6234
6259
"管理本地用户和组的过程是很直接的,对于大多数其他GNU/Linux操作系统而言差异很小。Ubuntu和其他基于Debian的发行版,都鼓励使用\"addu"
6237
#: serverguide/C/security.xml:88(para)
6262
#: serverguide/C/security.xml:77(para)
6239
6264
"To add a user account, use the following syntax, and follow the prompts to "
6240
6265
"give the account a password and identifiable characteristics such as a full "
6241
6266
"name, phone number, etc."
6242
6267
msgstr "如需添加帐户,请使用下述语句,并根据提示给帐户设置密码以及可识别的特征(如全名,电话等)。"
6244
#: serverguide/C/security.xml:92(command)
6269
#: serverguide/C/security.xml:81(command)
6245
6270
msgid "sudo adduser username"
6246
6271
msgstr "sudo adduser username"
6248
#: serverguide/C/security.xml:96(para)
6273
#: serverguide/C/security.xml:85(para)
6250
6275
"To delete a user account and its primary group, use the following syntax:"
6251
6276
msgstr "要删除一个用户及其主要组别,使用如下命令:"
6253
#: serverguide/C/security.xml:100(command)
6278
#: serverguide/C/security.xml:89(command)
6254
6279
msgid "sudo deluser username"
6255
6280
msgstr "sudo deluser username"
6257
#: serverguide/C/security.xml:102(para)
6282
#: serverguide/C/security.xml:91(para)
6259
6284
"Deleting an account does not remove their respective home folder. It is up "
6260
6285
"to you whether or not you wish to delete the folder manually or keep it "
6261
6286
"according to your desired retention policies."
6262
6287
msgstr "删除一个帐号并不会同时删除其相应的home文件夹。要你自己决定性是手动把它删掉还是根据你的保留政策而将其留下来。"
6264
#: serverguide/C/security.xml:105(para)
6289
#: serverguide/C/security.xml:94(para)
6266
6291
"Remember, any user added later on with the same UID/GID as the previous "
6267
6292
"owner will now have access to this folder if you have not taken the "
6268
6293
"necessary precautions."
6269
6294
msgstr "请记住,如果不采取预防措施,将来添加的任何与以前拥有者相同UID/GID的用户都能够进入到此文件夹。"
6271
#: serverguide/C/security.xml:108(para)
6296
#: serverguide/C/security.xml:97(para)
6273
6298
"You may want to change these UID/GID values to something more appropriate, "
6274
6299
"such as the root account, and perhaps even relocate the folder to avoid "
6275
6300
"future conflicts:"
6276
6301
msgstr "你可以将这些UID/GID改成比较合适的值,如根帐户,或许将文件夹也移至新位置以避免将来发生的冲突。"
6278
#: serverguide/C/security.xml:112(command)
6303
#: serverguide/C/security.xml:101(command)
6279
6304
msgid "sudo chown -R root:root /home/username/"
6280
6305
msgstr "sudo chown -R root:root /home/username/"
6282
#: serverguide/C/security.xml:113(command)
6307
#: serverguide/C/security.xml:102(command)
6283
6308
msgid "sudo mkdir /home/archived_users/"
6284
6309
msgstr "sudo mkdir /home/archived_users/"
6286
#: serverguide/C/security.xml:114(command)
6311
#: serverguide/C/security.xml:103(command)
6287
6312
msgid "sudo mv /home/username /home/archived_users/"
6288
6313
msgstr "sudo mv /home/username /home/archived_users/"
6290
#: serverguide/C/security.xml:118(para)
6315
#: serverguide/C/security.xml:107(para)
6292
6317
"To temporarily lock or unlock a user account, use the following syntax, "
6293
6318
"respectively:"
6294
6319
msgstr "要暂时锁住或解锁一个用户帐户,请相应地使用如下命令语句:"
6296
#: serverguide/C/security.xml:122(command)
6321
#: serverguide/C/security.xml:111(command)
6297
6322
msgid "sudo passwd -l username"
6298
6323
msgstr "sudo passwd -l 用户名"
6300
#: serverguide/C/security.xml:123(command)
6325
#: serverguide/C/security.xml:112(command)
6301
6326
msgid "sudo passwd -u username"
6302
6327
msgstr "sudo passwd -u 用户名"
6304
#: serverguide/C/security.xml:127(para)
6329
#: serverguide/C/security.xml:116(para)
6306
6331
"To add or delete a personalized group, use the following syntax, "
6307
6332
"respectively:"
6308
6333
msgstr "要添加或删除一个个性化组,请相应地使用如下命令语句:"
6310
#: serverguide/C/security.xml:131(command)
6335
#: serverguide/C/security.xml:120(command)
6311
6336
msgid "sudo addgroup groupname"
6312
6337
msgstr "sudo addgroup groupname"
6314
#: serverguide/C/security.xml:132(command)
6339
#: serverguide/C/security.xml:121(command)
6315
6340
msgid "sudo delgroup groupname"
6316
6341
msgstr "sudo delgroup 组名称"
6318
#: serverguide/C/security.xml:136(para)
6343
#: serverguide/C/security.xml:125(para)
6319
6344
msgid "To add a user to a group, use the following syntax:"
6320
6345
msgstr "要将一个用户加入到某个组,请使用如下命令语句:"
6322
#: serverguide/C/security.xml:140(command)
6347
#: serverguide/C/security.xml:129(command)
6323
6348
msgid "sudo adduser username groupname"
6324
6349
msgstr "sudo adduser username groupname"
6326
#: serverguide/C/security.xml:147(title)
6351
#: serverguide/C/security.xml:136(title)
6327
6352
msgid "User Profile Security"
6328
6353
msgstr "用户资料安全"
6330
#: serverguide/C/security.xml:148(para)
6355
#: serverguide/C/security.xml:137(para)
6332
6357
"When a new user is created, the adduser utility creates a brand new home "
6333
6358
"directory named <filename class=\"directory\">/home/username</filename>, "
11387
11411
"Personal Package Archive (PPA)</ulink>."
11390
#: serverguide/C/remote-administration.xml:606(para)
11414
#: serverguide/C/remote-administration.xml:566(para)
11392
11416
"Not present on Ubuntu Universe repositories, but on <ulink "
11393
11417
"url=\"https://launchpad.net/~zentyal/\">Zentyal Team PPA</ulink> you will "
11394
11418
"find these other modules:"
11397
#: serverguide/C/remote-administration.xml:613(para)
11421
#: serverguide/C/remote-administration.xml:573(para)
11399
11423
"zentyal-antivirus: integrates <application>ClamAV</application> antivirus "
11400
11424
"with other modules like the proxy, file sharing or mailfilter."
11403
#: serverguide/C/remote-administration.xml:620(para)
11427
#: serverguide/C/remote-administration.xml:580(para)
11405
11429
"zentyal-asterisk: configures <application>Asterisk</application> to provide "
11406
11430
"a simple PBX with LDAP based authentication."
11409
#: serverguide/C/remote-administration.xml:626(para)
11433
#: serverguide/C/remote-administration.xml:586(para)
11411
11435
"zentyal-bwmonitor: allows to monitor bandwith usage of your LAN clients."
11414
#: serverguide/C/remote-administration.xml:632(para)
11438
#: serverguide/C/remote-administration.xml:592(para)
11416
11440
"zentyal-captiveportal: integrates a captive portal with the firewall and "
11417
11441
"LDAP users and groups."
11420
#: serverguide/C/remote-administration.xml:638(para)
11444
#: serverguide/C/remote-administration.xml:598(para)
11422
11446
"zentyal-ebackup: allows to make scheduled backups of your server using the "
11423
11447
"popular <application>duplicity</application> backup tool."
11426
#: serverguide/C/remote-administration.xml:644(para)
11450
#: serverguide/C/remote-administration.xml:604(para)
11427
11451
msgid "zentyal-ftp: configures a FTP server with LDAP based authentication."
11430
#: serverguide/C/remote-administration.xml:649(para)
11454
#: serverguide/C/remote-administration.xml:609(para)
11431
11455
msgid "zentyal-ids: integrates a network intrusion detection system."
11434
#: serverguide/C/remote-administration.xml:654(para)
11458
#: serverguide/C/remote-administration.xml:614(para)
11436
11460
"zentyal-ipsec: allows to configure IPsec tunnels using "
11437
11461
"<application>OpenSwan</application>."
11440
#: serverguide/C/remote-administration.xml:660(para)
11464
#: serverguide/C/remote-administration.xml:620(para)
11442
11466
"zentyal-jabber: integrates <application>ejabberd</application> XMPP server "
11443
11467
"with LDAP users and groups."
11446
#: serverguide/C/remote-administration.xml:666(para)
11470
#: serverguide/C/remote-administration.xml:626(para)
11448
11472
"zentyal-thinclients: a <application>LTSP</application> based thin clients "
11452
#: serverguide/C/remote-administration.xml:672(para)
11476
#: serverguide/C/remote-administration.xml:632(para)
11454
11478
"zentyal-mail: a full mail stack including <application>Postfix "
11455
11479
"</application> and <application>Dovecot</application> with LDAP backend."
11458
#: serverguide/C/remote-administration.xml:679(para)
11482
#: serverguide/C/remote-administration.xml:639(para)
11460
11484
"zentyal-mailfilter: configures <application>amavisd</application> with mail "
11461
11485
"stack to filter spam and attached virus."
11464
#: serverguide/C/remote-administration.xml:685(para)
11488
#: serverguide/C/remote-administration.xml:645(para)
11466
11490
"zentyal-monitor: integrates <application>collectd</application> to monitor "
11467
11491
"server performance and running services."
11470
#: serverguide/C/remote-administration.xml:691(para)
11494
#: serverguide/C/remote-administration.xml:651(para)
11472
11496
"zentyal-pptp: configures a <application>PPTP</application> VPN server."
11475
#: serverguide/C/remote-administration.xml:696(para)
11499
#: serverguide/C/remote-administration.xml:656(para)
11477
11501
"zentyal-radius: integrates <application>FreeRADIUS</application> with LDAP "
11478
11502
"users and groups."
11481
#: serverguide/C/remote-administration.xml:702(para)
11505
#: serverguide/C/remote-administration.xml:662(para)
11483
11507
"zentyal-software: simple interface to manage installed "
11484
11508
"<application>Zentyal</application> modules and system updates."
11487
#: serverguide/C/remote-administration.xml:708(para)
11511
#: serverguide/C/remote-administration.xml:668(para)
11489
11513
"zentyal-trafficshaping: configures traffic limiting rules to do bandwidth "
11490
11514
"throttling and improve latency."
11493
#: serverguide/C/remote-administration.xml:714(para)
11517
#: serverguide/C/remote-administration.xml:674(para)
11495
11519
"zentyal-usercorner: allows users to edit their own LDAP attributes using a "
11496
11520
"web browser."
11499
#: serverguide/C/remote-administration.xml:720(para)
11523
#: serverguide/C/remote-administration.xml:680(para)
11501
11525
"zentyal-virt: simple interface to create and manage virtual machines based "
11502
11526
"on <application>libvirt</application>."
11505
#: serverguide/C/remote-administration.xml:726(para)
11529
#: serverguide/C/remote-administration.xml:686(para)
11507
11531
"zentyal-webmail: allows to access your mail using the popular "
11508
11532
"<application>Roundcube</application> webmail."
11511
#: serverguide/C/remote-administration.xml:732(para)
11535
#: serverguide/C/remote-administration.xml:692(para)
11513
11537
"zentyal-webserver: configures <application>Apache</application> webserver to "
11514
11538
"host different sites on your machine."
11517
#: serverguide/C/remote-administration.xml:738(para)
11541
#: serverguide/C/remote-administration.xml:698(para)
11519
11543
"zentyal-zarafa: integrates <application>Zarafa</application> groupware suite "
11520
11544
"with <application>Zentyal</application> mail stack and LDAP."
11523
#: serverguide/C/remote-administration.xml:750(title)
11547
#: serverguide/C/remote-administration.xml:710(title)
11524
11548
msgid "First steps"
11527
#: serverguide/C/remote-administration.xml:752(para)
11551
#: serverguide/C/remote-administration.xml:712(para)
11529
11553
"Any system account belonging to the sudo group is allowed to log into "
11530
11554
"<application>Zentyal</application> web interface. If you are using the user "
11531
11555
"created during the installation, this should be in the sudo group by default."
11534
#: serverguide/C/remote-administration.xml:760(para)
11558
#: serverguide/C/remote-administration.xml:720(para)
11535
11559
msgid "If you need to add another user to the sudo group, just execute:"
11538
#: serverguide/C/remote-administration.xml:765(command)
11562
#: serverguide/C/remote-administration.xml:725(command)
11539
11563
msgid "sudo adduser username sudo"
11542
#: serverguide/C/remote-administration.xml:769(para)
11566
#: serverguide/C/remote-administration.xml:729(para)
11544
11568
"To access <application>Zentyal</application> web interface, browse into "
11545
11569
"https://localhost/ (or the IP of your remote server). As Zentyal creates its "
12615
12653
"Committed revision 2."
12618
#: serverguide/C/other-apps.xml:256(para)
12656
#: serverguide/C/other-apps.xml:239(para)
12620
12658
"For an example of how <application>etckeeper</application> tracks manual "
12621
12659
"changes, add new a host to <filename>/etc/hosts</filename>. Using "
12622
12660
"<application>bzr</application> you can see which files have been modified:"
12625
#: serverguide/C/other-apps.xml:262(command)
12663
#: serverguide/C/other-apps.xml:245(command)
12626
12664
msgid "sudo bzr status /etc/"
12629
#: serverguide/C/other-apps.xml:263(computeroutput)
12667
#: serverguide/C/other-apps.xml:246(computeroutput)
12632
12670
"modified:\n"
12636
#: serverguide/C/other-apps.xml:267(para)
12674
#: serverguide/C/other-apps.xml:250(para)
12637
12675
msgid "Now commit the changes:"
12640
#: serverguide/C/other-apps.xml:272(command)
12641
msgid "sudo etckeeper commit \"new host\""
12678
#: serverguide/C/other-apps.xml:295(command)
12679
msgid "sudo etckeeper commit \"added new host\""
12644
#: serverguide/C/other-apps.xml:275(para)
12682
#: serverguide/C/other-apps.xml:258(para)
12646
12684
"For more information on <application>bzr</application> see <xref "
12647
12685
"linkend=\"bazaar\"/>."
12650
#: serverguide/C/other-apps.xml:281(title)
12688
#: serverguide/C/other-apps.xml:345(para)
12691
"url=\"http://kitenet.net/~joey/code/etckeeper/\">etckeeper</ulink> site for "
12692
"more details on using <application>etckeeper</application>."
12695
#: serverguide/C/other-apps.xml:351(para)
12697
"The <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
12698
"Ubuntu Wiki</ulink> page."
12701
#: serverguide/C/other-apps.xml:356(para)
12703
"For the latest news and information about <application>bzr</application> see "
12704
"the <ulink url=\"http://bazaar-vcs.org/\">bzr</ulink> web site."
12707
#: serverguide/C/other-apps.xml:264(title)
12651
12708
msgid "Byobu"
12654
#: serverguide/C/other-apps.xml:283(para)
12656
"One of the most useful applications for any system administrator is "
12657
"<application>screen</application>. It allows the execution of multiple "
12658
"shells in one terminal. To make some of the advanced "
12659
"<application>screen</application> features more user friendly, and provide "
12660
"some useful information about the system, the "
12661
"<application>byobu</application> package was created."
12664
#: serverguide/C/other-apps.xml:290(para)
12666
"When executing <application>byobu</application> pressing the "
12667
"<emphasis>F9</emphasis> key will bring up the "
12668
"<application>Configuration</application> menu. This menu will allow you to:"
12671
#: serverguide/C/other-apps.xml:296(para)
12711
#: serverguide/C/other-apps.xml:337(para)
12713
"One of the most useful applications for any system administrator is an xterm "
12714
"multiplexor such as <application>screen</application> or "
12715
"<application>tmux</application>. It allows for the execution of multiple "
12716
"shells in one terminal. To make some of the advanced multiplexor features "
12717
"more user-friendly and provide some useful information about the system, the "
12718
"<application>byobu</application> package was created. It acts as a wrapper "
12719
"to these programs. By default Byobu uses tmux (if installed) but this can be "
12720
"changed by the user."
12723
#: serverguide/C/other-apps.xml:344(para)
12724
msgid "Invoke it simply with:"
12727
#: serverguide/C/other-apps.xml:349(command)
12731
#: serverguide/C/other-apps.xml:352(para)
12733
"Now bring up the configuration menu. By default this is done by pressing the "
12734
"<emphasis>F9</emphasis> key. This will allow you to:"
12737
#: serverguide/C/other-apps.xml:279(para)
12672
12738
msgid "View the Help menu"
12673
12739
msgstr "查看帮助菜单"
12675
#: serverguide/C/other-apps.xml:297(para)
12741
#: serverguide/C/other-apps.xml:280(para)
12676
12742
msgid "Change Byobu's background color"
12679
#: serverguide/C/other-apps.xml:298(para)
12745
#: serverguide/C/other-apps.xml:281(para)
12680
12746
msgid "Change Byobu's foreground color"
12683
#: serverguide/C/other-apps.xml:299(para)
12749
#: serverguide/C/other-apps.xml:282(para)
12684
12750
msgid "Toggle status notifications"
12687
#: serverguide/C/other-apps.xml:300(para)
12753
#: serverguide/C/other-apps.xml:283(para)
12688
12754
msgid "Change the key binding set"
12691
#: serverguide/C/other-apps.xml:301(para)
12757
#: serverguide/C/other-apps.xml:284(para)
12692
12758
msgid "Change the escape sequence"
12695
#: serverguide/C/other-apps.xml:302(para)
12761
#: serverguide/C/other-apps.xml:285(para)
12696
12762
msgid "Create new windows"
12699
#: serverguide/C/other-apps.xml:303(para)
12765
#: serverguide/C/other-apps.xml:286(para)
12700
12766
msgid "Manage the default windows"
12703
#: serverguide/C/other-apps.xml:304(para)
12769
#: serverguide/C/other-apps.xml:287(para)
12704
12770
msgid "Byobu currently does not launch at login (toggle on)"
12707
#: serverguide/C/other-apps.xml:307(para)
12773
#: serverguide/C/other-apps.xml:290(para)
12709
12775
"The <emphasis>key bindings</emphasis> determine such things as the escape "
12710
12776
"sequence, new window, change window, etc. There are two key binding sets to "
16323
16371
"MIDSTART=10000\n"
16326
#: serverguide/C/network-auth.xml:1806(para)
16374
#: serverguide/C/network-auth.xml:1827(para)
16328
16376
"Now, create the <filename>ldapscripts.passwd</filename> file to allow rootDN "
16329
16377
"access to the directory:"
16332
#: serverguide/C/network-auth.xml:1811(command)
16380
#: serverguide/C/network-auth.xml:1832(command)
16334
16382
"sudo sh -c \"echo -n 'secret' > /etc/ldapscripts/ldapscripts.passwd\""
16337
#: serverguide/C/network-auth.xml:1812(command)
16385
#: serverguide/C/network-auth.xml:1833(command)
16338
16386
msgid "sudo chmod 400 /etc/ldapscripts/ldapscripts.passwd"
16341
#: serverguide/C/network-auth.xml:1816(para)
16389
#: serverguide/C/network-auth.xml:1837(para)
16343
16391
"Replace <quote>secret</quote> with the actual password for your database's "
16344
16392
"rootDN user."
16347
#: serverguide/C/network-auth.xml:1821(para)
16395
#: serverguide/C/network-auth.xml:1842(para)
16349
16397
"The scripts are now ready to help manage your directory. Here are some "
16350
16398
"examples of how to use them:"
16353
#: serverguide/C/network-auth.xml:1828(para)
16401
#: serverguide/C/network-auth.xml:1849(para)
16354
16402
msgid "Create a new user:"
16357
#: serverguide/C/network-auth.xml:1833(command)
16405
#: serverguide/C/network-auth.xml:1854(command)
16358
16406
msgid "sudo ldapadduser george example"
16361
#: serverguide/C/network-auth.xml:1836(para)
16409
#: serverguide/C/network-auth.xml:1857(para)
16363
16411
"This will create a user with uid <emphasis role=\"italic\">george</emphasis> "
16364
16412
"and set the user's primary group (gid) to <emphasis "
16365
16413
"role=\"italic\">example</emphasis>"
16368
#: serverguide/C/network-auth.xml:1843(para)
16416
#: serverguide/C/network-auth.xml:1864(para)
16369
16417
msgid "Change a user's password:"
16372
#: serverguide/C/network-auth.xml:1848(command)
16420
#: serverguide/C/network-auth.xml:1869(command)
16373
16421
msgid "sudo ldapsetpasswd george"
16376
#: serverguide/C/network-auth.xml:1849(computeroutput)
16424
#: serverguide/C/network-auth.xml:1870(computeroutput)
16378
16426
msgid "Changing password for user uid=george,ou=People,dc=example,dc=com"
16381
#: serverguide/C/network-auth.xml:1850(userinput)
16429
#: serverguide/C/network-auth.xml:1871(userinput)
16383
16431
msgid "New Password: "
16386
#: serverguide/C/network-auth.xml:1851(userinput)
16434
#: serverguide/C/network-auth.xml:1872(userinput)
16388
16436
msgid "New Password (verify): "
16391
#: serverguide/C/network-auth.xml:1857(para)
16439
#: serverguide/C/network-auth.xml:1878(para)
16392
16440
msgid "Delete a user:"
16395
#: serverguide/C/network-auth.xml:1862(command)
16443
#: serverguide/C/network-auth.xml:1883(command)
16396
16444
msgid "sudo ldapdeleteuser george"
16399
#: serverguide/C/network-auth.xml:1868(para)
16447
#: serverguide/C/network-auth.xml:1889(para)
16400
16448
msgid "Add a group:"
16403
#: serverguide/C/network-auth.xml:1873(command)
16451
#: serverguide/C/network-auth.xml:1894(command)
16404
16452
msgid "sudo ldapaddgroup qa"
16407
#: serverguide/C/network-auth.xml:1879(para)
16455
#: serverguide/C/network-auth.xml:1900(para)
16408
16456
msgid "Delete a group:"
16411
#: serverguide/C/network-auth.xml:1884(command)
16459
#: serverguide/C/network-auth.xml:1905(command)
16412
16460
msgid "sudo ldapdeletegroup qa"
16415
#: serverguide/C/network-auth.xml:1890(para)
16463
#: serverguide/C/network-auth.xml:1911(para)
16416
16464
msgid "Add a user to a group:"
16419
#: serverguide/C/network-auth.xml:1895(command)
16467
#: serverguide/C/network-auth.xml:1916(command)
16420
16468
msgid "sudo ldapaddusertogroup george qa"
16423
#: serverguide/C/network-auth.xml:1898(para)
16471
#: serverguide/C/network-auth.xml:1919(para)
16425
16473
"You should now see a <emphasis>memberUid</emphasis> attribute for the "
16426
16474
"<emphasis role=\"italic\">qa</emphasis> group with a value of <emphasis "
16427
16475
"role=\"italic\">george</emphasis>."
16430
#: serverguide/C/network-auth.xml:1905(para)
16478
#: serverguide/C/network-auth.xml:1926(para)
16431
16479
msgid "Remove a user from a group:"
16434
#: serverguide/C/network-auth.xml:1910(command)
16482
#: serverguide/C/network-auth.xml:1931(command)
16435
16483
msgid "sudo ldapdeleteuserfromgroup george qa"
16438
#: serverguide/C/network-auth.xml:1913(para)
16486
#: serverguide/C/network-auth.xml:1934(para)
16440
16488
"The <emphasis>memberUid</emphasis> attribute should now be removed from the "
16441
16489
"<emphasis role=\"italic\">qa</emphasis> group."
16444
#: serverguide/C/network-auth.xml:1920(para)
16492
#: serverguide/C/network-auth.xml:1941(para)
16446
16494
"The <application>ldapmodifyuser</application> script allows you to add, "
16447
16495
"remove, or replace a user's attributes. The script uses the same syntax as "
16448
16496
"the <application>ldapmodify</application> utility. For example:"
16451
#: serverguide/C/network-auth.xml:1926(command)
16499
#: serverguide/C/network-auth.xml:1947(command)
16452
16500
msgid "sudo ldapmodifyuser george"
16455
#: serverguide/C/network-auth.xml:1927(computeroutput)
16503
#: serverguide/C/network-auth.xml:1948(computeroutput)
16458
16506
"# About to modify the following entry :\n"
16699
16747
"45 22 * * * root /usr/local/bin/ldapbackup\n"
16702
#: serverguide/C/network-auth.xml:2088(para)
16750
#: serverguide/C/network-auth.xml:2109(para)
16703
16751
msgid "Now the files are created, they should be copied to a backup server."
16706
#: serverguide/C/network-auth.xml:2093(para)
16754
#: serverguide/C/network-auth.xml:2114(para)
16708
16756
"Assuming we did a fresh reinstall of ldap, the restore process could be "
16709
16757
"something like this:"
16712
#: serverguide/C/network-auth.xml:2099(command)
16760
#: serverguide/C/network-auth.xml:2120(command)
16713
16761
msgid "sudo service slapd stop"
16716
#: serverguide/C/network-auth.xml:2100(command)
16764
#: serverguide/C/network-auth.xml:2121(command)
16717
16765
msgid "sudo mkdir /var/lib/ldap/accesslog"
16720
#: serverguide/C/network-auth.xml:2101(command)
16768
#: serverguide/C/network-auth.xml:2122(command)
16721
16769
msgid "sudo slapadd -F /etc/ldap/slapd.d -n 0 -l /export/backup/config.ldif"
16724
#: serverguide/C/network-auth.xml:2102(command)
16772
#: serverguide/C/network-auth.xml:2123(command)
16726
16774
"sudo slapadd -F /etc/ldap/slapd.d -n 1 -l /export/backup/domain.com.ldif"
16729
#: serverguide/C/network-auth.xml:2103(command)
16777
#: serverguide/C/network-auth.xml:2124(command)
16730
16778
msgid "sudo slapadd -F /etc/ldap/slapd.d -n 2 -l /export/backup/access.ldif"
16733
#: serverguide/C/network-auth.xml:2104(command)
16781
#: serverguide/C/network-auth.xml:2125(command)
16734
16782
msgid "sudo chown -R openldap:openldap /etc/ldap/slapd.d/"
16737
#: serverguide/C/network-auth.xml:2105(command)
16785
#: serverguide/C/network-auth.xml:2126(command)
16738
16786
msgid "sudo chown -R openldap:openldap /var/lib/ldap/"
16741
#: serverguide/C/network-auth.xml:2106(command)
16789
#: serverguide/C/network-auth.xml:2127(command)
16742
16790
msgid "sudo service slapd start"
16745
#: serverguide/C/network-auth.xml:2117(para)
16793
#: serverguide/C/network-auth.xml:2138(para)
16747
16795
"The primary resource is the upstream documentation: <ulink "
16748
16796
"url=\"http://www.openldap.org/\">www.openldap.org</ulink>"
16751
#: serverguide/C/network-auth.xml:2123(para)
16799
#: serverguide/C/network-auth.xml:2144(para)
16753
16801
"There are many man pages that come with the slapd package. Here are some "
16754
16802
"important ones, especially considering the material presented in this guide:"
16757
#: serverguide/C/network-auth.xml:2129(ulink)
16805
#: serverguide/C/network-auth.xml:2150(ulink)
16758
16806
msgid "slapd"
16761
#: serverguide/C/network-auth.xml:2130(ulink)
16809
#: serverguide/C/network-auth.xml:2151(ulink)
16762
16810
msgid "slapd-config"
16765
#: serverguide/C/network-auth.xml:2131(ulink)
16813
#: serverguide/C/network-auth.xml:2152(ulink)
16766
16814
msgid "slapd.access"
16769
#: serverguide/C/network-auth.xml:2132(ulink)
16817
#: serverguide/C/network-auth.xml:2153(ulink)
16770
16818
msgid "slapo-syncprov"
16773
#: serverguide/C/network-auth.xml:2138(para)
16821
#: serverguide/C/network-auth.xml:2159(para)
16774
16822
msgid "Other man pages:"
16777
#: serverguide/C/network-auth.xml:2143(ulink)
16825
#: serverguide/C/network-auth.xml:2164(ulink)
16778
16826
msgid "auth-client-config"
16781
#: serverguide/C/network-auth.xml:2144(ulink)
16829
#: serverguide/C/network-auth.xml:2165(ulink)
16782
16830
msgid "pam-auth-update"
16785
#: serverguide/C/network-auth.xml:2150(para)
16833
#: serverguide/C/network-auth.xml:2171(para)
16787
16835
"Zytrax's <ulink url=\"http://www.zytrax.com/books/ldap/\">LDAP for Rocket "
16788
16836
"Scientists</ulink>; a less pedantic but comprehensive treatment of LDAP"
16791
#: serverguide/C/network-auth.xml:2156(para)
16839
#: serverguide/C/network-auth.xml:2177(para)
16793
16841
"A Ubuntu community <ulink "
16794
16842
"url=\"https://help.ubuntu.com/community/OpenLDAPServer\">OpenLDAP "
16795
16843
"wiki</ulink> page has a collection of notes"
16798
#: serverguide/C/network-auth.xml:2162(para)
16846
#: serverguide/C/network-auth.xml:2183(para)
16800
16848
"O'Reilly's <ulink url=\"http://www.oreilly.com/catalog/ldapsa/\">LDAP System "
16801
16849
"Administration</ulink> (textbook; 2003)"
16804
#: serverguide/C/network-auth.xml:2168(para)
16852
#: serverguide/C/network-auth.xml:2189(para)
16806
16854
"Packt's <ulink url=\"http://www.packtpub.com/OpenLDAP-Developers-Server-Open-"
16807
16855
"Source-Linux/book\">Mastering OpenLDAP</ulink> (textbook; 2007)"
16810
#: serverguide/C/network-auth.xml:2179(title)
16858
#: serverguide/C/network-auth.xml:2200(title)
16811
16859
msgid "Samba and LDAP"
16814
#: serverguide/C/network-auth.xml:2181(para)
16862
#: serverguide/C/network-auth.xml:2202(para)
16816
16864
"This section covers the integration of Samba with LDAP. The Samba server's "
16817
16865
"role will be that of a \"standalone\" server and the LDAP directory will "
16818
16866
"provide the authentication layer in addition to containing the user, group, "
16819
16867
"and machine account information that Samba requires in order to function (in "
16820
"any of it's 3 possible roles). The pre-requisite is an OpenLDAP server "
16868
"any of its 3 possible roles). The pre-requisite is an OpenLDAP server "
16821
16869
"configured with a directory that can accept authentication requests. See "
16822
16870
"<xref linkend=\"openldap-server\"/> for details on fulfilling this "
16823
16871
"requirement. Once this section is completed, you will need to decide what "
16824
16872
"specifically you want Samba to do for you and then configure it accordingly."
16827
#: serverguide/C/network-auth.xml:2190(title)
16875
#: serverguide/C/network-auth.xml:2211(title)
16828
16876
msgid "Software Installation"
16831
#: serverguide/C/network-auth.xml:2192(para)
16879
#: serverguide/C/network-auth.xml:2213(para)
16833
16881
"There are three packages needed when integrating Samba with LDAP: "
16834
16882
"<application>samba</application>, <application>samba-doc</application>, and "
16835
16883
"<application>smbldap-tools</application> packages."
16838
#: serverguide/C/network-auth.xml:2197(para)
16886
#: serverguide/C/network-auth.xml:2223(para)
16840
16888
"Strictly speaking, the <application>smbldap-tools</application> package "
16841
16889
"isn't needed, but unless you have some other way to manage the various Samba "
18689
18737
"l\">kdb5_ldap_util man page</ulink>."
18692
#: serverguide/C/network-auth.xml:3933(para)
18740
#: serverguide/C/network-auth.xml:3959(para)
18694
18742
"Another useful link is the <ulink "
18695
18743
"url=\"http://manpages.ubuntu.com/manpages/trusty/en/man5/krb5.conf.5.html\">k"
18696
18744
"rb5.conf man page</ulink>."
18699
#: serverguide/C/network-auth.xml:3938(para)
18747
#: serverguide/C/network-auth.xml:3967(para)
18701
18749
"Also, see the <ulink "
18702
18750
"url=\"https://help.ubuntu.com/community/Kerberos#kerberos-ldap\">Kerberos "
18703
18751
"and LDAP</ulink> Ubuntu wiki page."
18754
#: serverguide/C/network-auth.xml:3973(title)
18755
msgid "SSSD and Active Directory"
18758
#: serverguide/C/network-auth.xml:3974(para)
18760
"This section describes the use of sssd to authenticate user logins against "
18761
"an Active Directory via using sssd's \"ad\" provider. In previous versions "
18762
"of sssd, it was possible to authenticate using the \"ldap\" provider. "
18763
"However, when authenticating against a Microsoft Windows AD Domain "
18764
"Controller, it was generally necessary to install the POSIX AD extensions on "
18765
"the Domain Controller. The \"ad\" provider simplifies the configuration and "
18766
"requires no modifications to the AD structure."
18769
#: serverguide/C/network-auth.xml:3978(title)
18770
msgid "Prerequisites, Assumptions, and Requirements"
18773
#: serverguide/C/network-auth.xml:3981(para)
18775
"This guide does not explain Active Directory, how it works, how to set one "
18776
"up, or how to maintain it. It may not provide “best practices” for your "
18780
#: serverguide/C/network-auth.xml:3983(para)
18782
"This guide assumes that a working Active Directory domain is already "
18786
#: serverguide/C/network-auth.xml:3985(para)
18788
"The domain controller is acting as an authoritative DNS server for the "
18792
#: serverguide/C/network-auth.xml:3987(para)
18794
"The domain controller is the primary DNS resolver as specified in "
18795
"<filename>/etc/resolv.conf</filename>."
18798
#: serverguide/C/network-auth.xml:3990(para)
18800
"The appropriate <emphasis>_kerberos</emphasis>, <emphasis>_ldap</emphasis>, "
18801
"<emphasis>_kpasswd</emphasis>, etc. entries are configured in the DNS zone "
18802
"(see Resources section for external links)."
18805
#: serverguide/C/network-auth.xml:3992(para)
18807
"System time is synchronized on the domain controller (necessary for "
18811
#: serverguide/C/network-auth.xml:3994(para)
18813
"The domain used in this example is <emphasis>myubuntu.example.com</emphasis> "
18817
#: serverguide/C/network-auth.xml:3999(para)
18819
"The following packages are needed: <emphasis>krb5-user</emphasis>, "
18820
"<emphasis>samba</emphasis>, <emphasis>sssd</emphasis>, and "
18821
"<emphasis>ntp</emphasis>. Samba needs to be installed, even if the system is "
18822
"not exporting shares. The Kerberos realm and FQDN or IP of the domain "
18823
"controllers are needed for this step."
18826
#: serverguide/C/network-auth.xml:4000(para)
18827
msgid "Install these packages now."
18830
#: serverguide/C/network-auth.xml:4002(command)
18831
msgid "sudo apt-get install krb5-user samba sssd ntp"
18834
#: serverguide/C/network-auth.xml:4003(para)
18836
"See the next section for the answers to the questions asked by the "
18837
"<emphasis>krb5-user</emphasis> postinstall script."
18840
#: serverguide/C/network-auth.xml:4006(title)
18841
msgid "Kerberos Configuration"
18844
#: serverguide/C/network-auth.xml:4007(para)
18846
"The installation of <emphasis>krb5-user</emphasis> will prompt for the realm "
18847
"name (in ALL UPPERCASE), the kdc server (i.e. domain controller) and admin "
18848
"server (also the domain controller in this example.) This will write the "
18849
"[realm] and [domain_realm] sections in <filename>/etc/krb5.conf</filename>. "
18850
"These sections may not be necessary if domain autodiscovery is working. If "
18851
"not, then both are needed."
18854
#: serverguide/C/network-auth.xml:4008(para)
18856
"If the domain is <emphasis>myubuntu.example.com</emphasis>, enter the realm "
18857
"as <emphasis>MYUBUNTU.EXAMPLE.COM</emphasis>"
18860
#: serverguide/C/network-auth.xml:4011(para)
18862
"Optionally, edit <emphasis>/etc/krb5.conf</emphasis> with a few additional "
18863
"settings to specify Kerberos ticket lifetime (these values are safe to use "
18867
#: serverguide/C/network-auth.xml:4012(programlisting)
18873
"default_realm = MYUBUNTU.EXAMPLE.COM\n"
18874
"ticket_lifetime = 24h #\n"
18875
"renew_lifetime = 7d\n"
18879
#: serverguide/C/network-auth.xml:4020(para)
18881
"If default_realm is not specified, it may be necessary to log in with "
18882
"“username@domain” instead of “username”."
18885
#: serverguide/C/network-auth.xml:4022(para)
18887
"The system time on the Active Directory member needs to be consistent with "
18888
"that of the domain controller, or Kerberos authentication may fail. Ideally, "
18889
"the domain controller server itself will provide the NTP service. Edit "
18890
"<filename>/etc/ntp.conf</filename>:"
18893
#: serverguide/C/network-auth.xml:4024(programlisting)
18897
"server dc.myubuntu.example.com\n"
18900
#: serverguide/C/network-auth.xml:4031(para)
18902
"Samba will be used to perform netbios/nmbd services related to Active "
18903
"Directory authentication, even if no file shares are exported. Edit the file "
18904
"/etc/samba/smb.conf and add the following to the "
18905
"<emphasis>[global]</emphasis> section:"
18908
#: serverguide/C/network-auth.xml:4033(programlisting)
18914
"workgroup = MYUBUNTU\n"
18915
"client signing = yes\n"
18916
"client use spnego = yes\n"
18917
"kerberos method = secrets and keytab\n"
18918
"realm = MYUBUNTU.EXAMPLE.COM\n"
18922
#: serverguide/C/network-auth.xml:4044(para)
18924
"Some guides specify that \"password server\" should be specified and pointed "
18925
"to the domain controller. This is only necessary if DNS is not properly set "
18926
"up to find the DC. By default, Samba will display a warning if \"password "
18927
"server\" is specified with \"security = ads\"."
18930
#: serverguide/C/network-auth.xml:4049(title)
18931
msgid "SSSD Configuration"
18934
#: serverguide/C/network-auth.xml:4051(para)
18936
"There is no default/example config file for "
18937
"<filename>/etc/sssd/sssd.conf</filename> included in the sssd package. It is "
18938
"necessary to create one. This is a minimal working config file:"
18941
#: serverguide/C/network-auth.xml:4053(programlisting)
18946
"services = nss, pam\n"
18947
"config_file_version = 2\n"
18948
"domains = MYUBUNTU.EXAMPLE.COM\n"
18950
"[domain/MYUBUNTU.EXAMPLE.COM]\n"
18951
"id_provider = ad\n"
18952
"access_provider = ad\n"
18954
"# Use this if users are being logged in at /.\n"
18955
"# This example specifies /home/DOMAIN-FQDN/user as $HOME. Use with "
18956
"pam_mkhomedir.so\n"
18957
"override_homedir = /home/%d/%u\n"
18959
"# Uncomment if the client machine hostname doesn't match the computer object "
18961
"# ad_hostname = mymachine.myubuntu.example.com\n"
18963
"# Uncomment if DNS SRV resolution is not working\n"
18964
"# ad_server = dc.mydomain.example.com\n"
18966
"# Uncomment if the AD domain is named differently than the Samba domain\n"
18967
"# ad_domain = MYUBUNTU.EXAMPLE.COM\n"
18969
"# Enumeration is discouraged for performance reasons.\n"
18970
"# enumerate = true\n"
18973
#: serverguide/C/network-auth.xml:4080(para)
18975
"After saving this file, set the ownership to root and the file permissions "
18979
#: serverguide/C/network-auth.xml:4081(command)
18980
msgid "sudo chown root:root /etc/sssd/sssd.conf"
18983
#: serverguide/C/network-auth.xml:4082(command)
18984
msgid "sudo chmod 600 /etc/sssd/sssd.conf"
18987
#: serverguide/C/network-auth.xml:4084(para)
18989
"If the ownership or permissions are not correct, sssd will refuse to start."
18992
#: serverguide/C/network-auth.xml:4088(title)
18993
msgid "Verify nsswitch.conf Configuration"
18996
#: serverguide/C/network-auth.xml:4089(para)
18998
"The post-install script for the sssd package makes some modifications to "
18999
"/etc/nsswitch.conf automatically. It should look something like this:"
19002
#: serverguide/C/network-auth.xml:4091(programlisting)
19006
"passwd: compat sss\n"
19007
"group: compat sss\n"
19009
"netgroup: nis sss\n"
19010
"sudoers: files sss\n"
19013
#: serverguide/C/network-auth.xml:4101(title)
19014
msgid "Modify /etc/hosts"
19017
#: serverguide/C/network-auth.xml:4102(para)
19019
"Add an alias to the localhost entry in /etc/hosts specifying the FQDN. For "
19023
#: serverguide/C/network-auth.xml:4103(programlisting)
19025
msgid "192.168.1.10 myserver myserver.myubuntu.example.com"
19028
#: serverguide/C/network-auth.xml:4105(para)
19029
msgid "This is useful in conjunction with dynamic DNS updates."
19032
#: serverguide/C/network-auth.xml:4109(title)
19033
msgid "Join the Active Directory"
19036
#: serverguide/C/network-auth.xml:4110(para)
19037
msgid "Now, restart ntp and samba and start sssd."
19040
#: serverguide/C/virtualization.xml:2208(command)
19041
msgid "sudo service ntp restart"
19044
#: serverguide/C/network-auth.xml:4114(command)
19045
msgid "sudo start sssd"
19048
#: serverguide/C/network-auth.xml:4116(para)
19049
msgid "Test the configuration by obtaining a Kerberos ticket:"
19052
#: serverguide/C/network-auth.xml:4118(command)
19053
msgid "sudo kinit Administrator"
19056
#: serverguide/C/network-auth.xml:4120(para)
19057
msgid "Verify the ticket with:"
19060
#: serverguide/C/network-auth.xml:4121(command)
19064
#: serverguide/C/network-auth.xml:4123(para)
19066
"If there is a ticket with an expiration date listed, then it is time to join "
19070
#: serverguide/C/network-auth.xml:4125(command)
19071
msgid "sudo net ads join -k"
19074
#: serverguide/C/network-auth.xml:4127(para)
19076
"A warning about \"No DNS domain configured. Unable to perform DNS Update.\" "
19077
"probably means that there is no (correct) alias in "
19078
"<filename>/etc/hosts</filename>, and the system could not provide its own "
19079
"FQDN as part of the Active Directory update. This is needed for dynamic DNS "
19080
"updates. Verify the alias in <filename>/etc/hosts</filename> described in "
19081
"\"Modify /etc/hosts\" above."
19084
#: serverguide/C/network-auth.xml:4129(para)
19086
"(The message \"NT_STATUS_UNSUCCESSFUL\" indicates the domain join failed and "
19087
"something is incorrect. Review the prior steps before proceeding)."
19090
#: serverguide/C/network-auth.xml:4131(para)
19092
"Here are a couple of (optional) checks to verify that the domain join was "
19093
"successful. Note that if the domain was successfully joined but one or both "
19094
"of these steps fail, it may be necessary to wait 1-2 minutes and try again. "
19095
"Some of the changes appear to be asynchronous."
19098
#: serverguide/C/network-auth.xml:4133(para)
19099
msgid "Verification option #1:"
19102
#: serverguide/C/network-auth.xml:4134(para)
19104
"Check the default Organizational Unit for computer accounts in the Active "
19105
"Directory to verify that the computer account was created. (Organizational "
19106
"Units in Active Directory is a topic outside the scope of this guide)."
19109
#: serverguide/C/network-auth.xml:4136(para)
19110
msgid "Verification option #2"
19113
#: serverguide/C/network-auth.xml:4137(para)
19114
msgid "Execute this command for a specific AD user (e.g. administrator)"
19117
#: serverguide/C/network-auth.xml:4138(command)
19118
msgid "getent passwd username"
19121
#: serverguide/C/network-auth.xml:4140(para)
19123
"If <emphasis>enumerate = true</emphasis> is set in "
19124
"<filename>sssd.conf</filename>, <emphasis>getent passwd</emphasis> with no "
19125
"username argument will list all domain users. This may be useful for "
19126
"testing, but is slow and not recommended for production."
19129
#: serverguide/C/network-auth.xml:4144(title)
19130
msgid "Test Authentication"
19133
#: serverguide/C/network-auth.xml:4145(para)
19135
"It should now be possible to authenticate using an Active Directory User's "
19139
#: serverguide/C/network-auth.xml:4147(command)
19140
msgid "su - username"
19143
#: serverguide/C/network-auth.xml:4149(para)
19145
"If this works, then other login methods (getty, ssh) should also work."
19148
#: serverguide/C/network-auth.xml:4151(para)
19150
"If the computer account was created, indicating that the system was "
19151
"\"joined\" to the domain, but authentication is unsuccessful, it may be "
19152
"helpful to review <filename>/etc/pam.d</filename> and "
19153
"<filename>nssswitch.conf</filename> as well as the file changes described "
19154
"earlier in this guide."
19157
#: serverguide/C/network-auth.xml:4155(title)
19158
msgid "Home directories with pam_mkhomedir (optional)"
19161
#: serverguide/C/network-auth.xml:4156(para)
19163
"When logging in using an Active Directory user account, it is likely that "
19164
"user has no home directory. This can be fixed with pam_mkdhomedir.so, which "
19165
"will create the user’s home directory on login. Edit "
19166
"<filename>/etc/pam.d/common-session</filename>, and add this line directly "
19167
"after <emphasis>session required pam_unix.so:</emphasis>"
19170
#: serverguide/C/network-auth.xml:4157(programlisting)
19174
"session required pam_mkhomedir.so skel=/etc/skel/ umask=0022\n"
19177
#: serverguide/C/network-auth.xml:4161(para)
19179
"This may also need <emphasis>override_homedir</emphasis> in "
19180
"<filename>sssd.conf</filename> to function correctly, so make sure that’s "
19184
#: serverguide/C/network-auth.xml:4165(title)
19185
msgid "Desktop Ubuntu Authentication"
19188
#: serverguide/C/network-auth.xml:4166(para)
19190
"It is possible to also authenticate logins to Ubuntu Desktop using Active "
19191
"Directory accounts. The AD accounts will not show up in the pick list with "
19192
"local users, so lightdm will need to be modified. Edit the file "
19193
"<filename>/etc/lightdm/lightdm.conf.d/50-unity-greeter.conf</filename> and "
19194
"append the following two lines:"
19197
#: serverguide/C/network-auth.xml:4168(programlisting)
19201
"greeter-show-manual-login=true\n"
19202
"greeter-hide-users=true\n"
19205
#: serverguide/C/network-auth.xml:4173(para)
19207
"Reboot to restart lightdm. It should now be possible to log in using a "
19208
"domain account using either <emphasis>username</emphasis> or "
19209
"<emphasis>username/username@domain</emphasis> format."
19212
#: serverguide/C/network-auth.xml:4179(ulink)
19213
msgid "SSSD Project"
19216
#: serverguide/C/network-auth.xml:4180(ulink)
19217
msgid "DNS Server Configuration guidelines"
19220
#: serverguide/C/network-auth.xml:4181(ulink)
19221
msgid "Active Directory DNS Zone Entries"
19224
#: serverguide/C/network-auth.xml:4182(ulink)
19225
msgid "Kerberos config options"
18706
19228
#: serverguide/C/multipath-device-attributes-table.xml:2(title)
18707
19229
msgid "Device Attributes"
23783
24308
"<emphasis>\"Done setting up partition\"</emphasis>."
23786
#: serverguide/C/installation.xml:518(para)
24311
#: serverguide/C/installation.xml:511(para)
23787
24312
msgid "Repeat steps three through eight for the other disk and partitions."
23790
#: serverguide/C/installation.xml:527(title)
24315
#: serverguide/C/installation.xml:520(title)
23791
24316
msgid "RAID Configuration"
24319
#: serverguide/C/installation.xml:522(para)
24320
msgid "With the partitions setup the arrays are ready to be configured:"
23794
24323
#: serverguide/C/installation.xml:529(para)
23795
msgid "With the partitions setup the arrays are ready to be configured:"
23798
#: serverguide/C/installation.xml:536(para)
23800
24325
"Back in the main \"Partition Disks\" page, select <emphasis>\"Configure "
23801
24326
"Software RAID\"</emphasis> at the top."
24329
#: serverguide/C/installation.xml:536(para)
24330
msgid "Select <emphasis>\"yes\"</emphasis> to write the changes to disk."
23804
24333
#: serverguide/C/installation.xml:543(para)
23805
msgid "Select <emphasis>\"yes\"</emphasis> to write the changes to disk."
24334
msgid "Choose <emphasis>\"Create MD device\"</emphasis>."
23808
24337
#: serverguide/C/installation.xml:550(para)
23809
msgid "Choose <emphasis>\"Create MD device\"</emphasis>."
23812
#: serverguide/C/installation.xml:557(para)
23814
24339
"For this example, select <emphasis>\"RAID1\"</emphasis>, but if you are "
23815
24340
"using a different setup choose the appropriate type (RAID0 RAID1 RAID5)."
23818
#: serverguide/C/installation.xml:563(para)
24343
#: serverguide/C/installation.xml:556(para)
23820
24345
"In order to use <emphasis>RAID5</emphasis> you need at least "
23821
24346
"<emphasis>three</emphasis> drives. Using RAID0 or RAID1 only "
23822
24347
"<emphasis>two</emphasis> drives are required."
23825
#: serverguide/C/installation.xml:572(para)
24350
#: serverguide/C/installation.xml:565(para)
23827
24352
"Enter the number of active devices <emphasis>\"2\"</emphasis>, or the amount "
23828
24353
"of hard drives you have, for the array. Then select "
23829
24354
"<emphasis>\"Continue\"</emphasis>."
23832
#: serverguide/C/installation.xml:580(para)
24357
#: serverguide/C/installation.xml:573(para)
23834
24359
"Next, enter the number of spare devices <emphasis>\"0\"</emphasis> by "
23835
24360
"default, then choose <emphasis>\"Continue\"</emphasis>."
23838
#: serverguide/C/installation.xml:587(para)
24363
#: serverguide/C/installation.xml:580(para)
23840
24365
"Choose which partitions to use. Generally they will be sda1, sdb1, sdc1, "
23841
24366
"etc. The numbers will usually match and the different letters correspond to "
23842
24367
"different hard drives."
23845
#: serverguide/C/installation.xml:592(para)
24370
#: serverguide/C/installation.xml:585(para)
23847
24372
"For the <emphasis>swap</emphasis> partition choose <emphasis>sda1</emphasis> "
23848
24373
"and <emphasis>sdb1</emphasis>. Select <emphasis>\"Continue\"</emphasis> to "
23849
24374
"go to the next step."
23852
#: serverguide/C/installation.xml:600(para)
24377
#: serverguide/C/installation.xml:593(para)
23854
24379
"Repeat steps <emphasis>three</emphasis> through <emphasis>seven</emphasis> "
23855
24380
"for the <emphasis>/</emphasis> partition choosing <emphasis>sda2</emphasis> "
23856
24381
"and <emphasis>sdb2</emphasis>."
23859
#: serverguide/C/installation.xml:608(para)
24384
#: serverguide/C/installation.xml:601(para)
23860
24385
msgid "Once done select <emphasis>\"Finish\"</emphasis>."
23863
#: serverguide/C/installation.xml:618(title)
24388
#: serverguide/C/installation.xml:611(title)
23864
24389
msgid "Formatting"
23867
#: serverguide/C/installation.xml:620(para)
24392
#: serverguide/C/installation.xml:613(para)
23869
24394
"There should now be a list of hard drives and RAID devices. The next step is "
23870
24395
"to format and set the mount point for the RAID devices. Treat the RAID "
23871
24396
"device as a local hard drive, format and mount accordingly."
23874
#: serverguide/C/installation.xml:628(para)
24399
#: serverguide/C/installation.xml:621(para)
23876
24401
"Select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
23877
24402
"#0\"</emphasis> partition."
23880
#: serverguide/C/installation.xml:635(para)
24405
#: serverguide/C/installation.xml:628(para)
23882
24407
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"swap "
23883
24408
"area\"</emphasis>, then <emphasis>\"Done setting up partition\"</emphasis>."
23886
#: serverguide/C/installation.xml:643(para)
24411
#: serverguide/C/installation.xml:636(para)
23888
24413
"Next, select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
23889
24414
"#1\"</emphasis> partition."
23892
#: serverguide/C/installation.xml:650(para)
24417
#: serverguide/C/installation.xml:643(para)
23894
24419
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"Ext4 "
23895
24420
"journaling file system\"</emphasis>."
23898
#: serverguide/C/installation.xml:657(para)
24423
#: serverguide/C/installation.xml:650(para)
23900
24425
"Then select the <emphasis>\"Mount point\"</emphasis> and choose "
23901
24426
"<emphasis>\"/ - the root file system\"</emphasis>. Change any of the other "
30877
31409
" Jeremy Bicha https://launchpad.net/~jbicha\n"
30878
31410
" zhxq https://launchpad.net/~zhxq"
30881
#~ "This section explains Apache2 server essential configuration parameters. "
30882
#~ "Refer to the <ulink url=\"http://httpd.apache.org/docs/2.2/\">Apache2 "
30883
#~ "Documentation</ulink> for more details."
30885
#~ "这一节讲述了Apache2服务器的基本配置参数。更详细的资料请查阅<ulink "
30886
#~ "url=\"http://httpd.apache.org/docs/2.2/\">Apache2文档</ulink>"
30889
#~ "Apache2 ships with a virtual-host-friendly default configuration. That is, "
30890
#~ "it is configured with a single default virtual host (using the "
30891
#~ "<emphasis>VirtualHost</emphasis> directive) which can modified or used as-is "
30892
#~ "if you have a single site, or used as a template for additional virtual "
30893
#~ "hosts if you have multiple sites. If left alone, the default virtual host "
30894
#~ "will serve as your default site, or the site users will see if the URL they "
30895
#~ "enter does not match the <emphasis>ServerName</emphasis> directive of any of "
30896
#~ "your custom sites. To modify the default virtual host, edit the file "
30897
#~ "<filename>/etc/apache2/sites-available/default</filename>."
30899
#~ "Apache2以一个“虚拟主机友好”的默认配置来部署。也就是说,它以一个默认的虚拟主机(用<emphasis>VirtualHost</emphasis>"
30900
#~ "指令)来配置。如果你只有一个站点,这个配置可以修改,也可以直接使用;或者如果你有多个站点,也可以把它当作模板来添加新的虚拟主机。如果不做改变的话,默认的虚"
30901
#~ "拟主机将作为你的默认站点,否则站点用户将会看到他们所输入的URL是否没有匹配任何你的客户站点的<emphasis>ServerName</emphasis"
30902
#~ ">指令。要修改默认的虚拟主机,请编辑文件<filename>/etc/apache2/sites-"
30903
#~ "available/default</filename>。"
30906
#~ "sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-"
30907
#~ "available/mynewsite"
30909
#~ "sudo cp /etc/apache2/sites-available/default /etc/apache2/sites-"
30910
#~ "available/mynewsite"
30913
#~ "The <emphasis>ServerName</emphasis> directive is optional and specifies what "
30914
#~ "FQDN your site should answer to. The default virtual host has no ServerName "
30915
#~ "directive specified, so it will respond to all requests that do not match a "
30916
#~ "ServerName directive in another virtual host. If you have just acquired the "
30917
#~ "domain name ubunturocks.com and wish to host it on your Ubuntu server, the "
30918
#~ "value of the ServerName directive in your virtual host configuration file "
30919
#~ "should be ubunturocks.com. Add this directive to the new virtual host file "
30920
#~ "you created earlier (<filename>/etc/apache2/sites-"
30921
#~ "available/mynewsite</filename>)."
30923
#~ "这<emphasis>服务器名</emphasis>指令是可选的,并且指定回答你站点的 FQDN "
30924
#~ "。默认虚拟主机没有指定服务器指令。因此,它将会响应在另一虚拟主机不匹配服务器指令的所有请求。如果你仅取得 ubunturocks.com 域名并希望建立 "
30925
#~ "Ubuntu 服务器,重要的是你要在虚拟主机配置文件里服务器指令应该设为 ubunturocks.com 。把这指令加到较早前你新创建的虚拟主机文件。"
30930
#~ "<Directory /var/www/mynewsite>\n"
30932
#~ "</Directory>\n"
30935
#~ "<Directory /var/www/mynewsite>\n"
30937
#~ "</Directory>\n"
30940
#~ "<emphasis role=\"bold\">Multiview</emphasis> - Support content-negotiated "
30941
#~ "multiviews; this option is disabled by default for security reasons. See the "
30943
#~ "url=\"http://httpd.apache.org/docs/2.2/mod/mod_negotiation.html#multiviews\">"
30944
#~ "Apache2 documentation on this option</ulink>."
30946
#~ "<emphasis role=\"bold\">Multiview</emphasis> - 支持内容协商多视图,出于安全原因,该选项默认是被禁止的。 "
30948
#~ "url=\"http://httpd.apache.org/docs/2.2/mod/mod_negotiation.html#multiviews\">"
30949
#~ "Apache2 关于该选项的文档</ulink>。"
30952
#~ "<ulink url=\"http://httpd.apache.org/docs/2.2/\">Apache2 "
30953
#~ "Documentation</ulink> contains in depth information on Apache2 configuration "
30954
#~ "directives. Also, see the <application>apache2-doc</application> package for "
30955
#~ "the official Apache2 docs."
30957
#~ "<ulink url=\"http://httpd.apache.org/docs/2.2/\"> Apache2 文档</ulink>包含 "
30958
#~ "Apache2 配置指令更深层的信息。同样也可参考官方 Apache2 docs 文档<application>apache2-"
30959
#~ "doc</application>包。"
30962
#~ "Modify the <filename>/etc/apache2/sites-available/default</filename> "
30963
#~ "configuration file to setup your domains."
30965
#~ "修改配置文件<filename>/etc/apache2/sites-available/default</filename>以建立起你的域名。"
30967
#~ msgid "What is vmbuilder"
30968
#~ msgstr "什么是 vmbuilder"
30971
#~ "You can pass command line options to add extra packages, remove packages, "
30972
#~ "choose which version of Ubuntu, which mirror etc. On recent hardware with "
30973
#~ "plenty of RAM, tmpdir in <filename>/dev/shm</filename> or using a tmpfs, and "
30974
#~ "a local mirror, you can bootstrap a VM in less than a minute."
30976
#~ "您可通过命令行选项来添加额外安装包,移除安装包,选择 Ubuntu "
30977
#~ "版本的镜像等等。会列出最近大量内存的硬件,临时目录在<filename>/dev/shm</filename>或者使用 tmpfs 和 "
30978
#~ "本地镜像,您可在一分钟内启动 VM。"
30980
#~ msgid "Develop it so that it can be reused by other distributions."
30981
#~ msgstr "使之流传开发能由其它发布版本重复使用。"
30984
#~ "Use a plugin mechanisms for all virtualization interactions so that others "
30985
#~ "can easily add logic for other virtualization environments."
30986
#~ msgstr "为所有虚拟化的互动使用插件途径,使其他人能方便添加逻辑虚拟环境。"
30989
#~ "Provide an easy to maintain web interface as an option to the command line "
30991
#~ msgstr "提供作为个命令行界面的选项能简单维护 web 的界面。"
30993
#~ msgid "But the general principles and commands remain the same."
30994
#~ msgstr "但一般原则和命令仍保持不变。"
30996
#~ msgid "Initial Setup"
31000
#~ "It is assumed that you have installed and configured "
31001
#~ "<application>libvirt</application> and <application>KVM</application> "
31002
#~ "locally on the machine you are using. For details on how to perform this, "
31003
#~ "please refer to:"
31005
#~ "假如您已经安装并配置<application>libvirt</application>和<application>KVM</application>在本"
31006
#~ "地的机器上。关于如何执行的更多细节请浏览:"
31009
#~ "The <ulink url=\"https://help.ubuntu.com/community/KVM\">KVM</ulink> Wiki "
31012
#~ "<ulink url=\"https://help.ubuntu.com/community/KVM\">KVM</ulink> Wiki 页面。"
31015
#~ "We also assume that you know how to use a text based text editor such as "
31016
#~ "nano or vi. If you have not used any of them before, you can get an overview "
31017
#~ "of the various text editors available by reading the <ulink "
31018
#~ "url=\"https://help.ubuntu.com/community/PowerUsersTextEditors\">PowerUsersTex"
31019
#~ "tEditors</ulink> page. This tutorial has been done on KVM, but the general "
31020
#~ "principle should remain on other virtualization technologies."
31022
#~ "我们同样设定您知道怎样使用基于文本格式文本编辑器,例如nano或者vi。如果您之前没有使用过其中任何一个,可以通过阅读<ulink "
31023
#~ "url=\"https://help.ubuntu.com/community/PowerUsersTextEditors\">PowerUsersTex"
31024
#~ "tEditors</ulink>页面来获得对各种文本编辑器的大致了解。这指南是针对 KVM 完成的,但一般原则应该对其他的虚拟化技术做保留。"
31026
#~ msgid "Install vmbuilder"
31027
#~ msgstr "安装l vmbuilder"
31030
#~ "The name of the package that we need to install is <application>python-vm-"
31031
#~ "builder</application>. In a terminal prompt enter:"
31032
#~ msgstr "我们必需要安装的安装包名字是<application>python-vm-builder</application>。在终端提示里键入:"
31034
#~ msgid "sudo apt-get install python-vm-builder"
31035
#~ msgstr "sudo apt-get install python-vm-builder"
31038
#~ "If you are running Hardy, you can still perform most of this using the older "
31039
#~ "version of the package named <application>ubuntu-vm-builder</application>, "
31040
#~ "there are only a few changes to the syntax of the tool."
31042
#~ "如果您在运行 Hardy,你仍可以执行大多数使用的是旧版本且命名为<application>ubuntu-vm-"
31043
#~ "builder</application>的老版本,只有少数语法变化的工具。"
31045
#~ msgid "Defining Your Virtual Machine"
31046
#~ msgstr "定义您的虚拟机"
31049
#~ "Defining a virtual machine with Ubuntu's vmbuilder is quite simple, but here "
31050
#~ "are a few thing to consider:"
31051
#~ msgstr "定义 Ubuntu 的 vmbuilder 虚拟机非常简单,但这里有几点是要考虑的:"
31054
#~ "If you plan on shipping a virtual appliance, do not assume that the end-user "
31055
#~ "will know how to extend disk size to fit their need, so either plan for a "
31056
#~ "large virtual disk to allow for your appliance to grow, or explain fairly "
31057
#~ "well in your documentation how to allocate more space. It might actually be "
31058
#~ "a good idea to store data on some separate external storage."
31060
#~ "如果你想部署一个虚拟应用,不要假设终端用户会知道如何扩展磁盘空间以使之适合他们的需要。因此,要么预留一个大的虚拟磁盘来允许你的应用的增长,要么在你的文档里"
31061
#~ "详细的说明如何获取更多的空间。把数据分别存放在不同的扩展存储器上是再好不过的主意了。"
31064
#~ "Given that RAM is much easier to allocate in a VM, RAM size should be set to "
31065
#~ "whatever you think is a safe minimum for your appliance."
31066
#~ msgstr "内存在虚拟机中的分配比较容易一些,内存大小应该被设置为你想要的装置所需的最小安全值。"
31069
#~ "The <application>vmbuilder</application> command has 2 main parameters: the "
31070
#~ "<emphasis>virtualization technology (hypervisor)</emphasis> and the targeted "
31071
#~ "<emphasis>distribution</emphasis>. Optional parameters are quite numerous "
31072
#~ "and can be found using the following command:"
31074
#~ "<application>vmbuilder</application>命令有 2 "
31075
#~ "个主要参数:<emphasis>虚拟化技术(hypervisor)</emphasis>和<emphasis>发布</emphasis>目标。可选参数可是"
31078
#~ msgid "Base Parameters"
31082
#~ "The <emphasis>--suite</emphasis> defines the Ubuntu release, the <emphasis>--"
31083
#~ "flavour</emphasis> specifies that we want to use the virtual kernel (that's "
31084
#~ "the one used to build a JeOS image), the <emphasis>--arch</emphasis> tells "
31085
#~ "that we want to use a 32 bit machine, the <emphasis>-o</emphasis> tells "
31086
#~ "vmbuilder to overwrite the previous version of the VM and the <emphasis>--"
31087
#~ "libvirt</emphasis> tells to inform the local virtualization environment to "
31088
#~ "add the resulting VM to the list of available machines."
31090
#~ "The <emphasis>--suite</emphasis>定义 Ubuntu 版本,<emphasis>--"
31091
#~ "flavour</emphasis>规定,我们要使用的虚拟内核(这是用来建立一个 JeOS 图像),<emphasis>--"
31092
#~ "arch</emphasis>告诉我们要使用 32 位的机器,<emphasis>-o</emphasis> 告诉 vmbuilder "
31093
#~ "覆盖虚拟机的上个版本和 <emphasis>--libvirt</emphasis>通知本地虚拟化环境增加导致虚拟机的名单上可用机器。"
31099
#~ "Because of the nature of operations performed by vmbuilder, it needs to have "
31100
#~ "root privilege, hence the use of sudo."
31101
#~ msgstr "由于 vmbuilder 所要执行的任务,它需要有 root 权限,因此请使用命令 sudo 。"
31104
#~ "If your virtual machine needs to use more than 3Gb of ram, you should build "
31105
#~ "a 64 bit machine (--arch amd64)."
31106
#~ msgstr "如果您的虚拟机需要使用超过 3Gb 的内存,应该建立64位虚拟机(--arch amd64)。"
31109
#~ "Until Ubuntu 8.10, the virtual kernel was only built for 32 bit "
31110
#~ "architecture, so if you want to define an amd64 machine on Hardy, you should "
31111
#~ "use <emphasis>--flavour</emphasis> server instead."
31113
#~ "直到 Ubuntu 8.10 版本虚拟内核技术仅建立在 32 位结构,如果您想在 amd64 机器上安装 Hardy,您应使用<emphasis>--"
31114
#~ "flavour</emphasis>服务器来代替使用。"
31116
#~ msgid "Assigning a fixed IP address"
31117
#~ msgstr "分配一个规定 IP 地址"
31120
#~ "As a virtual appliance that may be deployed on various very different "
31121
#~ "networks, it is very difficult to know what the actual network will look "
31122
#~ "like. In order to simplify configuration, it is a good idea to take an "
31123
#~ "approach similar to what network hardware vendors usually do, namely "
31124
#~ "assigning an initial fixed IP address to the appliance in a private class "
31125
#~ "network that you will provide in your documentation. An address in the range "
31126
#~ "192.168.0.0/255 is usually a good choice."
31128
#~ "对于一个可能被部署到大不相同的各种网络上的虚拟装备来说,很难了解实际的网络是什么样的。为了简化配置,好的办法就是采取网络硬件供应商通常采取的办法,也就是在"
31129
#~ "一个你要在文档中提供的私有级别的网络里,给装置分配一个初始的固定IP地址。地址范围为192.168.0.0/255通常是个好选择。"
31131
#~ msgid "To do this we'll use the following parameters:"
31132
#~ msgstr "做这种我们会使用下面的参数:"
31135
#~ "<emphasis>--ip ADDRESS</emphasis>: IP address in dotted form (defaults to "
31136
#~ "dhcp if not specified)"
31137
#~ msgstr "<emphasis>--ip ADDRESS</emphasis>:IP 地址的指派(如没指定默认为 dhcp )"
31140
#~ "<emphasis>--mask VALUE</emphasis>: IP mask in dotted form (default: "
31141
#~ "255.255.255.0)"
31142
#~ msgstr "<emphasis>--net VALUE</emphasis>:IP 子网俺码的指派(默认:255.255.255.0)"
31144
#~ msgid "<emphasis>--net VALUE</emphasis>: IP net address (default: X.X.X.0)"
31145
#~ msgstr "<emphasis>--net VALUE</emphasis>:IP 网络地址(默认:X.X.X.0)"
31147
#~ msgid "<emphasis>--bcast VALUE</emphasis>: IP broadcast (default: X.X.X.255)"
31148
#~ msgstr "<emphasis>--bcast VALUE</emphasis>:IP 广播地址(默认:X.X.X.255)"
31150
#~ msgid "<emphasis>--gw ADDRESS</emphasis>: Gateway address (default: X.X.X.1)"
31151
#~ msgstr "<emphasis>--gw ADDRESS</emphasis>:网关地址(默认:X.X.X.1)"
31154
#~ "<emphasis>--dns ADDRESS</emphasis>: Name server address (default: X.X.X.1)"
31155
#~ msgstr "<emphasis>--dns ADDRESS</emphasis>:DNS 服务器地址:(默认:X.X.X.1)"
31158
#~ "We assume for now that default values are good enough, so the resulting "
31159
#~ "invocation becomes:"
31160
#~ msgstr "我们承认目前默认值不够好,所以导致调用变成:"
31163
#~ "Partitioning of the virtual appliance will have to take into consideration "
31164
#~ "what you are planning to do with is. Because most appliances want to have a "
31165
#~ "separate storage for data, having a separate <filename>/var</filename> would "
31168
#~ "您必须认真考虑计划去做虚拟设备的分区的事。因为大多数设备只单独为数据存储,有个独立的<filename>/var</filename>分区是个明智的选择。"
31171
#~ "In order to do this vmbuilder provides us with <emphasis>--part</emphasis>:"
31172
#~ msgstr "vmbuilder 为我们提供<emphasis>--part</emphasis>来做到这点:"
31175
#~ "In our case we will define a text file name "
31176
#~ "<filename>vmbuilder.partition</filename> which will contain the following:"
31177
#~ msgstr "就我们而言,我们会定义文本文件命名为<filename>vmbuilder.partition</filename>,这包含以下内容:"
31194
#~ "Note that as we are using virtual disk images, the actual sizes that we put "
31195
#~ "here are maximum sizes for these volumes."
31196
#~ msgstr "注意的是我们正使用虚拟镜像盘,把这些卷的最大值设为实际大小值。"
31198
#~ msgid "Our command line now looks like:"
31199
#~ msgstr "现在我们使用的命令行看起来像:"
31202
#~ "Using a \"\\\" in a command will allow long command strings to wrap to the "
31204
#~ msgstr "在命令里使用 “\\” 将允许换行时截断长字符串的命令。"
31206
#~ msgid "User and Password"
31210
#~ "Again setting up a virtual appliance, you will need to provide a default "
31211
#~ "user and password that is generic so that you can include it in your "
31212
#~ "documentation. We will see later on in this tutorial how we will provide "
31213
#~ "some security by defining a script that will be run the first time a user "
31214
#~ "actually logs in the appliance, that will, among other things, ask him to "
31215
#~ "change his password. In this example I will use <emphasis>'user'</emphasis> "
31216
#~ "as my user name, and <emphasis>'default'</emphasis> as the password."
31218
#~ "再次建立个虚拟设置,您需要提供通用的默认用户名和密码,让它可以包含在您的文档中。我们将看到后来的指南中将如何提供一些由脚本定义的安全性,该脚本将实际记录用"
31219
#~ "户首次运行设备上,除此之外,会询问是否改变密码。在这例子中将会使用<emphasis>'user'</emphasis>来做为用户名和<emphasis>"
31220
#~ "'default'</emphasis>做来密码。"
31222
#~ msgid "To do this we use the following optional parameters:"
31223
#~ msgstr "采用这步骤要使用以下可选参数:"
31226
#~ "<emphasis>--user USERNAME:</emphasis> Sets the name of the user to be added. "
31227
#~ "Default: ubuntu."
31228
#~ msgstr "<emphasis>--user USERNAME:</emphasis>添加新的用户名。默认名为:ubuntu。"
31231
#~ "<emphasis>--name FULLNAME:</emphasis> Sets the full name of the user to be "
31232
#~ "added. Default: Ubuntu."
31233
#~ msgstr "<emphasis>--name FULLNAME:</emphasis>添加新的用户全名。默认名为:Ubuntu。"
31236
#~ "<emphasis>--pass PASSWORD:</emphasis> Sets the password for the user. "
31237
#~ "Default: ubuntu."
31238
#~ msgstr "<emphasis>--pass PASSWORD:</emphasis>为用户名设置密码。默认值为:ubuntu。"
31240
#~ msgid "Our resulting command line becomes:"
31241
#~ msgstr "我们的生效命令行成为:"
31243
#~ msgid "Installing Required Packages"
31247
#~ "In this example we will be installing a package "
31248
#~ "<application>(Limesurvey)</application> that accesses a "
31249
#~ "<application>MySQL</application> database and has a web interface. We will "
31250
#~ "therefore require our OS to provide us with:"
31252
#~ "在这样例中我们将安装<application>(Limesurvey)</application>软件包以能够访问有 web "
31253
#~ "接面的<application>MySQL</application>数据库。因此需要操作系统为我们提供:"
31261
#~ msgid "Limesurvey (as an example application that we have packaged)"
31262
#~ msgstr "Limesurvey (做为样例我们应打包应用程序)"
31267
#~ "--addpkg PKG\n"
31268
#~ " Install PKG into the guest (can be specfied multiple times)\n"
31271
#~ "--addpkg PKG\n"
31272
#~ " 安装 PKG 在 guest 帐号里 (能指定安装时间)\n"
31275
#~ "However, due to the way vmbuilder operates, packages that have to ask "
31276
#~ "questions to the user during the post install phase are not supported and "
31277
#~ "should instead be installed while interactivity can occur. This is the case "
31278
#~ "of Limesurvey, which we will have to install later, once the user logs in."
31280
#~ "然而,由于vmbuilder的操作方式,报在安装过程步骤中向用户提出问题的功能并不被支持,作为替代,在可以交互的时候才被安装。举例来说,Limesurve"
31281
#~ "y就是这样的,这个软件将在随后登录之后安装。"
31284
#~ "Other packages that ask simple debconf question, such as <application>mysql-"
31285
#~ "server</application> asking to set a password, the package can be installed "
31286
#~ "immediately, but we will have to reconfigure it the first time the user logs "
31289
#~ "其它软件包会要求简单的 debconf 问题,例如<application>mysql-"
31290
#~ "server</application>询问是否设置密码,软件包可以立即安装,但我们不得不将重设置在用户首次登陆上。"
31293
#~ "If some packages that we need to install are not in main, we need to enable "
31294
#~ "the additional repositories using --comp and --ppa:"
31295
#~ msgstr "如果安装的些软件包不是主要的,那我们需要使额外的库来使用 --comp 和 --ppa:"
31298
#~ "Limesurvey not being part of the archive at the moment, we'll specify it's "
31299
#~ "PPA (personal package archive) address so that it is added to the VM "
31300
#~ "<filename>/etc/apt/source.list</filename>, so we add the following options "
31301
#~ "to the command line:"
31303
#~ "此刻 Limesurvey 不是做为存档的一部分,我们将指定它的 "
31304
#~ "PPA(个人软件包存档)地址以便加入到虚拟机<filename>/etc/apt/source.list</filename>,所以我们把以下选项加到命令"
31307
#~ msgid "Speed Considerations"
31310
#~ msgid "Package Caching"
31313
#~ msgid "sudo apt-get install apt-proxy"
31314
#~ msgstr "sudo apt-get install apt-proxy"
31317
#~ "Once this is complete, your (empty) proxy is ready for use on "
31318
#~ "http://mirroraddress:9999 and will find ubuntu repository under /ubuntu. For "
31319
#~ "vmbuilder to use it, we'll have to use the <emphasis>--mirror</emphasis> "
31322
#~ "一旦这完成后,您的(空)代理准备用于 http://mirroraddress:9999 和找到在存放在 /ubuntu 目录下的 ubuntu "
31323
#~ "。为了能让 vmbuilder 能使用它,我们必须使用<emphasis>--mirror</emphasis>选项:"
31328
#~ "--mirror=URL Use Ubuntu mirror at URL instead of the default, which\n"
31329
#~ " is http://archive.ubuntu.com/ubuntu for official\n"
31330
#~ " arches and http://ports.ubuntu.com/ubuntu-ports\n"
31334
#~ "--mirror=使用 Ubuntu 镜像 URL 来代替,URL\n"
31335
#~ " 官方网是 http://archive.ubuntu.com/ubuntu\n"
31336
#~ " 主站和 http://ports.ubuntu.com/ubuntu-ports\n"
31339
#~ msgid "So we add to the command line:"
31340
#~ msgstr "因此加进命令行:"
31342
#~ msgid "--mirror http://mirroraddress:9999/ubuntu"
31343
#~ msgstr "--mirror http://mirroraddress:9999/ubuntu"
31345
#~ msgid "Install a Local Mirror"
31349
#~ "If we are in a larger environment, it may make sense to setup a local mirror "
31350
#~ "of the Ubuntu repositories. The package apt-mirror provides you with a "
31351
#~ "script that will handle the mirroring for you. You should plan on having "
31352
#~ "about 20 gigabyte of free space per supported release and architecture."
31354
#~ "如果我们在一个大环境中,建立一个Ubuntu的本地源是有意义的。apt-"
31355
#~ "mirror使用脚本提供给你的包将处理您的镜像问题。您应该针对每个发行版和架构计划保留20GB的自由空间。"
31358
#~ "Notice that the source packages are not mirrored as they are seldom used "
31359
#~ "compared to the binaries and they do take a lot more space, but they can be "
31360
#~ "easily added to the list."
31361
#~ msgstr "注意,源码包并没有被镜像,因为和二进制包相比它们使用的很少,但是却占用更多的空间。不过它们可以很容易的添加到列表。"
31364
#~ "Once the mirror has finished replicating (and this can be quite long), you "
31365
#~ "need to configure Apache so that your mirror files (in "
31366
#~ "<filename>/var/spool/apt-mirror</filename> if you did not change the "
31367
#~ "default), are published by your Apache server. For more information on "
31368
#~ "Apache see <xref linkend=\"httpd\"/>."
31370
#~ "一旦镜像完成复制(这可能需要很长时间),你需要设置Apache,因为您的镜像文件(没有修改的话,默认在<filename>/var/spool/apt-"
31371
#~ "mirror</filename>)是通过您的Apache服务器来发布的。关于Apache的更多信息,请参见<xref "
31372
#~ "linkend=\"httpd\"/>"
31374
#~ msgid "Package the Application"
31377
#~ msgid "Two option are available to us:"
31378
#~ msgstr "2 个选项是可用的:"
31381
#~ "The recommended method to do so is to make a <emphasis>Debian</emphasis> "
31382
#~ "package. Since this is outside of the scope of this tutorial, we will not "
31383
#~ "perform this here and invite the reader to read the documentation on how to "
31384
#~ "do this in the <ulink url=\"https://wiki.ubuntu.com/PackagingGuide\">Ubuntu "
31385
#~ "Packaging Guide</ulink>. In this case it is also a good idea to setup a "
31386
#~ "repository for your package so that updates can be conveniently pulled from "
31387
#~ "it. See the <ulink url=\"http://www.debian-"
31388
#~ "administration.org/articles/286\">Debian Administration</ulink> article for "
31389
#~ "a tutorial on this."
31391
#~ "达成此目的建议方法是制作一个<emphasis>Debian</emphasis>包。因为这已经超出了我们这个向导的范围,我们将不再在这里介绍,读者可以到"
31392
#~ "网址<ulink url=\"https://wiki.ubuntu.com/PackagingGuide\">Ubuntu Packaging "
31393
#~ "Guide</ulink>来阅读如何达到这个目的的文档。在这种情况下,建立一个源是一个好主意,因为这样您可以随后方便的从它升级。关于这个的介绍,请参阅<u"
31394
#~ "link url=\"http://www.debian-administration.org/articles/286\">Debian "
31395
#~ "Administration</ulink>相关文章。"
31398
#~ "Manually install the application under <filename>/opt</filename> as "
31399
#~ "recommended by the <ulink url=\"http://www.pathname.com/fhs/\">FHS "
31400
#~ "guidelines</ulink>."
31402
#~ "在<filename>/opt</filename>下手动安装程序是<ulink "
31403
#~ "url=\"http://www.pathname.com/fhs/\">FHS 指南</ulink>所推荐的方式."
31406
#~ "In our case we'll use <application>Limesurvey</application> as example web "
31407
#~ "application for which we wish to provide a virtual appliance. As noted "
31408
#~ "before, we've made a version of the package available in a PPA (Personal "
31409
#~ "Package Archive)."
31411
#~ "在这里,我们将使用<application>Limesurvey</application>作为示例程序来展示我们如何提供一个虚拟装置。如前所述,我们制作"
31412
#~ "了一个可以在一个PPA中(个人包获取)使用的版本的包。"
31414
#~ msgid "Useful Additions"
31417
#~ msgid "Configuring Automatic Updates"
31421
#~ "To have your system be configured to update itself on a regular basis, we "
31422
#~ "will just install <application>unattended-upgrades</application>, so we add "
31423
#~ "the following option to our command line:"
31425
#~ "想要将你的系统配置为定期自动更新,只需安装<application>unattended-upgrades</application>. "
31428
#~ msgid "--addpkg unattended-upgrades"
31429
#~ msgstr "--addpkg unattended-upgrades"
31432
#~ "As we have put our application package in a PPA, the process will update not "
31433
#~ "only the system, but also the application each time we update the version in "
31435
#~ msgstr "正如我们已经把应用包加入到了PPA, 我们在PPA中更新版本的时候,不仅会更新系统,应用程序也会更新."
31437
#~ msgid "ACPI Event Handling"
31438
#~ msgstr "ACPI 事件处理"
31441
#~ "For your virtual machine to be able to handle restart and shutdown events it "
31442
#~ "is being sent, it is a good idea to install the acpid package as well. To do "
31443
#~ "this we just add the following option:"
31444
#~ msgstr "为了您的虚拟机发送信息能够处理重启和关闭事件,这也是个安装 acpid 软件包的好方法。为了做到这点我们只需加进以下选项即可:"
31446
#~ msgid "--addpkg acpid"
31447
#~ msgstr "--addpkg acpid"
31449
#~ msgid "Final Command"
31452
#~ msgid "Here is the command with all the options discussed above:"
31453
#~ msgstr "这是使用了上面所有涉及到选项的命令:"
31456
#~ "Accessing Subversion repository via WebDAV protocol with SSL encryption "
31457
#~ "(https://) is similar to http:// except that you must install and configure "
31458
#~ "the digital certificate in your Apache2 web server. To use SSL with "
31459
#~ "Subversion add the above Apache2 configuration to "
31460
#~ "<filename>/etc/apache2/sites-available/default-ssl</filename>. For more "
31461
#~ "information on setting up Apache2 with SSL see <xref linkend=\"https-"
31462
#~ "configuration\"/>."
31464
#~ "使用带有SSL加密的(https://)WebDAV协议访问Subversion仓库跟 http://... "
31465
#~ "的方式相似,除了你必须在你的Apache2中安装配置数字证书。 你可以向<filename>/etc/apache2/sites-"
31466
#~ "available/default-"
31467
#~ "ssl</filename>文件添加以上Apache2配置来使用带有SSL的Subversion。关于配置Apache2 SSL的更多信息请看<xref "
31468
#~ "linkend=\"https-configuration\"/>。"
31471
#~ "You should add the following lines in <filename>/etc/apache2/sites-"
31472
#~ "available/default</filename> file inside the <quote><VirtualHost "
31473
#~ "*></quote> tag:"
31475
#~ "您应当在 <filename>/etc/apache2/sites-available/default</filename> 中的 "
31476
#~ "<quote><VirtualHost *></quote> 标签内添加如下内容:"
31478
#~ msgid "sudo chgrp -R webmasters /var/www"
31479
#~ msgstr "sudo chgrp -R webmasters /var/www"
31481
#~ msgid "sudo find /var/www -type d -exec chmod g=rwxs \"{}\" \\;"
31482
#~ msgstr "sudo find /var/www -type d -exec chmod g=rwxs \"{}\" \\;"
31484
#~ msgid "sudo find /var/www -type f -exec chmod g=rws \"{}\" \\;"
31485
#~ msgstr "sudo find /var/www -type f -exec chmod g=rws \"{}\" \\;"
31412
#~ msgid "sudo chown nobody.nogroup /srv/samba/share/"
31413
#~ msgstr "sudo chown nobody.nogroup /srv/samba/share/"
31416
#~ "For more detailed instructions on using cryptography see the <ulink "
31417
#~ "url=\"http://tldp.org/HOWTO/SSL-Certificates-HOWTO/index.html\">SSL "
31418
#~ "Certificates HOWTO</ulink> by tlpd.org"
31420
#~ "要得到更多关于加密的指导,请参阅由tlpd.org编写的<ulink url=\"http://tldp.org/HOWTO/SSL-"
31421
#~ "Certificates-HOWTO/index.html\">SSL Certificates HOWTO</ulink>。"
31423
#~ msgid "ssh-keygen -t dsa"
31424
#~ msgstr "ssh-keygen -t dsa"
31429
#~ "$final_spam_destiny = D_DISCARD;\n"
31432
#~ "$final_spam_destiny = D_DISCARD;\n"
31437
#~ "http://localhost/mediawiki/config/index.php\n"
31440
#~ "http://localhost/mediawiki/config/index.php\n"
31443
#~ "Please read the <quote>Checking environment...</quote> section in this page. "
31444
#~ "You should be able to fix many issues by carefully reading this section."
31445
#~ msgstr "请阅读本页中的 <quote>检查环境...</quote> 部分。通过仔细阅读这部分您应当能够解决许多问题。"