[root@www12123u ~]# free total used free shared buffers cached Mem: 510540 164284 346256 0 21580 116556 -/+ buffers/cache: 26148 484392 Swap: 2048276 0 2048276
# passwd
# yum upgrade
# useradd tanaka
# passwd tanaka
tanaka ALL=(ALL) NOPASSWD:ALL
# su tanaka $ cd /home/tanaka $ mkdir .ssh $ chmod 700 .ssh $ vi .ssh/authorized_keys $ (ターミナルなどから公開鍵をはりつける) $ chmod 600 .ssh/authorized_keys
Port 10100 PermitRootLogin no PasswordAuthentication no UsePAM no
# /etc/init.d/sshd restart
*filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 10100 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT
# /etc/init.d/iptables restart
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere icmp any ACCEPT esp -- anywhere anywhere ACCEPT ah -- anywhere anywhere ACCEPT udp -- anywhere 224.0.0.251 udp dpt:mdns ACCEPT udp -- anywhere anywhere udp dpt:ipp ACCEPT tcp -- anywhere anywhere tcp dpt:ipp ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:10100 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
yum install vim-enhanced
# rpm -ivh http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm # rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm # yum --enablerepo=remi,eplp install mysql-server
# chkconfig mysqld on
# mysqladmin -uroot password
# sh jdk-6u29-linux-i586-rpm.bin
# yum remove sendmail
# yum install postfix
myhostname = mail.example.com mydomain = example.com inet_interface = all mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain home_mailbox = Maildir/ smtpd_banner = $myhostname ESMTP unknown smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination message_size_limit = 10485760
# /etc/init.d/saslauthd start # chkconfig saslauthd on
# /etc/init.d/postfix start # chkconfig postfix on
/etc/aliasesを編集し、正しく転送されればOK。編集後newaliasesを実行しないと反映されないかも。
# SSLを有効化 ssl_disable = no # Maildir形式を使う mail_location = maildir:~/Maildir # 認証方法をcram-md5に変更 auth default { mechanisms = cram-md5 passdb passwd-file { args = /etc/cram-md5.pwd } }
# touch /etc/cram-md5.pwd # chmod 0600 /etc/cram-md5.pwd
# /usr/sbin/dovecotpw
username:passwordhash
# /etc/init.d/dovecot restart
# cd /etc/pki/tls/certs/ # cp ca-bundle.crt ca-bundle.crt.bak # curl http://curl.haxx.se/ca/cacert.pem -o ca-bundle.crt
# yum install zlib-devel openssl-devel readline-devel
Building native extensions. This could take a while... ERROR: Error installing sqlite3: ERROR: Failed to build gem native extension.