Linux home server

「Linux home server」の編集履歴(バックアップ)一覧はこちら

Linux home server」(2005/07/10 (日) 03:01:52) の最新版変更点

追加された行は緑色になります。

削除された行は赤色になります。

#contents How-To build Linux home server The page is the record to build my home server. Basically the server is based on Redhat Linux 9. Think about the folowing things. http://www.linux.or.jp/JF/JFdocs/Security-Quickstart-Redhat-HOWTO/ Update to the Linux kernel 2.6 http://homepage1.nifty.com/mcn/linux/topic1.5/kernel_rebuild.2.6.htm *Hard Ware ** UPS -http://en.tldp.org/HOWTO/UPS-HOWTO/ ** Hard Ware RAID-1 (Mirroring) [HotSwap?] (Spare Disk?) -http://www.accusys.com.tw/ -http://www.infortrend.com/ -http://www.raidon.com.tw/ -http://www.promise.com/ -http://www.maxtronic.com.tw/ -http://www.hans.or.jp/MALL/able/parts/raid-1.html -I have Iwill SIDE Pro66 that uses HighPoint HPT366.http://www.highpoint-tech.com/370drivers_down.htm **NIC -802.11b 802.11g Wireless LAN (PLANEX GW-DS54G http://www.planex.co.jp/product/bwave/gwds54g.shtml) (PLANEX GW-DS54G http://www.planex.net/product/bwave/gwds54g.shtml) --Linux Driver for the 802.11g Prism GT / Prism Duette / Prism Indigo Chipsets http://prism54.org --A Linux Wireless Access Point HOWTO http://oob.freeshell.org/nzwireless/LWAP-HOWTO.html --Wireless LAN resources for Linux http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html -100M Ethernet 1 <----Global **5 Inch Front Bay -2 for RAID-1 -(Do not need CD-ROM drive. We can do FTP based install.) *Soft Ware ** Firewall (Filtering) ** IP Masquerade edit /etc/sysctl.conf ** sshd ** DNS -bind -djbdns http://cr.yp.to/djbdns.html ** SMBd(Samba) ** HTTPD(APATCH) ** MTA -qmail http://www.qmail.org/ ** NTPD(xntp) http://www.ntp.org/index.html ** Serial connection setup ** VPN ** postgreSQL ** NFSD ** Dynamic DNS(ddclient) ** Proxy(Squid) ** syslogd, klogd ** Line Printer Daemon(printcap, filter) ** FTPd(wu-ftp) *Concern **Wireless LAN Security -Allied telesis http://www.allied-telesis.co.jp/products/list/wireless/knowl.html#sec -Data Encription --WEP: Wireless tools for Linux supports http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html --WPA: http://hostap.epitest.fi/cgi-bin/viewcvs.cgi/hostap/wpa_supplicant/ --Access Control: prism54 driver support MAC Address filtering **多くのサイトがinetd を tcpserver で置き換えつつあります。以下にいくつかの理由をあげます: -inetd は高負荷では信頼性が低下します。 1分間に「多過ぎる」接続要求を受けとると、10分間サービスを中断します。 -inetd の資源管理は有効ではありません。よく使われるサービスを動かしていると、いとも簡単に メモリを使い切る でしょう。 -inetd では活動が集中的に起きると、トラブルとなります。その listen() バックログ は通常 5 か 10 であり、大きくすることはできません。 *Execution Note **Install RedHat Linux 9 by FTP -Create bootdisk and driver disk and get FTP information. -Install RedHat Linux 9, choose modules. Set high secure mode. ---- -Create new users (add sudoer list) # adduser hideo # password hideo #TYPE password # cp /etc/sudoers{,.20040410} # visudo ---- Use new sudoed users to make configuration -Settinup /etc/XF86Config sudo cp /etc/XF86Config{,.20040410} sudo vi /etc/XF86Config -Change keyboard setting sudo cp /lib/kbd/keymaps/i386/qwerty/{us.map.gz,us_swap_ctrl_capsLock.map.gz} gunzip /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map.gz sudo vi /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map #Swap 28 and 59 sudo gzip /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map sudo cp /etc/sysconfig/keyboard{,.20040410} sudo vi /etc/sysconfig/keyboard #use new key map us_swap_ctrl_capsLock -Drop run level 3 services /etc/rc.d/rc3.d/S05kudzu -> ../init.d/kudzu /etc/rc.d/rc3.d/S08iptables -> ../init.d/iptables DELETE /etc/rc.d/rc3.d/S09isdn -> ../init.d/isdn /etc/rc.d/rc3.d/S10network -> ../init.d/network /etc/rc.d/rc3.d/S12syslog -> ../init.d/syslog DELETE /etc/rc.d/rc3.d/S13portmap -> ../init.d/portmap DELETE /etc/rc.d/rc3.d/S14nfslock -> ../init.d/nfslock /etc/rc.d/rc3.d/S17keytable -> ../init.d/keytable /etc/rc.d/rc3.d/S20random -> ../init.d/random DELETE /etc/rc.d/rc3.d/S24pcmcia -> ../init.d/pcmcia DELETE /etc/rc.d/rc3.d/S25netfs -> ../init.d/netfs /etc/rc.d/rc3.d/S26apmd -> ../init.d/apmd DELETE /etc/rc.d/rc3.d/S28autofs -> ../init.d/autofs /etc/rc.d/rc3.d/S55sshd -> ../init.d/sshd /etc/rc.d/rc3.d/S56rawdevices -> ../init.d/rawdevices DELETE /etc/rc.d/rc3.d/S56xinetd -> ../init.d/xinetd DELETE /etc/rc.d/rc3.d/S80sendmail -> ../init.d/sendmail /etc/rc.d/rc3.d/S85gpm -> ../init.d/gpm /etc/rc.d/rc3.d/S90canna -> ../init.d/canna /etc/rc.d/rc3.d/S90crond -> ../init.d/crond DELETE /etc/rc.d/rc3.d/S90cups -> ../init.d/cups /etc/rc.d/rc3.d/S90FreeWnn -> ../init.d/FreeWnn /etc/rc.d/rc3.d/S90xfs -> ../init.d/xfs /etc/rc.d/rc3.d/S95anacron -> ../init.d/anacron /etc/rc.d/rc3.d/S95atd -> ../init.d/atd /etc/rc.d/rc3.d/S97rhnsd -> ../init.d/rhnsd /etc/rc.d/rc3.d/S99local -> ../rc.local sudo rm /etc/rc.d/rc3.d/S13portmap sudo rm /etc/rc.d/rc3.d/S14nfslock sudo rm /etc/rc.d/rc3.d/S24pcmcia sudo rm /etc/rc.d/rc3.d/S25netfs sudo rm /etc/rc.d/rc3.d/S28autofs sudo rm /etc/rc.d/rc3.d/S56 sudo rm /etc/rc.d/rc3.d/S56xinetd sudo rm /etc/rc.d/rc3.d/S80sendmail sudo rm /etc/rc.d/rc3.d/S90cups ---- mkdir usr mkdir usr/TARBALL mkdir usr/src mkdir usr/lib mkdir usr/bin mv ncftp-3.1.7-src.tar.gz ./usr/TARBALL/ ---- -down load prism54 and patch on the latest Kernel -compile new kernel make mrproper make menuconfig (follow the prism54 README) (if you comple the libraries, that you need to boot) make dep make clean make bzImage make modules sudo make modules_install sudo cp arch/i386/boot/bzImage /boot/vmlinuz-2.4.25 sudo cp System.map /boot/System.map-2.4.25 mkinitrd /boot/initrd-2.4.25.img 2.4.25 vi /etc/grub.conf <=== Add new entry for new kernel ---- -Wired Networking Setup sudo mv /etc/sysctl.conf{,.20040413} sudo vi /etc/sysctl.conf # Controls source route verification net.ipv4.conf.default.rp_filter = 1 sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0 (DHCP) sudo vi /etc/sysconfig/network-scripts/ifcfg-eth1 (STATIC) sudo cp /etc/sysconfig/iptables{,.20040413} sudo vi /etc/sysconfig/iptables ---- -Wireless Networking Setup sudo vi /etc/sysconfig/network-scripts/ifcfg-eth2 (STATIC) sudo vi /etc/rc.d/local (ifup eth2) NOTE: eth2 is BOOT=NO The eth2 is up in S99local. I do not know exactreason why but ON_BOOT does not work. It sesms like hotplug does notwork because it fails upload firm waire accrding to the error message. sudo cp ./WLANDCB.arm /usr/lib/hotplug/firmware/isl3890 wget http://prism54.org/~hvr/firmware.agent sudo cp ./firmware.agent /etc/hotplug/ sudo chmod 755 /etc/hotplug/firmware.agent ifup eth2 iwconfig eth2 essid "????" iwconfig eth2 made Master iwconfig eth2 off -Compile wireless tools sudo mv iwgetid{,.20040421} sudo mv iwspy{,.20040421} sudo mv iwevent{,.20040421} sudo mv iwpriv{,.20040421} sudo mv iwlist{,.20040421} sudo mv iwconfig{,.20040421} sudo cp ~hideo/usr/src/wireless_tools.26/iwgetid . sudo cp ~hideo/usr/src/wireless_tools.26/iwevent . sudo cp ~hideo/usr/src/wireless_tools.26/iwpriv . sudo cp ~hideo/usr/src/wireless_tools.26/iwlist . sudo cp ~hideo/usr/src/wireless_tools.26/iwconfig .
How-To build Linux home server The page is the record to build my home server. Basically the server is based on Redhat Linux 9. #contents Think about the folowing things. http://www.linux.or.jp/JF/JFdocs/Security-Quickstart-Redhat-HOWTO/ Update to the Linux kernel 2.6 http://homepage1.nifty.com/mcn/linux/topic1.5/kernel_rebuild.2.6.htm *Hard Ware ** UPS -http://en.tldp.org/HOWTO/UPS-HOWTO/ ** Hard Ware RAID-1 (Mirroring) [HotSwap?] (Spare Disk?) -http://www.accusys.com.tw/ -http://www.infortrend.com/ -http://www.raidon.com.tw/ -http://www.promise.com/ -http://www.maxtronic.com.tw/ -http://www.hans.or.jp/MALL/able/parts/raid-1.html -I have Iwill SIDE Pro66 that uses HighPoint HPT366.http://www.highpoint-tech.com/370drivers_down.htm **NIC -802.11b 802.11g Wireless LAN (PLANEX GW-DS54G http://www.planex.co.jp/product/bwave/gwds54g.shtml) (PLANEX GW-DS54G http://www.planex.net/product/bwave/gwds54g.shtml) --Linux Driver for the 802.11g Prism GT / Prism Duette / Prism Indigo Chipsets http://prism54.org --A Linux Wireless Access Point HOWTO http://oob.freeshell.org/nzwireless/LWAP-HOWTO.html --Wireless LAN resources for Linux http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Wireless.html -100M Ethernet 1 <----Global **5 Inch Front Bay -2 for RAID-1 -(Do not need CD-ROM drive. We can do FTP based install.) *Soft Ware ** Firewall (Filtering) ** IP Masquerade edit /etc/sysctl.conf ** sshd ** DNS -bind -djbdns http://cr.yp.to/djbdns.html ** SMBd(Samba) ** HTTPD(APATCH) ** MTA -qmail http://www.qmail.org/ ** NTPD(xntp) http://www.ntp.org/index.html ** Serial connection setup ** VPN ** postgreSQL ** NFSD ** Dynamic DNS(ddclient) ** Proxy(Squid) ** syslogd, klogd ** Line Printer Daemon(printcap, filter) ** FTPd(wu-ftp) *Concern **Wireless LAN Security -Allied telesis http://www.allied-telesis.co.jp/products/list/wireless/knowl.html#sec -Data Encription --WEP: Wireless tools for Linux supports http://www.hpl.hp.com/personal/Jean_Tourrilhes/Linux/Tools.html --WPA: http://hostap.epitest.fi/cgi-bin/viewcvs.cgi/hostap/wpa_supplicant/ --Access Control: prism54 driver support MAC Address filtering **多くのサイトがinetd を tcpserver で置き換えつつあります。以下にいくつかの理由をあげます: -inetd は高負荷では信頼性が低下します。 1分間に「多過ぎる」接続要求を受けとると、10分間サービスを中断します。 -inetd の資源管理は有効ではありません。よく使われるサービスを動かしていると、いとも簡単に メモリを使い切る でしょう。 -inetd では活動が集中的に起きると、トラブルとなります。その listen() バックログ は通常 5 か 10 であり、大きくすることはできません。 *Execution Note **Install RedHat Linux 9 by FTP -Create bootdisk and driver disk and get FTP information. -Install RedHat Linux 9, choose modules. Set high secure mode. ---- -Create new users (add sudoer list) # adduser hideo # password hideo #TYPE password # cp /etc/sudoers{,.20040410} # visudo ---- Use new sudoed users to make configuration -Settinup /etc/XF86Config sudo cp /etc/XF86Config{,.20040410} sudo vi /etc/XF86Config -Change keyboard setting sudo cp /lib/kbd/keymaps/i386/qwerty/{us.map.gz,us_swap_ctrl_capsLock.map.gz} gunzip /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map.gz sudo vi /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map #Swap 28 and 59 sudo gzip /lib/kbd/keymaps/i386/qwerty/us_swap_ctrl_capsLock.map sudo cp /etc/sysconfig/keyboard{,.20040410} sudo vi /etc/sysconfig/keyboard #use new key map us_swap_ctrl_capsLock -Drop run level 3 services /etc/rc.d/rc3.d/S05kudzu -> ../init.d/kudzu /etc/rc.d/rc3.d/S08iptables -> ../init.d/iptables DELETE /etc/rc.d/rc3.d/S09isdn -> ../init.d/isdn /etc/rc.d/rc3.d/S10network -> ../init.d/network /etc/rc.d/rc3.d/S12syslog -> ../init.d/syslog DELETE /etc/rc.d/rc3.d/S13portmap -> ../init.d/portmap DELETE /etc/rc.d/rc3.d/S14nfslock -> ../init.d/nfslock /etc/rc.d/rc3.d/S17keytable -> ../init.d/keytable /etc/rc.d/rc3.d/S20random -> ../init.d/random DELETE /etc/rc.d/rc3.d/S24pcmcia -> ../init.d/pcmcia DELETE /etc/rc.d/rc3.d/S25netfs -> ../init.d/netfs /etc/rc.d/rc3.d/S26apmd -> ../init.d/apmd DELETE /etc/rc.d/rc3.d/S28autofs -> ../init.d/autofs /etc/rc.d/rc3.d/S55sshd -> ../init.d/sshd /etc/rc.d/rc3.d/S56rawdevices -> ../init.d/rawdevices DELETE /etc/rc.d/rc3.d/S56xinetd -> ../init.d/xinetd DELETE /etc/rc.d/rc3.d/S80sendmail -> ../init.d/sendmail /etc/rc.d/rc3.d/S85gpm -> ../init.d/gpm /etc/rc.d/rc3.d/S90canna -> ../init.d/canna /etc/rc.d/rc3.d/S90crond -> ../init.d/crond DELETE /etc/rc.d/rc3.d/S90cups -> ../init.d/cups /etc/rc.d/rc3.d/S90FreeWnn -> ../init.d/FreeWnn /etc/rc.d/rc3.d/S90xfs -> ../init.d/xfs /etc/rc.d/rc3.d/S95anacron -> ../init.d/anacron /etc/rc.d/rc3.d/S95atd -> ../init.d/atd /etc/rc.d/rc3.d/S97rhnsd -> ../init.d/rhnsd /etc/rc.d/rc3.d/S99local -> ../rc.local sudo rm /etc/rc.d/rc3.d/S13portmap sudo rm /etc/rc.d/rc3.d/S14nfslock sudo rm /etc/rc.d/rc3.d/S24pcmcia sudo rm /etc/rc.d/rc3.d/S25netfs sudo rm /etc/rc.d/rc3.d/S28autofs sudo rm /etc/rc.d/rc3.d/S56 sudo rm /etc/rc.d/rc3.d/S56xinetd sudo rm /etc/rc.d/rc3.d/S80sendmail sudo rm /etc/rc.d/rc3.d/S90cups ---- mkdir usr mkdir usr/TARBALL mkdir usr/src mkdir usr/lib mkdir usr/bin mv ncftp-3.1.7-src.tar.gz ./usr/TARBALL/ ---- -down load prism54 and patch on the latest Kernel -compile new kernel make mrproper make menuconfig (follow the prism54 README) (if you comple the libraries, that you need to boot) make dep make clean make bzImage make modules sudo make modules_install sudo cp arch/i386/boot/bzImage /boot/vmlinuz-2.4.25 sudo cp System.map /boot/System.map-2.4.25 mkinitrd /boot/initrd-2.4.25.img 2.4.25 vi /etc/grub.conf <=== Add new entry for new kernel ---- -Wired Networking Setup sudo mv /etc/sysctl.conf{,.20040413} sudo vi /etc/sysctl.conf # Controls source route verification net.ipv4.conf.default.rp_filter = 1 sudo vi /etc/sysconfig/network-scripts/ifcfg-eth0 (DHCP) sudo vi /etc/sysconfig/network-scripts/ifcfg-eth1 (STATIC) sudo cp /etc/sysconfig/iptables{,.20040413} sudo vi /etc/sysconfig/iptables ---- -Wireless Networking Setup sudo vi /etc/sysconfig/network-scripts/ifcfg-eth2 (STATIC) sudo vi /etc/rc.d/local (ifup eth2) NOTE: eth2 is BOOT=NO The eth2 is up in S99local. I do not know exactreason why but ON_BOOT does not work. It sesms like hotplug does notwork because it fails upload firm waire accrding to the error message. sudo cp ./WLANDCB.arm /usr/lib/hotplug/firmware/isl3890 wget http://prism54.org/~hvr/firmware.agent sudo cp ./firmware.agent /etc/hotplug/ sudo chmod 755 /etc/hotplug/firmware.agent ifup eth2 iwconfig eth2 essid "????" iwconfig eth2 made Master iwconfig eth2 off -Compile wireless tools sudo mv iwgetid{,.20040421} sudo mv iwspy{,.20040421} sudo mv iwevent{,.20040421} sudo mv iwpriv{,.20040421} sudo mv iwlist{,.20040421} sudo mv iwconfig{,.20040421} sudo cp ~hideo/usr/src/wireless_tools.26/iwgetid . sudo cp ~hideo/usr/src/wireless_tools.26/iwevent . sudo cp ~hideo/usr/src/wireless_tools.26/iwpriv . sudo cp ~hideo/usr/src/wireless_tools.26/iwlist . sudo cp ~hideo/usr/src/wireless_tools.26/iwconfig .

表示オプション

横に並べて表示:
変化行の前後のみ表示: