocks: 89012
Free inodes: 26070
First block: 1
Block size: 1024
Group 1: (Blocks 8193-16384)
Backup superblock at 8193, Group descriptors at 8194-8194
[root@A]# fsck.ext3
Emergency help:
-p Automatic repair (no questions)
-n Make no changes to the filesystem
-y Assume "yes" to all questions
-c Check for bad blocks and add them to the badblock list
-f Force checking even if filesystem is marked clean
-v Be verbose
-b superblock Use alternative superblock
-B blocksize Force blocksize when looking for superblock
-j external_journal Set location of the external journal
-l bad_blocks_file Add to badblocks list
-L bad_blocks_file Set badblocks list
[root@A]# e2fsck
Emergency help:
-p Automatic repair (no questions)
-n Make no changes to the filesystem
-y Assume "yes" to all questions
-c Check for bad blocks and add them to the badblock list
-f Force checking even if filesystem is marked clean
-v Be verbose
-b superblock Use alternative superblock
-B blocksize Force blocksize when looking for superblock
-j external_journal Set location of the external journal
-l bad_blocks_file Add to badblocks list
-L bad_blocks_file Set badblocks list
[root@A]# tune2fs -l /dev/sda1
Inode count: 26104
Block count: 104388
Reserved block count: 5219
Free blocks: 89012
Free inodes: 26070
First block: 1
Block size: 1024
[root@A]# badblocks /dev/sda1
[root@A]# debugfs /dev/sda1
debugfs 1.39 (29-May-2006)
debugfs: ls
2 (12) . 2 (12) .. 11 (20) lost+found 16065 (36) grub
12 (16) message 17 (44) initrd-2.6.18-128.el5.img
13 (36) System.map-2.6.18-128.el5 14 (32) config-2.6.18-128.el5
15 (36) symvers-2.6.18-128.el5.gz 16 (780) vmlinuz-2.6.18-128.el5
debugfs: quit
[root@A]# cat /etc/auto.master
/misc /etc/auto.misc
[root@A]# /etc/init.d/autofs restart
automount を停止中: [ OK ]
automount を起動中: [ OK ]
[root@A]# ls -l /etc/auto.*
-rw-r--r-- 1 root root 717 1月 21 2009 /etc/auto.master
-rw-r--r-- 1 root root 581 1月 21 2009 /etc/auto.misc
-rwxr-xr-x 1 root root 1292 1月 21 2009 /etc/auto.net
-rwxr-xr-x 1 root root 715 1月 21 2009 /etc/auto.smb
[root@A]# cat /etc/auto.master
/misc /etc/auto.misc
[root@A]# cat /etc/auto.misc
cd -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
[root@A]# ls -l /dev/sda{,1,2}
brw-r----- 1 root disk 8, 0 1月 5 16:42 /dev/sda
brw-r----- 1 root disk 8, 1 1月 5 16:42 /dev/sda1
brw-r----- 1 root disk 8, 2 1月 5 16:42 /dev/sda2
[root@A]# ls -l /dev/{ttyS0,input/mice,lp0}
crw------- 1 root root 13, 63 1月 5 16:42 /dev/input/mice
crw-rw---- 1 root lp 6, 0 1月 5 16:42 /dev/lp0
crw-rw---- 1 root uucp 4, 64 1月 5 16:41 /dev/ttyS0
[root@A]# cat /proc/devices
Character devices:
1 mem
4 ttyS
5 /dev/tty
5 /dev/console
6 lp
10 misc
180 usb
189 usb_device
Block devices:
1 ramdisk
2 fd
8 sd
9 md
[root@A]# ls /etc/udev/rules.d
05-udev-early.rules 51-hotplug.rules 60-pcmcia.rules
61-uinput-stddev.rules 90-alsa.rules 95-pam-console.rules
40-multipath.rules 60-libsane.rules 60-raw.rules
[root@A]# cat /etc/udev/rules.d/50-udev.rules
KERNEL=="tty", NAME="%k", GROUP="tty", MODE="0666", OPTIONS="last_rule"
[root@A]# udevinfo -q path -n /dev/sda1
/block/sda/sda1
root@A]# udevinfo -q env -n /dev/sda1
ID_VENDOR=VMware,
ID_MODEL=VMware_Virtual_S
ID_REVISION=1.0
[root@A]# dmesg | more
Linux version 2.6.18-128.el5 (mockbuild@builder16.centos.org) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-44)) #1 SMP Wed
Jan 21 10:44:23 EST 2009
[root@A]# cat /etc/inittab
id:5:initdefault:
# System initialization.
si::sysinit:/etc/rc.d/rc.sysinit
l0:0:wait:/etc/rc.d/rc 0
l1:1:wait:/etc/rc.d/rc 1
l2:2:wait:/etc/rc.d/rc 2
l3:3:wait:/etc/rc.d/rc 3
l4:4:wait:/etc/rc.d/rc 4
l5:5:wait:/etc/rc.d/rc 5
l6:6:wait:/etc/rc.d/rc 6
[root@A]# ls /etc/rc3.d
K01dnsmasq K35dovecot K88wpa_supplicant S08iptables
S19rpcgssd S50snmpd S90xfs K02NetworkManager
K35smb K89dund S08mcstrans S22messagebus
[root@A]# ls -l /etc/rc3.d/S85httpd
lrwxrwxrwx 1 root root 15 羈0 2010 /etc/rc3.d/S85httpd -> ../init.d/httpd
[root@A]# /etc/init.d/httpd start
httpd を起動中: [ OK ]
[root@A]# chkconfig --list httpd
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@A]# chkconfig httpd off
[root@A]# chkconfig httpd on
[root@A]# chkconfig --level 235 httpd on
[root@A]# ntsysv
[root@A]# cat /boot/grub/menu.lst
default=0
timeout=5
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title CentOS (2.6.18-128.el5)
root (hd0,0)
kernel /vmlinuz-2.6.18-128.el5 ro root=/dev/VolGroup00/LogVol00 rhgb quiet
initrd /initrd-2.6.18-128.el5.img
[root@A]# grub
Probing devices to guess BIOS drives. This may take a long time.
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-like line editing is supported. For the first word, TAB
lists possible command completions. Anywhere else TAB lists the possible
completions of a device/filename.]
grub> displaymem
EISA Memory BIOS Interface is present
Address Map BIOS Interface is present
Lower memory: 640K, Upper memory (to first chipset hole): 3072K
[Address Range Descriptor entries immediately follow (values are 64-bit)]
Usable RAM: Base Address: 0x0 X 4GB + 0x0,
Length: 0x0 X 4GB + 0xa0000 bytes
Reserved: Base Address: 0x0 X 4GB + 0xa0000,
Length: 0x0 X 4GB + 0x60000 bytes
Usable RAM: Base Address: 0x0 X 4GB + 0x100000,
Length: 0x0 X 4GB + 0x300000 bytes
grub> quit
[root@A]# cat /etc/lilo.conf
[root@A]# /sbin/lilo
[root@A]# cat /proc/cmdline
ro root=/dev/VolGroup00/LogVol00 rhgb quiet
[root@A]# uname -a
Linux sentos5.localdomain 2.6.18-128.el5 #1 SMP Wed Jan 21 10:44:23 EST 2009 i686 i686 i386 GNU/Linux
[root@A]# uname -r
2.6.18-128.el5
[root@A]# uname -m
i686
[root@A]# cat /proc/version
Linux version 2.6.18-128.el5 (mockbuild@builder16.centos.org) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-44)) #1 SMP Wed Jan 21 10:44:23 EST 2009
[root@A]# head -4 /usr/src/linux/Makefile
VERSION = 2
PATCHLEVEL = 6
SUBLEVEL =18
EXTRAVERSION = -128.el5
[root@A]# ls /boot/vmlinuz*
/boot/vmlinuz-2.6.18-128.el5
[root@A]# ls -ld /lib/modules/2.6.18-128.el5/kernel/*
drwxr-xr-x 3 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/arch
drwxr-xr-x 39 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/drivers
drwxr-xr-x 30 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/fs
drwxr-xr-x 2 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/kernel
drwxr-xr-x 4 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/lib
drwxr-xr-x 21 root root 4096 羇 2010 /lib/modules/2.6.18-128.el5/kernel/net
[root@A]# lsmod
Module Size Used by
nfsd 202097 17
exportfs 9665 1 nfsd
lockd 61257 2 nfsd
nfs_acl 7617 1 nfsd
[root@A]# cat /proc/modules
nfsd 202097 17 - Live 0xe0c3a000
exportfs 9665 1 nfsd, Live 0xe0b72000
lockd 61257 2 nfsd, Live 0xe0bf7000
nfs_acl 7617 1 nfsd, Live 0xe0b6f000
auth_rpcgss 43105 1 nfsd, Live 0xe0bd7000
[root@A]# modinfo ext3
filename: /lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
license: GPL
description: Second Extended Filesystem with journaling extensions
author: Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
[root@A]# modinfo -n ext3
/lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
[root@A]# modinfo -l ext3
GPL
[root@A]# modinfo -d ext3
Second Extended Filesystem with journaling extensions
[root@A]# modinfo -a ext3
Remy Card, Stephen Tweedie, Andrew Morton, Andreas Dilger, Theodore Ts'o and others
[root@A]# insmod /lib/modules/2.6.18-128.el5/kernel/fs/ext2/ext2.ko
[root@A]# modprobe -c
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias eth0 pcnet32
[root@A]# modprobe -lt fs
/lib/modules/2.6.18-128.el5/kernel/fs/autofs4/autofs4.ko
/lib/modules/2.6.18-128.el5/kernel/fs/cachefiles/cachefiles.ko
/lib/modules/2.6.18-128.el5/kernel/fs/cifs/cifs.ko
[root@A]# modprobe --show-depends ext3
insmod /lib/modules/2.6.18-128.el5/kernel/fs/jbd/jbd.ko
insmod /lib/modules/2.6.18-128.el5/kernel/fs/ext3/ext3.ko
[root@A]# ls /lib/modules/2.6.18-128.el5/modules.dep
/lib/modules/2.6.18-128.el5/modules.dep
[root@A]# cat /etc/modprobe.conf
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias eth0 pcnet32
[root@A]# ls -l /etc/modprobe.d/*
-rw-r--r-- 1 root root 810 羚 2009 /etc/modprobe.d/blacklist
-rw-r--r-- 1 root root 83 羃2 2009 /etc/modprobe.d/blacklist-firewire
-rw-r--r-- 1 root root 6111 羃1 2009 /etc/modprobe.d/modprobe.conf.dist
[root@A]# cat /etc/modprobe.d/modprobe.conf.dist
alias usb-uhci uhci-hcd
alias usb-ohci ohci-hcd
install scsi_hostadapter /bin/true
install usbmouse /sbin/modprobe --first-time --ignore-install usbmouse && { /sbin/modprobe hid; /bin/true; }
remove usbmouse { /sbin/modprobe -r hid; } ; /sbin/modprobe -r --first-time --ignore-remove usbmouse
remove nfsd { /bin/umount /proc/fs/nfsd > /dev/null 2>&1 || :; } ; /sbin/modprobe -r --first-time --ignore-remove nfsd
[root@A]# ls -ld /proc/sys/kernel/*
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/ctrl-alt-del
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/domainname
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/hostname
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/hotplug
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/modprobe
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/osrelease
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/ostype
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/sem
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmall
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmmax
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/shmmni
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/sysrq
-r--r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/tainted
-rw-r--r-- 1 root root 0 羌 17:26 /proc/sys/kernel/threads-max
[root@A]# ls -ld /proc/sys/fs/*
-rw-r--r-- 1 root root 0 羌 17:29 /proc/sys/fs/file-max
-r--r--r-- 1 root root 0 羌 17:29 /proc/sys/fs/file-nr
[root@A]# ls -ld /proc/sys/net/*
dr-xr-xr-x 6 root root 0 羌 17:30 /proc/sys/net/ipv4
dr-xr-xr-x 6 root root 0 羌 17:30 /proc/sys/net/ipv6
[root@A]# ls -ld /proc/sys/net/ipv4/*
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/ip_forward
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/icmp_echo_ignore_all
-rw-r--r-- 1 root root 0 羌 17:31 /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
[root@A]# cat /etc/sysctl.conf
net.ipv4.ip_forward = 0
[root@A]# cat /etc/rc.local
net.ipv4.ip_forward = 0
[root@A]# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 0
[root@A]# sysctl -w net.ipv4.ip_forward=1
net.ipv4.ip_forward = 1
[root@A]# sysctl -a
sunrpc.max_resvport = 1023
sunrpc.min_resvport = 665
sunrpc.tcp_slot_table_entries = 16
[root]# cd /etc/httpd/conf ←設定ディレクトリへ移動
[root]# openssl genrsa -des 1024 > server.key ←プライベート鍵作成
Generating RSA private key, 1024 bit long modulus
.++++++
..........++++++
e is 65537 (0x10001)
Enter pass phrase: ←パスフレーズ入力
Verifying - Enter pass phrase: ←再度パスフレーズ入力
[root]# openssl rsa -in server.key -out server.key ←パスフレーズ問い合わせ除去
Enter pass phrase for server.key: ←設定済みのパスフレーズ入力
writing RSA key
[root]# openssl req -new -days 365 -key server.key -out server.csr ←サイト証明書発行要求を作成
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:JP ←国名
State or Province Name (full name) [Berkshire]:KANAGAWA ←都道府県
Locality Name (eg, city) [Newbury]:HUJISAWA ←市区町村
Organization Name (eg, company) [My Company Ltd]:A ←会社名
Organizational Unit Name (eg, section) []:B ←部署名
Common Name (eg, your name or your server's hostname) []:www.example.com ←サーバ名
Email Address []:apache@example.com ←管理者のメールアドレス
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []: ←チャレンジパスワードは設定不要
An optional company name []: ←追加の会社名は設定不要
[root]# openssl x509 -days 365 -in server.csr -out server.crt -req -signkey server.key ←サイト証明書を作成
Signature ok
subject=/C=JP/ST=KANAGAWA/L=HUJISAWA/O=A/OU=B/CN=www.example.com/emailAddress=apache@example.com
Getting Private key
[root]# chmod 0600 server.* ←所有者のみ読み書き可能
[root]# mv server.key /etc/httpd/conf/ssl.key/ ←サーバ鍵を格納
[root]# mv server.csr /etc/httpd/conf/ssl.csr/ ←サイト証明書発行要求を格納
[root]# mv server.crt /etc/httpd/conf/ssl.crt/ ←サイト証明書を格納
[root]# vi /etc/httpd/conf/httpd.conf ←httpd設定ファイル
■以下のように編集↓■
ServerName www.example.com:80
■以下の行追加↓■
<Directory "/var/www/shtml">
AllowOverride None
Order Allow,Deny
Allow from 192.168.0.0/24
AuthType Basic
AuthName "Secure Page"
AuthUserFile /etc/httpd/conf/passwd
Require valid-user
</Directory>
[root]# vi /etc/httpd/conf.d/ssl.conf ←SSL設定
■以下のように編集↓■
DocumentRoot "/var/www/shtml"
ServerName www.example.com:443
ServerAdmin apache@example.com
[root]# htpasswd -c passwd reverie ←パスワード設定
New password: ←パスワード入力
Re-type new password: ←再度パスワード入力
Adding password for user reverie
[root]# chown -R apache * ←所有者をapacheにする
[root]# mkdir /var/www/shtml ←ディレクトリ作成
[root]# chown apache /var/www/shtml ←所有者をapacheにする
[root]# vi /var/www/shtml/secure.shtml ←テストページ作成
■適当にテスト用shtml作成■
<HTML><HEAD><TITLE>SSL TEST</TITLE></HEAD>
<BODY>SSL TEST PAGE!!!</BODY></HTML>
[root]# chmod 0600 * ←所有者のみ読み書き可能
[root]# chown apache * ←所有者をapacheにする
[root]# /etc/rc.d/init.d/httpd restart
httpdを停止中: [ OK ]
httpdを起動中: [ OK ]
←Windowsからhttps://www.example.com/secure.shtmlにアクセス
[root]# tail /var/log/httpd/ssl_access_log ←SSLアクセスログを確認
win50.example.com - - [11/Dec/2010:19:08:14 +0900] "GET /secure.shtml HTTP/1.1" 401 1304
win50.example.com - reverie [11/Dec/2010:19:08:23 +0900] "GET /secure.shtml HTTP/1.1" 200 86