zpball
- 浏览: 897303 次
- 性别:
- 来自: 北京
-
文章分类
- 全部博客 (498)
- J2EE (52)
- 数据库 (17)
- java基础 (43)
- web技术 (19)
- 程序设计 (6)
- 操作系统 (18)
- IT资讯 (7)
- 我的IT生活 (12)
- 学习笔记 (9)
- Jquery (25)
- JavaScript (18)
- spring (40)
- Hibernate (12)
- Struts (10)
- YUI (2)
- Extjs (22)
- .net (0)
- Eclipse (10)
- 社会主义 (2)
- 服务器 (9)
- CSS (8)
- 网络安全 (16)
- 版本控制 (9)
- PHP (2)
- Oracle (42)
- SQL server (1)
- Mysql (11)
- 项目管理 (3)
- 开发工具使用 (10)
- SQL语句 (7)
- Perl (0)
- Shell (6)
- 漏洞 (4)
- ibatis (5)
- hacker (2)
- SQL注入 (6)
- Hacker工具 (2)
- 入侵和渗透 (7)
- 插件/组件 (2)
- 最爱开源 (5)
- 常用软件 (2)
- DOS (1)
- HTML (2)
- Android (9)
- CMS (1)
- portal (8)
- Linux (7)
- OSGI (1)
- Mina (5)
- maven (2)
- hadoop (7)
- twitter storm (2)
- sap hana (0)
- OAuth (0)
- RESTful (1)
- Nginx (4)
- flex (1)
- Dubbo (1)
- redis (1)
- springMVC (1)
- node.js (1)
- solr (2)
- Flume (1)
- MongoDB (2)
- ElasticSearch (1)
最新评论
-
M_drm:
请问要怎么设置浏览器才不报没权限呢?
用JS在页面调用本地可执行文件的方法(ACTIVEX) -
Alexniver:
官方文档。When importing data into I ...
mysql导入数据过慢 解决方法 -
camelwoo:
我记得 Criteria 可以做连接查询与子查询,也可以做分页 ...
Hibernate总结篇二 -
zhenglongfei:
楼主如果SubKeyName 这个节点不存在,怎么办??怎么用 ...
Java操作注册表 -
yxx676229549:
用log4j 2 了
logback
转:http://blog.sina.com.cn/s/blog_438308750100xsb5.html
Linux安全设置
******************************************************************************
1.关闭不必要的服务
yum -y install ntsysv
ntsysv
# 关闭不需要的服务按上面的安装关闭 ip6tables、jexec、kudzu、lvm2-monitor、mcstrans、netfs、rawdevices、restorecond
2.禁止Ctrl+Alt+Delete重新启动机器命令
vi /etc/inittab
注释掉: ca::ctrlaltdel:/sbin/shutdown -t3 -r now
设置/etc/rc.d/init.d/下权限
chmod -R 700 /etc/rc.d/init.d/*
3.限制su的使用,设置仅wheel用户使用
vi /etc/pam.d/su
取消下面行注释
> auth required pam_wheel.so use_uid
echo "SU_WHEEL_ONLY yes" >> /etc/login.defs
4.阻止ping(慎用)
# vi /etc/rc.d/rc.local
添加到文件末尾
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
5.防止ip欺骗
vi /etc/host.conf
添加下面几行
order bind,hosts
multi off
nospoof on
6.防止DoS攻击
对系统所有的用户设置资源限制可以防止DoS类型攻击,如最大进程数和内存使用数量等。
例如,可以在/etc/security/limits.conf中添加如下几行:
vi /etc/security/limits.conf
*hard core 0
*hard rss 5000
*hard nproc 50
然后必须编辑/etc/pam.d/login文件检查下面一行是否存在。
cat /etc/pam.d/login
# echo "sessionrequired/lib/security/pam_limits.so" >> /etc/pam.d/login
sessionrequired/lib/security/pam_limits.so
上面的命令禁止调试文件,限制进程数为50并且限制内存使用为5MB。
7.禁止ipv6
vi /etc/modprobe.conf
alias net-pf-10 off
alias ipv6 off
8.删除不必要的用户和组
userdel adm
userdel sync
userdel shutdown
userdel halt
userdel news
userdel uucp
userdel operator
userdel games
userdel gopher
userdel ftp
groupdel news
groupdel uucp
groupdel dip
9。更改SSH端口,不允许使用低版本的SSH协议,创建远程登录用户,禁止root登录
#vi /etc/ssh/sshd_config
将PORT改为1000以上端口
将#protocol 2,1改为protocol 2
禁止root登录,修改如下
PermitRootLogin no
例如
PORT 1984
Protocol 2
PermitRootLogin no
# 添加新端口到iptables中
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1984 -j ACCEPT
##注意这里必须添加远程登录用户,并添加到wheel用户组
-----------------------------------------------------------------------
useradd [-G wheel] yubaojian0616
passwd yubaojian0616
usermod -g wheel yubaojian0616
-----------------------------------------------------------------------
X.修改口令文件属性
chattr +i /etc/passwd
chattr +i /etc/shadow
chattr +i /etc/group
chattr +i /etc/gshadow
X+1.定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
crontab -e
* * * * * * ntpdate 210.72.145.44
Nginx安装
******************************************************************************
安装文件:nginx-1.0.4.tar.gz
安装目录:/usr/local/webserver/nginx
#添加用户和组
groupadd www
useradd -g www www
#安装必要的库
yum -y install wget
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz
cd /opt
tar -zxf pcre-8.10.tar.gz
cd pcre-8.10
./configure
make && make install
yum -y install openssl openssl-devel
cd /opt
tar -zxf nginx-1.0.4.tar.gz
cd nginx-1.0.4
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
#创建Nginx日志目录
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
#启动nginx
/usr/local/webserver/nginx/sbin/nginx
#设置自动启动
echo "ulimit -SHn 65535" >> /etc/rc.local
echo "/usr/local/webserver/nginx/sbin/nginx" >> /etc/rc.local
或者使用nginx服务启动
touch /etc/init.d/nginx
vi /etc/init.d/nginx
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# Init file for nginx server daemon
#
# chkconfig: 234 99 99
# description: nginx server daemon
#
# source function library
. /etc/rc.d/init.d/functions
# pull in sysconfig settings
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
RETVAL=0
prog="nginx"
PAT=/usr/local/nginx
NGINXD=/usr/local/webserver/nginx/sbin/nginx
PID_FILE=/usr/local/webserver/nginx/nginx.pid
start()
{
echo -n $"Starting $prog: "
$NGINXD 2>/dev/null $OPTIONS && success || failure
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/nginx
echo
}
stop()
{
echo -n $"Shutting down $prog: "
killproc nginx
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/nginx
return $RETVAL
}
reload()
{
echo -n $"Reloading nginx: "
killproc nginx -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status -p $PID_FILE nginx
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
#编写每天定时切割Nginx日志的脚本
1.
> vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
---------------------------------------------------------------------------------------------------
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
---------------------------------------------------------------------------------------------------
chmod +x /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
2。设置crontab,每天凌晨00:00切割nginx访问日志
#安装crontabs
yum -y install vixie-cron
yum -y install crontabs
crontab -e
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
MongoDB安装
******************************************************************************
MongoDB安装文件:mongodb-linux-i686-1.8.2.tgz
安装目录:/usr/local/webserver/mongodb
端口:27017
数据:/data0/mongo/27017/data/
日志:/data0/mongo/27017/log/
安装程序
mv mongodb-linux-i686-1.8.2.tgz /usr/local/webserver/
cd /usr/local/webserver/
tar -zxf mongodb-linux-i686-1.8.2.tgz
mv mongodb-linux-i686-1.8.2 mongodb
rm mongodb-linux-i686-1.8.2.tgz
创建目录
mkdir -p /data0/mongo/27017/data/
mkdir -p /data0/mongo/27017/log/
/usr/local/webserver/mongodb/bin/mongod -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&
查看是否启动成功
netstat -lanp | grep "27017"
关闭数据库
kill -15,killall mongod或者在client的shell里,use admin,执行db.shutdownServer()即可!
安装服务
vi /etc/init.d/mongodb
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# mongodb Startup script for the mongodb server
#
# chkconfig: - 64 36
# description: MongoDB Database Server
#
# processname: mongodb
#
# Source function library
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/mongodb ]; then
. /etc/sysconfig/mongodb
fi
prog="mongod"
mongod="/usr/local/webserver/mongodb/bin/mongod"
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon $mongod "--fork -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&"
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
reload)
reload
;;
status)
status $mongod
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/mongodb
chown root:root /etc/init.d/mongodb
chkconfig --add mongodb
chkconfig mongodb on
转载请注明出处:http://blog.sina.com.cn/egoservice
mysql安装
******************************************************************************
说明:
系统 :CentOS5(CentOS5.5)
mysql :mysql-5.1.48.tar.gz(源码版本)
安装目录:/usr/local/webserver/mysql
操作用户:mysql
字符集:utf-8,gbk,latin1
数据类型:innodb,myiasm,csv,federated
数据目录:/data0/mysql/3306/data/
二进制日志:/data0/mysql/3306/binlog/
relay日志:/data0/mysql/3306/relaylog/
my.cnf:/etc/my.cnf
mysql操作:/etc/init.d/mysql
_____________________________________________________________________________
1.安装gcc
#yum -y install gcc* ncurses-devel
2.创建用户
#groupadd mysql
#useradd -g mysql mysql
3.安装 mysql-5.1.48.tar.gz
#tar zxf mysql-5.1.48.tar.gz
#cd mysql-5.1.48
#./configure \
--prefix=/usr/local/webserver/mysql \
--with-charset=utf8 \
--with-extra-charset=gbk,latin1 \
--without-debug \
--without-bench \
--with-big-tables \
--with-readline \
--with-ssl \
--with-embedded-server \
--enable-local-infile \
--enable-assembler \
--enable-thread-safe-client \
--enable-profiling \
--with-mysqld-user=mysql \
--with-plugins=partition,innobase,myisammrg \
--with-csv-storage-engine \
--with-federated-storage-engine \
--with-client-ldflags=-all-static \
--with-mysqld-ldflags=-all-static \
--with-server-suffix=-community \
--with-unix-socket-path=/tmp/mysql.sock
#安装make
yum -y install make
#这里需要很长时间
#Entering directory `/root/mysql-5.1.48/mysql-test' 这里需要耐心
make && make install
#设置目录权限
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
#创建MySQL数据库存放目录
mkdir -p /data0/mysql/3306/data/
mkdir -p /data0/mysql/3306/binlog/
mkdir -p /data0/mysql/3306/relaylog/
chown -R mysql:mysql /data0/mysql/
#以mysql用户帐号的身份建立数据表:
/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/data0/mysql/3306/data --user=mysql
#创建my.cnf配置文件:(注意要在/etc/目录下)
vi /etc/my.cnf
------------------------------------------------------------------
[client]
port = 3306
socket = /tmp/mysql.sock
[mysqld]
character-set-server = utf8
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /tmp/mysql.sock
basedir = /usr/local/webserver/mysql
datadir = /data0/mysql/3306/data
log-error = /data0/mysql/3306/mysql_error.log
pid-file = /data0/mysql/3306/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 614
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 1M
join_buffer_size = 1M
thread_cache_size = 300
#thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 192K
transaction_isolation = READ-COMMITTED
tmp_table_size = 246M
max_heap_table_size = 246M
long_query_time = 3
log-slave-updates
log-bin = /data0/mysql/3306/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 1G
relay-log-index = /data0/mysql/3306/relaylog/relaylog
relay-log-info-file = /data0/mysql/3306/relaylog/relaylog
relay-log = /data0/mysql/3306/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 256M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
innodb_additional_mem_pool_size = 16M
innodb_buffer_pool_size = 512M
innodb_data_file_path = ibdata1:256M:autoextend
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 90
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0
#log-slow-queries = /data0/mysql/3306/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
------------------------------------------------------------------
#创建mysql启动文件
cp support-files/mysql.server.sh /etc/init.d/mysql
chmod +x /etc/init.d/mysql
chkconfig --add mysql
service mysql start
/usr/local/webserver/mysql/bin/mysql
#设置本地及远程数据库root登录密码
mysql> grant all on *.* to 'root'@'localhost' identified by '123456';
mysql> grant all on *.* to 'root'@'%' identified by '123456';
Mysql 安装成功
如果出现'@HOSTNAME@' command not found 可以修改脚本来对应.pid文件
##############################################################################################################
Linux下MySql的卸载
源码安装的卸载方法:
到源码目录,如果可以运行make uninstall就可以卸载。如果没有,就直接删除。
如果是./configure –prefix指定了目录用 rm -rf 目录名 删除
————————————————————-
[root@localhost ~]# cd /usr/local/src/mysql-5.1.45
[root@localhost mysql-5.1.45]# make uninstall
[root@localhost mysql-5.1.45]# cd ..
[root@localhost src]# rm -rf mysql-5.1.45
[root@localhost src]# cd ..
[root@localhost local]# ls
bin etc games include lib libexec [...]
删除所有应用目录
转载请注明出处:http://blog.sina.com.cn/egoservice
CentOS_5.5安装
*************************************************************************************
闲来没事自己做一个安装配置记录,以备以后用时候查看,如果有没有说到的大问题还请指教
转载请注明出处:http://blog.sina.com.cn/egoservice
***************CentOS_5.5安装*****************
1.分区(看各自需求)
/boot 100M
/swap 1576M
/
2.最小化安装
取消所有能取消的安装程序
3.用setup/ntsysv设置防火墙和ip
4.修改hostname
vi /etc/sysconfig/network
5.
编译出错:可能是系统时间不对应问题
# date -s "2009-09-10 00:33:30"
修改完后,记得输入:clock -w
把系统时间写入CMOS
6.
优化操作系统,避免too many open files错误
> ulimit -n
1024
> ulimit -n 65536
> vi /etc/sysctl.conf
添加
fs.file-max=65536
管理用户可以在 etc/security/limits.conf 配置文件中设置他们的文件描述符极限
soft nofile 65536
hard nofile 65536
7. 如果快平台的文本拷贝有问题
使用 vi -b 查看编码
8.优化Linux内核参数
>vi /etc/sysctl.conf
-------------------------------------------------------------------------------------------
# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
-------------------------------------------------------------------------------------------
>/sbin/sysctl -p
9.检查系统是否正常
# more /var/log/messages(检查有无系统级错误信息)
# dmesg(检查硬件设备是否有错误信息)
# ifconfig(检查网卡设置是否正确)
# ping www.163.com(检查网络是否正常)
10.如果vi时候按了Ctrl+s屏幕定住 可使用ctrl+q恢复
11.设置ip
#vi /etc/sysconfig/network-scripts/ifcfg-eth0
-------------------------------------------------------------------------------------------
# nVidia Corporation MCP51 Ethernet Controller
DEVICE=eth0
BOOTPROTO=static
BROADCAST=255.255.255.255
IPADDR=192.168.1.18
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
ONBOOT=yes
TYPE=Ethernet
-------------------------------------------------------------------------------------------
设置DNS解析
#vi /etc/resolv.conf
-------------------------------------------------------------------------------------------
nameserver 192.168.1.1
nameserver 8.8.4.4
-------------------------------------------------------------------------------------------
12.bz2不能找到文件需要更新
yum -y install bzip2
13.安装对中文的支持
yum -y install fonts-chinese
yum -y install fonts-ISO8859-2
vi /etc/sysconfig/i18n
注释原来文件内容添加下文
-------------------------------------------------------------------------------------------
LANG="zh_CN.GB2312"
SUPPORTED="zh_CN.GB2312:zh_CN.UTF-8:zh_CN:zh:en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"
14.对于zip中文问题
jar xvf xxx.zip
15.安装7zip 32位
-------------------------------------------------------------------------------------------
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.i386.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.i386.rpm
64位 7zip
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.x86_64.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
-------------------------------------------------------------------------------------------
使用7z解压即可解决:7z x xxxx.zip
更新yum
*****************************************************************************
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.old
touch CentOS-Base.repo
vi CentOS-Base.repo
-------------------------------------------------------------------------------------------
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
http://centos.candishosting.com.cn/$releaserver/os/basearch/
http://centos.ustc.edu.cn/centos/$releasever/os/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/os/$basearch/
http://mirrors.ta139.com/centos/$releasever/os/$basearch/
http://mirror.be10.com/centos/$releasever/os/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
http://centos.candishosting.com.cn/$releaserver/updates/basearch/
http://centos.ustc.edu.cn/centos/$releasever/updates/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/updates/$basearch/
http://mirrors.ta139.com/centos/$releasever/updates/$basearch/
http://mirror.be10.com/centos/$releasever/updates/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/
http://centos.candishosting.com.cn/$releaserver/addons/basearch/
http://centos.ustc.edu.cn/centos/$releasever/addons/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/addons/$basearch/
http://mirrors.ta139.com/centos/$releasever/addons/$basearch/
http://mirror.be10.com/centos/$releasever/addons/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
http://centos.candishosting.com.cn/$releaserver/extras/basearch/
http://centos.ustc.edu.cn/centos/$releasever/extras/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/extras/$basearch/
http://mirrors.ta139.com/centos/$releasever/extras/$basearch/
http://mirror.be10.com/centos/$releasever/extras/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
http://centos.candishosting.com.cn/$releaserver/centosplus/basearch/
http://centos.ustc.edu.cn/centos/$releasever/centosplus/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/centosplus/$basearch/
http://mirrors.ta139.com/centos/$releasever/centosplus/$basearch/
http://mirror.be10.com/centos/$releasever/centosplus/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
--------------------------------------------------------------------------------------------
service yum restart (重启yum)
yum check-update 检查更新
转载请注明出处:http://blog.sina.com.cn/egoservice
Linux安全设置
******************************************************************************
1.关闭不必要的服务
yum -y install ntsysv
ntsysv
# 关闭不需要的服务按上面的安装关闭 ip6tables、jexec、kudzu、lvm2-monitor、mcstrans、netfs、rawdevices、restorecond
2.禁止Ctrl+Alt+Delete重新启动机器命令
vi /etc/inittab
注释掉: ca::ctrlaltdel:/sbin/shutdown -t3 -r now
设置/etc/rc.d/init.d/下权限
chmod -R 700 /etc/rc.d/init.d/*
3.限制su的使用,设置仅wheel用户使用
vi /etc/pam.d/su
取消下面行注释
> auth required pam_wheel.so use_uid
echo "SU_WHEEL_ONLY yes" >> /etc/login.defs
4.阻止ping(慎用)
# vi /etc/rc.d/rc.local
添加到文件末尾
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
5.防止ip欺骗
vi /etc/host.conf
添加下面几行
order bind,hosts
multi off
nospoof on
6.防止DoS攻击
对系统所有的用户设置资源限制可以防止DoS类型攻击,如最大进程数和内存使用数量等。
例如,可以在/etc/security/limits.conf中添加如下几行:
vi /etc/security/limits.conf
*hard core 0
*hard rss 5000
*hard nproc 50
然后必须编辑/etc/pam.d/login文件检查下面一行是否存在。
cat /etc/pam.d/login
# echo "sessionrequired/lib/security/pam_limits.so" >> /etc/pam.d/login
sessionrequired/lib/security/pam_limits.so
上面的命令禁止调试文件,限制进程数为50并且限制内存使用为5MB。
7.禁止ipv6
vi /etc/modprobe.conf
alias net-pf-10 off
alias ipv6 off
8.删除不必要的用户和组
userdel adm
userdel sync
userdel shutdown
userdel halt
userdel news
userdel uucp
userdel operator
userdel games
userdel gopher
userdel ftp
groupdel news
groupdel uucp
groupdel dip
9。更改SSH端口,不允许使用低版本的SSH协议,创建远程登录用户,禁止root登录
#vi /etc/ssh/sshd_config
将PORT改为1000以上端口
将#protocol 2,1改为protocol 2
禁止root登录,修改如下
PermitRootLogin no
例如
PORT 1984
Protocol 2
PermitRootLogin no
# 添加新端口到iptables中
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1984 -j ACCEPT
##注意这里必须添加远程登录用户,并添加到wheel用户组
-----------------------------------------------------------------------
useradd [-G wheel] yubaojian0616
passwd yubaojian0616
usermod -g wheel yubaojian0616
-----------------------------------------------------------------------
X.修改口令文件属性
chattr +i /etc/passwd
chattr +i /etc/shadow
chattr +i /etc/group
chattr +i /etc/gshadow
X+1.定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
crontab -e
* * * * * * ntpdate 210.72.145.44
Nginx安装
******************************************************************************
安装文件:nginx-1.0.4.tar.gz
安装目录:/usr/local/webserver/nginx
#添加用户和组
groupadd www
useradd -g www www
#安装必要的库
yum -y install wget
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz
cd /opt
tar -zxf pcre-8.10.tar.gz
cd pcre-8.10
./configure
make && make install
yum -y install openssl openssl-devel
cd /opt
tar -zxf nginx-1.0.4.tar.gz
cd nginx-1.0.4
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
#创建Nginx日志目录
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
#启动nginx
/usr/local/webserver/nginx/sbin/nginx
#设置自动启动
echo "ulimit -SHn 65535" >> /etc/rc.local
echo "/usr/local/webserver/nginx/sbin/nginx" >> /etc/rc.local
或者使用nginx服务启动
touch /etc/init.d/nginx
vi /etc/init.d/nginx
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# Init file for nginx server daemon
#
# chkconfig: 234 99 99
# description: nginx server daemon
#
# source function library
. /etc/rc.d/init.d/functions
# pull in sysconfig settings
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
RETVAL=0
prog="nginx"
PAT=/usr/local/nginx
NGINXD=/usr/local/webserver/nginx/sbin/nginx
PID_FILE=/usr/local/webserver/nginx/nginx.pid
start()
{
echo -n $"Starting $prog: "
$NGINXD 2>/dev/null $OPTIONS && success || failure
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/nginx
echo
}
stop()
{
echo -n $"Shutting down $prog: "
killproc nginx
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/nginx
return $RETVAL
}
reload()
{
echo -n $"Reloading nginx: "
killproc nginx -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status -p $PID_FILE nginx
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
#编写每天定时切割Nginx日志的脚本
1.
> vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
---------------------------------------------------------------------------------------------------
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
---------------------------------------------------------------------------------------------------
chmod +x /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
2。设置crontab,每天凌晨00:00切割nginx访问日志
#安装crontabs
yum -y install vixie-cron
yum -y install crontabs
crontab -e
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
MongoDB安装
******************************************************************************
MongoDB安装文件:mongodb-linux-i686-1.8.2.tgz
安装目录:/usr/local/webserver/mongodb
端口:27017
数据:/data0/mongo/27017/data/
日志:/data0/mongo/27017/log/
安装程序
mv mongodb-linux-i686-1.8.2.tgz /usr/local/webserver/
cd /usr/local/webserver/
tar -zxf mongodb-linux-i686-1.8.2.tgz
mv mongodb-linux-i686-1.8.2 mongodb
rm mongodb-linux-i686-1.8.2.tgz
创建目录
mkdir -p /data0/mongo/27017/data/
mkdir -p /data0/mongo/27017/log/
/usr/local/webserver/mongodb/bin/mongod -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&
查看是否启动成功
netstat -lanp | grep "27017"
关闭数据库
kill -15,killall mongod或者在client的shell里,use admin,执行db.shutdownServer()即可!
安装服务
vi /etc/init.d/mongodb
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# mongodb Startup script for the mongodb server
#
# chkconfig: - 64 36
# description: MongoDB Database Server
#
# processname: mongodb
#
# Source function library
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/mongodb ]; then
. /etc/sysconfig/mongodb
fi
prog="mongod"
mongod="/usr/local/webserver/mongodb/bin/mongod"
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon $mongod "--fork -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&"
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
reload)
reload
;;
status)
status $mongod
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/mongodb
chown root:root /etc/init.d/mongodb
chkconfig --add mongodb
chkconfig mongodb on
转载请注明出处:http://blog.sina.com.cn/egoservice
mysql安装
******************************************************************************
说明:
系统 :CentOS5(CentOS5.5)
mysql :mysql-5.1.48.tar.gz(源码版本)
安装目录:/usr/local/webserver/mysql
操作用户:mysql
字符集:utf-8,gbk,latin1
数据类型:innodb,myiasm,csv,federated
数据目录:/data0/mysql/3306/data/
二进制日志:/data0/mysql/3306/binlog/
relay日志:/data0/mysql/3306/relaylog/
my.cnf:/etc/my.cnf
mysql操作:/etc/init.d/mysql
_____________________________________________________________________________
1.安装gcc
#yum -y install gcc* ncurses-devel
2.创建用户
#groupadd mysql
#useradd -g mysql mysql
3.安装 mysql-5.1.48.tar.gz
#tar zxf mysql-5.1.48.tar.gz
#cd mysql-5.1.48
#./configure \
--prefix=/usr/local/webserver/mysql \
--with-charset=utf8 \
--with-extra-charset=gbk,latin1 \
--without-debug \
--without-bench \
--with-big-tables \
--with-readline \
--with-ssl \
--with-embedded-server \
--enable-local-infile \
--enable-assembler \
--enable-thread-safe-client \
--enable-profiling \
--with-mysqld-user=mysql \
--with-plugins=partition,innobase,myisammrg \
--with-csv-storage-engine \
--with-federated-storage-engine \
--with-client-ldflags=-all-static \
--with-mysqld-ldflags=-all-static \
--with-server-suffix=-community \
--with-unix-socket-path=/tmp/mysql.sock
#安装make
yum -y install make
#这里需要很长时间
#Entering directory `/root/mysql-5.1.48/mysql-test' 这里需要耐心
make && make install
#设置目录权限
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
#创建MySQL数据库存放目录
mkdir -p /data0/mysql/3306/data/
mkdir -p /data0/mysql/3306/binlog/
mkdir -p /data0/mysql/3306/relaylog/
chown -R mysql:mysql /data0/mysql/
#以mysql用户帐号的身份建立数据表:
/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/data0/mysql/3306/data --user=mysql
#创建my.cnf配置文件:(注意要在/etc/目录下)
vi /etc/my.cnf
------------------------------------------------------------------
[client]
port = 3306
socket = /tmp/mysql.sock
[mysqld]
character-set-server = utf8
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /tmp/mysql.sock
basedir = /usr/local/webserver/mysql
datadir = /data0/mysql/3306/data
log-error = /data0/mysql/3306/mysql_error.log
pid-file = /data0/mysql/3306/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 614
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 1M
join_buffer_size = 1M
thread_cache_size = 300
#thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 192K
transaction_isolation = READ-COMMITTED
tmp_table_size = 246M
max_heap_table_size = 246M
long_query_time = 3
log-slave-updates
log-bin = /data0/mysql/3306/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 1G
relay-log-index = /data0/mysql/3306/relaylog/relaylog
relay-log-info-file = /data0/mysql/3306/relaylog/relaylog
relay-log = /data0/mysql/3306/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 256M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
innodb_additional_mem_pool_size = 16M
innodb_buffer_pool_size = 512M
innodb_data_file_path = ibdata1:256M:autoextend
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 90
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0
#log-slow-queries = /data0/mysql/3306/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
------------------------------------------------------------------
#创建mysql启动文件
cp support-files/mysql.server.sh /etc/init.d/mysql
chmod +x /etc/init.d/mysql
chkconfig --add mysql
service mysql start
/usr/local/webserver/mysql/bin/mysql
#设置本地及远程数据库root登录密码
mysql> grant all on *.* to 'root'@'localhost' identified by '123456';
mysql> grant all on *.* to 'root'@'%' identified by '123456';
Mysql 安装成功
如果出现'@HOSTNAME@' command not found 可以修改脚本来对应.pid文件
##############################################################################################################
Linux下MySql的卸载
源码安装的卸载方法:
到源码目录,如果可以运行make uninstall就可以卸载。如果没有,就直接删除。
如果是./configure –prefix指定了目录用 rm -rf 目录名 删除
————————————————————-
[root@localhost ~]# cd /usr/local/src/mysql-5.1.45
[root@localhost mysql-5.1.45]# make uninstall
[root@localhost mysql-5.1.45]# cd ..
[root@localhost src]# rm -rf mysql-5.1.45
[root@localhost src]# cd ..
[root@localhost local]# ls
bin etc games include lib libexec [...]
删除所有应用目录
转载请注明出处:http://blog.sina.com.cn/egoservice
CentOS_5.5安装
*************************************************************************************
闲来没事自己做一个安装配置记录,以备以后用时候查看,如果有没有说到的大问题还请指教
转载请注明出处:http://blog.sina.com.cn/egoservice
***************CentOS_5.5安装*****************
1.分区(看各自需求)
/boot 100M
/swap 1576M
/
2.最小化安装
取消所有能取消的安装程序
3.用setup/ntsysv设置防火墙和ip
4.修改hostname
vi /etc/sysconfig/network
5.
编译出错:可能是系统时间不对应问题
# date -s "2009-09-10 00:33:30"
修改完后,记得输入:clock -w
把系统时间写入CMOS
6.
优化操作系统,避免too many open files错误
> ulimit -n
1024
> ulimit -n 65536
> vi /etc/sysctl.conf
添加
fs.file-max=65536
管理用户可以在 etc/security/limits.conf 配置文件中设置他们的文件描述符极限
soft nofile 65536
hard nofile 65536
7. 如果快平台的文本拷贝有问题
使用 vi -b 查看编码
8.优化Linux内核参数
>vi /etc/sysctl.conf
-------------------------------------------------------------------------------------------
# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
-------------------------------------------------------------------------------------------
>/sbin/sysctl -p
9.检查系统是否正常
# more /var/log/messages(检查有无系统级错误信息)
# dmesg(检查硬件设备是否有错误信息)
# ifconfig(检查网卡设置是否正确)
# ping www.163.com(检查网络是否正常)
10.如果vi时候按了Ctrl+s屏幕定住 可使用ctrl+q恢复
11.设置ip
#vi /etc/sysconfig/network-scripts/ifcfg-eth0
-------------------------------------------------------------------------------------------
# nVidia Corporation MCP51 Ethernet Controller
DEVICE=eth0
BOOTPROTO=static
BROADCAST=255.255.255.255
IPADDR=192.168.1.18
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
ONBOOT=yes
TYPE=Ethernet
-------------------------------------------------------------------------------------------
设置DNS解析
#vi /etc/resolv.conf
-------------------------------------------------------------------------------------------
nameserver 192.168.1.1
nameserver 8.8.4.4
-------------------------------------------------------------------------------------------
12.bz2不能找到文件需要更新
yum -y install bzip2
13.安装对中文的支持
yum -y install fonts-chinese
yum -y install fonts-ISO8859-2
vi /etc/sysconfig/i18n
注释原来文件内容添加下文
-------------------------------------------------------------------------------------------
LANG="zh_CN.GB2312"
SUPPORTED="zh_CN.GB2312:zh_CN.UTF-8:zh_CN:zh:en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"
14.对于zip中文问题
jar xvf xxx.zip
15.安装7zip 32位
-------------------------------------------------------------------------------------------
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.i386.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.i386.rpm
64位 7zip
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.x86_64.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
-------------------------------------------------------------------------------------------
使用7z解压即可解决:7z x xxxx.zip
更新yum
*****************************************************************************
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.old
touch CentOS-Base.repo
vi CentOS-Base.repo
-------------------------------------------------------------------------------------------
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
http://centos.candishosting.com.cn/$releaserver/os/basearch/
http://centos.ustc.edu.cn/centos/$releasever/os/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/os/$basearch/
http://mirrors.ta139.com/centos/$releasever/os/$basearch/
http://mirror.be10.com/centos/$releasever/os/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
http://centos.candishosting.com.cn/$releaserver/updates/basearch/
http://centos.ustc.edu.cn/centos/$releasever/updates/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/updates/$basearch/
http://mirrors.ta139.com/centos/$releasever/updates/$basearch/
http://mirror.be10.com/centos/$releasever/updates/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/
http://centos.candishosting.com.cn/$releaserver/addons/basearch/
http://centos.ustc.edu.cn/centos/$releasever/addons/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/addons/$basearch/
http://mirrors.ta139.com/centos/$releasever/addons/$basearch/
http://mirror.be10.com/centos/$releasever/addons/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
http://centos.candishosting.com.cn/$releaserver/extras/basearch/
http://centos.ustc.edu.cn/centos/$releasever/extras/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/extras/$basearch/
http://mirrors.ta139.com/centos/$releasever/extras/$basearch/
http://mirror.be10.com/centos/$releasever/extras/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
http://centos.candishosting.com.cn/$releaserver/centosplus/basearch/
http://centos.ustc.edu.cn/centos/$releasever/centosplus/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/centosplus/$basearch/
http://mirrors.ta139.com/centos/$releasever/centosplus/$basearch/
http://mirror.be10.com/centos/$releasever/centosplus/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
--------------------------------------------------------------------------------------------
service yum restart (重启yum)
yum check-update 检查更新
转载请注明出处:http://blog.sina.com.cn/egoservice
分享到:
发表评论
-
详解 Too many open files
2015-03-11 18:16 466运行在Linux系统上的Java程序可能会出现"To ... -
unix下vi使用小结以及常用命令
2013-11-28 09:22 971unix下vi使用小结以及常 ... -
10 个你必须掌握的超酷 VI 命令技巧
2013-07-01 22:17 918转载请注明: http://www.iteye.com/ne ... -
linux 查看系统版本
2012-12-21 15:31 852几种查看linux版本信息的方法: uname -a cat ... -
Linux查看程序端口占用情况
2011-06-27 23:15 1728Linux查看程序端口占用情况 今天发现服务器上Tomcat ... -
Linux下查看系统负载
2011-06-27 23:13 739Linux下查看系统负载 在Li ...
相关推荐
CIS_CentOS_Linux_7_Benchmark_v3.0.0.
在centos,redhat等linux系统上安装的linux版本的jdk1.6
jdk1.6.0_45,Linux 64位,Ubuntu 或者 CentOS 均可,亲测,解压即可用 (解压命令 tar -xf xxxxx.tar.gz), 配置环境变量 /etc/profile (非必要操作,因为 IDEA 可以直接选择 1.6 所在目录,无需添加环境变量) ...
jdk1.6 Linux/Centos都可以用 这是从官网下载的 请放心使用
Linux CentOS_5.5 图形安装教程
CentOS_5.5下FTP安装及配置详细介绍!
详细介绍oracle服务器在centos5.5操作系统下的安装教程
CentOS_x64_6.5_搭建Nginx+Vsftpd图片服务器1
openqrm_cloud_howto_deploying_physical_windows_systems_on_centos_5.5
centos7系统 下 jdk1.7 tomcat7.0 的安装包亲测可用的
mysql: mysql-standard-5.0.0-alpha-pc-linux-i686.tar.gz 下载后将安装文件放置于/usr/local/src/目录下.安装时解压到/usr/local/目录下.除了JDK的安装时,安装程序自动解压安装到/usr/java/jdk1.6.0….
阿里云centOs安装Ftp Jdk Tomcat Nginx Mysql Oracle
CentOS下安装配置JDK与Tomcat图解详细过程.doc
CENTOS_5.5下安装oracle_10g_完全手册,欢迎下载!
CIS_CentOS_Linux_7_Benchmark_v2.2.0,CIS 发布的关于Centos,Linux 安全基线检查标准
CentOS中架设jdk1.6+mysql+glassfishV3(tomcat6).pdf
最详细的CentOS_5.5_图形安装教程e及oracle安装配置
服务器CentOs6.6+ JDK1.7+Tomcat7+MySQL5.6安装部署记录
CentOS_5.5_图形安装教程、设置网络、PPPOE、软件源、硬盘安装
centos下安装jdk7+tomcat7+mysql5.5.28 这是目前比较新的版本的,经过测试,可用