####################輔助dns及其自動同步 加密
主dns端
[root@localhost ~]# hostnamectl set-hostname dns-server
slave端
[root@localhost ~]# hostnamectl set-hostname dns-slave
[root@dns-slave ~]# yum install bind -y ###安裝dns服務軟件
[root@dns-slave ~]# vim /etc/named.conf ####配置dns主配置文件
[root@dns-slave ~]# vim /etc/named.rfc1912.zones ###配置dns子配置文件
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones 
[root@dns-server named]# systemctl restart named
slave端
[root@dns-slave named]# firewall-cmd --add-service=dns --permanent
success
[root@dns-slave named]# firewall-cmd --reload
success
[root@dns-slave named]# setenforce 0
[root@dns-slave named]# systemctl enable named.service
ln -s '/usr/lib/systemd/system/named.service' '/etc/systemd/system/multi-user.target.wants/named.service'
[root@dns-slave named]# systemctl restart named
[root@dns-slave named]# vim /etc/resolv.conf ###配置dns指向爲本機ip,以測試輔助dns是否成功
nameserver 172.25.254.16
[root@dns-slave named]# dig www.westos.com ###測試
成功
#####自動同步主dns
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones 
(also-notify{ ;};) ####通知某dns服務器自己改變了dns信息
[root@dns-server named]# vim westos.com.zone ###設定serial值
[root@dns-server named]# systemctl restart named
輔助dns端
[root@dns-slave named]# systemctl restart named
[root@dns-slave slaves]# dig www.westos.com
輔助dns域名解析已同步
#######遠程更改主dns
主dns端
[root@dns-server named]# vim /etc/named.rfc1912.zones ####設定允許更新本服務器dns數據的主機ip
[root@dns-server named]# ll -d /var/named/
drwxr-x---. 5 root named 4096 Dec 1 00:33 /var/named/
[root@dns-server named]# chmod 770 /var/named/ ####給/var/named/文件夾組rwx權限,以允許被更新
[root@dns-server named]# systemctl restart named
輔助dns端
更新成功
######加密
主dns端
[root@dns-server named]# dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westos ###製作符合bind軟件加密方式的密鑰
[root@dns-server mnt]# cp -p /etc/rndc.key /etc/westos.key
[root@dns-server mnt]# cat /mnt/Kwestos.+157+32233.private
###(Private-key-format: v1.3
Algorithm: 157 (HMAC_MD5)
Key: PCQtwlJGxXyx1aiyKmpxsA==
Bits: AAA=
Created: 20161201060243
Publish: 20161201060243
Activate: 20161201060243
###)
[root@dns-server mnt]# vim /etc/westos.key ###複製key內容並粘貼到/etc/westos.key 文件中
[root@dns-server mnt]# vim /etc/named.conf 
[root@dns-server mnt]# vim /etc/named.rfc1912.zones 
[root@dns-server mnt]# systemctl restart named
[root@dns-server mnt]# scp Kwestos.+157+32233.* [email protected]:/mnt ###複製鑰匙到允許更新的遠程主機端
輔助dns端
[root@dns-slave mnt]# nsupdate -k Kwestos.+157+32233.private
測試成功
####dns自動更新同步
配置dhcp服務
修改dns文件中域名解析數據
輔助dns端
[root@dns-slave mnt]# systemctl restart network
[root@dns-slave mnt]# dig music.westos.com
重啓網絡測試成功
主dns端
[root@dns-server named]# vim /etc/dhcp/dhcpd.conf 
[root@dns-server named]# systemctl restart named
[root@dns-server named]# systemctl restart dhcpd.service
被同步端
[root@dns-slave mnt]# systemctl restart network
[root@dns-slave mnt]# dig www.westos.com
更新成功
###################數據庫
[root@dns-server named]# yum install mariadb-server.x86_64 -y ###安裝數據庫管理軟件
[root@dns-server named]# systemctl stop firewalld.service
[root@dns-server named]# vim /etc/my.cnf
[root@dns-server named]# systemctl start mariadb
[root@dns-server named]# mysql_secure_installation ####安裝數據庫
數據庫的基本使用
[root@dns-server named]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 12
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
MariaDB [(none)]> USE mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> SHOW TABLES;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
MariaDB [mysql]> SELECT * FROM user;
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
| Host | User | Password | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | Create_tablespace_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections | plugin | authentication_string |
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
| localhost | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
| 127.0.0.1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
| ::1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------+--------------+-----------+------------+-----------------+------------+------------+--------------+------------+-----------------------+------------------+--------------+-----------------+------------------+------------------+----------------+---------------------+--------------------+------------------+------------+--------------+------------------------+----------+------------+-------------+--------------+---------------+-------------+-----------------+----------------------+--------+-----------------------+
3 rows in set (0.01 sec)
MariaDB [mysql]> SELECT Host,User,Password FROM user;
+-----------+------+-------------------------------------------+
| Host | User | Password |
+-----------+------+-------------------------------------------+
| localhost | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| 127.0.0.1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
| ::1 | root | *28C1E2BE21B45562A34B6CC34A19CFAFC2F88F96 |
+-----------+------+-------------------------------------------+
3 rows in set (0.00 sec)
MariaDB [mysql]>
#create database westos; ##創建westos數據庫
use westos;
create table linux( ##創建表, username,password字段
username varchar(15) not null,
password varchar(15) not null
ALTER TABLE linux ADD age varchar(4); ###添加age字段到linux表中
ALTER TABLE linux DROP age ###刪除age字段
ALTER TABLE linux ADD age VARCHAR(5) AFTER name ##在name字段後添加字段age
insert into linux values ('user1','passwd1');
word = password1
update linux set password=password('passwd2') where username=user1; ##更新linux中user1密碼
delete from linux where username=user1;
grant select on *.* to user1@localhost identified by 'passwd1'; ##授權user1密碼爲passwd1
##添加用戶
MariaDB [mysql]> CREATE USER westos@localhost identified by 'westos';
Query OK, 0 rows affected (0.00 sec)
MariaDB [mysql]> GRANT CREATE on *.* to westos@localhost; ##爲新建westos用戶添加創建文件的權限
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> REVOKE CREATE on *.* from westos@localhost; ###撤銷用戶權限
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> DROP USER westos@localhost; ####刪除用戶
Query OK, 0 rows affected (0.00 sec)
###若忘記密碼,更改密碼
[root@dns-server named]# systemctl stop mariadb.service
[root@dns-server named]# mysqld_safe --skip-grant-tables &
[3] 12340
[root@dns-server named]# 161201 04:15:42 mysqld_safe Logging to '/var/log/mariadb/mariadb.log'.
161201 04:15:42 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
^C
[root@dns-server named]# kill -9 12340
[root@dns-server named]# mysqld_safe --skip-grant-tables &
[4] 12534
161201 04:16:29 mysqld_safe Logging to '/var/log/mariadb/mariadb.log'.
161201 04:16:29 mysqld_safe A mysqld process already exists
[3] Killed mysqld_safe --skip-grant-tables
[root@dns-server named]# mysql -uroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 1
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> UPDATE mysql.user set Password=password ('redhat') WHERE User='root'; ##設定root用戶密碼爲redhat
Query OK, 3 rows affected (0.00 sec)
Rows matched: 3 Changed: 3 Warnings: 0
MariaDB [(none)]> quit
Bye
[4] Exit 1 mysqld_safe --skip-grant-tables
[root@dns-server named]# systemctl start mariadb
[root@dns-server named]# mysql -uroot -predhat ###新密碼更換成功
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
##圖形化管理數據庫
[root@dns-server named]# yum install httpd -y
[root@mariadb ~]# systemctl start httpd
#(可在/var/www/html/目錄下創建文件,用瀏覽器測試httpd服務是否成功共享文件
下載phpmyadmin軟件
[root@mariadb html]# tar -jxf phpMyAdmin-4.6.5.1-all-languages.tar.bz2 #解壓
[root@mariadb html]# mv phpMyAdmin-4.6.5.1-all-languages myadmin
[root@mariadb html]# yum install php.x86_64 -y ##安裝php語言
[root@mariadb ~]# yum install php-mysql.x86_64 -y ###安裝數據庫php
[root@mariadb html]# cd myadmin/
[root@mariadb myadmin]# cp -p config.sample.inc.php config.inc.php
[root@mariadb myadmin]# vim config.inc.php ##配置php文件
測試,提示php版本小於5.5,更新php版本後纔可使用
###########郵件服務
設定主機maillinux,mialwestos
maillinux端
[root@maillinux ~]# vim /etc/named.rfc1912.zones
[root@maillinux named]# vim westos.com.zone 
[root@maillinux named]# cp -p westos.com.zone linux.com.zone
[root@maillinux named]# vim linux.com.zone 
[root@mailwestos ~]# vim /etc/postfix/main.cf
mailwestos端
[root@mailwestos ~]# systemctl restart postfix.service
[root@mailwestos ~]# mail root
Subject: but
lajsf
asg
lasgas
.
EOT
[root@mailwestos ~]# mailq
Mail queue is empty
[root@mailwestos ~]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 1 message 1 new
>N 1 root Thu Dec 1 06:22 20/557 "but"
& 1
Message 1:
From [email protected] Thu Dec 1 06:22:20 2016
Return-Path: <[email protected]>
X-Original-To: root
Delivered-To: [email protected]
Date: Thu, 01 Dec 2016 06:22:19 -0500
To: [email protected]
Subject: but
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root)
Status: R
lajsf
asg
lasgas ############測試成功
maillinux端
[root@maillinux named]# vim /etc/postfix/main.cf
(將westos換爲linux,其餘配置相同
####不同主機之間相互發送接收
[root@mailwestos ~]# vim /etc/resolv.conf
nameserver 172.25.254.116
[root@mailwestos ~]# mail [email protected]
Subject: seed
alsdfj
asdfh
.
EOT
[root@maillinux named]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 2 messages 1 new 2 unread
U 1 root Thu Dec 1 06:32 21/556 "yes"
>N 2 root Thu Dec 1 06:35 22/746 "seed" ####測試成功
&
設定郵件用戶別名
[root@mailwestos ~]# vim /etc/aliases
[root@mailwestos ~]# postalias /etc/aliases
[root@mailwestos ~]# systemctl restart postfix.service
[root@mailwestos ~]# mail [email protected] ###以設定別名發送郵件
Subject: hhh
alsdjf
al;sjdf
.
EOT
[root@mailwestos ~]# mail -u root
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/mail/root": 2 messages 1 new
1 root Thu Dec 1 06:22 21/568 "but"
>N 2 root Thu Dec 1 06:52 19/567 "hhh" ###用被設定別名用戶名接收成功
##(若設定更多以羣發,可編輯aliases文件,添加more: :include:/etc/moreusers
並編輯文件設定名稱
###隱藏郵件發送者地址
[root@mailwestos postfix]# vim generic
[root@mailwestos postfix]# postconf -e "smtp_generic_maps = hash:/etc/postfix/generic"
###加密地址轉換文件
[root@mailwestos postfix]# postmap /etc/postfix/generic
[root@mailwestos postfix]# systemctl restart postfix.service
[root@mailwestos postfix]# mail [email protected] ###向linux.com發送郵件以測試
Subject: hash
alsjfd
alsj
.
EOT
linx.com端
Message 3:
From [email protected] Thu Dec 1 07:25:55 2016
Return-Path: <[email protected]>
X-Original-To: [email protected]
Delivered-To: [email protected]
Date: Thu, 01 Dec 2016 07:25:55 -0500
To: [email protected]
Subject: hash
User-Agent: Heirloom mailx 12.5 7/5/10
Content-Type: text/plain; charset=us-ascii
From: [email protected] (root) #######測試成功
###遠程操作郵件
[root@mailwestos ~]# yum search telnet
[root@mailwestos ~]# telnet 172.25.254.116 25
Trying 172.25.254.116...
Connected to 172.25.254.116.
Escape character is '^]'.
220 maillinux.linux.com ESMTP Postfix
mail from:[email protected]
250 2.1.0 Ok
rcpt to:[email protected]
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
123456+
al;jdsfl
aljdfalsjfdl;sdjf
.
250 2.0.0 Ok: queued as 7B15326CD4B ###發送成功