« back to all changes in this revision
Viewing changes to serverguide/po/zh_CN.po
- browse files at revision 91
- compare with another revision
- download diff
- download tarball
- view history from revision 91
- Committer: Bazaar Package Importer
- Author(s): Matthew East
- Date: 2010-04-18 21:06:41 UTC
- Revision ID: james.westby@ubuntu.com-20100418210641-ee4gokf3dfkak6j8
Tags: 10.04.3
* Import translations from Rosetta
* Replace old Ubuntu logo with new one from wiki:Brand (LP: #551058)
* Replace old Ubuntu logo with new one from wiki:Brand (LP: #551058)
- files added:
- about-ubuntu/po/om.po
- files modified:
- about-ubuntu/po/about-ubuntu.pot
added
removed
serverguide/po/zh_CN.po
7
7
msgstr ""
8
8
"Project-Id-Version: ubuntu-docs\n"
9
9
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
10
"POT-Creation-Date: 2009-10-04 21:24+0100\n"
11
"PO-Revision-Date: 2009-10-15 00:27+0000\n"
10
"POT-Creation-Date: 2010-03-29 08:26+0100\n"
11
"PO-Revision-Date: 2010-03-29 21:58+0000\n"
12
12
"Last-Translator: EAdam <liuannan@hotmail.com>\n"
13
13
"Language-Team: Chinese (China) <zh_CN@li.org>\n"
14
14
"MIME-Version: 1.0\n"
15
15
"Content-Type: text/plain; charset=UTF-8\n"
16
16
"Content-Transfer-Encoding: 8bit\n"
17
"X-Launchpad-Export-Date: 2009-10-16 07:28+0000\n"
17
"X-Launchpad-Export-Date: 2010-04-17 14:53+0000\n"
18
18
"X-Generator: Launchpad (build Unknown)\n"
19
19
20
20
#: serverguide/C/serverguide-C.omf:6(creator) serverguide/C/serverguide-C.omf:7(maintainer)
31
31
32
32
#: serverguide/C/windows-networking.xml:13(title)
33
33
msgid "Windows Networking"
34
msgstr "Windows 网络"
34
msgstr "Windows 联网"
35
35
36
36
#: serverguide/C/windows-networking.xml:15(para)
37
37
msgid ""
49
49
"class=\"registered\">Windows</trademark> 这两个系统协同工作。<phrase>Ubuntu</phrase> "
50
50
"服务器指南中的这部分内容将向你介绍 Ubuntu 服务器的原理及配置所用工具,以便同 Windows 计算机共享网络资源。"
51
51
52
#: serverguide/C/windows-networking.xml:25(title) serverguide/C/virtualization.xml:397(title) serverguide/C/security.xml:412(title) serverguide/C/remote-administration.xml:22(title) serverguide/C/package-management.xml:20(title) serverguide/C/introduction.xml:13(title)
52
#: serverguide/C/windows-networking.xml:25(title) serverguide/C/virtualization.xml:402(title) serverguide/C/security.xml:354(title) serverguide/C/remote-administration.xml:22(title) serverguide/C/package-management.xml:20(title) serverguide/C/introduction.xml:13(title)
53
53
msgid "Introduction"
54
54
msgstr "简介"
55
55
138
138
"服务器将被配置为不需要密码即可与网络上任何客户端共享文件。如果您的环境要求更严格的访问控制,请看<xref linkend=\"samba-"
139
139
"fileprint-security\"/>"
140
140
141
#: serverguide/C/windows-networking.xml:83(title) serverguide/C/windows-networking.xml:282(title) serverguide/C/windows-networking.xml:1279(title) serverguide/C/web-servers.xml:41(title) serverguide/C/web-servers.xml:669(title) serverguide/C/web-servers.xml:804(title) serverguide/C/web-servers.xml:925(title) serverguide/C/vpn.xml:33(title) serverguide/C/virtualization.xml:62(title) serverguide/C/virtualization.xml:1341(title) serverguide/C/vcs.xml:28(title) serverguide/C/vcs.xml:86(title) serverguide/C/vcs.xml:402(title) serverguide/C/remote-administration.xml:52(title) serverguide/C/remote-administration.xml:220(title) serverguide/C/network-config.xml:603(title) serverguide/C/network-auth.xml:52(title) serverguide/C/network-auth.xml:1244(title) serverguide/C/network-auth.xml:1749(title) serverguide/C/network-auth.xml:2140(title) serverguide/C/monitoring.xml:42(title) serverguide/C/monitoring.xml:423(title) serverguide/C/mail.xml:40(title) serverguide/C/mail.xml:478(title) serverguide/C/mail.xml:651(title) serverguide/C/mail.xml:795(title) serverguide/C/mail.xml:1284(title) serverguide/C/lamp-applications.xml:108(title) serverguide/C/lamp-applications.xml:282(title) serverguide/C/lamp-applications.xml:398(title) serverguide/C/installation.xml:13(title) serverguide/C/installation.xml:908(title) serverguide/C/file-server.xml:342(title) serverguide/C/file-server.xml:454(title) serverguide/C/dns.xml:23(title) serverguide/C/databases.xml:40(title) serverguide/C/databases.xml:159(title) serverguide/C/chat.xml:37(title) serverguide/C/chat.xml:136(title) serverguide/C/backups.xml:593(title)
141
#: serverguide/C/windows-networking.xml:83(title) serverguide/C/windows-networking.xml:287(title) serverguide/C/windows-networking.xml:1302(title) serverguide/C/web-servers.xml:41(title) serverguide/C/web-servers.xml:675(title) serverguide/C/web-servers.xml:816(title) serverguide/C/web-servers.xml:940(title) serverguide/C/vpn.xml:33(title) serverguide/C/virtualization.xml:62(title) serverguide/C/virtualization.xml:2014(title) serverguide/C/vcs.xml:28(title) serverguide/C/vcs.xml:86(title) serverguide/C/vcs.xml:405(title) serverguide/C/remote-administration.xml:52(title) serverguide/C/remote-administration.xml:233(title) serverguide/C/network-config.xml:937(title) serverguide/C/network-auth.xml:52(title) serverguide/C/network-auth.xml:1581(title) serverguide/C/network-auth.xml:2092(title) serverguide/C/network-auth.xml:2483(title) serverguide/C/monitoring.xml:42(title) serverguide/C/monitoring.xml:428(title) serverguide/C/mail.xml:40(title) serverguide/C/mail.xml:496(title) serverguide/C/mail.xml:674(title) serverguide/C/mail.xml:823(title) serverguide/C/mail.xml:1315(title) serverguide/C/lamp-applications.xml:108(title) serverguide/C/lamp-applications.xml:287(title) serverguide/C/lamp-applications.xml:423(title) serverguide/C/installation.xml:13(title) serverguide/C/installation.xml:957(title) serverguide/C/file-server.xml:347(title) serverguide/C/file-server.xml:462(title) serverguide/C/dns.xml:23(title) serverguide/C/databases.xml:40(title) serverguide/C/databases.xml:164(title) serverguide/C/chat.xml:37(title) serverguide/C/chat.xml:141(title) serverguide/C/backups.xml:593(title)
142
142
msgid "Installation"
143
143
msgstr "安装"
144
144
148
148
"From a terminal prompt enter:"
149
149
msgstr "第一步是安装samba软件包。在终端提示符键入:"
150
150
151
#: serverguide/C/windows-networking.xml:90(command) serverguide/C/windows-networking.xml:294(command)
151
#: serverguide/C/windows-networking.xml:90(command) serverguide/C/windows-networking.xml:299(command)
152
152
msgid "sudo apt-get install samba"
153
153
msgstr "sudo apt-get install samba"
154
154
156
156
msgid ""
157
157
"That's all there is to it; you are now ready to configure Samba to share "
158
158
"files."
159
msgstr "这是唯一需要做的;现在您可以配置 Samba去共享文件了。"
159
msgstr "这是唯一需要做的;现在您可以通过配置 Samba 来共享文件了。"
160
160
161
#: serverguide/C/windows-networking.xml:99(title) serverguide/C/windows-networking.xml:299(title) serverguide/C/web-servers.xml:61(title) serverguide/C/web-servers.xml:720(title) serverguide/C/web-servers.xml:815(title) serverguide/C/web-servers.xml:952(title) serverguide/C/web-servers.xml:1046(title) serverguide/C/vpn.xml:137(title) serverguide/C/virtualization.xml:1226(title) serverguide/C/virtualization.xml:1415(title) serverguide/C/vcs.xml:39(title) serverguide/C/vcs.xml:420(title) serverguide/C/remote-administration.xml:74(title) serverguide/C/remote-administration.xml:245(title) serverguide/C/package-management.xml:365(title) serverguide/C/network-config.xml:625(title) serverguide/C/network-auth.xml:88(title) serverguide/C/network-auth.xml:1788(title) serverguide/C/network-auth.xml:2161(title) serverguide/C/monitoring.xml:187(title) serverguide/C/monitoring.xml:449(title) serverguide/C/mail.xml:487(title) serverguide/C/mail.xml:661(title) serverguide/C/mail.xml:880(title) serverguide/C/mail.xml:1309(title) serverguide/C/lamp-applications.xml:128(title) serverguide/C/lamp-applications.xml:309(title) serverguide/C/lamp-applications.xml:428(title) serverguide/C/file-server.xml:355(title) serverguide/C/file-server.xml:480(title) serverguide/C/dns.xml:39(title) serverguide/C/databases.xml:84(title) serverguide/C/databases.xml:178(title) serverguide/C/clustering.xml:47(title) serverguide/C/chat.xml:57(title) serverguide/C/chat.xml:148(title) serverguide/C/backups.xml:616(title)
161
#: serverguide/C/windows-networking.xml:99(title) serverguide/C/windows-networking.xml:304(title) serverguide/C/web-servers.xml:61(title) serverguide/C/web-servers.xml:726(title) serverguide/C/web-servers.xml:827(title) serverguide/C/web-servers.xml:967(title) serverguide/C/web-servers.xml:1067(title) serverguide/C/vpn.xml:138(title) serverguide/C/virtualization.xml:2088(title) serverguide/C/vcs.xml:39(title) serverguide/C/vcs.xml:423(title) serverguide/C/remote-administration.xml:74(title) serverguide/C/remote-administration.xml:258(title) serverguide/C/package-management.xml:387(title) serverguide/C/network-config.xml:959(title) serverguide/C/network-auth.xml:2131(title) serverguide/C/network-auth.xml:2504(title) serverguide/C/monitoring.xml:187(title) serverguide/C/monitoring.xml:454(title) serverguide/C/mail.xml:505(title) serverguide/C/mail.xml:684(title) serverguide/C/mail.xml:908(title) serverguide/C/mail.xml:1344(title) serverguide/C/lamp-applications.xml:128(title) serverguide/C/lamp-applications.xml:314(title) serverguide/C/lamp-applications.xml:453(title) serverguide/C/file-server.xml:360(title) serverguide/C/file-server.xml:488(title) serverguide/C/dns.xml:39(title) serverguide/C/databases.xml:84(title) serverguide/C/databases.xml:183(title) serverguide/C/clustering.xml:47(title) serverguide/C/chat.xml:57(title) serverguide/C/chat.xml:153(title) serverguide/C/backups.xml:616(title)
162
162
msgid "Configuration"
163
163
msgstr "配置"
164
164
193
193
"首先,编辑<filename>/etc/samba/smb.conf</filename>文件中的<emphasis>[global]</emphasis"
194
194
">片段的键值对"
195
195
196
#: serverguide/C/windows-networking.xml:121(programlisting) serverguide/C/windows-networking.xml:306(programlisting) serverguide/C/windows-networking.xml:761(programlisting) serverguide/C/windows-networking.xml:975(programlisting)
196
#: serverguide/C/windows-networking.xml:121(programlisting) serverguide/C/windows-networking.xml:311(programlisting) serverguide/C/windows-networking.xml:776(programlisting) serverguide/C/windows-networking.xml:990(programlisting)
197
197
#, no-wrap
198
198
msgid ""
199
199
"\n"
323
323
"new configuration:"
324
324
msgstr "最后,为使新设定生效,请重启<application>samba</application>服务。"
325
325
326
#: serverguide/C/windows-networking.xml:218(command) serverguide/C/windows-networking.xml:326(command) serverguide/C/windows-networking.xml:458(command) serverguide/C/windows-networking.xml:557(command) serverguide/C/windows-networking.xml:922(command) serverguide/C/windows-networking.xml:1032(command) serverguide/C/windows-networking.xml:1142(command) serverguide/C/network-auth.xml:1523(command)
326
#: serverguide/C/windows-networking.xml:218(command) serverguide/C/windows-networking.xml:331(command) serverguide/C/windows-networking.xml:468(command) serverguide/C/windows-networking.xml:567(command) serverguide/C/windows-networking.xml:937(command) serverguide/C/windows-networking.xml:1047(command) serverguide/C/windows-networking.xml:1162(command) serverguide/C/network-auth.xml:1860(command)
327
327
msgid "sudo /etc/init.d/samba restart"
328
328
msgstr "sudo /etc/init.d/samba restart"
329
329
353
353
"为了创建更多的共享只需在文件 <filename>/etc/samba/smb.conf</filename>中的章节下写入新的路径,并重新启动 "
354
354
"<emphasis>Samba</emphasis>。只需要确定该目录要共享和当前的权限是正确的。"
355
355
356
#: serverguide/C/windows-networking.xml:243(title) serverguide/C/windows-networking.xml:336(title) serverguide/C/windows-networking.xml:686(title) serverguide/C/windows-networking.xml:1051(title) serverguide/C/windows-networking.xml:1253(title) serverguide/C/virtualization.xml:366(title) serverguide/C/virtualization.xml:1163(title) serverguide/C/remote-administration.xml:478(title) serverguide/C/network-config.xml:247(title) serverguide/C/network-config.xml:490(title) serverguide/C/network-auth.xml:1199(title) serverguide/C/network-auth.xml:1638(title) serverguide/C/network-auth.xml:2236(title) serverguide/C/network-auth.xml:2739(title) serverguide/C/installation.xml:848(title) serverguide/C/installation.xml:1124(title) serverguide/C/databases.xml:122(title) serverguide/C/databases.xml:268(title) serverguide/C/backups.xml:855(title)
356
#: serverguide/C/windows-networking.xml:243(title) serverguide/C/windows-networking.xml:341(title) serverguide/C/windows-networking.xml:696(title) serverguide/C/windows-networking.xml:1066(title) serverguide/C/windows-networking.xml:1273(title) serverguide/C/virtualization.xml:366(title) serverguide/C/virtualization.xml:1168(title) serverguide/C/reporting-bugs.xml:304(title) serverguide/C/remote-administration.xml:491(title) serverguide/C/network-config.xml:569(title) serverguide/C/network-config.xml:824(title) serverguide/C/network-auth.xml:1531(title) serverguide/C/network-auth.xml:1975(title) serverguide/C/network-auth.xml:2579(title) serverguide/C/network-auth.xml:3087(title) serverguide/C/installation.xml:892(title) serverguide/C/installation.xml:1173(title) serverguide/C/databases.xml:122(title) serverguide/C/databases.xml:273(title) serverguide/C/backups.xml:855(title)
357
357
msgid "Resources"
358
358
msgstr "资源"
359
359
360
#: serverguide/C/windows-networking.xml:247(para) serverguide/C/windows-networking.xml:340(para) serverguide/C/windows-networking.xml:690(para) serverguide/C/windows-networking.xml:1055(para)
360
#: serverguide/C/windows-networking.xml:247(para) serverguide/C/windows-networking.xml:345(para) serverguide/C/windows-networking.xml:700(para) serverguide/C/windows-networking.xml:1070(para)
361
361
msgid ""
362
362
"For in depth Samba configurations see the <ulink "
363
363
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/\">Samba HOWTO "
366
366
"要更深入地了解Samba设定请参阅<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
367
367
"Collection/\">Samba HOWTO Collection</ulink>"
368
368
369
#: serverguide/C/windows-networking.xml:253(para) serverguide/C/windows-networking.xml:346(para) serverguide/C/windows-networking.xml:696(para) serverguide/C/windows-networking.xml:1061(para)
369
#: serverguide/C/windows-networking.xml:253(para) serverguide/C/windows-networking.xml:351(para) serverguide/C/windows-networking.xml:706(para) serverguide/C/windows-networking.xml:1076(para)
370
370
msgid ""
371
371
"The guide is also available in <ulink "
372
372
"url=\"http://www.amazon.com/exec/obidos/tg/detail/-/0131882228\">printed "
375
375
"您也可以在<ulink url=\"http://www.amazon.com/exec/obidos/tg/detail/-"
376
376
"/0131882228\">printed format</ulink>查看帮助"
377
377
378
#: serverguide/C/windows-networking.xml:259(para) serverguide/C/windows-networking.xml:352(para)
378
#: serverguide/C/windows-networking.xml:259(para) serverguide/C/windows-networking.xml:357(para)
379
379
msgid ""
380
380
"O'Reilly's <ulink "
381
381
"url=\"http://www.oreilly.com/catalog/9780596007690/\">Using Samba</ulink> is "
385
385
"url=\"http://www.oreilly.com/catalog/9780596007690/\">Using Samba</ulink>是另一篇"
386
386
"很好的参考文章。"
387
387
388
#: serverguide/C/windows-networking.xml:269(title)
388
#: serverguide/C/windows-networking.xml:265(para) serverguide/C/windows-networking.xml:368(para) serverguide/C/windows-networking.xml:731(para) serverguide/C/windows-networking.xml:1100(para) serverguide/C/windows-networking.xml:1286(para)
389
msgid ""
390
"The <ulink url=\"https://help.ubuntu.com/community/Samba\">Ubuntu Wiki Samba "
391
"</ulink> page."
392
msgstr ""
393
394
#: serverguide/C/windows-networking.xml:274(title)
389
395
msgid "Samba Print Server"
390
396
msgstr "samba打印服务器"
391
397
392
#: serverguide/C/windows-networking.xml:271(para)
398
#: serverguide/C/windows-networking.xml:276(para)
393
399
msgid ""
394
400
"Another common use of Samba is to configure it to share printers installed, "
395
401
"either locally or over the network, on an Ubuntu server. Similar to <xref "
400
406
"另一种较常见的Samba应用是在Ubuntu服务器上安装共享打印机,无论是本地还是共享的。比如 <xref linkend=\"samba-"
401
407
"fileserver\"/> 这一节将配置Samba允许任何客户机安装使用本地网络上的打印机而不提示的用户名和密码。"
402
408
403
#: serverguide/C/windows-networking.xml:277(para)
409
#: serverguide/C/windows-networking.xml:282(para)
404
410
msgid ""
405
411
"For a more secure configuration see <xref linkend=\"samba-fileprint-"
406
412
"security\"/>."
407
413
msgstr "欲知更多关于安全设定的内容请查看<xref linkend=\"samba-fileprint-security\"/>"
408
414
409
#: serverguide/C/windows-networking.xml:284(para)
415
#: serverguide/C/windows-networking.xml:289(para)
410
416
msgid ""
411
417
"Before installing and configuring Samba it is best to already have a working "
412
418
"<application>CUPS</application> installation. See <xref linkend=\"cups\"/> "
415
421
"在安装和设定Samba之前最好安装一个能工作的<application>CUPS</application>。欲知详情请查看<xref "
416
422
"linkend=\"cups\"/>。"
417
423
418
#: serverguide/C/windows-networking.xml:289(para)
424
#: serverguide/C/windows-networking.xml:294(para)
419
425
msgid ""
420
426
"To install the <application>samba</application> package, from a terminal "
421
427
"enter:"
422
428
msgstr "要安装<application>samba</application>软件包,请在中断输入:"
423
429
424
#: serverguide/C/windows-networking.xml:300(para)
430
#: serverguide/C/windows-networking.xml:305(para)
425
431
msgid ""
426
432
"After installing samba edit <filename>/etc/samba/smb.conf</filename>. Change "
427
433
"the <emphasis>workgroup</emphasis> attribute to what is appropriate for your "
432
438
"<emphasis>workgroup</emphasis> 的属性。将 <emphasis>security</emphasis> 属性设置为 "
433
439
"<emphasis role=\"italic\">share</emphasis>:"
434
440
435
#: serverguide/C/windows-networking.xml:312(para)
441
#: serverguide/C/windows-networking.xml:317(para)
436
442
msgid ""
437
443
"In the <emphasis>[printers]</emphasis> section change the <emphasis>guest "
438
444
"ok</emphasis> option to <emphasis role=\"italic\">yes</emphasis>:"
440
446
"在 <emphasis>[printers]</emphasis> 一节中改变 <emphasis>guest ok</emphasis> 参数为 "
441
447
"<emphasis role=\"italic\">yes</emphasis>:"
442
448
443
#: serverguide/C/windows-networking.xml:316(programlisting)
449
#: serverguide/C/windows-networking.xml:321(programlisting)
444
450
#, no-wrap
445
451
msgid ""
446
452
"\n"
451
457
" browsable = yes\n"
452
458
" guest ok = yes\n"
453
459
454
#: serverguide/C/windows-networking.xml:321(para)
460
#: serverguide/C/windows-networking.xml:326(para)
455
461
msgid "After editing <filename>smb.conf</filename> restart Samba:"
456
462
msgstr "编辑<filename>smb.conf</filename>后重启 Samba:"
457
463
458
#: serverguide/C/windows-networking.xml:329(para)
464
#: serverguide/C/windows-networking.xml:334(para)
459
465
msgid ""
460
466
"The default Samba configuration will automatically share any printers "
461
467
"installed. Simply install the printer locally on your Windows clients."
462
468
msgstr "默认Samba设定将会自动共享安装的打印机。请在您的Windows客户端安装本地打印机。"
463
469
464
#: serverguide/C/windows-networking.xml:358(para)
470
#: serverguide/C/windows-networking.xml:363(para)
465
471
msgid ""
466
472
"Also, see the <ulink url=\"http://www.cups.org/\">CUPS Website</ulink> for "
467
473
"more information on configuring CUPS."
468
474
msgstr ""
469
475
"欲知更多关于CUPS的设定,请您参阅<ulink url=\"http://www.cups.org/\">CUPS Website</ulink>"
470
476
471
#: serverguide/C/windows-networking.xml:367(title)
477
#: serverguide/C/windows-networking.xml:377(title)
472
478
msgid "Securing a Samba File and Print Server"
473
479
msgstr "正在保护Samba文件和打印服务器"
474
480
475
#: serverguide/C/windows-networking.xml:370(title)
481
#: serverguide/C/windows-networking.xml:380(title)
476
482
msgid "Samba Security Modes"
477
483
msgstr "Samba安全模式"
478
484
479
#: serverguide/C/windows-networking.xml:372(para)
485
#: serverguide/C/windows-networking.xml:382(para)
480
486
msgid ""
481
487
"There are two security levels available to the Common Internet Filesystem "
482
488
"(CIFS) network protocol <emphasis>user-level</emphasis> and <emphasis>share-"
488
494
"等级</emphasis> Samba的 <emphasis>security 模式</emphasis> 允许更灵活的执行方式,为user-"
489
495
"level安全等级提供了4种方式,为share-level等级提供了一种方式。"
490
496
491
#: serverguide/C/windows-networking.xml:381(para)
497
#: serverguide/C/windows-networking.xml:391(para)
492
498
msgid ""
493
499
"<emphasis>security = user:</emphasis> requires clients to supply a username "
494
500
"and password to connect to shares. Samba user accounts are separate from "
499
505
"就需要连接共享的客户机提供用户名和密码。虽然Samba的用户帐户区别于系统帐户,但是软件包 <application>libpam-"
500
506
"smbpass</application> 会同步系统用户名和密码与Samba用户数据库。"
501
507
502
#: serverguide/C/windows-networking.xml:388(para)
508
#: serverguide/C/windows-networking.xml:398(para)
503
509
msgid ""
504
510
"<emphasis>security = domain:</emphasis> this mode allows the Samba server to "
505
511
"appear to Windows clients as a Primary Domain Controller (PDC), Backup "
510
516
"客户端的主域控制器 ( PDC ) , 备份域控制器(BDC) ,或者一个域成员服务器(DMS) ,了解更多信息参见 <xref "
511
517
"linkend=\"samba-dc\"/>。"
512
518
513
#: serverguide/C/windows-networking.xml:395(para)
519
#: serverguide/C/windows-networking.xml:405(para)
514
520
msgid ""
515
521
"<emphasis>security = ADS:</emphasis> allows the Samba server to join an "
516
522
"Active Directory domain as a native member. See <xref linkend=\"samba-ad-"
519
525
"<emphasis>security = ADS:</emphasis> 允许 Samba服务器作为一个本地成员加入活动目录域。详细内容参见 <xref "
520
526
"linkend=\"samba-ad-integration\"/>"
521
527
522
#: serverguide/C/windows-networking.xml:401(para)
528
#: serverguide/C/windows-networking.xml:411(para)
523
529
msgid ""
524
530
"<emphasis>security = server:</emphasis> this mode is left over from before "
525
531
"Samba could become a member server, and due to some security issues should "
532
538
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection "
533
539
"/ServerType.html#id349531\">Server Security</ulink>"
534
540
535
#: serverguide/C/windows-networking.xml:409(para)
541
#: serverguide/C/windows-networking.xml:419(para)
536
542
msgid ""
537
543
"<emphasis>security = share:</emphasis> allows clients to connect to shares "
538
544
"without supplying a username and password."
539
545
msgstr "参数 <emphasis>security = share:</emphasis> 允许客户机访问共享文件时不提供用户名和密码。"
540
546
541
#: serverguide/C/windows-networking.xml:416(para)
547
#: serverguide/C/windows-networking.xml:426(para)
542
548
msgid ""
543
549
"The security mode you choose will depend on your environment and what you "
544
550
"need the Samba server to accomplish."
545
551
msgstr "您将选择的安全模式将取决与您的环境和您需要用Samba服务器完成的工作。"
546
552
547
#: serverguide/C/windows-networking.xml:422(title)
553
#: serverguide/C/windows-networking.xml:432(title)
548
554
msgid "Security = User"
549
555
msgstr "Security = User"
550
556
551
#: serverguide/C/windows-networking.xml:424(para)
557
#: serverguide/C/windows-networking.xml:434(para)
552
558
msgid ""
553
559
"This section will reconfigure the Samba file and print server, from <xref "
554
560
"linkend=\"samba-fileserver\"/> and <xref linkend=\"samba-printserver\"/>, to "
557
563
"本节将根据 <xref linkend=\"samba-fileserver\"/> 和 <xref linkend=\"samba-"
558
564
"printserver\"/>重新配置 Samba 文件和打印服务器。"
559
565
560
#: serverguide/C/windows-networking.xml:429(para)
566
#: serverguide/C/windows-networking.xml:439(para)
561
567
msgid ""
562
568
"First, install the <application>libpam-smbpass</application> package which "
563
569
"will sync the system users to the Samba user database:"
564
570
msgstr ""
565
571
"首先安装软件包 <application>libpam-smbpass</application> 同步系统用户与 Samba 用户数据库:"
566
572
567
#: serverguide/C/windows-networking.xml:435(command)
573
#: serverguide/C/windows-networking.xml:445(command)
568
574
msgid "sudo apt-get install libpam-smbpass"
569
575
msgstr "sudo apt-get install libpam-smbpass"
570
576
571
#: serverguide/C/windows-networking.xml:439(para)
577
#: serverguide/C/windows-networking.xml:449(para)
572
578
msgid ""
573
579
"If you chose the <emphasis>Samba Server</emphasis> task during installation "
574
580
"<application>libpam-smbpass</application> is already installed."
576
582
"如果你在安装过程中选择 <emphasis>Samba Server</emphasis> 任务则软件包 <application>libpam-"
577
583
"smbpass</application> 就已经安装在系统中。"
578
584
579
#: serverguide/C/windows-networking.xml:445(para)
585
#: serverguide/C/windows-networking.xml:455(para)
580
586
msgid ""
581
587
"Edit <filename>/etc/samba/smb.conf</filename>, and in the "
582
588
"<emphasis>[share]</emphasis> section change:"
584
590
"编辑<filename>/etc/samba/smb.conf</filename>,并且在<emphasis>[share]</emphasis>区域更"
585
591
"改:"
586
592
587
#: serverguide/C/windows-networking.xml:449(programlisting)
593
#: serverguide/C/windows-networking.xml:459(programlisting)
588
594
#, no-wrap
589
595
msgid ""
590
596
"\n"
593
599
"\n"
594
600
" 来宾就绪=no\n"
595
601
596
#: serverguide/C/windows-networking.xml:453(para)
602
#: serverguide/C/windows-networking.xml:463(para)
597
603
msgid "Finally, restart Samba for the new settings to take effect:"
598
604
msgstr "最后,为使得新设定生效,请重启Samba"
599
605
600
#: serverguide/C/windows-networking.xml:461(para)
606
#: serverguide/C/windows-networking.xml:471(para)
601
607
msgid ""
602
608
"Now when connecting to the shared directories or printers you should be "
603
609
"prompted for a username and password."
604
610
msgstr "当连接到共享的目录或打印机时,您需要一个用户名和密码。"
605
611
606
#: serverguide/C/windows-networking.xml:466(para)
612
#: serverguide/C/windows-networking.xml:476(para)
607
613
msgid ""
608
614
"If you choose to map a network drive to the share you can check the "
609
615
"<quote>Reconnect at Logon</quote> check box, which will require you to only "
612
618
"如果你选择要映射一个网络驱动器,那么你可以选择<quote>Reconnect at Logon</quote> "
613
619
"复选框,并且只需输入一次用户名和密码。至少在密码不变的情况下。"
614
620
615
#: serverguide/C/windows-networking.xml:474(title)
621
#: serverguide/C/windows-networking.xml:484(title)
616
622
msgid "Share Security"
617
623
msgstr "共享安全"
618
624
619
#: serverguide/C/windows-networking.xml:476(para)
625
#: serverguide/C/windows-networking.xml:486(para)
620
626
msgid ""
621
627
"There are several options available to increase the security for each "
622
628
"individual shared directory. Using the <emphasis>[share]</emphasis> example, "
623
629
"this section will cover some common options."
624
630
msgstr "有几个选项可以为每个共享目录增强安全性。以 <emphasis>[share]</emphasis> 为例,这节中包括了一些常见的选项。"
625
631
626
#: serverguide/C/windows-networking.xml:482(title)
632
#: serverguide/C/windows-networking.xml:492(title)
627
633
msgid "Groups"
628
634
msgstr "组"
629
635
630
#: serverguide/C/windows-networking.xml:484(para)
636
#: serverguide/C/windows-networking.xml:494(para)
631
637
msgid ""
632
638
"Groups define a collection of computers or users which have a common level "
633
639
"of access to particular network resources and offer a level of granularity "
661
667
"role=\"italic\">qa</emphasis> 和 <emphasis role=\"italic\">support</emphasis> "
662
668
"两个组,所以她能够访问配置为两个组访问的资源,而所有其他用户则只能访问明确允许其所属组访问的资源。"
663
669
664
#: serverguide/C/windows-networking.xml:498(para)
670
#: serverguide/C/windows-networking.xml:508(para)
665
671
msgid ""
666
672
"By default Samba looks for the local system groups defined in "
667
673
"<filename>/etc/group</filename> to determine which users belong to which "
671
677
"默认的 Samba 会查找本地系统组文件 <filename>/etc/group</filename> "
672
678
"以确定哪些用户属于哪些用户组。欲了解更多有关添加和删除用户组请访问 <xref linkend=\"adding-deleting-users\"/>."
673
679
674
#: serverguide/C/windows-networking.xml:504(para)
680
#: serverguide/C/windows-networking.xml:514(para)
675
681
msgid ""
676
682
"When defining groups in the Samba configuration file, "
677
683
"<filename>/etc/samba/smb.conf</filename>, the recognized syntax is to "
686
692
"你就需要在文件 <filename>/etc/samba/smb.conf</filename>中相关的章节下输入组的名字比如 <emphasis "
687
693
"role=\"bold\">@sysadmin</emphasis>。"
688
694
689
#: serverguide/C/windows-networking.xml:513(title)
695
#: serverguide/C/windows-networking.xml:523(title)
690
696
msgid "File Permissions"
691
697
msgstr "文件权限"
692
698
693
#: serverguide/C/windows-networking.xml:515(para)
699
#: serverguide/C/windows-networking.xml:525(para)
694
700
msgid ""
695
701
"File Permissions define the explicit rights a computer or user has to a "
696
702
"particular directory, file, or set of files. Such permissions may be defined "
700
706
"文件权限清楚的表明了计算机或者用户对特定目录所拥有的权力。这种权限的定义可以通过编辑文件 "
701
707
"<filename>/etc/samba/smb.conf</filename>来确定一个共享文件的权限。"
702
708
703
#: serverguide/C/windows-networking.xml:521(para)
709
#: serverguide/C/windows-networking.xml:531(para)
704
710
msgid ""
705
711
"For example, if you have defined a Samba share called "
706
712
"<emphasis>share</emphasis> and wish to give <emphasis role=\"italic\">read-"
717
723
"role=\"italic\">vincent</emphasis> 用户可以写共享。这样的话你需要编辑文件 "
718
724
"<filename>/etc/samba/smb.conf</filename> 在<emphasis>[share]</emphasis>下面添加:"
719
725
720
#: serverguide/C/windows-networking.xml:530(programlisting)
726
#: serverguide/C/windows-networking.xml:540(programlisting)
721
727
#, no-wrap
722
728
msgid ""
723
729
"\n"
728
734
" read list = @qa\n"
729
735
" write list = @sysadmin, vincent\n"
730
736
731
#: serverguide/C/windows-networking.xml:535(para)
737
#: serverguide/C/windows-networking.xml:545(para)
732
738
msgid ""
733
739
"Another possible Samba permission is to declare "
734
740
"<emphasis>administrative</emphasis> permissions to a particular shared "
738
744
msgstr ""
739
745
"另一种可能的Samba权限是为特定的共享资源声明一个管理权限。用户拥有管理权限后可以读,写或修改资源中的任何信息。用户被给予了明确的管理权限。"
740
746
741
#: serverguide/C/windows-networking.xml:541(para)
747
#: serverguide/C/windows-networking.xml:551(para)
742
748
msgid ""
743
749
"For example, if you wanted to give the user <emphasis "
744
750
"role=\"italic\">melissa</emphasis> administrative permissions to the "
750
756
"<filename>/etc/samba/smb.conf</filename> 在<emphasis>[share]</emphasis> "
751
757
"节中添加如内容:"
752
758
753
#: serverguide/C/windows-networking.xml:548(programlisting)
759
#: serverguide/C/windows-networking.xml:558(programlisting)
754
760
#, no-wrap
755
761
msgid ""
756
762
"\n"
759
765
"\n"
760
766
" 用户名=melissa\n"
761
767
762
#: serverguide/C/windows-networking.xml:552(para)
768
#: serverguide/C/windows-networking.xml:562(para)
763
769
msgid ""
764
770
"After editing <filename>/etc/samba/smb.conf</filename>, restart Samba for "
765
771
"the changes to take effect:"
766
772
msgstr "编辑<filename>/etc/samba/smb.conf</filename>以后请重启Samba使更改生效:"
767
773
768
#: serverguide/C/windows-networking.xml:561(para)
774
#: serverguide/C/windows-networking.xml:571(para)
769
775
msgid ""
770
776
"For the <emphasis>read list</emphasis> and <emphasis>write list</emphasis> "
771
777
"to work the Samba security mode must <emphasis>not</emphasis> be set to "
775
781
"list</emphasis>可以工作,Samba安全模式决不能设置成<emphasis role=\"italic\">security = "
776
782
"share</emphasis>"
777
783
778
#: serverguide/C/windows-networking.xml:567(para)
784
#: serverguide/C/windows-networking.xml:577(para)
779
785
msgid ""
780
786
"Now that Samba has been configured to limit which groups have access to the "
781
787
"shared directory, the filesystem permissions need to be updated."
782
788
msgstr "Samba 已经配置为限定某些组对共享目录的访问,文件系统权限需要更新。"
783
789
784
#: serverguide/C/windows-networking.xml:572(para)
790
#: serverguide/C/windows-networking.xml:582(para)
785
791
msgid ""
786
792
"Traditional Linux file permissions do not map well to Windows NT Access "
787
793
"Control Lists (ACLs). Fortunately POSIX ACLs are available on Ubuntu servers "
793
799
"以提供更细粒度的控制。例如,想要在 EXT3 文件系统中使用 ACLs <filename>/srv</filename>,只需编辑文件 "
794
800
"<filename>/etc/fstab</filename>,添加 <emphasis>acl</emphasis> 选项:"
795
801
796
#: serverguide/C/windows-networking.xml:579(programlisting)
802
#: serverguide/C/windows-networking.xml:589(programlisting)
797
803
#, no-wrap
798
804
msgid ""
799
805
"\n"
804
810
"UUID=66bcdd2e-8861-4fb0-b7e4-e61c569fe17d /srv ext3 noatime,relatime,acl "
805
811
"0 1\n"
806
812
807
#: serverguide/C/windows-networking.xml:583(para)
813
#: serverguide/C/windows-networking.xml:593(para)
808
814
msgid "Then remount the partition:"
809
815
msgstr "然后重新挂载分区:"
810
816
811
#: serverguide/C/windows-networking.xml:588(command)
817
#: serverguide/C/windows-networking.xml:598(command)
812
818
msgid "sudo mount -v -o remount /srv"
813
819
msgstr "sudo mount -v -o remount /srv"
814
820
815
#: serverguide/C/windows-networking.xml:592(para)
821
#: serverguide/C/windows-networking.xml:602(para)
816
822
msgid ""
817
823
"The above example assumes <filename>/srv</filename> on a separate partition. "
818
824
"If <filename>/srv</filename>, or wherever you have configured your share "
822
828
"以上示例假设 <filename>/srv</filename> 在单独的分区。无论您配置的共享目录 <filename>/srv</filename> "
823
829
"在什么位置,只要它属于 <filename>/</filename> 分区,都可能需要重启。"
824
830
825
#: serverguide/C/windows-networking.xml:599(para)
831
#: serverguide/C/windows-networking.xml:609(para)
826
832
msgid ""
827
833
"To match the Samba configuration above the <emphasis>sysadmin</emphasis> "
828
834
"group will be given read, write, and execute permissions to "
835
841
"组需要给出读、写、执行的权限,而 <emphasis>qa</emphasis> 需要给出读与执行的权限,并且其文件应隶属于用户 "
836
842
"<emphasis>melissa</emphasis>。在终端中输入:"
837
843
838
#: serverguide/C/windows-networking.xml:607(command)
844
#: serverguide/C/windows-networking.xml:617(command)
839
845
msgid "sudo chown -R melissa /srv/samba/share/"
840
846
msgstr "sudo chown -R melissa /srv/samba/share/"
841
847
842
#: serverguide/C/windows-networking.xml:608(command)
848
#: serverguide/C/windows-networking.xml:618(command)
843
849
msgid "sudo chgrp -R sysadmin /srv/samba/share/"
844
850
msgstr "sudo chgrp -R sysadmin /srv/samba/share/"
845
851
846
#: serverguide/C/windows-networking.xml:609(command)
852
#: serverguide/C/windows-networking.xml:619(command)
847
853
msgid "sudo setfacl -R -m g:qa:rx /srv/samba/share/"
848
854
msgstr "sudo setfacl -R -m g:qa:rx /srv/samba/share/"
849
855
850
#: serverguide/C/windows-networking.xml:613(para)
856
#: serverguide/C/windows-networking.xml:623(para)
851
857
msgid ""
852
858
"The <application>setfacl</application> command above gives "
853
859
"<emphasis>execute</emphasis> permissions to all files in the "
858
864
"<filename>/srv/samba/share</filename> 下所有文件给予 <emphasis>执行</emphasis> "
859
865
"的权限,这可能并不是您所希望的。"
860
866
861
#: serverguide/C/windows-networking.xml:619(para)
867
#: serverguide/C/windows-networking.xml:629(para)
862
868
msgid ""
863
869
"Now from a Windows client you should notice the new file permissions are "
864
870
"implemented. See the <application>acl</application> and "
868
874
"现在,通过使用Windows客户端,你应该注意到新的文件的权限开始应用了。想了解更多关于POSIX ACLs的信息请使用 man 命令查看 "
869
875
"<application>acl</application> 和 <application>setfacl</application>程序的帮助文档。"
870
876
871
#: serverguide/C/windows-networking.xml:627(title)
877
#: serverguide/C/windows-networking.xml:637(title)
872
878
msgid "Samba AppArmor Profile"
873
879
msgstr "Samba AppArmor 策略"
874
880
875
#: serverguide/C/windows-networking.xml:629(para)
881
#: serverguide/C/windows-networking.xml:639(para)
876
882
msgid ""
877
883
"Ubuntu comes with the <application>AppArmor</application> security module, "
878
884
"which provides mandatory access controls. The default AppArmor profile for "
883
889
"安全模块,提供必须的访问控制功能。为符合您的配置,需要对默认的 Samba AppArmor 策略做些修改。详情使用 AppArmor,请参考 "
884
890
"<xref linkend=\"apparmor\"/>。"
885
891
886
#: serverguide/C/windows-networking.xml:635(para)
892
#: serverguide/C/windows-networking.xml:645(para)
887
893
msgid ""
888
894
"There are default AppArmor profiles for <filename>/usr/sbin/smbd</filename> "
889
895
"and <filename>/usr/sbin/nmbd</filename>, the Samba daemon binaries, as part "
894
900
"Samba 守护进程的两个程序,它们默认的 AppArmor 策略,包含在 <application>apparmor-"
895
901
"profiles</application> 软件包,要安装这个包,在终端命令行中输入:"
896
902
897
#: serverguide/C/windows-networking.xml:642(command) serverguide/C/security.xml:978(command)
903
#: serverguide/C/windows-networking.xml:652(command) serverguide/C/security.xml:925(command)
898
904
msgid "sudo apt-get install apparmor-profiles"
899
905
msgstr "sudo apt-get install apparmor-profiles"
900
906
901
#: serverguide/C/windows-networking.xml:646(para)
907
#: serverguide/C/windows-networking.xml:656(para)
902
908
msgid "This package contains profiles for several other binaries."
903
909
msgstr "这个软件包还带有其它一些程序的策略。"
904
910
905
#: serverguide/C/windows-networking.xml:651(para)
911
#: serverguide/C/windows-networking.xml:661(para)
906
912
msgid ""
907
913
"By default the profiles for <application>smbd</application> and "
908
914
"<application>nmbd</application> are in <emphasis>complain</emphasis> mode "
917
923
"<emphasis>enforce</emphasis> 的策略模式,以使得 Samba "
918
924
"如期望地工作,则默认的策略需要进行修改,以反映到每一个共享的目录。"
919
925
920
#: serverguide/C/windows-networking.xml:658(para)
926
#: serverguide/C/windows-networking.xml:668(para)
921
927
msgid ""
922
928
"Edit <filename>/etc/apparmor.d/usr.sbin.smbd</filename> adding information "
923
929
"for <emphasis>[share]</emphasis> from the file server example:"
925
931
"例如,在文件服务器上添加 <emphasis>[share]</emphasis> 的标识信息,编辑 "
926
932
"<filename>/etc/apparmor.d/usr.sbin.smbd</filename>:"
927
933
928
#: serverguide/C/windows-networking.xml:663(programlisting)
934
#: serverguide/C/windows-networking.xml:673(programlisting)
929
935
#, no-wrap
930
936
msgid ""
931
937
"\n"
936
942
" /srv/samba/share/ r,\n"
937
943
" /srv/samba/share/** rwkix,\n"
938
944
939
#: serverguide/C/windows-networking.xml:668(para)
945
#: serverguide/C/windows-networking.xml:678(para)
940
946
msgid ""
941
947
"Now place the profile into <emphasis>enforce</emphasis> and reload it:"
942
948
msgstr "切换到 <emphasis>enforce</emphasis> 的策略模式,并重新加载:"
943
949
944
#: serverguide/C/windows-networking.xml:673(command)
950
#: serverguide/C/windows-networking.xml:683(command)
945
951
msgid "sudo aa-enforce /usr/sbin/smbd"
946
952
msgstr "sudo aa-enforce /usr/sbin/smbd"
947
953
948
#: serverguide/C/windows-networking.xml:674(command)
954
#: serverguide/C/windows-networking.xml:684(command)
949
955
msgid "cat /etc/apparmor.d/usr.sbin.smbd | sudo apparmor_parser -r"
950
956
msgstr "cat /etc/apparmor.d/usr.sbin.smbd | sudo apparmor_parser -r"
951
957
952
#: serverguide/C/windows-networking.xml:677(para)
958
#: serverguide/C/windows-networking.xml:687(para)
953
959
msgid ""
954
960
"You should now be able to read, write, and execute files in the shared "
955
961
"directory as normal, and the <application>smbd</application> binary will "
961
967
"程序将仅会访问配置文件和目录。请确定添加要让 Samba 共享的每个目录。同时,任何的错误会被记录在 "
962
968
"<filename>/var/log/syslog</filename>。"
963
969
964
#: serverguide/C/windows-networking.xml:702(para) serverguide/C/windows-networking.xml:1067(para)
970
#: serverguide/C/windows-networking.xml:712(para) serverguide/C/windows-networking.xml:1082(para)
965
971
msgid ""
966
972
"O'Reilly's <ulink "
967
973
"url=\"http://www.oreilly.com/catalog/9780596007690/\">Using Samba</ulink> is "
971
977
"url=\"http://www.oreilly.com/catalog/9780596007690/\">使用Samba</ulink>也是一本不错的参"
972
978
"考书。"
973
979
974
#: serverguide/C/windows-networking.xml:708(para)
980
#: serverguide/C/windows-networking.xml:718(para)
975
981
msgid ""
976
982
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/securing-"
977
983
"samba.html\">Chapter 18</ulink> of the Samba HOWTO Collection is devoted to "
980
986
"Samba HOWTO集锦的<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
981
987
"Collection/securing-samba.html\">第18章</ulink>主要致力于安全问题。"
982
988
983
#: serverguide/C/windows-networking.xml:714(para)
989
#: serverguide/C/windows-networking.xml:724(para)
984
990
msgid ""
985
991
"For more information on Samba and ACLs see the <ulink "
986
992
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
989
995
"有关Samba和ACL的更多信息请参看<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-"
990
996
"Collection/AccessControls.html#id397568\">Samba ACLs页面</ulink>。"
991
997
992
#: serverguide/C/windows-networking.xml:725(title)
998
#: serverguide/C/windows-networking.xml:740(title)
993
999
msgid "Samba as a Domain Controller"
994
1000
msgstr "Samba作为域控制器"
995
1001
996
#: serverguide/C/windows-networking.xml:727(para)
1002
#: serverguide/C/windows-networking.xml:742(para)
997
1003
msgid ""
998
1004
"Although it cannot act as an Active Directory Primary Domain Controller "
999
1005
"(PDC), a Samba server can be configured to appear as a Windows NT4-style "
1004
1010
"虽然 Samba 服务器不能作为活动目录主域控制器( PDC),但可以配置为类似 Windows NT4 "
1005
1011
"风格的域控制器,该配置的主要优势在于能够集中用户和计算机证书。 此外,Samba 可以使用多种后端用于存储用户信息。"
1006
1012
1007
#: serverguide/C/windows-networking.xml:734(title)
1013
#: serverguide/C/windows-networking.xml:749(title)
1008
1014
msgid "Primary Domain Controller"
1009
1015
msgstr "主域控制器"
1010
1016
1011
#: serverguide/C/windows-networking.xml:736(para)
1017
#: serverguide/C/windows-networking.xml:751(para)
1012
1018
msgid ""
1013
1019
"This section covers configuring Samba as a Primary Domain Controller (PDC) "
1014
1020
"using the default smbpasswd backend."
1015
1021
msgstr "本节内容涉及使用默认的 smbpasswd 后端配置 Samba 作为主域控制器(PDC)。"
1016
1022
1017
#: serverguide/C/windows-networking.xml:743(para)
1023
#: serverguide/C/windows-networking.xml:758(para)
1018
1024
msgid ""
1019
1025
"First, install Samba, and <application>libpam-smbpass</application> to sync "
1020
1026
"the user accounts, by entering the following in a terminal prompt:"
1022
1028
"首先,安装 Samba 和用于同步用户账号的软件包 <application>libpam-smbpass</application>。 "
1023
1029
"在终端命令行中输入如下:"
1024
1030
1025
#: serverguide/C/windows-networking.xml:749(command) serverguide/C/windows-networking.xml:965(command)
1031
#: serverguide/C/windows-networking.xml:764(command) serverguide/C/windows-networking.xml:980(command)
1026
1032
msgid "sudo apt-get install samba libpam-smbpass"
1027
1033
msgstr "sudo apt-get install samba libpam-smbpass"
1028
1034
1029
#: serverguide/C/windows-networking.xml:755(para)
1035
#: serverguide/C/windows-networking.xml:770(para)
1030
1036
msgid ""
1031
1037
"Next, configure Samba by editing <filename>/etc/samba/smb.conf</filename>. "
1032
1038
"The <emphasis>security</emphasis> mode should be set to <emphasis "
1037
1043
"其中,<emphasis>security</emphasis> 模式需要设置为 <emphasis "
1038
1044
"role=\"italic\">user</emphasis>; <emphasis>workgroup</emphasis> 设置为您的组织。"
1039
1045
1040
#: serverguide/C/windows-networking.xml:770(para)
1046
#: serverguide/C/windows-networking.xml:785(para)
1041
1047
msgid ""
1042
1048
"In the commented <quote>Domains</quote> section add or uncomment the "
1043
1049
"following:"
1044
1050
msgstr "在 <quote>Domains</quote> 这个被注释掉的章节,添加内容或者取消注释,直至内容如下:"
1045
1051
1046
#: serverguide/C/windows-networking.xml:774(programlisting)
1052
#: serverguide/C/windows-networking.xml:789(programlisting)
1047
1053
#, no-wrap
1048
1054
msgid ""
1049
1055
"\n"
1064
1070
" 添加机器脚本 = sudo /usr/sbin/useradd -N -g machines -c Machine -d "
1065
1071
"/var/lib/samba -s /bin/false %u\n"
1066
1072
1067
#: serverguide/C/windows-networking.xml:785(para)
1073
#: serverguide/C/windows-networking.xml:800(para)
1068
1074
msgid ""
1069
1075
"<emphasis>domain logons:</emphasis> provides the netlogon service causing "
1070
1076
"Samba to act as a domain controller."
1071
1077
msgstr ""
1072
1078
"<emphasis>domain logons:</emphasis> 提供 netlogon 服务,使得 Samba 服务器成为域控制器。"
1073
1079
1074
#: serverguide/C/windows-networking.xml:790(para)
1080
#: serverguide/C/windows-networking.xml:805(para)
1075
1081
msgid ""
1076
1082
"<emphasis>logon path:</emphasis> places the user's Windows profile into "
1077
1083
"their home directory. It is also possible to configure a "
1081
1087
"<emphasis>logon path:</emphasis> 存放用户的 Windows 配置文件到其主目录。 也可以创建一个 "
1082
1088
"<emphasis>[profiles]</emphasis> 将所有用户的 Windows 配置文件存放到统一的目录。"
1083
1089
1084
#: serverguide/C/windows-networking.xml:796(para)
1090
#: serverguide/C/windows-networking.xml:811(para)
1085
1091
msgid ""
1086
1092
"<emphasis>logon drive:</emphasis> specifies the home directory local path."
1087
1093
msgstr "<emphasis>logon drive:</emphasis> 指定主目录本地路径。"
1088
1094
1089
#: serverguide/C/windows-networking.xml:801(para)
1095
#: serverguide/C/windows-networking.xml:816(para)
1090
1096
msgid ""
1091
1097
"<emphasis>logon home:</emphasis> specifies the home directory location."
1092
1098
msgstr "<emphasis>logon home:</emphasis> 指定主目录的位置。"
1093
1099
1094
#: serverguide/C/windows-networking.xml:806(para)
1100
#: serverguide/C/windows-networking.xml:821(para)
1095
1101
msgid ""
1096
1102
"<emphasis>logon script:</emphasis> determines the script to be run locally "
1097
1103
"once a user has logged in. The script needs to be placed in the "
1100
1106
"<emphasis>logon script:</emphasis> 当用户登陆时,在其本地执行的脚本。 脚本必须存放在 "
1101
1107
"<emphasis>[netlogon]</emphasis> 共享当中。"
1102
1108
1103
#: serverguide/C/windows-networking.xml:812(para)
1109
#: serverguide/C/windows-networking.xml:827(para)
1104
1110
msgid ""
1105
1111
"<emphasis>add machine script:</emphasis> a script that will automatically "
1106
1112
"create the <emphasis>Machine Trust Account</emphasis> needed for a "
1109
1115
"<emphasis>add machine script:</emphasis> 为工作站加入域而自动创建 "
1110
1116
"<emphasis>系统信任账户</emphasis> 的脚本。"
1111
1117
1112
#: serverguide/C/windows-networking.xml:816(para)
1118
#: serverguide/C/windows-networking.xml:831(para)
1113
1119
msgid ""
1114
1120
"In this example the <emphasis>machines</emphasis> group will need to be "
1115
1121
"created using the <application>addgroup</application> utility see <xref "
1119
1125
"<emphasis>machines</emphasis> 组。 请参考 <xref linkend=\"adding-deleting-"
1120
1126
"users\"/>。"
1121
1127
1122
#: serverguide/C/windows-networking.xml:824(para)
1128
#: serverguide/C/windows-networking.xml:839(para)
1123
1129
msgid ""
1124
1130
"If you wish to not use <emphasis>Roaming Profiles</emphasis> leave the "
1125
1131
"<emphasis>logon home</emphasis> and <emphasis>logon path</emphasis> options "
1128
1134
"如果您不想使用 <emphasis>漫游式的配置文件</emphasis>,将 <emphasis>logon home</emphasis> 和 "
1129
1135
"<emphasis>logon path</emphasis> 选项注释掉即可。"
1130
1136
1131
#: serverguide/C/windows-networking.xml:833(para)
1137
#: serverguide/C/windows-networking.xml:848(para)
1132
1138
msgid ""
1133
1139
"Uncomment the <emphasis>[homes]</emphasis> share to allow the <emphasis "
1134
1140
"role=\"italic\">logon home</emphasis> to be mapped:"
1136
1142
"为使得 <emphasis role=\"italic\">logon home</emphasis> 被正确映射到,需要对 "
1137
1143
"<emphasis>[homes]</emphasis> 共享设置取消注释。"
1138
1144
1139
#: serverguide/C/windows-networking.xml:838(programlisting)
1145
#: serverguide/C/windows-networking.xml:853(programlisting)
1140
1146
#, no-wrap
1141
1147
msgid ""
1142
1148
"\n"
1157
1163
" directory mask = 0700\n"
1158
1164
" valid users = %S\n"
1159
1165
1160
#: serverguide/C/windows-networking.xml:851(para)
1166
#: serverguide/C/windows-networking.xml:866(para)
1161
1167
msgid ""
1162
1168
"When configured as a domain controller a <emphasis>[netlogon]</emphasis> "
1163
1169
"share needs to be configured. To enable the share, uncomment:"
1164
1170
msgstr ""
1165
1171
"当配置为域控制器时,<emphasis>[netlogon]</emphasis> 共享设置需要开启。 要开启该共享设置,则需要取消注释,使得其内容如下:"
1166
1172
1167
#: serverguide/C/windows-networking.xml:856(programlisting)
1173
#: serverguide/C/windows-networking.xml:871(programlisting)
1168
1174
#, no-wrap
1169
1175
msgid ""
1170
1176
"\n"
1183
1189
" read only = yes\n"
1184
1190
" share modes = no\n"
1185
1191
1186
#: serverguide/C/windows-networking.xml:866(para)
1192
#: serverguide/C/windows-networking.xml:881(para)
1187
1193
msgid ""
1188
1194
"The original <emphasis>netlogon</emphasis> share path is "
1189
1195
"<filename>/home/samba/netlogon</filename>, but according to the Filesystem "
1196
1202
"url=\"http://www.pathname.com/fhs/pub/fhs-"
1197
1203
"2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM\">/srv</ulink> 是站点特定数据的合适位置。"
1198
1204
1199
#: serverguide/C/windows-networking.xml:877(para)
1205
#: serverguide/C/windows-networking.xml:892(para)
1200
1206
msgid ""
1201
1207
"Now create the <filename role=\"directory\">netlogon</filename> directory, "
1202
1208
"and an empty (for now) <filename>logon.cmd</filename> script file:"
1204
1210
"创建 <filename role=\"directory\">netlogon</filename> 目录和一个暂时为空的脚本文件 "
1205
1211
"<filename>logon.cmd</filename>:"
1206
1212
1207
#: serverguide/C/windows-networking.xml:883(command)
1213
#: serverguide/C/windows-networking.xml:898(command)
1208
1214
msgid "sudo mkdir -p /srv/samba/netlogon"
1209
1215
msgstr "sudo mkdir -p /srv/samba/netlogon"
1210
1216
1211
#: serverguide/C/windows-networking.xml:884(command)
1217
#: serverguide/C/windows-networking.xml:899(command)
1212
1218
msgid "sudo touch /srv/samba/netlogon/logon.cmd"
1213
1219
msgstr "sudo touch /srv/samba/netlogon/logon.cmd"
1214
1220
1215
#: serverguide/C/windows-networking.xml:887(para)
1221
#: serverguide/C/windows-networking.xml:902(para)
1216
1222
msgid ""
1217
1223
"You can enter any normal Windows logon script commands in "
1218
1224
"<filename>logon.cmd</filename> to customize the client's environment."
1219
1225
msgstr ""
1220
1226
"您可以在 <filename>logon.cmd</filename> 中输入任何 Windows 登陆的脚本命令,用以定制客户的工作环境。"
1221
1227
1222
#: serverguide/C/windows-networking.xml:895(para)
1228
#: serverguide/C/windows-networking.xml:910(para)
1223
1229
msgid ""
1224
1230
"With <emphasis>root</emphasis> being disabled by default, in order to join a "
1225
1231
"workstation to the domain, a system group needs to be mapped to the Windows "
1230
1236
"<emphasis>Domain Admins</emphasis> 组。 可以使用工具 "
1231
1237
"<application>net</application>,在终端输入:"
1232
1238
1233
#: serverguide/C/windows-networking.xml:902(command)
1239
#: serverguide/C/windows-networking.xml:917(command)
1234
1240
msgid ""
1235
1241
"sudo net groupmap add ntgroup=\"Domain Admins\" unixgroup=sysadmin rid=512 "
1236
1242
"type=d"
1238
1244
"sudo net groupmap add ntgroup=\"Domain Admins\" unixgroup=sysadmin rid=512 "
1239
1245
"type=d"
1240
1246
1241
#: serverguide/C/windows-networking.xml:906(para)
1247
#: serverguide/C/windows-networking.xml:921(para)
1242
1248
msgid ""
1243
1249
"Change <emphasis role=\"italic\">sysadmin</emphasis> to whichever group you "
1244
1250
"prefer. Also, the user used to join the domain needs to be a member of the "
1251
1257
"<emphasis>admin</emphasis> 组的成员,因为 <emphasis>admin</emphasis> 组可以使用 "
1252
1258
"<application>sudo</application> 命令。"
1253
1259
1254
#: serverguide/C/windows-networking.xml:917(para)
1260
#: serverguide/C/windows-networking.xml:932(para)
1255
1261
msgid "Finally, restart Samba to enable the new domain controller:"
1256
1262
msgstr "最后,重启 Samba 服务以应用新的域控制器:"
1257
1263
1258
#: serverguide/C/windows-networking.xml:928(para)
1264
#: serverguide/C/windows-networking.xml:943(para)
1259
1265
msgid ""
1260
1266
"You should now be able to join Windows clients to the Domain in the same "
1261
1267
"manner as joining them to an NT4 domain running on a Windows server."
1262
1268
msgstr "现在,您可以将 Windows 客户加入到域,正如将它们加入到运行在 Windows 服务器上的 NT4 域。"
1263
1269
1264
#: serverguide/C/windows-networking.xml:938(title)
1270
#: serverguide/C/windows-networking.xml:953(title)
1265
1271
msgid "Backup Domain Controller"
1266
1272
msgstr "备份域控制器"
1267
1273
1268
#: serverguide/C/windows-networking.xml:940(para)
1274
#: serverguide/C/windows-networking.xml:955(para)
1269
1275
msgid ""
1270
1276
"With a Primary Domain Controller (PDC) on the network it is best to have a "
1271
1277
"Backup Domain Controller (BDC) as well. This will allow clients to "
1272
1278
"authenticate in case the PDC becomes unavailable."
1273
1279
msgstr "网络有了主域控制器(PDC),最好也有个备份的域控制器(BDC),这样,一旦 PDC 不可用,还可以使用 BDC 进行客户认证。"
1274
1280
1275
#: serverguide/C/windows-networking.xml:945(para)
1281
#: serverguide/C/windows-networking.xml:960(para)
1276
1282
msgid ""
1277
1283
"When configuring Samba as a BDC you need a way to sync account information "
1278
1284
"with the PDC. There are multiple ways of accomplishing this "
1285
1291
"<application>rsync</application> 或者使用 <application>LDAP</application> 作为 "
1286
1292
"<emphasis>passdb 后端</emphasis>。"
1287
1293
1288
#: serverguide/C/windows-networking.xml:951(para)
1294
#: serverguide/C/windows-networking.xml:966(para)
1289
1295
msgid ""
1290
1296
"Using LDAP is the most robust way to sync account information, because both "
1291
1297
"domain controllers can use the same information in real time. However, "
1295
1301
"使用 LDAP 同步帐户信息是最稳健的做法,因为 PDC 和 BDC 都可以实时地使用相同的信息。然而,对于为数不多的用户和计算机帐户,配置 LDAP "
1296
1302
"服务器会可能过于繁琐。"
1297
1303
1298
#: serverguide/C/windows-networking.xml:960(para)
1304
#: serverguide/C/windows-networking.xml:975(para)
1299
1305
msgid ""
1300
1306
"First, install <application>samba</application> and <application>libpam-"
1301
1307
"smbpass</application>. From a terminal enter:"
1303
1309
"首先,安装 <application>samba</application> 和 <application>libpam-"
1304
1310
"smbpass</application>。 在终端中输入:"
1305
1311
1306
#: serverguide/C/windows-networking.xml:971(para)
1312
#: serverguide/C/windows-networking.xml:986(para)
1307
1313
msgid ""
1308
1314
"Now, edit <filename>/etc/samba/smb.conf</filename> and uncomment the "
1309
1315
"following in the <emphasis>[global]</emphasis>:"
1311
1317
"编辑 <filename>/etc/samba/smb.conf</filename>,取消注释 "
1312
1318
"<emphasis>[global]</emphasis> 中如下项:"
1313
1319
1314
#: serverguide/C/windows-networking.xml:984(para)
1320
#: serverguide/C/windows-networking.xml:999(para)
1315
1321
msgid "In the commented <emphasis>Domains</emphasis> uncomment or add:"
1316
1322
msgstr "对被注释掉的 <emphasis>Domains</emphasis> 项进行取消注释,或者,如果没有该项则进行添加:"
1317
1323
1318
#: serverguide/C/windows-networking.xml:988(programlisting)
1324
#: serverguide/C/windows-networking.xml:1003(programlisting)
1319
1325
#, no-wrap
1320
1326
msgid ""
1321
1327
"\n"
1326
1332
" domain logons = yes\n"
1327
1333
" domain master = no\n"
1328
1334
1329
#: serverguide/C/windows-networking.xml:996(para)
1335
#: serverguide/C/windows-networking.xml:1011(para)
1330
1336
msgid ""
1331
1337
"Make sure a user has rights to read the files in "
1332
1338
"<filename>/var/lib/samba</filename>. For example, to allow users in the "
1337
1343
"<emphasis>admin</emphasis> 组的用户可以 <application>scp</application> "
1338
1344
"其中的文件,在终端输入命令:"
1339
1345
1340
#: serverguide/C/windows-networking.xml:1002(command)
1346
#: serverguide/C/windows-networking.xml:1017(command)
1341
1347
msgid "sudo chgrp -R admin /var/lib/samba"
1342
1348
msgstr "sudo chgrp -R admin /var/lib/samba"
1343
1349
1344
#: serverguide/C/windows-networking.xml:1008(para)
1350
#: serverguide/C/windows-networking.xml:1023(para)
1345
1351
msgid ""
1346
1352
"Next, sync the user accounts, using <application>scp</application> to copy "
1347
1353
"the <filename>/var/lib/samba</filename> directory from the PDC:"
1349
1355
"接下来,同步用户帐号。 使用 <application>scp</application> 从 PDC 上拷贝 目录 "
1350
1356
"<filename>/var/lib/samba</filename>:"
1351
1357
1352
#: serverguide/C/windows-networking.xml:1014(command)
1358
#: serverguide/C/windows-networking.xml:1029(command)
1353
1359
msgid "sudo scp -r username@pdc:/var/lib/samba /var/lib"
1354
1360
msgstr "sudo scp -r username@pdc:/var/lib/samba /var/lib"
1355
1361
1356
#: serverguide/C/windows-networking.xml:1018(para)
1362
#: serverguide/C/windows-networking.xml:1033(para)
1357
1363
msgid ""
1358
1364
"Replace <emphasis>username</emphasis> with a valid username and "
1359
1365
"<emphasis>pdc</emphasis> with the hostname or IP Address of your actual PDC."
1361
1367
"使用一个合法的用户名替换 <emphasis>username</emphasis>,并使用实际的 PDC 主机名或其 IP 地址替换 "
1362
1368
"<emphasis>pdc</emphasis>。"
1363
1369
1364
#: serverguide/C/windows-networking.xml:1027(para)
1370
#: serverguide/C/windows-networking.xml:1042(para)
1365
1371
msgid "Finally, restart <application>samba</application>:"
1366
1372
msgstr "最后, 重启 <application>samba</application>:"
1367
1373
1368
#: serverguide/C/windows-networking.xml:1038(para)
1374
#: serverguide/C/windows-networking.xml:1053(para)
1369
1375
msgid ""
1370
1376
"You can test that your Backup Domain controller is working by stopping the "
1371
1377
"Samba daemon on the PDC, then trying to login to a Windows client joined to "
1372
1378
"the domain."
1373
1379
msgstr "您可以这样来测试备份域控制器是否正确工作:在 PDC 上停止 Samba 守护进程,然后偿试登陆到一台加入域的 Windows 客户机。"
1374
1380
1375
#: serverguide/C/windows-networking.xml:1043(para)
1381
#: serverguide/C/windows-networking.xml:1058(para)
1376
1382
msgid ""
1377
1383
"Another thing to keep in mind is if you have configured the <emphasis>logon "
1378
1384
"home</emphasis> option as a directory on the PDC, and the PDC becomes "
1384
1390
"无法访问时,则用户的 <emphasis>Home</emphasis> 位置也将无法访问。 出于这个原因,最好将 <emphasis>logon "
1385
1391
"home</emphasis> 配置为驻留在 PDC 和 BDC 之外独立的文件服务器上。"
1386
1392
1387
#: serverguide/C/windows-networking.xml:1073(para)
1393
#: serverguide/C/windows-networking.xml:1088(para)
1388
1394
msgid ""
1389
1395
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-"
1390
1396
"pdc.html\">Chapter 4</ulink> of the Samba HOWTO Collection explains setting "
1393
1399
"<ulink url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/samba-"
1394
1400
"pdc.html\">第 4 章</ulink> 关于配置 Samba 为主域控制器的 HOWTO 收集。"
1395
1401
1396
#: serverguide/C/windows-networking.xml:1079(para)
1402
#: serverguide/C/windows-networking.xml:1094(para)
1397
1403
msgid ""
1398
1404
"<ulink url=\"http://us3.samba.org/samba/docs/man/Samba-HOWTO-"
1399
1405
"Collection/samba-bdc.html\">Chapter 5</ulink> of the Samba HOWTO Collection "
1402
1408
"<ulink url=\"http://us3.samba.org/samba/docs/man/Samba-HOWTO-"
1403
1409
"Collection/samba-bdc.html\">第 5 章</ulink> 关于配置 Samba 为备份域控制器的 HOWTO 收集。"
1404
1410
1405
#: serverguide/C/windows-networking.xml:1089(title)
1411
#: serverguide/C/windows-networking.xml:1109(title)
1406
1412
msgid "Samba Active Directory Integration"
1407
1413
msgstr "Samba 活动目录集成"
1408
1414
1409
#: serverguide/C/windows-networking.xml:1092(title)
1415
#: serverguide/C/windows-networking.xml:1112(title)
1410
1416
msgid "Accessing a Samba Share"
1411
1417
msgstr "访问 Samba 共享"
1412
1418
1413
#: serverguide/C/windows-networking.xml:1094(para)
1419
#: serverguide/C/windows-networking.xml:1114(para)
1414
1420
msgid ""
1415
1421
"Another, use for Samba is to integrate into an existing Windows network. "
1416
1422
"Once part of an Active Directory domain, Samba can provide file and print "
1418
1424
msgstr ""
1419
1425
"Samba 另一个用途是集成到一个现存的 Windows 网络。 一旦成为活动目录域的一部分,Samba 就可以为活动目录(AD)用户提供文件和打印服务。"
1420
1426
1421
#: serverguide/C/windows-networking.xml:1099(para)
1427
#: serverguide/C/windows-networking.xml:1119(para)
1422
1428
msgid ""
1423
1429
"The simplest way to join an AD domain is to use <application>Likewise-"
1424
1430
"open</application>. For detailed instructions see <xref linkend=\"likewise-"
1427
1433
"加入到活动目录(AD)域的最简单的方法就是使用 <application>Likewise-open</application>。 详情请参考 "
1428
1434
"<xref linkend=\"likewise-open\"/>。"
1429
1435
1430
#: serverguide/C/windows-networking.xml:1104(para)
1431
msgid "Once part of the domain, install the following packages:"
1432
msgstr "成为了域的一部分,安装如下软件包:"
1436
#: serverguide/C/windows-networking.xml:1124(para)
1437
msgid ""
1438
"Once part of the domain, enter the following command in the terminal prompt:"
1439
msgstr ""
1433
1440
1434
#: serverguide/C/windows-networking.xml:1109(command)
1441
#: serverguide/C/windows-networking.xml:1129(command)
1435
1442
msgid "sudo apt-get install samba smbfs smbclient"
1436
1443
msgstr "sudo apt-get install samba smbfs smbclient"
1437
1444
1438
#: serverguide/C/windows-networking.xml:1112(para)
1445
#: serverguide/C/windows-networking.xml:1132(para)
1439
1446
msgid ""
1440
1447
"Since the <application>likewise-open</application> and "
1441
1448
"<application>samba</application> packages use separate "
1447
1454
"db</filename>文件起,符号连接必需创建在<filename "
1448
1455
"role=\"directory\">/var/lib/samba</filename>:"
1449
1456
1450
#: serverguide/C/windows-networking.xml:1118(command)
1457
#: serverguide/C/windows-networking.xml:1138(command)
1451
1458
msgid "sudo mv /var/lib/samba/secrets.tdb /var/lib/samba/secrets.tdb.orig"
1452
1459
msgstr "sudo mv /var/lib/samba/secrets.tdb /var/lib/samba/secrets.tdb.orig"
1453
1460
1454
#: serverguide/C/windows-networking.xml:1119(command)
1461
#: serverguide/C/windows-networking.xml:1139(command)
1455
1462
msgid "sudo ln -s /etc/samba/secrets.tdb /var/lib/samba"
1456
1463
msgstr "sudo ln -s /etc/samba/secrets.tdb /var/lib/samba"
1457
1464
1458
#: serverguide/C/windows-networking.xml:1122(para)
1465
#: serverguide/C/windows-networking.xml:1142(para)
1459
1466
msgid "Next, edit <filename>/etc/samba/smb.conf</filename> changing:"
1460
1467
msgstr "下一步,编辑 <filename>/etc/samba/smb.conf</filename>,修改:"
1461
1468
1462
#: serverguide/C/windows-networking.xml:1126(programlisting)
1469
#: serverguide/C/windows-networking.xml:1146(programlisting)
1463
1470
#, no-wrap
1464
1471
msgid ""
1465
1472
"\n"
1482
1489
" idmap uid = 50-9999999999\n"
1483
1490
" idmap gid = 50-9999999999\n"
1484
1491
1485
#: serverguide/C/windows-networking.xml:1137(para)
1492
#: serverguide/C/windows-networking.xml:1157(para)
1486
1493
msgid ""
1487
1494
"Restart <application>samba</application> for the new settings to take effect:"
1488
1495
msgstr "重启<application>samba</application>为新的设置生效:"
1489
1496
1490
#: serverguide/C/windows-networking.xml:1145(para)
1497
#: serverguide/C/windows-networking.xml:1165(para)
1491
1498
msgid ""
1492
1499
"You should now be able to access any <application>Samba</application> shares "
1493
1500
"from a Windows client. However, be sure to give the appropriate AD users or "
1497
1504
"现在你应该能够从 Windows 客户端访问任何<application>Samba</application>共享了。但是,一定要给 AD "
1498
1505
"用户或者组分配合适的共享目录。请参考<xref linkend=\"samba-fileprint-security\"/>获得更多详细信息。"
1499
1506
1500
#: serverguide/C/windows-networking.xml:1153(title)
1507
#: serverguide/C/windows-networking.xml:1173(title)
1501
1508
msgid "Accessing a Windows Share"
1502
1509
msgstr "访问 Windows 共享文件"
1503
1510
1504
#: serverguide/C/windows-networking.xml:1155(para)
1511
#: serverguide/C/windows-networking.xml:1175(para)
1505
1512
msgid ""
1506
1513
"Now that the Samba server is part of the Active Directory domain you can "
1507
1514
"access any Windows server shares:"
1508
1515
msgstr "Samba 已经是活动目录域的一部分,您可以任意访问 Windows 的共享:"
1509
1516
1510
#: serverguide/C/windows-networking.xml:1162(para)
1517
#: serverguide/C/windows-networking.xml:1182(para)
1511
1518
msgid ""
1512
1519
"To mount a Windows file share enter the following in a terminal prompt:"
1513
1520
msgstr "挂载 Windows 文件共享,在终端命令行中输入:"
1514
1521
1515
#: serverguide/C/windows-networking.xml:1166(command)
1522
#: serverguide/C/windows-networking.xml:1186(command)
1516
1523
msgid "mount.cifs //fs01.example.com/share mount_point"
1517
1524
msgstr "mount.cifs //fs01.example.com/share mount_point"
1518
1525
1519
#: serverguide/C/windows-networking.xml:1169(para)
1526
#: serverguide/C/windows-networking.xml:1189(para)
1520
1527
msgid ""
1521
1528
"It is also possible to access shares on computers not part of an AD domain, "
1522
1529
"but a username and password will need to be provided."
1523
1530
msgstr "也可访问非活动域的计算机,不过,需要提供用户名和密码。"
1524
1531
1525
#: serverguide/C/windows-networking.xml:1177(para)
1532
#: serverguide/C/windows-networking.xml:1197(para)
1526
1533
msgid ""
1527
1534
"To mount the share during boot place an entry in "
1528
1535
"<filename>/etc/fstab</filename>, for example:"
1529
1536
msgstr "在系统启动时挂载共享,需要在 <filename>/etc/fstab</filename> 中添加相应项,例如:"
1530
1537
1531
#: serverguide/C/windows-networking.xml:1181(programlisting)
1538
#: serverguide/C/windows-networking.xml:1201(programlisting)
1532
1539
#, no-wrap
1533
1540
msgid ""
1534
1541
"\n"
1539
1546
"//192.168.0.5/share /mnt/windows cifs auto,username=steve,password=secret,rw "
1540
1547
"0 0\n"
1541
1548
1542
#: serverguide/C/windows-networking.xml:1188(para)
1549
#: serverguide/C/windows-networking.xml:1208(para)
1543
1550
msgid ""
1544
1551
"Another way to copy files from a Windows server is to use the "
1545
1552
"<application>smbclient</application> utility. To list the files in a Windows "
1548
1555
"从 Windows 服务器拷贝文件的另一种方法是使用 <application>smbclient</application> 程序。 列出 "
1549
1556
"Windows 共享的文件:"
1550
1557
1551
#: serverguide/C/windows-networking.xml:1194(command)
1558
#: serverguide/C/windows-networking.xml:1214(command)
1552
1559
msgid "smbclient //fs01.example.com/share -k -c \"ls\""
1553
1560
msgstr "smbclient //fs01.example.com/share -k -c \"ls\""
1554
1561
1555
#: serverguide/C/windows-networking.xml:1200(para)
1562
#: serverguide/C/windows-networking.xml:1220(para)
1556
1563
msgid "To copy a file from the share, enter:"
1557
1564
msgstr "从共享中拷贝文件,输入:"
1558
1565
1559
#: serverguide/C/windows-networking.xml:1205(command)
1566
#: serverguide/C/windows-networking.xml:1225(command)
1560
1567
msgid "smbclient //fs01.example.com/share -k -c \"get file.txt\""
1561
1568
msgstr "smbclient //fs01.example.com/share -k -c \"get file.txt\""
1562
1569
1563
#: serverguide/C/windows-networking.xml:1208(para)
1570
#: serverguide/C/windows-networking.xml:1228(para)
1564
1571
msgid ""
1565
1572
"This will copy the <filename>file.txt</filename> into the current directory."
1566
1573
msgstr "这将拷贝 <filename>file.txt</filename> 到当前目录。"
1567
1574
1568
#: serverguide/C/windows-networking.xml:1215(para)
1575
#: serverguide/C/windows-networking.xml:1235(para)
1569
1576
msgid "And to copy a file to the share:"
1570
1577
msgstr "同时,拷贝文件到共享:"
1571
1578
1572
#: serverguide/C/windows-networking.xml:1220(command)
1579
#: serverguide/C/windows-networking.xml:1240(command)
1573
1580
msgid "smbclient //fs01.example.com/share -k -c \"put /etc/hosts hosts\""
1574
1581
msgstr "smbclient //fs01.example.com/share -k -c \"put /etc/hosts hosts\""
1575
1582
1576
#: serverguide/C/windows-networking.xml:1223(para)
1583
#: serverguide/C/windows-networking.xml:1243(para)
1577
1584
msgid ""
1578
1585
"This will copy the <filename>/etc/hosts</filename> to "
1579
1586
"<filename>//fs01.example.com/share/hosts</filename>."
1581
1588
"它会将<filename>/etc/hosts</filename>复制到<filename>//fs01.example.com/share/hosts"
1582
1589
"</filename>."
1583
1590
1584
#: serverguide/C/windows-networking.xml:1230(para)
1591
#: serverguide/C/windows-networking.xml:1250(para)
1585
1592
msgid ""
1586
1593
"The <emphasis>-c</emphasis> option used above allows you to execute the "
1587
1594
"<application>smbclient</application> command all at once. This is useful for "
1593
1600
"<application>smbclient</application> 命令,这有利于使用脚本及少量的文件操作。 <emphasis>smb: \\"
1594
1601
"></emphasis> 命令行类似于 FTP 命令行,您可以使用它进行普通的文件目录操作,要进入其命令行,只需执行:"
1595
1602
1596
#: serverguide/C/windows-networking.xml:1237(command)
1603
#: serverguide/C/windows-networking.xml:1257(command)
1597
1604
msgid "smbclient //fs01.example.com/share -k"
1598
1605
msgstr "smbclient //fs01.example.com/share -k"
1599
1606
1600
#: serverguide/C/windows-networking.xml:1244(para)
1607
#: serverguide/C/windows-networking.xml:1264(para)
1601
1608
msgid ""
1602
1609
"Replace all instances of <emphasis>fs01.example.com/share</emphasis>, "
1603
1610
"<emphasis>//192.168.0.5/share</emphasis>, "
1609
1616
"re</emphasis>,<emphasis>//192.168.0.5/share</emphasis>,<emphasis>username=ste"
1610
1617
"ve,password=secret</emphasis> 和 <emphasis>file.txt</emphasis> 的实例。"
1611
1618
1612
#: serverguide/C/windows-networking.xml:1255(para)
1619
#: serverguide/C/windows-networking.xml:1275(para)
1613
1620
msgid ""
1614
1621
"For more <application>smbclient</application> options see the man page: "
1615
1622
"<command>man smbclient</command>, also available <ulink "
1616
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
1617
"nline</ulink>."
1623
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man1/smbclient.1.html\">on"
1624
"line</ulink>."
1618
1625
msgstr ""
1619
"更多<application>smbclient</application> 选项请浏览 man 页面:<command>man "
1620
"smbclient</command>,也可以参考<ulink "
1621
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
1622
"nline</ulink>。"
1623
1626
1624
#: serverguide/C/windows-networking.xml:1260(para)
1627
#: serverguide/C/windows-networking.xml:1280(para)
1625
1628
msgid ""
1626
1629
"The <application>mount.cifs</application><ulink "
1627
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
1628
"man page</ulink> is also useful for more detailed information."
1630
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/mount.cifs.8.html\">m"
1631
"an page</ulink> is also useful for more detailed information."
1629
1632
msgstr ""
1630
"<application>mount.cifs</application><ulink "
1631
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
1632
"man 页面</ulink>在更多细节信息里也同样重要。"
1633
1633
1634
#: serverguide/C/windows-networking.xml:1270(title)
1634
#: serverguide/C/windows-networking.xml:1293(title)
1635
1635
msgid "Likewise Open"
1636
1636
msgstr "Likewise Open"
1637
1637
1638
#: serverguide/C/windows-networking.xml:1272(para)
1638
#: serverguide/C/windows-networking.xml:1295(para)
1639
1639
msgid ""
1640
1640
"<application>Likewise Open</application> simplifies the necessary "
1641
1641
"configuration needed to authenticate a Linux machine to an Active Directory "
1647
1647
"Directory域名所需必要的设置。基于<application>winbind</application>,<application>likewise"
1648
1648
"-open</application>软件包省去了将Ubuntu授权认证整合到已有的Windows网络中的麻烦。"
1649
1649
1650
#: serverguide/C/windows-networking.xml:1281(para)
1650
#: serverguide/C/windows-networking.xml:1304(para)
1651
1651
msgid ""
1652
1652
"There are two ways to use Likewise Open, <application>likewise-"
1653
1653
"open</application> the command line utility and <application>likewise-open-"
1657
1657
"open</application>命令行工具和<application>likewise-open-gui</application>。 "
1658
1658
"本章节着重讲解命令行工具。"
1659
1659
1660
#: serverguide/C/windows-networking.xml:1286(para)
1660
#: serverguide/C/windows-networking.xml:1309(para)
1661
1661
msgid ""
1662
1662
"To install the <application>likewise-open</application> package, open a "
1663
1663
"terminal prompt and enter:"
1664
1664
msgstr "要安装<application>likewise-open</application>软件包,打开一个终端模拟器并输入:"
1665
1665
1666
#: serverguide/C/windows-networking.xml:1291(command)
1666
#: serverguide/C/windows-networking.xml:1314(command)
1667
1667
msgid "sudo apt-get install likewise-open"
1668
1668
msgstr "sudo apt-get install likewise-open"
1669
1669
1670
#: serverguide/C/windows-networking.xml:1294(para)
1671
msgid ""
1672
"With Ubuntu 9.04 <application>Likewise Open 5.0</application> is available "
1673
"in the <emphasis>Universe</emphasis> repository. However, since upgrading "
1674
"from <application>Likewise Open 4.1</application> currently requires the "
1675
"system to leave the domain and re-join, a separate package for version five "
1676
"was created."
1677
msgstr ""
1678
"在 Ubuntu 9.04 中 <application>Likewise Open 5.0</application> 可从 "
1679
"<emphasis>Universe</emphasis> 软件源获得。然而,由于目前直接从 <application>Likewise Open "
1680
"4.1</application> 升级会要求系统离开和重新加入域,创建了版本 5 的独立软件包。"
1681
1682
#: serverguide/C/windows-networking.xml:1300(para)
1683
msgid "To install <application>Likewise Open 5.0</application> enter:"
1684
msgstr "要安装 <application>Likewise Open 5.0</application> 请输入:"
1685
1686
#: serverguide/C/windows-networking.xml:1305(command)
1687
msgid "sudo apt-get install likewise-open5"
1688
msgstr "sudo apt-get install likewise-open5"
1689
1690
#: serverguide/C/windows-networking.xml:1309(para)
1691
msgid ""
1692
"Installing likewise-open5 over an existing likewise-open (4.1) installation "
1693
"will replace it. You will have to rejoin the domain after install."
1694
msgstr "在现有的 likewise-open (4.1) 基础上安装 likewise-open5 会替换它。安装后您需要重新加入域。"
1695
1696
#: serverguide/C/windows-networking.xml:1317(title)
1670
#: serverguide/C/windows-networking.xml:1319(title)
1697
1671
msgid "Joining a Domain"
1698
1672
msgstr "加入到某一域名"
1699
1673
1700
#: serverguide/C/windows-networking.xml:1319(para)
1674
#: serverguide/C/windows-networking.xml:1321(para)
1701
1675
msgid ""
1702
1676
"The main executable file of the <application>likewise-open</application> "
1703
1677
"package is <filename>/usr/bin/domainjoin-cli</filename>, which is used to "
1708
1682
"open</application>包的主要可执行文件是<filename>/usr/bin/domainjoin-"
1709
1683
"cli</filename>,这是用来把你的电脑连接到域的。在连接到域之前,你需要确定具备:"
1710
1684
1711
#: serverguide/C/windows-networking.xml:1327(para)
1685
#: serverguide/C/windows-networking.xml:1329(para)
1712
1686
msgid ""
1713
1687
"Access to an Active Directory user with appropriate rights to join the "
1714
1688
"domain."
1715
1689
msgstr "进入到某Active Directory用户并有加入到域名的合适权限。"
1716
1690
1717
#: serverguide/C/windows-networking.xml:1332(para)
1691
#: serverguide/C/windows-networking.xml:1334(para)
1718
1692
msgid ""
1719
1693
"The <emphasis>Fully Qualified Domain Name</emphasis> (FQDN) of the domain "
1720
1694
"you want to join. If your AD domain does not match a valid domain such as "
1725
1699
"role=\"italic\">example.com</emphasis>,可能是由于它是 "
1726
1700
"<emphasis>domainname.local</emphasis> 形式的。"
1727
1701
1728
#: serverguide/C/windows-networking.xml:1339(para)
1702
#: serverguide/C/windows-networking.xml:1341(para)
1729
1703
msgid ""
1730
1704
"DNS for the domain setup properly. In a production AD environment this "
1731
1705
"should be the case. Proper Microsoft DNS is needed so that client "
1733
1707
msgstr ""
1734
1708
"域的 DNS 设置正确。 在生产活动目录环境,应该是如此。 需要有正确的 Microsoft DNS,这样,客户端工作站可以确定活动目录域可用。"
1735
1709
1736
#: serverguide/C/windows-networking.xml:1343(para)
1710
#: serverguide/C/windows-networking.xml:1345(para)
1737
1711
msgid ""
1738
1712
"If you don't have a Windows DNS server on your network, see <xref "
1739
1713
"linkend=\"likewise-open-ms-dns\"/> for details."
1740
1714
msgstr ""
1741
1715
"如果您的网络没有 Windows DNS 服务器,查看 <xref linkend=\"likewise-open-ms-dns\"/> 以了解更多。"
1742
1716
1743
#: serverguide/C/windows-networking.xml:1350(para)
1717
#: serverguide/C/windows-networking.xml:1352(para)
1744
1718
msgid "To join a domain, from a terminal prompt enter:"
1745
1719
msgstr "要加入到一个域名,在终端里输入:"
1746
1720
1747
#: serverguide/C/windows-networking.xml:1355(command)
1721
#: serverguide/C/windows-networking.xml:1357(command)
1748
1722
msgid "sudo domainjoin-cli join example.com Administrator"
1749
1723
msgstr "sudo domainjoin-cli join example.com Administrator"
1750
1724
1751
#: serverguide/C/windows-networking.xml:1359(para)
1725
#: serverguide/C/windows-networking.xml:1361(para)
1752
1726
msgid ""
1753
1727
"Replace <emphasis>example.com</emphasis> with your domain name, and "
1754
1728
"<emphasis>Administrator</emphasis> with the appropriate user name."
1756
1730
"将 <emphasis>example.com</emphasis> 替换为您的域名,并将 "
1757
1731
"<emphasis>Administrator</emphasis> 替换为合适的用户名。"
1758
1732
1759
#: serverguide/C/windows-networking.xml:1365(para)
1733
#: serverguide/C/windows-networking.xml:1367(para)
1760
1734
msgid ""
1761
1735
"You will then be prompted for the user's password. If all goes well a "
1762
1736
"<emphasis>SUCCESS</emphasis> message should be printed to the console."
1763
1737
msgstr "接下来你会收到提示让你输入用户密码。如果一切顺利,你会看到终端里打印出<emphasis>SUCCESS</emphasis>的消息。"
1764
1738
1765
#: serverguide/C/windows-networking.xml:1371(para)
1739
#: serverguide/C/windows-networking.xml:1373(para)
1766
1740
msgid ""
1767
1741
"After joining the domain, it is necessary to reboot before attempting to "
1768
1742
"authenticate against the domain."
1769
1743
msgstr "在加入到某个域名后,有必要在认证此域名前重启。"
1770
1744
1771
#: serverguide/C/windows-networking.xml:1377(para)
1745
#: serverguide/C/windows-networking.xml:1379(para)
1772
1746
msgid ""
1773
1747
"After successfully joining an Ubuntu machine to an Active Directory domain "
1774
1748
"you can authenticate using any valid AD user. To login you will need to "
1778
1752
"成功将Ubuntu机器加入到Active Directory域名中后,你就可以使用任何有效的AD用户进行身份验证。要想登陆,可以以‘域名\\"
1779
1753
"用户名’形式输入用户的名字。如你要ssh到一个连接到某域名的服务器,输入:"
1780
1754
1781
#: serverguide/C/windows-networking.xml:1384(command)
1755
#: serverguide/C/windows-networking.xml:1386(command)
1782
1756
msgid "ssh 'example\\steve'@hostname"
1783
1757
msgstr "ssh 'example\\steve'@hostname"
1784
1758
1785
#: serverguide/C/windows-networking.xml:1388(para)
1759
#: serverguide/C/windows-networking.xml:1390(para)
1786
1760
msgid ""
1787
1761
"If configuring a Desktop the user name will need to be prefixed with "
1788
1762
"<emphasis role=\"italic\">domain\\</emphasis> in the graphical logon as well."
1789
1763
msgstr ""
1790
1764
"如果是配置桌面,用户的名字也需要在图形登陆窗口以<emphasis role=\"italic\">domain\\</emphasis>为前缀。"
1791
1765
1792
#: serverguide/C/windows-networking.xml:1394(para)
1766
#: serverguide/C/windows-networking.xml:1396(para)
1793
1767
msgid ""
1794
1768
"To make likewise-open use a default domain, you can add the following "
1795
1769
"statement to <filename>/etc/samba/lwiauthd.conf</filename>:"
1797
1771
"要让 likewise-open 使用默认域,您可以在 <filename>/etc/samba/lwiauthd.conf</filename> "
1798
1772
"中添加如下语句:"
1799
1773
1800
#: serverguide/C/windows-networking.xml:1398(programlisting)
1774
#: serverguide/C/windows-networking.xml:1400(programlisting)
1801
1775
#, no-wrap
1802
1776
msgid ""
1803
1777
"\n"
1806
1780
"\n"
1807
1781
"winbind use default domain = yes\n"
1808
1782
1809
#: serverguide/C/windows-networking.xml:1402(para)
1783
#: serverguide/C/windows-networking.xml:1404(para)
1810
1784
msgid "Then restart the <application>likewise-open</application> daemons:"
1811
1785
msgstr "然后,重启 <application>likewise-open</application> 守护进程:"
1812
1786
1813
#: serverguide/C/windows-networking.xml:1407(command)
1787
#: serverguide/C/windows-networking.xml:1409(command)
1814
1788
msgid "sudo /etc/init.d/likewise-open restart"
1815
1789
msgstr "sudo /etc/init.d/likewise-open restart"
1816
1790
1817
#: serverguide/C/windows-networking.xml:1411(para)
1791
#: serverguide/C/windows-networking.xml:1413(para)
1818
1792
msgid ""
1819
1793
"Once configured for a <emphasis>default domain</emphasis> the <emphasis "
1820
1794
"role=\"italic\">'domain\\'</emphasis> is no longer required, users can login "
1823
1797
"一旦配置为使用 <emphasis>默认域</emphasis>,就不必使用 <emphasis role=\"italic\">'domain\\"
1824
1798
"'</emphasis>,用户使用其用户名即可登陆。"
1825
1799
1826
#: serverguide/C/windows-networking.xml:1417(para)
1800
#: serverguide/C/windows-networking.xml:1419(para)
1827
1801
msgid ""
1828
1802
"The <application>domainjoin-cli</application> utility can also be used to "
1829
1803
"leave the domain. From a terminal:"
1830
1804
msgstr "<application>domainjoin-cli</application>工具可用来脱离某域名。在终端输入:"
1831
1805
1832
#: serverguide/C/windows-networking.xml:1422(command)
1806
#: serverguide/C/windows-networking.xml:1424(command)
1833
1807
msgid "sudo domainjoin-cli leave"
1834
1808
msgstr "sudo domainjoin-cli leave"
1835
1809
1836
#: serverguide/C/windows-networking.xml:1427(title) serverguide/C/security.xml:1830(title)
1810
#: serverguide/C/windows-networking.xml:1429(title) serverguide/C/security.xml:1777(title)
1837
1811
msgid "Other Utilities"
1838
1812
msgstr "其它工具"
1839
1813
1840
#: serverguide/C/windows-networking.xml:1429(para)
1814
#: serverguide/C/windows-networking.xml:1431(para)
1841
1815
msgid ""
1842
1816
"The <application>likewise-open</application> package comes with a few other "
1843
1817
"utilities that may be useful for gathering information about the Active "
1849
1823
"Directory环境下的信息很有用处。这些工具可用来将机器加入到某域名中,和那些在<application>samba-"
1850
1824
"common</application>和<application>winbind</application>中的工具相同:"
1851
1825
1852
#: serverguide/C/windows-networking.xml:1438(para)
1826
#: serverguide/C/windows-networking.xml:1440(para)
1853
1827
msgid ""
1854
1828
"<application>lwinet</application>: Returns information about the network and "
1855
1829
"the domain."
1856
1830
msgstr "<application>lwinet</application>:返回有关网络和域名的信息。"
1857
1831
1858
#: serverguide/C/windows-networking.xml:1443(para)
1832
#: serverguide/C/windows-networking.xml:1445(para)
1859
1833
msgid ""
1860
1834
"<application>lwimsg</application>: Allows interaction with the "
1861
1835
"<application>likewise-winbindd</application> daemon."
1863
1837
"<application>lwimsg</application>:允许与<application>likewise-"
1864
1838
"winbindd</application>程序进行交互操作。"
1865
1839
1866
#: serverguide/C/windows-networking.xml:1448(para)
1840
#: serverguide/C/windows-networking.xml:1450(para)
1867
1841
msgid ""
1868
1842
"<application>lwiinfo</application>: Displays information about various parts "
1869
1843
"of the Domain."
1870
1844
msgstr "<application>lwiinfo</application>:显示关于域名的各个部分的信息。"
1871
1845
1872
#: serverguide/C/windows-networking.xml:1454(para)
1846
#: serverguide/C/windows-networking.xml:1456(para)
1873
1847
msgid "Please refer to each utility's man page specific for details."
1874
1848
msgstr "详细信息请参见各个工具的帮助信息。"
1875
1849
1876
#: serverguide/C/windows-networking.xml:1460(title) serverguide/C/mail.xml:336(title) serverguide/C/mail.xml:1563(title) serverguide/C/dns.xml:338(title)
1850
#: serverguide/C/windows-networking.xml:1462(title) serverguide/C/mail.xml:351(title) serverguide/C/mail.xml:1598(title) serverguide/C/dns.xml:338(title)
1877
1851
msgid "Troubleshooting"
1878
1852
msgstr "疑难解答"
1879
1853
1880
#: serverguide/C/windows-networking.xml:1464(para)
1854
#: serverguide/C/windows-networking.xml:1466(para)
1881
1855
msgid ""
1882
1856
"If the client has trouble joining the domain, double check that the "
1883
1857
"Microsoft DNS is listed first in <filename>/etc/resolv.conf</filename>. For "
1886
1860
"如果客户端加入域时遇到困难,仔细检查 <filename>/etc/resolv.conf</filename>,确保 Microsoft DNS "
1887
1861
"列在最前面。例如:"
1888
1862
1889
#: serverguide/C/windows-networking.xml:1469(programlisting)
1863
#: serverguide/C/windows-networking.xml:1471(programlisting)
1890
1864
#, no-wrap
1891
1865
msgid ""
1892
1866
"\n"
1895
1869
"\n"
1896
1870
"nameserver 192.168.0.1\n"
1897
1871
1898
#: serverguide/C/windows-networking.xml:1474(para)
1872
#: serverguide/C/windows-networking.xml:1476(para)
1899
1873
msgid ""
1900
1874
"For more information when joining a domain, use the <emphasis>--loglevel "
1901
1875
"verbose</emphasis> or <emphasis>--advanced</emphasis> option of the "
1904
1878
"要了解更多有关加入域的信息,在程序 <application>domainjoin-cli</application> 中使用 <emphasis>--"
1905
1879
"loglevel verbose</emphasis> 或 <emphasis>--advanced</emphasis> 选项:"
1906
1880
1907
#: serverguide/C/windows-networking.xml:1480(command)
1881
#: serverguide/C/windows-networking.xml:1482(command)
1908
1882
msgid "sudo domainjoin-cli --loglevel verbose join example.com Administrator"
1909
1883
msgstr ""
1910
1884
"sudo domainjoin-cli --loglevel verbose join example.com Administrator"
1911
1885
1912
#: serverguide/C/windows-networking.xml:1484(para)
1886
#: serverguide/C/windows-networking.xml:1486(para)
1913
1887
msgid ""
1914
1888
"If an Active Directory user has trouble logging in, check the "
1915
1889
"<filename>/var/log/auth.log</filename> for details."
1916
1890
msgstr "如果活动目录用户在登陆时遇到困难,查看 <filename>/var/log/auth.log</filename> 以了解详情。"
1917
1891
1918
#: serverguide/C/windows-networking.xml:1489(para)
1892
#: serverguide/C/windows-networking.xml:1491(para)
1919
1893
msgid ""
1920
1894
"When joining an Ubuntu Desktop workstation to a domain, you may need to edit "
1921
1895
"<filename>/etc/nsswitch.conf</filename> if your AD domain uses the <emphasis "
1922
1896
"role=\"italic\">.local</emphasis> syntax. In order to join the domain the "
1923
"<emphasis>\"mdns4\"</emphasis> entry from the <emphasis>hosts</emphasis> "
1924
"option. For example:"
1897
"<emphasis>\"mdns4\"</emphasis> entry should be removed from the "
1898
"<emphasis>hosts</emphasis> option. For example:"
1925
1899
msgstr ""
1926
"当加入 Ubuntu 桌面工作站到域时,如果您的活动目录域使用 <emphasis role=\"italic\">.local</emphasis> "
1927
"语法,则可能需要编辑 <filename>/etc/nsswitch.conf</filename>。 "
1928
"为了加入域,<emphasis>hosts</emphasis> 选项中的 <emphasis>\"mdns4\"</emphasis> 项,如:"
1929
1900
1930
#: serverguide/C/windows-networking.xml:1495(programlisting)
1901
#: serverguide/C/windows-networking.xml:1497(programlisting)
1931
1902
#, no-wrap
1932
1903
msgid ""
1933
1904
"\n"
1936
1907
"\n"
1937
1908
"hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4\n"
1938
1909
1939
#: serverguide/C/windows-networking.xml:1499(para)
1910
#: serverguide/C/windows-networking.xml:1501(para)
1940
1911
msgid "Change the above to:"
1941
1912
msgstr "将以上修改为:"
1942
1913
1943
#: serverguide/C/windows-networking.xml:1503(programlisting)
1914
#: serverguide/C/windows-networking.xml:1505(programlisting)
1944
1915
#, no-wrap
1945
1916
msgid ""
1946
1917
"\n"
1949
1920
"\n"
1950
1921
"hosts: files dns [NOTFOUND=return]\n"
1951
1922
1952
#: serverguide/C/windows-networking.xml:1507(para)
1923
#: serverguide/C/windows-networking.xml:1509(para)
1953
1924
msgid "Then restart networking by entering:"
1954
1925
msgstr "然后,重启 networking 服务:"
1955
1926
1956
#: serverguide/C/windows-networking.xml:1512(command) serverguide/C/network-config.xml:237(command)
1927
#: serverguide/C/windows-networking.xml:1514(command) serverguide/C/network-config.xml:559(command)
1957
1928
msgid "sudo /etc/init.d/networking restart"
1958
1929
msgstr "sudo /etc/init.d/networking restart"
1959
1930
1960
#: serverguide/C/windows-networking.xml:1515(para)
1931
#: serverguide/C/windows-networking.xml:1517(para)
1961
1932
msgid "You should now be able to join the Active Directory domain."
1962
1933
msgstr "现在您应该可以加入到活动目录域。"
1963
1934
1964
#: serverguide/C/windows-networking.xml:1523(title)
1935
#: serverguide/C/windows-networking.xml:1525(title)
1965
1936
msgid "Microsoft DNS"
1966
1937
msgstr "Microsoft DNS"
1967
1938
1968
#: serverguide/C/windows-networking.xml:1525(para)
1939
#: serverguide/C/windows-networking.xml:1527(para)
1969
1940
msgid ""
1970
1941
"The following are instructions for installing DNS on an Active Directory "
1971
1942
"domain controller running Windows Server 2003, but the instructions should "
1972
1943
"be similar for other versions:"
1973
1944
msgstr "如下操作步骤,是在运行 Windows Server 2003 的活动目录域控制器上安装 DNS。 在其它版本上,这些操作步骤大致相同:"
1974
1945
1975
#: serverguide/C/windows-networking.xml:1532(para)
1946
#: serverguide/C/windows-networking.xml:1536(para)
1976
1947
msgid ""
1977
1948
"Click "
1978
1949
"<menuchoice><guimenuitem>Start</guimenuitem><guimenuitem>Administrative Tools"
1979
"</guimenuitem><guimenuitem>Manager Your Server</guimenuitem></menuchoice>. "
1950
"</guimenuitem><guimenuitem>Manage Your Server</guimenuitem></menuchoice>. "
1980
1951
"This will open the <application>Server Role Mangement</application> utility."
1981
1952
msgstr ""
1982
"点击 "
1983
"<menuchoice><guimenuitem>开始</guimenuitem><guimenuitem>管理工具</guimenuitem><guim"
1984
"enuitem>配置您的服务器向导</guimenuitem></menuchoice>,这将运行 "
1985
"<application>服务器角色管理</application> 程序。"
1986
1987
#: serverguide/C/windows-networking.xml:1540(para)
1988
msgid "Click Add or remove a role"
1989
msgstr "点击添加/删除角色"
1990
1991
#: serverguide/C/windows-networking.xml:1541(para) serverguide/C/windows-networking.xml:1543(para) serverguide/C/windows-networking.xml:1546(para)
1953
1954
#: serverguide/C/windows-networking.xml:1544(para)
1955
msgid "Click <guilabel>Add or remove a role</guilabel>"
1956
msgstr ""
1957
1958
#: serverguide/C/windows-networking.xml:1545(para) serverguide/C/windows-networking.xml:1547(para) serverguide/C/windows-networking.xml:1550(para)
1992
1959
msgid "Click Next"
1993
1960
msgstr "点击下一步"
1994
1961
1995
#: serverguide/C/windows-networking.xml:1542(para)
1962
#: serverguide/C/windows-networking.xml:1546(para)
1996
1963
msgid "Select \"DNS Server\""
1997
1964
msgstr "选择 ”DNS 服务器“"
1998
1965
1999
#: serverguide/C/windows-networking.xml:1544(para)
2000
msgid "Next"
2001
msgstr "下一个"
1966
#: serverguide/C/windows-networking.xml:1548(para)
1967
msgid "Click Next again to proceed"
1968
msgstr ""
2002
1969
2003
#: serverguide/C/windows-networking.xml:1545(para)
1970
#: serverguide/C/windows-networking.xml:1549(para)
2004
1971
msgid "Select \"Create a forward lookup zone\" if it is not selected."
2005
1972
msgstr "如果 “创建正向查找区域” 项未被选取,则选取。"
2006
1973
2007
#: serverguide/C/windows-networking.xml:1547(para)
1974
#: serverguide/C/windows-networking.xml:1551(para)
2008
1975
msgid ""
2009
1976
"Make sure \"This server maintains the zone\" is selected and click Next."
2010
1977
msgstr "确保 “这台服务器维护该区域” 项被选取,点击下一步。"
2011
1978
2012
#: serverguide/C/windows-networking.xml:1548(para)
1979
#: serverguide/C/windows-networking.xml:1552(para)
2013
1980
msgid "Enter your domain name and click Next"
2014
1981
msgstr "输入域名,点击下一步"
2015
1982
2016
#: serverguide/C/windows-networking.xml:1549(para) serverguide/C/windows-networking.xml:1550(para)
1983
#: serverguide/C/windows-networking.xml:1553(para)
2017
1984
msgid "Click Next to \"Allow only secure dynamic updates\""
2018
1985
msgstr "选取 “只允许安全的动态更新”,点击下一步"
2019
1986
2020
#: serverguide/C/windows-networking.xml:1552(para)
1987
#: serverguide/C/windows-networking.xml:1555(para)
2021
1988
msgid ""
2022
1989
"Enter the IP for DNS servers to forward queries to, or Select \"No, it "
2023
1990
"should not forward queries\" and click Next."
2024
1991
msgstr "输入 DNS 服务要转发查询的目的 IP 地址,或选择 “否,不向前转发查询”, 点击下一步。"
2025
1992
2026
#: serverguide/C/windows-networking.xml:1556(para) serverguide/C/windows-networking.xml:1557(para)
1993
#: serverguide/C/windows-networking.xml:1559(para) serverguide/C/windows-networking.xml:1560(para)
2027
1994
msgid "Click Finish"
2028
1995
msgstr "点击完成"
2029
1996
2030
#: serverguide/C/windows-networking.xml:1559(para)
1997
#: serverguide/C/windows-networking.xml:1562(para)
2031
1998
msgid ""
2032
1999
"DNS is now installed and can be further configured using the "
2033
2000
"<application>Microsoft Management Console</application> DNS snap-in."
2034
2001
msgstr ""
2035
2002
"DNS 安装完成,并可以使用 <application>微软管理控制台(mmc)</application> DNS 管理单元作进一步配置。"
2036
2003
2037
#: serverguide/C/windows-networking.xml:1567(para)
2004
#: serverguide/C/windows-networking.xml:1570(para)
2038
2005
msgid "Click Start"
2039
2006
msgstr "点击开始菜单"
2040
2007
2041
#: serverguide/C/windows-networking.xml:1568(para)
2008
#: serverguide/C/windows-networking.xml:1571(para)
2042
2009
msgid "Control Panel"
2043
2010
msgstr "控制面板"
2044
2011
2045
#: serverguide/C/windows-networking.xml:1569(para)
2012
#: serverguide/C/windows-networking.xml:1572(para)
2046
2013
msgid "Network Connections"
2047
2014
msgstr "网络连接"
2048
2015
2049
#: serverguide/C/windows-networking.xml:1570(para)
2016
#: serverguide/C/windows-networking.xml:1573(para)
2050
2017
msgid "Right Click \"Local Area Connection\""
2051
2018
msgstr "右键点击 “本地连接”"
2052
2019
2053
#: serverguide/C/windows-networking.xml:1571(para)
2020
#: serverguide/C/windows-networking.xml:1574(para)
2054
2021
msgid "Click Properties"
2055
2022
msgstr "点击属性"
2056
2023
2057
#: serverguide/C/windows-networking.xml:1572(para)
2024
#: serverguide/C/windows-networking.xml:1575(para)
2058
2025
msgid "Double click \"Internet Protocol (TCP/IP)\""
2059
2026
msgstr "双击 \"Internet Protocol (TCP/IP)\""
2060
2027
2061
#: serverguide/C/windows-networking.xml:1573(para)
2028
#: serverguide/C/windows-networking.xml:1576(para)
2062
2029
msgid "Enter the Server's IP Address as the \"Preferred DNS server\""
2063
2030
msgstr "输入服务器 IP 地址作为 “首选 DNS 服务器”"
2064
2031
2065
#: serverguide/C/windows-networking.xml:1574(para)
2032
#: serverguide/C/windows-networking.xml:1577(para)
2066
2033
msgid "Click Ok"
2067
2034
msgstr "点击确定"
2068
2035
2069
#: serverguide/C/windows-networking.xml:1575(para)
2036
#: serverguide/C/windows-networking.xml:1578(para)
2070
2037
msgid "Click Ok again to save the settings"
2071
2038
msgstr "再次点击确定以保存设置"
2072
2039
2073
#: serverguide/C/windows-networking.xml:1564(para)
2040
#: serverguide/C/windows-networking.xml:1567(para)
2074
2041
msgid ""
2075
2042
"Next, configure the Server to use itself for DNS queries: <placeholder-1/>"
2076
2043
msgstr "接下来,配置服务器使用自己的 DNS 查询:<placeholder-1/>"
2077
2044
2078
#: serverguide/C/windows-networking.xml:1582(title) serverguide/C/web-servers.xml:624(title) serverguide/C/web-servers.xml:766(title) serverguide/C/web-servers.xml:910(title) serverguide/C/web-servers.xml:1002(title) serverguide/C/web-servers.xml:1218(title) serverguide/C/vpn.xml:291(title) serverguide/C/virtualization.xml:1303(title) serverguide/C/virtualization.xml:1492(title) serverguide/C/vcs.xml:536(title) serverguide/C/security.xml:935(title) serverguide/C/security.xml:1264(title) serverguide/C/security.xml:1679(title) serverguide/C/security.xml:1870(title) serverguide/C/remote-administration.xml:203(title) serverguide/C/package-management.xml:432(title) serverguide/C/other-apps.xml:381(title) serverguide/C/network-config.xml:672(title) serverguide/C/monitoring.xml:391(title) serverguide/C/monitoring.xml:522(title) serverguide/C/mail.xml:444(title) serverguide/C/mail.xml:625(title) serverguide/C/mail.xml:772(title) serverguide/C/mail.xml:1189(title) serverguide/C/mail.xml:1611(title) serverguide/C/lamp-applications.xml:259(title) serverguide/C/lamp-applications.xml:369(title) serverguide/C/lamp-applications.xml:471(title) serverguide/C/file-server.xml:284(title) serverguide/C/file-server.xml:431(title) serverguide/C/file-server.xml:611(title) serverguide/C/dns.xml:572(title) serverguide/C/clustering.xml:234(title) serverguide/C/chat.xml:107(title) serverguide/C/chat.xml:216(title) serverguide/C/backups.xml:297(title)
2045
#: serverguide/C/windows-networking.xml:1585(title) serverguide/C/web-servers.xml:624(title) serverguide/C/web-servers.xml:772(title) serverguide/C/web-servers.xml:922(title) serverguide/C/web-servers.xml:1017(title) serverguide/C/web-servers.xml:1239(title) serverguide/C/vpn.xml:303(title) serverguide/C/virtualization.xml:1840(title) serverguide/C/virtualization.xml:2165(title) serverguide/C/vcs.xml:539(title) serverguide/C/security.xml:877(title) serverguide/C/security.xml:1211(title) serverguide/C/security.xml:1626(title) serverguide/C/security.xml:1817(title) serverguide/C/remote-administration.xml:203(title) serverguide/C/package-management.xml:454(title) serverguide/C/other-apps.xml:330(title) serverguide/C/network-config.xml:1006(title) serverguide/C/network-config.xml:1107(title) serverguide/C/monitoring.xml:391(title) serverguide/C/monitoring.xml:527(title) serverguide/C/mail.xml:459(title) serverguide/C/mail.xml:643(title) serverguide/C/mail.xml:795(title) serverguide/C/mail.xml:1217(title) serverguide/C/mail.xml:1646(title) serverguide/C/lamp-applications.xml:259(title) serverguide/C/lamp-applications.xml:388(title) serverguide/C/lamp-applications.xml:496(title) serverguide/C/file-server.xml:284(title) serverguide/C/file-server.xml:436(title) serverguide/C/file-server.xml:619(title) serverguide/C/dns.xml:572(title) serverguide/C/clustering.xml:234(title) serverguide/C/chat.xml:107(title) serverguide/C/chat.xml:221(title) serverguide/C/backups.xml:297(title)
2079
2046
msgid "References"
2080
2047
msgstr "参考资料"
2081
2048
2082
#: serverguide/C/windows-networking.xml:1584(para)
2049
#: serverguide/C/windows-networking.xml:1587(para)
2083
2050
msgid ""
2084
2051
"Please refer to the <ulink "
2085
2052
"url=\"http://www.likewisesoftware.com/\">Likewise</ulink> home page for "
2087
2054
msgstr ""
2088
2055
"更多信息请参见<ulink url=\"http://www.likewisesoftware.com/\">Likewise</ulink>的主页。"
2089
2056
2090
#: serverguide/C/windows-networking.xml:1588(para)
2057
#: serverguide/C/windows-networking.xml:1591(para)
2091
2058
msgid ""
2092
2059
"For more <application>domainjoin-cli</application> options see the man page: "
2093
2060
"<command>man domainjoin-cli</command>."
2095
2062
"更多有关 <application>domainjoin-cli</application> 的选项,请查阅使用手册 <command>man "
2096
2063
"domainjoin-cli</command>。"
2097
2064
2065
#: serverguide/C/windows-networking.xml:1595(para)
2066
msgid ""
2067
"Also, see the <ulink "
2068
"url=\"https://help.ubuntu.com/community/LikewiseOpen\">Ubuntu Wiki "
2069
"LikewiseOpen</ulink> page."
2070
msgstr ""
2071
2098
2072
#: serverguide/C/web-servers.xml:13(title)
2099
2073
msgid "Web Servers"
2100
2074
msgstr "Web 服务器"
2170
2144
2171
2145
#: serverguide/C/web-servers.xml:42(para)
2172
2146
msgid ""
2173
"The Apache2 web server is available in Ubuntu Linux. To install Apache2:"
2174
msgstr "Apache2 web 服务器在 Ubuntu Linux 中是可用的。要安装 Apache2:"
2147
"The <application>Apache2</application> web server is available in Ubuntu "
2148
"Linux. To install Apache2:"
2149
msgstr ""
2175
2150
2176
2151
#: serverguide/C/web-servers.xml:48(para)
2177
2152
msgid "At a terminal prompt enter the following command:"
2184
2159
#: serverguide/C/web-servers.xml:63(para)
2185
2160
msgid ""
2186
2161
"Apache2 is configured by placing <emphasis>directives</emphasis> in plain "
2187
"text configuration files. The configuration files are separated between the "
2188
"following files and directories:"
2189
msgstr "Apache2 由 以纯文本 <emphasis>指令</emphasis> 配置文件所安装。配置文件被以下文件和目录之间所分开:"
2162
"text configuration files. These <emphasis>directives</emphasis> are "
2163
"separated between the following files and directories:"
2164
msgstr ""
2190
2165
2191
2166
#: serverguide/C/web-servers.xml:71(para)
2192
2167
msgid ""
2199
2174
#: serverguide/C/web-servers.xml:77(para)
2200
2175
msgid ""
2201
2176
"<emphasis>conf.d:</emphasis> contains configuration files which apply "
2202
"<emphasis>globally</emphasis> to Apache. Other packages that use Apache2 to "
2177
"<emphasis>globally</emphasis> to Apache2. Other packages that use Apache2 to "
2203
2178
"serve content may add files, or symlinks, to this directory."
2204
2179
msgstr ""
2205
"<emphasis>conf.d:</emphasis> 包含的配置文件适合用于 <emphasis>全球的</emphasis> "
2206
"Apache。其它软件包使用 Apache2 服务内容可以添加文件,符号链接到此目录。"
2207
2180
2208
2181
#: serverguide/C/web-servers.xml:83(para)
2209
2182
msgid ""
2253
2226
#: serverguide/C/web-servers.xml:113(para)
2254
2227
msgid ""
2255
2228
"<emphasis>sites-available:</emphasis> this directory has configuration files "
2256
"for Apache <emphasis>Virtual Hosts</emphasis>. Virtual Hosts allow Apache2 "
2229
"for Apache2 <emphasis>Virtual Hosts</emphasis>. Virtual Hosts allow Apache2 "
2257
2230
"to be configured for multiple sites that have separate configurations."
2258
2231
msgstr ""
2259
"<emphasis>sites-available:</emphasis>此目录已为 Apache 配置文件 <emphasis> 虚拟主机 "
2260
"</emphasis>。虚拟主机允许 Apache2 为多站点安装文件所配置。"
2261
2232
2262
2233
#: serverguide/C/web-servers.xml:119(para)
2263
2234
msgid ""
2264
2235
"<emphasis>sites-enabled:</emphasis> like mods-enabled, <filename "
2265
2236
"role=\"directory\">sites-enabled</filename> contains symlinks to the "
2266
2237
"<filename>/etc/apache2/sites-available</filename> directory. Similarly when "
2267
"a configuration file in sites-available is symlinked it will be active once "
2268
"Apache is restarted."
2238
"a configuration file in sites-available is symlinked, the site configured by "
2239
"it will be active once Apache2 is restarted."
2269
2240
msgstr ""
2270
"<emphasis>sites-enabled:</emphasis>跟mods-enabled一样,<filename "
2271
"role=\"directory\">sites-enabled</filename>包含了指向 "
2272
"<filename>/etc/apache2/sites-available</filename>符号链接的目录。类似于当链接了sites-"
2273
"available 的配置文件时,这个配置会在Apache重新启动的时候产生作用。"
2274
2241
2275
2242
#: serverguide/C/web-servers.xml:127(para)
2276
2243
msgid ""
2430
2397
2431
2398
#: serverguide/C/web-servers.xml:242(para)
2432
2399
msgid ""
2433
"The <emphasis>DocumentRoot</emphasis> directive specifies where Apache "
2400
"The <emphasis>DocumentRoot</emphasis> directive specifies where Apache2 "
2434
2401
"should look for the files that make up the site. The default value is "
2435
2402
"/var/www. No site is configured there, but if you uncomment the "
2436
2403
"<emphasis>RedirectMatch</emphasis> directive in "
2439
2406
"this value in your site's virtual host file, and remember to create that "
2440
2407
"directory if necessary!"
2441
2408
msgstr ""
2442
"<emphasis>DocumentRoot</emphasis> 语句指定 Apache 将到哪儿去寻找站点文件,缺省值为 "
2443
"/var/www。没有站点配置在那里,但如果您反注释在 <filename>/etc/apache2/apache2.conf</filename> "
2444
"中的 <emphasis>RedirectMatch</emphasis> 语句,请求将被重定向到 /var/www/apache2-"
2445
"default,那里是缺省的 Apache2 站点。在您站点的虚拟主机文件中改变该值,记住在必要时可以创建相应的目录!"
2446
2409
2447
2410
#: serverguide/C/web-servers.xml:254(para)
2448
2411
msgid ""
2456
2419
#: serverguide/C/web-servers.xml:260(para)
2457
2420
msgid ""
2458
2421
"Enable the new <emphasis>VirtualHost</emphasis> using the "
2459
"<application>a2ensite</application> utility and restart Apache:"
2422
"<application>a2ensite</application> utility and restart Apache2:"
2460
2423
msgstr ""
2461
"启动新的 <emphasis> 虚拟主机 </emphasis> 使用 <application> a2ensite </application> "
2462
"工具和重启 Apache:"
2463
2424
2464
2425
#: serverguide/C/web-servers.xml:266(command)
2465
2426
msgid "sudo a2ensite mynewsite"
2466
2427
msgstr "sudo a2ensite mynewsite"
2467
2428
2468
#: serverguide/C/web-servers.xml:267(command) serverguide/C/web-servers.xml:285(command) serverguide/C/web-servers.xml:538(command) serverguide/C/web-servers.xml:547(command) serverguide/C/web-servers.xml:606(command) serverguide/C/mail.xml:904(command) serverguide/C/lamp-applications.xml:228(command)
2429
#: serverguide/C/web-servers.xml:267(command) serverguide/C/web-servers.xml:285(command) serverguide/C/web-servers.xml:538(command) serverguide/C/web-servers.xml:547(command) serverguide/C/web-servers.xml:606(command) serverguide/C/mail.xml:932(command) serverguide/C/lamp-applications.xml:228(command)
2469
2430
msgid "sudo /etc/init.d/apache2 restart"
2470
2431
msgstr "sudo /etc/init.d/apache2 restart"
2471
2432
2521
2482
"does not and the Indexes option is specified, or a Permission Denied page if "
2522
2483
"neither is true. The server will try to find one of the files listed in the "
2523
2484
"DirectoryIndex directive and will return the first one it finds. If it does "
2524
"not find any of these files and if Options Indexes is set for that "
2525
"directory, the server will generate and return a list, in HTML format, of "
2526
"the subdirectories and files in the directory. The default value, found in "
2527
"<filename>/etc/apache2/apache2.conf</filename> is \" index.html index.cgi "
2528
"index.pl index.php index.xhtml\". Thus, if Apache2 finds a file in a "
2529
"requested directory matching any of these names, the first will be displayed."
2485
"not find any of these files and if <emphasis>Options Indexes</emphasis> is "
2486
"set for that directory, the server will generate and return a list, in HTML "
2487
"format, of the subdirectories and files in the directory. The default value, "
2488
"found in <filename>/etc/apache2/mods-available/dir.conf</filename> is "
2489
"\"index.html index.cgi index.pl index.php index.xhtml index.htm\". Thus, if "
2490
"Apache2 finds a file in a requested directory matching any of these names, "
2491
"the first will be displayed."
2530
2492
msgstr ""
2531
"例如,当一个用户请求 http://www.example.com/this_directory/ 页时,他或她要么得到 DirectoryIndex "
2532
"页,如果它存在的话;要么得到一个服务器生成的目录列表,如果它不存在且设置了 Indexes 选项的话;要么就得到一个无权访问页,如果它不存在且没有设置 "
2533
"Indexes 选项的话。服务器尝试找到在 DirectoryIndex "
2534
"语句中所列文件之一,并返回它所找到的第一个。如果它没有找到任何一个文件且该目录设置了 Indexes 选项,服务器将生成并返回一个 HTML "
2535
"格式的列表,包括该目录中的子目录和文件。缺省值可以在 <filename>/etc/apache2/apache2.conf</filename> "
2536
"文件中找到,是 \" index.html index.cgi index.pl index.php index.xhtml\"。因此,如果 "
2537
"Apache2 在所请求的目录中找到任何一个匹配这些名字的文件,第一个将被显示。"
2538
2493
2539
2494
#: serverguide/C/web-servers.xml:332(para)
2540
2495
msgid ""
2541
2496
"The <emphasis>ErrorDocument</emphasis> directive allows you to specify a "
2542
"file for Apache to use for specific error events. For example, if a user "
2497
"file for Apache2 to use for specific error events. For example, if a user "
2543
2498
"requests a resource that does not exist, a 404 error will occur, and per "
2544
2499
"Apache2's default configuration, the file "
2545
2500
"<filename>/usr/share/apache2/error/HTTP_NOT_FOUND.html.var </filename> will "
2548
2503
"redirects requests to the /error directory to "
2549
2504
"<filename>/usr/share/apache2/error/</filename>."
2550
2505
msgstr ""
2551
"这<emphasis>错误文档</emphasis>指令允许你指定 Apache 使用特定错误事件文档。例如,如果用户请求某资源不存在,就会出现 404 "
2552
"错误,每个 Apache2 的设置都会默认显示 <filename> "
2553
"/usr/share/apache2/error/HTTP_NOT_FOUND.html.var "
2554
"</filename>文件。此文件不存放在服务器的启动文档里,但有个别名指令在<filename>/etc/apache2/apache2.conf</f"
2555
"ilename> 重定向请求从 /error 目录到<filename>/usr/share/apache2/error/</filename>。"
2556
2506
2557
2507
#: serverguide/C/web-servers.xml:344(para)
2558
2508
msgid ""
2754
2704
msgstr "Group 语句同 User 语句相似。Group 设置被服务器用于回应请求的用户组。缺省的组也是 www-data。"
2755
2705
2756
2706
#: serverguide/C/web-servers.xml:496(title)
2757
msgid "Apache Modules"
2758
msgstr "Apache 模块"
2707
msgid "Apache2 Modules"
2708
msgstr ""
2759
2709
2760
2710
#: serverguide/C/web-servers.xml:498(para)
2761
2711
msgid ""
2762
"Apache is a modular server. This implies that only the most basic "
2712
"Apache2 is a modular server. This implies that only the most basic "
2763
2713
"functionality is included in the core server. Extended features are "
2764
"available through modules which can be loaded into Apache. By default, a "
2714
"available through modules which can be loaded into Apache2. By default, a "
2765
2715
"base set of modules is included in the server at compile-time. If the server "
2766
2716
"is compiled to use dynamically loaded modules, then modules can be compiled "
2767
2717
"separately, and added at any time using the LoadModule directive. Otherwise, "
2768
"Apache must be recompiled to add or remove modules."
2718
"Apache2 must be recompiled to add or remove modules."
2769
2719
msgstr ""
2770
"Aphache 是一种模块化服务器。这意味着,只有最基本功能包括在核心服务器上。扩展功能都可以通过模块加载到 Apache "
2771
"。默认情况下,服务器上编译时间包括基本模块化的设置。如果该服务器使用动态编译来加载模块,那么该模块可以单独编译,并在任何时候增加使用加载模块指令。否则, "
2772
"必须重新编译 Apache 来添加或卸载模块。"
2773
2720
2774
2721
#: serverguide/C/web-servers.xml:510(para)
2775
2722
msgid ""
2851
2798
msgid ""
2852
2799
"There is a default HTTPS configuration file in <filename>/etc/apache2/sites-"
2853
2800
"available/default-ssl</filename>. In order for "
2854
"<application>Apache</application> to provide HTTPS, a "
2801
"<application>Apache2</application> to provide HTTPS, a "
2855
2802
"<emphasis>certificate</emphasis> and <emphasis>key</emphasis> file are also "
2856
2803
"needed. The default HTTPS configuration will use a certificate and key "
2857
2804
"generated by the <application>ssl-cert</application> package. They are good "
2860
2807
"generating a key and obtaining a certificate see <xref "
2861
2808
"linkend=\"certificates-and-security\"/>"
2862
2809
msgstr ""
2863
"<filename>/etc/apache2/sites-available/default-ssl</filename> 中有一个默认的 HTTPS "
2864
"配置文件。 为使 Apache 提供 HTTPS,还需要 <emphasis>证书</emphasis> 和 "
2865
"<emphasis>密钥</emphasis> 文件。 默认的 HTTPS 配置文件将使用 <application>ssl-"
2866
"cert</application> 程序生成的证书和密钥。 "
2867
"由程序生成的证书和密钥,很适合测试服务器所用,但这种自动生成的证书和密钥必须由站点或服务所特定的证书替代。 更多有关生成密钥与获取证书,请参考 "
2868
"<xref linkend=\"certificates-and-security\"/>"
2869
2810
2870
2811
#: serverguide/C/web-servers.xml:584(para)
2871
2812
msgid ""
2872
"To configure <application>Apache</application> for HTTPS, enter the "
2813
"To configure <application>Apache2</application> for HTTPS, enter the "
2873
2814
"following:"
2874
msgstr "要配置 <application>Apache</application> 支持 HTTPS, 输入如下:"
2815
msgstr ""
2875
2816
2876
2817
#: serverguide/C/web-servers.xml:589(command)
2877
2818
msgid "sudo a2ensite default-ssl"
2892
2833
2893
2834
#: serverguide/C/web-servers.xml:600(para)
2894
2835
msgid ""
2895
"With Apache now configured for HTTPS, restart the service to enable the new "
2836
"With Apache2 now configured for HTTPS, restart the service to enable the new "
2896
2837
"settings:"
2897
msgstr "Apache 已经配置为支持 HTTPS,重启服务以使用新的设置:"
2838
msgstr ""
2898
2839
2899
2840
#: serverguide/C/web-servers.xml:611(para)
2900
2841
msgid ""
2901
2842
"Depending on how you obtained your certificate you may need to enter a "
2902
"passphrase when <application>Apache</application> starts."
2903
msgstr "取决于你怎么获得你的证书,你可能需要在<application>Apache</application>开始时输入密码。"
2843
"passphrase when <application>Apache2</application> starts."
2844
msgstr ""
2904
2845
2905
2846
#: serverguide/C/web-servers.xml:617(para)
2906
2847
msgid ""
2946
2887
"url=\"http://freenode.net/\">freenode.net</ulink> 的 <emphasis>#ubuntu-"
2947
2888
"server</emphasis> IRC 频道。"
2948
2889
2949
#: serverguide/C/web-servers.xml:658(title)
2890
#: serverguide/C/web-servers.xml:653(para)
2891
msgid ""
2892
"Usually integrated with PHP and MySQL the <ulink "
2893
"url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache MySQL PHP "
2894
"Ubuntu Wiki </ulink> page is a good resource."
2895
msgstr ""
2896
2897
#: serverguide/C/web-servers.xml:664(title)
2950
2898
msgid "PHP5 - Scripting Language"
2951
2899
msgstr "PHP5 - 脚本语言"
2952
2900
2953
#: serverguide/C/web-servers.xml:659(para)
2901
#: serverguide/C/web-servers.xml:665(para)
2954
2902
msgid ""
2955
2903
"PHP is a general-purpose scripting language suited for Web development. The "
2956
2904
"PHP script can be embedded into HTML. This section explains how to install "
2959
2907
"PHP 是一种适合 Web 开发的通用脚本语言。PHP 脚本可以被嵌入 HTML 之中。本节解释了如何在已有 Apache2 和 MySQL 的 "
2960
2908
"Ubuntu 系统中安装和配置 PHP5。"
2961
2909
2962
#: serverguide/C/web-servers.xml:663(para)
2910
#: serverguide/C/web-servers.xml:669(para)
2963
2911
msgid ""
2964
"This section assumes you have installed and configured Apache 2 Web Server "
2965
"and MySQL Database Server. You can refer to Apache 2 section and MySQL "
2966
"sections in this document to install and configure Apache 2 and MySQL "
2912
"This section assumes you have installed and configured Apache2 Web Server "
2913
"and MySQL Database Server. You can refer to Apache2 section and MySQL "
2914
"sections in this document to install and configure Apache2 and MySQL "
2967
2915
"respectively."
2968
2916
msgstr ""
2969
"本节假设您已经安装了配置了 Apache 2 Web 服务器和 MySQL 数据库服务器。您可以参考本文档中的 Apache 2 部分和 MySQL "
2970
"部分来分别安装和配置 Apache 2 和 MySQL。"
2971
2917
2972
#: serverguide/C/web-servers.xml:670(para)
2918
#: serverguide/C/web-servers.xml:676(para)
2973
2919
msgid "The PHP5 is available in Ubuntu Linux."
2974
2920
msgstr "Ubuntu Linux 中可以使用 PHP5。"
2975
2921
2976
#: serverguide/C/web-servers.xml:672(para)
2922
#: serverguide/C/web-servers.xml:678(para)
2977
2923
msgid ""
2978
2924
"To install PHP5 you can enter the following command in the terminal prompt: "
2979
2925
"<screen>\n"
2984
2930
"<command>sudo apt-get install php5 libapache2-mod-php5</command>\n"
2985
2931
"</screen>"
2986
2932
2987
#: serverguide/C/web-servers.xml:681(para)
2933
#: serverguide/C/web-servers.xml:687(para)
2988
2934
msgid ""
2989
2935
"You can run PHP5 scripts from command line. To run PHP5 scripts from command "
2990
2936
"line you should install <application>php5-cli</application> package. To "
2998
2944
"<command>sudo apt-get install php5-cli</command>\n"
2999
2945
"</screen>"
3000
2946
3001
#: serverguide/C/web-servers.xml:690(para)
2947
#: serverguide/C/web-servers.xml:696(para)
3002
2948
msgid ""
3003
2949
"You can also execute PHP5 scripts without installing PHP5 Apache module. To "
3004
2950
"accomplish this, you should install <application>php5-cgi</application> "
3013
2959
"<command>sudo apt-get install php5-cgi</command>\n"
3014
2960
"</screen>"
3015
2961
3016
#: serverguide/C/web-servers.xml:700(para)
2962
#: serverguide/C/web-servers.xml:706(para)
3017
2963
msgid ""
3018
2964
"To use <application>MySQL</application> with PHP5 you should install "
3019
2965
"<application>php5-mysql</application> package. To install <application>php5-"
3027
2973
"<command>sudo apt-get install php5-mysql</command>\n"
3028
2974
"</screen>"
3029
2975
3030
#: serverguide/C/web-servers.xml:708(para)
2976
#: serverguide/C/web-servers.xml:714(para)
3031
2977
msgid ""
3032
2978
"Similarly, to use <application>PostgreSQL</application> with PHP5 you should "
3033
2979
"install <application>php5-pgsql</application> package. To install "
3041
2987
"<command>sudo apt-get install php5-pgsql</command>\n"
3042
2988
"</screen>"
3043
2989
3044
#: serverguide/C/web-servers.xml:721(para)
2990
#: serverguide/C/web-servers.xml:727(para)
3045
2991
msgid ""
3046
2992
"Once you install PHP5, you can run PHP5 scripts from your web browser. If "
3047
2993
"you have installed <application>php5-cli</application> package, you can run "
3050
2996
"当你安装了PHP5后,你就可以在你的浏览器里运行PHP5脚本了。而且,如果你也安装了<application>php5-"
3051
2997
"cli</application>软件包,你就可以在命令提示符下运行PHP5脚本了。"
3052
2998
3053
#: serverguide/C/web-servers.xml:728(para)
2999
#: serverguide/C/web-servers.xml:734(para)
3054
3000
msgid ""
3055
3001
"By default, the Apache 2 Web server is configured to run PHP5 scripts. In "
3056
3002
"other words, the PHP5 module is enabled in Apache2 Web server automatically "
3065
3011
"<filename>/etc/apache2/mods-enabled/php5.load</filename> "
3066
3012
"文件是否存在。如果它们不存在的话,您可以使用 <command>a2enmod</command> 命令来加载模块。"
3067
3013
3068
#: serverguide/C/web-servers.xml:739(para)
3014
#: serverguide/C/web-servers.xml:745(para)
3069
3015
msgid ""
3070
3016
"Once you install PHP5 related packages and enabled PHP5 Apache 2 module, you "
3071
3017
"should restart Apache2 Web server to run PHP5 scripts. You can run the "
3076
3022
"脚本。您可以在终端输入以下命令来重启您的 web 服务器:<screen><command>sudo /etc/init.d/apache2 "
3077
3023
"restart</command> </screen>"
3078
3024
3079
#: serverguide/C/web-servers.xml:747(title) serverguide/C/mail.xml:305(title) serverguide/C/mail.xml:1534(title) serverguide/C/dns.xml:343(title) serverguide/C/clustering.xml:184(title)
3025
#: serverguide/C/web-servers.xml:753(title) serverguide/C/mail.xml:320(title) serverguide/C/mail.xml:1569(title) serverguide/C/dns.xml:343(title) serverguide/C/clustering.xml:184(title)
3080
3026
msgid "Testing"
3081
3027
msgstr "测试"
3082
3028
3083
#: serverguide/C/web-servers.xml:748(para)
3029
#: serverguide/C/web-servers.xml:754(para)
3084
3030
msgid ""
3085
3031
"To verify your installation, you can run following PHP5 phpinfo script:"
3086
3032
msgstr "您可以运行如下的 PHP5 phpinfo 脚本来验证您的安装:"
3087
3033
3088
#: serverguide/C/web-servers.xml:751(programlisting)
3034
#: serverguide/C/web-servers.xml:757(programlisting)
3089
3035
#, no-wrap
3090
3036
msgid ""
3091
3037
"\n"
3098
3044
" phpinfo();\n"
3099
3045
"?>\n"
3100
3046
3101
#: serverguide/C/web-servers.xml:756(para)
3047
#: serverguide/C/web-servers.xml:762(para)
3102
3048
msgid ""
3103
3049
"You can save the content in a file <filename>phpinfo.php</filename> and "
3104
3050
"place it under <command>DocumentRoot</command> directory of Apache2 Web "
3110
3056
"<command>DocumentRoot</command> 目录下。当把您的浏览器指向 "
3111
3057
"<filename>http://hostname/phpinfo.php</filename> 后,将会显示 PHP5 的各种配置参数的值。"
3112
3058
3113
#: serverguide/C/web-servers.xml:770(para)
3059
#: serverguide/C/web-servers.xml:776(para)
3114
3060
msgid ""
3115
3061
"For more in depth information see <ulink "
3116
3062
"url=\"http://www.php.net/docs.php\">php.net</ulink> documentation."
3117
3063
msgstr ""
3118
3064
"更多的高级应用资料请访问<ulink url=\"http://www.php.net/docs.php\">php.net</ulink> 文档。"
3119
3065
3120
#: serverguide/C/web-servers.xml:775(para)
3066
#: serverguide/C/web-servers.xml:781(para)
3121
3067
msgid ""
3122
3068
"There are a plethora of books on PHP. Two good books from O'Reilly are "
3123
3069
"<ulink url=\"http://oreilly.com/catalog/9780596005603/\">Learning PHP "
3129
3075
"5</ulink>和<ulink url=\"http://oreilly.com/catalog/9781565926813/\">PHP Cook "
3130
3076
"Book</ulink>。"
3131
3077
3132
#: serverguide/C/web-servers.xml:787(title)
3078
#: serverguide/C/web-servers.xml:788(para)
3079
msgid ""
3080
"Also, see the <ulink "
3081
"url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache MySQL PHP "
3082
"Ubuntu Wiki</ulink> page for more information."
3083
msgstr ""
3084
3085
#: serverguide/C/web-servers.xml:799(title)
3133
3086
msgid "Squid - Proxy Server"
3134
3087
msgstr "Squid - 代理服务器"
3135
3088
3136
#: serverguide/C/web-servers.xml:788(para)
3089
#: serverguide/C/web-servers.xml:800(para)
3137
3090
msgid ""
3138
3091
"Squid is a full-featured web proxy cache server application which provides "
3139
3092
"proxy and cache services for Hyper Text Transport Protocol (HTTP), File "
3150
3103
"的缓存以及进行传输缓存。Squid 也支持大量不同的缓存协议,如 Internet 缓存协议 (ICP)、超文本缓存协议 (HTCP)、缓存阵列路由协议 "
3151
3104
"(CARP) 以及 Web 缓存协同协议 (WCCP)。"
3152
3105
3153
#: serverguide/C/web-servers.xml:796(para)
3106
#: serverguide/C/web-servers.xml:808(para)
3154
3107
msgid ""
3155
3108
"The Squid proxy cache server is an excellent solution to a variety of proxy "
3156
3109
"and caching server needs, and scales from the branch office to enterprise "
3166
3119
"(SNMP) 对临界参数的监视。当选择计算机系统用于 Squid 代理或缓存服务器时,请确保您的系统配置大量的物理内存以便 Squid "
3167
3120
"可以使用内存进行缓存以提高性能。"
3168
3121
3169
#: serverguide/C/web-servers.xml:805(para)
3122
#: serverguide/C/web-servers.xml:817(para)
3170
3123
msgid ""
3171
3124
"At a terminal prompt, enter the following command to install the Squid "
3172
3125
"server:"
3173
3126
msgstr "在终端提示符后输入下列命令安装 Squid 服务器:"
3174
3127
3175
#: serverguide/C/web-servers.xml:810(command)
3128
#: serverguide/C/web-servers.xml:822(command)
3176
3129
msgid "sudo apt-get install squid"
3177
3130
msgstr "sudo apt-get install squid"
3178
3131
3179
#: serverguide/C/web-servers.xml:816(para)
3132
#: serverguide/C/web-servers.xml:828(para)
3180
3133
msgid ""
3181
3134
"Squid is configured by editing the directives contained within the "
3182
3135
"<filename>/etc/squid/squid.conf</filename> configuration file. The following "
3187
3140
"Squid 可以通过编辑在 <filename>/etc/squid/squid.conf</filename> "
3188
3141
"配置文件中的语句来进行配置。下面的范例说明一些语句的修改可能对 Squid 服务器的影响。更多 Squid 的配置可以参阅参考章节。"
3189
3142
3190
#: serverguide/C/web-servers.xml:822(para)
3143
#: serverguide/C/web-servers.xml:834(para)
3191
3144
msgid ""
3192
3145
"Prior to editing the configuration file, you should make a copy of the "
3193
3146
"original file and protect it from writing so you will have the original "
3194
3147
"settings as a reference, and to re-use as necessary."
3195
3148
msgstr "在编辑配置文件之前,您应该生成一份原始文件副本并对其进行写保护,以便您可以将原始文件作为参考并在必要时重用它。"
3196
3149
3197
#: serverguide/C/web-servers.xml:825(para)
3150
#: serverguide/C/web-servers.xml:837(para)
3198
3151
msgid ""
3199
3152
"Copy the <filename>/etc/squid/squid.conf</filename> file and protect it from "
3200
3153
"writing with the following commands entered at a terminal prompt:"
3201
3154
msgstr ""
3202
3155
"要拷贝 <filename>/etc/squid/squid.conf</filename> 文件并对其进行写保护,可以在终端提示符后使用以下命令:"
3203
3156
3204
#: serverguide/C/web-servers.xml:830(command)
3157
#: serverguide/C/web-servers.xml:842(command)
3205
3158
msgid "sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original"
3206
3159
msgstr "sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original"
3207
3160
3208
#: serverguide/C/web-servers.xml:831(command)
3161
#: serverguide/C/web-servers.xml:843(command)
3209
3162
msgid "sudo chmod a-w /etc/squid/squid.conf.original"
3210
3163
msgstr "sudo chmod a-w /etc/squid/squid.conf.original"
3211
3164
3212
#: serverguide/C/web-servers.xml:837(para)
3165
#: serverguide/C/web-servers.xml:849(para)
3213
3166
msgid ""
3214
3167
"To set your Squid server to listen on TCP port 8888 instead of the default "
3215
3168
"TCP port 3128, change the http_port directive as such:"
3216
3169
msgstr ""
3217
3170
"要将您的 Squid 服务器监听 TCP 端口 8888 以代替缺省的 TCP 端口 3128,可以如下所示修改 http_port 语句:"
3218
3171
3219
#: serverguide/C/web-servers.xml:841(programlisting)
3172
#: serverguide/C/web-servers.xml:853(programlisting)
3220
3173
#, no-wrap
3221
3174
msgid ""
3222
3175
"\n"
3225
3178
"\n"
3226
3179
"http_port 8888\n"
3227
3180
3228
#: serverguide/C/web-servers.xml:846(para)
3181
#: serverguide/C/web-servers.xml:858(para)
3229
3182
msgid ""
3230
3183
"Change the visible_hostname directive in order to give the Squid server a "
3231
3184
"specific hostname. This hostname does not necessarily need to be the "
3234
3187
"改变 visible_hostname 语句是为了给 Squid 服务器一个特定的主机名。该主机名并必是计算机的主机名。在本范例中它被设为 "
3235
3188
"<emphasis>weezie</emphasis>。"
3236
3189
3237
#: serverguide/C/web-servers.xml:850(programlisting)
3190
#: serverguide/C/web-servers.xml:862(programlisting)
3238
3191
#, no-wrap
3239
3192
msgid ""
3240
3193
"\n"
3243
3196
"\n"
3244
3197
"visible_hostname weezie\n"
3245
3198
3246
#: serverguide/C/web-servers.xml:855(para)
3199
#: serverguide/C/web-servers.xml:867(para)
3247
3200
msgid ""
3248
"Again, Using Squid's access control, you may configure use of Internet "
3249
"services proxied by Squid to be available only users with certain Internet "
3250
"Protocol (IP) addresses. For example, we will illustrate access by users of "
3251
"the 192.168.42.0/24 subnetwork only:"
3201
"Using Squid's access control, you may configure use of Internet services "
3202
"proxied by Squid to be available only users with certain Internet Protocol "
3203
"(IP) addresses. For example, we will illustrate access by users of the "
3204
"192.168.42.0/24 subnetwork only:"
3252
3205
msgstr ""
3253
"再一次,如果您使用Squid进行访问控制, 您应该将Internet信息服务代理设置为只有特定(IP的用户才能使用。例如,我们将举例说明只允许来自 "
3254
"192.168.42.0/24 网段用户的访问:"
3255
3206
3256
#: serverguide/C/web-servers.xml:860(para) serverguide/C/web-servers.xml:880(para)
3207
#: serverguide/C/web-servers.xml:872(para) serverguide/C/web-servers.xml:892(para)
3257
3208
msgid ""
3258
3209
"Add the following to the <emphasis role=\"bold\">bottom</emphasis> of the "
3259
3210
"ACL section of your <filename>/etc/squid/squid.conf</filename> file:"
3261
3212
"将下列语句添加到您 <filename>/etc/squid/squid.conf</filename> 文件 ACL 部分的 <emphasis "
3262
3213
"role=\"bold\">底部</emphasis>:"
3263
3214
3264
#: serverguide/C/web-servers.xml:863(programlisting)
3215
#: serverguide/C/web-servers.xml:875(programlisting)
3265
3216
#, no-wrap
3266
3217
msgid ""
3267
3218
"\n"
3270
3221
"\n"
3271
3222
"acl fortytwo_network src 192.168.42.0/24\n"
3272
3223
3273
#: serverguide/C/web-servers.xml:866(para) serverguide/C/web-servers.xml:887(para)
3224
#: serverguide/C/web-servers.xml:878(para) serverguide/C/web-servers.xml:899(para)
3274
3225
msgid ""
3275
3226
"Then, add the following to the <emphasis role=\"bold\">top</emphasis> of the "
3276
3227
"http_access section of your <filename>/etc/squid/squid.conf</filename> file:"
3278
3229
"然后添加下列语句到你 <filename>/etc/squid/squid.conf</filename> 文件 http_access 部分的 "
3279
3230
"<emphasis role=\"bold\">顶部</emphasis>:"
3280
3231
3281
#: serverguide/C/web-servers.xml:870(programlisting)
3232
#: serverguide/C/web-servers.xml:882(programlisting)
3282
3233
#, no-wrap
3283
3234
msgid ""
3284
3235
"\n"
3287
3238
"\n"
3288
3239
"http_access allow fortytwo_network\n"
3289
3240
3290
#: serverguide/C/web-servers.xml:875(para)
3241
#: serverguide/C/web-servers.xml:887(para)
3291
3242
msgid ""
3292
3243
"Using the excellent access control features of Squid, you may configure use "
3293
3244
"of Internet services proxied by Squid to be available only during normal "
3299
3250
"服务配置成仅限于在正常商务时间使用。例如,我们将举例说明只允许来自 10.1.42.0/24 子网的商务雇员在周一到周五的上午 9:00 到 下午 "
3300
3251
"5:00 时间段内访问:"
3301
3252
3302
#: serverguide/C/web-servers.xml:883(programlisting)
3303
#, no-wrap
3304
msgid ""
3305
"\n"
3306
"acl biz_network src 10.1.42.0/24\n"
3307
"acl biz_hours time M T W T F 9:00-17:00\n"
3308
msgstr ""
3309
"\n"
3310
"acl biz_network src 10.1.42.0/24\n"
3311
"acl biz_hours time M T W T F 9:00-17:00\n"
3312
3313
#: serverguide/C/web-servers.xml:891(programlisting)
3314
#, no-wrap
3315
msgid ""
3316
"\n"
3317
"http_access allow biz_network biz_hours\n"
3318
msgstr ""
3319
"\n"
3320
"http_access allow biz_network biz_hours\n"
3321
3322
#: serverguide/C/web-servers.xml:898(para)
3253
#: serverguide/C/web-servers.xml:895(programlisting)
3254
#, no-wrap
3255
msgid ""
3256
"\n"
3257
"acl biz_network src 10.1.42.0/24\n"
3258
"acl biz_hours time M T W T F 9:00-17:00\n"
3259
msgstr ""
3260
"\n"
3261
"acl biz_network src 10.1.42.0/24\n"
3262
"acl biz_hours time M T W T F 9:00-17:00\n"
3263
3264
#: serverguide/C/web-servers.xml:903(programlisting)
3265
#, no-wrap
3266
msgid ""
3267
"\n"
3268
"http_access allow biz_network biz_hours\n"
3269
msgstr ""
3270
"\n"
3271
"http_access allow biz_network biz_hours\n"
3272
3273
#: serverguide/C/web-servers.xml:910(para)
3323
3274
msgid ""
3324
3275
"After making changes to the <filename>/etc/squid/squid.conf</filename> file, "
3325
3276
"save the file and restart the <application>squid</application> server "
3329
3280
"在修改 <filename>/etc/squid/squid.conf</filename> 文件后,保存该文件并重启 "
3330
3281
"<application>squid</application> 服务器应用程序以使改动生效。可以在终端提示符后使用下列命令:"
3331
3282
3332
#: serverguide/C/web-servers.xml:905(command)
3283
#: serverguide/C/web-servers.xml:917(command)
3333
3284
msgid "sudo /etc/init.d/squid restart"
3334
3285
msgstr "sudo /etc/init.d/squid restart"
3335
3286
3336
#: serverguide/C/web-servers.xml:912(ulink)
3287
#: serverguide/C/web-servers.xml:924(ulink)
3337
3288
msgid "Squid Website"
3338
3289
msgstr "Squid 网站"
3339
3290
3340
#: serverguide/C/web-servers.xml:918(title)
3291
#: serverguide/C/web-servers.xml:926(para)
3292
msgid ""
3293
"<ulink url=\"https://help.ubuntu.com/community/Squid\">Ubuntu Wiki "
3294
"Squid</ulink> page."
3295
msgstr ""
3296
3297
#: serverguide/C/web-servers.xml:933(title)
3341
3298
msgid "Ruby on Rails"
3342
3299
msgstr "Ruby on Rails"
3343
3300
3344
#: serverguide/C/web-servers.xml:919(para)
3301
#: serverguide/C/web-servers.xml:934(para)
3345
3302
msgid ""
3346
3303
"Ruby on Rails is an open source web framework for developing database backed "
3347
3304
"web applications. It is optimized for sustainable productivity of the "
3351
3308
"Ruby on Rails 是一个用于开发以数据库为后台的 web 应用程序的开源 web "
3352
3309
"框架。其为发挥程序员持久的生产力而优化,因为它能让程序员通过有益的约定而不是配置来编写代码。"
3353
3310
3354
#: serverguide/C/web-servers.xml:926(para)
3311
#: serverguide/C/web-servers.xml:941(para)
3355
3312
msgid ""
3356
3313
"Before installing <application>Rails</application> you should install "
3357
3314
"<application>Apache</application> and <application>MySQL</application>. To "
3364
3321
"软件包的安装, 请参考<xref linkend=\"httpd\"/>。关于 <application>MySQL</application>则请参考 "
3365
3322
"<xref linkend=\"mysql\"/>。"
3366
3323
3367
#: serverguide/C/web-servers.xml:934(para)
3324
#: serverguide/C/web-servers.xml:949(para)
3368
3325
msgid ""
3369
3326
"Once you have <application>Apache</application> and "
3370
3327
"<application>MySQL</application> packages installed, you are ready to "
3373
3330
"当你安装好了<application>Apache</application>和<application>MySQL</application>,你就可以"
3374
3331
"安装<application>Ruby on Rails</application>软件包了。"
3375
3332
3376
#: serverguide/C/web-servers.xml:941(para)
3333
#: serverguide/C/web-servers.xml:956(para)
3377
3334
msgid ""
3378
3335
"To install the <application>Ruby</application> base packages and "
3379
3336
"<application>Ruby on Rails</application>, you can enter the following "
3382
3339
"要安装<application>Ruby</application>基础包和<application>Ruby on "
3383
3340
"Rails</application>,你可以在终端输入如下命令:"
3384
3341
3385
#: serverguide/C/web-servers.xml:947(command)
3342
#: serverguide/C/web-servers.xml:962(command)
3386
3343
msgid "sudo apt-get install rails"
3387
3344
msgstr "sudo apt-get install rails"
3388
3345
3389
#: serverguide/C/web-servers.xml:953(para)
3346
#: serverguide/C/web-servers.xml:968(para)
3390
3347
msgid ""
3391
3348
"Modify the <filename>/etc/apache2/sites-available/default</filename> "
3392
3349
"configuration file to setup your domains."
3393
3350
msgstr ""
3394
3351
"修改配置文件<filename>/etc/apache2/sites-available/default</filename>以建立起你的域名。"
3395
3352
3396
#: serverguide/C/web-servers.xml:957(para)
3353
#: serverguide/C/web-servers.xml:972(para)
3397
3354
msgid ""
3398
3355
"The first thing to change is the <emphasis>DocumentRoot</emphasis> directive:"
3399
3356
msgstr "首先改变的是<emphasis>DocumentRoot</emphasis>指令:"
3400
3357
3401
#: serverguide/C/web-servers.xml:961(programlisting)
3358
#: serverguide/C/web-servers.xml:976(programlisting)
3402
3359
#, no-wrap
3403
3360
msgid ""
3404
3361
"\n"
3407
3364
"\n"
3408
3365
"DocumentRoot /path/to/rails/application/public\n"
3409
3366
3410
#: serverguide/C/web-servers.xml:964(para)
3367
#: serverguide/C/web-servers.xml:979(para)
3411
3368
msgid ""
3412
3369
"Next, change the <Directory \"/path/to/rails/application/public\"> "
3413
3370
"directive:"
3414
3371
msgstr "下一步,改变 <Directory \"/path/to/rails/application/public\"> 指令:"
3415
3372
3416
#: serverguide/C/web-servers.xml:968(programlisting)
3373
#: serverguide/C/web-servers.xml:983(programlisting)
3417
3374
#, no-wrap
3418
3375
msgid ""
3419
3376
"\n"
3434
3391
" AddHandler cgi-script .cgi\n"
3435
3392
"</Directory>\n"
3436
3393
3437
#: serverguide/C/web-servers.xml:978(para)
3394
#: serverguide/C/web-servers.xml:993(para)
3438
3395
msgid ""
3439
3396
"You should also enable the <application>mod_rewrite</application> module for "
3440
3397
"Apache. To enable <application>mod_rewrite</application> module, please "
3443
3400
"你也必须为Apache打开<application>mod_rewrite</application>模块。请在终端输入如下命令来打开<applicati"
3444
3401
"on>mod_rewrite</application>模块:"
3445
3402
3446
#: serverguide/C/web-servers.xml:984(command)
3403
#: serverguide/C/web-servers.xml:999(command)
3447
3404
msgid "sudo a2enmod rewrite"
3448
3405
msgstr "sudo a2enmod rewrite"
3449
3406
3450
#: serverguide/C/web-servers.xml:987(para)
3407
#: serverguide/C/web-servers.xml:1002(para)
3451
3408
msgid ""
3452
3409
"Finally you will need to change the ownership of the "
3453
3410
"<filename>/path/to/rails/application/public</filename> and "
3458
3415
"<filename>/path/to/rails/application/tmp</filename> "
3459
3416
"目录的所有权到运行<application>Apache</application> 进程的用户:"
3460
3417
3461
#: serverguide/C/web-servers.xml:993(command)
3418
#: serverguide/C/web-servers.xml:1008(command)
3462
3419
msgid "sudo chown -R www-data:www-data /path/to/rails/application/public"
3463
3420
msgstr "sudo chown -R www-data:www-data /path/to/rails/application/public"
3464
3421
3465
#: serverguide/C/web-servers.xml:994(command)
3422
#: serverguide/C/web-servers.xml:1009(command)
3466
3423
msgid "sudo chown -R www-data:www-data /path/to/rails/application/tmp"
3467
3424
msgstr "sudo chown -R www-data:www-data /path/to/rails/application/tmp"
3468
3425
3469
#: serverguide/C/web-servers.xml:997(para)
3426
#: serverguide/C/web-servers.xml:1012(para)
3470
3427
msgid ""
3471
3428
"That's it! Now you have your Server ready for your <application>Ruby on "
3472
3429
"Rails</application> applications."
3473
3430
msgstr "搞定!现在您的服务器已经可以运行 <application>Ruby on Rails</application> 应用程序。"
3474
3431
3475
#: serverguide/C/web-servers.xml:1006(para)
3432
#: serverguide/C/web-servers.xml:1021(para)
3476
3433
msgid ""
3477
3434
"See the <ulink url=\"http://rubyonrails.org/\">Ruby on Rails</ulink> website "
3478
3435
"for more information."
3479
3436
msgstr ""
3480
3437
"查看更多信息请浏览<ulink url=\"http://rubyonrails.org/\">Ruby on Rails</ulink>站点。"
3481
3438
3482
#: serverguide/C/web-servers.xml:1011(para)
3439
#: serverguide/C/web-servers.xml:1026(para)
3483
3440
msgid ""
3484
3441
"Also <ulink url=\"http://pragprog.com/titles/rails3/agile-web-development-"
3485
3442
"with-rails-third-edition\">Agile Development with Rails</ulink> is a great "
3488
3445
"同样,<ulink url=\"http://pragprog.com/titles/rails3/agile-web-development-with-"
3489
3446
"rails-third-edition\">Agile Development with Rails</ulink>是个不错的学习材料。"
3490
3447
3491
#: serverguide/C/web-servers.xml:1022(title)
3448
#: serverguide/C/web-servers.xml:1032(para)
3449
msgid ""
3450
"Another place for more information is the <ulink "
3451
"url=\"https://help.ubuntu.com/community/RubyOnRails\">Ruby on Rails Ubuntu "
3452
"Wiki</ulink> page."
3453
msgstr ""
3454
3455
#: serverguide/C/web-servers.xml:1043(title)
3492
3456
msgid "Apache Tomcat"
3493
3457
msgstr "Apache Tomcat"
3494
3458
3495
#: serverguide/C/web-servers.xml:1023(para)
3459
#: serverguide/C/web-servers.xml:1044(para)
3496
3460
msgid ""
3497
3461
"Apache Tomcat is a web container that allows you to serve Java Servlets and "
3498
3462
"JSP (Java Server Pages) web applications."
3499
3463
msgstr ""
3500
3464
"Apache Tomcat 是一个 Web 容器,允许您为 Java Serlets 和 JSP(Java 服务器页面) 的 Web 应用提供服务。"
3501
3465
3502
#: serverguide/C/web-servers.xml:1025(para)
3466
#: serverguide/C/web-servers.xml:1046(para)
3503
3467
msgid ""
3504
3468
"The <application>Tomcat 6.0</application> packages in Ubuntu support two "
3505
3469
"different ways of running Tomcat. You can install them as a classic unique "
3515
3479
"您也可以部署私有实例,以您自己的用户权限来运行,这样,就需要您自己手动开启或停止。 在多个用户需要测试它们自己单独的 Tomcat "
3516
3480
"实例的服务器开发场合,后一种方式特别有用。"
3517
3481
3518
#: serverguide/C/web-servers.xml:1035(title)
3482
#: serverguide/C/web-servers.xml:1056(title)
3519
3483
msgid "System-wide installation"
3520
3484
msgstr "系统级安装"
3521
3485
3522
#: serverguide/C/web-servers.xml:1036(para)
3486
#: serverguide/C/web-servers.xml:1057(para)
3523
3487
msgid ""
3524
3488
"To install the <application>Tomcat</application> server, you can enter the "
3525
3489
"following command in the terminal prompt:"
3526
3490
msgstr "要安装 <application>Tomcat</application> 服务器,您可在终端命令行中输入:"
3527
3491
3528
#: serverguide/C/web-servers.xml:1039(command)
3492
#: serverguide/C/web-servers.xml:1060(command)
3529
3493
msgid "sudo apt-get install tomcat6"
3530
3494
msgstr "sudo apt-get install tomcat6"
3531
3495
3532
#: serverguide/C/web-servers.xml:1041(para)
3496
#: serverguide/C/web-servers.xml:1062(para)
3533
3497
msgid ""
3534
3498
"This will install a Tomcat server with just a default ROOT webapp that "
3535
3499
"displays a minimal \"It works\" page by default."
3536
3500
msgstr "这将安装只带有一个默认的 ROOT Web 应用程序的 Tomcat 服务器,该 Web 应用程序默认仅显示 “正常工作” 的页面。"
3537
3501
3538
#: serverguide/C/web-servers.xml:1047(para)
3502
#: serverguide/C/web-servers.xml:1068(para)
3539
3503
msgid ""
3540
3504
"Tomcat configuration files can be found in "
3541
3505
"<filename>/etc/tomcat6</filename>. Only a few common configuration tweaks "
3547
3511
"<ulink url=\"http://tomcat.apache.org/tomcat-6.0-doc/index.html\">Tomcat 6.0 "
3548
3512
"documentation</ulink> 以了解更多。"
3549
3513
3550
#: serverguide/C/web-servers.xml:1053(title)
3514
#: serverguide/C/web-servers.xml:1074(title)
3551
3515
msgid "Changing default ports"
3552
3516
msgstr "修改默认端口"
3553
3517
3554
#: serverguide/C/web-servers.xml:1054(para)
3518
#: serverguide/C/web-servers.xml:1075(para)
3555
3519
msgid ""
3556
3520
"By default Tomcat 6.0 runs a HTTP connector on port 8080 and an AJP "
3557
3521
"connector on port 8009. You might want to change those default ports to "
3562
3526
"为避免与系统中其它服务器发生冲突,您可能需要修改这些默认的端口。 可以通过修改 "
3563
3527
"<filename>/etc/tomcat6/server.xml</filename> 中如下行来实现:"
3564
3528
3565
#: serverguide/C/web-servers.xml:1059(programlisting)
3529
#: serverguide/C/web-servers.xml:1080(programlisting)
3566
3530
#, no-wrap
3567
3531
msgid ""
3568
3532
"\n"
3581
3545
"<Connector port=\"8009\" protocol=\"AJP/1.3\" redirectPort=\"8443\" "
3582
3546
"/>\n"
3583
3547
3584
#: serverguide/C/web-servers.xml:1068(title)
3548
#: serverguide/C/web-servers.xml:1089(title)
3585
3549
msgid "Changing JVM used"
3586
3550
msgstr "修改使用的 JVM"
3587
3551
3588
#: serverguide/C/web-servers.xml:1069(para)
3552
#: serverguide/C/web-servers.xml:1090(para)
3589
3553
msgid ""
3590
3554
"By default Tomcat will run preferably with OpenJDK-6, then try Sun's JVM, "
3591
3555
"then try some other JVMs. If you have various JVMs installed, you can set "
3595
3559
"默认情况下,Tomcat 优先使用 OpenJDK-6,然后偿试使用 Sun 公司的 JVM,最后再偿试使用其它的 JVM。 如果您安装了多个 "
3596
3560
"JVM,您可以在 <filename>/etc/default/tomcat6</filename> 中设置 JAVA_HOME 以确定哪个 JVM:"
3597
3561
3598
#: serverguide/C/web-servers.xml:1073(programlisting)
3562
#: serverguide/C/web-servers.xml:1094(programlisting)
3599
3563
#, no-wrap
3600
3564
msgid ""
3601
3565
"\n"
3604
3568
"\n"
3605
3569
"JAVA_HOME=/usr/lib/jvm/java-6-sun\n"
3606
3570
3607
#: serverguide/C/web-servers.xml:1078(title)
3571
#: serverguide/C/web-servers.xml:1099(title)
3608
3572
msgid "Declaring users and roles"
3609
3573
msgstr "声明用户与角色"
3610
3574
3611
#: serverguide/C/web-servers.xml:1079(para)
3575
#: serverguide/C/web-servers.xml:1100(para)
3612
3576
msgid ""
3613
3577
"Usernames, passwords and roles (groups) can be defined centrally in a "
3614
3578
"Servlet container. In Tomcat 6.0 this is done in the "
3617
3581
"用户名、密码以及角色(组)可以在 Servlet 容器中集中定义。 Tomcat 6.0 使用 "
3618
3582
"<filename>/etc/tomcat6/tomcat-users.xml</filename> 来完成:"
3619
3583
3620
#: serverguide/C/web-servers.xml:1082(programlisting)
3584
#: serverguide/C/web-servers.xml:1103(programlisting)
3621
3585
#, no-wrap
3622
3586
msgid ""
3623
3587
"\n"
3628
3592
"<role rolename=\"admin\"/>\n"
3629
3593
"<user username=\"tomcat\" password=\"s3cret\" roles=\"admin\"/>\n"
3630
3594
3631
#: serverguide/C/web-servers.xml:1090(title)
3595
#: serverguide/C/web-servers.xml:1111(title)
3632
3596
msgid "Using Tomcat standard webapps"
3633
3597
msgstr "使用 Tomcat 标准应用程序"
3634
3598
3635
#: serverguide/C/web-servers.xml:1091(para)
3599
#: serverguide/C/web-servers.xml:1112(para)
3636
3600
msgid ""
3637
3601
"Tomcat is shipped with webapps that you can install for documentation, "
3638
3602
"administration or demo purposes."
3639
3603
msgstr "Tomcat 捆绑了一些应用程序,您可以安装作为文档、管理和演示之用。"
3640
3604
3641
#: serverguide/C/web-servers.xml:1094(title)
3605
#: serverguide/C/web-servers.xml:1115(title)
3642
3606
msgid "Tomcat documentation"
3643
3607
msgstr "Tomcat 文档"
3644
3608
3645
#: serverguide/C/web-servers.xml:1095(para)
3609
#: serverguide/C/web-servers.xml:1116(para)
3646
3610
msgid ""
3647
3611
"The <application>tomcat6-docs</application> package contains Tomcat 6.0 "
3648
3612
"documentation, packaged as a webapp that you can access by default at "
3652
3616
"tomcat6-docs 软件包带有 Tomcat 6.0 文档,该文档打包成应用程序,您可以使用默认的地址 "
3653
3617
"http://yourserver:8080/docs 访问。 您可以在终端命令行中输入如下命令来安装该软件包:"
3654
3618
3655
#: serverguide/C/web-servers.xml:1100(command)
3619
#: serverguide/C/web-servers.xml:1121(command)
3656
3620
msgid "sudo apt-get install tomcat6-docs"
3657
3621
msgstr "sudo apt-get install tomcat6-docs"
3658
3622
3659
#: serverguide/C/web-servers.xml:1104(title)
3623
#: serverguide/C/web-servers.xml:1125(title)
3660
3624
msgid "Tomcat administration webapps"
3661
3625
msgstr "Tomcat 管理应用程序"
3662
3626
3663
#: serverguide/C/web-servers.xml:1105(para)
3627
#: serverguide/C/web-servers.xml:1126(para)
3664
3628
msgid ""
3665
3629
"The <application>tomcat6-admin</application> package contains two webapps "
3666
3630
"that can be used to administer the Tomcat server using a web interface. You "
3669
3633
"tomcat6-admin 软件包包含两个应用程序,可以通过 Web 页面对 Tomcat "
3670
3634
"服务器进行管理。您可以在终端命令行中输入如下命令来安装该软件包:"
3671
3635
3672
#: serverguide/C/web-servers.xml:1110(command)
3636
#: serverguide/C/web-servers.xml:1131(command)
3673
3637
msgid "sudo apt-get install tomcat6-admin"
3674
3638
msgstr "sudo apt-get install tomcat6-admin"
3675
3639
3676
#: serverguide/C/web-servers.xml:1112(para)
3640
#: serverguide/C/web-servers.xml:1133(para)
3677
3641
msgid ""
3678
3642
"The first one is the <emphasis>manager</emphasis> webapp, which you can "
3679
3643
"access by default at http://yourserver:8080/manager/html. It is primarily "
3682
3646
"第一个应用程序是 manager,您可以在默认的地址 http://yourserver:8080/manager/html "
3683
3647
"进行访问。它主要用于获取服务器状态以及重启应用程序。"
3684
3648
3685
#: serverguide/C/web-servers.xml:1115(para)
3649
#: serverguide/C/web-servers.xml:1136(para)
3686
3650
msgid ""
3687
3651
"Access to the <emphasis>manager</emphasis> application is protected by "
3688
3652
"default: you need to define a user with the role \"manager\" in "
3691
3655
"默认情况下,对 manager 应用程序的访问是被保护的。在访问之前,您需要在 <filename>/etc/tomcat6/tomcat-"
3692
3656
"users.xml</filename> 中定义一个“manager“角色的用户。"
3693
3657
3694
#: serverguide/C/web-servers.xml:1119(para)
3658
#: serverguide/C/web-servers.xml:1140(para)
3695
3659
msgid ""
3696
3660
"The second one is the <emphasis>host-manager</emphasis> webapp, which you "
3697
3661
"can access by default at http://yourserver:8080/host-manager/html. It can be "
3700
3664
"第二个应用程序是 host-manager,您可以在默认的地址 http://yourserver:8080/host-manager/html "
3701
3665
"进行访问。它可以用于动态创建虚拟主机。"
3702
3666
3703
#: serverguide/C/web-servers.xml:1123(para)
3667
#: serverguide/C/web-servers.xml:1144(para)
3704
3668
msgid ""
3705
3669
"Access to the <emphasis>host-manager</emphasis> application is also "
3706
3670
"protected by default: you need to define a user with the role \"admin\" in "
3709
3673
"默认情况下,对 host-manager 应用程序的访问也是被保护的。在访问之前,您需要在 <filename>/etc/tomcat6/tomcat-"
3710
3674
"users.xml</filename> 中定义一个“admin“角色的用户。"
3711
3675
3712
#: serverguide/C/web-servers.xml:1128(para)
3676
#: serverguide/C/web-servers.xml:1149(para)
3713
3677
msgid ""
3714
3678
"For security reasons, the tomcat6 user cannot write to the "
3715
3679
"<filename>/etc/tomcat6</filename> directory by default. Some features in "
3721
3685
"目录是不可写的,但这些管理应用程序中的某些功能(部署应用、创建虚拟主机)需要访问该目录,如果您需要使用这些功能,执行如下命令,以对 tomcat6 "
3722
3686
"组的用户分配必要的权限:"
3723
3687
3724
#: serverguide/C/web-servers.xml:1135(command)
3688
#: serverguide/C/web-servers.xml:1156(command)
3725
3689
msgid "sudo chgrp -R tomcat6 /etc/tomcat6"
3726
3690
msgstr "sudo chgrp -R tomcat6 /etc/tomcat6"
3727
3691
3728
#: serverguide/C/web-servers.xml:1136(command)
3692
#: serverguide/C/web-servers.xml:1157(command)
3729
3693
msgid "sudo chmod -R g+w /etc/tomcat6"
3730
3694
msgstr "sudo chmod -R g+w /etc/tomcat6"
3731
3695
3732
#: serverguide/C/web-servers.xml:1141(title)
3696
#: serverguide/C/web-servers.xml:1162(title)
3733
3697
msgid "Tomcat examples webapps"
3734
3698
msgstr "Tomcat 示例应用程序"
3735
3699
3736
#: serverguide/C/web-servers.xml:1142(para)
3700
#: serverguide/C/web-servers.xml:1163(para)
3737
3701
msgid ""
3738
3702
"The <application>tomcat6-examples</application> package contains two webapps "
3739
3703
"that can be used to test or demonstrate Servlets and JSP features, which you "
3743
3707
"tomcat6-examples 软件包包含两个应用程序,可以用于测试和演示 Servlets 和 JSP 功能,您可以在默认的地址 "
3744
3708
"http://yourserver:8080/examples 进行访问。您可以在终端命令行中输入如下命令来安装:"
3745
3709
3746
#: serverguide/C/web-servers.xml:1148(command)
3710
#: serverguide/C/web-servers.xml:1169(command)
3747
3711
msgid "sudo apt-get install tomcat6-examples"
3748
3712
msgstr "sudo apt-get install tomcat6-examples"
3749
3713
3750
#: serverguide/C/web-servers.xml:1154(title)
3714
#: serverguide/C/web-servers.xml:1175(title)
3751
3715
msgid "Using private instances"
3752
3716
msgstr "使用私有实例"
3753
3717
3754
#: serverguide/C/web-servers.xml:1155(para)
3718
#: serverguide/C/web-servers.xml:1176(para)
3755
3719
msgid ""
3756
3720
"Tomcat is heavily used in development and testing scenarios where using a "
3757
3721
"single system-wide instance doesn't meet the requirements of multiple users "
3763
3727
"Tomcat被广泛的应用于使用单一系统范围实例不需要考虑单一系统下多用户需求情景下的开发和测试方案。Ubuntu里的Tomcat6.0的包和相关工具可以帮"
3764
3728
"助你部署你自己的面向用户的实例、允许每个系统用户运行(非root权限的)彼此分隔的私有实例,虽然这仍然是在使用以系统权限安装的库。"
3765
3729
3766
#: serverguide/C/web-servers.xml:1162(para)
3730
#: serverguide/C/web-servers.xml:1183(para)
3767
3731
msgid ""
3768
3732
"It is possible to run the system-wide instance and the private instances in "
3769
3733
"parallel, as long as they do not use the same TCP ports."
3770
3734
msgstr "只要他们不使用同样的 TCP 端口,有可能并行运行全系统例子和人例子。"
3771
3735
3772
#: serverguide/C/web-servers.xml:1166(title)
3736
#: serverguide/C/web-servers.xml:1187(title)
3773
3737
msgid "Installing private instance support"
3774
3738
msgstr "安装兼容的个人事例"
3775
3739
3776
#: serverguide/C/web-servers.xml:1167(para)
3740
#: serverguide/C/web-servers.xml:1188(para)
3777
3741
msgid ""
3778
3742
"You can install everything necessary to run private instances by entering "
3779
3743
"the following command in the terminal prompt:"
3780
3744
msgstr "您可以安装所必需的和在终端提示上键入以下命令来运行个人事例:"
3781
3745
3782
#: serverguide/C/web-servers.xml:1170(command)
3746
#: serverguide/C/web-servers.xml:1191(command)
3783
3747
msgid "sudo apt-get install tomcat6-user"
3784
3748
msgstr "sudo apt-get install tomcat6-user"
3785
3749
3786
#: serverguide/C/web-servers.xml:1174(title)
3750
#: serverguide/C/web-servers.xml:1195(title)
3787
3751
msgid "Creating a private instance"
3788
3752
msgstr "创建个人事例"
3789
3753
3790
#: serverguide/C/web-servers.xml:1175(para)
3754
#: serverguide/C/web-servers.xml:1196(para)
3791
3755
msgid ""
3792
3756
"You can create a private instance directory by entering the following "
3793
3757
"command in the terminal prompt:"
3794
3758
msgstr "你可以在终端处键入以下命令来建立个人文档目录:"
3795
3759
3796
#: serverguide/C/web-servers.xml:1178(command)
3760
#: serverguide/C/web-servers.xml:1199(command)
3797
3761
msgid "tomcat6-instance-create my-instance"
3798
3762
msgstr "tomcat6-instance-create my-instance"
3799
3763
3800
#: serverguide/C/web-servers.xml:1180(para)
3764
#: serverguide/C/web-servers.xml:1201(para)
3801
3765
msgid ""
3802
3766
"This will create a new <filename>my-instance</filename> directory with all "
3803
3767
"the necessary subdirectories and scripts. You can for example install your "
3809
3773
"instance</filename>目录以提供一切必需子目录和脚本。例如,您也可以共同安装库在<filename>lib/</filename>子目录里"
3810
3774
"来布置 webapps 在您的<filename>webapps/</filename>子目录里。默认下是没有布置 webapps 的。"
3811
3775
3812
#: serverguide/C/web-servers.xml:1188(title)
3776
#: serverguide/C/web-servers.xml:1209(title)
3813
3777
msgid "Configuring your private instance"
3814
3778
msgstr "配置你的个人事例"
3815
3779
3816
#: serverguide/C/web-servers.xml:1189(para)
3780
#: serverguide/C/web-servers.xml:1210(para)
3817
3781
msgid ""
3818
3782
"You will find the classic Tomcat configuration files for your private "
3819
3783
"instance in the <filename>conf/</filename> subdirectory. You should for "
3824
3788
"您会在您个人示范 <filename>conf/</filename> 子目录里找到典型的 Tomcat 配置文件。你应该个人 Tomcat 示范编辑 "
3825
3789
"<filename>conf/server.xml</filename> 文件来改变默认端口的使用,以避免运行时和其它的示范有冲突。"
3826
3790
3827
#: serverguide/C/web-servers.xml:1197(title)
3791
#: serverguide/C/web-servers.xml:1218(title)
3828
3792
msgid "Starting/stopping your private instance"
3829
3793
msgstr "开始/停止 您的个人事例"
3830
3794
3831
#: serverguide/C/web-servers.xml:1198(para)
3795
#: serverguide/C/web-servers.xml:1219(para)
3832
3796
msgid ""
3833
3797
"You can start your private instance by entering the following command in the "
3834
3798
"terminal prompt (supposing your instance is located in the <filename>my-"
3835
3799
"instance</filename> directory):"
3836
3800
msgstr "您可以键入以下终端提示命令来启动你个人事例(认定您的事例已锁在<filename>my-instance</filename>目录里):"
3837
3801
3838
#: serverguide/C/web-servers.xml:1202(command)
3802
#: serverguide/C/web-servers.xml:1223(command)
3839
3803
msgid "my-instance/bin/startup.sh"
3840
3804
msgstr "my-instance/bin/startup.sh"
3841
3805
3842
#: serverguide/C/web-servers.xml:1204(para)
3806
#: serverguide/C/web-servers.xml:1225(para)
3843
3807
msgid ""
3844
3808
"You should check the <filename>logs/</filename> subdirectory for any error. "
3845
3809
"If you have a <emphasis>java.net.BindException: Address already in "
3850
3814
"<emphasis>java.net.BindException: 地址已经在使用<null>:8080</emphasis> "
3851
3815
"的错误,这意味着你您使用的端口已经被标记,您应该要使用另一端口。"
3852
3816
3853
#: serverguide/C/web-servers.xml:1209(para)
3817
#: serverguide/C/web-servers.xml:1230(para)
3854
3818
msgid ""
3855
3819
"You can stop your instance by entering the following command in the terminal "
3856
3820
"prompt (supposing your instance is located in the <filename>my-"
3857
3821
"instance</filename> directory):"
3858
3822
msgstr "您可以键入以下终端提示命令来停止你个人事例(认定您的事例已锁在<filename>my-instance</filename>目录里):"
3859
3823
3860
#: serverguide/C/web-servers.xml:1213(command)
3824
#: serverguide/C/web-servers.xml:1234(command)
3861
3825
msgid "my-instance/bin/shutdown.sh"
3862
3826
msgstr "my-instance/bin/shutdown.sh"
3863
3827
3864
#: serverguide/C/web-servers.xml:1222(para)
3828
#: serverguide/C/web-servers.xml:1243(para)
3865
3829
msgid ""
3866
3830
"See the <ulink url=\"http://tomcat.apache.org/\">Apache Tomcat</ulink> "
3867
3831
"website for more information."
3868
3832
msgstr ""
3869
3833
"请浏览<ulink url=\"http://tomcat.apache.org/\">Apache Tomcat</ulink>站点查看更多信息。"
3870
3834
3871
#: serverguide/C/web-servers.xml:1227(para)
3835
#: serverguide/C/web-servers.xml:1248(para)
3872
3836
msgid ""
3873
3837
"<ulink url=\"http://oreilly.com/catalog/9780596003180/\">Tomcat: The "
3874
3838
"Definitive Guide</ulink> is a good resource for building web applications "
3877
3841
"<ulink url=\"http://oreilly.com/catalog/9780596003180/\">Tomcat: The "
3878
3842
"Definitive Guide</ulink> 是一份很好的关于使用Tomcat搭建Web应用程序的资源"
3879
3843
3880
#: serverguide/C/web-servers.xml:1233(para)
3844
#: serverguide/C/web-servers.xml:1254(para)
3881
3845
msgid ""
3882
3846
"For additional books see the <ulink "
3883
3847
"url=\"http://wiki.apache.org/tomcat/Tomcat/Books\">Tomcat Books</ulink> list "
3886
3850
"更多的书籍请浏览<ulink url=\"http://wiki.apache.org/tomcat/Tomcat/Books\">Tomcat "
3887
3851
"Books</ulink>清单页面。"
3888
3852
3853
#: serverguide/C/web-servers.xml:1259(para)
3854
msgid ""
3855
"Also, see the<ulink "
3856
"url=\"https://help.ubuntu.com/community/ApacheTomcat5\">Ubuntu Wiki Apache "
3857
"Tomcat</ulink> page."
3858
msgstr ""
3859
3889
3860
#: serverguide/C/vpn.xml:13(title)
3890
3861
msgid "VPN"
3891
3862
msgstr "VPN"
3923
3894
msgid "To install <application>openvpn</application> in a terminal enter:"
3924
3895
msgstr "要安装<application>openvpn</application>,请在终端输入:"
3925
3896
3926
#: serverguide/C/vpn.xml:41(command)
3897
#: serverguide/C/vpn.xml:41(command) serverguide/C/vpn.xml:257(command)
3927
3898
msgid "sudo apt-get install openvpn"
3928
3899
msgstr "sudo apt-get install openvpn"
3929
3900
3941
3912
msgid ""
3942
3913
"First, copy the <filename>easy-rsa</filename> directory to "
3943
3914
"<filename>/etc/openvpn</filename>. This will ensure that any changes to the "
3944
"scripts will not be lost when the package is updated. From a terminal enter:"
3915
"scripts will not be lost when the package is updated. You will also need to "
3916
"adjust permissions in the <filename>easy-rsa</filename> directory to allow "
3917
"the current user permission to create files. From a terminal enter:"
3945
3918
msgstr ""
3946
"首先,将目录<filename>easy-"
3947
"rsa</filename>复制到<filename>/etc/openvpn</filename>。这么做会保证对脚本的任何更改不会因为软件包的更新而丢"
3948
"失。在终端下输入:"
3949
3919
3950
#: serverguide/C/vpn.xml:58(command)
3920
#: serverguide/C/vpn.xml:59(command)
3951
3921
msgid "sudo mkdir /etc/openvpn/easy-rsa/"
3952
3922
msgstr "sudo mkdir /etc/openvpn/easy-rsa/"
3953
3923
3954
#: serverguide/C/vpn.xml:59(command)
3924
#: serverguide/C/vpn.xml:60(command)
3955
3925
msgid ""
3956
"sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
3957
msgstr ""
3958
"sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
3959
3960
#: serverguide/C/vpn.xml:62(para)
3926
"sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-"
3927
"rsa/"
3928
msgstr ""
3929
3930
#: serverguide/C/vpn.xml:61(command)
3931
msgid "sudo chown -R $USER /etc/openvpn/easy-rsa/"
3932
msgstr ""
3933
3934
#: serverguide/C/vpn.xml:64(para)
3961
3935
msgid ""
3962
3936
"Next, edit <filename>/etc/openvpn/easy-rsa/vars</filename> adjusting the "
3963
3937
"following to your environment:"
3964
3938
msgstr "接下来,编辑<filename>/etc/openvpn/easy-rsa/vars</filename>调整到适合您的环境:"
3965
3939
3966
#: serverguide/C/vpn.xml:66(programlisting)
3940
#: serverguide/C/vpn.xml:68(programlisting)
3967
3941
#, no-wrap
3968
3942
msgid ""
3969
3943
"\n"
3980
3954
"export KEY_ORG=\"Example Company\"\n"
3981
3955
"export KEY_EMAIL=\"steve@example.com\"\n"
3982
3956
3983
#: serverguide/C/vpn.xml:74(para)
3957
#: serverguide/C/vpn.xml:76(para)
3984
3958
msgid "Enter the following to create the server certificates:"
3985
3959
msgstr "输入以下命令来创建服务器证书:"
3986
3960
3987
#: serverguide/C/vpn.xml:79(command)
3988
msgid "cd /etc/openvpn/easy-rsa/easy-rsa"
3989
msgstr "cd /etc/openvpn/easy-rsa/easy-rsa"
3961
#: serverguide/C/vpn.xml:81(command) serverguide/C/vpn.xml:102(command)
3962
msgid "cd /etc/openvpn/easy-rsa/"
3963
msgstr "cd /etc/openvpn/easy-rsa/"
3990
3964
3991
#: serverguide/C/vpn.xml:80(command) serverguide/C/vpn.xml:101(command)
3965
#: serverguide/C/vpn.xml:82(command) serverguide/C/vpn.xml:103(command)
3992
3966
msgid "source vars"
3993
3967
msgstr "原始变量"
3994
3968
3995
#: serverguide/C/vpn.xml:81(command)
3969
#: serverguide/C/vpn.xml:83(command)
3996
3970
msgid "./clean-all"
3997
3971
msgstr "./clean-all"
3998
3972
3999
#: serverguide/C/vpn.xml:82(command)
3973
#: serverguide/C/vpn.xml:84(command)
4000
3974
msgid "./build-dh"
4001
3975
msgstr "./build-dh"
4002
3976
4003
#: serverguide/C/vpn.xml:83(command)
3977
#: serverguide/C/vpn.xml:85(command)
4004
3978
msgid "./pkitool --initca"
4005
3979
msgstr "./pkitool --initca"
4006
3980
4007
#: serverguide/C/vpn.xml:84(command)
3981
#: serverguide/C/vpn.xml:86(command)
4008
3982
msgid "./pkitool --server server"
4009
3983
msgstr "./pkitool --server server"
4010
3984
4011
#: serverguide/C/vpn.xml:85(command)
3985
#: serverguide/C/vpn.xml:87(command)
4012
3986
msgid "cd keys"
4013
3987
msgstr "cd keys"
4014
3988
4015
#: serverguide/C/vpn.xml:86(command)
3989
#: serverguide/C/vpn.xml:88(command)
4016
3990
msgid "openvpn --genkey --secret ta.key"
4017
3991
msgstr "openvpn --genkey --secret ta.key"
4018
3992
4019
#: serverguide/C/vpn.xml:87(command)
3993
#: serverguide/C/vpn.xml:89(command)
4020
3994
msgid "sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/"
4021
3995
msgstr "sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/"
4022
3996
4023
#: serverguide/C/vpn.xml:92(title)
3997
#: serverguide/C/vpn.xml:94(title)
4024
3998
msgid "Client Certificates"
4025
3999
msgstr "客户端证书"
4026
4000
4027
#: serverguide/C/vpn.xml:94(para)
4001
#: serverguide/C/vpn.xml:96(para)
4028
4002
msgid ""
4029
4003
"The VPN client will also need a certificate to authenticate itself to the "
4030
4004
"server. To create the certificate, enter the following in a terminal:"
4031
4005
msgstr "VPN客户端也需要一个证书用来向服务器认证自己。要创建证书,请在终端输入:"
4032
4006
4033
#: serverguide/C/vpn.xml:100(command)
4034
msgid "cd /etc/openvpn/easy-rsa/"
4035
msgstr "cd /etc/openvpn/easy-rsa/"
4036
4037
#: serverguide/C/vpn.xml:102(command)
4007
#: serverguide/C/vpn.xml:104(command)
4038
4008
msgid "./pkitool hostname"
4039
4009
msgstr "./pkitool hostname"
4040
4010
4041
#: serverguide/C/vpn.xml:106(para)
4011
#: serverguide/C/vpn.xml:108(para)
4042
4012
msgid ""
4043
4013
"Replace <emphasis>hostname</emphasis> with the actual hostname of the "
4044
4014
"machine connecting to the VPN."
4045
4015
msgstr "将<emphasis>hostname</emphasis>替换成要连接到VPN的实际主机名。"
4046
4016
4047
#: serverguide/C/vpn.xml:111(para)
4017
#: serverguide/C/vpn.xml:113(para)
4048
4018
msgid "Copy the following files to the client:"
4049
4019
msgstr "将如下文件复制到客户端:"
4050
4020
4051
#: serverguide/C/vpn.xml:116(para)
4052
msgid "/etc/openvpn/easy-rsa/hostname.ovpn"
4053
msgstr "/etc/openvpn/easy-rsa/hostname.ovpn"
4054
4055
#: serverguide/C/vpn.xml:117(para)
4056
msgid "/etc/openvpn/easy-rsa/ca.crt"
4057
msgstr "/etc/openvpn/easy-rsa/ca.crt"
4058
4059
4021
#: serverguide/C/vpn.xml:118(para)
4060
msgid "/etc/openvpn/easy-rsa/hostname.crt"
4061
msgstr "/etc/openvpn/easy-rsa/hostname.crt"
4022
msgid "/etc/openvpn/ca.crt"
4023
msgstr ""
4062
4024
4063
4025
#: serverguide/C/vpn.xml:119(para)
4064
msgid "/etc/openvpn/easy-rsa/hostname.key"
4065
msgstr "/etc/openvpn/easy-rsa/hostname.key"
4026
msgid "/etc/openvpn/easy-rsa/keys/hostname.crt"
4027
msgstr ""
4066
4028
4067
4029
#: serverguide/C/vpn.xml:120(para)
4068
msgid "/etc/openvpn/easy-rsa/ta.key"
4069
msgstr "/etc/openvpn/easy-rsa/ta.key"
4070
4071
#: serverguide/C/vpn.xml:124(para)
4030
msgid "/etc/openvpn/easy-rsa/keys/hostname.key"
4031
msgstr ""
4032
4033
#: serverguide/C/vpn.xml:121(para)
4034
msgid "/etc/openvpn/ta.key"
4035
msgstr ""
4036
4037
#: serverguide/C/vpn.xml:125(para)
4072
4038
msgid ""
4073
4039
"Remember to adjust the above file names for your client machine's "
4074
4040
"<emphasis>hostname</emphasis>."
4075
4041
msgstr "记得要将你的客户端机器的<emphasis>主机名</emphasis>的以上文件做相应调整。"
4076
4042
4077
#: serverguide/C/vpn.xml:129(para)
4043
#: serverguide/C/vpn.xml:130(para)
4078
4044
msgid ""
4079
4045
"It is best to use a secure method to copy the certificate and key files. The "
4080
4046
"<application>scp</application> utility is a good choice, but copying the "
4083
4049
"最好是使用安全的方法来复制证书和钥匙文件。<application>scp</application>工具是个不错的选择,但将文件复制到可移除介质再复制到"
4084
4050
"客户端也是可以的。"
4085
4051
4086
#: serverguide/C/vpn.xml:140(title) serverguide/C/vcs.xml:107(title)
4052
#: serverguide/C/vpn.xml:141(title) serverguide/C/vcs.xml:107(title)
4087
4053
msgid "Server Configuration"
4088
4054
msgstr "服务器配置"
4089
4055
4090
#: serverguide/C/vpn.xml:142(para)
4056
#: serverguide/C/vpn.xml:143(para)
4091
4057
msgid ""
4092
4058
"Now configure the <application>openvpn</application> server by creating "
4093
4059
"<filename>/etc/openvpn/server.conf</filename> from the example file. In a "
4096
4062
"现在可以通过编辑示例文件中的<filename>/etc/openvpn/server.conf</filename>来配置<application>op"
4097
4063
"envpn</application>。在终端中输入:"
4098
4064
4099
#: serverguide/C/vpn.xml:148(command)
4100
msgid ""
4101
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
4102
"/etc/openvpn/"
4103
msgstr ""
4104
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
4105
"/etc/openvpn/"
4106
4107
4065
#: serverguide/C/vpn.xml:149(command)
4066
msgid ""
4067
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
4068
"/etc/openvpn/"
4069
msgstr ""
4070
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
4071
"/etc/openvpn/"
4072
4073
#: serverguide/C/vpn.xml:150(command)
4108
4074
msgid "sudo gzip -d /etc/openvpn/server.conf.gz"
4109
4075
msgstr "sudo gzip -d /etc/openvpn/server.conf.gz"
4110
4076
4111
#: serverguide/C/vpn.xml:152(para)
4077
#: serverguide/C/vpn.xml:153(para)
4112
4078
msgid ""
4113
"Edit <filename>etc/openvpn/server.conf</filename> changing the following "
4079
"Edit <filename>/etc/openvpn/server.conf</filename> changing the following "
4114
4080
"options to:"
4115
msgstr "编辑<filename>etc/openvpn/server.conf</filename>将以下选项更改成:"
4081
msgstr ""
4116
4082
4117
#: serverguide/C/vpn.xml:156(programlisting)
4083
#: serverguide/C/vpn.xml:157(programlisting)
4118
4084
#, no-wrap
4119
4085
msgid ""
4120
4086
"\n"
4121
4087
"local 172.18.100.101\n"
4122
4088
"dev tap0\n"
4089
"up \"/etc/openvpn/up.sh br0\"\n"
4090
"down \"/etc/openvpn/down.sh br0\"\n"
4091
";server 10.8.0.0 255.255.255.0\n"
4123
4092
"server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
4124
4093
"push \"route 172.18.100.1 255.255.255.0\"\n"
4125
4094
"push \"dhcp-option DNS 172.18.100.20\"\n"
4128
4097
"user nobody\n"
4129
4098
"group nogroup\n"
4130
4099
msgstr ""
4131
"\n"
4132
"local 172.18.100.101\n"
4133
"dev tap0\n"
4134
"server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
4135
"push \"route 172.18.100.1 255.255.255.0\"\n"
4136
"push \"dhcp-option DNS 172.18.100.20\"\n"
4137
"push \"dhcp-option DOMAIN example.com\"\n"
4138
"tls-auth ta.key 0 # This file is secret\n"
4139
"user nobody\n"
4140
"group nogroup\n"
4141
4100
4142
#: serverguide/C/vpn.xml:170(para)
4101
#: serverguide/C/vpn.xml:174(para)
4143
4102
msgid ""
4144
4103
"<emphasis>local</emphasis>: is the IP address of the bridge interface."
4145
4104
msgstr "<emphasis>local</emphasis>:是桥接界面的IP地址。"
4146
4105
4147
#: serverguide/C/vpn.xml:175(para)
4106
#: serverguide/C/vpn.xml:179(para)
4148
4107
msgid ""
4149
4108
"<emphasis>server-bridge</emphasis>: needed when the configuration uses "
4150
4109
"bridging. The <emphasis>172.18.100.101 255.255.255.0</emphasis> portion is "
4156
4115
"255.255.255.0</emphasis>是桥接界面和掩码。IP范围<emphasis>172.18.100.105 "
4157
4116
"172.18.100.200</emphasis>是将分配给客户端的IP地址范围。"
4158
4117
4159
#: serverguide/C/vpn.xml:182(para)
4118
#: serverguide/C/vpn.xml:186(para)
4160
4119
msgid ""
4161
4120
"<emphasis>push</emphasis>: are directives to add networking options for "
4162
4121
"clients."
4163
4122
msgstr "<emphasis>push</emphasis>: 是为客户端添加网络选项的命令。"
4164
4123
4165
#: serverguide/C/vpn.xml:187(para)
4124
#: serverguide/C/vpn.xml:191(para)
4166
4125
msgid ""
4167
4126
"<emphasis>user and group</emphasis>: configure which user and group the "
4168
4127
"<application>openvpn</application> daemon executes as."
4170
4129
"<emphasis>user and group</emphasis>: "
4171
4130
"配置<application>openvpn</application>程序执行时所使用的用户名和组名。"
4172
4131
4173
#: serverguide/C/vpn.xml:194(para)
4132
#: serverguide/C/vpn.xml:198(para)
4174
4133
msgid ""
4175
4134
"Replace all IP addresses and domain names above with those of your network."
4176
4135
msgstr "用你自己网络相应的IP地址和域名来做替换。"
4177
4136
4178
#: serverguide/C/vpn.xml:199(para)
4137
#: serverguide/C/vpn.xml:203(para)
4179
4138
msgid ""
4180
4139
"Next, create a couple of helper scripts to add the <emphasis>tap</emphasis> "
4181
4140
"interface to the bridge. Create <filename>/etc/openvpn/up.sh</filename>:"
4183
4142
"接下来,创建两个帮助脚本将<emphasis>tap</emphasis>界面添加至桥接。创建<filename>/etc/openvpn/up.sh</"
4184
4143
"filename>:"
4185
4144
4186
#: serverguide/C/vpn.xml:203(programlisting)
4145
#: serverguide/C/vpn.xml:207(programlisting)
4187
4146
#, no-wrap
4188
4147
msgid ""
4189
4148
"\n"
4204
4163
"/sbin/ifconfig $DEV mtu $MTU promisc up\n"
4205
4164
"/usr/sbin/brctl addif $BR $DEV\n"
4206
4165
4207
#: serverguide/C/vpn.xml:213(para)
4166
#: serverguide/C/vpn.xml:217(para)
4208
4167
msgid "And <filename>/etc/openvpn/down.sh</filename>:"
4209
4168
msgstr "和<filename>/etc/openvpn/down.sh</filename>:"
4210
4169
4211
#: serverguide/C/vpn.xml:217(programlisting)
4170
#: serverguide/C/vpn.xml:221(programlisting)
4212
4171
#, no-wrap
4213
4172
msgid ""
4214
4173
"\n"
4229
4188
"/usr/sbin/brctl delif $BR $DEV\n"
4230
4189
"/sbin/ifconfig $DEV down\n"
4231
4190
4232
#: serverguide/C/vpn.xml:227(para)
4191
#: serverguide/C/vpn.xml:231(para)
4233
4192
msgid "Then make them executable:"
4234
4193
msgstr "然后让他们可执行:"
4235
4194
4236
#: serverguide/C/vpn.xml:232(command)
4195
#: serverguide/C/vpn.xml:236(command)
4237
4196
msgid "sudo chmod 755 /etc/openvpn/down.sh"
4238
4197
msgstr "sudo chmod 755 /etc/openvpn/down.sh"
4239
4198
4240
#: serverguide/C/vpn.xml:233(command)
4199
#: serverguide/C/vpn.xml:237(command)
4241
4200
msgid "sudo chmod 755 /etc/openvpn/up.sh"
4242
4201
msgstr "sudo chmod 755 /etc/openvpn/up.sh"
4243
4202
4244
#: serverguide/C/vpn.xml:236(para)
4203
#: serverguide/C/vpn.xml:240(para)
4245
4204
msgid ""
4246
4205
"After configuring the server, restart <application>openvpn</application> by "
4247
4206
"entering:"
4248
4207
msgstr "配置完服务器之后,使用以下命令来重启<application>openvpn</application>:"
4249
4208
4250
#: serverguide/C/vpn.xml:241(command) serverguide/C/vpn.xml:281(command)
4209
#: serverguide/C/vpn.xml:245(command) serverguide/C/vpn.xml:293(command)
4251
4210
msgid "sudo /etc/init.d/openvpn restart"
4252
4211
msgstr "sudo /etc/init.d/openvpn restart"
4253
4212
4254
#: serverguide/C/vpn.xml:246(title)
4213
#: serverguide/C/vpn.xml:250(title)
4255
4214
msgid "Client Configuration"
4256
4215
msgstr "客户端配置"
4257
4216
4258
#: serverguide/C/vpn.xml:248(para)
4259
msgid ""
4260
"With the server configured and the client certificates copied over, create a "
4261
"client configuration file by copying the example. In a terminal on the "
4262
"client machine enter:"
4263
msgstr "在服务器配置完后,客户端证书也复制了后,通过复制示例文件来创建一个客户端配置文件。在客户端的终端输入:"
4264
4265
#: serverguide/C/vpn.xml:254(command)
4266
msgid ""
4267
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
4268
"/etc/openvpn"
4269
msgstr ""
4270
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
4271
"/etc/openvpn"
4272
4273
#: serverguide/C/vpn.xml:257(para)
4217
#: serverguide/C/vpn.xml:252(para)
4218
msgid "First, install <application>openvpn</application> on the client:"
4219
msgstr ""
4220
4221
#: serverguide/C/vpn.xml:260(para)
4222
msgid ""
4223
"Then with the server configured and the client certificates copied to the "
4224
"<filename>/etc/openvpn/</filename> directory, create a client configuration "
4225
"file by copying the example. In a terminal on the client machine enter:"
4226
msgstr ""
4227
4228
#: serverguide/C/vpn.xml:266(command)
4229
msgid ""
4230
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
4231
"/etc/openvpn"
4232
msgstr ""
4233
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
4234
"/etc/openvpn"
4235
4236
#: serverguide/C/vpn.xml:269(para)
4274
4237
msgid ""
4275
4238
"Now edit <filename>/etc/openvpn/client.conf</filename> changing the "
4276
4239
"following options:"
4277
4240
msgstr "现在编辑<filename>/etc/openvpn/client.conf</filename>,更改以下选项:"
4278
4241
4279
#: serverguide/C/vpn.xml:261(programlisting)
4242
#: serverguide/C/vpn.xml:273(programlisting)
4280
4243
#, no-wrap
4281
4244
msgid ""
4282
4245
"\n"
4293
4256
"key hostname.key\n"
4294
4257
"tls-auth ta.key 1\n"
4295
4258
4296
#: serverguide/C/vpn.xml:270(para)
4259
#: serverguide/C/vpn.xml:282(para)
4297
4260
msgid ""
4298
4261
"Replace <emphasis>vpn.example.com</emphasis> with the hostname of your VPN "
4299
4262
"server, and <emphasis>hostname.*</emphasis> with the actual certificate and "
4302
4265
"用您的VPN服务器的主机名替换<emphasis>vpn.example.com</emphasis>,并用实际的证书和钥匙文件名替换<emphasis>"
4303
4266
"hostname.*</emphasis>。"
4304
4267
4305
#: serverguide/C/vpn.xml:276(para)
4268
#: serverguide/C/vpn.xml:288(para)
4306
4269
msgid "Finally, restart <application>openvpn</application>:"
4307
4270
msgstr "最后,重启<application>openvpn</application>:"
4308
4271
4309
#: serverguide/C/vpn.xml:284(para)
4272
#: serverguide/C/vpn.xml:296(para)
4310
4273
msgid "You should now be able to connect to the remote LAN through the VPN."
4311
4274
msgstr "您现在应该可以通过VPN连接到远程LAN。"
4312
4275
4313
#: serverguide/C/vpn.xml:295(para)
4276
#: serverguide/C/vpn.xml:307(para)
4314
4277
msgid ""
4315
4278
"See the <ulink url=\"http://openvpn.net/\">OpenVPN</ulink> website for "
4316
4279
"additional information."
4317
4280
msgstr "请查看<ulink url=\"http://openvpn.net/\">OpenVPN</ulink>网站以获取更多信息。"
4318
4281
4319
#: serverguide/C/vpn.xml:300(para)
4282
#: serverguide/C/vpn.xml:312(para)
4320
4283
msgid ""
4321
4284
"Also, Pakt's <ulink url=\"http://www.packtpub.com/openvpn/book\">OpenVPN: "
4322
4285
"Building and Integrating Virtual Private Networks</ulink> is a good resource."
4324
4287
"还有,Pakt的<ulink url=\"http://www.packtpub.com/openvpn/book\">OpenVPN: "
4325
4288
"Building and Integrating Virtual Private Networks</ulink>也是个不错的信息源。"
4326
4289
4290
#: serverguide/C/vpn.xml:318(para)
4291
msgid ""
4292
"Another source of further information is the <ulink "
4293
"url=\"https://help.ubuntu.com/community/OpenVPN\">Ubuntu Wiki "
4294
"OpenVPN</ulink> page."
4295
msgstr ""
4296
4327
4297
#: serverguide/C/virtualization.xml:13(title)
4328
4298
msgid "Virtualization"
4329
4299
msgstr "虚拟化"
4368
4338
"是支持不同的虚拟化技术的统一接口。在开始使用<application>libvirt</application> "
4369
4339
"之前,最好确认您的硬件是否支持<application>KVM</application>所必须的虚拟化扩展。在终端提示符下输入如下内容:"
4370
4340
4371
#: serverguide/C/virtualization.xml:34(command)
4372
msgid "egrep '(vmx|svm)' /proc/cpuinfo"
4373
msgstr "egrep '(vmx|svm)' /proc/cpuinfo"
4341
#: serverguide/C/virtualization.xml:35(command)
4342
msgid "kvm-ok"
4343
msgstr ""
4374
4344
4375
#: serverguide/C/virtualization.xml:36(para)
4345
#: serverguide/C/virtualization.xml:37(para)
4376
4346
msgid ""
4377
"If nothing is printed, it means that your cpu does <emphasis>not</emphasis> "
4378
"support hardware virtualization."
4379
msgstr "如果屏幕上什么也没打印,那说明你的cpu<emphasis>不</emphasis>支持硬件虚拟。"
4347
"A message will be printed informing you if your CPU "
4348
"<emphasis>does</emphasis> or <emphasis>does not</emphasis> support hardware "
4349
"virtualization."
4350
msgstr ""
4380
4351
4381
#: serverguide/C/virtualization.xml:40(para)
4352
#: serverguide/C/virtualization.xml:41(para)
4382
4353
msgid ""
4383
4354
"On most computer whose processor supports virtualization, it is necessary to "
4384
"activate an option in the bios to enable it. The method described above does "
4385
"not show the status of it's activation."
4386
msgstr "在大多数处理器支持虚拟化的电脑上,有必要激活bios里的一个选项。上述描述的方法没有展示其激活状态。"
4355
"activate an option in the BIOS to enable it."
4356
msgstr ""
4387
4357
4388
4358
#: serverguide/C/virtualization.xml:47(title)
4389
4359
msgid "Virtual Networking"
4470
4440
msgid ""
4471
4441
"There are several ways to automate the Ubuntu installation process, for "
4472
4442
"example using preseeds, kickstart, etc. Refer to the <ulink "
4473
"url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
4474
"Guide</ulink> for details."
4443
"url=\"https://help.ubuntu.com/10.04 LTS/installation-guide/\">Ubuntu "
4444
"Installation Guide</ulink> for details."
4475
4445
msgstr ""
4476
"有几种方法可以让Ubuntu的安装实现自动化,如使用preseeds, kickstart等等。详细信息请查看<ulink "
4477
"url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
4478
"Guide</ulink>。"
4479
4446
4480
4447
#: serverguide/C/virtualization.xml:98(para)
4481
4448
msgid ""
4890
4857
"您还可以看看 <emphasis>#ubuntu-virt</emphasis>这个IRC频道 <ulink "
4891
4858
"url=\"http://freenode.net/\">freenode</ulink> 来讨论关于Ubuntu中的虚拟化技术。"
4892
4859
4893
#: serverguide/C/virtualization.xml:394(title)
4860
#: serverguide/C/virtualization.xml:391(para)
4861
msgid ""
4862
"Another good resource is the <ulink "
4863
"url=\"https://help.ubuntu.com/community/KVM\">Ubuntu Wiki KVM</ulink> page."
4864
msgstr ""
4865
4866
#: serverguide/C/virtualization.xml:399(title)
4894
4867
msgid "JeOS and vmbuilder"
4895
4868
msgstr "JeOS 和 vmbuilder"
4896
4869
4897
#: serverguide/C/virtualization.xml:400(title)
4870
#: serverguide/C/virtualization.xml:405(title)
4898
4871
msgid "What is JeOS"
4899
4872
msgstr "什么是 JeOS"
4900
4873
4901
#: serverguide/C/virtualization.xml:402(para)
4874
#: serverguide/C/virtualization.xml:407(para)
4902
4875
msgid ""
4903
4876
"Ubuntu <emphasis>JeOS</emphasis> (pronounced \"Juice\") is an efficient "
4904
4877
"variant of the Ubuntu Server operating system, configured specifically for "
4908
4881
"Ubuntu <emphasis>JeOS</emphasis>(发音为 \"朱丝\")是个高效率 Ubuntu "
4909
4882
"服务器操作系统的不同版本,专门为虚拟设备所设置。不再做为 CD-ROM ISO 提供下载,但只能做为一种选择:"
4910
4883
4911
#: serverguide/C/virtualization.xml:409(para)
4884
#: serverguide/C/virtualization.xml:414(para)
4912
4885
msgid ""
4913
4886
"While installing from the Server Edition ISO (pressing "
4914
4887
"<emphasis>F4</emphasis> on the first screen will allow you to pick \"Minimal "
4917
4890
"在安装 ISO 的服务器版本时(在第一个画面请按<emphasis>F4</emphasis>将会允许你选择“最小安装”,这个选择的安装包相当于 "
4918
4891
"JeOS)。"
4919
4892
4920
#: serverguide/C/virtualization.xml:415(para)
4893
#: serverguide/C/virtualization.xml:420(para)
4921
4894
msgid "Or to be built using Ubuntu's vmbuilder, which is described here."
4922
4895
msgstr "否则采用所描述 Ubuntu 的 vmbuilder 。"
4923
4896
4924
#: serverguide/C/virtualization.xml:421(para)
4897
#: serverguide/C/virtualization.xml:426(para)
4925
4898
msgid ""
4926
4899
"JeOS is a specialized installation of Ubuntu Server Edition with a tuned "
4927
4900
"kernel that only contains the base elements needed to run within a "
4928
4901
"virtualized environment."
4929
4902
msgstr "JeOS 是专门安装 Ubuntu 服务器版本以调整内核,包含的基本功能需要运行在虚拟环境里。"
4930
4903
4931
#: serverguide/C/virtualization.xml:426(para)
4904
#: serverguide/C/virtualization.xml:431(para)
4932
4905
msgid ""
4933
4906
"Ubuntu JeOS has been tuned to take advantage of key performance technologies "
4934
4907
"in the latest virtualization products from VMware. This combination of "
4939
4912
"Ubuntu JeOS 已从 VMware 最新虚拟产品利用关键性能技术来调整。这种减少尺寸和优化性能的绑定保证了 Ubuntu JeOS "
4940
4913
"版本在大型虚拟部署中提供高效的服务器资源使用。"
4941
4914
4942
#: serverguide/C/virtualization.xml:432(para)
4915
#: serverguide/C/virtualization.xml:437(para)
4943
4916
msgid ""
4944
4917
"Without unnecessary drivers, and only the minimal required packages, ISVs "
4945
4918
"can configure their supporting OS exactly as they require. They have the "
4953
4926
"完全可以设定自己所需支持的系统。他们正常安装时,无论出于安全还是增强原因,仅限定于在自己所需最低要求的环境中。相反,用户部署虚拟设备基础上的 JeOS "
4954
4927
"将不得不通过少量更新,从而减少他们服务器标准完全安装的维护。"
4955
4928
4956
#: serverguide/C/virtualization.xml:441(title)
4929
#: serverguide/C/virtualization.xml:446(title)
4957
4930
msgid "What is vmbuilder"
4958
4931
msgstr "什么是 vmbuilder"
4959
4932
4960
#: serverguide/C/virtualization.xml:443(para)
4933
#: serverguide/C/virtualization.xml:448(para)
4961
4934
msgid ""
4962
4935
"With vmbuilder, there is no need to download a JeOS ISO anymore. vmbuilder "
4963
"will fetch the various package and build a virtual machine tailored for our "
4964
"need in about a minute for us. Vmbuilder is a Script that automates the "
4965
"process of creating a ready to use Linux based VM. The currently supported "
4966
"hypervisors are KVM and Xen."
4936
"will fetch the various package and build a virtual machine tailored for your "
4937
"needs in about a minute. vmbuilder is a script that automates the process of "
4938
"creating a ready to use Linux based VM. The currently supported hypervisors "
4939
"are KVM and Xen."
4967
4940
msgstr ""
4968
"使用 vmbuilder,没必要再下载 JeOS 的 ISO 。vmbuilder "
4969
"将会获取不同安装包,并在大约一分钟内为我们建立虚拟机。Vmbuilder 是个自动化过程创建个准备基于 VM 来使用的 Linux "
4970
"脚本。当前脚本支持虚拟机监视器的 KVM 和 Xen。"
4971
4941
4972
#: serverguide/C/virtualization.xml:449(para)
4942
#: serverguide/C/virtualization.xml:454(para)
4973
4943
msgid ""
4974
4944
"You can pass command line options to add extra packages, remove packages, "
4975
4945
"choose which version of Ubuntu, which mirror etc. On recent hardware with "
4980
4950
"版本的镜像等等。会列出最近大量内存的硬件,临时目录在<filename>/dev/shm</filename>或者使用 tmpfs 和 "
4981
4951
"本地镜像,您可在一分钟内启动 VM。"
4982
4952
4983
#: serverguide/C/virtualization.xml:455(para)
4953
#: serverguide/C/virtualization.xml:460(para)
4984
4954
msgid ""
4985
"First introduced as a shell script in Ubuntu 8.04LTS, <application>ubuntu-vm-"
4986
"builder</application> started with little emphasis as a hack to help "
4955
"First introduced as a shell script in Ubuntu 8.04 LTS, <application>ubuntu-"
4956
"vm-builder</application> started with little emphasis as a hack to help "
4987
4957
"developers test their new code in a virtual machine without having to "
4988
4958
"restart from scratch each time. As a few Ubuntu administrators started to "
4989
4959
"notice this script, a few of them went on improving it and adapting it for "
4991
4961
"virtualization specialist, not the golf player) decided to rewrite it from "
4992
4962
"scratch for Intrepid as a python script with a few new design goals:"
4993
4963
msgstr ""
4994
"首次在 Ubuntu 的 8.04LTS 版本 做为 shell 脚本来介绍, <application>ubuntu-vm-"
4995
"builder</application>开始强调做为测试员去帮助开发人员在虚拟机上测试新的代码而不用每次都从头开始重新启动。少数 Ubuntu "
4996
"的管理员开始注意这脚本,在这么多使用的情况下他们一些人继续改进和调整,索伦汉森( Ubuntu "
4997
"虚拟专家和脚本作者,并非高尔夫球员)决定为一些新的设计目标重写做为 python 脚本的 Intrepid 。"
4998
4964
4999
#: serverguide/C/virtualization.xml:465(para)
4965
#: serverguide/C/virtualization.xml:470(para)
5000
4966
msgid "Develop it so that it can be reused by other distributions."
5001
4967
msgstr "使之流传开发能由其它发布版本重复使用。"
5002
4968
5003
#: serverguide/C/virtualization.xml:470(para)
4969
#: serverguide/C/virtualization.xml:475(para)
5004
4970
msgid ""
5005
4971
"Use a plugin mechanisms for all virtualization interactions so that others "
5006
4972
"can easily add logic for other virtualization environments."
5007
4973
msgstr "为所有虚拟化的互动使用插件途径,使其他人能方便添加逻辑虚拟环境。"
5008
4974
5009
#: serverguide/C/virtualization.xml:475(para)
4975
#: serverguide/C/virtualization.xml:480(para)
5010
4976
msgid ""
5011
4977
"Provide an easy to maintain web interface as an option to the command line "
5012
4978
"interface."
5013
4979
msgstr "提供作为个命令行界面的选项能简单维护 web 的界面。"
5014
4980
5015
#: serverguide/C/virtualization.xml:481(para)
4981
#: serverguide/C/virtualization.xml:486(para)
5016
4982
msgid "But the general principles and commands remain the same."
5017
4983
msgstr "但一般原则和命令仍保持不变。"
5018
4984
5019
#: serverguide/C/virtualization.xml:488(title)
4985
#: serverguide/C/virtualization.xml:493(title)
5020
4986
msgid "Initial Setup"
5021
4987
msgstr "初始安装"
5022
4988
5023
#: serverguide/C/virtualization.xml:490(para)
4989
#: serverguide/C/virtualization.xml:495(para)
5024
4990
msgid ""
5025
4991
"It is assumed that you have installed and configured "
5026
4992
"<application>libvirt</application> and <application>KVM</application> "
5030
4996
"假如您已经安装并配置<application>libvirt</application>和<application>KVM</application>在本"
5031
4997
"地的机器上。关于如何执行的更多细节请浏览:"
5032
4998
5033
#: serverguide/C/virtualization.xml:502(para)
4999
#: serverguide/C/virtualization.xml:507(para)
5034
5000
msgid ""
5035
5001
"The <ulink url=\"https://help.ubuntu.com/community/KVM\">KVM</ulink> Wiki "
5036
5002
"page."
5037
5003
msgstr ""
5038
5004
"<ulink url=\"https://help.ubuntu.com/community/KVM\">KVM</ulink> Wiki 页面。"
5039
5005
5040
#: serverguide/C/virtualization.xml:508(para)
5006
#: serverguide/C/virtualization.xml:513(para)
5041
5007
msgid ""
5042
5008
"We also assume that you know how to use a text based text editor such as "
5043
5009
"nano or vi. If you have not used any of them before, you can get an overview "
5050
5016
"url=\"https://help.ubuntu.com/community/PowerUsersTextEditors\">PowerUsersTex"
5051
5017
"tEditors</ulink>页面来获得对各种文本编辑器的大致了解。这指南是针对 KVM 完成的,但一般原则应该对其他的虚拟化技术做保留。"
5052
5018
5053
#: serverguide/C/virtualization.xml:516(title)
5019
#: serverguide/C/virtualization.xml:521(title)
5054
5020
msgid "Install vmbuilder"
5055
5021
msgstr "安装l vmbuilder"
5056
5022
5057
#: serverguide/C/virtualization.xml:518(para)
5023
#: serverguide/C/virtualization.xml:523(para)
5058
5024
msgid ""
5059
5025
"The name of the package that we need to install is <application>python-vm-"
5060
5026
"builder</application>. In a terminal prompt enter:"
5061
5027
msgstr "我们必需要安装的安装包名字是<application>python-vm-builder</application>。在终端提示里键入:"
5062
5028
5063
#: serverguide/C/virtualization.xml:523(command)
5029
#: serverguide/C/virtualization.xml:528(command)
5064
5030
msgid "sudo apt-get install python-vm-builder"
5065
5031
msgstr "sudo apt-get install python-vm-builder"
5066
5032
5067
#: serverguide/C/virtualization.xml:527(para)
5033
#: serverguide/C/virtualization.xml:532(para)
5068
5034
msgid ""
5069
5035
"If you are running Hardy, you can still perform most of this using the older "
5070
5036
"version of the package named <application>ubuntu-vm-builder</application>, "
5073
5039
"如果您在运行 Hardy,你仍可以执行大多数使用的是旧版本且命名为<application>ubuntu-vm-"
5074
5040
"builder</application>的老版本,只有少数语法变化的工具。"
5075
5041
5076
#: serverguide/C/virtualization.xml:536(title)
5042
#: serverguide/C/virtualization.xml:541(title)
5077
5043
msgid "Defining Your Virtual Machine"
5078
5044
msgstr "定义您的虚拟机"
5079
5045
5080
#: serverguide/C/virtualization.xml:538(para)
5046
#: serverguide/C/virtualization.xml:543(para)
5081
5047
msgid ""
5082
5048
"Defining a virtual machine with Ubuntu's vmbuilder is quite simple, but here "
5083
5049
"are a few thing to consider:"
5084
5050
msgstr "定义 Ubuntu 的 vmbuilder 虚拟机非常简单,但这里有几点是要考虑的:"
5085
5051
5086
#: serverguide/C/virtualization.xml:544(para)
5052
#: serverguide/C/virtualization.xml:549(para)
5087
5053
msgid ""
5088
5054
"If you plan on shipping a virtual appliance, do not assume that the end-user "
5089
5055
"will know how to extend disk size to fit their need, so either plan for a "
5094
5060
"如果你想部署一个虚拟应用,不要假设终端用户会知道如何扩展磁盘空间以使之适合他们的需要。因此,要么预留一个大的虚拟磁盘来允许你的应用的增长,要么在你的文档里"
5095
5061
"详细的说明如何获取更多的空间。把数据分别存放在不同的扩展存储器上是再好不过的主意了。"
5096
5062
5097
#: serverguide/C/virtualization.xml:551(para)
5063
#: serverguide/C/virtualization.xml:556(para)
5098
5064
msgid ""
5099
5065
"Given that RAM is much easier to allocate in a VM, RAM size should be set to "
5100
5066
"whatever you think is a safe minimum for your appliance."
5101
5067
msgstr "内存在虚拟机中的分配比较容易一些,内存大小应该被设置为你想要的装置所需的最小安全值。"
5102
5068
5103
#: serverguide/C/virtualization.xml:557(para)
5069
#: serverguide/C/virtualization.xml:562(para)
5104
5070
msgid ""
5105
5071
"The <application>vmbuilder</application> command has 2 main parameters: the "
5106
5072
"<emphasis>virtualization technology (hypervisor)</emphasis> and the targeted "
5111
5077
"个主要参数:<emphasis>虚拟化技术(hypervisor)</emphasis>和<emphasis>发布</emphasis>目标。可选参数可是"
5112
5078
"相当多的,可使用以下命令:"
5113
5079
5114
#: serverguide/C/virtualization.xml:563(command)
5080
#: serverguide/C/virtualization.xml:568(command)
5115
5081
msgid "vmbuilder --help"
5116
5082
msgstr "vmbuilder --help"
5117
5083
5118
#: serverguide/C/virtualization.xml:567(title)
5084
#: serverguide/C/virtualization.xml:572(title)
5119
5085
msgid "Base Parameters"
5120
5086
msgstr "基本参数"
5121
5087
5122
#: serverguide/C/virtualization.xml:569(para)
5088
#: serverguide/C/virtualization.xml:574(para)
5123
5089
msgid ""
5124
"As this example is based on <application>KVM</application> and Ubuntu 9.10 "
5125
"(Karmic Koala), and we are likely to rebuild the same virtual machine "
5090
"As this example is based on <application>KVM</application> and Ubuntu 10.04 "
5091
"LTS (Lucid Lynx), and we are likely to rebuild the same virtual machine "
5126
5092
"multiple time, we'll invoke vmbuilder with the following first parameters:"
5127
5093
msgstr ""
5128
"因为此例是基于<application>KVM</application>和Ubuntu 9.10 (Karmic "
5129
"Koala),我们可以多次重建同样的虚拟机,我们可以使用以下的参数来调用vmbuilder:"
5130
5094
5131
#: serverguide/C/virtualization.xml:575(command)
5095
#: serverguide/C/virtualization.xml:580(command)
5132
5096
msgid ""
5133
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
5097
"sudo vmbuilder kvm ubuntu --suite lucid --flavour virtual --arch i386 -o --"
5134
5098
"libvirt qemu:///system"
5135
5099
msgstr ""
5136
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
5137
"libvirt qemu:///system"
5138
5100
5139
#: serverguide/C/virtualization.xml:578(para)
5101
#: serverguide/C/virtualization.xml:583(para)
5140
5102
msgid ""
5141
5103
"The <emphasis>--suite</emphasis> defines the Ubuntu release, the <emphasis>--"
5142
5104
"flavour</emphasis> specifies that we want to use the virtual kernel (that's "
5151
5113
"arch</emphasis>告诉我们要使用 32 位的机器,<emphasis>-o</emphasis> 告诉 vmbuilder "
5152
5114
"覆盖虚拟机的上个版本和 <emphasis>--libvirt</emphasis>通知本地虚拟化环境增加导致虚拟机的名单上可用机器。"
5153
5115
5154
#: serverguide/C/virtualization.xml:586(para)
5116
#: serverguide/C/virtualization.xml:591(para)
5155
5117
msgid "Notes:"
5156
5118
msgstr "备注:"
5157
5119
5158
#: serverguide/C/virtualization.xml:592(para)
5120
#: serverguide/C/virtualization.xml:597(para)
5159
5121
msgid ""
5160
5122
"Because of the nature of operations performed by vmbuilder, it needs to have "
5161
5123
"root privilege, hence the use of sudo."
5162
5124
msgstr "由于 vmbuilder 所要执行的任务,它需要有 root 权限,因此请使用命令 sudo 。"
5163
5125
5164
#: serverguide/C/virtualization.xml:597(para)
5126
#: serverguide/C/virtualization.xml:602(para)
5165
5127
msgid ""
5166
5128
"If your virtual machine needs to use more than 3Gb of ram, you should build "
5167
5129
"a 64 bit machine (--arch amd64)."
5168
5130
msgstr "如果您的虚拟机需要使用超过 3Gb 的内存,应该建立64位虚拟机(--arch amd64)。"
5169
5131
5170
#: serverguide/C/virtualization.xml:602(para)
5132
#: serverguide/C/virtualization.xml:607(para)
5171
5133
msgid ""
5172
5134
"Until Ubuntu 8.10, the virtual kernel was only built for 32 bit "
5173
5135
"architecture, so if you want to define an amd64 machine on Hardy, you should "
5176
5138
"直到 Ubuntu 8.10 版本虚拟内核技术仅建立在 32 位结构,如果您想在 amd64 机器上安装 Hardy,您应使用<emphasis>--"
5177
5139
"flavour</emphasis>服务器来代替使用。"
5178
5140
5179
#: serverguide/C/virtualization.xml:610(title)
5141
#: serverguide/C/virtualization.xml:615(title)
5180
5142
msgid "JeOS Installation Parameters"
5181
5143
msgstr "JeOS 安装参数"
5182
5144
5183
#: serverguide/C/virtualization.xml:613(title)
5145
#: serverguide/C/virtualization.xml:618(title)
5184
5146
msgid "JeOS Networking"
5185
5147
msgstr "JeOS 网络"
5186
5148
5187
#: serverguide/C/virtualization.xml:616(title)
5149
#: serverguide/C/virtualization.xml:621(title)
5188
5150
msgid "Assigning a fixed IP address"
5189
5151
msgstr "分配一个规定 IP 地址"
5190
5152
5191
#: serverguide/C/virtualization.xml:618(para)
5153
#: serverguide/C/virtualization.xml:623(para)
5192
5154
msgid ""
5193
5155
"As a virtual appliance that may be deployed on various very different "
5194
5156
"networks, it is very difficult to know what the actual network will look "
5201
5163
"对于一个可能被部署到大不相同的各种网络上的虚拟装备来说,很难了解实际的网络是什么样的。为了简化配置,好的办法就是采取网络硬件供应商通常采取的办法,也就是在"
5202
5164
"一个你要在文档中提供的私有级别的网络里,给装置分配一个初始的固定IP地址。地址范围为192.168.0.0/255通常是个好选择。"
5203
5165
5204
#: serverguide/C/virtualization.xml:625(para)
5166
#: serverguide/C/virtualization.xml:630(para)
5205
5167
msgid "To do this we'll use the following parameters:"
5206
5168
msgstr "做这种我们会使用下面的参数:"
5207
5169
5208
#: serverguide/C/virtualization.xml:631(para)
5170
#: serverguide/C/virtualization.xml:636(para)
5209
5171
msgid ""
5210
5172
"<emphasis>--ip ADDRESS</emphasis>: IP address in dotted form (defaults to "
5211
5173
"dhcp if not specified)"
5212
5174
msgstr "<emphasis>--ip ADDRESS</emphasis>:IP 地址的指派(如没指定默认为 dhcp )"
5213
5175
5214
#: serverguide/C/virtualization.xml:636(para)
5176
#: serverguide/C/virtualization.xml:641(para)
5215
5177
msgid ""
5216
5178
"<emphasis>--mask VALUE</emphasis>: IP mask in dotted form (default: "
5217
5179
"255.255.255.0)"
5218
5180
msgstr "<emphasis>--net VALUE</emphasis>:IP 子网俺码的指派(默认:255.255.255.0)"
5219
5181
5220
#: serverguide/C/virtualization.xml:641(para)
5182
#: serverguide/C/virtualization.xml:646(para)
5221
5183
msgid "<emphasis>--net VALUE</emphasis>: IP net address (default: X.X.X.0)"
5222
5184
msgstr "<emphasis>--net VALUE</emphasis>:IP 网络地址(默认:X.X.X.0)"
5223
5185
5224
#: serverguide/C/virtualization.xml:646(para)
5186
#: serverguide/C/virtualization.xml:651(para)
5225
5187
msgid "<emphasis>--bcast VALUE</emphasis>: IP broadcast (default: X.X.X.255)"
5226
5188
msgstr "<emphasis>--bcast VALUE</emphasis>:IP 广播地址(默认:X.X.X.255)"
5227
5189
5228
#: serverguide/C/virtualization.xml:651(para)
5190
#: serverguide/C/virtualization.xml:656(para)
5229
5191
msgid "<emphasis>--gw ADDRESS</emphasis>: Gateway address (default: X.X.X.1)"
5230
5192
msgstr "<emphasis>--gw ADDRESS</emphasis>:网关地址(默认:X.X.X.1)"
5231
5193
5232
#: serverguide/C/virtualization.xml:656(para)
5194
#: serverguide/C/virtualization.xml:661(para)
5233
5195
msgid ""
5234
5196
"<emphasis>--dns ADDRESS</emphasis>: Name server address (default: X.X.X.1)"
5235
5197
msgstr "<emphasis>--dns ADDRESS</emphasis>:DNS 服务器地址:(默认:X.X.X.1)"
5236
5198
5237
#: serverguide/C/virtualization.xml:662(para)
5199
#: serverguide/C/virtualization.xml:667(para)
5238
5200
msgid ""
5239
5201
"We assume for now that default values are good enough, so the resulting "
5240
5202
"invocation becomes:"
5241
5203
msgstr "我们承认目前默认值不够好,所以导致调用变成:"
5242
5204
5243
#: serverguide/C/virtualization.xml:667(command)
5205
#: serverguide/C/virtualization.xml:672(command)
5244
5206
msgid ""
5245
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
5207
"sudo vmbuilder kvm ubuntu --suite lucid --flavour virtual --arch i386 -o --"
5246
5208
"libvirt qemu:///system --ip 192.168.0.100"
5247
5209
msgstr ""
5248
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
5249
"libvirt qemu:///system --ip 192.168.0.100"
5250
5210
5251
#: serverguide/C/virtualization.xml:672(title)
5211
#: serverguide/C/virtualization.xml:677(title)
5252
5212
msgid "Modifying the libvirt Template to use Bridging"
5253
5213
msgstr "修改 libvirt 模板来使用桥接"
5254
5214
5255
#: serverguide/C/virtualization.xml:674(para)
5215
#: serverguide/C/virtualization.xml:679(para)
5256
5216
msgid ""
5257
5217
"Because our appliance will be likely to need to be accessed by remote hosts, "
5258
5218
"we need to configure libvirt so that the appliance uses bridge networking. "
5261
5221
"因为我们设备有可能将会需要由远程主机来访问,需要设置 libvirt 使设备使用到网桥。为了做到这点我们使用 vmbuilder "
5262
5222
"的默认模板来修改其中一个默认值。"
5263
5223
5264
#: serverguide/C/virtualization.xml:679(para)
5224
#: serverguide/C/virtualization.xml:684(para)
5265
5225
msgid ""
5266
5226
"In our working directory we create the template hierarchy and copy the "
5267
5227
"default template:"
5268
5228
msgstr "我们创建的模板等级和复制默认模板在活动目录中:"
5269
5229
5270
#: serverguide/C/virtualization.xml:684(command)
5230
#: serverguide/C/virtualization.xml:689(command)
5271
5231
msgid "mkdir -p VMBuilder/plugins/libvirt/templates"
5272
5232
msgstr "mkdir -p VMBuilder/plugins/libvirt/templates"
5273
5233
5274
#: serverguide/C/virtualization.xml:685(command)
5234
#: serverguide/C/virtualization.xml:690(command)
5275
5235
msgid "cp /etc/vmbuilder/libvirt/* VMBuilder/plugins/libvirt/templates/"
5276
5236
msgstr "cp /etc/vmbuilder/libvirt/* VMBuilder/plugins/libvirt/templates/"
5277
5237
5278
#: serverguide/C/virtualization.xml:688(para)
5238
#: serverguide/C/virtualization.xml:693(para)
5279
5239
msgid ""
5280
5240
"We can then edit "
5281
5241
"<filename>VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl</filename> to "
5284
5244
"我们可以编辑<filename>VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl</filename"
5285
5245
">来改变:"
5286
5246
5287
#: serverguide/C/virtualization.xml:692(programlisting)
5247
#: serverguide/C/virtualization.xml:697(programlisting)
5288
5248
#, no-wrap
5289
5249
msgid ""
5290
5250
"\n"
5297
5257
" <source network='default'/>\n"
5298
5258
" </interface>\n"
5299
5259
5300
#: serverguide/C/virtualization.xml:698(para)
5260
#: serverguide/C/virtualization.xml:703(para)
5301
5261
msgid "To:"
5302
5262
msgstr "到:"
5303
5263
5304
#: serverguide/C/virtualization.xml:702(programlisting)
5264
#: serverguide/C/virtualization.xml:707(programlisting)
5305
5265
#, no-wrap
5306
5266
msgid ""
5307
5267
"\n"
5314
5274
" <source bridge='br0'/>\n"
5315
5275
" </interface>\n"
5316
5276
5317
#: serverguide/C/virtualization.xml:712(title) serverguide/C/installation.xml:407(title)
5277
#: serverguide/C/virtualization.xml:717(title) serverguide/C/installation.xml:459(title)
5318
5278
msgid "Partitioning"
5319
5279
msgstr "分区"
5320
5280
5321
#: serverguide/C/virtualization.xml:714(para)
5281
#: serverguide/C/virtualization.xml:719(para)
5322
5282
msgid ""
5323
5283
"Partitioning of the virtual appliance will have to take into consideration "
5324
5284
"what you are planning to do with is. Because most appliances want to have a "
5327
5287
msgstr ""
5328
5288
"您必须认真考虑计划去做虚拟设备的分区的事。因为大多数设备只单独为数据存储,有个独立的<filename>/var</filename>分区是个明智的选择。"
5329
5289
5330
#: serverguide/C/virtualization.xml:719(para)
5290
#: serverguide/C/virtualization.xml:724(para)
5331
5291
msgid ""
5332
5292
"In order to do this vmbuilder provides us with <emphasis>--part</emphasis>:"
5333
5293
msgstr "vmbuilder 为我们提供<emphasis>--part</emphasis>来做到这点:"
5334
5294
5335
#: serverguide/C/virtualization.xml:723(programlisting)
5295
#: serverguide/C/virtualization.xml:728(programlisting)
5336
5296
#, no-wrap
5337
5297
msgid ""
5338
5298
"\n"
5339
5299
"--part PATH\n"
5340
" Allows to specify a partition table in partfile each line of partfile "
5341
"should specify\n"
5300
" Allows you to specify a partition table in a partition file, located at "
5301
"PATH. Each line of the partition file should specify\n"
5342
5302
" (root first):\n"
5343
5303
" mountpoint size\n"
5344
5304
" where size is in megabytes. You can have up to 4 virtual disks, a new "
5351
5311
" /var 2000\n"
5352
5312
" /log 1500\n"
5353
5313
msgstr ""
5354
"\n"
5355
"--part PATH\n"
5356
" Allows to specify a partition table in partfile each line of partfile "
5357
"should specify\n"
5358
" (root first):\n"
5359
" mountpoint size\n"
5360
" where size is in megabytes. You can have up to 4 virtual disks, a new disk "
5361
"starts on a\n"
5362
" line with ’---’. ie :\n"
5363
" root 1000\n"
5364
" /opt 1000\n"
5365
" swap 256\n"
5366
" ---\n"
5367
" /var 2000\n"
5368
" /log 1500\n"
5369
5314
5370
#: serverguide/C/virtualization.xml:738(para)
5315
#: serverguide/C/virtualization.xml:743(para)
5371
5316
msgid ""
5372
5317
"In our case we will define a text file name "
5373
5318
"<filename>vmbuilder.partition</filename> which will contain the following:"
5374
5319
msgstr "就我们而言,我们会定义文本文件命名为<filename>vmbuilder.partition</filename>,这包含以下内容:"
5375
5320
5376
#: serverguide/C/virtualization.xml:742(programlisting)
5321
#: serverguide/C/virtualization.xml:747(programlisting)
5377
5322
#, no-wrap
5378
5323
msgid ""
5379
5324
"\n"
5388
5333
"---\n"
5389
5334
"/var 20000\n"
5390
5335
5391
#: serverguide/C/virtualization.xml:750(para)
5336
#: serverguide/C/virtualization.xml:755(para)
5392
5337
msgid ""
5393
5338
"Note that as we are using virtual disk images, the actual sizes that we put "
5394
5339
"here are maximum sizes for these volumes."
5395
5340
msgstr "注意的是我们正使用虚拟镜像盘,把这些卷的最大值设为实际大小值。"
5396
5341
5397
#: serverguide/C/virtualization.xml:755(para)
5342
#: serverguide/C/virtualization.xml:760(para)
5398
5343
msgid "Our command line now looks like:"
5399
5344
msgstr "现在我们使用的命令行看起来像:"
5400
5345
5401
#: serverguide/C/virtualization.xml:760(command)
5346
#: serverguide/C/virtualization.xml:765(command)
5402
5347
msgid ""
5403
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
5404
"--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
5348
"sudo vmbuilder kvm ubuntu --suite lucid --flavour virtual --arch i386 \\ -o -"
5349
"-libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
5405
5350
msgstr ""
5406
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
5407
"--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
5408
5351
5409
#: serverguide/C/virtualization.xml:765(para)
5352
#: serverguide/C/virtualization.xml:770(para)
5410
5353
msgid ""
5411
5354
"Using a \"\\\" in a command will allow long command strings to wrap to the "
5412
5355
"next line."
5413
5356
msgstr "在命令里使用 “\\” 将允许换行时截断长字符串的命令。"
5414
5357
5415
#: serverguide/C/virtualization.xml:772(title)
5358
#: serverguide/C/virtualization.xml:777(title)
5416
5359
msgid "User and Password"
5417
5360
msgstr "用户和密码"
5418
5361
5419
#: serverguide/C/virtualization.xml:774(para)
5362
#: serverguide/C/virtualization.xml:779(para)
5420
5363
msgid ""
5421
5364
"Again setting up a virtual appliance, you will need to provide a default "
5422
5365
"user and password that is generic so that you can include it in your "
5430
5373
"户首次运行设备上,除此之外,会询问是否改变密码。在这例子中将会使用<emphasis>'user'</emphasis>来做为用户名和<emphasis>"
5431
5374
"'default'</emphasis>做来密码。"
5432
5375
5433
#: serverguide/C/virtualization.xml:782(para)
5376
#: serverguide/C/virtualization.xml:787(para)
5434
5377
msgid "To do this we use the following optional parameters:"
5435
5378
msgstr "采用这步骤要使用以下可选参数:"
5436
5379
5437
#: serverguide/C/virtualization.xml:788(para)
5380
#: serverguide/C/virtualization.xml:793(para)
5438
5381
msgid ""
5439
5382
"<emphasis>--user USERNAME:</emphasis> Sets the name of the user to be added. "
5440
5383
"Default: ubuntu."
5441
5384
msgstr "<emphasis>--user USERNAME:</emphasis>添加新的用户名。默认名为:ubuntu。"
5442
5385
5443
#: serverguide/C/virtualization.xml:793(para)
5386
#: serverguide/C/virtualization.xml:798(para)
5444
5387
msgid ""
5445
5388
"<emphasis>--name FULLNAME:</emphasis> Sets the full name of the user to be "
5446
5389
"added. Default: Ubuntu."
5447
5390
msgstr "<emphasis>--name FULLNAME:</emphasis>添加新的用户全名。默认名为:Ubuntu。"
5448
5391
5449
#: serverguide/C/virtualization.xml:798(para)
5392
#: serverguide/C/virtualization.xml:803(para)
5450
5393
msgid ""
5451
5394
"<emphasis>--pass PASSWORD:</emphasis> Sets the password for the user. "
5452
5395
"Default: ubuntu."
5453
5396
msgstr "<emphasis>--pass PASSWORD:</emphasis>为用户名设置密码。默认值为:ubuntu。"
5454
5397
5455
#: serverguide/C/virtualization.xml:804(para)
5398
#: serverguide/C/virtualization.xml:809(para)
5456
5399
msgid "Our resulting command line becomes:"
5457
5400
msgstr "我们的生效命令行成为:"
5458
5401
5459
#: serverguide/C/virtualization.xml:809(command)
5402
#: serverguide/C/virtualization.xml:814(command)
5460
5403
msgid ""
5461
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
5462
"o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
5463
"-user user --name user --pass default"
5404
"sudo vmbuilder kvm ubuntu --suite lucid --flavour virtual --arch i386 \\ -o -"
5405
"-libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ --"
5406
"user user --name user --pass default"
5464
5407
msgstr ""
5465
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
5466
"o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
5467
"-user user --name user --pass default"
5468
5408
5469
#: serverguide/C/virtualization.xml:817(title)
5409
#: serverguide/C/virtualization.xml:822(title)
5470
5410
msgid "Installing Required Packages"
5471
5411
msgstr "安装需要的包"
5472
5412
5473
#: serverguide/C/virtualization.xml:819(para)
5413
#: serverguide/C/virtualization.xml:824(para)
5474
5414
msgid ""
5475
5415
"In this example we will be installing a package "
5476
5416
"<application>(Limesurvey)</application> that accesses a "
5480
5420
"在这样例中我们将安装<application>(Limesurvey)</application>软件包以能够访问有 web "
5481
5421
"接面的<application>MySQL</application>数据库。因此需要操作系统为我们提供:"
5482
5422
5483
#: serverguide/C/virtualization.xml:826(para)
5423
#: serverguide/C/virtualization.xml:831(para)
5484
5424
msgid "Apache"
5485
5425
msgstr "Apache"
5486
5426
5487
#: serverguide/C/virtualization.xml:827(para)
5427
#: serverguide/C/virtualization.xml:832(para)
5488
5428
msgid "PHP"
5489
5429
msgstr "PHP"
5490
5430
5491
#: serverguide/C/virtualization.xml:828(para) serverguide/C/databases.xml:19(trademark) serverguide/C/databases.xml:31(title)
5431
#: serverguide/C/virtualization.xml:833(para) serverguide/C/databases.xml:19(trademark) serverguide/C/databases.xml:31(title)
5492
5432
msgid "MySQL"
5493
5433
msgstr "MySQL"
5494
5434
5495
#: serverguide/C/virtualization.xml:829(para) serverguide/C/remote-administration.xml:20(title)
5435
#: serverguide/C/virtualization.xml:834(para) serverguide/C/remote-administration.xml:20(title)
5496
5436
msgid "OpenSSH Server"
5497
5437
msgstr "OpenSSH 服务器"
5498
5438
5499
#: serverguide/C/virtualization.xml:830(para)
5439
#: serverguide/C/virtualization.xml:835(para)
5500
5440
msgid "Limesurvey (as an example application that we have packaged)"
5501
5441
msgstr "Limesurvey (做为样例我们应打包应用程序)"
5502
5442
5503
#: serverguide/C/virtualization.xml:833(para)
5443
#: serverguide/C/virtualization.xml:838(para)
5504
5444
msgid ""
5505
"This is done using vmbuilder by specifying the --addpkg command multiple "
5445
"This is done using vmbuilder by specifying the --addpkg option multiple "
5506
5446
"times:"
5507
msgstr "这样做是多次使用 vmbuilder 来指定 --addpkg 命令:"
5447
msgstr ""
5508
5448
5509
#: serverguide/C/virtualization.xml:837(programlisting)
5449
#: serverguide/C/virtualization.xml:842(programlisting)
5510
5450
#, no-wrap
5511
5451
msgid ""
5512
5452
"\n"
5517
5457
"--addpkg PKG\n"
5518
5458
" 安装 PKG 在 guest 帐号里 (能指定安装时间)\n"
5519
5459
5520
#: serverguide/C/virtualization.xml:842(para)
5460
#: serverguide/C/virtualization.xml:847(para)
5521
5461
msgid ""
5522
5462
"However, due to the way vmbuilder operates, packages that have to ask "
5523
5463
"questions to the user during the post install phase are not supported and "
5527
5467
"然而,由于vmbuilder的操作方式,报在安装过程步骤中向用户提出问题的功能并不被支持,作为替代,在可以交互的时候才被安装。举例来说,Limesurve"
5528
5468
"y就是这样的,这个软件将在随后登录之后安装。"
5529
5469
5530
#: serverguide/C/virtualization.xml:848(para)
5470
#: serverguide/C/virtualization.xml:853(para)
5531
5471
msgid ""
5532
5472
"Other packages that ask simple debconf question, such as <application>mysql-"
5533
5473
"server</application> asking to set a password, the package can be installed "
5537
5477
"其它软件包会要求简单的 debconf 问题,例如<application>mysql-"
5538
5478
"server</application>询问是否设置密码,软件包可以立即安装,但我们不得不将重设置在用户首次登陆上。"
5539
5479
5540
#: serverguide/C/virtualization.xml:854(para)
5480
#: serverguide/C/virtualization.xml:859(para)
5541
5481
msgid ""
5542
5482
"If some packages that we need to install are not in main, we need to enable "
5543
5483
"the additional repositories using --comp and --ppa:"
5544
5484
msgstr "如果安装的些软件包不是主要的,那我们需要使额外的库来使用 --comp 和 --ppa:"
5545
5485
5546
#: serverguide/C/virtualization.xml:858(programlisting)
5486
#: serverguide/C/virtualization.xml:863(programlisting)
5547
5487
#, no-wrap
5548
5488
msgid ""
5549
5489
"\n"
5559
5499
" to \"main\"\n"
5560
5500
"--ppa=PPA 加入 ppa 属于 PPA 虚拟的 sources.list。\n"
5561
5501
5562
#: serverguide/C/virtualization.xml:865(para)
5502
#: serverguide/C/virtualization.xml:870(para)
5563
5503
msgid ""
5564
5504
"Limesurvey not being part of the archive at the moment, we'll specify it's "
5565
5505
"PPA (personal package archive) address so that it is added to the VM "
5570
5510
"PPA(个人软件包存档)地址以便加入到虚拟机<filename>/etc/apt/source.list</filename>,所以我们把以下选项加到命令"
5571
5511
"行:"
5572
5512
5573
#: serverguide/C/virtualization.xml:871(command)
5513
#: serverguide/C/virtualization.xml:876(command)
5574
5514
msgid ""
5575
5515
"--addpkg apache2 --addpkg apache2-mpm-prefork --addpkg apache2-utils --"
5576
5516
"addpkg apache2.2-common \\ --addpkg dbconfig-common --addpkg libapache2-mod-"
5584
5524
"php5-ldap --addpkg php5-mysql --addpkg wwwconfig-common \\ --addpkg mysql-"
5585
5525
"server --ppa nijaba"
5586
5526
5587
#: serverguide/C/virtualization.xml:878(title)
5527
#: serverguide/C/virtualization.xml:883(title)
5588
5528
msgid "OpenSSH"
5589
5529
msgstr "OpenSSH"
5590
5530
5591
#: serverguide/C/virtualization.xml:880(para)
5531
#: serverguide/C/virtualization.xml:885(para)
5592
5532
msgid ""
5593
5533
"Another convenient tool that we want to have on our appliance is OpenSSH, as "
5594
5534
"it will allow our admins to access the appliance remotely. However, pushing "
5606
5546
"客很容易的找到我们的设备然后轻而易举的破解它。至于用户的密码,我们将转而依赖一个脚本,该脚本在用户第一次登陆时将安装OpenSSH,这样生成的密钥对于不同"
5607
5547
"的设备是不同的。为此,我们要使用<emphasis> - firstboot “ /emphasis”的脚本,因为它不需要任何用户交互。"
5608
5548
5609
#: serverguide/C/virtualization.xml:892(title)
5549
#: serverguide/C/virtualization.xml:897(title)
5610
5550
msgid "Speed Considerations"
5611
5551
msgstr "敏捷思考"
5612
5552
5613
#: serverguide/C/virtualization.xml:895(title)
5553
#: serverguide/C/virtualization.xml:900(title)
5614
5554
msgid "Package Caching"
5615
5555
msgstr "包缓存"
5616
5556
5617
#: serverguide/C/virtualization.xml:897(para)
5557
#: serverguide/C/virtualization.xml:902(para)
5618
5558
msgid ""
5619
5559
"When vmbuilder creates builds your system, it has to go fetch each one of "
5620
5560
"the packages that composes it over the network to one of the official "
5622
5562
"load of the mirror, can have a big impact on the actual build time. In order "
5623
5563
"to reduce this, it is recommended to either have a local repository (which "
5624
5564
"can be created using <application>apt-mirror</application>) or using a "
5625
"caching proxy such as <application>apt-cache</application>. The later option "
5565
"caching proxy such as <application>apt-proxy</application>. The later option "
5626
5566
"being much simpler to implement and requiring less disk space, it is the one "
5627
5567
"we will pick in this tutorial. To install it, simply type:"
5628
5568
msgstr ""
5629
"当vmbuilder创建您的系统时,它需要通过网络从官方源中的一个取得数据然后组合成各个包,这个过程的长短取决于您的互联网连接的速度和镜像的加载速度,这可"
5630
"能对实际的创建时间产生巨大的影响。为了减少这个时间,就需要拥有一个本地源(可以通过使用<application>apt-"
5631
"mirror</application>)或者使用一个缓冲代理,例如<application>apt-"
5632
"cache</application>。后者是一种更简单的方法来实现更少的磁盘空间占用,这个就是我们将要在指导里面介绍的方法。要安装它,只需键入:"
5633
5569
5634
#: serverguide/C/virtualization.xml:907(command)
5570
#: serverguide/C/virtualization.xml:912(command)
5635
5571
msgid "sudo apt-get install apt-proxy"
5636
5572
msgstr "sudo apt-get install apt-proxy"
5637
5573
5638
#: serverguide/C/virtualization.xml:910(para)
5574
#: serverguide/C/virtualization.xml:915(para)
5639
5575
msgid ""
5640
5576
"Once this is complete, your (empty) proxy is ready for use on "
5641
5577
"http://mirroraddress:9999 and will find ubuntu repository under /ubuntu. For "
5645
5581
"一旦这完成后,您的(空)代理准备用于 http://mirroraddress:9999 和找到在存放在 /ubuntu 目录下的 ubuntu "
5646
5582
"。为了能让 vmbuilder 能使用它,我们必须使用<emphasis>--mirror</emphasis>选项:"
5647
5583
5648
#: serverguide/C/virtualization.xml:915(programlisting)
5584
#: serverguide/C/virtualization.xml:920(programlisting)
5649
5585
#, no-wrap
5650
5586
msgid ""
5651
5587
"\n"
5660
5596
" 主站和 http://ports.ubuntu.com/ubuntu-ports\n"
5661
5597
" 否则\n"
5662
5598
5663
#: serverguide/C/virtualization.xml:922(para)
5599
#: serverguide/C/virtualization.xml:927(para)
5664
5600
msgid "So we add to the command line:"
5665
5601
msgstr "因此加进命令行:"
5666
5602
5667
#: serverguide/C/virtualization.xml:927(command)
5603
#: serverguide/C/virtualization.xml:932(command)
5668
5604
msgid "--mirror http://mirroraddress:9999/ubuntu"
5669
5605
msgstr "--mirror http://mirroraddress:9999/ubuntu"
5670
5606
5671
#: serverguide/C/virtualization.xml:931(para)
5607
#: serverguide/C/virtualization.xml:936(para)
5672
5608
msgid ""
5673
5609
"The mirror address specified here will also be used in the "
5674
"<filename>/etc/apt/source.list</filename> of the newly created guest, so it "
5675
"is usefull to specify here an address that can be resolved by the guest or "
5676
"to plan on reseting this address later on, such as in a <emphasis>--"
5610
"<filename>/etc/apt/sources.list</filename> of the newly created guest, so it "
5611
"is useful to specify here an address that can be resolved by the guest or to "
5612
"plan on reseting this address later on, such as in a <emphasis>--"
5677
5613
"firstboot</emphasis> script."
5678
5614
msgstr ""
5679
"这里指定的镜像地址同样会被使用在新建立的来宾帐号的<filename>/etc/apt/source.list</filename>文件中,因此如果需要来"
5680
"宾帐号能够得到或者需要某个地址在以后能够修改的话,这是一个有用的办法,比如在一个<emphasis>-firstboot</emphasis>脚本中。"
5681
5615
5682
#: serverguide/C/virtualization.xml:940(title)
5616
#: serverguide/C/virtualization.xml:945(title)
5683
5617
msgid "Install a Local Mirror"
5684
5618
msgstr "安装本地镜像"
5685
5619
5686
#: serverguide/C/virtualization.xml:942(para)
5620
#: serverguide/C/virtualization.xml:947(para)
5687
5621
msgid ""
5688
5622
"If we are in a larger environment, it may make sense to setup a local mirror "
5689
5623
"of the Ubuntu repositories. The package apt-mirror provides you with a "
5693
5627
"如果我们在一个大环境中,建立一个Ubuntu的本地源是有意义的。apt-"
5694
5628
"mirror使用脚本提供给你的包将处理您的镜像问题。您应该针对每个发行版和架构计划保留20GB的自由空间。"
5695
5629
5696
#: serverguide/C/virtualization.xml:948(para)
5630
#: serverguide/C/virtualization.xml:953(para)
5697
5631
msgid ""
5698
5632
"By default, <application>apt-mirror</application> uses the configuration "
5699
5633
"file in <filename>/etc/apt/mirror.list</filename>. As it is set up, it will "
5708
5642
",它将只支持本地机器的结构。如果你需要在您的镜像上需要支持其他架构,只需要复制那些以\"deb\"开头的行,然后把deb用/deb-"
5709
5643
"{arch}来代替,这里的arch可以是i386,amd64或者其他。举例来说,在一个amd64的机器上为了使用i386包,您将拥有:"
5710
5644
5711
#: serverguide/C/virtualization.xml:955(programlisting)
5645
#: serverguide/C/virtualization.xml:960(programlisting)
5712
5646
#, no-wrap
5713
5647
msgid ""
5714
5648
"\n"
5715
"deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
5649
"deb http://archive.ubuntu.com/ubuntu lucid main restricted universe "
5716
5650
"multiverse \n"
5717
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
5651
"/deb-i386 http://archive.ubuntu.com/ubuntu lucid main restricted universe "
5718
5652
"multiverse\n"
5719
5653
"\n"
5720
"deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
5721
"universe multiverse \n"
5722
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
5723
"universe multiverse \n"
5724
"\n"
5725
"deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
5726
"universe multiverse \n"
5727
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
5728
"universe multiverse \n"
5729
"\n"
5730
"deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
5731
"universe multiverse \n"
5732
"/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
5733
"universe multiverse \n"
5734
"\n"
5735
"deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
5654
"deb http://archive.ubuntu.com/ubuntu lucid-updates main restricted universe "
5655
"multiverse \n"
5656
"/deb-i386 http://archive.ubuntu.com/ubuntu lucid-updates main restricted "
5657
"universe multiverse \n"
5658
"\n"
5659
"deb http://archive.ubuntu.com/ubuntu/ lucid-backports main restricted "
5660
"universe multiverse \n"
5661
"/deb-i386 http://archive.ubuntu.com/ubuntu lucid-backports main restricted "
5662
"universe multiverse \n"
5663
"\n"
5664
"deb http://security.ubuntu.com/ubuntu lucid-security main restricted "
5665
"universe multiverse \n"
5666
"/deb-i386 http://security.ubuntu.com/ubuntu lucid-security main restricted "
5667
"universe multiverse \n"
5668
"\n"
5669
"deb http://archive.ubuntu.com/ubuntu lucid main/debian-installer "
5736
5670
"restricted/debian-installer universe/debian-installer multiverse/debian-"
5737
5671
"installer \n"
5738
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
5672
"/deb-i386 http://archive.ubuntu.com/ubuntu lucid main/debian-installer "
5739
5673
"restricted/debian-installer universe/debian-installer multiverse/debian-"
5740
5674
"installer \n"
5741
5675
msgstr ""
5742
"\n"
5743
"deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
5744
"multiverse \n"
5745
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
5746
"multiverse\n"
5747
"\n"
5748
"deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
5749
"universe multiverse \n"
5750
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
5751
"universe multiverse \n"
5752
"\n"
5753
"deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
5754
"universe multiverse \n"
5755
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
5756
"universe multiverse \n"
5757
"\n"
5758
"deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
5759
"universe multiverse \n"
5760
"/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
5761
"universe multiverse \n"
5762
"\n"
5763
"deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
5764
"restricted/debian-installer universe/debian-installer multiverse/debian-"
5765
"installer \n"
5766
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
5767
"restricted/debian-installer universe/debian-installer multiverse/debian-"
5768
"installer \n"
5769
5676
5770
#: serverguide/C/virtualization.xml:972(para)
5677
#: serverguide/C/virtualization.xml:977(para)
5771
5678
msgid ""
5772
5679
"Notice that the source packages are not mirrored as they are seldom used "
5773
5680
"compared to the binaries and they do take a lot more space, but they can be "
5774
5681
"easily added to the list."
5775
5682
msgstr "注意,源码包并没有被镜像,因为和二进制包相比它们使用的很少,但是却占用更多的空间。不过它们可以很容易的添加到列表。"
5776
5683
5777
#: serverguide/C/virtualization.xml:977(para)
5684
#: serverguide/C/virtualization.xml:982(para)
5778
5685
msgid ""
5779
5686
"Once the mirror has finished replicating (and this can be quite long), you "
5780
5687
"need to configure Apache so that your mirror files (in "
5786
5693
"mirror</filename>)是通过您的Apache服务器来发布的。关于Apache的更多信息,请参见<xref "
5787
5694
"linkend=\"httpd\"/>"
5788
5695
5789
#: serverguide/C/virtualization.xml:986(title)
5696
#: serverguide/C/virtualization.xml:991(title)
5790
5697
msgid "Installing in a RAM Disk"
5791
5698
msgstr "安装在内存盘片"
5792
5699
5793
#: serverguide/C/virtualization.xml:988(para)
5700
#: serverguide/C/virtualization.xml:993(para)
5794
5701
msgid ""
5795
5702
"As you can easily imagine, writing to RAM is a <emphasis>LOT</emphasis> "
5796
5703
"faster than writing to disk. If you have some free memory, letting vmbuilder "
5800
5707
"很容易就可以想到,写到RAM中是一个比写到磁盘中<emphasis>快得多</emphasis>的方法。如果您有一些空的内存,让vmbuilder把它的操"
5801
5708
"作放到RAM中将会有很大改观。选项<emphasis>--tmpfs</emphasis>可以实现这个功能,您只需要:"
5802
5709
5803
#: serverguide/C/virtualization.xml:994(programlisting)
5710
#: serverguide/C/virtualization.xml:999(programlisting)
5804
5711
#, no-wrap
5805
5712
msgid ""
5806
5713
"\n"
5811
5718
"--tmpfs OPTS 使用 tmpfs 做为工作目录,指定它的\n"
5812
5719
" 尺寸或者使用 \"-\" 来使用 tmpfs 默认值 (suid,dev,size=1G).\n"
5813
5720
5814
#: serverguide/C/virtualization.xml:999(para)
5721
#: serverguide/C/virtualization.xml:1004(para)
5815
5722
msgid ""
5816
5723
"So adding <command>--tmpfs -</command> sounds like a very good idea if you "
5817
5724
"have 1G of free ram."
5818
5725
msgstr "因此,增加<command>--tmpfs -</command>看起来是个很好的主意,如果您有 1G 的闲置内存。"
5819
5726
5820
#: serverguide/C/virtualization.xml:1006(title)
5727
#: serverguide/C/virtualization.xml:1011(title)
5821
5728
msgid "Package the Application"
5822
5729
msgstr "将程序打包"
5823
5730
5824
#: serverguide/C/virtualization.xml:1008(para)
5731
#: serverguide/C/virtualization.xml:1013(para)
5825
5732
msgid "Two option are available to us:"
5826
5733
msgstr "2 个选项是可用的:"
5827
5734
5828
#: serverguide/C/virtualization.xml:1014(para)
5735
#: serverguide/C/virtualization.xml:1019(para)
5829
5736
msgid ""
5830
5737
"The recommended method to do so is to make a <emphasis>Debian</emphasis> "
5831
5738
"package. Since this is outside of the scope of this tutorial, we will not "
5843
5750
"link url=\"http://www.debian-administration.org/articles/286\">Debian "
5844
5751
"Administration</ulink>相关文章。"
5845
5752
5846
#: serverguide/C/virtualization.xml:1023(para)
5753
#: serverguide/C/virtualization.xml:1028(para)
5847
5754
msgid ""
5848
5755
"Manually install the application under <filename>/opt</filename> as "
5849
5756
"recommended by the <ulink url=\"http://www.pathname.com/fhs/\">FHS "
5852
5759
"在<filename>/opt</filename>下手动安装程序是<ulink "
5853
5760
"url=\"http://www.pathname.com/fhs/\">FHS 指南</ulink>所推荐的方式."
5854
5761
5855
#: serverguide/C/virtualization.xml:1030(para)
5762
#: serverguide/C/virtualization.xml:1035(para)
5856
5763
msgid ""
5857
5764
"In our case we'll use <application>Limesurvey</application> as example web "
5858
5765
"application for which we wish to provide a virtual appliance. As noted "
5862
5769
"在这里,我们将使用<application>Limesurvey</application>作为示例程序来展示我们如何提供一个虚拟装置。如前所述,我们制作"
5863
5770
"了一个可以在一个PPA中(个人包获取)使用的版本的包。"
5864
5771
5865
#: serverguide/C/virtualization.xml:1037(title)
5772
#: serverguide/C/virtualization.xml:1042(title)
5866
5773
msgid "Finishing Install"
5867
5774
msgstr "完成安装"
5868
5775
5869
#: serverguide/C/virtualization.xml:1040(title)
5776
#: serverguide/C/virtualization.xml:1045(title)
5870
5777
msgid "First Boot"
5871
5778
msgstr "首次启动"
5872
5779
5873
#: serverguide/C/virtualization.xml:1042(para)
5780
#: serverguide/C/virtualization.xml:1047(para)
5874
5781
msgid ""
5875
5782
"As we mentioned earlier, the first time the machine boots we'll need to "
5876
5783
"install <application>openssh-server</application> so that the key generated "
5881
5788
"server</application>,这样的话就可以为每一个机器生成一个唯一的键。为达到此目的,我们需要像下面这样编写一个叫做<filename>bo"
5882
5789
"ot.sh</filename>的脚本:"
5883
5790
5884
#: serverguide/C/virtualization.xml:1048(programlisting)
5791
#: serverguide/C/virtualization.xml:1053(programlisting)
5885
5792
#, no-wrap
5886
5793
msgid ""
5887
5794
"\n"
5898
5805
"apt-get update\n"
5899
5806
"apt-get install -qqy --force-yes openssh-server\n"
5900
5807
5901
#: serverguide/C/virtualization.xml:1056(para)
5808
#: serverguide/C/virtualization.xml:1061(para)
5902
5809
msgid ""
5903
5810
"And we add the <command>--firstboot boot.sh</command> option to our command "
5904
5811
"line."
5905
5812
msgstr "我们也要把<command>--firstboot boot.sh</command>选项命令加进命令行里。"
5906
5813
5907
#: serverguide/C/virtualization.xml:1062(title)
5814
#: serverguide/C/virtualization.xml:1067(title)
5908
5815
msgid "First Login"
5909
5816
msgstr "首次登录"
5910
5817
5911
#: serverguide/C/virtualization.xml:1064(para)
5818
#: serverguide/C/virtualization.xml:1069(para)
5912
5819
msgid ""
5913
5820
"Mysql and Limesurvey needing some user interaction during their setup, we'll "
5914
5821
"set them up the first time a user logs in using a script named login.sh. "
5917
5824
"Mysql和Limesuevey在他们的安装过程中需要一些用户交互,我们将在用户第一次登录的时候使用一个叫做login.sh的脚本来设置它们。我们同样适用"
5918
5825
"这个脚本来进行用户设置:"
5919
5826
5920
#: serverguide/C/virtualization.xml:1070(para)
5827
#: serverguide/C/virtualization.xml:1075(para)
5921
5828
msgid "His own password"
5922
5829
msgstr "他自己的密码"
5923
5830
5924
#: serverguide/C/virtualization.xml:1071(para)
5831
#: serverguide/C/virtualization.xml:1076(para)
5925
5832
msgid "Define the keyboard and other locale info he wants to use"
5926
5833
msgstr "定义键盘和所想要使用的其它地区信息"
5927
5834
5928
#: serverguide/C/virtualization.xml:1074(para)
5835
#: serverguide/C/virtualization.xml:1079(para)
5929
5836
msgid "So we'll define <filename>login.sh</filename> as follows:"
5930
5837
msgstr "因此我们将定义<filename>login.sh</filename>做为以下内容:"
5931
5838
5932
#: serverguide/C/virtualization.xml:1078(programlisting)
5839
#: serverguide/C/virtualization.xml:1083(programlisting)
5933
5840
#, no-wrap
5934
5841
msgid ""
5935
5842
"\n"
5974
5881
"echo \"Your appliance is now configured. To use it point your\"\n"
5975
5882
"echo \"browser to http://serverip/limesurvey/admin\"\n"
5976
5883
5977
#: serverguide/C/virtualization.xml:1100(para)
5884
#: serverguide/C/virtualization.xml:1105(para)
5978
5885
msgid ""
5979
5886
"And we add the <command>--firstlogin login.sh</command> option to our "
5980
5887
"command line."
5981
5888
msgstr "我们也要把<command>--firstlogin login.sh</command>选项命令加进命令行里。"
5982
5889
5983
#: serverguide/C/virtualization.xml:1107(title)
5890
#: serverguide/C/virtualization.xml:1112(title)
5984
5891
msgid "Useful Additions"
5985
5892
msgstr "有用的扩展"
5986
5893
5987
#: serverguide/C/virtualization.xml:1110(title)
5894
#: serverguide/C/virtualization.xml:1115(title)
5988
5895
msgid "Configuring Automatic Updates"
5989
5896
msgstr "配置自动更新"
5990
5897
5991
#: serverguide/C/virtualization.xml:1112(para)
5898
#: serverguide/C/virtualization.xml:1117(para)
5992
5899
msgid ""
5993
5900
"To have your system be configured to update itself on a regular basis, we "
5994
5901
"will just install <application>unattended-upgrades</application>, so we add "
5997
5904
"想要将你的系统配置为定期自动更新,只需安装<application>unattended-upgrades</application>. "
5998
5905
"在命令行中添加下面的选项."
5999
5906
6000
#: serverguide/C/virtualization.xml:1118(command)
5907
#: serverguide/C/virtualization.xml:1123(command)
6001
5908
msgid "--addpkg unattended-upgrades"
6002
5909
msgstr "--addpkg unattended-upgrades"
6003
5910
6004
#: serverguide/C/virtualization.xml:1121(para)
5911
#: serverguide/C/virtualization.xml:1126(para)
6005
5912
msgid ""
6006
5913
"As we have put our application package in a PPA, the process will update not "
6007
5914
"only the system, but also the application each time we update the version in "
6008
5915
"the PPA."
6009
5916
msgstr "正如我们已经把应用包加入到了PPA, 我们在PPA中更新版本的时候,不仅会更新系统,应用程序也会更新."
6010
5917
6011
#: serverguide/C/virtualization.xml:1128(title)
5918
#: serverguide/C/virtualization.xml:1133(title)
6012
5919
msgid "ACPI Event Handling"
6013
5920
msgstr "ACPI 事件处理"
6014
5921
6015
#: serverguide/C/virtualization.xml:1130(para)
5922
#: serverguide/C/virtualization.xml:1135(para)
6016
5923
msgid ""
6017
5924
"For your virtual machine to be able to handle restart and shutdown events it "
6018
5925
"is being sent, it is a good idea to install the acpid package as well. To do "
6019
5926
"this we just add the following option:"
6020
5927
msgstr "为了您的虚拟机发送信息能够处理重启和关闭事件,这也是个安装 acpid 软件包的好方法。为了做到这点我们只需加进以下选项即可:"
6021
5928
6022
#: serverguide/C/virtualization.xml:1136(command)
5929
#: serverguide/C/virtualization.xml:1141(command)
6023
5930
msgid "--addpkg acpid"
6024
5931
msgstr "--addpkg acpid"
6025
5932
6026
#: serverguide/C/virtualization.xml:1142(title)
5933
#: serverguide/C/virtualization.xml:1147(title)
6027
5934
msgid "Final Command"
6028
5935
msgstr "最终命令"
6029
5936
6030
#: serverguide/C/virtualization.xml:1144(para)
5937
#: serverguide/C/virtualization.xml:1149(para)
6031
5938
msgid "Here is the command with all the options discussed above:"
6032
5939
msgstr "这是使用了上面所有涉及到选项的命令:"
6033
5940
6034
#: serverguide/C/virtualization.xml:1149(command)
5941
#: serverguide/C/virtualization.xml:1154(command)
6035
5942
msgid ""
6036
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
6037
"\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
6038
"user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
6039
"mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
5943
"sudo vmbuilder kvm ubuntu --suite lucid --flavour virtual --arch i386 -o \\ -"
5944
"-libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --user "
5945
"user \\ --name user --pass default --addpkg apache2 --addpkg apache2-mpm-"
5946
"prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
6040
5947
"dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
6041
5948
"addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
6042
5949
"addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
6044
5951
"http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
6045
5952
"firstlogin login.sh es"
6046
5953
msgstr ""
6047
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
6048
"\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
6049
"user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
6050
"mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
6051
"dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
6052
"addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
6053
"addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
6054
"upgrades --addpkg acpid --ppa nijaba \\ --mirror "
6055
"http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
6056
"firstlogin login.sh es"
6057
5954
6058
#: serverguide/C/virtualization.xml:1164(para)
5955
#: serverguide/C/virtualization.xml:1169(para)
6059
5956
msgid ""
6060
5957
"If you are interested in learning more, have questions or suggestions, "
6061
5958
"please contact the Ubuntu Server Team at:"
6062
5959
msgstr "如果您有兴趣了解更多,有问题或建议,请联系 Ubuntu 服务团队:"
6063
5960
6064
#: serverguide/C/virtualization.xml:1169(para)
5961
#: serverguide/C/virtualization.xml:1174(para)
6065
5962
msgid "IRC: #ubuntu-server on freenode"
6066
5963
msgstr "IRC: #ubuntu-server on freenode"
6067
5964
6068
#: serverguide/C/virtualization.xml:1174(para)
5965
#: serverguide/C/virtualization.xml:1179(para)
6069
5966
msgid ""
6070
5967
"Mailing list: <ulink url=\"https://lists.ubuntu.com/mailman/listinfo/ubuntu-"
6071
5968
"server\">ubuntu-server at lists.ubuntu.com</ulink>"
6073
5970
"邮件列表: <ulink url=\"https://lists.ubuntu.com/mailman/listinfo/ubuntu-"
6074
5971
"server\">ubuntu-server at lists.ubuntu.com</ulink>"
6075
5972
6076
#: serverguide/C/virtualization.xml:1182(title)
6077
msgid "Eucalyptus"
6078
msgstr "Encalyptus"
6079
6080
#: serverguide/C/virtualization.xml:1185(title) serverguide/C/network-auth.xml:1683(title) serverguide/C/monitoring.xml:15(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:879(title) serverguide/C/dns.xml:64(title) serverguide/C/chat.xml:17(title) serverguide/C/backups.xml:541(title)
5973
#: serverguide/C/virtualization.xml:1184(para)
5974
msgid ""
5975
"Also, see the <ulink "
5976
"url=\"https://help.ubuntu.com/community/JeOSVMBuilder\">JeOSVMBuilder Ubuntu "
5977
"Wiki</ulink> page."
5978
msgstr ""
5979
5980
#: serverguide/C/virtualization.xml:1192(title)
5981
msgid "UEC"
5982
msgstr ""
5983
5984
#: serverguide/C/virtualization.xml:1195(title) serverguide/C/network-auth.xml:2026(title) serverguide/C/monitoring.xml:15(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:928(title) serverguide/C/dns.xml:64(title) serverguide/C/chat.xml:17(title) serverguide/C/backups.xml:541(title)
6081
5985
msgid "Overview"
6082
5986
msgstr "概览"
6083
5987
6084
#: serverguide/C/virtualization.xml:1187(para)
6085
msgid ""
6086
"<emphasis>Eucalyptus</emphasis> is an open-source software infrastructure "
6087
"for implementing \"cloud computing\" on your own clusters. "
6088
"<emphasis>Eucalyptus</emphasis> allows you to create your own cloud "
6089
"computing environment in order to maximize computing resources and provide a "
6090
"cloud computing environment to your users."
6091
msgstr ""
6092
"<emphasis>Encalyptus</emphasis>是一个用来提供在您自己的簇上实现云计算的基础的开源软件。<emphasis>Eucalypt"
6093
"us</emphasis>允许您生成自己的云计算环境来最大化计算资源,并给您的用户提供一个云计算环境。"
6094
6095
#: serverguide/C/virtualization.xml:1193(para)
6096
msgid ""
6097
"This section will cover setting up a Cloud Computing environment using "
6098
"<application>Eucalyptus</application> with <application>KVM</application>. "
6099
"For more information on KVM see <xref linkend=\"libvirt\"/>."
6100
msgstr ""
6101
"这一节将介绍如何使用<application>Eucalyptus</application>结合<application>KVM</applicatio"
6102
"n>来实现一个云计算环境。更多关于KVM的信息,请参阅<xref linkend=\"libvirt\"/>。"
6103
6104
#: serverguide/C/virtualization.xml:1198(para)
6105
msgid ""
6106
"The Cloud Computing environment will consist of three components, typically "
6107
"installed on at least two separate machines (termed the 'front-end' and "
6108
"'node(s)' for the rest of this document):"
6109
msgstr "云计算环境将包含三个组件,典型的会被安装在至少两个单独的机器上(termed“前端”和“节点”在这个文档的剩余部分)"
6110
6111
#: serverguide/C/virtualization.xml:1205(para)
6112
msgid ""
6113
"<emphasis>One Front-End:</emphasis> hosts one Cloud Controller, a Java based "
6114
"Web configuration interface, and a Cluster Controller, which determines "
6115
"where virtual machines (VMs) will be housed and manages cluster level VM "
6116
"networking."
6117
msgstr ""
6118
"<emphasis>一个 Front-"
6119
"End:</emphasis>拥有一个云控制器,这是一个基于Java的Web设置界面,还有一个簇控制器,用来定义虚拟机将在那里被封装,并管理簇级别的VM网"
6120
"络。"
6121
6122
#: serverguide/C/virtualization.xml:1211(para)
6123
msgid ""
6124
"<emphasis>One or more Compute Nodes:</emphasis> runs the Node Controller "
6125
"component of Eucalyptus, which allows the machine to be part of the cloud as "
6126
"a host for VMs."
6127
msgstr ""
6128
"<emphasis>一个或者更多计算节点:</emphasis>运行在Eucalyptus的节点控制器上,这样一台机器就可以作为一个虚拟机的宿主而成为一个"
6129
"云的节点。"
5988
#: serverguide/C/virtualization.xml:1197(para)
5989
msgid ""
5990
"This tutorial covers <application>UEC</application> installation from the "
5991
"Ubuntu 10.04 LTS Server Edition CD, and assumes a basic network topology, "
5992
"with a single system serving as the <emphasis>\"all-in-one "
5993
"controller\"</emphasis>, and one or more nodes attached."
5994
msgstr ""
5995
5996
#: serverguide/C/virtualization.xml:1202(para)
5997
msgid ""
5998
"From this Tutorial you will learn how to install, configure, register and "
5999
"perform several operations on a basic <application>UEC</application> setup "
6000
"that results in a cloud with a one controller <emphasis>\"front-"
6001
"end\"</emphasis> and one or several node(s) for running Virtual Machine (VM) "
6002
"instances. You will also use examples to help get you started using your own "
6003
"private compute cloud."
6004
msgstr ""
6005
6006
#: serverguide/C/virtualization.xml:1210(title)
6007
msgid "Prerequisites"
6008
msgstr ""
6009
6010
#: serverguide/C/virtualization.xml:1212(para)
6011
msgid ""
6012
"To deploy a minimal cloud infrastructure, you’ll need at least "
6013
"<emphasis>two</emphasis> dedicated systems:"
6014
msgstr ""
6130
6015
6131
6016
#: serverguide/C/virtualization.xml:1218(para)
6132
msgid ""
6133
"The simple <emphasis>System</emphasis> networking option will be used by "
6134
"default. This network method allows virtual machine instances, to obtain IP "
6135
"addresses from the local LAN, assuming that a DHCP server is properly "
6136
"configured on the LAN to hand out IPs dynamically to VMs that request them. "
6137
"Each node will be configured for bridge networking. For more details see "
6138
"<xref linkend=\"bridging\"/>."
6139
msgstr ""
6140
"简单的<emphasis>System</emphasis>网络选项会被默认使用。这个方法允许虚拟机实例从本地局域网得到IP地址,假设一个经过适当配置的D"
6141
"HCP服务器工作在局域网里面来为虚拟机动态的产生IP地址。每个节点会被设置成桥状网络工作的模式。更多细节,请参见<xref "
6142
"linkend=\"bridging\"/>"
6143
6144
#: serverguide/C/virtualization.xml:1228(para)
6145
msgid ""
6146
"First, on the <emphasis>Front-End</emphasis> install the appropriate "
6147
"packages. In a terminal prompt on the Front-End enter:"
6148
msgstr "首先,在<emphasis>Front-End</emphasis>安装所需的包,在一个Front-End的终端提示中输入:"
6149
6150
#: serverguide/C/virtualization.xml:1233(command)
6151
msgid "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
6152
msgstr "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
6017
msgid "A front end."
6018
msgstr ""
6019
6020
#: serverguide/C/virtualization.xml:1223(para)
6021
msgid "One or more node(s)."
6022
msgstr ""
6023
6024
#: serverguide/C/virtualization.xml:1229(para)
6025
msgid ""
6026
"The following are recommendations, rather than fixed requirements. However, "
6027
"our experience in developing this documentation indicated the following "
6028
"suggestions."
6029
msgstr ""
6030
6031
#: serverguide/C/virtualization.xml:1234(title)
6032
msgid "Front End Requirements"
6033
msgstr ""
6153
6034
6154
6035
#: serverguide/C/virtualization.xml:1236(para)
6155
msgid ""
6156
"Next, on the each <emphasis>Compute Node</emphasis> install the node "
6157
"controller package. In a terminal prompt on each Compute Node enter:"
6158
msgstr "接下来,在每个<emphasis>计算节点</emphasis>安装节点控制包,在每个计算节点的终端提示中输入;"
6159
6160
#: serverguide/C/virtualization.xml:1241(command)
6161
msgid "sudo apt-get install eucalyptus-nc"
6162
msgstr "sudo apt-get install eucalyptus-nc"
6036
msgid "Use the following table for a system that will run one or more of:"
6037
msgstr ""
6038
6039
#: serverguide/C/virtualization.xml:1241(para)
6040
msgid "Cloud Controller (CLC)"
6041
msgstr ""
6042
6043
#: serverguide/C/virtualization.xml:1242(para)
6044
msgid "Cluster Controller (CC)"
6045
msgstr ""
6046
6047
#: serverguide/C/virtualization.xml:1243(para)
6048
msgid "Walrus (the S3-like storage service)"
6049
msgstr ""
6163
6050
6164
6051
#: serverguide/C/virtualization.xml:1244(para)
6165
msgid ""
6166
"Once the installation is complete, and it may take a while, in a browser go "
6167
"to <emphasis>https://front-end:8443</emphasis> and login to the "
6168
"administration interface using the default username and password of "
6169
"<emphasis>admin</emphasis>. You will then be prompted to change the "
6170
"password, configure an email address for the admin user, and set the storage "
6171
"URL."
6172
msgstr ""
6173
"一旦安装完成,就需要花点时间,打开浏览器,转到<emphasis>http://front-"
6174
"end:8443</emphasis>然后使用默认的用户名和密码登录到管理员界面(默认用户名和密码是<emphasis>admin</emphasis>)"
6175
"。这时您将被提示修改密码,设置管理员用户的Email地址和存储器URL"
6176
6177
#: serverguide/C/virtualization.xml:1250(para)
6178
msgid ""
6179
"In the web interface's <emphasis>\"Configuration\"</emphasis> tab, add a "
6180
"cluster under the <emphasis>\"Clusters\"</emphasis> heading (in this "
6181
"configuration, the cluster controller is on the same system as the cloud "
6182
"controller, so entering 'localhost' as the cluster hostname is correct). "
6183
"Once the form is filled out click the <emphasis>\"Add Cluster\"</emphasis> "
6184
"button."
6185
msgstr ""
6186
"在Web界面中的<emphasis>“设置”</emphasis>标签中,在<emphasis>“簇”</emphasis>添加一个簇(在这个设置中,因为"
6187
"簇控制器和云控制器处在同一个系统上,所以簇的主机名只要输入\"localhost\"就可以了)。填写完毕之后,点击<emphasis>“添加簇”</emp"
6188
"hasis>按钮。"
6189
6190
#: serverguide/C/virtualization.xml:1256(para)
6191
msgid ""
6192
"Now, back on the <emphasis>Front-End</emphasis>, add the nodes to the "
6193
"cluster:"
6194
msgstr "现在,返回到<emphasis>Front-End</emphasis>,添加节点到簇。"
6195
6196
#: serverguide/C/virtualization.xml:1261(command)
6197
msgid "sudo euca_conf -addnode hostname_of_node"
6198
msgstr "sudo euca_conf -addnode hostname_of_node"
6199
6200
#: serverguide/C/virtualization.xml:1264(para)
6201
msgid ""
6202
"You will then be prompted to log into your Node, install the "
6203
"<application>eucalyptus-nc</application> package, and add the "
6204
"<emphasis>eucalyptus</emphasis> user's ssh key to the node's "
6205
"<filename>authorized_keys</filename> file, and confirm authenticity of the "
6206
"host's OpenSSH RSA key fingerprint. Finally, the command will complete by "
6207
"synchronizing the eucalyptus component keys and node registration is "
6208
"complete."
6209
msgstr ""
6210
"您这时将会被提示来登录您的节点,安装<application>eucalyptus-"
6211
"nc</application>包,然后添加<emphasis>eucalyptus</emphasis>用户的ssh键到节点的<filename>aut"
6212
"horized_keys</filename>文件,然后确认主机的OpenSSH "
6213
"RSA的键指印的正确性。最后,命令将会同步encalyptus组建的键,这样节点的注册就结束了。"
6214
6215
#: serverguide/C/virtualization.xml:1270(para)
6216
msgid ""
6217
"On the Node, the <filename>/etc/eucalyptus/eucalyptus.conf</filename> "
6218
"configuration file will need editing to use your node's bridge interface "
6219
"(assuming here that the interface is named <emphasis>'br0'</emphasis>):"
6220
msgstr ""
6221
"在节点上,配置文件<filename>/etc/eucalyptus/eucalyptus.conf</filename>需要进行编辑来使用您自己的桥接口"
6222
"(假设这里的那个接口被命名为<emphasis>“br0”</emphasis>):"
6223
6224
#: serverguide/C/virtualization.xml:1275(programlisting)
6225
#, no-wrap
6226
msgid ""
6227
"\n"
6228
"VNET_INTERFACE=\"br0\"\n"
6229
"...\n"
6230
"VNET_BRIDGE=\"br0\"\n"
6231
msgstr ""
6232
"\n"
6233
"VNET_INTERFACE=\"br0\"\n"
6234
"...\n"
6235
"VNET_BRIDGE=\"br0\"\n"
6236
6237
#: serverguide/C/virtualization.xml:1281(para)
6238
msgid "Finally, restart <application>eucalyptus-nc</application>:"
6239
msgstr "首先,重新启动<application>eucalyptus-nc</application>:"
6240
6241
#: serverguide/C/virtualization.xml:1286(command)
6242
msgid "sudo /etc/init.d/eucalyptus-nc restart"
6243
msgstr "sudo /etc/init.d/eucalyptus-nc restart"
6244
6245
#: serverguide/C/virtualization.xml:1291(para)
6246
msgid ""
6247
"Be sure to replace <emphasis>nodecontroller</emphasis>, "
6248
"<emphasis>node01</emphasis>, and <emphasis>node02</emphasis> with actual "
6249
"hostnames."
6250
msgstr ""
6251
"一定要使用真实的主机名来替换<emphasis>nodecontroller</emphasis>,<emphasis>node01</emphasis>"
6252
"和<emphasis>node02</emphasis>。"
6253
6254
#: serverguide/C/virtualization.xml:1297(para)
6255
msgid ""
6256
"<application>Eucalyptus</application> is now ready to host images on the "
6257
"cloud."
6258
msgstr "<application>Eucalyptus</application>现在已经准备host image on the cloud。"
6259
6260
#: serverguide/C/virtualization.xml:1307(para)
6261
msgid ""
6262
"See the <ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus "
6263
"website</ulink> for more information."
6264
msgstr ""
6265
"更多信息,请参见<ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus 网站</ulink>"
6266
6267
#: serverguide/C/virtualization.xml:1312(para)
6052
msgid "Storage Controller (SC)"
6053
msgstr ""
6054
6055
#: serverguide/C/virtualization.xml:1248(title)
6056
msgid "UEC Front End Requirements"
6057
msgstr ""
6058
6059
#: serverguide/C/virtualization.xml:1256(para) serverguide/C/virtualization.xml:1318(para)
6060
msgid "Hardware"
6061
msgstr ""
6062
6063
#: serverguide/C/virtualization.xml:1257(para) serverguide/C/virtualization.xml:1319(para)
6064
msgid "Minimum"
6065
msgstr ""
6066
6067
#: serverguide/C/virtualization.xml:1258(para) serverguide/C/virtualization.xml:1320(para)
6068
msgid "Suggested"
6069
msgstr ""
6070
6071
#: serverguide/C/virtualization.xml:1259(para) serverguide/C/virtualization.xml:1321(para)
6072
msgid "Notes"
6073
msgstr ""
6074
6075
#: serverguide/C/virtualization.xml:1264(para) serverguide/C/virtualization.xml:1326(para)
6076
msgid "CPU"
6077
msgstr ""
6078
6079
#: serverguide/C/virtualization.xml:1265(para)
6080
msgid "1 GHz"
6081
msgstr ""
6082
6083
#: serverguide/C/virtualization.xml:1266(para)
6084
msgid "2 x 2 GHz"
6085
msgstr ""
6086
6087
#: serverguide/C/virtualization.xml:1267(para)
6088
msgid ""
6089
"For an <emphasis>all-in-one</emphasis> front end, it helps to have at least "
6090
"a dual core processor."
6091
msgstr ""
6092
6093
#: serverguide/C/virtualization.xml:1270(para) serverguide/C/virtualization.xml:1332(para)
6094
msgid "Memory"
6095
msgstr ""
6096
6097
#: serverguide/C/virtualization.xml:1271(para)
6098
msgid "512 MB"
6099
msgstr ""
6100
6101
#: serverguide/C/virtualization.xml:1272(para)
6102
msgid "2 GB"
6103
msgstr ""
6104
6105
#: serverguide/C/virtualization.xml:1273(para)
6106
msgid "The Java web front end benefits from lots of available memory."
6107
msgstr ""
6108
6109
#: serverguide/C/virtualization.xml:1276(para) serverguide/C/virtualization.xml:1338(para)
6110
msgid "Disk"
6111
msgstr ""
6112
6113
#: serverguide/C/virtualization.xml:1277(para) serverguide/C/virtualization.xml:1339(para)
6114
msgid "5400 RPM IDE"
6115
msgstr ""
6116
6117
#: serverguide/C/virtualization.xml:1278(para)
6118
msgid "7200 RPM SATA"
6119
msgstr ""
6120
6121
#: serverguide/C/virtualization.xml:1279(para)
6122
msgid ""
6123
"Slower disks will work, but will yield much longer instance startup times."
6124
msgstr ""
6125
6126
#: serverguide/C/virtualization.xml:1282(para) serverguide/C/virtualization.xml:1344(para)
6127
msgid "Disk Space"
6128
msgstr ""
6129
6130
#: serverguide/C/virtualization.xml:1283(para) serverguide/C/virtualization.xml:1345(para)
6131
msgid "40 GB"
6132
msgstr ""
6133
6134
#: serverguide/C/virtualization.xml:1284(para)
6135
msgid "200 GB"
6136
msgstr ""
6137
6138
#: serverguide/C/virtualization.xml:1285(para)
6139
msgid ""
6140
"40GB is only enough space for only a single image, cache, etc., Eucalyptus "
6141
"does not like to run out of disk space."
6142
msgstr ""
6143
6144
#: serverguide/C/virtualization.xml:1288(para) serverguide/C/virtualization.xml:1350(para) serverguide/C/network-config.xml:13(title)
6145
msgid "Networking"
6146
msgstr "联网"
6147
6148
#: serverguide/C/virtualization.xml:1289(para) serverguide/C/virtualization.xml:1351(para)
6149
msgid "100 Mbps"
6150
msgstr ""
6151
6152
#: serverguide/C/virtualization.xml:1290(para) serverguide/C/virtualization.xml:1352(para)
6153
msgid "1000 Mbps"
6154
msgstr ""
6155
6156
#: serverguide/C/virtualization.xml:1291(para) serverguide/C/virtualization.xml:1353(para)
6157
msgid ""
6158
"Machine images are hundreds of MB, and need to be copied over the network to "
6159
"nodes."
6160
msgstr ""
6161
6162
#: serverguide/C/virtualization.xml:1299(title)
6163
msgid "Node Requirements"
6164
msgstr ""
6165
6166
#: serverguide/C/virtualization.xml:1301(para)
6167
msgid "The other system(s) are <emphasis>nodes</emphasis>, which will run::"
6168
msgstr ""
6169
6170
#: serverguide/C/virtualization.xml:1306(para)
6171
msgid "the Node Controller (NC)"
6172
msgstr ""
6173
6174
#: serverguide/C/virtualization.xml:1310(title)
6175
msgid "UEC Node Requirements"
6176
msgstr ""
6177
6178
#: serverguide/C/virtualization.xml:1327(para)
6179
msgid "VT Extensions"
6180
msgstr ""
6181
6182
#: serverguide/C/virtualization.xml:1328(para)
6183
msgid "VT, 64-bit, Multicore"
6184
msgstr ""
6185
6186
#: serverguide/C/virtualization.xml:1329(para)
6187
msgid ""
6188
"64-bit can run both i386, and amd64 instances; by default, Eucalyptus will "
6189
"only run 1 VM per CPU core on a Node."
6190
msgstr ""
6191
6192
#: serverguide/C/virtualization.xml:1333(para)
6193
msgid "1 GB"
6194
msgstr ""
6195
6196
#: serverguide/C/virtualization.xml:1334(para)
6197
msgid "4 GB"
6198
msgstr ""
6199
6200
#: serverguide/C/virtualization.xml:1335(para)
6201
msgid "Additional memory means more, and larger guests."
6202
msgstr ""
6203
6204
#: serverguide/C/virtualization.xml:1340(para)
6205
msgid "7200 RPM SATA or SCSI"
6206
msgstr ""
6207
6208
#: serverguide/C/virtualization.xml:1341(para)
6209
msgid ""
6210
"Eucalyptus nodes are disk-intensive; I/O wait will likely be the performance "
6211
"bottleneck."
6212
msgstr ""
6213
6214
#: serverguide/C/virtualization.xml:1346(para)
6215
msgid "100 GB"
6216
msgstr ""
6217
6218
#: serverguide/C/virtualization.xml:1347(para)
6219
msgid ""
6220
"Images will be cached locally, Eucalyptus does not like to run out of disk "
6221
"space."
6222
msgstr ""
6223
6224
#: serverguide/C/virtualization.xml:1363(title)
6225
msgid "Installing the Cloud/Cluster/Storage/Walrus Front End Server"
6226
msgstr ""
6227
6228
#: serverguide/C/virtualization.xml:1367(para)
6229
msgid "Download the Ubuntu 10.04 LTS Server ISO file, and burn it to a CD."
6230
msgstr ""
6231
6232
#: serverguide/C/virtualization.xml:1372(para) serverguide/C/virtualization.xml:1418(para)
6233
msgid ""
6234
"When you boot, select <emphasis>“Install Ubuntu Enterprise Cloud”</emphasis>."
6235
msgstr ""
6236
6237
#: serverguide/C/virtualization.xml:1377(para)
6238
msgid ""
6239
"When asked whether you want a <emphasis>“Cluster”</emphasis> or a "
6240
"<emphasis>“Node”</emphasis> install, select <emphasis>“Cluster”</emphasis>."
6241
msgstr ""
6242
6243
#: serverguide/C/virtualization.xml:1383(para)
6244
msgid ""
6245
"It will ask two other cloud-specific questions during the course of the "
6246
"install:"
6247
msgstr ""
6248
6249
#: serverguide/C/virtualization.xml:1388(para)
6250
msgid "Name of your cluster."
6251
msgstr ""
6252
6253
#: serverguide/C/virtualization.xml:1391(para)
6254
msgid "e.g. <emphasis>cluster1</emphasis>."
6255
msgstr ""
6256
6257
#: serverguide/C/virtualization.xml:1394(para)
6258
msgid ""
6259
"A range of public IP addresses on the LAN that the cloud can allocate to "
6260
"instances."
6261
msgstr ""
6262
6263
#: serverguide/C/virtualization.xml:1397(para)
6264
msgid "e.g. <emphasis>192.168.1.200-192.168.1.249</emphasis>."
6265
msgstr ""
6266
6267
#: serverguide/C/virtualization.xml:1405(title)
6268
msgid "Installing the Node Controller(s)"
6269
msgstr ""
6270
6271
#: serverguide/C/virtualization.xml:1407(para)
6272
msgid ""
6273
"The node controller install is even simpler. Just make sure that you are "
6274
"connected to the network on which the cloud/cluster controller is already "
6275
"running."
6276
msgstr ""
6277
6278
#: serverguide/C/virtualization.xml:1413(para)
6279
msgid "Boot from the same ISO on the node(s)."
6280
msgstr ""
6281
6282
#: serverguide/C/virtualization.xml:1423(para)
6283
msgid "Select <emphasis>“Install Ubuntu Enterprise Cloud”</emphasis>."
6284
msgstr ""
6285
6286
#: serverguide/C/virtualization.xml:1428(para)
6287
msgid ""
6288
"It should detect the Cluster and preselect <emphasis>“Node”</emphasis> "
6289
"install for you."
6290
msgstr ""
6291
6292
#: serverguide/C/virtualization.xml:1433(para)
6293
msgid "Confirm the partitioning scheme."
6294
msgstr ""
6295
6296
#: serverguide/C/virtualization.xml:1438(para)
6297
msgid ""
6298
"The rest of the installation should proceed uninterrupted; complete the "
6299
"installation and reboot the node."
6300
msgstr ""
6301
6302
#: serverguide/C/virtualization.xml:1446(title)
6303
msgid "Register the Node(s)"
6304
msgstr ""
6305
6306
#: serverguide/C/virtualization.xml:1448(para)
6307
msgid ""
6308
"Nodes are the physical systems within <application>UEC</application> that "
6309
"actually run the virtual machine instances of the cloud."
6310
msgstr ""
6311
6312
#: serverguide/C/virtualization.xml:1452(para)
6313
msgid ""
6314
"Once one or more Ubuntu Server node(s) are installed and running the "
6315
"<application>eucalyptus-nc</application> service, log onto the "
6316
"<emphasis>Cloud Controller (CLC)</emphasis> and run:"
6317
msgstr ""
6318
6319
#: serverguide/C/virtualization.xml:1458(command)
6320
msgid "sudo euca_conf --no-rsync --discover-nodes"
6321
msgstr ""
6322
6323
#: serverguide/C/virtualization.xml:1461(para)
6324
msgid ""
6325
"This will discover the systems on the network running the "
6326
"<application>eucalyptus-nc</application> service, and the administrator can "
6327
"confirm the registration of each node by its IP address."
6328
msgstr ""
6329
6330
#: serverguide/C/virtualization.xml:1467(para)
6331
msgid ""
6332
"If you get prompted for passwords, or receive errors from scp, you may need "
6333
"to revisit the key synchronization instructions at <ulink "
6334
"url=\"https://help.ubuntu.com/community/UEC/NodeInstallation\">UEC/NodeInstal"
6335
"lation</ulink>."
6336
msgstr ""
6337
6338
#: serverguide/C/virtualization.xml:1475(title)
6339
msgid "Obtain Credentials"
6340
msgstr ""
6341
6342
#: serverguide/C/virtualization.xml:1477(para)
6343
msgid ""
6344
"After installing and booting the <emphasis>Cloud Controller</emphasis>, "
6345
"users of the cloud will need to retrieve their credentials. This can be done "
6346
"either through a web browser, or at the command line."
6347
msgstr ""
6348
6349
#: serverguide/C/virtualization.xml:1483(title)
6350
msgid "From a Web Browser"
6351
msgstr ""
6352
6353
#: serverguide/C/virtualization.xml:1487(para)
6354
msgid ""
6355
"From your web browser (either remotely or on your Ubuntu server) access the "
6356
"following URL:"
6357
msgstr ""
6358
6359
#: serverguide/C/virtualization.xml:1490(programlisting) serverguide/C/virtualization.xml:1743(programlisting)
6360
#, no-wrap
6361
msgid ""
6362
"\n"
6363
"https://<cloud-controller-ip-address>:8443/\n"
6364
msgstr ""
6365
6366
#: serverguide/C/virtualization.xml:1495(para)
6367
msgid ""
6368
"You must use a secure connection, so make sure you use \"https\" not "
6369
"\"http\" in your URL. You will get a security certificate warning. You will "
6370
"have to add an exception to view the page. If you do not accept it you will "
6371
"not be able to view the Eucalyptus configuration page."
6372
msgstr ""
6373
6374
#: serverguide/C/virtualization.xml:1503(para)
6375
msgid ""
6376
"Use username <emphasis>'admin'</emphasis> and password "
6377
"<emphasis>'admin'</emphasis> for the first time login (you will be prompted "
6378
"to change your password)."
6379
msgstr ""
6380
6381
#: serverguide/C/virtualization.xml:1509(para)
6382
msgid ""
6383
"Then follow the on-screen instructions to update the admin password and "
6384
"email address."
6385
msgstr ""
6386
6387
#: serverguide/C/virtualization.xml:1514(para)
6388
msgid ""
6389
"Once the first time configuration process is completed, click the "
6390
"<emphasis>'credentials'</emphasis> tab located in the top-left portion of "
6391
"the screen."
6392
msgstr ""
6393
6394
#: serverguide/C/virtualization.xml:1520(para)
6395
msgid ""
6396
"Click the <emphasis>'Download Credentials'</emphasis> button to get your "
6397
"certificates."
6398
msgstr ""
6399
6400
#: serverguide/C/virtualization.xml:1525(para)
6401
msgid "Save them to <filename>~/.euca</filename>."
6402
msgstr ""
6403
6404
#: serverguide/C/virtualization.xml:1530(para)
6405
msgid ""
6406
"Unzip the downloaded zip file into a safe location "
6407
"(<filename>~/.euca</filename>)."
6408
msgstr ""
6409
6410
#: serverguide/C/virtualization.xml:1534(command)
6411
msgid "unzip -d ~/.euca mycreds.zip"
6412
msgstr ""
6413
6414
#: serverguide/C/virtualization.xml:1541(title)
6415
msgid "From a Command Line"
6416
msgstr ""
6417
6418
#: serverguide/C/virtualization.xml:1545(para)
6419
msgid ""
6420
"Alternatively, if you are on the command line of the <emphasis>Cloud "
6421
"Controller</emphasis>, you can run:"
6422
msgstr ""
6423
6424
#: serverguide/C/virtualization.xml:1549(command)
6425
msgid "mkdir -p ~/.euca"
6426
msgstr ""
6427
6428
#: serverguide/C/virtualization.xml:1550(command)
6429
msgid "chmod 700 ~/.euca"
6430
msgstr ""
6431
6432
#: serverguide/C/virtualization.xml:1551(command)
6433
msgid "cd ~/.euca"
6434
msgstr ""
6435
6436
#: serverguide/C/virtualization.xml:1552(command)
6437
msgid "sudo euca_conf --get-credentials mycreds.zip"
6438
msgstr ""
6439
6440
#: serverguide/C/virtualization.xml:1553(command)
6441
msgid "unzip mycreds.zip"
6442
msgstr ""
6443
6444
#: serverguide/C/virtualization.xml:1554(command)
6445
msgid "cd -"
6446
msgstr ""
6447
6448
#: serverguide/C/virtualization.xml:1561(title)
6449
msgid "Extracting and Using Your Credentials"
6450
msgstr ""
6451
6452
#: serverguide/C/virtualization.xml:1563(para)
6453
msgid ""
6454
"Now you will need to setup EC2 API and AMI tools on your server using X.509 "
6455
"certificates."
6456
msgstr ""
6457
6458
#: serverguide/C/virtualization.xml:1569(para)
6459
msgid ""
6460
"Source the included <emphasis>\"eucarc\"</emphasis> file to set up your "
6461
"Eucalyptus environment:"
6462
msgstr ""
6463
6464
#: serverguide/C/virtualization.xml:1573(command) serverguide/C/virtualization.xml:1600(command)
6465
msgid ". ~/.euca/eucarc"
6466
msgstr ""
6467
6468
#: serverguide/C/virtualization.xml:1577(para)
6469
msgid ""
6470
"You may additionally wish to add this command to your "
6471
"<filename>~/.bashrc</filename> file so that your Eucalyptus environment is "
6472
"set up automatically when you log in. Eucalyptus treats this set of "
6473
"credentials as <emphasis>'administrator'</emphasis> credentials that allow "
6474
"the holder global privileges across the cloud. As such, they should be "
6475
"protected in the same way that other elevated-priority access is protected "
6476
"(e.g. should not be made visible to the general user population)."
6477
msgstr ""
6478
6479
#: serverguide/C/virtualization.xml:1584(command)
6480
msgid ""
6481
"echo \"[ -r ~/.euca/eucarc ] && . ~/.euca/eucarc\" >> ~/.bashrc"
6482
msgstr ""
6483
6484
#: serverguide/C/virtualization.xml:1588(para)
6485
msgid "Install the required cloud user tools:"
6486
msgstr ""
6487
6488
#: serverguide/C/virtualization.xml:1592(command)
6489
msgid "sudo apt-get install euca2ools"
6490
msgstr ""
6491
6492
#: serverguide/C/virtualization.xml:1596(para)
6493
msgid ""
6494
"To validate that everything is working correctly, get the local cluster "
6495
"availability details:"
6496
msgstr ""
6497
6498
#: serverguide/C/virtualization.xml:1601(command)
6499
msgid "euca-describe-availability-zones verbose"
6500
msgstr ""
6501
6502
#: serverguide/C/virtualization.xml:1602(computeroutput)
6503
#, no-wrap
6504
msgid ""
6505
"AVAILABILITYZONE myowncloud 192.168.1.1\n"
6506
"AVAILABILITYZONE |- vm types free / max cpu ram disk\n"
6507
"AVAILABILITYZONE |- m1.small 0004 / 0004 1 128 2\n"
6508
"AVAILABILITYZONE |- c1.medium 0004 / 0004 1 256 5\n"
6509
"AVAILABILITYZONE |- m1.large 0002 / 0002 2 512 10\n"
6510
"AVAILABILITYZONE |- m1.xlarge 0002 / 0002 2 1024 20\n"
6511
"AVAILABILITYZONE |- c1.xlarge 0001 / 0001 4 2048 20"
6512
msgstr ""
6513
6514
#: serverguide/C/virtualization.xml:1612(para)
6515
msgid "Your output from the above command will vary."
6516
msgstr ""
6517
6518
#: serverguide/C/virtualization.xml:1622(title)
6519
msgid "Running an Image"
6520
msgstr ""
6521
6522
#: serverguide/C/virtualization.xml:1624(para)
6523
msgid "There are multiple ways to instantiate an image in UEC:"
6524
msgstr ""
6525
6526
#: serverguide/C/virtualization.xml:1629(para)
6527
msgid "Use the command line."
6528
msgstr ""
6529
6530
#: serverguide/C/virtualization.xml:1630(para)
6531
msgid ""
6532
"Use one of the UEC compatible management tools such as "
6533
"<emphasis>Landscape</emphasis>."
6534
msgstr ""
6535
6536
#: serverguide/C/virtualization.xml:1632(para)
6537
msgid ""
6538
"Use the <ulink "
6539
"url=\"https://help.ubuntu.com/community/UEC/ElasticFox\">ElasticFox</ulink> "
6540
"extension to Firefox."
6541
msgstr ""
6542
6543
#: serverguide/C/virtualization.xml:1638(para)
6544
msgid "Here we will describe the process from the command line:"
6545
msgstr ""
6546
6547
#: serverguide/C/virtualization.xml:1644(para)
6548
msgid ""
6549
"Before running an instance of your image, you should first create a "
6550
"<emphasis>keypair</emphasis> (ssh key) that you can use to log into your "
6551
"instance as root, once it boots. The key is stored, so you will only have to "
6552
"do this once."
6553
msgstr ""
6554
6555
#: serverguide/C/virtualization.xml:1648(para)
6556
msgid "Run the following command:"
6557
msgstr ""
6558
6559
#: serverguide/C/virtualization.xml:1651(programlisting)
6560
#, no-wrap
6561
msgid ""
6562
"\n"
6563
"if [ ! -e ~/.euca/mykey.priv ]; then\n"
6564
" touch ~/.euca/mykey.priv\n"
6565
" chmod 0600 ~/.euca/mykey.priv\n"
6566
" euca-add-keypair mykey > ~/.euca/mykey.priv\n"
6567
"fi\n"
6568
msgstr ""
6569
6570
#: serverguide/C/virtualization.xml:1659(para)
6571
msgid ""
6572
"You can call your key whatever you like (in this example, the key is called "
6573
"<emphasis>'mykey'</emphasis>), but remember what it is called. If you "
6574
"forget, you can always run <command>euca-describe-keypairs</command> to get "
6575
"a list of created keys stored in the system."
6576
msgstr ""
6577
6578
#: serverguide/C/virtualization.xml:1666(para)
6579
msgid "You must also allow access to port 22 in your instances:"
6580
msgstr ""
6581
6582
#: serverguide/C/virtualization.xml:1670(command)
6583
msgid "euca-describe-groups"
6584
msgstr ""
6585
6586
#: serverguide/C/virtualization.xml:1671(command)
6587
msgid "euca-authorize default -P tcp -p 22 -s 0.0.0.0/0"
6588
msgstr ""
6589
6590
#: serverguide/C/virtualization.xml:1675(para)
6591
msgid "Next, you can create instances of your registered image:"
6592
msgstr ""
6593
6594
#: serverguide/C/virtualization.xml:1679(command)
6595
msgid "euca-run-instances $EMI -k mykey -t c1.medium"
6596
msgstr ""
6597
6598
#: serverguide/C/virtualization.xml:1682(para)
6599
msgid ""
6600
"If you receive an error regarding <emphasis>image_id</emphasis>, you may "
6601
"find it by viewing Images page or click <emphasis>\"How to Run\"</emphasis> "
6602
"on the <emphasis>Store</emphasis> page to see the sample command."
6603
msgstr ""
6604
6605
#: serverguide/C/virtualization.xml:1689(para)
6606
msgid ""
6607
"The first time you run an instance, the system will be setting up caches for "
6608
"the image from which it will be created. This can often take some time the "
6609
"first time an instance is run given that VM images are usually quite large."
6610
msgstr ""
6611
6612
#: serverguide/C/virtualization.xml:1693(para)
6613
msgid "To monitor the state of your instance, run:"
6614
msgstr ""
6615
6616
#: serverguide/C/virtualization.xml:1697(command)
6617
msgid "watch -n5 euca-describe-instances"
6618
msgstr ""
6619
6620
#: serverguide/C/virtualization.xml:1699(para)
6621
msgid ""
6622
"In the output, you should see information about the instance, including its "
6623
"state. While first-time caching is being performed, the instance's state "
6624
"will be <emphasis>'pending'</emphasis>."
6625
msgstr ""
6626
6627
#: serverguide/C/virtualization.xml:1705(para)
6628
msgid ""
6629
"When the instance is fully started, the above state will become "
6630
"<emphasis>'running'</emphasis>. Look at the IP address assigned to your "
6631
"instance in the output, then connect to it:"
6632
msgstr ""
6633
6634
#: serverguide/C/virtualization.xml:1710(command)
6635
msgid ""
6636
"IPADDR=$(euca-describe-instances | grep $EMI | grep running | tail -n1 | awk "
6637
"'{print $4}')"
6638
msgstr ""
6639
6640
#: serverguide/C/virtualization.xml:1711(command)
6641
msgid "ssh -i ~/.euca/mykey.priv ubuntu@$IPADDR"
6642
msgstr ""
6643
6644
#: serverguide/C/virtualization.xml:1715(para)
6645
msgid ""
6646
"And when you are done with this instance, exit your SSH connection, then "
6647
"terminate your instance:"
6648
msgstr ""
6649
6650
#: serverguide/C/virtualization.xml:1719(command)
6651
msgid ""
6652
"INSTANCEID=$(euca-describe-instances | grep $EMI | grep running | tail -n1 | "
6653
"awk '{print $2}')"
6654
msgstr ""
6655
6656
#: serverguide/C/virtualization.xml:1720(command)
6657
msgid "euca-terminate-instances $INSTANCEID"
6658
msgstr ""
6659
6660
#: serverguide/C/virtualization.xml:1727(title)
6661
msgid "Install an Image from the Store"
6662
msgstr ""
6663
6664
#: serverguide/C/virtualization.xml:1729(para)
6665
msgid ""
6666
"The following is by far the simplest way to install an image. However, "
6667
"advanced users may be interested in learning how to <ulink "
6668
"url=\"https://help.ubuntu.com/community/UEC/BundlingImages\">Bundle their "
6669
"own image</ulink>."
6670
msgstr ""
6671
6672
#: serverguide/C/virtualization.xml:1734(para)
6673
msgid ""
6674
"The simplest way to add an image to <application>UEC</application> is to "
6675
"install it from the Image Store on the UEC web interface."
6676
msgstr ""
6677
6678
#: serverguide/C/virtualization.xml:1740(para)
6679
msgid ""
6680
"Access the web interface at the following URL (Make sure you specify https):"
6681
msgstr ""
6682
6683
#: serverguide/C/virtualization.xml:1748(para)
6684
msgid ""
6685
"Enter your login and password (if requested, as you may still be logged in "
6686
"from earlier)."
6687
msgstr ""
6688
6689
#: serverguide/C/virtualization.xml:1753(para)
6690
msgid "Click on the <emphasis>Store</emphasis> tab."
6691
msgstr ""
6692
6693
#: serverguide/C/virtualization.xml:1758(para)
6694
msgid "Browse available images."
6695
msgstr ""
6696
6697
#: serverguide/C/virtualization.xml:1763(para)
6698
msgid "Click on <emphasis>install</emphasis> for the image you want."
6699
msgstr ""
6700
6701
#: serverguide/C/virtualization.xml:1769(para)
6702
msgid ""
6703
"Once the image has been downloaded and installed, you can click on "
6704
"<emphasis>\"How to run?\"</emphasis> that will be displayed below the image "
6705
"button to view the command to execute to instantiate (start) this image. The "
6706
"image will also appear on the list given on the <emphasis>Image</emphasis> "
6707
"tab."
6708
msgstr ""
6709
6710
#: serverguide/C/virtualization.xml:1777(title) serverguide/C/dns.xml:619(title)
6711
msgid "More Information"
6712
msgstr "更多信息"
6713
6714
#: serverguide/C/virtualization.xml:1779(para)
6715
msgid ""
6716
"How to use the <ulink "
6717
"url=\"https://help.ubuntu.com/community/UEC/StorageController\">Storage "
6718
"Controller</ulink>"
6719
msgstr ""
6720
6721
#: serverguide/C/virtualization.xml:1783(para)
6722
msgid "Controlling eucalyptus services:"
6723
msgstr ""
6724
6725
#: serverguide/C/virtualization.xml:1788(para)
6726
msgid ""
6727
"sudo service eucalyptus [start|stop|restart] (on the CLC/CC/SC/Walrus side)"
6728
msgstr ""
6729
6730
#: serverguide/C/virtualization.xml:1789(para)
6731
msgid "sudo service eucalyptus-nc [start|stop|restart] (on the Node side)"
6732
msgstr ""
6733
6734
#: serverguide/C/virtualization.xml:1792(para)
6735
msgid "Locations of some important files:"
6736
msgstr ""
6737
6738
#: serverguide/C/virtualization.xml:1799(emphasis)
6739
msgid "Log files:"
6740
msgstr ""
6741
6742
#: serverguide/C/virtualization.xml:1802(para)
6743
msgid "/var/log/eucalyptus"
6744
msgstr ""
6745
6746
#: serverguide/C/virtualization.xml:1807(emphasis)
6747
msgid "Configuration files:"
6748
msgstr ""
6749
6750
#: serverguide/C/virtualization.xml:1810(para)
6751
msgid "/etc/eucalyptus"
6752
msgstr ""
6753
6754
#: serverguide/C/virtualization.xml:1815(emphasis)
6755
msgid "Database:"
6756
msgstr ""
6757
6758
#: serverguide/C/virtualization.xml:1818(para)
6759
msgid "/var/lib/eucalyptus/db"
6760
msgstr ""
6761
6762
#: serverguide/C/virtualization.xml:1823(emphasis)
6763
msgid "Keys:"
6764
msgstr ""
6765
6766
#: serverguide/C/virtualization.xml:1826(para)
6767
msgid "/var/lib/eucalyptus"
6768
msgstr ""
6769
6770
#: serverguide/C/virtualization.xml:1827(para)
6771
msgid "/var/lib/eucalyptus/.ssh"
6772
msgstr ""
6773
6774
#: serverguide/C/virtualization.xml:1833(para)
6775
msgid ""
6776
"Don't forget to source your <filename>~/.euca/eucarc</filename> before "
6777
"running the client tools."
6778
msgstr ""
6779
6780
#: serverguide/C/virtualization.xml:1844(para)
6268
6781
msgid ""
6269
6782
"For information on loading instances see the <ulink "
6270
6783
"url=\"https://help.ubuntu.com/community/Eucalyptus\">Eucalyptus Wiki</ulink> "
6273
6786
"关于加载的例子的信息,请参见网页<ulink "
6274
6787
"url=\"https://help.ubuntu.com/community/Eucalyptus\">Eucalyptus Wiki</ulink>。"
6275
6788
6276
#: serverguide/C/virtualization.xml:1317(para)
6789
#: serverguide/C/virtualization.xml:1849(para)
6790
msgid ""
6791
"<ulink url=\"http://open.eucalyptus.com/\">Eucalyptus Project Site (forums, "
6792
"documentation, downloads)</ulink>."
6793
msgstr ""
6794
6795
#: serverguide/C/virtualization.xml:1854(para)
6796
msgid ""
6797
"<ulink url=\"https://launchpad.net/eucalyptus/\">Eucalyptus on Launchpad "
6798
"(bugs, code)</ulink>."
6799
msgstr ""
6800
6801
#: serverguide/C/virtualization.xml:1859(para)
6802
msgid ""
6803
"<ulink "
6804
"url=\"http://open.eucalyptus.com/wiki/EucalyptusTroubleshooting_v1.5\">Eucaly"
6805
"ptus Troubleshooting (1.5)</ulink>."
6806
msgstr ""
6807
6808
#: serverguide/C/virtualization.xml:1864(para)
6809
msgid ""
6810
"<ulink url=\"http://support.rightscale.com/2._References/02-"
6811
"Cloud_Infrastructures/Eucalyptus/03-"
6812
"Administration_Guide/Register_with_RightScale\"> Register your cloud with "
6813
"RightScale</ulink>."
6814
msgstr ""
6815
6816
#: serverguide/C/virtualization.xml:1870(para)
6277
6817
msgid ""
6278
6818
"You can also find help in the <emphasis>#ubuntu-virt</emphasis>, "
6279
6819
"<emphasis>#eucalyptus</emphasis>, and <emphasis>#ubuntu-server</emphasis> "
6283
6823
"<emphasis>#eucalyptus</emphasis>, and <emphasis>#ubuntu-server</emphasis> "
6284
6824
"IRC channels on <ulink url=\"http://freenode.net\">Freenode</ulink>."
6285
6825
6286
#: serverguide/C/virtualization.xml:1327(title)
6826
#: serverguide/C/virtualization.xml:1879(title)
6827
msgid "Glossary"
6828
msgstr ""
6829
6830
#: serverguide/C/virtualization.xml:1881(para)
6831
msgid ""
6832
"The Ubuntu Enterprise Cloud documentation uses terminology that might be "
6833
"unfamiliar to some readers. This page is intended to provide a glossary of "
6834
"such terms and acronyms."
6835
msgstr ""
6836
6837
#: serverguide/C/virtualization.xml:1888(para)
6838
msgid ""
6839
"<emphasis>Cloud</emphasis> - A federated set of physical machines that offer "
6840
"computing resources through virtual machines, provisioned and recollected "
6841
"dynamically."
6842
msgstr ""
6843
6844
#: serverguide/C/virtualization.xml:1894(para)
6845
msgid ""
6846
"<emphasis>Cloud Controller (CLC)</emphasis> - Eucalyptus component that "
6847
"provides the web UI (an https server on port 8443), and implements the "
6848
"Amazon EC2 API. There should be only one Cloud Controller in an installation "
6849
"of UEC. This service is provided by the Ubuntu <application>eucalyptus-"
6850
"cloud</application> package."
6851
msgstr ""
6852
6853
#: serverguide/C/virtualization.xml:1901(para)
6854
msgid ""
6855
"<emphasis>Cluster</emphasis> - A collection of nodes, associated with a "
6856
"Cluster Controller. There can be more than one Cluster in an installation of "
6857
"UEC. Clusters are sometimes physically separate sets of nodes. (e.g. floor1, "
6858
"floor2, floor2)."
6859
msgstr ""
6860
6861
#: serverguide/C/virtualization.xml:1907(para)
6862
msgid ""
6863
"<emphasis>Cluster Controller (CC)</emphasis> - Eucalyptus component that "
6864
"manages collections of node resources. This service is provided by the "
6865
"Ubuntu <application>eucalyptus-cc</application> package."
6866
msgstr ""
6867
6868
#: serverguide/C/virtualization.xml:1913(para)
6869
msgid "<emphasis>EBS</emphasis> - Elastic Block Storage."
6870
msgstr ""
6871
6872
#: serverguide/C/virtualization.xml:1918(para)
6873
msgid ""
6874
"<emphasis>EC2</emphasis> - Elastic Compute Cloud. Amazon's pay-by-the-hour, "
6875
"pay-by-the-gigabyte public cloud computing offering."
6876
msgstr ""
6877
6878
#: serverguide/C/virtualization.xml:1923(para)
6879
msgid "<emphasis>EKI</emphasis> - Eucalyptus Kernel Image."
6880
msgstr ""
6881
6882
#: serverguide/C/virtualization.xml:1928(para)
6883
msgid "<emphasis>EMI</emphasis> - Eucalyptus Machine Image."
6884
msgstr ""
6885
6886
#: serverguide/C/virtualization.xml:1933(para)
6887
msgid "<emphasis>ERI</emphasis> - Eucalyptus Ramdisk Image."
6888
msgstr ""
6889
6890
#: serverguide/C/virtualization.xml:1938(para)
6891
msgid ""
6892
"<emphasis>Eucalyptus</emphasis> - Elastic Utility Computing Architecture for "
6893
"Linking Your Programs To Useful Systems. An open source project originally "
6894
"from the University of California at Santa Barbara, now supported by "
6895
"Eucalyptus Systems, a Canonical Partner."
6896
msgstr ""
6897
6898
#: serverguide/C/virtualization.xml:1945(para)
6899
msgid ""
6900
"<emphasis>Front-end</emphasis> - Physical machine hosting one (or more) of "
6901
"the high level Eucalyptus components (cloud, walrus, storage controller, "
6902
"cluster controller)."
6903
msgstr ""
6904
6905
#: serverguide/C/virtualization.xml:1951(para)
6906
msgid ""
6907
"<emphasis>Node</emphasis> - A node is a physical machine that's capable of "
6908
"running virtual machines, running a node controller. Within Ubuntu, this "
6909
"generally means that the CPU has VT extensions, and can run the KVM "
6910
"hypervisor."
6911
msgstr ""
6912
6913
#: serverguide/C/virtualization.xml:1957(para)
6914
msgid ""
6915
"<emphasis>Node Controller (NC)</emphasis> - Eucalyptus component that runs "
6916
"on nodes which host the virtual machines that comprise the cloud. This "
6917
"service is provided by the Ubuntu package <application>eucalyptus-"
6918
"nc</application>."
6919
msgstr ""
6920
6921
#: serverguide/C/virtualization.xml:1963(para)
6922
msgid ""
6923
"<emphasis>S3</emphasis> - Simple Storage Service. Amazon's pay-by-the-"
6924
"gigabyte persistent storage solution for EC2."
6925
msgstr ""
6926
6927
#: serverguide/C/virtualization.xml:1968(para)
6928
msgid ""
6929
"<emphasis>Storage Controller (SC)</emphasis> - Eucalyptus component that "
6930
"manages dynamic block storage services (EBS). Each 'cluster' in a Eucalyptus "
6931
"installation can have its own Storage Controller. This component is provided "
6932
"by the <application>eucalyptus-sc</application> package."
6933
msgstr ""
6934
6935
#: serverguide/C/virtualization.xml:1975(para)
6936
msgid ""
6937
"<emphasis>UEC</emphasis> - Ubuntu Enterprise Cloud. Ubuntu's cloud computing "
6938
"solution, based on Eucalyptus."
6939
msgstr ""
6940
6941
#: serverguide/C/virtualization.xml:1980(para)
6942
msgid "<emphasis>VM</emphasis> - Virtual Machine."
6943
msgstr ""
6944
6945
#: serverguide/C/virtualization.xml:1985(para)
6946
msgid ""
6947
"<emphasis>VT</emphasis> - Virtualization Technology. An optional feature of "
6948
"some modern CPUs, allowing for accelerated virtual machine hosting."
6949
msgstr ""
6950
6951
#: serverguide/C/virtualization.xml:1990(para)
6952
msgid ""
6953
"<emphasis>Walrus</emphasis> - Eucalyptus component that implements the "
6954
"Amazon S3 API, used for storing VM images and user storage using S3 bucket "
6955
"put/get abstractions."
6956
msgstr ""
6957
6958
#: serverguide/C/virtualization.xml:2000(title)
6287
6959
msgid "OpenNebula"
6288
6960
msgstr "OpenNebula"
6289
6961
6290
#: serverguide/C/virtualization.xml:1329(para)
6962
#: serverguide/C/virtualization.xml:2002(para)
6291
6963
msgid ""
6292
6964
"<application>OpenNebula</application> allows virtual machines to be placed "
6293
6965
"and re-placed dynamically on a pool of physical resources. This allows a "
6296
6968
"<application>OpenNebula</application>允许虚拟机被动态的在一个物理资源池里面替换或者重置。这就允许一个虚拟机被从任何位"
6297
6969
"置访问。"
6298
6970
6299
#: serverguide/C/virtualization.xml:1334(para)
6971
#: serverguide/C/virtualization.xml:2007(para)
6300
6972
msgid ""
6301
6973
"This section will detail configuring an OpenNebula cluster using three "
6302
6974
"machines: one <emphasis>Front-End</emphasis> host, and two <emphasis>Compute "
6308
6980
"End</emphasis>主机和两个<emphasis>计算节点</emphasis>用来运行虚拟机。那些计算节点同样需要配置一个桥来允许虚拟机读取本地"
6309
6981
"网络。更多细节,请参阅<xref linkend=\"bridging\"/>"
6310
6982
6311
#: serverguide/C/virtualization.xml:1343(para)
6983
#: serverguide/C/virtualization.xml:2016(para)
6312
6984
msgid "First, from a terminal on the Front-End enter:"
6313
6985
msgstr "首先,在一个Front-End的终端中输入:"
6314
6986
6315
#: serverguide/C/virtualization.xml:1348(command)
6987
#: serverguide/C/virtualization.xml:2021(command)
6316
6988
msgid "sudo apt-get install opennebula"
6317
6989
msgstr "sudo apt-get install opennebula"
6318
6990
6319
#: serverguide/C/virtualization.xml:1351(para)
6991
#: serverguide/C/virtualization.xml:2024(para)
6320
6992
msgid "On each Compute Node install:"
6321
6993
msgstr "在每一个计算节点输入:"
6322
6994
6323
#: serverguide/C/virtualization.xml:1356(command)
6995
#: serverguide/C/virtualization.xml:2029(command)
6324
6996
msgid "sudo apt-get install opennebula-node"
6325
6997
msgstr "sudo apt-get install opennebula-node"
6326
6998
6327
#: serverguide/C/virtualization.xml:1359(para)
6999
#: serverguide/C/virtualization.xml:2032(para)
6328
7000
msgid ""
6329
7001
"In order to copy SSH keys, the <emphasis>oneadmin</emphasis> user will need "
6330
7002
"to have a password. On each machine execute:"
6331
7003
msgstr "为了拷贝SSH 键,<emphasis>oneadmin</emphasis>用户需要一个密码。在每个机器上执行:"
6332
7004
6333
#: serverguide/C/virtualization.xml:1364(command)
7005
#: serverguide/C/virtualization.xml:2037(command)
6334
7006
msgid "sudo passwd oneadmin"
6335
7007
msgstr "sudo passwd oneadmin"
6336
7008
6337
#: serverguide/C/virtualization.xml:1367(para)
7009
#: serverguide/C/virtualization.xml:2040(para)
6338
7010
msgid ""
6339
7011
"Next, copy the <emphasis>oneadmin</emphasis> user's SSH key to the Compute "
6340
7012
"Nodes, and to the Front-End's <filename>authorized_keys</filename> file:"
6342
7014
"接下来,拷贝<emphasis>oneadmin</emphasis>用户的SSH键到计算节点,然后拷贝到Front-"
6343
7015
"End的<filename>authorized_keys</filename>文件:"
6344
7016
6345
#: serverguide/C/virtualization.xml:1372(command)
6346
msgid ""
6347
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
6348
"oneadmin@node01:/var/lib/one/.ssh/authorized_keys"
6349
msgstr ""
6350
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
6351
"oneadmin@node01:/var/lib/one/.ssh/authorized_keys"
6352
6353
#: serverguide/C/virtualization.xml:1373(command)
6354
msgid ""
6355
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
6356
"oneadmin@node02:/var/lib/one/.ssh/authorized_keys"
6357
msgstr ""
6358
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
6359
"oneadmin@node02:/var/lib/one/.ssh/authorized_keys"
6360
6361
#: serverguide/C/virtualization.xml:1374(command)
6362
msgid ""
6363
"sudo sh -c \"cat /var/lib/one/.ssh/id_rsa.pub >> "
6364
"/var/lib/one/.ssh/authorized_keys\""
6365
msgstr ""
6366
"sudo sh -c \"cat /var/lib/one/.ssh/id_rsa.pub >> "
6367
"/var/lib/one/.ssh/authorized_keys\""
6368
6369
#: serverguide/C/virtualization.xml:1377(para)
7017
#: serverguide/C/virtualization.xml:2045(command)
7018
msgid ""
7019
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
7020
"oneadmin@node01:/var/lib/one/.ssh/authorized_keys"
7021
msgstr ""
7022
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
7023
"oneadmin@node01:/var/lib/one/.ssh/authorized_keys"
7024
7025
#: serverguide/C/virtualization.xml:2046(command)
7026
msgid ""
7027
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
7028
"oneadmin@node02:/var/lib/one/.ssh/authorized_keys"
7029
msgstr ""
7030
"sudo scp /var/lib/one/.ssh/id_rsa.pub "
7031
"oneadmin@node02:/var/lib/one/.ssh/authorized_keys"
7032
7033
#: serverguide/C/virtualization.xml:2047(command)
7034
msgid ""
7035
"sudo sh -c \"cat /var/lib/one/.ssh/id_rsa.pub >> "
7036
"/var/lib/one/.ssh/authorized_keys\""
7037
msgstr ""
7038
"sudo sh -c \"cat /var/lib/one/.ssh/id_rsa.pub >> "
7039
"/var/lib/one/.ssh/authorized_keys\""
7040
7041
#: serverguide/C/virtualization.xml:2050(para)
6370
7042
msgid ""
6371
7043
"The SSH key for the Compute Nodes needs to be added to the "
6372
7044
"<filename>/etc/ssh/ssh_known_hosts</filename> file on the Front-End host. To "
6382
7054
"session中退出,然后执行下面的内容,来把SSH键从<filename>~/.ssh/known_hosts</filename>拷贝到<filena"
6383
7055
"me>/etc/ssh/ssh_known_hosts</filename>。"
6384
7056
6385
#: serverguide/C/virtualization.xml:1384(command)
6386
msgid ""
6387
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node01 1>> "
6388
"/etc/ssh/ssh_known_hosts\""
6389
msgstr ""
6390
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node01 1>> "
6391
"/etc/ssh/ssh_known_hosts\""
6392
6393
#: serverguide/C/virtualization.xml:1385(command)
6394
msgid ""
6395
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node02 1>> "
6396
"/etc/ssh/ssh_known_hosts\""
6397
msgstr ""
6398
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node02 1>> "
6399
"/etc/ssh/ssh_known_hosts\""
6400
6401
#: serverguide/C/virtualization.xml:1389(para)
7057
#: serverguide/C/virtualization.xml:2057(command)
7058
msgid ""
7059
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node01 1>> "
7060
"/etc/ssh/ssh_known_hosts\""
7061
msgstr ""
7062
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node01 1>> "
7063
"/etc/ssh/ssh_known_hosts\""
7064
7065
#: serverguide/C/virtualization.xml:2058(command)
7066
msgid ""
7067
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node02 1>> "
7068
"/etc/ssh/ssh_known_hosts\""
7069
msgstr ""
7070
"sudo sh -c \"ssh-keygen -f .ssh/known_hosts -F node02 1>> "
7071
"/etc/ssh/ssh_known_hosts\""
7072
7073
#: serverguide/C/virtualization.xml:2062(para)
6402
7074
msgid ""
6403
7075
"Replace <emphasis>node01</emphasis> and <emphasis>node02</emphasis> with the "
6404
7076
"appropriate host names."
6405
7077
msgstr "使用适当的主机名来替换<emphasis>node01</emphasis>和<emphasis>node02</emphasis>。"
6406
7078
6407
#: serverguide/C/virtualization.xml:1394(para)
7079
#: serverguide/C/virtualization.xml:2067(para)
6408
7080
msgid ""
6409
7081
"This allows the <emphasis>oneadmin</emphasis> to use "
6410
7082
"<application>scp</application>, without a password or manual intervention, "
6413
7085
"这样就允许<emphasis>oneadmin</emphasis>来使用<application>scp</application>去部署一个映像到计算"
6414
7086
"节点上,而不需要一个密码或者人工干涉。"
6415
7087
6416
#: serverguide/C/virtualization.xml:1399(para)
7088
#: serverguide/C/virtualization.xml:2072(para)
6417
7089
msgid ""
6418
7090
"On the Front-End create a directory to store the VM images, giving the "
6419
7091
"<emphasis>oneadmin</emphasis> user access to the directory:"
6420
7092
msgstr ""
6421
7093
"在Front-End上创建一个文件夹来保存虚拟机映像,给予用户<emphasis>oneadmin</emphasis>这个文件夹的读取权限。"
6422
7094
6423
#: serverguide/C/virtualization.xml:1404(command)
7095
#: serverguide/C/virtualization.xml:2077(command)
6424
7096
msgid "sudo mkdir /var/lib/one/images"
6425
7097
msgstr "sudo mkdir /var/lib/one/images"
6426
7098
6427
#: serverguide/C/virtualization.xml:1405(command)
7099
#: serverguide/C/virtualization.xml:2078(command)
6428
7100
msgid "sudo chown oneadmin /var/lib/one/images/"
6429
7101
msgstr "sudo chown oneadmin /var/lib/one/images/"
6430
7102
6431
#: serverguide/C/virtualization.xml:1408(para)
7103
#: serverguide/C/virtualization.xml:2081(para)
6432
7104
msgid ""
6433
7105
"Finally, copy a virtual machine disk file into "
6434
7106
"<filename>/var/lib/one/images</filename>. You can create an Ubuntu virtual "
6439
7111
"mbuilder</application>来生成一个Ubuntu虚拟机镜像,更多细节,请参阅<xref linkend=\"jeos-and-"
6440
7112
"vmbuilder\"/>"
6441
7113
6442
#: serverguide/C/virtualization.xml:1417(para)
7114
#: serverguide/C/virtualization.xml:2090(para)
6443
7115
msgid ""
6444
7116
"The <emphasis>OpenNebula Cluster</emphasis> is now ready to be configured, "
6445
7117
"and virtual machines added to the cluster."
6446
7118
msgstr "<emphasis>OpenNebula簇</emphasis>已经可以被配置,虚拟机也被加入到了簇中。"
6447
7119
6448
#: serverguide/C/virtualization.xml:1421(para)
7120
#: serverguide/C/virtualization.xml:2094(para)
6449
7121
msgid "From a terminal prompt enter:"
6450
7122
msgstr "在一个终端提示中输入:"
6451
7123
6452
#: serverguide/C/virtualization.xml:1426(command)
7124
#: serverguide/C/virtualization.xml:2099(command)
6453
7125
msgid "onehost create node01 im_kvm vmm_kvm tm_ssh"
6454
7126
msgstr "onehost create node01 im_kvm vmm_kvm tm_ssh"
6455
7127
6456
#: serverguide/C/virtualization.xml:1427(command)
7128
#: serverguide/C/virtualization.xml:2100(command)
6457
7129
msgid "onehost create node02 im_kvm vmm_kvm tm_ssh"
6458
7130
msgstr "onehost create node02 im_kvm vmm_kvm tm_ssh"
6459
7131
6460
#: serverguide/C/virtualization.xml:1430(para)
7132
#: serverguide/C/virtualization.xml:2103(para)
6461
7133
msgid ""
6462
7134
"Next, create a <emphasis>Virtual Network</emphasis> template file named "
6463
7135
"<filename>vnet01.template</filename>:"
6464
7136
msgstr ""
6465
7137
"接下来,创建一个叫做<filename>vnet01.template</filename>的<emphasis>虚拟网络</emphasis>模板文件:"
6466
7138
6467
#: serverguide/C/virtualization.xml:1434(programlisting)
7139
#: serverguide/C/virtualization.xml:2107(programlisting)
6468
7140
#, no-wrap
6469
7141
msgid ""
6470
7142
"\n"
6481
7153
"NETWORK_SIZE = C\n"
6482
7154
"NETWORK_ADDRESS = 192.168.0.0\n"
6483
7155
6484
#: serverguide/C/virtualization.xml:1443(para)
7156
#: serverguide/C/virtualization.xml:2116(para)
6485
7157
msgid ""
6486
7158
"Be sure to change <emphasis>192.168.0.0</emphasis> to your local network."
6487
7159
msgstr "确保把本地网络修改成<emphasis>192.168.0.0</emphasis>"
6488
7160
6489
#: serverguide/C/virtualization.xml:1448(para)
7161
#: serverguide/C/virtualization.xml:2121(para)
6490
7162
msgid ""
6491
7163
"Using the <application>onevnet</application> utility, add the virtual "
6492
7164
"network to OpenNebula:"
6493
7165
msgstr "使用<application>onevnet</application>工具来把一个虚拟网络添加到OpenNebula"
6494
7166
6495
#: serverguide/C/virtualization.xml:1453(command)
7167
#: serverguide/C/virtualization.xml:2126(command)
6496
7168
msgid "onevnet create vnet01.template"
6497
7169
msgstr "onevnet create vnet01.template"
6498
7170
6499
#: serverguide/C/virtualization.xml:1456(para)
7171
#: serverguide/C/virtualization.xml:2129(para)
6500
7172
msgid ""
6501
7173
"Now create a <emphasis>VM Template</emphasis> file named "
6502
7174
"<filename>vm01.template</filename>:"
6504
7176
"现在创建一个叫做<filename>vm01.template</filename>的<emphasis>VM "
6505
7177
"Template</emphasis>文件。"
6506
7178
6507
#: serverguide/C/virtualization.xml:1460(programlisting)
7179
#: serverguide/C/virtualization.xml:2133(programlisting)
6508
7180
#, no-wrap
6509
7181
msgid ""
6510
7182
"\n"
6539
7211
"\n"
6540
7212
"GRAPHICS = [type=\"vnc\",listen=\"127.0.0.1\",port=\"-1\"]\n"
6541
7213
6542
#: serverguide/C/virtualization.xml:1477(para)
7214
#: serverguide/C/virtualization.xml:2150(para)
6543
7215
msgid "Start the virtual machine using <application>onevm</application>:"
6544
7216
msgstr "使用<application>onevm</application>来开始虚拟机。"
6545
7217
6546
#: serverguide/C/virtualization.xml:1482(command)
7218
#: serverguide/C/virtualization.xml:2155(command)
6547
7219
msgid "onevm submit vm01.template"
6548
7220
msgstr "onevm submit vm01.template"
6549
7221
6550
#: serverguide/C/virtualization.xml:1485(para)
7222
#: serverguide/C/virtualization.xml:2158(para)
6551
7223
msgid ""
6552
7224
"Use the <application>onevm list</application> option to view information "
6553
7225
"about virtual machines. Also, the <application>onevm show vm01</application> "
6556
7228
"使用<application>onevm list</application>选项来查看关于虚拟机的信息。同样<application>onevm "
6557
7229
"show vm01</application>选项会显示某个特定虚拟机的信息。"
6558
7230
6559
#: serverguide/C/virtualization.xml:1496(para)
7231
#: serverguide/C/virtualization.xml:2169(para)
6560
7232
msgid ""
6561
7233
"See the <ulink "
6562
7234
"url=\"http://www.opennebula.org/doku.php?id=start\">OpenNebula website</ulink"
6566
7238
"url=\"http://www.opennebula.org/doku.php?id=start\">OpenNebula website</ulink"
6567
7239
">。"
6568
7240
6569
#: serverguide/C/virtualization.xml:1501(para)
7241
#: serverguide/C/virtualization.xml:2174(para)
6570
7242
msgid ""
6571
7243
"You can also find help in the <emphasis>#ubuntu-virt</emphasis> and "
6572
7244
"<emphasis>#ubuntu-server</emphasis> IRC channels on <ulink "
6575
7247
"您同样可以在<ulink url=\"http://freenode.net\">Freenode</ulink>的<emphasis>#ubuntu-"
6576
7248
"virt</emphasis>和<emphasis>#ubuntu-server</emphasis>的IRC频道得到帮助。"
6577
7249
7250
#: serverguide/C/virtualization.xml:2180(para)
7251
msgid ""
7252
"Also, the <ulink "
7253
"url=\"https://help.ubuntu.com/community/OpenNebula\">OpenNebula Ubuntu "
7254
"Wiki</ulink> page has more details."
7255
msgstr ""
7256
6578
7257
#: serverguide/C/vcs.xml:13(title)
6579
7258
msgid "Version Control System"
6580
7259
msgstr "版本控制系统"
6874
7553
#: serverguide/C/vcs.xml:206(para)
6875
7554
msgid ""
6876
7555
"To access the Subversion repository via WebDAV protocol, you must configure "
6877
"your Apache 2 web server. You must add the following snippet in your "
6878
"<filename>/etc/apache2/apache2.conf</filename> file:"
7556
"your Apache 2 web server. Add the following snippet between the "
7557
"<emphasis><VirtualHost></emphasis> and "
7558
"<emphasis></VirtualHost></emphasis> elements in "
7559
"<filename>/etc/apache2/sites-available/default</filename>, or another "
7560
"VirtualHost file:"
6879
7561
msgstr ""
6880
"要通过 WebDAV 协议访问 Subversion,您必须配置您的 Apache2 web 服务器。您必须在您的 "
6881
"<filename>/etc/apache2/apache2.conf</filename> 文件中添加下面一小段:"
6882
7562
6883
#: serverguide/C/vcs.xml:208(programlisting)
7563
#: serverguide/C/vcs.xml:212(programlisting)
6884
7564
#, no-wrap
6885
7565
msgid ""
6886
7566
"\n"
6887
7567
" <Location /svn>\n"
6888
7568
" DAV svn\n"
6889
" SVNParentPath /home/svn\n"
7569
" SVNPath /home/svn\n"
6890
7570
" AuthType Basic\n"
6891
7571
" AuthName \"Your repository name\"\n"
6892
7572
" AuthUserFile /etc/subversion/passwd\n"
6894
7574
" </Location> \n"
6895
7575
msgstr ""
6896
7576
6897
#: serverguide/C/vcs.xml:219(para)
7577
#: serverguide/C/vcs.xml:223(para)
6898
7578
msgid ""
6899
7579
"The above configuration snippet assumes that Subversion repositories are "
6900
7580
"created under <filename>/home/svn/</filename> directory using "
6901
7581
"<command>svnadmin</command> command. They can be accessible using "
6902
"<command>htpp://hostname/svn/repos_name</command> url."
7582
"<command>http://hostname/svn/repos_name</command> url."
6903
7583
msgstr ""
6904
"上面的配置片段中,假设用命令<command>svnadmin</command>来把Subversion库创建到目录<filename>/home/sv"
6905
"n/</filename>下. 然后就可以用地址http://hostname/svn/repos_name</command>来访问."
6906
7584
6907
#: serverguide/C/vcs.xml:225(para)
7585
#: serverguide/C/vcs.xml:229(para)
6908
7586
msgid ""
6909
7587
"To import or commit files to your Subversion repository over HTTP, the "
6910
7588
"repository should be owned by the HTTP user. In Ubuntu systems, normally the "
6914
7592
"要通过HTTP导出或提交你的版本库,库必须由HTTP用户拥有。 在UBUNTU系统里,通常HTTP用户就是<command>www-"
6915
7593
"data</command>。 要修改库文件的所有者,可以从终端命令提示符下输入以下命令:"
6916
7594
6917
#: serverguide/C/vcs.xml:234(command)
7595
#: serverguide/C/vcs.xml:238(command)
6918
7596
msgid "sudo chown -R www-data:www-data /path/to/repos"
6919
7597
msgstr "sudo chown -R www-data:www-data /path/to/repos"
6920
7598
6921
#: serverguide/C/vcs.xml:237(para)
7599
#: serverguide/C/vcs.xml:241(para)
6922
7600
msgid ""
6923
7601
"By changing the ownership of repository as <command>www-data</command> you "
6924
7602
"will not be able to import or commit files into the repository by running "
6928
7606
"将版本库的所有者修改为<command>www-data</command>后,你不能用除<command>www-"
6929
7607
"data</command>以外的用户运行<command>svn import file:///</command>命令来导出或提交文件。"
6930
7608
6931
#: serverguide/C/vcs.xml:246(para)
7609
#: serverguide/C/vcs.xml:250(para)
6932
7610
msgid ""
6933
7611
"Next, you must create the <filename>/etc/subversion/passwd</filename> file "
6934
7612
"that will contain user authentication details. To create a file issue the "
6938
7616
"然后, 你必须创建文件<filename>/etc/subversion/passwd</filename>来存放用户验证的详细信息. "
6939
7617
"在命令提示符后面输入下面的命令:"
6940
7618
6941
#: serverguide/C/vcs.xml:252(command)
7619
#: serverguide/C/vcs.xml:256(command)
6942
7620
msgid "sudo htpasswd -c /etc/subversion/passwd user_name"
6943
7621
msgstr "sudo htpasswd -c /etc/subversion/passwd user_name"
6944
7622
6945
#: serverguide/C/vcs.xml:255(para)
7623
#: serverguide/C/vcs.xml:259(para)
6946
7624
msgid ""
6947
7625
"To add additional users omit the <emphasis>\"-c\"</emphasis> option as this "
6948
7626
"option replaces the old file. Instead use this form:"
6949
7627
msgstr ""
6950
7628
"添加附加的用户时请省略<emphasis>\"-c\"</emphasis>选项,因为这个选项将用来替换旧的文件。应该使用这个形式来代替:"
6951
7629
6952
#: serverguide/C/vcs.xml:260(command)
7630
#: serverguide/C/vcs.xml:264(command)
6953
7631
msgid "sudo htpasswd /etc/subversion/password user_name"
6954
7632
msgstr "sudo htpasswd /etc/subversion/password user_name"
6955
7633
6956
#: serverguide/C/vcs.xml:264(para)
7634
#: serverguide/C/vcs.xml:268(para)
6957
7635
msgid ""
6958
7636
"This command will prompt you to enter the password. Once you enter the "
6959
7637
"password, the user is added. Now, to access the repository you can run the "
6960
7638
"following command:"
6961
7639
msgstr "该命令将提示您输入密码。一旦您输入密码。该用户将被添加。现在您可以运行下列命令来访问库:"
6962
7640
6963
#: serverguide/C/vcs.xml:265(command)
7641
#: serverguide/C/vcs.xml:269(command)
6964
7642
msgid "svn co http://servername/svn"
6965
7643
msgstr "svn co http://servername/svn"
6966
7644
6967
#: serverguide/C/vcs.xml:267(para)
7645
#: serverguide/C/vcs.xml:271(para)
6968
7646
msgid ""
6969
7647
"The password is transmitted as plain text. If you are worried about password "
6970
7648
"snooping, you are advised to use SSL encryption. For details, please refer "
6971
7649
"next section."
6972
7650
msgstr "该密码是以纯文本传输的。如果您担心密码被截取,建议您使用 SSL 加密。相关细节,请参考下一章节。"
6973
7651
6974
#: serverguide/C/vcs.xml:273(title)
7652
#: serverguide/C/vcs.xml:277(title)
6975
7653
msgid "Access via WebDAV protocol with SSL encryption (https://)"
6976
7654
msgstr "通过带有 SSL 加密的 WebDAV 协议来访问 (https://)"
6977
7655
6978
#: serverguide/C/vcs.xml:274(para)
7656
#: serverguide/C/vcs.xml:278(para)
6979
7657
msgid ""
6980
7658
"Accessing Subversion repository via WebDAV protocol with SSL encryption "
6981
7659
"(https://) is similar to http:// except that you must install and configure "
6991
7669
"ssl</filename>文件添加以上Apache2配置来使用带有SSL的Subversion。关于配置Apache2 SSL的更多信息请看<xref "
6992
7670
"linkend=\"https-configuration\"/>。"
6993
7671
6994
#: serverguide/C/vcs.xml:283(para)
7672
#: serverguide/C/vcs.xml:287(para)
6995
7673
msgid ""
6996
7674
"You can install a digital certificate issued by a signing authority. "
6997
7675
"Alternatively, you can install your own self-signed certificate."
6998
7676
msgstr "您可以安装一个权威机构发行的数字证书。当然,您也可以安装一个自定义的证书。"
6999
7677
7000
#: serverguide/C/vcs.xml:288(para)
7678
#: serverguide/C/vcs.xml:292(para)
7001
7679
msgid ""
7002
7680
"This step assumes you have installed and configured a digital certificate in "
7003
7681
"your Apache 2 web server. Now, to access the Subversion repository, please "
7007
7685
"这一步假设您已经在您的 Apache2 web 服务器中安装和配置了数字证书。现在要访问 Subversion "
7008
7686
"库,请参考上一章节!除了所用协议之外访问方式完全相同。您必须使用 https:// 来访问 Subversion 库。"
7009
7687
7010
#: serverguide/C/vcs.xml:298(title)
7688
#: serverguide/C/vcs.xml:302(title)
7011
7689
msgid "Access via custom protocol (svn://)"
7012
7690
msgstr "通过自身协议访问 (svn://)"
7013
7691
7014
#: serverguide/C/vcs.xml:299(para)
7692
#: serverguide/C/vcs.xml:303(para)
7015
7693
msgid ""
7016
7694
"Once the Subversion repository is created, you can configure the access "
7017
7695
"control. You can edit the <filename> "
7023
7701
"/path/to/repos/project/conf/svnserve.conf</filename> "
7024
7702
"文件来配置访问控制了。例如,要设置认证,您可以在配置文件中反注释下列行:"
7025
7703
7026
#: serverguide/C/vcs.xml:306(programlisting)
7704
#: serverguide/C/vcs.xml:310(programlisting)
7027
7705
#, no-wrap
7028
7706
msgid ""
7029
7707
"# [general]\n"
7032
7710
"# [general]\n"
7033
7711
"# password-db = passwd"
7034
7712
7035
#: serverguide/C/vcs.xml:309(para)
7713
#: serverguide/C/vcs.xml:313(para)
7036
7714
msgid ""
7037
7715
"After uncommenting the above lines, you can maintain the user list in the "
7038
7716
"passwd file. So, edit the file <filename>passwd </filename> in the same "
7041
7719
"在反注释上面几行之后,您可以在 passwd 文件中维护用户列表。因此编辑同一目录中的文件 <filename>passwd "
7042
7720
"</filename>并添加新用户。其语法如下:"
7043
7721
7044
#: serverguide/C/vcs.xml:315(programlisting)
7722
#: serverguide/C/vcs.xml:319(programlisting)
7045
7723
#, no-wrap
7046
7724
msgid "username = password"
7047
7725
msgstr "username = password"
7048
7726
7049
#: serverguide/C/vcs.xml:316(para)
7727
#: serverguide/C/vcs.xml:320(para)
7050
7728
msgid "For more details, please refer to the file."
7051
7729
msgstr "更多细节,请参考该文件。"
7052
7730
7053
#: serverguide/C/vcs.xml:320(para)
7731
#: serverguide/C/vcs.xml:324(para)
7054
7732
msgid ""
7055
7733
"Now, to access Subversion via the svn:// custom protocol, either from the "
7056
7734
"same machine or a different machine, you can run svnserver using svnserve "
7058
7736
msgstr ""
7059
7737
"现在要从本机或不同机器通过 svn:// 自身协议来访问 Subversion,您可以使用 svnserve 命令来运行 svnserver。其语法如下:"
7060
7738
7061
#: serverguide/C/vcs.xml:325(programlisting)
7739
#: serverguide/C/vcs.xml:329(programlisting)
7062
7740
#, no-wrap
7063
7741
msgid ""
7064
7742
"$ svnserve -d --foreground -r /path/to/repos\n"
7077
7755
"For more usage details, please refer to:\n"
7078
7756
"$ svnserve --help"
7079
7757
7080
#: serverguide/C/vcs.xml:333(para)
7758
#: serverguide/C/vcs.xml:337(para)
7081
7759
msgid ""
7082
7760
"Once you run this command, Subversion starts listening on default port "
7083
7761
"(3690). To access the project repository, you must run the following command "
7084
7762
"from a terminal prompt:"
7085
7763
msgstr "一旦您运行该命令,将启动 Subversion 并在缺省端口 (3690) 监听。要访问项目库,您必须在终端提示符后运行下列命令:"
7086
7764
7087
#: serverguide/C/vcs.xml:336(command)
7765
#: serverguide/C/vcs.xml:340(command)
7088
7766
msgid "svn co svn://hostname/project project --username user_name"
7089
7767
msgstr "svn co svn://hostname/project project --username user_name"
7090
7768
7091
#: serverguide/C/vcs.xml:339(para)
7769
#: serverguide/C/vcs.xml:343(para)
7092
7770
msgid ""
7093
7771
"Based on server configuration, it prompts for password. Once you are "
7094
7772
"authenticated, it checks out the code from Subversion repository. To "
7099
7777
"根据服务器的配置,出现密码提示。一旦您认证通过,将从 Subversion 库检出代码。要让本地副本同步项目库,您可以运行 "
7100
7778
"<command>update</command> 子命令。在终端提示符后的命令语法如下所示:"
7101
7779
7102
#: serverguide/C/vcs.xml:347(command)
7780
#: serverguide/C/vcs.xml:351(command)
7103
7781
msgid "cd project_dir ; svn update"
7104
7782
msgstr "cd project_dir ; svn update"
7105
7783
7106
#: serverguide/C/vcs.xml:350(para)
7784
#: serverguide/C/vcs.xml:354(para)
7107
7785
msgid ""
7108
7786
"For more details about using each Subversion sub-command, you can refer to "
7109
7787
"the manual. For example, to learn more about the co (checkout) command, "
7111
7789
msgstr ""
7112
7790
"关于 Subversion 子命令的更多细节,您可以参考手册。如为了学到关于 co (checkout) 命令的细节,请在终端提示符后运行下列命令:"
7113
7791
7114
#: serverguide/C/vcs.xml:354(command)
7792
#: serverguide/C/vcs.xml:358(command)
7115
7793
msgid "svn co help"
7116
7794
msgstr "svn co help"
7117
7795
7118
#: serverguide/C/vcs.xml:358(title)
7796
#: serverguide/C/vcs.xml:362(title)
7119
7797
msgid "Access via custom protocol with SSL encryption (svn+ssh://)"
7120
7798
msgstr "通过带有 SSL 加密的自身协议 (svn+ssh://) 访问"
7121
7799
7122
#: serverguide/C/vcs.xml:359(para)
7800
#: serverguide/C/vcs.xml:363(para)
7123
7801
msgid ""
7124
7802
"The configuration and server process is same as in the svn:// method. For "
7125
7803
"details, please refer to the above section. This step assumes you have "
7129
7807
"配置和服务器处理与用 svn:// 方式是相同的。详情请参考上面的章节。这一步假定您已经完成了上面的步骤并用 "
7130
7808
"<application>svnserve</application> 命令启动了 Subversion 服务器。"
7131
7809
7132
#: serverguide/C/vcs.xml:365(para)
7810
#: serverguide/C/vcs.xml:369(para)
7133
7811
msgid ""
7134
7812
"It is also assumed that the ssh server is running on that machine and that "
7135
7813
"it is allowing incoming connections. To confirm, please try to login to that "
7138
7816
msgstr ""
7139
7817
"它也假定 ssh 服务器已经在该机上运行并允许连接。为了确认,请尝试使用 ssh 登录该机器。如果您可以登录,一切就绪。如果不能登录,请在继续之前解决它。"
7140
7818
7141
#: serverguide/C/vcs.xml:371(para)
7819
#: serverguide/C/vcs.xml:375(para)
7142
7820
msgid ""
7143
7821
"The svn+ssh:// protocol is used to access the Subversion repository using "
7144
7822
"SSL encryption. The data transfer is encrypted using this method. To access "
7148
7826
"svn+ssh:// 协议使用 SSL 加密来访问 Subversion 库。使用这种方式进行的数据传输是加密的。要访问项目库 (如 "
7149
7827
"checkout),您必须使用下面的命令语法:"
7150
7828
7151
#: serverguide/C/vcs.xml:378(command)
7829
#: serverguide/C/vcs.xml:382(command)
7152
7830
msgid "svn co svn+ssh://hostname/var/svn/repos/project"
7153
7831
msgstr "svn co svn+ssh://hostname/var/svn/repos/project"
7154
7832
7155
#: serverguide/C/vcs.xml:382(para)
7833
#: serverguide/C/vcs.xml:386(para)
7156
7834
msgid ""
7157
7835
"You must use the full path (/path/to/repos/project) to access the Subversion "
7158
7836
"repository using this access method."
7159
7837
msgstr "使用这种访问方式您必须使用全路径 (/path/to/repos/project) 来访问 Subversion 库。"
7160
7838
7161
#: serverguide/C/vcs.xml:385(para)
7839
#: serverguide/C/vcs.xml:389(para)
7162
7840
msgid ""
7163
7841
"Based on server configuration, it prompts for password. You must enter the "
7164
7842
"password you use to login via ssh. Once you are authenticated, it checks out "
7166
7844
msgstr ""
7167
7845
"根据服务器配置,它将提示输入密码。在使用 ssh 登录时您必须输入密码。一旦您被认证通过之后,它将从 Subversion 库中检出代码。"
7168
7846
7169
#: serverguide/C/vcs.xml:396(title)
7847
#: serverguide/C/vcs.xml:399(title)
7170
7848
msgid "CVS Server"
7171
7849
msgstr "CVS 服务器"
7172
7850
7173
#: serverguide/C/vcs.xml:397(para)
7851
#: serverguide/C/vcs.xml:400(para)
7174
7852
msgid ""
7175
7853
"CVS is a version control system. You can use it to record the history of "
7176
7854
"source files."
7177
7855
msgstr "CVS 是一个版本控制系统。您可以使用它来记录源文件的历史。"
7178
7856
7179
#: serverguide/C/vcs.xml:403(para)
7857
#: serverguide/C/vcs.xml:406(para)
7180
7858
msgid ""
7181
7859
"To install <application>CVS</application>, run the following command from a "
7182
7860
"terminal prompt: <screen>\n"
7196
7874
"<command>sudo apt-get install xinetd</command>\n"
7197
7875
"</screen>"
7198
7876
7199
#: serverguide/C/vcs.xml:436(programlisting)
7877
#: serverguide/C/vcs.xml:439(programlisting)
7200
7878
#, no-wrap
7201
7879
msgid ""
7202
7880
"\n"
7227
7905
" disable = no\n"
7228
7906
"}\n"
7229
7907
7230
#: serverguide/C/vcs.xml:452(para)
7908
#: serverguide/C/vcs.xml:455(para)
7231
7909
msgid ""
7232
7910
"Be sure to edit the repository if you have changed the default repository "
7233
7911
"(<application>/var/lib/cvs</application>) directory."
7234
7912
msgstr "如果你改变缺省的库目录 (<application>/var/lib/cvs</application>) 那么您必须要编辑库。"
7235
7913
7236
#: serverguide/C/vcs.xml:421(para)
7914
#: serverguide/C/vcs.xml:424(para)
7237
7915
msgid ""
7238
7916
"Once you install cvs, the repository will be automatically initialized. By "
7239
7917
"default, the repository resides under the "
7259
7937
"<command>sudo /etc/init.d/xinetd restart</command>\n"
7260
7938
"</screen>"
7261
7939
7262
#: serverguide/C/vcs.xml:465(para)
7940
#: serverguide/C/vcs.xml:468(para)
7263
7941
msgid ""
7264
7942
"You can confirm that the CVS server is running by issuing the following "
7265
7943
"command:"
7266
7944
msgstr "您可以执行以下命令来确定 CVS 服务器正在运行:"
7267
7945
7268
#: serverguide/C/vcs.xml:472(command)
7946
#: serverguide/C/vcs.xml:475(command)
7269
7947
msgid "sudo netstat -tap | grep cvs"
7270
7948
msgstr "sudo netstat -tap | grep cvs"
7271
7949
7272
#: serverguide/C/vcs.xml:476(para) serverguide/C/databases.xml:65(para)
7950
#: serverguide/C/vcs.xml:479(para) serverguide/C/databases.xml:65(para)
7273
7951
msgid ""
7274
7952
"When you run this command, you should see the following line or something "
7275
7953
"similar:"
7276
7954
msgstr "当您运行该命令时,您可以看到类似下面的行:"
7277
7955
7278
#: serverguide/C/vcs.xml:481(programlisting)
7956
#: serverguide/C/vcs.xml:484(programlisting)
7279
7957
#, no-wrap
7280
7958
msgid ""
7281
7959
"\n"
7284
7962
"\n"
7285
7963
"tcp 0 0 *:cvspserver *:* LISTEN \n"
7286
7964
7287
#: serverguide/C/vcs.xml:485(para)
7965
#: serverguide/C/vcs.xml:488(para)
7288
7966
msgid ""
7289
7967
"From here you can continue to add users, add new projects, and manage the "
7290
7968
"CVS server."
7291
7969
msgstr "在这里您可以继续添加用户,添加新的项目以及管理 CVS 服务器"
7292
7970
7293
#: serverguide/C/vcs.xml:490(para)
7971
#: serverguide/C/vcs.xml:493(para)
7294
7972
msgid ""
7295
7973
"CVS allows the user to add users independently of the underlying OS "
7296
7974
"installation. Probably the easiest way is to use the Linux Users for CVS, "
7299
7977
msgstr ""
7300
7978
"CVS 允许用户添加独立于 OS 安装的用户。也许最容易的方式就是让 CVS 使用 Linux 的用户,虽然它有潜在的安全隐患。详细请参考 CVS 手册。"
7301
7979
7302
#: serverguide/C/vcs.xml:500(title)
7980
#: serverguide/C/vcs.xml:503(title)
7303
7981
msgid "Add Projects"
7304
7982
msgstr "添加项目"
7305
7983
7306
#: serverguide/C/vcs.xml:512(para)
7984
#: serverguide/C/vcs.xml:515(para)
7307
7985
msgid ""
7308
7986
"You can use the CVSROOT environment variable to store the CVS root "
7309
7987
"directory. Once you export the CVSROOT environment variable, you can avoid "
7310
7988
"using -d option in the above cvs command."
7311
7989
msgstr "你可以使用CVSROOT环境变量来储存CVS的根目录。你输出CVSROOT环境变量后,在上面的命令里就可以不使用-d这个选项。"
7312
7990
7313
#: serverguide/C/vcs.xml:524(para)
7991
#: serverguide/C/vcs.xml:527(para)
7314
7992
msgid ""
7315
7993
"When you add a new project, the CVS user you use must have write access to "
7316
7994
"the CVS repository (<application>/var/lib/cvs</application>). By default, "
7322
8000
"有写权限。缺省状态下,<application>src</application> 组有对 CVS "
7323
8001
"库的写权限,因此,您可以添加用户到该组,然后就该用户就可以在 CVS 库中添加和管理项目了。"
7324
8002
7325
#: serverguide/C/vcs.xml:501(para)
8003
#: serverguide/C/vcs.xml:504(para)
7326
8004
msgid ""
7327
8005
"This section explains how to add new project to the CVS repository. Create "
7328
8006
"the directory and add necessary document and source files to the directory. "
7344
8022
"<emphasis>start</emphasis> 是一个发行版标签。 "
7345
8023
"它们在这里并没有什么用,但是因为CVS需要它们,所以这里必须出现。<placeholder-2/>"
7346
8024
7347
#: serverguide/C/vcs.xml:537(ulink)
8025
#: serverguide/C/vcs.xml:540(ulink)
7348
8026
msgid "Bazaar Home Page"
7349
8027
msgstr "Bazaar主页"
7350
8028
7351
#: serverguide/C/vcs.xml:538(ulink)
8029
#: serverguide/C/vcs.xml:541(ulink)
7352
8030
msgid "Launchpad"
7353
8031
msgstr "Launchpad"
7354
8032
7355
#: serverguide/C/vcs.xml:539(ulink)
8033
#: serverguide/C/vcs.xml:542(ulink)
7356
8034
msgid "Subversion Home Page"
7357
8035
msgstr "Subversion 主页"
7358
8036
7359
#: serverguide/C/vcs.xml:540(ulink)
8037
#: serverguide/C/vcs.xml:543(ulink)
7360
8038
msgid "Subversion Book"
7361
8039
msgstr "Subversion 书 (使用Subversion进行版本控制)"
7362
8040
7363
#: serverguide/C/vcs.xml:542(ulink)
8041
#: serverguide/C/vcs.xml:545(ulink)
7364
8042
msgid "CVS Manual"
7365
8043
msgstr "CVS 手册"
7366
8044
8045
#: serverguide/C/vcs.xml:546(ulink)
8046
msgid "Easy Bazaar Ubuntu Wiki page"
8047
msgstr ""
8048
8049
#: serverguide/C/vcs.xml:547(ulink)
8050
msgid "Ubuntu Wiki Subversion page"
8051
msgstr ""
8052
7367
8053
#: serverguide/C/serverguide.xml:3(title) serverguide/C/bookinfo.xml:3(title)
7368
8054
msgid "Credits and License"
7369
8055
msgstr "贡献者与授权许可"
7449
8135
#: serverguide/C/security.xml:17(para)
7450
8136
msgid ""
7451
8137
"This chapter provides an overview of security related topics as they pertain "
7452
"to Ubuntu 9.10 Server Edition, and outlines simple measures you may use to "
7453
"protect your server and network from any number of potential security "
8138
"to Ubuntu 10.04 LTS Server Edition, and outlines simple measures you may use "
8139
"to protect your server and network from any number of potential security "
7454
8140
"threats."
7455
msgstr "本章提供了有关Ubuntu 9.10服务器版本安全相关话题的概述,并概要的介绍了一些用来保护你的服务器和网络不受潜在安全威胁的简单措施。"
8141
msgstr ""
7456
8142
7457
8143
#: serverguide/C/security.xml:21(title)
7458
8144
msgid "User Management"
8088
8774
"To disable the reboot action taken by pressing the "
8089
8775
"<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap></k"
8090
8776
"eycombo> key combination, comment out the following line in the file "
8091
"<filename>/etc/event.d/control-alt-delete</filename>."
8777
"<filename>/etc/init/control-alt-delete.conf</filename>."
8092
8778
msgstr ""
8093
"要想禁用<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap"
8094
"></keycombo> 热键组合重启机器,将<filename>/etc/event.d/control-alt-"
8095
"delete</filename>中的如下一行注释掉."
8096
8779
8097
8780
#: serverguide/C/security.xml:343(programlisting)
8098
8781
#, no-wrap
8099
8782
msgid ""
8100
8783
"\n"
8101
"#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
8102
msgstr ""
8103
"\n"
8104
"#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
8105
8106
#: serverguide/C/security.xml:350(title)
8107
msgid "GRUB Password Security"
8108
msgstr "GRUB 密码安全性"
8109
8110
#: serverguide/C/security.xml:351(para)
8111
msgid ""
8112
"Ubuntu installs GNU GRUB as its default boot loader, which allows for great "
8113
"flexibility and recovery options. For example, when you install additional "
8114
"kernel images, these are automatically added as available boot options in "
8115
"the <application>grub</application> menu. Also, by default, alternate boot "
8116
"options are available for each kernel entry that may be used for system "
8117
"recovery, aptly labeled (recovery mode). Recovery mode simply boots the "
8118
"corresponding kernel image into single user mode (init 1), which lands the "
8119
"administrator at a root prompt without the need for any password."
8120
msgstr ""
8121
"Ubuntu使用GUN "
8122
"GRUB作为它的默认的启动装载器,它有很强的灵活性和很多修复选项。比如说说,当你安装了附加的内核镜像,它们将作为可选的启动项被自动地添加到<applica"
8123
"tion>grub</application>菜单。同时,默认情况下,文本启动选项对每个交替内核用于系统还原都适用,一般添加有标签(安全模式)。安全模式只"
8124
"是启动进入相应内核镜像的单用户模式(init 1),在这种情况下,管理员仅仅得到一个root提示,而不需要输入密码。"
8125
8126
#: serverguide/C/security.xml:354(para)
8127
msgid ""
8128
"Therefore, it is important to control who may edit the "
8129
"<application>grub</application> menu items which, would otherwise allow for "
8130
"someone to perform the following dangerous actions:"
8131
msgstr ""
8132
"所以,控制谁可能修改<application>grub</application>的菜单项是很重要的,否则就可能允许某些人进行以下危险的操作:"
8133
8134
#: serverguide/C/security.xml:359(para)
8135
msgid "Pass kernel options at boot up."
8136
msgstr "在启动时传递参数给内核。"
8137
8138
#: serverguide/C/security.xml:364(para)
8139
msgid "Boot the server into single user mode."
8140
msgstr "引导系统进入单用户模式"
8141
8142
#: serverguide/C/security.xml:369(para)
8143
msgid ""
8144
"You can prevent these actions by adding a password to GRUB's configuration "
8145
"file of <filename>/boot/grub/menu.lst</filename>, which will be required to "
8146
"unlock GRUB's more advanced features prior to use."
8147
msgstr ""
8148
"你可以通过给GRUB的配置文件<filename>/boot/grub/menu.list</filename>添加一个密码来防止这种现象,操作前会被要求"
8149
"解锁GRUB的高级特性。"
8150
8151
#: serverguide/C/security.xml:374(para)
8152
msgid ""
8153
"To add a password for use with <application>grub</application>, first you "
8154
"must generate an md5 password hash using the <application>grub-md5-"
8155
"crypt</application> utility:"
8156
msgstr ""
8157
"要给<application>grub</application>增加一个使用口令,首先你必须使用<application>grub-md5-"
8158
"crypt</application>工具产生一个md5口令。"
8159
8160
#: serverguide/C/security.xml:378(command)
8161
msgid "grub-md5-crypt"
8162
msgstr "grub-md5-crypt"
8163
8164
#: serverguide/C/security.xml:380(para)
8165
msgid ""
8166
"The command will ask you to enter a password and offer a resulting hash "
8167
"value as shown below:"
8168
msgstr "命令将请你输入一个口令并提供一个结果密码,如下所示:"
8169
8170
#: serverguide/C/security.xml:383(userinput)
8171
#, no-wrap
8172
msgid "(enter new password)"
8173
msgstr "(输入新的口令)"
8174
8175
#: serverguide/C/security.xml:384(userinput)
8176
#, no-wrap
8177
msgid "(repeat password)"
8178
msgstr "(重复密码)"
8179
8180
#: serverguide/C/security.xml:383(computeroutput)
8181
#, no-wrap
8182
msgid ""
8183
"Password: <placeholder-1/>\n"
8184
"Retype password: <placeholder-2/>\n"
8185
"$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
8186
msgstr ""
8187
"密码: <placeholder-1/>\n"
8188
"再输入一次密码: <placeholder-2/>\n"
8189
"$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
8190
8191
#: serverguide/C/security.xml:389(para)
8192
msgid ""
8193
"Add the resulting hash value to the file "
8194
"<filename>/boot/grub/menu.lst</filename> in the following format:"
8195
msgstr "以下面的这种格式添加哈希的结果到文件<filename>/boot/grub/menu.list</filename>:"
8196
8197
#: serverguide/C/security.xml:392(programlisting)
8198
#, no-wrap
8199
msgid "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
8200
msgstr "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
8201
8202
#: serverguide/C/security.xml:395(para)
8203
msgid ""
8204
"To require use of the password for entering single user mode, change the "
8205
"value of the <varname>lockalternative</varname> variable in the file "
8206
"<filename>/boot/grub/menu.lst</filename> to <varname>true</varname>, as "
8207
"shown in the following example."
8208
msgstr ""
8209
"需要使用进入单用户模式的密码时,将文件<filename>/boot/grub/menu.lst</filename>中的变量<varname>locka"
8210
"lternative</varname>值改成<varname>true</varname>,如下例所示。"
8211
8212
#: serverguide/C/security.xml:398(programlisting)
8213
#, no-wrap
8214
msgid "# lockalternative=true"
8215
msgstr "# lockalternative=true"
8216
8217
#: serverguide/C/security.xml:402(para)
8218
msgid ""
8219
"This does not prevent someone from booting the server from alternate media. "
8220
"A determined attacker would simply boot into an alternate environment, "
8221
"overwrite your master boot record, mount or copy your physical volumes, "
8222
"destroy your data, or anything else they can imagine. Please explore other "
8223
"countermeasures that may help you with these types of attacks."
8224
msgstr ""
8225
"这个并不能阻止用户通过其它媒介来启动服务器。刻意的攻击者会将服务器启动到其它环境下,覆写你的主启动记录(MBR),挂载或复制你的物理卷,毁坏你的数据,或其"
8226
"它任何他们能猜测到的东西。请探究其它对策以助你防御这些攻击。"
8227
8228
#: serverguide/C/security.xml:410(title)
8784
"#exec shutdown -r now \"Control-Alt-Delete pressed\"\n"
8785
msgstr ""
8786
8787
#: serverguide/C/security.xml:352(title)
8229
8788
msgid "Firewall"
8230
8789
msgstr "防火墙"
8231
8790
8232
#: serverguide/C/security.xml:413(para)
8791
#: serverguide/C/security.xml:355(para)
8233
8792
msgid ""
8234
8793
"The Linux kernel includes the <emphasis>Netfilter</emphasis> subsystem, "
8235
8794
"which is used to manipulate or decide the fate of network traffic headed "
8239
8798
"Linux 内核包括 <emphasis>Netfilter</emphasis> 子系统,用来处理或决定网络传输头部进入或穿过你的服务器,目前所有的 "
8240
8799
"Linux 防火墙都用该系统来做包过滤。"
8241
8800
8242
#: serverguide/C/security.xml:418(para)
8801
#: serverguide/C/security.xml:360(para)
8243
8802
msgid ""
8244
8803
"The kernel's packet filtering system would be of little use to "
8245
8804
"administrators without a userspace interface to manage it. This is the "
8253
8812
"的目的。当一个包到达您的服务器,它从用户态 (userspace) 通过 iptables 传给 Netfilter "
8254
8813
"子系统,然后基于提供的规则去接受、操作或拒绝。因此,如果你能熟悉它的话,那么 iptables 就是您管理您防火墙所需的全部。"
8255
8814
8256
#: serverguide/C/security.xml:428(title)
8815
#: serverguide/C/security.xml:370(title)
8257
8816
msgid "ufw - Uncomplicated Firewall"
8258
8817
msgstr "ufw - 不复杂的防火墙"
8259
8818
8260
#: serverguide/C/security.xml:429(para)
8819
#: serverguide/C/security.xml:371(para)
8261
8820
msgid ""
8262
8821
"The default firewall configuration tool for Ubuntu is "
8263
8822
"<application>ufw</application>. Developed to ease iptables firewall "
8267
8826
"Ubuntu默认的防火墙配置工具是<application>ufw</application>。为了使得iptables防火墙的配置轻松而开发的<appl"
8268
8827
"ication>ufw</application>为用户提供了一种友好的方式来创建基于主机的IPv4或IPv6防火墙。"
8269
8828
8270
#: serverguide/C/security.xml:433(para)
8829
#: serverguide/C/security.xml:375(para)
8271
8830
msgid ""
8272
8831
"<application>ufw</application> by default is initially disabled. From the "
8273
8832
"<application>ufw</application> man page:"
8275
8834
"默认情况下,<application>ufw</application>处于禁用状态. <application>ufw</application> "
8276
8835
"man页面讲到:"
8277
8836
8278
#: serverguide/C/security.xml:437(quote)
8837
#: serverguide/C/security.xml:379(quote)
8279
8838
msgid ""
8280
8839
"ufw is not intended to provide complete firewall functionality via its "
8281
8840
"command interface, but instead provides an easy way to add or remove simple "
8282
8841
"rules. It is currently mainly used for host-based firewalls."
8283
8842
msgstr "ufw并非意于通过其命令行界面提供完备的防火墙功能,而是为添加或删除简单规则提供了简易的方法。目前主要用于基于主机的防火墙。"
8284
8843
8285
#: serverguide/C/security.xml:441(para)
8844
#: serverguide/C/security.xml:383(para)
8286
8845
msgid ""
8287
8846
"The following are some examples of how to use <application>ufw</application>:"
8288
8847
msgstr "下面是几个关于如何使用<application>ufw</application>的例子:"
8289
8848
8290
#: serverguide/C/security.xml:446(para)
8849
#: serverguide/C/security.xml:388(para)
8291
8850
msgid ""
8292
8851
"First, <application>ufw</application> needs to be enabled. From a terminal "
8293
8852
"prompt enter:"
8294
8853
msgstr "首先,<application>ufw</application>要被激活。在终端里输入:"
8295
8854
8296
#: serverguide/C/security.xml:450(command)
8855
#: serverguide/C/security.xml:392(command)
8297
8856
msgid "sudo ufw enable"
8298
8857
msgstr "sudo ufw enable"
8299
8858
8300
#: serverguide/C/security.xml:454(para)
8859
#: serverguide/C/security.xml:396(para)
8301
8860
msgid "To open a port (ssh in this example):"
8302
8861
msgstr "打开一个通信端口(本例中是ssh):"
8303
8862
8304
#: serverguide/C/security.xml:458(command)
8863
#: serverguide/C/security.xml:400(command)
8305
8864
msgid "sudo ufw allow 22"
8306
8865
msgstr "sudo ufw allow 22"
8307
8866
8308
#: serverguide/C/security.xml:462(para)
8867
#: serverguide/C/security.xml:404(para)
8309
8868
msgid "Rules can also be added using a <emphasis>numbered</emphasis> format:"
8310
8869
msgstr "规则同样可以使用一个<emphasis>numbered</emphais>格式来添加:"
8311
8870
8312
#: serverguide/C/security.xml:466(command)
8871
#: serverguide/C/security.xml:408(command)
8313
8872
msgid "sudo ufw insert 1 allow 80"
8314
8873
msgstr "sudo ufw insert 1 allow 80"
8315
8874
8316
#: serverguide/C/security.xml:470(para)
8875
#: serverguide/C/security.xml:412(para)
8317
8876
msgid "Similarly, to close an opened port:"
8318
8877
msgstr "相应地,关闭一个打开的通信端口:"
8319
8878
8320
#: serverguide/C/security.xml:474(command)
8879
#: serverguide/C/security.xml:416(command)
8321
8880
msgid "sudo ufw deny 22"
8322
8881
msgstr "sudo ufw deny 22"
8323
8882
8324
#: serverguide/C/security.xml:478(para)
8883
#: serverguide/C/security.xml:420(para)
8325
8884
msgid "To remove a rule, use delete followed by the rule:"
8326
8885
msgstr "要删除一条规则,使用delete加上要删的规则:"
8327
8886
8328
#: serverguide/C/security.xml:482(command)
8887
#: serverguide/C/security.xml:424(command)
8329
8888
msgid "sudo ufw delete deny 22"
8330
8889
msgstr "sudo ufw delete deny 22"
8331
8890
8332
#: serverguide/C/security.xml:486(para)
8891
#: serverguide/C/security.xml:428(para)
8333
8892
msgid ""
8334
8893
"It is also possible to allow access from specific hosts or networks to a "
8335
8894
"port. The following example allows ssh access from host 192.168.0.2 to any "
8336
8895
"ip address on this host:"
8337
8896
msgstr "也可以允许从某些特定的主机或网络进入某通信口。下面的例子可用允许主机192.168.0.2通过ssh进入到本主机的任何ip地址:"
8338
8897
8339
#: serverguide/C/security.xml:491(command)
8898
#: serverguide/C/security.xml:433(command)
8340
8899
msgid "sudo ufw allow proto tcp from 192.168.0.2 to any port 22"
8341
8900
msgstr "sudo ufw allow proto tcp from 192.168.0.2 to any port 22"
8342
8901
8343
#: serverguide/C/security.xml:493(para)
8902
#: serverguide/C/security.xml:435(para)
8344
8903
msgid ""
8345
8904
"Replace 192.168.0.2 with 192.168.0.0/24 to allow ssh access from the entire "
8346
8905
"subnet."
8347
8906
msgstr "用192.168.0.0/24替换掉192.168.0.2就可以允许ssh到整个子网。"
8348
8907
8349
#: serverguide/C/security.xml:499(para)
8908
#: serverguide/C/security.xml:441(para)
8350
8909
msgid ""
8351
8910
"Adding the <emphasis>--dry-run</emphasis> option to a "
8352
8911
"<emphasis>ufw</emphasis> command will output the resulting rules, but not "
8356
8915
"在<emphasis>ufw</emphasis>命令中添加<emphasis>--dry-"
8357
8916
"run</emphasis>选项将输出结果规则,但并不添加它们。举例来说,下面是将在打开HTTP端口的时候添加的内容:"
8358
8917
8359
#: serverguide/C/security.xml:505(command)
8918
#: serverguide/C/security.xml:447(command)
8360
8919
msgid "sudo ufw --dry-run allow http"
8361
8920
msgstr "sudo ufw --dry-run allow http"
8362
8921
8363
#: serverguide/C/security.xml:509(computeroutput)
8922
#: serverguide/C/security.xml:451(computeroutput)
8364
8923
#, no-wrap
8365
8924
msgid ""
8366
8925
"*filter\n"
8407
8966
"COMMIT\n"
8408
8967
"规则更新"
8409
8968
8410
#: serverguide/C/security.xml:533(para)
8969
#: serverguide/C/security.xml:475(para)
8411
8970
msgid "<application>ufw</application> can be disabled by:"
8412
8971
msgstr "<application>ufw</application>可以通过下列命令来禁用:"
8413
8972
8414
#: serverguide/C/security.xml:537(command)
8973
#: serverguide/C/security.xml:479(command)
8415
8974
msgid "sudo ufw disable"
8416
8975
msgstr "sudo ufw disable"
8417
8976
8418
#: serverguide/C/security.xml:541(para)
8977
#: serverguide/C/security.xml:483(para)
8419
8978
msgid "To see the firewall status, enter:"
8420
8979
msgstr "查看防火墙状态,键入:"
8421
8980
8422
#: serverguide/C/security.xml:545(command)
8981
#: serverguide/C/security.xml:487(command)
8423
8982
msgid "sudo ufw status"
8424
8983
msgstr "sudo ufw status"
8425
8984
8426
#: serverguide/C/security.xml:549(para)
8985
#: serverguide/C/security.xml:491(para)
8427
8986
msgid "And for more verbose status information use:"
8428
8987
msgstr "以及更详细的状态信息请使用:"
8429
8988
8430
#: serverguide/C/security.xml:553(command)
8989
#: serverguide/C/security.xml:495(command)
8431
8990
msgid "sudo ufw status verbose"
8432
8991
msgstr "sudo ufw status verbose"
8433
8992
8434
#: serverguide/C/security.xml:557(para)
8993
#: serverguide/C/security.xml:499(para)
8435
8994
msgid "To view the <emphasis>numbered</emphasis> format:"
8436
8995
msgstr "要查看<emphasis>numbered</emphasis>格式:"
8437
8996
8438
#: serverguide/C/security.xml:561(command)
8997
#: serverguide/C/security.xml:503(command)
8439
8998
msgid "sudo ufw status numbered"
8440
8999
msgstr "sudo ufw status numbered"
8441
9000
8442
#: serverguide/C/security.xml:566(para)
9001
#: serverguide/C/security.xml:508(para)
8443
9002
msgid ""
8444
9003
"If the port you want to open or close is defined in "
8445
9004
"<filename>/etc/services</filename>, you can use the port name instead of the "
8449
9008
"如果你要打开或关闭的端口在<filename>/etc/services</filename>中已经定义了,你可以使用端口名称代替端口号。在上面的例子中,"
8450
9009
"将<emphasis>22</emphasis>用<emphasis>ssh</emphasis>代替。"
8451
9010
8452
#: serverguide/C/security.xml:572(para)
9011
#: serverguide/C/security.xml:514(para)
8453
9012
msgid ""
8454
9013
"This is a quick introduction to using <application>ufw</application>. Please "
8455
9014
"refer to the <application>ufw</application> man page for more information."
8457
9016
"这是一个使用<application>ufw</application>的快速介绍。请参阅<application>ufw</application>的m"
8458
9017
"an页面来获得更多信息。"
8459
9018
8460
#: serverguide/C/security.xml:578(title)
9019
#: serverguide/C/security.xml:520(title)
8461
9020
msgid "ufw Application Integration"
8462
9021
msgstr "ufw 应用集成"
8463
9022
8464
#: serverguide/C/security.xml:580(para)
9023
#: serverguide/C/security.xml:522(para)
8465
9024
msgid ""
8466
9025
"Applications that open ports can include an <application>ufw</application> "
8467
9026
"profile, which details the ports needed for the application to function "
8469
9028
"role=\"directory\">/etc/ufw/applications.d</filename>, and can be edited if "
8470
9029
"the default ports have been changed."
8471
9030
msgstr ""
8472
"可以打开端口的应用程序可以被包含在<application>ufw</application>的预设文件中,这里根据功能适当的包含了应用程序所需的端口。"
8473
"这个预设文件包含在<filename "
9031
"可以打开端口的应用程序可以被包含在<application>ufw</application>的预设文件中,这里根据功能适当的包含了应用程序所需的端口。这"
9032
"个预设文件包含在<filename "
8474
9033
"role=\"directory\">/etc/ufw/applications.d</filename>,在默认端口发生改变的时候可以进行编辑。"
8475
9034
8476
#: serverguide/C/security.xml:589(para)
9035
#: serverguide/C/security.xml:531(para)
8477
9036
msgid ""
8478
9037
"To view which applications have installed a profile, enter the following in "
8479
9038
"a terminal:"
8480
9039
msgstr "要查看已安装程序的配置文件,请在终端里键入以下内容:"
8481
9040
8482
#: serverguide/C/security.xml:594(command)
9041
#: serverguide/C/security.xml:536(command)
8483
9042
msgid "sudo ufw app list"
8484
9043
msgstr "sudo ufw app list"
8485
9044
8486
#: serverguide/C/security.xml:600(para)
9045
#: serverguide/C/security.xml:542(para)
8487
9046
msgid ""
8488
9047
"Similar to allowing traffic to a port, using an application profile is "
8489
9048
"accomplished by entering:"
8490
9049
msgstr "就像允许车辆到一个路口,可以通过输入下面的内容来使用一个应用程序预设文件。"
8491
9050
8492
#: serverguide/C/security.xml:605(command)
9051
#: serverguide/C/security.xml:547(command)
8493
9052
msgid "sudo ufw allow Samba"
8494
9053
msgstr "sudo ufw allow Samba"
8495
9054
8496
#: serverguide/C/security.xml:611(para)
9055
#: serverguide/C/security.xml:553(para)
8497
9056
msgid "An extended syntax is available as well:"
8498
9057
msgstr "一种扩展语法也是可用的:"
8499
9058
8500
#: serverguide/C/security.xml:616(command)
9059
#: serverguide/C/security.xml:558(command)
8501
9060
msgid "ufw allow from 192.168.0.0/24 to any app Samba"
8502
9061
msgstr "ufw allow from 192.168.0.0/24 to any app Samba"
8503
9062
8504
#: serverguide/C/security.xml:619(para)
9063
#: serverguide/C/security.xml:561(para)
8505
9064
msgid ""
8506
9065
"Replace <emphasis>Samba</emphasis> and <emphasis>192.168.0.0/24</emphasis> "
8507
9066
"with the application profile you are using and the IP range for your network."
8509
9068
"使用您所使用的主机名和您的网络的IP地址范围代替应用程序预预设文件中的<emphasis>Samba</emphasis>和<emphasis>192.1"
8510
9069
"68.0.0/24</emphasis>。"
8511
9070
8512
#: serverguide/C/security.xml:625(para)
9071
#: serverguide/C/security.xml:567(para)
8513
9072
msgid ""
8514
9073
"There is no need to specify the <emphasis>protocol</emphasis> for the "
8515
9074
"application, because that information is detailed in the profile. Also, note "
8519
9078
"对于应用程序来说,<emphasis>protocol</emphasis>并不需要特地的设置,因为信息被定义到了文件中。然后,注意我们使用<emphas"
8520
9079
"is>app</emphahsis>替换了<emphasis>port</emphasis>。"
8521
9080
8522
#: serverguide/C/security.xml:634(para)
9081
#: serverguide/C/security.xml:576(para)
8523
9082
msgid ""
8524
9083
"To view details about which ports, protocols, etc are defined for an "
8525
9084
"application, enter:"
8526
9085
msgstr "要查看关于端品,协议等细节来定义程序,键入:"
8527
9086
8528
#: serverguide/C/security.xml:639(command)
9087
#: serverguide/C/security.xml:581(command)
8529
9088
msgid "sudo ufw app info Samba"
8530
9089
msgstr "sudo ufw app info Samba"
8531
9090
8532
#: serverguide/C/security.xml:645(para)
9091
#: serverguide/C/security.xml:587(para)
8533
9092
msgid ""
8534
9093
"Not all applications that require opening a network port come with "
8535
9094
"<application>ufw</application> profiles, but if you have profiled an "
8541
9100
"中配置一个网络端口,但是如果你已经配置了一个应用程序并且希望这个配置能被包含在软件包中,请提交 <ulink "
8542
9101
"url=\"https://launchpad.net/\">Launchpad</ulink>的BUG/建议。"
8543
9102
8544
#: serverguide/C/security.xml:654(title)
9103
#: serverguide/C/security.xml:596(title)
8545
9104
msgid "IP Masquerading"
8546
9105
msgstr "IP 伪装"
8547
9106
8548
#: serverguide/C/security.xml:655(para)
9107
#: serverguide/C/security.xml:597(para)
8549
9108
msgid ""
8550
9109
"The purpose of IP Masquerading is to allow machines with private, non-"
8551
9110
"routable IP addresses on your network to access the Internet through the "
8568
9127
"来保持那个连接是属于哪个机器的,并相应地对每个返回包重新做路由。发自您私有网络的流量就这样被伪装成源于您的网关机器。这一过程在 Microsoft "
8569
9128
"文档中被称为 Internet 连接共享。"
8570
9129
8571
#: serverguide/C/security.xml:671(title)
9130
#: serverguide/C/security.xml:613(title)
8572
9131
msgid "ufw Masquerading"
8573
9132
msgstr "ufw Masquerading"
8574
9133
8575
#: serverguide/C/security.xml:672(para)
9134
#: serverguide/C/security.xml:614(para)
8576
9135
msgid ""
8577
9136
"IP Masquerading can be achieved using custom <application>ufw</application> "
8578
9137
"rules. This is possible because the current back-end for "
8582
9141
"legacy iptables rules used without <application>ufw</application>, and rules "
8583
9142
"that are more network gateway or bridge related."
8584
9143
msgstr ""
9144
"IP伪装可以通过定制 <application>ufw</application> 的规则来实现,因为当前 "
9145
"<application>ufw</application> 的后端是 <application>iptables-"
9146
"restore</application>,其规则存储在 <filename>/etc/ufw/*.rules</filename> "
9147
"里。用户可以在这些文件中添加遗留 iptables 规则和与网关或网桥相关的规则,其中遗留 iptables 规则在没有 "
9148
"<application>ufw</application> 的情况下也会被使用。"
8585
9149
8586
#: serverguide/C/security.xml:678(para)
9150
#: serverguide/C/security.xml:620(para)
8587
9151
msgid ""
8588
9152
"The rules are split into two different files, rules that should be executed "
8589
9153
"before <application>ufw</application> command line rules, and rules that are "
8590
9154
"executed after <application>ufw</application> command line rules."
8591
9155
msgstr "规则被分割为两个不同的文件,并且分别在<application>ufw</application>的命令行规则的前后被执行。"
8592
9156
8593
#: serverguide/C/security.xml:684(para)
9157
#: serverguide/C/security.xml:626(para)
8594
9158
msgid ""
8595
9159
"First, packet forwarding needs to be enabled in "
8596
9160
"<application>ufw</application>. Two configuration files will need to be "
8601
9165
"<filename>/etc/default/ufw</filename> "
8602
9166
"中需要调整<emphasis>DEFAULT_FORWARD_POLICY</emphasis> 为 <quote>ACCEPT</quote>"
8603
9167
8604
#: serverguide/C/security.xml:688(programlisting)
9168
#: serverguide/C/security.xml:630(programlisting)
8605
9169
#, no-wrap
8606
9170
msgid ""
8607
9171
"\n"
8610
9174
"\n"
8611
9175
"DEFAULT_FORWARD_POLICY=\"ACCEPT\"\n"
8612
9176
8613
#: serverguide/C/security.xml:691(para)
9177
#: serverguide/C/security.xml:633(para)
8614
9178
msgid "Then edit <filename>/etc/ufw/sysctl.conf</filename> and uncomment:"
8615
9179
msgstr "然后修改<filename>/etc/ufw/sysctl.conf</filename>,并注释掉:"
8616
9180
8617
#: serverguide/C/security.xml:694(programlisting)
9181
#: serverguide/C/security.xml:636(programlisting)
8618
9182
#, no-wrap
8619
9183
msgid ""
8620
9184
"\n"
8623
9187
"\n"
8624
9188
"net/ipv4/ip_forward=1\n"
8625
9189
8626
#: serverguide/C/security.xml:697(para)
9190
#: serverguide/C/security.xml:639(para)
8627
9191
msgid "Similarly, for IPv6 forwarding uncomment:"
8628
9192
msgstr "类似地,对IPv6的投递,注释掉:"
8629
9193
8630
#: serverguide/C/security.xml:700(programlisting)
9194
#: serverguide/C/security.xml:642(programlisting)
8631
9195
#, no-wrap
8632
9196
msgid ""
8633
9197
"\n"
8636
9200
"\n"
8637
9201
"net/ipv6/conf/default/forwarding=1\n"
8638
9202
8639
#: serverguide/C/security.xml:705(para)
9203
#: serverguide/C/security.xml:647(para)
8640
9204
msgid ""
8641
9205
"Now we will add rules to the <filename>/etc/ufw/before.rules</filename> "
8642
9206
"file. The default rules only configure the <emphasis>filter</emphasis> "
8648
9212
"lter</emphasis>表,如果需要启用伪装则需要配置<emphasis>nat</emphasis>表。请添加一下信息到配置文件紧跟在最头部注释的"
8649
9213
"后面。"
8650
9214
8651
#: serverguide/C/security.xml:710(programlisting)
9215
#: serverguide/C/security.xml:652(programlisting)
8652
9216
#, no-wrap
8653
9217
msgid ""
8654
9218
"\n"
8675
9239
"processed\n"
8676
9240
"COMMIT\n"
8677
9241
8678
#: serverguide/C/security.xml:721(para)
9242
#: serverguide/C/security.xml:663(para)
8679
9243
msgid ""
8680
9244
"The comments are not strictly necessary, but it is considered good practice "
8681
9245
"to document your configuration. Also, when modifying any of the "
8687
9251
"class=\"directory\">/etc/ufw</filename>文件任何<emphasis>rules</emphasis>的时候,确保这些"
8688
9252
"文字保留在每一处修改的后面。"
8689
9253
8690
#: serverguide/C/security.xml:727(programlisting)
9254
#: serverguide/C/security.xml:669(programlisting)
8691
9255
#, no-wrap
8692
9256
msgid ""
8693
9257
"\n"
8698
9262
"#不要删除'COMMIT'行,否则这些规则将不被处理\n"
8699
9263
"表示一个换行。在翻译的相应位置开始新的行\n"
8700
9264
8701
#: serverguide/C/security.xml:732(para)
9265
#: serverguide/C/security.xml:674(para)
8702
9266
msgid ""
8703
9267
"For each <emphasis>Table</emphasis> a corresponding "
8704
9268
"<emphasis>COMMIT</emphasis> statement is required. In these examples only "
8706
9270
"shown, but you can also add rules for the <emphasis>raw</emphasis> and "
8707
9271
"<emphasis>mangle</emphasis> tables."
8708
9272
msgstr ""
9273
"每个 <emphasis>Table</emphasis> 都要有一个对应的 <emphasis>COMMIT</emphasis> 声明。本例只展示了 "
9274
"<emphasis>nat</emphasis> 和 <emphasis>filter</emphasis> 表,但您也可以为 "
9275
"<emphasis>raw</emphasis> 和 <emphasis>mangle</emphasis> 表添加规则。"
8709
9276
8710
#: serverguide/C/security.xml:739(para)
9277
#: serverguide/C/security.xml:681(para)
8711
9278
msgid ""
8712
9279
"In the above example replace <emphasis>eth0</emphasis>, "
8713
9280
"<emphasis>eth1</emphasis>, and <emphasis>192.168.0.0/24</emphasis> with the "
8716
9283
"在上面的例子中将<emphasis>eth0</emphasis>, <emphasis>eth1</emphasis>, 和 "
8717
9284
"<emphasis>192.168.0.0/24</emphasis>替换为你的网络的正确的设备和IP范围。"
8718
9285
8719
#: serverguide/C/security.xml:747(para)
9286
#: serverguide/C/security.xml:689(para)
8720
9287
msgid ""
8721
9288
"Finally, disable and re-enable <application>ufw</application> to apply the "
8722
9289
"changes:"
8723
9290
msgstr "最后,禁止并重新激活<application>ufw</application>来运用修改"
8724
9291
8725
#: serverguide/C/security.xml:751(command)
9292
#: serverguide/C/security.xml:693(command)
8726
9293
msgid "sudo ufw disable && sudo ufw enable"
8727
9294
msgstr "sudo ufw disable && sudo ufw enable"
8728
9295
8729
#: serverguide/C/security.xml:755(para)
9296
#: serverguide/C/security.xml:697(para)
8730
9297
msgid ""
8731
9298
"IP Masquerading should now be enabled. You can also add any additional "
8732
9299
"FORWARD rules to the <filename>/etc/ufw/before.rules</filename>. It is "
8736
9303
"现在应该启用IP伪装。你还可以添加额外的更早的规则到<filename>/etc/ufw/before.rules</filename>。推荐将这些规则添"
8737
9304
"加到<emphasis>ufw-before-forward</emphasis>节点。"
8738
9305
8739
#: serverguide/C/security.xml:762(title)
9306
#: serverguide/C/security.xml:704(title)
8740
9307
msgid "iptables Masquerading"
8741
9308
msgstr "iptables 伪装"
8742
9309
8743
#: serverguide/C/security.xml:763(para)
9310
#: serverguide/C/security.xml:705(para)
8744
9311
msgid ""
8745
9312
"<application>iptables</application> can also be used to enable masquerading."
8746
9313
msgstr "<application>iptables</application> 同样可以用来开启伪装。"
8747
9314
8748
#: serverguide/C/security.xml:768(para)
9315
#: serverguide/C/security.xml:710(para)
8749
9316
msgid ""
8750
9317
"Similar to <application>ufw</application>, the first step is to enable IPv4 "
8751
9318
"packet forwarding by editing <filename>/etc/sysctl.conf</filename> and "
8754
9321
"类似于<application>ufw</application>,激活IPv4包投递的第一步是编辑<filename>/etc/sysctl.conf<"
8755
9322
"/filename>并注释掉以下行:"
8756
9323
8757
#: serverguide/C/security.xml:772(programlisting)
9324
#: serverguide/C/security.xml:714(programlisting)
8758
9325
#, no-wrap
8759
9326
msgid ""
8760
9327
"\n"
8763
9330
"\n"
8764
9331
"net.ipv4.ip_forward=1\n"
8765
9332
8766
#: serverguide/C/security.xml:775(para)
9333
#: serverguide/C/security.xml:717(para)
8767
9334
msgid "If you wish to enable IPv6 forwarding also uncomment:"
8768
9335
msgstr "如果你想激活IPv6投递,还要注释掉:"
8769
9336
8770
#: serverguide/C/security.xml:778(programlisting)
9337
#: serverguide/C/security.xml:720(programlisting)
8771
9338
#, no-wrap
8772
9339
msgid ""
8773
9340
"\n"
8776
9343
"\n"
8777
9344
"net.ipv6.conf.default.forwarding=1\n"
8778
9345
8779
#: serverguide/C/security.xml:783(para)
9346
#: serverguide/C/security.xml:725(para)
8780
9347
msgid ""
8781
9348
"Next, execute the <application>sysctl</application> command to enable the "
8782
9349
"new settings in the configuration file:"
8783
9350
msgstr "接下来,执行<application>sysctl</application>命令来激活配置文件中的新设置。"
8784
9351
8785
#: serverguide/C/security.xml:787(command)
9352
#: serverguide/C/security.xml:729(command)
8786
9353
msgid "sudo sysctl -p"
8787
9354
msgstr "sudo sysctl -p"
8788
9355
8789
#: serverguide/C/security.xml:791(para)
9356
#: serverguide/C/security.xml:733(para)
8790
9357
msgid ""
8791
9358
"IP Masquerading can now be accomplished with a single iptables rule, which "
8792
9359
"may differ slightly based on your network configuration:"
8793
9360
msgstr "如今根据一条iptables规则即可完成IP伪装,视您的网络而定,其配置可能略有不同。"
8794
9361
8795
#: serverguide/C/security.xml:794(screen)
9362
#: serverguide/C/security.xml:736(screen)
8796
9363
#, no-wrap
8797
9364
msgid ""
8798
9365
"\n"
8801
9368
"\n"
8802
9369
"sudo iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE\n"
8803
9370
8804
#: serverguide/C/security.xml:797(para)
9371
#: serverguide/C/security.xml:739(para)
8805
9372
msgid ""
8806
9373
"The above command assumes that your private address space is 192.168.0.0/16 "
8807
9374
"and that your Internet-facing device is ppp0. The syntax is broken down as "
8808
9375
"follows:"
8809
9376
msgstr "上面的命令假定您的个人地址空间是 192.168.0.0/16,同时您的网络连接设备是 ppp0。这个语法失效,如下所示:"
8810
9377
8811
#: serverguide/C/security.xml:802(para)
9378
#: serverguide/C/security.xml:744(para)
8812
9379
msgid "-t nat -- the rule is to go into the nat table"
8813
9380
msgstr "-t nat -- 该规则将进入 nat 表"
8814
9381
8815
#: serverguide/C/security.xml:803(para)
9382
#: serverguide/C/security.xml:745(para)
8816
9383
msgid ""
8817
9384
"-A POSTROUTING -- the rule is to be appended (-A) to the POSTROUTING chain"
8818
9385
msgstr "-A POSTROUTING -- 该规则将被追加 (-A) 到 POSTROUTING 链"
8819
9386
8820
#: serverguide/C/security.xml:804(para)
9387
#: serverguide/C/security.xml:746(para)
8821
9388
msgid ""
8822
9389
"-s 192.168.0.0/16 -- the rule applies to traffic originating from the "
8823
9390
"specified address space"
8824
9391
msgstr "-s 192.168.0.0/16 -- 该规则将被应用在源自指定地址空间的流量上"
8825
9392
8826
#: serverguide/C/security.xml:805(para)
9393
#: serverguide/C/security.xml:747(para)
8827
9394
msgid ""
8828
9395
"-o ppp0 -- the rule applies to traffic scheduled to be routed through the "
8829
9396
"specified network device"
8830
9397
msgstr "-o ppp0 -- 该规则应用于计划通过指定网络设备的流量。"
8831
9398
8832
#: serverguide/C/security.xml:807(para)
9399
#: serverguide/C/security.xml:749(para)
8833
9400
msgid ""
8834
9401
"-j MASQUERADE -- traffic matching this rule is to \"jump\" (-j) to the "
8835
9402
"MASQUERADE target to be manipulated as described above"
8836
9403
msgstr "-j MASQUERADE -- 匹配该规则的流量将如上所述 \"跳转\" (-j) 到 MASQUERADE (伪装) 目标。"
8837
9404
8838
#: serverguide/C/security.xml:815(para)
9405
#: serverguide/C/security.xml:757(para)
8839
9406
msgid ""
8840
9407
"Also, each chain in the filter table (the default table, and where most or "
8841
9408
"all packet filtering occurs) has a default <emphasis>policy</emphasis> of "
8844
9411
"masqueraded traffic needs to be allowed through the FORWARD chain for the "
8845
9412
"above rule to work:"
8846
9413
msgstr ""
9414
"过滤表中的每个处理链都有一个默认的 ACCEPT "
9415
"<emphasis>策略(policy)</emphasis>,但如果您是为网关设备添加防火墙,那么您可能会将这些策略设置为 DROP 或 "
9416
"REJECT。在这种情况下您伪装过的数据流需要允许通过 FORWARD 链,以使得上述规则正确执行。"
8847
9417
8848
#: serverguide/C/security.xml:822(screen)
9418
#: serverguide/C/security.xml:764(screen)
8849
9419
#, no-wrap
8850
9420
msgid ""
8851
9421
"\n"
8858
9428
"sudo iptables -A FORWARD -d 192.168.0.0/16 -m state --state "
8859
9429
"ESTABLISHED,RELATED -i ppp0 -j ACCEPT\n"
8860
9430
8861
#: serverguide/C/security.xml:826(para)
9431
#: serverguide/C/security.xml:768(para)
8862
9432
msgid ""
8863
9433
"The above commands will allow all connections from your local network to the "
8864
9434
"Internet and all traffic related to those connections to return to the "
8865
9435
"machine that initiated them."
8866
9436
msgstr "上面的命令将允许从你的本地网络到互联网的所有连接,以及和这些连接相关的、返回产生它们的计算机的所有流量。"
8867
9437
8868
#: serverguide/C/security.xml:833(para)
9438
#: serverguide/C/security.xml:775(para)
8869
9439
msgid ""
8870
9440
"If you want masquerading to be enabled on reboot, which you probably do, "
8871
9441
"edit <filename>/etc/rc.local</filename> and add any commands used above. For "
8872
9442
"example add the first command with no filtering:"
8873
9443
msgstr ""
9444
"如果您想在重启以后应用IP伪装,您可能需要编辑<filename>/etc/rc.local</filename>并加入上面使用的任一命令。例如加入没有过"
9445
"滤的第一条命令:"
8874
9446
8875
#: serverguide/C/security.xml:837(screen)
9447
#: serverguide/C/security.xml:779(screen)
8876
9448
#, no-wrap
8877
9449
msgid ""
8878
9450
"\n"
8881
9453
"\n"
8882
9454
"iptables -t nat -A POSTROUTING -s 192.168.0.0/16 -o ppp0 -j MASQUERADE\n"
8883
9455
8884
#: serverguide/C/security.xml:845(title)
9456
#: serverguide/C/security.xml:787(title)
8885
9457
msgid "Logs"
8886
9458
msgstr "日志"
8887
9459
8888
#: serverguide/C/security.xml:846(para)
9460
#: serverguide/C/security.xml:788(para)
8889
9461
msgid ""
8890
9462
"Firewall logs are essential for recognizing attacks, troubleshooting your "
8891
9463
"firewall rules, and noticing unusual activity on your network. You must "
8894
9466
"a target that decides the fate of the packet, such as ACCEPT, DROP, or "
8895
9467
"REJECT)."
8896
9468
msgstr ""
9469
"防火墙日志对于识别攻击、调试防火墙规则和发现你网络上不正常活动方面非常重要。一定要在防火墙里包含日志生成规则并且日志规则一定是在任何终结性规则之前使用(用"
9470
"来觉得字节包裹命运:如ACCEPT, DROP 或者 REJECT)。"
8897
9471
8898
#: serverguide/C/security.xml:853(para)
9472
#: serverguide/C/security.xml:795(para)
8899
9473
msgid ""
8900
9474
"If you are using <application>ufw</application>, you can turn on logging by "
8901
9475
"entering the following in a terminal:"
8902
9476
msgstr "如果你在使用<application>ufw</application>,你可以在终端输入以下内容以开启登录:"
8903
9477
8904
#: serverguide/C/security.xml:857(command)
9478
#: serverguide/C/security.xml:799(command)
8905
9479
msgid "sudo ufw logging on"
8906
9480
msgstr "sudo ufw logging on"
8907
9481
8908
#: serverguide/C/security.xml:859(para)
9482
#: serverguide/C/security.xml:801(para)
8909
9483
msgid ""
8910
9484
"To turn logging off in <application>ufw</application>, simply replace "
8911
9485
"<emphasis role=\"italic\">on</emphasis> with <emphasis "
8914
9488
"为退出登录<application>ufw</application>,在以上命令中用<emphasis "
8915
9489
"role=\"italic\">off</emphasis>替换<emphasis role=\"italic\">on</emphasis>即可。"
8916
9490
8917
#: serverguide/C/security.xml:862(para)
9491
#: serverguide/C/security.xml:804(para)
8918
9492
msgid ""
8919
9493
"If using <application>iptables</application> instead of "
8920
9494
"<application>ufw</application>, enter:"
8922
9496
"如果您要使用<application>ufw</application>来代替<application>iptables</application>,请输"
8923
9497
"入:"
8924
9498
8925
#: serverguide/C/security.xml:865(screen)
9499
#: serverguide/C/security.xml:807(screen)
8926
9500
#, no-wrap
8927
9501
msgid ""
8928
9502
"\n"
8933
9507
"sudo iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j LOG --log-"
8934
9508
"prefix \"NEW_HTTP_CONN: \"\n"
8935
9509
8936
#: serverguide/C/security.xml:868(para)
9510
#: serverguide/C/security.xml:810(para)
8937
9511
msgid ""
8938
9512
"A request on port 80 from the local machine, then, would generate a log in "
8939
9513
"dmesg that looks like this:"
8940
9514
msgstr "一个来自本地计算机的80端口请求,将在dmesg中产生一个log如下:"
8941
9515
8942
#: serverguide/C/security.xml:873(programlisting)
9516
#: serverguide/C/security.xml:815(programlisting)
8943
9517
#, no-wrap
8944
9518
msgid ""
8945
9519
"[4304885.870000] NEW_HTTP_CONN: IN=lo OUT= "
8952
9526
"LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=58288 DF PROTO=TCP SPT=53981 DPT=80 "
8953
9527
"WINDOW=32767 RES=0x00 SYN URGP=0"
8954
9528
8955
#: serverguide/C/security.xml:875(para)
9529
#: serverguide/C/security.xml:817(para)
8956
9530
msgid ""
8957
9531
"The above log will also appear in <filename>/var/log/messages</filename>, "
8958
9532
"<filename>/var/log/syslog</filename>, and "
8977
9551
"<application>fwanalog</application>、<application>fwlogwatch</application> 或 "
8978
9552
"<application>lire</application> 日志分析工具将会很轻松地弄懂您的防火墙日志。"
8979
9553
8980
#: serverguide/C/security.xml:890(title)
9554
#: serverguide/C/security.xml:832(title)
8981
9555
msgid "Other Tools"
8982
9556
msgstr "其它工具"
8983
9557
8984
#: serverguide/C/security.xml:891(para)
9558
#: serverguide/C/security.xml:833(para)
8985
9559
msgid ""
8986
9560
"There are many tools available to help you construct a complete firewall "
8987
9561
"without intimate knowledge of iptables. For the GUI-inclined:"
8988
9562
msgstr "有许多工具可以帮助你不用深奥的iptables的知识就创建一个完整的防火墙。图形操作界面的有:"
8989
9563
8990
#: serverguide/C/security.xml:897(para)
9564
#: serverguide/C/security.xml:839(para)
8991
9565
msgid ""
8992
9566
"<ulink url=\"http://www.fs-security.com/\">Firestarter</ulink> is quite "
8993
9567
"popular and easy to use."
8994
9568
msgstr ""
8995
9569
"<ulink url=\"http://www.fs-security.com/\">Firestarter</ulink>很流行,使用起来很简单。"
8996
9570
8997
#: serverguide/C/security.xml:902(para)
9571
#: serverguide/C/security.xml:844(para)
8998
9572
msgid ""
8999
9573
"<ulink url=\"http://www.fwbuilder.org/\">fwbuilder</ulink> is very powerful "
9000
9574
"and will look familiar to an administrator who has used a commercial "
9004
9578
"url=\"http://www.fwbuilder.org/\">fwbuilder</ulink>功能很强大,使用过类似于<application>C"
9005
9579
"heckpoint FireWall-1</application>等商业防火墙软件的管理员会对它很面熟。"
9006
9580
9007
#: serverguide/C/security.xml:908(para)
9581
#: serverguide/C/security.xml:850(para)
9008
9582
msgid ""
9009
9583
"If you prefer a command-line tool with plain-text configuration files:"
9010
9584
msgstr "如果你更倾向于使用有纯文本配置文件的命令行工具:"
9011
9585
9012
#: serverguide/C/security.xml:913(para)
9586
#: serverguide/C/security.xml:855(para)
9013
9587
msgid ""
9014
9588
"<ulink url=\"http://www.shorewall.net/\">Shorewall</ulink> is a very "
9015
9589
"powerful solution to help you configure an advanced firewall for any network."
9018
9592
"url=\"http://www.shorewall.net/\">Shorewall</ulink>是一个非常强大的帮助你配置高级防火墙的解决方案,它适"
9019
9593
"合于任何类型的网络。"
9020
9594
9021
#: serverguide/C/security.xml:919(para)
9595
#: serverguide/C/security.xml:861(para)
9022
9596
msgid ""
9023
9597
"<ulink url=\"http://www.linuxkungfu.org/\">ipkungfu</ulink> should give you "
9024
9598
"a working firewall \"out of the box\" with zero configuration, and will "
9029
9603
"url=\"http://www.linuxkungfu.org/\">ipkungfu</ulink>可以给你一个不用配置、拿来就用的防火墙,也允许你轻"
9030
9604
"松通过编辑简单的、有完整说明的配置文件而创建一个更高级的防火墙。"
9031
9605
9032
#: serverguide/C/security.xml:926(para)
9606
#: serverguide/C/security.xml:868(para)
9033
9607
msgid ""
9034
9608
"<ulink url=\"http://fireflier.sourceforge.net/\">fireflier</ulink> is "
9035
9609
"designed to be a desktop firewall application. It is made up of a server "
9040
9614
"url=\"http://fireflier.sourceforge.net/\">fireflier</ulink>是一个桌面防火墙软件。由一个服务器("
9041
9615
"fireflier-server)和图形操作界面客户端(GTK或QT)组成,很像许多流行的Windows交互式防火墙软件。"
9042
9616
9043
#: serverguide/C/security.xml:938(para)
9617
#: serverguide/C/security.xml:880(para)
9044
9618
msgid ""
9045
9619
"The <ulink url=\"https://wiki.ubuntu.com/UbuntuFirewall\">Ubuntu "
9046
9620
"Firewall</ulink> wiki page contains information on the development of "
9049
9623
"<ulink url=\"https://wiki.ubuntu.com/UbuntuFirewall\">Ubuntu "
9050
9624
"Firewall</ulink>的维基百科页面包含了有关<application>ufw</application>的开发信息。"
9051
9625
9052
#: serverguide/C/security.xml:944(para)
9626
#: serverguide/C/security.xml:886(para)
9053
9627
msgid ""
9054
9628
"Also, the <application>ufw</application> manual page contains some very "
9055
9629
"useful information: <command>man ufw</command>."
9056
9630
msgstr ""
9057
9631
"同时,<application>ufw</application>的使用手册包含了一些非常有用的内容:<command>man ufw</command>"
9058
9632
9059
#: serverguide/C/security.xml:949(para)
9633
#: serverguide/C/security.xml:891(para)
9060
9634
msgid ""
9061
9635
"See the <ulink url=\"http://www.netfilter.org/documentation/HOWTO/packet-"
9062
9636
"filtering-HOWTO.html\">packet-filtering-HOWTO</ulink> for more information "
9066
9640
"url=\"http://www.netfilter.org/documentation/HOWTO/packet-filtering-"
9067
9641
"HOWTO.html\">packet-filtering-HOWTO</ulink>。"
9068
9642
9069
#: serverguide/C/security.xml:955(para)
9643
#: serverguide/C/security.xml:897(para)
9070
9644
msgid ""
9071
9645
"The <ulink url=\"http://www.netfilter.org/documentation/HOWTO/NAT-"
9072
9646
"HOWTO.html\">nat-HOWTO</ulink> contains further details on masquerading."
9074
9648
"<ulink url=\"http://www.netfilter.org/documentation/HOWTO/NAT-"
9075
9649
"HOWTO.html\">nat-HOWTO</ulink>包含了有关伪装地址的更多细节。"
9076
9650
9077
#: serverguide/C/security.xml:964(title)
9651
#: serverguide/C/security.xml:903(para)
9652
msgid ""
9653
"The <ulink url=\"https://help.ubuntu.com/community/IptablesHowTo\">IPTables "
9654
"HowTo</ulink> in the Ubuntu wiki is a great resource."
9655
msgstr ""
9656
9657
#: serverguide/C/security.xml:911(title)
9078
9658
msgid "AppArmor"
9079
9659
msgstr "AppArmor"
9080
9660
9081
#: serverguide/C/security.xml:965(para)
9661
#: serverguide/C/security.xml:912(para)
9082
9662
msgid ""
9083
9663
"<application>AppArmor</application> is a Linux Security Module "
9084
9664
"implementation of name-based mandatory access controls. AppArmor confines "
9085
9665
"individual programs to a set of listed files and posix 1003.1e draft "
9086
9666
"capabilities."
9087
9667
msgstr ""
9668
"<application>AppArmor</application> 是一个实施了基于名称强制存取控制的Linux安全模组。AppArmor "
9669
"界定了单个程序进入一组文件列表的权限并遵循posix 1003.1e 草稿的能力。"
9088
9670
9089
#: serverguide/C/security.xml:969(para)
9671
#: serverguide/C/security.xml:916(para)
9090
9672
msgid ""
9091
9673
"<application>AppArmor</application> is installed and loaded by default. It "
9092
9674
"uses <emphasis>profiles</emphasis> of an application to determine what files "
9094
9676
"own profiles, and additional profiles can be found in the "
9095
9677
"<application>apparmor-profiles</application> package."
9096
9678
msgstr ""
9679
"默认情况下<application>AppArmor</application>已安装并载入。它使用每个程序的<emphasis>profiles</em"
9680
"phasis>来确定这个程序需要什么文件和权限。有些包会安装它们自己的profiles,额外的profiles可以在<application>apparm"
9681
"or-profiles</application>包里找到。"
9097
9682
9098
#: serverguide/C/security.xml:974(para)
9683
#: serverguide/C/security.xml:921(para)
9099
9684
msgid ""
9100
9685
"To install the <application>apparmor-profiles</application> package from a "
9101
9686
"terminal prompt:"
9102
9687
msgstr "要安装<application>apparmor-profiles</application>软件包,在终端输入:"
9103
9688
9104
#: serverguide/C/security.xml:980(para)
9689
#: serverguide/C/security.xml:927(para)
9105
9690
msgid "AppArmor profiles have two modes of execution:"
9106
9691
msgstr "AppArmor配置文件有两种执行模式:"
9107
9692
9108
#: serverguide/C/security.xml:985(para)
9693
#: serverguide/C/security.xml:932(para)
9109
9694
msgid ""
9110
9695
"Complaining/Learning: profile violations are permitted and logged. Useful "
9111
9696
"for testing and developing new profiles."
9112
msgstr ""
9697
msgstr "投诉/学习: 允许并记录配置文件的冲突。对于测试并开发新的配置文件有用途。"
9113
9698
9114
#: serverguide/C/security.xml:990(para)
9699
#: serverguide/C/security.xml:937(para)
9115
9700
msgid ""
9116
9701
"Enforced/Confined: enforces profile policy as well as logging the violation."
9117
9702
msgstr "强制/受限:强制配置策略及违规记录。"
9118
9703
9119
#: serverguide/C/security.xml:996(title)
9704
#: serverguide/C/security.xml:943(title)
9120
9705
msgid "Using AppArmor"
9121
9706
msgstr "使用 AppArmor"
9122
9707
9123
#: serverguide/C/security.xml:997(para)
9708
#: serverguide/C/security.xml:944(para)
9124
9709
msgid ""
9125
9710
"The <application>apparmor-utils</application> package contains command line "
9126
9711
"utilities that you can use to change the <application>AppArmor</application> "
9130
9715
"utils</application>软件包包含一些命令行工具,使用它们您可以更改<application>AppArmor</application>的"
9131
9716
"执行模式、查看配置文件的状态、创建新的配置文件等等。"
9132
9717
9133
#: serverguide/C/security.xml:1003(para)
9718
#: serverguide/C/security.xml:950(para)
9134
9719
msgid ""
9135
9720
"<application>apparmor_status</application> is used to view the current "
9136
9721
"status of AppArmor profiles."
9137
9722
msgstr "<application>apparmor_status</application>是用来查看AppArmor配置文件的当前状态的。"
9138
9723
9139
#: serverguide/C/security.xml:1007(command)
9724
#: serverguide/C/security.xml:954(command)
9140
9725
msgid "sudo apparmor_status"
9141
9726
msgstr "sudo apparmor_status"
9142
9727
9143
#: serverguide/C/security.xml:1011(para)
9728
#: serverguide/C/security.xml:958(para)
9144
9729
msgid ""
9145
9730
"<application>aa-complain</application> places a profile into "
9146
9731
"<emphasis>complain</emphasis> mode."
9148
9733
"<application>aa-"
9149
9734
"complain</application>将一个配置文件置入<emphasis>complain</emphasis>模式。"
9150
9735
9151
#: serverguide/C/security.xml:1015(command)
9736
#: serverguide/C/security.xml:962(command)
9152
9737
msgid "sudo aa-complain /path/to/bin"
9153
9738
msgstr "sudo aa-complain /path/to/bin"
9154
9739
9155
#: serverguide/C/security.xml:1019(para)
9740
#: serverguide/C/security.xml:966(para)
9156
9741
msgid ""
9157
9742
"<application>aa-enforce</application> places a profile into "
9158
9743
"<emphasis>enforce</emphasis> mode."
9159
9744
msgstr ""
9160
9745
"<application>aa-enforce</application>将一个配置文件置入<emphasis>enforce</emphasis>模式。"
9161
9746
9162
#: serverguide/C/security.xml:1023(command)
9747
#: serverguide/C/security.xml:970(command)
9163
9748
msgid "sudo aa-enforce /path/to/bin"
9164
9749
msgstr "sudo aa-enforce /path/to/bin"
9165
9750
9166
#: serverguide/C/security.xml:1027(para)
9751
#: serverguide/C/security.xml:974(para)
9167
9752
msgid ""
9168
9753
"The <filename>/etc/apparmor.d</filename> directory is where the AppArmor "
9169
9754
"profiles are located. It can be used to manipulate the "
9172
9757
"<filename>/etc/apparmor.d</filename>目录是AppArmor配置文件的所在之处。可用来操作所有配置文件的<emphasi"
9173
9758
"s>模式mode</emphasis>。"
9174
9759
9175
#: serverguide/C/security.xml:1031(para)
9760
#: serverguide/C/security.xml:978(para)
9176
9761
msgid "Enter the following to place all profiles into complain mode:"
9177
9762
msgstr "要将所有配置文件置入complain模式,输入:"
9178
9763
9179
#: serverguide/C/security.xml:1035(command)
9764
#: serverguide/C/security.xml:982(command)
9180
9765
msgid "sudo aa-complain /etc/apparmor.d/*"
9181
9766
msgstr "sudo aa-complain /etc/apparmor.d/*"
9182
9767
9183
#: serverguide/C/security.xml:1037(para)
9768
#: serverguide/C/security.xml:984(para)
9184
9769
msgid "To place all profiles in enforce mode:"
9185
9770
msgstr "要将所有配置文件置入enforce模式:"
9186
9771
9187
#: serverguide/C/security.xml:1041(command)
9772
#: serverguide/C/security.xml:988(command)
9188
9773
msgid "sudo aa-enforce /etc/apparmor.d/*"
9189
9774
msgstr "sudo aa-enforce /etc/apparmor.d/*"
9190
9775
9191
#: serverguide/C/security.xml:1045(para)
9776
#: serverguide/C/security.xml:992(para)
9192
9777
msgid ""
9193
9778
"<application>apparmor_parser</application> is used to load a profile into "
9194
9779
"the kernel. It can also be used to reload a currently loaded profile using "
9197
9782
"<application>apparmor_parser</application>用来将一个配置文件载入内核。它也可以通过使用<emphasis>-"
9198
9783
"r</emphasis>选项来重新载入当前已载入的配置文件。要载入一个配置文件:"
9199
9784
9200
#: serverguide/C/security.xml:1050(command) serverguide/C/security.xml:1082(command)
9785
#: serverguide/C/security.xml:997(command) serverguide/C/security.xml:1029(command)
9201
9786
msgid "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a"
9202
9787
msgstr "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -a"
9203
9788
9204
#: serverguide/C/security.xml:1052(para)
9789
#: serverguide/C/security.xml:999(para)
9205
9790
msgid "To reload a profile:"
9206
9791
msgstr "要重新载入一个配置文件:"
9207
9792
9208
#: serverguide/C/security.xml:1056(command)
9793
#: serverguide/C/security.xml:1003(command)
9209
9794
msgid "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -r"
9210
9795
msgstr "cat /etc/apparmor.d/profile.name | sudo apparmor_parser -r"
9211
9796
9212
#: serverguide/C/security.xml:1060(para)
9797
#: serverguide/C/security.xml:1007(para)
9213
9798
msgid ""
9214
9799
"<filename>/etc/init.d/apparmor</filename> can be used to "
9215
9800
"<emphasis>reload</emphasis> all profiles:"
9216
9801
msgstr ""
9217
9802
"<filename>/etc/init.d/apparmor</filename>可用来<emphasis>重新载入</emphasis>所有配置文件:"
9218
9803
9219
#: serverguide/C/security.xml:1064(command)
9804
#: serverguide/C/security.xml:1011(command) serverguide/C/network-auth.xml:632(command)
9220
9805
msgid "sudo /etc/init.d/apparmor reload"
9221
9806
msgstr "sudo /etc/init.d/apparmor reload"
9222
9807
9223
#: serverguide/C/security.xml:1068(para)
9808
#: serverguide/C/security.xml:1015(para)
9224
9809
msgid ""
9225
9810
"The <filename>/etc/apparmor.d/disable</filename> directory can be used along "
9226
9811
"with the <application>apparmor_parser -R</application> option to "
9230
9815
"<filename>/etc/apparmor.d/disable</filename>目录可以和<application>apparmor_parser"
9231
9816
" -R</application>选项一起使用以<emphasis>禁用</emphasis>一个配置文件。"
9232
9817
9233
#: serverguide/C/security.xml:1073(command)
9818
#: serverguide/C/security.xml:1020(command)
9234
9819
msgid "sudo ln -s /etc/apparmor.d/profile.name /etc/apparmor.d/disable/"
9235
9820
msgstr "sudo ln -s /etc/apparmor.d/profile.name /etc/apparmor.d/disable/"
9236
9821
9237
#: serverguide/C/security.xml:1074(command)
9822
#: serverguide/C/security.xml:1021(command)
9238
9823
msgid "sudo apparmor_parser -R /etc/apparmor.d/profile.name"
9239
9824
msgstr "sudo apparmor_parser -R /etc/apparmor.d/profile.name"
9240
9825
9241
#: serverguide/C/security.xml:1076(para)
9826
#: serverguide/C/security.xml:1023(para)
9242
9827
msgid ""
9243
9828
"To <emphasis>re-enable</emphasis> a disabled profile remove the symbolic "
9244
9829
"link to the profile in <filename>/etc/apparmor.d/disable/</filename>. Then "
9245
9830
"load the profile using the <emphasis>-a</emphasis> option."
9246
9831
msgstr ""
9832
"要<emphasis>重新激活</emphasis> 一个已禁用的配置文件,请在 "
9833
"<filename>/etc/apparmor.d/disable/</filename>里删除到其配置文件的软链接。然后使用选项 <emphasis>-"
9834
"a</emphasis>载入配置文件。"
9247
9835
9248
#: serverguide/C/security.xml:1081(command)
9836
#: serverguide/C/security.xml:1028(command)
9249
9837
msgid "sudo rm /etc/apparmor.d/disable/profile.name"
9250
9838
msgstr "sudo rm /etc/apparmor.d/disable/profile.name"
9251
9839
9252
#: serverguide/C/security.xml:1086(para)
9840
#: serverguide/C/security.xml:1033(para)
9253
9841
msgid ""
9254
9842
"<application>AppArmor</application> can be disabled, and the kernel module "
9255
9843
"unloaded by entering the following:"
9256
9844
msgstr "<application>AppArmor</application>可以被禁用,其内核模块可以通过输入以下命令卸载:"
9257
9845
9258
#: serverguide/C/security.xml:1090(command)
9846
#: serverguide/C/security.xml:1037(command)
9259
9847
msgid "sudo /etc/init.d/apparmor stop"
9260
9848
msgstr "sudo /etc/init.d/apparmor stop"
9261
9849
9262
#: serverguide/C/security.xml:1091(command)
9850
#: serverguide/C/security.xml:1038(command)
9263
9851
msgid "sudo update-rc.d -f apparmor remove"
9264
9852
msgstr "sudo update-rc.d -f apparmor remove"
9265
9853
9266
#: serverguide/C/security.xml:1095(para)
9854
#: serverguide/C/security.xml:1042(para)
9267
9855
msgid "To re-enable <application>AppArmor</application> enter:"
9268
9856
msgstr "要重新启用<application>AppArmor</application>,输入:"
9269
9857
9270
#: serverguide/C/security.xml:1099(command)
9858
#: serverguide/C/security.xml:1046(command)
9271
9859
msgid "sudo /etc/init.d/apparmor start"
9272
9860
msgstr "sudo /etc/init.d/apparmor start"
9273
9861
9274
#: serverguide/C/security.xml:1100(command)
9862
#: serverguide/C/security.xml:1047(command)
9275
9863
msgid "sudo update-rc.d apparmor defaults"
9276
9864
msgstr "sudo update-rc.d apparmor defaults"
9277
9865
9278
#: serverguide/C/security.xml:1105(para)
9866
#: serverguide/C/security.xml:1052(para)
9279
9867
msgid ""
9280
9868
"Replace <emphasis>profile.name</emphasis> with the name of the profile you "
9281
9869
"want to manipulate. Also, replace <filename>/path/to/bin/</filename> with "
9282
9870
"the actual executable file path. For example for the "
9283
9871
"<application>ping</application> command use <filename>/bin/ping</filename>"
9284
9872
msgstr ""
9873
"用你操作的profile名称来替代<emphasis>profile.name</emphasis>。再有,用实际的执行文件的路径来代替<filename"
9874
">/path/to/bin/</filename>。例如,使用<filename>/bin/ping</filename>来替代<application>"
9875
"ping</application>"
9285
9876
9286
#: serverguide/C/security.xml:1113(title)
9877
#: serverguide/C/security.xml:1060(title)
9287
9878
msgid "Profiles"
9288
9879
msgstr "配置文件"
9289
9880
9290
#: serverguide/C/security.xml:1114(para)
9881
#: serverguide/C/security.xml:1061(para)
9291
9882
msgid ""
9292
9883
"<application>AppArmor</application> profiles are simple text files located "
9293
9884
"in <filename>/etc/apparmor.d/</filename>. The files are named after the full "
9296
9887
"profile for the <filename>/bin/ping</filename> command."
9297
9888
msgstr ""
9298
9889
9299
#: serverguide/C/security.xml:1120(para)
9890
#: serverguide/C/security.xml:1067(para)
9300
9891
msgid "There are two main type of rules used in profiles:"
9301
9892
msgstr "在配置文件中,主要有两种类型的规则"
9302
9893
9303
#: serverguide/C/security.xml:1125(para)
9894
#: serverguide/C/security.xml:1072(para)
9304
9895
msgid ""
9305
9896
"<emphasis>Path entries:</emphasis> which detail which files an application "
9306
9897
"can access in the file system."
9307
9898
msgstr "<emphasis>路径 项:</emphasis> 指定文件系统中哪些文件是一个应用程序可以访问的。"
9308
9899
9309
#: serverguide/C/security.xml:1130(para)
9900
#: serverguide/C/security.xml:1077(para)
9310
9901
msgid ""
9311
9902
"<emphasis>Capability entries:</emphasis> determine what privileges a "
9312
9903
"confined process is allowed to use."
9313
9904
msgstr ""
9314
9905
9315
#: serverguide/C/security.xml:1135(para)
9906
#: serverguide/C/security.xml:1082(para)
9316
9907
msgid ""
9317
9908
"As an example take a look at <filename>/etc/apparmor.d/bin.ping</filename>:"
9318
9909
msgstr "作为一个例子来看看<filename>/etc/apparmor.d/bin.ping</filename>:"
9319
9910
9320
#: serverguide/C/security.xml:1138(programlisting)
9911
#: serverguide/C/security.xml:1085(programlisting)
9321
9912
#, no-wrap
9322
9913
msgid ""
9323
9914
"\n"
9350
9941
" /etc/modules.conf r,\n"
9351
9942
"}\n"
9352
9943
9353
#: serverguide/C/security.xml:1155(para)
9944
#: serverguide/C/security.xml:1102(para)
9354
9945
msgid ""
9355
9946
"<emphasis>#include <tunables/global>:</emphasis> include statements "
9356
9947
"from other files. This allows statements pertaining to multiple applications "
9357
9948
"to be placed in a common file."
9358
9949
msgstr ""
9950
"<emphasis>#include "
9951
"<tunables/global>:</emphasis>包含了来自另外文件的声明。这样做使得来自不同应用程序的相关声明都被放置在同一个文件中"
9952
"。"
9359
9953
9360
#: serverguide/C/security.xml:1161(para)
9954
#: serverguide/C/security.xml:1108(para)
9361
9955
msgid ""
9362
9956
"<emphasis>/bin/ping flags=(complain):</emphasis> path to the profiled "
9363
9957
"program, also setting the mode to <emphasis>complain</emphasis>."
9364
9958
msgstr ""
9365
9959
9366
#: serverguide/C/security.xml:1167(para)
9960
#: serverguide/C/security.xml:1114(para)
9367
9961
msgid ""
9368
9962
"<emphasis>capability net_raw,:</emphasis> allows the application access to "
9369
9963
"the CAP_NET_RAW Posix.1e capability."
9370
9964
msgstr ""
9965
"<emphasis>capability net_raw,:</emphasis> 允许程序拥有连接 CAP_NET_RAW Posix.1e 的能力。"
9371
9966
9372
#: serverguide/C/security.xml:1172(para)
9967
#: serverguide/C/security.xml:1119(para)
9373
9968
msgid ""
9374
9969
"<emphasis>/bin/ping mixr,:</emphasis> allows the application read and "
9375
9970
"execute access to the file."
9376
msgstr ""
9971
msgstr "<emphasis>/bin/ping mixr,:</emphasis> 允许应用程序读取和执行该文件。"
9377
9972
9378
#: serverguide/C/security.xml:1178(para)
9973
#: serverguide/C/security.xml:1125(para)
9379
9974
msgid ""
9380
9975
"After editing a profile file the profile must be reloaded. See <xref "
9381
9976
"linkend=\"apparmor-usage\"/> for details."
9382
9977
msgstr "编辑配置文件后必须重新载入配置文件。参看<xref linkend=\"apparmor-usage\"/> 获取详情"
9383
9978
9384
#: serverguide/C/security.xml:1183(title)
9979
#: serverguide/C/security.xml:1130(title)
9385
9980
msgid "Creating a Profile"
9386
9981
msgstr "创建配置文件"
9387
9982
9388
#: serverguide/C/security.xml:1186(para)
9983
#: serverguide/C/security.xml:1133(para)
9389
9984
msgid ""
9390
9985
"<emphasis>Design a test plan:</emphasis> Try to think about how the "
9391
9986
"application should be exercised. The test plan should be divided into small "
9392
9987
"test cases. Each test case should have a small description and list the "
9393
9988
"steps to follow."
9394
9989
msgstr ""
9990
"<emphasis>设计测试计划:</emphasis> "
9991
"试着思考应用程序会怎样运行。测试计划可以分解为小的测试用例。对每个测试用例,应该有个简短的描述,并列出应该执行的步骤。"
9395
9992
9396
#: serverguide/C/security.xml:1190(para)
9993
#: serverguide/C/security.xml:1137(para)
9397
9994
msgid "Some standard test cases are:"
9398
9995
msgstr "一些标准的测试情况是:"
9399
9996
9400
#: serverguide/C/security.xml:1195(para)
9997
#: serverguide/C/security.xml:1142(para)
9401
9998
msgid "Starting the program."
9402
9999
msgstr "启动程序。"
9403
10000
9404
#: serverguide/C/security.xml:1200(para)
10001
#: serverguide/C/security.xml:1147(para)
9405
10002
msgid "Stopping the program."
9406
10003
msgstr "停止程序。"
9407
10004
9408
#: serverguide/C/security.xml:1205(para)
10005
#: serverguide/C/security.xml:1152(para)
9409
10006
msgid "Reloading the program."
9410
10007
msgstr "重新载入程序。"
9411
10008
9412
#: serverguide/C/security.xml:1210(para)
10009
#: serverguide/C/security.xml:1157(para)
9413
10010
msgid "Testing all the commands supported by the init script."
9414
10011
msgstr "测试所有init脚本支持的命令。"
9415
10012
9416
#: serverguide/C/security.xml:1217(para)
10013
#: serverguide/C/security.xml:1164(para)
9417
10014
msgid ""
9418
10015
"<emphasis>Generate the new profile:</emphasis> Use <application>aa-"
9419
10016
"genprof</application> to generate a new profile. From a terminal:"
9420
10017
msgstr ""
10018
"<emphasis>生成新配置文件:</emphasis> 使用 <application>aa-genprof</application> "
10019
"生成新的配置文件。在终端输入:"
9421
10020
9422
#: serverguide/C/security.xml:1222(command)
10021
#: serverguide/C/security.xml:1169(command)
9423
10022
msgid "sudo aa-genprof executable"
9424
10023
msgstr "sudo aa-genprof executable"
9425
10024
9426
#: serverguide/C/security.xml:1224(para)
10025
#: serverguide/C/security.xml:1171(para)
9427
10026
msgid "For example:"
9428
10027
msgstr "例如:"
9429
10028
9430
#: serverguide/C/security.xml:1228(command)
10029
#: serverguide/C/security.xml:1175(command)
9431
10030
msgid "sudo aa-genprof slapd"
9432
10031
msgstr "sudo aa-genprof slapd"
9433
10032
9434
#: serverguide/C/security.xml:1232(para)
10033
#: serverguide/C/security.xml:1179(para)
9435
10034
msgid ""
9436
10035
"To get your new profile included in the <application>apparmor-"
9437
10036
"profiles</application> package, file a bug in <emphasis>Launchpad</emphasis> "
9439
10038
"url=\"https://bugs.launchpad.net/ubuntu/+source/apparmor/+filebug\">AppArmor<"
9440
10039
"/ulink> package:"
9441
10040
msgstr ""
10041
"要想让你的配置文件被包含于 <application>apparmor-profiles</application> "
10042
"包内,在<emphasis>Launchpad</emphasis>上向<ulink "
10043
"url=\"https://bugs.launchpad.net/ubuntu/+source/apparmor/+filebug\">AppArmor<"
10044
"/ulink>发一个bug报告:"
9442
10045
9443
#: serverguide/C/security.xml:1239(para)
10046
#: serverguide/C/security.xml:1186(para)
9444
10047
msgid "Include your test plan and test cases."
9445
msgstr ""
10048
msgstr "包含您的测试计划和测试用例。"
9446
10049
9447
#: serverguide/C/security.xml:1244(para)
10050
#: serverguide/C/security.xml:1191(para)
9448
10051
msgid "Attach your new profile to the bug."
9449
msgstr ""
10052
msgstr "在bug报告里附上你的新配置文件。"
9450
10053
9451
#: serverguide/C/security.xml:1253(title)
10054
#: serverguide/C/security.xml:1200(title)
9452
10055
msgid "Updating Profiles"
9453
10056
msgstr "更新配置文件"
9454
10057
9455
#: serverguide/C/security.xml:1254(para)
10058
#: serverguide/C/security.xml:1201(para)
9456
10059
msgid ""
9457
10060
"When the program is misbehaving, audit messages are sent to the log files. "
9458
10061
"The program <application>aa-logprof</application> can be used to scan log "
9460
10063
"and update the profiles. From a terminal:"
9461
10064
msgstr ""
9462
10065
9463
#: serverguide/C/security.xml:1259(command)
10066
#: serverguide/C/security.xml:1206(command)
9464
10067
msgid "sudo aa-logprof"
9465
10068
msgstr "sudo aa-logprof"
9466
10069
9467
#: serverguide/C/security.xml:1267(para)
10070
#: serverguide/C/security.xml:1214(para)
9468
10071
msgid ""
9469
10072
"See the <ulink "
9470
10073
"url=\"http://www.novell.com/documentation/apparmor/apparmor201_sp10_admin/ind"
9477
10080
"ex.html?page=/documentation/apparmor/apparmor201_sp10_admin/data/book_apparmo"
9478
10081
"r_admin.html\">AppArmor 管理指南</ulink>找到高级配置选项。"
9479
10082
9480
#: serverguide/C/security.xml:1274(para)
10083
#: serverguide/C/security.xml:1221(para)
9481
10084
msgid ""
9482
10085
"For details using AppArmor with other Ubuntu releases see the <ulink "
9483
10086
"url=\"https://help.ubuntu.com/community/AppArmor\"> AppArmor Community "
9487
10090
"url=\"https://help.ubuntu.com/community/AppArmor\"> AppArmor Community "
9488
10091
"Wiki</ulink>"
9489
10092
9490
#: serverguide/C/security.xml:1282(para)
10093
#: serverguide/C/security.xml:1229(para)
9491
10094
msgid ""
9492
10095
"The <ulink url=\"http://en.opensuse.org/AppArmor\">OpenSUSE AppArmor</ulink> "
9493
10096
"page is another introduction to AppArmor."
9495
10098
"<ulink url=\"http://en.opensuse.org/AppArmor\">OpenSUSE AppArmor</ulink> "
9496
10099
"是另一个对AppArmor的介绍。"
9497
10100
9498
#: serverguide/C/security.xml:1289(para)
10101
#: serverguide/C/security.xml:1236(para)
9499
10102
msgid ""
9500
10103
"A great place to ask for <application>AppArmor</application> assistance, and "
9501
10104
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
9505
10108
"在 <ulink url=\"http://freenode.net\">freenode</ulink> 上的 <emphasis>#ubuntu-"
9506
10109
"server</emphasis> IRC 聊天频道是一个寻求AppArmor帮助和参与Ubuntu Server社区的一个好地方。"
9507
10110
9508
#: serverguide/C/security.xml:1299(title)
10111
#: serverguide/C/security.xml:1246(title)
9509
10112
msgid "Certificates"
9510
10113
msgstr "证书"
9511
10114
9512
#: serverguide/C/security.xml:1300(para)
10115
#: serverguide/C/security.xml:1247(para)
9513
10116
msgid ""
9514
10117
"One of the most common forms of cryptography today is <emphasis>public-"
9515
10118
"key</emphasis> cryptography. Public-key cryptography utilizes a "
9522
10125
"一个<emphasis>私钥</emphasis>来完成加解密。系统使用公钥来<emphasis>加密</emphasis>信息,加密后的信息只有用<em"
9523
10126
"phasis>私钥</emphasis>才可以解密。"
9524
10127
9525
#: serverguide/C/security.xml:1306(para)
10128
#: serverguide/C/security.xml:1253(para)
9526
10129
msgid ""
9527
10130
"A common use for public-key cryptography is encrypting application traffic "
9528
10131
"using a Secure Socket Layer (SSL) or Transport Layer Security (TLS) "
9533
10136
"一个公开密钥加密的普遍用法是使用SSL或者TLS加密应用程序传输的数据。例如,配置Apache提供HTTPS(HTTP over "
9534
10137
"SSL)。这样可以提供一种方式来加密不自己实现加密机制的协议产生的流量。"
9535
10138
9536
#: serverguide/C/security.xml:1311(para)
10139
#: serverguide/C/security.xml:1258(para)
9537
10140
msgid ""
9538
10141
"A <emphasis>Certificate</emphasis> is a method used to distribute a "
9539
10142
"<emphasis>public key</emphasis> and other information about a server and the "
9545
10148
"<emphasis>数字证书</emphasis>是一种传播公钥和关于服务器以及对其负责的组织的信息的一种方式。数字证书可以被<emphasis>证书认证"
9546
10149
"机构(CA)</emphasis>签名。CA是一个被信任的第三方机构,用来保证被签名的数字证书内所包含的信息是准确有效的。"
9547
10150
9548
#: serverguide/C/security.xml:1318(title)
10151
#: serverguide/C/security.xml:1265(title)
9549
10152
msgid "Types of Certificates"
9550
10153
msgstr "证书类型"
9551
10154
9552
#: serverguide/C/security.xml:1319(para)
10155
#: serverguide/C/security.xml:1266(para)
9553
10156
msgid ""
9554
10157
"To set up a secure server using public-key cryptography, in most cases, you "
9555
10158
"send your certificate request (including your public key), proof of your "
9562
10165
"定的费用 "
9563
10166
"(2)CA验证你的证书请求和身份,并且使用它的私钥签名,制作成证书发回来。或者,你可以自己创建一个<emphasis>自签名<emphasis>的证书。"
9564
10167
9565
#: serverguide/C/security.xml:1329(para)
10168
#: serverguide/C/security.xml:1276(para)
9566
10169
msgid ""
9567
10170
"Note, that self-signed certificates should not be used in most production "
9568
10171
"environments."
9569
10172
msgstr "注意, 自签名的证书不应当被用在生产环境上。"
9570
10173
9571
#: serverguide/C/security.xml:1333(para)
10174
#: serverguide/C/security.xml:1280(para)
9572
10175
msgid ""
9573
10176
"Continuing the HTTPS example, a CA-signed certificate provides two important "
9574
10177
"capabilities that a self-signed certificate does not:"
9575
10178
msgstr "继续HTTPS的例子,一个CA签署的证书可以提供两个自签名证书不能提供的重要的能力:"
9576
10179
9577
#: serverguide/C/security.xml:1340(para)
10180
#: serverguide/C/security.xml:1287(para)
9578
10181
msgid ""
9579
10182
"Browsers (usually) automatically recognize the certificate and allow a "
9580
10183
"secure connection to be made without prompting the user."
9581
10184
msgstr "浏览器 (通常) 会自动地识别证书并且在不提示用户的情况下允许创建一个安全连接。"
9582
10185
9583
#: serverguide/C/security.xml:1347(para)
10186
#: serverguide/C/security.xml:1294(para)
9584
10187
msgid ""
9585
10188
"When a CA issues a signed certificate, it is guaranteeing the identity of "
9586
10189
"the organization that is providing the web pages to the browser."
9587
10190
msgstr "当一个 CA 生成一个签署过的证书,它为提供网页给浏览器的组织提供身份担保。"
9588
10191
9589
#: serverguide/C/security.xml:1355(para)
10192
#: serverguide/C/security.xml:1302(para)
9590
10193
msgid ""
9591
10194
"Most Web browsers, and computers, that support SSL have a list of CAs whose "
9592
10195
"certificates they automatically accept. If a browser encounters a "
9597
10200
"大部分支持SSL的Web浏览器和操作系统都有一个CA列表,被这些CA签署的证书会被自动接受。如果浏览器遇到了一个被不在信任列表内的CA签署的证书时,会询问"
9598
10201
"用户接受或者拒绝连接。同样,其他的程序可能会在遇到自签名证书是提示错误。"
9599
10202
9600
#: serverguide/C/security.xml:1363(para)
10203
#: serverguide/C/security.xml:1310(para)
9601
10204
msgid ""
9602
10205
"The process of getting a certificate from a CA is fairly easy. A quick "
9603
10206
"overview is as follows:"
9604
10207
msgstr "从CA获得一个数字证书相当简单。下面是简要步骤:"
9605
10208
9606
#: serverguide/C/security.xml:1370(para)
10209
#: serverguide/C/security.xml:1317(para)
9607
10210
msgid "Create a private and public encryption key pair."
9608
10211
msgstr "创建一个私有和公共密钥对"
9609
10212
9610
#: serverguide/C/security.xml:1373(para)
10213
#: serverguide/C/security.xml:1320(para)
9611
10214
msgid ""
9612
10215
"Create a certificate request based on the public key. The certificate "
9613
10216
"request contains information about your server and the company hosting it."
9614
10217
msgstr "基于公钥创建一个证书请求。证书请求包含您服务器及公司信息。"
9615
10218
9616
#: serverguide/C/security.xml:1378(para)
10219
#: serverguide/C/security.xml:1325(para)
9617
10220
msgid ""
9618
10221
"Send the certificate request, along with documents proving your identity, to "
9619
10222
"a CA. We cannot tell you which certificate authority to choose. Your "
9622
10225
msgstr ""
9623
10226
"发送证书请求,并随之提供您的身份文档到一个 CA。我们不能告诉您选择哪个证书颁发机构。您可以基于您以往的经验或您朋友或同事的经验或纯粹基于经济因素来决定。"
9624
10227
9625
#: serverguide/C/security.xml:1384(para)
10228
#: serverguide/C/security.xml:1331(para)
9626
10229
msgid ""
9627
10230
"Once you have decided upon a CA, you need to follow the instructions they "
9628
10231
"provide on how to obtain a certificate from them."
9629
10232
msgstr "一旦您选定一家 CA,您需要根据他们所提供的规程来从他们那里获得证书。"
9630
10233
9631
#: serverguide/C/security.xml:1389(para)
10234
#: serverguide/C/security.xml:1336(para)
9632
10235
msgid ""
9633
10236
"When the CA is satisfied that you are indeed who you claim to be, they send "
9634
10237
"you a digital certificate."
9635
10238
msgstr "当 CA 确定您确实如您所声称的那样时,他们将发给您一个数字证书。"
9636
10239
9637
#: serverguide/C/security.xml:1393(para)
10240
#: serverguide/C/security.xml:1340(para)
9638
10241
msgid ""
9639
10242
"Install this certificate on your secure server, and configure the "
9640
10243
"appropriate applications to use the certificate."
9641
10244
msgstr "将此证书安装到您的安全服务器,并使用证书配置相应的程序。"
9642
10245
9643
#: serverguide/C/security.xml:1402(title)
10246
#: serverguide/C/security.xml:1349(title)
9644
10247
msgid "Generating a Certificate Signing Request (CSR)"
9645
10248
msgstr "生成一个证书签署请求 (CSR)"
9646
10249
9647
#: serverguide/C/security.xml:1404(para)
10250
#: serverguide/C/security.xml:1351(para)
9648
10251
msgid ""
9649
10252
"Whether you are getting a certificate from a CA or generating your own self-"
9650
10253
"signed certificate, the first step is to generate a key."
9651
10254
msgstr "无论您是从一家 CA 那儿获得证书或是生成您自己签署的证书,第一步就是生成钥匙。"
9652
10255
9653
#: serverguide/C/security.xml:1409(para)
10256
#: serverguide/C/security.xml:1356(para)
9654
10257
msgid ""
9655
10258
"If the certificate will be used by service daemons, such as Apache, Postfix, "
9656
10259
"Dovecot, etc, a key without a passphrase is often appropriate. Not having a "
9660
10263
"如果数字证书被服务进程使用(比如Apache,Postfix,Dovecot等等),一个没有密码保护的私钥是适用的。私钥没有密码保护可以让服务在没有人工干"
9661
10264
"预的情况下启动,通常这是启动服务的首选方式。"
9662
10265
9663
#: serverguide/C/security.xml:1415(para)
10266
#: serverguide/C/security.xml:1362(para)
9664
10267
msgid ""
9665
10268
"This section will cover generating a key with a passphrase, and one without. "
9666
10269
"The non-passphrase key will then be used to generate a certificate that can "
9667
10270
"be used with various service daemons."
9668
10271
msgstr "这一节的内容包括生成有密码保护和没有密码保护的密钥。没有密码保护的密钥将被用做生成一个可被各种服务使用的数字证书。"
9669
10272
9670
#: serverguide/C/security.xml:1421(para)
10273
#: serverguide/C/security.xml:1368(para)
9671
10274
msgid ""
9672
10275
"Running your secure service without a passphrase is convenient because you "
9673
10276
"will not need to enter the passphrase every time you start your secure "
9676
10279
msgstr ""
9677
10280
"使用没有密码保护的私钥来运行服务很方便,因为你不需要在每次启动服务的时候输入密码。但是这是不安全的,而且对私钥的威胁同样也是对服务器的威胁。"
9678
10281
9679
#: serverguide/C/security.xml:1428(para)
10282
#: serverguide/C/security.xml:1375(para)
9680
10283
msgid ""
9681
10284
"To generate the <emphasis>keys</emphasis> for the Certificate Signing "
9682
10285
"Request (CSR) run the following command from a terminal prompt:"
9683
msgstr ""
10286
msgstr "在终端提示符下运行以下命令来为这个证书签名请求(CSR)生成<emphasis>keys</emphasis>:"
9684
10287
9685
#: serverguide/C/security.xml:1434(command)
10288
#: serverguide/C/security.xml:1381(command)
9686
10289
msgid "openssl genrsa -des3 -out server.key 1024"
9687
10290
msgstr "openssl genrsa -des3 -out server.key 1024"
9688
10291
9689
#: serverguide/C/security.xml:1437(programlisting)
10292
#: serverguide/C/security.xml:1384(programlisting)
9690
10293
#, no-wrap
9691
10294
msgid ""
9692
10295
"\n"
9705
10308
"e is 65537 (0x10001)\n"
9706
10309
"Enter pass phrase for server.key:\n"
9707
10310
9708
#: serverguide/C/security.xml:1446(para)
10311
#: serverguide/C/security.xml:1393(para)
9709
10312
msgid ""
9710
10313
"You can now enter your passphrase. For best security, it should at least "
9711
10314
"contain eight characters. The minimum length when specifying -des3 is four "
9715
10318
"您现在可以输入您的 passphrase。为了最大程度的安全,它至少应该包含八个字符。当指定 -des3 "
9716
10319
"时最小长度为四个字符。它应该包含数字和/或标点符号,并且不应该是字典中的单词。也请记住您的 passphrase 是大小写敏感的。"
9717
10320
9718
#: serverguide/C/security.xml:1454(para)
10321
#: serverguide/C/security.xml:1401(para)
9719
10322
msgid ""
9720
10323
"Re-type the passphrase to verify. Once you have re-typed it correctly, the "
9721
10324
"server key is generated and stored in the <filename>server.key</filename> "
9722
10325
"file."
9723
10326
msgstr ""
9724
10327
9725
#: serverguide/C/security.xml:1460(para)
10328
#: serverguide/C/security.xml:1407(para)
9726
10329
msgid ""
9727
10330
"Now create the insecure key, the one without a passphrase, and shuffle the "
9728
10331
"key names:"
9729
10332
msgstr ""
9730
10333
9731
#: serverguide/C/security.xml:1466(command)
10334
#: serverguide/C/security.xml:1413(command)
9732
10335
msgid "openssl rsa -in server.key -out server.key.insecure"
9733
10336
msgstr "openssl rsa -in server.key -out server.key.insecure"
9734
10337
9735
#: serverguide/C/security.xml:1467(command)
10338
#: serverguide/C/security.xml:1414(command)
9736
10339
msgid "mv server.key server.key.secure"
9737
10340
msgstr "mv server.key server.key.secure"
9738
10341
9739
#: serverguide/C/security.xml:1468(command)
10342
#: serverguide/C/security.xml:1415(command)
9740
10343
msgid "mv server.key.insecure server.key"
9741
10344
msgstr "mv server.key.insecure server.key"
9742
10345
9743
#: serverguide/C/security.xml:1471(para)
10346
#: serverguide/C/security.xml:1418(para)
9744
10347
msgid ""
9745
10348
"The insecure key is now named <filename>server.key</filename>, and you can "
9746
10349
"use this file to generate the CSR without passphrase."
9747
10350
msgstr ""
9748
10351
9749
#: serverguide/C/security.xml:1476(para)
10352
#: serverguide/C/security.xml:1423(para)
9750
10353
msgid "To create the CSR, run the following command at a terminal prompt:"
9751
10354
msgstr "要创建 CSR,可以在终端提示符后运行以下命令:"
9752
10355
9753
#: serverguide/C/security.xml:1481(command)
10356
#: serverguide/C/security.xml:1428(command)
9754
10357
msgid "openssl req -new -key server.key -out server.csr"
9755
10358
msgstr "openssl req -new -key server.key -out server.csr"
9756
10359
9757
#: serverguide/C/security.xml:1484(para)
10360
#: serverguide/C/security.xml:1431(para)
9758
10361
msgid ""
9759
10362
"It will prompt you enter the passphrase. If you enter the correct "
9760
"passphrase, it will prompt you to enter Company Name, Once you enter all "
9761
"these details, your CSR will be created and it will be stored in the "
9762
"<filename>server.csr</filename> file. Site Name, Email Id, etc."
10363
"passphrase, it will prompt you to enter Company Name, Site Name, Email Id, "
10364
"etc. Once you enter all these details, your CSR will be created and it will "
10365
"be stored in the <filename>server.csr</filename> file."
9763
10366
msgstr ""
9764
10367
9765
#: serverguide/C/security.xml:1492(para)
10368
#: serverguide/C/security.xml:1439(para)
9766
10369
msgid ""
9767
10370
"You can now submit this CSR file to a CA for processing. The CA will use "
9768
10371
"this CSR file and issue the certificate. On the other hand, you can create "
9769
10372
"self-signed certificate using this CSR."
9770
10373
msgstr ""
9771
10374
9772
#: serverguide/C/security.xml:1500(title)
10375
#: serverguide/C/security.xml:1447(title)
9773
10376
msgid "Creating a Self-Signed Certificate"
9774
10377
msgstr "创建一个自己签署的证书"
9775
10378
9776
#: serverguide/C/security.xml:1501(para)
10379
#: serverguide/C/security.xml:1448(para)
9777
10380
msgid ""
9778
10381
"To create the self-signed certificate, run the following command at a "
9779
10382
"terminal prompt:"
9780
10383
msgstr "要创建自己签署的证书,在终端提示符下运行以下命令:"
9781
10384
9782
#: serverguide/C/security.xml:1506(command)
10385
#: serverguide/C/security.xml:1453(command)
9783
10386
msgid ""
9784
10387
"openssl x509 -req -days 365 -in server.csr -signkey server.key -out "
9785
10388
"server.crt"
9787
10390
"openssl x509 -req -days 365 -in server.csr -signkey server.key -out "
9788
10391
"server.crt"
9789
10392
9790
#: serverguide/C/security.xml:1509(para)
10393
#: serverguide/C/security.xml:1456(para)
9791
10394
msgid ""
9792
10395
"The above command will prompt you to enter the passphrase. Once you enter "
9793
10396
"the correct passphrase, your certificate will be created and it will be "
9796
10399
"上述命令将提示您输入 passphrase。一旦您输入正确的 passphrase,您的证书将被创建并将保存在 "
9797
10400
"<filename>server.crt</filename> 文件中。"
9798
10401
9799
#: serverguide/C/security.xml:1514(para)
10402
#: serverguide/C/security.xml:1461(para)
9800
10403
msgid ""
9801
10404
"If your secure server is to be used in a production environment, you "
9802
10405
"probably need a CA-signed certificate. It is not recommended to use self-"
9803
10406
"signed certificate."
9804
10407
msgstr "如果您的安全服务器被用在生产环境中,你也许需要 CA 签署的证书。并不推荐使用自己签署的证书。"
9805
10408
9806
#: serverguide/C/security.xml:1522(title)
10409
#: serverguide/C/security.xml:1469(title)
9807
10410
msgid "Installing the Certificate"
9808
10411
msgstr "安装证书"
9809
10412
9810
#: serverguide/C/security.xml:1524(para)
10413
#: serverguide/C/security.xml:1471(para)
9811
10414
msgid ""
9812
10415
"You can install the key file <filename>server.key</filename> and certificate "
9813
10416
"file <filename>server.crt</filename>, or the certificate file issued by your "
9814
10417
"CA, by running following commands at a terminal prompt:"
9815
10418
msgstr ""
10419
"您可以通过在终端提示符下运行以下命令来安装密钥文件<filename>server.key</filename>和证书文件<filename>server"
10420
".crt</filename>,或是由您的CA签发的证书文件。"
9816
10421
9817
#: serverguide/C/security.xml:1530(command)
10422
#: serverguide/C/security.xml:1477(command)
9818
10423
msgid "sudo cp server.crt /etc/ssl/certs"
9819
10424
msgstr "sudo cp server.crt /etc/ssl/certs"
9820
10425
9821
#: serverguide/C/security.xml:1531(command)
10426
#: serverguide/C/security.xml:1478(command)
9822
10427
msgid "sudo cp server.key /etc/ssl/private"
9823
10428
msgstr "sudo cp server.key /etc/ssl/private"
9824
10429
9825
#: serverguide/C/security.xml:1533(para)
10430
#: serverguide/C/security.xml:1480(para)
9826
10431
msgid ""
9827
10432
"Now simply configure any applications, with the ability to use public-key "
9828
10433
"cryptography, to use the <emphasis>certificate</emphasis> and "
9831
10436
"<application>Dovecot</application> can provide IMAPS and POP3S, etc."
9832
10437
msgstr ""
9833
10438
9834
#: serverguide/C/security.xml:1540(title)
10439
#: serverguide/C/security.xml:1487(title)
9835
10440
msgid "Certification Authority"
9836
msgstr ""
10441
msgstr "认证机构"
9837
10442
9838
#: serverguide/C/security.xml:1542(para)
10443
#: serverguide/C/security.xml:1489(para)
9839
10444
msgid ""
9840
10445
"If the services on your network require more than a few self-signed "
9841
10446
"certificates it may be worth the additional effort to setup your own "
9845
10450
"the same CA."
9846
10451
msgstr ""
9847
10452
9848
#: serverguide/C/security.xml:1552(para)
10453
#: serverguide/C/security.xml:1499(para)
9849
10454
msgid ""
9850
10455
"First, create the directories to hold the CA certificate and related files:"
9851
msgstr ""
10456
msgstr "首先,创建一个目录,用来存放CA证书及其相关文件:"
9852
10457
9853
#: serverguide/C/security.xml:1557(command)
10458
#: serverguide/C/security.xml:1504(command)
9854
10459
msgid "sudo mkdir /etc/ssl/CA"
9855
10460
msgstr "sudo mkdir /etc/ssl/CA"
9856
10461
9857
#: serverguide/C/security.xml:1558(command)
10462
#: serverguide/C/security.xml:1505(command)
9858
10463
msgid "sudo mkdir /etc/ssl/newcerts"
9859
10464
msgstr "sudo mkdir /etc/ssl/newcerts"
9860
10465
9861
#: serverguide/C/security.xml:1564(para)
10466
#: serverguide/C/security.xml:1511(para)
9862
10467
msgid ""
9863
10468
"The CA needs a few additional files to operate, one to keep track of the "
9864
10469
"last serial number used by the CA, each certificate must have a unique "
9866
10471
"issued:"
9867
10472
msgstr ""
9868
10473
9869
#: serverguide/C/security.xml:1571(command)
10474
#: serverguide/C/security.xml:1518(command)
9870
10475
msgid "sudo sh -c \"echo '01' > /etc/ssl/CA/serial\""
9871
10476
msgstr "sudo sh -c \"echo '01' > /etc/ssl/CA/serial\""
9872
10477
9873
#: serverguide/C/security.xml:1572(command)
10478
#: serverguide/C/security.xml:1519(command)
9874
10479
msgid "sudo touch /etc/ssl/CA/index.txt"
9875
10480
msgstr "sudo touch /etc/ssl/CA/index.txt"
9876
10481
9877
#: serverguide/C/security.xml:1578(para)
10482
#: serverguide/C/security.xml:1525(para)
9878
10483
msgid ""
9879
10484
"The third file is a CA configuration file. Though not strictly necessary, it "
9880
10485
"is very convenient when issuing multiple certificates. Edit "
9882
10487
"]</emphasis> change:"
9883
10488
msgstr ""
9884
10489
9885
#: serverguide/C/security.xml:1584(programlisting)
10490
#: serverguide/C/security.xml:1531(programlisting)
9886
10491
#, no-wrap
9887
10492
msgid ""
9888
10493
"\n"
9899
10504
"serial = $dir/CA/serial # The current serial number\n"
9900
10505
"private_key = $dir/private/cakey.pem# The private key\n"
9901
10506
9902
#: serverguide/C/security.xml:1595(para)
10507
#: serverguide/C/security.xml:1542(para)
9903
10508
msgid "Next, create the self-singed root certificate:"
9904
10509
msgstr "接下来,创建自签根证书:"
9905
10510
9906
#: serverguide/C/security.xml:1600(command)
10511
#: serverguide/C/security.xml:1547(command)
9907
10512
msgid ""
9908
10513
"openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -"
9909
10514
"days 3650"
9911
10516
"openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -"
9912
10517
"days 3650"
9913
10518
9914
#: serverguide/C/security.xml:1603(para)
10519
#: serverguide/C/security.xml:1550(para)
9915
10520
msgid "You will then be asked to enter the details about the certificate."
9916
10521
msgstr "您将被要求输入关于证书的详情。"
9917
10522
9918
#: serverguide/C/security.xml:1610(para)
10523
#: serverguide/C/security.xml:1557(para)
9919
10524
msgid "Now install the root certificate and key:"
9920
10525
msgstr "现在安装根证书和钥匙:"
9921
10526
9922
#: serverguide/C/security.xml:1615(command)
10527
#: serverguide/C/security.xml:1562(command)
9923
10528
msgid "sudo mv cakey.pem /etc/ssl/private/"
9924
10529
msgstr "sudo mv cakey.pem /etc/ssl/private/"
9925
10530
9926
#: serverguide/C/security.xml:1616(command)
10531
#: serverguide/C/security.xml:1563(command)
9927
10532
msgid "sudo mv cacert.pem /etc/ssl/certs/"
9928
10533
msgstr "sudo mv cacert.pem /etc/ssl/certs/"
9929
10534
9930
#: serverguide/C/security.xml:1622(para)
10535
#: serverguide/C/security.xml:1569(para)
9931
10536
msgid ""
9932
10537
"You are now ready to start signing certificates. The first item needed is a "
9933
10538
"Certificate Signing Request (CSR), see <xref linkend=\"generating-a-csr\"/> "
9935
10540
"certificate signed by the CA:"
9936
10541
msgstr ""
9937
10542
9938
#: serverguide/C/security.xml:1629(command)
10543
#: serverguide/C/security.xml:1576(command)
9939
10544
msgid "sudo openssl ca -in server.csr -config /etc/ssl/openssl.cnf"
9940
10545
msgstr "sudo openssl ca -in server.csr -config /etc/ssl/openssl.cnf"
9941
10546
9942
#: serverguide/C/security.xml:1632(para)
10547
#: serverguide/C/security.xml:1579(para)
9943
10548
msgid ""
9944
10549
"After entering the password for the CA key, you will be prompted to sign the "
9945
10550
"certificate, and again to commit the new certificate. You should then see a "
9946
10551
"somewhat large amount of output related to the certificate creation."
9947
10552
msgstr ""
9948
10553
9949
#: serverguide/C/security.xml:1641(para)
10554
#: serverguide/C/security.xml:1588(para)
9950
10555
msgid ""
9951
10556
"There should now be a new file, "
9952
10557
"<filename>/etc/ssl/newcerts/01.pem</filename>, containing the same output. "
9957
10562
"descriptive name."
9958
10563
msgstr ""
9959
10564
9960
#: serverguide/C/security.xml:1649(para)
10565
#: serverguide/C/security.xml:1596(para)
9961
10566
msgid ""
9962
10567
"Subsequent certificates will be named <filename>02.pem</filename>, "
9963
10568
"<filename>03.pem</filename>, etc."
9964
10569
msgstr ""
10570
"随后产生的证书将被命名为<filename>02.pem</filename>, <filename>03.pem</filename>,等等。"
9965
10571
9966
#: serverguide/C/security.xml:1654(para)
10572
#: serverguide/C/security.xml:1601(para)
9967
10573
msgid ""
9968
10574
"Replace <emphasis>mail.example.com.crt</emphasis> with your own descriptive "
9969
10575
"name."
9970
msgstr ""
10576
msgstr "用你自己具有描述性的名字来替代<emphasis>mail.example.com.crt</emphasis>。"
9971
10577
9972
#: serverguide/C/security.xml:1662(para)
10578
#: serverguide/C/security.xml:1609(para)
9973
10579
msgid ""
9974
10580
"Finally, copy the new certificate to the host that needs it, and configure "
9975
10581
"the appropriate applications to use it. The default location to install "
9978
10584
"complicated file permissions."
9979
10585
msgstr ""
9980
10586
9981
#: serverguide/C/security.xml:1668(para)
10587
#: serverguide/C/security.xml:1615(para)
9982
10588
msgid ""
9983
10589
"For applications that can be configured to use a CA certificate, you should "
9984
10590
"also copy the <filename>/etc/ssl/certs/cacert.pem</filename> file to the "
9986
10592
"server."
9987
10593
msgstr ""
9988
10594
9989
#: serverguide/C/security.xml:1682(para)
10595
#: serverguide/C/security.xml:1629(para)
9990
10596
msgid ""
9991
10597
"For more detailed instructions on using cryptography see the <ulink "
9992
10598
"url=\"http://tldp.org/HOWTO/SSL-Certificates-HOWTO/index.html\">SSL "
9993
10599
"Certificates HOWTO</ulink> by tlpd.org"
9994
10600
msgstr ""
10601
"要得到更多关于加密的指导,请参阅由tlpd.org编写的<ulink url=\"http://tldp.org/HOWTO/SSL-"
10602
"Certificates-HOWTO/index.html\">SSL Certificates HOWTO</ulink>。"
9995
10603
9996
#: serverguide/C/security.xml:1688(para)
10604
#: serverguide/C/security.xml:1635(para)
9997
10605
msgid ""
9998
10606
"<ulink url=\"http://www.pki-page.org/\">The PKI Page</ulink> contains a list "
9999
10607
"of Certificate Authorities."
10000
10608
msgstr ""
10001
10609
10002
#: serverguide/C/security.xml:1693(para)
10610
#: serverguide/C/security.xml:1640(para)
10003
10611
msgid ""
10004
10612
"The Wikipedia <ulink "
10005
10613
"url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink> page has more "
10006
10614
"information regarding HTTPS."
10007
10615
msgstr ""
10616
"维基上关于<ulink "
10617
"url=\"http://en.wikipedia.org/wiki/Https\">HTTPS</ulink>的页面有更多关于HTTPS的信息。"
10008
10618
10009
#: serverguide/C/security.xml:1698(para)
10619
#: serverguide/C/security.xml:1645(para)
10010
10620
msgid ""
10011
10621
"For more information on <emphasis>OpenSSL</emphasis> see the <ulink "
10012
10622
"url=\"http://www.openssl.org/\">OpenSSL Home Page</ulink>."
10013
10623
msgstr ""
10624
"更多关于 <emphasis>OpenSSL</emphasis> 的信息,请参阅 <ulink "
10625
"url=\"http://www.openssl.org/\">OpenSSL 主页</ulink>。"
10014
10626
10015
#: serverguide/C/security.xml:1703(para)
10627
#: serverguide/C/security.xml:1650(para)
10016
10628
msgid ""
10017
10629
"Also, O'Reilly's <ulink "
10018
10630
"url=\"http://oreilly.com/catalog/9780596002701/\">Network Security with "
10019
10631
"OpenSSL</ulink> is a good in depth reference."
10020
10632
msgstr ""
10021
10633
10022
#: serverguide/C/security.xml:1712(title)
10634
#: serverguide/C/security.xml:1659(title)
10023
10635
msgid "eCryptfs"
10024
10636
msgstr "eCryptfs"
10025
10637
10026
#: serverguide/C/security.xml:1714(para)
10638
#: serverguide/C/security.xml:1661(para)
10027
10639
msgid ""
10028
10640
"<emphasis>eCryptfs</emphasis> is a POSIX-compliant enterprise-class stacked "
10029
10641
"cryptographic filesystem for Linux. Layering on top of the filesystem layer "
10031
10643
"filesystem, partition type, etc."
10032
10644
msgstr ""
10033
10645
10034
#: serverguide/C/security.xml:1720(para)
10646
#: serverguide/C/security.xml:1667(para)
10035
10647
msgid ""
10036
10648
"During installation there is an option to encrypt the <filename "
10037
10649
"role=\"directory\">/home</filename> partition. This will automatically "
10038
10650
"configure everything needed to encrypt and mount the partition."
10039
10651
msgstr ""
10652
"在安装过程中有一个加密 <filename role=\"directory\">/home</filename> "
10653
"分区的选项,该选项会自动完成有关加密及挂载该分区的所有配置。"
10040
10654
10041
#: serverguide/C/security.xml:1725(para)
10655
#: serverguide/C/security.xml:1672(para)
10042
10656
msgid ""
10043
10657
"As an example, this section will cover configuring <filename "
10044
10658
"role=\"directory\">/srv</filename> to be encrypted using eCryptfs."
10045
10659
msgstr ""
10660
"作为一个例子,本节将涵盖如何使用 eCryptfs 来加密 <filename role=\"directory\">/srv</filename> "
10661
"的内容。"
10046
10662
10047
#: serverguide/C/security.xml:1730(title)
10663
#: serverguide/C/security.xml:1677(title)
10048
10664
msgid "Using eCryptfs"
10049
10665
msgstr "使用 eCryptfs"
10050
10666
10051
#: serverguide/C/security.xml:1732(para)
10667
#: serverguide/C/security.xml:1679(para)
10052
10668
msgid "First, install the necessary packages. From a terminal prompt enter:"
10053
10669
msgstr "首先,安装必要的软件包。在终端输入:"
10054
10670
10055
#: serverguide/C/security.xml:1737(command)
10671
#: serverguide/C/security.xml:1684(command)
10056
10672
msgid "sudo apt-get install ecryptfs-utils"
10057
10673
msgstr "sudo apt-get install ecryptfs-utils"
10058
10674
10059
#: serverguide/C/security.xml:1740(para)
10675
#: serverguide/C/security.xml:1687(para)
10060
10676
msgid "Now mount the partition to be encrypted:"
10061
10677
msgstr "现在挂载要加密的分区:"
10062
10678
10063
#: serverguide/C/security.xml:1745(command)
10679
#: serverguide/C/security.xml:1692(command)
10064
10680
msgid "sudo mount -t ecryptfs /srv /srv"
10065
10681
msgstr "sudo mount -t ecryptfs /srv /srv"
10066
10682
10067
#: serverguide/C/security.xml:1748(para)
10683
#: serverguide/C/security.xml:1695(para)
10068
10684
msgid ""
10069
10685
"You will then be prompted for some details on how "
10070
10686
"<application>ecryptfs</application> should encrypt the data."
10071
10687
msgstr "你接下来会看到有关<application>ecryptfs</application>如何加密数据的详细信息。"
10072
10688
10073
#: serverguide/C/security.xml:1752(para)
10689
#: serverguide/C/security.xml:1699(para)
10074
10690
msgid ""
10075
10691
"To test that files placed in <filename>/srv</filename> are indeed encrypted "
10076
10692
"copy the <filename>/etc/default</filename> folder to "
10079
10695
"要测试<filename>/srv</filename>内的文件是否确实已加密,将文件夹<filename>/etc/default</filename>"
10080
10696
"复制到<filename>/srv</filename>:"
10081
10697
10082
#: serverguide/C/security.xml:1758(command) serverguide/C/clustering.xml:192(command)
10698
#: serverguide/C/security.xml:1705(command) serverguide/C/clustering.xml:192(command)
10083
10699
msgid "sudo cp -r /etc/default /srv"
10084
10700
msgstr "sudo cp -r /etc/default /srv"
10085
10701
10086
#: serverguide/C/security.xml:1761(para)
10702
#: serverguide/C/security.xml:1708(para)
10087
10703
msgid "Now unmount <filename>/srv</filename>, and try to view a file:"
10088
10704
msgstr "现在卸载<filename>/srv</filename>,并尝试查看一个文件:"
10089
10705
10090
#: serverguide/C/security.xml:1766(command) serverguide/C/installation.xml:1089(command) serverguide/C/clustering.xml:200(command)
10706
#: serverguide/C/security.xml:1713(command) serverguide/C/installation.xml:1138(command) serverguide/C/clustering.xml:200(command)
10091
10707
msgid "sudo umount /srv"
10092
10708
msgstr "sudo umount /srv"
10093
10709
10094
#: serverguide/C/security.xml:1767(command)
10710
#: serverguide/C/security.xml:1714(command)
10095
10711
msgid "cat /srv/default/cron"
10096
10712
msgstr "cat /srv/default/cron"
10097
10713
10098
#: serverguide/C/security.xml:1770(para)
10714
#: serverguide/C/security.xml:1717(para)
10099
10715
msgid ""
10100
10716
"Remounting <filename>/srv</filename> using "
10101
10717
"<application>ecryptfs</application> will make the data viewable once again."
10102
10718
msgstr ""
10103
10719
"再次使用<application>ecryptfs</application>挂载<filename>/srv</filename>将会让数据再次可查看。"
10104
10720
10105
#: serverguide/C/security.xml:1776(title)
10721
#: serverguide/C/security.xml:1723(title)
10106
10722
msgid "Automatically Mounting Encrypted Partitions"
10107
10723
msgstr "自动挂载加密分区"
10108
10724
10109
#: serverguide/C/security.xml:1778(para)
10725
#: serverguide/C/security.xml:1725(para)
10110
10726
msgid ""
10111
10727
"There are a couple of ways to automatically mount an "
10112
10728
"<application>ecryptfs</application> encrypted filesystem at boot. This "
10113
10729
"example will use a <filename>/root/.ecryptfsrc</filename> file containing "
10114
10730
"mount options, along with a passphrase file residing on a USB key."
10115
10731
msgstr ""
10732
"要在启动时加载 <application>ecryptfs</application> "
10733
"加密文件系统,有几种不同的方式。在本例中,我们将使用一个包含挂载选项的 <filename>/root/.ecryptfsrc</filename> "
10734
"文件,和一个保存在 USB 设备上的密码文件。"
10116
10735
10117
#: serverguide/C/security.xml:1784(para)
10736
#: serverguide/C/security.xml:1731(para)
10118
10737
msgid "First, create <filename>/root/.ecryptfsrc</filename> containing:"
10119
10738
msgstr "首先,创建<filename>/root/.ecryptfsrc</filename>,并加入:"
10120
10739
10121
#: serverguide/C/security.xml:1788(programlisting)
10740
#: serverguide/C/security.xml:1735(programlisting)
10122
10741
#, no-wrap
10123
10742
msgid ""
10124
10743
"\n"
10137
10756
"ecryptfs_passthrough=n\n"
10138
10757
"ecryptfs_enable_filename_crypto=n\n"
10139
10758
10140
#: serverguide/C/security.xml:1798(para)
10759
#: serverguide/C/security.xml:1745(para)
10141
10760
msgid ""
10142
10761
"Adjust the <emphasis>ecryptfs_sig</emphasis> to the signature in "
10143
10762
"<filename>/root/.ecryptfs/sig-cache.txt</filename>."
10144
10763
msgstr ""
10145
10764
10146
#: serverguide/C/security.xml:1803(para)
10765
#: serverguide/C/security.xml:1750(para)
10147
10766
msgid ""
10148
10767
"Next, create the <filename>/mnt/usb/passwd_file.txt</filename> passphrase "
10149
10768
"file:"
10150
10769
msgstr ""
10151
10770
10152
#: serverguide/C/security.xml:1807(programlisting)
10771
#: serverguide/C/security.xml:1754(programlisting)
10153
10772
#, no-wrap
10154
10773
msgid ""
10155
10774
"\n"
10158
10777
"\n"
10159
10778
"passphrase_passwd=[secrets]\n"
10160
10779
10161
#: serverguide/C/security.xml:1811(para)
10780
#: serverguide/C/security.xml:1758(para)
10162
10781
msgid "Now add the necessary lines to <filename>/etc/fstab</filename>:"
10163
10782
msgstr "现在将相应字段加入到<filename>/etc/fstab</filename>:"
10164
10783
10165
#: serverguide/C/security.xml:1815(programlisting)
10784
#: serverguide/C/security.xml:1762(programlisting)
10166
10785
#, no-wrap
10167
10786
msgid ""
10168
10787
"\n"
10173
10792
"/dev/sdb1 /mnt/usb ext3 ro 0 0\n"
10174
10793
"/srv /srv ecryptfs defaults 0 0\n"
10175
10794
10176
#: serverguide/C/security.xml:1820(para)
10795
#: serverguide/C/security.xml:1767(para)
10177
10796
msgid "Make sure the USB drive is mounted before the encrypted partition."
10178
10797
msgstr "确信USB驱动器在加密分区之前得到挂载。"
10179
10798
10180
#: serverguide/C/security.xml:1824(para)
10799
#: serverguide/C/security.xml:1771(para)
10181
10800
msgid ""
10182
10801
"Finally, reboot and the <filename>/srv</filename> should be mounted using "
10183
10802
"ecryptfs."
10184
10803
msgstr "最后,重启,<filename>/srv</filename>应该已经使用ecryptfs挂载了。"
10185
10804
10186
#: serverguide/C/security.xml:1832(para)
10805
#: serverguide/C/security.xml:1779(para)
10187
10806
msgid ""
10188
10807
"The <application>ecryptfs-utils</application> package includes several other "
10189
10808
"useful utilities:"
10190
10809
msgstr "<application>ecryptfs-utils</application>软件包包含几个其它的有用工具:"
10191
10810
10192
#: serverguide/C/security.xml:1838(para)
10811
#: serverguide/C/security.xml:1785(para)
10193
10812
msgid ""
10194
10813
"<emphasis>ecryptfs-setup-private:</emphasis> creates a "
10195
10814
"<filename>~/Private</filename> directory to contain encrypted information. "
10197
10816
"other users on the system."
10198
10817
msgstr ""
10199
10818
10200
#: serverguide/C/security.xml:1845(para)
10819
#: serverguide/C/security.xml:1792(para)
10201
10820
msgid ""
10202
10821
"<emphasis>ecryptfs-mount-private and ecryptfs-umount-private:</emphasis> "
10203
10822
"will mount and unmount respectively, a users <filename>~/Private</filename> "
10204
10823
"directory."
10205
10824
msgstr ""
10206
10825
10207
#: serverguide/C/security.xml:1851(para)
10826
#: serverguide/C/security.xml:1798(para)
10208
10827
msgid ""
10209
10828
"<emphasis>ecryptfs-add-passphrase:</emphasis> adds a new passphrase to the "
10210
10829
"kernel keyring."
10211
10830
msgstr ""
10212
10831
10213
#: serverguide/C/security.xml:1856(para)
10832
#: serverguide/C/security.xml:1803(para)
10214
10833
msgid ""
10215
10834
"<emphasis>ecryptfs-manager:</emphasis> manages "
10216
10835
"<application>eCryptfs</application> objects such as keys."
10217
10836
msgstr ""
10218
10837
10219
#: serverguide/C/security.xml:1861(para)
10838
#: serverguide/C/security.xml:1808(para)
10220
10839
msgid ""
10221
10840
"<emphasis>ecryptfs-stat:</emphasis> allows you to view the "
10222
10841
"<application>ecryptfs</application> meta information for a file."
10223
10842
msgstr ""
10224
10843
10225
#: serverguide/C/security.xml:1874(para)
10844
#: serverguide/C/security.xml:1821(para)
10226
10845
msgid ""
10227
10846
"For more information on eCryptfs see the <ulink "
10228
"url=\"https://launchpad.net/ecryptfs\">Launch Pad project page</ulink>"
10847
"url=\"https://launchpad.net/ecryptfs\">Launchpad project page</ulink>."
10229
10848
msgstr ""
10230
10849
10231
#: serverguide/C/security.xml:1879(para)
10850
#: serverguide/C/security.xml:1826(para)
10232
10851
msgid ""
10233
10852
"There is also a <ulink "
10234
10853
"url=\"http://www.linuxjournal.com/article/9400\">Linux Journal</ulink> "
10235
10854
"article covering eCryptfs."
10236
10855
msgstr ""
10856
"在<ulink url=\"http://www.linuxjournal.com/article/9400\">Linux "
10857
"Journal</ulink> 上也有关于eCryptfs的文章。"
10237
10858
10238
#: serverguide/C/security.xml:1884(para)
10859
#: serverguide/C/security.xml:1831(para)
10239
10860
msgid ""
10240
10861
"Also, for more <application>ecryptfs</application> options see the <ulink "
10241
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man7/ecryptfs.7.html\">ec"
10242
"ryptfs man page</ulink>."
10862
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man7/ecryptfs.7.html\">ecr"
10863
"yptfs man page</ulink>."
10864
msgstr ""
10865
10866
#: serverguide/C/security.xml:1837(para)
10867
msgid ""
10868
"The <ulink url=\"https://help.ubuntu.com/community/eCryptfs\">eCryptfs "
10869
"Ubuntu Wiki</ulink> page also has more details."
10870
msgstr ""
10871
10872
#: serverguide/C/reporting-bugs.xml:13(title)
10873
msgid "Appendix"
10874
msgstr ""
10875
10876
#: serverguide/C/reporting-bugs.xml:16(title)
10877
msgid "Reporting Bugs in Ubuntu Server Edition"
10878
msgstr ""
10879
10880
#: serverguide/C/reporting-bugs.xml:18(para)
10881
msgid ""
10882
"While the Ubuntu Project attempts to release software with as few bugs as "
10883
"possible, they do occur. You can help fix these bugs by reporting ones that "
10884
"you find to the project. The Ubuntu Project uses <ulink "
10885
"url=\"https://launchpad.net/\">Launchpad</ulink> to track its bug reports. "
10886
"In order to file a bug about Ubuntu Server on Launchpad, you will need to "
10887
"<ulink url=\"https://help.launchpad.net/YourAccount/NewAccount\">create an "
10888
"account</ulink>."
10889
msgstr ""
10890
10891
#: serverguide/C/reporting-bugs.xml:30(title)
10892
msgid "Reporting Bugs With ubuntu-bug"
10893
msgstr ""
10894
10895
#: serverguide/C/reporting-bugs.xml:32(para)
10896
msgid ""
10897
"The preferred way to report a bug is with the <application>ubuntu-"
10898
"bug</application> command. The ubuntu-bug tool gathers information about the "
10899
"system useful to developers in diagnosing the reported problem that will "
10900
"then be included in the bug report filed on Launchpad. Bug reports in Ubuntu "
10901
"need to be filed against a specific software package, thus the name of the "
10902
"package that the bug occurs in needs to be given to ubuntu-bug:"
10903
msgstr ""
10904
10905
#: serverguide/C/reporting-bugs.xml:43(command)
10906
msgid "ubuntu-bug PACKAGENAME"
10907
msgstr ""
10908
10909
#: serverguide/C/reporting-bugs.xml:46(para)
10910
msgid ""
10911
"For example, to file a bug against the openssh-server package, you would do:"
10912
msgstr ""
10913
10914
#: serverguide/C/reporting-bugs.xml:51(command)
10915
msgid "ubuntu-bug openssh-server"
10916
msgstr ""
10917
10918
#: serverguide/C/reporting-bugs.xml:54(para)
10919
msgid ""
10920
"You can specify either a binary package or the source package for ubuntu-"
10921
"bug. Again using openssh-server as an example, you could also generate the "
10922
"report against the source package for openssh-server, openssh:"
10923
msgstr ""
10924
10925
#: serverguide/C/reporting-bugs.xml:62(command)
10926
msgid "ubuntu-bug openssh"
10927
msgstr ""
10928
10929
#: serverguide/C/reporting-bugs.xml:66(para)
10930
msgid ""
10931
"See <xref linkend=\"package-management\"/> for more information about "
10932
"packages in Ubuntu."
10933
msgstr ""
10934
10935
#: serverguide/C/reporting-bugs.xml:72(para)
10936
msgid ""
10937
"The ubuntu-bug command will gather information about the system in question, "
10938
"possibly including information specific to the specified package, and then "
10939
"ask you what you would like to do with collected information:"
10940
msgstr ""
10941
10942
#: serverguide/C/reporting-bugs.xml:80(command)
10943
msgid "ubuntu-bug postgresql"
10944
msgstr ""
10945
10946
#: serverguide/C/reporting-bugs.xml:79(screen)
10947
#, no-wrap
10948
msgid ""
10949
"\n"
10950
"<placeholder-1/>\n"
10951
"\n"
10952
"*** Collecting problem information\n"
10953
"\n"
10954
"The collected information can be sent to the developers to improve the\n"
10955
"application. This might take a few minutes.\n"
10956
"..........\n"
10957
"\n"
10958
"*** Send problem report to the developers?\n"
10959
"\n"
10960
"After the problem report has been sent, please fill out the form in the\n"
10961
"automatically opened web browser.\n"
10962
"\n"
10963
"What would you like to do? Your options are:\n"
10964
" S: Send report (1.7 KiB)\n"
10965
" V: View report\n"
10966
" K: Keep report file for sending later or copying to somewhere else\n"
10967
" C: Cancel\n"
10968
"Please choose (S/V/K/C):\n"
10969
msgstr ""
10970
10971
#: serverguide/C/reporting-bugs.xml:101(para)
10972
msgid "The options available are:"
10973
msgstr ""
10974
10975
#: serverguide/C/reporting-bugs.xml:108(para)
10976
msgid ""
10977
"<emphasis role=\"bold\">Send Report</emphasis> Selecting Send Report submits "
10978
"the collected information to Launchpad as part of the the process of filing "
10979
"a bug report. You will be given the opportunity to describe the situation "
10980
"that led up to the occurrance of the bug."
10981
msgstr ""
10982
10983
#: serverguide/C/reporting-bugs.xml:115(screen)
10984
#, no-wrap
10985
msgid ""
10986
"\n"
10987
"*** Uploading problem information\n"
10988
"\n"
10989
"The collected information is being sent to the bug tracking system.\n"
10990
"This might take a few minutes.\n"
10991
"91%\n"
10992
"\n"
10993
"*** To continue, you must visit the following URL:\n"
10994
"\n"
10995
" https://bugs.launchpad.net/ubuntu/+source/postgresql-"
10996
"8.4/+filebug/kc6eSnTLnLxF8u0t3e56EukFeqJ?\n"
10997
"\n"
10998
"You can launch a browser now, or copy this URL into a browser on another\n"
10999
"computer.\n"
11000
"\n"
11001
"Choices:\n"
11002
" 1: Launch a browser now\n"
11003
" C: Cancel\n"
11004
"Please choose (1/C):\n"
11005
msgstr ""
11006
11007
#: serverguide/C/reporting-bugs.xml:135(para)
11008
msgid ""
11009
"If you choose to start a browser, by default the text based web browser "
11010
"<application>w3m</application> will be used to finish filing the bug report. "
11011
"Alternately, you can copy the given URL to a currently running web browser."
11012
msgstr ""
11013
11014
#: serverguide/C/reporting-bugs.xml:144(para)
11015
msgid ""
11016
"<emphasis role=\"bold\">View Report</emphasis> Selecting View Report causes "
11017
"the collected information to be displayed to the terminal for review."
11018
msgstr ""
11019
11020
#: serverguide/C/reporting-bugs.xml:150(screen)
11021
#, no-wrap
11022
msgid ""
11023
"\n"
11024
"Package: postgresql 8.4.2-2\n"
11025
"PackageArchitecture: all\n"
11026
"Tags: lucid\n"
11027
"ProblemType: Bug\n"
11028
"ProcEnviron:\n"
11029
" LANG=en_US.UTF-8\n"
11030
" SHELL=/bin/bash\n"
11031
"Uname: Linux 2.6.32-16-server x86_64\n"
11032
"Dependencies:\n"
11033
" adduser 3.112ubuntu1\n"
11034
" base-files 5.0.0ubuntu10\n"
11035
" base-passwd 3.5.22\n"
11036
" coreutils 7.4-2ubuntu2\n"
11037
"...\n"
11038
msgstr ""
11039
11040
#: serverguide/C/reporting-bugs.xml:167(para)
11041
msgid ""
11042
"After viewing the report, you will be brought back to the same menu asking "
11043
"what you would like to do with the report."
11044
msgstr ""
11045
11046
#: serverguide/C/reporting-bugs.xml:174(para)
11047
msgid ""
11048
"<emphasis role=\"bold\">Keep Report File</emphasis> Selecting Keep Report "
11049
"File causes the gathered information to be written to a file. This file can "
11050
"then be used to later file a bug report or transferred to a different Ubuntu "
11051
"system for reporting. To submit the report file, simply give it as an "
11052
"argument to the ubuntu-bug command:"
11053
msgstr ""
11054
11055
#: serverguide/C/reporting-bugs.xml:189(userinput)
11056
#, no-wrap
11057
msgid "k"
11058
msgstr ""
11059
11060
#: serverguide/C/reporting-bugs.xml:192(command)
11061
msgid "ubuntu-bug /tmp/apport.postgresql.v4MQas.apport"
11062
msgstr ""
11063
11064
#: serverguide/C/reporting-bugs.xml:183(screen)
11065
#, no-wrap
11066
msgid ""
11067
"\n"
11068
"What would you like to do? Your options are:\n"
11069
" S: Send report (1.7 KiB)\n"
11070
" V: View report\n"
11071
" K: Keep report file for sending later or copying to somewhere else\n"
11072
" C: Cancel\n"
11073
"Please choose (S/V/K/C): <placeholder-1/>\n"
11074
"Problem report file: /tmp/apport.postgresql.v4MQas.apport\n"
11075
"\n"
11076
"<placeholder-2/>\n"
11077
"\n"
11078
"*** Send problem report to the developers?\n"
11079
"...\n"
11080
msgstr ""
11081
11082
#: serverguide/C/reporting-bugs.xml:200(para)
11083
msgid ""
11084
"<emphasis role=\"bold\">Cancel</emphasis> Selecting Cancel causes the "
11085
"collected information to be discarded."
11086
msgstr ""
11087
11088
#: serverguide/C/reporting-bugs.xml:210(title)
11089
msgid "Reporting Application Crashes"
11090
msgstr ""
11091
11092
#: serverguide/C/reporting-bugs.xml:212(para)
11093
msgid ""
11094
"The software package that provides the ubuntu-bug utility, "
11095
"<application>apport</application>, can be configured to trigger when "
11096
"applications crash. This is disabled by default, as capturing a crash can be "
11097
"resource intensive depending on how much memory the application that crashed "
11098
"was using as apport captures and processes the core dump."
11099
msgstr ""
11100
11101
#: serverguide/C/reporting-bugs.xml:221(para)
11102
msgid ""
11103
"Configuring apport to capture information about crashing applications "
11104
"requires a couple of steps. First, <application>gdb</application> needs to "
11105
"be installed; it is not installed by default in Ubuntu Server Edition."
11106
msgstr ""
11107
11108
#: serverguide/C/reporting-bugs.xml:229(command)
11109
msgid "sudo apt-get install gdb"
11110
msgstr ""
11111
11112
#: serverguide/C/reporting-bugs.xml:232(para)
11113
msgid ""
11114
"See <xref linkend=\"package-management\"/> for more information about "
11115
"managing packages in Ubuntu."
11116
msgstr ""
11117
11118
#: serverguide/C/reporting-bugs.xml:237(para)
11119
msgid ""
11120
"Once you have ensured that gdb is installed, open the file "
11121
"<filename>/etc/default/apport</filename> in your text editor, and change the "
11122
"<emphasis>enabled</emphasis> setting to be <emphasis "
11123
"role=\"bold\">1</emphasis> like so:"
11124
msgstr ""
11125
11126
#: serverguide/C/reporting-bugs.xml:244(programlisting)
11127
#, no-wrap
11128
msgid ""
11129
"\n"
11130
"# set this to 0 to disable apport, or to 1 to enable it\n"
11131
"# you can temporarily override this with\n"
11132
"# sudo service apport start force_start=1\n"
11133
"enabled=<userinput>1</userinput>\n"
11134
"\n"
11135
"# set maximum core dump file size (default: 209715200 bytes == 200 MB)\n"
11136
"maxsize=209715200\n"
11137
msgstr ""
11138
11139
#: serverguide/C/reporting-bugs.xml:254(para)
11140
msgid ""
11141
"Once you have completed editing <filename>/etc/default/apport</filename>, "
11142
"start the apport service:"
11143
msgstr ""
11144
11145
#: serverguide/C/reporting-bugs.xml:261(command)
11146
msgid "sudo start apport"
11147
msgstr ""
11148
11149
#: serverguide/C/reporting-bugs.xml:264(para)
11150
msgid ""
11151
"After an application crashes, use the <application>apport-cli</application> "
11152
"command to search for the existing saved crash report information:"
11153
msgstr ""
11154
11155
#: serverguide/C/reporting-bugs.xml:271(command)
11156
msgid "apport-cli"
11157
msgstr ""
11158
11159
#: serverguide/C/reporting-bugs.xml:270(screen)
11160
#, no-wrap
11161
msgid ""
11162
"\n"
11163
"<placeholder-1/>\n"
11164
"\n"
11165
"*** dash closed unexpectedly on 2010-03-11 at 21:40:59.\n"
11166
"\n"
11167
"If you were not doing anything confidential (entering passwords or other\n"
11168
"private information), you can help to improve the application by\n"
11169
"reporting\n"
11170
"the problem.\n"
11171
"\n"
11172
"What would you like to do? Your options are:\n"
11173
" R: Report Problem...\n"
11174
" I: Cancel and ignore future crashes of this program version\n"
11175
" C: Cancel\n"
11176
"Please choose (R/I/C):\n"
11177
msgstr ""
11178
11179
#: serverguide/C/reporting-bugs.xml:287(para)
11180
msgid ""
11181
"Selecting <emphasis>Report Problem</emphasis> will walk you through similar "
11182
"steps as when using ubuntu-bug. One important difference is that a crash "
11183
"report will be marked as private when filed on Launchpad, meaning that it "
11184
"will be visible to only a limited set of bug triagers. These triagers will "
11185
"review the gathered data for private information before making the bug "
11186
"report publicly visible."
11187
msgstr ""
11188
11189
#: serverguide/C/reporting-bugs.xml:307(para)
11190
msgid ""
11191
"See the <ulink "
11192
"url=\"https://help.ubuntu.com/community/ReportingBugs\">Reporting "
11193
"Bugs</ulink> Ubuntu wiki page."
11194
msgstr ""
11195
11196
#: serverguide/C/reporting-bugs.xml:313(para)
11197
msgid ""
11198
"Also, the <ulink url=\"https://wiki.ubuntu.com/Apport\">Apport</ulink> page "
11199
"has some useful information. Though some of it pertains to using a GUI."
10243
11200
msgstr ""
10244
11201
10245
11202
#: serverguide/C/remote-administration.xml:13(title)
10424
11381
10425
11382
#: serverguide/C/remote-administration.xml:139(para)
10426
11383
msgid "In the <filename>/etc/ssh/sshd_config</filename> file."
10427
msgstr ""
11384
msgstr "在 <filename>/etc/ssh/sshd_config</filename> 文件中。"
10428
11385
10429
11386
#: serverguide/C/remote-administration.xml:144(para)
10430
11387
msgid ""
10469
11426
10470
11427
#: serverguide/C/remote-administration.xml:173(para)
10471
11428
msgid "To generate the keys, from a terminal prompt enter:"
10472
msgstr ""
11429
msgstr "要生成一个密钥,在终端提示符下输入:"
10473
11430
10474
11431
#: serverguide/C/remote-administration.xml:177(command)
10475
11432
msgid "ssh-keygen -t dsa"
10494
11451
10495
11452
#: serverguide/C/remote-administration.xml:189(command)
10496
11453
msgid "ssh-copy-id username@remotehost"
10497
msgstr ""
11454
msgstr "ssh-copy-id username@remotehost"
10498
11455
10499
11456
#: serverguide/C/remote-administration.xml:191(para)
10500
11457
msgid ""
10505
11462
msgstr ""
10506
11463
10507
11464
#: serverguide/C/remote-administration.xml:196(command)
10508
msgid "chmod 644 .ssh/authorized_keys"
10509
msgstr "chmod 644 .ssh/authorized_keys"
11465
msgid "chmod 600 .ssh/authorized_keys"
11466
msgstr ""
10510
11467
10511
11468
#: serverguide/C/remote-administration.xml:198(para)
10512
11469
msgid ""
10513
11470
"You should now be able to SSH to the host without being prompted for a "
10514
11471
"password."
11472
msgstr "您现在应该可以通过 SSH 接入主机而不会被询问密码。"
11473
11474
#: serverguide/C/remote-administration.xml:207(para)
11475
msgid ""
11476
"<ulink url=\"https://help.ubuntu.com/community/SSH\">Ubuntu Wiki SSH</ulink> "
11477
"page."
10515
11478
msgstr ""
10516
11479
10517
#: serverguide/C/remote-administration.xml:205(ulink)
11480
#: serverguide/C/remote-administration.xml:213(ulink)
10518
11481
msgid "OpenSSH Website"
10519
11482
msgstr "OpenSSH 网站"
10520
11483
10521
#: serverguide/C/remote-administration.xml:208(ulink)
11484
#: serverguide/C/remote-administration.xml:218(ulink)
10522
11485
msgid "Advanced OpenSSH Wiki Page"
10523
11486
msgstr "高级 OpenSSH 维基页"
10524
11487
10525
#: serverguide/C/remote-administration.xml:213(title)
11488
#: serverguide/C/remote-administration.xml:226(title)
10526
11489
msgid "eBox"
10527
11490
msgstr "eBox"
10528
11491
10529
#: serverguide/C/remote-administration.xml:214(para)
11492
#: serverguide/C/remote-administration.xml:227(para)
10530
11493
msgid ""
10531
11494
"<application>eBox</application> is a web framework used to manage server "
10532
11495
"application configuration. The modular design of eBox allows you to pick and "
10533
11496
"choose which services you want to configure using eBox."
10534
11497
msgstr ""
11498
"<application>eBox</application> 是一个服务器应用设置管理 Web 框架。eBox "
11499
"模块化的设计使您可以用它来选择您需要设置的服务。"
10535
11500
10536
#: serverguide/C/remote-administration.xml:221(para)
11501
#: serverguide/C/remote-administration.xml:234(para)
10537
11502
msgid ""
10538
11503
"The different <application>eBox</application> modules are split into "
10539
11504
"different packages, allowing you to only install those necessary. One way to "
10540
11505
"view the available packages is to enter the following from a terminal:"
10541
11506
msgstr ""
10542
11507
10543
#: serverguide/C/remote-administration.xml:227(command)
11508
#: serverguide/C/remote-administration.xml:240(command)
10544
11509
msgid "apt-cache rdepends ebox | uniq"
10545
11510
msgstr "apt-cache rdepends ebox | uniq"
10546
11511
10547
#: serverguide/C/remote-administration.xml:229(para)
11512
#: serverguide/C/remote-administration.xml:242(para)
10548
11513
msgid ""
10549
11514
"To install the <application>ebox</application> package, which contains the "
10550
11515
"default modules, enter the following:"
10551
msgstr ""
11516
msgstr "要安装包含了默认模块的 <application>ebox</application> 软件包,输入下面的内容:"
10552
11517
10553
#: serverguide/C/remote-administration.xml:234(command)
11518
#: serverguide/C/remote-administration.xml:247(command)
10554
11519
msgid "sudo apt-get install ebox"
10555
11520
msgstr "sudo apt-get install ebox"
10556
11521
10557
#: serverguide/C/remote-administration.xml:237(para)
11522
#: serverguide/C/remote-administration.xml:250(para)
10558
11523
msgid ""
10559
11524
"During the installation you will be asked to supply a password for the ebox "
10560
11525
"user. After installing eBox the web interface can be accessed from: "
10561
11526
"<emphasis>https://yourserver/ebox</emphasis>."
10562
11527
msgstr ""
11528
"在安装过程中,您将会被要求提供一个 ebox 用户密码。安装 ebox 之后,您将可以访问 eBox 的 web "
11529
"界面:<emphasis>https://yourserver/ebox</emphasis>。"
10563
11530
10564
#: serverguide/C/remote-administration.xml:246(para)
11531
#: serverguide/C/remote-administration.xml:259(para)
10565
11532
msgid ""
10566
11533
"An important thing to remember when using <application>eBox</application> is "
10567
11534
"that when configuring most modules there is a <emphasis>Change</emphasis> "
10571
11538
"<quote>Save changes</quote> link in the top right hand corner."
10572
11539
msgstr ""
10573
11540
10574
#: serverguide/C/remote-administration.xml:254(para)
11541
#: serverguide/C/remote-administration.xml:267(para)
10575
11542
msgid ""
10576
11543
"Once you make a change that requires a Save, the link will change from green "
10577
11544
"to red."
10578
11545
msgstr "一旦您做了需要保存的改动,链接将会由绿色变成红色。"
10579
11546
10580
#: serverguide/C/remote-administration.xml:260(title)
11547
#: serverguide/C/remote-administration.xml:273(title)
10581
11548
msgid "eBox Modules"
10582
msgstr ""
11549
msgstr "eBox模块"
10583
11550
10584
#: serverguide/C/remote-administration.xml:261(para)
11551
#: serverguide/C/remote-administration.xml:274(para)
10585
11552
msgid ""
10586
11553
"By default all eBox <emphasis>Modules</emphasis> are not enabled, and when a "
10587
11554
"new module is installed it will not be automatically enabled."
10588
msgstr ""
11555
msgstr "默认情况下 eBox <emphasis>模块</emphasis> 没有全部启用,新模块安装后也不会自动启用。"
10589
11556
10590
#: serverguide/C/remote-administration.xml:265(para)
11557
#: serverguide/C/remote-administration.xml:278(para)
10591
11558
msgid ""
10592
11559
"To enable a disabled module click on the <emphasis>Module status</emphasis> "
10593
11560
"link in the left hand menu. Then <emphasis role=\"italic\">check</emphasis> "
10595
11562
"link."
10596
11563
msgstr ""
10597
11564
10598
#: serverguide/C/remote-administration.xml:271(title)
11565
#: serverguide/C/remote-administration.xml:284(title)
10599
11566
msgid "Default Modules"
10600
msgstr ""
11567
msgstr "默认模块"
10601
11568
10602
#: serverguide/C/remote-administration.xml:272(para)
11569
#: serverguide/C/remote-administration.xml:285(para)
10603
11570
msgid ""
10604
11571
"This section provides a quick summary of the default "
10605
11572
"<application>eBox</application> modules."
10606
msgstr ""
11573
msgstr "这里给出了默认的<application>ebox</application>模块的简介。"
10607
11574
10608
#: serverguide/C/remote-administration.xml:278(para)
11575
#: serverguide/C/remote-administration.xml:291(para)
10609
11576
msgid ""
10610
11577
"<emphasis>System:</emphasis> contains options allowing configuration of "
10611
11578
"general eBox items."
10612
11579
msgstr ""
10613
11580
10614
#: serverguide/C/remote-administration.xml:284(para)
11581
#: serverguide/C/remote-administration.xml:297(para)
10615
11582
msgid ""
10616
11583
"<emphasis>General:</emphasis> allows you to set the language, port number, "
10617
11584
"and contains a change password form."
10618
11585
msgstr ""
10619
11586
10620
#: serverguide/C/remote-administration.xml:290(para)
11587
#: serverguide/C/remote-administration.xml:303(para)
10621
11588
msgid ""
10622
11589
"<emphasis>Disk Usage:</emphasis> displays a graph detailing information "
10623
11590
"about disk usage."
10624
11591
msgstr ""
10625
11592
10626
#: serverguide/C/remote-administration.xml:296(para)
11593
#: serverguide/C/remote-administration.xml:309(para)
10627
11594
msgid ""
10628
11595
"<emphasis>Backup:</emphasis> is used to backup "
10629
11596
"<application>eBox</application> configuration information, and the "
10632
11599
"such as log files."
10633
11600
msgstr ""
10634
11601
10635
#: serverguide/C/remote-administration.xml:304(para)
11602
#: serverguide/C/remote-administration.xml:317(para)
10636
11603
msgid ""
10637
11604
"<emphasis>Halt/Reboot:</emphasis> will shutdown the system or reboot it."
10638
11605
msgstr ""
10639
11606
10640
#: serverguide/C/remote-administration.xml:309(para)
11607
#: serverguide/C/remote-administration.xml:322(para)
10641
11608
msgid ""
10642
11609
"<emphasis>Bug Report:</emphasis> creates a file containing details helpful "
10643
11610
"when reporting bugs to the eBox developers."
10644
11611
msgstr ""
10645
11612
10646
#: serverguide/C/remote-administration.xml:317(para)
11613
#: serverguide/C/remote-administration.xml:330(para)
10647
11614
msgid ""
10648
11615
"<emphasis>Logs:</emphasis> allows <application>eBox</application> logs to be "
10649
11616
"queried depending on the purge time configured."
10650
11617
msgstr ""
10651
11618
10652
#: serverguide/C/remote-administration.xml:323(para)
11619
#: serverguide/C/remote-administration.xml:336(para)
10653
11620
msgid ""
10654
11621
"<emphasis>Events:</emphasis> this module has the ability to send alerts "
10655
11622
"through rss, jabber, and log file."
10656
11623
msgstr ""
10657
11624
10658
#: serverguide/C/remote-administration.xml:330(emphasis)
11625
#: serverguide/C/remote-administration.xml:343(emphasis)
10659
11626
msgid "Available Events:"
10660
11627
msgstr ""
10661
11628
10662
#: serverguide/C/remote-administration.xml:334(para)
11629
#: serverguide/C/remote-administration.xml:347(para)
10663
11630
msgid ""
10664
11631
"<emphasis>Free Storage Space:</emphasis> will send alert if free disk space "
10665
11632
"drops below a configured percentage, 10% by default."
10666
11633
msgstr ""
10667
11634
10668
#: serverguide/C/remote-administration.xml:340(para)
11635
#: serverguide/C/remote-administration.xml:353(para)
10669
11636
msgid ""
10670
"<emphasis>Log Observer:</emphasis> unfortunately this event does not work "
10671
"with the <application>eBox</application> version shipped with Ubuntu 7.10."
11637
"<emphasis>Log Observer:</emphasis> sends an alert when a configured logger "
11638
"has logged something."
10672
11639
msgstr ""
10673
11640
10674
#: serverguide/C/remote-administration.xml:346(para)
11641
#: serverguide/C/remote-administration.xml:359(para)
10675
11642
msgid ""
10676
11643
"<emphasis>RAID:</emphasis> will monitor the RAID system and send alerts if "
10677
11644
"any issues arise."
10678
11645
msgstr ""
10679
11646
10680
#: serverguide/C/remote-administration.xml:352(para)
11647
#: serverguide/C/remote-administration.xml:365(para)
10681
11648
msgid ""
10682
11649
"<emphasis>Service:</emphasis> sends alerts if a service restarts multiple "
10683
11650
"times in a short time period."
10684
11651
msgstr ""
10685
11652
10686
#: serverguide/C/remote-administration.xml:358(para)
11653
#: serverguide/C/remote-administration.xml:371(para)
10687
11654
msgid ""
10688
11655
"<emphasis>State:</emphasis> alerts on the state of "
10689
11656
"<application>eBox</application>, either up or down."
10690
11657
msgstr ""
10691
11658
10692
#: serverguide/C/remote-administration.xml:367(emphasis)
11659
#: serverguide/C/remote-administration.xml:380(emphasis)
10693
11660
msgid "Dispatchers:"
10694
11661
msgstr ""
10695
11662
10696
#: serverguide/C/remote-administration.xml:371(para)
11663
#: serverguide/C/remote-administration.xml:384(para)
10697
11664
msgid ""
10698
11665
"<emphasis>Log:</emphasis> this dispatcher will send event messages to the "
10699
11666
"<application>eBox</application> log file "
10700
11667
"<filename>/var/log/ebox/ebox.log</filename>."
10701
11668
msgstr ""
10702
11669
10703
#: serverguide/C/remote-administration.xml:378(para)
11670
#: serverguide/C/remote-administration.xml:391(para)
10704
11671
msgid ""
10705
11672
"<emphasis>Jabber:</emphasis> before enabling this dispatcher you must first "
10706
11673
"configure it by clicking on the <quote>Configure</quote> icon."
10707
11674
msgstr ""
10708
11675
10709
#: serverguide/C/remote-administration.xml:384(para)
11676
#: serverguide/C/remote-administration.xml:397(para)
10710
11677
msgid ""
10711
11678
"<emphasis>RSS:</emphasis> once this dispatcher is configured you can "
10712
11679
"subscribe to the link in order to view event alerts."
10713
11680
msgstr ""
10714
11681
10715
#: serverguide/C/remote-administration.xml:397(title)
11682
#: serverguide/C/remote-administration.xml:410(title)
10716
11683
msgid "Additional Modules"
10717
msgstr ""
11684
msgstr "额外模块"
10718
11685
10719
#: serverguide/C/remote-administration.xml:398(para)
11686
#: serverguide/C/remote-administration.xml:411(para)
10720
11687
msgid ""
10721
11688
"Here is a quick description of other available "
10722
11689
"<application>eBox</application> modules:"
10723
msgstr ""
11690
msgstr "这里给出了其它可用的ebox模块的简介。"
10724
11691
10725
#: serverguide/C/remote-administration.xml:403(para)
11692
#: serverguide/C/remote-administration.xml:416(para)
10726
11693
msgid ""
10727
11694
"<emphasis>Network:</emphasis> allows configuration of the server's network "
10728
11695
"options through eBox."
10729
11696
msgstr ""
10730
11697
10731
#: serverguide/C/remote-administration.xml:409(para)
11698
#: serverguide/C/remote-administration.xml:422(para)
10732
11699
msgid ""
10733
11700
"<emphasis>Firewall:</emphasis> configures firewall options for the eBox host."
10734
11701
msgstr ""
10735
11702
10736
#: serverguide/C/remote-administration.xml:414(para)
11703
#: serverguide/C/remote-administration.xml:427(para)
10737
11704
msgid ""
10738
11705
"<emphasis>UsersandGroups:</emphasis> this module will manage users and "
10739
11706
"groups contained in an <application>OpenLDAP</application> LDAP directory."
10740
11707
msgstr ""
10741
11708
10742
#: serverguide/C/remote-administration.xml:420(para)
11709
#: serverguide/C/remote-administration.xml:433(para)
10743
11710
msgid ""
10744
11711
"<emphasis>DHCP:</emphasis> provides an interface for configuring a DHCP "
10745
11712
"server."
10746
11713
msgstr ""
10747
11714
10748
#: serverguide/C/remote-administration.xml:425(para)
11715
#: serverguide/C/remote-administration.xml:438(para)
10749
11716
msgid ""
10750
11717
"<emphasis>DNS:</emphasis> provides <application>BIND9</application> DNS "
10751
11718
"server configuration options."
10752
11719
msgstr ""
11720
"<emphasis>DNS:</emphasis> 提供 <application>BIND9</application> DNS 服务器设置选项"
10753
11721
10754
#: serverguide/C/remote-administration.xml:431(para)
11722
#: serverguide/C/remote-administration.xml:444(para)
10755
11723
msgid ""
10756
11724
"<emphasis>Objects:</emphasis> allow configuration of eBox <emphasis>Network "
10757
11725
"Objects</emphasis>, which allow you to assign a name to an IP address or "
10758
11726
"group of IPs."
10759
11727
msgstr ""
11728
"<emphasis>Objects:</emphasis> 允许配置 eBox "
11729
"<emphasis>网络对象</emphasis>,这意味着允许您为指定的一个或一组 IP 地址命名。"
10760
11730
10761
#: serverguide/C/remote-administration.xml:438(para)
11731
#: serverguide/C/remote-administration.xml:451(para)
10762
11732
msgid ""
10763
11733
"<emphasis>Services:</emphasis> displays configuration information for "
10764
11734
"services that are available to the network."
10765
11735
msgstr ""
10766
11736
10767
#: serverguide/C/remote-administration.xml:444(para)
11737
#: serverguide/C/remote-administration.xml:457(para)
10768
11738
msgid ""
10769
11739
"<emphasis>Squid:</emphasis> configuration options for the "
10770
11740
"<application>Squid</application> proxy server."
10771
11741
msgstr ""
10772
11742
10773
#: serverguide/C/remote-administration.xml:450(para)
11743
#: serverguide/C/remote-administration.xml:463(para)
10774
11744
msgid ""
10775
11745
"<emphasis>CA:</emphasis> configures a Certificate Authority for the server."
10776
11746
msgstr ""
10777
11747
10778
#: serverguide/C/remote-administration.xml:455(para)
11748
#: serverguide/C/remote-administration.xml:468(para)
10779
11749
msgid "<emphasis>NTP:</emphasis> set Network Time Protocol options."
10780
11750
msgstr ""
10781
11751
10782
#: serverguide/C/remote-administration.xml:460(para)
11752
#: serverguide/C/remote-administration.xml:473(para)
10783
11753
msgid "<emphasis>Printers:</emphasis> allows the configuration of printers."
10784
11754
msgstr ""
10785
11755
10786
#: serverguide/C/remote-administration.xml:465(para)
11756
#: serverguide/C/remote-administration.xml:478(para)
10787
11757
msgid "<emphasis>Samba:</emphasis> configuration options for Samba."
10788
11758
msgstr ""
10789
11759
10790
#: serverguide/C/remote-administration.xml:470(para)
11760
#: serverguide/C/remote-administration.xml:483(para)
10791
11761
msgid ""
10792
11762
"<emphasis>OpenVPN:</emphasis> setup options for OpenVPN Virtual Private "
10793
11763
"Network application."
10794
11764
msgstr ""
10795
11765
10796
#: serverguide/C/remote-administration.xml:481(para)
10797
msgid ""
10798
"For more information see the <ulink url=\"http://ebox-platform.com/\">eBox "
10799
"Home Page</ulink>."
11766
#: serverguide/C/remote-administration.xml:494(para)
11767
msgid ""
11768
"The <ulink url=\"https://help.ubuntu.com/community/eBox\">eBox Ubuntu "
11769
"Wiki</ulink> page has more details."
11770
msgstr ""
11771
11772
#: serverguide/C/remote-administration.xml:499(para)
11773
msgid ""
11774
"For more information also see the <ulink url=\"http://ebox-"
11775
"platform.com/\">eBox Home Page</ulink>."
10800
11776
msgstr ""
10801
11777
10802
11778
#: serverguide/C/package-management.xml:13(title)
10859
11835
10860
11836
#: serverguide/C/package-management.xml:32(title)
10861
11837
msgid "dpkg"
10862
msgstr ""
11838
msgstr "dpkg"
10863
11839
10864
11840
#: serverguide/C/package-management.xml:34(para)
10865
11841
msgid ""
10874
11850
#: serverguide/C/package-management.xml:43(para)
10875
11851
msgid ""
10876
11852
"To list all packages installed on the system, from a terminal prompt enter:"
10877
msgstr ""
11853
msgstr "要列出系统安装的所有软件包,请在终端提示符下输入:"
10878
11854
10879
11855
#: serverguide/C/package-management.xml:48(command)
10880
11856
msgid "dpkg -l"
10886
11862
"large amount of output. Pipe the output through "
10887
11863
"<application>grep</application> to see if a specific package is installed:"
10888
11864
msgstr ""
11865
"根据您系统中安装的软件包数量,该命令可能会输出大量内容。要查询特定的软件包是否已经被安装,您应该将输出通过管道输送给 "
11866
"<application>grep</application> 命令。"
10889
11867
10890
11868
#: serverguide/C/package-management.xml:60(command)
10891
11869
msgid "dpkg -l | grep apache2"
10920
11898
#: serverguide/C/package-management.xml:88(computeroutput)
10921
11899
#, no-wrap
10922
11900
msgid "base-files: /etc/host.conf"
10923
msgstr ""
11901
msgstr "base-files: /etc/host.conf"
10924
11902
10925
11903
#: serverguide/C/package-management.xml:91(para)
10926
11904
msgid ""
10927
11905
"The output shows that the <filename>/etc/host.conf</filename> belongs to the "
10928
11906
"<application>base-files</application> package."
10929
11907
msgstr ""
11908
"输出内容显示 <filename>/etc/host.conf</filename> 属于 <application>base-"
11909
"files</application> 软件包"
10930
11910
10931
11911
#: serverguide/C/package-management.xml:96(para)
10932
11912
msgid ""
10937
11917
10938
11918
#: serverguide/C/package-management.xml:105(para)
10939
11919
msgid "You can install a local <emphasis>.deb</emphasis> file by entering:"
10940
msgstr ""
11920
msgstr "安装一个本地的 <emphasis>.deb</emphasis> 文件,您可以输入:"
10941
11921
10942
11922
#: serverguide/C/package-management.xml:110(command)
10943
11923
msgid "sudo dpkg -i zip_2.32-1_i386.deb"
11333
12313
msgid ""
11334
12314
"\n"
11335
12315
"Unattended-Upgrade::Allowed-Origins {\n"
11336
" \"Ubuntu karmic-security\";\n"
11337
"// \"Ubuntu karmic-updates\";\n"
12316
" \"Ubuntu lucid-security\";\n"
12317
"// \"Ubuntu lucid-updates\";\n"
11338
12318
"};\n"
11339
12319
msgstr ""
11340
12320
11365
12345
11366
12346
#: serverguide/C/package-management.xml:328(para)
11367
12347
msgid ""
12348
"To enable automatic updates, edit "
12349
"<filename>/etc/apt/apt.conf.d/10periodic</filename> and set the appropriate "
12350
"<application>apt</application> configuration options:"
12351
msgstr ""
12352
12353
#: serverguide/C/package-management.xml:332(programlisting)
12354
#, no-wrap
12355
msgid ""
12356
"\n"
12357
"APT::Periodic::Update-Package-Lists \"1\";\n"
12358
"APT::Periodic::Download-Upgradeable-Packages \"1\";\n"
12359
"APT::Periodic::AutocleanInterval \"7\";\n"
12360
"APT::Periodic::Unattended-Upgrade \"1\";\n"
12361
msgstr ""
12362
12363
#: serverguide/C/package-management.xml:339(para)
12364
msgid ""
12365
"The above configuration updates the package list, downloads, and installs "
12366
"available upgrades every day. The local download archive is cleaned every "
12367
"week."
12368
msgstr ""
12369
12370
#: serverguide/C/package-management.xml:345(para)
12371
msgid ""
12372
"You can read more about <application>apt</application> Periodic "
12373
"configuration options in the <filename>/etc/cron.daily/apt</filename> script "
12374
"header."
12375
msgstr ""
12376
12377
#: serverguide/C/package-management.xml:350(para)
12378
msgid ""
11368
12379
"The results of <application>unattended-upgrades</application> will be logged "
11369
12380
"to <filename>/var/log/unattended-upgrades</filename>."
11370
12381
msgstr ""
11371
12382
11372
#: serverguide/C/package-management.xml:333(title)
12383
#: serverguide/C/package-management.xml:355(title)
11373
12384
msgid "Notifications"
11374
msgstr ""
12385
msgstr "通知"
11375
12386
11376
#: serverguide/C/package-management.xml:335(para)
12387
#: serverguide/C/package-management.xml:357(para)
11377
12388
msgid ""
11378
12389
"Configuring <emphasis>Unattended-Upgrade::Mail</emphasis> in "
11379
12390
"<filename>/etc/apt/apt.conf.d/50unattended-upgrades</filename> will enable "
11381
12392
"detailing any packages that need upgrading or have problems."
11382
12393
msgstr ""
11383
12394
11384
#: serverguide/C/package-management.xml:340(para)
12395
#: serverguide/C/package-management.xml:362(para)
11385
12396
msgid ""
11386
12397
"Another useful package is <application>apticron</application>. "
11387
12398
"<application>apticron</application> will configure a "
11388
12399
"<application>cron</application> job to email an administrator information "
11389
"about any packages on the system that need updated as well as a summary of "
11390
"changes in each package."
12400
"about any packages on the system that have updates available, as well as a "
12401
"summary of changes in each package."
11391
12402
msgstr ""
11392
12403
11393
#: serverguide/C/package-management.xml:346(para)
12404
#: serverguide/C/package-management.xml:368(para)
11394
12405
msgid ""
11395
12406
"To install the <application>apticron</application> package, in a terminal "
11396
12407
"enter:"
11397
msgstr ""
12408
msgstr "要安装 <application>apticron</application> 软件包,在终端中输入:"
11398
12409
11399
#: serverguide/C/package-management.xml:351(command)
12410
#: serverguide/C/package-management.xml:373(command)
11400
12411
msgid "sudo apt-get install apticron"
11401
12412
msgstr "sudo apt-get install apticron"
11402
12413
11403
#: serverguide/C/package-management.xml:354(para)
12414
#: serverguide/C/package-management.xml:376(para)
11404
12415
msgid ""
11405
12416
"Once the package is installed edit "
11406
12417
"<filename>/etc/apticron/apticron.conf</filename>, to set the email address "
11407
12418
"and other options:"
11408
12419
msgstr ""
12420
"软件包安装后,编辑 <filename>/etc/apticron/apticron.conf</filename> 来设置电子邮件地址和其他选项:"
11409
12421
11410
#: serverguide/C/package-management.xml:358(programlisting)
12422
#: serverguide/C/package-management.xml:380(programlisting)
11411
12423
#, no-wrap
11412
12424
msgid ""
11413
12425
"\n"
11414
12426
"EMAIL=\"root@example.com\"\n"
11415
12427
msgstr ""
11416
12428
11417
#: serverguide/C/package-management.xml:367(para)
12429
#: serverguide/C/package-management.xml:389(para)
11418
12430
msgid ""
11419
12431
"Configuration of the <emphasis>Advanced Packaging Tool</emphasis> (APT) "
11420
12432
"system repositories is stored in the /etc/apt/sources.list configuration "
11424
12436
"<emphasis>Advanced Packaging Tool</emphasis> (APT) 系统软件库的配置被保存在 "
11425
12437
"/etc/apt/sources.list 文件中。这儿有个该文件的示例,"
11426
12438
11427
#: serverguide/C/package-management.xml:373(para)
12439
#: serverguide/C/package-management.xml:395(para)
11428
12440
msgid ""
11429
12441
"<ulink url=\"../sample/sources.list\">Here</ulink> is a simple example of a "
11430
12442
"typical <filename>/etc/apt/sources.list</filename> file."
11432
12444
"<ulink url=\"../sample/sources.list\">这里</ulink> 是一个典型的 "
11433
12445
"<filename>/etc/apt/sources.list</filename> 文件范例。"
11434
12446
11435
#: serverguide/C/package-management.xml:377(para)
12447
#: serverguide/C/package-management.xml:399(para)
11436
12448
msgid ""
11437
12449
"You may edit the file to enable repositories or disable them. For example, "
11438
12450
"to disable the requirement of inserting the Ubuntu CD-ROM whenever package "
11442
12454
"您可以编辑该文件来使软件库生效或失效。举个例子,要不想无论何时在发生文件包操作都会引起要求插入 Ubuntu CD-ROM ,只需要简单地将在文件顶部的 "
11443
12455
"CD-ROM 相应行注释掉即可:"
11444
12456
11445
#: serverguide/C/package-management.xml:382(screen)
12457
#: serverguide/C/package-management.xml:404(screen)
11446
12458
#, no-wrap
11447
12459
msgid ""
11448
12460
"\n"
11449
12461
"# no more prompting for CD-ROM please\n"
11450
"# deb cdrom:[Ubuntu 9.10_Karmic_Koala - Release i386 (20070419.1)]/ karmic "
12462
"# deb cdrom:[Ubuntu 10.04_Lucid_Lynx - Release i386 (20070419.1)]/ lucid "
11451
12463
"main restricted\n"
11452
12464
msgstr ""
11453
12465
11454
#: serverguide/C/package-management.xml:388(title)
12466
#: serverguide/C/package-management.xml:410(title)
11455
12467
msgid "Extra Repositories"
11456
12468
msgstr "其他软件库"
11457
12469
11458
#: serverguide/C/package-management.xml:389(para)
12470
#: serverguide/C/package-management.xml:411(para)
11459
12471
msgid ""
11460
12472
"In addition to the officially supported package repositories available for "
11461
12473
"Ubuntu, there exist additional community-maintained repositories which add "
11469
12481
"<emphasis>Universe</emphasis> 和 <emphasis>Multiverse</emphasis> 软件库。这些软件库不被 "
11470
12482
"Ubuntu 官方支持,但是因为它们是由社区维护的,因此它们提供的软件通常可以在您的 Ubuntu 计算机中被安全地使用。"
11471
12483
11472
#: serverguide/C/package-management.xml:392(para)
12484
#: serverguide/C/package-management.xml:414(para)
11473
12485
msgid ""
11474
12486
"Packages in the <emphasis>Multiverse</emphasis> repository often have "
11475
12487
"licensing issues that prevent them from being distributed with a free "
11478
12490
"在 <emphasis>Multiverse</emphasis> "
11479
12491
"软件库中的软件包通常有授权问题,这阻碍了它们随同一个自由操作系统一起发布,并且它们在您所处的地域中可能是非法的。"
11480
12492
11481
#: serverguide/C/package-management.xml:394(para)
12493
#: serverguide/C/package-management.xml:416(para)
11482
12494
msgid ""
11483
12495
"Be advised that neither the <emphasis>Universe</emphasis> or "
11484
12496
"<emphasis>Multiverse</emphasis> repositories contain officially supported "
11488
12500
"提醒您在 <emphasis>Universe</emphasis> 或 <emphasis>Multiverse</emphasis> "
11489
12501
"软件库中均没有官方支持的软件包。特别是这些软件包可能没有安全更新。"
11490
12502
11491
#: serverguide/C/package-management.xml:398(para)
12503
#: serverguide/C/package-management.xml:420(para)
11492
12504
msgid ""
11493
12505
"Many other package sources are available, sometimes even offering only one "
11494
12506
"package, as in the case of package sources provided by the developer of a "
11501
12513
"许多其他软件包源也是可用的,有时甚至只提供一个软件包,这种情况主要发生在由单个应用程序的开发人员所提供软件包源上。然而当您在使用非标准软件包源时您应该非常"
11502
12514
"小心谨慎,在执行任何安装之前仔细考查源和软件包,因为有些软件包源和其中的软件包可能会使您的系统在某些方面运行不稳定或不正常。"
11503
12515
11504
#: serverguide/C/package-management.xml:401(para)
12516
#: serverguide/C/package-management.xml:423(para)
11505
12517
msgid ""
11506
12518
"By default, the <emphasis>Universe</emphasis> and "
11507
12519
"<emphasis>Multiverse</emphasis> repositories are enabled but if you would "
11509
12521
"comment the following lines:"
11510
12522
msgstr ""
11511
12523
11512
#: serverguide/C/package-management.xml:408(programlisting)
12524
#: serverguide/C/package-management.xml:430(programlisting)
11513
12525
#, no-wrap
11514
12526
msgid ""
11515
12527
"\n"
11516
"deb http://archive.ubuntu.com/ubuntu karmic universe multiverse\n"
11517
"deb-src http://archive.ubuntu.com/ubuntu karmic universe multiverse\n"
11518
"\n"
11519
"deb http://us.archive.ubuntu.com/ubuntu/ karmic universe\n"
11520
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic universe\n"
11521
"deb http://us.archive.ubuntu.com/ubuntu/ karmic-updates universe\n"
11522
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic-updates universe\n"
11523
"\n"
11524
"deb http://us.archive.ubuntu.com/ubuntu/ karmic multiverse\n"
11525
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic multiverse\n"
11526
"deb http://us.archive.ubuntu.com/ubuntu/ karmic-updates multiverse\n"
11527
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic-updates multiverse\n"
11528
"\n"
11529
"deb http://security.ubuntu.com/ubuntu karmic-security universe\n"
11530
"deb-src http://security.ubuntu.com/ubuntu karmic-security universe\n"
11531
"deb http://security.ubuntu.com/ubuntu karmic-security multiverse\n"
11532
"deb-src http://security.ubuntu.com/ubuntu karmic-security multiverse\n"
12528
"deb http://archive.ubuntu.com/ubuntu lucid universe multiverse\n"
12529
"deb-src http://archive.ubuntu.com/ubuntu lucid universe multiverse\n"
12530
"\n"
12531
"deb http://us.archive.ubuntu.com/ubuntu/ lucid universe\n"
12532
"deb-src http://us.archive.ubuntu.com/ubuntu/ lucid universe\n"
12533
"deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe\n"
12534
"deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe\n"
12535
"\n"
12536
"deb http://us.archive.ubuntu.com/ubuntu/ lucid multiverse\n"
12537
"deb-src http://us.archive.ubuntu.com/ubuntu/ lucid multiverse\n"
12538
"deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse\n"
12539
"deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse\n"
12540
"\n"
12541
"deb http://security.ubuntu.com/ubuntu lucid-security universe\n"
12542
"deb-src http://security.ubuntu.com/ubuntu lucid-security universe\n"
12543
"deb http://security.ubuntu.com/ubuntu lucid-security multiverse\n"
12544
"deb-src http://security.ubuntu.com/ubuntu lucid-security multiverse\n"
11533
12545
msgstr ""
11534
12546
11535
#: serverguide/C/package-management.xml:434(para)
12547
#: serverguide/C/package-management.xml:456(para)
11536
12548
msgid ""
11537
12549
"Most of the material covered in this chapter is available in "
11538
12550
"<application>man</application> pages, many of which are available online."
11539
12551
msgstr ""
11540
12552
11541
#: serverguide/C/package-management.xml:441(para)
12553
#: serverguide/C/package-management.xml:463(para)
12554
msgid ""
12555
"The <ulink "
12556
"url=\"https://help.ubuntu.com/community/InstallingSoftware\">InstallingSoftwa"
12557
"re</ulink> Ubuntu wiki page has more information."
12558
msgstr ""
12559
12560
#: serverguide/C/package-management.xml:468(para)
11542
12561
msgid ""
11543
12562
"For more <application>dpkg</application> details see the <ulink "
11544
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/dpkg.1.html\">dpkg "
12563
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man1/dpkg.1.html\">dpkg "
11545
12564
"man page</ulink>."
11546
12565
msgstr ""
11547
12566
11548
#: serverguide/C/package-management.xml:447(para)
12567
#: serverguide/C/package-management.xml:474(para)
11549
12568
msgid ""
11550
12569
"The <ulink url=\"http://www.debian.org/doc/manuals/apt-howto/\">APT "
11551
12570
"HOWTO</ulink> and <ulink "
11552
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/apt-"
11553
"get.8.html\">apt-get man page</ulink> contain useful information regarding "
11554
"<application>apt-get</application> usage."
12571
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/apt-get.8.html\">apt-"
12572
"get man page</ulink> contain useful information regarding <application>apt-"
12573
"get</application> usage."
11555
12574
msgstr ""
11556
12575
11557
#: serverguide/C/package-management.xml:454(para)
12576
#: serverguide/C/package-management.xml:481(para)
11558
12577
msgid ""
11559
12578
"See the <ulink "
11560
"url=\"http://manpages.ubuntu.com/manpages/jaunty/man8/aptitude.8.html\">aptit"
11561
"ude man page</ulink> for more <application>aptitude</application> options."
12579
"url=\"http://manpages.ubuntu.com/manpages/lucid/man8/aptitude.8.html\">aptitu"
12580
"de man page</ulink> for more <application>aptitude</application> options."
11562
12581
msgstr ""
11563
12582
11564
#: serverguide/C/package-management.xml:460(para)
12583
#: serverguide/C/package-management.xml:487(para)
11565
12584
msgid ""
11566
12585
"The <ulink "
11567
12586
"url=\"https://help.ubuntu.com/community/Repositories/Ubuntu\">Adding "
11583
12602
msgstr ""
11584
12603
11585
12604
#: serverguide/C/other-apps.xml:23(title)
11586
msgid "Update MOTD"
12605
msgid "pam_motd"
11587
12606
msgstr ""
11588
12607
11589
12608
#: serverguide/C/other-apps.xml:25(para)
11604
12623
11605
12624
#: serverguide/C/other-apps.xml:40(para)
11606
12625
msgid ""
11607
"<emphasis>update-motd:</emphasis> is used to automatically update the MOTD "
11608
"via <application>cron</application>."
12626
"<emphasis>update-notifier-common:</emphasis> is used to automatically update "
12627
"the MOTD via <application>pam_motd</application> module."
11609
12628
msgstr ""
11610
12629
11611
12630
#: serverguide/C/other-apps.xml:46(para)
11612
12631
msgid ""
11613
"The <application>update-motd</application> utility has several options to "
11614
"further customize the MOTD:"
12632
"<application>pam_motd</application> executes the scripts in "
12633
"<filename>/etc/update-motd.d</filename> in order based on the number "
12634
"prepended to the script. The output of the scripts is written to "
12635
"<filename>/var/run/motd</filename>, keeping the numerical order, then "
12636
"concatenated with <filename>/etc/motd.tail</filename>."
11615
12637
msgstr ""
11616
12638
11617
12639
#: serverguide/C/other-apps.xml:52(para)
11618
12640
msgid ""
11619
"<emphasis>--disable:</emphasis> prevents automatic updates of the MOTD. "
11620
"Using this option creates the <filename>/var/lib/update-"
11621
"motd/disabled</filename> file, which if present stops <application>update-"
11622
"motd</application> from modifying <filename>/etc/motd</filename>."
11623
msgstr ""
11624
11625
#: serverguide/C/other-apps.xml:59(para)
11626
msgid ""
11627
"<emphasis>--enable:</emphasis> enables the automatic MOTD updates. If "
11628
"<filename>/var/lib/update-motd</filename> is present it will be removed."
11629
msgstr ""
11630
11631
#: serverguide/C/other-apps.xml:65(para)
11632
msgid ""
11633
"<emphasis>--force:</emphasis> does a one time update of "
11634
"<filename>/etc/motd</filename>, overriding <application>update-"
11635
"motd</application> if it has been disabled."
11636
msgstr ""
11637
11638
#: serverguide/C/other-apps.xml:71(para)
11639
msgid ""
11640
"<emphasis>d, hourly, weekly, monthly:</emphasis> option will run the scripts "
11641
"in <filename>/etc/update-motd.d/</filename> (default), <filename>/etc/update-"
11642
"motd.d/hourly</filename>, <filename>/etc/update-motd.d/weekly</filename>, or "
11643
"<filename>/etc/update-motd.d/monthly</filename> respectively."
11644
msgstr ""
11645
11646
#: serverguide/C/other-apps.xml:79(para)
11647
msgid ""
11648
"<application>update-motd</application> executes the scripts in "
11649
"<filename>/etc/update-motd.d</filename> in order based on the number "
11650
"prepended to the script. Separate <application>cron</application> scripts "
11651
"execute every ten minutes, hourly, weekly, and monthly running the "
11652
"corresponding scripts in <filename>/etc/update-motd.d</filename>. The output "
11653
"of the scripts is written to <filename>/var/run/update-motd/</filename>, "
11654
"keeping the numerical order, then concatenated with "
11655
"<filename>/etc/motd.tail</filename> and written to "
11656
"<filename>/etc/motd</filename>."
11657
msgstr ""
11658
11659
#: serverguide/C/other-apps.xml:87(para)
11660
msgid ""
11661
12641
"You can add your own dynamic information to the MOTD. For example, to add "
11662
12642
"local weather information:"
11663
msgstr ""
12643
msgstr "您可以往MOTD上添加您自己的动态信息。比如,要添加当地的气象信息,您可以:"
11664
12644
11665
#: serverguide/C/other-apps.xml:93(para)
12645
#: serverguide/C/other-apps.xml:58(para)
11666
12646
msgid "First, install the <application>weather-util</application> package:"
11667
msgstr ""
12647
msgstr "首先,安装 <application>weather-util</application> 软件包:"
11668
12648
11669
#: serverguide/C/other-apps.xml:98(command)
12649
#: serverguide/C/other-apps.xml:63(command)
11670
12650
msgid "sudo apt-get install weather-util"
11671
12651
msgstr ""
11672
12652
11673
#: serverguide/C/other-apps.xml:103(para)
12653
#: serverguide/C/other-apps.xml:68(para)
11674
12654
msgid ""
11675
12655
"The <application>weather</application> utility uses METAR data from the "
11676
12656
"National Oceanic and Atmospheric Administration and forecasts from the "
11680
12660
"Weather Service</ulink> site."
11681
12661
msgstr ""
11682
12662
11683
#: serverguide/C/other-apps.xml:110(para)
12663
#: serverguide/C/other-apps.xml:75(para)
11684
12664
msgid ""
11685
12665
"Although the National Weather Service is a United States government agency "
11686
12666
"there are weather stations available world wide. However, local weather "
11687
12667
"information for all locations outside the U.S. may not be available."
11688
12668
msgstr ""
11689
12669
11690
#: serverguide/C/other-apps.xml:116(para)
12670
#: serverguide/C/other-apps.xml:81(para)
11691
12671
msgid ""
11692
12672
"Create <filename>/usr/local/bin/local-weather</filename>, a simple shell "
11693
12673
"script to use <application>weather</application> with your local ICAO "
11694
12674
"indicator:"
11695
12675
msgstr ""
11696
12676
11697
#: serverguide/C/other-apps.xml:121(programlisting)
12677
#: serverguide/C/other-apps.xml:86(programlisting)
11698
12678
#, no-wrap
11699
12679
msgid ""
11700
12680
"\n"
11701
12681
"#!/bin/sh\n"
11702
"##########################################################################\n"
11703
"#\n"
11704
"# Prints the local weather to /var/run/update-motd/60-local-weather \n"
11705
"# for update-motd.\n"
11706
"#\n"
11707
"##########################################################################\n"
12682
"#\n"
12683
"#\n"
12684
"# Prints the local weather information for the MOTD.\n"
12685
"#\n"
12686
"#\n"
11708
12687
"\n"
11709
12688
"# Replace KINT with your local weather station.\n"
11710
12689
"# Local stations can be found here: http://www.weather.gov/tg/siteloc.shtml\n"
11711
12690
"\n"
11712
"echo \"\" > /var/run/update-motd/60-local-weather\n"
11713
"weather -i KINT >> /var/run/update-motd/60-local-weather\n"
12691
"echo\n"
12692
"weather -i KINT\n"
12693
"echo\n"
11714
12694
"\n"
11715
12695
msgstr ""
11716
12696
11717
#: serverguide/C/other-apps.xml:139(para)
12697
#: serverguide/C/other-apps.xml:104(para)
11718
12698
msgid "Make the script executable:"
11719
12699
msgstr "使脚本可以执行:"
11720
12700
11721
#: serverguide/C/other-apps.xml:144(command)
12701
#: serverguide/C/other-apps.xml:109(command)
11722
12702
msgid "sudo chmod 755 /usr/local/bin/local-weather"
11723
12703
msgstr ""
11724
12704
11725
#: serverguide/C/other-apps.xml:148(para)
12705
#: serverguide/C/other-apps.xml:113(para)
11726
12706
msgid ""
11727
"Next, create a symlink to <filename>/etc/update-motd.d/60-local-"
12707
"Next, create a symlink to <filename>/etc/update-motd.d/98-local-"
11728
12708
"weather</filename>:"
11729
12709
msgstr ""
11730
12710
11731
#: serverguide/C/other-apps.xml:153(command)
12711
#: serverguide/C/other-apps.xml:118(command)
11732
12712
msgid ""
11733
"sudo ln -s /usr/local/bin/local-weather /etc/update-motd.d/60-local-weather"
11734
msgstr ""
11735
11736
#: serverguide/C/other-apps.xml:157(para)
11737
msgid "Finally, update the MOTD:"
11738
msgstr "最后,更新MOTD:"
11739
11740
#: serverguide/C/other-apps.xml:162(command)
11741
msgid "sudo update-motd"
11742
msgstr ""
11743
11744
#: serverguide/C/other-apps.xml:167(para)
12713
"sudo ln -s /usr/local/bin/local-weather /etc/update-motd.d/98-local-weather"
12714
msgstr ""
12715
12716
#: serverguide/C/other-apps.xml:122(para)
12717
msgid "Finally, exit the server and re-login to view the new MOTD."
12718
msgstr ""
12719
12720
#: serverguide/C/other-apps.xml:128(para)
11745
12721
msgid ""
11746
12722
"You should now be greeted with some useful information, and some information "
11747
12723
"about the local weather that may not be quite so useful. Hopefully the "
11748
12724
"<application>local-weather</application> example demonstrates the "
11749
"flexibility of <application>update-motd</application>."
12725
"flexibility of <application>pam_motd</application>."
11750
12726
msgstr ""
11751
12727
11752
#: serverguide/C/other-apps.xml:175(title)
12728
#: serverguide/C/other-apps.xml:136(title)
11753
12729
msgid "etckeeper"
11754
12730
msgstr ""
11755
12731
11756
#: serverguide/C/other-apps.xml:177(para)
12732
#: serverguide/C/other-apps.xml:138(para)
11757
12733
msgid ""
11758
12734
"<application>etckeeper</application> allows the contents of <filename "
11759
12735
"role=\"directory\">/etc</filename> be easily stored in Version Control "
11765
12741
"possible."
11766
12742
msgstr ""
11767
12743
11768
#: serverguide/C/other-apps.xml:185(para)
12744
#: serverguide/C/other-apps.xml:146(para)
11769
12745
msgid ""
11770
12746
"Install <application>etckeeper</application> by entering the following in a "
11771
12747
"terminal:"
11772
12748
msgstr ""
11773
12749
11774
#: serverguide/C/other-apps.xml:190(command)
12750
#: serverguide/C/other-apps.xml:151(command)
11775
12751
msgid "sudo apt-get install etckeeper"
11776
12752
msgstr ""
11777
12753
11778
#: serverguide/C/other-apps.xml:193(para)
12754
#: serverguide/C/other-apps.xml:154(para)
11779
12755
msgid ""
11780
12756
"The main configuration file, "
11781
12757
"<filename>/etc/etckeeper/etckeeper.conf</filename>, is fairly simple. The "
11786
12762
"installation. It is possible to undo this by entering the following command:"
11787
12763
msgstr ""
11788
12764
11789
#: serverguide/C/other-apps.xml:203(command)
12765
#: serverguide/C/other-apps.xml:164(command)
11790
12766
msgid "sudo etckeeper uninit"
11791
12767
msgstr ""
11792
12768
11793
#: serverguide/C/other-apps.xml:206(para)
12769
#: serverguide/C/other-apps.xml:167(para)
11794
12770
msgid ""
11795
12771
"By default, etckeeper will commit uncommitted changes made to /etc daily. "
11796
12772
"This can be disabled using the AVOID_DAILY_AUTOCOMMITS configuration option. "
11799
12775
"commit your changes manually, together with a commit message, using:"
11800
12776
msgstr ""
11801
12777
11802
#: serverguide/C/other-apps.xml:215(command)
12778
#: serverguide/C/other-apps.xml:176(command)
11803
12779
msgid "sudo etckeeper commit \"..Reason for configuration change..\""
11804
12780
msgstr ""
11805
12781
11806
#: serverguide/C/other-apps.xml:218(para)
12782
#: serverguide/C/other-apps.xml:179(para)
11807
12783
msgid ""
11808
12784
"Using the VCS commands you can view log information about files in "
11809
12785
"<filename>/etc</filename>:"
11810
12786
msgstr ""
11811
12787
11812
#: serverguide/C/other-apps.xml:223(command)
12788
#: serverguide/C/other-apps.xml:184(command)
11813
12789
msgid "sudo bzr log /etc/passwd"
11814
12790
msgstr ""
11815
12791
11816
#: serverguide/C/other-apps.xml:226(para)
12792
#: serverguide/C/other-apps.xml:187(para)
11817
12793
msgid ""
11818
12794
"To demonstrate the integration with the package management system, install "
11819
12795
"<application>postfix</application>:"
11820
12796
msgstr ""
11821
12797
11822
#: serverguide/C/other-apps.xml:231(command) serverguide/C/mail.xml:45(command)
12798
#: serverguide/C/other-apps.xml:192(command) serverguide/C/mail.xml:45(command)
11823
12799
msgid "sudo apt-get install postfix"
11824
12800
msgstr ""
11825
12801
11826
#: serverguide/C/other-apps.xml:234(para)
12802
#: serverguide/C/other-apps.xml:195(para)
11827
12803
msgid ""
11828
12804
"When the installation is finished, all the "
11829
12805
"<application>postfix</application> configuration files should be committed "
11830
12806
"to the repository:"
11831
12807
msgstr ""
11832
12808
11833
#: serverguide/C/other-apps.xml:240(computeroutput)
12809
#: serverguide/C/other-apps.xml:201(computeroutput)
11834
12810
#, no-wrap
11835
12811
msgid ""
11836
12812
"Committing to: /etc/\n"
11873
12849
"Committed revision 2."
11874
12850
msgstr ""
11875
12851
11876
#: serverguide/C/other-apps.xml:280(para)
12852
#: serverguide/C/other-apps.xml:241(para)
11877
12853
msgid ""
11878
12854
"For an example of how <application>etckeeper</application> tracks manual "
11879
12855
"changes, add new a host to <filename>/etc/hosts</filename>. Using "
11880
12856
"<application>bzr</application> you can see which files have been modified:"
11881
12857
msgstr ""
11882
12858
11883
#: serverguide/C/other-apps.xml:286(command)
12859
#: serverguide/C/other-apps.xml:247(command)
11884
12860
msgid "sudo bzr status /etc/"
11885
12861
msgstr ""
11886
12862
11887
#: serverguide/C/other-apps.xml:287(computeroutput)
12863
#: serverguide/C/other-apps.xml:248(computeroutput)
11888
12864
#, no-wrap
11889
12865
msgid ""
11890
12866
"modified:\n"
11891
12867
" hosts"
11892
12868
msgstr ""
11893
12869
11894
#: serverguide/C/other-apps.xml:291(para)
12870
#: serverguide/C/other-apps.xml:252(para)
11895
12871
msgid "Now commit the changes:"
11896
12872
msgstr ""
11897
12873
11898
#: serverguide/C/other-apps.xml:296(command)
12874
#: serverguide/C/other-apps.xml:257(command)
11899
12875
msgid "sudo etckeeper commit \"new host\""
11900
12876
msgstr ""
11901
12877
11902
#: serverguide/C/other-apps.xml:299(para)
12878
#: serverguide/C/other-apps.xml:260(para)
11903
12879
msgid ""
11904
12880
"For more information on <application>bzr</application> see <xref "
11905
12881
"linkend=\"bazaar\"/>."
11906
12882
msgstr ""
11907
12883
11908
#: serverguide/C/other-apps.xml:305(title)
11909
msgid "Screen Profiles"
12884
#: serverguide/C/other-apps.xml:266(title)
12885
msgid "Byobu"
11910
12886
msgstr ""
11911
12887
11912
#: serverguide/C/other-apps.xml:307(para)
12888
#: serverguide/C/other-apps.xml:268(para)
11913
12889
msgid ""
11914
12890
"One of the most useful applications for any system administrator is "
11915
12891
"<application>screen</application>. It allows the execution of multiple "
11916
12892
"shells in one terminal. To make some of the advanced "
11917
12893
"<application>screen</application> features more user friendly, and provide "
11918
"some useful information about the system, the <application>screen-"
11919
"profiles</application> package was created."
12894
"some useful information about the system, the "
12895
"<application>byobu</application> package was created."
11920
12896
msgstr ""
11921
12897
11922
#: serverguide/C/other-apps.xml:314(para)
12898
#: serverguide/C/other-apps.xml:275(para)
11923
12899
msgid ""
11924
"When executing <application>screen</application> for the first time you will "
11925
"be presented with the <application>screen-profiles-helper</application> "
11926
"menu. This menu will allow you to:"
12900
"When executing <application>byobu</application> pressing the "
12901
"<emphasis>F9</emphasis> key will bring up the "
12902
"<application>Configuration</application> menu. This menu will allow you to:"
11927
12903
msgstr ""
11928
12904
11929
#: serverguide/C/other-apps.xml:320(para)
12905
#: serverguide/C/other-apps.xml:281(para)
11930
12906
msgid "View the Help menu"
11931
12907
msgstr "查看帮助菜单"
11932
12908
11933
#: serverguide/C/other-apps.xml:321(para)
12909
#: serverguide/C/other-apps.xml:282(para)
12910
msgid "Change Byobu's background color"
12911
msgstr ""
12912
12913
#: serverguide/C/other-apps.xml:283(para)
12914
msgid "Change Byobu's foreground color"
12915
msgstr ""
12916
12917
#: serverguide/C/other-apps.xml:284(para)
12918
msgid "Toggle status notifications"
12919
msgstr ""
12920
12921
#: serverguide/C/other-apps.xml:285(para)
11934
12922
msgid "Change the key binding set"
11935
12923
msgstr ""
11936
12924
11937
#: serverguide/C/other-apps.xml:322(para)
11938
msgid "Change screen profiles"
11939
msgstr ""
11940
11941
#: serverguide/C/other-apps.xml:323(para)
12925
#: serverguide/C/other-apps.xml:286(para)
11942
12926
msgid "Change the escape sequence"
11943
12927
msgstr ""
11944
12928
11945
#: serverguide/C/other-apps.xml:324(para)
11946
msgid "Create new screen windows"
12929
#: serverguide/C/other-apps.xml:287(para)
12930
msgid "Create new windows"
11947
12931
msgstr ""
11948
12932
11949
#: serverguide/C/other-apps.xml:325(para)
12933
#: serverguide/C/other-apps.xml:288(para)
11950
12934
msgid "Manage the default windows"
11951
12935
msgstr ""
11952
12936
11953
#: serverguide/C/other-apps.xml:326(para)
11954
msgid "Install screen by default at login"
12937
#: serverguide/C/other-apps.xml:289(para)
12938
msgid "Byobu currently does not launch at login (toggle on)"
11955
12939
msgstr ""
11956
12940
11957
#: serverguide/C/other-apps.xml:329(para)
12941
#: serverguide/C/other-apps.xml:292(para)
11958
12942
msgid ""
11959
12943
"The <emphasis>key bindings</emphasis> determine such things as the escape "
11960
12944
"sequence, new window, change window, etc. There are two key binding sets to "
11961
"choose from <emphasis>common</emphasis> and <emphasis>none</emphasis>. If "
11962
"you wish to use the original key bindings choose the "
12945
"choose from <emphasis>f-keys</emphasis> and <emphasis>screen-escape-"
12946
"keys</emphasis>. If you wish to use the original key bindings choose the "
11963
12947
"<emphasis>none</emphasis> set."
11964
12948
msgstr ""
11965
12949
11966
#: serverguide/C/other-apps.xml:335(para)
11967
msgid ""
11968
"The Ubuntu <application>screen-profiles</application> provide a menu which "
11969
"displays the Ubuntu release, processor information, memory information, and "
11970
"the time and date. The effect is similar to a desktop menu. When a profile "
11971
"is selected it will be symlinked to <filename>~/.screenrc</filename>. The "
11972
"<application>select-screen-profile</application> utility can also be used to "
11973
"change profiles, in a terminal enter:"
11974
msgstr ""
11975
11976
#: serverguide/C/other-apps.xml:343(command)
11977
msgid "select-screen-profile -s ubuntu-light"
11978
msgstr ""
11979
11980
#: serverguide/C/other-apps.xml:346(para)
11981
msgid ""
11982
"The <emphasis>plain</emphasis> profile will change "
11983
"<application>screen</application> back to the defaults, which does not "
11984
"include the information menu at the bottom."
11985
msgstr ""
11986
11987
#: serverguide/C/other-apps.xml:351(para)
11988
msgid ""
11989
"Using the <emphasis>\"Install screen by default at login\"</emphasis> option "
11990
"will cause screen to be executed any time a terminal is opened. Changes made "
11991
"to <application>screen</application> are on a per user basis, and will not "
12950
#: serverguide/C/other-apps.xml:298(para)
12951
msgid ""
12952
"<application>byobu</application> provides a menu which displays the Ubuntu "
12953
"release, processor information, memory information, and the time and date. "
12954
"The effect is similar to a desktop menu."
12955
msgstr ""
12956
12957
#: serverguide/C/other-apps.xml:303(para)
12958
msgid ""
12959
"Using the <emphasis>\"Byobu currently does not launch at login (toggle "
12960
"on)\"</emphasis> option will cause <application>byobu</application> to be "
12961
"executed any time a terminal is opened. Changes made to "
12962
"<application>byobu</application> are on a per user basis, and will not "
11992
12963
"affect other users on the system."
11993
12964
msgstr ""
11994
12965
11995
#: serverguide/C/other-apps.xml:356(para)
12966
#: serverguide/C/other-apps.xml:309(para)
11996
12967
msgid ""
11997
"One difference when using screen is the <emphasis>scrollback</emphasis> "
11998
"mode. If you are using one of the Ubuntu profiles press the "
11999
"<emphasis>F7</emphasis>, or <emphasis>Ctrl+a+[</emphasis> if not, to enter "
12000
"scrollback mode. Scrollback mode allows you to navigate past output using "
12001
"<emphasis>vi</emphasis> like commands. Here is a quick list of movement "
12002
"commands:"
12968
"One difference when using byobu is the <emphasis>scrollback</emphasis> mode. "
12969
"Press the <emphasis>F7</emphasis> key to enter scrollback mode. Scrollback "
12970
"mode allows you to navigate past output using <emphasis>vi</emphasis> like "
12971
"commands. Here is a quick list of movement commands:"
12003
12972
msgstr ""
12004
12973
12005
#: serverguide/C/other-apps.xml:363(para)
12974
#: serverguide/C/other-apps.xml:316(para)
12006
12975
msgid "<emphasis>h</emphasis> - Move the cursor left by one character"
12007
12976
msgstr ""
12008
12977
12009
#: serverguide/C/other-apps.xml:364(para)
12978
#: serverguide/C/other-apps.xml:317(para)
12010
12979
msgid "<emphasis>j</emphasis> - Move the cursor down by one line"
12011
12980
msgstr ""
12012
12981
12013
#: serverguide/C/other-apps.xml:365(para)
12982
#: serverguide/C/other-apps.xml:318(para)
12014
12983
msgid "<emphasis>k</emphasis> - Move the cursor up by one line"
12015
12984
msgstr ""
12016
12985
12017
#: serverguide/C/other-apps.xml:366(para)
12986
#: serverguide/C/other-apps.xml:319(para)
12018
12987
msgid "<emphasis>l</emphasis> - Move the cursor right by one character"
12019
12988
msgstr ""
12020
12989
12021
#: serverguide/C/other-apps.xml:367(para)
12990
#: serverguide/C/other-apps.xml:320(para)
12022
12991
msgid "<emphasis>0</emphasis> - Move to the beginning of the current line"
12023
12992
msgstr ""
12024
12993
12025
#: serverguide/C/other-apps.xml:368(para)
12994
#: serverguide/C/other-apps.xml:321(para)
12026
12995
msgid "<emphasis>$</emphasis> - Move to the end of the current line"
12027
12996
msgstr ""
12028
12997
12029
#: serverguide/C/other-apps.xml:369(para)
12998
#: serverguide/C/other-apps.xml:322(para)
12030
12999
msgid ""
12031
13000
"<emphasis>G</emphasis> - Moves to the specified line (defaults to the end of "
12032
13001
"the buffer)"
12033
13002
msgstr ""
12034
13003
12035
#: serverguide/C/other-apps.xml:370(para)
12036
msgid "<emphasis>C-u</emphasis> - Scrolls a half page up"
12037
msgstr ""
12038
12039
#: serverguide/C/other-apps.xml:371(para)
12040
msgid "<emphasis>C-b</emphasis> - Scrolls a full page up"
12041
msgstr ""
12042
12043
#: serverguide/C/other-apps.xml:372(para)
12044
msgid "<emphasis>C-d</emphasis> - Scrolls a half page down"
12045
msgstr ""
12046
12047
#: serverguide/C/other-apps.xml:373(para)
12048
msgid "<emphasis>C-f</emphasis> - Scrolls the full page down"
12049
msgstr ""
12050
12051
#: serverguide/C/other-apps.xml:374(para)
13004
#: serverguide/C/other-apps.xml:323(para)
12052
13005
msgid "<emphasis>/</emphasis> - Search forward"
12053
13006
msgstr ""
12054
13007
12055
#: serverguide/C/other-apps.xml:375(para)
13008
#: serverguide/C/other-apps.xml:324(para)
12056
13009
msgid "<emphasis>?</emphasis> - Search backward"
12057
13010
msgstr ""
12058
13011
12059
#: serverguide/C/other-apps.xml:376(para)
13012
#: serverguide/C/other-apps.xml:325(para)
12060
13013
msgid ""
12061
13014
"<emphasis>n</emphasis> - Moves to the next match, either forward or backword"
12062
13015
msgstr ""
12063
13016
12064
#: serverguide/C/other-apps.xml:385(para)
13017
#: serverguide/C/other-apps.xml:334(para)
12065
13018
msgid ""
12066
13019
"See the <ulink "
12067
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/update-"
12068
"motd.1.html\">update-motd man page</ulink> for more options available to "
13020
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man1/update-motd.1.html\">"
13021
"update-motd man page</ulink> for more options available to "
12069
13022
"<application>update-motd</application>."
12070
13023
msgstr ""
12071
13024
12072
#: serverguide/C/other-apps.xml:391(para)
13025
#: serverguide/C/other-apps.xml:340(para)
12073
13026
msgid ""
12074
13027
"The Debian Package of the Day <ulink "
12075
13028
"url=\"http://debaday.debian.net/2007/10/04/weather-check-weather-conditions-"
12077
13030
"details about using the <application>weather</application>utility."
12078
13031
msgstr ""
12079
13032
12080
#: serverguide/C/other-apps.xml:398(para)
13033
#: serverguide/C/other-apps.xml:347(para)
12081
13034
msgid ""
12082
13035
"See the <ulink "
12083
13036
"url=\"http://kitenet.net/~joey/code/etckeeper/\">etckeeper</ulink> site for "
12084
13037
"more details on using <application>etckeeper</application>."
12085
13038
msgstr ""
12086
13039
12087
#: serverguide/C/other-apps.xml:404(para)
13040
#: serverguide/C/other-apps.xml:353(para)
13041
msgid ""
13042
"The <ulink url=\"https://help.ubuntu.com/community/etckeeper\">etckeeper "
13043
"Ubuntu Wiki</ulink> page."
13044
msgstr ""
13045
13046
#: serverguide/C/other-apps.xml:358(para)
12088
13047
msgid ""
12089
13048
"For the latest news and information about <application>bzr</application> see "
12090
13049
"the <ulink url=\"http://bazaar-vcs.org/\">bzr</ulink> web site."
12091
13050
msgstr ""
12092
13051
12093
#: serverguide/C/other-apps.xml:409(para)
13052
#: serverguide/C/other-apps.xml:363(para)
12094
13053
msgid ""
12095
13054
"For more information on <application>screen</application> see the <ulink "
12096
13055
"url=\"http://www.gnu.org/software/screen/\">screen web site</ulink>."
12097
13056
msgstr ""
12098
13057
12099
#: serverguide/C/other-apps.xml:414(para)
12100
msgid ""
12101
"Also, see the <application>screen-profiles</application><ulink "
12102
"url=\"https://launchpad.net/screen-profiles\">project page</ulink> for more "
13058
#: serverguide/C/other-apps.xml:368(para)
13059
msgid ""
13060
"And the <ulink url=\"https://help.ubuntu.com/community/Screen\">Ubuntu Wiki "
13061
"screen</ulink> page."
13062
msgstr ""
13063
13064
#: serverguide/C/other-apps.xml:373(para)
13065
msgid ""
13066
"Also, see the <application>byobu</application><ulink "
13067
"url=\"https://launchpad.net/byobu\">project page</ulink> for more "
12103
13068
"information."
12104
13069
msgstr ""
12105
13070
12106
#: serverguide/C/network-config.xml:13(title)
12107
msgid "Networking"
12108
msgstr "联网"
12109
12110
13071
#: serverguide/C/network-config.xml:14(para)
12111
13072
msgid ""
12112
13073
"Networks consist of two or more devices, such as computer systems, printers, "
12122
13083
"discussion of popular network protocols."
12123
13084
msgstr "本节提供属于联网范畴的一般和特定信息,包括网络概念的概览以及对于流行网络协议的详细讨论。"
12124
13085
12125
#: serverguide/C/network-config.xml:26(title)
13086
#: serverguide/C/network-config.xml:27(title)
12126
13087
msgid "Network Configuration"
12127
13088
msgstr "网络配置"
12128
13089
12129
#: serverguide/C/network-config.xml:27(para)
13090
#: serverguide/C/network-config.xml:28(para)
12130
13091
msgid ""
12131
13092
"Ubuntu ships with a number of graphical utilities to configure your network "
12132
13093
"devices. This document is geared toward server administrators and will focus "
12133
13094
"on managing your network on the command line."
12134
13095
msgstr "Ubuntu 提供了许多图形化工具来配制您的网络设备。本文适用于服务器管理员并聚焦在命令行中管理您的网络。"
12135
13096
12136
#: serverguide/C/network-config.xml:33(title)
12137
msgid "Ethernet"
12138
msgstr "以太网"
12139
12140
#: serverguide/C/network-config.xml:34(para)
12141
msgid ""
12142
"Most Ethernet configuration is centralized in a single file, "
12143
"<filename>/etc/network/interfaces</filename>. If you have no Ethernet "
12144
"devices, only the loopback interface will appear in this file, and it will "
12145
"look something like this:"
12146
msgstr ""
12147
12148
#: serverguide/C/network-config.xml:40(programlisting)
12149
#, no-wrap
12150
msgid ""
12151
"\n"
12152
"# This file describes the network interfaces available on your system\n"
12153
"# and how to activate them. For more information, see interfaces(5).\n"
12154
"\n"
12155
"# The loopback network interface\n"
12156
"auto lo\n"
12157
"iface lo inet loopback\n"
12158
"address 127.0.0.1\n"
12159
"netmask 255.0.0.0\n"
12160
msgstr ""
12161
12162
#: serverguide/C/network-config.xml:50(para)
12163
msgid ""
12164
"If you have only one Ethernet device, eth0, and it gets its configuration "
12165
"from a DHCP server, and it should come up automatically at boot, only two "
12166
"additional lines are required:"
12167
msgstr ""
12168
12169
#: serverguide/C/network-config.xml:55(programlisting)
13097
#: serverguide/C/network-config.xml:35(title)
13098
msgid "Ethernet Interfaces"
13099
msgstr ""
13100
13101
#: serverguide/C/network-config.xml:36(para)
13102
msgid ""
13103
"Ethernet interfaces are identified by the system using the naming convention "
13104
"of <emphasis role=\"italix\">ethX</emphasis>, where <emphasis "
13105
"role=\"italic\">X</emphasis> represents a numeric value. The first Ethernet "
13106
"interface is typically identified as <emphasis "
13107
"role=\"italic\">eth0</emphasis>, the second as <emphasis "
13108
"role=\"italic\">eth1</emphasis>, and all others should move up in numerical "
13109
"order."
13110
msgstr ""
13111
13112
#: serverguide/C/network-config.xml:46(title)
13113
msgid "Identify Ethernet Interfaces"
13114
msgstr ""
13115
13116
#: serverguide/C/network-config.xml:47(para)
13117
msgid ""
13118
"To quickly identify all available Ethernet interfaces, you can use the "
13119
"<application>ifconfig</application> command as shown below."
13120
msgstr ""
13121
13122
#: serverguide/C/network-config.xml:52(userinput)
13123
#, no-wrap
13124
msgid "ifconfig -a | grep eth"
13125
msgstr ""
13126
13127
#: serverguide/C/network-config.xml:51(screen)
13128
#, no-wrap
13129
msgid ""
13130
"\n"
13131
"<placeholder-1/>\n"
13132
"eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a\n"
13133
msgstr ""
13134
13135
#: serverguide/C/network-config.xml:55(para)
13136
msgid ""
13137
"Another application that can help identify all network interfaces available "
13138
"to your system is the <application>lshw</application> command. In the "
13139
"example below, <application>lshw</application> shows a single Ethernet "
13140
"interface with the logical name of <emphasis role=\"italic\">eth0</emphasis> "
13141
"along with bus information, driver details and all supported capabilities."
13142
msgstr ""
13143
13144
#: serverguide/C/network-config.xml:62(userinput)
13145
#, no-wrap
13146
msgid "sudo lshw -class network"
13147
msgstr ""
13148
13149
#: serverguide/C/network-config.xml:61(screen)
13150
#, no-wrap
13151
msgid ""
13152
"\n"
13153
"<placeholder-1/>\n"
13154
" *-network\n"
13155
" description: Ethernet interface\n"
13156
" product: BCM4401-B0 100Base-TX\n"
13157
" vendor: Broadcom Corporation\n"
13158
" physical id: 0\n"
13159
" bus info: pci@0000:03:00.0\n"
13160
" logical name: eth0\n"
13161
" version: 02\n"
13162
" serial: 00:15:c5:4a:16:5a\n"
13163
" size: 10MB/s\n"
13164
" capacity: 100MB/s\n"
13165
" width: 32 bits\n"
13166
" clock: 33MHz\n"
13167
" capabilities: (snipped for brevity)\n"
13168
" configuration: (snipped for brevity)\n"
13169
" resources: irq:17 memory:ef9fe000-ef9fffff\n"
13170
msgstr ""
13171
13172
#: serverguide/C/network-config.xml:83(title)
13173
msgid "Ethernet Interface Logical Names"
13174
msgstr ""
13175
13176
#: serverguide/C/network-config.xml:84(para)
13177
msgid ""
13178
"Interface logical names are configured in the file "
13179
"<filename>/etc/udev/rules.d/70-persistent-net.rules.</filename> If you would "
13180
"like control which interface receives a particular logical name, find the "
13181
"line matching the interfaces physical MAC address and modify the value of "
13182
"<emphasis role=\"italic\">NAME=ethX</emphasis> to the desired logical name. "
13183
"Reboot the system to commit your changes."
13184
msgstr ""
13185
13186
#: serverguide/C/network-config.xml:92(programlisting)
13187
#, no-wrap
13188
msgid ""
13189
"\n"
13190
"SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", "
13191
"ATTR{address}==\"00:15:c5:4a:16:5a\", ATTR{dev_id}==\"0x0\", "
13192
"ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"eth0\"\n"
13193
"SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", "
13194
"ATTR{address}==\"00:15:c5:4a:16:5b\", ATTR{dev_id}==\"0x0\", "
13195
"ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"eth1\"\n"
13196
msgstr ""
13197
13198
#: serverguide/C/network-config.xml:99(title)
13199
msgid "Ethernet Interface Settings"
13200
msgstr ""
13201
13202
#: serverguide/C/network-config.xml:100(para)
13203
msgid ""
13204
"<application>ethtool</application> is a program that displays and changes "
13205
"Ethernet card settings such as auto-negotiation, port speed, duplex mode, "
13206
"and Wake-on-LAN. It is not installed by default, but is available for "
13207
"installation in the repositories."
13208
msgstr ""
13209
13210
#: serverguide/C/network-config.xml:106(userinput)
13211
#, no-wrap
13212
msgid "sudo apt-get install ethtool"
13213
msgstr ""
13214
13215
#: serverguide/C/network-config.xml:108(para)
13216
msgid ""
13217
"The following is an example of how to view supported features and configured "
13218
"settings of an Ethernet interface."
13219
msgstr ""
13220
13221
#: serverguide/C/network-config.xml:113(userinput)
13222
#, no-wrap
13223
msgid "sudo ethtool eth0"
13224
msgstr ""
13225
13226
#: serverguide/C/network-config.xml:112(screen)
13227
#, no-wrap
13228
msgid ""
13229
"\n"
13230
"<placeholder-1/>\n"
13231
"Settings for eth0:\n"
13232
" Supported ports: [ TP ]\n"
13233
" Supported link modes: 10baseT/Half 10baseT/Full \n"
13234
" 100baseT/Half 100baseT/Full \n"
13235
" 1000baseT/Half 1000baseT/Full \n"
13236
" Supports auto-negotiation: Yes\n"
13237
" Advertised link modes: 10baseT/Half 10baseT/Full \n"
13238
" 100baseT/Half 100baseT/Full \n"
13239
" 1000baseT/Half 1000baseT/Full \n"
13240
" Advertised auto-negotiation: Yes\n"
13241
" Speed: 1000Mb/s\n"
13242
" Duplex: Full\n"
13243
" Port: Twisted Pair\n"
13244
" PHYAD: 1\n"
13245
" Transceiver: internal\n"
13246
" Auto-negotiation: on\n"
13247
" Supports Wake-on: g\n"
13248
" Wake-on: d\n"
13249
" Current message level: 0x000000ff (255)\n"
13250
" Link detected: yes\n"
13251
msgstr ""
13252
13253
#: serverguide/C/network-config.xml:135(para)
13254
msgid ""
13255
"Changes made with the <application>ethtool</application> command are "
13256
"temporary and will be lost after a reboot. If you would like to retain "
13257
"settings, simply add the desired <application>ethtool</application> command "
13258
"to a <emphasis role=\"italic\">pre-up</emphasis> statement in the interface "
13259
"configuration file <filename>/etc/network/interfaces</filename>."
13260
msgstr ""
13261
13262
#: serverguide/C/network-config.xml:141(para)
13263
msgid ""
13264
"The following is an example of how the interface identified as <emphasis "
13265
"role=\"italic\">eth0</emphasis> could be permanently configured with a port "
13266
"speed of 1000Mb/s running in full duplex mode."
13267
msgstr ""
13268
13269
#: serverguide/C/network-config.xml:145(programlisting)
13270
#, no-wrap
13271
msgid ""
13272
"\n"
13273
"auto eth0\n"
13274
"iface eth0 inet static\n"
13275
"pre-up /usr/sbin/ethtool -s eth0 speed 1000 duplex full\n"
13276
msgstr ""
13277
13278
#: serverguide/C/network-config.xml:151(para)
13279
msgid ""
13280
"Although the example above shows the interface configured to use the "
13281
"<emphasis role=\"italic\">static</emphasis> method, it actually works with "
13282
"other methods as well, such as DHCP. The example is meant to demonstrate "
13283
"only proper placement of the <emphasis role=\"italic\">pre-up</emphasis> "
13284
"statement in relation to the rest of the interface configuration."
13285
msgstr ""
13286
13287
#: serverguide/C/network-config.xml:163(title)
13288
msgid "IP Addressing"
13289
msgstr ""
13290
13291
#: serverguide/C/network-config.xml:164(para)
13292
msgid ""
13293
"The following section describes the process of configuring your systems IP "
13294
"address and default gateway needed for communicating on a local area network "
13295
"and the Internet."
13296
msgstr ""
13297
13298
#: serverguide/C/network-config.xml:171(title)
13299
msgid "Temporary IP Address Assignment"
13300
msgstr ""
13301
13302
#: serverguide/C/network-config.xml:172(para)
13303
msgid ""
13304
"For temporary network configurations, you can use standard commands such as "
13305
"<application>ip</application>, <application>ifconfig</application> and "
13306
"<application>route</application>, which are also found on most other "
13307
"GNU/Linux operating systems. These commands allow you to configure settings "
13308
"which take effect immediately, however they are not persistent and will be "
13309
"lost after a reboot."
13310
msgstr ""
13311
13312
#: serverguide/C/network-config.xml:180(para)
13313
msgid ""
13314
"To temporarily configure an IP address, you can use the "
13315
"<application>ifconfig</application> command in the following manner. Just "
13316
"modify the IP address and subnet mask to match your network requirements."
13317
msgstr ""
13318
13319
#: serverguide/C/network-config.xml:186(userinput)
13320
#, no-wrap
13321
msgid "sudo ifconfig eth0 10.0.0.100 netmask 255.255.255.0"
13322
msgstr ""
13323
13324
#: serverguide/C/network-config.xml:188(para)
13325
msgid ""
13326
"To verify the IP address configuration of <application>eth0</application>, "
13327
"you can use the <application>ifconfig</application> command in the following "
13328
"manner."
13329
msgstr ""
13330
13331
#: serverguide/C/network-config.xml:193(userinput)
13332
#, no-wrap
13333
msgid "ifconfig eth0"
13334
msgstr ""
13335
13336
#: serverguide/C/network-config.xml:192(screen)
13337
#, no-wrap
13338
msgid ""
13339
"\n"
13340
"<placeholder-1/>\n"
13341
"eth0 Link encap:Ethernet HWaddr 00:15:c5:4a:16:5a \n"
13342
" inet addr:10.0.0.100 Bcast:10.0.0.255 Mask:255.255.255.0\n"
13343
" inet6 addr: fe80::215:c5ff:fe4a:165a/64 Scope:Link\n"
13344
" UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n"
13345
" RX packets:466475604 errors:0 dropped:0 overruns:0 frame:0\n"
13346
" TX packets:403172654 errors:0 dropped:0 overruns:0 carrier:0\n"
13347
" collisions:0 txqueuelen:1000 \n"
13348
" RX bytes:2574778386 (2.5 GB) TX bytes:1618367329 (1.6 GB)\n"
13349
" Interrupt:16 \n"
13350
msgstr ""
13351
13352
#: serverguide/C/network-config.xml:204(para)
13353
msgid ""
13354
"To configure a default gateway, you can use the "
13355
"<application>route</application> command in the following manner. Modify the "
13356
"default gateway address to match your network requirements."
13357
msgstr ""
13358
13359
#: serverguide/C/network-config.xml:210(userinput)
13360
#, no-wrap
13361
msgid "sudo route add default gw 10.0.0.1 eth0"
13362
msgstr ""
13363
13364
#: serverguide/C/network-config.xml:212(para)
13365
msgid ""
13366
"To verify your default gateway configuration, you can use the "
13367
"<application>route</application> command in the following manner."
13368
msgstr ""
13369
13370
#: serverguide/C/network-config.xml:217(userinput)
13371
#, no-wrap
13372
msgid "route -n"
13373
msgstr ""
13374
13375
#: serverguide/C/network-config.xml:216(screen)
13376
#, no-wrap
13377
msgid ""
13378
"\n"
13379
"<placeholder-1/>\n"
13380
"Kernel IP routing table\n"
13381
"Destination Gateway Genmask Flags Metric Ref Use "
13382
"Iface\n"
13383
"10.0.0.0 0.0.0.0 255.255.255.0 U 1 0 0 "
13384
"eth0\n"
13385
"0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 "
13386
"eth0\n"
13387
msgstr ""
13388
13389
#: serverguide/C/network-config.xml:223(para)
13390
msgid ""
13391
"If you require DNS for your temporary network configuration, you can add DNS "
13392
"server IP addresses in the file <filename>/etc/resolv.conf</filename>. The "
13393
"example below shows how to enter two DNS servers to "
13394
"<filename>/etc/resolv.conf</filename>, which should be changed to servers "
13395
"appropriate for your network. A more lengthy description of DNS client "
13396
"configuration is in a following section."
13397
msgstr ""
13398
13399
#: serverguide/C/network-config.xml:230(programlisting)
13400
#, no-wrap
13401
msgid ""
13402
"\n"
13403
"nameserver 8.8.8.8\n"
13404
"nameserver 8.8.4.4\n"
13405
msgstr ""
13406
13407
#: serverguide/C/network-config.xml:234(para)
13408
msgid ""
13409
"If you no longer need this configuration and wish to purge all IP "
13410
"configuration from an interface, you can use the "
13411
"<application>ip</application> command with the flush option as shown below."
13412
msgstr ""
13413
13414
#: serverguide/C/network-config.xml:240(userinput)
13415
#, no-wrap
13416
msgid "ip addr flush eth0"
13417
msgstr ""
13418
13419
#: serverguide/C/network-config.xml:243(para)
13420
msgid ""
13421
"Flushing the IP configuration using the <application>ip</application> "
13422
"command does not clear the contents of "
13423
"<filename>/etc/resolv.conf</filename>. You must remove or modify those "
13424
"entries manually."
13425
msgstr ""
13426
13427
#: serverguide/C/network-config.xml:251(title)
13428
msgid "Dynamic IP Address Assignment (DHCP Client)"
13429
msgstr ""
13430
13431
#: serverguide/C/network-config.xml:252(para)
13432
msgid ""
13433
"To configure your server to use DHCP for dynamic address assignment, add the "
13434
"<emphasis role=\"italic\">dhcp</emphasis> method to the inet address family "
13435
"statement for the appropriate interface in the file "
13436
"<filename>/etc/network/interfaces</filename>. The example below assumes you "
13437
"are configuring your first Ethernet interface identified as <emphasis "
13438
"role=\"italic\">eth0</emphasis>."
13439
msgstr ""
13440
13441
#: serverguide/C/network-config.xml:259(programlisting)
12170
13442
#, no-wrap
12171
13443
msgid ""
12172
13444
"\n"
12174
13446
"iface eth0 inet dhcp\n"
12175
13447
msgstr ""
12176
13448
12177
#: serverguide/C/network-config.xml:59(para)
12178
msgid ""
12179
"The first line specifies that the eth0 device should come up automatically "
12180
"when you boot. The second line means that interface (<quote>iface</quote>) "
12181
"eth0 should have an IPv4 address space (replace <quote>inet</quote> with "
12182
"<quote>inet6</quote> for an IPv6 device) and that it should get its "
12183
"configuration automatically from DHCP. Assuming your network and DHCP server "
12184
"are properly configured, this machine's network should need no further "
12185
"configuration to operate properly. The DHCP server will provide the default "
12186
"gateway (implemented via the <application>route</application> command), the "
12187
"device's IP address (implemented via the <application>ifconfig</application> "
12188
"command), and DNS servers used on the network (implemented in the "
12189
"<filename>/etc/resolv.conf</filename> file.)"
12190
msgstr ""
12191
12192
#: serverguide/C/network-config.xml:72(para)
12193
msgid ""
12194
"To configure your Ethernet device with a static IP address and custom "
12195
"configuration, some more information will be required. Suppose you want to "
12196
"assign the IP address 192.168.0.2 to the device eth1, with the typical "
12197
"netmask of 255.255.255.0. Your default gateway's IP address is 192.168.0.1. "
12198
"You would enter something like this into "
12199
"<filename>/etc/network/interfaces</filename>:"
12200
msgstr ""
12201
12202
#: serverguide/C/network-config.xml:79(programlisting)
12203
#, no-wrap
12204
msgid ""
12205
"\n"
12206
"iface eth1 inet static\n"
12207
"\taddress 192.168.0.2\n"
12208
"\tnetmask 255.255.255.0\n"
12209
"\tgateway 192.168.0.1\n"
12210
msgstr ""
12211
12212
#: serverguide/C/network-config.xml:85(para)
12213
msgid ""
12214
"In this case, you will need to specify your DNS servers manually in "
12215
"<filename>/etc/resolv.conf</filename>, which should look something like this:"
12216
msgstr ""
12217
12218
#: serverguide/C/network-config.xml:89(programlisting)
12219
#, no-wrap
12220
msgid ""
12221
"\n"
12222
"search mydomain.example\n"
12223
"nameserver 192.168.0.1\n"
12224
"nameserver 4.2.2.2\n"
12225
msgstr ""
12226
12227
#: serverguide/C/network-config.xml:94(para)
12228
msgid ""
12229
"The <emphasis role=\"italics\">search</emphasis> directive will append "
12230
"mydomain.example to hostname queries in an attempt to resolve names to your "
12231
"network. For example, if your network's domain is mydomain.example and you "
12232
"try to ping the host <quote>mybox</quote>, the DNS query will be modified to "
12233
"<quote>mybox.mydomain.example</quote> for resolution. The <emphasis "
12234
"role=\"italics\">nameserver</emphasis> directives specify DNS servers to be "
12235
"used to resolve hostnames to IP addresses. If you use your own nameserver, "
12236
"enter it here. Otherwise, ask your Internet Service Provider for the primary "
12237
"and secondary DNS servers to use, and enter them into "
12238
"<filename>/etc/resolv.conf</filename> as shown above."
12239
msgstr ""
12240
12241
#: serverguide/C/network-config.xml:106(para)
12242
msgid ""
12243
"Many more configurations are possible, including dialup PPP interfaces, IPv6 "
12244
"networking, VPN devices, etc. Refer to <application>man 5 "
12245
"interfaces</application> for more information and supported options. "
12246
"Remember that <filename>/etc/network/interfaces</filename> is used by the "
12247
"<application>ifup</application>/<application>ifdown</application> scripts as "
12248
"a higher level configuration scheme than may be used in some other Linux "
12249
"distributions, and that the traditional, lower level utilities such as "
12250
"<application>ifconfig</application>, <application>route</application>, and "
12251
"<application>dhclient</application> are still available to you for ad hoc "
12252
"configurations."
12253
msgstr ""
12254
"配置更多的接口是可能的,包括拨号的 PPP 接口、IPv6 网络、VPN 设备等。更多信息和支持选项请参考 <application>man 5 "
12255
"interfaces</application>。记住 <filename>/etc/network/interfaces</filename> 被 "
12256
"<application>ifup</application>/<application>ifdown</application> "
12257
"脚本用于作为比其他一些 Linux "
12258
"发行版更高层的配置模式。传统的低层工具如<application>ifconfig</application>、<application>route</a"
12259
"pplication> 和 <application>dhclient</application> 仍旧可被您用来进行特别配置。"
12260
12261
#: serverguide/C/network-config.xml:120(title)
12262
msgid "Managing DNS Entries"
12263
msgstr "管理 DNS 记录"
12264
12265
#: serverguide/C/network-config.xml:121(para)
12266
msgid ""
12267
"This section explains how to configure which nameserver to use when "
12268
"resolving IP addresses to hostnames and vice versa. It does not explain how "
12269
"to configure the system as a name server."
12270
msgstr "本节解释了当要将 IP 地址解析为主机名或是进行相反操作时,如何配置使用哪个名称服务器。本节并不解释如何将系统配置为一台名称服务器。"
12271
12272
#: serverguide/C/network-config.xml:126(para)
12273
msgid ""
12274
"To manage DNS entries, you can add, edit, or remove DNS names from the "
12275
"<filename>/etc/resolv.conf</filename> file. A sample file is given below:"
12276
msgstr ""
12277
12278
#: serverguide/C/network-config.xml:130(programlisting)
12279
#, no-wrap
12280
msgid ""
12281
"\n"
12282
"search com\n"
12283
"nameserver 204.11.126.131\n"
12284
"nameserver 64.125.134.133\n"
12285
"nameserver 64.125.134.132\n"
12286
"nameserver 208.185.179.218\n"
12287
msgstr ""
12288
"\n"
12289
"search com\n"
12290
"nameserver 204.11.126.131\n"
12291
"nameserver 64.125.134.133\n"
12292
"nameserver 64.125.134.132\n"
12293
"nameserver 208.185.179.218\n"
12294
12295
#: serverguide/C/network-config.xml:138(para)
12296
msgid ""
12297
"The <application>search</application> key specifies the string which will be "
12298
"appended to an incomplete hostname. Here, we have configured it to "
12299
"<application>com</application>. So, when we run: <command>ping "
12300
"ubuntu</command> it would be interpreted as <command>ping "
12301
"ubuntu.com</command>."
12302
msgstr ""
12303
"<application>search</application> 关键字指定为不完整的主机名添加的字符串。在这里我们将其配置为 "
12304
"<application>com</application>。因此当我们运行:<command>ping ubuntu</command> "
12305
"时它会被理解成 <command>ping ubuntu.com</command>。"
12306
12307
#: serverguide/C/network-config.xml:146(para)
12308
msgid ""
12309
"The <application>nameserver</application> key specifies the nameserver IP "
12310
"address. It will be used to resolve a given IP address or hostname. This "
12311
"file can have multiple nameserver entries. The nameservers will be used by "
12312
"the network query in the same order."
12313
msgstr ""
12314
"<application>nameserver</application> 关键字指定名称服务器的 IP 地址。它会被用来解析一个给定的 IP "
12315
"地址或主机名。该文件可以有多个名称服务器条目。网络查询将以与条目相同的顺序使用这些名称服务器。"
12316
12317
#: serverguide/C/network-config.xml:155(para)
12318
msgid ""
12319
"If the DNS server names are retrieved dynamically from DHCP or PPPoE "
12320
"(retrieved from your ISP), do not add nameserver entries in this file. It "
12321
"will be overwritten."
12322
msgstr ""
12323
"如果 DNS 服务器名称是通过 DHCP 或 PPPoE (从您的 ISP ) 动态取回的,那么请不要在该文件中添加名称服务器条目。该条目会被覆盖。"
12324
12325
#: serverguide/C/network-config.xml:164(title)
12326
msgid "Managing Hosts"
12327
msgstr "管理主机"
12328
12329
#: serverguide/C/network-config.xml:165(para)
12330
msgid ""
12331
"To manage hosts, you can add, edit, or remove hosts from "
12332
"<filename>/etc/hosts</filename> file. The file contains IP addresses and "
12333
"their corresponding hostnames. When your system tries to resolve a hostname "
12334
"to an IP address or determine the hostname for an IP address, it refers to "
12335
"the <filename>/etc/hosts</filename> file before using the name servers. If "
12336
"the IP address is listed in the <filename>/etc/hosts</filename> file, the "
12337
"name servers are not used. This behavior can be modified by editing "
12338
"<filename>/etc/nsswitch.conf</filename> at your peril."
12339
msgstr ""
12340
12341
#: serverguide/C/network-config.xml:178(para)
12342
msgid ""
12343
"If your network contains computers whose IP addresses are not listed in DNS, "
12344
"it is recommended that you add them to the <filename>/etc/hosts</filename> "
12345
"file."
12346
msgstr ""
12347
"如果您网络所包含计算机的 IP 地址没有在 DNS 中列出,建议您将它们加入到 <filename>/etc/hosts</filename> 文件中。"
12348
12349
#: serverguide/C/network-config.xml:186(title)
13449
#: serverguide/C/network-config.xml:263(para)
13450
msgid ""
13451
"By adding an interface configuration as shown above, you can manually enable "
13452
"the interface through the <application>ifup</application> command which "
13453
"initiates the DHCP process via <application>dhclient</application>."
13454
msgstr ""
13455
13456
#: serverguide/C/network-config.xml:269(userinput) serverguide/C/network-config.xml:304(userinput)
13457
#, no-wrap
13458
msgid "sudo ifup eth0"
13459
msgstr ""
13460
13461
#: serverguide/C/network-config.xml:271(para)
13462
msgid ""
13463
"To manually disable the interface, you can use the "
13464
"<application>ifdown</application> command, which in turn will initiate the "
13465
"DHCP release process and shut down the interface."
13466
msgstr ""
13467
13468
#: serverguide/C/network-config.xml:277(userinput) serverguide/C/network-config.xml:311(userinput)
13469
#, no-wrap
13470
msgid "sudo ifdown eth0"
13471
msgstr ""
13472
13473
#: serverguide/C/network-config.xml:282(title)
13474
msgid "Static IP Address Assignment"
13475
msgstr ""
13476
13477
#: serverguide/C/network-config.xml:283(para)
13478
msgid ""
13479
"To configure your system to use a static IP address assignment, add the "
13480
"<emphasis role=\"italic\">static</emphasis> method to the inet address "
13481
"family statement for the appropriate interface in the file "
13482
"<filename>/etc/network/interfaces</filename>. The example below assumes you "
13483
"are configuring your first Ethernet interface identified as <emphasis "
13484
"role=\"italic\">eth0</emphasis>. Change the <emphasis "
13485
"role=\"italic\">address</emphasis>, <emphasis "
13486
"role=\"italic\">netmask</emphasis>, and <emphasis "
13487
"role=\"italic\">gateway</emphasis> values to meet the requirements of your "
13488
"network."
13489
msgstr ""
13490
13491
#: serverguide/C/network-config.xml:292(programlisting)
13492
#, no-wrap
13493
msgid ""
13494
"\n"
13495
"auto eth0\n"
13496
"iface eth0 inet static\n"
13497
"address 10.0.0.100\n"
13498
"netmask 255.255.255.0\n"
13499
"gateway 10.0.0.1\n"
13500
msgstr ""
13501
13502
#: serverguide/C/network-config.xml:299(para)
13503
msgid ""
13504
"By adding an interface configuration as shown above, you can manually enable "
13505
"the interface through the <application>ifup</application> command."
13506
msgstr ""
13507
13508
#: serverguide/C/network-config.xml:306(para)
13509
msgid ""
13510
"To manually disable the interface, you can use the "
13511
"<application>ifdown</application> command."
13512
msgstr ""
13513
13514
#: serverguide/C/network-config.xml:316(title)
13515
msgid "Loopback Interface"
13516
msgstr ""
13517
13518
#: serverguide/C/network-config.xml:317(para)
13519
msgid ""
13520
"The loopback interface is identified by the system as <emphasis "
13521
"role=\"italic\">lo</emphasis> and has a default IP address of 127.0.0.1. It "
13522
"can be viewed using the ifconfig command."
13523
msgstr ""
13524
13525
#: serverguide/C/network-config.xml:322(userinput)
13526
#, no-wrap
13527
msgid "ifconfig lo"
13528
msgstr ""
13529
13530
#: serverguide/C/network-config.xml:321(screen)
13531
#, no-wrap
13532
msgid ""
13533
"\n"
13534
"<placeholder-1/>\n"
13535
"lo Link encap:Local Loopback \n"
13536
" inet addr:127.0.0.1 Mask:255.0.0.0\n"
13537
" inet6 addr: ::1/128 Scope:Host\n"
13538
" UP LOOPBACK RUNNING MTU:16436 Metric:1\n"
13539
" RX packets:2718 errors:0 dropped:0 overruns:0 frame:0\n"
13540
" TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0\n"
13541
" collisions:0 txqueuelen:0 \n"
13542
" RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)\n"
13543
msgstr ""
13544
13545
#: serverguide/C/network-config.xml:332(para)
13546
msgid ""
13547
"By default, there should be two lines in "
13548
"<filename>/etc/network/interfaces</filename> responsible for automatically "
13549
"configuring your loopback interface. It is recommended that you keep the "
13550
"default settings unless you have a specific purpose for changing them. An "
13551
"example of the two default lines are shown below."
13552
msgstr ""
13553
13554
#: serverguide/C/network-config.xml:338(programlisting)
13555
#, no-wrap
13556
msgid ""
13557
"\n"
13558
"auto lo\n"
13559
"iface lo inet loopback\n"
13560
msgstr ""
13561
13562
#: serverguide/C/network-config.xml:347(title)
13563
msgid "Name Resolution"
13564
msgstr ""
13565
13566
#: serverguide/C/network-config.xml:348(para)
13567
msgid ""
13568
"Name resolution as it relates to IP networking is the process of mapping IP "
13569
"addresses to hostnames, making it easier to identify resources on a network. "
13570
"The following section will explain how to properly configure your system for "
13571
"name resolution using DNS and static hostname records."
13572
msgstr ""
13573
13574
#: serverguide/C/network-config.xml:356(title)
13575
msgid "DNS Client Configuration"
13576
msgstr ""
13577
13578
#: serverguide/C/network-config.xml:357(para)
13579
msgid ""
13580
"To configure your system to use DNS for name resolution, add the IP "
13581
"addresses of the DNS servers that are appropriate for your network in the "
13582
"file <filename>/etc/resolv.conf</filename>. You can also add an optional DNS "
13583
"suffix search-lists to match your network domain names."
13584
msgstr ""
13585
13586
#: serverguide/C/network-config.xml:362(para)
13587
msgid ""
13588
"Below is an example of a typical configuration of "
13589
"<filename>/etc/resolv.conf</filename> for a server on the domain \"<emphasis "
13590
"role=\"italic\">example.com</emphasis>\" and using two public DNS servers."
13591
msgstr ""
13592
13593
#: serverguide/C/network-config.xml:367(programlisting)
13594
#, no-wrap
13595
msgid ""
13596
"\n"
13597
"search example.com\n"
13598
"nameserver 8.8.8.8\n"
13599
"nameserver 8.8.4.4\n"
13600
msgstr ""
13601
13602
#: serverguide/C/network-config.xml:372(para)
13603
msgid ""
13604
"The <emphasis role=\"italic\">search</emphasis> option can also be used with "
13605
"multiple domain names so that DNS queries will be appended in the order in "
13606
"which they are entered. For example, your network may have multiple sub-"
13607
"domains to search; a parent domain of <emphasis "
13608
"role=\"italic\">example.com</emphasis>, and two sub-domains, <emphasis "
13609
"role=\"italic\">sales.example.com</emphasis> and <emphasis "
13610
"role=\"italic\">dev.example.com</emphasis>."
13611
msgstr ""
13612
13613
#: serverguide/C/network-config.xml:380(para)
13614
msgid ""
13615
"If you have multiple domains you wish to search, your configuration might "
13616
"look like the following."
13617
msgstr ""
13618
13619
#: serverguide/C/network-config.xml:383(programlisting)
13620
#, no-wrap
13621
msgid ""
13622
"\n"
13623
"search example.com sales.example.com dev.example.com\n"
13624
"nameserver 8.8.8.8\n"
13625
"nameserver 8.8.4.4\n"
13626
msgstr ""
13627
13628
#: serverguide/C/network-config.xml:388(para)
13629
msgid ""
13630
"If you try to ping a host with the name of <emphasis "
13631
"role=\"italic\">server1</emphasis>, your system will automatically query DNS "
13632
"for its Fully Qualified Domain Name (FQDN) in the following order:"
13633
msgstr ""
13634
13635
#: serverguide/C/network-config.xml:394(para)
13636
msgid "server1<emphasis role=\"bold\">.example.com</emphasis>"
13637
msgstr ""
13638
13639
#: serverguide/C/network-config.xml:399(para)
13640
msgid "server1<emphasis role=\"bold\">.sales.example.com</emphasis>"
13641
msgstr ""
13642
13643
#: serverguide/C/network-config.xml:404(para)
13644
msgid "server1<emphasis role=\"bold\">.dev.example.com</emphasis>"
13645
msgstr ""
13646
13647
#: serverguide/C/network-config.xml:409(para)
13648
msgid ""
13649
"If no matches are found, the DNS server will provide a result of <emphasis "
13650
"role=\"italic\">notfound</emphasis> and the DNS query will fail."
13651
msgstr ""
13652
13653
#: serverguide/C/network-config.xml:416(title)
13654
msgid "Static Hostnames"
13655
msgstr ""
13656
13657
#: serverguide/C/network-config.xml:417(para)
13658
msgid ""
13659
"Static hostnames are locally defined hostname-to-IP mappings located in the "
13660
"file <filename>/etc/hosts</filename>. Entries in the "
13661
"<filename>hosts</filename> file will have precedence over DNS by default. "
13662
"This means that if your system tries to resolve a hostname and it matches an "
13663
"entry in /etc/hosts, it will not attempt to look up the record in DNS. In "
13664
"some configurations, especially when Internet access is not required, "
13665
"servers that communicate with a limited number of resources can be "
13666
"conveniently set to use static hostnames instead of DNS."
13667
msgstr ""
13668
13669
#: serverguide/C/network-config.xml:424(para)
13670
msgid ""
13671
"The following is an example of a <filename>hosts</filename> file where a "
13672
"number of local servers have been identified by simple hostnames, aliases "
13673
"and their equivalent Fully Qualified Domain Names (FQDN's)."
13674
msgstr ""
13675
13676
#: serverguide/C/network-config.xml:428(programlisting)
13677
#, no-wrap
13678
msgid ""
13679
"\n"
13680
"127.0.0.1\tlocalhost\n"
13681
"127.0.1.1\tubuntu-server\n"
13682
"10.0.0.11\tserver1 vpn server1.example.com\n"
13683
"10.0.0.12\tserver2 mail server2.example.com\n"
13684
"10.0.0.13\tserver3 www server3.example.com\n"
13685
"10.0.0.14\tserver4 file server4.example.com\n"
13686
msgstr ""
13687
13688
#: serverguide/C/network-config.xml:437(para)
13689
msgid ""
13690
"In the above example, notice that each of the servers have been given "
13691
"aliases in addition to their proper names and FQDN's. <emphasis "
13692
"role=\"italic\">Server1</emphasis> has been mapped to the name <emphasis "
13693
"role=\"italic\">vpn</emphasis>, <emphasis role=\"italic\">server2</emphasis> "
13694
"is referred to as <emphasis role=\"italic\">mail</emphasis>, <emphasis "
13695
"role=\"italic\">server3</emphasis> as <emphasis "
13696
"role=\"italic\">www</emphasis>, and <emphasis "
13697
"role=\"italic\">server4</emphasis> as <emphasis "
13698
"role=\"italic\">file</emphasis>."
13699
msgstr ""
13700
13701
#: serverguide/C/network-config.xml:449(title)
13702
msgid "Name Service Switch Configuration"
13703
msgstr ""
13704
13705
#: serverguide/C/network-config.xml:450(para)
13706
msgid ""
13707
"The order in which your system selects a method of resolving hostnames to IP "
13708
"addresses is controlled by the Name Service Switch (NSS) configuration file "
13709
"<filename>/etc/nsswitch.conf</filename>. As mentioned in the previous "
13710
"section, typically static hostnames defined in the systems "
13711
"<filename>/etc/hosts</filename> file have precedence over names resolved "
13712
"from DNS. The following is an example of the line responsible for this order "
13713
"of hostname lookups in the file <filename>/etc/nsswitch.conf</filename>."
13714
msgstr ""
13715
13716
#: serverguide/C/network-config.xml:458(programlisting)
13717
#, no-wrap
13718
msgid ""
13719
"\n"
13720
"hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4\n"
13721
msgstr ""
13722
13723
#: serverguide/C/network-config.xml:464(para)
13724
msgid ""
13725
"<emphasis role=\"bold\">files</emphasis> first tries to resolve static "
13726
"hostnames located in <filename>/etc/hosts</filename>."
13727
msgstr ""
13728
13729
#: serverguide/C/network-config.xml:470(para)
13730
msgid ""
13731
"<emphasis role=\"bold\">mdns4_minimal</emphasis> attempts to resolve the "
13732
"name using Multicast DNS."
13733
msgstr ""
13734
13735
#: serverguide/C/network-config.xml:475(para)
13736
msgid ""
13737
"<emphasis role=\"bold\">[NOTFOUND=return]</emphasis> means that any response "
13738
"of <emphasis role=\"italic\">notfound</emphasis> by the preceeding <emphasis "
13739
"role=\"italic\">mdns4_minimal</emphasis> process should be treated as "
13740
"authoritative and that the system should not try to continue hunting for an "
13741
"answer."
13742
msgstr ""
13743
13744
#: serverguide/C/network-config.xml:483(para)
13745
msgid ""
13746
"<emphasis role=\"bold\">dns</emphasis> represents a legacy unicast DNS query."
13747
msgstr ""
13748
13749
#: serverguide/C/network-config.xml:488(para)
13750
msgid ""
13751
"<emphasis role=\"bold\">mdns4</emphasis> represents a Multicast DNS query."
13752
msgstr ""
13753
13754
#: serverguide/C/network-config.xml:494(para)
13755
msgid ""
13756
"To modify the order of the above mentioned name resolution methods, you can "
13757
"simply change the <emphasis role=\"italic\">hosts:</emphasis> string to the "
13758
"value of your choosing. For example, if you prefer to use legacy Unicast DNS "
13759
"versus Multicast DNS, you can change the string in "
13760
"<filename>/etc/nsswitch.conf</filename> as shown below."
13761
msgstr ""
13762
13763
#: serverguide/C/network-config.xml:501(programlisting)
13764
#, no-wrap
13765
msgid ""
13766
"\n"
13767
"hosts: files dns [NOTFOUND=return] mdns4_minimal mdns4\n"
13768
msgstr ""
13769
13770
#: serverguide/C/network-config.xml:508(title)
12350
13771
msgid "Bridging"
12351
13772
msgstr ""
12352
13773
12353
#: serverguide/C/network-config.xml:188(para)
13774
#: serverguide/C/network-config.xml:510(para)
12354
13775
msgid ""
12355
13776
"Bridging multiple interfaces is a more advanced configuration, but is very "
12356
13777
"useful in multiple scenarios. One scenario is setting up a bridge with "
12360
13781
"The following example covers the latter scenario."
12361
13782
msgstr ""
12362
13783
12363
#: serverguide/C/network-config.xml:195(para)
13784
#: serverguide/C/network-config.xml:517(para)
12364
13785
msgid ""
12365
13786
"Before configuring a bridge you will need to install the <application>bridge-"
12366
13787
"utils</application> package. To install the package, in a terminal enter:"
12367
13788
msgstr ""
12368
13789
12369
#: serverguide/C/network-config.xml:201(command)
13790
#: serverguide/C/network-config.xml:523(command)
12370
13791
msgid "sudo apt-get install bridge-utils"
12371
13792
msgstr ""
12372
13793
12373
#: serverguide/C/network-config.xml:204(para)
13794
#: serverguide/C/network-config.xml:526(para)
12374
13795
msgid ""
12375
13796
"Next, configure the bridge by editing "
12376
13797
"<filename>/etc/network/interfaces</filename>:"
12377
13798
msgstr ""
12378
13799
12379
#: serverguide/C/network-config.xml:208(programlisting)
13800
#: serverguide/C/network-config.xml:530(programlisting)
12380
13801
#, no-wrap
12381
13802
msgid ""
12382
13803
"\n"
12413
13834
" bridge_maxage 12\n"
12414
13835
" bridge_stp off\n"
12415
13836
12416
#: serverguide/C/network-config.xml:227(para)
13837
#: serverguide/C/network-config.xml:549(para)
12417
13838
msgid "Enter the appropriate values for your physical interface and network."
12418
13839
msgstr "为你的物理接口和网络输入相应的值。"
12419
13840
12420
#: serverguide/C/network-config.xml:232(para)
13841
#: serverguide/C/network-config.xml:554(para)
12421
13842
msgid "Now restart networking to enable the bridge interface:"
12422
13843
msgstr ""
12423
13844
12424
#: serverguide/C/network-config.xml:239(para)
13845
#: serverguide/C/network-config.xml:561(para)
12425
13846
msgid ""
12426
13847
"The new bridge interface should now be up and running. The "
12427
13848
"<application>brctl</application> provides useful information about the state "
12429
13850
"<command>man brctl</command> for more information."
12430
13851
msgstr ""
12431
13852
12432
#: serverguide/C/network-config.xml:255(para)
13853
#: serverguide/C/network-config.xml:577(para)
13854
msgid ""
13855
"The <ulink url=\"https://help.ubuntu.com/community/Network\">Ubuntu Wiki "
13856
"Network page</ulink> has links to articles covering more advanced network "
13857
"configuration."
13858
msgstr ""
13859
13860
#: serverguide/C/network-config.xml:583(para)
12433
13861
msgid ""
12434
13862
"The <ulink "
12435
"url=\"http://manpages.ubuntu.com/manpages/karmic/en/man5/interfaces.5.html\">"
12436
"interfaces man page</ulink> has details on more options for "
13863
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/interfaces.5.html\">i"
13864
"nterfaces man page</ulink> has details on more options for "
12437
13865
"<filename>/etc/network/interfaces</filename>."
12438
13866
msgstr ""
12439
13867
12440
#: serverguide/C/network-config.xml:261(para)
13868
#: serverguide/C/network-config.xml:589(para)
13869
msgid ""
13870
"The <ulink "
13871
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/dhclient.8.html\">dhc"
13872
"lient man page</ulink> has details on more options for configuring DHCP "
13873
"client settings."
13874
msgstr ""
13875
13876
#: serverguide/C/network-config.xml:595(para)
12441
13877
msgid ""
12442
13878
"For more information on DNS client configuration see the <ulink "
12443
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/resolver.5.html\">re"
12444
"solver man page</ulink>. Also, Chapter 6 of O'Reilly's <ulink "
13879
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/resolver.5.html\">res"
13880
"olver man page</ulink>. Also, Chapter 6 of O'Reilly's <ulink "
12445
13881
"url=\"http://oreilly.com/catalog/linag2/book/ch06.html\">Linux Network "
12446
13882
"Administrator's Guide</ulink> is a good source of resolver and name service "
12447
13883
"configuration information."
12448
13884
msgstr ""
12449
13885
12450
#: serverguide/C/network-config.xml:269(para)
13886
#: serverguide/C/network-config.xml:603(para)
12451
13887
msgid ""
12452
13888
"For more information on <emphasis>bridging</emphasis> see the <ulink "
12453
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/brctl.8.html\">brctl"
12454
" man page</ulink> and the Linux Foundation's <ulink "
13889
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/brctl.8.html\">brctl "
13890
"man page</ulink> and the Linux Foundation's <ulink "
12455
13891
"url=\"http://www.linuxfoundation.org/en/Net:Bridge\">Net:Bridge</ulink> page."
12456
13892
msgstr ""
12457
13893
12458
#: serverguide/C/network-config.xml:280(title)
13894
#: serverguide/C/network-config.xml:614(title)
12459
13895
msgid "TCP/IP"
12460
13896
msgstr "TCP/IP"
12461
13897
12462
#: serverguide/C/network-config.xml:281(para)
13898
#: serverguide/C/network-config.xml:615(para)
12463
13899
msgid ""
12464
13900
"The Transmission Control Protocol and Internet Protocol (TCP/IP) is a "
12465
13901
"standard set of protocols developed in the late 1970s by the Defense "
12472
13908
"(DARPA)作为在不同类型计算机及计算机网络之间的通信手段而被开发的一个标准协议簇。TCP/IP 是 Internet "
12473
13909
"的驱动力,因此它是全球最流行的网络协议簇。"
12474
13910
12475
#: serverguide/C/network-config.xml:289(title)
13911
#: serverguide/C/network-config.xml:623(title)
12476
13912
msgid "TCP/IP Introduction"
12477
13913
msgstr "TCP/IP 介绍"
12478
13914
12479
#: serverguide/C/network-config.xml:290(para)
13915
#: serverguide/C/network-config.xml:624(para)
12480
13916
msgid ""
12481
13917
"The two protocol components of TCP/IP deal with different aspects of "
12482
13918
"computer networking. <emphasis>Internet Protocol</emphasis>, the \"IP\" of "
12491
13927
"host."
12492
13928
msgstr ""
12493
13929
12494
#: serverguide/C/network-config.xml:303(title)
13930
#: serverguide/C/network-config.xml:637(title)
12495
13931
msgid "TCP/IP Configuration"
12496
13932
msgstr "TCP/IP 配置"
12497
13933
12498
#: serverguide/C/network-config.xml:304(para)
13934
#: serverguide/C/network-config.xml:638(para)
12499
13935
msgid ""
12500
13936
"The TCP/IP protocol configuration consists of several elements which must be "
12501
13937
"set by editing the appropriate configuration files, or deploying solutions "
12508
13944
"TCP/IP 协议配置由必须设置的几个元素组成,可以通过编辑相应的配置文件或配置方案如动态主机配置协议 (DHCP) 来设置,它可以配置成提供适当的 "
12509
13945
"TCP/IP 配置来自动设置网络客户机。这些配置值必须正确设置,以便于您的 Ubuntu 系统进行相应网络操作。"
12510
13946
12511
#: serverguide/C/network-config.xml:316(para)
13947
#: serverguide/C/network-config.xml:650(para)
12512
13948
msgid ""
12513
13949
"<emphasis role=\"bold\">IP address</emphasis> The IP address is a unique "
12514
13950
"identifying string expressed as four decimal numbers ranging from zero (0) "
12521
13957
"255 的十进制数组成。 每部分由8个比特表示,整个地址总长为32个比特。这种格式被称为 <emphasis>dotted quad "
12522
13958
"notation</emphasis>。"
12523
13959
12524
#: serverguide/C/network-config.xml:326(para)
13960
#: serverguide/C/network-config.xml:660(para)
12525
13961
msgid ""
12526
13962
"<emphasis role=\"bold\">Netmask</emphasis> The Subnet Mask (or simply, "
12527
13963
"<emphasis>netmask</emphasis>) is a local bit mask, or set of flags which "
12535
13971
"是一个局部位掩码,或用指定的 <emphasis>子网掩码</emphasis> 来将IP 地址中的网络分隔出来的一组标识。举个例子,在 C "
12536
13972
"类网络中,标准的掩码是 255.255.255.0 屏蔽了 IP 地址的前三个字节,并允许 IP 地址的最后一个字节指定子网中的主机。"
12537
13973
12538
#: serverguide/C/network-config.xml:337(para)
13974
#: serverguide/C/network-config.xml:671(para)
12539
13975
msgid ""
12540
13976
"<emphasis role=\"bold\">Network Address</emphasis> The Network Address "
12541
13977
"represents the bytes comprising the network portion of an IP address. For "
12552
13988
"的字节表示可能的主机值的。网络主机使用象 192.168.1.100 这样的私有 IP 地址将使用 192.168.1.0 "
12553
13989
"作为网络地址,其用前三个字节来指定 C 类 192.168.1 网络,而用一个 0 来表示网络上所有可能的主机。"
12554
13990
12555
#: serverguide/C/network-config.xml:350(para)
13991
#: serverguide/C/network-config.xml:684(para)
12556
13992
msgid ""
12557
13993
"<emphasis role=\"bold\">Broadcast Address</emphasis> The Broadcast Address "
12558
13994
"is an IP address which allows network data to be sent simultaneously to all "
12571
14007
"上的每台主机发送一个广播消息,因为路由器会阻止它。更特定的广播地址被设置成匹配特定的子网。例如,在私有 C 类 IP 网 192.168.1.0 "
12572
14008
"中,广播地址为 192.168.1.255。广播消息一般都是由网络协议产生的,如地址解析协议 (ARP) 和路由信息协议 (RIP)。"
12573
14009
12574
#: serverguide/C/network-config.xml:363(para)
14010
#: serverguide/C/network-config.xml:697(para)
12575
14011
msgid ""
12576
14012
"<emphasis role=\"bold\">Gateway Address</emphasis> A Gateway Address is the "
12577
14013
"IP address through which a particular network, or host on a network, may be "
12588
14024
"<emphasis>网关</emphasis>。在很多情况下,网关地址会是同一个网络中的某台路由器,其会接着将网络流量输送到其它的网络或主机,如 "
12589
14025
"Internet 主机。网关地址设置必须正确,否则您的系统将除了在同一个网络中的主机外不能到达任何其它主机。"
12590
14026
12591
#: serverguide/C/network-config.xml:374(para)
14027
#: serverguide/C/network-config.xml:708(para)
12592
14028
msgid ""
12593
14029
"<emphasis role=\"bold\">Nameserver Address</emphasis> Nameserver Addresses "
12594
14030
"represent the IP addresses of Domain Name Service (DNS) systems, which "
12604
14040
"the Level3 (Verizon) servers with IP addresses from 4.2.2.1 to 4.2.2.6."
12605
14041
msgstr ""
12606
14042
12607
#: serverguide/C/network-config.xml:388(para)
14043
#: serverguide/C/network-config.xml:722(para)
12608
14044
msgid ""
12609
14045
"The IP address, Netmask, Network Address, Broadcast Address, and Gateway "
12610
14046
"Address are typically specified via the appropriate directives in the file "
12620
14056
"<emphasis>nameserver</emphasis> 语句来指定的。更多详情,请分别查阅 "
12621
14057
"<filename>interfaces</filename> 或 <filename>resolv.conf</filename> 的系统手册页。"
12622
14058
12623
#: serverguide/C/network-config.xml:395(para)
14059
#: serverguide/C/network-config.xml:729(para)
12624
14060
msgid ""
12625
14061
"Access the system manual page for <filename>interfaces</filename> with the "
12626
14062
"following command:"
12627
14063
msgstr "查阅 <filename>interfaces</filename> 系统手册页,可用以下命令:"
12628
14064
12629
#: serverguide/C/network-config.xml:400(command)
14065
#: serverguide/C/network-config.xml:734(command)
12630
14066
msgid "man interfaces"
12631
14067
msgstr "man interfaces"
12632
14068
12633
#: serverguide/C/network-config.xml:403(para)
14069
#: serverguide/C/network-config.xml:737(para)
12634
14070
msgid ""
12635
14071
"Access the system manual page for <filename>resolv.conf</filename> with the "
12636
14072
"following command:"
12637
14073
msgstr "查阅 <filename>resolv.conf</filename> 系统手册页,用以下命令:"
12638
14074
12639
#: serverguide/C/network-config.xml:407(command)
14075
#: serverguide/C/network-config.xml:741(command)
12640
14076
msgid "man resolv.conf"
12641
14077
msgstr "man resolv.conf"
12642
14078
12643
#: serverguide/C/network-config.xml:312(para)
14079
#: serverguide/C/network-config.xml:646(para)
12644
14080
msgid ""
12645
14081
"The common configuration elements of TCP/IP and their purposes are as "
12646
14082
"follows: <placeholder-1/>"
12647
14083
msgstr "TCP/IP 常用配置元素及其作用如下所示:<placeholder-1/>"
12648
14084
12649
#: serverguide/C/network-config.xml:414(title)
14085
#: serverguide/C/network-config.xml:748(title)
12650
14086
msgid "IP Routing"
12651
14087
msgstr "IP 路由"
12652
14088
12653
#: serverguide/C/network-config.xml:415(para)
14089
#: serverguide/C/network-config.xml:749(para)
12654
14090
msgid ""
12655
14091
"IP routing is a means of specifying and discovering paths in a TCP/IP "
12656
14092
"network along which network data may be sent. Routing uses a set of "
12664
14100
"来指示网络数据包从源地址转发到目的地,经常是通过许多叫做 <emphasis>路由器</emphasis> 的网络节点做中转。IP "
12665
14101
"路由分为两种主要形式:<emphasis>静态</emphasis> 和 <emphasis>动态路由。</emphasis>"
12666
14102
12667
#: serverguide/C/network-config.xml:424(para)
14103
#: serverguide/C/network-config.xml:758(para)
12668
14104
msgid ""
12669
14105
"Static routing involves manually adding IP routes to the system's routing "
12670
14106
"table, and this is usually done by manipulating the routing table with the "
12683
14119
",以及在连接其它的路由器和网络时由于无需动态路由协议所带来的低开销。然而,静态路由同样也存在一些缺点。例如,静态路由仅限于在小型网络中使用,没有很好的递增"
12684
14120
"适应性。而由于其路由固定的本质,静态路由在遇到沿路由的网络失效时也会完全失效。"
12685
14121
12686
#: serverguide/C/network-config.xml:434(para)
14122
#: serverguide/C/network-config.xml:768(para)
12687
14123
msgid ""
12688
14124
"Dynamic routing depends on large networks with multiple possible IP routes "
12689
14125
"from a source to a destination and makes use of special routing protocols, "
12704
14140
"手工配置路由表,因为路由器可以相互学到其他已有并且可用的路由器。这一特性也消除了由于人为错误而在路由表中引入错误的可能。然而,动态路由也并不完美,其表现出"
12705
14141
"来的缺点如相当复杂以及由于路由器通信所带来的额外的网络开销,后者并不能使最终用户由此获益,却仍旧会消耗网络带宽。"
12706
14142
12707
#: serverguide/C/network-config.xml:448(title)
14143
#: serverguide/C/network-config.xml:782(title)
12708
14144
msgid "TCP and UDP"
12709
14145
msgstr "TCP 和 UDP"
12710
14146
12711
#: serverguide/C/network-config.xml:449(para)
14147
#: serverguide/C/network-config.xml:783(para)
12712
14148
msgid ""
12713
14149
"TCP is a connection-based protocol, offering error correction and guaranteed "
12714
14150
"delivery of data via what is known as <emphasis>flow control</emphasis>. "
12722
14158
"来确保数据的送达。流量控制决定像什么时候需要停止一个数据流,以及在出现诸如 <emphasis>冲突</emphasis> "
12723
14159
"等问题时重发先前发送的数据包,以确保完整和准确的数据传输。TCP 常用于重要信息的交换,如数据库事务。"
12724
14160
12725
#: serverguide/C/network-config.xml:457(para)
14161
#: serverguide/C/network-config.xml:791(para)
12726
14162
msgid ""
12727
14163
"The User Datagram Protocol (UDP), on the other hand, is a "
12728
14164
"<emphasis>connectionless</emphasis> protocol which seldom deals with the "
12736
14172
"协议,很少用于重要数据的传输,因为缺乏流量控制或其他一些确保可靠数据传输的方法。UDP 常用在如音视频流这样的应用程序,由于它缺少纠错和流控,因此相对于 "
12737
14173
"TCP 来说更快,而且丢失少量包通常也不会造成灾难性的后果。"
12738
14174
12739
#: serverguide/C/network-config.xml:467(title)
14175
#: serverguide/C/network-config.xml:801(title)
12740
14176
msgid "ICMP"
12741
14177
msgstr "ICMP"
12742
14178
12743
#: serverguide/C/network-config.xml:468(para)
14179
#: serverguide/C/network-config.xml:802(para)
12744
14180
msgid ""
12745
14181
"The Internet Control Messaging Protocol (ICMP) is an extension to the "
12746
14182
"Internet Protocol (IP) as defined in the Request For Comments (RFC) #792 and "
12758
14194
"所返回的错误消息示例包括 <emphasis>Destination Unreachable</emphasis> 和 <emphasis>Time "
12759
14195
"Exceeded</emphasis>。"
12760
14196
12761
#: serverguide/C/network-config.xml:478(title)
14197
#: serverguide/C/network-config.xml:812(title)
12762
14198
msgid "Daemons"
12763
14199
msgstr "守护程序"
12764
14200
12765
#: serverguide/C/network-config.xml:479(para)
14201
#: serverguide/C/network-config.xml:813(para)
12766
14202
msgid ""
12767
14203
"Daemons are special system applications which typically execute continuously "
12768
14204
"in the background and await requests for the functions they provide from "
12781
14217
"(sshd),用于提供安全远程登录 shell 和文件传输功能;<emphasis>Internet Message Access Protocol "
12782
14218
"守护程序</emphasis> (imapd),用于提供 E-Mail 服务。"
12783
14219
12784
#: serverguide/C/network-config.xml:494(para)
14220
#: serverguide/C/network-config.xml:828(para)
12785
14221
msgid ""
12786
14222
"There are man pages for <ulink "
12787
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man7/tcp.7.html\">TCP</ul"
12788
"ink> and <ulink "
12789
"url=\"http://manpages.ubuntu.com/manpages/jaunty/man7/ip.7.html\">IP</ulink> "
14223
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man7/tcp.7.html\">TCP</uli"
14224
"nk> and <ulink "
14225
"url=\"http://manpages.ubuntu.com/manpages/lucid/man7/ip.7.html\">IP</ulink> "
12790
14226
"that contain more useful information."
12791
14227
msgstr ""
12792
14228
12793
#: serverguide/C/network-config.xml:500(para)
14229
#: serverguide/C/network-config.xml:834(para)
12794
14230
msgid ""
12795
14231
"Also, see the <ulink "
12796
14232
"url=\"http://www.redbooks.ibm.com/abstracts/gg243376.html\">TCP/IP Tutorial "
12797
14233
"and Technical Overview</ulink> IBM Redbook."
12798
14234
msgstr ""
12799
14235
12800
#: serverguide/C/network-config.xml:506(para)
14236
#: serverguide/C/network-config.xml:840(para)
12801
14237
msgid ""
12802
14238
"Another resource is O'Reilly's <ulink "
12803
14239
"url=\"http://oreilly.com/catalog/9780596002978/\">TCP/IP Network "
12804
14240
"Administration</ulink>."
12805
14241
msgstr ""
12806
14242
12807
#: serverguide/C/network-config.xml:515(title)
14243
#: serverguide/C/network-config.xml:849(title)
12808
14244
msgid "Dynamic Host Configuration Protocol (DHCP)"
12809
14245
msgstr "动态主机配置协议 (DHCP)"
12810
14246
12811
#: serverguide/C/network-config.xml:516(para)
14247
#: serverguide/C/network-config.xml:850(para)
12812
14248
msgid ""
12813
14249
"The Dynamic Host Configuration Protocol (DHCP) is a network service that "
12814
14250
"enables host computers to be automatically assigned settings from a server "
12819
14255
"动态主机配置协议 (DHCP) 是一种网络服务,相对于手工为每台网络主机配置,它使网络主机可能自动被服务器指定设置。被配置成 DHCP "
12820
14256
"客户端的计算机并不能控制其从 DHCP 服务器得到的设置,且该配置对于计算机用户来说是透明的。"
12821
14257
12822
#: serverguide/C/network-config.xml:523(para)
14258
#: serverguide/C/network-config.xml:857(para)
12823
14259
msgid ""
12824
14260
"The most common settings provided by a DHCP server to DHCP clients include:"
12825
14261
msgstr "由 DHCP 服务器提供给 DHCP 客户端最常用的设置包括:"
12826
14262
12827
#: serverguide/C/network-config.xml:528(para)
14263
#: serverguide/C/network-config.xml:862(para)
12828
14264
msgid "IP-Address and Netmask"
12829
14265
msgstr "IP 地址和掩码"
12830
14266
12831
#: serverguide/C/network-config.xml:531(para)
14267
#: serverguide/C/network-config.xml:865(para)
12832
14268
msgid "DNS"
12833
14269
msgstr "DNS"
12834
14270
12835
#: serverguide/C/network-config.xml:534(para)
14271
#: serverguide/C/network-config.xml:868(para)
12836
14272
msgid "WINS"
12837
14273
msgstr "WINS"
12838
14274
12839
#: serverguide/C/network-config.xml:537(para)
14275
#: serverguide/C/network-config.xml:871(para)
12840
14276
msgid ""
12841
14277
"However, a DHCP server can also supply configuration properties such as:"
12842
14278
msgstr "然而,一个 DHCP 服务器也支持配置如下属性,如:"
12843
14279
12844
#: serverguide/C/network-config.xml:542(para)
14280
#: serverguide/C/network-config.xml:876(para)
12845
14281
msgid "Host Name"
12846
14282
msgstr "主机名"
12847
14283
12848
#: serverguide/C/network-config.xml:545(para)
14284
#: serverguide/C/network-config.xml:879(para)
12849
14285
msgid "Domain Name"
12850
14286
msgstr "域名"
12851
14287
12852
#: serverguide/C/network-config.xml:548(para)
14288
#: serverguide/C/network-config.xml:882(para)
12853
14289
msgid "Default Gateway"
12854
14290
msgstr "默认网关"
12855
14291
12856
#: serverguide/C/network-config.xml:551(para)
14292
#: serverguide/C/network-config.xml:885(para)
12857
14293
msgid "Time Server"
12858
14294
msgstr "时间服务器"
12859
14295
12860
#: serverguide/C/network-config.xml:554(para)
14296
#: serverguide/C/network-config.xml:888(para)
12861
14297
msgid "Print Server"
12862
14298
msgstr "打印服务器"
12863
14299
12864
#: serverguide/C/network-config.xml:557(para)
14300
#: serverguide/C/network-config.xml:891(para)
12865
14301
msgid ""
12866
14302
"The advantage of using DHCP is that changes to the network, for example a "
12867
14303
"change in the address of the DNS server, need only be changed at the DHCP "
12875
14311
"客户端下一次轮询 DHCP 服务器时被重新配置。另一个好处就是,它在将新计算机整合到网络时也更容易,因为不需要再检查 IP 地址的有效性。同时也减少 "
12876
14312
"IP 地址的冲突。"
12877
14313
12878
#: serverguide/C/network-config.xml:565(para)
14314
#: serverguide/C/network-config.xml:899(para)
12879
14315
msgid "A DHCP server can provide configuration settings using two methods:"
12880
14316
msgstr "一个 DHCP 服务器可以用两个模式来提供配置设置"
12881
14317
12882
#: serverguide/C/network-config.xml:570(term)
14318
#: serverguide/C/network-config.xml:904(term)
12883
14319
msgid "MAC Address"
12884
14320
msgstr "MAC 地址"
12885
14321
12886
#: serverguide/C/network-config.xml:572(para)
14322
#: serverguide/C/network-config.xml:906(para)
12887
14323
msgid ""
12888
14324
"This method entails using DHCP to identify the unique hardware address of "
12889
14325
"each network card connected to the network and then continually supplying a "
12893
14329
"该模式需要用 DHCP 去标明连接到网上的每块网卡唯一的硬件地址,然后在 DHCP 客户端每次使用该网络设备发送给 DHCP "
12894
14330
"服务器请求时提供给它一个固定的配置。"
12895
14331
12896
#: serverguide/C/network-config.xml:581(term)
14332
#: serverguide/C/network-config.xml:915(term)
12897
14333
msgid "Address Pool"
12898
14334
msgstr "地址池"
12899
14335
12900
#: serverguide/C/network-config.xml:583(para)
14336
#: serverguide/C/network-config.xml:917(para)
12901
14337
msgid ""
12902
14338
"This method entails defining a pool (sometimes also called a range or scope) "
12903
14339
"of IP addresses from which DHCP clients are supplied their configuration "
12907
14343
"other DHCP Clients."
12908
14344
msgstr ""
12909
14345
12910
#: serverguide/C/network-config.xml:594(para)
14346
#: serverguide/C/network-config.xml:928(para)
12911
14347
msgid ""
12912
14348
"Ubuntu is shipped with both DHCP server and client. The server is "
12913
14349
"<application>dhcpd</application> (dynamic host configuration protocol "
12921
14357
"<application>dhclient</application>,应该安装在所有自动配置的计算机上。这两个程序很容易安装和配置,并可在系统引导时自动"
12922
14358
"启用。"
12923
14359
12924
#: serverguide/C/network-config.xml:604(para)
14360
#: serverguide/C/network-config.xml:938(para)
12925
14361
msgid ""
12926
14362
"At a terminal prompt, enter the following command to install "
12927
14363
"<application>dhcpd</application>:"
12928
14364
msgstr "要安装 <application>dhcpd</application>,可以在终端提示符后输入以下命令:"
12929
14365
12930
#: serverguide/C/network-config.xml:609(command)
14366
#: serverguide/C/network-config.xml:943(command)
12931
14367
msgid "sudo apt-get install dhcp3-server"
12932
14368
msgstr "sudo apt-get install dhcp3-server"
12933
14369
12934
#: serverguide/C/network-config.xml:611(para)
14370
#: serverguide/C/network-config.xml:945(para)
12935
14371
msgid ""
12936
14372
"You will probably need to change the default configuration by editing "
12937
14373
"/etc/dhcp3/dhcpd.conf to suit your needs and particular configuration."
12938
14374
msgstr "您可能需要通过编辑 /etc/dhcp3/dhcpd.conf 来改变其默认配置,以使其满足您的需要和特定配置。"
12939
14375
12940
#: serverguide/C/network-config.xml:615(para)
14376
#: serverguide/C/network-config.xml:949(para)
12941
14377
msgid ""
12942
14378
"You also need to edit /etc/default/dhcp3-server to specify the interfaces "
12943
14379
"dhcpd should listen to. By default it listens to eth0."
12944
14380
msgstr "您还需要编辑 /etc/default/dhcp3-server 来指定 dhcpd 要监听的网络接口。其默认会监听 eth0。"
12945
14381
12946
#: serverguide/C/network-config.xml:619(para)
14382
#: serverguide/C/network-config.xml:953(para)
12947
14383
msgid ""
12948
14384
"NOTE: dhcpd's messages are being sent to syslog. Look there for diagnostics "
12949
14385
"messages."
12950
14386
msgstr "注意:dhcpd 的消息会被发往 syslog。可以在那里寻找诊断信息。"
12951
14387
12952
#: serverguide/C/network-config.xml:626(para)
14388
#: serverguide/C/network-config.xml:960(para)
12953
14389
msgid ""
12954
14390
"The error message the installation ends with might be a little confusing, "
12955
14391
"but the following steps will help you configure the service:"
12956
14392
msgstr "安装结束后的错误消息可能会带来小小的困惑,不过下面几步将帮助您配置服务:"
12957
14393
12958
#: serverguide/C/network-config.xml:630(para)
14394
#: serverguide/C/network-config.xml:964(para)
12959
14395
msgid ""
12960
14396
"Most commonly, what you want to do is assign an IP address randomly. This "
12961
14397
"can be done with settings as follows:"
12962
14398
msgstr "通常,您想做的是随机指定一个 IP 地址。这可以通过以下设置来实现:"
12963
14399
12964
#: serverguide/C/network-config.xml:634(programlisting)
14400
#: serverguide/C/network-config.xml:968(programlisting)
12965
14401
#, no-wrap
12966
14402
msgid ""
12967
14403
"\n"
12981
14417
"} \n"
12982
14418
msgstr ""
12983
14419
12984
#: serverguide/C/network-config.xml:650(para)
14420
#: serverguide/C/network-config.xml:984(para)
12985
14421
msgid ""
12986
14422
"This will result in the DHCP server giving a client an IP address from the "
12987
14423
"range 192.168.1.10-192.168.1.100 or 192.168.1.150-192.168.1.200. It will "
12996
14432
"秒。服务器也 \"建议\" 客户端使用 255.255.255.0 做为它的子网掩码,192.168.1.255 "
12997
14433
"作为它的广播地址,192.168.1.254 作为路由器/网关,同时将 192.168.1.1 和 192.168.1.2 作为它的 DNS 服务器。"
12998
14434
12999
#: serverguide/C/network-config.xml:659(para)
14435
#: serverguide/C/network-config.xml:993(para)
13000
14436
msgid ""
13001
14437
"If you need to specify a WINS server for your Windows clients, you will need "
13002
14438
"to include the netbios-name-servers option, e.g."
13003
14439
msgstr "如果您需要为您的 Windows 客户机指定一个 WINS 服务器,您需要包含 netbios-name-servers 选项,如:"
13004
14440
13005
#: serverguide/C/network-config.xml:663(programlisting)
14441
#: serverguide/C/network-config.xml:997(programlisting)
13006
14442
#, no-wrap
13007
14443
msgid ""
13008
14444
"\n"
13009
14445
"option netbios-name-servers 192.168.1.1; \n"
13010
14446
msgstr ""
13011
14447
13012
#: serverguide/C/network-config.xml:666(para)
14448
#: serverguide/C/network-config.xml:1000(para)
13013
14449
msgid ""
13014
14450
"Dhcpd configuration settings are taken from the DHCP mini-HOWTO, which can "
13015
14451
"be found <ulink "
13018
14454
"Dhcpd 配置设置可以从 DHCP 快速指南中得到,该指南可以在 <ulink "
13019
14455
"url=\"http://www.tldp.org/HOWTO/DHCP/index.html\">这里</ulink> 找到。"
13020
14456
13021
#: serverguide/C/network-config.xml:676(para)
14457
#: serverguide/C/network-config.xml:1010(para)
14458
msgid ""
14459
"The <ulink url=\"https://help.ubuntu.com/community/dhcp3-server\">dhcp3-"
14460
"server Ubuntu Wiki</ulink> page has more information."
14461
msgstr ""
14462
14463
#: serverguide/C/network-config.xml:1015(para)
13022
14464
msgid ""
13023
14465
"For more <filename>/etc/dhcp3/dchpd.conf</filename> options see the <ulink "
13024
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/dhcpd.conf.5.html\">"
13025
"dhcpd.conf man page</ulink>."
14466
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/dhcpd.conf.5.html\">d"
14467
"hcpd.conf man page</ulink>."
13026
14468
msgstr ""
13027
14469
13028
#: serverguide/C/network-config.xml:682(para)
14470
#: serverguide/C/network-config.xml:1021(para)
13029
14471
msgid ""
13030
14472
"Also see the <ulink url=\"http://www.dhcp-handbook.com/dhcp_faq.html\">DHCP "
13031
14473
"FAQ</ulink>"
13032
14474
msgstr ""
13033
14475
13034
#: serverguide/C/network-config.xml:692(title)
14476
#: serverguide/C/network-config.xml:1031(title)
13035
14477
msgid "Time Synchronisation with NTP"
13036
14478
msgstr "使用 NTP 进行时间同步"
13037
14479
13038
#: serverguide/C/network-config.xml:693(para)
14480
#: serverguide/C/network-config.xml:1032(para)
13039
14481
msgid ""
13040
14482
"This page describes methods for keeping your computer's time accurate. This "
13041
14483
"is useful for servers, but is not necessary (or desirable) for desktop "
13042
14484
"machines."
13043
14485
msgstr "本页描述了使您计算机的时间保持准确的方法。这对于服务器来说很有用,但对于桌面计算机来说则不是必需的(或可取的)。"
13044
14486
13045
#: serverguide/C/network-config.xml:696(para)
14487
#: serverguide/C/network-config.xml:1035(para)
13046
14488
msgid ""
13047
14489
"NTP is a TCP/IP protocol for synchronising time over a network. Basically a "
13048
14490
"client requests the current time from a server, and uses it to set its own "
13049
14491
"clock."
13050
14492
msgstr "NTP 是通过网络来同步时间的一种 TCP/IP 协议。通常客户端向服务器请求当前的时间,并根据结果来设置其时钟。"
13051
14493
13052
#: serverguide/C/network-config.xml:699(para)
14494
#: serverguide/C/network-config.xml:1038(para)
13053
14495
msgid ""
13054
14496
"Behind this simple description, there is a lot of complexity - there are "
13055
14497
"tiers of NTP servers, with the tier one NTP servers connected to atomic "
13061
14503
"from you!"
13062
14504
msgstr ""
13063
14505
13064
#: serverguide/C/network-config.xml:702(para)
14506
#: serverguide/C/network-config.xml:1041(para)
13065
14507
msgid ""
13066
14508
"Ubuntu has two ways of automatically setting your time: ntpdate and ntpd."
13067
14509
msgstr "Ubuntu 有两种方式可以自动设置您的时间:ntpdate 和 ntpd。"
13068
14510
13069
#: serverguide/C/network-config.xml:707(title)
14511
#: serverguide/C/network-config.xml:1046(title)
13070
14512
msgid "ntpdate"
13071
14513
msgstr "ntpdate"
13072
14514
13073
#: serverguide/C/network-config.xml:708(para)
14515
#: serverguide/C/network-config.xml:1047(para)
13074
14516
msgid ""
13075
14517
"Ubuntu comes with ntpdate as standard, and will run it once at boot time to "
13076
14518
"set up your time according to Ubuntu's NTP server. However, a server's clock "
13080
14522
"<code>/etc/cron.daily/ntpdate</code> containing:"
13081
14523
msgstr ""
13082
14524
13083
#: serverguide/C/network-config.xml:713(screen)
14525
#: serverguide/C/network-config.xml:1052(screen)
13084
14526
#, no-wrap
13085
14527
msgid "ntpdate ntp.ubuntu.com\n"
13086
14528
msgstr "ntpdate ntp.ubuntu.com\n"
13087
14529
13088
#: serverguide/C/network-config.xml:715(para)
14530
#: serverguide/C/network-config.xml:1054(para)
13089
14531
msgid ""
13090
14532
"The file <code>/etc/cron.daily/ntpdate</code> must also be executable."
13091
14533
msgstr "<code>/etc/cron.daily/ntpdate</code> 文件还必须是可执行的。"
13092
14534
13093
#: serverguide/C/network-config.xml:718(screen)
14535
#: serverguide/C/network-config.xml:1057(screen)
13094
14536
#, no-wrap
13095
14537
msgid "sudo chmod 755 /etc/cron.daily/ntpdate\n"
13096
14538
msgstr "sudo chmod 755 /etc/cron.daily/ntpdate\n"
13097
14539
13098
#: serverguide/C/network-config.xml:722(title)
14540
#: serverguide/C/network-config.xml:1061(title)
13099
14541
msgid "ntpd"
13100
14542
msgstr "ntpd"
13101
14543
13102
#: serverguide/C/network-config.xml:723(para)
14544
#: serverguide/C/network-config.xml:1062(para)
13103
14545
msgid ""
13104
14546
"ntpdate is a bit of a blunt instrument - it can only adjust the time once a "
13105
14547
"day, in one big correction. The ntp daemon ntpd is far more subtle. It "
13112
14554
"就很灵巧。它会计算您系统时钟的偏差并持续不断地调整时间,这样就不至于因为调整过大而引起像日志不一致这样的问题。其代价是消耗一点处理能力和内存,但对于现代服"
13113
14555
"务器来说这点是可以忽略的。"
13114
14556
13115
#: serverguide/C/network-config.xml:726(para)
14557
#: serverguide/C/network-config.xml:1065(para)
13116
14558
msgid "To set up ntpd:"
13117
14559
msgstr "若想设置 ntpd:"
13118
14560
13119
#: serverguide/C/network-config.xml:727(screen)
14561
#: serverguide/C/network-config.xml:1066(screen)
13120
14562
#, no-wrap
13121
14563
msgid "sudo apt-get install ntp\n"
13122
14564
msgstr ""
13123
14565
13124
#: serverguide/C/network-config.xml:732(title)
14566
#: serverguide/C/network-config.xml:1071(title)
13125
14567
msgid "Changing Time Servers"
13126
14568
msgstr "改变时间服务器"
13127
14569
13128
#: serverguide/C/network-config.xml:733(para)
14570
#: serverguide/C/network-config.xml:1072(para)
13129
14571
msgid ""
13130
14572
"In both cases above, your system will use Ubuntu's NTP server at "
13131
14573
"<code>ntp.ubuntu.com</code> by default. This is OK, but you might want to "
13137
14579
"服务器。这没有问题,但您可以会想使用多个服务器来增加准确性和弹性,并且使用在地理位置上更接近您的时间服务器。若要对 ntpdate 这样做,请将 "
13138
14580
"<code>/etc/cron.daily/ntpdate</code> 的内容修改为:"
13139
14581
13140
#: serverguide/C/network-config.xml:740(screen)
14582
#: serverguide/C/network-config.xml:1079(screen)
13141
14583
#, no-wrap
13142
14584
msgid "ntpdate ntp.ubuntu.com pool.ntp.org \n"
13143
14585
msgstr "ntpdate ntp.ubuntu.com pool.ntp.org \n"
13144
14586
13145
#: serverguide/C/network-config.xml:742(para)
14587
#: serverguide/C/network-config.xml:1081(para)
13146
14588
msgid ""
13147
14589
"And for ntpd edit <code>/etc/ntp.conf</code> to include additional server "
13148
14590
"lines:"
13149
14591
msgstr "对于 ntpd,请编辑 <code>/etc/ntp.conf</code> 以加入额外的服务器:"
13150
14592
13151
#: serverguide/C/network-config.xml:747(screen)
14593
#: serverguide/C/network-config.xml:1086(screen)
13152
14594
#, no-wrap
13153
14595
msgid ""
13154
14596
"server ntp.ubuntu.com\n"
13157
14599
"server ntp.ubuntu.com\n"
13158
14600
"server pool.ntp.org\n"
13159
14601
13160
#: serverguide/C/network-config.xml:750(para)
14602
#: serverguide/C/network-config.xml:1089(para)
13161
14603
msgid ""
13162
14604
"You may notice <code>pool.ntp.org</code> in the examples above. This is a "
13163
14605
"really good idea which uses round-robin DNS to return an NTP server from a "
13173
14615
"<code>nz.pool.ntp.org</code> 取代 <code>pool.ntp.org</code>。参见 <ulink "
13174
14616
"url=\"http://www.pool.ntp.org/\">http://www.pool.ntp.org/</ulink> 以获得更多信息。"
13175
14617
13176
#: serverguide/C/network-config.xml:761(para)
14618
#: serverguide/C/network-config.xml:1100(para)
13177
14619
msgid ""
13178
14620
"You can also Google for NTP servers in your region, and add these to your "
13179
14621
"configuration. To test that a server works, just type <code>sudo ntpdate "
13182
14624
"您也可以使用 Google 搜索您所在区域中的 NTP 服务器,再将其加入您的配置中。若想测试该服务器是否工作,只需键入 <code>sudo "
13183
14625
"ntpdate ntp.server.name</code> 然后看结果。"
13184
14626
13185
#: serverguide/C/network-config.xml:769(title)
13186
msgid "Related Pages"
13187
msgstr "相关网页"
14627
#: serverguide/C/network-config.xml:1111(para)
14628
msgid ""
14629
"See the <ulink url=\"https://help.ubuntu.com/community/UbuntuTime\">Ubuntu "
14630
"Time</ulink> wiki page for more information."
14631
msgstr ""
13188
14632
13189
#: serverguide/C/network-config.xml:773(ulink)
14633
#: serverguide/C/network-config.xml:1117(ulink)
13190
14634
msgid "NTP Support"
13191
14635
msgstr "NTP 支持"
13192
14636
13193
#: serverguide/C/network-config.xml:778(ulink)
14637
#: serverguide/C/network-config.xml:1122(ulink)
13194
14638
msgid "The NTP FAQ and HOWTO"
13195
14639
msgstr "NTP FAQ 和 HOWTO"
13196
14640
13252
14696
13253
14697
#: serverguide/C/network-auth.xml:63(para)
13254
14698
msgid ""
13255
"The installation process will prompt you for the LDAP directory admin "
13256
"password and confirmation."
14699
"By default <application>slapd</application> is configured with minimal "
14700
"options needed to run the <application>slapd</application> daemon."
13257
14701
msgstr ""
13258
14702
13259
14703
#: serverguide/C/network-auth.xml:68(para)
13260
14704
msgid ""
13261
"By default the directory suffix will match the domain name of the server. "
13262
"For example, if the machine's Fully Qualified Domain Name (FQDN) is "
13263
"ldap.example.com, the default suffix will be "
13264
"<emphasis>dc=example,dc=com</emphasis>. If you require a different suffix, "
13265
"the directory can be reconfigured using <application>dpkg-"
13266
"reconfigure</application>. Enter the following in a terminal prompt:"
13267
msgstr ""
13268
13269
#: serverguide/C/network-auth.xml:78(command)
13270
msgid "sudo dpkg-reconfigure slapd"
13271
msgstr ""
13272
13273
#: serverguide/C/network-auth.xml:81(para)
13274
msgid ""
13275
"You will then be taken through a menu based configuration dialog, allowing "
13276
"you to configure various <application>slapd</application> options."
13277
msgstr ""
13278
13279
#: serverguide/C/network-auth.xml:90(para)
13280
msgid ""
13281
"<application>OpenLDAP</application> uses a separate database which contains "
14705
"The configuration example in the following sections will match the domain "
14706
"name of the server. For example, if the machine's Fully Qualified Domain "
14707
"Name (FQDN) is ldap.example.com, the default suffix will be "
14708
"<emphasis>dc=example,dc=com</emphasis>."
14709
msgstr ""
14710
14711
#: serverguide/C/network-auth.xml:76(title)
14712
msgid "Populating LDAP"
14713
msgstr "准备 LDAP"
14714
14715
#: serverguide/C/network-auth.xml:78(para)
14716
msgid ""
14717
"<application>OpenLDAP</application> uses a separate directory which contains "
13282
14718
"the <emphasis>cn=config</emphasis> Directory Information Tree (DIT). The "
13283
14719
"<emphasis>cn=config</emphasis> DIT is used to dynamically configure the "
13284
14720
"<application>slapd</application> daemon, allowing the modification of schema "
13285
14721
"definitions, indexes, ACLs, etc without stopping the service."
13286
14722
msgstr ""
13287
14723
13288
#: serverguide/C/network-auth.xml:98(para)
13289
msgid ""
13290
"The <emphasis>cn=config</emphasis> tree can be manipulated using the "
13291
"utilities in the <application>ldap-utils</application> package. For example:"
13292
msgstr ""
13293
13294
#: serverguide/C/network-auth.xml:106(para)
13295
msgid ""
13296
"Use <application>ldapsearch</application> to view the tree, entering the "
13297
"admin password set during installation or reconfiguration:"
13298
msgstr ""
13299
13300
#: serverguide/C/network-auth.xml:112(command)
13301
msgid ""
13302
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb"
13303
msgstr ""
13304
13305
#: serverguide/C/network-auth.xml:116(computeroutput)
13306
#, no-wrap
13307
msgid ""
13308
"Enter LDAP Password: \n"
13309
"dn: olcDatabase={1}hdb,cn=config\n"
13310
"objectClass: olcDatabaseConfig\n"
13311
"objectClass: olcHdbConfig\n"
13312
"olcDatabase: {1}hdb\n"
13313
"olcDbDirectory: /var/lib/ldap\n"
13314
"olcSuffix: dc=example,dc=com\n"
13315
"olcAccess: {0}to attrs=userPassword,shadowLastChange by "
13316
"dn=\"cn=admin,dc=exampl\n"
13317
" e,dc=com\" write by anonymous auth by self write by * none\n"
13318
"olcAccess: {1}to dn.base=\"\" by * read\n"
13319
"olcAccess: {2}to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
13320
"olcLastMod: TRUE\n"
13321
"olcDbCheckpoint: 512 30\n"
13322
"olcDbConfig: {0}set_cachesize 0 2097152 0\n"
13323
"olcDbConfig: {1}set_lk_max_objects 1500\n"
13324
"olcDbConfig: {2}set_lk_max_locks 1500\n"
13325
"olcDbConfig: {3}set_lk_max_lockers 1500\n"
13326
"olcDbIndex: objectClass eq\n"
13327
msgstr ""
13328
13329
#: serverguide/C/network-auth.xml:137(para)
13330
msgid ""
13331
"The output above is the current configuration options for the "
13332
"<emphasis>hdb</emphasis> backend database. Which in this case containes the "
13333
"<emphasis>dc=example,dc=com</emphasis> suffix."
13334
msgstr ""
13335
13336
#: serverguide/C/network-auth.xml:146(para)
13337
msgid ""
13338
"Refine the search by supplying a <emphasis "
13339
"role=\"italic\">filter</emphasis>, in this case only show which attributes "
13340
"are indexed:"
13341
msgstr ""
13342
13343
#: serverguide/C/network-auth.xml:152(command)
13344
msgid ""
13345
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase={1}hdb "
13346
"olcDbIndex"
13347
msgstr ""
13348
13349
#: serverguide/C/network-auth.xml:156(computeroutput)
13350
#, no-wrap
13351
msgid ""
13352
"Enter LDAP Password: \n"
13353
"dn: olcDatabase={1}hdb,cn=config\n"
13354
"olcDbIndex: objectClass eq\n"
13355
msgstr ""
13356
13357
#: serverguide/C/network-auth.xml:165(para)
13358
msgid ""
13359
"As an example of modifying the <emphasis>cn=config</emphasis> tree, add "
13360
"another attribute to the index list using "
13361
"<application>ldapmodify</application>:"
13362
msgstr ""
13363
13364
#: serverguide/C/network-auth.xml:171(command) serverguide/C/network-auth.xml:722(command) serverguide/C/network-auth.xml:838(command) serverguide/C/network-auth.xml:861(command) serverguide/C/network-auth.xml:2417(command) serverguide/C/network-auth.xml:2434(command)
13365
msgid "ldapmodify -x -D cn=admin,cn=config -W"
13366
msgstr ""
13367
13368
#: serverguide/C/network-auth.xml:175(userinput)
13369
#, no-wrap
13370
msgid ""
13371
"\n"
13372
"dn: olcDatabase={1}hdb,cn=config\n"
13373
"add: olcDbIndex\n"
13374
"olcDbIndex: entryUUID eq"
13375
msgstr ""
13376
13377
#: serverguide/C/network-auth.xml:175(computeroutput)
13378
#, no-wrap
13379
msgid ""
13380
"Enter LDAP Password:<placeholder-1/>\n"
13381
"\n"
13382
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
13383
msgstr ""
13384
13385
#: serverguide/C/network-auth.xml:184(para)
13386
msgid ""
13387
"Once the modification has completed, press <emphasis>Ctrl+D</emphasis> to "
13388
"exit the utility."
13389
msgstr ""
13390
13391
#: serverguide/C/network-auth.xml:191(para)
13392
msgid ""
13393
"<application>ldapmodify</application> can also read the changes from a file. "
13394
"Copy and paste the following into a file named "
13395
"<filename>uid_index.ldif</filename>:"
13396
msgstr ""
13397
13398
#: serverguide/C/network-auth.xml:196(programlisting)
13399
#, no-wrap
13400
msgid ""
13401
"\n"
13402
"dn: olcDatabase={1}hdb,cn=config\n"
13403
"add: olcDbIndex\n"
13404
"olcDbIndex: uid eq,pres,sub\n"
13405
msgstr ""
13406
13407
#: serverguide/C/network-auth.xml:202(para)
13408
msgid "Then execute <application>ldapmodify</application>:"
13409
msgstr ""
13410
13411
#: serverguide/C/network-auth.xml:207(command)
13412
msgid "ldapmodify -x -D cn=admin,cn=config -W -f uid_index.ldif"
13413
msgstr ""
13414
13415
#: serverguide/C/network-auth.xml:211(computeroutput)
13416
#, no-wrap
13417
msgid ""
13418
"Enter LDAP Password: \n"
13419
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
13420
msgstr ""
13421
13422
#: serverguide/C/network-auth.xml:216(para)
13423
msgid "The file method is very useful for large changes."
13424
msgstr ""
13425
13426
#: serverguide/C/network-auth.xml:223(para)
13427
msgid ""
13428
"Adding additional <emphasis>schemas</emphasis> to "
13429
"<application>slapd</application> requires the schema to be converted to LDIF "
13430
"format. Fortunately, the <application>slapd</application> program can be "
13431
"used to automate the conversion. The following example will add the "
13432
"<emphasis>misc.schema</emphasis>:"
13433
msgstr ""
13434
13435
#: serverguide/C/network-auth.xml:231(para)
13436
msgid ""
13437
"First, create a conversion <filename>schema_convert.conf</filename> file "
13438
"containing the following lines:"
13439
msgstr ""
13440
13441
#: serverguide/C/network-auth.xml:236(programlisting)
13442
#, no-wrap
13443
msgid ""
13444
"\n"
13445
"include /etc/ldap/schema/core.schema\n"
13446
"include /etc/ldap/schema/collective.schema\n"
13447
"include /etc/ldap/schema/corba.schema\n"
13448
"include /etc/ldap/schema/cosine.schema\n"
13449
"include /etc/ldap/schema/duaconf.schema\n"
13450
"include /etc/ldap/schema/dyngroup.schema\n"
13451
"include /etc/ldap/schema/inetorgperson.schema\n"
13452
"include /etc/ldap/schema/java.schema\n"
13453
"include /etc/ldap/schema/misc.schema\n"
13454
"include /etc/ldap/schema/nis.schema\n"
13455
"include /etc/ldap/schema/openldap.schema\n"
13456
"include /etc/ldap/schema/ppolicy.schema\n"
13457
msgstr ""
13458
13459
#: serverguide/C/network-auth.xml:254(para) serverguide/C/network-auth.xml:1318(para)
13460
msgid "Next, create a temporary directory to hold the output:"
13461
msgstr ""
13462
13463
#: serverguide/C/network-auth.xml:259(command) serverguide/C/network-auth.xml:1323(command) serverguide/C/network-auth.xml:2347(command)
13464
msgid "mkdir /tmp/ldif_output"
13465
msgstr ""
13466
13467
#: serverguide/C/network-auth.xml:265(para)
13468
msgid ""
13469
"Now using <application>slapcat</application> convert the schema files to "
13470
"LDIF:"
13471
msgstr ""
13472
13473
#: serverguide/C/network-auth.xml:270(command)
13474
msgid ""
13475
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
13476
"\"cn={8}misc,cn=schema,cn=config\" > /tmp/cn=misc.ldif"
13477
msgstr ""
13478
13479
#: serverguide/C/network-auth.xml:273(para)
13480
msgid ""
13481
"Adjust the configuration file name and temporary directory names if yours "
13482
"are different. Also, it may be worthwhile to keep the "
13483
"<filename>ldif_output</filename> directory around in case you want to add "
13484
"additional schemas in the future."
13485
msgstr ""
13486
13487
#: serverguide/C/network-auth.xml:282(para)
13488
msgid ""
13489
"Edit the <filename>/tmp/cn\\=misc.ldif</filename> file, changing the "
13490
"following attributes:"
13491
msgstr ""
13492
13493
#: serverguide/C/network-auth.xml:286(programlisting)
13494
#, no-wrap
13495
msgid ""
13496
"\n"
13497
"dn: cn=misc,cn=schema,cn=config\n"
13498
"...\n"
13499
"cn: misc\n"
13500
msgstr ""
13501
13502
#: serverguide/C/network-auth.xml:292(para) serverguide/C/network-auth.xml:1354(para)
13503
msgid "And remove the following lines from the bottom of the file:"
13504
msgstr ""
13505
13506
#: serverguide/C/network-auth.xml:296(programlisting)
13507
#, no-wrap
13508
msgid ""
13509
"\n"
13510
"structuralObjectClass: olcSchemaConfig\n"
13511
"entryUUID: 10dae0ea-0760-102d-80d3-f9366b7f7757\n"
13512
"creatorsName: cn=config\n"
13513
"createTimestamp: 20080826021140Z\n"
13514
"entryCSN: 20080826021140.791425Z#000000#000#000000\n"
13515
"modifiersName: cn=config\n"
13516
"modifyTimestamp: 20080826021140Z\n"
13517
msgstr ""
13518
13519
#: serverguide/C/network-auth.xml:307(para) serverguide/C/network-auth.xml:1369(para) serverguide/C/network-auth.xml:2393(para)
13520
msgid ""
13521
"The attribute values will vary, just be sure the attributes are removed."
13522
msgstr ""
13523
13524
#: serverguide/C/network-auth.xml:315(para) serverguide/C/network-auth.xml:1377(para)
13525
msgid ""
13526
"Finally, using the <application>ldapadd</application> utility, add the new "
13527
"schema to the directory:"
13528
msgstr ""
13529
13530
#: serverguide/C/network-auth.xml:321(command)
13531
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=misc.ldif"
13532
msgstr ""
13533
13534
#: serverguide/C/network-auth.xml:327(para)
13535
msgid ""
13536
"There should now be a <emphasis>dn: "
13537
"cn={4}misc,cn=schema,cn=config</emphasis> entry in the cn=config tree."
13538
msgstr ""
13539
13540
#: serverguide/C/network-auth.xml:336(title)
13541
msgid "Populating LDAP"
13542
msgstr "准备 LDAP"
13543
13544
#: serverguide/C/network-auth.xml:338(para)
13545
msgid ""
13546
"The directory has been created during installation and reconfiguration, and "
13547
"now it is time to populate it. It will be populated with a \"classical\" "
13548
"scheme that will be compatible with address book applications and with Unix "
13549
"Posix accounts. Posix accounts will allow authentication to various "
13550
"applications, such as web applications, email Mail Transfer Agent (MTA) "
13551
"applications, etc."
13552
msgstr ""
13553
13554
#: serverguide/C/network-auth.xml:347(para)
14724
#: serverguide/C/network-auth.xml:86(para)
14725
msgid ""
14726
"The backend <emphasis>cn=config</emphasis> directory has only a minimal "
14727
"configuration and will need additional configuration options in order to "
14728
"populate the frontend directory. The frontend will be populated with a "
14729
"\"classical\" scheme that will be compatible with address book applications "
14730
"and with Unix Posix accounts. Posix accounts will allow authentication to "
14731
"various applications, such as web applications, email Mail Transfer Agent "
14732
"(MTA) applications, etc."
14733
msgstr ""
14734
14735
#: serverguide/C/network-auth.xml:95(para)
13555
14736
msgid ""
13556
14737
"For external applications to authenticate using LDAP they will each need to "
13557
14738
"be specifically configured to do so. Refer to the individual application "
13558
14739
"documentation for details."
13559
14740
msgstr ""
13560
14741
13561
#: serverguide/C/network-auth.xml:354(para)
13562
msgid ""
13563
"LDAP directories can be populated with LDIF (LDAP Directory Interchange "
13564
"Format) files. Copy the following example LDIF file, naming it "
13565
"<filename>example.com.ldif</filename>, somewhere on your system:"
13566
msgstr ""
13567
13568
#: serverguide/C/network-auth.xml:360(programlisting)
13569
#, no-wrap
13570
msgid ""
14742
#: serverguide/C/network-auth.xml:103(para)
14743
msgid ""
14744
"Remember to change <emphasis>dc=example,dc=com</emphasis> in the following "
14745
"examples to match your LDAP configuration."
14746
msgstr ""
14747
14748
#: serverguide/C/network-auth.xml:108(para)
14749
msgid ""
14750
"First, some additional schema files need to be loaded. In a terminal enter:"
14751
msgstr ""
14752
14753
#: serverguide/C/network-auth.xml:113(command) serverguide/C/network-auth.xml:702(command)
14754
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif"
14755
msgstr ""
14756
14757
#: serverguide/C/network-auth.xml:114(command) serverguide/C/network-auth.xml:703(command)
14758
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif"
14759
msgstr ""
14760
14761
#: serverguide/C/network-auth.xml:115(command) serverguide/C/network-auth.xml:704(command)
14762
msgid ""
14763
"sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif"
14764
msgstr ""
14765
14766
#: serverguide/C/network-auth.xml:118(para)
14767
msgid ""
14768
"Next, copy the following example LDIF file, naming it "
14769
"<filename>backend.example.com.ldif</filename>, somewhere on your system:"
14770
msgstr ""
14771
14772
#: serverguide/C/network-auth.xml:123(programlisting)
14773
#, no-wrap
14774
msgid ""
14775
"\n"
14776
"# Load dynamic backend modules\n"
14777
"dn: cn=module,cn=config\n"
14778
"objectClass: olcModuleList\n"
14779
"cn: module\n"
14780
"olcModulepath: /usr/lib/ldap\n"
14781
"olcModuleload: back_hdb\n"
14782
"\n"
14783
"# Database settings\n"
14784
"dn: olcDatabase=hdb,cn=config\n"
14785
"objectClass: olcDatabaseConfig\n"
14786
"objectClass: olcHdbConfig\n"
14787
"olcDatabase: {1}hdb\n"
14788
"olcSuffix: dc=example,dc=com\n"
14789
"olcDbDirectory: /var/lib/ldap\n"
14790
"olcRootDN: cn=admin,dc=example,dc=com\n"
14791
"olcRootPW: secret\n"
14792
"olcDbConfig: set_cachesize 0 2097152 0\n"
14793
"olcDbConfig: set_lk_max_objects 1500\n"
14794
"olcDbConfig: set_lk_max_locks 1500\n"
14795
"olcDbConfig: set_lk_max_lockers 1500\n"
14796
"olcDbIndex: objectClass eq\n"
14797
"olcLastMod: TRUE\n"
14798
"olcDbCheckpoint: 512 30\n"
14799
"olcAccess: to attrs=userPassword by dn=\"cn=admin,dc=example,dc=com\" write "
14800
"by anonymous auth by self write by * none\n"
14801
"olcAccess: to attrs=shadowLastChange by self write by * read\n"
14802
"olcAccess: to dn.base=\"\" by * read\n"
14803
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
14804
"\n"
14805
msgstr ""
14806
14807
#: serverguide/C/network-auth.xml:155(para)
14808
msgid ""
14809
"Change <emphasis>olcRootPW: secret</emphasis> to a password of your choosing."
14810
msgstr ""
14811
14812
#: serverguide/C/network-auth.xml:160(para)
14813
msgid "Now add the LDIF to the directory:"
14814
msgstr ""
14815
14816
#: serverguide/C/network-auth.xml:165(command) serverguide/C/network-auth.xml:746(command)
14817
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f backend.example.com.ldif"
14818
msgstr ""
14819
14820
#: serverguide/C/network-auth.xml:168(para)
14821
msgid ""
14822
"The frontend directory is now ready to be populated. Create a "
14823
"<filename>frontend.example.com.ldif</filename> with the following contents:"
14824
msgstr ""
14825
14826
#: serverguide/C/network-auth.xml:173(programlisting)
14827
#, no-wrap
14828
msgid ""
14829
"\n"
14830
"# Create top-level object in domain\n"
14831
"dn: dc=example,dc=com\n"
14832
"objectClass: top\n"
14833
"objectClass: dcObject\n"
14834
"objectclass: organization\n"
14835
"o: Example Organization\n"
14836
"dc: Example\n"
14837
"description: LDAP Example \n"
14838
"\n"
14839
"# Admin user.\n"
14840
"dn: cn=admin,dc=example,dc=com\n"
14841
"objectClass: simpleSecurityObject\n"
14842
"objectClass: organizationalRole\n"
14843
"cn: admin\n"
14844
"description: LDAP administrator\n"
14845
"userPassword: secret\n"
13571
14846
"\n"
13572
14847
"dn: ou=people,dc=example,dc=com\n"
13573
14848
"objectClass: organizationalUnit\n"
13614
14889
"gidNumber: 10000\n"
13615
14890
msgstr ""
13616
14891
13617
#: serverguide/C/network-auth.xml:406(para)
14892
#: serverguide/C/network-auth.xml:236(para)
13618
14893
msgid ""
13619
14894
"In this example the directory structure, a user, and a group have been "
13620
14895
"setup. In other examples you might see the <emphasis>objectClass: "
13622
14897
"you do not have to add it explicitly."
13623
14898
msgstr ""
13624
14899
13625
#: serverguide/C/network-auth.xml:413(para)
13626
msgid ""
13627
"To add the entries to the LDAP directory use the "
13628
"<application>ldapadd</application> utility:"
13629
msgstr ""
13630
13631
#: serverguide/C/network-auth.xml:419(command)
13632
msgid "ldapadd -x -D cn=admin,dc=example,dc=com -W -f example.com.ldif"
13633
msgstr ""
13634
13635
#: serverguide/C/network-auth.xml:422(para)
13636
msgid ""
13637
"We can check that the content has been correctly added with the tools from "
13638
"the <application>ldap-utils</application> package. In order to execute a "
13639
"search of the LDAP directory:"
13640
msgstr ""
13641
13642
#: serverguide/C/network-auth.xml:429(command)
14900
#: serverguide/C/network-auth.xml:243(para)
14901
msgid "Add the entries to the LDAP directory:"
14902
msgstr ""
14903
14904
#: serverguide/C/network-auth.xml:249(command) serverguide/C/network-auth.xml:757(command)
14905
msgid ""
14906
"sudo ldapadd -x -D cn=admin,dc=example,dc=com -W -f frontend.example.com.ldif"
14907
msgstr ""
14908
14909
#: serverguide/C/network-auth.xml:252(para)
14910
msgid ""
14911
"We can check that the content has been correctly added with the "
14912
"<application>ldapsearch</application> utility. Execute a search of the LDAP "
14913
"directory:"
14914
msgstr ""
14915
14916
#: serverguide/C/network-auth.xml:258(command)
13643
14917
msgid "ldapsearch -xLLL -b \"dc=example,dc=com\" uid=john sn givenName cn"
13644
14918
msgstr ""
13645
14919
13646
#: serverguide/C/network-auth.xml:430(computeroutput)
14920
#: serverguide/C/network-auth.xml:259(computeroutput)
13647
14921
#, no-wrap
13648
14922
msgid ""
13649
14923
"\n"
13653
14927
"givenName: John\n"
13654
14928
msgstr ""
13655
14929
13656
#: serverguide/C/network-auth.xml:438(para)
14930
#: serverguide/C/network-auth.xml:267(para)
13657
14931
msgid "Just a quick explanation:"
13658
14932
msgstr ""
13659
14933
13660
#: serverguide/C/network-auth.xml:444(para)
14934
#: serverguide/C/network-auth.xml:273(para)
13661
14935
msgid ""
13662
14936
"<emphasis>-x:</emphasis> will not use SASL authentication method, which is "
13663
14937
"the default."
13664
14938
msgstr ""
13665
14939
14940
#: serverguide/C/network-auth.xml:279(para)
14941
msgid "<emphasis>-LLL:</emphasis> disable printing LDIF schema information."
14942
msgstr ""
14943
14944
#: serverguide/C/network-auth.xml:287(title)
14945
msgid "Further Configuration"
14946
msgstr ""
14947
14948
#: serverguide/C/network-auth.xml:290(para)
14949
msgid ""
14950
"The <emphasis>cn=config</emphasis> tree can be manipulated using the "
14951
"utilities in the <application>ldap-utils</application> package. For example:"
14952
msgstr ""
14953
14954
#: serverguide/C/network-auth.xml:298(para)
14955
msgid ""
14956
"Use <application>ldapsearch</application> to view the tree, entering the "
14957
"admin password set during installation or reconfiguration:"
14958
msgstr ""
14959
14960
#: serverguide/C/network-auth.xml:304(command)
14961
msgid "sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn"
14962
msgstr ""
14963
14964
#: serverguide/C/network-auth.xml:308(computeroutput)
14965
#, no-wrap
14966
msgid ""
14967
"\n"
14968
"SASL/EXTERNAL authentication started\n"
14969
"SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth\n"
14970
"SASL SSF: 0\n"
14971
"dn: cn=config\n"
14972
"\n"
14973
"dn: cn=module{0},cn=config\n"
14974
"\n"
14975
"dn: cn=schema,cn=config\n"
14976
"\n"
14977
"dn: cn={0}core,cn=schema,cn=config\n"
14978
"\n"
14979
"dn: cn={1}cosine,cn=schema,cn=config\n"
14980
"\n"
14981
"dn: cn={2}nis,cn=schema,cn=config\n"
14982
"\n"
14983
"dn: cn={3}inetorgperson,cn=schema,cn=config\n"
14984
"\n"
14985
"dn: olcDatabase={-1}frontend,cn=config\n"
14986
"\n"
14987
"dn: olcDatabase={0}config,cn=config\n"
14988
"\n"
14989
"dn: olcDatabase={1}hdb,cn=config\n"
14990
msgstr ""
14991
14992
#: serverguide/C/network-auth.xml:334(para)
14993
msgid ""
14994
"The output above is the current configuration options for the "
14995
"<emphasis>cn=config</emphasis> backend database. Your output may be vary."
14996
msgstr ""
14997
14998
#: serverguide/C/network-auth.xml:342(para)
14999
msgid ""
15000
"As an example of modifying the <emphasis>cn=config</emphasis> tree, add "
15001
"another attribute to the index list using "
15002
"<application>ldapmodify</application>:"
15003
msgstr ""
15004
15005
#: serverguide/C/network-auth.xml:348(command) serverguide/C/network-auth.xml:984(command) serverguide/C/network-auth.xml:1155(command) serverguide/C/network-auth.xml:1191(command)
15006
msgid "sudo ldapmodify -Y EXTERNAL -H ldapi:///"
15007
msgstr ""
15008
15009
#: serverguide/C/network-auth.xml:356(userinput)
15010
#, no-wrap
15011
msgid ""
15012
"dn: olcDatabase={1}hdb,cn=config\n"
15013
"add: olcDbIndex\n"
15014
"olcDbIndex: uidNumber eq"
15015
msgstr ""
15016
15017
#: serverguide/C/network-auth.xml:352(computeroutput)
15018
#, no-wrap
15019
msgid ""
15020
"\n"
15021
"SASL/EXTERNAL authentication started\n"
15022
"SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth\n"
15023
"SASL SSF: 0\n"
15024
"<placeholder-1/>\n"
15025
"\n"
15026
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
15027
msgstr ""
15028
15029
#: serverguide/C/network-auth.xml:364(para)
15030
msgid ""
15031
"Once the modification has completed, press <emphasis>Ctrl+D</emphasis> to "
15032
"exit the utility."
15033
msgstr ""
15034
15035
#: serverguide/C/network-auth.xml:371(para)
15036
msgid ""
15037
"<application>ldapmodify</application> can also read the changes from a file. "
15038
"Copy and paste the following into a file named "
15039
"<filename>uid_index.ldif</filename>:"
15040
msgstr ""
15041
15042
#: serverguide/C/network-auth.xml:376(programlisting)
15043
#, no-wrap
15044
msgid ""
15045
"\n"
15046
"dn: olcDatabase={1}hdb,cn=config\n"
15047
"add: olcDbIndex\n"
15048
"olcDbIndex: uid eq,pres,sub\n"
15049
msgstr ""
15050
15051
#: serverguide/C/network-auth.xml:382(para)
15052
msgid "Then execute <application>ldapmodify</application>:"
15053
msgstr ""
15054
15055
#: serverguide/C/network-auth.xml:387(command)
15056
msgid "sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f uid_index.ldif"
15057
msgstr ""
15058
15059
#: serverguide/C/network-auth.xml:391(computeroutput)
15060
#, no-wrap
15061
msgid ""
15062
"\n"
15063
"SASL/EXTERNAL authentication started\n"
15064
"SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth\n"
15065
"SASL SSF: 0\n"
15066
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
15067
msgstr ""
15068
15069
#: serverguide/C/network-auth.xml:399(para)
15070
msgid "The file method is very useful for large changes."
15071
msgstr ""
15072
15073
#: serverguide/C/network-auth.xml:406(para)
15074
msgid ""
15075
"Adding additional <emphasis>schemas</emphasis> to "
15076
"<application>slapd</application> requires the schema to be converted to LDIF "
15077
"format. The <filename role=\"directory\">/etc/ldap/schema</filename> "
15078
"directory contains some schema files already converted to LDIF format as "
15079
"demonstrated in the previous section. Fortunately, the "
15080
"<application>slapd</application> program can be used to automate the "
15081
"conversion. The following example will add the "
15082
"<emphasis>dyngoup.schema</emphasis>:"
15083
msgstr ""
15084
15085
#: serverguide/C/network-auth.xml:416(para)
15086
msgid ""
15087
"First, create a conversion <filename>schema_convert.conf</filename> file "
15088
"containing the following lines:"
15089
msgstr ""
15090
15091
#: serverguide/C/network-auth.xml:421(programlisting)
15092
#, no-wrap
15093
msgid ""
15094
"\n"
15095
"include /etc/ldap/schema/core.schema\n"
15096
"include /etc/ldap/schema/collective.schema\n"
15097
"include /etc/ldap/schema/corba.schema\n"
15098
"include /etc/ldap/schema/cosine.schema\n"
15099
"include /etc/ldap/schema/duaconf.schema\n"
15100
"include /etc/ldap/schema/dyngroup.schema\n"
15101
"include /etc/ldap/schema/inetorgperson.schema\n"
15102
"include /etc/ldap/schema/java.schema\n"
15103
"include /etc/ldap/schema/misc.schema\n"
15104
"include /etc/ldap/schema/nis.schema\n"
15105
"include /etc/ldap/schema/openldap.schema\n"
15106
"include /etc/ldap/schema/ppolicy.schema\n"
15107
msgstr ""
15108
15109
#: serverguide/C/network-auth.xml:439(para) serverguide/C/network-auth.xml:1655(para)
15110
msgid "Next, create a temporary directory to hold the output:"
15111
msgstr ""
15112
15113
#: serverguide/C/network-auth.xml:444(command) serverguide/C/network-auth.xml:1660(command) serverguide/C/network-auth.xml:2695(command)
15114
msgid "mkdir /tmp/ldif_output"
15115
msgstr ""
15116
13666
15117
#: serverguide/C/network-auth.xml:450(para)
13667
msgid "<emphasis>-LLL:</emphasis> disable printing LDIF schema information."
13668
msgstr ""
13669
13670
#: serverguide/C/network-auth.xml:459(title)
13671
msgid "LDAP replication"
13672
msgstr "LDAP 副本"
13673
13674
#: serverguide/C/network-auth.xml:461(para)
15118
msgid ""
15119
"Now using <application>slapcat</application> convert the schema files to "
15120
"LDIF:"
15121
msgstr ""
15122
15123
#: serverguide/C/network-auth.xml:455(command)
15124
msgid ""
15125
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
15126
"\"cn={5}dyngroup,cn=schema,cn=config\" > /tmp/cn=dyngroup.ldif"
15127
msgstr ""
15128
15129
#: serverguide/C/network-auth.xml:458(para)
15130
msgid ""
15131
"Adjust the configuration file name and temporary directory names if yours "
15132
"are different. Also, it may be worthwhile to keep the "
15133
"<filename>ldif_output</filename> directory around in case you want to add "
15134
"additional schemas in the future."
15135
msgstr ""
15136
15137
#: serverguide/C/network-auth.xml:467(para)
15138
msgid ""
15139
"Edit the <filename>/tmp/cn\\=dyngroup.ldif</filename> file, changing the "
15140
"following attributes:"
15141
msgstr ""
15142
15143
#: serverguide/C/network-auth.xml:471(programlisting)
15144
#, no-wrap
15145
msgid ""
15146
"\n"
15147
"dn: cn=dyngroup,cn=schema,cn=config\n"
15148
"...\n"
15149
"cn: dyngroup\n"
15150
msgstr ""
15151
15152
#: serverguide/C/network-auth.xml:477(para) serverguide/C/network-auth.xml:1691(para)
15153
msgid "And remove the following lines from the bottom of the file:"
15154
msgstr ""
15155
15156
#: serverguide/C/network-auth.xml:481(programlisting)
15157
#, no-wrap
15158
msgid ""
15159
"\n"
15160
"structuralObjectClass: olcSchemaConfig\n"
15161
"entryUUID: 10dae0ea-0760-102d-80d3-f9366b7f7757\n"
15162
"creatorsName: cn=config\n"
15163
"createTimestamp: 20080826021140Z\n"
15164
"entryCSN: 20080826021140.791425Z#000000#000#000000\n"
15165
"modifiersName: cn=config\n"
15166
"modifyTimestamp: 20080826021140Z\n"
15167
msgstr ""
15168
15169
#: serverguide/C/network-auth.xml:492(para) serverguide/C/network-auth.xml:1706(para) serverguide/C/network-auth.xml:2741(para)
15170
msgid ""
15171
"The attribute values will vary, just be sure the attributes are removed."
15172
msgstr ""
15173
15174
#: serverguide/C/network-auth.xml:500(para) serverguide/C/network-auth.xml:1714(para)
15175
msgid ""
15176
"Finally, using the <application>ldapadd</application> utility, add the new "
15177
"schema to the directory:"
15178
msgstr ""
15179
15180
#: serverguide/C/network-auth.xml:506(command)
15181
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/cn\\=dyngroup.ldif"
15182
msgstr ""
15183
15184
#: serverguide/C/network-auth.xml:512(para)
15185
msgid ""
15186
"There should now be a <emphasis>dn: "
15187
"cn={4}dyngroup,cn=schema,cn=config</emphasis> entry in the cn=config tree."
15188
msgstr ""
15189
15190
#: serverguide/C/network-auth.xml:522(title)
15191
msgid "LDAP Replication"
15192
msgstr ""
15193
15194
#: serverguide/C/network-auth.xml:524(para)
13675
15195
msgid ""
13676
15196
"LDAP often quickly becomes a highly critical service to the network. "
13677
15197
"Multiple systems will come to depend on LDAP for authentication, "
13679
15199
"system through replication."
13680
15200
msgstr ""
13681
15201
13682
#: serverguide/C/network-auth.xml:467(para)
15202
#: serverguide/C/network-auth.xml:530(para)
13683
15203
msgid ""
13684
15204
"Replication is achieved using the <emphasis>Syncrepl</emphasis> engine. "
13685
"Syncrepl allows the directory to be synced using either a "
13686
"<emphasis>push</emphasis> or <emphasis>pull</emphasis> based system. In a "
13687
"push based configuration a <quote>primary</quote> server will push directory "
13688
"updates to <quote>secondary</quote> servers, while a pull based approach "
13689
"allows replication servers to sync on a time based interval."
13690
msgstr ""
13691
13692
#: serverguide/C/network-auth.xml:475(para)
13693
msgid ""
13694
"The following is an example of a <emphasis>Multi-Master</emphasis> "
13695
"configuration. In this configuration each OpenLDAP server is configured for "
13696
"both <emphasis>push</emphasis> and <emphasis>pull</emphasis> replication."
13697
msgstr ""
13698
13699
#: serverguide/C/network-auth.xml:483(para)
13700
msgid ""
13701
"First, configure the server to sync the <emphasis>cn=config</emphasis> "
13702
"database. Copy the following to a file named <filename>syncrepl_cn-"
13703
"config.ldif</filename>:"
13704
msgstr ""
13705
13706
#: serverguide/C/network-auth.xml:488(programlisting)
15205
"Syncrepl allows the changes to be synced using a "
15206
"<emphasis>consumer</emphasis>, <emphasis>provider</emphasis> model. A "
15207
"provider sends directory changes to consumers."
15208
msgstr ""
15209
15210
#: serverguide/C/network-auth.xml:537(title)
15211
msgid "Provider Configuration"
15212
msgstr ""
15213
15214
#: serverguide/C/network-auth.xml:539(para)
15215
msgid ""
15216
"The following is an example of a <emphasis>Single-Master</emphasis> "
15217
"configuration. In this configuration one OpenLDAP server is configured as a "
15218
"<emphasis>provider</emphasis> and another as a <emphasis>consumer</emphasis>."
15219
msgstr ""
15220
15221
#: serverguide/C/network-auth.xml:547(para)
15222
msgid ""
15223
"First, configure the provider server. Copy the following to a file named "
15224
"<filename>provider_sync.ldif</filename>:"
15225
msgstr ""
15226
15227
#: serverguide/C/network-auth.xml:552(programlisting)
13707
15228
#, no-wrap
13708
15229
msgid ""
13709
15230
"\n"
15231
"# Add indexes to the frontend db.\n"
15232
"dn: olcDatabase={1}hdb,cn=config\n"
15233
"changetype: modify\n"
15234
"add: olcDbIndex\n"
15235
"olcDbIndex: entryCSN eq\n"
15236
"-\n"
15237
"add: olcDbIndex\n"
15238
"olcDbIndex: entryUUID eq\n"
15239
"\n"
15240
"#Load the syncprov and accesslog modules.\n"
13710
15241
"dn: cn=module{0},cn=config\n"
13711
15242
"changetype: modify\n"
13712
15243
"add: olcModuleLoad\n"
13713
15244
"olcModuleLoad: syncprov\n"
13714
"\n"
13715
"dn: cn=config\n"
13716
"changetype: modify\n"
13717
"replace: olcServerID\n"
13718
"olcServerID: 1 ldap://ldap01.example.com\n"
13719
"olcServerID: 2 ldap://ldap02.example.com\n"
13720
"\n"
13721
"dn: olcOverlay=syncprov,olcDatabase={0}config,cn=config\n"
15245
"-\n"
15246
"add: olcModuleLoad\n"
15247
"olcModuleLoad: accesslog\n"
15248
"\n"
15249
"# Accesslog database definitions\n"
15250
"dn: olcDatabase={2}hdb,cn=config\n"
15251
"objectClass: olcDatabaseConfig\n"
15252
"objectClass: olcHdbConfig\n"
15253
"olcDatabase: {2}hdb\n"
15254
"olcDbDirectory: /var/lib/ldap/accesslog\n"
15255
"olcSuffix: cn=accesslog\n"
15256
"olcRootDN: cn=admin,dc=example,dc=com\n"
15257
"olcDbIndex: default eq\n"
15258
"olcDbIndex: entryCSN,objectClass,reqEnd,reqResult,reqStart\n"
15259
"\n"
15260
"# Accesslog db syncprov.\n"
15261
"dn: olcOverlay=syncprov,olcDatabase={2}hdb,cn=config\n"
13722
15262
"changetype: add\n"
13723
15263
"objectClass: olcOverlayConfig\n"
13724
15264
"objectClass: olcSyncProvConfig\n"
13725
15265
"olcOverlay: syncprov\n"
13726
"\n"
13727
"dn: olcDatabase={0}config,cn=config\n"
13728
"changetype: modify\n"
13729
"add: olcSyncRepl\n"
13730
"olcSyncRepl: rid=001 provider=ldap://ldap01.example.com "
13731
"binddn=\"cn=admin,cn=config\" bindmethod=simple\n"
13732
" credentials=secret searchbase=\"cn=config\" type=refreshAndPersist\n"
13733
" retry=\"5 5 300 5\" timeout=1\n"
13734
"olcSyncRepl: rid=002 provider=ldap://ldap02.example.com "
13735
"binddn=\"cn=admin,cn=config\" bindmethod=simple\n"
13736
" credentials=secret searchbase=\"cn=config\" type=refreshAndPersist\n"
13737
" retry=\"5 5 300 5\" timeout=1\n"
13738
"-\n"
13739
"add: olcMirrorMode\n"
13740
"olcMirrorMode: TRUE\n"
13741
msgstr ""
13742
13743
#: serverguide/C/network-auth.xml:523(para)
13744
msgid "Edit the file changing:"
13745
msgstr ""
13746
13747
#: serverguide/C/network-auth.xml:529(para)
13748
msgid ""
13749
"<emphasis>ldap://ldap01.example.com</emphasis> and "
13750
"<emphasis>ldap://ldap02.example.com</emphasis> to the hostnames of your LDAP "
13751
"servers."
13752
msgstr ""
13753
13754
#: serverguide/C/network-auth.xml:534(para)
13755
msgid ""
13756
"You can have more than two LDAP servers, and when a change is made to one of "
13757
"them it will by synced to the rest. Be sure to increment the "
13758
"<emphasis>olcServerID</emphasis> for each server, and the "
13759
"<emphasis>rid</emphasis> for each <emphasis>olcSyncRepl</emphasis> entry."
13760
msgstr ""
13761
13762
#: serverguide/C/network-auth.xml:542(para)
13763
msgid ""
13764
"And adjust <emphasis>credentials=secret</emphasis> to match your admin "
13765
"password."
13766
msgstr ""
13767
13768
#: serverguide/C/network-auth.xml:552(para)
13769
msgid ""
13770
"Next, add the LDIF file using the <application>ldapmodify</application> "
13771
"utility:"
13772
msgstr ""
13773
13774
#: serverguide/C/network-auth.xml:557(command)
13775
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_cn-config.ldif"
13776
msgstr ""
13777
13778
#: serverguide/C/network-auth.xml:563(para)
13779
msgid ""
13780
"Copy the <filename>syncrepl_cn-config.ldif</filename> file to the next LDAP "
13781
"server and repeat the <application>ldapmodify</application> command above."
13782
msgstr ""
13783
13784
#: serverguide/C/network-auth.xml:571(para)
13785
msgid ""
13786
"Because a new module has been added, the <application>slapd</application> "
13787
"daemon, on all replicated servers, needs to be restarted:"
13788
msgstr ""
13789
13790
#: serverguide/C/network-auth.xml:577(command) serverguide/C/network-auth.xml:779(command) serverguide/C/network-auth.xml:895(command)
13791
msgid "sudo /etc/init.d/slapd restart"
13792
msgstr ""
13793
13794
#: serverguide/C/network-auth.xml:583(para)
13795
msgid ""
13796
"Now that the configuration database is synced between servers, the "
13797
"<emphasis>backend</emphasis> database needs to be synced as well. Copy and "
13798
"paste the following into another LDIF file named "
13799
"<filename>syncrepl_backend.ldif</filename>:"
13800
msgstr ""
13801
13802
#: serverguide/C/network-auth.xml:589(programlisting)
13803
#, no-wrap
13804
msgid ""
13805
"\n"
13806
"dn: olcDatabase={1}hdb,cn=config\n"
13807
"changetype: modify\n"
13808
"add: olcRootDN\n"
13809
"olcRootDN: cn=admin,dc=example,dc=com\n"
13810
"-\n"
13811
"add: olcSyncRepl\n"
13812
"olcSyncRepl: rid=003 provider=ldap://ldap01.example.com "
13813
"binddn=\"cn=admin,dc=example,dc=com\" \n"
13814
" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
13815
"type=refreshOnly \n"
13816
" interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1\n"
13817
"olcSyncRepl: rid=004 provider=ldap://ldap02.example.com "
13818
"binddn=\"cn=admin,dc=example,dc=com\" \n"
13819
" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
13820
"type=refreshOnly \n"
13821
" interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1\n"
13822
"-\n"
13823
"add: olcMirrorMode\n"
13824
"olcMirrorMode: TRUE\n"
13825
"\n"
15266
"olcSpNoPresent: TRUE\n"
15267
"olcSpReloadHint: TRUE\n"
15268
"\n"
15269
"# syncrepl Provider for primary db\n"
13826
15270
"dn: olcOverlay=syncprov,olcDatabase={1}hdb,cn=config\n"
13827
15271
"changetype: add\n"
13828
15272
"objectClass: olcOverlayConfig\n"
13829
15273
"objectClass: olcSyncProvConfig\n"
13830
15274
"olcOverlay: syncprov\n"
13831
msgstr ""
13832
13833
#: serverguide/C/network-auth.xml:616(para)
13834
msgid "Like the previous LDIF file, edit this one changing:"
13835
msgstr ""
13836
13837
#: serverguide/C/network-auth.xml:622(para)
13838
msgid ""
13839
"<emphasis>searchbase=\"dc=example,dc=com\"</emphasis> to your directory's "
13840
"searchbase."
13841
msgstr ""
13842
13843
#: serverguide/C/network-auth.xml:627(para)
13844
msgid ""
13845
"If you use a different admin user, change "
13846
"<emphasis>binddn=\"cn=admin,dc=example,dc=com\"</emphasis>."
13847
msgstr ""
13848
13849
#: serverguide/C/network-auth.xml:632(para)
13850
msgid ""
13851
"Also, replace <emphasis>credentials=secret</emphasis> with your admin "
13852
"password."
13853
msgstr ""
13854
13855
#: serverguide/C/network-auth.xml:641(para)
13856
msgid "Add the LDIF file:"
13857
msgstr ""
13858
13859
#: serverguide/C/network-auth.xml:646(command)
13860
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_backend.ldif"
13861
msgstr ""
13862
13863
#: serverguide/C/network-auth.xml:649(para)
13864
msgid ""
13865
"Because the servers' configuration is already synced there is no need to "
13866
"copy this LDIF file to the other servers."
15275
"olcSpNoPresent: TRUE\n"
15276
"\n"
15277
"# accesslog overlay definitions for primary db\n"
15278
"dn: olcOverlay=accesslog,olcDatabase={1}hdb,cn=config\n"
15279
"objectClass: olcOverlayConfig\n"
15280
"objectClass: olcAccessLogConfig\n"
15281
"olcOverlay: accesslog\n"
15282
"olcAccessLogDB: cn=accesslog\n"
15283
"olcAccessLogOps: writes\n"
15284
"olcAccessLogSuccess: TRUE\n"
15285
"# scan the accesslog DB every day, and purge entries older than 7 days\n"
15286
"olcAccessLogPurge: 07+00:00 01+00:00\n"
15287
msgstr ""
15288
15289
#: serverguide/C/network-auth.xml:614(para)
15290
msgid ""
15291
"The <application>AppArmor</application> profile for "
15292
"<application>slapd</application> will need to be adjusted for the accesslog "
15293
"database location. Edit <filename>/etc/apparmor.d/usr.sbin.slapd</filename> "
15294
"adding:"
15295
msgstr ""
15296
15297
#: serverguide/C/network-auth.xml:619(programlisting)
15298
#, no-wrap
15299
msgid ""
15300
"\n"
15301
" /var/lib/ldap/accesslog/ r,\n"
15302
" /var/lib/ldap/accesslog/** rwk,\n"
15303
msgstr ""
15304
15305
#: serverguide/C/network-auth.xml:624(para)
15306
msgid ""
15307
"Then create the directory, reload the <application>apparmor</application> "
15308
"profile, and copy the <filename>DB_CONFIG</filename> file:"
15309
msgstr ""
15310
15311
#: serverguide/C/network-auth.xml:630(command)
15312
msgid "sudo -u openldap mkdir /var/lib/ldap/accesslog"
15313
msgstr ""
15314
15315
#: serverguide/C/network-auth.xml:631(command)
15316
msgid "sudo -u openldap cp /var/lib/ldap/DB_CONFIG /var/lib/ldap/accesslog/"
15317
msgstr ""
15318
15319
#: serverguide/C/network-auth.xml:636(para)
15320
msgid ""
15321
"Using the <emphasis>-u openldap</emphasis> option with the "
15322
"<application>sudo</application> commands above removes the need to adjust "
15323
"permissions for the new directory later."
15324
msgstr ""
15325
15326
#: serverguide/C/network-auth.xml:645(para)
15327
msgid ""
15328
"Edit the file and change the <emphasis>olcRootDN</emphasis> to match your "
15329
"directory:"
15330
msgstr ""
15331
15332
#: serverguide/C/network-auth.xml:649(programlisting)
15333
#, no-wrap
15334
msgid ""
15335
"\n"
15336
"olcRootDN: cn=admin,dc=example,dc=com\n"
13867
15337
msgstr ""
13868
15338
13869
15339
#: serverguide/C/network-auth.xml:657(para)
13870
15340
msgid ""
13871
"The configuration and backend databases should now sycnc to the other "
13872
"servers. You can add additional servers using the "
13873
"<application>ldapmodify</application> utility as the need arises. See <xref "
13874
"linkend=\"openldap-configuration\"/> for details."
13875
msgstr ""
13876
13877
#: serverguide/C/network-auth.xml:667(programlisting)
15341
"Next, add the LDIF file using the <application>ldapadd</application> utility:"
15342
msgstr ""
15343
15344
#: serverguide/C/network-auth.xml:662(command)
15345
msgid "sudo ldapadd -Y EXTERNAL -H ldapi:/// -f provider_sync.ldif"
15346
msgstr ""
15347
15348
#: serverguide/C/network-auth.xml:669(para)
15349
msgid "Restart <application>slapd</application>:"
15350
msgstr ""
15351
15352
#: serverguide/C/network-auth.xml:674(command) serverguide/C/network-auth.xml:1040(command) serverguide/C/network-auth.xml:1227(command)
15353
msgid "sudo /etc/init.d/slapd restart"
15354
msgstr ""
15355
15356
#: serverguide/C/network-auth.xml:680(para)
15357
msgid ""
15358
"The <emphasis>Provider</emphasis> server is now configured, and it is time "
15359
"to configure a <emphasis>Consumer</emphasis> server."
15360
msgstr ""
15361
15362
#: serverguide/C/network-auth.xml:687(title)
15363
msgid "Consumer Configuration"
15364
msgstr ""
15365
15366
#: serverguide/C/network-auth.xml:692(para)
15367
msgid ""
15368
"On the <emphasis>Consumer</emphasis> server configure it the same as the "
15369
"<emphasis>Provider</emphasis> except for the <emphasis>Syncrepl</emphasis> "
15370
"configuration steps."
15371
msgstr ""
15372
15373
#: serverguide/C/network-auth.xml:697(para)
15374
msgid "Add the additional schema files:"
15375
msgstr ""
15376
15377
#: serverguide/C/network-auth.xml:707(para)
15378
msgid ""
15379
"Also, create, or copy from the provider server, the "
15380
"<filename>backend.example.com.ldif</filename>"
15381
msgstr ""
15382
15383
#: serverguide/C/network-auth.xml:711(programlisting)
15384
#, no-wrap
15385
msgid ""
15386
"\n"
15387
"# Load dynamic backend modules\n"
15388
"dn: cn=module,cn=config\n"
15389
"objectClass: olcModuleList\n"
15390
"cn: module\n"
15391
"olcModulepath: /usr/lib/ldap\n"
15392
"olcModuleload: back_hdb\n"
15393
"\n"
15394
"# Database settings\n"
15395
"dn: olcDatabase=hdb,cn=config\n"
15396
"objectClass: olcDatabaseConfig\n"
15397
"objectClass: olcHdbConfig\n"
15398
"olcDatabase: {1}hdb\n"
15399
"olcSuffix: dc=example,dc=com\n"
15400
"olcDbDirectory: /var/lib/ldap\n"
15401
"olcRootDN: cn=admin,dc=example,dc=com\n"
15402
"olcRootPW: secret\n"
15403
"olcDbConfig: set_cachesize 0 2097152 0\n"
15404
"olcDbConfig: set_lk_max_objects 1500\n"
15405
"olcDbConfig: set_lk_max_locks 1500\n"
15406
"olcDbConfig: set_lk_max_lockers 1500\n"
15407
"olcDbIndex: objectClass eq\n"
15408
"olcLastMod: TRUE\n"
15409
"olcDbCheckpoint: 512 30\n"
15410
"olcAccess: to attrs=userPassword by dn=\"cn=admin,dc=example,dc=com\" write "
15411
"by anonymous auth by self write by * none\n"
15412
"olcAccess: to attrs=shadowLastChange by self write by * read\n"
15413
"olcAccess: to dn.base=\"\" by * read\n"
15414
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
15415
msgstr ""
15416
15417
#: serverguide/C/network-auth.xml:741(para)
15418
msgid "And add the LDIF by entering:"
15419
msgstr ""
15420
15421
#: serverguide/C/network-auth.xml:752(para)
15422
msgid ""
15423
"Do the same with the <filename>frontend.example.com.ldif</filename> file "
15424
"listed above, and add it:"
15425
msgstr ""
15426
15427
#: serverguide/C/network-auth.xml:760(para)
15428
msgid ""
15429
"The two severs should now have the same configuration except for the "
15430
"<emphasis>Syncrepl</emphasis> options."
15431
msgstr ""
15432
15433
#: serverguide/C/network-auth.xml:768(para)
15434
msgid ""
15435
"Now create a file named <filename>consumer_sync.ldif</filename> containing:"
15436
msgstr ""
15437
15438
#: serverguide/C/network-auth.xml:772(programlisting)
15439
#, no-wrap
15440
msgid ""
15441
"\n"
15442
"#Load the syncprov module.\n"
15443
"dn: cn=module{0},cn=config\n"
15444
"changetype: modify\n"
15445
"add: olcModuleLoad\n"
15446
"olcModuleLoad: syncprov\n"
15447
"\n"
15448
"# syncrepl specific indices\n"
15449
"dn: olcDatabase={1}hdb,cn=config\n"
15450
"changetype: modify\n"
15451
"add: olcDbIndex\n"
15452
"olcDbIndex: entryUUID eq\n"
15453
"-\n"
15454
"add: olcSyncRepl\n"
15455
"olcSyncRepl: rid=0 provider=ldap://ldap01.example.com bindmethod=simple "
15456
"binddn=\"cn=admin,dc=example,dc=com\" \n"
15457
" credentials=secret searchbase=\"dc=example,dc=com\" "
15458
"logbase=\"cn=accesslog\" \n"
15459
" logfilter=\"(&(objectClass=auditWriteObject)(reqResult=0))\" "
15460
"schemachecking=on \n"
15461
" type=refreshAndPersist retry=\"60 +\" syncdata=accesslog\n"
15462
"-\n"
15463
"add: olcUpdateRef\n"
15464
"olcUpdateRef: ldap://ldap01.example.com\n"
15465
msgstr ""
15466
15467
#: serverguide/C/network-auth.xml:795(para)
15468
msgid "You will probably want to change the following attributes:"
15469
msgstr ""
15470
15471
#: serverguide/C/network-auth.xml:800(para)
15472
msgid "<emphasis>ldap01.example.com</emphasis> to your server's hostname."
15473
msgstr ""
15474
15475
#: serverguide/C/network-auth.xml:801(emphasis)
15476
msgid "binddn"
15477
msgstr ""
15478
15479
#: serverguide/C/network-auth.xml:802(emphasis)
15480
msgid "credentials"
15481
msgstr ""
15482
15483
#: serverguide/C/network-auth.xml:803(emphasis)
15484
msgid "searchbase"
15485
msgstr ""
15486
15487
#: serverguide/C/network-auth.xml:804(emphasis)
15488
msgid "olcUpdateRef:"
15489
msgstr ""
15490
15491
#: serverguide/C/network-auth.xml:810(para)
15492
msgid "Add the LDIF file to the configuration tree:"
15493
msgstr ""
15494
15495
#: serverguide/C/network-auth.xml:815(command)
15496
msgid "sudo ldapadd -c -Y EXTERNAL -H ldapi:/// -f consumer_sync.ldif"
15497
msgstr ""
15498
15499
#: serverguide/C/network-auth.xml:821(para)
15500
msgid ""
15501
"The frontend database should now sync between servers. You can add "
15502
"additional servers using the steps above as the need arises."
15503
msgstr ""
15504
15505
#: serverguide/C/network-auth.xml:831(programlisting)
13878
15506
#, no-wrap
13879
15507
msgid "127.0.0.1\tldap01.example.com ldap01"
13880
15508
msgstr ""
13881
15509
13882
#: serverguide/C/network-auth.xml:663(para)
15510
#: serverguide/C/network-auth.xml:827(para)
13883
15511
msgid ""
13884
15512
"The <application>slapd</application> daemon will send log information to "
13885
15513
"<filename>/var/log/syslog</filename> by default. So if all does "
13889
15517
"<filename>/etc/hosts</filename> with a line similar to: <placeholder-1/>."
13890
15518
msgstr ""
13891
15519
13892
#: serverguide/C/network-auth.xml:674(title)
15520
#: serverguide/C/network-auth.xml:839(title)
13893
15521
msgid "Setting up ACL"
13894
15522
msgstr "设置 ACL"
13895
15523
13896
#: serverguide/C/network-auth.xml:676(para)
15524
#: serverguide/C/network-auth.xml:841(para)
13897
15525
msgid ""
13898
15526
"Authentication requires access to the password field, that should be not "
13899
15527
"accessible by default. Also, in order for users to change their own "
13902
15530
"authenticated."
13903
15531
msgstr ""
13904
15532
13905
#: serverguide/C/network-auth.xml:683(para)
15533
#: serverguide/C/network-auth.xml:848(para)
13906
15534
msgid ""
13907
15535
"To view the Access Control List (ACL), use the "
13908
15536
"<application>ldapsearch</application> utility:"
13909
15537
msgstr ""
13910
15538
13911
#: serverguide/C/network-auth.xml:688(command)
15539
#: serverguide/C/network-auth.xml:853(command)
13912
15540
msgid ""
13913
15541
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase=hdb "
13914
15542
"olcAccess"
13915
15543
msgstr ""
13916
15544
13917
#: serverguide/C/network-auth.xml:692(computeroutput)
15545
#: serverguide/C/network-auth.xml:857(computeroutput)
13918
15546
#, no-wrap
13919
15547
msgid ""
13920
15548
"Enter LDAP Password: \n"
13926
15554
"olcAccess: {2}to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
13927
15555
msgstr ""
13928
15556
13929
#: serverguide/C/network-auth.xml:704(title)
15557
#: serverguide/C/network-auth.xml:869(title)
13930
15558
msgid "TLS and SSL"
13931
15559
msgstr ""
13932
15560
13933
#: serverguide/C/network-auth.xml:706(para)
15561
#: serverguide/C/network-auth.xml:871(para)
13934
15562
msgid ""
13935
15563
"When authenticating to an OpenLDAP server it is best to do so using an "
13936
15564
"encrypted session. This can be accomplished using Transport Layer Security "
13937
15565
"(TLS) and/or Secure Sockets Layer (SSL)."
13938
15566
msgstr ""
13939
15567
13940
#: serverguide/C/network-auth.xml:711(para)
15568
#: serverguide/C/network-auth.xml:876(para)
13941
15569
msgid ""
13942
15570
"The first step in the process is to obtain or create a "
13943
"<emphasis>certificate</emphasis>. See <xref linkend=\"certificates-and-"
13944
"security\"/> and <xref linkend=\"certificate-authority\"/> for details."
13945
msgstr ""
13946
13947
#: serverguide/C/network-auth.xml:716(para)
15571
"<emphasis>certificate</emphasis>. Because <application>slapd</application> "
15572
"is compiled using the <application>gnutls</application> library, the "
15573
"<application>certtool</application> utility will be used to create "
15574
"certificates."
15575
msgstr ""
15576
15577
#: serverguide/C/network-auth.xml:885(para)
15578
msgid ""
15579
"First, install <application>gnutls-bin</application> by entering the "
15580
"following in a terminal:"
15581
msgstr ""
15582
15583
#: serverguide/C/network-auth.xml:890(command)
15584
msgid "sudo apt-get install gnutls-bin"
15585
msgstr ""
15586
15587
#: serverguide/C/network-auth.xml:896(para)
15588
msgid ""
15589
"Next, create a private key for the <emphasis>Certificate "
15590
"Authority</emphasis> (CA):"
15591
msgstr ""
15592
15593
#: serverguide/C/network-auth.xml:901(command)
15594
msgid ""
15595
"sudo sh -c \"certtool --generate-privkey > /etc/ssl/private/cakey.pem\""
15596
msgstr ""
15597
15598
#: serverguide/C/network-auth.xml:907(para)
15599
msgid ""
15600
"Create a <filename>/etc/ssl/ca.info</filename> details file to self-sign the "
15601
"CA certificate containing:"
15602
msgstr ""
15603
15604
#: serverguide/C/network-auth.xml:911(programlisting)
15605
#, no-wrap
15606
msgid ""
15607
"\n"
15608
"cn = Example Company\n"
15609
"ca\n"
15610
"cert_signing_key\n"
15611
msgstr ""
15612
15613
#: serverguide/C/network-auth.xml:920(para)
15614
msgid "Now create the self-signed CA certificate:"
15615
msgstr ""
15616
15617
#: serverguide/C/network-auth.xml:925(command)
15618
msgid ""
15619
"sudo certtool --generate-self-signed --load-privkey "
15620
"/etc/ssl/private/cakey.pem \\ --template /etc/ssl/ca.info --outfile "
15621
"/etc/ssl/certs/cacert.pem"
15622
msgstr ""
15623
15624
#: serverguide/C/network-auth.xml:932(para)
15625
msgid "Make a private key for the server:"
15626
msgstr ""
15627
15628
#: serverguide/C/network-auth.xml:937(command)
15629
msgid ""
15630
"sudo sh -c \"certtool --generate-privkey > "
15631
"/etc/ssl/private/ldap01_slapd_key.pem\""
15632
msgstr ""
15633
15634
#: serverguide/C/network-auth.xml:941(para)
15635
msgid ""
15636
"Replace <emphasis>ldap01</emphasis> in the filename with your server's "
15637
"hostname. Naming the certificate and key for the host and service that will "
15638
"be using them will help keep filenames and paths straight."
15639
msgstr ""
15640
15641
#: serverguide/C/network-auth.xml:950(para)
15642
msgid ""
15643
"To sign the server's certificate with the CA, create the "
15644
"<filename>/etc/ssl/ldap01.info</filename> info file containing:"
15645
msgstr ""
15646
15647
#: serverguide/C/network-auth.xml:954(programlisting)
15648
#, no-wrap
15649
msgid ""
15650
"\n"
15651
"organization = Example Company\n"
15652
"cn = ldap01.example.com\n"
15653
"tls_www_server\n"
15654
"encryption_key\n"
15655
"signing_key\n"
15656
msgstr ""
15657
15658
#: serverguide/C/network-auth.xml:965(para)
15659
msgid "Create the server's certificate:"
15660
msgstr ""
15661
15662
#: serverguide/C/network-auth.xml:970(command)
15663
msgid ""
15664
"sudo certtool --generate-certificate --load-privkey /etc/ssl/private/x01-"
15665
"test_slapd_key.pem \\ --load-ca-certificate /etc/ssl/certs/cacert.pem --load-"
15666
"ca-privkey /etc/ssl/private/cakey.pem \\ --template /etc/ssl/x01-test.info --"
15667
"outfile /etc/ssl/certs/x01-test_slapd_cert.pem"
15668
msgstr ""
15669
15670
#: serverguide/C/network-auth.xml:978(para)
13948
15671
msgid ""
13949
15672
"Once you have a certificate, key, and CA cert installed, use "
13950
15673
"<application>ldapmodify</application> to add the new configuration options:"
13951
15674
msgstr ""
13952
15675
13953
#: serverguide/C/network-auth.xml:727(userinput)
15676
#: serverguide/C/network-auth.xml:989(userinput)
13954
15677
#, no-wrap
13955
15678
msgid ""
13956
15679
"dn: cn=config\n"
13958
15681
"olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem\n"
13959
15682
"-\n"
13960
15683
"add: olcTLSCertificateFile\n"
13961
"olcTLSCertificateFile: /etc/ssl/certs/server.crt\n"
15684
"olcTLSCertificateFile: /etc/ssl/certs/ldap01_slapd_cert.pem\n"
13962
15685
"-\n"
13963
15686
"add: olcTLSCertificateKeyFile\n"
13964
"olcTLSCertificateKeyFile: /etc/ssl/private/server.key"
15687
"olcTLSCertificateKeyFile: /etc/ssl/private/ldap01_slapd_key.pem"
13965
15688
msgstr ""
13966
15689
13967
#: serverguide/C/network-auth.xml:726(computeroutput)
15690
#: serverguide/C/network-auth.xml:988(computeroutput) serverguide/C/network-auth.xml:1159(computeroutput)
13968
15691
#, no-wrap
13969
15692
msgid ""
13970
15693
"Enter LDAP Password:\n"
13973
15696
"modifying entry \"cn=config\"\n"
13974
15697
msgstr ""
13975
15698
13976
#: serverguide/C/network-auth.xml:742(para)
15699
#: serverguide/C/network-auth.xml:1004(para)
13977
15700
msgid ""
13978
"Adjust the <filename>server.crt</filename>, <filename>server.key</filename>, "
13979
"and <filename>cacert.pem</filename> names if yours are different. If you "
13980
"have a self-signed certificate, do <emphasis>NOT</emphasis> add the "
13981
"olcTLSCACertificateFile property, as it will cause GnuTLS to fail.."
15701
"Adjust the <filename>ldap01_slapd_cert.pem</filename>, "
15702
"<filename>ldap01_slapd_key.pem</filename>, and "
15703
"<filename>cacert.pem</filename> names if yours are different."
13982
15704
msgstr ""
13983
15705
13984
#: serverguide/C/network-auth.xml:749(para)
15706
#: serverguide/C/network-auth.xml:1010(para)
13985
15707
msgid ""
13986
15708
"Next, edit <filename>/etc/default/slapd</filename> uncomment the "
13987
15709
"<emphasis>SLAPD_SERVICES</emphasis> option:"
13988
15710
msgstr ""
13989
15711
13990
#: serverguide/C/network-auth.xml:753(programlisting)
15712
#: serverguide/C/network-auth.xml:1014(programlisting)
13991
15713
#, no-wrap
13992
15714
msgid ""
13993
15715
"\n"
13994
15716
"SLAPD_SERVICES=\"ldap:/// ldapi:/// ldaps:///\"\n"
13995
15717
msgstr ""
13996
15718
13997
#: serverguide/C/network-auth.xml:757(para)
15719
#: serverguide/C/network-auth.xml:1018(para)
13998
15720
msgid ""
13999
15721
"Now the <emphasis>openldap</emphasis> user needs access to the certificate:"
14000
15722
msgstr ""
14001
15723
14002
#: serverguide/C/network-auth.xml:762(command)
15724
#: serverguide/C/network-auth.xml:1023(command)
14003
15725
msgid "sudo adduser openldap ssl-cert"
14004
15726
msgstr ""
14005
15727
14006
#: serverguide/C/network-auth.xml:763(command)
14007
msgid "sudo chgrp ssl-cert /etc/ssl/private/server.key"
14008
msgstr ""
14009
14010
#: serverguide/C/network-auth.xml:764(command)
14011
msgid "sudo chmod g+r /etc/ssl/private/server.key"
14012
msgstr ""
14013
14014
#: serverguide/C/network-auth.xml:768(para)
15728
#: serverguide/C/network-auth.xml:1024(command)
15729
msgid "sudo chgrp ssl-cert /etc/ssl/private/ldap01_slapd_key.pem"
15730
msgstr ""
15731
15732
#: serverguide/C/network-auth.xml:1025(command)
15733
msgid "sudo chmod g+r /etc/ssl/private/ldap01_slapd_key.pem"
15734
msgstr ""
15735
15736
#: serverguide/C/network-auth.xml:1029(para)
14015
15737
msgid ""
14016
15738
"If the <filename role=\"directory\">/etc/ssl/private</filename> and "
14017
15739
"<filename>/etc/ssl/private/server.key</filename> have different permissions, "
14018
15740
"adjust the commands appropriately."
14019
15741
msgstr ""
14020
15742
14021
#: serverguide/C/network-auth.xml:774(para)
15743
#: serverguide/C/network-auth.xml:1035(para)
14022
15744
msgid "Finally, restart <application>slapd</application>:"
14023
15745
msgstr ""
14024
15746
14025
#: serverguide/C/network-auth.xml:782(para)
15747
#: serverguide/C/network-auth.xml:1043(para)
14026
15748
msgid ""
14027
15749
"The <application>slapd</application> daemon should now be listening for "
14028
15750
"LDAPS connections and be able to use STARTTLS during authentication."
14029
15751
msgstr ""
14030
15752
14031
#: serverguide/C/network-auth.xml:788(para)
15753
#: serverguide/C/network-auth.xml:1049(para)
14032
15754
msgid ""
14033
15755
"If you run into troubles with the server not starting, check the "
14034
15756
"/var/log/syslog. If you see errors like main: TLS init def ctx failed: -1, "
14037
15759
"group has read permissions on the private key."
14038
15760
msgstr ""
14039
15761
14040
#: serverguide/C/network-auth.xml:800(title)
15762
#: serverguide/C/network-auth.xml:1061(title)
14041
15763
msgid "TLS Replication"
14042
15764
msgstr ""
14043
15765
14044
#: serverguide/C/network-auth.xml:802(para)
15766
#: serverguide/C/network-auth.xml:1063(para)
14045
15767
msgid ""
14046
15768
"If you have setup <application>Syncrepl</application> between servers, it is "
14047
15769
"prudent to encrypt the replication traffic using <emphasis>Transport Layer "
14049
15771
"linkend=\"openldap-server-replication\"/>."
14050
15772
msgstr ""
14051
15773
14052
#: serverguide/C/network-auth.xml:808(para)
14053
msgid ""
14054
"After setting up replication, and following the instructions in <xref "
14055
"linkend=\"openldap-tls\"/>, there are a couple of consequences that should "
14056
"be kept in mind:"
14057
msgstr ""
14058
14059
#: serverguide/C/network-auth.xml:815(para)
14060
msgid ""
14061
"The configuration only needs to be modified on <emphasis>one</emphasis> "
14062
"server."
14063
msgstr ""
14064
14065
#: serverguide/C/network-auth.xml:820(para)
14066
msgid ""
14067
"The path names for the <emphasis>certificate</emphasis> and "
14068
"<emphasis>key</emphasis> must be the same on all servers."
14069
msgstr ""
14070
14071
#: serverguide/C/network-auth.xml:827(para)
14072
msgid ""
14073
"So on each replicated server: install a certificate, edit "
14074
"<filename>/etc/default/slapd</filename>, and restart "
14075
"<application>slapd</application>."
14076
msgstr ""
14077
14078
#: serverguide/C/network-auth.xml:832(para)
14079
msgid ""
14080
"Once <emphasis>TLS</emphasis> has been setup on each server, modify the "
14081
"<emphasis>cn=config</emphasis> replication by entering the following in a "
14082
"terminal:"
14083
msgstr ""
14084
14085
#: serverguide/C/network-auth.xml:843(userinput)
14086
#, no-wrap
14087
msgid ""
14088
"dn: olcDatabase={0}config,cn=config\n"
14089
"replace: olcSyncrepl\n"
14090
"olcSyncrepl: {0}rid=001 provider=ldap://ldap01.example.com "
14091
"binddn=\"cn=admin,cn\n"
14092
" =config\" bindmethod=simple credentials=secret searchbase=\"cn=config\" "
14093
"type=refre\n"
14094
" shAndPersist retry=\"5 5 300 5\" timeout=1 starttls=yes\n"
14095
"olcSyncrepl: {1}rid=002 provider=ldap://ldap02.example.com "
14096
"binddn=\"cn=admin,cn\n"
14097
" =config\" bindmethod=simple credentials=secret searchbase=\"cn=config\" "
14098
"type=refre\n"
14099
" shAndPersist retry=\"5 5 300 5\" timeout=1 starttls=yes"
14100
msgstr ""
14101
14102
#: serverguide/C/network-auth.xml:842(computeroutput)
14103
#, no-wrap
14104
msgid ""
14105
"Enter LDAP Password: \n"
14106
"<placeholder-1/>\n"
14107
"\n"
14108
"modifying entry \"olcDatabase={0}config,cn=config\"\n"
14109
msgstr ""
14110
14111
#: serverguide/C/network-auth.xml:856(para)
14112
msgid "Now adjust the <emphasis>backend</emphasis> database replication:"
14113
msgstr ""
14114
14115
#: serverguide/C/network-auth.xml:866(userinput)
14116
#, no-wrap
14117
msgid ""
15774
#: serverguide/C/network-auth.xml:1069(para)
15775
msgid ""
15776
"Assuming you have followed the above instructions and created a CA "
15777
"certificate and server certificate on the <emphasis>Provider</emphasis> "
15778
"server. Follow the following instructions to create a certificate and key "
15779
"for the <emphasis>Consumer</emphasis> server."
15780
msgstr ""
15781
15782
#: serverguide/C/network-auth.xml:1078(para)
15783
msgid "Create a new key for the Consumer server:"
15784
msgstr ""
15785
15786
#: serverguide/C/network-auth.xml:1083(command)
15787
msgid "mkdir ldap02-ssl"
15788
msgstr ""
15789
15790
#: serverguide/C/network-auth.xml:1084(command)
15791
msgid "cd ldap02-ssl"
15792
msgstr ""
15793
15794
#: serverguide/C/network-auth.xml:1085(command)
15795
msgid "certtool --generate-privkey > ldap02_slapd_key.pem"
15796
msgstr ""
15797
15798
#: serverguide/C/network-auth.xml:1089(para)
15799
msgid ""
15800
"Creating a new directory is not strictly necessary, but it will help keep "
15801
"things organized and make it easier to copy the files to the Consumer server."
15802
msgstr ""
15803
15804
#: serverguide/C/network-auth.xml:1098(para)
15805
msgid ""
15806
"Next, create an info file, <filename>ldap02.info</filename> for the Consumer "
15807
"server, changing the attributes to match your locality and server:"
15808
msgstr ""
15809
15810
#: serverguide/C/network-auth.xml:1103(programlisting)
15811
#, no-wrap
15812
msgid ""
15813
"\n"
15814
"country = US\n"
15815
"state = North Carolina\n"
15816
"locality = Winston-Salem\n"
15817
"organization = Example Company\n"
15818
"cn = ldap02.salem.edu\n"
15819
"tls_www_client\n"
15820
"encryption_key\n"
15821
"signing_key\n"
15822
msgstr ""
15823
15824
#: serverguide/C/network-auth.xml:1117(para)
15825
msgid "Create the certificate:"
15826
msgstr ""
15827
15828
#: serverguide/C/network-auth.xml:1122(command)
15829
msgid ""
15830
"sudo certtool --generate-certificate --load-privkey ldap02_slapd_key.pem \\ -"
15831
"-load-ca-certificate /etc/ssl/certs/cacert.pem --load-ca-privkey "
15832
"/etc/ssl/private/cakey.pem \\ --template ldap02.info --outfile "
15833
"ldap02_slapd_cert.pem"
15834
msgstr ""
15835
15836
#: serverguide/C/network-auth.xml:1130(para)
15837
msgid "Copy the <filename>cacert.pem</filename> to the dicretory:"
15838
msgstr ""
15839
15840
#: serverguide/C/network-auth.xml:1135(command)
15841
msgid "cp /etc/ssl/certs/cacert.pem ."
15842
msgstr ""
15843
15844
#: serverguide/C/network-auth.xml:1141(para)
15845
msgid ""
15846
"The only thing left is to copy the <filename>ldap02-ssl</filename> directory "
15847
"to the Consumer server, then copy <filename>ldap02_slapd_cert.pem</filename> "
15848
"and <filename>cacert.pem</filename> to <filename>/etc/ssl/certs</filename>, "
15849
"and copy <filename>ldap02_slapd_key.pem</filename> to "
15850
"<filename>/etc/ssl/private</filename>."
15851
msgstr ""
15852
15853
#: serverguide/C/network-auth.xml:1150(para)
15854
msgid ""
15855
"Once the files are in place adjust the <emphasis>cn=config</emphasis> tree "
15856
"by entering:"
15857
msgstr ""
15858
15859
#: serverguide/C/network-auth.xml:1160(userinput)
15860
#, no-wrap
15861
msgid ""
15862
"dn: cn=config\n"
15863
"add: olcTLSCACertificateFile\n"
15864
"olcTLSCACertificateFile: /etc/ssl/certs/cacert.pem\n"
15865
"-\n"
15866
"add: olcTLSCertificateFile\n"
15867
"olcTLSCertificateFile: /etc/ssl/certs/ldap02_slapd_cert.pem\n"
15868
"-\n"
15869
"add: olcTLSCertificateKeyFile\n"
15870
"olcTLSCertificateKeyFile: /etc/ssl/private/ldap02_slapd_key.pem"
15871
msgstr ""
15872
15873
#: serverguide/C/network-auth.xml:1177(para)
15874
msgid ""
15875
"As with the Provider you can now edit "
15876
"<filename>/etc/default/slapd</filename> and add the "
15877
"<emphasis>ldaps:///</emphasis> parameter to the "
15878
"<emphasis>SLAPD_SERVICES</emphasis> option."
15879
msgstr ""
15880
15881
#: serverguide/C/network-auth.xml:1185(para)
15882
msgid ""
15883
"Now that <emphasis>TLS</emphasis> has been setup on each server, once again "
15884
"modify the <emphasis>Consumer</emphasis> server's "
15885
"<emphasis>cn=config</emphasis> tree by entering the following in a terminal:"
15886
msgstr ""
15887
15888
#: serverguide/C/network-auth.xml:1198(userinput)
15889
#, no-wrap
15890
msgid ""
15891
"\n"
14118
15892
"dn: olcDatabase={1}hdb,cn=config\n"
14119
15893
"replace: olcSyncrepl\n"
14120
"olcSyncrepl: {0}rid=003 provider=ldap://ldap01.example.com "
14121
"binddn=\"cn=admin,dc=example,dc=\n"
14122
" com\" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
14123
"type=r\n"
14124
" efreshOnly interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1 starttls=yes\n"
14125
"olcSyncrepl: {1}rid=004 provider=ldap://ldap02.example.com "
14126
"binddn=\"cn=admin,dc=example,dc=\n"
14127
" com\" bindmethod=simple credentials=secret searchbase=\"dc=example,dc=com\" "
14128
"type=r\n"
14129
" efreshOnly interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1 starttls=yes"
15894
"olcSyncrepl: {0}rid=0 provider=ldap://ldap01.example.com bindmethod=simple "
15895
"binddn=\"cn=ad\n"
15896
" min,dc=example,dc=com\" credentials=secret searchbase=\"dc=example,dc=com\" "
15897
"logbas\n"
15898
" e=\"cn=accesslog\" "
15899
"logfilter=\"(&(objectClass=auditWriteObject)(reqResult=0))\" s\n"
15900
" chemachecking=on type=refreshAndPersist retry=\"60 +\" syncdata=accesslog "
15901
"starttls=yes"
14130
15902
msgstr ""
14131
15903
14132
#: serverguide/C/network-auth.xml:865(computeroutput) serverguide/C/network-auth.xml:2418(computeroutput)
15904
#: serverguide/C/network-auth.xml:1195(computeroutput)
14133
15905
#, no-wrap
14134
15906
msgid ""
14135
"Enter LDAP Password:\n"
15907
"SASL/EXTERNAL authentication started\n"
15908
"SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth\n"
15909
"SASL SSF: 0\n"
14136
15910
"<placeholder-1/>\n"
14137
15911
"\n"
14138
"modifying entry \"olcDatabase={1}hdb,cn=config\""
15912
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
14139
15913
msgstr ""
14140
15914
14141
#: serverguide/C/network-auth.xml:878(para)
15915
#: serverguide/C/network-auth.xml:1210(para)
14142
15916
msgid ""
14143
15917
"If the LDAP server hostname does not match the Fully Qualified Domain Name "
14144
15918
"(FQDN) in the certificate, you may have to edit "
14145
15919
"<filename>/etc/ldap/ldap.conf</filename> and add the following TLS options:"
14146
15920
msgstr ""
14147
15921
14148
#: serverguide/C/network-auth.xml:883(programlisting)
15922
#: serverguide/C/network-auth.xml:1215(programlisting)
14149
15923
#, no-wrap
14150
15924
msgid ""
14151
15925
"\n"
14152
"TLS_CERT /etc/ssl/certs/server.crt\n"
14153
"TLS_KEY /etc/ssl/private/server.key\n"
15926
"TLS_CERT /etc/ssl/certs/ldap02_slapd_cert.pem\n"
15927
"TLS_KEY /etc/ssl/private/ldap02_slapd_key.pem\n"
14154
15928
"TLS_CACERT /etc/ssl/certs/cacert.pem\n"
14155
15929
msgstr ""
14156
15930
14157
#: serverguide/C/network-auth.xml:890(para)
15931
#: serverguide/C/network-auth.xml:1222(para)
14158
15932
msgid ""
14159
15933
"Finally, restart <application>slapd</application> on each of the servers:"
14160
15934
msgstr ""
14161
15935
14162
#: serverguide/C/network-auth.xml:903(title)
15936
#: serverguide/C/network-auth.xml:1235(title)
14163
15937
msgid "LDAP Authentication"
14164
15938
msgstr ""
14165
15939
14166
#: serverguide/C/network-auth.xml:905(para)
15940
#: serverguide/C/network-auth.xml:1237(para)
14167
15941
msgid ""
14168
15942
"Once you have a working LDAP server, the <application>auth-client-"
14169
15943
"config</application> and <application>libnss-ldap</application> packages "
14171
15945
"LDAP. To install the packages from, a terminal prompt enter:"
14172
15946
msgstr ""
14173
15947
14174
#: serverguide/C/network-auth.xml:912(command)
15948
#: serverguide/C/network-auth.xml:1244(command)
14175
15949
msgid "sudo apt-get install libnss-ldap"
14176
15950
msgstr ""
14177
15951
14178
#: serverguide/C/network-auth.xml:915(para)
15952
#: serverguide/C/network-auth.xml:1247(para)
14179
15953
msgid ""
14180
15954
"During the install a menu dialog will ask you connection details about your "
14181
15955
"LDAP server."
14182
15956
msgstr ""
14183
15957
14184
#: serverguide/C/network-auth.xml:919(para)
15958
#: serverguide/C/network-auth.xml:1251(para)
14185
15959
msgid ""
14186
15960
"If you make a mistake when entering your information you can execute the "
14187
15961
"dialog again using:"
14188
15962
msgstr ""
14189
15963
14190
#: serverguide/C/network-auth.xml:924(command)
15964
#: serverguide/C/network-auth.xml:1256(command)
14191
15965
msgid "sudo dpkg-reconfigure ldap-auth-config"
14192
15966
msgstr ""
14193
15967
14194
#: serverguide/C/network-auth.xml:927(para)
15968
#: serverguide/C/network-auth.xml:1259(para)
14195
15969
msgid ""
14196
15970
"The results of the dialog can be seen in "
14197
15971
"<filename>/etc/ldap.conf</filename>. If your server requires options not "
14198
15972
"covered in the menu edit this file accordingly."
14199
15973
msgstr ""
14200
15974
14201
#: serverguide/C/network-auth.xml:932(para)
15975
#: serverguide/C/network-auth.xml:1264(para)
14202
15976
msgid ""
14203
15977
"Now that <application>libnss-ldap</application> is configured enable the "
14204
15978
"<application>auth-client-config</application> LDAP profile by entering:"
14205
15979
msgstr ""
14206
15980
14207
#: serverguide/C/network-auth.xml:938(command)
15981
#: serverguide/C/network-auth.xml:1270(command)
14208
15982
msgid "sudo auth-client-config -t nss -p lac_ldap"
14209
15983
msgstr ""
14210
15984
14211
#: serverguide/C/network-auth.xml:943(para)
15985
#: serverguide/C/network-auth.xml:1275(para)
14212
15986
msgid ""
14213
15987
"<emphasis>-t:</emphasis> only modifies "
14214
15988
"<filename>/etc/nsswitch.conf</filename>."
14215
15989
msgstr ""
14216
15990
14217
#: serverguide/C/network-auth.xml:948(para)
15991
#: serverguide/C/network-auth.xml:1280(para)
14218
15992
msgid "<emphasis>-p:</emphasis> name of the profile to enable, disable, etc."
14219
15993
msgstr ""
14220
15994
14221
#: serverguide/C/network-auth.xml:953(para)
15995
#: serverguide/C/network-auth.xml:1285(para)
14222
15996
msgid ""
14223
15997
"<emphasis>lac_ldap:</emphasis> the <application>auth-client-"
14224
15998
"config</application> profile that is part of the <application>ldap-auth-"
14225
15999
"config</application> package."
14226
16000
msgstr ""
14227
16001
14228
#: serverguide/C/network-auth.xml:960(para)
16002
#: serverguide/C/network-auth.xml:1292(para)
14229
16003
msgid ""
14230
16004
"Using the <application>pam-auth-update</application> utility, configure the "
14231
16005
"system to use LDAP for authentication:"
14232
16006
msgstr ""
14233
16007
14234
#: serverguide/C/network-auth.xml:965(command)
16008
#: serverguide/C/network-auth.xml:1297(command)
14235
16009
msgid "sudo pam-auth-update"
14236
16010
msgstr ""
14237
16011
14238
#: serverguide/C/network-auth.xml:968(para)
16012
#: serverguide/C/network-auth.xml:1300(para)
14239
16013
msgid ""
14240
16014
"From the <application>pam-auth-update</application> menu, choose LDAP and "
14241
16015
"any other authentication mechanisms you need."
14242
16016
msgstr ""
14243
16017
14244
#: serverguide/C/network-auth.xml:972(para)
16018
#: serverguide/C/network-auth.xml:1304(para)
14245
16019
msgid ""
14246
16020
"You should now be able to login using user credentials stored in the LDAP "
14247
16021
"directory."
14248
16022
msgstr ""
14249
16023
14250
#: serverguide/C/network-auth.xml:977(para)
16024
#: serverguide/C/network-auth.xml:1309(para)
14251
16025
msgid ""
14252
16026
"If you are going to use LDAP to store Samba users you will need to configure "
14253
16027
"the server to authenticate using LDAP. See <xref linkend=\"samba-ldap\"/> "
14254
16028
"for details."
14255
16029
msgstr ""
14256
16030
14257
#: serverguide/C/network-auth.xml:985(title)
16031
#: serverguide/C/network-auth.xml:1317(title)
14258
16032
msgid "User and Group Management"
14259
16033
msgstr ""
14260
16034
14261
#: serverguide/C/network-auth.xml:987(para)
16035
#: serverguide/C/network-auth.xml:1319(para)
14262
16036
msgid ""
14263
16037
"The <application>ldap-utils</application> package comes with multiple "
14264
16038
"utilities to manage the directory, but the long string of options needed, "
14266
16040
"package contains configurable scripts to easily manage LDAP users and groups."
14267
16041
msgstr ""
14268
16042
14269
#: serverguide/C/network-auth.xml:993(para)
16043
#: serverguide/C/network-auth.xml:1325(para)
14270
16044
msgid "To install the package, from a terminal enter:"
14271
16045
msgstr ""
14272
16046
14273
#: serverguide/C/network-auth.xml:998(command)
16047
#: serverguide/C/network-auth.xml:1330(command)
14274
16048
msgid "sudo apt-get install ldapscripts"
14275
16049
msgstr ""
14276
16050
14277
#: serverguide/C/network-auth.xml:1001(para)
16051
#: serverguide/C/network-auth.xml:1333(para)
14278
16052
msgid ""
14279
16053
"Next, edit the config file "
14280
16054
"<filename>/etc/ldapscripts/ldapscripts.conf</filename> uncommenting and "
14281
16055
"changing the following to match your environment:"
14282
16056
msgstr ""
14283
16057
14284
#: serverguide/C/network-auth.xml:1006(programlisting)
16058
#: serverguide/C/network-auth.xml:1338(programlisting)
14285
16059
#, no-wrap
14286
16060
msgid ""
14287
16061
"\n"
14297
16071
"MIDSTART=10000\n"
14298
16072
msgstr ""
14299
16073
14300
#: serverguide/C/network-auth.xml:1019(para)
16074
#: serverguide/C/network-auth.xml:1351(para)
14301
16075
msgid ""
14302
16076
"Now, create the <filename>ldapscripts.passwd</filename> file to allow "
14303
16077
"authenticated access to the directory:"
14304
16078
msgstr ""
14305
16079
14306
#: serverguide/C/network-auth.xml:1024(command)
16080
#: serverguide/C/network-auth.xml:1356(command)
14307
16081
msgid ""
14308
16082
"sudo sh -c \"echo -n 'secret' > /etc/ldapscripts/ldapscripts.passwd\""
14309
16083
msgstr ""
14310
16084
14311
#: serverguide/C/network-auth.xml:1025(command)
16085
#: serverguide/C/network-auth.xml:1357(command)
14312
16086
msgid "sudo chmod 400 /etc/ldapscripts/ldapscripts.passwd"
14313
16087
msgstr ""
14314
16088
14315
#: serverguide/C/network-auth.xml:1029(para)
16089
#: serverguide/C/network-auth.xml:1361(para)
14316
16090
msgid ""
14317
16091
"Replace <quote>secret</quote> with the actual password for your LDAP admin "
14318
16092
"user."
14319
16093
msgstr ""
14320
16094
14321
#: serverguide/C/network-auth.xml:1034(para)
16095
#: serverguide/C/network-auth.xml:1366(para)
14322
16096
msgid ""
14323
16097
"The <application>ldapscripts</application> are now ready to help manage your "
14324
16098
"directory. The following are some examples of how to use the scripts:"
14325
16099
msgstr ""
14326
16100
14327
#: serverguide/C/network-auth.xml:1041(para)
16101
#: serverguide/C/network-auth.xml:1373(para)
14328
16102
msgid "Create a new user:"
14329
16103
msgstr ""
14330
16104
14331
#: serverguide/C/network-auth.xml:1045(command)
16105
#: serverguide/C/network-auth.xml:1377(command)
14332
16106
msgid "sudo ldapadduser george example"
14333
16107
msgstr ""
14334
16108
14335
#: serverguide/C/network-auth.xml:1047(para)
16109
#: serverguide/C/network-auth.xml:1379(para)
14336
16110
msgid ""
14337
16111
"This will create a user with uid <emphasis role=\"italic\">george</emphasis> "
14338
16112
"and set the user's primary group (gid) to <emphasis "
14339
16113
"role=\"italic\">example</emphasis>"
14340
16114
msgstr ""
14341
16115
14342
#: serverguide/C/network-auth.xml:1053(para)
16116
#: serverguide/C/network-auth.xml:1385(para)
14343
16117
msgid "Change a user's password:"
14344
16118
msgstr ""
14345
16119
14346
#: serverguide/C/network-auth.xml:1057(command)
16120
#: serverguide/C/network-auth.xml:1389(command)
14347
16121
msgid "sudo ldapsetpasswd george"
14348
16122
msgstr ""
14349
16123
14350
#: serverguide/C/network-auth.xml:1058(computeroutput)
16124
#: serverguide/C/network-auth.xml:1390(computeroutput)
14351
16125
#, no-wrap
14352
16126
msgid "Changing password for user uid=george,ou=People,dc=example,dc=com"
14353
16127
msgstr ""
14354
16128
14355
#: serverguide/C/network-auth.xml:1059(userinput)
16129
#: serverguide/C/network-auth.xml:1391(userinput)
14356
16130
#, no-wrap
14357
16131
msgid "New Password: "
14358
16132
msgstr ""
14359
16133
14360
#: serverguide/C/network-auth.xml:1060(userinput)
16134
#: serverguide/C/network-auth.xml:1392(userinput)
14361
16135
#, no-wrap
14362
16136
msgid "New Password (verify): "
14363
16137
msgstr ""
14364
16138
14365
#: serverguide/C/network-auth.xml:1064(para)
16139
#: serverguide/C/network-auth.xml:1396(para)
14366
16140
msgid "Delete a user:"
14367
16141
msgstr ""
14368
16142
14369
#: serverguide/C/network-auth.xml:1068(command)
16143
#: serverguide/C/network-auth.xml:1400(command)
14370
16144
msgid "sudo ldapdeleteuser george"
14371
16145
msgstr ""
14372
16146
14373
#: serverguide/C/network-auth.xml:1073(para)
16147
#: serverguide/C/network-auth.xml:1405(para)
14374
16148
msgid "Add a group:"
14375
16149
msgstr ""
14376
16150
14377
#: serverguide/C/network-auth.xml:1077(command)
16151
#: serverguide/C/network-auth.xml:1409(command)
14378
16152
msgid "sudo ldapaddgroup qa"
14379
16153
msgstr ""
14380
16154
14381
#: serverguide/C/network-auth.xml:1081(para)
16155
#: serverguide/C/network-auth.xml:1413(para)
14382
16156
msgid "Delete a group:"
14383
16157
msgstr ""
14384
16158
14385
#: serverguide/C/network-auth.xml:1085(command)
16159
#: serverguide/C/network-auth.xml:1417(command)
14386
16160
msgid "sudo ldapdeletegroup qa"
14387
16161
msgstr ""
14388
16162
14389
#: serverguide/C/network-auth.xml:1089(para)
16163
#: serverguide/C/network-auth.xml:1421(para)
14390
16164
msgid "Add a user to a group:"
14391
16165
msgstr ""
14392
16166
14393
#: serverguide/C/network-auth.xml:1093(command)
16167
#: serverguide/C/network-auth.xml:1425(command)
14394
16168
msgid "sudo ldapaddusertogroup george qa"
14395
16169
msgstr ""
14396
16170
14397
#: serverguide/C/network-auth.xml:1095(para)
16171
#: serverguide/C/network-auth.xml:1427(para)
14398
16172
msgid ""
14399
16173
"You should now see a <emphasis>memberUid</emphasis> attribute for the "
14400
16174
"<emphasis role=\"italic\">qa</emphasis> group with a value of <emphasis "
14401
16175
"role=\"italic\">george</emphasis>."
14402
16176
msgstr ""
14403
16177
14404
#: serverguide/C/network-auth.xml:1101(para)
16178
#: serverguide/C/network-auth.xml:1433(para)
14405
16179
msgid "Remove a user from a group:"
14406
16180
msgstr ""
14407
16181
14408
#: serverguide/C/network-auth.xml:1105(command)
16182
#: serverguide/C/network-auth.xml:1437(command)
14409
16183
msgid "sudo ldapdeleteuserfromgroup george qa"
14410
16184
msgstr ""
14411
16185
14412
#: serverguide/C/network-auth.xml:1107(para)
16186
#: serverguide/C/network-auth.xml:1439(para)
14413
16187
msgid ""
14414
16188
"The <emphasis>memberUid</emphasis> attribute should now be removed from the "
14415
16189
"<emphasis role=\"italic\">qa</emphasis> group."
14416
16190
msgstr ""
14417
16191
14418
#: serverguide/C/network-auth.xml:1113(para)
16192
#: serverguide/C/network-auth.xml:1445(para)
14419
16193
msgid ""
14420
16194
"The <application>ldapmodifyuser</application> script allows you to add, "
14421
16195
"remove, or replace a user's attributes. The script uses the same syntax as "
14422
16196
"the <application>ldapmodify</application> utility. For example:"
14423
16197
msgstr ""
14424
16198
14425
#: serverguide/C/network-auth.xml:1118(command)
16199
#: serverguide/C/network-auth.xml:1450(command)
14426
16200
msgid "sudo ldapmodifyuser george"
14427
16201
msgstr ""
14428
16202
14429
#: serverguide/C/network-auth.xml:1119(computeroutput)
16203
#: serverguide/C/network-auth.xml:1451(computeroutput)
14430
16204
#, no-wrap
14431
16205
msgid ""
14432
16206
"# About to modify the following entry :\n"
14447
16221
"dn: uid=george,ou=People,dc=example,dc=com"
14448
16222
msgstr ""
14449
16223
14450
#: serverguide/C/network-auth.xml:1135(userinput)
16224
#: serverguide/C/network-auth.xml:1467(userinput)
14451
16225
#, no-wrap
14452
16226
msgid ""
14453
16227
"replace: gecos\n"
14454
16228
"gecos: George Carlin"
14455
16229
msgstr ""
14456
16230
14457
#: serverguide/C/network-auth.xml:1138(para)
16231
#: serverguide/C/network-auth.xml:1470(para)
14458
16232
msgid ""
14459
16233
"The user's <emphasis>gecos</emphasis> should now be <quote>George "
14460
16234
"Carlin</quote>."
14461
16235
msgstr ""
14462
16236
14463
#: serverguide/C/network-auth.xml:1143(para)
16237
#: serverguide/C/network-auth.xml:1475(para)
14464
16238
msgid ""
14465
16239
"Another great feature of <application>ldapscripts</application>, is the "
14466
16240
"template system. Templates allow you to customize the attributes of user, "
14469
16243
"<filename>/etc/ldapscripts/ldapscripts.conf</filename> changing:"
14470
16244
msgstr ""
14471
16245
14472
#: serverguide/C/network-auth.xml:1150(programlisting)
16246
#: serverguide/C/network-auth.xml:1482(programlisting)
14473
16247
#, no-wrap
14474
16248
msgid ""
14475
16249
"\n"
14476
16250
"UTEMPLATE=\"/etc/ldapscripts/ldapadduser.template\"\n"
14477
16251
msgstr ""
14478
16252
14479
#: serverguide/C/network-auth.xml:1154(para)
16253
#: serverguide/C/network-auth.xml:1486(para)
14480
16254
msgid ""
14481
16255
"There are <emphasis role=\"italic\">sample</emphasis> templates in the "
14482
16256
"<filename>/etc/ldapscripts</filename> directory. Copy or rename the "
14484
16258
"<filename>/etc/ldapscripts/ldapadduser.template</filename>:"
14485
16259
msgstr ""
14486
16260
14487
#: serverguide/C/network-auth.xml:1161(command)
16261
#: serverguide/C/network-auth.xml:1493(command)
14488
16262
msgid ""
14489
16263
"sudo cp /etc/ldapscripts/ldapadduser.template.sample "
14490
16264
"/etc/ldapscripts/ldapadduser.template"
14491
16265
msgstr ""
14492
16266
14493
#: serverguide/C/network-auth.xml:1164(para)
16267
#: serverguide/C/network-auth.xml:1496(para)
14494
16268
msgid ""
14495
16269
"Edit the new template to add the desired attributes. The following will "
14496
16270
"create new user's as with an <emphasis>objectClass</emphasis> of "
14497
16271
"<emphasis>inetOrgPerson</emphasis>:"
14498
16272
msgstr ""
14499
16273
14500
#: serverguide/C/network-auth.xml:1169(programlisting)
16274
#: serverguide/C/network-auth.xml:1501(programlisting)
14501
16275
#, no-wrap
14502
16276
msgid ""
14503
16277
"\n"
14516
16290
"title: Employee\n"
14517
16291
msgstr ""
14518
16292
14519
#: serverguide/C/network-auth.xml:1185(para)
16293
#: serverguide/C/network-auth.xml:1517(para)
14520
16294
msgid ""
14521
16295
"Notice the <emphasis><ask></emphasis> option used for the "
14522
16296
"<emphasis>cn</emphasis> value. Using <ask> will configure "
14524
16298
"during user creation."
14525
16299
msgstr ""
14526
16300
14527
#: serverguide/C/network-auth.xml:1193(para)
16301
#: serverguide/C/network-auth.xml:1525(para)
14528
16302
msgid ""
14529
16303
"There are more useful scripts in the package, to see a full list enter: "
14530
16304
"<command>dpkg -L ldapscripts | grep bin</command>"
14531
16305
msgstr ""
14532
16306
14533
#: serverguide/C/network-auth.xml:1202(para)
16307
#: serverguide/C/network-auth.xml:1534(para)
16308
msgid ""
16309
"The <ulink url=\"https://help.ubuntu.com/community/OpenLDAPServer\">OpenLDAP "
16310
"Ubuntu Wiki</ulink> page has more details."
16311
msgstr ""
16312
16313
#: serverguide/C/network-auth.xml:1539(para)
14534
16314
msgid ""
14535
16315
"For more information see <ulink url=\"http://www.openldap.org/\">OpenLDAP "
14536
16316
"Home Page</ulink>"
14537
16317
msgstr ""
14538
16318
14539
#: serverguide/C/network-auth.xml:1207(para)
16319
#: serverguide/C/network-auth.xml:1544(para)
14540
16320
msgid ""
14541
16321
"Though starting to show it's age, a great source for in depth LDAP "
14542
16322
"information is O'Reilly's <ulink "
14544
16324
"Administration</ulink>"
14545
16325
msgstr ""
14546
16326
14547
#: serverguide/C/network-auth.xml:1213(para)
16327
#: serverguide/C/network-auth.xml:1550(para)
14548
16328
msgid ""
14549
16329
"Packt's <ulink url=\"http://www.packtpub.com/OpenLDAP-Developers-Server-Open-"
14550
16330
"Source-Linux/book\">Mastering OpenLDAP</ulink> is a great reference covering "
14551
16331
"newer versions of OpenLDAP."
14552
16332
msgstr ""
14553
16333
14554
#: serverguide/C/network-auth.xml:1219(para)
16334
#: serverguide/C/network-auth.xml:1556(para)
14555
16335
msgid ""
14556
16336
"For more information on <application>auth-client-config</application> see "
14557
16337
"the man page: <command>man auth-client-config</command>."
14558
16338
msgstr ""
14559
16339
14560
#: serverguide/C/network-auth.xml:1224(para)
16340
#: serverguide/C/network-auth.xml:1561(para)
14561
16341
msgid ""
14562
16342
"For more details regarding the <application>ldapscripts</application> "
14563
16343
"package see the man pages: <command>man ldapscripts</command>, <command>man "
14564
16344
"ldapadduser</command>, <command>man ldapaddgroup</command>, etc."
14565
16345
msgstr ""
14566
16346
14567
#: serverguide/C/network-auth.xml:1234(title)
16347
#: serverguide/C/network-auth.xml:1571(title)
14568
16348
msgid "Samba and LDAP"
14569
16349
msgstr ""
14570
16350
14571
#: serverguide/C/network-auth.xml:1236(para)
16351
#: serverguide/C/network-auth.xml:1573(para)
14572
16352
msgid ""
14573
16353
"This section covers configuring Samba to use LDAP for user, group, and "
14574
16354
"machine account information and authentication. The assumption is, you "
14579
16359
"Samba see <xref linkend=\"windows-networking\"/>."
14580
16360
msgstr ""
14581
16361
14582
#: serverguide/C/network-auth.xml:1246(para)
16362
#: serverguide/C/network-auth.xml:1583(para)
14583
16363
msgid ""
14584
16364
"There are three packages needed when integrating Samba with LDAP. "
14585
16365
"<application>samba</application>, <application>samba-doc</application>, and "
14587
16367
"from a terminal enter:"
14588
16368
msgstr ""
14589
16369
14590
#: serverguide/C/network-auth.xml:1252(command)
16370
#: serverguide/C/network-auth.xml:1589(command)
14591
16371
msgid "sudo apt-get install samba samba-doc smbldap-tools"
14592
16372
msgstr ""
14593
16373
14594
#: serverguide/C/network-auth.xml:1255(para)
16374
#: serverguide/C/network-auth.xml:1592(para)
14595
16375
msgid ""
14596
16376
"Strictly speaking the <application>smbldap-tools</application> package isn't "
14597
16377
"needed, but unless you have another package or custom scripts, a method of "
14598
16378
"managing users, groups, and computer accounts is needed."
14599
16379
msgstr ""
14600
16380
14601
#: serverguide/C/network-auth.xml:1262(title)
16381
#: serverguide/C/network-auth.xml:1599(title)
14602
16382
msgid "OpenLDAP Configuration"
14603
16383
msgstr ""
14604
16384
14605
#: serverguide/C/network-auth.xml:1264(para)
16385
#: serverguide/C/network-auth.xml:1601(para)
14606
16386
msgid ""
14607
16387
"In order for Samba to use OpenLDAP as a <emphasis>passdb backend</emphasis>, "
14608
16388
"the user objects in the directory will need additional attributes. This "
14610
16390
"controller, and will add the necessary LDAP objects and attributes."
14611
16391
msgstr ""
14612
16392
14613
#: serverguide/C/network-auth.xml:1272(para)
16393
#: serverguide/C/network-auth.xml:1609(para)
14614
16394
msgid ""
14615
16395
"The Samba attributes are defined in the <filename>samba.schema</filename> "
14616
16396
"file which is part of the <application>samba-doc</application> package. The "
14618
16398
"<filename>/etc/ldap/schema</filename>. From a terminal prompt enter:"
14619
16399
msgstr ""
14620
16400
14621
#: serverguide/C/network-auth.xml:1279(command)
16401
#: serverguide/C/network-auth.xml:1616(command)
14622
16402
msgid ""
14623
16403
"sudo cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz "
14624
16404
"/etc/ldap/schema/"
14625
16405
msgstr ""
14626
16406
14627
#: serverguide/C/network-auth.xml:1280(command)
16407
#: serverguide/C/network-auth.xml:1617(command)
14628
16408
msgid "sudo gzip -d /etc/ldap/schema/samba.schema.gz"
14629
16409
msgstr ""
14630
16410
14631
#: serverguide/C/network-auth.xml:1286(para)
16411
#: serverguide/C/network-auth.xml:1623(para)
14632
16412
msgid ""
14633
16413
"The <emphasis>samba</emphasis> schema needs to be added to the "
14634
16414
"<emphasis>cn=config</emphasis> tree. The procedure to add a new schema to "
14636
16416
"linkend=\"openldap-configuration\"/>."
14637
16417
msgstr ""
14638
16418
14639
#: serverguide/C/network-auth.xml:1294(para) serverguide/C/network-auth.xml:2318(para)
16419
#: serverguide/C/network-auth.xml:1631(para) serverguide/C/network-auth.xml:2666(para)
14640
16420
msgid ""
14641
16421
"First, create a configuration file named "
14642
16422
"<filename>schema_convert.conf</filename>, or a similar descriptive name, "
14643
16423
"containing the following lines:"
14644
16424
msgstr ""
14645
16425
14646
#: serverguide/C/network-auth.xml:1299(programlisting)
16426
#: serverguide/C/network-auth.xml:1636(programlisting)
14647
16427
#, no-wrap
14648
16428
msgid ""
14649
16429
"\n"
14662
16442
"include /etc/ldap/schema/samba.schema\n"
14663
16443
msgstr ""
14664
16444
14665
#: serverguide/C/network-auth.xml:1329(para) serverguide/C/network-auth.xml:2353(para)
16445
#: serverguide/C/network-auth.xml:1666(para) serverguide/C/network-auth.xml:2701(para)
14666
16446
msgid ""
14667
16447
"Now use <application>slapcat</application> to convert the schema files:"
14668
16448
msgstr ""
14669
16449
14670
#: serverguide/C/network-auth.xml:1334(command)
16450
#: serverguide/C/network-auth.xml:1671(command)
14671
16451
msgid ""
14672
16452
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
14673
16453
"\"cn={12}samba,cn=schema,cn=config\" > /tmp/cn=samba.ldif"
14674
16454
msgstr ""
14675
16455
14676
#: serverguide/C/network-auth.xml:1337(para) serverguide/C/network-auth.xml:2361(para)
16456
#: serverguide/C/network-auth.xml:1674(para) serverguide/C/network-auth.xml:2709(para)
14677
16457
msgid ""
14678
16458
"Change the above file and path names to match your own if they are different."
14679
16459
msgstr ""
14680
16460
14681
#: serverguide/C/network-auth.xml:1344(para)
16461
#: serverguide/C/network-auth.xml:1681(para)
14682
16462
msgid ""
14683
16463
"Edit the generated <filename>/tmp/cn\\=samba.ldif</filename> file, changing "
14684
16464
"the following attributes:"
14685
16465
msgstr ""
14686
16466
14687
#: serverguide/C/network-auth.xml:1348(programlisting)
16467
#: serverguide/C/network-auth.xml:1685(programlisting)
14688
16468
#, no-wrap
14689
16469
msgid ""
14690
16470
"\n"
14693
16473
"cn: samba\n"
14694
16474
msgstr ""
14695
16475
14696
#: serverguide/C/network-auth.xml:1358(programlisting)
16476
#: serverguide/C/network-auth.xml:1695(programlisting)
14697
16477
#, no-wrap
14698
16478
msgid ""
14699
16479
"\n"
14706
16486
"modifyTimestamp: 20080827045234Z\n"
14707
16487
msgstr ""
14708
16488
14709
#: serverguide/C/network-auth.xml:1383(command)
16489
#: serverguide/C/network-auth.xml:1720(command)
14710
16490
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=samba.ldif"
14711
16491
msgstr ""
14712
16492
14713
#: serverguide/C/network-auth.xml:1389(para)
16493
#: serverguide/C/network-auth.xml:1726(para)
14714
16494
msgid ""
14715
16495
"There should now be a <emphasis>dn: "
14716
16496
"cn={X}misc,cn=schema,cn=config</emphasis>, where \"X\" is the next "
14717
16497
"sequential schema, entry in the cn=config tree."
14718
16498
msgstr ""
14719
16499
14720
#: serverguide/C/network-auth.xml:1397(para)
16500
#: serverguide/C/network-auth.xml:1734(para)
14721
16501
msgid ""
14722
16502
"Copy and paste the following into a file named "
14723
16503
"<filename>samba_indexes.ldif</filename>:"
14724
16504
msgstr ""
14725
16505
14726
#: serverguide/C/network-auth.xml:1401(programlisting)
16506
#: serverguide/C/network-auth.xml:1738(programlisting)
14727
16507
#, no-wrap
14728
16508
msgid ""
14729
16509
"\n"
14744
16524
"olcDbIndex: default sub\n"
14745
16525
msgstr ""
14746
16526
14747
#: serverguide/C/network-auth.xml:1419(para)
16527
#: serverguide/C/network-auth.xml:1756(para)
14748
16528
msgid ""
14749
16529
"Using the <application>ldapmodify</application> utility load the new indexes:"
14750
16530
msgstr ""
14751
16531
14752
#: serverguide/C/network-auth.xml:1424(command)
16532
#: serverguide/C/network-auth.xml:1761(command)
14753
16533
msgid "ldapmodify -x -D cn=admin,cn=config -W -f samba_indexes.ldif"
14754
16534
msgstr ""
14755
16535
14756
#: serverguide/C/network-auth.xml:1426(para)
16536
#: serverguide/C/network-auth.xml:1763(para)
14757
16537
msgid ""
14758
16538
"If all went well you should see the new indexes using "
14759
16539
"<application>ldapsearch</application>:"
14760
16540
msgstr ""
14761
16541
14762
#: serverguide/C/network-auth.xml:1431(command)
16542
#: serverguide/C/network-auth.xml:1768(command)
14763
16543
msgid ""
14764
16544
"ldapsearch -xLLL -D cn=admin,cn=config -x -b cn=config -W olcDatabase={1}hdb"
14765
16545
msgstr ""
14766
16546
14767
#: serverguide/C/network-auth.xml:1437(para)
16547
#: serverguide/C/network-auth.xml:1774(para)
14768
16548
msgid ""
14769
16549
"Next, configure the <application>smbldap-tools</application> package to "
14770
16550
"match your environment. The package comes with a configuration script that "
14771
16551
"will ask questions about the needed options. To run the script enter:"
14772
16552
msgstr ""
14773
16553
14774
#: serverguide/C/network-auth.xml:1443(command)
16554
#: serverguide/C/network-auth.xml:1780(command)
14775
16555
msgid "sudo gzip -d /usr/share/doc/smbldap-tools/configure.pl.gz"
14776
16556
msgstr ""
14777
16557
14778
#: serverguide/C/network-auth.xml:1444(command)
16558
#: serverguide/C/network-auth.xml:1781(command)
14779
16559
msgid "sudo perl /usr/share/doc/smbldap-tools/configure.pl"
14780
16560
msgstr ""
14781
16561
14782
#: serverguide/C/network-auth.xml:1447(para)
16562
#: serverguide/C/network-auth.xml:1784(para)
14783
16563
msgid ""
14784
16564
"Once you have answered the questions, there should be <filename>/etc/smbldap-"
14785
16565
"tools/smbldap.conf</filename> and <filename>/etc/smbldap-"
14788
16568
"may be simpler to edit the file appropriately."
14789
16569
msgstr ""
14790
16570
14791
#: serverguide/C/network-auth.xml:1457(para)
16571
#: serverguide/C/network-auth.xml:1794(para)
14792
16572
msgid ""
14793
16573
"The <application>smbldap-populate</application> script will add the "
14794
16574
"necessary users, groups, and LDAP objects required for Samba. It is a good "
14796
16576
"<application>slapcat</application> before executing the command:"
14797
16577
msgstr ""
14798
16578
14799
#: serverguide/C/network-auth.xml:1464(command)
16579
#: serverguide/C/network-auth.xml:1801(command)
14800
16580
msgid "sudo slapcat -l backup.ldif"
14801
16581
msgstr ""
14802
16582
14803
#: serverguide/C/network-auth.xml:1470(para)
16583
#: serverguide/C/network-auth.xml:1807(para)
14804
16584
msgid ""
14805
16585
"Once you have a current backup execute <application>smbldap-"
14806
16586
"populate</application> by entering:"
14807
16587
msgstr ""
14808
16588
14809
#: serverguide/C/network-auth.xml:1475(command)
16589
#: serverguide/C/network-auth.xml:1812(command)
14810
16590
msgid "sudo smbldap-populate"
14811
16591
msgstr ""
14812
16592
14813
#: serverguide/C/network-auth.xml:1479(para)
16593
#: serverguide/C/network-auth.xml:1816(para)
14814
16594
msgid ""
14815
16595
"You can create an LDIF file containing the new Samba objects by executing "
14816
16596
"<command>sudo smbldap-populate -e samba.ldif</command>. This allows you to "
14817
16597
"look over the changes making sure everything is correct."
14818
16598
msgstr ""
14819
16599
14820
#: serverguide/C/network-auth.xml:1487(para)
16600
#: serverguide/C/network-auth.xml:1824(para)
14821
16601
msgid ""
14822
16602
"Your LDAP directory now has the necessary domain information to authenticate "
14823
16603
"Samba users."
14824
16604
msgstr ""
14825
16605
14826
#: serverguide/C/network-auth.xml:1493(title)
16606
#: serverguide/C/network-auth.xml:1830(title)
14827
16607
msgid "Samba Configuration"
14828
16608
msgstr ""
14829
16609
14830
#: serverguide/C/network-auth.xml:1495(para)
16610
#: serverguide/C/network-auth.xml:1832(para)
14831
16611
msgid ""
14832
16612
"There a multiple ways to configure Samba for details on some common "
14833
16613
"configurations see <xref linkend=\"windows-networking\"/>. To configure "
14836
16616
"backend</emphasis> option and adding the following:"
14837
16617
msgstr ""
14838
16618
14839
#: serverguide/C/network-auth.xml:1501(programlisting)
16619
#: serverguide/C/network-auth.xml:1838(programlisting)
14840
16620
#, no-wrap
14841
16621
msgid ""
14842
16622
"\n"
14856
16636
" add machine script = sudo /usr/sbin/smbldap-useradd -t 0 -w \"%u\"\n"
14857
16637
msgstr ""
14858
16638
14859
#: serverguide/C/network-auth.xml:1518(para)
16639
#: serverguide/C/network-auth.xml:1855(para)
14860
16640
msgid "Restart <application>samba</application> to enable the new settings:"
14861
16641
msgstr ""
14862
16642
14863
#: serverguide/C/network-auth.xml:1526(para)
16643
#: serverguide/C/network-auth.xml:1863(para)
14864
16644
msgid ""
14865
16645
"Now Samba needs to know the LDAP admin password. From a terminal prompt "
14866
16646
"enter:"
14867
16647
msgstr ""
14868
16648
14869
#: serverguide/C/network-auth.xml:1531(command)
16649
#: serverguide/C/network-auth.xml:1868(command)
14870
16650
msgid "sudo smbpasswd -w secret"
14871
16651
msgstr ""
14872
16652
14873
#: serverguide/C/network-auth.xml:1535(para)
16653
#: serverguide/C/network-auth.xml:1872(para)
14874
16654
msgid ""
14875
16655
"Replacing <emphasis role=\"italic\">secret</emphasis> with your LDAP admin "
14876
16656
"password."
14877
16657
msgstr ""
14878
16658
14879
#: serverguide/C/network-auth.xml:1540(para)
16659
#: serverguide/C/network-auth.xml:1877(para)
14880
16660
msgid ""
14881
16661
"If you currently have users in LDAP, and you want them to authenticate using "
14882
16662
"Samba, they will need some Samba attributes defined in the "
14885
16665
"<emphasis role=\"italic\">username</emphasis> with an actual user:"
14886
16666
msgstr ""
14887
16667
14888
#: serverguide/C/network-auth.xml:1548(command)
16668
#: serverguide/C/network-auth.xml:1885(command)
14889
16669
msgid "sudo smbpasswd -a username"
14890
16670
msgstr ""
14891
16671
14892
#: serverguide/C/network-auth.xml:1551(para)
16672
#: serverguide/C/network-auth.xml:1888(para)
14893
16673
msgid "You will then be asked to enter the user's password."
14894
16674
msgstr ""
14895
16675
14896
#: serverguide/C/network-auth.xml:1555(para)
16676
#: serverguide/C/network-auth.xml:1892(para)
14897
16677
msgid ""
14898
16678
"To add new user, group, and machine accounts use the utilities from the "
14899
16679
"<application>smbldap-tools</application> package. Here are some examples:"
14900
16680
msgstr ""
14901
16681
14902
#: serverguide/C/network-auth.xml:1562(para)
16682
#: serverguide/C/network-auth.xml:1899(para)
14903
16683
msgid ""
14904
16684
"To add a new user to LDAP with Samba attributes enter the following, "
14905
16685
"replacing username with an actual username:"
14906
16686
msgstr ""
14907
16687
14908
#: serverguide/C/network-auth.xml:1566(command)
16688
#: serverguide/C/network-auth.xml:1903(command)
14909
16689
msgid "sudo smbldap-useradd -a -P username"
14910
16690
msgstr ""
14911
16691
14912
#: serverguide/C/network-auth.xml:1568(para)
16692
#: serverguide/C/network-auth.xml:1905(para)
14913
16693
msgid ""
14914
16694
"The <emphasis>-a</emphasis> option adds the Samba attributes, and the "
14915
16695
"<emphasis>-P</emphasis> options calls the <application>smbldap-"
14917
16697
"a password for the user."
14918
16698
msgstr ""
14919
16699
14920
#: serverguide/C/network-auth.xml:1574(para)
16700
#: serverguide/C/network-auth.xml:1911(para)
14921
16701
msgid "To remove a user from the directory enter:"
14922
16702
msgstr ""
14923
16703
14924
#: serverguide/C/network-auth.xml:1578(command)
16704
#: serverguide/C/network-auth.xml:1915(command)
14925
16705
msgid "sudo smbldap-userdel username"
14926
16706
msgstr ""
14927
16707
14928
#: serverguide/C/network-auth.xml:1580(para)
16708
#: serverguide/C/network-auth.xml:1917(para)
14929
16709
msgid ""
14930
16710
"The <application>smbldap-userdel</application> utility also has a <emphasis>-"
14931
16711
"r</emphasis> option to remove the user's home directory."
14932
16712
msgstr ""
14933
16713
14934
#: serverguide/C/network-auth.xml:1585(para)
16714
#: serverguide/C/network-auth.xml:1922(para)
14935
16715
msgid ""
14936
16716
"Use <application>smbldap-groupadd</application> to add a group, replacing "
14937
16717
"groupname with an appropriate group:"
14938
16718
msgstr ""
14939
16719
14940
#: serverguide/C/network-auth.xml:1589(command)
16720
#: serverguide/C/network-auth.xml:1926(command)
14941
16721
msgid "sudo smbldap-groupadd -a groupname"
14942
16722
msgstr ""
14943
16723
14944
#: serverguide/C/network-auth.xml:1591(para)
16724
#: serverguide/C/network-auth.xml:1928(para)
14945
16725
msgid ""
14946
16726
"Similar to <application>smbldap-useradd</application>, the <emphasis>-"
14947
16727
"a</emphasis> adds the Samba attributes."
14948
16728
msgstr ""
14949
16729
14950
#: serverguide/C/network-auth.xml:1596(para)
16730
#: serverguide/C/network-auth.xml:1933(para)
14951
16731
msgid ""
14952
16732
"To add a user to a group use <application>smbldap-groupmod</application>:"
14953
16733
msgstr ""
14954
16734
14955
#: serverguide/C/network-auth.xml:1600(command)
16735
#: serverguide/C/network-auth.xml:1937(command)
14956
16736
msgid "sudo smbldap-groupmod -m username groupname"
14957
16737
msgstr ""
14958
16738
14959
#: serverguide/C/network-auth.xml:1602(para)
16739
#: serverguide/C/network-auth.xml:1939(para)
14960
16740
msgid ""
14961
16741
"Be sure to replace <emphasis>username</emphasis> with a real user. Also, the "
14962
16742
"<emphasis>-m</emphasis> option can add more than one user at a time by "
14963
16743
"listing them in <emphasis>comma separated</emphasis> format."
14964
16744
msgstr ""
14965
16745
14966
#: serverguide/C/network-auth.xml:1608(para)
16746
#: serverguide/C/network-auth.xml:1945(para)
14967
16747
msgid ""
14968
16748
"<application>smbldap-groupmod</application> can also be used to remove a "
14969
16749
"user from a group:"
14970
16750
msgstr ""
14971
16751
14972
#: serverguide/C/network-auth.xml:1612(command)
16752
#: serverguide/C/network-auth.xml:1949(command)
14973
16753
msgid "sudo smbldap-groupmod -x username groupname"
14974
16754
msgstr ""
14975
16755
14976
#: serverguide/C/network-auth.xml:1616(para)
16756
#: serverguide/C/network-auth.xml:1953(para)
14977
16757
msgid ""
14978
16758
"Additionally, the <application>smbldap-useradd</application> utility can add "
14979
16759
"Samba machine accounts:"
14980
16760
msgstr ""
14981
16761
14982
#: serverguide/C/network-auth.xml:1620(command)
16762
#: serverguide/C/network-auth.xml:1957(command)
14983
16763
msgid "sudo smbldap-useradd -t 0 -w username"
14984
16764
msgstr ""
14985
16765
14986
#: serverguide/C/network-auth.xml:1622(para)
16766
#: serverguide/C/network-auth.xml:1959(para)
14987
16767
msgid ""
14988
16768
"Replace <emphasis>username</emphasis> with the name of the workstation. The "
14989
16769
"<emphasis>-t 0</emphasis> option creates the machine account without a "
14993
16773
"<application>smbldap-useradd</application>."
14994
16774
msgstr ""
14995
16775
14996
#: serverguide/C/network-auth.xml:1631(para)
16776
#: serverguide/C/network-auth.xml:1968(para)
14997
16777
msgid ""
14998
16778
"There are more useful utilities and options in the <application>smbldap-"
14999
16779
"tools</application> package. The man page for each utility provides more "
15000
16780
"details."
15001
16781
msgstr ""
15002
16782
15003
#: serverguide/C/network-auth.xml:1642(para)
16783
#: serverguide/C/network-auth.xml:1979(para)
15004
16784
msgid ""
15005
16785
"There are multiple places where LDAP and Samba is documented in the <ulink "
15006
16786
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/\">Samba HOWTO "
15007
16787
"Collection</ulink>."
15008
16788
msgstr ""
15009
16789
15010
#: serverguide/C/network-auth.xml:1648(para)
16790
#: serverguide/C/network-auth.xml:1985(para)
15011
16791
msgid ""
15012
16792
"Specifically see the <ulink url=\"http://samba.org/samba/docs/man/Samba-"
15013
16793
"HOWTO-Collection/passdb.html\">passdb section</ulink>."
15014
16794
msgstr ""
15015
16795
15016
#: serverguide/C/network-auth.xml:1654(para)
16796
#: serverguide/C/network-auth.xml:1991(para)
15017
16797
msgid ""
15018
16798
"Another good site is <ulink url=\"http://www.iallanis.info/smbldap-"
15019
16799
"tools/docs/samba-ldap-howto/\">Samba OpenLDAP HOWTO</ulink>."
15020
16800
msgstr ""
15021
16801
15022
#: serverguide/C/network-auth.xml:1660(para)
16802
#: serverguide/C/network-auth.xml:1997(para)
15023
16803
msgid ""
15024
16804
"Again, for more information on <application>smbldap-tools</application> see "
15025
16805
"the man pages: <command>man smbldap-useradd</command>, <command>man smbldap-"
15026
16806
"groupadd</command>, <command>man smbldap-populate</command>, etc."
15027
16807
msgstr ""
15028
16808
15029
#: serverguide/C/network-auth.xml:1670(title)
16809
#: serverguide/C/network-auth.xml:2004(para)
16810
msgid ""
16811
"Also, there is a list of <ulink "
16812
"url=\"https://help.ubuntu.com/community/Samba#samba-ldap\">Ubuntu "
16813
"wiki</ulink> articles with more information."
16814
msgstr ""
16815
16816
#: serverguide/C/network-auth.xml:2013(title)
15030
16817
msgid "Kerberos"
15031
16818
msgstr "Kerberos"
15032
16819
15033
#: serverguide/C/network-auth.xml:1672(para)
16820
#: serverguide/C/network-auth.xml:2015(para)
15034
16821
msgid ""
15035
16822
"<application>Kerberos</application> is a network authentication system based "
15036
16823
"on the principal of a trusted third party. The other two parties being the "
15039
16826
"network environment one step closer to being Single Sign On (SSO)."
15040
16827
msgstr ""
15041
16828
15042
#: serverguide/C/network-auth.xml:1678(para)
16829
#: serverguide/C/network-auth.xml:2021(para)
15043
16830
msgid ""
15044
16831
"This section covers installation and configuration of a Kerberos server, and "
15045
16832
"some example client configurations."
15046
16833
msgstr ""
15047
16834
15048
#: serverguide/C/network-auth.xml:1685(para)
16835
#: serverguide/C/network-auth.xml:2028(para)
15049
16836
msgid ""
15050
16837
"If you are new to Kerberos there are a few terms that are good to understand "
15051
16838
"before setting up a Kerberos server. Most of the terms will relate to things "
15052
16839
"you may be familiar with in other environments:"
15053
16840
msgstr ""
15054
16841
15055
#: serverguide/C/network-auth.xml:1692(para)
16842
#: serverguide/C/network-auth.xml:2035(para)
15056
16843
msgid ""
15057
16844
"<emphasis>Principal:</emphasis> any users, computers, and services provided "
15058
16845
"by servers need to be defined as Kerberos Principals."
15059
16846
msgstr ""
15060
16847
15061
#: serverguide/C/network-auth.xml:1697(para)
16848
#: serverguide/C/network-auth.xml:2040(para)
15062
16849
msgid ""
15063
16850
"<emphasis>Instances:</emphasis> are used for service principals and special "
15064
16851
"administrative principals."
15065
16852
msgstr ""
15066
16853
15067
#: serverguide/C/network-auth.xml:1702(para)
16854
#: serverguide/C/network-auth.xml:2045(para)
15068
16855
msgid ""
15069
16856
"<emphasis>Realms:</emphasis> the unique realm of control provided by the "
15070
16857
"Kerberos installation. Usually the DNS domain converted to uppercase "
15071
16858
"(EXAMPLE.COM)."
15072
16859
msgstr ""
15073
16860
15074
#: serverguide/C/network-auth.xml:1708(para)
16861
#: serverguide/C/network-auth.xml:2051(para)
15075
16862
msgid ""
15076
16863
"<emphasis>Key Distribution Center:</emphasis> (KDC) consist of three parts, "
15077
16864
"a database of all principals, the authentication server, and the ticket "
15078
16865
"granting server. For each realm there must be at least one KDC."
15079
16866
msgstr ""
15080
16867
15081
#: serverguide/C/network-auth.xml:1714(para)
16868
#: serverguide/C/network-auth.xml:2057(para)
15082
16869
msgid ""
15083
16870
"<emphasis>Ticket Granting Ticket:</emphasis> issued by the Authentication "
15084
16871
"Server (AS), the Ticket Granting Ticket (TGT) is encrypted in the user's "
15085
16872
"password which is known only to the user and the KDC."
15086
16873
msgstr ""
15087
16874
15088
#: serverguide/C/network-auth.xml:1720(para)
16875
#: serverguide/C/network-auth.xml:2063(para)
15089
16876
msgid ""
15090
16877
"<emphasis>Ticket Granting Server:</emphasis> (TGS) issues service tickets to "
15091
16878
"clients upon request."
15092
16879
msgstr ""
15093
16880
15094
#: serverguide/C/network-auth.xml:1725(para)
16881
#: serverguide/C/network-auth.xml:2068(para)
15095
16882
msgid ""
15096
16883
"<emphasis>Tickets:</emphasis> confirm the identity of the two principals. "
15097
16884
"One principal being a user and the other a service requested by the user. "
15099
16886
"authenticated session."
15100
16887
msgstr ""
15101
16888
15102
#: serverguide/C/network-auth.xml:1731(para)
16889
#: serverguide/C/network-auth.xml:2074(para)
15103
16890
msgid ""
15104
16891
"<emphasis>Keytab Files:</emphasis> are files extracted from the KDC "
15105
16892
"principal database and contain the encryption key for a service or host."
15106
16893
msgstr ""
15107
16894
15108
#: serverguide/C/network-auth.xml:1738(para)
16895
#: serverguide/C/network-auth.xml:2081(para)
15109
16896
msgid ""
15110
16897
"To put the pieces together, a Realm has at least one KDC, preferably two for "
15111
16898
"redundancy, which contains a database of Principals. When a user principal "
15117
16904
"and password."
15118
16905
msgstr ""
15119
16906
15120
#: serverguide/C/network-auth.xml:1747(title)
16907
#: serverguide/C/network-auth.xml:2090(title)
15121
16908
msgid "Kerberos Server"
15122
16909
msgstr ""
15123
16910
15124
#: serverguide/C/network-auth.xml:1751(para)
16911
#: serverguide/C/network-auth.xml:2094(para)
15125
16912
msgid ""
15126
16913
"Before installing the Kerberos server a properly configured DNS server is "
15127
16914
"needed for your domain. Since the Kerberos Realm by convention matches the "
15129
16916
"configured in <xref linkend=\"dns-primarymaster-configuration\"/>."
15130
16917
msgstr ""
15131
16918
15132
#: serverguide/C/network-auth.xml:1757(para)
16919
#: serverguide/C/network-auth.xml:2100(para)
15133
16920
msgid ""
15134
16921
"Also, Kerberos is a time sensitive protocol. So if the local system time "
15135
16922
"between a client machine and the server differs by more than five minutes "
15139
16926
"NTP see <xref linkend=\"NTP\"/>."
15140
16927
msgstr ""
15141
16928
15142
#: serverguide/C/network-auth.xml:1764(para)
16929
#: serverguide/C/network-auth.xml:2107(para)
15143
16930
msgid ""
15144
16931
"The first step in installing a Kerberos Realm is to install the "
15145
16932
"<application>krb5-kdc</application> and <application>krb5-admin-"
15146
16933
"server</application> packages. From a terminal enter:"
15147
16934
msgstr ""
15148
16935
15149
#: serverguide/C/network-auth.xml:1770(command) serverguide/C/network-auth.xml:1945(command)
16936
#: serverguide/C/network-auth.xml:2113(command) serverguide/C/network-auth.xml:2288(command)
15150
16937
msgid "sudo apt-get install krb5-kdc krb5-admin-server"
15151
16938
msgstr ""
15152
16939
15153
#: serverguide/C/network-auth.xml:1773(para)
16940
#: serverguide/C/network-auth.xml:2116(para)
15154
16941
msgid ""
15155
16942
"You will be asked at the end of the install to supply a name for the "
15156
16943
"Kerberos and Admin servers, which may or may not be the same server, for the "
15157
16944
"realm."
15158
16945
msgstr ""
15159
16946
15160
#: serverguide/C/network-auth.xml:1778(para)
16947
#: serverguide/C/network-auth.xml:2121(para)
15161
16948
msgid ""
15162
16949
"Next, create the new realm with the <application>kdb5_newrealm</application> "
15163
16950
"utility:"
15164
16951
msgstr ""
15165
16952
15166
#: serverguide/C/network-auth.xml:1783(command)
16953
#: serverguide/C/network-auth.xml:2126(command)
15167
16954
msgid "sudo krb5_newrealm"
15168
16955
msgstr ""
15169
16956
15170
#: serverguide/C/network-auth.xml:1790(para)
16957
#: serverguide/C/network-auth.xml:2133(para)
15171
16958
msgid ""
15172
16959
"The questions asked during installation are used to configure the "
15173
16960
"<filename>/etc/krb5.conf</filename> file. If you need to adjust the Key "
15175
16962
"<application>krb5-kdc</application> daemon."
15176
16963
msgstr ""
15177
16964
15178
#: serverguide/C/network-auth.xml:1798(para)
16965
#: serverguide/C/network-auth.xml:2141(para)
15179
16966
msgid ""
15180
16967
"Now that the KDC running an admin user is needed. It is recommended to use a "
15181
16968
"different username from your everyday username. Using the "
15182
16969
"<application>kadmin.local</application> utility in a terminal prompt enter:"
15183
16970
msgstr ""
15184
16971
15185
#: serverguide/C/network-auth.xml:1804(command) serverguide/C/network-auth.xml:2595(command)
16972
#: serverguide/C/network-auth.xml:2147(command) serverguide/C/network-auth.xml:2943(command)
15186
16973
msgid "sudo kadmin.local"
15187
16974
msgstr ""
15188
16975
15189
#: serverguide/C/network-auth.xml:1805(computeroutput)
16976
#: serverguide/C/network-auth.xml:2148(computeroutput)
15190
16977
#, no-wrap
15191
16978
msgid ""
15192
16979
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
15193
16980
"kadmin.local:"
15194
16981
msgstr ""
15195
16982
15196
#: serverguide/C/network-auth.xml:1806(userinput)
16983
#: serverguide/C/network-auth.xml:2149(userinput)
15197
16984
#, no-wrap
15198
16985
msgid " addprinc steve/admin"
15199
16986
msgstr ""
15200
16987
15201
#: serverguide/C/network-auth.xml:1807(computeroutput)
16988
#: serverguide/C/network-auth.xml:2150(computeroutput)
15202
16989
#, no-wrap
15203
16990
msgid ""
15204
16991
"WARNING: no policy specified for steve/admin@EXAMPLE.COM; defaulting to no "
15209
16996
"kadmin.local:"
15210
16997
msgstr ""
15211
16998
15212
#: serverguide/C/network-auth.xml:1811(userinput)
16999
#: serverguide/C/network-auth.xml:2154(userinput)
15213
17000
#, no-wrap
15214
17001
msgid " quit"
15215
17002
msgstr ""
15216
17003
15217
#: serverguide/C/network-auth.xml:1814(para)
17004
#: serverguide/C/network-auth.xml:2157(para)
15218
17005
msgid ""
15219
17006
"In the above example <emphasis role=\"italic\">steve</emphasis> is the "
15220
17007
"<emphasis>Principal</emphasis>, <emphasis role=\"italic\">/admin</emphasis> "
15225
17012
"rights."
15226
17013
msgstr ""
15227
17014
15228
#: serverguide/C/network-auth.xml:1822(para)
17015
#: serverguide/C/network-auth.xml:2165(para)
15229
17016
msgid ""
15230
17017
"Replace <emphasis>EXAMPLE.COM</emphasis> and <emphasis>steve</emphasis> with "
15231
17018
"your Realm and admin username."
15232
17019
msgstr ""
15233
17020
15234
#: serverguide/C/network-auth.xml:1830(para)
17021
#: serverguide/C/network-auth.xml:2173(para)
15235
17022
msgid ""
15236
17023
"Next, the new admin user needs to have the appropriate Access Control List "
15237
17024
"(ACL) permissions. The permissions are configured in the "
15238
17025
"<filename>/etc/krb5kdc/kadm5.acl</filename> file:"
15239
17026
msgstr ""
15240
17027
15241
#: serverguide/C/network-auth.xml:1835(programlisting)
17028
#: serverguide/C/network-auth.xml:2178(programlisting)
15242
17029
#, no-wrap
15243
17030
msgid ""
15244
17031
"\n"
15245
17032
"steve/admin@EXAMPLE.COM *\n"
15246
17033
msgstr ""
15247
17034
15248
#: serverguide/C/network-auth.xml:1839(para)
17035
#: serverguide/C/network-auth.xml:2182(para)
15249
17036
msgid ""
15250
17037
"This entry grants <emphasis>steve/admin</emphasis> the ability to perform "
15251
17038
"any operation on all principals in the realm."
15252
17039
msgstr ""
15253
17040
15254
#: serverguide/C/network-auth.xml:1846(para)
17041
#: serverguide/C/network-auth.xml:2189(para)
15255
17042
msgid ""
15256
17043
"Now restart the <application>krb5-admin-server</application> for the new ACL "
15257
17044
"to take affect:"
15258
17045
msgstr ""
15259
17046
15260
#: serverguide/C/network-auth.xml:1851(command)
17047
#: serverguide/C/network-auth.xml:2194(command)
15261
17048
msgid "sudo /etc/init.d/krb5-admin-server restart"
15262
17049
msgstr ""
15263
17050
15264
#: serverguide/C/network-auth.xml:1857(para)
17051
#: serverguide/C/network-auth.xml:2200(para)
15265
17052
msgid ""
15266
17053
"The new user principal can be tested using the <application>kinit "
15267
17054
"utility</application>:"
15268
17055
msgstr ""
15269
17056
15270
#: serverguide/C/network-auth.xml:1862(command)
17057
#: serverguide/C/network-auth.xml:2205(command)
15271
17058
msgid "kinit steve/admin"
15272
17059
msgstr ""
15273
17060
15274
#: serverguide/C/network-auth.xml:1863(computeroutput)
17061
#: serverguide/C/network-auth.xml:2206(computeroutput)
15275
17062
#, no-wrap
15276
17063
msgid "steve/admin@EXAMPLE.COM's Password:"
15277
17064
msgstr ""
15278
17065
15279
#: serverguide/C/network-auth.xml:1866(para)
17066
#: serverguide/C/network-auth.xml:2209(para)
15280
17067
msgid ""
15281
17068
"After entering the password, use the <application>klist</application> "
15282
17069
"utility to view information about the Ticket Granting Ticket (TGT):"
15283
17070
msgstr ""
15284
17071
15285
#: serverguide/C/network-auth.xml:1872(command) serverguide/C/network-auth.xml:2207(command)
17072
#: serverguide/C/network-auth.xml:2215(command) serverguide/C/network-auth.xml:2550(command)
15286
17073
msgid "klist"
15287
17074
msgstr ""
15288
17075
15289
#: serverguide/C/network-auth.xml:1873(computeroutput)
17076
#: serverguide/C/network-auth.xml:2216(computeroutput)
15290
17077
#, no-wrap
15291
17078
msgid ""
15292
17079
"Credentials cache: FILE:/tmp/krb5cc_1000\n"
15296
17083
"Jul 13 17:53:34 Jul 14 03:53:34 krbtgt/EXAMPLE.COM@EXAMPLE.COM"
15297
17084
msgstr ""
15298
17085
15299
#: serverguide/C/network-auth.xml:1880(para)
17086
#: serverguide/C/network-auth.xml:2223(para)
15300
17087
msgid ""
15301
17088
"You may need to add an entry into the <filename>/etc/hosts</filename> for "
15302
17089
"the KDC. For example:"
15303
17090
msgstr ""
15304
17091
15305
#: serverguide/C/network-auth.xml:1884(programlisting)
17092
#: serverguide/C/network-auth.xml:2227(programlisting)
15306
17093
#, no-wrap
15307
17094
msgid ""
15308
17095
"\n"
15309
17096
"192.168.0.1 kdc01.example.com kdc01\n"
15310
17097
msgstr ""
15311
17098
15312
#: serverguide/C/network-auth.xml:1888(para)
17099
#: serverguide/C/network-auth.xml:2231(para)
15313
17100
msgid ""
15314
17101
"Replacing <emphasis>192.168.0.1</emphasis> with the IP address of your KDC."
15315
17102
msgstr ""
15316
17103
15317
#: serverguide/C/network-auth.xml:1895(para)
17104
#: serverguide/C/network-auth.xml:2238(para)
15318
17105
msgid ""
15319
17106
"In order for clients to determine the KDC for the Realm some DNS SRV records "
15320
17107
"are needed. Add the following to "
15321
17108
"<filename>/etc/named/db.example.com</filename>:"
15322
17109
msgstr ""
15323
17110
15324
#: serverguide/C/network-auth.xml:1900(programlisting)
17111
#: serverguide/C/network-auth.xml:2243(programlisting)
15325
17112
#, no-wrap
15326
17113
msgid ""
15327
17114
"\n"
15333
17120
"_kpasswd._udp.EXAMPLE.COM. IN SRV 1 0 464 kdc01.example.com.\n"
15334
17121
msgstr ""
15335
17122
15336
#: serverguide/C/network-auth.xml:1910(para)
17123
#: serverguide/C/network-auth.xml:2253(para)
15337
17124
msgid ""
15338
17125
"Replace <emphasis>EXAMPLE.COM</emphasis>, <emphasis>kdc01</emphasis>, and "
15339
17126
"<emphasis>kdc02</emphasis> with your domain name, primary KDC, and secondary "
15340
17127
"KDC."
15341
17128
msgstr ""
15342
17129
15343
#: serverguide/C/network-auth.xml:1916(para)
17130
#: serverguide/C/network-auth.xml:2259(para)
15344
17131
msgid ""
15345
17132
"See <xref linkend=\"dns\"/> for detailed instructions on setting up DNS."
15346
17133
msgstr ""
15347
17134
15348
#: serverguide/C/network-auth.xml:1923(para)
17135
#: serverguide/C/network-auth.xml:2266(para)
15349
17136
msgid "Your new Kerberos Realm is now ready to authenticate clients."
15350
17137
msgstr ""
15351
17138
15352
#: serverguide/C/network-auth.xml:1930(title)
17139
#: serverguide/C/network-auth.xml:2273(title)
15353
17140
msgid "Secondary KDC"
15354
17141
msgstr ""
15355
17142
15356
#: serverguide/C/network-auth.xml:1932(para)
17143
#: serverguide/C/network-auth.xml:2275(para)
15357
17144
msgid ""
15358
17145
"Once you have one Key Distribution Center (KDC) on your network, it is good "
15359
17146
"practice to have a Secondary KDC in case the primary becomes unavailable."
15360
17147
msgstr ""
15361
17148
15362
#: serverguide/C/network-auth.xml:1940(para)
17149
#: serverguide/C/network-auth.xml:2283(para)
15363
17150
msgid ""
15364
17151
"First, install the packages, and when asked for the Kerberos and Admin "
15365
17152
"server names enter the name of the Primary KDC:"
15366
17153
msgstr ""
15367
17154
15368
#: serverguide/C/network-auth.xml:1951(para)
17155
#: serverguide/C/network-auth.xml:2294(para)
15369
17156
msgid ""
15370
17157
"Once you have the packages installed, create the Secondary KDC's host "
15371
17158
"principal. From a terminal prompt, enter:"
15372
17159
msgstr ""
15373
17160
15374
#: serverguide/C/network-auth.xml:1956(command)
17161
#: serverguide/C/network-auth.xml:2299(command)
15375
17162
msgid "kadmin -q \"addprinc -randkey host/kdc02.example.com\""
15376
17163
msgstr ""
15377
17164
15378
#: serverguide/C/network-auth.xml:1960(para)
17165
#: serverguide/C/network-auth.xml:2303(para)
15379
17166
msgid ""
15380
17167
"After, issuing any <application>kadmin</application> commands you will be "
15381
17168
"prompted for your <emphasis>username/admin@EXAMPLE.COM</emphasis> principal "
15382
17169
"password."
15383
17170
msgstr ""
15384
17171
15385
#: serverguide/C/network-auth.xml:1969(para)
17172
#: serverguide/C/network-auth.xml:2312(para)
15386
17173
msgid "Extract the <emphasis>keytab</emphasis> file:"
15387
17174
msgstr ""
15388
17175
15389
#: serverguide/C/network-auth.xml:1974(command)
17176
#: serverguide/C/network-auth.xml:2317(command)
15390
17177
msgid "kadmin -q \"ktadd -k keytab.kdc02 host/kdc02.example.com\""
15391
17178
msgstr ""
15392
17179
15393
#: serverguide/C/network-auth.xml:1980(para)
17180
#: serverguide/C/network-auth.xml:2323(para)
15394
17181
msgid ""
15395
17182
"There should now be a <filename>keytab.kdc02</filename> in the current "
15396
17183
"directory, move the file to <filename>/etc/krb5.keytab</filename>:"
15397
17184
msgstr ""
15398
17185
15399
#: serverguide/C/network-auth.xml:1986(command)
17186
#: serverguide/C/network-auth.xml:2329(command)
15400
17187
msgid "sudo mv keytab.kdc02 /etc/krb5.keytab"
15401
17188
msgstr ""
15402
17189
15403
#: serverguide/C/network-auth.xml:1990(para)
17190
#: serverguide/C/network-auth.xml:2333(para)
15404
17191
msgid ""
15405
17192
"If the path to the <filename>keytab.kdc02</filename> file is different "
15406
17193
"adjust accordingly."
15407
17194
msgstr ""
15408
17195
15409
#: serverguide/C/network-auth.xml:1995(para)
17196
#: serverguide/C/network-auth.xml:2338(para)
15410
17197
msgid ""
15411
17198
"Also, you can list the principals in a Keytab file, which can be useful when "
15412
17199
"troubleshooting, using the <application>klist</application> utility:"
15413
17200
msgstr ""
15414
17201
15415
#: serverguide/C/network-auth.xml:2001(command)
17202
#: serverguide/C/network-auth.xml:2344(command)
15416
17203
msgid "sudo klist -k /etc/krb5.keytab"
15417
17204
msgstr ""
15418
17205
15419
#: serverguide/C/network-auth.xml:2007(para)
17206
#: serverguide/C/network-auth.xml:2350(para)
15420
17207
msgid ""
15421
17208
"Next, there needs to be a <filename>kpropd.acl</filename> file on each KDC "
15422
17209
"that lists all KDCs for the Realm. For example, on both primary and "
15423
17210
"secondary KDC, create <filename>/etc/krb5kdc/kpropd.acl</filename>:"
15424
17211
msgstr ""
15425
17212
15426
#: serverguide/C/network-auth.xml:2012(programlisting)
17213
#: serverguide/C/network-auth.xml:2355(programlisting)
15427
17214
#, no-wrap
15428
17215
msgid ""
15429
17216
"\n"
15431
17218
"host/kdc02.example.com@EXAMPLE.COM\n"
15432
17219
msgstr ""
15433
17220
15434
#: serverguide/C/network-auth.xml:2020(para)
17221
#: serverguide/C/network-auth.xml:2363(para)
15435
17222
msgid "Create an empty database on the <emphasis>Secondary KDC</emphasis>:"
15436
17223
msgstr ""
15437
17224
15438
#: serverguide/C/network-auth.xml:2025(command)
17225
#: serverguide/C/network-auth.xml:2368(command)
15439
17226
msgid "sudo kdb5_util -s create"
15440
17227
msgstr ""
15441
17228
15442
#: serverguide/C/network-auth.xml:2031(para)
17229
#: serverguide/C/network-auth.xml:2374(para)
15443
17230
msgid ""
15444
17231
"Now start the <application>kpropd</application> daemon, which listens for "
15445
17232
"connections from the <application>kprop</application> utility. "
15446
17233
"<application>kprop</application> is used to transfer dump files:"
15447
17234
msgstr ""
15448
17235
15449
#: serverguide/C/network-auth.xml:2038(command)
17236
#: serverguide/C/network-auth.xml:2381(command)
15450
17237
msgid "sudo kpropd -S"
15451
17238
msgstr ""
15452
17239
15453
#: serverguide/C/network-auth.xml:2044(para)
17240
#: serverguide/C/network-auth.xml:2387(para)
15454
17241
msgid ""
15455
17242
"From a terminal on the <emphasis>Primary KDC</emphasis>, create a dump file "
15456
17243
"of the principal database:"
15457
17244
msgstr ""
15458
17245
15459
#: serverguide/C/network-auth.xml:2049(command)
17246
#: serverguide/C/network-auth.xml:2392(command)
15460
17247
msgid "sudo kdb5_util dump /var/lib/krb5kdc/dump"
15461
17248
msgstr ""
15462
17249
15463
#: serverguide/C/network-auth.xml:2055(para)
17250
#: serverguide/C/network-auth.xml:2398(para)
15464
17251
msgid ""
15465
17252
"Extract the Primary KDC's <emphasis>keytab</emphasis> file and copy it to "
15466
17253
"<filename>/etc/krb5.keytab</filename>:"
15467
17254
msgstr ""
15468
17255
15469
#: serverguide/C/network-auth.xml:2060(command)
17256
#: serverguide/C/network-auth.xml:2403(command)
15470
17257
msgid "kadmin -q \"ktadd -k keytab.kdc01 host/kdc01.example.com\""
15471
17258
msgstr ""
15472
17259
15473
#: serverguide/C/network-auth.xml:2061(command)
17260
#: serverguide/C/network-auth.xml:2404(command)
15474
17261
msgid "sudo mv keytab.kdc01 /etc/kr5b.keytab"
15475
17262
msgstr ""
15476
17263
15477
#: serverguide/C/network-auth.xml:2065(para)
17264
#: serverguide/C/network-auth.xml:2408(para)
15478
17265
msgid ""
15479
17266
"Make sure there is a <emphasis>host</emphasis> for "
15480
17267
"<emphasis>kdc01.example.com</emphasis> before extracting the Keytab."
15481
17268
msgstr ""
15482
17269
15483
#: serverguide/C/network-auth.xml:2073(para)
17270
#: serverguide/C/network-auth.xml:2416(para)
15484
17271
msgid ""
15485
17272
"Using the <application>kprop</application> utility push the database to the "
15486
17273
"Secondary KDC:"
15487
17274
msgstr ""
15488
17275
15489
#: serverguide/C/network-auth.xml:2078(command)
17276
#: serverguide/C/network-auth.xml:2421(command)
15490
17277
msgid "sudo kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com"
15491
17278
msgstr ""
15492
17279
15493
#: serverguide/C/network-auth.xml:2082(para)
17280
#: serverguide/C/network-auth.xml:2425(para)
15494
17281
msgid ""
15495
17282
"There should be a <emphasis>SUCCEEDED</emphasis> message if the propagation "
15496
17283
"worked. If there is an error message check "
15498
17285
"information."
15499
17286
msgstr ""
15500
17287
15501
#: serverguide/C/network-auth.xml:2088(para)
17288
#: serverguide/C/network-auth.xml:2431(para)
15502
17289
msgid ""
15503
17290
"You may also want to create a <application>cron</application> job to "
15504
17291
"periodically update the database on the Secondary KDC. For example, the "
15505
17292
"following will push the database every hour:"
15506
17293
msgstr ""
15507
17294
15508
#: serverguide/C/network-auth.xml:2093(programlisting)
17295
#: serverguide/C/network-auth.xml:2436(programlisting)
15509
17296
#, no-wrap
15510
17297
msgid ""
15511
17298
"\n"
15514
17301
"/usr/sbin/kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com\n"
15515
17302
msgstr ""
15516
17303
15517
#: serverguide/C/network-auth.xml:2101(para)
17304
#: serverguide/C/network-auth.xml:2444(para)
15518
17305
msgid ""
15519
17306
"Back on the <emphasis>Secondary KDC</emphasis>, create a "
15520
17307
"<emphasis>stash</emphasis> file to hold the Kerberos master key:"
15521
17308
msgstr ""
15522
17309
15523
#: serverguide/C/network-auth.xml:2107(command)
17310
#: serverguide/C/network-auth.xml:2450(command)
15524
17311
msgid "sudo kdb5_util stash"
15525
17312
msgstr ""
15526
17313
15527
#: serverguide/C/network-auth.xml:2113(para)
17314
#: serverguide/C/network-auth.xml:2456(para)
15528
17315
msgid ""
15529
17316
"Finally, start the <application>krb5-kdc</application> daemon on the "
15530
17317
"Secondary KDC:"
15531
17318
msgstr ""
15532
17319
15533
#: serverguide/C/network-auth.xml:2118(command) serverguide/C/network-auth.xml:2725(command)
17320
#: serverguide/C/network-auth.xml:2461(command) serverguide/C/network-auth.xml:3073(command)
15534
17321
msgid "sudo /etc/init.d/krb5-kdc start"
15535
17322
msgstr ""
15536
17323
15537
#: serverguide/C/network-auth.xml:2124(para)
17324
#: serverguide/C/network-auth.xml:2467(para)
15538
17325
msgid ""
15539
17326
"The <emphasis>Secondary KDC</emphasis> should now be able to issue tickets "
15540
17327
"for the Realm. You can test this by stopping the <application>krb5-"
15543
17330
"should receive a ticket from the Secondary KDC."
15544
17331
msgstr ""
15545
17332
15546
#: serverguide/C/network-auth.xml:2132(title)
17333
#: serverguide/C/network-auth.xml:2475(title)
15547
17334
msgid "Kerberos Linux Client"
15548
17335
msgstr ""
15549
17336
15550
#: serverguide/C/network-auth.xml:2134(para)
17337
#: serverguide/C/network-auth.xml:2477(para)
15551
17338
msgid ""
15552
17339
"This section covers configuring a Linux system as a "
15553
17340
"<application>Kerberos</application> client. This will allow access to any "
15554
17341
"kerberized services once a user has successfully logged into the system."
15555
17342
msgstr ""
15556
17343
15557
#: serverguide/C/network-auth.xml:2142(para)
17344
#: serverguide/C/network-auth.xml:2485(para)
15558
17345
msgid ""
15559
17346
"In order to authenticate to a Kerberos Realm, the <application>krb5-"
15560
17347
"user</application> and <application>libpam-krb5</application> packages are "
15563
17350
"prompt:"
15564
17351
msgstr ""
15565
17352
15566
#: serverguide/C/network-auth.xml:2149(command)
17353
#: serverguide/C/network-auth.xml:2492(command)
15567
17354
msgid ""
15568
17355
"sudo apt-get install krb5-user libpam-krb5 libpam-ccreds auth-client-config"
15569
17356
msgstr ""
15570
17357
15571
#: serverguide/C/network-auth.xml:2152(para)
17358
#: serverguide/C/network-auth.xml:2495(para)
15572
17359
msgid ""
15573
17360
"The <application>auth-client-config</application> package allows simple "
15574
17361
"configuration of PAM for authentication from multiple sources, and the "
15579
17366
"be accessed off the network as well."
15580
17367
msgstr ""
15581
17368
15582
#: serverguide/C/network-auth.xml:2163(para)
17369
#: serverguide/C/network-auth.xml:2506(para)
15583
17370
msgid "To configure the client in a terminal enter:"
15584
17371
msgstr ""
15585
17372
15586
#: serverguide/C/network-auth.xml:2168(command)
17373
#: serverguide/C/network-auth.xml:2511(command)
15587
17374
msgid "sudo dpkg-reconfigure krb5-config"
15588
17375
msgstr ""
15589
17376
15590
#: serverguide/C/network-auth.xml:2171(para)
17377
#: serverguide/C/network-auth.xml:2514(para)
15591
17378
msgid ""
15592
17379
"You will then be prompted to enter the name of the Kerberos Realm. Also, if "
15593
17380
"you don't have DNS configured with Kerberos <emphasis>SRV</emphasis> "
15595
17382
"Center (KDC) and Realm Administration server."
15596
17383
msgstr ""
15597
17384
15598
#: serverguide/C/network-auth.xml:2177(para)
17385
#: serverguide/C/network-auth.xml:2520(para)
15599
17386
msgid ""
15600
17387
"The <application>dpkg-reconfigure</application> adds entries to the "
15601
17388
"<filename>/etc/krb5.conf</filename> file for your Realm. You should have "
15602
17389
"entries similar to the following:"
15603
17390
msgstr ""
15604
17391
15605
#: serverguide/C/network-auth.xml:2182(programlisting)
17392
#: serverguide/C/network-auth.xml:2525(programlisting)
15606
17393
#, no-wrap
15607
17394
msgid ""
15608
17395
"\n"
15616
17403
" }\n"
15617
17404
msgstr ""
15618
17405
15619
#: serverguide/C/network-auth.xml:2193(para)
17406
#: serverguide/C/network-auth.xml:2536(para)
15620
17407
msgid ""
15621
17408
"You can test the configuration by requesting a ticket using the "
15622
17409
"<application>kinit</application> utility. For example:"
15623
17410
msgstr ""
15624
17411
15625
#: serverguide/C/network-auth.xml:2198(command)
17412
#: serverguide/C/network-auth.xml:2541(command)
15626
17413
msgid "kinit steve@EXAMPLE.COM"
15627
17414
msgstr ""
15628
17415
15629
#: serverguide/C/network-auth.xml:2199(computeroutput)
17416
#: serverguide/C/network-auth.xml:2542(computeroutput)
15630
17417
#, no-wrap
15631
17418
msgid "Password for steve@EXAMPLE.COM:"
15632
17419
msgstr ""
15633
17420
15634
#: serverguide/C/network-auth.xml:2202(para)
17421
#: serverguide/C/network-auth.xml:2545(para)
15635
17422
msgid ""
15636
17423
"When a ticket has been granted, the details can be viewed using "
15637
17424
"<application>klist</application>:"
15638
17425
msgstr ""
15639
17426
15640
#: serverguide/C/network-auth.xml:2208(computeroutput)
17427
#: serverguide/C/network-auth.xml:2551(computeroutput)
15641
17428
#, no-wrap
15642
17429
msgid ""
15643
17430
"Ticket cache: FILE:/tmp/krb5cc_1000\n"
15652
17439
"klist: You have no tickets cached"
15653
17440
msgstr ""
15654
17441
15655
#: serverguide/C/network-auth.xml:2220(para)
17442
#: serverguide/C/network-auth.xml:2563(para)
15656
17443
msgid ""
15657
17444
"Next, use the <application>auth-client-config</application> to configure the "
15658
17445
"<application>libpam-krb5</application> module to request a ticket during "
15659
17446
"login:"
15660
17447
msgstr ""
15661
17448
15662
#: serverguide/C/network-auth.xml:2226(command)
17449
#: serverguide/C/network-auth.xml:2569(command)
15663
17450
msgid "sudo auth-client-config -a -p kerberos_example"
15664
17451
msgstr ""
15665
17452
15666
#: serverguide/C/network-auth.xml:2229(para)
17453
#: serverguide/C/network-auth.xml:2572(para)
15667
17454
msgid ""
15668
17455
"You will should now receive a ticket upon successful login authentication."
15669
17456
msgstr ""
15670
17457
15671
#: serverguide/C/network-auth.xml:2240(para)
17458
#: serverguide/C/network-auth.xml:2583(para)
15672
17459
msgid ""
15673
17460
"For more information on Kerberos see the <ulink "
15674
17461
"url=\"http://web.mit.edu/Kerberos/\">MIT Kerberos</ulink> site."
15675
17462
msgstr ""
15676
17463
15677
#: serverguide/C/network-auth.xml:2245(para)
17464
#: serverguide/C/network-auth.xml:2588(para)
17465
msgid ""
17466
"The <ulink url=\"https://help.ubuntu.com/community/Kerberos\">Ubuntu Wiki "
17467
"Kerberos</ulink> page has more details."
17468
msgstr ""
17469
17470
#: serverguide/C/network-auth.xml:2593(para)
15678
17471
msgid ""
15679
17472
"O'Reilly's <ulink "
15680
17473
"url=\"http://oreilly.com/catalog/9780596004033/\">Kerberos: The Definitive "
15681
17474
"Guide</ulink> is a great reference when setting up Kerberos."
15682
17475
msgstr ""
15683
17476
15684
#: serverguide/C/network-auth.xml:2251(para)
17477
#: serverguide/C/network-auth.xml:2599(para)
15685
17478
msgid ""
15686
17479
"Also, feel free to stop by the <emphasis>#ubuntu-server</emphasis> IRC "
15687
17480
"channel on <ulink url=\"http://freenode.net/\">Freenode</ulink> if you have "
15688
17481
"Kerberos questions."
15689
17482
msgstr ""
15690
17483
15691
#: serverguide/C/network-auth.xml:2261(title)
17484
#: serverguide/C/network-auth.xml:2609(title)
15692
17485
msgid "Kerberos and LDAP"
15693
17486
msgstr ""
15694
17487
15695
#: serverguide/C/network-auth.xml:2263(para)
17488
#: serverguide/C/network-auth.xml:2611(para)
15696
17489
msgid ""
15697
17490
"Replicating a Kerberos principal database between two servers can be "
15698
17491
"complicated, and adds an additional user database to your network. "
15702
17495
"<application>OpenLDAP</application> for the principal database."
15703
17496
msgstr ""
15704
17497
15705
#: serverguide/C/network-auth.xml:2271(title)
17498
#: serverguide/C/network-auth.xml:2619(title)
15706
17499
msgid "Configuring OpenLDAP"
15707
17500
msgstr ""
15708
17501
15709
#: serverguide/C/network-auth.xml:2273(para)
17502
#: serverguide/C/network-auth.xml:2621(para)
15710
17503
msgid ""
15711
17504
"First, the necessary <emphasis>schema</emphasis> needs to be loaded on an "
15712
17505
"<application>OpenLDAP</application> server that has network connectivity to "
15715
17508
"information on setting up OpenLDAP see <xref linkend=\"openldap-server\"/>."
15716
17509
msgstr ""
15717
17510
15718
#: serverguide/C/network-auth.xml:2280(para)
17511
#: serverguide/C/network-auth.xml:2628(para)
15719
17512
msgid ""
15720
17513
"It is also required to configure OpenLDAP for TLS and SSL connections, so "
15721
17514
"that traffic between the KDC and LDAP server is encrypted. See <xref "
15722
17515
"linkend=\"openldap-tls\"/> for details."
15723
17516
msgstr ""
15724
17517
15725
#: serverguide/C/network-auth.xml:2287(para)
17518
#: serverguide/C/network-auth.xml:2635(para)
15726
17519
msgid ""
15727
17520
"To load the schema into LDAP, on the LDAP server install the "
15728
17521
"<application>krb5-kdc-ldap</application> package. From a terminal enter:"
15729
17522
msgstr ""
15730
17523
15731
#: serverguide/C/network-auth.xml:2293(command)
17524
#: serverguide/C/network-auth.xml:2641(command)
15732
17525
msgid "sudo apt-get install krb5-kdc-ldap"
15733
17526
msgstr ""
15734
17527
15735
#: serverguide/C/network-auth.xml:2298(para)
17528
#: serverguide/C/network-auth.xml:2646(para)
15736
17529
msgid "Next, extract the <filename>kerberos.schema.gz</filename> file:"
15737
17530
msgstr ""
15738
17531
15739
#: serverguide/C/network-auth.xml:2303(command)
17532
#: serverguide/C/network-auth.xml:2651(command)
15740
17533
msgid "sudo gzip -d /usr/share/doc/krb5-kdc-ldap/kerberos.schema.gz"
15741
17534
msgstr ""
15742
17535
15743
#: serverguide/C/network-auth.xml:2304(command)
17536
#: serverguide/C/network-auth.xml:2652(command)
15744
17537
msgid ""
15745
17538
"sudo cp /usr/share/doc/krb5-kdc-ldap/kerberos.schema /etc/ldap/schema/"
15746
17539
msgstr ""
15747
17540
15748
#: serverguide/C/network-auth.xml:2310(para)
17541
#: serverguide/C/network-auth.xml:2658(para)
15749
17542
msgid ""
15750
17543
"The <emphasis>kerberos</emphasis> schema needs to be added to the "
15751
17544
"<emphasis>cn=config</emphasis> tree. The procedure to add a new schema to "
15753
17546
"linkend=\"openldap-configuration\"/>."
15754
17547
msgstr ""
15755
17548
15756
#: serverguide/C/network-auth.xml:2323(programlisting)
17549
#: serverguide/C/network-auth.xml:2671(programlisting)
15757
17550
#, no-wrap
15758
17551
msgid ""
15759
17552
"\n"
15772
17565
"include /etc/ldap/schema/kerberos.schema\n"
15773
17566
msgstr ""
15774
17567
15775
#: serverguide/C/network-auth.xml:2343(para)
17568
#: serverguide/C/network-auth.xml:2691(para)
15776
17569
msgid "Create a temporary directory to hold the LDIF files:"
15777
17570
msgstr ""
15778
17571
15779
#: serverguide/C/network-auth.xml:2358(command)
17572
#: serverguide/C/network-auth.xml:2706(command)
15780
17573
msgid ""
15781
17574
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
15782
17575
"\"cn={12}kerberos,cn=schema,cn=config\" > /tmp/cn=kerberos.ldif"
15783
17576
msgstr ""
15784
17577
15785
#: serverguide/C/network-auth.xml:2368(para)
17578
#: serverguide/C/network-auth.xml:2716(para)
15786
17579
msgid ""
15787
17580
"Edit the generated <filename>/tmp/cn\\=kerberos.ldif</filename> file, "
15788
17581
"changing the following attributes:"
15789
17582
msgstr ""
15790
17583
15791
#: serverguide/C/network-auth.xml:2372(programlisting)
17584
#: serverguide/C/network-auth.xml:2720(programlisting)
15792
17585
#, no-wrap
15793
17586
msgid ""
15794
17587
"\n"
15797
17590
"cn: kerberos\n"
15798
17591
msgstr ""
15799
17592
15800
#: serverguide/C/network-auth.xml:2378(para)
17593
#: serverguide/C/network-auth.xml:2726(para)
15801
17594
msgid "And remove the following lines from the end of the file:"
15802
17595
msgstr ""
15803
17596
15804
#: serverguide/C/network-auth.xml:2382(programlisting)
17597
#: serverguide/C/network-auth.xml:2730(programlisting)
15805
17598
#, no-wrap
15806
17599
msgid ""
15807
17600
"\n"
15814
17607
"modifyTimestamp: 20090111203515Z\n"
15815
17608
msgstr ""
15816
17609
15817
#: serverguide/C/network-auth.xml:2401(para)
17610
#: serverguide/C/network-auth.xml:2749(para)
15818
17611
msgid "Load the new schema with <application>ldapadd</application>:"
15819
17612
msgstr ""
15820
17613
15821
#: serverguide/C/network-auth.xml:2406(command)
17614
#: serverguide/C/network-auth.xml:2754(command)
15822
17615
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=kerberos.ldif"
15823
17616
msgstr ""
15824
17617
15825
#: serverguide/C/network-auth.xml:2412(para)
17618
#: serverguide/C/network-auth.xml:2760(para)
15826
17619
msgid ""
15827
17620
"Add an index for the <emphasis>krb5principalname</emphasis> attribute:"
15828
17621
msgstr ""
15829
17622
15830
#: serverguide/C/network-auth.xml:2419(userinput)
17623
#: serverguide/C/network-auth.xml:2765(command) serverguide/C/network-auth.xml:2782(command)
17624
msgid "ldapmodify -x -D cn=admin,cn=config -W"
17625
msgstr ""
17626
17627
#: serverguide/C/network-auth.xml:2767(userinput)
15831
17628
#, no-wrap
15832
17629
msgid ""
15833
17630
"dn: olcDatabase={1}hdb,cn=config\n"
15835
17632
"olcDbIndex: krbPrincipalName eq,pres,sub"
15836
17633
msgstr ""
15837
17634
15838
#: serverguide/C/network-auth.xml:2429(para)
17635
#: serverguide/C/network-auth.xml:2766(computeroutput)
17636
#, no-wrap
17637
msgid ""
17638
"Enter LDAP Password:\n"
17639
"<placeholder-1/>\n"
17640
"\n"
17641
"modifying entry \"olcDatabase={1}hdb,cn=config\""
17642
msgstr ""
17643
17644
#: serverguide/C/network-auth.xml:2777(para)
15839
17645
msgid "Finally, update the Access Control Lists (ACL):"
15840
17646
msgstr ""
15841
17647
15842
#: serverguide/C/network-auth.xml:2436(userinput)
17648
#: serverguide/C/network-auth.xml:2784(userinput)
15843
17649
#, no-wrap
15844
17650
msgid ""
15845
17651
"dn: olcDatabase={1}hdb,cn=config\n"
15855
17661
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read"
15856
17662
msgstr ""
15857
17663
15858
#: serverguide/C/network-auth.xml:2435(computeroutput)
17664
#: serverguide/C/network-auth.xml:2783(computeroutput)
15859
17665
#, no-wrap
15860
17666
msgid ""
15861
17667
"Enter LDAP Password: \n"
15864
17670
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
15865
17671
msgstr ""
15866
17672
15867
#: serverguide/C/network-auth.xml:2456(para)
17673
#: serverguide/C/network-auth.xml:2804(para)
15868
17674
msgid ""
15869
17675
"That's it, your LDAP directory is now ready to serve as a Kerberos principal "
15870
17676
"database."
15871
17677
msgstr ""
15872
17678
15873
#: serverguide/C/network-auth.xml:2462(title)
17679
#: serverguide/C/network-auth.xml:2810(title)
15874
17680
msgid "Primary KDC Configuration"
15875
17681
msgstr ""
15876
17682
15877
#: serverguide/C/network-auth.xml:2464(para)
17683
#: serverguide/C/network-auth.xml:2812(para)
15878
17684
msgid ""
15879
17685
"With <application>OpenLDAP</application> configured it is time to configure "
15880
17686
"the KDC."
15881
17687
msgstr ""
15882
17688
15883
#: serverguide/C/network-auth.xml:2470(para)
17689
#: serverguide/C/network-auth.xml:2818(para)
15884
17690
msgid "First, install the necessary packages, from a terminal enter:"
15885
17691
msgstr ""
15886
17692
15887
#: serverguide/C/network-auth.xml:2475(command) serverguide/C/network-auth.xml:2632(command)
17693
#: serverguide/C/network-auth.xml:2823(command) serverguide/C/network-auth.xml:2980(command)
15888
17694
msgid "sudo apt-get install krb5-kdc krb5-admin-server krb5-kdc-ldap"
15889
17695
msgstr ""
15890
17696
15891
#: serverguide/C/network-auth.xml:2481(para)
17697
#: serverguide/C/network-auth.xml:2829(para)
15892
17698
msgid ""
15893
17699
"Now edit <filename>/etc/krb5.conf</filename> adding the following options to "
15894
17700
"under the appropriate sections:"
15895
17701
msgstr ""
15896
17702
15897
#: serverguide/C/network-auth.xml:2485(programlisting)
17703
#: serverguide/C/network-auth.xml:2833(programlisting)
15898
17704
#, no-wrap
15899
17705
msgid ""
15900
17706
"\n"
15944
17750
" }\n"
15945
17751
msgstr ""
15946
17752
15947
#: serverguide/C/network-auth.xml:2530(para)
17753
#: serverguide/C/network-auth.xml:2878(para)
15948
17754
msgid ""
15949
17755
"Change <emphasis>example.com</emphasis>, "
15950
17756
"<emphasis>dc=example,dc=com</emphasis>, "
15953
17759
"object, and LDAP server for your network."
15954
17760
msgstr ""
15955
17761
15956
#: serverguide/C/network-auth.xml:2539(para)
17762
#: serverguide/C/network-auth.xml:2887(para)
15957
17763
msgid ""
15958
17764
"Next, use the <application>kdb5_ldap_util</application> utility to create "
15959
17765
"the realm:"
15960
17766
msgstr ""
15961
17767
15962
#: serverguide/C/network-auth.xml:2544(command)
17768
#: serverguide/C/network-auth.xml:2892(command)
15963
17769
msgid ""
15964
17770
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com create -subtrees "
15965
17771
"dc=example,dc=com -r EXAMPLE.COM -s -H ldap://ldap01.example.com"
15966
17772
msgstr ""
15967
17773
15968
#: serverguide/C/network-auth.xml:2550(para)
17774
#: serverguide/C/network-auth.xml:2898(para)
15969
17775
msgid ""
15970
17776
"Create a stash of the password used to bind to the LDAP server. This "
15971
17777
"password is used by the <emphasis>ldap_kdc_dn</emphasis> and "
15973
17779
"<filename>/etc/krb5.conf</filename>:"
15974
17780
msgstr ""
15975
17781
15976
#: serverguide/C/network-auth.xml:2556(command) serverguide/C/network-auth.xml:2694(command)
17782
#: serverguide/C/network-auth.xml:2904(command) serverguide/C/network-auth.xml:3042(command)
15977
17783
msgid ""
15978
17784
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com stashsrvpw -f "
15979
17785
"/etc/krb5kdc/service.keyfile cn=admin,dc=example,dc=com"
15980
17786
msgstr ""
15981
17787
15982
#: serverguide/C/network-auth.xml:2562(para)
17788
#: serverguide/C/network-auth.xml:2910(para)
15983
17789
msgid "Copy the CA certificate from the LDAP server:"
15984
17790
msgstr ""
15985
17791
15986
#: serverguide/C/network-auth.xml:2567(command)
17792
#: serverguide/C/network-auth.xml:2915(command)
15987
17793
msgid "scp ldap01:/etc/ssl/certs/cacert.pem ."
15988
17794
msgstr ""
15989
17795
15990
#: serverguide/C/network-auth.xml:2568(command)
17796
#: serverguide/C/network-auth.xml:2916(command)
15991
17797
msgid "sudo cp cacert.pem /etc/ssl/certs"
15992
17798
msgstr ""
15993
17799
15994
#: serverguide/C/network-auth.xml:2571(para)
17800
#: serverguide/C/network-auth.xml:2919(para)
15995
17801
msgid ""
15996
17802
"And edit <filename>/etc/ldap/ldap.conf</filename> to use the certificate:"
15997
17803
msgstr ""
15998
17804
15999
#: serverguide/C/network-auth.xml:2575(programlisting)
17805
#: serverguide/C/network-auth.xml:2923(programlisting)
16000
17806
#, no-wrap
16001
17807
msgid ""
16002
17808
"\n"
16003
17809
"TLS_CACERT /etc/ssl/certs/cacert.pem\n"
16004
17810
msgstr ""
16005
17811
16006
#: serverguide/C/network-auth.xml:2580(para)
17812
#: serverguide/C/network-auth.xml:2928(para)
16007
17813
msgid ""
16008
17814
"The certificate will also need to be copied to the Secondary KDC, to allow "
16009
17815
"the connection to the LDAP servers using LDAPS."
16010
17816
msgstr ""
16011
17817
16012
#: serverguide/C/network-auth.xml:2589(para)
17818
#: serverguide/C/network-auth.xml:2937(para)
16013
17819
msgid ""
16014
17820
"You can now add Kerberos principals to the LDAP database, and they will be "
16015
17821
"copied to any other LDAP servers configured for replication. To add a "
16016
17822
"principal using the <application>kadmin.local</application> utility enter:"
16017
17823
msgstr ""
16018
17824
16019
#: serverguide/C/network-auth.xml:2597(userinput)
17825
#: serverguide/C/network-auth.xml:2945(userinput)
16020
17826
#, no-wrap
16021
17827
msgid "addprinc -x dn=\"uid=steve,ou=people,dc=example,dc=com\" steve"
16022
17828
msgstr ""
16023
17829
16024
#: serverguide/C/network-auth.xml:2596(computeroutput)
17830
#: serverguide/C/network-auth.xml:2944(computeroutput)
16025
17831
#, no-wrap
16026
17832
msgid ""
16027
17833
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
16032
17838
"Principal \"steve@EXAMPLE.COM\" created."
16033
17839
msgstr ""
16034
17840
16035
#: serverguide/C/network-auth.xml:2604(para)
17841
#: serverguide/C/network-auth.xml:2952(para)
16036
17842
msgid ""
16037
17843
"There should now be krbPrincipalName, krbPrincipalKey, krbLastPwdChange, and "
16038
17844
"krbExtraData attributes added to the "
16041
17847
"utilities to test that the user is indeed issued a ticket."
16042
17848
msgstr ""
16043
17849
16044
#: serverguide/C/network-auth.xml:2611(para)
17850
#: serverguide/C/network-auth.xml:2959(para)
16045
17851
msgid ""
16046
17852
"If the user object is already created the <emphasis>-x dn=\"...\"</emphasis> "
16047
17853
"option is needed to add the Kerberos attributes. Otherwise a new "
16048
17854
"<emphasis>principal</emphasis> object will be created in the realm subtree."
16049
17855
msgstr ""
16050
17856
16051
#: serverguide/C/network-auth.xml:2619(title)
17857
#: serverguide/C/network-auth.xml:2967(title)
16052
17858
msgid "Secondary KDC Configuration"
16053
17859
msgstr ""
16054
17860
16055
#: serverguide/C/network-auth.xml:2621(para)
17861
#: serverguide/C/network-auth.xml:2969(para)
16056
17862
msgid ""
16057
17863
"Configuring a Secondary KDC using the LDAP backend is similar to configuring "
16058
17864
"one using the normal Kerberos database."
16059
17865
msgstr ""
16060
17866
16061
#: serverguide/C/network-auth.xml:2627(para)
17867
#: serverguide/C/network-auth.xml:2975(para)
16062
17868
msgid "First, install the necessary packages. In a terminal enter:"
16063
17869
msgstr ""
16064
17870
16065
#: serverguide/C/network-auth.xml:2638(para)
17871
#: serverguide/C/network-auth.xml:2986(para)
16066
17872
msgid ""
16067
17873
"Next, edit <filename>/etc/krb5.conf</filename> to use the LDAP backend:"
16068
17874
msgstr ""
16069
17875
16070
#: serverguide/C/network-auth.xml:2642(programlisting)
17876
#: serverguide/C/network-auth.xml:2990(programlisting)
16071
17877
#, no-wrap
16072
17878
msgid ""
16073
17879
"\n"
16116
17922
" }\n"
16117
17923
msgstr ""
16118
17924
16119
#: serverguide/C/network-auth.xml:2689(para)
17925
#: serverguide/C/network-auth.xml:3037(para)
16120
17926
msgid "Create the stash for the LDAP bind password:"
16121
17927
msgstr ""
16122
17928
16123
#: serverguide/C/network-auth.xml:2700(para)
17929
#: serverguide/C/network-auth.xml:3048(para)
16124
17930
msgid ""
16125
17931
"Now, on the <emphasis>Primary KDC</emphasis> copy the "
16126
17932
"<filename>/etc/krb5kdc/.k5.EXAMPLE.COM</filename><emphasis>Master "
16129
17935
"media."
16130
17936
msgstr ""
16131
17937
16132
#: serverguide/C/network-auth.xml:2707(command)
17938
#: serverguide/C/network-auth.xml:3055(command)
16133
17939
msgid "sudo scp /etc/krb5kdc/.k5.EXAMPLE.COM steve@kdc02.example.com:~"
16134
17940
msgstr ""
16135
17941
16136
#: serverguide/C/network-auth.xml:2708(command)
17942
#: serverguide/C/network-auth.xml:3056(command)
16137
17943
msgid "sudo mv .k5.EXAMPLE.COM /etc/krb5kdc/"
16138
17944
msgstr ""
16139
17945
16140
#: serverguide/C/network-auth.xml:2712(para)
17946
#: serverguide/C/network-auth.xml:3060(para)
16141
17947
msgid ""
16142
17948
"Again, replace <emphasis>EXAMPLE.COM</emphasis> with your actual realm."
16143
17949
msgstr ""
16144
17950
16145
#: serverguide/C/network-auth.xml:2720(para)
17951
#: serverguide/C/network-auth.xml:3068(para)
16146
17952
msgid "Finally, start the <application>krb5-kdc</application> daemon:"
16147
17953
msgstr ""
16148
17954
16149
#: serverguide/C/network-auth.xml:2731(para)
17955
#: serverguide/C/network-auth.xml:3079(para)
16150
17956
msgid ""
16151
17957
"You now have redundant KDCs on your network, and with redundant LDAP servers "
16152
17958
"you should be able to continue to authenticate users if one LDAP server, one "
16153
17959
"Kerberos server, or one LDAP and one Kerberos server become unavailable."
16154
17960
msgstr ""
16155
17961
16156
#: serverguide/C/network-auth.xml:2743(para)
17962
#: serverguide/C/network-auth.xml:3091(para)
16157
17963
msgid ""
16158
17964
"The <ulink url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
16159
17965
"admin.html#Configuring-Kerberos-with-OpenLDAP-back_002dend\"> Kerberos Admin "
16160
17966
"Guide</ulink> has some additional details."
16161
17967
msgstr ""
16162
17968
16163
#: serverguide/C/network-auth.xml:2749(para)
17969
#: serverguide/C/network-auth.xml:3097(para)
16164
17970
msgid ""
16165
17971
"For more information on <application>kdb5_ldap_util</application> see <ulink "
16166
17972
"url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
16167
17973
"admin.html#Global-Operations-on-the-Kerberos-LDAP-Database\"> Section "
16168
17974
"5.6</ulink> and the <ulink "
16169
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/kdb5_ldap_util.8.htm"
16170
"l\">kdb5_ldap_util man page</ulink>."
17975
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/kdb5_ldap_util.8.html"
17976
"\">kdb5_ldap_util man page</ulink>."
16171
17977
msgstr ""
16172
17978
16173
#: serverguide/C/network-auth.xml:2757(para)
17979
#: serverguide/C/network-auth.xml:3105(para)
16174
17980
msgid ""
16175
17981
"Another useful link is the <ulink "
16176
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/krb5.conf.5.html\">k"
16177
"rb5.conf man page</ulink>."
17982
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/krb5.conf.5.html\">kr"
17983
"b5.conf man page</ulink>."
17984
msgstr ""
17985
17986
#: serverguide/C/network-auth.xml:3110(para)
17987
msgid ""
17988
"Also, see the <ulink "
17989
"url=\"https://help.ubuntu.com/community/Kerberos#kerberos-ldap\">Kerberos "
17990
"and LDAP</ulink> Ubuntu wiki page."
16178
17991
msgstr ""
16179
17992
16180
17993
#: serverguide/C/monitoring.xml:13(title)
16591
18404
"Nagios and network monitoring:"
16592
18405
msgstr ""
16593
18406
16594
#: serverguide/C/monitoring.xml:420(title)
18407
#: serverguide/C/monitoring.xml:416(para)
18408
msgid ""
18409
"The <ulink url=\"https://help.ubuntu.com/community/Nagios\">Nagios Ubuntu "
18410
"Wiki</ulink> page also has more details."
18411
msgstr ""
18412
18413
#: serverguide/C/monitoring.xml:425(title)
16595
18414
msgid "Munin"
16596
18415
msgstr ""
16597
18416
16598
#: serverguide/C/monitoring.xml:425(para)
18417
#: serverguide/C/monitoring.xml:430(para)
16599
18418
msgid ""
16600
18419
"Before installing <application>Munin</application> on "
16601
18420
"<emphasis>server01</emphasis><application>apache2</application> will need to "
16604
18423
"linkend=\"httpd\"/>."
16605
18424
msgstr ""
16606
18425
16607
#: serverguide/C/monitoring.xml:431(para)
18426
#: serverguide/C/monitoring.xml:436(para)
16608
18427
msgid ""
16609
18428
"First, on <emphasis>server01</emphasis> install "
16610
18429
"<application>munin</application>. In a terminal enter:"
16611
18430
msgstr ""
16612
18431
16613
#: serverguide/C/monitoring.xml:436(command)
18432
#: serverguide/C/monitoring.xml:441(command)
16614
18433
msgid "sudo apt-get install munin"
16615
18434
msgstr ""
16616
18435
16617
#: serverguide/C/monitoring.xml:439(para)
18436
#: serverguide/C/monitoring.xml:444(para)
16618
18437
msgid ""
16619
18438
"Now on <emphasis>server02</emphasis> install the <application>munin-"
16620
18439
"node</application> package:"
16621
18440
msgstr ""
16622
18441
16623
#: serverguide/C/monitoring.xml:444(command)
18442
#: serverguide/C/monitoring.xml:449(command)
16624
18443
msgid "sudo apt-get install munin-node"
16625
18444
msgstr ""
16626
18445
16627
#: serverguide/C/monitoring.xml:451(para)
18446
#: serverguide/C/monitoring.xml:456(para)
16628
18447
msgid ""
16629
18448
"On <emphasis>server01</emphasis> edit the "
16630
18449
"<filename>/etc/munin/munin.conf</filename> adding the IP address for "
16631
18450
"<emphasis>server02</emphasis>:"
16632
18451
msgstr ""
16633
18452
16634
#: serverguide/C/monitoring.xml:456(programlisting)
18453
#: serverguide/C/monitoring.xml:461(programlisting)
16635
18454
#, no-wrap
16636
18455
msgid ""
16637
18456
"\n"
16640
18459
" address 172.18.100.101\n"
16641
18460
msgstr ""
16642
18461
16643
#: serverguide/C/monitoring.xml:463(para)
18462
#: serverguide/C/monitoring.xml:468(para)
16644
18463
msgid ""
16645
18464
"Replace <emphasis>server02</emphasis> and "
16646
18465
"<emphasis>172.18.100.101</emphasis> with the actual hostname and IP address "
16647
18466
"for your server."
16648
18467
msgstr ""
16649
18468
16650
#: serverguide/C/monitoring.xml:469(para)
18469
#: serverguide/C/monitoring.xml:474(para)
16651
18470
msgid ""
16652
18471
"Next, configure <application>munin-node</application> on "
16653
18472
"<emphasis>server02</emphasis>. Edit <filename>/etc/munin/munin-"
16654
18473
"node.conf</filename> to allow access by <emphasis>server01</emphasis>:"
16655
18474
msgstr ""
16656
18475
16657
#: serverguide/C/monitoring.xml:474(programlisting)
18476
#: serverguide/C/monitoring.xml:479(programlisting)
16658
18477
#, no-wrap
16659
18478
msgid ""
16660
18479
"\n"
16661
18480
"allow ^172\\.18\\.100\\.100$\n"
16662
18481
msgstr ""
16663
18482
16664
#: serverguide/C/monitoring.xml:479(para)
18483
#: serverguide/C/monitoring.xml:484(para)
16665
18484
msgid ""
16666
18485
"Replace <emphasis>^172\\.18\\.100\\.100$</emphasis> with IP address for your "
16667
18486
"<application>munin</application> server."
16668
18487
msgstr ""
16669
18488
16670
#: serverguide/C/monitoring.xml:484(para)
18489
#: serverguide/C/monitoring.xml:489(para)
16671
18490
msgid ""
16672
18491
"Now restart <application>munin-node</application> on "
16673
18492
"<emphasis>server02</emphasis> for the changes to take effect:"
16674
18493
msgstr ""
16675
18494
16676
#: serverguide/C/monitoring.xml:489(command)
18495
#: serverguide/C/monitoring.xml:494(command)
16677
18496
msgid "sudo /etc/init.d/munin-node restart"
16678
18497
msgstr ""
16679
18498
16680
#: serverguide/C/monitoring.xml:492(para)
18499
#: serverguide/C/monitoring.xml:497(para)
16681
18500
msgid ""
16682
18501
"Finally, in a browser go to <emphasis>http://server01/munin</emphasis>, and "
16683
18502
"you should see links to nice graphs displaying information from the standard "
16684
18503
"<emphasis>munin-plugins</emphasis> for disk, network, processes, and system."
16685
18504
msgstr ""
16686
18505
16687
#: serverguide/C/monitoring.xml:498(para)
18506
#: serverguide/C/monitoring.xml:503(para)
16688
18507
msgid ""
16689
18508
"Since this is a new install it may take some time for the graphs to display "
16690
18509
"anything useful."
16691
18510
msgstr ""
16692
18511
16693
#: serverguide/C/monitoring.xml:505(title)
18512
#: serverguide/C/monitoring.xml:510(title)
16694
18513
msgid "Additional Plugins"
16695
18514
msgstr ""
16696
18515
16697
#: serverguide/C/monitoring.xml:507(para)
18516
#: serverguide/C/monitoring.xml:512(para)
16698
18517
msgid ""
16699
18518
"The <application>munin-plugins-extra</application> package contains "
16700
18519
"performance checks additional services such as DNS, DHCP, Samba, etc. To "
16701
18520
"install the package, from a terminal enter:"
16702
18521
msgstr ""
16703
18522
16704
#: serverguide/C/monitoring.xml:513(command)
18523
#: serverguide/C/monitoring.xml:518(command)
16705
18524
msgid "sudo apt-get install munin-plugins-extra"
16706
18525
msgstr ""
16707
18526
16708
#: serverguide/C/monitoring.xml:516(para)
18527
#: serverguide/C/monitoring.xml:521(para)
16709
18528
msgid "Be sure to install the package on both the server and node machines."
16710
18529
msgstr ""
16711
18530
16712
#: serverguide/C/monitoring.xml:526(para)
18531
#: serverguide/C/monitoring.xml:531(para)
16713
18532
msgid ""
16714
18533
"See the <ulink url=\"http://munin.projects.linpro.no/\">Munin</ulink> "
16715
18534
"website for more details."
16716
18535
msgstr ""
16717
18536
16718
#: serverguide/C/monitoring.xml:531(para)
18537
#: serverguide/C/monitoring.xml:536(para)
16719
18538
msgid ""
16720
18539
"Specifically the <ulink "
16721
18540
"url=\"http://munin.projects.linpro.no/wiki/Documentation\">Munin "
16723
18542
"writing plugins, etc."
16724
18543
msgstr ""
16725
18544
16726
#: serverguide/C/monitoring.xml:537(para)
18545
#: serverguide/C/monitoring.xml:542(para)
16727
18546
msgid ""
16728
18547
"Also, there is a book in German by Open Source Press: <ulink "
16729
18548
"url=\"https://www.opensourcepress.de/index.php?26&backPID=178&tt_prod"
16730
18549
"ucts=152\">Munin Graphisches Netzwerk- und System-Monitoring</ulink>."
16731
18550
msgstr ""
16732
18551
18552
#: serverguide/C/monitoring.xml:548(para)
18553
msgid ""
18554
"Another resource is the <ulink "
18555
"url=\"https://help.ubuntu.com/community/Munin\">Munin Ubuntu Wiki</ulink> "
18556
"page."
18557
msgstr ""
18558
16733
18559
#: serverguide/C/mail.xml:13(title)
16734
18560
msgid "Email Services"
16735
18561
msgstr "邮件服务"
16752
18578
"来发送信息,最后一个将信息送到 <emphasis>邮件投递代理</emphasis> (MDA) "
16753
18579
"以便将其投递到接受者的收件箱中。该信息将会被接受者邮件客户端检索到,通常是通过 POP3 或 IMAP 服务器。"
16754
18580
16755
#: serverguide/C/mail.xml:24(title) serverguide/C/mail.xml:804(application) serverguide/C/mail.xml:838(title) serverguide/C/mail.xml:916(title) serverguide/C/mail.xml:1475(title)
18581
#: serverguide/C/mail.xml:24(title) serverguide/C/mail.xml:832(application) serverguide/C/mail.xml:866(title) serverguide/C/mail.xml:944(title) serverguide/C/mail.xml:1510(title)
16756
18582
msgid "Postfix"
16757
18583
msgstr "Postfix"
16758
18584
16822
18648
msgstr "No"
16823
18649
16824
18650
#: serverguide/C/mail.xml:68(para)
16825
msgid "127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0/24"
18651
msgid "127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0.0/24"
16826
18652
msgstr ""
16827
18653
16828
18654
#: serverguide/C/mail.xml:69(para)
16846
18672
#: serverguide/C/mail.xml:75(para)
16847
18673
msgid ""
16848
18674
"Replace mail.example.com with the domain for which you'll accept email, "
16849
"192.168.0/24 with the actual network and class range of your mail server, "
18675
"192.168.0.0/24 with the actual network and class range of your mail server, "
16850
18676
"and steve with the appropriate username."
16851
18677
msgstr ""
16852
18678
16879
18705
"your Mail Delivery Agent (MDA) to use the same path."
16880
18706
msgstr ""
16881
18707
16882
#: serverguide/C/mail.xml:108(title) serverguide/C/mail.xml:538(title)
18708
#: serverguide/C/mail.xml:108(title) serverguide/C/mail.xml:556(title)
16883
18709
msgid "SMTP Authentication"
16884
18710
msgstr "SMTP 认证"
16885
18711
16949
18775
"sudo postconf -e 'smtp_tls_note_starttls_offer = yes'\n"
16950
18776
"sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'\n"
16951
18777
"sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'\n"
16952
"sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'\n"
16953
18778
"sudo postconf -e 'smtpd_tls_loglevel = 1'\n"
16954
18779
"sudo postconf -e 'smtpd_tls_received_header = yes'\n"
16955
18780
"sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'\n"
16957
18782
"sudo postconf -e 'myhostname = mail.example.com'\n"
16958
18783
msgstr ""
16959
18784
16960
#: serverguide/C/mail.xml:175(para)
18785
#: serverguide/C/mail.xml:173(para)
18786
msgid ""
18787
"If you are using your own <emphasis>Certificate Authority</emphasis> to sign "
18788
"the certificate enter:"
18789
msgstr ""
18790
18791
#: serverguide/C/mail.xml:177(command)
18792
msgid "sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'"
18793
msgstr ""
18794
18795
#: serverguide/C/mail.xml:180(para)
18796
msgid ""
18797
"Again, for more details about certificates see <xref linkend=\"certificates-"
18798
"and-security\"/>."
18799
msgstr ""
18800
18801
#: serverguide/C/mail.xml:186(para)
16961
18802
msgid ""
16962
18803
"After running all the commands, <application>Postfix</application> is "
16963
18804
"configured for SMTP-AUTH and a self-signed certificate has been created for "
16964
18805
"TLS encryption."
16965
18806
msgstr ""
16966
18807
16967
#: serverguide/C/mail.xml:180(para)
18808
#: serverguide/C/mail.xml:191(para)
16968
18809
msgid ""
16969
18810
"Now, the file <filename>/etc/postfix/main.cf</filename> should look like "
16970
18811
"<ulink url=\"../sample/postfix_configuration\">this</ulink>."
16972
18813
"现在文件 <filename>/etc/postfix/main.cf</filename> 看上去就象 <ulink "
16973
18814
"url=\"../sample/postfix_configuration\">这样</ulink>。"
16974
18815
16975
#: serverguide/C/mail.xml:184(para)
18816
#: serverguide/C/mail.xml:195(para)
16976
18817
msgid ""
16977
18818
"The postfix initial configuration is complete. Run the following command to "
16978
18819
"restart the postfix daemon:"
16979
18820
msgstr ""
16980
18821
16981
#: serverguide/C/mail.xml:189(para)
18822
#: serverguide/C/mail.xml:201(command) serverguide/C/mail.xml:315(command) serverguide/C/mail.xml:378(command) serverguide/C/mail.xml:984(command) serverguide/C/mail.xml:1561(command)
18823
msgid "sudo /etc/init.d/postfix restart"
18824
msgstr "sudo /etc/init.d/postfix restart"
18825
18826
#: serverguide/C/mail.xml:204(para)
16982
18827
msgid ""
16983
18828
"<application>Postfix</application> supports SMTP-AUTH as defined in <ulink "
16984
18829
"url=\"ftp://ftp.isi.edu/in-notes/rfc2554.txt\">RFC2554</ulink>. It is based "
16987
18832
"use SMTP-AUTH."
16988
18833
msgstr ""
16989
18834
16990
#: serverguide/C/mail.xml:199(title) serverguide/C/mail.xml:591(title)
18835
#: serverguide/C/mail.xml:214(title) serverguide/C/mail.xml:609(title)
16991
18836
msgid "Configuring SASL"
16992
18837
msgstr "配置 SASL"
16993
18838
16994
#: serverguide/C/mail.xml:200(para)
18839
#: serverguide/C/mail.xml:215(para)
16995
18840
msgid ""
16996
18841
"Postfix supports two SASL implementations Cyrus SASL and Dovecot SASL. To "
16997
18842
"enable Dovecot SASL the <application>dovecot-common</application> package "
16998
18843
"will need to be installed. From a terminal prompt enter the following:"
16999
18844
msgstr ""
17000
18845
17001
#: serverguide/C/mail.xml:206(command)
18846
#: serverguide/C/mail.xml:221(command)
17002
18847
msgid "sudo apt-get install dovecot-common"
17003
18848
msgstr "sudo apt-get install dovecot-common"
17004
18849
17005
#: serverguide/C/mail.xml:208(para)
18850
#: serverguide/C/mail.xml:223(para)
17006
18851
msgid ""
17007
18852
"Next you will need to edit <filename>/etc/dovecot/dovecot.conf</filename>. "
17008
18853
"In the <emphasis>auth default</emphasis> section uncomment the "
17009
18854
"<emphasis>socket listen</emphasis> option and change the following:"
17010
18855
msgstr ""
17011
18856
17012
#: serverguide/C/mail.xml:212(programlisting)
18857
#: serverguide/C/mail.xml:227(programlisting)
17013
18858
#, no-wrap
17014
18859
msgid ""
17015
18860
"\n"
17037
18882
" }\n"
17038
18883
msgstr ""
17039
18884
17040
#: serverguide/C/mail.xml:236(para)
18885
#: serverguide/C/mail.xml:251(para)
17041
18886
msgid ""
17042
18887
"In order to let <application>Outlook</application> clients use SMTPAUTH, in "
17043
18888
"the <emphasis>auth default</emphasis> section of /etc/dovecot/dovecot.conf "
17044
18889
"add <emphasis>\"login\"</emphasis>:"
17045
18890
msgstr ""
17046
18891
17047
#: serverguide/C/mail.xml:241(programlisting)
18892
#: serverguide/C/mail.xml:256(programlisting)
17048
18893
#, no-wrap
17049
18894
msgid ""
17050
18895
"\n"
17051
18896
" mechanisms = plain login\n"
17052
18897
msgstr ""
17053
18898
17054
#: serverguide/C/mail.xml:245(para)
18899
#: serverguide/C/mail.xml:260(para)
17055
18900
msgid ""
17056
18901
"Once you have <application>Dovecot</application> configured restart it with:"
17057
18902
msgstr ""
17058
18903
17059
#: serverguide/C/mail.xml:249(command) serverguide/C/mail.xml:712(command)
18904
#: serverguide/C/mail.xml:264(command) serverguide/C/mail.xml:735(command)
17060
18905
msgid "sudo /etc/init.d/dovecot restart"
17061
18906
msgstr ""
17062
18907
17063
#: serverguide/C/mail.xml:254(title)
18908
#: serverguide/C/mail.xml:269(title)
17064
18909
msgid "Postfix-Dovecot"
17065
18910
msgstr ""
17066
18911
17067
#: serverguide/C/mail.xml:256(para)
18912
#: serverguide/C/mail.xml:271(para)
17068
18913
msgid ""
17069
18914
"Another option for configuring <application>Postfix</application> for SMTP-"
17070
18915
"AUTH is using the <application>dovecot-postfix</application> package. This "
17074
18919
"<application>Dovecot</application> for IMAP, IMAPS, POP3, and POP3S."
17075
18920
msgstr ""
17076
18921
17077
#: serverguide/C/mail.xml:265(para)
18922
#: serverguide/C/mail.xml:280(para)
17078
18923
msgid ""
17079
18924
"You may or may not want to run IMAP, IMAPS, POP3, or POP3S on your mail "
17080
18925
"server. For example, if you are configuring your server to be a mail "
17082
18927
"the above commands to configure Postfix for SMTPAUTH."
17083
18928
msgstr ""
17084
18929
17085
#: serverguide/C/mail.xml:272(para)
18930
#: serverguide/C/mail.xml:287(para)
17086
18931
msgid "To install the package, from a terminal prompt enter:"
17087
18932
msgstr ""
17088
18933
17089
#: serverguide/C/mail.xml:277(command)
18934
#: serverguide/C/mail.xml:292(command)
17090
18935
msgid "sudo apt-get install dovecot-postfix"
17091
18936
msgstr ""
17092
18937
17093
#: serverguide/C/mail.xml:280(para)
18938
#: serverguide/C/mail.xml:295(para)
17094
18939
msgid ""
17095
18940
"You should now have a working mail server, but there are a few options that "
17096
18941
"you may wish to further customize. For example, the package uses the "
17100
18945
"for more details."
17101
18946
msgstr ""
17102
18947
17103
#: serverguide/C/mail.xml:286(para)
18948
#: serverguide/C/mail.xml:301(para)
17104
18949
msgid ""
17105
18950
"Once you have a customized certificate and key for the host, change the "
17106
18951
"following options in <filename>/etc/postfix/main.cf</filename>:"
17107
18952
msgstr ""
17108
18953
17109
#: serverguide/C/mail.xml:290(programlisting)
18954
#: serverguide/C/mail.xml:305(programlisting)
17110
18955
#, no-wrap
17111
18956
msgid ""
17112
18957
"\n"
17114
18959
"smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key\n"
17115
18960
msgstr ""
17116
18961
17117
#: serverguide/C/mail.xml:295(para)
18962
#: serverguide/C/mail.xml:310(para)
17118
18963
msgid "Then restart Postfix:"
17119
18964
msgstr ""
17120
18965
17121
#: serverguide/C/mail.xml:300(command) serverguide/C/mail.xml:363(command) serverguide/C/mail.xml:956(command) serverguide/C/mail.xml:1526(command)
17122
msgid "sudo /etc/init.d/postfix restart"
17123
msgstr "sudo /etc/init.d/postfix restart"
17124
17125
#: serverguide/C/mail.xml:306(para)
18966
#: serverguide/C/mail.xml:321(para)
17126
18967
msgid ""
17127
18968
"SMTP-AUTH configuration is complete. Now it is time to test the setup."
17128
18969
msgstr ""
17129
18970
17130
#: serverguide/C/mail.xml:309(para)
18971
#: serverguide/C/mail.xml:324(para)
17131
18972
msgid "To see if SMTP-AUTH and TLS work properly, run the following command:"
17132
18973
msgstr ""
17133
18974
17134
#: serverguide/C/mail.xml:314(command)
18975
#: serverguide/C/mail.xml:329(command)
17135
18976
msgid "telnet mail.example.com 25"
17136
18977
msgstr "telnet mail.example.com 25"
17137
18978
17138
#: serverguide/C/mail.xml:316(para)
18979
#: serverguide/C/mail.xml:331(para)
17139
18980
msgid ""
17140
18981
"After you have established the connection to the postfix mail server, type:"
17141
18982
msgstr ""
17142
18983
17143
#: serverguide/C/mail.xml:320(screen)
18984
#: serverguide/C/mail.xml:335(screen)
17144
18985
#, no-wrap
17145
18986
msgid ""
17146
18987
"\n"
17149
18990
"\n"
17150
18991
"ehlo mail.example.com\n"
17151
18992
17152
#: serverguide/C/mail.xml:323(para)
18993
#: serverguide/C/mail.xml:338(para)
17153
18994
msgid ""
17154
18995
"If you see the following lines among others, then everything is working "
17155
18996
"perfectly. Type <command>quit</command> to exit."
17156
18997
msgstr ""
17157
18998
17158
#: serverguide/C/mail.xml:327(programlisting)
18999
#: serverguide/C/mail.xml:342(programlisting)
17159
19000
#, no-wrap
17160
19001
msgid ""
17161
19002
"\n"
17170
19011
"250-AUTH=LOGIN PLAIN\n"
17171
19012
"250 8BITMIME\n"
17172
19013
17173
#: serverguide/C/mail.xml:337(para)
19014
#: serverguide/C/mail.xml:352(para)
17174
19015
msgid ""
17175
19016
"This section introduces some common ways to determine the cause if problems "
17176
19017
"arise."
17177
19018
msgstr ""
17178
19019
17179
#: serverguide/C/mail.xml:341(title)
19020
#: serverguide/C/mail.xml:356(title)
17180
19021
msgid "Escaping chroot"
17181
19022
msgstr ""
17182
19023
17183
#: serverguide/C/mail.xml:342(para)
19024
#: serverguide/C/mail.xml:357(para)
17184
19025
msgid ""
17185
19026
"The Ubuntu <application>postfix</application> package will by default "
17186
19027
"install into a <emphasis>chroot</emphasis> environment for security reasons. "
17187
19028
"This can add greater complexity when troubleshooting problems."
17188
19029
msgstr ""
17189
19030
17190
#: serverguide/C/mail.xml:346(para)
19031
#: serverguide/C/mail.xml:361(para)
17191
19032
msgid ""
17192
19033
"To turn off the chroot operation locate for the following line in the "
17193
19034
"<filename>/etc/postfix/master.cf</filename> configuration file:"
17194
19035
msgstr ""
17195
19036
17196
#: serverguide/C/mail.xml:350(screen)
19037
#: serverguide/C/mail.xml:365(screen)
17197
19038
#, no-wrap
17198
19039
msgid ""
17199
19040
"\n"
17202
19043
"\n"
17203
19044
"smtp inet n - - - - smtpd\n"
17204
19045
17205
#: serverguide/C/mail.xml:353(para)
19046
#: serverguide/C/mail.xml:368(para)
17206
19047
msgid "and modify it as follows:"
17207
19048
msgstr "并且修改它如下:"
17208
19049
17209
#: serverguide/C/mail.xml:356(screen)
19050
#: serverguide/C/mail.xml:371(screen)
17210
19051
#, no-wrap
17211
19052
msgid ""
17212
19053
"\n"
17215
19056
"\n"
17216
19057
"smtp inet n - n - - smtpd\n"
17217
19058
17218
#: serverguide/C/mail.xml:359(para)
19059
#: serverguide/C/mail.xml:374(para)
17219
19060
msgid ""
17220
19061
"You will then need to restart Postfix to use the new configuration. From a "
17221
19062
"terminal prompt enter:"
17222
19063
msgstr ""
17223
19064
17224
#: serverguide/C/mail.xml:367(title)
19065
#: serverguide/C/mail.xml:382(title)
17225
19066
msgid "Log Files"
17226
19067
msgstr ""
17227
19068
17228
#: serverguide/C/mail.xml:368(para)
19069
#: serverguide/C/mail.xml:383(para)
17229
19070
msgid ""
17230
19071
"<application>Postfix</application> sends all log messages to "
17231
19072
"<filename>/var/log/mail.log</filename>. However error and warning messages "
17234
19075
"<filename>/var/log/mail.warn</filename> respectively."
17235
19076
msgstr ""
17236
19077
17237
#: serverguide/C/mail.xml:373(para)
19078
#: serverguide/C/mail.xml:388(para)
17238
19079
msgid ""
17239
19080
"To see messages entered into the logs in real time you can use the "
17240
19081
"<application>tail -f</application> command:"
17241
19082
msgstr ""
17242
19083
17243
#: serverguide/C/mail.xml:378(command)
19084
#: serverguide/C/mail.xml:393(command)
17244
19085
msgid "tail -f /var/log/mail.err"
17245
19086
msgstr "tail -f /var/log/mail.err"
17246
19087
17247
#: serverguide/C/mail.xml:380(para)
19088
#: serverguide/C/mail.xml:395(para)
17248
19089
msgid ""
17249
19090
"The amount of detail that is recorded in the logs can be increased. Below "
17250
19091
"are some configuration options for increasing the log level for some of the "
17251
19092
"areas covered above."
17252
19093
msgstr ""
17253
19094
17254
#: serverguide/C/mail.xml:386(para)
19095
#: serverguide/C/mail.xml:401(para)
17255
19096
msgid ""
17256
19097
"To increase <emphasis>TLS</emphasis> activity logging set the "
17257
19098
"<emphasis>smtpd_tls_loglevel</emphasis> option to a value from 1 to 4."
17258
19099
msgstr ""
17259
19100
17260
#: serverguide/C/mail.xml:390(command)
19101
#: serverguide/C/mail.xml:405(command)
17261
19102
msgid "sudo postconf -e 'smtpd_tls_loglevel = 4'"
17262
19103
msgstr "sudo postconf -e 'smtpd_tls_loglevel = 4'"
17263
19104
17264
#: serverguide/C/mail.xml:394(para)
19105
#: serverguide/C/mail.xml:409(para)
17265
19106
msgid ""
17266
19107
"If you are having trouble sending or receiving mail from a specific domain "
17267
19108
"you can add the domain to the <emphasis>debug_peer_list</emphasis> parameter."
17268
19109
msgstr ""
17269
19110
17270
#: serverguide/C/mail.xml:399(command)
19111
#: serverguide/C/mail.xml:414(command)
17271
19112
msgid "sudo postconf -e 'debug_peer_list = problem.domain'"
17272
19113
msgstr "sudo postconf -e 'debug_peer_list = problem.domain'"
17273
19114
17274
#: serverguide/C/mail.xml:403(para)
19115
#: serverguide/C/mail.xml:418(para)
17275
19116
msgid ""
17276
19117
"You can increase the verbosity of any <application>Postfix</application> "
17277
19118
"daemon process by editing the <filename>/etc/postfix/master.cf</filename> "
17279
19120
"<emphasis>smtp</emphasis> entry:"
17280
19121
msgstr ""
17281
19122
17282
#: serverguide/C/mail.xml:407(programlisting)
19123
#: serverguide/C/mail.xml:422(programlisting)
17283
19124
#, no-wrap
17284
19125
msgid ""
17285
19126
"\n"
17288
19129
"\n"
17289
19130
"smtp unix - - - - - smtp -v\n"
17290
19131
17291
#: serverguide/C/mail.xml:413(para)
19132
#: serverguide/C/mail.xml:428(para)
17292
19133
msgid ""
17293
19134
"It is important to note that after making one of the logging changes above "
17294
19135
"the <application>Postfix</application> process will need to be reloaded in "
17296
19137
"reload</command>"
17297
19138
msgstr ""
17298
19139
17299
#: serverguide/C/mail.xml:420(para)
19140
#: serverguide/C/mail.xml:435(para)
17300
19141
msgid ""
17301
19142
"To increase the amount of information logged when troubleshooting "
17302
19143
"<emphasis>SASL</emphasis> issues you can set the following options in "
17303
19144
"<filename>/etc/dovecot/dovecot.conf</filename>"
17304
19145
msgstr ""
17305
19146
17306
#: serverguide/C/mail.xml:424(programlisting)
19147
#: serverguide/C/mail.xml:439(programlisting)
17307
19148
#, no-wrap
17308
19149
msgid ""
17309
19150
"\n"
17314
19155
"auth_debug=yes\n"
17315
19156
"auth_debug_passwords=yes\n"
17316
19157
17317
#: serverguide/C/mail.xml:431(para)
19158
#: serverguide/C/mail.xml:446(para)
17318
19159
msgid ""
17319
19160
"Just like <application>Postfix</application> if you change a "
17320
19161
"<application>Dovecot</application> configuration the process will need to be "
17321
19162
"reloaded: <command>sudo /etc/init.d/dovecot reload</command>."
17322
19163
msgstr ""
17323
19164
17324
#: serverguide/C/mail.xml:437(para)
19165
#: serverguide/C/mail.xml:452(para)
17325
19166
msgid ""
17326
19167
"Some of the options above can drastically increase the amount of information "
17327
19168
"sent to the log files. Remember to return the log level back to normal after "
17329
19170
"new configuration to take affect."
17330
19171
msgstr ""
17331
19172
17332
#: serverguide/C/mail.xml:445(para)
19173
#: serverguide/C/mail.xml:460(para)
17333
19174
msgid ""
17334
19175
"Administering a <application>Postfix</application> server can be a very "
17335
19176
"complicated task. At some point you may need to turn to the Ubuntu community "
17336
19177
"for more experienced help."
17337
19178
msgstr ""
17338
19179
17339
#: serverguide/C/mail.xml:449(para)
19180
#: serverguide/C/mail.xml:464(para)
17340
19181
msgid ""
17341
19182
"A great place to ask for <application>Postfix</application> assistance, and "
17342
19183
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
17346
19187
"url=\"http://www.ubuntu.com/support/community/webforums\">Web Forums</ulink>."
17347
19188
msgstr ""
17348
19189
17349
#: serverguide/C/mail.xml:454(para)
19190
#: serverguide/C/mail.xml:469(para)
17350
19191
msgid ""
17351
19192
"For in depth <application>Postfix</application> information Ubuntu "
17352
19193
"developers highly recommend: <ulink url=\"http://www.postfix-book.com/\">The "
17353
19194
"Book of Postfix</ulink>."
17354
19195
msgstr ""
17355
19196
17356
#: serverguide/C/mail.xml:458(para)
19197
#: serverguide/C/mail.xml:473(para)
17357
19198
msgid ""
17358
19199
"Finally, the <ulink "
17359
19200
"url=\"http://www.postfix.org/documentation.html\">Postfix</ulink> website "
17361
19202
"available."
17362
19203
msgstr ""
17363
19204
17364
#: serverguide/C/mail.xml:467(title) serverguide/C/mail.xml:844(title) serverguide/C/mail.xml:960(title)
19205
#: serverguide/C/mail.xml:477(para)
19206
msgid ""
19207
"Also, the <ulink url=\"https://help.ubuntu.com/community/Postfix\">Ubuntu "
19208
"Wiki Postifx</ulink> page has more information."
19209
msgstr ""
19210
19211
#: serverguide/C/mail.xml:485(title) serverguide/C/mail.xml:872(title) serverguide/C/mail.xml:988(title)
17365
19212
msgid "Exim4"
17366
19213
msgstr "Exim4"
17367
19214
17368
#: serverguide/C/mail.xml:468(para)
19215
#: serverguide/C/mail.xml:486(para)
17369
19216
msgid ""
17370
19217
"<application>Exim4</application> is another Message Transfer Agent (MTA) "
17371
19218
"developed at the University of Cambridge for use on Unix systems connected "
17375
19222
"<application>sendmail</application>."
17376
19223
msgstr ""
17377
19224
17378
#: serverguide/C/mail.xml:479(para)
19225
#: serverguide/C/mail.xml:497(para)
17379
19226
msgid ""
17380
19227
"To install <application>exim4</application>, run the following command: "
17381
19228
"<screen>\n"
17383
19230
"</screen>"
17384
19231
msgstr ""
17385
19232
17386
#: serverguide/C/mail.xml:488(para)
19233
#: serverguide/C/mail.xml:506(para)
17387
19234
msgid ""
17388
19235
"To configure <application>Exim4</application>, run the following command:"
17389
19236
msgstr ""
17390
19237
17391
#: serverguide/C/mail.xml:492(command)
19238
#: serverguide/C/mail.xml:510(command)
17392
19239
msgid "sudo dpkg-reconfigure exim4-config"
17393
19240
msgstr "sudo dpkg-reconfigure exim4-config"
17394
19241
17395
#: serverguide/C/mail.xml:494(para)
19242
#: serverguide/C/mail.xml:512(para)
17396
19243
msgid ""
17397
19244
"The user interface will be displayed. The user interface lets you configure "
17398
19245
"many parameters. For example, In <application>Exim4</application> the "
17400
19247
"in one file you can configure accordingly in this user interface."
17401
19248
msgstr ""
17402
19249
17403
#: serverguide/C/mail.xml:502(para)
19250
#: serverguide/C/mail.xml:520(para)
17404
19251
msgid ""
17405
19252
"All the parameters you configure in the user interface are stored in "
17406
19253
"<filename>/etc/exim4/update-exim4.conf.conf</filename> file. If you wish to "
17409
19256
"following command to generate the master configuration file:"
17410
19257
msgstr ""
17411
19258
17412
#: serverguide/C/mail.xml:513(command) serverguide/C/mail.xml:586(command)
19259
#: serverguide/C/mail.xml:531(command) serverguide/C/mail.xml:604(command)
17413
19260
msgid "sudo update-exim4.conf"
17414
19261
msgstr "sudo update-exim4.conf"
17415
19262
17416
#: serverguide/C/mail.xml:515(para)
19263
#: serverguide/C/mail.xml:533(para)
17417
19264
msgid ""
17418
19265
"The master configuration file, is generated and it is stored in "
17419
19266
"<filename>/var/lib/exim4/config.autogenerated</filename>."
17420
19267
msgstr ""
17421
19268
17422
#: serverguide/C/mail.xml:521(para)
19269
#: serverguide/C/mail.xml:539(para)
17423
19270
msgid ""
17424
19271
"At any time, you should not edit the master configuration file, "
17425
19272
"<filename>/var/lib/exim4/config.autogenerated</filename> manually. It is "
17429
19276
"<filename>/var/lib/exim4/config.autogenerated</filename>。它在每次您运行 "
17430
19277
"<command>update-exim4.conf</command> 之后会自动更新。"
17431
19278
17432
#: serverguide/C/mail.xml:529(para)
19279
#: serverguide/C/mail.xml:547(para)
17433
19280
msgid ""
17434
19281
"You can run the following command to start <application>Exim4</application> "
17435
19282
"daemon."
17436
19283
msgstr ""
17437
19284
17438
#: serverguide/C/mail.xml:534(command) serverguide/C/mail.xml:966(command)
19285
#: serverguide/C/mail.xml:552(command) serverguide/C/mail.xml:994(command)
17439
19286
msgid "sudo /etc/init.d/exim4 start"
17440
19287
msgstr "sudo /etc/init.d/exim4 start"
17441
19288
17442
#: serverguide/C/mail.xml:539(para)
19289
#: serverguide/C/mail.xml:557(para)
17443
19290
msgid ""
17444
19291
"This section covers configuring Exim4 to use SMTP-AUTH with TLS and SASL."
17445
19292
msgstr ""
17446
19293
17447
#: serverguide/C/mail.xml:542(para)
19294
#: serverguide/C/mail.xml:560(para)
17448
19295
msgid ""
17449
19296
"The first step is to create a certificate for use with TLS. Enter the "
17450
19297
"following into a terminal prompt:"
17451
19298
msgstr ""
17452
19299
17453
#: serverguide/C/mail.xml:546(command)
19300
#: serverguide/C/mail.xml:564(command)
17454
19301
msgid "sudo /usr/share/doc/exim4-base/examples/exim-gencert"
17455
19302
msgstr "sudo /usr/share/doc/exim4-base/examples/exim-gencert"
17456
19303
17457
#: serverguide/C/mail.xml:548(para)
19304
#: serverguide/C/mail.xml:566(para)
17458
19305
msgid ""
17459
19306
"Now Exim4 needs to be configured for TLS by editing "
17460
19307
"<filename>/etc/exim4/conf.d/main/03_exim4-config_tlsoptions</filename> add "
17461
19308
"the following:"
17462
19309
msgstr ""
17463
19310
17464
#: serverguide/C/mail.xml:552(programlisting)
19311
#: serverguide/C/mail.xml:570(programlisting)
17465
19312
#, no-wrap
17466
19313
msgid ""
17467
19314
"\n"
17470
19317
"\n"
17471
19318
"MAIN_TLS_ENABLE = yes\n"
17472
19319
17473
#: serverguide/C/mail.xml:555(para)
19320
#: serverguide/C/mail.xml:573(para)
17474
19321
msgid ""
17475
19322
"Next you need to configure <application>Exim4</application> to use the "
17476
19323
"<application>saslauthd</application> for authentication. Edit "
17479
19326
"<emphasis>login_saslauthd_server</emphasis> sections:"
17480
19327
msgstr ""
17481
19328
17482
#: serverguide/C/mail.xml:560(programlisting)
19329
#: serverguide/C/mail.xml:578(programlisting)
17483
19330
#, no-wrap
17484
19331
msgid ""
17485
19332
"\n"
17505
19352
" .endif\n"
17506
19353
msgstr ""
17507
19354
17508
#: serverguide/C/mail.xml:582(para)
19355
#: serverguide/C/mail.xml:600(para)
17509
19356
msgid "Finally, update the Exim4 configuration and restart the service:"
17510
19357
msgstr ""
17511
19358
17512
#: serverguide/C/mail.xml:587(command)
19359
#: serverguide/C/mail.xml:605(command)
17513
19360
msgid "sudo /etc/init.d/exim4 restart"
17514
19361
msgstr "sudo /etc/init.d/exim4 restart"
17515
19362
17516
#: serverguide/C/mail.xml:592(para)
19363
#: serverguide/C/mail.xml:610(para)
17517
19364
msgid ""
17518
19365
"This section provides details on configuring the saslauthd to provide "
17519
19366
"authentication for <application>Exim4</application>."
17520
19367
msgstr ""
17521
19368
17522
#: serverguide/C/mail.xml:595(para)
19369
#: serverguide/C/mail.xml:613(para)
17523
19370
msgid ""
17524
19371
"The first step is to install the sasl2-bin package. From a terminal prompt "
17525
19372
"enter the following:"
17526
19373
msgstr ""
17527
19374
17528
#: serverguide/C/mail.xml:599(command)
19375
#: serverguide/C/mail.xml:617(command)
17529
19376
msgid "sudo apt-get install sasl2-bin"
17530
19377
msgstr "sudo apt-get install sasl2-bin"
17531
19378
17532
#: serverguide/C/mail.xml:601(para)
19379
#: serverguide/C/mail.xml:619(para)
17533
19380
msgid ""
17534
19381
"To configure saslauthd edit the /etc/default/saslauthd configuration file "
17535
19382
"and set START=no to:"
17536
19383
msgstr ""
17537
19384
17538
#: serverguide/C/mail.xml:604(programlisting)
19385
#: serverguide/C/mail.xml:622(programlisting)
17539
19386
#, no-wrap
17540
19387
msgid ""
17541
19388
"\n"
17544
19391
"\n"
17545
19392
"START=yes\n"
17546
19393
17547
#: serverguide/C/mail.xml:607(para)
19394
#: serverguide/C/mail.xml:625(para)
17548
19395
msgid ""
17549
19396
"Next the <emphasis>Debian-exim</emphasis> user needs to be part of the "
17550
19397
"<emphasis>sasl</emphasis> group in order for Exim4 to use the saslauthd "
17551
19398
"service:"
17552
19399
msgstr ""
17553
19400
17554
#: serverguide/C/mail.xml:612(command)
19401
#: serverguide/C/mail.xml:630(command)
17555
19402
msgid "sudo adduser Debian-exim sasl"
17556
19403
msgstr "sudo adduser Debian-exim sasl"
17557
19404
17558
#: serverguide/C/mail.xml:614(para)
19405
#: serverguide/C/mail.xml:632(para)
17559
19406
msgid "Now start the <application>saslauthd</application> service:"
17560
19407
msgstr ""
17561
19408
17562
#: serverguide/C/mail.xml:618(command)
19409
#: serverguide/C/mail.xml:636(command)
17563
19410
msgid "sudo /etc/init.d/saslauthd start"
17564
19411
msgstr "sudo /etc/init.d/saslauthd start"
17565
19412
17566
#: serverguide/C/mail.xml:620(para)
19413
#: serverguide/C/mail.xml:638(para)
17567
19414
msgid ""
17568
19415
"<application>Exim4</application> is now configured with SMTP-AUTH using TLS "
17569
19416
"and SASL authentication."
17570
19417
msgstr ""
17571
19418
17572
#: serverguide/C/mail.xml:629(para)
19419
#: serverguide/C/mail.xml:647(para)
17573
19420
msgid ""
17574
19421
"See <ulink url=\"http://www.exim.org/\">exim.org</ulink> for more "
17575
19422
"information."
17576
19423
msgstr ""
17577
19424
17578
#: serverguide/C/mail.xml:634(para)
19425
#: serverguide/C/mail.xml:652(para)
17579
19426
msgid ""
17580
19427
"There is also an <ulink url=\"http://www.uit.co.uk/content/exim-smtp-mail-"
17581
19428
"server\">Exim4 Book</ulink> available."
17582
19429
msgstr ""
17583
19430
17584
#: serverguide/C/mail.xml:643(title)
19431
#: serverguide/C/mail.xml:657(para)
19432
msgid ""
19433
"Another resource is the <ulink "
19434
"url=\"https://help.ubuntu.com/community/Exim4\">Exim4 Ubuntu Wiki </ulink> "
19435
"page."
19436
msgstr ""
19437
19438
#: serverguide/C/mail.xml:666(title)
17585
19439
msgid "Dovecot Server"
17586
19440
msgstr "Dovecot 服务器"
17587
19441
17588
#: serverguide/C/mail.xml:644(para)
19442
#: serverguide/C/mail.xml:667(para)
17589
19443
msgid ""
17590
19444
"<application>Dovecot</application> is a Mail Delivery Agent, written with "
17591
19445
"security primarily in mind. It supports the major mailbox formats: mbox or "
17594
19448
"<application>Dovecot</application> 是一个主要出于安全考虑编写的邮件投递代理。它支持主要收件箱格式:mbox 或 "
17595
19449
"Maidir。这部分说明如何将它设为一个 imap 或 pop3 服务器。"
17596
19450
17597
#: serverguide/C/mail.xml:652(para)
19451
#: serverguide/C/mail.xml:675(para)
17598
19452
msgid ""
17599
19453
"To install <application>dovecot</application>, run the following command in "
17600
19454
"the command prompt:"
17601
19455
msgstr ""
17602
19456
17603
#: serverguide/C/mail.xml:657(command)
19457
#: serverguide/C/mail.xml:680(command)
17604
19458
msgid "sudo apt-get install dovecot-imapd dovecot-pop3d"
17605
19459
msgstr ""
17606
19460
17607
#: serverguide/C/mail.xml:662(para)
19461
#: serverguide/C/mail.xml:685(para)
17608
19462
msgid ""
17609
19463
"To configure <application>dovecot</application>, you can edit the file "
17610
19464
"<filename>/etc/dovecot/dovecot.conf</filename>. You can choose the protocol "
17616
19470
"link>."
17617
19471
msgstr ""
17618
19472
17619
#: serverguide/C/mail.xml:672(para)
19473
#: serverguide/C/mail.xml:695(para)
17620
19474
msgid ""
17621
19475
"IMAPS and POP3S are more secure that the simple IMAP and POP3 because they "
17622
19476
"use SSL encryption to connect. Once you have chosen the protocol, amend the "
17623
19477
"following line in the file <filename>/etc/dovecot/dovecot.conf</filename>:"
17624
19478
msgstr ""
17625
19479
17626
#: serverguide/C/mail.xml:678(programlisting)
19480
#: serverguide/C/mail.xml:701(programlisting)
17627
19481
#, no-wrap
17628
19482
msgid ""
17629
19483
"\n"
17632
19486
"\n"
17633
19487
"protocols = pop3 pop3s imap imaps\n"
17634
19488
17635
#: serverguide/C/mail.xml:681(para)
19489
#: serverguide/C/mail.xml:704(para)
17636
19490
msgid ""
17637
19491
"Next, choose the mailbox you would like to use. "
17638
19492
"<application>Dovecot</application> supports <emphasis "
17643
19497
"site</ulink>."
17644
19498
msgstr ""
17645
19499
17646
#: serverguide/C/mail.xml:689(para)
19500
#: serverguide/C/mail.xml:712(para)
17647
19501
msgid ""
17648
19502
"Once you have chosen your mailbox type, edit the file "
17649
19503
"<filename>/etc/dovecot/dovecot.conf</filename> and change the following line:"
17650
19504
msgstr ""
17651
19505
17652
#: serverguide/C/mail.xml:694(programlisting)
19506
#: serverguide/C/mail.xml:717(programlisting)
17653
19507
#, no-wrap
17654
19508
msgid ""
17655
19509
"\n"
17662
19516
"或\n"
17663
19517
"mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u # (对于 mbox)\n"
17664
19518
17665
#: serverguide/C/mail.xml:700(para)
19519
#: serverguide/C/mail.xml:723(para)
17666
19520
msgid ""
17667
19521
"You should configure your Mail Transport Agent (MTA) to transfer the "
17668
19522
"incoming mail to this type of mailbox if it is different from the one you "
17670
19524
msgstr ""
17671
19525
"您应当配置您的 MTA (Mail Transport Agent,邮件传输助理)来将新邮件传输到这类邮箱中,如果其与您已经配置的不同的话。"
17672
19526
17673
#: serverguide/C/mail.xml:706(para)
19527
#: serverguide/C/mail.xml:729(para)
17674
19528
msgid ""
17675
19529
"Once you have configured dovecot, restart the "
17676
19530
"<application>dovecot</application> daemon in order to test your setup:"
17677
19531
msgstr ""
17678
19532
17679
#: serverguide/C/mail.xml:715(para)
19533
#: serverguide/C/mail.xml:738(para)
17680
19534
msgid ""
17681
19535
"If you have enabled imap, or pop3, you can also try to log in with the "
17682
19536
"commands <command>telnet localhost pop3</command> or <command>telnet "
17684
19538
"installation has been successful:"
17685
19539
msgstr ""
17686
19540
17687
#: serverguide/C/mail.xml:722(programlisting)
19541
#: serverguide/C/mail.xml:745(programlisting)
17688
19542
#, no-wrap
17689
19543
msgid ""
17690
19544
"\n"
17701
19555
"Escape character is '^]'.\n"
17702
19556
"+OK Dovecot ready.\n"
17703
19557
17704
#: serverguide/C/mail.xml:731(title)
19558
#: serverguide/C/mail.xml:754(title)
17705
19559
msgid "Dovecot SSL Configuration"
17706
19560
msgstr "Dovecot SSL 配置"
17707
19561
17708
#: serverguide/C/mail.xml:732(para)
19562
#: serverguide/C/mail.xml:755(para)
17709
19563
msgid ""
17710
19564
"To configure <application>dovecot</application> to use SSL, you can edit the "
17711
19565
"file <filename>/etc/dovecot/dovecot.conf</filename> and amend following "
17712
19566
"lines:"
17713
19567
msgstr ""
17714
19568
17715
#: serverguide/C/mail.xml:737(programlisting)
19569
#: serverguide/C/mail.xml:760(programlisting)
17716
19570
#, no-wrap
17717
19571
msgid ""
17718
19572
"\n"
17727
19581
"ssl_disable = no\n"
17728
19582
"disable_plaintext_auth = no\n"
17729
19583
17730
#: serverguide/C/mail.xml:743(para)
19584
#: serverguide/C/mail.xml:766(para)
17731
19585
msgid ""
17732
19586
"You can get the SSL certificate from a Certificate Issuing Authority or you "
17733
19587
"can create self signed SSL certificate. The latter is a good option for "
17739
19593
"<filename>/etc/dovecot/dovecot.conf</filename> configuration file."
17740
19594
msgstr ""
17741
19595
17742
#: serverguide/C/mail.xml:758(title)
19596
#: serverguide/C/mail.xml:781(title)
17743
19597
msgid "Firewall Configuration for an Email Server"
17744
19598
msgstr "邮件服务器的防火墙配置"
17745
19599
17746
#: serverguide/C/mail.xml:764(para)
19600
#: serverguide/C/mail.xml:787(para)
17747
19601
msgid "IMAP - 143"
17748
19602
msgstr "IMAP - 143"
17749
19603
17750
#: serverguide/C/mail.xml:765(para)
19604
#: serverguide/C/mail.xml:788(para)
17751
19605
msgid "IMAPS - 993"
17752
19606
msgstr "IMAPS - 993"
17753
19607
17754
#: serverguide/C/mail.xml:766(para)
19608
#: serverguide/C/mail.xml:789(para)
17755
19609
msgid "POP3 - 110"
17756
19610
msgstr "POP3 - 110"
17757
19611
17758
#: serverguide/C/mail.xml:767(para)
19612
#: serverguide/C/mail.xml:790(para)
17759
19613
msgid "POP3S - 995"
17760
19614
msgstr "POP3S - 995"
17761
19615
17762
#: serverguide/C/mail.xml:759(para)
19616
#: serverguide/C/mail.xml:782(para)
17763
19617
msgid ""
17764
19618
"To access your mail server from another computer, you must configure your "
17765
19619
"firewall to allow connections to the server on the necessary ports. "
17766
19620
"<placeholder-1/>"
17767
19621
msgstr "要从另一台计算机访问您的邮件服务器,您必须配置您的防火墙以允许连接服务器必要的端口。<placeholder-1/>"
17768
19622
17769
#: serverguide/C/mail.xml:776(para)
19623
#: serverguide/C/mail.xml:799(para)
17770
19624
msgid ""
17771
19625
"See the <ulink url=\"http://www.dovecot.org/\">Dovecot website</ulink> for "
17772
19626
"more information."
17773
19627
msgstr ""
17774
19628
17775
#: serverguide/C/mail.xml:785(title) serverguide/C/mail.xml:862(title) serverguide/C/mail.xml:1085(title)
19629
#: serverguide/C/mail.xml:804(para)
19630
msgid ""
19631
"Also, the <ulink url=\"https://help.ubuntu.com/community/Dovecot\">Dovecot "
19632
"Ubuntu Wiki</ulink> page has more details."
19633
msgstr ""
19634
19635
#: serverguide/C/mail.xml:813(title) serverguide/C/mail.xml:890(title) serverguide/C/mail.xml:1113(title)
17776
19636
msgid "Mailman"
17777
19637
msgstr "Mailman"
17778
19638
17779
#: serverguide/C/mail.xml:786(para)
19639
#: serverguide/C/mail.xml:814(para)
17780
19640
msgid ""
17781
19641
"Mailman is an open source program for managing electronic mail discussions "
17782
19642
"and e-newsletter lists. Many open source mailing lists (including all the "
17788
19648
"url=\"http://lists.ubuntu.com\">Ubuntu 邮件列表</ulink>)使用 Mailman "
17789
19649
"作为他们的邮件列表软件。它是强大的且易于安装和维护。"
17790
19650
17791
#: serverguide/C/mail.xml:796(para)
19651
#: serverguide/C/mail.xml:824(para)
17792
19652
msgid ""
17793
19653
"Mailman provides a web interface for the administrators and users, using an "
17794
19654
"external mail server to send and receive emails. It works perfectly with the "
17795
19655
"following mail servers:"
17796
19656
msgstr ""
17797
19657
17798
#: serverguide/C/mail.xml:807(application)
19658
#: serverguide/C/mail.xml:835(application)
17799
19659
msgid "Exim"
17800
19660
msgstr "Exim"
17801
19661
17802
#: serverguide/C/mail.xml:810(application)
19662
#: serverguide/C/mail.xml:838(application)
17803
19663
msgid "Sendmail"
17804
19664
msgstr "Sendmail"
17805
19665
17806
#: serverguide/C/mail.xml:813(application)
19666
#: serverguide/C/mail.xml:841(application)
17807
19667
msgid "Qmail"
17808
19668
msgstr "Qmail"
17809
19669
17810
#: serverguide/C/mail.xml:818(para)
19670
#: serverguide/C/mail.xml:846(para)
17811
19671
msgid ""
17812
19672
"We will see how to install and configure Mailman with, the Apache web "
17813
19673
"server, and either the Postfix or Exim mail server. If you wish to install "
17814
19674
"Mailman with a different mail server, please refer to the references section."
17815
19675
msgstr ""
17816
19676
17817
#: serverguide/C/mail.xml:825(para)
19677
#: serverguide/C/mail.xml:853(para)
17818
19678
msgid ""
17819
19679
"You only need to install one mail server and "
17820
19680
"<application>Postfix</application> is the default Ubuntu Mail Transfer Agent."
17821
19681
msgstr ""
17822
19682
17823
#: serverguide/C/mail.xml:830(title) serverguide/C/mail.xml:889(title)
19683
#: serverguide/C/mail.xml:858(title) serverguide/C/mail.xml:917(title)
17824
19684
msgid "Apache2"
17825
19685
msgstr "Apache2"
17826
19686
17827
#: serverguide/C/mail.xml:831(para)
19687
#: serverguide/C/mail.xml:859(para)
17828
19688
msgid ""
17829
19689
"To install apache2 you refer to <ulink url=\"./web-servers.xml#http-"
17830
19690
"installation\">HTTPD Installation</ulink> section for details."
17832
19692
"若要安装 apache2,详情请参考 <ulink url=\"./web-servers.xml#http-installation\">HTTPD "
17833
19693
"安装</ulink> 一节。"
17834
19694
17835
#: serverguide/C/mail.xml:839(para)
19695
#: serverguide/C/mail.xml:867(para)
17836
19696
msgid ""
17837
19697
"For instructions on installing and configuring Postfix refer to <xref "
17838
19698
"linkend=\"postfix\"/>"
17839
19699
msgstr ""
17840
19700
17841
#: serverguide/C/mail.xml:845(para)
19701
#: serverguide/C/mail.xml:873(para)
17842
19702
msgid "To install Exim4 refer to <xref linkend=\"exim4\"/>."
17843
19703
msgstr ""
17844
19704
17845
#: serverguide/C/mail.xml:856(application)
19705
#: serverguide/C/mail.xml:884(application)
17846
19706
msgid "dc_use_split_config='true'"
17847
19707
msgstr "dc_use_split_config='true'"
17848
19708
17849
#: serverguide/C/mail.xml:848(para)
19709
#: serverguide/C/mail.xml:876(para)
17850
19710
msgid ""
17851
19711
"Once exim4 is installed, the configuration files are stored in the "
17852
19712
"<filename>/etc/exim4</filename> directory. In Ubuntu, by default, the exim4 "
17855
19715
"<filename>/etc/exim4/update-exim4.conf</filename> file: <placeholder-1/>"
17856
19716
msgstr ""
17857
19717
17858
#: serverguide/C/mail.xml:863(para)
19718
#: serverguide/C/mail.xml:891(para)
17859
19719
msgid ""
17860
19720
"To install <application>Mailman</application>, run following command at a "
17861
19721
"terminal prompt:"
17862
19722
msgstr ""
17863
19723
17864
#: serverguide/C/mail.xml:867(command)
19724
#: serverguide/C/mail.xml:895(command)
17865
19725
msgid "sudo apt-get install mailman"
17866
19726
msgstr "sudo apt-get install mailman"
17867
19727
17868
#: serverguide/C/mail.xml:869(para)
19728
#: serverguide/C/mail.xml:897(para)
17869
19729
msgid ""
17870
19730
"It copies the installation files in "
17871
19731
"<application>/var/lib/mailman</application> directory. It installs the CGI "
17875
19735
"this user."
17876
19736
msgstr ""
17877
19737
17878
#: serverguide/C/mail.xml:881(para)
19738
#: serverguide/C/mail.xml:909(para)
17879
19739
msgid ""
17880
19740
"This section assumes you have successfully installed "
17881
19741
"<application>mailman</application>, <application>apache2</application>, and "
17883
19743
"you just need to configure them."
17884
19744
msgstr ""
17885
19745
17886
#: serverguide/C/mail.xml:890(para)
19746
#: serverguide/C/mail.xml:918(para)
17887
19747
msgid ""
17888
19748
"An example Apache configuration file comes with "
17889
19749
"<application>Mailman</application> and is placed in "
17892
19752
"available</filename>:"
17893
19753
msgstr ""
17894
19754
17895
#: serverguide/C/mail.xml:896(command)
19755
#: serverguide/C/mail.xml:924(command)
17896
19756
msgid ""
17897
19757
"sudo cp /etc/mailman/apache.conf /etc/apache2/sites-available/mailman.conf"
17898
19758
msgstr ""
17899
19759
"sudo cp /etc/mailman/apache.conf /etc/apache2/sites-available/mailman.conf"
17900
19760
17901
#: serverguide/C/mail.xml:898(para)
19761
#: serverguide/C/mail.xml:926(para)
17902
19762
msgid ""
17903
19763
"This will setup a new Apache <emphasis>VirtualHost</emphasis> for the "
17904
19764
"Mailman administration site. Now enable the new configuration and restart "
17905
19765
"Apache:"
17906
19766
msgstr ""
17907
19767
17908
#: serverguide/C/mail.xml:903(command)
19768
#: serverguide/C/mail.xml:931(command)
17909
19769
msgid "sudo a2ensite mailman.conf"
17910
19770
msgstr "sudo a2ensite mailman.conf"
17911
19771
17912
#: serverguide/C/mail.xml:906(para)
19772
#: serverguide/C/mail.xml:934(para)
17913
19773
msgid ""
17914
19774
"Mailman uses apache2 to render its CGI scripts. The mailman CGI scripts are "
17915
19775
"installed in the <application>/usr/lib/cgi-bin/mailman</application> "
17918
19778
"available/mailman.conf</filename> file if you wish to change this behavior."
17919
19779
msgstr ""
17920
19780
17921
#: serverguide/C/mail.xml:917(para)
19781
#: serverguide/C/mail.xml:945(para)
17922
19782
msgid ""
17923
19783
"For <application>Postfix</application> integration, we will associate the "
17924
19784
"domain lists.example.com with the mailing lists. Please replace "
17925
19785
"<emphasis>lists.example.com</emphasis> with the domain of your choosing."
17926
19786
msgstr ""
17927
19787
17928
#: serverguide/C/mail.xml:921(para)
19788
#: serverguide/C/mail.xml:949(para)
17929
19789
msgid ""
17930
19790
"You can use the postconf command to add the necessary configuration to "
17931
19791
"<filename>/etc/postfix/main.cf</filename>:"
17932
19792
msgstr ""
17933
19793
17934
#: serverguide/C/mail.xml:925(command)
19794
#: serverguide/C/mail.xml:953(command)
17935
19795
msgid "sudo postconf -e 'relay_domains = lists.example.com'"
17936
19796
msgstr "sudo postconf -e 'relay_domains = lists.example.com'"
17937
19797
17938
#: serverguide/C/mail.xml:926(command)
19798
#: serverguide/C/mail.xml:954(command)
17939
19799
msgid "sudo postconf -e 'transport_maps = hash:/etc/postfix/transport'"
17940
19800
msgstr "sudo postconf -e 'transport_maps = hash:/etc/postfix/transport'"
17941
19801
17942
#: serverguide/C/mail.xml:927(command)
19802
#: serverguide/C/mail.xml:955(command)
17943
19803
msgid "sudo postconf -e 'mailman_destination_recipient_limit = 1'"
17944
19804
msgstr "sudo postconf -e 'mailman_destination_recipient_limit = 1'"
17945
19805
17946
#: serverguide/C/mail.xml:929(para)
19806
#: serverguide/C/mail.xml:957(para)
17947
19807
msgid ""
17948
19808
"In <filename>/etc/postfix/master.cf</filename> double check that you have "
17949
19809
"the following transport:"
17950
19810
msgstr ""
17951
19811
17952
#: serverguide/C/mail.xml:932(programlisting)
19812
#: serverguide/C/mail.xml:960(programlisting)
17953
19813
#, no-wrap
17954
19814
msgid ""
17955
19815
"\n"
17962
19822
" flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py\n"
17963
19823
" ${nexthop} ${user}\n"
17964
19824
17965
#: serverguide/C/mail.xml:937(para)
19825
#: serverguide/C/mail.xml:965(para)
17966
19826
msgid ""
17967
19827
"It calls the <emphasis>postfix-to-mailman.py</emphasis> script when a mail "
17968
19828
"is delivered to a list."
17969
msgstr ""
19829
msgstr "当有邮件发送到一个列表时,它会调用<emphasis>postfix-to-mailman.py</emphasis>脚本。"
17970
19830
17971
#: serverguide/C/mail.xml:940(para)
19831
#: serverguide/C/mail.xml:968(para)
17972
19832
msgid ""
17973
19833
"Associate the domain lists.example.com to the Mailman transport with the "
17974
19834
"transport map. Edit the file <filename>/etc/postfix/transport</filename>:"
17975
19835
msgstr ""
19836
"用传送图将域名lists.example.com与Mailman传送连接起来。请编辑文件<filename>/etc/postfix/transport<"
19837
"/filename>:"
17976
19838
17977
#: serverguide/C/mail.xml:943(programlisting)
19839
#: serverguide/C/mail.xml:971(programlisting)
17978
19840
#, no-wrap
17979
19841
msgid ""
17980
19842
"\n"
17983
19845
"\n"
17984
19846
"lists.example.com mailman:\n"
17985
19847
17986
#: serverguide/C/mail.xml:946(para)
19848
#: serverguide/C/mail.xml:974(para)
17987
19849
msgid ""
17988
19850
"Now have <application>Postfix</application> build the transport map by "
17989
19851
"entering the following from a terminal prompt:"
17990
msgstr ""
19852
msgstr "然后在终端输入如下命令来用<application>Postfix</application>构建传送图:"
17991
19853
17992
#: serverguide/C/mail.xml:950(command)
19854
#: serverguide/C/mail.xml:978(command)
17993
19855
msgid "sudo postmap -v /etc/postfix/transport"
17994
19856
msgstr "sudo postmap -v /etc/postfix/transport"
17995
19857
17996
#: serverguide/C/mail.xml:952(para)
19858
#: serverguide/C/mail.xml:980(para)
17997
19859
msgid "Then restart Postfix to enable the new configurations:"
17998
msgstr ""
19860
msgstr "然后重启Postfix以启用新的配置:"
17999
19861
18000
#: serverguide/C/mail.xml:961(para)
19862
#: serverguide/C/mail.xml:989(para)
18001
19863
msgid ""
18002
19864
"Once Exim4 is installed, you can start the Exim server using the following "
18003
19865
"command from a terminal prompt:"
18004
msgstr ""
19866
msgstr "当Exim4安装以后,你可以在终端输入如下命令以启动Exim服务器:"
18005
19867
18006
#: serverguide/C/mail.xml:977(para) serverguide/C/mail.xml:992(title)
19868
#: serverguide/C/mail.xml:1005(para) serverguide/C/mail.xml:1020(title)
18007
19869
msgid "Main"
18008
19870
msgstr "主"
18009
19871
18010
#: serverguide/C/mail.xml:980(para) serverguide/C/mail.xml:1032(title)
19872
#: serverguide/C/mail.xml:1008(para) serverguide/C/mail.xml:1060(title)
18011
19873
msgid "Transport"
18012
19874
msgstr "传输"
18013
19875
18014
#: serverguide/C/mail.xml:983(para) serverguide/C/mail.xml:1055(title)
19876
#: serverguide/C/mail.xml:1011(para) serverguide/C/mail.xml:1083(title)
18015
19877
msgid "Router"
18016
19878
msgstr "路由器"
18017
19879
18018
#: serverguide/C/mail.xml:968(para)
19880
#: serverguide/C/mail.xml:996(para)
18019
19881
msgid ""
18020
19882
"In order to make mailman work with Exim4, you need to configure Exim4. As "
18021
19883
"mentioned earlier, by default, Exim4 uses multiple configuration files of "
18026
19888
"these mini configuration files. So, the order of these configuration files "
18027
19889
"is very important."
18028
19890
msgstr ""
19891
"要使mailman能够与Exim4协同工作,你需要配置Exim4。如早前提过的,Exim4默认情况下是使用不同文件类型的多种配置文件。详细内容请查看<ul"
19892
"ink "
19893
"url=\"http://www.exim.org\">Exim</ulink>网站。要运行mailman,我们要向如下配置类型里添加一个新的配置文件:<"
19894
"placeholder-1/> Exim通过搜选这些迷你配置文件来创建一个主配置文件。因此,这些配置文件罗列的顺序是非常重要的。"
18029
19895
18030
#: serverguide/C/mail.xml:999(programlisting)
19896
#: serverguide/C/mail.xml:1027(programlisting)
18031
19897
#, no-wrap
18032
19898
msgid ""
18033
19899
"\n"
18105
19971
"MM_LISTCHK=MM_HOME/lists/${lc::$local_part}/config.pck\n"
18106
19972
"# end\n"
18107
19973
18108
#: serverguide/C/mail.xml:993(para)
19974
#: serverguide/C/mail.xml:1021(para)
18109
19975
msgid ""
18110
19976
"All the configuration files belonging to the main type are stored in the "
18111
19977
"<filename>/etc/exim4/conf.d/main/</filename> directory. You can add the "
18116
19982
"目录中。您可以将下面的内容添加到一个名为 <filename>04_exim4-config_mailman</filename> "
18117
19983
"的新文件中:<placeholder-1/>"
18118
19984
18119
#: serverguide/C/mail.xml:1039(programlisting)
19985
#: serverguide/C/mail.xml:1067(programlisting)
18120
19986
#, no-wrap
18121
19987
msgid ""
18122
19988
"\n"
18147
20013
" user = MM_UID\n"
18148
20014
" group = MM_GID\n"
18149
20015
18150
#: serverguide/C/mail.xml:1033(para)
20016
#: serverguide/C/mail.xml:1061(para)
18151
20017
msgid ""
18152
20018
"All the configuration files belonging to transport type are stored in the "
18153
20019
"<filename>/etc/exim4/conf.d/transport/</filename> directory. You can add the "
18158
20024
"目录中。您可以将下面的内容添加到一个名为 <filename>40_exim4-config_mailman</filename> "
18159
20025
"的新文件中:<placeholder-1/>"
18160
20026
18161
#: serverguide/C/mail.xml:1060(programlisting)
20027
#: serverguide/C/mail.xml:1088(programlisting)
18162
20028
#, no-wrap
18163
20029
msgid ""
18164
20030
"\n"
18181
20047
" -owner : -request : -admin\n"
18182
20048
" transport = mailman_transport\n"
18183
20049
18184
#: serverguide/C/mail.xml:1056(para)
20050
#: serverguide/C/mail.xml:1084(para)
18185
20051
msgid ""
18186
20052
"All the configuration files belonging to router type are stored in the "
18187
20053
"<filename>/etc/exim4/conf.d/router/</filename> directory. You can add the "
18192
20058
"目录中。您可以将下列内容添加到名为 <filename>101_exim4-config_mailman</filename> "
18193
20059
"的新文件中:<placeholder-1/>"
18194
20060
18195
#: serverguide/C/mail.xml:1073(para)
20061
#: serverguide/C/mail.xml:1101(para)
18196
20062
msgid ""
18197
20063
"The order of main and transport configuration files can be in any order. "
18198
20064
"But, the order of router configuration files must be the same. This "
18204
20070
"主类和传输类的配置文件的顺序可以随意。但路由类的配置文件的顺序必须相同。该文件必须在 <application>200_exim4-"
18205
20071
"config_primary</application> 文件之前出现。如果两个配置文件包含相同类型的信息。第一个文件优先。详情请参阅参考部分。"
18206
20072
18207
#: serverguide/C/mail.xml:1086(para)
20073
#: serverguide/C/mail.xml:1114(para)
18208
20074
msgid ""
18209
20075
"Once mailman is installed, you can run it using the following command:"
18210
msgstr ""
20076
msgstr "当mailman安装之后,你可以使用如下命令来运行它:"
18211
20077
18212
#: serverguide/C/mail.xml:1090(command)
20078
#: serverguide/C/mail.xml:1118(command)
18213
20079
msgid "sudo /etc/init.d/mailman start"
18214
20080
msgstr "sudo /etc/init.d/mailman start"
18215
20081
18216
#: serverguide/C/mail.xml:1092(para)
20082
#: serverguide/C/mail.xml:1120(para)
18217
20083
msgid ""
18218
20084
"Once mailman is installed, you should create the default mailing list. Run "
18219
20085
"the following command to create the mailing list:"
18220
msgstr ""
20086
msgstr "当mailman安装以后,你可以创建默认的邮件列表。运行如下命令来创建邮件列表:"
18221
20087
18222
#: serverguide/C/mail.xml:1098(command)
20088
#: serverguide/C/mail.xml:1126(command)
18223
20089
msgid "sudo /usr/sbin/newlist mailman"
18224
20090
msgstr "sudo /usr/sbin/newlist mailman"
18225
20091
18226
#: serverguide/C/mail.xml:1101(programlisting)
20092
#: serverguide/C/mail.xml:1129(programlisting)
18227
20093
#, no-wrap
18228
20094
msgid ""
18229
20095
"\n"
18280
20146
"\n"
18281
20147
" # \n"
18282
20148
18283
#: serverguide/C/mail.xml:1124(para)
20149
#: serverguide/C/mail.xml:1152(para)
18284
20150
msgid ""
18285
20151
"We have configured either Postfix or Exim4 to recognize all emails from "
18286
20152
"mailman. So, it is not mandatory to make any new entries in "
18288
20154
"configuration files, please ensure that you restart those services before "
18289
20155
"continuing to next section."
18290
20156
msgstr ""
20157
"我们已经配置了Postfix或Exim4以查看来自mailman的所有邮件。因此,你不用必须在<filename>/etc/aliases</filena"
20158
"me>里添加新的条目了。如果你对配置文件做过了更改,请确保在进入下一环节之前已重启过这些服务。"
18291
20159
18292
#: serverguide/C/mail.xml:1132(para)
20160
#: serverguide/C/mail.xml:1160(para)
18293
20161
msgid ""
18294
20162
"The Exim4 does not use the above aliases to forward mails to Mailman, as it "
18295
20163
"uses a <emphasis>discover</emphasis> approach. To suppress the aliases while "
18296
20164
"creating the list, you can add <emphasis>MTA=None</emphasis> line in Mailman "
18297
20165
"configuration file, <filename>/etc/mailman/mm_cfg.py</filename>."
18298
20166
msgstr ""
20167
"因为Exim4使用<emphasis>发现</emphasis> "
20168
"机制,所以它不使用以上的别名将邮件转发给Mailman。要在创建列表时禁止别名,你可以将<emphasis>MTA=None</emphasis>添加到M"
20169
"ailman的配置文件<filename>/etc/mailman/mm_cfg.py</filename>中。"
18299
20170
18300
#: serverguide/C/mail.xml:1143(title)
20171
#: serverguide/C/mail.xml:1171(title)
18301
20172
msgid "Administration"
18302
20173
msgstr "管理"
18303
20174
18304
#: serverguide/C/mail.xml:1144(para)
20175
#: serverguide/C/mail.xml:1172(para)
18305
20176
msgid ""
18306
20177
"We assume you have a default installation. The mailman cgi scripts are still "
18307
20178
"in the <application>/usr/lib/cgi-bin/mailman/</application> directory. "
18312
20183
"bin/mailman/</application> 目录中。mailman 提供了一个基于 web "
18313
20184
"的管理工具。若想访问这个页面,请将您的浏览器指向以下 url:"
18314
20185
18315
#: serverguide/C/mail.xml:1152(para)
20186
#: serverguide/C/mail.xml:1180(para)
18316
20187
msgid "http://hostname/cgi-bin/mailman/admin"
18317
20188
msgstr "http://hostname/cgi-bin/mailman/admin"
18318
20189
18319
#: serverguide/C/mail.xml:1156(para)
20190
#: serverguide/C/mail.xml:1184(para)
18320
20191
msgid ""
18321
20192
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
18322
20193
"screen. If you click the mailing list name, it will ask for your "
18330
20201
"会在这个屏幕中出现。如果您点击邮件列表的名称,它会向您询问通行密码。如果您输入了正确的密码,您就可以修改这个邮件列表的管理设定。您可以使用命令行工具来创建"
18331
20202
"新的邮件列表(<command>/usr/sbin/newlist</command>)。或者您也可以使用 web 界面"
18332
20203
18333
#: serverguide/C/mail.xml:1169(title)
20204
#: serverguide/C/mail.xml:1197(title)
18334
20205
msgid "Users"
18335
20206
msgstr "用户"
18336
20207
18337
#: serverguide/C/mail.xml:1170(para)
20208
#: serverguide/C/mail.xml:1198(para)
18338
20209
msgid ""
18339
20210
"Mailman provides a web based interface for users. To access this page, point "
18340
20211
"your browser to the following url:"
18341
20212
msgstr "Mailman 为用户提供了一个 web 界面,可以在您的浏览器中输入下列 url 来访问该页:"
18342
20213
18343
#: serverguide/C/mail.xml:1175(para)
20214
#: serverguide/C/mail.xml:1203(para)
18344
20215
msgid "http://hostname/cgi-bin/mailman/listinfo"
18345
20216
msgstr "http://hostname/cgi-bin/mailman/listinfo"
18346
20217
18347
#: serverguide/C/mail.xml:1179(para)
20218
#: serverguide/C/mail.xml:1207(para)
18348
20219
msgid ""
18349
20220
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
18350
20221
"screen. If you click the mailing list name, it will display the subscription "
18356
20227
"将出现在屏幕上。如果您点击邮件列表名,它将显示订阅表单。您可以输入您的邮件地址、姓名 "
18357
20228
"(可选)及密码来订阅。一个邀请邮件将发送给您。您可以根据该邮件的指示完成订阅。"
18358
20229
18359
#: serverguide/C/mail.xml:1191(ulink)
20230
#: serverguide/C/mail.xml:1219(ulink)
18360
20231
msgid "GNU Mailman - Installation Manual"
18361
20232
msgstr "GNU Mailman - 安装手册"
18362
20233
18363
#: serverguide/C/mail.xml:1195(ulink)
20234
#: serverguide/C/mail.xml:1223(ulink)
18364
20235
msgid "HOWTO - Using Exim 4 and Mailman 2.1 together"
18365
20236
msgstr "指南 - 一起使用 Exim 4 和 Mailman 2.1"
18366
20237
18367
#: serverguide/C/mail.xml:1201(title)
20238
#: serverguide/C/mail.xml:1226(para)
20239
msgid ""
20240
"Also, see the <ulink "
20241
"url=\"https://help.ubuntu.com/community/Mailman\">Mailman Ubuntu "
20242
"Wiki</ulink> page."
20243
msgstr ""
20244
20245
#: serverguide/C/mail.xml:1232(title)
18368
20246
msgid "Mail Filtering"
18369
msgstr ""
20247
msgstr "邮件过滤"
18370
20248
18371
#: serverguide/C/mail.xml:1202(para)
20249
#: serverguide/C/mail.xml:1233(para)
18372
20250
msgid ""
18373
20251
"One of the largest issues with email today is the problem of Unsolicited "
18374
20252
"Bulk Email (UBE). Also known as SPAM, such messages may also carry viruses "
18375
20253
"and other forms of malware. According to some reports these messages make up "
18376
20254
"the bulk of all email traffic on the Internet."
18377
20255
msgstr ""
20256
"当前邮件面临的最大问题是垃圾广告邮件(UBE,即Unsolicited Bulk "
20257
"Email)。也叫做SPAM,此类信息也可能携带病毒或者其它形式的流氓软件。据一些报告显示,此类邮件已占据互联网邮件流量的大部分。"
18378
20258
18379
#: serverguide/C/mail.xml:1207(para)
20259
#: serverguide/C/mail.xml:1238(para)
18380
20260
msgid ""
18381
20261
"This section will cover integrating <application>Amavisd-new</application>, "
18382
20262
"<application>Spamassassin</application>, and "
18388
20268
"intensive applications. Two common filters are <application>dkim-"
18389
20269
"filter</application> and <application>python-policyd-spf</application>."
18390
20270
msgstr ""
20271
"此章节会阐述<application>Amavisd-new</application>, "
20272
"<application>Spamassassin</application>和 <application>ClamAV</application> "
20273
"与<application>Postfix</application> "
20274
"邮件传送代理(MTA)的整合。<application>Postfix</application>也可以将邮件交由外部内容过滤器来检查。这些过滤器可以在不"
20275
"需要使用更占内存的软件情况来判断一个邮件是否为垃圾邮件。两个常见的过滤器<application>dkim-"
20276
"filter</application>和<application>python-policyd-spf</application>。"
18391
20277
18392
#: serverguide/C/mail.xml:1217(para)
20278
#: serverguide/C/mail.xml:1248(para)
18393
20279
msgid ""
18394
20280
"<application>Amavisd-new</application> is a wrapper program that can call "
18395
20281
"any number of content filtering programs for spam detection, antivirus, etc."
18396
20282
msgstr ""
18397
20283
18398
#: serverguide/C/mail.xml:1223(para)
20284
#: serverguide/C/mail.xml:1254(para)
18399
20285
msgid ""
18400
20286
"<application>Spamassassin</application> uses a variety of mechanisms to "
18401
20287
"filter email based on the message content."
18402
20288
msgstr ""
18403
20289
18404
#: serverguide/C/mail.xml:1228(para)
20290
#: serverguide/C/mail.xml:1259(para)
18405
20291
msgid ""
18406
20292
"<application>ClamAV</application> is an open source antivirus application."
18407
20293
msgstr ""
18408
20294
18409
#: serverguide/C/mail.xml:1233(para)
20295
#: serverguide/C/mail.xml:1264(para)
18410
20296
msgid ""
18411
20297
"<application>dkim-filter</application> implements a Sendmail Mail Filter "
18412
20298
"(Milter) for the DomainKeys Identified Mail (DKIM) standard."
18413
20299
msgstr ""
18414
20300
18415
#: serverguide/C/mail.xml:1239(para)
20301
#: serverguide/C/mail.xml:1270(para)
18416
20302
msgid ""
18417
20303
"<application>python-policyd-spf</application> enables Sender Policy "
18418
20304
"Framework (SPF) checking with <application>Postfix</application>."
18419
20305
msgstr ""
18420
20306
18421
#: serverguide/C/mail.xml:1244(para)
20307
#: serverguide/C/mail.xml:1275(para)
18422
20308
msgid "This is how the pieces fit together:"
18423
20309
msgstr ""
18424
20310
18425
#: serverguide/C/mail.xml:1249(para)
20311
#: serverguide/C/mail.xml:1280(para)
18426
20312
msgid "An email message is accepted by <application>Postfix</application>."
18427
20313
msgstr ""
18428
20314
18429
#: serverguide/C/mail.xml:1254(para)
20315
#: serverguide/C/mail.xml:1285(para)
18430
20316
msgid ""
18431
20317
"The message is passed through any external filters <application>dkim-"
18432
20318
"filter</application> and <application>python-policyd-spf</application> in "
18433
20319
"this case."
18434
20320
msgstr ""
18435
20321
18436
#: serverguide/C/mail.xml:1260(para)
20322
#: serverguide/C/mail.xml:1291(para)
18437
20323
msgid "<application>Amavisd-new</application> then processes the message."
18438
20324
msgstr ""
18439
20325
18440
#: serverguide/C/mail.xml:1265(para)
20326
#: serverguide/C/mail.xml:1296(para)
18441
20327
msgid ""
18442
20328
"<application>ClamAV</application> is used to scan the message. If the "
18443
20329
"message contains a virus <application>Postfix</application> will reject the "
18444
20330
"message."
18445
20331
msgstr ""
18446
20332
18447
#: serverguide/C/mail.xml:1271(para)
20333
#: serverguide/C/mail.xml:1302(para)
18448
20334
msgid ""
18449
20335
"Clean messages will then be analyzed by "
18450
20336
"<application>Spamassassin</application> to find out if the message is spam. "
18453
20339
"message."
18454
20340
msgstr ""
18455
20341
18456
#: serverguide/C/mail.xml:1278(para)
20342
#: serverguide/C/mail.xml:1309(para)
18457
20343
msgid ""
18458
20344
"For example, if a message has a Spam score of over fifty the message could "
18459
20345
"be automatically dropped from the queue without the recipient ever having to "
18462
20348
"see fit."
18463
20349
msgstr ""
18464
20350
18465
#: serverguide/C/mail.xml:1285(para)
20351
#: serverguide/C/mail.xml:1316(para)
18466
20352
msgid ""
18467
20353
"See <xref linkend=\"postfix\"/> for instructions on installing and "
18468
20354
"configuring Postfix."
18469
20355
msgstr ""
18470
20356
18471
#: serverguide/C/mail.xml:1288(para)
20357
#: serverguide/C/mail.xml:1319(para)
18472
20358
msgid ""
18473
20359
"To install the rest of the applications enter the following from a terminal "
18474
20360
"prompt:"
18475
20361
msgstr ""
18476
20362
18477
#: serverguide/C/mail.xml:1292(command)
20363
#: serverguide/C/mail.xml:1323(command)
18478
20364
msgid "sudo apt-get install amavisd-new spamassassin clamav-daemon"
18479
20365
msgstr ""
18480
20366
18481
#: serverguide/C/mail.xml:1293(command)
20367
#: serverguide/C/mail.xml:1324(command)
18482
20368
msgid "sudo apt-get install dkim-filter python-policyd-spf"
18483
20369
msgstr ""
18484
20370
18485
#: serverguide/C/mail.xml:1295(para)
20371
#: serverguide/C/mail.xml:1326(para)
18486
20372
msgid ""
18487
20373
"There are some optional packages that integrate with "
18488
20374
"<application>Spamassassin</application> for better spam detection:"
18489
20375
msgstr ""
18490
20376
18491
#: serverguide/C/mail.xml:1299(command)
20377
#: serverguide/C/mail.xml:1330(command)
18492
20378
msgid "sudo apt-get install pyzor razor"
18493
20379
msgstr "sudo apt-get install pyzor razor"
18494
20380
18495
#: serverguide/C/mail.xml:1301(para)
20381
#: serverguide/C/mail.xml:1332(para)
18496
20382
msgid ""
18497
20383
"Along with the main filtering applications compression utilities are needed "
18498
20384
"to process some email attachments:"
18499
20385
msgstr ""
18500
20386
18501
#: serverguide/C/mail.xml:1305(command)
20387
#: serverguide/C/mail.xml:1336(command)
18502
20388
msgid ""
18503
20389
"sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip"
18504
20390
msgstr ""
18505
20391
18506
#: serverguide/C/mail.xml:1310(para)
20392
#: serverguide/C/mail.xml:1339(para)
20393
msgid ""
20394
"If some packages are not found, check that the "
20395
"<emphasis>multiverse</emphasis> repository is enabled in "
20396
"<filename>/etc/apt/sources.list</filename>"
20397
msgstr ""
20398
20399
#: serverguide/C/mail.xml:1340(para)
20400
msgid ""
20401
"If you make changes to the file, be sure to run <command>sudo apt-get "
20402
"update</command> before trying to install again."
20403
msgstr ""
20404
20405
#: serverguide/C/mail.xml:1345(para)
18507
20406
msgid "Now configure everything to work together and filter email."
18508
20407
msgstr ""
18509
20408
18510
#: serverguide/C/mail.xml:1314(title)
20409
#: serverguide/C/mail.xml:1349(title)
18511
20410
msgid "ClamAV"
18512
20411
msgstr "ClamAV"
18513
20412
18514
#: serverguide/C/mail.xml:1315(para)
20413
#: serverguide/C/mail.xml:1350(para)
18515
20414
msgid ""
18516
20415
"The default behaviour of <application>ClamAV</application> will fit our "
18517
20416
"needs. For more ClamAV configuration options, check the configuration files "
18518
20417
"in <filename>/etc/clamav</filename>."
18519
20418
msgstr ""
18520
20419
18521
#: serverguide/C/mail.xml:1320(para)
20420
#: serverguide/C/mail.xml:1355(para)
18522
20421
msgid ""
18523
20422
"Add the <emphasis>clamav</emphasis> user to the <emphasis>amavis</emphasis> "
18524
20423
"group in order for <application>Amavisd-new</application> to have the "
18525
20424
"appropriate access to scan files:"
18526
20425
msgstr ""
18527
20426
18528
#: serverguide/C/mail.xml:1325(command)
20427
#: serverguide/C/mail.xml:1360(command)
18529
20428
msgid "sudo adduser clamav amavis"
18530
20429
msgstr ""
18531
20430
18532
#: serverguide/C/mail.xml:1329(title)
20431
#: serverguide/C/mail.xml:1364(title)
18533
20432
msgid "Spamassassin"
18534
20433
msgstr "Spamassassin"
18535
20434
18536
#: serverguide/C/mail.xml:1330(para)
20435
#: serverguide/C/mail.xml:1365(para)
18537
20436
msgid ""
18538
20437
"Spamassassin automatically detects optional components and will use them if "
18539
20438
"they are present. This means that there is no need to configure "
18540
20439
"<application>pyzor</application> and <application>razor</application>."
18541
20440
msgstr ""
18542
20441
18543
#: serverguide/C/mail.xml:1334(para)
20442
#: serverguide/C/mail.xml:1369(para)
18544
20443
msgid ""
18545
20444
"Edit <filename>/etc/default/spamassassin</filename> to activate the "
18546
20445
"<application>Spamassassin</application> daemon. Change "
18547
20446
"<emphasis>ENABLED=0</emphasis> to:"
18548
20447
msgstr ""
18549
20448
18550
#: serverguide/C/mail.xml:1338(programlisting)
20449
#: serverguide/C/mail.xml:1373(programlisting)
18551
20450
#, no-wrap
18552
20451
msgid ""
18553
20452
"\n"
18556
20455
"\n"
18557
20456
"ENABLED=1\n"
18558
20457
18559
#: serverguide/C/mail.xml:1341(para)
20458
#: serverguide/C/mail.xml:1376(para)
18560
20459
msgid "Now start the daemon:"
18561
20460
msgstr "现在启动守护进程:"
18562
20461
18563
#: serverguide/C/mail.xml:1345(command)
20462
#: serverguide/C/mail.xml:1380(command)
18564
20463
msgid "sudo /etc/init.d/spamassassin start"
18565
20464
msgstr "sudo /etc/init.d/spamassassin start"
18566
20465
18567
#: serverguide/C/mail.xml:1349(title)
20466
#: serverguide/C/mail.xml:1384(title)
18568
20467
msgid "Amavisd-new"
18569
20468
msgstr ""
18570
20469
18571
#: serverguide/C/mail.xml:1350(para)
20470
#: serverguide/C/mail.xml:1385(para)
18572
20471
msgid ""
18573
20472
"First activate spam and antivirus detection in <application>Amavisd-"
18574
20473
"new</application> by editing <filename>/etc/amavis/conf.d/15-"
18575
20474
"content_filter_mode</filename>:"
18576
20475
msgstr ""
18577
20476
18578
#: serverguide/C/mail.xml:1354(programlisting)
20477
#: serverguide/C/mail.xml:1389(programlisting)
18579
20478
#, no-wrap
18580
20479
msgid ""
18581
20480
"\n"
18606
20505
"1; # insure a defined return\n"
18607
20506
msgstr ""
18608
20507
18609
#: serverguide/C/mail.xml:1379(para)
20508
#: serverguide/C/mail.xml:1414(para)
18610
20509
msgid ""
18611
20510
"Bouncing spam can be a bad idea as the return address is often faked. "
18612
20511
"Consider editing <filename>/etc/amavis/conf.d/20-debian_defaults</filename> "
18614
20513
"D_BOUNCE, as follows:"
18615
20514
msgstr ""
18616
20515
18617
#: serverguide/C/mail.xml:1385(programlisting)
20516
#: serverguide/C/mail.xml:1420(programlisting)
18618
20517
#, no-wrap
18619
20518
msgid ""
18620
20519
"\n"
18623
20522
"\n"
18624
20523
"$final_spam_destiny = D_DISCARD;\n"
18625
20524
18626
#: serverguide/C/mail.xml:1389(para)
20525
#: serverguide/C/mail.xml:1424(para)
18627
20526
msgid ""
18628
20527
"Additionally, you may want to adjust the following options to flag more "
18629
20528
"messages as spam:"
18630
20529
msgstr ""
18631
20530
18632
#: serverguide/C/mail.xml:1393(programlisting)
20531
#: serverguide/C/mail.xml:1428(programlisting)
18633
20532
#, no-wrap
18634
20533
msgid ""
18635
20534
"\n"
18640
20539
"$sa_dsn_cutoff_level = 4; # spam level beyond which a DSN is not sent\n"
18641
20540
msgstr ""
18642
20541
18643
#: serverguide/C/mail.xml:1400(para)
20542
#: serverguide/C/mail.xml:1435(para)
18644
20543
msgid ""
18645
20544
"If the server's <emphasis>hostname</emphasis> is different from the domain's "
18646
20545
"MX record you may need to manually set the <emphasis>$myhostname</emphasis> "
18649
20548
"Edit the <filename>/etc/amavis/conf.d/50-user</filename> file:"
18650
20549
msgstr ""
18651
20550
18652
#: serverguide/C/mail.xml:1407(programlisting)
20551
#: serverguide/C/mail.xml:1442(programlisting)
18653
20552
#, no-wrap
18654
20553
msgid ""
18655
20554
"\n"
18657
20556
"@local_domains_acl = ( \"example.com\", \"example.org\" );\n"
18658
20557
msgstr ""
18659
20558
18660
#: serverguide/C/mail.xml:1412(para)
20559
#: serverguide/C/mail.xml:1447(para)
18661
20560
msgid ""
18662
20561
"After configuration <application>Amavisd-new</application> needs to be "
18663
20562
"restarted:"
18664
20563
msgstr ""
18665
20564
18666
#: serverguide/C/mail.xml:1416(command) serverguide/C/mail.xml:1462(command)
20565
#: serverguide/C/mail.xml:1451(command) serverguide/C/mail.xml:1497(command)
18667
20566
msgid "sudo /etc/init.d/amavis restart"
18668
20567
msgstr "sudo /etc/init.d/amavis restart"
18669
20568
18670
#: serverguide/C/mail.xml:1419(title)
20569
#: serverguide/C/mail.xml:1454(title)
18671
20570
msgid "DKIM Whitelist"
18672
20571
msgstr ""
18673
20572
18674
#: serverguide/C/mail.xml:1421(para)
20573
#: serverguide/C/mail.xml:1456(para)
18675
20574
msgid ""
18676
20575
"<application>Amavisd-new</application> can be configured to automatically "
18677
20576
"<emphasis>Whitelist</emphasis> addresses from domains with valid Domain "
18679
20578
"<filename>/etc/amavis/conf.d/40-policy_banks</filename>."
18680
20579
msgstr ""
18681
20580
18682
#: serverguide/C/mail.xml:1427(para)
20581
#: serverguide/C/mail.xml:1462(para)
18683
20582
msgid "There are multiple ways to configure the Whitelist for a domain:"
18684
20583
msgstr ""
18685
20584
18686
#: serverguide/C/mail.xml:1433(para)
20585
#: serverguide/C/mail.xml:1468(para)
18687
20586
msgid ""
18688
20587
"<emphasis>'example.com' => 'WHITELIST',</emphasis>: will whitelist any "
18689
20588
"address from the \"example.com\" domain."
18690
20589
msgstr ""
18691
20590
18692
#: serverguide/C/mail.xml:1438(para)
20591
#: serverguide/C/mail.xml:1473(para)
18693
20592
msgid ""
18694
20593
"<emphasis>'.example.com' => 'WHITELIST',</emphasis>: will whitelist any "
18695
20594
"address from any <emphasis>subdomains</emphasis> of \"example.com\" that "
18696
20595
"have a valid signature."
18697
20596
msgstr ""
18698
20597
18699
#: serverguide/C/mail.xml:1444(para)
20598
#: serverguide/C/mail.xml:1479(para)
18700
20599
msgid ""
18701
20600
"<emphasis>'.example.com/@example.com' => 'WHITELIST',</emphasis>: will "
18702
20601
"whitelist subdomains of \"example.com\" that use the signature of <emphasis "
18703
20602
"role=\"italic\">example.com</emphasis> the parent domain."
18704
20603
msgstr ""
18705
20604
18706
#: serverguide/C/mail.xml:1450(para)
20605
#: serverguide/C/mail.xml:1485(para)
18707
20606
msgid ""
18708
20607
"<emphasis>'./@example.com' => 'WHITELIST',</emphasis>: adds addresses "
18709
20608
"that have a valid signature from \"example.com\". This is usually used for "
18710
20609
"discussion groups that sign thier messages."
18711
20610
msgstr ""
18712
20611
18713
#: serverguide/C/mail.xml:1457(para)
20612
#: serverguide/C/mail.xml:1492(para)
18714
20613
msgid ""
18715
20614
"A domain can also have multiple Whitelist configurations. After, editing the "
18716
20615
"file restart <application>amaisd-new</application>:"
18717
20616
msgstr ""
18718
20617
18719
#: serverguide/C/mail.xml:1466(para)
20618
#: serverguide/C/mail.xml:1501(para)
18720
20619
msgid ""
18721
20620
"In this context, once a domain has been added to the Whitelist the message "
18722
20621
"will not receive any anti-virus or spam filtering. This may or may not be "
18723
20622
"the intended behavior you wish for a domain."
18724
20623
msgstr ""
18725
20624
18726
#: serverguide/C/mail.xml:1476(para)
20625
#: serverguide/C/mail.xml:1511(para)
18727
20626
msgid ""
18728
20627
"For <application>Postfix</application> integration, enter the following from "
18729
20628
"a terminal prompt:"
18730
20629
msgstr ""
18731
20630
18732
#: serverguide/C/mail.xml:1480(command)
20631
#: serverguide/C/mail.xml:1515(command)
18733
20632
msgid "sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'"
18734
20633
msgstr "sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'"
18735
20634
18736
#: serverguide/C/mail.xml:1482(para)
20635
#: serverguide/C/mail.xml:1517(para)
18737
20636
msgid ""
18738
20637
"Next edit <filename>/etc/postfix/master.cf</filename> and add the following "
18739
20638
"to the end of the file:"
18740
20639
msgstr ""
18741
20640
18742
#: serverguide/C/mail.xml:1485(programlisting)
20641
#: serverguide/C/mail.xml:1520(programlisting)
18743
20642
#, no-wrap
18744
20643
msgid ""
18745
20644
"\n"
18771
20670
"receive_override_options=no_header_body_checks,no_unknown_recipient_checks\n"
18772
20671
msgstr ""
18773
20672
18774
#: serverguide/C/mail.xml:1512(para)
20673
#: serverguide/C/mail.xml:1547(para)
18775
20674
msgid ""
18776
20675
"Also add the following two lines immediately below the "
18777
20676
"<emphasis>\"pickup\"</emphasis> transport service:"
18778
20677
msgstr ""
18779
20678
18780
#: serverguide/C/mail.xml:1515(programlisting)
20679
#: serverguide/C/mail.xml:1550(programlisting)
18781
20680
#, no-wrap
18782
20681
msgid ""
18783
20682
"\n"
18788
20687
" -o content_filter=\n"
18789
20688
" -o receive_override_options=no_header_body_checks\n"
18790
20689
18791
#: serverguide/C/mail.xml:1519(para)
20690
#: serverguide/C/mail.xml:1554(para)
18792
20691
msgid ""
18793
20692
"This will prevent messages that are generated to report on spam from being "
18794
20693
"classified as spam."
18795
20694
msgstr ""
18796
20695
18797
#: serverguide/C/mail.xml:1522(para)
20696
#: serverguide/C/mail.xml:1557(para)
18798
20697
msgid "Now restart <application>Postfix</application>:"
18799
20698
msgstr "现在重启 <application>Postfix</application>:"
18800
20699
18801
#: serverguide/C/mail.xml:1528(para)
20700
#: serverguide/C/mail.xml:1563(para)
18802
20701
msgid "Content filtering with spam and virus detection is now enabled."
18803
20702
msgstr ""
18804
20703
18805
#: serverguide/C/mail.xml:1535(para)
20704
#: serverguide/C/mail.xml:1570(para)
18806
20705
msgid ""
18807
20706
"First, test that the <application>Amavisd-new</application> SMTP is "
18808
20707
"listening:"
18809
20708
msgstr ""
18810
20709
18811
#: serverguide/C/mail.xml:1538(programlisting)
20710
#: serverguide/C/mail.xml:1573(programlisting)
18812
20711
#, no-wrap
18813
20712
msgid ""
18814
20713
"\n"
18820
20719
"^]\n"
18821
20720
msgstr ""
18822
20721
18823
#: serverguide/C/mail.xml:1546(para)
20722
#: serverguide/C/mail.xml:1581(para)
18824
20723
msgid ""
18825
20724
"In the Header of messages that go through the content filter you should see:"
18826
20725
msgstr ""
18827
20726
18828
#: serverguide/C/mail.xml:1549(programlisting)
20727
#: serverguide/C/mail.xml:1584(programlisting)
18829
20728
#, no-wrap
18830
20729
msgid ""
18831
20730
"\n"
18842
20741
"BAYES_00\n"
18843
20742
"X-Spam-Level: \n"
18844
20743
18845
#: serverguide/C/mail.xml:1556(para)
20744
#: serverguide/C/mail.xml:1591(para)
18846
20745
msgid ""
18847
20746
"Your output will vary, but the important thing is that there are <emphasis>X-"
18848
20747
"Virus-Scanned</emphasis> and <emphasis>X-Spam-Status</emphasis> entries."
18849
20748
msgstr ""
18850
20749
18851
#: serverguide/C/mail.xml:1564(para)
20750
#: serverguide/C/mail.xml:1599(para)
18852
20751
msgid ""
18853
20752
"The best way to figure out why something is going wrong is to check the log "
18854
20753
"files."
18855
20754
msgstr ""
18856
20755
18857
#: serverguide/C/mail.xml:1569(para)
20756
#: serverguide/C/mail.xml:1604(para)
18858
20757
msgid ""
18859
20758
"For instructions on <application>Postfix</application> logging see the <xref "
18860
20759
"linkend=\"postfix-troubleshooting\"/> section."
18861
20760
msgstr ""
18862
20761
18863
#: serverguide/C/mail.xml:1575(para)
20762
#: serverguide/C/mail.xml:1610(para)
18864
20763
msgid ""
18865
20764
"<application>Amavisd-new</application> uses "
18866
20765
"<application>Syslog</application> to send messages to "
18870
20769
"1 to 5."
18871
20770
msgstr ""
18872
20771
18873
#: serverguide/C/mail.xml:1580(programlisting)
20772
#: serverguide/C/mail.xml:1615(programlisting)
18874
20773
#, no-wrap
18875
20774
msgid ""
18876
20775
"\n"
18879
20778
"\n"
18880
20779
"$log_level = 2;\n"
18881
20780
18882
#: serverguide/C/mail.xml:1584(para)
20781
#: serverguide/C/mail.xml:1619(para)
18883
20782
msgid ""
18884
20783
"When the <application>Amavisd-new</application> log output is increased "
18885
20784
"<application>Spamassassin</application> log output is also increased."
18886
20785
msgstr ""
18887
20786
18888
#: serverguide/C/mail.xml:1591(para)
20787
#: serverguide/C/mail.xml:1626(para)
18889
20788
msgid ""
18890
20789
"The <application>ClamAV</application> log level can be increased by editing "
18891
20790
"<filename>/etc/clamav/clamd.conf</filename> and setting the following option:"
18892
20791
msgstr ""
18893
20792
18894
#: serverguide/C/mail.xml:1595(programlisting)
20793
#: serverguide/C/mail.xml:1630(programlisting)
18895
20794
#, no-wrap
18896
20795
msgid ""
18897
20796
"\n"
18898
20797
"LogVerbose true\n"
18899
20798
msgstr ""
18900
20799
18901
#: serverguide/C/mail.xml:1598(para)
20800
#: serverguide/C/mail.xml:1633(para)
18902
20801
msgid ""
18903
20802
"By default <application>ClamAV</application> will send log messages to "
18904
20803
"<filename>/var/log/clamav/clamav.log</filename>."
18905
20804
msgstr ""
18906
20805
18907
#: serverguide/C/mail.xml:1604(para)
20806
#: serverguide/C/mail.xml:1639(para)
18908
20807
msgid ""
18909
20808
"After changing an applications log settings remember to restart the service "
18910
20809
"for the new settings to take affect. Also, once the issue you are "
18912
20811
"back to normal."
18913
20812
msgstr ""
18914
20813
18915
#: serverguide/C/mail.xml:1612(para)
20814
#: serverguide/C/mail.xml:1647(para)
18916
20815
msgid "For more information on filtering mail see the following links:"
18917
20816
msgstr ""
18918
20817
18919
#: serverguide/C/mail.xml:1618(ulink)
20818
#: serverguide/C/mail.xml:1653(ulink)
18920
20819
msgid "Amavisd-new Documentation"
18921
20820
msgstr ""
18922
20821
18923
#: serverguide/C/mail.xml:1622(para)
20822
#: serverguide/C/mail.xml:1657(para)
18924
20823
msgid ""
18925
20824
"<ulink url=\"http://www.clamav.org/doc/latest/html/\">ClamAV "
18926
20825
"Documentation</ulink> and <ulink "
18927
20826
"url=\"http://wiki.clamav.net/Main/WebHome\">ClamAV Wiki</ulink>"
18928
20827
msgstr ""
18929
20828
18930
#: serverguide/C/mail.xml:1629(ulink)
20829
#: serverguide/C/mail.xml:1664(ulink)
18931
20830
msgid "Spamassassin Wiki"
18932
20831
msgstr "Spamassassin 维基"
18933
20832
18934
#: serverguide/C/mail.xml:1634(ulink)
20833
#: serverguide/C/mail.xml:1669(ulink)
18935
20834
msgid "Pyzor Homepage"
18936
20835
msgstr "Pyzor 主页"
18937
20836
18938
#: serverguide/C/mail.xml:1639(ulink)
20837
#: serverguide/C/mail.xml:1674(ulink)
18939
20838
msgid "Razor Homepage"
18940
20839
msgstr "Razor 主页"
18941
20840
18942
#: serverguide/C/mail.xml:1644(ulink)
20841
#: serverguide/C/mail.xml:1679(ulink)
18943
20842
msgid "DKIM.org"
18944
20843
msgstr ""
18945
20844
18946
#: serverguide/C/mail.xml:1648(para)
20845
#: serverguide/C/mail.xml:1684(ulink)
20846
msgid "Postfix Amavis New"
20847
msgstr ""
20848
20849
#: serverguide/C/mail.xml:1688(para)
18947
20850
msgid ""
18948
20851
"Also, feel free to ask questions in the <emphasis>#ubuntu-server</emphasis> "
18949
20852
"IRC channel on <ulink url=\"http://freenode.net\">freenode</ulink>."
19269
21172
"Wiki</ulink>."
19270
21173
msgstr ""
19271
21174
19272
#: serverguide/C/lamp-applications.xml:272(title)
21175
#: serverguide/C/lamp-applications.xml:268(para)
21176
msgid ""
21177
"Also, see the <ulink "
21178
"url=\"https://help.ubuntu.com/community/MoinMoin\">Ubuntu Wiki "
21179
"MoinMoin</ulink> page."
21180
msgstr ""
21181
21182
#: serverguide/C/lamp-applications.xml:277(title)
19273
21183
msgid "MediaWiki"
19274
21184
msgstr "MediaWiki"
19275
21185
19276
#: serverguide/C/lamp-applications.xml:274(para)
21186
#: serverguide/C/lamp-applications.xml:279(para)
19277
21187
msgid ""
19278
21188
"MediaWiki is an web based Wiki software written in the PHP language. It can "
19279
21189
"either use <application>MySQL</application> or "
19283
21193
"或<application>PostgreSQL</application>数据库管理系统(Database Management "
19284
21194
"System即DMS)。"
19285
21195
19286
#: serverguide/C/lamp-applications.xml:284(para)
21196
#: serverguide/C/lamp-applications.xml:289(para)
19287
21197
msgid ""
19288
21198
"Before installing <application>MediaWiki</application> you should also "
19289
21199
"install <application>Apache2</application>, the "
19298
21208
"脚本语言和一个数据库管理系统。 <application>MySQL</application> 和 "
19299
21209
"<application>PostgreSQL</application> 最为常用,根据您的需要选择一个,其安装步骤请查阅本手册相关章节。"
19300
21210
19301
#: serverguide/C/lamp-applications.xml:292(para)
21211
#: serverguide/C/lamp-applications.xml:297(para)
19302
21212
msgid ""
19303
21213
"To install <application>MediaWiki</application>, run the following command "
19304
21214
"in the command prompt:"
19305
21215
msgstr "若想安装 <application>MediaWiki</application>,请在命令行提示中运行如下命令:"
19306
21216
19307
#: serverguide/C/lamp-applications.xml:298(command)
21217
#: serverguide/C/lamp-applications.xml:303(command)
19308
21218
msgid "sudo apt-get install mediawiki php5-gd"
19309
21219
msgstr "sudo apt-get install mediawiki php5-gd"
19310
21220
19311
#: serverguide/C/lamp-applications.xml:301(para)
21221
#: serverguide/C/lamp-applications.xml:306(para)
19312
21222
msgid ""
19313
21223
"For additional <application>MediaWiki</application> functionality see the "
19314
21224
"<application>mediawiki-extensions</application> package."
19315
21225
msgstr ""
19316
21226
19317
#: serverguide/C/lamp-applications.xml:311(para)
21227
#: serverguide/C/lamp-applications.xml:316(para)
19318
21228
msgid ""
19319
21229
"The Apache configuration file <filename>mediawiki.conf</filename> for "
19320
21230
"MediaWiki is installed in <filename>/etc/apache2/conf.d/</filename> "
19322
21232
"MediaWiki application."
19323
21233
msgstr ""
19324
21234
19325
#: serverguide/C/lamp-applications.xml:319(screen)
21235
#: serverguide/C/lamp-applications.xml:324(screen)
19326
21236
#, no-wrap
19327
21237
msgid ""
19328
21238
"\n"
19329
21239
"# Alias /mediawiki /var/lib/mediawiki\n"
19330
21240
msgstr ""
19331
21241
19332
#: serverguide/C/lamp-applications.xml:323(para)
21242
#: serverguide/C/lamp-applications.xml:328(para)
19333
21243
msgid ""
19334
21244
"After you uncomment the above line, restart Apache server and access "
19335
21245
"MediaWiki using the following url:"
19336
21246
msgstr ""
19337
21247
19338
#: serverguide/C/lamp-applications.xml:328(programlisting)
21248
#: serverguide/C/lamp-applications.xml:333(programlisting)
19339
21249
#, no-wrap
19340
21250
msgid ""
19341
21251
"\n"
19344
21254
"\n"
19345
21255
"http://localhost/mediawiki/config/index.php\n"
19346
21256
19347
#: serverguide/C/lamp-applications.xml:333(para)
21257
#: serverguide/C/lamp-applications.xml:338(para)
19348
21258
msgid ""
19349
21259
"Please read the <quote>Checking environment...</quote> section in this page. "
19350
21260
"You should be able to fix many issues by carefully reading this section."
19351
21261
msgstr "请阅读本页中的 <quote>检查环境...</quote> 部分。通过仔细阅读这部分您应当能够解决许多问题。"
19352
21262
19353
#: serverguide/C/lamp-applications.xml:340(para)
21263
#: serverguide/C/lamp-applications.xml:345(para)
19354
21264
msgid ""
19355
21265
"Once the configuration is complete, you should copy the "
19356
"<filename>/var/lib/mediawiki/LocalSettings.php</filename> file to "
19357
"<filename>/etc/mediawiki</filename> directory."
19358
msgstr ""
19359
19360
#: serverguide/C/lamp-applications.xml:348(title)
21266
"<filename>LocalSettings.php</filename> file to "
21267
"<filename>/etc/mediawiki</filename> directory:"
21268
msgstr ""
21269
21270
#: serverguide/C/lamp-applications.xml:352(command)
21271
msgid "sudo mv /var/lib/mediawiki/config/LocalSettings.php /etc/mediawiki/"
21272
msgstr ""
21273
21274
#: serverguide/C/lamp-applications.xml:355(para)
21275
msgid ""
21276
"You may also want to edit "
21277
"<filename>/etc/mediawiki/LocalSettings.php</filename> adjusting:"
21278
msgstr ""
21279
21280
#: serverguide/C/lamp-applications.xml:360(programlisting)
21281
#, no-wrap
21282
msgid ""
21283
"\n"
21284
"ini_set( 'memory_limit', '64M' );\n"
21285
msgstr ""
21286
21287
#: serverguide/C/lamp-applications.xml:367(title)
19361
21288
msgid "Extensions"
19362
21289
msgstr ""
19363
21290
19364
#: serverguide/C/lamp-applications.xml:349(para)
21291
#: serverguide/C/lamp-applications.xml:368(para)
19365
21292
msgid ""
19366
21293
"The extensions add new features and enhancements for the MediaWiki "
19367
21294
"application. The extensions give wiki administrators and end users the "
19368
21295
"ability to customize MediaWiki to their requirements."
19369
21296
msgstr ""
19370
21297
19371
#: serverguide/C/lamp-applications.xml:355(para)
21298
#: serverguide/C/lamp-applications.xml:374(para)
19372
21299
msgid ""
19373
21300
"You can download MediaWiki extensions as an archive file or checkout from "
19374
21301
"the Subversion repository. You should copy it to "
19377
21304
"<filename>/etc/mediawiki/LocalSettings.php</filename>."
19378
21305
msgstr ""
19379
21306
19380
#: serverguide/C/lamp-applications.xml:363(programlisting)
21307
#: serverguide/C/lamp-applications.xml:382(programlisting)
19381
21308
#, no-wrap
19382
21309
msgid ""
19383
21310
"\n"
19384
21311
"require_once \"$IP/extensions/ExtentionName/ExtentionName.php\";\n"
19385
21312
msgstr ""
19386
21313
19387
#: serverguide/C/lamp-applications.xml:373(para)
21314
#: serverguide/C/lamp-applications.xml:392(para)
19388
21315
msgid ""
19389
21316
"For more details, please refer to the <ulink "
19390
21317
"url=\"http://www.mediawiki.org\">MediaWiki</ulink> web site."
19391
21318
msgstr "详情请参阅 <ulink url=\"http://www.mediawiki.org\">MediaWiki</ulink> 网站。"
19392
21319
19393
#: serverguide/C/lamp-applications.xml:379(para)
21320
#: serverguide/C/lamp-applications.xml:398(para)
19394
21321
msgid ""
19395
21322
"The <ulink url=\"http://www.packtpub.com/Mediawiki/book\">MediaWiki "
19396
21323
"Administrators’ Tutorial Guide</ulink> contains a wealth of information for "
19397
21324
"new MediaWiki administrators."
19398
21325
msgstr ""
19399
21326
19400
#: serverguide/C/lamp-applications.xml:389(title)
21327
#: serverguide/C/lamp-applications.xml:404(para)
21328
msgid ""
21329
"Also, the <ulink url=\"https://help.ubuntu.com/community/MediaWiki\">Ubuntu "
21330
"Wiki MediaWiki</ulink> page is a good resource."
21331
msgstr ""
21332
21333
#: serverguide/C/lamp-applications.xml:414(title)
19401
21334
msgid "phpMyAdmin"
19402
21335
msgstr ""
19403
21336
19404
#: serverguide/C/lamp-applications.xml:391(para)
21337
#: serverguide/C/lamp-applications.xml:416(para)
19405
21338
msgid ""
19406
21339
"<application>phpMyAdmin</application> is a LAMP application specifically "
19407
21340
"written for administering <application>MySQL</application> servers. Written "
19409
21342
"phpMyAdmin provides a graphical interface for database administration tasks."
19410
21343
msgstr ""
19411
21344
19412
#: serverguide/C/lamp-applications.xml:400(para)
21345
#: serverguide/C/lamp-applications.xml:425(para)
19413
21346
msgid ""
19414
21347
"Before installing <application>phpMyAdmin</application> you will need access "
19415
21348
"to a <application>MySQL</application> database either on the same host as "
19418
21351
"enter:"
19419
21352
msgstr ""
19420
21353
19421
#: serverguide/C/lamp-applications.xml:407(command)
21354
#: serverguide/C/lamp-applications.xml:432(command)
19422
21355
msgid "sudo apt-get install phpmyadmin"
19423
21356
msgstr ""
19424
21357
19425
#: serverguide/C/lamp-applications.xml:410(para)
21358
#: serverguide/C/lamp-applications.xml:435(para)
19426
21359
msgid ""
19427
21360
"At the prompt choose which web server to be configured for "
19428
21361
"<application>phpMyAdmin</application>. The rest of this section will use "
19429
21362
"<application>Apache2</application> for the web server."
19430
21363
msgstr ""
19431
21364
19432
#: serverguide/C/lamp-applications.xml:415(para)
21365
#: serverguide/C/lamp-applications.xml:440(para)
19433
21366
msgid ""
19434
21367
"In a browser go to <emphasis>http://servername/phpmyadmin</emphasis>, "
19435
21368
"replacing <emphasis role=\"italic\">serveranme</emphasis> with the server's "
19439
21372
"password."
19440
21373
msgstr ""
19441
21374
19442
#: serverguide/C/lamp-applications.xml:422(para)
21375
#: serverguide/C/lamp-applications.xml:447(para)
19443
21376
msgid ""
19444
21377
"Once logged in you can reset the <emphasis>root</emphasis> password if "
19445
21378
"needed, create users, create/destroy databases and tables, etc."
19446
21379
msgstr ""
19447
21380
19448
#: serverguide/C/lamp-applications.xml:430(para)
21381
#: serverguide/C/lamp-applications.xml:455(para)
19449
21382
msgid ""
19450
21383
"The configuration files for <application>phpMyAdmin</application> are "
19451
21384
"located in <filename>/etc/phpmyadmin</filename>. The main configuration file "
19454
21387
"<application>phpMyAdmin</application>."
19455
21388
msgstr ""
19456
21389
19457
#: serverguide/C/lamp-applications.xml:436(para)
21390
#: serverguide/C/lamp-applications.xml:461(para)
19458
21391
msgid ""
19459
21392
"To use <application>phpMyAdmin</application> to administer a MySQL database "
19460
21393
"hosted on another server, adjust the following in "
19461
21394
"<filename>/etc/phpmyadmin/config.inc.php</filename>:"
19462
21395
msgstr ""
19463
21396
19464
#: serverguide/C/lamp-applications.xml:441(programlisting)
21397
#: serverguide/C/lamp-applications.xml:466(programlisting)
19465
21398
#, no-wrap
19466
21399
msgid ""
19467
21400
"\n"
19468
21401
"$cfg['Servers'][$i]['host'] = 'db_server';\n"
19469
21402
msgstr ""
19470
21403
19471
#: serverguide/C/lamp-applications.xml:446(para)
21404
#: serverguide/C/lamp-applications.xml:471(para)
19472
21405
msgid ""
19473
21406
"Replace <emphasis role=\"italic\">db_server</emphasis> with the actual "
19474
21407
"remote database server name or IP address. Also, be sure that the "
19476
21409
"remote database."
19477
21410
msgstr ""
19478
21411
19479
#: serverguide/C/lamp-applications.xml:452(para)
21412
#: serverguide/C/lamp-applications.xml:477(para)
19480
21413
msgid ""
19481
21414
"Once configured, log out of <application>phpMyAdmin</application> and back "
19482
21415
"in, and you should be accessing the new server."
19483
21416
msgstr ""
19484
21417
19485
#: serverguide/C/lamp-applications.xml:456(para)
21418
#: serverguide/C/lamp-applications.xml:481(para)
19486
21419
msgid ""
19487
21420
"The <filename>config.header.inc.php</filename> and "
19488
21421
"<filename>config.footer.inc.php</filename> files are used to add a HTML "
19489
21422
"header and footer to <application>phpMyAdmin</application>."
19490
21423
msgstr ""
19491
21424
19492
#: serverguide/C/lamp-applications.xml:461(para)
21425
#: serverguide/C/lamp-applications.xml:486(para)
19493
21426
msgid ""
19494
21427
"Another important configuration file is "
19495
21428
"<filename>/etc/phpmyadmin/apache.conf</filename>, this file is symlinked to "
19501
21434
"linkend=\"httpd\"/>."
19502
21435
msgstr ""
19503
21436
19504
#: serverguide/C/lamp-applications.xml:475(para)
21437
#: serverguide/C/lamp-applications.xml:500(para)
19505
21438
msgid ""
19506
21439
"The <application>phpMyAdmin</application> documentation comes installed with "
19507
21440
"the package and can be accessed from the <emphasis>phpMyAdmin "
19510
21443
"url=\"http://www.phpmyadmin.net/home_page/docs.php\">phpMyAdmin</ulink> site."
19511
21444
msgstr ""
19512
21445
19513
#: serverguide/C/lamp-applications.xml:482(para)
21446
#: serverguide/C/lamp-applications.xml:507(para)
19514
21447
msgid ""
19515
21448
"Also, <ulink url=\"http://www.packtpub.com/phpmyadmin-3rd-"
19516
21449
"edition/book\">Mastering phpMyAdmin</ulink> is a great resource."
19517
21450
msgstr ""
19518
21451
21452
#: serverguide/C/lamp-applications.xml:512(para)
21453
msgid ""
21454
"A third resource is the <ulink "
21455
"url=\"https://help.ubuntu.com/community/phpMyAdmin\">phpMyAdmin Ubuntu "
21456
"Wiki</ulink> page."
21457
msgstr ""
21458
19519
21459
#: serverguide/C/introduction.xml:14(para)
19520
21460
msgid "Welcome to the <emphasis>Ubuntu Server Guide</emphasis>!"
19521
21461
msgstr "欢迎来到 <emphasis>Ubuntu 服务器指南</emphasis>!"
19532
21472
"This guide assumes you have a basic understanding of your Ubuntu system. "
19533
21473
"Some installation details are covered in <xref linkend=\"installation\"/>, "
19534
21474
"but if you need detailed instructions installing Ubuntu please refer to the "
19535
"<ulink url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu "
21475
"<ulink url=\"https://help.ubuntu.com/10.04 LTS/installation-guide/\">Ubuntu "
19536
21476
"Installation Guide</ulink>."
19537
21477
msgstr ""
19538
21478
19552
21492
msgstr ""
19553
21493
19554
21494
#: serverguide/C/introduction.xml:36(command)
19555
msgid "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
19556
msgstr "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
21495
msgid "w3m /usr/share/ubuntu-serverguide/html/C/index.html"
21496
msgstr ""
19557
21497
19558
21498
#: serverguide/C/introduction.xml:39(para)
19559
msgid "Replace <emphasis>en_GB</emphasis> with your language localization."
21499
msgid ""
21500
"If you are using a localized version of Ubuntu, replace "
21501
"<emphasis>C</emphasis> with your language localization (e.g. "
21502
"<emphasis>en_GB</emphasis>)."
19560
21503
msgstr ""
19561
21504
19562
21505
#: serverguide/C/introduction.xml:53(title)
19565
21508
19566
21509
#: serverguide/C/introduction.xml:55(para)
19567
21510
msgid ""
19568
"There a couple of different ways that Ubuntu Server Edition is supported, "
19569
"commercial support and community support. The main commercial support (and "
19570
"development funding) is available from Canonical Ltd. They supply reasonably "
19571
"priced support contracts on a per desktop or per server basis. For more "
19572
"information see the <ulink "
21511
"There are a couple of different ways that Ubuntu Server Edition is "
21512
"supported, commercial support and community support. The main commercial "
21513
"support (and development funding) is available from Canonical Ltd. They "
21514
"supply reasonably priced support contracts on a per desktop or per server "
21515
"basis. For more information see the <ulink "
19573
21516
"url=\"http://www.canonical.com/services/support\">Canonical Services</ulink> "
19574
21517
"page."
19575
21518
msgstr ""
19587
21530
19588
21531
#: serverguide/C/installation.xml:14(para)
19589
21532
msgid ""
19590
"This chapter provides a quick overview of installing Ubuntu 9.10 Server "
21533
"This chapter provides a quick overview of installing Ubuntu 10.04 LTS Server "
19591
21534
"Edition. For more detailed instructions, please refer to the <ulink "
19592
"url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
19593
"Guide</ulink>."
21535
"url=\"https://help.ubuntu.com/10.04 LTS/installation-guide/\">Ubuntu "
21536
"Installation Guide</ulink>."
19594
21537
msgstr ""
19595
21538
19596
21539
#: serverguide/C/installation.xml:19(title)
19609
21552
19610
21553
#: serverguide/C/installation.xml:25(para)
19611
21554
msgid ""
19612
"Ubuntu 9.10 Server Edition supports two (2) major architectures: Intel x86 "
19613
"and AMD64. The table below lists recommended hardware specifications. "
21555
"Ubuntu 10.04 LTS Server Edition supports two (2) major architectures: Intel "
21556
"x86 and AMD64. The table below lists recommended hardware specifications. "
19614
21557
"Depending on your needs, you might manage with less than this. However, most "
19615
21558
"users risk being frustrated if they ignore these suggestions."
19616
21559
msgstr ""
19662
21605
"services, such as file/print services, web hosting, email hosting, etc."
19663
21606
msgstr ""
19664
21607
19665
#: serverguide/C/installation.xml:62(title)
21608
#: serverguide/C/installation.xml:60(para)
21609
msgid ""
21610
"The requirements for UEC are slightly different for Front End requirements "
21611
"see <xref linkend=\"uec-frontend-requirements\"/> and for UEC Node "
21612
"requirements see <xref linkend=\"uec-node-requirements\"/>."
21613
msgstr ""
21614
21615
#: serverguide/C/installation.xml:68(title)
19666
21616
msgid "Server and Desktop Differences"
19667
21617
msgstr ""
19668
21618
19669
#: serverguide/C/installation.xml:63(para)
21619
#: serverguide/C/installation.xml:69(para)
19670
21620
msgid ""
19671
21621
"There are a few differences between the <emphasis>Ubuntu Server "
19672
21622
"Edition</emphasis> and the <emphasis>Ubuntu Desktop Edition</emphasis>. It "
19676
21626
"Desktop Edition as it is on the Server Edition."
19677
21627
msgstr ""
19678
21628
19679
#: serverguide/C/installation.xml:69(para)
21629
#: serverguide/C/installation.xml:75(para)
19680
21630
msgid ""
19681
21631
"The differences between the two editions are the lack of an X window "
19682
21632
"environment in the Server Edition, the installation process, and different "
19683
21633
"Kernel options."
19684
21634
msgstr ""
19685
21635
19686
#: serverguide/C/installation.xml:76(title)
21636
#: serverguide/C/installation.xml:82(title)
19687
21637
msgid "Kernel Differences:"
19688
21638
msgstr ""
19689
21639
19690
#: serverguide/C/installation.xml:79(para)
21640
#: serverguide/C/installation.xml:85(para)
19691
21641
msgid ""
19692
21642
"The Server Edition uses the <emphasis>Deadline</emphasis> I/O scheduler "
19693
21643
"instead of the <emphasis>CFQ</emphasis> scheduler used by the Desktop "
19694
21644
"Edition."
19695
21645
msgstr ""
19696
21646
19697
#: serverguide/C/installation.xml:85(para)
21647
#: serverguide/C/installation.xml:91(para)
19698
21648
msgid "<emphasis>Preemption</emphasis> is turned off in the Server Edition."
19699
21649
msgstr ""
19700
21650
19701
#: serverguide/C/installation.xml:90(para)
21651
#: serverguide/C/installation.xml:96(para)
19702
21652
msgid ""
19703
21653
"The timer interrupt is 100 Hz in the Server Edition and 250 Hz in the "
19704
21654
"Desktop Edition."
19705
21655
msgstr ""
19706
21656
19707
#: serverguide/C/installation.xml:96(para)
21657
#: serverguide/C/installation.xml:102(para)
19708
21658
msgid ""
19709
21659
"When running a 64-bit version of Ubuntu on 64-bit processors you are not "
19710
21660
"limited by memory addressing space."
19711
21661
msgstr ""
19712
21662
19713
#: serverguide/C/installation.xml:101(para)
21663
#: serverguide/C/installation.xml:107(para)
19714
21664
msgid ""
19715
21665
"To see all kernel configuration options you can look through "
19716
21666
"<filename>/boot/config-2.6.31-server</filename>. Also, <ulink "
19718
21668
"great resource on the options available."
19719
21669
msgstr ""
19720
21670
19721
#: serverguide/C/installation.xml:110(title)
21671
#: serverguide/C/installation.xml:116(title)
19722
21672
msgid "Backing Up"
19723
21673
msgstr "备份"
19724
21674
19725
#: serverguide/C/installation.xml:113(para)
21675
#: serverguide/C/installation.xml:119(para)
19726
21676
msgid ""
19727
21677
"Before installing <application>Ubuntu Server Edition</application> you "
19728
21678
"should make sure all data on the system is backed up. See <xref "
19729
21679
"linkend=\"backups\"/> for backup options."
19730
21680
msgstr ""
19731
21681
19732
#: serverguide/C/installation.xml:117(para)
21682
#: serverguide/C/installation.xml:123(para)
19733
21683
msgid ""
19734
21684
"If this is not the first time an operating system has been installed on your "
19735
21685
"computer, it is likely you will need to re-partition your disk to make room "
19736
21686
"for Ubuntu."
19737
21687
msgstr ""
19738
21688
19739
#: serverguide/C/installation.xml:121(para)
21689
#: serverguide/C/installation.xml:127(para)
19740
21690
msgid ""
19741
21691
"Any time you partition your disk, you should be prepared to lose everything "
19742
21692
"on the disk should you make a mistake or something goes wrong during "
19744
21694
"have seen years of use, but they also perform destructive actions."
19745
21695
msgstr ""
19746
21696
19747
#: serverguide/C/installation.xml:133(title)
21697
#: serverguide/C/installation.xml:139(title)
19748
21698
msgid "Installing from CD"
19749
21699
msgstr "从 CD 安装"
19750
21700
19751
#: serverguide/C/installation.xml:134(para)
21701
#: serverguide/C/installation.xml:140(para)
19752
21702
msgid ""
19753
21703
"The basic steps to install Ubuntu Server Edition from CD are the same for "
19754
21704
"installing any operating system from CD. Unlike the <emphasis>Desktop "
19757
21707
"menu based process."
19758
21708
msgstr ""
19759
21709
19760
#: serverguide/C/installation.xml:141(para)
21710
#: serverguide/C/installation.xml:147(para)
19761
21711
msgid ""
19762
21712
"First, download and burn the appropriate ISO file from the <ulink "
19763
21713
"url=\"http://www.ubuntu.com/getubuntu/download\"> Ubuntu web site</ulink>."
19764
21714
msgstr ""
19765
21715
19766
#: serverguide/C/installation.xml:147(para)
21716
#: serverguide/C/installation.xml:153(para)
19767
21717
msgid "Boot the system from the CD-ROM drive."
19768
21718
msgstr ""
19769
21719
19770
#: serverguide/C/installation.xml:152(para)
21720
#: serverguide/C/installation.xml:158(para)
19771
21721
msgid ""
19772
21722
"At the boot prompt you will be asked to select the language. Afterwards the "
19773
21723
"installation process begins by asking for your keyboard layout."
19774
21724
msgstr ""
19775
21725
19776
#: serverguide/C/installation.xml:158(para)
21726
#: serverguide/C/installation.xml:164(para)
21727
msgid ""
21728
"From the main boot menu there are some additional options to install Ubuntu "
21729
"Server Edition. You can install a basic Ubuntu Server, or install Ubuntu "
21730
"Server as part of a <emphasis>Ubuntu Enterprise Cloud</emphasis>. For more "
21731
"information on UEC see <xref linkend=\"uec\"/>. The rest of this section "
21732
"will cover the basic Ubuntu Server install."
21733
msgstr ""
21734
21735
#: serverguide/C/installation.xml:172(para)
19777
21736
msgid ""
19778
21737
"The installer then discovers your hardware configuration, and configures the "
19779
21738
"network settings using DHCP. If you do not wish to use DHCP at the next "
19781
21740
"network manually\"."
19782
21741
msgstr ""
19783
21742
19784
#: serverguide/C/installation.xml:165(para)
21743
#: serverguide/C/installation.xml:179(para)
19785
21744
msgid "Next, the installer asks for the system's hostname and Time Zone."
19786
21745
msgstr ""
19787
21746
19788
#: serverguide/C/installation.xml:170(para)
21747
#: serverguide/C/installation.xml:184(para)
19789
21748
msgid ""
19790
21749
"You can then choose from several options to configure the hard drive layout. "
19791
21750
"For advanced disk options see <xref linkend=\"advanced-installation\"/>."
19792
21751
msgstr ""
19793
21752
19794
#: serverguide/C/installation.xml:176(para)
21753
#: serverguide/C/installation.xml:190(para)
19795
21754
msgid "The Ubuntu base system is then installed."
19796
21755
msgstr ""
19797
21756
19798
#: serverguide/C/installation.xml:181(para)
21757
#: serverguide/C/installation.xml:195(para)
19799
21758
msgid ""
19800
21759
"A new user is setup, this user will have <emphasis>root</emphasis> access "
19801
21760
"through the <application>sudo</application> utility."
19802
21761
msgstr ""
19803
21762
19804
#: serverguide/C/installation.xml:187(para)
21763
#: serverguide/C/installation.xml:201(para)
19805
21764
msgid ""
19806
21765
"After the user is setup, you will be asked to encrypt your <filename "
19807
21766
"role=\"directory\">home</filename> directory."
19808
21767
msgstr ""
19809
21768
19810
#: serverguide/C/installation.xml:193(para)
21769
#: serverguide/C/installation.xml:207(para)
19811
21770
msgid ""
19812
21771
"The next step in the installation process is to decide how you want to "
19813
21772
"update the system. There are three options:"
19814
21773
msgstr ""
19815
21774
19816
#: serverguide/C/installation.xml:199(para)
21775
#: serverguide/C/installation.xml:213(para)
19817
21776
msgid ""
19818
21777
"<emphasis>No automatic updates</emphasis>: this requires an administrator to "
19819
21778
"log into the machine and manually install updates."
19820
21779
msgstr ""
19821
21780
19822
#: serverguide/C/installation.xml:205(para)
21781
#: serverguide/C/installation.xml:219(para)
19823
21782
msgid ""
19824
21783
"<emphasis>Install security updates Automatically</emphasis>: will install "
19825
21784
"the <application>unattended-upgrades</application> package, which will "
19827
21786
"more details see <xref linkend=\"automatic-updates\"/>."
19828
21787
msgstr ""
19829
21788
19830
#: serverguide/C/installation.xml:212(para)
21789
#: serverguide/C/installation.xml:226(para)
19831
21790
msgid ""
19832
21791
"<emphasis>Manage the system with Landscape</emphasis>: Landscape is a paid "
19833
21792
"service provided by Canonical to help manage your Ubuntu machines. See the "
19835
21794
"site for details."
19836
21795
msgstr ""
19837
21796
19838
#: serverguide/C/installation.xml:221(para)
21797
#: serverguide/C/installation.xml:235(para)
19839
21798
msgid ""
19840
21799
"You now have the option to install, or not install, several package tasks. "
19841
21800
"See <xref linkend=\"install-tasks\"/> for details. Also, there is an option "
19843
21802
"install. For more information see <xref linkend=\"aptitude\"/>."
19844
21803
msgstr ""
19845
21804
19846
#: serverguide/C/installation.xml:229(para)
21805
#: serverguide/C/installation.xml:243(para)
19847
21806
msgid "Finally, the last step before rebooting is to set the clock to UTC."
19848
21807
msgstr ""
19849
21808
19850
#: serverguide/C/installation.xml:235(para)
21809
#: serverguide/C/installation.xml:249(para)
19851
21810
msgid ""
19852
21811
"If at any point during installation you are not satisfied by the default "
19853
21812
"setting, use the \"Go Back\" function at any prompt to be brought to a "
19855
21814
"settings."
19856
21815
msgstr ""
19857
21816
19858
#: serverguide/C/installation.xml:240(para)
21817
#: serverguide/C/installation.xml:254(para)
19859
21818
msgid ""
19860
21819
"At some point during the installation process you may want to read the help "
19861
21820
"screen provided by the installation system. To do this, press F1."
19862
21821
msgstr ""
19863
21822
19864
#: serverguide/C/installation.xml:245(para)
21823
#: serverguide/C/installation.xml:259(para)
19865
21824
msgid ""
19866
21825
"Once again, for detailed instructions see the <ulink "
19867
"url=\"https://help.ubuntu.com/9.10/installation-guide/\"> Ubuntu "
21826
"url=\"https://help.ubuntu.com/10.04 LTS/installation-guide/\"> Ubuntu "
19868
21827
"Installation Guide</ulink>."
19869
21828
msgstr ""
19870
21829
19871
#: serverguide/C/installation.xml:251(title)
21830
#: serverguide/C/installation.xml:265(title)
19872
21831
msgid "Package Tasks"
19873
21832
msgstr ""
19874
21833
19875
#: serverguide/C/installation.xml:252(para)
21834
#: serverguide/C/installation.xml:266(para)
19876
21835
msgid ""
19877
21836
"During the Server Edition installation you have the option of installing "
19878
21837
"additional packages from the CD. The packages are grouped by the type of "
19879
21838
"service they provide."
19880
21839
msgstr ""
19881
21840
19882
#: serverguide/C/installation.xml:258(para)
21841
#: serverguide/C/installation.xml:272(para)
21842
msgid "Cloud computing: Walrus storage service"
21843
msgstr ""
21844
21845
#: serverguide/C/installation.xml:277(para)
21846
msgid "Cloud computing: all-in-one cluster"
21847
msgstr ""
21848
21849
#: serverguide/C/installation.xml:282(para)
21850
msgid "Cloud computing: Cluster controller"
21851
msgstr ""
21852
21853
#: serverguide/C/installation.xml:287(para)
21854
msgid "Cloud computing: Node controller"
21855
msgstr ""
21856
21857
#: serverguide/C/installation.xml:292(para)
21858
msgid "Cloud computing: Storage controller"
21859
msgstr ""
21860
21861
#: serverguide/C/installation.xml:297(para)
21862
msgid "Cloud computing: top-level cloud controller"
21863
msgstr ""
21864
21865
#: serverguide/C/installation.xml:302(para)
19883
21866
msgid "DNS server: Selects the BIND DNS server and its documentation."
19884
21867
msgstr ""
19885
21868
19886
#: serverguide/C/installation.xml:263(para)
21869
#: serverguide/C/installation.xml:307(para)
19887
21870
msgid "LAMP server: Selects a ready-made Linux/Apache/MySQL/PHP server."
19888
21871
msgstr ""
19889
21872
19890
#: serverguide/C/installation.xml:268(para)
21873
#: serverguide/C/installation.xml:312(para)
19891
21874
msgid ""
19892
21875
"Mail server: This task selects a variety of package useful for a general "
19893
21876
"purpose mail server system."
19894
21877
msgstr ""
19895
21878
19896
#: serverguide/C/installation.xml:273(para)
21879
#: serverguide/C/installation.xml:317(para)
19897
21880
msgid "OpenSSH server: Selects packages needed for an OpenSSH server."
19898
21881
msgstr ""
19899
21882
19900
#: serverguide/C/installation.xml:278(para)
21883
#: serverguide/C/installation.xml:322(para)
19901
21884
msgid ""
19902
21885
"PostgreSQL database: This task selects client and server packages for the "
19903
21886
"PostgreSQL database."
19904
21887
msgstr ""
19905
21888
19906
#: serverguide/C/installation.xml:283(para)
21889
#: serverguide/C/installation.xml:327(para)
19907
21890
msgid "Print server: This task sets up your system to be a print server."
19908
21891
msgstr ""
19909
21892
19910
#: serverguide/C/installation.xml:288(para)
21893
#: serverguide/C/installation.xml:332(para)
19911
21894
msgid ""
19912
21895
"Samba File server: This task sets up your system to be a Samba file server, "
19913
21896
"which is especially suitable in networks with both Windows and Linux systems."
19914
21897
msgstr ""
19915
21898
19916
#: serverguide/C/installation.xml:294(para)
21899
#: serverguide/C/installation.xml:338(para)
19917
21900
msgid ""
19918
21901
"Tomcat server: Installs the Apache Tomcat and needed dependencies Java, gcj, "
19919
21902
"etc."
19920
21903
msgstr ""
19921
21904
19922
#: serverguide/C/installation.xml:299(para)
21905
#: serverguide/C/installation.xml:343(para)
19923
21906
msgid ""
19924
21907
"Virtual machine host: Includes packages needed to run KVM virtual machines."
19925
21908
msgstr ""
19926
21909
19927
#: serverguide/C/installation.xml:304(para)
21910
#: serverguide/C/installation.xml:348(para)
21911
msgid ""
21912
"Manually select packages: Executes <application>apptitude</application> "
21913
"allowing you to individually select packages."
21914
msgstr ""
21915
21916
#: serverguide/C/installation.xml:353(para)
19928
21917
msgid ""
19929
21918
"Installing the package groups is accomplished using the "
19930
21919
"<application>tasksel</application> utility. One of the important difference "
19935
21924
"a fully integrated service."
19936
21925
msgstr ""
19937
21926
19938
#: serverguide/C/installation.xml:311(para)
21927
#: serverguide/C/installation.xml:360(para)
21928
msgid ""
21929
"For more information on the <emphasis>Cloud Computing</emphasis> tasks see "
21930
"<xref linkend=\"uec\"/>."
21931
msgstr ""
21932
21933
#: serverguide/C/installation.xml:363(para)
19939
21934
msgid ""
19940
21935
"Once the installation process has finished you can view a list of available "
19941
21936
"tasks by entering the following from a terminal prompt:"
19942
21937
msgstr ""
19943
21938
19944
#: serverguide/C/installation.xml:316(command)
21939
#: serverguide/C/installation.xml:368(command)
19945
21940
msgid "tasksel --list-tasks"
19946
21941
msgstr "tasksel --list-tasks"
19947
21942
19948
#: serverguide/C/installation.xml:319(para)
21943
#: serverguide/C/installation.xml:371(para)
19949
21944
msgid ""
19950
21945
"The output will list tasks from other Ubuntu based distributions such as "
19951
21946
"Kubuntu and Edubuntu. Note that you can also invoke the "
19953
21948
"the different tasks available."
19954
21949
msgstr ""
19955
21950
19956
#: serverguide/C/installation.xml:325(para)
21951
#: serverguide/C/installation.xml:377(para)
19957
21952
msgid ""
19958
21953
"You can view a list of which packages are installed with each task using the "
19959
21954
"<emphasis>--task-packages</emphasis> option. For example, to list the "
19961
21956
"following:"
19962
21957
msgstr ""
19963
21958
19964
#: serverguide/C/installation.xml:330(command)
21959
#: serverguide/C/installation.xml:382(command)
19965
21960
msgid "tasksel --task-packages dns-server"
19966
21961
msgstr "tasksel --task-packages dns-server"
19967
21962
19968
#: serverguide/C/installation.xml:332(para)
21963
#: serverguide/C/installation.xml:384(para)
19969
21964
msgid "The output of the command should list:"
19970
21965
msgstr ""
19971
21966
19972
#: serverguide/C/installation.xml:335(programlisting)
21967
#: serverguide/C/installation.xml:387(programlisting)
19973
21968
#, no-wrap
19974
21969
msgid ""
19975
21970
"\n"
19978
21973
"bind9\n"
19979
21974
msgstr ""
19980
21975
19981
#: serverguide/C/installation.xml:340(para)
21976
#: serverguide/C/installation.xml:392(para)
19982
21977
msgid ""
19983
21978
"Also, if you did not install one of the tasks during the installation "
19984
21979
"process, but for example you decide to make your new LAMP server a DNS "
19985
21980
"server as well. Simply insert the installation CD and from a terminal:"
19986
21981
msgstr ""
19987
21982
19988
#: serverguide/C/installation.xml:345(command)
21983
#: serverguide/C/installation.xml:397(command)
19989
21984
msgid "sudo tasksel install dns-server"
19990
21985
msgstr "sudo tasksel install dns-server"
19991
21986
19992
#: serverguide/C/installation.xml:350(title)
21987
#: serverguide/C/installation.xml:402(title)
19993
21988
msgid "Upgrading"
19994
21989
msgstr "正在更新"
19995
21990
19996
#: serverguide/C/installation.xml:351(para)
21991
#: serverguide/C/installation.xml:403(para)
19997
21992
msgid ""
19998
21993
"There are several ways to upgrade from one Ubuntu release to another. This "
19999
21994
"section gives an overview of the recommended upgrade method."
20000
21995
msgstr ""
20001
21996
20002
#: serverguide/C/installation.xml:355(title) serverguide/C/installation.xml:370(command)
21997
#: serverguide/C/installation.xml:407(title) serverguide/C/installation.xml:422(command)
20003
21998
msgid "do-release-upgrade"
20004
21999
msgstr "do-release-upgrade"
20005
22000
20006
#: serverguide/C/installation.xml:356(para)
22001
#: serverguide/C/installation.xml:408(para)
20007
22002
msgid ""
20008
22003
"The recommended way to upgrade a Server Edition installation is to use the "
20009
22004
"<application>do-release-upgrade</application> utility. Part of the "
20011
22006
"graphical dependencies and is installed by default."
20012
22007
msgstr ""
20013
22008
20014
#: serverguide/C/installation.xml:361(para)
22009
#: serverguide/C/installation.xml:413(para)
20015
22010
msgid ""
20016
22011
"Debian based systems can also be upgraded by using <command>apt-get dist-"
20017
22012
"upgrade</command>. However, using <application>do-release-"
20019
22014
"system configuration changes sometimes needed between releases."
20020
22015
msgstr ""
20021
22016
20022
#: serverguide/C/installation.xml:366(para)
22017
#: serverguide/C/installation.xml:418(para)
20023
22018
msgid "To upgrade to a newer release, from a terminal prompt enter:"
20024
22019
msgstr ""
20025
22020
20026
#: serverguide/C/installation.xml:372(para)
22021
#: serverguide/C/installation.xml:424(para)
20027
22022
msgid ""
20028
22023
"It is also possible to use <application>do-release-upgrade</application> to "
20029
22024
"upgrade to a development version of Ubuntu. To accomplish this use the "
20030
22025
"<emphasis>-d</emphasis> switch:"
20031
22026
msgstr ""
20032
22027
20033
#: serverguide/C/installation.xml:377(command)
22028
#: serverguide/C/installation.xml:429(command)
20034
22029
msgid "do-release-upgrade -d"
20035
22030
msgstr "do-release-upgrade -d"
20036
22031
20037
#: serverguide/C/installation.xml:380(para)
22032
#: serverguide/C/installation.xml:432(para)
20038
22033
msgid ""
20039
22034
"Upgrading to a development release is <emphasis>not</emphasis> recommended "
20040
22035
"for production environments."
20041
22036
msgstr ""
20042
22037
20043
#: serverguide/C/installation.xml:387(title)
22038
#: serverguide/C/installation.xml:439(title)
20044
22039
msgid "Advanced Installation"
20045
22040
msgstr ""
20046
22041
20047
#: serverguide/C/installation.xml:390(title)
22042
#: serverguide/C/installation.xml:442(title)
20048
22043
msgid "Software RAID"
20049
22044
msgstr ""
20050
22045
20051
#: serverguide/C/installation.xml:392(para)
22046
#: serverguide/C/installation.xml:444(para)
20052
22047
msgid ""
20053
22048
"RAID is a method of configuring multiple hard drives to act as one, reducing "
20054
22049
"the probability of catastrophic data loss in case of drive failure. RAID is "
20058
22053
"drives 'invisibly')."
20059
22054
msgstr ""
20060
22055
20061
#: serverguide/C/installation.xml:399(para)
22056
#: serverguide/C/installation.xml:451(para)
20062
22057
msgid ""
20063
22058
"The RAID software included with current versions of Linux (and Ubuntu) is "
20064
22059
"based on the <application>'mdadm'</application> driver and works very well, "
20068
22063
"another for <emphasis>swap</emphasis>."
20069
22064
msgstr ""
20070
22065
20071
#: serverguide/C/installation.xml:409(para) serverguide/C/installation.xml:926(para)
22066
#: serverguide/C/installation.xml:461(para) serverguide/C/installation.xml:975(para)
20072
22067
msgid ""
20073
22068
"Follow the installation steps until you get to the <emphasis>Partition "
20074
22069
"disks</emphasis> step, then:"
20075
22070
msgstr ""
20076
22071
20077
#: serverguide/C/installation.xml:416(para)
22072
#: serverguide/C/installation.xml:468(para)
20078
22073
msgid "Select <emphasis>Manual</emphasis> as the partition method."
20079
22074
msgstr ""
20080
22075
20081
#: serverguide/C/installation.xml:423(para)
22076
#: serverguide/C/installation.xml:475(para)
20082
22077
msgid ""
20083
22078
"Select the first hard drive, and agree to <emphasis>\"Create a new empty "
20084
22079
"partition table on this device?\"</emphasis>."
20085
22080
msgstr ""
20086
22081
20087
#: serverguide/C/installation.xml:427(para)
22082
#: serverguide/C/installation.xml:479(para)
20088
22083
msgid ""
20089
22084
"Repeat this step for each drive you wish to be part of the RAID array."
20090
22085
msgstr ""
20091
22086
20092
#: serverguide/C/installation.xml:434(para)
22087
#: serverguide/C/installation.xml:486(para)
20093
22088
msgid ""
20094
22089
"Select the <emphasis>\"FREE SPACE\"</emphasis> on the first drive then "
20095
22090
"select <emphasis>\"Create a new partition\"</emphasis>."
20096
22091
msgstr ""
20097
22092
20098
#: serverguide/C/installation.xml:441(para)
22093
#: serverguide/C/installation.xml:493(para)
20099
22094
msgid ""
20100
22095
"Next, select the <emphasis>Size</emphasis> of the partition. This partition "
20101
22096
"will be the <emphasis>swap</emphasis> partition, and a general rule for swap "
20103
22098
"<emphasis>Primary</emphasis>, then <emphasis>Beginning</emphasis>."
20104
22099
msgstr ""
20105
22100
20106
#: serverguide/C/installation.xml:450(para)
22101
#: serverguide/C/installation.xml:502(para)
20107
22102
msgid ""
20108
22103
"Select the <emphasis>\"Use as:\"</emphasis> line at the top. By default this "
20109
"is <emphasis role=\"italic\">\"Ext3 journaling file system\"</emphasis>, "
22104
"is <emphasis role=\"italic\">\"Ext4 journaling file system\"</emphasis>, "
20110
22105
"change that to <emphasis>\"physical volume for RAID\"</emphasis> then "
20111
22106
"<emphasis>\"Done setting up partition\"</emphasis>."
20112
22107
msgstr ""
20113
22108
20114
#: serverguide/C/installation.xml:459(para)
22109
#: serverguide/C/installation.xml:511(para)
20115
22110
msgid ""
20116
22111
"For the <emphasis>/</emphasis> partition once again select <emphasis>\"Free "
20117
22112
"Space\"</emphasis> on the first drive then <emphasis>\"Create a new "
20118
22113
"partition\"</emphasis>."
20119
22114
msgstr ""
20120
22115
20121
#: serverguide/C/installation.xml:467(para)
22116
#: serverguide/C/installation.xml:519(para)
20122
22117
msgid ""
20123
22118
"Use the rest of the free space on the drive and choose "
20124
22119
"<emphasis>Continue</emphasis>, then <emphasis>Primary</emphasis>."
20125
22120
msgstr ""
20126
22121
20127
#: serverguide/C/installation.xml:474(para)
22122
#: serverguide/C/installation.xml:526(para)
20128
22123
msgid ""
20129
22124
"As with the swap partition, select the <emphasis>\"Use as:\"</emphasis> line "
20130
"at the top, changing it to <emphasis>\"physical volume for RAID\"</emphasis> "
20131
"then choose <emphasis>\"Done setting up partition\"</emphasis>."
22125
"at the top, changing it to <emphasis>\"physical volume for "
22126
"RAID\"</emphasis>. Also select the <emphasis>\"Bootable flag:\"</emphasis> "
22127
"line to change the value to <emphasis>\"on\"</emphasis>. Then choose "
22128
"<emphasis>\"Done setting up partition\"</emphasis>."
20132
22129
msgstr ""
20133
22130
20134
#: serverguide/C/installation.xml:482(para)
22131
#: serverguide/C/installation.xml:536(para)
20135
22132
msgid "Repeat steps three through eight for the other disk and partitions."
20136
22133
msgstr ""
20137
22134
20138
#: serverguide/C/installation.xml:491(title)
22135
#: serverguide/C/installation.xml:545(title)
20139
22136
msgid "RAID Configuration"
20140
22137
msgstr ""
20141
22138
20142
#: serverguide/C/installation.xml:493(para)
22139
#: serverguide/C/installation.xml:547(para)
20143
22140
msgid "With the partitions setup the arrays are ready to be configured:"
20144
22141
msgstr ""
20145
22142
20146
#: serverguide/C/installation.xml:500(para)
22143
#: serverguide/C/installation.xml:554(para)
20147
22144
msgid ""
20148
22145
"Back in the main \"Partition Disks\" page, select <emphasis>\"Configure "
20149
22146
"Software RAID\"</emphasis> at the top."
20150
22147
msgstr ""
20151
22148
20152
#: serverguide/C/installation.xml:507(para)
22149
#: serverguide/C/installation.xml:561(para)
20153
22150
msgid "Select <emphasis>\"yes\"</emphasis> to write the changes to disk."
20154
22151
msgstr ""
20155
22152
20156
#: serverguide/C/installation.xml:514(para)
20157
msgid "Choose <emphasis>\"Create MD drive\"</emphasis>."
22153
#: serverguide/C/installation.xml:568(para)
22154
msgid "Choose <emphasis>\"Create MD device\"</emphasis>."
20158
22155
msgstr ""
20159
22156
20160
#: serverguide/C/installation.xml:521(para)
22157
#: serverguide/C/installation.xml:575(para)
20161
22158
msgid ""
20162
22159
"For this example, select <emphasis>\"RAID1\"</emphasis>, but if you are "
20163
22160
"using a different setup choose the appropriate type (RAID0 RAID1 RAID5)."
20164
22161
msgstr ""
20165
22162
20166
#: serverguide/C/installation.xml:527(para)
22163
#: serverguide/C/installation.xml:581(para)
20167
22164
msgid ""
20168
22165
"In order to use <emphasis>RAID5</emphasis> you need at least "
20169
22166
"<emphasis>three</emphasis> drives. Using RAID0 or RAID1 only "
20170
22167
"<emphasis>two</emphasis> drives are required."
20171
22168
msgstr ""
20172
22169
20173
#: serverguide/C/installation.xml:536(para)
22170
#: serverguide/C/installation.xml:590(para)
20174
22171
msgid ""
20175
22172
"Enter the number of active devices <emphasis>\"2\"</emphasis>, or the amount "
20176
22173
"of hard drives you have, for the array. Then select "
20177
22174
"<emphasis>\"Continue\"</emphasis>."
20178
22175
msgstr ""
20179
22176
20180
#: serverguide/C/installation.xml:544(para)
22177
#: serverguide/C/installation.xml:598(para)
20181
22178
msgid ""
20182
22179
"Next, enter the number of spare devices <emphasis>\"0\"</emphasis> by "
20183
22180
"default, then choose <emphasis>\"Continue\"</emphasis>."
20184
22181
msgstr ""
20185
22182
20186
#: serverguide/C/installation.xml:551(para)
22183
#: serverguide/C/installation.xml:605(para)
20187
22184
msgid ""
20188
22185
"Choose which partitions to use. Generally they will be sda1, sdb1, sdc1, "
20189
22186
"etc. The numbers will usually match and the different letters correspond to "
20190
22187
"different hard drives."
20191
22188
msgstr ""
20192
22189
20193
#: serverguide/C/installation.xml:556(para)
22190
#: serverguide/C/installation.xml:610(para)
20194
22191
msgid ""
20195
22192
"For the <emphasis>swap</emphasis> partition choose <emphasis>sda1</emphasis> "
20196
22193
"and <emphasis>sdb1</emphasis>. Select <emphasis>\"Continue\"</emphasis> to "
20197
22194
"go to the next step."
20198
22195
msgstr ""
20199
22196
20200
#: serverguide/C/installation.xml:564(para)
22197
#: serverguide/C/installation.xml:618(para)
20201
22198
msgid ""
20202
22199
"Repeat steps <emphasis>three</emphasis> through <emphasis>seven</emphasis> "
20203
22200
"for the <emphasis>/</emphasis> partition choosing <emphasis>sda2</emphasis> "
20204
22201
"and <emphasis>sdb2</emphasis>."
20205
22202
msgstr ""
20206
22203
20207
#: serverguide/C/installation.xml:572(para)
22204
#: serverguide/C/installation.xml:626(para)
20208
22205
msgid "Once done select <emphasis>\"Finish\"</emphasis>."
20209
22206
msgstr ""
20210
22207
20211
#: serverguide/C/installation.xml:582(title)
22208
#: serverguide/C/installation.xml:636(title)
20212
22209
msgid "Formatting"
20213
22210
msgstr ""
20214
22211
20215
#: serverguide/C/installation.xml:584(para)
22212
#: serverguide/C/installation.xml:638(para)
20216
22213
msgid ""
20217
22214
"There should now be a list of hard drives and RAID devices. The next step is "
20218
22215
"to format and set the mount point for the RAID devices. Treat the RAID "
20219
22216
"device as a local hard drive, format and mount accordingly."
20220
22217
msgstr ""
20221
22218
20222
#: serverguide/C/installation.xml:592(para)
20223
msgid "Select the <emphasis>RAID1 device #0</emphasis> partition."
22219
#: serverguide/C/installation.xml:646(para)
22220
msgid ""
22221
"Select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
22222
"#0\"</emphasis> partition."
20224
22223
msgstr ""
20225
22224
20226
#: serverguide/C/installation.xml:599(para)
22225
#: serverguide/C/installation.xml:653(para)
20227
22226
msgid ""
20228
22227
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"swap "
20229
22228
"area\"</emphasis>, then <emphasis>\"Done setting up partition\"</emphasis>."
20230
22229
msgstr ""
20231
22230
20232
#: serverguide/C/installation.xml:607(para)
20233
msgid "Next, select the <emphasis>RAID1 device #1</emphasis> partition."
22231
#: serverguide/C/installation.xml:661(para)
22232
msgid ""
22233
"Next, select <emphasis>\"#1\"</emphasis> under the <emphasis>\"RAID1 device "
22234
"#1\"</emphasis> partition."
20234
22235
msgstr ""
20235
22236
20236
#: serverguide/C/installation.xml:614(para)
22237
#: serverguide/C/installation.xml:668(para)
20237
22238
msgid ""
20238
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"Ext3 "
22239
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"Ext4 "
20239
22240
"journaling file system\"</emphasis>."
20240
22241
msgstr ""
20241
22242
20242
#: serverguide/C/installation.xml:621(para)
22243
#: serverguide/C/installation.xml:675(para)
20243
22244
msgid ""
20244
22245
"Then select the <emphasis>\"Mount point\"</emphasis> and choose "
20245
22246
"<emphasis>\"/ - the root file system\"</emphasis>. Change any of the other "
20247
22248
"partition\"</emphasis>."
20248
22249
msgstr ""
20249
22250
20250
#: serverguide/C/installation.xml:629(para)
22251
#: serverguide/C/installation.xml:683(para)
20251
22252
msgid ""
20252
22253
"Finally, select <emphasis>\"Finish partitioning and write changes to "
20253
22254
"disk\"</emphasis>."
20254
22255
msgstr ""
20255
22256
20256
#: serverguide/C/installation.xml:636(para)
22257
#: serverguide/C/installation.xml:690(para)
20257
22258
msgid ""
20258
22259
"If you choose to place the root partition on a RAID array, the installer "
20259
22260
"will then ask if you would like to boot in a <emphasis>degraded</emphasis> "
20260
22261
"state. See <xref linkend=\"raid-degraded\"/> for further details."
20261
22262
msgstr ""
20262
22263
20263
#: serverguide/C/installation.xml:641(para)
22264
#: serverguide/C/installation.xml:695(para)
20264
22265
msgid "The installation process will then continue normally."
20265
22266
msgstr ""
20266
22267
20267
#: serverguide/C/installation.xml:647(title)
22268
#: serverguide/C/installation.xml:701(title)
20268
22269
msgid "Degraded RAID"
20269
22270
msgstr ""
20270
22271
20271
#: serverguide/C/installation.xml:649(para)
22272
#: serverguide/C/installation.xml:703(para)
20272
22273
msgid ""
20273
22274
"At some point in the life of the computer a disk failure event may occur. "
20274
22275
"When this happens, using Software RAID, the operating system will place the "
20275
22276
"array into what is known as a <emphasis>degraded</emphasis> state."
20276
22277
msgstr ""
20277
22278
20278
#: serverguide/C/installation.xml:654(para)
22279
#: serverguide/C/installation.xml:708(para)
20279
22280
msgid ""
20280
22281
"If the array has become degraded, due to the chance of data corruption, by "
20281
22282
"default Ubuntu Server Edition will boot to <emphasis>initramfs</emphasis> "
20286
22287
"Booting to a degraded array can be configured several ways:"
20287
22288
msgstr ""
20288
22289
20289
#: serverguide/C/installation.xml:665(para)
22290
#: serverguide/C/installation.xml:719(para)
20290
22291
msgid ""
20291
22292
"The <application>dpkg-reconfigure</application> utility can be used to "
20292
22293
"configure the default behavior, and during the process you will be queried "
20295
22296
"following:"
20296
22297
msgstr ""
20297
22298
20298
#: serverguide/C/installation.xml:672(command)
22299
#: serverguide/C/installation.xml:726(command)
20299
22300
msgid "sudo dpkg-reconfigure mdadm"
20300
22301
msgstr ""
20301
22302
20302
#: serverguide/C/installation.xml:678(para)
22303
#: serverguide/C/installation.xml:732(para)
20303
22304
msgid ""
20304
22305
"The <command>dpkg-reconfigure mdadm</command> process will change the "
20305
22306
"<filename>/etc/initramfs-tools/conf.d/mdadm</filename> configuration file. "
20307
22308
"behavior, and can also be manually edited:"
20308
22309
msgstr ""
20309
22310
20310
#: serverguide/C/installation.xml:684(programlisting)
22311
#: serverguide/C/installation.xml:738(programlisting)
20311
22312
#, no-wrap
20312
22313
msgid ""
20313
22314
"\n"
20314
22315
"BOOT_DEGRADED=true\n"
20315
22316
msgstr ""
20316
22317
20317
#: serverguide/C/installation.xml:689(para)
22318
#: serverguide/C/installation.xml:743(para)
20318
22319
msgid "The configuration file can be overridden by using a Kernel argument."
20319
22320
msgstr ""
20320
22321
20321
#: serverguide/C/installation.xml:697(para)
22322
#: serverguide/C/installation.xml:751(para)
20322
22323
msgid ""
20323
22324
"Using a Kernel argument will allow the system to boot to a degraded array as "
20324
22325
"well:"
20325
22326
msgstr ""
20326
22327
20327
#: serverguide/C/installation.xml:703(para)
22328
#: serverguide/C/installation.xml:757(para)
20328
22329
msgid ""
20329
"When the server is booting press <emphasis>ESC</emphasis> to open the "
22330
"When the server is booting press <keycap>Shift</keycap> to open the "
20330
22331
"<application>Grub</application> menu."
20331
22332
msgstr ""
20332
22333
20333
#: serverguide/C/installation.xml:708(para)
20334
msgid "Press <emphasis>\"e\"</emphasis> to edit your Kernel command options."
20335
msgstr ""
20336
20337
#: serverguide/C/installation.xml:713(para)
20338
msgid ""
20339
"Press the <emphasis>DOWN</emphasis> arrow to highlight the kernel line."
20340
msgstr ""
20341
20342
#: serverguide/C/installation.xml:718(para)
20343
msgid ""
20344
"Press the <emphasis>\"e\"</emphasis> key again to edit the kernel line."
20345
msgstr ""
20346
20347
#: serverguide/C/installation.xml:723(para)
22334
#: serverguide/C/installation.xml:762(para)
22335
msgid "Press <keycap>e</keycap> to edit your kernel command options."
22336
msgstr ""
22337
22338
#: serverguide/C/installation.xml:767(para)
22339
msgid "Press the <keycap>down</keycap> arrow to highlight the kernel line."
22340
msgstr ""
22341
22342
#: serverguide/C/installation.xml:772(para)
20348
22343
msgid ""
20349
22344
"Add <emphasis>\"bootdegraded=true\"</emphasis> (without the quotes) to the "
20350
22345
"end of the line."
20351
22346
msgstr ""
20352
22347
20353
#: serverguide/C/installation.xml:728(para)
20354
msgid "Press <emphasis>\"ENTER\"</emphasis>."
20355
msgstr ""
20356
20357
#: serverguide/C/installation.xml:733(para)
20358
msgid "Finally, press <emphasis>\"b\"</emphasis> to boot the system."
20359
msgstr ""
20360
20361
#: serverguide/C/installation.xml:742(para)
22348
#: serverguide/C/installation.xml:777(para)
22349
msgid ""
22350
"Press <keycombo><keycap>Ctrl</keycap><keycap>x</keycap></keycombo> to boot "
22351
"the system."
22352
msgstr ""
22353
22354
#: serverguide/C/installation.xml:786(para)
20362
22355
msgid ""
20363
22356
"Once the system has booted you can either repair the array see <xref "
20364
22357
"linkend=\"raid-maintenance\"/> for details, or copy important data to "
20365
22358
"another machine due to major hardware failure."
20366
22359
msgstr ""
20367
22360
20368
#: serverguide/C/installation.xml:749(title)
22361
#: serverguide/C/installation.xml:793(title)
20369
22362
msgid "RAID Maintenance"
20370
22363
msgstr ""
20371
22364
20372
#: serverguide/C/installation.xml:751(para)
22365
#: serverguide/C/installation.xml:795(para)
20373
22366
msgid ""
20374
22367
"The <application>mdadm</application> utility can be used to view the status "
20375
22368
"of an array, add disks to an array, remove disks, etc:"
20376
22369
msgstr ""
20377
22370
20378
#: serverguide/C/installation.xml:758(para)
22371
#: serverguide/C/installation.xml:802(para)
20379
22372
msgid "To view the status of an array, from a terminal prompt enter:"
20380
22373
msgstr ""
20381
22374
20382
#: serverguide/C/installation.xml:762(command)
22375
#: serverguide/C/installation.xml:806(command)
20383
22376
msgid "sudo mdadm -D /dev/md0"
20384
22377
msgstr ""
20385
22378
20386
#: serverguide/C/installation.xml:765(para)
22379
#: serverguide/C/installation.xml:809(para)
20387
22380
msgid ""
20388
22381
"The <emphasis>-D</emphasis> tells <application>mdadm</application> to "
20389
22382
"display <emphasis>detailed</emphasis> information about the "
20391
22384
"with the appropriate RAID device."
20392
22385
msgstr ""
20393
22386
20394
#: serverguide/C/installation.xml:771(para)
22387
#: serverguide/C/installation.xml:815(para)
20395
22388
msgid "To view the status of a disk in an array:"
20396
22389
msgstr ""
20397
22390
20398
#: serverguide/C/installation.xml:775(command)
22391
#: serverguide/C/installation.xml:819(command)
20399
22392
msgid "sudo mdadm -E /dev/sda1"
20400
22393
msgstr ""
20401
22394
20402
#: serverguide/C/installation.xml:777(para)
22395
#: serverguide/C/installation.xml:821(para)
20403
22396
msgid ""
20404
22397
"The output if very similar to the <command>mdadm -D</command> command, "
20405
22398
"adjust <filename>/dev/sda1</filename> for each disk."
20406
22399
msgstr ""
20407
22400
20408
#: serverguide/C/installation.xml:782(para)
22401
#: serverguide/C/installation.xml:826(para)
20409
22402
msgid "If a disk fails and needs to be removed from an array enter:"
20410
22403
msgstr ""
20411
22404
20412
#: serverguide/C/installation.xml:786(command)
22405
#: serverguide/C/installation.xml:830(command)
20413
22406
msgid "sudo mdadm --remove /dev/md0 /dev/sda1"
20414
22407
msgstr ""
20415
22408
20416
#: serverguide/C/installation.xml:788(para)
22409
#: serverguide/C/installation.xml:832(para)
20417
22410
msgid ""
20418
22411
"Change <filename>/dev/md0</filename> and <filename>/dev/sda1</filename> to "
20419
22412
"the appropriate RAID device and disk."
20420
22413
msgstr ""
20421
22414
20422
#: serverguide/C/installation.xml:793(para)
22415
#: serverguide/C/installation.xml:837(para)
20423
22416
msgid "Similarly, to add a new disk:"
20424
22417
msgstr ""
20425
22418
20426
#: serverguide/C/installation.xml:797(command)
22419
#: serverguide/C/installation.xml:841(command)
20427
22420
msgid "sudo mdadm --add /dev/md0 /dev/sda1"
20428
22421
msgstr ""
20429
22422
20430
#: serverguide/C/installation.xml:802(para)
22423
#: serverguide/C/installation.xml:846(para)
20431
22424
msgid ""
20432
22425
"Sometimes a disk can change to a <emphasis>faulty</emphasis> state even "
20433
22426
"though there is nothing physically wrong with the drive. It is usually "
20436
22429
"the array, it is a good indication of hardware failure."
20437
22430
msgstr ""
20438
22431
20439
#: serverguide/C/installation.xml:808(para)
22432
#: serverguide/C/installation.xml:852(para)
20440
22433
msgid ""
20441
22434
"The <filename>/proc/mdstat</filename> file also contains useful information "
20442
22435
"about the system's RAID devices:"
20443
22436
msgstr ""
20444
22437
20445
#: serverguide/C/installation.xml:813(command)
22438
#: serverguide/C/installation.xml:857(command)
20446
22439
msgid "cat /proc/mdstat"
20447
22440
msgstr ""
20448
22441
20449
#: serverguide/C/installation.xml:814(computeroutput)
22442
#: serverguide/C/installation.xml:858(computeroutput)
20450
22443
#, no-wrap
20451
22444
msgid ""
20452
22445
"Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] "
20457
22450
"unused devices: <none>"
20458
22451
msgstr ""
20459
22452
20460
#: serverguide/C/installation.xml:821(para)
22453
#: serverguide/C/installation.xml:865(para)
20461
22454
msgid ""
20462
22455
"The following command is great for watching the status of a syncing drive:"
20463
22456
msgstr ""
20464
22457
20465
#: serverguide/C/installation.xml:826(command)
22458
#: serverguide/C/installation.xml:870(command)
20466
22459
msgid "watch -n1 cat /proc/mdstat"
20467
22460
msgstr ""
20468
22461
20469
#: serverguide/C/installation.xml:829(para)
22462
#: serverguide/C/installation.xml:873(para)
20470
22463
msgid ""
20471
22464
"Press <emphasis>Ctrl+c</emphasis> to stop the "
20472
22465
"<application>watch</application> command."
20473
22466
msgstr ""
20474
22467
20475
#: serverguide/C/installation.xml:833(para)
22468
#: serverguide/C/installation.xml:877(para)
20476
22469
msgid ""
20477
22470
"If you do need to replace a faulty drive, after the drive has been replaced "
20478
22471
"and synced, <application>grub</application> will need to be installed. To "
20480
22473
"following:"
20481
22474
msgstr ""
20482
22475
20483
#: serverguide/C/installation.xml:839(command)
22476
#: serverguide/C/installation.xml:883(command)
20484
22477
msgid "sudo grub-install /dev/md0"
20485
22478
msgstr ""
20486
22479
20487
#: serverguide/C/installation.xml:842(para)
22480
#: serverguide/C/installation.xml:886(para)
20488
22481
msgid ""
20489
22482
"Replace <filename>/dev/md0</filename> with the appropriate array device name."
20490
22483
msgstr ""
20491
22484
20492
#: serverguide/C/installation.xml:850(para)
22485
#: serverguide/C/installation.xml:894(para)
20493
22486
msgid ""
20494
22487
"The topic of RAID arrays is a complex one due to the plethora of ways RAID "
20495
22488
"can be configured. Please see the following links for more information:"
20496
22489
msgstr ""
20497
22490
20498
#: serverguide/C/installation.xml:858(ulink)
22491
#: serverguide/C/installation.xml:901(para)
22492
msgid ""
22493
"<ulink url=\"https://help.ubuntu.com/community/Installation#raid\">Ubuntu "
22494
"Wiki Articles on RAID</ulink>."
22495
msgstr ""
22496
22497
#: serverguide/C/installation.xml:907(ulink)
20499
22498
msgid "Software RAID HOWTO"
20500
22499
msgstr ""
20501
22500
20502
#: serverguide/C/installation.xml:863(ulink)
22501
#: serverguide/C/installation.xml:912(ulink)
20503
22502
msgid "Managing RAID on Linux"
20504
22503
msgstr ""
20505
22504
20506
#: serverguide/C/installation.xml:870(title)
22505
#: serverguide/C/installation.xml:919(title)
20507
22506
msgid "Logical Volume Manager (LVM)"
20508
22507
msgstr ""
20509
22508
20510
#: serverguide/C/installation.xml:872(para)
22509
#: serverguide/C/installation.xml:921(para)
20511
22510
msgid ""
20512
22511
"Logical Volume Manger, or <emphasis>LVM</emphasis>, allows administrators to "
20513
22512
"create <emphasis>logical</emphasis> volumes out of one or multiple physical "
20516
22515
"giving greater flexibility to systems as requirements change."
20517
22516
msgstr ""
20518
22517
20519
#: serverguide/C/installation.xml:881(para)
22518
#: serverguide/C/installation.xml:930(para)
20520
22519
msgid ""
20521
22520
"A side effect of LVM's power and flexibility is a greater degree of "
20522
22521
"complication. Before diving into the LVM installation process, it is best to "
20523
22522
"get familiar with some terms."
20524
22523
msgstr ""
20525
22524
20526
#: serverguide/C/installation.xml:888(para)
22525
#: serverguide/C/installation.xml:937(para)
20527
22526
msgid ""
20528
22527
"<emphasis>Volume Group (VG):</emphasis> contains one or several Logical "
20529
22528
"Volumes (LV)."
20530
22529
msgstr ""
20531
22530
20532
#: serverguide/C/installation.xml:893(para)
22531
#: serverguide/C/installation.xml:942(para)
20533
22532
msgid ""
20534
22533
"<emphasis>Logical Volume (LV):</emphasis> is similar to a partition in a non-"
20535
22534
"LVM system. Multiple Physical Volumes (PV) can make up one LV, on top of "
20536
22535
"which resides the actual EXT3, XFS, JFS, etc filesystem."
20537
22536
msgstr ""
20538
22537
20539
#: serverguide/C/installation.xml:899(para)
22538
#: serverguide/C/installation.xml:948(para)
20540
22539
msgid ""
20541
22540
"<emphasis>Physical Volume (PV):</emphasis> physical hard disk or software "
20542
22541
"RAID partition. The Volume Group can be extended by adding more PVs."
20543
22542
msgstr ""
20544
22543
20545
#: serverguide/C/installation.xml:910(para)
22544
#: serverguide/C/installation.xml:959(para)
20546
22545
msgid ""
20547
22546
"As an example this section covers installing Ubuntu Server Edition with "
20548
22547
"<filename role=\"directory\">/srv</filename> mounted on a LVM volume. During "
20551
22550
"can be extended."
20552
22551
msgstr ""
20553
22552
20554
#: serverguide/C/installation.xml:916(para)
22553
#: serverguide/C/installation.xml:965(para)
20555
22554
msgid ""
20556
22555
"There are several installation options for LVM, <emphasis>\"Guided - use the "
20557
22556
"entire disk and setup LVM\"</emphasis> which will also allow you to assign a "
20562
22561
"the Manual approach."
20563
22562
msgstr ""
20564
22563
20565
#: serverguide/C/installation.xml:933(para)
22564
#: serverguide/C/installation.xml:982(para)
20566
22565
msgid ""
20567
22566
"At the <emphasis>\"Partition Disks</emphasis> screen choose "
20568
22567
"<emphasis>\"Manual\"</emphasis>."
20569
22568
msgstr ""
20570
22569
20571
#: serverguide/C/installation.xml:940(para)
22570
#: serverguide/C/installation.xml:989(para)
20572
22571
msgid ""
20573
22572
"Select the hard disk and on the next screen choose \"yes\" to "
20574
22573
"<emphasis>\"Create a new empty partition table on this device\"</emphasis>."
20575
22574
msgstr ""
20576
22575
20577
#: serverguide/C/installation.xml:947(para)
22576
#: serverguide/C/installation.xml:996(para)
20578
22577
msgid ""
20579
22578
"Next, create standard <emphasis>/boot</emphasis>, <emphasis>swap</emphasis>, "
20580
22579
"and <emphasis>/</emphasis> partitions with whichever filesystem you prefer."
20581
22580
msgstr ""
20582
22581
20583
#: serverguide/C/installation.xml:955(para)
22582
#: serverguide/C/installation.xml:1004(para)
20584
22583
msgid ""
20585
22584
"For the LVM <emphasis>/srv</emphasis>, create a new "
20586
22585
"<emphasis>Logical</emphasis> partition. Then change <emphasis>\"Use "
20588
22587
"<emphasis>\"Done setting up the partition\"</emphasis>."
20589
22588
msgstr ""
20590
22589
20591
#: serverguide/C/installation.xml:963(para)
22590
#: serverguide/C/installation.xml:1012(para)
20592
22591
msgid ""
20593
22592
"Now select <emphasis>\"Configure the Logical Volume Manager\"</emphasis> at "
20594
22593
"the top, and choose <emphasis>\"Yes\"</emphasis> to write the changes to "
20595
22594
"disk."
20596
22595
msgstr ""
20597
22596
20598
#: serverguide/C/installation.xml:971(para)
22597
#: serverguide/C/installation.xml:1020(para)
20599
22598
msgid ""
20600
22599
"For the <emphasis>\"LVM configuration action\"</emphasis> on the next "
20601
22600
"screen, choose <emphasis>\"Create volume group\"</emphasis>. Enter a name "
20604
22603
"<emphasis>\"Continue\"</emphasis>."
20605
22604
msgstr ""
20606
22605
20607
#: serverguide/C/installation.xml:980(para)
22606
#: serverguide/C/installation.xml:1029(para)
20608
22607
msgid ""
20609
22608
"Back at the <emphasis>\"LVM configuration action\"</emphasis> screen, select "
20610
22609
"<emphasis>\"Create logical volume\"</emphasis>. Select the newly created "
20615
22614
"main <emphasis>\"Partition Disks\"</emphasis> screen."
20616
22615
msgstr ""
20617
22616
20618
#: serverguide/C/installation.xml:990(para)
22617
#: serverguide/C/installation.xml:1039(para)
20619
22618
msgid ""
20620
22619
"Now add a filesystem to the new LVM. Select the partition under "
20621
22620
"<emphasis>\"LVM VG vg01, LV srv\"</emphasis>, or whatever name you have "
20624
22623
"select <emphasis>\"Done setting up the partition\"</emphasis>."
20625
22624
msgstr ""
20626
22625
20627
#: serverguide/C/installation.xml:999(para)
22626
#: serverguide/C/installation.xml:1048(para)
20628
22627
msgid ""
20629
22628
"Finally, select <emphasis>\"Finish partitioning and write changes to "
20630
22629
"disk\"</emphasis>. Then confirm the changes and continue with the rest of "
20631
22630
"the installation."
20632
22631
msgstr ""
20633
22632
20634
#: serverguide/C/installation.xml:1007(para)
22633
#: serverguide/C/installation.xml:1056(para)
20635
22634
msgid "There are some useful utilities to view information about LVM:"
20636
22635
msgstr ""
20637
22636
20638
#: serverguide/C/installation.xml:1012(para)
22637
#: serverguide/C/installation.xml:1061(para)
20639
22638
msgid ""
20640
22639
"<emphasis>vgdisplay:</emphasis> shows information about Volume Groups."
20641
22640
msgstr ""
20642
22641
20643
#: serverguide/C/installation.xml:1013(para)
22642
#: serverguide/C/installation.xml:1062(para)
20644
22643
msgid ""
20645
22644
"<emphasis>lvdisplay:</emphasis> has information about Logical Volumes."
20646
22645
msgstr ""
20647
22646
20648
#: serverguide/C/installation.xml:1014(para)
22647
#: serverguide/C/installation.xml:1063(para)
20649
22648
msgid ""
20650
22649
"<emphasis>pvdisplay:</emphasis> similarly displays information about "
20651
22650
"Physical Volumes."
20652
22651
msgstr ""
20653
22652
20654
#: serverguide/C/installation.xml:1019(title)
22653
#: serverguide/C/installation.xml:1068(title)
20655
22654
msgid "Extending Volume Groups"
20656
22655
msgstr ""
20657
22656
20658
#: serverguide/C/installation.xml:1021(para)
22657
#: serverguide/C/installation.xml:1070(para)
20659
22658
msgid ""
20660
22659
"Continuing with <emphasis>srv</emphasis> as an LVM volume example, this "
20661
22660
"section covers adding a second hard disk, creating a Physical Volume (PV), "
20670
22669
"them as different physical volumes)"
20671
22670
msgstr ""
20672
22671
20673
#: serverguide/C/installation.xml:1033(para)
22672
#: serverguide/C/installation.xml:1082(para)
20674
22673
msgid "First, create the physical volume, in a terminal execute:"
20675
22674
msgstr ""
20676
22675
20677
#: serverguide/C/installation.xml:1038(command)
22676
#: serverguide/C/installation.xml:1087(command)
20678
22677
msgid "sudo pvcreate /dev/sdb"
20679
22678
msgstr ""
20680
22679
20681
#: serverguide/C/installation.xml:1044(para)
22680
#: serverguide/C/installation.xml:1093(para)
20682
22681
msgid "Now extend the Volume Group (VG):"
20683
22682
msgstr ""
20684
22683
20685
#: serverguide/C/installation.xml:1049(command)
22684
#: serverguide/C/installation.xml:1098(command)
20686
22685
msgid "sudo vgextend vg01 /dev/sdb"
20687
22686
msgstr ""
20688
22687
20689
#: serverguide/C/installation.xml:1055(para)
22688
#: serverguide/C/installation.xml:1104(para)
20690
22689
msgid ""
20691
22690
"Use <application>vgdisplay</application> to find out the free physical "
20692
22691
"extents - Free PE / size (the size you can allocate). We will assume a free "
20694
22693
"whole free space available. Use your own PE and/or free space."
20695
22694
msgstr ""
20696
22695
20697
#: serverguide/C/installation.xml:1061(para)
22696
#: serverguide/C/installation.xml:1110(para)
20698
22697
msgid ""
20699
22698
"The Logical Volume (LV) can now be extended by different methods, we will "
20700
22699
"only see how to use the PE to extend the LV:"
20701
22700
msgstr ""
20702
22701
20703
#: serverguide/C/installation.xml:1066(command)
22702
#: serverguide/C/installation.xml:1115(command)
20704
22703
msgid "sudo lvextend /dev/vg01/srv -l +511"
20705
22704
msgstr ""
20706
22705
20707
#: serverguide/C/installation.xml:1069(para)
22706
#: serverguide/C/installation.xml:1118(para)
20708
22707
msgid ""
20709
22708
"The <emphasis>-l</emphasis> option allows the LV to be extended using PE. "
20710
22709
"The <emphasis>-L</emphasis> option allows the LV to be extended using Meg, "
20711
22710
"Gig, Tera, etc bytes."
20712
22711
msgstr ""
20713
22712
20714
#: serverguide/C/installation.xml:1077(para)
22713
#: serverguide/C/installation.xml:1126(para)
20715
22714
msgid ""
20716
22715
"Even though you are supposed to be able to <emphasis>expand</emphasis> an "
20717
22716
"ext3 or ext4 filesystem without unmounting it first, it may be a good "
20720
22719
"first is compulsory)."
20721
22720
msgstr ""
20722
22721
20723
#: serverguide/C/installation.xml:1083(para)
22722
#: serverguide/C/installation.xml:1132(para)
20724
22723
msgid ""
20725
22724
"The following commands are for an <emphasis>EXT3</emphasis> or "
20726
22725
"<emphasis>EXT4</emphasis> filesystem. If you are using another filesystem "
20727
22726
"there may be other utilities available."
20728
22727
msgstr ""
20729
22728
20730
#: serverguide/C/installation.xml:1090(command)
22729
#: serverguide/C/installation.xml:1139(command)
20731
22730
msgid "sudo e2fsck -f /dev/vg01/srv"
20732
22731
msgstr ""
20733
22732
20734
#: serverguide/C/installation.xml:1093(para)
22733
#: serverguide/C/installation.xml:1142(para)
20735
22734
msgid ""
20736
22735
"The <emphasis>-f</emphasis> option of <application>e2fsck</application> "
20737
22736
"forces checking even if the system seems clean."
20738
22737
msgstr ""
20739
22738
20740
#: serverguide/C/installation.xml:1100(para)
22739
#: serverguide/C/installation.xml:1149(para)
20741
22740
msgid "Finally, resize the filesystem:"
20742
22741
msgstr ""
20743
22742
20744
#: serverguide/C/installation.xml:1105(command)
22743
#: serverguide/C/installation.xml:1154(command)
20745
22744
msgid "sudo resize2fs /dev/vg01/srv"
20746
22745
msgstr ""
20747
22746
20748
#: serverguide/C/installation.xml:1111(para)
22747
#: serverguide/C/installation.xml:1160(para)
20749
22748
msgid "Now mount the partition and check its size."
20750
22749
msgstr ""
20751
22750
20752
#: serverguide/C/installation.xml:1116(command)
22751
#: serverguide/C/installation.xml:1165(command)
20753
22752
msgid "mount /dev/vg01/srv /srv && df -h /srv"
20754
22753
msgstr ""
20755
22754
20756
#: serverguide/C/installation.xml:1128(para)
22755
#: serverguide/C/installation.xml:1177(para)
22756
msgid ""
22757
"See the <ulink "
22758
"url=\"https://help.ubuntu.com/community/Installation#lvm\">Ubuntu Wiki LVM "
22759
"Articles</ulink>."
22760
msgstr ""
22761
22762
#: serverguide/C/installation.xml:1182(para)
20757
22763
msgid ""
20758
22764
"See the <ulink url=\"http://tldp.org/HOWTO/LVM-HOWTO/index.html\">LVM "
20759
22765
"HOWTO</ulink> for more information."
20760
22766
msgstr ""
20761
22767
20762
#: serverguide/C/installation.xml:1133(para)
22768
#: serverguide/C/installation.xml:1187(para)
20763
22769
msgid ""
20764
22770
"Another good article is <ulink "
20765
22771
"url=\"http://www.linuxdevcenter.com/pub/a/linux/2006/04/27/managing-disk-"
20767
22773
"linuxdevcenter.com site."
20768
22774
msgstr ""
20769
22775
20770
#: serverguide/C/installation.xml:1140(para)
22776
#: serverguide/C/installation.xml:1194(para)
20771
22777
msgid ""
20772
22778
"For more information on <application>fdisk</application> see the <ulink "
20773
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/fdisk.8.html\">fdisk"
20774
" man page</ulink>."
22779
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/fdisk.8.html\">fdisk "
22780
"man page</ulink>."
20775
22781
msgstr ""
20776
22782
20777
22783
#: serverguide/C/file-server.xml:13(title)
21101
23107
#: serverguide/C/file-server.xml:293(para)
21102
23108
msgid ""
21103
23109
"For detailed <filename>/etc/vsftpd.conf</filename> options see the <ulink "
21104
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/vsftpd.conf.5.html\""
21105
">vsftpd.conf man page</ulink>."
23110
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/vsftpd.conf.5.html\">"
23111
"vsftpd.conf man page</ulink>."
21106
23112
msgstr ""
21107
23113
21108
23114
#: serverguide/C/file-server.xml:299(para)
21113
23119
"contrasting FTPS and SFTP."
21114
23120
msgstr ""
21115
23121
21116
#: serverguide/C/file-server.xml:310(title)
23122
#: serverguide/C/file-server.xml:305(para)
23123
msgid ""
23124
"Also, for more information see the <ulink "
23125
"url=\"https://help.ubuntu.com/community/vsftpd\">Ubuntu Wiki vsftpd</ulink> "
23126
"page."
23127
msgstr ""
23128
23129
#: serverguide/C/file-server.xml:315(title)
21117
23130
msgid "Network File System (NFS)"
21118
23131
msgstr "网络文件系统 (NFS)"
21119
23132
21120
#: serverguide/C/file-server.xml:311(para)
23133
#: serverguide/C/file-server.xml:316(para)
21121
23134
msgid ""
21122
23135
"NFS allows a system to share directories and files with others over a "
21123
23136
"network. By using NFS, users and programs can access files on remote systems "
21124
23137
"almost as if they were local files."
21125
23138
msgstr "NFS 允许系统将其目录和文件共享给网络上的其他系统。通过 NFS,用户和应用程序可以访问远程系统上的文件,就象它们是本地文件一样。"
21126
23139
21127
#: serverguide/C/file-server.xml:317(para)
23140
#: serverguide/C/file-server.xml:322(para)
21128
23141
msgid "Some of the most notable benefits that NFS can provide are:"
21129
23142
msgstr "NFS 最值得注意的优点有:"
21130
23143
21131
#: serverguide/C/file-server.xml:323(para)
23144
#: serverguide/C/file-server.xml:328(para)
21132
23145
msgid ""
21133
23146
"Local workstations use less disk space because commonly used data can be "
21134
23147
"stored on a single machine and still remain accessible to others over the "
21135
23148
"network."
21136
23149
msgstr "本地工作站可以使用更少的磁盘空间,因为常用数据可以被保存在一台机器上,并让网络上的其他机器可以访问它。"
21137
23150
21138
#: serverguide/C/file-server.xml:328(para)
23151
#: serverguide/C/file-server.xml:333(para)
21139
23152
msgid ""
21140
23153
"There is no need for users to have separate home directories on every "
21141
23154
"network machine. Home directories could be set up on the NFS server and made "
21142
23155
"available throughout the network."
21143
23156
msgstr "不需要为用户在每台网络机器上放一个用户目录。用户目录可以在 NFS 服务器上设置并使其在整个网络上可用。"
21144
23157
21145
#: serverguide/C/file-server.xml:334(para)
23158
#: serverguide/C/file-server.xml:339(para)
21146
23159
msgid ""
21147
23160
"Storage devices such as floppy disks, CDROM drives, and USB Thumb drives can "
21148
23161
"be used by other machines on the network. This may reduce the number of "
21149
23162
"removable media drives throughout the network."
21150
23163
msgstr "存储设备如软盘、光驱及 USB 设备可以被网络上其它机器使用。这可能可以减少网络上移动设备的数量。"
21151
23164
21152
#: serverguide/C/file-server.xml:344(para)
23165
#: serverguide/C/file-server.xml:349(para)
21153
23166
msgid ""
21154
23167
"At a terminal prompt enter the following command to install the NFS Server:"
21155
23168
msgstr "在终端提示符后键入以下命令安装 NFS 服务器:"
21156
23169
21157
#: serverguide/C/file-server.xml:350(command)
23170
#: serverguide/C/file-server.xml:355(command)
21158
23171
msgid "sudo apt-get install nfs-kernel-server"
21159
23172
msgstr "sudo apt-get install nfs-kernel-server"
21160
23173
21161
#: serverguide/C/file-server.xml:356(para)
23174
#: serverguide/C/file-server.xml:361(para)
21162
23175
msgid ""
21163
23176
"You can configure the directories to be exported by adding them to the "
21164
23177
"<filename>/etc/exports</filename> file. For example:"
21165
23178
msgstr "您可以配置要输出的目录,您可以在 <filename>/etc/exports</filename> 文件中添加该目录。例如:"
21166
23179
21167
#: serverguide/C/file-server.xml:361(screen)
23180
#: serverguide/C/file-server.xml:366(screen)
21168
23181
#, no-wrap
21169
23182
msgid ""
21170
23183
"\n"
21175
23188
"/ubuntu *(ro,sync,no_root_squash)\n"
21176
23189
"/home *(rw,sync,no_root_squash)\n"
21177
23190
21178
#: serverguide/C/file-server.xml:367(para)
23191
#: serverguide/C/file-server.xml:372(para)
21179
23192
msgid ""
21180
23193
"You can replace * with one of the hostname formats. Make the hostname "
21181
23194
"declaration as specific as possible so unwanted systems cannot access the "
21182
23195
"NFS mount."
21183
23196
msgstr "您可以用主机名来代替 *。尽量指定主机名以便使那些不想其访问的系统访问 NFS 挂载的资源。"
21184
23197
21185
#: serverguide/C/file-server.xml:373(para)
23198
#: serverguide/C/file-server.xml:378(para)
21186
23199
msgid ""
21187
23200
"To start the NFS server, you can run the following command at a terminal "
21188
23201
"prompt:"
21189
23202
msgstr "您可以在终端提示符后运行以下命令来启动 NFS 服务器:"
21190
23203
21191
#: serverguide/C/file-server.xml:378(command)
23204
#: serverguide/C/file-server.xml:383(command)
21192
23205
msgid "sudo /etc/init.d/nfs-kernel-server start"
21193
23206
msgstr "sudo /etc/init.d/nfs-kernel-server start"
21194
23207
21195
#: serverguide/C/file-server.xml:383(title)
23208
#: serverguide/C/file-server.xml:388(title)
21196
23209
msgid "NFS Client Configuration"
21197
23210
msgstr "NFS 客户端配置"
21198
23211
21199
#: serverguide/C/file-server.xml:384(para)
23212
#: serverguide/C/file-server.xml:389(para)
21200
23213
msgid ""
21201
23214
"Use the <application>mount</application> command to mount a shared NFS "
21202
23215
"directory from another machine, by typing a command line similar to the "
21204
23217
msgstr ""
21205
23218
"使用 <application>mount</application> 命令来挂载其他机器共享的 NFS 目录。可以在终端提示符后输入以下类似的命令:"
21206
23219
21207
#: serverguide/C/file-server.xml:390(command)
23220
#: serverguide/C/file-server.xml:395(command)
21208
23221
msgid "sudo mount example.hostname.com:/ubuntu /local/ubuntu"
21209
23222
msgstr "sudo mount example.hostname.com:/ubuntu /local/ubuntu"
21210
23223
21211
#: serverguide/C/file-server.xml:394(para)
23224
#: serverguide/C/file-server.xml:399(para)
21212
23225
msgid ""
21213
23226
"The mount point directory <filename>/local/ubuntu</filename> must exist. "
21214
23227
"There should be no files or subdirectories in the "
21217
23230
"挂载点 <filename>/local/ubuntu</filename> 目录必须已经存在。而且在 "
21218
23231
"<filename>/local/ubuntu</filename> 目录中没有文件或子目录。"
21219
23232
21220
#: serverguide/C/file-server.xml:401(para)
23233
#: serverguide/C/file-server.xml:406(para)
21221
23234
msgid ""
21222
23235
"An alternate way to mount an NFS share from another machine is to add a line "
21223
23236
"to the <filename>/etc/fstab</filename> file. The line must state the "
21227
23240
"另一个挂载其他机器的 NFS 共享的方式就是在 <filename>/etc/fstab</filename> 文件中添加一行。该行必须指明 NFS "
21228
23241
"服务器的主机名、服务器输出的目录名以及挂载 NFS 共享的本机目录。"
21229
23242
21230
#: serverguide/C/file-server.xml:409(para)
23243
#: serverguide/C/file-server.xml:414(para)
21231
23244
msgid ""
21232
23245
"The general syntax for the line in <filename>/etc/fstab</filename> file is "
21233
23246
"as follows:"
21234
23247
msgstr "以下是在 <filename>/etc/fstab</filename> 中的常用语法:"
21235
23248
21236
#: serverguide/C/file-server.xml:415(programlisting)
23249
#: serverguide/C/file-server.xml:420(programlisting)
21237
23250
#, no-wrap
21238
23251
msgid ""
21239
23252
"\n"
21244
23257
"example.hostname.com:/ubuntu /local/ubuntu nfs "
21245
23258
"rsize=8192,wsize=8192,timeo=14,intr\n"
21246
23259
21247
#: serverguide/C/file-server.xml:419(para)
23260
#: serverguide/C/file-server.xml:424(para)
21248
23261
msgid ""
21249
23262
"If you have trouble mounting an NFS share, make sure the <application>nfs-"
21250
23263
"common</application> package is installed on your client. To install "
21254
23267
"</screen>"
21255
23268
msgstr ""
21256
23269
21257
#: serverguide/C/file-server.xml:432(ulink)
23270
#: serverguide/C/file-server.xml:437(ulink)
21258
23271
msgid "Linux NFS faq"
21259
23272
msgstr "Linux NFS 常见问答"
21260
23273
21261
#: serverguide/C/file-server.xml:437(title)
23274
#: serverguide/C/file-server.xml:439(ulink)
23275
msgid "Ubuntu Wiki NFS Howto"
23276
msgstr ""
23277
23278
#: serverguide/C/file-server.xml:445(title)
21262
23279
msgid "CUPS - Print Server"
21263
23280
msgstr "CUPS - 打印服务器"
21264
23281
21265
#: serverguide/C/file-server.xml:438(para)
23282
#: serverguide/C/file-server.xml:446(para)
21266
23283
msgid ""
21267
23284
"The primary mechanism for Ubuntu printing and print services is the "
21268
23285
"<emphasis role=\"bold\">Common UNIX Printing System</emphasis> (CUPS). This "
21273
23290
"Printing System,通用 UNIX 打印系统)。这个打印系统是一个免费可用的、可移植的打印虚拟层,并已成为大多数 Linux "
21274
23291
"发行版的新打印标准。"
21275
23292
21276
#: serverguide/C/file-server.xml:445(para)
23293
#: serverguide/C/file-server.xml:453(para)
21277
23294
msgid ""
21278
23295
"CUPS manages print jobs and queues and provides network printing using the "
21279
23296
"standard Internet Printing Protocol (IPP), while offering support for a very "
21286
23303
"提供网络打印,该协议提供最大范围的打印机支持,从点阵打印机到激光打印机以及位于两者之间的许多打印机。CUPS 也支持 PostScript "
21287
23304
"Printer Description (PPD) 和网络打印机的自动检测,以及提供基于 Web 的简单配置和管理工具。"
21288
23305
21289
#: serverguide/C/file-server.xml:455(para)
23306
#: serverguide/C/file-server.xml:463(para)
21290
23307
msgid ""
21291
23308
"To install CUPS on your Ubuntu computer, simply use "
21292
23309
"<application>sudo</application> with the <application>apt-get</application> "
21299
23316
"<application>apt-get</application> 命令并将要安装的包作为第一个参数即可。一个完整的 CUPS "
21300
23317
"安装有很多包依赖关系,但它们都可以在同一行上给出。在终端输入以下命令来安装 CUPS:"
21301
23318
21302
#: serverguide/C/file-server.xml:460(command)
23319
#: serverguide/C/file-server.xml:468(command)
21303
23320
msgid "sudo apt-get install cups"
21304
23321
msgstr ""
21305
23322
21306
#: serverguide/C/file-server.xml:463(para)
23323
#: serverguide/C/file-server.xml:471(para)
21307
23324
msgid ""
21308
23325
"Upon authenticating with your user password, the packages should be "
21309
23326
"downloaded and installed without error. Upon the conclusion of installation, "
21310
23327
"the CUPS server will be started automatically."
21311
23328
msgstr ""
21312
23329
21313
#: serverguide/C/file-server.xml:468(para)
23330
#: serverguide/C/file-server.xml:476(para)
21314
23331
msgid ""
21315
23332
"For troubleshooting purposes, you can access CUPS server errors via the "
21316
23333
"error log file at: <filename>/var/log/cups/error_log</filename>. If the "
21323
23340
"from becoming overly large."
21324
23341
msgstr ""
21325
23342
21326
#: serverguide/C/file-server.xml:481(para)
23343
#: serverguide/C/file-server.xml:489(para)
21327
23344
msgid ""
21328
23345
"The Common UNIX Printing System server's behavior is configured through the "
21329
23346
"directives contained in the file <filename>/etc/cups/cupsd.conf</filename>. "
21337
23354
"打印系统服务器的行为的。CUPS 配置文件与 Apache HTTP 服务器的主配置文件语法相同,因此熟悉编辑 Apache 配置文件的用户在编辑 "
21338
23355
"CUPS 配置文件时会感到相当容易。在这里将显示一些您可能想要改变初始值的设置范例。"
21339
23356
21340
#: serverguide/C/file-server.xml:491(para)
23357
#: serverguide/C/file-server.xml:499(para)
21341
23358
msgid ""
21342
23359
"Prior to editing the configuration file, you should make a copy of the "
21343
23360
"original file and protect it from writing, so you will have the original "
21344
23361
"settings as a reference, and to reuse as necessary."
21345
23362
msgstr "在编辑配置文件之前,您应该将原始文件做个副本并将其写保护,以便您可以将原始文件作为参考并在必要时重用它。"
21346
23363
21347
#: serverguide/C/file-server.xml:495(para)
23364
#: serverguide/C/file-server.xml:503(para)
21348
23365
msgid ""
21349
23366
"Copy the <filename>/etc/cups/cupsd.conf</filename> file and protect it from "
21350
23367
"writing with the following commands, issued at a terminal prompt:"
21351
23368
msgstr ""
21352
23369
"拷贝 <filename>/etc/cups/cupsd.conf</filename> 文件并对其写保护,可以在终端提示符后执行以下命令:"
21353
23370
21354
#: serverguide/C/file-server.xml:501(command)
23371
#: serverguide/C/file-server.xml:509(command)
21355
23372
msgid "sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.original"
21356
23373
msgstr "sudo cp /etc/cups/cupsd.conf /etc/cups/cupsd.conf.original"
21357
23374
21358
#: serverguide/C/file-server.xml:502(command)
23375
#: serverguide/C/file-server.xml:510(command)
21359
23376
msgid "sudo chmod a-w /etc/cups/cupsd.conf.original"
21360
23377
msgstr "sudo chmod a-w /etc/cups/cupsd.conf.original"
21361
23378
21362
#: serverguide/C/file-server.xml:507(para)
23379
#: serverguide/C/file-server.xml:515(para)
21363
23380
msgid ""
21364
23381
"<emphasis role=\"bold\">ServerAdmin</emphasis>: To configure the email "
21365
23382
"address of the designated administrator of the CUPS server, simply edit the "
21371
23388
"as such:"
21372
23389
msgstr ""
21373
23390
21374
#: serverguide/C/file-server.xml:518(screen)
23391
#: serverguide/C/file-server.xml:526(screen)
21375
23392
#, no-wrap
21376
23393
msgid ""
21377
23394
"\n"
21380
23397
"\n"
21381
23398
"ServerAdmin bjoy@somebigco.com\n"
21382
23399
21383
#: serverguide/C/file-server.xml:524(para)
23400
#: serverguide/C/file-server.xml:532(para)
21384
23401
msgid ""
21385
23402
"<emphasis role=\"bold\">Listen</emphasis>: By default on Ubuntu, the CUPS "
21386
23403
"server installation listens only on the loopback interface at IP address "
21395
23412
"such:"
21396
23413
msgstr ""
21397
23414
21398
#: serverguide/C/file-server.xml:538(screen)
23415
#: serverguide/C/file-server.xml:546(screen)
21399
23416
#, no-wrap
21400
23417
msgid ""
21401
23418
"\n"
21409
23426
"Listen /var/run/cups/cups.sock # existing socket Listen\n"
21410
23427
"Listen 192.168.10.250:631 # Listen on the LAN interface, Port 631 (IPP)\n"
21411
23428
21412
#: serverguide/C/file-server.xml:544(para)
23429
#: serverguide/C/file-server.xml:552(para)
21413
23430
msgid ""
21414
23431
"In the example above, you may comment out or remove the reference to the "
21415
23432
"Loopback address (127.0.0.1) if you do not wish <application>cupsd "
21423
23440
",您可能注释或删除了相关语句。但最好保留它以监听局域网 (LAN) 的以太网接口。为了能监听一个特定主机名所绑定的所有的网络接口,您可以为 "
21424
23441
"<emphasis>socrates</emphasis> 主机名创建一个 Listen 条目,如下所示:"
21425
23442
21426
#: serverguide/C/file-server.xml:554(screen)
23443
#: serverguide/C/file-server.xml:562(screen)
21427
23444
#, no-wrap
21428
23445
msgid ""
21429
23446
"\n"
21432
23449
"\n"
21433
23450
"Listen socrates:631 # Listen on all interfaces for the hostname 'socrates'\n"
21434
23451
21435
#: serverguide/C/file-server.xml:558(para)
23452
#: serverguide/C/file-server.xml:566(para)
21436
23453
msgid ""
21437
23454
"or by omitting the Listen directive and using <emphasis>Port</emphasis> "
21438
23455
"instead, as in:"
21439
23456
msgstr "或者忽略 Listen 语句并使用 <emphasis>Port</emphasis> 来代替,如:"
21440
23457
21441
#: serverguide/C/file-server.xml:560(screen)
23458
#: serverguide/C/file-server.xml:568(screen)
21442
23459
#, no-wrap
21443
23460
msgid ""
21444
23461
"\n"
21447
23464
"\n"
21448
23465
"Port 631 # Listen on port 631 on all interfaces\n"
21449
23466
21450
#: serverguide/C/file-server.xml:567(para)
23467
#: serverguide/C/file-server.xml:575(para)
21451
23468
msgid ""
21452
23469
"For more examples of configuration directives in the CUPS server "
21453
23470
"configuration file, view the associated system manual page by entering the "
21454
23471
"following command at a terminal prompt:"
21455
23472
msgstr "关于 CUPS 服务器配置文件中配置语句的更多范例,通过在终端提示符后输入以下命令可以查阅相关的系统手册页:"
21456
23473
21457
#: serverguide/C/file-server.xml:574(command)
23474
#: serverguide/C/file-server.xml:582(command)
21458
23475
msgid "man cupsd.conf"
21459
23476
msgstr "man cupsd.conf"
21460
23477
21461
#: serverguide/C/file-server.xml:578(para)
23478
#: serverguide/C/file-server.xml:586(para)
21462
23479
msgid ""
21463
23480
"Whenever you make changes to the <filename>/etc/cups/cupsd.conf</filename> "
21464
23481
"configuration file, you'll need to restart the CUPS server by typing the "
21467
23484
"无论您在什么时间修改了 <filename>/etc/cups/cupsd.conf</filename> 配置文件,您都需要重启 CUPS "
21468
23485
"服务,在终端提示符后键入以下命令:"
21469
23486
21470
#: serverguide/C/file-server.xml:584(command)
23487
#: serverguide/C/file-server.xml:592(command)
21471
23488
msgid "sudo /etc/init.d/cups restart"
21472
23489
msgstr ""
21473
23490
21474
#: serverguide/C/file-server.xml:590(title)
23491
#: serverguide/C/file-server.xml:598(title)
21475
23492
msgid "Web Interface"
21476
23493
msgstr ""
21477
23494
21478
#: serverguide/C/file-server.xml:592(para)
23495
#: serverguide/C/file-server.xml:600(para)
21479
23496
msgid ""
21480
23497
"CUPS can be configured and monitored using a web interface, which by default "
21481
23498
"is available at <ulink "
21483
23500
"web interface can be used to perform all printer management tasks."
21484
23501
msgstr ""
21485
23502
21486
#: serverguide/C/file-server.xml:596(para)
23503
#: serverguide/C/file-server.xml:604(para)
21487
23504
msgid ""
21488
23505
"In order to perform administrative tasks via the web interface, you must "
21489
23506
"either have the root account enabled on your server, or authenticate as a "
21491
23508
"reasons, CUPS won't authenticate a user that doesn't have a password."
21492
23509
msgstr ""
21493
23510
21494
#: serverguide/C/file-server.xml:599(para)
23511
#: serverguide/C/file-server.xml:607(para)
21495
23512
msgid ""
21496
23513
"To add a user to the <emphasis role=\"italic\">lpadmin</emphasis> group, run "
21497
23514
"at the terminal prompt: <screen>\n"
21499
23516
"</screen>"
21500
23517
msgstr ""
21501
23518
21502
#: serverguide/C/file-server.xml:605(para)
23519
#: serverguide/C/file-server.xml:613(para)
21503
23520
msgid ""
21504
23521
"Further documentation is available in the <emphasis "
21505
23522
"role=\"italic\">Documentation/Help</emphasis> tab of the web interface."
21506
23523
msgstr ""
21507
23524
21508
#: serverguide/C/file-server.xml:613(ulink)
23525
#: serverguide/C/file-server.xml:621(ulink)
21509
23526
msgid "CUPS Website"
21510
23527
msgstr "CUPS 网络"
21511
23528
23529
#: serverguide/C/file-server.xml:624(ulink)
23530
msgid "Ubuntu Wiki CUPS page"
23531
msgstr ""
23532
21512
23533
#: serverguide/C/dns.xml:13(title)
21513
23534
msgid "Domain Name Service (DNS)"
21514
23535
msgstr "域名解析服务 (DNS)"
22334
24355
"ns2\tIN A\t 192.168.1.11\n"
22335
24356
msgstr ""
22336
24357
22337
#: serverguide/C/dns.xml:619(title)
22338
msgid "More Information"
22339
msgstr "更多信息"
22340
22341
#: serverguide/C/dns.xml:620(para)
24358
#: serverguide/C/dns.xml:622(para)
22342
24359
msgid ""
22343
24360
"The <ulink url=\"http://www.tldp.org/HOWTO/DNS-HOWTO.html\">DNS "
22344
24361
"HOWTO</ulink> explains more advanced options for configuring BIND9."
22345
24362
msgstr ""
22346
24363
22347
#: serverguide/C/dns.xml:623(para)
24364
#: serverguide/C/dns.xml:627(para)
22348
24365
msgid ""
22349
24366
"For in depth coverage of <emphasis>DNS</emphasis> and "
22350
24367
"<application>BIND9</application> see <ulink "
22351
24368
"url=\"http://www.bind9.net/\">Bind9.net</ulink>."
22352
24369
msgstr ""
22353
24370
22354
#: serverguide/C/dns.xml:626(para)
24371
#: serverguide/C/dns.xml:632(para)
22355
24372
msgid ""
22356
24373
"<ulink url=\"http://www.oreilly.com/catalog/dns5/index.html\">DNS and "
22357
24374
"BIND</ulink> is a popular book now in it's fifth edition."
22358
24375
msgstr ""
22359
24376
22360
#: serverguide/C/dns.xml:629(para)
24377
#: serverguide/C/dns.xml:637(para)
22361
24378
msgid ""
22362
24379
"A great place to ask for <application>BIND9</application> assistance, and "
22363
24380
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
22365
24382
"url=\"http://freenode.net\">freenode</ulink>."
22366
24383
msgstr ""
22367
24384
24385
#: serverguide/C/dns.xml:643(para)
24386
msgid ""
24387
"Also, see the <ulink "
24388
"url=\"https://help.ubuntu.com/community/BIND9ServerHowto\">BIND9 Server "
24389
"HOWTO</ulink> in the Ubuntu Wiki."
24390
msgstr ""
24391
22368
24392
#: serverguide/C/databases.xml:13(title)
22369
24393
msgid "Databases"
22370
24394
msgstr "数据库"
22373
24397
msgid "Ubuntu provides two popular database servers. They are:"
22374
24398
msgstr ""
22375
24399
22376
#: serverguide/C/databases.xml:22(application) serverguide/C/databases.xml:152(title)
24400
#: serverguide/C/databases.xml:22(application) serverguide/C/databases.xml:157(title)
22377
24401
msgid "PostgreSQL"
22378
24402
msgstr "PostgreSQL"
22379
24403
22438
24462
"You can edit the <filename>/etc/mysql/my.cnf</filename> file to configure "
22439
24463
"the basic settings -- log file, port number, etc. For example, to configure "
22440
24464
"<application>MySQL</application> to listen for connections from network "
22441
"hosts, change the <emphasis>bind_address</emphasis> directive to the "
24465
"hosts, change the <emphasis>bind-address</emphasis> directive to the "
22442
24466
"server's IP address:"
22443
24467
msgstr ""
22444
24468
22467
24491
msgstr ""
22468
24492
22469
24493
#: serverguide/C/databases.xml:113(command)
22470
msgid "sudo dpkg-reconfigure mysql-server-5.0"
24494
msgid "sudo dpkg-reconfigure mysql-server-5.1"
22471
24495
msgstr ""
22472
24496
22473
24497
#: serverguide/C/databases.xml:116(para)
22500
24524
"chapter/index.html</command> in your browser's address bar."
22501
24525
msgstr ""
22502
24526
22503
#: serverguide/C/databases.xml:143(para) serverguide/C/databases.xml:285(para)
24527
#: serverguide/C/databases.xml:143(para) serverguide/C/databases.xml:290(para)
22504
24528
msgid ""
22505
24529
"For general SQL information see <ulink "
22506
24530
"url=\"http://www.informit.com/store/product.aspx?isbn=0768664128\">Using SQL "
22507
24531
"Special Edition</ulink> by Rafe Colburn."
22508
24532
msgstr ""
22509
24533
22510
#: serverguide/C/databases.xml:153(para)
24534
#: serverguide/C/databases.xml:149(para)
24535
msgid ""
24536
"The <ulink url=\"https://help.ubuntu.com/community/ApacheMySQLPHP\">Apache "
24537
"MySQL PHP Ubuntu Wiki</ulink> page also has useful information."
24538
msgstr ""
24539
24540
#: serverguide/C/databases.xml:158(para)
22511
24541
msgid ""
22512
24542
"PostgreSQL is an object-relational database system that has the features of "
22513
24543
"traditional commercial database systems with enhancements to be found in "
22514
24544
"next-generation DBMS systems."
22515
24545
msgstr "PostgreSQL 是一个面向对象的数据库系统,它有着传统商业数据库系统和下一代 DBMS 系统所增进的功能。"
22516
24546
22517
#: serverguide/C/databases.xml:160(para)
24547
#: serverguide/C/databases.xml:165(para)
22518
24548
msgid ""
22519
24549
"To install PostgreSQL, run the following command in the command prompt:"
22520
24550
msgstr "要安装 PostgreSQL,可以在命令提示符后运行下列命令:"
22521
24551
22522
#: serverguide/C/databases.xml:167(command)
24552
#: serverguide/C/databases.xml:172(command)
22523
24553
msgid "sudo apt-get install postgresql"
22524
24554
msgstr "sudo apt-get install postgresql"
22525
24555
22526
#: serverguide/C/databases.xml:171(para)
24556
#: serverguide/C/databases.xml:176(para)
22527
24557
msgid ""
22528
24558
"Once the installation is complete, you should configure the PostgreSQL "
22529
24559
"server based on your needs, although the default configuration is viable."
22530
24560
msgstr "一旦安装完成,您就要按您的需要配置 PostgreSQL 服务器,尽管缺省配置已经可以使它可以正常运行了。"
22531
24561
22532
#: serverguide/C/databases.xml:179(para)
24562
#: serverguide/C/databases.xml:184(para)
22533
24563
msgid ""
22534
24564
"By default, connection via TCP/IP is disabled. PostgreSQL supports multiple "
22535
24565
"client authentication methods. By default, IDENT authentication method is "
22538
24568
"PostgreSQL Administrator's Guide</ulink>."
22539
24569
msgstr ""
22540
24570
22541
#: serverguide/C/databases.xml:186(para)
24571
#: serverguide/C/databases.xml:191(para)
22542
24572
msgid ""
22543
24573
"The following discussion assumes that you wish to enable TCP/IP connections "
22544
24574
"and use the MD5 method for client authentication. PostgreSQL configuration "
22548
24578
"in the <filename>/etc/postgresql/8.4/main</filename> directory."
22549
24579
msgstr ""
22550
24580
22551
#: serverguide/C/databases.xml:196(para)
24581
#: serverguide/C/databases.xml:201(para)
22552
24582
msgid ""
22553
24583
"To configure <emphasis>ident</emphasis> authentication, add entries to the "
22554
24584
"<filename>/etc/postgresql/8.4/main/pg_ident.conf</filename> file."
22555
24585
msgstr ""
22556
24586
22557
#: serverguide/C/databases.xml:203(para)
24587
#: serverguide/C/databases.xml:208(para)
22558
24588
msgid ""
22559
24589
"To enable TCP/IP connections, edit the file "
22560
24590
"<filename>/etc/postgresql/8.4/main/postgresql.conf</filename>"
22561
24591
msgstr ""
22562
24592
22563
#: serverguide/C/databases.xml:205(para)
24593
#: serverguide/C/databases.xml:210(para)
22564
24594
msgid ""
22565
24595
"Locate the line <emphasis>#listen_addresses = 'localhost'</emphasis> and "
22566
24596
"change it to:"
22567
24597
msgstr ""
22568
24598
22569
#: serverguide/C/databases.xml:208(programlisting)
24599
#: serverguide/C/databases.xml:213(programlisting)
22570
24600
#, no-wrap
22571
24601
msgid ""
22572
24602
"\n"
22575
24605
"\n"
22576
24606
"listen_addresses = 'localhost'\n"
22577
24607
22578
#: serverguide/C/databases.xml:212(para)
24608
#: serverguide/C/databases.xml:217(para)
22579
24609
msgid ""
22580
24610
"To allow other computers to connect to your "
22581
24611
"<application>PostgreSQL</application> server replace 'localhost' with the "
22582
24612
"<emphasis>IP Address</emphasis> of your server."
22583
24613
msgstr ""
22584
24614
22585
#: serverguide/C/databases.xml:217(para)
24615
#: serverguide/C/databases.xml:222(para)
22586
24616
msgid ""
22587
24617
"You may also edit all other parameters, if you know what you are doing! For "
22588
24618
"details, refer to the configuration file or to the PostgreSQL documentation."
22589
24619
msgstr ""
22590
24620
22591
#: serverguide/C/databases.xml:222(para)
24621
#: serverguide/C/databases.xml:227(para)
22592
24622
msgid ""
22593
24623
"Now that we can connect to our <application>PostgreSQL</application> server, "
22594
24624
"the next step is to set a password for the <emphasis>postgres</emphasis> "
22596
24626
"default PostgreSQL template database:"
22597
24627
msgstr ""
22598
24628
22599
#: serverguide/C/databases.xml:229(command)
24629
#: serverguide/C/databases.xml:234(command)
22600
24630
msgid "sudo -u postgres psql template1"
22601
24631
msgstr "sudo -u postgres psql template1"
22602
24632
22603
#: serverguide/C/databases.xml:231(para)
24633
#: serverguide/C/databases.xml:236(para)
22604
24634
msgid ""
22605
24635
"The above command connects to PostgreSQL database "
22606
24636
"<emphasis>template1</emphasis> as user <emphasis>postgres</emphasis>. Once "
22614
24644
"<application>psql</application> 提示符中运行下列命令来为用户 <emphasis "
22615
24645
"role=\"italics\">postgres</emphasis> 配置密码。"
22616
24646
22617
#: serverguide/C/databases.xml:239(command)
24647
#: serverguide/C/databases.xml:244(command)
22618
24648
msgid "ALTER USER postgres with encrypted password 'your_password';"
22619
24649
msgstr ""
22620
24650
22621
#: serverguide/C/databases.xml:241(para)
24651
#: serverguide/C/databases.xml:246(para)
22622
24652
msgid ""
22623
24653
"After configuring the password, edit the file "
22624
24654
"<filename>/etc/postgresql/8.4/main/pg_hba.conf</filename> to use "
22626
24656
"<emphasis>postgres</emphasis> user:"
22627
24657
msgstr ""
22628
24658
22629
#: serverguide/C/databases.xml:247(programlisting)
24659
#: serverguide/C/databases.xml:252(programlisting)
22630
24660
#, no-wrap
22631
24661
msgid ""
22632
24662
"\n"
22633
"local all postgres md5 sameuser\n"
24663
"local all postgres md5\n"
22634
24664
msgstr ""
22635
"\n"
22636
"local all postgres md5 sameuser\n"
22637
24665
22638
#: serverguide/C/databases.xml:251(para)
24666
#: serverguide/C/databases.xml:256(para)
22639
24667
msgid ""
22640
24668
"Finally, you should restart the <application>PostgreSQL</application> "
22641
24669
"service to initialize the new configuration. From a terminal prompt enter "
22642
24670
"the following to restart <application>PostgreSQL</application>:"
22643
24671
msgstr ""
22644
24672
22645
#: serverguide/C/databases.xml:257(command)
24673
#: serverguide/C/databases.xml:262(command)
22646
24674
msgid "sudo /etc/init.d/postgresql-8.4 restart"
22647
24675
msgstr ""
22648
24676
22649
#: serverguide/C/databases.xml:260(para)
24677
#: serverguide/C/databases.xml:265(para)
22650
24678
msgid ""
22651
24679
"The above configuration is not complete by any means. Please refer <ulink "
22652
24680
"url=\"http://www.postgresql.org/docs/8.4/static/admin.html\"> the PostgreSQL "
22653
24681
"Administrator's Guide</ulink> to configure more parameters."
22654
24682
msgstr ""
22655
24683
22656
#: serverguide/C/databases.xml:271(para)
24684
#: serverguide/C/databases.xml:276(para)
22657
24685
msgid ""
22658
24686
"As mentioned above the <ulink "
22659
24687
"url=\"http://www.postgresql.org/docs/8.4/static/admin.html\">Administrator's "
22662
24690
"in a terminal to install the package:"
22663
24691
msgstr ""
22664
24692
22665
#: serverguide/C/databases.xml:277(command)
24693
#: serverguide/C/databases.xml:282(command)
22666
24694
msgid "sudo apt-get install postgresql-doc-8.4"
22667
24695
msgstr ""
22668
24696
22669
#: serverguide/C/databases.xml:279(para)
24697
#: serverguide/C/databases.xml:284(para)
22670
24698
msgid ""
22671
24699
"To view the guide enter <command>file:///usr/share/doc/postgresql-doc-"
22672
24700
"8.4/html/index.html</command> into the address bar of your browser."
22673
24701
msgstr ""
22674
24702
24703
#: serverguide/C/databases.xml:296(para)
24704
msgid ""
24705
"Also, see the <ulink "
24706
"url=\"https://help.ubuntu.com/community/PostgreSQL\">PostgreSQL Ubuntu "
24707
"Wiki</ulink> page for more information."
24708
msgstr ""
24709
22675
24710
#: serverguide/C/clustering.xml:13(title)
22676
24711
msgid "Clustering"
22677
24712
msgstr ""
22892
24927
#: serverguide/C/clustering.xml:243(para)
22893
24928
msgid ""
22894
24929
"The <ulink "
22895
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/drbd.conf.5.html\">d"
22896
"rbd.conf man page</ulink> contains details on the options not covered in "
22897
"this guide."
24930
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man5/drbd.conf.5.html\">dr"
24931
"bd.conf man page</ulink> contains details on the options not covered in this "
24932
"guide."
22898
24933
msgstr ""
22899
24934
22900
24935
#: serverguide/C/clustering.xml:249(para)
22901
24936
msgid ""
22902
24937
"Also, see the <ulink "
22903
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/drbdadm.8.html\">drb"
22904
"dadm man page</ulink>."
24938
"url=\"http://manpages.ubuntu.com/manpages/lucid/en/man8/drbdadm.8.html\">drbd"
24939
"adm man page</ulink>."
24940
msgstr ""
24941
24942
#: serverguide/C/clustering.xml:254(para)
24943
msgid ""
24944
"The <ulink url=\"https://help.ubuntu.com/community/DRBD\">DRBD Ubuntu "
24945
"Wiki</ulink> page also has more information."
22905
24946
msgstr ""
22906
24947
22907
24948
#: serverguide/C/chat.xml:13(title)
23018
25059
"FAQ</ulink> for more details about the IRC Server."
23019
25060
msgstr ""
23020
25061
23021
#: serverguide/C/chat.xml:127(title)
25062
#: serverguide/C/chat.xml:124(para)
25063
msgid ""
25064
"Also, the <ulink url=\"https://help.ubuntu.com/community/ircd\">Ubuntu Wiki "
25065
"IRCD</ulink> page has more information."
25066
msgstr ""
25067
25068
#: serverguide/C/chat.xml:132(title)
23022
25069
msgid "Jabber Instant Messaging Server"
23023
25070
msgstr ""
23024
25071
23025
#: serverguide/C/chat.xml:129(para)
25072
#: serverguide/C/chat.xml:134(para)
23026
25073
msgid ""
23027
25074
"<emphasis>Jabber</emphasis> a popular instant message protocol is based on "
23028
25075
"XMPP, an open standard for instant messaging, and used by many popular "
23031
25078
"to providing messaging services to users over the Internet."
23032
25079
msgstr ""
23033
25080
23034
#: serverguide/C/chat.xml:138(para)
25081
#: serverguide/C/chat.xml:143(para)
23035
25082
msgid "To install <application>jabberd2</application>, in a terminal enter:"
23036
25083
msgstr ""
23037
25084
23038
#: serverguide/C/chat.xml:143(command)
25085
#: serverguide/C/chat.xml:148(command)
23039
25086
msgid "sudo apt-get install jabberd2"
23040
25087
msgstr ""
23041
25088
23042
#: serverguide/C/chat.xml:150(para)
25089
#: serverguide/C/chat.xml:155(para)
23043
25090
msgid ""
23044
25091
"A couple of XML configuration files will be used to configure "
23045
25092
"<application>jabberd2</application> for <emphasis>Berkely DB</emphasis> user "
23048
25095
"Postgresql, etc for for user authentication."
23049
25096
msgstr ""
23050
25097
23051
#: serverguide/C/chat.xml:157(para)
25098
#: serverguide/C/chat.xml:162(para)
23052
25099
msgid "First, edit <filename>/etc/jabberd2/sm.xml</filename> changing:"
23053
25100
msgstr ""
23054
25101
23055
#: serverguide/C/chat.xml:161(programlisting)
25102
#: serverguide/C/chat.xml:166(programlisting)
23056
25103
#, no-wrap
23057
25104
msgid ""
23058
25105
"\n"
23059
25106
" <id>jabber.example.com</id>\n"
23060
25107
msgstr ""
23061
25108
23062
#: serverguide/C/chat.xml:166(para)
25109
#: serverguide/C/chat.xml:171(para)
23063
25110
msgid ""
23064
25111
"Replace <emphasis>jabber.example.com</emphasis> with the hostname, or other "
23065
25112
"id, of your server."
23066
25113
msgstr ""
23067
25114
23068
#: serverguide/C/chat.xml:171(para)
25115
#: serverguide/C/chat.xml:176(para)
23069
25116
msgid "Now in the <storage> section change the <driver> to:"
23070
25117
msgstr ""
23071
25118
23072
#: serverguide/C/chat.xml:175(programlisting)
25119
#: serverguide/C/chat.xml:180(programlisting)
23073
25120
#, no-wrap
23074
25121
msgid ""
23075
25122
"\n"
23076
25123
" <driver>db</driver>\n"
23077
25124
msgstr ""
23078
25125
23079
#: serverguide/C/chat.xml:179(para)
25126
#: serverguide/C/chat.xml:184(para)
23080
25127
msgid ""
23081
25128
"Next, edit <filename>/etc/jabberd2/c2s.xml</filename> in the "
23082
25129
"<emphasis><local></emphasis> section change:"
23083
25130
msgstr ""
23084
25131
23085
#: serverguide/C/chat.xml:183(programlisting)
25132
#: serverguide/C/chat.xml:188(programlisting)
23086
25133
#, no-wrap
23087
25134
msgid ""
23088
25135
"\n"
23089
25136
" <id>jabber.example.com</id>\n"
23090
25137
msgstr ""
23091
25138
23092
#: serverguide/C/chat.xml:187(para)
25139
#: serverguide/C/chat.xml:192(para)
23093
25140
msgid ""
23094
25141
"And in the <authreg> section adjust the <module> section to:"
23095
25142
msgstr ""
23096
25143
23097
#: serverguide/C/chat.xml:191(programlisting)
25144
#: serverguide/C/chat.xml:196(programlisting)
23098
25145
#, no-wrap
23099
25146
msgid ""
23100
25147
"\n"
23101
25148
" <module>db</module>\n"
23102
25149
msgstr ""
23103
25150
23104
#: serverguide/C/chat.xml:195(para)
25151
#: serverguide/C/chat.xml:200(para)
23105
25152
msgid ""
23106
25153
"Finally, restart <application>jabberd2</application> to enable the new "
23107
25154
"settings:"
23108
25155
msgstr ""
23109
25156
23110
#: serverguide/C/chat.xml:200(command)
25157
#: serverguide/C/chat.xml:205(command)
23111
25158
msgid "sudo /etc/init.d/jabberd2 restart"
23112
25159
msgstr ""
23113
25160
23114
#: serverguide/C/chat.xml:203(para)
25161
#: serverguide/C/chat.xml:208(para)
23115
25162
msgid ""
23116
25163
"You should now be able to connect to the server using a Jabber client like "
23117
25164
"<application>Pidgin</application> for example."
23118
25165
msgstr ""
23119
25166
23120
#: serverguide/C/chat.xml:208(para)
25167
#: serverguide/C/chat.xml:213(para)
23121
25168
msgid ""
23122
25169
"The advantage of using Berkeley DB for user data is that after being "
23123
25170
"configured no additional maintenance is required. If you need more control "
23125
25172
"recommended."
23126
25173
msgstr ""
23127
25174
23128
#: serverguide/C/chat.xml:220(para)
25175
#: serverguide/C/chat.xml:225(para)
23129
25176
msgid ""
23130
25177
"The <ulink url=\"http://codex.xiaoka.com/wiki/jabberd2:start\">Jabberd2 Web "
23131
25178
"Site</ulink> contains more details on configuring "
23132
25179
"<application>Jabberd2</application>."
23133
25180
msgstr ""
23134
25181
23135
#: serverguide/C/chat.xml:226(para)
25182
#: serverguide/C/chat.xml:231(para)
23136
25183
msgid ""
23137
25184
"For more authentication options see the <ulink "
23138
25185
"url=\"http://jabberd2.xiaoka.com/wiki/InstallGuide\">Jabberd2 Install "
23139
25186
"Guide</ulink>."
23140
25187
msgstr ""
23141
25188
25189
#: serverguide/C/chat.xml:236(para)
25190
msgid ""
25191
"Also, the <ulink "
25192
"url=\"https://help.ubuntu.com/community/SettingUpJabberServer\">Setting Up "
25193
"Jabber Server Ubuntu Wiki</ulink> page has more information."
25194
msgstr ""
25195
23142
25196
#: serverguide/C/backups.xml:13(title)
23143
25197
msgid "Backups"
23144
25198
msgstr "备份"
24167
26221
24168
26222
#: serverguide/C/backups.xml:804(command)
24169
26223
msgid "label"
24170
msgstr ""
26224
msgstr "标签"
24171
26225
24172
26226
#: serverguide/C/backups.xml:808(para)
24173
26227
msgid ""
24177
26231
#: serverguide/C/backups.xml:818(userinput)
24178
26232
#, no-wrap
24179
26233
msgid "2"
24180
msgstr ""
26234
msgstr "2"
24181
26235
24182
26236
#: serverguide/C/backups.xml:812(computeroutput)
24183
26237
#, no-wrap
24216
26270
24217
26271
#: serverguide/C/backups.xml:838(para)
24218
26272
msgid "Now, select the <emphasis>Pool</emphasis>:"
24219
msgstr ""
26273
msgstr "现在,选择 <emphasis>Pool</emphasis>:"
24220
26274
24221
26275
#: serverguide/C/backups.xml:843(userinput)
24222
26276
#, no-wrap
24255
26309
"<ulink url=\"http://www.bacula.org/\">Bacula Home "
24256
26310
"Page</ulink>包含了最新的Bacula的新闻和开发进展。"
24257
26311
26312
#: serverguide/C/backups.xml:869(para)
26313
msgid ""
26314
"Also, see the <ulink url=\"https://help.ubuntu.com/community/Bacula\">Bacula "
26315
"Ubuntu Wiki</ulink> page."
26316
msgstr ""
26317
24258
26318
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
24259
26319
#: serverguide/C/backups.xml:0(None)
24260
26320
msgid "translator-credits"
24261
26321
msgstr ""
24262
26322
"Launchpad Contributions:\n"
24263
" 4b3tt0r https://launchpad.net/~4b3tt0r\n"
24264
" AllenNewOk https://launchpad.net/~allennewok\n"
24265
" Andrew Xu https://launchpad.net/~jswxxuyuan\n"
24266
26323
" Aron Xu https://launchpad.net/~happyaron\n"
24267
26324
" Azrael Green https://launchpad.net/~azrael-green\n"
24268
" Chen Ming https://launchpad.net/~chenming\n"
24269
26325
" Congping Hao https://launchpad.net/~cqhcp\n"
24270
" Constine https://launchpad.net/~logo09\n"
24271
26326
" Devin https://launchpad.net/~gnujava\n"
24272
" EAdam https://launchpad.net/~liuannan\n"
24273
" ESN https://launchpad.net/~esn\n"
24274
" Felix https://launchpad.net/~maxin0423\n"
24275
" Hugh https://launchpad.net/~hugh-shang\n"
24276
" Ihnus Qcshz https://launchpad.net/~qcshzihnus\n"
24277
" JinLei https://launchpad.net/~jinlei\n"
24278
26327
" Jun CHEN https://launchpad.net/~morning.nju\n"
24279
" Kempson Chen https://launchpad.net/~irain\n"
26328
" Justin Yang https://launchpad.net/~yzmsq\n"
24280
26329
" Lain https://launchpad.net/~lain\n"
24281
" Li Linxiao https://launchpad.net/~leal\n"
24282
" Luo Jiawei https://launchpad.net/~norman6810\n"
24283
26330
" Magicnight https://launchpad.net/~magicnight\n"
24284
26331
" Miaobo Yao https://launchpad.net/~ubuntu-firehare\n"
24285
26332
" Proton https://launchpad.net/~feisuzhu\n"
24286
" Rkyo https://launchpad.net/~irc-beyondyou\n"
24287
26333
" Tao Wei https://launchpad.net/~weitao1979\n"
26334
" USSR https://launchpad.net/~samuel-lee-1991\n"
24288
26335
" Xu Hejie https://launchpad.net/~xuhejie\n"
24289
" Yiding He https://launchpad.net/~yiding-he\n"
24290
" Yinghua Wang https://launchpad.net/~wantinghard\n"
24291
26336
" bailiang https://launchpad.net/~bailiangcn\n"
24292
" ggarlic https://launchpad.net/~ggarlic\n"
24293
26337
" jinxin16897123 https://launchpad.net/~jinxin16897123\n"
24294
" jpartley https://launchpad.net/~jpartley\n"
24295
26338
" king_li https://launchpad.net/~lzldc987\n"
24296
26339
" linuxwj https://launchpad.net/~linuxwj\n"
24297
" luckyone https://launchpad.net/~luckyone999\n"
24298
" markgoo https://launchpad.net/~markgoo-030221\n"
24299
" paaboo https://launchpad.net/~fire14\n"
24300
" rainofchaos https://launchpad.net/~rainofchaos\n"
24301
26340
" saber https://launchpad.net/~saber-lover\n"
24302
26341
" sdxianchao https://launchpad.net/~sdxianchao\n"
24303
" stone_unix https://launchpad.net/~gaoghy\n"
26342
" snowwhite https://launchpad.net/~yuxin6147\n"
26343
" wangajing https://launchpad.net/~yifan-870829\n"
26344
" wsw https://launchpad.net/~imskyee\n"
24304
26345
" xiajiebuhui https://launchpad.net/~xiajiebuhui\n"
24305
" yuane https://launchpad.net/~yuane\n"
24306
26346
" yugq https://launchpad.net/~yuguoqiang\n"
26347
" zhongxin https://launchpad.net/~zhongxin0826\n"
24307
26348
" 龚韬 https://launchpad.net/~gongtao0607"
24308
26349
24309
#~ msgid ""
24310
#~ "<emphasis>read only:</emphasis> gives write access to the shared directory."
24311
#~ msgstr "<emphasis>read only:</emphasis>请授予共享目录写入权限。"
24312
24313
#~ msgid ""
24314
#~ "After configuring the bridge in "
24315
#~ "<filename>/etc/network/interfaces</filename>, shutdown "
24316
#~ "<application>dhcdbd</application> by:"
24317
#~ msgstr ""
24318
#~ "通过配置<filename>/etc/network/interfaces</filename>完成桥接设置后, 使用命令 "
24319
#~ "<application>dhcdbd</application> 关闭dhcdbd:"
24320
24321
#~ msgid "Now to disable it from starting on boot enter:"
24322
#~ msgstr "要在启动时就禁用它,输入:"
24323
24324
#~ msgid ""
24325
#~ "<emphasis role=\"bold\">ServerAdmin</emphasis>: To configure the email "
24326
#~ "address of the designated administrator of the CUPS server, simply edit the "
24327
#~ "<filename>/etc/cups/cupsd.conf</filename> configuration file with your "
24328
#~ "preferred text editor, and modify the <emphasis "
24329
#~ "role=\"italics\">ServerAdmin</emphasis> line accordingly. For example, if "
24330
#~ "you are the Administrator for the CUPS server, and your e-mail address is "
24331
#~ "'bjoy@somebigco.com', then you would modify the ServerAdmin line to appear "
24332
#~ "as such:"
24333
#~ msgstr ""
24334
#~ "<emphasis role=\"bold\">ServerAdmin</emphasis>:要配置指定 CUPS "
24335
#~ "服务器管理员的邮件地位,只需用你喜欢的文本编辑器简单编辑 <filename>/etc/cups/cupsd.conf</filename> "
24336
#~ "配置文件,并修改相应的 <emphasis role=\"italics\">ServerAdmin</emphasis> 行即可。举个例子,如果您是 "
24337
#~ "CUPS 服务器的管理员,并且您的邮件地址是'bjoy@somebigco.com',那么您可以象下面这样修改 ServerAdmin 行:"
24338
24339
#~ msgid "sudo /etc/init.d/dhcdbd stop"
24340
#~ msgstr "sudo /etc/init.d/dhcdbd stop"
24341
24342
#~ msgid ""
24343
#~ "If setting up a bridge interface using Ubuntu Desktop Edition, or if "
24344
#~ "<application>dhcdbd</application> is installed, the "
24345
#~ "<application>dhcdbd</application> daemon will need to be stopped and "
24346
#~ "disabled."
24347
#~ msgstr ""
24348
#~ "如果要在Ubuntu桌面版中使用桥接网络,抑或是 <application>dhcdbd</application> "
24349
#~ "已经被安装,<application>dhcdbd</application> 守护进程需要停止并禁用。"
24350
24351
#~ msgid "Point your web browser to the following URL for MediaWiki setup:"
24352
#~ msgstr "将您的 web 浏览器指向如下 URL 来设置 MediaWiki:"
24353
24354
#~ msgid "sudo update-rc.d -f dhcdbd remove"
24355
#~ msgstr "sudo update-rc.d -f dhcdbd remove"
24356
24357
#~ msgid ""
24358
#~ "Accessing Subversion repository via WebDAV protocol with SSL encryption "
24359
#~ "(https://) is similar to http:// except that you must install and configure "
24360
#~ "the digital certificate in your Apache2 web server."
24361
#~ msgstr ""
24362
#~ "通过带 SSL 加密的 WebDAV 协议 (https://) 访问也使用 http:// 类似,只是您必须在您的 Apache2 web "
24363
#~ "服务器中安装和配置数字证书。"
24364
24365
#~ msgid "Run the following commands to configure MediaWiki:"
24366
#~ msgstr "运行下面的命令来配置MediaWiki"
24367
24368
#~ msgid ""
24369
#~ "Some other configuration for the CUPS server is done in the file "
24370
#~ "<filename>/etc/cups/cups.d/ports.conf</filename>:"
24371
#~ msgstr ""
24372
#~ "CUPS 服务器的其它一些配置在文件 <filename>/etc/cups/cups.d/ports.conf</filename> 中:"
24373
24374
#, no-wrap
24375
#~ msgid ""
24376
#~ "\n"
24377
#~ "bind9-doc\n"
24378
#~ "bind9\n"
24379
#~ msgstr ""
24380
#~ "\n"
24381
#~ "bind9-doc\n"
24382
#~ "bind9\n"
24383
24384
#~ msgid "sudo ln -s /var/lib/mediawiki /var/www/mediawiki"
24385
#~ msgstr "sudo ln -s /var/lib/mediawiki /var/www/mediawiki"
24386
24387
#~ msgid "sudo /etc/init.d/cupsys restart"
24388
#~ msgstr "sudo /etc/init.d/cupsys restart"
24389
24390
#, no-wrap
24391
#~ msgid ""
24392
#~ "\n"
24393
#~ "<?php\n"
24394
#~ "print_r (phpinfo());\n"
24395
#~ "?>\n"
24396
#~ msgstr ""
24397
#~ "\n"
24398
#~ "<?php\n"
24399
#~ "print_r (phpinfo());\n"
24400
#~ "?>\n"
24401
24402
#~ msgid ""
24403
#~ "You can install a digital certificate issued by a signing authority like "
24404
#~ "Verisign. Alternatively, you can install your own self-signed certificate."
24405
#~ msgstr "您可以安装由证书签署机构如 Verisign 颁发的数字证书。或者,您也可以安装自己签署的证书。"
24406
24407
#~ msgid ""
24408
#~ "You should now be able to read, write, and execute files in the shared "
24409
#~ "directory as normal, and the <application>smbd</application> binary will "
24410
#~ "have access to only the configured files and direcotories. Be sure to add "
24411
#~ "entries for each directory you configure Samba to share. Also, any errors "
24412
#~ "will be logged to <filename>/var/log/syslog</filename>."
24413
#~ msgstr ""
24414
#~ "现在,您就可以正常地读、写或执行共享目录下的文件。 <application>smbd</application> "
24415
#~ "将只读取您配置为共享的文件或目录,因此,要让 Samba 实现共享,请确保加入每个共享目录项到配置。同时,任何错误都将会被记录到 "
24416
#~ "<filename>/var/log/syslog</filename>。"
24417
24418
#~ msgid ""
24419
#~ "This will copy the the <filename>/etc/hosts</filename> to "
24420
#~ "<filename>//fs01.example.com/share/hosts</filename>."
24421
#~ msgstr ""
24422
#~ "这将会拷贝 <filename>/etc/hosts</filename> 到 "
24423
#~ "<filename>//fs01.example.com/share/hosts</filename>。"
24424
24425
#~ msgid ""
24426
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24427
#~ "libvirt qemu:///system"
24428
#~ msgstr ""
24429
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24430
#~ "libvirt qemu:///system"
24431
24432
#, no-wrap
24433
#~ msgid ""
24434
#~ "\n"
24435
#~ " domain logons = yes\n"
24436
#~ " logon path = \\\\%N\\%U\\profile\n"
24437
#~ " logon drive = H:\n"
24438
#~ " logon home = \\\\%N\\%U\n"
24439
#~ " logon script = logon.cmd\n"
24440
#~ " add machine script = sudo /usr/sbin/useradd -n -g machines -c Machine -d "
24441
#~ "/var/lib/samba -s /bin/false %u\n"
24442
#~ msgstr ""
24443
#~ "\n"
24444
#~ " domain logons = yes\n"
24445
#~ " logon path = \\\\%N\\%U\\profile\n"
24446
#~ " logon drive = H:\n"
24447
#~ " logon home = \\\\%N\\%U\n"
24448
#~ " logon script = logon.cmd\n"
24449
#~ " add machine script = sudo /usr/sbin/useradd -n -g machines -c Machine -d "
24450
#~ "/var/lib/samba -s /bin/false %u\n"
24451
24452
#~ msgid ""
24453
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24454
#~ "libvirt qemu:///system --ip 192.168.0.100"
24455
#~ msgstr ""
24456
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
24457
#~ "libvirt qemu:///system --ip 192.168.0.100"
24458
24459
#~ msgid ""
24460
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 \\ -o "
24461
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
24462
#~ msgstr ""
24463
#~ "sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 \\ -o "
24464
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
24465
24466
#~ msgid ""
24467
#~ "As this example is based on <application>KVM</application> and Ubuntu 9.04 "
24468
#~ "(Jaunty Jackalope), and we are likely to rebuild the same virtual machine "
24469
#~ "multiple time, we'll invoke vmbuilder with the following first parameters:"
24470
#~ msgstr ""
24471
#~ "该例子是基于<application>KVM</application>和 Ubuntu 9.04 (Jaunty "
24472
#~ "Jackalope),我们有可能在多时间重建该相同的虚拟机,我们将调用 vmbuilder 以下的第一个参数:"
24473
24474
#, no-wrap
24475
#~ msgid ""
24476
#~ "\n"
24477
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24478
#~ "multiverse \n"
24479
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24480
#~ "multiverse\n"
24481
#~ "\n"
24482
#~ "deb http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24483
#~ "universe multiverse \n"
24484
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24485
#~ "universe multiverse \n"
24486
#~ "\n"
24487
#~ "deb http://archive.ubuntu.com/ubuntu/ jaunty-backports main restricted "
24488
#~ "universe multiverse \n"
24489
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-backports main restricted "
24490
#~ "universe multiverse \n"
24491
#~ "\n"
24492
#~ "deb http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24493
#~ "universe multiverse \n"
24494
#~ "/deb-i386 http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24495
#~ "universe multiverse \n"
24496
#~ "\n"
24497
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24498
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24499
#~ "installer \n"
24500
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24501
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24502
#~ "installer \n"
24503
#~ msgstr ""
24504
#~ "\n"
24505
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24506
#~ "multiverse \n"
24507
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
24508
#~ "multiverse\n"
24509
#~ "\n"
24510
#~ "deb http://archive.ubuntu.com/ubuntu jaunty-updates main restricted universe "
24511
#~ "multiverse \n"
24512
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
24513
#~ "universe multiverse \n"
24514
#~ "\n"
24515
#~ "deb http://archive.ubuntu.com/ubuntu/ jaunty-backports main restricted "
24516
#~ "universe multiverse \n"
24517
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-backports main restricted "
24518
#~ "universe multiverse \n"
24519
#~ "\n"
24520
#~ "deb http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24521
#~ "universe multiverse \n"
24522
#~ "/deb-i386 http://security.ubuntu.com/ubuntu jaunty-security main restricted "
24523
#~ "universe multiverse \n"
24524
#~ "\n"
24525
#~ "deb http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24526
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24527
#~ "installer \n"
24528
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
24529
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
24530
#~ "installer \n"
24531
24532
#, no-wrap
24533
#~ msgid ""
24534
#~ " <Location /svn>\n"
24535
#~ " DAV svn\n"
24536
#~ " SVNParentPath /home/svn\n"
24537
#~ " AuthType Basic\n"
24538
#~ " AuthName \"Your repository name\"\n"
24539
#~ " AuthUserFile /etc/subversion/passwd\n"
24540
#~ " <LimitExcept GET PROPFIND OPTIONS REPORT>\n"
24541
#~ " Require valid-user\n"
24542
#~ " </LimitExcept>\n"
24543
#~ " </Location> "
24544
#~ msgstr ""
24545
#~ " <Location /svn>\n"
24546
#~ " DAV svn\n"
24547
#~ " SVNParentPath /home/svn\n"
24548
#~ " AuthType Basic\n"
24549
#~ " AuthName \"Your repository name\"\n"
24550
#~ " AuthUserFile /etc/subversion/passwd\n"
24551
#~ " <LimitExcept GET PROPFIND OPTIONS REPORT>\n"
24552
#~ " Require valid-user\n"
24553
#~ " </LimitExcept>\n"
24554
#~ " </Location> "
24555
24556
#~ msgid "Here is what the command with all the options discussed above:"
24557
#~ msgstr "以下是所有已讨论过选项的命令:"
26350
#, no-wrap
26351
#~ msgid ""
26352
#~ "\n"
26353
#~ "search com\n"
26354
#~ "nameserver 204.11.126.131\n"
26355
#~ "nameserver 64.125.134.133\n"
26356
#~ "nameserver 64.125.134.132\n"
26357
#~ "nameserver 208.185.179.218\n"
26358
#~ msgstr ""
26359
#~ "\n"
26360
#~ "search com\n"
26361
#~ "nameserver 204.11.126.131\n"
26362
#~ "nameserver 64.125.134.133\n"
26363
#~ "nameserver 64.125.134.132\n"
26364
#~ "nameserver 208.185.179.218\n"
26365
26366
#, no-wrap
26367
#~ msgid ""
26368
#~ "Password: <placeholder-1/>\n"
26369
#~ "Retype password: <placeholder-2/>\n"
26370
#~ "$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26371
#~ msgstr ""
26372
#~ "密码: <placeholder-1/>\n"
26373
#~ "再输入一次密码: <placeholder-2/>\n"
26374
#~ "$1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26375
26376
#~ msgid ""
26377
#~ "This section assumes you have installed and configured Apache 2 Web Server "
26378
#~ "and MySQL Database Server. You can refer to Apache 2 section and MySQL "
26379
#~ "sections in this document to install and configure Apache 2 and MySQL "
26380
#~ "respectively."
26381
#~ msgstr ""
26382
#~ "本节假设您已经安装了配置了 Apache 2 Web 服务器和 MySQL 数据库服务器。您可以参考本文档中的 Apache 2 部分和 MySQL "
26383
#~ "部分来分别安装和配置 Apache 2 和 MySQL。"
26384
26385
#~ msgid ""
26386
#~ "If your network contains computers whose IP addresses are not listed in DNS, "
26387
#~ "it is recommended that you add them to the <filename>/etc/hosts</filename> "
26388
#~ "file."
26389
#~ msgstr ""
26390
#~ "如果您网络所包含计算机的 IP 地址没有在 DNS 中列出,建议您将它们加入到 <filename>/etc/hosts</filename> 文件中。"
26391
26392
#~ msgid ""
26393
#~ "This section explains how to configure which nameserver to use when "
26394
#~ "resolving IP addresses to hostnames and vice versa. It does not explain how "
26395
#~ "to configure the system as a name server."
26396
#~ msgstr "本节解释了当要将 IP 地址解析为主机名或是进行相反操作时,如何配置使用哪个名称服务器。本节并不解释如何将系统配置为一台名称服务器。"
26397
26398
#~ msgid "GRUB Password Security"
26399
#~ msgstr "GRUB 密码安全性"
26400
26401
#~ msgid "Related Pages"
26402
#~ msgstr "相关网页"
26403
26404
#, no-wrap
26405
#~ msgid ""
26406
#~ "\n"
26407
#~ "local all postgres md5 sameuser\n"
26408
#~ msgstr ""
26409
#~ "\n"
26410
#~ "local all postgres md5 sameuser\n"
26411
26412
#~ msgid ""
26413
#~ "This does not prevent someone from booting the server from alternate media. "
26414
#~ "A determined attacker would simply boot into an alternate environment, "
26415
#~ "overwrite your master boot record, mount or copy your physical volumes, "
26416
#~ "destroy your data, or anything else they can imagine. Please explore other "
26417
#~ "countermeasures that may help you with these types of attacks."
26418
#~ msgstr ""
26419
#~ "这个并不能阻止用户通过其它媒介来启动服务器。刻意的攻击者会将服务器启动到其它环境下,覆写你的主启动记录(MBR),挂载或复制你的物理卷,毁坏你的数据,或其"
26420
#~ "它任何他们能猜测到的东西。请探究其它对策以助你防御这些攻击。"
26421
26422
#~ msgid ""
26423
#~ "If nothing is printed, it means that your cpu does <emphasis>not</emphasis> "
26424
#~ "support hardware virtualization."
26425
#~ msgstr "如果屏幕上什么也没打印,那说明你的cpu<emphasis>不</emphasis>支持硬件虚拟。"
26426
26427
#~ msgid "Boot the server into single user mode."
26428
#~ msgstr "引导系统进入单用户模式"
26429
26430
#, no-wrap
26431
#~ msgid "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26432
#~ msgstr "password --md5 $1$s3YiK$M3lxAbqA6JLm2FbDWnClQ0"
26433
26434
#~ msgid ""
26435
#~ "Again, Using Squid's access control, you may configure use of Internet "
26436
#~ "services proxied by Squid to be available only users with certain Internet "
26437
#~ "Protocol (IP) addresses. For example, we will illustrate access by users of "
26438
#~ "the 192.168.42.0/24 subnetwork only:"
26439
#~ msgstr ""
26440
#~ "再一次,如果您使用Squid进行访问控制, 您应该将Internet信息服务代理设置为只有特定(IP的用户才能使用。例如,我们将举例说明只允许来自 "
26441
#~ "192.168.42.0/24 网段用户的访问:"
26442
26443
#~ msgid "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
26444
#~ msgstr "w3m /usr/share/ubuntu-serverguide/html/en_GB/index.html"
26445
26446
#~ msgid "Managing DNS Entries"
26447
#~ msgstr "管理 DNS 记录"
26448
26449
#~ msgid "Managing Hosts"
26450
#~ msgstr "管理主机"
26451
26452
#~ msgid ""
26453
#~ "The <application>nameserver</application> key specifies the nameserver IP "
26454
#~ "address. It will be used to resolve a given IP address or hostname. This "
26455
#~ "file can have multiple nameserver entries. The nameservers will be used by "
26456
#~ "the network query in the same order."
26457
#~ msgstr ""
26458
#~ "<application>nameserver</application> 关键字指定名称服务器的 IP 地址。它会被用来解析一个给定的 IP "
26459
#~ "地址或主机名。该文件可以有多个名称服务器条目。网络查询将以与条目相同的顺序使用这些名称服务器。"
26460
26461
#, no-wrap
26462
#~ msgid "(repeat password)"
26463
#~ msgstr "(重复密码)"
26464
26465
#~ msgid ""
26466
#~ "Many more configurations are possible, including dialup PPP interfaces, IPv6 "
26467
#~ "networking, VPN devices, etc. Refer to <application>man 5 "
26468
#~ "interfaces</application> for more information and supported options. "
26469
#~ "Remember that <filename>/etc/network/interfaces</filename> is used by the "
26470
#~ "<application>ifup</application>/<application>ifdown</application> scripts as "
26471
#~ "a higher level configuration scheme than may be used in some other Linux "
26472
#~ "distributions, and that the traditional, lower level utilities such as "
26473
#~ "<application>ifconfig</application>, <application>route</application>, and "
26474
#~ "<application>dhclient</application> are still available to you for ad hoc "
26475
#~ "configurations."
26476
#~ msgstr ""
26477
#~ "配置更多的接口是可能的,包括拨号的 PPP 接口、IPv6 网络、VPN 设备等。更多信息和支持选项请参考 <application>man 5 "
26478
#~ "interfaces</application>。记住 <filename>/etc/network/interfaces</filename> 被 "
26479
#~ "<application>ifup</application>/<application>ifdown</application> "
26480
#~ "脚本用于作为比其他一些 Linux "
26481
#~ "发行版更高层的配置模式。传统的低层工具如<application>ifconfig</application>、<application>route</a"
26482
#~ "pplication> 和 <application>dhclient</application> 仍旧可被您用来进行特别配置。"
26483
26484
#~ msgid "egrep '(vmx|svm)' /proc/cpuinfo"
26485
#~ msgstr "egrep '(vmx|svm)' /proc/cpuinfo"
26486
26487
#~ msgid ""
26488
#~ "For example, when a user requests the page "
26489
#~ "http://www.example.com/this_directory/, he or she will get either the "
26490
#~ "DirectoryIndex page if it exists, a server-generated directory list if it "
26491
#~ "does not and the Indexes option is specified, or a Permission Denied page if "
26492
#~ "neither is true. The server will try to find one of the files listed in the "
26493
#~ "DirectoryIndex directive and will return the first one it finds. If it does "
26494
#~ "not find any of these files and if Options Indexes is set for that "
26495
#~ "directory, the server will generate and return a list, in HTML format, of "
26496
#~ "the subdirectories and files in the directory. The default value, found in "
26497
#~ "<filename>/etc/apache2/apache2.conf</filename> is \" index.html index.cgi "
26498
#~ "index.pl index.php index.xhtml\". Thus, if Apache2 finds a file in a "
26499
#~ "requested directory matching any of these names, the first will be displayed."
26500
#~ msgstr ""
26501
#~ "例如,当一个用户请求 http://www.example.com/this_directory/ 页时,他或她要么得到 DirectoryIndex "
26502
#~ "页,如果它存在的话;要么得到一个服务器生成的目录列表,如果它不存在且设置了 Indexes 选项的话;要么就得到一个无权访问页,如果它不存在且没有设置 "
26503
#~ "Indexes 选项的话。服务器尝试找到在 DirectoryIndex "
26504
#~ "语句中所列文件之一,并返回它所找到的第一个。如果它没有找到任何一个文件且该目录设置了 Indexes 选项,服务器将生成并返回一个 HTML "
26505
#~ "格式的列表,包括该目录中的子目录和文件。缺省值可以在 <filename>/etc/apache2/apache2.conf</filename> "
26506
#~ "文件中找到,是 \" index.html index.cgi index.pl index.php index.xhtml\"。因此,如果 "
26507
#~ "Apache2 在所请求的目录中找到任何一个匹配这些名字的文件,第一个将被显示。"
26508
26509
#~ msgid "Apache Modules"
26510
#~ msgstr "Apache 模块"
26511
26512
#~ msgid "LDAP replication"
26513
#~ msgstr "LDAP 副本"
26514
26515
#~ msgid "Ethernet"
26516
#~ msgstr "以太网"
26517
26518
#~ msgid ""
26519
#~ "Depending on how you obtained your certificate you may need to enter a "
26520
#~ "passphrase when <application>Apache</application> starts."
26521
#~ msgstr "取决于你怎么获得你的证书,你可能需要在<application>Apache</application>开始时输入密码。"
26522
26523
#~ msgid ""
26524
#~ "To require use of the password for entering single user mode, change the "
26525
#~ "value of the <varname>lockalternative</varname> variable in the file "
26526
#~ "<filename>/boot/grub/menu.lst</filename> to <varname>true</varname>, as "
26527
#~ "shown in the following example."
26528
#~ msgstr ""
26529
#~ "需要使用进入单用户模式的密码时,将文件<filename>/boot/grub/menu.lst</filename>中的变量<varname>locka"
26530
#~ "lternative</varname>值改成<varname>true</varname>,如下例所示。"
26531
26532
#~ msgid ""
26533
#~ "If the DNS server names are retrieved dynamically from DHCP or PPPoE "
26534
#~ "(retrieved from your ISP), do not add nameserver entries in this file. It "
26535
#~ "will be overwritten."
26536
#~ msgstr ""
26537
#~ "如果 DNS 服务器名称是通过 DHCP 或 PPPoE (从您的 ISP ) 动态取回的,那么请不要在该文件中添加名称服务器条目。该条目会被覆盖。"
26538
26539
#~ msgid ""
26540
#~ "The <emphasis>DocumentRoot</emphasis> directive specifies where Apache "
26541
#~ "should look for the files that make up the site. The default value is "
26542
#~ "/var/www. No site is configured there, but if you uncomment the "
26543
#~ "<emphasis>RedirectMatch</emphasis> directive in "
26544
#~ "<filename>/etc/apache2/apache2.conf</filename> requests will be redirected "
26545
#~ "to /var/www/apache2-default where the default Apache2 site awaits. Change "
26546
#~ "this value in your site's virtual host file, and remember to create that "
26547
#~ "directory if necessary!"
26548
#~ msgstr ""
26549
#~ "<emphasis>DocumentRoot</emphasis> 语句指定 Apache 将到哪儿去寻找站点文件,缺省值为 "
26550
#~ "/var/www。没有站点配置在那里,但如果您反注释在 <filename>/etc/apache2/apache2.conf</filename> "
26551
#~ "中的 <emphasis>RedirectMatch</emphasis> 语句,请求将被重定向到 /var/www/apache2-"
26552
#~ "default,那里是缺省的 Apache2 站点。在您站点的虚拟主机文件中改变该值,记住在必要时可以创建相应的目录!"
26553
26554
#~ msgid ""
26555
#~ "To access the Subversion repository via WebDAV protocol, you must configure "
26556
#~ "your Apache 2 web server. You must add the following snippet in your "
26557
#~ "<filename>/etc/apache2/apache2.conf</filename> file:"
26558
#~ msgstr ""
26559
#~ "要通过 WebDAV 协议访问 Subversion,您必须配置您的 Apache2 web 服务器。您必须在您的 "
26560
#~ "<filename>/etc/apache2/apache2.conf</filename> 文件中添加下面一小段:"
26561
26562
#~ msgid "Pass kernel options at boot up."
26563
#~ msgstr "在启动时传递参数给内核。"
26564
26565
#~ msgid "grub-md5-crypt"
26566
#~ msgstr "grub-md5-crypt"
26567
26568
#~ msgid ""
26569
#~ "To disable the reboot action taken by pressing the "
26570
#~ "<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap></k"
26571
#~ "eycombo> key combination, comment out the following line in the file "
26572
#~ "<filename>/etc/event.d/control-alt-delete</filename>."
26573
#~ msgstr ""
26574
#~ "要想禁用<keycombo><keycap>Ctrl</keycap><keycap>Alt</keycap><keycap>Delete</keycap"
26575
#~ "></keycombo> 热键组合重启机器,将<filename>/etc/event.d/control-alt-"
26576
#~ "delete</filename>中的如下一行注释掉."
26577
26578
#~ msgid ""
26579
#~ "The <application>search</application> key specifies the string which will be "
26580
#~ "appended to an incomplete hostname. Here, we have configured it to "
26581
#~ "<application>com</application>. So, when we run: <command>ping "
26582
#~ "ubuntu</command> it would be interpreted as <command>ping "
26583
#~ "ubuntu.com</command>."
26584
#~ msgstr ""
26585
#~ "<application>search</application> 关键字指定为不完整的主机名添加的字符串。在这里我们将其配置为 "
26586
#~ "<application>com</application>。因此当我们运行:<command>ping ubuntu</command> "
26587
#~ "时它会被理解成 <command>ping ubuntu.com</command>。"
26588
26589
#~ msgid ""
26590
#~ "The Apache2 web server is available in Ubuntu Linux. To install Apache2:"
26591
#~ msgstr "Apache2 web 服务器在 Ubuntu Linux 中是可用的。要安装 Apache2:"
26592
26593
#~ msgid ""
26594
#~ "On most computer whose processor supports virtualization, it is necessary to "
26595
#~ "activate an option in the bios to enable it. The method described above does "
26596
#~ "not show the status of it's activation."
26597
#~ msgstr "在大多数处理器支持虚拟化的电脑上,有必要激活bios里的一个选项。上述描述的方法没有展示其激活状态。"
26598
26599
#, no-wrap
26600
#~ msgid "# lockalternative=true"
26601
#~ msgstr "# lockalternative=true"
26602
26603
#~ msgid "Once part of the domain, install the following packages:"
26604
#~ msgstr "成为了域的一部分,安装如下软件包:"
26605
26606
#~ msgid ""
26607
#~ "When joining an Ubuntu Desktop workstation to a domain, you may need to edit "
26608
#~ "<filename>/etc/nsswitch.conf</filename> if your AD domain uses the <emphasis "
26609
#~ "role=\"italic\">.local</emphasis> syntax. In order to join the domain the "
26610
#~ "<emphasis>\"mdns4\"</emphasis> entry from the <emphasis>hosts</emphasis> "
26611
#~ "option. For example:"
26612
#~ msgstr ""
26613
#~ "当加入 Ubuntu 桌面工作站到域时,如果您的活动目录域使用 <emphasis role=\"italic\">.local</emphasis> "
26614
#~ "语法,则可能需要编辑 <filename>/etc/nsswitch.conf</filename>。 "
26615
#~ "为了加入域,<emphasis>hosts</emphasis> 选项中的 <emphasis>\"mdns4\"</emphasis> 项,如:"
26616
26617
#~ msgid ""
26618
#~ "With Apache now configured for HTTPS, restart the service to enable the new "
26619
#~ "settings:"
26620
#~ msgstr "Apache 已经配置为支持 HTTPS,重启服务以使用新的设置:"
26621
26622
#~ msgid ""
26623
#~ "To configure <application>Apache</application> for HTTPS, enter the "
26624
#~ "following:"
26625
#~ msgstr "要配置 <application>Apache</application> 支持 HTTPS, 输入如下:"
26626
26627
#~ msgid ""
26628
#~ "There is a default HTTPS configuration file in <filename>/etc/apache2/sites-"
26629
#~ "available/default-ssl</filename>. In order for "
26630
#~ "<application>Apache</application> to provide HTTPS, a "
26631
#~ "<emphasis>certificate</emphasis> and <emphasis>key</emphasis> file are also "
26632
#~ "needed. The default HTTPS configuration will use a certificate and key "
26633
#~ "generated by the <application>ssl-cert</application> package. They are good "
26634
#~ "for testing, but the auto-generated certificate and key should be replaced "
26635
#~ "by a certificate specific to the site or server. For information on "
26636
#~ "generating a key and obtaining a certificate see <xref "
26637
#~ "linkend=\"certificates-and-security\"/>"
26638
#~ msgstr ""
26639
#~ "<filename>/etc/apache2/sites-available/default-ssl</filename> 中有一个默认的 HTTPS "
26640
#~ "配置文件。 为使 Apache 提供 HTTPS,还需要 <emphasis>证书</emphasis> 和 "
26641
#~ "<emphasis>密钥</emphasis> 文件。 默认的 HTTPS 配置文件将使用 <application>ssl-"
26642
#~ "cert</application> 程序生成的证书和密钥。 "
26643
#~ "由程序生成的证书和密钥,很适合测试服务器所用,但这种自动生成的证书和密钥必须由站点或服务所特定的证书替代。 更多有关生成密钥与获取证书,请参考 "
26644
#~ "<xref linkend=\"certificates-and-security\"/>"
26645
26646
#~ msgid "Next"
26647
#~ msgstr "下一个"
26648
26649
#~ msgid ""
26650
#~ "Click "
26651
#~ "<menuchoice><guimenuitem>Start</guimenuitem><guimenuitem>Administrative Tools"
26652
#~ "</guimenuitem><guimenuitem>Manager Your Server</guimenuitem></menuchoice>. "
26653
#~ "This will open the <application>Server Role Mangement</application> utility."
26654
#~ msgstr ""
26655
#~ "点击 "
26656
#~ "<menuchoice><guimenuitem>开始</guimenuitem><guimenuitem>管理工具</guimenuitem><guim"
26657
#~ "enuitem>配置您的服务器向导</guimenuitem></menuchoice>,这将运行 "
26658
#~ "<application>服务器角色管理</application> 程序。"
26659
26660
#~ msgid "Click Add or remove a role"
26661
#~ msgstr "点击添加/删除角色"
26662
26663
#~ msgid ""
26664
#~ "To add a password for use with <application>grub</application>, first you "
26665
#~ "must generate an md5 password hash using the <application>grub-md5-"
26666
#~ "crypt</application> utility:"
26667
#~ msgstr ""
26668
#~ "要给<application>grub</application>增加一个使用口令,首先你必须使用<application>grub-md5-"
26669
#~ "crypt</application>工具产生一个md5口令。"
26670
26671
#, no-wrap
26672
#~ msgid "(enter new password)"
26673
#~ msgstr "(输入新的口令)"
26674
26675
#~ msgid ""
26676
#~ "The command will ask you to enter a password and offer a resulting hash "
26677
#~ "value as shown below:"
26678
#~ msgstr "命令将请你输入一个口令并提供一个结果密码,如下所示:"
26679
26680
#~ msgid ""
26681
#~ "Therefore, it is important to control who may edit the "
26682
#~ "<application>grub</application> menu items which, would otherwise allow for "
26683
#~ "someone to perform the following dangerous actions:"
26684
#~ msgstr ""
26685
#~ "所以,控制谁可能修改<application>grub</application>的菜单项是很重要的,否则就可能允许某些人进行以下危险的操作:"
26686
26687
#~ msgid ""
26688
#~ "Apache2 is configured by placing <emphasis>directives</emphasis> in plain "
26689
#~ "text configuration files. The configuration files are separated between the "
26690
#~ "following files and directories:"
26691
#~ msgstr "Apache2 由 以纯文本 <emphasis>指令</emphasis> 配置文件所安装。配置文件被以下文件和目录之间所分开:"
26692
26693
#~ msgid ""
26694
#~ "<emphasis>conf.d:</emphasis> contains configuration files which apply "
26695
#~ "<emphasis>globally</emphasis> to Apache. Other packages that use Apache2 to "
26696
#~ "serve content may add files, or symlinks, to this directory."
26697
#~ msgstr ""
26698
#~ "<emphasis>conf.d:</emphasis> 包含的配置文件适合用于 <emphasis>全球的</emphasis> "
26699
#~ "Apache。其它软件包使用 Apache2 服务内容可以添加文件,符号链接到此目录。"
26700
26701
#~ msgid ""
26702
#~ "Enable the new <emphasis>VirtualHost</emphasis> using the "
26703
#~ "<application>a2ensite</application> utility and restart Apache:"
26704
#~ msgstr ""
26705
#~ "启动新的 <emphasis> 虚拟主机 </emphasis> 使用 <application> a2ensite </application> "
26706
#~ "工具和重启 Apache:"
26707
26708
#~ msgid ""
26709
#~ "Apache is a modular server. This implies that only the most basic "
26710
#~ "functionality is included in the core server. Extended features are "
26711
#~ "available through modules which can be loaded into Apache. By default, a "
26712
#~ "base set of modules is included in the server at compile-time. If the server "
26713
#~ "is compiled to use dynamically loaded modules, then modules can be compiled "
26714
#~ "separately, and added at any time using the LoadModule directive. Otherwise, "
26715
#~ "Apache must be recompiled to add or remove modules."
26716
#~ msgstr ""
26717
#~ "Aphache 是一种模块化服务器。这意味着,只有最基本功能包括在核心服务器上。扩展功能都可以通过模块加载到 Apache "
26718
#~ "。默认情况下,服务器上编译时间包括基本模块化的设置。如果该服务器使用动态编译来加载模块,那么该模块可以单独编译,并在任何时候增加使用加载模块指令。否则, "
26719
#~ "必须重新编译 Apache 来添加或卸载模块。"
26720
26721
#~ msgid ""
26722
#~ "The <emphasis>ErrorDocument</emphasis> directive allows you to specify a "
26723
#~ "file for Apache to use for specific error events. For example, if a user "
26724
#~ "requests a resource that does not exist, a 404 error will occur, and per "
26725
#~ "Apache2's default configuration, the file "
26726
#~ "<filename>/usr/share/apache2/error/HTTP_NOT_FOUND.html.var </filename> will "
26727
#~ "be displayed. That file is not in the server's DocumentRoot, but there is an "
26728
#~ "Alias directive in <filename>/etc/apache2/apache2.conf</filename> that "
26729
#~ "redirects requests to the /error directory to "
26730
#~ "<filename>/usr/share/apache2/error/</filename>."
26731
#~ msgstr ""
26732
#~ "这<emphasis>错误文档</emphasis>指令允许你指定 Apache 使用特定错误事件文档。例如,如果用户请求某资源不存在,就会出现 404 "
26733
#~ "错误,每个 Apache2 的设置都会默认显示 <filename> "
26734
#~ "/usr/share/apache2/error/HTTP_NOT_FOUND.html.var "
26735
#~ "</filename>文件。此文件不存放在服务器的启动文档里,但有个别名指令在<filename>/etc/apache2/apache2.conf</f"
26736
#~ "ilename> 重定向请求从 /error 目录到<filename>/usr/share/apache2/error/</filename>。"
26737
26738
#~ msgid ""
26739
#~ "<emphasis>sites-available:</emphasis> this directory has configuration files "
26740
#~ "for Apache <emphasis>Virtual Hosts</emphasis>. Virtual Hosts allow Apache2 "
26741
#~ "to be configured for multiple sites that have separate configurations."
26742
#~ msgstr ""
26743
#~ "<emphasis>sites-available:</emphasis>此目录已为 Apache 配置文件 <emphasis> 虚拟主机 "
26744
#~ "</emphasis>。虚拟主机允许 Apache2 为多站点安装文件所配置。"
26745
26746
#~ msgid ""
26747
#~ "With vmbuilder, there is no need to download a JeOS ISO anymore. vmbuilder "
26748
#~ "will fetch the various package and build a virtual machine tailored for our "
26749
#~ "need in about a minute for us. Vmbuilder is a Script that automates the "
26750
#~ "process of creating a ready to use Linux based VM. The currently supported "
26751
#~ "hypervisors are KVM and Xen."
26752
#~ msgstr ""
26753
#~ "使用 vmbuilder,没必要再下载 JeOS 的 ISO 。vmbuilder "
26754
#~ "将会获取不同安装包,并在大约一分钟内为我们建立虚拟机。Vmbuilder 是个自动化过程创建个准备基于 VM 来使用的 Linux "
26755
#~ "脚本。当前脚本支持虚拟机监视器的 KVM 和 Xen。"
26756
26757
#~ msgid ""
26758
#~ "First introduced as a shell script in Ubuntu 8.04LTS, <application>ubuntu-vm-"
26759
#~ "builder</application> started with little emphasis as a hack to help "
26760
#~ "developers test their new code in a virtual machine without having to "
26761
#~ "restart from scratch each time. As a few Ubuntu administrators started to "
26762
#~ "notice this script, a few of them went on improving it and adapting it for "
26763
#~ "so many use case that Soren Hansen (the author of the script and Ubuntu "
26764
#~ "virtualization specialist, not the golf player) decided to rewrite it from "
26765
#~ "scratch for Intrepid as a python script with a few new design goals:"
26766
#~ msgstr ""
26767
#~ "首次在 Ubuntu 的 8.04LTS 版本 做为 shell 脚本来介绍, <application>ubuntu-vm-"
26768
#~ "builder</application>开始强调做为测试员去帮助开发人员在虚拟机上测试新的代码而不用每次都从头开始重新启动。少数 Ubuntu "
26769
#~ "的管理员开始注意这脚本,在这么多使用的情况下他们一些人继续改进和调整,索伦汉森( Ubuntu "
26770
#~ "虚拟专家和脚本作者,并非高尔夫球员)决定为一些新的设计目标重写做为 python 脚本的 Intrepid 。"
26771
26772
#~ msgid ""
26773
#~ "For more <application>smbclient</application> options see the man page: "
26774
#~ "<command>man smbclient</command>, also available <ulink "
26775
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
26776
#~ "nline</ulink>."
26777
#~ msgstr ""
26778
#~ "更多<application>smbclient</application> 选项请浏览 man 页面:<command>man "
26779
#~ "smbclient</command>,也可以参考<ulink "
26780
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/smbclient.1.html\">o"
26781
#~ "nline</ulink>。"
26782
26783
#~ msgid ""
26784
#~ "The <application>mount.cifs</application><ulink "
26785
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
26786
#~ "man page</ulink> is also useful for more detailed information."
26787
#~ msgstr ""
26788
#~ "<application>mount.cifs</application><ulink "
26789
#~ "url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/mount.cifs.8.html\">"
26790
#~ "man 页面</ulink>在更多细节信息里也同样重要。"
26791
26792
#, no-wrap
26793
#~ msgid ""
26794
#~ "\n"
26795
#~ "--part PATH\n"
26796
#~ " Allows to specify a partition table in partfile each line of partfile "
26797
#~ "should specify\n"
26798
#~ " (root first):\n"
26799
#~ " mountpoint size\n"
26800
#~ " where size is in megabytes. You can have up to 4 virtual disks, a new "
26801
#~ "disk starts on a\n"
26802
#~ " line with ’---’. ie :\n"
26803
#~ " root 1000\n"
26804
#~ " /opt 1000\n"
26805
#~ " swap 256\n"
26806
#~ " ---\n"
26807
#~ " /var 2000\n"
26808
#~ " /log 1500\n"
26809
#~ msgstr ""
26810
#~ "\n"
26811
#~ "--part PATH\n"
26812
#~ " Allows to specify a partition table in partfile each line of partfile "
26813
#~ "should specify\n"
26814
#~ " (root first):\n"
26815
#~ " mountpoint size\n"
26816
#~ " where size is in megabytes. You can have up to 4 virtual disks, a new disk "
26817
#~ "starts on a\n"
26818
#~ " line with ’---’. ie :\n"
26819
#~ " root 1000\n"
26820
#~ " /opt 1000\n"
26821
#~ " swap 256\n"
26822
#~ " ---\n"
26823
#~ " /var 2000\n"
26824
#~ " /log 1500\n"
26825
26826
#~ msgid ""
26827
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
26828
#~ "o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
26829
#~ "-user user --name user --pass default"
26830
#~ msgstr ""
26831
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
26832
#~ "o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
26833
#~ "-user user --name user --pass default"
26834
26835
#~ msgid ""
26836
#~ "This is done using vmbuilder by specifying the --addpkg command multiple "
26837
#~ "times:"
26838
#~ msgstr "这样做是多次使用 vmbuilder 来指定 --addpkg 命令:"
26839
26840
#~ msgid ""
26841
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
26842
#~ "\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
26843
#~ "user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
26844
#~ "mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
26845
#~ "dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
26846
#~ "addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
26847
#~ "addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
26848
#~ "upgrades --addpkg acpid --ppa nijaba \\ --mirror "
26849
#~ "http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
26850
#~ "firstlogin login.sh es"
26851
#~ msgstr ""
26852
#~ "sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
26853
#~ "\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
26854
#~ "user user \\ --name user --pass default --addpkg apache2 --addpkg apache2-"
26855
#~ "mpm-prefork \\ --addpkg apache2-utils --addpkg apache2.2-common --addpkg "
26856
#~ "dbconfig-common \\ --addpkg libapache2-mod-php5 --addpkg mysql-client --"
26857
#~ "addpkg php5-cli \\ --addpkg php5-gd --addpkg php5-ldap --addpkg php5-mysql --"
26858
#~ "addpkg wwwconfig-common \\ --addpkg mysql-server --addpkg unattended-"
26859
#~ "upgrades --addpkg acpid --ppa nijaba \\ --mirror "
26860
#~ "http://mirroraddress:9999/ubuntu --tmpfs - --firstboot boot.sh \\ --"
26861
#~ "firstlogin login.sh es"
26862
26863
#, no-wrap
26864
#~ msgid ""
26865
#~ "\n"
26866
#~ "#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
26867
#~ msgstr ""
26868
#~ "\n"
26869
#~ "#exec /sbin/shutdown -r now \"Control-Alt-Delete pressed\"\n"
26870
26871
#~ msgid ""
26872
#~ "<emphasis>sites-enabled:</emphasis> like mods-enabled, <filename "
26873
#~ "role=\"directory\">sites-enabled</filename> contains symlinks to the "
26874
#~ "<filename>/etc/apache2/sites-available</filename> directory. Similarly when "
26875
#~ "a configuration file in sites-available is symlinked it will be active once "
26876
#~ "Apache is restarted."
26877
#~ msgstr ""
26878
#~ "<emphasis>sites-enabled:</emphasis>跟mods-enabled一样,<filename "
26879
#~ "role=\"directory\">sites-enabled</filename>包含了指向 "
26880
#~ "<filename>/etc/apache2/sites-available</filename>符号链接的目录。类似于当链接了sites-"
26881
#~ "available 的配置文件时,这个配置会在Apache重新启动的时候产生作用。"
26882
26883
#~ msgid ""
26884
#~ "The above configuration snippet assumes that Subversion repositories are "
26885
#~ "created under <filename>/home/svn/</filename> directory using "
26886
#~ "<command>svnadmin</command> command. They can be accessible using "
26887
#~ "<command>htpp://hostname/svn/repos_name</command> url."
26888
#~ msgstr ""
26889
#~ "上面的配置片段中,假设用命令<command>svnadmin</command>来把Subversion库创建到目录<filename>/home/sv"
26890
#~ "n/</filename>下. 然后就可以用地址http://hostname/svn/repos_name</command>来访问."
26891
26892
#~ msgid ""
26893
#~ "Installing likewise-open5 over an existing likewise-open (4.1) installation "
26894
#~ "will replace it. You will have to rejoin the domain after install."
26895
#~ msgstr "在现有的 likewise-open (4.1) 基础上安装 likewise-open5 会替换它。安装后您需要重新加入域。"
26896
26897
#~ msgid ""
26898
#~ "With Ubuntu 9.04 <application>Likewise Open 5.0</application> is available "
26899
#~ "in the <emphasis>Universe</emphasis> repository. However, since upgrading "
26900
#~ "from <application>Likewise Open 4.1</application> currently requires the "
26901
#~ "system to leave the domain and re-join, a separate package for version five "
26902
#~ "was created."
26903
#~ msgstr ""
26904
#~ "在 Ubuntu 9.04 中 <application>Likewise Open 5.0</application> 可从 "
26905
#~ "<emphasis>Universe</emphasis> 软件源获得。然而,由于目前直接从 <application>Likewise Open "
26906
#~ "4.1</application> 升级会要求系统离开和重新加入域,创建了版本 5 的独立软件包。"
26907
26908
#~ msgid "To install <application>Likewise Open 5.0</application> enter:"
26909
#~ msgstr "要安装 <application>Likewise Open 5.0</application> 请输入:"
26910
26911
#~ msgid "sudo apt-get install likewise-open5"
26912
#~ msgstr "sudo apt-get install likewise-open5"
26913
26914
#~ msgid "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
26915
#~ msgstr "sudo apt-get install eucalyptus-cloud eucalyptus-cc"
26916
26917
#~ msgid "Finally, restart <application>eucalyptus-nc</application>:"
26918
#~ msgstr "首先,重新启动<application>eucalyptus-nc</application>:"
26919
26920
#~ msgid ""
26921
#~ "The mirror address specified here will also be used in the "
26922
#~ "<filename>/etc/apt/source.list</filename> of the newly created guest, so it "
26923
#~ "is usefull to specify here an address that can be resolved by the guest or "
26924
#~ "to plan on reseting this address later on, such as in a <emphasis>--"
26925
#~ "firstboot</emphasis> script."
26926
#~ msgstr ""
26927
#~ "这里指定的镜像地址同样会被使用在新建立的来宾帐号的<filename>/etc/apt/source.list</filename>文件中,因此如果需要来"
26928
#~ "宾帐号能够得到或者需要某个地址在以后能够修改的话,这是一个有用的办法,比如在一个<emphasis>-firstboot</emphasis>脚本中。"
26929
26930
#~ msgid ""
26931
#~ "When vmbuilder creates builds your system, it has to go fetch each one of "
26932
#~ "the packages that composes it over the network to one of the official "
26933
#~ "repositories, which, depending on your internet connection speed and the "
26934
#~ "load of the mirror, can have a big impact on the actual build time. In order "
26935
#~ "to reduce this, it is recommended to either have a local repository (which "
26936
#~ "can be created using <application>apt-mirror</application>) or using a "
26937
#~ "caching proxy such as <application>apt-cache</application>. The later option "
26938
#~ "being much simpler to implement and requiring less disk space, it is the one "
26939
#~ "we will pick in this tutorial. To install it, simply type:"
26940
#~ msgstr ""
26941
#~ "当vmbuilder创建您的系统时,它需要通过网络从官方源中的一个取得数据然后组合成各个包,这个过程的长短取决于您的互联网连接的速度和镜像的加载速度,这可"
26942
#~ "能对实际的创建时间产生巨大的影响。为了减少这个时间,就需要拥有一个本地源(可以通过使用<application>apt-"
26943
#~ "mirror</application>)或者使用一个缓冲代理,例如<application>apt-"
26944
#~ "cache</application>。后者是一种更简单的方法来实现更少的磁盘空间占用,这个就是我们将要在指导里面介绍的方法。要安装它,只需键入:"
26945
26946
#~ msgid "Eucalyptus"
26947
#~ msgstr "Encalyptus"
26948
26949
#~ msgid ""
26950
#~ "The Cloud Computing environment will consist of three components, typically "
26951
#~ "installed on at least two separate machines (termed the 'front-end' and "
26952
#~ "'node(s)' for the rest of this document):"
26953
#~ msgstr "云计算环境将包含三个组件,典型的会被安装在至少两个单独的机器上(termed“前端”和“节点”在这个文档的剩余部分)"
26954
26955
#~ msgid ""
26956
#~ "This section will cover setting up a Cloud Computing environment using "
26957
#~ "<application>Eucalyptus</application> with <application>KVM</application>. "
26958
#~ "For more information on KVM see <xref linkend=\"libvirt\"/>."
26959
#~ msgstr ""
26960
#~ "这一节将介绍如何使用<application>Eucalyptus</application>结合<application>KVM</applicatio"
26961
#~ "n>来实现一个云计算环境。更多关于KVM的信息,请参阅<xref linkend=\"libvirt\"/>。"
26962
26963
#~ msgid ""
26964
#~ "<emphasis>Eucalyptus</emphasis> is an open-source software infrastructure "
26965
#~ "for implementing \"cloud computing\" on your own clusters. "
26966
#~ "<emphasis>Eucalyptus</emphasis> allows you to create your own cloud "
26967
#~ "computing environment in order to maximize computing resources and provide a "
26968
#~ "cloud computing environment to your users."
26969
#~ msgstr ""
26970
#~ "<emphasis>Encalyptus</emphasis>是一个用来提供在您自己的簇上实现云计算的基础的开源软件。<emphasis>Eucalypt"
26971
#~ "us</emphasis>允许您生成自己的云计算环境来最大化计算资源,并给您的用户提供一个云计算环境。"
26972
26973
#~ msgid ""
26974
#~ "The simple <emphasis>System</emphasis> networking option will be used by "
26975
#~ "default. This network method allows virtual machine instances, to obtain IP "
26976
#~ "addresses from the local LAN, assuming that a DHCP server is properly "
26977
#~ "configured on the LAN to hand out IPs dynamically to VMs that request them. "
26978
#~ "Each node will be configured for bridge networking. For more details see "
26979
#~ "<xref linkend=\"bridging\"/>."
26980
#~ msgstr ""
26981
#~ "简单的<emphasis>System</emphasis>网络选项会被默认使用。这个方法允许虚拟机实例从本地局域网得到IP地址,假设一个经过适当配置的D"
26982
#~ "HCP服务器工作在局域网里面来为虚拟机动态的产生IP地址。每个节点会被设置成桥状网络工作的模式。更多细节,请参见<xref "
26983
#~ "linkend=\"bridging\"/>"
26984
26985
#~ msgid ""
26986
#~ "<emphasis>One or more Compute Nodes:</emphasis> runs the Node Controller "
26987
#~ "component of Eucalyptus, which allows the machine to be part of the cloud as "
26988
#~ "a host for VMs."
26989
#~ msgstr ""
26990
#~ "<emphasis>一个或者更多计算节点:</emphasis>运行在Eucalyptus的节点控制器上,这样一台机器就可以作为一个虚拟机的宿主而成为一个"
26991
#~ "云的节点。"
26992
26993
#~ msgid ""
26994
#~ "<emphasis>One Front-End:</emphasis> hosts one Cloud Controller, a Java based "
26995
#~ "Web configuration interface, and a Cluster Controller, which determines "
26996
#~ "where virtual machines (VMs) will be housed and manages cluster level VM "
26997
#~ "networking."
26998
#~ msgstr ""
26999
#~ "<emphasis>一个 Front-"
27000
#~ "End:</emphasis>拥有一个云控制器,这是一个基于Java的Web设置界面,还有一个簇控制器,用来定义虚拟机将在那里被封装,并管理簇级别的VM网"
27001
#~ "络。"
27002
27003
#~ msgid ""
27004
#~ "In the web interface's <emphasis>\"Configuration\"</emphasis> tab, add a "
27005
#~ "cluster under the <emphasis>\"Clusters\"</emphasis> heading (in this "
27006
#~ "configuration, the cluster controller is on the same system as the cloud "
27007
#~ "controller, so entering 'localhost' as the cluster hostname is correct). "
27008
#~ "Once the form is filled out click the <emphasis>\"Add Cluster\"</emphasis> "
27009
#~ "button."
27010
#~ msgstr ""
27011
#~ "在Web界面中的<emphasis>“设置”</emphasis>标签中,在<emphasis>“簇”</emphasis>添加一个簇(在这个设置中,因为"
27012
#~ "簇控制器和云控制器处在同一个系统上,所以簇的主机名只要输入\"localhost\"就可以了)。填写完毕之后,点击<emphasis>“添加簇”</emp"
27013
#~ "hasis>按钮。"
27014
27015
#~ msgid ""
27016
#~ "Once the installation is complete, and it may take a while, in a browser go "
27017
#~ "to <emphasis>https://front-end:8443</emphasis> and login to the "
27018
#~ "administration interface using the default username and password of "
27019
#~ "<emphasis>admin</emphasis>. You will then be prompted to change the "
27020
#~ "password, configure an email address for the admin user, and set the storage "
27021
#~ "URL."
27022
#~ msgstr ""
27023
#~ "一旦安装完成,就需要花点时间,打开浏览器,转到<emphasis>http://front-"
27024
#~ "end:8443</emphasis>然后使用默认的用户名和密码登录到管理员界面(默认用户名和密码是<emphasis>admin</emphasis>)"
27025
#~ "。这时您将被提示修改密码,设置管理员用户的Email地址和存储器URL"
27026
27027
#~ msgid ""
27028
#~ "First, on the <emphasis>Front-End</emphasis> install the appropriate "
27029
#~ "packages. In a terminal prompt on the Front-End enter:"
27030
#~ msgstr "首先,在<emphasis>Front-End</emphasis>安装所需的包,在一个Front-End的终端提示中输入:"
27031
27032
#~ msgid ""
27033
#~ "Now, back on the <emphasis>Front-End</emphasis>, add the nodes to the "
27034
#~ "cluster:"
27035
#~ msgstr "现在,返回到<emphasis>Front-End</emphasis>,添加节点到簇。"
27036
27037
#~ msgid ""
27038
#~ "Next, on the each <emphasis>Compute Node</emphasis> install the node "
27039
#~ "controller package. In a terminal prompt on each Compute Node enter:"
27040
#~ msgstr "接下来,在每个<emphasis>计算节点</emphasis>安装节点控制包,在每个计算节点的终端提示中输入;"
27041
27042
#~ msgid "sudo apt-get install eucalyptus-nc"
27043
#~ msgstr "sudo apt-get install eucalyptus-nc"
27044
27045
#~ msgid ""
27046
#~ "See the <ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus "
27047
#~ "website</ulink> for more information."
27048
#~ msgstr ""
27049
#~ "更多信息,请参见<ulink url=\"http://eucalyptus.cs.ucsb.edu/\">Eucalyptus 网站</ulink>"
27050
27051
#~ msgid ""
27052
#~ "<application>Eucalyptus</application> is now ready to host images on the "
27053
#~ "cloud."
27054
#~ msgstr "<application>Eucalyptus</application>现在已经准备host image on the cloud。"
27055
27056
#, no-wrap
27057
#~ msgid ""
27058
#~ "\n"
27059
#~ "VNET_INTERFACE=\"br0\"\n"
27060
#~ "...\n"
27061
#~ "VNET_BRIDGE=\"br0\"\n"
27062
#~ msgstr ""
27063
#~ "\n"
27064
#~ "VNET_INTERFACE=\"br0\"\n"
27065
#~ "...\n"
27066
#~ "VNET_BRIDGE=\"br0\"\n"
27067
27068
#~ msgid ""
27069
#~ "Be sure to replace <emphasis>nodecontroller</emphasis>, "
27070
#~ "<emphasis>node01</emphasis>, and <emphasis>node02</emphasis> with actual "
27071
#~ "hostnames."
27072
#~ msgstr ""
27073
#~ "一定要使用真实的主机名来替换<emphasis>nodecontroller</emphasis>,<emphasis>node01</emphasis>"
27074
#~ "和<emphasis>node02</emphasis>。"
27075
27076
#~ msgid "sudo /etc/init.d/eucalyptus-nc restart"
27077
#~ msgstr "sudo /etc/init.d/eucalyptus-nc restart"
27078
27079
#~ msgid ""
27080
#~ "You will then be prompted to log into your Node, install the "
27081
#~ "<application>eucalyptus-nc</application> package, and add the "
27082
#~ "<emphasis>eucalyptus</emphasis> user's ssh key to the node's "
27083
#~ "<filename>authorized_keys</filename> file, and confirm authenticity of the "
27084
#~ "host's OpenSSH RSA key fingerprint. Finally, the command will complete by "
27085
#~ "synchronizing the eucalyptus component keys and node registration is "
27086
#~ "complete."
27087
#~ msgstr ""
27088
#~ "您这时将会被提示来登录您的节点,安装<application>eucalyptus-"
27089
#~ "nc</application>包,然后添加<emphasis>eucalyptus</emphasis>用户的ssh键到节点的<filename>aut"
27090
#~ "horized_keys</filename>文件,然后确认主机的OpenSSH "
27091
#~ "RSA的键指印的正确性。最后,命令将会同步encalyptus组建的键,这样节点的注册就结束了。"
27092
27093
#~ msgid ""
27094
#~ "On the Node, the <filename>/etc/eucalyptus/eucalyptus.conf</filename> "
27095
#~ "configuration file will need editing to use your node's bridge interface "
27096
#~ "(assuming here that the interface is named <emphasis>'br0'</emphasis>):"
27097
#~ msgstr ""
27098
#~ "在节点上,配置文件<filename>/etc/eucalyptus/eucalyptus.conf</filename>需要进行编辑来使用您自己的桥接口"
27099
#~ "(假设这里的那个接口被命名为<emphasis>“br0”</emphasis>):"
27100
27101
#~ msgid "sudo euca_conf -addnode hostname_of_node"
27102
#~ msgstr "sudo euca_conf -addnode hostname_of_node"
27103
27104
#~ msgid ""
27105
#~ "Ubuntu installs GNU GRUB as its default boot loader, which allows for great "
27106
#~ "flexibility and recovery options. For example, when you install additional "
27107
#~ "kernel images, these are automatically added as available boot options in "
27108
#~ "the <application>grub</application> menu. Also, by default, alternate boot "
27109
#~ "options are available for each kernel entry that may be used for system "
27110
#~ "recovery, aptly labeled (recovery mode). Recovery mode simply boots the "
27111
#~ "corresponding kernel image into single user mode (init 1), which lands the "
27112
#~ "administrator at a root prompt without the need for any password."
27113
#~ msgstr ""
27114
#~ "Ubuntu使用GUN "
27115
#~ "GRUB作为它的默认的启动装载器,它有很强的灵活性和很多修复选项。比如说说,当你安装了附加的内核镜像,它们将作为可选的启动项被自动地添加到<applica"
27116
#~ "tion>grub</application>菜单。同时,默认情况下,文本启动选项对每个交替内核用于系统还原都适用,一般添加有标签(安全模式)。安全模式只"
27117
#~ "是启动进入相应内核镜像的单用户模式(init 1),在这种情况下,管理员仅仅得到一个root提示,而不需要输入密码。"
27118
27119
#~ msgid ""
27120
#~ "You can prevent these actions by adding a password to GRUB's configuration "
27121
#~ "file of <filename>/boot/grub/menu.lst</filename>, which will be required to "
27122
#~ "unlock GRUB's more advanced features prior to use."
27123
#~ msgstr ""
27124
#~ "你可以通过给GRUB的配置文件<filename>/boot/grub/menu.list</filename>添加一个密码来防止这种现象,操作前会被要求"
27125
#~ "解锁GRUB的高级特性。"
27126
27127
#~ msgid ""
27128
#~ "Add the resulting hash value to the file "
27129
#~ "<filename>/boot/grub/menu.lst</filename> in the following format:"
27130
#~ msgstr "以下面的这种格式添加哈希的结果到文件<filename>/boot/grub/menu.list</filename>:"
27131
27132
#~ msgid "chmod 644 .ssh/authorized_keys"
27133
#~ msgstr "chmod 644 .ssh/authorized_keys"
27134
27135
#~ msgid "Finally, update the MOTD:"
27136
#~ msgstr "最后,更新MOTD:"
27137
27138
#~ msgid ""
27139
#~ "sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
27140
#~ msgstr ""
27141
#~ "sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
27142
27143
#~ msgid ""
27144
#~ "First, copy the <filename>easy-rsa</filename> directory to "
27145
#~ "<filename>/etc/openvpn</filename>. This will ensure that any changes to the "
27146
#~ "scripts will not be lost when the package is updated. From a terminal enter:"
27147
#~ msgstr ""
27148
#~ "首先,将目录<filename>easy-"
27149
#~ "rsa</filename>复制到<filename>/etc/openvpn</filename>。这么做会保证对脚本的任何更改不会因为软件包的更新而丢"
27150
#~ "失。在终端下输入:"
27151
27152
#~ msgid "cd /etc/openvpn/easy-rsa/easy-rsa"
27153
#~ msgstr "cd /etc/openvpn/easy-rsa/easy-rsa"
27154
27155
#~ msgid "/etc/openvpn/easy-rsa/hostname.crt"
27156
#~ msgstr "/etc/openvpn/easy-rsa/hostname.crt"
27157
27158
#~ msgid "/etc/openvpn/easy-rsa/hostname.key"
27159
#~ msgstr "/etc/openvpn/easy-rsa/hostname.key"
27160
27161
#~ msgid "/etc/openvpn/easy-rsa/ta.key"
27162
#~ msgstr "/etc/openvpn/easy-rsa/ta.key"
27163
27164
#~ msgid "/etc/openvpn/easy-rsa/hostname.ovpn"
27165
#~ msgstr "/etc/openvpn/easy-rsa/hostname.ovpn"
27166
27167
#~ msgid "/etc/openvpn/easy-rsa/ca.crt"
27168
#~ msgstr "/etc/openvpn/easy-rsa/ca.crt"
27169
27170
#, no-wrap
27171
#~ msgid ""
27172
#~ "\n"
27173
#~ "local 172.18.100.101\n"
27174
#~ "dev tap0\n"
27175
#~ "server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
27176
#~ "push \"route 172.18.100.1 255.255.255.0\"\n"
27177
#~ "push \"dhcp-option DNS 172.18.100.20\"\n"
27178
#~ "push \"dhcp-option DOMAIN example.com\"\n"
27179
#~ "tls-auth ta.key 0 # This file is secret\n"
27180
#~ "user nobody\n"
27181
#~ "group nogroup\n"
27182
#~ msgstr ""
27183
#~ "\n"
27184
#~ "local 172.18.100.101\n"
27185
#~ "dev tap0\n"
27186
#~ "server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
27187
#~ "push \"route 172.18.100.1 255.255.255.0\"\n"
27188
#~ "push \"dhcp-option DNS 172.18.100.20\"\n"
27189
#~ "push \"dhcp-option DOMAIN example.com\"\n"
27190
#~ "tls-auth ta.key 0 # This file is secret\n"
27191
#~ "user nobody\n"
27192
#~ "group nogroup\n"
27193
27194
#~ msgid ""
27195
#~ "Edit <filename>etc/openvpn/server.conf</filename> changing the following "
27196
#~ "options to:"
27197
#~ msgstr "编辑<filename>etc/openvpn/server.conf</filename>将以下选项更改成:"
27198
27199
#~ msgid ""
27200
#~ "With the server configured and the client certificates copied over, create a "
27201
#~ "client configuration file by copying the example. In a terminal on the "
27202
#~ "client machine enter:"
27203
#~ msgstr "在服务器配置完后,客户端证书也复制了后,通过复制示例文件来创建一个客户端配置文件。在客户端的终端输入:"
24558
27204
24559
27205
#~ msgid ""
24560
27206
#~ "There are several ways to automate the Ubuntu installation process, for "
24561
27207
#~ "example using preseeds, kickstart, etc. Refer to the <ulink "
24562
#~ "url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu Installation "
27208
#~ "url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
24563
27209
#~ "Guide</ulink> for details."
24564
27210
#~ msgstr ""
24565
#~ "有很多种方式来让ubuntu的安装自动进行,比如使用preseeds,kickstart等等. 详情请参见<ulink "
24566
#~ "url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu 安装指南</ulink>."
27211
#~ "有几种方法可以让Ubuntu的安装实现自动化,如使用preseeds, kickstart等等。详细信息请查看<ulink "
27212
#~ "url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
27213
#~ "Guide</ulink>。"
27214
27215
#~ msgid ""
27216
#~ "As this example is based on <application>KVM</application> and Ubuntu 9.10 "
27217
#~ "(Karmic Koala), and we are likely to rebuild the same virtual machine "
27218
#~ "multiple time, we'll invoke vmbuilder with the following first parameters:"
27219
#~ msgstr ""
27220
#~ "因为此例是基于<application>KVM</application>和Ubuntu 9.10 (Karmic "
27221
#~ "Koala),我们可以多次重建同样的虚拟机,我们可以使用以下的参数来调用vmbuilder:"
24567
27222
24568
27223
#, no-wrap
24569
27224
#~ msgid ""
24570
27225
#~ "\n"
24571
#~ " workgroup = EXAMPLE\n"
24572
#~ " ...\n"
24573
#~ " security = domain\n"
24574
#~ msgstr ""
24575
#~ "\n"
24576
#~ " workgroup = EXAMPLE\n"
24577
#~ " ...\n"
24578
#~ " security = domain\n"
27226
#~ "deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27227
#~ "multiverse \n"
27228
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27229
#~ "multiverse\n"
27230
#~ "\n"
27231
#~ "deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27232
#~ "universe multiverse \n"
27233
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27234
#~ "universe multiverse \n"
27235
#~ "\n"
27236
#~ "deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
27237
#~ "universe multiverse \n"
27238
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
27239
#~ "universe multiverse \n"
27240
#~ "\n"
27241
#~ "deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
27242
#~ "universe multiverse \n"
27243
#~ "/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
27244
#~ "universe multiverse \n"
27245
#~ "\n"
27246
#~ "deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27247
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27248
#~ "installer \n"
27249
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27250
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27251
#~ "installer \n"
27252
#~ msgstr ""
27253
#~ "\n"
27254
#~ "deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27255
#~ "multiverse \n"
27256
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
27257
#~ "multiverse\n"
27258
#~ "\n"
27259
#~ "deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27260
#~ "universe multiverse \n"
27261
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
27262
#~ "universe multiverse \n"
27263
#~ "\n"
27264
#~ "deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
27265
#~ "universe multiverse \n"
27266
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
27267
#~ "universe multiverse \n"
27268
#~ "\n"
27269
#~ "deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
27270
#~ "universe multiverse \n"
27271
#~ "/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
27272
#~ "universe multiverse \n"
27273
#~ "\n"
27274
#~ "deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27275
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27276
#~ "installer \n"
27277
#~ "/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
27278
#~ "restricted/debian-installer universe/debian-installer multiverse/debian-"
27279
#~ "installer \n"
27280
27281
#~ msgid ""
27282
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
27283
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
27284
#~ msgstr ""
27285
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
27286
#~ "--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
27287
27288
#~ msgid ""
27289
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27290
#~ "libvirt qemu:///system --ip 192.168.0.100"
27291
#~ msgstr ""
27292
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27293
#~ "libvirt qemu:///system --ip 192.168.0.100"
27294
27295
#~ msgid ""
27296
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27297
#~ "libvirt qemu:///system"
27298
#~ msgstr ""
27299
#~ "sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
27300
#~ "libvirt qemu:///system"
27301
27302
#~ msgid ""
27303
#~ "This chapter provides an overview of security related topics as they pertain "
27304
#~ "to Ubuntu 9.10 Server Edition, and outlines simple measures you may use to "
27305
#~ "protect your server and network from any number of potential security "
27306
#~ "threats."
27307
#~ msgstr "本章提供了有关Ubuntu 9.10服务器版本安全相关话题的概述,并概要的介绍了一些用来保护你的服务器和网络不受潜在安全威胁的简单措施。"
Loggerhead is a web-based interface for Breezy
Version: 2.0.1