Somar's questions

我正在尝试在 Redhat 服务器中设置 2 个在启动时启动数据库并在关闭时停止的服务，因此我将 2 个文件放在如下位置/etc/systemd/system：

关机服务：

[Unit]
Description=Shutdown database at shutdown
DefaultDependencies=no
Before=shutdown.target reboot.target halt.target

[Service]
Type=oneshot
ExecStart=/usr/DBA/shutdown.sh
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

启动服务：

[Unit]
Description=Start   database at startup after network becomes reachable
After=default.target

[Service]
Type=simple
RemainAfterExit=yes
ExecStart=/usr/DBA/startup.sh
TimeoutStartSec=0

[Install]
WantedBy=default.target

然后我做了这些命令：

sudo systemctl daemon-reload
sudo systemctl enable startup.service
sudo systemctl enable shutdown.service
sudo systemctl start startup.service
sudo systemctl start shutdown.service

然后当我查看状态时，它们工作正常并显示活动和运行。然后我重新启动服务器，我再次检查状态，但我得到了这个：

[ec2-user@ip-10-193-117-56 system]$ sudo systemctl status shutdown.service
Unit shutdown.service could not be found.
[ec2-user@ip-10-193-117-56 system]$ sudo systemctl status startup.service
Unit startup.service could not be found.
[ec2-user@ip-10-193-117-56 system]$

所以我不明白，这是什么问题。为什么重启服务器后找不到服务？它们应该被启用并启动一次，然后它们应该自动启动。

任何想法 ？

以下是文件夹中的两项服务：

cd /etc/systemd/system
ls -l
-rw-rw-r--. 1 root root  246 Feb 22 16:02  startup.service
-rw-rw-r--. 1 root root  255 Feb 22 16:02  shutdown.service

我已经进行了 LDAP 身份验证配置，并尝试在 Ubuntu 14.04 TLS 上对 LDAP 服务器进行身份验证。这是文件 nsswitch.conf ：

# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc-reference' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.

# pre_auth-client-config # passwd:         compat ldap
passwd: files ldap
# pre_auth-client-config # group:          compat ldap
group: files ldap
# pre_auth-client-config # shadow:         compat ldap
shadow: files ldap

hosts:          files mdns4_minimal [NOTFOUND=return] dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files

# pre_auth-client-config # netgroup:       nis
netgroup: nis

该命令getent passwd返回文件内容/etc/passwd而不返回 LDAP 用户。即使我使用ldapsearch.

文件/etc/ldap.conf：

###DEBCONF###
##
## Configuration of this file will be managed by debconf as long as the
## first line of the file says '###DEBCONF###'
##
## You should use dpkg-reconfigure to configure this file via debconf
##

#
# @(#)$Id: ldap.conf,v 1.38 2006/05/15 08:13:31 lukeh Exp $
#
# This is the configuration file for the LDAP nameservice
# switch library and the LDAP PAM module.
#
# PADL Software
# http://www.padl.com
#

# Your LDAP server. Must be resolvable without using LDAP.
# Multiple hosts may be specified, each separated by a 
# space. How long nss_ldap takes to failover depends on
# whether your LDAP client library supports configurable
# network or connect timeouts (see bind_timelimit).
#host 127.0.0.1

# The distinguished name of the search base.
base dc=souad,dc=com

# Another way to specify your LDAP server is to provide an
uri ldap://192.168.95.133:389/
# Unix Domain Sockets to connect to a local LDAP Server.
#uri ldap://127.0.0.1/
#uri ldaps://127.0.0.1/   
#uri ldapi://%2fvar%2frun%2fldapi_sock/
# Note: %2f encodes the '/' used as directory separator

# The LDAP version to use (defaults to 3
# if supported by client library)
ldap_version 3

# The distinguished name to bind to the server with.
# Optional: default is to bind anonymously.
#binddn cn=proxyuser,dc=padl,dc=com

# The credentials to bind with. 
# Optional: default is no credential.
#bindpw secret

# The distinguished name to bind to the server with
# if the effective user ID is root. Password is
# stored in /etc/ldap.secret (mode 600)
rootbinddn cn=Manager,dc=souad,dc=com

# The port.
# Optional: default is 389.
#port 389

# The search scope.
#scope sub
#scope one
#scope base

# Search timelimit
#timelimit 30

# Bind/connect timelimit
#bind_timelimit 30

# Reconnect policy: hard (default) will retry connecting to
# the software with exponential backoff, soft will fail
# immediately.
#bind_policy hard

# Idle timelimit; client will close connections
# (nss_ldap only) if the server has not been contacted
# for the number of seconds specified below.
#idle_timelimit 3600

# Filter to AND with uid=%s
#pam_filter objectclass=account

# The user ID attribute (defaults to uid)
#pam_login_attribute uid

# Search the root DSE for the password policy (works
# with Netscape Directory Server)
#pam_lookup_policy yes

# Check the 'host' attribute for access control
# Default is no; if set to yes, and user has no
# value for the host attribute, and pam_ldap is
# configured for account management (authorization)
# then the user will not be allowed to login.
#pam_check_host_attr yes

# Check the 'authorizedService' attribute for access
# control
# Default is no; if set to yes, and the user has no
# value for the authorizedService attribute, and
# pam_ldap is configured for account management
# (authorization) then the user will not be allowed
# to login.
#pam_check_service_attr yes

# Group to enforce membership of
#pam_groupdn cn=PAM,ou=Groups,dc=padl,dc=com

# Group member attribute
#pam_member_attribute uniquemember

# Specify a minium or maximum UID number allowed
#pam_min_uid 0
#pam_max_uid 0

# Template login attribute, default template user
# (can be overriden by value of former attribute
# in user's entry)
#pam_login_attribute userPrincipalName
#pam_template_login_attribute uid
#pam_template_login nobody

# HEADS UP: the pam_crypt, pam_nds_passwd,
# and pam_ad_passwd options are no
# longer supported.
#
# Do not hash the password at all; presume
# the directory server will do it, if
# necessary. This is the default.
pam_password md5

# Hash password locally; required for University of
# Michigan LDAP server, and works with Netscape
# Directory Server if you're using the UNIX-Crypt
# hash mechanism and not using the NT Synchronization
# service. 
#pam_password crypt

# Remove old password first, then update in
# cleartext. Necessary for use with Novell
# Directory Services (NDS)
#pam_password clear_remove_old
#pam_password nds

# RACF is an alias for the above. For use with
# IBM RACF
#pam_password racf

# Update Active Directory password, by
# creating Unicode password and updating
# unicodePwd attribute.
#pam_password ad

# Use the OpenLDAP password change
# extended operation to update the password.
#pam_password exop

# Redirect users to a URL or somesuch on password
# changes.
#pam_password_prohibit_message Please visit http://internal to change your password.

# RFC2307bis naming contexts
# Syntax:
# nss_base_XXX      base?scope?filter
# where scope is {base,one,sub}
# and filter is a filter to be &'d with the
# default filter.
# You can omit the suffix eg:
# nss_base_passwd   ou=People,
# to append the default base DN but this
# may incur a small performance impact.
#nss_base_passwd    ou=People,dc=padl,dc=com?one
#nss_base_shadow    ou=People,dc=padl,dc=com?one
#nss_base_group     ou=Group,dc=padl,dc=com?one
#nss_base_hosts     ou=Hosts,dc=padl,dc=com?one
#nss_base_services  ou=Services,dc=padl,dc=com?one
#nss_base_networks  ou=Networks,dc=padl,dc=com?one
#nss_base_protocols ou=Protocols,dc=padl,dc=com?one
#nss_base_rpc       ou=Rpc,dc=padl,dc=com?one
#nss_base_ethers    ou=Ethers,dc=padl,dc=com?one
#nss_base_netmasks  ou=Networks,dc=padl,dc=com?ne
#nss_base_bootparams    ou=Ethers,dc=padl,dc=com?one
#nss_base_aliases   ou=Aliases,dc=padl,dc=com?one
#nss_base_netgroup  ou=Netgroup,dc=padl,dc=com?one

# attribute/objectclass mapping
# Syntax:
#nss_map_attribute  rfc2307attribute    mapped_attribute
#nss_map_objectclass    rfc2307objectclass  mapped_objectclass

# configure --enable-nds is no longer supported.
# NDS mappings
#nss_map_attribute uniqueMember member

# Services for UNIX 3.5 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount User
#nss_map_attribute uid msSFU30Name
#nss_map_attribute uniqueMember msSFU30PosixMember
#nss_map_attribute userPassword msSFU30Password
#nss_map_attribute homeDirectory msSFU30HomeDirectory
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_objectclass posixGroup Group
#pam_login_attribute msSFU30Name
#pam_filter objectclass=User
#pam_password ad

# configure --enable-mssfu-schema is no longer supported.
# Services for UNIX 2.0 mappings
#nss_map_objectclass posixAccount User
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid msSFUName
#nss_map_attribute uniqueMember posixMember
#nss_map_attribute userPassword msSFUPassword
#nss_map_attribute homeDirectory msSFUHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup Group
#nss_map_attribute cn msSFUName
#pam_login_attribute msSFUName
#pam_filter objectclass=User
#pam_password ad

# RFC 2307 (AD) mappings
#nss_map_objectclass posixAccount user
#nss_map_objectclass shadowAccount user
#nss_map_attribute uid sAMAccountName
#nss_map_attribute homeDirectory unixHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup group
#nss_map_attribute uniqueMember member
#pam_login_attribute sAMAccountName
#pam_filter objectclass=User
#pam_password ad

# configure --enable-authpassword is no longer supported
# AuthPassword mappings
#nss_map_attribute userPassword authPassword

# AIX SecureWay mappings
#nss_map_objectclass posixAccount aixAccount
#nss_base_passwd ou=aixaccount,?one
#nss_map_attribute uid userName
#nss_map_attribute gidNumber gid
#nss_map_attribute uidNumber uid
#nss_map_attribute userPassword passwordChar
#nss_map_objectclass posixGroup aixAccessGroup
#nss_base_group ou=aixgroup,?one
#nss_map_attribute cn groupName
#nss_map_attribute uniqueMember member
#pam_login_attribute userName
#pam_filter objectclass=aixAccount
#pam_password clear

# Netscape SDK LDAPS
#ssl on

# Netscape SDK SSL options
#sslpath /etc/ssl/certs

# OpenLDAP SSL mechanism
# start_tls mechanism uses the normal LDAP port, LDAPS typically 636
#ssl start_tls
#ssl on

# OpenLDAP SSL options
# Require and verify server certificate (yes/no)
# Default is to use libldap's default behavior, which can be configured in
# /etc/openldap/ldap.conf using the TLS_REQCERT setting.  The default for
# OpenLDAP 2.0 and earlier is "no", for 2.1 and later is "yes".
#tls_checkpeer yes

# CA certificates for server certificate verification
# At least one of these are required if tls_checkpeer is "yes"
#tls_cacertfile /etc/ssl/ca.cert
#tls_cacertdir /etc/ssl/certs

# Seed the PRNG if /dev/urandom is not provided
#tls_randfile /var/run/egd-pool

# SSL cipher suite
# See man ciphers for syntax
#tls_ciphers TLSv1

# Client certificate and key
# Use these, if your server requires client authentication.
#tls_cert
#tls_key

# Disable SASL security layers. This is needed for AD.
#sasl_secprops maxssf=0

# Override the default Kerberos ticket cache location.
#krb5_ccname FILE:/etc/.ldapcache

# SASL mechanism for PAM authentication - use is experimental
# at present and does not support password policy control
#pam_sasl_mech DIGEST-MD5
nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,dnsmasq,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sync,sys,syslog,usbmux,uucp,whoopsie,www-data

文件/etc/ldap/ldap.conf

#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE    dc=souad,dc=com
URI ldap://192.168.95.133:389

#SIZELIMIT  12
#TIMELIMIT  15
#DEREF      never

# TLS certificates (needed for GnuTLS)
TLS_CACERT  /etc/ssl/certs/ca-certificates.crt

任何想法？

我在 CentOS 6.6 上安装了 freeradius，并配置了文件 /etc/raddb/clients 和 /etc/raddb/users。我正在尝试通过以下命令测试服务器：

radtest Aicha passme 127.0.0.1 100 testing123

这是结果：

radclient:: Failed to find IP address for Host-002
radclient: Nothing to send.
[root@Host-002 ~]# 

这是我的文件 /etc/hosts ：

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

/etc/raddb/users 中用户 Aicha 的声明：

"Aicha"     Cleartext-Password := "passme"
        Framed-IP-Address = 192.168.1.65,
        Reply-Message = "Hello, %{User-Name}"

如何解决？谢谢你。

我想在 CentOS 上安装 Netkit-ng，我执行了这些命令：

tar -xjSf netkit-ng-core-32-3.0.4.tar.bz2
tar -xjSf netkit-ng-filesystem-i386-F7.0-0.1.3.tar.bz2
tar -xjSf netkit-ng-kernel-i386-K3.2-0.1.3.tar.bz2

export NETKIT_HOME=/home/admin/Desktop/netkit
export PATH=$PATH:$NETKIT_HOME/bin
export MANPATH=$MANPATH:$NETKIT_HOME/man


./check_configuration.sh

这是我通过运行最后一个得到的：

[root@localhost netkit]# ./check_configuration.sh
>  Checking path correctness... passed.
>  Checking environment... passed.
>  Checking for availability of man pages... passed.
>  Checking for proper directories in the PATH... passed.
>  Checking for availability of auxiliary tools:
    awk          : ok
    basename     : ok
    date         : ok
    dirname      : ok
    find         : ok
    getopt       : ok
    grep         : ok
    head         : ok
    id           : ok
    kill         : ok
    ls           : ok
    lsof         : ok
    ps           : ok
    readlink     : ok
    wc           : ok
    port-helper  : ok
    tunctl       : ok
    uml_mconsole : ok
    uml_switch   : ok
passed.
>  Checking for availability of terminal emulator applications:
    xterm          : found
    konsole        : not found
    gnome-terminal : found
passed.
>  Checking filesystem type... passed.
>  Checking whether executables can run... failed!

*** Error: Your system appears not to be able to run the linux kernel.


[ ERROR ] Your system is not configured properly. Please correct the
          above errors before starting to use Netkit.

我该如何解决？谢谢你