cat /etc/redhat-release Scientific Linux release 6.1 (Carbon)
ID関連
一般ユーザーを作って、sshを使ったrootログインを制限して、suできるユーザーを限定する。useradd hoge passwd hoge usermod -G wheel hoge
vi /etc/ssh/sshd_config
Port 2022 Protocol 2 SyslogFacility AUTHPRIV PermitRootLogin no PasswordAuthentication yes PermitEmptyPasswords no ChallengeResponseAuthentication no UsePAM yes Subsystem sftp /usr/libexec/openssh/sftp-server
service sshd restart
vi /etc/pam.d/su
#%PAM-1.0 auth sufficient pam_rootok.so # Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. auth required pam_wheel.so use_uid auth include system-auth account sufficient pam_succeed_if.so uid = 0 use_uid quiet account include system-auth password include system-auth session include system-auth session optional pam_xauth.soついでにロケールを変更。
vi /etc/sysconfig/i18n
LANG="ja_JP.UTF-8" SYSFONT="latarcyrheb-sun16"
IPv6関連
IPv6が有効になっているかを確認。
ifconfig -a
eth0 Link encap:Ethernet HWaddr 52:54:01:00:62:10
inet addr:49.212.122.248 Bcast:49.212.123.255 Mask:255.255.254.0
inet6 addr: fe80::5054:1ff:fe00:6210/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
IPv6を無効にする。
echo 'options ipv6 disable=1' >/etc/modprobe.d/disable-ipv6.conf chkconfig ip6tables off reboot
APIPA関連
APIPAが有効になっているかを確認する。netstat -nr Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 49.212.122.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 49.212.122.1 0.0.0.0 UG 0 0 0 eth0netowkを編集して無効にする。
vi /etc/sysconfig/network
NETWORKING=yes HOSTNAME=www6210ua.sakura.ne.jp GATEWAY=49.212.122.1 NOZEROCONF=yes
service network restart
LVM関連
参考サイト:さくらVPSでLVMを設定したときのメモ - atsuoishimotoの日記
fdisk /dev/sdb
Command (m for help): d
Command (m for help): n
Command action
e extended
p primary partition (1-4)
p
Partition number (1-4): 1
First cylinder (1-1305, default 1):
Using default value 1
Last cylinder, +cylinders or +size{K,M,G} (1-1305, default 1305):
Using default value 1305
Command (m for help): t
Selected partition 1
Hex code (type L to list codes): 8e
Changed system type of partition 1 to 8e (Linux LVM)
Command (m for help): w
The partition table has been altered!
Calling ioctl() to re-read partition table.
Syncing disks.
pvcreate /dev/sdb1
Physical volume "/dev/sdb1" successfully created
pvdisplay
--- Physical volume ---
PV Name /dev/sda2
VG Name vg_www6236ua
PV Size 19.51 GiB / not usable 3.00 MiB
Allocatable yes (but full)
PE Size 4.00 MiB
Total PE 4994
Free PE 0
Allocated PE 4994
PV UUID E22AWa-Eefq-cGvc-LnLs-MX2r-T5oz-Wsy4pe
"/dev/sdb1" is a new physical volume of "10.00 GiB"
--- NEW Physical volume ---
PV Name /dev/sdb1
VG Name
PV Size 10.00 GiB
Allocatable NO
PE Size 0
Total PE 0
Free PE 0
Allocated PE 0
PV UUID E2ioWo-3ZtS-7qjp-twD0-TyA3-RUyw-FMlQfp
vgextend vg_www6236ua /dev/sdb1
Volume group "vg_www6236ua" successfully extended
vgdisplay
--- Volume group ---
VG Name vg_www6236ua
System ID
Format lvm2
Metadata Areas 2
Metadata Sequence No 4
VG Access read/write
VG Status resizable
MAX LV 0
Cur LV 2
Open LV 2
Max PV 0
Cur PV 2
Act PV 2
VG Size 29.50 GiB
PE Size 4.00 MiB
Total PE 7552
Alloc PE / Size 4994 / 19.51 GiB
Free PE / Size 2558 / 9.99 GiB
VG UUID pdc02d-11ZN-HK8h-kIPO-MFc7-GEDf-RjIjj9
df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/vg_www6236ua-lv_root
18102140 1324384 15858204 8% /
tmpfs 510348 0 510348 0% /dev/shm
/dev/sda1 495844 31655 438589 7% /boot
lvextend -l +2558 /dev/mapper/vg_www6236ua-lv_root
Extending logical volume lv_root to 27.53 GiB
Logical volume lv_root successfully resized
lvdisplay
--- Logical volume ---
LV Name /dev/vg_www6236ua/lv_root
VG Name vg_www6236ua
LV UUID aOZdia-VtQD-t533-0aaN-xefU-gZCi-2TO1eb
LV Write Access read/write
LV Status available
# open 1
LV Size 27.53 GiB
Current LE 7048
Segments 2
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:0
--- Logical volume ---
LV Name /dev/vg_www6236ua/lv_swap
VG Name vg_www6236ua
LV UUID Ee5ZOA-i3BQ-sfjn-Imwm-PDZg-nfPS-JVsfig
LV Write Access read/write
LV Status available
# open 1
LV Size 1.97 GiB
Current LE 504
Segments 1
Allocation inherit
Read ahead sectors auto
- currently set to 256
Block device 253:1
resize2fs /dev/mapper/vg_www6236ua-lv_root
resize2fs 1.41.12 (17-May-2010)
Filesystem at /dev/mapper/vg_www6236ua-lv_root is mounted on /; on-line resizing required
old desc_blocks = 2, new_desc_blocks = 2
Performing an on-line resize of /dev/mapper/vg_www6236ua-lv_root to 7217152 (4k) blocks.
The filesystem on /dev/mapper/vg_www6236ua-lv_root is now 7217152 blocks long.
df -k
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/mapper/vg_www6236ua-lv_root
28415868 1324392 25652680 5% /
tmpfs 510348 0 510348 0% /dev/shm
/dev/sda1 495844 31655 438589 7% /boot
yumリポジトリ関連
yumのプラグインを追加。- yum-plugin-priorities: 外部リポジトリと混ぜて使用する際に標準リポジトリのバージョンを優先
yum install yum-plugin-prioritiessl.repoとsl-other.repoのプライオリティを1に設定し最優先にする。
cd /etc/yum.repos.d vi sl.repoそれぞれのセクションの最後に以下の行を追加
priority=1EPELをリポジトリに追加する。
yum install epel-releaseIUS Yumリポジトリを追加する
wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/6/x86_64/ius-release-1.0-8.ius.el6.noarch.rpm rpm -Uvh ius-release-1.0-8.ius.el6.noarch.rpm
もろもろ
fail2ban
logwatch
0 件のコメント:
コメントを投稿