4.8 Installing Notes (New)

FreeBSD installation notes ============= Initial installation

Skip kernel configuration Quick installation Exp ... (Quick Install)

18g hard disk distribution example

/ 3.0g / home 3.0g / usr 6.0g / var 1.6GSWAP 2.0G / TMP 1.4G

36G

/ 8

/ home 5

/ usr 12

/ VAR 4

/ TMP 4

SWAP 2

Installing Ports If you need to compile the kernel, install the SRC to install Bash2 New WHEEL group user shell path / usr / local / bin / bash ============== Modify shell / etc / profile vi / etc Add to PROFILE

PS1 = "[/ u @ / h / w] // $" INPUTRC = / etc / inputrclang = ko_kr.euc

Export ps1 inputrc lang ============== Color shell installation / USR / ports / Misc / gnuls make install

After installation, set / etc / profilealias ls = "gnuls --color" =================== prOFTPD problem

There are two solutions: 1. Since we need / var / run / proFTPD, we create a good manual. Tested, success; 2. Modify /usr/local/etc/proftpd.conf file, add a line:

ScoreboardFile /var/run/proftpd/proftpd.scoreboard -----------proftpd proBLEM

Sendmail_enable = "no" problem: Whenever the user logs in PROFTPD through the FTP, the following Message appears. NOV 11 20:15:31 Users Proftpd [14668]: No Modules Loaded for `ftpd 'Service NOV 11 20:15:31 Users / kernel: NOV 11 20:15:31 Users Proftpd [14668]: No Modules Loaded for `ftpd 'Service processing: As long as you ProftPD setting file (USR / local / etc / proFTPD. CONF) plus a line. Authpamauthoritative Off -----------

If someone will appear after the line: PrOFTPD: no modules loaded for `ftpd 'service ---------- If you are using FreeBSD 4.x, you need to" # Same in /etc/pam.conf "# same Requirement for ftpd as login "Plus FTPD Account Required Pam_Unix.so try_first_passftpd session request pam_permit.so

The whole "# Same requirement for ftpd as login" looks like this: # Same requirement for ftpd as loginftpd auth sufficient pam_skey.softpd auth sufficient pam_opie.so no_fake_prompts # ftpd auth requisite pam_opieaccess.softpd auth requisite pam_cleartext_pass_ok.so # ftpd auth sufficient pam_kerberosIV.so try_first_pass # ftpd auth sufficient pam_krb5.so try_first_passftpd auth required pam_unix.so try_first_passftpd account required pam_unix.so try_first_passftpd session required pam_permit.so [root @ test root] # useradd -g badbird -m -s / bin / false nogoodbird # Establish this Nogoodbird because there is no shell, it is not SSH but can be ftp!

Establish /Home/ftp/welcome.msg file, the variables that can be used are as follows: from the% R connection upper limit:% M people, current:% N-person% L FTP server name% c Current FTP directory name % F Current Space Size% of the Directory Segmentation Region The time% of the time% e-mail account of the EFTP server manager E-mail account, the same group, can allow up to several users to log in% R users The name of the host's name% u Login User Name% U Vertical Name% NG Name of the RFC931 is verified by the same group, the number of users currently logged in

-------------------------------------------------- ------------------------------

How to use the user to log in to display the FTP server version information to enhance security?

Add the following in Proftpd.conf:

ServerIdent Off

============== Go to this directory / usr / src / sys / i386 / conf found generic file make installkernel kernconf = generic can use this setup file with its own kernel file, put it in the directory , Then follow this operation # cd / usr / src # make buildkernel kernconf = mykernel # make installkernel kernconf = mykernel

First Make Buildkernel, then make Insallkernel.

View CPU State Dmesg | Grep -i CPU View CPU Status ============== Add New Hard Disk FDKSI Lable # Device MountPoint FStype Options Dump Pass # / dev / da0s1b None Swap SW 0 0 / DEV / DA0S1A / UFS RW 1 1 / dev / da0s1e / home ufs rw 2 2 / dev / da0s1h / TMP UFS RW 2 2 / DEV / DA0S1F ​​/ USR UFS RW 2 2 / DEV / DA0S1G / VAR UFS RW 2 2 / DEV / ACD0C / CDROM CD9660 RO, NOAUTO 0 0 0 / DEV / DA1S1E / OURSERVER UFS RW 2 2 // NewProc / Proc Procs RW 0 0 ============== Apache MySQL PHP === =========== mysql installation 5.0./script/mysql_install_db # pw groupadd mysql # pw useradd mysql -g mysql -s / nonexitchown -r root / usr / local / mysqlchown -r mysql / USR / local / mysql. / bin / safe_mysql &. / bin / mysqladmin -u root password 'ppp' ============== / usr / local / etc / rc.d self-start file .sh ============== apache configuration 2.0.48 // xxx ///./ Configure --Prefix = / www --with-mysql = / usr / local / mysql - -enable-shared = max --enable-module = so by configuration statements ./configure --prefix = / www --enable-so by @@@@@@@@@@@@@@@@@@@ @

(1) Find the #Listen 12.34.56.78:80, change the content below to listen 202.4.142.209:80 # i 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址 地址.so line, add addtype application / x-httpd-php .php address / x-httpd-php .php3 addtype application / x-httpd-php .phtml addtype application .phps ( 3) Find serveradmin You@your.address, change the content to ServerAdmin Tahaomei@163.com # your email address. (4) Find DocumentRoot "/ usr / local / apache / htdocs", change the content to DocumentRoot "/ usr / home / peng / web" # 地址 您 内容 您 网 内容. (5) Find DirectoryIndex index.html index.html.var, will change the contents of the line to find AddDefaultCharset DirectoryIndex index.html index.html.var index.php index.php3 index.phtml index.htm (6) ISO-8859- 1. Change the content to AddDefaultCharset GB2312 to exit after saving, to this first configuration Apache method, you can access your website address through IP, you can also apply for an international domain name, such as what I applied for Www.dragonson.org, using the DNS server provided by Wan Web to resolve the domain name www.dragonson.org to my IP 202.4.142.209, you can access me via www.dragonson.org. Website.

============== Let's introduce the second configuration method, now I want www.dragonson.org this domain name to point to my homepage, and use BBS.DRAGONSON.ORG this Domain name to point to my discuz forum, to perform the following command: www # vi /usr/local/apache/conf/httpd.conf (1) Find #Listen 12.34.56.78:80 line, modify the content below this line to Listen 202.4.142.209:80 # here for your server IP address #Listen [::]: 80 (2) Find loadmodule php4_module modules / libphp4.so line, add addtype application / x-httpd-php .php addtype Application / X-httpd-php .php3 addtype application / x-httpd-php .phtml addtype application / x-httpd-php-source .phps This can support PHP scripts (3) Find serveRadmin You@your.address, in this The top of the line is added #, logouts the row content (4) Find DocumentRoot "/ usr / local / apache / htdocs", adding a # in front of the line to log out of the line content (5) Find DirectoryIndex INDEX.html Index.html. VAR, change the content to DirectoryIndex index.html index.html.var index.php index.php3 index.phtml index.htm (6) Find addDefaultcharset ISO-8859-1, change the content to AddDefaultCharset GB2312 (7 Find #namevirtualhost *, change the content to NamevirtualHost 202.4.142.209 # My server IP address (8) Find # # Serveradmin webmaster@dummy-host.example.com # Document / WWW / DOCS / DUMMY -host.example.com # ServerName D ummy-host.example.com # ErrorLog logs / dummy-host.example.com-error_log # CustomLog logs / dummy-host.example.com-access_log common # add the following in the following: # <> IP is the server IP serveradmin Tahaomei@163.com # administrator mailbox DocumentRoot / usr / home / peng / web # 网 首 网 网站 网站 网站 网站 网站 网站 网站 网站 网站 网站 网站 网站 网站......... Dragonson.org-error_log # 网 网站 网站 错 网站 Customlog logs / www.dragonson.org-access_log common

# <> ip for server IP serveradmin Tahaomei@163.com # Administrator mailbox DocumentRoot / usr / home / peng / web / discuz #discuz Forum Address ServerName Bbs.dragonson.org #discuz Forum Domain Name ErrorLog Logs / Bbs.dragonson.org-Error_log #discuz Forum error log CustomLog logs / bbs.dragonson.org-access_log common ============== Compile PHP 4.3 .2 / xxx. / Configure --prefix = / usr / local / php4 --with-mysql = / usr / local / mysql --with-apxs2 = / www / bin / apxs / xxx. / Configure --with- MySQL --WITH-APACHE2 = / www --enable-mbstring --enable-mbstr-enc-trans --Nable-MBRegex configuration statement ./configure --with-mysql = / usr / local / mysql --with-apxs2 = / WWW / BIN / APXS --ENABLE-TRACK-VARS --ENABLE-FORCE-CGI-REDIRECT --ENABLE-PIC --NABLE-INLINE-OPTITION --NABLE-MEMORY-LIMIT --ENABLE-BCMATH --ENABLE -shmop --enable-versioning --enable-calendar --enable-dbx --enable-dimle-mcal -with-config-file-path = / www / conf --with-gd = / usr / Local / gd --enable-sockets --with-jpeg-dir = / usr / local / jpeg-6b --with-png-dir = / usr / local / libpng copy configuration file CP php.ini-dist / www / Conf / php.i ni

Full statement ./configure --prefix = / usr / local / php --with-apxs2 = / usr / local / apache / bin / apxs --with-mysql = / usr / local / mysql --enable-track-vars --with-config-file-path = / usr / local / lib --with-gd = / {$ prefix} # GD2.0 installation path --Nable-gd-native-ttf --Nable-GD-JIS -conv --with-freype-dir = / usr / local / freetype --with-jpeg-dir = / usr / local / jpeg-6b --with-png-dir = / usr / local / libpng --with- XPM-DIR = / usr / local / xpm / lib --with-curl = / usr / local / curl --with-zlib --Nable-XML --Nable-DBA --Nable-DBase --Nable-FilePro - -ENABLE-FTP --ENABLE-VERSIONING --ENABLE-MEMORY-LIMIT --ENABLE-CALENDAR --ENABLE-SESSION ABLE-SOCKETS --NABLE-SYSVSEM --ENABLE-SYSVSHM --ENABLE-TOKENIZER --ENABLE- OVERLOAD --WITH-INIFILE --WITH-HYPERWAVE --NABLE-CTYPE --WITHSSSL = / USR

We continue to configure the PHP.INI file, perform the following command: www # vi /usr/local/apache/conf/php.ini (1) Find max_execution_time = 30, change to max_execution_time = 600 (2) Find MAX_INPUT_TIME = 60 change the look to max_input_time = 600 (3) memory_limit = 8M, change the look display_errors = On is memory_limit = 20M (4), to change the look register_globals = Off to display_errors = Off (5), changes to register_globals = On (6) Find post_max_size = 8m, change to post_max_size = 20m (7) Find UPLOAD_MAX_FILESIZE = 2M, change to UPLOAD_MAX_FILESIZE = 20M (8) Find session.auto_start = 0, change to session.auto_start = 1 Execute: wq! Command After saving, exiting, thus completing The configuration of the PHP.INI file. ============== Let Apache MySQL automatically run the server when it is restarted, in order to avoid the trouble of manually starting Apache, MySQL service after booting, we best let us Apache, the mysql service is automatically started after booting. Perform the following command: First, generate an Apache service startup script: www # cd/usr/local/etc/rc.d WWW # vi apache.sh Add: / usr / local / apache / bin / apachectl start & execution: WQ After the command saves, exits, and execute the following command: WWW # chmod 777 apache.sh Next, generate a MySQL service startup script: www # vi mysql.sh Add: / usr / local / mysql / bin / mysqld_safe & execution: WQ After the command saves, exits, and execute the following command: www # chmod 777 mysql.sh Now this restart machine is automatically launched, the execution command is as follows from WWW # Shutdown -R Now, the machine is restarted, Continue to log in to the server remotely via SSH client software. At this time, Apache, MySQL should be started, let's take these, continue the installation process of Zendoptimizer. ============== Zendoptimizer installation Zendoptimizer enables the execution speed of the PHP program by optimizing the PHP code, in general, executing the PHP program using Zendoptimizer is 50% to 100 faster than not using %. The Zendoptimizer program is free, you can download the official website www.zend.com.

Below is the two download addresses I have. Official website Download: http://www.zend.com/store/getfreefile.php? PID = 13 & zbid = 547 My Site Download: http://www.dragonson.org/soft/zedoptimizer-2 [1] .1.0 B-freebsd4.0-i386.tar.gz download After Upload to / usr / peng / src directory by CUTEFTP, execute the following command, the following installation interface: WWW # CD / usr / home / peng / src www # Tar -zvxf Zendoptimizer-2 [1] .1.0b-freebsd4.0-i386.tar.gz WWW # cd ZendOptimizer-2.1.0b-freebsd4.0-i386 www # sh ./install.sh Select Zend's installation path, Fill in / usr / local / zend, press the TAB button to continue, the following window will appear: Determine the PHP.INI file location, fill in / usr / local / apache / conf, press the Tab button to select OK to continue, see the picture below Are we an Apache server, choose Yes, will appear as follows us to specify the bin directory of Apache, enter / usr / local / apache / bin, press the Tab button to select OK, after the way OK, OK, very smooth, the installation process ends The Apache service will be restarted. Now let's take a look at how our server is configured? Perform the following command: www # cd / usr / home / peng / web www # vi info.php Enter the following: Press: WQ! Save Exit. Enter http://www.dragonson.org/info.dragonson.org/info.php in the IE browser, you can see the detailed configuration information of the server, where there is a sign of the Zend installation success ============ == Ultra-thread puts the ## in front of the HTT in the kernel, it is OK!

/etc/rc.conf sendmail_enable = "none"

options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPDIVERT # IPDIVERT enables the divert IP sockets, used by '' ipfw divert '' options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT = 30

#oPtions ipfilter #ipfilter support #options ipfilter_log #ipfilter logging

# Traffic shaper, bandwidth manager and delay emulator options DUMMYNET # enables the "dummynet" bandwidth limiter. You need IPFIREWALL as well. # Statically Link in accept filters for a web server on this box options ACCEPT_FILTER_DATA options ACCEPT_FILTER_HTTP options ICMP_BANDLIM # DOS protection options IPSTEALTH # T hide firewall from traceroute options tcp_drop_synfin #to hide from nmap OS FingerPrint, Remove if create Web Serverssh UserName @ ip to log in. If you are directly ssh ip, he uses the user name you use now to log in. . This is the trusted host. It is possible to put the PU key generated by the SSH, add it to the trust password table of the machine to access.