8/14/2019 Slide Linux2 2013 v4

1/119

Qun tr Linuxnng cao

nguyennhuhoa06@yahoo.com

Thng 9/2013

1

mailto:nguyennhuhoa06@yahoo.commailto:nguyennhuhoa06@yahoo.com

8/14/2019 Slide Linux2 2013 v4

2/119

Ni dung chng trnh

Mc tiu mn hcMn hc cung cp kin thc c bn vci t v cu hnh cc dch v mng trn

Linux

Thi lng L thuyt : 30 tit

Thc hnh : 60 tit

2

8/14/2019 Slide Linux2 2013 v4

3/119

Ni dung chng trnh

TT Ni dung chng trnhPhn b thi gian

Ghi chLT TH T hc

1 Cu hnh TCP/IP 3 6

2 Thit lp dch v DHCP 3 6

3 Thit lp dch v DNS 3 6

4 Dch v Web 3 6

5 NFS 3 6 KTGK

6 Samba 3 6

7 NIS 3 6

8 Xinetd v remote access 3 6

9 Thit lp firewall 3 6

10 n tp 3 6 KTCK

Tng s 30 603

8/14/2019 Slide Linux2 2013 v4

4/119

Kim tra nh gi

Cac bai kim tra : 1 Bi kim tra thc hnh gia k (20%)

im t ( theo qui ch )

Thi kt thc mn (thc hnh) (60%) im t ( theo qui ch )

Tiu lun

Chuy Thc hin y uvanp lab report (bai tp thc hanh)

Hc sinh khng c dthi kt thc hc phn v phi hc li nunghhc qu 20% s tit quy nh Hc sinh vng mt trong cc ln kim tra m khng c l do chnh

ng th phi nhn im 0

4

8/14/2019 Slide Linux2 2013 v4

5/119

Giao trinh

Ti liu hc tpRobb H. Tracy, Mc Graw Hill, CompTIALinux+ Certification Study Guide

Phn mm : ubuntu OS Bi tp

5

8/14/2019 Slide Linux2 2013 v4

6/119

Cu hnh TCP/IP

Cc lnh test v xem cu hnhCu hnh router

Chng 1Cu hnh TCP/IP

6

8/14/2019 Slide Linux2 2013 v4

7/119

Cu hnh TCP/IP

Cu hnh TCP/IP trn client

IP addresses

Hostname Name servers

Routing (default gateway)

77

8/14/2019 Slide Linux2 2013 v4

8/119

Cu hnh ip address

Cc Interfaces

Hai cch thit lp cu hnh cho interfaces

IP tnh

dng file cu hnh hoc lnh ifconfig

IP ng dng dch v DHCP Tn ti mt DHCP server

dng file cu hnh

8

8/14/2019 Slide Linux2 2013 v4

9/119

Cu hnh ip address

S dng file cu hnh/etc/network/interfaces Vd1 : thit lp cu hnh cp IP ng (DHCP) cho

interface eth0

Vd 2 : thit lp cu hnh cp IP tnh cho interface eth0

Lu : thit lp trong filecu hnh interfaces c hiu lc ,cn tt/bt interface bng lnhifdown / ifup hoc khi ng lidch v mng/etc/init.d/networking restart

(*) man interfaces9

9

8/14/2019 Slide Linux2 2013 v4

10/119

Cu hnh ip address

Cu hnh network interface s dng lnh ifconfig (*)

ifconfig eth0 192.168.1.1/24

ifconfig eth0 192.168.1.1 netmask 255.255.255.0

Xa b cu hnh hin ti ca interface//xa cu hnh hin ti trn interface eth0ip addr flush eth0

// tt/bt driver tng ng vi interface

ifconfig eth0 downifconfig eth0 up

Hoc : ifdown eth0ifup eth0

(*) man ifconfig 1010

8/14/2019 Slide Linux2 2013 v4

11/119

Cu hnh ip address

Cu hnh IP aliases

Dng lnh ifconfig

ifconfig eth0:1 172.168.1.200/16

Dng file cu hnh/etc/network/interfaces

1111

8/14/2019 Slide Linux2 2013 v4

12/119

Cu hnh routing

Cu hnh routing default gateway

Dng lnh route

route add default gw x.x.x.x

Dng file cu hnh (permanent static routes )/etc/network/interfaces

12

8/14/2019 Slide Linux2 2013 v4

13/119

hostname

t tn host Xem v gn tn host bng lnh hostname S dng file /etc/hostname gn tn host

Phn gii tn bng file hosts Khai bo thng tin v host trong file /etc/hosts

(*) Xem file /etc/host.conf : lu cc gii php phn

gii (s dng bi resolver)

1313

8/14/2019 Slide Linux2 2013 v4

14/119

Name servers

Khai bo thng tin v name servers file cu hnh /etc/resolv.conf lu thng tin name

servers

nameserver 192.168.1.100

nameserver 8.8.8.8

C th khai bo trc tip trong file /etc/resolv.confhoc gn t thng qua file /etc/network/interfaces

1414

8/14/2019 Slide Linux2 2013 v4

15/119

Cu hnh TCP/IPTm tt

Cc lnh xem cu hnh TCP/IP

ifconfig -a

ifconfig [ifaceName]

route

hostname

file /etc/resolv.conf

15

8/14/2019 Slide Linux2 2013 v4

16/119

Cu hnh TCP/IPTm tt

Cc file cu hnh (trong ubuntu) File /etc/network/interfaces

IP addresses

Routing (default gateway)

Name servers , domain name

File /etc/hostname

Hostname

File /etc/resolv.conf

Name servers

16

8/14/2019 Slide Linux2 2013 v4

17/119

Cu hnh TCP/IPTm tt

Mt s lnh test ping

netstat

netstat -i -> displays statistics for the networknetstat -r -> display the routing table

traceroutetraceroute destination_hostname

traceroute destination_IPadddress

17

8/14/2019 Slide Linux2 2013 v4

18/119

Cu hnh router

C th cu hnh Linux system thc hinchc nng nh mt Router S dng routing table xc nh routes

S dng module ip_forward chuyn tip gi tingia cc mng

18

8/14/2019 Slide Linux2 2013 v4

19/119

Cu hnh router

Routing table

Hin th routing table

route

route -n

Cu hnh static routing table

19

8/14/2019 Slide Linux2 2013 v4

20/119

Cu hnh router

Cu hnh static routing table Dng lnh

route add | del [-net | -host] target [netmask net][gw Gw] [dev interface]

Dng file cu hnh

route addnet 192.168.0.0 netmask 255.255.255.0 dev eth3route addhost 192.168.0.10 dev eth3

route add default gw 192.168.20.100

route del default

route del net 192.168.50.0/24

route del -host 192.168.50.10

20

8/14/2019 Slide Linux2 2013 v4

21/119

Cu hnh router

IP forward

Dng lnh

echo 1 > /proc/sys/net/ipv4/ip_forward

Dng file /etc/sysctl.conf

net.ipv4.ip_forward = 1

21

8/14/2019 Slide Linux2 2013 v4

22/119

Cu hnh router

V d

22

8/14/2019 Slide Linux2 2013 v4

23/119

Chng 2

Dch v DHCP

23

8/14/2019 Slide Linux2 2013 v4

24/119

Dynamic Host Configuration Protocol lmt giao thc Gn t cc thng s cho host n c th

kt ni theo giao thc IP vi mt network Cc thng s : ip address, gateway, name servers,

domain name

Hin thc bng m hnh client-server

C ch xin v cp IP Giao tip gia server v client : dng giaothc UDP, port 67 v 68

Dch v DHCP

24

8/14/2019 Slide Linux2 2013 v4

25/119

khi nim : Boardcast query

IP address ranges (pools) for lease Lease time / renew Database Relay agent

25

8/14/2019 Slide Linux2 2013 v4

26/119

Dch v DHCP

c trng: Cc client cn cu hnh ch DHCP

DHCP server c th cp IP :Dynamic allocation : Client c cp IP trong mt range.

C thi hn xc nh. V b thu hi a chnu khngrenew.

automatic allocation: Server lu thng tin v IP cp c th u tin cp li IP ny cho client.

static allocation: Server cp IP c nh cho client da trnMAC address.

26

8/14/2019 Slide Linux2 2013 v4

27/119

27

192.168.1.0/24

192.168.1.1/24

8/14/2019 Slide Linux2 2013 v4

28/119

Dch v DHCP

Ci t v cu hnh trn dhcp server : Ci gi isc-dhcp-server

-> cung cp daemon : dhcpd

Qun l dch v : Dch v t ng khi ng khi boot (thng qua upstart

script) : /etc/init/isc-dhcp-server.conf

C th qun l bng lnh :

stop isc-dhcp-server

start isc-dhcp-server

restart | reload isc-dhcp-server

2828

8/14/2019 Slide Linux2 2013 v4

29/119

Dch v DHCP

Ci t v cu hnh trn dhcp server : file cu hnh : /etc/default/isc-dhcp-server

/etc/dhcp/dhcpd.conf

Khai bo cu hnh :

Trong file /etc/default/isc-dhcp-serverINTERFACES=eth0 eth1

Trong file /etc/dhcp/dhcpd.conf , thc hin khai bo cc gnt cho client (help: man dhcpd.conf )

2929

8/14/2019 Slide Linux2 2013 v4

30/119

The global options

The statements for the

210.1.1.0/24 network

segment

The statements for the

210.1.2.0/24 network

segment

3030

File /etc/dhcp/dhcpd.conf

8/14/2019 Slide Linux2 2013 v4

31/119

Dch v DHCP

31

8/14/2019 Slide Linux2 2013 v4

32/119

Dch v DHCP

Ci t v cu hnh trn dhcp client : ci gi isc-dhcp-client : ci

-> cung cp daemon : dhclient3 file cu hnh : /etc/dhcp/dhclient.conf

Help : man dhclient , man dhclient.conf

Xin cp IP address Dng ifdown , ifup

Dng dhclient command T ng xin cp khi system boot theo cu hnh thit lp

trong file interfaces )

3232

8/14/2019 Slide Linux2 2013 v4

33/119

Dch v DHCP

Ci t v cu hnh trn dhcp server : V d 1: cu hnh dhcp server cp cho cc client IP address trong range x.x.x.1/24 n x.x.x.10/24

Default gw

DNS server

V d 2: cu hnh dhcp server gn ip dnh ring cho1 host , cc host khc cp ip ng.

V d 3: cu hnh dhcp server gn ip cho 2 nhmclient trong cng mt subnet theo 2 address poolring bit.

3333

8/14/2019 Slide Linux2 2013 v4

34/119

Dch v DHCP

Ci t v cu hnh trn dhcp client (tt):

Vd4 : Thc hin cu hnh IP ng cho interfaceeth0. Khi ng li my , v kim tra kt qu. Giiphng IP v xin cp li.

3434

8/14/2019 Slide Linux2 2013 v4

35/119

Dch v DHCP Hng dn V d 3: cu hnh dhcp server gn ip cho 2 nhm client

trong cng mt subnet theo 2 address pool ring bit.

(1) Ti cc client :Vi nhng client thuc nhm th nht cn c nhn din bng khai

bosend dhcp-client-identifier sv1 ; => cho client th nhtsend dhcp-client-identifier sv2 ; => cho client th haisend dhcp-client-identifier sv3 ; => cho client th ba(Mi client thuc nhm th nht c cng mt tin t sv)

Khai bo ny thc hin trong file /etc/dhclient.conf, ti mi clientthuc nhm th nht

3535

8/14/2019 Slide Linux2 2013 v4

36/119

Dch v DHCP

(2)Ti dhcp server , thc hin khai bo trong file/etc/dhcpd.conf :

class sinhvien {

match if substring ( option dhcp-client-identifier, 0, 2) = sv;

}

Subnet 192.168.10.0 netmask 255.255.255.0 {

pool {

range 192.168.10.10 192.168.10.15;

allow members of sinhvien;

}

pool {

range 192.168.10.50 192.168.10.55;

deny members of sinhvien;

}

} 36 36

8/14/2019 Slide Linux2 2013 v4

37/119

8/14/2019 Slide Linux2 2013 v4

38/119

Dch v DHCPerrors

Cc li thng gp Li file cu hnh

Nhn bit nguyn nhn File /var/log/syslog

38

8/14/2019 Slide Linux2 2013 v4

39/119

8/14/2019 Slide Linux2 2013 v4

40/119

Domain Name System l h thng tn min cung cp tnphn bit trong mng internet (global) cho mt my tnh, mtdch v hay mt ti nguyn.Tn min ca mt my tnh (FQDN) : www.edu.vn Cu trc phn cps dng dch v phn gii tn min thnh a chIP

(Domain Name Service - DNS)

Domain Name Service c hin thc Thng qua mt h thng cc name server Mi name server thng cha data files v cc tn min thuc v mt

( hay nhiu) domain Giao tip gia cc name server : queries & responses

40

DNS

http://www.edu.vn/http://www.edu.vn/

8/14/2019 Slide Linux2 2013 v4

41/119

Domain Name System

Cu trc phn cp ca DNS

41

8/14/2019 Slide Linux2 2013 v4

42/119

Domain Name Service

Cc dng name server Authoritative only name server

Lu tr data files v tn min ca cc host thucmt domain

Master v slave name server

Caching only name server

Khng c data files , thc hin caching data

cu hnh default ca bind Forwarding name server

General purpose name server

42

8/14/2019 Slide Linux2 2013 v4

43/119

Domain Name Service

Qu trnh phn gii tn min

43

8/14/2019 Slide Linux2 2013 v4

44/119

Caching only name server

44

8/14/2019 Slide Linux2 2013 v4

45/119

Forward only

45

8/14/2019 Slide Linux2 2013 v4

46/119

46

Forward first

8/14/2019 Slide Linux2 2013 v4

47/119

DNSbind

Ci t v cu hnh trn DNS server Gi ci t : bind9Cung cp daemon : named

Cc file cu hnh : trong /etc/bind/named.conf : File cu hnh chnh

named.conf.options : cha cc option ton cc

named.conf.default-zones : cha cc zone defaultCc data file (db*)

47

8/14/2019 Slide Linux2 2013 v4

48/119

DNSbind

Ci t v cu hnh trn DNS server Qun l dch v :/etc/init.d/bind9 start | restart | stop | status

Mt s tool//kim tra c phpnamed-checkconf /etc/bind/named.conf

named-checkzone zone_name zone_file

//kim tra phn gii tnhostnslookup

dig

48

8/14/2019 Slide Linux2 2013 v4

49/119

49

8/14/2019 Slide Linux2 2013 v4

50/119

50

8/14/2019 Slide Linux2 2013 v4

51/119

51

8/14/2019 Slide Linux2 2013 v4

52/119

DNSbind

Cc record trong data files SOA

Tham s cho ton zone

NS Name server

A Tn -> IP

PTR IP-> tn

MX Mail server

CNAME Alias cho tn

52

8/14/2019 Slide Linux2 2013 v4

53/119

DNSbind

Ci t v cu hnh trn DNS client : Gi dnsutils cha cc tool test truy vn

ti dns server c ci t

dig nslookup

Cu hnh : Khai bo cc name server trong File

/etc/resolv.conf

53

8/14/2019 Slide Linux2 2013 v4

54/119

DNSbind

Mt s demo VD1 : ci t v cu hnh Caching DNS

server

VD2 : ci t v cu hnh Primary MasterDNS server

VD3 : cu hnh forwarding name server

VD4 (*): cu hnh phn gii phn bit internalv external

54

Hng dn VD2 :

8/14/2019 Slide Linux2 2013 v4

55/119

1 My linux server c kt ni mng => ip address192.168.1.1/24

Ci t cc gi dns server (bind9) Cu hnh:

To 1 zone (file /etc/bind/named.conf.default-

zones) To file data cho zone

=> kim tra c php cu hnh ( 2 lnh)

Start /restart dch v bind9

Test phn gii ti name server hoc client : bnglnh nslookup (dig)www.hoclinux.vn => 220.110.21.20/24

Nu li: tail /var/log/syslog 55

Hng dn VD2 :

http://www.hoclinux.vn/http://www.hoclinux.vn/

8/14/2019 Slide Linux2 2013 v4

56/119

DNSbind

Hng dn VD3 : Cc khai bo :

Forwarders {

x.x.x.x; y.y.y.y; };C th c phm vi ton cc / hay mt zone

Forward only;

Forward first;

56

8/14/2019 Slide Linux2 2013 v4

57/119

DNSbind

Hng dn VD3 (tt) options {

directory "/var/named";

forwarders {192.249.249.3; 192.249.249.1; };

};

zone "movie.edu" {type forward ;

forwarders {

138.72.10.20; 138.72.30.28; };57

8/14/2019 Slide Linux2 2013 v4

58/119

DNSbind

Hng dn VD4 : Thit lp nhn din nhm ( theo ip address ) acl

Khai bo iu kin nhn thy zone cc view

zone bt k phi thuc mt view

To cc zone file

Tham kho :

http://www.howtoforge.com/two_in_one_dns_bind9_views

http://www.cyberciti.biz/faq/linux-unix-bind9-named-configure-views/58

8/14/2019 Slide Linux2 2013 v4

59/119

59

Chng 4

Apache Web Server

8/14/2019 Slide Linux2 2013 v4

60/119

Dch v Web & giao thc HTTP

Client Web server

Web Browser(ie, firefox,

safari, opera...)

Web Server(IIS, Apache , )

Resources

(html, gif, avi, wmv, php, asp, jsp...)

request

http://www.hui.edu.vn/phongdaotao

response

60

URL (Uniform Resource Locator ) nh v mt ti nguyn trnmng internet

protocol://host:port/path_to_filename

8/14/2019 Slide Linux2 2013 v4

61/119

Dch v Web & giao thc HTTP

Trao i cc message dng text (hypertext)

C th

a thun ki

u data v cch hi

n th

61

8/14/2019 Slide Linux2 2013 v4

62/119

Apache Http Server

Lch s 1996, c pht trin bi Rob McCool thuc

University of Illinois. Sau c pht trinbi Apache Software Foundation (ASF)

c im Free and Open source , h tr nhiu OS

Hiu nng cao, n nh

Linh hot trong cu hnh v m rng

62

8/14/2019 Slide Linux2 2013 v4

63/119

Kin trc Apache Http Server

Thit k module ha Phn ct li _ the Apache Core Cung cp chc nng cn bn

Cc module _ The Apache Modules c thm vo m rng chc nng

Cc loi module Base modules Extension module

Experimental module

External module 63

8/14/2019 Slide Linux2 2013 v4

64/119

Kin trc Apache Http Server

64

8/14/2019 Slide Linux2 2013 v4

65/119

Kin trc Apache Http Server

Chc nng http basic authentication cthc hin bi cc module :

mod_auth_basic

mod_authn_file

mod_authz_user

Trong ubuntu : th mc mods-available chanhiu extension module sn sng dng Bt /tt module bng lnh a2enmod v a2dismod

65

8/14/2019 Slide Linux2 2013 v4

66/119

Kh nng x l a nhim

Kh nng x l ng thi nhiu requestmt lc. Multiprocess: To Process mi cho tng

Request. Multithread: To Thread mi cho tng

Request.

Apache cung cp 2 gi MPM (Multi-ProcessingModules)

Apache2-mpm-prefork

Apache2-mpm-worker66

8/14/2019 Slide Linux2 2013 v4

67/119

Kh nng x l a nhim

Mi kt ni (request) c phc v bi mt process

S lng ti a cc kt ni c phc v ng thi ( MaxClients)

S lng ti a request c phc v bi mt process (MaxRequestPerChild)

S lng process to ra lc start up ( StartServers)

S lng ti thiu/ti a process sn sng phc v

67

8/14/2019 Slide Linux2 2013 v4

68/119

Kh nng x l a nhim

Start Servers

68

8/14/2019 Slide Linux2 2013 v4

69/119

Ci t Apache Web server

Cc gi ci t Apache2.2_common : ci t cc script cu

hnh v support

Apache2.2-bin : ci t tt c cc binarymodule

Apache2-mpm-prefork : ci t Apache server

Apache2-doc : cung cp document

Apache2-utils : cc tool tin ch

=> Cung cp daemon : apache269

8/14/2019 Slide Linux2 2013 v4

70/119

Ci t Apache Web server

Qun l dch v :/etc/init.d/apache2

start|stop|restart|reload|

hocservice apache2

start|stop|restart|reload|

hoc s dng

/etc/sbin/apache2ctl

70

8/14/2019 Slide Linux2 2013 v4

71/119

Cu hnh Apache Web server

S dng cc directive Cc thuc tnh ca mt directive :

Mt directive thuc v v c x l bi mt

/ nhiu module V tr v phm vi nh hng ca mt directive

(context) : Server / virtual host / directory /.htaccess file

C php khai bo

Gi tr mc nh

71

8/14/2019 Slide Linux2 2013 v4

72/119

Cu hnh Apache Web server

72

Listen directive

Satisfy

directive

C

8/14/2019 Slide Linux2 2013 v4

73/119

Cu hnh Apache Web server

Cc file cu hnh : nm trong /etc/apache2 file cu hnh chnh : apache2.conf

Cc file cu hnh khc : ports.conf, httpd.conf,

Tt c cc directive nm trong nhng file cu hnh khcc tp hp vo file cu hnh chnh ( include )

Cc container: mt nhm cc directive sc phm vi nh hng trong mt nhnh th mc / mt hay mt s file / theo

URL

Khi Mt s iu kin c kim tra l ng

73

8/14/2019 Slide Linux2 2013 v4

74/119

C h h A h W b

8/14/2019 Slide Linux2 2013 v4

75/119

Cu hnh Apache Web server

75

StartServers 5

MinSpareServers 5

MaxSpareServers 10

MaxClients 150

MaxRequestsPerChild 0

.

C h h A h W b

8/14/2019 Slide Linux2 2013 v4

76/119

Cu hnh Apache Web server

76

DocumentRoot /var/www/www0

DocumentRoot /var/www/www1

DocumentRoot /var/www/www2

Listen 8080

C h h A h W b

8/14/2019 Slide Linux2 2013 v4

77/119

Cu hnh Apache Web server

Mt directive c th xut hin nhiu ln Mang nhiu gi tr

Override

Chdn trong s overridechdn trong server config

77

Listen 80

Listen 192.168.1.1:8080Listen 192.168.1.2:443

C h h A h W b

8/14/2019 Slide Linux2 2013 v4

78/119

Cu hnh Apache Web server

Mt s directive cu hnh chung cho server:(context : Server config )

ServerRoot /etc/apache2

Listen [IP-address:]portnumber

DirectoryIndexlocal-url [local-url]...

Alias url_path directory_filename

78

8/14/2019 Slide Linux2 2013 v4

79/119

Cu hnh Apache Web server

Mt s directive cho cu hnh Virtuahost(context : Virtuahost)

ServerName FQDN_server_name:port ServerAlias name1 [name2]

ServerAdmin email_administrator

NameVirtualHost addr[:port] DocumentRoot directory-path

79

To v duy tr website

8/14/2019 Slide Linux2 2013 v4

80/119

To v duy tr websiteCc cng vic chnh

To ni dung =>web pages (b phn tk web)ng k tn min cho web site

www.abc.com = 192.168.1.50

Dng web server => lu gi v qun l website :

Cu hnh server

Virtual host

Duy tr ni dung : Thc hin bi khch hng

80

M d

http://www.abc.com/http://www.abc.com/

8/14/2019 Slide Linux2 2013 v4

81/119

Mt s demo

Demo 1 : Ci t Apache Http Server vtruy cp trang web test

Demo 2 : Xc thc v phn quyn truy sut

th mc (http basic authentication) Demo 3 : Thit lp name-based virtual hosts

81

Demo 3 : Thit lp name-based

8/14/2019 Slide Linux2 2013 v4

82/119

virtual hosts To ni dung cho mi site => lu trong

mt documentRoot ring bit/var/www/site1

/var/www/site2

Mi site c mt tn min ring : Cng ip (named_based)

To file cu hnh cho mi site :

sites-availabled/site1 //copy t file defaultsites-availabled/site2

Bt file cu hnh ; a2ensite site182

V l h

8/14/2019 Slide Linux2 2013 v4

83/119

Virtual host

www.abc.com => 192.168.1.100To /www/site1 v cac trang html

To file cu hnh cho site

( trong tm site2-available) : copy t filedefault + sa + bt file cu hnh

Sa trong posts.conf

Reload dich vu www.xyz.com => 192.168.1.100

/www/site283

A h W b

http://www.abc.com/http://www.xyz.com/http://www.xyz.com/http://www.abc.com/

8/14/2019 Slide Linux2 2013 v4

84/119

Apache Web server

Ti liu Tham kho :1. http://httpd.apache.org/docs/2.2/

2. /usr/share/doc/apache2.2-common/README.Debian.gz

3. 3.http://www3.ntu.edu.sg/home/ehchua/programming/webprogramming/http_basics.html

84

http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/http://httpd.apache.org/docs/2.2/

8/14/2019 Slide Linux2 2013 v4

85/119

85

Chng 5

Dch v Samba

S b

8/14/2019 Slide Linux2 2013 v4

86/119

Samba

Samba _ mt b cc ng dng Unix, hinthc giao thc SMB/CIFS Server Message Block (SMB) v Common Internet

File System (CIFS) protocols l cc giao thc cs dng trong Microsoft Windows network filesystem

cho php tch hp Unix machines vo mng

Windows

www.samba.org

86

S b

http://www.samba.org/http://www.samba.org/

8/14/2019 Slide Linux2 2013 v4

87/119

Samba

Tnh nng Chia s filesystems v printers

H tr client d tm cc ti nguyn chia s

trong mng (Browsing) Xc thc cc clients khi login vo mt

Windows domain (Authentication)

87

S b

8/14/2019 Slide Linux2 2013 v4

88/119

Samba

88

Samba server

Unix/LinuxUnix/Linux

Samba client

Windows

ServerWindows XP

SMB protocol

192.168.10.0/24

.100.2

.1

Ci h h S b

8/14/2019 Slide Linux2 2013 v4

89/119

Ci t v cu hnh Samba

Ci t v cu hnh trn samba client Gi ci t : smbclient, samba-common,

samba-common-bin

S

dng l

nh smbclient

truy su

t

n tinguyn shared trn Samba server.

smbclient -L //server -U username

smbclient -U username //server/sharedfolder

89

Ci t h h S b

8/14/2019 Slide Linux2 2013 v4

90/119

Ci t v cu hnh Samba

Ci t v cu hnh trn samba server Gi ci t

samba, samba-common, samba-common-bin

=> Cung cp 2 daemon : smbd, nmbd File cu hnh

/etc/samba/smb.conf

Qun l dch v : T ng khi ng khi boot

S dng lnhreload|restart|start|stop smbdHoc/etc/init.d/smbd start | stop|restart

90

Ci t h h S b

8/14/2019 Slide Linux2 2013 v4

91/119

Ci t v cu hnh Samba

File cu hnh /etc/samba/smb.conf Gm cc section mc nh

[Global]

[Home]

[Printers] Mi section cha cc tham s cu hnh , c

dng name = value

91

Ci t h h S b

8/14/2019 Slide Linux2 2013 v4

92/119

Ci t v cu hnh Samba

Cc thng s cu hnh chia s file

path = /path/to/dir

browseable = yes | no

readonly | writeable = yes | no

create mask

directory mode

valid users | write list = user1 user2 [] guest ok = yes | no

hosts allow | hosts deny

92

[foo]

path = /home/far

read only = yes

Ci t h h S b

8/14/2019 Slide Linux2 2013 v4

93/119

Ci t v cu hnh Samba

93

[datapublic]

path = /smb3

read only = yes

guest ok = yes

[group1]

path = /smb1valid users = sv1 sv2

writeable = yes

hosts allow = 192.168.10. EXCEPT 192.168.10.4

[group2]

path = /data/sharewrite list = sv1 sv2

Ci t h h S b

8/14/2019 Slide Linux2 2013 v4

94/119

Ci t v cu hnh Samba

Cc bc thit lp share mt th mc tisamba server

(1) Khai bo mt samba user

( lnh smbpasswd a username )(1) To mt local diretory cha ti nguyn chia svThit lp b quyn ph hp

(2) Cu hnh smb.conf khai bo chia s ti nguyn

(3) Reload hoc restart dch v smbd(4) Kim tra k t qu t mt client ( linux/windows )

94

Ci t c hnh Samba

8/14/2019 Slide Linux2 2013 v4

95/119

Ci t v cu hnh Samba

V d : to 3 ti khon samba : smbuser1,smbuser2, smbuser3. [tailieu]

smbuser1 : read only

smbuser2 :read+write

smbuser3 : ko c truysut

[baocao]

smbuser1, smbuser2 : read+writeti subnet 192.168.1.0/24

[duan]

smbuser1 : rw95

Ci t v cu hnh Samba

8/14/2019 Slide Linux2 2013 v4

96/119

Ci t v cu hnh Samba

Mt s tool smbpasswd

s dng add/delete user vo h thng xcthc ca samba service (dng bi root).

Khi lnh c dng bi user thng thng: cchc nng i passwd.

smbstatus

Lit k cc kt ni samba hin hnh

96

8/14/2019 Slide Linux2 2013 v4

97/119

97

Chng 6Dch v NFS

Nhc li

8/14/2019 Slide Linux2 2013 v4

98/119

Nhc li

Lnh mount( man mount)

mount ten_tbi thumuc

Mount t ng : file /etc/fstab

( man fstab)

98

NFS

8/14/2019 Slide Linux2 2013 v4

99/119

NFS

Network File System (NFS) c pht trin ban u bi Sun Microsystems vo

nm 1984 cho php Unix client c th truy sut filetrn mng vi cng cch thc nh truy sut file ti

local

c hin thc da trn s dng RPC

Phin bn mi nht : NFSv4 ( port 2049)

Windows c h tr NFS t Windows 7

99

Dch v NFS

8/14/2019 Slide Linux2 2013 v4

100/119

Dch v NFS

Ci t v cu hnh trn NFS server Gi ci t : nfs-common nfs-kernel-server

Cung cp cc daemon : nfsd, rpc.mountd, rpc.statd,rpc.idmapd (portmap)

Qun l dch v : T ng khi ng khi boot ( bng upstart script)

Hoc/etc/init.d/nfs-kernel-server start | stop

File cu hnh : /etc/exports

100

Dch v NFS

8/14/2019 Slide Linux2 2013 v4

101/119

Dch v NFS

Ci t v cu hnh trn NFS server File cu hnh /etc/exports

M t cc ti nguyn cn chia s

Mi m t nm trn mt dng , c dng

/path/to/directory allowed_hosts(options)

V d :/datashare *(ro,root_squash)

/tmp 192.168.1.2(rw) 192.168.1.3(ro)

/test *(rw)

101

Dch v NFS

8/14/2019 Slide Linux2 2013 v4

102/119

Dch v NFS

Ci t v cu hnh trn NFS server Mt s options ro: read only

rw: read&write

root_squash | no_root_squash

Client truy cp vi root s c xc nh nhnobody (default ) ngc li c xem nh lroot

all_squash

102

Dch v NFS

8/14/2019 Slide Linux2 2013 v4

103/119

Dch v NFS

V d :/datashare a.example.com(rw)

export the directory /datashare to the host

a.example.com

/datashare b.example.com(rw,sync) NFS server waits for local disk writes to complete

/datashare *(rw,sync)

export /datashare to any machine

/datashare 192.168.1.3(rw,sync)

/datashare 192.168.1.0/255.255.255.0(rw,sync)

/datashare 192.168.1.0/24(rw,sync)

export /datashare to a host , a subnet 103

Dch v NFS

8/14/2019 Slide Linux2 2013 v4

104/119

Dch v NFS

Ci t v cu hnh trn NFS client Gi ci t : nfs-common (rpcbind)

Thc hin mount truy sut th mc sharetrn NFS server

mount address-server:/shared /mountpoint

Thc hin mount t ng khi system boot :nfs_server_ip_address://shared_foldermount_point nfs auto,rw,sync,hard,intr0 0

104

8/14/2019 Slide Linux2 2013 v4

105/119

Chia s /test cho user1 c quy n rw,nhm grp1 c quyn rw, other ko c

8/14/2019 Slide Linux2 2013 v4

106/119

nhm grp1 c quyn rw, other ko cquyn r+w

106

192.168.1.101/24 192.168.1.100/24

NFS ServerNFS Client

/test

rwx rwx --- user1 grp1

/test

id : 2000

mount

Root -> nobody

User1 (id 2000)

Nhomx (id 1500) id : 1500

8/14/2019 Slide Linux2 2013 v4

107/119

107

Chng 7NIS

Network Information Service

8/14/2019 Slide Linux2 2013 v4

108/119

Network Information Service

NISdch v cung cp thng tin tp trung Thng tin c lu tr dng flat, khng c

cu trc

Thng tin cung cp trong phm vi local

Cc dng thng tin : Tn v a chhosts, users ,groups , network services

M hnh client-server Client gi truy vn ti server (master hoc slave server )

thng qua mt RPC . Server tm kim thng tin trong dbri tr kt qu cho client

108

Network Information Service

8/14/2019 Slide Linux2 2013 v4

109/119

Network Information Service

Cc khi nim : Cc h thng tham gia s dng dch v phi

thuc v cng mt NIS domain

NIS servers lu thng tin trong mt tp cc filegi l maps. Cc NIS map l cc file index, xydng t cc file cu hnh ban u :

/etc/hosts => hosts.byname

hosts.byaddr

109

8/14/2019 Slide Linux2 2013 v4

110/119

110

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

111/119

Ci t v cu hnh NIS

Ci t v cu hnh trn NIS server Gi ci t : nis , rpcbind (portmap)

Cung cp daemons : ypserv, ypbind, yppasswd,

File cu hnh/etc/ypserv.conf v /etc/ypserv.securenets

Qun l dch v : T ng chy khi boot system ( bng upstart scripts)

Hoc:

sudo /etc/init.d/ypserv start | stop

111

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

112/119

Ci t v cu hnh NIS Cc bc cu hnh trn NIS master serverTham kho :/usr/share/doc/nis/nis.debian.howto fileChi tit cu hnh nh sau :

B1 : Khai bo NIS domainc thc hin khi ci t gi nis , lu trongfile /etc/defaultdomain

B2: Cu hnh Server daemonS dng file /etc/ypserv.conf v

/etc/ypserv.securenets thit lp cu hnhcho client c php hay khng truy sut NISserver.

112

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

113/119

Ci t v cu hnh NIS

Cc bc cu hnh trn NIS masterserverB3: Thit lp thng s cho nis server

S dng file /etc/default/nis , gnNISSERVER=master

B4: Khi ng server

sudo /etc/init.d/ypserv start(m bo rpcbind chy trc khi khi

ng ypserv)

113

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

114/119

Ci t v cu hnh NIS

Cc bc cu hnh trn NIS master serverB5: Thit lp thng tin v cc host trong local

network => Trong file /etc/hosts , khai bo

tn tt c cc host trong local cn NIS xcthc . C php : ipaddress name alias

Thit lp thng tin v cc user/group trong

local network => Add cc ti khon v groupvo NIS server ( lu trong cc file /etc/passwd, /etc/shadow, /etc/group )

114

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

115/119

Ci t v cu hnh NIS

Cc bc cu hnh trn NIS master serverB6: To NIS database , bng lnh/usr/lib/yp/ypinit -m

Kt qu to cc file map lu trong /var/yp

**Cp nht NIS database khi c thay i thng tinv users, groups, hosts bng 2 lnh :

cd /var/yp

make**c thng tin t NIS database bng lnh

ypmatch

115

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

116/119

Ci t v cu hnh NIS

Ci t v cu hnh NIS client Gi ci t : nis , rpcbind

File cu hnh : /etc/yp.conf

Qun l dch v pha client : ypbind T ng khi ng khi boot system, hoc sau khi

ci t

116

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

117/119

Ci t v cu hnh NIS

Cc bc cu hnh NIS clientB1 : Khai bo NIS domain.

Thc hin khi ci gi nis.

B2: Khai bo a ch ca NIS server ,nu trong local network khng c NISserver.

Mc nh, NIS client s boardcast ttm NIS server

117

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

118/119

Ci t v cu hnh NIS

Cc bc cu hnh NIS clientB3: kim tra file /etc/nsswitch.conf c

cha dng

hosts : files nis dnsB4: chnh sa file/etc/passwd v/etc/shadow ch nh s dng

thng tin xc thc user t NIS serverB5: test

118

Ci t v cu hnh NIS

8/14/2019 Slide Linux2 2013 v4

119/119

Ci t v cu hnh NIS