document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-24 02:20:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #31 from LCTT/master

Browse Source 
Update repository
This commit is contained in:
joeren 2016-02-16 15:58:32 +08:00
commit bb7fdabf4e
4 changed files with 398 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
translated/tech/20151208 How to Install Bugzilla with Apache and SSL on FreeBSD 10.2.md → published/20151208 How to Install Bugzilla with Apache and SSL on FreeBSD 10.2.md
View File

@ -1,36 +1,37 @@
在FreeBSD 10.2上如何通过配置Apache和SSL安装Bugzilla
FreeBSD 10.2 上如何通过配置 Apache SSL 安装 Bugzilla
================================================================================
Bugzilla是一款bug跟踪系统和测试工具它基于web且开源由mozilla计划开发并由Mozilla公共许可证授权。它经常被一些高科技公司如mozilla、红帽公司和gnome使用。Bugzilla起初由Terry Weissman在1998年创立它用perl语言编写用MySQL作为后端数据库。它是一款旨在帮助管理软件开发的服务器软件它有丰富的功能、高优化度的数据库、卓越的安全性、高级的搜索工具、整合的邮件功能等等。
在本教程中我们将给web服务器安装 bugzilla 5.0 的apache并为它启用SSL然后安装 mysql 5.1 来作为 freebsd 10.2 的数据库系统。
Bugzilla 是一款开源的 Web 应用,用于 bug 跟踪系统和测试工具,由 mozilla 开发,并采用 Mozilla 公共许可证授权MPL。它经常被一些高科技公司如 mozilla、红帽公司和 gnome 使用。Bugzilla 起初由 Terry Weissman开发于1998年它用 perl 语言编写,用 MySQL 作为后端数据库。它是一款旨在帮助管理软件开发的服务器软件,它有丰富的功能、高度优化的数据库、卓越的安全性、高级的搜索工具、集成了邮件功能等等。
在本教程中,我们将安装 bugzilla 5.0 ,采用 apache 作为 Web 服务器,并为它启用 SSL然后在 freebsd 10.2 上安装 mysql 5.1 来作为数据库系统。
#### 准备 ####
FreeBSD 10.2 - 64位
Root权限
- FreeBSD 10.2 - 64位
- Root 权限
### 第一步 - 更新系统 ###
ssl登录freebsd服务器并更新库:
ssh 登录 freebsd 服务器,并更新软件库:
sudo su
freebsd-update fetch
freebsd-update install
### 第二步 - 安装并配置Apache ###
### 第二步 - 安装并配置 Apache ###
在这一步我们将使用pkg命令从freebsd库中安装apache然后在apache24目录下编辑"httpd.conf"文件启用SSL和CGI支持来配置apache
在这一步我们将使用 pkg 命令从 freebsd 软件库中安装 apache然后在 apache24 目录下编辑 "httpd.conf" 文件,来配置 apache 以启用 SSL CGI 支持。
用pkg命令安装apache
pkg 命令安装 apache
pkg install apache24
进入apache目录并用nano编辑器编辑"httpd.conf"文件:
进入 apache 目录并用 nano 编辑器编辑"httpd.conf"文件:
cd /usr/local/etc/apache24
nano -c httpd.conf
反注释掉下面列出的行
取消下面列出行的注释
#第70行
LoadModule authn_socache_module libexec/apache24/mod_authn_socache.so
@ -55,11 +56,11 @@ Bugzilla是一款bug跟踪系统和测试工具它基于web且开源由moz
保存并退出。
接着我们需要从freebsd库中安装mod perl并启用它
接着,我们需要从 freebsd 库中安装 mod perl并启用它
pkg install ap24-mod_perl2
启用mod_perl编辑"httpd.conf"文件并添加"Loadmodule"行:
启用 mod_perl编辑"httpd.conf"文件并添加"Loadmodule"行:
nano -c httpd.conf
@ -70,20 +71,20 @@ Bugzilla是一款bug跟踪系统和测试工具它基于web且开源由moz
保存并退出。
在启用apache之前用sysrc命令添加以下行作为开机启动项
在启用 apache 之前,用 sysrc 命令添加以下行作为开机启动项:
sysrc apache24_enable=yes
service apache24 start
### 第三步 - 安装并配置MySQL数据库 ###
### 第三步 - 安装并配置 MySQL 数据库 ###
我们要用mysql 5.1来作为后端数据库并且支持perl模块。用pkg命令安装mysql 5.1
我们要用 mysql 5.1 来作为后端数据库并且支持 perl 模块。用 pkg 命令安装 mysql 5.1
pkg install p5-DBD-mysql51 mysql51-server mysql51-client
现在我们要添加mysql服务到开机启动然后为mysql配置root密码。
现在我们要将 mysql 服务设置为开机启动,然后为 mysql 配置 root 密码。
运行以下命令来完成所有操作:
运行以下命令来完成上述所有操作:
sysrc mysql_enable=yes
service mysql-server start
@ -91,13 +92,13 @@ Bugzilla是一款bug跟踪系统和测试工具它基于web且开源由moz
注意:
这里mysql密码为aqwe123
这里 mysql 密码为aqwe123
![Configure MySQL Password](http://blog.linoxide.com/wp-content/uploads/2015/12/Configure-MySQL-Password.png)
以上步骤都完成之后我们用root登录mysql shell然后为bugzilla安装创建一个新的数据库和用户。
以上步骤都完成之后,我们用 root 登录 mysql shell然后为 bugzilla 安装创建一个新的数据库和用户。
用以下命令登录mysql shell
用以下命令登录 mysql shell
mysql -u root -p
password: aqwe123
@ -112,32 +113,32 @@ Bugzilla是一款bug跟踪系统和测试工具它基于web且开源由moz
![Creating Database for Bugzilla](http://blog.linoxide.com/wp-content/uploads/2015/12/Creating-Database-for-Bugzilla.png)
bugzilla的数据库创建好了名字为"bugzilladb",用户名和密码分别为"bugzillauser"和"bugzillauser@"。
bugzilla 的数据库创建好了,名字为"bugzilladb",用户名和密码分别为"bugzillauser"和"bugzillauser@"。
### 第四步 - 生成新的SSL证书 ###
### 第四步 - 生成新的 SSL 证书 ###
在bugzilla站点的"ssl"目录里生成新的自签名SSL证书。
bugzilla 站点的 "ssl" 目录里生成新的自签名 SSL 证书。
前往apache24目录并在此创建新目录"ssl"
前往 apache24 目录并在此创建新目录 "ssl"
cd /usr/local/etc/apache24/
mkdir ssl; cd ssl
接着用openssl命令生成证书文件然后更改其权限
接着,用 openssl 命令生成证书文件,然后更改其权限:
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /usr/local/etc/apache24/ssl/bugzilla.key -out /usr/local/etc/apache24/ssl/bugzilla.crt
chmod 600 *
### 第五步 - 配置虚拟主机 ###
我们将在"/usr/local/www/bugzilla"目录里安装bugzilla所以我们必须为它创建新的虚拟主机配置。
我们将在 "/usr/local/www/bugzilla" 目录里安装 bugzilla所以我们必须为它创建新的虚拟主机配置。
前往apache目录并为虚拟主机文件创建名为"vhost"的新目录:
前往 apache 目录并为虚拟主机文件创建名为 "vhost" 的新目录:
cd /usr/local/etc/apache24/
mkdir vhost; cd vhost
现在为虚拟主机文件创建新文件"bugzilla.conf"
现在为虚拟主机文件创建新文件 "bugzilla.conf"
nano -c bugzilla.conf
@ -173,9 +174,9 @@ bugzilla的数据库创建好了名字为"bugzilladb",用户名和密码分
保存并退出。
上述都完成之后,为bugzilla安装创建新目录并通过添加虚拟主机配置至httpd.conf文件来启用bugzilla虚拟主机。
上述都完成之后,为 bugzilla 安装创建新目录,并在 httpd.conf 文件添加虚拟主机配置来启用 bugzilla虚拟主机。
在"apache24"目录下运行以下命令:
"apache24" 目录下运行以下命令:
mkdir -p /usr/local/www/bugzilla
cd /usr/local/etc/apache24/
@ -187,29 +188,29 @@ bugzilla的数据库创建好了名字为"bugzilladb",用户名和密码分
保存并退出。
现在用"apachectl"命令测试一下apache的配置并重启它
现在用 "apachectl" 命令测试一下 apache 的配置并重启它:
apachectl configtest
service apache24 restart
### 第六步 - 安装Bugzilla ###
### 第六步 - 安装 Bugzilla ###
我们可以通过下载源来手动安装bugzilla了或从freebsd库中安装也可以。在这一步中我们将用pkg命令从freebsd库中安装bugzilla
我们可以通过下载源来手动安装 bugzilla 了,或从 freebsd 库中安装也可以。在这一步中我们将用 pkg 命令从 freebsd 库中安装 bugzilla
pkg install bugzilla50
以上步骤都完成之后前往bugzilla安装目录并安装所有bugzilla需要的perl模块。
以上步骤都完成之后,前往 bugzilla 安装目录并安装所有 bugzilla 需要的 perl 模块。
cd /usr/local/www/bugzilla
./install-module --all
要等到所有都完成,这需要点时间。
下一步在bugzilla的安装目录中执行"checksetup.pl"文件来生成配置文件"localconfig"。
下一步,在 bugzilla 的安装目录中执行 "checksetup.pl" 文件来生成配置文件 "localconfig"。
./checksetup.pl
你会看到一条关于数据库配置错误的消息你得用nano编辑器编辑一下"localconfig"文件:
你会看到一条关于数据库配置错误的消息,你得用 nano 编辑器编辑一下 "localconfig" 文件:
nano -c localconfig
@ -226,7 +227,7 @@ bugzilla的数据库创建好了名字为"bugzilladb",用户名和密码分
保存并退出。
然后再次运行"checksetup.pl"
然后再次运行 "checksetup.pl"
./checksetup.pl
@ -234,25 +235,25 @@ bugzilla的数据库创建好了名字为"bugzilladb",用户名和密码分
![Admin Setup](http://blog.linoxide.com/wp-content/uploads/2015/12/Admin-Setup.png)
最后,我们需要把安装目录的属主改成"www"然后用服务命令重启apache
最后,我们需要把安装目录的属主改成 "www",然后用服务命令重启 apache
cd /usr/local/www/
chown -R www:www bugzilla
service apache24 restart
现在Bugzilla已经安装好了你可以通过访问mybugzilla.me来查看并且将会重定向到https连接。
现在 Bugzilla 已经安装好了,你可以通过访问 mybugzilla.me 来查看,并且将会重定向到 https 连接。
Bugzilla首页
Bugzilla 首页:
![Bugzilla Home](http://blog.linoxide.com/wp-content/uploads/2015/12/Bugzilla-Home.png)
Bugzilla admin面板
Bugzilla admin 面板:
![Bugzilla Admin Page](http://blog.linoxide.com/wp-content/uploads/2015/12/Bugzilla-Admin-Page.png)
### 结论 ###
Bugzilla是一个基于web并能帮助你管理软件开发的应用它用perl开发并使用MySQL作为数据库系统。Bugzilla帮助mozilla、redhat,gnome等公司完成软件开发工作。Bugzilla有很多功能并易于配置和安装。
Bugzilla 是一个基于 web 的应用,并能帮助你管理软件开发,它用 perl 开发并以 MySQL 作为数据库系统。Bugzilla 帮助 mozilla、redhat、gnome 等公司完成软件开发工作。Bugzilla 有很多功能并易于配置和安装。
--------------------------------------------------------------------------------

0
sources/tech/20160104 How to Add New Disk in Linux CentOS 7 Without Rebooting.md → sources/tech/20160212 How to Add New Disk in Linux CentOS 7 Without Rebooting.md
View File

327
sources/tech/20160214 How to Install MariaDB 10 on CentOS 7 CPanel Server.md Normal file
View File

@ -0,0 +1,327 @@
translation by strugglingyouth
How to Install MariaDB 10 on CentOS 7 CPanel Server
================================================================================
MariaDB is a enhanced open source and drop-in replacement for MySQL. It is developed by MariaDB community and available under the terms of the GPL v2 license. Software Security is the main focus for the MariaDB developers. They maintain its own set of security patches for each MariaDB releases. When any critical security issues are discovered, the developers introduces a new release of MariaDB to get the fix out as soon as possible.
MariaDB is always up-to-date with the latest MySQL releases. It is highly compatible and works exactly like the MySQL. Almost all commands, data, table definition files, Client APIs, protocols, interfaces, structures, filenames, binaries, ports, database storage locations etc are same as the MySQL. It isn't even needed to convert databases to switch to MariaDB.
### Advantages of MariaDB ###
- Truly Open source
- More quicker and transparent security releases
- Highly Compatible with MySQL
- Improved Performance
- More storage engines compared to MySQL
In this article, I provides guidelines on how to upgrade MySQL 5.5 to the latest MariaDB on a CentOS 7 CPanel server. Let's walk through the Pre-installation steps.
### Pre-requisites: ###
#### 1. Stop current MySQL Service ####
root@server1 [/var/# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5859
Server version: 5.5.47-cll MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
root@server1 [~]# systemctl stop mysql
root@server1 [~]# systemctl status mysql
● mysql.service - LSB: start and stop MySQL
Loaded: loaded (/etc/rc.d/init.d/mysql)
Active: failed (Result: exit-code) since Sun 2016-01-31 10:00:02 UTC; 1min 31s ago
Docs: man:systemd-sysv-generator(8)
Main PID: 23430 (code=exited, status=203/EXEC)
Jan 31 10:00:02 server1.centos7-test.com systemd[1]: Started MySQL Server.
Jan 31 10:00:02 server1.centos7-test.com systemd[1]: Starting MySQL Server...
Jan 31 10:00:02 server1.centos7-test.com systemd[1]: mysql.service: main process exited, code=exited, status=203/EXEC
Jan 31 10:00:02 server1.centos7-test.com systemd[1]: Unit mysql.service entered failed state.
Jan 31 10:00:02 server1.centos7-test.com systemd[1]: mysql.service failed.
#### 2. Move all configuration files and databases prior to the upgrade ####
Move the DB storage path and MySQL configuration files
root@server1 [~]# cp -Rf /var/lib/mysql /var/lib/mysql-old
root@server1 [/var/lib/mysql]# cat /etc/my.cnf
[mysqld]
default-storage-engine=MyISAM
innodb_file_per_table=1
max_allowed_packet=268435456
open_files_limit=10000
root@server1 [~]#mv /etc/my.cnf /etc/my.cnf-old
#### 3. Remove and uninstall all MySQL rpms from the server ####
Run the following commands to disable the MySQL RPM targets. By running this commands, cPanel will no longer handle MySQL updates, and mark these rpm.versions as uninstalled on the system.
/scripts/update_local_rpm_versions --edit target_settings.MySQL50 uninstalled
/scripts/update_local_rpm_versions --edit target_settings.MySQL51 uninstalled
/scripts/update_local_rpm_versions --edit target_settings.MySQL55 uninstalled
/scripts/update_local_rpm_versions --edit target_settings.MySQL56 uninstalled
Now run the this command:
/scripts/check_cpanel_rpms --fix --targets=MySQL50,MySQL51,MySQL55,MySQL56 to remove all existing MySQL rpms on the server and leave a clean environment for MariaDB installation. Please see its output below:
root@server1 [/var/lib/mysql]# /scripts/check_cpanel_rpms --fix --targets=MySQL50,MySQL51,MySQL55,MySQL56
[2016-01-31 09:53:59 +0000]
[2016-01-31 09:53:59 +0000] Problems were detected with cPanel-provided files which are RPM controlled.
[2016-01-31 09:53:59 +0000] If you did not make these changes intentionally, you can correct them by running:
[2016-01-31 09:53:59 +0000]
[2016-01-31 09:53:59 +0000] > /usr/local/cpanel/scripts/check_cpanel_rpms --fix
[2016-01-31 09:53:59 +0000]
[2016-01-31 09:53:59 +0000] The following RPMs are unneeded on your system and should be uninstalled:
[2016-01-31 09:53:59 +0000] MySQL55-client-5.5.47-1.cp1148
[2016-01-31 09:53:59 +0000] MySQL55-devel-5.5.47-1.cp1148
[2016-01-31 09:53:59 +0000] MySQL55-server-5.5.47-1.cp1148
[2016-01-31 09:53:59 +0000] MySQL55-shared-5.5.47-1.cp1148
[2016-01-31 09:53:59 +0000] MySQL55-test-5.5.47-1.cp1148
[2016-01-31 09:53:59 +0000] compat-MySQL50-shared-5.0.96-4.cp1136
[2016-01-31 09:53:59 +0000] compat-MySQL51-shared-5.1.73-1.cp1150
[2016-01-31 09:53:59 +0000] Removing 0 broken rpms:
[2016-01-31 09:53:59 +0000] rpm: no packages given for erase
[2016-01-31 09:53:59 +0000] No new RPMS needed for install
[2016-01-31 09:53:59 +0000] Disabling service monitoring.
[2016-01-31 09:54:01 +0000] Uninstalling unneeded rpms: MySQL55-test MySQL55-server MySQL55-client compat-MySQL51-shared compat-MySQL50-shared MySQL55-shared MySQL55-devel
[2016-01-31 09:54:04 +0000] Removed symlink /etc/systemd/system/multi-user.target.wants/mysql.service.
[2016-01-31 09:54:04 +0000] Restoring service monitoring.
With these steps, we've uninstalled existing MySQL RPMs, marked targets to prevent further MySQL updates and made the server ready and clean for the MariaDB installation.
To startup with the installation, we need to create a yum repository for MariaDB depending on the MariaDB & CentOS versions. This is how I did it!
### Installation procedures: ###
#### Step 1: Creating a YUM repository. ####
root@server1 [~]# vim /etc/yum.repos.d/MariaDB.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.0/centos7-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
root@server1 [/etc/yum.repos.d]# cat /etc/yum.repos.d/MariaDB.repo
[mariadb]
name = MariaDB
baseurl = http://yum.mariadb.org/10.0/centos7-amd64/
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
#### Step 2: Open the /etc/yum.conf and modify the exclude line as below: ####
**Remove this line** exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* mysql* nsd* php* proftpd* pure-ftpd* spamassassin* squirrelmail*
**And replace with this line** exclude=courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* nsd* proftpd* pure-ftpd* spamassassin* squirrelmail*
**\*\*\* IMPORTANT \*\*\***
We need to make sure, we've removed the MySQL and PHP from the exclude list.
#### Step 3: Run the following command to install MariaDB and related packages. ####
**yum install MariaDB-server MariaDB-client MariaDB-devel php-mysql**
root@server1 [~]#yum install MariaDB-server MariaDB-client MariaDB-devel php-mysql
Dependencies Resolved
===============================================================================================================================================
Package Arch Version Repository Size
===============================================================================================================================================
Installing:
MariaDB-client x86_64 10.0.23-1.el7.centos mariadb 10 M
MariaDB-devel x86_64 10.0.23-1.el7.centos mariadb 6.3 M
MariaDB-server x86_64 10.0.23-1.el7.centos mariadb 55 M
php-mysql x86_64 5.4.16-36.el7_1 base 99 k
Installing for dependencies:
MariaDB-common x86_64 10.0.23-1.el7.centos mariadb 43 k
MariaDB-shared x86_64 10.0.23-1.el7.centos mariadb 1.2 M
libzip x86_64 0.10.1-8.el7 base 48 k
php-common x86_64 5.4.16-36.el7_1 base 563 k
php-pdo x86_64 5.4.16-36.el7_1 base 97 k
Transaction Summary
===============================================================================================================================================
Install 4 Packages (+5 Dependent package)
#### Step 4: Restart and make sure the MySQL service is up. ####
root@server1 [~]# systemctl start mysql
root@server1 [~]#
root@server1 [~]#
root@server1 [~]# systemctl status mysql
● mysql.service - LSB: start and stop MySQL
Loaded: loaded (/etc/rc.d/init.d/mysql)
Active: active (exited) since Sun 2016-01-31 10:01:46 UTC; 3s ago
Docs: man:systemd-sysv-generator(8)
Process: 23717 ExecStart=/etc/rc.d/init.d/mysql start (code=exited, status=0/SUCCESS)
Main PID: 23430 (code=exited, status=203/EXEC)
Jan 31 10:01:46 server1.centos7-test.com systemd[1]: Starting LSB: start and stop MySQL...
Jan 31 10:01:46 server1.centos7-test.com mysql[23717]: Starting MySQL SUCCESS!
Jan 31 10:01:46 server1.centos7-test.com systemd[1]: Started LSB: start and stop MySQL.
#### Step 5: Run mysql_upgrade command ####
It will examine all tables in all databases for incompatibilities with the current installed version and upgrades the system tables if necessary to take advantage of new privileges or capabilities that might have added with the current version.
root@server1 [~]# mysql_upgrade
MySQL upgrade detected
Phase 1/6: Checking and upgrading mysql database
Processing databases
mysql
mysql.columns_priv OK
mysql.db OK
mysql.event OK
mysql.func OK
mysql.help_category OK
mysql.help_keyword OK
mysql.help_relation OK
mysql.help_topic OK
mysql.host OK
mysql.ndb_binlog_index OK
mysql.plugin OK
mysql.proc OK
mysql.procs_priv OK
mysql.proxies_priv OK
mysql.servers OK
mysql.tables_priv OK
mysql.time_zone OK
mysql.time_zone_leap_second OK
mysql.time_zone_name OK
mysql.time_zone_transition OK
mysql.time_zone_transition_type OK
mysql.user OK
Phase 2/6: Fixing views from mysql
Phase 3/6: Running 'mysql_fix_privilege_tables'
Phase 4/6: Fixing table and database names
Phase 5/6: Checking and upgrading tables
Processing databases
cphulkd
cphulkd.auths OK
cphulkd.blacklist OK
cphulkd.brutes OK
cphulkd.good_logins OK
cphulkd.ip_lists OK
cphulkd.known_netblocks OK
cphulkd.login_track OK
cphulkd.logins OK
cphulkd.report OK
cphulkd.whitelist OK
eximstats
eximstats.defers OK
eximstats.failures OK
eximstats.sends OK
eximstats.smtp OK
information_schema
leechprotect
leechprotect.hits OK
modsec
modsec.hits OK
performance_schema
roundcube
roundcube.cache OK
roundcube.cache_index OK
roundcube.cache_messages OK
roundcube.cache_shared OK
roundcube.cache_thread OK
roundcube.contactgroupmembers OK
roundcube.contactgroups OK
roundcube.contacts OK
roundcube.cp_schema_version OK
roundcube.dictionary OK
roundcube.identities OK
roundcube.searches OK
roundcube.session OK
roundcube.system OK
roundcube.users OK
saheetha_test
saheetha_test.authors OK
whmxfer
whmxfer.sessions OK
Phase 6/6: Running 'FLUSH PRIVILEGES'
OK
#### Step 6 : Restart the MySQL service once again to ensure everything works perfect. ####
root@server1 [~]# systemctl restart mysql
root@server1 [~]#
root@server1 [~]# systemctl status mysql
● mysql.service - LSB: start and stop MySQL
Loaded: loaded (/etc/rc.d/init.d/mysql)
Active: active (running) since Sun 2016-01-31 10:04:11 UTC; 9s ago
Docs: man:systemd-sysv-generator(8)
Process: 23831 ExecStop=/etc/rc.d/init.d/mysql stop (code=exited, status=0/SUCCESS)
Process: 23854 ExecStart=/etc/rc.d/init.d/mysql start (code=exited, status=0/SUCCESS)
Main PID: 23430 (code=exited, status=203/EXEC)
CGroup: /system.slice/mysql.service
├─23861 /bin/sh /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/lib/mysql/server1.centos7-test.com.pid
└─23933 /usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --log-error=/v...
Jan 31 10:04:10 server1.centos7-test.com systemd[1]: Starting LSB: start and stop MySQL...
Jan 31 10:04:11 server1.centos7-test.com mysql[23854]: Starting MySQL. SUCCESS!
Jan 31 10:04:11 server1.centos7-test.com systemd[1]: Started LSB: start and stop MySQL.
#### Step 7: Run EasyApache to rebuild Apache/PHP with MariaDB and ensure all PHP modules remains intact. ####
root@server1 [~]#/scripts/easyapache --build
****IMPORTANT *****
If you forget to rebuild Apache/PHP after the MariaDB installation, it will report the library error as below:
root@server1 [/etc/my.cnf.d]# php -v
php: error while loading shared libraries: libmysqlclient.so.18: cannot open shared object file: No such file or directory
#### Step 8: Now verify the installation and databases. ####
root@server1 [/var/lib/mysql]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 15
Server version: 10.0.23-MariaDB MariaDB Server
Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show storage engines;
+--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
| Engine | Support | Comment | Transactions | XA | Savepoints |
+--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
| CSV | YES | CSV storage engine | NO | NO | NO |
| MRG_MyISAM | YES | Collection of identical MyISAM tables | NO | NO | NO |
| MEMORY | YES | Hash based, stored in memory, useful for temporary tables | NO | NO | NO |
| BLACKHOLE | YES | /dev/null storage engine (anything you write to it disappears) | NO | NO | NO |
| MyISAM | YES | MyISAM storage engine | NO | NO | NO |
| InnoDB | DEFAULT | Percona-XtraDB, Supports transactions, row-level locking, and foreign keys | YES | YES | YES |
| ARCHIVE | YES | Archive storage engine | NO | NO | NO |
| FEDERATED | YES | FederatedX pluggable storage engine | YES | NO | YES |
| PERFORMANCE_SCHEMA | YES | Performance Schema | NO | NO | NO |
| Aria | YES | Crash-safe tables with MyISAM heritage | NO | NO | NO |
+--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+
10 rows in set (0.00 sec)
That's all :). Now we're all set to go with MariaDB with its improved and efficient features. Hope you enjoyed reading this documentation. I would recommend your valuable suggestions and feedback on this!
--------------------------------------------------------------------------------
via: http://linoxide.com/how-tos/install-mariadb-10-centos-7-cpanel/
作者:[Saheetha Shameer][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/saheethas/

51
sources/tech/20151109 How to Configure Tripwire IDS on Debian.md → translated/tech/20151109 How to Configure Tripwire IDS on Debian.md
View File

@ -1,48 +1,49 @@
How to Configure Tripwire IDS on Debian
如何在Debian中配置Tripewire IDS
================================================================================
This article is about Tripwire installation and configuration on Debian OS. It is a host based Intrusion detection system (IDS) for Linux environment. Prime function of tripwire IDS is to detect and report any unauthorized change (files and directories ) on linux system. After tripwire installation, baseline database created first, tripwire monitors and detects changes such as new file addition/creation, file modification and user who changed it etc. If the changes are legitimate, you can accept the changes to update tripwire database.
本文是一篇关于Debian中安装和配置Tripewire的文章。它是Linux环境下基于主机的入侵检测系统IDS。tripwire的高级功能有检测并报告任何Linux中未授权的更改文件和目录。tripewire安装之后会先创建一个基本的数据库tripewire监控并检测新文件的创建修改和谁修改了它等等。如果修改过是合法的你可以接受修改并更新tripwire的数据库。
### Installation and Configuration ###
### 安装和配置 ###
Tripwire installation on Debian VM is shown below.
tripwire在Debian VM中的安装如下。
# apt-get install tripwire
![installation](http://blog.linoxide.com/wp-content/uploads/2015/11/installation.png)
During installation, tripwire prompt for following configuration.
安装中tripwire会有下面的配置提示。
#### Site key Creation ####
#### 站点密钥创建 ####
tripwire需要一个站点口令来加密tripwire的配置文件tw.cfg和策略文件tw.pol。tripewire使用指定的密码加密两个文件。一个tripewire实例必须指定站点口令。
Tripwire required a site passphrase to secure the tw.cfg tripwire configuration file and tw.pol tripwire policy file. Tripewire encrypte both files using given passphrase. Site passphrase is must even for a single instance tripwire.
![site key1](http://blog.linoxide.com/wp-content/uploads/2015/11/site-key1.png)
#### Local Key passphrase ####
#### 本地密钥口令 ####
Local passphrase is needed for the protection of tripwire database and report files . Local key used by the tripwire to avoid unauthorized modification of tripwire baseline database.
本地口令用来保护tripwire数据库和报告文件。本地密钥用于阻止非授权的tripewire数据库修改。
![local key1](http://blog.linoxide.com/wp-content/uploads/2015/11/local-key1.png)
#### Tripwire configuration path ####
#### Tripwire配置路径 ####
Tripwire configuration saved in the /etc/tripwire/twcfg.txt file. It is used to generate encrypted configuration file tw.cfg.
tripewire配置存储在/etc/tripwire/twcfg.txt。它用于生成加密的配置文件tw.cfg。
![configuration file](http://blog.linoxide.com/wp-content/uploads/2015/11/configuration-file.png)
**Tripwire Policy path**
**Tripwire策略路径**
Tripwire saves policies in /etc/tripwire/twpol.txt file . It is used for the generation of encrypted policy file tw.pol used by the tripwire.
tripwire在/etc/tripwire/twpol.txt中保存策略文件。它用于生成加密的策略文件tw.pol。
![tripwire policy](http://blog.linoxide.com/wp-content/uploads/2015/11/tripwire-policy.png)
Final installation of tripwire is shown in the following snapshot.
安装完成后如下图所示。
![installed tripewire1](http://blog.linoxide.com/wp-content/uploads/2015/11/installed-tripewire1.png)
#### Tripwire Configuration file (twcfg.txt) ####
#### Tripwire配置文件 (twcfg.txt) ####
Tripwire configuration file (twcfg.txt) details is given below. Paths of encrypted policy file (tw.pol), site key (site.key) and local key (hostname-local.key) etc are given below.
tripewire配置文件twcfg.txt细节如下图所示。加密策略文件tw.pol,站点密钥site.key和本地密钥hostname-local.key如下所示。
ROOT =/usr/sbin
@ -78,9 +79,9 @@ Tripwire configuration file (twcfg.txt) details is given below. Paths of encrypt
TEMPDIRECTORY =/tmp
#### Tripwire Policy Configuration ####
#### Tripwire策略配置 ####
Configure tripwire configuration before generation of baseline database. It is necessary to disable few policies such as /dev , /proc ,/root/mail etc. Detailed policy file twpol.txt is given below.
在生成基础数据库之前先配置tripwire配置。有必要经用一些策略如/dev、 /proc 、/root/mail等。详细的twpol.txt策略文件如下所示。
@@section GLOBAL
TWBIN = /usr/sbin;
@ -236,13 +237,13 @@ Configure tripwire configuration before generation of baseline database. It is n
#/proc -> $(Device) ;
}
#### Tripwire Report ####
#### Tripwire 报告 ####
**tripwire check** command checks the twpol.txt file and based on this file generates tripwire report which is shown below. If this is any error in the twpol.txt file, tripwire does not generate report.
**tripwire check** 命令检查twpol.txt文件并基于此文件生成tripwire报告如下。如果twpol.txt中有任何错误tripwire不会生成报告。
![tripwire report](http://blog.linoxide.com/wp-content/uploads/2015/11/tripwire-report.png)
**Report in text form**
**文本形式报告**
root@VMdebian:/home/labadmin# tripwire --check
@ -362,18 +363,20 @@ Configure tripwire configuration before generation of baseline database. It is n
Integrity check complete.
### Conclusion ###
### 总结 ###
In this article, we learned installation and basic configuration of open source IDS tool Tripwire. First it generates baseline database and detects any change (file/folder) by comparing it with already generated baseline. However, tripwire is not live monitoring IDS.
本篇中我们学习安装配置开源入侵检测软件tripwire。首先生成基础数据库并通过比较检测出任何改动文件/文件夹。然而tripwire并不是实时监测的IDS。
--------------------------------------------------------------------------------
via: http://linoxide.com/security/configure-tripwire-ids-debian/
作者:[nido][a]
译者:[译者zky001](https://github.com/zky001)
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/naveeda/