2003年4月21日から
本メモは個人的な記録であり、本メモ内容の通り設定して動作しないことがあっても責任はとれません。また、それによってトラブルが発生しても責任はとれません。このため、各人の責任のおいて参考として見て下さい。
このホームページに関するご意見、ご感想は、E-mail:yahagi@yahagi.info までお願いします。
| Hardware | FreeBSD | ntp | Bind | sendmail |
| popper | TCP Wrapper | apache | ftp | printer |
| samba | netatalk | XFree86 | rsync | snmp |
| CVS | portupgrade | |||
| ユーザ環境 | 未分類 |
BIOS変更(2001/8/14)
IBMからi0jt130.exeを取得実行し解凍
フォーマットした1.44MB FDを準備
i0jt13 a: を実行し、システムROMアップデート・ユーティリティを作成
FDから起動し、BIOSをアップデート
HDD交換(2001/8/14)
8GB以上のHDDはBIOSの制限により起動すらしないための対策
20GBのHDD(IBM-DJSA-220)を準備
IBMサイトからDiskManager2000(dm_2000.exe)を入手する
dm_2000.exeを実行し、DiskManager2000を他PCへインストール
DiskManager2000を実行し、Create Disk Manager disketteを作成
他PC(TPi1620)に新HDDをセット
他PCでDisk Manager disketteを起動
Set Drive Sizeで8193150を設定
TP560のHDDを交換する
FreeBSDのインストールFDを使用する場合はHDDから起動すること
Memory増設(2001/8/14)
32MB増設メモリ(純正)に増設
蓋閉じ時サスペンドのDisable(2001/8/14)
IBMサイトからuttpfdos.exeを取得
uttpfdos.exeを実行し解凍
システムファイル入りFDに解凍したファイル群をコピー
FDでMS-DOS起動
ps2 cover disable
LANカード接続(2001/8/14)
MELCO製LPC2-T(10M)を接続
FreeBSD 4.3Rインストール(2001/8/14)
kern.flp,mfsroot.flp,fdimage.exeを取得
fdimage kern.flp a: を実行
fdimage mfsroot.flp a: を実行
TP560をHDDから起動しOnTrackの指示でkern.flpのFDを起動
インストーラの指示に従いmfsroot.flpのFDに交換
Kernel Configuration Menu画面でSkip kernel configuration and continue with installationを選択
各画面で特に選択せず、デフォルトを選択
/stand/sysinstall Main Menu でStandardを選択
各画面で特に選択せず、デフォルトを選択
HDDの全容量をFreeBSDのPatitionに設定
Install Boot Manager for drive ad0?画面でNoneを選択
各画面で特に選択せず、デフォルトを選択
FreeBSD Disklabel Editor画面で
/ 256M
SWAP 128M
/var 256M
/usr 4096M
/home 14341M(残り全て)
Choose Installation Media画面でFTPを選択
Network interface information required画面でed1を選択
各画面で特に選択せず、デフォルトを選択
???画面でed1を設定
freebsd
local.masaji.org
192.168.1.1
192.168.1.250
192.168.1.249
各画面で特に選択せず、デフォルトを選択
???画面でpackageを表示せず
ファイルシステム修復(2003/07/21)
boot -s
fsck -y
portsを最新へ(2003/07/21)
cd /usr
fetch ftp://ftp.freebsd.org/pub/FreeBSD/branches/-current//ports.tar.gz
rm -r ports
tar zxvf ports.tar.gz
2003/7/27
cd /usr/share/examples/cvsup/
cp stable-supfile /usr/local/etc/
vi /usr/local/etc/stable-supfile
cvsup -g -L 2 /usr/local/etc/stable-supfile
cd /usr/obj
chflags -R noschg *
rm -rf *
cd /usr/src
make buildworld
make buildkernel
make installkernel
cd /usr/src/usr.sbin/mergemaster; make -m /usr/src/share/mk all install
mergemaster -p
vipw
↓
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/sbin/nologin
vi /etc/group
↓
sshd:*:22:
smmsp:*:25:
mailnull:*:26:
cd /usr/src
make installworld
===> usr.sbin/mergemaster
make: don't know how to make mergemaster.sh. Stop
*** Error code 2
cd release/sysinstall
make all install
mergemaster
fastboot
cd /usr/src
make clean
cd release/sysinstall
make clean
2003/7/29
cvsup -g -L 2 /usr/local/etc/stable-supfile
cd /usr/obj
chflags -R noschg *
rm -rf *
cd /usr/src
make buildworld
make buildkernel
make installkernel
make installworld
cd release/sysinstall
make all install
make clean
cd /usr/src
make clean
cd /usr/obj
chflags -R noschg *
rm -rf *
cp -Rp /etc /etc.old
/usr/sbin/mergemaster -svia
/usr/sbin/mergemaster -svir
再起動
2003/7/30
portupgrade -rf m4
---> Upgrading 'm4-1.4' to 'm4-1.4_1' (devel/m4)
portupgrade -rf autoconf
---> Upgrading 'autoconf-2.13' to 'autoconf-2.53_1' (devel/autoconf)
portupgrade -rf libtool
---> Upgrading 'libtool-1.3.4_2' to 'libtool-1.3.5_1' (devel/libtool13)
portupgrade -rf libiconv
---> Upgrading 'libiconv-1.8_2' to 'libiconv-1.9.1_1' (converters/libiconv)
2003/7/31
portupgrade -rf mm
---> Upgrading 'mm-1.2.1' to 'mm-1.3.0' (devel/mm)
2003/7/31
portupgrade -rf linux_base
---> Upgrading 'linux_base-6.1' to 'linux_base-7.1_5' (emulators/linux_base)
portsclean -vD
2003/8/2
touch /var/log/auth.log
2003/8/2
cd /etc
cp -p ttys ttys.org
vi ttys
ttyv3 "/usr/libexec/getty Pc" cons25 on secure
ttyv4 "/usr/libexec/getty Pc" cons25 on secure
ttyv5 "/usr/libexec/getty Pc" cons25 on secure
ttyv6 "/usr/libexec/getty Pc" cons25 on secure
ttyv7 "/usr/libexec/getty Pc" cons25 on secure
↓
#ttyv3 "/usr/libexec/getty Pc" cons25 on secure
#ttyv4 "/usr/libexec/getty Pc" cons25 on secure
#ttyv5 "/usr/libexec/getty Pc" cons25 on secure
#ttyv6 "/usr/libexec/getty Pc" cons25 on secure
#ttyv7 "/usr/libexec/getty Pc" cons25 on secure
再起動
2003/8/2
su
ssh-keygen -t dsa
chmod 600 ~/.ssh/id_dsa.pub
scp ~/.ssh/id_dsa.pub yahagi@tp560:.ssh/authorized_keys
2003/7/27
cd /usr/ports/net/cvsup
make clean
make
make install
cd /usr/share/examples/cvsup
cp ports-supfile /usr/local/etc/
vi /usr/local/etc/ports-supfile
*default host=CHANGE_THIS.FreeBSD.org
↓
*default host=csvup.jp.FreeBSD.org
rehash
cvsup -g usr/local/etc/ports-supfile
vi /etc/crontab
↓
0 6 * * 5 root /usr/local/bin/cvsup -g -L 2 /usr/local/etc/ports-supfile
cd /usr/ports/net/cvsup
make clean
設定(2001/8/15)
vi /etc/rc.conf で以下を追加
xntpd_enable="YES"
xntpd_program="ntpd"
xntpd_flags="-p /var/run/ntpd.pid
vi /etc/ntp.conf で新規作成
driftfile /etc/ntp.drift
server 192.168.1.250 version 3
/usr/sbin/ntpd -p /var/run/ntpd.pid で起動
ps -x | grep ntpd で確認
ntpq -p で確認
設定(2001/8/15)
vi /etc/rc.conf で以下を追加
named_enable="YES"
named_program="named"
named_flags="-u bind -g bind"
cd /etc/namedb
mv named.conf named.conf.org
cp named.conf.org named.conf
vi named.conf で修正
cp PROTO.localhost.rev localhost.rev
vi localhost.rev で修正
mkdir /etc/namedb/s
chown bind.bind /etc/namedb/s
chmod 750 /etc/namedb/s
named -u bind -g bind
vi /etc/resolv.conf で修正
cat /etc/host.conf で以下を確認
hosts
bind
tail /var/log/messages で確認
nslookup で確認
設定(2001/8/15)
vi /etc/aliases
newaliases
pop環境構築(2003/07/21)
cd /usr/ports/mail/popper
make
make install
vi /etc/inetd.conf
#pop3 stream tcp nowait root /usr/local/libexec/popper popper
↓
pop3 stream tcp nowait root /usr/local/libexec/popper popper -s
vi /etc/syslog.conf
↓
!popper
*.* /var/log/popper.log
touch /var/log/popper.log
kill -HUP <inetd>
kill -HUP <syslogd>
popauth -init
popauth -user <user>
2003/7/30
portupgrade -rf qpopper
---> Upgrading 'qpopper-2.53_1' to 'qpopper-2.53_4' (mail/popper)
WWW Server環境構築(2003/07/21)
portsを最新へ
cd /usr/ports/www/apache13-modssl
make
apache_1.3.27.tar.gz
mod_ssl-2.8.14-1.3.27.tar.gz
mm-1.2.1.tar.gz
openssl-0.9.7b.tar.gz
+---------------------------------------------------------------------+
| Before you install the package you now should prepare the SSL |
| certificate system by running the 'make certificate' command. |
| For different situations the following variants are provided: |
| |
| % make certificate TYPE=dummy (dummy self-signed Snake Oil cert) |
| % make certificate TYPE=test (test cert signed by Snake Oil CA) |
| % make certificate TYPE=custom (custom cert signed by own CA) |
| % make certificate TYPE=existing (existing cert) |
| CRT=/path/to/your.crt [KEY=/path/to/your.key] |
| |
| Use TYPE=dummy when you're a vendor package maintainer, |
| the TYPE=test when you're an admin but want to do tests only, |
| the TYPE=custom when you're an admin willing to run a real server |
| and TYPE=existing when you're an admin who upgrades a server. |
| (The default is TYPE=test) |
| |
| Additionally add ALGO=RSA (default) or ALGO=DSA to select |
| the signature algorithm used for the generated certificate. |
| |
| Use 'make certificate VIEW=1' to display the generated data. |
| |
| Thanks for using Apache & mod_ssl. Ralf S. Engelschall |
| rse@engelschall.com |
| www.engelschall.com |
+---------------------------------------------------------------------+
<=== src
===> Creating Dummy Certificate for Server (SnakeOil)
[use 'make certificate' to create a real one]
make certificate TYPE=custom
Signature Algorithm ((R)SA or (D)SA) [R]:
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Kanagawa
3. Locality Name (eg, city) [Snake Town]:Kamakura
4. Organization Name (eg, company) [Snake Oil, Ltd]:Private
5. Organizational Unit Name (eg, section) [Certificate Authority]:
6. Common Name (eg, CA name) [Snake Oil CA]:Yahagi Masaji
7. Email Address (eg, name@FQDN) [ca@snakeoil.dom]:masaji@yahagi.info
8. Certificate Validity (days) [365]:
Certificate Version (1 or 3) [3]:
1. Country Name (2 letter code) [XY]:JP
2. State or Province Name (full name) [Snake Desert]:Kanagawa
3. Locality Name (eg, city) [Snake Town]:Kamakura
4. Organization Name (eg, company) [Snake Oil, Ltd]:Private
5. Organizational Unit Name (eg, section) [Webserver Team]:
6. Common Name (eg, FQDN) [www.snakeoil.dom]:www.yahagi.info
7. Email Address (eg, name@fqdn) [www@snakeoil.dom]:masaji@yahagi.inf
o
8. Certificate Validity (days) [365]:
Certificate Version (1 or 3) [3]:
Encrypt the private key now? [Y/n]:
Enter PEM pass phrase: <password>
Verifying - Enter PEM pass phrase: <password>
Encrypt the private key now? [Y/n]:
Enter PEM pass phrase: <password>
Verifying - Enter PEM pass phrase: <password>
o conf/ssl.key/server.key
o conf/ssl.crt/server.crt
o conf/ssl.csr/server.csr
make install
cd /usr/local/etc/apache/ssl.key
openssl rsa < server.key > server.key.out
mv server.key server.key.orig
mv server.key.out server.key
/usr/local/etc/rc.d/apache.sh start
make clean
2003/7/31
portupgrade -rf apache
---> Upgrading 'apache+mod_ssl-1.3.27+2.8.14' to 'apache+mod_ssl-1.3.28+2.8.15'/usr/local/etc/rc.d/apache.sh stop
/usr/local/etc/rc.d/apache.sh start
2003/8/2
cd /usr/ports/japanese/samba
make
[X] syslog With syslog support
[X] recycle With Recycle Bin
make install
cd /usr/local/etc/rc.d
cp -p samba.sh.sample samba.sh
cd /usr/local/etc
cp smb.conf.default smb.conf
ee smb.conf
coding system = EUC
workgroup = SAMBA
; recycle bin = .recycle
↓
coding system = CAP
workgroup = YAHAGI
recycle bin = .recycle
/usr/local/bin/testparm
vi /etc/inetd.conf
#swat stream tcp nowait/400 root /usr/local/sbin/swat swat
↓
swat stream tcp nowait/400 root /usr/local/sbin/swat swat
kill -HUP (inetd)
/usr/local/bin/smbpasswd -a <ユーザー名>
/usr/local/etc/rc.d/samba.sh start
リモートバックアップ設定(2001/9/16)
vi /etc/inetd.conf でshellを有効にする
kill -HUP {inetd.pid}
(rsync-2.4.6_2インストール)
cd /usr/ports/net/rsync
make
make install
Note that rsync now uses SSH as the transport by default.
接続するユーザになる
ssh-keygen
パスフレーズはxxxxxxxx
tp560で以下の操作
su
ssh-keygen
パスフレーズはxxxxxxxx
scp ~/.ssh/identity.pub ユーザ名@freebsd:.ssh/authorized_keys
chmod 600 ~ユーザ名/.ssh/authorized_keys
tp560で以下の操作
vi /root/backup
rsync -azuv -e ssh ユーザ名@freebsd:/home/download/ /home/download/
rsync -azuv -e ssh --delete ユーザ名@freebsd:/home/yahagi/ /home/freebsd/yahagi/
chmod +x /root/backup
mkdir /home/freebsd
/root/backup
vi /etc/crontab
00 6 * * 6 root /root/backup
2003/7/30
portupgrade -rf rsync
---> Upgrading 'rsync-2.4.6_2' to 'rsync-2.5.6_1' (net/rsync)
2003/8/2
cd /root
vi rsync.exclude1
vi backup
rm -r /home/tp560/yahagi
snmp設定(2003/04/06)
cd /usr/ports/net/net-snmp
make
System Contact Information (root@local.masaji.org):
System Location (Unknown):
Location to write logfile (/var/log/snmpd.log):
Location to write persistent information (/var/ucd-snmp):
make install
cd /usr/local/share/examples/ucd-snmp
cp ./EXAMPLE.conf /usr/local/share/snmp/snmpd.conf
cd /usr/local/share/snmp
vi snmpd.conf
/usr/local/etc/rc.d/snmpd.sh start
/usr/local/bin/snmpwalk -v 1 -c public 192.168.1.249 system
2003/7/30
portupgrade -rf ucd-snmp
---> Upgrading 'ucd-snmp-4.2' to 'net-snmp-5.0.8_1' (net/net-snmp)
vi /usr/local/share/snmp/snmpd.conf
syscontact Me <me@somewhere.org>
↓
#syscontact Me <me@somewhere.org>
syscontact Yahagi <masaji@yahagi.info>
vi /etc/rc.conf
↓
net_snmpd_enable="YES"
/usr/local/etc/rc.d/snmpd.sh stop
/usr/local/etc/rc.d/snmpd.sh start
/usr/local/bin/snmpwalk -v 1 -c public 192.168.1.249 system
2003/7/29
cd /usr/ports/sysutils/portupgrade
make clean
make install
make clean
rehash
/usr/local/sbin/portsdb -Uu
/usr/local/sbin/portversion -v -L '='
2003/8/1
vi /root/chk_ports
#!/bin/csh
/usr/local/bin/cvsup -g -L 2 /usr/local/etc/ports-supfile >& /var/log/portupgrade_daily.log
/usr/local/sbin/portsdb -Uu >>& /var/log/portupgrade_daily.log
/usr/local/sbin/portversion -v -L '='
chmod ugo+x /root/chk_ports
vi /etc/crontab
0 6 * * 5 root /usr/local/bin/cvsup -g -L 2 /usr/local/etc/ports-supfile
↓
0 6 * * 5 root /usr/local/bin/chk_ports