« back to all changes in this revision
Viewing changes to serverguide/po/sl.po
- browse files at revision 261
- compare with another revision
- download diff
- download tarball
- view history from revision 261
- Committer: Doug Smythies
- Date: 2016-01-05 22:55:10 UTC
- Revision ID: dsmythies@telus.net-20160105225510-2eg49ayn1hh6rk19
Updated the po files
- files modified:
- serverguide/po/ace.po
added
removed
serverguide/po/sl.po
7
7
msgstr ""
8
8
"Project-Id-Version: serverguide\n"
9
9
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
10
"POT-Creation-Date: 2015-02-26 16:01-0800\n"
10
"POT-Creation-Date: 2015-12-01 09:44-0800\n"
11
11
"PO-Revision-Date: 2014-11-09 18:10+0000\n"
12
12
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13
13
"Language-Team: Slovenian <sl@li.org>\n"
14
14
"MIME-Version: 1.0\n"
15
15
"Content-Type: text/plain; charset=UTF-8\n"
16
16
"Content-Transfer-Encoding: 8bit\n"
17
"X-Launchpad-Export-Date: 2015-03-22 21:32+0000\n"
18
"X-Generator: Launchpad (build 17405)\n"
17
"X-Launchpad-Export-Date: 2016-01-05 22:23+0000\n"
18
"X-Generator: Launchpad (build 17876)\n"
19
19
20
20
#: serverguide/C/web-servers.xml:11(title)
21
21
msgid "Web Servers"
86
86
"for the development and deployment of Web-based applications."
87
87
msgstr ""
88
88
89
#: serverguide/C/windows-networking.xml:81(title) serverguide/C/windows-networking.xml:292(title) serverguide/C/web-servers.xml:51(title) serverguide/C/web-servers.xml:690(title) serverguide/C/web-servers.xml:833(title) serverguide/C/web-servers.xml:957(title) serverguide/C/virtualization.xml:61(title) serverguide/C/virtualization.xml:2623(title) serverguide/C/vcs.xml:26(title) serverguide/C/vcs.xml:84(title) serverguide/C/vcs.xml:403(title) serverguide/C/remote-administration.xml:46(title) serverguide/C/remote-administration.xml:234(title) serverguide/C/remote-administration.xml:425(title) serverguide/C/network-config.xml:975(title) serverguide/C/network-config.xml:1089(title) serverguide/C/network-auth.xml:140(title) serverguide/C/network-auth.xml:2800(title) serverguide/C/network-auth.xml:3272(title) serverguide/C/monitoring.xml:40(title) serverguide/C/monitoring.xml:429(title) serverguide/C/mail.xml:38(title) serverguide/C/mail.xml:490(title) serverguide/C/mail.xml:679(title) serverguide/C/mail.xml:828(title) serverguide/C/mail.xml:1318(title) serverguide/C/lamp-applications.xml:110(title) serverguide/C/lamp-applications.xml:272(title) serverguide/C/lamp-applications.xml:408(title) serverguide/C/installation.xml:11(title) serverguide/C/installation.xml:933(title) serverguide/C/installation.xml:1214(title) serverguide/C/file-server.xml:357(title) serverguide/C/file-server.xml:646(title) serverguide/C/dns.xml:21(title) serverguide/C/databases.xml:37(title) serverguide/C/databases.xml:307(title) serverguide/C/chat.xml:35(title) serverguide/C/chat.xml:134(title) serverguide/C/backups.xml:596(title)
89
#: serverguide/C/web-servers.xml:51(title) serverguide/C/web-servers.xml:710(title) serverguide/C/web-servers.xml:853(title) serverguide/C/web-servers.xml:976(title) serverguide/C/virtualization.xml:70(title) serverguide/C/virtualization.xml:805(title) serverguide/C/vcs.xml:33(title) serverguide/C/vcs.xml:94(title) serverguide/C/vcs.xml:226(title) serverguide/C/samba.xml:81(title) serverguide/C/samba.xml:292(title) serverguide/C/remote-administration.xml:46(title) serverguide/C/remote-administration.xml:269(title) serverguide/C/remote-administration.xml:465(title) serverguide/C/network-config.xml:973(title) serverguide/C/network-config.xml:1087(title) serverguide/C/network-auth.xml:142(title) serverguide/C/network-auth.xml:2799(title) serverguide/C/network-auth.xml:3271(title) serverguide/C/monitoring.xml:40(title) serverguide/C/monitoring.xml:429(title) serverguide/C/mail.xml:38(title) serverguide/C/mail.xml:548(title) serverguide/C/mail.xml:737(title) serverguide/C/mail.xml:887(title) serverguide/C/mail.xml:1377(title) serverguide/C/lamp-applications.xml:110(title) serverguide/C/lamp-applications.xml:288(title) serverguide/C/lamp-applications.xml:435(title) serverguide/C/lamp-applications.xml:549(title) serverguide/C/installation.xml:11(title) serverguide/C/installation.xml:940(title) serverguide/C/installation.xml:1287(title) serverguide/C/file-server.xml:357(title) serverguide/C/file-server.xml:645(title) serverguide/C/dns.xml:21(title) serverguide/C/databases.xml:37(title) serverguide/C/databases.xml:300(title) serverguide/C/chat.xml:35(title) serverguide/C/chat.xml:134(title) serverguide/C/backups.xml:602(title)
90
90
msgid "Installation"
91
91
msgstr "Namestitev"
92
92
106
106
msgid "sudo apt-get install apache2"
107
107
msgstr "sudo apt-get install apache2"
108
108
109
#: serverguide/C/windows-networking.xml:97(title) serverguide/C/windows-networking.xml:309(title) serverguide/C/web-servers.xml:71(title) serverguide/C/web-servers.xml:743(title) serverguide/C/web-servers.xml:844(title) serverguide/C/web-servers.xml:984(title) serverguide/C/web-servers.xml:1084(title) serverguide/C/vcs.xml:37(title) serverguide/C/vcs.xml:421(title) serverguide/C/remote-administration.xml:68(title) serverguide/C/remote-administration.xml:254(title) serverguide/C/package-management.xml:400(title) serverguide/C/network-config.xml:997(title) serverguide/C/network-config.xml:1100(title) serverguide/C/network-auth.xml:2887(title) serverguide/C/network-auth.xml:3293(title) serverguide/C/monitoring.xml:185(title) serverguide/C/monitoring.xml:455(title) serverguide/C/mail.xml:499(title) serverguide/C/mail.xml:689(title) serverguide/C/mail.xml:911(title) serverguide/C/mail.xml:1347(title) serverguide/C/lamp-applications.xml:130(title) serverguide/C/lamp-applications.xml:299(title) serverguide/C/lamp-applications.xml:438(title) serverguide/C/installation.xml:1226(title) serverguide/C/file-server.xml:370(title) serverguide/C/file-server.xml:672(title) serverguide/C/dns.xml:37(title) serverguide/C/databases.xml:80(title) serverguide/C/databases.xml:323(title) serverguide/C/clustering.xml:45(title) serverguide/C/chat.xml:55(title) serverguide/C/chat.xml:146(title) serverguide/C/backups.xml:625(title)
109
#: serverguide/C/web-servers.xml:71(title) serverguide/C/web-servers.xml:763(title) serverguide/C/web-servers.xml:864(title) serverguide/C/web-servers.xml:1003(title) serverguide/C/web-servers.xml:1106(title) serverguide/C/vcs.xml:44(title) serverguide/C/vcs.xml:103(title) serverguide/C/samba.xml:97(title) serverguide/C/samba.xml:309(title) serverguide/C/remote-administration.xml:68(title) serverguide/C/remote-administration.xml:289(title) serverguide/C/package-management.xml:417(title) serverguide/C/network-config.xml:995(title) serverguide/C/network-config.xml:1098(title) serverguide/C/network-auth.xml:2886(title) serverguide/C/network-auth.xml:3292(title) serverguide/C/monitoring.xml:185(title) serverguide/C/monitoring.xml:455(title) serverguide/C/mail.xml:557(title) serverguide/C/mail.xml:747(title) serverguide/C/mail.xml:970(title) serverguide/C/mail.xml:1406(title) serverguide/C/lamp-applications.xml:130(title) serverguide/C/lamp-applications.xml:315(title) serverguide/C/lamp-applications.xml:465(title) serverguide/C/lamp-applications.xml:570(title) serverguide/C/installation.xml:1299(title) serverguide/C/file-server.xml:370(title) serverguide/C/file-server.xml:671(title) serverguide/C/dns.xml:37(title) serverguide/C/databases.xml:73(title) serverguide/C/databases.xml:316(title) serverguide/C/clustering.xml:45(title) serverguide/C/chat.xml:55(title) serverguide/C/chat.xml:146(title) serverguide/C/backups.xml:631(title)
110
110
msgid "Configuration"
111
111
msgstr "Nastavljanje"
112
112
150
150
"<application>apache2</application> is restarted."
151
151
msgstr ""
152
152
153
#: serverguide/C/web-servers.xml:93(para)
153
#: serverguide/C/web-servers.xml:108(para)
154
154
msgid ""
155
155
"<emphasis>envvars:</emphasis> file where Apache2 "
156
156
"<emphasis>environment</emphasis> variables are set."
158
158
"<emphasis>envvars:</emphasis> datoteka, kjer so nastavljene "
159
159
"<emphasis>okoljske</emphasis> spremenljivke Apache2."
160
160
161
#: serverguide/C/web-servers.xml:106(para)
161
#: serverguide/C/web-servers.xml:113(para)
162
162
msgid ""
163
163
"<emphasis>mods-available:</emphasis> this directory contains configuration "
164
164
"files to both load <emphasis>modules</emphasis> and configure them. Not all "
168
168
"ki naložijo in nastavijo <emphasis>module</emphasis>. Vendar pa nimajo vsi "
169
169
"moduli nastavitvenih datotek."
170
170
171
#: serverguide/C/web-servers.xml:112(para)
171
#: serverguide/C/web-servers.xml:119(para)
172
172
msgid ""
173
173
"<emphasis>mods-enabled:</emphasis> holds <emphasis>symlinks</emphasis> to "
174
174
"the files in <filename>/etc/apache2/mods-available</filename>. When a module "
181
181
"bo omogočena naslednjič, ko bo <application>Apache2</application> znova "
182
182
"zagnan."
183
183
184
#: serverguide/C/web-servers.xml:119(para)
184
#: serverguide/C/web-servers.xml:126(para)
185
185
msgid ""
186
186
"<emphasis>ports.conf:</emphasis> houses the directives that determine which "
187
187
"TCP ports Apache2 is listening on."
188
188
msgstr ""
189
189
190
#: serverguide/C/web-servers.xml:124(para)
190
#: serverguide/C/web-servers.xml:131(para)
191
191
msgid ""
192
192
"<emphasis>sites-available:</emphasis> this directory has configuration files "
193
193
"for Apache2 <emphasis>Virtual Hosts</emphasis>. Virtual Hosts allow Apache2 "
194
194
"to be configured for multiple sites that have separate configurations."
195
195
msgstr ""
196
196
197
#: serverguide/C/web-servers.xml:130(para)
197
#: serverguide/C/web-servers.xml:138(para)
198
198
msgid ""
199
199
"<emphasis>sites-enabled:</emphasis> like mods-enabled, <filename "
200
200
"role=\"directory\">sites-enabled</filename> contains symlinks to the "
214
214
"the first few bytes of a file."
215
215
msgstr ""
216
216
217
#: serverguide/C/web-servers.xml:138(para)
217
#: serverguide/C/web-servers.xml:151(para)
218
218
msgid ""
219
219
"In addition, other configuration files may be added using the "
220
220
"<emphasis>Include</emphasis> directive, and wildcards can be used to include "
223
223
"recognized by Apache2 when it is started or restarted."
224
224
msgstr ""
225
225
226
#: serverguide/C/web-servers.xml:147(para)
226
#: serverguide/C/web-servers.xml:160(para)
227
227
msgid ""
228
228
"The server also reads a file containing mime document types; the filename is "
229
229
"set by the <emphasis>TypesConfig</emphasis> directive, typically via "
232
232
"by default."
233
233
msgstr ""
234
234
235
#: serverguide/C/web-servers.xml:155(title)
235
#: serverguide/C/web-servers.xml:168(title)
236
236
msgid "Basic Settings"
237
237
msgstr "Osnovne nastavitve"
238
238
256
256
"<filename>/etc/apache2/sites-available/000-default.conf</filename>."
257
257
msgstr ""
258
258
259
#: serverguide/C/web-servers.xml:177(para)
259
#: serverguide/C/web-servers.xml:190(para)
260
260
msgid ""
261
261
"The directives set for a virtual host only apply to that particular virtual "
262
262
"host. If a directive is set server-wide and not defined within the virtual "
265
265
"virtual host."
266
266
msgstr ""
267
267
268
#: serverguide/C/web-servers.xml:185(para)
268
#: serverguide/C/web-servers.xml:198(para)
269
269
msgid ""
270
270
"If you wish to configure a new virtual host or site, copy that file into the "
271
271
"same directory with a name you choose. For example:"
277
277
"available/mynewsite.conf"
278
278
msgstr ""
279
279
280
#: serverguide/C/web-servers.xml:194(para)
280
#: serverguide/C/web-servers.xml:207(para)
281
281
msgid ""
282
282
"Edit the new file to configure the new site using some of the directives "
283
283
"described below."
285
285
"Za nastavitev nove strani, uredite novo datoteko z uporabo smernic, opisanih "
286
286
"spodaj."
287
287
288
#: serverguide/C/web-servers.xml:201(para)
288
#: serverguide/C/web-servers.xml:214(para)
289
289
msgid ""
290
290
"The <emphasis>ServerAdmin</emphasis> directive specifies the email address "
291
291
"to be advertised for the server's administrator. The default value is "
296
296
"configuration file in /etc/apache2/sites-available."
297
297
msgstr ""
298
298
299
#: serverguide/C/web-servers.xml:212(para)
299
#: serverguide/C/web-servers.xml:225(para)
300
300
msgid ""
301
301
"The <emphasis>Listen</emphasis> directive specifies the port, and optionally "
302
302
"the IP address, Apache2 should listen on. If the IP address is not "
322
322
"available/mynewsite.conf</filename>)."
323
323
msgstr ""
324
324
325
#: serverguide/C/web-servers.xml:237(para)
325
#: serverguide/C/web-servers.xml:250(para)
326
326
msgid ""
327
327
"You may also want your site to respond to www.ubunturocks.com, since many "
328
328
"users will assume the www prefix is appropriate. Use the "
330
330
"wildcards in the ServerAlias directive."
331
331
msgstr ""
332
332
333
#: serverguide/C/web-servers.xml:244(para)
333
#: serverguide/C/web-servers.xml:257(para)
334
334
msgid ""
335
335
"For example, the following configuration will cause your site to respond to "
336
336
"any domain request ending in <emphasis>.ubunturocks.com</emphasis>."
337
337
msgstr ""
338
338
339
#: serverguide/C/web-servers.xml:250(programlisting)
339
#: serverguide/C/web-servers.xml:263(programlisting)
340
340
#, no-wrap
341
341
msgid ""
342
342
"\n"
354
354
"virtual host file, and remember to create that directory if necessary!"
355
355
msgstr ""
356
356
357
#: serverguide/C/web-servers.xml:265(para)
357
#: serverguide/C/web-servers.xml:278(para)
358
358
msgid ""
359
359
"Enable the new <emphasis>VirtualHost</emphasis> using the "
360
360
"<application>a2ensite</application> utility and restart Apache2:"
361
361
msgstr ""
362
362
363
#: serverguide/C/web-servers.xml:271(command)
363
#: serverguide/C/web-servers.xml:284(command)
364
364
msgid "sudo a2ensite mynewsite"
365
365
msgstr "sudo a2ensite moja-nova-stran"
366
366
367
#: serverguide/C/web-servers.xml:272(command) serverguide/C/web-servers.xml:290(command) serverguide/C/web-servers.xml:531(command) serverguide/C/web-servers.xml:540(command) serverguide/C/web-servers.xml:599(command) serverguide/C/mail.xml:935(command) serverguide/C/lamp-applications.xml:222(command)
367
#: serverguide/C/web-servers.xml:285(command) serverguide/C/web-servers.xml:303(command) serverguide/C/web-servers.xml:544(command) serverguide/C/web-servers.xml:553(command) serverguide/C/web-servers.xml:612(command) serverguide/C/mail.xml:994(command) serverguide/C/lamp-applications.xml:238(command) serverguide/C/lamp-applications.xml:339(command) serverguide/C/lamp-applications.xml:610(command)
368
368
msgid "sudo service apache2 restart"
369
369
msgstr ""
370
370
371
#: serverguide/C/web-servers.xml:276(para)
371
#: serverguide/C/web-servers.xml:289(para)
372
372
msgid ""
373
373
"Be sure to replace <emphasis>mynewsite</emphasis> with a more descriptive "
374
374
"name for the VirtualHost. One method is to name the file after the "
375
375
"<emphasis>ServerName</emphasis> directive of the VirtualHost."
376
376
msgstr ""
377
377
378
#: serverguide/C/web-servers.xml:283(para)
378
#: serverguide/C/web-servers.xml:296(para)
379
379
msgid ""
380
380
"Similarly, use the <application>a2dissite</application> utility to disable "
381
381
"sites. This is can be useful when troubleshooting configuration problems "
382
382
"with multiple VirtualHosts:"
383
383
msgstr ""
384
384
385
#: serverguide/C/web-servers.xml:289(command)
385
#: serverguide/C/web-servers.xml:302(command)
386
386
msgid "sudo a2dissite mynewsite"
387
387
msgstr "sudo a2dissite moja-nova-stran"
388
388
389
#: serverguide/C/web-servers.xml:295(title)
389
#: serverguide/C/web-servers.xml:308(title)
390
390
msgid "Default Settings"
391
391
msgstr "Privzete nastavitve"
392
392
393
#: serverguide/C/web-servers.xml:297(para)
393
#: serverguide/C/web-servers.xml:310(para)
394
394
msgid ""
395
395
"This section explains configuration of the Apache2 server default settings. "
396
396
"For example, if you add a virtual host, the settings you configure for the "
398
398
"defined within the virtual host settings, the default value is used."
399
399
msgstr ""
400
400
401
#: serverguide/C/web-servers.xml:309(para)
401
#: serverguide/C/web-servers.xml:322(para)
402
402
msgid ""
403
403
"The <emphasis>DirectoryIndex</emphasis> is the default page served by the "
404
404
"server when a user requests an index of a directory by specifying a forward "
405
405
"slash (/) at the end of the directory name."
406
406
msgstr ""
407
407
408
#: serverguide/C/web-servers.xml:316(para)
408
#: serverguide/C/web-servers.xml:329(para)
409
409
msgid ""
410
410
"For example, when a user requests the page "
411
411
"http://www.example.com/this_directory/, he or she will get either the "
433
433
"example files."
434
434
msgstr ""
435
435
436
#: serverguide/C/web-servers.xml:347(para)
436
#: serverguide/C/web-servers.xml:360(para)
437
437
msgid ""
438
438
"By default, the server writes the transfer log to the file "
439
439
"<filename>/var/log/apache2/access.log</filename>. You can change this on a "
440
440
"per-site basis in your virtual host configuration files with the "
441
441
"<emphasis>CustomLog</emphasis> directive, or omit it to accept the default, "
442
"specified in <filename> /etc/apache2/conf.d/other-vhosts-access-"
443
"log</filename>. You may also specify the file to which errors are logged, "
444
"via the <emphasis>ErrorLog</emphasis> directive, whose default is "
442
"specified in <filename> /etc/apache2/conf-available/other-vhosts-access-"
443
"log.conf</filename>. You may also specify the file to which errors are "
444
"logged, via the <emphasis>ErrorLog</emphasis> directive, whose default is "
445
445
"<filename>/var/log/apache2/error.log</filename>. These are kept separate "
446
446
"from the transfer logs to aid in troubleshooting problems with your Apache2 "
447
447
"server. You may also specify the <emphasis>LogLevel</emphasis> (the default "
449
449
"/etc/apache2/apache2.conf</filename> for the default value)."
450
450
msgstr ""
451
451
452
#: serverguide/C/web-servers.xml:362(para)
452
#: serverguide/C/web-servers.xml:375(para)
453
453
msgid ""
454
454
"Some options are specified on a per-directory basis rather than per-server. "
455
455
"<emphasis>Options</emphasis> is one of these directives. A Directory stanza "
465
465
"</Directory>\n"
466
466
msgstr ""
467
467
468
#: serverguide/C/web-servers.xml:374(para)
468
#: serverguide/C/web-servers.xml:387(para)
469
469
msgid ""
470
470
"The <emphasis>Options</emphasis> directive within a Directory stanza accepts "
471
471
"one or more of the following values (among others), separated by spaces:"
472
472
msgstr ""
473
473
474
#: serverguide/C/web-servers.xml:386(para)
474
#: serverguide/C/web-servers.xml:399(para)
475
475
msgid ""
476
476
"Most files should not be executed as CGI scripts. This would be very "
477
477
"dangerous. CGI scripts should kept in a directory separate from and outside "
480
480
"<filename>/usr/lib/cgi-bin</filename>."
481
481
msgstr ""
482
482
483
#: serverguide/C/web-servers.xml:381(para)
483
#: serverguide/C/web-servers.xml:394(para)
484
484
msgid ""
485
485
"<emphasis role=\"bold\">ExecCGI</emphasis> - Allow execution of CGI scripts. "
486
486
"CGI scripts are not executed if this option is not chosen. <placeholder-1/>"
488
488
"<emphasis role=\"bold\">ExecCGI</emphasis> - Omogoči izvajanje skriptov CGI. "
489
489
"Skripti CGI se ne bodo izvajale, če ta možnost ni izbrana. <placeholder-1/>"
490
490
491
#: serverguide/C/web-servers.xml:397(para)
491
#: serverguide/C/web-servers.xml:410(para)
492
492
msgid ""
493
493
"<emphasis role=\"bold\">Includes</emphasis> - Allow server-side includes. "
494
494
"Server-side includes allow an HTML file to <emphasis> include</emphasis> "
497
497
"documentation (Ubuntu community)</ulink> for more information."
498
498
msgstr ""
499
499
500
#: serverguide/C/web-servers.xml:406(para)
500
#: serverguide/C/web-servers.xml:419(para)
501
501
msgid ""
502
502
"<emphasis role=\"bold\">IncludesNOEXEC</emphasis> - Allow server-side "
503
503
"includes, but disable the <emphasis>#exec</emphasis> and "
504
504
"<emphasis>#include</emphasis> commands in CGI scripts."
505
505
msgstr ""
506
506
507
#: serverguide/C/web-servers.xml:418(para)
507
#: serverguide/C/web-servers.xml:431(para)
508
508
msgid ""
509
509
"For security reasons, this should usually not be set, and certainly should "
510
510
"not be set on your DocumentRoot directory. Enable this option carefully on a "
512
512
"contents of the directory."
513
513
msgstr ""
514
514
515
#: serverguide/C/web-servers.xml:413(para)
515
#: serverguide/C/web-servers.xml:426(para)
516
516
msgid ""
517
517
"<emphasis role=\"bold\">Indexes</emphasis> - Display a formatted list of the "
518
518
"directory's contents, if no <emphasis>DirectoryIndex</emphasis> (such as "
528
528
"Apache2 documentation on this option</ulink>."
529
529
msgstr ""
530
530
531
#: serverguide/C/web-servers.xml:436(para)
531
#: serverguide/C/web-servers.xml:449(para)
532
532
msgid ""
533
533
"<emphasis role=\"bold\">SymLinksIfOwnerMatch</emphasis> - Only follow "
534
534
"symbolic links if the target file or directory has the same owner as the "
535
535
"link."
536
536
msgstr ""
537
537
538
#: serverguide/C/web-servers.xml:448(title)
538
#: serverguide/C/web-servers.xml:461(title)
539
539
msgid "httpd Settings"
540
540
msgstr "Nastavitve httpd"
541
541
542
#: serverguide/C/web-servers.xml:450(para)
542
#: serverguide/C/web-servers.xml:463(para)
543
543
msgid ""
544
544
"This section explains some basic <application>httpd</application> daemon "
545
545
"configuration settings."
546
546
msgstr ""
547
547
548
#: serverguide/C/web-servers.xml:454(para)
548
#: serverguide/C/web-servers.xml:467(para)
549
549
msgid ""
550
550
"<emphasis role=\"bold\">LockFile</emphasis> - The LockFile directive sets "
551
551
"the path to the lockfile used when the server is compiled with either "
556
556
"that is readable only by root."
557
557
msgstr ""
558
558
559
#: serverguide/C/web-servers.xml:463(para)
559
#: serverguide/C/web-servers.xml:476(para)
560
560
msgid ""
561
561
"<emphasis role=\"bold\">PidFile</emphasis> - The PidFile directive sets the "
562
562
"file in which the server records its process ID (pid). This file should only "
563
563
"be readable by root. In most cases, it should be left to the default value."
564
564
msgstr ""
565
565
566
#: serverguide/C/web-servers.xml:469(para)
566
#: serverguide/C/web-servers.xml:482(para)
567
567
msgid ""
568
568
"<emphasis role=\"bold\">User</emphasis> - The User directive sets the userid "
569
569
"used by the server to answer requests. This setting determines the server's "
571
571
"your website's visitors. The default value for User is \"www-data\"."
572
572
msgstr ""
573
573
574
#: serverguide/C/web-servers.xml:476(para)
574
#: serverguide/C/web-servers.xml:489(para)
575
575
msgid ""
576
576
"Unless you know exactly what you are doing, do not set the User directive to "
577
577
"root. Using root as the User will create large security holes for your Web "
578
578
"server."
579
579
msgstr ""
580
580
581
#: serverguide/C/web-servers.xml:482(para)
581
#: serverguide/C/web-servers.xml:495(para)
582
582
msgid ""
583
583
"<emphasis role=\"bold\">Group</emphasis> - The Group directive is similar to "
584
584
"the User directive. Group sets the group under which the server will answer "
585
585
"requests. The default group is also \"www-data\"."
586
586
msgstr ""
587
587
588
#: serverguide/C/web-servers.xml:489(title)
588
#: serverguide/C/web-servers.xml:502(title)
589
589
msgid "Apache2 Modules"
590
590
msgstr "Moduli Apache2"
591
591
592
#: serverguide/C/web-servers.xml:491(para)
592
#: serverguide/C/web-servers.xml:504(para)
593
593
msgid ""
594
594
"Apache2 is a modular server. This implies that only the most basic "
595
595
"functionality is included in the core server. Extended features are "
600
600
"Apache2 must be recompiled to add or remove modules."
601
601
msgstr ""
602
602
603
#: serverguide/C/web-servers.xml:503(para)
603
#: serverguide/C/web-servers.xml:516(para)
604
604
msgid ""
605
605
"Ubuntu compiles Apache2 to allow the dynamic loading of modules. "
606
606
"Configuration directives may be conditionally included on the presence of a "
608
608
"<emphasis><IfModule></emphasis> block."
609
609
msgstr ""
610
610
611
#: serverguide/C/web-servers.xml:510(para)
611
#: serverguide/C/web-servers.xml:523(para)
612
612
msgid ""
613
613
"You can install additional Apache2 modules and use them with your Web "
614
614
"server. For example, run the following command from a terminal prompt to "
615
615
"install the <emphasis>MySQL Authentication</emphasis> module:"
616
616
msgstr ""
617
617
618
#: serverguide/C/web-servers.xml:517(command)
618
#: serverguide/C/web-servers.xml:530(command)
619
619
msgid "sudo apt-get install libapache2-mod-auth-mysql"
620
620
msgstr "sudo apt-get install libapache2-mod-auth-mysql"
621
621
622
#: serverguide/C/web-servers.xml:520(para)
622
#: serverguide/C/web-servers.xml:533(para)
623
623
msgid ""
624
624
"See the <filename>/etc/apache2/mods-available</filename> directory, for "
625
625
"additional modules."
626
626
msgstr ""
627
627
628
#: serverguide/C/web-servers.xml:524(para)
628
#: serverguide/C/web-servers.xml:537(para)
629
629
msgid ""
630
630
"Use the <application>a2enmod</application> utility to enable a module:"
631
631
msgstr ""
632
632
"Za omogočitev modula uporabite orodje <application>a2enmod</application>:"
633
633
634
#: serverguide/C/web-servers.xml:530(command)
634
#: serverguide/C/web-servers.xml:543(command)
635
635
msgid "sudo a2enmod auth_mysql"
636
636
msgstr "sudo a2enmod auth_mysql"
637
637
638
#: serverguide/C/web-servers.xml:534(para)
638
#: serverguide/C/web-servers.xml:547(para)
639
639
msgid "Similarly, <application>a2dismod</application> will disable a module:"
640
640
msgstr ""
641
641
"Z orodjem <application>a2dismod</application> lahko modul onemogočite:"
642
642
643
#: serverguide/C/web-servers.xml:539(command)
643
#: serverguide/C/web-servers.xml:552(command)
644
644
msgid "sudo a2dismod auth_mysql"
645
645
msgstr "sudo a2dismod auth_mysql"
646
646
647
#: serverguide/C/web-servers.xml:546(title)
647
#: serverguide/C/web-servers.xml:559(title)
648
648
msgid "HTTPS Configuration"
649
649
msgstr "Nastavljanje HTTPS"
650
650
651
#: serverguide/C/web-servers.xml:548(para)
651
#: serverguide/C/web-servers.xml:561(para)
652
652
msgid ""
653
653
"The <application>mod_ssl</application> module adds an important feature to "
654
654
"the Apache2 server - the ability to encrypt communications. Thus, when your "
657
657
"bar."
658
658
msgstr ""
659
659
660
#: serverguide/C/web-servers.xml:557(para)
660
#: serverguide/C/web-servers.xml:570(para)
661
661
msgid ""
662
662
"The <application>mod_ssl</application> module is available in "
663
663
"<application>apache2-common</application> package. Execute the following "
665
665
"<application>mod_ssl</application> module:"
666
666
msgstr ""
667
667
668
#: serverguide/C/web-servers.xml:564(command)
668
#: serverguide/C/web-servers.xml:577(command)
669
669
msgid "sudo a2enmod ssl"
670
670
msgstr "sudo a2enmod ssl"
671
671
683
683
"linkend=\"certificates-and-security\"/>"
684
684
msgstr ""
685
685
686
#: serverguide/C/web-servers.xml:577(para)
686
#: serverguide/C/web-servers.xml:590(para)
687
687
msgid ""
688
688
"To configure <application>Apache2</application> for HTTPS, enter the "
689
689
"following:"
690
690
msgstr ""
691
691
"Za nastavitev <application>Apache2</application> za HTTPS vnesite sledeče:"
692
692
693
#: serverguide/C/web-servers.xml:582(command)
693
#: serverguide/C/web-servers.xml:595(command)
694
694
msgid "sudo a2ensite default-ssl"
695
695
msgstr "sudo a2ensite default-ssl"
696
696
697
#: serverguide/C/web-servers.xml:586(para)
697
#: serverguide/C/web-servers.xml:599(para)
698
698
msgid ""
699
699
"The directories <filename>/etc/ssl/certs</filename> and "
700
700
"<filename>/etc/ssl/private</filename> are the default locations. If you "
708
708
"<emphasis>SSLCertificateFile</emphasis> in "
709
709
"<emphasis>SSLCertificateKeyFile</emphasis>."
710
710
711
#: serverguide/C/web-servers.xml:593(para)
711
#: serverguide/C/web-servers.xml:606(para)
712
712
msgid ""
713
713
"With Apache2 now configured for HTTPS, restart the service to enable the new "
714
714
"settings:"
716
716
"Zdaj, ko je Apache2 nastavljen za HTTPS, znova zaženite storitev, da se "
717
717
"uveljavijo nove nastavitve:"
718
718
719
#: serverguide/C/web-servers.xml:604(para)
719
#: serverguide/C/web-servers.xml:617(para)
720
720
msgid ""
721
721
"Depending on how you obtained your certificate you may need to enter a "
722
722
"passphrase when <application>Apache2</application> starts."
724
724
"Odvisno od tega, kako ste pridobili vaše potrdilo, boste morda morali ob "
725
725
"zagonu <application>Apache2</application> vnesti geslo."
726
726
727
#: serverguide/C/web-servers.xml:610(para)
727
#: serverguide/C/web-servers.xml:623(para)
728
728
msgid ""
729
729
"You can access the secure server pages by typing https://your_hostname/url/ "
730
730
"in your browser address bar."
732
732
"Do varnih strani strežnika lahko dostopate z vpisom https://ime-"
733
733
"vasega/streznika v naslovno vrstico v brskalniku."
734
734
735
#: serverguide/C/web-servers.xml:617(title)
735
#: serverguide/C/web-servers.xml:630(title)
736
736
msgid "Sharing Write Permission"
737
737
msgstr ""
738
738
753
753
msgstr ""
754
754
755
755
#: serverguide/C/web-servers.xml:641(command)
756
msgid "sudo find /var/www/html -type f -exec chmod g=rws \"{}\" \\;"
757
msgstr ""
758
759
#: serverguide/C/web-servers.xml:632(para)
756
msgid "sudo find /var/www/html -type f -exec chmod g=rw \"{}\" \\;"
757
msgstr ""
758
759
#: serverguide/C/web-servers.xml:643(para)
760
msgid ""
761
"These commands recursively set the group permission on all files and "
762
"directories in /var/www/html to read write and set user id. This has the "
763
"effect of having the files and directories inherit their group and "
764
"permission from their parrent. Many admins find this useful for allowing "
765
"multiple users to edit files in a directory tree."
766
msgstr ""
767
768
#: serverguide/C/web-servers.xml:652(para)
760
769
msgid ""
761
770
"If access must be granted to more than one group per directory, enable "
762
771
"Access Control Lists (ACLs)."
763
772
msgstr ""
764
773
765
#: serverguide/C/web-servers.xml:639(title) serverguide/C/web-servers.xml:789(title) serverguide/C/web-servers.xml:939(title) serverguide/C/web-servers.xml:1034(title) serverguide/C/web-servers.xml:1256(title) serverguide/C/vpn.xml:800(title) serverguide/C/virtualization.xml:2081(title) serverguide/C/vcs.xml:538(title) serverguide/C/security.xml:863(title) serverguide/C/security.xml:1197(title) serverguide/C/security.xml:1611(title) serverguide/C/security.xml:1797(title) serverguide/C/remote-administration.xml:196(title) serverguide/C/remote-administration.xml:762(title) serverguide/C/package-management.xml:466(title) serverguide/C/other-apps.xml:328(title) serverguide/C/network-config.xml:1035(title) serverguide/C/network-config.xml:1143(title) serverguide/C/monitoring.xml:392(title) serverguide/C/monitoring.xml:528(title) serverguide/C/mail.xml:453(title) serverguide/C/mail.xml:648(title) serverguide/C/mail.xml:800(title) serverguide/C/mail.xml:1220(title) serverguide/C/mail.xml:1688(title) serverguide/C/lamp-applications.xml:244(title) serverguide/C/lamp-applications.xml:373(title) serverguide/C/lamp-applications.xml:481(title) serverguide/C/file-server.xml:305(title) serverguide/C/file-server.xml:446(title) serverguide/C/file-server.xml:616(title) serverguide/C/file-server.xml:803(title) serverguide/C/dns.xml:605(title) serverguide/C/clustering.xml:232(title) serverguide/C/chat.xml:105(title) serverguide/C/chat.xml:214(title) serverguide/C/backups.xml:295(title)
774
#: serverguide/C/web-servers.xml:659(title) serverguide/C/web-servers.xml:809(title) serverguide/C/web-servers.xml:958(title) serverguide/C/web-servers.xml:1053(title) serverguide/C/web-servers.xml:1278(title) serverguide/C/vpn.xml:843(title) serverguide/C/vcs.xml:546(title) serverguide/C/security.xml:877(title) serverguide/C/security.xml:1217(title) serverguide/C/security.xml:1631(title) serverguide/C/security.xml:1817(title) serverguide/C/remote-administration.xml:196(title) serverguide/C/remote-administration.xml:802(title) serverguide/C/package-management.xml:479(title) serverguide/C/network-config.xml:1033(title) serverguide/C/network-config.xml:1141(title) serverguide/C/monitoring.xml:392(title) serverguide/C/monitoring.xml:528(title) serverguide/C/mail.xml:511(title) serverguide/C/mail.xml:706(title) serverguide/C/mail.xml:859(title) serverguide/C/mail.xml:1279(title) serverguide/C/mail.xml:1746(title) serverguide/C/lamp-applications.xml:260(title) serverguide/C/lamp-applications.xml:400(title) serverguide/C/lamp-applications.xml:518(title) serverguide/C/lamp-applications.xml:673(title) serverguide/C/file-server.xml:305(title) serverguide/C/file-server.xml:445(title) serverguide/C/file-server.xml:615(title) serverguide/C/file-server.xml:802(title) serverguide/C/dns.xml:614(title) serverguide/C/clustering.xml:232(title) serverguide/C/chat.xml:105(title) serverguide/C/chat.xml:214(title) serverguide/C/backups.xml:301(title)
766
775
msgid "References"
767
776
msgstr "Sklici"
768
777
769
#: serverguide/C/web-servers.xml:656(para)
778
#: serverguide/C/web-servers.xml:663(para)
770
779
msgid ""
771
780
"<ulink url=\"http://httpd.apache.org/docs/2.4/\">Apache2 "
772
781
"Documentation</ulink> contains in depth information on Apache2 configuration "
774
783
"the official Apache2 docs."
775
784
msgstr ""
776
785
777
#: serverguide/C/web-servers.xml:650(para)
786
#: serverguide/C/web-servers.xml:670(para)
778
787
msgid ""
779
788
"See the <ulink url=\"http://www.modssl.org/docs/\">Mod SSL "
780
789
"Documentation</ulink> site for more SSL related information."
782
791
"Oglejte si <ulink url=\"http://www.modssl.org/docs/\">dokumentacijo Mod "
783
792
"SSL</ulink> za več podatkov o SSL-ju."
784
793
785
#: serverguide/C/web-servers.xml:656(para)
794
#: serverguide/C/web-servers.xml:676(para)
786
795
msgid ""
787
796
"O'Reilly's <ulink url=\"http://oreilly.com/catalog/9780596001919/\">Apache "
788
797
"Cookbook</ulink> is a good resource for accomplishing specific Apache2 "
789
798
"configurations."
790
799
msgstr ""
791
800
792
#: serverguide/C/web-servers.xml:662(para)
801
#: serverguide/C/web-servers.xml:682(para)
793
802
msgid ""
794
803
"For Ubuntu specific Apache2 questions, ask in the <emphasis>#ubuntu-"
795
804
"server</emphasis> IRC channel on <ulink "
796
805
"url=\"http://freenode.net/\">freenode.net</ulink>."
797
806
msgstr ""
798
807
799
#: serverguide/C/web-servers.xml:668(para)
808
#: serverguide/C/web-servers.xml:688(para)
800
809
msgid ""
801
810
"Usually integrated with PHP and MySQL the <ulink "
802
811
"url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache MySQL PHP "
803
812
"Ubuntu Wiki </ulink> page is a good resource."
804
813
msgstr ""
805
814
806
#: serverguide/C/web-servers.xml:679(title)
815
#: serverguide/C/web-servers.xml:699(title)
807
816
msgid "PHP5 - Scripting Language"
808
817
msgstr ""
809
818
810
#: serverguide/C/web-servers.xml:680(para)
819
#: serverguide/C/web-servers.xml:700(para)
811
820
msgid ""
812
821
"PHP is a general-purpose scripting language suited for Web development. The "
813
822
"PHP script can be embedded into HTML. This section explains how to install "
814
823
"and configure PHP5 in Ubuntu System with Apache2 and MySQL."
815
824
msgstr ""
816
825
817
#: serverguide/C/web-servers.xml:684(para)
826
#: serverguide/C/web-servers.xml:704(para)
818
827
msgid ""
819
828
"This section assumes you have installed and configured Apache2 Web Server "
820
829
"and MySQL Database Server. You can refer to Apache2 section and MySQL "
822
831
"respectively."
823
832
msgstr ""
824
833
825
#: serverguide/C/web-servers.xml:691(para)
834
#: serverguide/C/web-servers.xml:711(para)
826
835
msgid ""
827
836
"The PHP5 is available in Ubuntu Linux. Unlike python and perl, which are "
828
837
"installed in the base system, PHP must be added."
829
838
msgstr ""
830
839
831
#: serverguide/C/web-servers.xml:695(para)
840
#: serverguide/C/web-servers.xml:715(para)
832
841
msgid ""
833
842
"To install PHP5 you can enter the following command in the terminal prompt: "
834
843
"<screen>\n"
836
845
"</screen>"
837
846
msgstr ""
838
847
839
#: serverguide/C/web-servers.xml:704(para)
848
#: serverguide/C/web-servers.xml:724(para)
840
849
msgid ""
841
850
"You can run PHP5 scripts from command line. To run PHP5 scripts from command "
842
851
"line you should install <application>php5-cli</application> package. To "
846
855
"</screen>"
847
856
msgstr ""
848
857
849
#: serverguide/C/web-servers.xml:713(para)
858
#: serverguide/C/web-servers.xml:733(para)
850
859
msgid ""
851
860
"You can also execute PHP5 scripts without installing PHP5 Apache module. To "
852
861
"accomplish this, you should install <application>php5-cgi</application> "
856
865
"</screen>"
857
866
msgstr ""
858
867
859
#: serverguide/C/web-servers.xml:723(para)
868
#: serverguide/C/web-servers.xml:743(para)
860
869
msgid ""
861
870
"To use <application>MySQL</application> with PHP5 you should install "
862
871
"<application>php5-mysql</application> package. To install <application>php5-"
866
875
"</screen>"
867
876
msgstr ""
868
877
869
#: serverguide/C/web-servers.xml:731(para)
878
#: serverguide/C/web-servers.xml:751(para)
870
879
msgid ""
871
880
"Similarly, to use <application>PostgreSQL</application> with PHP5 you should "
872
881
"install <application>php5-pgsql</application> package. To install "
876
885
"</screen>"
877
886
msgstr ""
878
887
879
#: serverguide/C/web-servers.xml:744(para)
888
#: serverguide/C/web-servers.xml:764(para)
880
889
msgid ""
881
890
"Once you install PHP5, you can run PHP5 scripts from your web browser. If "
882
891
"you have installed <application>php5-cli</application> package, you can run "
883
892
"PHP5 scripts from your command prompt."
884
893
msgstr ""
885
894
886
#: serverguide/C/web-servers.xml:751(para)
895
#: serverguide/C/web-servers.xml:771(para)
887
896
msgid ""
888
897
"By default, the Apache 2 Web server is configured to run PHP5 scripts. In "
889
898
"other words, the PHP5 module is enabled in Apache2 Web server automatically "
894
903
"command."
895
904
msgstr ""
896
905
897
#: serverguide/C/web-servers.xml:762(para)
906
#: serverguide/C/web-servers.xml:782(para)
898
907
msgid ""
899
908
"Once you install PHP5 related packages and enabled PHP5 Apache 2 module, you "
900
909
"should restart Apache2 Web server to run PHP5 scripts. You can run the "
902
911
"<screen><command>sudo service apache2 restart</command> </screen>"
903
912
msgstr ""
904
913
905
#: serverguide/C/web-servers.xml:770(title) serverguide/C/network-auth.xml:1069(title) serverguide/C/mail.xml:314(title) serverguide/C/mail.xml:1611(title) serverguide/C/dns.xml:376(title) serverguide/C/clustering.xml:182(title)
914
#: serverguide/C/web-servers.xml:790(title) serverguide/C/network-auth.xml:1076(title) serverguide/C/mail.xml:359(title) serverguide/C/mail.xml:1669(title) serverguide/C/dns.xml:380(title) serverguide/C/clustering.xml:182(title)
906
915
msgid "Testing"
907
916
msgstr "Preizkušanje"
908
917
909
#: serverguide/C/web-servers.xml:771(para)
918
#: serverguide/C/web-servers.xml:791(para)
910
919
msgid ""
911
920
"To verify your installation, you can run following PHP5 phpinfo script:"
912
921
msgstr ""
913
922
914
#: serverguide/C/web-servers.xml:774(programlisting)
923
#: serverguide/C/web-servers.xml:794(programlisting)
915
924
#, no-wrap
916
925
msgid ""
917
926
"\n"
924
933
" phpinfo();\n"
925
934
"?>\n"
926
935
927
#: serverguide/C/web-servers.xml:779(para)
936
#: serverguide/C/web-servers.xml:799(para)
928
937
msgid ""
929
938
"You can save the content in a file <filename>phpinfo.php</filename> and "
930
939
"place it under <command>DocumentRoot</command> directory of Apache2 Web "
933
942
"various PHP5 configuration parameters."
934
943
msgstr ""
935
944
936
#: serverguide/C/web-servers.xml:793(para)
945
#: serverguide/C/web-servers.xml:813(para)
937
946
msgid ""
938
947
"For more in depth information see <ulink "
939
948
"url=\"http://www.php.net/docs.php\">php.net</ulink> documentation."
941
950
"Za podrobnejše podatke si oglejte dokumentacijo <ulink "
942
951
"url=\"http://www.php.net/docs.php\">php.net</ulink>."
943
952
944
#: serverguide/C/web-servers.xml:798(para)
953
#: serverguide/C/web-servers.xml:818(para)
945
954
msgid ""
946
955
"There are a plethora of books on PHP. Two good books from O'Reilly are "
947
956
"<ulink url=\"http://oreilly.com/catalog/9780596005603/\">Learning PHP "
949
958
"url=\"http://oreilly.com/catalog/9781565926813/\">PHP Cook Book</ulink>."
950
959
msgstr ""
951
960
952
#: serverguide/C/web-servers.xml:805(para)
961
#: serverguide/C/web-servers.xml:825(para)
953
962
msgid ""
954
963
"Also, see the <ulink "
955
964
"url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache MySQL PHP "
959
968
"url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache MySQL PHP na "
960
969
"Ubuntu Wiki</ulink>."
961
970
962
#: serverguide/C/web-servers.xml:816(title)
971
#: serverguide/C/web-servers.xml:836(title)
963
972
msgid "Squid - Proxy Server"
964
973
msgstr "Squid - posredniški strežnik"
965
974
966
#: serverguide/C/web-servers.xml:830(para)
975
#: serverguide/C/web-servers.xml:837(para)
967
976
msgid ""
968
977
"Squid is a full-featured web proxy cache server application which provides "
969
978
"proxy and cache services for Hyper Text Transport Protocol (HTTP), File "
976
985
"(WCCP)."
977
986
msgstr ""
978
987
979
#: serverguide/C/web-servers.xml:838(para)
988
#: serverguide/C/web-servers.xml:845(para)
980
989
msgid ""
981
990
"The Squid proxy cache server is an excellent solution to a variety of proxy "
982
991
"and caching server needs, and scales from the branch office to enterprise "
988
997
"for increased performance."
989
998
msgstr ""
990
999
991
#: serverguide/C/web-servers.xml:834(para)
1000
#: serverguide/C/web-servers.xml:854(para)
992
1001
msgid ""
993
1002
"At a terminal prompt, enter the following command to install the Squid "
994
1003
"server:"
995
1004
msgstr "Za namestitev strežnika Squid v terminal vnesite:"
996
1005
997
#: serverguide/C/web-servers.xml:852(command)
1006
#: serverguide/C/web-servers.xml:859(command)
998
1007
msgid "sudo apt-get install squid3"
999
1008
msgstr ""
1000
1009
1001
#: serverguide/C/web-servers.xml:858(para)
1010
#: serverguide/C/web-servers.xml:865(para)
1002
1011
msgid ""
1003
1012
"Squid is configured by editing the directives contained within the "
1004
1013
"<filename>/etc/squid3/squid.conf</filename> configuration file. The "
1007
1016
"of Squid, see the References section."
1008
1017
msgstr ""
1009
1018
1010
#: serverguide/C/web-servers.xml:864(para)
1019
#: serverguide/C/web-servers.xml:871(para)
1011
1020
msgid ""
1012
1021
"Prior to editing the configuration file, you should make a copy of the "
1013
1022
"original file and protect it from writing so you will have the original "
1015
1024
"protect it from writing using the following commands:"
1016
1025
msgstr ""
1017
1026
1018
#: serverguide/C/web-servers.xml:870(command)
1027
#: serverguide/C/web-servers.xml:877(command)
1019
1028
msgid "sudo cp /etc/squid3/squid.conf /etc/squid3/squid.conf.original"
1020
1029
msgstr ""
1021
1030
1022
#: serverguide/C/web-servers.xml:871(command)
1031
#: serverguide/C/web-servers.xml:878(command)
1023
1032
msgid "sudo chmod a-w /etc/squid3/squid.conf.original"
1024
1033
msgstr ""
1025
1034
1026
#: serverguide/C/web-servers.xml:866(para)
1035
#: serverguide/C/web-servers.xml:885(para)
1027
1036
msgid ""
1028
1037
"To set your Squid server to listen on TCP port 8888 instead of the default "
1029
1038
"TCP port 3128, change the http_port directive as such:"
1030
1039
msgstr ""
1031
1040
1032
#: serverguide/C/web-servers.xml:870(programlisting)
1041
#: serverguide/C/web-servers.xml:889(programlisting)
1033
1042
#, no-wrap
1034
1043
msgid ""
1035
1044
"\n"
1038
1047
"\n"
1039
1048
"http_port 8888\n"
1040
1049
1041
#: serverguide/C/web-servers.xml:875(para)
1050
#: serverguide/C/web-servers.xml:894(para)
1042
1051
msgid ""
1043
1052
"Change the visible_hostname directive in order to give the Squid server a "
1044
1053
"specific hostname. This hostname does not necessarily need to be the "
1045
1054
"computer's hostname. In this example it is set to <emphasis>weezie</emphasis>"
1046
1055
msgstr ""
1047
1056
1048
#: serverguide/C/web-servers.xml:879(programlisting)
1057
#: serverguide/C/web-servers.xml:898(programlisting)
1049
1058
#, no-wrap
1050
1059
msgid ""
1051
1060
"\n"
1052
1061
"visible_hostname weezie\n"
1053
1062
msgstr ""
1054
1063
1055
#: serverguide/C/web-servers.xml:884(para)
1064
#: serverguide/C/web-servers.xml:903(para)
1056
1065
msgid ""
1057
1066
"Using Squid's access control, you may configure use of Internet services "
1058
1067
"proxied by Squid to be available only users with certain Internet Protocol "
1060
1069
"192.168.42.0/24 subnetwork only:"
1061
1070
msgstr ""
1062
1071
1063
#: serverguide/C/web-servers.xml:901(para) serverguide/C/web-servers.xml:921(para)
1072
#: serverguide/C/web-servers.xml:908(para) serverguide/C/web-servers.xml:928(para)
1064
1073
msgid ""
1065
1074
"Add the following to the <emphasis role=\"bold\">bottom</emphasis> of the "
1066
1075
"ACL section of your <filename>/etc/squid3/squid.conf</filename> file:"
1067
1076
msgstr ""
1068
1077
1069
#: serverguide/C/web-servers.xml:892(programlisting)
1078
#: serverguide/C/web-servers.xml:911(programlisting)
1070
1079
#, no-wrap
1071
1080
msgid ""
1072
1081
"\n"
1075
1084
"\n"
1076
1085
"acl fortytwo_network src 192.168.42.0/24\n"
1077
1086
1078
#: serverguide/C/web-servers.xml:907(para) serverguide/C/web-servers.xml:928(para)
1087
#: serverguide/C/web-servers.xml:914(para) serverguide/C/web-servers.xml:935(para)
1079
1088
msgid ""
1080
1089
"Then, add the following to the <emphasis role=\"bold\">top</emphasis> of the "
1081
1090
"http_access section of your <filename>/etc/squid3/squid.conf</filename> file:"
1082
1091
msgstr ""
1083
1092
1084
#: serverguide/C/web-servers.xml:899(programlisting)
1093
#: serverguide/C/web-servers.xml:918(programlisting)
1085
1094
#, no-wrap
1086
1095
msgid ""
1087
1096
"\n"
1090
1099
"\n"
1091
1100
"http_access allow fortytwo_network\n"
1092
1101
1093
#: serverguide/C/web-servers.xml:916(para)
1102
#: serverguide/C/web-servers.xml:923(para)
1094
1103
msgid ""
1095
1104
"Using the excellent access control features of Squid, you may configure use "
1096
1105
"of Internet services proxied by Squid to be available only during normal "
1099
1108
"Friday, and which uses the 10.1.42.0/24 subnetwork:"
1100
1109
msgstr ""
1101
1110
1102
#: serverguide/C/web-servers.xml:912(programlisting)
1111
#: serverguide/C/web-servers.xml:931(programlisting)
1103
1112
#, no-wrap
1104
1113
msgid ""
1105
1114
"\n"
1107
1116
"acl biz_hours time M T W T F 9:00-17:00\n"
1108
1117
msgstr ""
1109
1118
1110
#: serverguide/C/web-servers.xml:920(programlisting)
1119
#: serverguide/C/web-servers.xml:939(programlisting)
1111
1120
#, no-wrap
1112
1121
msgid ""
1113
1122
"\n"
1114
1123
"http_access allow biz_network biz_hours\n"
1115
1124
msgstr ""
1116
1125
1117
#: serverguide/C/web-servers.xml:939(para)
1126
#: serverguide/C/web-servers.xml:946(para)
1118
1127
msgid ""
1119
1128
"After making changes to the <filename>/etc/squid3/squid.conf</filename> "
1120
1129
"file, save the file and restart the <application>squid</application> server "
1122
1131
"terminal prompt:"
1123
1132
msgstr ""
1124
1133
1125
#: serverguide/C/web-servers.xml:945(command)
1134
#: serverguide/C/web-servers.xml:952(command)
1126
1135
msgid "sudo service squid3 restart"
1127
1136
msgstr ""
1128
1137
1129
#: serverguide/C/web-servers.xml:941(ulink)
1138
#: serverguide/C/web-servers.xml:960(ulink)
1130
1139
msgid "Squid Website"
1131
1140
msgstr "Spletna stran Squid"
1132
1141
1133
#: serverguide/C/web-servers.xml:943(para)
1142
#: serverguide/C/web-servers.xml:962(para)
1134
1143
msgid ""
1135
1144
"<ulink url=\"https://help.ubuntu.com/community/Squid\">Ubuntu Wiki "
1136
1145
"Squid</ulink> page."
1138
1147
"Stran <ulink url=\"https://help.ubuntu.com/community/Squid\">Squid na Ubuntu "
1139
1148
"Wiki</ulink>."
1140
1149
1141
#: serverguide/C/web-servers.xml:950(title)
1150
#: serverguide/C/web-servers.xml:969(title)
1142
1151
msgid "Ruby on Rails"
1143
1152
msgstr "Ruby on Rails"
1144
1153
1145
#: serverguide/C/web-servers.xml:951(para)
1154
#: serverguide/C/web-servers.xml:970(para)
1146
1155
msgid ""
1147
1156
"Ruby on Rails is an open source web framework for developing database backed "
1148
1157
"web applications. It is optimized for sustainable productivity of the "
1150
1159
"convention over configuration."
1151
1160
msgstr ""
1152
1161
1153
#: serverguide/C/web-servers.xml:958(para)
1162
#: serverguide/C/web-servers.xml:977(para)
1154
1163
msgid ""
1155
1164
"Before installing <application>Rails</application> you should install "
1156
1165
"<application>Apache</application> and <application>MySQL</application>. To "
1159
1168
"<application>MySQL</application> refer to <xref linkend=\"mysql\"/>."
1160
1169
msgstr ""
1161
1170
1162
#: serverguide/C/web-servers.xml:966(para)
1171
#: serverguide/C/web-servers.xml:985(para)
1163
1172
msgid ""
1164
1173
"Once you have <application>Apache</application> and "
1165
1174
"<application>MySQL</application> packages installed, you are ready to "
1166
1175
"install <application>Ruby on Rails</application> package."
1167
1176
msgstr ""
1168
1177
1169
#: serverguide/C/web-servers.xml:973(para)
1178
#: serverguide/C/web-servers.xml:992(para)
1170
1179
msgid ""
1171
1180
"To install the <application>Ruby</application> base packages and "
1172
1181
"<application>Ruby on Rails</application>, you can enter the following "
1173
1182
"command in the terminal prompt:"
1174
1183
msgstr ""
1175
1184
1176
#: serverguide/C/web-servers.xml:979(command)
1185
#: serverguide/C/web-servers.xml:998(command)
1177
1186
msgid "sudo apt-get install rails"
1178
1187
msgstr "sudo apt-get install rails"
1179
1188
1180
#: serverguide/C/web-servers.xml:997(para)
1189
#: serverguide/C/web-servers.xml:1004(para)
1181
1190
msgid ""
1182
1191
"Modify the <filename>/etc/apache2/sites-available/000-"
1183
1192
"default.conf</filename> configuration file to setup your domains."
1184
1193
msgstr ""
1185
1194
1186
#: serverguide/C/web-servers.xml:989(para)
1195
#: serverguide/C/web-servers.xml:1008(para)
1187
1196
msgid ""
1188
1197
"The first thing to change is the <emphasis>DocumentRoot</emphasis> directive:"
1189
1198
msgstr ""
1190
1199
1191
#: serverguide/C/web-servers.xml:993(programlisting)
1200
#: serverguide/C/web-servers.xml:1012(programlisting)
1192
1201
#, no-wrap
1193
1202
msgid ""
1194
1203
"\n"
1197
1206
"\n"
1198
1207
"DocumentRoot /pot/do/rails/programa/public\n"
1199
1208
1200
#: serverguide/C/web-servers.xml:996(para)
1209
#: serverguide/C/web-servers.xml:1015(para)
1201
1210
msgid ""
1202
1211
"Next, change the <Directory \"/path/to/rails/application/public\"> "
1203
1212
"directive:"
1204
1213
msgstr ""
1205
1214
1206
#: serverguide/C/web-servers.xml:1000(programlisting)
1215
#: serverguide/C/web-servers.xml:1019(programlisting)
1207
1216
#, no-wrap
1208
1217
msgid ""
1209
1218
"\n"
1216
1225
"</Directory>\n"
1217
1226
msgstr ""
1218
1227
1219
#: serverguide/C/web-servers.xml:1010(para)
1228
#: serverguide/C/web-servers.xml:1029(para)
1220
1229
msgid ""
1221
1230
"You should also enable the <application>mod_rewrite</application> module for "
1222
1231
"Apache. To enable <application>mod_rewrite</application> module, please "
1223
1232
"enter the following command in a terminal prompt:"
1224
1233
msgstr ""
1225
1234
1226
#: serverguide/C/web-servers.xml:1016(command)
1235
#: serverguide/C/web-servers.xml:1035(command)
1227
1236
msgid "sudo a2enmod rewrite"
1228
1237
msgstr "sudo a2enmod rewrite"
1229
1238
1230
#: serverguide/C/web-servers.xml:1019(para)
1239
#: serverguide/C/web-servers.xml:1038(para)
1231
1240
msgid ""
1232
1241
"Finally you will need to change the ownership of the "
1233
1242
"<filename>/path/to/rails/application/public</filename> and "
1235
1244
"used to run the <application>Apache</application> process:"
1236
1245
msgstr ""
1237
1246
1238
#: serverguide/C/web-servers.xml:1025(command)
1247
#: serverguide/C/web-servers.xml:1044(command)
1239
1248
msgid "sudo chown -R www-data:www-data /path/to/rails/application/public"
1240
1249
msgstr "sudo chown -R www-data:www-data /pot/do/programa/rails/public"
1241
1250
1242
#: serverguide/C/web-servers.xml:1026(command)
1251
#: serverguide/C/web-servers.xml:1045(command)
1243
1252
msgid "sudo chown -R www-data:www-data /path/to/rails/application/tmp"
1244
1253
msgstr "sudo chown -R www-data:www-data /pot/do/programa/rails/tmp"
1245
1254
1246
#: serverguide/C/web-servers.xml:1029(para)
1255
#: serverguide/C/web-servers.xml:1048(para)
1247
1256
msgid ""
1248
1257
"That's it! Now you have your Server ready for your <application>Ruby on "
1249
1258
"Rails</application> applications."
1250
1259
msgstr ""
1251
1260
1252
#: serverguide/C/web-servers.xml:1038(para)
1261
#: serverguide/C/web-servers.xml:1057(para)
1253
1262
msgid ""
1254
1263
"See the <ulink url=\"http://rubyonrails.org/\">Ruby on Rails</ulink> website "
1255
1264
"for more information."
1257
1266
"Za več podatkov si oglejte spletno stran <ulink "
1258
1267
"url=\"http://rubyonrails.org/\">Ruby on Rails</ulink>."
1259
1268
1260
#: serverguide/C/web-servers.xml:1043(para)
1269
#: serverguide/C/web-servers.xml:1062(para)
1261
1270
msgid ""
1262
1271
"Also <ulink url=\"http://pragprog.com/titles/rails3/agile-web-development-"
1263
1272
"with-rails-third-edition\">Agile Development with Rails</ulink> is a great "
1264
1273
"resource."
1265
1274
msgstr ""
1266
1275
1267
#: serverguide/C/web-servers.xml:1049(para)
1276
#: serverguide/C/web-servers.xml:1068(para)
1268
1277
msgid ""
1269
1278
"Another place for more information is the <ulink "
1270
1279
"url=\"https://help.ubuntu.com/community/RubyOnRails\">Ruby on Rails Ubuntu "
1271
1280
"Wiki</ulink> page."
1272
1281
msgstr ""
1273
1282
1274
#: serverguide/C/web-servers.xml:1060(title)
1283
#: serverguide/C/web-servers.xml:1079(title)
1275
1284
msgid "Apache Tomcat"
1276
1285
msgstr "Apache Tomcat"
1277
1286
1278
#: serverguide/C/web-servers.xml:1061(para)
1287
#: serverguide/C/web-servers.xml:1080(para)
1279
1288
msgid ""
1280
1289
"Apache Tomcat is a web container that allows you to serve Java Servlets and "
1281
1290
"JSP (Java Server Pages) web applications."
1282
1291
msgstr ""
1283
1292
1284
#: serverguide/C/web-servers.xml:1075(para)
1293
#: serverguide/C/web-servers.xml:1082(para)
1285
1294
msgid ""
1286
1295
"Ubuntu has supported packages for both Tomcat 6 and 7. Tomcat 6 is the "
1287
1296
"legacy version, and Tomcat 7 is the current version where new features are "
1289
1298
"but most configuration details are valid for both versions."
1290
1299
msgstr ""
1291
1300
1292
#: serverguide/C/web-servers.xml:1078(para)
1301
#: serverguide/C/web-servers.xml:1085(para)
1293
1302
msgid ""
1294
1303
"The Tomcat packages in Ubuntu support two different ways of running Tomcat. "
1295
1304
"You can install them as a classic unique system-wide instance, that will be "
1300
1309
"need to test on their own private Tomcat instances."
1301
1310
msgstr ""
1302
1311
1303
#: serverguide/C/web-servers.xml:1073(title)
1312
#: serverguide/C/web-servers.xml:1095(title)
1304
1313
msgid "System-wide installation"
1305
1314
msgstr ""
1306
1315
1307
#: serverguide/C/web-servers.xml:1074(para)
1316
#: serverguide/C/web-servers.xml:1096(para)
1308
1317
msgid ""
1309
1318
"To install the Tomcat server, you can enter the following command in the "
1310
1319
"terminal prompt:"
1311
1320
msgstr ""
1312
1321
1313
#: serverguide/C/web-servers.xml:1092(command)
1322
#: serverguide/C/web-servers.xml:1099(command)
1314
1323
msgid "sudo apt-get install tomcat7"
1315
1324
msgstr ""
1316
1325
1317
#: serverguide/C/web-servers.xml:1079(para)
1326
#: serverguide/C/web-servers.xml:1101(para)
1318
1327
msgid ""
1319
1328
"This will install a Tomcat server with just a default ROOT webapp that "
1320
1329
"displays a minimal \"It works\" page by default."
1321
1330
msgstr ""
1322
1331
1323
#: serverguide/C/web-servers.xml:1100(para)
1332
#: serverguide/C/web-servers.xml:1107(para)
1324
1333
msgid ""
1325
1334
"Tomcat configuration files can be found in "
1326
1335
"<filename>/etc/tomcat7</filename>. Only a few common configuration tweaks "
1329
1338
"documentation</ulink> for more."
1330
1339
msgstr ""
1331
1340
1332
#: serverguide/C/web-servers.xml:1091(title)
1341
#: serverguide/C/web-servers.xml:1113(title)
1333
1342
msgid "Changing default ports"
1334
1343
msgstr "Spreminjanje privzetih vrat"
1335
1344
1336
#: serverguide/C/web-servers.xml:1107(para)
1345
#: serverguide/C/web-servers.xml:1114(para)
1337
1346
msgid ""
1338
1347
"By default Tomcat runs a HTTP connector on port 8080 and an AJP connector on "
1339
1348
"port 8009. You might want to change those default ports to avoid conflict "
1341
1350
"following lines in <filename>/etc/tomcat7/server.xml</filename>:"
1342
1351
msgstr ""
1343
1352
1344
#: serverguide/C/web-servers.xml:1097(programlisting)
1353
#: serverguide/C/web-servers.xml:1119(programlisting)
1345
1354
#, no-wrap
1346
1355
msgid ""
1347
1356
"\n"
1360
1369
"<Connector port=\"8009\" protocol=\"AJP/1.3\" redirectPort=\"8443\" "
1361
1370
"/>\n"
1362
1371
1363
#: serverguide/C/web-servers.xml:1106(title)
1372
#: serverguide/C/web-servers.xml:1128(title)
1364
1373
msgid "Changing JVM used"
1365
1374
msgstr ""
1366
1375
1367
#: serverguide/C/web-servers.xml:1122(para)
1376
#: serverguide/C/web-servers.xml:1129(para)
1368
1377
msgid ""
1369
1378
"By default Tomcat will run preferably with OpenJDK JVMs, then try the Sun "
1370
1379
"JVMs, then try some other JVMs. You can force Tomcat to use a specific JVM "
1371
1380
"by setting JAVA_HOME in <filename>/etc/default/tomcat7</filename>:"
1372
1381
msgstr ""
1373
1382
1374
#: serverguide/C/web-servers.xml:1111(programlisting)
1383
#: serverguide/C/web-servers.xml:1133(programlisting)
1375
1384
#, no-wrap
1376
1385
msgid ""
1377
1386
"\n"
1380
1389
"\n"
1381
1390
"JAVA_HOME=/usr/lib/jvm/java-6-sun\n"
1382
1391
1383
#: serverguide/C/web-servers.xml:1116(title)
1392
#: serverguide/C/web-servers.xml:1138(title)
1384
1393
msgid "Declaring users and roles"
1385
1394
msgstr ""
1386
1395
1387
#: serverguide/C/web-servers.xml:1132(para)
1396
#: serverguide/C/web-servers.xml:1139(para)
1388
1397
msgid ""
1389
1398
"Usernames, passwords and roles (groups) can be defined centrally in a "
1390
1399
"Servlet container. This is done in the <filename>/etc/tomcat7/tomcat-"
1391
1400
"users.xml</filename> file:"
1392
1401
msgstr ""
1393
1402
1394
#: serverguide/C/web-servers.xml:1120(programlisting)
1403
#: serverguide/C/web-servers.xml:1142(programlisting)
1395
1404
#, no-wrap
1396
1405
msgid ""
1397
1406
"\n"
1402
1411
"<role rolename=\"skrbnik\"/>\n"
1403
1412
"<user username=\"tomcat\" password=\"skrivn0st\" roles=\"skrbnik\"/>\n"
1404
1413
1405
#: serverguide/C/web-servers.xml:1128(title)
1414
#: serverguide/C/web-servers.xml:1150(title)
1406
1415
msgid "Using Tomcat standard webapps"
1407
1416
msgstr ""
1408
1417
1409
#: serverguide/C/web-servers.xml:1129(para)
1418
#: serverguide/C/web-servers.xml:1151(para)
1410
1419
msgid ""
1411
1420
"Tomcat is shipped with webapps that you can install for documentation, "
1412
1421
"administration or demo purposes."
1413
1422
msgstr ""
1414
1423
1415
#: serverguide/C/web-servers.xml:1132(title)
1424
#: serverguide/C/web-servers.xml:1154(title)
1416
1425
msgid "Tomcat documentation"
1417
1426
msgstr "Dokumentacija Tomcat"
1418
1427
1419
#: serverguide/C/web-servers.xml:1148(para)
1428
#: serverguide/C/web-servers.xml:1155(para)
1420
1429
msgid ""
1421
1430
"The <application>tomcat7-docs</application> package contains Tomcat "
1422
1431
"documentation, packaged as a webapp that you can access by default at "
1424
1433
"command in the terminal prompt:"
1425
1434
msgstr ""
1426
1435
1427
#: serverguide/C/web-servers.xml:1153(command)
1436
#: serverguide/C/web-servers.xml:1160(command)
1428
1437
msgid "sudo apt-get install tomcat7-docs"
1429
1438
msgstr ""
1430
1439
1431
#: serverguide/C/web-servers.xml:1142(title)
1440
#: serverguide/C/web-servers.xml:1164(title)
1432
1441
msgid "Tomcat administration webapps"
1433
1442
msgstr ""
1434
1443
1435
#: serverguide/C/web-servers.xml:1158(para)
1444
#: serverguide/C/web-servers.xml:1165(para)
1436
1445
msgid ""
1437
1446
"The <application>tomcat7-admin</application> package contains two webapps "
1438
1447
"that can be used to administer the Tomcat server using a web interface. You "
1439
1448
"can install them by entering the following command in the terminal prompt:"
1440
1449
msgstr ""
1441
1450
1442
#: serverguide/C/web-servers.xml:1163(command)
1451
#: serverguide/C/web-servers.xml:1170(command)
1443
1452
msgid "sudo apt-get install tomcat7-admin"
1444
1453
msgstr ""
1445
1454
1446
#: serverguide/C/web-servers.xml:1150(para)
1455
#: serverguide/C/web-servers.xml:1172(para)
1447
1456
msgid ""
1448
1457
"The first one is the <emphasis>manager</emphasis> webapp, which you can "
1449
1458
"access by default at http://yourserver:8080/manager/html. It is primarily "
1450
1459
"used to get server status and restart webapps."
1451
1460
msgstr ""
1452
1461
1453
#: serverguide/C/web-servers.xml:1168(para)
1462
#: serverguide/C/web-servers.xml:1175(para)
1454
1463
msgid ""
1455
1464
"Access to the <emphasis>manager</emphasis> application is protected by "
1456
1465
"default: you need to define a user with the role \"manager-gui\" in "
1457
1466
"<filename>/etc/tomcat7/tomcat-users.xml</filename> before you can access it."
1458
1467
msgstr ""
1459
1468
1460
#: serverguide/C/web-servers.xml:1157(para)
1469
#: serverguide/C/web-servers.xml:1179(para)
1461
1470
msgid ""
1462
1471
"The second one is the <emphasis>host-manager</emphasis> webapp, which you "
1463
1472
"can access by default at http://yourserver:8080/host-manager/html. It can be "
1464
1473
"used to create virtual hosts dynamically."
1465
1474
msgstr ""
1466
1475
1467
#: serverguide/C/web-servers.xml:1176(para)
1476
#: serverguide/C/web-servers.xml:1183(para)
1468
1477
msgid ""
1469
1478
"Access to the <emphasis>host-manager</emphasis> application is also "
1470
1479
"protected by default: you need to define a user with the role \"admin-gui\" "
1472
1481
"it."
1473
1482
msgstr ""
1474
1483
1475
#: serverguide/C/web-servers.xml:1181(para)
1484
#: serverguide/C/web-servers.xml:1188(para)
1476
1485
msgid ""
1477
1486
"For security reasons, the tomcat7 user cannot write to the "
1478
1487
"<filename>/etc/tomcat7</filename> directory by default. Some features in "
1481
1490
"the following, to give users in the tomcat7 group the necessary rights:"
1482
1491
msgstr ""
1483
1492
1484
#: serverguide/C/web-servers.xml:1188(command)
1493
#: serverguide/C/web-servers.xml:1195(command)
1485
1494
msgid "sudo chgrp -R tomcat7 /etc/tomcat7"
1486
1495
msgstr ""
1487
1496
1488
#: serverguide/C/web-servers.xml:1189(command)
1497
#: serverguide/C/web-servers.xml:1196(command)
1489
1498
msgid "sudo chmod -R g+w /etc/tomcat7"
1490
1499
msgstr ""
1491
1500
1492
#: serverguide/C/web-servers.xml:1179(title)
1501
#: serverguide/C/web-servers.xml:1201(title)
1493
1502
msgid "Tomcat examples webapps"
1494
1503
msgstr ""
1495
1504
1496
#: serverguide/C/web-servers.xml:1195(para)
1505
#: serverguide/C/web-servers.xml:1202(para)
1497
1506
msgid ""
1498
1507
"The <application>tomcat7-examples</application> package contains two webapps "
1499
1508
"that can be used to test or demonstrate Servlets and JSP features, which you "
1501
1510
"install them by entering the following command in the terminal prompt:"
1502
1511
msgstr ""
1503
1512
1504
#: serverguide/C/web-servers.xml:1201(command)
1513
#: serverguide/C/web-servers.xml:1208(command)
1505
1514
msgid "sudo apt-get install tomcat7-examples"
1506
1515
msgstr ""
1507
1516
1508
#: serverguide/C/web-servers.xml:1192(title)
1517
#: serverguide/C/web-servers.xml:1214(title)
1509
1518
msgid "Using private instances"
1510
1519
msgstr ""
1511
1520
1512
#: serverguide/C/web-servers.xml:1208(para)
1521
#: serverguide/C/web-servers.xml:1215(para)
1513
1522
msgid ""
1514
1523
"Tomcat is heavily used in development and testing scenarios where using a "
1515
1524
"single system-wide instance doesn't meet the requirements of multiple users "
1519
1528
"system-installed libraries."
1520
1529
msgstr ""
1521
1530
1522
#: serverguide/C/web-servers.xml:1200(para)
1531
#: serverguide/C/web-servers.xml:1222(para)
1523
1532
msgid ""
1524
1533
"It is possible to run the system-wide instance and the private instances in "
1525
1534
"parallel, as long as they do not use the same TCP ports."
1526
1535
msgstr ""
1527
1536
1528
#: serverguide/C/web-servers.xml:1204(title)
1537
#: serverguide/C/web-servers.xml:1226(title)
1529
1538
msgid "Installing private instance support"
1530
1539
msgstr ""
1531
1540
1532
#: serverguide/C/web-servers.xml:1205(para)
1541
#: serverguide/C/web-servers.xml:1227(para)
1533
1542
msgid ""
1534
1543
"You can install everything necessary to run private instances by entering "
1535
1544
"the following command in the terminal prompt:"
1536
1545
msgstr ""
1537
1546
1538
#: serverguide/C/web-servers.xml:1223(command)
1547
#: serverguide/C/web-servers.xml:1230(command)
1539
1548
msgid "sudo apt-get install tomcat7-user"
1540
1549
msgstr ""
1541
1550
1542
#: serverguide/C/web-servers.xml:1212(title)
1551
#: serverguide/C/web-servers.xml:1234(title)
1543
1552
msgid "Creating a private instance"
1544
1553
msgstr ""
1545
1554
1546
#: serverguide/C/web-servers.xml:1213(para)
1555
#: serverguide/C/web-servers.xml:1235(para)
1547
1556
msgid ""
1548
1557
"You can create a private instance directory by entering the following "
1549
1558
"command in the terminal prompt:"
1550
1559
msgstr ""
1551
1560
1552
#: serverguide/C/web-servers.xml:1231(command)
1561
#: serverguide/C/web-servers.xml:1238(command)
1553
1562
msgid "tomcat7-instance-create my-instance"
1554
1563
msgstr ""
1555
1564
1556
#: serverguide/C/web-servers.xml:1218(para)
1565
#: serverguide/C/web-servers.xml:1240(para)
1557
1566
msgid ""
1558
1567
"This will create a new <filename>my-instance</filename> directory with all "
1559
1568
"the necessary subdirectories and scripts. You can for example install your "
1562
1571
"are deployed by default."
1563
1572
msgstr ""
1564
1573
1565
#: serverguide/C/web-servers.xml:1226(title)
1574
#: serverguide/C/web-servers.xml:1248(title)
1566
1575
msgid "Configuring your private instance"
1567
1576
msgstr ""
1568
1577
1569
#: serverguide/C/web-servers.xml:1227(para)
1578
#: serverguide/C/web-servers.xml:1249(para)
1570
1579
msgid ""
1571
1580
"You will find the classic Tomcat configuration files for your private "
1572
1581
"instance in the <filename>conf/</filename> subdirectory. You should for "
1575
1584
"conflict with other instances that might be running."
1576
1585
msgstr ""
1577
1586
1578
#: serverguide/C/web-servers.xml:1235(title)
1587
#: serverguide/C/web-servers.xml:1257(title)
1579
1588
msgid "Starting/stopping your private instance"
1580
1589
msgstr ""
1581
1590
1582
#: serverguide/C/web-servers.xml:1236(para)
1591
#: serverguide/C/web-servers.xml:1258(para)
1583
1592
msgid ""
1584
1593
"You can start your private instance by entering the following command in the "
1585
1594
"terminal prompt (supposing your instance is located in the <filename>my-"
1586
1595
"instance</filename> directory):"
1587
1596
msgstr ""
1588
1597
1589
#: serverguide/C/web-servers.xml:1240(command)
1598
#: serverguide/C/web-servers.xml:1262(command)
1590
1599
msgid "my-instance/bin/startup.sh"
1591
1600
msgstr ""
1592
1601
1593
#: serverguide/C/web-servers.xml:1242(para)
1602
#: serverguide/C/web-servers.xml:1264(para)
1594
1603
msgid ""
1595
1604
"You should check the <filename>logs/</filename> subdirectory for any error. "
1596
1605
"If you have a <emphasis>java.net.BindException: Address already in "
1598
1607
"is already taken and that you should change it."
1599
1608
msgstr ""
1600
1609
1601
#: serverguide/C/web-servers.xml:1247(para)
1610
#: serverguide/C/web-servers.xml:1269(para)
1602
1611
msgid ""
1603
1612
"You can stop your instance by entering the following command in the terminal "
1604
1613
"prompt (supposing your instance is located in the <filename>my-"
1605
1614
"instance</filename> directory):"
1606
1615
msgstr ""
1607
1616
1608
#: serverguide/C/web-servers.xml:1251(command)
1617
#: serverguide/C/web-servers.xml:1273(command)
1609
1618
msgid "my-instance/bin/shutdown.sh"
1610
1619
msgstr ""
1611
1620
1612
#: serverguide/C/web-servers.xml:1260(para)
1621
#: serverguide/C/web-servers.xml:1282(para)
1613
1622
msgid ""
1614
1623
"See the <ulink url=\"http://tomcat.apache.org/\">Apache Tomcat</ulink> "
1615
1624
"website for more information."
1616
1625
msgstr ""
1617
1626
1618
#: serverguide/C/web-servers.xml:1280(para)
1627
#: serverguide/C/web-servers.xml:1287(para)
1619
1628
msgid ""
1620
1629
"<ulink url=\"http://shop.oreilly.com/product/9780596003180.do\">Tomcat: The "
1621
1630
"Definitive Guide</ulink> is a good resource for building web applications "
1622
1631
"with Tomcat."
1623
1632
msgstr ""
1624
1633
1625
#: serverguide/C/web-servers.xml:1271(para)
1634
#: serverguide/C/web-servers.xml:1293(para)
1626
1635
msgid ""
1627
1636
"For additional books see the <ulink "
1628
1637
"url=\"http://wiki.apache.org/tomcat/Tomcat/Books\">Tomcat Books</ulink> list "
1757
1766
"\n"
1758
1767
msgstr ""
1759
1768
1760
#: serverguide/C/vpn.xml:90(para)
1769
#: serverguide/C/vpn.xml:94(para)
1761
1770
msgid ""
1762
1771
"Enter the following to generate the master Certificate Authority (CA) "
1763
1772
"certificate and key:"
1764
1773
msgstr ""
1765
1774
1766
#: serverguide/C/vpn.xml:95(command) serverguide/C/vpn.xml:143(command)
1775
#: serverguide/C/vpn.xml:99(command) serverguide/C/vpn.xml:147(command)
1767
1776
msgid "cd /etc/openvpn/easy-rsa/"
1768
1777
msgstr "cd /etc/openvpn/easy-rsa/"
1769
1778
1770
#: serverguide/C/vpn.xml:96(command) serverguide/C/vpn.xml:144(command)
1779
#: serverguide/C/vpn.xml:100(command) serverguide/C/vpn.xml:148(command)
1771
1780
msgid "source vars"
1772
1781
msgstr "source vars"
1773
1782
1774
#: serverguide/C/vpn.xml:97(command)
1783
#: serverguide/C/vpn.xml:101(command)
1775
1784
msgid "./clean-all"
1776
1785
msgstr "./clean-all"
1777
1786
1778
#: serverguide/C/vpn.xml:98(command)
1787
#: serverguide/C/vpn.xml:102(command)
1779
1788
msgid "./build-ca"
1780
1789
msgstr ""
1781
1790
1782
#: serverguide/C/vpn.xml:103(title)
1791
#: serverguide/C/vpn.xml:107(title)
1783
1792
msgid "Server Certificates"
1784
1793
msgstr "Potrdila strežnika"
1785
1794
1786
#: serverguide/C/vpn.xml:105(para)
1795
#: serverguide/C/vpn.xml:109(para)
1787
1796
msgid "Next, we will generate a certificate and private key for the server:"
1788
1797
msgstr ""
1789
1798
1790
#: serverguide/C/vpn.xml:110(command)
1799
#: serverguide/C/vpn.xml:114(command)
1791
1800
msgid "./build-key-server myservername"
1792
1801
msgstr ""
1793
1802
1794
#: serverguide/C/vpn.xml:113(para)
1803
#: serverguide/C/vpn.xml:117(para)
1795
1804
msgid ""
1796
1805
"As in the previous step, most parameters can be defaulted. Two other queries "
1797
1806
"require positive responses, \"Sign the certificate? [y/n]\" and \"1 out of 1 "
1798
1807
"certificate requests certified, commit? [y/n]\"."
1799
1808
msgstr ""
1800
1809
1801
#: serverguide/C/vpn.xml:117(para)
1810
#: serverguide/C/vpn.xml:121(para)
1802
1811
msgid "Diffie Hellman parameters must be generated for the OpenVPN server:"
1803
1812
msgstr ""
1804
1813
1805
#: serverguide/C/vpn.xml:122(command)
1814
#: serverguide/C/vpn.xml:126(command)
1806
1815
msgid "./build-dh"
1807
1816
msgstr "./build-dh"
1808
1817
1809
#: serverguide/C/vpn.xml:125(para)
1818
#: serverguide/C/vpn.xml:129(para)
1810
1819
msgid ""
1811
1820
"All certificates and keys have been generated in the subdirectory keys/. "
1812
1821
"Common practice is to copy them to /etc/openvpn/:"
1813
1822
msgstr ""
1814
1823
1815
#: serverguide/C/vpn.xml:129(command)
1824
#: serverguide/C/vpn.xml:133(command)
1816
1825
msgid "cd keys/"
1817
1826
msgstr ""
1818
1827
1820
1829
msgid "cp myservername.crt myservername.key ca.crt dh2048.pem /etc/openvpn/"
1821
1830
msgstr ""
1822
1831
1823
#: serverguide/C/vpn.xml:135(title)
1832
#: serverguide/C/vpn.xml:139(title)
1824
1833
msgid "Client Certificates"
1825
1834
msgstr "Potrdila odjemalca"
1826
1835
1827
#: serverguide/C/vpn.xml:137(para)
1836
#: serverguide/C/vpn.xml:141(para)
1828
1837
msgid ""
1829
1838
"The VPN client will also need a certificate to authenticate itself to the "
1830
1839
"server. Usually you create a different certificate for each client. To "
1832
1841
"root:"
1833
1842
msgstr ""
1834
1843
1835
#: serverguide/C/vpn.xml:145(command)
1844
#: serverguide/C/vpn.xml:149(command)
1836
1845
msgid "./build-key client1"
1837
1846
msgstr ""
1838
1847
1839
#: serverguide/C/vpn.xml:148(para)
1848
#: serverguide/C/vpn.xml:152(para)
1840
1849
msgid "Copy the following files to the client using a secure method:"
1841
1850
msgstr ""
1842
1851
1843
#: serverguide/C/vpn.xml:153(para)
1852
#: serverguide/C/vpn.xml:157(para)
1844
1853
msgid "/etc/openvpn/ca.crt"
1845
1854
msgstr "/etc/openvpn/ca.crt"
1846
1855
1847
#: serverguide/C/vpn.xml:154(para)
1856
#: serverguide/C/vpn.xml:158(para)
1848
1857
msgid "/etc/openvpn/easy-rsa/keys/client1.crt"
1849
1858
msgstr ""
1850
1859
1851
#: serverguide/C/vpn.xml:155(para)
1860
#: serverguide/C/vpn.xml:159(para)
1852
1861
msgid "/etc/openvpn/easy-rsa/keys/client1.key"
1853
1862
msgstr ""
1854
1863
1855
#: serverguide/C/vpn.xml:158(para)
1864
#: serverguide/C/vpn.xml:162(para)
1856
1865
msgid ""
1857
1866
"As the client certificates and keys are only required on the client machine, "
1858
1867
"you should remove them from the server."
1859
1868
msgstr ""
1860
1869
1861
#: serverguide/C/vpn.xml:166(title)
1870
#: serverguide/C/vpn.xml:170(title)
1862
1871
msgid "Simple Server Configuration"
1863
1872
msgstr ""
1864
1873
1865
#: serverguide/C/vpn.xml:168(para)
1874
#: serverguide/C/vpn.xml:172(para)
1866
1875
msgid ""
1867
1876
"Along with your <application>OpenVPN</application> installation you got "
1868
1877
"these sample config files (and many more if if you check):"
1869
1878
msgstr ""
1870
1879
1871
#: serverguide/C/vpn.xml:172(programlisting)
1880
#: serverguide/C/vpn.xml:176(programlisting)
1872
1881
#, no-wrap
1873
1882
msgid ""
1874
1883
"\n"
1878
1887
"-rw-r--r-- 1 root root 4141 2011-07-04 15:09 server.conf.gz\n"
1879
1888
msgstr ""
1880
1889
1881
#: serverguide/C/vpn.xml:179(para)
1890
#: serverguide/C/vpn.xml:183(para)
1882
1891
msgid ""
1883
1892
"Start with copying and unpacking server.conf.gz to /etc/openvpn/server.conf."
1884
1893
msgstr ""
1885
1894
1886
#: serverguide/C/vpn.xml:183(command)
1895
#: serverguide/C/vpn.xml:187(command)
1887
1896
msgid ""
1888
1897
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
1889
1898
"/etc/openvpn/"
1891
1900
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
1892
1901
"/etc/openvpn/"
1893
1902
1894
#: serverguide/C/vpn.xml:184(command)
1903
#: serverguide/C/vpn.xml:188(command)
1895
1904
msgid "sudo gzip -d /etc/openvpn/server.conf.gz"
1896
1905
msgstr "sudo gzip -d /etc/openvpn/server.conf.gz"
1897
1906
1898
#: serverguide/C/vpn.xml:187(para)
1907
#: serverguide/C/vpn.xml:191(para)
1899
1908
msgid ""
1900
1909
"Edit <filename>/etc/openvpn/server.conf</filename> to make sure the "
1901
1910
"following lines are pointing to the certificates and keys you created in the "
1933
1942
msgid "sudo sysctl -p /etc/sysctl.conf"
1934
1943
msgstr ""
1935
1944
1936
#: serverguide/C/vpn.xml:197(para)
1945
#: serverguide/C/vpn.xml:214(para)
1937
1946
msgid ""
1938
1947
"That is the minimum you have to configure to get a working OpenVPN server. "
1939
1948
"You can use all the default settings in the sample server.conf file. Now "
1949
1958
" * Autostarting VPN 'server' [ OK ]\n"
1950
1959
msgstr ""
1951
1960
1952
#: serverguide/C/vpn.xml:208(para)
1961
#: serverguide/C/vpn.xml:225(para)
1953
1962
msgid "Now check if OpenVPN created a tun0 interface:"
1954
1963
msgstr ""
1955
1964
1956
#: serverguide/C/vpn.xml:212(programlisting)
1965
#: serverguide/C/vpn.xml:229(programlisting)
1957
1966
#, no-wrap
1958
1967
msgid ""
1959
1968
"\n"
1965
1974
"[...]\n"
1966
1975
msgstr ""
1967
1976
1968
#: serverguide/C/vpn.xml:222(title)
1977
#: serverguide/C/vpn.xml:239(title)
1969
1978
msgid "Simple Client Configuration"
1970
1979
msgstr ""
1971
1980
1972
#: serverguide/C/vpn.xml:224(para)
1981
#: serverguide/C/vpn.xml:241(para)
1973
1982
msgid ""
1974
1983
"There are various different <application>OpenVPN</application> client "
1975
1984
"implementations with and without GUIs. You can read more about clients in a "
1978
1987
"install the openvpn package again on the client machine:"
1979
1988
msgstr ""
1980
1989
1981
#: serverguide/C/vpn.xml:35(command) serverguide/C/vpn.xml:231(command) serverguide/C/vpn.xml:589(command)
1990
#: serverguide/C/vpn.xml:248(command) serverguide/C/vpn.xml:616(command)
1982
1991
msgid "sudo apt-get install openvpn"
1983
1992
msgstr "sudo apt-get install openvpn"
1984
1993
1985
#: serverguide/C/vpn.xml:234(para)
1994
#: serverguide/C/vpn.xml:251(para)
1986
1995
msgid "This time copy the client.conf sample config file to /etc/openvpn/."
1987
1996
msgstr ""
1988
1997
1989
#: serverguide/C/vpn.xml:238(command)
1998
#: serverguide/C/vpn.xml:255(command)
1990
1999
msgid ""
1991
2000
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
1992
2001
"/etc/openvpn/"
1993
2002
msgstr ""
1994
2003
1995
#: serverguide/C/vpn.xml:241(para)
2004
#: serverguide/C/vpn.xml:258(para)
1996
2005
msgid ""
1997
2006
"Copy the client keys and the certificate of the CA you created in the "
1998
2007
"section above to e.g. /etc/openvpn/ and edit "
2001
2010
"you can omit the path."
2002
2011
msgstr ""
2003
2012
2004
#: serverguide/C/vpn.xml:244(programlisting)
2013
#: serverguide/C/vpn.xml:261(programlisting) serverguide/C/vpn.xml:281(programlisting)
2005
2014
#, no-wrap
2006
2015
msgid ""
2007
2016
"\n"
2010
2019
"key client1.key\n"
2011
2020
msgstr ""
2012
2021
2013
#: serverguide/C/vpn.xml:250(para)
2022
#: serverguide/C/vpn.xml:267(para)
2014
2023
msgid ""
2015
2024
"And you have to at least specify the OpenVPN server name or address. Make "
2016
2025
"sure the keyword client is in the config. That's what enables client mode."
2017
2026
msgstr ""
2018
2027
2019
#: serverguide/C/vpn.xml:256(programlisting)
2028
#: serverguide/C/vpn.xml:273(programlisting)
2020
2029
#, no-wrap
2021
2030
msgid ""
2022
2031
"\n"
2029
2038
"Also, make sure you specify the keyfile names you copied from the server"
2030
2039
msgstr ""
2031
2040
2032
#: serverguide/C/vpn.xml:261(para)
2041
#: serverguide/C/vpn.xml:286(para)
2033
2042
msgid "Now start the OpenVPN client:"
2034
2043
msgstr ""
2035
2044
2042
2051
" * Autostarting VPN 'client' [ OK ] \n"
2043
2052
msgstr ""
2044
2053
2045
#: serverguide/C/vpn.xml:271(para)
2054
#: serverguide/C/vpn.xml:296(para)
2046
2055
msgid "Check if it created a tun0 interface:"
2047
2056
msgstr ""
2048
2057
2049
#: serverguide/C/vpn.xml:275(programlisting)
2058
#: serverguide/C/vpn.xml:300(programlisting)
2050
2059
#, no-wrap
2051
2060
msgid ""
2052
2061
"\n"
2057
2066
" UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1\n"
2058
2067
msgstr ""
2059
2068
2060
#: serverguide/C/vpn.xml:282(para)
2069
#: serverguide/C/vpn.xml:307(para)
2061
2070
msgid "Check if you can ping the OpenVPN server:"
2062
2071
msgstr ""
2063
2072
2064
#: serverguide/C/vpn.xml:285(programlisting)
2073
#: serverguide/C/vpn.xml:310(programlisting)
2065
2074
#, no-wrap
2066
2075
msgid ""
2067
2076
"\n"
2070
2079
"64 bytes from 10.8.0.1: icmp_req=1 ttl=64 time=0.920 ms\n"
2071
2080
msgstr ""
2072
2081
2073
#: serverguide/C/vpn.xml:292(para)
2082
#: serverguide/C/vpn.xml:317(para)
2074
2083
msgid ""
2075
2084
"The OpenVPN server always uses the first usable IP address in the client "
2076
2085
"network and only that IP is pingable. E.g. if you configured a /24 for the "
2078
2087
"in the ifconfig output above is usually not answering ping requests."
2079
2088
msgstr ""
2080
2089
2081
#: serverguide/C/vpn.xml:297(para)
2090
#: serverguide/C/vpn.xml:322(para)
2082
2091
msgid "Check out your routes:"
2083
2092
msgstr ""
2084
2093
2085
#: serverguide/C/vpn.xml:300(programlisting)
2094
#: serverguide/C/vpn.xml:325(programlisting)
2086
2095
#, no-wrap
2087
2096
msgid ""
2088
2097
"\n"
2100
2109
"eth0\n"
2101
2110
msgstr ""
2102
2111
2103
#: serverguide/C/vpn.xml:312(title)
2112
#: serverguide/C/vpn.xml:337(title)
2104
2113
msgid "First trouble shooting"
2105
2114
msgstr ""
2106
2115
2107
#: serverguide/C/vpn.xml:314(para)
2116
#: serverguide/C/vpn.xml:339(para)
2108
2117
msgid "If the above didn't work for you, check this:"
2109
2118
msgstr ""
2110
2119
2111
#: serverguide/C/vpn.xml:319(para)
2120
#: serverguide/C/vpn.xml:344(para)
2112
2121
msgid "Check your syslog, e.g. grep -i vpn /var/log/syslog"
2113
2122
msgstr ""
2114
2123
2118
2127
"server.conf."
2119
2128
msgstr ""
2120
2129
2121
#: serverguide/C/vpn.xml:322(para)
2130
#: serverguide/C/vpn.xml:350(para)
2122
2131
msgid ""
2123
2132
"Can the client connect to the server machine? Maybe a firewall is blocking "
2124
2133
"access? Check syslog on server."
2125
2134
msgstr ""
2126
2135
2127
#: serverguide/C/vpn.xml:325(para)
2136
#: serverguide/C/vpn.xml:353(para)
2128
2137
msgid ""
2129
2138
"Client and server must use same protocol and port, e.g. UDP port 1194, see "
2130
2139
"port and proto config option"
2131
2140
msgstr ""
2132
2141
2133
#: serverguide/C/vpn.xml:328(para)
2142
#: serverguide/C/vpn.xml:356(para)
2134
2143
msgid ""
2135
2144
"Client and server must use same config regarding compression, see comp-lzo "
2136
2145
"config option"
2137
2146
msgstr ""
2138
2147
2139
#: serverguide/C/vpn.xml:331(para)
2148
#: serverguide/C/vpn.xml:359(para)
2140
2149
msgid ""
2141
2150
"Client and server must use same config regarding bridged vs routed mode, see "
2142
2151
"server vs server-bridge config option"
2143
2152
msgstr ""
2144
2153
2145
#: serverguide/C/databases.xml:168(title)
2154
#: serverguide/C/vpn.xml:366(title) serverguide/C/databases.xml:161(title)
2146
2155
msgid "Advanced configuration"
2147
2156
msgstr ""
2148
2157
2149
#: serverguide/C/vpn.xml:342(title)
2158
#: serverguide/C/vpn.xml:369(title)
2150
2159
msgid "Advanced routed VPN configuration on server"
2151
2160
msgstr ""
2152
2161
2153
#: serverguide/C/vpn.xml:344(para)
2162
#: serverguide/C/vpn.xml:371(para)
2154
2163
msgid ""
2155
2164
"The above is a very simple working VPN. The client can access services on "
2156
2165
"the VPN server machine through an encrypted tunnel. If you want to reach "
2161
2170
"route to the VPN client-network."
2162
2171
msgstr ""
2163
2172
2164
#: serverguide/C/vpn.xml:348(para)
2173
#: serverguide/C/vpn.xml:375(para)
2165
2174
msgid ""
2166
2175
"Or you might push a default gateway to all the clients to send all their "
2167
2176
"internet traffic to the VPN gateway first and from there via the company "
2168
2177
"firewall into the internet. This section shows you some possible options."
2169
2178
msgstr ""
2170
2179
2171
#: serverguide/C/vpn.xml:352(para)
2180
#: serverguide/C/vpn.xml:379(para)
2172
2181
msgid ""
2173
2182
"Push routes to the client to allow it to reach other private subnets behind "
2174
2183
"the server. Remember that these private subnets will also need to know to "
2176
2185
"server."
2177
2186
msgstr ""
2178
2187
2179
#: serverguide/C/vpn.xml:361(programlisting)
2188
#: serverguide/C/vpn.xml:388(programlisting)
2180
2189
#, no-wrap
2181
2190
msgid ""
2182
2191
"\n"
2192
2201
"internet in order for this to work properly)."
2193
2202
msgstr ""
2194
2203
2195
#: serverguide/C/vpn.xml:374(programlisting)
2204
#: serverguide/C/vpn.xml:401(programlisting)
2196
2205
#, no-wrap
2197
2206
msgid ""
2198
2207
"\n"
2199
2208
"push \"redirect-gateway def1 bypass-dhcp\"\n"
2200
2209
msgstr ""
2201
2210
2202
#: serverguide/C/vpn.xml:378(para)
2211
#: serverguide/C/vpn.xml:405(para)
2203
2212
msgid ""
2204
2213
"Configure server mode and supply a VPN subnet for OpenVPN to draw client "
2205
2214
"addresses from. The server will take 10.8.0.1 for itself, the rest will be "
2207
2216
"10.8.0.1. Comment this line out if you are ethernet bridging."
2208
2217
msgstr ""
2209
2218
2210
#: serverguide/C/vpn.xml:387(programlisting)
2219
#: serverguide/C/vpn.xml:414(programlisting)
2211
2220
#, no-wrap
2212
2221
msgid ""
2213
2222
"\n"
2214
2223
"server 10.8.0.0 255.255.255.0\n"
2215
2224
msgstr ""
2216
2225
2217
#: serverguide/C/vpn.xml:391(para)
2226
#: serverguide/C/vpn.xml:418(para)
2218
2227
msgid ""
2219
2228
"Maintain a record of client to virtual IP address associations in this file. "
2220
2229
"If OpenVPN goes down or is restarted, reconnecting clients can be assigned "
2221
2230
"the same virtual IP address from the pool that was previously assigned."
2222
2231
msgstr ""
2223
2232
2224
#: serverguide/C/vpn.xml:398(programlisting)
2233
#: serverguide/C/vpn.xml:425(programlisting)
2225
2234
#, no-wrap
2226
2235
msgid ""
2227
2236
"\n"
2228
2237
"ifconfig-pool-persist ipp.txt\n"
2229
2238
msgstr ""
2230
2239
2231
#: serverguide/C/vpn.xml:402(para)
2240
#: serverguide/C/vpn.xml:429(para)
2232
2241
msgid "Push DNS servers to the client."
2233
2242
msgstr ""
2234
2243
2235
#: serverguide/C/vpn.xml:405(programlisting)
2244
#: serverguide/C/vpn.xml:432(programlisting)
2236
2245
#, no-wrap
2237
2246
msgid ""
2238
2247
"\n"
2240
2249
"push \"dhcp-option DNS 10.1.0.2\"\n"
2241
2250
msgstr ""
2242
2251
2243
#: serverguide/C/vpn.xml:410(para)
2252
#: serverguide/C/vpn.xml:437(para)
2244
2253
msgid "Allow client to client communication."
2245
2254
msgstr ""
2246
2255
2247
#: serverguide/C/vpn.xml:413(programlisting)
2256
#: serverguide/C/vpn.xml:440(programlisting)
2248
2257
#, no-wrap
2249
2258
msgid ""
2250
2259
"\n"
2251
2260
"client-to-client\n"
2252
2261
msgstr ""
2253
2262
2254
#: serverguide/C/vpn.xml:417(para)
2263
#: serverguide/C/vpn.xml:444(para)
2255
2264
msgid "Enable compression on the VPN link."
2256
2265
msgstr ""
2257
2266
2258
#: serverguide/C/vpn.xml:420(programlisting)
2267
#: serverguide/C/vpn.xml:447(programlisting)
2259
2268
#, no-wrap
2260
2269
msgid ""
2261
2270
"\n"
2262
2271
"comp-lzo\n"
2263
2272
msgstr ""
2264
2273
2265
#: serverguide/C/vpn.xml:424(para)
2274
#: serverguide/C/vpn.xml:451(para)
2266
2275
msgid ""
2267
"The keepalive directive causes ping-like messages to be sent back and forth "
2268
"over the link so that each side knows when the other side has gone down. "
2269
"Ping every 1 second, assume that remote peer is down if no ping received "
2270
"during a 3 second time period."
2276
"The <emphasis>keepalive</emphasis> directive causes ping-like messages to be "
2277
"sent back and forth over the link so that each side knows when the other "
2278
"side has gone down. Ping every 1 second, assume that remote peer is down if "
2279
"no ping received during a 3 second time period."
2271
2280
msgstr ""
2272
2281
2273
#: serverguide/C/vpn.xml:433(programlisting)
2282
#: serverguide/C/vpn.xml:460(programlisting)
2274
2283
#, no-wrap
2275
2284
msgid ""
2276
2285
"\n"
2277
2286
"keepalive 1 3\n"
2278
2287
msgstr ""
2279
2288
2280
#: serverguide/C/vpn.xml:437(para)
2289
#: serverguide/C/vpn.xml:464(para)
2281
2290
msgid ""
2282
2291
"It's a good idea to reduce the OpenVPN daemon's privileges after "
2283
2292
"initialization."
2284
2293
msgstr ""
2285
2294
2286
#: serverguide/C/vpn.xml:440(programlisting)
2295
#: serverguide/C/vpn.xml:467(programlisting)
2287
2296
#, no-wrap
2288
2297
msgid ""
2289
2298
"\n"
2291
2300
"group nogroup\n"
2292
2301
msgstr ""
2293
2302
2294
#: serverguide/C/vpn.xml:445(para)
2303
#: serverguide/C/vpn.xml:472(para)
2295
2304
msgid ""
2296
2305
"OpenVPN 2.0 includes a feature that allows the OpenVPN server to securely "
2297
2306
"obtain a username and password from a connecting client, and to use that "
2301
2310
"username/password, passing it on to the server over the secure TLS channel."
2302
2311
msgstr ""
2303
2312
2304
#: serverguide/C/vpn.xml:449(programlisting)
2313
#: serverguide/C/vpn.xml:476(programlisting)
2305
2314
#, no-wrap
2306
2315
msgid ""
2307
2316
"\n"
2309
2318
"auth-user-pass\n"
2310
2319
msgstr ""
2311
2320
2312
#: serverguide/C/vpn.xml:454(para)
2321
#: serverguide/C/vpn.xml:481(para)
2313
2322
msgid ""
2314
2323
"This will tell the OpenVPN server to validate the username/password entered "
2315
2324
"by clients using the login PAM module. Useful if you have centralized "
2323
2332
"plugin /usr/lib/openvpn/openvpn-plugin-auth-pam.so login\n"
2324
2333
msgstr ""
2325
2334
2326
#: serverguide/C/vpn.xml:463(para)
2335
#: serverguide/C/vpn.xml:490(para)
2327
2336
msgid ""
2328
2337
"Please read the OpenVPN <ulink url=\"http://openvpn.net/index.php/open-"
2329
2338
"source/documentation/howto.html#security\">hardening security guide</ulink> "
2330
2339
"for further security advice."
2331
2340
msgstr ""
2332
2341
2333
#: serverguide/C/vpn.xml:469(title)
2342
#: serverguide/C/vpn.xml:496(title)
2334
2343
msgid "Advanced bridged VPN configuration on server"
2335
2344
msgstr ""
2336
2345
2337
#: serverguide/C/vpn.xml:471(para)
2346
#: serverguide/C/vpn.xml:498(para)
2338
2347
msgid ""
2339
2348
"<application>OpenVPN</application> can be setup for either a routed or a "
2340
2349
"bridged VPN mode. Sometimes this is also referred to as OSI layer-2 versus "
2346
2355
"be filtered."
2347
2356
msgstr ""
2348
2357
2349
#: serverguide/C/vpn.xml:477(title)
2358
#: serverguide/C/vpn.xml:504(title)
2350
2359
msgid "Prepare interface config for bridging on server"
2351
2360
msgstr ""
2352
2361
2353
#: serverguide/C/vpn.xml:479(para)
2362
#: serverguide/C/vpn.xml:506(para)
2354
2363
msgid "Make sure you have the bridge-utils package installed:"
2355
2364
msgstr ""
2356
2365
2357
#: serverguide/C/vpn.xml:483(command) serverguide/C/virtualization.xml:2188(command) serverguide/C/network-config.xml:538(command)
2366
#: serverguide/C/vpn.xml:510(command) serverguide/C/network-config.xml:542(command)
2358
2367
msgid "sudo apt-get install bridge-utils"
2359
2368
msgstr ""
2360
2369
2361
#: serverguide/C/vpn.xml:486(para)
2370
#: serverguide/C/vpn.xml:513(para)
2362
2371
msgid ""
2363
2372
"Before you setup OpenVPN in bridged mode you need to change your interface "
2364
2373
"configuration. Let's assume your server has an interface eth0 connected to "
2366
2375
"Your /etc/network/interfaces would like this:"
2367
2376
msgstr ""
2368
2377
2369
#: serverguide/C/vpn.xml:490(programlisting)
2378
#: serverguide/C/vpn.xml:517(programlisting)
2370
2379
#, no-wrap
2371
2380
msgid ""
2372
2381
"\n"
2382
2391
" netmask 255.255.255.0\n"
2383
2392
msgstr ""
2384
2393
2385
#: serverguide/C/vpn.xml:503(para)
2394
#: serverguide/C/vpn.xml:530(para)
2386
2395
msgid ""
2387
2396
"This straight forward interface config needs to be changed into a bridged "
2388
2397
"mode like where the config of interface eth1 moves to the new br0 interface. "
2391
2400
"interface to forward all ethernet frames to the IP stack."
2392
2401
msgstr ""
2393
2402
2394
#: serverguide/C/vpn.xml:507(programlisting)
2403
#: serverguide/C/vpn.xml:534(programlisting)
2395
2404
#, no-wrap
2396
2405
msgid ""
2397
2406
"\n"
2423
2432
msgid "sudo ifdown eth1 && sudo ifup -a"
2424
2433
msgstr ""
2425
2434
2426
#: serverguide/C/vpn.xml:534(title)
2435
#: serverguide/C/vpn.xml:561(title)
2427
2436
msgid "Prepare server config for bridging"
2428
2437
msgstr ""
2429
2438
2430
#: serverguide/C/vpn.xml:536(para)
2439
#: serverguide/C/vpn.xml:563(para)
2431
2440
msgid ""
2432
2441
"Edit <filename>/etc/openvpn/server.conf</filename> changing the following "
2433
2442
"options to:"
2434
2443
msgstr ""
2435
2444
2436
#: serverguide/C/vpn.xml:540(programlisting)
2445
#: serverguide/C/vpn.xml:567(programlisting)
2437
2446
#, no-wrap
2438
2447
msgid ""
2439
2448
"\n"
2444
2453
"server-bridge 10.0.0.4 255.255.255.0 10.0.0.128 10.0.0.254\n"
2445
2454
msgstr ""
2446
2455
2447
#: serverguide/C/vpn.xml:548(para)
2456
#: serverguide/C/vpn.xml:575(para)
2448
2457
msgid ""
2449
2458
"Next, create a helper script to add the <emphasis>tap</emphasis> interface "
2450
2459
"to the bridge and to ensure that eth1 is promiscuous mode. Create "
2451
2460
"<filename>/etc/openvpn/up.sh</filename>:"
2452
2461
msgstr ""
2453
2462
2454
#: serverguide/C/vpn.xml:552(programlisting)
2463
#: serverguide/C/vpn.xml:579(programlisting)
2455
2464
#, no-wrap
2456
2465
msgid ""
2457
2466
"\n"
2466
2475
"/sbin/brctl addif $BR $TAPDEV\n"
2467
2476
msgstr ""
2468
2477
2469
#: serverguide/C/vpn.xml:564(para)
2478
#: serverguide/C/vpn.xml:591(para)
2470
2479
msgid "Then make it executable:"
2471
2480
msgstr ""
2472
2481
2473
#: serverguide/C/vpn.xml:569(command)
2482
#: serverguide/C/vpn.xml:596(command)
2474
2483
msgid "sudo chmod 755 /etc/openvpn/up.sh"
2475
2484
msgstr "sudo chmod 755 /etc/openvpn/up.sh"
2476
2485
2477
#: serverguide/C/vpn.xml:572(para)
2486
#: serverguide/C/vpn.xml:599(para)
2478
2487
msgid ""
2479
2488
"After configuring the server, restart <application>openvpn</application> by "
2480
2489
"entering:"
2484
2493
msgid "sudo service openvpn restart"
2485
2494
msgstr ""
2486
2495
2487
#: serverguide/C/vpn.xml:582(title)
2496
#: serverguide/C/vpn.xml:609(title)
2488
2497
msgid "Client Configuration"
2489
2498
msgstr "Nastavljanje odjemalca"
2490
2499
2491
#: serverguide/C/vpn.xml:584(para)
2500
#: serverguide/C/vpn.xml:611(para)
2492
2501
msgid "First, install <application>openvpn</application> on the client:"
2493
2502
msgstr "Najprej na odjemalcu namestite <application>openvpn</application>:"
2494
2503
2495
#: serverguide/C/vpn.xml:592(para)
2504
#: serverguide/C/vpn.xml:619(para)
2496
2505
msgid ""
2497
2506
"Then with the server configured and the client certificates copied to the "
2498
2507
"<filename>/etc/openvpn/</filename> directory, create a client configuration "
2499
2508
"file by copying the example. In a terminal on the client machine enter:"
2500
2509
msgstr ""
2501
2510
2502
#: serverguide/C/vpn.xml:598(command)
2511
#: serverguide/C/vpn.xml:625(command)
2503
2512
msgid ""
2504
2513
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
2505
2514
"/etc/openvpn"
2507
2516
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
2508
2517
"/etc/openvpn"
2509
2518
2510
#: serverguide/C/vpn.xml:601(para)
2519
#: serverguide/C/vpn.xml:628(para)
2511
2520
msgid ""
2512
2521
"Now edit <filename>/etc/openvpn/client.conf</filename> changing the "
2513
2522
"following options:"
2524
2533
"key client1.key\n"
2525
2534
msgstr ""
2526
2535
2527
#: serverguide/C/vpn.xml:610(para)
2536
#: serverguide/C/vpn.xml:640(para)
2528
2537
msgid "Finally, restart <application>openvpn</application>:"
2529
2538
msgstr "Znova zaženi <application>openvpn</application>:"
2530
2539
2531
#: serverguide/C/vpn.xml:618(para)
2540
#: serverguide/C/vpn.xml:648(para)
2532
2541
msgid "You should now be able to connect to the remote LAN through the VPN."
2533
2542
msgstr ""
2534
2543
2535
#: serverguide/C/vpn.xml:627(title)
2544
#: serverguide/C/vpn.xml:657(title)
2536
2545
msgid "Client software implementations"
2537
2546
msgstr ""
2538
2547
2539
#: serverguide/C/vpn.xml:630(title)
2548
#: serverguide/C/vpn.xml:660(title)
2540
2549
msgid "Linux Network-Manager GUI for OpenVPN"
2541
2550
msgstr ""
2542
2551
2543
#: serverguide/C/vpn.xml:632(para)
2552
#: serverguide/C/vpn.xml:662(para)
2544
2553
msgid ""
2545
2554
"Many Linux distributions including Ubuntu desktop variants come with Network "
2546
2555
"Manager, a nice GUI to configure your network settings. It also can manage "
2549
2558
"packages as well:"
2550
2559
msgstr ""
2551
2560
2552
#: serverguide/C/vpn.xml:637(programlisting)
2561
#: serverguide/C/vpn.xml:667(programlisting)
2553
2562
#, no-wrap
2554
2563
msgid ""
2555
2564
"\n"
2570
2579
"Do you want to continue [Y/n]? \n"
2571
2580
msgstr ""
2572
2581
2573
#: serverguide/C/vpn.xml:655(para)
2582
#: serverguide/C/vpn.xml:685(para)
2574
2583
msgid ""
2575
2584
"To inform network-manager about the new installed packages you will have to "
2576
2585
"restart it:"
2577
2586
msgstr ""
2578
2587
2579
#: serverguide/C/vpn.xml:659(programlisting)
2588
#: serverguide/C/vpn.xml:689(programlisting)
2580
2589
#, no-wrap
2581
2590
msgid ""
2582
2591
"\n"
2596
2605
"to establish your VPN."
2597
2606
msgstr ""
2598
2607
2599
#: serverguide/C/vpn.xml:676(title)
2608
#: serverguide/C/vpn.xml:706(title)
2600
2609
msgid "OpenVPN with GUI for Mac OS X: Tunnelblick"
2601
2610
msgstr ""
2602
2611
2603
#: serverguide/C/vpn.xml:678(para)
2612
#: serverguide/C/vpn.xml:708(para)
2604
2613
msgid ""
2605
2614
"Tunnelblick is an excellent free, open source implementation of a GUI for "
2606
2615
"OpenVPN for OS X. The project's homepage is at <ulink "
2612
2621
"Application folder."
2613
2622
msgstr ""
2614
2623
2615
#: serverguide/C/vpn.xml:684(programlisting)
2624
#: serverguide/C/vpn.xml:714(programlisting)
2616
2625
#, no-wrap
2617
2626
msgid ""
2618
2627
"\n"
2635
2644
"key client.key\n"
2636
2645
msgstr ""
2637
2646
2638
#: serverguide/C/vpn.xml:706(title)
2647
#: serverguide/C/vpn.xml:736(title)
2639
2648
msgid "OpenVPN with GUI for Win 7"
2640
2649
msgstr ""
2641
2650
2648
2657
"binary installer."
2649
2658
msgstr ""
2650
2659
2651
#: serverguide/C/vpn.xml:714(para)
2660
#: serverguide/C/vpn.xml:743(para)
2652
2661
msgid ""
2653
2662
"You need to start the OpenVPN service. Goto Start > Computer > Manage "
2654
2663
"> Services and Applications > Services. Find the OpenVPN service and "
2657
2666
"click on it and you will see that option."
2658
2667
msgstr ""
2659
2668
2660
#: serverguide/C/vpn.xml:718(para)
2669
#: serverguide/C/vpn.xml:747(para)
2661
2670
msgid ""
2662
2671
"You will have to write your OpenVPN config in a textfile and place it in C:\\"
2663
2672
"Program Files\\OpenVPN\\config\\client.ovpn along with the CA certificate. "
2715
2724
msgid "You may want to set the Windows service to \"automatic\"."
2716
2725
msgstr ""
2717
2726
2718
#: serverguide/C/vpn.xml:747(title)
2727
#: serverguide/C/vpn.xml:790(title)
2719
2728
msgid "OpenVPN for OpenWRT"
2720
2729
msgstr ""
2721
2730
2722
#: serverguide/C/vpn.xml:749(para)
2731
#: serverguide/C/vpn.xml:792(para)
2723
2732
msgid ""
2724
2733
"OpenWRT is described as a Linux distribution for embedded devices like WLAN "
2725
2734
"router. There are certain types of WLAN routers who can be flashed to run "
2732
2741
"url=\"http://openwrt.org\">http://openwrt.org</ulink>"
2733
2742
msgstr ""
2734
2743
2735
#: serverguide/C/vpn.xml:758(para)
2744
#: serverguide/C/vpn.xml:801(para)
2736
2745
msgid "Log into your OpenWRT router and install OpenVPN:"
2737
2746
msgstr ""
2738
2747
2739
#: serverguide/C/vpn.xml:763(command)
2748
#: serverguide/C/vpn.xml:806(command)
2740
2749
msgid "opkg update"
2741
2750
msgstr ""
2742
2751
2743
#: serverguide/C/vpn.xml:764(command)
2752
#: serverguide/C/vpn.xml:807(command)
2744
2753
msgid "opkg install openvpn"
2745
2754
msgstr ""
2746
2755
2750
2759
"certificates and keys to /etc/openvpn/"
2751
2760
msgstr ""
2752
2761
2753
#: serverguide/C/vpn.xml:772(programlisting)
2762
#: serverguide/C/vpn.xml:815(programlisting)
2754
2763
#, no-wrap
2755
2764
msgid ""
2756
2765
"\n"
2766
2775
" option comp_lzo 1 \n"
2767
2776
msgstr ""
2768
2777
2769
#: serverguide/C/vpn.xml:785(para)
2778
#: serverguide/C/vpn.xml:828(para)
2770
2779
msgid "Restart OpenVPN:"
2771
2780
msgstr ""
2772
2781
2774
2783
msgid "service openvpn restart"
2775
2784
msgstr ""
2776
2785
2777
#: serverguide/C/vpn.xml:793(para)
2786
#: serverguide/C/vpn.xml:836(para)
2778
2787
msgid ""
2779
2788
"You will have to see if you need to adjust your router's routing and "
2780
2789
"firewall rules."
2781
2790
msgstr ""
2782
2791
2783
#: serverguide/C/vpn.xml:803(para)
2792
#: serverguide/C/vpn.xml:846(para)
2784
2793
msgid ""
2785
2794
"See the <ulink url=\"http://openvpn.net/\">OpenVPN</ulink> website for "
2786
2795
"additional information."
2787
2796
msgstr ""
2788
2797
2789
#: serverguide/C/vpn.xml:809(ulink)
2798
#: serverguide/C/vpn.xml:852(ulink)
2790
2799
msgid "OpenVPN hardening security guide"
2791
2800
msgstr ""
2792
2801
2793
#: serverguide/C/vpn.xml:813(para)
2802
#: serverguide/C/vpn.xml:856(para)
2794
2803
msgid ""
2795
2804
"Also, Pakt's <ulink url=\"http://www.packtpub.com/openvpn/book\">OpenVPN: "
2796
2805
"Building and Integrating Virtual Private Networks</ulink> is a good resource."
2800
2809
msgid "Virtualization"
2801
2810
msgstr ""
2802
2811
2803
#: serverguide/C/virtualization.xml:12(para)
2812
#: serverguide/C/virtualization.xml:13(para)
2804
2813
msgid ""
2805
2814
"Virtualization is being adopted in many different environments and "
2806
2815
"situations. If you are a developer, virtualization can provide you with a "
2810
2819
"services and move them around based on demand."
2811
2820
msgstr ""
2812
2821
2813
#: serverguide/C/virtualization.xml:18(para)
2822
#: serverguide/C/virtualization.xml:20(para)
2814
2823
msgid ""
2815
2824
"The default virtualization technology supported in Ubuntu is "
2816
2825
"<application>KVM</application>. KVM requires virtualization extensions built "
2821
2830
"hardware without virtualization extensions."
2822
2831
msgstr ""
2823
2832
2824
#: serverguide/C/virtualization.xml:26(title)
2833
#: serverguide/C/virtualization.xml:29(title)
2825
2834
msgid "libvirt"
2826
2835
msgstr "libvirt"
2827
2836
2828
#: serverguide/C/virtualization.xml:27(para)
2837
#: serverguide/C/virtualization.xml:31(para)
2829
2838
msgid ""
2830
2839
"The <application>libvirt</application> library is used to interface with "
2831
2840
"different virtualization technologies. Before getting started with "
2834
2843
"<application>KVM</application>. Enter the following from a terminal prompt:"
2835
2844
msgstr ""
2836
2845
2837
#: serverguide/C/virtualization.xml:34(command)
2846
#: serverguide/C/virtualization.xml:39(command)
2838
2847
msgid "kvm-ok"
2839
2848
msgstr "kvm-ok"
2840
2849
2841
#: serverguide/C/virtualization.xml:36(para)
2850
#: serverguide/C/virtualization.xml:42(para)
2842
2851
msgid ""
2843
2852
"A message will be printed informing you if your CPU "
2844
2853
"<emphasis>does</emphasis> or <emphasis>does not</emphasis> support hardware "
2852
2861
"it."
2853
2862
msgstr ""
2854
2863
2855
#: serverguide/C/virtualization.xml:46(title)
2864
#: serverguide/C/virtualization.xml:53(title)
2856
2865
msgid "Virtual Networking"
2857
2866
msgstr ""
2858
2867
2874
2883
"to the rest of the network."
2875
2884
msgstr ""
2876
2885
2877
#: serverguide/C/virtualization.xml:62(para)
2886
#: serverguide/C/virtualization.xml:72(para)
2878
2887
msgid "To install the necessary packages, from a terminal prompt enter:"
2879
2888
msgstr ""
2880
2889
2882
2891
msgid "sudo apt-get install qemu-kvm libvirt-bin"
2883
2892
msgstr ""
2884
2893
2885
#: serverguide/C/virtualization.xml:68(para)
2894
#: serverguide/C/virtualization.xml:79(para)
2886
2895
msgid ""
2887
2896
"After installing <application>libvirt-bin</application>, the user used to "
2888
2897
"manage virtual machines will need to be added to the "
2890
2899
"the advanced networking options."
2891
2900
msgstr ""
2892
2901
2893
#: serverguide/C/virtualization.xml:72(para)
2902
#: serverguide/C/virtualization.xml:84(para)
2894
2903
msgid "In a terminal enter:"
2895
2904
msgstr "V terminalu vnesite:"
2896
2905
2897
#: serverguide/C/virtualization.xml:76(command)
2906
#: serverguide/C/virtualization.xml:87(command)
2898
2907
msgid "sudo adduser $USER libvirtd"
2899
2908
msgstr ""
2900
2909
2901
#: serverguide/C/virtualization.xml:79(para)
2910
#: serverguide/C/virtualization.xml:91(para)
2902
2911
msgid ""
2903
2912
"If the user chosen is the current user, you will need to log out and back in "
2904
2913
"for the new group membership to take effect."
2905
2914
msgstr ""
2906
2915
2907
#: serverguide/C/virtualization.xml:83(para)
2916
#: serverguide/C/virtualization.xml:95(para)
2908
2917
msgid ""
2909
2918
"You are now ready to install a <emphasis>Guest</emphasis> operating system. "
2910
2919
"Installing a virtual machine follows the same process as installing the "
2913
2922
"physical machine."
2914
2923
msgstr ""
2915
2924
2916
#: serverguide/C/virtualization.xml:88(para)
2925
#: serverguide/C/virtualization.xml:101(para)
2917
2926
msgid ""
2918
2927
"In the case of virtual machines a Graphical User Interface (GUI) is "
2919
2928
"analogous to using a physical keyboard and mouse. Instead of installing a "
2933
2942
#: serverguide/C/virtualization.xml:113(para)
2934
2943
msgid ""
2935
2944
"Yet another way to install an Ubuntu virtual machine is to use "
2936
"<application>uvtool</application>. This application, available as of 14.04 "
2945
"<application>uvtool</application>. This application, available as of 14.04, "
2937
2946
"allows you to set up specific VM options, execute custom post-install "
2938
"scripts, etc. For details see <xref linkend=\"cloud-images-and-uvtool\"/>"
2947
"scripts, etc. For details see <xref linkend=\"cloud-images-and-uvtool\"/>."
2939
2948
msgstr ""
2940
2949
2941
#: serverguide/C/virtualization.xml:101(para)
2950
#: serverguide/C/virtualization.xml:119(para)
2942
2951
msgid ""
2943
2952
"Libvirt can also be configured work with <application>Xen</application>. For "
2944
2953
"details, see the Xen Ubuntu community page referenced below."
2945
2954
msgstr ""
2946
2955
2947
#: serverguide/C/virtualization.xml:106(title)
2956
#: serverguide/C/virtualization.xml:125(title)
2948
2957
msgid "virt-install"
2949
2958
msgstr "virt-install"
2950
2959
2951
#: serverguide/C/virtualization.xml:107(para)
2960
#: serverguide/C/virtualization.xml:127(para)
2952
2961
msgid ""
2953
2962
"<application>virt-install</application> is part of the "
2954
2963
"<application>virtinst</application> package. To install it, from a terminal "
2955
2964
"prompt enter:"
2956
2965
msgstr ""
2957
2966
2958
#: serverguide/C/virtualization.xml:111(command)
2967
#: serverguide/C/virtualization.xml:132(command)
2959
2968
msgid "sudo apt-get install virtinst"
2960
2969
msgstr ""
2961
2970
2962
#: serverguide/C/virtualization.xml:113(para)
2971
#: serverguide/C/virtualization.xml:135(para)
2963
2972
msgid ""
2964
2973
"There are several options available when using <application>virt-"
2965
2974
"install</application>. For example:"
2973
2982
"vnc,listen=0.0.0.0 --noautoconsole -v"
2974
2983
msgstr ""
2975
2984
2976
#: serverguide/C/virtualization.xml:124(para)
2985
#: serverguide/C/virtualization.xml:147(para)
2977
2986
msgid ""
2978
2987
"<emphasis>-n web_devel:</emphasis> the name of the new virtual machine will "
2979
2988
"be <emphasis>web_devel</emphasis> in this example."
2981
2990
"<emphasis>-n ime-naprave:</emphasis> ime nove navidezne naprave, v tem "
2982
2991
"primeru <emphasis>ime-naprave</emphasis>."
2983
2992
2984
#: serverguide/C/virtualization.xml:129(para)
2993
#: serverguide/C/virtualization.xml:153(para)
2985
2994
msgid ""
2986
2995
"<emphasis>-r 256:</emphasis> specifies the amount of memory the virtual "
2987
2996
"machine will use in megabytes."
2988
2997
msgstr ""
2989
2998
2990
#: serverguide/C/virtualization.xml:134(para)
2999
#: serverguide/C/virtualization.xml:158(para)
2991
3000
msgid ""
2992
3001
"<emphasis>--disk "
2993
3002
"path=/var/lib/libvirt/images/web_devel.img,size=4:</emphasis> indicates the "
3004
3013
"CDROM device."
3005
3014
msgstr ""
3006
3015
3007
#: serverguide/C/virtualization.xml:152(para)
3016
#: serverguide/C/virtualization.xml:174(para)
3008
3017
msgid ""
3009
3018
"<emphasis>--network</emphasis> provides details related to the VM's network "
3010
3019
"interface. Here the <emphasis>default</emphasis> network is used, and the "
3019
3028
"connect via VNC to complete the installation."
3020
3029
msgstr ""
3021
3030
3022
#: serverguide/C/virtualization.xml:163(para)
3031
#: serverguide/C/virtualization.xml:189(para)
3023
3032
msgid ""
3024
3033
"<emphasis>--noautoconsole:</emphasis> will not automatically connect to the "
3025
3034
"virtual machine's console."
3026
3035
msgstr ""
3027
3036
3028
#: serverguide/C/virtualization.xml:168(para)
3037
#: serverguide/C/virtualization.xml:194(para)
3029
3038
msgid "<emphasis>-v:</emphasis> creates a fully virtualized guest."
3030
3039
msgstr ""
3031
3040
3033
3042
msgid ""
3034
3043
"After launching <application>virt-install</application> you can connect to "
3035
3044
"the virtual machine's console either locally using a GUI (if your server has "
3036
"a GUI), or via a remote VNC client from a GUI based computer."
3045
"a GUI), or via a remote VNC client from a GUI-based computer."
3037
3046
msgstr ""
3038
3047
3039
#: serverguide/C/virtualization.xml:179(title)
3048
#: serverguide/C/virtualization.xml:206(title)
3040
3049
msgid "virt-clone"
3041
3050
msgstr "virt-clone"
3042
3051
3043
#: serverguide/C/virtualization.xml:180(para)
3052
#: serverguide/C/virtualization.xml:208(para)
3044
3053
msgid ""
3045
3054
"The <application>virt-clone</application> application can be used to copy "
3046
3055
"one virtual machine to another. For example:"
3047
3056
msgstr ""
3048
3057
3049
#: serverguide/C/virtualization.xml:184(command)
3058
#: serverguide/C/virtualization.xml:212(command)
3050
3059
msgid ""
3051
3060
"sudo virt-clone -o web_devel -n database_devel -f "
3052
3061
"/path/to/database_devel.img \\ --connect=qemu:///system"
3053
3062
msgstr ""
3054
3063
3055
#: serverguide/C/virtualization.xml:189(para)
3064
#: serverguide/C/virtualization.xml:218(para)
3056
3065
msgid "<emphasis>-o:</emphasis> original virtual machine."
3057
3066
msgstr "<emphasis>-o:</emphasis> izvirna navidezna naprava"
3058
3067
3059
#: serverguide/C/virtualization.xml:194(para)
3068
#: serverguide/C/virtualization.xml:222(para)
3060
3069
msgid "<emphasis>-n:</emphasis> name of the new virtual machine."
3061
3070
msgstr "<emphasis>-n:</emphasis> ime nove navidezne naprave"
3062
3071
3063
#: serverguide/C/virtualization.xml:199(para)
3072
#: serverguide/C/virtualization.xml:227(para)
3064
3073
msgid ""
3065
3074
"<emphasis>-f:</emphasis> path to the file, logical volume, or partition to "
3066
3075
"be used by the new virtual machine."
3067
3076
msgstr ""
3068
3077
3069
#: serverguide/C/virtualization.xml:204(para)
3078
#: serverguide/C/virtualization.xml:232(para)
3070
3079
msgid ""
3071
3080
"<emphasis>--connect:</emphasis> specifies which hypervisor to connect to."
3072
3081
msgstr ""
3073
3082
3074
#: serverguide/C/virtualization.xml:209(para)
3083
#: serverguide/C/virtualization.xml:237(para)
3075
3084
msgid ""
3076
3085
"Also, use <emphasis>-d</emphasis> or <emphasis>--debug</emphasis> option to "
3077
3086
"help troubleshoot problems with <application>virt-clone</application>."
3078
3087
msgstr ""
3079
3088
3080
#: serverguide/C/virtualization.xml:214(para)
3089
#: serverguide/C/virtualization.xml:242(para)
3081
3090
msgid ""
3082
3091
"Replace <emphasis>web_devel</emphasis> and "
3083
3092
"<emphasis>database_devel</emphasis> with appropriate virtual machine names."
3084
3093
msgstr ""
3085
3094
3086
#: serverguide/C/virtualization.xml:220(title)
3095
#: serverguide/C/virtualization.xml:249(title)
3087
3096
msgid "Virtual Machine Management"
3088
3097
msgstr "Upravljanje navideznih naprav"
3089
3098
3090
#: serverguide/C/virtualization.xml:222(title)
3099
#: serverguide/C/virtualization.xml:252(title)
3091
3100
msgid "virsh"
3092
3101
msgstr "virsh"
3093
3102
3094
#: serverguide/C/virtualization.xml:223(para)
3103
#: serverguide/C/virtualization.xml:254(para)
3095
3104
msgid ""
3096
3105
"There are several utilities available to manage virtual machines and "
3097
3106
"<application>libvirt</application>. The <application>virsh</application> "
3098
3107
"utility can be used from the command line. Some examples:"
3099
3108
msgstr ""
3100
3109
3101
#: serverguide/C/virtualization.xml:229(para)
3110
#: serverguide/C/virtualization.xml:261(para)
3102
3111
msgid "To list running virtual machines:"
3103
3112
msgstr "Za izpis zagnanih navideznih naprav:"
3104
3113
3105
#: serverguide/C/virtualization.xml:233(command)
3114
#: serverguide/C/virtualization.xml:264(command)
3106
3115
msgid "virsh -c qemu:///system list"
3107
3116
msgstr "virsh -c qemu:///system list"
3108
3117
3109
#: serverguide/C/virtualization.xml:237(para)
3118
#: serverguide/C/virtualization.xml:269(para)
3110
3119
msgid "To start a virtual machine:"
3111
3120
msgstr "Za zagon navidezne naprave:"
3112
3121
3113
#: serverguide/C/virtualization.xml:241(command)
3122
#: serverguide/C/virtualization.xml:272(command)
3114
3123
msgid "virsh -c qemu:///system start web_devel"
3115
3124
msgstr "virsh -c qemu:///system start ime-naprave"
3116
3125
3117
#: serverguide/C/virtualization.xml:245(para)
3126
#: serverguide/C/virtualization.xml:277(para)
3118
3127
msgid "Similarly, to start a virtual machine at boot:"
3119
3128
msgstr ""
3120
3129
3121
#: serverguide/C/virtualization.xml:249(command)
3130
#: serverguide/C/virtualization.xml:280(command)
3122
3131
msgid "virsh -c qemu:///system autostart web_devel"
3123
3132
msgstr "virsh -c qemu:///system autostart ime-naprave"
3124
3133
3125
#: serverguide/C/virtualization.xml:253(para)
3134
#: serverguide/C/virtualization.xml:285(para)
3126
3135
msgid "Reboot a virtual machine with:"
3127
3136
msgstr "Navidezno napravo lahko znova zaženete z:"
3128
3137
3129
#: serverguide/C/virtualization.xml:257(command)
3138
#: serverguide/C/virtualization.xml:288(command)
3130
3139
msgid "virsh -c qemu:///system reboot web_devel"
3131
3140
msgstr "virsh -c qemu:///system reboot ime-naprave"
3132
3141
3133
#: serverguide/C/virtualization.xml:261(para)
3142
#: serverguide/C/virtualization.xml:293(para)
3134
3143
msgid ""
3135
3144
"The <emphasis>state</emphasis> of virtual machines can be saved to a file in "
3136
3145
"order to be restored later. The following will save the virtual machine "
3137
3146
"state into a file named according to the date:"
3138
3147
msgstr ""
3139
3148
3140
#: serverguide/C/virtualization.xml:266(command)
3149
#: serverguide/C/virtualization.xml:299(command)
3141
3150
msgid "virsh -c qemu:///system save web_devel web_devel-022708.state"
3142
3151
msgstr "virsh -c qemu:///system save ime-naprave ime-naprave-022708.state"
3143
3152
3144
#: serverguide/C/virtualization.xml:268(para)
3153
#: serverguide/C/virtualization.xml:302(para)
3145
3154
msgid "Once saved the virtual machine will no longer be running."
3146
3155
msgstr ""
3147
3156
3148
#: serverguide/C/virtualization.xml:273(para)
3157
#: serverguide/C/virtualization.xml:307(para)
3149
3158
msgid "A saved virtual machine can be restored using:"
3150
3159
msgstr "Shranjeno navidezno napravo lahko obnovite z:"
3151
3160
3152
#: serverguide/C/virtualization.xml:277(command)
3161
#: serverguide/C/virtualization.xml:310(command)
3153
3162
msgid "virsh -c qemu:///system restore web_devel-022708.state"
3154
3163
msgstr "virsh -c qemu:///system restore ime-naprave-022708.state"
3155
3164
3156
#: serverguide/C/virtualization.xml:281(para)
3165
#: serverguide/C/virtualization.xml:315(para)
3157
3166
msgid "To shutdown a virtual machine do:"
3158
3167
msgstr "Za izklop navidezne naprave vpišite:"
3159
3168
3160
#: serverguide/C/virtualization.xml:285(command)
3169
#: serverguide/C/virtualization.xml:318(command)
3161
3170
msgid "virsh -c qemu:///system shutdown web_devel"
3162
3171
msgstr "virsh -c qemu:///system shutdown ime-naprave"
3163
3172
3164
#: serverguide/C/virtualization.xml:289(para)
3173
#: serverguide/C/virtualization.xml:323(para)
3165
3174
msgid "A CDROM device can be mounted in a virtual machine by entering:"
3166
3175
msgstr ""
3167
3176
3168
#: serverguide/C/virtualization.xml:293(command)
3177
#: serverguide/C/virtualization.xml:327(command)
3169
3178
msgid "virsh -c qemu:///system attach-disk web_devel /dev/cdrom /media/cdrom"
3170
3179
msgstr ""
3171
3180
"virsh -c qemu:///system attach-disk ime-naprave /dev/cdrom /media/cdrom"
3172
3181
3173
#: serverguide/C/virtualization.xml:298(para)
3182
#: serverguide/C/virtualization.xml:333(para)
3174
3183
msgid ""
3175
3184
"In the above examples replace <emphasis>web_devel</emphasis> with the "
3176
3185
"appropriate virtual machine name, and <filename>web_devel-"
3177
3186
"022708.state</filename> with a descriptive file name."
3178
3187
msgstr ""
3179
3188
3180
#: serverguide/C/virtualization.xml:305(title)
3189
#: serverguide/C/virtualization.xml:341(title)
3181
3190
msgid "Virtual Machine Manager"
3182
3191
msgstr "Upravitelj navideznih naprav"
3183
3192
3184
#: serverguide/C/virtualization.xml:306(para)
3193
#: serverguide/C/virtualization.xml:343(para)
3185
3194
msgid ""
3186
3195
"The <application>virt-manager</application> package contains a graphical "
3187
3196
"utility to manage local and remote virtual machines. To install virt-manager "
3191
3200
"upravljanje z krajevnimi in oddaljenimi navideznimi napravami. Za namestitev "
3192
3201
"virt-manager vnesite:"
3193
3202
3194
#: serverguide/C/virtualization.xml:311(command)
3203
#: serverguide/C/virtualization.xml:348(command)
3195
3204
msgid "sudo apt-get install virt-manager"
3196
3205
msgstr "sudo apt-get install virt-manager"
3197
3206
3198
#: serverguide/C/virtualization.xml:313(para)
3207
#: serverguide/C/virtualization.xml:351(para)
3199
3208
msgid ""
3200
3209
"Since <application>virt-manager</application> requires a Graphical User "
3201
3210
"Interface (GUI) environment it is recommended to be installed on a "
3203
3212
"the local <application>libvirt</application> service enter:"
3204
3213
msgstr ""
3205
3214
3206
#: serverguide/C/virtualization.xml:319(command)
3215
#: serverguide/C/virtualization.xml:358(command)
3207
3216
msgid "virt-manager -c qemu:///system"
3208
3217
msgstr "virt-manager -c qemu:///system"
3209
3218
3210
#: serverguide/C/virtualization.xml:321(para)
3219
#: serverguide/C/virtualization.xml:361(para)
3211
3220
msgid ""
3212
3221
"You can connect to the <application>libvirt</application> service running on "
3213
3222
"another host by entering the following in a terminal prompt:"
3214
3223
msgstr ""
3215
3224
3216
#: serverguide/C/virtualization.xml:325(command)
3225
#: serverguide/C/virtualization.xml:366(command)
3217
3226
msgid "virt-manager -c qemu+ssh://virtnode1.mydomain.com/system"
3218
3227
msgstr "virt-manager -c qemu+ssh://virtnode1.moja-domena.com/system"
3219
3228
3220
#: serverguide/C/virtualization.xml:328(para)
3229
#: serverguide/C/virtualization.xml:370(para)
3221
3230
msgid ""
3222
3231
"The above example assumes that <application>SSH</application> connectivity "
3223
3232
"between the management system and virtnode1.mydomain.com has already been "
3228
3237
"linkend=\"openssh-server\"/>"
3229
3238
msgstr ""
3230
3239
3231
#: serverguide/C/virtualization.xml:338(title)
3240
#: serverguide/C/virtualization.xml:383(title)
3232
3241
msgid "Virtual Machine Viewer"
3233
3242
msgstr ""
3234
3243
3235
#: serverguide/C/virtualization.xml:339(para)
3244
#: serverguide/C/virtualization.xml:385(para)
3236
3245
msgid ""
3237
3246
"The <application>virt-viewer</application> application allows you to connect "
3238
3247
"to a virtual machine's console. <application>virt-viewer</application> does "
3240
3249
"machine."
3241
3250
msgstr ""
3242
3251
3243
#: serverguide/C/virtualization.xml:343(para)
3252
#: serverguide/C/virtualization.xml:390(para)
3244
3253
msgid ""
3245
3254
"To install <application>virt-viewer</application> from a terminal enter:"
3246
3255
msgstr ""
3247
3256
"Za namestitev programa <application>virt-viewer</application> iz terminala, "
3248
3257
"vnesite:"
3249
3258
3250
#: serverguide/C/virtualization.xml:347(command)
3259
#: serverguide/C/virtualization.xml:394(command)
3251
3260
msgid "sudo apt-get install virt-viewer"
3252
3261
msgstr "sudo apt-get install virt-viewer"
3253
3262
3254
#: serverguide/C/virtualization.xml:349(para)
3263
#: serverguide/C/virtualization.xml:397(para)
3255
3264
msgid ""
3256
3265
"Once a virtual machine is installed and running you can connect to the "
3257
3266
"virtual machine's console by using:"
3258
3267
msgstr ""
3259
3268
3260
#: serverguide/C/virtualization.xml:353(command)
3269
#: serverguide/C/virtualization.xml:401(command)
3261
3270
msgid "virt-viewer -c qemu:///system web_devel"
3262
3271
msgstr "virt-viewer -c qemu:///system ime-naprave"
3263
3272
3264
#: serverguide/C/virtualization.xml:355(para)
3273
#: serverguide/C/virtualization.xml:404(para)
3265
3274
msgid ""
3266
3275
"Similar to <application>virt-manager</application>, <application>virt-"
3267
3276
"viewer</application> can connect to a remote host using "
3268
3277
"<emphasis>SSH</emphasis> with key authentication, as well:"
3269
3278
msgstr ""
3270
3279
3271
#: serverguide/C/virtualization.xml:360(command)
3280
#: serverguide/C/virtualization.xml:409(command)
3272
3281
msgid "virt-viewer -c qemu+ssh://virtnode1.mydomain.com/system web_devel"
3273
3282
msgstr ""
3274
3283
"virt-viewer -c qemu+ssh://virtnode1.moja-domena.com/system ime-naprave"
3275
3284
3276
#: serverguide/C/virtualization.xml:362(para)
3285
#: serverguide/C/virtualization.xml:412(para)
3277
3286
msgid ""
3278
3287
"Be sure to replace <emphasis role=\"italic\">web_devel</emphasis> with the "
3279
3288
"appropriate virtual machine name."
3287
3296
"can also setup <application>SSH</application> access to the virtual machine."
3288
3297
msgstr ""
3289
3298
3290
#: serverguide/C/windows-networking.xml:248(title) serverguide/C/windows-networking.xml:347(title) serverguide/C/windows-networking.xml:704(title) serverguide/C/windows-networking.xml:1100(title) serverguide/C/windows-networking.xml:1299(title) serverguide/C/virtualization.xml:371(title) serverguide/C/virtualization.xml:1072(title) serverguide/C/virtualization.xml:2482(title) serverguide/C/virtualization.xml:4388(title) serverguide/C/reporting-bugs.xml:252(title) serverguide/C/remote-administration.xml:374(title) serverguide/C/network-config.xml:584(title) serverguide/C/network-config.xml:847(title) serverguide/C/network-auth.xml:2133(title) serverguide/C/network-auth.xml:2675(title) serverguide/C/network-auth.xml:3391(title) serverguide/C/network-auth.xml:3944(title) serverguide/C/installation.xml:867(title) serverguide/C/installation.xml:1153(title) serverguide/C/installation.xml:1361(title) serverguide/C/databases.xml:271(title) serverguide/C/databases.xml:409(title) serverguide/C/backups.xml:864(title)
3299
#: serverguide/C/virtualization.xml:421(title) serverguide/C/virtualization.xml:659(title) serverguide/C/virtualization.xml:730(title) serverguide/C/virtualization.xml:1784(title) serverguide/C/samba.xml:248(title) serverguide/C/samba.xml:347(title) serverguide/C/samba.xml:704(title) serverguide/C/samba.xml:1100(title) serverguide/C/samba.xml:1299(title) serverguide/C/reporting-bugs.xml:252(title) serverguide/C/remote-administration.xml:414(title) serverguide/C/other-apps.xml:151(title) serverguide/C/other-apps.xml:305(title) serverguide/C/other-apps.xml:399(title) serverguide/C/network-config.xml:588(title) serverguide/C/network-config.xml:843(title) serverguide/C/network-auth.xml:2140(title) serverguide/C/network-auth.xml:2674(title) serverguide/C/network-auth.xml:3390(title) serverguide/C/network-auth.xml:3943(title) serverguide/C/network-auth.xml:4179(title) serverguide/C/installation.xml:874(title) serverguide/C/installation.xml:1149(title) serverguide/C/installation.xml:1434(title) serverguide/C/databases.xml:264(title) serverguide/C/databases.xml:419(title) serverguide/C/cgroups.xml:198(title) serverguide/C/backups.xml:870(title)
3291
3300
msgid "Resources"
3292
3301
msgstr "Viri"
3293
3302
3297
3306
"more details."
3298
3307
msgstr ""
3299
3308
3300
#: serverguide/C/virtualization.xml:379(para)
3309
#: serverguide/C/virtualization.xml:430(para)
3301
3310
msgid ""
3302
3311
"For more information on <application>libvirt</application> see the <ulink "
3303
3312
"url=\"http://libvirt.org/\">libvirt home page</ulink>"
3305
3314
"Za več podrobnosti o <application>libvirt</application> si oglejte <ulink "
3306
3315
"url=\"http://libvirt.org/\">domačo stran libvirt</ulink>."
3307
3316
3308
#: serverguide/C/virtualization.xml:384(para)
3317
#: serverguide/C/virtualization.xml:436(para)
3309
3318
msgid ""
3310
"The <ulink url=\"http://virt-manager.et.redhat.com/\">Virtual Machine "
3311
"Manager</ulink> site has more information on <application>virt-"
3312
"manager</application> development."
3319
"The <ulink url=\"http://virt-manager.org/\">Virtual Machine Manager</ulink> "
3320
"site has more information on <application>virt-manager</application> "
3321
"development."
3313
3322
msgstr ""
3314
3323
3315
#: serverguide/C/virtualization.xml:390(para)
3324
#: serverguide/C/virtualization.xml:442(para)
3316
3325
msgid ""
3317
3326
"Also, stop by the <emphasis>#ubuntu-virt</emphasis> IRC channel on <ulink "
3318
3327
"url=\"http://freenode.net/\">freenode</ulink> to discuss virtualization "
3319
3328
"technology in Ubuntu."
3320
3329
msgstr ""
3321
3330
3322
#: serverguide/C/virtualization.xml:396(para)
3331
#: serverguide/C/virtualization.xml:448(para)
3323
3332
msgid ""
3324
3333
"Another good resource is the <ulink "
3325
3334
"url=\"https://help.ubuntu.com/community/KVM\">Ubuntu Wiki KVM</ulink> page."
3326
3335
msgstr ""
3327
3336
3328
#: serverguide/C/virtualization.xml:401(para)
3337
#: serverguide/C/virtualization.xml:454(para)
3329
3338
msgid ""
3330
3339
"For information on Xen, including using Xen with libvirt, please see the "
3331
3340
"<ulink url=\"https://help.ubuntu.com/community/Xen\">Ubuntu Wiki Xen</ulink> "
3336
3345
msgid "Cloud images and uvtool"
3337
3346
msgstr ""
3338
3347
3339
#: serverguide/C/windows-networking.xml:23(title) serverguide/C/virtualization.xml:412(title) serverguide/C/security.xml:352(title) serverguide/C/remote-administration.xml:18(title) serverguide/C/package-management.xml:18(title) serverguide/C/introduction.xml:11(title) serverguide/C/installation.xml:1187(title)
3348
#: serverguide/C/virtualization.xml:467(title) serverguide/C/security.xml:367(title) serverguide/C/samba.xml:23(title) serverguide/C/remote-administration.xml:18(title) serverguide/C/package-management.xml:18(title) serverguide/C/introduction.xml:11(title) serverguide/C/installation.xml:1260(title)
3340
3349
msgid "Introduction"
3341
3350
msgstr "Uvod"
3342
3351
3343
3352
#: serverguide/C/virtualization.xml:469(para)
3344
3353
msgid ""
3345
"With Ubuntu being one of the most used operating systems on most of the "
3346
"cloud platforms, the availability of stable and secure cloud images has "
3347
"become very important. As of 12.04 the utilization of cloud images outside "
3348
"of a cloud infrastructure has been improved. It is now possible to use those "
3354
"With Ubuntu being one of the most used operating systems on many cloud "
3355
"platforms, the availability of stable and secure cloud images has become "
3356
"very important. As of 12.04 the utilization of cloud images outside of a "
3357
"cloud infrastructure has been improved. It is now possible to use those "
3349
3358
"images to create a virtual machine without the need of a complete "
3350
3359
"installation."
3351
3360
msgstr ""
3352
3361
3353
#: serverguide/C/virtualization.xml:478(title)
3362
#: serverguide/C/virtualization.xml:477(title)
3354
3363
msgid "Creating virtual machines using uvtool"
3355
3364
msgstr ""
3356
3365
3357
#: serverguide/C/virtualization.xml:480(para)
3366
#: serverguide/C/virtualization.xml:479(para)
3358
3367
msgid ""
3359
3368
"Starting with 14.04 LTS, a tool called uvtool greatly facilitates the task "
3360
3369
"of generating virtual machines (VM) using the cloud images. "
3362
3371
"synchronize cloud-images locally and use them to create new VMs in minutes."
3363
3372
msgstr ""
3364
3373
3365
#: serverguide/C/virtualization.xml:487(title)
3374
#: serverguide/C/virtualization.xml:486(title)
3366
3375
msgid "Uvtool packages"
3367
3376
msgstr ""
3368
3377
3369
#: serverguide/C/virtualization.xml:489(para)
3378
#: serverguide/C/virtualization.xml:488(para)
3370
3379
msgid ""
3371
"The following packages and their dependancies will be required in order to "
3380
"The following packages and their dependencies will be required in order to "
3372
3381
"use uvtool:"
3373
3382
msgstr ""
3374
3383
3375
#: serverguide/C/virtualization.xml:496(para)
3384
#: serverguide/C/virtualization.xml:495(para)
3376
3385
msgid "uvtool"
3377
3386
msgstr ""
3378
3387
3379
#: serverguide/C/virtualization.xml:500(para)
3388
#: serverguide/C/virtualization.xml:499(para)
3380
3389
msgid "uvtool-libvirt"
3381
3390
msgstr ""
3382
3391
3383
#: serverguide/C/virtualization.xml:505(para)
3384
msgid ""
3385
"Installation of <application>uvtool</application> is done the same as for "
3386
"any other application by using apt-get:"
3392
#: serverguide/C/virtualization.xml:504(para)
3393
msgid "To install <application>uvtool</application>, run:"
3387
3394
msgstr ""
3388
3395
3389
#: serverguide/C/virtualization.xml:507(programlisting)
3396
#: serverguide/C/virtualization.xml:505(programlisting)
3390
3397
#, no-wrap
3391
3398
msgid "$ apt-get -y install uvtool"
3392
3399
msgstr ""
3393
3400
3394
#: serverguide/C/virtualization.xml:509(para)
3401
#: serverguide/C/virtualization.xml:507(para)
3395
3402
msgid "This will install uvtool's main commands:"
3396
3403
msgstr ""
3397
3404
3398
#: serverguide/C/virtualization.xml:511(application)
3405
#: serverguide/C/virtualization.xml:509(application)
3399
3406
msgid "uvt-simplestreams-libvirt"
3400
3407
msgstr ""
3401
3408
3402
#: serverguide/C/virtualization.xml:512(application)
3409
#: serverguide/C/virtualization.xml:510(application)
3403
3410
msgid "uvt-kvm"
3404
3411
msgstr ""
3405
3412
3406
#: serverguide/C/virtualization.xml:517(title)
3413
#: serverguide/C/virtualization.xml:515(title)
3407
3414
msgid ""
3408
3415
"Get the Ubuntu Cloud Image with <application>uvt-simplestreams-"
3409
3416
"libvirt</application>"
3410
3417
msgstr ""
3411
3418
3412
#: serverguide/C/virtualization.xml:519(para)
3419
#: serverguide/C/virtualization.xml:517(para)
3413
3420
msgid ""
3414
3421
"This is one of the major simplifications that "
3415
3422
"<application>uvtool</application> brings. It is aware of where to find the "
3418
3425
"architecture, the uvtool command would be:"
3419
3426
msgstr ""
3420
3427
3421
#: serverguide/C/virtualization.xml:524(programlisting)
3428
#: serverguide/C/virtualization.xml:522(programlisting)
3422
3429
#, no-wrap
3423
3430
msgid "$ uvt-simplestreams-libvirt sync arch=amd64"
3424
3431
msgstr ""
3425
3432
3426
#: serverguide/C/virtualization.xml:526(para)
3433
#: serverguide/C/virtualization.xml:524(para)
3427
3434
msgid ""
3428
3435
"After an amount of time required to download all the images from the "
3429
"internet, you will have a complete set of cloud images stored locally. To "
3436
"Internet, you will have a complete set of cloud images stored locally. To "
3430
3437
"see what has been downloaded use the following command:"
3431
3438
msgstr ""
3432
3439
3433
#: serverguide/C/virtualization.xml:530(programlisting)
3440
#: serverguide/C/virtualization.xml:528(programlisting)
3434
3441
#, no-wrap
3435
3442
msgid ""
3436
3443
"$ uvt-simplestreams-libvirt query\n"
3441
3448
"release=trusty arch=amd64 label=beta1 (20140226.1)\n"
3442
3449
msgstr ""
3443
3450
3444
#: serverguide/C/virtualization.xml:538(para)
3451
#: serverguide/C/virtualization.xml:536(para)
3445
3452
msgid ""
3446
3453
"In the case where you want to synchronize only one specific cloud-image, you "
3447
3454
"need to use the release= and arch= filters to identify which image needs to "
3448
3455
"be synchronized."
3449
3456
msgstr ""
3450
3457
3451
#: serverguide/C/virtualization.xml:541(programlisting)
3458
#: serverguide/C/virtualization.xml:539(programlisting)
3452
3459
#, no-wrap
3453
3460
msgid "$ uvt-simplestreams-libvirt sync release=precise arch=amd64\n"
3454
3461
msgstr ""
3455
3462
3456
#: serverguide/C/virtualization.xml:546(title)
3463
#: serverguide/C/virtualization.xml:544(title)
3457
3464
msgid "Create the VM using uvt-kvm"
3458
3465
msgstr ""
3459
3466
3460
#: serverguide/C/virtualization.xml:548(para)
3467
#: serverguide/C/virtualization.xml:546(para)
3461
3468
msgid ""
3462
"In order to be able to connect to the virtual machine once it has been "
3463
"created, it is necessary to have a valid SSH key available for the ubuntu "
3464
"user. If your environment does not have a ssh key, you can easily create one "
3465
"using the following command:"
3469
"In order to connect to the virtual machine once it has been created, you "
3470
"must have a valid SSH key available for the Ubuntu user. If your environment "
3471
"does not have an SSH key, you can easily create one using the following "
3472
"command:"
3466
3473
msgstr ""
3467
3474
3468
#: serverguide/C/virtualization.xml:552(programlisting)
3475
#: serverguide/C/virtualization.xml:548(programlisting)
3469
3476
#, no-wrap
3470
3477
msgid ""
3471
3478
"\n"
3492
3499
"+-----------------+\n"
3493
3500
msgstr ""
3494
3501
3502
#: serverguide/C/virtualization.xml:571(para)
3503
msgid ""
3504
"To create of a new virtual machine using uvtool, run the following in a "
3505
"terminal:"
3506
msgstr ""
3507
3508
#: serverguide/C/virtualization.xml:573(programlisting)
3509
#, no-wrap
3510
msgid "$ uvt-kvm create firsttest"
3511
msgstr ""
3512
3495
3513
#: serverguide/C/virtualization.xml:575(para)
3496
3514
msgid ""
3497
"The creation of a new virtual machine using uvtool is easy. In its simplest "
3498
"form, you only need to do:"
3499
msgstr ""
3500
3501
#: serverguide/C/virtualization.xml:578(programlisting)
3502
#, no-wrap
3503
msgid "$ uvt-kvm create firsttest"
3504
msgstr ""
3505
3506
#: serverguide/C/virtualization.xml:580(para)
3507
msgid ""
3508
3515
"This will create a VM named <emphasis role=\"bold\">firsttest</emphasis> "
3509
3516
"using the current LTS cloud image available locally. If you want to specify "
3510
3517
"a release to be used to create the VM, you need to use the <emphasis "
3511
"role=\"bold\">release=</emphasis> filter"
3518
"role=\"bold\">release=</emphasis> filter:"
3519
msgstr ""
3520
3521
#: serverguide/C/virtualization.xml:578(programlisting)
3522
#, no-wrap
3523
msgid "$ uvt-kvm create secondtest release=trusty"
3524
msgstr ""
3525
3526
#: serverguide/C/virtualization.xml:580(para)
3527
msgid ""
3528
"<application>uvt-kvm wait</application> can be used to wait until the "
3529
"creation of the VM has completed:"
3512
3530
msgstr ""
3513
3531
3514
3532
#: serverguide/C/virtualization.xml:583(programlisting)
3515
3533
#, no-wrap
3516
msgid "$ uvt-kvm create secondtest release=trusty"
3517
msgstr ""
3518
3519
#: serverguide/C/virtualization.xml:585(para)
3520
msgid ""
3521
"The <application>uvt-kvm wait {name}</application> can be used to wait until "
3522
"the creation of the VM has completed"
3523
msgstr ""
3524
3525
#: serverguide/C/virtualization.xml:588(programlisting)
3526
#, no-wrap
3527
3534
msgid ""
3528
3535
"$ uvt-kvm wait secondttest --insecure\n"
3529
3536
"Warning: secure wait for boot-finished not yet implemented; use --insecure.\n"
3530
3537
msgstr ""
3531
3538
3532
#: serverguide/C/virtualization.xml:593(title)
3539
#: serverguide/C/virtualization.xml:588(title)
3533
3540
msgid "Connect to the running VM"
3534
3541
msgstr ""
3535
3542
3536
#: serverguide/C/virtualization.xml:594(para)
3543
#: serverguide/C/virtualization.xml:589(para)
3537
3544
msgid ""
3538
3545
"Once the virtual machine creation is completed, you can connect to it using "
3539
"ssh:"
3546
"SSH:"
3540
3547
msgstr ""
3541
3548
3542
#: serverguide/C/virtualization.xml:597(programlisting)
3549
#: serverguide/C/virtualization.xml:592(programlisting)
3543
3550
#, no-wrap
3544
3551
msgid "$ uvt-kvm ssh secondtest --insecure"
3545
3552
msgstr ""
3546
3553
3547
#: serverguide/C/virtualization.xml:599(para)
3554
#: serverguide/C/virtualization.xml:594(para)
3548
3555
msgid ""
3549
3556
"For the time being, the <emphasis role=\"bold\">--insecure</emphasis> is "
3550
"required so you should be using this mechanism to connect to your VM only if "
3551
"you completely trust your network infrastructure"
3557
"required, so use this mechanism to connect to your VM only if you completely "
3558
"trust your network infrastructure."
3552
3559
msgstr ""
3553
3560
3554
#: serverguide/C/virtualization.xml:602(para)
3561
#: serverguide/C/virtualization.xml:596(para)
3555
3562
msgid ""
3556
"You can also connect to your VM using a regular ssh session using the IP "
3563
"You can also connect to your VM using a regular SSH session using the IP "
3557
3564
"address of the VM. The address can be queried using the following command:"
3558
3565
msgstr ""
3559
3566
3560
#: serverguide/C/virtualization.xml:605(programlisting)
3567
#: serverguide/C/virtualization.xml:598(programlisting)
3561
3568
#, no-wrap
3562
3569
msgid ""
3563
3570
"\n"
3588
3595
"\n"
3589
3596
msgstr ""
3590
3597
3591
#: serverguide/C/virtualization.xml:631(title)
3598
#: serverguide/C/virtualization.xml:624(title)
3592
3599
msgid "Get the list of running VMs"
3593
3600
msgstr ""
3594
3601
3595
#: serverguide/C/virtualization.xml:632(para)
3596
msgid "You can get the list of VM running on your system with this command:"
3602
#: serverguide/C/virtualization.xml:625(para)
3603
msgid "You can get the list of VMs running on your system with this command:"
3597
3604
msgstr ""
3598
3605
3599
#: serverguide/C/virtualization.xml:634(programlisting)
3606
#: serverguide/C/virtualization.xml:627(programlisting)
3600
3607
#, no-wrap
3601
3608
msgid ""
3602
3609
"$ uvt-kvm list\n"
3603
3610
"secondtest\n"
3604
3611
msgstr ""
3605
3612
3606
#: serverguide/C/virtualization.xml:639(title)
3613
#: serverguide/C/virtualization.xml:632(title)
3607
3614
msgid "Destroy your VM"
3608
3615
msgstr ""
3609
3616
3610
#: serverguide/C/virtualization.xml:640(para)
3611
msgid "Once you are done with your VM, you can proceed to destroy it with:"
3617
#: serverguide/C/virtualization.xml:633(para)
3618
msgid "Once you are done with your VM, you can destroy it with:"
3612
3619
msgstr ""
3613
3620
3614
#: serverguide/C/virtualization.xml:642(programlisting)
3621
#: serverguide/C/virtualization.xml:635(programlisting)
3615
3622
#, no-wrap
3616
3623
msgid "$ uvt-kvm destroy secondtest"
3617
3624
msgstr ""
3618
3625
3619
#: serverguide/C/virtualization.xml:644(title)
3626
#: serverguide/C/virtualization.xml:637(title)
3620
3627
msgid "More uvt-kvm options"
3621
3628
msgstr ""
3622
3629
3623
#: serverguide/C/virtualization.xml:646(para)
3630
#: serverguide/C/virtualization.xml:639(para)
3624
3631
msgid ""
3625
3632
"The following options can be used to change some of the characteristics of "
3626
"the virtual memory that you are creating"
3633
"the VM that you are creating:"
3634
msgstr ""
3635
3636
#: serverguide/C/virtualization.xml:642(para)
3637
msgid "--memory : Amount of RAM in megabytes. Default: 512."
3638
msgstr ""
3639
3640
#: serverguide/C/virtualization.xml:643(para)
3641
msgid "--disk : Size of the OS disk in gigabytes. Default: 8."
3642
msgstr ""
3643
3644
#: serverguide/C/virtualization.xml:644(para)
3645
msgid "--cpu : Number of CPU cores. Default: 1."
3646
msgstr ""
3647
3648
#: serverguide/C/virtualization.xml:647(para)
3649
msgid ""
3650
"Some other parameters will have an impact on the cloud-init configuration:"
3651
msgstr ""
3652
3653
#: serverguide/C/virtualization.xml:649(para)
3654
msgid ""
3655
"--password password : Allow login to the VM using the Ubuntu account and "
3656
"this provided password."
3627
3657
msgstr ""
3628
3658
3629
3659
#: serverguide/C/virtualization.xml:650(para)
3630
msgid "--memory : Amount of RAM in megabytes. Default: 512"
3631
msgstr ""
3632
3633
#: serverguide/C/virtualization.xml:651(para)
3634
msgid "--disk : Size of the OS disk in gigabytes. Default: 8"
3635
msgstr ""
3636
3637
#: serverguide/C/virtualization.xml:652(para)
3638
msgid "--cpu : Number of CPU cores. Default: 1"
3639
msgstr ""
3640
3641
#: serverguide/C/virtualization.xml:655(para)
3642
msgid ""
3643
"Some other parameters will have an impact on the cloud-init configuration"
3644
msgstr ""
3645
3646
#: serverguide/C/virtualization.xml:657(para)
3647
msgid ""
3648
"--password password : Allow login to the VM using the ubuntu account and "
3649
"this provided password"
3650
msgstr ""
3651
3652
#: serverguide/C/virtualization.xml:658(para)
3653
3660
msgid ""
3654
3661
"--run-script-once script_file : Run script_file as root on the VM the first "
3655
3662
"time it is booted, but never again."
3656
3663
msgstr ""
3657
3664
3658
#: serverguide/C/virtualization.xml:659(para)
3665
#: serverguide/C/virtualization.xml:651(para)
3659
3666
msgid ""
3660
3667
"--packages package_list : Install the comma-separated packages specified in "
3661
3668
"package_list on first boot."
3662
3669
msgstr ""
3663
3670
3664
#: serverguide/C/virtualization.xml:662(para)
3671
#: serverguide/C/virtualization.xml:654(para)
3665
3672
msgid ""
3666
3673
"A complete description of all available modifiers is available in the "
3667
"manpage of uvt-kvm"
3674
"manpage of uvt-kvm."
3668
3675
msgstr ""
3669
3676
3670
#: serverguide/C/virtualization.xml:1073(para)
3677
#: serverguide/C/virtualization.xml:661(para)
3671
3678
msgid ""
3672
3679
"If you are interested in learning more, have questions or suggestions, "
3673
3680
"please contact the Ubuntu Server Team at:"
3674
3681
msgstr ""
3675
3682
3676
#: serverguide/C/virtualization.xml:1078(para)
3683
#: serverguide/C/virtualization.xml:666(para)
3677
3684
msgid "IRC: #ubuntu-server on freenode"
3678
3685
msgstr "IRC: #ubuntu-server na freenode-u"
3679
3686
3680
#: serverguide/C/virtualization.xml:1083(para)
3687
#: serverguide/C/virtualization.xml:670(para)
3681
3688
msgid ""
3682
3689
"Mailing list: <ulink url=\"https://lists.ubuntu.com/mailman/listinfo/ubuntu-"
3683
3690
"server\">ubuntu-server at lists.ubuntu.com</ulink>"
3684
3691
msgstr ""
3685
3692
3686
#: serverguide/C/virtualization.xml:2121(title)
3693
#: serverguide/C/virtualization.xml:679(title)
3687
3694
msgid "Ubuntu Cloud"
3688
3695
msgstr ""
3689
3696
3690
#: serverguide/C/virtualization.xml:2122(para)
3697
#: serverguide/C/virtualization.xml:681(para)
3691
3698
msgid ""
3692
3699
"<application>Cloud computing</application> is a computing model that allows "
3693
3700
"vast pools of resources to be allocated on-demand. These resources such as "
3699
3706
"build highly scalable, cloud computing for both public and private clouds."
3700
3707
msgstr ""
3701
3708
3702
#: serverguide/C/virtualization.xml:700(title)
3709
#: serverguide/C/virtualization.xml:692(title)
3703
3710
msgid "Installation and Configuration"
3704
3711
msgstr ""
3705
3712
3706
#: serverguide/C/virtualization.xml:702(para)
3713
#: serverguide/C/virtualization.xml:694(para)
3707
3714
msgid ""
3708
3715
"Due to the current high rate of development of this complex technology we "
3709
3716
"refer the reader to <ulink url=\"http://docs.openstack.org/havana/install-"
3711
3718
"concerning installation and configuration."
3712
3719
msgstr ""
3713
3720
3714
#: serverguide/C/virtualization.xml:2452(title)
3721
#: serverguide/C/virtualization.xml:703(title)
3715
3722
msgid "Support and Troubleshooting"
3716
3723
msgstr ""
3717
3724
3718
#: serverguide/C/virtualization.xml:2453(para)
3725
#: serverguide/C/virtualization.xml:705(para)
3719
3726
msgid "Community Support"
3720
3727
msgstr ""
3721
3728
3722
#: serverguide/C/virtualization.xml:2457(ulink)
3729
#: serverguide/C/virtualization.xml:709(ulink)
3723
3730
msgid "OpenStack Mailing list"
3724
3731
msgstr ""
3725
3732
3726
#: serverguide/C/virtualization.xml:2462(ulink)
3733
#: serverguide/C/virtualization.xml:714(ulink)
3727
3734
msgid "The OpenStack Wiki search"
3728
3735
msgstr ""
3729
3736
3730
#: serverguide/C/virtualization.xml:2468(ulink)
3737
#: serverguide/C/virtualization.xml:719(ulink)
3731
3738
msgid "Launchpad bugs area"
3732
3739
msgstr ""
3733
3740
3734
#: serverguide/C/virtualization.xml:2472(para)
3741
#: serverguide/C/virtualization.xml:724(para)
3735
3742
msgid "Join the IRC channel #openstack on freenode."
3736
3743
msgstr ""
3737
3744
3738
#: serverguide/C/virtualization.xml:2486(ulink)
3745
#: serverguide/C/virtualization.xml:735(ulink)
3739
3746
msgid "Cloud Computing - Service models"
3740
3747
msgstr ""
3741
3748
3742
#: serverguide/C/virtualization.xml:2491(ulink)
3749
#: serverguide/C/virtualization.xml:741(ulink)
3743
3750
msgid "OpenStack Compute"
3744
3751
msgstr ""
3745
3752
3746
#: serverguide/C/virtualization.xml:2496(ulink)
3753
#: serverguide/C/virtualization.xml:747(ulink)
3747
3754
msgid "OpenStack Image Service"
3748
3755
msgstr ""
3749
3756
3750
#: serverguide/C/virtualization.xml:2501(ulink)
3757
#: serverguide/C/virtualization.xml:753(ulink)
3751
3758
msgid "OpenStack Object Storage Administration Guide"
3752
3759
msgstr ""
3753
3760
3754
#: serverguide/C/virtualization.xml:2506(ulink)
3761
#: serverguide/C/virtualization.xml:759(ulink)
3755
3762
msgid "Installing OpenStack Object Storage on Ubuntu"
3756
3763
msgstr ""
3757
3764
3758
#: serverguide/C/virtualization.xml:2511(ulink)
3765
#: serverguide/C/virtualization.xml:765(ulink)
3759
3766
msgid "http://cloudglossary.com/"
3760
3767
msgstr ""
3761
3768
3762
#: serverguide/C/virtualization.xml:2586(title)
3769
#: serverguide/C/virtualization.xml:775(title)
3763
3770
msgid "LXC"
3764
3771
msgstr ""
3765
3772
3766
#: serverguide/C/virtualization.xml:785(para)
3773
#: serverguide/C/virtualization.xml:777(para)
3767
3774
msgid ""
3768
3775
"Containers are a lightweight virtualization technology. They are more akin "
3769
3776
"to an enhanced chroot than to full virtualization like Qemu or VMware, both "
3775
3782
"and OpenVZ functionality."
3776
3783
msgstr ""
3777
3784
3778
#: serverguide/C/virtualization.xml:2602(para)
3785
#: serverguide/C/virtualization.xml:787(para)
3779
3786
msgid ""
3780
3787
"There are two user-space implementations of containers, each exploiting the "
3781
3788
"same kernel features. Libvirt allows the use of containers through the LXC "
3786
3793
"there are peculiarities which can cause confusion."
3787
3794
msgstr ""
3788
3795
3789
#: serverguide/C/virtualization.xml:804(para)
3796
#: serverguide/C/virtualization.xml:796(para)
3790
3797
msgid ""
3791
3798
"In this document we will mainly describe the <application>lxc</application> "
3792
3799
"package. Use of libvirt-lxc is not generally recommended due to a lack of "
3793
3800
"Apparmor protection for libvirt-lxc containers."
3794
3801
msgstr ""
3795
3802
3796
#: serverguide/C/virtualization.xml:2618(para)
3803
#: serverguide/C/virtualization.xml:801(para)
3797
3804
msgid "In this document, a container name will be shown as CN, C1, or C2."
3798
3805
msgstr ""
3799
3806
3800
#: serverguide/C/virtualization.xml:2624(para)
3807
#: serverguide/C/virtualization.xml:807(para)
3801
3808
msgid "The <application>lxc</application> package can be installed using"
3802
3809
msgstr ""
3803
3810
3804
#: serverguide/C/virtualization.xml:2629(command)
3811
#: serverguide/C/virtualization.xml:811(command)
3805
3812
msgid "sudo apt-get install lxc"
3806
3813
msgstr ""
3807
3814
3808
#: serverguide/C/virtualization.xml:824(para)
3815
#: serverguide/C/virtualization.xml:816(para)
3809
3816
msgid ""
3810
3817
"This will pull in the required and recommended dependencies, as well as set "
3811
3818
"up a network bridge for containers to use. If you wish to use unprivileged "
3814
3821
"containers to a bridge (see <xref linkend=\"lxc-unpriv\"/>)."
3815
3822
msgstr ""
3816
3823
3817
#: serverguide/C/virtualization.xml:834(title) serverguide/C/vcs.xml:104(title)
3824
#: serverguide/C/virtualization.xml:826(title) serverguide/C/vcs.xml:111(title)
3818
3825
msgid "Basic usage"
3819
3826
msgstr ""
3820
3827
3821
#: serverguide/C/virtualization.xml:835(para)
3828
#: serverguide/C/virtualization.xml:827(para)
3822
3829
msgid ""
3823
3830
"LXC can be used in two distinct ways - privileged, by running the lxc "
3824
3831
"commands as the root user; or unprivileged, by running the lxc commands as a "
3829
3836
"in the container is mapped to a non-root userid on the host."
3830
3837
msgstr ""
3831
3838
3832
#: serverguide/C/virtualization.xml:847(title)
3839
#: serverguide/C/virtualization.xml:839(title)
3833
3840
msgid "Basic privileged usage"
3834
3841
msgstr ""
3835
3842
3836
#: serverguide/C/virtualization.xml:848(para)
3837
msgid "To create a privileged container, you can simply to"
3843
#: serverguide/C/virtualization.xml:840(para)
3844
msgid "To create a privileged container, you can simply do:"
3838
3845
msgstr ""
3839
3846
3840
#: serverguide/C/virtualization.xml:852(command)
3847
#: serverguide/C/virtualization.xml:844(command)
3841
3848
msgid "sudo lxc-create --template download --name u1"
3842
3849
msgstr ""
3843
3850
3844
#: serverguide/C/virtualization.xml:856(command)
3851
#: serverguide/C/virtualization.xml:848(command)
3845
3852
msgid "sudo lxc-create -t download -n u1"
3846
3853
msgstr ""
3847
3854
3848
#: serverguide/C/virtualization.xml:851(screen)
3855
#: serverguide/C/virtualization.xml:843(screen)
3849
3856
#, no-wrap
3850
3857
msgid ""
3851
3858
"\n"
3854
3861
"<placeholder-2/>\n"
3855
3862
msgstr ""
3856
3863
3857
#: serverguide/C/virtualization.xml:860(para)
3864
#: serverguide/C/virtualization.xml:852(para)
3858
3865
msgid ""
3859
3866
"This will interactively ask for a container root filesystem type to download "
3860
3867
"- in particular the distribution, release, and architecture. To create the "
3862
3869
"line:"
3863
3870
msgstr ""
3864
3871
3865
#: serverguide/C/virtualization.xml:867(command)
3872
#: serverguide/C/virtualization.xml:859(command)
3866
3873
msgid ""
3867
3874
"sudo lxc-create -t download -n u1 -- --dist ubuntu --release trusty --arch "
3868
3875
"amd64"
3869
3876
msgstr ""
3870
3877
3871
#: serverguide/C/virtualization.xml:871(command)
3878
#: serverguide/C/virtualization.xml:863(command)
3872
3879
msgid "sudo lxc-create -t download -n u1 -- -d ubuntu -r trusty -a amd64"
3873
3880
msgstr ""
3874
3881
3875
#: serverguide/C/virtualization.xml:866(screen)
3882
#: serverguide/C/virtualization.xml:858(screen)
3876
3883
#, no-wrap
3877
3884
msgid ""
3878
3885
"\n"
3881
3888
"<placeholder-2/>\n"
3882
3889
msgstr ""
3883
3890
3884
#: serverguide/C/virtualization.xml:876(para)
3891
#: serverguide/C/virtualization.xml:868(para)
3885
3892
msgid ""
3886
3893
"You can now use <command>lxc-ls</command> to list containers, <command>lxc-"
3887
3894
"info</command> to obtain detailed container information, <command>lxc-"
3893
3900
"look like:"
3894
3901
msgstr ""
3895
3902
3896
#: serverguide/C/virtualization.xml:887(command)
3903
#: serverguide/C/virtualization.xml:879(command)
3897
3904
msgid ""
3898
3905
"sudo lxc-ls --fancy sudo lxc-start --name u1 --daemon sudo lxc-info --name "
3899
3906
"u1 sudo lxc-stop --name u1 sudo lxc-destroy --name u1"
3900
3907
msgstr ""
3901
3908
3902
#: serverguide/C/virtualization.xml:899(title)
3909
#: serverguide/C/virtualization.xml:891(title)
3903
3910
msgid "User namespaces"
3904
3911
msgstr ""
3905
3912
3906
#: serverguide/C/virtualization.xml:900(para)
3913
#: serverguide/C/virtualization.xml:892(para)
3907
3914
msgid ""
3908
3915
"Unprivileged containers allow users to create and administer containers "
3909
3916
"without having any root privilege. The feature underpinning this is called "
3920
3927
"convention started at id 100000 to avoid conflicting with system users."
3921
3928
msgstr ""
3922
3929
3923
#: serverguide/C/virtualization.xml:918(para)
3930
#: serverguide/C/virtualization.xml:910(para)
3924
3931
msgid ""
3925
3932
"If a user was created on an earlier release, it can be granted a range of "
3926
3933
"ids using <command>usermod</command>, as follows:"
3927
3934
msgstr ""
3928
3935
3929
#: serverguide/C/virtualization.xml:923(command)
3936
#: serverguide/C/virtualization.xml:915(command)
3930
3937
msgid "sudo usermod -v 100000-200000 -w 100000-200000 user1"
3931
3938
msgstr ""
3932
3939
3933
#: serverguide/C/virtualization.xml:928(para)
3940
#: serverguide/C/virtualization.xml:920(para)
3934
3941
msgid ""
3935
3942
"The programs <command>newuidmap</command> and <command> newgidmap</command> "
3936
3943
"are setuid-root programs in the <filename>uidmap</filename> package, which "
3939
3946
"authorized by the host configuration."
3940
3947
msgstr ""
3941
3948
3942
#: serverguide/C/virtualization.xml:939(title)
3949
#: serverguide/C/virtualization.xml:931(title)
3943
3950
msgid "Basic unprivileged usage"
3944
3951
msgstr ""
3945
3952
3946
#: serverguide/C/virtualization.xml:943(para)
3953
#: serverguide/C/virtualization.xml:935(para)
3947
3954
msgid ""
3948
3955
"To create unprivileged containers, a few first steps are needed. You will "
3949
3956
"need to create a default container configuration file, specifying your "
3952
3959
"assumes that your mapped user and group id ranges are 100000-165536."
3953
3960
msgstr ""
3954
3961
3955
#: serverguide/C/virtualization.xml:952(command)
3962
#: serverguide/C/virtualization.xml:944(command)
3956
3963
msgid ""
3957
3964
"mkdir -p ~/.config/lxc echo \"lxc.id_map = u 0 100000 65536\" > "
3958
3965
"~/.config/lxc/default.conf echo \"lxc.id_map = g 0 100000 65536\" >> "
3962
3969
"/etc/lxc/lxc-usernet"
3963
3970
msgstr ""
3964
3971
3965
#: serverguide/C/virtualization.xml:962(para)
3972
#: serverguide/C/virtualization.xml:954(para)
3966
3973
msgid ""
3967
3974
"After this, you can create unprivileged containers the same way as "
3968
3975
"privileged ones, simply without using sudo."
3969
3976
msgstr ""
3970
3977
3971
#: serverguide/C/virtualization.xml:967(command)
3978
#: serverguide/C/virtualization.xml:959(command)
3972
3979
msgid ""
3973
3980
"lxc-create -t download -n u1 -- -d ubuntu -r trusty -a amd64 lxc-start -n u1 "
3974
3981
"-d lxc-attach -n u1 lxc-stop -n u1 lxc-destroy -n u1"
3975
3982
msgstr ""
3976
3983
3977
#: serverguide/C/virtualization.xml:978(title)
3984
#: serverguide/C/virtualization.xml:970(title)
3978
3985
msgid "Nesting"
3979
3986
msgstr ""
3980
3987
3981
#: serverguide/C/virtualization.xml:979(para)
3988
#: serverguide/C/virtualization.xml:971(para)
3982
3989
msgid ""
3983
3990
"In order to run containers inside containers - referred to as nested "
3984
3991
"containers - two lines must be present in the parent container configuration "
3995
4002
"information."
3996
4003
msgstr ""
3997
4004
3998
#: serverguide/C/virtualization.xml:1001(title)
4005
#: serverguide/C/virtualization.xml:993(title)
3999
4006
msgid "Global configuration"
4000
4007
msgstr ""
4001
4008
4002
#: serverguide/C/virtualization.xml:1008(para)
4009
#: serverguide/C/virtualization.xml:1000(para)
4003
4010
msgid ""
4004
4011
"<filename>lxc.conf</filename> may optionally specify alternate values for "
4005
4012
"several lxc settings, including the lxcpath, the default configuration, "
4007
4014
"lvm and zfs."
4008
4015
msgstr ""
4009
4016
4010
#: serverguide/C/virtualization.xml:1015(para)
4017
#: serverguide/C/virtualization.xml:1007(para)
4011
4018
msgid ""
4012
4019
"<filename>default.conf</filename> specifies configuration which every newly "
4013
4020
"created container should contain. This usually contains at least a network "
4014
4021
"section, and, for unprivileged users, an id mapping section"
4015
4022
msgstr ""
4016
4023
4017
#: serverguide/C/virtualization.xml:1022(para)
4024
#: serverguide/C/virtualization.xml:1014(para)
4018
4025
msgid ""
4019
4026
"<filename>lxc-usernet.conf</filename> specifies how unprivileged users may "
4020
4027
"connect their containers to the host-owned network."
4021
4028
msgstr ""
4022
4029
4023
#: serverguide/C/virtualization.xml:1002(para)
4030
#: serverguide/C/virtualization.xml:994(para)
4024
4031
msgid ""
4025
4032
"The following configuration files are consulted by LXC. For privileged use, "
4026
4033
"they are found under <filename>/etc/lxc</filename>, while for unprivileged "
4027
4034
"use they are under <filename>~/.config/lxc</filename>. <placeholder-1/>"
4028
4035
msgstr ""
4029
4036
4030
#: serverguide/C/virtualization.xml:1028(para)
4037
#: serverguide/C/virtualization.xml:1020(para)
4031
4038
msgid ""
4032
"<filename>lxc.conf</filename> and <filename>default.conf</filename> are "
4033
"exist both under <filename>/etc/lxc</filename> and "
4039
"<filename>lxc.conf</filename> and <filename>default.conf</filename> are both "
4040
"under <filename>/etc/lxc</filename> and "
4034
4041
"<filename>$HOME/.config/lxc</filename>, while <filename>lxc-"
4035
4042
"usernet.conf</filename> is only host-wide."
4036
4043
msgstr ""
4037
4044
4038
#: serverguide/C/virtualization.xml:1033(para)
4045
#: serverguide/C/virtualization.xml:1025(para)
4039
4046
msgid ""
4040
4047
"By default, containers are located under /var/lib/lxc for the root user, and "
4041
4048
"$HOME/.local/share/lxc otherwise. The location can be specified for all lxc "
4042
4049
"commands using the \"-P|--lxcpath\" argument."
4043
4050
msgstr ""
4044
4051
4045
#: serverguide/C/virtualization.xml:1210(para) serverguide/C/virtualization.xml:1272(para) serverguide/C/network-config.xml:11(title)
4052
#: serverguide/C/virtualization.xml:1034(title) serverguide/C/network-config.xml:11(title)
4046
4053
msgid "Networking"
4047
4054
msgstr ""
4048
4055
4049
#: serverguide/C/virtualization.xml:1043(para)
4056
#: serverguide/C/virtualization.xml:1035(para)
4050
4057
msgid ""
4051
4058
"By default LXC creates a private network namespace for each container, which "
4052
4059
"includes a layer 2 networking stack. Containers usually connect to the "
4058
4065
"container is not usable on the host."
4059
4066
msgstr ""
4060
4067
4061
#: serverguide/C/virtualization.xml:1051(para)
4068
#: serverguide/C/virtualization.xml:1043(para)
4062
4069
msgid ""
4063
4070
"It is possible to create a container without a private network namespace. In "
4064
4071
"this case, the container will have access to the host networking like any "
4068
4075
"Unix domain socket to the host's upstart, and shut down the host."
4069
4076
msgstr ""
4070
4077
4071
#: serverguide/C/virtualization.xml:1057(para)
4078
#: serverguide/C/virtualization.xml:1049(para)
4072
4079
msgid ""
4073
4080
"To give containers on lxcbr0 a persistent ip address based on domain name, "
4074
4081
"you can write entries to <filename>/etc/lxc/dnsmasq.conf</filename> like: "
4078
4085
"</screen>"
4079
4086
msgstr ""
4080
4087
4081
#: serverguide/C/virtualization.xml:1065(para)
4088
#: serverguide/C/virtualization.xml:1057(para)
4082
4089
msgid ""
4083
4090
"If it is desirable for the container to be publicly accessible, there are a "
4084
4091
"few ways to go about it. One is to use <command>iptables</command> to "
4097
4104
"are preferred and more commonly used."
4098
4105
msgstr ""
4099
4106
4100
#: serverguide/C/virtualization.xml:1086(para)
4107
#: serverguide/C/virtualization.xml:1078(para)
4101
4108
msgid ""
4102
4109
"There are several ways to determine the ip address for a container. First, "
4103
4110
"you can use <command>lxc-ls --fancy</command> which will print the ip "
4113
4120
"</screen>"
4114
4121
msgstr ""
4115
4122
4116
#: serverguide/C/virtualization.xml:1101(para)
4123
#: serverguide/C/virtualization.xml:1093(para)
4117
4124
msgid ""
4118
4125
"For more information, see the lxc.conf manpage as well as the example "
4119
4126
"network configurations under "
4120
4127
"<filename>/usr/share/doc/lxc/examples/</filename>."
4121
4128
msgstr ""
4122
4129
4123
#: serverguide/C/virtualization.xml:1107(title)
4130
#: serverguide/C/virtualization.xml:1099(title)
4124
4131
msgid "LXC startup"
4125
4132
msgstr ""
4126
4133
4127
#: serverguide/C/virtualization.xml:1109(para)
4134
#: serverguide/C/virtualization.xml:1101(para)
4128
4135
msgid ""
4129
4136
"LXC does not have a long-running daemon. However it does have three upstart "
4130
4137
"jobs."
4131
4138
msgstr ""
4132
4139
4133
#: serverguide/C/virtualization.xml:1115(para)
4140
#: serverguide/C/virtualization.xml:1107(para)
4134
4141
msgid ""
4135
4142
"<filename>/etc/init/lxc-net.conf:</filename> is an optional job which only "
4136
4143
"runs if <filename> /etc/default/lxc-net</filename> specifies USE_LXC_BRIDGE "
4137
4144
"(true by default). It sets up a NATed bridge for containers to use."
4138
4145
msgstr ""
4139
4146
4140
#: serverguide/C/virtualization.xml:1123(para)
4147
#: serverguide/C/virtualization.xml:1115(para)
4141
4148
msgid ""
4142
4149
"<filename>/etc/init/lxc.conf</filename> loads the lxc apparmor profiles and "
4143
4150
"optionally starts any autostart containers. The autostart containers will be "
4146
4153
"more information on autostarted containers."
4147
4154
msgstr ""
4148
4155
4149
#: serverguide/C/virtualization.xml:1133(para)
4156
#: serverguide/C/virtualization.xml:1125(para)
4150
4157
msgid ""
4151
"<filename>/etc/init/lxc-instance.conf:</filename> is used by "
4158
"<filename>/etc/init/lxc-instance.conf</filename> is used by "
4152
4159
"<filename>/etc/init/lxc.conf</filename> to autostart a container."
4153
4160
msgstr ""
4154
4161
4155
#: serverguide/C/virtualization.xml:3232(title)
4162
#: serverguide/C/virtualization.xml:1134(title)
4156
4163
msgid "Backing Stores"
4157
4164
msgstr ""
4158
4165
4159
#: serverguide/C/virtualization.xml:1143(para)
4166
#: serverguide/C/virtualization.xml:1135(para)
4160
4167
msgid ""
4161
4168
"LXC supports several backing stores for container root filesystems. The "
4162
4169
"default is a simple directory backing store, because it requires no prior "
4171
4178
"<filename>$lxcpath/C1/rootfs</filename>."
4172
4179
msgstr ""
4173
4180
4174
#: serverguide/C/virtualization.xml:1157(para)
4181
#: serverguide/C/virtualization.xml:1149(para)
4175
4182
msgid ""
4176
4183
"A snapshot clone C2 of a directory backed container C1 becomes an overlayfs "
4177
4184
"backed container, with a rootfs called "
4179
4186
" Other backing store types include loop, btrfs, LVM and zfs."
4180
4187
msgstr ""
4181
4188
4182
#: serverguide/C/virtualization.xml:1165(para)
4189
#: serverguide/C/virtualization.xml:1157(para)
4183
4190
msgid ""
4184
4191
"A btrfs backed container mostly looks like a directory backed container, "
4185
4192
"with its root filesystem in the same location. However, the root filesystem "
4187
4194
"snapshot."
4188
4195
msgstr ""
4189
4196
4190
#: serverguide/C/virtualization.xml:1172(para)
4197
#: serverguide/C/virtualization.xml:1164(para)
4191
4198
msgid ""
4192
4199
"The root filesystem for an LVM backed container can be any separate LV. The "
4193
4200
"default VG name can be specified in lxc.conf. The filesystem type and size "
4194
4201
"are configurable per-container using lxc-create."
4195
4202
msgstr ""
4196
4203
4197
#: serverguide/C/virtualization.xml:1178(para)
4204
#: serverguide/C/virtualization.xml:1170(para)
4198
4205
msgid ""
4199
4206
"The rootfs for a zfs backed container is a separate zfs filesystem, mounted "
4200
4207
"under the traditional <filename>/var/lib/lxc/C1/rootfs</filename> location. "
4202
4209
"in lxc.system.conf."
4203
4210
msgstr ""
4204
4211
4205
#: serverguide/C/virtualization.xml:1185(para)
4212
#: serverguide/C/virtualization.xml:1177(para)
4206
4213
msgid ""
4207
4214
"More information on creating containers with the various backing stores can "
4208
4215
"be found in the lxc-create manual page."
4209
4216
msgstr ""
4210
4217
4211
#: serverguide/C/virtualization.xml:1192(title)
4218
#: serverguide/C/virtualization.xml:1184(title)
4212
4219
msgid "Templates"
4213
4220
msgstr ""
4214
4221
4215
#: serverguide/C/virtualization.xml:1193(para)
4222
#: serverguide/C/virtualization.xml:1185(para)
4216
4223
msgid ""
4217
4224
"Creating a container generally involves creating a root filesystem for the "
4218
4225
"container. <command>lxc-create</command> delegates this work to "
4223
4230
"others."
4224
4231
msgstr ""
4225
4232
4226
#: serverguide/C/virtualization.xml:1202(para)
4233
#: serverguide/C/virtualization.xml:1194(para)
4227
4234
msgid ""
4228
4235
"Creating distribution images in most cases requires the ability to create "
4229
4236
"device nodes, often requires tools which are not available in other "
4234
4241
"could not for instance easily run the <command>debootstrap</command> command."
4235
4242
msgstr ""
4236
4243
4237
#: serverguide/C/virtualization.xml:1212(para)
4244
#: serverguide/C/virtualization.xml:1204(para)
4238
4245
msgid ""
4239
4246
"When running <command>lxc-create</command>, all options which come after "
4240
4247
"<emphasis>--</emphasis> are passed to the template. In the following "
4247
4254
"</screen>"
4248
4255
msgstr ""
4249
4256
4250
#: serverguide/C/virtualization.xml:1224(para)
4257
#: serverguide/C/virtualization.xml:1216(para)
4251
4258
msgid ""
4252
4259
"You can obtain help for the options supported by any particular container by "
4253
4260
"passing <emphasis>--help</emphasis> and the template name to <command>lxc-"
4254
4261
"create</command>. For instance, for help with the download template,"
4255
4262
msgstr ""
4256
4263
4257
#: serverguide/C/virtualization.xml:1231(command)
4264
#: serverguide/C/virtualization.xml:1223(command)
4258
4265
msgid "lxc-create --template download --help"
4259
4266
msgstr ""
4260
4267
4261
#: serverguide/C/virtualization.xml:1237(title)
4268
#: serverguide/C/virtualization.xml:1229(title)
4262
4269
msgid "Autostart"
4263
4270
msgstr ""
4264
4271
4265
#: serverguide/C/virtualization.xml:1238(para)
4272
#: serverguide/C/virtualization.xml:1230(para)
4266
4273
msgid ""
4267
4274
"LXC supports marking containers to be started at system boot. Prior to "
4268
4275
"Ubuntu 14.04, this was done using symbolic links under the directory "
4279
4286
"lxc.container.conf for more information."
4280
4287
msgstr ""
4281
4288
4282
#: serverguide/C/virtualization.xml:2859(title)
4289
#: serverguide/C/virtualization.xml:1248(title)
4283
4290
msgid "Apparmor"
4284
4291
msgstr ""
4285
4292
4286
#: serverguide/C/virtualization.xml:1258(para)
4293
#: serverguide/C/virtualization.xml:1250(para)
4287
4294
msgid ""
4288
4295
"LXC ships with a default Apparmor profile intended to protect the host from "
4289
4296
"accidental misuses of privilege inside the container. For instance, the "
4291
4298
"trigger</filename> or to most <filename>/sys</filename> files."
4292
4299
msgstr ""
4293
4300
4294
#: serverguide/C/virtualization.xml:2867(para)
4301
#: serverguide/C/virtualization.xml:1256(para)
4295
4302
msgid ""
4296
4303
"The <filename>usr.bin.lxc-start</filename> profile is entered by running "
4297
4304
"<command>lxc-start</command>. This profile mainly prevents <command>lxc-"
4304
4311
"dangerous paths, and from mounting most filesystems."
4305
4312
msgstr ""
4306
4313
4307
#: serverguide/C/virtualization.xml:1275(para)
4314
#: serverguide/C/virtualization.xml:1267(para)
4308
4315
msgid ""
4309
4316
"Programs in a container cannot be further confined - for instance, MySQL "
4310
4317
"runs under the container profile (protecting the host) but will not be able "
4311
4318
"to enter the MySQL profile (to protect the container)."
4312
4319
msgstr ""
4313
4320
4314
#: serverguide/C/virtualization.xml:2926(para)
4321
#: serverguide/C/virtualization.xml:1272(para)
4315
4322
msgid ""
4316
4323
"<command>lxc-execute</command> does not enter an Apparmor profile, but the "
4317
4324
"container it spawns will be confined."
4318
4325
msgstr ""
4319
4326
4320
#: serverguide/C/virtualization.xml:1283(title)
4327
#: serverguide/C/virtualization.xml:1275(title)
4321
4328
msgid "Customizing container policies"
4322
4329
msgstr ""
4323
4330
4324
#: serverguide/C/virtualization.xml:2879(para)
4331
#: serverguide/C/virtualization.xml:1276(para)
4325
4332
msgid ""
4326
4333
"If you find that <command>lxc-start</command> is failing due to a legitimate "
4327
4334
"access which is being denied by its Apparmor policy, you can disable the lxc-"
4328
4335
"start profile by doing:"
4329
4336
msgstr ""
4330
4337
4331
#: serverguide/C/virtualization.xml:2885(screen)
4338
#: serverguide/C/virtualization.xml:1280(screen)
4332
4339
#, no-wrap
4333
4340
msgid ""
4334
4341
"\n"
4336
4343
"sudo ln -s /etc/apparmor.d/usr.bin.lxc-start /etc/apparmor.d/disabled/\n"
4337
4344
msgstr ""
4338
4345
4339
#: serverguide/C/virtualization.xml:2890(para)
4346
#: serverguide/C/virtualization.xml:1285(para)
4340
4347
msgid ""
4341
4348
"This will make <command>lxc-start</command> run unconfined, but continue to "
4342
4349
"confine the container itself. If you also wish to disable confinement of the "
4344
4351
"start</filename> profile, you must add:"
4345
4352
msgstr ""
4346
4353
4347
#: serverguide/C/virtualization.xml:2897(screen)
4354
#: serverguide/C/virtualization.xml:1290(screen)
4348
4355
#, no-wrap
4349
4356
msgid ""
4350
4357
"\n"
4351
4358
"lxc.aa_profile = unconfined\n"
4352
4359
msgstr ""
4353
4360
4354
#: serverguide/C/virtualization.xml:1302(para)
4361
#: serverguide/C/virtualization.xml:1294(para)
4355
4362
msgid "to the container's configuration file."
4356
4363
msgstr ""
4357
4364
4358
#: serverguide/C/virtualization.xml:1304(para)
4365
#: serverguide/C/virtualization.xml:1296(para)
4359
4366
msgid ""
4360
4367
"LXC ships with a few alternate policies for containers. If you wish to run "
4361
4368
"containers inside containers (nesting), then you can use the lxc-container-"
4364
4371
"lxc.aa_profile = lxc-container-default-with-nesting\n"
4365
4372
"\t</screen> If you wish to use libvirt inside containers, then you will need "
4366
4373
"to edit that policy (which is defined in <filename>/etc/apparmor.d/lxc/lxc-"
4367
"default-with-nesting</filename>) to uncomment the following line <screen>\n"
4374
"default-with-nesting</filename>) by uncommenting the following line: "
4375
"<screen>\n"
4368
4376
"mount fstype=cgroup -> /sys/fs/cgroup/**,\n"
4369
4377
"\t</screen> and re-load the policy."
4370
4378
msgstr ""
4371
4379
4372
#: serverguide/C/virtualization.xml:1321(para)
4380
#: serverguide/C/virtualization.xml:1313(para)
4373
4381
msgid ""
4374
4382
"Note that the nesting policy with privileged containers is far less safe "
4375
4383
"than the default policy, as it allows containers to re-mount "
4379
4387
"<filename>proc</filename> and <filename>sys</filename> files."
4380
4388
msgstr ""
4381
4389
4382
#: serverguide/C/virtualization.xml:1329(para)
4390
#: serverguide/C/virtualization.xml:1321(para)
4383
4391
msgid ""
4384
4392
"Another profile shipped with lxc allows containers to mount block filesystem "
4385
4393
"types like ext4. This can be useful in some cases like maas provisioning, "
4387
4395
"have not been audited for safe handling of untrusted input."
4388
4396
msgstr ""
4389
4397
4390
#: serverguide/C/virtualization.xml:1335(para)
4398
#: serverguide/C/virtualization.xml:1327(para)
4391
4399
msgid ""
4392
4400
"If you need to run a container in a custom profile, you can create a new "
4393
4401
"profile under <filename>/etc/apparmor.d/lxc/</filename>. Its name must start "
4399
4407
"permissions at the bottom of your policy."
4400
4408
msgstr ""
4401
4409
4402
#: serverguide/C/virtualization.xml:1346(para)
4410
#: serverguide/C/virtualization.xml:1338(para)
4403
4411
msgid "After creating the policy, load it using:"
4404
4412
msgstr ""
4405
4413
4406
#: serverguide/C/virtualization.xml:2910(screen)
4414
#: serverguide/C/virtualization.xml:1340(screen)
4407
4415
#, no-wrap
4408
4416
msgid ""
4409
4417
"\n"
4410
4418
"sudo apparmor_parser -r /etc/apparmor.d/lxc-containers\n"
4411
4419
msgstr ""
4412
4420
4413
#: serverguide/C/virtualization.xml:2914(para)
4421
#: serverguide/C/virtualization.xml:1344(para)
4414
4422
msgid ""
4415
4423
"The profile will automatically be loaded after a reboot, because it is "
4416
4424
"sourced by the file <filename>/etc/apparmor.d/lxc-containers</filename>. "
4419
4427
"configuration file:"
4420
4428
msgstr ""
4421
4429
4422
#: serverguide/C/virtualization.xml:2922(screen)
4430
#: serverguide/C/virtualization.xml:1351(screen)
4423
4431
#, no-wrap
4424
4432
msgid ""
4425
4433
"\n"
4426
4434
"lxc.aa_profile = lxc-CN-profile\n"
4427
4435
msgstr ""
4428
4436
4429
#: serverguide/C/virtualization.xml:2934(title)
4437
#: serverguide/C/virtualization.xml:1359(title) serverguide/C/cgroups.xml:11(title)
4430
4438
msgid "Control Groups"
4431
4439
msgstr ""
4432
4440
4433
#: serverguide/C/virtualization.xml:1369(para)
4441
#: serverguide/C/virtualization.xml:1361(para)
4434
4442
msgid ""
4435
4443
"Control groups (cgroups) are a kernel feature providing hierarchical task "
4436
4444
"grouping and per-cgroup resource accounting and limits. They are used in "
4439
4447
"i/o, guarantee minimum cpu shares, and to lock containers to specific cpus."
4440
4448
msgstr ""
4441
4449
4442
#: serverguide/C/virtualization.xml:1377(para)
4450
#: serverguide/C/virtualization.xml:1369(para)
4443
4451
msgid ""
4444
"By default, a privileged container CN will be assigned a cgroup called "
4452
"By default, a privileged container CN will be assigned to a cgroup called "
4445
4453
"<filename>/lxc/CN</filename>. In the case of name conflicts (which can occur "
4446
4454
"when using custom lxcpaths) a suffix \"-n\", where n is an integer starting "
4447
4455
"at 0, will be appended to the cgroup name."
4448
4456
msgstr ""
4449
4457
4450
#: serverguide/C/virtualization.xml:1383(para)
4458
#: serverguide/C/virtualization.xml:1375(para)
4451
4459
msgid ""
4452
"By default, a privileged container CN will be assigned a cgroup called "
4460
"By default, a privileged container CN will be assigned to a cgroup called "
4453
4461
"<filename>CN</filename> under the cgroup of the task which started the "
4454
4462
"container, for instance <filename>/usr/1000.user/1.session/CN</filename>. "
4455
4463
"The container root will be given group ownership of the directory (but not "
4456
4464
"all files) so that it is allowed to create new child cgroups."
4457
4465
msgstr ""
4458
4466
4459
#: serverguide/C/virtualization.xml:1390(para)
4467
#: serverguide/C/virtualization.xml:1382(para)
4460
4468
msgid ""
4461
4469
"As of Ubuntu 14.04, LXC uses the cgroup manager (cgmanager) to administer "
4462
4470
"cgroups. The cgroup manager receives D-Bus requests over the Unix socket "
4463
"<filename>/sys/fs/cgroup/cgmanager/sock</filename>. To fascilitate safe "
4471
"<filename>/sys/fs/cgroup/cgmanager/sock</filename>. To facilitate safe "
4464
4472
"nested containers, the line <screen>\n"
4465
4473
"<command>\n"
4466
4474
"lxc.mount.auto = cgroup\n"
4477
4485
"requests for which they are not authorized."
4478
4486
msgstr ""
4479
4487
4480
#: serverguide/C/virtualization.xml:3262(title)
4488
#: serverguide/C/virtualization.xml:1406(title)
4481
4489
msgid "Cloning"
4482
4490
msgstr ""
4483
4491
4484
#: serverguide/C/virtualization.xml:1416(para)
4492
#: serverguide/C/virtualization.xml:1408(para)
4485
4493
msgid ""
4486
4494
"For rapid provisioning, you may wish to customize a canonical container "
4487
4495
"according to your needs and then make multiple copies of it. This can be "
4488
4496
"done with the <command>lxc-clone</command> program."
4489
4497
msgstr ""
4490
4498
4491
#: serverguide/C/virtualization.xml:1420(para)
4499
#: serverguide/C/virtualization.xml:1412(para)
4492
4500
msgid ""
4493
4501
"Clones are either snapshots or copies of another container. A copy is a new "
4494
4502
"container copied from the original, and takes as much space on the host as "
4504
4512
"and apt-get to be slower."
4505
4513
msgstr ""
4506
4514
4507
#: serverguide/C/virtualization.xml:1434(para)
4515
#: serverguide/C/virtualization.xml:1426(para)
4508
4516
msgid ""
4509
4517
"Snapshots of directory-packed containers are created using the overlay "
4510
4518
"filesystem. For instance, a privileged directory-backed container C1 will "
4516
4524
"container, and to only use its snapshots."
4517
4525
msgstr ""
4518
4526
4519
#: serverguide/C/virtualization.xml:1446(para)
4527
#: serverguide/C/virtualization.xml:1438(para)
4520
4528
msgid "Given an existing container called C1, a copy can be created using:"
4521
4529
msgstr ""
4522
4530
4523
#: serverguide/C/virtualization.xml:3274(command)
4531
#: serverguide/C/virtualization.xml:1442(command)
4524
4532
msgid "sudo lxc-clone -o C1 -n C2"
4525
4533
msgstr ""
4526
4534
4527
#: serverguide/C/virtualization.xml:1455(para)
4528
msgid "A snapshot can be created using"
4535
#: serverguide/C/virtualization.xml:1447(para)
4536
msgid "A snapshot can be created using:"
4529
4537
msgstr ""
4530
4538
4531
#: serverguide/C/virtualization.xml:3288(command)
4539
#: serverguide/C/virtualization.xml:1449(command)
4532
4540
msgid "sudo lxc-clone -s -o C1 -n C2"
4533
4541
msgstr ""
4534
4542
4535
#: serverguide/C/virtualization.xml:1461(para)
4543
#: serverguide/C/virtualization.xml:1453(para)
4536
4544
msgid "See the lxc-clone manpage for more information."
4537
4545
msgstr ""
4538
4546
4539
#: serverguide/C/virtualization.xml:1464(title)
4547
#: serverguide/C/virtualization.xml:1456(title)
4540
4548
msgid "Snapshots"
4541
4549
msgstr ""
4542
4550
4543
#: serverguide/C/virtualization.xml:1465(para)
4551
#: serverguide/C/virtualization.xml:1457(para)
4544
4552
msgid ""
4545
4553
"To more easily support the use of snapshot clones for iterative container "
4546
4554
"development, LXC supports <emphasis>snapshots</emphasis>. When working on a "
4558
4566
"is erased and replaced with the snap1 snapshot."
4559
4567
msgstr ""
4560
4568
4561
#: serverguide/C/virtualization.xml:1484(para)
4569
#: serverguide/C/virtualization.xml:1476(para)
4562
4570
msgid ""
4563
4571
"Snapshots are supported for btrfs, lvm, zfs, and overlayfs containers. If "
4564
4572
"lxc-snapshot is called on a directory-backed container, an error will be "
4579
4587
"</screen>"
4580
4588
msgstr ""
4581
4589
4582
#: serverguide/C/virtualization.xml:1508(title)
4590
#: serverguide/C/virtualization.xml:1500(title)
4583
4591
msgid "Ephemeral Containers"
4584
4592
msgstr ""
4585
4593
4586
#: serverguide/C/virtualization.xml:1509(para)
4594
#: serverguide/C/virtualization.xml:1501(para)
4587
4595
msgid ""
4588
4596
"While snapshots are useful for longer-term incremental development of "
4589
4597
"images, ephemeral containers utilize snapshots for quick, single-use "
4598
4606
"page for more options."
4599
4607
msgstr ""
4600
4608
4601
#: serverguide/C/virtualization.xml:1527(title)
4609
#: serverguide/C/virtualization.xml:1519(title)
4602
4610
msgid "Lifecycle management hooks"
4603
4611
msgstr ""
4604
4612
4605
#: serverguide/C/virtualization.xml:1529(para)
4613
#: serverguide/C/virtualization.xml:1521(para)
4606
4614
msgid ""
4607
4615
"Beginning with Ubuntu 12.10, it is possible to define hooks to be executed "
4608
4616
"at specific points in a container's lifetime:"
4609
4617
msgstr ""
4610
4618
4611
#: serverguide/C/virtualization.xml:1534(para)
4619
#: serverguide/C/virtualization.xml:1526(para)
4612
4620
msgid ""
4613
4621
"Pre-start hooks are run in the host's namespace before the container ttys, "
4614
4622
"consoles, or mounts are up. If any mounts are done in this hook, they should "
4615
4623
"be cleaned up in the post-stop hook."
4616
4624
msgstr ""
4617
4625
4618
#: serverguide/C/virtualization.xml:1541(para)
4626
#: serverguide/C/virtualization.xml:1533(para)
4619
4627
msgid ""
4620
4628
"Pre-mount hooks are run in the container's namespaces, but before the root "
4621
4629
"filesystem has been mounted. Mounts done in this hook will be automatically "
4622
4630
"cleaned up when the container shuts down."
4623
4631
msgstr ""
4624
4632
4625
#: serverguide/C/virtualization.xml:1548(para)
4633
#: serverguide/C/virtualization.xml:1540(para)
4626
4634
msgid ""
4627
4635
"Mount hooks are run after the container filesystems have been mounted, but "
4628
4636
"before the container has called <command>pivot_root</command> to change its "
4629
4637
"root filesystem."
4630
4638
msgstr ""
4631
4639
4632
#: serverguide/C/virtualization.xml:1555(para)
4640
#: serverguide/C/virtualization.xml:1547(para)
4633
4641
msgid ""
4634
4642
"Start hooks are run immediately before executing the container's init. Since "
4635
4643
"these are executed after pivoting into the container's filesystem, the "
4636
4644
"command to be executed must be copied into the container's filesystem."
4637
4645
msgstr ""
4638
4646
4639
#: serverguide/C/virtualization.xml:1562(para)
4647
#: serverguide/C/virtualization.xml:1554(para)
4640
4648
msgid "Post-stop hooks are executed after the container has been shut down."
4641
4649
msgstr ""
4642
4650
4643
#: serverguide/C/virtualization.xml:1567(para)
4651
#: serverguide/C/virtualization.xml:1559(para)
4644
4652
msgid ""
4645
4653
"If any hook returns an error, the container's run will be aborted. Any "
4646
4654
"<emphasis>post-stop</emphasis> hook will still be executed. Any output "
4647
4655
"generated by the script will be logged at the debug priority."
4648
4656
msgstr ""
4649
4657
4650
#: serverguide/C/virtualization.xml:1572(para)
4658
#: serverguide/C/virtualization.xml:1564(para)
4651
4659
msgid ""
4652
4660
"Please see the lxc.container.conf manual page for the configuration file "
4653
4661
"format with which to specify hooks. Some sample hooks are shipped with the "
4654
4662
"lxc package to serve as an example of how to write and use such hooks."
4655
4663
msgstr ""
4656
4664
4657
#: serverguide/C/virtualization.xml:3452(title)
4665
#: serverguide/C/virtualization.xml:1571(title)
4658
4666
msgid "Consoles"
4659
4667
msgstr ""
4660
4668
4661
#: serverguide/C/virtualization.xml:1581(para)
4669
#: serverguide/C/virtualization.xml:1573(para)
4662
4670
msgid ""
4663
4671
"Containers have a configurable number of consoles. One always exists on the "
4664
4672
"container's <filename>/dev/console</filename>. This is shown on the terminal "
4669
4677
"The number of extra consoles is specified by the <command>lxc.tty</command> "
4670
4678
"variable, and is usually set to 4. Those consoles are shown on "
4671
4679
"<filename>/dev/ttyN</filename> (for 1 <= N <= 4). To log into console "
4672
"3 from the host, use"
4680
"3 from the host, use:"
4673
4681
msgstr ""
4674
4682
4675
#: serverguide/C/virtualization.xml:3467(command)
4683
#: serverguide/C/virtualization.xml:1586(command)
4676
4684
msgid "sudo lxc-console -n container -t 3"
4677
4685
msgstr ""
4678
4686
4679
#: serverguide/C/virtualization.xml:3472(para)
4687
#: serverguide/C/virtualization.xml:1591(para)
4680
4688
msgid ""
4681
4689
"or if the <emphasis>-t N</emphasis> option is not specified, an unused "
4682
4690
"console will be automatically chosen. To exit the console, use the escape "
4685
4693
"d</emphasis> option."
4686
4694
msgstr ""
4687
4695
4688
#: serverguide/C/virtualization.xml:3480(para)
4696
#: serverguide/C/virtualization.xml:1597(para)
4689
4697
msgid ""
4690
4698
"Each container console is actually a Unix98 pty in the host's (not the "
4691
4699
"guest's) pty mount, bind-mounted over the guest's "
4698
4706
"<filename>/dev</filename>."
4699
4707
msgstr ""
4700
4708
4701
#: serverguide/C/mail.xml:345(title) serverguide/C/mail.xml:1640(title) serverguide/C/dns.xml:371(title)
4709
#: serverguide/C/virtualization.xml:1609(title) serverguide/C/mail.xml:390(title) serverguide/C/mail.xml:1698(title) serverguide/C/dns.xml:375(title)
4702
4710
msgid "Troubleshooting"
4703
4711
msgstr "Odpravljanje napak"
4704
4712
4705
#: serverguide/C/network-auth.xml:787(title) serverguide/C/dns.xml:508(title)
4713
#: serverguide/C/virtualization.xml:1611(title) serverguide/C/network-auth.xml:794(title) serverguide/C/dns.xml:517(title)
4706
4714
msgid "Logging"
4707
4715
msgstr ""
4708
4716
4709
#: serverguide/C/virtualization.xml:1620(para)
4717
#: serverguide/C/virtualization.xml:1612(para)
4710
4718
msgid ""
4711
4719
"If something goes wrong when starting a container, the first step should be "
4712
4720
"to get full logging from LXC: <screen>\n"
4719
4727
"new log information will be appended."
4720
4728
msgstr ""
4721
4729
4722
#: serverguide/C/virtualization.xml:3414(title)
4730
#: serverguide/C/virtualization.xml:1627(title)
4723
4731
msgid "Monitoring container status"
4724
4732
msgstr ""
4725
4733
4726
#: serverguide/C/virtualization.xml:3416(para)
4734
#: serverguide/C/virtualization.xml:1629(para)
4727
4735
msgid ""
4728
4736
"Two commands are available to monitor container state changes. <command>lxc-"
4729
4737
"monitor</command> monitors one or more containers for any state changes. It "
4735
4743
"instance,"
4736
4744
msgstr ""
4737
4745
4738
#: serverguide/C/virtualization.xml:3429(command)
4746
#: serverguide/C/virtualization.xml:1639(command)
4739
4747
msgid "sudo lxc-monitor -n cont[0-5]*"
4740
4748
msgstr ""
4741
4749
4742
#: serverguide/C/virtualization.xml:3434(para)
4750
#: serverguide/C/virtualization.xml:1644(para)
4743
4751
msgid ""
4744
4752
"would print all state changes to any containers matching the listed regular "
4745
4753
"expression, whereas"
4746
4754
msgstr ""
4747
4755
4748
#: serverguide/C/virtualization.xml:3440(command)
4756
#: serverguide/C/virtualization.xml:1648(command)
4749
4757
msgid "sudo lxc-wait -n cont1 -s 'STOPPED|FROZEN'"
4750
4758
msgstr ""
4751
4759
4752
#: serverguide/C/virtualization.xml:3445(para)
4760
#: serverguide/C/virtualization.xml:1653(para)
4753
4761
msgid ""
4754
4762
"will wait until container cont1 enters state STOPPED or state FROZEN and "
4755
4763
"then exit."
4756
4764
msgstr ""
4757
4765
4758
#: serverguide/C/virtualization.xml:1666(title)
4766
#: serverguide/C/virtualization.xml:1658(title)
4759
4767
msgid "Attach"
4760
4768
msgstr ""
4761
4769
4762
#: serverguide/C/virtualization.xml:1667(para)
4770
#: serverguide/C/virtualization.xml:1659(para)
4763
4771
msgid ""
4764
4772
"As of Ubuntu 14.04, it is possible to attach to a container's namespaces. "
4765
4773
"The simplest case is to simply do <screen>\n"
4772
4780
"context. See the manual page for more information."
4773
4781
msgstr ""
4774
4782
4775
#: serverguide/C/virtualization.xml:1683(title)
4783
#: serverguide/C/virtualization.xml:1675(title)
4776
4784
msgid "Container init verbosity"
4777
4785
msgstr ""
4778
4786
4779
#: serverguide/C/virtualization.xml:1684(para)
4787
#: serverguide/C/virtualization.xml:1676(para)
4780
4788
msgid ""
4781
4789
"If LXC completes the container startup, but the container init fails to "
4782
4790
"complete (for instance, no login prompt is shown), it can be useful to "
4795
4803
"</screen>"
4796
4804
msgstr ""
4797
4805
4798
#: serverguide/C/virtualization.xml:1708(title)
4806
#: serverguide/C/virtualization.xml:1700(title)
4799
4807
msgid "LXC API"
4800
4808
msgstr ""
4801
4809
4802
#: serverguide/C/virtualization.xml:1710(para)
4810
#: serverguide/C/virtualization.xml:1702(para)
4803
4811
msgid ""
4804
4812
"Most of the LXC functionality can now be accessed through an API exported by "
4805
4813
"<filename>liblxc</filename> for which bindings are available in several "
4806
4814
"languages, including Python, lua, ruby, and go."
4807
4815
msgstr ""
4808
4816
4809
#: serverguide/C/virtualization.xml:1714(para)
4817
#: serverguide/C/virtualization.xml:1706(para)
4810
4818
msgid ""
4811
4819
"Below is an example using the python bindings (which are available in the "
4812
4820
"<application>python3-lxc</application> package) which creates and starts a "
4813
4821
"container, then waits until it has been shut down:"
4814
4822
msgstr ""
4815
4823
4816
#: serverguide/C/virtualization.xml:1720(programlisting)
4824
#: serverguide/C/virtualization.xml:1712(programlisting)
4817
4825
#, no-wrap
4818
4826
msgid ""
4819
4827
"\n"
4835
4843
"True\n"
4836
4844
msgstr ""
4837
4845
4838
#: serverguide/C/virtualization.xml:4349(title) serverguide/C/security.xml:11(title)
4846
#: serverguide/C/virtualization.xml:1732(title) serverguide/C/security.xml:11(title)
4839
4847
msgid "Security"
4840
4848
msgstr "Varnost"
4841
4849
4842
#: serverguide/C/virtualization.xml:4351(para)
4850
#: serverguide/C/virtualization.xml:1734(para)
4843
4851
msgid ""
4844
4852
"A namespace maps ids to resources. By not providing a container any id with "
4845
4853
"which to reference a resource, the resource can be protected. This is the "
4850
4858
"host."
4851
4859
msgstr ""
4852
4860
4853
#: serverguide/C/virtualization.xml:1751(para)
4861
#: serverguide/C/virtualization.xml:1743(para)
4854
4862
msgid ""
4855
4863
"By default, LXC containers are started under a Apparmor policy to restrict "
4856
4864
"some actions. The details of AppArmor integration with lxc are in section "
4861
4869
"host."
4862
4870
msgstr ""
4863
4871
4864
#: serverguide/C/virtualization.xml:4375(title)
4872
#: serverguide/C/virtualization.xml:1754(title)
4865
4873
msgid "Exploitable system calls"
4866
4874
msgstr ""
4867
4875
4868
#: serverguide/C/virtualization.xml:1764(para)
4876
#: serverguide/C/virtualization.xml:1756(para)
4869
4877
msgid ""
4870
4878
"It is a core container feature that containers share a kernel with the host. "
4871
4879
"Therefore if the kernel contains any exploitable system calls the container "
4873
4881
"fully control any resource known to the host."
4874
4882
msgstr ""
4875
4883
4876
#: serverguide/C/virtualization.xml:1770(para)
4884
#: serverguide/C/virtualization.xml:1762(para)
4877
4885
msgid ""
4878
4886
"Since Ubuntu 12.10 (Quantal) a container can also be constrained by a "
4879
4887
"seccomp filter. Seccomp is a new kernel feature which filters the system "
4885
4893
"by a list of numbers, one per line."
4886
4894
msgstr ""
4887
4895
4888
#: serverguide/C/virtualization.xml:1780(para)
4896
#: serverguide/C/virtualization.xml:1772(para)
4889
4897
msgid ""
4890
4898
"In general to run a full distribution container a large number of system "
4891
4899
"calls will be needed. However for application containers it may be possible "
4897
4905
"loaded."
4898
4906
msgstr ""
4899
4907
4900
#: serverguide/C/virtualization.xml:4392(para)
4908
#: serverguide/C/virtualization.xml:1788(para)
4901
4909
msgid ""
4902
4910
"The DeveloperWorks article <ulink "
4903
4911
"url=\"https://www.ibm.com/developerworks/linux/library/l-lxc-"
4905
4913
"to the use of containers."
4906
4914
msgstr ""
4907
4915
4908
#: serverguide/C/virtualization.xml:4398(para)
4916
#: serverguide/C/virtualization.xml:1795(para)
4909
4917
msgid ""
4910
4918
"The <ulink url=\"http://www.ibm.com/developerworks/linux/library/l-lxc-"
4911
4919
"security/index.html\"> Secure Containers Cookbook</ulink> demonstrated the "
4912
4920
"use of security modules to make containers more secure."
4913
4921
msgstr ""
4914
4922
4915
#: serverguide/C/virtualization.xml:1810(para) serverguide/C/cgroups.xml:202(para)
4923
#: serverguide/C/virtualization.xml:1802(para) serverguide/C/cgroups.xml:202(para)
4916
4924
msgid "Manual pages referenced above can be found at:"
4917
4925
msgstr ""
4918
4926
4919
#: serverguide/C/virtualization.xml:4407(ulink)
4927
#: serverguide/C/virtualization.xml:1804(ulink)
4920
4928
msgid "capabilities"
4921
4929
msgstr ""
4922
4930
4923
#: serverguide/C/virtualization.xml:4408(ulink)
4931
#: serverguide/C/virtualization.xml:1805(ulink)
4924
4932
msgid "lxc.conf"
4925
4933
msgstr ""
4926
4934
4927
#: serverguide/C/virtualization.xml:1818(para)
4935
#: serverguide/C/virtualization.xml:1810(para)
4928
4936
msgid ""
4929
4937
"The upstream LXC project is hosted at <ulink "
4930
4938
"url=\"http://linuxcontainers.org\">linuxcontainers.org</ulink>."
4931
4939
msgstr ""
4932
4940
4933
#: serverguide/C/virtualization.xml:4420(para)
4941
#: serverguide/C/virtualization.xml:1815(para)
4934
4942
msgid ""
4935
4943
"LXC security issues are listed and discussed at <ulink "
4936
4944
"url=\"http://wiki.ubuntu.com/LxcSecurity\">the LXC Security wiki page</ulink>"
4937
4945
msgstr ""
4938
4946
4939
#: serverguide/C/virtualization.xml:1829(para)
4947
#: serverguide/C/virtualization.xml:1821(para)
4940
4948
msgid ""
4941
4949
"For more on namespaces in Linux, see: S. Bhattiprolu, E. W. Biederman, S. E. "
4942
4950
"Hallyn, and D. Lezcano. Virtual Servers and Check- point/Restart in "
4957
4965
"to manage information that changes often, there is room for version control."
4958
4966
msgstr ""
4959
4967
4960
#: serverguide/C/vcs.xml:15(title)
4968
#: serverguide/C/vcs.xml:22(title)
4961
4969
msgid "Bazaar"
4962
4970
msgstr "Bazaar"
4963
4971
4964
#: serverguide/C/vcs.xml:16(para)
4972
#: serverguide/C/vcs.xml:23(para)
4965
4973
msgid ""
4966
4974
"Bazaar is a new version control system sponsored by Canonical, the "
4967
4975
"commercial company behind Ubuntu. Unlike Subversion and CVS that only "
4971
4979
"maximize the level of community participation in open source projects."
4972
4980
msgstr ""
4973
4981
4974
#: serverguide/C/vcs.xml:27(para)
4982
#: serverguide/C/vcs.xml:34(para)
4975
4983
msgid ""
4976
4984
"At a terminal prompt, enter the following command to install "
4977
4985
"<application>bzr</application>: <screen>\n"
4979
4987
"</screen>"
4980
4988
msgstr ""
4981
4989
4982
#: serverguide/C/vcs.xml:38(para)
4990
#: serverguide/C/vcs.xml:45(para)
4983
4991
msgid ""
4984
4992
"To introduce yourself to <application>bzr</application>, use the "
4985
4993
"<emphasis>whoami</emphasis> command like this: <screen>\n"
4987
4995
"</screen>"
4988
4996
msgstr ""
4989
4997
4990
#: serverguide/C/vcs.xml:47(title)
4998
#: serverguide/C/vcs.xml:54(title)
4991
4999
msgid "Learning Bazaar"
4992
5000
msgstr ""
4993
5001
4994
#: serverguide/C/vcs.xml:48(para)
5002
#: serverguide/C/vcs.xml:55(para)
4995
5003
msgid ""
4996
5004
"Bazaar comes with bundled documentation installed into "
4997
5005
"<application>/usr/share/doc/bzr/html</application> by default. The tutorial "
5001
5009
"</screen>"
5002
5010
msgstr ""
5003
5011
5004
#: serverguide/C/vcs.xml:58(para)
5012
#: serverguide/C/vcs.xml:65(para)
5005
5013
msgid ""
5006
5014
"To learn more about the <emphasis>foo</emphasis> command: <screen>\n"
5007
5015
"<command>$ bzr help foo</command>\n"
5008
5016
"</screen>"
5009
5017
msgstr ""
5010
5018
5011
#: serverguide/C/vcs.xml:66(title)
5019
#: serverguide/C/vcs.xml:73(title)
5012
5020
msgid "Launchpad Integration"
5013
5021
msgstr ""
5014
5022
5015
#: serverguide/C/vcs.xml:67(para)
5023
#: serverguide/C/vcs.xml:74(para)
5016
5024
msgid ""
5017
5025
"While highly useful as a stand-alone system, Bazaar has good, optional "
5018
5026
"integration with <ulink url=\"https://launchpad.net/\">Launchpad</ulink>, "
5023
5031
"http://bazaar-vcs.org/LaunchpadIntegration</ulink>."
5024
5032
msgstr ""
5025
5033
5026
#: serverguide/C/vcs.xml:80(title)
5034
#: serverguide/C/vcs.xml:87(title)
5027
5035
msgid "Git"
5028
5036
msgstr ""
5029
5037
5030
#: serverguide/C/vcs.xml:82(para)
5038
#: serverguide/C/vcs.xml:89(para)
5031
5039
msgid ""
5032
5040
"Git is an open source distributed version control system originally "
5033
5041
"developped by Linus Torvalds to support the development of the linux kernel. "
5036
5044
"access or a central server."
5037
5045
msgstr ""
5038
5046
5039
#: serverguide/C/vcs.xml:88(para)
5047
#: serverguide/C/vcs.xml:95(para)
5040
5048
msgid ""
5041
5049
"The <application>git</application> version control system is installed with "
5042
5050
"the following command"
5043
5051
msgstr ""
5044
5052
5045
#: serverguide/C/vcs.xml:92(command)
5053
#: serverguide/C/vcs.xml:99(command)
5046
5054
msgid "sudo apt-get install git"
5047
5055
msgstr ""
5048
5056
5049
#: serverguide/C/vcs.xml:97(para)
5057
#: serverguide/C/vcs.xml:104(para)
5050
5058
msgid ""
5051
5059
"Every git user should first introduce himself to git, by running these two "
5052
5060
"commands:"
5053
5061
msgstr ""
5054
5062
5055
#: serverguide/C/vcs.xml:99(command)
5063
#: serverguide/C/vcs.xml:106(command)
5056
5064
msgid "git config --global user.email \"you@example.com\""
5057
5065
msgstr ""
5058
5066
5059
#: serverguide/C/vcs.xml:100(command)
5067
#: serverguide/C/vcs.xml:107(command)
5060
5068
msgid "git config --global user.name \"Your Name\""
5061
5069
msgstr ""
5062
5070
5063
#: serverguide/C/vcs.xml:105(para)
5071
#: serverguide/C/vcs.xml:112(para)
5064
5072
msgid ""
5065
5073
"The above is already sufficient to use git in a distributed and secure way, "
5066
5074
"provided users have access to the machine assuming the server role via SSH. "
5067
"On the server machine, creating a new repository can be done with"
5075
"On the server machine, creating a new repository can be done with:"
5068
5076
msgstr ""
5069
5077
5070
#: serverguide/C/vcs.xml:108(command)
5078
#: serverguide/C/vcs.xml:119(command)
5071
5079
msgid "git init --bare /path/to/repository"
5072
5080
msgstr ""
5073
5081
5074
#: serverguide/C/vcs.xml:110(para)
5082
#: serverguide/C/vcs.xml:121(para)
5075
5083
msgid ""
5076
5084
"This creates a bare repository, that cannot be used to edit files directly. "
5077
5085
"If you would rather have a working copy of the contents of the repository on "
5078
5086
"the server, ommit the <emphasis>--bare</emphasis> option."
5079
5087
msgstr ""
5080
5088
5081
#: serverguide/C/vcs.xml:111(para)
5089
#: serverguide/C/vcs.xml:122(para)
5082
5090
msgid ""
5083
"Any client with ssh access to the machine can from then on clone the "
5084
"repository with"
5091
"Any client with SSH access to the machine can then clone the repository with:"
5085
5092
msgstr ""
5086
5093
5087
#: serverguide/C/vcs.xml:113(command)
5094
#: serverguide/C/vcs.xml:127(command)
5088
5095
msgid "git clone username@hostname:/path/to/repository"
5089
5096
msgstr ""
5090
5097
5091
#: serverguide/C/vcs.xml:115(para)
5098
#: serverguide/C/vcs.xml:129(para)
5092
5099
msgid ""
5093
5100
"Once cloned to the client's machine, the client can edit files, then commit "
5094
5101
"and share them with:"
5095
5102
msgstr ""
5096
5103
5097
#: serverguide/C/vcs.xml:119(command)
5104
#: serverguide/C/vcs.xml:133(command)
5098
5105
msgid "cd /path/to/repository"
5099
5106
msgstr ""
5100
5107
5101
#: serverguide/C/vcs.xml:120(command)
5108
#: serverguide/C/vcs.xml:134(command)
5102
5109
msgid "#(edit some files"
5103
5110
msgstr ""
5104
5111
5105
#: serverguide/C/vcs.xml:121(command)
5112
#: serverguide/C/vcs.xml:135(command)
5106
5113
msgid ""
5107
5114
"git commit -a # Commit all changes to the local version of the repository"
5108
5115
msgstr ""
5109
5116
5110
#: serverguide/C/vcs.xml:122(command)
5117
#: serverguide/C/vcs.xml:136(command)
5111
5118
msgid ""
5112
5119
"git push origin master # Push changes to the server's version of the "
5113
5120
"repository"
5114
5121
msgstr ""
5115
5122
5116
#: serverguide/C/vcs.xml:127(title)
5123
#: serverguide/C/vcs.xml:141(title)
5117
5124
msgid "Installing a gitolite server"
5118
5125
msgstr ""
5119
5126
5120
#: serverguide/C/vcs.xml:128(para)
5127
#: serverguide/C/vcs.xml:142(para)
5121
5128
msgid ""
5122
5129
"While the above is sufficient to create, clone and edit repositories, users "
5123
5130
"wanting to install git on a server will most likely want to have git work "
5126
5133
"<application>gitolite</application> with the following command:"
5127
5134
msgstr ""
5128
5135
5129
#: serverguide/C/vcs.xml:134(command)
5136
#: serverguide/C/vcs.xml:148(command)
5130
5137
msgid "sudo apt-get install gitolite"
5131
5138
msgstr ""
5132
5139
5133
#: serverguide/C/vcs.xml:139(title)
5140
#: serverguide/C/vcs.xml:153(title)
5134
5141
msgid "Gitolite configuration"
5135
5142
msgstr ""
5136
5143
5137
#: serverguide/C/vcs.xml:140(para)
5144
#: serverguide/C/vcs.xml:154(para)
5138
5145
msgid ""
5139
5146
"Configuration of the <application>gitolite</application> server is a little "
5140
5147
"different that most other servers on Unix-like systems. Instead of the "
5143
5150
"therefore to allow access to the configuration repository."
5144
5151
msgstr ""
5145
5152
5146
#: serverguide/C/vcs.xml:145(para)
5153
#: serverguide/C/vcs.xml:159(para)
5147
5154
msgid "First of all, let's create a user for gitolite to be accessed as."
5148
5155
msgstr ""
5149
5156
5150
#: serverguide/C/vcs.xml:149(command)
5157
#: serverguide/C/vcs.xml:163(command)
5151
5158
msgid ""
5152
5159
"sudo adduser --system --shell /bin/bash --group --disabled-password --home "
5153
5160
"/home/git git"
5154
5161
msgstr ""
5155
5162
5156
#: serverguide/C/vcs.xml:151(para)
5163
#: serverguide/C/vcs.xml:165(para)
5157
5164
msgid ""
5158
5165
"Now we want to let gitolite know about the repository administrator's public "
5159
5166
"SSH key. This assumes that the current user is the repository administrator. "
5161
5168
"keys\"/>"
5162
5169
msgstr ""
5163
5170
5164
#: serverguide/C/vcs.xml:156(command)
5171
#: serverguide/C/vcs.xml:170(command)
5165
5172
msgid "cp ~/.ssh/id_rsa.pub /tmp/$(whoami).pub"
5166
5173
msgstr ""
5167
5174
5168
#: serverguide/C/vcs.xml:158(para)
5175
#: serverguide/C/vcs.xml:172(para)
5169
5176
msgid ""
5170
5177
"Let's switch to the git user and import the administrator's key into "
5171
5178
"gitolite."
5172
5179
msgstr ""
5173
5180
5174
#: serverguide/C/vcs.xml:162(command)
5181
#: serverguide/C/vcs.xml:176(command)
5175
5182
msgid "sudo su - git"
5176
5183
msgstr ""
5177
5184
5178
#: serverguide/C/vcs.xml:163(command)
5185
#: serverguide/C/vcs.xml:177(command)
5179
5186
msgid "gl-setup /tmp/*.pub"
5180
5187
msgstr ""
5181
5188
5182
#: serverguide/C/vcs.xml:165(para)
5189
#: serverguide/C/vcs.xml:179(para)
5183
5190
msgid ""
5184
5191
"Gitolite will allow you to make initial changes to its configuration file "
5185
5192
"during the setup process. You can now clone and modify the gitolite "
5188
5195
"configuration repository:"
5189
5196
msgstr ""
5190
5197
5191
#: serverguide/C/vcs.xml:169(command)
5198
#: serverguide/C/vcs.xml:183(command)
5192
5199
msgid "exit"
5193
5200
msgstr ""
5194
5201
5195
#: serverguide/C/vcs.xml:170(command)
5202
#: serverguide/C/vcs.xml:184(command)
5196
5203
msgid "git clone git@$IP_ADDRESS:gitolite-admin.git"
5197
5204
msgstr ""
5198
5205
5199
#: serverguide/C/vcs.xml:171(command)
5206
#: serverguide/C/vcs.xml:185(command)
5200
5207
msgid "cd gitolite-admin"
5201
5208
msgstr ""
5202
5209
5203
#: serverguide/C/vcs.xml:173(para)
5210
#: serverguide/C/vcs.xml:187(para)
5204
5211
msgid ""
5205
5212
"The gitolite-admin contains two subdirectories, \"conf\" and \"keydir\". The "
5206
5213
"configuration files are in the conf dir, and the keydir directory contains "
5207
5214
"the list of user's public SSH keys."
5208
5215
msgstr ""
5209
5216
5210
#: serverguide/C/vcs.xml:176(title)
5217
#: serverguide/C/vcs.xml:190(title)
5211
5218
msgid "Managing gitolite users and repositories"
5212
5219
msgstr ""
5213
5220
5214
#: serverguide/C/vcs.xml:177(para)
5221
#: serverguide/C/vcs.xml:191(para)
5215
5222
msgid ""
5216
5223
"Adding new users to gitolite is simple: just obtain their public SSH key and "
5217
5224
"add it to the keydir directory as $DESIRED_USER_NAME.pub. Note that the "
5222
5229
"server with"
5223
5230
msgstr ""
5224
5231
5225
#: serverguide/C/vcs.xml:179(command)
5232
#: serverguide/C/vcs.xml:193(command)
5226
5233
msgid "git commit -a"
5227
5234
msgstr ""
5228
5235
5229
#: serverguide/C/vcs.xml:180(command)
5236
#: serverguide/C/vcs.xml:194(command)
5230
5237
msgid "git push origin master"
5231
5238
msgstr ""
5232
5239
5233
#: serverguide/C/vcs.xml:182(para)
5240
#: serverguide/C/vcs.xml:196(para)
5234
5241
msgid ""
5235
5242
"Repositories are managed by editing the conf/gitolite.conf file. The syntax "
5236
5243
"is space separated, and simply specifies the list of repositories followed "
5237
5244
"by some access rules. The following is a default example"
5238
5245
msgstr ""
5239
5246
5240
#: serverguide/C/vcs.xml:183(programlisting)
5247
#: serverguide/C/vcs.xml:197(programlisting)
5241
5248
#, no-wrap
5242
5249
msgid ""
5243
5250
"\n"
5251
5258
" R = denise\n"
5252
5259
msgstr ""
5253
5260
5254
#: serverguide/C/vcs.xml:195(title)
5261
#: serverguide/C/vcs.xml:209(title)
5255
5262
msgid "Using your server"
5256
5263
msgstr ""
5257
5264
5258
#: serverguide/C/vcs.xml:196(para)
5265
#: serverguide/C/vcs.xml:210(para)
5259
5266
msgid ""
5260
5267
"To use the newly created server, users have to have the gitolite admin "
5261
5268
"import their public key into the gitolite configuration repository, they can "
5262
5269
"then access any project they have access to with the following command:"
5263
5270
msgstr ""
5264
5271
5265
#: serverguide/C/vcs.xml:198(command)
5272
#: serverguide/C/vcs.xml:212(command)
5266
5273
msgid "git clone git@$SERVER_IP:$PROJECT_NAME.git"
5267
5274
msgstr ""
5268
5275
5269
#: serverguide/C/vcs.xml:200(para)
5276
#: serverguide/C/vcs.xml:214(para)
5270
5277
msgid ""
5271
5278
"Or add the server's project as a remote for an existing git repository:"
5272
5279
msgstr ""
5273
5280
5274
#: serverguide/C/vcs.xml:202(command)
5281
#: serverguide/C/vcs.xml:216(command)
5275
5282
msgid "git remote add gitolite git@$SERVER_IP:$PROJECT_NAME.git"
5276
5283
msgstr ""
5277
5284
5278
#: serverguide/C/vcs.xml:79(title)
5285
#: serverguide/C/vcs.xml:221(title)
5279
5286
msgid "Subversion"
5280
5287
msgstr "Subversion"
5281
5288
5282
#: serverguide/C/vcs.xml:80(para)
5289
#: serverguide/C/vcs.xml:222(para)
5283
5290
msgid ""
5284
5291
"Subversion is an open source version control system. Using Subversion, you "
5285
5292
"can record the history of source files and documents. It manages files and "
5288
5295
"remembers every change ever made to files and directories."
5289
5296
msgstr ""
5290
5297
5291
#: serverguide/C/vcs.xml:85(para)
5298
#: serverguide/C/vcs.xml:227(para)
5292
5299
msgid ""
5293
5300
"To access Subversion repository using the HTTP protocol, you must install "
5294
5301
"and configure a web server. Apache2 is proven to work with Subversion. "
5299
5306
"section to install and configure the digital certificate."
5300
5307
msgstr ""
5301
5308
5302
#: serverguide/C/vcs.xml:94(para)
5309
#: serverguide/C/vcs.xml:236(para)
5303
5310
msgid ""
5304
5311
"To install Subversion, run the following command from a terminal prompt:"
5305
5312
msgstr ""
5306
5313
5307
#: serverguide/C/vcs.xml:227(command)
5314
#: serverguide/C/vcs.xml:241(command)
5308
5315
msgid "sudo apt-get install subversion apache2 libapache2-svn"
5309
5316
msgstr ""
5310
5317
5311
#: serverguide/C/vcs.xml:105(title)
5318
#: serverguide/C/vcs.xml:247(title)
5312
5319
msgid "Server Configuration"
5313
5320
msgstr "Nastavljanje strežnika"
5314
5321
5315
#: serverguide/C/vcs.xml:106(para)
5322
#: serverguide/C/vcs.xml:248(para)
5316
5323
msgid ""
5317
5324
"This step assumes you have installed above mentioned packages on your "
5318
5325
"system. This section explains how to create a Subversion repository and "
5319
5326
"access the project."
5320
5327
msgstr ""
5321
5328
5322
#: serverguide/C/vcs.xml:109(title)
5329
#: serverguide/C/vcs.xml:251(title)
5323
5330
msgid "Create Subversion Repository"
5324
5331
msgstr "Ustvarite skladišče Subversion"
5325
5332
5326
#: serverguide/C/vcs.xml:110(para)
5333
#: serverguide/C/vcs.xml:252(para)
5327
5334
msgid ""
5328
5335
"The Subversion repository can be created using the following command from a "
5329
5336
"terminal prompt:"
5330
5337
msgstr ""
5331
5338
5332
#: serverguide/C/vcs.xml:114(command)
5339
#: serverguide/C/vcs.xml:256(command)
5333
5340
msgid "svnadmin create /path/to/repos/project"
5334
5341
msgstr ""
5335
5342
5336
#: serverguide/C/vcs.xml:119(title)
5343
#: serverguide/C/vcs.xml:261(title)
5337
5344
msgid "Importing Files"
5338
5345
msgstr "Uvažanje datotek"
5339
5346
5340
#: serverguide/C/vcs.xml:120(para)
5347
#: serverguide/C/vcs.xml:262(para)
5341
5348
msgid ""
5342
5349
"Once you create the repository you can <emphasis>import</emphasis> files "
5343
5350
"into the repository. To import a directory, enter the following from a "
5347
5354
"</screen>"
5348
5355
msgstr ""
5349
5356
5350
#: serverguide/C/vcs.xml:132(title) serverguide/C/vcs.xml:137(title)
5357
#: serverguide/C/vcs.xml:274(title) serverguide/C/vcs.xml:279(title)
5351
5358
msgid "Access Methods"
5352
5359
msgstr "Metode dostopa"
5353
5360
5354
#: serverguide/C/vcs.xml:133(para)
5361
#: serverguide/C/vcs.xml:275(para)
5355
5362
msgid ""
5356
5363
"Subversion repositories can be accessed (checked out) through many different "
5357
5364
"methods --on local disk, or through various network protocols. A repository "
5359
5366
"schemes map to the available access methods."
5360
5367
msgstr ""
5361
5368
5362
#: serverguide/C/vcs.xml:144(para)
5369
#: serverguide/C/vcs.xml:286(para)
5363
5370
msgid "Schema"
5364
5371
msgstr ""
5365
5372
5366
#: serverguide/C/vcs.xml:145(para)
5373
#: serverguide/C/vcs.xml:287(para)
5367
5374
msgid "Access Method"
5368
5375
msgstr "Metoda dostopa"
5369
5376
5370
#: serverguide/C/vcs.xml:150(para)
5377
#: serverguide/C/vcs.xml:292(para)
5371
5378
msgid "file://"
5372
5379
msgstr "file://"
5373
5380
5374
#: serverguide/C/vcs.xml:151(para)
5381
#: serverguide/C/vcs.xml:293(para)
5375
5382
msgid "direct repository access (on local disk)"
5376
5383
msgstr ""
5377
5384
5378
#: serverguide/C/vcs.xml:154(para)
5385
#: serverguide/C/vcs.xml:296(para)
5379
5386
msgid "http://"
5380
5387
msgstr "http://"
5381
5388
5382
#: serverguide/C/vcs.xml:155(para)
5389
#: serverguide/C/vcs.xml:297(para)
5383
5390
msgid "Access via WebDAV protocol to Subversion-aware Apache2 web server"
5384
5391
msgstr ""
5385
5392
5386
#: serverguide/C/vcs.xml:158(para)
5393
#: serverguide/C/vcs.xml:300(para)
5387
5394
msgid "https://"
5388
5395
msgstr "https://"
5389
5396
5390
#: serverguide/C/vcs.xml:159(para)
5397
#: serverguide/C/vcs.xml:301(para)
5391
5398
msgid "Same as http://, but with SSL encryption"
5392
5399
msgstr "Enako kot http://, ampak s šifriranjem SSL"
5393
5400
5394
#: serverguide/C/vcs.xml:162(para)
5401
#: serverguide/C/vcs.xml:304(para)
5395
5402
msgid "svn://"
5396
5403
msgstr "svn://"
5397
5404
5398
#: serverguide/C/vcs.xml:163(para)
5405
#: serverguide/C/vcs.xml:305(para)
5399
5406
msgid "Access via custom protocol to an svnserve server"
5400
5407
msgstr ""
5401
5408
5402
#: serverguide/C/vcs.xml:166(para)
5409
#: serverguide/C/vcs.xml:308(para)
5403
5410
msgid "svn+ssh://"
5404
5411
msgstr "svn+ssh://"
5405
5412
5406
#: serverguide/C/vcs.xml:167(para)
5413
#: serverguide/C/vcs.xml:309(para)
5407
5414
msgid "Same as svn://, but through an SSH tunnel"
5408
5415
msgstr ""
5409
5416
5410
#: serverguide/C/vcs.xml:173(para)
5417
#: serverguide/C/vcs.xml:315(para)
5411
5418
msgid ""
5412
5419
"In this section, we will see how to configure Subversion for all these "
5413
5420
"access methods. Here, we cover the basics. For more advanced usage details, "
5414
5421
"refer to the <ulink url=\"http://svnbook.red-bean.com/\">svn book</ulink>."
5415
5422
msgstr ""
5416
5423
5417
#: serverguide/C/vcs.xml:180(title)
5424
#: serverguide/C/vcs.xml:322(title)
5418
5425
msgid "Direct repository access (file://)"
5419
5426
msgstr "Neposreden dostop do skladišča (file://)"
5420
5427
5421
#: serverguide/C/vcs.xml:181(para)
5428
#: serverguide/C/vcs.xml:323(para)
5422
5429
msgid ""
5423
5430
"This is the simplest of all access methods. It does not require any "
5424
5431
"Subversion server process to be running. This access method is used to "
5426
5433
"at a terminal prompt, is as follows:"
5427
5434
msgstr ""
5428
5435
5429
#: serverguide/C/vcs.xml:188(command)
5436
#: serverguide/C/vcs.xml:330(command)
5430
5437
msgid "svn co file:///path/to/repos/project"
5431
5438
msgstr ""
5432
5439
5433
#: serverguide/C/vcs.xml:191(para)
5440
#: serverguide/C/vcs.xml:333(para)
5434
5441
msgid "or"
5435
5442
msgstr "ali"
5436
5443
5437
#: serverguide/C/vcs.xml:194(command)
5444
#: serverguide/C/vcs.xml:336(command)
5438
5445
msgid "svn co file://localhost/path/to/repos/project"
5439
5446
msgstr ""
5440
5447
5441
#: serverguide/C/vcs.xml:198(para)
5448
#: serverguide/C/vcs.xml:340(para)
5442
5449
msgid ""
5443
5450
"If you do not specify the hostname, there are three forward slashes (///) -- "
5444
5451
"two for the protocol (file, in this case) plus the leading slash in the "
5445
5452
"path. If you specify the hostname, you must use two forward slashes (//)."
5446
5453
msgstr ""
5447
5454
5448
#: serverguide/C/vcs.xml:200(para)
5455
#: serverguide/C/vcs.xml:342(para)
5449
5456
msgid ""
5450
5457
"The repository permissions depend on filesystem permissions. If the user has "
5451
5458
"read/write permission, he can checkout from and commit to the repository."
5452
5459
msgstr ""
5453
5460
5454
#: serverguide/C/vcs.xml:203(title)
5461
#: serverguide/C/vcs.xml:345(title)
5455
5462
msgid "Access via WebDAV protocol (http://)"
5456
5463
msgstr "Dostop preko protokola WebDAV (http://)"
5457
5464
5458
#: serverguide/C/vcs.xml:332(para)
5465
#: serverguide/C/vcs.xml:346(para)
5459
5466
msgid ""
5460
5467
"To access the Subversion repository via WebDAV protocol, you must configure "
5461
5468
"your Apache 2 web server. Add the following snippet between the "
5465
5472
"another VirtualHost file:"
5466
5473
msgstr ""
5467
5474
5468
#: serverguide/C/vcs.xml:338(programlisting)
5475
#: serverguide/C/vcs.xml:352(programlisting)
5469
5476
#, no-wrap
5470
5477
msgid ""
5471
5478
"\n"
5479
5486
" </Location> \n"
5480
5487
msgstr ""
5481
5488
5482
#: serverguide/C/vcs.xml:349(para)
5489
#: serverguide/C/vcs.xml:363(para)
5483
5490
msgid ""
5484
5491
"The above configuration snippet assumes that Subversion repositories are "
5485
5492
"created under <filename>/path/to/repos</filename> directory using "
5488
5495
"<command>http://hostname/svn/repos_name</command> url."
5489
5496
msgstr ""
5490
5497
5491
#: serverguide/C/vcs.xml:355(para)
5498
#: serverguide/C/vcs.xml:369(para)
5492
5499
msgid ""
5493
5500
"Changing the apache configuration like the above requires to reload the "
5494
5501
"service with the following command"
5495
5502
msgstr ""
5496
5503
5497
#: serverguide/C/vcs.xml:360(command)
5504
#: serverguide/C/vcs.xml:374(command) serverguide/C/lamp-applications.xml:508(command)
5498
5505
msgid "sudo service apache2 reload"
5499
5506
msgstr ""
5500
5507
5501
#: serverguide/C/vcs.xml:362(para)
5508
#: serverguide/C/vcs.xml:376(para)
5502
5509
msgid ""
5503
5510
"To import or commit files to your Subversion repository over HTTP, the "
5504
5511
"repository should be owned by the HTTP user. In Ubuntu systems, the HTTP "
5506
5513
"repository files enter the following command from terminal prompt:"
5507
5514
msgstr ""
5508
5515
5509
#: serverguide/C/vcs.xml:236(command)
5516
#: serverguide/C/vcs.xml:385(command)
5510
5517
msgid "sudo chown -R www-data:www-data /path/to/repos"
5511
5518
msgstr ""
5512
5519
5513
#: serverguide/C/vcs.xml:239(para)
5520
#: serverguide/C/vcs.xml:388(para)
5514
5521
msgid ""
5515
5522
"By changing the ownership of repository as <command>www-data</command> you "
5516
5523
"will not be able to import or commit files into the repository by running "
5518
5525
"<command>www-data</command>."
5519
5526
msgstr ""
5520
5527
5521
#: serverguide/C/vcs.xml:248(para)
5528
#: serverguide/C/vcs.xml:397(para)
5522
5529
msgid ""
5523
5530
"Next, you must create the <filename>/etc/subversion/passwd</filename> file "
5524
5531
"that will contain user authentication details. To create a file issue the "
5526
5533
"the first user):"
5527
5534
msgstr ""
5528
5535
5529
#: serverguide/C/vcs.xml:254(command)
5536
#: serverguide/C/vcs.xml:403(command)
5530
5537
msgid "sudo htpasswd -c /etc/subversion/passwd user_name"
5531
5538
msgstr "sudo htpasswd -c /etc/subversion/passwd uporabniško-ime"
5532
5539
5533
#: serverguide/C/vcs.xml:257(para)
5540
#: serverguide/C/vcs.xml:406(para)
5534
5541
msgid ""
5535
5542
"To add additional users omit the <emphasis>\"-c\"</emphasis> option as this "
5536
5543
"option replaces the old file. Instead use this form:"
5537
5544
msgstr ""
5538
5545
5539
#: serverguide/C/vcs.xml:262(command)
5546
#: serverguide/C/vcs.xml:411(command)
5540
5547
msgid "sudo htpasswd /etc/subversion/passwd user_name"
5541
5548
msgstr ""
5542
5549
5543
#: serverguide/C/vcs.xml:266(para)
5550
#: serverguide/C/vcs.xml:415(para)
5544
5551
msgid ""
5545
5552
"This command will prompt you to enter the password. Once you enter the "
5546
5553
"password, the user is added. Now, to access the repository you can run the "
5547
5554
"following command:"
5548
5555
msgstr ""
5549
5556
5550
#: serverguide/C/vcs.xml:267(command)
5557
#: serverguide/C/vcs.xml:416(command)
5551
5558
msgid "svn co http://servername/svn"
5552
5559
msgstr "svn co http://ime-streznika/svn"
5553
5560
5554
#: serverguide/C/vcs.xml:269(para)
5561
#: serverguide/C/vcs.xml:418(para)
5555
5562
msgid ""
5556
5563
"The password is transmitted as plain text. If you are worried about password "
5557
5564
"snooping, you are advised to use SSL encryption. For details, please refer "
5558
5565
"next section."
5559
5566
msgstr ""
5560
5567
5561
#: serverguide/C/vcs.xml:275(title)
5568
#: serverguide/C/vcs.xml:424(title)
5562
5569
msgid "Access via WebDAV protocol with SSL encryption (https://)"
5563
5570
msgstr "Dostop preko protokola WebDAV s šifriranjem SSL (https://)"
5564
5571
5565
#: serverguide/C/vcs.xml:411(para)
5572
#: serverguide/C/vcs.xml:425(para)
5566
5573
msgid ""
5567
5574
"Accessing Subversion repository via WebDAV protocol with SSL encryption "
5568
5575
"(https://) is similar to http:// except that you must install and configure "
5573
5580
"configuration\"/>."
5574
5581
msgstr ""
5575
5582
5576
#: serverguide/C/vcs.xml:285(para)
5583
#: serverguide/C/vcs.xml:434(para)
5577
5584
msgid ""
5578
5585
"You can install a digital certificate issued by a signing authority. "
5579
5586
"Alternatively, you can install your own self-signed certificate."
5580
5587
msgstr ""
5581
5588
5582
#: serverguide/C/vcs.xml:290(para)
5589
#: serverguide/C/vcs.xml:439(para)
5583
5590
msgid ""
5584
5591
"This step assumes you have installed and configured a digital certificate in "
5585
5592
"your Apache 2 web server. Now, to access the Subversion repository, please "
5587
5594
"the protocol. You must use https:// to access the Subversion repository."
5588
5595
msgstr ""
5589
5596
5590
#: serverguide/C/vcs.xml:300(title)
5597
#: serverguide/C/vcs.xml:449(title)
5591
5598
msgid "Access via custom protocol (svn://)"
5592
5599
msgstr "Dostop preko protokola po meri (svn://)"
5593
5600
5594
#: serverguide/C/vcs.xml:301(para)
5601
#: serverguide/C/vcs.xml:450(para)
5595
5602
msgid ""
5596
5603
"Once the Subversion repository is created, you can configure the access "
5597
5604
"control. You can edit the <filename> "
5600
5607
"following lines in the configuration file:"
5601
5608
msgstr ""
5602
5609
5603
#: serverguide/C/vcs.xml:308(programlisting)
5610
#: serverguide/C/vcs.xml:457(programlisting)
5604
5611
#, no-wrap
5605
5612
msgid ""
5606
5613
"# [general]\n"
5607
5614
"# password-db = passwd"
5608
5615
msgstr ""
5609
5616
5610
#: serverguide/C/vcs.xml:311(para)
5617
#: serverguide/C/vcs.xml:460(para)
5611
5618
msgid ""
5612
5619
"After uncommenting the above lines, you can maintain the user list in the "
5613
5620
"passwd file. So, edit the file <filename>passwd </filename> in the same "
5614
5621
"directory and add the new user. The syntax is as follows:"
5615
5622
msgstr ""
5616
5623
5617
#: serverguide/C/vcs.xml:317(programlisting)
5624
#: serverguide/C/vcs.xml:466(programlisting)
5618
5625
#, no-wrap
5619
5626
msgid "username = password"
5620
5627
msgstr ""
5621
5628
5622
#: serverguide/C/vcs.xml:318(para)
5629
#: serverguide/C/vcs.xml:467(para)
5623
5630
msgid "For more details, please refer to the file."
5624
5631
msgstr "Za več podrobnosti si oglejte datoteko."
5625
5632
5626
#: serverguide/C/vcs.xml:322(para)
5633
#: serverguide/C/vcs.xml:471(para)
5627
5634
msgid ""
5628
5635
"Now, to access Subversion via the svn:// custom protocol, either from the "
5629
5636
"same machine or a different machine, you can run svnserver using svnserve "
5630
5637
"command. The syntax is as follows:"
5631
5638
msgstr ""
5632
5639
5633
#: serverguide/C/vcs.xml:327(programlisting)
5640
#: serverguide/C/vcs.xml:476(programlisting)
5634
5641
#, no-wrap
5635
5642
msgid ""
5636
5643
"$ svnserve -d --foreground -r /path/to/repos\n"
5642
5649
"$ svnserve --help"
5643
5650
msgstr ""
5644
5651
5645
#: serverguide/C/vcs.xml:335(para)
5652
#: serverguide/C/vcs.xml:484(para)
5646
5653
msgid ""
5647
5654
"Once you run this command, Subversion starts listening on default port "
5648
5655
"(3690). To access the project repository, you must run the following command "
5649
5656
"from a terminal prompt:"
5650
5657
msgstr ""
5651
5658
5652
#: serverguide/C/vcs.xml:338(command)
5659
#: serverguide/C/vcs.xml:487(command)
5653
5660
msgid "svn co svn://hostname/project project --username user_name"
5654
5661
msgstr ""
5655
5662
5656
#: serverguide/C/vcs.xml:341(para)
5663
#: serverguide/C/vcs.xml:490(para)
5657
5664
msgid ""
5658
5665
"Based on server configuration, it prompts for password. Once you are "
5659
5666
"authenticated, it checks out the code from Subversion repository. To "
5662
5669
"a terminal prompt, is as follows:"
5663
5670
msgstr ""
5664
5671
5665
#: serverguide/C/vcs.xml:349(command)
5672
#: serverguide/C/vcs.xml:498(command)
5666
5673
msgid "cd project_dir ; svn update"
5667
5674
msgstr "cd mapa-projekta ; svn update"
5668
5675
5669
#: serverguide/C/vcs.xml:352(para)
5676
#: serverguide/C/vcs.xml:501(para)
5670
5677
msgid ""
5671
5678
"For more details about using each Subversion sub-command, you can refer to "
5672
5679
"the manual. For example, to learn more about the co (checkout) command, "
5673
5680
"please run the following command from a terminal prompt:"
5674
5681
msgstr ""
5675
5682
5676
#: serverguide/C/vcs.xml:356(command)
5683
#: serverguide/C/vcs.xml:505(command)
5677
5684
msgid "svn co help"
5678
5685
msgstr "svn co help"
5679
5686
5680
#: serverguide/C/vcs.xml:495(title)
5687
#: serverguide/C/vcs.xml:509(title)
5681
5688
msgid "Access via custom protocol with SSH encryption (svn+ssh://)"
5682
5689
msgstr ""
5683
5690
5684
#: serverguide/C/vcs.xml:361(para)
5691
#: serverguide/C/vcs.xml:510(para)
5685
5692
msgid ""
5686
5693
"The configuration and server process is same as in the svn:// method. For "
5687
5694
"details, please refer to the above section. This step assumes you have "
5689
5696
"<application>svnserve</application> command."
5690
5697
msgstr ""
5691
5698
5692
#: serverguide/C/vcs.xml:367(para)
5699
#: serverguide/C/vcs.xml:516(para)
5693
5700
msgid ""
5694
5701
"It is also assumed that the ssh server is running on that machine and that "
5695
5702
"it is allowing incoming connections. To confirm, please try to login to that "
5697
5704
"login, please address it before continuing further."
5698
5705
msgstr ""
5699
5706
5700
#: serverguide/C/vcs.xml:373(para)
5707
#: serverguide/C/vcs.xml:522(para)
5701
5708
msgid ""
5702
5709
"The svn+ssh:// protocol is used to access the Subversion repository using "
5703
5710
"SSL encryption. The data transfer is encrypted using this method. To access "
5705
5712
"following command syntax:"
5706
5713
msgstr ""
5707
5714
5708
#: serverguide/C/vcs.xml:515(command)
5715
#: serverguide/C/vcs.xml:529(command)
5709
5716
msgid "svn co svn+ssh://ssh_username@hostname/path/to/repos/project"
5710
5717
msgstr ""
5711
5718
5712
#: serverguide/C/vcs.xml:384(para)
5719
#: serverguide/C/vcs.xml:533(para)
5713
5720
msgid ""
5714
5721
"You must use the full path (/path/to/repos/project) to access the Subversion "
5715
5722
"repository using this access method."
5716
5723
msgstr ""
5717
5724
5718
#: serverguide/C/vcs.xml:387(para)
5725
#: serverguide/C/vcs.xml:536(para)
5719
5726
msgid ""
5720
5727
"Based on server configuration, it prompts for password. You must enter the "
5721
5728
"password you use to login via ssh. Once you are authenticated, it checks out "
5722
5729
"the code from the Subversion repository."
5723
5730
msgstr ""
5724
5731
5725
#: serverguide/C/vcs.xml:539(ulink)
5732
#: serverguide/C/vcs.xml:551(ulink)
5726
5733
msgid "Bazaar Home Page"
5727
5734
msgstr "Domača stran Bazaar"
5728
5735
5729
#: serverguide/C/vcs.xml:540(ulink)
5736
#: serverguide/C/vcs.xml:556(ulink)
5730
5737
msgid "Launchpad"
5731
5738
msgstr "Launchpad"
5732
5739
5733
#: serverguide/C/vcs.xml:547(ulink)
5740
#: serverguide/C/vcs.xml:561(ulink)
5734
5741
msgid "Git homepage"
5735
5742
msgstr ""
5736
5743
5737
#: serverguide/C/vcs.xml:552(ulink)
5744
#: serverguide/C/vcs.xml:566(ulink)
5738
5745
msgid "Gitolite"
5739
5746
msgstr ""
5740
5747
5741
#: serverguide/C/vcs.xml:541(ulink)
5748
#: serverguide/C/vcs.xml:571(ulink)
5742
5749
msgid "Subversion Home Page"
5743
5750
msgstr "Domača stran Subversion"
5744
5751
5745
#: serverguide/C/vcs.xml:542(ulink)
5752
#: serverguide/C/vcs.xml:576(ulink)
5746
5753
msgid "Subversion Book"
5747
5754
msgstr "Knjiga Subversion"
5748
5755
5749
#: serverguide/C/vcs.xml:545(ulink)
5756
#: serverguide/C/vcs.xml:581(ulink)
5750
5757
msgid "Easy Bazaar Ubuntu Wiki page"
5751
5758
msgstr ""
5752
5759
5753
#: serverguide/C/vcs.xml:546(ulink)
5760
#: serverguide/C/vcs.xml:586(ulink)
5754
5761
msgid "Ubuntu Wiki Subversion page"
5755
5762
msgstr "Stran Subversion na Ubuntu Wiki"
5756
5763
5862
5869
"Security should always be considered when installing, deploying, and using "
5863
5870
"any type of computer system. Although a fresh installation of Ubuntu is "
5864
5871
"relatively safe for immediate use on the Internet, it is important to have a "
5865
"balanced understanding of your systems security posture based on how it will "
5866
"be used after deployment."
5872
"balanced understanding of your system's security posture based on how it "
5873
"will be used after deployment."
5867
5874
msgstr ""
5868
5875
5869
5876
#: serverguide/C/security.xml:15(para)
5870
5877
msgid ""
5871
"This chapter provides an overview of security related topics as they pertain "
5878
"This chapter provides an overview of security-related topics as they pertain "
5872
5879
"to Ubuntu 14.04 LTS Server Edition, and outlines simple measures you may use "
5873
5880
"to protect your server and network from any number of potential security "
5874
5881
"threats."
5922
5929
msgid "Configurations with root passwords are not supported."
5923
5930
msgstr ""
5924
5931
5925
#: serverguide/C/security.xml:37(command)
5932
#: serverguide/C/security.xml:42(command)
5926
5933
msgid "sudo passwd"
5927
5934
msgstr "sudo passwd"
5928
5935
5929
#: serverguide/C/security.xml:39(para)
5936
#: serverguide/C/security.xml:44(para)
5930
5937
msgid ""
5931
5938
"Sudo will prompt you for your password, and then ask you to supply a new "
5932
5939
"password for root as shown below:"
5933
5940
msgstr ""
5934
5941
5935
#: serverguide/C/security.xml:42(computeroutput)
5942
#: serverguide/C/security.xml:47(computeroutput)
5936
5943
#, no-wrap
5937
5944
msgid "[sudo] password for username:"
5938
5945
msgstr ""
5939
5946
5940
#: serverguide/C/security.xml:42(userinput)
5947
#: serverguide/C/security.xml:47(userinput)
5941
5948
#, no-wrap
5942
5949
msgid "(enter your own password)"
5943
5950
msgstr "(vnesite svoje geslo)"
5944
5951
5945
#: serverguide/C/security.xml:43(computeroutput)
5952
#: serverguide/C/security.xml:48(computeroutput)
5946
5953
#, no-wrap
5947
5954
msgid "Enter new UNIX password:"
5948
5955
msgstr ""
5949
5956
5950
#: serverguide/C/security.xml:43(userinput)
5957
#: serverguide/C/security.xml:48(userinput)
5951
5958
#, no-wrap
5952
5959
msgid "(enter a new password for root)"
5953
5960
msgstr "(vnesite novo geslo skrbnika)"
5954
5961
5955
#: serverguide/C/security.xml:44(computeroutput)
5962
#: serverguide/C/security.xml:49(computeroutput)
5956
5963
#, no-wrap
5957
5964
msgid "Retype new UNIX password:"
5958
5965
msgstr ""
5959
5966
5960
#: serverguide/C/security.xml:44(userinput)
5967
#: serverguide/C/security.xml:49(userinput)
5961
5968
#, no-wrap
5962
5969
msgid "(repeat new password for root)"
5963
5970
msgstr "(ponovno vnesite novo geslo skrbnika)"
5964
5971
5965
#: serverguide/C/security.xml:45(computeroutput)
5972
#: serverguide/C/security.xml:50(computeroutput)
5966
5973
#, no-wrap
5967
5974
msgid "passwd: password updated successfully"
5968
5975
msgstr ""
5972
5979
"To disable the root account password, use the following passwd syntax:"
5973
5980
msgstr ""
5974
5981
5975
#: serverguide/C/security.xml:53(command)
5982
#: serverguide/C/security.xml:58(command)
5976
5983
msgid "sudo passwd -l root"
5977
5984
msgstr "sudo passwd -l root"
5978
5985
5985
5992
msgid "usermod --expiredate 1"
5986
5993
msgstr ""
5987
5994
5988
#: serverguide/C/security.xml:57(para)
5995
#: serverguide/C/security.xml:68(para)
5989
5996
msgid ""
5990
"You should read more on <application>Sudo</application> by checking out it's "
5991
"man page:"
5997
"You should read more on <application>Sudo</application> by reading the man "
5998
"page:"
5992
5999
msgstr ""
5993
6000
5994
#: serverguide/C/security.xml:61(command)
6001
#: serverguide/C/security.xml:72(command)
5995
6002
msgid "man sudo"
5996
6003
msgstr "man sudo"
5997
6004
6005
6012
"<emphasis>sudo</emphasis> group."
6006
6013
msgstr ""
6007
6014
6008
#: serverguide/C/security.xml:71(title)
6015
#: serverguide/C/security.xml:82(title)
6009
6016
msgid "Adding and Deleting Users"
6010
6017
msgstr "Dodajanje in odstranjevanje uporabnikov"
6011
6018
6012
#: serverguide/C/security.xml:72(para)
6019
#: serverguide/C/security.xml:83(para)
6013
6020
msgid ""
6014
"The process for managing local users and groups is straight forward and "
6021
"The process for managing local users and groups is straightforward and "
6015
6022
"differs very little from most other GNU/Linux operating systems. Ubuntu and "
6016
"other Debian based distributions, encourage the use of the \"adduser\" "
6023
"other Debian based distributions encourage the use of the \"adduser\" "
6017
6024
"package for account management."
6018
6025
msgstr ""
6019
6026
6020
#: serverguide/C/security.xml:77(para)
6027
#: serverguide/C/security.xml:88(para)
6021
6028
msgid ""
6022
6029
"To add a user account, use the following syntax, and follow the prompts to "
6023
"give the account a password and identifiable characteristics such as a full "
6030
"give the account a password and identifiable characteristics, such as a full "
6024
6031
"name, phone number, etc."
6025
6032
msgstr ""
6026
6033
6027
#: serverguide/C/security.xml:81(command)
6034
#: serverguide/C/security.xml:92(command)
6028
6035
msgid "sudo adduser username"
6029
6036
msgstr "sudo adduser uporabniško-ime"
6030
6037
6031
#: serverguide/C/security.xml:85(para)
6038
#: serverguide/C/security.xml:96(para)
6032
6039
msgid ""
6033
6040
"To delete a user account and its primary group, use the following syntax:"
6034
6041
msgstr ""
6035
6042
6036
#: serverguide/C/security.xml:89(command)
6043
#: serverguide/C/security.xml:100(command)
6037
6044
msgid "sudo deluser username"
6038
6045
msgstr "sudo deluser uporabniško-ime"
6039
6046
6040
#: serverguide/C/security.xml:91(para)
6047
#: serverguide/C/security.xml:102(para)
6041
6048
msgid ""
6042
6049
"Deleting an account does not remove their respective home folder. It is up "
6043
6050
"to you whether or not you wish to delete the folder manually or keep it "
6044
6051
"according to your desired retention policies."
6045
6052
msgstr ""
6046
6053
6047
#: serverguide/C/security.xml:94(para)
6054
#: serverguide/C/security.xml:105(para)
6048
6055
msgid ""
6049
6056
"Remember, any user added later on with the same UID/GID as the previous "
6050
6057
"owner will now have access to this folder if you have not taken the "
6051
6058
"necessary precautions."
6052
6059
msgstr ""
6053
6060
6054
#: serverguide/C/security.xml:97(para)
6061
#: serverguide/C/security.xml:108(para)
6055
6062
msgid ""
6056
6063
"You may want to change these UID/GID values to something more appropriate, "
6057
6064
"such as the root account, and perhaps even relocate the folder to avoid "
6058
6065
"future conflicts:"
6059
6066
msgstr ""
6060
6067
6061
#: serverguide/C/security.xml:101(command)
6068
#: serverguide/C/security.xml:112(command)
6062
6069
msgid "sudo chown -R root:root /home/username/"
6063
6070
msgstr "sudo chown -R root:root /home/uporabniško-ime/"
6064
6071
6065
#: serverguide/C/security.xml:102(command)
6072
#: serverguide/C/security.xml:113(command)
6066
6073
msgid "sudo mkdir /home/archived_users/"
6067
6074
msgstr "sudo mkdir /home/arhivirani_uporabniki/"
6068
6075
6069
#: serverguide/C/security.xml:103(command)
6076
#: serverguide/C/security.xml:114(command)
6070
6077
msgid "sudo mv /home/username /home/archived_users/"
6071
6078
msgstr "sudo mv /home/uporabniško-ime /home/arhivirani_uporabniki/"
6072
6079
6073
#: serverguide/C/security.xml:107(para)
6080
#: serverguide/C/security.xml:118(para)
6074
6081
msgid ""
6075
6082
"To temporarily lock or unlock a user account, use the following syntax, "
6076
6083
"respectively:"
6077
6084
msgstr ""
6078
6085
6079
#: serverguide/C/security.xml:111(command)
6086
#: serverguide/C/security.xml:122(command)
6080
6087
msgid "sudo passwd -l username"
6081
6088
msgstr "sudo passwd -l uporabniško-ime"
6082
6089
6083
#: serverguide/C/security.xml:112(command)
6090
#: serverguide/C/security.xml:123(command)
6084
6091
msgid "sudo passwd -u username"
6085
6092
msgstr "sudo passwd -u uporabniško-ime"
6086
6093
6087
#: serverguide/C/security.xml:116(para)
6094
#: serverguide/C/security.xml:127(para)
6088
6095
msgid ""
6089
6096
"To add or delete a personalized group, use the following syntax, "
6090
6097
"respectively:"
6091
6098
msgstr ""
6092
6099
6093
#: serverguide/C/security.xml:120(command)
6100
#: serverguide/C/security.xml:131(command)
6094
6101
msgid "sudo addgroup groupname"
6095
6102
msgstr "sudo addgroup ime-skupine"
6096
6103
6097
#: serverguide/C/security.xml:121(command)
6104
#: serverguide/C/security.xml:132(command)
6098
6105
msgid "sudo delgroup groupname"
6099
6106
msgstr "sudo delgroup ime-skupine"
6100
6107
6101
#: serverguide/C/security.xml:125(para)
6108
#: serverguide/C/security.xml:136(para)
6102
6109
msgid "To add a user to a group, use the following syntax:"
6103
6110
msgstr "Če želite dodati uporabnika v skupino, uporabite sledečo skladnjo:"
6104
6111
6105
#: serverguide/C/security.xml:129(command)
6112
#: serverguide/C/security.xml:140(command)
6106
6113
msgid "sudo adduser username groupname"
6107
6114
msgstr "sudo adduser ime-uporabnika ime-skupine"
6108
6115
6109
#: serverguide/C/security.xml:136(title)
6116
#: serverguide/C/security.xml:147(title)
6110
6117
msgid "User Profile Security"
6111
6118
msgstr ""
6112
6119
6113
#: serverguide/C/security.xml:137(para)
6120
#: serverguide/C/security.xml:148(para)
6114
6121
msgid ""
6115
6122
"When a new user is created, the adduser utility creates a brand new home "
6116
"directory named <filename class=\"directory\">/home/username</filename>, "
6117
"respectively. The default profile is modeled after the contents found in the "
6118
"directory of <filename class=\"directory\">/etc/skel</filename>, which "
6119
"includes all profile basics."
6123
"directory named <filename class=\"directory\">/home/username</filename>. The "
6124
"default profile is modeled after the contents found in the directory of "
6125
"<filename class=\"directory\">/etc/skel</filename>, which includes all "
6126
"profile basics."
6120
6127
msgstr ""
6121
6128
6122
#: serverguide/C/security.xml:140(para)
6129
#: serverguide/C/security.xml:151(para)
6123
6130
msgid ""
6124
6131
"If your server will be home to multiple users, you should pay close "
6125
6132
"attention to the user home directory permissions to ensure confidentiality. "
6129
6136
"your environment."
6130
6137
msgstr ""
6131
6138
6132
#: serverguide/C/security.xml:145(para)
6139
#: serverguide/C/security.xml:156(para)
6133
6140
msgid ""
6134
"To verify your current users home directory permissions, use the following "
6141
"To verify your current user home directory permissions, use the following "
6135
6142
"syntax:"
6136
6143
msgstr ""
6137
6144
6138
#: serverguide/C/security.xml:149(command) serverguide/C/security.xml:181(command)
6145
#: serverguide/C/security.xml:160(command) serverguide/C/security.xml:192(command)
6139
6146
msgid "ls -ld /home/username"
6140
6147
msgstr "ls -ld /home/uporabniško-ime"
6141
6148
6142
#: serverguide/C/security.xml:151(para)
6149
#: serverguide/C/security.xml:162(para)
6143
6150
msgid ""
6144
6151
"The following output shows that the directory <filename "
6145
"class=\"directory\">/home/username</filename> has world readable permissions:"
6152
"class=\"directory\">/home/username</filename> has world-readable permissions:"
6146
6153
msgstr ""
6147
6154
6148
#: serverguide/C/security.xml:154(computeroutput)
6155
#: serverguide/C/security.xml:165(computeroutput)
6149
6156
#, no-wrap
6150
6157
msgid "drwxr-xr-x 2 username username 4096 2007-10-02 20:03 username"
6151
6158
msgstr ""
6152
6159
6153
#: serverguide/C/security.xml:158(para)
6160
#: serverguide/C/security.xml:169(para)
6154
6161
msgid ""
6155
"You can remove the world readable permissions using the following syntax:"
6162
"You can remove the world readable-permissions using the following syntax:"
6156
6163
msgstr ""
6157
6164
6158
#: serverguide/C/security.xml:162(command)
6165
#: serverguide/C/security.xml:173(command)
6159
6166
msgid "sudo chmod 0750 /home/username"
6160
6167
msgstr "sudo chmod 0750 /home/uporabniško-ime"
6161
6168
6162
#: serverguide/C/security.xml:165(para)
6169
#: serverguide/C/security.xml:176(para)
6163
6170
msgid ""
6164
6171
"Some people tend to use the recursive option (-R) indiscriminately which "
6165
6172
"modifies all child folders and files, but this is not necessary, and may "
6167
6174
"for preventing unauthorized access to anything below the parent."
6168
6175
msgstr ""
6169
6176
6170
#: serverguide/C/security.xml:169(para)
6177
#: serverguide/C/security.xml:180(para)
6171
6178
msgid ""
6172
6179
"A much more efficient approach to the matter would be to modify the "
6173
6180
"<application>adduser</application> global default permissions when creating "
6177
6184
"new home directories will receive the correct permissions."
6178
6185
msgstr ""
6179
6186
6180
#: serverguide/C/security.xml:172(programlisting)
6187
#: serverguide/C/security.xml:183(programlisting)
6181
6188
#, no-wrap
6182
6189
msgid ""
6183
6190
"\n"
6184
6191
"DIR_MODE=0750\n"
6185
6192
msgstr ""
6186
6193
6187
#: serverguide/C/security.xml:177(para)
6194
#: serverguide/C/security.xml:188(para)
6188
6195
msgid ""
6189
6196
"After correcting the directory permissions using any of the previously "
6190
6197
"mentioned techniques, verify the results using the following syntax:"
6191
6198
msgstr ""
6192
6199
6193
#: serverguide/C/security.xml:183(para)
6200
#: serverguide/C/security.xml:194(para)
6194
6201
msgid ""
6195
"The results below show that world readable permissions have been removed:"
6202
"The results below show that world-readable permissions have been removed:"
6196
6203
msgstr ""
6197
6204
6198
#: serverguide/C/security.xml:186(computeroutput)
6205
#: serverguide/C/security.xml:197(computeroutput)
6199
6206
#, no-wrap
6200
6207
msgid "drwxr-x--- 2 username username 4096 2007-10-02 20:03 username"
6201
6208
msgstr ""
6202
6209
"drwxr-x--- 2 uporabniško-ime uporabniško-ime 4096 2007-10-02 20:03 "
6203
6210
"uporabniško-ime"
6204
6211
6205
#: serverguide/C/security.xml:193(title)
6212
#: serverguide/C/security.xml:204(title)
6206
6213
msgid "Password Policy"
6207
6214
msgstr ""
6208
6215
6209
#: serverguide/C/security.xml:194(para)
6216
#: serverguide/C/security.xml:205(para)
6210
6217
msgid ""
6211
6218
"A strong password policy is one of the most important aspects of your "
6212
6219
"security posture. Many successful security breaches involve simple brute "
6216
6223
"password lifetimes, and frequent audits of your authentication systems."
6217
6224
msgstr ""
6218
6225
6219
#: serverguide/C/security.xml:198(title)
6226
#: serverguide/C/security.xml:209(title)
6220
6227
msgid "Minimum Password Length"
6221
6228
msgstr "Najkrajša dolžina gesla"
6222
6229
6223
#: serverguide/C/security.xml:199(para)
6230
#: serverguide/C/security.xml:210(para)
6224
6231
msgid ""
6225
6232
"By default, Ubuntu requires a minimum password length of 6 characters, as "
6226
6233
"well as some basic entropy checks. These values are controlled in the file "
6234
6241
"password [success=1 default=ignore] pam_unix.so obscure sha512\n"
6235
6242
msgstr ""
6236
6243
6237
#: serverguide/C/security.xml:205(para)
6244
#: serverguide/C/security.xml:216(para)
6238
6245
msgid ""
6239
6246
"If you would like to adjust the minimum length to 8 characters, change the "
6240
6247
"appropriate variable to min=8. The modification is outlined below."
6248
6255
"minlen=8\n"
6249
6256
msgstr ""
6250
6257
6251
#: serverguide/C/security.xml:212(para)
6258
#: serverguide/C/security.xml:223(para)
6252
6259
msgid ""
6253
6260
"Basic password entropy checks and minimum length rules do not apply to the "
6254
6261
"administrator using sudo level commands to setup a new user."
6255
6262
msgstr ""
6256
6263
6257
#: serverguide/C/security.xml:218(title)
6264
#: serverguide/C/security.xml:229(title)
6258
6265
msgid "Password Expiration"
6259
6266
msgstr ""
6260
6267
6261
#: serverguide/C/security.xml:219(para)
6268
#: serverguide/C/security.xml:230(para)
6262
6269
msgid ""
6263
6270
"When creating user accounts, you should make it a policy to have a minimum "
6264
6271
"and maximum password age forcing users to change their passwords when they "
6265
6272
"expire."
6266
6273
msgstr ""
6267
6274
6268
#: serverguide/C/security.xml:224(para)
6275
#: serverguide/C/security.xml:235(para)
6269
6276
msgid ""
6270
6277
"To easily view the current status of a user account, use the following "
6271
6278
"syntax:"
6272
6279
msgstr ""
6273
6280
6274
#: serverguide/C/security.xml:228(command) serverguide/C/security.xml:261(command)
6281
#: serverguide/C/security.xml:239(command) serverguide/C/security.xml:272(command)
6275
6282
msgid "sudo chage -l username"
6276
6283
msgstr "sudo chage -l uporabniško-ime"
6277
6284
6278
#: serverguide/C/security.xml:230(para)
6285
#: serverguide/C/security.xml:241(para)
6279
6286
msgid ""
6280
6287
"The output below shows interesting facts about the user account, namely that "
6281
6288
"there are no policies applied:"
6282
6289
msgstr ""
6283
6290
6284
#: serverguide/C/security.xml:233(computeroutput)
6291
#: serverguide/C/security.xml:244(computeroutput)
6285
6292
#, no-wrap
6286
6293
msgid ""
6287
"Last password change : Jan 20, 2008\n"
6294
"Last password change : Jan 20, 2015\n"
6288
6295
"Password expires : never\n"
6289
6296
"Password inactive : never\n"
6290
6297
"Account expires : never\n"
6293
6300
"Number of days of warning before password expires : 7"
6294
6301
msgstr ""
6295
6302
6296
#: serverguide/C/security.xml:243(para)
6303
#: serverguide/C/security.xml:254(para)
6297
6304
msgid ""
6298
6305
"To set any of these values, simply use the following syntax, and follow the "
6299
6306
"interactive prompts:"
6300
6307
msgstr ""
6301
6308
6302
#: serverguide/C/security.xml:247(command)
6309
#: serverguide/C/security.xml:258(command)
6303
6310
msgid "sudo chage username"
6304
6311
msgstr "sudo chage uporabniško-ime"
6305
6312
6306
#: serverguide/C/security.xml:249(para)
6313
#: serverguide/C/security.xml:260(para)
6307
6314
msgid ""
6308
6315
"The following is also an example of how you can manually change the explicit "
6309
"expiration date (-E) to 01/31/2008, minimum password age (-m) of 5 days, "
6316
"expiration date (-E) to 01/31/2015, minimum password age (-m) of 5 days, "
6310
6317
"maximum password age (-M) of 90 days, inactivity period (-I) of 5 days after "
6311
6318
"password expiration, and a warning time period (-W) of 14 days before "
6312
"password expiration."
6313
msgstr ""
6314
6315
#: serverguide/C/security.xml:253(command)
6316
msgid "sudo chage -E 01/31/2011 -m 5 -M 90 -I 30 -W 14 username"
6317
msgstr "sudo chage -E 01/31/2011 -m 5 -M 90 -I 30 -W 14 uporabniško-ime"
6318
6319
#: serverguide/C/security.xml:257(para)
6319
"password expiration:"
6320
msgstr ""
6321
6322
#: serverguide/C/security.xml:264(command)
6323
msgid "sudo chage -E 01/31/2015 -m 5 -M 90 -I 30 -W 14 username"
6324
msgstr ""
6325
6326
#: serverguide/C/security.xml:268(para)
6320
6327
msgid "To verify changes, use the same syntax as mentioned previously:"
6321
6328
msgstr ""
6322
6329
6323
#: serverguide/C/security.xml:263(para)
6330
#: serverguide/C/security.xml:274(para)
6324
6331
msgid ""
6325
6332
"The output below shows the new policies that have been established for the "
6326
6333
"account:"
6327
6334
msgstr ""
6328
6335
6329
#: serverguide/C/security.xml:266(computeroutput)
6336
#: serverguide/C/security.xml:277(computeroutput)
6330
6337
#, no-wrap
6331
6338
msgid ""
6332
"Last password change : Jan 20, 2008\n"
6333
"Password expires : Apr 19, 2008\n"
6334
"Password inactive : May 19, 2008\n"
6335
"Account expires : Jan 31, 2008\n"
6339
"Last password change : Jan 20, 2015\n"
6340
"Password expires : Apr 19, 2015\n"
6341
"Password inactive : May 19, 2015\n"
6342
"Account expires : Jan 31, 2015\n"
6336
6343
"Minimum number of days between password change : 5\n"
6337
6344
"Maximum number of days between password change : 90\n"
6338
6345
"Number of days of warning before password expires : 14"
6339
6346
msgstr ""
6340
6347
6341
#: serverguide/C/security.xml:282(title)
6348
#: serverguide/C/security.xml:293(title)
6342
6349
msgid "Other Security Considerations"
6343
6350
msgstr ""
6344
6351
6345
#: serverguide/C/security.xml:283(para)
6352
#: serverguide/C/security.xml:294(para)
6346
6353
msgid ""
6347
6354
"Many applications use alternate authentication mechanisms that can be easily "
6348
6355
"overlooked by even experienced system administrators. Therefore, it is "
6350
6357
"to services and applications on your server."
6351
6358
msgstr ""
6352
6359
6353
#: serverguide/C/security.xml:288(title)
6360
#: serverguide/C/security.xml:299(title)
6354
6361
msgid "SSH Access by Disabled Users"
6355
6362
msgstr ""
6356
6363
6357
#: serverguide/C/security.xml:289(para)
6364
#: serverguide/C/security.xml:300(para)
6358
6365
msgid ""
6359
6366
"Simply disabling/locking a user account will not prevent a user from logging "
6360
6367
"into your server remotely if they have previously set up RSA public key "
6361
6368
"authentication. They will still be able to gain shell access to the server, "
6362
6369
"without the need for any password. Remember to check the users home "
6363
6370
"directory for files that will allow for this type of authenticated SSH "
6364
"access. e.g. <filename>/home/username/.ssh/authorized_keys</filename>."
6371
"access, e.g. <filename>/home/username/.ssh/authorized_keys</filename>."
6365
6372
msgstr ""
6366
6373
6367
#: serverguide/C/security.xml:292(para)
6374
#: serverguide/C/security.xml:303(para)
6368
6375
msgid ""
6369
6376
"Remove or rename the directory <filename "
6370
6377
"class=\"directory\">.ssh/</filename> in the user's home folder to prevent "
6371
6378
"further SSH authentication capabilities."
6372
6379
msgstr ""
6373
6380
6374
#: serverguide/C/security.xml:295(para)
6381
#: serverguide/C/security.xml:306(para)
6375
6382
msgid ""
6376
6383
"Be sure to check for any established SSH connections by the disabled user, "
6377
6384
"as it is possible they may have existing inbound or outbound connections. "
6379
6386
msgstr ""
6380
6387
6381
6388
#: serverguide/C/security.xml:310(command)
6382
msgid "who |grep username"
6389
msgid "who | grep username"
6383
6390
msgstr ""
6384
6391
6385
6392
#: serverguide/C/security.xml:311(command)
6394
6401
"<placeholder-2/>\n"
6395
6402
msgstr ""
6396
6403
6397
#: serverguide/C/security.xml:298(para)
6404
#: serverguide/C/security.xml:313(para)
6398
6405
msgid ""
6399
6406
"Restrict SSH access to only user accounts that should have it. For example, "
6400
6407
"you may create a group called \"sshlogin\" and add the group name as the "
6402
6409
"the file <filename>/etc/ssh/sshd_config</filename>."
6403
6410
msgstr ""
6404
6411
6405
#: serverguide/C/security.xml:301(programlisting)
6412
#: serverguide/C/security.xml:316(programlisting)
6406
6413
#, no-wrap
6407
6414
msgid ""
6408
6415
"\n"
6409
6416
"AllowGroups sshlogin\n"
6410
6417
msgstr ""
6411
6418
6412
#: serverguide/C/security.xml:304(para)
6419
#: serverguide/C/security.xml:319(para)
6413
6420
msgid ""
6414
6421
"Then add your permitted SSH users to the group \"sshlogin\", and restart the "
6415
6422
"SSH service."
6416
6423
msgstr ""
6417
6424
6418
#: serverguide/C/security.xml:308(command)
6425
#: serverguide/C/security.xml:323(command)
6419
6426
msgid "sudo adduser username sshlogin"
6420
6427
msgstr "sudo adduser uporabniško-ime sshlogin"
6421
6428
6422
#: serverguide/C/security.xml:309(command)
6429
#: serverguide/C/security.xml:324(command) serverguide/C/remote-administration.xml:144(command)
6423
6430
msgid "sudo service ssh restart"
6424
6431
msgstr ""
6425
6432
6426
#: serverguide/C/security.xml:313(title)
6433
#: serverguide/C/security.xml:328(title)
6427
6434
msgid "External User Database Authentication"
6428
6435
msgstr ""
6429
6436
6430
#: serverguide/C/security.xml:314(para)
6437
#: serverguide/C/security.xml:329(para)
6431
6438
msgid ""
6432
6439
"Most enterprise networks require centralized authentication and access "
6433
6440
"controls for all system resources. If you have configured your server to "
6434
6441
"authenticate users against external databases, be sure to disable the user "
6435
"accounts both externally and locally, this way you ensure that local "
6442
"accounts both externally and locally. This way you ensure that local "
6436
6443
"fallback authentication is not possible."
6437
6444
msgstr ""
6438
6445
6439
#: serverguide/C/security.xml:323(title)
6446
#: serverguide/C/security.xml:338(title)
6440
6447
msgid "Console Security"
6441
6448
msgstr ""
6442
6449
6443
#: serverguide/C/security.xml:324(para)
6450
#: serverguide/C/security.xml:339(para)
6444
6451
msgid ""
6445
6452
"As with any other security barrier you put in place to protect your server, "
6446
6453
"it is pretty tough to defend against untold damage caused by someone with "
6452
6459
"basic precautions with regard to console security."
6453
6460
msgstr ""
6454
6461
6455
#: serverguide/C/security.xml:327(para)
6462
#: serverguide/C/security.xml:342(para)
6456
6463
msgid ""
6457
6464
"The following instructions will help defend your server against issues that "
6458
6465
"could otherwise yield very serious consequences."
6459
6466
msgstr ""
6460
6467
6461
#: serverguide/C/security.xml:332(title)
6468
#: serverguide/C/security.xml:347(title)
6462
6469
msgid "Disable Ctrl+Alt+Delete"
6463
6470
msgstr "Onemogoči Ctrl+Alt+Delete"
6464
6471
6465
#: serverguide/C/security.xml:333(para)
6472
#: serverguide/C/security.xml:348(para)
6466
6473
msgid ""
6467
"First and foremost, anyone that has physical access to the keyboard can "
6468
"simply use the "
6474
"Anyone that has physical access to the keyboard can simply use the "
6469
6475
"<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap></k"
6470
6476
"eycombo> key combination to reboot the server without having to log on. "
6471
"Sure, someone could simply unplug the power source, but you should still "
6472
"prevent the use of this key combination on a production server. This forces "
6473
"an attacker to take more drastic measures to reboot the server, and will "
6477
"While someone could simply unplug the power source, you should still prevent "
6478
"the use of this key combination on a production server. This forces an "
6479
"attacker to take more drastic measures to reboot the server, and will "
6474
6480
"prevent accidental reboots at the same time."
6475
6481
msgstr ""
6476
6482
6477
#: serverguide/C/security.xml:338(para)
6483
#: serverguide/C/security.xml:353(para)
6478
6484
msgid ""
6479
6485
"To disable the reboot action taken by pressing the "
6480
6486
"<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap></k"
6481
6487
"eycombo> key combination, comment out the following line in the file "
6482
"<filename>/etc/init/control-alt-delete.conf</filename>."
6488
"<filename>/etc/init/control-alt-delete.conf</filename>:"
6483
6489
msgstr ""
6484
6490
6485
#: serverguide/C/security.xml:341(programlisting)
6491
#: serverguide/C/security.xml:356(programlisting)
6486
6492
#, no-wrap
6487
6493
msgid ""
6488
6494
"\n"
6489
6495
"#exec shutdown -r now \"Control-Alt-Delete pressed\"\n"
6490
6496
msgstr ""
6491
6497
6492
#: serverguide/C/security.xml:350(title)
6498
#: serverguide/C/security.xml:365(title)
6493
6499
msgid "Firewall"
6494
6500
msgstr "Požarni zid"
6495
6501
6496
#: serverguide/C/security.xml:353(para)
6502
#: serverguide/C/security.xml:368(para)
6497
6503
msgid ""
6498
6504
"The Linux kernel includes the <emphasis>Netfilter</emphasis> subsystem, "
6499
6505
"which is used to manipulate or decide the fate of network traffic headed "
6501
6507
"system for packet filtering."
6502
6508
msgstr ""
6503
6509
6504
#: serverguide/C/security.xml:358(para)
6510
#: serverguide/C/security.xml:373(para)
6505
6511
msgid ""
6506
6512
"The kernel's packet filtering system would be of little use to "
6507
6513
"administrators without a userspace interface to manage it. This is the "
6508
"purpose of iptables. When a packet reaches your server, it will be handed "
6514
"purpose of iptables: When a packet reaches your server, it will be handed "
6509
6515
"off to the Netfilter subsystem for acceptance, manipulation, or rejection "
6510
6516
"based on the rules supplied to it from userspace via iptables. Thus, "
6511
"iptables is all you need to manage your firewall if you're familiar with it, "
6512
"but many frontends are available to simplify the task."
6517
"iptables is all you need to manage your firewall, if you're familiar with "
6518
"it, but many frontends are available to simplify the task."
6513
6519
msgstr ""
6514
6520
6515
#: serverguide/C/security.xml:368(title)
6521
#: serverguide/C/security.xml:383(title)
6516
6522
msgid "ufw - Uncomplicated Firewall"
6517
6523
msgstr ""
6518
6524
6519
#: serverguide/C/security.xml:369(para)
6525
#: serverguide/C/security.xml:384(para)
6520
6526
msgid ""
6521
6527
"The default firewall configuration tool for Ubuntu is "
6522
6528
"<application>ufw</application>. Developed to ease iptables firewall "
6523
"configuration, <application>ufw</application> provides a user friendly way "
6529
"configuration, <application>ufw</application> provides a user-friendly way "
6524
6530
"to create an IPv4 or IPv6 host-based firewall."
6525
6531
msgstr ""
6526
6532
6527
#: serverguide/C/security.xml:373(para)
6533
#: serverguide/C/security.xml:388(para)
6528
6534
msgid ""
6529
6535
"<application>ufw</application> by default is initially disabled. From the "
6530
6536
"<application>ufw</application> man page:"
6531
6537
msgstr ""
6532
6538
6533
#: serverguide/C/security.xml:377(quote)
6539
#: serverguide/C/security.xml:392(quote)
6534
6540
msgid ""
6535
6541
"ufw is not intended to provide complete firewall functionality via its "
6536
6542
"command interface, but instead provides an easy way to add or remove simple "
6537
6543
"rules. It is currently mainly used for host-based firewalls."
6538
6544
msgstr ""
6539
6545
6540
#: serverguide/C/security.xml:381(para)
6546
#: serverguide/C/security.xml:396(para)
6541
6547
msgid ""
6542
6548
"The following are some examples of how to use <application>ufw</application>:"
6543
6549
msgstr ""
6544
6550
6545
#: serverguide/C/security.xml:386(para)
6551
#: serverguide/C/security.xml:401(para)
6546
6552
msgid ""
6547
6553
"First, <application>ufw</application> needs to be enabled. From a terminal "
6548
6554
"prompt enter:"
6549
6555
msgstr ""
6550
6556
6551
#: serverguide/C/security.xml:390(command)
6557
#: serverguide/C/security.xml:405(command)
6552
6558
msgid "sudo ufw enable"
6553
6559
msgstr "sudo ufw enable"
6554
6560
6555
#: serverguide/C/security.xml:394(para)
6556
msgid "To open a port (ssh in this example):"
6561
#: serverguide/C/security.xml:409(para)
6562
msgid "To open a port (SSH in this example):"
6557
6563
msgstr ""
6558
6564
6559
#: serverguide/C/security.xml:398(command)
6565
#: serverguide/C/security.xml:413(command)
6560
6566
msgid "sudo ufw allow 22"
6561
6567
msgstr "sudo ufw allow 22"
6562
6568
6563
#: serverguide/C/security.xml:402(para)
6569
#: serverguide/C/security.xml:417(para)
6564
6570
msgid "Rules can also be added using a <emphasis>numbered</emphasis> format:"
6565
6571
msgstr ""
6566
6572
6567
#: serverguide/C/security.xml:406(command)
6573
#: serverguide/C/security.xml:421(command)
6568
6574
msgid "sudo ufw insert 1 allow 80"
6569
6575
msgstr "sudo ufw insert 1 allow 80"
6570
6576
6571
#: serverguide/C/security.xml:410(para)
6577
#: serverguide/C/security.xml:425(para)
6572
6578
msgid "Similarly, to close an opened port:"
6573
6579
msgstr ""
6574
6580
6575
#: serverguide/C/security.xml:414(command)
6581
#: serverguide/C/security.xml:429(command)
6576
6582
msgid "sudo ufw deny 22"
6577
6583
msgstr "sudo ufw deny 22"
6578
6584
6579
#: serverguide/C/security.xml:418(para)
6585
#: serverguide/C/security.xml:433(para)
6580
6586
msgid "To remove a rule, use delete followed by the rule:"
6581
6587
msgstr ""
6582
6588
6583
#: serverguide/C/security.xml:422(command)
6589
#: serverguide/C/security.xml:437(command)
6584
6590
msgid "sudo ufw delete deny 22"
6585
6591
msgstr "sudo ufw delete deny 22"
6586
6592
6587
#: serverguide/C/security.xml:426(para)
6593
#: serverguide/C/security.xml:441(para)
6588
6594
msgid ""
6589
6595
"It is also possible to allow access from specific hosts or networks to a "
6590
"port. The following example allows ssh access from host 192.168.0.2 to any "
6591
"ip address on this host:"
6596
"port. The following example allows SSH access from host 192.168.0.2 to any "
6597
"IP address on this host:"
6592
6598
msgstr ""
6593
6599
6594
#: serverguide/C/security.xml:431(command)
6600
#: serverguide/C/security.xml:446(command)
6595
6601
msgid "sudo ufw allow proto tcp from 192.168.0.2 to any port 22"
6596
6602
msgstr ""
6597
6603
6598
#: serverguide/C/security.xml:433(para)
6604
#: serverguide/C/security.xml:448(para)
6599
6605
msgid ""
6600
"Replace 192.168.0.2 with 192.168.0.0/24 to allow ssh access from the entire "
6606
"Replace 192.168.0.2 with 192.168.0.0/24 to allow SSH access from the entire "
6601
6607
"subnet."
6602
6608
msgstr ""
6603
6609
6604
#: serverguide/C/security.xml:439(para)
6610
#: serverguide/C/security.xml:454(para)
6605
6611
msgid ""
6606
6612
"Adding the <emphasis>--dry-run</emphasis> option to a "
6607
6613
"<emphasis>ufw</emphasis> command will output the resulting rules, but not "
6609
6615
"the HTTP port:"
6610
6616
msgstr ""
6611
6617
6612
#: serverguide/C/security.xml:445(command)
6618
#: serverguide/C/security.xml:460(command)
6613
6619
msgid "sudo ufw --dry-run allow http"
6614
6620
msgstr "sudo ufw --dry-run allow http"
6615
6621
6616
#: serverguide/C/security.xml:449(computeroutput)
6622
#: serverguide/C/security.xml:464(computeroutput)
6617
6623
#, no-wrap
6618
6624
msgid ""
6619
6625
"*filter\n"
6639
6645
"Rules updated"
6640
6646
msgstr ""
6641
6647
6642
#: serverguide/C/security.xml:473(para)
6648
#: serverguide/C/security.xml:488(para)
6643
6649
msgid "<application>ufw</application> can be disabled by:"
6644
6650
msgstr ""
6645
6651
6646
#: serverguide/C/security.xml:477(command)
6652
#: serverguide/C/security.xml:492(command)
6647
6653
msgid "sudo ufw disable"
6648
6654
msgstr "sudo ufw disable"
6649
6655
6650
#: serverguide/C/security.xml:481(para)
6656
#: serverguide/C/security.xml:496(para)
6651
6657
msgid "To see the firewall status, enter:"
6652
6658
msgstr "Za pregled stanja požarnega zidu vnesite:"
6653
6659
6654
#: serverguide/C/security.xml:485(command)
6660
#: serverguide/C/security.xml:500(command)
6655
6661
msgid "sudo ufw status"
6656
6662
msgstr "sudo ufw status"
6657
6663
6658
#: serverguide/C/security.xml:489(para)
6664
#: serverguide/C/security.xml:504(para)
6659
6665
msgid "And for more verbose status information use:"
6660
6666
msgstr ""
6661
6667
6662
#: serverguide/C/security.xml:493(command)
6668
#: serverguide/C/security.xml:508(command)
6663
6669
msgid "sudo ufw status verbose"
6664
6670
msgstr "sudo ufw status verbose"
6665
6671
6666
#: serverguide/C/security.xml:497(para)
6672
#: serverguide/C/security.xml:512(para)
6667
6673
msgid "To view the <emphasis>numbered</emphasis> format:"
6668
6674
msgstr ""
6669
6675
6670
#: serverguide/C/security.xml:501(command)
6676
#: serverguide/C/security.xml:516(command)
6671
6677
msgid "sudo ufw status numbered"
6672
6678
msgstr "sudo ufw status numbered"
6673
6679
6674
#: serverguide/C/security.xml:506(para)
6680
#: serverguide/C/security.xml:521(para)
6675
6681
msgid ""
6676
6682
"If the port you want to open or close is defined in "
6677
6683
"<filename>/etc/services</filename>, you can use the port name instead of the "
6679
6685
"<emphasis>ssh</emphasis>."
6680
6686
msgstr ""
6681
6687
6682
#: serverguide/C/security.xml:512(para)
6688
#: serverguide/C/security.xml:527(para)
6683
6689
msgid ""
6684
6690
"This is a quick introduction to using <application>ufw</application>. Please "
6685
6691
"refer to the <application>ufw</application> man page for more information."
6686
6692
msgstr ""
6687
6693
6688
#: serverguide/C/security.xml:518(title)
6694
#: serverguide/C/security.xml:533(title)
6689
6695
msgid "ufw Application Integration"
6690
6696
msgstr ""
6691
6697
6692
#: serverguide/C/security.xml:520(para)
6698
#: serverguide/C/security.xml:535(para)
6693
6699
msgid ""
6694
6700
"Applications that open ports can include an <application>ufw</application> "
6695
6701
"profile, which details the ports needed for the application to function "
6698
6704
"the default ports have been changed."
6699
6705
msgstr ""
6700
6706
6701
#: serverguide/C/security.xml:529(para)
6707
#: serverguide/C/security.xml:544(para)
6702
6708
msgid ""
6703
6709
"To view which applications have installed a profile, enter the following in "
6704
6710
"a terminal:"
6705
6711
msgstr ""
6706
6712
6707
#: serverguide/C/security.xml:534(command)
6713
#: serverguide/C/security.xml:549(command)
6708
6714
msgid "sudo ufw app list"
6709
6715
msgstr "sudo ufw app list"
6710
6716
6711
#: serverguide/C/security.xml:540(para)
6717
#: serverguide/C/security.xml:555(para)
6712
6718
msgid ""
6713
6719
"Similar to allowing traffic to a port, using an application profile is "
6714
6720
"accomplished by entering:"
6715
6721
msgstr ""
6716
6722
6717
#: serverguide/C/security.xml:545(command)
6723
#: serverguide/C/security.xml:560(command)
6718
6724
msgid "sudo ufw allow Samba"
6719
6725
msgstr "sudo ufw allow Samba"
6720
6726
6721
#: serverguide/C/security.xml:551(para)
6727
#: serverguide/C/security.xml:566(para)
6722
6728
msgid "An extended syntax is available as well:"
6723
6729
msgstr ""
6724
6730
6725
#: serverguide/C/security.xml:556(command)
6731
#: serverguide/C/security.xml:571(command)
6726
6732
msgid "ufw allow from 192.168.0.0/24 to any app Samba"
6727
6733
msgstr ""
6728
6734
6729
#: serverguide/C/security.xml:559(para)
6735
#: serverguide/C/security.xml:574(para)
6730
6736
msgid ""
6731
6737
"Replace <emphasis>Samba</emphasis> and <emphasis>192.168.0.0/24</emphasis> "
6732
6738
"with the application profile you are using and the IP range for your network."
6733
6739
msgstr ""
6734
6740
6735
#: serverguide/C/security.xml:565(para)
6741
#: serverguide/C/security.xml:580(para)
6736
6742
msgid ""
6737
6743
"There is no need to specify the <emphasis>protocol</emphasis> for the "
6738
6744
"application, because that information is detailed in the profile. Also, note "
6740
6746
"<emphasis>port</emphasis> number."
6741
6747
msgstr ""
6742
6748
6743
#: serverguide/C/security.xml:574(para)
6749
#: serverguide/C/security.xml:589(para)
6744
6750
msgid ""
6745
"To view details about which ports, protocols, etc are defined for an "
6751
"To view details about which ports, protocols, etc., are defined for an "
6746
6752
"application, enter:"
6747
6753
msgstr ""
6748
6754
6749
#: serverguide/C/security.xml:579(command)
6755
#: serverguide/C/security.xml:594(command)
6750
6756
msgid "sudo ufw app info Samba"
6751
6757
msgstr "sudo ufw app info Samba"
6752
6758
6753
#: serverguide/C/security.xml:585(para)
6759
#: serverguide/C/security.xml:600(para)
6754
6760
msgid ""
6755
6761
"Not all applications that require opening a network port come with "
6756
6762
"<application>ufw</application> profiles, but if you have profiled an "
6758
6764
"bug against the package in Launchpad."
6759
6765
msgstr ""
6760
6766
6761
#: serverguide/C/security.xml:591(command)
6767
#: serverguide/C/security.xml:606(command)
6762
6768
msgid "ubuntu-bug nameofpackage"
6763
6769
msgstr ""
6764
6770
6765
#: serverguide/C/security.xml:597(title)
6771
#: serverguide/C/security.xml:612(title)
6766
6772
msgid "IP Masquerading"
6767
6773
msgstr ""
6768
6774
6769
#: serverguide/C/security.xml:598(para)
6775
#: serverguide/C/security.xml:613(para)
6770
6776
msgid ""
6771
6777
"The purpose of IP Masquerading is to allow machines with private, non-"
6772
6778
"routable IP addresses on your network to access the Internet through the "
6783
6789
"to in Microsoft documentation as Internet Connection Sharing."
6784
6790
msgstr ""
6785
6791
6786
#: serverguide/C/security.xml:614(title)
6792
#: serverguide/C/security.xml:629(title)
6787
6793
msgid "ufw Masquerading"
6788
6794
msgstr ""
6789
6795
6790
#: serverguide/C/security.xml:615(para)
6796
#: serverguide/C/security.xml:630(para)
6791
6797
msgid ""
6792
6798
"IP Masquerading can be achieved using custom <application>ufw</application> "
6793
6799
"rules. This is possible because the current back-end for "
6798
6804
"that are more network gateway or bridge related."
6799
6805
msgstr ""
6800
6806
6801
#: serverguide/C/security.xml:621(para)
6807
#: serverguide/C/security.xml:636(para)
6802
6808
msgid ""
6803
6809
"The rules are split into two different files, rules that should be executed "
6804
6810
"before <application>ufw</application> command line rules, and rules that are "
6805
6811
"executed after <application>ufw</application> command line rules."
6806
6812
msgstr ""
6807
6813
6808
#: serverguide/C/security.xml:627(para)
6814
#: serverguide/C/security.xml:642(para)
6809
6815
msgid ""
6810
6816
"First, packet forwarding needs to be enabled in "
6811
6817
"<application>ufw</application>. Two configuration files will need to be "
6813
6819
"<emphasis>DEFAULT_FORWARD_POLICY</emphasis> to <quote>ACCEPT</quote>:"
6814
6820
msgstr ""
6815
6821
6816
#: serverguide/C/security.xml:631(programlisting)
6822
#: serverguide/C/security.xml:646(programlisting)
6817
6823
#, no-wrap
6818
6824
msgid ""
6819
6825
"\n"
6820
6826
"DEFAULT_FORWARD_POLICY=\"ACCEPT\"\n"
6821
6827
msgstr ""
6822
6828
6823
#: serverguide/C/security.xml:634(para)
6829
#: serverguide/C/security.xml:649(para)
6824
6830
msgid "Then edit <filename>/etc/ufw/sysctl.conf</filename> and uncomment:"
6825
6831
msgstr ""
6826
6832
6827
#: serverguide/C/security.xml:637(programlisting)
6833
#: serverguide/C/security.xml:652(programlisting)
6828
6834
#, no-wrap
6829
6835
msgid ""
6830
6836
"\n"
6833
6839
"\n"
6834
6840
"net/ipv4/ip_forward=1\n"
6835
6841
6836
#: serverguide/C/security.xml:640(para)
6842
#: serverguide/C/security.xml:655(para)
6837
6843
msgid "Similarly, for IPv6 forwarding uncomment:"
6838
6844
msgstr ""
6839
6845
6840
#: serverguide/C/security.xml:643(programlisting)
6846
#: serverguide/C/security.xml:658(programlisting)
6841
6847
#, no-wrap
6842
6848
msgid ""
6843
6849
"\n"
6846
6852
"\n"
6847
6853
"net/ipv6/conf/default/forwarding=1\n"
6848
6854
6849
#: serverguide/C/security.xml:648(para)
6855
#: serverguide/C/security.xml:663(para)
6850
6856
msgid ""
6851
"Now we will add rules to the <filename>/etc/ufw/before.rules</filename> "
6852
"file. The default rules only configure the <emphasis>filter</emphasis> "
6853
"table, and to enable masquerading the <emphasis>nat</emphasis> table will "
6854
"need to be configured. Add the following to the top of the file just after "
6855
"the header comments:"
6857
"Now add rules to the <filename>/etc/ufw/before.rules</filename> file. The "
6858
"default rules only configure the <emphasis>filter</emphasis> table, and to "
6859
"enable masquerading the <emphasis>nat</emphasis> table will need to be "
6860
"configured. Add the following to the top of the file just after the header "
6861
"comments:"
6856
6862
msgstr ""
6857
6863
6858
#: serverguide/C/security.xml:653(programlisting)
6864
#: serverguide/C/security.xml:668(programlisting)
6859
6865
#, no-wrap
6860
6866
msgid ""
6861
6867
"\n"
6871
6877
"COMMIT\n"
6872
6878
msgstr ""
6873
6879
6874
#: serverguide/C/security.xml:664(para)
6880
#: serverguide/C/security.xml:679(para)
6875
6881
msgid ""
6876
6882
"The comments are not strictly necessary, but it is considered good practice "
6877
6883
"to document your configuration. Also, when modifying any of the "
6880
6886
"line for each table modified:"
6881
6887
msgstr ""
6882
6888
6883
#: serverguide/C/security.xml:670(programlisting)
6889
#: serverguide/C/security.xml:685(programlisting)
6884
6890
#, no-wrap
6885
6891
msgid ""
6886
6892
"\n"
6888
6894
"COMMIT\n"
6889
6895
msgstr ""
6890
6896
6891
#: serverguide/C/security.xml:675(para)
6897
#: serverguide/C/security.xml:690(para)
6892
6898
msgid ""
6893
6899
"For each <emphasis>Table</emphasis> a corresponding "
6894
6900
"<emphasis>COMMIT</emphasis> statement is required. In these examples only "
6897
6903
"<emphasis>mangle</emphasis> tables."
6898
6904
msgstr ""
6899
6905
6900
#: serverguide/C/security.xml:682(para)
6906
#: serverguide/C/security.xml:697(para)
6901
6907
msgid ""
6902
6908
"In the above example replace <emphasis>eth0</emphasis>, "
6903
6909
"<emphasis>eth1</emphasis>, and <emphasis>192.168.0.0/24</emphasis> with the "
6904
6910
"appropriate interfaces and IP range for your network."
6905
6911
msgstr ""
6906
6912
6907
#: serverguide/C/security.xml:690(para)
6913
#: serverguide/C/security.xml:705(para)
6908
6914
msgid ""
6909
6915
"Finally, disable and re-enable <application>ufw</application> to apply the "
6910
6916
"changes:"
6911
6917
msgstr ""
6912
6918
6913
#: serverguide/C/security.xml:694(command)
6919
#: serverguide/C/security.xml:709(command)
6914
6920
msgid "sudo ufw disable && sudo ufw enable"
6915
6921
msgstr ""
6916
6922
6917
#: serverguide/C/security.xml:698(para)
6923
#: serverguide/C/security.xml:713(para)
6918
6924
msgid ""
6919
6925
"IP Masquerading should now be enabled. You can also add any additional "
6920
6926
"FORWARD rules to the <filename>/etc/ufw/before.rules</filename>. It is "
6922
6928
"forward</emphasis> chain."
6923
6929
msgstr ""
6924
6930
6925
#: serverguide/C/security.xml:705(title)
6931
#: serverguide/C/security.xml:720(title)
6926
6932
msgid "iptables Masquerading"
6927
6933
msgstr ""
6928
6934
6929
#: serverguide/C/security.xml:706(para)
6935
#: serverguide/C/security.xml:721(para)
6930
6936
msgid ""
6931
6937
"<application>iptables</application> can also be used to enable Masquerading."
6932
6938
msgstr ""
6933
6939
6934
#: serverguide/C/security.xml:711(para)
6940
#: serverguide/C/security.xml:726(para)
6935
6941
msgid ""
6936
6942
"Similar to <application>ufw</application>, the first step is to enable IPv4 "
6937
6943
"packet forwarding by editing <filename>/etc/sysctl.conf</filename> and "
6938
"uncomment the following line"
6944
"uncomment the following line:"
6939
6945
msgstr ""
6940
6946
6941
#: serverguide/C/security.xml:715(programlisting)
6947
#: serverguide/C/security.xml:730(programlisting)
6942
6948
#, no-wrap
6943
6949
msgid ""
6944
6950
"\n"
6947
6953
"\n"
6948
6954
"net.ipv4.ip_forward=1\n"
6949
6955
6950
#: serverguide/C/security.xml:718(para)
6956
#: serverguide/C/security.xml:733(para)
6951
6957
msgid "If you wish to enable IPv6 forwarding also uncomment:"
6952
6958
msgstr ""
6953
6959
6954
#: serverguide/C/security.xml:721(programlisting)
6960
#: serverguide/C/security.xml:736(programlisting)
6955
6961
#, no-wrap
6956
6962
msgid ""
6957
6963
"\n"
6960
6966
"\n"
6961
6967
"net.ipv6.conf.default.forwarding=1\n"
6962
6968
6963
#: serverguide/C/security.xml:726(para)
6969
#: serverguide/C/security.xml:741(para)
6964
6970
msgid ""
6965
6971
"Next, execute the <application>sysctl</application> command to enable the "
6966
6972
"new settings in the configuration file:"
6967
6973
msgstr ""
6968
6974
6969
#: serverguide/C/security.xml:730(command)
6975
#: serverguide/C/security.xml:745(command)
6970
6976
msgid "sudo sysctl -p"
6971
6977
msgstr "sudo sysctl -p"
6972
6978
6973
#: serverguide/C/security.xml:734(para)
6979
#: serverguide/C/security.xml:749(para)
6974
6980
msgid ""
6975
6981
"IP Masquerading can now be accomplished with a single iptables rule, which "
6976
6982
"may differ slightly based on your network configuration:"
6977
6983
msgstr ""
6978
6984
6979
#: serverguide/C/security.xml:737(screen)
6985
#: serverguide/C/security.xml:752(screen)
6980
6986
#, no-wrap
6981
6987
msgid ""
6982
6988
"\n"
6983
6989
"sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE\n"
6984
6990
msgstr ""
6985
6991
6986
#: serverguide/C/security.xml:740(para)
6992
#: serverguide/C/security.xml:755(para)
6987
6993
msgid ""
6988
6994
"The above command assumes that your private address space is 192.168.0.0/16 "
6989
6995
"and that your Internet-facing device is ppp0. The syntax is broken down as "
6990
6996
"follows:"
6991
6997
msgstr ""
6992
6998
6993
#: serverguide/C/security.xml:745(para)
6999
#: serverguide/C/security.xml:760(para)
6994
7000
msgid "-t nat -- the rule is to go into the nat table"
6995
7001
msgstr ""
6996
7002
6997
#: serverguide/C/security.xml:746(para)
7003
#: serverguide/C/security.xml:761(para)
6998
7004
msgid ""
6999
7005
"-A POSTROUTING -- the rule is to be appended (-A) to the POSTROUTING chain"
7000
7006
msgstr ""
7001
7007
7002
#: serverguide/C/security.xml:747(para)
7008
#: serverguide/C/security.xml:762(para)
7003
7009
msgid ""
7004
7010
"-s 192.168.0.0/16 -- the rule applies to traffic originating from the "
7005
7011
"specified address space"
7006
7012
msgstr ""
7007
7013
7008
#: serverguide/C/security.xml:748(para)
7014
#: serverguide/C/security.xml:763(para)
7009
7015
msgid ""
7010
7016
"-o ppp0 -- the rule applies to traffic scheduled to be routed through the "
7011
7017
"specified network device"
7012
7018
msgstr ""
7013
7019
7014
#: serverguide/C/security.xml:750(para)
7020
#: serverguide/C/security.xml:765(para)
7015
7021
msgid ""
7016
7022
"-j MASQUERADE -- traffic matching this rule is to \"jump\" (-j) to the "
7017
7023
"MASQUERADE target to be manipulated as described above"
7018
7024
msgstr ""
7019
7025
7020
#: serverguide/C/security.xml:758(para)
7026
#: serverguide/C/security.xml:773(para)
7021
7027
msgid ""
7022
7028
"Also, each chain in the filter table (the default table, and where most or "
7023
7029
"all packet filtering occurs) has a default <emphasis>policy</emphasis> of "
7027
7033
"above rule to work:"
7028
7034
msgstr ""
7029
7035
7030
#: serverguide/C/security.xml:765(screen)
7036
#: serverguide/C/security.xml:780(screen)
7031
7037
#, no-wrap
7032
7038
msgid ""
7033
7039
"\n"
7036
7042
"--state ESTABLISHED,RELATED -i ppp0 -j ACCEPT\n"
7037
7043
msgstr ""
7038
7044
7039
#: serverguide/C/security.xml:770(para)
7045
#: serverguide/C/security.xml:785(para)
7040
7046
msgid ""
7041
7047
"The above commands will allow all connections from your local network to the "
7042
7048
"Internet and all traffic related to those connections to return to the "
7043
7049
"machine that initiated them."
7044
7050
msgstr ""
7045
7051
7046
#: serverguide/C/security.xml:777(para)
7052
#: serverguide/C/security.xml:792(para)
7047
7053
msgid ""
7048
7054
"If you want masquerading to be enabled on reboot, which you probably do, "
7049
7055
"edit <filename>/etc/rc.local</filename> and add any commands used above. For "
7050
7056
"example add the first command with no filtering:"
7051
7057
msgstr ""
7052
7058
7053
#: serverguide/C/security.xml:781(screen)
7059
#: serverguide/C/security.xml:796(screen)
7054
7060
#, no-wrap
7055
7061
msgid ""
7056
7062
"\n"
7057
7063
"iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE\n"
7058
7064
msgstr ""
7059
7065
7060
#: serverguide/C/security.xml:789(title)
7066
#: serverguide/C/security.xml:804(title)
7061
7067
msgid "Logs"
7062
7068
msgstr "Dnevniki"
7063
7069
7064
#: serverguide/C/security.xml:790(para)
7070
#: serverguide/C/security.xml:805(para)
7065
7071
msgid ""
7066
7072
"Firewall logs are essential for recognizing attacks, troubleshooting your "
7067
7073
"firewall rules, and noticing unusual activity on your network. You must "
7071
7077
"REJECT)."
7072
7078
msgstr ""
7073
7079
7074
#: serverguide/C/security.xml:797(para)
7080
#: serverguide/C/security.xml:812(para)
7075
7081
msgid ""
7076
7082
"If you are using <application>ufw</application>, you can turn on logging by "
7077
7083
"entering the following in a terminal:"
7078
7084
msgstr ""
7079
7085
7080
#: serverguide/C/security.xml:801(command)
7086
#: serverguide/C/security.xml:816(command)
7081
7087
msgid "sudo ufw logging on"
7082
7088
msgstr "sudo ufw logging on"
7083
7089
7084
#: serverguide/C/security.xml:803(para)
7090
#: serverguide/C/security.xml:818(para)
7085
7091
msgid ""
7086
7092
"To turn logging off in <application>ufw</application>, simply replace "
7087
7093
"<emphasis role=\"italic\">on</emphasis> with <emphasis "
7088
7094
"role=\"italic\">off</emphasis> in the above command."
7089
7095
msgstr ""
7090
7096
7091
#: serverguide/C/security.xml:806(para)
7097
#: serverguide/C/security.xml:821(para)
7092
7098
msgid ""
7093
7099
"If using <application>iptables</application> instead of "
7094
7100
"<application>ufw</application>, enter:"
7095
7101
msgstr ""
7096
7102
7097
#: serverguide/C/security.xml:809(screen)
7103
#: serverguide/C/security.xml:824(screen)
7098
7104
#, no-wrap
7099
7105
msgid ""
7100
7106
"\n"
7102
7108
"-j LOG --log-prefix \"NEW_HTTP_CONN: \"\n"
7103
7109
msgstr ""
7104
7110
7105
#: serverguide/C/security.xml:813(para)
7111
#: serverguide/C/security.xml:828(para)
7106
7112
msgid ""
7107
7113
"A request on port 80 from the local machine, then, would generate a log in "
7108
7114
"dmesg that looks like this (single line split into 3 to fit this document):"
7118
7124
"SPT=53981 DPT=80 WINDOW=32767 RES=0x00 SYN URGP=0\n"
7119
7125
msgstr ""
7120
7126
7121
#: serverguide/C/security.xml:822(para)
7127
#: serverguide/C/security.xml:836(para)
7122
7128
msgid ""
7123
7129
"The above log will also appear in <filename>/var/log/messages</filename>, "
7124
7130
"<filename>/var/log/syslog</filename>, and "
7135
7141
"or <application>lire</application>."
7136
7142
msgstr ""
7137
7143
7138
#: serverguide/C/security.xml:837(title)
7144
#: serverguide/C/security.xml:851(title)
7139
7145
msgid "Other Tools"
7140
7146
msgstr "Druga orodja"
7141
7147
7142
#: serverguide/C/security.xml:838(para)
7148
#: serverguide/C/security.xml:852(para)
7143
7149
msgid ""
7144
7150
"There are many tools available to help you construct a complete firewall "
7145
7151
"without intimate knowledge of iptables. For the GUI-inclined:"
7146
7152
msgstr ""
7147
7153
7148
#: serverguide/C/security.xml:844(para)
7154
#: serverguide/C/security.xml:858(para)
7149
7155
msgid ""
7150
7156
"<ulink url=\"http://www.fwbuilder.org/\">fwbuilder</ulink> is very powerful "
7151
7157
"and will look familiar to an administrator who has used a commercial "
7152
7158
"firewall utility such as <application>Checkpoint FireWall-1</application>."
7153
7159
msgstr ""
7154
7160
7155
#: serverguide/C/security.xml:850(para)
7161
#: serverguide/C/security.xml:864(para)
7156
7162
msgid ""
7157
7163
"If you prefer a command-line tool with plain-text configuration files:"
7158
7164
msgstr ""
7159
7165
7160
#: serverguide/C/security.xml:855(para)
7166
#: serverguide/C/security.xml:869(para)
7161
7167
msgid ""
7162
7168
"<ulink url=\"http://www.shorewall.net/\">Shorewall</ulink> is a very "
7163
7169
"powerful solution to help you configure an advanced firewall for any network."
7164
7170
msgstr ""
7165
7171
7166
#: serverguide/C/security.xml:866(para)
7172
#: serverguide/C/security.xml:880(para)
7167
7173
msgid ""
7168
7174
"The <ulink url=\"https://wiki.ubuntu.com/UncomplicatedFirewall\">Ubuntu "
7169
7175
"Firewall</ulink> wiki page contains information on the development of "
7170
7176
"<application>ufw</application>."
7171
7177
msgstr ""
7172
7178
7173
#: serverguide/C/security.xml:872(para)
7179
#: serverguide/C/security.xml:886(para)
7174
7180
msgid ""
7175
7181
"Also, the <application>ufw</application> manual page contains some very "
7176
7182
"useful information: <command>man ufw</command>."
7177
7183
msgstr ""
7178
7184
7179
#: serverguide/C/security.xml:877(para)
7185
#: serverguide/C/security.xml:891(para)
7180
7186
msgid ""
7181
7187
"See the <ulink url=\"http://www.netfilter.org/documentation/HOWTO/packet-"
7182
7188
"filtering-HOWTO.html\">packet-filtering-HOWTO</ulink> for more information "
7183
7189
"on using <application>iptables</application>."
7184
7190
msgstr ""
7185
7191
7186
#: serverguide/C/security.xml:883(para)
7192
#: serverguide/C/security.xml:897(para)
7187
7193
msgid ""
7188
7194
"The <ulink url=\"http://www.netfilter.org/documentation/HOWTO/NAT-"
7189
7195
"HOWTO.html\">nat-HOWTO</ulink> contains further details on masquerading."
7190
7196
msgstr ""
7191
7197
7192
#: serverguide/C/security.xml:889(para)
7198
#: serverguide/C/security.xml:903(para)
7193
7199
msgid ""
7194
7200
"The <ulink url=\"https://help.ubuntu.com/community/IptablesHowTo\">IPTables "
7195
7201
"HowTo</ulink> in the Ubuntu wiki is a great resource."
7196
7202
msgstr ""
7197
7203
7198
#: serverguide/C/security.xml:897(title)
7204
#: serverguide/C/security.xml:911(title)
7199
7205
msgid "AppArmor"
7200
7206
msgstr "AppArmor"
7201
7207
7202
#: serverguide/C/security.xml:898(para)
7208
#: serverguide/C/security.xml:912(para)
7203
7209
msgid ""
7204
7210
"<application>AppArmor</application> is a Linux Security Module "
7205
7211
"implementation of name-based mandatory access controls. AppArmor confines "
7207
7213
"capabilities."
7208
7214
msgstr ""
7209
7215
7210
#: serverguide/C/security.xml:902(para)
7216
#: serverguide/C/security.xml:916(para)
7211
7217
msgid ""
7212
7218
"<application>AppArmor</application> is installed and loaded by default. It "
7213
7219
"uses <emphasis>profiles</emphasis> of an application to determine what files "
7216
7222
"<application>apparmor-profiles</application> package."
7217
7223
msgstr ""
7218
7224
7219
#: serverguide/C/security.xml:907(para)
7225
#: serverguide/C/security.xml:921(para)
7220
7226
msgid ""
7221
7227
"To install the <application>apparmor-profiles</application> package from a "
7222
7228
"terminal prompt:"
7223
7229
msgstr ""
7224
7230
7225
#: serverguide/C/security.xml:911(command)
7231
#: serverguide/C/security.xml:925(command)
7226
7232
msgid "sudo apt-get install apparmor-profiles"
7227
7233
msgstr "sudo apt-get install apparmor-profiles"
7228
7234
7229
#: serverguide/C/security.xml:913(para)
7235
#: serverguide/C/security.xml:927(para)
7230
7236
msgid "AppArmor profiles have two modes of execution:"
7231
7237
msgstr ""
7232
7238
7233
#: serverguide/C/security.xml:918(para)
7239
#: serverguide/C/security.xml:932(para)
7234
7240
msgid ""
7235
7241
"Complaining/Learning: profile violations are permitted and logged. Useful "
7236
7242
"for testing and developing new profiles."
7237
7243
msgstr ""
7238
7244
7239
#: serverguide/C/security.xml:923(para)
7245
#: serverguide/C/security.xml:937(para)
7240
7246
msgid ""
7241
7247
"Enforced/Confined: enforces profile policy as well as logging the violation."
7242
7248
msgstr ""
7243
7249
7244
#: serverguide/C/security.xml:929(title)
7250
#: serverguide/C/security.xml:943(title)
7245
7251
msgid "Using AppArmor"
7246
7252
msgstr "Uporaba AppArmorja"
7247
7253
7252
7258
"#1304134</ulink>) and instructions will not work as advertised."
7253
7259
msgstr ""
7254
7260
7255
#: serverguide/C/security.xml:930(para)
7261
#: serverguide/C/security.xml:950(para)
7256
7262
msgid ""
7257
7263
"The <application>apparmor-utils</application> package contains command line "
7258
7264
"utilities that you can use to change the <application>AppArmor</application> "
7259
7265
"execution mode, find the status of a profile, create new profiles, etc."
7260
7266
msgstr ""
7261
7267
7262
#: serverguide/C/security.xml:936(para)
7268
#: serverguide/C/security.xml:956(para)
7263
7269
msgid ""
7264
7270
"<application>apparmor_status</application> is used to view the current "
7265
7271
"status of AppArmor profiles."
7266
7272
msgstr ""
7267
7273
7268
#: serverguide/C/security.xml:940(command)
7274
#: serverguide/C/security.xml:960(command)
7269
7275
msgid "sudo apparmor_status"
7270
7276
msgstr "sudo apparmor_status"
7271
7277
7272
#: serverguide/C/security.xml:944(para)
7278
#: serverguide/C/security.xml:964(para)
7273
7279
msgid ""
7274
7280
"<application>aa-complain</application> places a profile into "
7275
7281
"<emphasis>complain</emphasis> mode."
7276
7282
msgstr ""
7277
7283
7278
#: serverguide/C/security.xml:948(command)
7284
#: serverguide/C/security.xml:968(command)
7279
7285
msgid "sudo aa-complain /path/to/bin"
7280
7286
msgstr ""
7281
7287
7282
#: serverguide/C/security.xml:952(para)
7288
#: serverguide/C/security.xml:972(para)
7283
7289
msgid ""
7284
7290
"<application>aa-enforce</application> places a profile into "
7285
7291
"<emphasis>enforce</emphasis> mode."
7286
7292
msgstr ""
7287
7293
7288
#: serverguide/C/security.xml:956(command)
7294
#: serverguide/C/security.xml:976(command)
7289
7295
msgid "sudo aa-enforce /path/to/bin"
7290
7296
msgstr ""
7291
7297
7292
#: serverguide/C/security.xml:960(para)
7298
#: serverguide/C/security.xml:980(para)
7293
7299
msgid ""
7294
7300
"The <filename>/etc/apparmor.d</filename> directory is where the AppArmor "
7295
7301
"profiles are located. It can be used to manipulate the "
7296
7302
"<emphasis>mode</emphasis> of all profiles."
7297
7303
msgstr ""
7298
7304
7299
#: serverguide/C/security.xml:964(para)
7305
#: serverguide/C/security.xml:984(para)
7300
7306
msgid "Enter the following to place all profiles into complain mode:"
7301
7307
msgstr ""
7302
7308
7303
#: serverguide/C/security.xml:968(command)
7309
#: serverguide/C/security.xml:988(command)
7304
7310
msgid "sudo aa-complain /etc/apparmor.d/*"
7305
7311
msgstr "sudo aa-complain /etc/apparmor.d/*"
7306
7312
7307
#: serverguide/C/security.xml:970(para)
7313
#: serverguide/C/security.xml:990(para)
7308
7314
msgid "To place all profiles in enforce mode:"
7309
7315
msgstr ""
7310
7316
7311
#: serverguide/C/security.xml:974(command)
7317
#: serverguide/C/security.xml:994(command)
7312
7318
msgid "sudo aa-enforce /etc/apparmor.d/*"
7313
7319
msgstr "sudo aa-enforce /etc/apparmor.d/*"
7314
7320
7315
#: serverguide/C/security.xml:978(para)
7321
#: serverguide/C/security.xml:998(para)
7316
7322
msgid ""
7317
7323
"<application>apparmor_parser</application> is used to load a profile into "
7318
7324
"the kernel. It can also be used to reload a currently loaded profile using "
7319
7325
"the <emphasis>-r</emphasis> option. To load a profile:"
7320
7326
msgstr ""
7321
7327
7322
#: serverguide/C/security.xml:983(command) serverguide/C/security.xml:1015(command)
7328
#: serverguide/C/security.xml:1003(command) serverguide/C/security.xml:1035(command)
7323
7329
msgid "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a"
7324
7330
msgstr "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a"
7325
7331
7326
#: serverguide/C/security.xml:985(para)
7332
#: serverguide/C/security.xml:1005(para)
7327
7333
msgid "To reload a profile:"
7328
7334
msgstr ""
7329
7335
7330
#: serverguide/C/security.xml:989(command)
7336
#: serverguide/C/security.xml:1009(command)
7331
7337
msgid "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -r"
7332
7338
msgstr "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -r"
7333
7339
7337
7343
"<emphasis>reload</emphasis> all profiles:"
7338
7344
msgstr ""
7339
7345
7340
#: serverguide/C/network-auth.xml:964(command)
7346
#: serverguide/C/security.xml:1017(command) serverguide/C/network-auth.xml:971(command)
7341
7347
msgid "sudo service apparmor reload"
7342
7348
msgstr ""
7343
7349
7344
#: serverguide/C/security.xml:1001(para)
7350
#: serverguide/C/security.xml:1021(para)
7345
7351
msgid ""
7346
7352
"The <filename>/etc/apparmor.d/disable</filename> directory can be used along "
7347
7353
"with the <application>apparmor_parser -R</application> option to "
7348
7354
"<emphasis>disable</emphasis> a profile."
7349
7355
msgstr ""
7350
7356
7351
#: serverguide/C/security.xml:1006(command)
7357
#: serverguide/C/security.xml:1026(command)
7352
7358
msgid "sudo ln -s /etc/apparmor.d/profile.name /etc/apparmor.d/disable/"
7353
7359
msgstr "sudo ln -s /etc/apparmor.d/ime.profila /etc/apparmor.d/disable/"
7354
7360
7355
#: serverguide/C/security.xml:1007(command)
7361
#: serverguide/C/security.xml:1027(command)
7356
7362
msgid "sudo apparmor_parser -R /etc/apparmor.d/profile.name"
7357
7363
msgstr "sudo apparmor_parser -R /etc/apparmor.d/ime.profila"
7358
7364
7359
#: serverguide/C/security.xml:1009(para)
7365
#: serverguide/C/security.xml:1029(para)
7360
7366
msgid ""
7361
7367
"To <emphasis>re-enable</emphasis> a disabled profile remove the symbolic "
7362
7368
"link to the profile in <filename>/etc/apparmor.d/disable/</filename>. Then "
7363
7369
"load the profile using the <emphasis>-a</emphasis> option."
7364
7370
msgstr ""
7365
7371
7366
#: serverguide/C/security.xml:1014(command)
7372
#: serverguide/C/security.xml:1034(command)
7367
7373
msgid "sudo rm /etc/apparmor.d/disable/profile.name"
7368
7374
msgstr "sudo rm /etc/apparmor.d/disable/ime.profila"
7369
7375
7370
#: serverguide/C/security.xml:1019(para)
7376
#: serverguide/C/security.xml:1039(para)
7371
7377
msgid ""
7372
7378
"<application>AppArmor</application> can be disabled, and the kernel module "
7373
7379
"unloaded by entering the following:"
7377
7383
msgid "sudo service apparmor stop"
7378
7384
msgstr ""
7379
7385
7380
#: serverguide/C/security.xml:1024(command)
7386
#: serverguide/C/security.xml:1044(command)
7381
7387
msgid "sudo update-rc.d -f apparmor remove"
7382
7388
msgstr "sudo update-rc.d -f apparmor remove"
7383
7389
7384
#: serverguide/C/security.xml:1028(para)
7390
#: serverguide/C/security.xml:1048(para)
7385
7391
msgid "To re-enable <application>AppArmor</application> enter:"
7386
7392
msgstr ""
7387
7393
7389
7395
msgid "sudo service apparmor start"
7390
7396
msgstr ""
7391
7397
7392
#: serverguide/C/security.xml:1033(command)
7398
#: serverguide/C/security.xml:1053(command)
7393
7399
msgid "sudo update-rc.d apparmor defaults"
7394
7400
msgstr "sudo update-rc.d apparmor defaults"
7395
7401
7396
#: serverguide/C/security.xml:1038(para)
7402
#: serverguide/C/security.xml:1058(para)
7397
7403
msgid ""
7398
7404
"Replace <emphasis>profile.name</emphasis> with the name of the profile you "
7399
7405
"want to manipulate. Also, replace <filename>/path/to/bin/</filename> with "
7401
7407
"<application>ping</application> command use <filename>/bin/ping</filename>"
7402
7408
msgstr ""
7403
7409
7404
#: serverguide/C/security.xml:1046(title)
7410
#: serverguide/C/security.xml:1066(title)
7405
7411
msgid "Profiles"
7406
7412
msgstr "Profili"
7407
7413
7408
#: serverguide/C/security.xml:1047(para)
7414
#: serverguide/C/security.xml:1067(para)
7409
7415
msgid ""
7410
7416
"<application>AppArmor</application> profiles are simple text files located "
7411
7417
"in <filename>/etc/apparmor.d/</filename>. The files are named after the full "
7414
7420
"profile for the <filename>/bin/ping</filename> command."
7415
7421
msgstr ""
7416
7422
7417
#: serverguide/C/security.xml:1053(para)
7423
#: serverguide/C/security.xml:1073(para)
7418
7424
msgid "There are two main type of rules used in profiles:"
7419
7425
msgstr ""
7420
7426
7421
#: serverguide/C/security.xml:1058(para)
7427
#: serverguide/C/security.xml:1078(para)
7422
7428
msgid ""
7423
"<emphasis>Path entries:</emphasis> which detail which files an application "
7424
"can access in the file system."
7429
"<emphasis>Path entries:</emphasis> detail which files an application can "
7430
"access in the file system."
7425
7431
msgstr ""
7426
7432
7427
#: serverguide/C/security.xml:1063(para)
7433
#: serverguide/C/security.xml:1083(para)
7428
7434
msgid ""
7429
7435
"<emphasis>Capability entries:</emphasis> determine what privileges a "
7430
7436
"confined process is allowed to use."
7431
7437
msgstr ""
7432
7438
7433
#: serverguide/C/security.xml:1068(para)
7439
#: serverguide/C/security.xml:1088(para)
7434
7440
msgid ""
7435
"As an example take a look at <filename>/etc/apparmor.d/bin.ping</filename>:"
7441
"As an example, take a look at <filename>/etc/apparmor.d/bin.ping</filename>:"
7436
7442
msgstr ""
7437
7443
7438
#: serverguide/C/security.xml:1071(programlisting)
7444
#: serverguide/C/security.xml:1091(programlisting)
7439
7445
#, no-wrap
7440
7446
msgid ""
7441
7447
"\n"
7454
7460
"}\n"
7455
7461
msgstr ""
7456
7462
7457
#: serverguide/C/security.xml:1088(para)
7463
#: serverguide/C/security.xml:1108(para)
7458
7464
msgid ""
7459
7465
"<emphasis>#include <tunables/global>:</emphasis> include statements "
7460
7466
"from other files. This allows statements pertaining to multiple applications "
7461
7467
"to be placed in a common file."
7462
7468
msgstr ""
7463
7469
7464
#: serverguide/C/security.xml:1094(para)
7470
#: serverguide/C/security.xml:1114(para)
7465
7471
msgid ""
7466
7472
"<emphasis>/bin/ping flags=(complain):</emphasis> path to the profiled "
7467
7473
"program, also setting the mode to <emphasis>complain</emphasis>."
7468
7474
msgstr ""
7469
7475
7470
#: serverguide/C/security.xml:1100(para)
7476
#: serverguide/C/security.xml:1120(para)
7471
7477
msgid ""
7472
7478
"<emphasis>capability net_raw,:</emphasis> allows the application access to "
7473
7479
"the CAP_NET_RAW Posix.1e capability."
7474
7480
msgstr ""
7475
7481
7476
#: serverguide/C/security.xml:1105(para)
7482
#: serverguide/C/security.xml:1125(para)
7477
7483
msgid ""
7478
7484
"<emphasis>/bin/ping mixr,:</emphasis> allows the application read and "
7479
7485
"execute access to the file."
7480
7486
msgstr ""
7481
7487
7482
#: serverguide/C/security.xml:1111(para)
7488
#: serverguide/C/security.xml:1131(para)
7483
7489
msgid ""
7484
7490
"After editing a profile file the profile must be reloaded. See <xref "
7485
7491
"linkend=\"apparmor-usage\"/> for details."
7486
7492
msgstr ""
7487
7493
7488
#: serverguide/C/security.xml:1116(title)
7494
#: serverguide/C/security.xml:1136(title)
7489
7495
msgid "Creating a Profile"
7490
7496
msgstr "Ustvarjanje profila"
7491
7497
7492
#: serverguide/C/security.xml:1119(para)
7498
#: serverguide/C/security.xml:1139(para)
7493
7499
msgid ""
7494
7500
"<emphasis>Design a test plan:</emphasis> Try to think about how the "
7495
7501
"application should be exercised. The test plan should be divided into small "
7497
7503
"steps to follow."
7498
7504
msgstr ""
7499
7505
7500
#: serverguide/C/security.xml:1123(para)
7506
#: serverguide/C/security.xml:1143(para)
7501
7507
msgid "Some standard test cases are:"
7502
7508
msgstr ""
7503
7509
7504
#: serverguide/C/security.xml:1128(para)
7510
#: serverguide/C/security.xml:1148(para)
7505
7511
msgid "Starting the program."
7506
7512
msgstr "Zaganjanje programa."
7507
7513
7508
#: serverguide/C/security.xml:1133(para)
7514
#: serverguide/C/security.xml:1153(para)
7509
7515
msgid "Stopping the program."
7510
7516
msgstr "Zaustavljanje programa."
7511
7517
7512
#: serverguide/C/security.xml:1138(para)
7518
#: serverguide/C/security.xml:1158(para)
7513
7519
msgid "Reloading the program."
7514
7520
msgstr ""
7515
7521
7516
#: serverguide/C/security.xml:1143(para)
7522
#: serverguide/C/security.xml:1163(para)
7517
7523
msgid "Testing all the commands supported by the init script."
7518
7524
msgstr ""
7519
7525
7520
#: serverguide/C/security.xml:1150(para)
7526
#: serverguide/C/security.xml:1170(para)
7521
7527
msgid ""
7522
7528
"<emphasis>Generate the new profile:</emphasis> Use <application>aa-"
7523
7529
"genprof</application> to generate a new profile. From a terminal:"
7524
7530
msgstr ""
7525
7531
7526
#: serverguide/C/security.xml:1155(command)
7532
#: serverguide/C/security.xml:1175(command)
7527
7533
msgid "sudo aa-genprof executable"
7528
7534
msgstr "sudo aa-genprof executable"
7529
7535
7530
#: serverguide/C/security.xml:1157(para)
7536
#: serverguide/C/security.xml:1177(para)
7531
7537
msgid "For example:"
7532
7538
msgstr "Na primer:"
7533
7539
7534
#: serverguide/C/security.xml:1161(command)
7540
#: serverguide/C/security.xml:1181(command)
7535
7541
msgid "sudo aa-genprof slapd"
7536
7542
msgstr "sudo aa-genprof slapd"
7537
7543
7538
#: serverguide/C/security.xml:1165(para)
7544
#: serverguide/C/security.xml:1185(para)
7539
7545
msgid ""
7540
7546
"To get your new profile included in the <application>apparmor-"
7541
7547
"profiles</application> package, file a bug in <emphasis>Launchpad</emphasis> "
7544
7550
"/ulink> package:"
7545
7551
msgstr ""
7546
7552
7547
#: serverguide/C/security.xml:1172(para)
7553
#: serverguide/C/security.xml:1192(para)
7548
7554
msgid "Include your test plan and test cases."
7549
7555
msgstr ""
7550
7556
7551
#: serverguide/C/security.xml:1177(para)
7557
#: serverguide/C/security.xml:1197(para)
7552
7558
msgid "Attach your new profile to the bug."
7553
7559
msgstr "Hrošču priložite vaš novi profil."
7554
7560
7555
#: serverguide/C/security.xml:1186(title)
7561
#: serverguide/C/security.xml:1206(title)
7556
7562
msgid "Updating Profiles"
7557
7563
msgstr "Posodabljanje profilov"
7558
7564
7559
#: serverguide/C/security.xml:1187(para)
7565
#: serverguide/C/security.xml:1207(para)
7560
7566
msgid ""
7561
7567
"When the program is misbehaving, audit messages are sent to the log files. "
7562
7568
"The program <application>aa-logprof</application> can be used to scan log "
7564
7570
"and update the profiles. From a terminal:"
7565
7571
msgstr ""
7566
7572
7567
#: serverguide/C/security.xml:1192(command)
7573
#: serverguide/C/security.xml:1212(command)
7568
7574
msgid "sudo aa-logprof"
7569
7575
msgstr "sudo aa-logprof"
7570
7576
7571
#: serverguide/C/security.xml:1200(para)
7577
#: serverguide/C/security.xml:1220(para)
7572
7578
msgid ""
7573
7579
"See the <ulink "
7574
7580
"url=\"http://www.novell.com/documentation/apparmor/apparmor201_sp10_admin/ind"
7577
7583
"configuration options."
7578
7584
msgstr ""
7579
7585
7580
#: serverguide/C/security.xml:1207(para)
7586
#: serverguide/C/security.xml:1227(para)
7581
7587
msgid ""
7582
7588
"For details using AppArmor with other Ubuntu releases see the <ulink "
7583
7589
"url=\"https://help.ubuntu.com/community/AppArmor\"> AppArmor Community "
7584
7590
"Wiki</ulink> page."
7585
7591
msgstr ""
7586
7592
7587
#: serverguide/C/security.xml:1215(para)
7593
#: serverguide/C/security.xml:1235(para)
7588
7594
msgid ""
7589
7595
"The <ulink url=\"http://en.opensuse.org/SDB:AppArmor_geeks\">OpenSUSE "
7590
7596
"AppArmor</ulink> page is another introduction to AppArmor."
7591
7597
msgstr ""
7592
7598
7593
#: serverguide/C/security.xml:1222(para)
7599
#: serverguide/C/security.xml:1242(para)
7594
7600
msgid ""
7595
7601
"A great place to ask for <application>AppArmor</application> assistance, and "
7596
7602
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
7598
7604
"url=\"http://freenode.net\">freenode</ulink>."
7599
7605
msgstr ""
7600
7606
7601
#: serverguide/C/security.xml:1232(title)
7607
#: serverguide/C/security.xml:1252(title)
7602
7608
msgid "Certificates"
7603
7609
msgstr "Potrdila"
7604
7610
7605
#: serverguide/C/security.xml:1233(para)
7611
#: serverguide/C/security.xml:1253(para)
7606
7612
msgid ""
7607
7613
"One of the most common forms of cryptography today is <emphasis>public-"
7608
7614
"key</emphasis> cryptography. Public-key cryptography utilizes a "
7612
7618
"the private key."
7613
7619
msgstr ""
7614
7620
7615
#: serverguide/C/security.xml:1239(para)
7621
#: serverguide/C/security.xml:1259(para)
7616
7622
msgid ""
7617
7623
"A common use for public-key cryptography is encrypting application traffic "
7618
7624
"using a Secure Socket Layer (SSL) or Transport Layer Security (TLS) "
7619
"connection. For example, configuring Apache to provide "
7625
"connection. One example: configuring Apache to provide "
7620
7626
"<emphasis>HTTPS</emphasis>, the HTTP protocol over SSL. This allows a way to "
7621
7627
"encrypt traffic using a protocol that does not itself provide encryption."
7622
7628
msgstr ""
7623
7629
7624
#: serverguide/C/security.xml:1244(para)
7630
#: serverguide/C/security.xml:1264(para)
7625
7631
msgid ""
7626
7632
"A <emphasis>Certificate</emphasis> is a method used to distribute a "
7627
7633
"<emphasis>public key</emphasis> and other information about a server and the "
7628
7634
"organization who is responsible for it. Certificates can be digitally signed "
7629
"by a <emphasis>Certification Authority</emphasis> or CA. A CA is a trusted "
7635
"by a <emphasis>Certification Authority</emphasis>, or CA. A CA is a trusted "
7630
7636
"third party that has confirmed that the information contained in the "
7631
7637
"certificate is accurate."
7632
7638
msgstr ""
7633
7639
7634
#: serverguide/C/security.xml:1251(title)
7640
#: serverguide/C/security.xml:1271(title)
7635
7641
msgid "Types of Certificates"
7636
7642
msgstr "Vrste potrdil"
7637
7643
7638
#: serverguide/C/security.xml:1252(para)
7644
#: serverguide/C/security.xml:1272(para)
7639
7645
msgid ""
7640
7646
"To set up a secure server using public-key cryptography, in most cases, you "
7641
7647
"send your certificate request (including your public key), proof of your "
7645
7651
"signed</emphasis> certificate."
7646
7652
msgstr ""
7647
7653
7648
#: serverguide/C/security.xml:1262(para)
7654
#: serverguide/C/security.xml:1282(para)
7649
7655
msgid ""
7650
"Note, that self-signed certificates should not be used in most production "
7656
"Note that self-signed certificates should not be used in most production "
7651
7657
"environments."
7652
7658
msgstr ""
7653
7659
7654
#: serverguide/C/security.xml:1266(para)
7660
#: serverguide/C/security.xml:1286(para)
7655
7661
msgid ""
7656
7662
"Continuing the HTTPS example, a CA-signed certificate provides two important "
7657
7663
"capabilities that a self-signed certificate does not:"
7658
7664
msgstr ""
7659
7665
7660
#: serverguide/C/security.xml:1273(para)
7666
#: serverguide/C/security.xml:1293(para)
7661
7667
msgid ""
7662
7668
"Browsers (usually) automatically recognize the certificate and allow a "
7663
7669
"secure connection to be made without prompting the user."
7664
7670
msgstr ""
7665
7671
7666
#: serverguide/C/security.xml:1280(para)
7672
#: serverguide/C/security.xml:1300(para)
7667
7673
msgid ""
7668
7674
"When a CA issues a signed certificate, it is guaranteeing the identity of "
7669
7675
"the organization that is providing the web pages to the browser."
7678
7684
"may generate an error message when using a self-signed certificate."
7679
7685
msgstr ""
7680
7686
7681
#: serverguide/C/security.xml:1296(para)
7687
#: serverguide/C/security.xml:1316(para)
7682
7688
msgid ""
7683
7689
"The process of getting a certificate from a CA is fairly easy. A quick "
7684
7690
"overview is as follows:"
7685
7691
msgstr ""
7686
7692
7687
#: serverguide/C/security.xml:1303(para)
7693
#: serverguide/C/security.xml:1323(para)
7688
7694
msgid "Create a private and public encryption key pair."
7689
7695
msgstr ""
7690
7696
7691
#: serverguide/C/security.xml:1306(para)
7697
#: serverguide/C/security.xml:1326(para)
7692
7698
msgid ""
7693
7699
"Create a certificate request based on the public key. The certificate "
7694
7700
"request contains information about your server and the company hosting it."
7695
7701
msgstr ""
7696
7702
7697
#: serverguide/C/security.xml:1311(para)
7703
#: serverguide/C/security.xml:1331(para)
7698
7704
msgid ""
7699
7705
"Send the certificate request, along with documents proving your identity, to "
7700
7706
"a CA. We cannot tell you which certificate authority to choose. Your "
7702
7708
"your friends or colleagues, or purely on monetary factors."
7703
7709
msgstr ""
7704
7710
7705
#: serverguide/C/security.xml:1317(para)
7711
#: serverguide/C/security.xml:1337(para)
7706
7712
msgid ""
7707
7713
"Once you have decided upon a CA, you need to follow the instructions they "
7708
7714
"provide on how to obtain a certificate from them."
7709
7715
msgstr ""
7710
7716
7711
#: serverguide/C/security.xml:1322(para)
7717
#: serverguide/C/security.xml:1342(para)
7712
7718
msgid ""
7713
7719
"When the CA is satisfied that you are indeed who you claim to be, they send "
7714
7720
"you a digital certificate."
7715
7721
msgstr ""
7716
7722
7717
#: serverguide/C/security.xml:1326(para)
7723
#: serverguide/C/security.xml:1346(para)
7718
7724
msgid ""
7719
7725
"Install this certificate on your secure server, and configure the "
7720
7726
"appropriate applications to use the certificate."
7721
7727
msgstr ""
7722
7728
7723
#: serverguide/C/security.xml:1335(title)
7729
#: serverguide/C/security.xml:1355(title)
7724
7730
msgid "Generating a Certificate Signing Request (CSR)"
7725
7731
msgstr ""
7726
7732
7727
#: serverguide/C/security.xml:1337(para)
7733
#: serverguide/C/security.xml:1357(para)
7728
7734
msgid ""
7729
7735
"Whether you are getting a certificate from a CA or generating your own self-"
7730
7736
"signed certificate, the first step is to generate a key."
7731
7737
msgstr ""
7732
7738
7733
#: serverguide/C/security.xml:1342(para)
7739
#: serverguide/C/security.xml:1362(para)
7734
7740
msgid ""
7735
7741
"If the certificate will be used by service daemons, such as Apache, Postfix, "
7736
"Dovecot, etc, a key without a passphrase is often appropriate. Not having a "
7742
"Dovecot, etc., a key without a passphrase is often appropriate. Not having a "
7737
7743
"passphrase allows the services to start without manual intervention, usually "
7738
7744
"the preferred way to start a daemon."
7739
7745
msgstr ""
7740
7746
7741
#: serverguide/C/security.xml:1348(para)
7747
#: serverguide/C/security.xml:1368(para)
7742
7748
msgid ""
7743
7749
"This section will cover generating a key with a passphrase, and one without. "
7744
7750
"The non-passphrase key will then be used to generate a certificate that can "
7745
7751
"be used with various service daemons."
7746
7752
msgstr ""
7747
7753
7748
#: serverguide/C/security.xml:1354(para)
7754
#: serverguide/C/security.xml:1374(para)
7749
7755
msgid ""
7750
7756
"Running your secure service without a passphrase is convenient because you "
7751
7757
"will not need to enter the passphrase every time you start your secure "
7753
7759
"of the server as well."
7754
7760
msgstr ""
7755
7761
7756
#: serverguide/C/security.xml:1361(para)
7762
#: serverguide/C/security.xml:1381(para)
7757
7763
msgid ""
7758
7764
"To generate the <emphasis>keys</emphasis> for the Certificate Signing "
7759
7765
"Request (CSR) run the following command from a terminal prompt:"
7760
7766
msgstr ""
7761
7767
7762
#: serverguide/C/security.xml:1367(command)
7768
#: serverguide/C/security.xml:1387(command)
7763
7769
msgid "openssl genrsa -des3 -out server.key 2048"
7764
7770
msgstr ""
7765
7771
7766
#: serverguide/C/security.xml:1370(programlisting)
7772
#: serverguide/C/security.xml:1390(programlisting)
7767
7773
#, no-wrap
7768
7774
msgid ""
7769
7775
"\n"
7774
7780
"Enter pass phrase for server.key:\n"
7775
7781
msgstr ""
7776
7782
7777
#: serverguide/C/security.xml:1378(para)
7783
#: serverguide/C/security.xml:1398(para)
7778
7784
msgid ""
7779
7785
"You can now enter your passphrase. For best security, it should at least "
7780
7786
"contain eight characters. The minimum length when specifying -des3 is four "
7782
7788
"in a dictionary. Also remember that your passphrase is case-sensitive."
7783
7789
msgstr ""
7784
7790
7785
#: serverguide/C/security.xml:1386(para)
7791
#: serverguide/C/security.xml:1406(para)
7786
7792
msgid ""
7787
7793
"Re-type the passphrase to verify. Once you have re-typed it correctly, the "
7788
7794
"server key is generated and stored in the <filename>server.key</filename> "
7789
7795
"file."
7790
7796
msgstr ""
7791
7797
7792
#: serverguide/C/security.xml:1392(para)
7798
#: serverguide/C/security.xml:1412(para)
7793
7799
msgid ""
7794
7800
"Now create the insecure key, the one without a passphrase, and shuffle the "
7795
7801
"key names:"
7796
7802
msgstr ""
7797
7803
7798
#: serverguide/C/security.xml:1398(command)
7804
#: serverguide/C/security.xml:1418(command)
7799
7805
msgid "openssl rsa -in server.key -out server.key.insecure"
7800
7806
msgstr "openssl rsa -in server.key -out server.key.insecure"
7801
7807
7802
#: serverguide/C/security.xml:1399(command)
7808
#: serverguide/C/security.xml:1419(command)
7803
7809
msgid "mv server.key server.key.secure"
7804
7810
msgstr "mv server.key server.key.secure"
7805
7811
7806
#: serverguide/C/security.xml:1400(command)
7812
#: serverguide/C/security.xml:1420(command)
7807
7813
msgid "mv server.key.insecure server.key"
7808
7814
msgstr "mv server.key.insecure server.key"
7809
7815
7810
#: serverguide/C/security.xml:1403(para)
7816
#: serverguide/C/security.xml:1423(para)
7811
7817
msgid ""
7812
7818
"The insecure key is now named <filename>server.key</filename>, and you can "
7813
7819
"use this file to generate the CSR without passphrase."
7814
7820
msgstr ""
7815
7821
7816
#: serverguide/C/security.xml:1408(para)
7822
#: serverguide/C/security.xml:1428(para)
7817
7823
msgid "To create the CSR, run the following command at a terminal prompt:"
7818
7824
msgstr ""
7819
7825
7820
#: serverguide/C/security.xml:1413(command)
7826
#: serverguide/C/security.xml:1433(command)
7821
7827
msgid "openssl req -new -key server.key -out server.csr"
7822
7828
msgstr "openssl req -new -key server.key -out server.csr"
7823
7829
7824
#: serverguide/C/security.xml:1416(para)
7830
#: serverguide/C/security.xml:1436(para)
7825
7831
msgid ""
7826
7832
"It will prompt you enter the passphrase. If you enter the correct "
7827
7833
"passphrase, it will prompt you to enter Company Name, Site Name, Email Id, "
7829
7835
"be stored in the <filename>server.csr</filename> file."
7830
7836
msgstr ""
7831
7837
7832
#: serverguide/C/security.xml:1424(para)
7838
#: serverguide/C/security.xml:1444(para)
7833
7839
msgid ""
7834
7840
"You can now submit this CSR file to a CA for processing. The CA will use "
7835
7841
"this CSR file and issue the certificate. On the other hand, you can create "
7836
7842
"self-signed certificate using this CSR."
7837
7843
msgstr ""
7838
7844
7839
#: serverguide/C/security.xml:1432(title)
7845
#: serverguide/C/security.xml:1452(title)
7840
7846
msgid "Creating a Self-Signed Certificate"
7841
7847
msgstr ""
7842
7848
7843
#: serverguide/C/security.xml:1433(para)
7849
#: serverguide/C/security.xml:1453(para)
7844
7850
msgid ""
7845
7851
"To create the self-signed certificate, run the following command at a "
7846
7852
"terminal prompt:"
7847
7853
msgstr ""
7848
7854
7849
#: serverguide/C/security.xml:1438(command)
7855
#: serverguide/C/security.xml:1458(command)
7850
7856
msgid ""
7851
7857
"openssl x509 -req -days 365 -in server.csr -signkey server.key -out "
7852
7858
"server.crt"
7854
7860
"openssl x509 -req -days 365 -in server.csr -signkey server.key -out "
7855
7861
"server.crt"
7856
7862
7857
#: serverguide/C/security.xml:1441(para)
7863
#: serverguide/C/security.xml:1461(para)
7858
7864
msgid ""
7859
7865
"The above command will prompt you to enter the passphrase. Once you enter "
7860
7866
"the correct passphrase, your certificate will be created and it will be "
7861
7867
"stored in the <filename>server.crt</filename> file."
7862
7868
msgstr ""
7863
7869
7864
#: serverguide/C/security.xml:1446(para)
7870
#: serverguide/C/security.xml:1466(para)
7865
7871
msgid ""
7866
7872
"If your secure server is to be used in a production environment, you "
7867
7873
"probably need a CA-signed certificate. It is not recommended to use self-"
7868
7874
"signed certificate."
7869
7875
msgstr ""
7870
7876
7871
#: serverguide/C/security.xml:1454(title)
7877
#: serverguide/C/security.xml:1474(title)
7872
7878
msgid "Installing the Certificate"
7873
7879
msgstr "Nameščanje potrdila"
7874
7880
7875
#: serverguide/C/security.xml:1456(para)
7881
#: serverguide/C/security.xml:1476(para)
7876
7882
msgid ""
7877
7883
"You can install the key file <filename>server.key</filename> and certificate "
7878
7884
"file <filename>server.crt</filename>, or the certificate file issued by your "
7879
7885
"CA, by running following commands at a terminal prompt:"
7880
7886
msgstr ""
7881
7887
7882
#: serverguide/C/security.xml:1462(command)
7888
#: serverguide/C/security.xml:1482(command)
7883
7889
msgid "sudo cp server.crt /etc/ssl/certs"
7884
7890
msgstr "sudo cp server.crt /etc/ssl/certs"
7885
7891
7886
#: serverguide/C/security.xml:1463(command)
7892
#: serverguide/C/security.xml:1483(command)
7887
7893
msgid "sudo cp server.key /etc/ssl/private"
7888
7894
msgstr "sudo cp server.key /etc/ssl/private"
7889
7895
7890
#: serverguide/C/security.xml:1465(para)
7896
#: serverguide/C/security.xml:1485(para)
7891
7897
msgid ""
7892
7898
"Now simply configure any applications, with the ability to use public-key "
7893
7899
"cryptography, to use the <emphasis>certificate</emphasis> and "
7896
7902
"<application>Dovecot</application> can provide IMAPS and POP3S, etc."
7897
7903
msgstr ""
7898
7904
7899
#: serverguide/C/security.xml:1472(title)
7905
#: serverguide/C/security.xml:1492(title)
7900
7906
msgid "Certification Authority"
7901
7907
msgstr "Overitelj potrdil"
7902
7908
7903
#: serverguide/C/security.xml:1474(para)
7909
#: serverguide/C/security.xml:1494(para)
7904
7910
msgid ""
7905
7911
"If the services on your network require more than a few self-signed "
7906
7912
"certificates it may be worth the additional effort to setup your own "
7910
7916
"the same CA."
7911
7917
msgstr ""
7912
7918
7913
#: serverguide/C/security.xml:1484(para)
7919
#: serverguide/C/security.xml:1504(para)
7914
7920
msgid ""
7915
7921
"First, create the directories to hold the CA certificate and related files:"
7916
7922
msgstr ""
7917
7923
7918
#: serverguide/C/security.xml:1489(command)
7924
#: serverguide/C/security.xml:1509(command)
7919
7925
msgid "sudo mkdir /etc/ssl/CA"
7920
7926
msgstr "sudo mkdir /etc/ssl/CA"
7921
7927
7922
#: serverguide/C/security.xml:1490(command)
7928
#: serverguide/C/security.xml:1510(command)
7923
7929
msgid "sudo mkdir /etc/ssl/newcerts"
7924
7930
msgstr "sudo mkdir /etc/ssl/newcerts"
7925
7931
7926
#: serverguide/C/security.xml:1496(para)
7932
#: serverguide/C/security.xml:1516(para)
7927
7933
msgid ""
7928
7934
"The CA needs a few additional files to operate, one to keep track of the "
7929
7935
"last serial number used by the CA, each certificate must have a unique "
7931
7937
"issued:"
7932
7938
msgstr ""
7933
7939
7934
#: serverguide/C/security.xml:1503(command)
7940
#: serverguide/C/security.xml:1523(command)
7935
7941
msgid "sudo sh -c \"echo '01' > /etc/ssl/CA/serial\""
7936
7942
msgstr "sudo sh -c \"echo '01' > /etc/ssl/CA/serial\""
7937
7943
7938
#: serverguide/C/security.xml:1504(command)
7944
#: serverguide/C/security.xml:1524(command)
7939
7945
msgid "sudo touch /etc/ssl/CA/index.txt"
7940
7946
msgstr "sudo touch /etc/ssl/CA/index.txt"
7941
7947
7942
#: serverguide/C/security.xml:1510(para)
7948
#: serverguide/C/security.xml:1530(para)
7943
7949
msgid ""
7944
7950
"The third file is a CA configuration file. Though not strictly necessary, it "
7945
7951
"is very convenient when issuing multiple certificates. Edit "
7947
7953
"]</emphasis> change:"
7948
7954
msgstr ""
7949
7955
7950
#: serverguide/C/security.xml:1516(programlisting)
7956
#: serverguide/C/security.xml:1536(programlisting)
7951
7957
#, no-wrap
7952
7958
msgid ""
7953
7959
"\n"
7962
7968
msgid "Next, create the self-signed root certificate:"
7963
7969
msgstr ""
7964
7970
7965
#: serverguide/C/security.xml:1532(command)
7971
#: serverguide/C/security.xml:1552(command)
7966
7972
msgid ""
7967
7973
"openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -"
7968
7974
"days 3650"
7970
7976
"openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -"
7971
7977
"days 3650"
7972
7978
7973
#: serverguide/C/security.xml:1535(para)
7979
#: serverguide/C/security.xml:1555(para)
7974
7980
msgid "You will then be asked to enter the details about the certificate."
7975
7981
msgstr "Vprašani boste za vnos podatkov o potrdilu."
7976
7982
7977
#: serverguide/C/security.xml:1542(para)
7983
#: serverguide/C/security.xml:1562(para)
7978
7984
msgid "Now install the root certificate and key:"
7979
7985
msgstr ""
7980
7986
7981
#: serverguide/C/security.xml:1547(command)
7987
#: serverguide/C/security.xml:1567(command)
7982
7988
msgid "sudo mv cakey.pem /etc/ssl/private/"
7983
7989
msgstr "sudo mv cakey.pem /etc/ssl/private/"
7984
7990
7985
#: serverguide/C/security.xml:1548(command)
7991
#: serverguide/C/security.xml:1568(command)
7986
7992
msgid "sudo mv cacert.pem /etc/ssl/certs/"
7987
7993
msgstr "sudo mv cacert.pem /etc/ssl/certs/"
7988
7994
7989
#: serverguide/C/security.xml:1554(para)
7995
#: serverguide/C/security.xml:1574(para)
7990
7996
msgid ""
7991
7997
"You are now ready to start signing certificates. The first item needed is a "
7992
7998
"Certificate Signing Request (CSR), see <xref linkend=\"generating-a-csr\"/> "
7994
8000
"certificate signed by the CA:"
7995
8001
msgstr ""
7996
8002
7997
#: serverguide/C/security.xml:1561(command)
8003
#: serverguide/C/security.xml:1581(command)
7998
8004
msgid "sudo openssl ca -in server.csr -config /etc/ssl/openssl.cnf"
7999
8005
msgstr "sudo openssl ca -in server.csr -config /etc/ssl/openssl.cnf"
8000
8006
8001
#: serverguide/C/security.xml:1564(para)
8007
#: serverguide/C/security.xml:1584(para)
8002
8008
msgid ""
8003
8009
"After entering the password for the CA key, you will be prompted to sign the "
8004
8010
"certificate, and again to commit the new certificate. You should then see a "
8005
8011
"somewhat large amount of output related to the certificate creation."
8006
8012
msgstr ""
8007
8013
8008
#: serverguide/C/security.xml:1573(para)
8014
#: serverguide/C/security.xml:1593(para)
8009
8015
msgid ""
8010
8016
"There should now be a new file, "
8011
8017
"<filename>/etc/ssl/newcerts/01.pem</filename>, containing the same output. "
8016
8022
"<filename>mail.example.com.crt</filename>, is a nice descriptive name."
8017
8023
msgstr ""
8018
8024
8019
#: serverguide/C/security.xml:1581(para)
8025
#: serverguide/C/security.xml:1601(para)
8020
8026
msgid ""
8021
8027
"Subsequent certificates will be named <filename>02.pem</filename>, "
8022
8028
"<filename>03.pem</filename>, etc."
8023
8029
msgstr ""
8024
8030
8025
#: serverguide/C/security.xml:1586(para)
8031
#: serverguide/C/security.xml:1606(para)
8026
8032
msgid ""
8027
8033
"Replace <emphasis>mail.example.com.crt</emphasis> with your own descriptive "
8028
8034
"name."
8029
8035
msgstr ""
8030
8036
8031
#: serverguide/C/security.xml:1594(para)
8037
#: serverguide/C/security.xml:1614(para)
8032
8038
msgid ""
8033
8039
"Finally, copy the new certificate to the host that needs it, and configure "
8034
8040
"the appropriate applications to use it. The default location to install "
8037
8043
"complicated file permissions."
8038
8044
msgstr ""
8039
8045
8040
#: serverguide/C/security.xml:1600(para)
8046
#: serverguide/C/security.xml:1620(para)
8041
8047
msgid ""
8042
8048
"For applications that can be configured to use a CA certificate, you should "
8043
8049
"also copy the <filename>/etc/ssl/certs/cacert.pem</filename> file to the "
8045
8051
"server."
8046
8052
msgstr ""
8047
8053
8048
#: serverguide/C/security.xml:1614(para)
8054
#: serverguide/C/security.xml:1634(para)
8049
8055
msgid ""
8050
8056
"For more detailed instructions on using cryptography see the <ulink "
8051
8057
"url=\"http://tldp.org/HOWTO/SSL-Certificates-HOWTO/index.html\">SSL "
8052
"Certificates HOWTO</ulink> by tldp.org"
8058
"Certificates HOWTO</ulink> by tldp.org:"
8053
8059
msgstr ""
8054
8060
8055
#: serverguide/C/security.xml:1620(para)
8061
#: serverguide/C/security.xml:1640(para)
8056
8062
msgid ""
8057
8063
"The Wikipedia <ulink "
8058
"url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink> page has more "
8064
"url=\"http://en.wikipedia.org/wiki/HTTPS\">HTTPS</ulink> page has more "
8059
8065
"information regarding HTTPS."
8060
8066
msgstr ""
8061
"Stran <ulink url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink> na "
8062
"Wikipediji ima več podatkov o HTTPS."
8063
8067
8064
#: serverguide/C/security.xml:1625(para)
8068
#: serverguide/C/security.xml:1645(para)
8065
8069
msgid ""
8066
8070
"For more information on <emphasis>OpenSSL</emphasis> see the <ulink "
8067
8071
"url=\"http://www.openssl.org/\">OpenSSL Home Page</ulink>."
8069
8073
"Za več informacij o <emphasis>OpenSSL-u</emphasis> si oglejte <ulink "
8070
8074
"url=\"http://www.openssl.org/\">domačo stran OpenSSL-a</ulink>."
8071
8075
8072
#: serverguide/C/security.xml:1630(para)
8076
#: serverguide/C/security.xml:1650(para)
8073
8077
msgid ""
8074
8078
"Also, O'Reilly's <ulink "
8075
8079
"url=\"http://oreilly.com/catalog/9780596002701/\">Network Security with "
8076
"OpenSSL</ulink> is a good in depth reference."
8080
"OpenSSL</ulink> is a good in-depth reference."
8077
8081
msgstr ""
8078
8082
8079
#: serverguide/C/security.xml:1639(title)
8083
#: serverguide/C/security.xml:1659(title)
8080
8084
msgid "eCryptfs"
8081
8085
msgstr "eCryptfs"
8082
8086
8088
8092
"filesystem, partition type, etc."
8089
8093
msgstr ""
8090
8094
8091
#: serverguide/C/security.xml:1647(para)
8095
#: serverguide/C/security.xml:1667(para)
8092
8096
msgid ""
8093
8097
"During installation there is an option to encrypt the <filename "
8094
8098
"role=\"directory\">/home</filename> partition. This will automatically "
8095
8099
"configure everything needed to encrypt and mount the partition."
8096
8100
msgstr ""
8097
8101
8098
#: serverguide/C/security.xml:1652(para)
8102
#: serverguide/C/security.xml:1672(para)
8099
8103
msgid ""
8100
8104
"As an example, this section will cover configuring <filename "
8101
8105
"role=\"directory\">/srv</filename> to be encrypted using "
8102
8106
"<emphasis>eCryptfs</emphasis>."
8103
8107
msgstr ""
8104
8108
8105
#: serverguide/C/security.xml:1657(title)
8109
#: serverguide/C/security.xml:1677(title)
8106
8110
msgid "Using eCryptfs"
8107
8111
msgstr "Uporaba eCryptfs"
8108
8112
8109
#: serverguide/C/security.xml:1659(para)
8113
#: serverguide/C/security.xml:1679(para)
8110
8114
msgid "First, install the necessary packages. From a terminal prompt enter:"
8111
8115
msgstr "Najprej namestite potrebne pakete. V terminalu vnesite:"
8112
8116
8113
#: serverguide/C/security.xml:1664(command)
8117
#: serverguide/C/security.xml:1684(command)
8114
8118
msgid "sudo apt-get install ecryptfs-utils"
8115
8119
msgstr "sudo apt-get install ecryptfs-utils"
8116
8120
8117
#: serverguide/C/security.xml:1667(para)
8121
#: serverguide/C/security.xml:1687(para)
8118
8122
msgid "Now mount the partition to be encrypted:"
8119
8123
msgstr "Priklopite razdelek, ki bo šifriran:"
8120
8124
8121
#: serverguide/C/security.xml:1672(command)
8125
#: serverguide/C/security.xml:1692(command)
8122
8126
msgid "sudo mount -t ecryptfs /srv /srv"
8123
8127
msgstr "sudo mount -t ecryptfs /srv /srv"
8124
8128
8125
#: serverguide/C/security.xml:1675(para)
8129
#: serverguide/C/security.xml:1695(para)
8126
8130
msgid ""
8127
8131
"You will then be prompted for some details on how "
8128
8132
"<application>ecryptfs</application> should encrypt the data."
8129
8133
msgstr ""
8130
8134
8131
#: serverguide/C/security.xml:1679(para)
8135
#: serverguide/C/security.xml:1699(para)
8132
8136
msgid ""
8133
8137
"To test that files placed in <filename>/srv</filename> are indeed encrypted "
8134
8138
"copy the <filename>/etc/default</filename> folder to "
8135
8139
"<filename>/srv</filename>:"
8136
8140
msgstr ""
8137
8141
8138
#: serverguide/C/security.xml:1685(command) serverguide/C/clustering.xml:190(command)
8142
#: serverguide/C/security.xml:1705(command) serverguide/C/clustering.xml:190(command)
8139
8143
msgid "sudo cp -r /etc/default /srv"
8140
8144
msgstr "sudo cp -r /etc/default /srv"
8141
8145
8142
#: serverguide/C/security.xml:1688(para)
8146
#: serverguide/C/security.xml:1708(para)
8143
8147
msgid "Now unmount <filename>/srv</filename>, and try to view a file:"
8144
8148
msgstr ""
8145
8149
"Odklopite <filename>/srv</filename> in si poskusite ogledati datoteko:"
8146
8150
8147
#: serverguide/C/security.xml:1693(command) serverguide/C/installation.xml:1118(command) serverguide/C/clustering.xml:198(command)
8151
#: serverguide/C/security.xml:1713(command) serverguide/C/clustering.xml:198(command)
8148
8152
msgid "sudo umount /srv"
8149
8153
msgstr "sudo umount /srv"
8150
8154
8151
#: serverguide/C/security.xml:1694(command)
8155
#: serverguide/C/security.xml:1714(command)
8152
8156
msgid "cat /srv/default/cron"
8153
8157
msgstr "cat /srv/default/cron"
8154
8158
8155
#: serverguide/C/security.xml:1697(para)
8159
#: serverguide/C/security.xml:1717(para)
8156
8160
msgid ""
8157
8161
"Remounting <filename>/srv</filename> using "
8158
8162
"<application>ecryptfs</application> will make the data viewable once again."
8159
8163
msgstr ""
8160
8164
8161
#: serverguide/C/security.xml:1703(title)
8165
#: serverguide/C/security.xml:1723(title)
8162
8166
msgid "Automatically Mounting Encrypted Partitions"
8163
8167
msgstr "Samodejno priključevanje šifriranih razdelkov"
8164
8168
8165
#: serverguide/C/security.xml:1705(para)
8169
#: serverguide/C/security.xml:1725(para)
8166
8170
msgid ""
8167
8171
"There are a couple of ways to automatically mount an "
8168
8172
"<application>ecryptfs</application> encrypted filesystem at boot. This "
8170
8174
"mount options, along with a passphrase file residing on a USB key."
8171
8175
msgstr ""
8172
8176
8173
#: serverguide/C/security.xml:1711(para)
8177
#: serverguide/C/security.xml:1731(para)
8174
8178
msgid "First, create <filename>/root/.ecryptfsrc</filename> containing:"
8175
8179
msgstr ""
8176
8180
"Najprej ustvarite datoteko <filename>/root/.ecryptfsrc</filename>, ki "
8177
8181
"vsebuje:"
8178
8182
8179
#: serverguide/C/security.xml:1715(programlisting)
8183
#: serverguide/C/security.xml:1735(programlisting)
8180
8184
#, no-wrap
8181
8185
msgid ""
8182
8186
"\n"
8195
8199
"ecryptfs_passthrough=n\n"
8196
8200
"ecryptfs_enable_filename_crypto=n\n"
8197
8201
8198
#: serverguide/C/security.xml:1725(para)
8202
#: serverguide/C/security.xml:1745(para)
8199
8203
msgid ""
8200
8204
"Adjust the <emphasis>ecryptfs_sig</emphasis> to the signature in "
8201
8205
"<filename>/root/.ecryptfs/sig-cache.txt</filename>."
8202
8206
msgstr ""
8203
8207
8204
#: serverguide/C/security.xml:1730(para)
8208
#: serverguide/C/security.xml:1750(para)
8205
8209
msgid ""
8206
8210
"Next, create the <filename>/mnt/usb/passwd_file.txt</filename> passphrase "
8207
8211
"file:"
8208
8212
msgstr ""
8209
8213
8210
#: serverguide/C/security.xml:1734(programlisting)
8214
#: serverguide/C/security.xml:1754(programlisting)
8211
8215
#, no-wrap
8212
8216
msgid ""
8213
8217
"\n"
8214
8218
"passphrase_passwd=[secrets]\n"
8215
8219
msgstr ""
8216
8220
8217
#: serverguide/C/security.xml:1738(para)
8221
#: serverguide/C/security.xml:1758(para)
8218
8222
msgid "Now add the necessary lines to <filename>/etc/fstab</filename>:"
8219
8223
msgstr "V datoteko <filename>/etc/fstab</filename> dodajte potrebne vrstice:"
8220
8224
8221
#: serverguide/C/security.xml:1742(programlisting)
8225
#: serverguide/C/security.xml:1762(programlisting)
8222
8226
#, no-wrap
8223
8227
msgid ""
8224
8228
"\n"
8229
8233
"/dev/sdb1 /mnt/usb ext3 ro 0 0\n"
8230
8234
"/srv /srv ecryptfs defaults 0 0\n"
8231
8235
8232
#: serverguide/C/security.xml:1747(para)
8236
#: serverguide/C/security.xml:1767(para)
8233
8237
msgid "Make sure the USB drive is mounted before the encrypted partition."
8234
8238
msgstr ""
8235
8239
"Prepričajte se, da je pogon USB priključen pred šifriranim razdelkom."
8236
8240
8237
#: serverguide/C/security.xml:1751(para)
8241
#: serverguide/C/security.xml:1771(para)
8238
8242
msgid ""
8239
8243
"Finally, reboot and the <filename>/srv</filename> should be mounted using "
8240
8244
"<emphasis>eCryptfs</emphasis>."
8241
8245
msgstr ""
8242
8246
8243
#: serverguide/C/security.xml:1757(title)
8247
#: serverguide/C/security.xml:1777(title)
8244
8248
msgid "Other Utilities"
8245
8249
msgstr "Druga orodja"
8246
8250
8247
#: serverguide/C/security.xml:1759(para)
8251
#: serverguide/C/security.xml:1779(para)
8248
8252
msgid ""
8249
8253
"The <application>ecryptfs-utils</application> package includes several other "
8250
8254
"useful utilities:"
8252
8256
"Paket <application>ecryptfs-utils</application> vsebuje vrsto drugih "
8253
8257
"uporabnih orodij:"
8254
8258
8255
#: serverguide/C/security.xml:1765(para)
8259
#: serverguide/C/security.xml:1785(para)
8256
8260
msgid ""
8257
8261
"<emphasis>ecryptfs-setup-private:</emphasis> creates a "
8258
8262
"<filename>~/Private</filename> directory to contain encrypted information. "
8260
8264
"other users on the system."
8261
8265
msgstr ""
8262
8266
8263
#: serverguide/C/security.xml:1772(para)
8267
#: serverguide/C/security.xml:1792(para)
8264
8268
msgid ""
8265
"<emphasis>ecryptfs-mount-private and ecryptfs-umount-private:</emphasis> "
8266
"will mount and unmount respectively, a users <filename>~/Private</filename> "
8267
"directory."
8269
"<emphasis>ecryptfs-mount-private</emphasis> and <emphasis> ecryptfs-umount-"
8270
"private</emphasis> will mount and unmount a user's "
8271
"<filename>~/Private</filename> directory."
8268
8272
msgstr ""
8269
8273
8270
#: serverguide/C/security.xml:1778(para)
8274
#: serverguide/C/security.xml:1798(para)
8271
8275
msgid ""
8272
8276
"<emphasis>ecryptfs-add-passphrase:</emphasis> adds a new passphrase to the "
8273
8277
"kernel keyring."
8274
8278
msgstr ""
8275
8279
8276
#: serverguide/C/security.xml:1783(para)
8280
#: serverguide/C/security.xml:1803(para)
8277
8281
msgid ""
8278
8282
"<emphasis>ecryptfs-manager:</emphasis> manages "
8279
8283
"<application>eCryptfs</application> objects such as keys."
8280
8284
msgstr ""
8281
8285
8282
#: serverguide/C/security.xml:1788(para)
8286
#: serverguide/C/security.xml:1808(para)
8283
8287
msgid ""
8284
8288
"<emphasis>ecryptfs-stat:</emphasis> allows you to view the "
8285
8289
"<application>ecryptfs</application> meta information for a file."
8286
8290
msgstr ""
8287
8291
8288
#: serverguide/C/security.xml:1801(para)
8292
#: serverguide/C/security.xml:1821(para)
8289
8293
msgid ""
8290
8294
"For more information on <emphasis>eCryptfs</emphasis> see the <ulink "
8291
8295
"url=\"https://launchpad.net/ecryptfs\">Launchpad project page</ulink>."
8292
8296
msgstr ""
8293
8297
8294
#: serverguide/C/security.xml:1806(para)
8298
#: serverguide/C/security.xml:1826(para)
8295
8299
msgid ""
8296
8300
"There is also a <ulink "
8297
8301
"url=\"http://www.linuxjournal.com/article/9400\">Linux Journal</ulink> "
8310
8314
msgid "Samba"
8311
8315
msgstr ""
8312
8316
8313
#: serverguide/C/windows-networking.xml:13(para)
8317
#: serverguide/C/samba.xml:13(para)
8314
8318
msgid ""
8315
8319
"Computer networks are often comprised of diverse systems, and while "
8316
8320
"operating a network made up entirely of Ubuntu desktop and server computers "
8322
8326
"network resources with Windows computers."
8323
8327
msgstr ""
8324
8328
8325
#: serverguide/C/windows-networking.xml:25(para)
8329
#: serverguide/C/samba.xml:25(para)
8326
8330
msgid ""
8327
8331
"Successfully networking your Ubuntu system with Windows clients involves "
8328
8332
"providing and integrating with services common to Windows environments. Such "
8331
8335
"categories of functionality:"
8332
8336
msgstr ""
8333
8337
8334
#: serverguide/C/windows-networking.xml:33(para)
8338
#: serverguide/C/samba.xml:33(para)
8335
8339
msgid ""
8336
8340
"<emphasis role=\"bold\">File and Printer Sharing Services</emphasis>. Using "
8337
8341
"the Server Message Block (SMB) protocol to facilitate the sharing of files, "
8338
8342
"folders, volumes, and the sharing of printers throughout the network."
8339
8343
msgstr ""
8340
8344
8341
#: serverguide/C/windows-networking.xml:39(para)
8345
#: serverguide/C/samba.xml:39(para)
8342
8346
msgid ""
8343
8347
"<emphasis role=\"bold\">Directory Services</emphasis>. Sharing vital "
8344
8348
"information about the computers and users of the network with such "
8346
8350
"Microsoft <trademark class=\"registered\">Active Directory</trademark>."
8347
8351
msgstr ""
8348
8352
8349
#: serverguide/C/windows-networking.xml:46(para)
8353
#: serverguide/C/samba.xml:46(para)
8350
8354
msgid ""
8351
8355
"<emphasis role=\"bold\">Authentication and Access</emphasis>. Establishing "
8352
8356
"the identity of a computer or user of the network and determining the "
8355
8359
"Kerberos authentication service."
8356
8360
msgstr ""
8357
8361
8358
#: serverguide/C/windows-networking.xml:54(para)
8362
#: serverguide/C/samba.xml:54(para)
8359
8363
msgid ""
8360
8364
"Fortunately, your Ubuntu system may provide all such facilities to Windows "
8361
8365
"clients and share network resources among them. One of the principal pieces "
8363
8367
"suite of SMB server applications and tools."
8364
8368
msgstr ""
8365
8369
8366
#: serverguide/C/windows-networking.xml:60(para)
8370
#: serverguide/C/samba.xml:60(para)
8367
8371
msgid ""
8368
8372
"This section of the <phrase>Ubuntu</phrase> Server Guide will introduce some "
8369
8373
"of the common Samba use cases, and how to install and configure the "
8376
8380
msgid "File Server"
8377
8381
msgstr ""
8378
8382
8379
#: serverguide/C/windows-networking.xml:70(para)
8383
#: serverguide/C/samba.xml:70(para)
8380
8384
msgid ""
8381
8385
"One of the most common ways to network Ubuntu and Windows computers is to "
8382
8386
"configure Samba as a File Server. This section covers setting up a "
8383
8387
"<application>Samba</application> server to share files with Windows clients."
8384
8388
msgstr ""
8385
8389
8386
#: serverguide/C/windows-networking.xml:75(para)
8390
#: serverguide/C/samba.xml:75(para)
8387
8391
msgid ""
8388
8392
"The server will be configured to share files with any client on the network "
8389
8393
"without prompting for a password. If your environment requires stricter "
8390
8394
"Access Controls see <xref linkend=\"samba-fileprint-security\"/>"
8391
8395
msgstr ""
8392
8396
8393
#: serverguide/C/windows-networking.xml:83(para)
8397
#: serverguide/C/samba.xml:83(para)
8394
8398
msgid ""
8395
8399
"The first step is to install the <application>samba</application> package. "
8396
8400
"From a terminal prompt enter:"
8398
8402
"Prvi korak je, da namestite paket <application>samba</application>. V "
8399
8403
"terminalu vpišite:"
8400
8404
8401
#: serverguide/C/windows-networking.xml:88(command) serverguide/C/windows-networking.xml:304(command)
8405
#: serverguide/C/samba.xml:88(command) serverguide/C/samba.xml:304(command)
8402
8406
msgid "sudo apt-get install samba"
8403
8407
msgstr "sudo apt-get install samba"
8404
8408
8405
#: serverguide/C/windows-networking.xml:91(para)
8409
#: serverguide/C/samba.xml:91(para)
8406
8410
msgid ""
8407
8411
"That's all there is to it; you are now ready to configure Samba to share "
8408
8412
"files."
8409
8413
msgstr ""
8410
8414
8411
#: serverguide/C/windows-networking.xml:99(para)
8415
#: serverguide/C/samba.xml:99(para)
8412
8416
msgid ""
8413
8417
"The main Samba configuration file is located in "
8414
8418
"<filename>/etc/samba/smb.conf</filename>. The default configuration file has "
8416
8420
"directives."
8417
8421
msgstr ""
8418
8422
8419
#: serverguide/C/windows-networking.xml:104(para)
8423
#: serverguide/C/samba.xml:104(para)
8420
8424
msgid ""
8421
8425
"Not all the available options are included in the default configuration "
8422
8426
"file. See the <filename>smb.conf</filename><application>man</application> "
8424
8428
"Collection/\">Samba HOWTO Collection</ulink> for more details."
8425
8429
msgstr ""
8426
8430
8427
#: serverguide/C/windows-networking.xml:113(para)
8431
#: serverguide/C/samba.xml:113(para)
8428
8432
msgid ""
8429
8433
"First, edit the following key/value pairs in the "
8430
8434
"<emphasis>[global]</emphasis> section of "
8431
8435
"<filename>/etc/samba/smb.conf</filename>:"
8432
8436
msgstr ""
8433
8437
8434
#: serverguide/C/windows-networking.xml:118(programlisting) serverguide/C/windows-networking.xml:316(programlisting) serverguide/C/windows-networking.xml:784(programlisting) serverguide/C/windows-networking.xml:1023(programlisting)
8438
#: serverguide/C/samba.xml:118(programlisting) serverguide/C/samba.xml:316(programlisting) serverguide/C/samba.xml:784(programlisting) serverguide/C/samba.xml:1023(programlisting)
8435
8439
#, no-wrap
8436
8440
msgid ""
8437
8441
"\n"
8444
8448
" ...\n"
8445
8449
" security = user\n"
8446
8450
8447
#: serverguide/C/windows-networking.xml:124(para)
8451
#: serverguide/C/samba.xml:124(para)
8448
8452
msgid ""
8449
8453
"The <emphasis>security</emphasis> parameter is farther down in the [global] "
8450
8454
"section, and is commented by default. Also, change "
8451
8455
"<emphasis>EXAMPLE</emphasis> to better match your environment."
8452
8456
msgstr ""
8453
8457
8454
#: serverguide/C/windows-networking.xml:132(para)
8458
#: serverguide/C/samba.xml:132(para)
8455
8459
msgid ""
8456
8460
"Create a new section at the bottom of the file, or uncomment one of the "
8457
8461
"examples, for the directory to be shared:"
8458
8462
msgstr ""
8459
8463
8460
#: serverguide/C/windows-networking.xml:136(programlisting)
8464
#: serverguide/C/samba.xml:136(programlisting)
8461
8465
#, no-wrap
8462
8466
msgid ""
8463
8467
"\n"
8470
8474
" create mask = 0755\n"
8471
8475
msgstr ""
8472
8476
8473
#: serverguide/C/windows-networking.xml:148(para)
8477
#: serverguide/C/samba.xml:148(para)
8474
8478
msgid ""
8475
8479
"<emphasis>comment:</emphasis> a short description of the share. Adjust to "
8476
8480
"fit your needs."
8477
8481
msgstr ""
8478
8482
8479
#: serverguide/C/windows-networking.xml:153(para)
8483
#: serverguide/C/samba.xml:153(para)
8480
8484
msgid "<emphasis>path:</emphasis> the path to the directory to share."
8481
8485
msgstr ""
8482
8486
8483
#: serverguide/C/windows-networking.xml:156(para)
8487
#: serverguide/C/samba.xml:156(para)
8484
8488
msgid ""
8485
8489
"This example uses <filename>/srv/samba/sharename</filename> because, "
8486
8490
"according to the <emphasis>Filesystem Hierarchy Standard (FHS)</emphasis>, "
8491
8495
"adhering to standards is recommended."
8492
8496
msgstr ""
8493
8497
8494
#: serverguide/C/windows-networking.xml:165(para)
8498
#: serverguide/C/samba.xml:165(para)
8495
8499
msgid ""
8496
8500
"<emphasis>browsable:</emphasis> enables Windows clients to browse the shared "
8497
8501
"directory using <application>Windows Explorer</application>."
8498
8502
msgstr ""
8499
8503
8500
#: serverguide/C/windows-networking.xml:171(para)
8504
#: serverguide/C/samba.xml:171(para)
8501
8505
msgid ""
8502
8506
"<emphasis>guest ok:</emphasis> allows clients to connect to the share "
8503
8507
"without supplying a password."
8504
8508
msgstr ""
8505
8509
8506
#: serverguide/C/windows-networking.xml:176(para)
8510
#: serverguide/C/samba.xml:176(para)
8507
8511
msgid ""
8508
8512
"<emphasis>read only:</emphasis> determines if the share is read only or if "
8509
8513
"write privileges are granted. Write privileges are allowed only when the "
8511
8515
"is <emphasis>yes</emphasis>, then access to the share is read only."
8512
8516
msgstr ""
8513
8517
8514
#: serverguide/C/windows-networking.xml:181(para)
8518
#: serverguide/C/samba.xml:181(para)
8515
8519
msgid ""
8516
8520
"<emphasis>create mask:</emphasis> determines the permissions new files will "
8517
8521
"have when created."
8518
8522
msgstr ""
8519
8523
8520
#: serverguide/C/windows-networking.xml:190(para)
8524
#: serverguide/C/samba.xml:190(para)
8521
8525
msgid ""
8522
8526
"Now that <application>Samba</application> is configured, the directory needs "
8523
8527
"to be created and the permissions changed. From a terminal enter:"
8525
8529
"Zdaj ko je program <application>Samba</application> nastavljen, mora biti "
8526
8530
"ustvarjena mapa in spremenjena dovoljenja. V terminalu vnesite:"
8527
8531
8528
#: serverguide/C/windows-networking.xml:196(command)
8532
#: serverguide/C/samba.xml:196(command)
8529
8533
msgid "sudo mkdir -p /srv/samba/share"
8530
8534
msgstr "sudo mkdir -p /srv/samba/share"
8531
8535
8532
#: serverguide/C/windows-networking.xml:197(command)
8536
#: serverguide/C/samba.xml:197(command)
8533
8537
msgid "sudo chown nobody:nogroup /srv/samba/share/"
8534
8538
msgstr ""
8535
8539
8536
#: serverguide/C/windows-networking.xml:201(para)
8540
#: serverguide/C/samba.xml:201(para)
8537
8541
msgid ""
8538
8542
"The <emphasis>-p</emphasis> switch tells mkdir to create the entire "
8539
8543
"directory tree if it doesn't exist."
8540
8544
msgstr ""
8541
8545
8542
#: serverguide/C/windows-networking.xml:209(para)
8546
#: serverguide/C/samba.xml:209(para)
8543
8547
msgid ""
8544
8548
"Finally, restart the <application>samba</application> services to enable the "
8545
8549
"new configuration:"
8547
8551
"Za konec znova zaženite storitve <application>samba</application>, da se "
8548
8552
"uveljavijo nove nastavitve:"
8549
8553
8550
#: serverguide/C/windows-networking.xml:214(command) serverguide/C/windows-networking.xml:336(command) serverguide/C/windows-networking.xml:474(command) serverguide/C/windows-networking.xml:574(command) serverguide/C/windows-networking.xml:925(command) serverguide/C/windows-networking.xml:1080(command) serverguide/C/windows-networking.xml:1187(command) serverguide/C/network-auth.xml:2533(command)
8554
#: serverguide/C/samba.xml:214(command) serverguide/C/samba.xml:336(command) serverguide/C/samba.xml:474(command) serverguide/C/samba.xml:574(command) serverguide/C/samba.xml:925(command) serverguide/C/samba.xml:1080(command) serverguide/C/samba.xml:1187(command) serverguide/C/network-auth.xml:2532(command) serverguide/C/network-auth.xml:4114(command)
8551
8555
msgid "sudo restart smbd"
8552
8556
msgstr "sudo restart smbd"
8553
8557
8554
#: serverguide/C/windows-networking.xml:215(command) serverguide/C/windows-networking.xml:337(command) serverguide/C/windows-networking.xml:475(command) serverguide/C/windows-networking.xml:575(command) serverguide/C/windows-networking.xml:926(command) serverguide/C/windows-networking.xml:1081(command) serverguide/C/windows-networking.xml:1188(command) serverguide/C/network-auth.xml:2534(command)
8558
#: serverguide/C/samba.xml:215(command) serverguide/C/samba.xml:337(command) serverguide/C/samba.xml:475(command) serverguide/C/samba.xml:575(command) serverguide/C/samba.xml:926(command) serverguide/C/samba.xml:1081(command) serverguide/C/samba.xml:1188(command) serverguide/C/network-auth.xml:2533(command) serverguide/C/network-auth.xml:4115(command)
8555
8559
msgid "sudo restart nmbd"
8556
8560
msgstr "sudo restart nmbd"
8557
8561
8558
#: serverguide/C/windows-networking.xml:222(para)
8562
#: serverguide/C/samba.xml:222(para)
8559
8563
msgid ""
8560
8564
"Once again, the above configuration gives all access to any client on the "
8561
8565
"local network. For a more secure configuration see <xref linkend=\"samba-"
8562
8566
"fileprint-security\"/>."
8563
8567
msgstr ""
8564
8568
8565
#: serverguide/C/windows-networking.xml:228(para)
8569
#: serverguide/C/samba.xml:228(para)
8566
8570
msgid ""
8567
8571
"From a Windows client you should now be able to browse to the Ubuntu file "
8568
8572
"server and see the shared directory. If your client doesn't show your share "
8571
8575
"working try creating a directory from Windows."
8572
8576
msgstr ""
8573
8577
8574
#: serverguide/C/windows-networking.xml:232(para)
8578
#: serverguide/C/samba.xml:232(para)
8575
8579
msgid ""
8576
8580
"To create additional shares simply create new <emphasis>[dir]</emphasis> "
8577
8581
"sections in <filename>/etc/samba/smb.conf</filename>, and restart "
8579
8583
"share actually exists and the permissions are correct."
8580
8584
msgstr ""
8581
8585
8582
#: serverguide/C/windows-networking.xml:239(para)
8586
#: serverguide/C/samba.xml:239(para)
8583
8587
msgid ""
8584
8588
"The file share named <emphasis>\"[share]\"</emphasis> and the path "
8585
8589
"<filename>/srv/samba/share</filename> are just examples. Adjust the share "
8589
8593
"<filename>/srv/samba/qa</filename>."
8590
8594
msgstr ""
8591
8595
8592
#: serverguide/C/windows-networking.xml:252(para) serverguide/C/windows-networking.xml:351(para) serverguide/C/windows-networking.xml:708(para) serverguide/C/windows-networking.xml:1104(para)
8596
#: serverguide/C/samba.xml:252(para) serverguide/C/samba.xml:351(para) serverguide/C/samba.xml:708(para) serverguide/C/samba.xml:1104(para)
8593
8597
msgid ""
8594
8598
"For in depth Samba configurations see the <ulink "
8595
8599
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/\">Samba HOWTO "
8596
8600
"Collection</ulink>"
8597
8601
msgstr ""
8598
8602
8599
#: serverguide/C/windows-networking.xml:258(para) serverguide/C/windows-networking.xml:357(para) serverguide/C/windows-networking.xml:714(para) serverguide/C/windows-networking.xml:1110(para)
8603
#: serverguide/C/samba.xml:258(para) serverguide/C/samba.xml:357(para) serverguide/C/samba.xml:714(para) serverguide/C/samba.xml:1110(para)
8600
8604
msgid ""
8601
8605
"The guide is also available in <ulink "
8602
8606
"url=\"http://www.amazon.com/exec/obidos/tg/detail/-/0131882228\">printed "
8606
8610
"url=\"http://www.amazon.com/exec/obidos/tg/detail/-/0131882228\">tiskani "
8607
8611
"različici</ulink>."
8608
8612
8609
#: serverguide/C/windows-networking.xml:264(para) serverguide/C/windows-networking.xml:363(para)
8613
#: serverguide/C/samba.xml:264(para) serverguide/C/samba.xml:363(para)
8610
8614
msgid ""
8611
8615
"O'Reilly's <ulink "
8612
8616
"url=\"http://www.oreilly.com/catalog/9780596007690/\">Using Samba</ulink> is "
8613
8617
"another good reference."
8614
8618
msgstr ""
8615
8619
8616
#: serverguide/C/windows-networking.xml:270(para) serverguide/C/windows-networking.xml:374(para) serverguide/C/windows-networking.xml:739(para) serverguide/C/windows-networking.xml:1134(para) serverguide/C/windows-networking.xml:1312(para)
8620
#: serverguide/C/samba.xml:270(para) serverguide/C/samba.xml:374(para) serverguide/C/samba.xml:739(para) serverguide/C/samba.xml:1134(para) serverguide/C/samba.xml:1312(para)
8617
8621
msgid ""
8618
8622
"The <ulink url=\"https://help.ubuntu.com/community/Samba\">Ubuntu Wiki Samba "
8619
8623
"</ulink> page."
8621
8625
"Stran <ulink url=\"https://help.ubuntu.com/community/Samba\">Samba na Ubuntu "
8622
8626
"Wiki</ulink>."
8623
8627
8624
#: serverguide/C/network-config.xml:908(para)
8628
#: serverguide/C/samba.xml:279(title) serverguide/C/network-config.xml:904(para)
8625
8629
msgid "Print Server"
8626
8630
msgstr "Tiskalniški strežnik"
8627
8631
8628
#: serverguide/C/windows-networking.xml:281(para)
8632
#: serverguide/C/samba.xml:281(para)
8629
8633
msgid ""
8630
8634
"Another common use of Samba is to configure it to share printers installed, "
8631
8635
"either locally or over the network, on an Ubuntu server. Similar to <xref "
8634
8638
"prompting for a username and password."
8635
8639
msgstr ""
8636
8640
8637
#: serverguide/C/windows-networking.xml:287(para)
8641
#: serverguide/C/samba.xml:287(para)
8638
8642
msgid ""
8639
8643
"For a more secure configuration see <xref linkend=\"samba-fileprint-"
8640
8644
"security\"/>."
8642
8646
"Za varnejšo nastavitev si oglejte <xref linkend=\"samba-fileprint-"
8643
8647
"security\"/>."
8644
8648
8645
#: serverguide/C/windows-networking.xml:294(para)
8649
#: serverguide/C/samba.xml:294(para)
8646
8650
msgid ""
8647
8651
"Before installing and configuring Samba it is best to already have a working "
8648
8652
"<application>CUPS</application> installation. See <xref linkend=\"cups\"/> "
8652
8656
"delujočo namestitev programa <application>CUPS</application>. Za podrobnosti "
8653
8657
"si oglejte <xref linkend=\"cups\"/>."
8654
8658
8655
#: serverguide/C/windows-networking.xml:299(para)
8659
#: serverguide/C/samba.xml:299(para)
8656
8660
msgid ""
8657
8661
"To install the <application>samba</application> package, from a terminal "
8658
8662
"enter:"
8659
8663
msgstr ""
8660
8664
"Za namestitev paketa <application>samba</application>, v terminalu vnesite:"
8661
8665
8662
#: serverguide/C/windows-networking.xml:310(para)
8666
#: serverguide/C/samba.xml:310(para)
8663
8667
msgid ""
8664
8668
"After installing samba edit <filename>/etc/samba/smb.conf</filename>. Change "
8665
8669
"the <emphasis>workgroup</emphasis> attribute to what is appropriate for your "
8667
8671
"role=\"italic\">user</emphasis>:"
8668
8672
msgstr ""
8669
8673
8670
#: serverguide/C/windows-networking.xml:322(para)
8674
#: serverguide/C/samba.xml:322(para)
8671
8675
msgid ""
8672
8676
"In the <emphasis>[printers]</emphasis> section change the <emphasis>guest "
8673
8677
"ok</emphasis> option to <emphasis role=\"italic\">yes</emphasis>:"
8675
8679
"V odseku <emphasis>[printers]</emphasis> spremenite možnost <emphasis>guest "
8676
8680
"ok</emphasis> v <emphasis role=\"italic\">yes</emphasis>:"
8677
8681
8678
#: serverguide/C/windows-networking.xml:326(programlisting)
8682
#: serverguide/C/samba.xml:326(programlisting)
8679
8683
#, no-wrap
8680
8684
msgid ""
8681
8685
"\n"
8686
8690
" browsable = yes\n"
8687
8691
" guest ok = yes\n"
8688
8692
8689
#: serverguide/C/windows-networking.xml:331(para)
8693
#: serverguide/C/samba.xml:331(para)
8690
8694
msgid "After editing <filename>smb.conf</filename> restart Samba:"
8691
8695
msgstr ""
8692
8696
"Ko končate z urejanjem <filename>smb.conf</filename>, znova zaženite program "
8693
8697
"Samba:"
8694
8698
8695
#: serverguide/C/windows-networking.xml:340(para)
8699
#: serverguide/C/samba.xml:340(para)
8696
8700
msgid ""
8697
8701
"The default Samba configuration will automatically share any printers "
8698
8702
"installed. Simply install the printer locally on your Windows clients."
8699
8703
msgstr ""
8700
8704
8701
#: serverguide/C/windows-networking.xml:369(para)
8705
#: serverguide/C/samba.xml:369(para)
8702
8706
msgid ""
8703
8707
"Also, see the <ulink url=\"http://www.cups.org/\">CUPS Website</ulink> for "
8704
8708
"more information on configuring CUPS."
8710
8714
msgid "Securing File and Print Server"
8711
8715
msgstr ""
8712
8716
8713
#: serverguide/C/windows-networking.xml:386(title)
8717
#: serverguide/C/samba.xml:386(title)
8714
8718
msgid "Samba Security Modes"
8715
8719
msgstr "Varnostni načini Samba"
8716
8720
8717
#: serverguide/C/windows-networking.xml:388(para)
8721
#: serverguide/C/samba.xml:388(para)
8718
8722
msgid ""
8719
8723
"There are two security levels available to the Common Internet Filesystem "
8720
8724
"(CIFS) network protocol <emphasis>user-level</emphasis> and <emphasis>share-"
8723
8727
"security and one way to implement share-level:"
8724
8728
msgstr ""
8725
8729
8726
#: serverguide/C/windows-networking.xml:397(para)
8730
#: serverguide/C/samba.xml:397(para)
8727
8731
msgid ""
8728
8732
"<emphasis>security = user:</emphasis> requires clients to supply a username "
8729
8733
"and password to connect to shares. Samba user accounts are separate from "
8731
8735
"will sync system users and passwords with the Samba user database."
8732
8736
msgstr ""
8733
8737
8734
#: serverguide/C/windows-networking.xml:404(para)
8738
#: serverguide/C/samba.xml:404(para)
8735
8739
msgid ""
8736
8740
"<emphasis>security = domain:</emphasis> this mode allows the Samba server to "
8737
8741
"appear to Windows clients as a Primary Domain Controller (PDC), Backup "
8739
8743
"linkend=\"samba-dc\"/> for further information."
8740
8744
msgstr ""
8741
8745
8742
#: serverguide/C/windows-networking.xml:411(para)
8746
#: serverguide/C/samba.xml:411(para)
8743
8747
msgid ""
8744
8748
"<emphasis>security = ADS:</emphasis> allows the Samba server to join an "
8745
8749
"Active Directory domain as a native member. See <xref linkend=\"samba-ad-"
8746
8750
"integration\"/> for details."
8747
8751
msgstr ""
8748
8752
8749
#: serverguide/C/windows-networking.xml:417(para)
8753
#: serverguide/C/samba.xml:417(para)
8750
8754
msgid ""
8751
8755
"<emphasis>security = server:</emphasis> this mode is left over from before "
8752
8756
"Samba could become a member server, and due to some security issues should "
8755
8759
"of the Samba guide for more details."
8756
8760
msgstr ""
8757
8761
8758
#: serverguide/C/windows-networking.xml:425(para)
8762
#: serverguide/C/samba.xml:425(para)
8759
8763
msgid ""
8760
8764
"<emphasis>security = share:</emphasis> allows clients to connect to shares "
8761
8765
"without supplying a username and password."
8762
8766
msgstr ""
8763
8767
8764
#: serverguide/C/windows-networking.xml:432(para)
8768
#: serverguide/C/samba.xml:432(para)
8765
8769
msgid ""
8766
8770
"The security mode you choose will depend on your environment and what you "
8767
8771
"need the Samba server to accomplish."
8768
8772
msgstr ""
8769
8773
8770
#: serverguide/C/windows-networking.xml:438(title)
8774
#: serverguide/C/samba.xml:438(title)
8771
8775
msgid "Security = User"
8772
8776
msgstr "Security = User"
8773
8777
8774
#: serverguide/C/windows-networking.xml:440(para)
8778
#: serverguide/C/samba.xml:440(para)
8775
8779
msgid ""
8776
8780
"This section will reconfigure the Samba file and print server, from <xref "
8777
8781
"linkend=\"samba-fileserver\"/> and <xref linkend=\"samba-printserver\"/>, to "
8778
8782
"require authentication."
8779
8783
msgstr ""
8780
8784
8781
#: serverguide/C/windows-networking.xml:445(para)
8785
#: serverguide/C/samba.xml:445(para)
8782
8786
msgid ""
8783
8787
"First, install the <application>libpam-smbpass</application> package which "
8784
8788
"will sync the system users to the Samba user database:"
8785
8789
msgstr ""
8786
8790
8787
#: serverguide/C/windows-networking.xml:451(command)
8791
#: serverguide/C/samba.xml:451(command)
8788
8792
msgid "sudo apt-get install libpam-smbpass"
8789
8793
msgstr "sudo apt-get install libpam-smbpass"
8790
8794
8791
#: serverguide/C/windows-networking.xml:455(para)
8795
#: serverguide/C/samba.xml:455(para)
8792
8796
msgid ""
8793
8797
"If you chose the <emphasis>Samba Server</emphasis> task during installation "
8794
8798
"<application>libpam-smbpass</application> is already installed."
8795
8799
msgstr ""
8796
8800
8797
#: serverguide/C/windows-networking.xml:461(para)
8801
#: serverguide/C/samba.xml:461(para)
8798
8802
msgid ""
8799
8803
"Edit <filename>/etc/samba/smb.conf</filename>, and in the "
8800
8804
"<emphasis>[share]</emphasis> section change:"
8802
8806
"Uredite datoteko <filename>/etc/samba/smb.conf</filename> in v odseku "
8803
8807
"<emphasis>[share]</emphasis> spremenite:"
8804
8808
8805
#: serverguide/C/windows-networking.xml:465(programlisting)
8809
#: serverguide/C/samba.xml:465(programlisting)
8806
8810
#, no-wrap
8807
8811
msgid ""
8808
8812
"\n"
8811
8815
"\n"
8812
8816
" guest ok = no\n"
8813
8817
8814
#: serverguide/C/windows-networking.xml:469(para)
8818
#: serverguide/C/samba.xml:469(para)
8815
8819
msgid "Finally, restart Samba for the new settings to take effect:"
8816
8820
msgstr ""
8817
8821
"Za konec znova zaženite program Samba, da se uveljavijo nove nastavitve:"
8818
8822
8819
#: serverguide/C/windows-networking.xml:478(para)
8823
#: serverguide/C/samba.xml:478(para)
8820
8824
msgid ""
8821
8825
"Now when connecting to the shared directories or printers you should be "
8822
8826
"prompted for a username and password."
8823
8827
msgstr ""
8824
8828
8825
#: serverguide/C/windows-networking.xml:483(para)
8829
#: serverguide/C/samba.xml:483(para)
8826
8830
msgid ""
8827
8831
"If you choose to map a network drive to the share you can check the "
8828
8832
"<quote>Reconnect at Logon</quote> check box, which will require you to only "
8829
8833
"enter the username and password once, at least until the password changes."
8830
8834
msgstr ""
8831
8835
8832
#: serverguide/C/windows-networking.xml:491(title)
8836
#: serverguide/C/samba.xml:491(title)
8833
8837
msgid "Share Security"
8834
8838
msgstr ""
8835
8839
8836
#: serverguide/C/windows-networking.xml:493(para)
8840
#: serverguide/C/samba.xml:493(para)
8837
8841
msgid ""
8838
8842
"There are several options available to increase the security for each "
8839
8843
"individual shared directory. Using the <emphasis>[share]</emphasis> example, "
8840
8844
"this section will cover some common options."
8841
8845
msgstr ""
8842
8846
8843
#: serverguide/C/windows-networking.xml:499(title)
8847
#: serverguide/C/samba.xml:499(title)
8844
8848
msgid "Groups"
8845
8849
msgstr "Skupine"
8846
8850
8847
#: serverguide/C/windows-networking.xml:501(para)
8851
#: serverguide/C/samba.xml:501(para)
8848
8852
msgid ""
8849
8853
"Groups define a collection of computers or users which have a common level "
8850
8854
"of access to particular network resources and offer a level of granularity "
8866
8870
"have only access to resources explicitly allowing the group they are part of."
8867
8871
msgstr ""
8868
8872
8869
#: serverguide/C/windows-networking.xml:515(para)
8873
#: serverguide/C/samba.xml:515(para)
8870
8874
msgid ""
8871
8875
"By default Samba looks for the local system groups defined in "
8872
8876
"<filename>/etc/group</filename> to determine which users belong to which "
8874
8878
"<xref linkend=\"adding-deleting-users\"/>."
8875
8879
msgstr ""
8876
8880
8877
#: serverguide/C/windows-networking.xml:521(para)
8881
#: serverguide/C/samba.xml:521(para)
8878
8882
msgid ""
8879
8883
"When defining groups in the Samba configuration file, "
8880
8884
"<filename>/etc/samba/smb.conf</filename>, the recognized syntax is to "
8885
8889
"role=\"bold\">@sysadmin</emphasis>."
8886
8890
msgstr ""
8887
8891
8888
#: serverguide/C/windows-networking.xml:530(title)
8892
#: serverguide/C/samba.xml:530(title)
8889
8893
msgid "File Permissions"
8890
8894
msgstr "Dovoljenja datotek"
8891
8895
8892
#: serverguide/C/windows-networking.xml:532(para)
8896
#: serverguide/C/samba.xml:532(para)
8893
8897
msgid ""
8894
8898
"File Permissions define the explicit rights a computer or user has to a "
8895
8899
"particular directory, file, or set of files. Such permissions may be defined "
8897
8901
"the explicit permissions of a defined file share."
8898
8902
msgstr ""
8899
8903
8900
#: serverguide/C/windows-networking.xml:538(para)
8904
#: serverguide/C/samba.xml:538(para)
8901
8905
msgid ""
8902
8906
"For example, if you have defined a Samba share called "
8903
8907
"<emphasis>share</emphasis> and wish to give <emphasis role=\"italic\">read-"
8909
8913
"under the <emphasis>[share]</emphasis> entry:"
8910
8914
msgstr ""
8911
8915
8912
#: serverguide/C/windows-networking.xml:547(programlisting)
8916
#: serverguide/C/samba.xml:547(programlisting)
8913
8917
#, no-wrap
8914
8918
msgid ""
8915
8919
"\n"
8917
8921
" write list = @sysadmin, vincent\n"
8918
8922
msgstr ""
8919
8923
8920
#: serverguide/C/windows-networking.xml:552(para)
8924
#: serverguide/C/samba.xml:552(para)
8921
8925
msgid ""
8922
8926
"Another possible Samba permission is to declare "
8923
8927
"<emphasis>administrative</emphasis> permissions to a particular shared "
8926
8930
"administrative permissions to."
8927
8931
msgstr ""
8928
8932
8929
#: serverguide/C/windows-networking.xml:558(para)
8933
#: serverguide/C/samba.xml:558(para)
8930
8934
msgid ""
8931
8935
"For example, if you wanted to give the user <emphasis "
8932
8936
"role=\"italic\">melissa</emphasis> administrative permissions to the "
8935
8939
"under the <emphasis>[share]</emphasis> entry:"
8936
8940
msgstr ""
8937
8941
8938
#: serverguide/C/windows-networking.xml:565(programlisting)
8942
#: serverguide/C/samba.xml:565(programlisting)
8939
8943
#, no-wrap
8940
8944
msgid ""
8941
8945
"\n"
8942
8946
" admin users = melissa\n"
8943
8947
msgstr ""
8944
8948
8945
#: serverguide/C/windows-networking.xml:569(para)
8949
#: serverguide/C/samba.xml:569(para)
8946
8950
msgid ""
8947
8951
"After editing <filename>/etc/samba/smb.conf</filename>, restart Samba for "
8948
8952
"the changes to take effect:"
8950
8954
"Ko uredite datoteko <filename>/etc/samba/smb.conf</filename>, znova zaženite "
8951
8955
"program Samba, da se uveljavijo nove nastavitve:"
8952
8956
8953
#: serverguide/C/windows-networking.xml:579(para)
8957
#: serverguide/C/samba.xml:579(para)
8954
8958
msgid ""
8955
8959
"For the <emphasis>read list</emphasis> and <emphasis>write list</emphasis> "
8956
8960
"to work the Samba security mode must <emphasis>not</emphasis> be set to "
8957
8961
"<emphasis role=\"italic\">security = share</emphasis>"
8958
8962
msgstr ""
8959
8963
8960
#: serverguide/C/windows-networking.xml:585(para)
8964
#: serverguide/C/samba.xml:585(para)
8961
8965
msgid ""
8962
8966
"Now that Samba has been configured to limit which groups have access to the "
8963
8967
"shared directory, the filesystem permissions need to be updated."
8964
8968
msgstr ""
8965
8969
8966
#: serverguide/C/windows-networking.xml:590(para)
8970
#: serverguide/C/samba.xml:590(para)
8967
8971
msgid ""
8968
8972
"Traditional Linux file permissions do not map well to Windows NT Access "
8969
8973
"Control Lists (ACLs). Fortunately POSIX ACLs are available on Ubuntu servers "
8972
8976
"<filename>/etc/fstab</filename> adding the <emphasis>acl</emphasis> option:"
8973
8977
msgstr ""
8974
8978
8975
#: serverguide/C/windows-networking.xml:597(programlisting)
8979
#: serverguide/C/samba.xml:597(programlisting)
8976
8980
#, no-wrap
8977
8981
msgid ""
8978
8982
"\n"
8983
8987
"UUID=66bcdd2e-8861-4fb0-b7e4-e61c569fe17d /srv ext3 noatime,relatime,acl "
8984
8988
"0 1\n"
8985
8989
8986
#: serverguide/C/windows-networking.xml:601(para)
8990
#: serverguide/C/samba.xml:601(para)
8987
8991
msgid "Then remount the partition:"
8988
8992
msgstr "Nato ponovno priklopite razdelek:"
8989
8993
8990
#: serverguide/C/windows-networking.xml:606(command)
8994
#: serverguide/C/samba.xml:606(command)
8991
8995
msgid "sudo mount -v -o remount /srv"
8992
8996
msgstr "sudo mount -v -o remount /srv"
8993
8997
8994
#: serverguide/C/windows-networking.xml:610(para)
8998
#: serverguide/C/samba.xml:610(para)
8995
8999
msgid ""
8996
9000
"The above example assumes <filename>/srv</filename> on a separate partition. "
8997
9001
"If <filename>/srv</filename>, or wherever you have configured your share "
8999
9003
"required."
9000
9004
msgstr ""
9001
9005
9002
#: serverguide/C/windows-networking.xml:617(para)
9006
#: serverguide/C/samba.xml:617(para)
9003
9007
msgid ""
9004
9008
"To match the Samba configuration above the <emphasis>sysadmin</emphasis> "
9005
9009
"group will be given read, write, and execute permissions to "
9008
9012
"the username <emphasis>melissa</emphasis>. Enter the following in a terminal:"
9009
9013
msgstr ""
9010
9014
9011
#: serverguide/C/windows-networking.xml:625(command)
9015
#: serverguide/C/samba.xml:625(command)
9012
9016
msgid "sudo chown -R melissa /srv/samba/share/"
9013
9017
msgstr "sudo chown -R melissa /srv/samba/share/"
9014
9018
9015
#: serverguide/C/windows-networking.xml:626(command)
9019
#: serverguide/C/samba.xml:626(command)
9016
9020
msgid "sudo chgrp -R sysadmin /srv/samba/share/"
9017
9021
msgstr "sudo chgrp -R sysadmin /srv/samba/share/"
9018
9022
9019
#: serverguide/C/windows-networking.xml:627(command)
9023
#: serverguide/C/samba.xml:627(command)
9020
9024
msgid "sudo setfacl -R -m g:qa:rx /srv/samba/share/"
9021
9025
msgstr "sudo setfacl -R -m g:qa:rx /srv/samba/share/"
9022
9026
9023
#: serverguide/C/windows-networking.xml:631(para)
9027
#: serverguide/C/samba.xml:631(para)
9024
9028
msgid ""
9025
9029
"The <application>setfacl</application> command above gives "
9026
9030
"<emphasis>execute</emphasis> permissions to all files in the "
9028
9032
"want."
9029
9033
msgstr ""
9030
9034
9031
#: serverguide/C/windows-networking.xml:637(para)
9035
#: serverguide/C/samba.xml:637(para)
9032
9036
msgid ""
9033
9037
"Now from a Windows client you should notice the new file permissions are "
9034
9038
"implemented. See the <application>acl</application> and "
9036
9040
"ACLs."
9037
9041
msgstr ""
9038
9042
9039
#: serverguide/C/windows-networking.xml:645(title)
9043
#: serverguide/C/samba.xml:645(title)
9040
9044
msgid "Samba AppArmor Profile"
9041
9045
msgstr "Profil Samba Apparmor"
9042
9046
9043
#: serverguide/C/windows-networking.xml:647(para)
9047
#: serverguide/C/samba.xml:647(para)
9044
9048
msgid ""
9045
9049
"Ubuntu comes with the <application>AppArmor</application> security module, "
9046
9050
"which provides mandatory access controls. The default AppArmor profile for "
9048
9052
"using AppArmor see <xref linkend=\"apparmor\"/>."
9049
9053
msgstr ""
9050
9054
9051
#: serverguide/C/windows-networking.xml:653(para)
9055
#: serverguide/C/samba.xml:653(para)
9052
9056
msgid ""
9053
9057
"There are default AppArmor profiles for <filename>/usr/sbin/smbd</filename> "
9054
9058
"and <filename>/usr/sbin/nmbd</filename>, the Samba daemon binaries, as part "
9056
9060
"package, from a terminal prompt enter:"
9057
9061
msgstr ""
9058
9062
9059
#: serverguide/C/windows-networking.xml:660(command)
9063
#: serverguide/C/samba.xml:660(command)
9060
9064
msgid "sudo apt-get install apparmor-profiles apparmor-utils"
9061
9065
msgstr ""
9062
9066
9063
#: serverguide/C/windows-networking.xml:664(para)
9067
#: serverguide/C/samba.xml:664(para)
9064
9068
msgid "This package contains profiles for several other binaries."
9065
9069
msgstr "Ta paket vsebuje profile za nekaj drugih binarnih datotek."
9066
9070
9067
#: serverguide/C/windows-networking.xml:669(para)
9071
#: serverguide/C/samba.xml:669(para)
9068
9072
msgid ""
9069
9073
"By default the profiles for <application>smbd</application> and "
9070
9074
"<application>nmbd</application> are in <emphasis>complain</emphasis> mode "
9074
9078
"profile will need to be modified to reflect any directories that are shared."
9075
9079
msgstr ""
9076
9080
9077
#: serverguide/C/windows-networking.xml:676(para)
9081
#: serverguide/C/samba.xml:676(para)
9078
9082
msgid ""
9079
9083
"Edit <filename>/etc/apparmor.d/usr.sbin.smbd</filename> adding information "
9080
9084
"for <emphasis>[share]</emphasis> from the file server example:"
9081
9085
msgstr ""
9082
9086
9083
#: serverguide/C/windows-networking.xml:681(programlisting)
9087
#: serverguide/C/samba.xml:681(programlisting)
9084
9088
#, no-wrap
9085
9089
msgid ""
9086
9090
"\n"
9091
9095
" /srv/samba/share/ r,\n"
9092
9096
" /srv/samba/share/** rwkix,\n"
9093
9097
9094
#: serverguide/C/windows-networking.xml:686(para)
9098
#: serverguide/C/samba.xml:686(para)
9095
9099
msgid ""
9096
9100
"Now place the profile into <emphasis>enforce</emphasis> and reload it:"
9097
9101
msgstr ""
9098
9102
9099
#: serverguide/C/windows-networking.xml:691(command)
9103
#: serverguide/C/samba.xml:691(command)
9100
9104
msgid "sudo aa-enforce /usr/sbin/smbd"
9101
9105
msgstr "sudo aa-enforce /usr/sbin/smbd"
9102
9106
9103
#: serverguide/C/windows-networking.xml:692(command)
9107
#: serverguide/C/samba.xml:692(command)
9104
9108
msgid "cat /etc/apparmor.d/usr.sbin.smbd | sudo apparmor_parser -r"
9105
9109
msgstr "cat /etc/apparmor.d/usr.sbin.smbd | sudo apparmor_parser -r"
9106
9110
9107
#: serverguide/C/windows-networking.xml:695(para)
9111
#: serverguide/C/samba.xml:695(para)
9108
9112
msgid ""
9109
9113
"You should now be able to read, write, and execute files in the shared "
9110
9114
"directory as normal, and the <application>smbd</application> binary will "
9113
9117
"will be logged to <filename>/var/log/syslog</filename>."
9114
9118
msgstr ""
9115
9119
9116
#: serverguide/C/windows-networking.xml:720(para) serverguide/C/windows-networking.xml:1116(para)
9120
#: serverguide/C/samba.xml:720(para) serverguide/C/samba.xml:1116(para)
9117
9121
msgid ""
9118
9122
"O'Reilly's <ulink "
9119
9123
"url=\"http://www.oreilly.com/catalog/9780596007690/\">Using Samba</ulink> is "
9120
9124
"also a good reference."
9121
9125
msgstr ""
9122
9126
9123
#: serverguide/C/windows-networking.xml:726(para)
9127
#: serverguide/C/samba.xml:726(para)
9124
9128
msgid ""
9125
9129
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/securing-"
9126
9130
"samba.html\">Chapter 18</ulink> of the Samba HOWTO Collection is devoted to "
9127
9131
"security."
9128
9132
msgstr ""
9129
9133
9130
#: serverguide/C/windows-networking.xml:732(para)
9134
#: serverguide/C/samba.xml:732(para)
9131
9135
msgid ""
9132
9136
"For more information on Samba and ACLs see the <ulink "
9133
9137
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
9138
9142
msgid "As a Domain Controller"
9139
9143
msgstr ""
9140
9144
9141
#: serverguide/C/windows-networking.xml:750(para)
9145
#: serverguide/C/samba.xml:750(para)
9142
9146
msgid ""
9143
9147
"Although it cannot act as an Active Directory Primary Domain Controller "
9144
9148
"(PDC), a Samba server can be configured to appear as a Windows NT4-style "
9147
9151
"backends to store the user information."
9148
9152
msgstr ""
9149
9153
9150
#: serverguide/C/windows-networking.xml:757(title)
9154
#: serverguide/C/samba.xml:757(title)
9151
9155
msgid "Primary Domain Controller"
9152
9156
msgstr "Osnovni nadzornik domene"
9153
9157
9154
#: serverguide/C/windows-networking.xml:759(para)
9158
#: serverguide/C/samba.xml:759(para)
9155
9159
msgid ""
9156
9160
"This section covers configuring Samba as a Primary Domain Controller (PDC) "
9157
9161
"using the default smbpasswd backend."
9159
9163
"Ta odsek pokriva nastavljanje Sambe kot osnovni nadzornik domene (PDC) z "
9160
9164
"uporabo privzetega začelja smbpasswd."
9161
9165
9162
#: serverguide/C/windows-networking.xml:766(para)
9166
#: serverguide/C/samba.xml:766(para)
9163
9167
msgid ""
9164
9168
"First, install Samba, and <application>libpam-smbpass</application> to sync "
9165
9169
"the user accounts, by entering the following in a terminal prompt:"
9166
9170
msgstr ""
9167
9171
9168
#: serverguide/C/windows-networking.xml:772(command) serverguide/C/windows-networking.xml:1013(command)
9172
#: serverguide/C/samba.xml:772(command) serverguide/C/samba.xml:1013(command)
9169
9173
msgid "sudo apt-get install samba libpam-smbpass"
9170
9174
msgstr "sudo apt-get install samba libpam-smbpass"
9171
9175
9172
#: serverguide/C/windows-networking.xml:778(para)
9176
#: serverguide/C/samba.xml:778(para)
9173
9177
msgid ""
9174
9178
"Next, configure Samba by editing <filename>/etc/samba/smb.conf</filename>. "
9175
9179
"The <emphasis>security</emphasis> mode should be set to <emphasis "
9182
9186
"role=\"italic\">user</emphasis>, spremenljivka <emphasis>workgroup</emphasis "
9183
9187
"pa na ime vaše organizacije."
9184
9188
9185
#: serverguide/C/windows-networking.xml:793(para)
9189
#: serverguide/C/samba.xml:793(para)
9186
9190
msgid ""
9187
9191
"In the commented <quote>Domains</quote> section add or uncomment the "
9188
9192
"following (the last line has been split to fit the format of this document):"
9189
9193
msgstr ""
9190
9194
9191
#: serverguide/C/windows-networking.xml:797(programlisting)
9195
#: serverguide/C/samba.xml:797(programlisting)
9192
9196
#, no-wrap
9193
9197
msgid ""
9194
9198
"\n"
9201
9205
" /var/lib/samba -s /bin/false %u\n"
9202
9206
msgstr ""
9203
9207
9204
#: serverguide/C/windows-networking.xml:808(para)
9208
#: serverguide/C/samba.xml:808(para)
9205
9209
msgid ""
9206
9210
"If you wish to not use <emphasis>Roaming Profiles</emphasis> leave the "
9207
9211
"<emphasis>logon home</emphasis> and <emphasis>logon path</emphasis> options "
9208
9212
"commented."
9209
9213
msgstr ""
9210
9214
9211
#: serverguide/C/windows-networking.xml:816(para)
9215
#: serverguide/C/samba.xml:816(para)
9212
9216
msgid ""
9213
9217
"<emphasis>domain logons:</emphasis> provides the netlogon service causing "
9214
9218
"Samba to act as a domain controller."
9215
9219
msgstr ""
9216
9220
9217
#: serverguide/C/windows-networking.xml:821(para)
9221
#: serverguide/C/samba.xml:821(para)
9218
9222
msgid ""
9219
9223
"<emphasis>logon path:</emphasis> places the user's Windows profile into "
9220
9224
"their home directory. It is also possible to configure a "
9222
9226
"directory."
9223
9227
msgstr ""
9224
9228
9225
#: serverguide/C/windows-networking.xml:827(para)
9229
#: serverguide/C/samba.xml:827(para)
9226
9230
msgid ""
9227
9231
"<emphasis>logon drive:</emphasis> specifies the home directory local path."
9228
9232
msgstr ""
9229
9233
9230
#: serverguide/C/windows-networking.xml:832(para)
9234
#: serverguide/C/samba.xml:832(para)
9231
9235
msgid ""
9232
9236
"<emphasis>logon home:</emphasis> specifies the home directory location."
9233
9237
msgstr ""
9234
9238
9235
#: serverguide/C/windows-networking.xml:837(para)
9239
#: serverguide/C/samba.xml:837(para)
9236
9240
msgid ""
9237
9241
"<emphasis>logon script:</emphasis> determines the script to be run locally "
9238
9242
"once a user has logged in. The script needs to be placed in the "
9239
9243
"<emphasis>[netlogon]</emphasis> share."
9240
9244
msgstr ""
9241
9245
9242
#: serverguide/C/windows-networking.xml:843(para)
9246
#: serverguide/C/samba.xml:843(para)
9243
9247
msgid ""
9244
9248
"<emphasis>add machine script:</emphasis> a script that will automatically "
9245
9249
"create the <emphasis>Machine Trust Account</emphasis> needed for a "
9246
9250
"workstation to join the domain."
9247
9251
msgstr ""
9248
9252
9249
#: serverguide/C/windows-networking.xml:847(para)
9253
#: serverguide/C/samba.xml:847(para)
9250
9254
msgid ""
9251
9255
"In this example the <emphasis>machines</emphasis> group will need to be "
9252
9256
"created using the <application>addgroup</application> utility see <xref "
9253
9257
"linkend=\"adding-deleting-users\"/> for details."
9254
9258
msgstr ""
9255
9259
9256
#: serverguide/C/windows-networking.xml:858(para)
9260
#: serverguide/C/samba.xml:858(para)
9257
9261
msgid ""
9258
9262
"Uncomment the <emphasis>[homes]</emphasis> share to allow the <emphasis "
9259
9263
"role=\"italic\">logon home</emphasis> to be mapped:"
9260
9264
msgstr ""
9261
9265
9262
#: serverguide/C/windows-networking.xml:863(programlisting)
9266
#: serverguide/C/samba.xml:863(programlisting)
9263
9267
#, no-wrap
9264
9268
msgid ""
9265
9269
"\n"
9280
9284
" directory mask = 0700\n"
9281
9285
" valid users = %S\n"
9282
9286
9283
#: serverguide/C/windows-networking.xml:876(para)
9287
#: serverguide/C/samba.xml:876(para)
9284
9288
msgid ""
9285
9289
"When configured as a domain controller a <emphasis>[netlogon]</emphasis> "
9286
9290
"share needs to be configured. To enable the share, uncomment:"
9287
9291
msgstr ""
9288
9292
9289
#: serverguide/C/windows-networking.xml:881(programlisting)
9293
#: serverguide/C/samba.xml:881(programlisting)
9290
9294
#, no-wrap
9291
9295
msgid ""
9292
9296
"\n"
9305
9309
" read only = yes\n"
9306
9310
" share modes = no\n"
9307
9311
9308
#: serverguide/C/windows-networking.xml:891(para)
9312
#: serverguide/C/samba.xml:891(para)
9309
9313
msgid ""
9310
9314
"The original <emphasis>netlogon</emphasis> share path is "
9311
9315
"<filename>/home/samba/netlogon</filename>, but according to the Filesystem "
9314
9318
"location for site-specific data provided by the system."
9315
9319
msgstr ""
9316
9320
9317
#: serverguide/C/windows-networking.xml:902(para)
9321
#: serverguide/C/samba.xml:902(para)
9318
9322
msgid ""
9319
9323
"Now create the <filename role=\"directory\">netlogon</filename> directory, "
9320
9324
"and an empty (for now) <filename>logon.cmd</filename> script file:"
9322
9326
"Sedaj ustvarite mapo <filename role=\"directory\">netlogon</filename> in "
9323
9327
"prazno datoteko <filename>logon.cmd</filename>:"
9324
9328
9325
#: serverguide/C/windows-networking.xml:908(command)
9329
#: serverguide/C/samba.xml:908(command)
9326
9330
msgid "sudo mkdir -p /srv/samba/netlogon"
9327
9331
msgstr "sudo mkdir -p /srv/samba/netlogon"
9328
9332
9329
#: serverguide/C/windows-networking.xml:909(command)
9333
#: serverguide/C/samba.xml:909(command)
9330
9334
msgid "sudo touch /srv/samba/netlogon/logon.cmd"
9331
9335
msgstr "sudo touch /srv/samba/netlogon/logon.cmd"
9332
9336
9333
#: serverguide/C/windows-networking.xml:912(para)
9337
#: serverguide/C/samba.xml:912(para)
9334
9338
msgid ""
9335
9339
"You can enter any normal Windows logon script commands in "
9336
9340
"<filename>logon.cmd</filename> to customize the client's environment."
9337
9341
msgstr ""
9338
9342
9339
#: serverguide/C/windows-networking.xml:920(para)
9343
#: serverguide/C/samba.xml:920(para)
9340
9344
msgid "Restart Samba to enable the new domain controller:"
9341
9345
msgstr ""
9342
9346
9343
#: serverguide/C/windows-networking.xml:932(para)
9347
#: serverguide/C/samba.xml:932(para)
9344
9348
msgid ""
9345
9349
"Lastly, there are a few additional commands needed to setup the appropriate "
9346
9350
"rights."
9347
9351
msgstr ""
9348
9352
9349
#: serverguide/C/windows-networking.xml:936(para)
9353
#: serverguide/C/samba.xml:936(para)
9350
9354
msgid ""
9351
9355
"With <emphasis>root</emphasis> being disabled by default, in order to join a "
9352
9356
"workstation to the domain, a system group needs to be mapped to the Windows "
9354
9358
"<application>net</application> utility, from a terminal enter:"
9355
9359
msgstr ""
9356
9360
9357
#: serverguide/C/windows-networking.xml:943(command)
9361
#: serverguide/C/samba.xml:943(command)
9358
9362
msgid ""
9359
9363
"sudo net groupmap add ntgroup=\"Domain Admins\" unixgroup=sysadmin rid=512 "
9360
9364
"type=d"
9361
9365
msgstr ""
9362
9366
9363
#: serverguide/C/windows-networking.xml:947(para)
9367
#: serverguide/C/samba.xml:947(para)
9364
9368
msgid ""
9365
9369
"Change <emphasis role=\"italic\">sysadmin</emphasis> to whichever group you "
9366
9370
"prefer. Also, the user used to join the domain needs to be a member of the "
9369
9373
"allows <application>sudo</application> use."
9370
9374
msgstr ""
9371
9375
9372
#: serverguide/C/windows-networking.xml:953(para)
9376
#: serverguide/C/samba.xml:953(para)
9373
9377
msgid ""
9374
9378
"If the user does not have Samba credentials yet, you can add them with the "
9375
9379
"<application>smbpasswd</application> utility, change the "
9378
9382
"</screen>"
9379
9383
msgstr ""
9380
9384
9381
#: serverguide/C/windows-networking.xml:963(para)
9385
#: serverguide/C/samba.xml:963(para)
9382
9386
msgid ""
9383
9387
"Also, rights need to be explicitly provided to the <emphasis>Domain "
9384
9388
"Admins</emphasis> group to allow the <emphasis>add machine script</emphasis> "
9385
9389
"(and other admin functions) to work. This is achieved by executing:"
9386
9390
msgstr ""
9387
9391
9388
#: serverguide/C/windows-networking.xml:968(command)
9392
#: serverguide/C/samba.xml:968(command)
9389
9393
msgid ""
9390
9394
"net rpc rights grant -U sysadmin \"EXAMPLE\\Domain Admins\" "
9391
9395
"SeMachineAccountPrivilege \\ SePrintOperatorPrivilege SeAddUsersPrivilege "
9392
9396
"SeDiskOperatorPrivilege \\ SeRemoteShutdownPrivilege"
9393
9397
msgstr ""
9394
9398
9395
#: serverguide/C/windows-networking.xml:976(para)
9399
#: serverguide/C/samba.xml:976(para)
9396
9400
msgid ""
9397
9401
"You should now be able to join Windows clients to the Domain in the same "
9398
9402
"manner as joining them to an NT4 domain running on a Windows server."
9399
9403
msgstr ""
9400
9404
9401
#: serverguide/C/windows-networking.xml:986(title)
9405
#: serverguide/C/samba.xml:986(title)
9402
9406
msgid "Backup Domain Controller"
9403
9407
msgstr ""
9404
9408
9405
#: serverguide/C/windows-networking.xml:988(para)
9409
#: serverguide/C/samba.xml:988(para)
9406
9410
msgid ""
9407
9411
"With a Primary Domain Controller (PDC) on the network it is best to have a "
9408
9412
"Backup Domain Controller (BDC) as well. This will allow clients to "
9409
9413
"authenticate in case the PDC becomes unavailable."
9410
9414
msgstr ""
9411
9415
9412
#: serverguide/C/windows-networking.xml:993(para)
9416
#: serverguide/C/samba.xml:993(para)
9413
9417
msgid ""
9414
9418
"When configuring Samba as a BDC you need a way to sync account information "
9415
9419
"with the PDC. There are multiple ways of accomplishing this "
9418
9422
"backend</emphasis>."
9419
9423
msgstr ""
9420
9424
9421
#: serverguide/C/windows-networking.xml:999(para)
9425
#: serverguide/C/samba.xml:999(para)
9422
9426
msgid ""
9423
9427
"Using LDAP is the most robust way to sync account information, because both "
9424
9428
"domain controllers can use the same information in real time. However, "
9426
9430
"user and computer accounts. See <xref linkend=\"samba-ldap\"/> for details."
9427
9431
msgstr ""
9428
9432
9429
#: serverguide/C/windows-networking.xml:1008(para)
9433
#: serverguide/C/samba.xml:1008(para)
9430
9434
msgid ""
9431
9435
"First, install <application>samba</application> and <application>libpam-"
9432
9436
"smbpass</application>. From a terminal enter:"
9433
9437
msgstr ""
9434
9438
9435
#: serverguide/C/windows-networking.xml:1019(para)
9439
#: serverguide/C/samba.xml:1019(para)
9436
9440
msgid ""
9437
9441
"Now, edit <filename>/etc/samba/smb.conf</filename> and uncomment the "
9438
9442
"following in the <emphasis>[global]</emphasis>:"
9439
9443
msgstr ""
9440
9444
9441
#: serverguide/C/windows-networking.xml:1032(para)
9445
#: serverguide/C/samba.xml:1032(para)
9442
9446
msgid "In the commented <emphasis>Domains</emphasis> uncomment or add:"
9443
9447
msgstr ""
9444
9448
9445
#: serverguide/C/windows-networking.xml:1036(programlisting)
9449
#: serverguide/C/samba.xml:1036(programlisting)
9446
9450
#, no-wrap
9447
9451
msgid ""
9448
9452
"\n"
9453
9457
" domain logons = yes\n"
9454
9458
" domain master = no\n"
9455
9459
9456
#: serverguide/C/windows-networking.xml:1044(para)
9460
#: serverguide/C/samba.xml:1044(para)
9457
9461
msgid ""
9458
9462
"Make sure a user has rights to read the files in "
9459
9463
"<filename>/var/lib/samba</filename>. For example, to allow users in the "
9461
9465
"files, enter:"
9462
9466
msgstr ""
9463
9467
9464
#: serverguide/C/windows-networking.xml:1050(command)
9468
#: serverguide/C/samba.xml:1050(command)
9465
9469
msgid "sudo chgrp -R admin /var/lib/samba"
9466
9470
msgstr "sudo chgrp -R admin /var/lib/samba"
9467
9471
9468
#: serverguide/C/windows-networking.xml:1056(para)
9472
#: serverguide/C/samba.xml:1056(para)
9469
9473
msgid ""
9470
9474
"Next, sync the user accounts, using <application>scp</application> to copy "
9471
9475
"the <filename>/var/lib/samba</filename> directory from the PDC:"
9472
9476
msgstr ""
9473
9477
9474
#: serverguide/C/windows-networking.xml:1062(command)
9478
#: serverguide/C/samba.xml:1062(command)
9475
9479
msgid "sudo scp -r username@pdc:/var/lib/samba /var/lib"
9476
9480
msgstr "sudo scp -r uporabniško-ime@pdc:/var/lib/samba /var/lib"
9477
9481
9478
#: serverguide/C/windows-networking.xml:1066(para)
9482
#: serverguide/C/samba.xml:1066(para)
9479
9483
msgid ""
9480
9484
"Replace <emphasis>username</emphasis> with a valid username and "
9481
9485
"<emphasis>pdc</emphasis> with the hostname or IP Address of your actual PDC."
9482
9486
msgstr ""
9483
9487
9484
#: serverguide/C/windows-networking.xml:1075(para)
9488
#: serverguide/C/samba.xml:1075(para)
9485
9489
msgid "Finally, restart <application>samba</application>:"
9486
9490
msgstr "Za konec znova zaženite program <application>samba</application>:"
9487
9491
9488
#: serverguide/C/windows-networking.xml:1087(para)
9492
#: serverguide/C/samba.xml:1087(para)
9489
9493
msgid ""
9490
9494
"You can test that your Backup Domain controller is working by stopping the "
9491
9495
"Samba daemon on the PDC, then trying to login to a Windows client joined to "
9492
9496
"the domain."
9493
9497
msgstr ""
9494
9498
9495
#: serverguide/C/windows-networking.xml:1092(para)
9499
#: serverguide/C/samba.xml:1092(para)
9496
9500
msgid ""
9497
9501
"Another thing to keep in mind is if you have configured the <emphasis>logon "
9498
9502
"home</emphasis> option as a directory on the PDC, and the PDC becomes "
9501
9505
"home</emphasis> to reside on a separate file server from the PDC and BDC."
9502
9506
msgstr ""
9503
9507
9504
#: serverguide/C/windows-networking.xml:1122(para)
9508
#: serverguide/C/samba.xml:1122(para)
9505
9509
msgid ""
9506
9510
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-"
9507
9511
"pdc.html\">Chapter 4</ulink> of the Samba HOWTO Collection explains setting "
9508
9512
"up a Primary Domain Controller."
9509
9513
msgstr ""
9510
9514
9511
#: serverguide/C/windows-networking.xml:1128(para)
9515
#: serverguide/C/samba.xml:1128(para)
9512
9516
msgid ""
9513
9517
"<ulink url=\"http://us3.samba.org/samba/docs/man/Samba-HOWTO-"
9514
9518
"Collection/samba-bdc.html\">Chapter 5</ulink> of the Samba HOWTO Collection "
9519
9523
msgid "Active Directory Integration"
9520
9524
msgstr ""
9521
9525
9522
#: serverguide/C/windows-networking.xml:1146(title)
9526
#: serverguide/C/samba.xml:1146(title)
9523
9527
msgid "Accessing a Samba Share"
9524
9528
msgstr ""
9525
9529
9526
#: serverguide/C/windows-networking.xml:1148(para)
9530
#: serverguide/C/samba.xml:1148(para)
9527
9531
msgid ""
9528
9532
"Another, use for Samba is to integrate into an existing Windows network. "
9529
9533
"Once part of an Active Directory domain, Samba can provide file and print "
9539
9543
"Likewise Open documentation</ulink>."
9540
9544
msgstr ""
9541
9545
9542
#: serverguide/C/windows-networking.xml:1159(para)
9546
#: serverguide/C/samba.xml:1159(para)
9543
9547
msgid ""
9544
9548
"Once part of the Active Directory domain, enter the following command in the "
9545
9549
"terminal prompt:"
9546
9550
msgstr ""
9547
9551
9548
#: serverguide/C/windows-networking.xml:1164(command)
9552
#: serverguide/C/samba.xml:1164(command)
9549
9553
msgid "sudo apt-get install samba smbfs smbclient"
9550
9554
msgstr "sudo apt-get install samba smbfs smbclient"
9551
9555
9552
#: serverguide/C/windows-networking.xml:1167(para)
9556
#: serverguide/C/samba.xml:1167(para)
9553
9557
msgid "Next, edit <filename>/etc/samba/smb.conf</filename> changing:"
9554
9558
msgstr ""
9555
9559
"Nato uredite datoteko <filename>/etc/samba/smb.conf</filename> in spremenite:"
9556
9560
9557
#: serverguide/C/windows-networking.xml:1171(programlisting)
9561
#: serverguide/C/samba.xml:1171(programlisting)
9558
9562
#, no-wrap
9559
9563
msgid ""
9560
9564
"\n"
9577
9581
" idmap uid = 50-9999999999\n"
9578
9582
" idmap gid = 50-9999999999\n"
9579
9583
9580
#: serverguide/C/windows-networking.xml:1182(para)
9584
#: serverguide/C/samba.xml:1182(para)
9581
9585
msgid ""
9582
9586
"Restart <application>samba</application> for the new settings to take effect:"
9583
9587
msgstr ""
9584
9588
"Znova zaženite program <application>Samba</application>, da se uveljavijo "
9585
9589
"nove nastavitve:"
9586
9590
9587
#: serverguide/C/windows-networking.xml:1191(para)
9591
#: serverguide/C/samba.xml:1191(para)
9588
9592
msgid ""
9589
9593
"You should now be able to access any <application>Samba</application> shares "
9590
9594
"from a Windows client. However, be sure to give the appropriate AD users or "
9592
9596
"security\"/> for more details."
9593
9597
msgstr ""
9594
9598
9595
#: serverguide/C/windows-networking.xml:1199(title)
9599
#: serverguide/C/samba.xml:1199(title)
9596
9600
msgid "Accessing a Windows Share"
9597
9601
msgstr ""
9598
9602
9599
#: serverguide/C/windows-networking.xml:1201(para)
9603
#: serverguide/C/samba.xml:1201(para)
9600
9604
msgid ""
9601
9605
"Now that the Samba server is part of the Active Directory domain you can "
9602
9606
"access any Windows server shares:"
9603
9607
msgstr ""
9604
9608
9605
#: serverguide/C/windows-networking.xml:1208(para)
9609
#: serverguide/C/samba.xml:1208(para)
9606
9610
msgid ""
9607
9611
"To mount a Windows file share enter the following in a terminal prompt:"
9608
9612
msgstr ""
9609
9613
9610
#: serverguide/C/windows-networking.xml:1212(command)
9614
#: serverguide/C/samba.xml:1212(command)
9611
9615
msgid "mount.cifs //fs01.example.com/share mount_point"
9612
9616
msgstr ""
9613
9617
9614
#: serverguide/C/windows-networking.xml:1215(para)
9618
#: serverguide/C/samba.xml:1215(para)
9615
9619
msgid ""
9616
9620
"It is also possible to access shares on computers not part of an AD domain, "
9617
9621
"but a username and password will need to be provided."
9618
9622
msgstr ""
9619
9623
9620
#: serverguide/C/windows-networking.xml:1223(para)
9624
#: serverguide/C/samba.xml:1223(para)
9621
9625
msgid ""
9622
9626
"To mount the share during boot place an entry in "
9623
9627
"<filename>/etc/fstab</filename>, for example:"
9624
9628
msgstr ""
9625
9629
9626
#: serverguide/C/windows-networking.xml:1227(programlisting)
9630
#: serverguide/C/samba.xml:1227(programlisting)
9627
9631
#, no-wrap
9628
9632
msgid ""
9629
9633
"\n"
9634
9638
"//192.168.0.5/share /mnt/windows cifs "
9635
9639
"auto,username=klemen,password=skrivnost,rw 0 0\n"
9636
9640
9637
#: serverguide/C/windows-networking.xml:1234(para)
9641
#: serverguide/C/samba.xml:1234(para)
9638
9642
msgid ""
9639
9643
"Another way to copy files from a Windows server is to use the "
9640
9644
"<application>smbclient</application> utility. To list the files in a Windows "
9641
9645
"share:"
9642
9646
msgstr ""
9643
9647
9644
#: serverguide/C/windows-networking.xml:1240(command)
9648
#: serverguide/C/samba.xml:1240(command)
9645
9649
msgid "smbclient //fs01.example.com/share -k -c \"ls\""
9646
9650
msgstr "smbclient //fs01.primer.si/share -k -c \"ls\""
9647
9651
9648
#: serverguide/C/windows-networking.xml:1246(para)
9652
#: serverguide/C/samba.xml:1246(para)
9649
9653
msgid "To copy a file from the share, enter:"
9650
9654
msgstr ""
9651
9655
9652
#: serverguide/C/windows-networking.xml:1251(command)
9656
#: serverguide/C/samba.xml:1251(command)
9653
9657
msgid "smbclient //fs01.example.com/share -k -c \"get file.txt\""
9654
9658
msgstr ""
9655
9659
9656
#: serverguide/C/windows-networking.xml:1254(para)
9660
#: serverguide/C/samba.xml:1254(para)
9657
9661
msgid ""
9658
9662
"This will copy the <filename>file.txt</filename> into the current directory."
9659
9663
msgstr ""
9660
9664
9661
#: serverguide/C/windows-networking.xml:1261(para)
9665
#: serverguide/C/samba.xml:1261(para)
9662
9666
msgid "And to copy a file to the share:"
9663
9667
msgstr ""
9664
9668
9665
#: serverguide/C/windows-networking.xml:1266(command)
9669
#: serverguide/C/samba.xml:1266(command)
9666
9670
msgid "smbclient //fs01.example.com/share -k -c \"put /etc/hosts hosts\""
9667
9671
msgstr "smbclient //fs01.primer.si/share -k -c \"put /etc/hosts hosts\""
9668
9672
9669
#: serverguide/C/windows-networking.xml:1269(para)
9673
#: serverguide/C/samba.xml:1269(para)
9670
9674
msgid ""
9671
9675
"This will copy the <filename>/etc/hosts</filename> to "
9672
9676
"<filename>//fs01.example.com/share/hosts</filename>."
9673
9677
msgstr ""
9674
9678
9675
#: serverguide/C/windows-networking.xml:1276(para)
9679
#: serverguide/C/samba.xml:1276(para)
9676
9680
msgid ""
9677
9681
"The <emphasis>-c</emphasis> option used above allows you to execute the "
9678
9682
"<application>smbclient</application> command all at once. This is useful for "
9681
9685
"and directory commands, simply execute:"
9682
9686
msgstr ""
9683
9687
9684
#: serverguide/C/windows-networking.xml:1283(command)
9688
#: serverguide/C/samba.xml:1283(command)
9685
9689
msgid "smbclient //fs01.example.com/share -k"
9686
9690
msgstr ""
9687
9691
9688
#: serverguide/C/windows-networking.xml:1290(para)
9692
#: serverguide/C/samba.xml:1290(para)
9689
9693
msgid ""
9690
9694
"Replace all instances of <emphasis>fs01.example.com/share</emphasis>, "
9691
9695
"<emphasis>//192.168.0.5/share</emphasis>, "
9816
9820
"given the opportunity to describe the bug in your own words."
9817
9821
msgstr ""
9818
9822
9819
#: serverguide/C/reporting-bugs.xml:114(userinput) serverguide/C/backups.xml:852(userinput)
9823
#: serverguide/C/reporting-bugs.xml:114(userinput) serverguide/C/backups.xml:858(userinput)
9820
9824
#, no-wrap
9821
9825
msgid "1"
9822
9826
msgstr "1"
10035
10039
"<application>Zentyal</application>."
10036
10040
msgstr ""
10037
10041
10038
#: serverguide/C/virtualization.xml:833(para) serverguide/C/remote-administration.xml:16(title)
10042
#: serverguide/C/remote-administration.xml:16(title)
10039
10043
msgid "OpenSSH Server"
10040
10044
msgstr "Strežnik OpenSSH"
10041
10045
10312
10316
msgid "Preconfiguration"
10313
10317
msgstr ""
10314
10318
10315
#: serverguide/C/remote-administration.xml:256(para)
10319
#: serverguide/C/remote-administration.xml:236(para)
10316
10320
msgid ""
10317
10321
"Prior to configuring <application>puppet</application> you may want to add a "
10318
10322
"DNS <emphasis>CNAME</emphasis> record for "
10323
10327
"linkend=\"dns\"/> for more DNS details."
10324
10328
msgstr ""
10325
10329
10326
#: serverguide/C/remote-administration.xml:263(para)
10330
#: serverguide/C/remote-administration.xml:243(para)
10327
10331
msgid ""
10328
10332
"If you do not wish to use DNS, you can add entries to the server and client "
10329
10333
"<filename>/etc/hosts</filename> file. For example, in the "
10339
10343
"192.168.1.17 puppetclient.example.com puppetclient\n"
10340
10344
msgstr ""
10341
10345
10342
#: serverguide/C/remote-administration.xml:273(para)
10346
#: serverguide/C/remote-administration.xml:253(para)
10343
10347
msgid ""
10344
10348
"On each <application>Puppet</application> client, add an entry for the "
10345
10349
"server:"
10352
10356
"192.168.1.16 puppetmaster.example.com puppetmaster puppet\n"
10353
10357
msgstr ""
10354
10358
10355
#: serverguide/C/remote-administration.xml:282(para)
10359
#: serverguide/C/remote-administration.xml:262(para)
10356
10360
msgid ""
10357
10361
"Replace the example IP addresses and domain names above with your actual "
10358
10362
"server and client addresses and domain names."
10359
10363
msgstr ""
10360
10364
10361
#: serverguide/C/remote-administration.xml:236(para)
10365
#: serverguide/C/remote-administration.xml:271(para)
10362
10366
msgid ""
10363
10367
"To install <application>Puppet</application>, in a terminal on the "
10364
10368
"<emphasis>server</emphasis> enter:"
10365
10369
msgstr ""
10366
10370
10367
#: serverguide/C/remote-administration.xml:241(command)
10371
#: serverguide/C/remote-administration.xml:276(command)
10368
10372
msgid "sudo apt-get install puppetmaster"
10369
10373
msgstr ""
10370
10374
10371
#: serverguide/C/remote-administration.xml:244(para)
10375
#: serverguide/C/remote-administration.xml:279(para)
10372
10376
msgid "On the <emphasis>client</emphasis> machine, or machines, enter:"
10373
10377
msgstr ""
10374
10378
10375
#: serverguide/C/remote-administration.xml:249(command)
10379
#: serverguide/C/remote-administration.xml:284(command)
10376
10380
msgid "sudo apt-get install puppet"
10377
10381
msgstr ""
10378
10382
10429
10433
"<application>Puppet</application> client's host name."
10430
10434
msgstr ""
10431
10435
10432
#: serverguide/C/remote-administration.xml:323(para)
10436
#: serverguide/C/remote-administration.xml:337(para)
10433
10437
msgid ""
10434
10438
"The final step for this simple <application>Puppet</application> server is "
10435
10439
"to restart the daemon:"
10439
10443
msgid "sudo service puppetmaster restart"
10440
10444
msgstr ""
10441
10445
10442
#: serverguide/C/remote-administration.xml:331(para)
10446
#: serverguide/C/remote-administration.xml:345(para)
10443
10447
msgid ""
10444
10448
"Now everything is configured on the <application>Puppet</application> "
10445
10449
"server, it is time to configure the client."
10452
10456
"<emphasis>START</emphasis> to yes:"
10453
10457
msgstr ""
10454
10458
10455
#: serverguide/C/remote-administration.xml:340(programlisting) serverguide/C/mail.xml:627(programlisting)
10459
#: serverguide/C/remote-administration.xml:354(programlisting) serverguide/C/mail.xml:685(programlisting)
10456
10460
#, no-wrap
10457
10461
msgid ""
10458
10462
"\n"
10459
10463
"START=yes\n"
10460
10464
msgstr ""
10461
10465
10462
#: serverguide/C/remote-administration.xml:344(para)
10466
#: serverguide/C/remote-administration.xml:358(para)
10463
10467
msgid "Then start the service:"
10464
10468
msgstr ""
10465
10469
10514
10518
"<application>Puppet</application> client."
10515
10519
msgstr ""
10516
10520
10517
#: serverguide/C/remote-administration.xml:366(para)
10521
#: serverguide/C/remote-administration.xml:406(para)
10518
10522
msgid ""
10519
10523
"This example is <emphasis>very</emphasis> simple, and does not highlight "
10520
10524
"many of <application>Puppet</application>'s features and benefits. For more "
10521
10525
"information see <xref linkend=\"puppet-resources\"/>."
10522
10526
msgstr ""
10523
10527
10524
#: serverguide/C/remote-administration.xml:378(para)
10528
#: serverguide/C/remote-administration.xml:418(para)
10525
10529
msgid ""
10526
10530
"See the <ulink url=\"http://docs.puppetlabs.com/\">Official Puppet "
10527
10531
"Documentation</ulink> web site."
10533
10537
"online repository of puppet modules."
10534
10538
msgstr ""
10535
10539
10536
#: serverguide/C/remote-administration.xml:383(para)
10540
#: serverguide/C/remote-administration.xml:428(para)
10537
10541
msgid ""
10538
10542
"Also see <ulink url=\"http://www.apress.com/9781430230571\">Pro "
10539
10543
"Puppet</ulink>."
10540
10544
msgstr ""
10541
10545
10542
#: serverguide/C/remote-administration.xml:397(title)
10546
#: serverguide/C/remote-administration.xml:437(title)
10543
10547
msgid "Zentyal"
10544
10548
msgstr ""
10545
10549
10546
#: serverguide/C/remote-administration.xml:399(para)
10550
#: serverguide/C/remote-administration.xml:439(para)
10547
10551
msgid ""
10548
10552
"<application>Zentyal</application> is a Linux small business server, that "
10549
10553
"can be configured as a Gateway, Infrastructure Manager, Unified Threat "
10570
10574
"them."
10571
10575
msgstr ""
10572
10576
10573
#: serverguide/C/remote-administration.xml:427(para)
10577
#: serverguide/C/remote-administration.xml:467(para)
10574
10578
msgid ""
10575
10579
"Zentyal 2.3 is available on Ubuntu 12.04 Universe repository. The modules "
10576
10580
"available are:"
10577
10581
msgstr ""
10578
10582
10579
#: serverguide/C/remote-administration.xml:434(para)
10583
#: serverguide/C/remote-administration.xml:474(para)
10580
10584
msgid ""
10581
10585
"zentyal-core & zentyal-common: the core of the "
10582
10586
"<application>Zentyal</application> interface and the common libraries of the "
10584
10588
"administrator an interface to view the logs and generate events from them."
10585
10589
msgstr ""
10586
10590
10587
#: serverguide/C/remote-administration.xml:443(para)
10591
#: serverguide/C/remote-administration.xml:483(para)
10588
10592
msgid ""
10589
10593
"zentyal-network: manages the configuration of the network. From the "
10590
10594
"interfaces (supporting static IP, DHCP, VLAN, bridges or PPPoE), to multiple "
10599
10603
"services (e.g. HTTP instead of 80/TCP)."
10600
10604
msgstr ""
10601
10605
10602
#: serverguide/C/remote-administration.xml:458(para)
10606
#: serverguide/C/remote-administration.xml:498(para)
10603
10607
msgid ""
10604
10608
"zentyal-firewall: configures the <application>iptables</application> rules "
10605
10609
"to block forbiden connections, NAT and port redirections."
10606
10610
msgstr ""
10607
10611
10608
#: serverguide/C/remote-administration.xml:464(para)
10612
#: serverguide/C/remote-administration.xml:504(para)
10609
10613
msgid ""
10610
10614
"zentyal-ntp: installs the NTP daemon to keep server on time and allow "
10611
10615
"network clients to synchronize their clocks against the server."
10612
10616
msgstr ""
10613
10617
10614
#: serverguide/C/remote-administration.xml:470(para)
10618
#: serverguide/C/remote-administration.xml:510(para)
10615
10619
msgid ""
10616
10620
"zentyal-dhcp: configures <application>ISC DHCP</application> server "
10617
10621
"supporting network ranges, static leases and other advanced options like "
10618
10622
"NTP, WINS, dynamic DNS updates and network boot with PXE."
10619
10623
msgstr ""
10620
10624
10621
#: serverguide/C/remote-administration.xml:477(para)
10625
#: serverguide/C/remote-administration.xml:517(para)
10622
10626
msgid ""
10623
10627
"zentyal-dns: brings <application>ISC Bind9</application> DNS server into "
10624
10628
"your server for caching local queries as a forwarder or as an authoritative "
10626
10630
"and SRV records."
10627
10631
msgstr ""
10628
10632
10629
#: serverguide/C/remote-administration.xml:485(para)
10633
#: serverguide/C/remote-administration.xml:525(para)
10630
10634
msgid ""
10631
10635
"zentyal-ca: integrates the management of a Certification Authority within "
10632
10636
"Zentyal so users can use certificates to authenticate against the services, "
10633
10637
"like with <application>OpenVPN</application>."
10634
10638
msgstr ""
10635
10639
10636
#: serverguide/C/remote-administration.xml:492(para)
10640
#: serverguide/C/remote-administration.xml:532(para)
10637
10641
msgid ""
10638
10642
"zentyal-openvpn: allows to configure multiple VPN servers and clients using "
10639
10643
"<application>OpenVPN</application> with dynamic routing configuration using "
10640
10644
"<application>Quagga</application>."
10641
10645
msgstr ""
10642
10646
10643
#: serverguide/C/remote-administration.xml:499(para)
10647
#: serverguide/C/remote-administration.xml:539(para)
10644
10648
msgid ""
10645
10649
"zentyal-users: provides an interface to configure and manage users and "
10646
10650
"groups on <application>OpenLDAP</application>. Other services on Zentyal are "
10649
10653
"<application>Microsoft Active Directory</application> domain."
10650
10654
msgstr ""
10651
10655
10652
#: serverguide/C/remote-administration.xml:509(para)
10656
#: serverguide/C/remote-administration.xml:549(para)
10653
10657
msgid ""
10654
10658
"zentyal-squid: configures <application>Squid</application> and "
10655
10659
"<application>Dansguardian</application> for speeding up browsing thanks to "
10656
10660
"the caching capabilities and content filtering."
10657
10661
msgstr ""
10658
10662
10659
#: serverguide/C/remote-administration.xml:516(para)
10663
#: serverguide/C/remote-administration.xml:556(para)
10660
10664
msgid ""
10661
10665
"zentyal-samba: allows <application>Samba</application> configuration and "
10662
10666
"integration with existing LDAP. From the same interface you can define "
10663
10667
"password policies, create shared resources and assign permissions."
10664
10668
msgstr ""
10665
10669
10666
#: serverguide/C/remote-administration.xml:524(para)
10670
#: serverguide/C/remote-administration.xml:564(para)
10667
10671
msgid ""
10668
10672
"zentyal-printers: integrates <application>CUPS</application> with "
10669
10673
"<application>Samba</application> and allows not only to configure the "
10670
10674
"printers but also give them permissions based on LDAP users and groups."
10671
10675
msgstr ""
10672
10676
10673
#: serverguide/C/remote-administration.xml:533(para)
10677
#: serverguide/C/remote-administration.xml:573(para)
10674
10678
msgid ""
10675
10679
"To install <application>Zentyal</application>, in a terminal on the "
10676
10680
"<emphasis>server</emphasis> enter (where <zentyal-module> is any of "
10677
10681
"the modules from the previous list):"
10678
10682
msgstr ""
10679
10683
10680
#: serverguide/C/remote-administration.xml:540(command)
10684
#: serverguide/C/remote-administration.xml:580(command)
10681
10685
msgid "sudo apt-get install <zentyal-module>"
10682
10686
msgstr ""
10683
10687
10684
#: serverguide/C/remote-administration.xml:544(para)
10688
#: serverguide/C/remote-administration.xml:584(para)
10685
10689
msgid ""
10686
10690
"<application>Zentyal</application> publishes one major stable release once a "
10687
10691
"year (in September) based on latest Ubuntu LTS release. Stable releases "
10701
10705
"Personal Package Archive (PPA)</ulink>."
10702
10706
msgstr ""
10703
10707
10704
#: serverguide/C/remote-administration.xml:566(para)
10708
#: serverguide/C/remote-administration.xml:606(para)
10705
10709
msgid ""
10706
10710
"Not present on Ubuntu Universe repositories, but on <ulink "
10707
10711
"url=\"https://launchpad.net/~zentyal/\">Zentyal Team PPA</ulink> you will "
10708
10712
"find these other modules:"
10709
10713
msgstr ""
10710
10714
10711
#: serverguide/C/remote-administration.xml:573(para)
10715
#: serverguide/C/remote-administration.xml:613(para)
10712
10716
msgid ""
10713
10717
"zentyal-antivirus: integrates <application>ClamAV</application> antivirus "
10714
10718
"with other modules like the proxy, file sharing or mailfilter."
10715
10719
msgstr ""
10716
10720
10717
#: serverguide/C/remote-administration.xml:580(para)
10721
#: serverguide/C/remote-administration.xml:620(para)
10718
10722
msgid ""
10719
10723
"zentyal-asterisk: configures <application>Asterisk</application> to provide "
10720
10724
"a simple PBX with LDAP based authentication."
10721
10725
msgstr ""
10722
10726
10723
#: serverguide/C/remote-administration.xml:586(para)
10727
#: serverguide/C/remote-administration.xml:626(para)
10724
10728
msgid ""
10725
10729
"zentyal-bwmonitor: allows to monitor bandwith usage of your LAN clients."
10726
10730
msgstr ""
10727
10731
10728
#: serverguide/C/remote-administration.xml:592(para)
10732
#: serverguide/C/remote-administration.xml:632(para)
10729
10733
msgid ""
10730
10734
"zentyal-captiveportal: integrates a captive portal with the firewall and "
10731
10735
"LDAP users and groups."
10732
10736
msgstr ""
10733
10737
10734
#: serverguide/C/remote-administration.xml:598(para)
10738
#: serverguide/C/remote-administration.xml:638(para)
10735
10739
msgid ""
10736
10740
"zentyal-ebackup: allows to make scheduled backups of your server using the "
10737
10741
"popular <application>duplicity</application> backup tool."
10738
10742
msgstr ""
10739
10743
10740
#: serverguide/C/remote-administration.xml:604(para)
10744
#: serverguide/C/remote-administration.xml:644(para)
10741
10745
msgid "zentyal-ftp: configures a FTP server with LDAP based authentication."
10742
10746
msgstr ""
10743
10747
10744
#: serverguide/C/remote-administration.xml:609(para)
10748
#: serverguide/C/remote-administration.xml:649(para)
10745
10749
msgid "zentyal-ids: integrates a network intrusion detection system."
10746
10750
msgstr ""
10747
10751
10748
#: serverguide/C/remote-administration.xml:614(para)
10752
#: serverguide/C/remote-administration.xml:654(para)
10749
10753
msgid ""
10750
10754
"zentyal-ipsec: allows to configure IPsec tunnels using "
10751
10755
"<application>OpenSwan</application>."
10752
10756
msgstr ""
10753
10757
10754
#: serverguide/C/remote-administration.xml:620(para)
10758
#: serverguide/C/remote-administration.xml:660(para)
10755
10759
msgid ""
10756
10760
"zentyal-jabber: integrates <application>ejabberd</application> XMPP server "
10757
10761
"with LDAP users and groups."
10758
10762
msgstr ""
10759
10763
10760
#: serverguide/C/remote-administration.xml:626(para)
10764
#: serverguide/C/remote-administration.xml:666(para)
10761
10765
msgid ""
10762
10766
"zentyal-thinclients: a <application>LTSP</application> based thin clients "
10763
10767
"solution."
10764
10768
msgstr ""
10765
10769
10766
#: serverguide/C/remote-administration.xml:632(para)
10770
#: serverguide/C/remote-administration.xml:672(para)
10767
10771
msgid ""
10768
10772
"zentyal-mail: a full mail stack including <application>Postfix "
10769
10773
"</application> and <application>Dovecot</application> with LDAP backend."
10770
10774
msgstr ""
10771
10775
10772
#: serverguide/C/remote-administration.xml:639(para)
10776
#: serverguide/C/remote-administration.xml:679(para)
10773
10777
msgid ""
10774
10778
"zentyal-mailfilter: configures <application>amavisd</application> with mail "
10775
10779
"stack to filter spam and attached virus."
10776
10780
msgstr ""
10777
10781
10778
#: serverguide/C/remote-administration.xml:645(para)
10782
#: serverguide/C/remote-administration.xml:685(para)
10779
10783
msgid ""
10780
10784
"zentyal-monitor: integrates <application>collectd</application> to monitor "
10781
10785
"server performance and running services."
10782
10786
msgstr ""
10783
10787
10784
#: serverguide/C/remote-administration.xml:651(para)
10788
#: serverguide/C/remote-administration.xml:691(para)
10785
10789
msgid ""
10786
10790
"zentyal-pptp: configures a <application>PPTP</application> VPN server."
10787
10791
msgstr ""
10788
10792
10789
#: serverguide/C/remote-administration.xml:656(para)
10793
#: serverguide/C/remote-administration.xml:696(para)
10790
10794
msgid ""
10791
10795
"zentyal-radius: integrates <application>FreeRADIUS</application> with LDAP "
10792
10796
"users and groups."
10793
10797
msgstr ""
10794
10798
10795
#: serverguide/C/remote-administration.xml:662(para)
10799
#: serverguide/C/remote-administration.xml:702(para)
10796
10800
msgid ""
10797
10801
"zentyal-software: simple interface to manage installed "
10798
10802
"<application>Zentyal</application> modules and system updates."
10799
10803
msgstr ""
10800
10804
10801
#: serverguide/C/remote-administration.xml:668(para)
10805
#: serverguide/C/remote-administration.xml:708(para)
10802
10806
msgid ""
10803
10807
"zentyal-trafficshaping: configures traffic limiting rules to do bandwidth "
10804
10808
"throttling and improve latency."
10805
10809
msgstr ""
10806
10810
10807
#: serverguide/C/remote-administration.xml:674(para)
10811
#: serverguide/C/remote-administration.xml:714(para)
10808
10812
msgid ""
10809
10813
"zentyal-usercorner: allows users to edit their own LDAP attributes using a "
10810
10814
"web browser."
10811
10815
msgstr ""
10812
10816
10813
#: serverguide/C/remote-administration.xml:680(para)
10817
#: serverguide/C/remote-administration.xml:720(para)
10814
10818
msgid ""
10815
10819
"zentyal-virt: simple interface to create and manage virtual machines based "
10816
10820
"on <application>libvirt</application>."
10817
10821
msgstr ""
10818
10822
10819
#: serverguide/C/remote-administration.xml:686(para)
10823
#: serverguide/C/remote-administration.xml:726(para)
10820
10824
msgid ""
10821
10825
"zentyal-webmail: allows to access your mail using the popular "
10822
10826
"<application>Roundcube</application> webmail."
10823
10827
msgstr ""
10824
10828
10825
#: serverguide/C/remote-administration.xml:692(para)
10829
#: serverguide/C/remote-administration.xml:732(para)
10826
10830
msgid ""
10827
10831
"zentyal-webserver: configures <application>Apache</application> webserver to "
10828
10832
"host different sites on your machine."
10829
10833
msgstr ""
10830
10834
10831
#: serverguide/C/remote-administration.xml:698(para)
10835
#: serverguide/C/remote-administration.xml:738(para)
10832
10836
msgid ""
10833
10837
"zentyal-zarafa: integrates <application>Zarafa</application> groupware suite "
10834
10838
"with <application>Zentyal</application> mail stack and LDAP."
10835
10839
msgstr ""
10836
10840
10837
#: serverguide/C/remote-administration.xml:710(title)
10841
#: serverguide/C/remote-administration.xml:750(title)
10838
10842
msgid "First steps"
10839
10843
msgstr ""
10840
10844
10841
#: serverguide/C/remote-administration.xml:712(para)
10845
#: serverguide/C/remote-administration.xml:752(para)
10842
10846
msgid ""
10843
10847
"Any system account belonging to the sudo group is allowed to log into "
10844
10848
"<application>Zentyal</application> web interface. If you are using the user "
10845
10849
"created during the installation, this should be in the sudo group by default."
10846
10850
msgstr ""
10847
10851
10848
#: serverguide/C/remote-administration.xml:720(para)
10852
#: serverguide/C/remote-administration.xml:760(para)
10849
10853
msgid "If you need to add another user to the sudo group, just execute:"
10850
10854
msgstr ""
10851
10855
10852
#: serverguide/C/remote-administration.xml:725(command)
10856
#: serverguide/C/remote-administration.xml:765(command)
10853
10857
msgid "sudo adduser username sudo"
10854
10858
msgstr ""
10855
10859
10856
#: serverguide/C/remote-administration.xml:729(para)
10860
#: serverguide/C/remote-administration.xml:769(para)
10857
10861
msgid ""
10858
10862
"To access <application>Zentyal</application> web interface, browse into "
10859
10863
"https://localhost/ (or the IP of your remote server). As Zentyal creates its "
10861
10865
"exception on your browser."
10862
10866
msgstr ""
10863
10867
10864
#: serverguide/C/remote-administration.xml:736(para)
10868
#: serverguide/C/remote-administration.xml:776(para)
10865
10869
msgid ""
10866
10870
"Once logged in you will see the dashboard with an overview of your server. "
10867
10871
"To configure any of the features of your installed modules, go to the "
10875
10879
"files."
10876
10880
msgstr ""
10877
10881
10878
#: serverguide/C/remote-administration.xml:750(para)
10882
#: serverguide/C/remote-administration.xml:790(para)
10879
10883
msgid ""
10880
10884
"If you need to customize any configuration file or run certain actions "
10881
10885
"(scripts or commands) to configure features not available on "
10884
10888
"/etc/zentyal/hooks/<module>.<action>."
10885
10889
msgstr ""
10886
10890
10887
#: serverguide/C/remote-administration.xml:763(para)
10891
#: serverguide/C/remote-administration.xml:803(para)
10888
10892
msgid ""
10889
10893
"<ulink url=\"http://doc.zentyal.org/\">Zentyal Official Documentation "
10890
10894
"</ulink> page."
10891
10895
msgstr ""
10892
10896
10893
#: serverguide/C/remote-administration.xml:767(para)
10897
#: serverguide/C/remote-administration.xml:807(para)
10894
10898
msgid ""
10895
10899
"See also <ulink url=\"http://trac.zentyal.org/wiki/Documentation\">Zentyal "
10896
10900
"Community Documentation</ulink> page."
10897
10901
msgstr ""
10898
10902
10899
#: serverguide/C/remote-administration.xml:771(para)
10903
#: serverguide/C/remote-administration.xml:811(para)
10900
10904
msgid ""
10901
10905
"And don't forget to visit the <ulink url=\"http://forum.zentyal.org/\">forum "
10902
10906
"</ulink> for community support, feedback, feature requests, etc."
10910
10914
msgid ""
10911
10915
"Ubuntu features a comprehensive package management system for installing, "
10912
10916
"upgrading, configuring, and removing software. In addition to providing "
10913
"access to an organized base of over 35,000 software packages for your Ubuntu "
10917
"access to an organized base of over 45,000 software packages for your Ubuntu "
10914
10918
"computer, the package management facilities also feature dependency "
10915
10919
"resolution capabilities and software update checking."
10916
10920
msgstr ""
10942
10946
10943
10947
#: serverguide/C/package-management.xml:25(para)
10944
10948
msgid ""
10945
"Many complex packages use the concept of <emphasis "
10949
"Many complex packages use <emphasis "
10946
10950
"role=\"italics\">dependencies</emphasis>. Dependencies are additional "
10947
10951
"packages required by the principal package in order to function properly. "
10948
10952
"For example, the speech synthesis package "
11267
11271
"menu."
11268
11272
msgstr ""
11269
11273
11270
#: serverguide/C/package-management.xml:246(para)
11274
#: serverguide/C/package-management.xml:263(para)
11271
11275
msgid "<emphasis role=\"bold\">i</emphasis>: Installed package"
11272
11276
msgstr "<emphasis role=\"bold\">i</emphasis>: Nameščen paket"
11273
11277
11274
#: serverguide/C/package-management.xml:251(para)
11278
#: serverguide/C/package-management.xml:268(para)
11275
11279
msgid ""
11276
11280
"<emphasis role=\"bold\">c</emphasis>: Package not installed, but package "
11277
11281
"configuration remains on system"
11278
11282
msgstr ""
11279
11283
11280
#: serverguide/C/package-management.xml:255(para)
11284
#: serverguide/C/package-management.xml:272(para)
11281
11285
msgid "<emphasis role=\"bold\">p</emphasis>: Purged from system"
11282
11286
msgstr ""
11283
11287
11284
#: serverguide/C/package-management.xml:259(para)
11288
#: serverguide/C/package-management.xml:276(para)
11285
11289
msgid "<emphasis role=\"bold\">v</emphasis>: Virtual package"
11286
11290
msgstr "<emphasis role=\"bold\">v</emphasis>: Navidezen paket"
11287
11291
11288
#: serverguide/C/package-management.xml:263(para)
11292
#: serverguide/C/package-management.xml:280(para)
11289
11293
msgid "<emphasis role=\"bold\">B</emphasis>: Broken package"
11290
11294
msgstr ""
11291
11295
11292
#: serverguide/C/package-management.xml:267(para)
11296
#: serverguide/C/package-management.xml:284(para)
11293
11297
msgid ""
11294
11298
"<emphasis role=\"bold\">u</emphasis>: Unpacked files, but package not yet "
11295
11299
"configured"
11296
11300
msgstr ""
11297
11301
11298
#: serverguide/C/package-management.xml:271(para)
11302
#: serverguide/C/package-management.xml:288(para)
11299
11303
msgid ""
11300
11304
"<emphasis role=\"bold\">C</emphasis>: Half-configured - Configuration failed "
11301
11305
"and requires fix"
11302
11306
msgstr ""
11303
11307
11304
#: serverguide/C/package-management.xml:275(para)
11308
#: serverguide/C/package-management.xml:292(para)
11305
11309
msgid ""
11306
11310
"<emphasis role=\"bold\">H</emphasis>: Half-installed - Removal failed and "
11307
11311
"requires fix"
11308
11312
msgstr ""
11309
11313
11310
#: serverguide/C/package-management.xml:243(para)
11314
#: serverguide/C/package-management.xml:260(para)
11311
11315
msgid ""
11312
11316
"The first column of information displayed in the package list in the top "
11313
11317
"pane, when actually viewing packages lists the current state of the package, "
11315
11319
"<placeholder-1/>"
11316
11320
msgstr ""
11317
11321
11318
#: serverguide/C/package-management.xml:281(para)
11322
#: serverguide/C/package-management.xml:298(para)
11319
11323
msgid ""
11320
11324
"To exit Aptitude, simply press the <keycap>q</keycap> key and confirm you "
11321
11325
"wish to exit. Many other functions are available from the Aptitude menu by "
11322
11326
"pressing the <keycap>F10</keycap> key."
11323
11327
msgstr ""
11324
11328
11325
#: serverguide/C/package-management.xml:284(title)
11329
#: serverguide/C/package-management.xml:301(title)
11326
11330
msgid "Command Line Aptitude"
11327
11331
msgstr ""
11328
11332
11329
#: serverguide/C/package-management.xml:285(para)
11333
#: serverguide/C/package-management.xml:302(para)
11330
11334
msgid ""
11331
11335
"You can also use <application>Aptitude</application> as a command-line tool, "
11332
11336
"similar to <application>apt-get</application>. To install the "
11340
11344
"of command line options for <application>Aptitude</application>."
11341
11345
msgstr ""
11342
11346
11343
#: serverguide/C/package-management.xml:298(title)
11347
#: serverguide/C/package-management.xml:315(title)
11344
11348
msgid "Automatic Updates"
11345
11349
msgstr "Samodejne posodobitve"
11346
11350
11347
#: serverguide/C/package-management.xml:300(para)
11351
#: serverguide/C/package-management.xml:317(para)
11348
11352
msgid ""
11349
11353
"The <application>unattended-upgrades</application> package can be used to "
11350
11354
"automatically install updated packages, and can be configured to update all "
11352
11356
"entering the following in a terminal:"
11353
11357
msgstr ""
11354
11358
11355
#: serverguide/C/package-management.xml:306(command)
11359
#: serverguide/C/package-management.xml:323(command)
11356
11360
msgid "sudo apt-get install unattended-upgrades"
11357
11361
msgstr "sudo apt-get install unattended-upgrades"
11358
11362
11359
#: serverguide/C/package-management.xml:309(para)
11363
#: serverguide/C/package-management.xml:326(para)
11360
11364
msgid ""
11361
11365
"To configure <application>unattended-upgrades</application>, edit "
11362
11366
"<filename>/etc/apt/apt.conf.d/50unattended-upgrades</filename> and adjust "
11373
11377
"};\n"
11374
11378
msgstr ""
11375
11379
11376
#: serverguide/C/package-management.xml:321(para)
11380
#: serverguide/C/package-management.xml:338(para)
11377
11381
msgid ""
11378
11382
"Certain packages can also be <emphasis>blacklisted</emphasis> and therefore "
11379
11383
"will not be automatically updated. To blacklist a package, add it to the "
11380
11384
"list:"
11381
11385
msgstr ""
11382
11386
11383
#: serverguide/C/package-management.xml:326(programlisting)
11387
#: serverguide/C/package-management.xml:343(programlisting)
11384
11388
#, no-wrap
11385
11389
msgid ""
11386
11390
"\n"
11392
11396
"};\n"
11393
11397
msgstr ""
11394
11398
11395
#: serverguide/C/package-management.xml:336(para)
11399
#: serverguide/C/package-management.xml:353(para)
11396
11400
msgid ""
11397
11401
"The double <emphasis><quote>//</quote></emphasis> serve as comments, so "
11398
11402
"whatever follows \"//\" will not be evaluated."
11399
11403
msgstr ""
11400
11404
11401
#: serverguide/C/package-management.xml:341(para)
11405
#: serverguide/C/package-management.xml:358(para)
11402
11406
msgid ""
11403
11407
"To enable automatic updates, edit "
11404
11408
"<filename>/etc/apt/apt.conf.d/10periodic</filename> and set the appropriate "
11405
11409
"<application>apt</application> configuration options:"
11406
11410
msgstr ""
11407
11411
11408
#: serverguide/C/package-management.xml:345(programlisting)
11412
#: serverguide/C/package-management.xml:362(programlisting)
11409
11413
#, no-wrap
11410
11414
msgid ""
11411
11415
"\n"
11415
11419
"APT::Periodic::Unattended-Upgrade \"1\";\n"
11416
11420
msgstr ""
11417
11421
11418
#: serverguide/C/package-management.xml:352(para)
11422
#: serverguide/C/package-management.xml:369(para)
11419
11423
msgid ""
11420
11424
"The above configuration updates the package list, downloads, and installs "
11421
11425
"available upgrades every day. The local download archive is cleaned every "
11422
11426
"week."
11423
11427
msgstr ""
11424
11428
11425
#: serverguide/C/package-management.xml:358(para)
11429
#: serverguide/C/package-management.xml:375(para)
11426
11430
msgid ""
11427
11431
"You can read more about <application>apt</application> Periodic "
11428
11432
"configuration options in the <filename>/etc/cron.daily/apt</filename> script "
11429
11433
"header."
11430
11434
msgstr ""
11431
11435
11432
#: serverguide/C/package-management.xml:363(para)
11436
#: serverguide/C/package-management.xml:380(para)
11433
11437
msgid ""
11434
11438
"The results of <application>unattended-upgrades</application> will be logged "
11435
11439
"to <filename>/var/log/unattended-upgrades</filename>."
11436
11440
msgstr ""
11437
11441
11438
#: serverguide/C/package-management.xml:368(title)
11442
#: serverguide/C/package-management.xml:385(title)
11439
11443
msgid "Notifications"
11440
11444
msgstr "Obvestila"
11441
11445
11442
#: serverguide/C/package-management.xml:370(para)
11446
#: serverguide/C/package-management.xml:387(para)
11443
11447
msgid ""
11444
11448
"Configuring <emphasis>Unattended-Upgrade::Mail</emphasis> in "
11445
11449
"<filename>/etc/apt/apt.conf.d/50unattended-upgrades</filename> will enable "
11447
11451
"detailing any packages that need upgrading or have problems."
11448
11452
msgstr ""
11449
11453
11450
#: serverguide/C/package-management.xml:375(para)
11454
#: serverguide/C/package-management.xml:392(para)
11451
11455
msgid ""
11452
11456
"Another useful package is <application>apticron</application>. "
11453
11457
"<application>apticron</application> will configure a "
11456
11460
"summary of changes in each package."
11457
11461
msgstr ""
11458
11462
11459
#: serverguide/C/package-management.xml:381(para)
11463
#: serverguide/C/package-management.xml:398(para)
11460
11464
msgid ""
11461
11465
"To install the <application>apticron</application> package, in a terminal "
11462
11466
"enter:"
11463
11467
msgstr ""
11464
11468
11465
#: serverguide/C/package-management.xml:386(command)
11469
#: serverguide/C/package-management.xml:403(command)
11466
11470
msgid "sudo apt-get install apticron"
11467
11471
msgstr "sudo apt-get install apticron"
11468
11472
11469
#: serverguide/C/package-management.xml:389(para)
11473
#: serverguide/C/package-management.xml:406(para)
11470
11474
msgid ""
11471
11475
"Once the package is installed edit "
11472
11476
"<filename>/etc/apticron/apticron.conf</filename>, to set the email address "
11473
11477
"and other options:"
11474
11478
msgstr ""
11475
11479
11476
#: serverguide/C/package-management.xml:393(programlisting)
11480
#: serverguide/C/package-management.xml:410(programlisting)
11477
11481
#, no-wrap
11478
11482
msgid ""
11479
11483
"\n"
11482
11486
"\n"
11483
11487
"EMAIL=\"skrbnik@primer.si\"\n"
11484
11488
11485
#: serverguide/C/package-management.xml:402(para)
11489
#: serverguide/C/package-management.xml:419(para)
11486
11490
msgid ""
11487
11491
"Configuration of the <emphasis>Advanced Packaging Tool</emphasis> (APT) "
11488
11492
"system repositories is stored in the "
11492
11496
"repository references from the file."
11493
11497
msgstr ""
11494
11498
11495
#: serverguide/C/package-management.xml:411(para)
11499
#: serverguide/C/package-management.xml:424(para)
11496
11500
msgid ""
11497
11501
"You may edit the file to enable repositories or disable them. For example, "
11498
11502
"to disable the requirement of inserting the Ubuntu CD-ROM whenever package "
11509
11513
"main restricted\n"
11510
11514
msgstr ""
11511
11515
11512
#: serverguide/C/package-management.xml:422(title)
11516
#: serverguide/C/package-management.xml:435(title)
11513
11517
msgid "Extra Repositories"
11514
11518
msgstr "Dodatna skladišča"
11515
11519
11516
#: serverguide/C/package-management.xml:423(para)
11520
#: serverguide/C/package-management.xml:436(para)
11517
11521
msgid ""
11518
11522
"In addition to the officially supported package repositories available for "
11519
11523
"Ubuntu, there exist additional community-maintained repositories which add "
11524
11528
"which are safe for use with your Ubuntu computer."
11525
11529
msgstr ""
11526
11530
11527
#: serverguide/C/package-management.xml:426(para)
11531
#: serverguide/C/package-management.xml:439(para)
11528
11532
msgid ""
11529
11533
"Packages in the <emphasis>Multiverse</emphasis> repository often have "
11530
11534
"licensing issues that prevent them from being distributed with a free "
11531
11535
"operating system, and they may be illegal in your locality."
11532
11536
msgstr ""
11533
11537
11534
#: serverguide/C/package-management.xml:428(para)
11538
#: serverguide/C/package-management.xml:441(para)
11535
11539
msgid ""
11536
11540
"Be advised that neither the <emphasis>Universe</emphasis> or "
11537
11541
"<emphasis>Multiverse</emphasis> repositories contain officially supported "
11539
11543
"packages."
11540
11544
msgstr ""
11541
11545
11542
#: serverguide/C/package-management.xml:432(para)
11546
#: serverguide/C/package-management.xml:445(para)
11543
11547
msgid ""
11544
11548
"Many other package sources are available, sometimes even offering only one "
11545
11549
"package, as in the case of package sources provided by the developer of a "
11550
11554
"functional in some respects."
11551
11555
msgstr ""
11552
11556
11553
#: serverguide/C/package-management.xml:435(para)
11557
#: serverguide/C/package-management.xml:448(para)
11554
11558
msgid ""
11555
11559
"By default, the <emphasis>Universe</emphasis> and "
11556
11560
"<emphasis>Multiverse</emphasis> repositories are enabled but if you would "
11581
11585
"deb-src http://security.ubuntu.com/ubuntu trusty-security multiverse\n"
11582
11586
msgstr ""
11583
11587
11584
#: serverguide/C/package-management.xml:468(para)
11588
#: serverguide/C/package-management.xml:481(para)
11585
11589
msgid ""
11586
11590
"Most of the material covered in this chapter is available in "
11587
11591
"<application>man</application> pages, many of which are available online."
11588
11592
msgstr ""
11589
11593
11590
#: serverguide/C/package-management.xml:475(para)
11594
#: serverguide/C/package-management.xml:488(para)
11591
11595
msgid ""
11592
11596
"The <ulink "
11593
11597
"url=\"https://help.ubuntu.com/community/InstallingSoftware\">InstallingSoftwa"
11617
11621
"ude man page</ulink> for more <application>aptitude</application> options."
11618
11622
msgstr ""
11619
11623
11620
#: serverguide/C/package-management.xml:499(para)
11624
#: serverguide/C/package-management.xml:512(para)
11621
11625
msgid ""
11622
11626
"The <ulink "
11623
11627
"url=\"https://help.ubuntu.com/community/Repositories/Ubuntu\">Adding "
11684
11688
"reboots (e.g.: after a kernel upgrade)."
11685
11689
msgstr ""
11686
11690
11687
#: serverguide/C/other-apps.xml:44(para)
11691
#: serverguide/C/other-apps.xml:61(para)
11688
11692
msgid ""
11689
11693
"<application>pam_motd</application> executes the scripts in "
11690
11694
"<filename>/etc/update-motd.d</filename> in order based on the number "
11693
11697
"concatenated with <filename>/etc/motd.tail</filename>."
11694
11698
msgstr ""
11695
11699
11696
#: serverguide/C/other-apps.xml:50(para)
11700
#: serverguide/C/other-apps.xml:67(para)
11697
11701
msgid ""
11698
11702
"You can add your own dynamic information to the MOTD. For example, to add "
11699
11703
"local weather information:"
11700
11704
msgstr ""
11701
11705
11702
#: serverguide/C/other-apps.xml:56(para)
11706
#: serverguide/C/other-apps.xml:73(para)
11703
11707
msgid "First, install the <application>weather-util</application> package:"
11704
11708
msgstr "Najprej namestite paket <application>weather-util</application>:"
11705
11709
11706
#: serverguide/C/other-apps.xml:61(command)
11710
#: serverguide/C/other-apps.xml:78(command)
11707
11711
msgid "sudo apt-get install weather-util"
11708
11712
msgstr "sudo apt-get install weather-util"
11709
11713
11710
#: serverguide/C/other-apps.xml:66(para)
11714
#: serverguide/C/other-apps.xml:83(para)
11711
11715
msgid ""
11712
11716
"The <application>weather</application> utility uses METAR data from the "
11713
11717
"National Oceanic and Atmospheric Administration and forecasts from the "
11717
11721
"Weather Service</ulink> site."
11718
11722
msgstr ""
11719
11723
11720
#: serverguide/C/other-apps.xml:73(para)
11724
#: serverguide/C/other-apps.xml:90(para)
11721
11725
msgid ""
11722
11726
"Although the National Weather Service is a United States government agency "
11723
11727
"there are weather stations available world wide. However, local weather "
11724
11728
"information for all locations outside the U.S. may not be available."
11725
11729
msgstr ""
11726
11730
11727
#: serverguide/C/other-apps.xml:79(para)
11731
#: serverguide/C/other-apps.xml:96(para)
11728
11732
msgid ""
11729
11733
"Create <filename>/usr/local/bin/local-weather</filename>, a simple shell "
11730
11734
"script to use <application>weather</application> with your local ICAO "
11731
11735
"indicator:"
11732
11736
msgstr ""
11733
11737
11734
#: serverguide/C/other-apps.xml:84(programlisting)
11738
#: serverguide/C/other-apps.xml:101(programlisting)
11735
11739
#, no-wrap
11736
11740
msgid ""
11737
11741
"\n"
11751
11755
"\n"
11752
11756
msgstr ""
11753
11757
11754
#: serverguide/C/other-apps.xml:102(para)
11758
#: serverguide/C/other-apps.xml:119(para)
11755
11759
msgid "Make the script executable:"
11756
11760
msgstr ""
11757
11761
11758
#: serverguide/C/other-apps.xml:107(command)
11762
#: serverguide/C/other-apps.xml:124(command)
11759
11763
msgid "sudo chmod 755 /usr/local/bin/local-weather"
11760
11764
msgstr "sudo chmod 755 /usr/local/bin/local-weather"
11761
11765
11762
#: serverguide/C/other-apps.xml:111(para)
11766
#: serverguide/C/other-apps.xml:128(para)
11763
11767
msgid ""
11764
11768
"Next, create a symlink to <filename>/etc/update-motd.d/98-local-"
11765
11769
"weather</filename>:"
11766
11770
msgstr ""
11767
11771
11768
#: serverguide/C/other-apps.xml:116(command)
11772
#: serverguide/C/other-apps.xml:133(command)
11769
11773
msgid ""
11770
11774
"sudo ln -s /usr/local/bin/local-weather /etc/update-motd.d/98-local-weather"
11771
11775
msgstr ""
11772
11776
11773
#: serverguide/C/other-apps.xml:120(para)
11777
#: serverguide/C/other-apps.xml:137(para)
11774
11778
msgid "Finally, exit the server and re-login to view the new MOTD."
11775
11779
msgstr ""
11776
11780
11777
#: serverguide/C/other-apps.xml:126(para)
11781
#: serverguide/C/other-apps.xml:143(para)
11778
11782
msgid ""
11779
11783
"You should now be greeted with some useful information, and some information "
11780
11784
"about the local weather that may not be quite so useful. Hopefully the "
11790
11794
"<application>update-motd</application>."
11791
11795
msgstr ""
11792
11796
11793
#: serverguide/C/other-apps.xml:338(para)
11797
#: serverguide/C/other-apps.xml:163(para)
11794
11798
msgid ""
11795
11799
"The Debian Package of the Day <ulink "
11796
11800
"url=\"http://debaday.debian.net/2007/10/04/weather-check-weather-conditions-"
11798
11802
"details about using the <application>weather</application>utility."
11799
11803
msgstr ""
11800
11804
11801
#: serverguide/C/other-apps.xml:134(title)
11805
#: serverguide/C/other-apps.xml:178(title)
11802
11806
msgid "etckeeper"
11803
11807
msgstr "etckeeper"
11804
11808
11814
11818
"possible."
11815
11819
msgstr ""
11816
11820
11817
#: serverguide/C/other-apps.xml:144(para)
11821
#: serverguide/C/other-apps.xml:188(para)
11818
11822
msgid ""
11819
11823
"Install <application>etckeeper</application> by entering the following in a "
11820
11824
"terminal:"
11821
11825
msgstr ""
11822
11826
11823
#: serverguide/C/other-apps.xml:149(command)
11827
#: serverguide/C/other-apps.xml:193(command)
11824
11828
msgid "sudo apt-get install etckeeper"
11825
11829
msgstr "sudo apt-get install etckeeper"
11826
11830
11835
11839
"It is possible to undo this by entering the following command:"
11836
11840
msgstr ""
11837
11841
11838
#: serverguide/C/other-apps.xml:162(command)
11842
#: serverguide/C/other-apps.xml:204(command)
11839
11843
msgid "sudo etckeeper uninit"
11840
11844
msgstr "sudo etckeeper uninit"
11841
11845
11842
#: serverguide/C/other-apps.xml:165(para)
11846
#: serverguide/C/other-apps.xml:207(para)
11843
11847
msgid ""
11844
11848
"By default, etckeeper will commit uncommitted changes made to /etc daily. "
11845
11849
"This can be disabled using the AVOID_DAILY_AUTOCOMMITS configuration option. "
11848
11852
"commit your changes manually, together with a commit message, using:"
11849
11853
msgstr ""
11850
11854
11851
#: serverguide/C/other-apps.xml:174(command)
11855
#: serverguide/C/other-apps.xml:214(command)
11852
11856
msgid "sudo etckeeper commit \"..Reason for configuration change..\""
11853
11857
msgstr ""
11854
11858
11856
11860
msgid "Using bzr's VCS commands you can view log information:"
11857
11861
msgstr ""
11858
11862
11859
#: serverguide/C/other-apps.xml:182(command)
11863
#: serverguide/C/other-apps.xml:222(command)
11860
11864
msgid "sudo bzr log /etc/passwd"
11861
11865
msgstr "sudo bzr log /etc/passwd"
11862
11866
11866
11870
"install <application>postfix</application>:"
11867
11871
msgstr ""
11868
11872
11869
#: serverguide/C/other-apps.xml:190(command) serverguide/C/mail.xml:43(command)
11873
#: serverguide/C/other-apps.xml:230(command) serverguide/C/mail.xml:43(command)
11870
11874
msgid "sudo apt-get install postfix"
11871
11875
msgstr "sudo apt-get install postfix"
11872
11876
11873
#: serverguide/C/other-apps.xml:193(para)
11877
#: serverguide/C/other-apps.xml:233(para)
11874
11878
msgid ""
11875
11879
"When the installation is finished, all the "
11876
11880
"<application>postfix</application> configuration files should be committed "
11877
11881
"to the repository:"
11878
11882
msgstr ""
11879
11883
11880
#: serverguide/C/other-apps.xml:199(computeroutput)
11884
#: serverguide/C/other-apps.xml:239(computeroutput)
11881
11885
#, no-wrap
11882
11886
msgid ""
11883
11887
"Committing to: /etc/\n"
11920
11924
"Committed revision 2."
11921
11925
msgstr ""
11922
11926
11923
#: serverguide/C/other-apps.xml:239(para)
11927
#: serverguide/C/other-apps.xml:279(para)
11924
11928
msgid ""
11925
11929
"For an example of how <application>etckeeper</application> tracks manual "
11926
11930
"changes, add new a host to <filename>/etc/hosts</filename>. Using "
11927
11931
"<application>bzr</application> you can see which files have been modified:"
11928
11932
msgstr ""
11929
11933
11930
#: serverguide/C/other-apps.xml:245(command)
11934
#: serverguide/C/other-apps.xml:285(command)
11931
11935
msgid "sudo bzr status /etc/"
11932
11936
msgstr "sudo bzr status /etc/"
11933
11937
11934
#: serverguide/C/other-apps.xml:246(computeroutput)
11938
#: serverguide/C/other-apps.xml:286(computeroutput)
11935
11939
#, no-wrap
11936
11940
msgid ""
11937
11941
"modified:\n"
11938
11942
" hosts"
11939
11943
msgstr ""
11940
11944
11941
#: serverguide/C/other-apps.xml:250(para)
11945
#: serverguide/C/other-apps.xml:290(para)
11942
11946
msgid "Now commit the changes:"
11943
11947
msgstr ""
11944
11948
11946
11950
msgid "sudo etckeeper commit \"added new host\""
11947
11951
msgstr ""
11948
11952
11949
#: serverguide/C/other-apps.xml:258(para)
11953
#: serverguide/C/other-apps.xml:298(para)
11950
11954
msgid ""
11951
11955
"For more information on <application>bzr</application> see <xref "
11952
11956
"linkend=\"bazaar\"/>."
11954
11958
"Za več podatkov o <application>bzr</application> si oglejte <xref "
11955
11959
"linkend=\"bazaar\"/>."
11956
11960
11957
#: serverguide/C/other-apps.xml:345(para)
11958
msgid ""
11959
"See the <ulink "
11960
"url=\"http://kitenet.net/~joey/code/etckeeper/\">etckeeper</ulink> site for "
11961
"more details on using <application>etckeeper</application>."
11962
msgstr ""
11963
11964
#: serverguide/C/other-apps.xml:351(para)
11965
msgid ""
11966
"The <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
11967
"Ubuntu Wiki</ulink> page."
11968
msgstr ""
11969
"Stran <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
11970
"na Ubuntu Wiki</ulink>."
11971
11972
#: serverguide/C/other-apps.xml:356(para)
11961
#: serverguide/C/other-apps.xml:310(para)
11962
msgid ""
11963
"See the <ulink url=\"http://etckeeper.branchable.com/\">etckeeper</ulink> "
11964
"site for more details on using <application>etckeeper</application>."
11965
msgstr ""
11966
11967
#: serverguide/C/other-apps.xml:317(para)
11973
11968
msgid ""
11974
11969
"For the latest news and information about <application>bzr</application> see "
11975
11970
"the <ulink url=\"http://bazaar-vcs.org/\">bzr</ulink> web site."
11976
11971
msgstr ""
11977
11972
11978
#: serverguide/C/other-apps.xml:264(title)
11973
#: serverguide/C/other-apps.xml:329(title)
11979
11974
msgid "Byobu"
11980
11975
msgstr "Byobu"
11981
11976
11982
#: serverguide/C/other-apps.xml:337(para)
11977
#: serverguide/C/other-apps.xml:331(para)
11983
11978
msgid ""
11984
11979
"One of the most useful applications for any system administrator is an xterm "
11985
11980
"multiplexor such as <application>screen</application> or "
11991
11986
"changed by the user."
11992
11987
msgstr ""
11993
11988
11994
#: serverguide/C/other-apps.xml:344(para)
11989
#: serverguide/C/other-apps.xml:338(para)
11995
11990
msgid "Invoke it simply with:"
11996
11991
msgstr ""
11997
11992
11998
#: serverguide/C/other-apps.xml:349(command)
11993
#: serverguide/C/other-apps.xml:343(command)
11999
11994
msgid "byobu"
12000
11995
msgstr ""
12001
11996
12002
#: serverguide/C/other-apps.xml:352(para)
11997
#: serverguide/C/other-apps.xml:346(para)
12003
11998
msgid ""
12004
11999
"Now bring up the configuration menu. By default this is done by pressing the "
12005
12000
"<emphasis>F9</emphasis> key. This will allow you to:"
12006
12001
msgstr ""
12007
12002
12008
#: serverguide/C/other-apps.xml:279(para)
12003
#: serverguide/C/other-apps.xml:351(para)
12009
12004
msgid "View the Help menu"
12010
12005
msgstr ""
12011
12006
12012
#: serverguide/C/other-apps.xml:280(para)
12007
#: serverguide/C/other-apps.xml:352(para)
12013
12008
msgid "Change Byobu's background color"
12014
12009
msgstr ""
12015
12010
12016
#: serverguide/C/other-apps.xml:281(para)
12011
#: serverguide/C/other-apps.xml:353(para)
12017
12012
msgid "Change Byobu's foreground color"
12018
12013
msgstr ""
12019
12014
12020
#: serverguide/C/other-apps.xml:282(para)
12015
#: serverguide/C/other-apps.xml:354(para)
12021
12016
msgid "Toggle status notifications"
12022
12017
msgstr ""
12023
12018
12024
#: serverguide/C/other-apps.xml:283(para)
12019
#: serverguide/C/other-apps.xml:355(para)
12025
12020
msgid "Change the key binding set"
12026
12021
msgstr ""
12027
12022
12028
#: serverguide/C/other-apps.xml:284(para)
12023
#: serverguide/C/other-apps.xml:356(para)
12029
12024
msgid "Change the escape sequence"
12030
12025
msgstr ""
12031
12026
12032
#: serverguide/C/other-apps.xml:285(para)
12027
#: serverguide/C/other-apps.xml:357(para)
12033
12028
msgid "Create new windows"
12034
12029
msgstr ""
12035
12030
12036
#: serverguide/C/other-apps.xml:286(para)
12031
#: serverguide/C/other-apps.xml:358(para)
12037
12032
msgid "Manage the default windows"
12038
12033
msgstr ""
12039
12034
12040
#: serverguide/C/other-apps.xml:287(para)
12035
#: serverguide/C/other-apps.xml:359(para)
12041
12036
msgid "Byobu currently does not launch at login (toggle on)"
12042
12037
msgstr ""
12043
12038
12044
#: serverguide/C/other-apps.xml:290(para)
12039
#: serverguide/C/other-apps.xml:362(para)
12045
12040
msgid ""
12046
12041
"The <emphasis>key bindings</emphasis> determine such things as the escape "
12047
12042
"sequence, new window, change window, etc. There are two key binding sets to "
12050
12045
"<emphasis>none</emphasis> set."
12051
12046
msgstr ""
12052
12047
12053
#: serverguide/C/other-apps.xml:296(para)
12048
#: serverguide/C/other-apps.xml:368(para)
12054
12049
msgid ""
12055
12050
"<application>byobu</application> provides a menu which displays the Ubuntu "
12056
12051
"release, processor information, memory information, and the time and date. "
12057
12052
"The effect is similar to a desktop menu."
12058
12053
msgstr ""
12059
12054
12060
#: serverguide/C/other-apps.xml:301(para)
12055
#: serverguide/C/other-apps.xml:373(para)
12061
12056
msgid ""
12062
12057
"Using the <emphasis>\"Byobu currently does not launch at login (toggle "
12063
12058
"on)\"</emphasis> option will cause <application>byobu</application> to be "
12066
12061
"affect other users on the system."
12067
12062
msgstr ""
12068
12063
12069
#: serverguide/C/other-apps.xml:307(para)
12064
#: serverguide/C/other-apps.xml:379(para)
12070
12065
msgid ""
12071
12066
"One difference when using byobu is the <emphasis>scrollback</emphasis> mode. "
12072
12067
"Press the <emphasis>F7</emphasis> key to enter scrollback mode. Scrollback "
12074
12069
"commands. Here is a quick list of movement commands:"
12075
12070
msgstr ""
12076
12071
12077
#: serverguide/C/other-apps.xml:314(para)
12072
#: serverguide/C/other-apps.xml:386(para)
12078
12073
msgid "<emphasis>h</emphasis> - Move the cursor left by one character"
12079
12074
msgstr ""
12080
12075
12081
#: serverguide/C/other-apps.xml:315(para)
12076
#: serverguide/C/other-apps.xml:387(para)
12082
12077
msgid "<emphasis>j</emphasis> - Move the cursor down by one line"
12083
12078
msgstr ""
12084
12079
12085
#: serverguide/C/other-apps.xml:316(para)
12080
#: serverguide/C/other-apps.xml:388(para)
12086
12081
msgid "<emphasis>k</emphasis> - Move the cursor up by one line"
12087
12082
msgstr ""
12088
12083
12089
#: serverguide/C/other-apps.xml:317(para)
12084
#: serverguide/C/other-apps.xml:389(para)
12090
12085
msgid "<emphasis>l</emphasis> - Move the cursor right by one character"
12091
12086
msgstr ""
12092
12087
12093
#: serverguide/C/other-apps.xml:318(para)
12088
#: serverguide/C/other-apps.xml:390(para)
12094
12089
msgid "<emphasis>0</emphasis> - Move to the beginning of the current line"
12095
12090
msgstr ""
12096
12091
12097
#: serverguide/C/other-apps.xml:319(para)
12092
#: serverguide/C/other-apps.xml:391(para)
12098
12093
msgid "<emphasis>$</emphasis> - Move to the end of the current line"
12099
12094
msgstr ""
12100
12095
12101
#: serverguide/C/other-apps.xml:320(para)
12096
#: serverguide/C/other-apps.xml:392(para)
12102
12097
msgid ""
12103
12098
"<emphasis>G</emphasis> - Moves to the specified line (defaults to the end of "
12104
12099
"the buffer)"
12105
12100
msgstr ""
12106
12101
12107
#: serverguide/C/other-apps.xml:321(para)
12102
#: serverguide/C/other-apps.xml:393(para)
12108
12103
msgid "<emphasis>/</emphasis> - Search forward"
12109
12104
msgstr "<emphasis>/</emphasis> - Išči naprej"
12110
12105
12111
#: serverguide/C/other-apps.xml:322(para)
12106
#: serverguide/C/other-apps.xml:394(para)
12112
12107
msgid "<emphasis>?</emphasis> - Search backward"
12113
12108
msgstr "<emphasis>?</emphasis> - Išči nazaj"
12114
12109
12115
#: serverguide/C/other-apps.xml:401(para)
12110
#: serverguide/C/other-apps.xml:395(para)
12116
12111
msgid ""
12117
12112
"<emphasis>n</emphasis> - Moves to the next match, either forward or backward"
12118
12113
msgstr ""
12119
12114
12120
#: serverguide/C/other-apps.xml:361(para)
12115
#: serverguide/C/other-apps.xml:403(para)
12121
12116
msgid ""
12122
12117
"For more information on <application>screen</application> see the <ulink "
12123
12118
"url=\"http://www.gnu.org/software/screen/\">screen web site</ulink>."
12124
12119
msgstr ""
12125
12120
12126
#: serverguide/C/other-apps.xml:366(para)
12121
#: serverguide/C/other-apps.xml:408(para)
12127
12122
msgid ""
12128
12123
"And the <ulink url=\"https://help.ubuntu.com/community/Screen\">Ubuntu Wiki "
12129
12124
"screen</ulink> page."
12131
12126
"In stran <ulink url=\"https://help.ubuntu.com/community/Screen\">screen na "
12132
12127
"Ubuntu Wiki</ulink>."
12133
12128
12134
#: serverguide/C/other-apps.xml:371(para)
12129
#: serverguide/C/other-apps.xml:413(para)
12135
12130
msgid ""
12136
12131
"Also, see the <application>byobu</application><ulink "
12137
12132
"url=\"https://launchpad.net/byobu\">project page</ulink> for more "
12153
12148
"discussion of popular network protocols."
12154
12149
msgstr ""
12155
12150
12156
#: serverguide/C/virtualization.xml:3853(title) serverguide/C/network-config.xml:25(title)
12151
#: serverguide/C/network-config.xml:25(title)
12157
12152
msgid "Network Configuration"
12158
12153
msgstr ""
12159
12154
12436
12431
"persistent way to do DNS client configuration is in a following section."
12437
12432
msgstr ""
12438
12433
12439
#: serverguide/C/network-config.xml:224(programlisting)
12434
#: serverguide/C/network-config.xml:226(programlisting)
12440
12435
#, no-wrap
12441
12436
msgid ""
12442
12437
"\n"
12447
12442
"nameserver 8.8.8.8\n"
12448
12443
"nameserver 8.8.4.4\n"
12449
12444
12450
#: serverguide/C/network-config.xml:228(para)
12445
#: serverguide/C/network-config.xml:230(para)
12451
12446
msgid ""
12452
12447
"If you no longer need this configuration and wish to purge all IP "
12453
12448
"configuration from an interface, you can use the "
12454
12449
"<application>ip</application> command with the flush option as shown below."
12455
12450
msgstr ""
12456
12451
12457
#: serverguide/C/network-config.xml:234(command)
12452
#: serverguide/C/network-config.xml:236(command)
12458
12453
msgid "ip addr flush eth0"
12459
12454
msgstr "ip addr flush eth0"
12460
12455
12468
12463
"<filename>/run/resolvconf/resolv.conf</filename>, to be re-written."
12469
12464
msgstr ""
12470
12465
12471
#: serverguide/C/network-config.xml:245(title)
12466
#: serverguide/C/network-config.xml:249(title)
12472
12467
msgid "Dynamic IP Address Assignment (DHCP Client)"
12473
12468
msgstr ""
12474
12469
12475
#: serverguide/C/network-config.xml:246(para)
12470
#: serverguide/C/network-config.xml:250(para)
12476
12471
msgid ""
12477
12472
"To configure your server to use DHCP for dynamic address assignment, add the "
12478
12473
"<emphasis role=\"italic\">dhcp</emphasis> method to the inet address family "
12482
12477
"role=\"italic\">eth0</emphasis>."
12483
12478
msgstr ""
12484
12479
12485
#: serverguide/C/network-config.xml:253(programlisting)
12480
#: serverguide/C/network-config.xml:257(programlisting)
12486
12481
#, no-wrap
12487
12482
msgid ""
12488
12483
"\n"
12493
12488
"auto eth0\n"
12494
12489
"iface eth0 inet dhcp\n"
12495
12490
12496
#: serverguide/C/network-config.xml:257(para)
12491
#: serverguide/C/network-config.xml:261(para)
12497
12492
msgid ""
12498
12493
"By adding an interface configuration as shown above, you can manually enable "
12499
12494
"the interface through the <application>ifup</application> command which "
12500
12495
"initiates the DHCP process via <application>dhclient</application>."
12501
12496
msgstr ""
12502
12497
12503
#: serverguide/C/network-config.xml:263(command) serverguide/C/network-config.xml:298(command)
12498
#: serverguide/C/network-config.xml:267(command) serverguide/C/network-config.xml:302(command)
12504
12499
msgid "sudo ifup eth0"
12505
12500
msgstr "sudo ifup eth0"
12506
12501
12507
#: serverguide/C/network-config.xml:265(para)
12502
#: serverguide/C/network-config.xml:269(para)
12508
12503
msgid ""
12509
12504
"To manually disable the interface, you can use the "
12510
12505
"<application>ifdown</application> command, which in turn will initiate the "
12511
12506
"DHCP release process and shut down the interface."
12512
12507
msgstr ""
12513
12508
12514
#: serverguide/C/network-config.xml:271(command) serverguide/C/network-config.xml:305(command)
12509
#: serverguide/C/network-config.xml:275(command) serverguide/C/network-config.xml:309(command)
12515
12510
msgid "sudo ifdown eth0"
12516
12511
msgstr "sudo ifdown eth0"
12517
12512
12518
#: serverguide/C/network-config.xml:276(title)
12513
#: serverguide/C/network-config.xml:280(title)
12519
12514
msgid "Static IP Address Assignment"
12520
12515
msgstr ""
12521
12516
12522
#: serverguide/C/network-config.xml:277(para)
12517
#: serverguide/C/network-config.xml:281(para)
12523
12518
msgid ""
12524
12519
"To configure your system to use a static IP address assignment, add the "
12525
12520
"<emphasis role=\"italic\">static</emphasis> method to the inet address "
12533
12528
"network."
12534
12529
msgstr ""
12535
12530
12536
#: serverguide/C/network-config.xml:286(programlisting)
12531
#: serverguide/C/network-config.xml:290(programlisting)
12537
12532
#, no-wrap
12538
12533
msgid ""
12539
12534
"\n"
12544
12539
"gateway 10.0.0.1\n"
12545
12540
msgstr ""
12546
12541
12547
#: serverguide/C/network-config.xml:293(para)
12542
#: serverguide/C/network-config.xml:297(para)
12548
12543
msgid ""
12549
12544
"By adding an interface configuration as shown above, you can manually enable "
12550
12545
"the interface through the <application>ifup</application> command."
12551
12546
msgstr ""
12552
12547
12553
#: serverguide/C/network-config.xml:300(para)
12548
#: serverguide/C/network-config.xml:304(para)
12554
12549
msgid ""
12555
12550
"To manually disable the interface, you can use the "
12556
12551
"<application>ifdown</application> command."
12557
12552
msgstr ""
12558
12553
12559
#: serverguide/C/network-config.xml:310(title)
12554
#: serverguide/C/network-config.xml:314(title)
12560
12555
msgid "Loopback Interface"
12561
12556
msgstr ""
12562
12557
12563
#: serverguide/C/network-config.xml:311(para)
12558
#: serverguide/C/network-config.xml:315(para)
12564
12559
msgid ""
12565
12560
"The loopback interface is identified by the system as <emphasis "
12566
12561
"role=\"italic\">lo</emphasis> and has a default IP address of 127.0.0.1. It "
12567
12562
"can be viewed using the ifconfig command."
12568
12563
msgstr ""
12569
12564
12570
#: serverguide/C/network-config.xml:316(command)
12565
#: serverguide/C/network-config.xml:320(command)
12571
12566
msgid "ifconfig lo"
12572
12567
msgstr "ifconfig lo"
12573
12568
12574
#: serverguide/C/network-config.xml:317(computeroutput)
12569
#: serverguide/C/network-config.xml:321(computeroutput)
12575
12570
#, no-wrap
12576
12571
msgid ""
12577
12572
"lo Link encap:Local Loopback \n"
12584
12579
" RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)"
12585
12580
msgstr ""
12586
12581
12587
#: serverguide/C/network-config.xml:326(para)
12582
#: serverguide/C/network-config.xml:330(para)
12588
12583
msgid ""
12589
12584
"By default, there should be two lines in "
12590
12585
"<filename>/etc/network/interfaces</filename> responsible for automatically "
12593
12588
"example of the two default lines are shown below."
12594
12589
msgstr ""
12595
12590
12596
#: serverguide/C/network-config.xml:332(programlisting)
12591
#: serverguide/C/network-config.xml:336(programlisting)
12597
12592
#, no-wrap
12598
12593
msgid ""
12599
12594
"\n"
12604
12599
"auto lo\n"
12605
12600
"iface lo inet loopback\n"
12606
12601
12607
#: serverguide/C/network-config.xml:341(title)
12602
#: serverguide/C/network-config.xml:345(title)
12608
12603
msgid "Name Resolution"
12609
12604
msgstr ""
12610
12605
12611
#: serverguide/C/network-config.xml:342(para)
12606
#: serverguide/C/network-config.xml:346(para)
12612
12607
msgid ""
12613
12608
"Name resolution as it relates to IP networking is the process of mapping IP "
12614
12609
"addresses to hostnames, making it easier to identify resources on a network. "
12616
12611
"name resolution using DNS and static hostname records."
12617
12612
msgstr ""
12618
12613
12619
#: serverguide/C/network-config.xml:350(title)
12614
#: serverguide/C/network-config.xml:354(title)
12620
12615
msgid "DNS Client Configuration"
12621
12616
msgstr ""
12622
12617
12623
#: serverguide/C/network-config.xml:362(programlisting)
12618
#: serverguide/C/network-config.xml:366(programlisting)
12624
12619
#, no-wrap
12625
12620
msgid ""
12626
12621
"\n"
12653
12648
"following:"
12654
12649
msgstr ""
12655
12650
12656
#: serverguide/C/network-config.xml:373(programlisting)
12651
#: serverguide/C/network-config.xml:377(programlisting)
12657
12652
#, no-wrap
12658
12653
msgid ""
12659
12654
"\n"
12665
12660
" dns-nameservers 192.168.3.45 192.168.8.10\n"
12666
12661
msgstr ""
12667
12662
12668
#: serverguide/C/network-config.xml:382(para)
12663
#: serverguide/C/network-config.xml:386(para)
12669
12664
msgid ""
12670
12665
"The <emphasis role=\"italic\">search</emphasis> option can also be used with "
12671
12666
"multiple domain names so that DNS queries will be appended in the order in "
12676
12671
"role=\"italic\">dev.example.com</emphasis>."
12677
12672
msgstr ""
12678
12673
12679
#: serverguide/C/network-config.xml:389(para)
12674
#: serverguide/C/network-config.xml:393(para)
12680
12675
msgid ""
12681
12676
"If you have multiple domains you wish to search, your configuration might "
12682
12677
"look like the following:"
12683
12678
msgstr ""
12684
12679
12685
#: serverguide/C/network-config.xml:393(programlisting)
12680
#: serverguide/C/network-config.xml:397(programlisting)
12686
12681
#, no-wrap
12687
12682
msgid ""
12688
12683
"\n"
12694
12689
" dns-nameservers 192.168.3.45 192.168.8.10\n"
12695
12690
msgstr ""
12696
12691
12697
#: serverguide/C/network-config.xml:402(para)
12692
#: serverguide/C/network-config.xml:406(para)
12698
12693
msgid ""
12699
12694
"If you try to ping a host with the name of <emphasis "
12700
12695
"role=\"italic\">server1</emphasis>, your system will automatically query DNS "
12701
12696
"for its Fully Qualified Domain Name (FQDN) in the following order:"
12702
12697
msgstr ""
12703
12698
12704
#: serverguide/C/network-config.xml:409(para)
12699
#: serverguide/C/network-config.xml:413(para)
12705
12700
msgid "server1<emphasis role=\"bold\">.example.com</emphasis>"
12706
12701
msgstr "streznik1<emphasis role=\"bold\">.primer.si</emphasis>"
12707
12702
12708
#: serverguide/C/network-config.xml:414(para)
12703
#: serverguide/C/network-config.xml:418(para)
12709
12704
msgid "server1<emphasis role=\"bold\">.sales.example.com</emphasis>"
12710
12705
msgstr "streznik1<emphasis role=\"bold\">.prodaja.primer.si</emphasis>"
12711
12706
12712
#: serverguide/C/network-config.xml:419(para)
12707
#: serverguide/C/network-config.xml:423(para)
12713
12708
msgid "server1<emphasis role=\"bold\">.dev.example.com</emphasis>"
12714
12709
msgstr "streznik1<emphasis role=\"bold\">.stranke.primer.si</emphasis>"
12715
12710
12716
#: serverguide/C/network-config.xml:424(para)
12711
#: serverguide/C/network-config.xml:428(para)
12717
12712
msgid ""
12718
12713
"If no matches are found, the DNS server will provide a result of <emphasis "
12719
12714
"role=\"italic\">notfound</emphasis> and the DNS query will fail."
12720
12715
msgstr ""
12721
12716
12722
#: serverguide/C/network-config.xml:431(title)
12717
#: serverguide/C/network-config.xml:435(title)
12723
12718
msgid "Static Hostnames"
12724
12719
msgstr ""
12725
12720
12726
#: serverguide/C/network-config.xml:432(para)
12721
#: serverguide/C/network-config.xml:436(para)
12727
12722
msgid ""
12728
12723
"Static hostnames are locally defined hostname-to-IP mappings located in the "
12729
12724
"file <filename>/etc/hosts</filename>. Entries in the "
12735
12730
"conveniently set to use static hostnames instead of DNS."
12736
12731
msgstr ""
12737
12732
12738
#: serverguide/C/network-config.xml:439(para)
12733
#: serverguide/C/network-config.xml:443(para)
12739
12734
msgid ""
12740
12735
"The following is an example of a <filename>hosts</filename> file where a "
12741
12736
"number of local servers have been identified by simple hostnames, aliases "
12742
12737
"and their equivalent Fully Qualified Domain Names (FQDN's)."
12743
12738
msgstr ""
12744
12739
12745
#: serverguide/C/network-config.xml:443(programlisting)
12740
#: serverguide/C/network-config.xml:447(programlisting)
12746
12741
#, no-wrap
12747
12742
msgid ""
12748
12743
"\n"
12754
12749
"10.0.0.14\tserver4 server4.example.com file\n"
12755
12750
msgstr ""
12756
12751
12757
#: serverguide/C/network-config.xml:452(para)
12752
#: serverguide/C/network-config.xml:456(para)
12758
12753
msgid ""
12759
12754
"In the above example, notice that each of the servers have been given "
12760
12755
"aliases in addition to their proper names and FQDN's. <emphasis "
12767
12762
"role=\"italic\">file</emphasis>."
12768
12763
msgstr ""
12769
12764
12770
#: serverguide/C/network-config.xml:464(title)
12765
#: serverguide/C/network-config.xml:468(title)
12771
12766
msgid "Name Service Switch Configuration"
12772
12767
msgstr ""
12773
12768
12774
#: serverguide/C/network-config.xml:465(para)
12769
#: serverguide/C/network-config.xml:469(para)
12775
12770
msgid ""
12776
12771
"The order in which your system selects a method of resolving hostnames to IP "
12777
12772
"addresses is controlled by the Name Service Switch (NSS) configuration file "
12782
12777
"of hostname lookups in the file <filename>/etc/nsswitch.conf</filename>."
12783
12778
msgstr ""
12784
12779
12785
#: serverguide/C/network-config.xml:473(programlisting)
12780
#: serverguide/C/network-config.xml:477(programlisting)
12786
12781
#, no-wrap
12787
12782
msgid ""
12788
12783
"\n"
12789
12784
"hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4\n"
12790
12785
msgstr ""
12791
12786
12792
#: serverguide/C/network-config.xml:479(para)
12787
#: serverguide/C/network-config.xml:483(para)
12793
12788
msgid ""
12794
12789
"<emphasis role=\"bold\">files</emphasis> first tries to resolve static "
12795
12790
"hostnames located in <filename>/etc/hosts</filename>."
12796
12791
msgstr ""
12797
12792
12798
#: serverguide/C/network-config.xml:485(para)
12793
#: serverguide/C/network-config.xml:489(para)
12799
12794
msgid ""
12800
12795
"<emphasis role=\"bold\">mdns4_minimal</emphasis> attempts to resolve the "
12801
12796
"name using Multicast DNS."
12802
12797
msgstr ""
12803
12798
12804
#: serverguide/C/network-config.xml:490(para)
12799
#: serverguide/C/network-config.xml:494(para)
12805
12800
msgid ""
12806
12801
"<emphasis role=\"bold\">[NOTFOUND=return]</emphasis> means that any response "
12807
12802
"of <emphasis role=\"italic\">notfound</emphasis> by the preceding <emphasis "
12810
12805
"answer."
12811
12806
msgstr ""
12812
12807
12813
#: serverguide/C/network-config.xml:498(para)
12808
#: serverguide/C/network-config.xml:502(para)
12814
12809
msgid ""
12815
12810
"<emphasis role=\"bold\">dns</emphasis> represents a legacy unicast DNS query."
12816
12811
msgstr ""
12817
12812
12818
#: serverguide/C/network-config.xml:503(para)
12813
#: serverguide/C/network-config.xml:507(para)
12819
12814
msgid ""
12820
12815
"<emphasis role=\"bold\">mdns4</emphasis> represents a Multicast DNS query."
12821
12816
msgstr ""
12822
12817
12823
#: serverguide/C/network-config.xml:509(para)
12818
#: serverguide/C/network-config.xml:513(para)
12824
12819
msgid ""
12825
12820
"To modify the order of the above mentioned name resolution methods, you can "
12826
12821
"simply change the <emphasis role=\"italic\">hosts:</emphasis> string to the "
12829
12824
"<filename>/etc/nsswitch.conf</filename> as shown below."
12830
12825
msgstr ""
12831
12826
12832
#: serverguide/C/network-config.xml:516(programlisting)
12827
#: serverguide/C/network-config.xml:520(programlisting)
12833
12828
#, no-wrap
12834
12829
msgid ""
12835
12830
"\n"
12836
12831
"hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4\n"
12837
12832
msgstr ""
12838
12833
12839
#: serverguide/C/virtualization.xml:694(title) serverguide/C/network-config.xml:523(title)
12834
#: serverguide/C/network-config.xml:527(title)
12840
12835
msgid "Bridging"
12841
12836
msgstr ""
12842
12837
12843
#: serverguide/C/network-config.xml:525(para)
12838
#: serverguide/C/network-config.xml:529(para)
12844
12839
msgid ""
12845
12840
"Bridging multiple interfaces is a more advanced configuration, but is very "
12846
12841
"useful in multiple scenarios. One scenario is setting up a bridge with "
12850
12845
"The following example covers the latter scenario."
12851
12846
msgstr ""
12852
12847
12853
#: serverguide/C/network-config.xml:532(para)
12848
#: serverguide/C/network-config.xml:536(para)
12854
12849
msgid ""
12855
12850
"Before configuring a bridge you will need to install the <application>bridge-"
12856
12851
"utils</application> package. To install the package, in a terminal enter:"
12857
12852
msgstr ""
12858
12853
12859
#: serverguide/C/network-config.xml:541(para)
12854
#: serverguide/C/network-config.xml:545(para)
12860
12855
msgid ""
12861
12856
"Next, configure the bridge by editing "
12862
12857
"<filename>/etc/network/interfaces</filename>:"
12863
12858
msgstr ""
12864
12859
12865
#: serverguide/C/network-config.xml:545(programlisting)
12860
#: serverguide/C/network-config.xml:549(programlisting)
12866
12861
#, no-wrap
12867
12862
msgid ""
12868
12863
"\n"
12883
12878
" bridge_stp off\n"
12884
12879
msgstr ""
12885
12880
12886
#: serverguide/C/network-config.xml:564(para)
12881
#: serverguide/C/network-config.xml:568(para)
12887
12882
msgid "Enter the appropriate values for your physical interface and network."
12888
12883
msgstr ""
12889
12884
12895
12890
msgid "sudo ifup br0"
12896
12891
msgstr ""
12897
12892
12898
#: serverguide/C/network-config.xml:576(para)
12893
#: serverguide/C/network-config.xml:580(para)
12899
12894
msgid ""
12900
12895
"The new bridge interface should now be up and running. The "
12901
12896
"<application>brctl</application> provides useful information about the state "
12903
12898
"<command>man brctl</command> for more information."
12904
12899
msgstr ""
12905
12900
12906
#: serverguide/C/network-config.xml:592(para)
12901
#: serverguide/C/network-config.xml:596(para)
12907
12902
msgid ""
12908
12903
"The <ulink url=\"https://help.ubuntu.com/community/Network\">Ubuntu Wiki "
12909
12904
"Network page</ulink> has links to articles covering more advanced network "
12910
12905
"configuration."
12911
12906
msgstr ""
12912
12907
12913
#: serverguide/C/network-config.xml:598(para)
12908
#: serverguide/C/network-config.xml:602(para)
12914
12909
msgid ""
12915
12910
"The <ulink "
12916
12911
"url=\"http://manpages.ubuntu.com/manpages/man8/resolvconf.8.html\">resolvconf"
12917
12912
" man page</ulink> has more information on resolvconf."
12918
12913
msgstr ""
12919
12914
12920
#: serverguide/C/network-config.xml:604(para)
12915
#: serverguide/C/network-config.xml:608(para)
12921
12916
msgid ""
12922
12917
"The <ulink "
12923
12918
"url=\"http://manpages.ubuntu.com/manpages/man5/interfaces.5.html\">interfaces"
12925
12920
"<filename>/etc/network/interfaces</filename>."
12926
12921
msgstr ""
12927
12922
12928
#: serverguide/C/network-config.xml:610(para)
12923
#: serverguide/C/network-config.xml:614(para)
12929
12924
msgid ""
12930
12925
"The <ulink "
12931
12926
"url=\"http://manpages.ubuntu.com/manpages/man8/dhclient.8.html\">dhclient "
12933
12928
"settings."
12934
12929
msgstr ""
12935
12930
12936
#: serverguide/C/network-config.xml:616(para)
12931
#: serverguide/C/network-config.xml:620(para)
12937
12932
msgid ""
12938
12933
"For more information on DNS client configuration see the <ulink "
12939
12934
"url=\"http://manpages.ubuntu.com/manpages/man5/resolver.5.html\">resolver "
12952
12947
"\">Networking-Bridge</ulink> page."
12953
12948
msgstr ""
12954
12949
12955
#: serverguide/C/network-config.xml:635(title)
12950
#: serverguide/C/network-config.xml:639(title)
12956
12951
msgid "TCP/IP"
12957
12952
msgstr "TCP/IP"
12958
12953
12959
#: serverguide/C/network-config.xml:636(para)
12954
#: serverguide/C/network-config.xml:640(para)
12960
12955
msgid ""
12961
12956
"The Transmission Control Protocol and Internet Protocol (TCP/IP) is a "
12962
12957
"standard set of protocols developed in the late 1970s by the Defense "
12966
12961
"network protocols on Earth."
12967
12962
msgstr ""
12968
12963
12969
#: serverguide/C/network-config.xml:644(title)
12964
#: serverguide/C/network-config.xml:648(title)
12970
12965
msgid "TCP/IP Introduction"
12971
12966
msgstr "Uvod v TCP/IP"
12972
12967
12973
#: serverguide/C/network-config.xml:645(para)
12968
#: serverguide/C/network-config.xml:649(para)
12974
12969
msgid ""
12975
12970
"The two protocol components of TCP/IP deal with different aspects of "
12976
12971
"computer networking. <emphasis>Internet Protocol</emphasis>, the \"IP\" of "
12985
12980
"host."
12986
12981
msgstr ""
12987
12982
12988
#: serverguide/C/network-config.xml:658(title)
12983
#: serverguide/C/network-config.xml:662(title)
12989
12984
msgid "TCP/IP Configuration"
12990
12985
msgstr "Nastavljanje TCP/IP"
12991
12986
12992
#: serverguide/C/network-config.xml:659(para)
12987
#: serverguide/C/network-config.xml:663(para)
12993
12988
msgid ""
12994
12989
"The TCP/IP protocol configuration consists of several elements which must be "
12995
12990
"set by editing the appropriate configuration files, or deploying solutions "
13000
12995
"system."
13001
12996
msgstr ""
13002
12997
13003
#: serverguide/C/network-config.xml:671(para)
12998
#: serverguide/C/network-config.xml:675(para)
13004
12999
msgid ""
13005
13000
"<emphasis role=\"bold\">IP address</emphasis> The IP address is a unique "
13006
13001
"identifying string expressed as four decimal numbers ranging from zero (0) "
13010
13005
"<emphasis>dotted quad notation</emphasis>."
13011
13006
msgstr ""
13012
13007
13013
#: serverguide/C/network-config.xml:681(para)
13008
#: serverguide/C/network-config.xml:685(para)
13014
13009
msgid ""
13015
13010
"<emphasis role=\"bold\">Netmask</emphasis> The Subnet Mask (or simply, "
13016
13011
"<emphasis>netmask</emphasis>) is a local bit mask, or set of flags which "
13021
13016
"remain available for specifying hosts on the subnetwork."
13022
13017
msgstr ""
13023
13018
13024
#: serverguide/C/network-config.xml:692(para)
13019
#: serverguide/C/network-config.xml:696(para)
13025
13020
msgid ""
13026
13021
"<emphasis role=\"bold\">Network Address</emphasis> The Network Address "
13027
13022
"represents the bytes comprising the network portion of an IP address. For "
13034
13029
"network and a zero (0) for all the possible hosts on the network."
13035
13030
msgstr ""
13036
13031
13037
#: serverguide/C/network-config.xml:705(para)
13032
#: serverguide/C/network-config.xml:709(para)
13038
13033
msgid ""
13039
13034
"<emphasis role=\"bold\">Broadcast Address</emphasis> The Broadcast Address "
13040
13035
"is an IP address which allows network data to be sent simultaneously to all "
13048
13043
"Address Resolution Protocol (ARP) and the Routing Information Protocol (RIP)."
13049
13044
msgstr ""
13050
13045
13051
#: serverguide/C/network-config.xml:718(para)
13046
#: serverguide/C/network-config.xml:722(para)
13052
13047
msgid ""
13053
13048
"<emphasis role=\"bold\">Gateway Address</emphasis> A Gateway Address is the "
13054
13049
"IP address through which a particular network, or host on a network, may be "
13061
13056
"not be able to reach any hosts beyond those on the same network."
13062
13057
msgstr ""
13063
13058
13064
#: serverguide/C/network-config.xml:729(para)
13059
#: serverguide/C/network-config.xml:733(para)
13065
13060
msgid ""
13066
13061
"<emphasis role=\"bold\">Nameserver Address</emphasis> Nameserver Addresses "
13067
13062
"represent the IP addresses of Domain Name Service (DNS) systems, which "
13087
13082
"command typed at a terminal prompt:"
13088
13083
msgstr ""
13089
13084
13090
#: serverguide/C/network-config.xml:750(para)
13085
#: serverguide/C/network-config.xml:754(para)
13091
13086
msgid ""
13092
13087
"Access the system manual page for <filename>interfaces</filename> with the "
13093
13088
"following command:"
13094
13089
msgstr ""
13095
13090
13096
#: serverguide/C/network-config.xml:755(command)
13091
#: serverguide/C/network-config.xml:759(command)
13097
13092
msgid "man interfaces"
13098
13093
msgstr "man interfaces"
13099
13094
13100
#: serverguide/C/network-config.xml:667(para)
13095
#: serverguide/C/network-config.xml:671(para)
13101
13096
msgid ""
13102
13097
"The common configuration elements of TCP/IP and their purposes are as "
13103
13098
"follows: <placeholder-1/>"
13104
13099
msgstr ""
13105
13100
13106
#: serverguide/C/network-config.xml:771(title)
13101
#: serverguide/C/network-config.xml:767(title)
13107
13102
msgid "IP Routing"
13108
13103
msgstr ""
13109
13104
13110
#: serverguide/C/network-config.xml:772(para)
13105
#: serverguide/C/network-config.xml:768(para)
13111
13106
msgid ""
13112
13107
"IP routing is a means of specifying and discovering paths in a TCP/IP "
13113
13108
"network along which network data may be sent. Routing uses a set of "
13118
13113
"<emphasis>Dynamic Routing.</emphasis>"
13119
13114
msgstr ""
13120
13115
13121
#: serverguide/C/network-config.xml:781(para)
13116
#: serverguide/C/network-config.xml:777(para)
13122
13117
msgid ""
13123
13118
"Static routing involves manually adding IP routes to the system's routing "
13124
13119
"table, and this is usually done by manipulating the routing table with the "
13133
13128
"and failures along the route due to the fixed nature of the route."
13134
13129
msgstr ""
13135
13130
13136
#: serverguide/C/network-config.xml:791(para)
13131
#: serverguide/C/network-config.xml:787(para)
13137
13132
msgid ""
13138
13133
"Dynamic routing depends on large networks with multiple possible IP routes "
13139
13134
"from a source to a destination and makes use of special routing protocols, "
13150
13145
"immediately benefit the end users, but still consumes network bandwidth."
13151
13146
msgstr ""
13152
13147
13153
#: serverguide/C/network-config.xml:805(title)
13148
#: serverguide/C/network-config.xml:801(title)
13154
13149
msgid "TCP and UDP"
13155
13150
msgstr "TCP in UDP"
13156
13151
13157
#: serverguide/C/network-config.xml:806(para)
13152
#: serverguide/C/network-config.xml:802(para)
13158
13153
msgid ""
13159
13154
"TCP is a connection-based protocol, offering error correction and guaranteed "
13160
13155
"delivery of data via what is known as <emphasis>flow control</emphasis>. "
13165
13160
"important information such as database transactions."
13166
13161
msgstr ""
13167
13162
13168
#: serverguide/C/network-config.xml:814(para)
13163
#: serverguide/C/network-config.xml:810(para)
13169
13164
msgid ""
13170
13165
"The User Datagram Protocol (UDP), on the other hand, is a "
13171
13166
"<emphasis>connectionless</emphasis> protocol which seldom deals with the "
13176
13171
"loss of a few packets is not generally catastrophic."
13177
13172
msgstr ""
13178
13173
13179
#: serverguide/C/network-config.xml:824(title)
13174
#: serverguide/C/network-config.xml:820(title)
13180
13175
msgid "ICMP"
13181
13176
msgstr "ICMP"
13182
13177
13183
#: serverguide/C/network-config.xml:825(para)
13178
#: serverguide/C/network-config.xml:821(para)
13184
13179
msgid ""
13185
13180
"The Internet Control Messaging Protocol (ICMP) is an extension to the "
13186
13181
"Internet Protocol (IP) as defined in the Request For Comments (RFC) #792 and "
13193
13188
"<emphasis>Time Exceeded</emphasis>."
13194
13189
msgstr ""
13195
13190
13196
#: serverguide/C/network-config.xml:835(title)
13191
#: serverguide/C/network-config.xml:831(title)
13197
13192
msgid "Daemons"
13198
13193
msgstr "Ozadnji programi"
13199
13194
13200
#: serverguide/C/network-config.xml:836(para)
13195
#: serverguide/C/network-config.xml:832(para)
13201
13196
msgid ""
13202
13197
"Daemons are special system applications which typically execute continuously "
13203
13198
"in the background and await requests for the functions they provide from "
13220
13215
"that contain more useful information."
13221
13216
msgstr ""
13222
13217
13223
#: serverguide/C/network-config.xml:857(para)
13218
#: serverguide/C/network-config.xml:853(para)
13224
13219
msgid ""
13225
13220
"Also, see the <ulink "
13226
13221
"url=\"http://www.redbooks.ibm.com/abstracts/gg243376.html\">TCP/IP Tutorial "
13227
13222
"and Technical Overview</ulink> IBM Redbook."
13228
13223
msgstr ""
13229
13224
13230
#: serverguide/C/network-config.xml:863(para)
13225
#: serverguide/C/network-config.xml:859(para)
13231
13226
msgid ""
13232
13227
"Another resource is O'Reilly's <ulink "
13233
13228
"url=\"http://oreilly.com/catalog/9780596002978/\">TCP/IP Network "
13234
13229
"Administration</ulink>."
13235
13230
msgstr ""
13236
13231
13237
#: serverguide/C/network-config.xml:872(title)
13232
#: serverguide/C/network-config.xml:868(title)
13238
13233
msgid "Dynamic Host Configuration Protocol (DHCP)"
13239
13234
msgstr "Dynamic Host Configuration Protocol (DHCP)"
13240
13235
13241
#: serverguide/C/network-config.xml:873(para)
13236
#: serverguide/C/network-config.xml:869(para)
13242
13237
msgid ""
13243
13238
"The Dynamic Host Configuration Protocol (DHCP) is a network service that "
13244
13239
"enables host computers to be automatically assigned settings from a server "
13247
13242
"DHCP server, and the configuration is transparent to the computer's user."
13248
13243
msgstr ""
13249
13244
13250
#: serverguide/C/network-config.xml:880(para)
13245
#: serverguide/C/network-config.xml:876(para)
13251
13246
msgid ""
13252
13247
"The most common settings provided by a DHCP server to DHCP clients include:"
13253
13248
msgstr ""
13254
13249
13255
#: serverguide/C/network-config.xml:885(para)
13250
#: serverguide/C/network-config.xml:881(para)
13256
13251
msgid "IP address and netmask"
13257
13252
msgstr ""
13258
13253
13259
#: serverguide/C/network-config.xml:888(para)
13254
#: serverguide/C/network-config.xml:884(para)
13260
13255
msgid "IP address of the default-gateway to use"
13261
13256
msgstr ""
13262
13257
13263
#: serverguide/C/network-config.xml:891(para)
13258
#: serverguide/C/network-config.xml:887(para)
13264
13259
msgid "IP adresses of the DNS servers to use"
13265
13260
msgstr ""
13266
13261
13267
#: serverguide/C/network-config.xml:894(para)
13262
#: serverguide/C/network-config.xml:890(para)
13268
13263
msgid ""
13269
13264
"However, a DHCP server can also supply configuration properties such as:"
13270
13265
msgstr ""
13271
13266
13272
#: serverguide/C/network-config.xml:899(para)
13267
#: serverguide/C/network-config.xml:895(para)
13273
13268
msgid "Host Name"
13274
13269
msgstr ""
13275
13270
13276
#: serverguide/C/network-config.xml:902(para)
13271
#: serverguide/C/network-config.xml:898(para)
13277
13272
msgid "Domain Name"
13278
13273
msgstr "Ime domene"
13279
13274
13280
#: serverguide/C/network-config.xml:905(para)
13275
#: serverguide/C/network-config.xml:901(para)
13281
13276
msgid "Time Server"
13282
13277
msgstr ""
13283
13278
13284
#: serverguide/C/network-config.xml:911(para)
13279
#: serverguide/C/network-config.xml:907(para)
13285
13280
msgid ""
13286
13281
"The advantage of using DHCP is that changes to the network, for example a "
13287
13282
"change in the address of the DNS server, need only be changed at the DHCP "
13292
13287
"also reduced."
13293
13288
msgstr ""
13294
13289
13295
#: serverguide/C/network-config.xml:919(para)
13290
#: serverguide/C/network-config.xml:915(para)
13296
13291
msgid ""
13297
13292
"A DHCP server can provide configuration settings using the following methods:"
13298
13293
msgstr ""
13299
13294
13300
#: serverguide/C/network-config.xml:924(term)
13295
#: serverguide/C/network-config.xml:920(term)
13301
13296
msgid "Manual allocation (MAC address)"
13302
13297
msgstr ""
13303
13298
13304
#: serverguide/C/network-config.xml:926(para)
13299
#: serverguide/C/network-config.xml:922(para)
13305
13300
msgid ""
13306
13301
"This method entails using DHCP to identify the unique hardware address of "
13307
13302
"each network card connected to the network and then continually supplying a "
13310
13305
"assigned automatically to that network card, based on it's MAC address."
13311
13306
msgstr ""
13312
13307
13313
#: serverguide/C/network-config.xml:937(term)
13308
#: serverguide/C/network-config.xml:933(term)
13314
13309
msgid "Dynamic allocation (address pool)"
13315
13310
msgstr ""
13316
13311
13328
13323
"renegociate the lease with the server to maintain use of the address."
13329
13324
msgstr ""
13330
13325
13331
#: serverguide/C/network-config.xml:952(term)
13326
#: serverguide/C/network-config.xml:949(term)
13332
13327
msgid "Automatic allocation"
13333
13328
msgstr ""
13334
13329
13335
#: serverguide/C/network-config.xml:954(para)
13330
#: serverguide/C/network-config.xml:951(para)
13336
13331
msgid ""
13337
13332
"Using this method, the DHCP automatically assigns an IP address permanently "
13338
13333
"to a device, selecting it from a pool of available addresses. Usually DHCP "
13354
13349
"and configure and will be automatically started at system boot."
13355
13350
msgstr ""
13356
13351
13357
#: serverguide/C/network-config.xml:976(para)
13352
#: serverguide/C/network-config.xml:974(para)
13358
13353
msgid ""
13359
13354
"At a terminal prompt, enter the following command to install "
13360
13355
"<application>dhcpd</application>:"
13361
13356
msgstr ""
13362
13357
13363
#: serverguide/C/network-config.xml:981(command)
13358
#: serverguide/C/network-config.xml:979(command)
13364
13359
msgid "sudo apt-get install isc-dhcp-server"
13365
13360
msgstr ""
13366
13361
13367
#: serverguide/C/network-config.xml:983(para)
13362
#: serverguide/C/network-config.xml:981(para)
13368
13363
msgid ""
13369
13364
"You will probably need to change the default configuration by editing "
13370
13365
"/etc/dhcp/dhcpd.conf to suit your needs and particular configuration."
13371
13366
msgstr ""
13372
13367
13373
#: serverguide/C/network-config.xml:987(para)
13368
#: serverguide/C/network-config.xml:985(para)
13374
13369
msgid ""
13375
13370
"You also may need to edit /etc/default/isc-dhcp-server to specify the "
13376
13371
"interfaces dhcpd should listen to."
13377
13372
msgstr ""
13378
13373
13379
#: serverguide/C/network-config.xml:991(para)
13374
#: serverguide/C/network-config.xml:989(para)
13380
13375
msgid ""
13381
13376
"NOTE: dhcpd's messages are being sent to syslog. Look there for diagnostics "
13382
13377
"messages."
13383
13378
msgstr ""
13384
13379
13385
#: serverguide/C/network-config.xml:998(para)
13380
#: serverguide/C/network-config.xml:996(para)
13386
13381
msgid ""
13387
13382
"The error message the installation ends with might be a little confusing, "
13388
13383
"but the following steps will help you configure the service:"
13389
13384
msgstr ""
13390
13385
13391
#: serverguide/C/network-config.xml:1002(para)
13386
#: serverguide/C/network-config.xml:1000(para)
13392
13387
msgid ""
13393
13388
"Most commonly, what you want to do is assign an IP address randomly. This "
13394
13389
"can be done with settings as follows:"
13395
13390
msgstr ""
13396
13391
13397
#: serverguide/C/network-config.xml:1006(programlisting)
13392
#: serverguide/C/network-config.xml:1004(programlisting)
13398
13393
#, no-wrap
13399
13394
msgid ""
13400
13395
"\n"
13410
13405
"} \n"
13411
13406
msgstr ""
13412
13407
13413
#: serverguide/C/network-config.xml:1018(para)
13408
#: serverguide/C/network-config.xml:1016(para)
13414
13409
msgid ""
13415
13410
"This will result in the DHCP server giving clients an IP address from the "
13416
13411
"range 192.168.1.150-192.168.1.200. It will lease an IP address for 600 "
13420
13415
"192.168.1.1 and 192.168.1.2 as its DNS servers."
13421
13416
msgstr ""
13422
13417
13423
#: serverguide/C/network-config.xml:1026(para)
13418
#: serverguide/C/network-config.xml:1024(para)
13424
13419
msgid ""
13425
13420
"After changing the config file you have to restart the "
13426
13421
"<application>dhcpd</application>:"
13430
13425
msgid "sudo service isc-dhcp-server restart"
13431
13426
msgstr ""
13432
13427
13433
#: serverguide/C/network-config.xml:1039(para)
13428
#: serverguide/C/network-config.xml:1037(para)
13434
13429
msgid ""
13435
13430
"The <ulink url=\"https://help.ubuntu.com/community/dhcp3-server\">dhcp3-"
13436
13431
"server Ubuntu Wiki</ulink> page has more information."
13445
13440
"dhcpd.conf man page</ulink>."
13446
13441
msgstr ""
13447
13442
13448
#: serverguide/C/network-config.xml:1051(ulink)
13443
#: serverguide/C/network-config.xml:1049(ulink)
13449
13444
msgid "ISC dhcp-server"
13450
13445
msgstr ""
13451
13446
13452
#: serverguide/C/network-config.xml:1060(title)
13447
#: serverguide/C/network-config.xml:1058(title)
13453
13448
msgid "Time Synchronisation with NTP"
13454
13449
msgstr ""
13455
13450
13456
#: serverguide/C/network-config.xml:1061(para)
13451
#: serverguide/C/network-config.xml:1059(para)
13457
13452
msgid ""
13458
13453
"NTP is a TCP/IP protocol for synchronising time over a network. Basically a "
13459
13454
"client requests the current time from a server, and uses it to set its own "
13460
13455
"clock."
13461
13456
msgstr ""
13462
13457
13463
#: serverguide/C/network-config.xml:1064(para)
13458
#: serverguide/C/network-config.xml:1062(para)
13464
13459
msgid ""
13465
13460
"Behind this simple description, there is a lot of complexity - there are "
13466
13461
"tiers of NTP servers, with the tier one NTP servers connected to atomic "
13472
13467
"from you!"
13473
13468
msgstr ""
13474
13469
13475
#: serverguide/C/network-config.xml:1067(para)
13470
#: serverguide/C/network-config.xml:1065(para)
13476
13471
msgid "Ubuntu uses ntpdate and ntpd."
13477
13472
msgstr ""
13478
13473
13479
#: serverguide/C/network-config.xml:1072(title)
13474
#: serverguide/C/network-config.xml:1070(title)
13480
13475
msgid "ntpdate"
13481
13476
msgstr "ntpdate"
13482
13477
13483
#: serverguide/C/network-config.xml:1073(para)
13478
#: serverguide/C/network-config.xml:1071(para)
13484
13479
msgid ""
13485
13480
"Ubuntu comes with ntpdate as standard, and will run it once at boot time to "
13486
13481
"set up your time according to Ubuntu's NTP server."
13487
13482
msgstr ""
13488
13483
13489
#: serverguide/C/network-config.xml:1076(programlisting)
13484
#: serverguide/C/network-config.xml:1074(programlisting)
13490
13485
#, no-wrap
13491
13486
msgid ""
13492
13487
"\n"
13493
13488
"ntpdate -s ntp.ubuntu.com\n"
13494
13489
msgstr ""
13495
13490
13496
#: serverguide/C/network-config.xml:1082(title)
13491
#: serverguide/C/network-config.xml:1080(title)
13497
13492
msgid "ntpd"
13498
13493
msgstr "ntpd"
13499
13494
13500
#: serverguide/C/network-config.xml:1083(para)
13495
#: serverguide/C/network-config.xml:1081(para)
13501
13496
msgid ""
13502
13497
"The ntp daemon ntpd calculates the drift of your system clock and "
13503
13498
"continuously adjusts it, so there are no large corrections that could lead "
13505
13500
"memory, but for a modern server this is negligible."
13506
13501
msgstr ""
13507
13502
13508
#: serverguide/C/network-config.xml:1090(para)
13503
#: serverguide/C/network-config.xml:1088(para)
13509
13504
msgid "To install ntpd, from a terminal prompt enter:"
13510
13505
msgstr ""
13511
13506
13512
#: serverguide/C/virtualization.xml:2195(command) serverguide/C/network-config.xml:1095(command)
13507
#: serverguide/C/network-config.xml:1093(command)
13513
13508
msgid "sudo apt-get install ntp"
13514
13509
msgstr ""
13515
13510
13516
#: serverguide/C/network-config.xml:1102(para)
13511
#: serverguide/C/network-config.xml:1100(para)
13517
13512
msgid ""
13518
13513
"Edit <filename>/etc/ntp.conf</filename> to add/remove server lines. By "
13519
13514
"default these servers are configured:"
13520
13515
msgstr ""
13521
13516
13522
#: serverguide/C/network-config.xml:1107(programlisting)
13517
#: serverguide/C/network-config.xml:1105(programlisting)
13523
13518
#, no-wrap
13524
13519
msgid ""
13525
13520
"\n"
13532
13527
"server 3.ubuntu.pool.ntp.org\n"
13533
13528
msgstr ""
13534
13529
13535
#: serverguide/C/network-config.xml:1117(para)
13530
#: serverguide/C/network-config.xml:1115(para)
13536
13531
msgid ""
13537
13532
"After changing the config file you have to reload the "
13538
13533
"<application>ntpd</application>:"
13542
13537
msgid "sudo service ntp reload"
13543
13538
msgstr ""
13544
13539
13545
#: serverguide/C/network-config.xml:1126(title)
13540
#: serverguide/C/network-config.xml:1124(title)
13546
13541
msgid "View status"
13547
13542
msgstr ""
13548
13543
13550
13545
msgid "Use ntpq to see more info:"
13551
13546
msgstr ""
13552
13547
13553
#: serverguide/C/network-config.xml:1131(command)
13548
#: serverguide/C/network-config.xml:1129(command)
13554
13549
msgid "# sudo ntpq -p"
13555
13550
msgstr ""
13556
13551
13557
#: serverguide/C/network-config.xml:1132(computeroutput)
13552
#: serverguide/C/network-config.xml:1130(computeroutput)
13558
13553
#, no-wrap
13559
13554
msgid ""
13560
13555
" remote refid st t when poll reach delay offset "
13573
13568
"92.792"
13574
13569
msgstr ""
13575
13570
13576
#: serverguide/C/network-config.xml:1147(para)
13571
#: serverguide/C/network-config.xml:1145(para)
13577
13572
msgid ""
13578
13573
"See the <ulink url=\"https://help.ubuntu.com/community/UbuntuTime\">Ubuntu "
13579
13574
"Time</ulink> wiki page for more information."
13582
13577
"url=\"https://help.ubuntu.com/community/UbuntuTime\">Čas Ubuntu na Ubuntu "
13583
13578
"Wiki</ulink>."
13584
13579
13585
#: serverguide/C/network-config.xml:1153(ulink)
13580
#: serverguide/C/network-config.xml:1151(ulink)
13586
13581
msgid "ntp.org, home of the Network Time Protocol project"
13587
13582
msgstr ""
13588
13583
13604
13599
"The Lightweight Directory Access Protocol, or LDAP, is a protocol for "
13605
13600
"querying and modifying a X.500-based directory service running over TCP/IP. "
13606
13601
"The current LDAP version is LDAPv3, as defined in <ulink "
13607
"url=\"http://tools.ietf.org/html/rfc4510\">RFC4510</ulink>, and the its "
13608
"implementation used in Ubuntu is from OpenLDAP."
13602
"url=\"http://tools.ietf.org/html/rfc4510\">RFC4510</ulink>, and the "
13603
"implementation in Ubuntu is OpenLDAP.\""
13609
13604
msgstr ""
13610
13605
13611
#: serverguide/C/network-auth.xml:27(para)
13606
#: serverguide/C/network-auth.xml:29(para)
13612
13607
msgid ""
13613
13608
"So the LDAP protocol accesses LDAP directories. Here are some key concepts "
13614
13609
"and terms:"
13615
13610
msgstr ""
13616
13611
13617
#: serverguide/C/network-auth.xml:34(para)
13612
#: serverguide/C/network-auth.xml:36(para)
13618
13613
msgid ""
13619
13614
"A LDAP directory is a tree of data <emphasis>entries</emphasis> that is "
13620
13615
"hierarchical in nature and is called the Directory Information Tree (DIT)."
13621
13616
msgstr ""
13622
13617
13623
#: serverguide/C/network-auth.xml:41(para)
13618
#: serverguide/C/network-auth.xml:43(para)
13624
13619
msgid "An entry consists of a set of <emphasis>attributes</emphasis>."
13625
13620
msgstr ""
13626
13621
13627
#: serverguide/C/network-auth.xml:47(para)
13622
#: serverguide/C/network-auth.xml:49(para)
13628
13623
msgid ""
13629
13624
"An attribute has a <emphasis>type</emphasis> (a name/description) and one or "
13630
13625
"more <emphasis>values</emphasis>."
13631
13626
msgstr ""
13632
13627
13633
#: serverguide/C/network-auth.xml:53(para)
13628
#: serverguide/C/network-auth.xml:55(para)
13634
13629
msgid ""
13635
13630
"Every attribute must be defined in at least one "
13636
13631
"<emphasis>objectClass</emphasis>."
13637
13632
msgstr ""
13638
13633
13639
#: serverguide/C/network-auth.xml:59(para)
13634
#: serverguide/C/network-auth.xml:61(para)
13640
13635
msgid ""
13641
13636
"Attributes and objectclasses are defined in <emphasis>schemas</emphasis> (an "
13642
13637
"objectclass is actually considered as a special kind of attribute)."
13643
13638
msgstr ""
13644
13639
13645
#: serverguide/C/network-auth.xml:66(para)
13640
#: serverguide/C/network-auth.xml:68(para)
13646
13641
msgid ""
13647
13642
"Each entry has a unique identifier: its <emphasis>Distinguished "
13648
13643
"Name</emphasis> (DN or dn). This, in turn, consists of a <emphasis>Relative "
13649
13644
"Distinguished Name</emphasis> (RDN) followed by the parent entry's DN."
13650
13645
msgstr ""
13651
13646
13652
#: serverguide/C/network-auth.xml:73(para)
13647
#: serverguide/C/network-auth.xml:75(para)
13653
13648
msgid ""
13654
13649
"The entry's DN is not an attribute. It is not considered part of the entry "
13655
13650
"itself."
13656
13651
msgstr ""
13657
13652
13658
#: serverguide/C/network-auth.xml:81(para)
13653
#: serverguide/C/network-auth.xml:83(para)
13659
13654
msgid ""
13660
13655
"The terms <emphasis>object</emphasis>, <emphasis>container</emphasis>, and "
13661
13656
"<emphasis>node</emphasis> have certain connotations but they all essentially "
13663
13658
"term."
13664
13659
msgstr ""
13665
13660
13666
#: serverguide/C/network-auth.xml:87(para)
13661
#: serverguide/C/network-auth.xml:89(para)
13667
13662
msgid ""
13668
13663
"For example, below we have a single entry consisting of 11 attributes where "
13669
13664
"the following is true:"
13670
13665
msgstr ""
13671
13666
13672
#: serverguide/C/network-auth.xml:94(para)
13667
#: serverguide/C/network-auth.xml:96(para)
13673
13668
msgid "DN is \"cn=John Doe,dc=example,dc=com\""
13674
13669
msgstr ""
13675
13670
13676
#: serverguide/C/network-auth.xml:100(para)
13671
#: serverguide/C/network-auth.xml:102(para)
13677
13672
msgid "RDN is \"cn=John Doe\""
13678
13673
msgstr ""
13679
13674
13680
#: serverguide/C/network-auth.xml:106(para)
13675
#: serverguide/C/network-auth.xml:108(para)
13681
13676
msgid "parent DN is \"dc=example,dc=com\""
13682
13677
msgstr ""
13683
13678
13684
#: serverguide/C/network-auth.xml:113(programlisting)
13679
#: serverguide/C/network-auth.xml:115(programlisting)
13685
13680
#, no-wrap
13686
13681
msgid ""
13687
13682
"\n"
13699
13694
" objectClass: top\n"
13700
13695
msgstr ""
13701
13696
13702
#: serverguide/C/network-auth.xml:128(para)
13697
#: serverguide/C/network-auth.xml:130(para)
13703
13698
msgid ""
13704
13699
"The above entry is in <emphasis>LDIF</emphasis> format (LDAP Data "
13705
13700
"Interchange Format). Any information that you feed into your DIT must also "
13707
13702
"url=\"http://tools.ietf.org/html/rfc2849\">RFC2849</ulink>."
13708
13703
msgstr ""
13709
13704
13710
#: serverguide/C/network-auth.xml:133(para)
13705
#: serverguide/C/network-auth.xml:135(para)
13711
13706
msgid ""
13712
13707
"Although this guide will describe how to use it for central authentication, "
13713
13708
"LDAP is good for anything that involves a large number of access requests to "
13715
13710
"address book, a list of email addresses, and a mail server's configuration."
13716
13711
msgstr ""
13717
13712
13718
#: serverguide/C/network-auth.xml:142(para)
13713
#: serverguide/C/network-auth.xml:144(para)
13719
13714
msgid ""
13720
13715
"Install the OpenLDAP server daemon and the traditional LDAP management "
13721
13716
"utilities. These are found in packages <application>slapd</application> and "
13722
13717
"<application>ldap-utils</application> respectively."
13723
13718
msgstr ""
13724
13719
13725
#: serverguide/C/network-auth.xml:147(para)
13720
#: serverguide/C/network-auth.xml:149(para)
13726
13721
msgid ""
13727
13722
"The installation of slapd will create a working configuration. In "
13728
13723
"particular, it will create a database instance that you can use to store "
13734
13729
"a line similar to this:"
13735
13730
msgstr ""
13736
13731
13737
#: serverguide/C/network-auth.xml:155(programlisting)
13732
#: serverguide/C/network-auth.xml:157(programlisting)
13738
13733
#, no-wrap
13739
13734
msgid ""
13740
13735
"\n"
13741
13736
"127.0.1.1 hostname.example.com\thostname\n"
13742
13737
msgstr ""
13743
13738
13744
#: serverguide/C/network-auth.xml:159(para)
13739
#: serverguide/C/network-auth.xml:161(para)
13745
13740
msgid "You can revert the change after package installation."
13746
13741
msgstr ""
13747
13742
13748
#: serverguide/C/network-auth.xml:164(para)
13743
#: serverguide/C/network-auth.xml:166(para)
13749
13744
msgid ""
13750
13745
"This guide will use a database suffix of "
13751
13746
"<emphasis>dc=example,dc=com</emphasis>."
13752
13747
msgstr ""
13753
13748
13754
#: serverguide/C/network-auth.xml:169(para)
13749
#: serverguide/C/network-auth.xml:171(para)
13755
13750
msgid "Proceed with the install:"
13756
13751
msgstr ""
13757
13752
13758
#: serverguide/C/network-auth.xml:174(command)
13753
#: serverguide/C/network-auth.xml:176(command)
13759
13754
msgid "sudo apt-get install slapd ldap-utils"
13760
13755
msgstr ""
13761
13756
13762
#: serverguide/C/network-auth.xml:177(para)
13757
#: serverguide/C/network-auth.xml:179(para)
13763
13758
msgid ""
13764
13759
"Since Ubuntu 8.10 slapd is designed to be configured within slapd itself by "
13765
13760
"dedicating a separate DIT for that purpose. This allows one to dynamically "
13772
13767
"will be eventually phased out."
13773
13768
msgstr ""
13774
13769
13775
#: serverguide/C/network-auth.xml:186(para)
13770
#: serverguide/C/network-auth.xml:188(para)
13776
13771
msgid ""
13777
13772
"Ubuntu now uses the <emphasis>slapd-config</emphasis> method for slapd "
13778
13773
"configuration and this guide reflects that."
13779
13774
msgstr ""
13780
13775
13781
#: serverguide/C/network-auth.xml:192(para)
13776
#: serverguide/C/network-auth.xml:194(para)
13782
13777
msgid ""
13783
13778
"During the install you were prompted to define administrative credentials. "
13784
13779
"These are LDAP-based credentials for the <emphasis>rootDN</emphasis> of your "
13789
13784
"will see how to do this later on."
13790
13785
msgstr ""
13791
13786
13792
#: serverguide/C/network-auth.xml:199(para)
13787
#: serverguide/C/network-auth.xml:201(para)
13793
13788
msgid ""
13794
13789
"Some classical schemas (cosine, nis, inetorgperson) come built-in with slapd "
13795
13790
"nowadays. There is also an included \"core\" schema, a pre-requisite for any "
13796
13791
"schema to work."
13797
13792
msgstr ""
13798
13793
13799
#: serverguide/C/network-auth.xml:207(title)
13794
#: serverguide/C/network-auth.xml:209(title)
13800
13795
msgid "Post-install Inspection"
13801
13796
msgstr ""
13802
13797
13803
#: serverguide/C/network-auth.xml:209(para)
13798
#: serverguide/C/network-auth.xml:211(para)
13804
13799
msgid ""
13805
13800
"The installation process set up 2 DITs. One for slapd-config and one for "
13806
13801
"your own data (dc=example,dc=com). Let's take a look."
13807
13802
msgstr ""
13808
13803
13809
#: serverguide/C/network-auth.xml:216(para)
13804
#: serverguide/C/network-auth.xml:218(para)
13810
13805
msgid ""
13811
13806
"This is what the slapd-config database/DIT looks like. Recall that this "
13812
13807
"database is LDIF-based and lives under "
13813
13808
"<filename>/etc/ldap/slapd.d</filename>:"
13814
13809
msgstr ""
13815
13810
13816
#: serverguide/C/network-auth.xml:222(computeroutput)
13811
#: serverguide/C/network-auth.xml:224(computeroutput)
13817
13812
#, no-wrap
13818
13813
msgid ""
13819
13814
"\n"
13833
13828
" /etc/ldap/slapd.d/cn=config.ldif\n"
13834
13829
msgstr ""
13835
13830
13836
#: serverguide/C/network-auth.xml:242(para)
13831
#: serverguide/C/network-auth.xml:243(para)
13837
13832
msgid ""
13838
13833
"Do not edit the slapd-config database directly. Make changes via the LDAP "
13839
13834
"protocol (utilities)."
13840
13835
msgstr ""
13841
13836
13842
#: serverguide/C/network-auth.xml:250(para)
13837
#: serverguide/C/network-auth.xml:251(para)
13843
13838
msgid "This is what the slapd-config DIT looks like via the LDAP protocol:"
13844
13839
msgstr ""
13845
13840
13846
#: serverguide/C/network-auth.xml:254(para)
13841
#: serverguide/C/network-auth.xml:256(para)
13847
13842
msgid ""
13848
13843
"On Ubuntu server 14.10, and possibly higher, the following command may not "
13849
13844
"work due to a <ulink "
13851
13846
"ulink>"
13852
13847
msgstr ""
13853
13848
13854
#: serverguide/C/network-auth.xml:255(command)
13849
#: serverguide/C/network-auth.xml:262(command)
13855
13850
msgid "sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn"
13856
13851
msgstr ""
13857
13852
13858
#: serverguide/C/network-auth.xml:256(computeroutput)
13853
#: serverguide/C/network-auth.xml:263(computeroutput)
13859
13854
#, no-wrap
13860
13855
msgid ""
13861
13856
"\n"
13882
13877
"dn: olcDatabase={1}hdb,cn=config\n"
13883
13878
msgstr ""
13884
13879
13885
#: serverguide/C/network-auth.xml:281(para) serverguide/C/network-auth.xml:372(para)
13880
#: serverguide/C/network-auth.xml:288(para) serverguide/C/network-auth.xml:379(para)
13886
13881
msgid "Explanation of entries:"
13887
13882
msgstr ""
13888
13883
13889
#: serverguide/C/network-auth.xml:288(para)
13884
#: serverguide/C/network-auth.xml:295(para)
13890
13885
msgid "<emphasis>cn=config</emphasis>: global settings"
13891
13886
msgstr ""
13892
13887
13893
#: serverguide/C/network-auth.xml:294(para)
13888
#: serverguide/C/network-auth.xml:301(para)
13894
13889
msgid ""
13895
13890
"<emphasis>cn=module{0},cn=config</emphasis>: a dynamically loaded module"
13896
13891
msgstr ""
13897
13892
13898
#: serverguide/C/network-auth.xml:300(para)
13893
#: serverguide/C/network-auth.xml:307(para)
13899
13894
msgid ""
13900
13895
"<emphasis>cn=schema,cn=config</emphasis>: contains hard-coded system-level "
13901
13896
"schema"
13902
13897
msgstr ""
13903
13898
13904
#: serverguide/C/network-auth.xml:306(para)
13899
#: serverguide/C/network-auth.xml:313(para)
13905
13900
msgid ""
13906
13901
"<emphasis>cn={0}core,cn=schema,cn=config</emphasis>: the hard-coded core "
13907
13902
"schema"
13908
13903
msgstr ""
13909
13904
13910
#: serverguide/C/network-auth.xml:312(para)
13905
#: serverguide/C/network-auth.xml:319(para)
13911
13906
msgid ""
13912
13907
"<emphasis>cn={1}cosine,cn=schema,cn=config</emphasis>: the cosine schema"
13913
13908
msgstr ""
13914
13909
13915
#: serverguide/C/network-auth.xml:318(para)
13910
#: serverguide/C/network-auth.xml:325(para)
13916
13911
msgid "<emphasis>cn={2}nis,cn=schema,cn=config</emphasis>: the nis schema"
13917
13912
msgstr ""
13918
13913
13919
#: serverguide/C/network-auth.xml:324(para)
13914
#: serverguide/C/network-auth.xml:331(para)
13920
13915
msgid ""
13921
13916
"<emphasis>cn={3}inetorgperson,cn=schema,cn=config</emphasis>: the "
13922
13917
"inetorgperson schema"
13923
13918
msgstr ""
13924
13919
13925
#: serverguide/C/network-auth.xml:330(para)
13920
#: serverguide/C/network-auth.xml:337(para)
13926
13921
msgid ""
13927
13922
"<emphasis>olcBackend={0}hdb,cn=config</emphasis>: the 'hdb' backend storage "
13928
13923
"type"
13929
13924
msgstr ""
13930
13925
13931
#: serverguide/C/network-auth.xml:336(para)
13926
#: serverguide/C/network-auth.xml:343(para)
13932
13927
msgid ""
13933
13928
"<emphasis>olcDatabase={-1}frontend,cn=config</emphasis>: frontend database, "
13934
13929
"default settings for other databases"
13935
13930
msgstr ""
13936
13931
13937
#: serverguide/C/network-auth.xml:342(para)
13932
#: serverguide/C/network-auth.xml:349(para)
13938
13933
msgid ""
13939
13934
"<emphasis>olcDatabase={0}config,cn=config</emphasis>: slapd configuration "
13940
13935
"database (cn=config)"
13941
13936
msgstr ""
13942
13937
13943
#: serverguide/C/network-auth.xml:348(para)
13938
#: serverguide/C/network-auth.xml:355(para)
13944
13939
msgid ""
13945
13940
"<emphasis>olcDatabase={1}hdb,cn=config</emphasis>: your database instance "
13946
13941
"(dc=examle,dc=com)"
13947
13942
msgstr ""
13948
13943
13949
#: serverguide/C/network-auth.xml:359(para)
13944
#: serverguide/C/network-auth.xml:366(para)
13950
13945
msgid "This is what the dc=example,dc=com DIT looks like:"
13951
13946
msgstr ""
13952
13947
13953
#: serverguide/C/network-auth.xml:364(command)
13948
#: serverguide/C/network-auth.xml:371(command)
13954
13949
msgid "ldapsearch -x -LLL -H ldap:/// -b dc=example,dc=com dn"
13955
13950
msgstr ""
13956
13951
13957
#: serverguide/C/network-auth.xml:365(computeroutput)
13952
#: serverguide/C/network-auth.xml:372(computeroutput)
13958
13953
#, no-wrap
13959
13954
msgid ""
13960
13955
"\n"
13963
13958
"dn: cn=admin,dc=example,dc=com\n"
13964
13959
msgstr ""
13965
13960
13966
#: serverguide/C/network-auth.xml:379(para)
13961
#: serverguide/C/network-auth.xml:386(para)
13967
13962
msgid "<emphasis>dc=example,dc=com</emphasis>: base of the DIT"
13968
13963
msgstr ""
13969
13964
13970
#: serverguide/C/network-auth.xml:385(para)
13965
#: serverguide/C/network-auth.xml:392(para)
13971
13966
msgid ""
13972
13967
"<emphasis>cn=admin,dc=example,dc=com</emphasis>: administrator (rootDN) for "
13973
13968
"this DIT (set up during package install)"
13974
13969
msgstr ""
13975
13970
13976
#: serverguide/C/network-auth.xml:399(title)
13971
#: serverguide/C/network-auth.xml:406(title)
13977
13972
msgid "Modifying/Populating your Database"
13978
13973
msgstr ""
13979
13974
13980
#: serverguide/C/network-auth.xml:401(para)
13975
#: serverguide/C/network-auth.xml:408(para)
13981
13976
msgid ""
13982
13977
"Let's introduce some content to our database. We will add the following:"
13983
13978
msgstr ""
13984
13979
13985
#: serverguide/C/network-auth.xml:408(para)
13980
#: serverguide/C/network-auth.xml:415(para)
13986
13981
msgid "a node called <emphasis>People</emphasis> (to store users)"
13987
13982
msgstr ""
13988
13983
13989
#: serverguide/C/network-auth.xml:414(para)
13984
#: serverguide/C/network-auth.xml:421(para)
13990
13985
msgid "a node called <emphasis>Groups</emphasis> (to store groups)"
13991
13986
msgstr ""
13992
13987
13993
#: serverguide/C/network-auth.xml:420(para)
13988
#: serverguide/C/network-auth.xml:427(para)
13994
13989
msgid "a group called <emphasis>miners</emphasis>"
13995
13990
msgstr ""
13996
13991
13997
#: serverguide/C/network-auth.xml:426(para)
13992
#: serverguide/C/network-auth.xml:433(para)
13998
13993
msgid "a user called <emphasis>john</emphasis>"
13999
13994
msgstr ""
14000
13995
14001
#: serverguide/C/network-auth.xml:433(para)
13996
#: serverguide/C/network-auth.xml:440(para)
14002
13997
msgid ""
14003
13998
"Create the following LDIF file and call it "
14004
13999
"<filename>add_content.ldif</filename>:"
14005
14000
msgstr ""
14006
14001
14007
#: serverguide/C/network-auth.xml:437(programlisting)
14002
#: serverguide/C/network-auth.xml:444(programlisting)
14008
14003
#, no-wrap
14009
14004
msgid ""
14010
14005
"\n"
14038
14033
"homeDirectory: /home/john\n"
14039
14034
msgstr ""
14040
14035
14041
#: serverguide/C/network-auth.xml:469(para)
14036
#: serverguide/C/network-auth.xml:476(para)
14042
14037
msgid ""
14043
14038
"It's important that uid and gid values in your directory do not collide with "
14044
14039
"local values. Use high number ranges, such as starting at 5000. By setting "
14046
14041
"what can be done with a local user vs a ldap one. More on that later."
14047
14042
msgstr ""
14048
14043
14049
#: serverguide/C/network-auth.xml:477(para)
14044
#: serverguide/C/network-auth.xml:484(para)
14050
14045
msgid "Add the content:"
14051
14046
msgstr ""
14052
14047
14053
#: serverguide/C/network-auth.xml:482(command)
14048
#: serverguide/C/network-auth.xml:489(command)
14054
14049
msgid "ldapadd -x -D cn=admin,dc=example,dc=com -W -f add_content.ldif"
14055
14050
msgstr ""
14056
14051
14057
#: serverguide/C/network-auth.xml:484(application)
14052
#: serverguide/C/network-auth.xml:491(application)
14058
14053
msgid "********"
14059
14054
msgstr ""
14060
14055
14061
#: serverguide/C/network-auth.xml:483(computeroutput)
14056
#: serverguide/C/network-auth.xml:490(computeroutput)
14062
14057
#, no-wrap
14063
14058
msgid ""
14064
14059
"\n"
14072
14067
"adding new entry \"uid=john,ou=People,dc=example,dc=com\"\n"
14073
14068
msgstr ""
14074
14069
14075
#: serverguide/C/network-auth.xml:495(para)
14070
#: serverguide/C/network-auth.xml:502(para)
14076
14071
msgid ""
14077
14072
"We can check that the information has been correctly added with the "
14078
14073
"<application>ldapsearch</application> utility:"
14079
14074
msgstr ""
14080
14075
14081
#: serverguide/C/network-auth.xml:500(command)
14076
#: serverguide/C/network-auth.xml:507(command)
14082
14077
msgid "ldapsearch -x -LLL -b dc=example,dc=com 'uid=john' cn gidNumber"
14083
14078
msgstr ""
14084
14079
14085
#: serverguide/C/network-auth.xml:501(computeroutput)
14080
#: serverguide/C/network-auth.xml:508(computeroutput)
14086
14081
#, no-wrap
14087
14082
msgid ""
14088
14083
"\n"
14091
14086
"gidNumber: 5000\n"
14092
14087
msgstr ""
14093
14088
14094
#: serverguide/C/network-auth.xml:508(para)
14089
#: serverguide/C/network-auth.xml:515(para)
14095
14090
msgid "Explanation of switches:"
14096
14091
msgstr ""
14097
14092
14098
#: serverguide/C/network-auth.xml:515(para)
14093
#: serverguide/C/network-auth.xml:522(para)
14099
14094
msgid ""
14100
14095
"<emphasis>-x:</emphasis> \"simple\" binding; will not use the default SASL "
14101
14096
"method"
14102
14097
msgstr ""
14103
14098
14104
#: serverguide/C/network-auth.xml:521(para)
14099
#: serverguide/C/network-auth.xml:528(para)
14105
14100
msgid "<emphasis>-LLL:</emphasis> disable printing extraneous information"
14106
14101
msgstr ""
14107
14102
14108
#: serverguide/C/network-auth.xml:527(para)
14103
#: serverguide/C/network-auth.xml:534(para)
14109
14104
msgid "<emphasis>uid=john:</emphasis> a \"filter\" to find the john user"
14110
14105
msgstr ""
14111
14106
14112
#: serverguide/C/network-auth.xml:533(para)
14107
#: serverguide/C/network-auth.xml:540(para)
14113
14108
msgid ""
14114
14109
"<emphasis>cn gidNumber:</emphasis> requests certain attributes to be "
14115
14110
"displayed (the default is to show all attributes)"
14116
14111
msgstr ""
14117
14112
14118
#: serverguide/C/network-auth.xml:543(title)
14113
#: serverguide/C/network-auth.xml:550(title)
14119
14114
msgid "Modifying the slapd Configuration Database"
14120
14115
msgstr ""
14121
14116
14122
#: serverguide/C/network-auth.xml:545(para)
14117
#: serverguide/C/network-auth.xml:552(para)
14123
14118
msgid ""
14124
14119
"The slapd-config DIT can also be queried and modified. Here are a few "
14125
14120
"examples."
14126
14121
msgstr ""
14127
14122
14128
#: serverguide/C/network-auth.xml:552(para)
14123
#: serverguide/C/network-auth.xml:559(para)
14129
14124
msgid ""
14130
14125
"Use <application>ldapmodify</application> to add an \"Index\" (DbIndex "
14131
14126
"attribute) to your <application>{1}hdb,cn=config</application> database "
14133
14128
"<filename>uid_index.ldif</filename>, with the following contents:"
14134
14129
msgstr ""
14135
14130
14136
#: serverguide/C/network-auth.xml:557(programlisting)
14131
#: serverguide/C/network-auth.xml:564(programlisting)
14137
14132
#, no-wrap
14138
14133
msgid ""
14139
14134
"\n"
14142
14137
"olcDbIndex: uid eq,pres,sub\n"
14143
14138
msgstr ""
14144
14139
14145
#: serverguide/C/network-auth.xml:563(para)
14140
#: serverguide/C/network-auth.xml:570(para)
14146
14141
msgid "Then issue the command:"
14147
14142
msgstr ""
14148
14143
14149
#: serverguide/C/network-auth.xml:568(command)
14144
#: serverguide/C/network-auth.xml:575(command)
14150
14145
msgid "sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f uid_index.ldif"
14151
14146
msgstr ""
14152
14147
14153
#: serverguide/C/network-auth.xml:569(computeroutput)
14148
#: serverguide/C/network-auth.xml:576(computeroutput)
14154
14149
#, no-wrap
14155
14150
msgid ""
14156
14151
"\n"
14157
14152
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
14158
14153
msgstr ""
14159
14154
14160
#: serverguide/C/network-auth.xml:574(para)
14155
#: serverguide/C/network-auth.xml:581(para)
14161
14156
msgid "You can confirm the change in this way:"
14162
14157
msgstr ""
14163
14158
14164
#: serverguide/C/network-auth.xml:579(command)
14159
#: serverguide/C/network-auth.xml:586(command)
14165
14160
msgid ""
14166
14161
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=config "
14167
14162
"'(olcDatabase={1}hdb)' olcDbIndex"
14168
14163
msgstr ""
14169
14164
14170
#: serverguide/C/network-auth.xml:581(computeroutput)
14165
#: serverguide/C/network-auth.xml:588(computeroutput)
14171
14166
#, no-wrap
14172
14167
msgid ""
14173
14168
"\n"
14176
14171
"olcDbIndex: uid eq,pres,sub\n"
14177
14172
msgstr ""
14178
14173
14179
#: serverguide/C/network-auth.xml:591(para)
14174
#: serverguide/C/network-auth.xml:598(para)
14180
14175
msgid ""
14181
14176
"Let's add a schema. It will first need to be converted to LDIF format. You "
14182
14177
"can find unconverted schemas in addition to converted ones in the <filename "
14183
14178
"role=\"directory\">/etc/ldap/schema</filename> directory."
14184
14179
msgstr ""
14185
14180
14186
#: serverguide/C/network-auth.xml:599(para)
14181
#: serverguide/C/network-auth.xml:606(para)
14187
14182
msgid ""
14188
14183
"It is not trivial to remove a schema from the slapd-config database. "
14189
14184
"Practice adding schemas on a test system."
14190
14185
msgstr ""
14191
14186
14192
#: serverguide/C/network-auth.xml:605(para)
14187
#: serverguide/C/network-auth.xml:612(para)
14193
14188
msgid ""
14194
14189
"Before adding any schema, you should check which schemas are already "
14195
14190
"installed (shown is a default, out-of-the-box output):"
14196
14191
msgstr ""
14197
14192
14198
#: serverguide/C/network-auth.xml:611(command)
14193
#: serverguide/C/network-auth.xml:618(command)
14199
14194
msgid ""
14200
14195
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=schema,cn=config dn"
14201
14196
msgstr ""
14202
14197
14203
#: serverguide/C/network-auth.xml:613(computeroutput)
14198
#: serverguide/C/network-auth.xml:620(computeroutput)
14204
14199
#, no-wrap
14205
14200
msgid ""
14206
14201
"\n"
14215
14210
"dn: cn={3}inetorgperson,cn=schema,cn=config\n"
14216
14211
msgstr ""
14217
14212
14218
#: serverguide/C/network-auth.xml:630(para)
14213
#: serverguide/C/network-auth.xml:637(para)
14219
14214
msgid "In the following example we'll add the CORBA schema."
14220
14215
msgstr ""
14221
14216
14222
#: serverguide/C/network-auth.xml:637(para)
14217
#: serverguide/C/network-auth.xml:644(para)
14223
14218
msgid ""
14224
14219
"Create the conversion configuration file "
14225
14220
"<filename>schema_convert.conf</filename> containing the following lines:"
14226
14221
msgstr ""
14227
14222
14228
#: serverguide/C/network-auth.xml:642(programlisting)
14223
#: serverguide/C/network-auth.xml:649(programlisting)
14229
14224
#, no-wrap
14230
14225
msgid ""
14231
14226
"\n"
14245
14240
"include /etc/ldap/schema/pmi.schema\n"
14246
14241
msgstr ""
14247
14242
14248
#: serverguide/C/network-auth.xml:662(para)
14243
#: serverguide/C/network-auth.xml:669(para)
14249
14244
msgid "Create the output directory <filename>ldif_output</filename>."
14250
14245
msgstr ""
14251
14246
14252
#: serverguide/C/network-auth.xml:668(para) serverguide/C/network-auth.xml:2317(para)
14247
#: serverguide/C/network-auth.xml:675(para) serverguide/C/network-auth.xml:2324(para)
14253
14248
msgid "Determine the index of the schema:"
14254
14249
msgstr ""
14255
14250
14256
#: serverguide/C/network-auth.xml:673(command)
14251
#: serverguide/C/network-auth.xml:680(command)
14257
14252
msgid ""
14258
14253
"slapcat -f schema_convert.conf -F ldif_output -n 0 | grep corba,cn=schema"
14259
14254
msgstr ""
14260
14255
14261
#: serverguide/C/network-auth.xml:674(computeroutput)
14256
#: serverguide/C/network-auth.xml:681(computeroutput)
14262
14257
#, no-wrap
14263
14258
msgid ""
14264
14259
"\n"
14265
14260
"cn={1}corba,cn=schema,cn=config\n"
14266
14261
msgstr ""
14267
14262
14268
#: serverguide/C/network-auth.xml:685(para)
14263
#: serverguide/C/network-auth.xml:687(para)
14269
14264
msgid ""
14270
14265
"When slapd ingests objects with the same parent DN it will create an "
14271
14266
"<emphasis>index</emphasis> for that object. An index is contained within "
14272
14267
"braces: <application>{X}</application>."
14273
14268
msgstr ""
14274
14269
14275
#: serverguide/C/network-auth.xml:689(para)
14270
#: serverguide/C/network-auth.xml:696(para)
14276
14271
msgid "Use <application>slapcat</application> to perform the conversion:"
14277
14272
msgstr ""
14278
14273
14279
#: serverguide/C/network-auth.xml:694(command)
14274
#: serverguide/C/network-auth.xml:701(command)
14280
14275
msgid ""
14281
14276
"slapcat -f schema_convert.conf -F ldif_output -n0 -H \\ "
14282
14277
"ldap:///cn={1}corba,cn=schema,cn=config -l cn=corba.ldif"
14283
14278
msgstr ""
14284
14279
14285
#: serverguide/C/network-auth.xml:698(para)
14280
#: serverguide/C/network-auth.xml:705(para)
14286
14281
msgid "The converted schema is now in <filename>cn=corba.ldif</filename>"
14287
14282
msgstr ""
14288
14283
14289
#: serverguide/C/network-auth.xml:704(para)
14284
#: serverguide/C/network-auth.xml:711(para)
14290
14285
msgid ""
14291
14286
"Edit <filename>cn=corba.ldif</filename> to arrive at the following "
14292
14287
"attributes:"
14293
14288
msgstr ""
14294
14289
14295
#: serverguide/C/network-auth.xml:708(programlisting)
14290
#: serverguide/C/network-auth.xml:715(programlisting)
14296
14291
#, no-wrap
14297
14292
msgid ""
14298
14293
"\n"
14301
14296
"cn: corba\n"
14302
14297
msgstr ""
14303
14298
14304
#: serverguide/C/network-auth.xml:714(para)
14299
#: serverguide/C/network-auth.xml:721(para)
14305
14300
msgid "Also remove the following lines from the bottom:"
14306
14301
msgstr ""
14307
14302
14308
#: serverguide/C/network-auth.xml:718(programlisting)
14303
#: serverguide/C/network-auth.xml:725(programlisting)
14309
14304
#, no-wrap
14310
14305
msgid ""
14311
14306
"\n"
14318
14313
"modifyTimestamp: 20110829165435Z\n"
14319
14314
msgstr ""
14320
14315
14321
#: serverguide/C/network-auth.xml:728(para) serverguide/C/network-auth.xml:2367(para)
14316
#: serverguide/C/network-auth.xml:735(para) serverguide/C/network-auth.xml:2374(para)
14322
14317
msgid "Your attribute values will vary."
14323
14318
msgstr ""
14324
14319
14325
#: serverguide/C/network-auth.xml:734(para)
14320
#: serverguide/C/network-auth.xml:741(para)
14326
14321
msgid ""
14327
14322
"Finally, use <application>ldapadd</application> to add the new schema to the "
14328
14323
"slapd-config DIT:"
14329
14324
msgstr ""
14330
14325
14331
#: serverguide/C/network-auth.xml:739(command)
14326
#: serverguide/C/network-auth.xml:746(command)
14332
14327
msgid "sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f cn\\=corba.ldif"
14333
14328
msgstr ""
14334
14329
14335
#: serverguide/C/network-auth.xml:740(computeroutput)
14330
#: serverguide/C/network-auth.xml:747(computeroutput)
14336
14331
#, no-wrap
14337
14332
msgid ""
14338
14333
"\n"
14339
14334
"adding new entry \"cn=corba,cn=schema,cn=config\"\n"
14340
14335
msgstr ""
14341
14336
14342
#: serverguide/C/network-auth.xml:748(para)
14337
#: serverguide/C/network-auth.xml:755(para)
14343
14338
msgid "Confirm currently loaded schemas:"
14344
14339
msgstr ""
14345
14340
14346
#: serverguide/C/network-auth.xml:753(command)
14341
#: serverguide/C/network-auth.xml:760(command)
14347
14342
msgid ""
14348
14343
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config dn"
14349
14344
msgstr ""
14350
14345
14351
#: serverguide/C/network-auth.xml:754(computeroutput)
14346
#: serverguide/C/network-auth.xml:761(computeroutput)
14352
14347
#, no-wrap
14353
14348
msgid ""
14354
14349
"\n"
14365
14360
"dn: cn={4}corba,cn=schema,cn=config\n"
14366
14361
msgstr ""
14367
14362
14368
#: serverguide/C/network-auth.xml:778(para)
14363
#: serverguide/C/network-auth.xml:785(para)
14369
14364
msgid ""
14370
14365
"For external applications and clients to authenticate using LDAP they will "
14371
14366
"each need to be specifically configured to do so. Refer to the appropriate "
14372
14367
"client-side documentation for details."
14373
14368
msgstr ""
14374
14369
14375
#: serverguide/C/network-auth.xml:789(para)
14370
#: serverguide/C/network-auth.xml:796(para)
14376
14371
msgid ""
14377
14372
"Activity logging for slapd is indispensible when implementing an OpenLDAP-"
14378
14373
"based solution yet it must be manually enabled after software installation. "
14380
14375
"any other slapd configuration, is enabled via the slapd-config database."
14381
14376
msgstr ""
14382
14377
14383
#: serverguide/C/network-auth.xml:795(para)
14378
#: serverguide/C/network-auth.xml:802(para)
14384
14379
msgid ""
14385
14380
"OpenLDAP comes with multiple logging subsystems (levels) with each one "
14386
14381
"containing the lower one (additive). A good level to try is "
14390
14385
"different subsystems."
14391
14386
msgstr ""
14392
14387
14393
#: serverguide/C/network-auth.xml:801(para)
14388
#: serverguide/C/network-auth.xml:808(para)
14394
14389
msgid ""
14395
14390
"Create the file <filename>logging.ldif</filename> with the following "
14396
14391
"contents:"
14397
14392
msgstr ""
14398
14393
14399
#: serverguide/C/network-auth.xml:805(programlisting)
14394
#: serverguide/C/network-auth.xml:812(programlisting)
14400
14395
#, no-wrap
14401
14396
msgid ""
14402
14397
"\n"
14406
14401
"olcLogLevel: stats\n"
14407
14402
msgstr ""
14408
14403
14409
#: serverguide/C/network-auth.xml:812(para)
14404
#: serverguide/C/network-auth.xml:819(para)
14410
14405
msgid "Implement the change:"
14411
14406
msgstr ""
14412
14407
14413
#: serverguide/C/network-auth.xml:817(command)
14408
#: serverguide/C/network-auth.xml:824(command)
14414
14409
msgid "sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f logging.ldif"
14415
14410
msgstr ""
14416
14411
14417
#: serverguide/C/network-auth.xml:820(para)
14412
#: serverguide/C/network-auth.xml:827(para)
14418
14413
msgid ""
14419
14414
"This will produce a significant amount of logging and you will want to "
14420
14415
"throttle back to a less verbose level once your system is in production. "
14422
14417
"hard time keeping up and may drop messages:"
14423
14418
msgstr ""
14424
14419
14425
#: serverguide/C/network-auth.xml:826(programlisting)
14420
#: serverguide/C/network-auth.xml:833(programlisting)
14426
14421
#, no-wrap
14427
14422
msgid ""
14428
14423
"\n"
14430
14425
"limiting\n"
14431
14426
msgstr ""
14432
14427
14433
#: serverguide/C/network-auth.xml:830(para)
14428
#: serverguide/C/network-auth.xml:837(para)
14434
14429
msgid ""
14435
14430
"You may consider a change to rsyslog's configuration. In "
14436
14431
"<filename>/etc/rsyslog.conf</filename>, put:"
14437
14432
msgstr ""
14438
14433
14439
#: serverguide/C/network-auth.xml:834(programlisting)
14434
#: serverguide/C/network-auth.xml:841(programlisting)
14440
14435
#, no-wrap
14441
14436
msgid ""
14442
14437
"\n"
14445
14440
"$SystemLogRateLimitInterval 0\n"
14446
14441
msgstr ""
14447
14442
14448
#: serverguide/C/network-auth.xml:840(para)
14443
#: serverguide/C/network-auth.xml:847(para)
14449
14444
msgid "And then restart the rsyslog daemon:"
14450
14445
msgstr ""
14451
14446
14452
#: serverguide/C/network-auth.xml:845(command)
14447
#: serverguide/C/network-auth.xml:852(command)
14453
14448
msgid "sudo service rsyslog restart"
14454
14449
msgstr ""
14455
14450
14456
#: serverguide/C/network-auth.xml:851(title)
14451
#: serverguide/C/network-auth.xml:858(title)
14457
14452
msgid "Replication"
14458
14453
msgstr ""
14459
14454
14460
#: serverguide/C/network-auth.xml:853(para)
14455
#: serverguide/C/network-auth.xml:860(para)
14461
14456
msgid ""
14462
14457
"The LDAP service becomes increasingly important as more networked systems "
14463
14458
"begin to depend on it. In such an environment, it is standard practice to "
14466
14461
"replication</emphasis>."
14467
14462
msgstr ""
14468
14463
14469
#: serverguide/C/network-auth.xml:859(para)
14464
#: serverguide/C/network-auth.xml:866(para)
14470
14465
msgid ""
14471
14466
"Replication is achieved via the <emphasis>Syncrepl</emphasis> engine. This "
14472
14467
"allows changes to be synchronized using a <emphasis>Consumer</emphasis> - "
14478
14473
"be sent, not entire entries."
14479
14474
msgstr ""
14480
14475
14481
#: serverguide/C/network-auth.xml:868(title)
14476
#: serverguide/C/network-auth.xml:875(title)
14482
14477
msgid "Provider Configuration"
14483
14478
msgstr ""
14484
14479
14485
#: serverguide/C/network-auth.xml:870(para)
14480
#: serverguide/C/network-auth.xml:877(para)
14486
14481
msgid "Begin by configuring the <emphasis>Provider</emphasis>."
14487
14482
msgstr ""
14488
14483
14489
#: serverguide/C/network-auth.xml:877(para)
14484
#: serverguide/C/network-auth.xml:884(para)
14490
14485
msgid ""
14491
14486
"Create an LDIF file with the following contents and name it "
14492
14487
"<filename>provider_sync.ldif</filename>:"
14493
14488
msgstr ""
14494
14489
14495
#: serverguide/C/network-auth.xml:881(programlisting)
14490
#: serverguide/C/network-auth.xml:888(programlisting)
14496
14491
#, no-wrap
14497
14492
msgid ""
14498
14493
"\n"
14554
14549
"olcAccessLogPurge: 07+00:00 01+00:00\n"
14555
14550
msgstr ""
14556
14551
14557
#: serverguide/C/network-auth.xml:940(para)
14552
#: serverguide/C/network-auth.xml:947(para)
14558
14553
msgid ""
14559
14554
"Change the rootDN in the LDIF file to match the one you have for your "
14560
14555
"directory."
14561
14556
msgstr ""
14562
14557
14563
#: serverguide/C/network-auth.xml:947(para)
14558
#: serverguide/C/network-auth.xml:954(para)
14564
14559
msgid ""
14565
14560
"The <application>apparmor</application> profile for slapd will not need to "
14566
14561
"be adjusted for the accesslog database location since "
14567
14562
"<filename>/etc/apparmor.d/local/usr.sbin.slapd</filename> contains:"
14568
14563
msgstr ""
14569
14564
14570
#: serverguide/C/network-auth.xml:952(programlisting)
14565
#: serverguide/C/network-auth.xml:959(programlisting)
14571
14566
#, no-wrap
14572
14567
msgid ""
14573
14568
"\n"
14575
14570
"/var/lib/ldap/** rwk,\n"
14576
14571
msgstr ""
14577
14572
14578
#: serverguide/C/network-auth.xml:957(para)
14573
#: serverguide/C/network-auth.xml:964(para)
14579
14574
msgid ""
14580
14575
"Create a directory, set up a databse config file, and reload the apparmor "
14581
14576
"profile:"
14582
14577
msgstr ""
14583
14578
14584
#: serverguide/C/network-auth.xml:962(command)
14579
#: serverguide/C/network-auth.xml:969(command)
14585
14580
msgid "sudo -u openldap mkdir /var/lib/ldap/accesslog"
14586
14581
msgstr "sudo -u openldap mkdir /var/lib/ldap/accesslog"
14587
14582
14588
#: serverguide/C/network-auth.xml:963(command)
14583
#: serverguide/C/network-auth.xml:970(command)
14589
14584
msgid "sudo -u openldap cp /var/lib/ldap/DB_CONFIG /var/lib/ldap/accesslog"
14590
14585
msgstr ""
14591
14586
14592
#: serverguide/C/network-auth.xml:970(para)
14587
#: serverguide/C/network-auth.xml:977(para)
14593
14588
msgid ""
14594
14589
"Add the new content and, due to the apparmor change, restart the daemon:"
14595
14590
msgstr ""
14596
14591
14597
#: serverguide/C/network-auth.xml:975(command)
14592
#: serverguide/C/network-auth.xml:982(command)
14598
14593
msgid "sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f provider_sync.ldif"
14599
14594
msgstr ""
14600
14595
14601
#: serverguide/C/network-auth.xml:976(command) serverguide/C/network-auth.xml:1498(command) serverguide/C/network-auth.xml:1683(command) serverguide/C/network-auth.xml:3912(command)
14596
#: serverguide/C/network-auth.xml:983(command) serverguide/C/network-auth.xml:1505(command) serverguide/C/network-auth.xml:1690(command) serverguide/C/network-auth.xml:3911(command)
14602
14597
msgid "sudo service slapd restart"
14603
14598
msgstr ""
14604
14599
14605
#: serverguide/C/network-auth.xml:983(para)
14600
#: serverguide/C/network-auth.xml:990(para)
14606
14601
msgid "The Provider is now configured."
14607
14602
msgstr ""
14608
14603
14609
#: serverguide/C/network-auth.xml:990(title)
14604
#: serverguide/C/network-auth.xml:997(title)
14610
14605
msgid "Consumer Configuration"
14611
14606
msgstr ""
14612
14607
14613
#: serverguide/C/network-auth.xml:992(para)
14608
#: serverguide/C/network-auth.xml:999(para)
14614
14609
msgid "And now configure the <emphasis>Consumer</emphasis>."
14615
14610
msgstr ""
14616
14611
14617
#: serverguide/C/network-auth.xml:999(para)
14612
#: serverguide/C/network-auth.xml:1006(para)
14618
14613
msgid ""
14619
14614
"Install the software by going through <xref linkend=\"openldap-server-"
14620
14615
"installation\"/>. Make sure the slapd-config databse is identical to the "
14622
14617
"same."
14623
14618
msgstr ""
14624
14619
14625
#: serverguide/C/network-auth.xml:1006(para)
14620
#: serverguide/C/network-auth.xml:1013(para)
14626
14621
msgid ""
14627
14622
"Create an LDIF file with the following contents and name it "
14628
14623
"<filename>consumer_sync.ldif</filename>:"
14629
14624
msgstr ""
14630
14625
14631
#: serverguide/C/network-auth.xml:1010(programlisting)
14626
#: serverguide/C/network-auth.xml:1017(programlisting)
14632
14627
#, no-wrap
14633
14628
msgid ""
14634
14629
"\n"
14655
14650
"olcUpdateRef: ldap://ldap01.example.com\n"
14656
14651
msgstr ""
14657
14652
14658
#: serverguide/C/network-auth.xml:1031(para)
14653
#: serverguide/C/network-auth.xml:1038(para)
14659
14654
msgid "Ensure the following attributes have the correct values:"
14660
14655
msgstr ""
14661
14656
14662
#: serverguide/C/network-auth.xml:1036(para)
14657
#: serverguide/C/network-auth.xml:1043(para)
14663
14658
msgid ""
14664
14659
"<emphasis>provider</emphasis> (Provider server's hostname -- "
14665
14660
"ldap01.example.com in this example -- or IP address)"
14666
14661
msgstr ""
14667
14662
14668
#: serverguide/C/network-auth.xml:1037(para)
14663
#: serverguide/C/network-auth.xml:1044(para)
14669
14664
msgid "<emphasis>binddn</emphasis> (the admin DN you're using)"
14670
14665
msgstr ""
14671
14666
14672
#: serverguide/C/network-auth.xml:1038(para)
14667
#: serverguide/C/network-auth.xml:1045(para)
14673
14668
msgid "<emphasis>credentials</emphasis> (the admin DN password you're using)"
14674
14669
msgstr ""
14675
14670
14676
#: serverguide/C/network-auth.xml:1039(para)
14671
#: serverguide/C/network-auth.xml:1046(para)
14677
14672
msgid "<emphasis>searchbase</emphasis> (the database suffix you're using)"
14678
14673
msgstr ""
14679
14674
14680
#: serverguide/C/network-auth.xml:1040(para)
14675
#: serverguide/C/network-auth.xml:1047(para)
14681
14676
msgid ""
14682
14677
"<emphasis>olcUpdateRef</emphasis> (Provider server's hostname or IP address)"
14683
14678
msgstr ""
14684
14679
14685
#: serverguide/C/network-auth.xml:1041(para)
14680
#: serverguide/C/network-auth.xml:1048(para)
14686
14681
msgid ""
14687
14682
"<emphasis>rid</emphasis> (Replica ID, an unique 3-digit that identifies the "
14688
14683
"replica. Each consumer should have at least one rid)"
14689
14684
msgstr ""
14690
14685
14691
#: serverguide/C/network-auth.xml:1050(para)
14686
#: serverguide/C/network-auth.xml:1057(para)
14692
14687
msgid "Add the new content:"
14693
14688
msgstr ""
14694
14689
14695
#: serverguide/C/network-auth.xml:1055(command)
14690
#: serverguide/C/network-auth.xml:1062(command)
14696
14691
msgid "sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f consumer_sync.ldif"
14697
14692
msgstr ""
14698
14693
14699
#: serverguide/C/network-auth.xml:1062(para)
14694
#: serverguide/C/network-auth.xml:1069(para)
14700
14695
msgid ""
14701
14696
"You're done. The two databases (suffix: dc=example,dc=com) should now be "
14702
14697
"synchronizing."
14703
14698
msgstr ""
14704
14699
14705
#: serverguide/C/network-auth.xml:1071(para)
14700
#: serverguide/C/network-auth.xml:1078(para)
14706
14701
msgid "Once replication starts, you can monitor it by running"
14707
14702
msgstr ""
14708
14703
14709
#: serverguide/C/network-auth.xml:1081(command)
14704
#: serverguide/C/network-auth.xml:1083(command)
14710
14705
msgid ""
14711
14706
"ldapsearch -z1 -LLLQY EXTERNAL -H ldapi:/// -s base -b dc=example,dc=com "
14712
14707
"contextCSN"
14713
14708
msgstr ""
14714
14709
14715
#: serverguide/C/network-auth.xml:1077(computeroutput)
14710
#: serverguide/C/network-auth.xml:1084(computeroutput)
14716
14711
#, no-wrap
14717
14712
msgid ""
14718
14713
"\n"
14720
14715
"contextCSN: 20120201193408.178454Z#000000#000#000000\n"
14721
14716
msgstr ""
14722
14717
14723
#: serverguide/C/network-auth.xml:1083(para)
14718
#: serverguide/C/network-auth.xml:1090(para)
14724
14719
msgid ""
14725
14720
"on both the provider and the consumer. Once the output "
14726
14721
"(<computeroutput>20120201193408.178454Z#000000#000#000000</computeroutput> "
14729
14724
"the one in the consumer(s)."
14730
14725
msgstr ""
14731
14726
14732
#: serverguide/C/network-auth.xml:1092(para)
14727
#: serverguide/C/network-auth.xml:1099(para)
14733
14728
msgid ""
14734
14729
"If your connection is slow and/or your ldap database large, it might take a "
14735
14730
"while for the consumer's <emphasis>contextCSN</emphasis> match the "
14737
14732
"<emphasis>contextCSN</emphasis> will be steadly increasing."
14738
14733
msgstr ""
14739
14734
14740
#: serverguide/C/network-auth.xml:1100(para)
14735
#: serverguide/C/network-auth.xml:1107(para)
14741
14736
msgid ""
14742
14737
"If the consumer's <emphasis>contextCSN</emphasis> is missing or does not "
14743
14738
"match the provider, you should stop and figure out the issue before "
14747
14742
"statements) return no errors."
14748
14743
msgstr ""
14749
14744
14750
#: serverguide/C/network-auth.xml:1109(para)
14745
#: serverguide/C/network-auth.xml:1116(para)
14751
14746
msgid ""
14752
14747
"To test if it worked simply query, on the Consumer, the DNs in the database:"
14753
14748
msgstr ""
14754
14749
14755
#: serverguide/C/network-auth.xml:1114(command)
14750
#: serverguide/C/network-auth.xml:1121(command)
14756
14751
msgid ""
14757
14752
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b dc=example,dc=com dn"
14758
14753
msgstr ""
14759
14754
14760
#: serverguide/C/network-auth.xml:1117(para)
14755
#: serverguide/C/network-auth.xml:1124(para)
14761
14756
msgid ""
14762
14757
"You should see the user 'john' and the group 'miners' as well as the nodes "
14763
14758
"'People' and 'Groups'."
14764
14759
msgstr ""
14765
14760
14766
#: serverguide/C/network-auth.xml:1126(title)
14761
#: serverguide/C/network-auth.xml:1133(title)
14767
14762
msgid "Access Control"
14768
14763
msgstr ""
14769
14764
14770
#: serverguide/C/network-auth.xml:1128(para)
14765
#: serverguide/C/network-auth.xml:1135(para)
14771
14766
msgid ""
14772
14767
"The management of what type of access (read, write, etc) users should be "
14773
14768
"granted to resources is known as <emphasis>access control</emphasis>. The "
14775
14770
"lists</emphasis> or ACL."
14776
14771
msgstr ""
14777
14772
14778
#: serverguide/C/network-auth.xml:1133(para)
14773
#: serverguide/C/network-auth.xml:1140(para)
14779
14774
msgid ""
14780
14775
"When we installed the slapd package various ACL were set up automatically. "
14781
14776
"We will look at a few important consequences of those defaults and, in so "
14782
14777
"doing, we'll get an idea of how ACLs work and how they're configured."
14783
14778
msgstr ""
14784
14779
14785
#: serverguide/C/network-auth.xml:1138(para)
14780
#: serverguide/C/network-auth.xml:1145(para)
14786
14781
msgid ""
14787
14782
"To get the effective ACL for an LDAP query we need to look at the ACL "
14788
14783
"entries of the database being queried as well as those of the special "
14794
14789
"(\"dc=example,dc=com\") and those of the frontend database:"
14795
14790
msgstr ""
14796
14791
14797
#: serverguide/C/network-auth.xml:1147(command)
14792
#: serverguide/C/network-auth.xml:1154(command)
14798
14793
msgid ""
14799
14794
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=config "
14800
14795
"'(olcDatabase={1}hdb)' olcAccess"
14801
14796
msgstr ""
14802
14797
14803
#: serverguide/C/network-auth.xml:1149(computeroutput)
14798
#: serverguide/C/network-auth.xml:1156(computeroutput)
14804
14799
#, no-wrap
14805
14800
msgid ""
14806
14801
"\n"
14814
14809
" read\n"
14815
14810
msgstr ""
14816
14811
14817
#: serverguide/C/network-auth.xml:1160(para)
14812
#: serverguide/C/network-auth.xml:1167(para)
14818
14813
msgid ""
14819
14814
"The rootDN always has full rights to its database. Including it in an ACL "
14820
14815
"does provide an explicit configuration but it also causes slapd to incur a "
14821
14816
"performance penalty."
14822
14817
msgstr ""
14823
14818
14824
#: serverguide/C/network-auth.xml:1167(command)
14819
#: serverguide/C/network-auth.xml:1174(command)
14825
14820
msgid ""
14826
14821
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=config "
14827
14822
"'(olcDatabase={-1}frontend)' olcAccess"
14828
14823
msgstr ""
14829
14824
14830
#: serverguide/C/network-auth.xml:1169(computeroutput)
14825
#: serverguide/C/network-auth.xml:1176(computeroutput)
14831
14826
#, no-wrap
14832
14827
msgid ""
14833
14828
"\n"
14838
14833
"olcAccess: {2}to dn.base=\"cn=Subschema\" by * read\n"
14839
14834
msgstr ""
14840
14835
14841
#: serverguide/C/network-auth.xml:1178(para)
14836
#: serverguide/C/network-auth.xml:1185(para)
14842
14837
msgid "The very first ACL is crucial:"
14843
14838
msgstr ""
14844
14839
14845
#: serverguide/C/network-auth.xml:1182(programlisting)
14840
#: serverguide/C/network-auth.xml:1189(programlisting)
14846
14841
#, no-wrap
14847
14842
msgid ""
14848
14843
"\n"
14851
14846
" auth by dn=\"cn=admin,dc=example,dc=com\" write by * none\n"
14852
14847
msgstr ""
14853
14848
14854
#: serverguide/C/network-auth.xml:1187(para)
14849
#: serverguide/C/network-auth.xml:1194(para)
14855
14850
msgid "This can be represented differently for easier digestion:"
14856
14851
msgstr ""
14857
14852
14858
#: serverguide/C/network-auth.xml:1191(programlisting)
14853
#: serverguide/C/network-auth.xml:1198(programlisting)
14859
14854
#, no-wrap
14860
14855
msgid ""
14861
14856
"\n"
14872
14867
"\tby * none\n"
14873
14868
msgstr ""
14874
14869
14875
#: serverguide/C/network-auth.xml:1205(para)
14870
#: serverguide/C/network-auth.xml:1212(para)
14876
14871
msgid "This compound ACL (there are 2) enforces the following:"
14877
14872
msgstr ""
14878
14873
14879
#: serverguide/C/network-auth.xml:1212(para)
14874
#: serverguide/C/network-auth.xml:1219(para)
14880
14875
msgid ""
14881
14876
"Anonymous 'auth' access is provided to the <emphasis>userPassword</emphasis> "
14882
14877
"attribute for the initial connection to occur. Perhaps counter-intuitively, "
14885
14880
"occur (see next point)."
14886
14881
msgstr ""
14887
14882
14888
#: serverguide/C/network-auth.xml:1220(para)
14883
#: serverguide/C/network-auth.xml:1227(para)
14889
14884
msgid ""
14890
14885
"Authentication can happen because all users have 'read' (due to 'by self "
14891
14886
"write') access to the <emphasis>userPassword</emphasis> attribute."
14892
14887
msgstr ""
14893
14888
14894
#: serverguide/C/network-auth.xml:1226(para)
14889
#: serverguide/C/network-auth.xml:1233(para)
14895
14890
msgid ""
14896
14891
"The <emphasis>userPassword</emphasis> attribute is otherwise unaccessible by "
14897
14892
"all other users, with the exception of the rootDN, who has complete access "
14898
14893
"to it."
14899
14894
msgstr ""
14900
14895
14901
#: serverguide/C/network-auth.xml:1233(para)
14896
#: serverguide/C/network-auth.xml:1240(para)
14902
14897
msgid ""
14903
14898
"In order for users to change their own password, using "
14904
14899
"<command>passwd</command> or other utilities, the "
14906
14901
"a user has authenticated."
14907
14902
msgstr ""
14908
14903
14909
#: serverguide/C/network-auth.xml:1241(para)
14904
#: serverguide/C/network-auth.xml:1248(para)
14910
14905
msgid ""
14911
14906
"This DIT can be searched anonymously because of 'by * read' in this ACL:"
14912
14907
msgstr ""
14913
14908
14914
#: serverguide/C/network-auth.xml:1245(programlisting)
14909
#: serverguide/C/network-auth.xml:1252(programlisting)
14915
14910
#, no-wrap
14916
14911
msgid ""
14917
14912
"\n"
14921
14916
"\tby * read\n"
14922
14917
msgstr ""
14923
14918
14924
#: serverguide/C/network-auth.xml:1252(para)
14919
#: serverguide/C/network-auth.xml:1259(para)
14925
14920
msgid ""
14926
14921
"If this is unwanted then you need to change the ACLs. To force "
14927
14922
"authentication during a bind request you can alternatively (or in "
14928
14923
"combination with the modified ACL) use the 'olcRequire: authc' directive."
14929
14924
msgstr ""
14930
14925
14931
#: serverguide/C/network-auth.xml:1257(para)
14926
#: serverguide/C/network-auth.xml:1264(para)
14932
14927
msgid ""
14933
14928
"As previously mentioned, there is no administrative account created for the "
14934
14929
"slapd-config database. There is, however, a SASL identity that is granted "
14936
14931
"it is:"
14937
14932
msgstr ""
14938
14933
14939
#: serverguide/C/network-auth.xml:1262(programlisting)
14934
#: serverguide/C/network-auth.xml:1269(programlisting)
14940
14935
#, no-wrap
14941
14936
msgid ""
14942
14937
"\n"
14943
14938
"dn.exact=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth \n"
14944
14939
msgstr ""
14945
14940
14946
#: serverguide/C/network-auth.xml:1266(para)
14941
#: serverguide/C/network-auth.xml:1273(para)
14947
14942
msgid ""
14948
14943
"The following command will display the ACLs of the slapd-config database:"
14949
14944
msgstr ""
14950
14945
14951
#: serverguide/C/network-auth.xml:1271(command)
14946
#: serverguide/C/network-auth.xml:1278(command)
14952
14947
msgid ""
14953
14948
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=config "
14954
14949
"'(olcDatabase={0}config)' olcAccess"
14955
14950
msgstr ""
14956
14951
14957
#: serverguide/C/network-auth.xml:1273(computeroutput)
14952
#: serverguide/C/network-auth.xml:1280(computeroutput)
14958
14953
#, no-wrap
14959
14954
msgid ""
14960
14955
"\n"
14963
14958
" cn=external,cn=auth manage by * break\n"
14964
14959
msgstr ""
14965
14960
14966
#: serverguide/C/network-auth.xml:1285(para)
14961
#: serverguide/C/network-auth.xml:1287(para)
14967
14962
msgid ""
14968
14963
"Since this is a SASL identity we need to use a SASL "
14969
14964
"<emphasis>mechanism</emphasis> when invoking the LDAP utility in question "
14971
14966
"mechanism. See the previous command for an example. Note that:"
14972
14967
msgstr ""
14973
14968
14974
#: serverguide/C/network-auth.xml:1288(para)
14969
#: serverguide/C/network-auth.xml:1295(para)
14975
14970
msgid ""
14976
14971
"You must use <emphasis>sudo</emphasis> to become the root identity in order "
14977
14972
"for the ACL to match."
14978
14973
msgstr ""
14979
14974
14980
#: serverguide/C/network-auth.xml:1294(para)
14975
#: serverguide/C/network-auth.xml:1301(para)
14981
14976
msgid ""
14982
14977
"The EXTERNAL mechanism works via <emphasis>IPC</emphasis> (UNIX domain "
14983
14978
"sockets). This means you must use the <emphasis>ldapi</emphasis> URI format."
14984
14979
msgstr ""
14985
14980
14986
#: serverguide/C/network-auth.xml:1302(para)
14981
#: serverguide/C/network-auth.xml:1309(para)
14987
14982
msgid "A succinct way to get all the ACLs is like this:"
14988
14983
msgstr ""
14989
14984
14990
#: serverguide/C/network-auth.xml:1307(command)
14985
#: serverguide/C/network-auth.xml:1314(command)
14991
14986
msgid ""
14992
14987
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b \\ cn=config "
14993
14988
"'(olcAccess=*)' olcAccess olcSuffix"
14994
14989
msgstr ""
14995
14990
14996
#: serverguide/C/network-auth.xml:1311(para)
14991
#: serverguide/C/network-auth.xml:1318(para)
14997
14992
msgid ""
14998
14993
"There is much to say on the topic of access control. See the man page for "
14999
14994
"<ulink "
15001
14996
".access</ulink>."
15002
14997
msgstr ""
15003
14998
15004
#: serverguide/C/network-auth.xml:1319(title)
14999
#: serverguide/C/network-auth.xml:1326(title)
15005
15000
msgid "TLS"
15006
15001
msgstr ""
15007
15002
15008
#: serverguide/C/network-auth.xml:1321(para)
15003
#: serverguide/C/network-auth.xml:1328(para)
15009
15004
msgid ""
15010
15005
"When authenticating to an OpenLDAP server it is best to do so using an "
15011
15006
"encrypted session. This can be accomplished using Transport Layer Security "
15012
15007
"(TLS)."
15013
15008
msgstr ""
15014
15009
15015
#: serverguide/C/network-auth.xml:1326(para)
15010
#: serverguide/C/network-auth.xml:1333(para)
15016
15011
msgid ""
15017
15012
"Here, we will be our own <emphasis>Certificate Authority</emphasis> and then "
15018
15013
"create and sign our LDAP server certificate as that CA. Since "
15021
15016
"<application>certtool</application> utility to complete these tasks."
15022
15017
msgstr ""
15023
15018
15024
#: serverguide/C/network-auth.xml:1335(para)
15019
#: serverguide/C/network-auth.xml:1342(para)
15025
15020
msgid ""
15026
15021
"Install the <application>gnutls-bin</application> and <application>ssl-"
15027
15022
"cert</application> packages:"
15028
15023
msgstr ""
15029
15024
15030
#: serverguide/C/network-auth.xml:1340(command)
15025
#: serverguide/C/network-auth.xml:1347(command)
15031
15026
msgid "sudo apt-get install gnutls-bin ssl-cert"
15032
15027
msgstr ""
15033
15028
15034
#: serverguide/C/network-auth.xml:1346(para)
15029
#: serverguide/C/network-auth.xml:1353(para)
15035
15030
msgid "Create a private key for the Certificate Authority:"
15036
15031
msgstr ""
15037
15032
15038
#: serverguide/C/network-auth.xml:1351(command)
15033
#: serverguide/C/network-auth.xml:1358(command)
15039
15034
msgid ""
15040
15035
"sudo sh -c \"certtool --generate-privkey > /etc/ssl/private/cakey.pem\""
15041
15036
msgstr ""
15042
15037
15043
#: serverguide/C/network-auth.xml:1357(para)
15038
#: serverguide/C/network-auth.xml:1364(para)
15044
15039
msgid ""
15045
15040
"Create the template/file <filename>/etc/ssl/ca.info</filename> to define the "
15046
15041
"CA:"
15047
15042
msgstr ""
15048
15043
15049
#: serverguide/C/network-auth.xml:1361(programlisting)
15044
#: serverguide/C/network-auth.xml:1368(programlisting)
15050
15045
#, no-wrap
15051
15046
msgid ""
15052
15047
"\n"
15055
15050
"cert_signing_key\n"
15056
15051
msgstr ""
15057
15052
15058
#: serverguide/C/network-auth.xml:1370(para)
15053
#: serverguide/C/network-auth.xml:1377(para)
15059
15054
msgid "Create the self-signed CA certificate:"
15060
15055
msgstr ""
15061
15056
15062
#: serverguide/C/network-auth.xml:1375(command)
15057
#: serverguide/C/network-auth.xml:1382(command)
15063
15058
msgid ""
15064
15059
"sudo certtool --generate-self-signed \\ --load-privkey "
15065
15060
"/etc/ssl/private/cakey.pem \\ --template /etc/ssl/ca.info \\ --outfile "
15066
15061
"/etc/ssl/certs/cacert.pem"
15067
15062
msgstr ""
15068
15063
15069
#: serverguide/C/network-auth.xml:1384(para)
15064
#: serverguide/C/network-auth.xml:1391(para)
15070
15065
msgid "Make a private key for the server:"
15071
15066
msgstr "Ustvarite zasebni ključ strežnika:"
15072
15067
15073
#: serverguide/C/network-auth.xml:1389(command)
15068
#: serverguide/C/network-auth.xml:1396(command)
15074
15069
msgid ""
15075
15070
"sudo certtool --generate-privkey \\ --bits 1024 \\ --outfile "
15076
15071
"/etc/ssl/private/ldap01_slapd_key.pem"
15077
15072
msgstr ""
15078
15073
15079
#: serverguide/C/network-auth.xml:1395(para)
15074
#: serverguide/C/network-auth.xml:1402(para)
15080
15075
msgid ""
15081
15076
"Replace <emphasis>ldap01</emphasis> in the filename with your server's "
15082
15077
"hostname. Naming the certificate and key for the host and service that will "
15083
15078
"be using them will help keep things clear."
15084
15079
msgstr ""
15085
15080
15086
#: serverguide/C/network-auth.xml:1404(para)
15081
#: serverguide/C/network-auth.xml:1411(para)
15087
15082
msgid ""
15088
15083
"Create the <filename>/etc/ssl/ldap01.info</filename> info file containing:"
15089
15084
msgstr ""
15090
15085
15091
#: serverguide/C/network-auth.xml:1408(programlisting)
15086
#: serverguide/C/network-auth.xml:1415(programlisting)
15092
15087
#, no-wrap
15093
15088
msgid ""
15094
15089
"\n"
15100
15095
"expiration_days = 3650\n"
15101
15096
msgstr ""
15102
15097
15103
#: serverguide/C/network-auth.xml:1417(para)
15098
#: serverguide/C/network-auth.xml:1424(para)
15104
15099
msgid "The above certificate is good for 10 years. Adjust accordingly."
15105
15100
msgstr ""
15106
15101
15107
#: serverguide/C/network-auth.xml:1423(para)
15102
#: serverguide/C/network-auth.xml:1430(para)
15108
15103
msgid "Create the server's certificate:"
15109
15104
msgstr "Ustvarite potrdilo strežnika:"
15110
15105
15111
#: serverguide/C/network-auth.xml:1428(command)
15106
#: serverguide/C/network-auth.xml:1435(command)
15112
15107
msgid ""
15113
15108
"sudo certtool --generate-certificate \\ --load-privkey "
15114
15109
"/etc/ssl/private/ldap01_slapd_key.pem \\ --load-ca-certificate "
15117
15112
"/etc/ssl/certs/ldap01_slapd_cert.pem"
15118
15113
msgstr ""
15119
15114
15120
#: serverguide/C/network-auth.xml:1440(para)
15115
#: serverguide/C/network-auth.xml:1447(para)
15121
15116
msgid ""
15122
15117
"Create the file <filename>certinfo.ldif</filename> with the following "
15123
15118
"contents (adjust accordingly, our example assumes we created certs using "
15124
15119
"https://www.cacert.org):"
15125
15120
msgstr ""
15126
15121
15127
#: serverguide/C/network-auth.xml:1444(programlisting)
15122
#: serverguide/C/network-auth.xml:1451(programlisting)
15128
15123
#, no-wrap
15129
15124
msgid ""
15130
15125
"\n"
15139
15134
"olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem\n"
15140
15135
msgstr ""
15141
15136
15142
#: serverguide/C/network-auth.xml:1456(para)
15137
#: serverguide/C/network-auth.xml:1463(para)
15143
15138
msgid ""
15144
15139
"Use the <application>ldapmodify</application> command to tell slapd about "
15145
15140
"our TLS work via the slapd-config database:"
15146
15141
msgstr ""
15147
15142
15148
#: serverguide/C/network-auth.xml:1461(command)
15143
#: serverguide/C/network-auth.xml:1468(command)
15149
15144
msgid "sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f /etc/ssl/certinfo.ldif"
15150
15145
msgstr ""
15151
15146
15152
#: serverguide/C/network-auth.xml:1464(para)
15147
#: serverguide/C/network-auth.xml:1471(para)
15153
15148
msgid ""
15154
15149
"Contratry to popular belief, you do not need <emphasis>ldaps://</emphasis> "
15155
15150
"in <filename>/etc/default/slapd</filename> in order to use encryption. You "
15156
15151
"should have just:"
15157
15152
msgstr ""
15158
15153
15159
#: serverguide/C/network-auth.xml:1469(programlisting)
15154
#: serverguide/C/network-auth.xml:1476(programlisting)
15160
15155
#, no-wrap
15161
15156
msgid ""
15162
15157
"\n"
15163
15158
"SLAPD_SERVICES=\"ldap:/// ldapi:///\"\n"
15164
15159
msgstr ""
15165
15160
15166
#: serverguide/C/network-auth.xml:1474(para)
15161
#: serverguide/C/network-auth.xml:1481(para)
15167
15162
msgid ""
15168
15163
"LDAP over TLS/SSL (ldaps://) is deprecated in favour of "
15169
15164
"<emphasis>StartTLS</emphasis>. The latter refers to an existing LDAP session "
15172
15167
"over TCP port 636."
15173
15168
msgstr ""
15174
15169
15175
#: serverguide/C/network-auth.xml:1482(para)
15170
#: serverguide/C/network-auth.xml:1489(para)
15176
15171
msgid "Tighten up ownership and permissions:"
15177
15172
msgstr ""
15178
15173
15179
#: serverguide/C/network-auth.xml:1487(command) serverguide/C/network-auth.xml:1604(command)
15174
#: serverguide/C/network-auth.xml:1494(command) serverguide/C/network-auth.xml:1611(command)
15180
15175
msgid "sudo adduser openldap ssl-cert"
15181
15176
msgstr "sudo adduser openldap ssl-cert"
15182
15177
15183
#: serverguide/C/network-auth.xml:1488(command)
15178
#: serverguide/C/network-auth.xml:1495(command)
15184
15179
msgid "sudo chgrp ssl-cert /etc/ssl/private/ldap01_slapd_key.pem"
15185
15180
msgstr ""
15186
15181
15187
#: serverguide/C/network-auth.xml:1489(command)
15182
#: serverguide/C/network-auth.xml:1496(command)
15188
15183
msgid "sudo chmod g+r /etc/ssl/private/ldap01_slapd_key.pem"
15189
15184
msgstr ""
15190
15185
15191
#: serverguide/C/network-auth.xml:1490(command)
15186
#: serverguide/C/network-auth.xml:1497(command)
15192
15187
msgid "sudo chmod o-r /etc/ssl/private/ldap01_slapd_key.pem"
15193
15188
msgstr ""
15194
15189
15195
#: serverguide/C/network-auth.xml:1493(para)
15190
#: serverguide/C/network-auth.xml:1500(para)
15196
15191
msgid "Restart OpenLDAP:"
15197
15192
msgstr ""
15198
15193
15199
#: serverguide/C/network-auth.xml:1501(para)
15194
#: serverguide/C/network-auth.xml:1508(para)
15200
15195
msgid ""
15201
15196
"Check your host's logs (/var/log/syslog) to see if the server has started "
15202
15197
"properly."
15203
15198
msgstr ""
15204
15199
15205
#: serverguide/C/network-auth.xml:1508(title)
15200
#: serverguide/C/network-auth.xml:1515(title)
15206
15201
msgid "Replication and TLS"
15207
15202
msgstr ""
15208
15203
15209
#: serverguide/C/network-auth.xml:1510(para)
15204
#: serverguide/C/network-auth.xml:1517(para)
15210
15205
msgid ""
15211
15206
"If you have set up replication between servers, it is common practice to "
15212
15207
"encrypt (StartTLS) the replication traffic to prevent evesdropping. This is "
15214
15209
"section we will build on that TLS-authentication work."
15215
15210
msgstr ""
15216
15211
15217
#: serverguide/C/network-auth.xml:1516(para)
15212
#: serverguide/C/network-auth.xml:1523(para)
15218
15213
msgid ""
15219
15214
"The assumption here is that you have set up replication between Provider and "
15220
15215
"Consumer according to <xref linkend=\"openldap-server-replication\"/> and "
15222
15217
"linkend=\"openldap-tls\"/>."
15223
15218
msgstr ""
15224
15219
15225
#: serverguide/C/network-auth.xml:1521(para)
15220
#: serverguide/C/network-auth.xml:1528(para)
15226
15221
msgid ""
15227
15222
"As previously stated, the objective (for us) with replication is high "
15228
15223
"availablity for the LDAP service. Since we have TLS for authentication on "
15234
15229
"material over to the Consumer."
15235
15230
msgstr ""
15236
15231
15237
#: serverguide/C/network-auth.xml:1532(para) serverguide/C/network-auth.xml:1689(para)
15232
#: serverguide/C/network-auth.xml:1539(para) serverguide/C/network-auth.xml:1696(para)
15238
15233
msgid "On the Provider,"
15239
15234
msgstr ""
15240
15235
15241
#: serverguide/C/network-auth.xml:1536(para)
15236
#: serverguide/C/network-auth.xml:1543(para)
15242
15237
msgid ""
15243
15238
"Create a holding directory (which will be used for the eventual transfer) "
15244
15239
"and then the Consumer's private key:"
15245
15240
msgstr ""
15246
15241
15247
#: serverguide/C/network-auth.xml:1541(command)
15242
#: serverguide/C/network-auth.xml:1548(command)
15248
15243
msgid "mkdir ldap02-ssl"
15249
15244
msgstr "mkdir ldap02-ssl"
15250
15245
15251
#: serverguide/C/network-auth.xml:1542(command)
15246
#: serverguide/C/network-auth.xml:1549(command)
15252
15247
msgid "cd ldap02-ssl"
15253
15248
msgstr "cd ldap02-ssl"
15254
15249
15255
#: serverguide/C/network-auth.xml:1543(command)
15250
#: serverguide/C/network-auth.xml:1550(command)
15256
15251
msgid ""
15257
15252
"sudo certtool --generate-privkey \\ --bits 1024 \\ --outfile "
15258
15253
"ldap02_slapd_key.pem"
15259
15254
msgstr ""
15260
15255
15261
#: serverguide/C/network-auth.xml:1548(para)
15256
#: serverguide/C/network-auth.xml:1555(para)
15262
15257
msgid ""
15263
15258
"Create an info file, <filename>ldap02.info</filename>, for the Consumer "
15264
15259
"server, adjusting its values accordingly:"
15265
15260
msgstr ""
15266
15261
15267
#: serverguide/C/network-auth.xml:1552(programlisting)
15262
#: serverguide/C/network-auth.xml:1559(programlisting)
15268
15263
#, no-wrap
15269
15264
msgid ""
15270
15265
"\n"
15276
15271
"expiration_days = 3650\n"
15277
15272
msgstr ""
15278
15273
15279
#: serverguide/C/network-auth.xml:1561(para)
15274
#: serverguide/C/network-auth.xml:1568(para)
15280
15275
msgid "Create the Consumer's certificate:"
15281
15276
msgstr ""
15282
15277
15283
#: serverguide/C/network-auth.xml:1566(command)
15278
#: serverguide/C/network-auth.xml:1573(command)
15284
15279
msgid ""
15285
15280
"sudo certtool --generate-certificate \\ --load-privkey ldap02_slapd_key.pem "
15286
15281
"\\ --load-ca-certificate /etc/ssl/certs/cacert.pem \\ --load-ca-privkey "
15288
15283
"ldap02_slapd_cert.pem"
15289
15284
msgstr ""
15290
15285
15291
#: serverguide/C/network-auth.xml:1574(para)
15286
#: serverguide/C/network-auth.xml:1581(para)
15292
15287
msgid "Get a copy of the CA certificate:"
15293
15288
msgstr ""
15294
15289
15295
#: serverguide/C/network-auth.xml:1579(command)
15290
#: serverguide/C/network-auth.xml:1586(command)
15296
15291
msgid "cp /etc/ssl/certs/cacert.pem ."
15297
15292
msgstr "cp /etc/ssl/certs/cacert.pem ."
15298
15293
15299
#: serverguide/C/network-auth.xml:1582(para)
15294
#: serverguide/C/network-auth.xml:1589(para)
15300
15295
msgid ""
15301
15296
"We're done. Now transfer the <filename>ldap02-ssl</filename> directory to "
15302
15297
"the Consumer. Here we use scp (adjust accordingly):"
15303
15298
msgstr ""
15304
15299
15305
#: serverguide/C/network-auth.xml:1587(command)
15300
#: serverguide/C/network-auth.xml:1594(command)
15306
15301
msgid "cd .."
15307
15302
msgstr ""
15308
15303
15309
#: serverguide/C/network-auth.xml:1588(command)
15304
#: serverguide/C/network-auth.xml:1595(command)
15310
15305
msgid "scp -r ldap02-ssl user@consumer:"
15311
15306
msgstr ""
15312
15307
15313
#: serverguide/C/network-auth.xml:1594(para) serverguide/C/network-auth.xml:1642(para)
15308
#: serverguide/C/network-auth.xml:1601(para) serverguide/C/network-auth.xml:1649(para)
15314
15309
msgid "On the Consumer,"
15315
15310
msgstr ""
15316
15311
15317
#: serverguide/C/network-auth.xml:1598(para)
15312
#: serverguide/C/network-auth.xml:1605(para)
15318
15313
msgid "Configure TLS authentication:"
15319
15314
msgstr ""
15320
15315
15321
#: serverguide/C/network-auth.xml:1603(command)
15316
#: serverguide/C/network-auth.xml:1610(command)
15322
15317
msgid "sudo apt-get install ssl-cert"
15323
15318
msgstr ""
15324
15319
15325
#: serverguide/C/network-auth.xml:1605(command)
15320
#: serverguide/C/network-auth.xml:1612(command)
15326
15321
msgid "sudo cp ldap02_slapd_cert.pem cacert.pem /etc/ssl/certs"
15327
15322
msgstr ""
15328
15323
15329
#: serverguide/C/network-auth.xml:1606(command)
15324
#: serverguide/C/network-auth.xml:1613(command)
15330
15325
msgid "sudo cp ldap02_slapd_key.pem /etc/ssl/private"
15331
15326
msgstr ""
15332
15327
15333
#: serverguide/C/network-auth.xml:1607(command)
15328
#: serverguide/C/network-auth.xml:1614(command)
15334
15329
msgid "sudo chgrp ssl-cert /etc/ssl/private/ldap02_slapd_key.pem"
15335
15330
msgstr ""
15336
15331
15337
#: serverguide/C/network-auth.xml:1608(command)
15332
#: serverguide/C/network-auth.xml:1615(command)
15338
15333
msgid "sudo chmod g+r /etc/ssl/private/ldap02_slapd_key.pem"
15339
15334
msgstr ""
15340
15335
15341
#: serverguide/C/network-auth.xml:1609(command)
15336
#: serverguide/C/network-auth.xml:1616(command)
15342
15337
msgid "sudo chmod o-r /etc/ssl/private/ldap02_slapd_key.pem"
15343
15338
msgstr ""
15344
15339
15345
#: serverguide/C/network-auth.xml:1612(para)
15340
#: serverguide/C/network-auth.xml:1619(para)
15346
15341
msgid ""
15347
15342
"Create the file <filename>/etc/ssl/certinfo.ldif</filename> with the "
15348
15343
"following contents (adjust accordingly):"
15349
15344
msgstr ""
15350
15345
15351
#: serverguide/C/network-auth.xml:1616(programlisting)
15346
#: serverguide/C/network-auth.xml:1623(programlisting)
15352
15347
#, no-wrap
15353
15348
msgid ""
15354
15349
"\n"
15363
15358
"olcTLSCertificateKeyFile: /etc/ssl/private/ldap02_slapd_key.pem\n"
15364
15359
msgstr ""
15365
15360
15366
#: serverguide/C/network-auth.xml:1628(para)
15361
#: serverguide/C/network-auth.xml:1635(para)
15367
15362
msgid "Configure the slapd-config database:"
15368
15363
msgstr ""
15369
15364
15370
#: serverguide/C/network-auth.xml:1633(command)
15365
#: serverguide/C/network-auth.xml:1640(command)
15371
15366
msgid "sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f certinfo.ldif"
15372
15367
msgstr ""
15373
15368
15374
#: serverguide/C/network-auth.xml:1636(para)
15369
#: serverguide/C/network-auth.xml:1643(para)
15375
15370
msgid ""
15376
15371
"Configure <filename>/etc/default/slapd</filename> as on the Provider "
15377
15372
"(SLAPD_SERVICES)."
15378
15373
msgstr ""
15379
15374
15380
#: serverguide/C/network-auth.xml:1646(para)
15375
#: serverguide/C/network-auth.xml:1653(para)
15381
15376
msgid ""
15382
15377
"Configure TLS for Consumer-side replication. Modify the existing "
15383
15378
"<emphasis>olcSyncrepl</emphasis> attribute by tacking on some TLS options. "
15385
15380
"value(s)."
15386
15381
msgstr ""
15387
15382
15388
#: serverguide/C/network-auth.xml:1651(para)
15383
#: serverguide/C/network-auth.xml:1658(para)
15389
15384
msgid ""
15390
15385
"Create the file <filename>consumer_sync_tls.ldif</filename> with the "
15391
15386
"following contents:"
15392
15387
msgstr ""
15393
15388
15394
#: serverguide/C/network-auth.xml:1660(programlisting)
15389
#: serverguide/C/network-auth.xml:1662(programlisting)
15395
15390
#, no-wrap
15396
15391
msgid ""
15397
15392
"\n"
15406
15401
" starttls=critical tls_reqcert=demand\n"
15407
15402
msgstr ""
15408
15403
15409
#: serverguide/C/network-auth.xml:1665(para)
15404
#: serverguide/C/network-auth.xml:1672(para)
15410
15405
msgid ""
15411
15406
"The extra options specify, respectively, that the consumer must use StartTLS "
15412
15407
"and that the CA certificate is required to verify the Provider's identity. "
15414
15409
"('replace')."
15415
15410
msgstr ""
15416
15411
15417
#: serverguide/C/network-auth.xml:1670(para)
15412
#: serverguide/C/network-auth.xml:1677(para)
15418
15413
msgid "Implement these changes:"
15419
15414
msgstr ""
15420
15415
15421
#: serverguide/C/network-auth.xml:1675(command)
15416
#: serverguide/C/network-auth.xml:1682(command)
15422
15417
msgid "sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f consumer_sync_tls.ldif"
15423
15418
msgstr ""
15424
15419
15425
#: serverguide/C/network-auth.xml:1678(para)
15420
#: serverguide/C/network-auth.xml:1685(para)
15426
15421
msgid "And restart slapd:"
15427
15422
msgstr ""
15428
15423
15429
#: serverguide/C/network-auth.xml:1693(para)
15424
#: serverguide/C/network-auth.xml:1700(para)
15430
15425
msgid ""
15431
15426
"Check to see that a TLS session has been established. In "
15432
15427
"<filename>/var/log/syslog</filename>, providing you have 'conns'-level "
15433
15428
"logging set up, you should see messages similar to:"
15434
15429
msgstr ""
15435
15430
15436
#: serverguide/C/network-auth.xml:1698(programlisting)
15431
#: serverguide/C/network-auth.xml:1705(programlisting)
15437
15432
#, no-wrap
15438
15433
msgid ""
15439
15434
"\n"
15450
15445
"slapd[3620]: conn=1047 op=1 RESULT tag=97 err=0 text\n"
15451
15446
msgstr ""
15452
15447
15453
#: serverguide/C/network-auth.xml:1716(title)
15448
#: serverguide/C/network-auth.xml:1723(title)
15454
15449
msgid "LDAP Authentication"
15455
15450
msgstr "Overitev LDAP"
15456
15451
15457
#: serverguide/C/network-auth.xml:1723(para)
15452
#: serverguide/C/network-auth.xml:1725(para)
15458
15453
msgid ""
15459
15454
"Once you have a working LDAP server, you will need to install libraries on "
15460
15455
"the client that will know how and when to contact it. On Ubuntu, this has "
15463
15458
"assist you in the configuration step. Install this package now:"
15464
15459
msgstr ""
15465
15460
15466
#: serverguide/C/network-auth.xml:1725(command)
15461
#: serverguide/C/network-auth.xml:1732(command)
15467
15462
msgid "sudo apt-get install libnss-ldap"
15468
15463
msgstr "sudo apt-get install libnss-ldap"
15469
15464
15470
#: serverguide/C/network-auth.xml:1728(para)
15465
#: serverguide/C/network-auth.xml:1735(para)
15471
15466
msgid ""
15472
15467
"You will be prompted for details of your LDAP server. If you make a mistake "
15473
15468
"you can try again using:"
15474
15469
msgstr ""
15475
15470
15476
#: serverguide/C/network-auth.xml:1733(command)
15471
#: serverguide/C/network-auth.xml:1740(command)
15477
15472
msgid "sudo dpkg-reconfigure ldap-auth-config"
15478
15473
msgstr "sudo dpkg-reconfigure ldap-auth-config"
15479
15474
15480
#: serverguide/C/network-auth.xml:1736(para)
15475
#: serverguide/C/network-auth.xml:1743(para)
15481
15476
msgid ""
15482
15477
"The results of the dialog can be seen in "
15483
15478
"<filename>/etc/ldap.conf</filename>. If your server requires options not "
15484
15479
"covered in the menu edit this file accordingly."
15485
15480
msgstr ""
15486
15481
15487
#: serverguide/C/network-auth.xml:1741(para)
15482
#: serverguide/C/network-auth.xml:1748(para)
15488
15483
msgid "Now configure the LDAP profile for NSS:"
15489
15484
msgstr ""
15490
15485
15491
#: serverguide/C/network-auth.xml:1746(command)
15486
#: serverguide/C/network-auth.xml:1753(command)
15492
15487
msgid "sudo auth-client-config -t nss -p lac_ldap"
15493
15488
msgstr "sudo auth-client-config -t nss -p lac_ldap"
15494
15489
15495
#: serverguide/C/network-auth.xml:1749(para)
15490
#: serverguide/C/network-auth.xml:1756(para)
15496
15491
msgid "Configure the system to use LDAP for authentication:"
15497
15492
msgstr ""
15498
15493
15499
#: serverguide/C/network-auth.xml:1754(command)
15494
#: serverguide/C/network-auth.xml:1761(command)
15500
15495
msgid "sudo pam-auth-update"
15501
15496
msgstr "sudo pam-auth-update"
15502
15497
15503
#: serverguide/C/network-auth.xml:1757(para)
15498
#: serverguide/C/network-auth.xml:1764(para)
15504
15499
msgid ""
15505
15500
"From the menu, choose LDAP and any other authentication mechanisms you need."
15506
15501
msgstr ""
15507
15502
15508
#: serverguide/C/network-auth.xml:1761(para)
15503
#: serverguide/C/network-auth.xml:1768(para)
15509
15504
msgid "You should now be able to log in using LDAP-based credentials."
15510
15505
msgstr ""
15511
15506
15512
#: serverguide/C/network-auth.xml:1765(para)
15507
#: serverguide/C/network-auth.xml:1772(para)
15513
15508
msgid ""
15514
15509
"LDAP clients will need to refer to multiple servers if replication is in "
15515
15510
"use. In <filename>/etc/ldap.conf</filename> you would have something like:"
15516
15511
msgstr ""
15517
15512
15518
#: serverguide/C/network-auth.xml:1770(programlisting)
15513
#: serverguide/C/network-auth.xml:1777(programlisting)
15519
15514
#, no-wrap
15520
15515
msgid ""
15521
15516
"\n"
15522
15517
"uri ldap://ldap01.example.com ldap://ldap02.example.com\n"
15523
15518
msgstr ""
15524
15519
15525
#: serverguide/C/network-auth.xml:1774(para)
15520
#: serverguide/C/network-auth.xml:1781(para)
15526
15521
msgid ""
15527
15522
"The request will time out and the Consumer (ldap02) will attempt to be "
15528
15523
"reached if the Provider (ldap01) becomes unresponsive."
15529
15524
msgstr ""
15530
15525
15531
#: serverguide/C/network-auth.xml:1778(para)
15526
#: serverguide/C/network-auth.xml:1785(para)
15532
15527
msgid ""
15533
15528
"If you are going to use LDAP to store Samba users you will need to configure "
15534
15529
"the Samba server to authenticate using LDAP. See <xref linkend=\"samba-"
15535
15530
"ldap\"/> for details."
15536
15531
msgstr ""
15537
15532
15538
#: serverguide/C/network-auth.xml:1784(para)
15533
#: serverguide/C/network-auth.xml:1791(para)
15539
15534
msgid ""
15540
15535
"An alternative to the <application>libnss-ldap</application> package is the "
15541
15536
"<application>libnss-ldapd</application> package. This, however, will bring "
15543
15538
"wanted. Simply remove it afterwards."
15544
15539
msgstr ""
15545
15540
15546
#: serverguide/C/network-auth.xml:1794(title)
15541
#: serverguide/C/network-auth.xml:1801(title)
15547
15542
msgid "User and Group Management"
15548
15543
msgstr "Upravljanje uporabnikov in skupin"
15549
15544
15550
#: serverguide/C/network-auth.xml:1796(para)
15545
#: serverguide/C/network-auth.xml:1803(para)
15551
15546
msgid ""
15552
15547
"The <application>ldap-utils</application> package comes with enough "
15553
15548
"utilities to manage the directory but the long string of options needed can "
15556
15551
"easier to use."
15557
15552
msgstr ""
15558
15553
15559
#: serverguide/C/network-auth.xml:1802(para)
15554
#: serverguide/C/network-auth.xml:1809(para)
15560
15555
msgid "Install the package:"
15561
15556
msgstr ""
15562
15557
15563
#: serverguide/C/network-auth.xml:1807(command)
15558
#: serverguide/C/network-auth.xml:1814(command)
15564
15559
msgid "sudo apt-get install ldapscripts"
15565
15560
msgstr "sudo apt-get install ldapscripts"
15566
15561
15567
#: serverguide/C/network-auth.xml:1810(para)
15562
#: serverguide/C/network-auth.xml:1817(para)
15568
15563
msgid ""
15569
15564
"Then edit the file <filename>/etc/ldapscripts/ldapscripts.conf</filename> to "
15570
15565
"arrive at something similar to the following:"
15571
15566
msgstr ""
15572
15567
15573
#: serverguide/C/network-auth.xml:1814(programlisting)
15568
#: serverguide/C/network-auth.xml:1821(programlisting)
15574
15569
#, no-wrap
15575
15570
msgid ""
15576
15571
"\n"
15586
15581
"MIDSTART=10000\n"
15587
15582
msgstr ""
15588
15583
15589
#: serverguide/C/network-auth.xml:1827(para)
15584
#: serverguide/C/network-auth.xml:1834(para)
15590
15585
msgid ""
15591
15586
"Now, create the <filename>ldapscripts.passwd</filename> file to allow rootDN "
15592
15587
"access to the directory:"
15593
15588
msgstr ""
15594
15589
15595
#: serverguide/C/network-auth.xml:1832(command)
15590
#: serverguide/C/network-auth.xml:1839(command)
15596
15591
msgid ""
15597
15592
"sudo sh -c \"echo -n 'secret' > /etc/ldapscripts/ldapscripts.passwd\""
15598
15593
msgstr ""
15599
15594
15600
#: serverguide/C/network-auth.xml:1833(command)
15595
#: serverguide/C/network-auth.xml:1840(command)
15601
15596
msgid "sudo chmod 400 /etc/ldapscripts/ldapscripts.passwd"
15602
15597
msgstr "sudo chmod 400 /etc/ldapscripts/ldapscripts.passwd"
15603
15598
15604
#: serverguide/C/network-auth.xml:1837(para)
15599
#: serverguide/C/network-auth.xml:1844(para)
15605
15600
msgid ""
15606
15601
"Replace <quote>secret</quote> with the actual password for your database's "
15607
15602
"rootDN user."
15608
15603
msgstr ""
15609
15604
15610
#: serverguide/C/network-auth.xml:1842(para)
15605
#: serverguide/C/network-auth.xml:1849(para)
15611
15606
msgid ""
15612
15607
"The scripts are now ready to help manage your directory. Here are some "
15613
15608
"examples of how to use them:"
15614
15609
msgstr ""
15615
15610
15616
#: serverguide/C/network-auth.xml:1849(para)
15611
#: serverguide/C/network-auth.xml:1856(para)
15617
15612
msgid "Create a new user:"
15618
15613
msgstr "Ustvarite novega uporabnika"
15619
15614
15620
#: serverguide/C/network-auth.xml:1854(command)
15615
#: serverguide/C/network-auth.xml:1861(command)
15621
15616
msgid "sudo ldapadduser george example"
15622
15617
msgstr "sudo ldapadduser gregor primer"
15623
15618
15624
#: serverguide/C/network-auth.xml:1857(para)
15619
#: serverguide/C/network-auth.xml:1864(para)
15625
15620
msgid ""
15626
15621
"This will create a user with uid <emphasis role=\"italic\">george</emphasis> "
15627
15622
"and set the user's primary group (gid) to <emphasis "
15628
15623
"role=\"italic\">example</emphasis>"
15629
15624
msgstr ""
15630
15625
15631
#: serverguide/C/network-auth.xml:1864(para)
15626
#: serverguide/C/network-auth.xml:1871(para)
15632
15627
msgid "Change a user's password:"
15633
15628
msgstr "Spremenite geslo uporabnika:"
15634
15629
15635
#: serverguide/C/network-auth.xml:1869(command)
15630
#: serverguide/C/network-auth.xml:1876(command)
15636
15631
msgid "sudo ldapsetpasswd george"
15637
15632
msgstr "sudo ldapsetpasswd gregor"
15638
15633
15639
#: serverguide/C/network-auth.xml:1870(computeroutput)
15634
#: serverguide/C/network-auth.xml:1877(computeroutput)
15640
15635
#, no-wrap
15641
15636
msgid "Changing password for user uid=george,ou=People,dc=example,dc=com"
15642
15637
msgstr ""
15643
15638
15644
#: serverguide/C/network-auth.xml:1871(userinput)
15639
#: serverguide/C/network-auth.xml:1878(userinput)
15645
15640
#, no-wrap
15646
15641
msgid "New Password: "
15647
15642
msgstr "Novo geslo: "
15648
15643
15649
#: serverguide/C/network-auth.xml:1872(userinput)
15644
#: serverguide/C/network-auth.xml:1879(userinput)
15650
15645
#, no-wrap
15651
15646
msgid "New Password (verify): "
15652
15647
msgstr ""
15653
15648
15654
#: serverguide/C/network-auth.xml:1878(para)
15649
#: serverguide/C/network-auth.xml:1885(para)
15655
15650
msgid "Delete a user:"
15656
15651
msgstr "Izbrišite uporabnika:"
15657
15652
15658
#: serverguide/C/network-auth.xml:1883(command)
15653
#: serverguide/C/network-auth.xml:1890(command)
15659
15654
msgid "sudo ldapdeleteuser george"
15660
15655
msgstr "sudo ldapdeleteuser gregor"
15661
15656
15662
#: serverguide/C/network-auth.xml:1889(para)
15657
#: serverguide/C/network-auth.xml:1896(para)
15663
15658
msgid "Add a group:"
15664
15659
msgstr "Dodajte skupino:"
15665
15660
15666
#: serverguide/C/network-auth.xml:1894(command)
15661
#: serverguide/C/network-auth.xml:1901(command)
15667
15662
msgid "sudo ldapaddgroup qa"
15668
15663
msgstr "sudo ldapaddgroup qa"
15669
15664
15670
#: serverguide/C/network-auth.xml:1900(para)
15665
#: serverguide/C/network-auth.xml:1907(para)
15671
15666
msgid "Delete a group:"
15672
15667
msgstr "Odstranite skupino:"
15673
15668
15674
#: serverguide/C/network-auth.xml:1905(command)
15669
#: serverguide/C/network-auth.xml:1912(command)
15675
15670
msgid "sudo ldapdeletegroup qa"
15676
15671
msgstr "sudo ldapdeletegroup qa"
15677
15672
15678
#: serverguide/C/network-auth.xml:1911(para)
15673
#: serverguide/C/network-auth.xml:1918(para)
15679
15674
msgid "Add a user to a group:"
15680
15675
msgstr "Dodajte uporabnika skupini:"
15681
15676
15682
#: serverguide/C/network-auth.xml:1916(command)
15677
#: serverguide/C/network-auth.xml:1923(command)
15683
15678
msgid "sudo ldapaddusertogroup george qa"
15684
15679
msgstr "sudo ldapaddusertogroup gregor qa"
15685
15680
15686
#: serverguide/C/network-auth.xml:1919(para)
15681
#: serverguide/C/network-auth.xml:1926(para)
15687
15682
msgid ""
15688
15683
"You should now see a <emphasis>memberUid</emphasis> attribute for the "
15689
15684
"<emphasis role=\"italic\">qa</emphasis> group with a value of <emphasis "
15690
15685
"role=\"italic\">george</emphasis>."
15691
15686
msgstr ""
15692
15687
15693
#: serverguide/C/network-auth.xml:1926(para)
15688
#: serverguide/C/network-auth.xml:1933(para)
15694
15689
msgid "Remove a user from a group:"
15695
15690
msgstr "Odstranite uporabnika iz skupine:"
15696
15691
15697
#: serverguide/C/network-auth.xml:1931(command)
15692
#: serverguide/C/network-auth.xml:1938(command)
15698
15693
msgid "sudo ldapdeleteuserfromgroup george qa"
15699
15694
msgstr "sudo ldapdeleteuserfromgroup gregor qa"
15700
15695
15701
#: serverguide/C/network-auth.xml:1934(para)
15696
#: serverguide/C/network-auth.xml:1941(para)
15702
15697
msgid ""
15703
15698
"The <emphasis>memberUid</emphasis> attribute should now be removed from the "
15704
15699
"<emphasis role=\"italic\">qa</emphasis> group."
15705
15700
msgstr ""
15706
15701
15707
#: serverguide/C/network-auth.xml:1941(para)
15702
#: serverguide/C/network-auth.xml:1948(para)
15708
15703
msgid ""
15709
15704
"The <application>ldapmodifyuser</application> script allows you to add, "
15710
15705
"remove, or replace a user's attributes. The script uses the same syntax as "
15711
15706
"the <application>ldapmodify</application> utility. For example:"
15712
15707
msgstr ""
15713
15708
15714
#: serverguide/C/network-auth.xml:1947(command)
15709
#: serverguide/C/network-auth.xml:1954(command)
15715
15710
msgid "sudo ldapmodifyuser george"
15716
15711
msgstr "sudo ldapmodifyuser gregor"
15717
15712
15718
#: serverguide/C/network-auth.xml:1948(computeroutput)
15713
#: serverguide/C/network-auth.xml:1955(computeroutput)
15719
15714
#, no-wrap
15720
15715
msgid ""
15721
15716
"# About to modify the following entry :\n"
15736
15731
"dn: uid=george,ou=People,dc=example,dc=com"
15737
15732
msgstr ""
15738
15733
15739
#: serverguide/C/network-auth.xml:1964(userinput)
15734
#: serverguide/C/network-auth.xml:1971(userinput)
15740
15735
#, no-wrap
15741
15736
msgid ""
15742
15737
"replace: gecos\n"
15743
15738
"gecos: George Carlin"
15744
15739
msgstr ""
15745
15740
15746
#: serverguide/C/network-auth.xml:1968(para)
15741
#: serverguide/C/network-auth.xml:1975(para)
15747
15742
msgid ""
15748
15743
"The user's <emphasis>gecos</emphasis> should now be <quote>George "
15749
15744
"Carlin</quote>."
15750
15745
msgstr ""
15751
15746
15752
#: serverguide/C/network-auth.xml:1979(para)
15747
#: serverguide/C/network-auth.xml:1981(para)
15753
15748
msgid ""
15754
15749
"A nice feature of <application>ldapscripts</application> is the template "
15755
15750
"system. Templates allow you to customize the attributes of user, group, and "
15758
15753
"changing:"
15759
15754
msgstr ""
15760
15755
15761
#: serverguide/C/network-auth.xml:1980(programlisting)
15756
#: serverguide/C/network-auth.xml:1987(programlisting)
15762
15757
#, no-wrap
15763
15758
msgid ""
15764
15759
"\n"
15765
15760
"UTEMPLATE=\"/etc/ldapscripts/ldapadduser.template\"\n"
15766
15761
msgstr ""
15767
15762
15768
#: serverguide/C/network-auth.xml:1984(para)
15763
#: serverguide/C/network-auth.xml:1991(para)
15769
15764
msgid ""
15770
15765
"There are <emphasis role=\"italic\">sample</emphasis> templates in the "
15771
15766
"<filename>/usr/share/doc/ldapscripts/examples</filename> directory. Copy or "
15773
15768
"<filename>/etc/ldapscripts/ldapadduser.template</filename>:"
15774
15769
msgstr ""
15775
15770
15776
#: serverguide/C/network-auth.xml:1991(command)
15771
#: serverguide/C/network-auth.xml:1998(command)
15777
15772
msgid ""
15778
15773
"sudo cp /usr/share/doc/ldapscripts/examples/ldapadduser.template.sample \\ "
15779
15774
"/etc/ldapscripts/ldapadduser.template"
15780
15775
msgstr ""
15781
15776
15782
#: serverguide/C/network-auth.xml:1995(para)
15777
#: serverguide/C/network-auth.xml:2002(para)
15783
15778
msgid ""
15784
15779
"Edit the new template to add the desired attributes. The following will "
15785
15780
"create new users with an objectClass of inetOrgPerson:"
15786
15781
msgstr ""
15787
15782
15788
#: serverguide/C/network-auth.xml:2000(programlisting)
15783
#: serverguide/C/network-auth.xml:2007(programlisting)
15789
15784
#, no-wrap
15790
15785
msgid ""
15791
15786
"\n"
15804
15799
"title: Employee\n"
15805
15800
msgstr ""
15806
15801
15807
#: serverguide/C/network-auth.xml:2016(para)
15802
#: serverguide/C/network-auth.xml:2023(para)
15808
15803
msgid ""
15809
15804
"Notice the <emphasis><ask></emphasis> option used for the "
15810
15805
"<emphasis>sn</emphasis> attribute. This will make "
15811
15806
"<application>ldapadduser</application> prompt you for its value."
15812
15807
msgstr ""
15813
15808
15814
#: serverguide/C/network-auth.xml:2024(para)
15809
#: serverguide/C/network-auth.xml:2031(para)
15815
15810
msgid ""
15816
15811
"There are utilities in the package that were not covered here. Here is a "
15817
15812
"complete list:"
15818
15813
msgstr ""
15819
15814
15820
#: serverguide/C/network-auth.xml:2029(ulink)
15815
#: serverguide/C/network-auth.xml:2036(ulink)
15821
15816
msgid "ldaprenamemachine"
15822
15817
msgstr ""
15823
15818
15824
#: serverguide/C/network-auth.xml:2030(ulink)
15819
#: serverguide/C/network-auth.xml:2037(ulink)
15825
15820
msgid "ldapadduser"
15826
15821
msgstr ""
15827
15822
15828
#: serverguide/C/network-auth.xml:2031(ulink)
15823
#: serverguide/C/network-auth.xml:2038(ulink)
15829
15824
msgid "ldapdeleteuserfromgroup"
15830
15825
msgstr ""
15831
15826
15832
#: serverguide/C/network-auth.xml:2032(ulink)
15827
#: serverguide/C/network-auth.xml:2039(ulink)
15833
15828
msgid "ldapfinger"
15834
15829
msgstr ""
15835
15830
15836
#: serverguide/C/network-auth.xml:2033(ulink)
15831
#: serverguide/C/network-auth.xml:2040(ulink)
15837
15832
msgid "ldapid"
15838
15833
msgstr ""
15839
15834
15840
#: serverguide/C/network-auth.xml:2034(ulink)
15835
#: serverguide/C/network-auth.xml:2041(ulink)
15841
15836
msgid "ldapgid"
15842
15837
msgstr ""
15843
15838
15844
#: serverguide/C/network-auth.xml:2035(ulink)
15839
#: serverguide/C/network-auth.xml:2042(ulink)
15845
15840
msgid "ldapmodifyuser"
15846
15841
msgstr ""
15847
15842
15848
#: serverguide/C/network-auth.xml:2036(ulink)
15843
#: serverguide/C/network-auth.xml:2043(ulink)
15849
15844
msgid "ldaprenameuser"
15850
15845
msgstr ""
15851
15846
15852
#: serverguide/C/network-auth.xml:2037(ulink)
15847
#: serverguide/C/network-auth.xml:2044(ulink)
15853
15848
msgid "lsldap"
15854
15849
msgstr ""
15855
15850
15856
#: serverguide/C/network-auth.xml:2038(ulink)
15851
#: serverguide/C/network-auth.xml:2045(ulink)
15857
15852
msgid "ldapaddusertogroup"
15858
15853
msgstr ""
15859
15854
15860
#: serverguide/C/network-auth.xml:2039(ulink)
15855
#: serverguide/C/network-auth.xml:2046(ulink)
15861
15856
msgid "ldapsetpasswd"
15862
15857
msgstr ""
15863
15858
15864
#: serverguide/C/network-auth.xml:2040(ulink)
15859
#: serverguide/C/network-auth.xml:2047(ulink)
15865
15860
msgid "ldapinit"
15866
15861
msgstr ""
15867
15862
15868
#: serverguide/C/network-auth.xml:2041(ulink)
15863
#: serverguide/C/network-auth.xml:2048(ulink)
15869
15864
msgid "ldapaddgroup"
15870
15865
msgstr ""
15871
15866
15872
#: serverguide/C/network-auth.xml:2042(ulink)
15867
#: serverguide/C/network-auth.xml:2049(ulink)
15873
15868
msgid "ldapdeletegroup"
15874
15869
msgstr ""
15875
15870
15876
#: serverguide/C/network-auth.xml:2043(ulink)
15871
#: serverguide/C/network-auth.xml:2050(ulink)
15877
15872
msgid "ldapmodifygroup"
15878
15873
msgstr ""
15879
15874
15880
#: serverguide/C/network-auth.xml:2044(ulink)
15875
#: serverguide/C/network-auth.xml:2051(ulink)
15881
15876
msgid "ldapdeletemachine"
15882
15877
msgstr ""
15883
15878
15884
#: serverguide/C/network-auth.xml:2045(ulink)
15879
#: serverguide/C/network-auth.xml:2052(ulink)
15885
15880
msgid "ldaprenamegroup"
15886
15881
msgstr ""
15887
15882
15888
#: serverguide/C/network-auth.xml:2046(ulink)
15883
#: serverguide/C/network-auth.xml:2053(ulink)
15889
15884
msgid "ldapaddmachine"
15890
15885
msgstr ""
15891
15886
15892
#: serverguide/C/network-auth.xml:2047(ulink)
15887
#: serverguide/C/network-auth.xml:2054(ulink)
15893
15888
msgid "ldapmodifymachine"
15894
15889
msgstr ""
15895
15890
15896
#: serverguide/C/network-auth.xml:2048(ulink)
15891
#: serverguide/C/network-auth.xml:2055(ulink)
15897
15892
msgid "ldapsetprimarygroup"
15898
15893
msgstr ""
15899
15894
15900
#: serverguide/C/network-auth.xml:2049(ulink)
15895
#: serverguide/C/network-auth.xml:2056(ulink)
15901
15896
msgid "ldapdeleteuser"
15902
15897
msgstr ""
15903
15898
15904
#: serverguide/C/network-auth.xml:2055(title)
15899
#: serverguide/C/network-auth.xml:2062(title)
15905
15900
msgid "Backup and Restore"
15906
15901
msgstr ""
15907
15902
15908
#: serverguide/C/network-auth.xml:2057(para)
15903
#: serverguide/C/network-auth.xml:2064(para)
15909
15904
msgid ""
15910
15905
"Now we have ldap running just the way we want, it is time to ensure we can "
15911
15906
"save all of our work and restore it as needed."
15912
15907
msgstr ""
15913
15908
15914
#: serverguide/C/network-auth.xml:2062(para)
15909
#: serverguide/C/network-auth.xml:2069(para)
15915
15910
msgid ""
15916
15911
"What we need is a way to backup the ldap database(s), specifically the "
15917
15912
"backend (cn=config) and frontend (dc=example,dc=com). If we are going to "
15920
15915
"script, called <filename>/usr/local/bin/ldapbackup</filename>:"
15921
15916
msgstr ""
15922
15917
15923
#: serverguide/C/network-auth.xml:2072(programlisting)
15918
#: serverguide/C/network-auth.xml:2079(programlisting)
15924
15919
#, no-wrap
15925
15920
msgid ""
15926
15921
"\n"
15935
15930
"chmod 640 ${BACKUP_PATH}/*.ldif\n"
15936
15931
msgstr ""
15937
15932
15938
#: serverguide/C/network-auth.xml:2085(para)
15933
#: serverguide/C/network-auth.xml:2092(para)
15939
15934
msgid ""
15940
15935
"These files are uncompressed text files containing everything in your ldap "
15941
15936
"databases including the tree layout, usernames, and every password. So, you "
15945
15940
"requirements."
15946
15941
msgstr ""
15947
15942
15948
#: serverguide/C/network-auth.xml:2096(para)
15943
#: serverguide/C/network-auth.xml:2103(para)
15949
15944
msgid ""
15950
15945
"Then, it is just a matter of having a cron script to run this program as "
15951
15946
"often as we feel comfortable with. For many, once a day suffices. For "
15954
15949
"22:45h:"
15955
15950
msgstr ""
15956
15951
15957
#: serverguide/C/network-auth.xml:2104(programlisting)
15952
#: serverguide/C/network-auth.xml:2111(programlisting)
15958
15953
#, no-wrap
15959
15954
msgid ""
15960
15955
"\n"
15962
15957
"45 22 * * * root /usr/local/bin/ldapbackup\n"
15963
15958
msgstr ""
15964
15959
15965
#: serverguide/C/network-auth.xml:2109(para)
15960
#: serverguide/C/network-auth.xml:2116(para)
15966
15961
msgid "Now the files are created, they should be copied to a backup server."
15967
15962
msgstr ""
15968
15963
15969
#: serverguide/C/network-auth.xml:2114(para)
15964
#: serverguide/C/network-auth.xml:2121(para)
15970
15965
msgid ""
15971
15966
"Assuming we did a fresh reinstall of ldap, the restore process could be "
15972
15967
"something like this:"
15973
15968
msgstr ""
15974
15969
15975
#: serverguide/C/network-auth.xml:2120(command)
15970
#: serverguide/C/network-auth.xml:2127(command)
15976
15971
msgid "sudo service slapd stop"
15977
15972
msgstr ""
15978
15973
15979
#: serverguide/C/network-auth.xml:2121(command)
15974
#: serverguide/C/network-auth.xml:2128(command)
15980
15975
msgid "sudo mkdir /var/lib/ldap/accesslog"
15981
15976
msgstr ""
15982
15977
15983
#: serverguide/C/network-auth.xml:2122(command)
15978
#: serverguide/C/network-auth.xml:2129(command)
15984
15979
msgid "sudo slapadd -F /etc/ldap/slapd.d -n 0 -l /export/backup/config.ldif"
15985
15980
msgstr ""
15986
15981
15987
#: serverguide/C/network-auth.xml:2123(command)
15982
#: serverguide/C/network-auth.xml:2130(command)
15988
15983
msgid ""
15989
15984
"sudo slapadd -F /etc/ldap/slapd.d -n 1 -l /export/backup/domain.com.ldif"
15990
15985
msgstr ""
15991
15986
15992
#: serverguide/C/network-auth.xml:2124(command)
15987
#: serverguide/C/network-auth.xml:2131(command)
15993
15988
msgid "sudo slapadd -F /etc/ldap/slapd.d -n 2 -l /export/backup/access.ldif"
15994
15989
msgstr ""
15995
15990
15996
#: serverguide/C/network-auth.xml:2125(command)
15991
#: serverguide/C/network-auth.xml:2132(command)
15997
15992
msgid "sudo chown -R openldap:openldap /etc/ldap/slapd.d/"
15998
15993
msgstr ""
15999
15994
16000
#: serverguide/C/network-auth.xml:2126(command)
15995
#: serverguide/C/network-auth.xml:2133(command)
16001
15996
msgid "sudo chown -R openldap:openldap /var/lib/ldap/"
16002
15997
msgstr ""
16003
15998
16004
#: serverguide/C/network-auth.xml:2127(command)
15999
#: serverguide/C/network-auth.xml:2134(command)
16005
16000
msgid "sudo service slapd start"
16006
16001
msgstr ""
16007
16002
16008
#: serverguide/C/network-auth.xml:2138(para)
16003
#: serverguide/C/network-auth.xml:2145(para)
16009
16004
msgid ""
16010
16005
"The primary resource is the upstream documentation: <ulink "
16011
16006
"url=\"http://www.openldap.org/\">www.openldap.org</ulink>"
16012
16007
msgstr ""
16013
16008
16014
#: serverguide/C/network-auth.xml:2144(para)
16009
#: serverguide/C/network-auth.xml:2151(para)
16015
16010
msgid ""
16016
16011
"There are many man pages that come with the slapd package. Here are some "
16017
16012
"important ones, especially considering the material presented in this guide:"
16018
16013
msgstr ""
16019
16014
16020
#: serverguide/C/network-auth.xml:2150(ulink)
16015
#: serverguide/C/network-auth.xml:2157(ulink)
16021
16016
msgid "slapd"
16022
16017
msgstr ""
16023
16018
16024
#: serverguide/C/network-auth.xml:2151(ulink)
16019
#: serverguide/C/network-auth.xml:2158(ulink)
16025
16020
msgid "slapd-config"
16026
16021
msgstr ""
16027
16022
16028
#: serverguide/C/network-auth.xml:2152(ulink)
16023
#: serverguide/C/network-auth.xml:2159(ulink)
16029
16024
msgid "slapd.access"
16030
16025
msgstr ""
16031
16026
16032
#: serverguide/C/network-auth.xml:2153(ulink)
16027
#: serverguide/C/network-auth.xml:2160(ulink)
16033
16028
msgid "slapo-syncprov"
16034
16029
msgstr ""
16035
16030
16036
#: serverguide/C/network-auth.xml:2159(para)
16031
#: serverguide/C/network-auth.xml:2166(para)
16037
16032
msgid "Other man pages:"
16038
16033
msgstr ""
16039
16034
16040
#: serverguide/C/network-auth.xml:2164(ulink)
16035
#: serverguide/C/network-auth.xml:2171(ulink)
16041
16036
msgid "auth-client-config"
16042
16037
msgstr ""
16043
16038
16044
#: serverguide/C/network-auth.xml:2165(ulink)
16039
#: serverguide/C/network-auth.xml:2172(ulink)
16045
16040
msgid "pam-auth-update"
16046
16041
msgstr ""
16047
16042
16048
#: serverguide/C/network-auth.xml:2171(para)
16043
#: serverguide/C/network-auth.xml:2178(para)
16049
16044
msgid ""
16050
16045
"Zytrax's <ulink url=\"http://www.zytrax.com/books/ldap/\">LDAP for Rocket "
16051
16046
"Scientists</ulink>; a less pedantic but comprehensive treatment of LDAP"
16052
16047
msgstr ""
16053
16048
16054
#: serverguide/C/network-auth.xml:2177(para)
16049
#: serverguide/C/network-auth.xml:2184(para)
16055
16050
msgid ""
16056
16051
"A Ubuntu community <ulink "
16057
16052
"url=\"https://help.ubuntu.com/community/OpenLDAPServer\">OpenLDAP "
16058
16053
"wiki</ulink> page has a collection of notes"
16059
16054
msgstr ""
16060
16055
16061
#: serverguide/C/network-auth.xml:2183(para)
16056
#: serverguide/C/network-auth.xml:2190(para)
16062
16057
msgid ""
16063
16058
"O'Reilly's <ulink url=\"http://www.oreilly.com/catalog/ldapsa/\">LDAP System "
16064
16059
"Administration</ulink> (textbook; 2003)"
16065
16060
msgstr ""
16066
16061
16067
#: serverguide/C/network-auth.xml:2189(para)
16062
#: serverguide/C/network-auth.xml:2196(para)
16068
16063
msgid ""
16069
16064
"Packt's <ulink url=\"http://www.packtpub.com/OpenLDAP-Developers-Server-Open-"
16070
16065
"Source-Linux/book\">Mastering OpenLDAP</ulink> (textbook; 2007)"
16071
16066
msgstr ""
16072
16067
16073
#: serverguide/C/network-auth.xml:2200(title)
16068
#: serverguide/C/network-auth.xml:2207(title)
16074
16069
msgid "Samba and LDAP"
16075
16070
msgstr "Samba in LDAP"
16076
16071
16077
#: serverguide/C/network-auth.xml:2202(para)
16072
#: serverguide/C/network-auth.xml:2209(para)
16078
16073
msgid ""
16079
16074
"This section covers the integration of Samba with LDAP. The Samba server's "
16080
16075
"role will be that of a \"standalone\" server and the LDAP directory will "
16087
16082
"specifically you want Samba to do for you and then configure it accordingly."
16088
16083
msgstr ""
16089
16084
16090
#: serverguide/C/network-auth.xml:2211(title)
16085
#: serverguide/C/network-auth.xml:2218(title) serverguide/C/network-auth.xml:4000(title)
16091
16086
msgid "Software Installation"
16092
16087
msgstr ""
16093
16088
16094
#: serverguide/C/network-auth.xml:2213(para)
16089
#: serverguide/C/network-auth.xml:2220(para)
16095
16090
msgid ""
16096
16091
"There are three packages needed when integrating Samba with LDAP: "
16097
16092
"<application>samba</application>, <application>samba-doc</application>, and "
16098
16093
"<application>smbldap-tools</application> packages."
16099
16094
msgstr ""
16100
16095
16101
#: serverguide/C/network-auth.xml:2223(para)
16096
#: serverguide/C/network-auth.xml:2225(para)
16102
16097
msgid ""
16103
16098
"Strictly speaking, the <application>smbldap-tools</application> package "
16104
16099
"isn't needed, but unless you have some other way to manage the various Samba "
16106
16101
"install it."
16107
16102
msgstr ""
16108
16103
16109
#: serverguide/C/network-auth.xml:2223(para)
16104
#: serverguide/C/network-auth.xml:2230(para)
16110
16105
msgid "Install these packages now:"
16111
16106
msgstr ""
16112
16107
16113
#: serverguide/C/network-auth.xml:2228(command)
16108
#: serverguide/C/network-auth.xml:2235(command)
16114
16109
msgid "sudo apt-get install samba samba-doc smbldap-tools"
16115
16110
msgstr "sudo apt-get install samba samba-doc smbldap-tools"
16116
16111
16117
#: serverguide/C/network-auth.xml:2234(title)
16112
#: serverguide/C/network-auth.xml:2241(title)
16118
16113
msgid "LDAP Configuration"
16119
16114
msgstr ""
16120
16115
16121
#: serverguide/C/network-auth.xml:2236(para)
16116
#: serverguide/C/network-auth.xml:2243(para)
16122
16117
msgid ""
16123
16118
"We will now configure the LDAP server so that it can accomodate Samba data. "
16124
16119
"We will perform three tasks in this section:"
16125
16120
msgstr ""
16126
16121
16127
#: serverguide/C/network-auth.xml:2243(para)
16122
#: serverguide/C/network-auth.xml:2250(para)
16128
16123
msgid "Import a schema"
16129
16124
msgstr ""
16130
16125
16131
#: serverguide/C/network-auth.xml:2247(para)
16126
#: serverguide/C/network-auth.xml:2254(para)
16132
16127
msgid "Index some entries"
16133
16128
msgstr ""
16134
16129
16135
#: serverguide/C/network-auth.xml:2251(para)
16130
#: serverguide/C/network-auth.xml:2258(para)
16136
16131
msgid "Add objects"
16137
16132
msgstr ""
16138
16133
16139
#: serverguide/C/network-auth.xml:2257(title)
16134
#: serverguide/C/network-auth.xml:2264(title)
16140
16135
msgid "Samba schema"
16141
16136
msgstr ""
16142
16137
16143
#: serverguide/C/network-auth.xml:2259(para)
16138
#: serverguide/C/network-auth.xml:2266(para)
16144
16139
msgid ""
16145
16140
"In order for OpenLDAP to be used as a backend for Samba, logically, the DIT "
16146
16141
"will need to use attributes that can properly describe Samba data. Such "
16148
16143
"now."
16149
16144
msgstr ""
16150
16145
16151
#: serverguide/C/network-auth.xml:2265(para)
16146
#: serverguide/C/network-auth.xml:2272(para)
16152
16147
msgid ""
16153
16148
"For more information on schemas and their installation see <xref "
16154
16149
"linkend=\"openldap-configuration\"/>."
16155
16150
msgstr ""
16156
16151
16157
#: serverguide/C/network-auth.xml:2273(para)
16152
#: serverguide/C/network-auth.xml:2280(para)
16158
16153
msgid ""
16159
16154
"The schema is found in the now-installed <application>samba-"
16160
16155
"doc</application> package. It needs to be unzipped and copied to the "
16161
16156
"<filename>/etc/ldap/schema</filename> directory:"
16162
16157
msgstr ""
16163
16158
16164
#: serverguide/C/network-auth.xml:2279(command)
16159
#: serverguide/C/network-auth.xml:2286(command)
16165
16160
msgid ""
16166
16161
"sudo cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz "
16167
16162
"/etc/ldap/schema"
16168
16163
msgstr ""
16169
16164
16170
#: serverguide/C/network-auth.xml:2280(command)
16165
#: serverguide/C/network-auth.xml:2287(command)
16171
16166
msgid "sudo gzip -d /etc/ldap/schema/samba.schema.gz"
16172
16167
msgstr "sudo gzip -d /etc/ldap/schema/samba.schema.gz"
16173
16168
16174
#: serverguide/C/network-auth.xml:2286(para)
16169
#: serverguide/C/network-auth.xml:2293(para)
16175
16170
msgid ""
16176
16171
"Have the configuration file <filename>schema_convert.conf</filename> that "
16177
16172
"contains the following lines:"
16178
16173
msgstr ""
16179
16174
16180
#: serverguide/C/network-auth.xml:2290(programlisting)
16175
#: serverguide/C/network-auth.xml:2297(programlisting)
16181
16176
#, no-wrap
16182
16177
msgid ""
16183
16178
"\n"
16198
16193
"include /etc/ldap/schema/samba.schema\n"
16199
16194
msgstr ""
16200
16195
16201
#: serverguide/C/network-auth.xml:2311(para)
16196
#: serverguide/C/network-auth.xml:2318(para)
16202
16197
msgid "Have the directory <filename>ldif_output</filename> hold output."
16203
16198
msgstr ""
16204
16199
16205
#: serverguide/C/network-auth.xml:2322(command)
16200
#: serverguide/C/network-auth.xml:2329(command)
16206
16201
msgid ""
16207
16202
"slapcat -f schema_convert.conf -F ldif_output -n 0 | grep samba,cn=schema"
16208
16203
msgstr ""
16209
16204
16210
#: serverguide/C/network-auth.xml:2323(computeroutput)
16205
#: serverguide/C/network-auth.xml:2330(computeroutput)
16211
16206
#, no-wrap
16212
16207
msgid ""
16213
16208
"\n"
16214
16209
"dn: cn={14}samba,cn=schema,cn=config\n"
16215
16210
msgstr ""
16216
16211
16217
#: serverguide/C/network-auth.xml:2331(para)
16212
#: serverguide/C/network-auth.xml:2338(para)
16218
16213
msgid "Convert the schema to LDIF format:"
16219
16214
msgstr ""
16220
16215
16221
#: serverguide/C/network-auth.xml:2336(command)
16216
#: serverguide/C/network-auth.xml:2343(command)
16222
16217
msgid ""
16223
16218
"slapcat -f schema_convert.conf -F ldif_output -n0 -H \\ "
16224
16219
"ldap:///cn={14}samba,cn=schema,cn=config -l cn=samba.ldif"
16225
16220
msgstr ""
16226
16221
16227
#: serverguide/C/network-auth.xml:2343(para)
16222
#: serverguide/C/network-auth.xml:2350(para)
16228
16223
msgid ""
16229
16224
"Edit the generated <filename>cn=samba.ldif</filename> file by removing index "
16230
16225
"information to arrive at:"
16231
16226
msgstr ""
16232
16227
16233
#: serverguide/C/network-auth.xml:2347(programlisting)
16228
#: serverguide/C/network-auth.xml:2354(programlisting)
16234
16229
#, no-wrap
16235
16230
msgid ""
16236
16231
"\n"
16239
16234
"cn: samba\n"
16240
16235
msgstr ""
16241
16236
16242
#: serverguide/C/network-auth.xml:2353(para)
16237
#: serverguide/C/network-auth.xml:2360(para)
16243
16238
msgid "Remove the bottom lines:"
16244
16239
msgstr ""
16245
16240
16246
#: serverguide/C/network-auth.xml:2357(programlisting)
16241
#: serverguide/C/network-auth.xml:2364(programlisting)
16247
16242
#, no-wrap
16248
16243
msgid ""
16249
16244
"\n"
16256
16251
"modifyTimestamp: 20080827045234Z\n"
16257
16252
msgstr ""
16258
16253
16259
#: serverguide/C/network-auth.xml:2373(para)
16254
#: serverguide/C/network-auth.xml:2380(para)
16260
16255
msgid "Add the new schema:"
16261
16256
msgstr ""
16262
16257
16263
#: serverguide/C/network-auth.xml:2378(command)
16258
#: serverguide/C/network-auth.xml:2385(command)
16264
16259
msgid "sudo ldapadd -Q -Y EXTERNAL -H ldapi:/// -f cn\\=samba.ldif"
16265
16260
msgstr ""
16266
16261
16267
#: serverguide/C/network-auth.xml:2381(para)
16262
#: serverguide/C/network-auth.xml:2388(para)
16268
16263
msgid "To query and view this new schema:"
16269
16264
msgstr ""
16270
16265
16271
#: serverguide/C/network-auth.xml:2386(command)
16266
#: serverguide/C/network-auth.xml:2393(command)
16272
16267
msgid ""
16273
16268
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H ldapi:/// -b cn=schema,cn=config "
16274
16269
"'cn=*samba*'"
16275
16270
msgstr ""
16276
16271
16277
#: serverguide/C/network-auth.xml:2396(title)
16272
#: serverguide/C/network-auth.xml:2403(title)
16278
16273
msgid "Samba indices"
16279
16274
msgstr ""
16280
16275
16281
#: serverguide/C/network-auth.xml:2398(para)
16276
#: serverguide/C/network-auth.xml:2405(para)
16282
16277
msgid ""
16283
16278
"Now that slapd knows about the Samba attributes, we can set up some indices "
16284
16279
"based on them. Indexing entries is a way to improve performance when a "
16285
16280
"client performs a filtered search on the DIT."
16286
16281
msgstr ""
16287
16282
16288
#: serverguide/C/network-auth.xml:2403(para)
16283
#: serverguide/C/network-auth.xml:2410(para)
16289
16284
msgid ""
16290
16285
"Create the file <filename>samba_indices.ldif</filename> with the following "
16291
16286
"contents:"
16292
16287
msgstr ""
16293
16288
16294
#: serverguide/C/network-auth.xml:2407(programlisting)
16289
#: serverguide/C/network-auth.xml:2414(programlisting)
16295
16290
#, no-wrap
16296
16291
msgid ""
16297
16292
"\n"
16312
16307
"olcDbIndex: default sub\n"
16313
16308
msgstr ""
16314
16309
16315
#: serverguide/C/network-auth.xml:2425(para)
16310
#: serverguide/C/network-auth.xml:2432(para)
16316
16311
msgid ""
16317
16312
"Using the <application>ldapmodify</application> utility load the new indices:"
16318
16313
msgstr ""
16319
16314
16320
#: serverguide/C/network-auth.xml:2430(command)
16315
#: serverguide/C/network-auth.xml:2437(command)
16321
16316
msgid "sudo ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f samba_indices.ldif"
16322
16317
msgstr ""
16323
16318
16324
#: serverguide/C/network-auth.xml:2433(para)
16319
#: serverguide/C/network-auth.xml:2440(para)
16325
16320
msgid ""
16326
16321
"If all went well you should see the new indices using "
16327
16322
"<application>ldapsearch</application>:"
16328
16323
msgstr ""
16329
16324
16330
#: serverguide/C/network-auth.xml:2438(command)
16325
#: serverguide/C/network-auth.xml:2445(command)
16331
16326
msgid ""
16332
16327
"sudo ldapsearch -Q -LLL -Y EXTERNAL -H \\ ldapi:/// -b cn=config "
16333
16328
"olcDatabase={1}hdb olcDbIndex"
16334
16329
msgstr ""
16335
16330
16336
#: serverguide/C/network-auth.xml:2445(title)
16331
#: serverguide/C/network-auth.xml:2452(title)
16337
16332
msgid "Adding Samba LDAP objects"
16338
16333
msgstr ""
16339
16334
16340
#: serverguide/C/network-auth.xml:2452(para)
16335
#: serverguide/C/network-auth.xml:2454(para)
16341
16336
msgid ""
16342
16337
"Next, configure the <application>smbldap-tools</application> package to "
16343
16338
"match your environment. The package is supposed to come with a configuration "
16348
16343
"smbldap-tools')."
16349
16344
msgstr ""
16350
16345
16351
#: serverguide/C/network-auth.xml:2459(para)
16346
#: serverguide/C/network-auth.xml:2461(para)
16352
16347
msgid ""
16353
16348
"To manually configure the package, you need to create and edit the files "
16354
16349
"<filename>/etc/smbldap-tools/smbldap.conf</filename> and "
16355
16350
"<filename>/etc/smbldap-tools/smbldap_bind.conf</filename>."
16356
16351
msgstr ""
16357
16352
16358
#: serverguide/C/network-auth.xml:2464(para)
16353
#: serverguide/C/network-auth.xml:2466(para)
16359
16354
msgid ""
16360
16355
"The <application>smbldap-populate</application> script will then add the "
16361
16356
"LDAP objects required for Samba. It is a good idea to first make a backup of "
16362
16357
"your DIT using <application>slapcat</application>:"
16363
16358
msgstr ""
16364
16359
16365
#: serverguide/C/network-auth.xml:2473(command)
16360
#: serverguide/C/network-auth.xml:2472(command)
16366
16361
msgid "sudo slapcat -l backup.ldif"
16367
16362
msgstr "sudo slapcat -l backup.ldif"
16368
16363
16369
#: serverguide/C/network-auth.xml:2476(para)
16364
#: serverguide/C/network-auth.xml:2475(para)
16370
16365
msgid "Once you have a backup proceed to populate your directory:"
16371
16366
msgstr ""
16372
16367
16373
#: serverguide/C/network-auth.xml:2481(command)
16368
#: serverguide/C/network-auth.xml:2480(command)
16374
16369
msgid "sudo smbldap-populate"
16375
16370
msgstr "sudo smbldap-populate"
16376
16371
16377
#: serverguide/C/network-auth.xml:2484(para)
16372
#: serverguide/C/network-auth.xml:2483(para)
16378
16373
msgid ""
16379
16374
"You can create a LDIF file containing the new Samba objects by executing "
16380
16375
"<command>sudo smbldap-populate -e samba.ldif</command>. This allows you to "
16383
16378
"and import its data per usual."
16384
16379
msgstr ""
16385
16380
16386
#: serverguide/C/network-auth.xml:2490(para)
16381
#: serverguide/C/network-auth.xml:2489(para)
16387
16382
msgid ""
16388
16383
"Your LDAP directory now has the necessary information to authenticate Samba "
16389
16384
"users."
16390
16385
msgstr ""
16391
16386
16392
#: serverguide/C/network-auth.xml:2499(title)
16387
#: serverguide/C/network-auth.xml:2498(title) serverguide/C/network-auth.xml:4032(title)
16393
16388
msgid "Samba Configuration"
16394
16389
msgstr "Nastavljanje Sambe"
16395
16390
16396
#: serverguide/C/network-auth.xml:2498(para)
16391
#: serverguide/C/network-auth.xml:2500(para)
16397
16392
msgid ""
16398
16393
"There are multiple ways to configure Samba. For details on some common "
16399
16394
"configurations see <xref linkend=\"samba\"/>. To configure Samba to use "
16402
16397
"adding some ldap-related ones:"
16403
16398
msgstr ""
16404
16399
16405
#: serverguide/C/network-auth.xml:2507(programlisting)
16400
#: serverguide/C/network-auth.xml:2506(programlisting)
16406
16401
#, no-wrap
16407
16402
msgid ""
16408
16403
"\n"
16422
16417
" add machine script = sudo /usr/sbin/smbldap-useradd -t 0 -w \"%u\"\n"
16423
16418
msgstr ""
16424
16419
16425
#: serverguide/C/network-auth.xml:2524(para)
16420
#: serverguide/C/network-auth.xml:2523(para)
16426
16421
msgid "Change the values to match your environment."
16427
16422
msgstr ""
16428
16423
16429
#: serverguide/C/network-auth.xml:2528(para)
16424
#: serverguide/C/network-auth.xml:2527(para)
16430
16425
msgid "Restart <application>samba</application> to enable the new settings:"
16431
16426
msgstr ""
16432
16427
16433
#: serverguide/C/network-auth.xml:2537(para)
16428
#: serverguide/C/network-auth.xml:2536(para)
16434
16429
msgid ""
16435
16430
"Now inform Samba about the rootDN user's password (the one set during the "
16436
16431
"installation of the slapd package):"
16437
16432
msgstr ""
16438
16433
16439
#: serverguide/C/network-auth.xml:2542(command)
16434
#: serverguide/C/network-auth.xml:2541(command)
16440
16435
msgid "sudo smbpasswd -w password"
16441
16436
msgstr ""
16442
16437
16443
#: serverguide/C/network-auth.xml:2545(para)
16438
#: serverguide/C/network-auth.xml:2544(para)
16444
16439
msgid ""
16445
16440
"If you have existing LDAP users that you want to include in your new LDAP-"
16446
16441
"backed Samba they will, of course, also need to be given some of the extra "
16450
16445
"<application>libnss-ldap</application>):"
16451
16446
msgstr ""
16452
16447
16453
#: serverguide/C/network-auth.xml:2553(command)
16448
#: serverguide/C/network-auth.xml:2552(command)
16454
16449
msgid "sudo smbpasswd -a username"
16455
16450
msgstr "sudo smbpasswd -a uporabniško-ime"
16456
16451
16457
#: serverguide/C/network-auth.xml:2556(para)
16452
#: serverguide/C/network-auth.xml:2555(para)
16458
16453
msgid ""
16459
16454
"You will prompted to enter a password. It will be considered as the new "
16460
16455
"password for that user. Making it the same as before is reasonable."
16461
16456
msgstr ""
16462
16457
16463
#: serverguide/C/network-auth.xml:2560(para)
16458
#: serverguide/C/network-auth.xml:2559(para)
16464
16459
msgid ""
16465
16460
"To manage user, group, and machine accounts use the utilities provided by "
16466
16461
"the <application>smbldap-tools</application> package. Here are some examples:"
16467
16462
msgstr ""
16468
16463
16469
#: serverguide/C/network-auth.xml:2568(para)
16464
#: serverguide/C/network-auth.xml:2567(para)
16470
16465
msgid "To add a new user:"
16471
16466
msgstr ""
16472
16467
16473
#: serverguide/C/network-auth.xml:2573(command)
16468
#: serverguide/C/network-auth.xml:2572(command)
16474
16469
msgid "sudo smbldap-useradd -a -P username"
16475
16470
msgstr "sudo smbldap-useradd -a -P uporabniško-ime"
16476
16471
16477
#: serverguide/C/network-auth.xml:2576(para)
16472
#: serverguide/C/network-auth.xml:2575(para)
16478
16473
msgid ""
16479
16474
"The <emphasis>-a</emphasis> option adds the Samba attributes, and the "
16480
16475
"<emphasis>-P</emphasis> option calls the <application>smbldap-"
16482
16477
"a password for the user."
16483
16478
msgstr ""
16484
16479
16485
#: serverguide/C/network-auth.xml:2583(para)
16480
#: serverguide/C/network-auth.xml:2582(para)
16486
16481
msgid "To remove a user:"
16487
16482
msgstr ""
16488
16483
16489
#: serverguide/C/network-auth.xml:2588(command)
16484
#: serverguide/C/network-auth.xml:2587(command)
16490
16485
msgid "sudo smbldap-userdel username"
16491
16486
msgstr "sudo smbldap-userdel uporabniško-ime"
16492
16487
16493
#: serverguide/C/network-auth.xml:2591(para)
16488
#: serverguide/C/network-auth.xml:2590(para)
16494
16489
msgid ""
16495
16490
"In the above command, use the <emphasis>-r</emphasis> option to remove the "
16496
16491
"user's home directory."
16497
16492
msgstr ""
16498
16493
16499
#: serverguide/C/network-auth.xml:2597(para)
16494
#: serverguide/C/network-auth.xml:2596(para)
16500
16495
msgid "To add a group:"
16501
16496
msgstr ""
16502
16497
16503
#: serverguide/C/network-auth.xml:2602(command)
16498
#: serverguide/C/network-auth.xml:2601(command)
16504
16499
msgid "sudo smbldap-groupadd -a groupname"
16505
16500
msgstr "sudo smbldap-groupadd -a ime-skupine"
16506
16501
16507
#: serverguide/C/network-auth.xml:2605(para)
16502
#: serverguide/C/network-auth.xml:2604(para)
16508
16503
msgid ""
16509
16504
"As for <application>smbldap-useradd</application>, the <emphasis>-"
16510
16505
"a</emphasis> adds the Samba attributes."
16511
16506
msgstr ""
16512
16507
16513
#: serverguide/C/network-auth.xml:2611(para)
16508
#: serverguide/C/network-auth.xml:2610(para)
16514
16509
msgid "To make an existing user a member of a group:"
16515
16510
msgstr ""
16516
16511
16517
#: serverguide/C/network-auth.xml:2616(command)
16512
#: serverguide/C/network-auth.xml:2615(command)
16518
16513
msgid "sudo smbldap-groupmod -m username groupname"
16519
16514
msgstr "sudo smbldap-groupmod -m uporabniško-ime ime-skupine"
16520
16515
16521
#: serverguide/C/network-auth.xml:2619(para)
16516
#: serverguide/C/network-auth.xml:2618(para)
16522
16517
msgid ""
16523
16518
"The <emphasis>-m</emphasis> option can add more than one user at a time by "
16524
16519
"listing them in comma-separated format."
16525
16520
msgstr ""
16526
16521
16527
#: serverguide/C/network-auth.xml:2625(para)
16522
#: serverguide/C/network-auth.xml:2624(para)
16528
16523
msgid "To remove a user from a group:"
16529
16524
msgstr ""
16530
16525
16531
#: serverguide/C/network-auth.xml:2630(command)
16526
#: serverguide/C/network-auth.xml:2629(command)
16532
16527
msgid "sudo smbldap-groupmod -x username groupname"
16533
16528
msgstr "sudo smbldap-groupmod -x uporabniško-ime ime-skupine"
16534
16529
16535
#: serverguide/C/network-auth.xml:2636(para)
16530
#: serverguide/C/network-auth.xml:2635(para)
16536
16531
msgid "To add a Samba machine account:"
16537
16532
msgstr ""
16538
16533
16539
#: serverguide/C/network-auth.xml:2641(command)
16534
#: serverguide/C/network-auth.xml:2640(command)
16540
16535
msgid "sudo smbldap-useradd -t 0 -w username"
16541
16536
msgstr "sudo smbldap-useradd -t 0 -w uporabniško-ime"
16542
16537
16543
#: serverguide/C/network-auth.xml:2644(para)
16538
#: serverguide/C/network-auth.xml:2643(para)
16544
16539
msgid ""
16545
16540
"Replace <emphasis>username</emphasis> with the name of the workstation. The "
16546
16541
"<emphasis>-t 0</emphasis> option creates the machine account without a "
16550
16545
"<application>smbldap-useradd</application>."
16551
16546
msgstr ""
16552
16547
16553
#: serverguide/C/network-auth.xml:2653(para)
16548
#: serverguide/C/network-auth.xml:2652(para)
16554
16549
msgid ""
16555
16550
"There are utilities in the <application>smbldap-tools</application> package "
16556
16551
"that were not covered here. Here is a complete list:"
16557
16552
msgstr ""
16558
16553
16554
#: serverguide/C/network-auth.xml:2657(ulink)
16555
msgid "smbldap-groupadd"
16556
msgstr ""
16557
16559
16558
#: serverguide/C/network-auth.xml:2658(ulink)
16560
msgid "smbldap-groupadd"
16559
msgid "smbldap-groupdel"
16561
16560
msgstr ""
16562
16561
16563
16562
#: serverguide/C/network-auth.xml:2659(ulink)
16564
msgid "smbldap-groupdel"
16563
msgid "smbldap-groupmod"
16565
16564
msgstr ""
16566
16565
16567
16566
#: serverguide/C/network-auth.xml:2660(ulink)
16568
msgid "smbldap-groupmod"
16567
msgid "smbldap-groupshow"
16569
16568
msgstr ""
16570
16569
16571
16570
#: serverguide/C/network-auth.xml:2661(ulink)
16572
msgid "smbldap-groupshow"
16571
msgid "smbldap-passwd"
16573
16572
msgstr ""
16574
16573
16575
16574
#: serverguide/C/network-auth.xml:2662(ulink)
16576
msgid "smbldap-passwd"
16575
msgid "smbldap-populate"
16577
16576
msgstr ""
16578
16577
16579
16578
#: serverguide/C/network-auth.xml:2663(ulink)
16580
msgid "smbldap-populate"
16579
msgid "smbldap-useradd"
16581
16580
msgstr ""
16582
16581
16583
16582
#: serverguide/C/network-auth.xml:2664(ulink)
16584
msgid "smbldap-useradd"
16583
msgid "smbldap-userdel"
16585
16584
msgstr ""
16586
16585
16587
16586
#: serverguide/C/network-auth.xml:2665(ulink)
16588
msgid "smbldap-userdel"
16587
msgid "smbldap-userinfo"
16589
16588
msgstr ""
16590
16589
16591
16590
#: serverguide/C/network-auth.xml:2666(ulink)
16592
msgid "smbldap-userinfo"
16591
msgid "smbldap-userlist"
16593
16592
msgstr ""
16594
16593
16595
16594
#: serverguide/C/network-auth.xml:2667(ulink)
16596
msgid "smbldap-userlist"
16595
msgid "smbldap-usermod"
16597
16596
msgstr ""
16598
16597
16599
16598
#: serverguide/C/network-auth.xml:2668(ulink)
16600
msgid "smbldap-usermod"
16601
msgstr ""
16602
16603
#: serverguide/C/network-auth.xml:2669(ulink)
16604
16599
msgid "smbldap-usershow"
16605
16600
msgstr ""
16606
16601
16607
#: serverguide/C/network-auth.xml:2677(para)
16602
#: serverguide/C/network-auth.xml:2679(para)
16608
16603
msgid ""
16609
16604
"For more information on installing and configuring Samba see <xref "
16610
16605
"linkend=\"samba\"/> of this Ubuntu Server Guide."
16611
16606
msgstr ""
16612
16607
16613
#: serverguide/C/network-auth.xml:2686(para)
16608
#: serverguide/C/network-auth.xml:2685(para)
16614
16609
msgid ""
16615
16610
"There are multiple places where LDAP and Samba is documented in the upstream "
16616
16611
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/\">Samba "
16617
16612
"HOWTO Collection</ulink>."
16618
16613
msgstr ""
16619
16614
16620
#: serverguide/C/network-auth.xml:2693(para)
16615
#: serverguide/C/network-auth.xml:2692(para)
16621
16616
msgid ""
16622
16617
"Regarding the above, see specifically the <ulink "
16623
16618
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
16624
16619
"Collection/passdb.html\">passdb section</ulink>."
16625
16620
msgstr ""
16626
16621
16627
#: serverguide/C/network-auth.xml:2699(para)
16622
#: serverguide/C/network-auth.xml:2698(para)
16628
16623
msgid ""
16629
16624
"Although dated (2007), the <ulink url=\"http://download.gna.org/smbldap-"
16630
16625
"tools/docs/samba-ldap-howto/\">Linux Samba-OpenLDAP HOWTO</ulink> contains "
16631
16626
"valuable notes."
16632
16627
msgstr ""
16633
16628
16634
#: serverguide/C/network-auth.xml:2705(para)
16629
#: serverguide/C/network-auth.xml:2704(para)
16635
16630
msgid ""
16636
16631
"The main page of the <ulink "
16637
16632
"url=\"https://help.ubuntu.com/community/Samba#samba-ldap\">Samba Ubuntu "
16639
16634
"prove useful."
16640
16635
msgstr ""
16641
16636
16642
#: serverguide/C/network-auth.xml:2718(title)
16637
#: serverguide/C/network-auth.xml:2717(title)
16643
16638
msgid "Kerberos"
16644
16639
msgstr "Kerberos"
16645
16640
16646
#: serverguide/C/network-auth.xml:2720(para)
16641
#: serverguide/C/network-auth.xml:2719(para)
16647
16642
msgid ""
16648
16643
"<application>Kerberos</application> is a network authentication system based "
16649
16644
"on the principal of a trusted third party. The other two parties being the "
16652
16647
"network environment one step closer to being Single Sign On (SSO)."
16653
16648
msgstr ""
16654
16649
16655
#: serverguide/C/network-auth.xml:2726(para)
16650
#: serverguide/C/network-auth.xml:2725(para)
16656
16651
msgid ""
16657
16652
"This section covers installation and configuration of a Kerberos server, and "
16658
16653
"some example client configurations."
16659
16654
msgstr ""
16660
16655
16661
#: serverguide/C/virtualization.xml:1099(title) serverguide/C/virtualization.xml:2132(title) serverguide/C/network-auth.xml:2731(title) serverguide/C/monitoring.xml:13(title) serverguide/C/lamp-applications.xml:15(title) serverguide/C/installation.xml:903(title) serverguide/C/dns.xml:62(title) serverguide/C/dm-multipath.xml:135(title) serverguide/C/chat.xml:15(title) serverguide/C/backups.xml:545(title)
16656
#: serverguide/C/network-auth.xml:2730(title) serverguide/C/monitoring.xml:13(title) serverguide/C/lamp-applications.xml:15(title) serverguide/C/installation.xml:910(title) serverguide/C/dns.xml:62(title) serverguide/C/dm-multipath.xml:135(title) serverguide/C/chat.xml:15(title) serverguide/C/cgroups.xml:38(title) serverguide/C/backups.xml:551(title)
16662
16657
msgid "Overview"
16663
16658
msgstr "Pregled"
16664
16659
16665
#: serverguide/C/network-auth.xml:2733(para)
16660
#: serverguide/C/network-auth.xml:2732(para)
16666
16661
msgid ""
16667
16662
"If you are new to Kerberos there are a few terms that are good to understand "
16668
16663
"before setting up a Kerberos server. Most of the terms will relate to things "
16669
16664
"you may be familiar with in other environments:"
16670
16665
msgstr ""
16671
16666
16672
#: serverguide/C/network-auth.xml:2740(para)
16667
#: serverguide/C/network-auth.xml:2739(para)
16673
16668
msgid ""
16674
16669
"<emphasis>Principal:</emphasis> any users, computers, and services provided "
16675
16670
"by servers need to be defined as Kerberos Principals."
16676
16671
msgstr ""
16677
16672
16678
#: serverguide/C/network-auth.xml:2745(para)
16673
#: serverguide/C/network-auth.xml:2744(para)
16679
16674
msgid ""
16680
16675
"<emphasis>Instances:</emphasis> are used for service principals and special "
16681
16676
"administrative principals."
16682
16677
msgstr ""
16683
16678
16684
#: serverguide/C/network-auth.xml:2750(para)
16679
#: serverguide/C/network-auth.xml:2749(para)
16685
16680
msgid ""
16686
16681
"<emphasis>Realms:</emphasis> the unique realm of control provided by the "
16687
16682
"Kerberos installation. Think of it as the domain or group your hosts and "
16690
16685
"as the realm."
16691
16686
msgstr ""
16692
16687
16693
#: serverguide/C/network-auth.xml:2759(para)
16688
#: serverguide/C/network-auth.xml:2758(para)
16694
16689
msgid ""
16695
16690
"<emphasis>Key Distribution Center:</emphasis> (KDC) consist of three parts, "
16696
16691
"a database of all principals, the authentication server, and the ticket "
16697
16692
"granting server. For each realm there must be at least one KDC."
16698
16693
msgstr ""
16699
16694
16700
#: serverguide/C/network-auth.xml:2765(para)
16695
#: serverguide/C/network-auth.xml:2764(para)
16701
16696
msgid ""
16702
16697
"<emphasis>Ticket Granting Ticket:</emphasis> issued by the Authentication "
16703
16698
"Server (AS), the Ticket Granting Ticket (TGT) is encrypted in the user's "
16704
16699
"password which is known only to the user and the KDC."
16705
16700
msgstr ""
16706
16701
16707
#: serverguide/C/network-auth.xml:2771(para)
16702
#: serverguide/C/network-auth.xml:2770(para)
16708
16703
msgid ""
16709
16704
"<emphasis>Ticket Granting Server:</emphasis> (TGS) issues service tickets to "
16710
16705
"clients upon request."
16711
16706
msgstr ""
16712
16707
16713
#: serverguide/C/network-auth.xml:2776(para)
16708
#: serverguide/C/network-auth.xml:2775(para)
16714
16709
msgid ""
16715
16710
"<emphasis>Tickets:</emphasis> confirm the identity of the two principals. "
16716
16711
"One principal being a user and the other a service requested by the user. "
16718
16713
"authenticated session."
16719
16714
msgstr ""
16720
16715
16721
#: serverguide/C/network-auth.xml:2782(para)
16716
#: serverguide/C/network-auth.xml:2781(para)
16722
16717
msgid ""
16723
16718
"<emphasis>Keytab Files:</emphasis> are files extracted from the KDC "
16724
16719
"principal database and contain the encryption key for a service or host."
16725
16720
msgstr ""
16726
16721
16727
#: serverguide/C/network-auth.xml:2789(para)
16722
#: serverguide/C/network-auth.xml:2788(para)
16728
16723
msgid ""
16729
16724
"To put the pieces together, a Realm has at least one KDC, preferably more "
16730
16725
"for redundancy, which contains a database of Principals. When a user "
16736
16731
"entering another username and password."
16737
16732
msgstr ""
16738
16733
16739
#: serverguide/C/network-auth.xml:2798(title)
16734
#: serverguide/C/network-auth.xml:2797(title)
16740
16735
msgid "Kerberos Server"
16741
16736
msgstr "Strežnik Kerberos"
16742
16737
16743
#: serverguide/C/network-auth.xml:2802(para)
16738
#: serverguide/C/network-auth.xml:2801(para)
16744
16739
msgid ""
16745
16740
"For this discussion, we will create a MIT Kerberos domain with the following "
16746
16741
"features (edit them to fit your needs):"
16747
16742
msgstr ""
16748
16743
16749
#: serverguide/C/network-auth.xml:2809(para)
16744
#: serverguide/C/network-auth.xml:2808(para)
16750
16745
msgid "<emphasis>Realm:</emphasis> EXAMPLE.COM"
16751
16746
msgstr ""
16752
16747
16753
#: serverguide/C/network-auth.xml:2814(para)
16748
#: serverguide/C/network-auth.xml:2813(para)
16754
16749
msgid "<emphasis>Primary KDC:</emphasis> kdc01.example.com (192.168.0.1)"
16755
16750
msgstr ""
16756
16751
16757
#: serverguide/C/network-auth.xml:2819(para)
16752
#: serverguide/C/network-auth.xml:2818(para)
16758
16753
msgid "<emphasis>Secondary KDC:</emphasis> kdc02.example.com (192.168.0.2)"
16759
16754
msgstr ""
16760
16755
16761
#: serverguide/C/network-auth.xml:2824(para)
16756
#: serverguide/C/network-auth.xml:2823(para)
16762
16757
msgid "<emphasis>User principal:</emphasis> steve"
16763
16758
msgstr ""
16764
16759
16765
#: serverguide/C/network-auth.xml:2829(para)
16760
#: serverguide/C/network-auth.xml:2828(para)
16766
16761
msgid "<emphasis>Admin principal:</emphasis> steve/admin"
16767
16762
msgstr ""
16768
16763
16769
#: serverguide/C/network-auth.xml:2836(para)
16764
#: serverguide/C/network-auth.xml:2835(para)
16770
16765
msgid ""
16771
16766
"It is <emphasis>strongly</emphasis> recommended that your network-"
16772
16767
"authenticated users have their uid in a different range (say, starting at "
16773
16768
"5000) than that of your local users."
16774
16769
msgstr ""
16775
16770
16776
#: serverguide/C/network-auth.xml:2842(para)
16771
#: serverguide/C/network-auth.xml:2841(para)
16777
16772
msgid ""
16778
16773
"Before installing the Kerberos server a properly configured DNS server is "
16779
16774
"needed for your domain. Since the Kerberos Realm by convention matches the "
16782
16777
"documentation."
16783
16778
msgstr ""
16784
16779
16785
#: serverguide/C/network-auth.xml:2848(para)
16780
#: serverguide/C/network-auth.xml:2847(para)
16786
16781
msgid ""
16787
16782
"Also, Kerberos is a time sensitive protocol. So if the local system time "
16788
16783
"between a client machine and the server differs by more than five minutes "
16792
16787
"setting up NTP see <xref linkend=\"NTP\"/>."
16793
16788
msgstr ""
16794
16789
16795
#: serverguide/C/network-auth.xml:2856(para)
16790
#: serverguide/C/network-auth.xml:2855(para)
16796
16791
msgid ""
16797
16792
"The first step in creating a Kerberos Realm is to install the "
16798
16793
"<application>krb5-kdc</application> and <application>krb5-admin-"
16799
16794
"server</application> packages. From a terminal enter:"
16800
16795
msgstr ""
16801
16796
16802
#: serverguide/C/network-auth.xml:2862(command) serverguide/C/network-auth.xml:3069(command)
16797
#: serverguide/C/network-auth.xml:2861(command) serverguide/C/network-auth.xml:3068(command)
16803
16798
msgid "sudo apt-get install krb5-kdc krb5-admin-server"
16804
16799
msgstr ""
16805
16800
16806
#: serverguide/C/network-auth.xml:2865(para)
16801
#: serverguide/C/network-auth.xml:2864(para)
16807
16802
msgid ""
16808
16803
"You will be asked at the end of the install to supply the hostname for the "
16809
16804
"Kerberos and Admin servers, which may or may not be the same server, for the "
16810
16805
"realm."
16811
16806
msgstr ""
16812
16807
16813
#: serverguide/C/network-auth.xml:2872(para)
16808
#: serverguide/C/network-auth.xml:2871(para)
16814
16809
msgid "By default the realm is created from the KDC's domain name."
16815
16810
msgstr ""
16816
16811
16817
#: serverguide/C/network-auth.xml:2877(para)
16812
#: serverguide/C/network-auth.xml:2876(para)
16818
16813
msgid ""
16819
16814
"Next, create the new realm with the <application>kdb5_newrealm</application> "
16820
16815
"utility:"
16821
16816
msgstr ""
16822
16817
16823
#: serverguide/C/network-auth.xml:2882(command)
16818
#: serverguide/C/network-auth.xml:2881(command)
16824
16819
msgid "sudo krb5_newrealm"
16825
16820
msgstr "sudo krb5_newrealm"
16826
16821
16827
#: serverguide/C/network-auth.xml:2889(para)
16822
#: serverguide/C/network-auth.xml:2888(para)
16828
16823
msgid ""
16829
16824
"The questions asked during installation are used to configure the "
16830
16825
"<filename>/etc/krb5.conf</filename> file. If you need to adjust the Key "
16834
16829
"typing"
16835
16830
msgstr ""
16836
16831
16837
#: serverguide/C/network-auth.xml:2896(command)
16832
#: serverguide/C/network-auth.xml:2895(command)
16838
16833
msgid "sudo dpkg-reconfigure krb5-kdc"
16839
16834
msgstr ""
16840
16835
16841
#: serverguide/C/network-auth.xml:2902(para)
16836
#: serverguide/C/network-auth.xml:2901(para)
16842
16837
msgid ""
16843
16838
"Once the KDC is properly running, an admin user -- the <emphasis>admin "
16844
16839
"principal</emphasis> -- is needed. It is recommended to use a different "
16846
16841
"<application>kadmin.local</application> utility in a terminal prompt enter:"
16847
16842
msgstr ""
16848
16843
16849
#: serverguide/C/network-auth.xml:2910(command) serverguide/C/network-auth.xml:3780(command)
16844
#: serverguide/C/network-auth.xml:2909(command) serverguide/C/network-auth.xml:3779(command)
16850
16845
msgid "sudo kadmin.local"
16851
16846
msgstr "sudo kadmin.local"
16852
16847
16853
#: serverguide/C/network-auth.xml:2911(computeroutput)
16848
#: serverguide/C/network-auth.xml:2910(computeroutput)
16854
16849
#, no-wrap
16855
16850
msgid ""
16856
16851
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
16857
16852
"kadmin.local:"
16858
16853
msgstr ""
16859
16854
16860
#: serverguide/C/network-auth.xml:2912(userinput)
16855
#: serverguide/C/network-auth.xml:2911(userinput)
16861
16856
#, no-wrap
16862
16857
msgid " addprinc steve/admin"
16863
16858
msgstr ""
16864
16859
16865
#: serverguide/C/network-auth.xml:2913(computeroutput)
16860
#: serverguide/C/network-auth.xml:2912(computeroutput)
16866
16861
#, no-wrap
16867
16862
msgid ""
16868
16863
"WARNING: no policy specified for steve/admin@EXAMPLE.COM; defaulting to no "
16873
16868
"kadmin.local:"
16874
16869
msgstr ""
16875
16870
16876
#: serverguide/C/network-auth.xml:2917(userinput)
16871
#: serverguide/C/network-auth.xml:2916(userinput)
16877
16872
#, no-wrap
16878
16873
msgid " quit"
16879
16874
msgstr ""
16880
16875
16881
#: serverguide/C/network-auth.xml:2920(para)
16876
#: serverguide/C/network-auth.xml:2919(para)
16882
16877
msgid ""
16883
16878
"In the above example <emphasis role=\"italic\">steve</emphasis> is the "
16884
16879
"<emphasis>Principal</emphasis>, <emphasis role=\"italic\">/admin</emphasis> "
16890
16885
"rights."
16891
16886
msgstr ""
16892
16887
16893
#: serverguide/C/network-auth.xml:2930(para)
16888
#: serverguide/C/network-auth.xml:2929(para)
16894
16889
msgid ""
16895
16890
"Replace <emphasis>EXAMPLE.COM</emphasis> and <emphasis>steve</emphasis> with "
16896
16891
"your Realm and admin username."
16897
16892
msgstr ""
16898
16893
16899
#: serverguide/C/network-auth.xml:2938(para)
16894
#: serverguide/C/network-auth.xml:2937(para)
16900
16895
msgid ""
16901
16896
"Next, the new admin user needs to have the appropriate Access Control List "
16902
16897
"(ACL) permissions. The permissions are configured in the "
16903
16898
"<filename>/etc/krb5kdc/kadm5.acl</filename> file:"
16904
16899
msgstr ""
16905
16900
16906
#: serverguide/C/network-auth.xml:2943(programlisting)
16901
#: serverguide/C/network-auth.xml:2942(programlisting)
16907
16902
#, no-wrap
16908
16903
msgid ""
16909
16904
"\n"
16910
16905
"steve/admin@EXAMPLE.COM *\n"
16911
16906
msgstr ""
16912
16907
16913
#: serverguide/C/network-auth.xml:2947(para)
16908
#: serverguide/C/network-auth.xml:2946(para)
16914
16909
msgid ""
16915
16910
"This entry grants <emphasis>steve/admin</emphasis> the ability to perform "
16916
16911
"any operation on all principals in the realm. You can configure principals "
16919
16914
"<emphasis>kadm5.acl</emphasis> man page for details."
16920
16915
msgstr ""
16921
16916
16922
#: serverguide/C/network-auth.xml:2959(para)
16917
#: serverguide/C/network-auth.xml:2958(para)
16923
16918
msgid ""
16924
16919
"Now restart the <application>krb5-admin-server</application> for the new ACL "
16925
16920
"to take affect:"
16926
16921
msgstr ""
16927
16922
16928
#: serverguide/C/network-auth.xml:2961(command)
16923
#: serverguide/C/network-auth.xml:2963(command)
16929
16924
msgid "sudo service krb5-admin-server restart"
16930
16925
msgstr ""
16931
16926
16932
#: serverguide/C/network-auth.xml:2970(para)
16927
#: serverguide/C/network-auth.xml:2969(para)
16933
16928
msgid ""
16934
16929
"The new user principal can be tested using the <application>kinit "
16935
16930
"utility</application>:"
16936
16931
msgstr ""
16937
16932
16938
#: serverguide/C/network-auth.xml:2975(command)
16933
#: serverguide/C/network-auth.xml:2974(command)
16939
16934
msgid "kinit steve/admin"
16940
16935
msgstr ""
16941
16936
16942
#: serverguide/C/network-auth.xml:2976(computeroutput)
16937
#: serverguide/C/network-auth.xml:2975(computeroutput)
16943
16938
#, no-wrap
16944
16939
msgid "steve/admin@EXAMPLE.COM's Password:"
16945
16940
msgstr ""
16946
16941
16947
#: serverguide/C/network-auth.xml:2979(para)
16942
#: serverguide/C/network-auth.xml:2978(para)
16948
16943
msgid ""
16949
16944
"After entering the password, use the <application>klist</application> "
16950
16945
"utility to view information about the Ticket Granting Ticket (TGT):"
16951
16946
msgstr ""
16952
16947
16953
#: serverguide/C/network-auth.xml:2985(command) serverguide/C/network-auth.xml:3362(command)
16948
#: serverguide/C/network-auth.xml:2984(command) serverguide/C/network-auth.xml:3361(command)
16954
16949
msgid "klist"
16955
16950
msgstr "klist"
16956
16951
16957
#: serverguide/C/network-auth.xml:2986(computeroutput)
16952
#: serverguide/C/network-auth.xml:2985(computeroutput)
16958
16953
#, no-wrap
16959
16954
msgid ""
16960
16955
"Credentials cache: FILE:/tmp/krb5cc_1000\n"
16964
16959
"Jul 13 17:53:34 Jul 14 03:53:34 krbtgt/EXAMPLE.COM@EXAMPLE.COM"
16965
16960
msgstr ""
16966
16961
16967
#: serverguide/C/network-auth.xml:2993(para)
16962
#: serverguide/C/network-auth.xml:2992(para)
16968
16963
msgid ""
16969
16964
"Where the cache filename <filename>krb5cc_1000</filename> is composed of the "
16970
16965
"prefix <filename>krb5cc_</filename> and the user id (uid), which in this "
16973
16968
"For example:"
16974
16969
msgstr ""
16975
16970
16976
#: serverguide/C/network-auth.xml:3002(programlisting)
16971
#: serverguide/C/network-auth.xml:3001(programlisting)
16977
16972
#, no-wrap
16978
16973
msgid ""
16979
16974
"\n"
16980
16975
"192.168.0.1 kdc01.example.com kdc01\n"
16981
16976
msgstr ""
16982
16977
16983
#: serverguide/C/network-auth.xml:3006(para)
16978
#: serverguide/C/network-auth.xml:3005(para)
16984
16979
msgid ""
16985
16980
"Replacing <emphasis>192.168.0.1</emphasis> with the IP address of your KDC. "
16986
16981
"This usually happens when you have a Kerberos realm encompassing different "
16987
16982
"networks separated by routers."
16988
16983
msgstr ""
16989
16984
16990
#: serverguide/C/network-auth.xml:3015(para)
16985
#: serverguide/C/network-auth.xml:3014(para)
16991
16986
msgid ""
16992
16987
"The best way to allow clients to automatically determine the KDC for the "
16993
16988
"Realm is using DNS SRV records. Add the following to "
16994
16989
"<filename>/etc/named/db.example.com</filename>:"
16995
16990
msgstr ""
16996
16991
16997
#: serverguide/C/network-auth.xml:3021(programlisting)
16992
#: serverguide/C/network-auth.xml:3020(programlisting)
16998
16993
#, no-wrap
16999
16994
msgid ""
17000
16995
"\n"
17006
17001
"_kpasswd._udp.EXAMPLE.COM. IN SRV 1 0 464 kdc01.example.com.\n"
17007
17002
msgstr ""
17008
17003
17009
#: serverguide/C/network-auth.xml:3031(para)
17004
#: serverguide/C/network-auth.xml:3030(para)
17010
17005
msgid ""
17011
17006
"Replace <emphasis>EXAMPLE.COM</emphasis>, <emphasis>kdc01</emphasis>, and "
17012
17007
"<emphasis>kdc02</emphasis> with your domain name, primary KDC, and secondary "
17013
17008
"KDC."
17014
17009
msgstr ""
17015
17010
17016
#: serverguide/C/network-auth.xml:3037(para)
17011
#: serverguide/C/network-auth.xml:3036(para)
17017
17012
msgid ""
17018
17013
"See <xref linkend=\"dns\"/> for detailed instructions on setting up DNS."
17019
17014
msgstr ""
17020
17015
17021
#: serverguide/C/network-auth.xml:3044(para)
17016
#: serverguide/C/network-auth.xml:3043(para)
17022
17017
msgid "Your new Kerberos Realm is now ready to authenticate clients."
17023
17018
msgstr ""
17024
17019
17025
#: serverguide/C/network-auth.xml:3051(title)
17020
#: serverguide/C/network-auth.xml:3050(title)
17026
17021
msgid "Secondary KDC"
17027
17022
msgstr ""
17028
17023
17029
#: serverguide/C/network-auth.xml:3053(para)
17024
#: serverguide/C/network-auth.xml:3052(para)
17030
17025
msgid ""
17031
17026
"Once you have one Key Distribution Center (KDC) on your network, it is good "
17032
17027
"practice to have a Secondary KDC in case the primary becomes unavailable. "
17035
17030
"of those networks."
17036
17031
msgstr ""
17037
17032
17038
#: serverguide/C/network-auth.xml:3064(para)
17033
#: serverguide/C/network-auth.xml:3063(para)
17039
17034
msgid ""
17040
17035
"First, install the packages, and when asked for the Kerberos and Admin "
17041
17036
"server names enter the name of the Primary KDC:"
17042
17037
msgstr ""
17043
17038
17044
#: serverguide/C/network-auth.xml:3075(para)
17039
#: serverguide/C/network-auth.xml:3074(para)
17045
17040
msgid ""
17046
17041
"Once you have the packages installed, create the Secondary KDC's host "
17047
17042
"principal. From a terminal prompt, enter:"
17048
17043
msgstr ""
17049
17044
17050
#: serverguide/C/network-auth.xml:3080(command)
17045
#: serverguide/C/network-auth.xml:3079(command)
17051
17046
msgid "kadmin -q \"addprinc -randkey host/kdc02.example.com\""
17052
17047
msgstr ""
17053
17048
17054
#: serverguide/C/network-auth.xml:3084(para)
17049
#: serverguide/C/network-auth.xml:3083(para)
17055
17050
msgid ""
17056
17051
"After, issuing any <application>kadmin</application> commands you will be "
17057
17052
"prompted for your <emphasis>username/admin@EXAMPLE.COM</emphasis> principal "
17058
17053
"password."
17059
17054
msgstr ""
17060
17055
17061
#: serverguide/C/network-auth.xml:3093(para)
17056
#: serverguide/C/network-auth.xml:3092(para)
17062
17057
msgid "Extract the <emphasis>keytab</emphasis> file:"
17063
17058
msgstr ""
17064
17059
17065
#: serverguide/C/network-auth.xml:3098(command)
17060
#: serverguide/C/network-auth.xml:3097(command)
17066
17061
msgid "kadmin -q \"ktadd -norandkey -k keytab.kdc02 host/kdc02.example.com\""
17067
17062
msgstr ""
17068
17063
17069
#: serverguide/C/network-auth.xml:3104(para)
17064
#: serverguide/C/network-auth.xml:3103(para)
17070
17065
msgid ""
17071
17066
"There should now be a <filename>keytab.kdc02</filename> in the current "
17072
17067
"directory, move the file to <filename>/etc/krb5.keytab</filename>:"
17073
17068
msgstr ""
17074
17069
17075
#: serverguide/C/network-auth.xml:3110(command)
17070
#: serverguide/C/network-auth.xml:3109(command)
17076
17071
msgid "sudo mv keytab.kdc02 /etc/krb5.keytab"
17077
17072
msgstr "sudo mv keytab.kdc02 /etc/krb5.keytab"
17078
17073
17079
#: serverguide/C/network-auth.xml:3114(para)
17074
#: serverguide/C/network-auth.xml:3113(para)
17080
17075
msgid ""
17081
17076
"If the path to the <filename>keytab.kdc02</filename> file is different "
17082
17077
"adjust accordingly."
17083
17078
msgstr ""
17084
17079
17085
#: serverguide/C/network-auth.xml:3119(para)
17080
#: serverguide/C/network-auth.xml:3118(para)
17086
17081
msgid ""
17087
17082
"Also, you can list the principals in a Keytab file, which can be useful when "
17088
17083
"troubleshooting, using the <application>klist</application> utility:"
17089
17084
msgstr ""
17090
17085
17091
#: serverguide/C/network-auth.xml:3125(command)
17086
#: serverguide/C/network-auth.xml:3124(command)
17092
17087
msgid "sudo klist -k /etc/krb5.keytab"
17093
17088
msgstr "sudo klist -k /etc/krb5.keytab"
17094
17089
17095
#: serverguide/C/network-auth.xml:3128(para)
17090
#: serverguide/C/network-auth.xml:3127(para)
17096
17091
msgid ""
17097
17092
"The <application>-k</application> option indicates the file is a keytab file."
17098
17093
msgstr ""
17099
17094
17100
#: serverguide/C/network-auth.xml:3135(para)
17095
#: serverguide/C/network-auth.xml:3134(para)
17101
17096
msgid ""
17102
17097
"Next, there needs to be a <filename>kpropd.acl</filename> file on each KDC "
17103
17098
"that lists all KDCs for the Realm. For example, on both primary and "
17104
17099
"secondary KDC, create <filename>/etc/krb5kdc/kpropd.acl</filename>:"
17105
17100
msgstr ""
17106
17101
17107
#: serverguide/C/network-auth.xml:3140(programlisting)
17102
#: serverguide/C/network-auth.xml:3139(programlisting)
17108
17103
#, no-wrap
17109
17104
msgid ""
17110
17105
"\n"
17112
17107
"host/kdc02.example.com@EXAMPLE.COM\n"
17113
17108
msgstr ""
17114
17109
17115
#: serverguide/C/network-auth.xml:3148(para)
17110
#: serverguide/C/network-auth.xml:3147(para)
17116
17111
msgid "Create an empty database on the <emphasis>Secondary KDC</emphasis>:"
17117
17112
msgstr ""
17118
17113
17119
#: serverguide/C/network-auth.xml:3153(command)
17114
#: serverguide/C/network-auth.xml:3152(command)
17120
17115
msgid "sudo kdb5_util -s create"
17121
17116
msgstr "sudo kdb5_util -s create"
17122
17117
17123
#: serverguide/C/network-auth.xml:3159(para)
17118
#: serverguide/C/network-auth.xml:3158(para)
17124
17119
msgid ""
17125
17120
"Now start the <application>kpropd</application> daemon, which listens for "
17126
17121
"connections from the <application>kprop</application> utility. "
17127
17122
"<application>kprop</application> is used to transfer dump files:"
17128
17123
msgstr ""
17129
17124
17130
#: serverguide/C/network-auth.xml:3166(command)
17125
#: serverguide/C/network-auth.xml:3165(command)
17131
17126
msgid "sudo kpropd -S"
17132
17127
msgstr "sudo kpropd -S"
17133
17128
17134
#: serverguide/C/network-auth.xml:3172(para)
17129
#: serverguide/C/network-auth.xml:3171(para)
17135
17130
msgid ""
17136
17131
"From a terminal on the <emphasis>Primary KDC</emphasis>, create a dump file "
17137
17132
"of the principal database:"
17138
17133
msgstr ""
17139
17134
17140
#: serverguide/C/network-auth.xml:3177(command)
17135
#: serverguide/C/network-auth.xml:3176(command)
17141
17136
msgid "sudo kdb5_util dump /var/lib/krb5kdc/dump"
17142
17137
msgstr "sudo kdb5_util dump /var/lib/krb5kdc/dump"
17143
17138
17144
#: serverguide/C/network-auth.xml:3183(para)
17139
#: serverguide/C/network-auth.xml:3182(para)
17145
17140
msgid ""
17146
17141
"Extract the Primary KDC's <emphasis>keytab</emphasis> file and copy it to "
17147
17142
"<filename>/etc/krb5.keytab</filename>:"
17148
17143
msgstr ""
17149
17144
17145
#: serverguide/C/network-auth.xml:3187(command)
17146
msgid "kadmin -q \"ktadd -k keytab.kdc01 host/kdc01.example.com\""
17147
msgstr ""
17148
17150
17149
#: serverguide/C/network-auth.xml:3188(command)
17151
msgid "kadmin -q \"ktadd -k keytab.kdc01 host/kdc01.example.com\""
17152
msgstr ""
17153
17154
#: serverguide/C/network-auth.xml:3189(command)
17155
17150
msgid "sudo mv keytab.kdc01 /etc/krb5.keytab"
17156
17151
msgstr "sudo mv keytab.kdc01 /etc/krb5.keytab"
17157
17152
17158
#: serverguide/C/network-auth.xml:3193(para)
17153
#: serverguide/C/network-auth.xml:3192(para)
17159
17154
msgid ""
17160
17155
"Make sure there is a <emphasis>host</emphasis> for "
17161
17156
"<emphasis>kdc01.example.com</emphasis> before extracting the Keytab."
17162
17157
msgstr ""
17163
17158
17164
#: serverguide/C/network-auth.xml:3201(para)
17159
#: serverguide/C/network-auth.xml:3200(para)
17165
17160
msgid ""
17166
17161
"Using the <application>kprop</application> utility push the database to the "
17167
17162
"Secondary KDC:"
17168
17163
msgstr ""
17169
17164
17170
#: serverguide/C/network-auth.xml:3206(command)
17165
#: serverguide/C/network-auth.xml:3205(command)
17171
17166
msgid "sudo kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com"
17172
17167
msgstr ""
17173
17168
17174
#: serverguide/C/network-auth.xml:3210(para)
17169
#: serverguide/C/network-auth.xml:3209(para)
17175
17170
msgid ""
17176
17171
"There should be a <emphasis>SUCCEEDED</emphasis> message if the propagation "
17177
17172
"worked. If there is an error message check "
17179
17174
"information."
17180
17175
msgstr ""
17181
17176
17182
#: serverguide/C/network-auth.xml:3216(para)
17177
#: serverguide/C/network-auth.xml:3215(para)
17183
17178
msgid ""
17184
17179
"You may also want to create a <application>cron</application> job to "
17185
17180
"periodically update the database on the Secondary KDC. For example, the "
17187
17182
"split to fit the format of this document):"
17188
17183
msgstr ""
17189
17184
17190
#: serverguide/C/network-auth.xml:3221(programlisting)
17185
#: serverguide/C/network-auth.xml:3220(programlisting)
17191
17186
#, no-wrap
17192
17187
msgid ""
17193
17188
"\n"
17196
17191
"/usr/sbin/kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com\n"
17197
17192
msgstr ""
17198
17193
17199
#: serverguide/C/network-auth.xml:3230(para)
17194
#: serverguide/C/network-auth.xml:3229(para)
17200
17195
msgid ""
17201
17196
"Back on the <emphasis>Secondary KDC</emphasis>, create a "
17202
17197
"<emphasis>stash</emphasis> file to hold the Kerberos master key:"
17203
17198
msgstr ""
17204
17199
17205
#: serverguide/C/network-auth.xml:3236(command)
17200
#: serverguide/C/network-auth.xml:3235(command)
17206
17201
msgid "sudo kdb5_util stash"
17207
17202
msgstr "sudo kdb5_util stash"
17208
17203
17209
#: serverguide/C/network-auth.xml:3242(para)
17204
#: serverguide/C/network-auth.xml:3241(para)
17210
17205
msgid ""
17211
17206
"Finally, start the <application>krb5-kdc</application> daemon on the "
17212
17207
"Secondary KDC:"
17213
17208
msgstr ""
17214
17209
17215
#: serverguide/C/network-auth.xml:3244(command) serverguide/C/network-auth.xml:3920(command)
17210
#: serverguide/C/network-auth.xml:3246(command) serverguide/C/network-auth.xml:3922(command)
17216
17211
msgid "sudo service krb5-kdc start"
17217
17212
msgstr ""
17218
17213
17219
#: serverguide/C/network-auth.xml:3253(para)
17214
#: serverguide/C/network-auth.xml:3252(para)
17220
17215
msgid ""
17221
17216
"The <emphasis>Secondary KDC</emphasis> should now be able to issue tickets "
17222
17217
"for the Realm. You can test this by stopping the <application>krb5-"
17227
17222
"<filename>/var/log/auth.log</filename> in the Secondary KDC."
17228
17223
msgstr ""
17229
17224
17230
#: serverguide/C/network-auth.xml:3264(title)
17225
#: serverguide/C/network-auth.xml:3263(title)
17231
17226
msgid "Kerberos Linux Client"
17232
17227
msgstr ""
17233
17228
17234
#: serverguide/C/network-auth.xml:3266(para)
17229
#: serverguide/C/network-auth.xml:3265(para)
17235
17230
msgid ""
17236
17231
"This section covers configuring a Linux system as a "
17237
17232
"<application>Kerberos</application> client. This will allow access to any "
17238
17233
"kerberized services once a user has successfully logged into the system."
17239
17234
msgstr ""
17240
17235
17241
#: serverguide/C/network-auth.xml:3274(para)
17236
#: serverguide/C/network-auth.xml:3273(para)
17242
17237
msgid ""
17243
17238
"In order to authenticate to a Kerberos Realm, the <application>krb5-"
17244
17239
"user</application> and <application>libpam-krb5</application> packages are "
17247
17242
"prompt:"
17248
17243
msgstr ""
17249
17244
17250
#: serverguide/C/network-auth.xml:3281(command)
17245
#: serverguide/C/network-auth.xml:3280(command)
17251
17246
msgid ""
17252
17247
"sudo apt-get install krb5-user libpam-krb5 libpam-ccreds auth-client-config"
17253
17248
msgstr ""
17254
17249
17255
#: serverguide/C/network-auth.xml:3284(para)
17250
#: serverguide/C/network-auth.xml:3283(para)
17256
17251
msgid ""
17257
17252
"The <application>auth-client-config</application> package allows simple "
17258
17253
"configuration of PAM for authentication from multiple sources, and the "
17263
17258
"be accessed off the network as well."
17264
17259
msgstr ""
17265
17260
17266
#: serverguide/C/network-auth.xml:3295(para)
17261
#: serverguide/C/network-auth.xml:3294(para)
17267
17262
msgid "To configure the client in a terminal enter:"
17268
17263
msgstr "Za nastavljanje odjemalca, v terminal vpišite:"
17269
17264
17270
#: serverguide/C/network-auth.xml:3300(command)
17265
#: serverguide/C/network-auth.xml:3299(command)
17271
17266
msgid "sudo dpkg-reconfigure krb5-config"
17272
17267
msgstr "sudo dpkg-reconfigure krb5-config"
17273
17268
17274
#: serverguide/C/network-auth.xml:3303(para)
17269
#: serverguide/C/network-auth.xml:3302(para)
17275
17270
msgid ""
17276
17271
"You will then be prompted to enter the name of the Kerberos Realm. Also, if "
17277
17272
"you don't have DNS configured with Kerberos <emphasis>SRV</emphasis> "
17279
17274
"Center (KDC) and Realm Administration server."
17280
17275
msgstr ""
17281
17276
17282
#: serverguide/C/network-auth.xml:3309(para)
17277
#: serverguide/C/network-auth.xml:3308(para)
17283
17278
msgid ""
17284
17279
"The <application>dpkg-reconfigure</application> adds entries to the "
17285
17280
"<filename>/etc/krb5.conf</filename> file for your Realm. You should have "
17286
17281
"entries similar to the following:"
17287
17282
msgstr ""
17288
17283
17289
#: serverguide/C/network-auth.xml:3311(programlisting)
17284
#: serverguide/C/network-auth.xml:3313(programlisting)
17290
17285
#, no-wrap
17291
17286
msgid ""
17292
17287
"\n"
17300
17295
" }\n"
17301
17296
msgstr ""
17302
17297
17303
#: serverguide/C/network-auth.xml:3326(para)
17298
#: serverguide/C/network-auth.xml:3325(para)
17304
17299
msgid ""
17305
17300
"If you set the uid of each of your network-authenticated users to start at "
17306
17301
"5000, as suggested in <xref linkend=\"kerberos-server-installation\"/>, you "
17308
17303
"> 5000:"
17309
17304
msgstr ""
17310
17305
17311
#: serverguide/C/network-auth.xml:3334(command)
17306
#: serverguide/C/network-auth.xml:3333(command)
17312
17307
msgid ""
17313
17308
"# Kerberos should only be applied to ldap/kerberos users, not local ones. "
17314
17309
"for i in common-auth common-session common-account common-password; do sudo "
17316
17311
"minimum_uid=5000/' \\ /etc/pam.d/$i done"
17317
17312
msgstr ""
17318
17313
17319
#: serverguide/C/network-auth.xml:3341(para)
17314
#: serverguide/C/network-auth.xml:3340(para)
17320
17315
msgid ""
17321
17316
"This will avoid being asked for the (non-existent) Kerberos password of a "
17322
17317
"locally authenticated user when changing its password using "
17323
17318
"<command>passwd</command>."
17324
17319
msgstr ""
17325
17320
17326
#: serverguide/C/network-auth.xml:3348(para)
17321
#: serverguide/C/network-auth.xml:3347(para)
17327
17322
msgid ""
17328
17323
"You can test the configuration by requesting a ticket using the "
17329
17324
"<application>kinit</application> utility. For example:"
17330
17325
msgstr ""
17331
17326
17332
#: serverguide/C/network-auth.xml:3353(command)
17327
#: serverguide/C/network-auth.xml:3352(command)
17333
17328
msgid "kinit steve@EXAMPLE.COM"
17334
17329
msgstr ""
17335
17330
17336
#: serverguide/C/network-auth.xml:3354(computeroutput)
17331
#: serverguide/C/network-auth.xml:3353(computeroutput)
17337
17332
#, no-wrap
17338
17333
msgid "Password for steve@EXAMPLE.COM:"
17339
17334
msgstr ""
17340
17335
17341
#: serverguide/C/network-auth.xml:3357(para)
17336
#: serverguide/C/network-auth.xml:3356(para)
17342
17337
msgid ""
17343
17338
"When a ticket has been granted, the details can be viewed using "
17344
17339
"<application>klist</application>:"
17345
17340
msgstr ""
17346
17341
17347
#: serverguide/C/network-auth.xml:3363(computeroutput)
17342
#: serverguide/C/network-auth.xml:3362(computeroutput)
17348
17343
#, no-wrap
17349
17344
msgid ""
17350
17345
"Ticket cache: FILE:/tmp/krb5cc_1000\n"
17359
17354
"klist: You have no tickets cached"
17360
17355
msgstr ""
17361
17356
17362
#: serverguide/C/network-auth.xml:3375(para)
17357
#: serverguide/C/network-auth.xml:3374(para)
17363
17358
msgid ""
17364
17359
"Next, use the <application>auth-client-config</application> to configure the "
17365
17360
"<application>libpam-krb5</application> module to request a ticket during "
17366
17361
"login:"
17367
17362
msgstr ""
17368
17363
17369
#: serverguide/C/network-auth.xml:3381(command)
17364
#: serverguide/C/network-auth.xml:3380(command)
17370
17365
msgid "sudo auth-client-config -a -p kerberos_example"
17371
17366
msgstr ""
17372
17367
17373
#: serverguide/C/network-auth.xml:3384(para)
17368
#: serverguide/C/network-auth.xml:3383(para)
17374
17369
msgid ""
17375
17370
"You will should now receive a ticket upon successful login authentication."
17376
17371
msgstr ""
17377
17372
17378
#: serverguide/C/network-auth.xml:3395(para)
17373
#: serverguide/C/network-auth.xml:3394(para)
17379
17374
msgid ""
17380
17375
"For more information on MIT's version of Kerberos, see the <ulink "
17381
17376
"url=\"http://web.mit.edu/Kerberos/\">MIT Kerberos</ulink> site."
17382
17377
msgstr ""
17383
17378
17384
#: serverguide/C/network-auth.xml:3400(para)
17379
#: serverguide/C/network-auth.xml:3399(para)
17385
17380
msgid ""
17386
17381
"The <ulink url=\"https://help.ubuntu.com/community/Kerberos\">Ubuntu Wiki "
17387
17382
"Kerberos</ulink> page has more details."
17389
17384
"Stran <ulink url=\"https://help.ubuntu.com/community/Kerberos\">Kerberos na "
17390
17385
"Ubuntu Wiki</ulink> vsebuje več podrobnosti."
17391
17386
17392
#: serverguide/C/network-auth.xml:3405(para)
17387
#: serverguide/C/network-auth.xml:3404(para)
17393
17388
msgid ""
17394
17389
"O'Reilly's <ulink "
17395
17390
"url=\"http://oreilly.com/catalog/9780596004033/\">Kerberos: The Definitive "
17396
17391
"Guide</ulink> is a great reference when setting up Kerberos."
17397
17392
msgstr ""
17398
17393
17399
#: serverguide/C/network-auth.xml:3411(para)
17394
#: serverguide/C/network-auth.xml:3410(para)
17400
17395
msgid ""
17401
17396
"Also, feel free to stop by the <emphasis>#ubuntu-server</emphasis> and "
17402
17397
"<emphasis>#kerberos</emphasis> IRC channels on <ulink "
17403
17398
"url=\"http://freenode.net/\">Freenode</ulink> if you have Kerberos questions."
17404
17399
msgstr ""
17405
17400
17406
#: serverguide/C/network-auth.xml:3423(title)
17401
#: serverguide/C/network-auth.xml:3422(title)
17407
17402
msgid "Kerberos and LDAP"
17408
17403
msgstr "Kerberos in LDAP"
17409
17404
17410
#: serverguide/C/network-auth.xml:3425(para)
17405
#: serverguide/C/network-auth.xml:3424(para)
17411
17406
msgid ""
17412
17407
"Most people will not use Kerberos by itself; once an user is authenticated "
17413
17408
"(Kerberos), we need to figure out what this user can do (authorization). And "
17414
17409
"that would be the job of programs such as <application>LDAP</application>."
17415
17410
msgstr ""
17416
17411
17417
#: serverguide/C/network-auth.xml:3432(para)
17412
#: serverguide/C/network-auth.xml:3431(para)
17418
17413
msgid ""
17419
17414
"Replicating a Kerberos principal database between two servers can be "
17420
17415
"complicated, and adds an additional user database to your network. "
17424
17419
"<application>OpenLDAP</application> for the principal database."
17425
17420
msgstr ""
17426
17421
17427
#: serverguide/C/network-auth.xml:3440(para)
17422
#: serverguide/C/network-auth.xml:3439(para)
17428
17423
msgid ""
17429
17424
"The examples presented here assume <application>MIT Kerberos</application> "
17430
17425
"and <application>OpenLDAP</application>."
17431
17426
msgstr ""
17432
17427
17433
#: serverguide/C/network-auth.xml:3448(title)
17428
#: serverguide/C/network-auth.xml:3447(title)
17434
17429
msgid "Configuring OpenLDAP"
17435
17430
msgstr "Nastavljanje OpenLDAP"
17436
17431
17437
#: serverguide/C/network-auth.xml:3450(para)
17432
#: serverguide/C/network-auth.xml:3449(para)
17438
17433
msgid ""
17439
17434
"First, the necessary <emphasis>schema</emphasis> needs to be loaded on an "
17440
17435
"<application>OpenLDAP</application> server that has network connectivity to "
17443
17438
"information on setting up OpenLDAP see <xref linkend=\"openldap-server\"/>."
17444
17439
msgstr ""
17445
17440
17446
#: serverguide/C/network-auth.xml:3456(para)
17441
#: serverguide/C/network-auth.xml:3455(para)
17447
17442
msgid ""
17448
17443
"It is also required to configure OpenLDAP for TLS and SSL connections, so "
17449
17444
"that traffic between the KDC and LDAP server is encrypted. See <xref "
17450
17445
"linkend=\"openldap-tls\"/> for details."
17451
17446
msgstr ""
17452
17447
17453
#: serverguide/C/network-auth.xml:3462(para)
17448
#: serverguide/C/network-auth.xml:3461(para)
17454
17449
msgid ""
17455
17450
"<filename>cn=admin,cn=config</filename> is a user we created with rights to "
17456
17451
"edit the ldap database. Many times it is the RootDN. Change its value to "
17457
17452
"reflect your setup."
17458
17453
msgstr ""
17459
17454
17460
#: serverguide/C/network-auth.xml:3471(para)
17455
#: serverguide/C/network-auth.xml:3470(para)
17461
17456
msgid ""
17462
17457
"To load the schema into LDAP, on the LDAP server install the "
17463
17458
"<application>krb5-kdc-ldap</application> package. From a terminal enter:"
17464
17459
msgstr ""
17465
17460
17466
#: serverguide/C/network-auth.xml:3477(command)
17461
#: serverguide/C/network-auth.xml:3476(command)
17467
17462
msgid "sudo apt-get install krb5-kdc-ldap"
17468
17463
msgstr "sudo apt-get install krb5-kdc-ldap"
17469
17464
17470
#: serverguide/C/network-auth.xml:3482(para)
17465
#: serverguide/C/network-auth.xml:3481(para)
17471
17466
msgid "Next, extract the <filename>kerberos.schema.gz</filename> file:"
17472
17467
msgstr ""
17473
17468
17474
#: serverguide/C/network-auth.xml:3487(command)
17469
#: serverguide/C/network-auth.xml:3486(command)
17475
17470
msgid "sudo gzip -d /usr/share/doc/krb5-kdc-ldap/kerberos.schema.gz"
17476
17471
msgstr "sudo gzip -d /usr/share/doc/krb5-kdc-ldap/kerberos.schema.gz"
17477
17472
17478
#: serverguide/C/network-auth.xml:3488(command)
17473
#: serverguide/C/network-auth.xml:3487(command)
17479
17474
msgid ""
17480
17475
"sudo cp /usr/share/doc/krb5-kdc-ldap/kerberos.schema /etc/ldap/schema/"
17481
17476
msgstr ""
17482
17477
"sudo cp /usr/share/doc/krb5-kdc-ldap/kerberos.schema /etc/ldap/schema/"
17483
17478
17484
#: serverguide/C/network-auth.xml:3494(para)
17479
#: serverguide/C/network-auth.xml:3493(para)
17485
17480
msgid ""
17486
17481
"The <emphasis>kerberos</emphasis> schema needs to be added to the "
17487
17482
"<emphasis>cn=config</emphasis> tree. The procedure to add a new schema to "
17489
17484
"linkend=\"openldap-configuration\"/>."
17490
17485
msgstr ""
17491
17486
17492
#: serverguide/C/network-auth.xml:3502(para)
17487
#: serverguide/C/network-auth.xml:3501(para)
17493
17488
msgid ""
17494
17489
"First, create a configuration file named "
17495
17490
"<filename>schema_convert.conf</filename>, or a similar descriptive name, "
17496
17491
"containing the following lines:"
17497
17492
msgstr ""
17498
17493
17499
#: serverguide/C/network-auth.xml:3507(programlisting)
17494
#: serverguide/C/network-auth.xml:3506(programlisting)
17500
17495
#, no-wrap
17501
17496
msgid ""
17502
17497
"\n"
17529
17524
"include /etc/ldap/schema/ppolicy.schema\n"
17530
17525
"include /etc/ldap/schema/kerberos.schema\n"
17531
17526
17532
#: serverguide/C/network-auth.xml:3527(para)
17527
#: serverguide/C/network-auth.xml:3526(para)
17533
17528
msgid "Create a temporary directory to hold the LDIF files:"
17534
17529
msgstr "Ustvarite začasno mapo, ki bo vsebovala datoteke LDIF:"
17535
17530
17536
#: serverguide/C/network-auth.xml:3531(command)
17531
#: serverguide/C/network-auth.xml:3530(command)
17537
17532
msgid "mkdir /tmp/ldif_output"
17538
17533
msgstr "mkdir /tmp/ldif_output"
17539
17534
17540
#: serverguide/C/network-auth.xml:3537(para)
17535
#: serverguide/C/network-auth.xml:3536(para)
17541
17536
msgid ""
17542
17537
"Now use <application>slapcat</application> to convert the schema files:"
17543
17538
msgstr ""
17544
17539
17545
#: serverguide/C/network-auth.xml:3542(command)
17540
#: serverguide/C/network-auth.xml:3541(command)
17546
17541
msgid ""
17547
17542
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s \\ "
17548
17543
"\"cn={12}kerberos,cn=schema,cn=config\" > /tmp/cn=kerberos.ldif"
17549
17544
msgstr ""
17550
17545
17551
#: serverguide/C/network-auth.xml:3546(para)
17546
#: serverguide/C/network-auth.xml:3545(para)
17552
17547
msgid ""
17553
17548
"Change the above file and path names to match your own if they are different."
17554
17549
msgstr ""
17555
17550
17556
#: serverguide/C/network-auth.xml:3553(para)
17551
#: serverguide/C/network-auth.xml:3552(para)
17557
17552
msgid ""
17558
17553
"Edit the generated <filename>/tmp/cn\\=kerberos.ldif</filename> file, "
17559
17554
"changing the following attributes:"
17560
17555
msgstr ""
17561
17556
17562
#: serverguide/C/network-auth.xml:3557(programlisting)
17557
#: serverguide/C/network-auth.xml:3556(programlisting)
17563
17558
#, no-wrap
17564
17559
msgid ""
17565
17560
"\n"
17568
17563
"cn: kerberos\n"
17569
17564
msgstr ""
17570
17565
17571
#: serverguide/C/network-auth.xml:3563(para)
17566
#: serverguide/C/network-auth.xml:3562(para)
17572
17567
msgid "And remove the following lines from the end of the file:"
17573
17568
msgstr "In odstranite sledeče vrstice z dna datoteke:"
17574
17569
17575
#: serverguide/C/network-auth.xml:3567(programlisting)
17570
#: serverguide/C/network-auth.xml:3566(programlisting)
17576
17571
#, no-wrap
17577
17572
msgid ""
17578
17573
"\n"
17585
17580
"modifyTimestamp: 20090111203515Z\n"
17586
17581
msgstr ""
17587
17582
17588
#: serverguide/C/network-auth.xml:3577(para)
17583
#: serverguide/C/network-auth.xml:3576(para)
17589
17584
msgid ""
17590
17585
"The attribute values will vary, just be sure the attributes are removed."
17591
17586
msgstr ""
17592
17587
17593
#: serverguide/C/network-auth.xml:3584(para)
17588
#: serverguide/C/network-auth.xml:3583(para)
17594
17589
msgid "Load the new schema with <application>ldapadd</application>:"
17595
17590
msgstr ""
17596
17591
17597
#: serverguide/C/network-auth.xml:3589(command)
17592
#: serverguide/C/network-auth.xml:3588(command)
17598
17593
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=kerberos.ldif"
17599
17594
msgstr ""
17600
17595
17601
#: serverguide/C/network-auth.xml:3595(para)
17596
#: serverguide/C/network-auth.xml:3594(para)
17602
17597
msgid ""
17603
17598
"Add an index for the <emphasis>krb5principalname</emphasis> attribute:"
17604
17599
msgstr ""
17605
17600
17606
#: serverguide/C/network-auth.xml:3600(command) serverguide/C/network-auth.xml:3617(command)
17601
#: serverguide/C/network-auth.xml:3599(command) serverguide/C/network-auth.xml:3616(command)
17607
17602
msgid "ldapmodify -x -D cn=admin,cn=config -W"
17608
17603
msgstr ""
17609
17604
17610
#: serverguide/C/network-auth.xml:3602(userinput)
17605
#: serverguide/C/network-auth.xml:3601(userinput)
17611
17606
#, no-wrap
17612
17607
msgid ""
17613
17608
"dn: olcDatabase={1}hdb,cn=config\n"
17615
17610
"olcDbIndex: krbPrincipalName eq,pres,sub"
17616
17611
msgstr ""
17617
17612
17618
#: serverguide/C/network-auth.xml:3601(computeroutput)
17613
#: serverguide/C/network-auth.xml:3600(computeroutput)
17619
17614
#, no-wrap
17620
17615
msgid ""
17621
17616
"Enter LDAP Password:\n"
17624
17619
"modifying entry \"olcDatabase={1}hdb,cn=config\""
17625
17620
msgstr ""
17626
17621
17627
#: serverguide/C/network-auth.xml:3612(para)
17622
#: serverguide/C/network-auth.xml:3611(para)
17628
17623
msgid "Finally, update the Access Control Lists (ACL):"
17629
17624
msgstr ""
17630
17625
17631
#: serverguide/C/network-auth.xml:3619(userinput)
17626
#: serverguide/C/network-auth.xml:3618(userinput)
17632
17627
#, no-wrap
17633
17628
msgid ""
17634
17629
"dn: olcDatabase={1}hdb,cn=config\n"
17644
17639
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read"
17645
17640
msgstr ""
17646
17641
17647
#: serverguide/C/network-auth.xml:3618(computeroutput)
17642
#: serverguide/C/network-auth.xml:3617(computeroutput)
17648
17643
#, no-wrap
17649
17644
msgid ""
17650
17645
"Enter LDAP Password: \n"
17653
17648
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
17654
17649
msgstr ""
17655
17650
17656
#: serverguide/C/network-auth.xml:3639(para)
17651
#: serverguide/C/network-auth.xml:3638(para)
17657
17652
msgid ""
17658
17653
"That's it, your LDAP directory is now ready to serve as a Kerberos principal "
17659
17654
"database."
17660
17655
msgstr ""
17661
17656
17662
#: serverguide/C/network-auth.xml:3645(title)
17657
#: serverguide/C/network-auth.xml:3644(title)
17663
17658
msgid "Primary KDC Configuration"
17664
17659
msgstr ""
17665
17660
17666
#: serverguide/C/network-auth.xml:3647(para)
17661
#: serverguide/C/network-auth.xml:3646(para)
17667
17662
msgid ""
17668
17663
"With <application>OpenLDAP</application> configured it is time to configure "
17669
17664
"the KDC."
17670
17665
msgstr ""
17671
17666
17672
#: serverguide/C/network-auth.xml:3653(para)
17667
#: serverguide/C/network-auth.xml:3652(para)
17673
17668
msgid "First, install the necessary packages, from a terminal enter:"
17674
17669
msgstr ""
17675
17670
17676
#: serverguide/C/network-auth.xml:3658(command) serverguide/C/network-auth.xml:3817(command)
17671
#: serverguide/C/network-auth.xml:3657(command) serverguide/C/network-auth.xml:3816(command)
17677
17672
msgid "sudo apt-get install krb5-kdc krb5-admin-server krb5-kdc-ldap"
17678
17673
msgstr ""
17679
17674
17680
#: serverguide/C/network-auth.xml:3664(para)
17675
#: serverguide/C/network-auth.xml:3663(para)
17681
17676
msgid ""
17682
17677
"Now edit <filename>/etc/krb5.conf</filename> adding the following options to "
17683
17678
"under the appropriate sections:"
17684
17679
msgstr ""
17685
17680
17686
#: serverguide/C/network-auth.xml:3668(programlisting)
17681
#: serverguide/C/network-auth.xml:3667(programlisting)
17687
17682
#, no-wrap
17688
17683
msgid ""
17689
17684
"\n"
17733
17728
" }\n"
17734
17729
msgstr ""
17735
17730
17736
#: serverguide/C/network-auth.xml:3713(para)
17731
#: serverguide/C/network-auth.xml:3712(para)
17737
17732
msgid ""
17738
17733
"Change <emphasis>example.com</emphasis>, "
17739
17734
"<emphasis>dc=example,dc=com</emphasis>, "
17742
17737
"object, and LDAP server for your network."
17743
17738
msgstr ""
17744
17739
17745
#: serverguide/C/network-auth.xml:3722(para)
17740
#: serverguide/C/network-auth.xml:3721(para)
17746
17741
msgid ""
17747
17742
"Next, use the <application>kdb5_ldap_util</application> utility to create "
17748
17743
"the realm:"
17749
17744
msgstr ""
17750
17745
17751
#: serverguide/C/network-auth.xml:3727(command)
17746
#: serverguide/C/network-auth.xml:3726(command)
17752
17747
msgid ""
17753
17748
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com create -subtrees \\ "
17754
17749
"dc=example,dc=com -r EXAMPLE.COM -s -H ldap://ldap01.example.com"
17755
17750
msgstr ""
17756
17751
17757
#: serverguide/C/network-auth.xml:3734(para)
17752
#: serverguide/C/network-auth.xml:3733(para)
17758
17753
msgid ""
17759
17754
"Create a stash of the password used to bind to the LDAP server. This "
17760
17755
"password is used by the <emphasis>ldap_kdc_dn</emphasis> and "
17762
17757
"<filename>/etc/krb5.conf</filename>:"
17763
17758
msgstr ""
17764
17759
17765
#: serverguide/C/network-auth.xml:3740(command) serverguide/C/network-auth.xml:3879(command)
17760
#: serverguide/C/network-auth.xml:3739(command) serverguide/C/network-auth.xml:3878(command)
17766
17761
msgid ""
17767
17762
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com stashsrvpw -f \\ "
17768
17763
"/etc/krb5kdc/service.keyfile cn=admin,dc=example,dc=com"
17769
17764
msgstr ""
17770
17765
17771
#: serverguide/C/network-auth.xml:3747(para)
17766
#: serverguide/C/network-auth.xml:3746(para)
17772
17767
msgid "Copy the CA certificate from the LDAP server:"
17773
17768
msgstr ""
17774
17769
17775
#: serverguide/C/network-auth.xml:3752(command)
17770
#: serverguide/C/network-auth.xml:3751(command)
17776
17771
msgid "scp ldap01:/etc/ssl/certs/cacert.pem ."
17777
17772
msgstr "scp ldap01:/etc/ssl/certs/cacert.pem ."
17778
17773
17779
#: serverguide/C/network-auth.xml:3753(command)
17774
#: serverguide/C/network-auth.xml:3752(command)
17780
17775
msgid "sudo cp cacert.pem /etc/ssl/certs"
17781
17776
msgstr "sudo cp cacert.pem /etc/ssl/certs"
17782
17777
17783
#: serverguide/C/network-auth.xml:3756(para)
17778
#: serverguide/C/network-auth.xml:3755(para)
17784
17779
msgid ""
17785
17780
"And edit <filename>/etc/ldap/ldap.conf</filename> to use the certificate:"
17786
17781
msgstr ""
17787
17782
17788
#: serverguide/C/network-auth.xml:3760(programlisting)
17783
#: serverguide/C/network-auth.xml:3759(programlisting)
17789
17784
#, no-wrap
17790
17785
msgid ""
17791
17786
"\n"
17792
17787
"TLS_CACERT /etc/ssl/certs/cacert.pem\n"
17793
17788
msgstr ""
17794
17789
17795
#: serverguide/C/network-auth.xml:3765(para)
17790
#: serverguide/C/network-auth.xml:3764(para)
17796
17791
msgid ""
17797
17792
"The certificate will also need to be copied to the Secondary KDC, to allow "
17798
17793
"the connection to the LDAP servers using LDAPS."
17799
17794
msgstr ""
17800
17795
17801
#: serverguide/C/network-auth.xml:3774(para)
17796
#: serverguide/C/network-auth.xml:3773(para)
17802
17797
msgid ""
17803
17798
"You can now add Kerberos principals to the LDAP database, and they will be "
17804
17799
"copied to any other LDAP servers configured for replication. To add a "
17805
17800
"principal using the <application>kadmin.local</application> utility enter:"
17806
17801
msgstr ""
17807
17802
17808
#: serverguide/C/network-auth.xml:3782(userinput)
17803
#: serverguide/C/network-auth.xml:3781(userinput)
17809
17804
#, no-wrap
17810
17805
msgid "addprinc -x dn=\"uid=steve,ou=people,dc=example,dc=com\" steve"
17811
17806
msgstr ""
17812
17807
17813
#: serverguide/C/network-auth.xml:3781(computeroutput)
17808
#: serverguide/C/network-auth.xml:3780(computeroutput)
17814
17809
#, no-wrap
17815
17810
msgid ""
17816
17811
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
17821
17816
"Principal \"steve@EXAMPLE.COM\" created."
17822
17817
msgstr ""
17823
17818
17824
#: serverguide/C/network-auth.xml:3789(para)
17819
#: serverguide/C/network-auth.xml:3788(para)
17825
17820
msgid ""
17826
17821
"There should now be krbPrincipalName, krbPrincipalKey, krbLastPwdChange, and "
17827
17822
"krbExtraData attributes added to the "
17830
17825
"utilities to test that the user is indeed issued a ticket."
17831
17826
msgstr ""
17832
17827
17833
#: serverguide/C/network-auth.xml:3796(para)
17828
#: serverguide/C/network-auth.xml:3795(para)
17834
17829
msgid ""
17835
17830
"If the user object is already created the <emphasis>-x dn=\"...\"</emphasis> "
17836
17831
"option is needed to add the Kerberos attributes. Otherwise a new "
17837
17832
"<emphasis>principal</emphasis> object will be created in the realm subtree."
17838
17833
msgstr ""
17839
17834
17840
#: serverguide/C/network-auth.xml:3804(title)
17835
#: serverguide/C/network-auth.xml:3803(title)
17841
17836
msgid "Secondary KDC Configuration"
17842
17837
msgstr ""
17843
17838
17844
#: serverguide/C/network-auth.xml:3806(para)
17839
#: serverguide/C/network-auth.xml:3805(para)
17845
17840
msgid ""
17846
17841
"Configuring a Secondary KDC using the LDAP backend is similar to configuring "
17847
17842
"one using the normal Kerberos database."
17848
17843
msgstr ""
17849
17844
17850
#: serverguide/C/network-auth.xml:3812(para)
17845
#: serverguide/C/network-auth.xml:3811(para)
17851
17846
msgid "First, install the necessary packages. In a terminal enter:"
17852
17847
msgstr ""
17853
17848
17854
#: serverguide/C/network-auth.xml:3823(para)
17849
#: serverguide/C/network-auth.xml:3822(para)
17855
17850
msgid ""
17856
17851
"Next, edit <filename>/etc/krb5.conf</filename> to use the LDAP backend:"
17857
17852
msgstr ""
17858
17853
17859
#: serverguide/C/network-auth.xml:3827(programlisting)
17854
#: serverguide/C/network-auth.xml:3826(programlisting)
17860
17855
#, no-wrap
17861
17856
msgid ""
17862
17857
"\n"
17905
17900
" }\n"
17906
17901
msgstr ""
17907
17902
17908
#: serverguide/C/network-auth.xml:3874(para)
17903
#: serverguide/C/network-auth.xml:3873(para)
17909
17904
msgid "Create the stash for the LDAP bind password:"
17910
17905
msgstr ""
17911
17906
17912
#: serverguide/C/network-auth.xml:3886(para)
17907
#: serverguide/C/network-auth.xml:3885(para)
17913
17908
msgid ""
17914
17909
"Now, on the <emphasis>Primary KDC</emphasis> copy the "
17915
17910
"<filename>/etc/krb5kdc/.k5.EXAMPLE.COM</filename><emphasis>Master "
17918
17913
"media."
17919
17914
msgstr ""
17920
17915
17916
#: serverguide/C/network-auth.xml:3892(command)
17917
msgid "sudo scp /etc/krb5kdc/.k5.EXAMPLE.COM steve@kdc02.example.com:~"
17918
msgstr ""
17919
17921
17920
#: serverguide/C/network-auth.xml:3893(command)
17922
msgid "sudo scp /etc/krb5kdc/.k5.EXAMPLE.COM steve@kdc02.example.com:~"
17923
msgstr ""
17924
17925
#: serverguide/C/network-auth.xml:3894(command)
17926
17921
msgid "sudo mv .k5.EXAMPLE.COM /etc/krb5kdc/"
17927
17922
msgstr ""
17928
17923
17929
#: serverguide/C/network-auth.xml:3898(para)
17924
#: serverguide/C/network-auth.xml:3897(para)
17930
17925
msgid ""
17931
17926
"Again, replace <emphasis>EXAMPLE.COM</emphasis> with your actual realm."
17932
17927
msgstr ""
17933
17928
17934
#: serverguide/C/network-auth.xml:3906(para)
17929
#: serverguide/C/network-auth.xml:3905(para)
17935
17930
msgid ""
17936
17931
"Back on the <emphasis>Secondary KDC</emphasis>, (re)start the ldap server "
17937
17932
"only,"
17938
17933
msgstr ""
17939
17934
17940
#: serverguide/C/network-auth.xml:3918(para)
17935
#: serverguide/C/network-auth.xml:3917(para)
17941
17936
msgid "Finally, start the <application>krb5-kdc</application> daemon:"
17942
17937
msgstr ""
17943
17938
17944
#: serverguide/C/network-auth.xml:3929(para)
17939
#: serverguide/C/network-auth.xml:3928(para)
17945
17940
msgid "Verify the two ldap servers (and kerberos by extension) are in sync."
17946
17941
msgstr ""
17947
17942
17948
#: serverguide/C/network-auth.xml:3936(para)
17943
#: serverguide/C/network-auth.xml:3935(para)
17949
17944
msgid ""
17950
17945
"You now have redundant KDCs on your network, and with redundant LDAP servers "
17951
17946
"you should be able to continue to authenticate users if one LDAP server, one "
17952
17947
"Kerberos server, or one LDAP and one Kerberos server become unavailable."
17953
17948
msgstr ""
17954
17949
17955
#: serverguide/C/network-auth.xml:3948(para)
17950
#: serverguide/C/network-auth.xml:3947(para)
17956
17951
msgid ""
17957
17952
"The <ulink url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
17958
17953
"admin.html#Configuring-Kerberos-with-OpenLDAP-back_002dend\"> Kerberos Admin "
17959
17954
"Guide</ulink> has some additional details."
17960
17955
msgstr ""
17961
17956
17962
#: serverguide/C/network-auth.xml:3951(para)
17957
#: serverguide/C/network-auth.xml:3953(para)
17963
17958
msgid ""
17964
17959
"For more information on <application>kdb5_ldap_util</application> see <ulink "
17965
17960
"url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
17969
17964
"l\">kdb5_ldap_util man page</ulink>."
17970
17965
msgstr ""
17971
17966
17972
#: serverguide/C/network-auth.xml:3959(para)
17967
#: serverguide/C/network-auth.xml:3961(para)
17973
17968
msgid ""
17974
17969
"Another useful link is the <ulink "
17975
17970
"url=\"http://manpages.ubuntu.com/manpages/trusty/en/man5/krb5.conf.5.html\">k"
17976
17971
"rb5.conf man page</ulink>."
17977
17972
msgstr ""
17978
17973
17979
#: serverguide/C/network-auth.xml:3967(para)
17974
#: serverguide/C/network-auth.xml:3966(para)
17980
17975
msgid ""
17981
17976
"Also, see the <ulink "
17982
17977
"url=\"https://help.ubuntu.com/community/Kerberos#kerberos-ldap\">Kerberos "
17986
17981
"url=\"https://help.ubuntu.com/community/Kerberos#kerberos-ldap\">Kerberos in "
17987
17982
"LDAP</ulink>na Ubuntu Wiki."
17988
17983
17989
#: serverguide/C/network-auth.xml:3973(title)
17984
#: serverguide/C/network-auth.xml:3975(title)
17990
17985
msgid "SSSD and Active Directory"
17991
17986
msgstr ""
17992
17987
17993
#: serverguide/C/network-auth.xml:3974(para)
17988
#: serverguide/C/network-auth.xml:3976(para)
17994
17989
msgid ""
17995
17990
"This section describes the use of sssd to authenticate user logins against "
17996
17991
"an Active Directory via using sssd's \"ad\" provider. In previous versions "
18001
17996
"requires no modifications to the AD structure."
18002
17997
msgstr ""
18003
17998
18004
#: serverguide/C/network-auth.xml:3978(title)
17999
#: serverguide/C/network-auth.xml:3980(title)
18005
18000
msgid "Prerequisites, Assumptions, and Requirements"
18006
18001
msgstr ""
18007
18002
18008
#: serverguide/C/network-auth.xml:3981(para)
18003
#: serverguide/C/network-auth.xml:3983(para)
18009
18004
msgid ""
18010
18005
"This guide does not explain Active Directory, how it works, how to set one "
18011
18006
"up, or how to maintain it. It may not provide “best practices” for your "
18012
18007
"environment."
18013
18008
msgstr ""
18014
18009
18015
#: serverguide/C/network-auth.xml:3983(para)
18010
#: serverguide/C/network-auth.xml:3985(para)
18016
18011
msgid ""
18017
18012
"This guide assumes that a working Active Directory domain is already "
18018
18013
"configured."
18019
18014
msgstr ""
18020
18015
18021
#: serverguide/C/network-auth.xml:3985(para)
18016
#: serverguide/C/network-auth.xml:3987(para)
18022
18017
msgid ""
18023
18018
"The domain controller is acting as an authoritative DNS server for the "
18024
18019
"domain."
18025
18020
msgstr ""
18026
18021
18027
#: serverguide/C/network-auth.xml:3987(para)
18022
#: serverguide/C/network-auth.xml:3989(para)
18028
18023
msgid ""
18029
18024
"The domain controller is the primary DNS resolver as specified in "
18030
18025
"<filename>/etc/resolv.conf</filename>."
18031
18026
msgstr ""
18032
18027
18033
#: serverguide/C/network-auth.xml:3990(para)
18028
#: serverguide/C/network-auth.xml:3992(para)
18034
18029
msgid ""
18035
18030
"The appropriate <emphasis>_kerberos</emphasis>, <emphasis>_ldap</emphasis>, "
18036
18031
"<emphasis>_kpasswd</emphasis>, etc. entries are configured in the DNS zone "
18037
18032
"(see Resources section for external links)."
18038
18033
msgstr ""
18039
18034
18040
#: serverguide/C/network-auth.xml:3992(para)
18035
#: serverguide/C/network-auth.xml:3994(para)
18041
18036
msgid ""
18042
18037
"System time is synchronized on the domain controller (necessary for "
18043
18038
"Kerberos)."
18044
18039
msgstr ""
18045
18040
18046
#: serverguide/C/network-auth.xml:3994(para)
18041
#: serverguide/C/network-auth.xml:3996(para)
18047
18042
msgid ""
18048
18043
"The domain used in this example is <emphasis>myubuntu.example.com</emphasis> "
18049
18044
"."
18050
18045
msgstr ""
18051
18046
18052
#: serverguide/C/network-auth.xml:3999(para)
18047
#: serverguide/C/network-auth.xml:4001(para)
18053
18048
msgid ""
18054
18049
"The following packages are needed: <emphasis>krb5-user</emphasis>, "
18055
18050
"<emphasis>samba</emphasis>, <emphasis>sssd</emphasis>, and "
18058
18053
"controllers are needed for this step."
18059
18054
msgstr ""
18060
18055
18061
#: serverguide/C/network-auth.xml:4000(para)
18056
#: serverguide/C/network-auth.xml:4002(para)
18062
18057
msgid "Install these packages now."
18063
18058
msgstr ""
18064
18059
18065
#: serverguide/C/network-auth.xml:4002(command)
18060
#: serverguide/C/network-auth.xml:4004(command)
18066
18061
msgid "sudo apt-get install krb5-user samba sssd ntp"
18067
18062
msgstr ""
18068
18063
18069
#: serverguide/C/network-auth.xml:4003(para)
18064
#: serverguide/C/network-auth.xml:4005(para)
18070
18065
msgid ""
18071
18066
"See the next section for the answers to the questions asked by the "
18072
18067
"<emphasis>krb5-user</emphasis> postinstall script."
18073
18068
msgstr ""
18074
18069
18075
#: serverguide/C/network-auth.xml:4006(title)
18070
#: serverguide/C/network-auth.xml:4008(title)
18076
18071
msgid "Kerberos Configuration"
18077
18072
msgstr ""
18078
18073
18079
#: serverguide/C/network-auth.xml:4007(para)
18074
#: serverguide/C/network-auth.xml:4009(para)
18080
18075
msgid ""
18081
18076
"The installation of <emphasis>krb5-user</emphasis> will prompt for the realm "
18082
18077
"name (in ALL UPPERCASE), the kdc server (i.e. domain controller) and admin "
18086
18081
"not, then both are needed."
18087
18082
msgstr ""
18088
18083
18089
#: serverguide/C/network-auth.xml:4008(para)
18084
#: serverguide/C/network-auth.xml:4010(para)
18090
18085
msgid ""
18091
18086
"If the domain is <emphasis>myubuntu.example.com</emphasis>, enter the realm "
18092
18087
"as <emphasis>MYUBUNTU.EXAMPLE.COM</emphasis>"
18093
18088
msgstr ""
18094
18089
18095
#: serverguide/C/network-auth.xml:4011(para)
18090
#: serverguide/C/network-auth.xml:4013(para)
18096
18091
msgid ""
18097
18092
"Optionally, edit <emphasis>/etc/krb5.conf</emphasis> with a few additional "
18098
18093
"settings to specify Kerberos ticket lifetime (these values are safe to use "
18099
18094
"as defaults):"
18100
18095
msgstr ""
18101
18096
18102
#: serverguide/C/network-auth.xml:4012(programlisting)
18097
#: serverguide/C/network-auth.xml:4014(programlisting)
18103
18098
#, no-wrap
18104
18099
msgid ""
18105
18100
"\n"
18111
18106
"\t\t"
18112
18107
msgstr ""
18113
18108
18114
#: serverguide/C/network-auth.xml:4020(para)
18109
#: serverguide/C/network-auth.xml:4022(para)
18115
18110
msgid ""
18116
18111
"If default_realm is not specified, it may be necessary to log in with "
18117
18112
"“username@domain” instead of “username”."
18118
18113
msgstr ""
18119
18114
18120
#: serverguide/C/network-auth.xml:4022(para)
18115
#: serverguide/C/network-auth.xml:4024(para)
18121
18116
msgid ""
18122
18117
"The system time on the Active Directory member needs to be consistent with "
18123
18118
"that of the domain controller, or Kerberos authentication may fail. Ideally, "
18125
18120
"<filename>/etc/ntp.conf</filename>:"
18126
18121
msgstr ""
18127
18122
18128
#: serverguide/C/network-auth.xml:4024(programlisting)
18123
#: serverguide/C/network-auth.xml:4026(programlisting)
18129
18124
#, no-wrap
18130
18125
msgid ""
18131
18126
"\n"
18132
18127
"server dc.myubuntu.example.com\n"
18133
18128
msgstr ""
18134
18129
18135
#: serverguide/C/network-auth.xml:4031(para)
18130
#: serverguide/C/network-auth.xml:4033(para)
18136
18131
msgid ""
18137
18132
"Samba will be used to perform netbios/nmbd services related to Active "
18138
18133
"Directory authentication, even if no file shares are exported. Edit the file "
18140
18135
"<emphasis>[global]</emphasis> section:"
18141
18136
msgstr ""
18142
18137
18143
#: serverguide/C/network-auth.xml:4033(programlisting)
18138
#: serverguide/C/network-auth.xml:4035(programlisting)
18144
18139
#, no-wrap
18145
18140
msgid ""
18146
18141
"\n"
18154
18149
"security = ads\n"
18155
18150
msgstr ""
18156
18151
18157
#: serverguide/C/network-auth.xml:4044(para)
18152
#: serverguide/C/network-auth.xml:4046(para)
18158
18153
msgid ""
18159
18154
"Some guides specify that \"password server\" should be specified and pointed "
18160
18155
"to the domain controller. This is only necessary if DNS is not properly set "
18162
18157
"server\" is specified with \"security = ads\"."
18163
18158
msgstr ""
18164
18159
18165
#: serverguide/C/network-auth.xml:4049(title)
18160
#: serverguide/C/network-auth.xml:4051(title)
18166
18161
msgid "SSSD Configuration"
18167
18162
msgstr ""
18168
18163
18169
#: serverguide/C/network-auth.xml:4051(para)
18164
#: serverguide/C/network-auth.xml:4053(para)
18170
18165
msgid ""
18171
18166
"There is no default/example config file for "
18172
18167
"<filename>/etc/sssd/sssd.conf</filename> included in the sssd package. It is "
18173
18168
"necessary to create one. This is a minimal working config file:"
18174
18169
msgstr ""
18175
18170
18176
#: serverguide/C/network-auth.xml:4053(programlisting)
18171
#: serverguide/C/network-auth.xml:4055(programlisting)
18177
18172
#, no-wrap
18178
18173
msgid ""
18179
18174
"\n"
18205
18200
"# enumerate = true\n"
18206
18201
msgstr ""
18207
18202
18208
#: serverguide/C/network-auth.xml:4080(para)
18203
#: serverguide/C/network-auth.xml:4082(para)
18209
18204
msgid ""
18210
18205
"After saving this file, set the ownership to root and the file permissions "
18211
18206
"to 600:"
18212
18207
msgstr ""
18213
18208
18214
#: serverguide/C/network-auth.xml:4081(command)
18209
#: serverguide/C/network-auth.xml:4083(command)
18215
18210
msgid "sudo chown root:root /etc/sssd/sssd.conf"
18216
18211
msgstr ""
18217
18212
18218
#: serverguide/C/network-auth.xml:4082(command)
18213
#: serverguide/C/network-auth.xml:4084(command)
18219
18214
msgid "sudo chmod 600 /etc/sssd/sssd.conf"
18220
18215
msgstr ""
18221
18216
18222
#: serverguide/C/network-auth.xml:4084(para)
18217
#: serverguide/C/network-auth.xml:4086(para)
18223
18218
msgid ""
18224
18219
"If the ownership or permissions are not correct, sssd will refuse to start."
18225
18220
msgstr ""
18226
18221
18227
#: serverguide/C/network-auth.xml:4088(title)
18222
#: serverguide/C/network-auth.xml:4090(title)
18228
18223
msgid "Verify nsswitch.conf Configuration"
18229
18224
msgstr ""
18230
18225
18231
#: serverguide/C/network-auth.xml:4089(para)
18226
#: serverguide/C/network-auth.xml:4091(para)
18232
18227
msgid ""
18233
18228
"The post-install script for the sssd package makes some modifications to "
18234
18229
"/etc/nsswitch.conf automatically. It should look something like this:"
18235
18230
msgstr ""
18236
18231
18237
#: serverguide/C/network-auth.xml:4091(programlisting)
18232
#: serverguide/C/network-auth.xml:4093(programlisting)
18238
18233
#, no-wrap
18239
18234
msgid ""
18240
18235
"\n"
18245
18240
"sudoers: files sss\n"
18246
18241
msgstr ""
18247
18242
18248
#: serverguide/C/network-auth.xml:4101(title)
18243
#: serverguide/C/network-auth.xml:4103(title)
18249
18244
msgid "Modify /etc/hosts"
18250
18245
msgstr ""
18251
18246
18252
#: serverguide/C/network-auth.xml:4102(para)
18247
#: serverguide/C/network-auth.xml:4104(para)
18253
18248
msgid ""
18254
18249
"Add an alias to the localhost entry in /etc/hosts specifying the FQDN. For "
18255
18250
"example:"
18256
18251
msgstr ""
18257
18252
18258
#: serverguide/C/network-auth.xml:4103(programlisting)
18253
#: serverguide/C/network-auth.xml:4105(programlisting)
18259
18254
#, no-wrap
18260
18255
msgid "192.168.1.10 myserver myserver.myubuntu.example.com"
18261
18256
msgstr ""
18262
18257
18263
#: serverguide/C/network-auth.xml:4105(para)
18258
#: serverguide/C/network-auth.xml:4107(para)
18264
18259
msgid "This is useful in conjunction with dynamic DNS updates."
18265
18260
msgstr ""
18266
18261
18267
#: serverguide/C/network-auth.xml:4109(title)
18262
#: serverguide/C/network-auth.xml:4111(title)
18268
18263
msgid "Join the Active Directory"
18269
18264
msgstr ""
18270
18265
18271
#: serverguide/C/network-auth.xml:4110(para)
18266
#: serverguide/C/network-auth.xml:4112(para)
18272
18267
msgid "Now, restart ntp and samba and start sssd."
18273
18268
msgstr ""
18274
18269
18275
#: serverguide/C/virtualization.xml:2208(command)
18270
#: serverguide/C/network-auth.xml:4113(command)
18276
18271
msgid "sudo service ntp restart"
18277
18272
msgstr ""
18278
18273
18279
#: serverguide/C/network-auth.xml:4114(command)
18274
#: serverguide/C/network-auth.xml:4116(command)
18280
18275
msgid "sudo start sssd"
18281
18276
msgstr ""
18282
18277
18283
#: serverguide/C/network-auth.xml:4116(para)
18278
#: serverguide/C/network-auth.xml:4118(para)
18284
18279
msgid "Test the configuration by obtaining a Kerberos ticket:"
18285
18280
msgstr ""
18286
18281
18287
#: serverguide/C/network-auth.xml:4118(command)
18282
#: serverguide/C/network-auth.xml:4120(command)
18288
18283
msgid "sudo kinit Administrator"
18289
18284
msgstr ""
18290
18285
18291
#: serverguide/C/network-auth.xml:4120(para)
18286
#: serverguide/C/network-auth.xml:4122(para)
18292
18287
msgid "Verify the ticket with:"
18293
18288
msgstr ""
18294
18289
18295
#: serverguide/C/network-auth.xml:4121(command)
18290
#: serverguide/C/network-auth.xml:4123(command)
18296
18291
msgid "sudo klist"
18297
18292
msgstr ""
18298
18293
18299
#: serverguide/C/network-auth.xml:4123(para)
18294
#: serverguide/C/network-auth.xml:4125(para)
18300
18295
msgid ""
18301
18296
"If there is a ticket with an expiration date listed, then it is time to join "
18302
18297
"the domain:"
18303
18298
msgstr ""
18304
18299
18305
#: serverguide/C/network-auth.xml:4125(command)
18300
#: serverguide/C/network-auth.xml:4127(command)
18306
18301
msgid "sudo net ads join -k"
18307
18302
msgstr ""
18308
18303
18309
#: serverguide/C/network-auth.xml:4127(para)
18304
#: serverguide/C/network-auth.xml:4129(para)
18310
18305
msgid ""
18311
18306
"A warning about \"No DNS domain configured. Unable to perform DNS Update.\" "
18312
18307
"probably means that there is no (correct) alias in "
18316
18311
"\"Modify /etc/hosts\" above."
18317
18312
msgstr ""
18318
18313
18319
#: serverguide/C/network-auth.xml:4129(para)
18314
#: serverguide/C/network-auth.xml:4131(para)
18320
18315
msgid ""
18321
18316
"(The message \"NT_STATUS_UNSUCCESSFUL\" indicates the domain join failed and "
18322
18317
"something is incorrect. Review the prior steps before proceeding)."
18323
18318
msgstr ""
18324
18319
18325
#: serverguide/C/network-auth.xml:4131(para)
18320
#: serverguide/C/network-auth.xml:4133(para)
18326
18321
msgid ""
18327
18322
"Here are a couple of (optional) checks to verify that the domain join was "
18328
18323
"successful. Note that if the domain was successfully joined but one or both "
18330
18325
"Some of the changes appear to be asynchronous."
18331
18326
msgstr ""
18332
18327
18333
#: serverguide/C/network-auth.xml:4133(para)
18328
#: serverguide/C/network-auth.xml:4135(para)
18334
18329
msgid "Verification option #1:"
18335
18330
msgstr ""
18336
18331
18337
#: serverguide/C/network-auth.xml:4134(para)
18332
#: serverguide/C/network-auth.xml:4136(para)
18338
18333
msgid ""
18339
18334
"Check the default Organizational Unit for computer accounts in the Active "
18340
18335
"Directory to verify that the computer account was created. (Organizational "
18341
18336
"Units in Active Directory is a topic outside the scope of this guide)."
18342
18337
msgstr ""
18343
18338
18344
#: serverguide/C/network-auth.xml:4136(para)
18339
#: serverguide/C/network-auth.xml:4138(para)
18345
18340
msgid "Verification option #2"
18346
18341
msgstr ""
18347
18342
18348
#: serverguide/C/network-auth.xml:4137(para)
18343
#: serverguide/C/network-auth.xml:4139(para)
18349
18344
msgid "Execute this command for a specific AD user (e.g. administrator)"
18350
18345
msgstr ""
18351
18346
18352
#: serverguide/C/network-auth.xml:4138(command)
18347
#: serverguide/C/network-auth.xml:4140(command)
18353
18348
msgid "getent passwd username"
18354
18349
msgstr ""
18355
18350
18356
#: serverguide/C/network-auth.xml:4140(para)
18351
#: serverguide/C/network-auth.xml:4142(para)
18357
18352
msgid ""
18358
18353
"If <emphasis>enumerate = true</emphasis> is set in "
18359
18354
"<filename>sssd.conf</filename>, <emphasis>getent passwd</emphasis> with no "
18361
18356
"testing, but is slow and not recommended for production."
18362
18357
msgstr ""
18363
18358
18364
#: serverguide/C/network-auth.xml:4144(title)
18359
#: serverguide/C/network-auth.xml:4146(title)
18365
18360
msgid "Test Authentication"
18366
18361
msgstr ""
18367
18362
18368
#: serverguide/C/network-auth.xml:4145(para)
18363
#: serverguide/C/network-auth.xml:4147(para)
18369
18364
msgid ""
18370
18365
"It should now be possible to authenticate using an Active Directory User's "
18371
18366
"credentials:"
18372
18367
msgstr ""
18373
18368
18374
#: serverguide/C/network-auth.xml:4147(command)
18369
#: serverguide/C/network-auth.xml:4149(command)
18375
18370
msgid "su - username"
18376
18371
msgstr ""
18377
18372
18378
#: serverguide/C/network-auth.xml:4149(para)
18373
#: serverguide/C/network-auth.xml:4151(para)
18379
18374
msgid ""
18380
18375
"If this works, then other login methods (getty, ssh) should also work."
18381
18376
msgstr ""
18382
18377
18383
#: serverguide/C/network-auth.xml:4151(para)
18378
#: serverguide/C/network-auth.xml:4153(para)
18384
18379
msgid ""
18385
18380
"If the computer account was created, indicating that the system was "
18386
18381
"\"joined\" to the domain, but authentication is unsuccessful, it may be "
18389
18384
"earlier in this guide."
18390
18385
msgstr ""
18391
18386
18392
#: serverguide/C/network-auth.xml:4155(title)
18387
#: serverguide/C/network-auth.xml:4157(title)
18393
18388
msgid "Home directories with pam_mkhomedir (optional)"
18394
18389
msgstr ""
18395
18390
18396
#: serverguide/C/network-auth.xml:4156(para)
18391
#: serverguide/C/network-auth.xml:4158(para)
18397
18392
msgid ""
18398
18393
"When logging in using an Active Directory user account, it is likely that "
18399
18394
"user has no home directory. This can be fixed with pam_mkdhomedir.so, which "
18402
18397
"after <emphasis>session required pam_unix.so:</emphasis>"
18403
18398
msgstr ""
18404
18399
18405
#: serverguide/C/network-auth.xml:4157(programlisting)
18400
#: serverguide/C/network-auth.xml:4159(programlisting)
18406
18401
#, no-wrap
18407
18402
msgid ""
18408
18403
"\n"
18409
18404
"session required pam_mkhomedir.so skel=/etc/skel/ umask=0022\n"
18410
18405
msgstr ""
18411
18406
18412
#: serverguide/C/network-auth.xml:4161(para)
18407
#: serverguide/C/network-auth.xml:4163(para)
18413
18408
msgid ""
18414
18409
"This may also need <emphasis>override_homedir</emphasis> in "
18415
18410
"<filename>sssd.conf</filename> to function correctly, so make sure that’s "
18416
18411
"set."
18417
18412
msgstr ""
18418
18413
18419
#: serverguide/C/network-auth.xml:4165(title)
18414
#: serverguide/C/network-auth.xml:4167(title)
18420
18415
msgid "Desktop Ubuntu Authentication"
18421
18416
msgstr ""
18422
18417
18423
#: serverguide/C/network-auth.xml:4166(para)
18418
#: serverguide/C/network-auth.xml:4168(para)
18424
18419
msgid ""
18425
18420
"It is possible to also authenticate logins to Ubuntu Desktop using Active "
18426
18421
"Directory accounts. The AD accounts will not show up in the pick list with "
18429
18424
"append the following two lines:"
18430
18425
msgstr ""
18431
18426
18432
#: serverguide/C/network-auth.xml:4168(programlisting)
18427
#: serverguide/C/network-auth.xml:4170(programlisting)
18433
18428
#, no-wrap
18434
18429
msgid ""
18435
18430
"\n"
18437
18432
"greeter-hide-users=true\n"
18438
18433
msgstr ""
18439
18434
18440
#: serverguide/C/network-auth.xml:4173(para)
18435
#: serverguide/C/network-auth.xml:4175(para)
18441
18436
msgid ""
18442
18437
"Reboot to restart lightdm. It should now be possible to log in using a "
18443
18438
"domain account using either <emphasis>username</emphasis> or "
18444
18439
"<emphasis>username/username@domain</emphasis> format."
18445
18440
msgstr ""
18446
18441
18447
#: serverguide/C/network-auth.xml:4179(ulink)
18442
#: serverguide/C/network-auth.xml:4181(ulink)
18448
18443
msgid "SSSD Project"
18449
18444
msgstr ""
18450
18445
18451
#: serverguide/C/network-auth.xml:4180(ulink)
18446
#: serverguide/C/network-auth.xml:4182(ulink)
18452
18447
msgid "DNS Server Configuration guidelines"
18453
18448
msgstr ""
18454
18449
18455
#: serverguide/C/network-auth.xml:4181(ulink)
18450
#: serverguide/C/network-auth.xml:4183(ulink)
18456
18451
msgid "Active Directory DNS Zone Entries"
18457
18452
msgstr ""
18458
18453
18459
#: serverguide/C/network-auth.xml:4182(ulink)
18454
#: serverguide/C/network-auth.xml:4184(ulink)
18460
18455
msgid "Kerberos config options"
18461
18456
msgstr ""
18462
18457
18468
18463
msgid "Attribute"
18469
18464
msgstr ""
18470
18465
18471
#: serverguide/C/multipath-device-attributes-table.xml:9(entry) serverguide/C/multipath-config-defaults-table.xml:14(entry) serverguide/C/multipath-components-table.xml:12(entry) serverguide/C/multipath-attributes-table.xml:9(entry) serverguide/C/dm-multipath.xml:1624(entry)
18466
#: serverguide/C/multipath-device-attributes-table.xml:9(entry) serverguide/C/multipath-config-defaults-table.xml:14(entry) serverguide/C/multipath-components-table.xml:12(entry) serverguide/C/multipath-attributes-table.xml:9(entry) serverguide/C/dm-multipath.xml:1623(entry)
18472
18467
msgid "Description"
18473
18468
msgstr ""
18474
18469
18602
18597
"levels are between 0 and 6. The default value is 2."
18603
18598
msgstr ""
18604
18599
18605
#: serverguide/C/multipath-config-defaults-table.xml:61(emphasis) serverguide/C/multipath-config-defaults-table.xml:323(emphasis) serverguide/C/dm-multipath.xml:1050(parameter) serverguide/C/dm-multipath.xml:1205(parameter)
18600
#: serverguide/C/multipath-config-defaults-table.xml:61(emphasis) serverguide/C/multipath-config-defaults-table.xml:323(emphasis) serverguide/C/dm-multipath.xml:1049(parameter) serverguide/C/dm-multipath.xml:1204(parameter)
18606
18601
msgid "path_selector"
18607
18602
msgstr ""
18608
18603
18637
18632
"The default value is <emphasis role=\"bold\">round-robin 0</emphasis>."
18638
18633
msgstr ""
18639
18634
18640
#: serverguide/C/multipath-config-defaults-table.xml:98(emphasis) serverguide/C/dm-multipath.xml:1045(parameter) serverguide/C/dm-multipath.xml:1195(parameter)
18635
#: serverguide/C/multipath-config-defaults-table.xml:98(emphasis) serverguide/C/dm-multipath.xml:1044(parameter) serverguide/C/dm-multipath.xml:1194(parameter)
18641
18636
msgid "path_grouping_policy"
18642
18637
msgstr ""
18643
18638
18680
18675
msgid "The default value is <emphasis role=\"bold\">failover.</emphasis>"
18681
18676
msgstr ""
18682
18677
18683
#: serverguide/C/multipath-config-defaults-table.xml:139(emphasis) serverguide/C/dm-multipath.xml:1200(parameter)
18678
#: serverguide/C/multipath-config-defaults-table.xml:139(emphasis) serverguide/C/dm-multipath.xml:1199(parameter)
18684
18679
msgid "getuid_callout"
18685
18680
msgstr ""
18686
18681
18696
18691
"path identifier. An absolute path is required. <placeholder-1/>"
18697
18692
msgstr ""
18698
18693
18699
#: serverguide/C/multipath-config-defaults-table.xml:150(emphasis) serverguide/C/dm-multipath.xml:1059(parameter) serverguide/C/dm-multipath.xml:1224(parameter)
18694
#: serverguide/C/multipath-config-defaults-table.xml:150(emphasis) serverguide/C/dm-multipath.xml:1058(parameter) serverguide/C/dm-multipath.xml:1223(parameter)
18700
18695
msgid "prio"
18701
18696
msgstr ""
18702
18697
18752
18747
msgid "The default value is <emphasis role=\"bold\">const</emphasis>."
18753
18748
msgstr ""
18754
18749
18755
#: serverguide/C/multipath-config-defaults-table.xml:202(emphasis) serverguide/C/dm-multipath.xml:1064(parameter) serverguide/C/dm-multipath.xml:1229(parameter)
18750
#: serverguide/C/multipath-config-defaults-table.xml:202(emphasis) serverguide/C/dm-multipath.xml:1063(parameter) serverguide/C/dm-multipath.xml:1228(parameter)
18756
18751
msgid "prio_args"
18757
18752
msgstr ""
18758
18753
18764
18759
"value is (null) <emphasis role=\"bold\">\"\"</emphasis>."
18765
18760
msgstr ""
18766
18761
18767
#: serverguide/C/multipath-config-defaults-table.xml:216(emphasis) serverguide/C/dm-multipath.xml:1215(parameter)
18762
#: serverguide/C/multipath-config-defaults-table.xml:216(emphasis) serverguide/C/dm-multipath.xml:1214(parameter)
18768
18763
msgid "features"
18769
18764
msgstr ""
18770
18765
18772
18767
msgid "queue_if_no_path"
18773
18768
msgstr ""
18774
18769
18775
#: serverguide/C/multipath-config-defaults-table.xml:221(emphasis) serverguide/C/multipath-config-defaults-table.xml:334(emphasis) serverguide/C/dm-multipath.xml:1069(parameter) serverguide/C/dm-multipath.xml:1234(parameter)
18770
#: serverguide/C/multipath-config-defaults-table.xml:221(emphasis) serverguide/C/multipath-config-defaults-table.xml:334(emphasis) serverguide/C/dm-multipath.xml:1068(parameter) serverguide/C/dm-multipath.xml:1233(parameter)
18776
18771
msgid "no_path_retry"
18777
18772
msgstr ""
18778
18773
18792
18787
"feature, see Section, <placeholder-4/>."
18793
18788
msgstr ""
18794
18789
18795
#: serverguide/C/multipath-config-defaults-table.xml:228(emphasis) serverguide/C/dm-multipath.xml:1210(parameter)
18790
#: serverguide/C/multipath-config-defaults-table.xml:228(emphasis) serverguide/C/dm-multipath.xml:1209(parameter)
18796
18791
msgid "path_checker"
18797
18792
msgstr ""
18798
18793
18842
18837
msgid "The default value is <emphasis role=\"bold\">directio</emphasis>."
18843
18838
msgstr ""
18844
18839
18845
#: serverguide/C/multipath-config-defaults-table.xml:275(emphasis) serverguide/C/dm-multipath.xml:1055(parameter) serverguide/C/dm-multipath.xml:1220(parameter)
18840
#: serverguide/C/multipath-config-defaults-table.xml:275(emphasis) serverguide/C/dm-multipath.xml:1054(parameter) serverguide/C/dm-multipath.xml:1219(parameter)
18846
18841
msgid "failback"
18847
18842
msgstr ""
18848
18843
18873
18868
msgid "The default value is <emphasis role=\"bold\">manual</emphasis>."
18874
18869
msgstr ""
18875
18870
18876
#: serverguide/C/multipath-config-defaults-table.xml:307(emphasis) serverguide/C/multipath-config-defaults-table.xml:321(emphasis) serverguide/C/multipath-config-defaults-table.xml:325(emphasis) serverguide/C/dm-multipath.xml:1074(parameter) serverguide/C/dm-multipath.xml:1239(parameter)
18871
#: serverguide/C/multipath-config-defaults-table.xml:307(emphasis) serverguide/C/multipath-config-defaults-table.xml:321(emphasis) serverguide/C/multipath-config-defaults-table.xml:325(emphasis) serverguide/C/dm-multipath.xml:1073(parameter) serverguide/C/dm-multipath.xml:1238(parameter)
18877
18872
msgid "rr_min_io"
18878
18873
msgstr ""
18879
18874
18887
18882
"the next path in the current path group.<placeholder-1/>"
18888
18883
msgstr ""
18889
18884
18890
#: serverguide/C/multipath-config-defaults-table.xml:317(emphasis) serverguide/C/dm-multipath.xml:1079(parameter) serverguide/C/dm-multipath.xml:1244(parameter)
18885
#: serverguide/C/multipath-config-defaults-table.xml:317(emphasis) serverguide/C/dm-multipath.xml:1078(parameter) serverguide/C/dm-multipath.xml:1243(parameter)
18891
18886
msgid "rr_weight"
18892
18887
msgstr ""
18893
18888
18941
18936
msgid "alias"
18942
18937
msgstr ""
18943
18938
18944
#: serverguide/C/multipath-config-defaults-table.xml:354(emphasis) serverguide/C/multipath-config-defaults-table.xml:357(emphasis) serverguide/C/multipath-config-defaults-table.xml:379(emphasis) serverguide/C/multipath-config-defaults-table.xml:391(emphasis) serverguide/C/multipath-components-table.xml:31(emphasis) serverguide/C/multipath-components-table.xml:44(emphasis) serverguide/C/multipath-attributes-table.xml:18(emphasis) serverguide/C/multipath-attributes-table.xml:19(emphasis) serverguide/C/multipath-attributes-table.xml:28(emphasis) serverguide/C/multipath-attributes-table.xml:29(emphasis) serverguide/C/dm-multipath.xml:765(emphasis)
18939
#: serverguide/C/multipath-config-defaults-table.xml:354(emphasis) serverguide/C/multipath-config-defaults-table.xml:357(emphasis) serverguide/C/multipath-config-defaults-table.xml:379(emphasis) serverguide/C/multipath-config-defaults-table.xml:391(emphasis) serverguide/C/multipath-components-table.xml:31(emphasis) serverguide/C/multipath-components-table.xml:44(emphasis) serverguide/C/multipath-attributes-table.xml:18(emphasis) serverguide/C/multipath-attributes-table.xml:19(emphasis) serverguide/C/multipath-attributes-table.xml:28(emphasis) serverguide/C/multipath-attributes-table.xml:29(emphasis) serverguide/C/dm-multipath.xml:764(emphasis)
18945
18940
msgid "multipath"
18946
18941
msgstr ""
18947
18942
18978
18973
"devices when it is shut down. <placeholder-2/>"
18979
18974
msgstr ""
18980
18975
18981
#: serverguide/C/multipath-config-defaults-table.xml:376(emphasis) serverguide/C/dm-multipath.xml:1084(parameter) serverguide/C/dm-multipath.xml:1259(parameter)
18976
#: serverguide/C/multipath-config-defaults-table.xml:376(emphasis) serverguide/C/dm-multipath.xml:1083(parameter) serverguide/C/dm-multipath.xml:1258(parameter)
18982
18977
msgid "flush_on_last_del"
18983
18978
msgstr ""
18984
18979
19024
19019
"explicit timeout, in seconds. <placeholder-1/>"
19025
19020
msgstr ""
19026
19021
19027
#: serverguide/C/multipath-config-defaults-table.xml:413(emphasis) serverguide/C/dm-multipath.xml:1249(parameter)
19022
#: serverguide/C/multipath-config-defaults-table.xml:413(emphasis) serverguide/C/dm-multipath.xml:1248(parameter)
19028
19023
msgid "fast_io_fail_tmo"
19029
19024
msgstr ""
19030
19025
19040
19035
"this to off will disable the timeout. <placeholder-1/>"
19041
19036
msgstr ""
19042
19037
19043
#: serverguide/C/multipath-config-defaults-table.xml:425(emphasis) serverguide/C/dm-multipath.xml:1254(parameter)
19038
#: serverguide/C/multipath-config-defaults-table.xml:425(emphasis) serverguide/C/dm-multipath.xml:1253(parameter)
19044
19039
msgid "dev_loss_tmo"
19045
19040
msgstr ""
19046
19041
19722
19717
"IMAP server."
19723
19718
msgstr ""
19724
19719
19725
#: serverguide/C/mail.xml:22(title) serverguide/C/mail.xml:837(application) serverguide/C/mail.xml:869(title) serverguide/C/mail.xml:947(title) serverguide/C/mail.xml:1519(title)
19720
#: serverguide/C/mail.xml:22(title) serverguide/C/mail.xml:896(application) serverguide/C/mail.xml:928(title) serverguide/C/mail.xml:1006(title) serverguide/C/mail.xml:1577(title)
19726
19721
msgid "Postfix"
19727
19722
msgstr "Postfix"
19728
19723
19849
19844
"your Mail Delivery Agent (MDA) to use the same path."
19850
19845
msgstr ""
19851
19846
19852
#: serverguide/C/mail.xml:106(title) serverguide/C/mail.xml:550(title)
19847
#: serverguide/C/mail.xml:106(title) serverguide/C/mail.xml:608(title)
19853
19848
msgid "SMTP Authentication"
19854
19849
msgstr "Overitev SMTP"
19855
19850
20000
19995
"tls_random_source = dev:/dev/urandom\n"
20001
19996
msgstr ""
20002
19997
20003
#: serverguide/C/mail.xml:188(para)
19998
#: serverguide/C/mail.xml:229(para)
20004
19999
msgid ""
20005
20000
"The postfix initial configuration is complete. Run the following command to "
20006
20001
"restart the postfix daemon:"
20010
20005
msgid "sudo service postfix restart"
20011
20006
msgstr ""
20012
20007
20013
#: serverguide/C/mail.xml:197(para)
20008
#: serverguide/C/mail.xml:238(para)
20014
20009
msgid ""
20015
20010
"<application>Postfix</application> supports SMTP-AUTH as defined in <ulink "
20016
20011
"url=\"http://www.ietf.org/rfc/rfc2554.txt\">RFC2554</ulink>. It is based on "
20019
20014
"AUTH."
20020
20015
msgstr ""
20021
20016
20022
#: serverguide/C/mail.xml:207(title) serverguide/C/mail.xml:614(title)
20017
#: serverguide/C/mail.xml:248(title) serverguide/C/mail.xml:672(title)
20023
20018
msgid "Configuring SASL"
20024
20019
msgstr "Nastavljanje SASL"
20025
20020
20026
#: serverguide/C/mail.xml:208(para)
20021
#: serverguide/C/mail.xml:249(para)
20027
20022
msgid ""
20028
20023
"Postfix supports two SASL implementations Cyrus SASL and Dovecot SASL. To "
20029
20024
"enable Dovecot SASL the <application>dovecot-common</application> package "
20030
20025
"will need to be installed. From a terminal prompt enter the following:"
20031
20026
msgstr ""
20032
20027
20033
#: serverguide/C/mail.xml:214(command)
20028
#: serverguide/C/mail.xml:255(command)
20034
20029
msgid "sudo apt-get install dovecot-common"
20035
20030
msgstr ""
20036
20031
20092
20087
"auth_mechanisms = plain login\n"
20093
20088
msgstr ""
20094
20089
20095
#: serverguide/C/mail.xml:253(para)
20090
#: serverguide/C/mail.xml:298(para)
20096
20091
msgid ""
20097
20092
"Once you have <application>Dovecot</application> configured restart it with:"
20098
20093
msgstr ""
20101
20096
msgid "sudo service dovecot restart"
20102
20097
msgstr ""
20103
20098
20104
#: serverguide/C/mail.xml:262(title)
20099
#: serverguide/C/mail.xml:307(title)
20105
20100
msgid "Mail-Stack Delivery"
20106
20101
msgstr ""
20107
20102
20108
#: serverguide/C/mail.xml:264(para)
20103
#: serverguide/C/mail.xml:309(para)
20109
20104
msgid ""
20110
20105
"Another option for configuring <application>Postfix</application> for SMTP-"
20111
20106
"AUTH is using the <application>mail-stack-delivery</application> package "
20116
20111
"<application>Dovecot</application> for IMAP, IMAPS, POP3, and POP3S."
20117
20112
msgstr ""
20118
20113
20119
#: serverguide/C/mail.xml:274(para)
20114
#: serverguide/C/mail.xml:319(para)
20120
20115
msgid ""
20121
20116
"You may or may not want to run IMAP, IMAPS, POP3, or POP3S on your mail "
20122
20117
"server. For example, if you are configuring your server to be a mail "
20124
20119
"the above commands to configure Postfix for SMTP-AUTH."
20125
20120
msgstr ""
20126
20121
20127
#: serverguide/C/mail.xml:281(para)
20122
#: serverguide/C/mail.xml:326(para)
20128
20123
msgid "To install the package, from a terminal prompt enter:"
20129
20124
msgstr ""
20130
20125
20131
#: serverguide/C/mail.xml:286(command)
20126
#: serverguide/C/mail.xml:331(command)
20132
20127
msgid "sudo apt-get install mail-stack-delivery"
20133
20128
msgstr ""
20134
20129
20135
#: serverguide/C/mail.xml:289(para)
20130
#: serverguide/C/mail.xml:334(para)
20136
20131
msgid ""
20137
20132
"You should now have a working mail server, but there are a few options that "
20138
20133
"you may wish to further customize. For example, the package uses the "
20142
20137
"for more details."
20143
20138
msgstr ""
20144
20139
20145
#: serverguide/C/mail.xml:295(para)
20140
#: serverguide/C/mail.xml:340(para)
20146
20141
msgid ""
20147
20142
"Once you have a customized certificate and key for the host, change the "
20148
20143
"following options in <filename>/etc/postfix/main.cf</filename>:"
20149
20144
msgstr ""
20150
20145
20151
#: serverguide/C/mail.xml:299(programlisting)
20146
#: serverguide/C/mail.xml:344(programlisting)
20152
20147
#, no-wrap
20153
20148
msgid ""
20154
20149
"\n"
20156
20151
"smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key\n"
20157
20152
msgstr ""
20158
20153
20159
#: serverguide/C/mail.xml:304(para)
20154
#: serverguide/C/mail.xml:349(para)
20160
20155
msgid "Then restart Postfix:"
20161
20156
msgstr "Nato znova zaženite Postfix:"
20162
20157
20163
#: serverguide/C/mail.xml:315(para)
20158
#: serverguide/C/mail.xml:360(para)
20164
20159
msgid ""
20165
20160
"SMTP-AUTH configuration is complete. Now it is time to test the setup."
20166
20161
msgstr ""
20167
20162
20168
#: serverguide/C/mail.xml:318(para)
20163
#: serverguide/C/mail.xml:363(para)
20169
20164
msgid "To see if SMTP-AUTH and TLS work properly, run the following command:"
20170
20165
msgstr ""
20171
20166
20172
#: serverguide/C/mail.xml:323(command)
20167
#: serverguide/C/mail.xml:368(command)
20173
20168
msgid "telnet mail.example.com 25"
20174
20169
msgstr "telnet posta.primer.si 25"
20175
20170
20176
#: serverguide/C/mail.xml:325(para)
20171
#: serverguide/C/mail.xml:370(para)
20177
20172
msgid ""
20178
20173
"After you have established the connection to the postfix mail server, type:"
20179
20174
msgstr ""
20180
20175
20181
#: serverguide/C/mail.xml:329(screen)
20176
#: serverguide/C/mail.xml:374(screen)
20182
20177
#, no-wrap
20183
20178
msgid ""
20184
20179
"\n"
20187
20182
"\n"
20188
20183
"ehlo posta.primer.si\n"
20189
20184
20190
#: serverguide/C/mail.xml:332(para)
20185
#: serverguide/C/mail.xml:377(para)
20191
20186
msgid ""
20192
20187
"If you see the following lines among others, then everything is working "
20193
20188
"perfectly. Type <command>quit</command> to exit."
20194
20189
msgstr ""
20195
20190
20196
#: serverguide/C/mail.xml:336(programlisting)
20191
#: serverguide/C/mail.xml:381(programlisting)
20197
20192
#, no-wrap
20198
20193
msgid ""
20199
20194
"\n"
20203
20198
"250 8BITMIME\n"
20204
20199
msgstr ""
20205
20200
20206
#: serverguide/C/mail.xml:346(para)
20201
#: serverguide/C/mail.xml:391(para)
20207
20202
msgid ""
20208
20203
"This section introduces some common ways to determine the cause if problems "
20209
20204
"arise."
20210
20205
msgstr ""
20211
20206
20212
#: serverguide/C/mail.xml:350(title)
20207
#: serverguide/C/mail.xml:395(title)
20213
20208
msgid "Escaping chroot"
20214
20209
msgstr ""
20215
20210
20216
#: serverguide/C/mail.xml:351(para)
20211
#: serverguide/C/mail.xml:396(para)
20217
20212
msgid ""
20218
20213
"The Ubuntu <application>postfix</application> package will by default "
20219
20214
"install into a <emphasis>chroot</emphasis> environment for security reasons. "
20220
20215
"This can add greater complexity when troubleshooting problems."
20221
20216
msgstr ""
20222
20217
20223
#: serverguide/C/mail.xml:355(para)
20218
#: serverguide/C/mail.xml:400(para)
20224
20219
msgid ""
20225
20220
"To turn off the chroot operation locate for the following line in the "
20226
20221
"<filename>/etc/postfix/master.cf</filename> configuration file:"
20227
20222
msgstr ""
20228
20223
20229
#: serverguide/C/mail.xml:359(screen)
20224
#: serverguide/C/mail.xml:404(screen)
20230
20225
#, no-wrap
20231
20226
msgid ""
20232
20227
"\n"
20235
20230
"\n"
20236
20231
"smtp inet n - - - - smtpd\n"
20237
20232
20238
#: serverguide/C/mail.xml:362(para)
20233
#: serverguide/C/mail.xml:407(para)
20239
20234
msgid "and modify it as follows:"
20240
20235
msgstr ""
20241
20236
20242
#: serverguide/C/mail.xml:365(screen)
20237
#: serverguide/C/mail.xml:410(screen)
20243
20238
#, no-wrap
20244
20239
msgid ""
20245
20240
"\n"
20248
20243
"\n"
20249
20244
"smtp inet n - n - - smtpd\n"
20250
20245
20251
#: serverguide/C/mail.xml:368(para)
20246
#: serverguide/C/mail.xml:413(para)
20252
20247
msgid ""
20253
20248
"You will then need to restart Postfix to use the new configuration. From a "
20254
20249
"terminal prompt enter:"
20276
20271
"\t "
20277
20272
msgstr ""
20278
20273
20279
#: serverguide/C/mail.xml:376(title)
20274
#: serverguide/C/mail.xml:434(title)
20280
20275
msgid "Log Files"
20281
20276
msgstr "Dnevniške datoteke"
20282
20277
20283
#: serverguide/C/mail.xml:377(para)
20278
#: serverguide/C/mail.xml:435(para)
20284
20279
msgid ""
20285
20280
"<application>Postfix</application> sends all log messages to "
20286
20281
"<filename>/var/log/mail.log</filename>. However error and warning messages "
20289
20284
"<filename>/var/log/mail.warn</filename> respectively."
20290
20285
msgstr ""
20291
20286
20292
#: serverguide/C/mail.xml:382(para)
20287
#: serverguide/C/mail.xml:440(para)
20293
20288
msgid ""
20294
20289
"To see messages entered into the logs in real time you can use the "
20295
20290
"<application>tail -f</application> command:"
20296
20291
msgstr ""
20297
20292
20298
#: serverguide/C/mail.xml:387(command)
20293
#: serverguide/C/mail.xml:445(command)
20299
20294
msgid "tail -f /var/log/mail.err"
20300
20295
msgstr ""
20301
20296
20302
#: serverguide/C/mail.xml:389(para)
20297
#: serverguide/C/mail.xml:447(para)
20303
20298
msgid ""
20304
20299
"The amount of detail that is recorded in the logs can be increased. Below "
20305
20300
"are some configuration options for increasing the log level for some of the "
20306
20301
"areas covered above."
20307
20302
msgstr ""
20308
20303
20309
#: serverguide/C/mail.xml:395(para)
20304
#: serverguide/C/mail.xml:453(para)
20310
20305
msgid ""
20311
20306
"To increase <emphasis>TLS</emphasis> activity logging set the "
20312
20307
"<emphasis>smtpd_tls_loglevel</emphasis> option to a value from 1 to 4."
20313
20308
msgstr ""
20314
20309
20315
#: serverguide/C/mail.xml:399(command)
20310
#: serverguide/C/mail.xml:457(command)
20316
20311
msgid "sudo postconf -e 'smtpd_tls_loglevel = 4'"
20317
20312
msgstr ""
20318
20313
20319
#: serverguide/C/mail.xml:403(para)
20314
#: serverguide/C/mail.xml:461(para)
20320
20315
msgid ""
20321
20316
"If you are having trouble sending or receiving mail from a specific domain "
20322
20317
"you can add the domain to the <emphasis>debug_peer_list</emphasis> parameter."
20323
20318
msgstr ""
20324
20319
20325
#: serverguide/C/mail.xml:408(command)
20320
#: serverguide/C/mail.xml:466(command)
20326
20321
msgid "sudo postconf -e 'debug_peer_list = problem.domain'"
20327
20322
msgstr ""
20328
20323
20329
#: serverguide/C/mail.xml:412(para)
20324
#: serverguide/C/mail.xml:470(para)
20330
20325
msgid ""
20331
20326
"You can increase the verbosity of any <application>Postfix</application> "
20332
20327
"daemon process by editing the <filename>/etc/postfix/master.cf</filename> "
20334
20329
"<emphasis>smtp</emphasis> entry:"
20335
20330
msgstr ""
20336
20331
20337
#: serverguide/C/mail.xml:416(programlisting)
20332
#: serverguide/C/mail.xml:474(programlisting)
20338
20333
#, no-wrap
20339
20334
msgid ""
20340
20335
"\n"
20356
20351
"<filename>/etc/dovecot/conf.d/10-logging.conf</filename>"
20357
20352
msgstr ""
20358
20353
20359
#: serverguide/C/mail.xml:433(programlisting)
20354
#: serverguide/C/mail.xml:491(programlisting)
20360
20355
#, no-wrap
20361
20356
msgid ""
20362
20357
"\n"
20371
20366
"reloaded: <command>sudo service dovecot reload</command>."
20372
20367
msgstr ""
20373
20368
20374
#: serverguide/C/mail.xml:446(para)
20369
#: serverguide/C/mail.xml:504(para)
20375
20370
msgid ""
20376
20371
"Some of the options above can drastically increase the amount of information "
20377
20372
"sent to the log files. Remember to return the log level back to normal after "
20379
20374
"new configuration to take affect."
20380
20375
msgstr ""
20381
20376
20382
#: serverguide/C/mail.xml:454(para)
20377
#: serverguide/C/mail.xml:512(para)
20383
20378
msgid ""
20384
20379
"Administering a <application>Postfix</application> server can be a very "
20385
20380
"complicated task. At some point you may need to turn to the Ubuntu community "
20386
20381
"for more experienced help."
20387
20382
msgstr ""
20388
20383
20389
#: serverguide/C/mail.xml:458(para)
20384
#: serverguide/C/mail.xml:516(para)
20390
20385
msgid ""
20391
20386
"A great place to ask for <application>Postfix</application> assistance, and "
20392
20387
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
20396
20391
"url=\"http://www.ubuntu.com/support/community/webforums\">Web Forums</ulink>."
20397
20392
msgstr ""
20398
20393
20399
#: serverguide/C/mail.xml:463(para)
20394
#: serverguide/C/mail.xml:521(para)
20400
20395
msgid ""
20401
20396
"For in depth <application>Postfix</application> information Ubuntu "
20402
20397
"developers highly recommend: <ulink url=\"http://www.postfix-book.com/\">The "
20403
20398
"Book of Postfix</ulink>."
20404
20399
msgstr ""
20405
20400
20406
#: serverguide/C/mail.xml:467(para)
20401
#: serverguide/C/mail.xml:525(para)
20407
20402
msgid ""
20408
20403
"Finally, the <ulink "
20409
20404
"url=\"http://www.postfix.org/documentation.html\">Postfix</ulink> website "
20417
20412
"Wiki Postfix</ulink> page has more information."
20418
20413
msgstr ""
20419
20414
20420
#: serverguide/C/mail.xml:479(title) serverguide/C/mail.xml:875(title) serverguide/C/mail.xml:991(title)
20415
#: serverguide/C/mail.xml:537(title) serverguide/C/mail.xml:934(title) serverguide/C/mail.xml:1050(title)
20421
20416
msgid "Exim4"
20422
20417
msgstr "Exim4"
20423
20418
20424
#: serverguide/C/mail.xml:480(para)
20419
#: serverguide/C/mail.xml:538(para)
20425
20420
msgid ""
20426
20421
"<application>Exim4</application> is another Message Transfer Agent (MTA) "
20427
20422
"developed at the University of Cambridge for use on Unix systems connected "
20431
20426
"<application>sendmail</application>."
20432
20427
msgstr ""
20433
20428
20434
#: serverguide/C/mail.xml:491(para)
20429
#: serverguide/C/mail.xml:549(para)
20435
20430
msgid ""
20436
20431
"To install <application>exim4</application>, run the following command: "
20437
20432
"<screen>\n"
20439
20434
"</screen>"
20440
20435
msgstr ""
20441
20436
20442
#: serverguide/C/mail.xml:500(para)
20437
#: serverguide/C/mail.xml:558(para)
20443
20438
msgid ""
20444
20439
"To configure <application>Exim4</application>, run the following command:"
20445
20440
msgstr ""
20446
20441
20447
#: serverguide/C/mail.xml:504(command)
20442
#: serverguide/C/mail.xml:562(command)
20448
20443
msgid "sudo dpkg-reconfigure exim4-config"
20449
20444
msgstr ""
20450
20445
20451
#: serverguide/C/mail.xml:506(para)
20446
#: serverguide/C/mail.xml:564(para)
20452
20447
msgid ""
20453
20448
"The user interface will be displayed. The user interface lets you configure "
20454
20449
"many parameters. For example, In <application>Exim4</application> the "
20456
20451
"in one file you can configure accordingly in this user interface."
20457
20452
msgstr ""
20458
20453
20459
#: serverguide/C/mail.xml:514(para)
20454
#: serverguide/C/mail.xml:572(para)
20460
20455
msgid ""
20461
20456
"All the parameters you configure in the user interface are stored in "
20462
"<filename>/etc/exim4/update-exim4.conf</filename> file. If you wish to re-"
20463
"configure, either you re-run the configuration wizard or manually edit this "
20464
"file using your favorite editor. Once you configure, you can run the "
20457
"<filename>/etc/exim4/update-exim4.conf.conf</filename> file. If you wish to "
20458
"re-configure, either you re-run the configuration wizard or manually edit "
20459
"this file using your favorite editor. Once you configure, you can run the "
20465
20460
"following command to generate the master configuration file:"
20466
20461
msgstr ""
20467
20462
20468
#: serverguide/C/mail.xml:525(command) serverguide/C/mail.xml:609(command)
20463
#: serverguide/C/mail.xml:583(command) serverguide/C/mail.xml:667(command)
20469
20464
msgid "sudo update-exim4.conf"
20470
20465
msgstr "sudo update-exim4.conf"
20471
20466
20472
#: serverguide/C/mail.xml:527(para)
20467
#: serverguide/C/mail.xml:585(para)
20473
20468
msgid ""
20474
20469
"The master configuration file, is generated and it is stored in "
20475
20470
"<filename>/var/lib/exim4/config.autogenerated</filename>."
20476
20471
msgstr ""
20477
20472
20478
#: serverguide/C/mail.xml:533(para)
20473
#: serverguide/C/mail.xml:591(para)
20479
20474
msgid ""
20480
20475
"At any time, you should not edit the master configuration file, "
20481
20476
"<filename>/var/lib/exim4/config.autogenerated</filename> manually. It is "
20482
20477
"updated automatically every time you run <command>update-exim4.conf</command>"
20483
20478
msgstr ""
20484
20479
20485
#: serverguide/C/mail.xml:541(para)
20480
#: serverguide/C/mail.xml:599(para)
20486
20481
msgid ""
20487
20482
"You can run the following command to start <application>Exim4</application> "
20488
20483
"daemon."
20492
20487
msgid "sudo service exim4 start"
20493
20488
msgstr ""
20494
20489
20495
#: serverguide/C/mail.xml:551(para)
20490
#: serverguide/C/mail.xml:609(para)
20496
20491
msgid ""
20497
20492
"This section covers configuring Exim4 to use SMTP-AUTH with TLS and SASL."
20498
20493
msgstr ""
20499
20494
20500
#: serverguide/C/mail.xml:554(para)
20495
#: serverguide/C/mail.xml:612(para)
20501
20496
msgid ""
20502
20497
"The first step is to create a certificate for use with TLS. Enter the "
20503
20498
"following into a terminal prompt:"
20504
20499
msgstr ""
20505
20500
20506
#: serverguide/C/mail.xml:558(command)
20501
#: serverguide/C/mail.xml:616(command)
20507
20502
msgid "sudo /usr/share/doc/exim4-base/examples/exim-gencert"
20508
20503
msgstr ""
20509
20504
20510
#: serverguide/C/mail.xml:560(para)
20505
#: serverguide/C/mail.xml:618(para)
20511
20506
msgid ""
20512
20507
"Now Exim4 needs to be configured for TLS by editing "
20513
20508
"<filename>/etc/exim4/conf.d/main/03_exim4-config_tlsoptions</filename> add "
20514
20509
"the following:"
20515
20510
msgstr ""
20516
20511
20517
#: serverguide/C/mail.xml:564(programlisting)
20512
#: serverguide/C/mail.xml:622(programlisting)
20518
20513
#, no-wrap
20519
20514
msgid ""
20520
20515
"\n"
20521
20516
"MAIN_TLS_ENABLE = yes\n"
20522
20517
msgstr ""
20523
20518
20524
#: serverguide/C/mail.xml:567(para)
20519
#: serverguide/C/mail.xml:625(para)
20525
20520
msgid ""
20526
20521
"Next you need to configure <application>Exim4</application> to use the "
20527
20522
"<application>saslauthd</application> for authentication. Edit "
20530
20525
"<emphasis>login_saslauthd_server</emphasis> sections:"
20531
20526
msgstr ""
20532
20527
20533
#: serverguide/C/mail.xml:572(programlisting)
20528
#: serverguide/C/mail.xml:630(programlisting)
20534
20529
#, no-wrap
20535
20530
msgid ""
20536
20531
"\n"
20556
20551
" .endif\n"
20557
20552
msgstr ""
20558
20553
20559
#: serverguide/C/mail.xml:594(para)
20554
#: serverguide/C/mail.xml:652(para)
20560
20555
msgid ""
20561
20556
"Additionally, in order for outside mail client to be able to connect to new "
20562
20557
"exim server, new user needs to be added into exim by using the following "
20567
20562
msgid "sudo /usr/share/doc/exim4-base/examples/exim-adduser"
20568
20563
msgstr ""
20569
20564
20570
#: serverguide/C/mail.xml:600(para)
20565
#: serverguide/C/mail.xml:658(para)
20571
20566
msgid ""
20572
20567
"Users should protect the new exim password files with the following commands."
20573
20568
msgstr ""
20574
20569
20575
#: serverguide/C/mail.xml:602(command)
20570
#: serverguide/C/mail.xml:660(command)
20576
20571
msgid "sudo chown root:Debian-exim /etc/exim4/passwd"
20577
20572
msgstr ""
20578
20573
20579
#: serverguide/C/mail.xml:603(command)
20574
#: serverguide/C/mail.xml:661(command)
20580
20575
msgid "sudo chmod 640 /etc/exim4/passwd"
20581
20576
msgstr ""
20582
20577
20583
#: serverguide/C/mail.xml:605(para)
20578
#: serverguide/C/mail.xml:663(para)
20584
20579
msgid "Finally, update the Exim4 configuration and restart the service:"
20585
20580
msgstr ""
20586
20581
20588
20583
msgid "sudo service exim4 restart"
20589
20584
msgstr ""
20590
20585
20591
#: serverguide/C/mail.xml:615(para)
20586
#: serverguide/C/mail.xml:673(para)
20592
20587
msgid ""
20593
20588
"This section provides details on configuring the saslauthd to provide "
20594
20589
"authentication for <application>Exim4</application>."
20595
20590
msgstr ""
20596
20591
20597
#: serverguide/C/mail.xml:618(para)
20592
#: serverguide/C/mail.xml:676(para)
20598
20593
msgid ""
20599
20594
"The first step is to install the sasl2-bin package. From a terminal prompt "
20600
20595
"enter the following:"
20601
20596
msgstr ""
20602
20597
20603
#: serverguide/C/mail.xml:622(command)
20598
#: serverguide/C/mail.xml:680(command)
20604
20599
msgid "sudo apt-get install sasl2-bin"
20605
20600
msgstr ""
20606
20601
20607
#: serverguide/C/mail.xml:624(para)
20602
#: serverguide/C/mail.xml:682(para)
20608
20603
msgid ""
20609
20604
"To configure saslauthd edit the /etc/default/saslauthd configuration file "
20610
20605
"and set START=no to:"
20611
20606
msgstr ""
20612
20607
20613
#: serverguide/C/mail.xml:630(para)
20608
#: serverguide/C/mail.xml:688(para)
20614
20609
msgid ""
20615
20610
"Next the <emphasis>Debian-exim</emphasis> user needs to be part of the "
20616
20611
"<emphasis>sasl</emphasis> group in order for Exim4 to use the saslauthd "
20617
20612
"service:"
20618
20613
msgstr ""
20619
20614
20620
#: serverguide/C/mail.xml:635(command)
20615
#: serverguide/C/mail.xml:693(command)
20621
20616
msgid "sudo adduser Debian-exim sasl"
20622
20617
msgstr "sudo adduser Debian-exim sasl"
20623
20618
20624
#: serverguide/C/mail.xml:637(para)
20619
#: serverguide/C/mail.xml:695(para)
20625
20620
msgid "Now start the <application>saslauthd</application> service:"
20626
20621
msgstr ""
20627
20622
20629
20624
msgid "sudo service saslauthd start"
20630
20625
msgstr ""
20631
20626
20632
#: serverguide/C/mail.xml:643(para)
20627
#: serverguide/C/mail.xml:701(para)
20633
20628
msgid ""
20634
20629
"<application>Exim4</application> is now configured with SMTP-AUTH using TLS "
20635
20630
"and SASL authentication."
20636
20631
msgstr ""
20637
20632
20638
#: serverguide/C/mail.xml:652(para)
20633
#: serverguide/C/mail.xml:710(para)
20639
20634
msgid ""
20640
20635
"See <ulink url=\"http://www.exim.org/\">exim.org</ulink> for more "
20641
20636
"information."
20642
20637
msgstr ""
20643
20638
20644
#: serverguide/C/mail.xml:657(para)
20639
#: serverguide/C/mail.xml:715(para)
20645
20640
msgid ""
20646
20641
"There is also an <ulink url=\"http://www.uit.co.uk/content/exim-smtp-mail-"
20647
20642
"server\">Exim4 Book</ulink> available."
20648
20643
msgstr ""
20649
20644
20650
#: serverguide/C/mail.xml:662(para)
20645
#: serverguide/C/mail.xml:720(para)
20651
20646
msgid ""
20652
20647
"Another resource is the <ulink "
20653
20648
"url=\"https://help.ubuntu.com/community/Exim4\">Exim4 Ubuntu Wiki </ulink> "
20654
20649
"page."
20655
20650
msgstr ""
20656
20651
20657
#: serverguide/C/mail.xml:671(title)
20652
#: serverguide/C/mail.xml:729(title)
20658
20653
msgid "Dovecot Server"
20659
20654
msgstr ""
20660
20655
20661
#: serverguide/C/mail.xml:672(para)
20656
#: serverguide/C/mail.xml:730(para)
20662
20657
msgid ""
20663
20658
"<application>Dovecot</application> is a Mail Delivery Agent, written with "
20664
20659
"security primarily in mind. It supports the major mailbox formats: mbox or "
20665
20660
"Maildir. This section explain how to set it up as an imap or pop3 server."
20666
20661
msgstr ""
20667
20662
20668
#: serverguide/C/mail.xml:680(para)
20663
#: serverguide/C/mail.xml:738(para)
20669
20664
msgid ""
20670
20665
"To install <application>dovecot</application>, run the following command in "
20671
20666
"the command prompt:"
20672
20667
msgstr ""
20673
20668
20674
#: serverguide/C/mail.xml:685(command)
20669
#: serverguide/C/mail.xml:743(command)
20675
20670
msgid "sudo apt-get install dovecot-imapd dovecot-pop3d"
20676
20671
msgstr ""
20677
20672
20678
#: serverguide/C/mail.xml:690(para)
20673
#: serverguide/C/mail.xml:748(para)
20679
20674
msgid ""
20680
20675
"To configure <application>dovecot</application>, you can edit the file "
20681
20676
"<filename>/etc/dovecot/dovecot.conf</filename>. You can choose the protocol "
20687
20682
"link>."
20688
20683
msgstr ""
20689
20684
20690
#: serverguide/C/mail.xml:700(para)
20685
#: serverguide/C/mail.xml:758(para)
20691
20686
msgid ""
20692
20687
"IMAPS and POP3S are more secure that the simple IMAP and POP3 because they "
20693
20688
"use SSL encryption to connect. Once you have chosen the protocol, amend the "
20694
20689
"following line in the file <filename>/etc/dovecot/dovecot.conf</filename>:"
20695
20690
msgstr ""
20696
20691
20697
#: serverguide/C/mail.xml:706(programlisting)
20692
#: serverguide/C/mail.xml:764(programlisting)
20698
20693
#, no-wrap
20699
20694
msgid ""
20700
20695
"\n"
20719
20714
"following line:"
20720
20715
msgstr ""
20721
20716
20722
#: serverguide/C/mail.xml:722(programlisting)
20717
#: serverguide/C/mail.xml:780(programlisting)
20723
20718
#, no-wrap
20724
20719
msgid ""
20725
20720
"\n"
20728
20723
"mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u # (for mbox)\n"
20729
20724
msgstr ""
20730
20725
20731
#: serverguide/C/mail.xml:728(para)
20726
#: serverguide/C/mail.xml:786(para)
20732
20727
msgid ""
20733
20728
"You should configure your Mail Transport Agent (MTA) to transfer the "
20734
20729
"incoming mail to this type of mailbox if it is different from the one you "
20735
20730
"have configured."
20736
20731
msgstr ""
20737
20732
20738
#: serverguide/C/mail.xml:734(para)
20733
#: serverguide/C/mail.xml:792(para)
20739
20734
msgid ""
20740
20735
"Once you have configured dovecot, restart the "
20741
20736
"<application>dovecot</application> daemon in order to test your setup:"
20742
20737
msgstr ""
20743
20738
20744
#: serverguide/C/mail.xml:743(para)
20739
#: serverguide/C/mail.xml:801(para)
20745
20740
msgid ""
20746
20741
"If you have enabled imap, or pop3, you can also try to log in with the "
20747
20742
"commands <command>telnet localhost pop3</command> or <command>telnet "
20749
20744
"installation has been successful:"
20750
20745
msgstr ""
20751
20746
20752
#: serverguide/C/mail.xml:750(programlisting)
20747
#: serverguide/C/mail.xml:808(programlisting)
20753
20748
#, no-wrap
20754
20749
msgid ""
20755
20750
"\n"
20760
20755
"+OK Dovecot ready.\n"
20761
20756
msgstr ""
20762
20757
20763
#: serverguide/C/mail.xml:759(title)
20758
#: serverguide/C/mail.xml:817(title)
20764
20759
msgid "Dovecot SSL Configuration"
20765
20760
msgstr ""
20766
20761
20783
20778
"<filename>/etc/dovecot/conf.d/10-ssl.conf</filename> configuration file."
20784
20779
msgstr ""
20785
20780
20786
#: serverguide/C/mail.xml:786(title)
20781
#: serverguide/C/mail.xml:845(title)
20787
20782
msgid "Firewall Configuration for an Email Server"
20788
20783
msgstr ""
20789
20784
20790
#: serverguide/C/mail.xml:792(para)
20785
#: serverguide/C/mail.xml:851(para)
20791
20786
msgid "IMAP - 143"
20792
20787
msgstr "IMAP - 143"
20793
20788
20794
#: serverguide/C/mail.xml:793(para)
20789
#: serverguide/C/mail.xml:852(para)
20795
20790
msgid "IMAPS - 993"
20796
20791
msgstr "IMAPS - 993"
20797
20792
20798
#: serverguide/C/mail.xml:794(para)
20793
#: serverguide/C/mail.xml:853(para)
20799
20794
msgid "POP3 - 110"
20800
20795
msgstr "POP3 - 110"
20801
20796
20802
#: serverguide/C/mail.xml:795(para)
20797
#: serverguide/C/mail.xml:854(para)
20803
20798
msgid "POP3S - 995"
20804
20799
msgstr "POP3S - 995"
20805
20800
20806
#: serverguide/C/mail.xml:787(para)
20801
#: serverguide/C/mail.xml:846(para)
20807
20802
msgid ""
20808
20803
"To access your mail server from another computer, you must configure your "
20809
20804
"firewall to allow connections to the server on the necessary ports. "
20810
20805
"<placeholder-1/>"
20811
20806
msgstr ""
20812
20807
20813
#: serverguide/C/mail.xml:804(para)
20808
#: serverguide/C/mail.xml:863(para)
20814
20809
msgid ""
20815
20810
"See the <ulink url=\"http://www.dovecot.org/\">Dovecot website</ulink> for "
20816
20811
"more information."
20817
20812
msgstr ""
20818
20813
20819
#: serverguide/C/mail.xml:809(para)
20814
#: serverguide/C/mail.xml:868(para)
20820
20815
msgid ""
20821
20816
"Also, the <ulink url=\"https://help.ubuntu.com/community/Dovecot\">Dovecot "
20822
20817
"Ubuntu Wiki</ulink> page has more details."
20825
20820
"url=\"https://help.ubuntu.com/community/Dovecot\">Dovecot na Ubuntu "
20826
20821
"Wiki</ulink>."
20827
20822
20828
#: serverguide/C/mail.xml:818(title) serverguide/C/mail.xml:893(title) serverguide/C/mail.xml:1116(title)
20823
#: serverguide/C/mail.xml:877(title) serverguide/C/mail.xml:952(title) serverguide/C/mail.xml:1175(title)
20829
20824
msgid "Mailman"
20830
20825
msgstr ""
20831
20826
20832
#: serverguide/C/mail.xml:819(para)
20827
#: serverguide/C/mail.xml:878(para)
20833
20828
msgid ""
20834
20829
"Mailman is an open source program for managing electronic mail discussions "
20835
20830
"and e-newsletter lists. Many open source mailing lists (including all the "
20838
20833
"and maintain."
20839
20834
msgstr ""
20840
20835
20841
#: serverguide/C/mail.xml:829(para)
20836
#: serverguide/C/mail.xml:888(para)
20842
20837
msgid ""
20843
20838
"Mailman provides a web interface for the administrators and users, using an "
20844
20839
"external mail server to send and receive emails. It works perfectly with the "
20845
20840
"following mail servers:"
20846
20841
msgstr ""
20847
20842
20848
#: serverguide/C/mail.xml:840(application)
20843
#: serverguide/C/mail.xml:899(application)
20849
20844
msgid "Exim"
20850
20845
msgstr ""
20851
20846
20852
#: serverguide/C/mail.xml:843(application)
20847
#: serverguide/C/mail.xml:902(application)
20853
20848
msgid "Sendmail"
20854
20849
msgstr ""
20855
20850
20856
#: serverguide/C/mail.xml:846(application)
20851
#: serverguide/C/mail.xml:905(application)
20857
20852
msgid "Qmail"
20858
20853
msgstr ""
20859
20854
20860
#: serverguide/C/mail.xml:851(para)
20855
#: serverguide/C/mail.xml:910(para)
20861
20856
msgid ""
20862
20857
"We will see how to install and configure Mailman with, the Apache web "
20863
20858
"server, and either the Postfix or Exim mail server. If you wish to install "
20864
20859
"Mailman with a different mail server, please refer to the references section."
20865
20860
msgstr ""
20866
20861
20867
#: serverguide/C/mail.xml:858(para)
20862
#: serverguide/C/mail.xml:917(para)
20868
20863
msgid ""
20869
20864
"You only need to install one mail server and "
20870
20865
"<application>Postfix</application> is the default Ubuntu Mail Transfer Agent."
20871
20866
msgstr ""
20872
20867
20873
#: serverguide/C/mail.xml:863(title) serverguide/C/mail.xml:920(title)
20868
#: serverguide/C/mail.xml:922(title) serverguide/C/mail.xml:979(title)
20874
20869
msgid "Apache2"
20875
20870
msgstr "Apache2"
20876
20871
20877
#: serverguide/C/mail.xml:864(para)
20872
#: serverguide/C/mail.xml:923(para)
20878
20873
msgid ""
20879
20874
"To install apache2 you refer to <xref linkend=\"http-installation\"/> for "
20880
20875
"details."
20881
20876
msgstr ""
20882
20877
20883
#: serverguide/C/mail.xml:870(para)
20878
#: serverguide/C/mail.xml:929(para)
20884
20879
msgid ""
20885
20880
"For instructions on installing and configuring Postfix refer to <xref "
20886
20881
"linkend=\"postfix\"/>"
20887
20882
msgstr ""
20888
20883
20889
#: serverguide/C/mail.xml:876(para)
20884
#: serverguide/C/mail.xml:935(para)
20890
20885
msgid "To install Exim4 refer to <xref linkend=\"exim4\"/>."
20891
20886
msgstr ""
20892
20887
20893
#: serverguide/C/mail.xml:879(para)
20888
#: serverguide/C/mail.xml:938(para)
20894
20889
msgid ""
20895
20890
"Once exim4 is installed, the configuration files are stored in the "
20896
20891
"<filename>/etc/exim4</filename> directory. In Ubuntu, by default, the exim4 "
20899
20894
"<filename>/etc/exim4/update-exim4.conf</filename> file:"
20900
20895
msgstr ""
20901
20896
20902
#: serverguide/C/mail.xml:886(programlisting)
20897
#: serverguide/C/mail.xml:945(programlisting)
20903
20898
#, no-wrap
20904
20899
msgid ""
20905
20900
"\n"
20906
20901
"dc_use_split_config='true'\n"
20907
20902
msgstr ""
20908
20903
20909
#: serverguide/C/mail.xml:894(para)
20904
#: serverguide/C/mail.xml:953(para)
20910
20905
msgid ""
20911
20906
"To install <application>Mailman</application>, run following command at a "
20912
20907
"terminal prompt:"
20913
20908
msgstr ""
20914
20909
20915
#: serverguide/C/mail.xml:898(command)
20910
#: serverguide/C/mail.xml:957(command)
20916
20911
msgid "sudo apt-get install mailman"
20917
20912
msgstr "sudo apt-get install mailman"
20918
20913
20919
#: serverguide/C/mail.xml:900(para)
20914
#: serverguide/C/mail.xml:959(para)
20920
20915
msgid ""
20921
20916
"It copies the installation files in "
20922
20917
"<application>/var/lib/mailman</application> directory. It installs the CGI "
20926
20921
"this user."
20927
20922
msgstr ""
20928
20923
20929
#: serverguide/C/mail.xml:912(para)
20924
#: serverguide/C/mail.xml:971(para)
20930
20925
msgid ""
20931
20926
"This section assumes you have successfully installed "
20932
20927
"<application>mailman</application>, <application>apache2</application>, and "
20934
20929
"you just need to configure them."
20935
20930
msgstr ""
20936
20931
20937
#: serverguide/C/mail.xml:921(para)
20932
#: serverguide/C/mail.xml:980(para)
20938
20933
msgid ""
20939
20934
"An example Apache configuration file comes with "
20940
20935
"<application>Mailman</application> and is placed in "
20943
20938
"available</filename>:"
20944
20939
msgstr ""
20945
20940
20946
#: serverguide/C/mail.xml:927(command)
20941
#: serverguide/C/mail.xml:986(command)
20947
20942
msgid ""
20948
20943
"sudo cp /etc/mailman/apache.conf /etc/apache2/sites-available/mailman.conf"
20949
20944
msgstr ""
20950
20945
"sudo cp /etc/mailman/apache.conf /etc/apache2/sites-available/mailman.conf"
20951
20946
20952
#: serverguide/C/mail.xml:929(para)
20947
#: serverguide/C/mail.xml:988(para)
20953
20948
msgid ""
20954
20949
"This will setup a new Apache <emphasis>VirtualHost</emphasis> for the "
20955
20950
"Mailman administration site. Now enable the new configuration and restart "
20956
20951
"Apache:"
20957
20952
msgstr ""
20958
20953
20959
#: serverguide/C/mail.xml:934(command)
20954
#: serverguide/C/mail.xml:993(command)
20960
20955
msgid "sudo a2ensite mailman.conf"
20961
20956
msgstr "sudo a2ensite mailman.conf"
20962
20957
20963
#: serverguide/C/mail.xml:937(para)
20958
#: serverguide/C/mail.xml:996(para)
20964
20959
msgid ""
20965
20960
"Mailman uses apache2 to render its CGI scripts. The mailman CGI scripts are "
20966
20961
"installed in the <application>/usr/lib/cgi-bin/mailman</application> "
20969
20964
"available/mailman.conf</filename> file if you wish to change this behavior."
20970
20965
msgstr ""
20971
20966
20972
#: serverguide/C/mail.xml:948(para)
20967
#: serverguide/C/mail.xml:1007(para)
20973
20968
msgid ""
20974
20969
"For <application>Postfix</application> integration, we will associate the "
20975
20970
"domain lists.example.com with the mailing lists. Please replace "
20976
20971
"<emphasis>lists.example.com</emphasis> with the domain of your choosing."
20977
20972
msgstr ""
20978
20973
20979
#: serverguide/C/mail.xml:952(para)
20974
#: serverguide/C/mail.xml:1011(para)
20980
20975
msgid ""
20981
20976
"You can use the postconf command to add the necessary configuration to "
20982
20977
"<filename>/etc/postfix/main.cf</filename>:"
20983
20978
msgstr ""
20984
20979
20985
#: serverguide/C/mail.xml:956(command)
20980
#: serverguide/C/mail.xml:1015(command)
20986
20981
msgid "sudo postconf -e 'relay_domains = lists.example.com'"
20987
20982
msgstr ""
20988
20983
20989
#: serverguide/C/mail.xml:957(command)
20984
#: serverguide/C/mail.xml:1016(command)
20990
20985
msgid "sudo postconf -e 'transport_maps = hash:/etc/postfix/transport'"
20991
20986
msgstr ""
20992
20987
20993
#: serverguide/C/mail.xml:958(command)
20988
#: serverguide/C/mail.xml:1017(command)
20994
20989
msgid "sudo postconf -e 'mailman_destination_recipient_limit = 1'"
20995
20990
msgstr ""
20996
20991
20997
#: serverguide/C/mail.xml:960(para)
20992
#: serverguide/C/mail.xml:1019(para)
20998
20993
msgid ""
20999
20994
"In <filename>/etc/postfix/master.cf</filename> double check that you have "
21000
20995
"the following transport:"
21001
20996
msgstr ""
21002
20997
21003
#: serverguide/C/mail.xml:963(programlisting)
20998
#: serverguide/C/mail.xml:1022(programlisting)
21004
20999
#, no-wrap
21005
21000
msgid ""
21006
21001
"\n"
21009
21004
" ${nexthop} ${user}\n"
21010
21005
msgstr ""
21011
21006
21012
#: serverguide/C/mail.xml:968(para)
21007
#: serverguide/C/mail.xml:1027(para)
21013
21008
msgid ""
21014
21009
"It calls the <emphasis>postfix-to-mailman.py</emphasis> script when a mail "
21015
21010
"is delivered to a list."
21016
21011
msgstr ""
21017
21012
21018
#: serverguide/C/mail.xml:971(para)
21013
#: serverguide/C/mail.xml:1030(para)
21019
21014
msgid ""
21020
21015
"Associate the domain lists.example.com to the Mailman transport with the "
21021
21016
"transport map. Edit the file <filename>/etc/postfix/transport</filename>:"
21022
21017
msgstr ""
21023
21018
21024
#: serverguide/C/mail.xml:974(programlisting)
21019
#: serverguide/C/mail.xml:1033(programlisting)
21025
21020
#, no-wrap
21026
21021
msgid ""
21027
21022
"\n"
21028
21023
"lists.example.com mailman:\n"
21029
21024
msgstr ""
21030
21025
21031
#: serverguide/C/mail.xml:977(para)
21026
#: serverguide/C/mail.xml:1036(para)
21032
21027
msgid ""
21033
21028
"Now have <application>Postfix</application> build the transport map by "
21034
21029
"entering the following from a terminal prompt:"
21035
21030
msgstr ""
21036
21031
21037
#: serverguide/C/mail.xml:981(command)
21032
#: serverguide/C/mail.xml:1040(command)
21038
21033
msgid "sudo postmap -v /etc/postfix/transport"
21039
21034
msgstr ""
21040
21035
21041
#: serverguide/C/mail.xml:983(para)
21036
#: serverguide/C/mail.xml:1042(para)
21042
21037
msgid "Then restart Postfix to enable the new configurations:"
21043
21038
msgstr ""
21044
21039
21045
#: serverguide/C/mail.xml:992(para)
21040
#: serverguide/C/mail.xml:1051(para)
21046
21041
msgid ""
21047
21042
"Once Exim4 is installed, you can start the Exim server using the following "
21048
21043
"command from a terminal prompt:"
21049
21044
msgstr ""
21050
21045
21051
#: serverguide/C/mail.xml:1008(para) serverguide/C/mail.xml:1023(title)
21046
#: serverguide/C/mail.xml:1067(para) serverguide/C/mail.xml:1082(title)
21052
21047
msgid "Main"
21053
21048
msgstr ""
21054
21049
21055
#: serverguide/C/mail.xml:1011(para) serverguide/C/mail.xml:1063(title)
21050
#: serverguide/C/mail.xml:1070(para) serverguide/C/mail.xml:1122(title)
21056
21051
msgid "Transport"
21057
21052
msgstr ""
21058
21053
21059
#: serverguide/C/mail.xml:1014(para) serverguide/C/mail.xml:1086(title)
21054
#: serverguide/C/mail.xml:1073(para) serverguide/C/mail.xml:1145(title)
21060
21055
msgid "Router"
21061
21056
msgstr "Usmerjevalnik"
21062
21057
21063
#: serverguide/C/mail.xml:999(para)
21058
#: serverguide/C/mail.xml:1058(para)
21064
21059
msgid ""
21065
21060
"In order to make mailman work with Exim4, you need to configure Exim4. As "
21066
21061
"mentioned earlier, by default, Exim4 uses multiple configuration files of "
21072
21067
"is very important."
21073
21068
msgstr ""
21074
21069
21075
#: serverguide/C/mail.xml:1030(programlisting)
21070
#: serverguide/C/mail.xml:1089(programlisting)
21076
21071
#, no-wrap
21077
21072
msgid ""
21078
21073
"\n"
21106
21101
"# end\n"
21107
21102
msgstr ""
21108
21103
21109
#: serverguide/C/mail.xml:1024(para)
21104
#: serverguide/C/mail.xml:1083(para)
21110
21105
msgid ""
21111
21106
"All the configuration files belonging to the main type are stored in the "
21112
21107
"<filename>/etc/exim4/conf.d/main/</filename> directory. You can add the "
21114
21109
"config_mailman</filename>: <placeholder-1/>"
21115
21110
msgstr ""
21116
21111
21117
#: serverguide/C/mail.xml:1070(programlisting)
21112
#: serverguide/C/mail.xml:1129(programlisting)
21118
21113
#, no-wrap
21119
21114
msgid ""
21120
21115
"\n"
21132
21127
" group = MM_GID\n"
21133
21128
msgstr ""
21134
21129
21135
#: serverguide/C/mail.xml:1064(para)
21130
#: serverguide/C/mail.xml:1123(para)
21136
21131
msgid ""
21137
21132
"All the configuration files belonging to transport type are stored in the "
21138
21133
"<filename>/etc/exim4/conf.d/transport/</filename> directory. You can add the "
21140
21135
"config_mailman</filename>: <placeholder-1/>"
21141
21136
msgstr ""
21142
21137
21143
#: serverguide/C/mail.xml:1091(programlisting)
21138
#: serverguide/C/mail.xml:1150(programlisting)
21144
21139
#, no-wrap
21145
21140
msgid ""
21146
21141
"\n"
21154
21149
" transport = mailman_transport\n"
21155
21150
msgstr ""
21156
21151
21157
#: serverguide/C/mail.xml:1087(para)
21152
#: serverguide/C/mail.xml:1146(para)
21158
21153
msgid ""
21159
21154
"All the configuration files belonging to router type are stored in the "
21160
21155
"<filename>/etc/exim4/conf.d/router/</filename> directory. You can add the "
21162
21157
"config_mailman</filename>: <placeholder-1/>"
21163
21158
msgstr ""
21164
21159
21165
#: serverguide/C/mail.xml:1104(para)
21160
#: serverguide/C/mail.xml:1163(para)
21166
21161
msgid ""
21167
21162
"The order of main and transport configuration files can be in any order. "
21168
21163
"But, the order of router configuration files must be the same. This "
21172
21167
"details, please refer to the references section."
21173
21168
msgstr ""
21174
21169
21175
#: serverguide/C/mail.xml:1117(para)
21170
#: serverguide/C/mail.xml:1176(para)
21176
21171
msgid ""
21177
21172
"Once mailman is installed, you can run it using the following command:"
21178
21173
msgstr ""
21181
21176
msgid "sudo service mailman start"
21182
21177
msgstr ""
21183
21178
21184
#: serverguide/C/mail.xml:1123(para)
21179
#: serverguide/C/mail.xml:1182(para)
21185
21180
msgid ""
21186
21181
"Once mailman is installed, you should create the default mailing list. Run "
21187
21182
"the following command to create the mailing list:"
21188
21183
msgstr ""
21189
21184
21190
#: serverguide/C/mail.xml:1129(command)
21185
#: serverguide/C/mail.xml:1188(command)
21191
21186
msgid "sudo /usr/sbin/newlist mailman"
21192
21187
msgstr ""
21193
21188
21194
#: serverguide/C/mail.xml:1132(programlisting)
21189
#: serverguide/C/mail.xml:1191(programlisting)
21195
21190
#, no-wrap
21196
21191
msgid ""
21197
21192
"\n"
21222
21217
" # \n"
21223
21218
msgstr ""
21224
21219
21225
#: serverguide/C/mail.xml:1155(para)
21220
#: serverguide/C/mail.xml:1214(para)
21226
21221
msgid ""
21227
21222
"We have configured either Postfix or Exim4 to recognize all emails from "
21228
21223
"mailman. So, it is not mandatory to make any new entries in "
21231
21226
"continuing to next section."
21232
21227
msgstr ""
21233
21228
21234
#: serverguide/C/mail.xml:1163(para)
21229
#: serverguide/C/mail.xml:1222(para)
21235
21230
msgid ""
21236
21231
"The Exim4 does not use the above aliases to forward mails to Mailman, as it "
21237
21232
"uses a <emphasis>discover</emphasis> approach. To suppress the aliases while "
21239
21234
"configuration file, <filename>/etc/mailman/mm_cfg.py</filename>."
21240
21235
msgstr ""
21241
21236
21242
#: serverguide/C/mail.xml:1174(title)
21237
#: serverguide/C/mail.xml:1233(title)
21243
21238
msgid "Administration"
21244
21239
msgstr "Skrbništvo"
21245
21240
21246
#: serverguide/C/mail.xml:1175(para)
21241
#: serverguide/C/mail.xml:1234(para)
21247
21242
msgid ""
21248
21243
"We assume you have a default installation. The mailman cgi scripts are still "
21249
21244
"in the <application>/usr/lib/cgi-bin/mailman/</application> directory. "
21251
21246
"point your browser to the following url:"
21252
21247
msgstr ""
21253
21248
21254
#: serverguide/C/mail.xml:1183(para)
21249
#: serverguide/C/mail.xml:1242(para)
21255
21250
msgid "http://hostname/cgi-bin/mailman/admin"
21256
21251
msgstr ""
21257
21252
21258
#: serverguide/C/mail.xml:1187(para)
21253
#: serverguide/C/mail.xml:1246(para)
21259
21254
msgid ""
21260
21255
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
21261
21256
"screen. If you click the mailing list name, it will ask for your "
21266
21261
"mailing list using the web interface."
21267
21262
msgstr ""
21268
21263
21269
#: serverguide/C/mail.xml:1200(title)
21264
#: serverguide/C/mail.xml:1259(title)
21270
21265
msgid "Users"
21271
21266
msgstr "Uporabniki"
21272
21267
21273
#: serverguide/C/mail.xml:1201(para)
21268
#: serverguide/C/mail.xml:1260(para)
21274
21269
msgid ""
21275
21270
"Mailman provides a web based interface for users. To access this page, point "
21276
21271
"your browser to the following url:"
21277
21272
msgstr ""
21278
21273
21279
#: serverguide/C/mail.xml:1206(para)
21274
#: serverguide/C/mail.xml:1265(para)
21280
21275
msgid "http://hostname/cgi-bin/mailman/listinfo"
21281
21276
msgstr ""
21282
21277
21283
#: serverguide/C/mail.xml:1210(para)
21278
#: serverguide/C/mail.xml:1269(para)
21284
21279
msgid ""
21285
21280
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
21286
21281
"screen. If you click the mailing list name, it will display the subscription "
21289
21284
"instructions in the email to subscribe."
21290
21285
msgstr ""
21291
21286
21292
#: serverguide/C/mail.xml:1222(ulink)
21287
#: serverguide/C/mail.xml:1281(ulink)
21293
21288
msgid "GNU Mailman - Installation Manual"
21294
21289
msgstr ""
21295
21290
21296
#: serverguide/C/mail.xml:1226(ulink)
21291
#: serverguide/C/mail.xml:1285(ulink)
21297
21292
msgid "HOWTO - Using Exim 4 and Mailman 2.1 together"
21298
21293
msgstr ""
21299
21294
21300
#: serverguide/C/mail.xml:1229(para)
21295
#: serverguide/C/mail.xml:1288(para)
21301
21296
msgid ""
21302
21297
"Also, see the <ulink "
21303
21298
"url=\"https://help.ubuntu.com/community/Mailman\">Mailman Ubuntu "
21307
21302
"url=\"https://help.ubuntu.com/community/Mailman\">Mailman na Ubuntu "
21308
21303
"Wiki</ulink>."
21309
21304
21310
#: serverguide/C/mail.xml:1235(title)
21305
#: serverguide/C/mail.xml:1294(title)
21311
21306
msgid "Mail Filtering"
21312
21307
msgstr ""
21313
21308
21314
#: serverguide/C/mail.xml:1236(para)
21309
#: serverguide/C/mail.xml:1295(para)
21315
21310
msgid ""
21316
21311
"One of the largest issues with email today is the problem of Unsolicited "
21317
21312
"Bulk Email (UBE). Also known as SPAM, such messages may also carry viruses "
21319
21314
"the bulk of all email traffic on the Internet."
21320
21315
msgstr ""
21321
21316
21322
#: serverguide/C/mail.xml:1241(para)
21317
#: serverguide/C/mail.xml:1300(para)
21323
21318
msgid ""
21324
21319
"This section will cover integrating <application>Amavisd-new</application>, "
21325
21320
"<application>Spamassassin</application>, and "
21333
21328
"spf</application>."
21334
21329
msgstr ""
21335
21330
21336
#: serverguide/C/mail.xml:1251(para)
21331
#: serverguide/C/mail.xml:1310(para)
21337
21332
msgid ""
21338
21333
"<application>Amavisd-new</application> is a wrapper program that can call "
21339
21334
"any number of content filtering programs for spam detection, antivirus, etc."
21340
21335
msgstr ""
21341
21336
21342
#: serverguide/C/mail.xml:1257(para)
21337
#: serverguide/C/mail.xml:1316(para)
21343
21338
msgid ""
21344
21339
"<application>Spamassassin</application> uses a variety of mechanisms to "
21345
21340
"filter email based on the message content."
21346
21341
msgstr ""
21347
21342
21348
#: serverguide/C/mail.xml:1262(para)
21343
#: serverguide/C/mail.xml:1321(para)
21349
21344
msgid ""
21350
21345
"<application>ClamAV</application> is an open source antivirus application."
21351
21346
msgstr ""
21352
21347
21353
#: serverguide/C/mail.xml:1267(para)
21348
#: serverguide/C/mail.xml:1326(para)
21354
21349
msgid ""
21355
21350
"<application>opendkim</application> implements a Sendmail Mail Filter "
21356
21351
"(Milter) for the DomainKeys Identified Mail (DKIM) standard."
21357
21352
msgstr ""
21358
21353
21359
#: serverguide/C/mail.xml:1273(para)
21354
#: serverguide/C/mail.xml:1332(para)
21360
21355
msgid ""
21361
21356
"<application>python-policyd-spf</application> enables Sender Policy "
21362
21357
"Framework (SPF) checking with <application>Postfix</application>."
21363
21358
msgstr ""
21364
21359
21365
#: serverguide/C/mail.xml:1278(para)
21360
#: serverguide/C/mail.xml:1337(para)
21366
21361
msgid "This is how the pieces fit together:"
21367
21362
msgstr ""
21368
21363
21369
#: serverguide/C/mail.xml:1283(para)
21364
#: serverguide/C/mail.xml:1342(para)
21370
21365
msgid "An email message is accepted by <application>Postfix</application>."
21371
21366
msgstr ""
21372
21367
21373
#: serverguide/C/mail.xml:1288(para)
21368
#: serverguide/C/mail.xml:1347(para)
21374
21369
msgid ""
21375
21370
"The message is passed through any external filters "
21376
21371
"<application>opendkim</application> and <application>python-policyd-"
21377
21372
"spf</application> in this case."
21378
21373
msgstr ""
21379
21374
21380
#: serverguide/C/mail.xml:1294(para)
21375
#: serverguide/C/mail.xml:1353(para)
21381
21376
msgid "<application>Amavisd-new</application> then processes the message."
21382
21377
msgstr ""
21383
21378
21384
#: serverguide/C/mail.xml:1299(para)
21379
#: serverguide/C/mail.xml:1358(para)
21385
21380
msgid ""
21386
21381
"<application>ClamAV</application> is used to scan the message. If the "
21387
21382
"message contains a virus <application>Postfix</application> will reject the "
21388
21383
"message."
21389
21384
msgstr ""
21390
21385
21391
#: serverguide/C/mail.xml:1305(para)
21386
#: serverguide/C/mail.xml:1364(para)
21392
21387
msgid ""
21393
21388
"Clean messages will then be analyzed by "
21394
21389
"<application>Spamassassin</application> to find out if the message is spam. "
21397
21392
"message."
21398
21393
msgstr ""
21399
21394
21400
#: serverguide/C/mail.xml:1312(para)
21395
#: serverguide/C/mail.xml:1371(para)
21401
21396
msgid ""
21402
21397
"For example, if a message has a Spam score of over fifty the message could "
21403
21398
"be automatically dropped from the queue without the recipient ever having to "
21406
21401
"see fit."
21407
21402
msgstr ""
21408
21403
21409
#: serverguide/C/mail.xml:1319(para)
21404
#: serverguide/C/mail.xml:1378(para)
21410
21405
msgid ""
21411
21406
"See <xref linkend=\"postfix\"/> for instructions on installing and "
21412
21407
"configuring Postfix."
21413
21408
msgstr ""
21414
21409
21415
#: serverguide/C/mail.xml:1322(para)
21410
#: serverguide/C/mail.xml:1381(para)
21416
21411
msgid ""
21417
21412
"To install the rest of the applications enter the following from a terminal "
21418
21413
"prompt:"
21419
21414
msgstr ""
21420
21415
21421
#: serverguide/C/mail.xml:1326(command)
21416
#: serverguide/C/mail.xml:1385(command)
21422
21417
msgid "sudo apt-get install amavisd-new spamassassin clamav-daemon"
21423
21418
msgstr ""
21424
21419
21425
#: serverguide/C/mail.xml:1327(command)
21420
#: serverguide/C/mail.xml:1386(command)
21426
21421
msgid "sudo apt-get install opendkim postfix-policyd-spf-python"
21427
21422
msgstr ""
21428
21423
21429
#: serverguide/C/mail.xml:1329(para)
21424
#: serverguide/C/mail.xml:1388(para)
21430
21425
msgid ""
21431
21426
"There are some optional packages that integrate with "
21432
21427
"<application>Spamassassin</application> for better spam detection:"
21433
21428
msgstr ""
21434
21429
21435
#: serverguide/C/mail.xml:1333(command)
21430
#: serverguide/C/mail.xml:1392(command)
21436
21431
msgid "sudo apt-get install pyzor razor"
21437
21432
msgstr ""
21438
21433
21439
#: serverguide/C/mail.xml:1335(para)
21434
#: serverguide/C/mail.xml:1394(para)
21440
21435
msgid ""
21441
21436
"Along with the main filtering applications compression utilities are needed "
21442
21437
"to process some email attachments:"
21443
21438
msgstr ""
21444
21439
21445
#: serverguide/C/mail.xml:1339(command)
21440
#: serverguide/C/mail.xml:1398(command)
21446
21441
msgid ""
21447
21442
"sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip"
21448
21443
msgstr ""
21449
21444
21450
#: serverguide/C/mail.xml:1342(para)
21445
#: serverguide/C/mail.xml:1401(para)
21451
21446
msgid ""
21452
21447
"If some packages are not found, check that the "
21453
21448
"<emphasis>multiverse</emphasis> repository is enabled in "
21454
21449
"<filename>/etc/apt/sources.list</filename>"
21455
21450
msgstr ""
21456
21451
21457
#: serverguide/C/mail.xml:1343(para)
21452
#: serverguide/C/mail.xml:1402(para)
21458
21453
msgid ""
21459
21454
"If you make changes to the file, be sure to run <command>sudo apt-get "
21460
21455
"update</command> before trying to install again."
21461
21456
msgstr ""
21462
21457
21463
#: serverguide/C/mail.xml:1348(para)
21458
#: serverguide/C/mail.xml:1407(para)
21464
21459
msgid "Now configure everything to work together and filter email."
21465
21460
msgstr ""
21466
21461
21467
#: serverguide/C/mail.xml:1352(title)
21462
#: serverguide/C/mail.xml:1411(title)
21468
21463
msgid "ClamAV"
21469
21464
msgstr "ClamAV"
21470
21465
21471
#: serverguide/C/mail.xml:1353(para)
21466
#: serverguide/C/mail.xml:1412(para)
21472
21467
msgid ""
21473
21468
"The default behaviour of <application>ClamAV</application> will fit our "
21474
21469
"needs. For more ClamAV configuration options, check the configuration files "
21475
21470
"in <filename>/etc/clamav</filename>."
21476
21471
msgstr ""
21477
21472
21478
#: serverguide/C/mail.xml:1358(para)
21473
#: serverguide/C/mail.xml:1417(para)
21479
21474
msgid ""
21480
21475
"Add the <emphasis>clamav</emphasis> user to the <emphasis>amavis</emphasis> "
21481
21476
"group in order for <application>Amavisd-new</application> to have the "
21482
21477
"appropriate access to scan files:"
21483
21478
msgstr ""
21484
21479
21485
#: serverguide/C/mail.xml:1363(command)
21480
#: serverguide/C/mail.xml:1422(command)
21486
21481
msgid "sudo adduser clamav amavis"
21487
21482
msgstr ""
21488
21483
21489
#: serverguide/C/mail.xml:1364(command)
21484
#: serverguide/C/mail.xml:1423(command)
21490
21485
msgid "sudo adduser amavis clamav"
21491
21486
msgstr ""
21492
21487
21493
#: serverguide/C/mail.xml:1368(title)
21488
#: serverguide/C/mail.xml:1427(title)
21494
21489
msgid "Spamassassin"
21495
21490
msgstr "Spamassassin"
21496
21491
21497
#: serverguide/C/mail.xml:1369(para)
21492
#: serverguide/C/mail.xml:1428(para)
21498
21493
msgid ""
21499
21494
"Spamassassin automatically detects optional components and will use them if "
21500
21495
"they are present. This means that there is no need to configure "
21501
21496
"<application>pyzor</application> and <application>razor</application>."
21502
21497
msgstr ""
21503
21498
21504
#: serverguide/C/mail.xml:1373(para)
21499
#: serverguide/C/mail.xml:1432(para)
21505
21500
msgid ""
21506
21501
"Edit <filename>/etc/default/spamassassin</filename> to activate the "
21507
21502
"<application>Spamassassin</application> daemon. Change "
21508
21503
"<emphasis>ENABLED=0</emphasis> to:"
21509
21504
msgstr ""
21510
21505
21511
#: serverguide/C/mail.xml:1377(programlisting)
21506
#: serverguide/C/mail.xml:1436(programlisting)
21512
21507
#, no-wrap
21513
21508
msgid ""
21514
21509
"\n"
21515
21510
"ENABLED=1\n"
21516
21511
msgstr ""
21517
21512
21518
#: serverguide/C/mail.xml:1380(para)
21513
#: serverguide/C/mail.xml:1439(para)
21519
21514
msgid "Now start the daemon:"
21520
21515
msgstr ""
21521
21516
21523
21518
msgid "sudo service spamassassin start"
21524
21519
msgstr ""
21525
21520
21526
#: serverguide/C/mail.xml:1388(title)
21521
#: serverguide/C/mail.xml:1447(title)
21527
21522
msgid "Amavisd-new"
21528
21523
msgstr ""
21529
21524
21530
#: serverguide/C/mail.xml:1389(para)
21525
#: serverguide/C/mail.xml:1448(para)
21531
21526
msgid ""
21532
21527
"First activate spam and antivirus detection in <application>Amavisd-"
21533
21528
"new</application> by editing <filename>/etc/amavis/conf.d/15-"
21534
21529
"content_filter_mode</filename>:"
21535
21530
msgstr ""
21536
21531
21537
#: serverguide/C/mail.xml:1393(programlisting)
21532
#: serverguide/C/mail.xml:1452(programlisting)
21538
21533
#, no-wrap
21539
21534
msgid ""
21540
21535
"\n"
21565
21560
"1; # insure a defined return\n"
21566
21561
msgstr ""
21567
21562
21568
#: serverguide/C/mail.xml:1419(para)
21563
#: serverguide/C/mail.xml:1477(para)
21569
21564
msgid ""
21570
21565
"Bouncing spam can be a bad idea as the return address is often faked. The "
21571
21566
"default behaviour is to instead discard. This is configured in "
21574
21569
"D_BOUNCE."
21575
21570
msgstr ""
21576
21571
21577
#: serverguide/C/mail.xml:1425(para)
21572
#: serverguide/C/mail.xml:1483(para)
21578
21573
msgid ""
21579
21574
"Additionally, you may want to adjust the following options to flag more "
21580
21575
"messages as spam:"
21581
21576
msgstr ""
21582
21577
21583
#: serverguide/C/mail.xml:1429(programlisting)
21578
#: serverguide/C/mail.xml:1487(programlisting)
21584
21579
#, no-wrap
21585
21580
msgid ""
21586
21581
"\n"
21591
21586
"$sa_dsn_cutoff_level = 4; # spam level beyond which a DSN is not sent\n"
21592
21587
msgstr ""
21593
21588
21594
#: serverguide/C/mail.xml:1436(para)
21589
#: serverguide/C/mail.xml:1494(para)
21595
21590
msgid ""
21596
21591
"If the server's <emphasis>hostname</emphasis> is different from the domain's "
21597
21592
"MX record you may need to manually set the <emphasis>$myhostname</emphasis> "
21600
21595
"Edit the <filename>/etc/amavis/conf.d/50-user</filename> file:"
21601
21596
msgstr ""
21602
21597
21603
#: serverguide/C/mail.xml:1443(programlisting)
21598
#: serverguide/C/mail.xml:1501(programlisting)
21604
21599
#, no-wrap
21605
21600
msgid ""
21606
21601
"\n"
21608
21603
"@local_domains_acl = ( \"example.com\", \"example.org\" );\n"
21609
21604
msgstr ""
21610
21605
21611
#: serverguide/C/mail.xml:1448(para)
21606
#: serverguide/C/mail.xml:1506(para)
21612
21607
msgid ""
21613
21608
"If you want to cover multiple domains you can use the following in "
21614
21609
"the<filename>/etc/amavis/conf.d/50-user</filename>"
21615
21610
msgstr ""
21616
21611
21617
#: serverguide/C/mail.xml:1451(programlisting)
21612
#: serverguide/C/mail.xml:1509(programlisting)
21618
21613
#, no-wrap
21619
21614
msgid ""
21620
21615
"\n"
21621
21616
"@local_domains_acl = qw(.);\n"
21622
21617
msgstr ""
21623
21618
21624
#: serverguide/C/mail.xml:1455(para)
21619
#: serverguide/C/mail.xml:1513(para)
21625
21620
msgid ""
21626
21621
"After configuration <application>Amavisd-new</application> needs to be "
21627
21622
"restarted:"
21631
21626
msgid "sudo service amavis restart"
21632
21627
msgstr ""
21633
21628
21634
#: serverguide/C/mail.xml:1462(title)
21629
#: serverguide/C/mail.xml:1520(title)
21635
21630
msgid "DKIM Whitelist"
21636
21631
msgstr ""
21637
21632
21638
#: serverguide/C/mail.xml:1464(para)
21633
#: serverguide/C/mail.xml:1522(para)
21639
21634
msgid ""
21640
21635
"<application>Amavisd-new</application> can be configured to automatically "
21641
21636
"<emphasis>Whitelist</emphasis> addresses from domains with valid Domain "
21643
21638
"<filename>/etc/amavis/conf.d/40-policy_banks</filename>."
21644
21639
msgstr ""
21645
21640
21646
#: serverguide/C/mail.xml:1470(para)
21641
#: serverguide/C/mail.xml:1528(para)
21647
21642
msgid "There are multiple ways to configure the Whitelist for a domain:"
21648
21643
msgstr ""
21649
21644
21650
#: serverguide/C/mail.xml:1476(para)
21645
#: serverguide/C/mail.xml:1534(para)
21651
21646
msgid ""
21652
21647
"<emphasis>'example.com' => 'WHITELIST',</emphasis>: will whitelist any "
21653
21648
"address from the \"example.com\" domain."
21654
21649
msgstr ""
21655
21650
21656
#: serverguide/C/mail.xml:1481(para)
21651
#: serverguide/C/mail.xml:1539(para)
21657
21652
msgid ""
21658
21653
"<emphasis>'.example.com' => 'WHITELIST',</emphasis>: will whitelist any "
21659
21654
"address from any <emphasis>subdomains</emphasis> of \"example.com\" that "
21660
21655
"have a valid signature."
21661
21656
msgstr ""
21662
21657
21663
#: serverguide/C/mail.xml:1487(para)
21658
#: serverguide/C/mail.xml:1545(para)
21664
21659
msgid ""
21665
21660
"<emphasis>'.example.com/@example.com' => 'WHITELIST',</emphasis>: will "
21666
21661
"whitelist subdomains of \"example.com\" that use the signature of <emphasis "
21667
21662
"role=\"italic\">example.com</emphasis> the parent domain."
21668
21663
msgstr ""
21669
21664
21670
#: serverguide/C/mail.xml:1493(para)
21665
#: serverguide/C/mail.xml:1551(para)
21671
21666
msgid ""
21672
21667
"<emphasis>'./@example.com' => 'WHITELIST',</emphasis>: adds addresses "
21673
21668
"that have a valid signature from \"example.com\". This is usually used for "
21674
21669
"discussion groups that sign their messages."
21675
21670
msgstr ""
21676
21671
21677
#: serverguide/C/mail.xml:1500(para)
21672
#: serverguide/C/mail.xml:1558(para)
21678
21673
msgid ""
21679
21674
"A domain can also have multiple Whitelist configurations. After editing the "
21680
21675
"file, restart <application>amavisd-new</application>:"
21681
21676
msgstr ""
21682
21677
21683
#: serverguide/C/mail.xml:1510(para)
21678
#: serverguide/C/mail.xml:1568(para)
21684
21679
msgid ""
21685
21680
"In this context, once a domain has been added to the Whitelist the message "
21686
21681
"will not receive any anti-virus or spam filtering. This may or may not be "
21687
21682
"the intended behavior you wish for a domain."
21688
21683
msgstr ""
21689
21684
21690
#: serverguide/C/mail.xml:1520(para)
21685
#: serverguide/C/mail.xml:1578(para)
21691
21686
msgid ""
21692
21687
"For <application>Postfix</application> integration, enter the following from "
21693
21688
"a terminal prompt:"
21694
21689
msgstr ""
21695
21690
21696
#: serverguide/C/mail.xml:1524(command)
21691
#: serverguide/C/mail.xml:1582(command)
21697
21692
msgid "sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'"
21698
21693
msgstr ""
21699
21694
21700
#: serverguide/C/mail.xml:1526(para)
21695
#: serverguide/C/mail.xml:1584(para)
21701
21696
msgid ""
21702
21697
"Next edit <filename>/etc/postfix/master.cf</filename> and add the following "
21703
21698
"to the end of the file:"
21736
21731
"_milters\n"
21737
21732
msgstr ""
21738
21733
21739
#: serverguide/C/mail.xml:1556(para)
21734
#: serverguide/C/mail.xml:1614(para)
21740
21735
msgid ""
21741
21736
"Also add the following two lines immediately below the "
21742
21737
"<emphasis>\"pickup\"</emphasis> transport service:"
21743
21738
msgstr ""
21744
21739
21745
#: serverguide/C/mail.xml:1559(programlisting)
21740
#: serverguide/C/mail.xml:1617(programlisting)
21746
21741
#, no-wrap
21747
21742
msgid ""
21748
21743
"\n"
21750
21745
" -o receive_override_options=no_header_body_checks\n"
21751
21746
msgstr ""
21752
21747
21753
#: serverguide/C/mail.xml:1563(para)
21748
#: serverguide/C/mail.xml:1621(para)
21754
21749
msgid ""
21755
21750
"This will prevent messages that are generated to report on spam from being "
21756
21751
"classified as spam."
21757
21752
msgstr ""
21758
21753
21759
#: serverguide/C/mail.xml:1566(para)
21754
#: serverguide/C/mail.xml:1624(para)
21760
21755
msgid "Now restart <application>Postfix</application>:"
21761
21756
msgstr ""
21762
21757
21763
#: serverguide/C/mail.xml:1572(para)
21758
#: serverguide/C/mail.xml:1630(para)
21764
21759
msgid "Content filtering with spam and virus detection is now enabled."
21765
21760
msgstr ""
21766
21761
21767
#: serverguide/C/mail.xml:1578(title)
21762
#: serverguide/C/mail.xml:1636(title)
21768
21763
msgid "Amavisd-new and Spamassassin"
21769
21764
msgstr "Amavisd-new in Spamassassin"
21770
21765
21771
#: serverguide/C/mail.xml:1580(para)
21766
#: serverguide/C/mail.xml:1638(para)
21772
21767
msgid ""
21773
21768
"When integrating <application>Amavisd-new</application> with "
21774
21769
"<application>Spamassassin</application>, if you choose to disable the bayes "
21779
21774
"<application>cron</application> job."
21780
21775
msgstr ""
21781
21776
21782
#: serverguide/C/mail.xml:1587(para)
21777
#: serverguide/C/mail.xml:1645(para)
21783
21778
msgid "There are several ways to handle this situation:"
21784
21779
msgstr ""
21785
21780
21786
#: serverguide/C/mail.xml:1593(para)
21781
#: serverguide/C/mail.xml:1651(para)
21787
21782
msgid "Configure your MDA to filter messages you do not wish to see."
21788
21783
msgstr ""
21789
21784
21790
#: serverguide/C/mail.xml:1598(para)
21785
#: serverguide/C/mail.xml:1656(para)
21791
21786
msgid ""
21792
21787
"Change <filename>/usr/sbin/amavisd-new-cronjob</filename> to check for "
21793
21788
"<emphasis>use_bayes 0</emphasis>. For example, edit "
21795
21790
"the top before the <emphasis>test</emphasis> statements:"
21796
21791
msgstr ""
21797
21792
21798
#: serverguide/C/mail.xml:1602(programlisting)
21793
#: serverguide/C/mail.xml:1660(programlisting)
21799
21794
#, no-wrap
21800
21795
msgid ""
21801
21796
"\n"
21803
21798
"exit 0\n"
21804
21799
msgstr ""
21805
21800
21806
#: serverguide/C/mail.xml:1612(para)
21801
#: serverguide/C/mail.xml:1670(para)
21807
21802
msgid ""
21808
21803
"First, test that the <application>Amavisd-new</application> SMTP is "
21809
21804
"listening:"
21810
21805
msgstr ""
21811
21806
21812
#: serverguide/C/mail.xml:1615(programlisting)
21807
#: serverguide/C/mail.xml:1673(programlisting)
21813
21808
#, no-wrap
21814
21809
msgid ""
21815
21810
"\n"
21821
21816
"^]\n"
21822
21817
msgstr ""
21823
21818
21824
#: serverguide/C/mail.xml:1623(para)
21819
#: serverguide/C/mail.xml:1681(para)
21825
21820
msgid ""
21826
21821
"In the Header of messages that go through the content filter you should see:"
21827
21822
msgstr ""
21828
21823
21829
#: serverguide/C/mail.xml:1626(programlisting)
21824
#: serverguide/C/mail.xml:1684(programlisting)
21830
21825
#, no-wrap
21831
21826
msgid ""
21832
21827
"\n"
21837
21832
"X-Spam-Level: \n"
21838
21833
msgstr ""
21839
21834
21840
#: serverguide/C/mail.xml:1633(para)
21835
#: serverguide/C/mail.xml:1691(para)
21841
21836
msgid ""
21842
21837
"Your output will vary, but the important thing is that there are <emphasis>X-"
21843
21838
"Virus-Scanned</emphasis> and <emphasis>X-Spam-Status</emphasis> entries."
21844
21839
msgstr ""
21845
21840
21846
#: serverguide/C/mail.xml:1641(para)
21841
#: serverguide/C/mail.xml:1699(para)
21847
21842
msgid ""
21848
21843
"The best way to figure out why something is going wrong is to check the log "
21849
21844
"files."
21850
21845
msgstr ""
21851
21846
21852
#: serverguide/C/mail.xml:1646(para)
21847
#: serverguide/C/mail.xml:1704(para)
21853
21848
msgid ""
21854
21849
"For instructions on <application>Postfix</application> logging see the <xref "
21855
21850
"linkend=\"postfix-troubleshooting\"/> section."
21856
21851
msgstr ""
21857
21852
21858
#: serverguide/C/mail.xml:1652(para)
21853
#: serverguide/C/mail.xml:1710(para)
21859
21854
msgid ""
21860
21855
"<application>Amavisd-new</application> uses "
21861
21856
"<application>Syslog</application> to send messages to "
21865
21860
"1 to 5."
21866
21861
msgstr ""
21867
21862
21868
#: serverguide/C/mail.xml:1657(programlisting)
21863
#: serverguide/C/mail.xml:1715(programlisting)
21869
21864
#, no-wrap
21870
21865
msgid ""
21871
21866
"\n"
21872
21867
"$log_level = 2;\n"
21873
21868
msgstr ""
21874
21869
21875
#: serverguide/C/mail.xml:1661(para)
21870
#: serverguide/C/mail.xml:1719(para)
21876
21871
msgid ""
21877
21872
"When the <application>Amavisd-new</application> log output is increased "
21878
21873
"<application>Spamassassin</application> log output is also increased."
21879
21874
msgstr ""
21880
21875
21881
#: serverguide/C/mail.xml:1668(para)
21876
#: serverguide/C/mail.xml:1726(para)
21882
21877
msgid ""
21883
21878
"The <application>ClamAV</application> log level can be increased by editing "
21884
21879
"<filename>/etc/clamav/clamd.conf</filename> and setting the following option:"
21885
21880
msgstr ""
21886
21881
21887
#: serverguide/C/mail.xml:1672(programlisting)
21882
#: serverguide/C/mail.xml:1730(programlisting)
21888
21883
#, no-wrap
21889
21884
msgid ""
21890
21885
"\n"
21891
21886
"LogVerbose true\n"
21892
21887
msgstr ""
21893
21888
21894
#: serverguide/C/mail.xml:1675(para)
21889
#: serverguide/C/mail.xml:1733(para)
21895
21890
msgid ""
21896
21891
"By default <application>ClamAV</application> will send log messages to "
21897
21892
"<filename>/var/log/clamav/clamav.log</filename>."
21898
21893
msgstr ""
21899
21894
21900
#: serverguide/C/mail.xml:1681(para)
21895
#: serverguide/C/mail.xml:1739(para)
21901
21896
msgid ""
21902
21897
"After changing an applications log settings remember to restart the service "
21903
21898
"for the new settings to take affect. Also, once the issue you are "
21905
21900
"back to normal."
21906
21901
msgstr ""
21907
21902
21908
#: serverguide/C/mail.xml:1689(para)
21903
#: serverguide/C/mail.xml:1747(para)
21909
21904
msgid "For more information on filtering mail see the following links:"
21910
21905
msgstr ""
21911
21906
21912
#: serverguide/C/mail.xml:1695(ulink)
21907
#: serverguide/C/mail.xml:1753(ulink)
21913
21908
msgid "Amavisd-new Documentation"
21914
21909
msgstr ""
21915
21910
21916
#: serverguide/C/mail.xml:1699(para)
21911
#: serverguide/C/mail.xml:1757(para)
21917
21912
msgid ""
21918
21913
"<ulink url=\"http://www.clamav.net/doc/latest/html/\">ClamAV "
21919
21914
"Documentation</ulink> and <ulink "
21920
21915
"url=\"http://wiki.clamav.net/Main/WebHome\">ClamAV Wiki</ulink>"
21921
21916
msgstr ""
21922
21917
21923
#: serverguide/C/mail.xml:1706(ulink)
21918
#: serverguide/C/mail.xml:1764(ulink)
21924
21919
msgid "Spamassassin Wiki"
21925
21920
msgstr "Spamassassin Wiki"
21926
21921
21927
#: serverguide/C/mail.xml:1711(ulink)
21922
#: serverguide/C/mail.xml:1769(ulink)
21928
21923
msgid "Pyzor Homepage"
21929
21924
msgstr ""
21930
21925
21931
#: serverguide/C/mail.xml:1716(ulink)
21926
#: serverguide/C/mail.xml:1774(ulink)
21932
21927
msgid "Razor Homepage"
21933
21928
msgstr ""
21934
21929
21935
#: serverguide/C/mail.xml:1721(ulink)
21930
#: serverguide/C/mail.xml:1779(ulink)
21936
21931
msgid "DKIM.org"
21937
21932
msgstr "DKIM.org"
21938
21933
21939
#: serverguide/C/mail.xml:1726(ulink)
21934
#: serverguide/C/mail.xml:1784(ulink)
21940
21935
msgid "Postfix Amavis New"
21941
21936
msgstr ""
21942
21937
21943
#: serverguide/C/mail.xml:1730(para)
21938
#: serverguide/C/mail.xml:1788(para)
21944
21939
msgid ""
21945
21940
"Also, feel free to ask questions in the <emphasis>#ubuntu-server</emphasis> "
21946
21941
"IRC channel on <ulink url=\"http://freenode.net\">freenode</ulink>."
22045
22040
22046
22041
#: serverguide/C/lamp-applications.xml:104(para)
22047
22042
msgid ""
22048
"MoinMoin is a Wiki engine implemented in Python, based on the PikiPiki Wiki "
22043
"MoinMoin is a wiki engine implemented in Python, based on the PikiPiki Wiki "
22049
22044
"engine, and licensed under the GNU GPL."
22050
22045
msgstr ""
22051
22046
22062
22057
#: serverguide/C/lamp-applications.xml:121(para)
22063
22058
msgid ""
22064
22059
"You should also install <application>apache2</application> web server. For "
22065
"installing <application>apache2</application> web server, please refer to "
22066
"<xref linkend=\"http-installation\"/> sub-section in <xref "
22060
"installing the <application>apache2</application> web server, please refer "
22061
"to <xref linkend=\"http-installation\"/> sub-section in <xref "
22067
22062
"linkend=\"httpd\"/> section."
22068
22063
msgstr ""
22069
22064
22070
22065
#: serverguide/C/lamp-applications.xml:132(para)
22071
22066
msgid ""
22072
"For configuring your first Wiki application, please run the following set of "
22073
"commands. Let us assume that you are creating a Wiki named "
22067
"To configure your first wiki application, please run the following set of "
22068
"commands. Let us assume that you are creating a wiki named "
22074
22069
"<emphasis>mywiki</emphasis>:"
22075
22070
msgstr ""
22076
22071
22109
22104
#: serverguide/C/lamp-applications.xml:149(para)
22110
22105
msgid ""
22111
22106
"Now you should configure <application>MoinMoin</application> to find your "
22112
"new Wiki <emphasis>mywiki</emphasis>. To configure "
22107
"new wiki <emphasis>mywiki</emphasis>. To configure "
22113
22108
"<application>MoinMoin</application>, open "
22114
22109
"<filename>/etc/moin/mywiki.py</filename> file and change the following line:"
22115
22110
msgstr ""
22145
22140
22146
22141
#: serverguide/C/lamp-applications.xml:174(para)
22147
22142
msgid ""
22148
"If the <filename>/etc/moin/mywiki.py</filename> file does not exists, you "
22143
"If the <filename>/etc/moin/mywiki.py</filename> file does not exist, you "
22149
22144
"should copy <filename>/usr/share/moin/config/wikifarm/mywiki.py</filename> "
22150
22145
"file to <filename>/etc/moin/mywiki.py</filename> file and do the above "
22151
22146
"mentioned change."
22153
22148
22154
22149
#: serverguide/C/lamp-applications.xml:182(para)
22155
22150
msgid ""
22156
"If you have named your Wiki as <emphasis>my_wiki_name</emphasis> you should "
22151
"If you have named your wiki as <emphasis>my_wiki_name</emphasis> you should "
22157
22152
"insert a line <quote>(\"my_wiki_name\", r\".*\")</quote> in "
22158
22153
"<filename>/etc/moin/farmconfig.py</filename> file after the line "
22159
22154
"<quote>(\"mywiki\", r\".*\")</quote>."
22162
22157
#: serverguide/C/lamp-applications.xml:190(para)
22163
22158
msgid ""
22164
22159
"Once you have configured <application>MoinMoin</application> to find your "
22165
"first Wiki application <emphasis>mywiki</emphasis>, you should configure "
22166
"<application>apache2</application> and make it ready for your Wiki "
22167
"application."
22160
"first wiki application, <emphasis>mywiki</emphasis>, you should configure "
22161
"<application>apache2</application> and make it ready for your wiki."
22168
22162
msgstr ""
22169
22163
22170
22164
#: serverguide/C/lamp-applications.xml:197(para)
22180
22174
"\n"
22181
22175
"### moin\n"
22182
22176
" ScriptAlias /mywiki \"/usr/share/moin/mywiki/moin.cgi\"\n"
22183
" alias /moin_static193 \"/usr/share/moin/htdocs\"\n"
22177
" alias /moin_static<version> \"/usr/share/moin/htdocs\"\n"
22184
22178
" <Directory /usr/share/moin/htdocs>\n"
22185
22179
" Order allow,deny\n"
22186
22180
" allow from all\n"
22189
22183
msgstr ""
22190
22184
22191
22185
#: serverguide/C/lamp-applications.xml:214(para)
22186
msgid "The version in the above example is determined by running:"
22187
msgstr ""
22188
22189
#: serverguide/C/lamp-applications.xml:218(programlisting)
22190
#, no-wrap
22191
msgid ""
22192
"\n"
22193
"$ moin --version\n"
22194
msgstr ""
22195
22196
#: serverguide/C/lamp-applications.xml:222(para)
22197
msgid "If the output shows version 1.9.7, your second line should be:"
22198
msgstr ""
22199
22200
#: serverguide/C/lamp-applications.xml:226(programlisting)
22201
#, no-wrap
22202
msgid ""
22203
"\n"
22204
"alias /moin_static197 \"/usr/share/moin/htdocs\"\n"
22205
msgstr ""
22206
22207
#: serverguide/C/lamp-applications.xml:230(para)
22192
22208
msgid ""
22193
22209
"Once you configure the <application>apache2</application> web server and "
22194
"make it ready for your Wiki application, you should restart it. You can run "
22210
"make it ready for your wiki application, you should restart it. You can run "
22195
22211
"the following command to restart the <application>apache2</application> web "
22196
22212
"server:"
22197
22213
msgstr ""
22198
22214
22199
#: serverguide/C/lamp-applications.xml:227(title) serverguide/C/installation.xml:1242(title)
22215
#: serverguide/C/lamp-applications.xml:243(title) serverguide/C/installation.xml:1315(title)
22200
22216
msgid "Verification"
22201
22217
msgstr ""
22202
22218
22203
#: serverguide/C/lamp-applications.xml:229(para)
22219
#: serverguide/C/lamp-applications.xml:245(para)
22204
22220
msgid ""
22205
22221
"You can verify the Wiki application and see if it works by pointing your web "
22206
22222
"browser to the following URL:"
22207
22223
msgstr ""
22208
22224
22209
#: serverguide/C/lamp-applications.xml:233(programlisting)
22225
#: serverguide/C/lamp-applications.xml:249(programlisting)
22210
22226
#, no-wrap
22211
22227
msgid ""
22212
22228
"\n"
22215
22231
"\n"
22216
22232
"http://localhost/moj-wiki\n"
22217
22233
22218
#: serverguide/C/lamp-applications.xml:237(para)
22234
#: serverguide/C/lamp-applications.xml:253(para)
22219
22235
msgid ""
22220
22236
"For more details, please refer to the <ulink "
22221
22237
"url=\"http://moinmo.in/\">MoinMoin</ulink> web site."
22222
22238
msgstr ""
22223
22239
22224
#: serverguide/C/lamp-applications.xml:248(para)
22240
#: serverguide/C/lamp-applications.xml:264(para)
22225
22241
msgid ""
22226
22242
"For more information see the <ulink url=\"http://moinmo.in/\">moinmoin "
22227
22243
"Wiki</ulink>."
22229
22245
"Za več podatkov si oglejte <ulink url=\"http://moinmo.in/\">moinmoin "
22230
22246
"Wiki</ulink>."
22231
22247
22232
#: serverguide/C/lamp-applications.xml:253(para)
22248
#: serverguide/C/lamp-applications.xml:269(para)
22233
22249
msgid ""
22234
22250
"Also, see the <ulink "
22235
22251
"url=\"https://help.ubuntu.com/community/MoinMoin\">Ubuntu Wiki "
22239
22255
"url=\"https://help.ubuntu.com/community/MoinMoin\">MoinMoin na Ubuntu "
22240
22256
"Wiki</ulink>."
22241
22257
22242
#: serverguide/C/lamp-applications.xml:262(title)
22258
#: serverguide/C/lamp-applications.xml:278(title)
22243
22259
msgid "MediaWiki"
22244
22260
msgstr "MediaWiki"
22245
22261
22246
#: serverguide/C/lamp-applications.xml:264(para)
22262
#: serverguide/C/lamp-applications.xml:280(para)
22247
22263
msgid ""
22248
22264
"MediaWiki is an web based Wiki software written in the PHP language. It can "
22249
22265
"either use <application>MySQL</application> or "
22250
22266
"<application>PostgreSQL</application> Database Management System."
22251
22267
msgstr ""
22252
22268
22253
#: serverguide/C/lamp-applications.xml:274(para)
22269
#: serverguide/C/lamp-applications.xml:290(para)
22254
22270
msgid ""
22255
22271
"Before installing <application>MediaWiki</application> you should also "
22256
22272
"install <application>Apache2</application>, the "
22261
22277
"installation instructions."
22262
22278
msgstr ""
22263
22279
22264
#: serverguide/C/lamp-applications.xml:282(para)
22280
#: serverguide/C/lamp-applications.xml:298(para)
22265
22281
msgid ""
22266
22282
"To install <application>MediaWiki</application>, run the following command "
22267
22283
"in the command prompt:"
22269
22285
"Za namesitev programa <application>MediaWiki</application> v terminal "
22270
22286
"vnesite:"
22271
22287
22272
#: serverguide/C/lamp-applications.xml:288(command)
22288
#: serverguide/C/lamp-applications.xml:304(command)
22273
22289
msgid "sudo apt-get install mediawiki php5-gd"
22274
22290
msgstr "sudo apt-get install mediawiki php5-gd"
22275
22291
22276
#: serverguide/C/lamp-applications.xml:291(para)
22292
#: serverguide/C/lamp-applications.xml:307(para)
22277
22293
msgid ""
22278
22294
"For additional <application>MediaWiki</application> functionality see the "
22279
22295
"<application>mediawiki-extensions</application> package."
22281
22297
"Za dodatne zmožnosti programa <application>MediaWiki</application> si "
22282
22298
"oglejte paket <application>mediawiki-extensions</application>."
22283
22299
22284
#: serverguide/C/lamp-applications.xml:301(para)
22300
#: serverguide/C/lamp-applications.xml:317(para)
22285
22301
msgid ""
22286
22302
"The Apache configuration file <filename>mediawiki.conf</filename> for "
22287
22303
"<application>MediaWiki</application> is installed in "
22290
22306
"file."
22291
22307
msgstr ""
22292
22308
22293
#: serverguide/C/lamp-applications.xml:309(screen)
22309
#: serverguide/C/lamp-applications.xml:324(screen)
22294
22310
#, no-wrap
22295
22311
msgid ""
22296
22312
"\n"
22299
22315
"\n"
22300
22316
"# Alias /mediawiki /var/lib/mediawiki\n"
22301
22317
22302
#: serverguide/C/lamp-applications.xml:312(para)
22318
#: serverguide/C/lamp-applications.xml:328(para)
22303
22319
msgid ""
22304
22320
"The <application>MediaWiki</application> configuration also needs to be "
22305
22321
"enabled."
22306
22322
msgstr ""
22307
22323
22308
#: serverguide/C/lamp-applications.xml:316(command)
22324
#: serverguide/C/lamp-applications.xml:332(command)
22309
22325
msgid "sudo a2enconf mediawiki.conf"
22310
22326
msgstr ""
22311
22327
22312
#: serverguide/C/lamp-applications.xml:319(para)
22328
#: serverguide/C/lamp-applications.xml:335(para)
22313
22329
msgid "Restart Apache server."
22314
22330
msgstr ""
22315
22331
22316
#: serverguide/C/lamp-applications.xml:326(para)
22332
#: serverguide/C/lamp-applications.xml:342(para)
22317
22333
msgid ""
22318
22334
"Access <application>MediaWiki</application> by visiting <ulink "
22319
22335
"url=\"http://localhost/mediawiki/mw-"
22323
22339
"config/index.php</ulink> if your server has no GUI.)"
22324
22340
msgstr ""
22325
22341
22326
#: serverguide/C/lamp-applications.xml:334(para)
22342
#: serverguide/C/lamp-applications.xml:350(para)
22327
22343
msgid ""
22328
22344
"Please read the <quote>Environmental checks</quote> section of the "
22329
22345
"configuration page. You should be able to fix many issues by carefully "
22330
22346
"reading this section."
22331
22347
msgstr ""
22332
22348
22333
#: serverguide/C/lamp-applications.xml:330(para)
22349
#: serverguide/C/lamp-applications.xml:357(para)
22334
22350
msgid ""
22335
22351
"Once the configuration is complete, you should copy the "
22336
22352
"<filename>LocalSettings.php</filename> file to "
22337
22353
"<filename>/etc/mediawiki</filename> directory:"
22338
22354
msgstr ""
22339
22355
22340
#: serverguide/C/lamp-applications.xml:337(command)
22356
#: serverguide/C/lamp-applications.xml:364(command)
22341
22357
msgid "sudo mv /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/"
22342
22358
msgstr "sudo mv /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/"
22343
22359
22344
#: serverguide/C/lamp-applications.xml:340(para)
22360
#: serverguide/C/lamp-applications.xml:367(para)
22345
22361
msgid ""
22346
22362
"You may also want to edit "
22347
22363
"<filename>/etc/mediawiki/LocalSettings.php</filename> in order to set the "
22348
22364
"memory limit (disabled by default):"
22349
22365
msgstr ""
22350
22366
22351
#: serverguide/C/lamp-applications.xml:345(programlisting)
22367
#: serverguide/C/lamp-applications.xml:372(programlisting)
22352
22368
#, no-wrap
22353
22369
msgid ""
22354
22370
"\n"
22355
22371
"ini_set( 'memory_limit', '64M' );\n"
22356
22372
msgstr ""
22357
22373
22358
#: serverguide/C/lamp-applications.xml:352(title)
22374
#: serverguide/C/lamp-applications.xml:379(title)
22359
22375
msgid "Extensions"
22360
22376
msgstr ""
22361
22377
22362
#: serverguide/C/lamp-applications.xml:353(para)
22378
#: serverguide/C/lamp-applications.xml:380(para)
22363
22379
msgid ""
22364
22380
"The extensions add new features and enhancements for the MediaWiki "
22365
22381
"application. The extensions give wiki administrators and end users the "
22366
22382
"ability to customize MediaWiki to their requirements."
22367
22383
msgstr ""
22368
22384
22369
#: serverguide/C/lamp-applications.xml:359(para)
22385
#: serverguide/C/lamp-applications.xml:386(para)
22370
22386
msgid ""
22371
22387
"You can download MediaWiki extensions as an archive file or checkout from "
22372
22388
"the Subversion repository. You should copy it to "
22375
22391
"<filename>/etc/mediawiki/LocalSettings.php</filename>."
22376
22392
msgstr ""
22377
22393
22378
#: serverguide/C/lamp-applications.xml:367(programlisting)
22394
#: serverguide/C/lamp-applications.xml:394(programlisting)
22379
22395
#, no-wrap
22380
22396
msgid ""
22381
22397
"\n"
22382
22398
"require_once \"$IP/extensions/ExtentionName/ExtentionName.php\";\n"
22383
22399
msgstr ""
22384
22400
22385
#: serverguide/C/lamp-applications.xml:377(para)
22401
#: serverguide/C/lamp-applications.xml:404(para)
22386
22402
msgid ""
22387
22403
"For more details, please refer to the <ulink "
22388
22404
"url=\"http://www.mediawiki.org\">MediaWiki</ulink> web site."
22390
22406
"Za več podrobnosti si oglejte spletno stran <ulink "
22391
22407
"url=\"http://www.mediawiki.org\">MediaWiki</ulink>."
22392
22408
22393
#: serverguide/C/lamp-applications.xml:394(para)
22409
#: serverguide/C/lamp-applications.xml:410(para)
22394
22410
msgid ""
22395
22411
"The <ulink url=\"http://www.packtpub.com/Mediawiki/book\">MediaWiki "
22396
22412
"Administrators' Tutorial Guide</ulink> contains a wealth of information for "
22397
22413
"new MediaWiki administrators."
22398
22414
msgstr ""
22399
22415
22400
#: serverguide/C/lamp-applications.xml:389(para)
22416
#: serverguide/C/lamp-applications.xml:416(para)
22401
22417
msgid ""
22402
22418
"Also, the <ulink url=\"https://help.ubuntu.com/community/MediaWiki\">Ubuntu "
22403
22419
"Wiki MediaWiki</ulink> page is a good resource."
22404
22420
msgstr ""
22405
22421
22406
#: serverguide/C/lamp-applications.xml:399(title)
22422
#: serverguide/C/lamp-applications.xml:426(title)
22407
22423
msgid "phpMyAdmin"
22408
22424
msgstr "phpMyAdmin"
22409
22425
22410
#: serverguide/C/lamp-applications.xml:401(para)
22426
#: serverguide/C/lamp-applications.xml:428(para)
22411
22427
msgid ""
22412
22428
"<application>phpMyAdmin</application> is a LAMP application specifically "
22413
22429
"written for administering <application>MySQL</application> servers. Written "
22415
22431
"phpMyAdmin provides a graphical interface for database administration tasks."
22416
22432
msgstr ""
22417
22433
22418
#: serverguide/C/lamp-applications.xml:410(para)
22434
#: serverguide/C/lamp-applications.xml:437(para)
22419
22435
msgid ""
22420
22436
"Before installing <application>phpMyAdmin</application> you will need access "
22421
22437
"to a <application>MySQL</application> database either on the same host as "
22424
22440
"enter:"
22425
22441
msgstr ""
22426
22442
22427
#: serverguide/C/lamp-applications.xml:417(command)
22443
#: serverguide/C/lamp-applications.xml:444(command)
22428
22444
msgid "sudo apt-get install phpmyadmin"
22429
22445
msgstr ""
22430
22446
22431
#: serverguide/C/lamp-applications.xml:420(para)
22447
#: serverguide/C/lamp-applications.xml:447(para)
22432
22448
msgid ""
22433
22449
"At the prompt choose which web server to be configured for "
22434
22450
"<application>phpMyAdmin</application>. The rest of this section will use "
22435
22451
"<application>Apache2</application> for the web server."
22436
22452
msgstr ""
22437
22453
22438
#: serverguide/C/lamp-applications.xml:436(para)
22454
#: serverguide/C/lamp-applications.xml:452(para)
22439
22455
msgid ""
22440
22456
"In a browser go to <emphasis>http://servername/phpmyadmin</emphasis>, "
22441
22457
"replacing <emphasis role=\"italic\">servername</emphasis> with the server's "
22445
22461
"user's password."
22446
22462
msgstr ""
22447
22463
22448
#: serverguide/C/lamp-applications.xml:432(para)
22464
#: serverguide/C/lamp-applications.xml:459(para)
22449
22465
msgid ""
22450
22466
"Once logged in you can reset the <emphasis>root</emphasis> password if "
22451
22467
"needed, create users, create/destroy databases and tables, etc."
22452
22468
msgstr ""
22453
22469
22454
#: serverguide/C/lamp-applications.xml:440(para)
22470
#: serverguide/C/lamp-applications.xml:467(para)
22455
22471
msgid ""
22456
22472
"The configuration files for <application>phpMyAdmin</application> are "
22457
22473
"located in <filename>/etc/phpmyadmin</filename>. The main configuration file "
22460
22476
"<application>phpMyAdmin</application>."
22461
22477
msgstr ""
22462
22478
22463
#: serverguide/C/lamp-applications.xml:446(para)
22479
#: serverguide/C/lamp-applications.xml:473(para)
22464
22480
msgid ""
22465
22481
"To use <application>phpMyAdmin</application> to administer a MySQL database "
22466
22482
"hosted on another server, adjust the following in "
22467
22483
"<filename>/etc/phpmyadmin/config.inc.php</filename>:"
22468
22484
msgstr ""
22469
22485
22470
#: serverguide/C/lamp-applications.xml:451(programlisting)
22486
#: serverguide/C/lamp-applications.xml:478(programlisting)
22471
22487
#, no-wrap
22472
22488
msgid ""
22473
22489
"\n"
22474
22490
"$cfg['Servers'][$i]['host'] = 'db_server';\n"
22475
22491
msgstr ""
22476
22492
22477
#: serverguide/C/lamp-applications.xml:456(para)
22493
#: serverguide/C/lamp-applications.xml:483(para)
22478
22494
msgid ""
22479
22495
"Replace <emphasis role=\"italic\">db_server</emphasis> with the actual "
22480
22496
"remote database server name or IP address. Also, be sure that the "
22482
22498
"remote database."
22483
22499
msgstr ""
22484
22500
22485
#: serverguide/C/lamp-applications.xml:462(para)
22501
#: serverguide/C/lamp-applications.xml:489(para)
22486
22502
msgid ""
22487
22503
"Once configured, log out of <application>phpMyAdmin</application> and back "
22488
22504
"in, and you should be accessing the new server."
22489
22505
msgstr ""
22490
22506
22491
#: serverguide/C/lamp-applications.xml:466(para)
22507
#: serverguide/C/lamp-applications.xml:493(para)
22492
22508
msgid ""
22493
22509
"The <filename>config.header.inc.php</filename> and "
22494
22510
"<filename>config.footer.inc.php</filename> files are used to add a HTML "
22495
22511
"header and footer to <application>phpMyAdmin</application>."
22496
22512
msgstr ""
22497
22513
22498
#: serverguide/C/lamp-applications.xml:471(para)
22514
#: serverguide/C/lamp-applications.xml:498(para)
22499
22515
msgid ""
22500
22516
"Another important configuration file is "
22501
22517
"<filename>/etc/phpmyadmin/apache.conf</filename>, this file is symlinked to "
22502
"<filename>/etc/apache2/conf.d/phpmyadmin.conf</filename>, and is used to "
22503
"configure <application>Apache2</application> to serve the "
22504
"<application>phpMyAdmin</application> site. The file contains directives for "
22505
"loading <application>PHP</application>, directory permissions, etc. For more "
22506
"information on configuring <application>Apache2</application> see <xref "
22507
"linkend=\"httpd\"/>."
22508
msgstr ""
22509
22510
#: serverguide/C/lamp-applications.xml:485(para)
22518
"<filename>/etc/apache2/conf-available/phpmyadmin.conf</filename>, and, once "
22519
"enabled, is used to configure <application>Apache2</application> to serve "
22520
"the <application>phpMyAdmin</application> site. The file contains directives "
22521
"for loading <application>PHP</application>, directory permissions, etc. From "
22522
"a terminal type:"
22523
msgstr ""
22524
22525
#: serverguide/C/lamp-applications.xml:506(command)
22526
msgid ""
22527
"sudo ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf-"
22528
"available/phpmyadmin.conf"
22529
msgstr ""
22530
22531
#: serverguide/C/lamp-applications.xml:507(command)
22532
msgid "sudo a2enconf phpmyadmin.conf"
22533
msgstr ""
22534
22535
#: serverguide/C/lamp-applications.xml:511(para)
22536
msgid ""
22537
"For more information on configuring <application>Apache2</application> see "
22538
"<xref linkend=\"httpd\"/>."
22539
msgstr ""
22540
22541
#: serverguide/C/lamp-applications.xml:522(para)
22511
22542
msgid ""
22512
22543
"The <application>phpMyAdmin</application> documentation comes installed with "
22513
22544
"the package and can be accessed from the <emphasis>phpMyAdmin "
22516
22547
"url=\"http://www.phpmyadmin.net/home_page/docs.php\">phpMyAdmin</ulink> site."
22517
22548
msgstr ""
22518
22549
22519
#: serverguide/C/lamp-applications.xml:492(para)
22550
#: serverguide/C/lamp-applications.xml:529(para)
22520
22551
msgid ""
22521
22552
"Also, <ulink url=\"http://www.packtpub.com/phpmyadmin-3rd-"
22522
22553
"edition/book\">Mastering phpMyAdmin</ulink> is a great resource."
22523
22554
msgstr ""
22524
22555
22525
#: serverguide/C/lamp-applications.xml:497(para)
22556
#: serverguide/C/lamp-applications.xml:534(para)
22526
22557
msgid ""
22527
22558
"A third resource is the <ulink "
22528
22559
"url=\"https://help.ubuntu.com/community/phpMyAdmin\">phpMyAdmin Ubuntu "
22529
22560
"Wiki</ulink> page."
22530
22561
msgstr ""
22531
22562
22532
#: serverguide/C/lamp-applications.xml:517(title)
22563
#: serverguide/C/lamp-applications.xml:543(title)
22533
22564
msgid "WordPress"
22534
22565
msgstr ""
22535
22566
22536
#: serverguide/C/lamp-applications.xml:518(para)
22567
#: serverguide/C/lamp-applications.xml:544(para)
22537
22568
msgid ""
22538
22569
"Wordpress is a blog tool, publishing platform and CMS implemented in PHP and "
22539
22570
"licensed under the GNU GPLv2."
22540
22571
msgstr ""
22541
22572
22542
#: serverguide/C/lamp-applications.xml:524(para)
22573
#: serverguide/C/lamp-applications.xml:550(para)
22543
22574
msgid ""
22544
22575
"To install <application>WordPress</application>, run the following comand in "
22545
22576
"the command prompt:"
22546
22577
msgstr ""
22547
22578
22548
#: serverguide/C/lamp-applications.xml:529(command)
22579
#: serverguide/C/lamp-applications.xml:555(command)
22549
22580
msgid "sudo apt-get install wordpress"
22550
22581
msgstr ""
22551
22582
22552
#: serverguide/C/lamp-applications.xml:532(para)
22583
#: serverguide/C/lamp-applications.xml:558(para)
22553
22584
msgid ""
22554
22585
"You should also install <application>apache2</application> web server and "
22555
22586
"<application>mysql</application> server. For installing "
22560
22591
"linkend=\"mysql\"/> section."
22561
22592
msgstr ""
22562
22593
22563
#: serverguide/C/lamp-applications.xml:546(para)
22594
#: serverguide/C/lamp-applications.xml:572(para)
22564
22595
msgid ""
22565
22596
"For configuring your first <application>WordPress</application> application, "
22566
22597
"configure an apache site. Open <filename>/etc/apache2/sites-"
22567
22598
"available/wordpress.conf</filename> and write the following lines:"
22568
22599
msgstr ""
22569
22600
22570
#: serverguide/C/lamp-applications.xml:553(programlisting)
22601
#: serverguide/C/lamp-applications.xml:579(programlisting)
22571
22602
#, no-wrap
22572
22603
msgid ""
22573
22604
"\n"
22587
22618
" "
22588
22619
msgstr ""
22589
22620
22590
#: serverguide/C/lamp-applications.xml:569(para)
22621
#: serverguide/C/lamp-applications.xml:595(para)
22591
22622
msgid "Enable this new <application>WordPress</application> site"
22592
22623
msgstr ""
22593
22624
22594
#: serverguide/C/lamp-applications.xml:572(command)
22625
#: serverguide/C/lamp-applications.xml:598(command)
22595
22626
msgid "sudo a2ensite wordpress"
22596
22627
msgstr ""
22597
22628
22598
#: serverguide/C/lamp-applications.xml:575(para)
22629
#: serverguide/C/lamp-applications.xml:601(para)
22599
22630
msgid ""
22600
22631
"Once you configure the <application>apache2</application> web server and "
22601
22632
"make it ready for your <application>WordPress</application> application, you "
22603
22634
"<application>apache2</application> web server:"
22604
22635
msgstr ""
22605
22636
22606
#: serverguide/C/lamp-applications.xml:587(para)
22637
#: serverguide/C/lamp-applications.xml:613(para)
22607
22638
msgid ""
22608
22639
"To facilitate multiple <application>WordPress</application> installations, "
22609
22640
"the name of this configuration file is based on the Host header of the HTTP "
22616
22647
"NAME_OF_YOUR_VIRTUAL_HOST.php."
22617
22648
msgstr ""
22618
22649
22619
#: serverguide/C/lamp-applications.xml:598(para)
22650
#: serverguide/C/lamp-applications.xml:624(para)
22620
22651
msgid ""
22621
22652
"Once the configuration file is written, it is up to you to choose a "
22622
22653
"convention for username and password to mysql for each "
22624
22655
"shows only one, localhost, example."
22625
22656
msgstr ""
22626
22657
22627
#: serverguide/C/lamp-applications.xml:605(para)
22658
#: serverguide/C/lamp-applications.xml:631(para)
22628
22659
msgid ""
22629
22660
"Now configure <application>WordPress</application> to use a mysql database. "
22630
22661
"Open <filename>/etc/wordpress/config-localhost.php</filename> file and write "
22631
22662
"the following lines:"
22632
22663
msgstr ""
22633
22664
22634
#: serverguide/C/lamp-applications.xml:611(programlisting)
22665
#: serverguide/C/lamp-applications.xml:637(programlisting)
22635
22666
#, no-wrap
22636
22667
msgid ""
22637
22668
"\n"
22644
22675
"?>\n"
22645
22676
msgstr ""
22646
22677
22647
#: serverguide/C/lamp-applications.xml:620(para)
22678
#: serverguide/C/lamp-applications.xml:646(para)
22648
22679
msgid ""
22649
22680
"Now create this mysql database. Open a temporary file with mysql commands "
22650
22681
"<filename>wordpress.sql</filename> and write the following lines:"
22651
22682
msgstr ""
22652
22683
22653
#: serverguide/C/lamp-applications.xml:623(programlisting)
22684
#: serverguide/C/lamp-applications.xml:649(programlisting)
22654
22685
#, no-wrap
22655
22686
msgid ""
22656
22687
"\n"
22662
22693
"FLUSH PRIVILEGES;\n"
22663
22694
msgstr ""
22664
22695
22665
#: serverguide/C/lamp-applications.xml:631(para)
22696
#: serverguide/C/lamp-applications.xml:657(para)
22666
22697
msgid "Execute these commands."
22667
22698
msgstr ""
22668
22699
22669
#: serverguide/C/lamp-applications.xml:633(command)
22700
#: serverguide/C/lamp-applications.xml:659(command)
22670
22701
msgid ""
22671
22702
"cat wordpress.sql | sudo mysql --defaults-extra-file=/etc/mysql/debian.cnf"
22672
22703
msgstr ""
22673
22704
22674
#: serverguide/C/lamp-applications.xml:635(para)
22705
#: serverguide/C/lamp-applications.xml:661(para)
22675
22706
msgid ""
22676
22707
"Your new <application>WordPress</application> can now be configured by "
22677
22708
"visiting <ulink url=\"http://localhost/blog/wp-"
22684
22715
"mail and click Install WordPress."
22685
22716
msgstr ""
22686
22717
22687
#: serverguide/C/lamp-applications.xml:642(para)
22718
#: serverguide/C/lamp-applications.xml:668(para)
22688
22719
msgid ""
22689
22720
"Note the generated password (if applicable) and click the login password. "
22690
22721
"Your <application>WordPress</application> is now ready for use."
22691
22722
msgstr ""
22692
22723
22693
#: serverguide/C/lamp-applications.xml:652(ulink)
22724
#: serverguide/C/lamp-applications.xml:678(ulink)
22694
22725
msgid "WordPress.org Codex"
22695
22726
msgstr ""
22696
22727
22697
#: serverguide/C/lamp-applications.xml:657(ulink)
22728
#: serverguide/C/lamp-applications.xml:683(ulink)
22698
22729
msgid "Ubuntu Wiki WordPress"
22699
22730
msgstr ""
22700
22731
22734
22765
#: serverguide/C/introduction.xml:31(para)
22735
22766
msgid ""
22736
22767
"There are a couple of different ways that Ubuntu Server Edition is "
22737
"supported, commercial support and community support. The main commercial "
22738
"support (and development funding) is available from Canonical Ltd. They "
22739
"supply reasonably priced support contracts on a per desktop or per server "
22768
"supported: commercial support and community support. The main commercial "
22769
"support (and development funding) is available from Canonical, Ltd. They "
22770
"supply reasonably- priced support contracts on a per desktop or per server "
22740
22771
"basis. For more information see the <ulink "
22741
"url=\"http://www.canonical.com/services/support\">Canonical Services</ulink> "
22742
"page."
22772
"url=\"http://www.ubuntu.com/management\">Ubuntu Advantage</ulink> page."
22743
22773
msgstr ""
22744
22774
22745
#: serverguide/C/introduction.xml:38(para)
22775
#: serverguide/C/introduction.xml:40(para)
22746
22776
msgid ""
22747
"Community support is also provided by dedicated individuals, and companies, "
22777
"Community support is also provided by dedicated individuals and companies "
22748
22778
"that wish to make Ubuntu the best distribution possible. Support is provided "
22749
22779
"through multiple mailing lists, IRC channels, forums, blogs, wikis, etc. The "
22750
22780
"large amount of information available can be overwhelming, but a good search "
22792
22822
msgid "Install Type"
22793
22823
msgstr "Vrsta namestitve"
22794
22824
22795
#: serverguide/C/virtualization.xml:1186(para) serverguide/C/virtualization.xml:1248(para) serverguide/C/installation.xml:36(para)
22825
#: serverguide/C/installation.xml:36(para)
22796
22826
msgid "CPU"
22797
22827
msgstr "CPE"
22798
22828
22824
22854
msgid "512 megabytes"
22825
22855
msgstr ""
22826
22856
22827
#: serverguide/C/installation.xml:51(para)
22857
#: serverguide/C/installation.xml:50(para)
22828
22858
msgid "1 gigabyte"
22829
22859
msgstr "1 gigabajt"
22830
22860
22836
22866
msgid "Server (Minimal)"
22837
22867
msgstr ""
22838
22868
22839
#: serverguide/C/installation.xml:48(para)
22869
#: serverguide/C/installation.xml:55(para)
22840
22870
msgid "300 megahertz"
22841
22871
msgstr ""
22842
22872
22852
22882
msgid "1.4 gigabytes"
22853
22883
msgstr ""
22854
22884
22855
#: serverguide/C/installation.xml:56(para)
22885
#: serverguide/C/installation.xml:64(para)
22856
22886
msgid ""
22857
22887
"The Server Edition provides a common base for all sorts of server "
22858
22888
"applications. It is a minimalist design providing a platform for the desired "
22859
22889
"services, such as file/print services, web hosting, email hosting, etc."
22860
22890
msgstr ""
22861
22891
22862
#: serverguide/C/installation.xml:70(title)
22892
#: serverguide/C/installation.xml:72(title)
22863
22893
msgid "Server and Desktop Differences"
22864
22894
msgstr ""
22865
22895
22866
#: serverguide/C/installation.xml:71(para)
22896
#: serverguide/C/installation.xml:73(para)
22867
22897
msgid ""
22868
22898
"There are a few differences between the <emphasis>Ubuntu Server "
22869
22899
"Edition</emphasis> and the <emphasis>Ubuntu Desktop Edition</emphasis>. It "
22879
22909
"environment in the Server Edition and the installation process."
22880
22910
msgstr ""
22881
22911
22882
#: serverguide/C/installation.xml:84(title)
22912
#: serverguide/C/installation.xml:86(title)
22883
22913
msgid "Kernel Differences:"
22884
22914
msgstr "Razlike med jedri:"
22885
22915
22886
#: serverguide/C/installation.xml:85(para)
22916
#: serverguide/C/installation.xml:87(para)
22887
22917
msgid ""
22888
22918
"Ubuntu version 10.10 and prior, actually had different kernels for the "
22889
22919
"server and desktop editions. Ubuntu no longer has separate -server and -"
22891
22921
"flavor to help reduce the maintenance burden over the life of the release."
22892
22922
msgstr ""
22893
22923
22894
#: serverguide/C/installation.xml:90(para)
22924
#: serverguide/C/installation.xml:92(para)
22895
22925
msgid ""
22896
22926
"When running a 64-bit version of Ubuntu on 64-bit processors you are not "
22897
22927
"limited by memory addressing space."
22905
22935
"great resource on the options available."
22906
22936
msgstr ""
22907
22937
22908
#: serverguide/C/installation.xml:104(title)
22938
#: serverguide/C/installation.xml:106(title)
22909
22939
msgid "Backing Up"
22910
22940
msgstr ""
22911
22941
22912
#: serverguide/C/installation.xml:107(para)
22942
#: serverguide/C/installation.xml:109(para)
22913
22943
msgid ""
22914
22944
"Before installing <application>Ubuntu Server Edition</application> you "
22915
22945
"should make sure all data on the system is backed up. See <xref "
22916
22946
"linkend=\"backups\"/> for backup options."
22917
22947
msgstr ""
22918
22948
22919
#: serverguide/C/installation.xml:111(para)
22949
#: serverguide/C/installation.xml:113(para)
22920
22950
msgid ""
22921
22951
"If this is not the first time an operating system has been installed on your "
22922
22952
"computer, it is likely you will need to re-partition your disk to make room "
22923
22953
"for Ubuntu."
22924
22954
msgstr ""
22925
22955
22926
#: serverguide/C/installation.xml:115(para)
22956
#: serverguide/C/installation.xml:117(para)
22927
22957
msgid ""
22928
22958
"Any time you partition your disk, you should be prepared to lose everything "
22929
22959
"on the disk should you make a mistake or something goes wrong during "
22931
22961
"have seen years of use, but they also perform destructive actions."
22932
22962
msgstr ""
22933
22963
22934
#: serverguide/C/installation.xml:127(title)
22964
#: serverguide/C/installation.xml:129(title)
22935
22965
msgid "Installing from CD"
22936
22966
msgstr "Namestitev s CD-ja"
22937
22967
22938
#: serverguide/C/installation.xml:128(para)
22968
#: serverguide/C/installation.xml:130(para)
22939
22969
msgid ""
22940
22970
"The basic steps to install Ubuntu Server Edition from CD are the same as "
22941
22971
"those for installing any operating system from CD. Unlike the "
22944
22974
"Server Edition uses a console menu based process instead."
22945
22975
msgstr ""
22946
22976
22947
#: serverguide/C/installation.xml:135(para)
22977
#: serverguide/C/installation.xml:137(para)
22948
22978
msgid ""
22949
"First, download and burn the appropriate ISO file from the <ulink "
22979
"Download and burn the appropriate ISO file from the <ulink "
22950
22980
"url=\"http://www.ubuntu.com/download/server/download\"> Ubuntu web "
22951
22981
"site</ulink>."
22952
22982
msgstr ""
22953
22983
22954
#: serverguide/C/installation.xml:141(para)
22984
#: serverguide/C/installation.xml:143(para)
22955
22985
msgid "Boot the system from the CD-ROM drive."
22956
22986
msgstr "Zaženite sistem s pogona CD-ROM."
22957
22987
22958
#: serverguide/C/installation.xml:146(para)
22988
#: serverguide/C/installation.xml:148(para)
22959
22989
msgid "At the boot prompt you will be asked to select a language."
22960
22990
msgstr ""
22961
22991
22962
#: serverguide/C/installation.xml:151(para)
22992
#: serverguide/C/installation.xml:153(para)
22963
22993
msgid ""
22964
22994
"From the main boot menu there are some additional options to install Ubuntu "
22965
22995
"Server Edition. You can install a basic Ubuntu Server, check the CD-ROM for "
22968
22998
"install."
22969
22999
msgstr ""
22970
23000
22971
#: serverguide/C/installation.xml:158(para)
23001
#: serverguide/C/installation.xml:160(para)
22972
23002
msgid ""
22973
"The installer asks for which language it should use. Afterwards, you are "
22974
"asked to select your location."
23003
"The installer asks which language it should use. Afterwards, you are asked "
23004
"to select your location."
22975
23005
msgstr ""
22976
23006
22977
#: serverguide/C/installation.xml:164(para)
23007
#: serverguide/C/installation.xml:166(para)
22978
23008
msgid ""
22979
23009
"Next, the installation process begins by asking for your keyboard layout. "
22980
23010
"You can ask the installer to attempt auto-detecting it, or you can select it "
22981
23011
"manually from a list."
22982
23012
msgstr ""
22983
23013
22984
#: serverguide/C/installation.xml:170(para)
23014
#: serverguide/C/installation.xml:172(para)
22985
23015
msgid ""
22986
23016
"The installer then discovers your hardware configuration, and configures the "
22987
23017
"network settings using DHCP. If you do not wish to use DHCP at the next "
22996
23026
msgid "Next, the installer asks for the system's hostname."
22997
23027
msgstr ""
22998
23028
22999
#: serverguide/C/installation.xml:195(para)
23029
#: serverguide/C/installation.xml:184(para)
23000
23030
msgid ""
23001
23031
"A new user is set up; this user will have <emphasis>root</emphasis> access "
23002
23032
"through the <application>sudo</application> utility."
23003
23033
msgstr ""
23004
23034
23005
#: serverguide/C/installation.xml:201(para)
23035
#: serverguide/C/installation.xml:190(para)
23006
23036
msgid ""
23007
"After the user settings have been completed, you will be asked to encrypt "
23008
"your <filename role=\"directory\">home</filename> directory."
23037
"After the user settings have been completed, you will be asked if you want "
23038
"to encrypt your <filename role=\"directory\">home</filename> directory."
23009
23039
msgstr ""
23010
23040
23011
23041
#: serverguide/C/installation.xml:196(para)
23012
23042
msgid "Next, the installer asks for the system's Time Zone."
23013
23043
msgstr ""
23014
23044
23015
#: serverguide/C/installation.xml:182(para)
23045
#: serverguide/C/installation.xml:201(para)
23016
23046
msgid ""
23017
23047
"You can then choose from several options to configure the hard drive layout. "
23018
"Afterwards you are asked for which disk to install to. You may get "
23019
"confirmation prompts before rewriting the partition table or setting up LVM "
23020
"depending on disk layout. If you choose LVM, you will be asked for the size "
23021
"of the root logical volume. For advanced disk options see <xref "
23022
"linkend=\"advanced-installation\"/>."
23048
"Afterwards you are asked which disk to install to. You may get confirmation "
23049
"prompts before rewriting the partition table or setting up LVM depending on "
23050
"disk layout. If you choose LVM, you will be asked for the size of the root "
23051
"logical volume. For advanced disk options see <xref linkend=\"advanced-"
23052
"installation\"/>."
23023
23053
msgstr ""
23024
23054
23025
#: serverguide/C/installation.xml:190(para)
23055
#: serverguide/C/installation.xml:209(para)
23026
23056
msgid "The Ubuntu base system is then installed."
23027
23057
msgstr "Nameščen bo osnovni sistem Ubuntu."
23028
23058
23029
#: serverguide/C/installation.xml:207(para)
23059
#: serverguide/C/installation.xml:214(para)
23030
23060
msgid ""
23031
23061
"The next step in the installation process is to decide how you want to "
23032
23062
"update the system. There are three options:"
23034
23064
"V naslednjem koraku namestitve se boste morali odločiti, kako želite "
23035
23065
"posodobiti svoj sistem. Na voljo so tri možnosti:"
23036
23066
23037
#: serverguide/C/installation.xml:213(para)
23067
#: serverguide/C/installation.xml:220(para)
23038
23068
msgid ""
23039
23069
"<emphasis>No automatic updates</emphasis>: this requires an administrator to "
23040
23070
"log into the machine and manually install updates."
23042
23072
"<emphasis>Brez samodejnih posodobitev</emphasis>: to zahteva, da se skrbnik "
23043
23073
"prijavi na napravo in ročno namesti posodobitve."
23044
23074
23045
#: serverguide/C/installation.xml:219(para)
23075
#: serverguide/C/installation.xml:226(para)
23046
23076
msgid ""
23047
23077
"<emphasis>Install security updates automatically</emphasis>: this will "
23048
23078
"install the <application>unattended-upgrades</application> package, which "
23050
23080
"For more details see <xref linkend=\"automatic-updates\"/>."
23051
23081
msgstr ""
23052
23082
23053
#: serverguide/C/installation.xml:226(para)
23083
#: serverguide/C/installation.xml:233(para)
23054
23084
msgid ""
23055
23085
"<emphasis>Manage the system with Landscape</emphasis>: Landscape is a paid "
23056
23086
"service provided by Canonical to help manage your Ubuntu machines. See the "
23057
"<ulink url=\"http://www.canonical.com/projects/landscape\">Landscape</ulink> "
23058
"site for details."
23087
"<ulink url=\"http://landscape.canonical.com/\">Landscape</ulink> site for "
23088
"details."
23059
23089
msgstr ""
23060
23090
23061
#: serverguide/C/installation.xml:235(para)
23091
#: serverguide/C/installation.xml:242(para)
23062
23092
msgid ""
23063
23093
"You now have the option to install, or not install, several package tasks. "
23064
23094
"See <xref linkend=\"install-tasks\"/> for details. Also, there is an option "
23066
23096
"install. For more information see <xref linkend=\"aptitude\"/>."
23067
23097
msgstr ""
23068
23098
23069
#: serverguide/C/installation.xml:243(para)
23099
#: serverguide/C/installation.xml:250(para)
23070
23100
msgid "Finally, the last step before rebooting is to set the clock to UTC."
23071
23101
msgstr ""
23072
23102
"Zadnji korak pred ponovnim zagonom je, da uro nastavite na UTC (GMT)."
23073
23103
23074
#: serverguide/C/installation.xml:249(para)
23104
#: serverguide/C/installation.xml:256(para)
23075
23105
msgid ""
23076
23106
"If at any point during installation you are not satisfied by the default "
23077
23107
"setting, use the \"Go Back\" function at any prompt to be brought to a "
23079
23109
"settings."
23080
23110
msgstr ""
23081
23111
23082
#: serverguide/C/installation.xml:254(para)
23112
#: serverguide/C/installation.xml:261(para)
23083
23113
msgid ""
23084
23114
"At some point during the installation process you may want to read the help "
23085
23115
"screen provided by the installation system. To do this, press F1."
23092
23122
"Installation Guide</ulink>."
23093
23123
msgstr ""
23094
23124
23095
#: serverguide/C/installation.xml:265(title)
23125
#: serverguide/C/installation.xml:272(title)
23096
23126
msgid "Package Tasks"
23097
23127
msgstr ""
23098
23128
23099
#: serverguide/C/installation.xml:266(para)
23129
#: serverguide/C/installation.xml:273(para)
23100
23130
msgid ""
23101
23131
"During the Server Edition installation you have the option of installing "
23102
23132
"additional packages from the CD. The packages are grouped by the type of "
23103
23133
"service they provide."
23104
23134
msgstr ""
23105
23135
23106
#: serverguide/C/installation.xml:272(para)
23136
#: serverguide/C/installation.xml:279(para)
23107
23137
msgid "DNS server: Selects the BIND DNS server and its documentation."
23108
23138
msgstr ""
23109
23139
23110
#: serverguide/C/installation.xml:277(para)
23140
#: serverguide/C/installation.xml:284(para)
23111
23141
msgid "LAMP server: Selects a ready-made Linux/Apache/MySQL/PHP server."
23112
23142
msgstr ""
23113
23143
23114
#: serverguide/C/installation.xml:282(para)
23144
#: serverguide/C/installation.xml:289(para)
23115
23145
msgid ""
23116
23146
"Mail server: This task selects a variety of packages useful for a general "
23117
23147
"purpose mail server system."
23118
23148
msgstr ""
23119
23149
23120
#: serverguide/C/installation.xml:287(para)
23150
#: serverguide/C/installation.xml:294(para)
23121
23151
msgid "OpenSSH server: Selects packages needed for an OpenSSH server."
23122
23152
msgstr ""
23123
23153
23124
#: serverguide/C/installation.xml:292(para)
23154
#: serverguide/C/installation.xml:299(para)
23125
23155
msgid ""
23126
23156
"PostgreSQL database: This task selects client and server packages for the "
23127
23157
"PostgreSQL database."
23128
23158
msgstr ""
23129
23159
23130
#: serverguide/C/installation.xml:297(para)
23160
#: serverguide/C/installation.xml:304(para)
23131
23161
msgid "Print server: This task sets up your system to be a print server."
23132
23162
msgstr ""
23133
23163
23134
#: serverguide/C/installation.xml:302(para)
23164
#: serverguide/C/installation.xml:309(para)
23135
23165
msgid ""
23136
23166
"Samba File server: This task sets up your system to be a Samba file server, "
23137
23167
"which is especially suitable in networks with both Windows and Linux systems."
23138
23168
msgstr ""
23139
23169
23140
#: serverguide/C/installation.xml:308(para)
23170
#: serverguide/C/installation.xml:315(para)
23141
23171
msgid "Tomcat Java server: Installs Apache Tomcat and needed dependencies."
23142
23172
msgstr ""
23143
23173
23144
#: serverguide/C/installation.xml:313(para)
23174
#: serverguide/C/installation.xml:320(para)
23145
23175
msgid ""
23146
23176
"Virtual Machine host: Includes packages needed to run KVM virtual machines."
23147
23177
msgstr ""
23148
23178
23149
#: serverguide/C/installation.xml:318(para)
23179
#: serverguide/C/installation.xml:325(para)
23150
23180
msgid ""
23151
23181
"Manually select packages: Executes <application>aptitude</application> "
23152
23182
"allowing you to individually select packages."
23153
23183
msgstr ""
23154
23184
23155
#: serverguide/C/installation.xml:323(para)
23185
#: serverguide/C/installation.xml:330(para)
23156
23186
msgid ""
23157
23187
"Installing the package groups is accomplished using the "
23158
23188
"<application>tasksel</application> utility. One of the important differences "
23163
23193
"a fully integrated service."
23164
23194
msgstr ""
23165
23195
23166
#: serverguide/C/installation.xml:330(para)
23196
#: serverguide/C/installation.xml:337(para)
23167
23197
msgid ""
23168
23198
"Once the installation process has finished you can view a list of available "
23169
23199
"tasks by entering the following from a terminal prompt:"
23171
23201
"Ko bo namestitveno opravilo dokončano, si lahko v terminalu s sledečim "
23172
23202
"ukazom ogledate seznam opravil, ki so na voljo:"
23173
23203
23174
#: serverguide/C/installation.xml:335(command)
23204
#: serverguide/C/installation.xml:342(command)
23175
23205
msgid "tasksel --list-tasks"
23176
23206
msgstr "tasksel --list-tasks"
23177
23207
23178
#: serverguide/C/installation.xml:338(para)
23208
#: serverguide/C/installation.xml:345(para)
23179
23209
msgid ""
23180
23210
"The output will list tasks from other Ubuntu based distributions such as "
23181
23211
"Kubuntu and Edubuntu. Note that you can also invoke the "
23183
23213
"the different tasks available."
23184
23214
msgstr ""
23185
23215
23186
#: serverguide/C/installation.xml:344(para)
23216
#: serverguide/C/installation.xml:351(para)
23187
23217
msgid ""
23188
23218
"You can view a list of which packages are installed with each task using the "
23189
23219
"<emphasis>--task-packages</emphasis> option. For example, to list the "
23194
23224
"ki bodo nameščeni z določenim opravilom. Na primer, za seznam paketov, ki "
23195
23225
"jih namesti opravilo <emphasis>strežnik DNS</emphasis>, bi morali vpisati:"
23196
23226
23197
#: serverguide/C/installation.xml:349(command)
23227
#: serverguide/C/installation.xml:356(command)
23198
23228
msgid "tasksel --task-packages dns-server"
23199
23229
msgstr "tasksel --task-packages dns-server"
23200
23230
23201
#: serverguide/C/installation.xml:351(para)
23231
#: serverguide/C/installation.xml:358(para)
23202
23232
msgid "The output of the command should list:"
23203
23233
msgstr "Izpis ukaza bi moral navesti:"
23204
23234
23205
#: serverguide/C/installation.xml:354(programlisting)
23235
#: serverguide/C/installation.xml:361(programlisting)
23206
23236
#, no-wrap
23207
23237
msgid ""
23208
23238
"\n"
23215
23245
"bind9utils \n"
23216
23246
"bind9\n"
23217
23247
23218
#: serverguide/C/installation.xml:359(para)
23248
#: serverguide/C/installation.xml:366(para)
23219
23249
msgid ""
23220
23250
"If you did not install one of the tasks during the installation process, but "
23221
23251
"for example you decide to make your new LAMP server a DNS server as well, "
23222
23252
"simply insert the installation CD and from a terminal:"
23223
23253
msgstr ""
23224
23254
23225
#: serverguide/C/installation.xml:364(command)
23255
#: serverguide/C/installation.xml:371(command)
23226
23256
msgid "sudo tasksel install dns-server"
23227
23257
msgstr "sudo tasksel install dns-server"
23228
23258
23229
#: serverguide/C/installation.xml:369(title)
23259
#: serverguide/C/installation.xml:376(title)
23230
23260
msgid "Upgrading"
23231
23261
msgstr "Nadgrajevanje"
23232
23262
23233
#: serverguide/C/installation.xml:370(para)
23263
#: serverguide/C/installation.xml:377(para)
23234
23264
msgid ""
23235
23265
"There are several ways to upgrade from one Ubuntu release to another. This "
23236
23266
"section gives an overview of the recommended upgrade method."
23238
23268
"Za nadgradnjo iz ene izdaje Ubuntuja v drugo obstaja več načinov. Ta odsek "
23239
23269
"vsebuje pregled priporočenih načinov nadgradnje."
23240
23270
23241
#: serverguide/C/installation.xml:374(title) serverguide/C/installation.xml:389(command)
23271
#: serverguide/C/installation.xml:381(title) serverguide/C/installation.xml:396(command)
23242
23272
msgid "do-release-upgrade"
23243
23273
msgstr "do-release-upgrade"
23244
23274
23245
#: serverguide/C/installation.xml:375(para)
23275
#: serverguide/C/installation.xml:382(para)
23246
23276
msgid ""
23247
23277
"The recommended way to upgrade a Server Edition installation is to use the "
23248
23278
"<application>do-release-upgrade</application> utility. Part of the "
23250
23280
"graphical dependencies and is installed by default."
23251
23281
msgstr ""
23252
23282
23253
#: serverguide/C/installation.xml:380(para)
23283
#: serverguide/C/installation.xml:387(para)
23254
23284
msgid ""
23255
23285
"Debian based systems can also be upgraded by using <command>apt-get dist-"
23256
23286
"upgrade</command>. However, using <application>do-release-"
23258
23288
"system configuration changes sometimes needed between releases."
23259
23289
msgstr ""
23260
23290
23261
#: serverguide/C/installation.xml:385(para)
23291
#: serverguide/C/installation.xml:392(para)
23262
23292
msgid "To upgrade to a newer release, from a terminal prompt enter:"
23263
23293
msgstr "Za nadgradnjo na novejšo izdajo, v terminal vnesite ukaz:"
23264
23294
23265
#: serverguide/C/installation.xml:391(para)
23295
#: serverguide/C/installation.xml:398(para)
23266
23296
msgid ""
23267
23297
"It is also possible to use <application>do-release-upgrade</application> to "
23268
23298
"upgrade to a development version of Ubuntu. To accomplish this use the "
23269
23299
"<emphasis>-d</emphasis> switch:"
23270
23300
msgstr ""
23271
23301
23272
#: serverguide/C/installation.xml:396(command)
23302
#: serverguide/C/installation.xml:403(command)
23273
23303
msgid "do-release-upgrade -d"
23274
23304
msgstr "do-release-upgrade -d"
23275
23305
23276
#: serverguide/C/installation.xml:399(para)
23306
#: serverguide/C/installation.xml:406(para)
23277
23307
msgid ""
23278
23308
"Upgrading to a development release is <emphasis>not</emphasis> recommended "
23279
23309
"for production environments."
23280
23310
msgstr ""
23281
23311
23282
#: serverguide/C/installation.xml:406(title)
23312
#: serverguide/C/installation.xml:413(title)
23283
23313
msgid "Advanced Installation"
23284
23314
msgstr "Napredna namestitev"
23285
23315
23286
#: serverguide/C/installation.xml:409(title)
23316
#: serverguide/C/installation.xml:416(title)
23287
23317
msgid "Software RAID"
23288
23318
msgstr ""
23289
23319
23290
#: serverguide/C/installation.xml:411(para)
23320
#: serverguide/C/installation.xml:418(para)
23291
23321
msgid ""
23292
23322
"Redundant Array of Independent Disks \"RAID\" is a method of using multiple "
23293
23323
"disks to provide different balances of increasing data reliability and/or "
23298
23328
"the drives 'invisibly')."
23299
23329
msgstr ""
23300
23330
23301
#: serverguide/C/installation.xml:419(para)
23331
#: serverguide/C/installation.xml:426(para)
23302
23332
msgid ""
23303
23333
"The RAID software included with current versions of Linux (and Ubuntu) is "
23304
23334
"based on the <application>'mdadm'</application> driver and works very well, "
23308
23338
"another for <emphasis>swap</emphasis>."
23309
23339
msgstr ""
23310
23340
23311
#: serverguide/C/virtualization.xml:716(title) serverguide/C/installation.xml:427(title)
23341
#: serverguide/C/installation.xml:434(title)
23312
23342
msgid "Partitioning"
23313
23343
msgstr "Razdeljevanje"
23314
23344
23315
#: serverguide/C/installation.xml:429(para) serverguide/C/installation.xml:951(para)
23345
#: serverguide/C/installation.xml:436(para) serverguide/C/installation.xml:958(para)
23316
23346
msgid ""
23317
23347
"Follow the installation steps until you get to the <emphasis>Partition "
23318
23348
"disks</emphasis> step, then:"
23319
23349
msgstr ""
23320
23350
23321
#: serverguide/C/installation.xml:436(para)
23351
#: serverguide/C/installation.xml:443(para)
23322
23352
msgid "Select <emphasis>Manual</emphasis> as the partition method."
23323
23353
msgstr "Kot način razdeljevanja izberite <emphasis>Ročno</emphasis>."
23324
23354
23325
#: serverguide/C/installation.xml:443(para)
23355
#: serverguide/C/installation.xml:450(para)
23326
23356
msgid ""
23327
23357
"Select the first hard drive, and agree to <emphasis>\"Create a new empty "
23328
23358
"partition table on this device?\"</emphasis>."
23329
23359
msgstr ""
23330
23360
23331
#: serverguide/C/installation.xml:447(para)
23361
#: serverguide/C/installation.xml:454(para)
23332
23362
msgid ""
23333
23363
"Repeat this step for each drive you wish to be part of the RAID array."
23334
23364
msgstr ""
23335
23365
23336
#: serverguide/C/installation.xml:454(para)
23366
#: serverguide/C/installation.xml:461(para)
23337
23367
msgid ""
23338
23368
"Select the <emphasis>\"FREE SPACE\"</emphasis> on the first drive then "
23339
23369
"select <emphasis>\"Create a new partition\"</emphasis>."
23340
23370
msgstr ""
23341
23371
23342
#: serverguide/C/installation.xml:461(para)
23372
#: serverguide/C/installation.xml:468(para)
23343
23373
msgid ""
23344
23374
"Next, select the <emphasis>Size</emphasis> of the partition. This partition "
23345
23375
"will be the <emphasis>swap</emphasis> partition, and a general rule for swap "
23347
23377
"<emphasis>Primary</emphasis>, then <emphasis>Beginning</emphasis>."
23348
23378
msgstr ""
23349
23379
23350
#: serverguide/C/installation.xml:468(para)
23380
#: serverguide/C/installation.xml:475(para)
23351
23381
msgid ""
23352
23382
"A swap partition size of twice the available RAM capacity may not always be "
23353
23383
"desirable, especially on systems with large amounts of RAM. Calculating the "
23355
23385
"going to be used."
23356
23386
msgstr ""
23357
23387
23358
#: serverguide/C/installation.xml:477(para)
23388
#: serverguide/C/installation.xml:484(para)
23359
23389
msgid ""
23360
23390
"Select the <emphasis>\"Use as:\"</emphasis> line at the top. By default this "
23361
23391
"is <emphasis role=\"italic\">\"Ext4 journaling file system\"</emphasis>, "
23363
23393
"<emphasis>\"Done setting up partition\"</emphasis>."
23364
23394
msgstr ""
23365
23395
23366
#: serverguide/C/installation.xml:486(para)
23396
#: serverguide/C/installation.xml:493(para)
23367
23397
msgid ""
23368
23398
"For the <emphasis>/</emphasis> partition once again select <emphasis>\"Free "
23369
23399
"Space\"</emphasis> on the first drive then <emphasis>\"Create a new "
23370
23400
"partition\"</emphasis>."
23371
23401
msgstr ""
23372
23402
23373
#: serverguide/C/installation.xml:494(para)
23403
#: serverguide/C/installation.xml:501(para)
23374
23404
msgid ""
23375
23405
"Use the rest of the free space on the drive and choose "
23376
23406
"<emphasis>Continue</emphasis>, then <emphasis>Primary</emphasis>."
23377
23407
msgstr ""
23378
23408
23379
#: serverguide/C/installation.xml:501(para)
23409
#: serverguide/C/installation.xml:508(para)
23380
23410
msgid ""
23381
23411
"As with the swap partition, select the <emphasis>\"Use as:\"</emphasis> line "
23382
23412
"at the top, changing it to <emphasis>\"physical volume for "
23385
23415
"<emphasis>\"Done setting up partition\"</emphasis>."
23386
23416
msgstr ""
23387
23417
23388
#: serverguide/C/installation.xml:511(para)
23418
#: serverguide/C/installation.xml:518(para)
23389
23419
msgid "Repeat steps three through eight for the other disk and partitions."
23390
23420
msgstr ""
23391
23421
23392
#: serverguide/C/installation.xml:520(title)
23422
#: serverguide/C/installation.xml:527(title)
23393
23423
msgid "RAID Configuration"
23394
23424
msgstr ""
23395
23425
23396
#: serverguide/C/installation.xml:522(para)
23426
#: serverguide/C/installation.xml:529(para)
23397
23427
msgid "With the partitions setup the arrays are ready to be configured:"
23398
23428
msgstr ""
23399
23429
23400
#: serverguide/C/installation.xml:529(para)
23430
#: serverguide/C/installation.xml:536(para)
23401
23431
msgid ""
23402
23432
"Back in the main \"Partition Disks\" page, select <emphasis>\"Configure "
23403
23433
"Software RAID\"</emphasis> at the top."
23404
23434
msgstr ""
23405
23435
23406
#: serverguide/C/installation.xml:536(para)
23436
#: serverguide/C/installation.xml:543(para)
23407
23437
msgid "Select <emphasis>\"yes\"</emphasis> to write the changes to disk."
23408
23438
msgstr ""
23409
23439
23410
#: serverguide/C/installation.xml:543(para)
23440
#: serverguide/C/installation.xml:550(para)
23411
23441
msgid "Choose <emphasis>\"Create MD device\"</emphasis>."
23412
23442
msgstr ""
23413
23443
23414
#: serverguide/C/installation.xml:550(para)
23444
#: serverguide/C/installation.xml:557(para)
23415
23445
msgid ""
23416
23446
"For this example, select <emphasis>\"RAID1\"</emphasis>, but if you are "
23417
23447
"using a different setup choose the appropriate type (RAID0 RAID1 RAID5)."
23419
23449
"Za ta primer izberite <emphasis>\"RAID1\"</emphasis>. V primeru, da "
23420
23450
"uporabljate drugo postavitev, izberite primerno vrsto (RAID0, RAID1, RAID5)."
23421
23451
23422
#: serverguide/C/installation.xml:556(para)
23452
#: serverguide/C/installation.xml:563(para)
23423
23453
msgid ""
23424
23454
"In order to use <emphasis>RAID5</emphasis> you need at least "
23425
23455
"<emphasis>three</emphasis> drives. Using RAID0 or RAID1 only "
23429
23459
"<emphasis>tri</emphasis> pogone. Uporaba RAID0 ali RAID1 zahteva samo "
23430
23460
"<emphasis>dva</emphasis> pogona."
23431
23461
23432
#: serverguide/C/installation.xml:565(para)
23462
#: serverguide/C/installation.xml:572(para)
23433
23463
msgid ""
23434
23464
"Enter the number of active devices <emphasis>\"2\"</emphasis>, or the amount "
23435
23465
"of hard drives you have, for the array. Then select "
23436
23466
"<emphasis>\"Continue\"</emphasis>."
23437
23467
msgstr ""
23438
23468
23439
#: serverguide/C/installation.xml:573(para)
23469
#: serverguide/C/installation.xml:580(para)
23440
23470
msgid ""
23441
23471
"Next, enter the number of spare devices <emphasis>\"0\"</emphasis> by "
23442
23472
"default, then choose <emphasis>\"Continue\"</emphasis>."
23443
23473
msgstr ""
23444
23474
23445
#: serverguide/C/installation.xml:580(para)
23475
#: serverguide/C/installation.xml:587(para)
23446
23476
msgid ""
23447
23477
"Choose which partitions to use. Generally they will be sda1, sdb1, sdc1, "
23448
23478
"etc. The numbers will usually match and the different letters correspond to "
23449
23479
"different hard drives."
23450
23480
msgstr ""
23451
23481
23452
#: serverguide/C/installation.xml:585(para)
23482
#: serverguide/C/installation.xml:592(para)
23453
23483
msgid ""
23454
23484
"For the <emphasis>swap</emphasis> partition choose <emphasis>sda1</emphasis> "
23455
23485
"and <emphasis>sdb1</emphasis>. Select <emphasis>\"Continue\"</emphasis> to "
23456
23486
"go to the next step."
23457
23487
msgstr ""
23458
23488
23459
#: serverguide/C/installation.xml:593(para)
23489
#: serverguide/C/installation.xml:600(para)
23460
23490
msgid ""
23461
23491
"Repeat steps <emphasis>three</emphasis> through <emphasis>seven</emphasis> "
23462
23492
"for the <emphasis>/</emphasis> partition choosing <emphasis>sda2</emphasis> "
23463
23493
"and <emphasis>sdb2</emphasis>."
23464
23494
msgstr ""
23465
23495
23466
#: serverguide/C/installation.xml:601(para)
23496
#: serverguide/C/installation.xml:608(para)
23467
23497
msgid "Once done select <emphasis>\"Finish\"</emphasis>."
23468
23498
msgstr ""
23469
23499
23470
#: serverguide/C/installation.xml:611(title)
23500
#: serverguide/C/installation.xml:618(title)
23471
23501
msgid "Formatting"
23472
23502
msgstr "Formatiranje"
23473
23503
23474
#: serverguide/C/installation.xml:613(para)
23504
#: serverguide/C/installation.xml:620(para)
23475
23505
msgid ""
23476
23506
"There should now be a list of hard drives and RAID devices. The next step is "
23477
23507
"to format and set the mount point for the RAID devices. Treat the RAID "
23478
23508
"device as a local hard drive, format and mount accordingly."
23479
23509
msgstr ""
23480
23510
23481
#: serverguide/C/installation.xml:621(para)
23511
#: serverguide/C/installation.xml:628(para)
23482
23512
msgid ""
23483
23513
"Select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
23484
23514
"#0\"</emphasis> partition."
23485
23515
msgstr ""
23486
23516
23487
#: serverguide/C/installation.xml:628(para)
23517
#: serverguide/C/installation.xml:635(para)
23488
23518
msgid ""
23489
23519
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"swap "
23490
23520
"area\"</emphasis>, then <emphasis>\"Done setting up partition\"</emphasis>."
23491
23521
msgstr ""
23492
23522
23493
#: serverguide/C/installation.xml:636(para)
23523
#: serverguide/C/installation.xml:643(para)
23494
23524
msgid ""
23495
23525
"Next, select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
23496
23526
"#1\"</emphasis> partition."
23497
23527
msgstr ""
23498
23528
23499
#: serverguide/C/installation.xml:643(para)
23529
#: serverguide/C/installation.xml:650(para)
23500
23530
msgid ""
23501
23531
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"Ext4 "
23502
23532
"journaling file system\"</emphasis>."
23503
23533
msgstr ""
23504
23534
23505
#: serverguide/C/installation.xml:650(para)
23535
#: serverguide/C/installation.xml:657(para)
23506
23536
msgid ""
23507
23537
"Then select the <emphasis>\"Mount point\"</emphasis> and choose "
23508
23538
"<emphasis>\"/ - the root file system\"</emphasis>. Change any of the other "
23510
23540
"partition\"</emphasis>."
23511
23541
msgstr ""
23512
23542
23513
#: serverguide/C/installation.xml:658(para)
23543
#: serverguide/C/installation.xml:665(para)
23514
23544
msgid ""
23515
23545
"Finally, select <emphasis>\"Finish partitioning and write changes to "
23516
23546
"disk\"</emphasis>."
23517
23547
msgstr ""
23518
23548
23519
#: serverguide/C/installation.xml:665(para)
23549
#: serverguide/C/installation.xml:672(para)
23520
23550
msgid ""
23521
23551
"If you choose to place the root partition on a RAID array, the installer "
23522
23552
"will then ask if you would like to boot in a <emphasis>degraded</emphasis> "
23523
23553
"state. See <xref linkend=\"raid-degraded\"/> for further details."
23524
23554
msgstr ""
23525
23555
23526
#: serverguide/C/installation.xml:670(para)
23556
#: serverguide/C/installation.xml:677(para)
23527
23557
msgid "The installation process will then continue normally."
23528
23558
msgstr ""
23529
23559
23530
#: serverguide/C/installation.xml:676(title)
23560
#: serverguide/C/installation.xml:683(title)
23531
23561
msgid "Degraded RAID"
23532
23562
msgstr ""
23533
23563
23534
#: serverguide/C/installation.xml:678(para)
23564
#: serverguide/C/installation.xml:685(para)
23535
23565
msgid ""
23536
23566
"At some point in the life of the computer a disk failure event may occur. "
23537
23567
"When this happens, using Software RAID, the operating system will place the "
23538
23568
"array into what is known as a <emphasis>degraded</emphasis> state."
23539
23569
msgstr ""
23540
23570
23541
#: serverguide/C/installation.xml:683(para)
23571
#: serverguide/C/installation.xml:690(para)
23542
23572
msgid ""
23543
23573
"If the array has become degraded, due to the chance of data corruption, by "
23544
23574
"default Ubuntu Server Edition will boot to <emphasis>initramfs</emphasis> "
23549
23579
"Booting to a degraded array can be configured several ways:"
23550
23580
msgstr ""
23551
23581
23552
#: serverguide/C/installation.xml:694(para)
23582
#: serverguide/C/installation.xml:701(para)
23553
23583
msgid ""
23554
23584
"The <application>dpkg-reconfigure</application> utility can be used to "
23555
23585
"configure the default behavior, and during the process you will be queried "
23558
23588
"following:"
23559
23589
msgstr ""
23560
23590
23561
#: serverguide/C/installation.xml:701(command)
23591
#: serverguide/C/installation.xml:708(command)
23562
23592
msgid "sudo dpkg-reconfigure mdadm"
23563
23593
msgstr "sudo dpkg-reconfigure mdadm"
23564
23594
23565
#: serverguide/C/installation.xml:707(para)
23595
#: serverguide/C/installation.xml:714(para)
23566
23596
msgid ""
23567
23597
"The <command>dpkg-reconfigure mdadm</command> process will change the "
23568
23598
"<filename>/etc/initramfs-tools/conf.d/mdadm</filename> configuration file. "
23570
23600
"behavior, and can also be manually edited:"
23571
23601
msgstr ""
23572
23602
23573
#: serverguide/C/installation.xml:713(programlisting)
23603
#: serverguide/C/installation.xml:720(programlisting)
23574
23604
#, no-wrap
23575
23605
msgid ""
23576
23606
"\n"
23579
23609
"\n"
23580
23610
"BOOT_DEGRADED=true\n"
23581
23611
23582
#: serverguide/C/installation.xml:718(para)
23612
#: serverguide/C/installation.xml:725(para)
23583
23613
msgid "The configuration file can be overridden by using a Kernel argument."
23584
23614
msgstr ""
23585
23615
23586
#: serverguide/C/installation.xml:726(para)
23616
#: serverguide/C/installation.xml:733(para)
23587
23617
msgid ""
23588
23618
"Using a Kernel argument will allow the system to boot to a degraded array as "
23589
23619
"well:"
23590
23620
msgstr ""
23591
23621
23592
#: serverguide/C/installation.xml:732(para)
23622
#: serverguide/C/installation.xml:739(para)
23593
23623
msgid ""
23594
23624
"When the server is booting press <keycap>Shift</keycap> to open the "
23595
23625
"<application>Grub</application> menu."
23596
23626
msgstr ""
23597
23627
23598
#: serverguide/C/installation.xml:737(para)
23628
#: serverguide/C/installation.xml:744(para)
23599
23629
msgid "Press <keycap>e</keycap> to edit your kernel command options."
23600
23630
msgstr ""
23601
23631
23602
#: serverguide/C/installation.xml:742(para)
23632
#: serverguide/C/installation.xml:749(para)
23603
23633
msgid "Press the <keycap>down</keycap> arrow to highlight the kernel line."
23604
23634
msgstr ""
23605
23635
23606
#: serverguide/C/installation.xml:747(para)
23636
#: serverguide/C/installation.xml:754(para)
23607
23637
msgid ""
23608
23638
"Add <emphasis>\"bootdegraded=true\"</emphasis> (without the quotes) to the "
23609
23639
"end of the line."
23610
23640
msgstr ""
23611
23641
23612
#: serverguide/C/installation.xml:752(para)
23642
#: serverguide/C/installation.xml:759(para)
23613
23643
msgid ""
23614
23644
"Press <keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo> to boot "
23615
23645
"the system."
23617
23647
"Za zagon sistema pritisnite "
23618
23648
"<keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo>."
23619
23649
23620
#: serverguide/C/installation.xml:761(para)
23650
#: serverguide/C/installation.xml:768(para)
23621
23651
msgid ""
23622
23652
"Once the system has booted you can either repair the array see <xref "
23623
23653
"linkend=\"raid-maintenance\"/> for details, or copy important data to "
23624
23654
"another machine due to major hardware failure."
23625
23655
msgstr ""
23626
23656
23627
#: serverguide/C/installation.xml:768(title)
23657
#: serverguide/C/installation.xml:775(title)
23628
23658
msgid "RAID Maintenance"
23629
23659
msgstr "Vzdrževanje polja RAID"
23630
23660
23631
#: serverguide/C/installation.xml:770(para)
23661
#: serverguide/C/installation.xml:777(para)
23632
23662
msgid ""
23633
23663
"The <application>mdadm</application> utility can be used to view the status "
23634
23664
"of an array, add disks to an array, remove disks, etc:"
23635
23665
msgstr ""
23636
23666
23637
#: serverguide/C/installation.xml:777(para)
23667
#: serverguide/C/installation.xml:784(para)
23638
23668
msgid "To view the status of an array, from a terminal prompt enter:"
23639
23669
msgstr ""
23640
23670
23641
#: serverguide/C/installation.xml:781(command)
23671
#: serverguide/C/installation.xml:788(command)
23642
23672
msgid "sudo mdadm -D /dev/md0"
23643
23673
msgstr "sudo mdadm -D /dev/md0"
23644
23674
23645
#: serverguide/C/installation.xml:784(para)
23675
#: serverguide/C/installation.xml:791(para)
23646
23676
msgid ""
23647
23677
"The <emphasis>-D</emphasis> tells <application>mdadm</application> to "
23648
23678
"display <emphasis>detailed</emphasis> information about the "
23650
23680
"with the appropriate RAID device."
23651
23681
msgstr ""
23652
23682
23653
#: serverguide/C/installation.xml:790(para)
23683
#: serverguide/C/installation.xml:797(para)
23654
23684
msgid "To view the status of a disk in an array:"
23655
23685
msgstr ""
23656
23686
23657
#: serverguide/C/installation.xml:794(command)
23687
#: serverguide/C/installation.xml:801(command)
23658
23688
msgid "sudo mdadm -E /dev/sda1"
23659
23689
msgstr "sudo mdadm -E /dev/sda1"
23660
23690
23661
#: serverguide/C/installation.xml:796(para)
23691
#: serverguide/C/installation.xml:803(para)
23662
23692
msgid ""
23663
23693
"The output if very similar to the <command>mdadm -D</command> command, "
23664
23694
"adjust <filename>/dev/sda1</filename> for each disk."
23665
23695
msgstr ""
23666
23696
23667
#: serverguide/C/installation.xml:801(para)
23697
#: serverguide/C/installation.xml:808(para)
23668
23698
msgid "If a disk fails and needs to be removed from an array enter:"
23669
23699
msgstr ""
23670
23700
23671
#: serverguide/C/installation.xml:805(command)
23701
#: serverguide/C/installation.xml:812(command)
23672
23702
msgid "sudo mdadm --remove /dev/md0 /dev/sda1"
23673
23703
msgstr "sudo mdadm --remove /dev/md0 /dev/sda1"
23674
23704
23675
#: serverguide/C/installation.xml:807(para)
23705
#: serverguide/C/installation.xml:814(para)
23676
23706
msgid ""
23677
23707
"Change <filename>/dev/md0</filename> and <filename>/dev/sda1</filename> to "
23678
23708
"the appropriate RAID device and disk."
23679
23709
msgstr ""
23680
23710
23681
#: serverguide/C/installation.xml:812(para)
23711
#: serverguide/C/installation.xml:819(para)
23682
23712
msgid "Similarly, to add a new disk:"
23683
23713
msgstr ""
23684
23714
23685
#: serverguide/C/installation.xml:816(command)
23715
#: serverguide/C/installation.xml:823(command)
23686
23716
msgid "sudo mdadm --add /dev/md0 /dev/sda1"
23687
23717
msgstr "sudo mdadm --add /dev/md0 /dev/sda1"
23688
23718
23689
#: serverguide/C/installation.xml:821(para)
23719
#: serverguide/C/installation.xml:828(para)
23690
23720
msgid ""
23691
23721
"Sometimes a disk can change to a <emphasis>faulty</emphasis> state even "
23692
23722
"though there is nothing physically wrong with the drive. It is usually "
23695
23725
"the array, it is a good indication of hardware failure."
23696
23726
msgstr ""
23697
23727
23698
#: serverguide/C/installation.xml:827(para)
23728
#: serverguide/C/installation.xml:834(para)
23699
23729
msgid ""
23700
23730
"The <filename>/proc/mdstat</filename> file also contains useful information "
23701
23731
"about the system's RAID devices:"
23702
23732
msgstr ""
23703
23733
23704
#: serverguide/C/installation.xml:832(command)
23734
#: serverguide/C/installation.xml:839(command)
23705
23735
msgid "cat /proc/mdstat"
23706
23736
msgstr "cat /proc/mdstat"
23707
23737
23708
#: serverguide/C/installation.xml:833(computeroutput)
23738
#: serverguide/C/installation.xml:840(computeroutput)
23709
23739
#, no-wrap
23710
23740
msgid ""
23711
23741
"Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] "
23716
23746
"unused devices: <none>"
23717
23747
msgstr ""
23718
23748
23719
#: serverguide/C/installation.xml:840(para)
23749
#: serverguide/C/installation.xml:847(para)
23720
23750
msgid ""
23721
23751
"The following command is great for watching the status of a syncing drive:"
23722
23752
msgstr ""
23723
23753
23724
#: serverguide/C/installation.xml:845(command)
23754
#: serverguide/C/installation.xml:852(command)
23725
23755
msgid "watch -n1 cat /proc/mdstat"
23726
23756
msgstr "watch -n1 cat /proc/mdstat"
23727
23757
23728
#: serverguide/C/installation.xml:848(para)
23758
#: serverguide/C/installation.xml:855(para)
23729
23759
msgid ""
23730
23760
"Press <emphasis>Ctrl+c</emphasis> to stop the "
23731
23761
"<application>watch</application> command."
23732
23762
msgstr ""
23733
23763
23734
#: serverguide/C/installation.xml:852(para)
23764
#: serverguide/C/installation.xml:859(para)
23735
23765
msgid ""
23736
23766
"If you do need to replace a faulty drive, after the drive has been replaced "
23737
23767
"and synced, <application>grub</application> will need to be installed. To "
23739
23769
"following:"
23740
23770
msgstr ""
23741
23771
23742
#: serverguide/C/installation.xml:858(command)
23772
#: serverguide/C/installation.xml:865(command)
23743
23773
msgid "sudo grub-install /dev/md0"
23744
23774
msgstr "sudo grub-install /dev/md0"
23745
23775
23746
#: serverguide/C/installation.xml:861(para)
23776
#: serverguide/C/installation.xml:868(para)
23747
23777
msgid ""
23748
23778
"Replace <filename>/dev/md0</filename> with the appropriate array device name."
23749
23779
msgstr ""
23750
23780
23751
#: serverguide/C/installation.xml:869(para)
23781
#: serverguide/C/installation.xml:876(para)
23752
23782
msgid ""
23753
23783
"The topic of RAID arrays is a complex one due to the plethora of ways RAID "
23754
23784
"can be configured. Please see the following links for more information:"
23755
23785
msgstr ""
23756
23786
23757
#: serverguide/C/installation.xml:876(para)
23787
#: serverguide/C/installation.xml:883(para)
23758
23788
msgid ""
23759
23789
"<ulink url=\"https://help.ubuntu.com/community/Installation#raid\">Ubuntu "
23760
23790
"Wiki Articles on RAID</ulink>."
23761
23791
msgstr ""
23762
23792
23763
#: serverguide/C/installation.xml:882(ulink)
23793
#: serverguide/C/installation.xml:889(ulink) serverguide/C/installation.xml:1164(ulink)
23764
23794
msgid "Software RAID HOWTO"
23765
23795
msgstr ""
23766
23796
23767
#: serverguide/C/installation.xml:887(ulink)
23797
#: serverguide/C/installation.xml:894(ulink)
23768
23798
msgid "Managing RAID on Linux"
23769
23799
msgstr ""
23770
23800
23771
#: serverguide/C/installation.xml:894(title)
23801
#: serverguide/C/installation.xml:901(title)
23772
23802
msgid "Logical Volume Manager (LVM)"
23773
23803
msgstr ""
23774
23804
23775
#: serverguide/C/installation.xml:896(para)
23805
#: serverguide/C/installation.xml:903(para)
23776
23806
msgid ""
23777
23807
"Logical Volume Manger, or <emphasis>LVM</emphasis>, allows administrators to "
23778
23808
"create <emphasis>logical</emphasis> volumes out of one or multiple physical "
23781
23811
"giving greater flexibility to systems as requirements change."
23782
23812
msgstr ""
23783
23813
23784
#: serverguide/C/installation.xml:905(para)
23814
#: serverguide/C/installation.xml:912(para)
23785
23815
msgid ""
23786
23816
"A side effect of LVM's power and flexibility is a greater degree of "
23787
23817
"complication. Before diving into the LVM installation process, it is best to "
23788
23818
"get familiar with some terms."
23789
23819
msgstr ""
23790
23820
23791
#: serverguide/C/installation.xml:912(para)
23821
#: serverguide/C/installation.xml:919(para)
23792
23822
msgid ""
23793
23823
"<emphasis>Physical Volume (PV):</emphasis> physical hard disk, disk "
23794
23824
"partition or software RAID partition formatted as LVM PV."
23795
23825
msgstr ""
23796
23826
23797
#: serverguide/C/installation.xml:918(para)
23827
#: serverguide/C/installation.xml:925(para)
23798
23828
msgid ""
23799
23829
"<emphasis>Volume Group (VG):</emphasis> is made from one or more physical "
23800
23830
"volumes. A VG can can be extended by adding more PVs. A VG is like a virtual "
23801
23831
"disk drive, from which one or more logical volumes are carved."
23802
23832
msgstr ""
23803
23833
23804
#: serverguide/C/installation.xml:924(para)
23834
#: serverguide/C/installation.xml:931(para)
23805
23835
msgid ""
23806
23836
"<emphasis>Logical Volume (LV):</emphasis> is similar to a partition in a non-"
23807
23837
"LVM system. A LV is formatted with the desired file system (EXT3, XFS, JFS, "
23808
23838
"etc), it is then available for mounting and data storage."
23809
23839
msgstr ""
23810
23840
23811
#: serverguide/C/installation.xml:935(para)
23841
#: serverguide/C/installation.xml:942(para)
23812
23842
msgid ""
23813
23843
"As an example this section covers installing Ubuntu Server Edition with "
23814
23844
"<filename role=\"directory\">/srv</filename> mounted on a LVM volume. During "
23817
23847
"can be extended."
23818
23848
msgstr ""
23819
23849
23820
#: serverguide/C/installation.xml:941(para)
23850
#: serverguide/C/installation.xml:948(para)
23821
23851
msgid ""
23822
23852
"There are several installation options for LVM, <emphasis>\"Guided - use the "
23823
23853
"entire disk and setup LVM\"</emphasis> which will also allow you to assign a "
23828
23858
"the Manual approach."
23829
23859
msgstr ""
23830
23860
23831
#: serverguide/C/installation.xml:958(para)
23861
#: serverguide/C/installation.xml:965(para)
23832
23862
msgid ""
23833
23863
"At the <emphasis>\"Partition Disks</emphasis> screen choose "
23834
23864
"<emphasis>\"Manual\"</emphasis>."
23835
23865
msgstr ""
23836
23866
23837
#: serverguide/C/installation.xml:965(para)
23867
#: serverguide/C/installation.xml:972(para)
23838
23868
msgid ""
23839
23869
"Select the hard disk and on the next screen choose \"yes\" to "
23840
23870
"<emphasis>\"Create a new empty partition table on this device\"</emphasis>."
23841
23871
msgstr ""
23842
23872
23843
#: serverguide/C/installation.xml:972(para)
23873
#: serverguide/C/installation.xml:979(para)
23844
23874
msgid ""
23845
23875
"Next, create standard <emphasis>/boot</emphasis>, <emphasis>swap</emphasis>, "
23846
23876
"and <emphasis>/</emphasis> partitions with whichever filesystem you prefer."
23847
23877
msgstr ""
23848
23878
23849
#: serverguide/C/installation.xml:980(para)
23879
#: serverguide/C/installation.xml:987(para)
23850
23880
msgid ""
23851
23881
"For the LVM <emphasis>/srv</emphasis>, create a new "
23852
23882
"<emphasis>Logical</emphasis> partition. Then change <emphasis>\"Use "
23854
23884
"<emphasis>\"Done setting up the partition\"</emphasis>."
23855
23885
msgstr ""
23856
23886
23857
#: serverguide/C/installation.xml:988(para)
23887
#: serverguide/C/installation.xml:995(para)
23858
23888
msgid ""
23859
23889
"Now select <emphasis>\"Configure the Logical Volume Manager\"</emphasis> at "
23860
23890
"the top, and choose <emphasis>\"Yes\"</emphasis> to write the changes to "
23861
23891
"disk."
23862
23892
msgstr ""
23863
23893
23864
#: serverguide/C/installation.xml:996(para)
23894
#: serverguide/C/installation.xml:1003(para)
23865
23895
msgid ""
23866
23896
"For the <emphasis>\"LVM configuration action\"</emphasis> on the next "
23867
23897
"screen, choose <emphasis>\"Create volume group\"</emphasis>. Enter a name "
23870
23900
"<emphasis>\"Continue\"</emphasis>."
23871
23901
msgstr ""
23872
23902
23873
#: serverguide/C/installation.xml:1005(para)
23903
#: serverguide/C/installation.xml:1012(para)
23874
23904
msgid ""
23875
23905
"Back at the <emphasis>\"LVM configuration action\"</emphasis> screen, select "
23876
23906
"<emphasis>\"Create logical volume\"</emphasis>. Select the newly created "
23881
23911
"main <emphasis>\"Partition Disks\"</emphasis> screen."
23882
23912
msgstr ""
23883
23913
23884
#: serverguide/C/installation.xml:1015(para)
23914
#: serverguide/C/installation.xml:1022(para)
23885
23915
msgid ""
23886
23916
"Now add a filesystem to the new LVM. Select the partition under "
23887
23917
"<emphasis>\"LVM VG vg01, LV srv\"</emphasis>, or whatever name you have "
23890
23920
"select <emphasis>\"Done setting up the partition\"</emphasis>."
23891
23921
msgstr ""
23892
23922
23893
#: serverguide/C/installation.xml:1024(para)
23923
#: serverguide/C/installation.xml:1031(para)
23894
23924
msgid ""
23895
23925
"Finally, select <emphasis>\"Finish partitioning and write changes to "
23896
23926
"disk\"</emphasis>. Then confirm the changes and continue with the rest of "
23897
23927
"the installation."
23898
23928
msgstr ""
23899
23929
23900
#: serverguide/C/installation.xml:1032(para)
23930
#: serverguide/C/installation.xml:1039(para)
23901
23931
msgid "There are some useful utilities to view information about LVM:"
23902
23932
msgstr ""
23903
23933
23904
#: serverguide/C/installation.xml:1037(para)
23934
#: serverguide/C/installation.xml:1044(para)
23905
23935
msgid ""
23906
23936
"<emphasis>pvdisplay:</emphasis> shows information about Physical Volumes."
23907
23937
msgstr ""
23908
23938
23909
#: serverguide/C/installation.xml:1038(para)
23939
#: serverguide/C/installation.xml:1045(para)
23910
23940
msgid ""
23911
23941
"<emphasis>vgdisplay:</emphasis> shows information about Volume Groups."
23912
23942
msgstr ""
23913
23943
23914
#: serverguide/C/installation.xml:1039(para)
23944
#: serverguide/C/installation.xml:1046(para)
23915
23945
msgid ""
23916
23946
"<emphasis>lvdisplay:</emphasis> shows information about Logical Volumes."
23917
23947
msgstr ""
23918
23948
23919
#: serverguide/C/installation.xml:1044(title)
23949
#: serverguide/C/installation.xml:1051(title)
23920
23950
msgid "Extending Volume Groups"
23921
23951
msgstr ""
23922
23952
23923
#: serverguide/C/installation.xml:1046(para)
23953
#: serverguide/C/installation.xml:1053(para)
23924
23954
msgid ""
23925
23955
"Continuing with <emphasis>srv</emphasis> as an LVM volume example, this "
23926
23956
"section covers adding a second hard disk, creating a Physical Volume (PV), "
23932
23962
"partitions and use them as different physical volumes)"
23933
23963
msgstr ""
23934
23964
23935
#: serverguide/C/installation.xml:1054(para)
23965
#: serverguide/C/installation.xml:1061(para)
23936
23966
msgid ""
23937
23967
"Make sure you don't already have an existing <filename>/dev/sdb</filename> "
23938
23968
"before issuing the commands below. You could lose some data if you issue "
23939
23969
"those commands on a non-empty disk."
23940
23970
msgstr ""
23941
23971
23942
#: serverguide/C/installation.xml:1062(para)
23972
#: serverguide/C/installation.xml:1069(para)
23943
23973
msgid "First, create the physical volume, in a terminal execute:"
23944
23974
msgstr ""
23945
23975
23946
#: serverguide/C/installation.xml:1067(command)
23976
#: serverguide/C/installation.xml:1074(command)
23947
23977
msgid "sudo pvcreate /dev/sdb"
23948
23978
msgstr "sudo pvcreate /dev/sdb"
23949
23979
23950
#: serverguide/C/installation.xml:1073(para)
23980
#: serverguide/C/installation.xml:1080(para)
23951
23981
msgid "Now extend the Volume Group (VG):"
23952
23982
msgstr ""
23953
23983
23954
#: serverguide/C/installation.xml:1078(command)
23984
#: serverguide/C/installation.xml:1085(command)
23955
23985
msgid "sudo vgextend vg01 /dev/sdb"
23956
23986
msgstr "sudo vgextend vg01 /dev/sdb"
23957
23987
23958
#: serverguide/C/installation.xml:1084(para)
23988
#: serverguide/C/installation.xml:1091(para)
23959
23989
msgid ""
23960
23990
"Use <application>vgdisplay</application> to find out the free physical "
23961
23991
"extents - Free PE / size (the size you can allocate). We will assume a free "
23963
23993
"whole free space available. Use your own PE and/or free space."
23964
23994
msgstr ""
23965
23995
23966
#: serverguide/C/installation.xml:1090(para)
23996
#: serverguide/C/installation.xml:1097(para)
23967
23997
msgid ""
23968
23998
"The Logical Volume (LV) can now be extended by different methods, we will "
23969
23999
"only see how to use the PE to extend the LV:"
23970
24000
msgstr ""
23971
24001
23972
#: serverguide/C/installation.xml:1095(command)
24002
#: serverguide/C/installation.xml:1102(command)
23973
24003
msgid "sudo lvextend /dev/vg01/srv -l +511"
23974
24004
msgstr "sudo lvextend /dev/vg01/srv -l +511"
23975
24005
23976
#: serverguide/C/installation.xml:1098(para)
24006
#: serverguide/C/installation.xml:1105(para)
23977
24007
msgid ""
23978
24008
"The <emphasis>-l</emphasis> option allows the LV to be extended using PE. "
23979
24009
"The <emphasis>-L</emphasis> option allows the LV to be extended using Meg, "
23980
24010
"Gig, Tera, etc bytes."
23981
24011
msgstr ""
23982
24012
23983
#: serverguide/C/installation.xml:1106(para)
24013
#: serverguide/C/installation.xml:1113(para)
23984
24014
msgid ""
23985
24015
"Even though you are supposed to be able to <emphasis>expand</emphasis> an "
23986
24016
"ext3 or ext4 filesystem without unmounting it first, it may be a good "
23989
24019
"first is compulsory)."
23990
24020
msgstr ""
23991
24021
23992
#: serverguide/C/installation.xml:1112(para)
24022
#: serverguide/C/installation.xml:1119(para)
23993
24023
msgid ""
23994
24024
"The following commands are for an <emphasis>EXT3</emphasis> or "
23995
24025
"<emphasis>EXT4</emphasis> filesystem. If you are using another filesystem "
23996
24026
"there may be other utilities available."
23997
24027
msgstr ""
23998
24028
23999
#: serverguide/C/installation.xml:1119(command)
24000
msgid "sudo e2fsck -f /dev/vg01/srv"
24001
msgstr "sudo e2fsck -f /dev/vg01/srv"
24002
24003
#: serverguide/C/installation.xml:1122(para)
24004
msgid ""
24005
"The <emphasis>-f</emphasis> option of <application>e2fsck</application> "
24006
"forces checking even if the system seems clean."
24007
msgstr ""
24008
24009
#: serverguide/C/installation.xml:1129(para)
24010
msgid "Finally, resize the filesystem:"
24011
msgstr ""
24012
24013
#: serverguide/C/installation.xml:1134(command)
24014
msgid "sudo resize2fs /dev/vg01/srv"
24015
msgstr "sudo resize2fs /dev/vg01/srv"
24016
24017
#: serverguide/C/installation.xml:1140(para)
24029
#: serverguide/C/installation.xml:1127(para) serverguide/C/installation.xml:1130(para) serverguide/C/installation.xml:1133(para)
24018
24030
msgid "Now mount the partition and check its size."
24019
24031
msgstr ""
24020
24032
24021
#: serverguide/C/installation.xml:1145(command)
24033
#: serverguide/C/installation.xml:1136(para)
24034
msgid ""
24035
"asldkjf sdkja;lkjfeoi dfkjsljfe;lij sfljsefisjoij skfm;lwemf;e msdlfsadlkf;k."
24036
msgstr ""
24037
24038
#: serverguide/C/installation.xml:1141(command)
24022
24039
msgid "mount /dev/vg01/srv /srv && df -h /srv"
24023
24040
msgstr "mount /dev/vg01/srv /srv && df -h /srv"
24024
24041
24025
#: serverguide/C/installation.xml:1157(para)
24042
#: serverguide/C/installation.xml:1153(para)
24026
24043
msgid ""
24027
24044
"See the <ulink "
24028
24045
"url=\"https://help.ubuntu.com/community/Installation#lvm\">Ubuntu Wiki LVM "
24032
24049
"url=\"https://help.ubuntu.com/community/Installation#lvm\">članke LVM na "
24033
24050
"Ubuntu Wiki</ulink>."
24034
24051
24035
#: serverguide/C/installation.xml:1162(para)
24052
#: serverguide/C/installation.xml:1158(para)
24036
24053
msgid ""
24037
24054
"See the <ulink url=\"http://tldp.org/HOWTO/LVM-HOWTO/index.html\">LVM "
24038
24055
"HOWTO</ulink> for more information."
24039
24056
msgstr ""
24040
24057
24041
#: serverguide/C/installation.xml:1167(para)
24042
msgid ""
24043
"Another good article is <ulink "
24044
"url=\"http://www.linuxdevcenter.com/pub/a/linux/2006/04/27/managing-disk-"
24045
"space-with-lvm.html\">Managing Disk Space with LVM</ulink> on O'Reilly's "
24046
"linuxdevcenter.com site."
24047
msgstr ""
24048
24049
#: serverguide/C/installation.xml:1181(para)
24050
msgid ""
24051
"For more information on <application>fdisk</application> see the <ulink "
24052
"url=\"http://manpages.ubuntu.com/manpages/trusty/en/man8/fdisk.8.html\">fdisk"
24053
" man page</ulink>."
24054
msgstr ""
24055
24056
#: serverguide/C/installation.xml:1185(title)
24058
#: serverguide/C/installation.xml:1171(title)
24059
msgid "bla bla 4"
24060
msgstr ""
24061
24062
#: serverguide/C/installation.xml:1174(para)
24063
msgid "bla bla 4 para."
24064
msgstr ""
24065
24066
#: serverguide/C/installation.xml:1179(para)
24067
msgid "bla bla 5 para."
24068
msgstr ""
24069
24070
#: serverguide/C/installation.xml:1184(para)
24071
msgid "list item 1."
24072
msgstr ""
24073
24074
#: serverguide/C/installation.xml:1189(para)
24075
msgid "list item 2."
24076
msgstr ""
24077
24078
#: serverguide/C/installation.xml:1194(para)
24079
msgid "list item 3."
24080
msgstr ""
24081
24082
#: serverguide/C/installation.xml:1199(para)
24083
msgid "bla bla para"
24084
msgstr ""
24085
24086
#: serverguide/C/installation.xml:1204(para)
24087
msgid "bla bla 6 para."
24088
msgstr ""
24089
24090
#: serverguide/C/installation.xml:1209(para)
24091
msgid "bla bla 7 para."
24092
msgstr ""
24093
24094
#: serverguide/C/installation.xml:1214(para)
24095
msgid "bla bla 8 para."
24096
msgstr ""
24097
24098
#: serverguide/C/installation.xml:1219(para)
24099
msgid "bla bla 9 para."
24100
msgstr ""
24101
24102
#: serverguide/C/installation.xml:1226(title)
24103
msgid "bla bla 5"
24104
msgstr ""
24105
24106
#: serverguide/C/installation.xml:1229(title)
24107
msgid "bla bla 6"
24108
msgstr ""
24109
24110
#: serverguide/C/installation.xml:1232(title)
24111
msgid "bla bla 7"
24112
msgstr ""
24113
24114
#: serverguide/C/installation.xml:1235(title)
24115
msgid "bla bla 8"
24116
msgstr ""
24117
24118
#: serverguide/C/installation.xml:1238(title)
24119
msgid "bla bla 9"
24120
msgstr ""
24121
24122
#: serverguide/C/installation.xml:1241(title)
24123
msgid "bla bla a"
24124
msgstr ""
24125
24126
#: serverguide/C/installation.xml:1244(title)
24127
msgid "bla bla b"
24128
msgstr ""
24129
24130
#: serverguide/C/installation.xml:1247(title)
24131
msgid "bla bla c"
24132
msgstr ""
24133
24134
#: serverguide/C/installation.xml:1250(title)
24135
msgid "bla bla d"
24136
msgstr ""
24137
24138
#: serverguide/C/installation.xml:1253(title)
24139
msgid "bla bla e"
24140
msgstr ""
24141
24142
#: serverguide/C/installation.xml:1258(title)
24057
24143
msgid "Kernel Crash Dump"
24058
24144
msgstr ""
24059
24145
24060
#: serverguide/C/installation.xml:1192(para)
24146
#: serverguide/C/installation.xml:1265(para)
24061
24147
msgid "Kernel Panic"
24062
24148
msgstr ""
24063
24149
24064
#: serverguide/C/installation.xml:1193(para)
24150
#: serverguide/C/installation.xml:1266(para)
24065
24151
msgid "Non Maskable Interrupts (NMI)"
24066
24152
msgstr ""
24067
24153
24068
#: serverguide/C/installation.xml:1194(para)
24154
#: serverguide/C/installation.xml:1267(para)
24069
24155
msgid "Machine Check Exceptions (MCE)"
24070
24156
msgstr ""
24071
24157
24072
#: serverguide/C/installation.xml:1195(para)
24158
#: serverguide/C/installation.xml:1268(para)
24073
24159
msgid "Hardware failure"
24074
24160
msgstr ""
24075
24161
24076
#: serverguide/C/installation.xml:1196(para)
24162
#: serverguide/C/installation.xml:1269(para)
24077
24163
msgid "Manual intervention"
24078
24164
msgstr ""
24079
24165
24080
#: serverguide/C/installation.xml:1188(para)
24166
#: serverguide/C/installation.xml:1261(para)
24081
24167
msgid ""
24082
24168
"A Kernel Crash Dump refers to a portion of the contents of volatile memory "
24083
24169
"(RAM) that is copied to disk whenever the execution of the kernel is "
24091
24177
"memory contents."
24092
24178
msgstr ""
24093
24179
24094
#: serverguide/C/installation.xml:1205(title)
24180
#: serverguide/C/installation.xml:1278(title)
24095
24181
msgid "Kernel Crash Dump Mechanism"
24096
24182
msgstr ""
24097
24183
24098
#: serverguide/C/installation.xml:1207(para)
24184
#: serverguide/C/installation.xml:1280(para)
24099
24185
msgid ""
24100
24186
"When a kernel panic occurs, the kernel relies on the "
24101
24187
"<emphasis>kexec</emphasis> mechanism to quickly reboot a new instance of the "
24104
24190
"untouched in order to safely copy its contents to storage."
24105
24191
msgstr ""
24106
24192
24107
#: serverguide/C/installation.xml:1216(para)
24193
#: serverguide/C/installation.xml:1289(para)
24108
24194
msgid ""
24109
24195
"The kernel crash dump utility is installed with the following command:"
24110
24196
msgstr ""
24111
24197
24112
#: serverguide/C/installation.xml:1221(command)
24198
#: serverguide/C/installation.xml:1294(command)
24113
24199
msgid "sudo apt-get install linux-crashdump"
24114
24200
msgstr ""
24115
24201
24116
#: serverguide/C/installation.xml:1230(programlisting)
24202
#: serverguide/C/installation.xml:1303(programlisting)
24117
24203
#, no-wrap
24118
24204
msgid ""
24119
24205
"\n"
24120
24206
"USE_KDUMP=1\n"
24121
24207
msgstr ""
24122
24208
24123
#: serverguide/C/installation.xml:1228(para)
24209
#: serverguide/C/installation.xml:1301(para)
24124
24210
msgid ""
24125
"Edit <filename>/etc/default/kdump-tool</filename> by including the following "
24126
"line: <placeholder-1/>"
24211
"Edit <filename>/etc/default/kdump-tools</filename> by including the "
24212
"following line: <placeholder-1/>"
24127
24213
msgstr ""
24128
24214
24129
#: serverguide/C/installation.xml:1235(para)
24215
#: serverguide/C/installation.xml:1308(para)
24130
24216
msgid "A reboot is then needed."
24131
24217
msgstr ""
24132
24218
24133
#: serverguide/C/installation.xml:1244(para)
24219
#: serverguide/C/installation.xml:1317(para)
24134
24220
msgid ""
24135
24221
"To confirm that the kernel dump mechanism is enabled, there are a few things "
24136
24222
"to verify. First, confirm that the <emphasis>crashkernel</emphasis> boot "
24138
24224
"fit the format of this document:"
24139
24225
msgstr ""
24140
24226
24141
#: serverguide/C/installation.xml:1251(command)
24227
#: serverguide/C/installation.xml:1324(command)
24142
24228
msgid "cat /proc/cmdline"
24143
24229
msgstr ""
24144
24230
24145
#: serverguide/C/installation.xml:1252(computeroutput)
24231
#: serverguide/C/installation.xml:1325(computeroutput)
24146
24232
#, no-wrap
24147
24233
msgid ""
24148
24234
"\n"
24150
24236
" crashkernel=384M-2G:64M,2G-:128M\n"
24151
24237
msgstr ""
24152
24238
24153
#: serverguide/C/installation.xml:1260(programlisting)
24239
#: serverguide/C/installation.xml:1333(programlisting)
24154
24240
#, no-wrap
24155
24241
msgid ""
24156
24242
"\n"
24160
24246
" "
24161
24247
msgstr ""
24162
24248
24163
#: serverguide/C/installation.xml:1258(para)
24249
#: serverguide/C/installation.xml:1331(para)
24164
24250
msgid ""
24165
24251
"The <emphasis>crashkernel</emphasis> parameter has the following syntax: "
24166
24252
"<placeholder-1/>"
24167
24253
msgstr ""
24168
24254
24169
#: serverguide/C/installation.xml:1268(programlisting)
24255
#: serverguide/C/installation.xml:1341(programlisting)
24170
24256
#, no-wrap
24171
24257
msgid ""
24172
24258
"\n"
24173
24259
"crashkernel=384M-2G:64M,2G-:128M\n"
24174
24260
msgstr ""
24175
24261
24176
#: serverguide/C/installation.xml:1266(para)
24262
#: serverguide/C/installation.xml:1339(para)
24177
24263
msgid ""
24178
24264
"So for the crashkernel parameter found in <filename>/proc/cmdline</filename> "
24179
24265
"we would have : <placeholder-1/>"
24180
24266
msgstr ""
24181
24267
24182
#: serverguide/C/installation.xml:1273(para)
24268
#: serverguide/C/installation.xml:1346(para)
24183
24269
msgid "The above value means:"
24184
24270
msgstr ""
24185
24271
24186
#: serverguide/C/installation.xml:1275(para)
24272
#: serverguide/C/installation.xml:1348(para)
24187
24273
msgid ""
24188
24274
"if the RAM is smaller than 384M, then don't reserve anything (this is the "
24189
24275
"\"rescue\" case)"
24190
24276
msgstr ""
24191
24277
24192
#: serverguide/C/installation.xml:1277(para)
24278
#: serverguide/C/installation.xml:1350(para)
24193
24279
msgid "if the RAM size is between 386M and 2G (exclusive), then reserve 64M"
24194
24280
msgstr ""
24195
24281
24196
#: serverguide/C/installation.xml:1278(para)
24282
#: serverguide/C/installation.xml:1351(para)
24197
24283
msgid "if the RAM size is larger than 2G, then reserve 128M"
24198
24284
msgstr ""
24199
24285
24200
#: serverguide/C/installation.xml:1281(para)
24286
#: serverguide/C/installation.xml:1354(para)
24201
24287
msgid ""
24202
24288
"Second, verify that the kernel has reserved the requested memory area for "
24203
24289
"the kdump kernel by doing:"
24204
24290
msgstr ""
24205
24291
24206
#: serverguide/C/installation.xml:1286(command)
24292
#: serverguide/C/installation.xml:1359(command)
24207
24293
msgid "dmesg | grep -i crash"
24208
24294
msgstr ""
24209
24295
24210
#: serverguide/C/installation.xml:1287(computeroutput)
24296
#: serverguide/C/installation.xml:1360(computeroutput)
24211
24297
#, no-wrap
24212
24298
msgid ""
24213
24299
"\n"
24216
24302
"RAM: 1023MB)\n"
24217
24303
msgstr ""
24218
24304
24219
#: serverguide/C/installation.xml:1296(title)
24305
#: serverguide/C/installation.xml:1369(title)
24220
24306
msgid "Testing the Crash Dump Mechanism"
24221
24307
msgstr ""
24222
24308
24223
#: serverguide/C/installation.xml:1299(para)
24309
#: serverguide/C/installation.xml:1372(para)
24224
24310
msgid ""
24225
24311
"Testing the Crash Dump Mechanism will cause <emphasis>a system "
24226
24312
"reboot.</emphasis> In certain situations, this can cause data loss if the "
24228
24314
"that the system is idle or under very light load."
24229
24315
msgstr ""
24230
24316
24231
#: serverguide/C/installation.xml:1306(para)
24317
#: serverguide/C/installation.xml:1379(para)
24232
24318
msgid ""
24233
24319
"Verify that the <emphasis>SysRQ</emphasis> mechanism is enabled by looking "
24234
24320
"at the value of the <filename>/proc/sys/kernel/sysrq</filename> kernel "
24235
24321
"parameter :"
24236
24322
msgstr ""
24237
24323
24238
#: serverguide/C/installation.xml:1312(command)
24324
#: serverguide/C/installation.xml:1385(command)
24239
24325
msgid "cat /proc/sys/kernel/sysrq"
24240
24326
msgstr ""
24241
24327
24242
#: serverguide/C/installation.xml:1315(para)
24328
#: serverguide/C/installation.xml:1388(para)
24243
24329
msgid ""
24244
24330
"If a value of <emphasis>0</emphasis> is returned the feature is disabled. "
24245
24331
"Enable it with the following command :"
24246
24332
msgstr ""
24247
24333
24248
#: serverguide/C/installation.xml:1320(command)
24334
#: serverguide/C/installation.xml:1393(command)
24249
24335
msgid "sudo sysctl -w kernel.sysrq=1"
24250
24336
msgstr ""
24251
24337
24252
#: serverguide/C/installation.xml:1323(para)
24338
#: serverguide/C/installation.xml:1396(para)
24253
24339
msgid ""
24254
24340
"Once this is done, you must become root, as just using "
24255
24341
"<command>sudo</command> will not be sufficient. As the "
24260
24346
"the advantage of making the kernel dump process visible."
24261
24347
msgstr ""
24262
24348
24263
#: serverguide/C/installation.xml:1330(para)
24349
#: serverguide/C/installation.xml:1403(para)
24264
24350
msgid "A typical test output should look like the following :"
24265
24351
msgstr ""
24266
24352
24267
#: serverguide/C/installation.xml:1335(command)
24353
#: serverguide/C/installation.xml:1408(command)
24268
24354
msgid "sudo -s"
24269
24355
msgstr ""
24270
24356
24271
#: serverguide/C/installation.xml:1337(command)
24357
#: serverguide/C/installation.xml:1410(command)
24272
24358
msgid "echo c > /proc/sysrq-trigger"
24273
24359
msgstr ""
24274
24360
24275
#: serverguide/C/installation.xml:1334(screen)
24361
#: serverguide/C/installation.xml:1407(screen)
24276
24362
#, no-wrap
24277
24363
msgid ""
24278
24364
"\n"
24289
24375
"....\n"
24290
24376
msgstr ""
24291
24377
24292
#: serverguide/C/installation.xml:1347(para)
24378
#: serverguide/C/installation.xml:1420(para)
24293
24379
msgid ""
24294
24380
"The rest of the output is truncated, but you should see the system rebooting "
24295
24381
"and somewhere in the log, you will see the following line : <screen>Begin: "
24298
24384
"file in the <filename>/var/crash</filename> directory :"
24299
24385
msgstr ""
24300
24386
24301
#: serverguide/C/installation.xml:1354(command)
24387
#: serverguide/C/installation.xml:1427(command)
24302
24388
msgid "ls /var/crash"
24303
24389
msgstr ""
24304
24390
24305
#: serverguide/C/installation.xml:1353(screen)
24391
#: serverguide/C/installation.xml:1426(screen)
24306
24392
#, no-wrap
24307
24393
msgid ""
24308
24394
"\n"
24310
24396
"linux-image-3.0.0-12-server.0.crash\n"
24311
24397
msgstr ""
24312
24398
24313
#: serverguide/C/installation.xml:1363(para)
24399
#: serverguide/C/installation.xml:1436(para)
24314
24400
msgid ""
24315
24401
"Kernel Crash Dump is a vast topic that requires good knowledge of the linux "
24316
24402
"kernel. You can find more information on the topic here :"
24317
24403
msgstr ""
24318
24404
24319
#: serverguide/C/installation.xml:1369(para)
24405
#: serverguide/C/installation.xml:1442(para)
24320
24406
msgid ""
24321
24407
"<ulink url=\"http://www.kernel.org/doc/Documentation/kdump/kdump.txt\">Kdump "
24322
24408
"kernel documentation</ulink>."
24323
24409
msgstr ""
24324
24410
24325
#: serverguide/C/installation.xml:1375(ulink)
24411
#: serverguide/C/installation.xml:1448(ulink)
24326
24412
msgid "The crash tool"
24327
24413
msgstr ""
24328
24414
24329
#: serverguide/C/installation.xml:1379(para)
24415
#: serverguide/C/installation.xml:1452(para)
24330
24416
msgid ""
24331
24417
"<ulink url=\"http://www.dedoimedo.com/computers/crash-"
24332
24418
"analyze.html\">Analyzing Linux Kernel Crash</ulink> (Based on Fedora, it "
24827
24913
"as follows:"
24828
24914
msgstr ""
24829
24915
24830
#: serverguide/C/file-server.xml:430(programlisting)
24916
#: serverguide/C/file-server.xml:429(programlisting)
24831
24917
#, no-wrap
24832
24918
msgid ""
24833
24919
"\n"
24835
24921
"rsize=8192,wsize=8192,timeo=14,intr\n"
24836
24922
msgstr ""
24837
24923
24838
#: serverguide/C/file-server.xml:434(para)
24924
#: serverguide/C/file-server.xml:433(para)
24839
24925
msgid ""
24840
24926
"If you have trouble mounting an NFS share, make sure the <application>nfs-"
24841
24927
"common</application> package is installed on your client. To install "
24845
24931
"</screen>"
24846
24932
msgstr ""
24847
24933
24848
#: serverguide/C/file-server.xml:447(ulink)
24934
#: serverguide/C/file-server.xml:446(ulink)
24849
24935
msgid "Linux NFS faq"
24850
24936
msgstr ""
24851
24937
24852
#: serverguide/C/file-server.xml:449(ulink)
24938
#: serverguide/C/file-server.xml:448(ulink)
24853
24939
msgid "Ubuntu Wiki NFS Howto"
24854
24940
msgstr ""
24855
24941
24856
#: serverguide/C/file-server.xml:455(title)
24942
#: serverguide/C/file-server.xml:454(title)
24857
24943
msgid "iSCSI Initiator"
24858
24944
msgstr ""
24859
24945
24860
#: serverguide/C/file-server.xml:457(para)
24946
#: serverguide/C/file-server.xml:456(para)
24861
24947
msgid ""
24862
24948
"<emphasis>iSCSI</emphasis> (Internet Small Computer System Interface) is a "
24863
24949
"protocol that allows SCSI commands to be transmitted over a network. "
24877
24963
"your vendor documentation to configure your specific iSCSI target."
24878
24964
msgstr ""
24879
24965
24880
#: serverguide/C/file-server.xml:471(title)
24966
#: serverguide/C/file-server.xml:470(title)
24881
24967
msgid "iSCSI Initiator Install"
24882
24968
msgstr ""
24883
24969
24884
#: serverguide/C/file-server.xml:473(para)
24970
#: serverguide/C/file-server.xml:472(para)
24885
24971
msgid ""
24886
24972
"To configure Ubuntu Server as an iSCSI initiator install the "
24887
24973
"<application>open-iscsi</application> package. In a terminal enter:"
24888
24974
msgstr ""
24889
24975
24890
#: serverguide/C/file-server.xml:478(command)
24976
#: serverguide/C/file-server.xml:477(command)
24891
24977
msgid "sudo apt-get install open-iscsi"
24892
24978
msgstr ""
24893
24979
24894
#: serverguide/C/file-server.xml:483(title)
24980
#: serverguide/C/file-server.xml:482(title)
24895
24981
msgid "iSCSI Initiator Configuration"
24896
24982
msgstr ""
24897
24983
24898
#: serverguide/C/file-server.xml:485(para)
24984
#: serverguide/C/file-server.xml:484(para)
24899
24985
msgid ""
24900
24986
"Once the <application>open-iscsi</application> package is installed, edit "
24901
24987
"<filename>/etc/iscsi/iscsid.conf</filename> changing the following:"
24902
24988
msgstr ""
24903
24989
24904
#: serverguide/C/file-server.xml:489(programlisting)
24990
#: serverguide/C/file-server.xml:488(programlisting)
24905
24991
#, no-wrap
24906
24992
msgid ""
24907
24993
"\n"
24908
24994
"node.startup = automatic\n"
24909
24995
msgstr ""
24910
24996
24911
#: serverguide/C/file-server.xml:493(para)
24997
#: serverguide/C/file-server.xml:492(para)
24912
24998
msgid ""
24913
24999
"You can check which targets are available by using the "
24914
25000
"<application>iscsiadm</application> utility. Enter the following in a "
24915
25001
"terminal:"
24916
25002
msgstr ""
24917
25003
24918
#: serverguide/C/file-server.xml:498(command)
25004
#: serverguide/C/file-server.xml:497(command)
24919
25005
msgid "sudo iscsiadm -m discovery -t st -p 192.168.0.10"
24920
25006
msgstr ""
24921
25007
25008
#: serverguide/C/file-server.xml:501(para)
25009
msgid ""
25010
"<emphasis>-m:</emphasis> determines the mode that iscsiadm executes in."
25011
msgstr ""
25012
24922
25013
#: serverguide/C/file-server.xml:502(para)
24923
msgid ""
24924
"<emphasis>-m:</emphasis> determines the mode that iscsiadm executes in."
25014
msgid "<emphasis>-t:</emphasis> specifies the type of discovery."
24925
25015
msgstr ""
24926
25016
24927
25017
#: serverguide/C/file-server.xml:503(para)
24928
msgid "<emphasis>-t:</emphasis> specifies the type of discovery."
24929
msgstr ""
24930
24931
#: serverguide/C/file-server.xml:504(para)
24932
25018
msgid "<emphasis>-p:</emphasis> option indicates the target IP address."
24933
25019
msgstr ""
24934
25020
24935
#: serverguide/C/file-server.xml:508(para)
25021
#: serverguide/C/file-server.xml:507(para)
24936
25022
msgid ""
24937
25023
"Change example <emphasis>192.168.0.10</emphasis> to the target IP address on "
24938
25024
"your network."
24939
25025
msgstr ""
24940
25026
24941
#: serverguide/C/file-server.xml:513(para)
25027
#: serverguide/C/file-server.xml:512(para)
24942
25028
msgid ""
24943
25029
"If the target is available you should see output similar to the following:"
24944
25030
msgstr ""
24945
25031
24946
#: serverguide/C/file-server.xml:518(computeroutput)
25032
#: serverguide/C/file-server.xml:517(computeroutput)
24947
25033
#, no-wrap
24948
25034
msgid ""
24949
25035
"\n"
24950
25036
"192.168.0.10:3260,1 iqn.1992-05.com.emc:sl7b92030000520000-2\n"
24951
25037
msgstr ""
24952
25038
24953
#: serverguide/C/file-server.xml:524(para)
25039
#: serverguide/C/file-server.xml:523(para)
24954
25040
msgid ""
24955
25041
"The <emphasis>iqn</emphasis> number and IP address above will vary depending "
24956
25042
"on your hardware."
24957
25043
msgstr ""
24958
25044
24959
#: serverguide/C/file-server.xml:529(para)
25045
#: serverguide/C/file-server.xml:528(para)
24960
25046
msgid ""
24961
25047
"You should now be able to connect to the iSCSI target, and depending on your "
24962
25048
"target setup you may have to enter user credentials. Login to the iSCSI node:"
24963
25049
msgstr ""
24964
25050
24965
#: serverguide/C/file-server.xml:535(command)
25051
#: serverguide/C/file-server.xml:534(command)
24966
25052
msgid "sudo iscsiadm -m node --login"
24967
25053
msgstr ""
24968
25054
24969
#: serverguide/C/file-server.xml:538(para)
25055
#: serverguide/C/file-server.xml:537(para)
24970
25056
msgid ""
24971
25057
"Check to make sure that the new disk has been detected using "
24972
25058
"<application>dmesg</application>:"
24973
25059
msgstr ""
24974
25060
24975
#: serverguide/C/file-server.xml:543(command)
25061
#: serverguide/C/file-server.xml:542(command)
24976
25062
msgid "dmesg | grep sd"
24977
25063
msgstr ""
24978
25064
24979
#: serverguide/C/file-server.xml:544(computeroutput)
25065
#: serverguide/C/file-server.xml:543(computeroutput)
24980
25066
#, no-wrap
24981
25067
msgid ""
24982
25068
"\n"
25005
25091
"[ 2486.964862] sd 4:0:0:3: [sdb] Attached SCSI disk\n"
25006
25092
msgstr ""
25007
25093
25008
#: serverguide/C/file-server.xml:568(para)
25094
#: serverguide/C/file-server.xml:567(para)
25009
25095
msgid ""
25010
25096
"In the output above <emphasis>sdb</emphasis> is the new iSCSI disk. Remember "
25011
25097
"this is just an example; the output you see on your screen will vary."
25012
25098
msgstr ""
25013
25099
25014
#: serverguide/C/file-server.xml:573(para)
25100
#: serverguide/C/file-server.xml:572(para)
25015
25101
msgid ""
25016
25102
"Next, create a partition, format the file system, and mount the new iSCSI "
25017
25103
"disk. In a terminal enter:"
25018
25104
msgstr ""
25019
25105
25106
#: serverguide/C/file-server.xml:577(command)
25107
msgid "sudo fdisk /dev/sdb"
25108
msgstr ""
25109
25020
25110
#: serverguide/C/file-server.xml:578(command)
25021
msgid "sudo fdisk /dev/sdb"
25111
msgid "n"
25022
25112
msgstr ""
25023
25113
25024
25114
#: serverguide/C/file-server.xml:579(command)
25025
msgid "n"
25115
msgid "p"
25026
25116
msgstr ""
25027
25117
25028
25118
#: serverguide/C/file-server.xml:580(command)
25029
msgid "p"
25119
msgid "enter"
25030
25120
msgstr ""
25031
25121
25032
25122
#: serverguide/C/file-server.xml:581(command)
25033
msgid "enter"
25034
msgstr ""
25035
25036
#: serverguide/C/file-server.xml:582(command)
25037
25123
msgid "w"
25038
25124
msgstr ""
25039
25125
25040
#: serverguide/C/file-server.xml:586(para)
25126
#: serverguide/C/file-server.xml:585(para)
25041
25127
msgid ""
25042
25128
"The above commands are from inside the <application>fdisk</application> "
25043
25129
"utility; see <command>man fdisk</command> for more detailed instructions. "
25045
25131
"friendly."
25046
25132
msgstr ""
25047
25133
25048
#: serverguide/C/file-server.xml:592(para)
25134
#: serverguide/C/file-server.xml:591(para)
25049
25135
msgid ""
25050
25136
"Now format the file system and mount it to <filename>/srv</filename> as an "
25051
25137
"example:"
25052
25138
msgstr ""
25053
25139
25140
#: serverguide/C/file-server.xml:596(command)
25141
msgid "sudo mkfs.ext4 /dev/sdb1"
25142
msgstr ""
25143
25054
25144
#: serverguide/C/file-server.xml:597(command)
25055
msgid "sudo mkfs.ext4 /dev/sdb1"
25056
msgstr ""
25057
25058
#: serverguide/C/file-server.xml:598(command)
25059
25145
msgid "sudo mount /dev/sdb1 /srv"
25060
25146
msgstr ""
25061
25147
25062
#: serverguide/C/file-server.xml:602(para)
25148
#: serverguide/C/file-server.xml:601(para)
25063
25149
msgid ""
25064
25150
"Finally, add an entry to <filename>/etc/fstab</filename> to mount the iSCSI "
25065
25151
"drive during boot:"
25066
25152
msgstr ""
25067
25153
25068
#: serverguide/C/file-server.xml:606(programlisting)
25154
#: serverguide/C/file-server.xml:605(programlisting)
25069
25155
#, no-wrap
25070
25156
msgid ""
25071
25157
"\n"
25072
25158
"/dev/sdb1 /srv ext4 defaults,auto,_netdev 0 0\n"
25073
25159
msgstr ""
25074
25160
25075
#: serverguide/C/file-server.xml:610(para)
25161
#: serverguide/C/file-server.xml:609(para)
25076
25162
msgid ""
25077
25163
"It is a good idea to make sure everything is working as expected by "
25078
25164
"rebooting the server."
25079
25165
msgstr ""
25080
25166
25081
#: serverguide/C/file-server.xml:619(ulink)
25167
#: serverguide/C/file-server.xml:618(ulink)
25082
25168
msgid "Open-iSCSI Website"
25083
25169
msgstr ""
25084
25170
25085
#: serverguide/C/file-server.xml:622(ulink) serverguide/C/file-server.xml:808(ulink)
25171
#: serverguide/C/file-server.xml:621(ulink) serverguide/C/file-server.xml:807(ulink)
25086
25172
msgid "Debian Open-iSCSI page"
25087
25173
msgstr ""
25088
25174
25089
#: serverguide/C/file-server.xml:629(title)
25175
#: serverguide/C/file-server.xml:628(title)
25090
25176
msgid "CUPS - Print Server"
25091
25177
msgstr "CUPS - tiskalniški strežnik"
25092
25178
25093
#: serverguide/C/file-server.xml:630(para)
25179
#: serverguide/C/file-server.xml:629(para)
25094
25180
msgid ""
25095
25181
"The primary mechanism for Ubuntu printing and print services is the "
25096
25182
"<emphasis role=\"bold\">Common UNIX Printing System</emphasis> (CUPS). This "
25098
25184
"become the new standard for printing in most Linux distributions."
25099
25185
msgstr ""
25100
25186
25101
#: serverguide/C/file-server.xml:637(para)
25187
#: serverguide/C/file-server.xml:636(para)
25102
25188
msgid ""
25103
25189
"CUPS manages print jobs and queues and provides network printing using the "
25104
25190
"standard Internet Printing Protocol (IPP), while offering support for a very "
25108
25194
"administration tool."
25109
25195
msgstr ""
25110
25196
25111
#: serverguide/C/file-server.xml:647(para)
25197
#: serverguide/C/file-server.xml:646(para)
25112
25198
msgid ""
25113
25199
"To install CUPS on your Ubuntu computer, simply use "
25114
25200
"<application>sudo</application> with the <application>apt-get</application> "
25118
25204
"CUPS:"
25119
25205
msgstr ""
25120
25206
25121
#: serverguide/C/file-server.xml:652(command)
25207
#: serverguide/C/file-server.xml:651(command)
25122
25208
msgid "sudo apt-get install cups"
25123
25209
msgstr "sudo apt-get install cups"
25124
25210
25125
#: serverguide/C/file-server.xml:655(para)
25211
#: serverguide/C/file-server.xml:654(para)
25126
25212
msgid ""
25127
25213
"Upon authenticating with your user password, the packages should be "
25128
25214
"downloaded and installed without error. Upon the conclusion of installation, "
25129
25215
"the CUPS server will be started automatically."
25130
25216
msgstr ""
25131
25217
25132
#: serverguide/C/file-server.xml:660(para)
25218
#: serverguide/C/file-server.xml:659(para)
25133
25219
msgid ""
25134
25220
"For troubleshooting purposes, you can access CUPS server errors via the "
25135
25221
"error log file at: <filename>/var/log/cups/error_log</filename>. If the "
25142
25228
"from becoming overly large."
25143
25229
msgstr ""
25144
25230
25145
#: serverguide/C/file-server.xml:673(para)
25231
#: serverguide/C/file-server.xml:672(para)
25146
25232
msgid ""
25147
25233
"The Common UNIX Printing System server's behavior is configured through the "
25148
25234
"directives contained in the file <filename>/etc/cups/cupsd.conf</filename>. "
25153
25239
"initially will be presented here."
25154
25240
msgstr ""
25155
25241
25156
#: serverguide/C/file-server.xml:683(para)
25242
#: serverguide/C/file-server.xml:682(para)
25157
25243
msgid ""
25158
25244
"Prior to editing the configuration file, you should make a copy of the "
25159
25245
"original file and protect it from writing, so you will have the original "
25160
25246
"settings as a reference, and to reuse as necessary."
25161
25247
msgstr ""
25162
25248
25163
#: serverguide/C/file-server.xml:687(para)
25249
#: serverguide/C/file-server.xml:686(para)
25164
25250
msgid ""
25165
25251
"Copy the <filename>/etc/cups/cupsd.conf</filename> file and protect it from "
25166
25252
"writing with the following commands, issued at a terminal prompt:"
25167
25253
msgstr ""
25168
25254
25169
#: serverguide/C/file-server.xml:693(command)
25255
#: serverguide/C/file-server.xml:692(command)
25170
25256
msgid "sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.original"
25171
25257
msgstr "sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.original"
25172
25258
25173
#: serverguide/C/file-server.xml:694(command)
25259
#: serverguide/C/file-server.xml:693(command)
25174
25260
msgid "sudo chmod a-w /etc/cups/cupsd.conf.original"
25175
25261
msgstr "sudo chmod a-w /etc/cups/cupsd.conf.original"
25176
25262
25177
#: serverguide/C/file-server.xml:699(para)
25263
#: serverguide/C/file-server.xml:698(para)
25178
25264
msgid ""
25179
25265
"<emphasis role=\"bold\">ServerAdmin</emphasis>: To configure the email "
25180
25266
"address of the designated administrator of the CUPS server, simply edit the "
25186
25272
"as such:"
25187
25273
msgstr ""
25188
25274
25189
#: serverguide/C/file-server.xml:710(screen)
25275
#: serverguide/C/file-server.xml:709(screen)
25190
25276
#, no-wrap
25191
25277
msgid ""
25192
25278
"\n"
25193
25279
"ServerAdmin bjoy@somebigco.com\n"
25194
25280
msgstr ""
25195
25281
25196
#: serverguide/C/file-server.xml:716(para)
25282
#: serverguide/C/file-server.xml:715(para)
25197
25283
msgid ""
25198
25284
"<emphasis role=\"bold\">Listen</emphasis>: By default on Ubuntu, the CUPS "
25199
25285
"server installation listens only on the loopback interface at IP address "
25208
25294
"such:"
25209
25295
msgstr ""
25210
25296
25211
#: serverguide/C/file-server.xml:730(screen)
25297
#: serverguide/C/file-server.xml:729(screen)
25212
25298
#, no-wrap
25213
25299
msgid ""
25214
25300
"\n"
25218
25304
"(IPP)\n"
25219
25305
msgstr ""
25220
25306
25221
#: serverguide/C/file-server.xml:736(para)
25307
#: serverguide/C/file-server.xml:735(para)
25222
25308
msgid ""
25223
25309
"In the example above, you may comment out or remove the reference to the "
25224
25310
"Loopback address (127.0.0.1) if you do not wish <application>cupsd "
25229
25315
"<emphasis>socrates</emphasis> as such:"
25230
25316
msgstr ""
25231
25317
25232
#: serverguide/C/file-server.xml:746(screen)
25318
#: serverguide/C/file-server.xml:745(screen)
25233
25319
#, no-wrap
25234
25320
msgid ""
25235
25321
"\n"
25236
25322
"Listen socrates:631 # Listen on all interfaces for the hostname 'socrates'\n"
25237
25323
msgstr ""
25238
25324
25239
#: serverguide/C/file-server.xml:750(para)
25325
#: serverguide/C/file-server.xml:749(para)
25240
25326
msgid ""
25241
25327
"or by omitting the Listen directive and using <emphasis>Port</emphasis> "
25242
25328
"instead, as in:"
25243
25329
msgstr ""
25244
25330
25245
#: serverguide/C/file-server.xml:752(screen)
25331
#: serverguide/C/file-server.xml:751(screen)
25246
25332
#, no-wrap
25247
25333
msgid ""
25248
25334
"\n"
25249
25335
"Port 631 # Listen on port 631 on all interfaces\n"
25250
25336
msgstr ""
25251
25337
25252
#: serverguide/C/file-server.xml:759(para)
25338
#: serverguide/C/file-server.xml:758(para)
25253
25339
msgid ""
25254
25340
"For more examples of configuration directives in the CUPS server "
25255
25341
"configuration file, view the associated system manual page by entering the "
25256
25342
"following command at a terminal prompt:"
25257
25343
msgstr ""
25258
25344
25259
#: serverguide/C/file-server.xml:766(command)
25345
#: serverguide/C/file-server.xml:765(command)
25260
25346
msgid "man cupsd.conf"
25261
25347
msgstr "man cupsd.conf"
25262
25348
25263
#: serverguide/C/file-server.xml:770(para)
25349
#: serverguide/C/file-server.xml:769(para)
25264
25350
msgid ""
25265
25351
"Whenever you make changes to the <filename>/etc/cups/cupsd.conf</filename> "
25266
25352
"configuration file, you'll need to restart the CUPS server by typing the "
25271
25357
msgid "sudo service cups restart"
25272
25358
msgstr ""
25273
25359
25274
#: serverguide/C/file-server.xml:782(title)
25360
#: serverguide/C/file-server.xml:781(title)
25275
25361
msgid "Web Interface"
25276
25362
msgstr "Spletni vmesnik"
25277
25363
25278
#: serverguide/C/file-server.xml:784(para)
25364
#: serverguide/C/file-server.xml:783(para)
25279
25365
msgid ""
25280
25366
"CUPS can be configured and monitored using a web interface, which by default "
25281
25367
"is available at <ulink "
25283
25369
"web interface can be used to perform all printer management tasks."
25284
25370
msgstr ""
25285
25371
25286
#: serverguide/C/file-server.xml:788(para)
25372
#: serverguide/C/file-server.xml:787(para)
25287
25373
msgid ""
25288
25374
"In order to perform administrative tasks via the web interface, you must "
25289
25375
"either have the root account enabled on your server, or authenticate as a "
25291
25377
"reasons, CUPS won't authenticate a user that doesn't have a password."
25292
25378
msgstr ""
25293
25379
25294
#: serverguide/C/file-server.xml:791(para)
25380
#: serverguide/C/file-server.xml:790(para)
25295
25381
msgid ""
25296
25382
"To add a user to the <emphasis role=\"italic\">lpadmin</emphasis> group, run "
25297
25383
"at the terminal prompt: <screen>\n"
25299
25385
"</screen>"
25300
25386
msgstr ""
25301
25387
25302
#: serverguide/C/file-server.xml:797(para)
25388
#: serverguide/C/file-server.xml:796(para)
25303
25389
msgid ""
25304
25390
"Further documentation is available in the <emphasis "
25305
25391
"role=\"italic\">Documentation/Help</emphasis> tab of the web interface."
25306
25392
msgstr ""
25307
25393
25308
#: serverguide/C/file-server.xml:805(ulink)
25394
#: serverguide/C/file-server.xml:804(ulink)
25309
25395
msgid "CUPS Website"
25310
25396
msgstr "Spletna stran CUPS"
25311
25397
25436
25522
"prompt:"
25437
25523
msgstr ""
25438
25524
25439
#: serverguide/C/dns.xml:116(command) serverguide/C/dns.xml:195(command) serverguide/C/dns.xml:253(command) serverguide/C/dns.xml:289(command) serverguide/C/dns.xml:317(command) serverguide/C/dns.xml:594(command)
25525
#: serverguide/C/dns.xml:116(command) serverguide/C/dns.xml:199(command) serverguide/C/dns.xml:257(command) serverguide/C/dns.xml:293(command) serverguide/C/dns.xml:321(command) serverguide/C/dns.xml:603(command)
25440
25526
msgid "sudo service bind9 restart"
25441
25527
msgstr ""
25442
25528
25486
25572
"command below.)"
25487
25573
msgstr ""
25488
25574
25489
#: serverguide/C/dns.xml:141(para)
25575
#: serverguide/C/dns.xml:145(para)
25490
25576
msgid ""
25491
25577
"Now use an existing zone file as a template to create the "
25492
25578
"<filename>/etc/bind/db.example.com</filename> file:"
25493
25579
msgstr ""
25494
25580
25495
#: serverguide/C/dns.xml:145(command)
25581
#: serverguide/C/dns.xml:149(command)
25496
25582
msgid "sudo cp /etc/bind/db.local /etc/bind/db.example.com"
25497
25583
msgstr ""
25498
25584
25499
#: serverguide/C/dns.xml:147(para)
25585
#: serverguide/C/dns.xml:151(para)
25500
25586
msgid ""
25501
25587
"Edit the new zone file <filename>/etc/bind/db.example.com</filename> change "
25502
25588
"<emphasis>localhost.</emphasis> to the FQDN of your server, leaving the "
25507
25593
"this file is for."
25508
25594
msgstr ""
25509
25595
25510
#: serverguide/C/dns.xml:154(para)
25596
#: serverguide/C/dns.xml:158(para)
25511
25597
msgid ""
25512
25598
"Create an <emphasis>A record</emphasis> for the base domain, <emphasis "
25513
25599
"role=\"italic\">example.com</emphasis>. Also, create an <emphasis>A "
25515
25601
"the name server in this example:"
25516
25602
msgstr ""
25517
25603
25518
#: serverguide/C/dns.xml:159(programlisting)
25604
#: serverguide/C/dns.xml:163(programlisting)
25519
25605
#, no-wrap
25520
25606
msgid ""
25521
25607
"\n"
25537
25623
"ns IN A 192.168.1.10\n"
25538
25624
msgstr ""
25539
25625
25540
#: serverguide/C/dns.xml:177(para)
25626
#: serverguide/C/dns.xml:181(para)
25541
25627
msgid ""
25542
25628
"You must increment the <emphasis>Serial Number</emphasis> every time you "
25543
25629
"make changes to the zone file. If you make multiple changes before "
25544
25630
"restarting BIND9, simply increment the Serial once."
25545
25631
msgstr ""
25546
25632
25547
#: serverguide/C/dns.xml:181(para)
25633
#: serverguide/C/dns.xml:185(para)
25548
25634
msgid ""
25549
25635
"Now, you can add DNS records to the bottom of the zone file. See <xref "
25550
25636
"linkend=\"dns-record-types\"/> for details."
25551
25637
msgstr ""
25552
25638
25553
#: serverguide/C/dns.xml:185(para)
25639
#: serverguide/C/dns.xml:189(para)
25554
25640
msgid ""
25555
25641
"Many admins like to use the last date edited as the serial of a zone, such "
25556
25642
"as <emphasis>2012010100</emphasis> which is yyyymmddss (where "
25557
25643
"<emphasis>ss</emphasis> is the Serial Number)"
25558
25644
msgstr ""
25559
25645
25560
#: serverguide/C/dns.xml:190(para)
25646
#: serverguide/C/dns.xml:194(para)
25561
25647
msgid ""
25562
25648
"Once you have made changes to the zone file <application>BIND9</application> "
25563
25649
"needs to be restarted for the changes to take effect:"
25564
25650
msgstr ""
25565
25651
25566
#: serverguide/C/dns.xml:199(title)
25652
#: serverguide/C/dns.xml:203(title)
25567
25653
msgid "Reverse Zone File"
25568
25654
msgstr ""
25569
25655
25570
#: serverguide/C/dns.xml:200(para)
25656
#: serverguide/C/dns.xml:204(para)
25571
25657
msgid ""
25572
25658
"Now that the zone is setup and resolving names to IP Adresses a "
25573
25659
"<emphasis>Reverse zone</emphasis> is also required. A Reverse zone allows "
25574
25660
"DNS to resolve an address to a name."
25575
25661
msgstr ""
25576
25662
25577
#: serverguide/C/dns.xml:204(para)
25663
#: serverguide/C/dns.xml:208(para)
25578
25664
msgid "Edit /etc/bind/named.conf.local and add the following:"
25579
25665
msgstr ""
25580
25666
25581
#: serverguide/C/dns.xml:207(programlisting)
25667
#: serverguide/C/dns.xml:211(programlisting)
25582
25668
#, no-wrap
25583
25669
msgid ""
25584
25670
"\n"
25588
25674
"};\n"
25589
25675
msgstr ""
25590
25676
25591
#: serverguide/C/dns.xml:214(para)
25677
#: serverguide/C/dns.xml:218(para)
25592
25678
msgid ""
25593
25679
"Replace <emphasis>1.168.192</emphasis> with the first three octets of "
25594
25680
"whatever network you are using. Also, name the zone file "
25596
25682
"first octet of your network."
25597
25683
msgstr ""
25598
25684
25599
#: serverguide/C/dns.xml:219(para)
25685
#: serverguide/C/dns.xml:223(para)
25600
25686
msgid "Now create the <filename>/etc/bind/db.192</filename> file:"
25601
25687
msgstr ""
25602
25688
25603
#: serverguide/C/dns.xml:223(command)
25689
#: serverguide/C/dns.xml:227(command)
25604
25690
msgid "sudo cp /etc/bind/db.127 /etc/bind/db.192"
25605
25691
msgstr ""
25606
25692
25607
#: serverguide/C/dns.xml:225(para)
25693
#: serverguide/C/dns.xml:229(para)
25608
25694
msgid ""
25609
25695
"Next edit <filename>/etc/bind/db.192</filename> changing the basically the "
25610
25696
"same options as <filename>/etc/bind/db.example.com</filename>:"
25611
25697
msgstr ""
25612
25698
25613
#: serverguide/C/dns.xml:229(programlisting)
25699
#: serverguide/C/dns.xml:233(programlisting)
25614
25700
#, no-wrap
25615
25701
msgid ""
25616
25702
"\n"
25629
25715
"10 IN PTR ns.example.com.\n"
25630
25716
msgstr ""
25631
25717
25632
#: serverguide/C/dns.xml:244(para)
25718
#: serverguide/C/dns.xml:248(para)
25633
25719
msgid ""
25634
25720
"The <emphasis>Serial Number</emphasis> in the Reverse zone needs to be "
25635
25721
"incremented on each change as well. For each <emphasis>A record</emphasis> "
25638
25724
"<filename>/etc/bind/db.192</filename>."
25639
25725
msgstr ""
25640
25726
25641
#: serverguide/C/dns.xml:249(para)
25727
#: serverguide/C/dns.xml:253(para)
25642
25728
msgid ""
25643
25729
"After creating the reverse zone file restart "
25644
25730
"<application>BIND9</application>:"
25645
25731
msgstr ""
25646
25732
25647
#: serverguide/C/dns.xml:258(title)
25733
#: serverguide/C/dns.xml:262(title)
25648
25734
msgid "Secondary Master"
25649
25735
msgstr ""
25650
25736
25651
#: serverguide/C/dns.xml:259(para)
25737
#: serverguide/C/dns.xml:263(para)
25652
25738
msgid ""
25653
25739
"Once a <emphasis>Primary Master</emphasis> has been configured a "
25654
25740
"<emphasis>Secondary Master</emphasis> is needed in order to maintain the "
25655
25741
"availability of the domain should the Primary become unavailable."
25656
25742
msgstr ""
25657
25743
25658
#: serverguide/C/dns.xml:263(para)
25744
#: serverguide/C/dns.xml:267(para)
25659
25745
msgid ""
25660
25746
"First, on the Primary Master server, the zone transfer needs to be allowed. "
25661
25747
"Add the <emphasis>allow-transfer</emphasis> option to the example Forward "
25663
25749
"<filename>/etc/bind/named.conf.local</filename>:"
25664
25750
msgstr ""
25665
25751
25666
#: serverguide/C/dns.xml:267(programlisting)
25752
#: serverguide/C/dns.xml:271(programlisting)
25667
25753
#, no-wrap
25668
25754
msgid ""
25669
25755
"\n"
25680
25766
"};\n"
25681
25767
msgstr ""
25682
25768
25683
#: serverguide/C/dns.xml:281(para)
25769
#: serverguide/C/dns.xml:285(para)
25684
25770
msgid ""
25685
25771
"Replace <emphasis>192.168.1.11</emphasis> with the IP Address of your "
25686
25772
"Secondary nameserver."
25687
25773
msgstr ""
25688
25774
25689
#: serverguide/C/dns.xml:285(para)
25775
#: serverguide/C/dns.xml:289(para)
25690
25776
msgid "Restart <application>BIND9</application> on the Primary Master:"
25691
25777
msgstr ""
25692
25778
25693
#: serverguide/C/dns.xml:291(para)
25779
#: serverguide/C/dns.xml:295(para)
25694
25780
msgid ""
25695
25781
"Next, on the Secondary Master, install the <application>bind9</application> "
25696
25782
"package the same way as on the Primary. Then edit the "
25698
25784
"declarations for the Forward and Reverse zones:"
25699
25785
msgstr ""
25700
25786
25701
#: serverguide/C/dns.xml:295(programlisting)
25787
#: serverguide/C/dns.xml:299(programlisting)
25702
25788
#, no-wrap
25703
25789
msgid ""
25704
25790
"\n"
25715
25801
"};\n"
25716
25802
msgstr ""
25717
25803
25718
#: serverguide/C/dns.xml:309(para)
25804
#: serverguide/C/dns.xml:313(para)
25719
25805
msgid ""
25720
25806
"Replace <emphasis>192.168.1.10</emphasis> with the IP Address of your "
25721
25807
"Primary nameserver."
25722
25808
msgstr ""
25723
25809
25724
#: serverguide/C/dns.xml:313(para)
25810
#: serverguide/C/dns.xml:317(para)
25725
25811
msgid "Restart <application>BIND9</application> on the Secondary Master:"
25726
25812
msgstr ""
25727
25813
25728
#: serverguide/C/dns.xml:319(para)
25814
#: serverguide/C/dns.xml:323(para)
25729
25815
msgid ""
25730
25816
"In <filename>/var/log/syslog</filename> you should see something similar to "
25731
25817
"(some lines have been split to fit the format of this document):"
25732
25818
msgstr ""
25733
25819
25734
#: serverguide/C/dns.xml:322(programlisting)
25820
#: serverguide/C/dns.xml:326(programlisting)
25735
25821
#, no-wrap
25736
25822
msgid ""
25737
25823
"\n"
25756
25842
"8 records, 225 bytes, 0.002 secs (112500 bytes/sec)\n"
25757
25843
msgstr ""
25758
25844
25759
#: serverguide/C/dns.xml:341(para)
25845
#: serverguide/C/dns.xml:345(para)
25760
25846
msgid ""
25761
25847
"Note: A zone is only transferred if the <emphasis>Serial Number</emphasis> "
25762
25848
"on the Primary is larger than the one on the Secondary. If you want to have "
25766
25852
"below:"
25767
25853
msgstr ""
25768
25854
25769
#: serverguide/C/dns.xml:345(programlisting)
25855
#: serverguide/C/dns.xml:349(programlisting)
25770
25856
#, no-wrap
25771
25857
msgid ""
25772
25858
"\n"
25786
25872
"\t"
25787
25873
msgstr ""
25788
25874
25789
#: serverguide/C/dns.xml:361(para)
25875
#: serverguide/C/dns.xml:365(para)
25790
25876
msgid ""
25791
25877
"The default directory for non-authoritative zone files is "
25792
25878
"<filename>/var/cache/bind/</filename>. This directory is also configured in "
25795
25881
"on AppArmor see <xref linkend=\"apparmor\"/>."
25796
25882
msgstr ""
25797
25883
25798
#: serverguide/C/dns.xml:372(para)
25884
#: serverguide/C/dns.xml:376(para)
25799
25885
msgid ""
25800
25886
"This section covers ways to help determine the cause when problems happen "
25801
25887
"with DNS and <application>BIND9</application>."
25802
25888
msgstr ""
25803
25889
25804
#: serverguide/C/dns.xml:378(title)
25890
#: serverguide/C/dns.xml:382(title)
25805
25891
msgid "resolv.conf"
25806
25892
msgstr "resolv.conf"
25807
25893
25815
25901
"<filename>/etc/resolv.conf</filename> contains (for this example):"
25816
25902
msgstr ""
25817
25903
25818
#: serverguide/C/dns.xml:384(programlisting)
25904
#: serverguide/C/dns.xml:389(programlisting)
25819
25905
#, no-wrap
25820
25906
msgid ""
25821
25907
"\n"
25831
25917
"to RESOLVCONF=yes."
25832
25918
msgstr ""
25833
25919
25834
#: serverguide/C/dns.xml:389(para)
25920
#: serverguide/C/dns.xml:398(para)
25835
25921
msgid ""
25836
25922
"You should also add the IP Address of the Secondary nameserver in case the "
25837
25923
"Primary becomes unavailable."
25838
25924
msgstr ""
25839
25925
25840
#: serverguide/C/dns.xml:395(title)
25926
#: serverguide/C/dns.xml:404(title)
25841
25927
msgid "dig"
25842
25928
msgstr "dig"
25843
25929
25844
#: serverguide/C/dns.xml:396(para)
25930
#: serverguide/C/dns.xml:405(para)
25845
25931
msgid ""
25846
25932
"If you installed the <application>dnsutils</application> package you can "
25847
25933
"test your setup using the DNS lookup utility <application>dig</application>:"
25848
25934
msgstr ""
25849
25935
25850
#: serverguide/C/dns.xml:402(para)
25936
#: serverguide/C/dns.xml:411(para)
25851
25937
msgid ""
25852
25938
"After installing <application>BIND9</application> use "
25853
25939
"<application>dig</application> against the loopback interface to make sure "
25854
25940
"it is listening on port 53. From a terminal prompt:"
25855
25941
msgstr ""
25856
25942
25857
#: serverguide/C/dns.xml:407(command)
25943
#: serverguide/C/dns.xml:416(command)
25858
25944
msgid "dig -x 127.0.0.1"
25859
25945
msgstr "dig -x 127.0.0.1"
25860
25946
25861
#: serverguide/C/dns.xml:409(para)
25947
#: serverguide/C/dns.xml:418(para)
25862
25948
msgid "You should see lines similar to the following in the command output:"
25863
25949
msgstr ""
25864
25950
25865
#: serverguide/C/dns.xml:412(programlisting)
25951
#: serverguide/C/dns.xml:421(programlisting)
25866
25952
#, no-wrap
25867
25953
msgid ""
25868
25954
"\n"
25870
25956
";; SERVER: 192.168.1.10#53(192.168.1.10)\n"
25871
25957
msgstr ""
25872
25958
25873
#: serverguide/C/dns.xml:418(para)
25959
#: serverguide/C/dns.xml:427(para)
25874
25960
msgid ""
25875
25961
"If you have configured <application>BIND9</application> as a "
25876
25962
"<emphasis>Caching</emphasis> nameserver \"dig\" an outside domain to check "
25877
25963
"the query time:"
25878
25964
msgstr ""
25879
25965
25880
#: serverguide/C/dns.xml:423(command)
25966
#: serverguide/C/dns.xml:432(command)
25881
25967
msgid "dig ubuntu.com"
25882
25968
msgstr "dig ubuntu.com"
25883
25969
25884
#: serverguide/C/dns.xml:425(para)
25970
#: serverguide/C/dns.xml:434(para)
25885
25971
msgid "Note the query time toward the end of the command output:"
25886
25972
msgstr ""
25887
25973
25888
#: serverguide/C/dns.xml:428(programlisting)
25974
#: serverguide/C/dns.xml:437(programlisting)
25889
25975
#, no-wrap
25890
25976
msgid ""
25891
25977
"\n"
25892
25978
";; Query time: 49 msec\n"
25893
25979
msgstr ""
25894
25980
25895
#: serverguide/C/dns.xml:431(para)
25981
#: serverguide/C/dns.xml:440(para)
25896
25982
msgid "After a second dig there should be improvement:"
25897
25983
msgstr ""
25898
25984
25899
#: serverguide/C/dns.xml:434(programlisting)
25985
#: serverguide/C/dns.xml:443(programlisting)
25900
25986
#, no-wrap
25901
25987
msgid ""
25902
25988
"\n"
25903
25989
";; Query time: 1 msec\n"
25904
25990
msgstr ""
25905
25991
25906
#: serverguide/C/dns.xml:441(title)
25992
#: serverguide/C/dns.xml:450(title)
25907
25993
msgid "ping"
25908
25994
msgstr "ping"
25909
25995
25910
#: serverguide/C/dns.xml:443(para)
25996
#: serverguide/C/dns.xml:452(para)
25911
25997
msgid ""
25912
25998
"Now to demonstrate how applications make use of DNS to resolve a host name "
25913
25999
"use the <application>ping</application> utility to send an ICMP echo "
25914
26000
"request. From a terminal prompt enter:"
25915
26001
msgstr ""
25916
26002
25917
#: serverguide/C/dns.xml:449(command)
26003
#: serverguide/C/dns.xml:458(command)
25918
26004
msgid "ping example.com"
25919
26005
msgstr ""
25920
26006
25921
#: serverguide/C/dns.xml:451(para)
26007
#: serverguide/C/dns.xml:460(para)
25922
26008
msgid ""
25923
26009
"This tests if the nameserver can resolve the name "
25924
26010
"<emphasis>ns.example.com</emphasis> to an IP Address. The command output "
25925
26011
"should resemble:"
25926
26012
msgstr ""
25927
26013
25928
#: serverguide/C/dns.xml:455(programlisting)
26014
#: serverguide/C/dns.xml:464(programlisting)
25929
26015
#, no-wrap
25930
26016
msgid ""
25931
26017
"\n"
25934
26020
"64 bytes from 192.168.1.10: icmp_seq=2 ttl=64 time=0.813 ms\n"
25935
26021
msgstr ""
25936
26022
25937
#: serverguide/C/dns.xml:462(title)
26023
#: serverguide/C/dns.xml:471(title)
25938
26024
msgid "named-checkzone"
25939
26025
msgstr ""
25940
26026
25941
#: serverguide/C/dns.xml:463(para)
26027
#: serverguide/C/dns.xml:472(para)
25942
26028
msgid ""
25943
26029
"A great way to test your zone files is by using the <application>named-"
25944
26030
"checkzone</application> utility installed with the "
25947
26033
"<application>BIND9</application> and making the changes live."
25948
26034
msgstr ""
25949
26035
25950
#: serverguide/C/dns.xml:470(para)
26036
#: serverguide/C/dns.xml:479(para)
25951
26037
msgid ""
25952
26038
"To test our example Forward zone file enter the following from a command "
25953
26039
"prompt:"
25954
26040
msgstr ""
25955
26041
25956
#: serverguide/C/dns.xml:474(command)
26042
#: serverguide/C/dns.xml:483(command)
25957
26043
msgid "named-checkzone example.com /etc/bind/db.example.com"
25958
26044
msgstr ""
25959
26045
25960
#: serverguide/C/dns.xml:476(para)
26046
#: serverguide/C/dns.xml:485(para)
25961
26047
msgid ""
25962
26048
"If everything is configured correctly you should see output similar to:"
25963
26049
msgstr ""
25964
26050
25965
#: serverguide/C/dns.xml:479(programlisting)
26051
#: serverguide/C/dns.xml:488(programlisting)
25966
26052
#, no-wrap
25967
26053
msgid ""
25968
26054
"\n"
25970
26056
"OK\n"
25971
26057
msgstr ""
25972
26058
25973
#: serverguide/C/dns.xml:485(para)
26059
#: serverguide/C/dns.xml:494(para)
25974
26060
msgid "Similarly, to test the Reverse zone file enter the following:"
25975
26061
msgstr ""
25976
26062
25977
#: serverguide/C/dns.xml:489(command)
26063
#: serverguide/C/dns.xml:498(command)
25978
26064
msgid "named-checkzone 1.168.192.in-addr.arpa /etc/bind/db.192"
25979
26065
msgstr ""
25980
26066
25981
#: serverguide/C/dns.xml:491(para)
26067
#: serverguide/C/dns.xml:500(para)
25982
26068
msgid "The output should be similar to:"
25983
26069
msgstr ""
25984
26070
25985
#: serverguide/C/dns.xml:494(programlisting)
26071
#: serverguide/C/dns.xml:503(programlisting)
25986
26072
#, no-wrap
25987
26073
msgid ""
25988
26074
"\n"
25990
26076
"OK\n"
25991
26077
msgstr ""
25992
26078
25993
#: serverguide/C/dns.xml:501(para)
26079
#: serverguide/C/dns.xml:510(para)
25994
26080
msgid ""
25995
26081
"The <emphasis>Serial Number</emphasis> of your zone file will probably be "
25996
26082
"different."
25997
26083
msgstr ""
25998
26084
25999
#: serverguide/C/dns.xml:509(para)
26085
#: serverguide/C/dns.xml:518(para)
26000
26086
msgid ""
26001
26087
"<application>BIND9</application> has a wide variety of logging configuration "
26002
26088
"options available. There are two main options. The "
26004
26090
"<emphasis>category</emphasis> option determines what information to log."
26005
26091
msgstr ""
26006
26092
26007
#: serverguide/C/dns.xml:513(para)
26093
#: serverguide/C/dns.xml:522(para)
26008
26094
msgid "If no logging option is configured the default option is:"
26009
26095
msgstr ""
26010
26096
26011
#: serverguide/C/dns.xml:516(programlisting)
26097
#: serverguide/C/dns.xml:525(programlisting)
26012
26098
#, no-wrap
26013
26099
msgid ""
26014
26100
"\n"
26018
26104
"};\n"
26019
26105
msgstr ""
26020
26106
26021
#: serverguide/C/dns.xml:522(para)
26107
#: serverguide/C/dns.xml:531(para)
26022
26108
msgid ""
26023
26109
"This section covers configuring <application>BIND9</application> to send "
26024
26110
"<emphasis>debug</emphasis> messages related to DNS queries to a separate "
26025
26111
"file."
26026
26112
msgstr ""
26027
26113
26028
#: serverguide/C/dns.xml:527(para)
26114
#: serverguide/C/dns.xml:536(para)
26029
26115
msgid ""
26030
26116
"First, we need to configure a channel to specify which file to send the "
26031
26117
"messages to. Edit <filename>/etc/bind/named.conf.local</filename> and add "
26032
26118
"the following:"
26033
26119
msgstr ""
26034
26120
26035
#: serverguide/C/dns.xml:531(programlisting)
26121
#: serverguide/C/dns.xml:540(programlisting)
26036
26122
#, no-wrap
26037
26123
msgid ""
26038
26124
"\n"
26044
26130
"};\n"
26045
26131
msgstr ""
26046
26132
26047
#: serverguide/C/dns.xml:541(para)
26133
#: serverguide/C/dns.xml:550(para)
26048
26134
msgid "Next, configure a category to send all DNS queries to the query file:"
26049
26135
msgstr ""
26050
26136
26051
#: serverguide/C/dns.xml:544(programlisting)
26137
#: serverguide/C/dns.xml:553(programlisting)
26052
26138
#, no-wrap
26053
26139
msgid ""
26054
26140
"\n"
26061
26147
"};\n"
26062
26148
msgstr ""
26063
26149
26064
#: serverguide/C/dns.xml:556(para)
26150
#: serverguide/C/dns.xml:565(para)
26065
26151
msgid ""
26066
26152
"Note: the <emphasis>debug</emphasis> option can be set from 1 to 3. If a "
26067
26153
"level isn't specified level 1 is the default."
26068
26154
msgstr ""
26069
26155
26070
#: serverguide/C/dns.xml:562(para)
26156
#: serverguide/C/dns.xml:571(para)
26071
26157
msgid ""
26072
26158
"Since the <emphasis>named daemon</emphasis> runs as the "
26073
26159
"<emphasis>bind</emphasis> user the <filename>/var/log/query.log</filename> "
26074
26160
"file must be created and the ownership changed:"
26075
26161
msgstr ""
26076
26162
26077
#: serverguide/C/dns.xml:567(command)
26163
#: serverguide/C/dns.xml:576(command)
26078
26164
msgid "sudo touch /var/log/query.log"
26079
26165
msgstr "sudo touch /var/log/query.log"
26080
26166
26081
#: serverguide/C/dns.xml:568(command)
26167
#: serverguide/C/dns.xml:577(command)
26082
26168
msgid "sudo chown bind /var/log/query.log"
26083
26169
msgstr "sudo chown bind /var/log/query.log"
26084
26170
26085
#: serverguide/C/dns.xml:572(para)
26171
#: serverguide/C/dns.xml:581(para)
26086
26172
msgid ""
26087
26173
"Before <application>named</application> daemon can write to the new log file "
26088
26174
"the <application>AppArmor</application> profile must be updated. First, edit "
26089
26175
"<filename>/etc/apparmor.d/usr.sbin.named</filename> and add:"
26090
26176
msgstr ""
26091
26177
26092
#: serverguide/C/dns.xml:576(programlisting)
26178
#: serverguide/C/dns.xml:585(programlisting)
26093
26179
#, no-wrap
26094
26180
msgid ""
26095
26181
"\n"
26098
26184
"\n"
26099
26185
"/var/log/query.log w,\n"
26100
26186
26101
#: serverguide/C/dns.xml:579(para)
26187
#: serverguide/C/dns.xml:588(para)
26102
26188
msgid "Next, reload the profile:"
26103
26189
msgstr ""
26104
26190
26105
#: serverguide/C/dns.xml:583(command)
26191
#: serverguide/C/dns.xml:592(command)
26106
26192
msgid "cat /etc/apparmor.d/usr.sbin.named | sudo apparmor_parser -r"
26107
26193
msgstr "cat /etc/apparmor.d/usr.sbin.named | sudo apparmor_parser -r"
26108
26194
26109
#: serverguide/C/dns.xml:585(para)
26195
#: serverguide/C/dns.xml:594(para)
26110
26196
msgid ""
26111
26197
"For more information on <application>AppArmor</application> see <xref "
26112
26198
"linkend=\"apparmor\"/>"
26113
26199
msgstr ""
26114
26200
26115
#: serverguide/C/dns.xml:590(para)
26201
#: serverguide/C/dns.xml:599(para)
26116
26202
msgid ""
26117
26203
"Now restart <application>BIND9</application> for the changes to take effect:"
26118
26204
msgstr ""
26119
26205
26120
#: serverguide/C/dns.xml:598(para)
26206
#: serverguide/C/dns.xml:607(para)
26121
26207
msgid ""
26122
26208
"You should see the file <filename>/var/log/query.log</filename> fill with "
26123
26209
"query information. This is a simple example of the "
26125
26211
"options see <xref linkend=\"dns-more-info\"/>."
26126
26212
msgstr ""
26127
26213
26128
#: serverguide/C/dns.xml:607(title)
26214
#: serverguide/C/dns.xml:616(title)
26129
26215
msgid "Common Record Types"
26130
26216
msgstr ""
26131
26217
26132
#: serverguide/C/dns.xml:608(para)
26218
#: serverguide/C/dns.xml:617(para)
26133
26219
msgid "This section covers some of the most common DNS record types."
26134
26220
msgstr ""
26135
26221
26136
#: serverguide/C/dns.xml:613(para)
26222
#: serverguide/C/dns.xml:622(para)
26137
26223
msgid ""
26138
26224
"<emphasis>A</emphasis> record: This record maps an IP Address to a hostname."
26139
26225
msgstr ""
26140
26226
26141
#: serverguide/C/dns.xml:616(programlisting)
26227
#: serverguide/C/dns.xml:625(programlisting)
26142
26228
#, no-wrap
26143
26229
msgid ""
26144
26230
"\n"
26145
26231
"www IN A 192.168.1.12\n"
26146
26232
msgstr ""
26147
26233
26148
#: serverguide/C/dns.xml:621(para)
26234
#: serverguide/C/dns.xml:630(para)
26149
26235
msgid ""
26150
26236
"<emphasis>CNAME</emphasis> record: Used to create an alias to an existing A "
26151
26237
"record. You cannot create a CNAME record pointing to another CNAME record."
26152
26238
msgstr ""
26153
26239
26154
#: serverguide/C/dns.xml:624(programlisting)
26240
#: serverguide/C/dns.xml:633(programlisting)
26155
26241
#, no-wrap
26156
26242
msgid ""
26157
26243
"\n"
26158
26244
"web IN CNAME www\n"
26159
26245
msgstr ""
26160
26246
26161
#: serverguide/C/dns.xml:629(para)
26247
#: serverguide/C/dns.xml:638(para)
26162
26248
msgid ""
26163
26249
"<emphasis>MX</emphasis> record: Used to define where email should be sent "
26164
26250
"to. Must point to an A record, not a CNAME."
26165
26251
msgstr ""
26166
26252
26167
#: serverguide/C/dns.xml:632(programlisting)
26253
#: serverguide/C/dns.xml:641(programlisting)
26168
26254
#, no-wrap
26169
26255
msgid ""
26170
26256
"\n"
26172
26258
"mail IN A 192.168.1.13\n"
26173
26259
msgstr ""
26174
26260
26175
#: serverguide/C/dns.xml:638(para)
26261
#: serverguide/C/dns.xml:647(para)
26176
26262
msgid ""
26177
26263
"<emphasis>NS</emphasis> record: Used to define which servers serve copies of "
26178
26264
"a zone. It must point to an A record, not a CNAME. This is where Primary and "
26179
26265
"Secondary servers are defined."
26180
26266
msgstr ""
26181
26267
26182
#: serverguide/C/dns.xml:642(programlisting)
26268
#: serverguide/C/dns.xml:651(programlisting)
26183
26269
#, no-wrap
26184
26270
msgid ""
26185
26271
"\n"
26189
26275
"ns2 IN A 192.168.1.11\n"
26190
26276
msgstr ""
26191
26277
26192
#: serverguide/C/virtualization.xml:2018(title) serverguide/C/dns.xml:652(title)
26278
#: serverguide/C/dns.xml:661(title)
26193
26279
msgid "More Information"
26194
26280
msgstr "Več informacij"
26195
26281
26220
26306
"BIND on IPv6</ulink> book."
26221
26307
msgstr ""
26222
26308
26223
#: serverguide/C/dns.xml:670(para)
26309
#: serverguide/C/dns.xml:684(para)
26224
26310
msgid ""
26225
26311
"A great place to ask for <application>BIND9</application> assistance, and "
26226
26312
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
26403
26489
"Components</link> describes the components of the DM-Multipath package."
26404
26490
msgstr ""
26405
26491
26406
#: serverguide/C/dm-multipath.xml:184(title)
26492
#: serverguide/C/dm-multipath.xml:183(title)
26407
26493
msgid "DM-Multipath Setup Overview"
26408
26494
msgstr ""
26409
26495
26410
#: serverguide/C/dm-multipath.xml:191(para)
26496
#: serverguide/C/dm-multipath.xml:190(para)
26411
26497
msgid ""
26412
26498
"Install the <emphasis role=\"bold\">multipath-tools</emphasis> and <emphasis "
26413
26499
"role=\"bold\">multipath-tools-boot</emphasis> packages"
26414
26500
msgstr ""
26415
26501
26416
#: serverguide/C/dm-multipath.xml:197(para)
26502
#: serverguide/C/dm-multipath.xml:196(para)
26417
26503
msgid ""
26418
26504
"Create an empty config file, <filename>/etc/multipath.conf</filename>, that "
26419
26505
"re-defines the <link linkend=\"multipath-skel-config\">following</link>"
26420
26506
msgstr ""
26421
26507
26422
#: serverguide/C/dm-multipath.xml:203(para)
26508
#: serverguide/C/dm-multipath.xml:202(para)
26423
26509
msgid ""
26424
26510
"If necessary, edit the <emphasis role=\"bold\">multipath.conf</emphasis> "
26425
26511
"configuration file to modify default values and save the updated file."
26426
26512
msgstr ""
26427
26513
26428
#: serverguide/C/dm-multipath.xml:209(para)
26514
#: serverguide/C/dm-multipath.xml:208(para)
26429
26515
msgid "Start the multipath daemon"
26430
26516
msgstr ""
26431
26517
26432
#: serverguide/C/dm-multipath.xml:213(para)
26518
#: serverguide/C/dm-multipath.xml:212(para)
26433
26519
msgid "Update initial ramdisk"
26434
26520
msgstr ""
26435
26521
26436
#: serverguide/C/dm-multipath.xml:186(para)
26522
#: serverguide/C/dm-multipath.xml:185(para)
26437
26523
msgid ""
26438
26524
"DM-Multipath includes compiled-in default settings that are suitable for "
26439
26525
"common multipath configurations. Setting up DM-multipath is often a simple "
26443
26529
"overview\">Setting Up DM-Multipath</link>."
26444
26530
msgstr ""
26445
26531
26446
#: serverguide/C/dm-multipath.xml:223(title)
26532
#: serverguide/C/dm-multipath.xml:222(title)
26447
26533
msgid "Multipath Devices"
26448
26534
msgstr ""
26449
26535
26450
#: serverguide/C/dm-multipath.xml:225(para)
26536
#: serverguide/C/dm-multipath.xml:224(para)
26451
26537
msgid ""
26452
26538
"Without DM-Multipath, each path from a server node to a storage controller "
26453
26539
"is treated by the system as a separate device, even when the I/O path "
26456
26542
"multipath device on top of the underlying devices."
26457
26543
msgstr ""
26458
26544
26459
#: serverguide/C/dm-multipath.xml:233(title)
26545
#: serverguide/C/dm-multipath.xml:232(title)
26460
26546
msgid "Multipath Device Identifiers"
26461
26547
msgstr ""
26462
26548
26463
#: serverguide/C/dm-multipath.xml:261(para)
26549
#: serverguide/C/dm-multipath.xml:260(para)
26464
26550
msgid ""
26465
26551
"The devices in <emphasis role=\"bold\">/dev/mapper</emphasis> are created "
26466
26552
"early in the boot process. Use these devices to access the multipathed "
26467
26553
"devices, for example when creating logical volumes."
26468
26554
msgstr ""
26469
26555
26470
#: serverguide/C/dm-multipath.xml:268(para)
26556
#: serverguide/C/dm-multipath.xml:267(para)
26471
26557
msgid ""
26472
26558
"Any devices of the form <emphasis role=\"bold\">/dev/dm-n</emphasis> are for "
26473
26559
"internal use only and should never be used."
26513
26599
"Device Configuration Attributes</link>."
26514
26600
msgstr ""
26515
26601
26516
#: serverguide/C/dm-multipath.xml:289(title)
26602
#: serverguide/C/dm-multipath.xml:288(title)
26517
26603
msgid "Consistent Multipath Device Names in a Cluster"
26518
26604
msgstr ""
26519
26605
26520
#: serverguide/C/dm-multipath.xml:291(para)
26606
#: serverguide/C/dm-multipath.xml:290(para)
26521
26607
msgid ""
26522
26608
"When the <emphasis role=\"bold\">user_friendly_names</emphasis> "
26523
26609
"configuration option is set to yes, the name of the multipath device is "
26540
26626
"procedure:"
26541
26627
msgstr ""
26542
26628
26543
#: serverguide/C/dm-multipath.xml:313(para)
26629
#: serverguide/C/dm-multipath.xml:312(para)
26544
26630
msgid "Set up all of the multipath devices on one machine."
26545
26631
msgstr ""
26546
26632
26547
#: serverguide/C/dm-multipath.xml:317(para) serverguide/C/dm-multipath.xml:354(para)
26633
#: serverguide/C/dm-multipath.xml:316(para) serverguide/C/dm-multipath.xml:353(para)
26548
26634
msgid ""
26549
26635
"Disable all of your multipath devices on your other machines by running the "
26550
26636
"following commands:"
26551
26637
msgstr ""
26552
26638
26553
#: serverguide/C/dm-multipath.xml:320(screen) serverguide/C/dm-multipath.xml:357(screen)
26639
#: serverguide/C/dm-multipath.xml:319(screen) serverguide/C/dm-multipath.xml:356(screen)
26554
26640
#, no-wrap
26555
26641
msgid ""
26556
26642
"# service multipath-tools stop\n"
26557
26643
"# multipath -F\n"
26558
26644
msgstr ""
26559
26645
26560
#: serverguide/C/dm-multipath.xml:326(para)
26646
#: serverguide/C/dm-multipath.xml:325(para)
26561
26647
msgid ""
26562
26648
"Copy the <filename>/etc/multipath/bindings</filename> file from the first "
26563
26649
"machine to all the other machines in the cluster."
26564
26650
msgstr ""
26565
26651
26566
#: serverguide/C/dm-multipath.xml:332(para) serverguide/C/dm-multipath.xml:368(para)
26652
#: serverguide/C/dm-multipath.xml:331(para) serverguide/C/dm-multipath.xml:367(para)
26567
26653
msgid ""
26568
26654
"Re-enable the multipathd daemon on all the other machines in the cluster by "
26569
26655
"running the following command:"
26570
26656
msgstr ""
26571
26657
26572
#: serverguide/C/dm-multipath.xml:335(screen) serverguide/C/dm-multipath.xml:371(screen)
26658
#: serverguide/C/dm-multipath.xml:334(screen) serverguide/C/dm-multipath.xml:370(screen)
26573
26659
#, no-wrap
26574
26660
msgid "# service multipath-tools start"
26575
26661
msgstr ""
26576
26662
26577
#: serverguide/C/dm-multipath.xml:339(para)
26663
#: serverguide/C/dm-multipath.xml:338(para)
26578
26664
msgid "If you add a new device, you will need to repeat this process."
26579
26665
msgstr ""
26580
26666
26581
#: serverguide/C/dm-multipath.xml:342(para)
26667
#: serverguide/C/dm-multipath.xml:341(para)
26582
26668
msgid ""
26583
26669
"Similarly, if you configure an alias for a device that you would like to be "
26584
26670
"consistent across the nodes in the cluster, you should ensure that the "
26586
26672
"the cluster by following the same procedure:"
26587
26673
msgstr ""
26588
26674
26589
#: serverguide/C/dm-multipath.xml:349(para)
26675
#: serverguide/C/dm-multipath.xml:348(para)
26590
26676
msgid ""
26591
26677
"Configure the aliases for the multipath devices in the in the "
26592
26678
"<filename>multipath.conf</filename> file on one machine."
26593
26679
msgstr ""
26594
26680
26595
#: serverguide/C/dm-multipath.xml:363(para)
26681
#: serverguide/C/dm-multipath.xml:362(para)
26596
26682
msgid ""
26597
26683
"Copy the <filename>multipath.conf</filename> file from the first machine to "
26598
26684
"all the other machines in the cluster."
26599
26685
msgstr ""
26600
26686
26601
#: serverguide/C/dm-multipath.xml:375(para)
26687
#: serverguide/C/dm-multipath.xml:374(para)
26602
26688
msgid "When you add a new device you will need to repeat this process."
26603
26689
msgstr ""
26604
26690
26605
#: serverguide/C/dm-multipath.xml:380(title)
26691
#: serverguide/C/dm-multipath.xml:379(title)
26606
26692
msgid "Multipath Device attributes"
26607
26693
msgstr ""
26608
26694
26609
#: serverguide/C/dm-multipath.xml:382(para)
26695
#: serverguide/C/dm-multipath.xml:381(para)
26610
26696
msgid ""
26611
26697
"In addition to the <emphasis role=\"bold\">user_friendly_names</emphasis> "
26612
26698
"and <emphasis role=\"bold\">alias</emphasis> options, a multipath device has "
26619
26705
"linkend=\"multipath-config-multipath\"/>\"."
26620
26706
msgstr ""
26621
26707
26622
#: serverguide/C/dm-multipath.xml:395(title)
26708
#: serverguide/C/dm-multipath.xml:394(title)
26623
26709
msgid "Multipath Devices in Logical Volumes"
26624
26710
msgstr ""
26625
26711
26626
#: serverguide/C/dm-multipath.xml:397(para)
26712
#: serverguide/C/dm-multipath.xml:396(para)
26627
26713
msgid ""
26628
26714
"After creating multipath devices, you can use the multipath device names "
26629
26715
"just as you would use a physical device name when creating an LVM physical "
26634
26720
"you would use any other LVM physical device."
26635
26721
msgstr ""
26636
26722
26637
#: serverguide/C/dm-multipath.xml:406(para)
26723
#: serverguide/C/dm-multipath.xml:405(para)
26638
26724
msgid ""
26639
26725
"If you attempt to create an LVM physical volume on a whole device on which "
26640
26726
"you have configured partitions, the pvcreate command will fail."
26641
26727
msgstr ""
26642
26728
26643
#: serverguide/C/dm-multipath.xml:426(para)
26729
#: serverguide/C/dm-multipath.xml:425(para)
26644
26730
msgid ""
26645
26731
"Every time either <filename>/etc/lvm.conf</filename> or "
26646
26732
"<filename>/etc/multipath.conf</filename> is updated, the initrd should be "
26648
26734
"filters are necessary to maintain a stable storage configuration."
26649
26735
msgstr ""
26650
26736
26651
#: serverguide/C/dm-multipath.xml:411(para)
26737
#: serverguide/C/dm-multipath.xml:410(para)
26652
26738
msgid ""
26653
26739
"When you create an LVM logical volume that uses active/passive multipath "
26654
26740
"arrays as the underlying physical devices, you should include filters in the "
26667
26753
"Perform:<screen>update-initramfs -u -k all</screen><placeholder-1/>"
26668
26754
msgstr ""
26669
26755
26670
#: serverguide/C/dm-multipath.xml:436(title)
26756
#: serverguide/C/dm-multipath.xml:435(title)
26671
26757
msgid "Setting up DM-Multipath Overview"
26672
26758
msgstr ""
26673
26759
26674
#: serverguide/C/dm-multipath.xml:438(para)
26760
#: serverguide/C/dm-multipath.xml:437(para)
26675
26761
msgid ""
26676
26762
"This section provides step-by-step example procedures for configuring DM-"
26677
26763
"Multipath. It includes the following procedures:"
26678
26764
msgstr ""
26679
26765
26680
#: serverguide/C/dm-multipath.xml:443(para)
26766
#: serverguide/C/dm-multipath.xml:442(para)
26681
26767
msgid "Basic DM-Multipath setup"
26682
26768
msgstr ""
26683
26769
26684
#: serverguide/C/dm-multipath.xml:447(para)
26770
#: serverguide/C/dm-multipath.xml:446(para)
26685
26771
msgid "Ignoring local disks"
26686
26772
msgstr ""
26687
26773
26688
#: serverguide/C/dm-multipath.xml:451(para)
26774
#: serverguide/C/dm-multipath.xml:450(para)
26689
26775
msgid "Adding more devices to the configuration file"
26690
26776
msgstr ""
26691
26777
26692
#: serverguide/C/dm-multipath.xml:456(title)
26778
#: serverguide/C/dm-multipath.xml:455(title)
26693
26779
msgid "Setting Up DM-Multipath"
26694
26780
msgstr ""
26695
26781
26696
#: serverguide/C/dm-multipath.xml:458(para)
26782
#: serverguide/C/dm-multipath.xml:457(para)
26697
26783
msgid ""
26698
26784
"Before setting up DM-Multipath on your system, ensure that your system has "
26699
26785
"been updated and includes the <emphasis role=\"bold\"><application>multipath-"
26702
26788
"boot</application></emphasis> package is also required."
26703
26789
msgstr ""
26704
26790
26705
#: serverguide/C/dm-multipath.xml:476(para)
26791
#: serverguide/C/dm-multipath.xml:475(para)
26706
26792
msgid ""
26707
26793
"To work around a quirk in multipathd, when an "
26708
26794
"<filename>/etc/multipath.conf</filename> doesn't exist, the previous command "
26719
26805
"database."
26720
26806
msgstr ""
26721
26807
26722
#: serverguide/C/dm-multipath.xml:465(para)
26808
#: serverguide/C/dm-multipath.xml:464(para)
26723
26809
msgid ""
26724
26810
"A basic <emphasis role=\"bold\">/etc/multipath.conf </emphasis> need not "
26725
26811
"even exist, when <emphasis role=\"bold\">multpath</emphasis> is run without "
26735
26821
"multipath.conf-live</screen><placeholder-1/>"
26736
26822
msgstr ""
26737
26823
26738
#: serverguide/C/dm-multipath.xml:493(title)
26824
#: serverguide/C/dm-multipath.xml:492(title)
26739
26825
msgid "Installing with Multipath Support"
26740
26826
msgstr ""
26741
26827
26742
#: serverguide/C/dm-multipath.xml:495(para)
26828
#: serverguide/C/dm-multipath.xml:494(para)
26743
26829
msgid ""
26744
26830
"To enable <ulink "
26745
26831
"url=\"http://wiki.debian.org/DebianInstaller/MultipathSupport\">multipath "
26749
26835
"role=\"bold\">/dev/mapper/mpath<X></emphasis> during installation."
26750
26836
msgstr ""
26751
26837
26752
#: serverguide/C/dm-multipath.xml:504(title)
26838
#: serverguide/C/dm-multipath.xml:503(title)
26753
26839
msgid "Ignoring Local Disks When Generating Multipath Devices"
26754
26840
msgstr ""
26755
26841
26756
#: serverguide/C/dm-multipath.xml:506(para)
26842
#: serverguide/C/dm-multipath.xml:505(para)
26757
26843
msgid ""
26758
26844
"Some machines have local SCSI cards for their internal disks. DM-Multipath "
26759
26845
"is not recommended for these devices. The following procedure shows how to "
26774
26860
"linkend=\"multipath-command-output\">Multipath Command Output</link>."
26775
26861
msgstr ""
26776
26862
26777
#: serverguide/C/dm-multipath.xml:525(screen)
26863
#: serverguide/C/dm-multipath.xml:524(screen)
26778
26864
#, no-wrap
26779
26865
msgid ""
26780
26866
"\n"
26811
26897
" `- 3:0:0:3 sdg 8:128 undef ready running\n"
26812
26898
msgstr ""
26813
26899
26814
#: serverguide/C/dm-multipath.xml:561(para)
26900
#: serverguide/C/dm-multipath.xml:560(para)
26815
26901
msgid ""
26816
26902
"In order to prevent the device mapper from mapping <emphasis "
26817
26903
"role=\"bold\">/dev/sda</emphasis> in its multipath maps, edit the blacklist "
26828
26914
"the following in the <filename>/etc/multipath.conf</filename> file."
26829
26915
msgstr ""
26830
26916
26831
#: serverguide/C/dm-multipath.xml:576(screen)
26917
#: serverguide/C/dm-multipath.xml:575(screen)
26832
26918
#, no-wrap
26833
26919
msgid ""
26834
26920
"\n"
26837
26923
"}\n"
26838
26924
msgstr ""
26839
26925
26840
#: serverguide/C/dm-multipath.xml:584(para)
26926
#: serverguide/C/dm-multipath.xml:583(para)
26841
26927
msgid ""
26842
26928
"After you have updated the <filename>/etc/multipath.conf</filename> file, "
26843
26929
"you must manually tell the <emphasis role=\"bold\">multipathd</emphasis> "
26845
26931
"<filename>/etc/multipath.conf</filename> file."
26846
26932
msgstr ""
26847
26933
26848
#: serverguide/C/dm-multipath.xml:589(screen)
26934
#: serverguide/C/dm-multipath.xml:588(screen)
26849
26935
#, no-wrap
26850
26936
msgid "# service multipath-tools reload"
26851
26937
msgstr ""
26852
26938
26853
#: serverguide/C/dm-multipath.xml:593(para)
26939
#: serverguide/C/dm-multipath.xml:592(para)
26854
26940
msgid "Run the following command to remove the multipath device:"
26855
26941
msgstr ""
26856
26942
26857
#: serverguide/C/dm-multipath.xml:596(screen)
26943
#: serverguide/C/dm-multipath.xml:595(screen)
26858
26944
#, no-wrap
26859
26945
msgid ""
26860
26946
"\n"
26874
26960
"specify a <emphasis role=\"bold\">-v</emphasis> option."
26875
26961
msgstr ""
26876
26962
26877
#: serverguide/C/dm-multipath.xml:613(screen)
26963
#: serverguide/C/dm-multipath.xml:612(screen)
26878
26964
#, no-wrap
26879
26965
msgid ""
26880
26966
"\n"
26905
26991
" `- 3:0:0:3 sdg 8:128 undef ready running\n"
26906
26992
msgstr ""
26907
26993
26908
#: serverguide/C/dm-multipath.xml:645(title)
26994
#: serverguide/C/dm-multipath.xml:644(title)
26909
26995
msgid "Configuring Storage Devices"
26910
26996
msgstr ""
26911
26997
26912
#: serverguide/C/dm-multipath.xml:647(para)
26998
#: serverguide/C/dm-multipath.xml:646(para)
26913
26999
msgid ""
26914
27000
"By default, DM-Multipath includes support for the most common storage arrays "
26915
27001
"that support DM-Multipath. The default configuration values, including "
26917
27003
"<filename>multipath.conf.defaults</filename> file."
26918
27004
msgstr ""
26919
27005
26920
#: serverguide/C/dm-multipath.xml:652(para)
27006
#: serverguide/C/dm-multipath.xml:651(para)
26921
27007
msgid ""
26922
27008
"If you need to add a storage device that is not supported by default as a "
26923
27009
"known multipath device, edit the <filename>/etc/multipath.conf</filename> "
26924
27010
"file and insert the appropriate device information."
26925
27011
msgstr ""
26926
27012
26927
#: serverguide/C/dm-multipath.xml:656(para)
27013
#: serverguide/C/dm-multipath.xml:655(para)
26928
27014
msgid ""
26929
27015
"For example, to add information about the HP Open-V series the entry looks "
26930
27016
"like this, where <emphasis role=\"bold\">%n</emphasis> is the device name:"
26931
27017
msgstr ""
26932
27018
26933
#: serverguide/C/dm-multipath.xml:660(screen)
27019
#: serverguide/C/dm-multipath.xml:659(screen)
26934
27020
#, no-wrap
26935
27021
msgid ""
26936
27022
"devices {\n"
26943
27029
"}\n"
26944
27030
msgstr ""
26945
27031
26946
#: serverguide/C/dm-multipath.xml:669(para)
27032
#: serverguide/C/dm-multipath.xml:668(para)
26947
27033
msgid ""
26948
27034
"For more information on the devices section of the configuration file, see "
26949
27035
"Section <xref endterm=\"config-device-title\" linkend=\"multipath-config-"
26950
27036
"device\"/>."
26951
27037
msgstr ""
26952
27038
26953
#: serverguide/C/dm-multipath.xml:676(title)
27039
#: serverguide/C/dm-multipath.xml:675(title)
26954
27040
msgid "The DM-Multipath Configuration File"
26955
27041
msgstr ""
26956
27042
26957
#: serverguide/C/dm-multipath.xml:678(para)
27043
#: serverguide/C/dm-multipath.xml:677(para)
26958
27044
msgid ""
26959
27045
"By default, DM-Multipath provides configuration values for the most common "
26960
27046
"uses of multipathing. In addition, DM-Multipath includes support for the "
26963
27049
"<filename>multipath.conf.defaults</filename> file."
26964
27050
msgstr ""
26965
27051
26966
#: serverguide/C/dm-multipath.xml:684(para)
27052
#: serverguide/C/dm-multipath.xml:683(para)
26967
27053
msgid ""
26968
27054
"You can override the default configuration values for DM-Multipath by "
26969
27055
"editing the <filename>/etc/multipath.conf</filename> configuration file. If "
26973
27059
"on the following topics: <placeholder-1/>"
26974
27060
msgstr ""
26975
27061
26976
#: serverguide/C/dm-multipath.xml:716(para)
27062
#: serverguide/C/dm-multipath.xml:715(para)
26977
27063
msgid ""
26978
27064
"In the multipath configuration file, you need to specify only the sections "
26979
27065
"that you need for your configuration, or that you wish to change from the "
26983
27069
"can leave them commented out, as they are in the initial file."
26984
27070
msgstr ""
26985
27071
26986
#: serverguide/C/dm-multipath.xml:724(para)
27072
#: serverguide/C/dm-multipath.xml:723(para)
26987
27073
msgid "The configuration file allows regular expression description syntax."
26988
27074
msgstr ""
26989
27075
26990
#: serverguide/C/dm-multipath.xml:727(para)
27076
#: serverguide/C/dm-multipath.xml:726(para)
26991
27077
msgid ""
26992
27078
"An annotated version of the configuration file can be found in "
26993
27079
"<filename><filename>/usr/share/doc/multipath-"
26994
27080
"tools/examples/multipath.conf.annotated.gz</filename></filename>."
26995
27081
msgstr ""
26996
27082
26997
#: serverguide/C/dm-multipath.xml:731(title)
27083
#: serverguide/C/dm-multipath.xml:730(title)
26998
27084
msgid "Configuration File Overview"
26999
27085
msgstr ""
27000
27086
27001
#: serverguide/C/dm-multipath.xml:733(para)
27087
#: serverguide/C/dm-multipath.xml:732(para)
27002
27088
msgid ""
27003
27089
"The multipath configuration file is divided into the following sections:"
27004
27090
msgstr ""
27005
27091
27006
#: serverguide/C/dm-multipath.xml:738(emphasis)
27092
#: serverguide/C/dm-multipath.xml:737(emphasis)
27007
27093
msgid "blacklist"
27008
27094
msgstr ""
27009
27095
27010
#: serverguide/C/dm-multipath.xml:741(para)
27096
#: serverguide/C/dm-multipath.xml:740(para)
27011
27097
msgid ""
27012
27098
"Listing of specific devices that will not be considered for multipath."
27013
27099
msgstr ""
27014
27100
27015
#: serverguide/C/dm-multipath.xml:747(emphasis)
27101
#: serverguide/C/dm-multipath.xml:746(emphasis)
27016
27102
msgid "blacklist_exceptions"
27017
27103
msgstr ""
27018
27104
27019
#: serverguide/C/dm-multipath.xml:750(para)
27105
#: serverguide/C/dm-multipath.xml:749(para)
27020
27106
msgid ""
27021
27107
"Listing of multipath candidates that would otherwise be blacklisted "
27022
27108
"according to the parameters of the blacklist section."
27023
27109
msgstr ""
27024
27110
27025
#: serverguide/C/dm-multipath.xml:757(emphasis)
27111
#: serverguide/C/dm-multipath.xml:756(emphasis)
27026
27112
msgid "defaults"
27027
27113
msgstr ""
27028
27114
27029
#: serverguide/C/dm-multipath.xml:760(para)
27115
#: serverguide/C/dm-multipath.xml:759(para)
27030
27116
msgid "General default settings for DM-Multipath."
27031
27117
msgstr ""
27032
27118
27033
#: serverguide/C/dm-multipath.xml:768(para)
27119
#: serverguide/C/dm-multipath.xml:767(para)
27034
27120
msgid ""
27035
27121
"Settings for the characteristics of individual multipath devices. These "
27036
27122
"values overwrite what is specified in the <emphasis "
27038
27124
"role=\"bold\">devices</emphasis> sections of the configuration file."
27039
27125
msgstr ""
27040
27126
27041
#: serverguide/C/dm-multipath.xml:777(emphasis)
27127
#: serverguide/C/dm-multipath.xml:776(emphasis)
27042
27128
msgid "devices"
27043
27129
msgstr ""
27044
27130
27045
#: serverguide/C/dm-multipath.xml:780(para)
27131
#: serverguide/C/dm-multipath.xml:779(para)
27046
27132
msgid ""
27047
27133
"Settings for the individual storage controllers. These values overwrite what "
27048
27134
"is specified in the <emphasis role=\"bold\">defaults</emphasis> section of "
27051
27137
"array."
27052
27138
msgstr ""
27053
27139
27054
#: serverguide/C/dm-multipath.xml:789(para)
27140
#: serverguide/C/dm-multipath.xml:788(para)
27055
27141
msgid ""
27056
27142
"When the system determines the attributes of a multipath device, first it "
27057
27143
"checks the multipath settings, then the per devices settings, then the "
27058
27144
"multipath system defaults."
27059
27145
msgstr ""
27060
27146
27061
#: serverguide/C/dm-multipath.xml:795(title)
27147
#: serverguide/C/dm-multipath.xml:794(title)
27062
27148
msgid "Configuration File Blacklist"
27063
27149
msgstr ""
27064
27150
27065
#: serverguide/C/dm-multipath.xml:797(para)
27151
#: serverguide/C/dm-multipath.xml:796(para)
27066
27152
msgid ""
27067
27153
"The blacklist section of the multipath configuration file specifies the "
27068
27154
"devices that will not be used when the system configures multipath devices. "
27069
27155
"Devices that are blacklisted will not be grouped into a multipath device."
27070
27156
msgstr ""
27071
27157
27072
#: serverguide/C/dm-multipath.xml:804(para)
27158
#: serverguide/C/dm-multipath.xml:803(para)
27073
27159
msgid ""
27074
27160
"If you do need to blacklist devices, you can do so according to the "
27075
27161
"following criteria:"
27076
27162
msgstr ""
27077
27163
27078
#: serverguide/C/dm-multipath.xml:809(para)
27164
#: serverguide/C/dm-multipath.xml:808(para)
27079
27165
msgid ""
27080
27166
"By WWID, as described <xref endterm=\"config-blacklist-by-wwid-title\" "
27081
27167
"linkend=\"multipath-config-blacklist-by-wwid\"/>"
27082
27168
msgstr ""
27083
27169
27084
#: serverguide/C/dm-multipath.xml:815(para)
27170
#: serverguide/C/dm-multipath.xml:814(para)
27085
27171
msgid ""
27086
27172
"By device name, as described in <xref endterm=\"config-blacklist-by-device-"
27087
27173
"name-title\" linkend=\"multipath-config-blacklist-by-device-name\"/>"
27088
27174
msgstr ""
27089
27175
27090
#: serverguide/C/dm-multipath.xml:821(para)
27176
#: serverguide/C/dm-multipath.xml:820(para)
27091
27177
msgid ""
27092
27178
"By device type, as described in <xref endterm=\"config-blacklist-by-device-"
27093
27179
"type-title\" linkend=\"multipath-config-blacklist-by-device-type\"/>"
27094
27180
msgstr ""
27095
27181
27096
#: serverguide/C/dm-multipath.xml:827(para)
27182
#: serverguide/C/dm-multipath.xml:826(para)
27097
27183
msgid ""
27098
27184
"By default, a variety of device types are blacklisted, even after you "
27099
27185
"comment out the initial blacklist section of the configuration file. For "
27101
27187
"linkend=\"multipath-config-blacklist-by-device-name\"/>"
27102
27188
msgstr ""
27103
27189
27104
#: serverguide/C/dm-multipath.xml:836(title)
27190
#: serverguide/C/dm-multipath.xml:835(title)
27105
27191
msgid "Blacklisting By WWID"
27106
27192
msgstr ""
27107
27193
27108
#: serverguide/C/dm-multipath.xml:839(para)
27194
#: serverguide/C/dm-multipath.xml:838(para)
27109
27195
msgid ""
27110
27196
"You can specify individual devices to blacklist by their World-Wide "
27111
27197
"IDentification with a <emphasis role=\"bold\">wwid</emphasis> entry in the "
27113
27199
"file."
27114
27200
msgstr ""
27115
27201
27116
#: serverguide/C/dm-multipath.xml:844(para)
27202
#: serverguide/C/dm-multipath.xml:843(para)
27117
27203
msgid ""
27118
27204
"The following example shows the lines in the configuration file that would "
27119
27205
"blacklist a device with a WWID of 26353900f02796769."
27120
27206
msgstr ""
27121
27207
27122
#: serverguide/C/dm-multipath.xml:847(screen)
27208
#: serverguide/C/dm-multipath.xml:846(screen)
27123
27209
#, no-wrap
27124
27210
msgid ""
27125
27211
"\n"
27128
27214
"}\n"
27129
27215
msgstr ""
27130
27216
27131
#: serverguide/C/dm-multipath.xml:855(title)
27217
#: serverguide/C/dm-multipath.xml:854(title)
27132
27218
msgid "Blacklisting By Device Name"
27133
27219
msgstr ""
27134
27220
27135
#: serverguide/C/dm-multipath.xml:858(para)
27221
#: serverguide/C/dm-multipath.xml:857(para)
27136
27222
msgid ""
27137
27223
"You can blacklist device types by device name so that they will not be "
27138
27224
"grouped into a multipath device by specifying a <emphasis "
27140
27226
"role=\"bold\">blacklist</emphasis> section of the configuration file."
27141
27227
msgstr ""
27142
27228
27143
#: serverguide/C/dm-multipath.xml:864(para)
27229
#: serverguide/C/dm-multipath.xml:863(para)
27144
27230
msgid ""
27145
27231
"The following example shows the lines in the configuration file that would "
27146
27232
"blacklist all SCSI devices, since it blacklists all sd* devices. <screen>\n"
27149
27235
"}</screen>"
27150
27236
msgstr ""
27151
27237
27152
#: serverguide/C/dm-multipath.xml:871(para)
27238
#: serverguide/C/dm-multipath.xml:870(para)
27153
27239
msgid ""
27154
27240
"You can use a <emphasis role=\"bold\">devnode</emphasis> entry in the "
27155
27241
"<emphasis role=\"bold\">blacklist</emphasis> section of the configuration "
27161
27247
"on reboot."
27162
27248
msgstr ""
27163
27249
27164
#: serverguide/C/dm-multipath.xml:881(para)
27250
#: serverguide/C/dm-multipath.xml:880(para)
27165
27251
msgid ""
27166
27252
"By default, the following <emphasis role=\"bold\">devnode</emphasis> entries "
27167
27253
"are compiled in the default blacklist; the devices that these entries "
27177
27263
"</screen>"
27178
27264
msgstr ""
27179
27265
27180
#: serverguide/C/dm-multipath.xml:898(title)
27266
#: serverguide/C/dm-multipath.xml:897(title)
27181
27267
msgid "Blacklisting By Device Type"
27182
27268
msgstr ""
27183
27269
27184
#: serverguide/C/dm-multipath.xml:901(para)
27270
#: serverguide/C/dm-multipath.xml:900(para)
27185
27271
msgid ""
27186
27272
"You can specify specific device types in the <emphasis "
27187
27273
"role=\"bold\">blacklist</emphasis> section of the configuration file with a "
27200
27286
"</screen>"
27201
27287
msgstr ""
27202
27288
27203
#: serverguide/C/dm-multipath.xml:919(title)
27289
#: serverguide/C/dm-multipath.xml:918(title)
27204
27290
msgid "Blacklist Exceptions"
27205
27291
msgstr ""
27206
27292
27207
#: serverguide/C/dm-multipath.xml:922(para)
27293
#: serverguide/C/dm-multipath.xml:921(para)
27208
27294
msgid ""
27209
27295
"You can use the <emphasis role=\"bold\">blacklist_exceptions</emphasis> "
27210
27296
"section of the configuration file to enable multipathing on devices that "
27211
27297
"have been blacklisted by default."
27212
27298
msgstr ""
27213
27299
27214
#: serverguide/C/dm-multipath.xml:927(para)
27300
#: serverguide/C/dm-multipath.xml:926(para)
27215
27301
msgid ""
27216
27302
"For example, if you have a large number of devices and want to multipath "
27217
27303
"only one of them (with the WWID of 3600d0230000000000e13955cc3757803), "
27229
27315
"</screen>"
27230
27316
msgstr ""
27231
27317
27232
#: serverguide/C/dm-multipath.xml:942(para)
27318
#: serverguide/C/dm-multipath.xml:941(para)
27233
27319
msgid ""
27234
27320
"When specifying devices in the <emphasis "
27235
27321
"role=\"bold\">blacklist_exceptions</emphasis> section of the configuration "
27241
27327
"only to devnode entries, and device exceptions apply only to device entries."
27242
27328
msgstr ""
27243
27329
27244
#: serverguide/C/dm-multipath.xml:955(title)
27330
#: serverguide/C/dm-multipath.xml:954(title)
27245
27331
msgid "Configuration File Defaults"
27246
27332
msgstr ""
27247
27333
27248
#: serverguide/C/dm-multipath.xml:957(para)
27334
#: serverguide/C/dm-multipath.xml:956(para)
27249
27335
msgid ""
27250
27336
"The <filename>/etc/multipath.conf</filename> configuration file includes a "
27251
27337
"<emphasis role=\"bold\">defaults</emphasis> section that sets the <emphasis "
27253
27339
"role=\"bold\">yes</emphasis>, as follows."
27254
27340
msgstr ""
27255
27341
27256
#: serverguide/C/dm-multipath.xml:962(screen)
27342
#: serverguide/C/dm-multipath.xml:961(screen)
27257
27343
#, no-wrap
27258
27344
msgid ""
27259
27345
"\n"
27262
27348
"}\n"
27263
27349
msgstr ""
27264
27350
27265
#: serverguide/C/dm-multipath.xml:968(para)
27351
#: serverguide/C/dm-multipath.xml:967(para)
27266
27352
msgid ""
27267
27353
"This overwrites the default value of the <emphasis "
27268
27354
"role=\"bold\">user_friendly_names</emphasis> parameter."
27269
27355
msgstr ""
27270
27356
27271
#: serverguide/C/dm-multipath.xml:971(para)
27357
#: serverguide/C/dm-multipath.xml:970(para)
27272
27358
msgid ""
27273
27359
"The configuration file includes a template of configuration defaults. This "
27274
27360
"section is commented out, as follows."
27275
27361
msgstr ""
27276
27362
27277
#: serverguide/C/dm-multipath.xml:974(screen)
27363
#: serverguide/C/dm-multipath.xml:973(screen)
27278
27364
#, no-wrap
27279
27365
msgid ""
27280
27366
"\n"
27295
27381
"#}\n"
27296
27382
msgstr ""
27297
27383
27298
#: serverguide/C/dm-multipath.xml:991(para)
27384
#: serverguide/C/dm-multipath.xml:990(para)
27299
27385
msgid ""
27300
27386
"To overwrite the default value for any of the configuration parameters, you "
27301
27387
"can copy the relevant line from this template into the <emphasis "
27308
27394
"uncomment it, as follows."
27309
27395
msgstr ""
27310
27396
27311
#: serverguide/C/dm-multipath.xml:1002(screen)
27397
#: serverguide/C/dm-multipath.xml:1001(screen)
27312
27398
#, no-wrap
27313
27399
msgid ""
27314
27400
"\n"
27318
27404
"}\n"
27319
27405
msgstr ""
27320
27406
27321
#: serverguide/C/dm-multipath.xml:1009(para)
27407
#: serverguide/C/dm-multipath.xml:1008(para)
27322
27408
msgid ""
27323
27409
"Table <xref endterm=\"config-defaults-table-title\" linkend=\"multipath-"
27324
27410
"config-defaults-table\"/> describes the attributes that are set in the "
27330
27416
"<filename>multipath.conf</filename> file."
27331
27417
msgstr ""
27332
27418
27333
#: serverguide/C/dm-multipath.xml:1023(title)
27419
#: serverguide/C/dm-multipath.xml:1022(title)
27334
27420
msgid "Configuration File Multipath Attributes"
27335
27421
msgstr ""
27336
27422
27337
#: serverguide/C/dm-multipath.xml:1026(para)
27423
#: serverguide/C/dm-multipath.xml:1025(para)
27338
27424
msgid ""
27339
27425
"Table <xref endterm=\"attributes-table-title\" linkend=\"multipath-"
27340
27426
"attributes-table\"/> shows the attributes that you can set in the <emphasis "
27346
27432
"role=\"bold\">devices</emphasis> sections of the multipath.conf file."
27347
27433
msgstr ""
27348
27434
27349
#: serverguide/C/dm-multipath.xml:1039(para)
27435
#: serverguide/C/dm-multipath.xml:1038(para)
27350
27436
msgid ""
27351
27437
"In addition, the following parameters may be overridden in this <emphasis "
27352
27438
"role=\"bold\">multipath</emphasis> section"
27353
27439
msgstr ""
27354
27440
27355
#: serverguide/C/dm-multipath.xml:1088(para)
27441
#: serverguide/C/dm-multipath.xml:1087(para)
27356
27442
msgid ""
27357
27443
"The following example shows multipath attributes specified in the "
27358
27444
"configuration file for two specific multipath devices. The first device has "
27367
27453
"are set to priorities."
27368
27454
msgstr ""
27369
27455
27370
#: serverguide/C/dm-multipath.xml:1098(screen)
27456
#: serverguide/C/dm-multipath.xml:1097(screen)
27371
27457
#, no-wrap
27372
27458
msgid ""
27373
27459
"\n"
27389
27475
"}\n"
27390
27476
msgstr ""
27391
27477
27392
#: serverguide/C/dm-multipath.xml:1119(title)
27478
#: serverguide/C/dm-multipath.xml:1118(title)
27393
27479
msgid "Configuration File Devices"
27394
27480
msgstr ""
27395
27481
27396
#: serverguide/C/dm-multipath.xml:1121(para)
27482
#: serverguide/C/dm-multipath.xml:1120(para)
27397
27483
msgid ""
27398
27484
"Table <xref endterm=\"device-attributes-table-title\" linkend=\"multipath-"
27399
27485
"device-attributes-table\"/> shows the attributes that you can set for each "
27407
27493
"<filename>multipath.conf</filename> file."
27408
27494
msgstr ""
27409
27495
27410
#: serverguide/C/dm-multipath.xml:1132(para)
27496
#: serverguide/C/dm-multipath.xml:1131(para)
27411
27497
msgid ""
27412
27498
"Many devices that support multipathing are included by default in a "
27413
27499
"multipath configuration. The values for the devices that are supported by "
27421
27507
"the device and override the values that you want to change."
27422
27508
msgstr ""
27423
27509
27424
#: serverguide/C/dm-multipath.xml:1144(para)
27510
#: serverguide/C/dm-multipath.xml:1143(para)
27425
27511
msgid ""
27426
27512
"To add a device to this section of the configuration file that is not "
27427
27513
"configured automatically by default, you must set the <emphasis "
27433
27519
"device_name is the device to be multipathed, as in the following example:"
27434
27520
msgstr ""
27435
27521
27436
#: serverguide/C/dm-multipath.xml:1154(screen)
27522
#: serverguide/C/dm-multipath.xml:1153(screen)
27437
27523
#, no-wrap
27438
27524
msgid ""
27439
27525
"\n"
27443
27529
"SF2372\n"
27444
27530
msgstr ""
27445
27531
27446
#: serverguide/C/dm-multipath.xml:1161(para)
27532
#: serverguide/C/dm-multipath.xml:1160(para)
27447
27533
msgid ""
27448
27534
"The additional parameters to specify depend on your specific device. If the "
27449
27535
"device is active/active, you will usually not need to set additional "
27456
27542
"table\"/>."
27457
27543
msgstr ""
27458
27544
27459
#: serverguide/C/dm-multipath.xml:1171(para)
27545
#: serverguide/C/dm-multipath.xml:1170(para)
27460
27546
msgid ""
27461
27547
"If the device is active/passive, but it automatically switches paths with "
27462
27548
"I/O to the passive path, you need to change the checker function to one that "
27467
27553
"the Test Unit Ready command, which most do."
27468
27554
msgstr ""
27469
27555
27470
#: serverguide/C/dm-multipath.xml:1180(para)
27556
#: serverguide/C/dm-multipath.xml:1179(para)
27471
27557
msgid ""
27472
27558
"If the device needs a special command to switch paths, then configuring this "
27473
27559
"device for multipath requires a hardware handler kernel module. The current "
27475
27561
"device, you may not be able to configure the device for multipath."
27476
27562
msgstr ""
27477
27563
27478
#: serverguide/C/dm-multipath.xml:1189(para)
27564
#: serverguide/C/dm-multipath.xml:1188(para)
27479
27565
msgid ""
27480
27566
"In addition, the following parameters may be overridden in this <emphasis "
27481
27567
"role=\"bold\">device</emphasis> section"
27482
27568
msgstr ""
27483
27569
27484
#: serverguide/C/dm-multipath.xml:1264(para)
27570
#: serverguide/C/dm-multipath.xml:1263(para)
27485
27571
msgid ""
27486
27572
"Whenever a hardware_handler is specified, it is your responsibility to "
27487
27573
"ensure that the appropriate kernel module is loaded to support the specified "
27495
27581
"# update-initramfs -u -k all</screen>"
27496
27582
msgstr ""
27497
27583
27498
#: serverguide/C/dm-multipath.xml:1275(para)
27584
#: serverguide/C/dm-multipath.xml:1274(para)
27499
27585
msgid ""
27500
27586
"The following example shows a device entry in the multipath configuration "
27501
27587
"file."
27502
27588
msgstr ""
27503
27589
27504
#: serverguide/C/dm-multipath.xml:1278(screen)
27590
#: serverguide/C/dm-multipath.xml:1277(screen)
27505
27591
#, no-wrap
27506
27592
msgid ""
27507
27593
"\n"
27516
27602
"#}\n"
27517
27603
msgstr ""
27518
27604
27519
#: serverguide/C/dm-multipath.xml:1290(para)
27605
#: serverguide/C/dm-multipath.xml:1289(para)
27520
27606
msgid ""
27521
27607
"The spacing reserved in the <emphasis role=\"bold\">vendor</emphasis>, "
27522
27608
"<emphasis role=\"bold\">product</emphasis>, and <emphasis "
27533
27619
"characters or spaces, as seen in the example above"
27534
27620
msgstr ""
27535
27621
27536
#: serverguide/C/dm-multipath.xml:1307(para)
27622
#: serverguide/C/dm-multipath.xml:1306(para)
27537
27623
msgid "vendor: 8 characters"
27538
27624
msgstr ""
27539
27625
27540
#: serverguide/C/dm-multipath.xml:1311(para)
27626
#: serverguide/C/dm-multipath.xml:1310(para)
27541
27627
msgid "product: 16 characters"
27542
27628
msgstr ""
27543
27629
27544
#: serverguide/C/dm-multipath.xml:1315(para)
27630
#: serverguide/C/dm-multipath.xml:1314(para)
27545
27631
msgid "revision: 4 characters"
27546
27632
msgstr ""
27547
27633
27548
#: serverguide/C/dm-multipath.xml:1319(para)
27634
#: serverguide/C/dm-multipath.xml:1318(para)
27549
27635
msgid ""
27550
27636
"To create a more robust configuration file, regular expressions can also be "
27551
27637
"used. Operators include <emphasis role=\"bold\">^ $ [ ] . * ? +</emphasis>. "
27554
27640
"files found in <filename>/usr/share/doc/multipath-tools/examples:</filename>"
27555
27641
msgstr ""
27556
27642
27557
#: serverguide/C/dm-multipath.xml:1326(screen)
27643
#: serverguide/C/dm-multipath.xml:1325(screen)
27558
27644
#, no-wrap
27559
27645
msgid "# echo 'show config' | multipathd -k"
27560
27646
msgstr ""
27561
27647
27562
#: serverguide/C/dm-multipath.xml:1331(title)
27648
#: serverguide/C/dm-multipath.xml:1330(title)
27563
27649
msgid "DM-Multipath Administration and Troubleshooting"
27564
27650
msgstr ""
27565
27651
27566
#: serverguide/C/dm-multipath.xml:1334(title)
27652
#: serverguide/C/dm-multipath.xml:1333(title)
27567
27653
msgid "Resizing an Online Multipath Device"
27568
27654
msgstr ""
27569
27655
27570
#: serverguide/C/dm-multipath.xml:1336(para)
27656
#: serverguide/C/dm-multipath.xml:1335(para)
27571
27657
msgid ""
27572
27658
"If you need to resize an online multipath device, use the following procedure"
27573
27659
msgstr ""
27574
27660
27575
#: serverguide/C/dm-multipath.xml:1341(para)
27661
#: serverguide/C/dm-multipath.xml:1340(para)
27576
27662
msgid "Resize your physical device. This is storage platform specific."
27577
27663
msgstr ""
27578
27664
27579
#: serverguide/C/dm-multipath.xml:1346(para)
27665
#: serverguide/C/dm-multipath.xml:1345(para)
27580
27666
msgid "Use the following command to find the paths to the LUN:"
27581
27667
msgstr ""
27582
27668
27583
#: serverguide/C/dm-multipath.xml:1348(screen)
27669
#: serverguide/C/dm-multipath.xml:1347(screen)
27584
27670
#, no-wrap
27585
27671
msgid "# multipath -l"
27586
27672
msgstr ""
27587
27673
27588
#: serverguide/C/dm-multipath.xml:1352(para)
27674
#: serverguide/C/dm-multipath.xml:1351(para)
27589
27675
msgid ""
27590
27676
"Resize your paths. For SCSI devices, writing 1 to the "
27591
27677
"<filename>rescan</filename> file for the device causes the SCSI driver to "
27592
27678
"rescan, as in the following command:"
27593
27679
msgstr ""
27594
27680
27595
#: serverguide/C/dm-multipath.xml:1356(screen)
27681
#: serverguide/C/dm-multipath.xml:1355(screen)
27596
27682
#, no-wrap
27597
27683
msgid "# echo 1 > /sys/block/device_name/device/rescan"
27598
27684
msgstr ""
27599
27685
27600
#: serverguide/C/dm-multipath.xml:1360(para)
27686
#: serverguide/C/dm-multipath.xml:1359(para)
27601
27687
msgid ""
27602
27688
"Resize your multipath device by running the multipathd resize command:"
27603
27689
msgstr ""
27604
27690
27605
#: serverguide/C/dm-multipath.xml:1363(screen)
27691
#: serverguide/C/dm-multipath.xml:1362(screen)
27606
27692
#, no-wrap
27607
27693
msgid "# multipathd -k 'resize map mpatha'"
27608
27694
msgstr ""
27609
27695
27610
#: serverguide/C/dm-multipath.xml:1367(para)
27696
#: serverguide/C/dm-multipath.xml:1366(para)
27611
27697
msgid "Resize the file system (assuming no LVM or DOS partitions are used):"
27612
27698
msgstr ""
27613
27699
27614
#: serverguide/C/dm-multipath.xml:1370(screen)
27700
#: serverguide/C/dm-multipath.xml:1369(screen)
27615
27701
#, no-wrap
27616
27702
msgid "# resize2fs /dev/mapper/mpatha"
27617
27703
msgstr ""
27618
27704
27619
#: serverguide/C/dm-multipath.xml:1376(title)
27705
#: serverguide/C/dm-multipath.xml:1375(title)
27620
27706
msgid ""
27621
27707
"Moving root File Systems from a Single Path Device to a Multipath Device"
27622
27708
msgstr ""
27623
27709
27624
#: serverguide/C/dm-multipath.xml:1379(para)
27710
#: serverguide/C/dm-multipath.xml:1378(para)
27625
27711
msgid ""
27626
27712
"This is dramatically simplified by the use of UUIDs to identify devices as "
27627
27713
"an intrinsic label. Simply install <emphasis role=\"bold\">multipath-tools-"
27630
27716
"mounted by UUID."
27631
27717
msgstr ""
27632
27718
27633
#: serverguide/C/dm-multipath.xml:1386(para)
27719
#: serverguide/C/dm-multipath.xml:1385(para)
27634
27720
msgid ""
27635
27721
"Whenever <filename>multipath.conf</filename> is updated, so should the "
27636
27722
"initrd by executing <command>update-initramfs -u -k all</command>. The "
27639
27725
"blacklist and device sections."
27640
27726
msgstr ""
27641
27727
27642
#: serverguide/C/dm-multipath.xml:1395(title)
27728
#: serverguide/C/dm-multipath.xml:1394(title)
27643
27729
msgid ""
27644
27730
"Moving swap File Systems from a Single Path Device to a Multipath Device"
27645
27731
msgstr ""
27646
27732
27647
#: serverguide/C/dm-multipath.xml:1398(para)
27733
#: serverguide/C/dm-multipath.xml:1397(para)
27648
27734
msgid ""
27649
27735
"The procedure is exactly the same as illustrated in the previous section "
27650
27736
"called <link linkend=\"multipath-moving-rootfs-from-single-path-to-multipath-"
27652
27738
"Device</link>."
27653
27739
msgstr ""
27654
27740
27655
#: serverguide/C/dm-multipath.xml:1406(title)
27741
#: serverguide/C/dm-multipath.xml:1405(title)
27656
27742
msgid "The Multipath Daemon"
27657
27743
msgstr ""
27658
27744
27659
#: serverguide/C/dm-multipath.xml:1408(para)
27745
#: serverguide/C/dm-multipath.xml:1407(para)
27660
27746
msgid ""
27661
27747
"If you find you have trouble implementing a multipath configuration, you "
27662
27748
"should ensure the multipath daemon is running as described in <link "
27668
27754
"<command>multipathd</command> as a debugging aid."
27669
27755
msgstr ""
27670
27756
27671
#: serverguide/C/dm-multipath.xml:1448(title)
27757
#: serverguide/C/dm-multipath.xml:1447(title)
27672
27758
msgid "Issues with queue_if_no_path"
27673
27759
msgstr ""
27674
27760
27675
#: serverguide/C/dm-multipath.xml:1450(para)
27761
#: serverguide/C/dm-multipath.xml:1449(para)
27676
27762
msgid ""
27677
27763
"If <emphasis role=\"bold\">features \"1 queue_if_no_path\"</emphasis> is "
27678
27764
"specified in the <filename>/etc/multipath.conf</filename> file, then any "
27682
27768
"<filename>/etc/multipath.conf</filename>."
27683
27769
msgstr ""
27684
27770
27685
#: serverguide/C/dm-multipath.xml:1457(para)
27771
#: serverguide/C/dm-multipath.xml:1456(para)
27686
27772
msgid ""
27687
27773
"When you set the <emphasis role=\"bold\">no_path_retry</emphasis> parameter, "
27688
27774
"remove the <emphasis role=\"bold\">features \"1 "
27698
27784
"<filename>/etc/multipath.conf</filename> and editing to suit your needs."
27699
27785
msgstr ""
27700
27786
27701
#: serverguide/C/dm-multipath.xml:1471(para)
27787
#: serverguide/C/dm-multipath.xml:1470(para)
27702
27788
msgid ""
27703
27789
"If you need to use the <option>features \"1 queue_if_no_path\"</option> "
27704
27790
"option and you experience the issue noted here, use the "
27709
27795
"<option> \"fail_if_no_path\"</option>, execute the following command."
27710
27796
msgstr ""
27711
27797
27712
#: serverguide/C/dm-multipath.xml:1480(screen)
27798
#: serverguide/C/dm-multipath.xml:1479(screen)
27713
27799
#, no-wrap
27714
27800
msgid "# dmsetup message mpathc 0 \"fail_if_no_path\""
27715
27801
msgstr ""
27716
27802
27717
#: serverguide/C/dm-multipath.xml:1483(para)
27803
#: serverguide/C/dm-multipath.xml:1482(para)
27718
27804
msgid ""
27719
27805
"You must specify the <filename>mpathN</filename> alias rather than the path"
27720
27806
msgstr ""
27721
27807
27722
#: serverguide/C/dm-multipath.xml:1489(title)
27808
#: serverguide/C/dm-multipath.xml:1488(title)
27723
27809
msgid "Multipath Command Output"
27724
27810
msgstr ""
27725
27811
27726
#: serverguide/C/dm-multipath.xml:1491(para)
27812
#: serverguide/C/dm-multipath.xml:1490(para)
27727
27813
msgid ""
27728
27814
"When you create, modify, or list a multipath device, you get a printout of "
27729
27815
"the current device setup. The format is as follows. For each multipath "
27730
27816
"device:"
27731
27817
msgstr ""
27732
27818
27733
#: serverguide/C/dm-multipath.xml:1495(screen)
27819
#: serverguide/C/dm-multipath.xml:1494(screen)
27734
27820
#, no-wrap
27735
27821
msgid ""
27736
27822
" action_if_any: alias (wwid_if_different_from_alias) "
27739
27825
"wp=write_permission_if_known"
27740
27826
msgstr ""
27741
27827
27742
#: serverguide/C/dm-multipath.xml:1498(para)
27828
#: serverguide/C/dm-multipath.xml:1497(para)
27743
27829
msgid "For each path group:"
27744
27830
msgstr ""
27745
27831
27746
#: serverguide/C/dm-multipath.xml:1500(screen)
27832
#: serverguide/C/dm-multipath.xml:1499(screen)
27747
27833
#, no-wrap
27748
27834
msgid ""
27749
27835
" -+- policy='scheduling_policy' prio=prio_if_known\n"
27750
27836
" status=path_group_status_if_known"
27751
27837
msgstr ""
27752
27838
27753
#: serverguide/C/dm-multipath.xml:1503(para)
27839
#: serverguide/C/dm-multipath.xml:1502(para)
27754
27840
msgid "For each path:"
27755
27841
msgstr ""
27756
27842
27757
#: serverguide/C/dm-multipath.xml:1505(screen)
27843
#: serverguide/C/dm-multipath.xml:1504(screen)
27758
27844
#, no-wrap
27759
27845
msgid ""
27760
27846
" `- host:channel:id:lun devnode major:minor dm_status_if_known "
27762
27848
" online_status"
27763
27849
msgstr ""
27764
27850
27765
#: serverguide/C/dm-multipath.xml:1508(para)
27851
#: serverguide/C/dm-multipath.xml:1507(para)
27766
27852
msgid ""
27767
27853
"For example, the output of a multipath command might appear as follows:"
27768
27854
msgstr ""
27769
27855
27770
#: serverguide/C/dm-multipath.xml:1511(screen)
27856
#: serverguide/C/dm-multipath.xml:1510(screen)
27771
27857
#, no-wrap
27772
27858
msgid ""
27773
27859
" 3600d0230000000000e13955cc3757800 dm-1 WINSYS,SF2372\n"
27778
27864
" `- 7:0:0:0 sdf 8:80 active ready running"
27779
27865
msgstr ""
27780
27866
27781
#: serverguide/C/dm-multipath.xml:1518(para)
27867
#: serverguide/C/dm-multipath.xml:1517(para)
27782
27868
msgid ""
27783
27869
"If the path is up and ready for I/O, the status of the path is <emphasis "
27784
27870
"role=\"bold\">ready</emphasis> or <emphasis "
27789
27875
"defined in the <filename>/etc/multipath.conf</filename> file."
27790
27876
msgstr ""
27791
27877
27792
#: serverguide/C/dm-multipath.xml:1526(para)
27878
#: serverguide/C/dm-multipath.xml:1525(para)
27793
27879
msgid ""
27794
27880
"The dm status is similar to the path status, but from the kernel's point of "
27795
27881
"view. The dm status has two states: <emphasis "
27800
27886
"not agree."
27801
27887
msgstr ""
27802
27888
27803
#: serverguide/C/dm-multipath.xml:1534(para)
27889
#: serverguide/C/dm-multipath.xml:1533(para)
27804
27890
msgid ""
27805
27891
"The possible values for <emphasis role=\"bold\">online_status</emphasis> are "
27806
27892
"<emphasis role=\"bold\">running</emphasis> and <emphasis "
27809
27895
"disabled."
27810
27896
msgstr ""
27811
27897
27812
#: serverguide/C/dm-multipath.xml:1542(para)
27898
#: serverguide/C/dm-multipath.xml:1541(para)
27813
27899
msgid ""
27814
27900
"When a multipath device is being created or modified , the path group "
27815
27901
"status, the dm device name, the write permissions, and the dm status are not "
27816
27902
"known. Also, the features are not always correct"
27817
27903
msgstr ""
27818
27904
27819
#: serverguide/C/dm-multipath.xml:1549(title)
27905
#: serverguide/C/dm-multipath.xml:1548(title)
27820
27906
msgid "Multipath Queries with multipath Command"
27821
27907
msgstr ""
27822
27908
27823
#: serverguide/C/dm-multipath.xml:1551(para)
27909
#: serverguide/C/dm-multipath.xml:1550(para)
27824
27910
msgid ""
27825
27911
"You can use the <emphasis role=\"bold\">-l </emphasis>and <emphasis "
27826
27912
"role=\"bold\">-ll</emphasis> options of the <emphasis "
27832
27918
"available components of the system."
27833
27919
msgstr ""
27834
27920
27835
#: serverguide/C/dm-multipath.xml:1560(para)
27921
#: serverguide/C/dm-multipath.xml:1559(para)
27836
27922
msgid ""
27837
27923
"When displaying the multipath configuration, there are three verbosity "
27838
27924
"levels you can specify with the <emphasis role=\"bold\">-v</emphasis> option "
27843
27929
"v2</emphasis> prints all detected paths, multipaths, and device maps."
27844
27930
msgstr ""
27845
27931
27846
#: serverguide/C/dm-multipath.xml:1570(para)
27932
#: serverguide/C/dm-multipath.xml:1569(para)
27847
27933
msgid ""
27848
27934
"The default <emphasis role=\"bold\">verbosity</emphasis> level of multipath "
27849
27935
"is <emphasis role=\"bold\">2</emphasis> and can be globally modified by "
27852
27938
"of <filename>multipath.conf</filename>."
27853
27939
msgstr ""
27854
27940
27855
#: serverguide/C/dm-multipath.xml:1577(para)
27941
#: serverguide/C/dm-multipath.xml:1576(para)
27856
27942
msgid ""
27857
27943
"The following example shows the output of a <emphasis "
27858
27944
"role=\"bold\">multipath -l</emphasis> command."
27859
27945
msgstr ""
27860
27946
27861
#: serverguide/C/dm-multipath.xml:1580(screen)
27947
#: serverguide/C/dm-multipath.xml:1579(screen)
27862
27948
#, no-wrap
27863
27949
msgid ""
27864
27950
"# multipath -l\n"
27870
27956
" `- 7:0:0:0 sdf 8:80 active ready running"
27871
27957
msgstr ""
27872
27958
27873
#: serverguide/C/dm-multipath.xml:1588(para)
27959
#: serverguide/C/dm-multipath.xml:1587(para)
27874
27960
msgid ""
27875
27961
"The following example shows the output of a <emphasis "
27876
27962
"role=\"bold\">multipath -ll</emphasis> command."
27877
27963
msgstr ""
27878
27964
27879
#: serverguide/C/dm-multipath.xml:1591(screen)
27965
#: serverguide/C/dm-multipath.xml:1590(screen)
27880
27966
#, no-wrap
27881
27967
msgid ""
27882
27968
"# multipath -ll\n"
27893
27979
" `- 18:0:0:3 sdj 8:144 active ready running"
27894
27980
msgstr ""
27895
27981
27896
#: serverguide/C/dm-multipath.xml:1606(title)
27982
#: serverguide/C/dm-multipath.xml:1605(title)
27897
27983
msgid "Multipath Command Options"
27898
27984
msgstr ""
27899
27985
27900
#: serverguide/C/dm-multipath.xml:1608(para)
27986
#: serverguide/C/dm-multipath.xml:1607(para)
27901
27987
msgid ""
27902
27988
"Table <xref endterm=\"useful-multipath-command-options-title\" "
27903
27989
"linkend=\"useful-multipath-command-options\"/> describes some options of the "
27905
27991
"useful."
27906
27992
msgstr ""
27907
27993
27908
#: serverguide/C/dm-multipath.xml:1614(title)
27994
#: serverguide/C/dm-multipath.xml:1613(title)
27909
27995
msgid "Useful multipath Command Options"
27910
27996
msgstr ""
27911
27997
27912
#: serverguide/C/dm-multipath.xml:1623(entry)
27998
#: serverguide/C/dm-multipath.xml:1622(entry)
27913
27999
msgid "Option"
27914
28000
msgstr ""
27915
28001
27916
#: serverguide/C/dm-multipath.xml:1630(emphasis)
28002
#: serverguide/C/dm-multipath.xml:1629(emphasis)
27917
28003
msgid "-l"
27918
28004
msgstr ""
27919
28005
27920
#: serverguide/C/dm-multipath.xml:1632(emphasis) serverguide/C/dm-multipath.xml:1639(emphasis)
28006
#: serverguide/C/dm-multipath.xml:1631(emphasis) serverguide/C/dm-multipath.xml:1638(emphasis)
27921
28007
msgid "sysfs"
27922
28008
msgstr ""
27923
28009
27924
#: serverguide/C/dm-multipath.xml:1631(entry)
28010
#: serverguide/C/dm-multipath.xml:1630(entry)
27925
28011
msgid ""
27926
28012
"Display the current multipath configuration gathered from <placeholder-1/> "
27927
28013
"and the device mapper."
27928
28014
msgstr ""
27929
28015
27930
#: serverguide/C/dm-multipath.xml:1637(emphasis)
28016
#: serverguide/C/dm-multipath.xml:1636(emphasis)
27931
28017
msgid "-ll"
27932
28018
msgstr ""
27933
28019
27934
#: serverguide/C/dm-multipath.xml:1638(entry)
28020
#: serverguide/C/dm-multipath.xml:1637(entry)
27935
28021
msgid ""
27936
28022
"Display the current multipath configuration gathered from <placeholder-1/>, "
27937
28023
"the device mapper, and all other available components on the system."
27938
28024
msgstr ""
27939
28025
27940
#: serverguide/C/dm-multipath.xml:1644(emphasis)
28026
#: serverguide/C/dm-multipath.xml:1643(emphasis)
27941
28027
msgid "-f device"
27942
28028
msgstr ""
27943
28029
27944
#: serverguide/C/dm-multipath.xml:1645(entry)
28030
#: serverguide/C/dm-multipath.xml:1644(entry)
27945
28031
msgid "Remove the named multipath device."
27946
28032
msgstr ""
27947
28033
27948
#: serverguide/C/dm-multipath.xml:1649(emphasis)
28034
#: serverguide/C/dm-multipath.xml:1648(emphasis)
27949
28035
msgid "-F"
27950
28036
msgstr ""
27951
28037
27952
#: serverguide/C/dm-multipath.xml:1650(entry)
28038
#: serverguide/C/dm-multipath.xml:1649(entry)
27953
28039
msgid "Remove all unused multipath devices."
27954
28040
msgstr ""
27955
28041
27956
#: serverguide/C/dm-multipath.xml:1658(title)
28042
#: serverguide/C/dm-multipath.xml:1657(title)
27957
28043
msgid "Determining Device Mapper Entries with dmsetup Command"
27958
28044
msgstr ""
27959
28045
27960
#: serverguide/C/dm-multipath.xml:1660(para)
28046
#: serverguide/C/dm-multipath.xml:1659(para)
27961
28047
msgid ""
27962
28048
"You can use the <emphasis role=\"bold\">dmsetup</emphasis> command to find "
27963
28049
"out which device mapper entries match the <emphasis "
27964
28050
"role=\"bold\">multipathed</emphasis> devices."
27965
28051
msgstr ""
27966
28052
27967
#: serverguide/C/dm-multipath.xml:1664(para)
28053
#: serverguide/C/dm-multipath.xml:1663(para)
27968
28054
msgid ""
27969
28055
"The following command displays all the device mapper devices and their major "
27970
28056
"and minor numbers. The minor numbers determine the name of the dm device. "
27973
28059
"role=\"bold\"><filename>/dev/dm-3</filename></emphasis>."
27974
28060
msgstr ""
27975
28061
27976
#: serverguide/C/dm-multipath.xml:1670(screen)
28062
#: serverguide/C/dm-multipath.xml:1669(screen)
27977
28063
#, no-wrap
27978
28064
msgid ""
27979
28065
"\n"
27996
28082
" "
27997
28083
msgstr ""
27998
28084
27999
#: serverguide/C/dm-multipath.xml:1691(title)
28085
#: serverguide/C/dm-multipath.xml:1690(title)
28000
28086
msgid "Troubleshooting with the multipathd interactive console"
28001
28087
msgstr ""
28002
28088
28003
#: serverguide/C/dm-multipath.xml:1693(para)
28089
#: serverguide/C/dm-multipath.xml:1692(para)
28004
28090
msgid ""
28005
28091
"The <emphasis role=\"bold\">multipathd -k</emphasis> command is an "
28006
28092
"interactive interface to the <emphasis role=\"bold\">multipathd</emphasis> "
28010
28096
"role=\"bold\">CTRL-D</emphasis> to quit."
28011
28097
msgstr ""
28012
28098
28013
#: serverguide/C/dm-multipath.xml:1700(para)
28099
#: serverguide/C/dm-multipath.xml:1699(para)
28014
28100
msgid ""
28015
28101
"The multipathd interactive console can be used to troubleshoot problems you "
28016
28102
"may be having with your system. For example, the following command sequence "
28020
28106
"Multipathd\"</ulink> for more examples."
28021
28107
msgstr ""
28022
28108
28023
#: serverguide/C/dm-multipath.xml:1707(screen)
28109
#: serverguide/C/dm-multipath.xml:1706(screen)
28024
28110
#, no-wrap
28025
28111
msgid ""
28026
28112
"# multipathd -k\n"
28028
28114
" > > CTRL-D"
28029
28115
msgstr ""
28030
28116
28031
#: serverguide/C/dm-multipath.xml:1711(para)
28117
#: serverguide/C/dm-multipath.xml:1710(para)
28032
28118
msgid ""
28033
28119
"The following command sequence ensures that multipath has picked up any "
28034
28120
"changes to the multipath.conf,"
28035
28121
msgstr ""
28036
28122
28037
#: serverguide/C/dm-multipath.xml:1714(screen)
28123
#: serverguide/C/dm-multipath.xml:1713(screen)
28038
28124
#, no-wrap
28039
28125
msgid ""
28040
28126
"\n"
28043
28129
"> > CTRL-D\n"
28044
28130
msgstr ""
28045
28131
28046
#: serverguide/C/dm-multipath.xml:1720(para)
28132
#: serverguide/C/dm-multipath.xml:1719(para)
28047
28133
msgid ""
28048
28134
"Use the following command sequence to ensure that the path checker is "
28049
28135
"working properly."
28050
28136
msgstr ""
28051
28137
28052
#: serverguide/C/dm-multipath.xml:1723(screen)
28138
#: serverguide/C/dm-multipath.xml:1722(screen)
28053
28139
#, no-wrap
28054
28140
msgid ""
28055
28141
"\n"
28058
28144
"> > CTRL-D\n"
28059
28145
msgstr ""
28060
28146
28061
#: serverguide/C/dm-multipath.xml:1729(para)
28147
#: serverguide/C/dm-multipath.xml:1728(para)
28062
28148
msgid ""
28063
28149
"Commands can also be streamed into multipathd using stdin like so:<screen># "
28064
28150
"echo 'show config' | multipathd -k</screen>"
28072
28158
msgid "Ubuntu provides two popular database servers. They are:"
28073
28159
msgstr ""
28074
28160
28075
#: serverguide/C/virtualization.xml:832(para) serverguide/C/databases.xml:17(trademark) serverguide/C/databases.xml:29(title)
28161
#: serverguide/C/databases.xml:17(trademark) serverguide/C/databases.xml:29(title)
28076
28162
msgid "MySQL"
28077
28163
msgstr "MySQL"
28078
28164
28079
#: serverguide/C/databases.xml:20(application) serverguide/C/databases.xml:300(title)
28165
#: serverguide/C/databases.xml:20(application) serverguide/C/databases.xml:293(title)
28080
28166
msgid "PostgreSQL"
28081
28167
msgstr "PostgreSQL"
28082
28168
28097
28183
msgid "To install MySQL, run the following command from a terminal prompt:"
28098
28184
msgstr ""
28099
28185
28100
#: serverguide/C/virtualization.xml:2215(command) serverguide/C/databases.xml:42(command)
28186
#: serverguide/C/databases.xml:42(command)
28101
28187
msgid "sudo apt-get install mysql-server"
28102
28188
msgstr "sudo apt-get install mysql-server"
28103
28189
28104
#: serverguide/C/databases.xml:51(para)
28190
#: serverguide/C/databases.xml:44(para)
28105
28191
msgid ""
28106
28192
"During the installation process you will be prompted to enter a password for "
28107
28193
"the MySQL root user."
28108
28194
msgstr ""
28109
28195
28110
#: serverguide/C/databases.xml:55(para)
28196
#: serverguide/C/databases.xml:48(para)
28111
28197
msgid ""
28112
28198
"Once the installation is complete, the MySQL server should be started "
28113
28199
"automatically. You can run the following command from a terminal prompt to "
28114
28200
"check whether the MySQL server is running:"
28115
28201
msgstr ""
28116
28202
28117
#: serverguide/C/databases.xml:62(command)
28203
#: serverguide/C/databases.xml:55(command)
28118
28204
msgid "sudo netstat -tap | grep mysql"
28119
28205
msgstr "sudo netstat -tap | grep mysql"
28120
28206
28121
#: serverguide/C/vcs.xml:477(para) serverguide/C/databases.xml:65(para)
28207
#: serverguide/C/databases.xml:58(para)
28122
28208
msgid ""
28123
28209
"When you run this command, you should see the following line or something "
28124
28210
"similar:"
28125
28211
msgstr ""
28126
28212
28127
#: serverguide/C/databases.xml:69(programlisting)
28213
#: serverguide/C/databases.xml:62(programlisting)
28128
28214
#, no-wrap
28129
28215
msgid ""
28130
28216
"\n"
28132
28218
"2556/mysqld\n"
28133
28219
msgstr ""
28134
28220
28135
#: serverguide/C/databases.xml:72(para)
28221
#: serverguide/C/databases.xml:65(para)
28136
28222
msgid ""
28137
28223
"If the server is not running correctly, you can type the following command "
28138
28224
"to start it:"
28139
28225
msgstr ""
28140
28226
28141
#: serverguide/C/databases.xml:76(command) serverguide/C/databases.xml:100(command)
28227
#: serverguide/C/databases.xml:69(command) serverguide/C/databases.xml:93(command)
28142
28228
msgid "sudo service mysql restart"
28143
28229
msgstr ""
28144
28230
28145
#: serverguide/C/databases.xml:81(para)
28231
#: serverguide/C/databases.xml:74(para)
28146
28232
msgid ""
28147
28233
"You can edit the <filename>/etc/mysql/my.cnf</filename> file to configure "
28148
28234
"the basic settings -- log file, port number, etc. For example, to configure "
28150
28236
"<emphasis>bind-address</emphasis> directive to the server's IP address:"
28151
28237
msgstr ""
28152
28238
28153
#: serverguide/C/databases.xml:87(programlisting)
28239
#: serverguide/C/databases.xml:80(programlisting)
28154
28240
#, no-wrap
28155
28241
msgid ""
28156
28242
"\n"
28159
28245
"\n"
28160
28246
"bind-address = 192.168.0.5\n"
28161
28247
28162
#: serverguide/C/databases.xml:91(para)
28248
#: serverguide/C/databases.xml:84(para)
28163
28249
msgid "Replace 192.168.0.5 with the appropriate address."
28164
28250
msgstr "Zamenjajte 192.168.0.5 z ustreznim naslovom."
28165
28251
28166
#: serverguide/C/databases.xml:95(para)
28252
#: serverguide/C/databases.xml:88(para)
28167
28253
msgid ""
28168
28254
"After making a change to <filename>/etc/mysql/my.cnf</filename> the MySQL "
28169
28255
"daemon will need to be restarted:"
28170
28256
msgstr ""
28171
28257
28172
#: serverguide/C/databases.xml:102(para)
28258
#: serverguide/C/databases.xml:95(para)
28173
28259
msgid ""
28174
28260
"If you would like to change the MySQL <emphasis>root</emphasis> password, in "
28175
28261
"a terminal enter:"
28176
28262
msgstr ""
28177
28263
28178
#: serverguide/C/databases.xml:107(command)
28264
#: serverguide/C/databases.xml:100(command)
28179
28265
msgid "sudo dpkg-reconfigure mysql-server-5.5"
28180
28266
msgstr ""
28181
28267
28182
#: serverguide/C/databases.xml:109(para)
28268
#: serverguide/C/databases.xml:102(para)
28183
28269
msgid ""
28184
28270
"The MySQL daemon will be stopped, and you will be prompted to enter a new "
28185
28271
"password."
28186
28272
msgstr ""
28187
28273
28188
#: serverguide/C/databases.xml:114(title)
28274
#: serverguide/C/databases.xml:107(title)
28189
28275
msgid "Database Engines"
28190
28276
msgstr ""
28191
28277
28192
#: serverguide/C/databases.xml:115(para)
28278
#: serverguide/C/databases.xml:108(para)
28193
28279
msgid ""
28194
28280
"Whilst the default configuration of MySQL provided by the Ubuntu packages is "
28195
28281
"perfectly functional and performs well there are things you may wish to "
28196
28282
"consider before you proceed."
28197
28283
msgstr ""
28198
28284
28199
#: serverguide/C/databases.xml:119(para)
28285
#: serverguide/C/databases.xml:112(para)
28200
28286
msgid ""
28201
28287
"MySQL is designed to allow data to be stored in different ways. These "
28202
28288
"methods are referred to as either database or storage engines. There are two "
28206
28292
"use, you will interact with the database in the same way."
28207
28293
msgstr ""
28208
28294
28209
#: serverguide/C/databases.xml:126(para)
28295
#: serverguide/C/databases.xml:119(para)
28210
28296
msgid "Each engine has its own advantages and disadvantages."
28211
28297
msgstr ""
28212
28298
28213
#: serverguide/C/databases.xml:129(para)
28299
#: serverguide/C/databases.xml:122(para)
28214
28300
msgid ""
28215
28301
"While it is possible, and may be advantageous to mix and match database "
28216
28302
"engines on a table level, doing so reduces the effectiveness of the "
28218
28304
"two engines instead of dedicating them to one."
28219
28305
msgstr ""
28220
28306
28221
#: serverguide/C/databases.xml:136(para)
28307
#: serverguide/C/databases.xml:129(para)
28222
28308
msgid ""
28223
28309
"MyISAM is the older of the two. It can be faster than InnoDB under certain "
28224
28310
"circumstances and favours a read only workload. Some web applications have "
28234
28320
"production/\">MyISAM on a production database</ulink>."
28235
28321
msgstr ""
28236
28322
28237
#: serverguide/C/databases.xml:150(para)
28323
#: serverguide/C/databases.xml:143(para)
28238
28324
msgid ""
28239
28325
"InnoDB is a more modern database engine, designed to be <ulink "
28240
28326
"url=\"http://en.wikipedia.org/wiki/ACID\">ACID compliant</ulink> which "
28247
28333
"reliable data recovery as data consistency can be checked."
28248
28334
msgstr ""
28249
28335
28250
#: serverguide/C/databases.xml:163(para)
28336
#: serverguide/C/databases.xml:156(para)
28251
28337
msgid ""
28252
28338
"As of MySQL 5.5 InnoDB is the default engine, and is highly recommended over "
28253
28339
"MyISAM unless you have specific need for features unique to the engine."
28254
28340
msgstr ""
28255
28341
28256
#: serverguide/C/databases.xml:170(title)
28342
#: serverguide/C/databases.xml:163(title)
28257
28343
msgid "Creating a tuned my.cnf file"
28258
28344
msgstr ""
28259
28345
28260
#: serverguide/C/databases.xml:171(para)
28346
#: serverguide/C/databases.xml:164(para)
28261
28347
msgid ""
28262
28348
"There are a number of parameters that can be adjusted within MySQL's "
28263
28349
"configuration file that will allow you to improve the performance of the "
28310
28396
"</screen> Once that is complete all is good to go!"
28311
28397
msgstr ""
28312
28398
28313
#: serverguide/C/databases.xml:213(para)
28399
#: serverguide/C/databases.xml:206(para)
28314
28400
msgid ""
28315
28401
"This is not necessary for all my.cnf changes. Most of the variables you may "
28316
28402
"wish to change to improve performance are adjustable even whilst the server "
28318
28404
"files and data before making changes."
28319
28405
msgstr ""
28320
28406
28321
#: serverguide/C/databases.xml:222(title)
28407
#: serverguide/C/databases.xml:215(title)
28322
28408
msgid "MySQL Tuner"
28323
28409
msgstr ""
28324
28410
28325
#: serverguide/C/databases.xml:223(para)
28411
#: serverguide/C/databases.xml:216(para)
28326
28412
msgid ""
28327
28413
"<application>MySQL Tuner</application> is a useful tool that will connect to "
28328
28414
"a running MySQL instance and offer suggestions for how it can be best "
28354
28440
"</screen>"
28355
28441
msgstr ""
28356
28442
28357
#: serverguide/C/databases.xml:257(para)
28443
#: serverguide/C/databases.xml:250(para)
28358
28444
msgid ""
28359
28445
"One final comment on tuning databases: Whilst we can broadly say that "
28360
28446
"certain settings are the best, performance can vary from application to "
28369
28455
"either using more powerful hardware or by adding slave servers."
28370
28456
msgstr ""
28371
28457
28372
#: serverguide/C/databases.xml:274(para)
28458
#: serverguide/C/databases.xml:267(para)
28373
28459
msgid ""
28374
28460
"See the <ulink url=\"http://www.mysql.com/\">MySQL Home Page</ulink> for "
28375
28461
"more information."
28376
28462
msgstr ""
28377
28463
28378
#: serverguide/C/databases.xml:279(para)
28464
#: serverguide/C/databases.xml:272(para)
28379
28465
msgid ""
28380
28466
"Full documentation is available in both online and offline formats from the "
28381
28467
"<ulink url=\"http://dev.mysql.com/doc/\"> MySQL Developers portal</ulink>"
28382
28468
msgstr ""
28383
28469
28384
#: serverguide/C/databases.xml:285(para)
28470
#: serverguide/C/databases.xml:278(para)
28385
28471
msgid ""
28386
28472
"For general SQL information see <ulink "
28387
28473
"url=\"http://www.informit.com/store/product.aspx?isbn=0768664128\"> Using "
28388
28474
"SQL Special Edition</ulink> by Rafe Colburn."
28389
28475
msgstr ""
28390
28476
28391
#: serverguide/C/databases.xml:291(para)
28477
#: serverguide/C/databases.xml:284(para)
28392
28478
msgid ""
28393
28479
"The <ulink url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache "
28394
28480
"MySQL PHP Ubuntu Wiki</ulink> page also has useful information."
28407
28493
"in the command prompt:"
28408
28494
msgstr ""
28409
28495
28410
#: serverguide/C/databases.xml:314(command)
28496
#: serverguide/C/databases.xml:307(command)
28411
28497
msgid "sudo apt-get install postgresql"
28412
28498
msgstr "sudo apt-get install postgresql"
28413
28499
28454
28540
"<filename>/etc/postgresql/9.1/main/postgresql.conf</filename>"
28455
28541
msgstr ""
28456
28542
28457
#: serverguide/C/databases.xml:346(para)
28543
#: serverguide/C/databases.xml:339(para)
28458
28544
msgid ""
28459
28545
"Locate the line <emphasis>#listen_addresses = 'localhost'</emphasis> and "
28460
28546
"change it to:"
28486
28572
"default <application>PostgreSQL</application> template database:"
28487
28573
msgstr ""
28488
28574
28489
#: serverguide/C/databases.xml:370(command)
28575
#: serverguide/C/databases.xml:362(command)
28490
28576
msgid "sudo -u postgres psql template1"
28491
28577
msgstr "sudo -u postgres psql template1"
28492
28578
28500
28586
"user <emphasis role=\"italics\">postgres</emphasis>."
28501
28587
msgstr ""
28502
28588
28503
#: serverguide/C/databases.xml:380(command)
28589
#: serverguide/C/databases.xml:372(command)
28504
28590
msgid "ALTER USER postgres with encrypted password 'your_password';"
28505
28591
msgstr ""
28506
28592
28512
28598
"<emphasis>postgres</emphasis> user:"
28513
28599
msgstr ""
28514
28600
28515
#: serverguide/C/databases.xml:388(programlisting)
28601
#: serverguide/C/databases.xml:380(programlisting)
28516
28602
#, no-wrap
28517
28603
msgid ""
28518
28604
"\n"
28521
28607
"\n"
28522
28608
"local all postgres md5\n"
28523
28609
28524
#: serverguide/C/databases.xml:392(para)
28610
#: serverguide/C/databases.xml:384(para)
28525
28611
msgid ""
28526
28612
"Finally, you should restart the <application>PostgreSQL</application> "
28527
28613
"service to initialize the new configuration. From a terminal prompt enter "
28557
28643
msgid "Replace the domain name with your actual server domain name."
28558
28644
msgstr ""
28559
28645
28560
#: serverguide/C/backups.xml:11(title)
28646
#: serverguide/C/databases.xml:413(title) serverguide/C/backups.xml:11(title)
28561
28647
msgid "Backups"
28562
28648
msgstr "Varnostne kopije"
28563
28649
28588
28674
"9.1/html/index.html</command> into the address bar of your browser."
28589
28675
msgstr ""
28590
28676
28591
#: serverguide/C/databases.xml:426(para)
28677
#: serverguide/C/databases.xml:436(para)
28592
28678
msgid ""
28593
28679
"For general SQL information see <ulink "
28594
28680
"url=\"http://www.informit.com/store/product.aspx?isbn=0768664128\">Using SQL "
28595
28681
"Special Edition</ulink> by Rafe Colburn."
28596
28682
msgstr ""
28597
28683
28598
#: serverguide/C/databases.xml:432(para)
28684
#: serverguide/C/databases.xml:442(para)
28599
28685
msgid ""
28600
28686
"Also, see the <ulink "
28601
28687
"url=\"https://help.ubuntu.com/community/PostgreSQL\">PostgreSQL Ubuntu "
29238
29324
#: serverguide/C/cgroups.xml:113(para)
29239
29325
msgid ""
29240
29326
"and tasks can be moved into the new child cgroup by writing their process "
29241
"ids into the 'tasks' or 'cgroup.procs' file:"
29327
"IDs into the 'tasks' or 'cgroup.procs' file:"
29242
29328
msgstr ""
29243
29329
29244
29330
#: serverguide/C/cgroups.xml:118(command)
29245
msgid "sleep 100 echo $! > /cgroup1/child1/cgroup.procs"
29331
msgid "sleep 100 & echo $! > /cgroup1/child1/cgroup.procs"
29246
29332
msgstr ""
29247
29333
29248
29334
#: serverguide/C/cgroups.xml:123(para)
29406
29492
#, no-wrap
29407
29493
msgid ""
29408
29494
"\n"
29409
"#!/bin/sh\n"
29495
"#!/bin/bash\n"
29410
29496
"####################################\n"
29411
29497
"#\n"
29412
29498
"# Backup to NFS mount script.\n"
29531
29617
#: serverguide/C/backups.xml:153(para)
29532
29618
msgid ""
29533
29619
"The simplest way of executing the above backup script is to copy and paste "
29534
"the contents into a file. <filename>backup.sh</filename> for example. Then "
29535
"from a terminal prompt:"
29620
"the contents into a file. <filename>backup.sh</filename> for example. The "
29621
"file must be made executable:"
29536
29622
msgstr ""
29537
29623
29538
29624
#: serverguide/C/backups.xml:158(command)
29539
msgid "sudo bash backup.sh"
29540
msgstr "sudo bash backup.sh"
29625
msgid "chmod u+x backup.sh"
29626
msgstr ""
29541
29627
29542
29628
#: serverguide/C/backups.xml:160(para)
29629
msgid "Then from a terminal prompt:"
29630
msgstr ""
29631
29632
#: serverguide/C/backups.xml:164(command)
29633
msgid "sudo ./backup.sh"
29634
msgstr ""
29635
29636
#: serverguide/C/backups.xml:166(para)
29543
29637
msgid ""
29544
29638
"This is a great way to test the script to make sure everything works as "
29545
29639
"expected."
29546
29640
msgstr ""
29547
29641
29548
#: serverguide/C/backups.xml:165(title)
29642
#: serverguide/C/backups.xml:171(title)
29549
29643
msgid "Executing with cron"
29550
29644
msgstr "Izvajanje s cron-om"
29551
29645
29552
#: serverguide/C/backups.xml:166(para)
29646
#: serverguide/C/backups.xml:172(para)
29553
29647
msgid ""
29554
29648
"The <application>cron</application> utility can be used to automate the "
29555
29649
"script execution. The <application>cron</application> daemon allows the "
29559
29653
"skriptov. Ozadnji program <application>cron</application> omogoča izvajanje "
29560
29654
"skriptov ali ukazov ob določenem času in datumu."
29561
29655
29562
#: serverguide/C/backups.xml:170(para)
29656
#: serverguide/C/backups.xml:176(para)
29563
29657
msgid ""
29564
29658
"<application>cron</application> is configured through entries in a "
29565
29659
"<filename>crontab</filename> file. <filename>crontab</filename> files are "
29566
29660
"separated into fields:"
29567
29661
msgstr ""
29568
29662
29569
#: serverguide/C/backups.xml:174(programlisting)
29663
#: serverguide/C/backups.xml:180(programlisting)
29570
29664
#, no-wrap
29571
29665
msgid ""
29572
29666
"\n"
29575
29669
"\n"
29576
29670
"# min u dm m dt ukaz\n"
29577
29671
29578
#: serverguide/C/backups.xml:179(para)
29672
#: serverguide/C/backups.xml:185(para)
29579
29673
msgid ""
29580
29674
"<emphasis>m:</emphasis> minute the command executes on, between 0 and 59."
29581
29675
msgstr ""
29582
29676
29583
#: serverguide/C/backups.xml:184(para)
29677
#: serverguide/C/backups.xml:190(para)
29584
29678
msgid ""
29585
29679
"<emphasis>h:</emphasis> hour the command executes on, between 0 and 23."
29586
29680
msgstr ""
29587
29681
29588
#: serverguide/C/backups.xml:189(para)
29682
#: serverguide/C/backups.xml:195(para)
29589
29683
msgid "<emphasis>dom:</emphasis> day of month the command executes on."
29590
29684
msgstr "<emphasis>dm:</emphasis> dan v mesecu, ko bo ukaz izveden."
29591
29685
29592
#: serverguide/C/backups.xml:194(para)
29686
#: serverguide/C/backups.xml:200(para)
29593
29687
msgid ""
29594
29688
"<emphasis>mon:</emphasis> the month the command executes on, between 1 and "
29595
29689
"12."
29596
29690
msgstr ""
29597
29691
29598
#: serverguide/C/backups.xml:199(para)
29692
#: serverguide/C/backups.xml:205(para)
29599
29693
msgid ""
29600
29694
"<emphasis>dow:</emphasis> the day of the week the command executes on, "
29601
29695
"between 0 and 7. Sunday may be specified by using 0 or 7, both values are "
29602
29696
"valid."
29603
29697
msgstr ""
29604
29698
29605
#: serverguide/C/backups.xml:204(para)
29699
#: serverguide/C/backups.xml:210(para)
29606
29700
msgid "<emphasis>command:</emphasis> the command to execute."
29607
29701
msgstr "<emphasis>ukaz:</emphasis> ukaz, ki bo izveden."
29608
29702
29609
#: serverguide/C/backups.xml:209(para)
29703
#: serverguide/C/backups.xml:215(para)
29610
29704
msgid ""
29611
29705
"To add or change entries in a <filename>crontab</filename> file the "
29612
29706
"<application>crontab -e</application> command should be used. Also, the "
29614
29708
"<application>crontab -l</application> command."
29615
29709
msgstr ""
29616
29710
29617
#: serverguide/C/backups.xml:213(para)
29711
#: serverguide/C/backups.xml:219(para)
29618
29712
msgid ""
29619
29713
"To execute the <application>backup.sh</application> script listed above "
29620
29714
"using <application>cron</application>. Enter the following from a terminal "
29621
29715
"prompt:"
29622
29716
msgstr ""
29623
29717
29624
#: serverguide/C/backups.xml:218(command)
29718
#: serverguide/C/backups.xml:224(command)
29625
29719
msgid "sudo crontab -e"
29626
29720
msgstr "sudo crontab -e"
29627
29721
29628
#: serverguide/C/backups.xml:221(para)
29722
#: serverguide/C/backups.xml:227(para)
29629
29723
msgid ""
29630
29724
"Using <application>sudo</application> with the <application>crontab -"
29631
29725
"e</application> command edits the <emphasis>root</emphasis> user's crontab. "
29633
29727
"access to."
29634
29728
msgstr ""
29635
29729
29636
#: serverguide/C/backups.xml:226(para)
29730
#: serverguide/C/backups.xml:232(para)
29637
29731
msgid "Add the following entry to the <filename>crontab</filename> file:"
29638
29732
msgstr "Sledeči vnos dodajte v datoteko <filename>crontab</filename>:"
29639
29733
29640
#: serverguide/C/backups.xml:229(programlisting)
29734
#: serverguide/C/backups.xml:235(programlisting)
29641
29735
#, no-wrap
29642
29736
msgid ""
29643
29737
"\n"
29645
29739
"0 0 * * * bash /usr/local/bin/backup.sh\n"
29646
29740
msgstr ""
29647
29741
29648
#: serverguide/C/backups.xml:233(para)
29742
#: serverguide/C/backups.xml:239(para)
29649
29743
msgid ""
29650
29744
"The <application>backup.sh</application> script will now be executed every "
29651
29745
"day at 12:00 am."
29652
29746
msgstr ""
29653
29747
29654
#: serverguide/C/backups.xml:237(para)
29748
#: serverguide/C/backups.xml:243(para)
29655
29749
msgid ""
29656
29750
"The <application>backup.sh</application> script will need to be copied to "
29657
29751
"the <filename>/usr/local/bin/</filename> directory in order for this entry "
29659
29753
"simply change the script path appropriately."
29660
29754
msgstr ""
29661
29755
29662
#: serverguide/C/backups.xml:242(para)
29756
#: serverguide/C/backups.xml:248(para)
29663
29757
msgid ""
29664
29758
"For more in-depth <application>crontab</application> options see <xref "
29665
29759
"linkend=\"backup-shellscript-references\"/>."
29666
29760
msgstr ""
29667
29761
29668
#: serverguide/C/backups.xml:248(title)
29762
#: serverguide/C/backups.xml:254(title)
29669
29763
msgid "Restoring from the Archive"
29670
29764
msgstr "Obnavljanje iz arhiva"
29671
29765
29672
#: serverguide/C/backups.xml:249(para)
29766
#: serverguide/C/backups.xml:255(para)
29673
29767
msgid ""
29674
29768
"Once an archive has been created it is important to test the archive. The "
29675
29769
"archive can be tested by listing the files it contains, but the best test is "
29676
29770
"to <emphasis>restore</emphasis> a file from the archive."
29677
29771
msgstr ""
29678
29772
29679
#: serverguide/C/backups.xml:255(para)
29773
#: serverguide/C/backups.xml:261(para)
29680
29774
msgid ""
29681
29775
"To see a listing of the archive contents. From a terminal prompt type:"
29682
29776
msgstr ""
29683
29777
29684
#: serverguide/C/backups.xml:259(command)
29778
#: serverguide/C/backups.xml:265(command)
29685
29779
msgid "tar -tzvf /mnt/backup/host-Monday.tgz"
29686
29780
msgstr ""
29687
29781
29688
#: serverguide/C/backups.xml:263(para)
29782
#: serverguide/C/backups.xml:269(para)
29689
29783
msgid "To restore a file from the archive to a different directory enter:"
29690
29784
msgstr ""
29691
29785
29692
#: serverguide/C/backups.xml:267(command)
29786
#: serverguide/C/backups.xml:273(command)
29693
29787
msgid "tar -xzvf /mnt/backup/host-Monday.tgz -C /tmp etc/hosts"
29694
29788
msgstr ""
29695
29789
29696
#: serverguide/C/backups.xml:269(para)
29790
#: serverguide/C/backups.xml:275(para)
29697
29791
msgid ""
29698
29792
"The <emphasis>-C</emphasis> option to <application>tar</application> "
29699
29793
"redirects the extracted files to the specified directory. The above example "
29702
29796
"recreates the directory structure that it contains."
29703
29797
msgstr ""
29704
29798
29705
#: serverguide/C/backups.xml:274(para)
29799
#: serverguide/C/backups.xml:280(para)
29706
29800
msgid ""
29707
29801
"Also, notice the leading <emphasis>\"/\"</emphasis> is left off the path of "
29708
29802
"the file to restore."
29709
29803
msgstr ""
29710
29804
29711
#: serverguide/C/backups.xml:279(para)
29805
#: serverguide/C/backups.xml:285(para)
29712
29806
msgid "To restore all files in the archive enter the following:"
29713
29807
msgstr ""
29714
29808
29715
#: serverguide/C/backups.xml:283(command)
29809
#: serverguide/C/backups.xml:289(command)
29716
29810
msgid "cd /"
29717
29811
msgstr "cd /"
29718
29812
29719
#: serverguide/C/backups.xml:284(command)
29813
#: serverguide/C/backups.xml:290(command)
29720
29814
msgid "sudo tar -xzvf /mnt/backup/host-Monday.tgz"
29721
29815
msgstr ""
29722
29816
29723
#: serverguide/C/backups.xml:289(para)
29817
#: serverguide/C/backups.xml:295(para)
29724
29818
msgid "This will overwrite the files currently on the file system."
29725
29819
msgstr "To bo prepisalo datoteke, trenutno prisotne na sistemu."
29726
29820
29727
#: serverguide/C/backups.xml:298(para)
29821
#: serverguide/C/backups.xml:304(para)
29728
29822
msgid ""
29729
29823
"For more information on shell scripting see the <ulink "
29730
29824
"url=\"http://tldp.org/LDP/abs/html/\">Advanced Bash-Scripting Guide</ulink>"
29731
29825
msgstr ""
29732
29826
29733
#: serverguide/C/backups.xml:303(para)
29827
#: serverguide/C/backups.xml:309(para)
29734
29828
msgid ""
29735
29829
"The book <ulink url=\"http://safari.samspublishing.com/0672323583\">Teach "
29736
29830
"Yourself Shell Programming in 24 Hours</ulink> is available online and a "
29737
29831
"great resource for shell scripting."
29738
29832
msgstr ""
29739
29833
29740
#: serverguide/C/backups.xml:309(para)
29834
#: serverguide/C/backups.xml:315(para)
29741
29835
msgid ""
29742
29836
"The <ulink url=\"https://help.ubuntu.com/community/CronHowto\">CronHowto "
29743
29837
"Wiki Page</ulink> contains details on advanced "
29744
29838
"<application>cron</application> options."
29745
29839
msgstr ""
29746
29840
29747
#: serverguide/C/backups.xml:316(para)
29841
#: serverguide/C/backups.xml:322(para)
29748
29842
msgid ""
29749
29843
"See the <ulink url=\"http://www.gnu.org/software/tar/manual/index.html\">GNU "
29750
29844
"tar Manual</ulink> for more <application>tar</application> options."
29751
29845
msgstr ""
29752
29846
29753
#: serverguide/C/backups.xml:322(para)
29847
#: serverguide/C/backups.xml:328(para)
29754
29848
msgid ""
29755
29849
"The Wikipedia <ulink "
29756
29850
"url=\"http://en.wikipedia.org/wiki/Backup_rotation_scheme\">Backup Rotation "
29757
29851
"Scheme</ulink> article contains information on other backup rotation schemes."
29758
29852
msgstr ""
29759
29853
29760
#: serverguide/C/backups.xml:328(para)
29854
#: serverguide/C/backups.xml:334(para)
29761
29855
msgid ""
29762
29856
"The shell script uses <application>tar</application> to create the archive, "
29763
29857
"but there many other command line utilities that can be used. For example:"
29764
29858
msgstr ""
29765
29859
29766
#: serverguide/C/backups.xml:334(para)
29860
#: serverguide/C/backups.xml:340(para)
29767
29861
msgid ""
29768
29862
"<ulink url=\"http://www.gnu.org/software/cpio/\">cpio</ulink>: used to copy "
29769
29863
"files to and from archives."
29771
29865
"<ulink url=\"http://www.gnu.org/software/cpio/\">cpio</ulink>: uporabljen za "
29772
29866
"kopiranje datotek v in iz arhivov"
29773
29867
29774
#: serverguide/C/backups.xml:339(para)
29868
#: serverguide/C/backups.xml:345(para)
29775
29869
msgid ""
29776
29870
"<ulink url=\"http://www.gnu.org/software/coreutils/\">dd</ulink>: part of "
29777
29871
"the <application>coreutils</application> package. A low level utility that "
29778
29872
"can copy data from one format to another."
29779
29873
msgstr ""
29780
29874
29781
#: serverguide/C/backups.xml:345(para)
29875
#: serverguide/C/backups.xml:351(para)
29782
29876
msgid ""
29783
29877
"<ulink url=\"http://www.rsnapshot.org/\">rsnapshot</ulink>: a file system "
29784
29878
"snapshot utility used to create copies of an entire file system."
29785
29879
msgstr ""
29786
29880
29787
#: serverguide/C/backups.xml:351(para)
29881
#: serverguide/C/backups.xml:357(para)
29788
29882
msgid ""
29789
29883
"<ulink url=\"http://www.samba.org/ftp/rsync/rsync.html\">rsync</ulink>: a "
29790
29884
"flexible utility used to create incremental copies of files."
29791
29885
msgstr ""
29792
29886
29793
#: serverguide/C/backups.xml:362(title)
29887
#: serverguide/C/backups.xml:368(title)
29794
29888
msgid "Archive Rotation"
29795
29889
msgstr ""
29796
29890
29797
#: serverguide/C/backups.xml:363(para)
29891
#: serverguide/C/backups.xml:369(para)
29798
29892
msgid ""
29799
29893
"The shell script in <xref linkend=\"backup-shellscripts\"/> only allows for "
29800
29894
"seven different archives. For a server whose data doesn't change often, this "
29802
29896
"rotation scheme should be used."
29803
29897
msgstr ""
29804
29898
29805
#: serverguide/C/backups.xml:369(title)
29899
#: serverguide/C/backups.xml:375(title)
29806
29900
msgid "Rotating NFS Archives"
29807
29901
msgstr ""
29808
29902
29809
#: serverguide/C/backups.xml:370(para)
29903
#: serverguide/C/backups.xml:376(para)
29810
29904
msgid ""
29811
29905
"In this section, the shell script will be slightly modified to implement a "
29812
29906
"grandfather-father-son rotation scheme (monthly-weekly-daily):"
29813
29907
msgstr ""
29814
29908
29815
#: serverguide/C/backups.xml:376(para)
29909
#: serverguide/C/backups.xml:382(para)
29816
29910
msgid ""
29817
29911
"The rotation will do a <emphasis>daily</emphasis> backup Sunday through "
29818
29912
"Friday."
29819
29913
msgstr ""
29820
29914
29821
#: serverguide/C/backups.xml:381(para)
29915
#: serverguide/C/backups.xml:387(para)
29822
29916
msgid ""
29823
29917
"On Saturday a <emphasis>weekly</emphasis> backup is done giving you four "
29824
29918
"weekly backups a month."
29825
29919
msgstr ""
29826
29920
29827
#: serverguide/C/backups.xml:386(para)
29921
#: serverguide/C/backups.xml:392(para)
29828
29922
msgid ""
29829
29923
"The <emphasis>monthly</emphasis> backup is done on the first of the month "
29830
29924
"rotating two monthly backups based on if the month is odd or even."
29831
29925
msgstr ""
29832
29926
29833
#: serverguide/C/backups.xml:392(para)
29927
#: serverguide/C/backups.xml:398(para)
29834
29928
msgid "Here is the new script:"
29835
29929
msgstr "Tukaj je novi skript:"
29836
29930
29837
#: serverguide/C/backups.xml:395(programlisting)
29931
#: serverguide/C/backups.xml:401(programlisting)
29838
29932
#, no-wrap
29839
29933
msgid ""
29840
29934
"\n"
29903
29997
"ls -lh $dest/\n"
29904
29998
msgstr ""
29905
29999
29906
#: serverguide/C/backups.xml:460(para)
30000
#: serverguide/C/backups.xml:466(para)
29907
30001
msgid ""
29908
30002
"The script can be executed using the same methods as in <xref "
29909
30003
"linkend=\"backup-executing-shellscript\"/>."
29910
30004
msgstr ""
29911
30005
29912
#: serverguide/C/backups.xml:463(para)
30006
#: serverguide/C/backups.xml:469(para)
29913
30007
msgid ""
29914
30008
"It is good practice to take backup media off-site in case of a disaster. In "
29915
30009
"the shell script example the backup media is another server providing an NFS "
29918
30012
"the archive file over a WAN link to a server in another location."
29919
30013
msgstr ""
29920
30014
29921
#: serverguide/C/backups.xml:469(para)
30015
#: serverguide/C/backups.xml:475(para)
29922
30016
msgid ""
29923
30017
"Another option is to copy the archive file to an external hard drive which "
29924
30018
"can then be taken off-site. Since the price of external hard drives continue "
29927
30021
"backup server and one in another location."
29928
30022
msgstr ""
29929
30023
29930
#: serverguide/C/backups.xml:476(title)
30024
#: serverguide/C/backups.xml:482(title)
29931
30025
msgid "Tape Drives"
29932
30026
msgstr ""
29933
30027
29934
#: serverguide/C/backups.xml:477(para)
30028
#: serverguide/C/backups.xml:483(para)
29935
30029
msgid ""
29936
30030
"A tape drive attached to the server can be used instead of an NFS share. "
29937
30031
"Using a tape drive simplifies archive rotation, and makes taking the media "
29938
30032
"off-site easier as well."
29939
30033
msgstr ""
29940
30034
29941
#: serverguide/C/backups.xml:481(para)
30035
#: serverguide/C/backups.xml:487(para)
29942
30036
msgid ""
29943
30037
"When using a tape drive, the filename portions of the script aren't needed "
29944
30038
"because the data is sent directly to the tape device. Some commands to "
29947
30041
"<application>cpio</application> package."
29948
30042
msgstr ""
29949
30043
29950
#: serverguide/C/backups.xml:486(para)
30044
#: serverguide/C/backups.xml:492(para)
29951
30045
msgid "Here is the shell script modified to use a tape drive:"
29952
30046
msgstr ""
29953
30047
29954
#: serverguide/C/backups.xml:489(programlisting)
30048
#: serverguide/C/backups.xml:495(programlisting)
29955
30049
#, no-wrap
29956
30050
msgid ""
29957
30051
"\n"
29988
30082
"date\n"
29989
30083
msgstr ""
29990
30084
29991
#: serverguide/C/backups.xml:523(para)
30085
#: serverguide/C/backups.xml:529(para)
29992
30086
msgid ""
29993
30087
"The default device name for a SCSI tape drive is "
29994
30088
"<filename>/dev/st0</filename>. Use the appropriate device path for your "
29995
30089
"system."
29996
30090
msgstr ""
29997
30091
29998
#: serverguide/C/backups.xml:528(para)
30092
#: serverguide/C/backups.xml:534(para)
29999
30093
msgid ""
30000
30094
"Restoring from a tape drive is basically the same as restoring from a file. "
30001
30095
"Simply rewind the tape and use the device path instead of a file path. For "
30003
30097
"<filename>/tmp/etc/hosts</filename>:"
30004
30098
msgstr ""
30005
30099
30006
#: serverguide/C/backups.xml:533(command)
30100
#: serverguide/C/backups.xml:539(command)
30007
30101
msgid "mt -f /dev/st0 rewind"
30008
30102
msgstr "mt -f /dev/st0 rewind"
30009
30103
30010
#: serverguide/C/backups.xml:534(command)
30104
#: serverguide/C/backups.xml:540(command)
30011
30105
msgid "tar -xzf /dev/st0 -C /tmp etc/hosts"
30012
30106
msgstr "tar -xzf /dev/st0 -C /tmp etc/hosts"
30013
30107
30014
#: serverguide/C/backups.xml:539(title)
30108
#: serverguide/C/backups.xml:545(title)
30015
30109
msgid "Bacula"
30016
30110
msgstr "Bacula"
30017
30111
30018
#: serverguide/C/backups.xml:540(para)
30112
#: serverguide/C/backups.xml:546(para)
30019
30113
msgid ""
30020
30114
"<application>Bacula</application> is a backup program enabling you to "
30021
30115
"backup, restore, and verify data across your network. There are Bacula "
30023
30117
"network wide solution."
30024
30118
msgstr ""
30025
30119
30026
#: serverguide/C/backups.xml:546(para)
30120
#: serverguide/C/backups.xml:552(para)
30027
30121
msgid ""
30028
30122
"<application>Bacula</application> is made up of several components and "
30029
30123
"services used to manage which files to backup and backup locations:"
30030
30124
msgstr ""
30031
30125
30032
#: serverguide/C/backups.xml:551(para)
30126
#: serverguide/C/backups.xml:557(para)
30033
30127
msgid ""
30034
30128
"<application>Bacula Director:</application> a service that controls all "
30035
30129
"backup, restore, verify, and archive operations."
30036
30130
msgstr ""
30037
30131
30038
#: serverguide/C/backups.xml:556(para)
30132
#: serverguide/C/backups.xml:562(para)
30039
30133
msgid ""
30040
30134
"<application>Bacula Console:</application> an application allowing "
30041
30135
"communication with the Director. There are three versions of the Console:"
30042
30136
msgstr ""
30043
30137
30044
#: serverguide/C/backups.xml:561(para)
30138
#: serverguide/C/backups.xml:567(para)
30045
30139
msgid "Text based command line version."
30046
30140
msgstr ""
30047
30141
30048
#: serverguide/C/backups.xml:562(para)
30142
#: serverguide/C/backups.xml:568(para)
30049
30143
msgid "Gnome based GTK+ Graphical User Interface (GUI) interface."
30050
30144
msgstr ""
30051
30145
30052
#: serverguide/C/backups.xml:563(para)
30146
#: serverguide/C/backups.xml:569(para)
30053
30147
msgid "wxWidgets GUI interface."
30054
30148
msgstr "Grafični vmesnik wxWidgets"
30055
30149
30056
#: serverguide/C/backups.xml:567(para)
30150
#: serverguide/C/backups.xml:573(para)
30057
30151
msgid ""
30058
30152
"<application>Bacula File:</application> also known as the "
30059
30153
"<application>Bacula Client</application> program. This application is "
30061
30155
"requested by the Director."
30062
30156
msgstr ""
30063
30157
30064
#: serverguide/C/backups.xml:573(para)
30158
#: serverguide/C/backups.xml:579(para)
30065
30159
msgid ""
30066
30160
"<application>Bacula Storage:</application> the programs that perform the "
30067
30161
"storage and recovery of data to the physical media."
30068
30162
msgstr ""
30069
30163
30070
#: serverguide/C/backups.xml:578(para)
30164
#: serverguide/C/backups.xml:584(para)
30071
30165
msgid ""
30072
30166
"<application>Bacula Catalog:</application> is responsible for maintaining "
30073
30167
"the file indexes and volume databases for all files backed up, enabling "
30075
30169
"different databases MySQL, PostgreSQL, and SQLite."
30076
30170
msgstr ""
30077
30171
30078
#: serverguide/C/backups.xml:584(para)
30172
#: serverguide/C/backups.xml:590(para)
30079
30173
msgid ""
30080
30174
"<application>Bacula Monitor:</application> allows the monitoring of the "
30081
30175
"Director, File daemons, and Storage daemons. Currently the Monitor is only "
30082
30176
"available as a GTK+ GUI application."
30083
30177
msgstr ""
30084
30178
30085
#: serverguide/C/backups.xml:590(para)
30179
#: serverguide/C/backups.xml:596(para)
30086
30180
msgid ""
30087
30181
"These services and applications can be run on multiple servers and clients, "
30088
30182
"or they can be installed on one machine if backing up a single disk or "
30089
30183
"volume."
30090
30184
msgstr ""
30091
30185
30092
#: serverguide/C/backups.xml:598(para)
30186
#: serverguide/C/backups.xml:604(para)
30093
30187
msgid ""
30094
30188
"If using MySQL or PostgreSQL as your database, you should already have the "
30095
30189
"services available. <application>Bacula</application> will not install them "
30096
30190
"for you."
30097
30191
msgstr ""
30098
30192
30099
#: serverguide/C/backups.xml:603(para)
30193
#: serverguide/C/backups.xml:609(para)
30100
30194
msgid ""
30101
30195
"There are multiple packages containing the different "
30102
30196
"<application>Bacula</application> components. To install Bacula, from a "
30103
30197
"terminal prompt enter:"
30104
30198
msgstr ""
30105
30199
30106
#: serverguide/C/backups.xml:608(command)
30200
#: serverguide/C/backups.xml:614(command)
30107
30201
msgid "sudo apt-get install bacula"
30108
30202
msgstr "sudo apt-get install bacula"
30109
30203
30110
#: serverguide/C/backups.xml:610(para)
30204
#: serverguide/C/backups.xml:616(para)
30111
30205
msgid ""
30112
30206
"By default installing the <application>bacula</application> package will use "
30113
30207
"a <application>MySQL</application> database for the Catalog. If you want to "
30116
30210
"pgsql</application> respectively."
30117
30211
msgstr ""
30118
30212
30119
#: serverguide/C/backups.xml:616(para)
30213
#: serverguide/C/backups.xml:622(para)
30120
30214
msgid ""
30121
30215
"During the install process you will be asked to supply credentials for the "
30122
30216
"database <emphasis>administrator</emphasis> and the "
30125
30219
"database, see <xref linkend=\"mysql\"/> for more information."
30126
30220
msgstr ""
30127
30221
30128
#: serverguide/C/backups.xml:626(para)
30222
#: serverguide/C/backups.xml:632(para)
30129
30223
msgid ""
30130
30224
"<application>Bacula</application> configuration files are formatted based on "
30131
30225
"<emphasis>resources</emphasis> comprising of <emphasis>directives</emphasis> "
30134
30228
"directory."
30135
30229
msgstr ""
30136
30230
30137
#: serverguide/C/backups.xml:631(para)
30231
#: serverguide/C/backups.xml:637(para)
30138
30232
msgid ""
30139
30233
"The various <application>Bacula</application> components must authorize "
30140
30234
"themselves to each other. This is accomplished using the "
30145
30239
"<filename>/etc/bacula/bacula-sd.conf</filename>."
30146
30240
msgstr ""
30147
30241
30148
#: serverguide/C/backups.xml:637(para)
30242
#: serverguide/C/backups.xml:643(para)
30149
30243
msgid ""
30150
30244
"By default the backup job named <emphasis>Client1</emphasis> is configured "
30151
30245
"to archive the <application>Bacula</application> Catalog. If you plan on "
30154
30248
"<filename>/etc/bacula/bacula-dir.conf</filename>:"
30155
30249
msgstr ""
30156
30250
30157
#: serverguide/C/backups.xml:642(programlisting)
30251
#: serverguide/C/backups.xml:648(programlisting)
30158
30252
#, no-wrap
30159
30253
msgid ""
30160
30254
"\n"
30168
30262
"}\n"
30169
30263
msgstr ""
30170
30264
30171
#: serverguide/C/backups.xml:653(para)
30265
#: serverguide/C/backups.xml:659(para)
30172
30266
msgid ""
30173
30267
"The example above changes the job name to <emphasis>BackupServer</emphasis> "
30174
30268
"matching the machine's host name. Replace <quote>BackupServer</quote> with "
30175
30269
"your appropriate hostname, or other descriptive name."
30176
30270
msgstr ""
30177
30271
30178
#: serverguide/C/backups.xml:658(para)
30272
#: serverguide/C/backups.xml:664(para)
30179
30273
msgid ""
30180
30274
"The <emphasis>Console</emphasis> can be used to query the "
30181
30275
"<emphasis>Director</emphasis> about jobs, but to use the Console with a "
30184
30278
"the following from a terminal:"
30185
30279
msgstr ""
30186
30280
30187
#: serverguide/C/backups.xml:664(command)
30281
#: serverguide/C/backups.xml:670(command)
30188
30282
msgid "sudo adduser $username bacula"
30189
30283
msgstr "sudo adduser uporabniško-ime bacula"
30190
30284
30191
#: serverguide/C/backups.xml:667(para)
30285
#: serverguide/C/backups.xml:673(para)
30192
30286
msgid ""
30193
30287
"Replace <emphasis>$username</emphasis> with the actual username. Also, if "
30194
30288
"you are adding the current user to the group you should log out and back in "
30195
30289
"for the new permissions to take effect."
30196
30290
msgstr ""
30197
30291
30198
#: serverguide/C/backups.xml:674(title)
30292
#: serverguide/C/backups.xml:680(title)
30199
30293
msgid "Localhost Backup"
30200
30294
msgstr ""
30201
30295
30202
#: serverguide/C/backups.xml:675(para)
30296
#: serverguide/C/backups.xml:681(para)
30203
30297
msgid ""
30204
30298
"This section describes how to backup specified directories on a single host "
30205
30299
"to a local tape drive."
30206
30300
msgstr ""
30207
30301
30208
#: serverguide/C/backups.xml:680(para)
30302
#: serverguide/C/backups.xml:686(para)
30209
30303
msgid ""
30210
30304
"First, the <emphasis>Storage</emphasis> device needs to be configured. Edit "
30211
30305
"<filename>/etc/bacula/bacula-sd.conf</filename> add:"
30212
30306
msgstr ""
30213
30307
30214
#: serverguide/C/backups.xml:683(programlisting)
30308
#: serverguide/C/backups.xml:689(programlisting)
30215
30309
#, no-wrap
30216
30310
msgid ""
30217
30311
"\n"
30229
30323
"}\n"
30230
30324
msgstr ""
30231
30325
30232
#: serverguide/C/backups.xml:697(para)
30326
#: serverguide/C/backups.xml:703(para)
30233
30327
msgid ""
30234
30328
"The example is for a <emphasis>DDS-4</emphasis> tape drive. Adjust the "
30235
30329
"<quote>Media Type</quote> and <quote>Archive Device</quote> to match your "
30236
30330
"hardware."
30237
30331
msgstr ""
30238
30332
30239
#: serverguide/C/backups.xml:700(para)
30333
#: serverguide/C/backups.xml:706(para)
30240
30334
msgid "You could also uncomment one of the other examples in the file."
30241
30335
msgstr ""
30242
30336
30243
#: serverguide/C/backups.xml:705(para)
30337
#: serverguide/C/backups.xml:711(para)
30244
30338
msgid ""
30245
30339
"After editing <filename>/etc/bacula/bacula-sd.conf</filename> the "
30246
30340
"<application>Storage</application> daemon will need to be restarted:"
30247
30341
msgstr ""
30248
30342
30249
#: serverguide/C/backups.xml:710(command)
30343
#: serverguide/C/backups.xml:716(command)
30250
30344
msgid "sudo service bacula-sd restart"
30251
30345
msgstr ""
30252
30346
30253
#: serverguide/C/backups.xml:714(para)
30347
#: serverguide/C/backups.xml:720(para)
30254
30348
msgid ""
30255
30349
"Now add a <emphasis>Storage</emphasis> resource in "
30256
30350
"<filename>/etc/bacula/bacula-dir.conf</filename> to use the new Device:"
30257
30351
msgstr ""
30258
30352
30259
#: serverguide/C/backups.xml:717(programlisting)
30353
#: serverguide/C/backups.xml:723(programlisting)
30260
30354
#, no-wrap
30261
30355
msgid ""
30262
30356
"\n"
30273
30367
"}\n"
30274
30368
msgstr ""
30275
30369
30276
#: serverguide/C/backups.xml:729(para)
30370
#: serverguide/C/backups.xml:735(para)
30277
30371
msgid ""
30278
30372
"The <emphasis>Address</emphasis> directive needs to be the Fully Qualified "
30279
30373
"Domain Name (FQDN) of the server. Change <emphasis>backupserver</emphasis> "
30280
30374
"to the actual host name."
30281
30375
msgstr ""
30282
30376
30283
#: serverguide/C/backups.xml:733(para)
30377
#: serverguide/C/backups.xml:739(para)
30284
30378
msgid ""
30285
30379
"Also, make sure the <emphasis>Password</emphasis> directive matches the "
30286
30380
"password string in <filename>/etc/bacula/bacula-sd.conf</filename>."
30287
30381
msgstr ""
30288
30382
30289
#: serverguide/C/backups.xml:739(para)
30383
#: serverguide/C/backups.xml:745(para)
30290
30384
msgid ""
30291
30385
"Create a new <emphasis>FileSet</emphasis>, which will determine what "
30292
30386
"directories to backup, by adding:"
30293
30387
msgstr ""
30294
30388
30295
#: serverguide/C/backups.xml:742(programlisting)
30389
#: serverguide/C/backups.xml:748(programlisting)
30296
30390
#, no-wrap
30297
30391
msgid ""
30298
30392
"\n"
30310
30404
"}\n"
30311
30405
msgstr ""
30312
30406
30313
#: serverguide/C/backups.xml:756(para)
30407
#: serverguide/C/backups.xml:762(para)
30314
30408
msgid ""
30315
30409
"This <emphasis>FileSet</emphasis> will backup the <filename "
30316
30410
"role=\"directory\">/etc</filename> and <filename "
30320
30414
"using GZIP."
30321
30415
msgstr ""
30322
30416
30323
#: serverguide/C/backups.xml:763(para)
30417
#: serverguide/C/backups.xml:769(para)
30324
30418
msgid "Next, create a new <emphasis>Schedule</emphasis> for the backup job:"
30325
30419
msgstr ""
30326
30420
30327
#: serverguide/C/backups.xml:766(programlisting)
30421
#: serverguide/C/backups.xml:772(programlisting)
30328
30422
#, no-wrap
30329
30423
msgid ""
30330
30424
"\n"
30335
30429
"}\n"
30336
30430
msgstr ""
30337
30431
30338
#: serverguide/C/backups.xml:773(para)
30432
#: serverguide/C/backups.xml:779(para)
30339
30433
msgid ""
30340
30434
"The job will run every day at 00:01 or 12:01 am. There are many other "
30341
30435
"scheduling options available."
30342
30436
msgstr ""
30343
30437
30344
#: serverguide/C/backups.xml:778(para)
30438
#: serverguide/C/backups.xml:784(para)
30345
30439
msgid "Finally create the <emphasis>Job</emphasis>:"
30346
30440
msgstr ""
30347
30441
30348
#: serverguide/C/backups.xml:781(programlisting)
30442
#: serverguide/C/backups.xml:787(programlisting)
30349
30443
#, no-wrap
30350
30444
msgid ""
30351
30445
"\n"
30362
30456
"} \n"
30363
30457
msgstr ""
30364
30458
30365
#: serverguide/C/backups.xml:794(para)
30459
#: serverguide/C/backups.xml:800(para)
30366
30460
msgid ""
30367
30461
"The job will do a <emphasis>Full</emphasis> backup every day to the tape "
30368
30462
"drive."
30369
30463
msgstr ""
30370
30464
30371
#: serverguide/C/backups.xml:799(para)
30465
#: serverguide/C/backups.xml:805(para)
30372
30466
msgid ""
30373
30467
"Each tape used will need to have a <emphasis>Label</emphasis>. If the "
30374
30468
"current tape does not have a label <application>Bacula</application> will "
30376
30470
"<application>Console</application> enter the following from a terminal:"
30377
30471
msgstr ""
30378
30472
30379
#: serverguide/C/backups.xml:805(command)
30473
#: serverguide/C/backups.xml:811(command)
30380
30474
msgid "bconsole"
30381
30475
msgstr "bconsole"
30382
30476
30383
#: serverguide/C/backups.xml:809(para)
30477
#: serverguide/C/backups.xml:815(para)
30384
30478
msgid "At the Bacula Console prompt enter:"
30385
30479
msgstr "V konzoli Bacula vnesite:"
30386
30480
30387
#: serverguide/C/backups.xml:813(command)
30481
#: serverguide/C/backups.xml:819(command)
30388
30482
msgid "label"
30389
30483
msgstr "label"
30390
30484
30391
#: serverguide/C/backups.xml:817(para)
30485
#: serverguide/C/backups.xml:823(para)
30392
30486
msgid ""
30393
30487
"You will then be prompted for the <emphasis>Storage</emphasis> resource:"
30394
30488
msgstr ""
30395
30489
30396
#: serverguide/C/backups.xml:827(userinput)
30490
#: serverguide/C/backups.xml:833(userinput)
30397
30491
#, no-wrap
30398
30492
msgid "2"
30399
30493
msgstr "2"
30400
30494
30401
#: serverguide/C/backups.xml:821(computeroutput)
30495
#: serverguide/C/backups.xml:827(computeroutput)
30402
30496
#, no-wrap
30403
30497
msgid ""
30404
30498
"\n"
30410
30504
"Select Storage resource (1-2):<placeholder-1/>\n"
30411
30505
msgstr ""
30412
30506
30413
#: serverguide/C/backups.xml:832(para)
30507
#: serverguide/C/backups.xml:838(para)
30414
30508
msgid "Enter the new <emphasis>Volume</emphasis> name:"
30415
30509
msgstr ""
30416
30510
30417
#: serverguide/C/backups.xml:837(userinput)
30511
#: serverguide/C/backups.xml:843(userinput)
30418
30512
#, no-wrap
30419
30513
msgid "Sunday"
30420
30514
msgstr "Nedelja"
30421
30515
30422
#: serverguide/C/backups.xml:836(computeroutput)
30516
#: serverguide/C/backups.xml:842(computeroutput)
30423
30517
#, no-wrap
30424
30518
msgid ""
30425
30519
"\n"
30429
30523
" 2: Scratch"
30430
30524
msgstr ""
30431
30525
30432
#: serverguide/C/backups.xml:842(para)
30526
#: serverguide/C/backups.xml:848(para)
30433
30527
msgid "Replace <emphasis>Sunday</emphasis> with the desired label."
30434
30528
msgstr "Zamenjajte <emphasis>Nedelja</emphasis> z željeno oznako."
30435
30529
30436
#: serverguide/C/backups.xml:847(para)
30530
#: serverguide/C/backups.xml:853(para)
30437
30531
msgid "Now, select the <emphasis>Pool</emphasis>:"
30438
30532
msgstr ""
30439
30533
30440
#: serverguide/C/backups.xml:851(computeroutput)
30534
#: serverguide/C/backups.xml:857(computeroutput)
30441
30535
#, no-wrap
30442
30536
msgid ""
30443
30537
"\n"
30446
30540
"Sending label command for Volume \"Sunday\" Slot 0 ...\n"
30447
30541
msgstr ""
30448
30542
30449
#: serverguide/C/backups.xml:859(para)
30543
#: serverguide/C/backups.xml:865(para)
30450
30544
msgid ""
30451
30545
"Congratulations, you have now configured <emphasis>Bacula</emphasis> to "
30452
30546
"backup the localhost to an attached tape drive."
30453
30547
msgstr ""
30454
30548
30455
#: serverguide/C/backups.xml:867(para)
30549
#: serverguide/C/backups.xml:873(para)
30456
30550
msgid ""
30457
30551
"For more <emphasis>Bacula</emphasis> configuration options refer to the "
30458
30552
"<ulink url=\"http://www.bacula.org/en/rel-manual/index.html\">Bacula User's "
30459
30553
"Manual</ulink>"
30460
30554
msgstr ""
30461
30555
30462
#: serverguide/C/backups.xml:873(para)
30556
#: serverguide/C/backups.xml:879(para)
30463
30557
msgid ""
30464
30558
"The <ulink url=\"http://www.bacula.org/\">Bacula Home Page</ulink> contains "
30465
30559
"the latest Bacula news and developments."
30466
30560
msgstr ""
30467
30561
30468
#: serverguide/C/backups.xml:878(para)
30562
#: serverguide/C/backups.xml:884(para)
30469
30563
msgid ""
30470
30564
"Also, see the <ulink url=\"https://help.ubuntu.com/community/Bacula\">Bacula "
30471
30565
"Ubuntu Wiki</ulink> page."
30484
30578
#~ msgid "sudo chown nobody.nogroup /srv/samba/share/"
30485
30579
#~ msgstr "sudo chown nobody.nogroup /srv/samba/share/"
30486
30580
30581
#~ msgid "sudo chage -E 01/31/2011 -m 5 -M 90 -I 30 -W 14 username"
30582
#~ msgstr "sudo chage -E 01/31/2011 -m 5 -M 90 -I 30 -W 14 uporabniško-ime"
30583
30584
#~ msgid ""
30585
#~ "The Wikipedia <ulink "
30586
#~ "url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink> page has more "
30587
#~ "information regarding HTTPS."
30588
#~ msgstr ""
30589
#~ "Stran <ulink url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink> na "
30590
#~ "Wikipediji ima več podatkov o HTTPS."
30591
30487
30592
#~ msgid "ssh-keygen -t dsa"
30488
30593
#~ msgstr "ssh-keygen -t dsa"
30489
30594
30595
#~ msgid ""
30596
#~ "The <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
30597
#~ "Ubuntu Wiki</ulink> page."
30598
#~ msgstr ""
30599
#~ "Stran <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
30600
#~ "na Ubuntu Wiki</ulink>."
30601
30490
30602
#~ msgid "sudo chown -R www-data.www-data mywiki"
30491
30603
#~ msgstr "sudo chown -R www-data.www-data moj-wiki"
30492
30604
30497
30609
#~ msgstr ""
30498
30610
#~ "\n"
30499
30611
#~ "http://localhost/moj-wiki/config/index.php\n"
30612
30613
#~ msgid "sudo e2fsck -f /dev/vg01/srv"
30614
#~ msgstr "sudo e2fsck -f /dev/vg01/srv"
30615
30616
#~ msgid "sudo resize2fs /dev/vg01/srv"
30617
#~ msgstr "sudo resize2fs /dev/vg01/srv"
30618
30619
#~ msgid "sudo bash backup.sh"
30620
#~ msgstr "sudo bash backup.sh"
Loggerhead is a web-based interface for Breezy
Version: 2.0.1