6073
5970
"邮件列表: <ulink url=\"https://lists.ubuntu.com/mailman/listinfo/ubuntu-"
6074
5971
"server\">ubuntu-server at lists.ubuntu.com</ulink>"
6076
#: serverguide/C/virtualization.xml:1182(title)
6080
#: serverguide/C/virtualization.xml:1185(title) serverguide/C/network-auth.xml:1683(title) serverguide/C/monitoring.xml:15(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:879(title) serverguide/C/dns.xml:64(title) serverguide/C/chat.xml:17(title) serverguide/C/backups.xml:541(title)
5973
#: serverguide/C/virtualization.xml:1184(para)
5975
"Also, see the <ulink "
5976
"url=\"https://help.ubuntu.com/community/JeOSVMBuilder\">JeOSVMBuilder Ubuntu "
5977
"Wiki</ulink> page."
5980
#: serverguide/C/virtualization.xml:1192(title)
5984
#: serverguide/C/virtualization.xml:1195(title) serverguide/C/network-auth.xml:2026(title) serverguide/C/monitoring.xml:15(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:928(title) serverguide/C/dns.xml:64(title) serverguide/C/chat.xml:17(title) serverguide/C/backups.xml:541(title)
6081
5985
msgid "Overview"
6084
#: serverguide/C/virtualization.xml:1187(para)
6086
"<emphasis>Eucalyptus</emphasis> is an open-source software infrastructure "
6087
"for implementing \"cloud computing\" on your own clusters. "
6088
"<emphasis>Eucalyptus</emphasis> allows you to create your own cloud "
6089
"computing environment in order to maximize computing resources and provide a "
6090
"cloud computing environment to your users."
6092
"<emphasis>Encalyptus</emphasis>是一个用来提供在您自己的簇上实现云计算的基础的开源软件。<emphasis>Eucalypt"
6093
"us</emphasis>允许您生成自己的云计算环境来最大化计算资源,并给您的用户提供一个云计算环境。"
6095
#: serverguide/C/virtualization.xml:1193(para)
6097
"This section will cover setting up a Cloud Computing environment using "
6098
"<application>Eucalyptus</application> with <application>KVM</application>. "
6099
"For more information on KVM see <xref linkend=\"libvirt\"/>."
6101
"这一节将介绍如何使用<application>Eucalyptus</application>结合<application>KVM</applicatio"
6102
"n>来实现一个云计算环境。更多关于KVM的信息,请参阅<xref linkend=\"libvirt\"/>。"
6104
#: serverguide/C/virtualization.xml:1198(para)
6106
"The Cloud Computing environment will consist of three components, typically "
6107
"installed on at least two separate machines (termed the 'front-end' and "
6108
"'node(s)' for the rest of this document):"
6109
msgstr "云计算环境将包含三个组件,典型的会被安装在至少两个单独的机器上(termed“前端”和“节点”在这个文档的剩余部分)"
6111
#: serverguide/C/virtualization.xml:1205(para)
6113
"<emphasis>One Front-End:</emphasis> hosts one Cloud Controller, a Java based "
6114
"Web configuration interface, and a Cluster Controller, which determines "
6115
"where virtual machines (VMs) will be housed and manages cluster level VM "
6118
"<emphasis>一个 Front-"
6119
"End:</emphasis>拥有一个云控制器,这是一个基于Java的Web设置界面,还有一个簇控制器,用来定义虚拟机将在那里被封装,并管理簇级别的VM网"
6122
#: serverguide/C/virtualization.xml:1211(para)
6124
"<emphasis>One or more Compute Nodes:</emphasis> runs the Node Controller "
6125
"component of Eucalyptus, which allows the machine to be part of the cloud as "
6128
"<emphasis>一个或者更多计算节点:</emphasis>运行在Eucalyptus的节点控制器上,这样一台机器就可以作为一个虚拟机的宿主而成为一个"
5988
#: serverguide/C/virtualization.xml:1197(para)
5990
"This tutorial covers <application>UEC</application> installation from the "
5991
"Ubuntu 10.04 LTS Server Edition CD, and assumes a basic network topology, "
5992
"with a single system serving as the <emphasis>\"all-in-one "
5993
"controller\"</emphasis>, and one or more nodes attached."
5996
#: serverguide/C/virtualization.xml:1202(para)
5998
"From this Tutorial you will learn how to install, configure, register and "
5999
"perform several operations on a basic <application>UEC</application> setup "
6000
"that results in a cloud with a one controller <emphasis>\"front-"
6001
"end\"</emphasis> and one or several node(s) for running Virtual Machine (VM) "
6002
"instances. You will also use examples to help get you started using your own "
6003
"private compute cloud."
6006
#: serverguide/C/virtualization.xml:1210(title)
6007
msgid "Prerequisites"
6010
#: serverguide/C/virtualization.xml:1212(para)
6012
"To deploy a minimal cloud infrastructure, you’ll need at least "
6013
"<emphasis>two</emphasis> dedicated systems:"
6131
6016
#: serverguide/C/virtualization.xml:1218(para)
6133
"The simple <emphasis>System</emphasis> networking option will be used by "
6134
"default. This network method allows virtual machine instances, to obtain IP "
6135
"addresses from the local LAN, assuming that a DHCP server is properly "
6136
"configured on the LAN to hand out IPs dynamically to VMs that request them. "
6137
"Each node will be configured for bridge networking. For more details see "
6138
"<xref linkend=\"bridging\"/>."
6140
"简单的<emphasis>System</emphasis>网络选项会被默认使用。这个方法允许虚拟机实例从本地局域网得到IP地址,假设一个经过适当配置的D"
6141
"HCP服务器工作在局域网里面来为虚拟机动态的产生IP地址。每个节点会被设置成桥状网络工作的模式。更多细节,请参见<xref "
6142
"linkend=\"bridging\"/>"
6144
#: serverguide/C/virtualization.xml:1228(para)
6146
"First, on the <emphasis>Front-End</emphasis> install the appropriate "
6147
"packages. In a terminal prompt on the Front-End enter:"
6148
msgstr "首先,在<emphasis>Front-End</emphasis>安装所需的包,在一个Front-End的终端提示中输入:"
6150
#: serverguide/C/virtualization.xml:1233(command)
6151
msgid "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
6152
msgstr "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
6017
msgid "A front end."
6020
#: serverguide/C/virtualization.xml:1223(para)
6021
msgid "One or more node(s)."
6024
#: serverguide/C/virtualization.xml:1229(para)
6026
"The following are recommendations, rather than fixed requirements. However, "
6027
"our experience in developing this documentation indicated the following "
6031
#: serverguide/C/virtualization.xml:1234(title)
6032
msgid "Front End Requirements"
6154
6035
#: serverguide/C/virtualization.xml:1236(para)
6156
"Next, on the each <emphasis>Compute Node</emphasis> install the node "
6157
"controller package. In a terminal prompt on each Compute Node enter:"
6158
msgstr "接下来,在每个<emphasis>计算节点</emphasis>安装节点控制包,在每个计算节点的终端提示中输入;"
6160
#: serverguide/C/virtualization.xml:1241(command)
6161
msgid "sudo apt-get install eucalyptus-nc"
6162
msgstr "sudo apt-get install eucalyptus-nc"
6036
msgid "Use the following table for a system that will run one or more of:"
6039
#: serverguide/C/virtualization.xml:1241(para)
6040
msgid "Cloud Controller (CLC)"
6043
#: serverguide/C/virtualization.xml:1242(para)
6044
msgid "Cluster Controller (CC)"
6047
#: serverguide/C/virtualization.xml:1243(para)
6048
msgid "Walrus (the S3-like storage service)"
6164
6051
#: serverguide/C/virtualization.xml:1244(para)
6166
"Once the installation is complete, and it may take a while, in a browser go "
6167
"to <emphasis>https://front-end:8443</emphasis> and login to the "
6168
"administration interface using the default username and password of "
6169
"<emphasis>admin</emphasis>. You will then be prompted to change the "
6170
"password, configure an email address for the admin user, and set the storage "
6173
"一旦安装完成,就需要花点时间,打开浏览器,转到<emphasis>http://front-"
6174
"end:8443</emphasis>然后使用默认的用户名和密码登录到管理员界面(默认用户名和密码是<emphasis>admin</emphasis>)"
6175
"。这时您将被提示修改密码,设置管理员用户的Email地址和存储器URL"
6177
#: serverguide/C/virtualization.xml:1250(para)
6179
"In the web interface's <emphasis>\"Configuration\"</emphasis> tab, add a "
6180
"cluster under the <emphasis>\"Clusters\"</emphasis> heading (in this "
6181
"configuration, the cluster controller is on the same system as the cloud "
6182
"controller, so entering 'localhost' as the cluster hostname is correct). "
6183
"Once the form is filled out click the <emphasis>\"Add Cluster\"</emphasis> "
6186
"在Web界面中的<emphasis>“设置”</emphasis>标签中,在<emphasis>“簇”</emphasis>添加一个簇(在这个设置中,因为"
6187
"簇控制器和云控制器处在同一个系统上,所以簇的主机名只要输入\"localhost\"就可以了)。填写完毕之后,点击<emphasis>“添加簇”</emp"
6190
#: serverguide/C/virtualization.xml:1256(para)
6192
"Now, back on the <emphasis>Front-End</emphasis>, add the nodes to the "
6194
msgstr "现在,返回到<emphasis>Front-End</emphasis>,添加节点到簇。"
6196
#: serverguide/C/virtualization.xml:1261(command)
6197
msgid "sudo euca_conf -addnode hostname_of_node"
6198
msgstr "sudo euca_conf -addnode hostname_of_node"
6200
#: serverguide/C/virtualization.xml:1264(para)
6202
"You will then be prompted to log into your Node, install the "
6203
"<application>eucalyptus-nc</application> package, and add the "
6204
"<emphasis>eucalyptus</emphasis> user's ssh key to the node's "
6205
"<filename>authorized_keys</filename> file, and confirm authenticity of the "
6206
"host's OpenSSH RSA key fingerprint. Finally, the command will complete by "
6207
"synchronizing the eucalyptus component keys and node registration is "
6210
"您这时将会被提示来登录您的节点,安装<application>eucalyptus-"
6211
"nc</application>包,然后添加<emphasis>eucalyptus</emphasis>用户的ssh键到节点的<filename>aut"
6212
"horized_keys</filename>文件,然后确认主机的OpenSSH "
6213
"RSA的键指印的正确性。最后,命令将会同步encalyptus组建的键,这样节点的注册就结束了。"
6215
#: serverguide/C/virtualization.xml:1270(para)
6217
"On the Node, the <filename>/etc/eucalyptus/eucalyptus.conf</filename> "
6218
"configuration file will need editing to use your node's bridge interface "
6219
"(assuming here that the interface is named <emphasis>'br0'</emphasis>):"
6221
"在节点上,配置文件<filename>/etc/eucalyptus/eucalyptus.conf</filename>需要进行编辑来使用您自己的桥接口"
6222
"(假设这里的那个接口被命名为<emphasis>“br0”</emphasis>):"
6224
#: serverguide/C/virtualization.xml:1275(programlisting)
6228
"VNET_INTERFACE=\"br0\"\n"
6230
"VNET_BRIDGE=\"br0\"\n"
6233
"VNET_INTERFACE=\"br0\"\n"
6235
"VNET_BRIDGE=\"br0\"\n"
6237
#: serverguide/C/virtualization.xml:1281(para)
6238
msgid "Finally, restart <application>eucalyptus-nc</application>:"
6239
msgstr "首先,重新启动<application>eucalyptus-nc</application>:"
6241
#: serverguide/C/virtualization.xml:1286(command)
6242
msgid "sudo /etc/init.d/eucalyptus-nc restart"
6243
msgstr "sudo /etc/init.d/eucalyptus-nc restart"
6245
#: serverguide/C/virtualization.xml:1291(para)
6247
"Be sure to replace <emphasis>nodecontroller</emphasis>, "
6248
"<emphasis>node01</emphasis>, and <emphasis>node02</emphasis> with actual "
6251
"一定要使用真实的主机名来替换<emphasis>nodecontroller</emphasis>,<emphasis>node01</emphasis>"
6252
"和<emphasis>node02</emphasis>。"
6254
#: serverguide/C/virtualization.xml:1297(para)
6256
"<application>Eucalyptus</application> is now ready to host images on the "
6258
msgstr "<application>Eucalyptus</application>现在已经准备host image on the cloud。"
6260
#: serverguide/C/virtualization.xml:1307(para)
6262
"See the <ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus "
6263
"website</ulink> for more information."
6265
"更多信息,请参见<ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus 网站</ulink>"
6267
#: serverguide/C/virtualization.xml:1312(para)
6052
msgid "Storage Controller (SC)"
6055
#: serverguide/C/virtualization.xml:1248(title)
6056
msgid "UEC Front End Requirements"
6059
#: serverguide/C/virtualization.xml:1256(para) serverguide/C/virtualization.xml:1318(para)
6063
#: serverguide/C/virtualization.xml:1257(para) serverguide/C/virtualization.xml:1319(para)
6067
#: serverguide/C/virtualization.xml:1258(para) serverguide/C/virtualization.xml:1320(para)
6071
#: serverguide/C/virtualization.xml:1259(para) serverguide/C/virtualization.xml:1321(para)
6075
#: serverguide/C/virtualization.xml:1264(para) serverguide/C/virtualization.xml:1326(para)
6079
#: serverguide/C/virtualization.xml:1265(para)
6083
#: serverguide/C/virtualization.xml:1266(para)
6087
#: serverguide/C/virtualization.xml:1267(para)
6089
"For an <emphasis>all-in-one</emphasis> front end, it helps to have at least "
6090
"a dual core processor."
6093
#: serverguide/C/virtualization.xml:1270(para) serverguide/C/virtualization.xml:1332(para)
6097
#: serverguide/C/virtualization.xml:1271(para)
6101
#: serverguide/C/virtualization.xml:1272(para)
6105
#: serverguide/C/virtualization.xml:1273(para)
6106
msgid "The Java web front end benefits from lots of available memory."
6109
#: serverguide/C/virtualization.xml:1276(para) serverguide/C/virtualization.xml:1338(para)
6113
#: serverguide/C/virtualization.xml:1277(para) serverguide/C/virtualization.xml:1339(para)
6114
msgid "5400 RPM IDE"
6117
#: serverguide/C/virtualization.xml:1278(para)
6118
msgid "7200 RPM SATA"
6121
#: serverguide/C/virtualization.xml:1279(para)
6123
"Slower disks will work, but will yield much longer instance startup times."
6126
#: serverguide/C/virtualization.xml:1282(para) serverguide/C/virtualization.xml:1344(para)
6130
#: serverguide/C/virtualization.xml:1283(para) serverguide/C/virtualization.xml:1345(para)
6134
#: serverguide/C/virtualization.xml:1284(para)
6138
#: serverguide/C/virtualization.xml:1285(para)
6140
"40GB is only enough space for only a single image, cache, etc., Eucalyptus "
6141
"does not like to run out of disk space."
6144
#: serverguide/C/virtualization.xml:1288(para) serverguide/C/virtualization.xml:1350(para) serverguide/C/network-config.xml:13(title)
6148
#: serverguide/C/virtualization.xml:1289(para) serverguide/C/virtualization.xml:1351(para)
6152
#: serverguide/C/virtualization.xml:1290(para) serverguide/C/virtualization.xml:1352(para)
6156
#: serverguide/C/virtualization.xml:1291(para) serverguide/C/virtualization.xml:1353(para)
6158
"Machine images are hundreds of MB, and need to be copied over the network to "
6162
#: serverguide/C/virtualization.xml:1299(title)
6163
msgid "Node Requirements"
6166
#: serverguide/C/virtualization.xml:1301(para)
6167
msgid "The other system(s) are <emphasis>nodes</emphasis>, which will run::"
6170
#: serverguide/C/virtualization.xml:1306(para)
6171
msgid "the Node Controller (NC)"
6174
#: serverguide/C/virtualization.xml:1310(title)
6175
msgid "UEC Node Requirements"
6178
#: serverguide/C/virtualization.xml:1327(para)
6179
msgid "VT Extensions"
6182
#: serverguide/C/virtualization.xml:1328(para)
6183
msgid "VT, 64-bit, Multicore"
6186
#: serverguide/C/virtualization.xml:1329(para)
6188
"64-bit can run both i386, and amd64 instances; by default, Eucalyptus will "
6189
"only run 1 VM per CPU core on a Node."
6192
#: serverguide/C/virtualization.xml:1333(para)
6196
#: serverguide/C/virtualization.xml:1334(para)
6200
#: serverguide/C/virtualization.xml:1335(para)
6201
msgid "Additional memory means more, and larger guests."
6204
#: serverguide/C/virtualization.xml:1340(para)
6205
msgid "7200 RPM SATA or SCSI"
6208
#: serverguide/C/virtualization.xml:1341(para)
6210
"Eucalyptus nodes are disk-intensive; I/O wait will likely be the performance "
6214
#: serverguide/C/virtualization.xml:1346(para)
6218
#: serverguide/C/virtualization.xml:1347(para)
6220
"Images will be cached locally, Eucalyptus does not like to run out of disk "
6224
#: serverguide/C/virtualization.xml:1363(title)
6225
msgid "Installing the Cloud/Cluster/Storage/Walrus Front End Server"
6228
#: serverguide/C/virtualization.xml:1367(para)
6229
msgid "Download the Ubuntu 10.04 LTS Server ISO file, and burn it to a CD."
6232
#: serverguide/C/virtualization.xml:1372(para) serverguide/C/virtualization.xml:1418(para)
6234
"When you boot, select <emphasis>“Install Ubuntu Enterprise Cloud”</emphasis>."
6237
#: serverguide/C/virtualization.xml:1377(para)
6239
"When asked whether you want a <emphasis>“Cluster”</emphasis> or a "
6240
"<emphasis>“Node”</emphasis> install, select <emphasis>“Cluster”</emphasis>."
6243
#: serverguide/C/virtualization.xml:1383(para)
6245
"It will ask two other cloud-specific questions during the course of the "
6249
#: serverguide/C/virtualization.xml:1388(para)
6250
msgid "Name of your cluster."
6253
#: serverguide/C/virtualization.xml:1391(para)
6254
msgid "e.g. <emphasis>cluster1</emphasis>."
6257
#: serverguide/C/virtualization.xml:1394(para)
6259
"A range of public IP addresses on the LAN that the cloud can allocate to "
6263
#: serverguide/C/virtualization.xml:1397(para)
6264
msgid "e.g. <emphasis>192.168.1.200-192.168.1.249</emphasis>."
6267
#: serverguide/C/virtualization.xml:1405(title)
6268
msgid "Installing the Node Controller(s)"
6271
#: serverguide/C/virtualization.xml:1407(para)
6273
"The node controller install is even simpler. Just make sure that you are "
6274
"connected to the network on which the cloud/cluster controller is already "
6278
#: serverguide/C/virtualization.xml:1413(para)
6279
msgid "Boot from the same ISO on the node(s)."
6282
#: serverguide/C/virtualization.xml:1423(para)
6283
msgid "Select <emphasis>“Install Ubuntu Enterprise Cloud”</emphasis>."
6286
#: serverguide/C/virtualization.xml:1428(para)
6288
"It should detect the Cluster and preselect <emphasis>“Node”</emphasis> "
6292
#: serverguide/C/virtualization.xml:1433(para)
6293
msgid "Confirm the partitioning scheme."
6296
#: serverguide/C/virtualization.xml:1438(para)
6298
"The rest of the installation should proceed uninterrupted; complete the "
6299
"installation and reboot the node."
6302
#: serverguide/C/virtualization.xml:1446(title)
6303
msgid "Register the Node(s)"
6306
#: serverguide/C/virtualization.xml:1448(para)
6308
"Nodes are the physical systems within <application>UEC</application> that "
6309
"actually run the virtual machine instances of the cloud."
6312
#: serverguide/C/virtualization.xml:1452(para)
6314
"Once one or more Ubuntu Server node(s) are installed and running the "
6315
"<application>eucalyptus-nc</application> service, log onto the "
6316
"<emphasis>Cloud Controller (CLC)</emphasis> and run:"
6319
#: serverguide/C/virtualization.xml:1458(command)
6320
msgid "sudo euca_conf --no-rsync --discover-nodes"
6323
#: serverguide/C/virtualization.xml:1461(para)
6325
"This will discover the systems on the network running the "
6326
"<application>eucalyptus-nc</application> service, and the administrator can "
6327
"confirm the registration of each node by its IP address."
6330
#: serverguide/C/virtualization.xml:1467(para)
6332
"If you get prompted for passwords, or receive errors from scp, you may need "
6333
"to revisit the key synchronization instructions at <ulink "
6334
"url=\"https://help.ubuntu.com/community/UEC/NodeInstallation\">UEC/NodeInstal"
6338
#: serverguide/C/virtualization.xml:1475(title)
6339
msgid "Obtain Credentials"
6342
#: serverguide/C/virtualization.xml:1477(para)
6344
"After installing and booting the <emphasis>Cloud Controller</emphasis>, "
6345
"users of the cloud will need to retrieve their credentials. This can be done "
6346
"either through a web browser, or at the command line."
6349
#: serverguide/C/virtualization.xml:1483(title)
6350
msgid "From a Web Browser"
6353
#: serverguide/C/virtualization.xml:1487(para)
6355
"From your web browser (either remotely or on your Ubuntu server) access the "
6359
#: serverguide/C/virtualization.xml:1490(programlisting) serverguide/C/virtualization.xml:1743(programlisting)
6363
"https://<cloud-controller-ip-address>:8443/\n"
6366
#: serverguide/C/virtualization.xml:1495(para)
6368
"You must use a secure connection, so make sure you use \"https\" not "
6369
"\"http\" in your URL. You will get a security certificate warning. You will "
6370
"have to add an exception to view the page. If you do not accept it you will "
6371
"not be able to view the Eucalyptus configuration page."
6374
#: serverguide/C/virtualization.xml:1503(para)
6376
"Use username <emphasis>'admin'</emphasis> and password "
6377
"<emphasis>'admin'</emphasis> for the first time login (you will be prompted "
6378
"to change your password)."
6381
#: serverguide/C/virtualization.xml:1509(para)
6383
"Then follow the on-screen instructions to update the admin password and "
6387
#: serverguide/C/virtualization.xml:1514(para)
6389
"Once the first time configuration process is completed, click the "
6390
"<emphasis>'credentials'</emphasis> tab located in the top-left portion of "
6394
#: serverguide/C/virtualization.xml:1520(para)
6396
"Click the <emphasis>'Download Credentials'</emphasis> button to get your "
6400
#: serverguide/C/virtualization.xml:1525(para)
6401
msgid "Save them to <filename>~/.euca</filename>."
6404
#: serverguide/C/virtualization.xml:1530(para)
6406
"Unzip the downloaded zip file into a safe location "
6407
"(<filename>~/.euca</filename>)."
6410
#: serverguide/C/virtualization.xml:1534(command)
6411
msgid "unzip -d ~/.euca mycreds.zip"
6414
#: serverguide/C/virtualization.xml:1541(title)
6415
msgid "From a Command Line"
6418
#: serverguide/C/virtualization.xml:1545(para)
6420
"Alternatively, if you are on the command line of the <emphasis>Cloud "
6421
"Controller</emphasis>, you can run:"
6424
#: serverguide/C/virtualization.xml:1549(command)
6425
msgid "mkdir -p ~/.euca"
6428
#: serverguide/C/virtualization.xml:1550(command)
6429
msgid "chmod 700 ~/.euca"
6432
#: serverguide/C/virtualization.xml:1551(command)
6436
#: serverguide/C/virtualization.xml:1552(command)
6437
msgid "sudo euca_conf --get-credentials mycreds.zip"
6440
#: serverguide/C/virtualization.xml:1553(command)
6441
msgid "unzip mycreds.zip"
6444
#: serverguide/C/virtualization.xml:1554(command)
6448
#: serverguide/C/virtualization.xml:1561(title)
6449
msgid "Extracting and Using Your Credentials"
6452
#: serverguide/C/virtualization.xml:1563(para)
6454
"Now you will need to setup EC2 API and AMI tools on your server using X.509 "
6458
#: serverguide/C/virtualization.xml:1569(para)
6460
"Source the included <emphasis>\"eucarc\"</emphasis> file to set up your "
6461
"Eucalyptus environment:"
6464
#: serverguide/C/virtualization.xml:1573(command) serverguide/C/virtualization.xml:1600(command)
6465
msgid ". ~/.euca/eucarc"
6468
#: serverguide/C/virtualization.xml:1577(para)
6470
"You may additionally wish to add this command to your "
6471
"<filename>~/.bashrc</filename> file so that your Eucalyptus environment is "
6472
"set up automatically when you log in. Eucalyptus treats this set of "
6473
"credentials as <emphasis>'administrator'</emphasis> credentials that allow "
6474
"the holder global privileges across the cloud. As such, they should be "
6475
"protected in the same way that other elevated-priority access is protected "
6476
"(e.g. should not be made visible to the general user population)."
6479
#: serverguide/C/virtualization.xml:1584(command)
6481
"echo \"[ -r ~/.euca/eucarc ] && . ~/.euca/eucarc\" >> ~/.bashrc"
6484
#: serverguide/C/virtualization.xml:1588(para)
6485
msgid "Install the required cloud user tools:"
6488
#: serverguide/C/virtualization.xml:1592(command)
6489
msgid "sudo apt-get install euca2ools"
6492
#: serverguide/C/virtualization.xml:1596(para)
6494
"To validate that everything is working correctly, get the local cluster "
6495
"availability details:"
6498
#: serverguide/C/virtualization.xml:1601(command)
6499
msgid "euca-describe-availability-zones verbose"
6502
#: serverguide/C/virtualization.xml:1602(computeroutput)
6505
"AVAILABILITYZONE myowncloud 192.168.1.1\n"
6506
"AVAILABILITYZONE |- vm types free / max cpu ram disk\n"
6507
"AVAILABILITYZONE |- m1.small 0004 / 0004 1 128 2\n"
6508
"AVAILABILITYZONE |- c1.medium 0004 / 0004 1 256 5\n"
6509
"AVAILABILITYZONE |- m1.large 0002 / 0002 2 512 10\n"
6510
"AVAILABILITYZONE |- m1.xlarge 0002 / 0002 2 1024 20\n"
6511
"AVAILABILITYZONE |- c1.xlarge 0001 / 0001 4 2048 20"
6514
#: serverguide/C/virtualization.xml:1612(para)
6515
msgid "Your output from the above command will vary."
6518
#: serverguide/C/virtualization.xml:1622(title)
6519
msgid "Running an Image"
6522
#: serverguide/C/virtualization.xml:1624(para)
6523
msgid "There are multiple ways to instantiate an image in UEC:"
6526
#: serverguide/C/virtualization.xml:1629(para)
6527
msgid "Use the command line."
6530
#: serverguide/C/virtualization.xml:1630(para)
6532
"Use one of the UEC compatible management tools such as "
6533
"<emphasis>Landscape</emphasis>."
6536
#: serverguide/C/virtualization.xml:1632(para)
6539
"url=\"https://help.ubuntu.com/community/UEC/ElasticFox\">ElasticFox</ulink> "
6540
"extension to Firefox."
6543
#: serverguide/C/virtualization.xml:1638(para)
6544
msgid "Here we will describe the process from the command line:"
6547
#: serverguide/C/virtualization.xml:1644(para)
6549
"Before running an instance of your image, you should first create a "
6550
"<emphasis>keypair</emphasis> (ssh key) that you can use to log into your "
6551
"instance as root, once it boots. The key is stored, so you will only have to "
6555
#: serverguide/C/virtualization.xml:1648(para)
6556
msgid "Run the following command:"
6559
#: serverguide/C/virtualization.xml:1651(programlisting)
6563
"if [ ! -e ~/.euca/mykey.priv ]; then\n"
6564
" touch ~/.euca/mykey.priv\n"
6565
" chmod 0600 ~/.euca/mykey.priv\n"
6566
" euca-add-keypair mykey > ~/.euca/mykey.priv\n"
6570
#: serverguide/C/virtualization.xml:1659(para)
6572
"You can call your key whatever you like (in this example, the key is called "
6573
"<emphasis>'mykey'</emphasis>), but remember what it is called. If you "
6574
"forget, you can always run <command>euca-describe-keypairs</command> to get "
6575
"a list of created keys stored in the system."
6578
#: serverguide/C/virtualization.xml:1666(para)
6579
msgid "You must also allow access to port 22 in your instances:"
6582
#: serverguide/C/virtualization.xml:1670(command)
6583
msgid "euca-describe-groups"
6586
#: serverguide/C/virtualization.xml:1671(command)
6587
msgid "euca-authorize default -P tcp -p 22 -s 0.0.0.0/0"
6590
#: serverguide/C/virtualization.xml:1675(para)
6591
msgid "Next, you can create instances of your registered image:"
6594
#: serverguide/C/virtualization.xml:1679(command)
6595
msgid "euca-run-instances $EMI -k mykey -t c1.medium"
6598
#: serverguide/C/virtualization.xml:1682(para)
6600
"If you receive an error regarding <emphasis>image_id</emphasis>, you may "
6601
"find it by viewing Images page or click <emphasis>\"How to Run\"</emphasis> "
6602
"on the <emphasis>Store</emphasis> page to see the sample command."
6605
#: serverguide/C/virtualization.xml:1689(para)
6607
"The first time you run an instance, the system will be setting up caches for "
6608
"the image from which it will be created. This can often take some time the "
6609
"first time an instance is run given that VM images are usually quite large."
6612
#: serverguide/C/virtualization.xml:1693(para)
6613
msgid "To monitor the state of your instance, run:"
6616
#: serverguide/C/virtualization.xml:1697(command)
6617
msgid "watch -n5 euca-describe-instances"
6620
#: serverguide/C/virtualization.xml:1699(para)
6622
"In the output, you should see information about the instance, including its "
6623
"state. While first-time caching is being performed, the instance's state "
6624
"will be <emphasis>'pending'</emphasis>."
6627
#: serverguide/C/virtualization.xml:1705(para)
6629
"When the instance is fully started, the above state will become "
6630
"<emphasis>'running'</emphasis>. Look at the IP address assigned to your "
6631
"instance in the output, then connect to it:"
6634
#: serverguide/C/virtualization.xml:1710(command)
6636
"IPADDR=$(euca-describe-instances | grep $EMI | grep running | tail -n1 | awk "
6640
#: serverguide/C/virtualization.xml:1711(command)
6641
msgid "ssh -i ~/.euca/mykey.priv ubuntu@$IPADDR"
6644
#: serverguide/C/virtualization.xml:1715(para)
6646
"And when you are done with this instance, exit your SSH connection, then "
6647
"terminate your instance:"
6650
#: serverguide/C/virtualization.xml:1719(command)
6652
"INSTANCEID=$(euca-describe-instances | grep $EMI | grep running | tail -n1 | "
6656
#: serverguide/C/virtualization.xml:1720(command)
6657
msgid "euca-terminate-instances $INSTANCEID"
6660
#: serverguide/C/virtualization.xml:1727(title)
6661
msgid "Install an Image from the Store"
6664
#: serverguide/C/virtualization.xml:1729(para)
6666
"The following is by far the simplest way to install an image. However, "
6667
"advanced users may be interested in learning how to <ulink "
6668
"url=\"https://help.ubuntu.com/community/UEC/BundlingImages\">Bundle their "
6669
"own image</ulink>."
6672
#: serverguide/C/virtualization.xml:1734(para)
6674
"The simplest way to add an image to <application>UEC</application> is to "
6675
"install it from the Image Store on the UEC web interface."
6678
#: serverguide/C/virtualization.xml:1740(para)
6680
"Access the web interface at the following URL (Make sure you specify https):"
6683
#: serverguide/C/virtualization.xml:1748(para)
6685
"Enter your login and password (if requested, as you may still be logged in "
6689
#: serverguide/C/virtualization.xml:1753(para)
6690
msgid "Click on the <emphasis>Store</emphasis> tab."
6693
#: serverguide/C/virtualization.xml:1758(para)
6694
msgid "Browse available images."
6697
#: serverguide/C/virtualization.xml:1763(para)
6698
msgid "Click on <emphasis>install</emphasis> for the image you want."
6701
#: serverguide/C/virtualization.xml:1769(para)
6703
"Once the image has been downloaded and installed, you can click on "
6704
"<emphasis>\"How to run?\"</emphasis> that will be displayed below the image "
6705
"button to view the command to execute to instantiate (start) this image. The "
6706
"image will also appear on the list given on the <emphasis>Image</emphasis> "
6710
#: serverguide/C/virtualization.xml:1777(title) serverguide/C/dns.xml:619(title)
6711
msgid "More Information"
6714
#: serverguide/C/virtualization.xml:1779(para)
6716
"How to use the <ulink "
6717
"url=\"https://help.ubuntu.com/community/UEC/StorageController\">Storage "
6718
"Controller</ulink>"
6721
#: serverguide/C/virtualization.xml:1783(para)
6722
msgid "Controlling eucalyptus services:"
6725
#: serverguide/C/virtualization.xml:1788(para)
6727
"sudo service eucalyptus [start|stop|restart] (on the CLC/CC/SC/Walrus side)"
6730
#: serverguide/C/virtualization.xml:1789(para)
6731
msgid "sudo service eucalyptus-nc [start|stop|restart] (on the Node side)"
6734
#: serverguide/C/virtualization.xml:1792(para)
6735
msgid "Locations of some important files:"
6738
#: serverguide/C/virtualization.xml:1799(emphasis)
6742
#: serverguide/C/virtualization.xml:1802(para)
6743
msgid "/var/log/eucalyptus"
6746
#: serverguide/C/virtualization.xml:1807(emphasis)
6747
msgid "Configuration files:"
6750
#: serverguide/C/virtualization.xml:1810(para)
6751
msgid "/etc/eucalyptus"
6754
#: serverguide/C/virtualization.xml:1815(emphasis)
6758
#: serverguide/C/virtualization.xml:1818(para)
6759
msgid "/var/lib/eucalyptus/db"
6762
#: serverguide/C/virtualization.xml:1823(emphasis)
6766
#: serverguide/C/virtualization.xml:1826(para)
6767
msgid "/var/lib/eucalyptus"
6770
#: serverguide/C/virtualization.xml:1827(para)
6771
msgid "/var/lib/eucalyptus/.ssh"
6774
#: serverguide/C/virtualization.xml:1833(para)
6776
"Don't forget to source your <filename>~/.euca/eucarc</filename> before "
6777
"running the client tools."
6780
#: serverguide/C/virtualization.xml:1844(para)
6269
6782
"For information on loading instances see the <ulink "
6270
6783
"url=\"https://help.ubuntu.com/community/Eucalyptus\">Eucalyptus Wiki</ulink> "
10197
10816
"other users on the system."
10200
#: serverguide/C/security.xml:1845(para)
10819
#: serverguide/C/security.xml:1792(para)
10202
10821
"<emphasis>ecryptfs-mount-private and ecryptfs-umount-private:</emphasis> "
10203
10822
"will mount and unmount respectively, a users <filename>~/Private</filename> "
10207
#: serverguide/C/security.xml:1851(para)
10826
#: serverguide/C/security.xml:1798(para)
10209
10828
"<emphasis>ecryptfs-add-passphrase:</emphasis> adds a new passphrase to the "
10210
10829
"kernel keyring."
10213
#: serverguide/C/security.xml:1856(para)
10832
#: serverguide/C/security.xml:1803(para)
10215
10834
"<emphasis>ecryptfs-manager:</emphasis> manages "
10216
10835
"<application>eCryptfs</application> objects such as keys."
10219
#: serverguide/C/security.xml:1861(para)
10838
#: serverguide/C/security.xml:1808(para)
10221
10840
"<emphasis>ecryptfs-stat:</emphasis> allows you to view the "
10222
10841
"<application>ecryptfs</application> meta information for a file."
10225
#: serverguide/C/security.xml:1874(para)
10844
#: serverguide/C/security.xml:1821(para)
10227
10846
"For more information on eCryptfs see the <ulink "
10228
"url=\"https://launchpad.net/ecryptfs\">Launch Pad project page</ulink>"
10847
"url=\"https://launchpad.net/ecryptfs\">Launchpad project page</ulink>."
10231
#: serverguide/C/security.xml:1879(para)
10850
#: serverguide/C/security.xml:1826(para)
10233
10852
"There is also a <ulink "
10234
10853
"url=\"http://www.linuxjournal.com/article/9400\">Linux Journal</ulink> "
10235
10854
"article covering eCryptfs."
10856
"在<ulink url=\"http://www.linuxjournal.com/article/9400\">Linux "
10857
"Journal</ulink> 上也有关于eCryptfs的文章。"
10238
#: serverguide/C/security.xml:1884(para)
10859
#: serverguide/C/security.xml:1831(para)
10240
10861
"Also, for more <application>ecryptfs</application> options see the <ulink "
10241
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man7/ecryptfs.7.html\">ec"
10242
"ryptfs man page</ulink>."
10862
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man7/ecryptfs.7.html\">ecr"
10863
"yptfs man page</ulink>."
10866
#: serverguide/C/security.xml:1837(para)
10868
"The <ulink url=\"https://help.ubuntu.com/community/eCryptfs\">eCryptfs "
10869
"Ubuntu Wiki</ulink> page also has more details."
10872
#: serverguide/C/reporting-bugs.xml:13(title)
10876
#: serverguide/C/reporting-bugs.xml:16(title)
10877
msgid "Reporting Bugs in Ubuntu Server Edition"
10880
#: serverguide/C/reporting-bugs.xml:18(para)
10882
"While the Ubuntu Project attempts to release software with as few bugs as "
10883
"possible, they do occur. You can help fix these bugs by reporting ones that "
10884
"you find to the project. The Ubuntu Project uses <ulink "
10885
"url=\"https://launchpad.net/\">Launchpad</ulink> to track its bug reports. "
10886
"In order to file a bug about Ubuntu Server on Launchpad, you will need to "
10887
"<ulink url=\"https://help.launchpad.net/YourAccount/NewAccount\">create an "
10891
#: serverguide/C/reporting-bugs.xml:30(title)
10892
msgid "Reporting Bugs With ubuntu-bug"
10895
#: serverguide/C/reporting-bugs.xml:32(para)
10897
"The preferred way to report a bug is with the <application>ubuntu-"
10898
"bug</application> command. The ubuntu-bug tool gathers information about the "
10899
"system useful to developers in diagnosing the reported problem that will "
10900
"then be included in the bug report filed on Launchpad. Bug reports in Ubuntu "
10901
"need to be filed against a specific software package, thus the name of the "
10902
"package that the bug occurs in needs to be given to ubuntu-bug:"
10905
#: serverguide/C/reporting-bugs.xml:43(command)
10906
msgid "ubuntu-bug PACKAGENAME"
10909
#: serverguide/C/reporting-bugs.xml:46(para)
10911
"For example, to file a bug against the openssh-server package, you would do:"
10914
#: serverguide/C/reporting-bugs.xml:51(command)
10915
msgid "ubuntu-bug openssh-server"
10918
#: serverguide/C/reporting-bugs.xml:54(para)
10920
"You can specify either a binary package or the source package for ubuntu-"
10921
"bug. Again using openssh-server as an example, you could also generate the "
10922
"report against the source package for openssh-server, openssh:"
10925
#: serverguide/C/reporting-bugs.xml:62(command)
10926
msgid "ubuntu-bug openssh"
10929
#: serverguide/C/reporting-bugs.xml:66(para)
10931
"See <xref linkend=\"package-management\"/> for more information about "
10932
"packages in Ubuntu."
10935
#: serverguide/C/reporting-bugs.xml:72(para)
10937
"The ubuntu-bug command will gather information about the system in question, "
10938
"possibly including information specific to the specified package, and then "
10939
"ask you what you would like to do with collected information:"
10942
#: serverguide/C/reporting-bugs.xml:80(command)
10943
msgid "ubuntu-bug postgresql"
10946
#: serverguide/C/reporting-bugs.xml:79(screen)
10950
"<placeholder-1/>\n"
10952
"*** Collecting problem information\n"
10954
"The collected information can be sent to the developers to improve the\n"
10955
"application. This might take a few minutes.\n"
10958
"*** Send problem report to the developers?\n"
10960
"After the problem report has been sent, please fill out the form in the\n"
10961
"automatically opened web browser.\n"
10963
"What would you like to do? Your options are:\n"
10964
" S: Send report (1.7 KiB)\n"
10965
" V: View report\n"
10966
" K: Keep report file for sending later or copying to somewhere else\n"
10968
"Please choose (S/V/K/C):\n"
10971
#: serverguide/C/reporting-bugs.xml:101(para)
10972
msgid "The options available are:"
10975
#: serverguide/C/reporting-bugs.xml:108(para)
10977
"<emphasis role=\"bold\">Send Report</emphasis> Selecting Send Report submits "
10978
"the collected information to Launchpad as part of the the process of filing "
10979
"a bug report. You will be given the opportunity to describe the situation "
10980
"that led up to the occurrance of the bug."
10983
#: serverguide/C/reporting-bugs.xml:115(screen)
10987
"*** Uploading problem information\n"
10989
"The collected information is being sent to the bug tracking system.\n"
10990
"This might take a few minutes.\n"
10993
"*** To continue, you must visit the following URL:\n"
10995
" https://bugs.launchpad.net/ubuntu/+source/postgresql-"
10996
"8.4/+filebug/kc6eSnTLnLxF8u0t3e56EukFeqJ?\n"
10998
"You can launch a browser now, or copy this URL into a browser on another\n"
11002
" 1: Launch a browser now\n"
11004
"Please choose (1/C):\n"
11007
#: serverguide/C/reporting-bugs.xml:135(para)
11009
"If you choose to start a browser, by default the text based web browser "
11010
"<application>w3m</application> will be used to finish filing the bug report. "
11011
"Alternately, you can copy the given URL to a currently running web browser."
11014
#: serverguide/C/reporting-bugs.xml:144(para)
11016
"<emphasis role=\"bold\">View Report</emphasis> Selecting View Report causes "
11017
"the collected information to be displayed to the terminal for review."
11020
#: serverguide/C/reporting-bugs.xml:150(screen)
11024
"Package: postgresql 8.4.2-2\n"
11025
"PackageArchitecture: all\n"
11027
"ProblemType: Bug\n"
11029
" LANG=en_US.UTF-8\n"
11030
" SHELL=/bin/bash\n"
11031
"Uname: Linux 2.6.32-16-server x86_64\n"
11033
" adduser 3.112ubuntu1\n"
11034
" base-files 5.0.0ubuntu10\n"
11035
" base-passwd 3.5.22\n"
11036
" coreutils 7.4-2ubuntu2\n"
11040
#: serverguide/C/reporting-bugs.xml:167(para)
11042
"After viewing the report, you will be brought back to the same menu asking "
11043
"what you would like to do with the report."
11046
#: serverguide/C/reporting-bugs.xml:174(para)
11048
"<emphasis role=\"bold\">Keep Report File</emphasis> Selecting Keep Report "
11049
"File causes the gathered information to be written to a file. This file can "
11050
"then be used to later file a bug report or transferred to a different Ubuntu "
11051
"system for reporting. To submit the report file, simply give it as an "
11052
"argument to the ubuntu-bug command:"
11055
#: serverguide/C/reporting-bugs.xml:189(userinput)
11060
#: serverguide/C/reporting-bugs.xml:192(command)
11061
msgid "ubuntu-bug /tmp/apport.postgresql.v4MQas.apport"
11064
#: serverguide/C/reporting-bugs.xml:183(screen)
11068
"What would you like to do? Your options are:\n"
11069
" S: Send report (1.7 KiB)\n"
11070
" V: View report\n"
11071
" K: Keep report file for sending later or copying to somewhere else\n"
11073
"Please choose (S/V/K/C): <placeholder-1/>\n"
11074
"Problem report file: /tmp/apport.postgresql.v4MQas.apport\n"
11076
"<placeholder-2/>\n"
11078
"*** Send problem report to the developers?\n"
11082
#: serverguide/C/reporting-bugs.xml:200(para)
11084
"<emphasis role=\"bold\">Cancel</emphasis> Selecting Cancel causes the "
11085
"collected information to be discarded."
11088
#: serverguide/C/reporting-bugs.xml:210(title)
11089
msgid "Reporting Application Crashes"
11092
#: serverguide/C/reporting-bugs.xml:212(para)
11094
"The software package that provides the ubuntu-bug utility, "
11095
"<application>apport</application>, can be configured to trigger when "
11096
"applications crash. This is disabled by default, as capturing a crash can be "
11097
"resource intensive depending on how much memory the application that crashed "
11098
"was using as apport captures and processes the core dump."
11101
#: serverguide/C/reporting-bugs.xml:221(para)
11103
"Configuring apport to capture information about crashing applications "
11104
"requires a couple of steps. First, <application>gdb</application> needs to "
11105
"be installed; it is not installed by default in Ubuntu Server Edition."
11108
#: serverguide/C/reporting-bugs.xml:229(command)
11109
msgid "sudo apt-get install gdb"
11112
#: serverguide/C/reporting-bugs.xml:232(para)
11114
"See <xref linkend=\"package-management\"/> for more information about "
11115
"managing packages in Ubuntu."
11118
#: serverguide/C/reporting-bugs.xml:237(para)
11120
"Once you have ensured that gdb is installed, open the file "
11121
"<filename>/etc/default/apport</filename> in your text editor, and change the "
11122
"<emphasis>enabled</emphasis> setting to be <emphasis "
11123
"role=\"bold\">1</emphasis> like so:"
11126
#: serverguide/C/reporting-bugs.xml:244(programlisting)
11130
"# set this to 0 to disable apport, or to 1 to enable it\n"
11131
"# you can temporarily override this with\n"
11132
"# sudo service apport start force_start=1\n"
11133
"enabled=<userinput>1</userinput>\n"
11135
"# set maximum core dump file size (default: 209715200 bytes == 200 MB)\n"
11136
"maxsize=209715200\n"
11139
#: serverguide/C/reporting-bugs.xml:254(para)
11141
"Once you have completed editing <filename>/etc/default/apport</filename>, "
11142
"start the apport service:"
11145
#: serverguide/C/reporting-bugs.xml:261(command)
11146
msgid "sudo start apport"
11149
#: serverguide/C/reporting-bugs.xml:264(para)
11151
"After an application crashes, use the <application>apport-cli</application> "
11152
"command to search for the existing saved crash report information:"
11155
#: serverguide/C/reporting-bugs.xml:271(command)
11159
#: serverguide/C/reporting-bugs.xml:270(screen)
11163
"<placeholder-1/>\n"
11165
"*** dash closed unexpectedly on 2010-03-11 at 21:40:59.\n"
11167
"If you were not doing anything confidential (entering passwords or other\n"
11168
"private information), you can help to improve the application by\n"
11172
"What would you like to do? Your options are:\n"
11173
" R: Report Problem...\n"
11174
" I: Cancel and ignore future crashes of this program version\n"
11176
"Please choose (R/I/C):\n"
11179
#: serverguide/C/reporting-bugs.xml:287(para)
11181
"Selecting <emphasis>Report Problem</emphasis> will walk you through similar "
11182
"steps as when using ubuntu-bug. One important difference is that a crash "
11183
"report will be marked as private when filed on Launchpad, meaning that it "
11184
"will be visible to only a limited set of bug triagers. These triagers will "
11185
"review the gathered data for private information before making the bug "
11186
"report publicly visible."
11189
#: serverguide/C/reporting-bugs.xml:307(para)
11192
"url=\"https://help.ubuntu.com/community/ReportingBugs\">Reporting "
11193
"Bugs</ulink> Ubuntu wiki page."
11196
#: serverguide/C/reporting-bugs.xml:313(para)
11198
"Also, the <ulink url=\"https://wiki.ubuntu.com/Apport\">Apport</ulink> page "
11199
"has some useful information. Though some of it pertains to using a GUI."
10245
11202
#: serverguide/C/remote-administration.xml:13(title)
11873
12849
"Committed revision 2."
11876
#: serverguide/C/other-apps.xml:280(para)
12852
#: serverguide/C/other-apps.xml:241(para)
11878
12854
"For an example of how <application>etckeeper</application> tracks manual "
11879
12855
"changes, add new a host to <filename>/etc/hosts</filename>. Using "
11880
12856
"<application>bzr</application> you can see which files have been modified:"
11883
#: serverguide/C/other-apps.xml:286(command)
12859
#: serverguide/C/other-apps.xml:247(command)
11884
12860
msgid "sudo bzr status /etc/"
11887
#: serverguide/C/other-apps.xml:287(computeroutput)
12863
#: serverguide/C/other-apps.xml:248(computeroutput)
11890
12866
"modified:\n"
11894
#: serverguide/C/other-apps.xml:291(para)
12870
#: serverguide/C/other-apps.xml:252(para)
11895
12871
msgid "Now commit the changes:"
11898
#: serverguide/C/other-apps.xml:296(command)
12874
#: serverguide/C/other-apps.xml:257(command)
11899
12875
msgid "sudo etckeeper commit \"new host\""
11902
#: serverguide/C/other-apps.xml:299(para)
12878
#: serverguide/C/other-apps.xml:260(para)
11904
12880
"For more information on <application>bzr</application> see <xref "
11905
12881
"linkend=\"bazaar\"/>."
11908
#: serverguide/C/other-apps.xml:305(title)
11909
msgid "Screen Profiles"
12884
#: serverguide/C/other-apps.xml:266(title)
11912
#: serverguide/C/other-apps.xml:307(para)
12888
#: serverguide/C/other-apps.xml:268(para)
11914
12890
"One of the most useful applications for any system administrator is "
11915
12891
"<application>screen</application>. It allows the execution of multiple "
11916
12892
"shells in one terminal. To make some of the advanced "
11917
12893
"<application>screen</application> features more user friendly, and provide "
11918
"some useful information about the system, the <application>screen-"
11919
"profiles</application> package was created."
12894
"some useful information about the system, the "
12895
"<application>byobu</application> package was created."
11922
#: serverguide/C/other-apps.xml:314(para)
12898
#: serverguide/C/other-apps.xml:275(para)
11924
"When executing <application>screen</application> for the first time you will "
11925
"be presented with the <application>screen-profiles-helper</application> "
11926
"menu. This menu will allow you to:"
12900
"When executing <application>byobu</application> pressing the "
12901
"<emphasis>F9</emphasis> key will bring up the "
12902
"<application>Configuration</application> menu. This menu will allow you to:"
11929
#: serverguide/C/other-apps.xml:320(para)
12905
#: serverguide/C/other-apps.xml:281(para)
11930
12906
msgid "View the Help menu"
11931
12907
msgstr "查看帮助菜单"
11933
#: serverguide/C/other-apps.xml:321(para)
12909
#: serverguide/C/other-apps.xml:282(para)
12910
msgid "Change Byobu's background color"
12913
#: serverguide/C/other-apps.xml:283(para)
12914
msgid "Change Byobu's foreground color"
12917
#: serverguide/C/other-apps.xml:284(para)
12918
msgid "Toggle status notifications"
12921
#: serverguide/C/other-apps.xml:285(para)
11934
12922
msgid "Change the key binding set"
11937
#: serverguide/C/other-apps.xml:322(para)
11938
msgid "Change screen profiles"
11941
#: serverguide/C/other-apps.xml:323(para)
12925
#: serverguide/C/other-apps.xml:286(para)
11942
12926
msgid "Change the escape sequence"
11945
#: serverguide/C/other-apps.xml:324(para)
11946
msgid "Create new screen windows"
12929
#: serverguide/C/other-apps.xml:287(para)
12930
msgid "Create new windows"
11949
#: serverguide/C/other-apps.xml:325(para)
12933
#: serverguide/C/other-apps.xml:288(para)
11950
12934
msgid "Manage the default windows"
11953
#: serverguide/C/other-apps.xml:326(para)
11954
msgid "Install screen by default at login"
12937
#: serverguide/C/other-apps.xml:289(para)
12938
msgid "Byobu currently does not launch at login (toggle on)"
11957
#: serverguide/C/other-apps.xml:329(para)
12941
#: serverguide/C/other-apps.xml:292(para)
11959
12943
"The <emphasis>key bindings</emphasis> determine such things as the escape "
11960
12944
"sequence, new window, change window, etc. There are two key binding sets to "
11961
"choose from <emphasis>common</emphasis> and <emphasis>none</emphasis>. If "
11962
"you wish to use the original key bindings choose the "
12945
"choose from <emphasis>f-keys</emphasis> and <emphasis>screen-escape-"
12946
"keys</emphasis>. If you wish to use the original key bindings choose the "
11963
12947
"<emphasis>none</emphasis> set."
11966
#: serverguide/C/other-apps.xml:335(para)
11968
"The Ubuntu <application>screen-profiles</application> provide a menu which "
11969
"displays the Ubuntu release, processor information, memory information, and "
11970
"the time and date. The effect is similar to a desktop menu. When a profile "
11971
"is selected it will be symlinked to <filename>~/.screenrc</filename>. The "
11972
"<application>select-screen-profile</application> utility can also be used to "
11973
"change profiles, in a terminal enter:"
11976
#: serverguide/C/other-apps.xml:343(command)
11977
msgid "select-screen-profile -s ubuntu-light"
11980
#: serverguide/C/other-apps.xml:346(para)
11982
"The <emphasis>plain</emphasis> profile will change "
11983
"<application>screen</application> back to the defaults, which does not "
11984
"include the information menu at the bottom."
11987
#: serverguide/C/other-apps.xml:351(para)
11989
"Using the <emphasis>\"Install screen by default at login\"</emphasis> option "
11990
"will cause screen to be executed any time a terminal is opened. Changes made "
11991
"to <application>screen</application> are on a per user basis, and will not "
12950
#: serverguide/C/other-apps.xml:298(para)
12952
"<application>byobu</application> provides a menu which displays the Ubuntu "
12953
"release, processor information, memory information, and the time and date. "
12954
"The effect is similar to a desktop menu."
12957
#: serverguide/C/other-apps.xml:303(para)
12959
"Using the <emphasis>\"Byobu currently does not launch at login (toggle "
12960
"on)\"</emphasis> option will cause <application>byobu</application> to be "
12961
"executed any time a terminal is opened. Changes made to "
12962
"<application>byobu</application> are on a per user basis, and will not "
11992
12963
"affect other users on the system."
11995
#: serverguide/C/other-apps.xml:356(para)
12966
#: serverguide/C/other-apps.xml:309(para)
11997
"One difference when using screen is the <emphasis>scrollback</emphasis> "
11998
"mode. If you are using one of the Ubuntu profiles press the "
11999
"<emphasis>F7</emphasis>, or <emphasis>Ctrl+a+[</emphasis> if not, to enter "
12000
"scrollback mode. Scrollback mode allows you to navigate past output using "
12001
"<emphasis>vi</emphasis> like commands. Here is a quick list of movement "
12968
"One difference when using byobu is the <emphasis>scrollback</emphasis> mode. "
12969
"Press the <emphasis>F7</emphasis> key to enter scrollback mode. Scrollback "
12970
"mode allows you to navigate past output using <emphasis>vi</emphasis> like "
12971
"commands. Here is a quick list of movement commands:"
12005
#: serverguide/C/other-apps.xml:363(para)
12974
#: serverguide/C/other-apps.xml:316(para)
12006
12975
msgid "<emphasis>h</emphasis> - Move the cursor left by one character"
12009
#: serverguide/C/other-apps.xml:364(para)
12978
#: serverguide/C/other-apps.xml:317(para)
12010
12979
msgid "<emphasis>j</emphasis> - Move the cursor down by one line"
12013
#: serverguide/C/other-apps.xml:365(para)
12982
#: serverguide/C/other-apps.xml:318(para)
12014
12983
msgid "<emphasis>k</emphasis> - Move the cursor up by one line"
12017
#: serverguide/C/other-apps.xml:366(para)
12986
#: serverguide/C/other-apps.xml:319(para)
12018
12987
msgid "<emphasis>l</emphasis> - Move the cursor right by one character"
12021
#: serverguide/C/other-apps.xml:367(para)
12990
#: serverguide/C/other-apps.xml:320(para)
12022
12991
msgid "<emphasis>0</emphasis> - Move to the beginning of the current line"
12025
#: serverguide/C/other-apps.xml:368(para)
12994
#: serverguide/C/other-apps.xml:321(para)
12026
12995
msgid "<emphasis>$</emphasis> - Move to the end of the current line"
12029
#: serverguide/C/other-apps.xml:369(para)
12998
#: serverguide/C/other-apps.xml:322(para)
12031
13000
"<emphasis>G</emphasis> - Moves to the specified line (defaults to the end of "
12032
13001
"the buffer)"
12035
#: serverguide/C/other-apps.xml:370(para)
12036
msgid "<emphasis>C-u</emphasis> - Scrolls a half page up"
12039
#: serverguide/C/other-apps.xml:371(para)
12040
msgid "<emphasis>C-b</emphasis> - Scrolls a full page up"
12043
#: serverguide/C/other-apps.xml:372(para)
12044
msgid "<emphasis>C-d</emphasis> - Scrolls a half page down"
12047
#: serverguide/C/other-apps.xml:373(para)
12048
msgid "<emphasis>C-f</emphasis> - Scrolls the full page down"
12051
#: serverguide/C/other-apps.xml:374(para)
13004
#: serverguide/C/other-apps.xml:323(para)
12052
13005
msgid "<emphasis>/</emphasis> - Search forward"
12055
#: serverguide/C/other-apps.xml:375(para)
13008
#: serverguide/C/other-apps.xml:324(para)
12056
13009
msgid "<emphasis>?</emphasis> - Search backward"
12059
#: serverguide/C/other-apps.xml:376(para)
13012
#: serverguide/C/other-apps.xml:325(para)
12061
13014
"<emphasis>n</emphasis> - Moves to the next match, either forward or backword"
12064
#: serverguide/C/other-apps.xml:385(para)
13017
#: serverguide/C/other-apps.xml:334(para)
12066
13019
"See the <ulink "
12067
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/update-"
12068
"motd.1.html\">update-motd man page</ulink> for more options available to "
13020
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man1/update-motd.1.html\">"
13021
"update-motd man page</ulink> for more options available to "
12069
13022
"<application>update-motd</application>."
12072
#: serverguide/C/other-apps.xml:391(para)
13025
#: serverguide/C/other-apps.xml:340(para)
12074
13027
"The Debian Package of the Day <ulink "
12075
13028
"url=\"http://debaday.debian.net/2007/10/04/weather-check-weather-conditions-"
12122
13083
"discussion of popular network protocols."
12123
13084
msgstr "本节提供属于联网范畴的一般和特定信息,包括网络概念的概览以及对于流行网络协议的详细讨论。"
12125
#: serverguide/C/network-config.xml:26(title)
13086
#: serverguide/C/network-config.xml:27(title)
12126
13087
msgid "Network Configuration"
12127
13088
msgstr "网络配置"
12129
#: serverguide/C/network-config.xml:27(para)
13090
#: serverguide/C/network-config.xml:28(para)
12131
13092
"Ubuntu ships with a number of graphical utilities to configure your network "
12132
13093
"devices. This document is geared toward server administrators and will focus "
12133
13094
"on managing your network on the command line."
12134
13095
msgstr "Ubuntu 提供了许多图形化工具来配制您的网络设备。本文适用于服务器管理员并聚焦在命令行中管理您的网络。"
12136
#: serverguide/C/network-config.xml:33(title)
12140
#: serverguide/C/network-config.xml:34(para)
12142
"Most Ethernet configuration is centralized in a single file, "
12143
"<filename>/etc/network/interfaces</filename>. If you have no Ethernet "
12144
"devices, only the loopback interface will appear in this file, and it will "
12145
"look something like this:"
12148
#: serverguide/C/network-config.xml:40(programlisting)
12152
"# This file describes the network interfaces available on your system\n"
12153
"# and how to activate them. For more information, see interfaces(5).\n"
12155
"# The loopback network interface\n"
12157
"iface lo inet loopback\n"
12158
"address 127.0.0.1\n"
12159
"netmask 255.0.0.0\n"
12162
#: serverguide/C/network-config.xml:50(para)
12164
"If you have only one Ethernet device, eth0, and it gets its configuration "
12165
"from a DHCP server, and it should come up automatically at boot, only two "
12166
"additional lines are required:"
12169
#: serverguide/C/network-config.xml:55(programlisting)
13097
#: serverguide/C/network-config.xml:35(title)
13098
msgid "Ethernet Interfaces"
13101
#: serverguide/C/network-config.xml:36(para)
13103
"Ethernet interfaces are identified by the system using the naming convention "
13104
"of <emphasis role=\"italix\">ethX</emphasis>, where <emphasis "
13105
"role=\"italic\">X</emphasis> represents a numeric value. The first Ethernet "
13106
"interface is typically identified as <emphasis "
13107
"role=\"italic\">eth0</emphasis>, the second as <emphasis "
13108
"role=\"italic\">eth1</emphasis>, and all others should move up in numerical "
13112
#: serverguide/C/network-config.xml:46(title)
13113
msgid "Identify Ethernet Interfaces"
13116
#: serverguide/C/network-config.xml:47(para)
13118
"To quickly identify all available Ethernet interfaces, you can use the "
13119
"<application>ifconfig</application> command as shown below."
13122
#: serverguide/C/network-config.xml:52(userinput)
13124
msgid "ifconfig -a | grep eth"
13127
#: serverguide/C/network-config.xml:51(screen)
13131
"<placeholder-1/>\n"
13132
"eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a\n"
13135
#: serverguide/C/network-config.xml:55(para)
13137
"Another application that can help identify all network interfaces available "
13138
"to your system is the <application>lshw</application> command. In the "
13139
"example below, <application>lshw</application> shows a single Ethernet "
13140
"interface with the logical name of <emphasis role=\"italic\">eth0</emphasis> "
13141
"along with bus information, driver details and all supported capabilities."
13144
#: serverguide/C/network-config.xml:62(userinput)
13146
msgid "sudo lshw -class network"
13149
#: serverguide/C/network-config.xml:61(screen)
13153
"<placeholder-1/>\n"
13155
" description: Ethernet interface\n"
13156
" product: BCM4401-B0 100Base-TX\n"
13157
" vendor: Broadcom Corporation\n"
13158
" physical id: 0\n"
13159
" bus info: pci@0000:03:00.0\n"
13160
" logical name: eth0\n"
13162
" serial: 00:15:c5:4a:16:5a\n"
13164
" capacity: 100MB/s\n"
13165
" width: 32 bits\n"
13167
" capabilities: (snipped for brevity)\n"
13168
" configuration: (snipped for brevity)\n"
13169
" resources: irq:17 memory:ef9fe000-ef9fffff\n"
13172
#: serverguide/C/network-config.xml:83(title)
13173
msgid "Ethernet Interface Logical Names"
13176
#: serverguide/C/network-config.xml:84(para)
13178
"Interface logical names are configured in the file "
13179
"<filename>/etc/udev/rules.d/70-persistent-net.rules.</filename> If you would "
13180
"like control which interface receives a particular logical name, find the "
13181
"line matching the interfaces physical MAC address and modify the value of "
13182
"<emphasis role=\"italic\">NAME=ethX</emphasis> to the desired logical name. "
13183
"Reboot the system to commit your changes."
13186
#: serverguide/C/network-config.xml:92(programlisting)
13190
"SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", "
13191
"ATTR{address}==\"00:15:c5:4a:16:5a\", ATTR{dev_id}==\"0x0\", "
13192
"ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"eth0\"\n"
13193
"SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", "
13194
"ATTR{address}==\"00:15:c5:4a:16:5b\", ATTR{dev_id}==\"0x0\", "
13195
"ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"eth1\"\n"
13198
#: serverguide/C/network-config.xml:99(title)
13199
msgid "Ethernet Interface Settings"
13202
#: serverguide/C/network-config.xml:100(para)
13204
"<application>ethtool</application> is a program that displays and changes "
13205
"Ethernet card settings such as auto-negotiation, port speed, duplex mode, "
13206
"and Wake-on-LAN. It is not installed by default, but is available for "
13207
"installation in the repositories."
13210
#: serverguide/C/network-config.xml:106(userinput)
13212
msgid "sudo apt-get install ethtool"
13215
#: serverguide/C/network-config.xml:108(para)
13217
"The following is an example of how to view supported features and configured "
13218
"settings of an Ethernet interface."
13221
#: serverguide/C/network-config.xml:113(userinput)
13223
msgid "sudo ethtool eth0"
13226
#: serverguide/C/network-config.xml:112(screen)
13230
"<placeholder-1/>\n"
13231
"Settings for eth0:\n"
13232
" Supported ports: [ TP ]\n"
13233
" Supported link modes: 10baseT/Half 10baseT/Full \n"
13234
" 100baseT/Half 100baseT/Full \n"
13235
" 1000baseT/Half 1000baseT/Full \n"
13236
" Supports auto-negotiation: Yes\n"
13237
" Advertised link modes: 10baseT/Half 10baseT/Full \n"
13238
" 100baseT/Half 100baseT/Full \n"
13239
" 1000baseT/Half 1000baseT/Full \n"
13240
" Advertised auto-negotiation: Yes\n"
13241
" Speed: 1000Mb/s\n"
13243
" Port: Twisted Pair\n"
13245
" Transceiver: internal\n"
13246
" Auto-negotiation: on\n"
13247
" Supports Wake-on: g\n"
13249
" Current message level: 0x000000ff (255)\n"
13250
" Link detected: yes\n"
13253
#: serverguide/C/network-config.xml:135(para)
13255
"Changes made with the <application>ethtool</application> command are "
13256
"temporary and will be lost after a reboot. If you would like to retain "
13257
"settings, simply add the desired <application>ethtool</application> command "
13258
"to a <emphasis role=\"italic\">pre-up</emphasis> statement in the interface "
13259
"configuration file <filename>/etc/network/interfaces</filename>."
13262
#: serverguide/C/network-config.xml:141(para)
13264
"The following is an example of how the interface identified as <emphasis "
13265
"role=\"italic\">eth0</emphasis> could be permanently configured with a port "
13266
"speed of 1000Mb/s running in full duplex mode."
13269
#: serverguide/C/network-config.xml:145(programlisting)
13274
"iface eth0 inet static\n"
13275
"pre-up /usr/sbin/ethtool -s eth0 speed 1000 duplex full\n"
13278
#: serverguide/C/network-config.xml:151(para)
13280
"Although the example above shows the interface configured to use the "
13281
"<emphasis role=\"italic\">static</emphasis> method, it actually works with "
13282
"other methods as well, such as DHCP. The example is meant to demonstrate "
13283
"only proper placement of the <emphasis role=\"italic\">pre-up</emphasis> "
13284
"statement in relation to the rest of the interface configuration."
13287
#: serverguide/C/network-config.xml:163(title)
13288
msgid "IP Addressing"
13291
#: serverguide/C/network-config.xml:164(para)
13293
"The following section describes the process of configuring your systems IP "
13294
"address and default gateway needed for communicating on a local area network "
13295
"and the Internet."
13298
#: serverguide/C/network-config.xml:171(title)
13299
msgid "Temporary IP Address Assignment"
13302
#: serverguide/C/network-config.xml:172(para)
13304
"For temporary network configurations, you can use standard commands such as "
13305
"<application>ip</application>, <application>ifconfig</application> and "
13306
"<application>route</application>, which are also found on most other "
13307
"GNU/Linux operating systems. These commands allow you to configure settings "
13308
"which take effect immediately, however they are not persistent and will be "
13309
"lost after a reboot."
13312
#: serverguide/C/network-config.xml:180(para)
13314
"To temporarily configure an IP address, you can use the "
13315
"<application>ifconfig</application> command in the following manner. Just "
13316
"modify the IP address and subnet mask to match your network requirements."
13319
#: serverguide/C/network-config.xml:186(userinput)
13321
msgid "sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0"
13324
#: serverguide/C/network-config.xml:188(para)
13326
"To verify the IP address configuration of <application>eth0</application>, "
13327
"you can use the <application>ifconfig</application> command in the following "
13331
#: serverguide/C/network-config.xml:193(userinput)
13333
msgid "ifconfig eth0"
13336
#: serverguide/C/network-config.xml:192(screen)
13340
"<placeholder-1/>\n"
13341
"eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a \n"
13342
" inet addr:10.0.0.100 Bcast:10.0.0.255 Mask:255.255.255.0\n"
13343
" inet6 addr: fe80::215:c5ff:fe4a:165a/64 Scope:Link\n"
13344
" UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n"
13345
" RX packets:466475604 errors:0 dropped:0 overruns:0 frame:0\n"
13346
" TX packets:403172654 errors:0 dropped:0 overruns:0 carrier:0\n"
13347
" collisions:0 txqueuelen:1000 \n"
13348
" RX bytes:2574778386 (2.5 GB) TX bytes:1618367329 (1.6 GB)\n"
13352
#: serverguide/C/network-config.xml:204(para)
13354
"To configure a default gateway, you can use the "
13355
"<application>route</application> command in the following manner. Modify the "
13356
"default gateway address to match your network requirements."
13359
#: serverguide/C/network-config.xml:210(userinput)
13361
msgid "sudo route add default gw 10.0.0.1 eth0"
13364
#: serverguide/C/network-config.xml:212(para)
13366
"To verify your default gateway configuration, you can use the "
13367
"<application>route</application> command in the following manner."
13370
#: serverguide/C/network-config.xml:217(userinput)
13375
#: serverguide/C/network-config.xml:216(screen)
13379
"<placeholder-1/>\n"
13380
"Kernel IP routing table\n"
13381
"Destination Gateway Genmask Flags Metric Ref Use "
13383
"10.0.0.0 0.0.0.0 255.255.255.0 U 1 0 0 "
13385
"0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 "
13389
#: serverguide/C/network-config.xml:223(para)
13391
"If you require DNS for your temporary network configuration, you can add DNS "
13392
"server IP addresses in the file <filename>/etc/resolv.conf</filename>. The "
13393
"example below shows how to enter two DNS servers to "
13394
"<filename>/etc/resolv.conf</filename>, which should be changed to servers "
13395
"appropriate for your network. A more lengthy description of DNS client "
13396
"configuration is in a following section."
13399
#: serverguide/C/network-config.xml:230(programlisting)
13403
"nameserver 8.8.8.8\n"
13404
"nameserver 8.8.4.4\n"
13407
#: serverguide/C/network-config.xml:234(para)
13409
"If you no longer need this configuration and wish to purge all IP "
13410
"configuration from an interface, you can use the "
13411
"<application>ip</application> command with the flush option as shown below."
13414
#: serverguide/C/network-config.xml:240(userinput)
13416
msgid "ip addr flush eth0"
13419
#: serverguide/C/network-config.xml:243(para)
13421
"Flushing the IP configuration using the <application>ip</application> "
13422
"command does not clear the contents of "
13423
"<filename>/etc/resolv.conf</filename>. You must remove or modify those "
13424
"entries manually."
13427
#: serverguide/C/network-config.xml:251(title)
13428
msgid "Dynamic IP Address Assignment (DHCP Client)"
13431
#: serverguide/C/network-config.xml:252(para)
13433
"To configure your server to use DHCP for dynamic address assignment, add the "
13434
"<emphasis role=\"italic\">dhcp</emphasis> method to the inet address family "
13435
"statement for the appropriate interface in the file "
13436
"<filename>/etc/network/interfaces</filename>. The example below assumes you "
13437
"are configuring your first Ethernet interface identified as <emphasis "
13438
"role=\"italic\">eth0</emphasis>."
13441
#: serverguide/C/network-config.xml:259(programlisting)
12174
13446
"iface eth0 inet dhcp\n"
12177
#: serverguide/C/network-config.xml:59(para)
12179
"The first line specifies that the eth0 device should come up automatically "
12180
"when you boot. The second line means that interface (<quote>iface</quote>) "
12181
"eth0 should have an IPv4 address space (replace <quote>inet</quote> with "
12182
"<quote>inet6</quote> for an IPv6 device) and that it should get its "
12183
"configuration automatically from DHCP. Assuming your network and DHCP server "
12184
"are properly configured, this machine's network should need no further "
12185
"configuration to operate properly. The DHCP server will provide the default "
12186
"gateway (implemented via the <application>route</application> command), the "
12187
"device's IP address (implemented via the <application>ifconfig</application> "
12188
"command), and DNS servers used on the network (implemented in the "
12189
"<filename>/etc/resolv.conf</filename> file.)"
12192
#: serverguide/C/network-config.xml:72(para)
12194
"To configure your Ethernet device with a static IP address and custom "
12195
"configuration, some more information will be required. Suppose you want to "
12196
"assign the IP address 192.168.0.2 to the device eth1, with the typical "
12197
"netmask of 255.255.255.0. Your default gateway's IP address is 192.168.0.1. "
12198
"You would enter something like this into "
12199
"<filename>/etc/network/interfaces</filename>:"
12202
#: serverguide/C/network-config.xml:79(programlisting)
12206
"iface eth1 inet static\n"
12207
"\taddress 192.168.0.2\n"
12208
"\tnetmask 255.255.255.0\n"
12209
"\tgateway 192.168.0.1\n"
12212
#: serverguide/C/network-config.xml:85(para)
12214
"In this case, you will need to specify your DNS servers manually in "
12215
"<filename>/etc/resolv.conf</filename>, which should look something like this:"
12218
#: serverguide/C/network-config.xml:89(programlisting)
12222
"search mydomain.example\n"
12223
"nameserver 192.168.0.1\n"
12224
"nameserver 4.2.2.2\n"
12227
#: serverguide/C/network-config.xml:94(para)
12229
"The <emphasis role=\"italics\">search</emphasis> directive will append "
12230
"mydomain.example to hostname queries in an attempt to resolve names to your "
12231
"network. For example, if your network's domain is mydomain.example and you "
12232
"try to ping the host <quote>mybox</quote>, the DNS query will be modified to "
12233
"<quote>mybox.mydomain.example</quote> for resolution. The <emphasis "
12234
"role=\"italics\">nameserver</emphasis> directives specify DNS servers to be "
12235
"used to resolve hostnames to IP addresses. If you use your own nameserver, "
12236
"enter it here. Otherwise, ask your Internet Service Provider for the primary "
12237
"and secondary DNS servers to use, and enter them into "
12238
"<filename>/etc/resolv.conf</filename> as shown above."
12241
#: serverguide/C/network-config.xml:106(para)
12243
"Many more configurations are possible, including dialup PPP interfaces, IPv6 "
12244
"networking, VPN devices, etc. Refer to <application>man 5 "
12245
"interfaces</application> for more information and supported options. "
12246
"Remember that <filename>/etc/network/interfaces</filename> is used by the "
12247
"<application>ifup</application>/<application>ifdown</application> scripts as "
12248
"a higher level configuration scheme than may be used in some other Linux "
12249
"distributions, and that the traditional, lower level utilities such as "
12250
"<application>ifconfig</application>, <application>route</application>, and "
12251
"<application>dhclient</application> are still available to you for ad hoc "
12254
"配置更多的接口是可能的,包括拨号的 PPP 接口、IPv6 网络、VPN 设备等。更多信息和支持选项请参考 <application>man 5 "
12255
"interfaces</application>。记住 <filename>/etc/network/interfaces</filename> 被 "
12256
"<application>ifup</application>/<application>ifdown</application> "
12257
"脚本用于作为比其他一些 Linux "
12258
"发行版更高层的配置模式。传统的低层工具如<application>ifconfig</application>、<application>route</a"
12259
"pplication> 和 <application>dhclient</application> 仍旧可被您用来进行特别配置。"
12261
#: serverguide/C/network-config.xml:120(title)
12262
msgid "Managing DNS Entries"
12265
#: serverguide/C/network-config.xml:121(para)
12267
"This section explains how to configure which nameserver to use when "
12268
"resolving IP addresses to hostnames and vice versa. It does not explain how "
12269
"to configure the system as a name server."
12270
msgstr "本节解释了当要将 IP 地址解析为主机名或是进行相反操作时,如何配置使用哪个名称服务器。本节并不解释如何将系统配置为一台名称服务器。"
12272
#: serverguide/C/network-config.xml:126(para)
12274
"To manage DNS entries, you can add, edit, or remove DNS names from the "
12275
"<filename>/etc/resolv.conf</filename> file. A sample file is given below:"
12278
#: serverguide/C/network-config.xml:130(programlisting)
12283
"nameserver 204.11.126.131\n"
12284
"nameserver 64.125.134.133\n"
12285
"nameserver 64.125.134.132\n"
12286
"nameserver 208.185.179.218\n"
12290
"nameserver 204.11.126.131\n"
12291
"nameserver 64.125.134.133\n"
12292
"nameserver 64.125.134.132\n"
12293
"nameserver 208.185.179.218\n"
12295
#: serverguide/C/network-config.xml:138(para)
12297
"The <application>search</application> key specifies the string which will be "
12298
"appended to an incomplete hostname. Here, we have configured it to "
12299
"<application>com</application>. So, when we run: <command>ping "
12300
"ubuntu</command> it would be interpreted as <command>ping "
12301
"ubuntu.com</command>."
12303
"<application>search</application> 关键字指定为不完整的主机名添加的字符串。在这里我们将其配置为 "
12304
"<application>com</application>。因此当我们运行:<command>ping ubuntu</command> "
12305
"时它会被理解成 <command>ping ubuntu.com</command>。"
12307
#: serverguide/C/network-config.xml:146(para)
12309
"The <application>nameserver</application> key specifies the nameserver IP "
12310
"address. It will be used to resolve a given IP address or hostname. This "
12311
"file can have multiple nameserver entries. The nameservers will be used by "
12312
"the network query in the same order."
12314
"<application>nameserver</application> 关键字指定名称服务器的 IP 地址。它会被用来解析一个给定的 IP "
12315
"地址或主机名。该文件可以有多个名称服务器条目。网络查询将以与条目相同的顺序使用这些名称服务器。"
12317
#: serverguide/C/network-config.xml:155(para)
12319
"If the DNS server names are retrieved dynamically from DHCP or PPPoE "
12320
"(retrieved from your ISP), do not add nameserver entries in this file. It "
12321
"will be overwritten."
12323
"如果 DNS 服务器名称是通过 DHCP 或 PPPoE (从您的 ISP ) 动态取回的,那么请不要在该文件中添加名称服务器条目。该条目会被覆盖。"
12325
#: serverguide/C/network-config.xml:164(title)
12326
msgid "Managing Hosts"
12329
#: serverguide/C/network-config.xml:165(para)
12331
"To manage hosts, you can add, edit, or remove hosts from "
12332
"<filename>/etc/hosts</filename> file. The file contains IP addresses and "
12333
"their corresponding hostnames. When your system tries to resolve a hostname "
12334
"to an IP address or determine the hostname for an IP address, it refers to "
12335
"the <filename>/etc/hosts</filename> file before using the name servers. If "
12336
"the IP address is listed in the <filename>/etc/hosts</filename> file, the "
12337
"name servers are not used. This behavior can be modified by editing "
12338
"<filename>/etc/nsswitch.conf</filename> at your peril."
12341
#: serverguide/C/network-config.xml:178(para)
12343
"If your network contains computers whose IP addresses are not listed in DNS, "
12344
"it is recommended that you add them to the <filename>/etc/hosts</filename> "
12347
"如果您网络所包含计算机的 IP 地址没有在 DNS 中列出,建议您将它们加入到 <filename>/etc/hosts</filename> 文件中。"
12349
#: serverguide/C/network-config.xml:186(title)
13449
#: serverguide/C/network-config.xml:263(para)
13451
"By adding an interface configuration as shown above, you can manually enable "
13452
"the interface through the <application>ifup</application> command which "
13453
"initiates the DHCP process via <application>dhclient</application>."
13456
#: serverguide/C/network-config.xml:269(userinput) serverguide/C/network-config.xml:304(userinput)
13458
msgid "sudo ifup eth0"
13461
#: serverguide/C/network-config.xml:271(para)
13463
"To manually disable the interface, you can use the "
13464
"<application>ifdown</application> command, which in turn will initiate the "
13465
"DHCP release process and shut down the interface."
13468
#: serverguide/C/network-config.xml:277(userinput) serverguide/C/network-config.xml:311(userinput)
13470
msgid "sudo ifdown eth0"
13473
#: serverguide/C/network-config.xml:282(title)
13474
msgid "Static IP Address Assignment"
13477
#: serverguide/C/network-config.xml:283(para)
13479
"To configure your system to use a static IP address assignment, add the "
13480
"<emphasis role=\"italic\">static</emphasis> method to the inet address "
13481
"family statement for the appropriate interface in the file "
13482
"<filename>/etc/network/interfaces</filename>. The example below assumes you "
13483
"are configuring your first Ethernet interface identified as <emphasis "
13484
"role=\"italic\">eth0</emphasis>. Change the <emphasis "
13485
"role=\"italic\">address</emphasis>, <emphasis "
13486
"role=\"italic\">netmask</emphasis>, and <emphasis "
13487
"role=\"italic\">gateway</emphasis> values to meet the requirements of your "
13491
#: serverguide/C/network-config.xml:292(programlisting)
13496
"iface eth0 inet static\n"
13497
"address 10.0.0.100\n"
13498
"netmask 255.255.255.0\n"
13499
"gateway 10.0.0.1\n"
13502
#: serverguide/C/network-config.xml:299(para)
13504
"By adding an interface configuration as shown above, you can manually enable "
13505
"the interface through the <application>ifup</application> command."
13508
#: serverguide/C/network-config.xml:306(para)
13510
"To manually disable the interface, you can use the "
13511
"<application>ifdown</application> command."
13514
#: serverguide/C/network-config.xml:316(title)
13515
msgid "Loopback Interface"
13518
#: serverguide/C/network-config.xml:317(para)
13520
"The loopback interface is identified by the system as <emphasis "
13521
"role=\"italic\">lo</emphasis> and has a default IP address of 127.0.0.1. It "
13522
"can be viewed using the ifconfig command."
13525
#: serverguide/C/network-config.xml:322(userinput)
13527
msgid "ifconfig lo"
13530
#: serverguide/C/network-config.xml:321(screen)
13534
"<placeholder-1/>\n"
13535
"lo Link encap:Local Loopback \n"
13536
" inet addr:127.0.0.1 Mask:255.0.0.0\n"
13537
" inet6 addr: ::1/128 Scope:Host\n"
13538
" UP LOOPBACK RUNNING MTU:16436 Metric:1\n"
13539
" RX packets:2718 errors:0 dropped:0 overruns:0 frame:0\n"
13540
" TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0\n"
13541
" collisions:0 txqueuelen:0 \n"
13542
" RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)\n"
13545
#: serverguide/C/network-config.xml:332(para)
13547
"By default, there should be two lines in "
13548
"<filename>/etc/network/interfaces</filename> responsible for automatically "
13549
"configuring your loopback interface. It is recommended that you keep the "
13550
"default settings unless you have a specific purpose for changing them. An "
13551
"example of the two default lines are shown below."
13554
#: serverguide/C/network-config.xml:338(programlisting)
13559
"iface lo inet loopback\n"
13562
#: serverguide/C/network-config.xml:347(title)
13563
msgid "Name Resolution"
13566
#: serverguide/C/network-config.xml:348(para)
13568
"Name resolution as it relates to IP networking is the process of mapping IP "
13569
"addresses to hostnames, making it easier to identify resources on a network. "
13570
"The following section will explain how to properly configure your system for "
13571
"name resolution using DNS and static hostname records."
13574
#: serverguide/C/network-config.xml:356(title)
13575
msgid "DNS Client Configuration"
13578
#: serverguide/C/network-config.xml:357(para)
13580
"To configure your system to use DNS for name resolution, add the IP "
13581
"addresses of the DNS servers that are appropriate for your network in the "
13582
"file <filename>/etc/resolv.conf</filename>. You can also add an optional DNS "
13583
"suffix search-lists to match your network domain names."
13586
#: serverguide/C/network-config.xml:362(para)
13588
"Below is an example of a typical configuration of "
13589
"<filename>/etc/resolv.conf</filename> for a server on the domain \"<emphasis "
13590
"role=\"italic\">example.com</emphasis>\" and using two public DNS servers."
13593
#: serverguide/C/network-config.xml:367(programlisting)
13597
"search example.com\n"
13598
"nameserver 8.8.8.8\n"
13599
"nameserver 8.8.4.4\n"
13602
#: serverguide/C/network-config.xml:372(para)
13604
"The <emphasis role=\"italic\">search</emphasis> option can also be used with "
13605
"multiple domain names so that DNS queries will be appended in the order in "
13606
"which they are entered. For example, your network may have multiple sub-"
13607
"domains to search; a parent domain of <emphasis "
13608
"role=\"italic\">example.com</emphasis>, and two sub-domains, <emphasis "
13609
"role=\"italic\">sales.example.com</emphasis> and <emphasis "
13610
"role=\"italic\">dev.example.com</emphasis>."
13613
#: serverguide/C/network-config.xml:380(para)
13615
"If you have multiple domains you wish to search, your configuration might "
13616
"look like the following."
13619
#: serverguide/C/network-config.xml:383(programlisting)
13623
"search example.com sales.example.com dev.example.com\n"
13624
"nameserver 8.8.8.8\n"
13625
"nameserver 8.8.4.4\n"
13628
#: serverguide/C/network-config.xml:388(para)
13630
"If you try to ping a host with the name of <emphasis "
13631
"role=\"italic\">server1</emphasis>, your system will automatically query DNS "
13632
"for its Fully Qualified Domain Name (FQDN) in the following order:"
13635
#: serverguide/C/network-config.xml:394(para)
13636
msgid "server1<emphasis role=\"bold\">.example.com</emphasis>"
13639
#: serverguide/C/network-config.xml:399(para)
13640
msgid "server1<emphasis role=\"bold\">.sales.example.com</emphasis>"
13643
#: serverguide/C/network-config.xml:404(para)
13644
msgid "server1<emphasis role=\"bold\">.dev.example.com</emphasis>"
13647
#: serverguide/C/network-config.xml:409(para)
13649
"If no matches are found, the DNS server will provide a result of <emphasis "
13650
"role=\"italic\">notfound</emphasis> and the DNS query will fail."
13653
#: serverguide/C/network-config.xml:416(title)
13654
msgid "Static Hostnames"
13657
#: serverguide/C/network-config.xml:417(para)
13659
"Static hostnames are locally defined hostname-to-IP mappings located in the "
13660
"file <filename>/etc/hosts</filename>. Entries in the "
13661
"<filename>hosts</filename> file will have precedence over DNS by default. "
13662
"This means that if your system tries to resolve a hostname and it matches an "
13663
"entry in /etc/hosts, it will not attempt to look up the record in DNS. In "
13664
"some configurations, especially when Internet access is not required, "
13665
"servers that communicate with a limited number of resources can be "
13666
"conveniently set to use static hostnames instead of DNS."
13669
#: serverguide/C/network-config.xml:424(para)
13671
"The following is an example of a <filename>hosts</filename> file where a "
13672
"number of local servers have been identified by simple hostnames, aliases "
13673
"and their equivalent Fully Qualified Domain Names (FQDN's)."
13676
#: serverguide/C/network-config.xml:428(programlisting)
13680
"127.0.0.1\tlocalhost\n"
13681
"127.0.1.1\tubuntu-server\n"
13682
"10.0.0.11\tserver1 vpn server1.example.com\n"
13683
"10.0.0.12\tserver2 mail server2.example.com\n"
13684
"10.0.0.13\tserver3 www server3.example.com\n"
13685
"10.0.0.14\tserver4 file server4.example.com\n"
13688
#: serverguide/C/network-config.xml:437(para)
13690
"In the above example, notice that each of the servers have been given "
13691
"aliases in addition to their proper names and FQDN's. <emphasis "
13692
"role=\"italic\">Server1</emphasis> has been mapped to the name <emphasis "
13693
"role=\"italic\">vpn</emphasis>, <emphasis role=\"italic\">server2</emphasis> "
13694
"is referred to as <emphasis role=\"italic\">mail</emphasis>, <emphasis "
13695
"role=\"italic\">server3</emphasis> as <emphasis "
13696
"role=\"italic\">www</emphasis>, and <emphasis "
13697
"role=\"italic\">server4</emphasis> as <emphasis "
13698
"role=\"italic\">file</emphasis>."
13701
#: serverguide/C/network-config.xml:449(title)
13702
msgid "Name Service Switch Configuration"
13705
#: serverguide/C/network-config.xml:450(para)
13707
"The order in which your system selects a method of resolving hostnames to IP "
13708
"addresses is controlled by the Name Service Switch (NSS) configuration file "
13709
"<filename>/etc/nsswitch.conf</filename>. As mentioned in the previous "
13710
"section, typically static hostnames defined in the systems "
13711
"<filename>/etc/hosts</filename> file have precedence over names resolved "
13712
"from DNS. The following is an example of the line responsible for this order "
13713
"of hostname lookups in the file <filename>/etc/nsswitch.conf</filename>."
13716
#: serverguide/C/network-config.xml:458(programlisting)
13720
"hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4\n"
13723
#: serverguide/C/network-config.xml:464(para)
13725
"<emphasis role=\"bold\">files</emphasis> first tries to resolve static "
13726
"hostnames located in <filename>/etc/hosts</filename>."
13729
#: serverguide/C/network-config.xml:470(para)
13731
"<emphasis role=\"bold\">mdns4_minimal</emphasis> attempts to resolve the "
13732
"name using Multicast DNS."
13735
#: serverguide/C/network-config.xml:475(para)
13737
"<emphasis role=\"bold\">[NOTFOUND=return]</emphasis> means that any response "
13738
"of <emphasis role=\"italic\">notfound</emphasis> by the preceeding <emphasis "
13739
"role=\"italic\">mdns4_minimal</emphasis> process should be treated as "
13740
"authoritative and that the system should not try to continue hunting for an "
13744
#: serverguide/C/network-config.xml:483(para)
13746
"<emphasis role=\"bold\">dns</emphasis> represents a legacy unicast DNS query."
13749
#: serverguide/C/network-config.xml:488(para)
13751
"<emphasis role=\"bold\">mdns4</emphasis> represents a Multicast DNS query."
13754
#: serverguide/C/network-config.xml:494(para)
13756
"To modify the order of the above mentioned name resolution methods, you can "
13757
"simply change the <emphasis role=\"italic\">hosts:</emphasis> string to the "
13758
"value of your choosing. For example, if you prefer to use legacy Unicast DNS "
13759
"versus Multicast DNS, you can change the string in "
13760
"<filename>/etc/nsswitch.conf</filename> as shown below."
13763
#: serverguide/C/network-config.xml:501(programlisting)
13767
"hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4\n"
13770
#: serverguide/C/network-config.xml:508(title)
12350
13771
msgid "Bridging"
12353
#: serverguide/C/network-config.xml:188(para)
13774
#: serverguide/C/network-config.xml:510(para)
12355
13776
"Bridging multiple interfaces is a more advanced configuration, but is very "
12356
13777
"useful in multiple scenarios. One scenario is setting up a bridge with "
13253
14697
#: serverguide/C/network-auth.xml:63(para)
13255
"The installation process will prompt you for the LDAP directory admin "
13256
"password and confirmation."
14699
"By default <application>slapd</application> is configured with minimal "
14700
"options needed to run the <application>slapd</application> daemon."
13259
14703
#: serverguide/C/network-auth.xml:68(para)
13261
"By default the directory suffix will match the domain name of the server. "
13262
"For example, if the machine's Fully Qualified Domain Name (FQDN) is "
13263
"ldap.example.com, the default suffix will be "
13264
"<emphasis>dc=example,dc=com</emphasis>. If you require a different suffix, "
13265
"the directory can be reconfigured using <application>dpkg-"
13266
"reconfigure</application>. Enter the following in a terminal prompt:"
13269
#: serverguide/C/network-auth.xml:78(command)
13270
msgid "sudo dpkg-reconfigure slapd"
13273
#: serverguide/C/network-auth.xml:81(para)
13275
"You will then be taken through a menu based configuration dialog, allowing "
13276
"you to configure various <application>slapd</application> options."
13279
#: serverguide/C/network-auth.xml:90(para)
13281
"<application>OpenLDAP</application> uses a separate database which contains "
14705
"The configuration example in the following sections will match the domain "
14706
"name of the server. For example, if the machine's Fully Qualified Domain "
14707
"Name (FQDN) is ldap.example.com, the default suffix will be "
14708
"<emphasis>dc=example,dc=com</emphasis>."
14711
#: serverguide/C/network-auth.xml:76(title)
14712
msgid "Populating LDAP"
14715
#: serverguide/C/network-auth.xml:78(para)
14717
"<application>OpenLDAP</application> uses a separate directory which contains "
13282
14718
"the <emphasis>cn=config</emphasis> Directory Information Tree (DIT). The "
13283
14719
"<emphasis>cn=config</emphasis> DIT is used to dynamically configure the "
13284
14720
"<application>slapd</application> daemon, allowing the modification of schema "
13285
14721
"definitions, indexes, ACLs, etc without stopping the service."
13288
#: serverguide/C/network-auth.xml:98(para)
13290
"The <emphasis>cn=config</emphasis> tree can be manipulated using the "
13291
"utilities in the <application>ldap-utils</application> package. For example:"
13294
#: serverguide/C/network-auth.xml:106(para)
13296
"Use <application>ldapsearch</application> to view the tree, entering the "
13297
"admin password set during installation or reconfiguration:"
13300
#: serverguide/C/network-auth.xml:112(command)
13302
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb"
13305
#: serverguide/C/network-auth.xml:116(computeroutput)
13308
"Enter LDAP Password: \n"
13309
"dn: olcDatabase={1}hdb,cn=config\n"
13310
"objectClass: olcDatabaseConfig\n"
13311
"objectClass: olcHdbConfig\n"
13312
"olcDatabase: {1}hdb\n"
13313
"olcDbDirectory: /var/lib/ldap\n"
13314
"olcSuffix: dc=example,dc=com\n"
13315
"olcAccess: {0}to attrs=userPassword,shadowLastChange by "
13316
"dn=\"cn=admin,dc=exampl\n"
13317
" e,dc=com\" write by anonymous auth by self write by * none\n"
13318
"olcAccess: {1}to dn.base=\"\" by * read\n"
13319
"olcAccess: {2}to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
13320
"olcLastMod: TRUE\n"
13321
"olcDbCheckpoint: 512 30\n"
13322
"olcDbConfig: {0}set_cachesize 0 2097152 0\n"
13323
"olcDbConfig: {1}set_lk_max_objects 1500\n"
13324
"olcDbConfig: {2}set_lk_max_locks 1500\n"
13325
"olcDbConfig: {3}set_lk_max_lockers 1500\n"
13326
"olcDbIndex: objectClass eq\n"
13329
#: serverguide/C/network-auth.xml:137(para)
13331
"The output above is the current configuration options for the "
13332
"<emphasis>hdb</emphasis> backend database. Which in this case containes the "
13333
"<emphasis>dc=example,dc=com</emphasis> suffix."
13336
#: serverguide/C/network-auth.xml:146(para)
13338
"Refine the search by supplying a <emphasis "
13339
"role=\"italic\">filter</emphasis>, in this case only show which attributes "
13343
#: serverguide/C/network-auth.xml:152(command)
13345
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb "
13349
#: serverguide/C/network-auth.xml:156(computeroutput)
13352
"Enter LDAP Password: \n"
13353
"dn: olcDatabase={1}hdb,cn=config\n"
13354
"olcDbIndex: objectClass eq\n"
13357
#: serverguide/C/network-auth.xml:165(para)
13359
"As an example of modifying the <emphasis>cn=config</emphasis> tree, add "
13360
"another attribute to the index list using "
13361
"<application>ldapmodify</application>:"
13364
#: serverguide/C/network-auth.xml:171(command) serverguide/C/network-auth.xml:722(command) serverguide/C/network-auth.xml:838(command) serverguide/C/network-auth.xml:861(command) serverguide/C/network-auth.xml:2417(command) serverguide/C/network-auth.xml:2434(command)
13365
msgid "ldapmodify -x -D cn=admin,cn=config -W"
13368
#: serverguide/C/network-auth.xml:175(userinput)
13372
"dn: olcDatabase={1}hdb,cn=config\n"
13373
"add: olcDbIndex\n"
13374
"olcDbIndex: entryUUID eq"
13377
#: serverguide/C/network-auth.xml:175(computeroutput)
13380
"Enter LDAP Password:<placeholder-1/>\n"
13382
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
13385
#: serverguide/C/network-auth.xml:184(para)
13387
"Once the modification has completed, press <emphasis>Ctrl+D</emphasis> to "
13388
"exit the utility."
13391
#: serverguide/C/network-auth.xml:191(para)
13393
"<application>ldapmodify</application> can also read the changes from a file. "
13394
"Copy and paste the following into a file named "
13395
"<filename>uid_index.ldif</filename>:"
13398
#: serverguide/C/network-auth.xml:196(programlisting)
13402
"dn: olcDatabase={1}hdb,cn=config\n"
13403
"add: olcDbIndex\n"
13404
"olcDbIndex: uid eq,pres,sub\n"
13407
#: serverguide/C/network-auth.xml:202(para)
13408
msgid "Then execute <application>ldapmodify</application>:"
13411
#: serverguide/C/network-auth.xml:207(command)
13412
msgid "ldapmodify -x -D cn=admin,cn=config -W -f uid_index.ldif"
13415
#: serverguide/C/network-auth.xml:211(computeroutput)
13418
"Enter LDAP Password: \n"
13419
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
13422
#: serverguide/C/network-auth.xml:216(para)
13423
msgid "The file method is very useful for large changes."
13426
#: serverguide/C/network-auth.xml:223(para)
13428
"Adding additional <emphasis>schemas</emphasis> to "
13429
"<application>slapd</application> requires the schema to be converted to LDIF "
13430
"format. Fortunately, the <application>slapd</application> program can be "
13431
"used to automate the conversion. The following example will add the "
13432
"<emphasis>misc.schema</emphasis>:"
13435
#: serverguide/C/network-auth.xml:231(para)
13437
"First, create a conversion <filename>schema_convert.conf</filename> file "
13438
"containing the following lines:"
13441
#: serverguide/C/network-auth.xml:236(programlisting)
13445
"include /etc/ldap/schema/core.schema\n"
13446
"include /etc/ldap/schema/collective.schema\n"
13447
"include /etc/ldap/schema/corba.schema\n"
13448
"include /etc/ldap/schema/cosine.schema\n"
13449
"include /etc/ldap/schema/duaconf.schema\n"
13450
"include /etc/ldap/schema/dyngroup.schema\n"
13451
"include /etc/ldap/schema/inetorgperson.schema\n"
13452
"include /etc/ldap/schema/java.schema\n"
13453
"include /etc/ldap/schema/misc.schema\n"
13454
"include /etc/ldap/schema/nis.schema\n"
13455
"include /etc/ldap/schema/openldap.schema\n"
13456
"include /etc/ldap/schema/ppolicy.schema\n"
13459
#: serverguide/C/network-auth.xml:254(para) serverguide/C/network-auth.xml:1318(para)
13460
msgid "Next, create a temporary directory to hold the output:"
13463
#: serverguide/C/network-auth.xml:259(command) serverguide/C/network-auth.xml:1323(command) serverguide/C/network-auth.xml:2347(command)
13464
msgid "mkdir /tmp/ldif_output"
13467
#: serverguide/C/network-auth.xml:265(para)
13469
"Now using <application>slapcat</application> convert the schema files to "
13473
#: serverguide/C/network-auth.xml:270(command)
13475
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
13476
"\"cn={8}misc,cn=schema,cn=config\" > /tmp/cn=misc.ldif"
13479
#: serverguide/C/network-auth.xml:273(para)
13481
"Adjust the configuration file name and temporary directory names if yours "
13482
"are different. Also, it may be worthwhile to keep the "
13483
"<filename>ldif_output</filename> directory around in case you want to add "
13484
"additional schemas in the future."
13487
#: serverguide/C/network-auth.xml:282(para)
13489
"Edit the <filename>/tmp/cn\\=misc.ldif</filename> file, changing the "
13490
"following attributes:"
13493
#: serverguide/C/network-auth.xml:286(programlisting)
13497
"dn: cn=misc,cn=schema,cn=config\n"
13502
#: serverguide/C/network-auth.xml:292(para) serverguide/C/network-auth.xml:1354(para)
13503
msgid "And remove the following lines from the bottom of the file:"
13506
#: serverguide/C/network-auth.xml:296(programlisting)
13510
"structuralObjectClass: olcSchemaConfig\n"
13511
"entryUUID: 10dae0ea-0760-102d-80d3-f9366b7f7757\n"
13512
"creatorsName: cn=config\n"
13513
"createTimestamp: 20080826021140Z\n"
13514
"entryCSN: 20080826021140.791425Z#000000#000#000000\n"
13515
"modifiersName: cn=config\n"
13516
"modifyTimestamp: 20080826021140Z\n"
13519
#: serverguide/C/network-auth.xml:307(para) serverguide/C/network-auth.xml:1369(para) serverguide/C/network-auth.xml:2393(para)
13521
"The attribute values will vary, just be sure the attributes are removed."
13524
#: serverguide/C/network-auth.xml:315(para) serverguide/C/network-auth.xml:1377(para)
13526
"Finally, using the <application>ldapadd</application> utility, add the new "
13527
"schema to the directory:"
13530
#: serverguide/C/network-auth.xml:321(command)
13531
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=misc.ldif"
13534
#: serverguide/C/network-auth.xml:327(para)
13536
"There should now be a <emphasis>dn: "
13537
"cn={4}misc,cn=schema,cn=config</emphasis> entry in the cn=config tree."
13540
#: serverguide/C/network-auth.xml:336(title)
13541
msgid "Populating LDAP"
13544
#: serverguide/C/network-auth.xml:338(para)
13546
"The directory has been created during installation and reconfiguration, and "
13547
"now it is time to populate it. It will be populated with a \"classical\" "
13548
"scheme that will be compatible with address book applications and with Unix "
13549
"Posix accounts. Posix accounts will allow authentication to various "
13550
"applications, such as web applications, email Mail Transfer Agent (MTA) "
13551
"applications, etc."
13554
#: serverguide/C/network-auth.xml:347(para)
14724
#: serverguide/C/network-auth.xml:86(para)
14726
"The backend <emphasis>cn=config</emphasis> directory has only a minimal "
14727
"configuration and will need additional configuration options in order to "
14728
"populate the frontend directory. The frontend will be populated with a "
14729
"\"classical\" scheme that will be compatible with address book applications "
14730
"and with Unix Posix accounts. Posix accounts will allow authentication to "
14731
"various applications, such as web applications, email Mail Transfer Agent "
14732
"(MTA) applications, etc."
14735
#: serverguide/C/network-auth.xml:95(para)
13556
14737
"For external applications to authenticate using LDAP they will each need to "
13557
14738
"be specifically configured to do so. Refer to the individual application "
13558
14739
"documentation for details."
13561
#: serverguide/C/network-auth.xml:354(para)
13563
"LDAP directories can be populated with LDIF (LDAP Directory Interchange "
13564
"Format) files. Copy the following example LDIF file, naming it "
13565
"<filename>example.com.ldif</filename>, somewhere on your system:"
13568
#: serverguide/C/network-auth.xml:360(programlisting)
14742
#: serverguide/C/network-auth.xml:103(para)
14744
"Remember to change <emphasis>dc=example,dc=com</emphasis> in the following "
14745
"examples to match your LDAP configuration."
14748
#: serverguide/C/network-auth.xml:108(para)
14750
"First, some additional schema files need to be loaded. In a terminal enter:"
14753
#: serverguide/C/network-auth.xml:113(command) serverguide/C/network-auth.xml:702(command)
14754
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif"
14757
#: serverguide/C/network-auth.xml:114(command) serverguide/C/network-auth.xml:703(command)
14758
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif"
14761
#: serverguide/C/network-auth.xml:115(command) serverguide/C/network-auth.xml:704(command)
14763
"sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif"
14766
#: serverguide/C/network-auth.xml:118(para)
14768
"Next, copy the following example LDIF file, naming it "
14769
"<filename>backend.example.com.ldif</filename>, somewhere on your system:"
14772
#: serverguide/C/network-auth.xml:123(programlisting)
14776
"# Load dynamic backend modules\n"
14777
"dn: cn=module,cn=config\n"
14778
"objectClass: olcModuleList\n"
14780
"olcModulepath: /usr/lib/ldap\n"
14781
"olcModuleload: back_hdb\n"
14783
"# Database settings\n"
14784
"dn: olcDatabase=hdb,cn=config\n"
14785
"objectClass: olcDatabaseConfig\n"
14786
"objectClass: olcHdbConfig\n"
14787
"olcDatabase: {1}hdb\n"
14788
"olcSuffix: dc=example,dc=com\n"
14789
"olcDbDirectory: /var/lib/ldap\n"
14790
"olcRootDN: cn=admin,dc=example,dc=com\n"
14791
"olcRootPW: secret\n"
14792
"olcDbConfig: set_cachesize 0 2097152 0\n"
14793
"olcDbConfig: set_lk_max_objects 1500\n"
14794
"olcDbConfig: set_lk_max_locks 1500\n"
14795
"olcDbConfig: set_lk_max_lockers 1500\n"
14796
"olcDbIndex: objectClass eq\n"
14797
"olcLastMod: TRUE\n"
14798
"olcDbCheckpoint: 512 30\n"
14799
"olcAccess: to attrs=userPassword by dn=\"cn=admin,dc=example,dc=com\" write "
14800
"by anonymous auth by self write by * none\n"
14801
"olcAccess: to attrs=shadowLastChange by self write by * read\n"
14802
"olcAccess: to dn.base=\"\" by * read\n"
14803
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
14807
#: serverguide/C/network-auth.xml:155(para)
14809
"Change <emphasis>olcRootPW: secret</emphasis> to a password of your choosing."
14812
#: serverguide/C/network-auth.xml:160(para)
14813
msgid "Now add the LDIF to the directory:"
14816
#: serverguide/C/network-auth.xml:165(command) serverguide/C/network-auth.xml:746(command)
14817
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif"
14820
#: serverguide/C/network-auth.xml:168(para)
14822
"The frontend directory is now ready to be populated. Create a "
14823
"<filename>frontend.example.com.ldif</filename> with the following contents:"
14826
#: serverguide/C/network-auth.xml:173(programlisting)
14830
"# Create top-level object in domain\n"
14831
"dn: dc=example,dc=com\n"
14832
"objectClass: top\n"
14833
"objectClass: dcObject\n"
14834
"objectclass: organization\n"
14835
"o: Example Organization\n"
14837
"description: LDAP Example \n"
14840
"dn: cn=admin,dc=example,dc=com\n"
14841
"objectClass: simpleSecurityObject\n"
14842
"objectClass: organizationalRole\n"
14844
"description: LDAP administrator\n"
14845
"userPassword: secret\n"
13572
14847
"dn: ou=people,dc=example,dc=com\n"
13573
14848
"objectClass: organizationalUnit\n"
13679
15199
"system through replication."
13682
#: serverguide/C/network-auth.xml:467(para)
15202
#: serverguide/C/network-auth.xml:530(para)
13684
15204
"Replication is achieved using the <emphasis>Syncrepl</emphasis> engine. "
13685
"Syncrepl allows the directory to be synced using either a "
13686
"<emphasis>push</emphasis> or <emphasis>pull</emphasis> based system. In a "
13687
"push based configuration a <quote>primary</quote> server will push directory "
13688
"updates to <quote>secondary</quote> servers, while a pull based approach "
13689
"allows replication servers to sync on a time based interval."
13692
#: serverguide/C/network-auth.xml:475(para)
13694
"The following is an example of a <emphasis>Multi-Master</emphasis> "
13695
"configuration. In this configuration each OpenLDAP server is configured for "
13696
"both <emphasis>push</emphasis> and <emphasis>pull</emphasis> replication."
13699
#: serverguide/C/network-auth.xml:483(para)
13701
"First, configure the server to sync the <emphasis>cn=config</emphasis> "
13702
"database. Copy the following to a file named <filename>syncrepl_cn-"
13703
"config.ldif</filename>:"
13706
#: serverguide/C/network-auth.xml:488(programlisting)
15205
"Syncrepl allows the changes to be synced using a "
15206
"<emphasis>consumer</emphasis>, <emphasis>provider</emphasis> model. A "
15207
"provider sends directory changes to consumers."
15210
#: serverguide/C/network-auth.xml:537(title)
15211
msgid "Provider Configuration"
15214
#: serverguide/C/network-auth.xml:539(para)
15216
"The following is an example of a <emphasis>Single-Master</emphasis> "
15217
"configuration. In this configuration one OpenLDAP server is configured as a "
15218
"<emphasis>provider</emphasis> and another as a <emphasis>consumer</emphasis>."
15221
#: serverguide/C/network-auth.xml:547(para)
15223
"First, configure the provider server. Copy the following to a file named "
15224
"<filename>provider_sync.ldif</filename>:"
15227
#: serverguide/C/network-auth.xml:552(programlisting)
15231
"# Add indexes to the frontend db.\n"
15232
"dn: olcDatabase={1}hdb,cn=config\n"
15233
"changetype: modify\n"
15234
"add: olcDbIndex\n"
15235
"olcDbIndex: entryCSN eq\n"
15237
"add: olcDbIndex\n"
15238
"olcDbIndex: entryUUID eq\n"
15240
"#Load the syncprov and accesslog modules.\n"
13710
15241
"dn: cn=module{0},cn=config\n"
13711
15242
"changetype: modify\n"
13712
15243
"add: olcModuleLoad\n"
13713
15244
"olcModuleLoad: syncprov\n"
13716
"changetype: modify\n"
13717
"replace: olcServerID\n"
13718
"olcServerID: 1 ldap://ldap01.example.com\n"
13719
"olcServerID: 2 ldap://ldap02.example.com\n"
13721
"dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config\n"
15246
"add: olcModuleLoad\n"
15247
"olcModuleLoad: accesslog\n"
15249
"# Accesslog database definitions\n"
15250
"dn: olcDatabase={2}hdb,cn=config\n"
15251
"objectClass: olcDatabaseConfig\n"
15252
"objectClass: olcHdbConfig\n"
15253
"olcDatabase: {2}hdb\n"
15254
"olcDbDirectory: /var/lib/ldap/accesslog\n"
15255
"olcSuffix: cn=accesslog\n"
15256
"olcRootDN: cn=admin,dc=example,dc=com\n"
15257
"olcDbIndex: default eq\n"
15258
"olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart\n"
15260
"# Accesslog db syncprov.\n"
15261
"dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config\n"
13722
15262
"changetype: add\n"
13723
15263
"objectClass: olcOverlayConfig\n"
13724
15264
"objectClass: olcSyncProvConfig\n"
13725
15265
"olcOverlay: syncprov\n"
13727
"dn: olcDatabase={0}config,cn=config\n"
13728
"changetype: modify\n"
13729
"add: olcSyncRepl\n"
13730
"olcSyncRepl: rid=001 provider=ldap://ldap01.example.com "
13731
"binddn=\"cn=admin,cn=config\" bindmethod=simple\n"
13732
" credentials=secret searchbase=\"cn=config\" type=refreshAndPersist\n"
13733
" retry=\"5 5 300 5\" timeout=1\n"
13734
"olcSyncRepl: rid=002 provider=ldap://ldap02.example.com "
13735
"binddn=\"cn=admin,cn=config\" bindmethod=simple\n"
13736
" credentials=secret searchbase=\"cn=config\" type=refreshAndPersist\n"
13737
" retry=\"5 5 300 5\" timeout=1\n"
13739
"add: olcMirrorMode\n"
13740
"olcMirrorMode: TRUE\n"
13743
#: serverguide/C/network-auth.xml:523(para)
13744
msgid "Edit the file changing:"
13747
#: serverguide/C/network-auth.xml:529(para)
13749
"<emphasis>ldap://ldap01.example.com</emphasis> and "
13750
"<emphasis>ldap://ldap02.example.com</emphasis> to the hostnames of your LDAP "
13754
#: serverguide/C/network-auth.xml:534(para)
13756
"You can have more than two LDAP servers, and when a change is made to one of "
13757
"them it will by synced to the rest. Be sure to increment the "
13758
"<emphasis>olcServerID</emphasis> for each server, and the "
13759
"<emphasis>rid</emphasis> for each <emphasis>olcSyncRepl</emphasis> entry."
13762
#: serverguide/C/network-auth.xml:542(para)
13764
"And adjust <emphasis>credentials=secret</emphasis> to match your admin "
13768
#: serverguide/C/network-auth.xml:552(para)
13770
"Next, add the LDIF file using the <application>ldapmodify</application> "
13774
#: serverguide/C/network-auth.xml:557(command)
13775
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_cn-config.ldif"
13778
#: serverguide/C/network-auth.xml:563(para)
13780
"Copy the <filename>syncrepl_cn-config.ldif</filename> file to the next LDAP "
13781
"server and repeat the <application>ldapmodify</application> command above."
13784
#: serverguide/C/network-auth.xml:571(para)
13786
"Because a new module has been added, the <application>slapd</application> "
13787
"daemon, on all replicated servers, needs to be restarted:"
13790
#: serverguide/C/network-auth.xml:577(command) serverguide/C/network-auth.xml:779(command) serverguide/C/network-auth.xml:895(command)
13791
msgid "sudo /etc/init.d/slapd restart"
13794
#: serverguide/C/network-auth.xml:583(para)
13796
"Now that the configuration database is synced between servers, the "
13797
"<emphasis>backend</emphasis> database needs to be synced as well. Copy and "
13798
"paste the following into another LDIF file named "
13799
"<filename>syncrepl_backend.ldif</filename>:"
13802
#: serverguide/C/network-auth.xml:589(programlisting)
13806
"dn: olcDatabase={1}hdb,cn=config\n"
13807
"changetype: modify\n"
13809
"olcRootDN: cn=admin,dc=example,dc=com\n"
13811
"add: olcSyncRepl\n"
13812
"olcSyncRepl: rid=003 provider=ldap://ldap01.example.com "
13813
"binddn=\"cn=admin,dc=example,dc=com\" \n"
13814
" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
13815
"type=refreshOnly \n"
13816
" interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1\n"
13817
"olcSyncRepl: rid=004 provider=ldap://ldap02.example.com "
13818
"binddn=\"cn=admin,dc=example,dc=com\" \n"
13819
" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
13820
"type=refreshOnly \n"
13821
" interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1\n"
13823
"add: olcMirrorMode\n"
13824
"olcMirrorMode: TRUE\n"
15266
"olcSpNoPresent: TRUE\n"
15267
"olcSpReloadHint: TRUE\n"
15269
"# syncrepl Provider for primary db\n"
13826
15270
"dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config\n"
13827
15271
"changetype: add\n"
13828
15272
"objectClass: olcOverlayConfig\n"
13829
15273
"objectClass: olcSyncProvConfig\n"
13830
15274
"olcOverlay: syncprov\n"
13833
#: serverguide/C/network-auth.xml:616(para)
13834
msgid "Like the previous LDIF file, edit this one changing:"
13837
#: serverguide/C/network-auth.xml:622(para)
13839
"<emphasis>searchbase=\"dc=example,dc=com\"</emphasis> to your directory's "
13843
#: serverguide/C/network-auth.xml:627(para)
13845
"If you use a different admin user, change "
13846
"<emphasis>binddn=\"cn=admin,dc=example,dc=com\"</emphasis>."
13849
#: serverguide/C/network-auth.xml:632(para)
13851
"Also, replace <emphasis>credentials=secret</emphasis> with your admin "
13855
#: serverguide/C/network-auth.xml:641(para)
13856
msgid "Add the LDIF file:"
13859
#: serverguide/C/network-auth.xml:646(command)
13860
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_backend.ldif"
13863
#: serverguide/C/network-auth.xml:649(para)
13865
"Because the servers' configuration is already synced there is no need to "
13866
"copy this LDIF file to the other servers."
15275
"olcSpNoPresent: TRUE\n"
15277
"# accesslog overlay definitions for primary db\n"
15278
"dn: olcOverlay=accesslog,olcDatabase={1}hdb,cn=config\n"
15279
"objectClass: olcOverlayConfig\n"
15280
"objectClass: olcAccessLogConfig\n"
15281
"olcOverlay: accesslog\n"
15282
"olcAccessLogDB: cn=accesslog\n"
15283
"olcAccessLogOps: writes\n"
15284
"olcAccessLogSuccess: TRUE\n"
15285
"# scan the accesslog DB every day, and purge entries older than 7 days\n"
15286
"olcAccessLogPurge: 07+00:00 01+00:00\n"
15289
#: serverguide/C/network-auth.xml:614(para)
15291
"The <application>AppArmor</application> profile for "
15292
"<application>slapd</application> will need to be adjusted for the accesslog "
15293
"database location. Edit <filename>/etc/apparmor.d/usr.sbin.slapd</filename> "
15297
#: serverguide/C/network-auth.xml:619(programlisting)
15301
" /var/lib/ldap/accesslog/ r,\n"
15302
" /var/lib/ldap/accesslog/** rwk,\n"
15305
#: serverguide/C/network-auth.xml:624(para)
15307
"Then create the directory, reload the <application>apparmor</application> "
15308
"profile, and copy the <filename>DB_CONFIG</filename> file:"
15311
#: serverguide/C/network-auth.xml:630(command)
15312
msgid "sudo -u openldap mkdir /var/lib/ldap/accesslog"
15315
#: serverguide/C/network-auth.xml:631(command)
15316
msgid "sudo -u openldap cp /var/lib/ldap/DB_CONFIG /var/lib/ldap/accesslog/"
15319
#: serverguide/C/network-auth.xml:636(para)
15321
"Using the <emphasis>-u openldap</emphasis> option with the "
15322
"<application>sudo</application> commands above removes the need to adjust "
15323
"permissions for the new directory later."
15326
#: serverguide/C/network-auth.xml:645(para)
15328
"Edit the file and change the <emphasis>olcRootDN</emphasis> to match your "
15332
#: serverguide/C/network-auth.xml:649(programlisting)
15336
"olcRootDN: cn=admin,dc=example,dc=com\n"
13869
15339
#: serverguide/C/network-auth.xml:657(para)
13871
"The configuration and backend databases should now sycnc to the other "
13872
"servers. You can add additional servers using the "
13873
"<application>ldapmodify</application> utility as the need arises. See <xref "
13874
"linkend=\"openldap-configuration\"/> for details."
13877
#: serverguide/C/network-auth.xml:667(programlisting)
15341
"Next, add the LDIF file using the <application>ldapadd</application> utility:"
15344
#: serverguide/C/network-auth.xml:662(command)
15345
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f provider_sync.ldif"
15348
#: serverguide/C/network-auth.xml:669(para)
15349
msgid "Restart <application>slapd</application>:"
15352
#: serverguide/C/network-auth.xml:674(command) serverguide/C/network-auth.xml:1040(command) serverguide/C/network-auth.xml:1227(command)
15353
msgid "sudo /etc/init.d/slapd restart"
15356
#: serverguide/C/network-auth.xml:680(para)
15358
"The <emphasis>Provider</emphasis> server is now configured, and it is time "
15359
"to configure a <emphasis>Consumer</emphasis> server."
15362
#: serverguide/C/network-auth.xml:687(title)
15363
msgid "Consumer Configuration"
15366
#: serverguide/C/network-auth.xml:692(para)
15368
"On the <emphasis>Consumer</emphasis> server configure it the same as the "
15369
"<emphasis>Provider</emphasis> except for the <emphasis>Syncrepl</emphasis> "
15370
"configuration steps."
15373
#: serverguide/C/network-auth.xml:697(para)
15374
msgid "Add the additional schema files:"
15377
#: serverguide/C/network-auth.xml:707(para)
15379
"Also, create, or copy from the provider server, the "
15380
"<filename>backend.example.com.ldif</filename>"
15383
#: serverguide/C/network-auth.xml:711(programlisting)
15387
"# Load dynamic backend modules\n"
15388
"dn: cn=module,cn=config\n"
15389
"objectClass: olcModuleList\n"
15391
"olcModulepath: /usr/lib/ldap\n"
15392
"olcModuleload: back_hdb\n"
15394
"# Database settings\n"
15395
"dn: olcDatabase=hdb,cn=config\n"
15396
"objectClass: olcDatabaseConfig\n"
15397
"objectClass: olcHdbConfig\n"
15398
"olcDatabase: {1}hdb\n"
15399
"olcSuffix: dc=example,dc=com\n"
15400
"olcDbDirectory: /var/lib/ldap\n"
15401
"olcRootDN: cn=admin,dc=example,dc=com\n"
15402
"olcRootPW: secret\n"
15403
"olcDbConfig: set_cachesize 0 2097152 0\n"
15404
"olcDbConfig: set_lk_max_objects 1500\n"
15405
"olcDbConfig: set_lk_max_locks 1500\n"
15406
"olcDbConfig: set_lk_max_lockers 1500\n"
15407
"olcDbIndex: objectClass eq\n"
15408
"olcLastMod: TRUE\n"
15409
"olcDbCheckpoint: 512 30\n"
15410
"olcAccess: to attrs=userPassword by dn=\"cn=admin,dc=example,dc=com\" write "
15411
"by anonymous auth by self write by * none\n"
15412
"olcAccess: to attrs=shadowLastChange by self write by * read\n"
15413
"olcAccess: to dn.base=\"\" by * read\n"
15414
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
15417
#: serverguide/C/network-auth.xml:741(para)
15418
msgid "And add the LDIF by entering:"
15421
#: serverguide/C/network-auth.xml:752(para)
15423
"Do the same with the <filename>frontend.example.com.ldif</filename> file "
15424
"listed above, and add it:"
15427
#: serverguide/C/network-auth.xml:760(para)
15429
"The two severs should now have the same configuration except for the "
15430
"<emphasis>Syncrepl</emphasis> options."
15433
#: serverguide/C/network-auth.xml:768(para)
15435
"Now create a file named <filename>consumer_sync.ldif</filename> containing:"
15438
#: serverguide/C/network-auth.xml:772(programlisting)
15442
"#Load the syncprov module.\n"
15443
"dn: cn=module{0},cn=config\n"
15444
"changetype: modify\n"
15445
"add: olcModuleLoad\n"
15446
"olcModuleLoad: syncprov\n"
15448
"# syncrepl specific indices\n"
15449
"dn: olcDatabase={1}hdb,cn=config\n"
15450
"changetype: modify\n"
15451
"add: olcDbIndex\n"
15452
"olcDbIndex: entryUUID eq\n"
15454
"add: olcSyncRepl\n"
15455
"olcSyncRepl: rid=0 provider=ldap://ldap01.example.com bindmethod=simple "
15456
"binddn=\"cn=admin,dc=example,dc=com\" \n"
15457
" credentials=secret searchbase=\"dc=example,dc=com\" "
15458
"logbase=\"cn=accesslog\" \n"
15459
" logfilter=\"(&(objectClass=auditWriteObject)(reqResult=0))\" "
15460
"schemachecking=on \n"
15461
" type=refreshAndPersist retry=\"60 +\" syncdata=accesslog\n"
15463
"add: olcUpdateRef\n"
15464
"olcUpdateRef: ldap://ldap01.example.com\n"
15467
#: serverguide/C/network-auth.xml:795(para)
15468
msgid "You will probably want to change the following attributes:"
15471
#: serverguide/C/network-auth.xml:800(para)
15472
msgid "<emphasis>ldap01.example.com</emphasis> to your server's hostname."
15475
#: serverguide/C/network-auth.xml:801(emphasis)
15479
#: serverguide/C/network-auth.xml:802(emphasis)
15480
msgid "credentials"
15483
#: serverguide/C/network-auth.xml:803(emphasis)
15487
#: serverguide/C/network-auth.xml:804(emphasis)
15488
msgid "olcUpdateRef:"
15491
#: serverguide/C/network-auth.xml:810(para)
15492
msgid "Add the LDIF file to the configuration tree:"
15495
#: serverguide/C/network-auth.xml:815(command)
15496
msgid "sudo ldapadd -c -Y EXTERNAL -H ldapi:/// -f consumer_sync.ldif"
15499
#: serverguide/C/network-auth.xml:821(para)
15501
"The frontend database should now sync between servers. You can add "
15502
"additional servers using the steps above as the need arises."
15505
#: serverguide/C/network-auth.xml:831(programlisting)
13879
15507
msgid "127.0.0.1\tldap01.example.com ldap01"
13882
#: serverguide/C/network-auth.xml:663(para)
15510
#: serverguide/C/network-auth.xml:827(para)
13884
15512
"The <application>slapd</application> daemon will send log information to "
13885
15513
"<filename>/var/log/syslog</filename> by default. So if all does "
24255
26309
"<ulink url=\"http://www.bacula.org/\">Bacula Home "
24256
26310
"Page</ulink>包含了最新的Bacula的新闻和开发进展。"
26312
#: serverguide/C/backups.xml:869(para)
26314
"Also, see the <ulink url=\"https://help.ubuntu.com/community/Bacula\">Bacula "
26315
"Ubuntu Wiki</ulink> page."
24258
26318
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
24259
26319
#: serverguide/C/backups.xml:0(None)
24260
26320
msgid "translator-credits"
24262
26322
"Launchpad Contributions:\n"
24263
" 4b3tt0r https://launchpad.net/~4b3tt0r\n"
24264
" AllenNewOk https://launchpad.net/~allennewok\n"
24265
" Andrew Xu https://launchpad.net/~jswxxuyuan\n"
24266
26323
" Aron Xu https://launchpad.net/~happyaron\n"
24267
26324
" Azrael Green https://launchpad.net/~azrael-green\n"
24268
" Chen Ming https://launchpad.net/~chenming\n"
24269
26325
" Congping Hao https://launchpad.net/~cqhcp\n"
24270
" Constine https://launchpad.net/~logo09\n"
24271
26326
" Devin https://launchpad.net/~gnujava\n"
24272
" EAdam https://launchpad.net/~liuannan\n"
24273
" ESN https://launchpad.net/~esn\n"
24274
" Felix https://launchpad.net/~maxin0423\n"
24275
" Hugh https://launchpad.net/~hugh-shang\n"
24276
" Ihnus Qcshz https://launchpad.net/~qcshzihnus\n"
24277
" JinLei https://launchpad.net/~jinlei\n"
24278
26327
" Jun CHEN https://launchpad.net/~morning.nju\n"
24279
" Kempson Chen https://launchpad.net/~irain\n"
26328
" Justin Yang https://launchpad.net/~yzmsq\n"
24280
26329
" Lain https://launchpad.net/~lain\n"
24281
" Li Linxiao https://launchpad.net/~leal\n"
24282
" Luo Jiawei https://launchpad.net/~norman6810\n"
24283
26330
" Magicnight https://launchpad.net/~magicnight\n"
24284
26331
" Miaobo Yao https://launchpad.net/~ubuntu-firehare\n"
24285
26332
" Proton https://launchpad.net/~feisuzhu\n"
24286
" Rkyo https://launchpad.net/~irc-beyondyou\n"
24287
26333
" Tao Wei https://launchpad.net/~weitao1979\n"
26334
" USSR https://launchpad.net/~samuel-lee-1991\n"
24288
26335
" Xu Hejie https://launchpad.net/~xuhejie\n"
24289
" Yiding He https://launchpad.net/~yiding-he\n"
24290
" Yinghua Wang https://launchpad.net/~wantinghard\n"
24291
26336
" bailiang https://launchpad.net/~bailiangcn\n"
24292
" ggarlic https://launchpad.net/~ggarlic\n"
24293
26337
" jinxin16897123 https://launchpad.net/~jinxin16897123\n"
24294
" jpartley https://launchpad.net/~jpartley\n"
24295
26338
" king_li https://launchpad.net/~lzldc987\n"
24296
26339
" linuxwj https://launchpad.net/~linuxwj\n"
24297
" luckyone https://launchpad.net/~luckyone999\n"
24298
" markgoo https://launchpad.net/~markgoo-030221\n"
24299
" paaboo https://launchpad.net/~fire14\n"
24300
" rainofchaos https://launchpad.net/~rainofchaos\n"
24301
26340
" saber https://launchpad.net/~saber-lover\n"
24302
26341
" sdxianchao https://launchpad.net/~sdxianchao\n"
24303
" stone_unix https://launchpad.net/~gaoghy\n"
26342
" snowwhite https://launchpad.net/~yuxin6147\n"
26343
" wangajing https://launchpad.net/~yifan-870829\n"
26344
" wsw https://launchpad.net/~imskyee\n"
24304
26345
" xiajiebuhui https://launchpad.net/~xiajiebuhui\n"
24305
" yuane https://launchpad.net/~yuane\n"
24306
26346
" yugq https://launchpad.net/~yuguoqiang\n"
26347
" zhongxin https://launchpad.net/~zhongxin0826\n"
24307
26348
" 龚韬 https://launchpad.net/~gongtao0607"
24310
#~ "<emphasis>read only:</emphasis> gives write access to the shared directory."
24311
#~ msgstr "<emphasis>read only:</emphasis>请授予共享目录写入权限。"
24314
#~ "After configuring the bridge in "
24315
#~ "<filename>/etc/network/interfaces</filename>, shutdown "
24316
#~ "<application>dhcdbd</application> by:"
24318
#~ "通过配置<filename>/etc/network/interfaces</filename>完成桥接设置后, 使用命令 "
24319
#~ "<application>dhcdbd</application> 关闭dhcdbd:"
24321
#~ msgid "Now to disable it from starting on boot enter:"
24322
#~ msgstr "要在启动时就禁用它,输入:"
24325
#~ "<emphasis role=\"bold\">ServerAdmin</emphasis>: To configure the email "
24326
#~ "address of the designated administrator of the CUPS server, simply edit the "
24327
#~ "<filename>/etc/cups/cupsd.conf</filename> configuration file with your "
24328
#~ "preferred text editor, and modify the <emphasis "
24329
#~ "role=\"italics\">ServerAdmin</emphasis> line accordingly. For example, if "
24330
#~ "you are the Administrator for the CUPS server, and your e-mail address is "
24331
#~ "'bjoy@somebigco.com', then you would modify the ServerAdmin line to appear "
24334
#~ "<emphasis role=\"bold\">ServerAdmin</emphasis>:要配置指定 CUPS "
24335
#~ "服务器管理员的邮件地位,只需用你喜欢的文本编辑器简单编辑 <filename>/etc/cups/cupsd.conf</filename> "
24336
#~ "配置文件,并修改相应的 <emphasis role=\"italics\">ServerAdmin</emphasis> 行即可。举个例子,如果您是 "
24337
#~ "CUPS 服务器的管理员,并且您的邮件地址是'bjoy@somebigco.com',那么您可以象下面这样修改 ServerAdmin 行:"
24339
#~ msgid "sudo /etc/init.d/dhcdbd stop"
24340
#~ msgstr "sudo /etc/init.d/dhcdbd stop"
24343
#~ "If setting up a bridge interface using Ubuntu Desktop Edition, or if "
24344
#~ "<application>dhcdbd</application> is installed, the "
24345
#~ "<application>dhcdbd</application> daemon will need to be stopped and "
24348
#~ "如果要在Ubuntu桌面版中使用桥接网络,抑或是 <application>dhcdbd</application> "
24349
#~ "已经被安装,<application>dhcdbd</application> 守护进程需要停止并禁用。"
24351
#~ msgid "Point your web browser to the following URL for MediaWiki setup:"
24352
#~ msgstr "将您的 web 浏览器指向如下 URL 来设置 MediaWiki:"
24354
#~ msgid "sudo update-rc.d -f dhcdbd remove"
24355
#~ msgstr "sudo update-rc.d -f dhcdbd remove"
24358
#~ "Accessing Subversion repository via WebDAV protocol with SSL encryption "
24359
#~ "(https://) is similar to http:// except that you must install and configure "
24360
#~ "the digital certificate in your Apache2 web server."
24362
#~ "通过带 SSL 加密的 WebDAV 协议 (https://) 访问也使用 http:// 类似,只是您必须在您的 Apache2 web "
24363
#~ "服务器中安装和配置数字证书。"
24365
#~ msgid "Run the following commands to configure MediaWiki:"
24366
#~ msgstr "运行下面的命令来配置MediaWiki"
24369
#~ "Some other configuration for the CUPS server is done in the file "
24370
#~ "<filename>/etc/cups/cups.d/ports.conf</filename>:"
24372
#~ "CUPS 服务器的其它一些配置在文件 <filename>/etc/cups/cups.d/ports.conf</filename> 中:"
24384
#~ msgid "sudo ln -s /var/lib/mediawiki /var/www/mediawiki"
24385
#~ msgstr "sudo ln -s /var/lib/mediawiki /var/www/mediawiki"
24387
#~ msgid "sudo /etc/init.d/cupsys restart"
24388
#~ msgstr "sudo /etc/init.d/cupsys restart"
24394
#~ "print_r (phpinfo());\n"
24399
#~ "print_r (phpinfo());\n"
24403
#~ "You can install a digital certificate issued by a signing authority like "
24404
#~ "Verisign. Alternatively, you can install your own self-signed certificate."
24405
#~ msgstr "您可以安装由证书签署机构如 Verisign 颁发的数字证书。或者,您也可以安装自己签署的证书。"
24408
#~ "You should now be able to read, write, and execute files in the shared "
24409
#~ "directory as normal, and the <application>smbd</application> binary will "
24410
#~ "have access to only the configured files and direcotories. Be sure to add "
24411
#~ "entries for each directory you configure Samba to share. Also, any errors "
24412
#~ "will be logged to <filename>/var/log/syslog</filename>."
24414
#~ "现在,您就可以正常地读、写或执行共享目录下的文件。 <application>smbd</application> "
24415
#~ "将只读取您配置为共享的文件或目录,因此,要让 Samba 实现共享,请确保加入每个共享目录项到配置。同时,任何错误都将会被记录到 "
24416
#~ "<filename>/var/log/syslog</filename>。"
24419
#~ "This will copy the the <filename>/etc/hosts</filename> to "
24420
#~ "<filename>//fs01.example.com/share/hosts</filename>."
24422
#~ "这将会拷贝 <filename>/etc/hosts</filename> 到 "
24423
#~ "<filename>//fs01.example.com/share/hosts</filename>。"
24426
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24427
#~ "libvirt qemu:///system"
24429
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24430
#~ "libvirt qemu:///system"
24435
#~ " domain logons = yes\n"
24436
#~ " logon path = \\\\%N\\%U\\profile\n"
24437
#~ " logon drive = H:\n"
24438
#~ " logon home = \\\\%N\\%U\n"
24439
#~ " logon script = logon.cmd\n"
24440
#~ " add machine script = sudo /usr/sbin/useradd -n -g machines -c Machine -d "
24441
#~ "/var/lib/samba -s /bin/false %u\n"
24444
#~ " domain logons = yes\n"
24445
#~ " logon path = \\\\%N\\%U\\profile\n"
24446
#~ " logon drive = H:\n"
24447
#~ " logon home = \\\\%N\\%U\n"
24448
#~ " logon script = logon.cmd\n"
24449
#~ " add machine script = sudo /usr/sbin/useradd -n -g machines -c Machine -d "
24450
#~ "/var/lib/samba -s /bin/false %u\n"
24453
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24454
#~ "libvirt qemu:///system --ip 192.168.0.100"
24456
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24457
#~ "libvirt qemu:///system --ip 192.168.0.100"
24460
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 \\ -o "
24461
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
24463
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 \\ -o "
24464
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
24467
#~ "As this example is based on <application>KVM</application> and Ubuntu 9.04 "
24468
#~ "(Jaunty Jackalope), and we are likely to rebuild the same virtual machine "
24469
#~ "multiple time, we'll invoke vmbuilder with the following first parameters:"
24471
#~ "该例子是基于<application>KVM</application>和 Ubuntu 9.04 (Jaunty "
24472
#~ "Jackalope),我们有可能在多时间重建该相同的虚拟机,我们将调用 vmbuilder 以下的第一个参数:"
24477
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24479
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24482
#~ "deb http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24483
#~ "universe multiverse \n"
24484
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24485
#~ "universe multiverse \n"
24487
#~ "deb http://archive.ubuntu.com/ubuntu/ jaunty-backports main restricted "
24488
#~ "universe multiverse \n"
24489
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-backports main restricted "
24490
#~ "universe multiverse \n"
24492
#~ "deb http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24493
#~ "universe multiverse \n"
24494
#~ "/deb-i386 http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24495
#~ "universe multiverse \n"
24497
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24498
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24500
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24501
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24505
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24507
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24510
#~ "deb http://archive.ubuntu.com/ubuntu jaunty-updates main restricted universe "
24512
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24513
#~ "universe multiverse \n"
24515
#~ "deb http://archive.ubuntu.com/ubuntu/ jaunty-backports main restricted "
24516
#~ "universe multiverse \n"
24517
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-backports main restricted "
24518
#~ "universe multiverse \n"
24520
#~ "deb http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24521
#~ "universe multiverse \n"
24522
#~ "/deb-i386 http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24523
#~ "universe multiverse \n"
24525
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24526
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24528
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24529
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24534
#~ " <Location /svn>\n"
24536
#~ " SVNParentPath /home/svn\n"
24537
#~ " AuthType Basic\n"
24538
#~ " AuthName \"Your repository name\"\n"
24539
#~ " AuthUserFile /etc/subversion/passwd\n"
24540
#~ " <LimitExcept GET PROPFIND OPTIONS REPORT>\n"
24541
#~ " Require valid-user\n"
24542
#~ " </LimitExcept>\n"
24543
#~ " </Location> "
24545
#~ " <Location /svn>\n"
24547
#~ " SVNParentPath /home/svn\n"
24548
#~ " AuthType Basic\n"
24549
#~ " AuthName \"Your repository name\"\n"
24550
#~ " AuthUserFile /etc/subversion/passwd\n"
24551
#~ " <LimitExcept GET PROPFIND OPTIONS REPORT>\n"
24552
#~ " Require valid-user\n"
24553
#~ " </LimitExcept>\n"
24554
#~ " </Location> "
24556
#~ msgid "Here is what the command with all the options discussed above:"
24557
#~ msgstr "以下是所有已讨论过选项的命令:"
26354
#~ "nameserver 204.11.126.131\n"
26355
#~ "nameserver 64.125.134.133\n"
26356
#~ "nameserver 64.125.134.132\n"
26357
#~ "nameserver 208.185.179.218\n"
26361
#~ "nameserver 204.11.126.131\n"
26362
#~ "nameserver 64.125.134.133\n"
26363
#~ "nameserver 64.125.134.132\n"
26364
#~ "nameserver 208.185.179.218\n"
26368
#~ "Password: <placeholder-1/>\n"
26369
#~ "Retype password: <placeholder-2/>\n"
26370
#~ "$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26372
#~ "密码: <placeholder-1/>\n"
26373
#~ "再输入一次密码: <placeholder-2/>\n"
26374
#~ "$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26377
#~ "This section assumes you have installed and configured Apache 2 Web Server "
26378
#~ "and MySQL Database Server. You can refer to Apache 2 section and MySQL "
26379
#~ "sections in this document to install and configure Apache 2 and MySQL "
26382
#~ "本节假设您已经安装了配置了 Apache 2 Web 服务器和 MySQL 数据库服务器。您可以参考本文档中的 Apache 2 部分和 MySQL "
26383
#~ "部分来分别安装和配置 Apache 2 和 MySQL。"
26386
#~ "If your network contains computers whose IP addresses are not listed in DNS, "
26387
#~ "it is recommended that you add them to the <filename>/etc/hosts</filename> "
26390
#~ "如果您网络所包含计算机的 IP 地址没有在 DNS 中列出,建议您将它们加入到 <filename>/etc/hosts</filename> 文件中。"
26393
#~ "This section explains how to configure which nameserver to use when "
26394
#~ "resolving IP addresses to hostnames and vice versa. It does not explain how "
26395
#~ "to configure the system as a name server."
26396
#~ msgstr "本节解释了当要将 IP 地址解析为主机名或是进行相反操作时,如何配置使用哪个名称服务器。本节并不解释如何将系统配置为一台名称服务器。"
26398
#~ msgid "GRUB Password Security"
26399
#~ msgstr "GRUB 密码安全性"
26401
#~ msgid "Related Pages"
26407
#~ "local all postgres md5 sameuser\n"
26410
#~ "local all postgres md5 sameuser\n"
26413
#~ "This does not prevent someone from booting the server from alternate media. "
26414
#~ "A determined attacker would simply boot into an alternate environment, "
26415
#~ "overwrite your master boot record, mount or copy your physical volumes, "
26416
#~ "destroy your data, or anything else they can imagine. Please explore other "
26417
#~ "countermeasures that may help you with these types of attacks."
26419
#~ "这个并不能阻止用户通过其它媒介来启动服务器。刻意的攻击者会将服务器启动到其它环境下,覆写你的主启动记录(MBR),挂载或复制你的物理卷,毁坏你的数据,或其"
26420
#~ "它任何他们能猜测到的东西。请探究其它对策以助你防御这些攻击。"
26423
#~ "If nothing is printed, it means that your cpu does <emphasis>not</emphasis> "
26424
#~ "support hardware virtualization."
26425
#~ msgstr "如果屏幕上什么也没打印,那说明你的cpu<emphasis>不</emphasis>支持硬件虚拟。"
26427
#~ msgid "Boot the server into single user mode."
26428
#~ msgstr "引导系统进入单用户模式"
26431
#~ msgid "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26432
#~ msgstr "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26435
#~ "Again, Using Squid's access control, you may configure use of Internet "
26436
#~ "services proxied by Squid to be available only users with certain Internet "
26437
#~ "Protocol (IP) addresses. For example, we will illustrate access by users of "
26438
#~ "the 192.168.42.0/24 subnetwork only:"
26440
#~ "再一次,如果您使用Squid进行访问控制, 您应该将Internet信息服务代理设置为只有特定(IP的用户才能使用。例如,我们将举例说明只允许来自 "
26441
#~ "192.168.42.0/24 网段用户的访问:"
26443
#~ msgid "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
26444
#~ msgstr "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
26446
#~ msgid "Managing DNS Entries"
26447
#~ msgstr "管理 DNS 记录"
26449
#~ msgid "Managing Hosts"
26453
#~ "The <application>nameserver</application> key specifies the nameserver IP "
26454
#~ "address. It will be used to resolve a given IP address or hostname. This "
26455
#~ "file can have multiple nameserver entries. The nameservers will be used by "
26456
#~ "the network query in the same order."
26458
#~ "<application>nameserver</application> 关键字指定名称服务器的 IP 地址。它会被用来解析一个给定的 IP "
26459
#~ "地址或主机名。该文件可以有多个名称服务器条目。网络查询将以与条目相同的顺序使用这些名称服务器。"
26462
#~ msgid "(repeat password)"
26466
#~ "Many more configurations are possible, including dialup PPP interfaces, IPv6 "
26467
#~ "networking, VPN devices, etc. Refer to <application>man 5 "
26468
#~ "interfaces</application> for more information and supported options. "
26469
#~ "Remember that <filename>/etc/network/interfaces</filename> is used by the "
26470
#~ "<application>ifup</application>/<application>ifdown</application> scripts as "
26471
#~ "a higher level configuration scheme than may be used in some other Linux "
26472
#~ "distributions, and that the traditional, lower level utilities such as "
26473
#~ "<application>ifconfig</application>, <application>route</application>, and "
26474
#~ "<application>dhclient</application> are still available to you for ad hoc "
26475
#~ "configurations."
26477
#~ "配置更多的接口是可能的,包括拨号的 PPP 接口、IPv6 网络、VPN 设备等。更多信息和支持选项请参考 <application>man 5 "
26478
#~ "interfaces</application>。记住 <filename>/etc/network/interfaces</filename> 被 "
26479
#~ "<application>ifup</application>/<application>ifdown</application> "
26480
#~ "脚本用于作为比其他一些 Linux "
26481
#~ "发行版更高层的配置模式。传统的低层工具如<application>ifconfig</application>、<application>route</a"
26482
#~ "pplication> 和 <application>dhclient</application> 仍旧可被您用来进行特别配置。"
26484
#~ msgid "egrep '(vmx|svm)' /proc/cpuinfo"
26485
#~ msgstr "egrep '(vmx|svm)' /proc/cpuinfo"
26488
#~ "For example, when a user requests the page "
26489
#~ "http://www.example.com/this_directory/, he or she will get either the "
26490
#~ "DirectoryIndex page if it exists, a server-generated directory list if it "
26491
#~ "does not and the Indexes option is specified, or a Permission Denied page if "
26492
#~ "neither is true. The server will try to find one of the files listed in the "
26493
#~ "DirectoryIndex directive and will return the first one it finds. If it does "
26494
#~ "not find any of these files and if Options Indexes is set for that "
26495
#~ "directory, the server will generate and return a list, in HTML format, of "
26496
#~ "the subdirectories and files in the directory. The default value, found in "
26497
#~ "<filename>/etc/apache2/apache2.conf</filename> is \" index.html index.cgi "
26498
#~ "index.pl index.php index.xhtml\". Thus, if Apache2 finds a file in a "
26499
#~ "requested directory matching any of these names, the first will be displayed."
26501
#~ "例如,当一个用户请求 http://www.example.com/this_directory/ 页时,他或她要么得到 DirectoryIndex "
26502
#~ "页,如果它存在的话;要么得到一个服务器生成的目录列表,如果它不存在且设置了 Indexes 选项的话;要么就得到一个无权访问页,如果它不存在且没有设置 "
26503
#~ "Indexes 选项的话。服务器尝试找到在 DirectoryIndex "
26504
#~ "语句中所列文件之一,并返回它所找到的第一个。如果它没有找到任何一个文件且该目录设置了 Indexes 选项,服务器将生成并返回一个 HTML "
26505
#~ "格式的列表,包括该目录中的子目录和文件。缺省值可以在 <filename>/etc/apache2/apache2.conf</filename> "
26506
#~ "文件中找到,是 \" index.html index.cgi index.pl index.php index.xhtml\"。因此,如果 "
26507
#~ "Apache2 在所请求的目录中找到任何一个匹配这些名字的文件,第一个将被显示。"
26509
#~ msgid "Apache Modules"
26510
#~ msgstr "Apache 模块"
26512
#~ msgid "LDAP replication"
26513
#~ msgstr "LDAP 副本"
26515
#~ msgid "Ethernet"
26519
#~ "Depending on how you obtained your certificate you may need to enter a "
26520
#~ "passphrase when <application>Apache</application> starts."
26521
#~ msgstr "取决于你怎么获得你的证书,你可能需要在<application>Apache</application>开始时输入密码。"
26524
#~ "To require use of the password for entering single user mode, change the "
26525
#~ "value of the <varname>lockalternative</varname> variable in the file "
26526
#~ "<filename>/boot/grub/menu.lst</filename> to <varname>true</varname>, as "
26527
#~ "shown in the following example."
26529
#~ "需要使用进入单用户模式的密码时,将文件<filename>/boot/grub/menu.lst</filename>中的变量<varname>locka"
26530
#~ "lternative</varname>值改成<varname>true</varname>,如下例所示。"
26533
#~ "If the DNS server names are retrieved dynamically from DHCP or PPPoE "
26534
#~ "(retrieved from your ISP), do not add nameserver entries in this file. It "
26535
#~ "will be overwritten."
26537
#~ "如果 DNS 服务器名称是通过 DHCP 或 PPPoE (从您的 ISP ) 动态取回的,那么请不要在该文件中添加名称服务器条目。该条目会被覆盖。"
26540
#~ "The <emphasis>DocumentRoot</emphasis> directive specifies where Apache "
26541
#~ "should look for the files that make up the site. The default value is "
26542
#~ "/var/www. No site is configured there, but if you uncomment the "
26543
#~ "<emphasis>RedirectMatch</emphasis> directive in "
26544
#~ "<filename>/etc/apache2/apache2.conf</filename> requests will be redirected "
26545
#~ "to /var/www/apache2-default where the default Apache2 site awaits. Change "
26546
#~ "this value in your site's virtual host file, and remember to create that "
26547
#~ "directory if necessary!"
26549
#~ "<emphasis>DocumentRoot</emphasis> 语句指定 Apache 将到哪儿去寻找站点文件,缺省值为 "
26550
#~ "/var/www。没有站点配置在那里,但如果您反注释在 <filename>/etc/apache2/apache2.conf</filename> "
26551
#~ "中的 <emphasis>RedirectMatch</emphasis> 语句,请求将被重定向到 /var/www/apache2-"
26552
#~ "default,那里是缺省的 Apache2 站点。在您站点的虚拟主机文件中改变该值,记住在必要时可以创建相应的目录!"
26555
#~ "To access the Subversion repository via WebDAV protocol, you must configure "
26556
#~ "your Apache 2 web server. You must add the following snippet in your "
26557
#~ "<filename>/etc/apache2/apache2.conf</filename> file:"
26559
#~ "要通过 WebDAV 协议访问 Subversion,您必须配置您的 Apache2 web 服务器。您必须在您的 "
26560
#~ "<filename>/etc/apache2/apache2.conf</filename> 文件中添加下面一小段:"
26562
#~ msgid "Pass kernel options at boot up."
26563
#~ msgstr "在启动时传递参数给内核。"
26565
#~ msgid "grub-md5-crypt"
26566
#~ msgstr "grub-md5-crypt"
26569
#~ "To disable the reboot action taken by pressing the "
26570
#~ "<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap></k"
26571
#~ "eycombo> key combination, comment out the following line in the file "
26572
#~ "<filename>/etc/event.d/control-alt-delete</filename>."
26574
#~ "要想禁用<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap"
26575
#~ "></keycombo> 热键组合重启机器,将<filename>/etc/event.d/control-alt-"
26576
#~ "delete</filename>中的如下一行注释掉."
26579
#~ "The <application>search</application> key specifies the string which will be "
26580
#~ "appended to an incomplete hostname. Here, we have configured it to "
26581
#~ "<application>com</application>. So, when we run: <command>ping "
26582
#~ "ubuntu</command> it would be interpreted as <command>ping "
26583
#~ "ubuntu.com</command>."
26585
#~ "<application>search</application> 关键字指定为不完整的主机名添加的字符串。在这里我们将其配置为 "
26586
#~ "<application>com</application>。因此当我们运行:<command>ping ubuntu</command> "
26587
#~ "时它会被理解成 <command>ping ubuntu.com</command>。"
26590
#~ "The Apache2 web server is available in Ubuntu Linux. To install Apache2:"
26591
#~ msgstr "Apache2 web 服务器在 Ubuntu Linux 中是可用的。要安装 Apache2:"
26594
#~ "On most computer whose processor supports virtualization, it is necessary to "
26595
#~ "activate an option in the bios to enable it. The method described above does "
26596
#~ "not show the status of it's activation."
26597
#~ msgstr "在大多数处理器支持虚拟化的电脑上,有必要激活bios里的一个选项。上述描述的方法没有展示其激活状态。"
26600
#~ msgid "# lockalternative=true"
26601
#~ msgstr "# lockalternative=true"
26603
#~ msgid "Once part of the domain, install the following packages:"
26604
#~ msgstr "成为了域的一部分,安装如下软件包:"
26607
#~ "When joining an Ubuntu Desktop workstation to a domain, you may need to edit "
26608
#~ "<filename>/etc/nsswitch.conf</filename> if your AD domain uses the <emphasis "
26609
#~ "role=\"italic\">.local</emphasis> syntax. In order to join the domain the "
26610
#~ "<emphasis>\"mdns4\"</emphasis> entry from the <emphasis>hosts</emphasis> "
26611
#~ "option. For example:"
26613
#~ "当加入 Ubuntu 桌面工作站到域时,如果您的活动目录域使用 <emphasis role=\"italic\">.local</emphasis> "
26614
#~ "语法,则可能需要编辑 <filename>/etc/nsswitch.conf</filename>。 "
26615
#~ "为了加入域,<emphasis>hosts</emphasis> 选项中的 <emphasis>\"mdns4\"</emphasis> 项,如:"
26618
#~ "With Apache now configured for HTTPS, restart the service to enable the new "
26620
#~ msgstr "Apache 已经配置为支持 HTTPS,重启服务以使用新的设置:"
26623
#~ "To configure <application>Apache</application> for HTTPS, enter the "
26625
#~ msgstr "要配置 <application>Apache</application> 支持 HTTPS, 输入如下:"
26628
#~ "There is a default HTTPS configuration file in <filename>/etc/apache2/sites-"
26629
#~ "available/default-ssl</filename>. In order for "
26630
#~ "<application>Apache</application> to provide HTTPS, a "
26631
#~ "<emphasis>certificate</emphasis> and <emphasis>key</emphasis> file are also "
26632
#~ "needed. The default HTTPS configuration will use a certificate and key "
26633
#~ "generated by the <application>ssl-cert</application> package. They are good "
26634
#~ "for testing, but the auto-generated certificate and key should be replaced "
26635
#~ "by a certificate specific to the site or server. For information on "
26636
#~ "generating a key and obtaining a certificate see <xref "
26637
#~ "linkend=\"certificates-and-security\"/>"
26639
#~ "<filename>/etc/apache2/sites-available/default-ssl</filename> 中有一个默认的 HTTPS "
26640
#~ "配置文件。 为使 Apache 提供 HTTPS,还需要 <emphasis>证书</emphasis> 和 "
26641
#~ "<emphasis>密钥</emphasis> 文件。 默认的 HTTPS 配置文件将使用 <application>ssl-"
26642
#~ "cert</application> 程序生成的证书和密钥。 "
26643
#~ "由程序生成的证书和密钥,很适合测试服务器所用,但这种自动生成的证书和密钥必须由站点或服务所特定的证书替代。 更多有关生成密钥与获取证书,请参考 "
26644
#~ "<xref linkend=\"certificates-and-security\"/>"
26651
#~ "<menuchoice><guimenuitem>Start</guimenuitem><guimenuitem>Administrative Tools"
26652
#~ "</guimenuitem><guimenuitem>Manager Your Server</guimenuitem></menuchoice>. "
26653
#~ "This will open the <application>Server Role Mangement</application> utility."
26656
#~ "<menuchoice><guimenuitem>开始</guimenuitem><guimenuitem>管理工具</guimenuitem><guim"
26657
#~ "enuitem>配置您的服务器向导</guimenuitem></menuchoice>,这将运行 "
26658
#~ "<application>服务器角色管理</application> 程序。"
26660
#~ msgid "Click Add or remove a role"
26661
#~ msgstr "点击添加/删除角色"
26664
#~ "To add a password for use with <application>grub</application>, first you "
26665
#~ "must generate an md5 password hash using the <application>grub-md5-"
26666
#~ "crypt</application> utility:"
26668
#~ "要给<application>grub</application>增加一个使用口令,首先你必须使用<application>grub-md5-"
26669
#~ "crypt</application>工具产生一个md5口令。"
26672
#~ msgid "(enter new password)"
26673
#~ msgstr "(输入新的口令)"
26676
#~ "The command will ask you to enter a password and offer a resulting hash "
26677
#~ "value as shown below:"
26678
#~ msgstr "命令将请你输入一个口令并提供一个结果密码,如下所示:"
26681
#~ "Therefore, it is important to control who may edit the "
26682
#~ "<application>grub</application> menu items which, would otherwise allow for "
26683
#~ "someone to perform the following dangerous actions:"
26685
#~ "所以,控制谁可能修改<application>grub</application>的菜单项是很重要的,否则就可能允许某些人进行以下危险的操作:"
26688
#~ "Apache2 is configured by placing <emphasis>directives</emphasis> in plain "
26689
#~ "text configuration files. The configuration files are separated between the "
26690
#~ "following files and directories:"
26691
#~ msgstr "Apache2 由 以纯文本 <emphasis>指令</emphasis> 配置文件所安装。配置文件被以下文件和目录之间所分开:"
26694
#~ "<emphasis>conf.d:</emphasis> contains configuration files which apply "
26695
#~ "<emphasis>globally</emphasis> to Apache. Other packages that use Apache2 to "
26696
#~ "serve content may add files, or symlinks, to this directory."
26698
#~ "<emphasis>conf.d:</emphasis> 包含的配置文件适合用于 <emphasis>全球的</emphasis> "
26699
#~ "Apache。其它软件包使用 Apache2 服务内容可以添加文件,符号链接到此目录。"
26702
#~ "Enable the new <emphasis>VirtualHost</emphasis> using the "
26703
#~ "<application>a2ensite</application> utility and restart Apache:"
26705
#~ "启动新的 <emphasis> 虚拟主机 </emphasis> 使用 <application> a2ensite </application> "
26709
#~ "Apache is a modular server. This implies that only the most basic "
26710
#~ "functionality is included in the core server. Extended features are "
26711
#~ "available through modules which can be loaded into Apache. By default, a "
26712
#~ "base set of modules is included in the server at compile-time. If the server "
26713
#~ "is compiled to use dynamically loaded modules, then modules can be compiled "
26714
#~ "separately, and added at any time using the LoadModule directive. Otherwise, "
26715
#~ "Apache must be recompiled to add or remove modules."
26717
#~ "Aphache 是一种模块化服务器。这意味着,只有最基本功能包括在核心服务器上。扩展功能都可以通过模块加载到 Apache "
26718
#~ "。默认情况下,服务器上编译时间包括基本模块化的设置。如果该服务器使用动态编译来加载模块,那么该模块可以单独编译,并在任何时候增加使用加载模块指令。否则, "
26719
#~ "必须重新编译 Apache 来添加或卸载模块。"
26722
#~ "The <emphasis>ErrorDocument</emphasis> directive allows you to specify a "
26723
#~ "file for Apache to use for specific error events. For example, if a user "
26724
#~ "requests a resource that does not exist, a 404 error will occur, and per "
26725
#~ "Apache2's default configuration, the file "
26726
#~ "<filename>/usr/share/apache2/error/HTTP_NOT_FOUND.html.var </filename> will "
26727
#~ "be displayed. That file is not in the server's DocumentRoot, but there is an "
26728
#~ "Alias directive in <filename>/etc/apache2/apache2.conf</filename> that "
26729
#~ "redirects requests to the /error directory to "
26730
#~ "<filename>/usr/share/apache2/error/</filename>."
26732
#~ "这<emphasis>错误文档</emphasis>指令允许你指定 Apache 使用特定错误事件文档。例如,如果用户请求某资源不存在,就会出现 404 "
26733
#~ "错误,每个 Apache2 的设置都会默认显示 <filename> "
26734
#~ "/usr/share/apache2/error/HTTP_NOT_FOUND.html.var "
26735
#~ "</filename>文件。此文件不存放在服务器的启动文档里,但有个别名指令在<filename>/etc/apache2/apache2.conf</f"
26736
#~ "ilename> 重定向请求从 /error 目录到<filename>/usr/share/apache2/error/</filename>。"
26739
#~ "<emphasis>sites-available:</emphasis> this directory has configuration files "
26740
#~ "for Apache <emphasis>Virtual Hosts</emphasis>. Virtual Hosts allow Apache2 "
26741
#~ "to be configured for multiple sites that have separate configurations."
26743
#~ "<emphasis>sites-available:</emphasis>此目录已为 Apache 配置文件 <emphasis> 虚拟主机 "
26744
#~ "</emphasis>。虚拟主机允许 Apache2 为多站点安装文件所配置。"
26747
#~ "With vmbuilder, there is no need to download a JeOS ISO anymore. vmbuilder "
26748
#~ "will fetch the various package and build a virtual machine tailored for our "
26749
#~ "need in about a minute for us. Vmbuilder is a Script that automates the "
26750
#~ "process of creating a ready to use Linux based VM. The currently supported "
26751
#~ "hypervisors are KVM and Xen."
26753
#~ "使用 vmbuilder,没必要再下载 JeOS 的 ISO 。vmbuilder "
26754
#~ "将会获取不同安装包,并在大约一分钟内为我们建立虚拟机。Vmbuilder 是个自动化过程创建个准备基于 VM 来使用的 Linux "
26755
#~ "脚本。当前脚本支持虚拟机监视器的 KVM 和 Xen。"
26758
#~ "First introduced as a shell script in Ubuntu 8.04LTS, <application>ubuntu-vm-"
26759
#~ "builder</application> started with little emphasis as a hack to help "
26760
#~ "developers test their new code in a virtual machine without having to "
26761
#~ "restart from scratch each time. As a few Ubuntu administrators started to "
26762
#~ "notice this script, a few of them went on improving it and adapting it for "
26763
#~ "so many use case that Soren Hansen (the author of the script and Ubuntu "
26764
#~ "virtualization specialist, not the golf player) decided to rewrite it from "
26765
#~ "scratch for Intrepid as a python script with a few new design goals:"
26767
#~ "首次在 Ubuntu 的 8.04LTS 版本 做为 shell 脚本来介绍, <application>ubuntu-vm-"
26768
#~ "builder</application>开始强调做为测试员去帮助开发人员在虚拟机上测试新的代码而不用每次都从头开始重新启动。少数 Ubuntu "
26769
#~ "的管理员开始注意这脚本,在这么多使用的情况下他们一些人继续改进和调整,索伦汉森( Ubuntu "
26770
#~ "虚拟专家和脚本作者,并非高尔夫球员)决定为一些新的设计目标重写做为 python 脚本的 Intrepid 。"
26773
#~ "For more <application>smbclient</application> options see the man page: "
26774
#~ "<command>man smbclient</command>, also available <ulink "
26775
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
26776
#~ "nline</ulink>."
26778
#~ "更多<application>smbclient</application> 选项请浏览 man 页面:<command>man "
26779
#~ "smbclient</command>,也可以参考<ulink "
26780
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
26781
#~ "nline</ulink>。"
26784
#~ "The <application>mount.cifs</application><ulink "
26785
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
26786
#~ "man page</ulink> is also useful for more detailed information."
26788
#~ "<application>mount.cifs</application><ulink "
26789
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
26790
#~ "man 页面</ulink>在更多细节信息里也同样重要。"
26796
#~ " Allows to specify a partition table in partfile each line of partfile "
26797
#~ "should specify\n"
26798
#~ " (root first):\n"
26799
#~ " mountpoint size\n"
26800
#~ " where size is in megabytes. You can have up to 4 virtual disks, a new "
26801
#~ "disk starts on a\n"
26802
#~ " line with ’---’. ie :\n"
26812
#~ " Allows to specify a partition table in partfile each line of partfile "
26813
#~ "should specify\n"
26814
#~ " (root first):\n"
26815
#~ " mountpoint size\n"
26816
#~ " where size is in megabytes. You can have up to 4 virtual disks, a new disk "
26818
#~ " line with ’---’. ie :\n"
26827
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
26828
#~ "o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
26829
#~ "-user user --name user --pass default"
26831
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
26832
#~ "o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
26833
#~ "-user user --name user --pass default"
26836
#~ "This is done using vmbuilder by specifying the --addpkg command multiple "
26838
#~ msgstr "这样做是多次使用 vmbuilder 来指定 --addpkg 命令:"
26841
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
26842
#~ "\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
26843
#~ "user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
26844
#~ "mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
26845
#~ "dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
26846
#~ "addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
26847
#~ "addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
26848
#~ "upgrades --addpkg acpid --ppa nijaba \\ --mirror "
26849
#~ "http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
26850
#~ "firstlogin login.sh es"
26852
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
26853
#~ "\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
26854
#~ "user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
26855
#~ "mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
26856
#~ "dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
26857
#~ "addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
26858
#~ "addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
26859
#~ "upgrades --addpkg acpid --ppa nijaba \\ --mirror "
26860
#~ "http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
26861
#~ "firstlogin login.sh es"
26866
#~ "#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
26869
#~ "#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
26872
#~ "<emphasis>sites-enabled:</emphasis> like mods-enabled, <filename "
26873
#~ "role=\"directory\">sites-enabled</filename> contains symlinks to the "
26874
#~ "<filename>/etc/apache2/sites-available</filename> directory. Similarly when "
26875
#~ "a configuration file in sites-available is symlinked it will be active once "
26876
#~ "Apache is restarted."
26878
#~ "<emphasis>sites-enabled:</emphasis>跟mods-enabled一样,<filename "
26879
#~ "role=\"directory\">sites-enabled</filename>包含了指向 "
26880
#~ "<filename>/etc/apache2/sites-available</filename>符号链接的目录。类似于当链接了sites-"
26881
#~ "available 的配置文件时,这个配置会在Apache重新启动的时候产生作用。"
26884
#~ "The above configuration snippet assumes that Subversion repositories are "
26885
#~ "created under <filename>/home/svn/</filename> directory using "
26886
#~ "<command>svnadmin</command> command. They can be accessible using "
26887
#~ "<command>htpp://hostname/svn/repos_name</command> url."
26889
#~ "上面的配置片段中,假设用命令<command>svnadmin</command>来把Subversion库创建到目录<filename>/home/sv"
26890
#~ "n/</filename>下. 然后就可以用地址http://hostname/svn/repos_name</command>来访问."
26893
#~ "Installing likewise-open5 over an existing likewise-open (4.1) installation "
26894
#~ "will replace it. You will have to rejoin the domain after install."
26895
#~ msgstr "在现有的 likewise-open (4.1) 基础上安装 likewise-open5 会替换它。安装后您需要重新加入域。"
26898
#~ "With Ubuntu 9.04 <application>Likewise Open 5.0</application> is available "
26899
#~ "in the <emphasis>Universe</emphasis> repository. However, since upgrading "
26900
#~ "from <application>Likewise Open 4.1</application> currently requires the "
26901
#~ "system to leave the domain and re-join, a separate package for version five "
26904
#~ "在 Ubuntu 9.04 中 <application>Likewise Open 5.0</application> 可从 "
26905
#~ "<emphasis>Universe</emphasis> 软件源获得。然而,由于目前直接从 <application>Likewise Open "
26906
#~ "4.1</application> 升级会要求系统离开和重新加入域,创建了版本 5 的独立软件包。"
26908
#~ msgid "To install <application>Likewise Open 5.0</application> enter:"
26909
#~ msgstr "要安装 <application>Likewise Open 5.0</application> 请输入:"
26911
#~ msgid "sudo apt-get install likewise-open5"
26912
#~ msgstr "sudo apt-get install likewise-open5"
26914
#~ msgid "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
26915
#~ msgstr "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
26917
#~ msgid "Finally, restart <application>eucalyptus-nc</application>:"
26918
#~ msgstr "首先,重新启动<application>eucalyptus-nc</application>:"
26921
#~ "The mirror address specified here will also be used in the "
26922
#~ "<filename>/etc/apt/source.list</filename> of the newly created guest, so it "
26923
#~ "is usefull to specify here an address that can be resolved by the guest or "
26924
#~ "to plan on reseting this address later on, such as in a <emphasis>--"
26925
#~ "firstboot</emphasis> script."
26927
#~ "这里指定的镜像地址同样会被使用在新建立的来宾帐号的<filename>/etc/apt/source.list</filename>文件中,因此如果需要来"
26928
#~ "宾帐号能够得到或者需要某个地址在以后能够修改的话,这是一个有用的办法,比如在一个<emphasis>-firstboot</emphasis>脚本中。"
26931
#~ "When vmbuilder creates builds your system, it has to go fetch each one of "
26932
#~ "the packages that composes it over the network to one of the official "
26933
#~ "repositories, which, depending on your internet connection speed and the "
26934
#~ "load of the mirror, can have a big impact on the actual build time. In order "
26935
#~ "to reduce this, it is recommended to either have a local repository (which "
26936
#~ "can be created using <application>apt-mirror</application>) or using a "
26937
#~ "caching proxy such as <application>apt-cache</application>. The later option "
26938
#~ "being much simpler to implement and requiring less disk space, it is the one "
26939
#~ "we will pick in this tutorial. To install it, simply type:"
26941
#~ "当vmbuilder创建您的系统时,它需要通过网络从官方源中的一个取得数据然后组合成各个包,这个过程的长短取决于您的互联网连接的速度和镜像的加载速度,这可"
26942
#~ "能对实际的创建时间产生巨大的影响。为了减少这个时间,就需要拥有一个本地源(可以通过使用<application>apt-"
26943
#~ "mirror</application>)或者使用一个缓冲代理,例如<application>apt-"
26944
#~ "cache</application>。后者是一种更简单的方法来实现更少的磁盘空间占用,这个就是我们将要在指导里面介绍的方法。要安装它,只需键入:"
26946
#~ msgid "Eucalyptus"
26947
#~ msgstr "Encalyptus"
26950
#~ "The Cloud Computing environment will consist of three components, typically "
26951
#~ "installed on at least two separate machines (termed the 'front-end' and "
26952
#~ "'node(s)' for the rest of this document):"
26953
#~ msgstr "云计算环境将包含三个组件,典型的会被安装在至少两个单独的机器上(termed“前端”和“节点”在这个文档的剩余部分)"
26956
#~ "This section will cover setting up a Cloud Computing environment using "
26957
#~ "<application>Eucalyptus</application> with <application>KVM</application>. "
26958
#~ "For more information on KVM see <xref linkend=\"libvirt\"/>."
26960
#~ "这一节将介绍如何使用<application>Eucalyptus</application>结合<application>KVM</applicatio"
26961
#~ "n>来实现一个云计算环境。更多关于KVM的信息,请参阅<xref linkend=\"libvirt\"/>。"
26964
#~ "<emphasis>Eucalyptus</emphasis> is an open-source software infrastructure "
26965
#~ "for implementing \"cloud computing\" on your own clusters. "
26966
#~ "<emphasis>Eucalyptus</emphasis> allows you to create your own cloud "
26967
#~ "computing environment in order to maximize computing resources and provide a "
26968
#~ "cloud computing environment to your users."
26970
#~ "<emphasis>Encalyptus</emphasis>是一个用来提供在您自己的簇上实现云计算的基础的开源软件。<emphasis>Eucalypt"
26971
#~ "us</emphasis>允许您生成自己的云计算环境来最大化计算资源,并给您的用户提供一个云计算环境。"
26974
#~ "The simple <emphasis>System</emphasis> networking option will be used by "
26975
#~ "default. This network method allows virtual machine instances, to obtain IP "
26976
#~ "addresses from the local LAN, assuming that a DHCP server is properly "
26977
#~ "configured on the LAN to hand out IPs dynamically to VMs that request them. "
26978
#~ "Each node will be configured for bridge networking. For more details see "
26979
#~ "<xref linkend=\"bridging\"/>."
26981
#~ "简单的<emphasis>System</emphasis>网络选项会被默认使用。这个方法允许虚拟机实例从本地局域网得到IP地址,假设一个经过适当配置的D"
26982
#~ "HCP服务器工作在局域网里面来为虚拟机动态的产生IP地址。每个节点会被设置成桥状网络工作的模式。更多细节,请参见<xref "
26983
#~ "linkend=\"bridging\"/>"
26986
#~ "<emphasis>One or more Compute Nodes:</emphasis> runs the Node Controller "
26987
#~ "component of Eucalyptus, which allows the machine to be part of the cloud as "
26988
#~ "a host for VMs."
26990
#~ "<emphasis>一个或者更多计算节点:</emphasis>运行在Eucalyptus的节点控制器上,这样一台机器就可以作为一个虚拟机的宿主而成为一个"
26994
#~ "<emphasis>One Front-End:</emphasis> hosts one Cloud Controller, a Java based "
26995
#~ "Web configuration interface, and a Cluster Controller, which determines "
26996
#~ "where virtual machines (VMs) will be housed and manages cluster level VM "
26999
#~ "<emphasis>一个 Front-"
27000
#~ "End:</emphasis>拥有一个云控制器,这是一个基于Java的Web设置界面,还有一个簇控制器,用来定义虚拟机将在那里被封装,并管理簇级别的VM网"
27004
#~ "In the web interface's <emphasis>\"Configuration\"</emphasis> tab, add a "
27005
#~ "cluster under the <emphasis>\"Clusters\"</emphasis> heading (in this "
27006
#~ "configuration, the cluster controller is on the same system as the cloud "
27007
#~ "controller, so entering 'localhost' as the cluster hostname is correct). "
27008
#~ "Once the form is filled out click the <emphasis>\"Add Cluster\"</emphasis> "
27011
#~ "在Web界面中的<emphasis>“设置”</emphasis>标签中,在<emphasis>“簇”</emphasis>添加一个簇(在这个设置中,因为"
27012
#~ "簇控制器和云控制器处在同一个系统上,所以簇的主机名只要输入\"localhost\"就可以了)。填写完毕之后,点击<emphasis>“添加簇”</emp"
27016
#~ "Once the installation is complete, and it may take a while, in a browser go "
27017
#~ "to <emphasis>https://front-end:8443</emphasis> and login to the "
27018
#~ "administration interface using the default username and password of "
27019
#~ "<emphasis>admin</emphasis>. You will then be prompted to change the "
27020
#~ "password, configure an email address for the admin user, and set the storage "
27023
#~ "一旦安装完成,就需要花点时间,打开浏览器,转到<emphasis>http://front-"
27024
#~ "end:8443</emphasis>然后使用默认的用户名和密码登录到管理员界面(默认用户名和密码是<emphasis>admin</emphasis>)"
27025
#~ "。这时您将被提示修改密码,设置管理员用户的Email地址和存储器URL"
27028
#~ "First, on the <emphasis>Front-End</emphasis> install the appropriate "
27029
#~ "packages. In a terminal prompt on the Front-End enter:"
27030
#~ msgstr "首先,在<emphasis>Front-End</emphasis>安装所需的包,在一个Front-End的终端提示中输入:"
27033
#~ "Now, back on the <emphasis>Front-End</emphasis>, add the nodes to the "
27035
#~ msgstr "现在,返回到<emphasis>Front-End</emphasis>,添加节点到簇。"
27038
#~ "Next, on the each <emphasis>Compute Node</emphasis> install the node "
27039
#~ "controller package. In a terminal prompt on each Compute Node enter:"
27040
#~ msgstr "接下来,在每个<emphasis>计算节点</emphasis>安装节点控制包,在每个计算节点的终端提示中输入;"
27042
#~ msgid "sudo apt-get install eucalyptus-nc"
27043
#~ msgstr "sudo apt-get install eucalyptus-nc"
27046
#~ "See the <ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus "
27047
#~ "website</ulink> for more information."
27049
#~ "更多信息,请参见<ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus 网站</ulink>"
27052
#~ "<application>Eucalyptus</application> is now ready to host images on the "
27054
#~ msgstr "<application>Eucalyptus</application>现在已经准备host image on the cloud。"
27059
#~ "VNET_INTERFACE=\"br0\"\n"
27061
#~ "VNET_BRIDGE=\"br0\"\n"
27064
#~ "VNET_INTERFACE=\"br0\"\n"
27066
#~ "VNET_BRIDGE=\"br0\"\n"
27069
#~ "Be sure to replace <emphasis>nodecontroller</emphasis>, "
27070
#~ "<emphasis>node01</emphasis>, and <emphasis>node02</emphasis> with actual "
27073
#~ "一定要使用真实的主机名来替换<emphasis>nodecontroller</emphasis>,<emphasis>node01</emphasis>"
27074
#~ "和<emphasis>node02</emphasis>。"
27076
#~ msgid "sudo /etc/init.d/eucalyptus-nc restart"
27077
#~ msgstr "sudo /etc/init.d/eucalyptus-nc restart"
27080
#~ "You will then be prompted to log into your Node, install the "
27081
#~ "<application>eucalyptus-nc</application> package, and add the "
27082
#~ "<emphasis>eucalyptus</emphasis> user's ssh key to the node's "
27083
#~ "<filename>authorized_keys</filename> file, and confirm authenticity of the "
27084
#~ "host's OpenSSH RSA key fingerprint. Finally, the command will complete by "
27085
#~ "synchronizing the eucalyptus component keys and node registration is "
27088
#~ "您这时将会被提示来登录您的节点,安装<application>eucalyptus-"
27089
#~ "nc</application>包,然后添加<emphasis>eucalyptus</emphasis>用户的ssh键到节点的<filename>aut"
27090
#~ "horized_keys</filename>文件,然后确认主机的OpenSSH "
27091
#~ "RSA的键指印的正确性。最后,命令将会同步encalyptus组建的键,这样节点的注册就结束了。"
27094
#~ "On the Node, the <filename>/etc/eucalyptus/eucalyptus.conf</filename> "
27095
#~ "configuration file will need editing to use your node's bridge interface "
27096
#~ "(assuming here that the interface is named <emphasis>'br0'</emphasis>):"
27098
#~ "在节点上,配置文件<filename>/etc/eucalyptus/eucalyptus.conf</filename>需要进行编辑来使用您自己的桥接口"
27099
#~ "(假设这里的那个接口被命名为<emphasis>“br0”</emphasis>):"
27101
#~ msgid "sudo euca_conf -addnode hostname_of_node"
27102
#~ msgstr "sudo euca_conf -addnode hostname_of_node"
27105
#~ "Ubuntu installs GNU GRUB as its default boot loader, which allows for great "
27106
#~ "flexibility and recovery options. For example, when you install additional "
27107
#~ "kernel images, these are automatically added as available boot options in "
27108
#~ "the <application>grub</application> menu. Also, by default, alternate boot "
27109
#~ "options are available for each kernel entry that may be used for system "
27110
#~ "recovery, aptly labeled (recovery mode). Recovery mode simply boots the "
27111
#~ "corresponding kernel image into single user mode (init 1), which lands the "
27112
#~ "administrator at a root prompt without the need for any password."
27115
#~ "GRUB作为它的默认的启动装载器,它有很强的灵活性和很多修复选项。比如说说,当你安装了附加的内核镜像,它们将作为可选的启动项被自动地添加到<applica"
27116
#~ "tion>grub</application>菜单。同时,默认情况下,文本启动选项对每个交替内核用于系统还原都适用,一般添加有标签(安全模式)。安全模式只"
27117
#~ "是启动进入相应内核镜像的单用户模式(init 1),在这种情况下,管理员仅仅得到一个root提示,而不需要输入密码。"
27120
#~ "You can prevent these actions by adding a password to GRUB's configuration "
27121
#~ "file of <filename>/boot/grub/menu.lst</filename>, which will be required to "
27122
#~ "unlock GRUB's more advanced features prior to use."
27124
#~ "你可以通过给GRUB的配置文件<filename>/boot/grub/menu.list</filename>添加一个密码来防止这种现象,操作前会被要求"
27128
#~ "Add the resulting hash value to the file "
27129
#~ "<filename>/boot/grub/menu.lst</filename> in the following format:"
27130
#~ msgstr "以下面的这种格式添加哈希的结果到文件<filename>/boot/grub/menu.list</filename>:"
27132
#~ msgid "chmod 644 .ssh/authorized_keys"
27133
#~ msgstr "chmod 644 .ssh/authorized_keys"
27135
#~ msgid "Finally, update the MOTD:"
27136
#~ msgstr "最后,更新MOTD:"
27139
#~ "sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
27141
#~ "sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
27144
#~ "First, copy the <filename>easy-rsa</filename> directory to "
27145
#~ "<filename>/etc/openvpn</filename>. This will ensure that any changes to the "
27146
#~ "scripts will not be lost when the package is updated. From a terminal enter:"
27148
#~ "首先,将目录<filename>easy-"
27149
#~ "rsa</filename>复制到<filename>/etc/openvpn</filename>。这么做会保证对脚本的任何更改不会因为软件包的更新而丢"
27152
#~ msgid "cd /etc/openvpn/easy-rsa/easy-rsa"
27153
#~ msgstr "cd /etc/openvpn/easy-rsa/easy-rsa"
27155
#~ msgid "/etc/openvpn/easy-rsa/hostname.crt"
27156
#~ msgstr "/etc/openvpn/easy-rsa/hostname.crt"
27158
#~ msgid "/etc/openvpn/easy-rsa/hostname.key"
27159
#~ msgstr "/etc/openvpn/easy-rsa/hostname.key"
27161
#~ msgid "/etc/openvpn/easy-rsa/ta.key"
27162
#~ msgstr "/etc/openvpn/easy-rsa/ta.key"
27164
#~ msgid "/etc/openvpn/easy-rsa/hostname.ovpn"
27165
#~ msgstr "/etc/openvpn/easy-rsa/hostname.ovpn"
27167
#~ msgid "/etc/openvpn/easy-rsa/ca.crt"
27168
#~ msgstr "/etc/openvpn/easy-rsa/ca.crt"
27173
#~ "local 172.18.100.101\n"
27175
#~ "server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
27176
#~ "push \"route 172.18.100.1 255.255.255.0\"\n"
27177
#~ "push \"dhcp-option DNS 172.18.100.20\"\n"
27178
#~ "push \"dhcp-option DOMAIN example.com\"\n"
27179
#~ "tls-auth ta.key 0 # This file is secret\n"
27181
#~ "group nogroup\n"
27184
#~ "local 172.18.100.101\n"
27186
#~ "server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
27187
#~ "push \"route 172.18.100.1 255.255.255.0\"\n"
27188
#~ "push \"dhcp-option DNS 172.18.100.20\"\n"
27189
#~ "push \"dhcp-option DOMAIN example.com\"\n"
27190
#~ "tls-auth ta.key 0 # This file is secret\n"
27192
#~ "group nogroup\n"
27195
#~ "Edit <filename>etc/openvpn/server.conf</filename> changing the following "
27197
#~ msgstr "编辑<filename>etc/openvpn/server.conf</filename>将以下选项更改成:"
27200
#~ "With the server configured and the client certificates copied over, create a "
27201
#~ "client configuration file by copying the example. In a terminal on the "
27202
#~ "client machine enter:"
27203
#~ msgstr "在服务器配置完后,客户端证书也复制了后,通过复制示例文件来创建一个客户端配置文件。在客户端的终端输入:"
24560
27206
#~ "There are several ways to automate the Ubuntu installation process, for "
24561
27207
#~ "example using preseeds, kickstart, etc. Refer to the <ulink "
24562
#~ "url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu Installation "
27208
#~ "url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
24563
27209
#~ "Guide</ulink> for details."
24565
#~ "有很多种方式来让ubuntu的安装自动进行,比如使用preseeds,kickstart等等. 详情请参见<ulink "
24566
#~ "url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu 安装指南</ulink>."
27211
#~ "有几种方法可以让Ubuntu的安装实现自动化,如使用preseeds, kickstart等等。详细信息请查看<ulink "
27212
#~ "url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
27213
#~ "Guide</ulink>。"
27216
#~ "As this example is based on <application>KVM</application> and Ubuntu 9.10 "
27217
#~ "(Karmic Koala), and we are likely to rebuild the same virtual machine "
27218
#~ "multiple time, we'll invoke vmbuilder with the following first parameters:"
27220
#~ "因为此例是基于<application>KVM</application>和Ubuntu 9.10 (Karmic "
27221
#~ "Koala),我们可以多次重建同样的虚拟机,我们可以使用以下的参数来调用vmbuilder:"
24571
#~ " workgroup = EXAMPLE\n"
24573
#~ " security = domain\n"
24576
#~ " workgroup = EXAMPLE\n"
24578
#~ " security = domain\n"
27226
#~ "deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27228
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27231
#~ "deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27232
#~ "universe multiverse \n"
27233
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27234
#~ "universe multiverse \n"
27236
#~ "deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
27237
#~ "universe multiverse \n"
27238
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
27239
#~ "universe multiverse \n"
27241
#~ "deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
27242
#~ "universe multiverse \n"
27243
#~ "/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
27244
#~ "universe multiverse \n"
27246
#~ "deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27247
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27249
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27250
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27254
#~ "deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27256
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27259
#~ "deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27260
#~ "universe multiverse \n"
27261
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27262
#~ "universe multiverse \n"
27264
#~ "deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
27265
#~ "universe multiverse \n"
27266
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
27267
#~ "universe multiverse \n"
27269
#~ "deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
27270
#~ "universe multiverse \n"
27271
#~ "/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
27272
#~ "universe multiverse \n"
27274
#~ "deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27275
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27277
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27278
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27282
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
27283
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
27285
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
27286
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
27289
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27290
#~ "libvirt qemu:///system --ip 192.168.0.100"
27292
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27293
#~ "libvirt qemu:///system --ip 192.168.0.100"
27296
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27297
#~ "libvirt qemu:///system"
27299
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27300
#~ "libvirt qemu:///system"
27303
#~ "This chapter provides an overview of security related topics as they pertain "
27304
#~ "to Ubuntu 9.10 Server Edition, and outlines simple measures you may use to "
27305
#~ "protect your server and network from any number of potential security "
27307
#~ msgstr "本章提供了有关Ubuntu 9.10服务器版本安全相关话题的概述,并概要的介绍了一些用来保护你的服务器和网络不受潜在安全威胁的简单措施。"