Shulou(Shulou.com)06/01 Report--

How to configure CentOS system server environment, many novices are not very clear about this, in order to help you solve this problem, the following small series will explain in detail for everyone, there are people who need this can learn, I hope you can gain something.

CentOS system is used by many people, but some people are attracted by the reputation of CentOS system, the understanding of CentOS system is very little, below we will introduce the knowledge of CentOS system.

1. Check whether CentOS system is normal

# more /var/log/messages (check for CentOS kernel-level errors)

# dmesg (check for hardware error messages)

# ifconfig(check whether the network card settings are correct)

# ping www.discuz.net (check whether the network is normal)

2. Turn off unwanted services

ntsysv

The following lists only those services that need to be started, and those that are not listed can be turned off:

crond

irqbalance (Only required if the server CPU supports S.M. P-symmetric multi-processor architecture, e.g. 2 or more CPUs.) otherwise closed)

microcode_ctl

network

random

sendmail

sshd

syslog

3. Adjust TCP/IP network parameters to strengthen anti-syn_flood capability

# echo 'net.ipv4.tcp_syncookies = 1' >> /etc/sysctl.conf

# sysctl -p

4. Configure yum

1) rpm --import /usr/share/doc/centos-release-3/RPM-GPG-KEY-CentOS-3

2) yum list | tee /etc/yum.list

Yum is a powerful tool that can facilitate the management of RPM packages in CentOS systems. Yum can be used to upgrade and install RPM packages in CentOS systems for free through the network, and automatically determine and solve dependency problems during the upgrade installation process. At the same time, RPM packages can also be uninstalled and deleted. For details, see Discuz! A detailed introduction to yum in the Linux section of the Knowledge Base (kb.discuz.com/index.php? title=%E4%BD%BF%E7%94%A8yum%E7%AE%A1%E7%90%86CentOS_RPM )

5. RPM Required for Installation

Before installation, use rpm -qa| grep NAME Check if the following RPM package is already installed (replace NAME with the following package name in the command), and if CentOS shows that the RPM package is already installed, there is no need to install it again using yum!

gcc

gcc-c++

ntp

flex

bzip2-devel

ncurses-devel

libjpeg-devel

libpng-devel

libtiff-devel

freetype-devel

pam-devel

perl-CGI

perl-DBI

zlib-devel

yum install NAME (replace NAME with the RPM package name in the list above to start automatic network installation)

6. Check CentOS system time and set periodic time synchronization

1)date (confirm whether CentOS system time is correct)

2)ntpdate 210.72.145.44 (time correction with China National Time Service Center)

3)crontab -e Add a line of tasks to synchronize time every 30 minutes:

*/30 * * * * ntpdate 210.72.145.44 > /dev/null 2>&1

7. Restart CentOS system

init 6

8. Software required for source code compilation and installation environment

1) LibXML2

# cd /usr/local/src

# wget http://download.discuz.net/env/libxml2-2.6.24.tar.bz2

# tar xjvf libxml2-2.6.24.tar.bz2

# cd libxml2-2.6.24

# ./ configure --prefix=/usr/local/libxml2

# make

# make install

2) GD2

# cd /usr/local/src

# wget http://download.discuz.net/env/gd-2.0.33.tar.gz

# tar xzvf gd-2.0.33.tar.gz

# cd gd-2.0.33

# ./ configure --prefix=/usr/local/gd2 --mandir=/usr/share/man

# make

# make install

[edit] Upgrade OpenSSL and OpenSSH to enhance security

1)Upgrade OpenSSL

# cd /usr/local/src

# wget http://download.discuz.net/env/openssl-0.9.7j.tar.gz

# wget http://download.discuz.net/env/openssh-4.2p1.tar.gz

# tar xzvf openssl-0.9.7j.tar.gz

# cd openssl-0.9.7j

# ./ config --prefix=/usr/local/openssl

# make

# make test

# make install

# cd ..

2)Upgrade OpenSSH

# tar xzvf openssh-4.2p1.tar.gz

# cd openssh-4.2p1

# ./ configure --prefix=/usr --with-pam --with-zlib --with-ssl-dir=/usr/local/openssl --with-md5-passwords --mandir=/usr/share/man

# make

# make install

3)To prevent root from logging in directly, create an ordinary CentOS user here:

# useradd username

# passwd username

# vi /etc/passwd (change login shell for username in passwd file to/bin/sh)

# vi /etc/ssh/sshd_config (change #protocol 1,2 line to protocol 2)

# vi /etc/ssh/sshd_config (change #PermitRootLogin yes line to PermitRootLogin no)

# vi /usr/etc/sshd_config (change #protocol 1,2 line to protocol 2)

# vi /usr/etc/sshd_config (change #PermitRootLogin yes line to PermitRootLogin no)

# /etc/rc.d/init.d/sshd restart

Apache+PHP+MySQL+Zend Optimizer

1)download software

# cd /usr/local/src

# wget http://download.discuz.net/env/httpd-2.0.58.tar.bz2

# wget http://download.discuz.net/env/mysql-standard-5.0.22-linux-i686.tar.gz

# wget http://download.discuz.net/env/php-5.1.4.tar.bz2

# wget http://download.discuz.net/env/ZendOptimizer-3.0.1-linux-glibc21-i386.tar.gz

2)install MySQL

# tar xzvf mysql-standard-5.0.22-linux-i686.tar.gz

# useradd mysql

# mv mysql-standard-5.0.22-linux-i686 /usr/local/mysql

# cd /usr/local/mysql

# scripts/mysql_install_db --user=mysql

# chown -R root .

# chown -R mysql data

# chgrp -R mysql .

# mv data /var/lib/mysql

# ln -s /var/lib/mysql ./ data

# cp support-files/my-large.cnf /etc/my.cnf

# bin/mysqld_safe --user=mysql &

# bin/mysqladmin -u root password newpassword_for_root

Did reading the above help you? If you still want to have further understanding of related knowledge or read more related articles, please pay attention to the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.