Administration Essential ÀÐÀ½:721 1. Shared resource ÀÇ Æ¯¼º Private resource (local CPU, Memoryµî) ÀÚ½ÅÀÌ °¡Áö°í ÀÖ´Â °ÍÀº ÀÚ±â ÀÚ½ÅÀÇ °ÍÀ» ÀÌ¿ëÇÏ°í, ±× ÀÌ¿ÜÀÇ °ÍÀº ¼­·Î ShareÇÔÀ¸·Î½á ºÎÁ·ÇÑ Á¡À» º¸¿ÏÇÏ¿© Á»´õ PowerfulÇÏ°Ô »ç¿ëÇÒ ¼ö ÀÖ´Ù. ( BackupÀÇ Áß¾Ó ÁýÁßÈ­, °ü¸®ÀÇ ÀÏ¿øÈ­, °¢Á¾ PeripheralsÀÇ Shareµî) 2. StandaloneÀÇ file system±¸Á¶ 1) / (root) - Machine-specific files, directories crucial for system operation 2) /usr - The system's software 3) /opt - Be used to store unbundled and third-party software 3. System modelº° kernel architecture SPARCstation SLC Sun4c SPARCstation ELC Sun4c SPARCstation IPC Sun4c SPARCstation IPX Sun4c SPARCstation 1 Sun4c SPARCstation 1+ Sun4c SPARCstation 2 Sun4c SPARCstation 4 Sun4m SPARCstation 5 Sun4m SPARCstation 10 Sun4m SPARCstation 10SX Sun4m SPARCstation 20 Sun4m SPARCstation LX Sun4m SPARCstation LX+ Sun4m SPARCclassic Sun4m SPARCclassic X Sun4m SPARCstation Voyager Sun4m Ultra 1 series Sun4u Ultra 2 series Sun4u Ultra Enterprise series Sun4u SPARCserver 300 Sun4 SPARCserver 400 Sun4 Sun-4/100 series Sun4 Sun-4/200 series Sun4 SPARCstation 600MP Sun4m SPARCsystem 1000 Sun4d SPARCcenter 2000 Sun4d SPARCengine 1E Sun4e * SESSION #2 Installing a Server 1. ½Ã½ºÅÛ ±¸¼º»ó ÃÖ¼Ò memory size 16Mbytes 2. S/W Configuration Clusterº° disk¿ë·® Configuration Cluster Sol_2.3 Sol_2.4(Eng.) Sol_2.4(Kor.) Sol_2.5 Entire Distribution 273.98M 358M 468M 350M Developer system Supp. 208.46M 269M 379M 280M End User system Supp. 138.57M 174M 217M 180M Core System Supp. 43.71M 71M 104M 80M 3. Server/Client ±¸¼º¿¡¼­ Diskless/Dataless clientÀÇ Ç¥ÁØfile system 1) Diskless Client / (root) /usr /opt /export/home /export/swap /export´Â Server¿¡ ¸¸µé¾îÁö´Â °ÍÀ¸·Î½á ´ÙÀ½ÀÇ ³»¿ëÀ» °®°íÀÖ´Ù. °¢ Diskless Client¸¦ À§ÇÑ root directory °¢ Diskless Client¸¦ À§ÇÑ /usr files /usrÀº Client°¡ Server¿Í °°Àº Architecture¶ó¸é ServerÀÇ /usr directory¸¦ ShareÇؼ­ »ç¿ëÇÒ ¼ö ÀÖ°í, ´Ù¸¥ °æ¿ì¶ó¸é ÀÌ °÷¿¡¼­ ºÒ·¯¼­ »ç¿ëÇÑ´Ù. 2) Dataless Client / (root) swap ( /usr, /home, /opt´Â °°Àº Network»óÀÇ ´Ù¸¥ systemÀÇ °ÍÀ» ÀÌ¿ëÇÑ´Ù.) * SESSION #3 The Boot Process 1. System boot procedure step ¦£ PROM runs self-test ¦¢ diagnostics ¦¢ Boot PROM Phase < ¡é ¦¢ ¦¢ PROM loads the boot block ¦¦ (bootblk) program ¡é ¦£ The boot block program loads ¦¢ the (ufsboot) boot program ¦¢ Boot Promgram Phase < ¡é ¦¢ ¦¢ The (ufsboot) boot program ¦¦ loads the kernel ¡é Kernel Initialization / The kernel initializes itself & Phase \ starts the init process ¡é The /sbin/init Phase / The init process starts the \ run control scripts 2. BootingÁß user°¡ ƯÁ¤ ±â´ÉÀ» Ãß°¡ÇÏ¿© running½Ãų¼ö ÀÖ´Â Run Control File 1) /etc/init.d/README fileÀ» ÂüÁ¶ÇÏ¿© Startup fileÀ» ¸¸µç´Ù. 2) Startup fileÀº /etc/rc*.d directory¹Ø¿¡ °íÀ¯ÇÑ sequence number¸¦ ºÎ¿©¹Þ´Â´Ù. 3) Startup fileÀº /etc/init.d¹Ø¿¡ À§Ä¡½ÃÅ°¸ç, ServiceÇϱ⸦ ¿øÇÏ´Â run levelÀÇ À§Ä¡(/etc/rc*.d)¿¡ link½ÃŲ´Ù. ex) [vian:/]# more /etc/init.d/sample echo 'Hello .....' [vian:/]# cd /etc/rc3.d [vian:/]# ln -s /etc/init.d/sample S20sample 3. System Run Level SystemÀº ¼º°øÀûÀ¸·Î bootingÀÌ µÇ¾ú´Ù¸é, default·Î run level3·Î bootingÀÌ µÈ´Ù. - Single-user state´Â systemÀÇ console·Î superuserÀÇ ÀÚ°ÝÀÌ µÈ´Ù. ±×¸®°í, superuserÀÇ passwd¸¦ ¾Ë¾Æ¾ß¸¸ÀÌ loginµÉ ¼ö ÀÖ´Ù. - Multiuser state´Â ¸ðµç terminalÀÌ Á¤ÀÇ°¡ µÈ »óÅÂÀ̸ç, ¸ðµç daemon processes°¡ runningµÈ »óŸ¦ ÀǹÌÇÑ´Ù. Run Level Function Command 0 PROM monitor level init 0, shutdown -i0, halt 1 Administrative state init 1, shutdown -i1 ( Single-user state; some file system mounted & user logins disabled ) 2 Multiuser level init 2, shutdown -i2 ( No resources shared ) 3 Multiuser level init 3, shutdown -i3 ( resources shared ) 4 Not currently used 5 Halt and interactive boot (boot -a) init 5, shutdown -i5 6 Reboot to default run level 3 init 6, shutdown -i6 S,s Single-user state; some file systems init s mounted & user logins disabled * Session #4 Autoconfiguration 1. Autoconfiguration ProcessÀÇ ÀÌÁ¡ 1) Çʿ䶧¿¡ Modulesº°·Î load¸¦ Çϱ⶧¹®¿¡ main memory¸¦ ¾ÆÁÖ È¿À²ÀûÀ¸·Î »ç¿ëÇÒ ¼ö ÀÖ´Ù. 2) System¿¡ »õ·Î¿î Device¸¦ AddÇÒ °æ¿ì KernelÀ» »õ·ÎÀÌ reconfiguringÇÒ ÇÊ¿ä°¡ ¾ø±â¶§¹®¿¡, ±× ½Ã°£À» ³¶ºñÇÒ ÇÊ¿ä°¡ ¾ø´Ù. - »õ·Î¿î Device addÇÒ °æ¿ì kernelÀ» rebuildÇÒ ÇÊ¿ä¾øÀÌ, systemÀ» rebootÇϸé dirver¸¦ loadÇÏ¿© »ç¿ëÇÒ ¼ö ÀÖ´Ù. 2. Kernel configurationÀÇ ¼öÁ¤½Ã ÀÛ¾÷ÀýÂ÷ /etc/system fileÀ» ¼öÁ¤ÇÏ°í, rebootingÀ» ÇØ ÁØ´Ù. 1) cp /etc/systrem /etc/system.org 2) /etc/system Modifying 3) reboot -- -r * Session #5 Device Configuration 1. »õ·Î¿î Device ±¸ÃàÀ» À§ÇÑ ÀÛ¾÷ÀýÂ÷ Reconfiguration process¸¦ ½ÇÇàÇÔÀ¸·Î½á /devices¿Í /dev¿¡ »õ·Î¿î device¿¡ ´ëÇÑ Á¤º¸µîÀ» »ý¼º½ÃŲ´Ù. 1) Touch /reconfigure 2) Halt the system 3) Turn the power off 4) System¿¡ »õ·Î¿î device¿¬°á 5) Turn the power back on => ok. boot -r ( or [vian:/]# reboot -- -r ) * session #6 Changing Run Levels 1. Init commandº° Ư¼º Run Level Function Command 0 PROM monitor level init 0, shutdown -i0, halt 1 Administrative state init 1, shutdown -i1 ( Single-user state; some file system mounted & user logins disabled ) 2 Multiuser level init 2, shutdown -i2 ( No resources shared ) 3 Multiuser level init 3, shutdown -i3 ( resources shared ) 4 Not currently used 5 Halt and interactive boot (boot -a) init 5, shutdown -i5 6 Reboot to default run level 3 init 6, shutdown -i6 S,s Single-user state; some file systems init s mounted & user logins disabled Q,q Tell the init program to re-read the /etc/inittab file 2. Boot PROM»óÀÇ command 1) boot 2) banner ; system's PROM version number, CPU, Host-id, Ethernet address Memory etc. 3) probe-scsi, probe-scsi-all, probe-ipi ; Identify what devices are connected to the system. 4) printenv ; Display the default boot device. 5) setenv ; Reset PROM setting, printenv to verify the new setting, and 'reset' to confirm the change and reboot. 3. Áß¿äÇÑ system fileÀÇ missingÀ¸·Î ÀÎÇÑ ¿À·ù½Ã º¹±¸ÀýÂ÷ 1) ok. prompt »óÅ¿¡¼­ 'boot -a'·Î boottingÇÑ´Ù. 2) /etc/system file µî ¼öÁ¤ ÀÛ¾÷ ÀÌÀü¿¡ copyÇØ µÎ¾ú´ø file·Î boottingÀ» ÇÑ´Ù. * Session #7 Basic Security Features 1. Passwd file¿¡ ´ëÇÑ Æ¯¼º User¿¡ ´ëÇÑ °¡Àå ±âº»ÀûÀÎ Á¤º¸µîÀ» °®°íÀÖ´Â file·Î½á, user-name, user_id, group-id, home_directory, login_shellµîÀ» Á¤ÀÇÇÑ´Ù. 2. setuid & setgidÀÇ Æ¯¼º UID¿Í GID¸¦ ProgramÀ» ¼öÇàÇÒ¶§¿¡´Â ±× process¸¦ »ý¼ºÇÑ process·ÎºÎÅÍ ¹Þ´Â°ÍÀÌ ¾Æ´Ï¶ó, ÀÚ±â ÀÚ½ÅÀÇ inodeÁ¤º¸·ÎºÎÅÍ ¹Þ´Â´Ù. 1) Executable Program - setuid permission ; ´©±¸µçÁö ±× programÀ» ¼öÇàÇÏ´Â user°¡ ±× programÀÇ owner permissionÀ¸·Î programÀ» ¼öÇàÇÑ´Ù. - setgid permission ; ´©±¸µçÁö ±× ProgramÀ» ¼öÇàÇÏ´Â user°¡ ±× programÀÇ group ¼Ò¼Ó permissionÀ¸·Î ÇàÇÒ ¼ö ÀÖ´Ù. 2) Directory : Process¼öÇàÁß¿¡ GID°¡ ±× file (directory)ÀÇ GID·Î ¹Ù²ï´Ù. * Session #8 Creating User Accounts 1. Admintool¿¡¼­ »ç¿ëµÇ´Â °ü¸® toolÁ¾·ù 1) Database manager ; /etc¹Ø¿¡ °¢Á¾ Á¤º¸µéÀ» ´ã°íÀÖ´Â ¿©·¯Á¾·ùÀÇ databases file µéÀ» add, modify, deleteµîÀ» ÇÒ ¼ö ÀÖ´Ù. (aliases, auto_home, ethers, group, hosts, netmasks, passwd, protocaols, services, timezoneµî) 2) Serial manager ; SystemÀÇ serial portµéÀÇ Á¤ÀǸ¦ ÇÑ´Ù. 3) printer manager ; SystemÀÌ ÀÌ¿ëÇÏ´Â printerµéÀ» Á¤ÀÇ. (local, remote printer) 4) Host manager ; °¢ hostµé¿¡ ´ëÇؼ­ ÀÚ¼¼ÇÑ Á¤º¸·Î batabaseÈ­. 5) User Account manager ; User AccountÀÇ Add, Modify, Deleteµî. 6) Software manager ; System¿¡¼­ ¿î¿µµÇ°íÀÖ´Â °¢ SoftwareµéÀ» ºÐ·ùÇÏ¿© databaseÈ­ ÇÏ¿© °ü¸®ÇÑ´Ù. (¸ðµçsoftware, ÀÀ¿ësoftware, system software) -> SOlaris 2.5À̻󿡼­ Áö¿øµÇ°íÀÖ´Ù. * Session #9 User Account Maintenance 1. /etc/shadowÀÇ Æ¯¼º The Account security information (Passwd, Min Change, Max Change, Max Inactive, Expiration Date, and Warningµî)À» ´ã°íÀÖ´Ù. Superuser¸¸ÀÌ readÇÒ ¼ö ÀÖ´Ù. 2. /etc/default directoryÀÇ °¢ fileº° ±â´É [vian:/etc/default]# ls ./ cron* init* passwd tar ../ fs login su utmpd 1) cron [vian:/etc/default]# cat cron CRONLOG=YES 2) fs filesystem type Á¤ÀÇ [vian:/etc/default]# cat fs LOCAL=ufs 3) init /etc/TIMEZONE file°ú symbolic linkµÇ¾îÀÖ´Ù. TZ, LANG, °¢Á¾ LC_*ȯ°æsetup³»¿ëµîÀ» ´ã°í ÀÖ´Ù. [vian:/etc/default]# cat init TZ=ROK LANG=ko 4) login 2°³ÀÇ Important security parameters¸¦ °®°íÀÖ´Ù. (root login, passwd) [vian:/etc/default]# cat login #ident "@(#)login.dfl 1.7 93/08/20 SMI" /* SVr4.0 1.1.1.1 */ #TIMEZONE=EST5EDT : Á¤º¸¸¦ ¾Êº¸¿©ÁØ´Ù. »ç¿ë¾ÊÇÔ. HZ=100 : " #ULIMIT=0 : " #CONSOLE=/dev/console : console¿¡¼­ root·Î loginÇÒ ¼ö ÀÖ´ÂÁöÀÇ ¿©ºÎ. (¿­·ÁÀÖÀ¸¸é root·Î login ºÒ°¡) #PASSREQ=YES : root¸¦ Á¦¿ÜÇÑ ¾î¶² »ç¿ëÀÚµµ login½Ã passwd¸¦ ÀÔ·ÂÇؾßÇÑ´Ù.(yesÀΰæ¿ì) ALTSHELL=YES : window±¸µ¿½Ã ȯ°æº¯¼öÀÎ shell°ª ¼³Á¤¿©ºÎ (No - deault_shell;sh·Î ±¸µ¿) #PATH=/usr/bin: : The initial shell PATH variable #SUPATH=/usr/sbin:/usr/bin : The initial shell PATH variable for root #TIMEOUT=300 : The number of seconds(between 0 and 900) to wait before abandoning a login session. #UMASK=022 : The initial shell file creation mode mask SYSLOG=YES 5) passwd passwd¿¡ ´ëÇÑ Á¤ÀÇ [vian:/etc/default]# cat passwd #ident "@(#)passwd.dfl 1.3 92/07/14 SMI" MAXWEEKS= : º¯°æ¿¡ ´ëÇØ Á¤ÀǸ¦ ¾ÊÇßÀ» °æ¿ì MINWEEKS= : " PASSLENGTH=6 : º¯°æÇÒ ¼ö ¾ø´Ù. 6) su [vian:/etc/default]# cat su #ident "@(#)su.dfl 1.6 93/08/14 SMI" /* SVr4.0 1.2 */ SULOG=/var/adm/sulog : login message¸¦ ÀúÀå (su ÀÌ¿ëÇÏ¿©) #CONSOLE=/dev/console : Super user·Î Switch userÇÒ¶§¿¡¸¸ console ¿¡ Ãâ·Â ¸ðµç ³»¿ëÀº Super user¸¸ÀÌ ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù. 7) tar TapeÀÇ block size¿Í blockÀÇ number¸¦ Á¤ÀÇ [vian:/etc/default]# cat tar # device block size archive0=/dev/rmt/0 20 0 archive1=/dev/rmt/0n 20 0 archive2=/dev/rmt/1 20 0 archive3=/dev/rmt/1n 20 0 archive4=/dev/rmt/0 126 0 archive5=/dev/rmt/0n 126 0 archive6=/dev/rmt/1 126 0 archive7=/dev/rmt/1n 126 0 8) utmpd [vian:/etc/default]# cat utmpd SCAN_PERIOD=300 * Session #10 Using the Automated Security Enhancement Tool(ASET) 1. ASETÀÇ 7°¡Áö task Task Report Name - Verifies appropriate system file permission tune.rpt - Examines owner and permission, link, and cklist.rpt size of important system files - Checks the contents of system configuration sysconf.rpt files such as /etc/default/login - Checks the consistency and integrity of usrgrp.rpt /etc/passwd and /etc/group entries - Checks initialization files (.profile, .login, env.rpt .cshrc) for umask and PATH variable settings - Verifies appropriate EEPROM security parameter eeprom.rpt - Verifies that a router can be used as a firewall firewall.rpt * Session #11 Device Administration Introduction 1. Serial°ú ParallelÀÇ Â÷ÀÌ 1) Serial - Serial fashion»ó¿¡¼­ data¸¦ Àü¼ÛÇÏ´Â communications hardware one bit¾¿ Àü¼ÛµÈ´Ù. ( serial printer, modem, terminalµî ) 2) Parallel - µ¿½Ã¿¡ one¶Ç´Â more bytes·Î data¸¦ Àü¼ÛÇÏ´Â communications hardware 2. RS-232 interfaseÀÇ pin Ư¼º A DTE device - Transmits on pin 2, Receive on pin 3 A DCE device - Transmits on pin 3, Receive on pin 2 # DTE (Data terminal equipment) ; Termianl, Workstation, Printer etc. DCE (Data communication equipment) ; Modem, Multiplexors, data switches etc. * Session #12 Introduction to the Service Access Facility 1. Service Access ControllerÀÇ ±¸Á¶ sac - ttymon°ú listenµîÀÇ ¸ðµç port monitor °ü¸®¸¦ ÇÑ´Ù. /etc/inittab file¾È¿¡¼­ run level 2¿¡ µî·ÏµÇ¾î ÀÖ°í, ±×¶§ ½ÇÇàÇÑ´Ù. init starts sac at run level 2 ¦¢ ¦¢ ¡é sac reads : Àü¹ÝÀûÀÎ system configuration /etc/saf/-sysconfig (default´Â ¾øÀ½) ¦¢ ¦¢ ¡é sac reads : ¾î¶² port monitor¸¦ °¡µ¿ÇÒ°ÍÀÎÁö /etc/saf/_sactab ÂüÁ¶ÇÏ´Â file ¡ü £¯ ¡¬ ¢× ¢Ù ttymon listen : process name ( ttymon-zsmonÀ» tag reads _pmtab reads _pmtab ·Î »ç¿ë, listen-tcp¸¦ tag·Î »ç¿ë) £¯¦¢¡¬ ¦¢¡¬ £¯ ¦¢ ¡¬ ¦¢ ¡¬ ¢× ¡é ¢Ù ¡é ¢Ù login login login remote lp remote lpNet(lpsched) service service service service service 2. TTY Port MonitorÀÇ °ü·Ã file 1) /etc/ttydefs °¢ portÀÇ speed¿Í termnal settingÀÇ ÃʱâÈ­ 2) /var/adm/utmp - login Á¤º¸°¡ µé¾î°£´Ù. - binary file UserÀÇ È®½ÇÇÑ ÀÔ·ÂÀÌ ÀÖÀ¸¸é, ttymonÀº ÀÌ file¾È¿¡ service environment¿Í portÀÇ login serviceÀÇ ³»¿ëÀ» Á¤ÀÇÇÑ´Ù. service°¡ ÁߴܵǸé(logout) ttymon monitor´Â ~/utmp¸¦ »èÁ¦ÇÏ°í, port¸¦ ÃʱâÈ­ÇÑ´Ù. * Session #13 Adding Terminals and Modems 1. sacadmÀÇ ±â´É ttymon°ú listen port monitors¸¦ add, removeÇÒ¶§ »ç¿ëÇÑ´Ù. - Port monitors are started and enabled by default when they are added. - Port monitors are stoped and disabled by default when they are removed. - Port monitors accept requests for service when they are enabled. - Port monitors continue existing services and refuse to add new services when they are disabled. - All port monitor services are terminated when they are killed. 2. pmadm command »ç¿ë¹ý°ú ±â´É This is the service administration command used to associated a port monitor instance with the service it provides. (add or remove a service and to enable or disable a service.) - Service tag, Port monitor type etc. - Command format; pmadm -a -p -s -i -f -v -m "'ttyadm -l -d -T -i 'message' -s -S '" - Options; a Specifies the add option to add a service for a particular port monitor. p Specifies the pmtag associated with the port monitor. s Specifies the service tag. i Specifies the identufy to be assigned to the service. f Specifies a flag associated with the service to be added:u, to create a utmp entry; or x, do not enable the service. v Specifies the port monitor version number. m Specifies ttymon-specific configuration information provided by the ttyadm command. l List all port monitor. d Disable a service. e Enable a service, It is not possible to enable a service if the port monitor has been killed. 3. SAF°ü·Ã commandÀÇ ÀÌÇØ 1) sacadm ; The sac administrative command used to add, remove, disable, and monitor port monitors. 2) pmadm ; The service administration command used to associate a port monitor instance with the service it provides. 3) ttyadm ; This command provides ttymon-specific information, such as the port device name, to the pmadm command. 4) nlsadmin ; This command provides listen-specific information, such as the server providing the service, to pmadm command. * Session #14 Administering Remote Access 1. Network°ü·Ã fileÀÇ ÀÌÇØ 1) IP_Adress Á¤ÀÇ ; /etc/hosts 2) Hostname Á¤ÀÇ ; /etc/hosts, ~/hostname.xxy, ~/nodename, ~/net/ticlts/hosts, ~/net/ticots/hosts, ~/net/ticotsord/hosts 3) Netmask Á¤ÀÇ ; /etc/netmasks 4) Domain name Á¤ÀÇ ; /etc/defaultdomain 2. Remote Access AuthenticationÀÇ ÀÌÇØ User A rlogin or rsh/rcp ¦¢ Host X ¦¢----------------------------------------------------- ¡é remote host User A Yes in /etc/passwd? ¦¡¦¡¦¡¦¤ ¦¢ ¦¢ ¦¢No ¦¢ ¡é Yes ¦¢ Superuser? ¦¡¦¡¦¡¦¤¦¢ ¦¢ ¦¢¦¢ ¦¢No ¦¢¦¢ ¡é ¦¢¦¢ Access Yes Host X in ¦¢¦¢ allowed ¡ç¦¡¦¡¦¡ /etc/hosts.equiv? ¦¢¦¢ ¦¢ ¦¢¦¢ No¦¢¡ç¦¡¦¡¦¡¦¡¦¡¦¥¦¢ ¡é ¦¢ Access Yes Host X, User A ¦¢ ¦£¦¡¦¡¦¡¦¡¦¡ Log in ¡ç¦¡¦¡¦¡¦¤ allowed ¡ç¦¡¦¡¦¡ in $HOME/.rhosts? ¦¢ ¦¢ prompt ¦¢ ¦¢ ¦¢ ¦¢ ¦¢ No¦¢¡ç¦¡¦¡¦¡¦¡¦¡¦¡¦¥ ¦¢ ¦¢ ¡é ¡é ¦¢ rlogin or ¦¡¦¡¦¡¦¡¡æ Password ¦¡¦¡¡æ password No ¦¢ rsh/rcp rlogin prompt correct? ¦¡¦¡¦¥ ¦¢ ¦¢ rsh/rcp¦¢ ¦¢Yes ¡é ¡é Access Access denied allowed 3. Internet Network ClassesÀÇ ÀÌÇØ 4°³ÀÇ 8-bit fields·Î ±¸¼ºµÈ 32 bitsÀÇ adressÀÌ´Ù. °¢ 8-bit field´Â 10Áø¼ö 0 - 255ÀÇ ¼ö¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù. [ 0 - 255 ; 0 - 255 ; 0 - 255 ; 0 - 255 ] - Network Number ; NetworkÀ» ±¸ºÐÇϱâÀ§ÇÑ number. - Host Number ; ÇϳªÀÇ Network¿¡¼­ °¢ hostÀÇ °íÀ¯ÇÑ nnumber. 0, 255´Â broadcast adress·Î½á »ç¿ëÀ» ÇÒ ¼ö ¾ø´Ù. 1) Class A - Very Large Networks (up to 16Million Hosts) The first bit is 0, ³ª¸ÓÁö 7bitsÀÌ Network number. ´Ü, 127.0.0.1Àº localhost network number·Î½á, network¿¡ °ü°è¾øÀÌ local systemÀÇ networkÀ» basedÇÑ software¸¦ »ç¿ëÇÒ¶§ ÀÌ¿ëÇÑ´Ù. [ £± - £±£²£· ; 0 - 255 ; 0 - 255 ; 1 - 254 ] 2) Class B - Large Networks (Up to 65,000 Hosts) The first 2 bits are 10, ³ª¸ÓÁö 14bitsÀÌ Network number. [ £±£²£¸ - £±£¹£± ; £° - £²£µ£µ ; 0 - 255 ; 1 - 254 ] 3) Class C - Small and mid-Sized Networks (Up to 254 Hosts) The first 3 bits are 110, ³ª¸ÓÁö 21bitsÀÌ network number. [ £±£¹£² - £²£²£³ ; £° - £²£µ£µ ; £° - £²£µ£µ ; 1 - 254 ] * Session #15 Configuring the NFS Environment 1. Mounting File ResourceÀÇ ÀÌÇØ The Distributed File System (DFS) Administration command set contains commands for sharing and mounting file resources. Super User¸¸ÀÌ Remote file resource¸¦ share, mountÇÒ ¼ö ÀÖÀ¸¸ç, ÀÌ pakage´Â ¶ÇÇÑ super user¸¸ÀÌ automatically share, mount¸¦ set up ÇÒ ¼ö ÀÖ´Ù. NFS Server | NFS Client Sharing Resources | Mounting Resources ¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡|¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¡ share & unshare | mount & umount shareall & unshareall | mountall & umountall /etc/dfs/dfstab | /etc/vfstab 2. NFS ¼öÇà½Ã ÇÊ¿äÇÑ daemon 1) NFS Server /etc/dfs/dfstab¿¡ shareÇÏ´Â ³»¿ëÀÌ ±â·ÏµÇ¾îÀÖ´Ù¸é, run level 3¿¡¼­ ÀÚµ¿À¸·Î ÀÌ daemonµéÀº ±¸µ¿ÀÌ µÈ´Ù. - The Mount Daemon . /usr/lib/nfs/mountd ; NFS mount request°¡ ¹ß»ýÇϸé, mount process´Â serverÀÇ mount daemon°ú contactÇÏ¿© resource fileÀ» mountÇÑ´Ù. mountµÈ resource fileÀÇ Á¤º¸µéÀº mount process¿¡ ÀÇÇØ /etc/mnttab file¿¡ ±â·ÏµÈ´Ù. - The NFS Server Daemon . /usr/lib/nfs/nfsd # ÀÌ server daemonµéÀº '/etc/init.d/nfs.server' script¿¡ÀÇÇØ ±¸µ¿µÈ´Ù. 2) NFS Client /etc/vfstab¿¡ mountÇÏ´Â ³»¿ëÀÌ ±â·ÏµÇ¾î ÀÖ´Ù¸é run level 2¿¡¼­ ÀÚµ¿À¸·Î ÀÌ daemonµéÀº ±¸µ¿µÈ´Ù. - Locking Daemons . /usr/lib/nfs/lockd, /usr/lib/nfs/statd ; NFS»ó¿¡¼­ crash/recovery functions°ú services¸¦ lockingÇϴ¿ªÈ°À» ÇÑ´Ù. # lock - remote data¿¡´ëÇØ editingÀÛ¾÷½Ã ´Ù¸¥ client°¡ ÀÛ¾÷À» ¸ø ÇÏ°Ô²û lockÀ» °Ç´Ù. statd - lockÀÌ °É·ÁÀÖ´Â °æ¿ì ÇÑÂÊ systemÀÌ downµÇ¸é ±× Á¤º¸¸¦ ´Ù¸¥ system¿¡ ¾Ë·ÁÁÖ´Â ¿ªÈ°À» ÇÑ´Ù. - aotumount Daemon resource fileÀ» ÀÚµ¿À¸·Î mountÇϴµ¥ ÀÌ¿ëµÈ´Ù. # ÀÌ client daemonµéÀº '/etc/init.d/nfs.client' script¿¡ ÀÇÇؼ­ ±¸µ¿µÈ´Ù. 3. NFS ¼öÇà½Ã error message¿¡ µû¸¥ ÇØ°áÃ¥ 1) nfs mount : mers:: RPC: Name to address translation failed - n2a: hostname not found ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, server¸¦ ¾î¶² °ÍÀÎÁö Àß ¸ð¸£°íÀÖÀ»¶§ ³ªÅ¸³­´Ù. Sol =¡· /etc/hosts file¿¡¼­ hostnameÀ» checkÇØ º»´Ù. 2) NFS server mars not responding, still trying ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, ¾Ë°íÀÖ´Â server¸¦ ãÁö ¸øÇÒ¶§ ³ªÅ¸³­´Ù. Sol =¡· ¨ç Server°¡ downµÇÀÖ´ÂÁö checÇغ»´Ù. ¨è NetworkÀ» checkÇØ º»´Ù. (server¿Í local system) 3) nfs mount: mars:: RPC: Program not registered ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, server¸¦ ã±â´Â Çߴµ¥, ±× server¿¡¼­ daemonµéÀÌ ±¸µ¿µÇÁö ¾Ê°íÀÖÀ»¶§ ³ªÅ¸³­´Ù. Sol =¡· ¨ç server¿¡¼­ 'who -r'·Î run level 3·Î bootingÀÌ µÇ¾îÀÖ´ÂÁö È®ÀÎÇØ º»´Ù. ¨è server¿¡¼­ 'ps -e'·Î NFS server daemonµéÀÌ ±¸µ¿µÇ°í ÀÖ´ÂÁö È®ÀÎÇÏ°í, ±¸µ¿ÀÌ µÇ¾îÀÖÁö¾Ê´Ù¸é, '/etc/init.d/nfs.server start'·Î daemonµéÀ» ±¸µ¿½ÃŲ´Ù. 4) nfs mount: mars:/opt: No such file or directory ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, serverÀÇ resource file (or directory)¸¦ ãÁö ¸øÇßÀ»¶§ ³ªÅ¸³­´Ù. Sol =¡· server¿¡ ±× file (or directory)°¡ ÀÖ´ÂÁö È®ÀÎÀ» Çغ¸°í, /etc/vfstab¿¡ Á¤È®È÷ ¾º¿©ÀÖ´ÂÁö¸¦ È®ÀÎÇØ º»´Ù. 5) mount: mount-point /DS9 does not exist. ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, mount point°¡ Á¦´ë·Î ¸í½ÃµÇÀÖÁö ¾ÊÀ»¶§ ³ªÅ¸³­´Ù. Sol =¡· client¿¡¼­ mount point°¡ Á¸ÀçÇÏ°íÀÖ´ÂÁö ¸ÕÀú È®ÀÎÇÏ°í, mount¸¦ ÇÒ¶§ command (or /etc/vfstab)¸¦ Á¦´ë·Î ½è´ÂÁö È®ÀÎÇÑ´Ù. 6) le0: No carrier - transceiver cable problem? ÀÌ mesaage´Â bootingÀ» ÇÒ¶§, ȤÀº mount request¸¦ º¸³ÂÀ»¶§ ³ªÅ¸³ª°í, network¿¡ ¹®Á¦°¡ ÀÖÀ»¶§ ³ªÅ¸³­´Ù. Sol =¡· Physical networkÀ» checkÇØ º»´Ù. 7) stale NFS file handle Remote resource fileÀ» acessÇÏ·ÁÇÒ¶§ ³ªÅ¸³­´Ù. Sol =¡· Server¿¡¼­ resource fileÀ» move½ÃÄװųª, client¿¡¼­ resource fileÀ» unmount & mount¸¦ ÇÒ¶§ "nfs mount: mars:/usr/share/man: No such file or directory."¸¦ º¼ ¼ö Àִµ¥, serverÀÇ »óȲÀ» checkÇØ º»´Ù. Session #16 Using the Automounter 1. Automounter ±â´É ÀÌÇØ Client¿¡¼­ serverÀÇ resource fileÀ» ÀÌ¿ëÇÏ·ÁÇÒ¶§, ÀÚµ¿ÀûÀ¸·Î mount°¡ µÇ°í, ÀÌ¿ëÀ» ÇÏÁö¾ÊÀ»¶§´Â ÀÚµ¿ÀûÀ¸·Î umountµÈ´Ù. (default umount½Ã°£ : 5ºÐ) serverÀÇ ¿¬°áÀÌ Àß µÇ¾îÀÖÁö¾Ê¾ÒÀ»¶§ mount´Â bootinÀÌ Áö¿¬ÀÌ µÇÁö¸¸, automount´Â multiple location (sun1:/usr/share/man, sun2:/usr/share/man)À¸·Î settingÀ» ÇسõÀ¸¸é µÎ systemÁß Çϳª°¡ ¸ÕÀú ¿¬°áµÇ¸é service¸¦ ÇØ ÁØ´Ù. ( ´Ü, °°Àº resource file¿¡ ÇÑÇؼ­) 2. Automounter restart¿¡ ÇÊ¿äÇÑ command µÎ°¡ÁöÀÇ ¹æ¹ýÁß Çϳª¸¦ ÀÌ¿ëÇÏ¸é µÈ´Ù. 1) /etc/init.d/nfs.client stop /etc/init.d/nfs.client start 2) /etc/init.d/autofs stop /etc/init.d/sutofs start Session #17 Adding a Diskless Client 1. diskless Client¸¦ Áö¿øÇϱâ À§ÇØ ÇÊ¿äÇÑ Á¤º¸ 1) The Client system's Host name 2) The Client system's Ethernet address 3) The Client system's Internet address 4) The Client system's region and local time zone 5) The Client system's kernel architecture release 2. Server systemÀ¸·ÎºÎÅÍ ÇÊ¿äÇÑ file /export/root, /export/swap /etc/bootparams /etc/ethers /etc/timezone Session #18 The Print Service 1. Printing environment¿¡ ÇÊ¿äÇÑ Á¤º¸ 1) printer types 2) File content types - ÀÔ·ÂÀ¸·Î µé¾î¿À´Â fileÀ» ¹«¾ùÀ¸·Î ¹Þ´ÂÁöÀÇ fata type ¸í½Ã 3) Filters 4) Interface programs - ÃʱâÈ­ program 5) Local and remote print models 2. Áö¿øµÇ´Â Print type 1) PS (PostScript) 2) PSR (for PostScript Reverse) 3) non-PostScript ; daisy, datagraphix diabl0 etc. 3. Remote Printing modelÀÇ diagramÀÌ ÀÌÇØ Pinter Client | Printer Server | 1.x lpd ¦¡¦¡¦¡¦¡|¦¡¦¡¦¡¦¡¦¡¡æ listen | ¢Ö 2.x lpNet ¦¡¦¡¦¡¦¡|¦¡¦¡¦¡¦¡ ¡é | | lpNet | | ¡é | | /var/spool/lp/requests | | ¡é | | lpsched | | ¡é | | print Session #19 The Printer Manager 1. Remote PrintingÀ» À§ÇÑ ÀÔ·Â Á¤º¸ 1) Printer Server name 2) Printer Server's printer name 3) Printer Server OS Session #20 Using LP Commands 1. lpstat command ±â´É Display print service status Option ; -a [list] Reports whether print destinations are accepting requsts. A list of intermixed printer names & class names. -c [list] Print name of all classes and their members. A list of class names. -d Print the system default destination for output requests. -f [list] [-l] Print a verification that the forms in list are recognized by the LP print service. The -l option will list the form descriptions. -o [list] Print the status of output requests. list is a list of intermixed printer names, class names, and request-IDs. -p [list] [-D] [-l] Print the status of printers. -D ; A brief description is printed for each printer in list. -l ; printer's configuration, printer types etc. -P Print the paper types. -r Print the status of the LP request scheduler. -R Print a number showing the position of each job in the print queue. -s Print a status summary - the LP scheduler, the system default destination, class names, their associated devices, the machines sharing print services etc. -S [list] [-l] Print a verification that the character sets or the print wheels specified in list are recognized by the LP print service. -t Print all status information. -u [login-ID-list] Print the status of output requests for users. 2. lpmove command ±â´É Move print requests. ÀÌ°ÍÀº Super user¸¸ÀÌ »ç¿ëÇÒ ¼ö ÀÖ´Ù. Session #21 Configuring Printers Manually 1. Administration CommandÀÇ ÀÌÇØ 1) lpadmin - Add the printer and associate it with a printer port. -p indicates the printer name. -v Indicates the device used by the printer. -I Indicates the content type. 2) accept [printer name] - To accept request. 3) enable [printer name] - To enable the printer. 4) lpfilter - To register the PostScript filters. 5) reject - Suspend the queuing of further requests. -r Indicates a reason message. 6) disable - To Disable the printer or to stop printing. -w Wait until the request currently printing is finished before disabling the printer. -c Cancel the currently printing request. -r Indicates a reason message to be shown when status is displayed by lpstat command 7) lpsystem - To register all print clients with the print service. -t Indicates the remote system type 2. configuration fileÀÇ ÀÌÇØ 1) /etc/lp/Systems (file) - List of remote hosts registered with print service. 2) /etc/lp/default (file) - Contains name of system-wide default destnation. 3) /usr/lib/lp/postscript (directory) - Contains filter description files. 4) /etc/lp/filter.table (file) - Printer filter lookup table. 5) /etc/lp/logs (symlink) - Symbolic link to /var/lp/logs. 6) /etc/lp/printers (directory) - Contains one sub-directory for each configured printer. 7) /etc/lp/printers/pname/configuration (file) - Configuration file for printer pname 8) /var/lp/logs (directory) - Print service log files. 9) /var/spool/lp/SCHEDLOCK (file) - The lpsched lock file prevents more than one instance of the lpsched process. 10) /var/spool/lp/system/pstatus (file) - contains the current status of print system. 11) /var/spool/lp/tmp (directory) - The spooling directory. Session #22 Disk Device Names 1. Disk±¸¼ºÀ» º¼¼öÀÖ´Â command The PROM mode ( ok prompt)¿¡¼­ "probe-scsi", "probe-scsi-all", "probe-ipi" 2. Disk±¸¼º¿¡ µû¸¥ target address DiskÀÇ target number´Â 0¹øºÎÅÍ 3¹øÀ» »ç¿ëÇÑ´Ù. ÁÖ·Î internal OS disk°¡ target 3¹øÀ» »ç¿ëÇϸç, ´ÙÀ½ 1¹øÀ» »ç¿ëÇÑ´Ù. Session #23 Adding a New Disk 1. format±â´ÉÀÇ ÀÌÇØ ÀÌ°ÍÀº disk maintenance tool·Î½á, system installationÈÄ repartitionÀÇ Çʿ伺ÀÌ ÀÖÀ»¶§, ¶Ç´Â disk¸¦ »õ·ÎÀÌ addÇϱâÀ§ÇØ »õ·Î¿î partition ÀÛ¾÷À» ÇؾßÇÒ¶§ ÁÖ·Î »ç¿ëÇÑ´Ù. 2. Partition Information ÀÌÇØ 1) Part - The partition number. 2) Tag - The partition tag. 3) Flag - The partition flags. 4) Cylinders - The range of cylinders occupied by the partition. 5) Size - The size of the partition in Megabytes. 6) Blocks - The size of the partition in cylinders/tracks/sectors notation. 3. format°ú newfsÀÇ Â÷ÀÌÁ¡ 1) format - Disk¿¡ »õ·Î¿î partitionÀ» ³ª´­¶§ »ç¿ëÇÑ´Ù. 2) newfs - FormatÈÄ ³ª´µ¾îÁø partition¿¡ data¸¦ addÇϱâÀ§ÇØ »õ·Î¿î file system±¸Á¶¸¦ ¸¸µå´Â utility. ( label, boot block, superblock, sylinder, lost+found µî) 'mkfs'¿Í °°Àº ¿ªÈ°À» ÇÑ´Ù. Session #24 Mounting file Systems 1. /etc/vfstab fileÀÇ architectureÀÌÇØ 1) device of fsck Identifies the logical (block) device name of a local ufs file system. 2) device to fsck Identifies the logical (raw) device name of a local ufs file system. 3) mount point The default mount point for the local file resource. 4) FS type Always ufs for local file resource. 5) fsck pass The ufs file system is checked. 0ÀÌ»óÀÇ ¼ýÀÚ¸¦ »ç¿ëÇÏ¿© ÀÛÀº ¼öºÎÅÍ multiple ufs file system check¸¦ ÇÑ´Ù. '-'ÀÎ °æ¿ì check¸¦ ¾ÈÇÒ °æ¿ì »ç¿ë. 6) mount at boot Run level 2¿¡¼­ resource fileÀ» mountÇÒ °ÍÀÎÁö ¾ÊÇÒ°ÍÀÎÁö¸¦ ¼±ÅÃ. /(root)¿Í /usrÀº Á¦¿ÜµÈ´Ù. µÑÀº "/etc/rcS.d/S30rootusr.sh" script¿¡¼­ mount°¡ µÇ¾îÁø´Ù. 7) mount option A comma-separated list of mount option. Session #25 Maintaining File Systems 1. Inode ÀÌÇØ FileÀÇ data ±¸Á¶µîÀ» ¼³¸íÇÑ °ÍÀ¸·Î½á, UID, GID, byte¼ö, fileÀÇ data block¼öµî ¿©·¯Á¤º¸µîÀ» Æ÷ÇÔÇÏ°íÀÖ´Ù. 2. Solaris 2.xÀÇ Block Fragment ÀÌÇØ 1024-bytes fragment 8°³°¡ ¸ð¿© 8192 bytesÀÎ ÇϳªÀÇ file system blockÀ¸·Î ±¸¼ºµÇ¾îÀÖ´Ù. File System Block ¦£¦¡¦¡¦¡¦¡¦¡¦¡¦¡¦¤ (8192bytes) ¢Ë¢É¢É¢É¢É¢É¢É¢É 1024bytes ¦¦¦¥ Fragment # Disk block (sector) - 512 bytes File System Block (read/writeÇÒ¶§ ´ÜÀ§) - 8192 bytes 3. fsck ±â´É ÀÌÇØ DiskÀÇ ±âÁ¸¿¡ ¾Ë°íÀÖ´ø parameter¿Í ÇöÀçÀÇ Á¤º¸°¡ ºÒÀÏÄ¡ÇÒ¶§ ±×°ÍÀ» check¿Í º¹±¸½ÃÅ°´Â utility. 1 ´Ü°è - inode¿µ¿ª Á¡°Ë 2 ´Ü°è - inode¿Í directory ºñ±³ 3 ´Ü°è - directory ¿¬°á ½Ãµµ ( lost+foundÀÌ¿ë ) 4 ´Ü°è - ¿¬°á½Ã °è»êµÈ link¼ö¿Í inode³»ÀÇ link¼ö ºñ±³ 5 ´Ü°è - free block Á¡°Ë 4. Backup superblockÀÇ check±â´É Superblock¿¡´Â file systemÀÇ Á¤º¸µéÀ» °°°í Àִµ¥, ±×°ÍÀ» ºñ±³ÇÏ¿© ºñÀÏÄ¡ÇÒ °æ¿ì, ±×°ÍÀ» ÂüÁ¶ÇÏ¿© º¹±¸ÇÑ´Ù. - Information ( The number of blocks, Cylinder groups, The file system block, Fragment size, A description of the hardware, The mount point name ) Session #26 Backup and Recovery 1. Tape Device Name¿¡ µû¸¥ ±â´ÉÀÌÇØ Tape Device Name - /dev/rmt/x y b n ¦¢¦¢¦¢¦¢ Logical tape number ¡ç¦¡¦¡¦¡¦¥¦¢¦¢¦¢ Tape denisty (h,m,l) ¡ç¦¡¦¡¦¡¦¡¦¥¦¢¦¢ BSD behavior ¡ç¦¡¦¡¦¡¦¡¦¡¦¥¦¢ No-rewind ¡ç¦¡¦¡¦¡¦¡¦¡¦¡¦¥ 1) Tape density ; ÀÌ parameter´Â tapeÀÇ type¿¡ µû¶ó¼­ h (high), m (medium), l (low)¸¦ Á¤ÇÑ´Ù. 2) BSD behavior ; 'b'´Â device°¡ BSD behaviorÀÎ °æ¿ì »ç¿ë. fileÀÇ ³¡À» ´Ù ÀÐÀº ÈÄ, ´ÙÀ½ fileÀÇ Ã¹ºÎºÐÀ¸·Î °£´Ù. 3) No-rewind ; 'n'Àº current tapeÀÇ µ¿ÀÛÀÌ ³¡³­ ÈÄ, ±×´ë·Î ¸ØÃãÀ» ¿øÇÒ¶§ »ç¿ë. 2. BackupÀü¿¡ ÇÊ¿äÇÑ step 1) systemÀÇ µ¿ÀÛ»óŸ¦ check - systemÀÇ ÀÌ¿ëÀÌ °¡Àå ÀûÀº ½Ã°£¿¡ backupÀ» ¹Þ´Â´Ù. 2) Run level S·Î µÈ ÀÌÈÄ¿¡ back upÀ» ÇÑ´Ù - ufsdumpÀΰæ¿ì 2°¡Áö pass¸¦ Çϴµ¥ ¨ç inode information¸¦ ¸ðÀ¸°í, ¨è the data blockÀ» tape¿¡ ÀúÀåÇϹǷÎ, system »ç¿ëÁß È¤ º¯È­µÈ °ÍÀÌ ÀÖÀ» ¼öÀÖÀ¸¹Ç·Î, single user¿¡¼­ back upÀ» Çϴ°ÍÀÌ °¡Àå ÁÁ´Ù. 3) ¸ðµç user°¡ »ç¿ëÀ» ¾ÊÇÒ¶§ back upÇÏ´Â °ÍÀÌ °¡Àå ÁÁÀ¸¹Ç·Î, ¸ðµç user¿¡°Ô back up Çϴµ¿¾È »ç¿ëÇÒ ¼ö ¾ø´Ù´Â message¸¦ º¸³½´Ù. 4) 'fsck'·Î file systemÀ» checkÇÑ ÈÄ ÇÏ´Â °ÍÀÌ °¡Àå ÁÁ´Ù. 3. old diskÀÇ ³»¿ëÀ» new disk·Î ÀÌÀüÇϱâÀ§ÇÑ ÀýÂ÷ 1) System¿¡ »õ·Î¿î disk¸¦ ¿¬°áÇÏ°í, rebootingÀ» ÇÑ´Ù. 2) »õ·Î¿î disk¸¦ »õ·ÎÀÌ partitionÀ» ÇÑ´Ù. (format) 3) »õ file systemÀ» ¸¸µç´Ù. (newfs) 4) »õ·Î¿î drive¿¡ ¿øÇÏ´Â data¸¦ restoreÇÑ´Ù. (ufsrestore) Session #27 The package Command 1. pkginfo¿Í pkgadd ±â´É ÀÌÇØ 1) pkginfo - Disk, CD-ROMµî¿¡ ÀÖ´Â software pakageÀÇ list¸¦ È®ÀÎÇØ º¼¶§ »ç¿ëÇÏ´Â command -l ; pakageÀÇ sizeµî Á» ´õ ÀÚ¼¼ÇÑ Á¤º¸µîÀ» º¸¿©ÁÖ´Â option 2) pkgadd - software pakage¸¦ system¿¡ installÇÒ¶§ »ç¿ëÇÏ´Â command. 2. pkgchk ±â´É ÀÌÇØ PakageÀÇ ±¸¼º ¿ä¼Ò¿Í pakage path nameµî pakage¿¡ ´ëÇÑ Á¤º¸°¡ system log file¿¡ ±â·ÏµÈ ³»¿ë°ú ÀÏÄ¡ÇÏ´ÂÁö¸¦ ºñ±³ÇÏ´Â command. Session #28 The Software Manager 1. Remote host»óÀÇ S/W¸¦ removing ȤÀº addingÇÏ´Â ¹æ¹ý 1) °¢ hostÀÇ /etc/hosts file¿¡ Á¤º¸°¡ µé¾îÀÖ¾î¾ß ÇÑ´Ù. 2) Target hostÀÇ super user passwd¸¦ ¾Ë¾Æ¾ß ÇÑ´Ù. 3) 2)¹ø´ë½Å /.rhost file¿¡ µî·ÏÀÌ µÇ¾îÀÖ¾î¾ß ÇÑ´Ù. Session #29 The NIS+ Environment 1. NIS+ Master server¿Í Replica serverÀÇ ÀåÁ¡ 1) Maste Server - Name service¿¡ °ü·ÃµÇ¾îÀÖ´Â database file tableÀ» ¸¸µé°í, º¯°æÇϸç, replica server¿¡°Ô ÀÚµ¿ÀûÀ¸·Î ±× ³»¿ëÀ» Àü´ÞÇÑ´Ù. 2) Replica Sever - Master server·ÎºÎÅÍ name service¿¡ °üÇÑ database table source¸¦ down¹ÞÀ¸¸ç, clientÀÇ request¿¡ ÀÀ´äÀ» ÇÑ´Ù. 2. Authentication°ú AuthorizationÀÇ Â÷ÀÌÁ¡ 1) Authentication - NIS+ Server¿¡°Ô ´©°¡ request¸¦ º¸³Â´ÂÁö¸¦ È®ÀÎÇÏ´Â process·Î½á, principal's name À» ã´Âµ¥ ±× ¸ñÀûÀÌ ÀÖ´Ù. ÀÌ NIS+ principalÀÇ authenticating¿¡ °üÇÑ Á¤º¸´Â cred table¿¡ ÀúÀåµÈ´Ù. ( °¢ NIS+ doamin¿¡´Â ÇϳªÀÇ cred tableÀÌ Á¸ÀçÇÑ´Ù. ) ÀÌ°ÍÀº credentialÀ» °®°í ÆÇ´ÜÇÑ´Ù. ¨ç LOCAL credential - ÀÌ°ÍÀº NIS+ principal nameÀ¸·Î ÁÖ·Î clientÀÇ UID¸¦ »ç¿ëÇÑ´Ù. ±×°ÍÀº passwd record·ÎºÎÅÍ client userÀÇ UID & GID¿¡¼­ ÀοëÇÏ¿© ¸¸µé¾î³»¸ç, domainÀÇ cred table¿¡ ÀúÀåÇÑ´Ù. ¨è DES credential - principalÀ» Áõ¸íÇϴµ¥À־ Ãß°¡µÈ passwd°¡ ÀÖ´Ù¸é, ±×°ÍÀÌ ¹Ù·Î DES credential ·Î »ç¿ëµÈ´Ù. Ãß°¡µÈ key (passwd)°¡ ¾ø¾ú´Ù¸é, ÀÌ°ÍÀº ½Ç·ÚÇÒ ¼ö ¾ø´Â °ÍÀ¸·Î °£ÁֵǸç, »ç¿ëÇÒ ¼ö ¾ø´Ù. ±×·¯¹Ç·Î, ÀÌ principal's login passwd´Â DES key¿Í °°ÀÌ »ç¿ëµÈ´Ù. 3. NIS+ Security°ü·Ã Access RightsÀÌÇØ Access Right Description Read Principal can read the contents of the object. Modify Principal can modify the contents of the object. Create Principal can create new objects in a table or directory. Destroy Principal can destroy objects in a table or directory. 4. Names Service Switch ProcessÀÇ ÀÌÇØ LocalÀÇ /etc filesÀ̳ª NIS+ tablesÀÇ sourceµé¿¡ °üÇÑ Á¤º¸µéÀ» NIS+ client¾ò´Â °ÍÀ» Çã¶ôÇÏ´Â process. ÀÌ·¯ÇÑ sourceÀÇ Á¾·ù(15 type)´Â '/etc/nsswitch.conf' file¿¡¼­ Á¤ÀÇ°¡ µÇ¾îÀÖ´Ù. Source Description files The client's local /etc files nisplus An NIS+ table nis An NIS map compat Supports old-style "+" syntax for passwd and group information dns Applies only to the hosts entry Session #30 configuring the NIS+ Environment 1. nissetup command ±â´É ÀÌÇØ NIS+ domainÀ» ÃʱâÈ­, Áï NIS+ directory¿¡ »õ·Î¿î standard tableµéÀ» »ý¼ºÇÏ´Â shell script. - ÀÌ command´Â ÇϳªÀÇ domain¿¡ Çѹø »ç¿ëµÇ¾îÁö¸ç, NIS+ Master Server¿¡¼­¸¸ »ç¿ëµÈ´Ù. - ÀÌ command¸¦ ½ÇÇàÇϱâ ÀÌÀü¿¡ domainÀÌ Á¸ÀçÇØ¾ß ÇÑ´Ù. - NIS+ domain¿¡´Â NIS+ directory¿Í subdirectoryµé·Î ±¸¼ºµÇ¾î Áø´Ù. org_dir ; system administration information group_dir ; information for group access control - ÀÌ script´Â org_dir°ú group_dir directoryµéÀ» ¸¸µé¸ç, ÀÌ directoryµéÀ» ¸¸µç ÈÄ, NIS+ Server default tableµéÀ» ¸¸µç´Ù. - 'nissetup'½ÇÇà½Ã »ý¼ºµÇ´Â NIS+ serves tables auto_master, auto-home, bootparams, cred, ethers, group, hosts, mail_alias, netmasks, networks, passwd, protocols, rpc, services, timezone - "Y" option ; NIS¿Í NIS+¸¦ ¸ðµÎ ȣȯ¼ºÀÖ°Ô setupÇÏ°íÀÚ ÇÒ¶§ »ç¿ë. 2. nisaddent command ±â´É ÀÌÇØ Source file¶Ç´Â standard inputÀ¸·ÎºÎÅÍ NIS+ table¿¡ dataµéÀ» Ãß°¡½ÃÅ°´Â command. - Option -a ; NIS+ table¿¡ ±âÁ¸¿¡ ÀÖ´Â °Í¿¡ fileÀ̳ª mapÀ» Ãß°¡ÇÒ¶§ »ç¿ë. default option. -p ; file·ÎºÎÅÍ passwd informationÀ» ºÒ·¯¿Ã¸±¶§ »þ¿ë. ÁÖ·Î »ç¿ë¾ÊÇÔ. -q ; Dump tables in "quick" mode. -r ; ±âÁ¸¿¡ NIS+ tabled¿¡ µî·Ïµµ¾îÀÖ´Â ³»¿ëµéÀ» ¸ðµÎ Áö¿ì°í, »õ·ÎÀÌ /etc files ¶Ç´Â, NIS+ mapsÀÇ source ·ÎºÎÅÍ »õµî·ÏÀ» ÇÏ´Â option. ÀÌ°ÍÀº '-m'option°ú °°Àº È¿°ú¸¦ ³ªÅ¸³½´Ù. -m ; NIS+ table°ú file ¶Ç´Â map°ú ÀÏÄ¡½ÃÅ°´Â option. Source¿¡ ¾ø´Â °ÍÀ» Ãß°¡ÇÒ¶§, Àִ°ÍÀ» modifyÇÒ¶§, ¸ðµÎ »èÁ¦ÇÒ¶§µî¿¡ ÀÌ¿ëµÈ´Ù. -d ; ÁÖ¾îÁø type¿¡ Ç¥ÁØ Ãâ·ÂÀ¸·ÎºÎÅÍ NIS+ tableÀ» DumpÇÒ¶§. cred table, publickey, netid typeÀ» dump. -v ; Verbose. -f file ; Input source·Î ±× fileÀ» »ç¿ë. -y ypdomain ; NIS domain ypdomainÀ¸·ÎºÎÅÍ NIS map input source¸¦ Ãæ´çÇÏ¿© »ç¿ë. local machineÀÇ /var/yp/ypdomain directoryÀÇ ³»¿ëÀ» ÀÌ¿ë. -Y map ; Input source¸¦ ±× mapÀÇ ³»¿ëÀ» »ç¿ë. -t table ; NIS+ table¿¡ ÀÌ tableÀ» ÀÌ¿ëÇÑ´Ù. -p ; Follow concatenation path. -A ; All data. Table¿¡ ÀÖ´Â ¸ðµç dataµéÀ» table's concatenation path¸¦ ÃʱâÈ­ÇÏ´Â °Í. -D defaults ; Default set upµÈ °Í°ú ´Ù¸¥Á¡À» Ç¥Çö. ttl=time ; Time set up. Default is 12 hours. owner=ownername ; NIS+ principal ownername. group=groupname ; Groupname. default is NULL. access=rights ; 'nischmod' command·Î formatÀº Á¤ÀǵȴÙ.