####################辅助dns及其自动同步 加密
主dns端
[root@localhost ~]# hostnamectl set-hostname dns-server
slave端
[root@localhost ~]# hostnamectl set-hostname dns-slave
[root@dns-slave ~]# yum install bind -y ###安装dns服务软件
[root@dns-slave ~]# vim /etc/named.conf ####配置dns主配置文件
[root@dns-slave ~]# vim /etc/named.rfc1912.zones ###配置dns子配置文件
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones
[root@dns-server named]# systemctl restart named
slave端
[root@dns-slave named]# firewall-cmd --add-service=dns --permanent
success
[root@dns-slave named]# firewall-cmd --reload
success
[root@dns-slave named]# setenforce 0
[root@dns-slave named]# systemctl enable named.service
ln -s '/usr/lib/systemd/system/named.service' '/etc/systemd/system/multi-user.target.wants/named.service'
[root@dns-slave named]# systemctl restart named
[root@dns-slave named]# vim /etc/resolv.conf ###配置dns指向为本机ip,以测试辅助dns是否成功
nameserver 172.25.254.16
[root@dns-slave named]# dig www.westos.com ###测试
成功
#####自动同步主dns
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones
(also-notify{ ;};) ####通知某dns服务器自己改变了dns信息
[root@dns-server named]# vim westos.com.zone ###设定serial值
[root@dns-server named]# systemctl restart named
辅助dns端
[root@dns-slave named]# systemctl restart named
[root@dns-slave slaves]# dig www.westos.com
辅助dns域名解析已同步
#######远程更改主dns
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones ####设定允许更新本服务器dns数据的主机ip
[root@dns-server named]# ll -d /var/named/
drwxr-x---. 5 root named 4096 Dec 1 00:33 /var/named/
[root@dns-server named]# chmod 770 /var/named/ ####给/var/named/文件夹组rwx权限,以允许被更新
[root@dns-server named]# systemctl restart named
辅助dns端
更新成功
######加密
主dns端
[root@dns-server named]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westos ###制作符合bind软件加密方式的密钥
[root@dns-server mnt]# cp -p /etc/rndc.key /etc/westos.key
[root@dns-server mnt]# cat /mnt/Kwestos.+157+32233.private
###(Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: PCQtwlJGxXyx1aiyKmpxsA==
Bits: AAA=
Created: 20161201060243
Publish: 20161201060243
Activate: 20161201060243
###)
[root@dns-server mnt]# vim /etc/westos.key ###复制key内容并粘贴到/etc/westos.key 文件中
[root@dns-server mnt]# vim /etc/named.conf
[root@dns-server mnt]# vim /etc/named.rfc1912.zones
[root@dns-server mnt]# systemctl restart named
[root@dns-server mnt]# scp Kwestos.+157+32233.* root@172.25.254.16:/mnt ###复制钥匙到允许更新的远程主机端
辅助dns端
[root@dns-slave mnt]# nsupdate -k Kwestos.+157+32233.private
测试成功
####dns自动更新同步
配置dhcp服务
修改dns文件中域名解析数据
辅助dns端
[root@dns-slave mnt]# systemctl restart network
[root@dns-slave mnt]# dig music.westos.com
重启网络测试成功
主dns端
[root@dns-server named]# vim /etc/dhcp/dhcpd.conf
[root@dns-server named]# systemctl restart named
[root@dns-server named]# systemctl restart dhcpd.service
被同步端
[root@dns-slave mnt]# systemctl restart network
[root@dns-slave mnt]# dig www.westos.com
更新成功
###################数据库
[root@dns-server named]# yum install mariadb-server.x86_64 -y ###安装数据库管理软件
[root@dns-server named]# systemctl stop firewalld.service
[root@dns-server named]# vim /etc/my.cnf
[root@dns-server named]# systemctl start mariadb
[root@dns-server named]# mysql_secure_installation ####安装数据库
数据库的基本使用
[root@dns-server named]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
MariaDB [(none)]> USE mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> SHOW TABLES;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
MariaDB [mysql]> SELECT * FROM user;
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
| Host | User | Password | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | Create_tablespace_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections | plugin | authentication_string |
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
| localhost | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
| 127.0.0.1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
| ::1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
3 rows in set (0.01 sec)
MariaDB [mysql]> SELECT Host,User,Password FROM user;
+-----------+------+-------------------------------------------+
| Host | User | Password |
+-----------+------+-------------------------------------------+
| localhost | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| 127.0.0.1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| ::1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
+-----------+------+-------------------------------------------+
3 rows in set (0.00 sec)
MariaDB [mysql]>
#create database westos; ##创建westos数据库
use westos;
create table linux( ##创建表, username,password字段
username varchar(15) not null,
password varchar(15) not null
ALTER TABLE linux ADD age varchar(4); ###添加age字段到linux表中
ALTER TABLE linux DROP age ###删除age字段
ALTER TABLE linux ADD age VARCHAR(5) AFTER name ##在name字段后添加字段age
insert into linux values ('user1','passwd1');
word = password1
update linux set password=password('passwd2') where username=user1; ##更新linux中user1密码
delete from linux where username=user1;
grant select on *.* to user1@localhost identified by 'passwd1'; ##授权user1密码为passwd1
##添加用户
MariaDB [mysql]> CREATE USER westos@localhost identified by 'westos';
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> GRANT CREATE on *.* to westos@localhost; ##为新建westos用户添加创建文件的权限
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> REVOKE CREATE on *.* from westos@localhost; ###撤销用户权限
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> DROP USER westos@localhost; ####删除用户
Query OK, 0 rows affected (0.00 sec)
###若忘记密码,更改密码
[root@dns-server named]# systemctl stop mariadb.service
[root@dns-server named]# mysqld_safe --skip-grant-tables &
[3] 12340
[root@dns-server named]# 161201 04:15:42 mysqld_safe Logging to '/var/log/mariadb/mariadb.log'.
161201 04:15:42 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
^C
[root@dns-server named]# kill -9 12340
[root@dns-server named]# mysqld_safe --skip-grant-tables &
[4] 12534
161201 04:16:29 mysqld_safe Logging to '/var/log/mariadb/mariadb.log'.
161201 04:16:29 mysqld_safe A mysqld process already exists
[3] Killed mysqld_safe --skip-grant-tables
[root@dns-server named]# mysql -uroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 1
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> UPDATE mysql.user set Password=password ('redhat') WHERE User='root'; ##设定root用户密码为redhat
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
MariaDB [(none)]> quit
Bye
[4] Exit 1 mysqld_safe --skip-grant-tables
[root@dns-server named]# systemctl start mariadb
[root@dns-server named]# mysql -uroot -predhat ###新密码更换成功
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
##图形化管理数据库
[root@dns-server named]# yum install httpd -y
[root@mariadb ~]# systemctl start httpd
#(可在/var/www/html/目录下创建文件,用浏览器测试httpd服务是否成功共享文件
下载phpmyadmin软件
[root@mariadb html]# tar -jxf phpMyAdmin-4.6.5.1-all-languages.tar.bz2 #解压
[root@mariadb html]# mv phpMyAdmin-4.6.5.1-all-languages myadmin
[root@mariadb html]# yum install php.x86_64 -y ##安装php语言
[root@mariadb ~]# yum install php-mysql.x86_64 -y ###安装数据库php
[root@mariadb html]# cd myadmin/
[root@mariadb myadmin]# cp -p config.sample.inc.php config.inc.php
[root@mariadb myadmin]# vim config.inc.php ##配置php文件
测试,提示php版本小于5.5,更新php版本后才可使用
###########邮件服务
设定主机maillinux,mialwestos
maillinux端
[root@maillinux ~]# vim /etc/named.rfc1912.zones
[root@maillinux named]# vim westos.com.zone
[root@maillinux named]# cp -p westos.com.zone linux.com.zone
[root@maillinux named]# vim linux.com.zone
[root@mailwestos ~]# vim /etc/postfix/main.cf
mailwestos端
[root@mailwestos ~]# systemctl restart postfix.service
[root@mailwestos ~]# mail root
Subject: but
lajsf
asg
lasgas
.
EOT
[root@mailwestos ~]# mailq
Mail queue is empty
[root@mailwestos ~]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 1 message 1 new
>N 1 root Thu Dec 1 06:22 20/557 "but"
& 1
Message 1:
From root@westos.com Thu Dec 1 06:22:20 2016
Return-Path: <root@westos.com>
X-Original-To: root
Delivered-To: root@westos.com
Date: Thu, 01 Dec 2016 06:22:19 -0500
To: root@westos.com
Subject: but
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: root@westos.com (root)
Status: R
lajsf
asg
lasgas ############测试成功
maillinux端
[root@maillinux named]# vim /etc/postfix/main.cf
(将westos换为linux,其余配置相同
####不同主机之间相互发送接收
[root@mailwestos ~]# vim /etc/resolv.conf
nameserver 172.25.254.116
[root@mailwestos ~]# mail root@linux.com
Subject: seed
alsdfj
asdfh
.
EOT
[root@maillinux named]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 2 messages 1 new 2 unread
U 1 root Thu Dec 1 06:32 21/556 "yes"
>N 2 root Thu Dec 1 06:35 22/746 "seed" ####测试成功
&
设定邮件用户别名
[root@mailwestos ~]# vim /etc/aliases
[root@mailwestos ~]# postalias /etc/aliases
[root@mailwestos ~]# systemctl restart postfix.service
[root@mailwestos ~]# mail admin@westos.com ###以设定别名发送邮件
Subject: hhh
alsdjf
al;sjdf
.
EOT
[root@mailwestos ~]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 2 messages 1 new
1 root Thu Dec 1 06:22 21/568 "but"
>N 2 root Thu Dec 1 06:52 19/567 "hhh" ###用被设定别名用户名接收成功
##(若设定更多以群发,可编辑aliases文件,添加more: :include:/etc/moreusers
并编辑文件设定名称
###隐藏邮件发送者地址
[root@mailwestos postfix]# vim generic
[root@mailwestos postfix]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
###加密地址转换文件
[root@mailwestos postfix]# postmap /etc/postfix/generic
[root@mailwestos postfix]# systemctl restart postfix.service
[root@mailwestos postfix]# mail root@linux.com ###向linux.com发送邮件以测试
Subject: hash
alsjfd
alsj
.
EOT
linx.com端
Message 3:
From superbike@sina.com Thu Dec 1 07:25:55 2016
Return-Path: <superbike@sina.com>
X-Original-To: root@linux.com
Delivered-To: root@linux.com
Date: Thu, 01 Dec 2016 07:25:55 -0500
To: root@linux.com
Subject: hash
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: superbike@sina.com (root) #######测试成功
###远程操作邮件
[root@mailwestos ~]# yum search telnet
[root@mailwestos ~]# telnet 172.25.254.116 25
Trying 172.25.254.116...
Connected to 172.25.254.116.
Escape character is '^]'.
220 maillinux.linux.com ESMTP Postfix
mail from:root@linux.com
250 2.1.0 Ok
rcpt to:root@westos.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
123456+
al;jdsfl
aljdfalsjfdl;sdjf
.
250 2.0.0 Ok: queued as 7B15326CD4B ###发送成功