- 追加された行はこの色です。
- 削除された行はこの色です。
[[:検証/ログサーバ]]
#norelated
#topicpath
#contents
#memo(○casさんのIDとパスワード 3mg01 / 9764\n\n\\172.16.0.100\kensyo\98_個人用\01_okazaki\OFVイメージ\gwww_新サーバ_20151207\n\nhttps://www1.ntt-east.ipxp/gyoumukansa/guide-top/kaizen2007.html\nhttps://www1.ntt-east.ipxp/gyoumukansa/guide-top/kansa2007.html\nhttp://www1.ntt-east.ipxp/csd/syogai/index.html\nhttp://www1.ntt-east.ipxp/csd/syonai/index.html\nhttp://www1.ntt-east.ipxp/csd/kosyo/framepage1.htm\nhttp://www1.ntt-east.ipxp/csd/shien/home.html\nhttp://www1.ntt-east.ipxp/csd/tougou-setsubi/download1.htm\nhttp://www1.ntt-east.ipxp/cas/02/members/index.htm\nhttp://www1.ntt-east.ipxp/cas/02/restdata/index.htm\nhttp://www1.ntt-east.ipxp/diversity/\n\nmore /etc/sysconfig/network-scripts/route-eth1\n10.159.212.0/255.255.255.0 via 10.159.213.129\n10.159.213.0/255.255.255.0 via 10.159.213.129\n10.159.214.0/255.255.255.0 via 10.159.213.129\n10.159.215.0/255.255.255.0 via 10.159.213.129\n10.159.216.0/255.255.255.0 via 10.159.213.129\n10.40.255.128/255.255.255.192 via 10.159.213.129\n10.0.0.0/255.255.255.0 via 10.159.213.129\n172.16.0.0/255.255.0.0 via 10.159.213.129\n\n# more /etc/hosts\n\n\n# cat /etc/nsswitch.conf\n#\n# /etc/nsswitch.conf\n#\n# An example Name Service Switch config file. This file should be\n# sorted with the most-used services at the beginning.\n#\n# The entry '[NOTFOUND=return]' means that the search for an\n# entry should stop if the search in the previous entry turned\n# up nothing. Note that if the search failed due to some other reason\n# (like no NIS server responding) then the search continues with the\n# next entry.\n#\n# Valid entries include:\n#\n# nisplus Use NIS+ (NIS version 3)\n# nis Use NIS (NIS version 2), also called YP\n# dns Use DNS (Domain Name Service)\n# files Use the local files\n# db Use the local database (.db) files\n# compat Use NIS on compat mode\n# hesiod Use Hesiod for user lookups\n# [NOTFOUND=return] Stop searching if not found so far\n#\n\n# To use db, put the "db" in front of "files" for entries you want to be\n# looked up first in the databases\n#\n# Example:\n#passwd: db files nisplus nis\n#shadow: db files nisplus nis\n#group: db files nisplus nis\n\npasswd: files\nshadow: files\ngroup: files\n\n#ZAKI 検証環境では上のようにしておく、実際にはいか\npasswd: files sss\nshadow: files\ngroup: files sss\n\n\n#hosts: db files nisplus nis dns\nhosts: files dns\n\n# Example - obey only what nisplus tells us...\n#services: nisplus [NOTFOUND=return] files\n#networks: nisplus [NOTFOUND=return] files\n#protocols: nisplus [NOTFOUND=return] files\n#rpc: nisplus [NOTFOUND=return] files\n#ethers: nisplus [NOTFOUND=return] files\n#netmasks: nisplus [NOTFOUND=return] files\n\nbootparams: nisplus [NOTFOUND=return] files\n\nethers: files\nnetmasks: files\nnetworks: files\nprotocols: files\nrpc: files\nservices: files\n\nnetgroup: nisplus\n\npublickey: nisplus\n\n#automount: files nisplus\nautomount: files\n#ZAKI automount: files sss こっちが本物\naliases: files nisplus\n\n# more /etc/passwd\nwebuser:x:9080:5000::/etc/httpd:/sbin/nologin\nbsc_gh:x:5001:5000::/export/home1/htdocs/bsc:/sbin/nologin\ncsd:x:5002:5000::/export/home1/htdocs/csd:/sbin/nologin\nana9768:x:5004:5000::/export/home1/htdocs/pvc-ana:/sbin/nologin\nesreport:x:5005:5000::/export/home1/htdocs/es-report:/sbin/nologin\npvccas:x:5007:5000::/export/home1/htdocs/cas:/sbin/nologin\ndiver001:x:5009:5000::/export/home1/htdocs/diversity:/sbin/nologin\nephelio:x:5010:5000::/export/home1/htdocs/ephelio:/sbin/nologin\ntest:x:5999:5000::/export/home1/htdocs/test:/sbin/nologin\ngyoumu07:x:5008:5000::/export/home1/htsdocs/gyoumukansa:/sbin/nologin\n#useradd -u 9081 -g 5001 -d /opt/hp/hpsmh /sbin/nologin hpsmh\n普段、どのユーザアカウントでftpしていますか?\n# more after_chkconfig_gwww.txt\nNetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nabrt-ccpp 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nabrtd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nacpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off\natd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nauditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nautofs 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nblk-availability 0:off 1:on 2:off 3:off 4:off 5:off 6:off\ncertmonger 0:off 1:off 2:on 3:on 4:on 5:on 6:off\ncgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ncgred 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ncpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off\ncrond 0:off 1:off 2:on 3:on 4:on 5:on 6:off\ncups 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ndnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nhaldaemon 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nhtcacheclean 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nhttpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nip6tables 0:off 1:off 2:off 3:off 4:off 5:off 6:off\niptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nirqbalance 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nkdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nlvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nmcelogd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nmdmonitor 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nmessagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnetconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nnetfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnetwork 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nnfslock 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nntpdate 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnumad 0:off 1:off 2:off 3:off 4:off 5:off 6:off\noddjobd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nportreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off\npostfix 0:off 1:off 2:off 3:off 4:off 5:off 6:off\npppoe-server 0:off 1:off 2:off 3:off 4:off 5:off 6:off\npsacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nquota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrestorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrhnsd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrhsmcertd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrngd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nrpcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsaslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsmartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsnmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsnmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nspice-vdagentd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsshd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsssd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nudev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nwdaemon 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nwinbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nwpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nxinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off\n\nxinetd ベースのサービス:\n chargen-dgram: off\n chargen-stream: off\n daytime-dgram: off\n daytime-stream: off\n discard-dgram: off\n discard-stream: off\n echo-dgram: off\n echo-stream: off\n rexec: off\n rlogin: off\n rsh: off\n rsync: off\n sshd: on\n tcpmux-server: off\n time-dgram: off\n time-stream: off\n\nmore /etc/rsyslog.conf\n# rsyslog v5 configuration file\n\n# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html\n# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html\n\n#### MODULES ####\n\n$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)\n$ModLoad imklog # provides kernel logging support (previously done by rklogd)\n#$ModLoad immark # provides --MARK-- message capability\n\n# Provides UDP syslog reception\n#$ModLoad imudp\n#$UDPServerRun 514\n\n# Provides TCP syslog reception\n#$ModLoad imtcp\n#$InputTCPServerRun 514\n\n\n#### GLOBAL DIRECTIVES ####\n\n# Use default timestamp format\n$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat\n\n# File syncing capability is disabled by default. This feature is usually not required,\n# not useful and an extreme performance hit\n#$ActionFileEnableSync on\n\n# Include all config files in /etc/rsyslog.d/\n$IncludeConfig /etc/rsyslog.d/*.conf\n\n\n#### RULES ####\n# Log all kernel messages to the console.\n# Logging much else clutters up the screen.\n#kern.* /dev/console\n\n# Log anything (except mail) of level info or higher.\n# Don't log private authentication messages!\nif $fromhost-ip =='127.0.0.1' and \\n $msg contains 'IPTABLES_INPUT_LOG' and \\n ( \\n $syslogfacility-text == 'kern' and \\n $syslogseverity-text == 'debug' \\n ) \\nthen /var/log/iptables.log\n*.info;mail.none;authpriv.none;cron.none /var/log/messages\n\n# The authpriv file has restricted access.\nauthpriv.* /var/log/secure\n\n# Log all the mail messages in one place.\nmail.* -/var/log/maillog\n\n\n# Log cron stuff\ncron.* /var/log/cron\n\n# Everybody gets emergency messages\n*.emerg *\n\n# Save news errors of level crit and higher in a special file.\nuucp,news.crit /var/log/spooler\n\n# Save boot messages also to boot.log\nlocal7.* /var/log/boot.log\n\n# remote_syslog\n#*.err;kern.debug;daemon.notice;mail.crit @10.159.213.12:514\n#mail.info @10.159.213.12:514\n\n# ### begin forwarding rule ###\n# The statement between the begin ... end define a SINGLE forwarding\n# rule. They belong together, do NOT split them. If you create multiple\n# forwarding rules, duplicate the whole block!\n# Remote Logging (we use TCP for reliable delivery)\n#\n# An on-disk queue is created for this action. If the remote host is\n# down, messages are spooled to disk and sent when it is up again.\n#$WorkDirectory /var/lib/rsyslog # where to place spool files\n#$ActionQueueFileName fwdRule1 # unique name prefix for spool files\n#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)\n#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown\n#$ActionQueueType LinkedList # run asynchronously\n#$ActionResumeRetryCount -1 # infinite retries if host is down\n# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional\n#*.* @@remote-host:514\n# ### end of the forwarding rule ###\n\n# A template to for higher precision timestamps + severity logging\n$template SpiceTmpl,"%TIMESTAMP%.%TIMESTAMP:::date-subseconds% %syslogtag% %syslogseverity-text%:%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n\n"\n\n:programname, startswith, "spice-vdagent" /var/log/spice-vdagent.log;SpiceTmpl\n\nauth.debug @10.159.213.12\nauthpriv.debug @10.159.213.12\ncron.debug @10.159.213.12\ndaemon.debug @10.159.213.12\nkern.debug @10.159.213.12\nmail.debug @10.159.213.12\nsyslog.debug @10.159.213.12\nuser.debug @10.159.213.12\nuucp.debug @10.159.213.12\nlocal0.debug @10.159.213.12\nlocal1.debug @10.159.213.12\nlocal2.debug @10.159.213.12\nlocal3.debug @10.159.213.12\nlocal4.debug @10.159.213.12\nlocal5.debug @10.159.213.12\nlocal6.debug @10.159.213.12\nlocal7.debug @10.159.213.12\n\nmore snmp/snmpd.conf\n# Following entries were added by HP Insight Management Agents at\n# Fri Nov 11 16:49:41 JST 2011\ndlmod cmaX /usr/lib64/libcmaX64.so\nrwcommunity kra-esight 127.0.0.1\nrocommunity esight 127.0.0.1\nrwcommunity kra-esight default\nrocommunity esight default\ntrapcommunity esight\ntrapsink 10.159.213.9 esight\ntrapsink 10.159.216.4 esight\n# ---------------------- END --------------------\n\n\nbsc_gh:x:5001:5000::/export/home1/htdocs/bsc:/sbin/nologin\n./htsdocs/bsc\n2003/05/19\nただし空dir\n\ncsd:x:5002:5000::/export/home1/htdocs/csd:/sbin/nologin\n/htdocs/csd\n2015/10/06★ほんと? それを除けば2013/04/25\n\nana9768:x:5004:5000::/export/home1/htdocs/pvc-ana:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\nesreport:x:5005:5000::/export/home1/htdocs/es-report:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\npvccas:x:5007:5000::/export/home1/htdocs/cas:/sbin/nologin\nhtdocs/cas\n2011/05/11 これって前回の移行時かな?\n\ndiver001:x:5009:5000::/export/home1/htdocs/diversity:/sbin/nologin\n/htdocs/diversity\n最終更新 now\n\nephelio:x:5010:5000::/export/home1/htdocs/ephelio:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\ntest:x:5999:5000::/export/home1/htdocs/test:/sbin/nologin\n/export/home1/htdocs/test\n/export/home1/htsdocs/test\n最終更新 2003/08/25\n\ngyoumu07:x:5008:5000::/export/home1/htsdocs/gyoumukansa:/sbin/nologin\n/export/home1/htsdocs/gyoumukansa\n最終更新 2011/05/11\n)
#memo(* BINDの脆弱性\nhttps://rhn.redhat.com/errata/RHSA-2015-2655.html\n\n○casさんのIDとパスワード 3mg01 / 9764\n\n\\172.16.0.100\kensyo\98_個人用\01_okazaki\OFVイメージ\gwww_新サーバ_20151207\n\nhttps://www1.ntt-east.ipxp/gyoumukansa/guide-top/kaizen2007.html\nhttps://www1.ntt-east.ipxp/gyoumukansa/guide-top/kansa2007.html\nhttp://www1.ntt-east.ipxp/csd/syogai/index.html\nhttp://www1.ntt-east.ipxp/csd/syonai/index.html\nhttp://www1.ntt-east.ipxp/csd/kosyo/framepage1.htm\nhttp://www1.ntt-east.ipxp/csd/shien/home.html\nhttp://www1.ntt-east.ipxp/csd/tougou-setsubi/download1.htm\nhttp://www1.ntt-east.ipxp/cas/02/members/index.htm\nhttp://www1.ntt-east.ipxp/cas/02/restdata/index.htm\nhttp://www1.ntt-east.ipxp/diversity/\n\nmore /etc/sysconfig/network-scripts/route-eth1\n10.159.212.0/255.255.255.0 via 10.159.213.129\n10.159.213.0/255.255.255.0 via 10.159.213.129\n10.159.214.0/255.255.255.0 via 10.159.213.129\n10.159.215.0/255.255.255.0 via 10.159.213.129\n10.159.216.0/255.255.255.0 via 10.159.213.129\n10.40.255.128/255.255.255.192 via 10.159.213.129\n10.0.0.0/255.255.255.0 via 10.159.213.129\n172.16.0.0/255.255.0.0 via 10.159.213.129\n\n# more /etc/hosts\n\n\n# cat /etc/nsswitch.conf\n#\n# /etc/nsswitch.conf\n#\n# An example Name Service Switch config file. This file should be\n# sorted with the most-used services at the beginning.\n#\n# The entry '[NOTFOUND=return]' means that the search for an\n# entry should stop if the search in the previous entry turned\n# up nothing. Note that if the search failed due to some other reason\n# (like no NIS server responding) then the search continues with the\n# next entry.\n#\n# Valid entries include:\n#\n# nisplus Use NIS+ (NIS version 3)\n# nis Use NIS (NIS version 2), also called YP\n# dns Use DNS (Domain Name Service)\n# files Use the local files\n# db Use the local database (.db) files\n# compat Use NIS on compat mode\n# hesiod Use Hesiod for user lookups\n# [NOTFOUND=return] Stop searching if not found so far\n#\n\n# To use db, put the "db" in front of "files" for entries you want to be\n# looked up first in the databases\n#\n# Example:\n#passwd: db files nisplus nis\n#shadow: db files nisplus nis\n#group: db files nisplus nis\n\npasswd: files\nshadow: files\ngroup: files\n\n#ZAKI 検証環境では上のようにしておく、実際にはいか\npasswd: files sss\nshadow: files\ngroup: files sss\n\n\n#hosts: db files nisplus nis dns\nhosts: files dns\n\n# Example - obey only what nisplus tells us...\n#services: nisplus [NOTFOUND=return] files\n#networks: nisplus [NOTFOUND=return] files\n#protocols: nisplus [NOTFOUND=return] files\n#rpc: nisplus [NOTFOUND=return] files\n#ethers: nisplus [NOTFOUND=return] files\n#netmasks: nisplus [NOTFOUND=return] files\n\nbootparams: nisplus [NOTFOUND=return] files\n\nethers: files\nnetmasks: files\nnetworks: files\nprotocols: files\nrpc: files\nservices: files\n\nnetgroup: nisplus\n\npublickey: nisplus\n\n#automount: files nisplus\nautomount: files\n#ZAKI automount: files sss こっちが本物\naliases: files nisplus\n\n# more /etc/passwd\nwebuser:x:9080:5000::/etc/httpd:/sbin/nologin\nbsc_gh:x:5001:5000::/export/home1/htdocs/bsc:/sbin/nologin\ncsd:x:5002:5000::/export/home1/htdocs/csd:/sbin/nologin\nana9768:x:5004:5000::/export/home1/htdocs/pvc-ana:/sbin/nologin\nesreport:x:5005:5000::/export/home1/htdocs/es-report:/sbin/nologin\npvccas:x:5007:5000::/export/home1/htdocs/cas:/sbin/nologin\ndiver001:x:5009:5000::/export/home1/htdocs/diversity:/sbin/nologin\nephelio:x:5010:5000::/export/home1/htdocs/ephelio:/sbin/nologin\ntest:x:5999:5000::/export/home1/htdocs/test:/sbin/nologin\ngyoumu07:x:5008:5000::/export/home1/htsdocs/gyoumukansa:/sbin/nologin\n#useradd -u 9081 -g 5001 -d /opt/hp/hpsmh /sbin/nologin hpsmh\n普段、どのユーザアカウントでftpしていますか?\n# more after_chkconfig_gwww.txt\nNetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nabrt-ccpp 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nabrtd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nacpid 0:off 1:off 2:on 3:on 4:on 5:on 6:off\natd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nauditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nautofs 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nblk-availability 0:off 1:on 2:off 3:off 4:off 5:off 6:off\ncertmonger 0:off 1:off 2:on 3:on 4:on 5:on 6:off\ncgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ncgred 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ncpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off\ncrond 0:off 1:off 2:on 3:on 4:on 5:on 6:off\ncups 0:off 1:off 2:off 3:off 4:off 5:off 6:off\ndnsmasq 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nhaldaemon 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nhtcacheclean 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nhttpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nip6tables 0:off 1:off 2:off 3:off 4:off 5:off 6:off\niptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nirqbalance 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nkdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nlvm2-monitor 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nmcelogd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nmdmonitor 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nmessagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnetconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nnetfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnetwork 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nnfslock 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nntpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nntpdate 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nnumad 0:off 1:off 2:off 3:off 4:off 5:off 6:off\noddjobd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nportreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off\npostfix 0:off 1:off 2:off 3:off 4:off 5:off 6:off\npppoe-server 0:off 1:off 2:off 3:off 4:off 5:off 6:off\npsacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nquota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrestorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrhnsd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrhsmcertd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrngd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrpcbind 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nrpcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrpcsvcgssd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nrsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsaslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsmartd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsnmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsnmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nspice-vdagentd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsshd 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nsssd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nsysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nudev-post 0:off 1:on 2:on 3:on 4:on 5:on 6:off\nwdaemon 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nwinbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nwpa_supplicant 0:off 1:off 2:off 3:off 4:off 5:off 6:off\nxinetd 0:off 1:off 2:on 3:on 4:on 5:on 6:off\nypbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off\n\nxinetd ベースのサービス:\n chargen-dgram: off\n chargen-stream: off\n daytime-dgram: off\n daytime-stream: off\n discard-dgram: off\n discard-stream: off\n echo-dgram: off\n echo-stream: off\n rexec: off\n rlogin: off\n rsh: off\n rsync: off\n sshd: on\n tcpmux-server: off\n time-dgram: off\n time-stream: off\n\nmore /etc/rsyslog.conf\n# rsyslog v5 configuration file\n\n# For more information see /usr/share/doc/rsyslog-*/rsyslog_conf.html\n# If you experience problems, see http://www.rsyslog.com/doc/troubleshoot.html\n\n#### MODULES ####\n\n$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)\n$ModLoad imklog # provides kernel logging support (previously done by rklogd)\n#$ModLoad immark # provides --MARK-- message capability\n\n# Provides UDP syslog reception\n#$ModLoad imudp\n#$UDPServerRun 514\n\n# Provides TCP syslog reception\n#$ModLoad imtcp\n#$InputTCPServerRun 514\n\n\n#### GLOBAL DIRECTIVES ####\n\n# Use default timestamp format\n$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat\n\n# File syncing capability is disabled by default. This feature is usually not required,\n# not useful and an extreme performance hit\n#$ActionFileEnableSync on\n\n# Include all config files in /etc/rsyslog.d/\n$IncludeConfig /etc/rsyslog.d/*.conf\n\n\n#### RULES ####\n# Log all kernel messages to the console.\n# Logging much else clutters up the screen.\n#kern.* /dev/console\n\n# Log anything (except mail) of level info or higher.\n# Don't log private authentication messages!\nif $fromhost-ip =='127.0.0.1' and \\n $msg contains 'IPTABLES_INPUT_LOG' and \\n ( \\n $syslogfacility-text == 'kern' and \\n $syslogseverity-text == 'debug' \\n ) \\nthen /var/log/iptables.log\n*.info;mail.none;authpriv.none;cron.none /var/log/messages\n\n# The authpriv file has restricted access.\nauthpriv.* /var/log/secure\n\n# Log all the mail messages in one place.\nmail.* -/var/log/maillog\n\n\n# Log cron stuff\ncron.* /var/log/cron\n\n# Everybody gets emergency messages\n*.emerg *\n\n# Save news errors of level crit and higher in a special file.\nuucp,news.crit /var/log/spooler\n\n# Save boot messages also to boot.log\nlocal7.* /var/log/boot.log\n\n# remote_syslog\n#*.err;kern.debug;daemon.notice;mail.crit @10.159.213.12:514\n#mail.info @10.159.213.12:514\n\n# ### begin forwarding rule ###\n# The statement between the begin ... end define a SINGLE forwarding\n# rule. They belong together, do NOT split them. If you create multiple\n# forwarding rules, duplicate the whole block!\n# Remote Logging (we use TCP for reliable delivery)\n#\n# An on-disk queue is created for this action. If the remote host is\n# down, messages are spooled to disk and sent when it is up again.\n#$WorkDirectory /var/lib/rsyslog # where to place spool files\n#$ActionQueueFileName fwdRule1 # unique name prefix for spool files\n#$ActionQueueMaxDiskSpace 1g # 1gb space limit (use as much as possible)\n#$ActionQueueSaveOnShutdown on # save messages to disk on shutdown\n#$ActionQueueType LinkedList # run asynchronously\n#$ActionResumeRetryCount -1 # infinite retries if host is down\n# remote host is: name/ip:port, e.g. 192.168.0.1:514, port optional\n#*.* @@remote-host:514\n# ### end of the forwarding rule ###\n\n# A template to for higher precision timestamps + severity logging\n$template SpiceTmpl,"%TIMESTAMP%.%TIMESTAMP:::date-subseconds% %syslogtag% %syslogseverity-text%:%msg:::sp-if-no-1st-sp%%msg:::drop-last-lf%\n\n"\n\n:programname, startswith, "spice-vdagent" /var/log/spice-vdagent.log;SpiceTmpl\n\nauth.debug @10.159.213.12\nauthpriv.debug @10.159.213.12\ncron.debug @10.159.213.12\ndaemon.debug @10.159.213.12\nkern.debug @10.159.213.12\nmail.debug @10.159.213.12\nsyslog.debug @10.159.213.12\nuser.debug @10.159.213.12\nuucp.debug @10.159.213.12\nlocal0.debug @10.159.213.12\nlocal1.debug @10.159.213.12\nlocal2.debug @10.159.213.12\nlocal3.debug @10.159.213.12\nlocal4.debug @10.159.213.12\nlocal5.debug @10.159.213.12\nlocal6.debug @10.159.213.12\nlocal7.debug @10.159.213.12\n\nmore snmp/snmpd.conf\n# Following entries were added by HP Insight Management Agents at\n# Fri Nov 11 16:49:41 JST 2011\ndlmod cmaX /usr/lib64/libcmaX64.so\nrwcommunity kra-esight 127.0.0.1\nrocommunity esight 127.0.0.1\nrwcommunity kra-esight default\nrocommunity esight default\ntrapcommunity esight\ntrapsink 10.159.213.9 esight\ntrapsink 10.159.216.4 esight\n# ---------------------- END --------------------\n\n\nbsc_gh:x:5001:5000::/export/home1/htdocs/bsc:/sbin/nologin\n./htsdocs/bsc\n2003/05/19\nただし空dir\n\ncsd:x:5002:5000::/export/home1/htdocs/csd:/sbin/nologin\n/htdocs/csd\n2015/10/06★ほんと? それを除けば2013/04/25\n\nana9768:x:5004:5000::/export/home1/htdocs/pvc-ana:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\nesreport:x:5005:5000::/export/home1/htdocs/es-report:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\npvccas:x:5007:5000::/export/home1/htdocs/cas:/sbin/nologin\nhtdocs/cas\n2011/05/11 これって前回の移行時かな?\n\ndiver001:x:5009:5000::/export/home1/htdocs/diversity:/sbin/nologin\n/htdocs/diversity\n最終更新 now\n\nephelio:x:5010:5000::/export/home1/htdocs/ephelio:/sbin/nologin\nこのuidを持つファイル/ディレクトリなし\n\ntest:x:5999:5000::/export/home1/htdocs/test:/sbin/nologin\n/export/home1/htdocs/test\n/export/home1/htsdocs/test\n最終更新 2003/08/25\n\ngyoumu07:x:5008:5000::/export/home1/htsdocs/gyoumukansa:/sbin/nologin\n/export/home1/htsdocs/gyoumukansa\n最終更新 2011/05/11\n)
* 通信要件調査 [#bb446560]
* ctfrelay [#a72e6695]
delegate(TCP proxy)のこと。ftp経由先として使う。~
以下でダウンロードできる。実機が9.9.7なのでこれに合わせる。~
ftp://delegate.hpcc.jp/pub/DeleGate/old/
#pre{{
DeleGateビルド手順
2012.2.25 onoda
1.検証用DeleGate環境構築及び起動
(*) shellはbsh系を想定。
(1) 環境確認
$ who am i
ntte
$ pwd
/home/ntte/tmp
$ ls
delegate9.9.7.tar.gz
(2) tarballの展開
$ tar zxvf ./delegate9.9.7.tar.gz
$ ls -F
delegate9.9.7/ delegate9.9.7.tar.gz
(3) ビルド
$ cd ./delegate9.9.7
$ DGROOT=/tmp/delegate-ntte make
※ make の途中でデフォルトで持つADMINメールアドレスの入力を求められるが、デフォルトのまま、"y"で応答する。
(DeleGateのADMIN設定で明示的に指定するため、ここでは不要)
(4) ./src配下に実行形式"delegated"があることを確認
$ ls ./src/delegated
./src/delegated
(5) $DGROOT ディレクトリが作成されていることを確認
$ ls /tmp/delegate-ntte
/tmp/delegate-ntte/log /tmp/delegate-ntte/tmp
(6) dgbindのインストール
$ pwd
/home/ntte/tmp/delegate9.9.7
$ cd ./subin
$ chmod +x ./install.sh
$ make install
(7) dgbindインストール確認
ls /tmp/delegate-ntte/subin
(8) dgbindのpermissionを変更
$ cd /tmp/delegate-ntte/subin
$ su
# chown root dgbind
# chgrp ntte dgbind
# chmod 6550 dgbind
# exit
(9) DeleGate本体をインストール
$ cd /home/ntte/tmp/delegate9.9.7/src
$ cp delegated /tmp/delegate-ntte/bin(*)
(*) 本ディレクトリ以外でも構わない。
(10) 検証用DeleGate設定ファイルの準備
準備した設定ファイル(DeleGate起動ファイル)を適当なディレクトリに準備する。
(DGROOTを/tmp/delegate-ntteで指定すること)
$ cd /home/ntte/bin
$ cp /hoge/delegated.init ./delegated
(11) 検証用DeleGateの起動
$ su
# /home/ntte/bin/delegated start
2.本番環境へのコピー
検証が完了したdelegatedを/usr/local/bin 配下に格納する。
# mv /usr/local/bin/delegated /usr/local/bin/delegated.bak
# cp /path.to/delegated /usr/local/bin
# chown root:root /usr/local/bin/delegated
# chmod +x /usr/local/bin/delegated
以上
}}
* ツール [#i126eb17]
** 単体試験用 [#sabef5d9]
*** パラメータシート確認スクリプト(RHEL6用) [#n0b2b2e3]
/nas/bin/check_parameter_sheet_RHEL6.sh
#pre{{
#------------------------------------
# 基本設定
#------------------------------------
## インストール情報
# OS
[ /etc/issue ]
Red Hat Enterprise Linux Server release 6.7 (Santiago)
Kernel \r on an \m
# カーネルバージョン等
Linux gwww 2.6.32-573.3.1.el6.x86_64 #1 SMP Mon Aug 10 09:44:54 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
# マシン名
gwww
## ハードウェア情報
# メモリ
MemTotal: 16334296 kB
}}
#counter