三、RHEL5.6系统安全加固与系统优化
禁用adm, lp, sync, shutdown, halt, news, uucp, operator, games, gopher, ftp
#vi /etc/passwd
将上面的用户的shell修改成/bin/false
保存退出。
四、RHEL5.6 YUM配置
4.1 YUM配置(linux1、 linux2)
4.1.1、挂载RHEL5.6安装光盘至/mnt目录
mount /dev/cdrom /mnt
4.1.2、修改YUM文件
vi /etc/yum.repos.d/rhel-debuginfo.repo
内容如下:
[Cluster]
name=Red Hat Enterprise Linux $releasever - $basearch - Cluster
baseurl=file:///mnt/Cluster
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-RedHat-release
[ClusterStorage]
name=Red Hat Enterprise Linux $releasever - $basearch - ClusterStorage
baseurl=file:///mnt/ClusterStorage
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[Server]
name=Red Hat Enterprise Linux $releasever - $basearch - Server
baseurl=file:///mnt/Server
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[VT]
name=Red Hat Enterprise Linux $releasever - $basearch - VT
baseurl=file:///mnt/VT
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
4.1.3、新建 rhel/目录
mkdir -p /var/rhel/{Cluster,ClusterStorage,Server,VT}
4.1.4、安装createrepo
rpm -ivh /mnt/Server/createrepo-0.4.11-3.el5.noarch.rpm
createrepo -o /var/rhel/Cluster -g /mnt/Cluster/repodata/comps-rhel5-cluster.xml /mnt/Cluster
createrepo -o /var/rhel/ClusterStorage -g /mnt/ClusterStorage/repodata/comps-rhel5-cluster-st.xml /mnt/ClusterStorage
createrepo -o /var/rhel/Server -g /mnt/Server/repodata/comps-rhel5-server-core.xml /mnt/Server
createrepo -o /var/rhel/VT -g /mnt/VT/repodata/comps-rhel5-vt.xml /mnt/VT
4.1.5、挂载
mount --bind /var/rhel/Cluster/repodata /mnt/Cluster/repodata
mount --bind /var/rhel/ClusterStorage/repodata /mnt/ClusterStorage/repodata
mount --bind /var/rhel/Server/repodata /mnt/Server/repodata
mount --bind /var/rhel/VT/repodata /mnt/VT/repodata
4.1.6、刷新
yum clean all
五、RHCS 5.6 安装与配置
5.1 服务器设置
5.1.1 Linux1服务器上设置
设置两张网卡IP地址分别为:
Eth0:IP:172.22.4.114 netmask:255.255.255.0 Default gatewary:172.22.4.126
Eth1:IP:192.168.0.10 netmask:255.255.255.0
设置主机名:
在/etc/hosts文件最后增加以下四行:
172.22.4.114 linux1.cnintra.itd.net linux1
192.168.0.10 linux1.cnintra.itd.net linux1
172.22.4.115 linux2.cnintra.itd.net linux2
192.168.0.11 linux2.cnintra.itd.net linux2
5.1.2 Linux2服务器上设置
设置两张网卡IP地址分别为:
Eth0:IP:172.22.4.115 netmask:255.255.255.0 Default gatewary:172.22.4.126
Eth1:IP:192.168.0.11 netmask:255.255.255.0
设置主机名:
在/etc/hosts文件最后增加以下四行:
172.22.4.114 linux1.cnintra.itd.net linux1
192.168.0.10 linux1.cnintra.itd.net linux1
172.22.4.115 linux2.cnintra.itd.net linux2
192.168.0.11 linux2.cnintra.itd.net linux2
5.2 安装Cluster软件 (linux1、 linux2)
Mount /dev/cdrom /mnt
yum groupinstall clustering
Transaction Summary
================================================================================
Install 35 Package(s)
Upgrade 0 Package(s)
Total download size: 50 M
Is this ok [y/N]: y
Downloading Packages:
--------------------------------------------------------------------------------
Total 227 MB/s | 50 MB 00:00
warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID 37017186
Cluster/gpgkey | 1.1 kB 00:00
Importing GPG key 0x37017186 "Red Hat, Inc. (release key) <security@redhat.com>" from /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
Is this ok [y/N]: y