|
#
# ÇѱÛ
# vi /etc/sysconfig/i18n
LANG="ko_KR.eucKR"
SUPPORTED="en_US.UTF-8:en_US:en:ko_KR.eucKR:ko_KR:ko"
SYSFONT="lat0-sun16"
SYSFONTACM="8859-15"
Fedora release 9 (Sulphur)
#
# time ¼³Á¤
#
rdate -s time.bora.net
clock -w
#
# mysql
#
useradd -M -s /bin/false mysql
./configure --prefix=/usr/local/mysql --with-charset=utf8 --with-extra-charsets=all
--prefix: ±âº» ¼³Ä¡ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù
--localstatedir: µ¥ÀÌÅ͸¦ ÀúÀåÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù
--sysconfdir: ȯ°æ¼³Á¤ÆÄÀÏ "my.cnf"°¡ À§Ä¡ÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù
--with-unix-socket-path: ¼ÒÄÏÆÄÀÏÀÌ À§Ä¡ÇÒ °æ·Î¸¦ ÁöÁ¤ÇÕ´Ï´Ù
--with-mysqld-user: °ü¸®°èÁ¤À» ¼³Á¤ÇÕ´Ï´Ù. À§¿¡¼ "mysql"°èÁ¤À» ¸¸µé¾î µÎ¾ú½À´Ï´Ù.
--with-charset: ±âº» ¹®ÀÚ¼ÂÀ» ¼³Á¤ÇÕ´Ï´Ù. ÇÑ±Û ¹®ÀÚ¼ÂÀ» ¼³Á¤ÇϽ÷Á¸é euckr·Î ¼³Á¤ÇÏ½Ã¸é µË´Ï´Ù.
--with-extra-charsets: ±âº» ¹®Á¦¼Â ¿Ü¿¡ ¼³Ä¡ÇÒ ¹®ÀÚ¼ÂÀ» ³ª¿ÇÕ´Ï´Ù. ¿¹)--with-extra-charsets=utf8,euckr
--with-plugins: ¼³Ä¡ÇÒ Ç÷¯±×ÀÎ ¸ñ·ÏÀ» ³ª¿ÇÕ´Ï´Ù. 5¹öÁ¯´ë Ãʹݿ¡´Â ±×·¯Áö ¾Ê¾Ò´ø °Í °°Àºµ¥ ¶óÀ̼¾½º ¶§¹®¿¡ ±×·¨´Ù´Â °Í °°±âµµ ÇÏ°í ±â¾ïÀº Àß ¾È³ªÁö¸¸ innodb¸¦ »ç¿ëÇϱâ À§ÇØ ÀÌ·±½ÄÀ¸·Î ¼³Ä¡Çß´ø ±â¾ïÀÌ ÀÖ½À´Ï´Ù.
make
make install
cp support-files/my-large.cnf /etc/my.cnf
/usr/local/mysql/bin/mysql_install_db --user=mysql
chown -R root.mysql /usr/local/mysql
chown -R mysql /usr/local/mysql/var
vi ~/.bash_profile
PATH=$PATH:$HOME/bin:/usr/local/mysql/bin
source ~/.bash_profile
cp /usr/local/mysql/share/mysql/mysql.server /etc/init.d/mysqld
chkconfig --add mysqld
/etc/init.d/mysqld start
/usr/local/mysql/bin/mysqladmin -u root password gong2004pass
/usr/local/mysql/bin/mysqladmin -u root -p reload
#
# httpd
#
./configure
--prefix=/usr/local/apache
--enable-mods-shared=all
--enable-so
--enable-rewrite
--enable-ssl
# ssl È®ÀÎ
# rpm -qa | grep openssl
# ¼³Ä¡ ÈÄ /usr/local/apache/modules ¾Æ·¡ mod_ssl.so ÆÄÀÏ È®ÀÎ(ÀÖÀ¸¸é µ¿ÀûÀ¸·Î ¸µÅ©µÈ°ÍÀÓ, Á¤Àû¸µÅ© È®ÀÎ httpd -l)
#
# ¼³Ä¡ ÈÄ httpd.conf È®ÀÎ
LoadModule ssl_module modules/mod_ssl.so
# ¼³Ä¡ ÈÄ httpd.conf È®ÀÎ
#
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
make
make install
# cp /usr/local/apache/bin/apachectl /etc/init.d/httpd
chkconfig µî·Ï½Ã ½ºÅ©¸³Æ® ¼öÁ¤ÇØ¾ß ÇϹǷΠ¾Æ·¡¿Í °°ÀÌ Àû¿ë
echo "/usr/local/apache/bin/apachectr start" >> /etc/rc.d/rc.local
#
# vi /usr/local/apache/conf/httpd.conf
#
User nobody
Group nobody
ServerName 127.0.0.1
#Include conf/extra/httpd-mpm.conf //ÁÖ¼®Á¦°Å
#Include conf/extra/httpd-languages.conf//ÁÖ¼®Á¦°Å
#Include conf/extra/httpd-userdir.conf //»ç¿ëÀÚ °èÁ¤À» ÀÌ¿ëÇÑ´Ù¸é ÁÖ¼®Á¦°Å
#Include conf/extra/httpd-vhosts.conf //°¡»óÈ£½ºÆ®¸¦ ÀÌ¿ëÇÑ´Ù¸é ÁÖ¼®Á¦°Å
#Include conf/extra/httpd-default.conf //ÁÖ¼®Á¦°Å
#
# vi /usr/local/apache/conf/extra/httpd-languages.conf
#
DefaultLanguage ko
LanguagePriority ko en ca cs da de el eo es et fr he hr it ja ltz nl nn no pl pt pt-BR ru sv tr zh-CN zh-TW
# # vi /usr/local/apache/conf/extra/httpd-vhosts.conf #
ServerAdmin nig0412@nate.com
DocumentRoot "/home/hsinfo/public_html"
ServerName houseinfo.co.kr
#ServerAlias www.houseinfo.co.kr
ErrorLog logs/houseinfo-error_log
CustomLog logs/houseinfo-access_log combined env=!NotLog
CustomLog logs/houseinfo-robot_log robot env=RobotLog
SetHandler server-status
Order deny,allow
Deny from all
Allow from 59.22.226.0/24 118.39.20.0/24
#
# extra/httpd-userdir.conf
#
UserDir public_html www
AllowOverride FileInfo AuthConfig Limit
Options MultiViews SymLinksIfOwnerMatch IncludesNoExec
Order allow,deny
Allow from all
Order deny,allow
Deny from all
AllowOverride FileInfo AuthConfig Limit
Options MultiViews SymLinksIfOwnerMatch IncludesNoExec
Order allow,deny
Allow from all
Order deny,allow
Deny from all
#
# Apache °øÀ¯¶óÀ̺귯¸®¿¡ Ãß°¡
#
echo "/usr/local/apache/lib" >> /etc/ld.so.conf
echo "/usr/local/apache/module" >> /etc/ld.so.conf
ldconfig
#
# PHP 5.2.11
# 5.3 ¹öÁ¯Àº ¾ÆÁ÷ zend°¡ Áö¿øÇÏÁö¸¦ ¾ÊÀ½. ÇöÀç zend 3.3.9
#
yum -y install gd gd-devel libjpeg libjpeg-devel libpng libpng-devel libmcrypt libmcrypt-devel
./configure
--prefix=/usr/local/php
--with-apxs2=/usr/local/apache/bin/apxs
--with-mysql=/usr/local/mysql
--with-mysqli=/usr/local/mysql/bin/mysql_config
--with-config-file-path=/usr/local/apache/conf
--disable-debug
--enable-safe-mode
--enable-sockets
--enable-sysvsem=yes
--enable-sysvshm=yes
--enable-ftp
--enable-magic-quotes
--enable-gd-native-ttf
--enable-bcmath
--with-zlib
--with-jpeg-dir=/usr
--with-png-dir=/usr/lib
--with-freetype-dir=/usr
--with-libxml-dir=/usr
--enable-exif
--with-gd
--with-gettext
--enable-sigchild
--enable-mbstring
--with-ttf
--with-mcrypt
--with-openss
--enable-pdo
--with-pdo-mysql=/usr/local/mysql
¾Æ·¡ ¿É¼Ç Áö¿ø ¾ÈµÇ´Âµí...
--enable-track-vars
--enable-url-includes
--enable-trans-id
--enable-inline-iptimization
--with-jpeg
--with-png
--with-ttf
#
# error
#
/usr/bin/ld: cannot find -lltdl
collect2: ld returned 1 exit status
make: *** [libphp5.la] ¿À·ù 1
#
# ÇØ°á
#
yum install libtool-ltdl-devel
make
make install
cp php.ini-dist /usr/local/apache/conf/php.ini
ln -s /usr/local/php/bin/php /bin/php
ln -s /usr/local/php/bin/php-config /usr/local/bin/php-config
ln -s /usr/local/php/bin/phpize /usr/local/bin/phpize
ln -s /usr/local/php/bin/pecl /usr/local/bin/pecl
#
# phpinfo ¾È¶ã°æ¿ì, php°¡ ÀνĵÇÁö ¾ÊÀ» °æ¿ì
#
# vi php.ini
short_open_tag = On
#
# SELinux
#
Ȩµð·ºÅ丮 ¹®¸Æ º¯°æ
chcon -R -t httpd_sys_content_t /home/hsinfo/public_html
chcon -R -h -t httpd_sys_content_t /home/hsinfo
#
# SELinux, iptables
#
setup - ¹æȺ®
dns
ftp
www(http)
setup ¿¡¼ ¹æȺ® ¼³Á¤ º¯°æ½Ã /etc/sysconfig/iptables ¼³Á¤ º¯°æ
±âÁ¸ µ¥¸óµéÀÇ Port º¯°æ½Ã À¯ÀÇÇÒ°Í.
setsebool -P ftpd_disable_trans 1 //enable uploading into ftp
SELinux »ç¿ë½Ã setsebool ÀÌ¿ëÇÏ¿© FTPÁ¢¼Ó ÇÒ¶§ µð·ºÅ丮¿¡ Á¢±Ù ÇÒ ¼ö ÀÖµµ·Ï º¯°æ
setsebool -P ftp_home_dir=1
SELinux¿¡ ¾Æ¿¹ FTP Àû¿ë ¾ÈÇÔ
//enable uploading into apache
setsebool -P ftpd_disable_trans 1
# SELinux enable, disable
setenforce 0 //disable
setenforce 1 //enable
#
# SELinux
# Apache¿¡¼ PHP °øÀ¯¶óÀÌÀ̺귯¸® Á¢±Ù
# libphp5.so Error ¹ß»ý
#
restorecon -v /usr/local/apache/modules/libphp5.so
chcon -t texrel_shlib_t /usr/local/apache/modules/libphp5.so
#
# Apache¿¡ PHP ¿¬°á
#
vi /usr/local/apache/conf/httpd.conf
AddType application/x-httpd-php .php .html .htm
AddType application/x-httpd-php-source .phps
#
# Apache index.htm index.php Ãß°¡
#
vi /usr/local/apache/conf/httpd.conf
DirectoryIndex index.html index.htm index.php
#
# Apache ·Î±× ÆÄÀÏ Çü½Ä º¯°æ
#
#LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
#LogFormat "%h %l %u %t "%r" %>s %b" common
LogFormat "[%v] %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
LogFormat "[%v] %h %l %u %t "%r" %>s %b" common
LogFormat "[%v] %h %l %u %t "%r" %>s %b "%{User-Agent}i"" robot
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
SetEnvIfNoCase Request_URI ".(gif|jpg|png|thumb|swf|ico|css|js)$" NotLog
## ·Îº¿µéÀÇ È¯°æº¯¼ö ÁöÁ¤
##
BrowserMatchNoCase "ru-robot" NotLog RobotLog
BrowserMatchNoCase "Slurp/si" NotLog RobotLog
BrowserMatchNoCase "Mercator" NotLog RobotLog
BrowserMatchNoCase "Gulliver" NotLog RobotLog
BrowserMatchNoCase "SyncIT/" NotLog RobotLog
BrowserMatchNoCase "FAST-WebCrawler" NotLog RobotLog
BrowserMatchNoCase "Lycos_Spider" NotLog RobotLog
BrowserMatchNoCase "^ia_archive" NotLog RobotLog
BrowserMatchNoCase "^tv" NotLog RobotLog
BrowserMatchNoCase "Scooter" NotLog RobotLog
BrowserMatchNoCase "ZyBorg/" NotLog RobotLog
BrowserMatchNoCase "KIT-Fireball" NotLog RobotLog
BrowserMatchNoCase "Googlebot/" NotLog RobotLog
BrowserMatchNoCase "DIIbot/" NotLog RobotLog
BrowserMatchNoCase "teoma_agent3" NotLog RobotLog
BrowserMatchNoCase "empas_robot" NotLog RobotLog
#CustomLog "logs/access_log" common
CustomLog /usr/local/apache/logs/access_log combined env=!NotLog
CustomLog /usr/local/apache/logs/robot_log robot env=RobotLog
#
# method Á¢±Ù Á¦ÇÑ
#
Allow from all
/usr/local/apache/bin/apachectl restart
#
# ZendOptimizer-3.3.9
#
cp ZendOptimizer-3.3.9-linux-glibc23-i386/data/5_2_x_comp/ZendOptimizer.so /usr/local/php/lib/
vi /usr/local/apache/conf/php.ini
[Zend]
zend_optimizer.version=3.3.9
zend_extension=/usr/local/php/lib/ZendOptimizer.so
/usr/local/apache/bin/apachectl start
php -v
#
# mssql
#
cd php-5.2.11/ext/mssql
/usr/local/php/bin/phpize
./configure --with-mssql --with-php-config=/usr/local/php/bin/php-config
configure: error: Cannot find FreeTDS in known installation directories
yum -y install freetds-devel
make
make install
Installing shared extensions: /usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/
vi /usr/local/apache/conf/php.ini
extension_dir = "/usr/local/php/lib/php/extensions/no-debug-non-zts-20060613/"
extension = mssql.so
#
# vi /usr/local/apache/conf/php.ini
#
register_globals = On
default_socket_timeout = 600
post_max_size = 200M
memory_limit = 20M
upload_max_filesize = 200M
#
# Error
#
SAFE MODE Restriction in effect.
php.ini
safe_mode = Off
#
# dbro ¼³Ä¡
#
yum -y install java-1.6.0
java -jar dbro.jar ./dbro.conf &
# cat /etc/passwd | grep ftp
useradd -d /var/ftp ftp
chown root.root /var/ftp
chmod og-w /var/ftp
make
make install
cp vsftpd.conf /etc
cp RedHat/vsftpd.pam /etc/pam.d/ftp
vi /etc/pam.d/ftp
/etc/ftpusersÆÄÀÏ¿¡ Á¸ÀçÇÏ´ÂID´Â Á¢¼ÓÇÒ¼ö ¾ø°ÔµÈ´Ù.(sense=deny)
#%PAM-1.0
auth required /lib/security/pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
auth required /lib/security/pam_unix.so shadow nullok
auth required /lib/security/pam_shells.so
account required /lib/security/pam_unix.so
session required /lib/security/pam_unix.so
#
# vi /etc/vsftpd.conf
#
# anonymous »ç¿ëÀÚÀÇ Á¢¼Ó Çã¿ë ¿©ºÎ (default = YES)
# °ø°³µÈ ÇüÅÂÀÇ FTP ¼¹ö·Î ¿î¿µÇÒ °ÍÀÌ ¾Æ´Ï¶ó¸é NO·Î ÇÑ´Ù.
anonymous_enable=NO
# ·ÎÄà °èÁ¤ »ç¿ëÀÚÀÇ Á¢¼Ó Çã¿ë ¿©ºÎ (default = NO)
local_enable=YES
# write ¸í·É¾î Çã¿ë ¿©ºÎ (defualt = NO)
write_enable=YES
# ·ÎÄà °èÁ¤ »ç¿ëÀÚ¿ë umask (default = 077)
local_umask=022
# anonymous »ç¿ëÀÚ°¡ ÆÄÀÏÀ» ¾÷·Îµå ÇÒ ¼ö ÀÖ´ÂÁö ¿©ºÎ (default = NO)
# anon_upload_enable=YES
# anonymous »ç¿ëÀÚÀÇ µð·ºÅ丮 »ý¼º Çã¿ë ¿©ºÎ (default = NO)
# anon_mkdir_write_enable=YES
# ÆÄÀÏ Àü¼Û ·Î±×¸¦ ³²±æ °ÍÀÎÁö ¿©ºÎ (default = YES)
xferlog_enable=YES
# xferlog Ç¥ÁØ Æ÷¸ËÀ¸·Î ·Î±×¸¦ ³²±æÁö ¿©ºÎ (±âº» ¼³Á¤ÆÄÀÏÀº YES)
xferlog_std_format=YES
# ÆÄÀÏ Àü¼Û ·Î±× ÆÄÀϸí
xferlog_file=/var/log/vsftpd.log
# FTP ¼¹ö Á¢¼ÓÇÒ ¶§ ·Î±ä ¸Þ½ÃÁö (default = vsFTPd ¹öÀü¹øÈ£)
# ftpd_banner=Welcome to blah FTP service.
# »ç¿ëÀÚÀÇ È¨µð·ºÅ丮¸¦ ¹þ¾î³ªÁö ¸øÇϵµ·Ï Á¦ÇÑÇϱâ À§ÇÑ ¼³Á¤ (default=NO)
Á¦ÇÑÀÌ ÇÊ¿äÇÒ °æ¿ì YES·Î ¹Ù²Û ÈÄ Á¦ÇÑÇÒ »ç¿ëÀÚ ID¸¦ chroot_list_file= ¿¡ ¼³Á¤ÇÑ ÆÄÀÏ¿¡ÁöÁ¤ÇÑ´Ù.
# chroot_local_user=
# chroot_list_enable=YES
# chroot_list_file=/etc/vsftpd.chroot_list
-------------------------Ãß°¡ ¼³Á¤------------------------------------
# wtmp¿¡ ·Î±× ³²±â±â (YES·Î Çؾ߸¸ last ¸í·É¾î·Î Á¢¼Ó ¿©ºÎ È®ÀÎ °¡´É)
session_support=YES
# »ç¿ëÀÚ°¡ ÀÚ½ÅÀÇ home directory¸¦ ¹þ¾î³ªÁö ¸øÇϵµ·Ï ¼³Á¤
chroot_local_user=YES
# »õ·Î¿î µð·ºÅ丮¿¡ µé¾î°¬À» ¶§ »Ñ·ÁÁ٠ȯ°æ ¸Þ½ÃÁö¸¦ ÀúÀåÇÑ ÆÄÀϸí
# message_file=.message
# Àü¼Û¼Óµµ Á¦ÇÑ (0Àº Á¦ÇѾøÀ½, ´ÜÀ§´Â ÃÊ´ç bytes)
anon_max_rate=0
local_max_rate=0
trans_chunk_size=0
# ÃÖ´ë Á¢¼Ó ¼³Á¤ (´Ü xinetd¸¦ ÅëÇÏÁö ¾Ê°í standaloneÀ¸·Î µ¿ÀÛÇÒ ¶§¸¸ »ç¿ë °¡´É)
# standaloneÀ» À§Çؼ´Â listen=YES Ãß°¡ÇÏ°í º°µµ·Î vsftpd¸¦ ¶ç¿ö¾ß ÇÔ
# max_clients=ÃÖ´ë Á¢¼ÓÀÚ ¼ö, max_per_ip=IP´ç Á¢¼Ó ¼ö
# max_clients=100
# max_per_ip=3
# Standalone À¸·Î ¿î¿µÇÒ ¶§ listen=YES. Æ÷Æ® º¯°æÀ» ¿øÇÒ °æ¿ì listen_port ¼³Á¤
# µðÆúÆ® Æ÷Æ®´Â 21¹ø Æ÷Æ®ÀÌ´Ù.
# listen=YES
# listen_port=21
/usr/local/sbin/vsftpd &
#
# ssl
#
# °³ÀÎÅ° »ý¼º
openssl genrsa -des3 1024 > key.pem
¾ÏÈ£ ÀÔ·Â
# °ø°³Å° »ý¼º
openssl req -new -key key.pem -out csr.pem
Enter pass phrase for key.pem: ¾ÏÈ£ ÀÔ·Â
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [GB]:KR
State or Province Name (full name) [Berkshire]:Gyeongsangnam-do
Locality Name (eg, city) [Newbury]:Changwon-si
Organization Name (eg, company) [My Company Ltd]:TTLSoft
Organizational Unit Name (eg, section) []:SoftWare
Common Name (eg, your name or your server's hostname) []:www.tolinux.net
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
#
# ¾ÆÆÄÄ¡ Àç±âµ¿½Ã ¾ÏÈ£ ¾È¹°¾îº¸°Ô
#
vi /usr/local/apache/openssl/keypw.sh
#!/bin/bash
echo "¾ÏÈ£¹®ÀÚ¿"
vi /usr/local/apache/conf/extra/httpd-ssl.conf
SSLPassPhraseDialog exec:/usr/local/apache/openssl/keypw.sh
|
