LibCat » Книги » Компьютеры и интернет » ОС и Сети » Andrew Hudson - Fedora™ Unleashed, 2008 edition

Andrew Hudson - Fedora™ Unleashed, 2008 edition

Здесь есть возможность читать онлайн «Andrew Hudson - Fedora™ Unleashed, 2008 edition» весь текст электронной книги совершенно бесплатно (целиком полную версию без сокращений). В некоторых случаях можно слушать аудио, скачать через торрент в формате fb2 и присутствует краткое содержание. Город: Indianapolis, Год выпуска: 2008, ISBN: 2008, Издательство: Sams Publishing, Жанр: ОС и Сети, на английском языке. Описание произведения, (предисловие) а так же отзывы посетителей доступны на портале библиотеки ЛибКат.

Читать книгу

Название:
Fedora™ Unleashed, 2008 edition
Автор:
Andrew Hudson
Издательство:
Sams Publishing
Жанр:
ОС и Сети / на английском языке
Год:
2008
Город:
Indianapolis
ISBN:
978-0-672-32977-7
Рейтинг книги:
5 / 5. Голосов: 1
Избранное:

Добавить в избранное
Отзывы:
Написать комментарий
Ваша оценка:
- 100
- 1
- 2
- 3
- 4
- 5

Fedora™ Unleashed, 2008 edition: краткое содержание, описание и аннотация

Предлагаем к чтению аннотацию, описание, краткое содержание или предисловие (зависит от того, что написал сам автор книги «Fedora™ Unleashed, 2008 edition»). Если вы не нашли необходимую информацию о книге — напишите в комментариях, мы постараемся отыскать её.

Quick Glance Guide
Finding information you need is not always easy. This short index provides a list of common tasks discussed inside this book. Browse the table of contents or index for detailed listings and consult the specified chapter for in-depth discussions about each subject.
left How Do I…?
See…
How Do I…?
See…
left Back up my system?
Chapter 13
Partition a hard drive?
Appendix B, Chapters 1, 35
left Build a new Linux kernel?
Chapter 36
Play MP3s and other music?
Chapter 7
left Burn a CD?
Chapter 7
Print a file?
Chapter 8
left Change a password?
Chapter 4
Read a text file?
Chapter 4
left Change the date and time?
Chapter 32
Read or send email?
Chapter 21
left Compress a file?
Chapter 13
Read or post to newsgroups?
Chapter 5
left Configure a modem?
Chapter 2
Reboot Fedora?
Chapter 1
left Configure a printer?
Chapter 8
Rescue my system?
Chapter 13
left Configure a scanner?
Chapter 7
Set up a DNS server?
Chapter 23
left Configure a sound card?
Chapter 7
Set up a firewall?
Chapter 14
left Configure my desktop settings?
Chapter 3
Set up a web server?
Chapter 15
left Connect to the Internet?
Chapter 5
Set up an FTP server?
Chapter 20
left Control a network interface?
Chapter 14
Set up Samba with SWAT?
Chapter 19
left Copy files or directories?
Chapters 13, 32
Set up wireless networking?
Chapter 14
left Create a boot disk to boot Fedora?
Chapter 1
Shut down Fedora?
Chapter 1
left Create a database?
Chapter 16
Use a spreadsheet?
Chapter 6
left Create a user?
Chapter 4
Use Instant Messaging?
Chapter 5
left Delete a file or directory?
Chapter 32
Watch television on my computer?
Chapter 7
left Get images from a digital camera?
Chapter 7
Edit a text file?
Chapter 4
left Install Fedora?
Chapter 1
Make Fedora more secure?
Chapter 14
left Log in to Fedora?
Chapter 1
Mount a CD-ROM or hard drive?
Chapter 35

Fedora™ Unleashed, 2008 edition — читать онлайн бесплатно полную книгу (весь текст) целиком

Ниже представлен текст книги, разбитый по страницам. Система сохранения места последней прочитанной страницы, позволяет с удобством читать онлайн бесплатно книгу «Fedora™ Unleashed, 2008 edition», без необходимости каждый раз заново искать на чём Вы остановились. Поставьте закладку, и сможете в любой момент перейти на страницу, на которой закончили чтение.

Тёмная тема

Шрифт:

↓

↑

Сбросить

Интервал:

↓

↑

Закладка:

Сделать

$ dnssec-keygen -a hmac-md5 -b 128 -n user rndc

Krndc.+157+14529

$ cat Krndc.+157+14529.private

Private-key-format: v1.2

Algorithm: 157 (HMAC_MD5)

Key: mKKd2FiHMFe1JqXl/z4cfw==

The utility creates two files with .keyand .privateextensions, respectively. The Key:line in the . privatefile reveals the secret that rndcand namedneed to share ( mKKd2FiHMFe1JqXl/z4cfw==). When you have this, you can set up the rndc.keyconfigu ration file, which is shared by both rndc.confand named.conf:

----------

key "rndc" { algorithm hmac-md5; secret "mKKd2FiHMFe1JqXl/z4cfw=="; };

----------

rndc.conf

rndcuses a TCP connection (on port 953) to communicate with named. The configuration file, /etc/rndc.confby default, must specify a server to talk to as well as include the corresponding key (which must be recognized by named) to use while talking to it:

----------

# Use the key named "rndc" when talking to the nameserver "localhost."

server localhost {

key "rndc";

};

# Defaults. options {

default-server localhost;

default-key "rndc";

};

# Include the key to use

include "/etc/rndc.key;

----------

The file needs to have three sections:

► Server section— Defines a nameserver (localhost) and specifies a key ( rndc) to be used while communicating with it

► Options section— Sets up reasonable defaults because the file might list multiple servers and keys

► Key section— Includes the file already created, /etc/rndc.key

Should you need it, the rndc(8)and rndc.conf(5)manual pages contain more information.

named.conf

You next must configure nameditself. Its single configuration file ( /etc/named.conf) has syntax very similar to rndc.conf; this section describes only a small subset of the configuration directives essential to the configuration of a functional nameserver. For a more exhaustive reference, consult the BIND 9 ARM (Administrator Reference Manual); it is distributed with BIND, and Fedora installs it under /usr/share/doc/bind-*/arm/).

Only the options and named sections in the named.conffile are absolutely necessary. The options section must tell namedwhere the zone files are kept, and named must know where to find the root zone ( .). We also set up a controls section to enable suitably authenticated commands from rndcto be accepted. Because clients (notably nslookup) often depend on resolving the nameserver's IP, we set up the 0.0.127.in-addr.arpareverse zone, too.

We start with a configuration file similar to this:

----------

options {

# This is where zone files are kept.

Directory "/var/named";

};

# Allow rndc running on localhost to send us commands.

Controls {

inet 127.0.0.1

allow { localhost; }

keys { rndc; };

};

""include "/etc/rndc.key";

# Information about the root zone.

Zone "." {

type hint;

file "root.hints";

};

# Lots of software depends on being able to resolve 127.0.0.1

zone "0.0.127.in-addr.arpa" {

type master;

file "rev/127.0.0";

};

----------

The options section is where to specify the directory in which namedshould look for zone files (as named in other sections of the file). You learn about using other options in later examples in this chapter.

Next, we instruct namedto accept commands from an authenticated rndc. We include the key file, /etc/rndc.key,and the controls section saying that rndc connects from localhost and uses the specified key. (You can specify more than one IP address in the allow list or use an access control list as described in the "Managing DNS Security" section, later in this chapter.)

The .zone tells namedabout the root nameservers with names and addresses in the root.hintsfile. This information determines which root nameserver is initially consulted, although this decision is frequently revised based on the server's response time. Although the hintsfile can be obtained via FTP, the recommended, network-friendly way to keep it synchronized is to use dig. We ask a root nameserver (it doesn't matter which one) for the NS records of .and use the digoutput directly:

----------

| # dig @j.root-servers.net. ns > /var/named/root.hints

| # cat /var/named/root.hints

| ; <<>> DiG 8.2 <<>> @j.root-servers.net . ns

| ; (1 server found)

| ;; res options: init recurs defnam dnsrch

| ;; got answer:

| ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6

| ;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13

| ;; QUERY SECTION:

| ;; ., type = NS, class = IN

|