Task 1 – UserAdmin (webmaster – UID1100)
Task 2 – Webserver (sudo/Yast)
Task 3 – Configure Apache (engineers)
Task 4 – Monitor Apache process (script wwwrun)
---------------------------------------------------
---------------------------------------------------
a) server1
useradd webmaster -u 1100 -g 100 -m
b) server2
useradd -c "Thomas Barnes" tbarnes -u 1010 -g 100 -m
useradd -c "James King" jking -u 1011 -g 100 -m
passwd tbarnes (novell)
passwd jking (novell)
c) su - tbarnes
ssh-keygen -t dsa (default location, no passphrase)
exit
su - jking
ssh-keygen -t dsa (default location, no passphrase)
exit
d) cat /home/tbarnes/.ssh/id_dsa.pub > authorized_keys
cat /home/jking/.ssh/id_dsa.pub >> authorized_keys
server1
md /home/webmaster/.ssh
server2
scp authorized_keys 192.168.146.10:/home/webmaster/.ssh/
-------------------------------------------------------------
-------------------------------------------------------------
# visudo
# User privilege specification
root ALL=(ALL) ALL
hom ALL=NOPASSWD: /sbin/rcSuSEfirewall2 *, /bin/vi /etc/samba/smb.conf
webmaster ALL=NOPASSWD:
/etc/init.d/apache2 *,
/sbin/yast2 http-server,
/bin/vi /etc/sysconfig/apache2,
/bin/vi /etc/apache2/*.conf,
/usr/bin/htpasswd2
# User privilege specification
root ALL=(ALL) ALL
hom ALL=NOPASSWD: /sbin/rcSuSEfirewall2 *, /bin/vi /etc/samba/smb.conf
webmaster ALL=NOPASSWD:
/etc/init.d/apache2 *,
/sbin/yast2 http-server,
/bin/vi /etc/sysconfig/apache2,
/bin/vi /etc/apache2/*.conf,
/usr/bin/htpasswd2
!/sbin/yast2,
#rcapache2 restart
----------------------------------------------------------------
a] vi /etc/apache2/default-server.conf
ServerAdmin webmaster@xxx
b] hostname for webserver
/etc/hosts
192.168.1.100 www.digitalairlines.com
c] /srv/www/htdocs/engineers
Order deny,allow
Deny from all
Allow from 192.168.1.0/24
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /etc/apache2/htpasswd
Require valid-user
# htpasswd2 -c /etc/apache2/htpasswd user1
# htpasswd2 /etc/apahce2/htpasswd user2
d] # apache2ctl configtest
# insserv apache2
--------------------------------------------------
#!/bin/bash
top -b -u wwwrun -n $1 > /home/webmaster/monitoring/apachemon-`date +%F-%H:%M
# this is for the old acpid
vi /etc/logrotate.d/pure-ftpd
/var/log/pure-ftpd.log {
daily
compress
dateext
rotate 99
postrotate
/etc/init.d/syslog reload
endscript
}
# logrotate -f /etc/logrotate.d/pure-ftpd.logvisudo
vi /etc/logrotate.d/pure-ftpd
/var/log/pure-ftpd.log {
daily
compress
dateext
rotate 99
postrotate
/etc/init.d/syslog reload
endscript
}
# logrotate -f /etc/logrotate.d/pure-ftpd.logvisudo
No comments:
Post a Comment