hệ điều hành Linux

Qun tr h iu hnh Linux

GVHD: Thy V Khnh Qu Page 1

NHN XT CA GIO VIN HNG DN



NHN XT CA GIO VIN PHN BIN



MC LC

DANH MC CC HNH V................................................................................... 5

DANH MC CC BNG BIU ............................................................................. 7

DANH MC CC T VIT TT .......................................................................... 8

CHNG I. TNG QUAN V TI .............................................................. 10

1.1. L do chn ti. ....................................................................................... 11

1.1.1. L do khch quan ........................................................................... 11

1.1.2. L do ch quan. .............................................................................. 11

1.2. Mc ch nghin cu .................................................................................. 11

1.3. Gii hn ca ti ...................................................................................... 12

1.4. Kt qu d kin t c ........................................................................... 12

CHNG II: C S L THUYT ..................................................................... 13

2.1. Tng quan v h iu hnh Linux. ............................................................. 13

2.1.1. Lch s pht trin ca Linux. ......................................................... 13

2.1.2. u nhc im ca h iu hnh Linux. .................................... 14

2.1.3. Cc bn phn phi linux hin nay .................................................. 17

2.2. Mt s dch v mng trn Linux. ............................................................... 24

2.2.1. Dch v DNS. ................................................................................. 24

2.2.2. Dch v DHCP ............................................................................... 30

2.2.3. Dch v SAMBA. ........................................................................... 33

2.2.4. Dch v FTP ................................................................................... 42

2.2.5. Dch v Webserver. ........................................................................ 50

2.2.6. Dch v LDAP ............................................................................... 54

CHNG III: NI DUNG THC HIN ............................................................ 60

3.1. Gii thiu v n v .................................................................................... 60

3.2. Tip cn n v ........................................................................................... 60

3.3. u - nhc im ca h thng c .............................................................. 60



3.4. Phn tch cc yu cu t pha n v v chn cch ci t cho h thng. .. 61

3.4.1. Yu cu t pha n v ................................................................... 61

3.4.2. Yu cu v thit k ......................................................................... 61

3.5. Trin khai h thng mng trn h iu hnh Linux cho cng ty Quang

Huy. 62

3.5.1. M hnh trin khai h thng mng trn h iu hnh Linux. ......... 62

3.5.2. Ci t v cu hnh cho h thng ................................................... 63

CHNG IV. KT LUN .................................................................................... 72

TI LIU THAM KHO ...................................................................................... 73



DANH MC CC HNH V

Hnh 2. 1: Cu hnh zone nghch .................................................................................. 29

Hnh 2. 2 Cu hnh zone thun...................................................................................... 29

Hnh 2. 3: Kim tra dch v DNS .................................................................................. 30

Hnh 2. 4: Cu hnh DHCP ........................................................................................... 32

Hnh 2. 5: My client uc cp pht a ch Ip. .................................................... 33

Hnh 2. 6: Ci t Samba .............................................................................................. 35

Hnh 2. 7: S kt ni Active ..................................................................................... 43

Hnh 2. 8: S kt ni passive .................................................................................... 45

Hnh 2. 9: FTP cu hnh thnh cng ............................................................................ 47

Hnh 2. 10: Kim tra kt ni.......................................................................................... 50

Hnh 2. 11: Kim tra website ........................................................................................ 53

Hnh 2. 12. Ci t OpenLDAP .................................................................................... 56

Hnh 2. 13. Cu hnh file ldap.conf. .............................................................................. 57

Hnh 2. 14: To mt khu qun tr ........................................................................... 57

Hnh 2. 15: To LDAP Database v to file Certficate ................................................ 58

Hnh 2. 16: To file domain.ldif .................................................................................... 58

Hnh 2. 17: import file domain.ldif vo CSDL ca LDAP ............................................ 59

Hnh 3. 1: M hnh mng cho doanh nghip va v nh... 62

Hnh 3. 2: Cu hnh file named.conf ............................................................................. 63

Hnh 3. 3: Cu hnh file phn gii thun ...................................................................... 63

Hnh 3. 4: Cu hnh file phn gii nghch .................................................................... 64

Hnh 3. 5: Kim tra dch v DNS .................................................................................. 64



Hnh 3. 6: File cu hnh dhcp........................................................................................ 65

Hnh 3. 7: My client nhn c a ch Ip cp pht t server. ................................... 65

Hnh 3. 8: Cu hnh FTP thnh cng ............................................................................ 67

Hnh 3. 9: Kim tra dch v FTP................................................................................... 67

Hnh 3. 10: Ci t Openldap ....................................................................................... 68

Hnh 3. 11: File olcDatabase = {2}bdb.ldif ................................................................. 68

Hnh 3. 12: To file Certficate ...................................................................................... 69

Hnh 3. 13: File domain.ldif .......................................................................................... 69

Hnh 3. 14: Import domain.ldif vo CSDL ca LDAP .................................................. 70

Hnh 3. 15: Ngi dng cha c xc thc s dng cho LDAP. .......................... 71

Hnh 3. 16: Ngi dng c xc thc s dng cho LDAP. .............................. 71



DANH MC CC BNG BIU

Bng 2. 1: Cc bn phn phi ca Linux..19



DANH MC CC T VIT TT

HH H iu hnh

UNIX Unix-like Operating System

CNTT Cng ngh Thng tin

RHEL Red Hat Enterprise

DNS Domain name system

DHCP Dynamic Host Configuration Protocol

CSDL C s d liu

LDAP Lightweight Directory Access Protocol

FTP File Tranfer Protocol

SMB Server Message Block



LI CM N

Chng em xin c gi li cm n trn trng v su sc nht ti gio vin hng

dn Thy V Khnh Qu ngi tn tnh ch bo, hng dn v truyn t

kin thc cho chng em trong qu trnh thc hin ti ny.

Trong qu trnh hc tp v nghin cu ti, chng em xin vi s gip tn

tnh ca cc ging vin trong khoa v cc bn. Mc d nhm c gng tm hiu v

kho st thc t trng i hc SPKT Hng Yn cng nh tham kho rt nhiu

ngun trn mng nhng do kh nng v kinh nghim cn hn hp nn khng trnh

khi nhng thiu st. Chng em rt mong nhn c s ng kin ca thy c v

cc bn ti c hon thin hn!

Chng em xin chn thnh cm n!

Hng Yn, ngythngnm 2013

Sinh vin thc hin

Trnh Vn Trng

V Th Nguyt



LI M U

Hin nay h iu hnh c mi ngi s dng ph bin nht l Windows

v OS X. C th ni, windows l mt h iu hnh d s dng vi nhiu tin ch

p ng gn nh mi yu cu ca ngi dung t ra. Tuy nhin, vi bi cnh nn

kinh t th gii ang c xu hng ton cu ha hin nay, v trc thc trng v vn

vi phm bn quyn Vit Nam, nu khng gii quyt c s khin vic gia

nhp vo WTO gp kh khn. iu cho thy vic s dng h iu hnh Linux

theo em y l mt gii php tt nht gii quyt vn bn quyn nc ta hin

nay.

Linux c an ton cao, bi c c cu phn quyn r rng: ch c root mi

c quyn ci t v thay i h thng. Ngoi ra, Linux cng c c ch mt ngi

dng bnh thng c th chuyn tm thi chuyn sang quyn root thc hin mt

s thao tc. Nh trn windows, ta phi phn quyn cho ngi s dng trong Active

Directory. So vi windows, c ch phn quyn trong linux cht ch hn.

Do linux c tnh m, iu nu nh h iu hnh c l hng v c

pht hin th s c sa rt nhanh do c 1 cng ng m ngun m cng sa v

iu to nn s an ton ca Linux.

Linux thch hp cho vic qun tr mng. Do tnh chy n nh, bo mt cao,

c ch chia s ti nguyn tt m ngy nay nhiu server s dng linux. Cc dch

v ci t trn linux p ng y nh windows nh: DHCP server, DNS server,

h thng chia s ti nguyn Samba (c th chia s gia my ci windows v my ci

linux), h thng qun l tp trung LDAP, webserver Apaches

C th thy vi hng pht trin trin tin hc nc ta hin nay, i vi

ngi dng thng thng vic s dng linux vn l mt iu kh, nhng vi nhng

ngi nghin cu v tm hiu tin hc th vic s dng h iu hnh m ngun m l

iu kin tt nng cao s hiu bit ca mnh.



CHNG I. TNG QUAN V TI

1.1. L do chn ti.

1.1.1. L do khch quan

Hin nay, cng ngh thng tin ang c vai tr cc k quan trng khng th

thiu trong qu trnh qun l, iu hnh cc hot ng sn xut kinh doanh ca

mi doanh nghip. Do vy, vic xy dng c mt h thng mng vi y cc

dch v cn thit phc v kinh doanh l iu rt cn thit.

Ngoi cc yu t phn cng v ngun nhn lc qun tr th yu t phn mm

cng ng vai tr rt quan trng khi xy dng mt h thng mng. Ni n phn

mm. mt vn ln nc ta l bn quyn, chi ph mua bn quyn cc dch v

hon tt mt h thng mng l rt ln. tit kim mt khon chi ph ln,

ngi ta dn chuyn sang cc sn phm dch v t m ngun m. Ngoi vic chy

n nh, t b tn cng, c mt cng ng pht trin rt ln th u im ln nht v

ng quan tm nht ca m ngun m l khng tn ph. V nhng l do trn,

nhm thc hin ti ny.

1.1.2. L do ch quan.

Nhm chng em thc hin ti nhm mc ch tm hiu r hn v kin

thc mi trong ngnh Mng my tnh, c thm nhng hiu bit v h iu hnh m

ngun m, t phc v cho qu trnh hc cng nh c nhng li ch cho cng

vic sau khi tt nghip ra trng.

1.2. Mc ch nghin cu

- Tm hiu v h iu hnh m ngun m Linux.

- Tm hiu v h iu hnh m ngun m Linux.

- Tm hiu v bn phn phi CentOS 6.2 ca Linux

- Tm hiu v mt s dch v mng trn Linux.

- Kho st h thng mng ca cng ty.

- Ci t mt s dch v v chy th nghim.



1.3. Gii hn ca ti

- ti Qun tr h iu hnh Linux c nhm nghin cu v vic tm hiu

cc dch v mng n gin.

- Cha a ra c nhng gii php bo mt ti u cho doanh nghip.

1.4. Kt qu d kin t c

- Trin khai thnh cng mt s dch v mng trn Linux cho h thng mng

ca cng ty.



CHNG II: C S L THUYT

2.1. Tng quan v h iu hnh Linux.

2.1.1. Lch s pht trin ca Linux.

Linux l mt HH dng UNIX (Unix-like Operating System) chy trn my PC

vi b iu khin trung tm (CPU) Intel 80386 tr ln, hay cc b vi x l trung

tm tng thch AMD, Cyrix. Linux ngy nay cn c th chy trn cc my

Macintosh hoc SUN Sparc.

Linux c vit li ton b t con s khng, tc l khng s dng mt dng lnh

no ca Unix trnh vn bn quyn ca Unix. Tuy nhin hot ng ca Linux

hon ton da trn nguyn tc ca h iu hnh Unix. V vy nu mt ngi nm

c Linux, th s nm c UNIX. Gia cc h thng Unix s khc nhau cng

khng km g gia Unix v Linux.

Nm 1991 Linus Torvalds, sinh vin ca i hc tng hp Helsinki, Phn lan, bt

u xem xt Minix, mt phin bn ca Unix lm ra vi mc ch nghin cu cch

to ra mt h iu hnh Unix chy trn my PC vi b vi x l Intel 80386.

Ngy 25/8/1991, Linus cho ra version 0.01 v thng bo trn comp.os.minix ca

Internet v d nh ca mnh v Linux.

Thng 01/1992, Linus cho ra version 0.12 vi shell v C compiler. Linus khng

cn Minix na recompile HDH ca mnh. Linus t tn HDH ca mnh l

Linux.Nm 1994, phin bn chnh thc 1.0 c pht hnh.

Qu trnh pht trin ca Linux c tng tc bi s gip ca chng trnh

GNU (GNUs Not Unix), l chng trnh pht trin cc Unix c kh nng chy

trn nhiu platform. Phin bn mi nht ca Linux kernel l 2.6.25, c kh nng

iu khin cc my a b vi x l (hin ti Linux h tr my tnh c ti a 16

CPUs). Linux kernel 2.6.25 cng ng thi nng cp h thng file Ext4 (phin bn

c l Ext3), gip h tr dung lng block ln hn - t 4K ln 64K v rt nhiu cc

tnh nng khc (c th download ti (http://www.kernel.org).



Cc phin bn ca H iu hnh Linux c xc nh bi h thng s dng

X.YY.ZZ. Nu YY l s chn phin bn n nh, YY l s l phin bn th

nghim.

2.1.2. u nhc im ca h iu hnh Linux.

2.1.2.1. u im.

Kinh t

l mt c im khng th b qua ca Linux. Tuy nhin i vi Linux vn

cha l tt c. H iu hnh ny cn rt nhiu u im khc m khng mt h iu

hnh no c. Chnh nhng c im ny mi l nguyn nhn khin cho Linux ngy

cng tr nn ph bin khng ch Vit Nam m c trn th gii.

Linh hot, uyn chuyn

Linux l mt H iu hnh m ngun m nn chng ta c th ty sa cha theo

nh mnh thch (tt nhin l trong kh nng kin thc ca mi ngi). Chng ta c

th chnh sa Linux v cc ng dng trn sao cho ph hp vi mnh nht. Mt

khc do Linux c mt cng ng rt ln nhng ngi lm phn mm cng pht

trin trn cc mi trng, hon cnh khc nhau nn tm mt phin bn ph hp vi

yu cu ca mi ngi s khng phi l mt vn qu kh khn.

Tnh linh hot ca Linux cn c th hin ch n tng thch c vi rt

nhiu mi trng. Hin ti, ngoi Linux dnh cho server, PCnhn Linux cn

c nhng vo cc thit b iu khin nh my tnh palm, robotPhm vi ng

dng ca Linux c xem l rt rng ri.

an ton cao

Trc ht, trong Linux c mt c cu phn quyn ht sc r rng. Ch c "root"

(ngi dng ti cao) mi c quyn ci t v thay i h thng. Ngoi ra Linux

cng c c ch mt ngi dng bnh thng c th tm thi chuyn sang quyn

"root" thc hin mt s thao tc. iu ny gip cho h thng c th chy n nh

v trnh phi nhng sai st dn n v h thng (trong nhng phin bn



Windows gn y, c ch phn quyn ny cng bc u c p dng, nhng

so vi Linux th vn km cht ch hn).

Ngoi ra chnh tnh cht "m" cng to nn s an ton ca Linux. Nu nh mt

l hng no trn Linux c pht hin th n s c c cng ng m ngun

m cng sa v thng th ch sau 24h s c th cho ra bn sa li. Mt khc i

vi nhng H iu hnh m ngun ng nh Windows, chng ta khng th bit

c ngi ta vit g, v vit ra sao m ch bit c chng chy nh th no. V

vy nu nh Windows c cha nhng on m cho php to nhng "back door"

xm nhp vo h thng ca chng ta th chng ta cng khng th bit c. i vi

ngi dng bnh thng nh chng ta vn ny c v nh khng quan trng

nhng i vi mt h thng tm c nh h thng quc phng th vn nh th ny

li mang tnh sng cn. Cc nhn vin an ninh khng c php l mt k h

no, d l nh nht v n lin quan n an ninh ca c mt quc gia. V mt ln na

cc phn mm m ngun m ni chung v Linux ni ring li l s la chn s 1.

Trong Linux mi th u cng khai, ngi qun tr c th tm hiu ti mi ng

ngch ca h iu hnh. iu cng c ngha l an ton c nng cao.

Thch hp cho qun tr mng

c thit k ngay t u cho ch a ngi dng, Linux c xem l mt h

iu hnh mng rt gi tr. Nu nh Windows t ra l mt H iu hnh thch hp

vi my tnh Desktop th Linux li l h iu hnh thng tr i vi cc Server.

l do Linux c rt nhiu u im tha mn i hi ca mt h iu hnh mng: tnh

bo mt cao, chy n nh, cc c ch chia s ti nguyn tt..Giao thc TCP/IP

m chng ta vn thy ngy nay chnh l mt giao thc truyn tin ca Linux (sau ny

mi c a vo Windows).

Chy thng nht trn cc h thng phn cng

D cho c rt nhiu phin bn Linux c cc nh phn phi khc nhau ban hnh

nhng nhn chung u chy kh n nh trn mi thit b phn cng, t Intel 486

n nhng my Core 2 Duo, t nhng my c dung lng RAM ch 4MB n



nhng my c cu hnh cc mnh (tt nhin l tc s khc nhau nhng v

nguyn tc vn c th chy c). Nguyn nhn l Linux c rt nhiu lp trnh

vin nhiu mi trng khc nhau cng pht trin (khng nh Windows ch do

Microsoft pht trin) v chng ta s bt gp nhiu ngi c "cng cnh ng" nh

mnh v d dng tm c cc driver tng ng vi thit b ca mnh. Tnh cht ny

hon ton tri ngc vi Windows. Mi khi c mt phin bn Windows mi ra i

th bao gi km theo cng l mt cn kht v phn cng v h iu hnh mi

thng khng h tr cc thit b qu c.

2.1.2.2. Nhc im

D cho hin nay Linux ang c tc pht trin nhanh hn hn Windows nhng

khch quan m ni so vi Windows, Linux vn cha th n vi ngi s dng

cui. l do Linux vn cn c nhng nhc im c hu:

i hi ngi dng phi thnh tho.

Trc kia vic s dng v cu hnh Linux c xem l mt cng vic ch dnh

cho nhng k thut vin CNTT. Hu nh mi cng vic u thc hin trn cc dng

lnh v phi cu hnh nh sa trc tip cc file. Mc d trong nhng phin bn gn

y, cc H iu hnh Linux c nhng ci tin ng k, nhng so vi Windows

tnh thn thin ca Linux vn cn l mt vn ln. y l mt trong nhng

nguyn nhn ch yu khin Linux mc d c rt nhiu c tnh k thut tt nhng

vn cha n c vi ngi dng cui.

Tnh tiu chun ha.

Linux c pht hnh min ph nn bt c ai cng c th t mnh ng gi, phn

phi theo nhng cch ring. Hin ti c kh nhiu bn Linux pht trin t mt nhn

ban u cng tn ti nh: RedHat, SuSE, Knoppix.. Ngi dng phi t so snh

xem bn no l ph hp vi mnh. iu ny c th gy kh khn cho ngi dng,

nht l nhng ngi cn c kin thc v tin hc hn ch.

S lng cc ng dng cht lng cao trn Linux cn hn ch.



Mc d Windows c sn phm no th Linux cng gn nh c phn mm tng

t, (VD: OpenOffice trn Linux tng t nh MSOffice, hay GIMP tng t nh

Photoshop...). Tuy nhin cht lng nhng sn phm ny l cha th so snh c

vi cc sn phm vit cho Windows.

Phn cng.

Mt s nh sn xut phn cng khng c driver h tr Linux: Do hin nay Linux

cha ph bin bng Windows nn nhiu nh sn xut khng h tr cc driver chy

trn Linux. Tuy nhin chng ta vn c th tm thy cc driver ny trn internet do

cng ng m ngun m vit.

Trn c s nhn nhn mt cch khch quan cc u, nhc im ca H iu hnh

Linux cng nh xem xt xu hng pht trin tin hc nc ta c th thy,

i vi ngi dng thng thng vic chuyn t Windows sang Linux trong ngy

mt ngy hai l cha th. Tuy nhin i vi nhng ngi lm tin hc, c bit l i

vi sinh vin, vic tm hiu v nghin cu Linux v phn mm m ngun m l mt

iu kin rt tt nng cao hiu bit ca mnh. Linux du sao vn l mt h iu

hnh rt c gi tr: chi ph thp, linh hot, n inh, v bo mt cao.

2.1.3. Cc bn phn phi linux hin nay

Hin nay linux c nhiu bn phn phi khc nhau, mt phn l bi v tnh cht

ngun m ca n. Sau y l mt s bn phn phi ch yu, danh sch c cp

nht vo thng 7:

Tn bn phn

phi

Phin

bn mi

nht

Trang web chnh thc Cc bn tng

t

Ubuntu 13.04 http://www.ubuntu.com/ Kubuntu,

Xubuntu,



Edubuntu,

Ubuntu

Studio,

Lubuntu,

Macbuntu,

Debian

GNU/Linux 7.1 http://www.debian.org/

Elementary OS 0.2 http://www.elementaryos.org/

Ultimate Edition 3.4 http://ultimateedition.info/

Red Hat

Enterprise Linux 6.0 http://www.redhat.com/rhel/

Chrome Linux 2.1.1145 http://getchrome.eu/

Fedora 19 http://www.fedoraproject.org/

SUSE Linux

Enterprise

Desktop

12.2 http://vi.opensuse.org/

OpenSUSE

11.4, Mono

2.10.4

Linux Mint 14 http://linuxmint.com/

Knoppix 7.0.2 http://www.knoppix.org/

PCLinuxOS 2012 http://www.pclinuxos.com/

Mandrake 2011 http://www.mandriva.com Mandriva

CentOS 6.2 http://www.centos.org/



Gentoo 12.1 http://www.gentoo.org/

Slackware 13.37 http://www.slackware.com/

SLAX 6.1.2 http://www.slax.org/

Sabayon 10 http://www.sabayon.org/

Dreamlinux 5 http://www.dreamlinux.info/

OpenSolaris 11 http://www.opensolaris.org/

Hng k linux 6.0 SP3 http://www.redflag-linux.com/

Puppy linux 5.3.3 http://puppylinux.org/

Hacao Linux 2011 http://www.hacao.com/

Asianux 4.5 http://www.asianux.vn/ Asianux

Server

SliTaz 4.0 http://www.slitaz.org/ GNU/Linux

Linpus 1.7 http://www.linpus.com/ Linpus Linux

Back Track 5r3 http://www.backtrack-linux.org/ Back Track -

Linux

Kali linux 1.0.3 http://www.kali.org/ Kali - Linux

Super Ubuntu 11.04 http://hacktolive.org/wiki/Super_OS

Ubuntu, Zorin

OS, Linux

Mint,



Zorin OS 5 http://zorin-os.com/

Ubuntu, Super

Ubuntu, Linux

Mint

Bng 2. 1: Cc bn phn phi Linux.

2.1.3.1. Mt s bn phn phi ph bin c dng hin nay.

Ubuntu

Khng c g phi ngc nhin khi Ubuntu l bn phn phi Linux ph bin nht.

Vi hn 2.200 lt xem mi ngy trn distrowatch.com, vt xa con s 1.400 lt

ca Fedora, bn phn phi c xp v tr th hai.

Ubuntu l mt a con sinh sau mun ca h hng Linux, bn pht hnh u

tin ca Ubuntu l vo 20/10/2004, nhng s pht trin vt bc a n n v

tr hng u k t nm 2007. c thnh lp bi t ph ngi Nam Phi Mark

Shuttleworth, Canonical, cng ty pht hnh Ubuntu, nhiu nm qua vn chuyn

CD Ubuntu ti tn tay ngi dng quan tm n h iu hnh m ngun m ny

trn ton th gii. Vic lm thc y nhanh chng s ph bin ca Ubuntu.

Ubuntu da trn Debian v bao gm cc ng dng ni ting nh Firefox v

OpenOffice.org. Ubuntu c pht hnh u n 6 thng mt ln, vi phin bn h

tr lu di (LTS) s c h tr v cp nht trong 3 n 5 nm.

Ubuntu cng c cc bin th ring ca mnh nhm vo cc mc tiu khc nhau.

Kubuntu v Xubuntu, s dng KDE v Xfce nh l mi trng desktop thay cho h

thng GNOME mc nh c s dng bi Ubuntu; Edubuntu, mt d n con v l

phn b sung cho Ubuntu, c thit k cho mi trng hc tp v s dng nh;

Ubuntu JeOS (pht m "ju:s"), mt phin bn khc ca Ubuntu, thit k cho cc

my o. C th ci Ubuntu ngay trn Windows thng qua Wubi.

Fedora

Fedora l mt phin bn min ph ca Red Hat trong khi Red Hat Enterprise

Linux (RHEL) tr thnh phin bn thng mi k t nm 2003. Do quan h



khng kht ny, Fedora c bit mnh v cc tnh nng dnh cho doanh nghip, v

thng c cung cp trc mi phin bn mi ca RHEL.Fedora cng c chu k

pht hnh 6 thng mt ln vi cc tnh nng bo mt tuyt vi. Cc ci tin trong

nhng nm qua v s ph bin ngy cng tng lm cho Fedora tr thnh mt s la

chn tt cho ngi dng.

Linux Mint

y cng l mt bn phn phi non tr khc ca Linux, Linux Mint mi ch c

pht hnh t nm 2006.

Linux Mint da trn bn phn phi Ubuntu, thm vo cc ch ring, cc b

ng dng c o v c bit mnh v ho. N s dng mi trng desktop

mintDesktop, mintInstall thun tin trong ci t ng dng v mintMenu gip

iu hng d dng.

Mint ni ting d dng, thch hp cho ngi mi bt u s dng Linux. N

cng bao gm mt s codec a phng tin c quyn, thng vng mt trong cc

phn phi ln hn, do nng cao kh nng tng thch phn cng. Linux Mint

khng c mt lch trnh pht hnh c nh, nhng thng l mt phin bn mi s

c mt ngay sau mi bn pht hnh n nh ca Ubuntu.

OpenSUSE

Bn phn phi ny gi v tr cao trn Distrowatch, ng thi l nn tng cho

Novell SUSE Linux Enterprise Desktop v SUSE Linux Enterprise Server.

Gi tin ch qun l YaST ca openSUSE c nh gi l mt trong nhng

cng c tt nht. Phin bn ng gi ca bn phn phi ny i km vi cc ti liu

in hu ch m bn khng th tm thy bt k bn Linux no khc. openSUSE cng

c nh gi c kh dng mc trung bnh.

PCLinuxOS



Thay v GNOME, PCLinuxOS s dng KDE lm mi trng desktop. V c bn,

PCLinuxOS l mt phin bn gn nh ca Mandriva. Bn phn phi ny h tr tt

cc trnh iu khin ho, b sung trnh duyt v cc code a phng tin.

PCLinuxOS c th l mt s la chn tt cho ngi tp lm quen vi Linux. Chu

k pht hnh ca bn phn phi ny khng n nh v cng khng c phin bn

dnh cho h thng 64 bit.

Debian

C mt t nm 1993, bn phn phi "c xa" ny c nh gi l bn Linux tt

nht c th nghim. D l nn tng ca bn phn phi thn thin Ubuntu, nhng

Debian dng nh thch hp hn vi ngi dng c kinh nghim. Debian s dng

cc thnh phn m ngun m, l iu tt, tuy nhin s gp kh khn trong vic

tng thch vi cc thnh phn c quyn, chng hn nh trnh iu khin mng

khng dy.

Debian c chu k pht hnh tng i chm, khong t 1 n 3 nm cho mt bn n

nh.

Mandriva

Trc y c bit n vi tn gi Mandrake, Mandriva tr danh v

kho phn mm tin tin ca mnh, b qun l xut sc v phin bn 64 bit. N cng

c bc i quan trng u tin trong vic h tr Netbook. Tuy nhin, gn y c

nhiu tranh ci v Mandriva, kt qu l n c cu trc li, c kh nng nhng

phin bn vi chc nng y s khng cn dnh cho cng ng.

Sabayon/Gentoo

Sabayon l phin bn Live CD ca Gentoo, c bit n vi kh nng cho php

ngi dng ti u mnh m cc thnh phn. C hai c coi l bn phn phi tin

tin dnh cho ngi dng c kinh nghim vi Linux.

Arch Linux cng vi Slackware



Arch l bn phn phi nhm vo ngi dng c kinh nghim, quan tm n vic

tinh chnh v ti u ho h thng ca h. D khng nm trong top 10, nhng

Slackware c nh hng tng t dnh cho ngi dng quen vi Linux.

Puppy Linux

D l mt bn phn phi kh nh, nhng Puppy Linux dnh c nhiu s quan

tm ca ngi s dng. Chnh s nh gn li l tng cho cc phn cng c v ti

nguyn ngho nn. Trong iu kin nh vy, Puppy vn y cc tnh nng, bao

gm nhiu cu hnh v cc trnh thut s ci t ng dng. Ton b h iu hnh

nh chy trc tip t b nh RAM ca h thng, do , cc ng dng khi ng

mt cch nhanh chng v p ng ngay lp tc.

2.1.3.2. Mt s bn phn phi dng cho my ch Vit nam

CentOS

CentOS l mt bn phn phi h iu hnh t do da trn Linux kernel. N c

ngun gc hon ton t bn phn phi Red Hat Enterprise Linux (RHEL). CentOS

tn ti cung cp mt nn tng in ton doanh nghip t do v phn u duy

tr kh nng tng thch nh phn 100% vi ngun thng ngun ca n, Red Hat.

CentOS l vit tt ca Community Enterprise Operating System.

Trong thng 7/2010 CentOS vt qua Debian tr thnh bn phn phi Linux

ph bin nht cho my ch web, vi gn 30% ca tt c my ch web Linux s

dng n. Tuy nhin vo thng 1/2012, sau mt cuc ua i u, n b mt v tr

dn u vo tay Debian.

Debian

Debian : Distro ny cng ni ting nh s n nh ca n, cng ng debian

Vit Nam khng nhiu, cng ng Ubuntu hay Fedora l mnh hn c. Nu mun

xy dng mt server bo mt theo nguyn tc "xy dng mi th t t giy trng"

th nn dng n, khi install chn vo mc install ti thiu nhng th cn thit. Sau



th t setup cho hon chnh kim sot c nhng g c trn system, v tit

kim ti nguyn.

Ubuntu

Ubuntu : Distro ny dng cho my laptop v desktop tt, bn dnh cho server ca

Ubuntu cha thc s tt v hot ng n nh, hay xy ra li.

2.2. Mt s dch v mng trn Linux.

2.2.1. Dch v DNS.

2.2.1.1. Gii thiu v dch v DNS

Mi my tnh trn mng mun trao i thng tin vi nhau th cn phi bit r a

ch Ip ca nhau.

Mi my tnh ngoi a ch Ip cn c mt tn (HOSTNAME). lin lc th vic

ghi nh a ch Ip ca nhau l vic rt kh khn, c bit l vic a ch IPV4 cng

ngy cng khng th cung cp s lng nhu cu th vic chuyn sang dng IPV6

l iu tt yu v vic phi nh mt dy s hexa 32 s l vic khng tng.

Do nhng kh khn trn ngi ta ngh ra vic lm sao nh x a ch ip

ca mi my thnh hostname ca n v ngc li. khi trao i vi nhau ngi ta

ch cn nh tn ban u ca my tnh bn kia. Ban u do quy m mng ARPA

NET (tin thn ca mng internet) cn nh, nn ch c mt tp tin HOST.TXT lu

thng tin v nh x tn my thnh a ch Ip. Trong , tn my ch l chui vn bn

khng phn cp (plat name). Tp tin ny c duy tr ti mt my ch v cc my

ch khc lu gi bn sao ca n. Tuy nhin khi m hnh mng ln hn, vic s

dng tp tin HOST.TXT c cc nhc im sau:

- Lu lng mng v my ch duy tr tp tin HOST.TXT b qu ti.

- Xung t tn: do tn my khng phn cp v khng c c quan qun l tp

tin nn c nguy c b xung t tn.



- Khng m bo s ton vn: vic duy tr tp tin trn mt mng ln rt kh

khn. V d: khi tp tin HOST.TXT va cp nht cha kp chuyn n my

ch xa th c s thay i a ch trn mng ri.

- Tm li, vic s dng tp tin HOST.TXT khng ph hp cho mng ln v

thiu c ch phn tn v m rng. Do dch v DNS ra i nhm khc

phc cc nhc im ny.

2.2.1.2. H thng tn min DNS

DNS hot ng theo m hnh client server. My ch server cha cc thng tin

CSDL. Pha client l trnh phn gii tn resolver, n ch l cc hm th vin dng

to cc query v gi chng n my ch DNS server.

DNS hot ng nh mt giao thc tng application trong mng ICP/IP

DNS l mt c s d liu phn tn. C nhim v chuyn i tn min sang a

ch IP v ngc li. H thng DNS ra i nhm mc ch gip ngi s dng mt

tn d nh, d s dng.

Nguyn tc lm vic ca DNS:

- Mi nh cung cp dch v vn hnh v duy tr DNS server ca ring mnh.

Khi c yu cu tm kim mt website no , th DNS server phn gii tn

website ny phi l DNS server ca chnh t chc qun l website .

- INTERNIC Internet Network Information Center chu trch nhim qun l

cc tn min v DNS server tng ng.

- DNS server c kh nng truy vn cc DNS server khc. Ngoi vic phn gii

tn min cho cc my trong ni b th n cng h tr cc truy vn t cc

my ngoi mng internet vo bn trong.

- DNS server cng c kh nng nh li cc tn va phn gii, dng cho

nhng ln truy vn ln sau. S lng tn min c lu li ph thuc vo

quy m ca tng DNS server.



2.2.1.3. Hot ng ca DNS server trong Linux

Phn loi DNS server

- Primary name server: Ngun xc thc thng tin chnh thc cho cc domain

m n c php qun l

- Secondary name server: server d phng cho primary server.

- Caching name server: lu li cc ln truy vn ca client, gip cho cc ln

truy vn sau c nhanh chng v gim ti cho server.

DNS zone l tp hp cc nh x t Host n a ch IP v t IP ti Host trong

mt phn lien tc trong mt nhnh ca Domain. Thng tin DNS Zone l nhng

Record gm tn Host v a ch IP c lu trong DNS server.

DNS server qun l v tr li yu cu ny t Client lin quan n DNS server

ny. H thng tn min cho php phn chia tn min qun l v chia h thng tn

min thnh Zone v trong Zone qun l tn min c phn chia . Zone file lu

thng tin Zone dng text hoc trong Active Directory.

Zone thun v Zone nghch:

- Zone thun Forward Lookup Zone phn gii tn my thnh a ch IP

- Zone nghch Reverse Lookup Zone phn gii a ch IP thnh tn my.

Cc loi truy vn:

- Truy vn quy (Recursive query): khi name server nhn c truy vn

dng ny, n bt buc phi tr v kt qu tm c hoc thng bo li nu nh truy

vn ny khng phn gii c. Name server khng th tham chiu truy vn n mt

name server khc. Name server c th gi truy vn dng quy hoc tng tc n

name server khc nhng n phi thc hin cho n khi no c kt qu mi thi.

- Truy vn tng tc: khi name server nhn c truy vn dng ny, n tr li

cho resolver vi thng tin tt nht m n c c vo thi im . Bn thn name

server khng thc hin bt c mt truy vn no thm. Thng tin tt nht tr v c

th ly d liu t d liu cc b (k c cahe). Trong trng hp name server khng



tm thy trong d liu cc b n s tr v tn min v a ch IP ca name server

gn nht m n bit.

Cc file cu hnh chnh:

- Host.conf: l tp iu khin hot ng ca rersolver, n quy nh cc dch v

s dng ca resolver v th t s dng ca chng.

- Resolver (b gii): khi mt chng trnh cn gii mt tn host th cn s

dng mt c ch gi l b gii. B gii u tin s tra cu file /etc/host.conf v xc

nh phng thc no s c s dng gii quyt cc tn host (local file, name

server NIS hay ldap server).

- File named.conf: file cu hnh chnh ca DNS.

- Cc tp c s d liu DNS cc file phn gii thun, phn gii nghch.

Thnh phn c bn l bn ghi ngun RR (Resource Record). Mi bn ghi c

mt kiu d liu, bao gm:

SOA (Start of Authority): trong mi tp tin c s d liu phi c mt

v ch mt record SOA. Record SOA ch ra rng my ch name server l ni cung

cp thng tin tin cy t d liu c trong zone.

NS (Name server): tn server

MX (Mail Exchange): chuyn mail trn mng Internet.

A (Address): nh x tn my (hostname) vo a ch IP

CNAME (canonical name): tn b danh ca server.

PTR: dng nh x a ch IP thnh hostname.

2.2.1.4. Ci t v cu hnh dch v DNS server.

Ci t: Cn download v ci t gi BIND trn my linux. Thng th tn file

ci t BIND bt u l bind, sau l version.

- Nu khng bit version no, g bind*

- Thng thng c 2 cch ci t BIND l ci t gi compile sn (RPM

Redhat Package Manager):



+ Ci t gi rpm: rpm ivh bind-9.7.3-8.P3.el6.x86_64.rpm, nu c internet

th ci bng lnh yum y install bind*

+ Ci t source: mount th mc cha gi ci t DNS vo my ch centos:

#mount /dev/cdrom/media

Cu hnh DNS

nh ngha nhng cu hnh ton cc cho DNS server:

C php:

Options [

(directory path_name)

(forwarders [in_addr1; inaddr2;]

(allow_query [address_match_list]

(notify yes/no

(also notify [ip_addr1, ip_addr2;]

(also update [ip_addr1, ip_addr2;]

Directory

Forwarders: danh sch a ch Ip ca cc name server m n s gi yu cu truy

vn khi cn.

Allow-query: danh sch a ch Ip c php truy vn CSDL DNS

Notifi: mc nh c set l yes, khi c s thay i trn CSDL th name server

s gi thng bo v s thay i ny cho cc name server c khai bo trong danh

sch name server c lit k trong record NS v cc name server c khai bo

trong ty chn also-notify.

+ Cu hnh master DNS, ta vo file vi /etc/named.conf:

Ta tin hnh cu hnh phn gii ngc nh sau: to file theo ng dn sau vi

/var/named/doan.nghich.



Hnh 2. 1: Cu hnh zone nghch

+ Ta tin hnh cu hnh phn gii thun nh sau: to file theo ng dn sau vi

/var/named/doan.thuan.

Hnh 2. 2 Cu hnh zone thun.



Sau khi cu hnh xong file ny v ping thnh cng 2 my th restart li dch v.

Kim tra dch v DNS phn gii trong nslookup.

Hnh 2. 3: Kim tra dch v DNS

2.2.2. Dch v DHCP

2.2.2.1. Gii thiu dch v DHCP

H thng cn cung cp IP mi my tnh cc my ny c th lin lc vi nhau.

Vi m hnh mng tng i nh, vic cp IP tng i d dng. Nhng vi mt

m hnh mng ln th vic cung cp IP tr nn kh khn. V vy cn phi c mt

dch v cung cp IP t ng cho cc my client trong h thng mng.

- DHCP l mt dch v cung cp IP t ng cho cc client.

- Hot ng theo m hnh Client server

- Ngoi ra DHCP cn c nhiu tnh nng khc cho client nh: cung cp a ch

ca my tnh dng gii quyt tn min DNS, a ch ca mt Gateway

router



C ch s dng cc thng s mng c cp pht ng c u im hn so vi

c ch khai bo tnh cc thng s mng nh:

- Khc phc c tnh trng ng a ch IP v gim chi ph qun tr cho h

thng mng.

- Gip cho cc nh cung cp dch v (ISP) tit kim c s lng a ch IP

tht (public IP).

- Ph hp vi my tnh thng xuyn di chuyn qua li gia cc mng.

- Kt hp vi h thng mng khng dy (wireless) cung cp cc im Hostpot

nh: nh ga, sn bay, trng hc

2.2.2.2. Nguyn tc hot ng

Giao thc DHCP lm vic theo m hnh client/server. Theo , qu trnh tng

tc gia DHCP client v server din ra theo cc bc sau:

- Khi my client khi ng, my s gi broadcast gi tin DHCPDISCOVER,

yu cu mt server phc v cho mnh. Gi tin ny cng cha a ch MAC ca my

client.

- Cc my server trn mng khi nhn c gi tin yu cu , nu cn kh

nng cung cp a ch IP, u gi li cho my client gi tin DHCPOFFER, ngh

cho thu mt a ch IP trong mt khong thi gian nhp nh, km theo l mt

subnet mask v a ch ca server. Server s khng cp pht a ch IP va ngh

cho nhng client khc trong sut qu trnh thng thuyt.

- My client s la chn mt trong nhng li ngh (DHCPOFFER) v gi

broadcast li gi tin DHCPREQUEST chp nhn li ngh . iu ny cho php

cc li ngh khng c chp nhn s c cc server rt li v dng cp pht

cho client khc.

- My server c client chp nhn s gi ngc li mt gi tin DHCPACK

nh l mt li xc nhn, cho bit l a ch IP , subnet mask v thi hn s

dng s chnh thc c p dng. Ngoi ra server cn gi km theo nhng thng

tin cu hnh b sung nh a ch gateway mc nh, a ch DNS server.



2.2.2.3. Cc thng s trong cu hnh DHCP

- Option: Dng cung cp cc yu t cho pha client nh a ch IP, a ch

subnet mask, a ch Gateway, a ch DNS

- Scope: mt on a ch c quy nh trc trn DHCP server dng gn

cho cc my client.

- Reservation: l nhng on a ch dng nh trong mt s scope c

quy nh trn.

- Lease: thi gian cho thu a ch IP i vi mi client.

2.2.2.4. Ci t v cu hnh dch v DHCP.

cu hnh dch v DHCP, bn cn phi ci t gi dch v DHCP. C 2 cch

ci t.

- Cch 1: ci t t a cd

#rpm ivh dhcp-*.rpm (vi * l phin bn ca gi dch v).

- Cch 2: ci t bng cch ti trn mng

#yum y install dhcp

Kim tra gi ci t: # rpm qa|grep dhcp. Sau khi ci t, ta cu hnh nh sau:

Hnh 2. 4: Cu hnh DHCP



Sau khi cu hnh file dhcpd.conf, thc hin lnh service dhcpd start bt

dch v. kim tra dch v cp pht ip thnh cng hay cha, ta sang my Xp g

lnh ipconfig kim tra.

Hnh 2. 5: My client c cp pht a ch Ip.

2.2.3. Dch v SAMBA.

2.2.3.1. Gii thiu SAMBA

Cc h thng Linux s dng giao thc TCP/IP trong kt ni mng, trong khi

h iu hnh ca Microsoft s dng mt giao thc kt ni mng khc giao thc

Server Message Block (SMB), giao thc ny s dng NETBIOS cho php cc

my tnh chy Windows chia s cc ti nguyn vi nhau trong mng cc b. kt

ni ti cc mng bao gm c nhng h thng Unix, Microsoft pht trin Common

Internet File System (CIFS), CIFS vn s dng SMB v NETBIOS cho mng

Windows. C mt s phin bn ca SMB c gi l Samba.

Samba c to ra bi Andrew Tridgell 1991, c pht trin da trn giao

thc SMB v CIFS. Samba l giao thc dng giao tip gia Linux v window



vi mt s chc nng nh: chia s file, chia s th mc, qun l printer, printer

setting tp trung, chng thc client login vo window domain, cung caaos Windows

Internet Name Service (WINS). C th thy rng, ngi dng trn mng c th

dng chung cc tp tin v my in. Ngi dng c th iu khin truy nhp ti

nhng dch v ny bng cch yu cu ngi dng phi nhp mt m truy nhp, iu

khin truy nhp c th thc hin 2 ch : ch dng chung (share mode) v ch

ngi dng (user mode). Ch dng chung s dng mt mt m truy nhp ti

nguyn dng chung cho nhiu ngi. Ch ngi dng cung cp cho mi ti

khon ngi dng mt m truy nhp ti nguyn khc nhau. V l do phi qun l

mt m truy nhp, samba c s dng tp tin /etc/samba/smbpassword lu tr cc

mt m truy nhp ngi dng.

cu hnh v truy nhp mt h thng Samba v Linux, ngi dng cn thc hin

cc th tc chnh sau:

- Cu hnh dch v v khi ng dch v Samba.

- Khia bo ti khon s dng Samba

- Truy nhp dch v Samba.

Cc tp tin cu hnh dch v:

/etc/samba/smb.conf : tp tin cu hnh ca Samba

/etc/samba/smbpassword : cha mt m truy nhp ca ngi dng

/etc/samba/smbusers : cha tn hiu cho cc ti khon ca samba.

smbpasswd a: to ti khon Samba.

smbpasswd: thay i thng tin ti khon Samba.

smbclient: truy nhp dch v SBM

smbstatus: theo di tnh trng kt ni hin hnh.

2.2.3.2. Ci t v cu hnh

Gi phn mm Samba c th ly t a CD hoc download t mng. Cc bc

ci t nh sau:



- Kim tra dch v Samba c ci t hay cha: rpm qa | grep samba

- Ci t nu cha ci t: thc hin ci t nh sau:

Hnh 2. 6: Ci t Samba

Daemon ca dch v Samba s dng tp tin cu hnh /etc/samba/smb.conf. Tp

tin ny c chia thnh hai phn chnh:

- Golbal setting: phn dnh cho nhng la chn ton cc ca dch v.

- Sharing setting: phn dnh cho khai bo ti nguyn c a ln mng dng

chung.

Nhm [global]: cc tham s trong nhm ny c p dung mt cch ton cc

cho ton dch v, ng thi, mt s tham s trong nhm ny cng l cc tham s

mc nh ca cc nhm khng khai bo tng minh. Nhm ny phi c t ti

phn u trong tp tin cu hnh /etc/samba/smb.conf

Mt s tham s c bn trong nhm [global] cn c cu hnh bao gm:

- Workgroup: ch ra tn ca nhm (workgroup) mun hin th trn mng. Trn

windows, tn ny c hin th trong ca s Network Neighborhood.



- Host allow: ch ra nhng a ch mng hay a ch my c truy nhp ti

dch v Samba. Cc a ch trong danh sch uc vit cch nhau mt khong

trng.

- Encrypt passwords: gi tr mc nh l yes. Vi tham s ny, Samba s thc

hin m ha mt m d tng thch c vi cch m ha ca windows. Trong

trng hp khng m ha mt m, ngi dng ch c th s dng dch v Samba

gia cc my Linux vi nhau hoc ngi dng phi cu hnh li my tnh Windows

nu mun s dng Samba trn Linux.

- Smb passwd file: nu encrypt passwords=yes, tham s ny s xc nh tp

cha mt m uc m ha. Mc nh l /etc/samba/smbpasswd

- Usename map: ch ra tp tin cha cc tn hiu (alias) cho mt ti khon h

thng. Gi tr mc nh l: /etc/samba/smbusers

- Printcap file: cho php Samba np cc m t my in t tp tin: printcap. Gi tr

mc nh l: /etc/printcap

- Sercurity: khai bo ny xc nh cch thc cc my tnh tr li dch v Samba.

Mc nh tham s ny c gi tr l user, gi tr cn s dng khi kt ni ti cc my

tnh windows.

Nhm [homes]: nhm ny xc nh cc iu khin mc nh cho truy nhp nh

th mc ch ca ngi dng thng qua giao thc SMB bi ngi dng t xa. Khi

c yu cu kt ni, samba s thc hin kim tra cc nhm hin c, nu nhm no

p ng c yu cu, nhm s c s dng. Nu khng p ng c yu

cu, nhng nhm tn ti n s c x l nh m t trn. Mt khc, tn nhm

c yu cu cng c x l nh mt tn ca my in v samba thc hin tm kim

tp tin printcap tng ng xc nh xem tn nhm c yu cu c hp l hay

khng. Nu hp l, mt ti nguyn dng chung s c da trn nhm [printers].

Ngoi 3 nhm c bit c nu trn, thc hin to cc ti nguyn dng

chung khc, ngi dng cn thc hin to cc ti nguyn ny. Cc nhm dnh cho

cc ti nguyn dng chung, nh l cc mc trn h thng, thng t sau nhm

[home]v[printer] v c th t tn bt k.



Cc tham s thng c khai bo trong cc nhm khai bo ti nguyn dng

chung trong tp tin cu hnh /etc/samba/smb.conf bao gm:

- Comment: M t ty cho cc ti nguyn c a ln mng dng chung.

- Path: ch ra ng dn n th mc trn h thng tp tin m ti nguyn dng

chung tham chiu ti.

- Public: c gi tr l yes hoc no. Nu l public = yes, Samba cho php mi

ngi dng u c th truy nhp ti nguyn dng chung .

- Browseable: c gi tr yes hoc no. Nu l browseable = yes th th mc c

dng chung s c nhn thy trn mng. Gi tr mc nh l yes.

- Valid user: Danh sch nhng ngi dng uc quyn truy nhp ti nguyn

dng chung. Tn ngi dng c cch nhau bi khong trng hoc k t ,. Tn

nhm uc ng trc bi k t @

- Invalid users: danh sch nhng ngi dng khng c quyn truy nhp ti

nguyn dng chung. Tn ngi dng c cch nhau bi khong trng hoc k t

,. Tn nhm c ng trc bi k t @

- Writeable:c gi tr yes hoc no. Nu l writeable = yes ngi dng c

php ghi vo th mc dng chung.

- Write list: Xc nh danh sch ngi dng /nhm c quyn ghi ti th mc

dng chung. Trong trng hp ch ra tn nhm, trc tn nhm phi l mt k t

@.

- Printable: c gi tr l yes hoc no. Nu l printable = yes ngi dng c

php truy nhp n dch v in.

- Create mask: thit lp quyn trn th mc/tp tin c to trong th mc

c dng chung. Gi tr mc nh l 0744

Th d di y l cc khai bo thc hin a mt ti nguyn c tn dng

chung l mydoc (th mc trn h thng l /home/shired) cho c hai ti khon a1, a2

v cc ti nguyn thuc nhm nhanvien c php truy nhp:

[mydoc]



path=/home/shired

public=no

valid users= a1 a2 @nhanvien

writable=yes

create mask=0766

Ch :

- Th mc c a ln mng dng chung phi cung cp quyn tng ng cho

ngi dng.

- Cc tham s c ch ra nhm ti nguyn c dng chung s c hiu lc

thay th cc tham s c thit lp nhm [global].

- Trong tp tin smb.conf c th s dng mt s bin thay th nh %m tn

NetBIOS ca my client, %Samba tn dch v hin hnh (nu c), %u tn ngi

dng hin hnh (nu c ) d: path = /home/%u s c phin dch l

path=/ymp/foo nu ti khon foo thc hin truy nhp.

Chia s th mc:

Sau khi lp cu hnh mc nh cho server Samba, bn c th to ra nhiu th mc

dng chung (th mc chia s) v quyt nh xem c nhn no, hoc nhm no c

php s dng chng.

V d bn mun th mc pladir ch dnh ring cho user leduan m thi. Bn cn

vit ra mt on mi v ghi cc thng tin cn thit vo: khai bo user, ng dn

n th mc, cng vi thng tin cu hnh cho server SMB nh sau:

[pladir]

comment = Pla's remote source code directory

path = /usr/local/src

valid users = leduan



browsable = yes

public = no

writable = yes

create mask = 0700

on trn y to ra mt th mc chia s mang tn plasdir. ng dn n

th mc ny trn server ti ch l /usr/local/src. V mc browseable c khai bo

"yes", danh sch duyt mng s c tn l plasdir. Nhng v mc public li l "no"

nn ch c user tn l lan_anh mi c quyn dng Samba vo ra th mc. Mun

cho ai c truy cp, bn ch cn lit k h ti th mc valid users.

2.2.3.3. Qun tr ti khon Samba

c th s dng dch v Samba(ngoi tr trng hp cho php mi ngi dng

truy nhp), ngi dng cn phi thit lp ti khon ngi dng Samba. Ti khon

ngi dng Samba l mt ti khon c xy dng da trn ti khon h thng (ti

khon ca Linux), do vy, phi c ti khon ngi dng h thng ngi dng mi

c th to c ti khon samba.

To ti khon Samba:

Samba s dng database ngi dng ring chng thc user,password khi

ngi dng truy cp vo samba ch khng dng database ngi dng trong file

passwd ca h thng.

Samba phin bn 3.0 tr ln, khng cn dng lnh smbadduser na m s dng

c php sau to ti khon samba:

smbpasswd a

V d: lnh sau cho php to ti khon Samba c tn a3 ng vi ti khon a3 ca

linux:

[root@server2]# smbpasswd a a3



Qun tr ti khon Samba smbpasswd: Lnh smbpasswd c s dng

qun l cc ti khon Samba. Tin ch ny cho php xa ti khon, kho ti khon

cng nh cho php thay i mt m ng nhp vo dch v Samba.

C php lnh: smbpasswd [option] [username]

Trong username l tn ti khong ngi dng Samba. Trong trng

hp khng c i s username, lnh ny tc ng ti ngi dng hin hnh.

Lnh smbpasswd khi s dng khng c la chn (option), n cho php thay i

mt m truy nhp ca ti khon Samba username.

Mt s la chn ca lnh nh sau:

-x : Xo ngi dng Samba username khi tp tin /etc/samba/smbpasswd.

-d : V hiu ha ti khon Samba ca ti khon username, bng cch ghi

c D vo trong phn iu khin ti khon trong tp tin smbpasswd.

-e: Bt li ti khon Samba b kha trc , bng cch g b c D trong tp

tin smbpasswd.

-n: Cho php username s dng mt m trng (khng mt m). Ch rng, tham s

null passwords =yes phi c thit lp trong nhm [global] tp tin

/etc/samba/smb.conf.

V d: xa ti khon a3 ca Samba, ngi dng thc hin lnh sau: #

smbpasswd x a3

2.2.3.4. S dng dch v Samba

Truy nhp dch v SMB - lnh smbclient

Vic truy nhp dch v Samba ca Linux t cc my tnh Windows c thc

hin tng t nh vic truy nhp cc thng tin c chia s gia cc my tnh

Windows.

Cc h thng Linux c th truy nhp h dch v Samba bng cch thi

hnh lnh smbclient.smbclient, hot ng ging nh FTP, cho php truy nhp h



thng s dng giao thc SMB. Nhiu lnh smbclient tng t nh FTP, nh l lnh

mget truyn tp tin, lnh del xa tp tin.

C php lnh: smbclient //servername/service [options]

Trong servername l tn (hay a ch IP) ca my ch Samba, service l tn

th mc c chia s (chnh l tn ca nhm c khai bo trong tp tin cu hnh

ca Samba /etc/samba/smb.conf).

Mt s la chn hay dng ca lnh:

U username: Tn ti khon ng nhp s dng Samba.

L host: Lit k danh sch cc th mc c chia s trn my c a ch IP

hay tn my l host.

N: Khng xut hin li nhc yu cu nhp mt m. Thng dng trong

trng hp th mc c chia s l public.

Mt khi kt ni c vi my ch Samba, Samba xut hin li nhc nh

sau:

smb: \>

Ti li nhc ny, ngi dng c th thi hnh cc lnh ca smbclient. Phn

ln nhng lnh ny tng t nh nhng lnh ca ftp ( gi v ly tp tin v, nh

l get, mget, put, mput) v ging nh nhng lnh v qun l tp tin ca Linux

(nh l ls,rm, cd). bit c cc lnh ca smbclient. Ti li nhc ny

ngi dng dng lnh?.

Gn kt mt ti nguyn dng chung vo h thng tp tin (mount & umount)

Vic truy nhp cc tp tin dng chung thng qua lnh smbclient l kh bt tin v

khng c linh hot. trong trng hp thng xuyn c cc thao tc trn th mc

dng chung, ngi dng c th gn kt th mc c share trn mng vo h

thng tp tin cc b c th s dng nh mt th mc bnh thng. lnh c s

dng thc hin tc v ny l lnh mount vi c php nh sau:



mount [-t type] [-o options] device dir

Trong :

Type l kiu ca thit b cn mount.

Option l cc ty chn i vi thit b c mount.

Device l tn thit b cn mount.

Dir l ng dn n mount point.

V d: lnh di y thc hin gn kt th mc dng chung c tn l software trn

my c a ch 192.168.1.202 vo th mc /home/software/ trn h thng tp

tin vi quyn ca ti khon username=administrator, password=123456:

[root@server2~]#mount t cifs -ousername=administrator,

password=123456

//192.168.1.202/software /home/software

c th g b gn kt th mc dng chung, ngi dng s dng lnh umount

vi c php sau:umount mountpoint

Trong mountpoint l v tr (th mc) trn h thng tp tin cc b m th mc

dng chung c gn kt vo.

V d: g b gn kt ca th mc software va thc hin gn kt th d trn:

[root@server2 ~]# umount /home/software

2.2.4. Dch v FTP

2.2.4.1. Gii thiu

VSFTP l 1 dch v FTP server, chng ta s dng h thng VSFTP c th chia s

ti liu (ti nguyn) cho ngi khc.

VSFTP l FTP server chy trn mi trng Linux.

VSFTP s phn quyn da trn cu hnh v File Permisson.



Hot ng ch Active: ch ny, my khch dng 1 cng ngu nhin

(cng N>1024) kt ni vo cng 21 ca FTP server. Sau , my khch lng nghe

trn cng N+1 v gi lnh n FTP server v t cng d liu ca mnh, FTP server

kt ni li vi cng d liu ca my khch khai bo trc . Khi FTP server

hot ng ch ch ng, client khng to kt ni tht s vo cng d liu ca

FTP server, m ch n gin l thng bo cho FTP server bit rng n ang lng

nghe trn cng no v Server phi kt ni ngc vo cng .

kha cnh Firewall, FTP h tr ch active cc knh truyn phi m:

Cng 21 ca FTP server phi c m cho bt c ngun gi no ( client

khi to kt ni

Cho kt ni t cng 20 ca FTP server n cc cng >1024 (server khi to

kt ni vo cng d liu ca client)

Nhn kt ni n cng 20 ca FTP server t cc cng >1024.

S kt ni Active:

Hnh 2. 7: S kt ni Active

Bc 1: Client khi to kt ni vo cng 21 ca server v gi lnh PORT 1027.



Bc 2: Server gi xc nhn ACK v cng lnh ca client.

Bc 3: Server khi to kt ni t cng 20 ca mnh n cng d liu m client

khai bo trc .

Bc 4: Client gi ACK phn hi cho server.

Hot ng ch Passive: ch th ng, FTP client to kt ni n

server, trnh vn firewall lc kt ni n cng ca my bn trong t server. Khi

kt ni FTP c m, client s m 2 cng dnh ring (>1024), cng th nht dng

lin lc vi cng 21 ca FTP server, nhng thay v gi lnh PORT v sau l

server kt ni ngc tr li, th lnh PASS c pht ra. Kt qu l server s m

mt cng bt k (>1024) v gi lnh PORT P ngc tr li cho client. Sau client

t kt ni t cng th hai vo cng P trn server truyn d liu.

h tr cho FTP ch passive, cc knh truyn cn phi c m l:

Cng 21 ca FTP server nhn kt ni t bt c ngun no (cho client t

khi to kt ni)

Cho php tr li t cng 21 ca FTP server ti bt c cng no (>1024).

Nhn kt ni trn cng FTP server >1024 t bt c ngun no (client kt ni

truyn d liu n cng ngu nhin m server ch ra).

Cho php tr li t cng FTP server >1024 n cc cng >1024 ca client.

S kt ni passive:



Hnh 2. 8: S kt ni passive

Bc 1: Client gi yu cu.

Bc 2: Server tr li bng lnh PORT 2024, cho client bit cng 2024 ang c

m nhn kt ni d liu.

Bc 3: Client to kt ni truyn d liu t cng d liu ca n n cng d liu

2024 ca server.

Bc 4: Server tr li bng xc nhn ACK v cho cng d liu ca client.

Ch : i vi FTP th ng, cng m lnh PORT m t chnh l cng s c m

trn server. Cn i vi FTP ch ng cng ny s c m client.

FTP Server: FTP server l my ch lu tr nhng ti nguyn v h tr giao thc

FTP giao tip vi nhng my khc cho php truyn d liu trn internet.

FTP Server l my ch lu gi nhng ti nguyn v h tr giao thc FTP

giao tip vi nhng my tnh khc cho php truyn d liu trn Internet.

Mt s chng trnh FTP Server s dng trn Linux: Vsftpd, wu-ftpd, pureFTPd,

proFTPD,

C 3 cch ci t FTP server:



- Anonymous ftp: Khi thit lp Anonymous FTP. Mi ngi c th truy cp

ti Server.

- Vi Anonymous acount m khng c password, ngi qun tr server s thit

lp gii hn hn ch cc user upload nhng files khng c php upload

ln Server nh: Music, Films, games

- FTP vi anonymous access v users account c password: Khi s dng giao

thc ny cc truy cp vo server th ch cn truy cp ti Directory (ngoi

tr user root), chng ta c th view/modify/delete tt c cc files hay tt c

cc forders.

- FTP vi Mysql h tr Virtual users authentication: Giao thc ny ch cho

php mt s nhm ngi dng truy cp ti Server

2.2.4.2. Ci t

Kim tra xem dch v FTP c ci t trn h thng hay cha:

#rpm qa | grep vsftpd

Ci t a CD:

#mount /dev/cdrom /media/

#rpm ivh /media/CentOS/ vsftpd-2.0.5-16.el5.i386.rpm

Sau khi chy xong file ny th VSFTP c ci t thnh cng.

2.2.4.3. Cu hnh dch v FTP.

Sau khi ci t xong th th mc chnh ca VSFTP l /etc/vsftp. Bn trong th mc

ny s c 1 file cu hnh chnh l vsftpd.conf. Sau khi cu hnh, kim tra xem cu

hnh c thnh cng khng.



Hnh 2. 9: FTP cu hnh thnh cng

2.2.4.4. Mt s option quan trng

VSFTP dng chung user vi user do linux qun l. Khi to bn Linux 1 user mi

vi tn v password y c ca user s l th mc chnh khi user

ng nhp vo h thng. Chng ta c th phn quyn trn th mc phn

quyn ngi dng trn Server.

Mt s option quan trng nh:

D liu cn xc nhn gi tr BOOLEAN

listen : y l 1 option rt quan trng dng bt tt ch Standalone, mc nh

Option ny l NO. Tuy nhin i vi tt c cc my chy VSFTP n l

nht thit phi thit lp option listen=YES, nu khng thit lp Server VSFTP s

khng khi ng c.

anomymous: option ny nu =YES th cho php ng nhp vo server vi vai

tr anomynous. Default =YES. Nu server FTP ngi dng mun xy dng v

khng cho s xm nhp ca ngi l th nn set anomynous=NO.



local_enable: c cho php user hin ang trn local host truy xut n Server FTP

ang chy local. Default = NO.

write_enable: cho php user c c ghi ln server hay khng. y l 1 option

quan trng n cng 1 phn quyt nh v FTP server dng no: ch c, c th

ghi, vvv. Default = NO.

anon_upload_enable: cho php user anonumous c c upload file hay khng.

option ny phi c cu hnh chun vi option write_enable pha trn. Nu mun

user upload file c th ng thi bt 2 option ny bng YES. Default = NO.

anon_mkdir_enable: cho php user anonymous to c th mc trn server,

nu bt YES th write_enable cng phi bt YES.download_enable: cho php

User download file hay khng. Nu =NO, tt c cc yu cu download u b

t chi ht. Default = YES.

userlist_deny: NO cho php cc user trong danh sch trong File user_list c php

truy cp vo FTP (file user_list nm cng th mc vi File cu hnh). Nu YES th

ngc li.

D liu cn xc nhn gi tr NUMERIC

max_client: khi cht standalone c bt tc listen=YES th max_client ny quy

nh s kt ni ti a ca Client vo Server. Default = 0. nu =0 tc l khng gii

hn s kt ni.

connect_timeout: quy nh thi gian timeout cho 1 connection, c tnh bng giy.

Default = 60.

data_connection_timeout: quy nh thi gian ti a thc hin vic truyn d liu,

qu thi gian ny s b ct khi truyn. tnh bng giy. Mc nh l 300. bo m

vic truyn d liu th chng ta cng nn option ny c 1 gi tr cao.

file_open_mode: umask ca file s c user upload (nu server cho php

upload). Default = 0666.

D liu cn xc nhn gi tr STRING



listren_address: khi server ch StandAlone a ch lng nghe mc nh s c

thay bng a ch ny.

vsftpd_log_file: tn file log m server s ghi log xung.

ftp_username: y l tn user mnh s s dng qun l cho cc anonymous user.

Default: ftp.

2.2.4.5. Kch hot dch v

Sau khi chng ta cu hnh xong th cng vic tip theo l cn phi khi ng

server.Server c 3 lnh chnh l start, top, restart. gi thc hin 3 lnh ny th c

2 cch.

- cch 1:

/etc/init.d/vsftpd start

/etc/init.d/vsftpd stop

/etc/init.d/vsftpd restart

- cch 2: l cch khi ng chung cho cc server

service vsftpd start

service vsftpd stop

service vsftpd restar

c th mc nh mi ln khi ng my th VSFTP c khi ng theo:

- Dng cho dng Redhat/ Fedora: chkconfig vsftpd on.

2.2.4.6. Kt ni ti FTP server.

kt ni ti FTP ta c th dng nhiu cch khc nhau nh trnh duyt web hay

phn mm.

y l cch truy cp bng trnh duyt.

S dng bng trnh duyt IE:



Hnh 2. 10: Kim tra kt ni

2.2.5. Dch v Webserver.

2.2.5.1. Gii thiu

Apache l mt phn mm c nhiu tnh nng mnh v linh hot dng

lm Webserver, cung cp source code y vi license khng hn ch.

- Mi trng tt nht s dng Apache l Unix.

- H tr y cc giao thc HTTP, HTTPS, FTP

- Chy trn nhiu h iu hnh: Unix, Windows, Linux, Netware, OS/2.

2.2.5.2. Ci t v cu hnh dch v Httpd

Trong terminal g rpm qa | grep httpd kim tra ci t cha. Nu cha th

dng lnh: yum install httpd ci t. Hoc c th ci t a: thc hin lnh rpm

ivh httpd2.2.15- 15.el6.centos.x86_64.rpm.

Khi ng dch v.

Mc nh th dch v Apache cha c kch hot. khi ng, s dng cng

c hoc dng dng lnh:



# service httpd start

Apache s khi ng mi ln h thng boot, hy enable dch v Apach bng

cu lnh sau:

#chkconfig httpd on

Khi thay i cu hnh cu hnh ca Apache, bn phi reload li Apache bng

dng lnh:

# service httpd reload

Cc tham s trong tp tin cu hnh httpd.conf.

Global Environment.

ServerRoot: ni t tp tin cu hnh

C php: ServerRoot

V d: ServerRoot /etc/httpd

Listen: quy nh a ch IP hoc cng m web server nhn kt ni t client.

C php: Listen

V d: Listen 8080 #cng 80 tt c cc card mng.

Listen 192.168.5.6:8080 #cng 8080 ca 1 card mng.

TimeOut : qui nh thi gian sng ca mt kt ni (tnh bng giy).

V d: TimeOut 300

KeepAlive : cho php hoc khng cho php client gi c nhiu yu cu

da trn mt kt ni vi web server

V d: KeepAlive On

MaxKeepAliveRequest : s ti a ca request trn mt kt ni (nu

cho php nhiu Request trn mt kt ni)

V d: MaxKeepAliveRequest 100



KeepAliveTimeOut : qui nh thi gian ch cho mt Request k tip t

cng mt client trn cng mt kt ni (c tinh bng giy)

V d: KeepAliveTimeOut 15

MaxClients : qui nh s yu cu ti a t cc client gi ng thi n

server

V d: MaxClients 256

BindAddress : qui nh a ch card mng chy Apache trn server. S

dng du * c th s dng tt c cc a ch c trn my.

V d: BindAddress 192.168.5.5

Mc nh l: BindAddress *

Main server configuration.

User apache

Group apache

ServerAdmin < email>: a ch email ca ngi qun tr website

V d: ServerAdmin [email protected]

ServerName tn hoc a ch ca

V d: ServerName www.linuxgroup.com

DocumentRoot : ni t d liu web

+ ServerSignature Off: khng hin th thng tin v server

+ AddDefaultCharset UTF-8: b m mc nh

+ DirectoryIndex : cc tp tin mc nh khi truy cp tn

website.

V d: DirectoryIndex index.html index.html index.php index.cgi



+ ErrorLog : ch nh tp tin server ghi vo bt k nhng

li m n gp phi.

V d: ErrorLog logs/error_log

+ Nu ng dn khng c du / th v tr tp tin log lin quan n ServerRoot

+ Alias : nh x ng dn cc b

(khng nm trong DocumentRoot) thnh ng dn http

V d: Alias /manual /var/www/manual

+ gii hn vic truy cp cangi dng, ta c th kt hp vi cc khai bo

Directory.

+ UserDir: cho php ngi dng to Homepage ca minh ln server v cng mt

a ch 192.168.5.5

Sau khi cu hnh xong, to mt website index.html test. Vi m hnh nhm

thc hin, trn trnh duyt firefox g tn min ldap.com kim tra website.

Hnh 2. 11: Kim tra website



2.2.6. Dch v LDAP

2.2.6.1. Gii thiu.

Th mc (Directory): l ni dng cha v cho php thc hin cc thao tc truy

xut thng tin.

Nghi thc truy cp th mc (LDAP):

LDAP (Lightweight Directory Access Protocol) l mt chun m rng cho nghi

thc truy cp th mc, hay l mt ngn ng LDAP client v severs s dng

giao tip vi nhau. LDAP l mt nghi thc lightweight c ngha l y l mt

giao thc c tnh hiu qu, n gin v d dng ci t. trong khi chng s dng

cc hm mc cao. iu ny tri ngc vi nghi thc heavyweight nh l nghi

thc truy cp th mc X.500 (DAP). Nghi thc ny s dng cc phng thc m

ho qu phc tp.

LDAP s dng cc tp cc phng thc n gin v l mt nghi thc thuc tng

ng dng.

LDAP pht trin vi phin bn LDAP v2 c nh ngha trong chun RFC

1777 v 1778, LDAP v3 l mt phn trong chun Internet, c nh ngha trong

RFC 2251 cho n RFC 2256, do chng qu mi nn khng phi tt c mi th cc

nh cung cp h tr hon ton cho LDAP v3.

Ngoi vai tr nh l mt th tc mng, LDAP cn nh ngha ra bn m hnh,

cc m hnh ny cho php linh ng trong vic sp t cc th mc:

M hnh LDAP information - nh ngha ra cc loi d liu m bn cn t vo

th mc.

M hnh LDAP Naming - nh ngha ra cch bn sp xp v tham chiu n th

mc.

M hnh LDAP Functional - nh ngha cch m bn truy cp v cp nht thng

tin trong th mc ca bn.



M hnh LDAP Security - nh ngha ra cch thng tin trong trong th mc ca

bn c bo v trnh cc truy cp khng c php.

Ngoi cc m hnh ra LDAP cn nh ngha ra khun dng trao i d liu

LDIF (LDAP Data Interchange Format), dng thc vn bn dng m t thng

tin v th mc. LDIF cn c th m t mt tp hp cc th mc hay cc cp nht c

th c p dng trn th mc.

2.2.6.2. Phng thc hot ng ca LDAP

Mt nghi thc client/sever:

L mt m hnh giao thc gia mt chng trnh client chy trn mt my tnh

gi mt yu cu qua mng n cho mt my tnh khc ang chy mt chng

trnh sever (phc v), chng trnh ny nhn ly yu cu v thc hin sau n

tr li kt qu cho chng trnh client. V d nhng nghi thc client/server khc l

nghi thc truyn siu vn bn (Hypertext transfer protocol ) vit tt l HTTP, nghi

thc ny c nhng ng dng rng ri phc v nhng trang web v nghi thc

Internet Message Access Protocol (IMAP), l mt nghi thc s dng truy cp

n cc th thng bo in t.

tng c bn ca nghi thc client/server l cng vic c gn cho nhng

my tnh c ti u ho lm thc hin cng vic . V d tiu biu cho

mt my server LDAP c rt nhiu RAM (b nh) dng lu tr ni dung cc

th mc cho cc thao tc thc thi nhanh v my ny cng cn a cng v cc b

vi s l tc cao.

LDAP l mt nghi thc hng thng ip

Do client v sever giao tip thng qua cc thng ip, Client to mt thng ip

(LDAP message) cha yu cu v gi n n cho server. Server nhn c thng

ip v s l yu cu ca client sau gi tr cho client cng bng mt thng ip

LDAP. V d: khi LDAP client mun tm kim trn th mc, client to LDAP tm



kim v gi thng ip cho server. Sever tm trong c s d liu v gi kt qu cho

client trong mt thng ip LDAP.

Do nghi thc LDAP l nghi thc thng ip nn, client c php pht ra nhiu

thng ip yu cu ng thi cng mt lc. Trong LDAP, message ID dng phn

bit cc yu cu ca client v kt qu tr v ca server.

Vic cho php nhiu thng ip cng x l ng thi lm cho LDAP linh ng

hn cc nghi thc khc v d nh HTTP, vi mi yu cu t client phi c tr li

trc khi mt yu cu khc c gi i, mt HTTP client program nh l Web

browser mun ti xung cng lc nhiu file th Web browser phi thc hin m

tng kt ni cho tng file, LDAP thc hin theo cch hon ton khc, qun l tt c

thao tc trn mt kt ni.

2.2.6.3. Ci t v cu hnh dch v LDAP.

Bc 1: Trn my ldap-server kim tra 2 package opeldap-servers v openldap-

clients c ci t cha. Nu cha th tin hnh ci t 2 packages ny.

Hnh 2. 12. Ci t OpenLDAP



Bc 2: Sau khi ci t hon thnh, m file cu hnh tng th ca openldap server

xem cc thng tin cu hnh chnh. Thc hin cu lnh vi /etc/opeldap/ldap.conf

cu hnh LDAP cho h thng.

Hnh 2. 13. Cu hnh file ldap.conf.

Bc 3: Chy lnh slappasswd sinh ra password dng c m ha dung

qun tr Openldap ri copy li password c m ha ny.

Hnh 2. 14: To mt khu qun tr



Bc 4: To LDAP Database v to file Certficate

Hnh 2. 15: To LDAP Database v to file Certficate

Bc 5: To file domain.ldif vi ni dung nh sau:

Hnh 2. 16: To file domain.ldif



Bc 6: Thc hin import file domain.ldif vo CSDL ca LDAP

# ldapadd -x -W -D "cn=Manager,dc=quanghuy,dc=com" -f domain.ldif

Nhp password ldap

Thnh cng s c cc thng bo tr v nh sau:

Hnh 2. 17: import file domain.ldif vo CSDL ca LDAP



CHNG III: NI DUNG THC HIN

3.1. Gii thiu v n v

Cng ty Quang Huy l mt cng ty kinh doanh cc mt hng v my tnh v linh

kin in t vi quy m nh. Cng ty thc hin cung cp my tnh v cc thit b

cho cc trng hc v ngi tiu dng trn ton huyn.

3.2. Tip cn n v

Sau khi nhm n cng ty kho st v tm hiu c s h tng ca n v nm

c kh r v h thng mng ca n v. n v gm 2 tng: tng 1 trng by sn

phm my tnh v cc my tnh v phng k thut, tng 2 c phng nhn vin v

phng gim c. H thng mng cc khu c trin khai nh sau:

- Tng 1: quy thanh ton gm 4 my tnh v 3 my in, phng k thut 8 my tnh.

- Tng 2: phng gim c 1 my tnh v 1 my in, phng k ton 5 my tnh v 2

my in, phng kinh doanh10 my tnh v 1 my in, phng hp 2 my tnh.

Cng ty thu 1 ng truyn Internet t nh cung cp FTP.

3.3. u - nhc im ca h thng c

u im

Cng ty s dng h iu hnh Windows, cc dch v d cu hnh v qun l,

tc mng cao.

Nhc im

Vi tnh hnh kinh t hin nay ang trong giai on khng hong v kinh t

th vi h thng mng nh th ny cng ty s mt 1 khon chi ph tng i ln nh

hng n doanh thu cho cng ty, bn cnh vn bo mt d liu l khng cao.

V vy, cn phi c chin lc pht trin m vn m bo c doanh thu, li

nhun cho cng ty.



3.4. Phn tch cc yu cu t pha n v v chn cch ci t cho h thng.

3.4.1. Yu cu t pha n v

Chuyn h thng mng t windows sang Linux phi m bo cc yu cu sau:

- H thng mng phi c bo mt v d liu

- Tc truy cp phi cao.

- Chi ph thp, d bo tr v sa cha.

- Qun l tp trung c ngi dng.

3.4.2. Yu cu v thit k

Do cng ty c h thng mng v ch chuyn h thng mng t s dng h

iu hnh Windows sang Linux nn m hnh h thng mng vn gi nguyn, thc

hin ci t v cu hnh cho cc my trong cng ty trn h iu hnh Linux v trin

khai cc dch v mng cn thit cho cng ty cng nh thc hin yu cu qun l tp

trung ngi dng v bo mt d liu cho cng ty.

Vi m hnh doanh nghip va v nh, xy c mt h thng mng cc b

phc v hu ht cc cng vic kinh doanh, m bo an ton v chi ph khng tn

km, cn c cc dch v sau:

- DNS primary server phn gii tn min ni b.

- DHCP server cp a ch IP cho cc host.

- Dch v LDAP chng thc tp trung cho cc users.

- Webserver phc v trang web gii thiu qung b v cng ty.

- FTP server trao i file.

- Dch v SAMBA chia s file trong mng cc b gia cc client trong h

thng.



3.5. Trin khai h thng mng trn h iu hnh Linux cho cng ty Quang

Huy.

3.5.1. M hnh trin khai h thng mng trn h iu hnh Linux.

Da vo nhng yu cu trn, nhm thc hin ci t nh sau:

- My server ci h iu hnh Linux bn phn phi CentOS 6.2 vi a ch

192.168.1.2/24

- Dch v DNS ci trn my ch: cu hnh phn gii tn min quanghuy.com

- Dch v SAMBA cung cp 2 nhm ti khon: nv v gd

- Dch v DHCP vi: range 192.168.1.10 192.168.1.100

Netmask 255.255.255.0

Gateway 192.168.1.1

- Mng cc b cha cc client c di a ch: 192.168.1.0/24

- Dch v FTP chia s d liu.

- Dch v LDAP chng thc tp trung cc user.

M hnh mng nh sau:

Hnh 3. 1: M hnh mng cng ty Quang Huy.



3.5.2. Ci t v cu hnh cho h thng

Theo s trn, h thng mng c 31 nt mng, ta s dng lp C t a ch

IP cho cc my trm v thc hin ci t cc dch v.

Ci t my ch vi h iu hnh Linux bn phn phi CentOS 6.2.

Dch v DNS phn gii tn min quanghuy.com

Hnh 3. 2: Cu hnh file named.conf

Hnh 3. 3: Cu hnh file phn gii thun



Hnh 3. 4: Cu hnh file phn gii nghch

Hnh 3. 5: Kim tra dch v DNS



Dch v DHCP cp pht a ch Ip cho cc my client trong cng ty.

Hnh 3. 6: File cu hnh dhcp

Hnh 3. 7: My client nhn c a ch Ip cp pht t server.



Dch v SAMBA

Hnh 3. 8. Cu hnh SAMBA

Hnh 3. 9. Kim tra dch v SAMBA



Dch v FTP chia s d liu.

Hnh 3. 10: Cu hnh FTP thnh cng

Hnh 3. 11: Kim tra dch v FTP



Dch v DLAP chng thc tp trung cc user.

Ci t Openldap v to mt khu c m ha s dng cho LDAP bng lnh: #

slappasswd.

Hnh 3. 12: Ci t Openldap

Cu hnh LDAP

- M file olcDatabase={2}bdb.ldif:

vi /etc/openldap/slapd.d/cn\=config/olcDatabase\=\{2\}bdb.ldif

- Ta sa cc gi tr cn thit trong file ny nh tn domain (tn domain ca

mnh l quanghuy.com)

Hnh 3. 13: File olcDatabase = {2}bdb.ldif



To LDAP Database v to file Certficate

Hnh 3. 14: To file Certficate

To Base Domain cho LDAP Server

To file domain.ldif vi ni dung nh sau:

Hnh 3. 15: File domain.ldif



Thc hin import file domain.ldif vo CSDL ca LDAP

# ldapadd -x -W -D "cn=Manager,dc=quanghuy,dc=com" -f domain.ldif

Nhp password ldap

Thnh cng s c cc thng bo tr v nh sau:

Hnh 3. 16: Import domain.ldif vo CSDL ca LDAP

To mt user c tn ldapuser, thuc nhm users v t password cho user ny.

Sau ly thng tin v ldapuser t file /etc/paswd v ghi ra file

/tmp/ldapuser.passwd v dng script migrate_passwd.pl to file LDIF t file

/tmp/ldapuser.passwd.

Cu hnh Client xc thc qua LDAP Server

Kim tra file /etc/nsswitch.conf v cc file trong th mc /etc/pam.d/ thy

vic tm kim thng tin ngi dng (User Information) v xc thc ngi dng

(Authentication) cha c xc thc s dng cho LDAP.



Hnh 3. 17: Ngi dng cha c xc thc s dng cho LDAP.

Ta ci t gi nss-pam-ldapd: yum install nss-pam-ldapd

Sau khi qu trnh ci t kt thc ta vo li giao din thit lp LDAP, nhp thng tin

v LDAP Server v Base DN sau chn OK. Kim tra li cc file

/etc/nsswitch.conf v file /etc/pam.d/system-auth thy vic tm kim thng tin

ngi dng v xc thc ngi dng c cu hnh s dng LDAP

grep "ldap" /etc/nsswitch.conf

grep "ldap" /etc/pam.d/system-auth

Hnh 3. 18: Ngi dng c xc thc s dng cho LDAP.



CHNG IV. KT LUN

Kt qu t c:

Nhm hon thnh tm hiu l thuyt v cc dch v mng trn Linux, nm

c kin thc v h iu hnh Linux.

Nhm em ci t v cu hnh thnh cng cc dch v mng trn Linux

theo m hnh mng ca cng ty.

Hn ch.

Nhm i su vo cc dch v, cha pht trin c cc dch v m ch mi

dng vic ci t v cu hnh.

Nhm cha c cc bin php bo mt ti u cho h thng.

Kt lun:

C th thy Linux l 1 h iu hnh s dng tuy cha ph bin Vit Nam

nhng vi xu th hin nay, Linux l 1 gii php cho cc cng ty ang ng trc

cc kh khn ca nn kinh t cng nh gii quyt c vn bn quyn Vit

Nam, iu gip Vit Nam c c hi hi nhp vi th gii v lnh vc cng

ngh thng tin. Trong tng lai gn, hi vng h iu hnh ny s l h iu hnh

ch o nc ta v phc v cho mi ngi.



TI LIU THAM KHO

[1]. V Xun Thng, Gio trnh H iu hnh m ngun m, Trng i hc S

phm k thut Hng Yn, 2013.

[2]. Cc video hng dn s dng h iu hnh m ngun m trn trang web

www.youtube.com

[3]. Ngun tham kho t cc trang web www.nhatnghe.com,

www.quantrimang.com, www.diendancongnghe.vn, www.gocit.com.

Documents

hệ điều hành Linux