# # ÇÑ±Û # vi /etc/sysconfig/i18n LANG="ko_KR.eucKR" SUPPORTED="en_US.UTF-8:en_US:en:ko_KR.eucKR:ko_KR:ko" SYSFONT="lat0-sun16" SYSFONTACM="8859-15"
Fedora release 9 (Sulphur)
# # time ¼³Á¤ # rdate -s time.bora.net clock -w
# # mysql #
useradd -M -s /bin/false mysql
./configure --prefix=/usr/local/mysql --with-charset=utf8 --with-extra-charsets=all
--prefix: ±âº» ¼³Ä¡ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù --localstatedir: µ¥ÀÌÅ͸¦ ÀúÀåÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù --sysconfdir: ȯ°æ¼³Á¤ÆÄÀÏ "my.cnf"°¡ À§Ä¡ÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù --with-unix-socket-path: ¼ÒÄÏÆÄÀÏÀÌ À§Ä¡ÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù --with-mysqld-user: °ü¸®°èÁ¤À» ¼³Á¤ÇÕ´Ï´Ù. À§¿¡¼ "mysql"°èÁ¤À» ¸¸µé¾î µÎ¾ú½À´Ï´Ù. --with-charset: ±âº» ¹®ÀÚ¼ÂÀ» ¼³Á¤ÇÕ´Ï´Ù. ÇÑ±Û ¹®ÀÚ¼ÂÀ» ¼³Á¤ÇϽ÷Á¸é euckr·Î ¼³Á¤ÇÏ½Ã¸é µË´Ï´Ù. --with-extra-charsets: ±âº» ¹®Á¦¼Â ¿Ü¿¡ ¼³Ä¡ÇÒ ¹®ÀÚ¼ÂÀ» ³ª¿ÇÕ´Ï´Ù. ¿¹)--with-extra-charsets=utf8,euckr --with-plugins: ¼³Ä¡ÇÒ Ç÷¯±×ÀÎ ¸ñ·ÏÀ» ³ª¿ÇÕ´Ï´Ù. 5¹öÁ¯´ë Ãʹݿ¡´Â ±×·¯Áö ¾Ê¾Ò´ø °Í °°Àºµ¥ ¶óÀ̼¾½º ¶§¹®¿¡ ±×·¨´Ù´Â °Í °°±âµµ ÇÏ°í ±â¾ïÀº Àß ¾È³ªÁö¸¸ innodb¸¦ »ç¿ëÇϱâ À§ÇØ ÀÌ·±½ÄÀ¸·Î ¼³Ä¡Çß´ø ±â¾ïÀÌ ÀÖ½À´Ï´Ù.
make make install
cp support-files/my-large.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R root.mysql /usr/local/mysql chown -R mysql /usr/local/mysql/var
vi ~/.bash_profile PATH=$PATH:$HOME/bin:/usr/local/mysql/bin
source ~/.bash_profile
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
/etc/init.d/mysqld start
/usr/local/mysql/bin/mysqladmin -u root password gong2004pass
/usr/local/mysql/bin/mysqladmin -u root -p reload
# # httpd #
./configure --prefix=/usr/local/apache --enable-mods-shared=all --enable-so --enable-rewrite --enable-ssl
# ssl È®ÀÎ # rpm -qa | grep openssl
# ¼³Ä¡ ÈÄ /usr/local/apache/modules ¾Æ·¡ mod_ssl.so ÆÄÀÏ È®ÀÎ(ÀÖÀ¸¸é µ¿ÀûÀ¸·Î ¸µÅ©µÈ°ÍÀÓ, Á¤Àû¸µÅ© È®ÀÎ httpd -l)
# # ¼³Ä¡ ÈÄ httpd.conf È®ÀÎ LoadModule ssl_module modules/mod_ssl.so
# ¼³Ä¡ ÈÄ httpd.conf È®ÀÎ #
SSLRandomSeed startup builtin SSLRandomSeed connect builtin
make make install
# cp /usr/local/apache/bin/apachectl /etc/init.d/httpd chkconfig µî·Ï½Ã ½ºÅ©¸³Æ® ¼öÁ¤ÇØ¾ß ÇϹǷΠ¾Æ·¡¿Í °°ÀÌ Àû¿ë
echo "/usr/local/apache/bin/apachectr start" >> /etc/rc.d/rc.local
# # vi /usr/local/apache/conf/httpd.conf #
User nobody Group nobody
ServerName 127.0.0.1
#Include conf/extra/httpd-mpm.conf //ÁÖ¼®Á¦°Å #Include conf/extra/httpd-languages.conf//ÁÖ¼®Á¦°Å #Include conf/extra/httpd-userdir.conf //»ç¿ëÀÚ °èÁ¤À» ÀÌ¿ëÇÑ´Ù¸é ÁÖ¼®Á¦°Å #Include conf/extra/httpd-vhosts.conf //°¡»óÈ£½ºÆ®¸¦ ÀÌ¿ëÇÑ´Ù¸é ÁÖ¼®Á¦°Å #Include conf/extra/httpd-default.conf //ÁÖ¼®Á¦°Å
# # vi /usr/local/apache/conf/extra/httpd-languages.conf # DefaultLanguage ko LanguagePriority ko en ca cs da de el eo es et fr he hr it ja ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
# # vi /usr/local/apache/conf/extra/httpd-vhosts.conf # ServerAdmin nig0412@nate.com DocumentRoot "/home/hsinfo/public_html" ServerName houseinfo.co.kr #ServerAlias www.houseinfo.co.kr ErrorLog logs/houseinfo-error_log CustomLog logs/houseinfo-access_log combined env=!NotLog CustomLog logs/houseinfo-robot_log robot env=RobotLog SetHandler server-status Order deny,allow Deny from all Allow from 59.22.226.0/24 118.39.20.0/24
# # extra/httpd-userdir.conf # UserDir public_html www
AllowOverride FileInfo AuthConfig Limit Options MultiViews SymLinksIfOwnerMatch IncludesNoExec Order allow,deny Allow from all Order deny,allow Deny from all
AllowOverride FileInfo AuthConfig Limit Options MultiViews SymLinksIfOwnerMatch IncludesNoExec Order allow,deny Allow from all Order deny,allow Deny from all
# # Apache °øÀ¯¶óÀ̺귯¸®¿¡ Ãß°¡ # echo "/usr/local/apache/lib" >> /etc/ld.so.conf echo "/usr/local/apache/module" >> /etc/ld.so.conf ldconfig
# # PHP 5.2.11 # 5.3 ¹öÁ¯Àº ¾ÆÁ÷ zend°¡ Áö¿øÇÏÁö¸¦ ¾ÊÀ½. ÇöÀç zend 3.3.9 #
yum -y install gd gd-devel libjpeg libjpeg-devel libpng libpng-devel libmcrypt libmcrypt-devel
./configure --prefix=/usr/local/php --with-apxs2=/usr/local/apache/bin/apxs --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-config-file-path=/usr/local/apache/conf --disable-debug --enable-safe-mode --enable-sockets --enable-sysvsem=yes --enable-sysvshm=yes --enable-ftp --enable-magic-quotes --enable-gd-native-ttf --enable-bcmath --with-zlib --with-jpeg-dir=/usr --with-png-dir=/usr/lib --with-freetype-dir=/usr --with-libxml-dir=/usr --enable-exif --with-gd --with-gettext --enable-sigchild --enable-mbstring --with-ttf --with-mcrypt --with-openss
--enable-pdo --with-pdo-mysql=/usr/local/mysql
¾Æ·¡ ¿É¼Ç Áö¿ø ¾ÈµÇ´Âµí... --enable-track-vars --enable-url-includes --enable-trans-id --enable-inline-iptimization --with-jpeg --with-png --with-ttf
# # error # /usr/bin/ld: cannot find -lltdl collect2: ld returned 1 exit status make: *** [libphp5.la] ¿À·ù 1
# # ÇØ°á # yum install libtool-ltdl-devel
make make install
cp php.ini-dist /usr/local/apache/conf/php.ini
ln -s /usr/local/php/bin/php /bin/php ln -s /usr/local/php/bin/php-config /usr/local/bin/php-config ln -s /usr/local/php/bin/phpize /usr/local/bin/phpize ln -s /usr/local/php/bin/pecl /usr/local/bin/pecl
# # phpinfo ¾È¶ã°æ¿ì, php°¡ ÀνĵÇÁö ¾ÊÀ» °æ¿ì #
# vi php.ini short_open_tag = On
# # SELinux #
Ȩµð·ºÅ丮 ¹®¸Æ º¯°æ
chcon -R -t httpd_sys_content_t /home/hsinfo/public_html chcon -R -h -t httpd_sys_content_t /home/hsinfo
# # SELinux, iptables # setup - ¹æȺ® dns ftp www(http)
setup ¿¡¼ ¹æȺ® ¼³Á¤ º¯°æ½Ã /etc/sysconfig/iptables ¼³Á¤ º¯°æ ±âÁ¸ µ¥¸óµéÀÇ Port º¯°æ½Ã À¯ÀÇÇÒ°Í.
setsebool -P ftpd_disable_trans 1 //enable uploading into ftp
SELinux »ç¿ë½Ã setsebool ÀÌ¿ëÇÏ¿© FTPÁ¢¼Ó ÇÒ¶§ µð·ºÅ丮¿¡ Á¢±Ù ÇÒ ¼ö ÀÖµµ·Ï º¯°æ setsebool -P ftp_home_dir=1
SELinux¿¡ ¾Æ¿¹ FTP Àû¿ë ¾ÈÇÔ //enable uploading into apache setsebool -P ftpd_disable_trans 1
# SELinux enable, disable setenforce 0 //disable setenforce 1 //enable
# # SELinux # Apache¿¡¼ PHP °øÀ¯¶óÀÌÀ̺귯¸® Á¢±Ù # libphp5.so Error ¹ß»ý #
restorecon -v /usr/local/apache/modules/libphp5.so chcon -t texrel_shlib_t /usr/local/apache/modules/libphp5.so
# # Apache¿¡ PHP ¿¬°á #
vi /usr/local/apache/conf/httpd.conf
AddType application/x-httpd-php .php .html .htm AddType application/x-httpd-php-source .phps
# # Apache index.htm index.php Ãß°¡ #
vi /usr/local/apache/conf/httpd.conf
DirectoryIndex index.html index.htm index.php
# # Apache ·Î±× ÆÄÀÏ Çü½Ä º¯°æ #
#LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined #LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "[%v] %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined LogFormat "[%v] %h %l %u %t "%r" %>s %b" common LogFormat "[%v] %h %l %u %t "%r" %>s %b "%{User-Agent}i"" robot LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent
SetEnvIfNoCase Request_URI ".(gif|jpg|png|thumb|swf|ico|css|js)$" NotLog
## ·Îº¿µéÀÇ È¯°æº¯¼ö ÁöÁ¤ ## BrowserMatchNoCase "ru-robot" NotLog RobotLog BrowserMatchNoCase "Slurp/si" NotLog RobotLog BrowserMatchNoCase "Mercator" NotLog RobotLog BrowserMatchNoCase "Gulliver" NotLog RobotLog BrowserMatchNoCase "SyncIT/" NotLog RobotLog BrowserMatchNoCase "FAST-WebCrawler" NotLog RobotLog BrowserMatchNoCase "Lycos_Spider" NotLog RobotLog BrowserMatchNoCase "^ia_archive" NotLog RobotLog BrowserMatchNoCase "^tv" NotLog RobotLog BrowserMatchNoCase "Scooter" NotLog RobotLog BrowserMatchNoCase "ZyBorg/" NotLog RobotLog BrowserMatchNoCase "KIT-Fireball" NotLog RobotLog BrowserMatchNoCase "Googlebot/" NotLog RobotLog BrowserMatchNoCase "DIIbot/" NotLog RobotLog BrowserMatchNoCase "teoma_agent3" NotLog RobotLog BrowserMatchNoCase "empas_robot" NotLog RobotLog
#CustomLog "logs/access_log" common CustomLog /usr/local/apache/logs/access_log combined env=!NotLog CustomLog /usr/local/apache/logs/robot_log robot env=RobotLog
# # method Á¢±Ù Á¦ÇÑ #
Allow from all
/usr/local/apache/bin/apachectl restart
# # ZendOptimizer-3.3.9 # cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/php/lib/
vi /usr/local/apache/conf/php.ini [Zend] zend_optimizer.version=3.3.9 zend_extension=/usr/local/php/lib/ZendOptimizer.so
/usr/local/apache/bin/apachectl start php -v
# # mssql #
cd php-5.2.11/ext/mssql
/usr/local/php/bin/phpize
./configure --with-mssql --with-php-config=/usr/local/php/bin/php-config
configure: error: Cannot find FreeTDS in known installation directories yum -y install freetds-devel
make
make install Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/
vi /usr/local/apache/conf/php.ini extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/" extension = mssql.so
# # vi /usr/local/apache/conf/php.ini # register_globals = On default_socket_timeout = 600 post_max_size = 200M memory_limit = 20M upload_max_filesize = 200M
# # Error # SAFE MODE Restriction in effect. php.ini safe_mode = Off
# # dbro ¼³Ä¡ #
yum -y install java-1.6.0
java -jar dbro.jar ./dbro.conf &
# cat /etc/passwd | grep ftp useradd -d /var/ftp ftp
chown root.root /var/ftp chmod og-w /var/ftp
make
make install
cp vsftpd.conf /etc
cp RedHat/vsftpd.pam /etc/pam.d/ftp
vi /etc/pam.d/ftp
/etc/ftpusersÆÄÀÏ¿¡ Á¸ÀçÇÏ´ÂID´Â Á¢¼ÓÇÒ¼ö ¾ø°ÔµÈ´Ù.(sense=deny)
#%PAM-1.0 auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed auth required /lib/security/pam_unix.so shadow nullok auth required /lib/security/pam_shells.so account required /lib/security/pam_unix.so session required /lib/security/pam_unix.so
# # vi /etc/vsftpd.conf # # anonymous »ç¿ëÀÚÀÇ Á¢¼Ó Çã¿ë ¿©ºÎ (default = YES) # °ø°³µÈ ÇüÅÂÀÇ FTP ¼¹ö·Î ¿î¿µÇÒ °ÍÀÌ ¾Æ´Ï¶ó¸é NO·Î ÇÑ´Ù. anonymous_enable=NO # ·ÎÄà °èÁ¤ »ç¿ëÀÚÀÇ Á¢¼Ó Çã¿ë ¿©ºÎ (default = NO) local_enable=YES
# write ¸í·É¾î Çã¿ë ¿©ºÎ (defualt = NO) write_enable=YES # ·ÎÄà °èÁ¤ »ç¿ëÀÚ¿ë umask (default = 077) local_umask=022
# anonymous »ç¿ëÀÚ°¡ ÆÄÀÏÀ» ¾÷·Îµå ÇÒ ¼ö ÀÖ´ÂÁö ¿©ºÎ (default = NO) # anon_upload_enable=YES # anonymous »ç¿ëÀÚÀÇ µð·ºÅ丮 »ý¼º Çã¿ë ¿©ºÎ (default = NO) # anon_mkdir_write_enable=YES
# ÆÄÀÏ Àü¼Û ·Î±×¸¦ ³²±æ °ÍÀÎÁö ¿©ºÎ (default = YES) xferlog_enable=YES # xferlog Ç¥ÁØ Æ÷¸ËÀ¸·Î ·Î±×¸¦ ³²±æÁö ¿©ºÎ (±âº» ¼³Á¤ÆÄÀÏÀº YES) xferlog_std_format=YES # ÆÄÀÏ Àü¼Û ·Î±× ÆÄÀϸí xferlog_file=/var/log/vsftpd.log
# FTP ¼¹ö Á¢¼ÓÇÒ ¶§ ·Î±ä ¸Þ½ÃÁö (default = vsFTPd ¹öÀü¹øÈ£) # ftpd_banner=Welcome to blah FTP service.
# »ç¿ëÀÚÀÇ È¨µð·ºÅ丮¸¦ ¹þ¾î³ªÁö ¸øÇϵµ·Ï Á¦ÇÑÇϱâ À§ÇÑ ¼³Á¤ (default=NO) Á¦ÇÑÀÌ ÇÊ¿äÇÒ °æ¿ì YES·Î ¹Ù²Û ÈÄ Á¦ÇÑÇÒ »ç¿ëÀÚ ID¸¦ chroot_list_file= ¿¡ ¼³Á¤ÇÑ ÆÄÀÏ¿¡ÁöÁ¤ÇÑ´Ù. # chroot_local_user=
# chroot_list_enable=YES # chroot_list_file=/etc/vsftpd.chroot_list
-------------------------Ãß°¡ ¼³Á¤------------------------------------
# wtmp¿¡ ·Î±× ³²±â±â (YES·Î Çؾ߸¸ last ¸í·É¾î·Î Á¢¼Ó ¿©ºÎ È®ÀÎ °¡´É) session_support=YES
# »ç¿ëÀÚ°¡ ÀÚ½ÅÀÇ home directory¸¦ ¹þ¾î³ªÁö ¸øÇϵµ·Ï ¼³Á¤ chroot_local_user=YES
# »õ·Î¿î µð·ºÅ丮¿¡ µé¾î°¬À» ¶§ »Ñ·ÁÁ٠ȯ°æ ¸Þ½ÃÁö¸¦ ÀúÀåÇÑ ÆÄÀϸí # message_file=.message
# Àü¼Û¼Óµµ Á¦ÇÑ (0Àº Á¦ÇѾøÀ½, ´ÜÀ§´Â ÃÊ´ç bytes) anon_max_rate=0 local_max_rate=0 trans_chunk_size=0
# ÃÖ´ë Á¢¼Ó ¼³Á¤ (´Ü xinetd¸¦ ÅëÇÏÁö ¾Ê°í standaloneÀ¸·Î µ¿ÀÛÇÒ ¶§¸¸ »ç¿ë °¡´É) # standaloneÀ» À§Çؼ´Â listen=YES Ãß°¡ÇÏ°í º°µµ·Î vsftpd¸¦ ¶ç¿ö¾ß ÇÔ
# max_clients=ÃÖ´ë Á¢¼ÓÀÚ ¼ö, max_per_ip=IP´ç Á¢¼Ó ¼ö # max_clients=100 # max_per_ip=3
# Standalone À¸·Î ¿î¿µÇÒ ¶§ listen=YES. Æ÷Æ® º¯°æÀ» ¿øÇÒ °æ¿ì listen_port ¼³Á¤ # µðÆúÆ® Æ÷Æ®´Â 21¹ø Æ÷Æ®ÀÌ´Ù. # listen=YES # listen_port=21
/usr/local/sbin/vsftpd &
# # ssl #
# °³ÀÎÅ° »ý¼º openssl genrsa -des3 1024 > key.pem ¾ÏÈ£ ÀÔ·Â
# °ø°³Å° »ý¼º openssl req -new -key key.pem -out csr.pem
Enter pass phrase for key.pem: ¾ÏÈ£ ÀÔ·Â You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [GB]:KR State or Province Name (full name) [Berkshire]:Gyeongsangnam-do Locality Name (eg, city) [Newbury]:Changwon-si Organization Name (eg, company) [My Company Ltd]:TTLSoft Organizational Unit Name (eg, section) []:SoftWare Common Name (eg, your name or your server's hostname) []:www.tolinux.net Email Address []:
Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: An optional company name []:
# # ¾ÆÆÄÄ¡ Àç±âµ¿½Ã ¾ÏÈ£ ¾È¹°¾îº¸°Ô #
vi /usr/local/apache/openssl/keypw.sh #!/bin/bash echo "¾ÏÈ£¹®ÀÚ¿"
vi /usr/local/apache/conf/extra/httpd-ssl.conf SSLPassPhraseDialog exec:/usr/local/apache/openssl/keypw.sh
|