Upload
master-d
View
227
Download
0
Embed Size (px)
DESCRIPTION
Trien Khai Quan Tri Tren Ubutun
Citation preview
Lun vn
Lun vn
Tm hiu v trin khai qun tr mng trn Ubuntu Server
MC LCMC LCDANH MC VIT TTDANH MC HNH V1
M U
1
1.L DO
1
2.MC TIU V NHIM V
1
3.I TNG NGHIN CU
Error! Bookmark not defined.
4.PHM VI NGHIN CU
Error! Bookmark not defined.
5. NGHA KHOA HC V THC TIN
3
CHNG 1: TNG QUAN V MNG MY TNH
3
1.1GII THIU V MNG MY TNH
3
1.1.1Lch s hnh thnh
4
1.1.2nh ngha mng my tnh
5
1.1.3ng dng ca mng my tnh
6
1.2THNH PHN C BN TRONG MNG MY TNH
6
1.2.1Tng qut mng my tnh c bn.
6
1.2.2Kin trc (Cu trc) mng cc b
8
1.3KIN TRC V M HNH QUN TR MNG
8
1.3.1Kin trc v m hnh qun tr mng OSI
13
1.3.2Kin trc v m hnh qun tr mng SNMP
18
1.3.3Kin trc qun tr tch hp OMP
22
1.3.4Chc nng ca h thng qun tr mng
23
CHNG 2: GII THIU V H IU HNH UBUNTU SERVER
23
2.1TNG QUAN V UBUNTU
23
2.1.1Lich s v khi nim c bn
25
2.1.2Tm hiu cc lnh c bn trong Ubuntu Server
29
2.1.3Mi trng ha ca Ubuntu Server
32
2.2QUN L USER V PHN QUYN TRONG UBUNTU SERVER
32
2.2.1Thit lp ti khon ngi dng
34
2.2.2To nhm, tm hiu nhng tp lnh qun tr nhm
35
2.2.3Phn quyn FileSystem
38
2.3CU TRC V CC DCH V TRN UBUNTU SERVER
38
2.3.1LDAP
48
2.3.2DNS Server
62
2.3.3DHCP Server
68
CHNG 3: TRIN KHAI QUAN TR MNG TRN UBUNTU SERVER
68
3.1XY DNG KCH BN
68
3.1.1Gii thiu m hnh
68
3.1.2Yu cu
69
3.2PHN TCH
69
3.2.1Phn tch yu cu
69
3.2.2Gii php
69
3.3THC HIN
69
3.3.1Chun b
70
3.3.2Ci t v cu hnh
80
3.4TEST DEMO
81
KT LUN
82
TI LIU THAM KHO
DANH MC VIT TT (canh gia c ch 16)T vit ttT vit y ngha
CSMA/CDCarrier Sense Multiple Access with Collision Detection Giao thc ng dy a truy cp vi cm nhn va chm
DHCPDynamic Host Configuration ProtocolGiao thc cu hnh host ng
DNSDomain Name SystemH thng tn min
GUIGraphic User InterfaceM hnh giao tip kiu tng tc gia ng dng v user dng ha
HTTPHyperText Transfer ProtocolGiao thc truyn ti siu vn bn
IETF Internet Engineering Task ForceT chc a ra chun SNMP thng qua cc RFC
LDAP Lightweight Directory Access ProtocolGiao thc truy cp nhanh cc dch v th mc
MOManaged ObjectQun l i tng
NICNetwork interface CardMt giao tip mng trn mi my
OSIOpen Systems Interconnection Reference ModeM hnh tham chiu kt ni cc h thng m
SMNPSimple Network Management ProtocolMt tp hp cc giao thc khng ch cho php kim tra nhm m bo cc thit b mng
TCP/IPTransmission Control Protocol/Internet ProtocolMt b cc giao thc truyn thng
DANH MC HNH VHnh 1.1Mt m hnh lin kt cc my tnh trong mng
Hnh 1.2M hnh mng dng chung ti nguyn
Hnh 1.3Cc phng thc lin kt mng
Hnh 1.4M hnh qun tr mng OSI
Hnh 1.5M hnh truyn thng OSI
Hnh 1.6M hnh chc nng OSI
Hnh 1.7M hnh qun tr mng SMNP
Hnh 1.8M hnh hot ng ca SMNP
Hnh 2.1Cc nm ng, ng nh ht c v m to ht c l trn nh gc bn tri ca cc ca s
Hnh 2.2Trnh qun l tp Nautilus hin th th mc home
Hnh 2.3Lin quan gia Entry v Attribute
Hnh 2.4M hnh kt ni gia client/server
Hnh 2.5Thao tc tm kim c bn
Hnh 2.6Nhng thng ip Client gi cho server
Hnh 2.7Nhiu kt qu tm kim c tr v
Hnh 2.8Qu trnh gi mt Email
Hnh 2.9Firewall cng
Hnh 2.10Firewall mm
Hnh 2.11Chc nng ca Firewall
Hnh 2.12Trnh t x l gi tin ca iptabels
Hnh 2.13M hnh hot ng Web Server
Hnh 3.1M hnh mng
Hnh 3.2ng nhp h thng Ubuntu Server
Hnh 3.3Ci t LDAP Server (1)
Hnh 3.4Ci t LDAP Server (2)
Hnh 3.5Cu hnh DNS Server (1)
Hnh 3.6Cu hnh DNS Server (2)
Hnh 3.7Cu hnh DNS Server (3)
Hnh 3.8Cu hnh DHCP Server
Hnh 3.9Cu hnh file pool (a)
Hnh 3.10Cu hnh file pool (b)
Hnh 3.11Ci t Web Server
Hnh 3.12Cu hnh APACHE vi LDAP
Hnh 3.13Restar apache
M U L DO CHN TI
Hin nay Vit Nam c rt nhiu n v v cng ty trin khai h thng my ch ring l tt yu v cn thit. Nhng vic xy dng mt h thng my ch c quy m i hi nhng kin thc rt chuyn dng v cc dch v, h thng mng v ngay c v h iu hnh. My ch thng chy trn cc h iu hnh Window Server, hoc cc iu hnh Linux v Ubuntu. Vic h iu hnh Window Server kh thn thuc nhng h iu hnh Window Server th bn quyn kh t. Trong khi cc my ch Ubuntu Server c nh gi l bo mt, li hon ton min ph (do xy dng hon ton trn h thng ngun m). Chnh v vic p ng tt cc yu cu va c tit kim chi ph va c tnh n nh, bo mt v tc vn hnh nn em chn h iu hnh Ubuntu Server lm ti Tm hiu v trin khai qun tr mng trn Ubuntu Server.
NGHA CA TI
Tm hiu su hn v qun tr h thng mng
D dng qun tr h thng mng trn h iu hnh Ubuntu Server. CC MC TIU CA TI
Tim hiu cc m hnh qun tr mng
Cc hot ng qun tr mng
Tm hiu v trin khai m hnh qun tr mng trn Ubuntu (Ci t, cu hnh v qun tr h thng Ubuntu Server, qun tr ti khon ngi dng v nhm trn Ubuntu v.v)
I TNG V PHM VI NGHIN CU
i tng:
Cc l thuyt lin quan n m hnh qun tr mng
H iu hnh Ubuntu Server
Phng php trin khai h thng qun tr mng trn Ubuntu
Phm vi nghin cu:
Tm hiu v trin khai qun tr mt h thng mng cho n v, cng ty c m hnh mng LAN
PHNG PHP NGHIN CU
Nghin cu cc m phng qun tr mng
Xy dng v trin khai mt s chc nng qun tr c bn trn Ubuntu Server
Ci t th nghim
CHNG 1
TNG QUAN V MNG MY TNHGII THIU V MNG MY TNH
Lch s hnh thnh
My tnh ca thp nin 1940 l cc thit b c-in t ln v rt d hng. S pht minh ra transitor bn dn vo nm 1947 to ra c hi lm ra chic my tnh nh v ng tin cy hn.
Nm 1950, cc my tnh ln mainframe chy bi cc chng trnh ghi trn th c l (punched card) bt u c dng trong cc hc vin ln. iu ny tuy to nhiu thun li vi my tnh c kh nng c lp trnh nhng cng c rt nhiu kh khn trong vic to ra cc chng trnh da trn th c l ny.
Vo cui thp nin 1950, ngi ta pht minh ra mch tch hp (IC) cha nhiu transitor trn mt mu bn dn nh, to ra mt bc nhy vt trong vic ch to cc my tnh mnh hn, nhanh hn v nh hn. n nay, IC c th cha hng triu transistor trn mt mch.
Vo cui thp nin 1960, u thp nin 1970, cc my tnh nh c gi l minicomputer bt u xut hin.
Nm 1977, cng ty my tnh Apple Computer gii thiu my vi tnh cng c gi l my tnh c nhn (personal computer - PC).
Nm 1981, IBM a ra my tnh c nhn u tin. S thu nh ngy cng tinh vi hn ca cc IC a n vic s dng rng ri my tnh c nhn ti nh v trong kinh doanh.
Vo gia thp nin 1980, ngi s dng dng cc my tnh c lp bt u chia s cc tp tin bng cch dng modem kt ni vi cc my tnh khc. Cch thc ny c gi l im ni im, hay truyn theo kiu quay s. Khi nim ny c m rng bng cch dng cc my tnh l trung tm truyn tin trong mt kt ni quay s. Cc my tnh ny c gi l sn thng bo (bulletin board). Cc ngi dng kt ni n sn thng bo ny, li hay ly i cc thng ip, cng nh gi ln hay ti v cc tp tin. Hn ch ca h thng l c rt t hng truyn tin, v ch vi nhng ai bit v sn thng bo . Ngoi ra, cc my tnh ti sn thng bo cn mt modem cho mi kt ni, khi s lng kt ni tng ln, h thng khng th p ng c nhu cu.
Qua cc thp nin 1950, 1970, 1980 v 1990, B Quc phng Hoa K pht trin cc mng din rng WAN c tin cy cao, nhm phc v cc mc ch qun s v khoa hc. Cng ngh ny khc truyn tin im ni im. N cho php nhiu my tnh kt ni li vi nhau bng cc ng dn khc nhau. Bn thn mng s xc nh d liu di chuyn t my tnh ny n my tnh khc nh th no. Thay v ch c th thng tin vi mt my tnh ti mt thi im, n c th thng tin vi nhiu my tnh cng lc bng cng mt kt ni. Sau ny, WAN ca B Quc phng Hoa K tr thnh Internet.nh ngha mng my tnh
Mng my tnh l mt tp hp cc my tnh c ni vi nhau bi mi trng truyn (ng truyn) theo mt cu trc no v thng qua cc my tnh trao i thng tin qua li cho nhau.
Mi trng truyn: l h thng cc thit b truyn dn c dy hay khng dy dng chuyn cc tn hiu in t t my tnh ny n my tnh khc. Cc tn hiu in t biu th cc gi tr d liu di dng cc xung nh phn (on -off).
Hnh 1.1. Mt m hnh lin kt cc my tnh trong mng
ng dng ca mng my tnh
Ngy nay nhu cu x l thng tin ngy cng cao. Mng my tnh ngy cng tr nn qu quen thuc i vi mi ngi thuc mi tng lp khc nhau, trong mi lnh vc nh: khoa hc, qun s quc phng, thng mi, dch v, gio dc...
Hin nay nhiu ni mng tr thnh mt nhu cu khng th thiu. Ngi ta thy c vic kt ni cc my tnh thnh mng cho chng ta nhng kh nng mi to ln nh:
Dng chung ti nguyn:
Nhng ti nguyn ca mng (nh thit b, chng trnh, d liu) khi c tr thnh cc ti nguyn chung th mi thnh vin ca mng u c th tip cn c m khng quan tm ti nhng ti nguyn u.
Hnh 1.2. M hnh mng dng chung ti nguynTng tin cu ca h thng:
Ngi ta c th d dng bo tr my mc v lu tr (backup) cc d liu chung v khi c trc trc trong h thng th chng c th c khi phc nhanh chng. Trong trng hp c trc trc trn mt trm lm vic th ngi ta cng c th s dng nhng trm khc thay th.
Nng cao cht lng v hiu qu khai thc thng tin:
Khi thng tin c th c s dng chung th n mang li cho ngi dng kh nng t chc li cc cng vic vi nhng thay i v cht nh:
p ng nhu cu ca h thng ng dng kinh doanh hin i.
Cung cp s thng nht gia cc d liu.
Tng cng nng lc x l nh kt hp cc b phn phn tn.
Tng cng truy nhp ti cc dch v mng khc nhau ang c cung cp trn th gii.
Hin nay vic lm sao c c mt h thng mng chy tt, an ton vi li ch kinh t cao ang rt c quan tm.
Vn t ra c rt nhiu gii php v cng ngh, mt gii php c rt nhiu yu t cu thnh, trong mi yu t c nhiu cch la chn. Nh vy a ra mt gii php hon chnh, ph hp phi tri qua mt qu trnh chn lc da trn nhng u im ca tng yu t, tng chi tit rt nh.
gii quyt mt vn phi da trn nhng yu cu t ra v trn cng ngh gii quyt. Nhng cng ngh cao nht cha chc l cng ngh tt nht, m cng ngh tt nht l cng ngh ph hp nht.
THNH PHN C BN TRONG MNG MY TNH
Tng qut mng my tnh c bn.
C t nht 2 my tnh.
Mt giao tip mng trn mi my (NIC: Network interface Card)
Mi trng truyn: Dy cp mng, mi trng truyn khng dy.
H iu hnh mng: UNIX, Windows 98, Windows NT,, Novell Netware.
Kin trc (Cu trc) mng cc b
Cu trc ca mng (Topology)
Hnh trng ca mng cc b th hin qua cu trc hay hnh dng hnh hc cu cc ng dy cp mng dng lin kt cc my tnh thuc mng vi nhau. Trc ht chng ta xem xt hai phng thc ni mng ch yu:
Vi phng thc mt im mt im cc ng truyn ring bit c thit lp ni cc cp my tnh li vi nhau. Mi my tnh c th truyn v nhn trc tip d liu hoc c th lm trung gian nh lu tr nhng d liu m n nhn c ri sau chuyn tip d liu i cho mt my khc d liu t ti ch.
Theo phng thc mt im nhiu im tt c cc trm phn chia chung mt ng truyn vt l. D liu c gi i t mt my tnh s c th c tip nhn bi tt c cc my tnh cn li, bi vy cn ch ra i ch ch ca d liu mi my tnh cn c vo kim tra xem d liu c phi dnh cho mnh khng nu ng th nhn cn nu khng th b qua.
Hnh 1.3. Cc phng thc lin kt mng
Ty theo cu trc ca mi mng chng s thuc vo mt trong hai phng thc ni mng v mi phng thc ni mng s c nhng yu cu khc nhau v phn cng v phn mm.Cc giao thc truy cp ng truyn trn mng LAN
truyn c d liu trn mng ngi ta phi c cc th tc nhm hng dn cc my tnh ca mng lm th no v lc no c th thm nhp vo ng dy cp gi cc gi d kin. V d nh i vi cc dng bus v ring th ch c mt ng truyn duy nht ni cc trm vi nhau, cho nn cn phi c cc quy tc chung cho tt c cc trm ni vo mng m bo rng ng truyn c truy nhp v s dng mt cch hp l.
C nhiu giao thc khc nhau truy nhp ng truyn vt l nhng phn thnh hai loi: cc giao thc truy nhp ngu nhin v cc giao thc truy nhp c iu khin
Giao thc chuyn mch (yu cu v chp nhn)Giao thc ng dy a truy cp vi cm nhn va chm (Carrier Sense Multiple Access with Collision Detection hay CSMA/CD )Giao thc dng th bi vng (Token ring)Giao thc dung th bi cho dng ng thng (Token bus)KIN TRC V M HNH QUN TR MNG
Kin trc v m hnh qun tr mng OSI
M hnh OSI l m hnh mng m ta xem mi nt mng l mt h thng m c 7 lp chc nng. Cc h thng ny c kt ni vi nhau bng mi trng vt l ni trc tip cc lp thp nht (lp vt l).
Hinh 1.4. M hnh qun tr mng OSIM hnh t chc (Organization Model)
Trong m hnh ny gm 3 thnh phn: Manager, Agent v Managed Object (MO).
- Manager: L ni chu trch nhim v tt c cc hot ng qun tr.
- Agent: i din cho cc i tng giao tip vi manager, phc v cho MO quan h vi Manager.
+ i vi MO, Agent ng vai tr thu thp trng thi ca i tng, chuyn trng thi thnh thng tin m t trng thi v lu tr li. ng thi n pht hin thay i bt thng trn MO; iu khin cc MO.
+ i vi Manager, Agent s nhn cc lnh iu khin v chuyn thnh iu khin i tng. Ngc li cc tc ng iu khin chuyn cc thng tin trng thi v Manager khi c yu cu, gi cc hnh vi ca MO vi mi mt php ton qun tr v Manager, chuyn thng bo (event report) v MO khi c nhng thay i bt thng ca MO. N iu khin trc tip cc MO.
- Mi manager qun tr nhiu i tng, khi mun thc hin mt php ton qun tr, manager s to mt lin kt gia mt manager vi mt Agent.
- Xt theo quan h vi manager: Agent s nhn cc iu khin t manager v chuyn n thnh cc tc ng iu khin iu khin i tng. V vy n phi chuyn c cc thng tin trng thi v manager theo ng yu cu ri gi cc hnh vi ca cc MO (vi mi php ton qun tr) v ngi qun tr. ng thi n cng chuyn cc thng bo v cc i tng c qun tr khi c thay i bt thng pha ngi qun tr.
- Mi Agent c th c vi i tng (t dng). Khi mt manager mun qun l mt i tng th n qun l trc tip Agent ca i tng .
- Khi mt manager hay Agent mun trao i thng tin vi nhau th chng cn phi bit v nhau.
M hnh thng tin (Information Model)
- L cc lp do ngi qun tr m t ti nguyn ca h thng.
- M t cc ti nguyn ca h thng:
+ Thc th gm: thuc tnh, cc php ton c th tc ng v cc hnh vi ca n.
+ Cc thng tin ca ngi qun tr phi c lu tr theo mt cu trc no .
+ M hnh cu trc lu tr hnh thc.
- Cc thng tin qun tr s c trao i gia cc Manager/Agent bi cc giao thc qun tr.
- M t i tng c qun tr:
+ c m t bng mt lp i tng, mi lp i tng s c cc thuc tnh ca i tng, l cc trng thi khc ca i tng c qun tr.Nhng thuc tnh c c im chung th s nhm li thnh thuc tnh nhm. Cc thuc tnh ca mt lp i tng gp chung li thnh gi.
+ Mi i tng s c thng tin chnh l cc trng thi khi c thay i
+ Cc thao tc qun tr m i tng c th chp nhn, gp chung li to thnh thng tin v php ton.
+ Cc thao tc ca i tng: Chui cc trng thi theo chui cc tc ng.
- C 4 thng tin gi chung li to ra gi thng tin, mi mt i tng ca h thng c mt v tr.
- Chc nng qun tr cc tri thc qun tr: khi tri thc tr thnh mt i tng qun tr, n phi c m t bng cc thng tin no .
Mi tri thc qun tr c m t bi mt lp i tng.
Cc nhm tri thc qun tr gm:
- Tri thc lin quan n thc th
- Tri thc nh ngha
Cc nhm tri thc ny cho php c trng ha tng lp i tng c qun tr lin quan n lu tr thng tin
M hnh truyn thng (Comunication Model)
Hnh 1.5. M hnh truyn thng OSI- thc hin mt cuc truyn thng qua mt mi trng phi thc hin bn dch v:
+ Ngi yu cu gi yu cu cho mi trng.
+ Mi trng gi yu cu ti ngi tr li.
+ Ngi tr li gi tr li ti mi trng.
+ Mi trng truyn tr li (chp nhn hoc khng chp nhn) ca ngi tr li ti ngi yu cu bn dch v nguyn thy. (primitive)
Nu ta s dng c bn dch v nguyn thy th phng thc ny l truyn tin cy, c xc nhn.
Ngc li nu khng s dng th truyn khng tin cy, khng xc nhn.
C hai phng thc u c s dng trong mng ty trng hp c th. Trong mt cuc truyn thng thng c nhiu bc, v d nh: thit lp, uy tr, hy b cuc truyn. Mi bc s c nhiu iu khin khc nhau c thc hin thng qua cc dch v nguyn thy.
phn bit cc cuc truyn thng cn b sung cc thng s tin cy xc nh cuc truyn thng xy ra lp no, nhm mc ch g.
Mi yu cu truyn thng trong mi trng OSI c 3 thnh t:
+ Ch vit tt ting Anh u tin ca tn lp ch ra lp no
+ phn bit cc thnh t, sau ch vit tt dng du gch gia (-).
+ ng t ch cng vic cn thc hin, vit bng ch in hoa.
V d: GET ly thng tin t u .
+ Tn dch v nguyn thy vit sau mt du "." c th vit tt, vit ng ch thng.
V d: A - ASSOCIATE.request hoc A-ASSOCIATE.req
thc hin mt cuc truyn thng, hai lp mng ng vai tr ch th truyn thng, khi pht, chp nhn, thc hin cuc truyn. Trn thc t, ch mt phn truyn thng ca lp mng tham gia cuc truyn thng. Mt lp mng chia thnh nhiu phn t khc nhau trong c nhng phn t thc hin cng vic truyn thng.
Vi qun tr mng, lp ng dng cho php trin khai cc ng dng qun tr mng v cc ng dng ny c thc hin thng qua phn t truyn thng phc v cho vic qun tr mng lp ng dng. Ta gi cc phn t ny l cc phn t phc v cho qun tr mng lp ng dng.
- Mi ng dng qun tr mng c thc hin thng qua cp thc th SAME.
M hnh chc nng (Fucntional Model)
Hnh 1.6. M hnh chc nng OSI
M hnh chc nng trong OSI bao gm:
- Qun tr cu hnh (Configuaration Management):
+ Xc nh cu hnh hin c ca h thng: dng cc php ton thu thp thng tin.
+ C th thit lp cu hnh mi bng cch thay i trng thi cc i tng trong h thng.
+ Qun tr phn mm: Bi v trong mt h thng, cc phn mm thng xuyn c nng cp nn phi cp nht phin bn mi ng thi v t ng.
- Qun tr li (Fault Management):
+ Pht hin xc nh li, yu cu khi ng cc chc nng khc phc li.
+ Phn ha li thng qua cc php ton thu thp thng tin d on tnh trng c th xy ra li.
+ Xc nh li c th l chc nng ca qun tr mng, c th l chc nng cc h thng khc.
- Qun tr hiu nng (Performance Management):
Qun tr hiu nng thng qua cc php thu nhp thng tin tnh ton hiu nng m bo hiu nng yu cu. N phi phn tch d on c vng qu ti, cc vng cha dng ht hiu nng iu khin cn bng ti v trnh tc nghn h thng.
- Qun tr an ninh (Security Management):
Nhm pht hin, nh gi s mt an ton an ninh ca h thng, khi ng cc gii php an ton an ninh.
- Qun tr k ton (Accounting Management):
Gm qun tr lin quan n tnh ton vic s dng cc ti nguyn tng c nhn, tng n v trong h thng v cho php hay khng cho php tng c nhn, n v s dng hay khng s dng h thng.
Kin trc v m hnh qun tr mng SNMP
Gii thiu
Ct li ca SNMP l mt tp hp n gin cc hot ng gip nh qun tr mng c th qun l, thay i trng thi ca mng. V d chng ta c th dng SNMP tt mt giao din no trn router ca mnh, theo di hot ng ca card Ethernet, hoc kim sot nhit trn switch v cnh bo khi nhit qu cao.
SNMP thng tch hp vo trong router, nhng khc vi SGMP (Simple Gateway Management Protocol) n c dng ch yu cho cc router Internet. SNMP cng c th dng qun l cc h thng Unix, Window, my in, ngun in Ni chung, tt c cc thit b c th chy cc phn mm cho php ly c thng tin SNMP u c th qun l c. Khng ch cc thit b vt l mi qun l c m c nhng phn mm nh web server, database cng c th c qun l.
Hnh 1.7. M hnh qun tr mng SMNPMt hng khc ca qun tr mng l theo di hot ng mng, c ngha l theo di ton b mt mng tri vi theo di cc router, host, hay cc thit b ring l. RMON (Remote Network Monitoring) c th gip ta hiu lm sao mt mng c th t hot ng, lm sao cc thit b ring l trong mt mng c th hot ng ng b trong mng . IETF (Internet Engineering Task Force) l t chc a ra chun SNMP thng qua cc RFC.
- SNMP version 1 chun ca giao thc SNMP c nh ngha trong RFC 1157 v l mt chun y ca IETF. Vn bo mt ca SNMP v1 da trn nguyn tc cng ng, khng c nhiu password, chui vn bn thun v cho php bt k mt ng dng no da trn SNMP c th hiu cc hiu cc chui ny c th truy cp vo cc thit b qun l. C 3 thao tc chnh trong SNMPv1 l: readonly, read-write v trap.
- SNMP version 2: Phin bn ny da trn cc chui "community"; Do phin bn ny c gi l SNMPv2c, c nh ngha trong RFC 1905, 1906, 1907, v y ch l bn th nghim ca IETF. Mc d ch l th nghim nhng nhiu nh sn xut a n vo thc nghim.
- SNMP version 3: L phin bn tip theo c IETF a ra bn y . N c khuyn ngh lm bn chun, c nh ngha trong RFC 1905, RFC 1906, RFC 1907, RFC 2571, RFC 2572, RFC 2573, RFC 2574 v RFC 2575. N h tr cc loi truyn thng ring t v c xc nhn gia cc thc th.
Trong SNMP c 3 vn cn quan tm: Manager, Agent v MIB (Management Information Base). MIB l c s d liu dng phc v cho Manager v Agent.
+ Manager l mt server c chy cc chng trnh c th thc hin mt s chc nng qun l mng. Manager c th xem nh l NMS (Network Manager Stations). NMS c kh nng thm d v thu thp cc cnh bo t cc Agent trong mng. Thm d trong vic qun l mng l t ra cc cu truy vn n cc Agent c c mt phn no ca thng tin. Cc cnh bo ca Agent l cch m Agent bo vi NMS khi c s c xy ra. Cnh bo ca Agent c gi mt cch khng ng b, khng nm trong vic tr li truy vn ca NMS. NMS da trn cc thng tin tr li ca Agent c cc phng n gip mng hot ng hiu qu hn. V d khi ng dy T1 kt ni ti Internet b gim bng thng nghim trng, router s gi mt thng tin cnh bo ti NMS. NMS s c mt s hnh ng, t nht l lu li gip ta c th bit vic g xy ra. Cc hnh ng ny ca NMS phi c ci t trc.
+ Agent l mt phn trong cc chng trnh chy trn cc thit b mng cn qun l. N c th l mt chng trnh c lp nh cc deamon trong Unix, hoc c tch hp vo h iu hnh nh IOS ca Cisco trn router. Ngy nay, a s cc thit b hot ng ti lp IP c ci t SMNP agent. Cc nh sn xut ngy cng mun pht trin cc Agent trong cc sn phm ca h cng vic ca ngi qun l h thng hay ngi qun tr mng n gin hn. Cc Agent cung cp thng tin cho NMS bng cch lu tr cc hot ng khc nhau ca thit b. Mt s thit b thng gi thng bo "tt c u bnh thng" khi n chuyn t mt trng thi xu sang mt trng thi tt. iu ny gip xc nh khi no mt tnh trng c vn c gii quyt.
+ MIB c th xem nh l mt c s d liu ca cc i tng qun l m Agent lu tr c. Bt k thng tin no m NMS c th truy cp c u c nh ngha trong MIB. Mt Agent c th c nhiu MIB nhng tt c cc Agent u c mt loi MIB gi l MIB-II, c nh ngha trong RFC 1213. MIB-I l bn gc ca MIB nhng t dng khi MIB-II c a ra. Bt k thit b no c h tr SNMP u phi c h tr MIB-II. MIB-II nh ngha cc tham s nh tnh trng ca giao din (tc ca giao din, MTU, cc octet gi, cc octet nhn...) hoc cc tham s gn lin vi h thng (nh v h thng, thng tin lin lc vi h thng...). Mc ch chnh ca MIB-II l cung cp cc thng tin qun l theo TCP/IP. C nhiu kiu MIB gip qun l cho cc mc ch khc nhau:
ATM MIB (RFC 2515)
Frame Relay DTE Interface Type MIB (RFC 2115)
BGP Version 4 MIB (RFC 1657)
RDBMS MIB (RFC 1697)
RADIUS Authentication Server MIB (RFC 2619)
Mail Monitoring MIB (RFC 2249)
DNS Server MIB (RFC 1611)
Qun l Host Resource cng l mt phn quan trng ca qun l mng. Trc y, s khc nhau gia qun l h thng kiu c v qun l mng khng c xc nh, nhng hin nay n c phn bit r rng. RFC 2790 a ra Host Resource vi nh ngha tp hp cc i tng cn qun l trong h thng Unix v Window; Cc i tng l: Dung lng a, s user ca h thng, s tin trnh ang chy ca h thng v cc phn mm ci vo h thng. Trong mt th gii thng mi in t, cc dch v nh web ngy cng tr nn ph bin, nn vic m bo cho cc server hot ng tt l vic ht sc quan trng.
Hot ng ca SNMP
Hinh 1.8. M Hnh hot ng ca SNMP
- get: c gi t NMS yu cu ti Agent. Agent nhn yu cu v x l vi kh nng tt nht c th. Nu mt thit b no ang bn ti nng, nh router, n khng c kh nng tr li yu cu nn n s hy li yu cu ny. Nu agent tp hp thng tin cn thit cho yu cu, n gi li cho NMS mt "get-response":
Agent hiu c NMS cn tm thng tin g, n da vo mt mc trong "get" l "variable binding" hay varbind. Varbind l mt danh sch cc i tng ca MIB m NMS mun ly t Agent. Agent hiu cu hi theo dng: OID=value tm thng tin tr li.
Cu lnh "get" hu ch trong vic truy vn mt i tng ring l trong MIB. Khi mun bit thng tin v nhiu i tng th "get" tn kh nhiu thi gian. Cu lnh get-next" gii quyt c vn ny.
- get-next: a ra mt dy cc lnh ly thng tin t mt nhm trong MIB. Agent s ln lt tr li tt c cc i tng c trong cu truy vn ca "get-next" tng t nh "get", cho n khi no ht cc i tng trong dy. V d ta dng lnh "snmpwalk". "snmpwalk tng t nh "snmpget nhng khng ch ti mt i tng m ch ti mt nhnh no
- get-bulk (cho SNMP v2 v SNMP v3): c nh ngha trong SNMPv2. N cho php ly thng tin qun l t nhiu phn trong bng. Dng "get" c th lm c iu ny. Tuy nhin, kch thc ca cu hi c th b gii hn bi Agent. Khi nu n khng th tr li ton b yu cu, n gi tr mt thng ip li m khng c d liu. Vi trng hp dng cu lnh "get-bulk", Agent s gi cng nhiu tr li nu n c th. Do , vic tr li mt phn ca yu cu l c th xy ra. Hai trng hp cn khai bo trong "get-bulk" l: "nonrepeaters" v "max-repetitions".
"nonrepeaters" bo cho Agent bit s i tng u tin c th tr li li nh mt cu lnh "get" n.
"m-repeaters" bo cho Agent bit cn c gng tng ln ti a cc yu cu .
"getnext" cho cc i tng cn li:
- set: thay i gi tr ca mt i tng hoc thm mt hng mi vo bng. i tng ny cn phi c nh ngha trong MIB l "read-write" hay "writeonly".
NMS c th dng "set" t gi tr cho nhiu i tng cng mt lc: C th ci t nhiu i tng cng lc, tuy nhin nu c mt hnh ng b li, ton b s b hy b.
- get-response: Error Response ca "get", "get-next", "get-bulk" v "set" - C nhiu loi li bo li t Agent.
- trap (cnh bo): l cnh bo ca Agent t ng gi cho NMS NMS bit c tnh trng xu agent.
Khi nhn c mt "trap" t Agent, NMS khng tr li li bng "ACK"; Do Agent khng th no bit c l li cnh bo ca n c ti c NMS hay khng.
Khi nhn c mt "trap" t agent, n tm xem "trap number" hiu ngha ca "trap" .
- notification (cho SNMP v2 v SNMP v3): Nhm chun ha nh dng PDU "trap" ca SNMPv1 - Do PDU ca "get" v "set" khc nhau, SNMPv2 a ra "NOTIFICATION-TYPE". nh dng PDU ca "NOTIFICATION-TYPE" l nhn ra "get" v "set". "NOTIFICATION-TYPE" c nh ngha trong RFC 2863.
- inform (cho SNMP v2 v SNMP v3): SNMPv2 cung cp c ch truyn thng gia nhng NMS vi nhau, gi l SNMP inform. Khi mt NMS gi mt SNMP inform cho mt NMS khc, NMS nhn c s gi tr mt ACK xc nhn s kin. Vic ny ging vi c ch ca "get" v "set".
- report (cho SNMP v2 v SNMP v3): c nh ngha trong bn nhp ca SNMPv2 nhng khng c pht trin. Sau c a vo SNMPv3 v hy vng dng truyn thng gia cc h thng SNMP vi nhau.
Kin trc qun tr tch hp OMP
OMP (Open Management Platform) xc nh mc tiu th trng v s dng cc chin lc hon ton khc nhau tch hp. H thng c ci t da trn h thng qun tr h k tha. Cc nh cung cp OMP nhanh chng tm kim th trng cho cc chun da trn LANs, tng t mng LAN, my ch/khch v nhng h thng my tnh mi c thit k cho nhiu mi trng.
+ Phng php OMP tch hp Qun tr MngCc h thng mng t chun bi chun u tin trong giao thc qun tr mng, cu trc thng tin qun tr, v mt nhm cc thng tin qun tr. Sau , h pht trin cc sn phm da trn nhng chun ny. Tip theo nhng sn phm c pht trin ginh cho qun tr mng ny c dng trong nhiu nm. Mng Internet c chun trong giao thc qun tr mng (SNMP - Simple Network Management Protocol), c kt hp vi SMI nh ngha thng tin qun tr. Trong lnh vc truyn thng n c chun ha bi CMIS/CMIP (Common Management Information Service/Protocol) kt hp vi SMI nh ngha thng tin qun tr. Mng truyn thng hin nay ang c chuyn i sang s dng cc nguyn tc v tiu chun TMN (Telecommunications Management Network).
Qun tr mng OMPs ngy nay ch yu s dng SNMP ly cc thng tin qun tr trc tip t cc ti nguyn mng. Qun tr mng OMPs c da trn h iu hnh UNIX hoc Windows NT. Cc tnh nng chnh ca qun tr mng OMPs l giao din chng trnh ng dng (API - Application Programming Interface), n cho php cc nh cung cp tch hp cc modul phn mm hoc nh ngha d liu qun tr phc tp (c gi l thng tin qun tr c s hoc MIBs) trn my ch OMP. Cc phng php OMP to th trng cung cp phn mm c lp to ra cc ng dng qun tr mng v cc cng c qun tr c th chy trn cc h iu hnh. Ngoi ra, cc nh cung cp h thng mng cn a ra cc cng c qun tr da trn h iu hnh cho cc sn phm ca h. (V d nh Cisco hoc BayNetworks Optivity) Do vy n loi tr c s nht thit phi s hu ring mt my trm EMS - Kh nng thm vo nhiu loi modul phn mm khc nhau trong h iu hnh qun tr mng OMPs.
Bi chng c giao thc truy cp n cc phn t mng, qun tr mng OMPs, nn n c th thc hin nhiu chc nng hn MOMs. Ngy nay qun tr mng OMPs cung cp nhiu cnh bo v gim st hn; H thng ny thng t ng cung cp thng tin cu hnh mng, hiu qu hot ng gim st, v phn tch giao thc.
Hu ht qun tr mng OMPs khng tp trung vo t ng cung cp cc phn hi a ra li, nhng chng cung cp lc c bn v cng c thng tin cnh bo. Qun tr mng OMP tp trung v vic t ng tm ra cu hnh v thng tin tm tt. Li ch ca OMP trong qun tr tn min c gii hn. Hin ti h iu hnh qun tr mng cung cp gii hn v chc nng t ng tm ra cc thit b qun tr, tm kim MIBs cho tng thit b v qun l s kin; Tuy vy, chng khng yu cu nh cung cp phi c lp gim st cc phn t qun tr mng, hoc h thng u - cui ca qun tr mng. Ngoi ra cc nh cung cp thit b c th yu cu m rng cc MIBs qun tr cc thit b v gip cho nh cung cp khng ph thuc vo cc ng dng chy trn h iu hnh qun tr cc sn phm c th ca h.
+ Phng php OMP tch hp h thng v qun tr ng dng
Nh nu trn, nhng h thng qun tr mng v ng dng cu chng c tham gia theo nhiu hng khc nhau to ra mt gii php OMP. Cc chun pht trin trong cng h thng qun tr mng khng c chp nhn trong cc h thng v ng dng ca ngi dng, ch yu l bi cc yu cu l khc nhau v cc chun b ph thuc vo cc cng c qun tr mng, nh: s chp nhn ca cc phn t qun tr, cc chun hng i tng mi cho pht trin ng dng v thao tc gia cc i tng c pht trin, v d: H thng v cc ng dng qun tr mng, mc ln hn qun tr mng, cc yu cu to ra v thng xuyn thay i ca hng trm hoc thm ch hng nghn cc ti khon ngi s dng, phn phi phn mm v cp nht n hng nghn cc my vi tnh, ng b ha ti d liu, v ln k hoch thc hin sao lu ca hng nghn my tnh. Trch nhim qun tr cc h thng v cc ng dng c phn tn rng ri, trong khi qun tr mng thng l tp trung, bi v mng s tr thnh mt ngun ti nguyn chung. Do , nhng cng c cn thit phn vng trch nhim qun tr v thi hnh cc chnh sch qun tr cn phi c thc hin phn tn nhiu hn.
Kin trc hng i tng phn tn cng th hin r hn, v d nh: Common Object Request Broker Architecture (CORBA) l mt m hnh cho tch hp. Ngoi ra, cn c Microsoft Object Model (DCOM) ang tr thnh mt chun trong lnh vc qun tr mng.
Trong th trng my tnh, ni h iu hnh mng (NOSs) ca Microsoft v Novell thng tr, cc h thng qun tr mng ca h cng chim cao hn. Cc sn phm ny bao gm kh nng in, tp tin v cc dch v qun tr, ngi qun tr, an ninh, kim tra thit b t ng, v cc phn mm cho h iu hnh MS Windows 3.x, 95, NT, IBM OS/2, Macintosh OS desktops.
Vi h iu hnh UNIX, cc nh cung cp xut cc sn phm qun tr ca ring h, hin nay nh cung cp hng u v tch hp qun tr trong h thng UNIX l IBM/Tivoli v CA Unicenter. Cc sn phm ny bao gm kh nng in, tp tin v cc dch v qun tr, ngi qun tr, an ninh, kim tra thit b t ng, qun tr workload, v phn tn phn mm. Ngoi ra, h cung cp cho khch hng cc gii php tr gip cho cc vn v ticketing v dch v qun tr mng, hoc l ca chnh bn thn h hoc thng qua cc gii php ca bn th ba.
Cc tnh nng chnh ca h thng v ng dng qun tr OMPs l giao din chng trnh trnh ng dng (API - Application Programming Interface), n cho php cc nh cung cp phn mm c th tch hp cc phn h qun tr d liu phc tp hoc cc nh ngha vo OMP my ch. Cc phng php OMP to ra th trng cung cp phn mm c lp, l vic to ra mt lot cc h thng, cc ng dng v cc cng c qun tr cc ng dng c th chy trn cc h iu hnh. Ngoi ra, cn phi k n cc h thng v ng dng qun tr cung cp cho h iu hnh da trn cng c qun tr cho cc sn phm ca h, cng nh kh nng thm vo nhiu modul phn mm khc nhau cho h iu hnh c bn, cho cc h thng v ng dng qun tr OMPs hng lot cc tnh nng c th thay th MOMs.
Li ch ca OMP trong cc h thng v cc ng dng qun tr tn min l ch n c kh nng lm tng thm nhng li ch thc s trong qun tr tn min. Ngoi ra, cc cc ng dng qun tr tn min c th qun tr cc ngun ti nguyn t nhiu nh cung cp bng cch lp bn cho s thc hin qun tr khc nhau vo mt m hnh thng tin chung. Do cc m hnh thng tin chung hin nay l khng chun, v vy cc li ch c thc hin bng cch ch nm gi m hnh thng tin chung c nh hng ln n cc li ch. Nh vic cc h thng v ng dng qun tr chun ang c pht trin cho php mt s yu t c quyn s bin mt, v d nh, m hnh thng tin qun tr Common Information Model (CIM) ang c pht trin bi Desktop Management Task Force (DMTF).
Chc nng ca h thng qun tr mng
Qun tr mng l qu trnh iu khin mng d liu phc tp tng tnh hiu qu v hiu nng ca mng. Theo m hnh OSI, qun tr mng gm 5 chc nng:
- Qun tr s c (Fault Management): pht hin, c lp v khc phc s c.
- Qun tr k ton (Accounting Management): kim sot ti nguyn trong mng.
- Qun tr cu hnh (Configuraion Management): thu thp thng tin hthng, cnh bo cc thay i ca h thng v thay i cu hnh.
- Qun tr hiu nng (Performance Management): thu thp, thng k thng tin nh gi hiu nng ca h thng theo iu kin thc t v gi nh khc nhau.
- Qun tr an ton (Security Management): bo v h thng, ngn chn cc hot ng tri php, bo mt thng tin truyn trn mng.
CHNG 2:
GII THIU V H IU HNH UBUNTU SERVERTNG QUAN V UBUNTU
Lich s v khi nim c bn
Khi nimUbuntu l mt cng ng pht trin 1 h iu hnh m ngun m hon ho cho PC, Laptop v thm ch c Server. Cho d bn c nh, trng hc hay vn phng lm vic th Ubuntu cng lun l mt h iu hnh tha mn tt c mi yu cu ca bn, t trnh x l vn bn, trnh duyt internet, gi email n cc phn mm ng dng my ch web hay cng c lp trnh.
Ubuntu c ph bin hon ton min ph, bn ko phi tr bt k mt khon ph no s dng. Bn c th download, s dng, chia s vi bn b, ngi thn, s dng trong nh trng, cng s hay c nhn m khng cn phi lo lng v chi ph mua bn quyn phn mm.
Ubuntu pht hnh phin bn mi 6 thng mt ln cho c mi trng desktop v server. iu c ngha l bn lun c trong tay nhng chng trnh ng dng mi nht v tt nht ca th gii phn mm m ngun m.
Vn bo mt v an ninh cng c bo m vi vic pht hnh ti thiu 18 thng mt phin bn cp nht v bo mt. i vi cc phin bn h tr di hn bn s c cp nht v h tr ti a trong vng 3 nm vi phin bn cho desktop v 5 nm vi phin bn cho server. iu quan trng na l tt c u hon ton min ph.
Tt c nhng th bn cn c gi gn trong 1 chic CD, t h iu hnh cho ti cc phn mm ng dng s gip cho bn c mt mi trng lm vic hon thin.
Thi gian ci t nhanh cng l mt u th ca Ubuntu, vi phin bn ph thng bn ch mt chng 25 pht hon thnh qu trnh ny. Kh nng h tr ngn ng a dng cng l mt u th ko th ko ni n ca Ubuntu.
Lch s pht trin ca Ubuntu
Bn pht hnh u tin ca Ubuntu l vo 20 thng 10 nm 2004, bt u bng vic to ra mt nhnh tm thi ca d n Debian Linux. Vic ny c thc hin mt phin bn mi ca Ubuntu c th c pht hnh mi 6 thng, to ra mt h iu hnh c cp nht thng xuyn hn. Bn pht hnh Ubuntu lun gm bn GNOME mi nht, v c ln lch pht hnh khong 1 thng sau GNOME. Khc vi cc nhnh c mc ch chung trc ca Debian - nh MEPIS, Xandros, Linspire, Progeny v Libranet, phn nhiu trong s chng da vo cc phn mm b sung c m ng m hnh ca mt doanh nghip. Ubuntu li ging vi trit l ca Debian hn v dng cc phn mm min ph (libre) vo mi thi im.
Cc gi ca Ubuntu ni chung da trn cc gi t nhnh khng n nh ca Debian: c 2 bn phn phi u dng gi c nh dng deb ca Debian v APT/Synaptic qun l cc gi ci. Ubuntu ng gp trc tip v lp tc tt c thay i n Debian, ch khng ch tuyn b chng lc pht hnh, mc d cc gi ca Debian v Ubuntu khng cn thit "tng thch nh phn" vi nhau. Nhiu nh pht trin Ubuntu cng l ngi duy tr cc gi kho (gi ch cht) ca chnh Debian. D sao, Ian Murdock, nh sng lp ca Debian, ch trch Ubuntu v s khng tng thch gia cc gi ca Ubuntu v Debian, ng ni rng Ubuntu lm sai lch qu xa so vi Debian Sarge, do khng cn gi c s tng thch.
Bng 2.1. Danh sch cc phin bn Ubuntu pht hnh
Phin bn Tn m Ngy pht hnh
4.04 Warty Warthog 20/10/2004
5.04 Hoary Hedgehog 08/04/2005
5.10 Breezy Badger 13/10/2005
6.06 LTS Dapper Drake 01/06/2006
6.10 Edgy Eft 26/10/2006
7.04 Feisty Fawn 19/04/2007
7.10 Gutsy Gibbon 18/10/2007
8.04 Hardy Heron 21/04/2008
8.10 Intrepid Ibex 24/10/2008
9.04 Jaunty Jackalope 23/04/2009
9.10 Karmic Koala 29/10/2009
10.04 Lucid Lynx 29/04/2010
10.10 Maverick Meerkat 10/10/2010
11.04 Natty Narwhal 28/04/2011
11.10 Oneiric Ocelot 13/10/2011
12.04Precise Pangolin26/04/2012
Tm hiu cc lnh c bn trong Ubuntu Server
Hu ht cc h iu hnh, bao gm c Ubuntu, c 2 dng giao din ngi s dng. Ci u l mt giao din ha cho ngi s dng (GUI). y l trng ha, cc ca s, thc n, v cc thanh cng c m bn nhy vo thc hin mi th. Ci th 2, v l dng giao din c hn nhiu, l giao din dng lnh (CLI). Terminal l giao din dng lnh ca Ubuntu. y l mt phng php kim sot mt s kha cnh ca Ubuntu ch s dng cc lnh m bn g vo t bn phm.
Bn c th m giao din dng lnh bng vic nhy vo:
Applications >> Accessories >> Terminal.
Khi ca s ca giao din dng lnh m, n s l ch yu l trng ngoi mt vi vn bn nh bn tri ca mn hnh, c i theo bi mt khi nhp nhy. Vn bn ny l du nhc ca bn - n hin th tn ng nhp v tn my tnh ca bn, theo sau th mc hin hnh. Du ng (~) c ngha l th mc hin hnh l th mc home ca bn. Cui cng, khi nhp nhy l mt con tr, n nh du ni m vnbn s c a vo khi bn g. th mi th, hy g pwd v nhn phm Enter. Giao din dng lnh s hin th /home/ubuntu-manual. Vn bn ny c gi l output (u ra). Bn va mi s dng lnh pwd (in th mc lm vic), v u ra m n hin th ch ra th mc hin hnh. Giao din dng lnh trao cho bn s truy cp ti nhng g gi l v (shell). Khi bn g mt lnh vo giao din dng lnh th v dch lnh , a kt qu thnh hnh ng mong mun. C nhng dng v khc nhau m chng chp nhn nhng lnh hi khc nhau. V ph bin nht gi l bash, v l v mc nh trong Ubuntu. Trong cc mi trng GUI th khi nim folder - th mc thng c s dng m t mt ni m cc tp c lu gi. Trong cc mi trng CLI th khi nim directory - thmc c s dng m t cng th v php n d ny c th hin trong nhiu lnh(nh cd hoc pwd) trong khp chng ny.
Di y l nhng lnh c bn:
Di chuyn / lit k cc tp tinpwd: hin ln tn th mc ang lm vic vi cd di chuyn sang th mc /home/ngi_dngcd ~/Desktop: di chuyn sang th mc /home/ngi_dng/Desktop
cd ..: di chuyn sang th mc cha (ngay trn th mc hin hnh)
cd /usr/apt: di chuyn sang th mc /usr/apt
ls -lThmc v dir -lThmc: lit k danh mc tp tin trong th mcThmc mt cch chi tit
ls a v dir a: lit k tt c cc tp tin, k c cc tp tin n (thng c tn bt u bng mt du chm)ls d v dir d: lit k tn cc th mc nm trong th mc hin hnhls t v dir d: xp li cc tp tin theo ngy to ra, bt u bng nhng tp tin mi nht
ls S v dir S: xp li cc tp tin theo kch thc, t to nht n nh nhtls -l | more: lit k theo tng trang mt, nh tin ch more Quyn truy cp tp tinchowntnngidng file: xc nh ngi ch ca tp tinfile l ngi dng mang tn tnngidng
chown -Rtnngidng thmc: xc nh ngi ch ca th mc thmc, k c cc th mc con (-R) l ngi dng tnngidng
chgrpnhm file: chuyn tp tinfile thnh s hu ca nhm ngi dng mang tnnhmchmod u+xfile: giao (+) quyn thc hin (x) tp tinfile cho ngi dng (u)
chmod g-wfile: rt (-) quyn ghi (w)file ca nhm (g)
chmod o-rfile: rt (-) quyn c (r) tp tin file ca nhng ngi dng khc (o)
chmod a+rwfile: giao (+) quyn c (r) v ghi (w)file cho mi ngi (a)
chmod -R a+rxthmc: giao (+) quyn c (r) v vo bn trong th mc (x)thmc, k c tt c cc th mc con ca n (-R), cho tt c mi ngi (a)
Qun l cc tp tincpfile1 file2: chpfile1 sangfile2cpfile /thmc: chpfile vo th mc thmc cp -rthmc1 thmc2 v rsync -athmc1 thmc2: chp ton b ni dung ca th mc thmc1 sang th mc thmc2 mvfile1 file2: chuyn tn tp tinfile1 thnh tnfile2mvthmc1 thmc2: chuyn tnthmc1 thnhthmc2mv file thmc: chuyn tp tinfile vo th mc thmcmv file1 thmc/file2: chuynfile1 vo th mcthmc ng thi i tn tp tin thnhfile2mkdirthmc: to ra th mcthmcmkdir -pthmc1/thmc2: to ra th mc chathmc1 v th mc conthmc2 cng lc
rmfile: xa b tp tinfile trong th mc hin hnh
rmdirthmc: xa b th mc trng mang tnthmcrm -rfthmc: xa b th mc mang tnthmc vi tt c cc tp tin trong (force)ln -sfile linkt: to ra mt lin kt mang tnlinkt n tp tinfile (ni tt)
findthmc -namefile: tm tp tin mang tnfile trong th mc thmc k c trong cc th mc con
difffile1 file2: so snh ni dung ca 2 tp tin hoc ca 2 th mcQun tr h thngsudocommand: thc hin lnhcommand vi t cch ngi siu dng (root)
gksudocommand: ging vi sudo nhng dng cho cc ng dng ho
sudo -k: chm dt ch dng lnh c chc nng ca ngi siu dng
uname -r: cho bit phin bn ca nhn Linux
shutdown -h now: khi ng li my tnh ngay lp tc
timecommand: cho bit thi gian cn thit thc hin xong lnhcommand1 | command2: chuyn kt qu ca lnhcommand1 lm u vo ca lnhcommand2clear: xo mn hnh ca ca s Thit b cui (terminal)
ps -ef: hin th tt c cc tin trnh c thc hin (pid etppid)
ps aux: hin th chi tit cc tin trnh
ps aux | grepsoft: hin th cc tin trnh lin quan n chng khi ngsoftkillpid: bo chm dt tin trnh mang spidkill -9pid: yu cu h thng chm dt tin trnhpidxkill: chm dt mt ng dng theo dng ho (n chut vo ca s ca ng dng)
Mng my tnh
/etc/network/interfaces: thng tin cu hnh ca cc b phn giao din (interfaces)
uname -a: hin th tn ca my tnh trong mng (hostname)
pinga chIP: th ni mng n my c a ch IP
ifconfig -a: hin th thng tin v tt c cc giao din mng ang c
ifconfigeth0 achIP: xc nh a ch IP cho giao din cc mngeth0ifdowneth0 v ifconfigeth0 down: ngng hot ng giao din cc mng eth0poweroff -i: ngng hot ng tt c cc ni mng
route add default gwa chIP: xc nh a ch IP ca my lm cng dn n bn ngoi mng cc b
route del default: b a ch IP mc nh ra khi mng cc b
Mi trng ha ca Ubuntu Server
Vic hiu v mi trng haLn u xem qua, bn s nhiu s ging nhau gia Ubuntu v cc h iu hnh khc nh Windows hoc Mac OS X. iu ny l v chng tt c u da vo khi nim ca mt giao din ha chongi s dng (GUI) - ngha l, bn s dng chut ca bn di chuyn trong mi trng ha, mcc chng trnh, di chuyn cc tp, v thc hin hu ht cc nhim v khc. Ni ngn gn, mi th rt hng trc gic, m n c ngha l iu quan trng i vi bn tr nn quen thuc vi nhng ni v nhng g phi nhy trong Ubuntu.
GNOMETt c cc h iu hnh da trn GUI u s dng mt mi trng ha. Cc mi trng ha nhn mnh nhiu th, nh l vic nhn v cm nhn h thng ca bn, cng nh cch m mi trng hac t chc, c tri ra, v c dch chuyn bi ngi s dng. Trong cc pht tn Linux (nh Ubuntu), c mt s cc mi trng ha sn sng s dng. Mt trong nhng mi trng ha ph bin nht c gi l GNOME, m n c s dng mt cch mcnh trong Ubuntu. KDE, XFCE, v LXDE l cc mi trng ha ph bin khc.
Vic qun l cc ca s
Khi bn m mt chng trnh trong Ubuntu th mt ca s s xut hin trong mi trng ha ca bn. Nu bn s dng h iu hnh khc trc , nh Microsoft Windows hoc Mac OS X, th bn c l quen vi khi nim mt ca s - mt ci hp m n xut hin trn mn hnh ca bn khi bn khi ng mt chng trnh. Trong Ubuntu,phn nh ca mt ca s (thanh tiu ) s c tiu ca ca s gia, v 3 nm nh bn gc tri. T tri qua phi, cc nm l ng, ng nh ht c, v m to ht c ca s. Thm na, bn c th nhy phi vo bt c u trn thanh tiu c mt danh sch cc la chn qun l ca s khc.
Hnh 2.1: Cc nm ng, ng nh ht c v m to ht c l trn nh gc bn tri ca cc ca s
Vic sao chp v di chuyn cc tp v th mc
Bn c th sao chp cc tp hoc th mc trong Nautilus bng cch nhy Edit>Copy , hoc bng nhy phi ln khon v chn Copy t thc n popup. Khi s dng thc n Edit trong Nautilus, hy chc chn bn chn tp hoc th mc m bn mun sao chp trc (bng vic nhy tri ln n mt ln). Bn cng c th s dng cc phm tt ca bn phm Ctrl+C v Ctrl+V sao chp v dn cc tp v th mc.
Hnh 2.2: Trnh qun l tp Nautilus hin th th mc home
C th chn nhiu tp mt lc bng cch nhy tri vo mt ch trng (ngha l khng vo mt tp hocth mc no), gi nm chut xung, v r con tr qua cc tp v th mc m bn mun. ng tcnhy r ny l hu ch khi bn chn cc khon m s c nhm cht ch cng vi nhau. chn nhiu tp hoc th mc m khng nm st cng nhau, hy gi phm Ctrl trong khi nhy ln mi khonmt cch ring r. Mt khi nhiu tp v/hoc th mc c chn th bn c th s dng thc n Edit thc hin cc hnh ng ch nh bn lm vi duy nht mt khon vy. Khi mt hoc nhiu khon c sao chp, hy di chuyn ti v tr mong mun ri nhy EditPaste (hoc nhy phi vo mt ch trng ca ca s v chn Paster [Dn]) sao chp chng ti v tr mi. Trong khi lnh sao chp c th c s dng sao p mt tp hoc th mc trong mt v tr mi, thlnh ct c th c s dng di chuyn cc tp v th mc i ch khc. Ngha l, mt bn sao s c t trong mt v tr mi, v bn gc s b loi b khi v tr hin hnh ca n.
Vic b sung cc chng trnh conUbuntu cung cp mt s la chn cc chng trnh con m chng c th c b sung vo bt kpanen no. Cc chng trnh con tri rng t thng tin cho ti vui a, v cng c th cung cp s truy cp nhanh ti mt s nhim v. b sung mt chng trnh con, nhy phi vo mt panen ri chn Add to Panel (B sung vo panen...) t thc n popup. Mt ca s s xut hin vi mt danh sch cc chng trnh con c sn, m chng c th sau c r ti mt ch trng trn mt panen. Bn c th mun b mt t thi gian khai ph nhng chng trnh con khc nhau c sn ny - chng c th d dng b loi b khi panen ca bn bng cch nhy phi ln chng trnh con v chn RemoveFrom Panel (loi b khi panen).
Nn ca mi trng haNhy vo tab Background trong ca s Appearance Preferences thay i nn ca mi trng ha. y bn s thy la chn mc nh i vi cc nn ca Ubuntu, tuy nhin, nu bn c nhng nh ca ring bn c lu gi trong my tnh ca bn th bn cng c th s dng chng. thay i nn thn gin hy nhy vo nh m bn mun s dng t trong danh sch trc mt bn. s dng nh ca ring bn, hy nhy nm Add (b sung), v di chuyn ti nh m bn mun. Nhy p vo nh, v s thay i s c hiu lc ngay lp tc.
QUN L USER V PHN QUYN TRONG UBUNTU SERVER
Thit lp ti khon ngi dng
User l ngi c th truy cp n h thng.
User c username v password.
C hai loi user: super user v regular user.Mi user cn c mt nh danh ring gi l UID.
nh danh ca ngi dng bnh thng s dng gi tr bt u t 500.C 2 cch thm mt ti khon mi. l s dng lnhuseradd hocadduser. Bn ng nhp vo Ubuntu bn click vo Applications>Accessories>Terminal v thc hin vi dng lnh:C php:useradd [tham s] [username_new]
Tham s, tham chiu, cc gi tr mc nh v ty bin
-c: comment: kin phn hi. Thc ra n c dng nh fullname ca ti khon sp to
-b: BASE_DIR: Th mc c s. S dng tham s ny s dng cc gi tr mc nh cho ti khon sp to. Nu cc tham s D, m khng c s dng th nht thit phi s dng tham s b
-D: Defaults: Cc gi tr mc nh. Lu li cc gi tr s c thay i khc vi mc nh
-d: HOME_DIR: Nu cc tham s khc khng c s dng, tham s d s mc nh /home/username_new l th mc ngi dng mi.
-e: EXPIRE_DATE: Ngy m ti khon sp to s b v hiu ha. Cu trc l YYYY-MM-DD
-f: INACTIVE: S ngy m password ca ti khon mi s b v hiu ha khi ti khon ht hn. Gi tr 0 l disables ngay khi ti khon ht hn, gi tr mc nh -1 ch disables tnh nng
-G: GROUP: Nhm. Mt danh sch cc nhm m bn bit s c b xung sau tham s ny, cc nhm cch nhau ch bi du ,
-m: Tham s quan trng. S to ra th mc ngi dng (~/)nu n khng c. Cc d liu t th mc/etc/skels c sao chp vo~/khi s dng tham s m
-k: KEY=VALUE. Mt s kha nu bn thm vo vi cc gi tr ca n s c p dng cho ti khon sp to. Tham kho v cc kha ny trong /etc/login.defs. V d: S ngy m password ti khon mi cn hiu lc, s user c php trong mt nhm,
-p: PASSWORD. M ha ti khon sp to bng password
-s: SHELL:SHELL m ngi s dng s ng nhp. Trong ubuntu mc nh l/bin/sh. Tuy nhin ti thng dng/bin/bash
-u: UID: User ID: Tr s ny phi l duy nht, ln hn 999 v ln hn mi ngi dng khc. Trong ubuntu 1000 l ti khon ca ngi ci t ubuntu. Vy nn nu bn to thm ti khon mi th UID ca ti khon mi phi ln hn.
Xa mt ti khon:
C php: userdel [tham s][ti khon cn xa]
To nhm, tm hiu nhng tp lnh qun tr nhm
Group l tp hp nhiu user li.
Mi user lun l thnh vin ca mt group.
Khi to mt user th mc nh mt group c to ra.
Mi group cn c mt nh danh ring gi l GID.
nh danh ca group thng s dng gi tr bt u t 500.
To nhm:
C php: #groupadd
V d: #groupadd serveradmin
Xa nhm
C php: #groupdel
V d: #groupdel
Xem thng tin v User v Group
C php: #id
V d: #id -g quocvan //xem GroupID ca user quocvan
C php: #groups
V d: #groups quocvan //xem tn nhm ca user quocvan
Nhng file lin quan n User v Group
#/etc/passwd
Mi dng trong tp tin gm c 7 trng, c phn cch bi du hai chm
#/etc/group
Mi dng trong tp tin gm c 4 trng, c phn cch bi du hai chm
#/etc/shadow
Lu mt khu c m ha v ch c user root mi c quyn c.
Phn quyn FileSystem
Trong Ubuntu mi i tng u c dng l tp tin. Tt c tp tin u c ngi s hu v quyn truy cp.
Ta xet v d:
Cc k t rw-r--r--: biu th quyn truy cp ca tp tin passwd, loi tp tin c ch nh trong k t u tin.
Ubuntu cho php ngi dng xc nh cc quyn c (read), ghi (write) v th thi (execute) cho tng i tng. C ba loi i tng:
+ Ngi s hu (owner): 3 k t u tin (rw-)
+ Nhm s hu (group): 3 k t tip theo (r--)
+ Ngi khc (others): 3 k t cui cng (r--)
Quyn c: cho php bn c ni dung ca tp tin. i vi th mc, quyn c cho php bn di chuyn vo th mc bng lnh cd hoc Nautilus v xem ni dung ca th mc.
Quyn ghi: cho php bn thay i ni dung hay xa tp tin. i vi th mc, quyn ghi cho php bn to ra, xa hay thay i tn cc tp tin, th mc con trong th mc cha, nhng khng ph thuc vo quyn c th ca tp tin trong th mc. Nh vy, quyn ghi ca th mc s v hiu ha cc quyn truy cp ca tp tin trong th mc.
Quyn thc thi: cho php bn gi chng trnh ln b nh cch cch nhp tn tp tin t bn phm hay nhn i mouse vo tp tin trong Nautilus. i vi th mc, bn ch c th chuyn vo (cd) th mc nu bn c quyn thc thi vi th mc.
Bng 2.1. Quyn ca cc tp tin, th mc ca cc i tngOwnerGroupOthers
ReadWriteExecuteReadWriteExecuteReadWriteExecute
Song song vi vic miu t bng cc k t (r, w, e) trn, quyn truy cp cn c th biu din di dng s nh phn. Quyn hn ca tng loi ngi dng s dng mt nhm s h nh phn c 3 bt tng ng cho quyn read, write, execute. Nu cp quyn th bt l 1, ngc li l 0.Bng 2.2 a,b,c Biu th quyn ca cc tp tin, th mc ca mt i tngbt v tr 2bt v tr 1Bt v tr 0
ReadWriteExecute
a.
Theo cch tnh s nh phn, ta c th xc nh s quyn hn ca mt i tng bng cch tnh tng gi tr cc quyn.QuynGi tr h 2Gi tr h 10
Read1004
Write0102
Execute0011
None0000
b.
- T hp ca 3 quyn trn c gi tr t 0 n 7:QuynK hiuGi tr h 2Gi tr h 10
Khng c quyn--0000
Execute--x0011
Write-only-w-0102
Write v Execute-wr0113
Read-onlyr--1004
Read v Executer-x1015
Read v Writerw-1106
Read, write, Executerwx1117
c.
Nh vy, khi cp quyn trn tp tin/th mc, bn c th dng s thp phn gm 3 con s d dng hn. S u tin l quyn s hu, s th hai l nhm s hu v s th ba l nhng ngi dng khc. Xt li v d trn: -rw-r--r-- l root root 2150 2010-09-30 30:20 /etc/passwd Trong : - Ba k t u tin, i din cho ch s hu l root, c quyn l rw- 6- Ba k t k tip, i din cho nhm s hu l nhm root, c quyn l r-- 4- Ba k t cui cng, i din cho nhng ngi khc, c quyn l r-- 4Vy tp tin passwd c quyn l 644Gn quyn trn Filesystem:Lnh chmod: Cp quyn hn cho tp tin/th mc. Ch c ch s hu v superuser mi c quyn thc hin lnh ny.C php: #chmod [nhm ngi dng] [thao tc] [quyn hn] [tp tin/th mc]
Trong :
- Nhm ngi dng: u l user; g l group; o l others ; a l all.- Thao tc: + l thm quyn; - l xa quyn; = l gn quyn bng-Quyn: r l read; w l write; x l execute
V d: myfile.txt
Gn thm quyn ghi cho group
#chmod g+w myfile.txt hoc #chmod 775 myfile.txt
Xa quyn read trn group v others
#chmod go-r myfile.txt hoc #chmod 700 myfile.txt
Lnh chown: Thay i ngi s hu, nhm s hu cho tp tin/th mc.C php:
#chown [tn ngi s hu: nhm s hu] [tp tin/th mc
#chown -R [tn ngi s hu: nhm s hu] [tp tin/th mc]
Trong : R (recursive) cho php thay i ngi s hu, nhm s hu ca th mc v tt c th mc con bn trong.
V d: myfile.txt
#chown hv1 /home/php/myfile.txt
#chown hv1: root /home/php/myfile.txt
Lnh chgrp: Thay i nhm s hu cho tp tin/th mc.C php: #chgrp [nhm s hu] [tp tin/th mc]
V d: myfile.txt
#chgrp users /home/php/myfile.txt
CU TRC V CC DCH V TRN UBUNTU SERVER
LDAP v SAMBA Server
LDAP
Gii thiu
LDAP vit tt Lightweight Directory Access Protocol (ting Vit c th gi l: giao thc truy cp nhanh cc dch v th mc) l mt chun m rng cho phng thc truy cp th mc, hay l mt ngn ng LDAP server v client s dng giao tip vi nhau.
Cc tnh cht ca LDAP:
y l mt giao thc hng thng ip.
L mt giao thc tm, truy nhp cc thng tin dng th mc trn server.
N l mt giao thc Client/Server dng truy cp dch v th mc, da trn dch v th mc X500.
LDAP chy trn TCP/IP hoc nhng dch v hng kt ni khc.
L mt m hnh thng tin cho php xc nh cu trc v c im ca thng tin trong th mc.
L mt khng gian tn cho php xc nh cch cc thng tin c tham chiu v t chc
Mt m hnh cc thao tc cho php xc nh cc tham chiu v phn b d liu
L mt giao thc m rng, c nh ngha nhiu phng thc m rng cho vic truy cp v update thng tin trong th mc.
L mt m hnh thng tin m rng.
V LDAP t chc d liu theo th mc phn cp nn c tnh m t cao, c ti u cho vic tm kim.
Cu trc LDAP
Cu trc cy th mc trong h iu hnh Ubuntu
Mt th mc l danh sch cc thng tin v cc i tng, c sp xp mt cch chi tit v mi i tng. Trong my tnh, th mc l mt c s d liu c bit lu tr thng tin v cc i tng. Th mc thng c c nhiu hn l update v ghi
H thng tp tin ca Unix c t chc theo mt h thng phn bc tng t cu trc ca mt cy th mc, bao gm 1 thn thng ng v cc cnh ln chi ra. Bc cao nht ca h thng tp tin l th mc gc, c k hiu bng vch cho / (root directory). i vi cc h iu hnh Unix v Linux tt cc thit b kt ni vo my tnh u c nhn ra nh cc tp tin, k c nhng linh kin nh i cng, cc phn vng i cng v cc USB, chng hn.
Directory Servive
y l mt loi service c th nm trong client hoc server.Tuy nhin mt s ngi thng nhm ln Directory service ging nh mt database. Tuy gia hai ci c mt s chc nng ging nhau nh h tr tm kim d liu v cha cc file cu hnh h thng nhng Directory service c hitt k ly d liu nhiu hn l ghi cn Database cung cp kh nng c v ghi d liu lin tc.
LDAP Directory
Thnh phn c bn ca LDAP directory l ENTRY, y l ni cha ton b thng tin ca mt i tng. Mi entry c mt tn c trng gi l DN (Distinguished Name)
Mi entry l tp hp ca cc thuc tnh, tng thuc tnh ny m t mt nt c trng tiu biu ca mt i tng. Mi thuc tnh c kiu mt hay nhiu gi tr, kiu ca thuc tnh m t loi thng tin c cha, gi tr l d liu thc s.
Hnh 2.3. Lin quan gia Entry v Attribute
Phng thc hot ng ca LDAP
Ldap dng giao thc giao tip client/sever
Giao thc giao tip client/sever l mt m hnh giao thc gia mt chng trnh client chy trn mt my tnh gi mt yu cu qua mng n cho mt my tnh khc ang chy mt chng trnh sever (phc v).
Hnh 2.4. M hnh kt ni gia client/server
Client m mt kt ni TCP n LDAP server v thc hin mt thao tc bind. Thao tc bind bao gm tn ca mt directory entry ,v thng tin xc thc s c s dng trong qu trnh xc thc, thng tin xc thc thng thng l pasword nhng cng c th l ID ca ngi dng.
LDAP l mt giao thc hng thng ip
Do client v sever giao tip thng qua cc thng ip, Client to mt thng ip (LDAP message) cha yu cu v gi n n cho server. Server nhn c thng ip v x l yu cu ca client sau gi tr cho client cng bng mt thng ip LDAP.
Hnh 2.5. Thao tc tm kim c bn
Nu client tm kim th mc v nhiu kt qu c tm thy, th cc kt qu ny c gi n client bng nhiu thng ip
Hnh 2.6. Nhng thng ip Client gi cho server
Do nghi thc LDAP l giao thc hng thng ip nn client c php pht ra nhiu thng ip yu cu ng thi cng mt lc. Trong LDAP, message ID dng phn bit cc yu cu ca client v kt qu tr v ca server.
Hnh 2.7. Nhiu kt qu tm kim c tr v
Vic cho php nhiu thng ip cng x l ng thi lm cho LDAP linh ng hn cc nghi thc khc.
SAMBA Server
Gii thiu
Cc h thng Linux s dng giao thc TCP/IP trong kt ni mng, trong khi h iu hnh ca Microsoft s dng mt giao thc kt ni mng khc giao thc Server Message Block (SMB), giao thc ny s dng NetBIOS cho php cc my tnh chy Windows chia s cc ti nguyn vi nhau trong mng cc b. kt ni ti cc mng ln, bao gm c nhng h thng Unix, Microsoft pht trin Common Internet File System (CIFS), CIFS vn s dng SMB v NetBIOS cho mng Windows. C mt phin bn ca SMB c gi l Samba, Samba cho php cc h thng Unix v Linux kt ni ti mng Windows. Cc h thng Unix/Linux c th s dng cc ti nguyn trn h thng Windows, ng thi n cng chia s ti nguyn trn h thng cho my tnh Windows.
Gi phn mm Samba c cha hai daemon dch v v nhiu chng trnh tin ch. mt daemon l smbd cung cp cc dch v tp tin v in n cho cc h thng khc c h tr SMB. Mt daemon l nmbd cung cp chc nng phn gii tn NetBIOS v h tr dch v duyt th mc.
Samba cung cp bn dch v chnh: dch v chia s tp tin v my in, xc thc v cp php, phn gii tn v thng bo dch v. Daemon SMB, smbd, cung cp cc dch v chia s tp tin v my in, cng nh xc thc v cp php cho nhng dch v ny. iu ny c ngha l ngi dng trn mng c th dng chung cc tp tin v my in. Ngi dng c th iu khin truy nhp ti nhng dch v ny bng cch yu cu ngi dng phi nhp mt m truy nhp, iu khin truy nhp c th c thc hin hai ch : ch dng chung (share mode) v ch ngi dng (user mode). Ch ng dng chung s dng mt mt m truy nhp ti nguyn chung cho nhiu ngi dng. Ch ngi dng cung cp cho mi ti khon ngi dng mt m truy nhp ti nguyn khc nhau. V l do phi qun l mt m truy nhp, Samba c s dng tp tin /etc/samba/smbpassword lu tr cc mt m truy nhp ngi dng.
cu hnh v truy nhp mt h thng Samba v Linux, ngi dng cn thc hin cc th tc chnh sau:
Cu hnh dch v v khi ng dch v Samba.
Khai bo ti khon s dng Samba.
Truy nhp dch v Samba.
Cc tp tin cu hnh dch v:
/etc/samba/smb.conf
Tp tin cu hnh ca Samba
/etc/samba/smbpassswordCha mt m truy nhp ca ngi dng
/etc/samba/smbusersCha tn hiu cho cc ti khon ca Samba
Cc tin ch ca dch v Samba
smbadduser
To ti khon Samba.
smbpasswd
Thay i thng tin ti khon Samba.
Smbclient
Truy nhp dch v SMB
smbstatus
Theo di tnh trng kt ni hin hnh
Cu hnh v khi ng dch v Samba
Daemon ca dch v Samba s dng tp tin cu hnh /etc/samba/smb.conf. Tp tin ny c chia thnh hai phn chnh: mt phn dnh cho nhng la chn ton cc ca dch v v phn cn li dnh cho khai bo ti nguyn c a ln mng dng chung. Cc la chn ton cc c khai bo phn u tp tin cu hnh. Trong mi phn c cha mt hay nhiu nhm. Mi nhm (ngoi tr nhm [global]) cha cc khai bo v mt ti nguyn c hia s. Mt nhm c bt u bi tn nhm (share_name, c t trong cp du ngoc vung []), tip theo sau l cc khai bo tham s ca nhm, mi khai bo tham s nm trn mt dng v c dng nh sau: name=value(ch l tn ca nhm v tham s khng phn bit ch thng v ch hoa), nhng dng no c bt u bi k t ; hoc # l nhng dng ghi ch.
Trong tp tin smb.conf c ba nhm c bit c khai bo sn l [global], [homes] v [printers]
Cc tham s xc nh cc thuc tnh ca nhm. Nhm [global] c th cha mi tham s. Mt s tham s ch c th c khai bo trong nhm [global]. Mt s tham s c th c s dng trong bt k nhm no. V mt s tham s ch cho php khai bo trong cc nhm bnh thng.
Nhm [global]
Cc tham s trong nhm ny c p dng mt cch ton cc cho ton dch v, ng thi, mt s tham s trong nhm ny cng l cc tham s mc nh ca cc nhm khng khai bo tng minh. Nhm ny phi c t ti phn u trong
tp tin cu hnh /etc/samba/smb.conf.
Mt s tham s c bn trong nhm [global] cn c cu hnh bao gm:
workgroup: Ch ra tn ca nhm (workgroup) mun hin th trn mng. Trn Windows, tn ny c hin th trong ca s Network Neighborhood.
host allow: Ch ra nhng a ch mng hay a ch my c truy nhp ti dch v Samba. Cc a ch trong danh sch c vit cch nhau mt khong trng. encrypt passwords: Gi tr mc nh l yes. Vi tham s ny, Samba s thc hin m ho mt m tng thch c vi cch m ha ca windows. Trong trng hp khng m ha mt m, ngi dng ch c th s dng dch v Samba gia cc my Linux vi nhau hoc ngi dng phi cu hnh li my tnh Windows nu mun s dng dch v Samba trn Linux.
smb passwd file
Nu encrypt passwords=yes, tham s ny s xc nh tp cha mt m c m ha. Mc nh l /etc/samba/smbpasswd
username map: Ch ra tp tin cha cc tn hiu (alias) cho mt ti khon h thng. mc nh l /etc/samba/smbusers
printcap file: Cho php Samba np cc m t my in t tp tin printcap. Gi tr mc nh l /etc/printcap
security: Khai bo ny xc nh cch thc cc my tnh tr li dch v Samba. Mc nh tham s ny c gi tr l user, gi tr cn s dng khi kt ni ti cc my tnh windown.
Th d v cc khai bo trong phn [global] nh sau:
[global]
#workgroup = ten mien hoac ten nhom
workgroup = SMB-GROUP
# chi cho cac may trong mang cuc bo truy nhap
host allow = 172.16.10.127.0.0.1
# yeu cau Samba su dung mot tap tin nhat ky rieng cho moi may truy nhap
log file = /var/log/samba/%m.log
#che do bao mat
security = user
#ma hoa mat ma de tuong thich voi Windows
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
#nguoi dung Unix co the su dung nhieu ten truy nhap SMB.
username map = /etc/samba/smbusers
Nhm [homes]
Nhm [homes] xc nh cc iu khin mc nh cho truy nhp th mc ch ca ngi dng thng qua giao thc SMB bi ngi dng t xa. Khi c yu cu kt ni, Samba s thc hin kim tra cc nhm hin c, nu nhm no p ng c yu cu, nhm s c s dng. Nu khng p ng c yu cu, tn nhm c yu cu s c coi nh tn ti khon ngi dng v tm kim trong tp tin cha mt m ca Samba. Nu tn ti khon ny tn ti (v ng mt m) mt ti nguyn s c to a trn nhm [homes].
Th d v cc khai bo trong nhm [homes] nh sau:
[homes]
comment = Home Directories
browseable = no
writeable = yesNhm [printers]
Tng t nh nhm [homes] nhng dnh ring cho my in. Khi c yu cu kt ni. Samba s thc hin kim tra cc nhm hin c, nu nhm no p ng c yu cu, nhm s c s dng. Nu khng p ng c yu cu, nhng nhm [homes] tn ti n s c x l nh m t trn. Mt khc, tn nhm c yu cu cng c x l nh mt tn ca my in v Samba thc hin tm kim tp tin printcap tng ng xc nh xem tn nhm c yu cu c hp l khng. Nu hp l, mt ti nguyn dng chung s c da trn nhm [printers].
Th d v cc khai bo trong nhm [printers] nh sau:
[printers]
comment = All Printers
path = /var/spool/samba
browserable = no
public = yes
printable = yes
Ngoi ba nhm c bit c nu trn, thc hin to cc nguyn dng chung khc, ngi dng cn thc hin to thm cc nhmkhai bo thng tin v ti nguyn ny. Cc nhm dnh cho cc ti nguyn dng chung, nh l cc th mc trn h thng, thng c t sau nhm [homes] v [printers] v c th t tn bt k.
Cc tham s thng c khai bo trong cc nhm khai bp ti nguyn dng
chung trong tp tin cu hnh /etc/samba/smb.conf bao gm:
comment: M t tu cho ti nguyn c a ln mng dng chung
path: Ch ra ng dn n th mc trn h thng tp tin m ti nguyn dng chung tham chiu ti.
public: C gi tr l yes hoc no. Nu l public = yes, Samba cho php mi ngi dng u c th truy nhp ti nguyn dng chung .
browseable: C gi tr l yes hoc no. Nu l browseable = yes, th th mc c dng chung s c nhn thy trn mng. Gi tr mc nh l yes
valid users: Danh sch nhng ngi dng c quyn truy nhp ti nguyn dng chung. Tn ngi dng c cch nhau bi khong trng hoc k t ,. Tn nhm c ng trc bi k t @
invalid users: Danh sch nhng ngi dng khng c quyn truy nhp ti nguyn dng chung. Tn ngi dng c cch nhau bi khong trng hoc k t ,. Tn nhm c ng trc bi k t @
writeable: C gi tr l yes hoc no. Nu l writeable = yes ngi dng c php ghi vo th mc dng chung
write list: Xc nh danh sch ngi dng/nhm c quyn ghi ti th mc dng chung. Trong trng hp ch ra tn nhm, trc tn nhm phi l mt k t @.
printable: C gi tr l yes hoc no. Nu l printable=yes ngi dng c php truy nhp n dch v in.
create mask: Thit lp quyn trn th mc/tp tin c to trong th mc c dng chung. Gi tr mc nh l 0744
DNS Server v Mail Server
DNS Server
Gii thiu
Dch v tn min (DNS Domain Name Service) l mt dch v internet, n nh x a ch IP sang tn min ca cc my ch c thc (FQDN Full Qualified Domain Names tn min y c chng nhn) v ngc li.
Khi m mt trnh duyt Web v nhp tn website, trnh duyt s n thng website m khng cn phi thng qua vic nhp a ch IP ca trang web. Qu trnh "dch" tn min thnh a ch IP cho trnh duyt hiu v truy cp c vo website l cng vic ca mt DNS server. Cc DNS tr gip qua li vi nhau dch a ch "IP" thnh "tn" v ngc li. Ngi s dng ch cn nh "tn", khng cn phi nh a ch IP (a ch IP l nhng con s rt kh nh).
Phn loi domain name server
Tn min ring (Primary Name Server): Mi mt my ch tn min c mt tn min ring. Tn min ring ny c ng k trn Internet.
Tn min d phng tn min th hai (Secondary name server): y l mt DNS Server c s dng thay th cho Primary name server DNS Server bng cch sao lu li tt c nhng bn ghi d liu trn Primary name Server v nu Primary Name Server b gin on th n s m nhn vic phn gii v nh x tn min v a ch IP.
Caching Name Server: y l mt Server m nhim vic lu tr tt c nhng tn min, a ch IP c phn gii v nh x thnh cng. N c s dng trong nhng trng hp sau:
Lm tng tc phn gii bng cch s dng cache
Gim bt gnh nng phn gii tn my cho cc DNS Server
Gim lu lng tham gia vo mng v gim tr trn mng (rt quan trng).
Cu hnh BIND9Cc kiu bn ghi DNS
+ SOA Record: bn ghi ny ch ra rng my ch DNS Server l ni cung cp cc thng tin tin cy t d liu c trong zone.
C php ca SOA Record nh sau:
[Tn_min]INSOA[Tn_Primarry_Server] [Tn_Second_Server] (
Serial number
Refresh number
Retry number
Expire number
TTL number
)
Trong :
Serial number: khi Second server kt ni ti primary server ly d liu, trc tin n s kim tra s serial ny, nu s serial ny ca primary server m ln hn s serial ca second server tc l d liu trn second server ht hn s dng v n s phi np li d liu mi. mi ln cp nht d liu trn primary server chng ta nn tng s serial ny.
Refresh number: khong thi gian (giy) m second server phi lm ti li d liu ca mnh.
Retry number: nu second server khng th kt ni ti primary server th n t ng kt ni li sau retry giy ny.
Expire number: Nu second server khng th kt ni ti primary server sau khong thi gian expire giy ny, th second server s khng tr li cho vng d liu khi c truy vn, v n cho rng d liu ny qu c.
TTL number: gi tr ny cho php cc server khc cache li d liu trong 1 khong thi gian TTL ny.
+ Bn ghi a ch (Address Records): bn ghi ny s th hin vic nh x tn my tnh sang a ch IP min, k hiu l ch A.
C php:
[tn_my_tnh]INA [a_ch_IP]
+ Bn ghi b danh (Alias Records): chng ta to mt b danh t mt bn ghi c. Chng ta c th to mt bn ghi CNAME nh x sang mt CNAME (Canonical Name) khc. Khi DNS Server tm kim mt tn min, nu tn min ny t b anh th n s thay th tn min thc ca n bng tn b danh ny. K hiu l CNAME
C php:
[tn_b_danh]INCNAME [tn_my_tht]
+ Bn ghi tn Server (NS Record - Name Server Record): Mi zone phi c mt NS record.
C php:
[tn_min]INNS [my_DNS_Server]
+ Mail eXchange Record (MX record): DNS dng bn ghi MX gi mai trn mng internet. Khi nhn mail, trnh chuyn mail s da vo MX record quyt nh ng i ca mail. trnh vic gi mial b lp li, MX record c thm gi tr b sung l 1 s th t tham chiu. y l gi tr nguyn khng du 16 bit (0 - 65535) ch ra tnh u tin ca cc mail exchanger, gi tr cng nh th tnh u tin cng cao.
C php:
[tn_min] INMX[_u_tin] [tn_Mail_Server]
Trnh chuyn th mail s phn pht th n mail exchanger c s th t u tin nh trc. Nu khng chuyn th c th mail exchange vi gi tr k tip sau s c chn phn pht. Trong trng hp c nhiu mail exchanger c cng s u tin th mail server s chn ngu nhin gia chng.
+ PRT Record: Thc hin vic nh x a ch vo tn (Address to name).
C php:
[a_ch_IP] INPTR [tn_my_tnh]
Mail Server
Mt s thut ng:
Trc tin , chng ta tm hiu 1 s thut ng nh sau: MTA (Mail Transfer Agent): MTA ( Mail Transfer Agent) l thnh phn chuyn nhn mail.Khi cc email c gi n t MUA, MTA c nhim v nhn din ngi gi v ngi nhn t thng tin ng gi trong phn header ca th v in cc thng tin cn thit vo header.
Sau MTA chuyn th cho MDA chuyn n hp th ngay ti MTA, hoc chuyn cho Remote MTA.
Mt phn hay c bc th c th phi vit li ti cc MTA trn ng i.SMTP l ngn ng ca MTAsMt s phn mm l MTA: Postfix, Exim, Mdaemon, Exchange Server, Sendmail, Qmail
MDA (Mail Delivery Agent): MDA (Mail Delivery Agent) l mt chng trnh c MTA s dng y th vo hp th ca ngi dng. Hp th ca ngi dng c th dng nh dng Mailbox hay Maildir.
MDA c kh nng lc th, nh hng th,
MTA c tch hp vi mt MDA hoc mt vi MDA.Mt s MDA l: Maildrop, Promail, DovecotMUA (Mail User Agent): MUA l chng trnh qun l th u cui cho php ngi dng c th c vit l ly th v t MTA.
MUA c th ly th t Mail server v x l thng qua cc giao thc IMAP , POP3
Chuyn th cho mt MUA khc thng qua MTA.
Cung cp giao din cho ngi dng tng tc vi th.Cc phn mm MUA thng dng: Microsoft Outlook, Netscape, Pine,
SMTP (Simple Mail Transfer Protocol): SMTP l th tc c pht trin mc ng dng trong m hnh 7 lp OSI.SMTP s dng cng 25 ca TCPSMTP khng h tr cc th khng phi dng vn bn.SMTP h tr thm 2 th tc khc h tr cho vic ly th l POP3 v IMAP4
SMTP i hi l MUA v MTA u phi dng giao thc SMTP
POP3 (Post Office Protocol 3): POP (Post Office Protocol) l mt trong 2 giao thc ph bin ly th t my ch (server mail) v MUA .
POP c pht trin nm 1984 v c nng cp ln thnh POP3 vo nm 1988 (c s dng ph bin hin nay).
POP3 kt ni trn nn TCP/IP n my ch th in t (s dng cng mc nh 110). Ngi dng in username v password. Sau khi xc thc u client s s dng cc lnh ca POP3 ly hoc xo th.
POP3 lm vic vi ch offline, ngha l th c ly v MUA s b xo trn server.
IMAP (Internet Message Access Protocol): IMAP l mt giao thc nhn th t server.
IMAP c pht trin vo nm 1986 bi i hc Stanford v nng cp ln IMAP2 vo nm 1987.
IMAP4 l bn ph bin hin nay, n c chun ho vo nm 1994.IMAP s dng cng 143 ca TCPIMAP h tr hot ng ch online, offline hoc disconnect
IMAP cho php ngi dng thao tc nh: tp hp cc th t my ch, tm kim v ly th hay chuyn th t th mc ny sang th mc khc hoc xo th trn my ch.
IMAP cho php ly th v MUA m khng xa trn my chQu trnh gi v nhn 1 email nh th no ?
Hnh 2.8: Qu trnh gi 1 Email
Trong hnh 2.8 khi 1 E-mail Client [email protected] son 1 email bng cc chng trnh MUA gi n user E-mail Client [email protected] do th MDA ca domain s vn chuyn ti MTA domain a.de v kim tra ci policy v nu ph hp th MTA domain a.de s nhn l mail ny.
Bc tip theo, MTA ca domain a.de s truy vn DNS tm ra bn ghi MX Record ca domain b.de. Bn ghi tr v IP no ni l MTA ca domain b.de. Sau khi nhn c kt qu tr v t DNS th MTA ca domain a.de s telnet vo MTA ca domain b.de bng port SMTP(25) send mail.
Qu trnh HELO\EHLO, check policies (PTR, SPF, Blacklist...) din ra. Khi passed qua, MTA ca domain b.de s nhn l mail v chuyn cho MDA ca domain b.de. MDA ca domain b.de tip nhn v chuyn cho End-Users ca domain b.de.
Firewall
Gii thiu
FireWall l g ?
Thut ng FireWall c ngun gc t mt k thut thit k trong xy dng ngn chn, hn ch ho hon. Trong Cng ngh mng thng tin, FireWall l mt k thut c tch hp vo h thng mng chng li s truy cp tri php nhm bo v cc ngun thng tin ni b cng nh hn ch s xm nhp vo h thng ca mt s thng tin khc khng mong mun.
Internet FireWall l mt tp hp thit b (bao gm phn cng v phn mm) c t gia mng ca mt t chc, mt cng ty, hay mt quc gia (Intranet) v Internet.
Trong mt s trng hp, Firewall c th c thit lp trong cng mt mng ni b v c lp cc min an ton. V d nh m hnh di y th hin mt mng Firewall ngn cch phng my, ngi s dng v Internet.
Phn Loi Firewall
Firewall c chia lm 2 loi, gm Firewall cng v Firewall mm:
Firewall cng: L nhng firewall c tch hp trn Router.
Hnh 2.9: Firewall cng
c im ca Firewall cng:
Khng c linh hot nh Firewall mm: (Khng th thm chc nng, thm quy tc nh firewall mm)
Firewall cng hot ng tng thp hn Firewall mm (Tng Network v tng Transport)
Firewall cng khng th kim tra c nt dung ca gi tin.
Firewall mm: L nhng Firewall c ci t trn Server.
Hnh 2.10: Firewall mm
c im ca Firewall mm:
Tnh linh hot cao: C th thm, bt cc quy tc, cc chc nng
Firewall mm hot ng tng cao hn Firewall cng (tng ng dng)
Firewal mm c th kim tra c ni dung ca gi tin (thng qua cc t kha)
Ti sao cn Firewall
Hnh 2.11: Chc nng ca Firewall
Nu my tnh ca bn khng c bo v, khi bn kt ni Internet, tt c cc giao thng ra vo mng u c cho php, v th hacker, trojan, virus c th truy cp v ly cp thng tin c nhn cu bn trn my tnh. Chng c th ci t cc on m tn cng file d liu trn my tnh. Chng c th s dng my tnh cu bn tn cng mt my tnh ca gia nh hoc doanh nghip khc kt ni Internet. Mt firewall c th gip bn thot khi gi tin him c trc khi n n h thng ca bn.
Chc nng chnh ca Firewall
Chc nng chnh ca Firewall l kim sot lung thng tin t gia Intranet v Internet. Thit lp c ch iu khin dng thng tin gia mng bn trong (Intranet) v mng Internet. C th l:
Cho php hoc cm nhng dch v truy nhp ra ngoi (t Intranet ra Internet).
Cho php hoc cm nhng dch v php truy nhp vo trong (t Internet vo Intranet).Theo di lung d liu mng gia Internet v Intranet.
Kim sot a ch truy nhp, cm a ch truy nhp.
Kim sot ngi s dng v vic truy nhp ca ngi s dng.
Kim sot ni dung thng tin thng tin lu chuyn trn mng.Iptables Firewall Gii thiu
Trong mi trng Linux phn mm firewall ph bin v c bn nht l iptables, thng qua n bn c th d dng hiu c nguyn l hot ng ca mt h thng firewall ni chung.
Cu Trc Iptable
Iptables c bn gm ba bng FILTER, MANGLE, NAT v cc chain trong mi bng, vi chng ngi qun tr c th to ra cc rules cho php cc gi tin vo ra h thng (c bo v bng iptables) tu theo mun ca mnh. Chc nng c th ca chng nh sau:
Mangle: dng chnh sa QOS (qulity of service) bit trong phn TCP Header ca gi tin
Filter: ng nh tn gi n dng lc cc gi tin gm cc build-in chainForward chain: lc nhng gi tin i qua h thng (i vo mt h thng khc).
Input chain: lc nhng gi tin i vo h thng.
Output chain: nhng gi tin i ra t h thng.
Nat: sa a ch gi tin gm cc build-in chain.
Pre-routing: sa a ch ch ca gi tin trc khi n c routing bi bng routing ca h thng (destination NAT hay DNAT).
Post-routing: ngc li vi Pre-routing, n sa a ch ngun ca gi tin sau khi gi tin c routing bi h thng (SNAT).
Mi rule m bn to ra phi tng ng vi mt chain, table no y. Nu bn khng xc nh tables no th iptables coi mc nh l cho bng FILTER
Trnh t x l gi tin ca iptables:
Cthtm tttrnh txl gi tin ca iptables bng hnhv 2.12, cc gi tin t ngoi i vo s c kim tra bi cc Pre-routing chain u tin xem xem n c cn DNAT khng sau gi tin c routing. Nu gi tin cn i ti mt h thng khc (protected network) n s c lc bi cc FORWARD chain ca bng FILTER v nu cn n c th c SNAT bi cc Post-routing chain trc khi n c h thng ch.
Tng t khi h thng ch cn tr li, gi tin s i theo th t nh vy nhng theo chiu ngc li. Lu trong hnh v nhng FORWARD v Post-routing chain ca bng mangle ch tc ng vo c im QOS (Quality of Service) ca gi tin. Nu gi tin c gi ti h thng (h thng cha iptables) n s c x l bi cc INPUT chain v nu khng b lc b n s c x l bi mt dch v (System Service) no chy trn h thng. Khi h thng gi tr li, gi tin m n gi i c x l bi cc OUTPUT chain v c th c x k bi cc Post-routing chain ca bng FILTER v bng MANGLE nu n cn SNAT hay QoS.
Targets v Jumps: nhng iptables rules kim tra nhng gi ip v c gng xc nh n s c x l theo kiu no (target), khi c xc nh gi ip s c x l theo kiu .
Hnh 2.12: Trnh t x l gi tin ca iptabels
Sau y l mt s build-in targets thng c s dng.
ACCEPT: iptables chp nhn gi tin, a n qua h thng m khng tip tc kim tra n na.
DROP: iptables loi b gi tin, khng tip tc x l n na.
LOG: thng tin ca gi tin s c ghi li bi syslog h thng, iptables tip tc x l gi tin bng nhng rules tip theo.
REJECT: chc nng ca n cng ging nh DROP tuy nhin n s gi mt error message ti host gi gi tin.
DNAT: dng sa li a ch ch ca gi tin. SNAT: dng sa li a ch ngun ca gi tin
MASQUERADE: cng l mt kiu dng sa a ch ngun ca gi tin xy dng cc rules bn cn phi s dng cc tu chn to iu kin so snh.
Web Server
Gii thiu
Mt my ch web l mt loi c bit ca my ch tp tin m tt c phi l tp tin cung cp c lu tr trong mt cu trc th mc chuyn dng. Cc gc ca cu trc ny c gi l gc ca ti liu, v cc nh dng tp tin m cung cp cc tp tin l HTML, ngn ng nh du siu vn bn. Nhng mt my ch web c th cung cp nhiu hn l ch tp tin HTML. Trong thc t, cc my ch web c th phc v bt c th g, min l n c ghi r trong tp tin HTML. Do , mt my ch web l mt ngun rt tt cho nhng dng m thanh v video, truy cp c s d liu, hin th hnh nh ng, hin th hnh nh, v nhiu hn na.
Ngoi cc my ch web ni c ni dung c lu tr, khch hng cn c th s dng mt giao thc c th truy cp ni dung ny l tt, v giao thc ny l HTTP (cc giao thc truyn siu vn bn). Thng thng, khch hng s dng mt trnh duyt web to ra cc HTTP lnh m ly ni dung, dng HTML v cc file khc, t mt my ch web. Hai phin bn khc nhau ca my ch web Apache. Vic gn y nht phin bn 2.x, l mt trong nhng ci t mc nh trn Ubuntu Server. Tuy nhin, mi trng gp phi m vn s dng trc y 1.3. iu ny thng xy ra nu, v d, cc kch bn tu chnh c pht trin s dng vi 1.3, v nhng kch bn khng tng thch vi 2.x.
M hnh hot ng
Hinh 2.13: M hnh hot ng Web Server
a ch URL
URL (vit tt ca Uniform Resource Locator) c dng tham chiu ti ti nguyn trn Internet. URL mang li kh nng siu lin kt cho cc trang mng. Mt URL bao gm tn giao thc (http,ftp), tn min, c th ch nh cng, ng dn tuyt i trn my phc v ca ti nguyn, cc truy vn, ch nh mc con.
Gii thiu v APACHE Tng quan:
Apache l mt my ch web kiu m-un, c ngha l cc my ch li (c vai tr l c bn phc v ln cc vn bn HTML) c th c m rng bng cch s dng mt lot cc m-un ty chn:
libapache2-mod-auth-mysqld: module ny cho Apache nh th no x l xc thc ngi dng vi mt c s d liu MySQL.
libapache2-mod-auth-pam: module ny ch th Apache lm th no xc thc ngi dng, s dng c ch Linux PAM.
libapache-mod-frontpage: module ny ch th Apache nh th no x l cc trang web bng cch s dng Microsoft FrontPage m rng.
libapache2-mod-mono: module ny cho Apache lm th no gii m ASP.NET.
y l mt danh sch ngn v khng y ca tt c cc module c th s dng trn web Apache server: http://modules.apache.org hin danh sch hn 450 m-un. iu quan trng l xc nh chnh xc nhng m-un no cn cho my ch c th m rng chc nng ca n cho ph hp.
Cc d n Apache Directory cung cp gii php th mc hon ton c vit bng Java. Chng bao gm mt my ch th mc, m c chng nhn l LDAP v3 ph hp do Tp on Open (Apache Directory Server), v cc cng c th mc da trn Eclipse (Apache Directory Studio).
Apache Directory Server
Apache Directory Server l mt my ch th mc nhng hon ton c vit bng Java, c chng nhn tng thch LDAPv3 do tp on Open. Bn cnh LDAP n h tr Kerberos 5 v nhng thay i mt khu Ngh nh th. N c thit k gii thiu gy nn, th tc, hng i v quan im vi th gii ca LDAP thiu cc cu trc phong ph.
Apache Directory Studio
Apache Directory Studio l mt th mc nn tng cng c hon chnh d nh s c s dng vi bt k my ch LDAP tuy nhin n c bit c thit k s dng vi cc Apache Directory Server. N l mt ng dng RCP Eclipse, bao gm mt s Eclipse (OSGi) b sung, c th d dng nng cp vi nhng ngi khc. Nhng b sung thm ch c th chy trong Eclipse chnh n.
APACHE v LDAP:
APACHE s dng Module mod_authnz_ldap cho php mt th mc LDAP c s dng lu tr cc c s d liu xc thc HTTP c bn.
Module ny cung cp chng thc trc kt thc nh mod_auth_basic xc thc ngi dng thng qua mt th mc LDAP. mod_authnz_ldap h tr cc tnh nng sau:
c bit n h tr cc SDK OpenLDAP (c 1.x v 2.x), Novell LDAP SDK v iPlanet cc (Netscape) SDK.
Chnh sch cp php phc tp c th c thc hin bi i din chnh sch vi cc b lc LDAP.
S dng rng b nh m ca cc hot ng LDAP thng qua mod_ldap.
H tr cho LDAP qua SSL (yu cu cc SDK Netscape) hoc TLS (yu cu OpenLDAP 2.x SDK hoc Novell LDAP SDK).
C hai giai on trong vic cp quyn truy cp cho ngi dng. Giai on u tin l xc thc, trong cc nh cung cp chng thc mod_authnz_ldap xc nhn rng thng tin ca ngi dng l hp l. iu ny cng c gi l tm kim / giai on kt. Giai on th hai l y quyn, trong mod_authnz_ldap quyt nh nu ngi s dng chng thc c php truy cp vo cc ti nguyn trong cu hi. iu ny cng c bit n nh l so snh cc giai on.
mod_authnz_ldap ng k c hai nh cung cp xc thc v y quyn authn_ldap authz_ldap mt b x l. Cc nh cung cp authn_ldap chng thc c th c kch hot thng qua cc ch th AuthBasicProvider s dng gi tr ldap. Vic x l y quyn authz_ldap m rng cc loi ch th bng cch thm Yu cu ca ngi s dng ldap, ldap dn-v ldap-nhm cc gi tr.
Trong giai on thm nh, tm kim mod_authnz_ldap cho mt mc trong th mc ph hp vi tn ngi dng m my khch HTTP qua. Nu mt trn u duy nht duy nht c tm thy, sau mod_authnz_ldap c gng gn kt vi cc my ch th mc bng cch s dng cc DN ca mc nhp cng vi cc mt khu c cung cp bi cc khch hng HTTP. Bi v n thc hin mt tm kim, sau mt lin kt, n thng c gi tt l tm kim / giai on kt. DHCP Server
Gii thiu v DHCP
DHCP l vit tt ca Dynamic Host Configuration Protocol, l giao thc cu hnh host ng c thit k lm gim thi gian chnh cu hnh cho mng TCP/IP bng cch t ng gn cc a ch IP cho khch hng khi h vo mng. Dich v DHCP l mt thun li rt ln i vi ngi iu hnh mng. N lm yn tm v cc vn c hu pht sinh khi phi khai bo cu hnh th cng. Ni mt cch tng quan hn DHCP l dich v mang n cho chng ta nhiu li im trong cng tc qun tr v duy tr mt mng TCP/IP nh:
+ Tp chung qun tr thng tin v cu hnh IP.
Cu hnh ng cc my.
Cu hnh IP cho cc my mt cch lin mch
S linh hot
Kh nng m rng.
Mt DHCP Server cp pht a ch IP cho cc my tnh khc. Dch v ny thng c s cho doanh nghip gip bn gim bt ci t cu hnh. Tt c cc a ch IP ca tt c cc my tnh c lu tr trong mt c s d liu trn mt my Server.
Mt my ch DHCP c th ci t cu hnh v s dng theo hai phng php
Vng a ch
Phng php ny i hi phi xc nh mt vng (i khi cn gi l mt phm vi) ca a ch IP m DHCP cung cp cho khch hng ca h ang c cu hnh v tnh nng ng trn mt Server c s. Khi mt DHCP Client khng cn trn mng cho mt khong thi gian xc nh, cu hnh l ht hn v khi quay tr li s c cp pht a ch mi bng cch s dng cc dch v DHCP.
a ch MAC
Phng php ny i hi phi s dng dch v DHCP xc nh a ch phn cng duy nht ca mi card mng kt ni vi cc mng li v sau lin tc cung cp mt cu hnh DHCP mi ln khch hng yu cu to ra mt trnh phc v DHCP bng cch s dng cc thit b mng.Phng thc hot ng ca dch v DHCP
Dch v DHCP hot ng theo m hnh Client / Server. Theo qu trnh tng tc gia DHCP client v server s din ra theo cc bc sau:
Bc 1: Khi my Client khi ng, my s gi broadcast gi tin DHCP
DISCOVER, yu cu mt Server phc v mnh. Gi tin ny cng cha a ch MAC ca client. Nu client khng lin lc c vi DHCP Server th sau 4 ln truy vn khng thnh cng n s t ng pht sinh ra 1 a ch IP ring cho chnh mnh nm trong dy a ch IP c gii hn dng lin lc tm thi. V client vn duy tr vic pht tn hiu Broad cast sau mi 5 pht xin cp IP t DHCP Server.
Bc 2: Cc my Server trn mng khi nhn c yu cu . Nu cn kh nng cung cp a ch IP, u gi li cho my Client mt gi tin DHCP OFFER, ngh cho thu mt a ch IP trong mt khong thi gian nht nh, km theo l mt Subnet Mask v a ch ca Server. Server s khng cp pht ia ch IP va ngh cho client thu trng sut thi gian thng thuyt.
Bc 3: My Client s la chn mt trong nhng li n ngh ( DHCPOFFER) v gi broadcast li gi tin DHCPREQUEST v chp nhn li ngh . iu ny cho php cc li ngh khng c chp nhn s c cc Server rt li v dng cp pht cho cc Client khc.
Bc 4: My Server c Client chp nhn s gi ngc li mt gi tin DHCP ACK nh mt li xc nhn, cho bit a ch IP , Subnet Mask v thi hn cho s dng s chnh thc c p dng. Ngoi ra server cn gi km nhng thng tin b xung nh a ch Gateway mc nh, a ch DNS Server...
Ci t v cu hnh DHCP Server trn Ubuntu Ci t DHCP Server
C php:
$ sudo apt-get install dhcp3-server
Lnh ny s hon tt vic ci t.Cu hnh DHCP Server
Nu bn c hai cc mng trong my ch ca bn, bn cn phi chn card m bn mun s dng phc v DHCP. Mc nh n l eth0. Bn c th thay i n bng cch sa tp tin /etc/default/dhcp3-server file
$ sudo vi /etc/default/dhcp3-server
Tm n dng:
INTERFACES=eth0
Ri thay th bng dng di y:
INTERFACES=eth1
Lu v thot. Ty chn ny.Tip theo bn chc sao lu tp tin /etc/dhcp3/dhcpd.conf
$ cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.back
Sa tp tin bng lnh /etc/dhcp3/dhcpd.conf
$ sudo vi /etc/dhcp3/dhcpd.conf
Phng thc s dng vng a ch
Bn cn thay i nhng phn sau trong tp tin /etc/dhcp3/dhcpd.conf
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name yourdomainname.com;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.200;
}
Lu v ng tp tin.
Kt qu ny trn DHCP Server s cp pht cho mt Client mt a ch IP lm trong khong 192.168.1.10 ti 192.168.1.200 . N s cho cp pht mt a ch IP cho 600 giy, nu khch hng khng yu cu cho mt khung thi gian c th.
Hoc ti a l (c php) 7200 giy.
Phng thc s dng a ch MAC
Phng thc ny bn c th s dng trn mt s hoc tt c cc my vi a ch IP c nh. Bn c th s dng a ch IP c nh cho server1, server2, printer1 v printer2
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name yourdomainname.com;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.200;
}
host server1 {
hardware ethernet 00:1b:63:ef:db:54;
fixed-address 192.168.1.20;
}
host server2 {
hardware ethernet 00:0a:95:b4:d4:b0;
fixed-address 192.168.1.21;
}
host printer1 {
hardware ethernet 00:16:cb:aa:2a:cd;
fixed-address 192.168.1.22;
}
host printer2 {
hardware ethernet 00:0a:95:f5:8f:b3;
fixed-address 192.168.1.23;}
By gi bn cn khi ng li DHCP Server s dng lnh:
$ sudo /etc/init.d/dhcp3-server restart
Cu hnh Ubuntu DHCP Client
Nu bn mun cu hnh Ubuntu Desktop ca bn nh l mt DHCP Client bn lm theo cc bc di y.
Bn cn m tp tin /etc/network/interfaces
$ sudo vi /etc/network/interfaces
Chc chn rng c bn c cc dng di y (eth0 l mt v d)
auto lo eth0
iface eth0 inet dhcp
iface lo inet loopback
Lu v ng tp tin.
Bn cn khi ng li dch v mng bng lnh di y:
$ sudo /etc/init.d/networking restart
CHNG 3
TRIN KHAI QUAN TR MNG TRN UBUNTU SERVERXY DNG KCH BN
Gii thiu m hnh
Hnh 3.1. M hnh mng
Cho h thng mng (hnh 3.1) c kt ni internet gm c nhiu my tnh client c qun l bi h thng server s dng h iu hnh Ubuntu Server.
Yu cu
Qun tr cu hnh, ti nguyn mng
Qun tr ngi dng, dch v mngQun tr hiu nng, hot ng mngQun tr an ninh, an ton mngPHN TCH
Phn tch yu cu
Qun tr cu hnh, ti nguyn mng: Bao gm cc cng tc qun l, kim sot cu hnh, qun l ti nguyn cp pht cho cc i tng s dng khc nhau.
Qun tr ngi dng, dch v mng: bao gm cc cng tc qun l ngi s dng trn h thng v m bo dch v cung cp c tin cy cao, cht lng m bo theo ng cc ch tiu ra.
Qun tr hiu nng, hot ng mng: bao gm cc cng tc qun l, gim st hot ng mng li, m bo cc hot ng ca thit b h thng n nh.
Qun tr an ninh, an ton mng: bao gm cc cng tc qun l, gim st mng li, cc h thng m bo phng trnh cc truy nhp tri php. Vic phng chng, ngn chn s ly lan ca cc loi virus my tnh, cc phng thc tn cng nh Dos lm t lit hot ng ca mng cng l mt phn rt quan trng trong cng tc qun tr, an ninh, an ton mng.
Gii php
Ci t h iu hnh Ubuntu Server 10.04
Ci t v cu hnh LDAP
Trin khai h thng Firewall
Cu hnh DNS, DHCP
Ci t v trin khai Web Server
THC HIN
Chun b
- Ci t ubuntu server 10.04 32bit hay 64bit
- t a ch IP tnh v my c th kt ni internet
- Update ubuntu server bng lnh sau:
+ apt-get update
+ apt-get dist-upgrade
+ reboot.
Ci t v cu hnh
Ci t v cu hnh LDAP Bc 1: m termiunal v ly quyn root bng lnh sudo -i v nh password ca h thng
Hnh 3.2: ng nhp h thng Ubuntu Server
Bc 2: install LDAP server bng lnh apt-get install slapd ldap-utils
Hnh 3.3: Ci t LDAP Server (1)
Bc 3: ta add cc schema cn thit cho LDAP bng cc lnh sau: ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
ldapadd -YEXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f
/etc/ldap/schema/inetorgperson.ldif
Bc 4: ta to 1 file backend.minhtuan.net.ldif
Bc 5: bc ny ta s thc hin add file ldif va mi to trn vo h thng LDAP bng lnh sau: ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif
Bc 6: ci t SAMBA v cc gi cn thit bng lnh sau: apt-get install samba samba-doc libpam-smbpass smbclient smbldap-tools
Hnh 3.4: Ci t SAMBA Server (2)
Bc 7: cu hnh SAMBA. Ta cu hnh file /etc/samba/smb.conf nh sau: workgroup = VT071Anetbios name = PDC-SAMBAobey pam restrictions = Yespassdb backend = ldapsam:ldap://localhostpam password change = Yessyslog = 0
log file = /var/log/samba/log.%m
max log size = 1000 server signing = auto server schannel = Auto printcap name = cups
add user script = /usr/sbin/smbldap-useradd -m '%u'
delete user script = /usr/sbin/smbldap-userdel %u
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smbldap-groupmod -m'%u' '%g'
delete user from group script = /usr/sbin/smbldap-groupmod-x '%u' '%g'
set primary group script = /usr/sbin/smbldap-usermod -g'%g' '%u'
add machine script = /usr/sbin/smbldap-useradd -w '%u'
logon script = allusers.bat logon path = logon home =domain logons = Yes
os level = 35
domain master = Yes
dns proxy = No
wins support = Yes
ldap admin dn = cn=admin,dc=hoasen,dc=local
ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
unix password sync = no ldap
passwd sync = yes
ldap suffix = dc=minhtuan,dc=local
ldap ssl = no
ldap user suffix = ou=Users
panic action = /usr/share/samba/panic-action %d
[homes]
comment = Home Directories
valid users = %S
read only = No browseable = No browsable = No
[netlogon]
comment = Network Logon Service path = /var/lib/samba/netlogon admin users = root
guest ok = Yes browseable = No
browsable = No
[Profiles]
comment = Roaming Profile Share
path = /var/lib/samba/profiles
read only = No profile acls = Yes browseable = No
browsable = No
[printers]
comment = All Printers
path = /var/spool/samba
admin users = root
write list = root
read only = No create mask = 0600 guest ok = Yes printable = Yes
use client driver = Yes
browseable = No browsable = No
[print$]
comment = Printer Drivers Share
path = /var/lib/samba/printers admin users = root
write list = root create mask = 0664 directory mask = 0775
[shared]
path = /var/lib/samba/shared
read only = No
guest ok = Yes
Lu : phn cu hnh trn ta nn quan tm mt s bin quan trong sau: workgroup = VT071A
netbios name = PDC-SAMBA
passdb backend = ldapsam:ldap://localhost
ldap admin dn = cn=admin,dc=hoasen,dc=local ldap group suffix = ou=Groups
ldap idmap suffix = ou=Idmap
ldap machine suffix = ou=Computers
unix password sync = no
ldap passwd sync = yes
ldap suffix = dc=minhtuan,dc=local
Ci t v cu hnh DNS Server Ci t
Ta dng lnh sau ci t DNS
![[123doc.vn] Nghien Cuu Dich Vu Iptv Tren Nen Ims Va de Xuat Phuong an Trien Khai Tren Mang Vien Thong Ha Noi](https://img.pdfslide.tips/doc/110x75/55cf8530550346484b8ba4a7/123docvn-nghien-cuu-dich-vu-iptv-tren-nen-ims-va-de-xuat-phuong-an-trien.jpg)
![[123doc.vn] - Trien Khai Mpls VPN Tren He Thong Router Cua Cisco](https://img.pdfslide.tips/doc/110x75/55cf9433550346f57ba04cbf/123docvn-trien-khai-mpls-vpn-tren-he-thong-router-cua-cisco.jpg)
