*NetBSD-5.0 Install [#k7af8b8e]
ftp://ftp.netbsd.org/pub/NetBSD/iso/5.0/i386cd-5.0.iso
のCDイメージからインストール
***タイムゾーン変更 [#m042b195]
ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-5.0/source/sets/syssrc.tgz
を/に展開
cd /usr/src/sys/arch/i386/conf
cp GENERIC confname
vi confname
confの編集:↓の変更
options RTC_OFFSET=-540 # hardware clock is this many mins. west of GMT
config confname
cd ../compile/confname
make depend
make
mv /netbsd /netbsd.old
mv netbsd /.
cd /etc
rm localtime
ln -s /usr/share/zoneinfo/Japan localtime
***pkgsrc [#h830e8aa]
ftp://ftp.netbsd.org/pub/NetBSD/packages/pkgsrc-current.tar.gz
を/usr/に展開
/etc/mk.conf
ACCEPTABLE_LICENSES+=fee-based-commercial-use
ACCEPTABLE_LICENSES+=lha-license
ACCEPTABLE_LICENSES+=postfix-license
PKG_OPTIONS.postfix=sasl bdb tls pcre
cd /usr/pkgsrc/shells/tcsh ; make ; make install
cd /usr/pkgsrc/inputmethod/ja-freewnn-server ; make ; make install
cd /usr/pkgsrc/www/apache22/ ; make ; make install
cd /usr/pkgsrc/misc/ja-man ; make ; make install
cd /usr/pkgsrc/misc/ja-less ; make ; make install <- ja-manで入る
cd /usr/pkgsrc/misc/screen ; make ; make install
cd /usr/pkgsrc/lang/perl5 ; make ; make install <- apache2で入る
cd /usr/pkgsrc/lang/php5 ; make ; make install
cd /usr/pkgsrc/archivers/lha ; make ; make install
cd /usr/pkgsrc/archivers/zip ; make ; make install
cd /usr/pkgsrc/archivers/unzip ; make ; make install
cd /usr/pkgsrc/converters/ish ; make ; make install
cd /usr/pkgsrc/converters/p5-nkf ; make ; make install
cd /usr/pkgsrc/editors/emacs ; make ; make install
cd /usr/pkgsrc/net/ja-samba ; make ; make install
cd /usr/pkgsrc/net/mirror ; make ; make install
cd /usr/pkgsrc/net/rsync ; make ; make install
cd /usr/pkgsrc/net/wget ; make ; make install
cd /usr/pkgsrc/graphics/netpbm ; make ; make install
cd /usr/pkgsrc/www/ap-php ; make ; make install
cd /usr/pkgsrc/misc/php-mbstring ; make ; make install
cd /usr/pkgsrc/www/php-curl ; make ; make install
cd /usr/pkgsrc/mail/fetchmail ; make ; make install
cd /usr/pkgsrc/mail/procmail ; make ; make install
cd /usr/pkgsrc/mail/dovecot ; make ; make install
cd /usr/pkgsrc/www/lynx ; make ; make install
cd /usr/pkgsrc/devel/apel ; make ; make install
cd /usr/pkgsrc/devel/flim ; make ; make install
cd /usr/pkgsrc/devel/semi ; make ; make install
cd /usr/pkgsrc/mail/postfix-current ; make ; make install
cd /usr/pkgsrc/security/cy2-crammd5 ; make ; make install
***Openssh [#qc39be9b]
> /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX root@hostname
passphraseは空のままリターンで&br;
dsaも同様に空で作成
> /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
***ssh2 [#m7d63566]
ssh-keygen2で作ったキーはそれぞれ登録ファイルに登録しておく
echo "idkey id_dsa_2048_a" >> identification
echo "key id_dsa_2048_a.pub" >> authorization
OpenSSHクライアントからSSH2サーバーへの接続の場合&br;
公開キーをSSH2用に変換して追加する
/usr/bin/ssh-keygen -e -f OpenSSH公開キーファイル > id_dsa.pub
echo "key id_dsa.pub" >> authorization
SSH2クライアントからOpenSSHサーバーへの接続の場合&br;
/usr/bin/ssh-keygen -i -f SSH2公開キーファイル >> authorized_keys
echo "key id_dsa.pub" >> authorization
***named [#a6cef9dd]
rndc.confファイルの作成
> /usr/local/sbin/rndc-confgen -a
***screenrc [#vbc5079b]
defkanji jis
escape ^z^z
bind '-' prev
bind '^g'
bind '?' help
bind '^a' other
bind 'a' other
bind 'Z' suspend
bind 'z' suspend
bind 'G' vbell
bind 'R' reset
*** apache on php5 [#z6517d64]
/usr/pkg/etc/httpd/httpd.conf
<Directory />
Options All
AllowOverride All
</Directory>
<Directory "/usr/pkg/share/httpd/htdocs">
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
DirectoryIndex index.html index.html.var index.php
LoadModule php5_module lib/php/mod_php5.so
AddType application/x-httpd-php .php
/usr/pkg/etc/php.ini
extension=mbstring.so
extension=curl.so
動作チェック&br;
/usr/pkg/share/httpd/httpdocs/phptest.php
<?php phpinfo();?>
*** samba [#vbdc3eb9]
samba用パスファイルの作成
smbpasswd -a username
/usr/pkg/etc/samba/smb.conf
[homes]
comment = Home Directories
browseable = no
writable = yes
create mode = 0755
valid users = %S
[www]
path = /usr/pkg/share/httpd/htdocs
browseable = yes
create mode = 777
writable = yes
public = yes
/etc/inetd.conf
netbios-ssn stream tcp nowait root /usr/pkg/sbin/smbd smbd
netbios-ns dgram udp wait root /usr/pkg/sbin/nmbd nmbd
samba2.x系とsamba3.x系での文字コードの設定方法の違い&br;
2.x系で
coding system = EUC
だった場合は
unix charset = EUCJP-MS
dos charset = CP932
display charset = EUCJP-MS
でOK
*** imap-uw [#e69c9a55]
/etc/c-client.cf
I accept the risk for IMAP toolkit 4.1.
set mail-subdirectory imap-uw
set new-folder-format mbx
/etc/inetd.conf
imap4 stream tcp nowait root /usr/pkg/libexec/imapd imapd
imaps stream tcp nowait root /usr/pkg/libexec/imapd imapd
pop2 stream tcp nowait root /usr/pkg/libexec/ipop2d ipop2d
pop3 stream tcp nowait root /usr/pkg/libexec/ipop3d ipop3d
pop3s stream tcp nowait root /usr/pkg/libexec/ipop3d ipop3d
*** Dovecot [#wfba5a72]
/usr/pkg/etc/dovecot.conf
protocols = imap pop3 imaps pop3s
protocol imap {
listen = *:143
ssl_listen = *:993
}
protocol pop3 {
listen = *:110
ssl_listen = *:995
}
disable_plaintext_auth = no <-- PLAINパスワード許可
ssl_disable = no <-- sslサポート
mail_location = maildir:~/Maildir
first_valid_uid = 100 <-- 500以下のUIDを使ってる場合
auth default {
mechanisms = cram-md5 plain login
passdb passwd-file {
args = /usr/pkg/etc/dovecot-passwd
}
}
パスワードファイルの書式は
username:password:uid:gid::homedir::option
パスは平文にせずopenssl passwd -1で変換しておいた方がいいかも&br;
書式は
username:password
だけでもいい
sslをサポートする場合はpemファイルを作成しておく&br;
/usr/pkg/share/examples/dovecot/dovecot-openssl.cnfを/etc/openssl/にでもコピーして編集。&br;
/usr/pkg/share/examples/dovecot/mkcert.shで./certs/dovecot.pemと./private/dovecot.pemが出来る
tacosu# /usr/pkg/share/examples/dovecot/mkcert.sh
Generating a 1024 bit RSA private key
....++++++
........++++++
writing new private key to '/etc/openssl/private/dovecot.pem'
-----
subject= /C=JP/ST=Kyoto/L=Uji/O=Private/OU=Admin/CN=tacosu.hauN.org/emailAddress=gkubota@momo.so-net.ne.jp
SHA1 Fingerprint=CE:AA:D4:3E:53:CD:E6:55:E4:E2:00:78:68:FC:93:90:7A:BF:24:28
証明書の確認は以下のコマンドで
tacosu# openssl x509 -in /etc/openssl/certs/dovecot.pem -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f0:7f:5b:de:f9:24:44:89
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=JP, ST=Kyoto, L=Uji, O=Private, OU=Admin, CN=tacosu.hauN.org/emailAddress=gkubota@momo.so-net.ne.jp
Validity
Not Before: Jun 3 02:10:13 2009 GMT
Not After : Jun 3 02:10:13 2010 GMT
Subject: C=JP, ST=Kyoto, L=Uji, O=Private, OU=Admin, CN=tacosu.hauN.org/emailAddress=gkubota@momo.so-net.ne.jp
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:bf:aa:d5:35:b8:f9:6f:27:83:f6:45:03:dd:96:
d6:77:27:cf:b9:a6:9c:14:39:32:6d:50:76:ab:20:
55:cf:52:a8:c8:33:2f:52:59:04:f0:4c:31:73:00:
d1:2e:13:05:fd:cd:9c:2f:a7:84:e1:16:e2:33:39:
6e:bd:a4:6b:0d:19:82:97:f3:90:47:a5:60:57:c0:
9a:ec:ef:34:bc:f8:d2:ae:69:ef:fc:1f:2e:9f:e8:
4d:5a:bb:32:02:4c:b0:6f:76:bb:fe:6f:61:19:26:
c1:9f:e0:ef:b0:20:83:ab:30:2e:db:c2:75:d9:e3:
3d:04:ee:0d:c4:81:56:04:45
Exponent: 65537 (0x10001)
X509v3 extensions:
Netscape Cert Type:
SSL Server
Signature Algorithm: sha1WithRSAEncryption
85:f4:6c:79:57:8e:21:b7:61:28:45:33:c3:a3:e1:74:af:f7:
30:81:25:20:58:d6:97:02:58:f8:80:9c:6d:6f:b6:38:2e:57:
11:a5:93:70:a9:91:9e:3f:bf:1a:6e:5a:7e:72:79:cd:27:e0:
d0:cd:5f:d0:55:24:cb:51:04:7d:21:0c:ca:24:73:35:ec:c6:
0a:ff:4f:e0:41:7b:36:03:58:f0:1b:cd:5c:19:5a:41:ce:81:
0e:09:84:72:a4:b4:3e:87:6d:81:02:8b:c4:b3:9b:c8:b2:ba:
25:fa:23:30:d0:53:a6:94:dc:c1:e6:a4:13:8f:8b:5f:35:c4:
70:e4
証明書のインポート用DERファイルの作成は以下のコマンドで
tacosu# openssl x509 -inform pem -in certs/dovecot.pem -outform der -out dovecot.der
***fetchmail [#a2511f1f]
.fetchmailrc
set logfile "/home/username/fetchmail.log"
set postmaster root
set no bouncemail
defaults
protocol pop3
flush <-- テスト中はkeepにして消えないように
no mimedecode
smtphost localhost
poll popサーバー
user ユーザー名
password "パスワード"
***procmail [#c47ab5ca]
.forward&br;
mailboxの場合
"|IFS=' ' && p=/usr/pkg/bin/procmail && test -f $p && exec $p -Yf- || exit 75 #username"
Maildirの場合
"|IFS=' ' && p=/usr/pkg/bin/procmail && test -f $p && exec $p -f- || exit 75 #~/Maildir/"
.procmailrc&br;
Maildirの場合
PATH=$HOME/bin:/usr/bin:/bin:/usr/local/bin:.
MAILDIR=$HOME/Maildir/ # You'd better make sure it exists
DEFAULT=$MAILDIR
LOGFILE=$HOME/procmail.log
postfix/main.cf
mailbox_command = /usr/pkg/bin/procmail
*** hosts [#dff010c7]
/etc/hosts.deny
ALL: ALL
/etc/hosts.allow
ALL: .localnet
telnetd:
ftpd: ALL
httpd: ALL
sshd: ALL
sendmail: ALL
postfix: ALL
imapd: ALL
*** pppoeの設定 [#d4156469]
PPPoEがサポートされてるか確認
chitose# ifconfig -C
bridge vlan gif gre tun tap strip sl pppoe ppp lo
pppoeが無い場合カーネルコンフィグに以下を追加して作り直す
pseudo-device pppoe # PPP over Ethernet (RFC 2516)
接続テスト
chitose# ifconfig pppoe0 create
chitose# ifconfig pppoe0 inet 0.0.0.0 0.0.0.1 down
chitose# ifconfig ex0 up
chitose# pppoectl -e ex0 pppoe0 <-- ex0はADSLモデムの継ってるNIC
chitose# pppoectl pppoe0 myauthproto=認証方式(pap or chap) 'myauthname=接続ID' 'mysuthsecret=接続パスワード' hisauthproto=none
chitose# ifconfig pppoe0 up
chitose# pppoectl -d pppoe0
pppoe0: state = session
Session ID: 0x1234
PADI retries: 0
PADR retries: 0
chitose#
state = sessionならセッション確立。&br;
接続出来ていれば以下のようにIPの確認が出来る。
chitose# ifconfig pppoe0
pppoe0: flags=8851 mtu 1492
inet 218.228.157.12 -> 218.228.156.1 netmask 0xffffff00
chitose#
以下起動時に自動接続する設定&br;
/etc/ifconfig.pppoe0
create
! /sbin/ifconfig ex0 up
! /sbin/pppoectl -e ex0 pppoe0
! /sbin/pppoectl pppoe0 myauthproto=chap myauthname=USERNAME myauthsecret=PASSWORD hisauthproto=none
! /sbin/pppoectl pppoe0 max-auth-failure=0
inet 0.0.0.0 0.0.0.1
up
/etc/ppp/ip-up:
#!/bin/sh
/sbin/route add default $5
/etc/ppp/ip-down:
#!/bin/sh
/sbin/route delete default
上の2つのファイルを作成し、/etc/rc.confに
ifwatchd=YES
ifwatchd_flags="-u /etc/ppp/ip-up -d /etc/ppp/ip-down pppoe0"
*** Path MTU discovery blackhole問題の解決方法 [#u0b5e4c9]
経路上にICMPをすべて落す防火壁がある場合MTU Path discovery blackhole問題が発生する。&br;
この場合MTUとMSSを調整することで解決出来る。&br;
以下設定方法&br;
sysctl変数net.inet.tcp.mss_ifmtuを1に設定。
sysctl -w net.inet.tcp.mss_ifmtu=1
PPPoEのMTUを設定
ifconfig pppoe0 mtu 1454
/etc/ifconfig.pppoe0
create
! /sbin/ifconfig ex0 up
! /sbin/pppoectl -e ex0 pppoe0
! /sbin/pppoectl pppoe0 myauthproto=chap myauthname=USERNAME myauthsecret=PASSWORD hisauthproto=none
! /sbin/pppoectl pppoe0 max-auth-failure=0
inet 0.0.0.0 0.0.0.1
mtu 1454
up
/etc/ipnat.confのpppoeの項目の最後にmssclampを追加。&br;
値はMTUで設定した値-40 &br;
/etc/ipnat.conf
map pppoe0 192.168.1.0/24 -> 0/32 mssclamp 1414 <--mtuの値-40
*** ルーターにする設定 [#s8da320d]
1.カーネルコンフィグで以下の2項目を有効になっているカーネルを作る(GENERICでは有効になっている)
options PFIL_HOOKS # pfil(9) packet filter hooks
pseudo-device ipfilter # IP filter (firewall) and NAT
2./etc/sysctl.confに以下を追加。
net.inet.ip.forwarding=1
3.IP Filterの設定&br;
以下の例ではすべて透過。&br;
log onにしておくとipmonでログが取れる&br;
ログも取らずすべて透過でいいなら空ファイルを用意するだけでもいい。&br;
/etc/ipf.conf
pass in log on pppoe0 proto tcp from any to any flags S/SA
4.IP NATの設定&br;
ローカルネットワークが192.168.1.0/24の場合。&br;
/etc/ipnat.conf
#!/sbin/ipnat -f -
map pppoe0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
map pppoe0 192.168.1.0/24 -> 0/32 portmap tcp/udp 40000:60000
map pppoe0 192.168.1.0/24 -> 0/32
5./etc/rc.confに以下を追加。&br;
ログを取らない場合はipmonの行はいらない。
ipfilter=YES
ipnat=YES
ipmon=YES ipmon_flags="-ns" # syslog ipfilter messages
***iTunes Server [#f8abb14e]
pkgsrcから必要な物をインストール
cd /usr/pkgsrc/net/howl ; make ; make install
cd /usr/pkgsrc/audio/mt-daapd ; make ; make install
cd /usr/pkgsrc/net/mDNSResponder ; make ; make install
mDNSResponderの設定ファイルを作成&br;
/usr/pkg/etc/rendezvous.conf
iTunes Server
_daap._tcp.
none
3689
mDNSResponderを起動
> /usr/pkg/bin/mDNSResponderPosix -f /usr/pkg/etc/rendezvous.conf -b
mt-daapdの設定ファイルを作成&br;
/usr/pkg/etc/mt-daapd.conf
web_root /usr/pkg/share/mt-daapd/admin-root # WEB管理画面用ファイルのパス
mp3_dir /home/iTunes # 音楽ファイルのパス
servername iTune Server # 共有名
logfile /var/log/mt-daapd.log
#rescan_interval 300 # 音楽ファイルのスキャンインターバル
mt-daapdの起動
> /usr/pkg/bin/mt-daapd start
***たまご [#o8e51c1e]
tacosu> cvs -d :pserver:anonymous@cvs.m17n.org:/cvs/tamago login
tacosu> cvs -d :pserver:anonymous@cvs.m17n.org:/cvs/tamago checkout tamago
tacosu> cd tamago
tacosu> ./configure --prefix=/usr/pkg
tacosu> make
tacosu> make install
***2ch,まちBBS書き込み規制対策 [#v2caaeaf]
/etc/ipf.confに以下を追加
block in quick on pppoe0 proto tcp from any to any port = 8080
block in quick on pppoe0 proto tcp from 206.223.151.130 to any port = 80
block in quick on pppoe0 proto tcp from 221.117.59.156 to any port = 80
block in quick on pppoe0 proto tcp from 122.212.252.64/28 to any port = 80 <--まちBBS旧?
block in quick on pppoe0 proto tcp from 115.125.248.32/28 to any port = 80 <--まちBBS新?
***mobirc [#daeff4d4]
必要モジュールのインストール
perl -MCPAN -e shell
cpan> install API:Mobirc
***Subversion [#qb02ddab]
Apache2だとビルドが通らないのでApacheは22で
cd /usr/pkgsrc/devel/subversion ; make ; make install
.subversion/config編集
enable-auto-props = yes
[auto-props]
# ScriptFiles
*.bat = svn:eol-style=native; svn:keywords=Id; svn-mine-type=text/plain
*.bsh = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-beanshell
*.cgi = svn:eol-style=native; svn:keywords=Id; svn-mine-type=text/plain
*.cmd = svn:eol-style=native; svn:keywords=Id; svn-mine-type=text/plain
*.js = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/javascript
*.php = svn:eol-style=native; svn:keywords=Id Rev Date; svn:mime-type=text/x-php
*.pl = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-perl; svn:executable
*.pm = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-perl
*.py = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-python; svn:executable
*.sh = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-sh; svn:executable
# ImageFiles
*.bmp = svn:mime-type=image/bmp
*.gif = svn:mime-type=image/gif
*.ico = svn:mime-type=image/ico
*.jpeg = svn:mime-type=image/jpeg
*.jpg = svn:mime-type=image/jpeg
*.JPG = svn:mime-type=image/jpeg
*.png = svn:mime-type=image/png
*.tif = svn:mime-type=image/tiff
*.tiff = svn:mime-type=image/tiff
# GoogleEarth
*.kml = svn:mime-type=application/vnd.google-earth.kml+xml
*.kmz = svn:mime-type=application/vnd.google-earth.kmz
# DataFiles
*.pdf = svn:mime-type=application/pdf
*.avi = svn:mime-type=video/avi
*.doc = svn:mime-type=application/msword
*.eps = svn:mime-type=application/postscript
*.gz = svn:mime-type=application/gzip
*.mov = svn:mime-type=video/quicktime
*.mp3 = svn:mime-type=audio/mpeg
*.mp4 = svn:mime-type=video/mp4
*.ppt = svn:mime-type=application/vnd.ms-powerpoint
*.ps = svn:mime-type=application/postscript
*.psd = svn:mime-type=application/photoshop
*.rdf = svn:eol-style=native; svn:keywords=Id
*.rss = svn:eol-style=native; svn:keywords=Id
*.rtf = svn:mime-type=text/rtf
*.swf = svn:mime-type=application/x-shockwave-flash
*.tgz = svn:mime-type=application/gzip
*.wav = svn:mime-type=audio/wav
*.xls = svn:mime-type=application/vnd.ms-excel
*.zip = svn:mime-type=application/zip
# TextFiles
.htaccess = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.css = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/css
*.dtd = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xml
*.html = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/html
*.ini = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.sql = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/x-sql
*.txt = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.xhtml = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xhtml+xml
*.xml = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xml
*.xsd = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xml
*.xsl = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xml
*.xslt = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xml
*.xul = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/xul
*.yaml = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.yml = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
CHANGES = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
COPYING = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
INSTALL = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
Makefile* = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
README = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
TODO = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
# CodeFiles
*.c = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.cpp = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.h = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
*.java = svn:eol-style=native; svn:keywords=Id; svn:mime-type=text/plain
httpd.confに追加
<IfModule !mod_dav_svn.c>
LoadModule dav_svn_module lib/httpd/mod_dav_svn.so
LoadModule authz_svn_module lib/httpd/mod_authz_svn.so
</IfModule>
Basic認証の場合
<Location /svn>
DAV svn
SVNParentPath /home/svn/ <-- リポジトリ毎に設定する場合はSVNPath
Order Deny,Allow
Allow from 192.168.1.0/24 <-- LANからのみ
Deny from all
AuthType Basic
AuthName "Subversion repository"
AuthUserFile "/usr/pkg/etc/httpd/.htpasswd"
require valid-user
</Location>
Basic認証用パスワードファイル作成
htpasswd -c パスワードファイル名 ユーザー名
Digest認証の場合
<Location /svn>
DAV svn
SVNParentPath /home/svn/ <-- リポジトリ毎に設定する場合はSVNPath
Order Deny,Allow
Allow from 192.168.1.0/24 <-- LANからのみ
Deny from all
AuthType Digest
AuthName "Subversion repository"
AuthUserFile "/usr/pkg/etc/httpd/.htdigest"
require valid-user
</Location>
Digest認証用パスワードファイル作成
htdigest -c パスワードファイル名 AuthNameで設定した名前 ユーザー名
リポジトリ作成
mkdir /home/svn
svnadmin create /home/svn/repos
chown -R www:www /home/svn/repos
***smartmontoolとrrdtoolでHDDの温度監視 [#l24994af]
cd /usr/pkgsrc/sysutils/smartmontools ; make ; make install
cd /usr/pkgsrc/database/rrdtool ; make ; make install
データファイル(rrdファイル)作成
rrdtool create smart.rrd -b N --step 300 \
DS:wd0:GAUGE:600:0:100 \ <-- 1つ目のHDD用
DS:wd1:GAUGE:600:0:100 \ <-- 2つ目のHDD用
RRA:MIN:0.1:12:8760 \
RRA:MAX:0.1:12:8760 \
RRA:LAST:0.1:1:105120
データの更新と描画用スクリプト
#!/bin/sh
current="/usr/pkg/share/httpd/htdocs/smart"
rrdbin="/usr/pkg/bin/rrdtool"
smartbin="/usr/pkg/sbin/smartctl"
date=`date`
gmdate=`date -u -d '+5 minute' | sed s/UTC/GMT/`
wd0=`$smartbin -A /dev/wd0d | grep Temperature_Celsius | sed -e "s/.*\(Always\) *- *\([0-9]*\).*/\2/"`
wd1=`$smartbin -A /dev/wd1d | grep Temperature_Celsius | sed -e "s/.*\(Always\) *- *\([0-9]*\).*/\2/"`
$rrdbin update $current/smart.rrd N:$wd0:$wd1
$rrdbin graph $current/smart-hour.png --title="HDD last 1 hour" \
--imgformat PNG -w 600 -h 200 -s -3600 \
-l 20 --rigid -u 60 --rigid \
DEF:wd0=$current/smart.rrd:wd0:LAST \
DEF:wd1=$current/smart.rrd:wd1:LAST \
LINE1:wd0#FF0000:"wd0 Hitachi HTS545032B9A300" \
LINE2:wd1#00FF00:"wd1 SAMSUNG HD103SI"
$rrdbin graph $current/smart-day.png --title="HDD last 1 day" \
--imgformat PNG -w 600 -h 200 -s -86400 \
-l 20 --rigid -u 60 --rigid \
DEF:wd0=$current/smart.rrd:wd0:LAST \
DEF:wd1=$current/smart.rrd:wd1:LAST \
LINE1:wd0#FF0000:"wd0 Hitachi HTS545032B9A300" \
LINE2:wd1#00FF00:"wd1 SAMSUNG HD103SI"
$rrdbin graph $current/smart-week.png --title="HDD last 1 week" \
--imgformat PNG -w 600 -h 200 -s -604800 \
-l 20 --rigid -u 60 --rigid \
DEF:wd0=$current/smart.rrd:wd0:LAST \
DEF:wd1=$current/smart.rrd:wd1:LAST \
LINE1:wd0#FF0000:"wd0 Hitachi HTS545032B9A300" \
LINE2:wd1#00FF00:"wd1 SAMSUNG HD103SI"
$rrdbin graph $current/smart-month.png --title="HDD last 1 month" \
--imgformat PNG -w 600 -h 200 -s -2592000 \
-l 20 --rigid -u 60 --rigid \
DEF:wd0=$current/smart.rrd:wd0:LAST \
DEF:wd1=$current/smart.rrd:wd1:LAST \
LINE1:wd0#FF0000:"wd0 Hitachi HTS545032B9A300" \
LINE2:wd1#00FF00:"wd1 SAMSUNG HD103SI"
$rrdbin graph $current/smart-year.png --title="HDD last 1 year" \
--imgformat PNG -w 600 -h 200 -s -31536000 \
-l 20 --rigid -u 60 --rigid \
DEF:wd0=$current/smart.rrd:wd0:LAST \
DEF:wd1=$current/smart.rrd:wd1:LAST \
LINE1:wd0#FF0000:"wd0 Hitachi HTS545032B9A300" \
LINE2:wd1#00FF00:"wd1 SAMSUNG HD103SI"
crontabで適当なタイミングで更新されるようにする
***MySql [#efe2816d]
***MySql設定 [#efe2816d]
パスーワードの設定
パスワードの設定
myspql -u root -p password 'new-password'
不要な名無しユーザー削除
mysql -u root -p
mysql> delete from mysql.user where User = '';
mysql> flush privileges;
ユーザー作成
mysql -u root -p
mysql> grant all privileges on *.* to 'user'@'localhost'
> identified by 'password' with grant option;
mysql> grant all privileges on *.* to 'user'@'%'
> identified by 'password' with grant option;
mysql> flush privileges;
データベース作成
mysql -u root -p
mysql> create database db_name;
***謎メーラー必要モジュール [#g61c7363]
perlモジュールのインストール
perl -MCPAN -e shell
すべてデフォルト設定のままリターンで
cpan> install CGI:Session
cpan> install Mail::IMAPClient
cpan> install MIME::Words
cpan> install Unicode::IMAPUtf7
cpan> install HTML::Template
cpan> install DateTime
![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
