« back to all changes in this revision
Viewing changes to serverguide/po/uk.po
- browse files at revision 379
- compare with another revision
- download diff
- download tarball
- view history from revision 379
- Committer: Matthew East
- Date: 2009-10-17 13:38:29 UTC
- Revision ID: matt@matt-vbox-20091017133829-0rix7b9gsqs5usob
Add translations exported from Rosetta as at 16.10.09
- files added:
- about-ubuntu/po/dv.po
- files modified:
- about-ubuntu/po/about-ubuntu.pot
added
removed
serverguide/po/uk.po
7
7
msgstr ""
8
8
"Project-Id-Version: ubuntu-docs\n"
9
9
"Report-Msgid-Bugs-To: FULL NAME <EMAIL@ADDRESS>\n"
10
"POT-Creation-Date: 2009-04-03 23:05+0100\n"
11
"PO-Revision-Date: 2009-04-01 18:33+0000\n"
10
"POT-Creation-Date: 2009-10-04 21:24+0100\n"
11
"PO-Revision-Date: 2009-06-30 10:24+0000\n"
12
12
"Last-Translator: Arthur Kulik <arthur.kulik@gmail.com>\n"
13
13
"Language-Team: Ukrainian <uk@li.org>\n"
14
14
"MIME-Version: 1.0\n"
15
15
"Content-Type: text/plain; charset=UTF-8\n"
16
16
"Content-Transfer-Encoding: 8bit\n"
17
"X-Launchpad-Export-Date: 2009-04-09 18:33+0000\n"
17
"X-Launchpad-Export-Date: 2009-10-16 07:27+0000\n"
18
18
"X-Generator: Launchpad (build Unknown)\n"
19
19
20
20
#: serverguide/C/serverguide-C.omf:6(creator) serverguide/C/serverguide-C.omf:7(maintainer)
21
21
msgid "ubuntu-doc@lists.ubuntu.com (Ubuntu Documentation Project)"
22
msgstr ""
22
msgstr "ubuntu-doc@lists.ubuntu.com (Проект документації Ubuntu)"
23
23
24
24
#: serverguide/C/serverguide-C.omf:8(title) serverguide/C/serverguide-C.omf:11(description) serverguide/C/serverguide.xml:14(title) serverguide/C/bookinfo.xml:13(title)
25
25
msgid "Ubuntu Server Guide"
31
31
32
32
#: serverguide/C/windows-networking.xml:13(title)
33
33
msgid "Windows Networking"
34
msgstr ""
34
msgstr "Мережне оточення Windows"
35
35
36
36
#: serverguide/C/windows-networking.xml:15(para)
37
37
msgid ""
44
44
"principles and tools used in configuring your Ubuntu Server for sharing "
45
45
"network resources with Windows computers."
46
46
msgstr ""
47
"Комп'ютерні мережі часто складаються із різнорідних систем. У той час, як "
48
"керування мережею, яка повністю складається з робочих станцій та серверів "
49
"Ubuntu — легка задача, деякі мережі повинні поєднувати системи на основі "
50
"Ubuntu та <trademark class=\"registered\">Microsoft</trademark><trademark "
51
"class=\"registered\">Windows</trademark>, гармонійно співіснуючі одна з "
52
"одною. Ця частина Керівництва розглядає принципи та інструменти, які "
53
"використовуються у налаштуванні вашого серверу Ubuntu для взаємодії з "
54
"Windows-комп'ютерами."
47
55
48
#: serverguide/C/windows-networking.xml:25(title) serverguide/C/virtualization.xml:397(title) serverguide/C/security.xml:412(title) serverguide/C/remote-administration.xml:22(title) serverguide/C/package-management.xml:20(title) serverguide/C/jeos.xml:16(title) serverguide/C/introduction.xml:13(title)
56
#: serverguide/C/windows-networking.xml:25(title) serverguide/C/virtualization.xml:397(title) serverguide/C/security.xml:412(title) serverguide/C/remote-administration.xml:22(title) serverguide/C/package-management.xml:20(title) serverguide/C/introduction.xml:13(title)
49
57
msgid "Introduction"
50
58
msgstr "Вступ"
51
59
57
65
"users involved in the network, and may be classified under three major "
58
66
"categories of functionality:"
59
67
msgstr ""
68
"Успішна мережна взаємодія вашої системи Ubuntu з Windows-клієнтами включає в "
69
"себе забезпечення та інтеграцію з службами, спільними для оточення Windows. "
70
"Такі служби підтримують спільне використання даних та інформації про "
71
"комп'ютери та користувачів мережі, і можуть відноситись до трьох основних "
72
"функціональних категоріїв:"
60
73
61
74
#: serverguide/C/windows-networking.xml:35(para)
62
75
msgid ""
64
77
"the Server Message Block (SMB) protocol to facilitate the sharing of files, "
65
78
"folders, volumes, and the sharing of printers throughout the network."
66
79
msgstr ""
80
"<emphasis role=\"bold\">Служби доступу до файлів і принтерів </emphasis>. "
81
"Використання протоколу блоку серверних повідомлень (SMB) для забезпечення "
82
"спільного використання файлів, папок, томів, а також загального доступу до "
83
"принтерів через мережу."
67
84
68
85
#: serverguide/C/windows-networking.xml:41(para)
69
86
msgid ""
72
89
"technologies as the Lightweight Directory Access Protocol (LDAP) and "
73
90
"Microsoft <trademark class=\"registered\">Active Directory</trademark>."
74
91
msgstr ""
92
"<emphasis role=\"bold\">Служби каталогу</emphasis>. Розподіл важливої "
93
"інформації про комп'ютери та користувачів мережі з використанням таких "
94
"технологій, як полегшений протокол доступу до каталогів (LDAP) і Microsoft "
95
"<trademark class=\"registered\"> Active Directory </trademark>."
75
96
76
97
#: serverguide/C/windows-networking.xml:48(para)
77
98
msgid ""
81
102
"principles and technologies as file permissions, group policies, and the "
82
103
"Kerberos authentication service."
83
104
msgstr ""
105
"<emphasis role=\"bold\">Посвідчення і доступ </emphasis>. Встановлення "
106
"автентичності комп'ютера або користувача мережі та визначення інформації, до "
107
"якої комп'ютеру або користувачу дозволяється мати доступ за допомогою прав "
108
"доступу до файлів, групових політик і служби посвідчення Kerberos."
84
109
85
110
#: serverguide/C/windows-networking.xml:56(para)
86
111
msgid ""
89
114
"of software your Ubuntu system includes for Windows networking is the Samba "
90
115
"suite of SMB server applications and tools."
91
116
msgstr ""
117
"На щастя, ваша система Ubuntu може надавати всі ці блага Windows-клієнтам і "
118
"давати доступ до мережевих ресурсів. Однією з головних програм Ubuntu, "
119
"призначених для роботи по мережі з Windows, є пакет Samba, що складається з "
120
"серверних додатків та інструментів SMB."
92
121
93
122
#: serverguide/C/windows-networking.xml:62(para)
94
123
msgid ""
98
127
"Samba can be found on the <ulink url=\"http://www.samba.org\">Samba "
99
128
"website</ulink>."
100
129
msgstr ""
130
"Розділ Керівництво по серверу <phrase>Ubuntu</phrase> познайомить вас із "
131
"загальними принципами роботи з Samba, покаже, як встановити та налаштувати "
132
"необхідні пакети. Додаткова, більш докладна, інформація по Samba може бути "
133
"знайдена на <ulink url=\"http://www.samba.org\">Сайті проекту Samba </ulink>."
101
134
102
135
#: serverguide/C/windows-networking.xml:70(title)
103
136
msgid "Samba File Server"
109
142
"configure Samba as a File Server. This section covers setting up a "
110
143
"<application>Samba</application> server to share files with Windows clients."
111
144
msgstr ""
145
"Один з найбільш поширених способів об'єднання в мережу комп'ютерів під "
146
"управлінням Ubuntu і Windows - настройка Samba в якості файлового сервера. "
147
"Ця секція охоплює налаштування сервера <application>Samba</application> для "
148
"надання доступу до файлів для Windows-клієнтів."
112
149
113
150
#: serverguide/C/windows-networking.xml:77(para)
114
151
msgid ""
116
153
"without prompting for a password. If your environment requires stricter "
117
154
"Access Controls see <xref linkend=\"samba-fileprint-security\"/>"
118
155
msgstr ""
156
"Сервер буде налаштований для надання доступу до файлів будь-якому клієнту "
157
"мережі без запиту пароля. Якщо вам потрібна більш суворий контроль доступу, "
158
"дивіться <xref linkend=\"samba-fileprint-security\"/>"
119
159
120
#: serverguide/C/windows-networking.xml:83(title) serverguide/C/windows-networking.xml:282(title) serverguide/C/windows-networking.xml:1279(title) serverguide/C/web-servers.xml:41(title) serverguide/C/web-servers.xml:669(title) serverguide/C/web-servers.xml:804(title) serverguide/C/web-servers.xml:925(title) serverguide/C/virtualization.xml:62(title) serverguide/C/virtualization.xml:1341(title) serverguide/C/vcs.xml:28(title) serverguide/C/vcs.xml:86(title) serverguide/C/vcs.xml:400(title) serverguide/C/remote-administration.xml:52(title) serverguide/C/remote-administration.xml:220(title) serverguide/C/network-config.xml:625(title) serverguide/C/network-auth.xml:52(title) serverguide/C/network-auth.xml:1230(title) serverguide/C/network-auth.xml:1736(title) serverguide/C/network-auth.xml:2127(title) serverguide/C/mail.xml:33(title) serverguide/C/mail.xml:297(title) serverguide/C/mail.xml:470(title) serverguide/C/mail.xml:614(title) serverguide/C/mail.xml:1094(title) serverguide/C/lamp-applications.xml:108(title) serverguide/C/lamp-applications.xml:275(title) serverguide/C/lamp-applications.xml:359(title) serverguide/C/installation.xml:13(title) serverguide/C/installation.xml:907(title) serverguide/C/file-server.xml:342(title) serverguide/C/file-server.xml:454(title) serverguide/C/dns.xml:23(title) serverguide/C/databases.xml:40(title) serverguide/C/databases.xml:159(title) serverguide/C/backups.xml:593(title)
160
#: serverguide/C/windows-networking.xml:83(title) serverguide/C/windows-networking.xml:282(title) serverguide/C/windows-networking.xml:1279(title) serverguide/C/web-servers.xml:41(title) serverguide/C/web-servers.xml:669(title) serverguide/C/web-servers.xml:804(title) serverguide/C/web-servers.xml:925(title) serverguide/C/vpn.xml:33(title) serverguide/C/virtualization.xml:62(title) serverguide/C/virtualization.xml:1341(title) serverguide/C/vcs.xml:28(title) serverguide/C/vcs.xml:86(title) serverguide/C/vcs.xml:402(title) serverguide/C/remote-administration.xml:52(title) serverguide/C/remote-administration.xml:220(title) serverguide/C/network-config.xml:603(title) serverguide/C/network-auth.xml:52(title) serverguide/C/network-auth.xml:1244(title) serverguide/C/network-auth.xml:1749(title) serverguide/C/network-auth.xml:2140(title) serverguide/C/monitoring.xml:42(title) serverguide/C/monitoring.xml:423(title) serverguide/C/mail.xml:40(title) serverguide/C/mail.xml:478(title) serverguide/C/mail.xml:651(title) serverguide/C/mail.xml:795(title) serverguide/C/mail.xml:1284(title) serverguide/C/lamp-applications.xml:108(title) serverguide/C/lamp-applications.xml:282(title) serverguide/C/lamp-applications.xml:398(title) serverguide/C/installation.xml:13(title) serverguide/C/installation.xml:908(title) serverguide/C/file-server.xml:342(title) serverguide/C/file-server.xml:454(title) serverguide/C/dns.xml:23(title) serverguide/C/databases.xml:40(title) serverguide/C/databases.xml:159(title) serverguide/C/chat.xml:37(title) serverguide/C/chat.xml:136(title) serverguide/C/backups.xml:593(title)
121
161
msgid "Installation"
122
162
msgstr "Встановлення"
123
163
141
181
"Це все що потрібно; наразі ви готові до налаштування Samba, щоб розшарити "
142
182
"файли."
143
183
144
#: serverguide/C/windows-networking.xml:99(title) serverguide/C/windows-networking.xml:299(title) serverguide/C/web-servers.xml:61(title) serverguide/C/web-servers.xml:720(title) serverguide/C/web-servers.xml:815(title) serverguide/C/web-servers.xml:952(title) serverguide/C/web-servers.xml:1046(title) serverguide/C/virtualization.xml:1226(title) serverguide/C/virtualization.xml:1415(title) serverguide/C/vcs.xml:39(title) serverguide/C/vcs.xml:418(title) serverguide/C/remote-administration.xml:74(title) serverguide/C/remote-administration.xml:245(title) serverguide/C/package-management.xml:365(title) serverguide/C/network-config.xml:647(title) serverguide/C/network-auth.xml:88(title) serverguide/C/network-auth.xml:1775(title) serverguide/C/network-auth.xml:2148(title) serverguide/C/mail.xml:306(title) serverguide/C/mail.xml:480(title) serverguide/C/mail.xml:699(title) serverguide/C/mail.xml:1119(title) serverguide/C/lamp-applications.xml:128(title) serverguide/C/lamp-applications.xml:302(title) serverguide/C/lamp-applications.xml:389(title) serverguide/C/file-server.xml:355(title) serverguide/C/file-server.xml:480(title) serverguide/C/dns.xml:39(title) serverguide/C/databases.xml:84(title) serverguide/C/databases.xml:178(title) serverguide/C/clustering.xml:39(title) serverguide/C/backups.xml:616(title)
184
#: serverguide/C/windows-networking.xml:99(title) serverguide/C/windows-networking.xml:299(title) serverguide/C/web-servers.xml:61(title) serverguide/C/web-servers.xml:720(title) serverguide/C/web-servers.xml:815(title) serverguide/C/web-servers.xml:952(title) serverguide/C/web-servers.xml:1046(title) serverguide/C/vpn.xml:137(title) serverguide/C/virtualization.xml:1226(title) serverguide/C/virtualization.xml:1415(title) serverguide/C/vcs.xml:39(title) serverguide/C/vcs.xml:420(title) serverguide/C/remote-administration.xml:74(title) serverguide/C/remote-administration.xml:245(title) serverguide/C/package-management.xml:365(title) serverguide/C/network-config.xml:625(title) serverguide/C/network-auth.xml:88(title) serverguide/C/network-auth.xml:1788(title) serverguide/C/network-auth.xml:2161(title) serverguide/C/monitoring.xml:187(title) serverguide/C/monitoring.xml:449(title) serverguide/C/mail.xml:487(title) serverguide/C/mail.xml:661(title) serverguide/C/mail.xml:880(title) serverguide/C/mail.xml:1309(title) serverguide/C/lamp-applications.xml:128(title) serverguide/C/lamp-applications.xml:309(title) serverguide/C/lamp-applications.xml:428(title) serverguide/C/file-server.xml:355(title) serverguide/C/file-server.xml:480(title) serverguide/C/dns.xml:39(title) serverguide/C/databases.xml:84(title) serverguide/C/databases.xml:178(title) serverguide/C/clustering.xml:47(title) serverguide/C/chat.xml:57(title) serverguide/C/chat.xml:148(title) serverguide/C/backups.xml:616(title)
145
185
msgid "Configuration"
146
186
msgstr "Налаштовування"
147
187
152
192
"a significant amount of comments in order to document various configuration "
153
193
"directives."
154
194
msgstr ""
195
"Головний файл налаштування Samba знаходиться тут: "
196
"<filename>/etc/samba/smb.conf</filename>. Настройки за замовчуванням містять "
197
"вичерпну кількість коментарів, що описують різні варіанти встановлення."
155
198
156
199
#: serverguide/C/windows-networking.xml:106(para)
157
200
msgid ""
174
217
"Спочатку, відредагуйте пари ключ/значення в <emphasis>[global]</emphasis> "
175
218
"розділі <filename>/etc/samba/smb.conf</filename>:"
176
219
177
#: serverguide/C/windows-networking.xml:121(programlisting) serverguide/C/windows-networking.xml:306(programlisting) serverguide/C/windows-networking.xml:975(programlisting)
220
#: serverguide/C/windows-networking.xml:121(programlisting) serverguide/C/windows-networking.xml:306(programlisting) serverguide/C/windows-networking.xml:761(programlisting) serverguide/C/windows-networking.xml:975(programlisting)
178
221
#, no-wrap
179
222
msgid ""
180
223
"\n"
249
292
"anywhere on the filesystem as long as the permissions are correct, but "
250
293
"adhering to standards is recommended."
251
294
msgstr ""
295
"Цей приклад використовує <filename>/srv/samba/sharename</filename>, оскільки "
296
"відповідно до <emphasis>Стандарту Ієрархії файлової системи (FHS) "
297
"</emphasis> папка <ulink url=\"http://www.pathname.com/fhs/pub/fhs-"
298
"2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM\">/srv</ulink> призначена для "
299
"зберігання даних, що відносяться до сайту. Технічно ресурси Samba можуть "
300
"розташовуватися в будь-якому місці файлової системи, якщо для них виставлені "
301
"правильні права доступу, але все-таки рекомендується дотримуватися "
302
"стандартів."
252
303
253
304
#: serverguide/C/windows-networking.xml:168(para)
254
305
msgid ""
268
319
269
320
#: serverguide/C/windows-networking.xml:179(para)
270
321
msgid ""
271
"<emphasis>read only:</emphasis> gives write access to the shared directory."
272
msgstr "<emphasis>read only:</emphasis> надає розшареній папці права запису."
322
"<emphasis>read only:</emphasis> determines if the share is read only or if "
323
"write privileges are granted. Write privileges are allowed only when the "
324
"value is <emphasis>no</emphasis>, as is seen in this example. If the value "
325
"is <emphasis>yes</emphasis>, then access to the share is read only."
326
msgstr ""
273
327
274
328
#: serverguide/C/windows-networking.xml:184(para)
275
329
msgid ""
312
366
"Нарешті, перезавантажте <application>samba</application> сервіс, щоб задіяти "
313
367
"нові налаштування:"
314
368
315
#: serverguide/C/windows-networking.xml:218(command) serverguide/C/windows-networking.xml:326(command) serverguide/C/windows-networking.xml:458(command) serverguide/C/windows-networking.xml:557(command) serverguide/C/windows-networking.xml:922(command) serverguide/C/windows-networking.xml:1032(command) serverguide/C/windows-networking.xml:1142(command) serverguide/C/network-auth.xml:1510(command)
369
#: serverguide/C/windows-networking.xml:218(command) serverguide/C/windows-networking.xml:326(command) serverguide/C/windows-networking.xml:458(command) serverguide/C/windows-networking.xml:557(command) serverguide/C/windows-networking.xml:922(command) serverguide/C/windows-networking.xml:1032(command) serverguide/C/windows-networking.xml:1142(command) serverguide/C/network-auth.xml:1523(command)
316
370
msgid "sudo /etc/init.d/samba restart"
317
371
msgstr "sudo /etc/init.d/samba restart"
318
372
322
376
"local network. For a more secure configuration see <xref linkend=\"samba-"
323
377
"fileprint-security\"/>."
324
378
msgstr ""
379
"Повторимо ще раз, наведена вище конфігурація дає повний доступ будь-якого "
380
"клієнта в локальній мережі. Якщо вам потрібна більш захищена конфігурація, "
381
"дивіться <xref linkend=\"samba-fileprint-security\"/>."
325
382
326
383
#: serverguide/C/windows-networking.xml:231(para)
327
384
msgid ""
338
395
"share actually exists and the permissions are correct."
339
396
msgstr ""
340
397
341
#: serverguide/C/windows-networking.xml:243(title) serverguide/C/windows-networking.xml:336(title) serverguide/C/windows-networking.xml:686(title) serverguide/C/windows-networking.xml:1051(title) serverguide/C/windows-networking.xml:1253(title) serverguide/C/virtualization.xml:366(title) serverguide/C/virtualization.xml:1163(title) serverguide/C/remote-administration.xml:478(title) serverguide/C/network-config.xml:269(title) serverguide/C/network-config.xml:512(title) serverguide/C/network-auth.xml:1186(title) serverguide/C/network-auth.xml:1625(title) serverguide/C/network-auth.xml:2223(title) serverguide/C/network-auth.xml:2727(title) serverguide/C/jeos.xml:782(title) serverguide/C/installation.xml:847(title) serverguide/C/installation.xml:1123(title) serverguide/C/databases.xml:122(title) serverguide/C/databases.xml:268(title) serverguide/C/backups.xml:855(title)
398
#: serverguide/C/windows-networking.xml:243(title) serverguide/C/windows-networking.xml:336(title) serverguide/C/windows-networking.xml:686(title) serverguide/C/windows-networking.xml:1051(title) serverguide/C/windows-networking.xml:1253(title) serverguide/C/virtualization.xml:366(title) serverguide/C/virtualization.xml:1163(title) serverguide/C/remote-administration.xml:478(title) serverguide/C/network-config.xml:247(title) serverguide/C/network-config.xml:490(title) serverguide/C/network-auth.xml:1199(title) serverguide/C/network-auth.xml:1638(title) serverguide/C/network-auth.xml:2236(title) serverguide/C/network-auth.xml:2739(title) serverguide/C/installation.xml:848(title) serverguide/C/installation.xml:1124(title) serverguide/C/databases.xml:122(title) serverguide/C/databases.xml:268(title) serverguide/C/backups.xml:855(title)
342
399
msgid "Resources"
343
400
msgstr "Ресурси"
344
401
838
895
msgid ""
839
896
"You should now be able to read, write, and execute files in the shared "
840
897
"directory as normal, and the <application>smbd</application> binary will "
841
"have access to only the configured files and direcotories. Be sure to add "
898
"have access to only the configured files and directories. Be sure to add "
842
899
"entries for each directory you configure Samba to share. Also, any errors "
843
900
"will be logged to <filename>/var/log/syslog</filename>."
844
901
msgstr ""
905
962
"should relate to your organization:"
906
963
msgstr ""
907
964
908
#: serverguide/C/windows-networking.xml:761(programlisting)
909
#, no-wrap
910
msgid ""
911
"\n"
912
" workgroup = EXAMPLE\n"
913
" ...\n"
914
" security = domain\n"
915
msgstr ""
916
917
965
#: serverguide/C/windows-networking.xml:770(para)
918
966
msgid ""
919
967
"In the commented <quote>Domains</quote> section add or uncomment the "
929
977
" logon drive = H:\n"
930
978
" logon home = \\\\%N\\%U\n"
931
979
" logon script = logon.cmd\n"
932
" add machine script = sudo /usr/sbin/useradd -n -g machines -c Machine -d "
980
" add machine script = sudo /usr/sbin/useradd -N -g machines -c Machine -d "
933
981
"/var/lib/samba -s /bin/false %u\n"
934
982
msgstr ""
935
983
1348
1396
1349
1397
#: serverguide/C/windows-networking.xml:1223(para)
1350
1398
msgid ""
1351
"This will copy the the <filename>/etc/hosts</filename> to "
1399
"This will copy the <filename>/etc/hosts</filename> to "
1352
1400
"<filename>//fs01.example.com/share/hosts</filename>."
1353
1401
msgstr ""
1354
1402
1442
1490
"will replace it. You will have to rejoin the domain after install."
1443
1491
msgstr ""
1444
1492
1445
#: serverguide/C/windows-networking.xml:1316(para)
1446
msgid ""
1447
"The command line tools, and GUI interface, for likewise-open5 are the same "
1448
"as version four."
1449
msgstr ""
1450
1451
#: serverguide/C/windows-networking.xml:1324(title)
1493
#: serverguide/C/windows-networking.xml:1317(title)
1452
1494
msgid "Joining a Domain"
1453
1495
msgstr ""
1454
1496
1455
#: serverguide/C/windows-networking.xml:1326(para)
1497
#: serverguide/C/windows-networking.xml:1319(para)
1456
1498
msgid ""
1457
1499
"The main executable file of the <application>likewise-open</application> "
1458
1500
"package is <filename>/usr/bin/domainjoin-cli</filename>, which is used to "
1460
1502
"make sure you have:"
1461
1503
msgstr ""
1462
1504
1463
#: serverguide/C/windows-networking.xml:1334(para)
1505
#: serverguide/C/windows-networking.xml:1327(para)
1464
1506
msgid ""
1465
1507
"Access to an Active Directory user with appropriate rights to join the "
1466
1508
"domain."
1467
1509
msgstr ""
1468
1510
1469
#: serverguide/C/windows-networking.xml:1339(para)
1511
#: serverguide/C/windows-networking.xml:1332(para)
1470
1512
msgid ""
1471
1513
"The <emphasis>Fully Qualified Domain Name</emphasis> (FQDN) of the domain "
1472
1514
"you want to join. If your AD domain does not match a valid domain such as "
1474
1516
"the form of <emphasis>domainname.local</emphasis>."
1475
1517
msgstr ""
1476
1518
1477
#: serverguide/C/windows-networking.xml:1346(para)
1519
#: serverguide/C/windows-networking.xml:1339(para)
1478
1520
msgid ""
1479
1521
"DNS for the domain setup properly. In a production AD environment this "
1480
1522
"should be the case. Proper Microsoft DNS is needed so that client "
1481
1523
"workstations can determine the Active Directory domain is available."
1482
1524
msgstr ""
1483
1525
1484
#: serverguide/C/windows-networking.xml:1350(para)
1526
#: serverguide/C/windows-networking.xml:1343(para)
1485
1527
msgid ""
1486
1528
"If you don't have a Windows DNS server on your network, see <xref "
1487
1529
"linkend=\"likewise-open-ms-dns\"/> for details."
1488
1530
msgstr ""
1489
1531
1490
#: serverguide/C/windows-networking.xml:1357(para)
1532
#: serverguide/C/windows-networking.xml:1350(para)
1491
1533
msgid "To join a domain, from a terminal prompt enter:"
1492
1534
msgstr ""
1493
1535
1494
#: serverguide/C/windows-networking.xml:1362(command)
1536
#: serverguide/C/windows-networking.xml:1355(command)
1495
1537
msgid "sudo domainjoin-cli join example.com Administrator"
1496
1538
msgstr ""
1497
1539
1498
#: serverguide/C/windows-networking.xml:1366(para)
1540
#: serverguide/C/windows-networking.xml:1359(para)
1499
1541
msgid ""
1500
1542
"Replace <emphasis>example.com</emphasis> with your domain name, and "
1501
1543
"<emphasis>Administrator</emphasis> with the appropriate user name."
1502
1544
msgstr ""
1503
1545
1504
#: serverguide/C/windows-networking.xml:1372(para)
1546
#: serverguide/C/windows-networking.xml:1365(para)
1505
1547
msgid ""
1506
1548
"You will then be prompted for the user's password. If all goes well a "
1507
1549
"<emphasis>SUCCESS</emphasis> message should be printed to the console."
1508
1550
msgstr ""
1509
1551
1552
#: serverguide/C/windows-networking.xml:1371(para)
1553
msgid ""
1554
"After joining the domain, it is necessary to reboot before attempting to "
1555
"authenticate against the domain."
1556
msgstr ""
1557
1510
1558
#: serverguide/C/windows-networking.xml:1377(para)
1511
1559
msgid ""
1512
1560
"After successfully joining an Ubuntu machine to an Active Directory domain "
1598
1646
msgid "Please refer to each utility's man page specific for details."
1599
1647
msgstr ""
1600
1648
1601
#: serverguide/C/windows-networking.xml:1460(title) serverguide/C/mail.xml:155(title) serverguide/C/mail.xml:1361(title) serverguide/C/dns.xml:338(title)
1649
#: serverguide/C/windows-networking.xml:1460(title) serverguide/C/mail.xml:336(title) serverguide/C/mail.xml:1563(title) serverguide/C/dns.xml:338(title)
1602
1650
msgid "Troubleshooting"
1603
1651
msgstr ""
1604
1652
1781
1829
"Next, configure the Server to use itself for DNS queries: <placeholder-1/>"
1782
1830
msgstr ""
1783
1831
1784
#: serverguide/C/windows-networking.xml:1582(title) serverguide/C/web-servers.xml:624(title) serverguide/C/web-servers.xml:766(title) serverguide/C/web-servers.xml:910(title) serverguide/C/web-servers.xml:1002(title) serverguide/C/web-servers.xml:1218(title) serverguide/C/virtualization.xml:1303(title) serverguide/C/virtualization.xml:1492(title) serverguide/C/vcs.xml:534(title) serverguide/C/security.xml:935(title) serverguide/C/security.xml:1264(title) serverguide/C/security.xml:1679(title) serverguide/C/security.xml:1870(title) serverguide/C/remote-administration.xml:203(title) serverguide/C/package-management.xml:432(title) serverguide/C/other-apps.xml:379(title) serverguide/C/network-config.xml:694(title) serverguide/C/mail.xml:263(title) serverguide/C/mail.xml:444(title) serverguide/C/mail.xml:591(title) serverguide/C/mail.xml:999(title) serverguide/C/mail.xml:1409(title) serverguide/C/lamp-applications.xml:252(title) serverguide/C/lamp-applications.xml:330(title) serverguide/C/lamp-applications.xml:432(title) serverguide/C/file-server.xml:284(title) serverguide/C/file-server.xml:431(title) serverguide/C/file-server.xml:592(title) serverguide/C/dns.xml:572(title) serverguide/C/clustering.xml:227(title) serverguide/C/backups.xml:297(title)
1832
#: serverguide/C/windows-networking.xml:1582(title) serverguide/C/web-servers.xml:624(title) serverguide/C/web-servers.xml:766(title) serverguide/C/web-servers.xml:910(title) serverguide/C/web-servers.xml:1002(title) serverguide/C/web-servers.xml:1218(title) serverguide/C/vpn.xml:291(title) serverguide/C/virtualization.xml:1303(title) serverguide/C/virtualization.xml:1492(title) serverguide/C/vcs.xml:536(title) serverguide/C/security.xml:935(title) serverguide/C/security.xml:1264(title) serverguide/C/security.xml:1679(title) serverguide/C/security.xml:1870(title) serverguide/C/remote-administration.xml:203(title) serverguide/C/package-management.xml:432(title) serverguide/C/other-apps.xml:381(title) serverguide/C/network-config.xml:672(title) serverguide/C/monitoring.xml:391(title) serverguide/C/monitoring.xml:522(title) serverguide/C/mail.xml:444(title) serverguide/C/mail.xml:625(title) serverguide/C/mail.xml:772(title) serverguide/C/mail.xml:1189(title) serverguide/C/mail.xml:1611(title) serverguide/C/lamp-applications.xml:259(title) serverguide/C/lamp-applications.xml:369(title) serverguide/C/lamp-applications.xml:471(title) serverguide/C/file-server.xml:284(title) serverguide/C/file-server.xml:431(title) serverguide/C/file-server.xml:611(title) serverguide/C/dns.xml:572(title) serverguide/C/clustering.xml:234(title) serverguide/C/chat.xml:107(title) serverguide/C/chat.xml:216(title) serverguide/C/backups.xml:297(title)
1785
1833
msgid "References"
1786
1834
msgstr ""
1787
1835
2091
2139
msgid "sudo a2ensite mynewsite"
2092
2140
msgstr ""
2093
2141
2094
#: serverguide/C/web-servers.xml:267(command) serverguide/C/web-servers.xml:285(command) serverguide/C/web-servers.xml:538(command) serverguide/C/web-servers.xml:547(command) serverguide/C/web-servers.xml:606(command) serverguide/C/mail.xml:723(command) serverguide/C/lamp-applications.xml:221(command)
2142
#: serverguide/C/web-servers.xml:267(command) serverguide/C/web-servers.xml:285(command) serverguide/C/web-servers.xml:538(command) serverguide/C/web-servers.xml:547(command) serverguide/C/web-servers.xml:606(command) serverguide/C/mail.xml:904(command) serverguide/C/lamp-applications.xml:228(command)
2095
2143
msgid "sudo /etc/init.d/apache2 restart"
2096
2144
msgstr ""
2097
2145
2578
2626
"<screen><command>sudo /etc/init.d/apache2 restart</command> </screen>"
2579
2627
msgstr ""
2580
2628
2581
#: serverguide/C/web-servers.xml:747(title) serverguide/C/mail.xml:124(title) serverguide/C/mail.xml:1332(title) serverguide/C/dns.xml:343(title) serverguide/C/clustering.xml:177(title)
2629
#: serverguide/C/web-servers.xml:747(title) serverguide/C/mail.xml:305(title) serverguide/C/mail.xml:1534(title) serverguide/C/dns.xml:343(title) serverguide/C/clustering.xml:184(title)
2582
2630
msgid "Testing"
2583
2631
msgstr ""
2584
2632
2592
2640
msgid ""
2593
2641
"\n"
2594
2642
"<?php\n"
2595
"print_r (phpinfo());\n"
2643
" phpinfo();\n"
2596
2644
"?>\n"
2597
2645
msgstr ""
2598
2646
3250
3298
"page."
3251
3299
msgstr ""
3252
3300
3301
#: serverguide/C/vpn.xml:13(title)
3302
msgid "VPN"
3303
msgstr ""
3304
3305
#: serverguide/C/vpn.xml:15(para)
3306
msgid ""
3307
"A Virtual Private Network, or <emphasis>VPN</emphasis>, is an encrypted "
3308
"network connection between two or more networks. There are several ways to "
3309
"create a VPN using software as well as dedicated hardware appliances. This "
3310
"chapter will cover installing and configuring "
3311
"<application>OpenVPN</application> to create a VPN between two servers."
3312
msgstr ""
3313
3314
#: serverguide/C/vpn.xml:23(title)
3315
msgid "OpenVPN"
3316
msgstr ""
3317
3318
#: serverguide/C/vpn.xml:25(para)
3319
msgid ""
3320
"OpenVPN uses Public Key Infrastructure (PKI) to encrypt VPN traffic between "
3321
"nodes. A simple way of setting up a VPN with OpenVPN is to connect the "
3322
"clients through a bridge interface on the VPN server. This guide will assume "
3323
"that one VPN node, the server in this case, has a bridge interface "
3324
"configured. For more information on setting up a bridge see <xref "
3325
"linkend=\"bridging\"/>."
3326
msgstr ""
3327
3328
#: serverguide/C/vpn.xml:35(para)
3329
msgid "To install <application>openvpn</application> in a terminal enter:"
3330
msgstr ""
3331
3332
#: serverguide/C/vpn.xml:41(command)
3333
msgid "sudo apt-get install openvpn"
3334
msgstr ""
3335
3336
#: serverguide/C/vpn.xml:45(title)
3337
msgid "Server Certificates"
3338
msgstr ""
3339
3340
#: serverguide/C/vpn.xml:47(para)
3341
msgid ""
3342
"Now that the <application>openvpn</application> package is installed, the "
3343
"certificates for the VPN server need to be created."
3344
msgstr ""
3345
3346
#: serverguide/C/vpn.xml:52(para)
3347
msgid ""
3348
"First, copy the <filename>easy-rsa</filename> directory to "
3349
"<filename>/etc/openvpn</filename>. This will ensure that any changes to the "
3350
"scripts will not be lost when the package is updated. From a terminal enter:"
3351
msgstr ""
3352
3353
#: serverguide/C/vpn.xml:58(command)
3354
msgid "sudo mkdir /etc/openvpn/easy-rsa/"
3355
msgstr ""
3356
3357
#: serverguide/C/vpn.xml:59(command)
3358
msgid ""
3359
"sudo cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/"
3360
msgstr ""
3361
3362
#: serverguide/C/vpn.xml:62(para)
3363
msgid ""
3364
"Next, edit <filename>/etc/openvpn/easy-rsa/vars</filename> adjusting the "
3365
"following to your environment:"
3366
msgstr ""
3367
3368
#: serverguide/C/vpn.xml:66(programlisting)
3369
#, no-wrap
3370
msgid ""
3371
"\n"
3372
"export KEY_COUNTRY=\"US\"\n"
3373
"export KEY_PROVINCE=\"NC\"\n"
3374
"export KEY_CITY=\"Winston-Salem\"\n"
3375
"export KEY_ORG=\"Example Company\"\n"
3376
"export KEY_EMAIL=\"steve@example.com\"\n"
3377
msgstr ""
3378
3379
#: serverguide/C/vpn.xml:74(para)
3380
msgid "Enter the following to create the server certificates:"
3381
msgstr ""
3382
3383
#: serverguide/C/vpn.xml:79(command)
3384
msgid "cd /etc/openvpn/easy-rsa/easy-rsa"
3385
msgstr ""
3386
3387
#: serverguide/C/vpn.xml:80(command) serverguide/C/vpn.xml:101(command)
3388
msgid "source vars"
3389
msgstr ""
3390
3391
#: serverguide/C/vpn.xml:81(command)
3392
msgid "./clean-all"
3393
msgstr ""
3394
3395
#: serverguide/C/vpn.xml:82(command)
3396
msgid "./build-dh"
3397
msgstr ""
3398
3399
#: serverguide/C/vpn.xml:83(command)
3400
msgid "./pkitool --initca"
3401
msgstr ""
3402
3403
#: serverguide/C/vpn.xml:84(command)
3404
msgid "./pkitool --server server"
3405
msgstr ""
3406
3407
#: serverguide/C/vpn.xml:85(command)
3408
msgid "cd keys"
3409
msgstr ""
3410
3411
#: serverguide/C/vpn.xml:86(command)
3412
msgid "openvpn --genkey --secret ta.key"
3413
msgstr ""
3414
3415
#: serverguide/C/vpn.xml:87(command)
3416
msgid "sudo cp server.crt server.key ca.crt dh1024.pem ta.key /etc/openvpn/"
3417
msgstr ""
3418
3419
#: serverguide/C/vpn.xml:92(title)
3420
msgid "Client Certificates"
3421
msgstr ""
3422
3423
#: serverguide/C/vpn.xml:94(para)
3424
msgid ""
3425
"The VPN client will also need a certificate to authenticate itself to the "
3426
"server. To create the certificate, enter the following in a terminal:"
3427
msgstr ""
3428
3429
#: serverguide/C/vpn.xml:100(command)
3430
msgid "cd /etc/openvpn/easy-rsa/"
3431
msgstr ""
3432
3433
#: serverguide/C/vpn.xml:102(command)
3434
msgid "./pkitool hostname"
3435
msgstr ""
3436
3437
#: serverguide/C/vpn.xml:106(para)
3438
msgid ""
3439
"Replace <emphasis>hostname</emphasis> with the actual hostname of the "
3440
"machine connecting to the VPN."
3441
msgstr ""
3442
3443
#: serverguide/C/vpn.xml:111(para)
3444
msgid "Copy the following files to the client:"
3445
msgstr ""
3446
3447
#: serverguide/C/vpn.xml:116(para)
3448
msgid "/etc/openvpn/easy-rsa/hostname.ovpn"
3449
msgstr ""
3450
3451
#: serverguide/C/vpn.xml:117(para)
3452
msgid "/etc/openvpn/easy-rsa/ca.crt"
3453
msgstr ""
3454
3455
#: serverguide/C/vpn.xml:118(para)
3456
msgid "/etc/openvpn/easy-rsa/hostname.crt"
3457
msgstr ""
3458
3459
#: serverguide/C/vpn.xml:119(para)
3460
msgid "/etc/openvpn/easy-rsa/hostname.key"
3461
msgstr ""
3462
3463
#: serverguide/C/vpn.xml:120(para)
3464
msgid "/etc/openvpn/easy-rsa/ta.key"
3465
msgstr ""
3466
3467
#: serverguide/C/vpn.xml:124(para)
3468
msgid ""
3469
"Remember to adjust the above file names for your client machine's "
3470
"<emphasis>hostname</emphasis>."
3471
msgstr ""
3472
3473
#: serverguide/C/vpn.xml:129(para)
3474
msgid ""
3475
"It is best to use a secure method to copy the certificate and key files. The "
3476
"<application>scp</application> utility is a good choice, but copying the "
3477
"files to removable media then to the client, also works well."
3478
msgstr ""
3479
3480
#: serverguide/C/vpn.xml:140(title) serverguide/C/vcs.xml:107(title)
3481
msgid "Server Configuration"
3482
msgstr ""
3483
3484
#: serverguide/C/vpn.xml:142(para)
3485
msgid ""
3486
"Now configure the <application>openvpn</application> server by creating "
3487
"<filename>/etc/openvpn/server.conf</filename> from the example file. In a "
3488
"terminal enter:"
3489
msgstr ""
3490
3491
#: serverguide/C/vpn.xml:148(command)
3492
msgid ""
3493
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz "
3494
"/etc/openvpn/"
3495
msgstr ""
3496
3497
#: serverguide/C/vpn.xml:149(command)
3498
msgid "sudo gzip -d /etc/openvpn/server.conf.gz"
3499
msgstr ""
3500
3501
#: serverguide/C/vpn.xml:152(para)
3502
msgid ""
3503
"Edit <filename>etc/openvpn/server.conf</filename> changing the following "
3504
"options to:"
3505
msgstr ""
3506
3507
#: serverguide/C/vpn.xml:156(programlisting)
3508
#, no-wrap
3509
msgid ""
3510
"\n"
3511
"local 172.18.100.101\n"
3512
"dev tap0\n"
3513
"server-bridge 172.18.100.101 255.255.255.0 172.18.100.105 172.18.100.200\n"
3514
"push \"route 172.18.100.1 255.255.255.0\"\n"
3515
"push \"dhcp-option DNS 172.18.100.20\"\n"
3516
"push \"dhcp-option DOMAIN example.com\"\n"
3517
"tls-auth ta.key 0 # This file is secret\n"
3518
"user nobody\n"
3519
"group nogroup\n"
3520
msgstr ""
3521
3522
#: serverguide/C/vpn.xml:170(para)
3523
msgid ""
3524
"<emphasis>local</emphasis>: is the IP address of the bridge interface."
3525
msgstr ""
3526
3527
#: serverguide/C/vpn.xml:175(para)
3528
msgid ""
3529
"<emphasis>server-bridge</emphasis>: needed when the configuration uses "
3530
"bridging. The <emphasis>172.18.100.101 255.255.255.0</emphasis> portion is "
3531
"the bridge interface and mask. The IP range <emphasis>172.18.100.105 "
3532
"172.18.100.200</emphasis> is the range of IP addresses that will be assigned "
3533
"to clients."
3534
msgstr ""
3535
3536
#: serverguide/C/vpn.xml:182(para)
3537
msgid ""
3538
"<emphasis>push</emphasis>: are directives to add networking options for "
3539
"clients."
3540
msgstr ""
3541
3542
#: serverguide/C/vpn.xml:187(para)
3543
msgid ""
3544
"<emphasis>user and group</emphasis>: configure which user and group the "
3545
"<application>openvpn</application> daemon executes as."
3546
msgstr ""
3547
3548
#: serverguide/C/vpn.xml:194(para)
3549
msgid ""
3550
"Replace all IP addresses and domain names above with those of your network."
3551
msgstr ""
3552
3553
#: serverguide/C/vpn.xml:199(para)
3554
msgid ""
3555
"Next, create a couple of helper scripts to add the <emphasis>tap</emphasis> "
3556
"interface to the bridge. Create <filename>/etc/openvpn/up.sh</filename>:"
3557
msgstr ""
3558
3559
#: serverguide/C/vpn.xml:203(programlisting)
3560
#, no-wrap
3561
msgid ""
3562
"\n"
3563
"#!/bin/sh\n"
3564
"\n"
3565
"BR=$1\n"
3566
"DEV=$2\n"
3567
"MTU=$3\n"
3568
"/sbin/ifconfig $DEV mtu $MTU promisc up\n"
3569
"/usr/sbin/brctl addif $BR $DEV\n"
3570
msgstr ""
3571
3572
#: serverguide/C/vpn.xml:213(para)
3573
msgid "And <filename>/etc/openvpn/down.sh</filename>:"
3574
msgstr ""
3575
3576
#: serverguide/C/vpn.xml:217(programlisting)
3577
#, no-wrap
3578
msgid ""
3579
"\n"
3580
"#!/bin/sh\n"
3581
"\n"
3582
"BR=$1\n"
3583
"DEV=$2\n"
3584
"\n"
3585
"/usr/sbin/brctl delif $BR $DEV\n"
3586
"/sbin/ifconfig $DEV down\n"
3587
msgstr ""
3588
3589
#: serverguide/C/vpn.xml:227(para)
3590
msgid "Then make them executable:"
3591
msgstr ""
3592
3593
#: serverguide/C/vpn.xml:232(command)
3594
msgid "sudo chmod 755 /etc/openvpn/down.sh"
3595
msgstr ""
3596
3597
#: serverguide/C/vpn.xml:233(command)
3598
msgid "sudo chmod 755 /etc/openvpn/up.sh"
3599
msgstr ""
3600
3601
#: serverguide/C/vpn.xml:236(para)
3602
msgid ""
3603
"After configuring the server, restart <application>openvpn</application> by "
3604
"entering:"
3605
msgstr ""
3606
3607
#: serverguide/C/vpn.xml:241(command) serverguide/C/vpn.xml:281(command)
3608
msgid "sudo /etc/init.d/openvpn restart"
3609
msgstr ""
3610
3611
#: serverguide/C/vpn.xml:246(title)
3612
msgid "Client Configuration"
3613
msgstr ""
3614
3615
#: serverguide/C/vpn.xml:248(para)
3616
msgid ""
3617
"With the server configured and the client certificates copied over, create a "
3618
"client configuration file by copying the example. In a terminal on the "
3619
"client machine enter:"
3620
msgstr ""
3621
3622
#: serverguide/C/vpn.xml:254(command)
3623
msgid ""
3624
"sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf "
3625
"/etc/openvpn"
3626
msgstr ""
3627
3628
#: serverguide/C/vpn.xml:257(para)
3629
msgid ""
3630
"Now edit <filename>/etc/openvpn/client.conf</filename> changing the "
3631
"following options:"
3632
msgstr ""
3633
3634
#: serverguide/C/vpn.xml:261(programlisting)
3635
#, no-wrap
3636
msgid ""
3637
"\n"
3638
"dev tap\n"
3639
"remote vpn.example.com 1194\n"
3640
"cert hostname.crt\n"
3641
"key hostname.key\n"
3642
"tls-auth ta.key 1\n"
3643
msgstr ""
3644
3645
#: serverguide/C/vpn.xml:270(para)
3646
msgid ""
3647
"Replace <emphasis>vpn.example.com</emphasis> with the hostname of your VPN "
3648
"server, and <emphasis>hostname.*</emphasis> with the actual certificate and "
3649
"key filenames."
3650
msgstr ""
3651
3652
#: serverguide/C/vpn.xml:276(para)
3653
msgid "Finally, restart <application>openvpn</application>:"
3654
msgstr ""
3655
3656
#: serverguide/C/vpn.xml:284(para)
3657
msgid "You should now be able to connect to the remote LAN through the VPN."
3658
msgstr ""
3659
3660
#: serverguide/C/vpn.xml:295(para)
3661
msgid ""
3662
"See the <ulink url=\"http://openvpn.net/\">OpenVPN</ulink> website for "
3663
"additional information."
3664
msgstr ""
3665
3666
#: serverguide/C/vpn.xml:300(para)
3667
msgid ""
3668
"Also, Pakt's <ulink url=\"http://www.packtpub.com/openvpn/book\">OpenVPN: "
3669
"Building and Integrating Virtual Private Networks</ulink> is a good resource."
3670
msgstr ""
3671
3253
3672
#: serverguide/C/virtualization.xml:13(title)
3254
3673
msgid "Virtualization"
3255
3674
msgstr ""
3376
3795
msgid ""
3377
3796
"There are several ways to automate the Ubuntu installation process, for "
3378
3797
"example using preseeds, kickstart, etc. Refer to the <ulink "
3379
"url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu Installation "
3798
"url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
3380
3799
"Guide</ulink> for details."
3381
3800
msgstr ""
3382
3801
3742
4161
"technology in Ubuntu."
3743
4162
msgstr ""
3744
4163
3745
#: serverguide/C/virtualization.xml:394(title) serverguide/C/jeos.xml:13(title)
4164
#: serverguide/C/virtualization.xml:394(title)
3746
4165
msgid "JeOS and vmbuilder"
3747
4166
msgstr ""
3748
4167
3749
#: serverguide/C/virtualization.xml:400(title) serverguide/C/jeos.xml:19(title)
4168
#: serverguide/C/virtualization.xml:400(title)
3750
4169
msgid "What is JeOS"
3751
4170
msgstr ""
3752
4171
3753
#: serverguide/C/virtualization.xml:402(para) serverguide/C/jeos.xml:21(para)
4172
#: serverguide/C/virtualization.xml:402(para)
3754
4173
msgid ""
3755
4174
"Ubuntu <emphasis>JeOS</emphasis> (pronounced \"Juice\") is an efficient "
3756
4175
"variant of the Ubuntu Server operating system, configured specifically for "
3765
4184
"installation\", which is the package selection equivalent to JeOS)."
3766
4185
msgstr ""
3767
4186
3768
#: serverguide/C/virtualization.xml:415(para) serverguide/C/jeos.xml:34(para)
4187
#: serverguide/C/virtualization.xml:415(para)
3769
4188
msgid "Or to be built using Ubuntu's vmbuilder, which is described here."
3770
4189
msgstr ""
3771
4190
3772
#: serverguide/C/virtualization.xml:421(para) serverguide/C/jeos.xml:40(para)
4191
#: serverguide/C/virtualization.xml:421(para)
3773
4192
msgid ""
3774
4193
"JeOS is a specialized installation of Ubuntu Server Edition with a tuned "
3775
4194
"kernel that only contains the base elements needed to run within a "
3776
4195
"virtualized environment."
3777
4196
msgstr ""
3778
4197
3779
#: serverguide/C/virtualization.xml:426(para) serverguide/C/jeos.xml:45(para)
4198
#: serverguide/C/virtualization.xml:426(para)
3780
4199
msgid ""
3781
4200
"Ubuntu JeOS has been tuned to take advantage of key performance technologies "
3782
4201
"in the latest virtualization products from VMware. This combination of "
3785
4204
"deployments."
3786
4205
msgstr ""
3787
4206
3788
#: serverguide/C/virtualization.xml:432(para) serverguide/C/jeos.xml:51(para)
4207
#: serverguide/C/virtualization.xml:432(para)
3789
4208
msgid ""
3790
4209
"Without unnecessary drivers, and only the minimal required packages, ISVs "
3791
4210
"can configure their supporting OS exactly as they require. They have the "
3796
4215
"than they would have had to with a standard full installation of a server."
3797
4216
msgstr ""
3798
4217
3799
#: serverguide/C/virtualization.xml:441(title) serverguide/C/jeos.xml:60(title)
4218
#: serverguide/C/virtualization.xml:441(title)
3800
4219
msgid "What is vmbuilder"
3801
4220
msgstr ""
3802
4221
3803
#: serverguide/C/virtualization.xml:443(para) serverguide/C/jeos.xml:62(para)
4222
#: serverguide/C/virtualization.xml:443(para)
3804
4223
msgid ""
3805
4224
"With vmbuilder, there is no need to download a JeOS ISO anymore. vmbuilder "
3806
4225
"will fetch the various package and build a virtual machine tailored for our "
3809
4228
"hypervisors are KVM and Xen."
3810
4229
msgstr ""
3811
4230
3812
#: serverguide/C/virtualization.xml:449(para) serverguide/C/jeos.xml:68(para)
4231
#: serverguide/C/virtualization.xml:449(para)
3813
4232
msgid ""
3814
4233
"You can pass command line options to add extra packages, remove packages, "
3815
4234
"choose which version of Ubuntu, which mirror etc. On recent hardware with "
3817
4236
"a local mirror, you can bootstrap a VM in less than a minute."
3818
4237
msgstr ""
3819
4238
3820
#: serverguide/C/virtualization.xml:455(para) serverguide/C/jeos.xml:74(para)
4239
#: serverguide/C/virtualization.xml:455(para)
3821
4240
msgid ""
3822
4241
"First introduced as a shell script in Ubuntu 8.04LTS, <application>ubuntu-vm-"
3823
4242
"builder</application> started with little emphasis as a hack to help "
3829
4248
"scratch for Intrepid as a python script with a few new design goals:"
3830
4249
msgstr ""
3831
4250
3832
#: serverguide/C/virtualization.xml:465(para) serverguide/C/jeos.xml:84(para)
4251
#: serverguide/C/virtualization.xml:465(para)
3833
4252
msgid "Develop it so that it can be reused by other distributions."
3834
4253
msgstr ""
3835
4254
3836
#: serverguide/C/virtualization.xml:470(para) serverguide/C/jeos.xml:89(para)
4255
#: serverguide/C/virtualization.xml:470(para)
3837
4256
msgid ""
3838
4257
"Use a plugin mechanisms for all virtualization interactions so that others "
3839
4258
"can easily add logic for other virtualization environments."
3840
4259
msgstr ""
3841
4260
3842
#: serverguide/C/virtualization.xml:475(para) serverguide/C/jeos.xml:94(para)
4261
#: serverguide/C/virtualization.xml:475(para)
3843
4262
msgid ""
3844
4263
"Provide an easy to maintain web interface as an option to the command line "
3845
4264
"interface."
3846
4265
msgstr ""
3847
4266
3848
#: serverguide/C/virtualization.xml:481(para) serverguide/C/jeos.xml:100(para)
4267
#: serverguide/C/virtualization.xml:481(para)
3849
4268
msgid "But the general principles and commands remain the same."
3850
4269
msgstr ""
3851
4270
3852
#: serverguide/C/virtualization.xml:488(title) serverguide/C/jeos.xml:107(title)
4271
#: serverguide/C/virtualization.xml:488(title)
3853
4272
msgid "Initial Setup"
3854
4273
msgstr ""
3855
4274
3856
#: serverguide/C/virtualization.xml:490(para) serverguide/C/jeos.xml:109(para)
4275
#: serverguide/C/virtualization.xml:490(para)
3857
4276
msgid ""
3858
4277
"It is assumed that you have installed and configured "
3859
4278
"<application>libvirt</application> and <application>KVM</application> "
3861
4280
"please refer to:"
3862
4281
msgstr ""
3863
4282
3864
#: serverguide/C/virtualization.xml:502(para) serverguide/C/jeos.xml:121(para)
4283
#: serverguide/C/virtualization.xml:502(para)
3865
4284
msgid ""
3866
4285
"The <ulink url=\"https://help.ubuntu.com/community/KVM\">KVM</ulink> Wiki "
3867
4286
"page."
3868
4287
msgstr ""
3869
4288
3870
#: serverguide/C/virtualization.xml:508(para) serverguide/C/jeos.xml:127(para)
4289
#: serverguide/C/virtualization.xml:508(para)
3871
4290
msgid ""
3872
4291
"We also assume that you know how to use a text based text editor such as "
3873
4292
"nano or vi. If you have not used any of them before, you can get an overview "
3877
4296
"principle should remain on other virtualization technologies."
3878
4297
msgstr ""
3879
4298
3880
#: serverguide/C/virtualization.xml:516(title) serverguide/C/jeos.xml:135(title)
4299
#: serverguide/C/virtualization.xml:516(title)
3881
4300
msgid "Install vmbuilder"
3882
4301
msgstr ""
3883
4302
3884
#: serverguide/C/virtualization.xml:518(para) serverguide/C/jeos.xml:137(para)
4303
#: serverguide/C/virtualization.xml:518(para)
3885
4304
msgid ""
3886
4305
"The name of the package that we need to install is <application>python-vm-"
3887
4306
"builder</application>. In a terminal prompt enter:"
3888
4307
msgstr ""
3889
4308
3890
#: serverguide/C/virtualization.xml:523(command) serverguide/C/jeos.xml:142(command)
4309
#: serverguide/C/virtualization.xml:523(command)
3891
4310
msgid "sudo apt-get install python-vm-builder"
3892
4311
msgstr ""
3893
4312
3894
#: serverguide/C/virtualization.xml:527(para) serverguide/C/jeos.xml:146(para)
4313
#: serverguide/C/virtualization.xml:527(para)
3895
4314
msgid ""
3896
4315
"If you are running Hardy, you can still perform most of this using the older "
3897
4316
"version of the package named <application>ubuntu-vm-builder</application>, "
3898
4317
"there are only a few changes to the syntax of the tool."
3899
4318
msgstr ""
3900
4319
3901
#: serverguide/C/virtualization.xml:536(title) serverguide/C/jeos.xml:155(title)
4320
#: serverguide/C/virtualization.xml:536(title)
3902
4321
msgid "Defining Your Virtual Machine"
3903
4322
msgstr ""
3904
4323
3905
#: serverguide/C/virtualization.xml:538(para) serverguide/C/jeos.xml:157(para)
4324
#: serverguide/C/virtualization.xml:538(para)
3906
4325
msgid ""
3907
4326
"Defining a virtual machine with Ubuntu's vmbuilder is quite simple, but here "
3908
4327
"are a few thing to consider:"
3909
4328
msgstr ""
3910
4329
3911
#: serverguide/C/virtualization.xml:544(para) serverguide/C/jeos.xml:163(para)
4330
#: serverguide/C/virtualization.xml:544(para)
3912
4331
msgid ""
3913
4332
"If you plan on shipping a virtual appliance, do not assume that the end-user "
3914
4333
"will know how to extend disk size to fit their need, so either plan for a "
3917
4336
"a good idea to store data on some separate external storage."
3918
4337
msgstr ""
3919
4338
3920
#: serverguide/C/virtualization.xml:551(para) serverguide/C/jeos.xml:170(para)
4339
#: serverguide/C/virtualization.xml:551(para)
3921
4340
msgid ""
3922
4341
"Given that RAM is much easier to allocate in a VM, RAM size should be set to "
3923
4342
"whatever you think is a safe minimum for your appliance."
3924
4343
msgstr ""
3925
4344
3926
#: serverguide/C/virtualization.xml:557(para) serverguide/C/jeos.xml:176(para)
4345
#: serverguide/C/virtualization.xml:557(para)
3927
4346
msgid ""
3928
4347
"The <application>vmbuilder</application> command has 2 main parameters: the "
3929
4348
"<emphasis>virtualization technology (hypervisor)</emphasis> and the targeted "
3931
4350
"and can be found using the following command:"
3932
4351
msgstr ""
3933
4352
3934
#: serverguide/C/virtualization.xml:563(command) serverguide/C/jeos.xml:182(command)
4353
#: serverguide/C/virtualization.xml:563(command)
3935
4354
msgid "vmbuilder --help"
3936
4355
msgstr ""
3937
4356
3938
#: serverguide/C/virtualization.xml:567(title) serverguide/C/jeos.xml:186(title)
4357
#: serverguide/C/virtualization.xml:567(title)
3939
4358
msgid "Base Parameters"
3940
4359
msgstr ""
3941
4360
3942
#: serverguide/C/virtualization.xml:569(para) serverguide/C/jeos.xml:188(para)
4361
#: serverguide/C/virtualization.xml:569(para)
3943
4362
msgid ""
3944
"As this example is based on <application>KVM</application> and Ubuntu 9.04 "
3945
"(Jaunty Jackalope), and we are likely to rebuild the same virtual machine "
4363
"As this example is based on <application>KVM</application> and Ubuntu 9.10 "
4364
"(Karmic Koala), and we are likely to rebuild the same virtual machine "
3946
4365
"multiple time, we'll invoke vmbuilder with the following first parameters:"
3947
4366
msgstr ""
3948
4367
3949
#: serverguide/C/virtualization.xml:575(command) serverguide/C/jeos.xml:194(command)
4368
#: serverguide/C/virtualization.xml:575(command)
3950
4369
msgid ""
3951
"sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
4370
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
3952
4371
"libvirt qemu:///system"
3953
4372
msgstr ""
3954
4373
3955
#: serverguide/C/virtualization.xml:578(para) serverguide/C/jeos.xml:197(para)
4374
#: serverguide/C/virtualization.xml:578(para)
3956
4375
msgid ""
3957
4376
"The <emphasis>--suite</emphasis> defines the Ubuntu release, the <emphasis>--"
3958
4377
"flavour</emphasis> specifies that we want to use the virtual kernel (that's "
3963
4382
"add the resulting VM to the list of available machines."
3964
4383
msgstr ""
3965
4384
3966
#: serverguide/C/virtualization.xml:586(para) serverguide/C/jeos.xml:205(para)
4385
#: serverguide/C/virtualization.xml:586(para)
3967
4386
msgid "Notes:"
3968
4387
msgstr ""
3969
4388
3973
4392
"root privilege, hence the use of sudo."
3974
4393
msgstr ""
3975
4394
3976
#: serverguide/C/virtualization.xml:597(para) serverguide/C/jeos.xml:216(para)
4395
#: serverguide/C/virtualization.xml:597(para)
3977
4396
msgid ""
3978
4397
"If your virtual machine needs to use more than 3Gb of ram, you should build "
3979
4398
"a 64 bit machine (--arch amd64)."
3980
4399
msgstr ""
3981
4400
3982
#: serverguide/C/virtualization.xml:602(para) serverguide/C/jeos.xml:221(para)
4401
#: serverguide/C/virtualization.xml:602(para)
3983
4402
msgid ""
3984
4403
"Until Ubuntu 8.10, the virtual kernel was only built for 32 bit "
3985
4404
"architecture, so if you want to define an amd64 machine on Hardy, you should "
3986
4405
"use <emphasis>--flavour</emphasis> server instead."
3987
4406
msgstr ""
3988
4407
3989
#: serverguide/C/virtualization.xml:610(title) serverguide/C/jeos.xml:229(title)
4408
#: serverguide/C/virtualization.xml:610(title)
3990
4409
msgid "JeOS Installation Parameters"
3991
4410
msgstr ""
3992
4411
3993
#: serverguide/C/virtualization.xml:613(title) serverguide/C/jeos.xml:232(title)
4412
#: serverguide/C/virtualization.xml:613(title)
3994
4413
msgid "JeOS Networking"
3995
4414
msgstr ""
3996
4415
3997
#: serverguide/C/virtualization.xml:616(title) serverguide/C/jeos.xml:235(title)
4416
#: serverguide/C/virtualization.xml:616(title)
3998
4417
msgid "Assigning a fixed IP address"
3999
4418
msgstr ""
4000
4419
4001
#: serverguide/C/virtualization.xml:618(para) serverguide/C/jeos.xml:237(para)
4420
#: serverguide/C/virtualization.xml:618(para)
4002
4421
msgid ""
4003
4422
"As a virtual appliance that may be deployed on various very different "
4004
4423
"networks, it is very difficult to know what the actual network will look "
4009
4428
"192.168.0.0/255 is usually a good choice."
4010
4429
msgstr ""
4011
4430
4012
#: serverguide/C/virtualization.xml:625(para) serverguide/C/jeos.xml:244(para)
4431
#: serverguide/C/virtualization.xml:625(para)
4013
4432
msgid "To do this we'll use the following parameters:"
4014
4433
msgstr ""
4015
4434
4016
#: serverguide/C/virtualization.xml:631(para) serverguide/C/jeos.xml:250(para)
4435
#: serverguide/C/virtualization.xml:631(para)
4017
4436
msgid ""
4018
4437
"<emphasis>--ip ADDRESS</emphasis>: IP address in dotted form (defaults to "
4019
4438
"dhcp if not specified)"
4020
4439
msgstr ""
4021
4440
4022
#: serverguide/C/virtualization.xml:636(para) serverguide/C/jeos.xml:255(para)
4441
#: serverguide/C/virtualization.xml:636(para)
4023
4442
msgid ""
4024
4443
"<emphasis>--mask VALUE</emphasis>: IP mask in dotted form (default: "
4025
4444
"255.255.255.0)"
4026
4445
msgstr ""
4027
4446
4028
#: serverguide/C/virtualization.xml:641(para) serverguide/C/jeos.xml:260(para)
4447
#: serverguide/C/virtualization.xml:641(para)
4029
4448
msgid "<emphasis>--net VALUE</emphasis>: IP net address (default: X.X.X.0)"
4030
4449
msgstr ""
4031
4450
4032
#: serverguide/C/virtualization.xml:646(para) serverguide/C/jeos.xml:265(para)
4451
#: serverguide/C/virtualization.xml:646(para)
4033
4452
msgid "<emphasis>--bcast VALUE</emphasis>: IP broadcast (default: X.X.X.255)"
4034
4453
msgstr ""
4035
4454
4036
#: serverguide/C/virtualization.xml:651(para) serverguide/C/jeos.xml:270(para)
4455
#: serverguide/C/virtualization.xml:651(para)
4037
4456
msgid "<emphasis>--gw ADDRESS</emphasis>: Gateway address (default: X.X.X.1)"
4038
4457
msgstr ""
4039
4458
4040
#: serverguide/C/virtualization.xml:656(para) serverguide/C/jeos.xml:275(para)
4459
#: serverguide/C/virtualization.xml:656(para)
4041
4460
msgid ""
4042
4461
"<emphasis>--dns ADDRESS</emphasis>: Name server address (default: X.X.X.1)"
4043
4462
msgstr ""
4044
4463
4045
#: serverguide/C/virtualization.xml:662(para) serverguide/C/jeos.xml:281(para)
4464
#: serverguide/C/virtualization.xml:662(para)
4046
4465
msgid ""
4047
4466
"We assume for now that default values are good enough, so the resulting "
4048
4467
"invocation becomes:"
4049
4468
msgstr ""
4050
4469
4051
#: serverguide/C/virtualization.xml:667(command) serverguide/C/jeos.xml:286(command)
4470
#: serverguide/C/virtualization.xml:667(command)
4052
4471
msgid ""
4053
"sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 -o --"
4472
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 -o --"
4054
4473
"libvirt qemu:///system --ip 192.168.0.100"
4055
4474
msgstr ""
4056
4475
4057
#: serverguide/C/virtualization.xml:672(title) serverguide/C/jeos.xml:291(title)
4476
#: serverguide/C/virtualization.xml:672(title)
4058
4477
msgid "Modifying the libvirt Template to use Bridging"
4059
4478
msgstr ""
4060
4479
4061
#: serverguide/C/virtualization.xml:674(para) serverguide/C/jeos.xml:293(para)
4480
#: serverguide/C/virtualization.xml:674(para)
4062
4481
msgid ""
4063
4482
"Because our appliance will be likely to need to be accessed by remote hosts, "
4064
4483
"we need to configure libvirt so that the appliance uses bridge networking. "
4065
4484
"To do this we use vmbuilder template mechanism to modify the default one."
4066
4485
msgstr ""
4067
4486
4068
#: serverguide/C/virtualization.xml:679(para) serverguide/C/jeos.xml:298(para)
4487
#: serverguide/C/virtualization.xml:679(para)
4069
4488
msgid ""
4070
4489
"In our working directory we create the template hierarchy and copy the "
4071
4490
"default template:"
4072
4491
msgstr ""
4073
4492
4074
#: serverguide/C/virtualization.xml:684(command) serverguide/C/jeos.xml:303(command)
4493
#: serverguide/C/virtualization.xml:684(command)
4075
4494
msgid "mkdir -p VMBuilder/plugins/libvirt/templates"
4076
4495
msgstr ""
4077
4496
4078
#: serverguide/C/virtualization.xml:685(command) serverguide/C/jeos.xml:304(command)
4497
#: serverguide/C/virtualization.xml:685(command)
4079
4498
msgid "cp /etc/vmbuilder/libvirt/* VMBuilder/plugins/libvirt/templates/"
4080
4499
msgstr ""
4081
4500
4082
#: serverguide/C/virtualization.xml:688(para) serverguide/C/jeos.xml:307(para)
4501
#: serverguide/C/virtualization.xml:688(para)
4083
4502
msgid ""
4084
4503
"We can then edit "
4085
4504
"<filename>VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl</filename> to "
4086
4505
"change:"
4087
4506
msgstr ""
4088
4507
4089
#: serverguide/C/virtualization.xml:692(programlisting) serverguide/C/jeos.xml:311(programlisting)
4508
#: serverguide/C/virtualization.xml:692(programlisting)
4090
4509
#, no-wrap
4091
4510
msgid ""
4092
4511
"\n"
4095
4514
" </interface>\n"
4096
4515
msgstr ""
4097
4516
4098
#: serverguide/C/virtualization.xml:698(para) serverguide/C/jeos.xml:317(para)
4517
#: serverguide/C/virtualization.xml:698(para)
4099
4518
msgid "To:"
4100
4519
msgstr ""
4101
4520
4108
4527
" </interface>\n"
4109
4528
msgstr ""
4110
4529
4111
#: serverguide/C/virtualization.xml:712(title) serverguide/C/jeos.xml:331(title) serverguide/C/installation.xml:406(title)
4530
#: serverguide/C/virtualization.xml:712(title) serverguide/C/installation.xml:407(title)
4112
4531
msgid "Partitioning"
4113
4532
msgstr ""
4114
4533
4115
#: serverguide/C/virtualization.xml:714(para) serverguide/C/jeos.xml:333(para)
4534
#: serverguide/C/virtualization.xml:714(para)
4116
4535
msgid ""
4117
4536
"Partitioning of the virtual appliance will have to take into consideration "
4118
4537
"what you are planning to do with is. Because most appliances want to have a "
4120
4539
"make sense."
4121
4540
msgstr ""
4122
4541
4123
#: serverguide/C/virtualization.xml:719(para) serverguide/C/jeos.xml:338(para)
4542
#: serverguide/C/virtualization.xml:719(para)
4124
4543
msgid ""
4125
4544
"In order to do this vmbuilder provides us with <emphasis>--part</emphasis>:"
4126
4545
msgstr ""
4127
4546
4128
#: serverguide/C/virtualization.xml:723(programlisting) serverguide/C/jeos.xml:342(programlisting)
4547
#: serverguide/C/virtualization.xml:723(programlisting)
4129
4548
#, no-wrap
4130
4549
msgid ""
4131
4550
"\n"
4145
4564
" /log 1500\n"
4146
4565
msgstr ""
4147
4566
4148
#: serverguide/C/virtualization.xml:738(para) serverguide/C/jeos.xml:357(para)
4567
#: serverguide/C/virtualization.xml:738(para)
4149
4568
msgid ""
4150
4569
"In our case we will define a text file name "
4151
4570
"<filename>vmbuilder.partition</filename> which will contain the following:"
4152
4571
msgstr ""
4153
4572
4154
#: serverguide/C/virtualization.xml:742(programlisting) serverguide/C/jeos.xml:361(programlisting)
4573
#: serverguide/C/virtualization.xml:742(programlisting)
4155
4574
#, no-wrap
4156
4575
msgid ""
4157
4576
"\n"
4161
4580
"/var 20000\n"
4162
4581
msgstr ""
4163
4582
4164
#: serverguide/C/virtualization.xml:750(para) serverguide/C/jeos.xml:369(para)
4583
#: serverguide/C/virtualization.xml:750(para)
4165
4584
msgid ""
4166
4585
"Note that as we are using virtual disk images, the actual sizes that we put "
4167
4586
"here are maximum sizes for these volumes."
4168
4587
msgstr ""
4169
4588
4170
#: serverguide/C/virtualization.xml:755(para) serverguide/C/jeos.xml:374(para)
4589
#: serverguide/C/virtualization.xml:755(para)
4171
4590
msgid "Our command line now looks like:"
4172
4591
msgstr ""
4173
4592
4174
#: serverguide/C/virtualization.xml:760(command) serverguide/C/jeos.xml:379(command)
4593
#: serverguide/C/virtualization.xml:760(command)
4175
4594
msgid ""
4176
"sudo vmbuilder kvm ubuntu --suite jaunty --flavour virtual --arch i386 \\ -o "
4595
"sudo vmbuilder kvm ubuntu --suite karmic --flavour virtual --arch i386 \\ -o "
4177
4596
"--libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition"
4178
4597
msgstr ""
4179
4598
4180
#: serverguide/C/virtualization.xml:765(para) serverguide/C/jeos.xml:384(para)
4599
#: serverguide/C/virtualization.xml:765(para)
4181
4600
msgid ""
4182
4601
"Using a \"\\\" in a command will allow long command strings to wrap to the "
4183
4602
"next line."
4184
4603
msgstr ""
4185
4604
4186
#: serverguide/C/virtualization.xml:772(title) serverguide/C/jeos.xml:391(title)
4605
#: serverguide/C/virtualization.xml:772(title)
4187
4606
msgid "User and Password"
4188
4607
msgstr ""
4189
4608
4190
#: serverguide/C/virtualization.xml:774(para) serverguide/C/jeos.xml:393(para)
4609
#: serverguide/C/virtualization.xml:774(para)
4191
4610
msgid ""
4192
4611
"Again setting up a virtual appliance, you will need to provide a default "
4193
4612
"user and password that is generic so that you can include it in your "
4198
4617
"as my user name, and <emphasis>'default'</emphasis> as the password."
4199
4618
msgstr ""
4200
4619
4201
#: serverguide/C/virtualization.xml:782(para) serverguide/C/jeos.xml:401(para)
4620
#: serverguide/C/virtualization.xml:782(para)
4202
4621
msgid "To do this we use the following optional parameters:"
4203
4622
msgstr ""
4204
4623
4205
#: serverguide/C/virtualization.xml:788(para) serverguide/C/jeos.xml:407(para)
4624
#: serverguide/C/virtualization.xml:788(para)
4206
4625
msgid ""
4207
4626
"<emphasis>--user USERNAME:</emphasis> Sets the name of the user to be added. "
4208
4627
"Default: ubuntu."
4209
4628
msgstr ""
4210
4629
4211
#: serverguide/C/virtualization.xml:793(para) serverguide/C/jeos.xml:412(para)
4630
#: serverguide/C/virtualization.xml:793(para)
4212
4631
msgid ""
4213
4632
"<emphasis>--name FULLNAME:</emphasis> Sets the full name of the user to be "
4214
4633
"added. Default: Ubuntu."
4215
4634
msgstr ""
4216
4635
4217
#: serverguide/C/virtualization.xml:798(para) serverguide/C/jeos.xml:417(para)
4636
#: serverguide/C/virtualization.xml:798(para)
4218
4637
msgid ""
4219
4638
"<emphasis>--pass PASSWORD:</emphasis> Sets the password for the user. "
4220
4639
"Default: ubuntu."
4221
4640
msgstr ""
4222
4641
4223
#: serverguide/C/virtualization.xml:804(para) serverguide/C/jeos.xml:423(para)
4642
#: serverguide/C/virtualization.xml:804(para)
4224
4643
msgid "Our resulting command line becomes:"
4225
4644
msgstr ""
4226
4645
4227
#: serverguide/C/virtualization.xml:809(command) serverguide/C/jeos.xml:428(command)
4646
#: serverguide/C/virtualization.xml:809(command)
4228
4647
msgid ""
4229
4648
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 \\ -"
4230
4649
"o --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition \\ -"
4231
4650
"-user user --name user --pass default"
4232
4651
msgstr ""
4233
4652
4234
#: serverguide/C/virtualization.xml:817(title) serverguide/C/jeos.xml:436(title)
4653
#: serverguide/C/virtualization.xml:817(title)
4235
4654
msgid "Installing Required Packages"
4236
4655
msgstr ""
4237
4656
4238
#: serverguide/C/virtualization.xml:819(para) serverguide/C/jeos.xml:438(para)
4657
#: serverguide/C/virtualization.xml:819(para)
4239
4658
msgid ""
4240
4659
"In this example we will be installing a package "
4241
4660
"<application>(Limesurvey)</application> that accesses a "
4243
4662
"therefore require our OS to provide us with:"
4244
4663
msgstr ""
4245
4664
4246
#: serverguide/C/virtualization.xml:826(para) serverguide/C/jeos.xml:445(para)
4665
#: serverguide/C/virtualization.xml:826(para)
4247
4666
msgid "Apache"
4248
4667
msgstr ""
4249
4668
4250
#: serverguide/C/virtualization.xml:827(para) serverguide/C/jeos.xml:446(para)
4669
#: serverguide/C/virtualization.xml:827(para)
4251
4670
msgid "PHP"
4252
4671
msgstr ""
4253
4672
4254
#: serverguide/C/virtualization.xml:828(para) serverguide/C/jeos.xml:447(para) serverguide/C/databases.xml:19(trademark) serverguide/C/databases.xml:31(title)
4673
#: serverguide/C/virtualization.xml:828(para) serverguide/C/databases.xml:19(trademark) serverguide/C/databases.xml:31(title)
4255
4674
msgid "MySQL"
4256
4675
msgstr ""
4257
4676
4258
#: serverguide/C/virtualization.xml:829(para) serverguide/C/remote-administration.xml:20(title) serverguide/C/jeos.xml:448(para)
4677
#: serverguide/C/virtualization.xml:829(para) serverguide/C/remote-administration.xml:20(title)
4259
4678
msgid "OpenSSH Server"
4260
4679
msgstr ""
4261
4680
4262
#: serverguide/C/virtualization.xml:830(para) serverguide/C/jeos.xml:449(para)
4681
#: serverguide/C/virtualization.xml:830(para)
4263
4682
msgid "Limesurvey (as an example application that we have packaged)"
4264
4683
msgstr ""
4265
4684
4266
#: serverguide/C/virtualization.xml:833(para) serverguide/C/jeos.xml:452(para)
4685
#: serverguide/C/virtualization.xml:833(para)
4267
4686
msgid ""
4268
4687
"This is done using vmbuilder by specifying the --addpkg command multiple "
4269
4688
"times:"
4270
4689
msgstr ""
4271
4690
4272
#: serverguide/C/virtualization.xml:837(programlisting) serverguide/C/jeos.xml:456(programlisting)
4691
#: serverguide/C/virtualization.xml:837(programlisting)
4273
4692
#, no-wrap
4274
4693
msgid ""
4275
4694
"\n"
4277
4696
" Install PKG into the guest (can be specfied multiple times)\n"
4278
4697
msgstr ""
4279
4698
4280
#: serverguide/C/virtualization.xml:842(para) serverguide/C/jeos.xml:461(para)
4699
#: serverguide/C/virtualization.xml:842(para)
4281
4700
msgid ""
4282
4701
"However, due to the way vmbuilder operates, packages that have to ask "
4283
4702
"questions to the user during the post install phase are not supported and "
4285
4704
"of Limesurvey, which we will have to install later, once the user logs in."
4286
4705
msgstr ""
4287
4706
4288
#: serverguide/C/virtualization.xml:848(para) serverguide/C/jeos.xml:467(para)
4707
#: serverguide/C/virtualization.xml:848(para)
4289
4708
msgid ""
4290
4709
"Other packages that ask simple debconf question, such as <application>mysql-"
4291
4710
"server</application> asking to set a password, the package can be installed "
4293
4712
"in."
4294
4713
msgstr ""
4295
4714
4296
#: serverguide/C/virtualization.xml:854(para) serverguide/C/jeos.xml:473(para)
4715
#: serverguide/C/virtualization.xml:854(para)
4297
4716
msgid ""
4298
4717
"If some packages that we need to install are not in main, we need to enable "
4299
4718
"the additional repositories using --comp and --ppa:"
4300
4719
msgstr ""
4301
4720
4302
#: serverguide/C/virtualization.xml:858(programlisting) serverguide/C/jeos.xml:477(programlisting)
4721
#: serverguide/C/virtualization.xml:858(programlisting)
4303
4722
#, no-wrap
4304
4723
msgid ""
4305
4724
"\n"
4310
4729
"--ppa=PPA Add ppa belonging to PPA to the vm's sources.list.\n"
4311
4730
msgstr ""
4312
4731
4313
#: serverguide/C/virtualization.xml:865(para) serverguide/C/jeos.xml:484(para)
4732
#: serverguide/C/virtualization.xml:865(para)
4314
4733
msgid ""
4315
4734
"Limesurvey not being part of the archive at the moment, we'll specify it's "
4316
4735
"PPA (personal package archive) address so that it is added to the VM "
4318
4737
"to the command line:"
4319
4738
msgstr ""
4320
4739
4321
#: serverguide/C/virtualization.xml:871(command) serverguide/C/jeos.xml:490(command)
4740
#: serverguide/C/virtualization.xml:871(command)
4322
4741
msgid ""
4323
4742
"--addpkg apache2 --addpkg apache2-mpm-prefork --addpkg apache2-utils --"
4324
4743
"addpkg apache2.2-common \\ --addpkg dbconfig-common --addpkg libapache2-mod-"
4327
4746
"server --ppa nijaba"
4328
4747
msgstr ""
4329
4748
4330
#: serverguide/C/virtualization.xml:878(title) serverguide/C/jeos.xml:497(title)
4749
#: serverguide/C/virtualization.xml:878(title)
4331
4750
msgid "OpenSSH"
4332
4751
msgstr ""
4333
4752
4345
4764
"interaction."
4346
4765
msgstr ""
4347
4766
4348
#: serverguide/C/virtualization.xml:892(title) serverguide/C/jeos.xml:511(title)
4767
#: serverguide/C/virtualization.xml:892(title)
4349
4768
msgid "Speed Considerations"
4350
4769
msgstr ""
4351
4770
4352
#: serverguide/C/virtualization.xml:895(title) serverguide/C/jeos.xml:514(title)
4771
#: serverguide/C/virtualization.xml:895(title)
4353
4772
msgid "Package Caching"
4354
4773
msgstr ""
4355
4774
4356
#: serverguide/C/virtualization.xml:897(para) serverguide/C/jeos.xml:516(para)
4775
#: serverguide/C/virtualization.xml:897(para)
4357
4776
msgid ""
4358
4777
"When vmbuilder creates builds your system, it has to go fetch each one of "
4359
4778
"the packages that composes it over the network to one of the official "
4366
4785
"we will pick in this tutorial. To install it, simply type:"
4367
4786
msgstr ""
4368
4787
4369
#: serverguide/C/virtualization.xml:907(command) serverguide/C/jeos.xml:526(command)
4788
#: serverguide/C/virtualization.xml:907(command)
4370
4789
msgid "sudo apt-get install apt-proxy"
4371
4790
msgstr ""
4372
4791
4373
#: serverguide/C/virtualization.xml:910(para) serverguide/C/jeos.xml:529(para)
4792
#: serverguide/C/virtualization.xml:910(para)
4374
4793
msgid ""
4375
4794
"Once this is complete, your (empty) proxy is ready for use on "
4376
4795
"http://mirroraddress:9999 and will find ubuntu repository under /ubuntu. For "
4378
4797
"option:"
4379
4798
msgstr ""
4380
4799
4381
#: serverguide/C/virtualization.xml:915(programlisting) serverguide/C/jeos.xml:534(programlisting)
4800
#: serverguide/C/virtualization.xml:915(programlisting)
4382
4801
#, no-wrap
4383
4802
msgid ""
4384
4803
"\n"
4388
4807
" otherwise\n"
4389
4808
msgstr ""
4390
4809
4391
#: serverguide/C/virtualization.xml:922(para) serverguide/C/jeos.xml:541(para)
4810
#: serverguide/C/virtualization.xml:922(para)
4392
4811
msgid "So we add to the command line:"
4393
4812
msgstr ""
4394
4813
4395
#: serverguide/C/virtualization.xml:927(command) serverguide/C/jeos.xml:546(command)
4814
#: serverguide/C/virtualization.xml:927(command)
4396
4815
msgid "--mirror http://mirroraddress:9999/ubuntu"
4397
4816
msgstr ""
4398
4817
4399
#: serverguide/C/virtualization.xml:931(para) serverguide/C/jeos.xml:550(para)
4818
#: serverguide/C/virtualization.xml:931(para)
4400
4819
msgid ""
4401
4820
"The mirror address specified here will also be used in the "
4402
4821
"<filename>/etc/apt/source.list</filename> of the newly created guest, so it "
4405
4824
"firstboot</emphasis> script."
4406
4825
msgstr ""
4407
4826
4408
#: serverguide/C/virtualization.xml:940(title) serverguide/C/jeos.xml:559(title)
4827
#: serverguide/C/virtualization.xml:940(title)
4409
4828
msgid "Install a Local Mirror"
4410
4829
msgstr ""
4411
4830
4412
#: serverguide/C/virtualization.xml:942(para) serverguide/C/jeos.xml:561(para)
4831
#: serverguide/C/virtualization.xml:942(para)
4413
4832
msgid ""
4414
4833
"If we are in a larger environment, it may make sense to setup a local mirror "
4415
4834
"of the Ubuntu repositories. The package apt-mirror provides you with a "
4417
4836
"about 20 gigabyte of free space per supported release and architecture."
4418
4837
msgstr ""
4419
4838
4420
#: serverguide/C/virtualization.xml:948(para) serverguide/C/jeos.xml:567(para)
4839
#: serverguide/C/virtualization.xml:948(para)
4421
4840
msgid ""
4422
4841
"By default, <application>apt-mirror</application> uses the configuration "
4423
4842
"file in <filename>/etc/apt/mirror.list</filename>. As it is set up, it will "
4428
4847
"archives as well, you will have:"
4429
4848
msgstr ""
4430
4849
4431
#: serverguide/C/virtualization.xml:955(programlisting) serverguide/C/jeos.xml:574(programlisting)
4850
#: serverguide/C/virtualization.xml:955(programlisting)
4432
4851
#, no-wrap
4433
4852
msgid ""
4434
4853
"\n"
4435
"deb http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
4854
"deb http://archive.ubuntu.com/ubuntu karmic main restricted universe "
4436
4855
"multiverse \n"
4437
"/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main restricted universe "
4856
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main restricted universe "
4438
4857
"multiverse\n"
4439
4858
"\n"
4440
"deb http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
4441
"universe multiverse \n"
4442
"/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-updates main restricted "
4443
"universe multiverse \n"
4444
"\n"
4445
"deb http://archive.ubuntu.com/ubuntu/ jaunty-backports main restricted "
4446
"universe multiverse \n"
4447
"/deb-i386 http://archive.ubuntu.com/ubuntu jaunty-backports main restricted "
4448
"universe multiverse \n"
4449
"\n"
4450
"deb http://security.ubuntu.com/ubuntu jaunty-security main restricted "
4451
"universe multiverse \n"
4452
"/deb-i386 http://security.ubuntu.com/ubuntu jaunty-security main restricted "
4453
"universe multiverse \n"
4454
"\n"
4455
"deb http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
4859
"deb http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
4860
"universe multiverse \n"
4861
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-updates main restricted "
4862
"universe multiverse \n"
4863
"\n"
4864
"deb http://archive.ubuntu.com/ubuntu/ karmic-backports main restricted "
4865
"universe multiverse \n"
4866
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic-backports main restricted "
4867
"universe multiverse \n"
4868
"\n"
4869
"deb http://security.ubuntu.com/ubuntu karmic-security main restricted "
4870
"universe multiverse \n"
4871
"/deb-i386 http://security.ubuntu.com/ubuntu karmic-security main restricted "
4872
"universe multiverse \n"
4873
"\n"
4874
"deb http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
4456
4875
"restricted/debian-installer universe/debian-installer multiverse/debian-"
4457
4876
"installer \n"
4458
"/deb-i386 http://archive.ubuntu.com/ubuntu jaunty main/debian-installer "
4877
"/deb-i386 http://archive.ubuntu.com/ubuntu karmic main/debian-installer "
4459
4878
"restricted/debian-installer universe/debian-installer multiverse/debian-"
4460
4879
"installer \n"
4461
4880
msgstr ""
4462
4881
4463
#: serverguide/C/virtualization.xml:972(para) serverguide/C/jeos.xml:591(para)
4882
#: serverguide/C/virtualization.xml:972(para)
4464
4883
msgid ""
4465
4884
"Notice that the source packages are not mirrored as they are seldom used "
4466
4885
"compared to the binaries and they do take a lot more space, but they can be "
4467
4886
"easily added to the list."
4468
4887
msgstr ""
4469
4888
4470
#: serverguide/C/virtualization.xml:977(para) serverguide/C/jeos.xml:596(para)
4889
#: serverguide/C/virtualization.xml:977(para)
4471
4890
msgid ""
4472
4891
"Once the mirror has finished replicating (and this can be quite long), you "
4473
4892
"need to configure Apache so that your mirror files (in "
4476
4895
"Apache see <xref linkend=\"httpd\"/>."
4477
4896
msgstr ""
4478
4897
4479
#: serverguide/C/virtualization.xml:986(title) serverguide/C/jeos.xml:605(title)
4898
#: serverguide/C/virtualization.xml:986(title)
4480
4899
msgid "Installing in a RAM Disk"
4481
4900
msgstr ""
4482
4901
4483
#: serverguide/C/virtualization.xml:988(para) serverguide/C/jeos.xml:607(para)
4902
#: serverguide/C/virtualization.xml:988(para)
4484
4903
msgid ""
4485
4904
"As you can easily imagine, writing to RAM is a <emphasis>LOT</emphasis> "
4486
4905
"faster than writing to disk. If you have some free memory, letting vmbuilder "
4488
4907
"-tmpfs</emphasis> will help you do just that:"
4489
4908
msgstr ""
4490
4909
4491
#: serverguide/C/virtualization.xml:994(programlisting) serverguide/C/jeos.xml:613(programlisting)
4910
#: serverguide/C/virtualization.xml:994(programlisting)
4492
4911
#, no-wrap
4493
4912
msgid ""
4494
4913
"\n"
4496
4915
" size or \"-\" to use tmpfs default (suid,dev,size=1G).\n"
4497
4916
msgstr ""
4498
4917
4499
#: serverguide/C/virtualization.xml:999(para) serverguide/C/jeos.xml:618(para)
4918
#: serverguide/C/virtualization.xml:999(para)
4500
4919
msgid ""
4501
4920
"So adding <command>--tmpfs -</command> sounds like a very good idea if you "
4502
4921
"have 1G of free ram."
4503
4922
msgstr ""
4504
4923
4505
#: serverguide/C/virtualization.xml:1006(title) serverguide/C/jeos.xml:625(title)
4924
#: serverguide/C/virtualization.xml:1006(title)
4506
4925
msgid "Package the Application"
4507
4926
msgstr ""
4508
4927
4509
#: serverguide/C/virtualization.xml:1008(para) serverguide/C/jeos.xml:627(para)
4928
#: serverguide/C/virtualization.xml:1008(para)
4510
4929
msgid "Two option are available to us:"
4511
4930
msgstr ""
4512
4931
4513
#: serverguide/C/virtualization.xml:1014(para) serverguide/C/jeos.xml:633(para)
4932
#: serverguide/C/virtualization.xml:1014(para)
4514
4933
msgid ""
4515
4934
"The recommended method to do so is to make a <emphasis>Debian</emphasis> "
4516
4935
"package. Since this is outside of the scope of this tutorial, we will not "
4523
4942
"a tutorial on this."
4524
4943
msgstr ""
4525
4944
4526
#: serverguide/C/virtualization.xml:1023(para) serverguide/C/jeos.xml:642(para)
4945
#: serverguide/C/virtualization.xml:1023(para)
4527
4946
msgid ""
4528
4947
"Manually install the application under <filename>/opt</filename> as "
4529
4948
"recommended by the <ulink url=\"http://www.pathname.com/fhs/\">FHS "
4530
4949
"guidelines</ulink>."
4531
4950
msgstr ""
4532
4951
4533
#: serverguide/C/virtualization.xml:1030(para) serverguide/C/jeos.xml:649(para)
4952
#: serverguide/C/virtualization.xml:1030(para)
4534
4953
msgid ""
4535
4954
"In our case we'll use <application>Limesurvey</application> as example web "
4536
4955
"application for which we wish to provide a virtual appliance. As noted "
4538
4957
"Package Archive)."
4539
4958
msgstr ""
4540
4959
4541
#: serverguide/C/virtualization.xml:1037(title) serverguide/C/jeos.xml:656(title)
4960
#: serverguide/C/virtualization.xml:1037(title)
4542
4961
msgid "Finishing Install"
4543
4962
msgstr ""
4544
4963
4545
#: serverguide/C/virtualization.xml:1040(title) serverguide/C/jeos.xml:659(title)
4964
#: serverguide/C/virtualization.xml:1040(title)
4546
4965
msgid "First Boot"
4547
4966
msgstr ""
4548
4967
4549
#: serverguide/C/virtualization.xml:1042(para) serverguide/C/jeos.xml:661(para)
4968
#: serverguide/C/virtualization.xml:1042(para)
4550
4969
msgid ""
4551
4970
"As we mentioned earlier, the first time the machine boots we'll need to "
4552
4971
"install <application>openssh-server</application> so that the key generated "
4554
4973
"<filename>boot.sh</filename> as follows:"
4555
4974
msgstr ""
4556
4975
4557
#: serverguide/C/virtualization.xml:1048(programlisting) serverguide/C/jeos.xml:667(programlisting)
4976
#: serverguide/C/virtualization.xml:1048(programlisting)
4558
4977
#, no-wrap
4559
4978
msgid ""
4560
4979
"\n"
4565
4984
"apt-get install -qqy --force-yes openssh-server\n"
4566
4985
msgstr ""
4567
4986
4568
#: serverguide/C/virtualization.xml:1056(para) serverguide/C/jeos.xml:675(para)
4987
#: serverguide/C/virtualization.xml:1056(para)
4569
4988
msgid ""
4570
4989
"And we add the <command>--firstboot boot.sh</command> option to our command "
4571
4990
"line."
4572
4991
msgstr ""
4573
4992
4574
#: serverguide/C/virtualization.xml:1062(title) serverguide/C/jeos.xml:681(title)
4993
#: serverguide/C/virtualization.xml:1062(title)
4575
4994
msgid "First Login"
4576
4995
msgstr ""
4577
4996
4578
#: serverguide/C/virtualization.xml:1064(para) serverguide/C/jeos.xml:683(para)
4997
#: serverguide/C/virtualization.xml:1064(para)
4579
4998
msgid ""
4580
4999
"Mysql and Limesurvey needing some user interaction during their setup, we'll "
4581
5000
"set them up the first time a user logs in using a script named login.sh. "
4582
5001
"We'll also use this script to let the user specify:"
4583
5002
msgstr ""
4584
5003
4585
#: serverguide/C/virtualization.xml:1070(para) serverguide/C/jeos.xml:689(para)
5004
#: serverguide/C/virtualization.xml:1070(para)
4586
5005
msgid "His own password"
4587
5006
msgstr ""
4588
5007
4589
#: serverguide/C/virtualization.xml:1071(para) serverguide/C/jeos.xml:690(para)
5008
#: serverguide/C/virtualization.xml:1071(para)
4590
5009
msgid "Define the keyboard and other locale info he wants to use"
4591
5010
msgstr ""
4592
5011
4593
#: serverguide/C/virtualization.xml:1074(para) serverguide/C/jeos.xml:693(para)
5012
#: serverguide/C/virtualization.xml:1074(para)
4594
5013
msgid "So we'll define <filename>login.sh</filename> as follows:"
4595
5014
msgstr ""
4596
5015
4597
#: serverguide/C/virtualization.xml:1078(programlisting) serverguide/C/jeos.xml:697(programlisting)
5016
#: serverguide/C/virtualization.xml:1078(programlisting)
4598
5017
#, no-wrap
4599
5018
msgid ""
4600
5019
"\n"
4619
5038
"echo \"browser to http://serverip/limesurvey/admin\"\n"
4620
5039
msgstr ""
4621
5040
4622
#: serverguide/C/virtualization.xml:1100(para) serverguide/C/jeos.xml:719(para)
5041
#: serverguide/C/virtualization.xml:1100(para)
4623
5042
msgid ""
4624
5043
"And we add the <command>--firstlogin login.sh</command> option to our "
4625
5044
"command line."
4626
5045
msgstr ""
4627
5046
4628
#: serverguide/C/virtualization.xml:1107(title) serverguide/C/jeos.xml:726(title)
5047
#: serverguide/C/virtualization.xml:1107(title)
4629
5048
msgid "Useful Additions"
4630
5049
msgstr ""
4631
5050
4632
#: serverguide/C/virtualization.xml:1110(title) serverguide/C/jeos.xml:729(title)
5051
#: serverguide/C/virtualization.xml:1110(title)
4633
5052
msgid "Configuring Automatic Updates"
4634
5053
msgstr ""
4635
5054
4636
#: serverguide/C/virtualization.xml:1112(para) serverguide/C/jeos.xml:731(para)
5055
#: serverguide/C/virtualization.xml:1112(para)
4637
5056
msgid ""
4638
5057
"To have your system be configured to update itself on a regular basis, we "
4639
5058
"will just install <application>unattended-upgrades</application>, so we add "
4640
5059
"the following option to our command line:"
4641
5060
msgstr ""
4642
5061
4643
#: serverguide/C/virtualization.xml:1118(command) serverguide/C/jeos.xml:737(command)
5062
#: serverguide/C/virtualization.xml:1118(command)
4644
5063
msgid "--addpkg unattended-upgrades"
4645
5064
msgstr ""
4646
5065
4647
#: serverguide/C/virtualization.xml:1121(para) serverguide/C/jeos.xml:740(para)
5066
#: serverguide/C/virtualization.xml:1121(para)
4648
5067
msgid ""
4649
5068
"As we have put our application package in a PPA, the process will update not "
4650
5069
"only the system, but also the application each time we update the version in "
4651
5070
"the PPA."
4652
5071
msgstr ""
4653
5072
4654
#: serverguide/C/virtualization.xml:1128(title) serverguide/C/jeos.xml:747(title)
5073
#: serverguide/C/virtualization.xml:1128(title)
4655
5074
msgid "ACPI Event Handling"
4656
5075
msgstr ""
4657
5076
4658
#: serverguide/C/virtualization.xml:1130(para) serverguide/C/jeos.xml:749(para)
5077
#: serverguide/C/virtualization.xml:1130(para)
4659
5078
msgid ""
4660
5079
"For your virtual machine to be able to handle restart and shutdown events it "
4661
5080
"is being sent, it is a good idea to install the acpid package as well. To do "
4662
5081
"this we just add the following option:"
4663
5082
msgstr ""
4664
5083
4665
#: serverguide/C/virtualization.xml:1136(command) serverguide/C/jeos.xml:755(command)
5084
#: serverguide/C/virtualization.xml:1136(command)
4666
5085
msgid "--addpkg acpid"
4667
5086
msgstr ""
4668
5087
4669
#: serverguide/C/virtualization.xml:1142(title) serverguide/C/jeos.xml:761(title)
5088
#: serverguide/C/virtualization.xml:1142(title)
4670
5089
msgid "Final Command"
4671
5090
msgstr ""
4672
5091
4673
#: serverguide/C/virtualization.xml:1144(para) serverguide/C/jeos.xml:763(para)
4674
msgid "Here is what the command with all the options discussed above:"
5092
#: serverguide/C/virtualization.xml:1144(para)
5093
msgid "Here is the command with all the options discussed above:"
4675
5094
msgstr ""
4676
5095
4677
#: serverguide/C/virtualization.xml:1149(command) serverguide/C/jeos.xml:768(command)
5096
#: serverguide/C/virtualization.xml:1149(command)
4678
5097
msgid ""
4679
5098
"sudo vmbuilder kvm ubuntu --suite intrepid --flavour virtual --arch i386 -o "
4680
5099
"\\ --libvirt qemu:///system --ip 192.168.0.100 --part vmbuilder.partition --"
4688
5107
"firstlogin login.sh es"
4689
5108
msgstr ""
4690
5109
4691
#: serverguide/C/virtualization.xml:1164(para) serverguide/C/jeos.xml:783(para)
5110
#: serverguide/C/virtualization.xml:1164(para)
4692
5111
msgid ""
4693
5112
"If you are interested in learning more, have questions or suggestions, "
4694
5113
"please contact the Ubuntu Server Team at:"
4695
5114
msgstr ""
4696
5115
4697
#: serverguide/C/virtualization.xml:1169(para) serverguide/C/jeos.xml:788(para)
5116
#: serverguide/C/virtualization.xml:1169(para)
4698
5117
msgid "IRC: #ubuntu-server on freenode"
4699
5118
msgstr ""
4700
5119
4701
#: serverguide/C/virtualization.xml:1174(para) serverguide/C/jeos.xml:793(para)
5120
#: serverguide/C/virtualization.xml:1174(para)
4702
5121
msgid ""
4703
5122
"Mailing list: <ulink url=\"https://lists.ubuntu.com/mailman/listinfo/ubuntu-"
4704
5123
"server\">ubuntu-server at lists.ubuntu.com</ulink>"
4708
5127
msgid "Eucalyptus"
4709
5128
msgstr ""
4710
5129
4711
#: serverguide/C/virtualization.xml:1185(title) serverguide/C/network-auth.xml:1670(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:878(title) serverguide/C/dns.xml:64(title) serverguide/C/backups.xml:541(title)
5130
#: serverguide/C/virtualization.xml:1185(title) serverguide/C/network-auth.xml:1683(title) serverguide/C/monitoring.xml:15(title) serverguide/C/lamp-applications.xml:17(title) serverguide/C/installation.xml:879(title) serverguide/C/dns.xml:64(title) serverguide/C/chat.xml:17(title) serverguide/C/backups.xml:541(title)
4712
5131
msgid "Overview"
4713
5132
msgstr ""
4714
5133
5224
5643
msgid "sudo apt-get install subversion libapache2-svn"
5225
5644
msgstr ""
5226
5645
5227
#: serverguide/C/vcs.xml:107(title)
5228
msgid "Server Configuration"
5229
msgstr ""
5230
5231
5646
#: serverguide/C/vcs.xml:108(para)
5232
5647
msgid ""
5233
5648
"This step assumes you have installed above mentioned packages on your "
5381
5796
#: serverguide/C/vcs.xml:208(programlisting)
5382
5797
#, no-wrap
5383
5798
msgid ""
5799
"\n"
5384
5800
" <Location /svn>\n"
5385
5801
" DAV svn\n"
5386
5802
" SVNParentPath /home/svn\n"
5387
5803
" AuthType Basic\n"
5388
5804
" AuthName \"Your repository name\"\n"
5389
5805
" AuthUserFile /etc/subversion/passwd\n"
5390
" <LimitExcept GET PROPFIND OPTIONS REPORT>\n"
5391
5806
" Require valid-user\n"
5392
" </LimitExcept>\n"
5393
" </Location> "
5807
" </Location> \n"
5394
5808
msgstr ""
5395
5809
5396
5810
#: serverguide/C/vcs.xml:219(para)
5469
5883
msgid ""
5470
5884
"Accessing Subversion repository via WebDAV protocol with SSL encryption "
5471
5885
"(https://) is similar to http:// except that you must install and configure "
5472
"the digital certificate in your Apache2 web server."
5886
"the digital certificate in your Apache2 web server. To use SSL with "
5887
"Subversion add the above Apache2 configuration to "
5888
"<filename>/etc/apache2/sites-available/default-ssl</filename>. For more "
5889
"information on setting up Apache2 with SSL see <xref linkend=\"https-"
5890
"configuration\"/>."
5473
5891
msgstr ""
5474
5892
5475
#: serverguide/C/vcs.xml:281(para)
5893
#: serverguide/C/vcs.xml:283(para)
5476
5894
msgid ""
5477
"You can install a digital certificate issued by a signing authority like "
5478
"Verisign. Alternatively, you can install your own self-signed certificate."
5895
"You can install a digital certificate issued by a signing authority. "
5896
"Alternatively, you can install your own self-signed certificate."
5479
5897
msgstr ""
5480
5898
5481
#: serverguide/C/vcs.xml:286(para)
5899
#: serverguide/C/vcs.xml:288(para)
5482
5900
msgid ""
5483
5901
"This step assumes you have installed and configured a digital certificate in "
5484
5902
"your Apache 2 web server. Now, to access the Subversion repository, please "
5486
5904
"the protocol. You must use https:// to access the Subversion repository."
5487
5905
msgstr ""
5488
5906
5489
#: serverguide/C/vcs.xml:296(title)
5907
#: serverguide/C/vcs.xml:298(title)
5490
5908
msgid "Access via custom protocol (svn://)"
5491
5909
msgstr ""
5492
5910
5493
#: serverguide/C/vcs.xml:297(para)
5911
#: serverguide/C/vcs.xml:299(para)
5494
5912
msgid ""
5495
5913
"Once the Subversion repository is created, you can configure the access "
5496
5914
"control. You can edit the <filename> "
5499
5917
"following lines in the configuration file:"
5500
5918
msgstr ""
5501
5919
5502
#: serverguide/C/vcs.xml:304(programlisting)
5920
#: serverguide/C/vcs.xml:306(programlisting)
5503
5921
#, no-wrap
5504
5922
msgid ""
5505
5923
"# [general]\n"
5506
5924
"# password-db = passwd"
5507
5925
msgstr ""
5508
5926
5509
#: serverguide/C/vcs.xml:307(para)
5927
#: serverguide/C/vcs.xml:309(para)
5510
5928
msgid ""
5511
5929
"After uncommenting the above lines, you can maintain the user list in the "
5512
5930
"passwd file. So, edit the file <filename>passwd </filename> in the same "
5513
5931
"directory and add the new user. The syntax is as follows:"
5514
5932
msgstr ""
5515
5933
5516
#: serverguide/C/vcs.xml:313(programlisting)
5934
#: serverguide/C/vcs.xml:315(programlisting)
5517
5935
#, no-wrap
5518
5936
msgid "username = password"
5519
5937
msgstr ""
5520
5938
5521
#: serverguide/C/vcs.xml:314(para)
5939
#: serverguide/C/vcs.xml:316(para)
5522
5940
msgid "For more details, please refer to the file."
5523
5941
msgstr ""
5524
5942
5525
#: serverguide/C/vcs.xml:318(para)
5943
#: serverguide/C/vcs.xml:320(para)
5526
5944
msgid ""
5527
5945
"Now, to access Subversion via the svn:// custom protocol, either from the "
5528
5946
"same machine or a different machine, you can run svnserver using svnserve "
5529
5947
"command. The syntax is as follows:"
5530
5948
msgstr ""
5531
5949
5532
#: serverguide/C/vcs.xml:323(programlisting)
5950
#: serverguide/C/vcs.xml:325(programlisting)
5533
5951
#, no-wrap
5534
5952
msgid ""
5535
5953
"$ svnserve -d --foreground -r /path/to/repos\n"
5541
5959
"$ svnserve --help"
5542
5960
msgstr ""
5543
5961
5544
#: serverguide/C/vcs.xml:331(para)
5962
#: serverguide/C/vcs.xml:333(para)
5545
5963
msgid ""
5546
5964
"Once you run this command, Subversion starts listening on default port "
5547
5965
"(3690). To access the project repository, you must run the following command "
5548
5966
"from a terminal prompt:"
5549
5967
msgstr ""
5550
5968
5551
#: serverguide/C/vcs.xml:334(command)
5969
#: serverguide/C/vcs.xml:336(command)
5552
5970
msgid "svn co svn://hostname/project project --username user_name"
5553
5971
msgstr ""
5554
5972
5555
#: serverguide/C/vcs.xml:337(para)
5973
#: serverguide/C/vcs.xml:339(para)
5556
5974
msgid ""
5557
5975
"Based on server configuration, it prompts for password. Once you are "
5558
5976
"authenticated, it checks out the code from Subversion repository. To "
5561
5979
"a terminal prompt, is as follows:"
5562
5980
msgstr ""
5563
5981
5564
#: serverguide/C/vcs.xml:345(command)
5982
#: serverguide/C/vcs.xml:347(command)
5565
5983
msgid "cd project_dir ; svn update"
5566
5984
msgstr ""
5567
5985
5568
#: serverguide/C/vcs.xml:348(para)
5986
#: serverguide/C/vcs.xml:350(para)
5569
5987
msgid ""
5570
5988
"For more details about using each Subversion sub-command, you can refer to "
5571
5989
"the manual. For example, to learn more about the co (checkout) command, "
5572
5990
"please run the following command from a terminal prompt:"
5573
5991
msgstr ""
5574
5992
5575
#: serverguide/C/vcs.xml:352(command)
5993
#: serverguide/C/vcs.xml:354(command)
5576
5994
msgid "svn co help"
5577
5995
msgstr ""
5578
5996
5579
#: serverguide/C/vcs.xml:356(title)
5997
#: serverguide/C/vcs.xml:358(title)
5580
5998
msgid "Access via custom protocol with SSL encryption (svn+ssh://)"
5581
5999
msgstr ""
5582
6000
5583
#: serverguide/C/vcs.xml:357(para)
6001
#: serverguide/C/vcs.xml:359(para)
5584
6002
msgid ""
5585
6003
"The configuration and server process is same as in the svn:// method. For "
5586
6004
"details, please refer to the above section. This step assumes you have "
5588
6006
"<application>svnserve</application> command."
5589
6007
msgstr ""
5590
6008
5591
#: serverguide/C/vcs.xml:363(para)
6009
#: serverguide/C/vcs.xml:365(para)
5592
6010
msgid ""
5593
6011
"It is also assumed that the ssh server is running on that machine and that "
5594
6012
"it is allowing incoming connections. To confirm, please try to login to that "
5596
6014
"login, please address it before continuing further."
5597
6015
msgstr ""
5598
6016
5599
#: serverguide/C/vcs.xml:369(para)
6017
#: serverguide/C/vcs.xml:371(para)
5600
6018
msgid ""
5601
6019
"The svn+ssh:// protocol is used to access the Subversion repository using "
5602
6020
"SSL encryption. The data transfer is encrypted using this method. To access "
5604
6022
"following command syntax:"
5605
6023
msgstr ""
5606
6024
5607
#: serverguide/C/vcs.xml:376(command)
6025
#: serverguide/C/vcs.xml:378(command)
5608
6026
msgid "svn co svn+ssh://hostname/var/svn/repos/project"
5609
6027
msgstr ""
5610
6028
5611
#: serverguide/C/vcs.xml:380(para)
6029
#: serverguide/C/vcs.xml:382(para)
5612
6030
msgid ""
5613
6031
"You must use the full path (/path/to/repos/project) to access the Subversion "
5614
6032
"repository using this access method."
5615
6033
msgstr ""
5616
6034
5617
#: serverguide/C/vcs.xml:383(para)
6035
#: serverguide/C/vcs.xml:385(para)
5618
6036
msgid ""
5619
6037
"Based on server configuration, it prompts for password. You must enter the "
5620
6038
"password you use to login via ssh. Once you are authenticated, it checks out "
5621
6039
"the code from the Subversion repository."
5622
6040
msgstr ""
5623
6041
5624
#: serverguide/C/vcs.xml:394(title)
6042
#: serverguide/C/vcs.xml:396(title)
5625
6043
msgid "CVS Server"
5626
6044
msgstr ""
5627
6045
5628
#: serverguide/C/vcs.xml:395(para)
6046
#: serverguide/C/vcs.xml:397(para)
5629
6047
msgid ""
5630
6048
"CVS is a version control system. You can use it to record the history of "
5631
6049
"source files."
5632
6050
msgstr ""
5633
6051
5634
#: serverguide/C/vcs.xml:401(para)
6052
#: serverguide/C/vcs.xml:403(para)
5635
6053
msgid ""
5636
6054
"To install <application>CVS</application>, run the following command from a "
5637
6055
"terminal prompt: <screen>\n"
5644
6062
"</screen>"
5645
6063
msgstr ""
5646
6064
5647
#: serverguide/C/vcs.xml:434(programlisting)
6065
#: serverguide/C/vcs.xml:436(programlisting)
5648
6066
#, no-wrap
5649
6067
msgid ""
5650
6068
"\n"
5662
6080
"}\n"
5663
6081
msgstr ""
5664
6082
5665
#: serverguide/C/vcs.xml:450(para)
6083
#: serverguide/C/vcs.xml:452(para)
5666
6084
msgid ""
5667
6085
"Be sure to edit the repository if you have changed the default repository "
5668
6086
"(<application>/var/lib/cvs</application>) directory."
5669
6087
msgstr ""
5670
6088
5671
#: serverguide/C/vcs.xml:419(para)
6089
#: serverguide/C/vcs.xml:421(para)
5672
6090
msgid ""
5673
6091
"Once you install cvs, the repository will be automatically initialized. By "
5674
6092
"default, the repository resides under the "
5685
6103
"</screen>"
5686
6104
msgstr ""
5687
6105
5688
#: serverguide/C/vcs.xml:463(para)
6106
#: serverguide/C/vcs.xml:465(para)
5689
6107
msgid ""
5690
6108
"You can confirm that the CVS server is running by issuing the following "
5691
6109
"command:"
5692
6110
msgstr ""
5693
6111
5694
#: serverguide/C/vcs.xml:470(command)
6112
#: serverguide/C/vcs.xml:472(command)
5695
6113
msgid "sudo netstat -tap | grep cvs"
5696
6114
msgstr ""
5697
6115
5698
#: serverguide/C/vcs.xml:474(para) serverguide/C/databases.xml:65(para)
6116
#: serverguide/C/vcs.xml:476(para) serverguide/C/databases.xml:65(para)
5699
6117
msgid ""
5700
6118
"When you run this command, you should see the following line or something "
5701
6119
"similar:"
5702
6120
msgstr ""
5703
6121
5704
#: serverguide/C/vcs.xml:479(programlisting)
6122
#: serverguide/C/vcs.xml:481(programlisting)
5705
6123
#, no-wrap
5706
6124
msgid ""
5707
6125
"\n"
5708
6126
"tcp 0 0 *:cvspserver *:* LISTEN \n"
5709
6127
msgstr ""
5710
6128
5711
#: serverguide/C/vcs.xml:483(para)
6129
#: serverguide/C/vcs.xml:485(para)
5712
6130
msgid ""
5713
6131
"From here you can continue to add users, add new projects, and manage the "
5714
6132
"CVS server."
5715
6133
msgstr ""
5716
6134
5717
#: serverguide/C/vcs.xml:488(para)
6135
#: serverguide/C/vcs.xml:490(para)
5718
6136
msgid ""
5719
6137
"CVS allows the user to add users independently of the underlying OS "
5720
6138
"installation. Probably the easiest way is to use the Linux Users for CVS, "
5722
6140
"for details."
5723
6141
msgstr ""
5724
6142
5725
#: serverguide/C/vcs.xml:498(title)
6143
#: serverguide/C/vcs.xml:500(title)
5726
6144
msgid "Add Projects"
5727
6145
msgstr ""
5728
6146
5729
#: serverguide/C/vcs.xml:510(para)
6147
#: serverguide/C/vcs.xml:512(para)
5730
6148
msgid ""
5731
6149
"You can use the CVSROOT environment variable to store the CVS root "
5732
6150
"directory. Once you export the CVSROOT environment variable, you can avoid "
5733
6151
"using -d option in the above cvs command."
5734
6152
msgstr ""
5735
6153
5736
#: serverguide/C/vcs.xml:522(para)
6154
#: serverguide/C/vcs.xml:524(para)
5737
6155
msgid ""
5738
6156
"When you add a new project, the CVS user you use must have write access to "
5739
6157
"the CVS repository (<application>/var/lib/cvs</application>). By default, "
5742
6160
"manage projects in the CVS repository."
5743
6161
msgstr ""
5744
6162
5745
#: serverguide/C/vcs.xml:499(para)
6163
#: serverguide/C/vcs.xml:501(para)
5746
6164
msgid ""
5747
6165
"This section explains how to add new project to the CVS repository. Create "
5748
6166
"the directory and add necessary document and source files to the directory. "
5757
6175
"<placeholder-2/>"
5758
6176
msgstr ""
5759
6177
5760
#: serverguide/C/vcs.xml:535(ulink)
6178
#: serverguide/C/vcs.xml:537(ulink)
5761
6179
msgid "Bazaar Home Page"
5762
6180
msgstr ""
5763
6181
5764
#: serverguide/C/vcs.xml:536(ulink)
6182
#: serverguide/C/vcs.xml:538(ulink)
5765
6183
msgid "Launchpad"
5766
6184
msgstr ""
5767
6185
5768
#: serverguide/C/vcs.xml:537(ulink)
6186
#: serverguide/C/vcs.xml:539(ulink)
5769
6187
msgid "Subversion Home Page"
5770
6188
msgstr ""
5771
6189
5772
#: serverguide/C/vcs.xml:538(ulink)
6190
#: serverguide/C/vcs.xml:540(ulink)
5773
6191
msgid "Subversion Book"
5774
6192
msgstr ""
5775
6193
5776
#: serverguide/C/vcs.xml:540(ulink)
6194
#: serverguide/C/vcs.xml:542(ulink)
5777
6195
msgid "CVS Manual"
5778
6196
msgstr ""
5779
6197
5854
6272
#: serverguide/C/security.xml:17(para)
5855
6273
msgid ""
5856
6274
"This chapter provides an overview of security related topics as they pertain "
5857
"to Ubuntu 9.04 Server Edition, and outlines simple measures you may use to "
6275
"to Ubuntu 9.10 Server Edition, and outlines simple measures you may use to "
5858
6276
"protect your server and network from any number of potential security "
5859
6277
"threats."
5860
6278
msgstr ""
6870
7288
msgid "Then edit <filename>/etc/ufw/sysctl.conf</filename> and uncomment:"
6871
7289
msgstr ""
6872
7290
6873
#: serverguide/C/security.xml:694(programlisting) serverguide/C/security.xml:772(programlisting)
7291
#: serverguide/C/security.xml:694(programlisting)
6874
7292
#, no-wrap
6875
7293
msgid ""
6876
7294
"\n"
6877
"net.ipv4.ip_forward=1\n"
7295
"net/ipv4/ip_forward=1\n"
6878
7296
msgstr ""
6879
7297
6880
7298
#: serverguide/C/security.xml:697(para)
6881
7299
msgid "Similarly, for IPv6 forwarding uncomment:"
6882
7300
msgstr ""
6883
7301
6884
#: serverguide/C/security.xml:700(programlisting) serverguide/C/security.xml:778(programlisting)
7302
#: serverguide/C/security.xml:700(programlisting)
6885
7303
#, no-wrap
6886
7304
msgid ""
6887
7305
"\n"
6888
"net.ipv6.conf.default.forwarding=1\n"
7306
"net/ipv6/conf/default/forwarding=1\n"
6889
7307
msgstr ""
6890
7308
6891
7309
#: serverguide/C/security.xml:705(para)
6980
7398
"uncomment the following line"
6981
7399
msgstr ""
6982
7400
7401
#: serverguide/C/security.xml:772(programlisting)
7402
#, no-wrap
7403
msgid ""
7404
"\n"
7405
"net.ipv4.ip_forward=1\n"
7406
msgstr ""
7407
6983
7408
#: serverguide/C/security.xml:775(para)
6984
7409
msgid "If you wish to enable IPv6 forwarding also uncomment:"
6985
7410
msgstr ""
6986
7411
7412
#: serverguide/C/security.xml:778(programlisting)
7413
#, no-wrap
7414
msgid ""
7415
"\n"
7416
"net.ipv6.conf.default.forwarding=1\n"
7417
msgstr ""
7418
6987
7419
#: serverguide/C/security.xml:783(para)
6988
7420
msgid ""
6989
7421
"Next, execute the <application>sysctl</application> command to enable the "
8160
8592
"<filename>/srv</filename>:"
8161
8593
msgstr ""
8162
8594
8163
#: serverguide/C/security.xml:1758(command) serverguide/C/clustering.xml:185(command)
8595
#: serverguide/C/security.xml:1758(command) serverguide/C/clustering.xml:192(command)
8164
8596
msgid "sudo cp -r /etc/default /srv"
8165
8597
msgstr ""
8166
8598
8168
8600
msgid "Now unmount <filename>/srv</filename>, and try to view a file:"
8169
8601
msgstr ""
8170
8602
8171
#: serverguide/C/security.xml:1766(command) serverguide/C/installation.xml:1088(command) serverguide/C/clustering.xml:193(command)
8603
#: serverguide/C/security.xml:1766(command) serverguide/C/installation.xml:1089(command) serverguide/C/clustering.xml:200(command)
8172
8604
msgid "sudo umount /srv"
8173
8605
msgstr ""
8174
8606
9296
9728
msgid ""
9297
9729
"\n"
9298
9730
"Unattended-Upgrade::Allowed-Origins {\n"
9299
" \"Ubuntu jaunty-security\";\n"
9300
"// \"Ubuntu jaunty-updates\";\n"
9731
" \"Ubuntu karmic-security\";\n"
9732
"// \"Ubuntu karmic-updates\";\n"
9301
9733
"};\n"
9302
9734
msgstr ""
9303
9735
9404
9836
msgid ""
9405
9837
"\n"
9406
9838
"# no more prompting for CD-ROM please\n"
9407
"# deb cdrom:[Ubuntu 9.04_Jaunty_Jackalope - Release i386 (20070419.1)]/ "
9408
"jaunty main restricted\n"
9839
"# deb cdrom:[Ubuntu 9.10_Karmic_Koala - Release i386 (20070419.1)]/ karmic "
9840
"main restricted\n"
9409
9841
msgstr ""
9410
9842
9411
9843
#: serverguide/C/package-management.xml:388(title)
9461
9893
#, no-wrap
9462
9894
msgid ""
9463
9895
"\n"
9464
"deb http://archive.ubuntu.com/ubuntu jaunty universe multiverse\n"
9465
"deb-src http://archive.ubuntu.com/ubuntu jaunty universe multiverse\n"
9466
"\n"
9467
"deb http://us.archive.ubuntu.com/ubuntu/ jaunty universe\n"
9468
"deb-src http://us.archive.ubuntu.com/ubuntu/ jaunty universe\n"
9469
"deb http://us.archive.ubuntu.com/ubuntu/ jaunty-updates universe\n"
9470
"deb-src http://us.archive.ubuntu.com/ubuntu/ jaunty-updates universe\n"
9471
"\n"
9472
"deb http://us.archive.ubuntu.com/ubuntu/ jaunty multiverse\n"
9473
"deb-src http://us.archive.ubuntu.com/ubuntu/ jaunty multiverse\n"
9474
"deb http://us.archive.ubuntu.com/ubuntu/ jaunty-updates multiverse\n"
9475
"deb-src http://us.archive.ubuntu.com/ubuntu/ jaunty-updates multiverse\n"
9476
"\n"
9477
"deb http://security.ubuntu.com/ubuntu jaunty-security universe\n"
9478
"deb-src http://security.ubuntu.com/ubuntu jaunty-security universe\n"
9479
"deb http://security.ubuntu.com/ubuntu jaunty-security multiverse\n"
9480
"deb-src http://security.ubuntu.com/ubuntu jaunty-security multiverse\n"
9896
"deb http://archive.ubuntu.com/ubuntu karmic universe multiverse\n"
9897
"deb-src http://archive.ubuntu.com/ubuntu karmic universe multiverse\n"
9898
"\n"
9899
"deb http://us.archive.ubuntu.com/ubuntu/ karmic universe\n"
9900
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic universe\n"
9901
"deb http://us.archive.ubuntu.com/ubuntu/ karmic-updates universe\n"
9902
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic-updates universe\n"
9903
"\n"
9904
"deb http://us.archive.ubuntu.com/ubuntu/ karmic multiverse\n"
9905
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic multiverse\n"
9906
"deb http://us.archive.ubuntu.com/ubuntu/ karmic-updates multiverse\n"
9907
"deb-src http://us.archive.ubuntu.com/ubuntu/ karmic-updates multiverse\n"
9908
"\n"
9909
"deb http://security.ubuntu.com/ubuntu karmic-security universe\n"
9910
"deb-src http://security.ubuntu.com/ubuntu karmic-security universe\n"
9911
"deb http://security.ubuntu.com/ubuntu karmic-security multiverse\n"
9912
"deb-src http://security.ubuntu.com/ubuntu karmic-security multiverse\n"
9481
9913
msgstr ""
9482
9914
9483
9915
#: serverguide/C/package-management.xml:434(para)
9727
10159
msgid ""
9728
10160
"The main configuration file, "
9729
10161
"<filename>/etc/etckeeper/etckeeper.conf</filename>, is fairly simple. The "
9730
"main options being which VCS and which package management system to use. By "
9731
"default <application>etckeeper</application> is configured to use "
9732
"<application>bzr</application> for version control, "
9733
"<application>apt</application> for high level package mangement, and "
9734
"<application>dpkg</application> for low level package management."
9735
msgstr ""
9736
9737
#: serverguide/C/other-apps.xml:200(para)
10162
"main option is which VCS to use. By default "
10163
"<application>etckeeper</application> is configured to use "
10164
"<application>bzr</application> for version control. The repository is "
10165
"automatically initialized (and committed for the first time) during package "
10166
"installation. It is possible to undo this by entering the following command:"
10167
msgstr ""
10168
10169
#: serverguide/C/other-apps.xml:203(command)
10170
msgid "sudo etckeeper uninit"
10171
msgstr ""
10172
10173
#: serverguide/C/other-apps.xml:206(para)
9738
10174
msgid ""
9739
"With the package installed, it is time to initialize the repository. In a "
9740
"terminal enter:"
9741
msgstr ""
9742
9743
#: serverguide/C/other-apps.xml:205(command)
9744
msgid "sudo etckeeper init"
9745
msgstr ""
9746
9747
#: serverguide/C/other-apps.xml:208(para)
9748
msgid "Next, commit the files to the repository:"
9749
msgstr ""
9750
9751
#: serverguide/C/other-apps.xml:213(command)
9752
msgid "sudo etckeeper commit \"initial import\""
9753
msgstr ""
9754
9755
#: serverguide/C/other-apps.xml:216(para)
10175
"By default, etckeeper will commit uncommitted changes made to /etc daily. "
10176
"This can be disabled using the AVOID_DAILY_AUTOCOMMITS configuration option. "
10177
"It will also automatically commit changes before and after package "
10178
"installation. For a more precise tracking of changes, it is recommended to "
10179
"commit your changes manually, together with a commit message, using:"
10180
msgstr ""
10181
10182
#: serverguide/C/other-apps.xml:215(command)
10183
msgid "sudo etckeeper commit \"..Reason for configuration change..\""
10184
msgstr ""
10185
10186
#: serverguide/C/other-apps.xml:218(para)
9756
10187
msgid ""
9757
10188
"Using the VCS commands you can view log information about files in "
9758
10189
"<filename>/etc</filename>:"
9759
10190
msgstr ""
9760
10191
9761
#: serverguide/C/other-apps.xml:221(command)
9762
msgid "sudo bzr log /etc/passswd"
10192
#: serverguide/C/other-apps.xml:223(command)
10193
msgid "sudo bzr log /etc/passwd"
9763
10194
msgstr ""
9764
10195
9765
#: serverguide/C/other-apps.xml:224(para)
10196
#: serverguide/C/other-apps.xml:226(para)
9766
10197
msgid ""
9767
10198
"To demonstrate the integration with the package management system, install "
9768
10199
"<application>postfix</application>:"
9769
10200
msgstr ""
9770
10201
9771
#: serverguide/C/other-apps.xml:229(command) serverguide/C/mail.xml:38(command)
10202
#: serverguide/C/other-apps.xml:231(command) serverguide/C/mail.xml:45(command)
9772
10203
msgid "sudo apt-get install postfix"
9773
10204
msgstr ""
9774
10205
9775
#: serverguide/C/other-apps.xml:232(para)
10206
#: serverguide/C/other-apps.xml:234(para)
9776
10207
msgid ""
9777
10208
"When the installation is finished, all the "
9778
10209
"<application>postfix</application> configuration files should be committed "
9779
10210
"to the repository:"
9780
10211
msgstr ""
9781
10212
9782
#: serverguide/C/other-apps.xml:238(computeroutput)
10213
#: serverguide/C/other-apps.xml:240(computeroutput)
9783
10214
#, no-wrap
9784
10215
msgid ""
9785
10216
"Committing to: /etc/\n"
9822
10253
"Committed revision 2."
9823
10254
msgstr ""
9824
10255
9825
#: serverguide/C/other-apps.xml:278(para)
10256
#: serverguide/C/other-apps.xml:280(para)
9826
10257
msgid ""
9827
10258
"For an example of how <application>etckeeper</application> tracks manual "
9828
10259
"changes, add new a host to <filename>/etc/hosts</filename>. Using "
9829
10260
"<application>bzr</application> you can see which files have been modified:"
9830
10261
msgstr ""
9831
10262
9832
#: serverguide/C/other-apps.xml:284(command)
10263
#: serverguide/C/other-apps.xml:286(command)
9833
10264
msgid "sudo bzr status /etc/"
9834
10265
msgstr ""
9835
10266
9836
#: serverguide/C/other-apps.xml:285(computeroutput)
10267
#: serverguide/C/other-apps.xml:287(computeroutput)
9837
10268
#, no-wrap
9838
10269
msgid ""
9839
10270
"modified:\n"
9840
10271
" hosts"
9841
10272
msgstr ""
9842
10273
9843
#: serverguide/C/other-apps.xml:289(para)
10274
#: serverguide/C/other-apps.xml:291(para)
9844
10275
msgid "Now commit the changes:"
9845
10276
msgstr ""
9846
10277
9847
#: serverguide/C/other-apps.xml:294(command)
10278
#: serverguide/C/other-apps.xml:296(command)
9848
10279
msgid "sudo etckeeper commit \"new host\""
9849
10280
msgstr ""
9850
10281
9851
#: serverguide/C/other-apps.xml:297(para)
10282
#: serverguide/C/other-apps.xml:299(para)
9852
10283
msgid ""
9853
10284
"For more information on <application>bzr</application> see <xref "
9854
10285
"linkend=\"bazaar\"/>."
9855
10286
msgstr ""
9856
10287
9857
#: serverguide/C/other-apps.xml:303(title)
10288
#: serverguide/C/other-apps.xml:305(title)
9858
10289
msgid "Screen Profiles"
9859
10290
msgstr ""
9860
10291
9861
#: serverguide/C/other-apps.xml:305(para)
10292
#: serverguide/C/other-apps.xml:307(para)
9862
10293
msgid ""
9863
10294
"One of the most useful applications for any system administrator is "
9864
10295
"<application>screen</application>. It allows the execution of multiple "
9868
10299
"profiles</application> package was created."
9869
10300
msgstr ""
9870
10301
9871
#: serverguide/C/other-apps.xml:312(para)
10302
#: serverguide/C/other-apps.xml:314(para)
9872
10303
msgid ""
9873
10304
"When executing <application>screen</application> for the first time you will "
9874
10305
"be presented with the <application>screen-profiles-helper</application> "
9875
10306
"menu. This menu will allow you to:"
9876
10307
msgstr ""
9877
10308
9878
#: serverguide/C/other-apps.xml:318(para)
10309
#: serverguide/C/other-apps.xml:320(para)
9879
10310
msgid "View the Help menu"
9880
10311
msgstr ""
9881
10312
9882
#: serverguide/C/other-apps.xml:319(para)
10313
#: serverguide/C/other-apps.xml:321(para)
9883
10314
msgid "Change the key binding set"
9884
10315
msgstr ""
9885
10316
9886
#: serverguide/C/other-apps.xml:320(para)
10317
#: serverguide/C/other-apps.xml:322(para)
9887
10318
msgid "Change screen profiles"
9888
10319
msgstr ""
9889
10320
9890
#: serverguide/C/other-apps.xml:321(para)
10321
#: serverguide/C/other-apps.xml:323(para)
9891
10322
msgid "Change the escape sequence"
9892
10323
msgstr ""
9893
10324
9894
#: serverguide/C/other-apps.xml:322(para)
10325
#: serverguide/C/other-apps.xml:324(para)
9895
10326
msgid "Create new screen windows"
9896
10327
msgstr ""
9897
10328
9898
#: serverguide/C/other-apps.xml:323(para)
10329
#: serverguide/C/other-apps.xml:325(para)
9899
10330
msgid "Manage the default windows"
9900
10331
msgstr ""
9901
10332
9902
#: serverguide/C/other-apps.xml:324(para)
10333
#: serverguide/C/other-apps.xml:326(para)
9903
10334
msgid "Install screen by default at login"
9904
10335
msgstr ""
9905
10336
9906
#: serverguide/C/other-apps.xml:327(para)
10337
#: serverguide/C/other-apps.xml:329(para)
9907
10338
msgid ""
9908
10339
"The <emphasis>key bindings</emphasis> determine such things as the escape "
9909
10340
"sequence, new window, change window, etc. There are two key binding sets to "
9912
10343
"<emphasis>none</emphasis> set."
9913
10344
msgstr ""
9914
10345
9915
#: serverguide/C/other-apps.xml:333(para)
10346
#: serverguide/C/other-apps.xml:335(para)
9916
10347
msgid ""
9917
10348
"The Ubuntu <application>screen-profiles</application> provide a menu which "
9918
10349
"displays the Ubuntu release, processor information, memory information, and "
9922
10353
"change profiles, in a terminal enter:"
9923
10354
msgstr ""
9924
10355
9925
#: serverguide/C/other-apps.xml:341(command)
10356
#: serverguide/C/other-apps.xml:343(command)
9926
10357
msgid "select-screen-profile -s ubuntu-light"
9927
10358
msgstr ""
9928
10359
9929
#: serverguide/C/other-apps.xml:344(para)
10360
#: serverguide/C/other-apps.xml:346(para)
9930
10361
msgid ""
9931
10362
"The <emphasis>plain</emphasis> profile will change "
9932
10363
"<application>screen</application> back to the defaults, which does not "
9933
10364
"include the information menu at the bottom."
9934
10365
msgstr ""
9935
10366
9936
#: serverguide/C/other-apps.xml:349(para)
10367
#: serverguide/C/other-apps.xml:351(para)
9937
10368
msgid ""
9938
10369
"Using the <emphasis>\"Install screen by default at login\"</emphasis> option "
9939
10370
"will cause screen to be executed any time a terminal is opened. Changes made "
9941
10372
"affect other users on the system."
9942
10373
msgstr ""
9943
10374
9944
#: serverguide/C/other-apps.xml:354(para)
10375
#: serverguide/C/other-apps.xml:356(para)
9945
10376
msgid ""
9946
10377
"One difference when using screen is the <emphasis>scrollback</emphasis> "
9947
10378
"mode. If you are using one of the Ubuntu profiles press the "
9951
10382
"commands:"
9952
10383
msgstr ""
9953
10384
9954
#: serverguide/C/other-apps.xml:361(para)
10385
#: serverguide/C/other-apps.xml:363(para)
9955
10386
msgid "<emphasis>h</emphasis> - Move the cursor left by one character"
9956
10387
msgstr ""
9957
10388
9958
#: serverguide/C/other-apps.xml:362(para)
10389
#: serverguide/C/other-apps.xml:364(para)
9959
10390
msgid "<emphasis>j</emphasis> - Move the cursor down by one line"
9960
10391
msgstr ""
9961
10392
9962
#: serverguide/C/other-apps.xml:363(para)
10393
#: serverguide/C/other-apps.xml:365(para)
9963
10394
msgid "<emphasis>k</emphasis> - Move the cursor up by one line"
9964
10395
msgstr ""
9965
10396
9966
#: serverguide/C/other-apps.xml:364(para)
10397
#: serverguide/C/other-apps.xml:366(para)
9967
10398
msgid "<emphasis>l</emphasis> - Move the cursor right by one character"
9968
10399
msgstr ""
9969
10400
9970
#: serverguide/C/other-apps.xml:365(para)
10401
#: serverguide/C/other-apps.xml:367(para)
9971
10402
msgid "<emphasis>0</emphasis> - Move to the beginning of the current line"
9972
10403
msgstr ""
9973
10404
9974
#: serverguide/C/other-apps.xml:366(para)
10405
#: serverguide/C/other-apps.xml:368(para)
9975
10406
msgid "<emphasis>$</emphasis> - Move to the end of the current line"
9976
10407
msgstr ""
9977
10408
9978
#: serverguide/C/other-apps.xml:367(para)
10409
#: serverguide/C/other-apps.xml:369(para)
9979
10410
msgid ""
9980
10411
"<emphasis>G</emphasis> - Moves to the specified line (defaults to the end of "
9981
10412
"the buffer)"
9982
10413
msgstr ""
9983
10414
9984
#: serverguide/C/other-apps.xml:368(para)
10415
#: serverguide/C/other-apps.xml:370(para)
9985
10416
msgid "<emphasis>C-u</emphasis> - Scrolls a half page up"
9986
10417
msgstr ""
9987
10418
9988
#: serverguide/C/other-apps.xml:369(para)
10419
#: serverguide/C/other-apps.xml:371(para)
9989
10420
msgid "<emphasis>C-b</emphasis> - Scrolls a full page up"
9990
10421
msgstr ""
9991
10422
9992
#: serverguide/C/other-apps.xml:370(para)
10423
#: serverguide/C/other-apps.xml:372(para)
9993
10424
msgid "<emphasis>C-d</emphasis> - Scrolls a half page down"
9994
10425
msgstr ""
9995
10426
9996
#: serverguide/C/other-apps.xml:371(para)
10427
#: serverguide/C/other-apps.xml:373(para)
9997
10428
msgid "<emphasis>C-f</emphasis> - Scrolls the full page down"
9998
10429
msgstr ""
9999
10430
10000
#: serverguide/C/other-apps.xml:372(para)
10431
#: serverguide/C/other-apps.xml:374(para)
10001
10432
msgid "<emphasis>/</emphasis> - Search forward"
10002
10433
msgstr ""
10003
10434
10004
#: serverguide/C/other-apps.xml:373(para)
10435
#: serverguide/C/other-apps.xml:375(para)
10005
10436
msgid "<emphasis>?</emphasis> - Search backward"
10006
10437
msgstr ""
10007
10438
10008
#: serverguide/C/other-apps.xml:374(para)
10439
#: serverguide/C/other-apps.xml:376(para)
10009
10440
msgid ""
10010
10441
"<emphasis>n</emphasis> - Moves to the next match, either forward or backword"
10011
10442
msgstr ""
10012
10443
10013
#: serverguide/C/other-apps.xml:383(para)
10444
#: serverguide/C/other-apps.xml:385(para)
10014
10445
msgid ""
10015
10446
"See the <ulink "
10016
10447
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man1/update-"
10018
10449
"<application>update-motd</application>."
10019
10450
msgstr ""
10020
10451
10021
#: serverguide/C/other-apps.xml:389(para)
10452
#: serverguide/C/other-apps.xml:391(para)
10022
10453
msgid ""
10023
10454
"The Debian Package of the Day <ulink "
10024
10455
"url=\"http://debaday.debian.net/2007/10/04/weather-check-weather-conditions-"
10026
10457
"details about using the <application>weather</application>utility."
10027
10458
msgstr ""
10028
10459
10029
#: serverguide/C/other-apps.xml:396(para)
10460
#: serverguide/C/other-apps.xml:398(para)
10030
10461
msgid ""
10031
10462
"See the <ulink "
10032
10463
"url=\"http://kitenet.net/~joey/code/etckeeper/\">etckeeper</ulink> site for "
10033
10464
"more details on using <application>etckeeper</application>."
10034
10465
msgstr ""
10035
10466
10036
#: serverguide/C/other-apps.xml:402(para)
10467
#: serverguide/C/other-apps.xml:404(para)
10037
10468
msgid ""
10038
10469
"For the latest news and information about <application>bzr</application> see "
10039
10470
"the <ulink url=\"http://bazaar-vcs.org/\">bzr</ulink> web site."
10040
10471
msgstr ""
10041
10472
10042
#: serverguide/C/other-apps.xml:407(para)
10473
#: serverguide/C/other-apps.xml:409(para)
10043
10474
msgid ""
10044
10475
"For more information on <application>screen</application> see the <ulink "
10045
10476
"url=\"http://www.gnu.org/software/screen/\">screen web site</ulink>."
10046
10477
msgstr ""
10047
10478
10048
#: serverguide/C/other-apps.xml:412(para)
10479
#: serverguide/C/other-apps.xml:414(para)
10049
10480
msgid ""
10050
10481
"Also, see the <application>screen-profiles</application><ulink "
10051
10482
"url=\"https://launchpad.net/screen-profiles\">project page</ulink> for more "
10335
10766
msgid "Now restart networking to enable the bridge interface:"
10336
10767
msgstr ""
10337
10768
10338
#: serverguide/C/network-config.xml:240(para)
10339
msgid ""
10340
"If setting up a bridge interface using Ubuntu Desktop Edition, or if "
10341
"<application>dhcdbd</application> is installed, the "
10342
"<application>dhcdbd</application> daemon will need to be stopped and "
10343
"disabled."
10344
msgstr ""
10345
10346
#: serverguide/C/network-config.xml:245(para)
10347
msgid ""
10348
"After configuring the bridge in "
10349
"<filename>/etc/network/interfaces</filename>, shutdown "
10350
"<application>dhcdbd</application> by:"
10351
msgstr ""
10352
10353
#: serverguide/C/network-config.xml:250(command)
10354
msgid "sudo /etc/init.d/dhcdbd stop"
10355
msgstr ""
10356
10357
#: serverguide/C/network-config.xml:253(para)
10358
msgid "Now to disable it from starting on boot enter:"
10359
msgstr ""
10360
10361
#: serverguide/C/network-config.xml:258(command)
10362
msgid "sudo update-rc.d -f dhcdbd remove"
10363
msgstr ""
10364
10365
#: serverguide/C/network-config.xml:261(para)
10769
#: serverguide/C/network-config.xml:239(para)
10366
10770
msgid ""
10367
10771
"The new bridge interface should now be up and running. The "
10368
10772
"<application>brctl</application> provides useful information about the state "
10370
10774
"<command>man brctl</command> for more information."
10371
10775
msgstr ""
10372
10776
10373
#: serverguide/C/network-config.xml:277(para)
10777
#: serverguide/C/network-config.xml:255(para)
10374
10778
msgid ""
10375
10779
"The <ulink "
10376
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/interfaces.5.html\">"
10377
"interafaces man page</ulink> has details on more options for "
10780
"url=\"http://manpages.ubuntu.com/manpages/karmic/en/man5/interfaces.5.html\">"
10781
"interfaces man page</ulink> has details on more options for "
10378
10782
"<filename>/etc/network/interfaces</filename>."
10379
10783
msgstr ""
10380
10784
10381
#: serverguide/C/network-config.xml:283(para)
10785
#: serverguide/C/network-config.xml:261(para)
10382
10786
msgid ""
10383
10787
"For more information on DNS client configuration see the <ulink "
10384
10788
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/resolver.5.html\">re"
10388
10792
"configuration information."
10389
10793
msgstr ""
10390
10794
10391
#: serverguide/C/network-config.xml:291(para)
10795
#: serverguide/C/network-config.xml:269(para)
10392
10796
msgid ""
10393
10797
"For more information on <emphasis>bridging</emphasis> see the <ulink "
10394
10798
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/brctl.8.html\">brctl"
10396
10800
"url=\"http://www.linuxfoundation.org/en/Net:Bridge\">Net:Bridge</ulink> page."
10397
10801
msgstr ""
10398
10802
10399
#: serverguide/C/network-config.xml:302(title)
10803
#: serverguide/C/network-config.xml:280(title)
10400
10804
msgid "TCP/IP"
10401
10805
msgstr ""
10402
10806
10403
#: serverguide/C/network-config.xml:303(para)
10807
#: serverguide/C/network-config.xml:281(para)
10404
10808
msgid ""
10405
10809
"The Transmission Control Protocol and Internet Protocol (TCP/IP) is a "
10406
10810
"standard set of protocols developed in the late 1970s by the Defense "
10410
10814
"network protocols on Earth."
10411
10815
msgstr ""
10412
10816
10413
#: serverguide/C/network-config.xml:311(title)
10817
#: serverguide/C/network-config.xml:289(title)
10414
10818
msgid "TCP/IP Introduction"
10415
10819
msgstr ""
10416
10820
10417
#: serverguide/C/network-config.xml:312(para)
10821
#: serverguide/C/network-config.xml:290(para)
10418
10822
msgid ""
10419
10823
"The two protocol components of TCP/IP deal with different aspects of "
10420
10824
"computer networking. <emphasis>Internet Protocol</emphasis>, the \"IP\" of "
10429
10833
"host."
10430
10834
msgstr ""
10431
10835
10432
#: serverguide/C/network-config.xml:325(title)
10836
#: serverguide/C/network-config.xml:303(title)
10433
10837
msgid "TCP/IP Configuration"
10434
10838
msgstr ""
10435
10839
10436
#: serverguide/C/network-config.xml:326(para)
10840
#: serverguide/C/network-config.xml:304(para)
10437
10841
msgid ""
10438
10842
"The TCP/IP protocol configuration consists of several elements which must be "
10439
10843
"set by editing the appropriate configuration files, or deploying solutions "
10444
10848
"system."
10445
10849
msgstr ""
10446
10850
10447
#: serverguide/C/network-config.xml:338(para)
10851
#: serverguide/C/network-config.xml:316(para)
10448
10852
msgid ""
10449
10853
"<emphasis role=\"bold\">IP address</emphasis> The IP address is a unique "
10450
10854
"identifying string expressed as four decimal numbers ranging from zero (0) "
10454
10858
"<emphasis>dotted quad notation</emphasis>."
10455
10859
msgstr ""
10456
10860
10457
#: serverguide/C/network-config.xml:348(para)
10861
#: serverguide/C/network-config.xml:326(para)
10458
10862
msgid ""
10459
10863
"<emphasis role=\"bold\">Netmask</emphasis> The Subnet Mask (or simply, "
10460
10864
"<emphasis>netmask</emphasis>) is a local bit mask, or set of flags which "
10465
10869
"remain available for specifying hosts on the subnetwork."
10466
10870
msgstr ""
10467
10871
10468
#: serverguide/C/network-config.xml:359(para)
10872
#: serverguide/C/network-config.xml:337(para)
10469
10873
msgid ""
10470
10874
"<emphasis role=\"bold\">Network Address</emphasis> The Network Address "
10471
10875
"represents the bytes comprising the network portion of an IP address. For "
10478
10882
"network and a zero (0) for all the possible hosts on the network."
10479
10883
msgstr ""
10480
10884
10481
#: serverguide/C/network-config.xml:372(para)
10885
#: serverguide/C/network-config.xml:350(para)
10482
10886
msgid ""
10483
10887
"<emphasis role=\"bold\">Broadcast Address</emphasis> The Broadcast Address "
10484
10888
"is an IP address which allows network data to be sent simultaneously to all "
10492
10896
"Address Resolution Protocol (ARP) and the Routing Information Protocol (RIP)."
10493
10897
msgstr ""
10494
10898
10495
#: serverguide/C/network-config.xml:385(para)
10899
#: serverguide/C/network-config.xml:363(para)
10496
10900
msgid ""
10497
10901
"<emphasis role=\"bold\">Gateway Address</emphasis> A Gateway Address is the "
10498
10902
"IP address through which a particular network, or host on a network, may be "
10505
10909
"not be able to reach any hosts beyond those on the same network."
10506
10910
msgstr ""
10507
10911
10508
#: serverguide/C/network-config.xml:396(para)
10912
#: serverguide/C/network-config.xml:374(para)
10509
10913
msgid ""
10510
10914
"<emphasis role=\"bold\">Nameserver Address</emphasis> Nameserver Addresses "
10511
10915
"represent the IP addresses of Domain Name Service (DNS) systems, which "
10521
10925
"the Level3 (Verizon) servers with IP addresses from 4.2.2.1 to 4.2.2.6."
10522
10926
msgstr ""
10523
10927
10524
#: serverguide/C/network-config.xml:410(para)
10928
#: serverguide/C/network-config.xml:388(para)
10525
10929
msgid ""
10526
10930
"The IP address, Netmask, Network Address, Broadcast Address, and Gateway "
10527
10931
"Address are typically specified via the appropriate directives in the file "
10533
10937
"typed at a terminal prompt:"
10534
10938
msgstr ""
10535
10939
10536
#: serverguide/C/network-config.xml:417(para)
10940
#: serverguide/C/network-config.xml:395(para)
10537
10941
msgid ""
10538
10942
"Access the system manual page for <filename>interfaces</filename> with the "
10539
10943
"following command:"
10540
10944
msgstr ""
10541
10945
10542
#: serverguide/C/network-config.xml:422(command)
10946
#: serverguide/C/network-config.xml:400(command)
10543
10947
msgid "man interfaces"
10544
10948
msgstr ""
10545
10949
10546
#: serverguide/C/network-config.xml:425(para)
10950
#: serverguide/C/network-config.xml:403(para)
10547
10951
msgid ""
10548
10952
"Access the system manual page for <filename>resolv.conf</filename> with the "
10549
10953
"following command:"
10550
10954
msgstr ""
10551
10955
10552
#: serverguide/C/network-config.xml:429(command)
10956
#: serverguide/C/network-config.xml:407(command)
10553
10957
msgid "man resolv.conf"
10554
10958
msgstr ""
10555
10959
10556
#: serverguide/C/network-config.xml:334(para)
10960
#: serverguide/C/network-config.xml:312(para)
10557
10961
msgid ""
10558
10962
"The common configuration elements of TCP/IP and their purposes are as "
10559
10963
"follows: <placeholder-1/>"
10560
10964
msgstr ""
10561
10965
10562
#: serverguide/C/network-config.xml:436(title)
10966
#: serverguide/C/network-config.xml:414(title)
10563
10967
msgid "IP Routing"
10564
10968
msgstr ""
10565
10969
10566
#: serverguide/C/network-config.xml:437(para)
10970
#: serverguide/C/network-config.xml:415(para)
10567
10971
msgid ""
10568
10972
"IP routing is a means of specifying and discovering paths in a TCP/IP "
10569
10973
"network along which network data may be sent. Routing uses a set of "
10574
10978
"<emphasis>Dynamic Routing.</emphasis>"
10575
10979
msgstr ""
10576
10980
10577
#: serverguide/C/network-config.xml:446(para)
10981
#: serverguide/C/network-config.xml:424(para)
10578
10982
msgid ""
10579
10983
"Static routing involves manually adding IP routes to the system's routing "
10580
10984
"table, and this is usually done by manipulating the routing table with the "
10589
10993
"and failures along the route due to the fixed nature of the route."
10590
10994
msgstr ""
10591
10995
10592
#: serverguide/C/network-config.xml:456(para)
10996
#: serverguide/C/network-config.xml:434(para)
10593
10997
msgid ""
10594
10998
"Dynamic routing depends on large networks with multiple possible IP routes "
10595
10999
"from a source to a destination and makes use of special routing protocols, "
10606
11010
"immediately benefit the end users, but still consumes network bandwidth."
10607
11011
msgstr ""
10608
11012
10609
#: serverguide/C/network-config.xml:470(title)
11013
#: serverguide/C/network-config.xml:448(title)
10610
11014
msgid "TCP and UDP"
10611
11015
msgstr ""
10612
11016
10613
#: serverguide/C/network-config.xml:471(para)
11017
#: serverguide/C/network-config.xml:449(para)
10614
11018
msgid ""
10615
11019
"TCP is a connection-based protocol, offering error correction and guaranteed "
10616
11020
"delivery of data via what is known as <emphasis>flow control</emphasis>. "
10621
11025
"important information such as database transactions."
10622
11026
msgstr ""
10623
11027
10624
#: serverguide/C/network-config.xml:479(para)
11028
#: serverguide/C/network-config.xml:457(para)
10625
11029
msgid ""
10626
11030
"The User Datagram Protocol (UDP), on the other hand, is a "
10627
11031
"<emphasis>connectionless</emphasis> protocol which seldom deals with the "
10632
11036
"loss of a few packets is not generally catastrophic."
10633
11037
msgstr ""
10634
11038
10635
#: serverguide/C/network-config.xml:489(title)
11039
#: serverguide/C/network-config.xml:467(title)
10636
11040
msgid "ICMP"
10637
11041
msgstr ""
10638
11042
10639
#: serverguide/C/network-config.xml:490(para)
11043
#: serverguide/C/network-config.xml:468(para)
10640
11044
msgid ""
10641
11045
"The Internet Control Messaging Protocol (ICMP) is an extension to the "
10642
11046
"Internet Protocol (IP) as defined in the Request For Comments (RFC) #792 and "
10649
11053
"<emphasis>Time Exceeded</emphasis>."
10650
11054
msgstr ""
10651
11055
10652
#: serverguide/C/network-config.xml:500(title)
11056
#: serverguide/C/network-config.xml:478(title)
10653
11057
msgid "Daemons"
10654
11058
msgstr ""
10655
11059
10656
#: serverguide/C/network-config.xml:501(para)
11060
#: serverguide/C/network-config.xml:479(para)
10657
11061
msgid ""
10658
11062
"Daemons are special system applications which typically execute continuously "
10659
11063
"in the background and await requests for the functions they provide from "
10667
11071
"Daemon</emphasis> (imapd), which provides E-Mail services."
10668
11072
msgstr ""
10669
11073
10670
#: serverguide/C/network-config.xml:516(para)
11074
#: serverguide/C/network-config.xml:494(para)
10671
11075
msgid ""
10672
11076
"There are man pages for <ulink "
10673
11077
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man7/tcp.7.html\">TCP</ul"
10676
11080
"that contain more useful information."
10677
11081
msgstr ""
10678
11082
10679
#: serverguide/C/network-config.xml:522(para)
11083
#: serverguide/C/network-config.xml:500(para)
10680
11084
msgid ""
10681
11085
"Also, see the <ulink "
10682
11086
"url=\"http://www.redbooks.ibm.com/abstracts/gg243376.html\">TCP/IP Tutorial "
10683
11087
"and Technical Overview</ulink> IBM Redbook."
10684
11088
msgstr ""
10685
11089
10686
#: serverguide/C/network-config.xml:528(para)
11090
#: serverguide/C/network-config.xml:506(para)
10687
11091
msgid ""
10688
11092
"Another resource is O'Reilly's <ulink "
10689
11093
"url=\"http://oreilly.com/catalog/9780596002978/\">TCP/IP Network "
10690
11094
"Administration</ulink>."
10691
11095
msgstr ""
10692
11096
10693
#: serverguide/C/network-config.xml:537(title)
11097
#: serverguide/C/network-config.xml:515(title)
10694
11098
msgid "Dynamic Host Configuration Protocol (DHCP)"
10695
11099
msgstr ""
10696
11100
10697
#: serverguide/C/network-config.xml:538(para)
11101
#: serverguide/C/network-config.xml:516(para)
10698
11102
msgid ""
10699
11103
"The Dynamic Host Configuration Protocol (DHCP) is a network service that "
10700
11104
"enables host computers to be automatically assigned settings from a server "
10703
11107
"DHCP server, and the configuration is transparent to the computer's user."
10704
11108
msgstr ""
10705
11109
10706
#: serverguide/C/network-config.xml:545(para)
11110
#: serverguide/C/network-config.xml:523(para)
10707
11111
msgid ""
10708
11112
"The most common settings provided by a DHCP server to DHCP clients include:"
10709
11113
msgstr ""
10710
11114
10711
#: serverguide/C/network-config.xml:550(para)
11115
#: serverguide/C/network-config.xml:528(para)
10712
11116
msgid "IP-Address and Netmask"
10713
11117
msgstr ""
10714
11118
10715
#: serverguide/C/network-config.xml:553(para)
11119
#: serverguide/C/network-config.xml:531(para)
10716
11120
msgid "DNS"
10717
11121
msgstr ""
10718
11122
10719
#: serverguide/C/network-config.xml:556(para)
11123
#: serverguide/C/network-config.xml:534(para)
10720
11124
msgid "WINS"
10721
11125
msgstr ""
10722
11126
10723
#: serverguide/C/network-config.xml:559(para)
11127
#: serverguide/C/network-config.xml:537(para)
10724
11128
msgid ""
10725
11129
"However, a DHCP server can also supply configuration properties such as:"
10726
11130
msgstr ""
10727
11131
10728
#: serverguide/C/network-config.xml:564(para)
11132
#: serverguide/C/network-config.xml:542(para)
10729
11133
msgid "Host Name"
10730
11134
msgstr ""
10731
11135
10732
#: serverguide/C/network-config.xml:567(para)
11136
#: serverguide/C/network-config.xml:545(para)
10733
11137
msgid "Domain Name"
10734
11138
msgstr ""
10735
11139
10736
#: serverguide/C/network-config.xml:570(para)
11140
#: serverguide/C/network-config.xml:548(para)
10737
11141
msgid "Default Gateway"
10738
11142
msgstr ""
10739
11143
10740
#: serverguide/C/network-config.xml:573(para)
11144
#: serverguide/C/network-config.xml:551(para)
10741
11145
msgid "Time Server"
10742
11146
msgstr ""
10743
11147
10744
#: serverguide/C/network-config.xml:576(para)
11148
#: serverguide/C/network-config.xml:554(para)
10745
11149
msgid "Print Server"
10746
11150
msgstr ""
10747
11151
10748
#: serverguide/C/network-config.xml:579(para)
11152
#: serverguide/C/network-config.xml:557(para)
10749
11153
msgid ""
10750
11154
"The advantage of using DHCP is that changes to the network, for example a "
10751
11155
"change in the address of the DNS server, need only be changed at the DHCP "
10756
11160
"also reduced."
10757
11161
msgstr ""
10758
11162
10759
#: serverguide/C/network-config.xml:587(para)
11163
#: serverguide/C/network-config.xml:565(para)
10760
11164
msgid "A DHCP server can provide configuration settings using two methods:"
10761
11165
msgstr ""
10762
11166
10763
#: serverguide/C/network-config.xml:592(term)
11167
#: serverguide/C/network-config.xml:570(term)
10764
11168
msgid "MAC Address"
10765
11169
msgstr ""
10766
11170
10767
#: serverguide/C/network-config.xml:594(para)
11171
#: serverguide/C/network-config.xml:572(para)
10768
11172
msgid ""
10769
11173
"This method entails using DHCP to identify the unique hardware address of "
10770
11174
"each network card connected to the network and then continually supplying a "
10772
11176
"server using that network device."
10773
11177
msgstr ""
10774
11178
10775
#: serverguide/C/network-config.xml:603(term)
11179
#: serverguide/C/network-config.xml:581(term)
10776
11180
msgid "Address Pool"
10777
11181
msgstr ""
10778
11182
10779
#: serverguide/C/network-config.xml:605(para)
11183
#: serverguide/C/network-config.xml:583(para)
10780
11184
msgid ""
10781
11185
"This method entails defining a pool (sometimes also called a range or scope) "
10782
11186
"of IP addresses from which DHCP clients are supplied their configuration "
10786
11190
"other DHCP Clients."
10787
11191
msgstr ""
10788
11192
10789
#: serverguide/C/network-config.xml:616(para)
11193
#: serverguide/C/network-config.xml:594(para)
10790
11194
msgid ""
10791
11195
"Ubuntu is shipped with both DHCP server and client. The server is "
10792
11196
"<application>dhcpd</application> (dynamic host configuration protocol "
10796
11200
"and configure and will be automatically started at system boot."
10797
11201
msgstr ""
10798
11202
10799
#: serverguide/C/network-config.xml:626(para)
11203
#: serverguide/C/network-config.xml:604(para)
10800
11204
msgid ""
10801
11205
"At a terminal prompt, enter the following command to install "
10802
11206
"<application>dhcpd</application>:"
10803
11207
msgstr ""
10804
11208
10805
#: serverguide/C/network-config.xml:631(command)
11209
#: serverguide/C/network-config.xml:609(command)
10806
11210
msgid "sudo apt-get install dhcp3-server"
10807
11211
msgstr ""
10808
11212
10809
#: serverguide/C/network-config.xml:633(para)
11213
#: serverguide/C/network-config.xml:611(para)
10810
11214
msgid ""
10811
11215
"You will probably need to change the default configuration by editing "
10812
11216
"/etc/dhcp3/dhcpd.conf to suit your needs and particular configuration."
10813
11217
msgstr ""
10814
11218
10815
#: serverguide/C/network-config.xml:637(para)
11219
#: serverguide/C/network-config.xml:615(para)
10816
11220
msgid ""
10817
11221
"You also need to edit /etc/default/dhcp3-server to specify the interfaces "
10818
11222
"dhcpd should listen to. By default it listens to eth0."
10819
11223
msgstr ""
10820
11224
10821
#: serverguide/C/network-config.xml:641(para)
11225
#: serverguide/C/network-config.xml:619(para)
10822
11226
msgid ""
10823
11227
"NOTE: dhcpd's messages are being sent to syslog. Look there for diagnostics "
10824
11228
"messages."
10825
11229
msgstr ""
10826
11230
10827
#: serverguide/C/network-config.xml:648(para)
11231
#: serverguide/C/network-config.xml:626(para)
10828
11232
msgid ""
10829
11233
"The error message the installation ends with might be a little confusing, "
10830
11234
"but the following steps will help you configure the service:"
10831
11235
msgstr ""
10832
11236
10833
#: serverguide/C/network-config.xml:652(para)
11237
#: serverguide/C/network-config.xml:630(para)
10834
11238
msgid ""
10835
11239
"Most commonly, what you want to do is assign an IP address randomly. This "
10836
11240
"can be done with settings as follows:"
10837
11241
msgstr ""
10838
11242
10839
#: serverguide/C/network-config.xml:656(programlisting)
11243
#: serverguide/C/network-config.xml:634(programlisting)
10840
11244
#, no-wrap
10841
11245
msgid ""
10842
11246
"\n"
10856
11260
"} \n"
10857
11261
msgstr ""
10858
11262
10859
#: serverguide/C/network-config.xml:672(para)
11263
#: serverguide/C/network-config.xml:650(para)
10860
11264
msgid ""
10861
11265
"This will result in the DHCP server giving a client an IP address from the "
10862
11266
"range 192.168.1.10-192.168.1.100 or 192.168.1.150-192.168.1.200. It will "
10867
11271
"the router/gateway and 192.168.1.1 and 192.168.1.2 as its DNS servers."
10868
11272
msgstr ""
10869
11273
10870
#: serverguide/C/network-config.xml:681(para)
11274
#: serverguide/C/network-config.xml:659(para)
10871
11275
msgid ""
10872
11276
"If you need to specify a WINS server for your Windows clients, you will need "
10873
11277
"to include the netbios-name-servers option, e.g."
10874
11278
msgstr ""
10875
11279
10876
#: serverguide/C/network-config.xml:685(programlisting)
11280
#: serverguide/C/network-config.xml:663(programlisting)
10877
11281
#, no-wrap
10878
11282
msgid ""
10879
11283
"\n"
10880
11284
"option netbios-name-servers 192.168.1.1; \n"
10881
11285
msgstr ""
10882
11286
10883
#: serverguide/C/network-config.xml:688(para)
11287
#: serverguide/C/network-config.xml:666(para)
10884
11288
msgid ""
10885
11289
"Dhcpd configuration settings are taken from the DHCP mini-HOWTO, which can "
10886
11290
"be found <ulink "
10887
11291
"url=\"http://www.tldp.org/HOWTO/DHCP/index.html\">here</ulink>."
10888
11292
msgstr ""
10889
11293
10890
#: serverguide/C/network-config.xml:698(para)
11294
#: serverguide/C/network-config.xml:676(para)
10891
11295
msgid ""
10892
11296
"For more <filename>/etc/dhcp3/dchpd.conf</filename> options see the <ulink "
10893
11297
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/dhcpd.conf.5.html\">"
10894
11298
"dhcpd.conf man page</ulink>."
10895
11299
msgstr ""
10896
11300
10897
#: serverguide/C/network-config.xml:704(para)
11301
#: serverguide/C/network-config.xml:682(para)
10898
11302
msgid ""
10899
11303
"Also see the <ulink url=\"http://www.dhcp-handbook.com/dhcp_faq.html\">DHCP "
10900
11304
"FAQ</ulink>"
10901
11305
msgstr ""
10902
11306
10903
#: serverguide/C/network-config.xml:714(title)
11307
#: serverguide/C/network-config.xml:692(title)
10904
11308
msgid "Time Synchronisation with NTP"
10905
11309
msgstr ""
10906
11310
10907
#: serverguide/C/network-config.xml:715(para)
11311
#: serverguide/C/network-config.xml:693(para)
10908
11312
msgid ""
10909
11313
"This page describes methods for keeping your computer's time accurate. This "
10910
11314
"is useful for servers, but is not necessary (or desirable) for desktop "
10911
11315
"machines."
10912
11316
msgstr ""
10913
11317
10914
#: serverguide/C/network-config.xml:718(para)
11318
#: serverguide/C/network-config.xml:696(para)
10915
11319
msgid ""
10916
11320
"NTP is a TCP/IP protocol for synchronising time over a network. Basically a "
10917
11321
"client requests the current time from a server, and uses it to set its own "
10918
11322
"clock."
10919
11323
msgstr ""
10920
11324
10921
#: serverguide/C/network-config.xml:721(para)
11325
#: serverguide/C/network-config.xml:699(para)
10922
11326
msgid ""
10923
11327
"Behind this simple description, there is a lot of complexity - there are "
10924
11328
"tiers of NTP servers, with the tier one NTP servers connected to atomic "
10930
11334
"from you!"
10931
11335
msgstr ""
10932
11336
10933
#: serverguide/C/network-config.xml:724(para)
11337
#: serverguide/C/network-config.xml:702(para)
10934
11338
msgid ""
10935
11339
"Ubuntu has two ways of automatically setting your time: ntpdate and ntpd."
10936
11340
msgstr ""
10937
11341
10938
#: serverguide/C/network-config.xml:729(title)
11342
#: serverguide/C/network-config.xml:707(title)
10939
11343
msgid "ntpdate"
10940
11344
msgstr ""
10941
11345
10942
#: serverguide/C/network-config.xml:730(para)
11346
#: serverguide/C/network-config.xml:708(para)
10943
11347
msgid ""
10944
11348
"Ubuntu comes with ntpdate as standard, and will run it once at boot time to "
10945
11349
"set up your time according to Ubuntu's NTP server. However, a server's clock "
10946
11350
"is likely to drift considerably between reboots, so it makes sense to "
10947
11351
"correct the time occasionally. The easiest way to do this is to get cron to "
10948
"run ntpdate every day. With your favourite editor, as root, create a file "
11352
"run ntpdate every day. With your favorite editor, as root, create a file "
10949
11353
"<code>/etc/cron.daily/ntpdate</code> containing:"
10950
11354
msgstr ""
10951
11355
10952
#: serverguide/C/network-config.xml:735(screen)
11356
#: serverguide/C/network-config.xml:713(screen)
10953
11357
#, no-wrap
10954
11358
msgid "ntpdate ntp.ubuntu.com\n"
10955
11359
msgstr ""
10956
11360
10957
#: serverguide/C/network-config.xml:737(para)
11361
#: serverguide/C/network-config.xml:715(para)
10958
11362
msgid ""
10959
11363
"The file <code>/etc/cron.daily/ntpdate</code> must also be executable."
10960
11364
msgstr ""
10961
11365
10962
#: serverguide/C/network-config.xml:740(screen)
11366
#: serverguide/C/network-config.xml:718(screen)
10963
11367
#, no-wrap
10964
11368
msgid "sudo chmod 755 /etc/cron.daily/ntpdate\n"
10965
11369
msgstr ""
10966
11370
10967
#: serverguide/C/network-config.xml:744(title)
11371
#: serverguide/C/network-config.xml:722(title)
10968
11372
msgid "ntpd"
10969
11373
msgstr ""
10970
11374
10971
#: serverguide/C/network-config.xml:745(para)
11375
#: serverguide/C/network-config.xml:723(para)
10972
11376
msgid ""
10973
11377
"ntpdate is a bit of a blunt instrument - it can only adjust the time once a "
10974
11378
"day, in one big correction. The ntp daemon ntpd is far more subtle. It "
10978
11382
"server this is negligible."
10979
11383
msgstr ""
10980
11384
10981
#: serverguide/C/network-config.xml:748(para)
11385
#: serverguide/C/network-config.xml:726(para)
10982
11386
msgid "To set up ntpd:"
10983
11387
msgstr ""
10984
11388
10985
#: serverguide/C/network-config.xml:749(screen)
11389
#: serverguide/C/network-config.xml:727(screen)
10986
11390
#, no-wrap
10987
11391
msgid "sudo apt-get install ntp\n"
10988
11392
msgstr ""
10989
11393
10990
#: serverguide/C/network-config.xml:754(title)
11394
#: serverguide/C/network-config.xml:732(title)
10991
11395
msgid "Changing Time Servers"
10992
11396
msgstr ""
10993
11397
10994
#: serverguide/C/network-config.xml:755(para)
11398
#: serverguide/C/network-config.xml:733(para)
10995
11399
msgid ""
10996
11400
"In both cases above, your system will use Ubuntu's NTP server at "
10997
11401
"<code>ntp.ubuntu.com</code> by default. This is OK, but you might want to "
11000
11404
"ntpdate, change the contents of <code>/etc/cron.daily/ntpdate</code> to:"
11001
11405
msgstr ""
11002
11406
11003
#: serverguide/C/network-config.xml:762(screen)
11407
#: serverguide/C/network-config.xml:740(screen)
11004
11408
#, no-wrap
11005
11409
msgid "ntpdate ntp.ubuntu.com pool.ntp.org \n"
11006
11410
msgstr ""
11007
11411
11008
#: serverguide/C/network-config.xml:764(para)
11412
#: serverguide/C/network-config.xml:742(para)
11009
11413
msgid ""
11010
11414
"And for ntpd edit <code>/etc/ntp.conf</code> to include additional server "
11011
11415
"lines:"
11012
11416
msgstr ""
11013
11417
11014
#: serverguide/C/network-config.xml:769(screen)
11418
#: serverguide/C/network-config.xml:747(screen)
11015
11419
#, no-wrap
11016
11420
msgid ""
11017
11421
"server ntp.ubuntu.com\n"
11018
11422
"server pool.ntp.org\n"
11019
11423
msgstr ""
11020
11424
11021
#: serverguide/C/network-config.xml:772(para)
11425
#: serverguide/C/network-config.xml:750(para)
11022
11426
msgid ""
11023
11427
"You may notice <code>pool.ntp.org</code> in the examples above. This is a "
11024
11428
"really good idea which uses round-robin DNS to return an NTP server from a "
11030
11434
"details."
11031
11435
msgstr ""
11032
11436
11033
#: serverguide/C/network-config.xml:783(para)
11437
#: serverguide/C/network-config.xml:761(para)
11034
11438
msgid ""
11035
11439
"You can also Google for NTP servers in your region, and add these to your "
11036
11440
"configuration. To test that a server works, just type <code>sudo ntpdate "
11037
11441
"ntp.server.name</code> and see what happens."
11038
11442
msgstr ""
11039
11443
11040
#: serverguide/C/network-config.xml:791(title)
11444
#: serverguide/C/network-config.xml:769(title)
11041
11445
msgid "Related Pages"
11042
11446
msgstr ""
11043
11447
11044
#: serverguide/C/network-config.xml:795(ulink)
11448
#: serverguide/C/network-config.xml:773(ulink)
11045
11449
msgid "NTP Support"
11046
11450
msgstr ""
11047
11451
11048
#: serverguide/C/network-config.xml:800(ulink)
11452
#: serverguide/C/network-config.xml:778(ulink)
11049
11453
msgid "The NTP FAQ and HOWTO"
11050
11454
msgstr ""
11051
11455
11216
11620
"<application>ldapmodify</application>:"
11217
11621
msgstr ""
11218
11622
11219
#: serverguide/C/network-auth.xml:171(command) serverguide/C/network-auth.xml:723(command) serverguide/C/network-auth.xml:825(command) serverguide/C/network-auth.xml:848(command) serverguide/C/network-auth.xml:2405(command) serverguide/C/network-auth.xml:2422(command)
11623
#: serverguide/C/network-auth.xml:171(command) serverguide/C/network-auth.xml:722(command) serverguide/C/network-auth.xml:838(command) serverguide/C/network-auth.xml:861(command) serverguide/C/network-auth.xml:2417(command) serverguide/C/network-auth.xml:2434(command)
11220
11624
msgid "ldapmodify -x -D cn=admin,cn=config -W"
11221
11625
msgstr ""
11222
11626
11311
11715
"include /etc/ldap/schema/ppolicy.schema\n"
11312
11716
msgstr ""
11313
11717
11314
#: serverguide/C/network-auth.xml:254(para) serverguide/C/network-auth.xml:1304(para)
11718
#: serverguide/C/network-auth.xml:254(para) serverguide/C/network-auth.xml:1318(para)
11315
11719
msgid "Next, create a temporary directory to hold the output:"
11316
11720
msgstr ""
11317
11721
11318
#: serverguide/C/network-auth.xml:259(command) serverguide/C/network-auth.xml:1309(command) serverguide/C/network-auth.xml:2334(command)
11722
#: serverguide/C/network-auth.xml:259(command) serverguide/C/network-auth.xml:1323(command) serverguide/C/network-auth.xml:2347(command)
11319
11723
msgid "mkdir /tmp/ldif_output"
11320
11724
msgstr ""
11321
11725
11322
11726
#: serverguide/C/network-auth.xml:265(para)
11323
11727
msgid ""
11324
"Now using <application>slaptest</application> convert the schema files to "
11728
"Now using <application>slapcat</application> convert the schema files to "
11325
11729
"LDIF:"
11326
11730
msgstr ""
11327
11731
11328
#: serverguide/C/network-auth.xml:270(command) serverguide/C/network-auth.xml:1320(command) serverguide/C/network-auth.xml:2345(command)
11329
msgid "slaptest -f schema_convert.conf -F /tmp/ldif_output"
11732
#: serverguide/C/network-auth.xml:270(command)
11733
msgid ""
11734
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
11735
"\"cn={8}misc,cn=schema,cn=config\" > /tmp/cn=misc.ldif"
11330
11736
msgstr ""
11331
11737
11332
11738
#: serverguide/C/network-auth.xml:273(para)
11339
11745
11340
11746
#: serverguide/C/network-auth.xml:282(para)
11341
11747
msgid ""
11342
"Edit the "
11343
"<filename>/tmp/ldif_output/cn=config/cn=schema/cn={8}misc.ldif</filename> "
11344
"file, changing the following attributes:"
11748
"Edit the <filename>/tmp/cn\\=misc.ldif</filename> file, changing the "
11749
"following attributes:"
11345
11750
msgstr ""
11346
11751
11347
#: serverguide/C/network-auth.xml:287(programlisting)
11752
#: serverguide/C/network-auth.xml:286(programlisting)
11348
11753
#, no-wrap
11349
11754
msgid ""
11350
11755
"\n"
11353
11758
"cn: misc\n"
11354
11759
msgstr ""
11355
11760
11356
#: serverguide/C/network-auth.xml:293(para) serverguide/C/network-auth.xml:1341(para)
11761
#: serverguide/C/network-auth.xml:292(para) serverguide/C/network-auth.xml:1354(para)
11357
11762
msgid "And remove the following lines from the bottom of the file:"
11358
11763
msgstr ""
11359
11764
11360
#: serverguide/C/network-auth.xml:297(programlisting)
11765
#: serverguide/C/network-auth.xml:296(programlisting)
11361
11766
#, no-wrap
11362
11767
msgid ""
11363
11768
"\n"
11370
11775
"modifyTimestamp: 20080826021140Z\n"
11371
11776
msgstr ""
11372
11777
11373
#: serverguide/C/network-auth.xml:308(para) serverguide/C/network-auth.xml:1356(para) serverguide/C/network-auth.xml:2381(para)
11778
#: serverguide/C/network-auth.xml:307(para) serverguide/C/network-auth.xml:1369(para) serverguide/C/network-auth.xml:2393(para)
11374
11779
msgid ""
11375
11780
"The attribute values will vary, just be sure the attributes are removed."
11376
11781
msgstr ""
11377
11782
11378
#: serverguide/C/network-auth.xml:316(para) serverguide/C/network-auth.xml:1364(para)
11783
#: serverguide/C/network-auth.xml:315(para) serverguide/C/network-auth.xml:1377(para)
11379
11784
msgid ""
11380
11785
"Finally, using the <application>ldapadd</application> utility, add the new "
11381
11786
"schema to the directory:"
11382
11787
msgstr ""
11383
11788
11384
#: serverguide/C/network-auth.xml:322(command)
11385
msgid ""
11386
"ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\\=config/cn\\"
11387
"=schema/cn\\=\\{8\\}misc.ldif"
11789
#: serverguide/C/network-auth.xml:321(command)
11790
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=misc.ldif"
11388
11791
msgstr ""
11389
11792
11390
#: serverguide/C/network-auth.xml:328(para)
11793
#: serverguide/C/network-auth.xml:327(para)
11391
11794
msgid ""
11392
11795
"There should now be a <emphasis>dn: "
11393
11796
"cn={4}misc,cn=schema,cn=config</emphasis> entry in the cn=config tree."
11394
11797
msgstr ""
11395
11798
11396
#: serverguide/C/network-auth.xml:337(title)
11799
#: serverguide/C/network-auth.xml:336(title)
11397
11800
msgid "Populating LDAP"
11398
11801
msgstr ""
11399
11802
11400
#: serverguide/C/network-auth.xml:339(para)
11803
#: serverguide/C/network-auth.xml:338(para)
11401
11804
msgid ""
11402
11805
"The directory has been created during installation and reconfiguration, and "
11403
11806
"now it is time to populate it. It will be populated with a \"classical\" "
11407
11810
"applications, etc."
11408
11811
msgstr ""
11409
11812
11410
#: serverguide/C/network-auth.xml:348(para)
11813
#: serverguide/C/network-auth.xml:347(para)
11411
11814
msgid ""
11412
11815
"For external applications to authenticate using LDAP they will each need to "
11413
11816
"be specifically configured to do so. Refer to the individual application "
11414
11817
"documentation for details."
11415
11818
msgstr ""
11416
11819
11417
#: serverguide/C/network-auth.xml:355(para)
11820
#: serverguide/C/network-auth.xml:354(para)
11418
11821
msgid ""
11419
11822
"LDAP directories can be populated with LDIF (LDAP Directory Interchange "
11420
11823
"Format) files. Copy the following example LDIF file, naming it "
11421
11824
"<filename>example.com.ldif</filename>, somewhere on your system:"
11422
11825
msgstr ""
11423
11826
11424
#: serverguide/C/network-auth.xml:361(programlisting)
11827
#: serverguide/C/network-auth.xml:360(programlisting)
11425
11828
#, no-wrap
11426
11829
msgid ""
11427
11830
"\n"
11470
11873
"gidNumber: 10000\n"
11471
11874
msgstr ""
11472
11875
11473
#: serverguide/C/network-auth.xml:407(para)
11876
#: serverguide/C/network-auth.xml:406(para)
11474
11877
msgid ""
11475
11878
"In this example the directory structure, a user, and a group have been "
11476
11879
"setup. In other examples you might see the <emphasis>objectClass: "
11478
11881
"you do not have to add it explicitly."
11479
11882
msgstr ""
11480
11883
11481
#: serverguide/C/network-auth.xml:414(para)
11884
#: serverguide/C/network-auth.xml:413(para)
11482
11885
msgid ""
11483
11886
"To add the entries to the LDAP directory use the "
11484
11887
"<application>ldapadd</application> utility:"
11485
11888
msgstr ""
11486
11889
11487
#: serverguide/C/network-auth.xml:420(command)
11890
#: serverguide/C/network-auth.xml:419(command)
11488
11891
msgid "ldapadd -x -D cn=admin,dc=example,dc=com -W -f example.com.ldif"
11489
11892
msgstr ""
11490
11893
11491
#: serverguide/C/network-auth.xml:423(para)
11894
#: serverguide/C/network-auth.xml:422(para)
11492
11895
msgid ""
11493
11896
"We can check that the content has been correctly added with the tools from "
11494
11897
"the <application>ldap-utils</application> package. In order to execute a "
11495
11898
"search of the LDAP directory:"
11496
11899
msgstr ""
11497
11900
11498
#: serverguide/C/network-auth.xml:430(command)
11901
#: serverguide/C/network-auth.xml:429(command)
11499
11902
msgid "ldapsearch -xLLL -b \"dc=example,dc=com\" uid=john sn givenName cn"
11500
11903
msgstr ""
11501
11904
11502
#: serverguide/C/network-auth.xml:431(computeroutput)
11905
#: serverguide/C/network-auth.xml:430(computeroutput)
11503
11906
#, no-wrap
11504
11907
msgid ""
11505
11908
"\n"
11509
11912
"givenName: John\n"
11510
11913
msgstr ""
11511
11914
11512
#: serverguide/C/network-auth.xml:439(para)
11915
#: serverguide/C/network-auth.xml:438(para)
11513
11916
msgid "Just a quick explanation:"
11514
11917
msgstr ""
11515
11918
11516
#: serverguide/C/network-auth.xml:445(para)
11919
#: serverguide/C/network-auth.xml:444(para)
11517
11920
msgid ""
11518
11921
"<emphasis>-x:</emphasis> will not use SASL authentication method, which is "
11519
11922
"the default."
11520
11923
msgstr ""
11521
11924
11522
#: serverguide/C/network-auth.xml:451(para)
11925
#: serverguide/C/network-auth.xml:450(para)
11523
11926
msgid "<emphasis>-LLL:</emphasis> disable printing LDIF schema information."
11524
11927
msgstr ""
11525
11928
11526
#: serverguide/C/network-auth.xml:460(title)
11929
#: serverguide/C/network-auth.xml:459(title)
11527
11930
msgid "LDAP replication"
11528
11931
msgstr ""
11529
11932
11530
#: serverguide/C/network-auth.xml:462(para)
11933
#: serverguide/C/network-auth.xml:461(para)
11531
11934
msgid ""
11532
11935
"LDAP often quickly becomes a highly critical service to the network. "
11533
11936
"Multiple systems will come to depend on LDAP for authentication, "
11535
11938
"system through replication."
11536
11939
msgstr ""
11537
11940
11538
#: serverguide/C/network-auth.xml:468(para)
11941
#: serverguide/C/network-auth.xml:467(para)
11539
11942
msgid ""
11540
11943
"Replication is achieved using the <emphasis>Syncrepl</emphasis> engine. "
11541
11944
"Syncrepl allows the directory to be synced using either a "
11545
11948
"allows replication servers to sync on a time based interval."
11546
11949
msgstr ""
11547
11950
11548
#: serverguide/C/network-auth.xml:476(para)
11951
#: serverguide/C/network-auth.xml:475(para)
11549
11952
msgid ""
11550
11953
"The following is an example of a <emphasis>Multi-Master</emphasis> "
11551
11954
"configuration. In this configuration each OpenLDAP server is configured for "
11552
11955
"both <emphasis>push</emphasis> and <emphasis>pull</emphasis> replication."
11553
11956
msgstr ""
11554
11957
11555
#: serverguide/C/network-auth.xml:484(para)
11958
#: serverguide/C/network-auth.xml:483(para)
11556
11959
msgid ""
11557
11960
"First, configure the server to sync the <emphasis>cn=config</emphasis> "
11558
11961
"database. Copy the following to a file named <filename>syncrepl_cn-"
11559
11962
"config.ldif</filename>:"
11560
11963
msgstr ""
11561
11964
11562
#: serverguide/C/network-auth.xml:489(programlisting)
11965
#: serverguide/C/network-auth.xml:488(programlisting)
11563
11966
#, no-wrap
11564
11967
msgid ""
11565
11968
"\n"
11596
11999
"olcMirrorMode: TRUE\n"
11597
12000
msgstr ""
11598
12001
11599
#: serverguide/C/network-auth.xml:524(para)
12002
#: serverguide/C/network-auth.xml:523(para)
11600
12003
msgid "Edit the file changing:"
11601
12004
msgstr ""
11602
12005
11603
#: serverguide/C/network-auth.xml:530(para)
12006
#: serverguide/C/network-auth.xml:529(para)
11604
12007
msgid ""
11605
12008
"<emphasis>ldap://ldap01.example.com</emphasis> and "
11606
12009
"<emphasis>ldap://ldap02.example.com</emphasis> to the hostnames of your LDAP "
11607
12010
"servers."
11608
12011
msgstr ""
11609
12012
11610
#: serverguide/C/network-auth.xml:535(para)
12013
#: serverguide/C/network-auth.xml:534(para)
11611
12014
msgid ""
11612
12015
"You can have more than two LDAP servers, and when a change is made to one of "
11613
12016
"them it will by synced to the rest. Be sure to increment the "
11615
12018
"<emphasis>rid</emphasis> for each <emphasis>olcSyncRepl</emphasis> entry."
11616
12019
msgstr ""
11617
12020
11618
#: serverguide/C/network-auth.xml:543(para)
12021
#: serverguide/C/network-auth.xml:542(para)
11619
12022
msgid ""
11620
12023
"And adjust <emphasis>credentials=secret</emphasis> to match your admin "
11621
12024
"password."
11622
12025
msgstr ""
11623
12026
11624
#: serverguide/C/network-auth.xml:553(para)
12027
#: serverguide/C/network-auth.xml:552(para)
11625
12028
msgid ""
11626
12029
"Next, add the LDIF file using the <application>ldapmodify</application> "
11627
12030
"utility:"
11628
12031
msgstr ""
11629
12032
11630
#: serverguide/C/network-auth.xml:558(command)
12033
#: serverguide/C/network-auth.xml:557(command)
11631
12034
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_cn-config.ldif"
11632
12035
msgstr ""
11633
12036
11634
#: serverguide/C/network-auth.xml:564(para)
12037
#: serverguide/C/network-auth.xml:563(para)
11635
12038
msgid ""
11636
12039
"Copy the <filename>syncrepl_cn-config.ldif</filename> file to the next LDAP "
11637
12040
"server and repeat the <application>ldapmodify</application> command above."
11638
12041
msgstr ""
11639
12042
11640
#: serverguide/C/network-auth.xml:572(para)
12043
#: serverguide/C/network-auth.xml:571(para)
11641
12044
msgid ""
11642
12045
"Because a new module has been added, the <application>slapd</application> "
11643
12046
"daemon, on all replicated servers, needs to be restarted:"
11644
12047
msgstr ""
11645
12048
11646
#: serverguide/C/network-auth.xml:578(command) serverguide/C/network-auth.xml:778(command) serverguide/C/network-auth.xml:882(command)
12049
#: serverguide/C/network-auth.xml:577(command) serverguide/C/network-auth.xml:779(command) serverguide/C/network-auth.xml:895(command)
11647
12050
msgid "sudo /etc/init.d/slapd restart"
11648
12051
msgstr ""
11649
12052
11650
#: serverguide/C/network-auth.xml:584(para)
12053
#: serverguide/C/network-auth.xml:583(para)
11651
12054
msgid ""
11652
12055
"Now that the configuration database is synced between servers, the "
11653
12056
"<emphasis>backend</emphasis> database needs to be synced as well. Copy and "
11655
12058
"<filename>syncrepl_backend.ldif</filename>:"
11656
12059
msgstr ""
11657
12060
11658
#: serverguide/C/network-auth.xml:590(programlisting)
12061
#: serverguide/C/network-auth.xml:589(programlisting)
11659
12062
#, no-wrap
11660
12063
msgid ""
11661
12064
"\n"
11686
12089
"olcOverlay: syncprov\n"
11687
12090
msgstr ""
11688
12091
11689
#: serverguide/C/network-auth.xml:617(para)
12092
#: serverguide/C/network-auth.xml:616(para)
11690
12093
msgid "Like the previous LDIF file, edit this one changing:"
11691
12094
msgstr ""
11692
12095
11693
#: serverguide/C/network-auth.xml:623(para)
12096
#: serverguide/C/network-auth.xml:622(para)
11694
12097
msgid ""
11695
12098
"<emphasis>searchbase=\"dc=example,dc=com\"</emphasis> to your directory's "
11696
12099
"searchbase."
11697
12100
msgstr ""
11698
12101
11699
#: serverguide/C/network-auth.xml:628(para)
12102
#: serverguide/C/network-auth.xml:627(para)
11700
12103
msgid ""
11701
12104
"If you use a different admin user, change "
11702
12105
"<emphasis>binddn=\"cn=admin,dc=example,dc=com\"</emphasis>."
11703
12106
msgstr ""
11704
12107
11705
#: serverguide/C/network-auth.xml:633(para)
12108
#: serverguide/C/network-auth.xml:632(para)
11706
12109
msgid ""
11707
12110
"Also, replace <emphasis>credentials=secret</emphasis> with your admin "
11708
12111
"password."
11709
12112
msgstr ""
11710
12113
11711
#: serverguide/C/network-auth.xml:642(para)
12114
#: serverguide/C/network-auth.xml:641(para)
11712
12115
msgid "Add the LDIF file:"
11713
12116
msgstr ""
11714
12117
11715
#: serverguide/C/network-auth.xml:647(command)
12118
#: serverguide/C/network-auth.xml:646(command)
11716
12119
msgid "ldapmodify -x -D cn=admin,cn=config -W -f syncrepl_backend.ldif"
11717
12120
msgstr ""
11718
12121
11719
#: serverguide/C/network-auth.xml:650(para)
12122
#: serverguide/C/network-auth.xml:649(para)
11720
12123
msgid ""
11721
12124
"Because the servers' configuration is already synced there is no need to "
11722
12125
"copy this LDIF file to the other servers."
11723
12126
msgstr ""
11724
12127
11725
#: serverguide/C/network-auth.xml:658(para)
12128
#: serverguide/C/network-auth.xml:657(para)
11726
12129
msgid ""
11727
12130
"The configuration and backend databases should now sycnc to the other "
11728
12131
"servers. You can add additional servers using the "
11730
12133
"linkend=\"openldap-configuration\"/> for details."
11731
12134
msgstr ""
11732
12135
11733
#: serverguide/C/network-auth.xml:668(programlisting)
12136
#: serverguide/C/network-auth.xml:667(programlisting)
11734
12137
#, no-wrap
11735
12138
msgid "127.0.0.1\tldap01.example.com ldap01"
11736
12139
msgstr ""
11737
12140
11738
#: serverguide/C/network-auth.xml:664(para)
12141
#: serverguide/C/network-auth.xml:663(para)
11739
12142
msgid ""
11740
12143
"The <application>slapd</application> daemon will send log information to "
11741
12144
"<filename>/var/log/syslog</filename> by default. So if all does "
11745
12148
"<filename>/etc/hosts</filename> with a line similar to: <placeholder-1/>."
11746
12149
msgstr ""
11747
12150
11748
#: serverguide/C/network-auth.xml:675(title)
12151
#: serverguide/C/network-auth.xml:674(title)
11749
12152
msgid "Setting up ACL"
11750
12153
msgstr ""
11751
12154
11752
#: serverguide/C/network-auth.xml:677(para)
12155
#: serverguide/C/network-auth.xml:676(para)
11753
12156
msgid ""
11754
12157
"Authentication requires access to the password field, that should be not "
11755
12158
"accessible by default. Also, in order for users to change their own "
11758
12161
"authenticated."
11759
12162
msgstr ""
11760
12163
11761
#: serverguide/C/network-auth.xml:684(para)
12164
#: serverguide/C/network-auth.xml:683(para)
11762
12165
msgid ""
11763
12166
"To view the Access Control List (ACL), use the "
11764
12167
"<application>ldapsearch</application> utility:"
11765
12168
msgstr ""
11766
12169
11767
#: serverguide/C/network-auth.xml:689(command)
12170
#: serverguide/C/network-auth.xml:688(command)
11768
12171
msgid ""
11769
12172
"ldapsearch -xLLL -b cn=config -D cn=admin,cn=config -W olcDatabase=hdb "
11770
12173
"olcAccess"
11771
12174
msgstr ""
11772
12175
11773
#: serverguide/C/network-auth.xml:693(computeroutput)
12176
#: serverguide/C/network-auth.xml:692(computeroutput)
11774
12177
#, no-wrap
11775
12178
msgid ""
11776
12179
"Enter LDAP Password: \n"
11782
12185
"olcAccess: {2}to * by dn=\"cn=admin,dc=example,dc=com\" write by * read\n"
11783
12186
msgstr ""
11784
12187
11785
#: serverguide/C/network-auth.xml:705(title)
12188
#: serverguide/C/network-auth.xml:704(title)
11786
12189
msgid "TLS and SSL"
11787
12190
msgstr ""
11788
12191
11789
#: serverguide/C/network-auth.xml:707(para)
12192
#: serverguide/C/network-auth.xml:706(para)
11790
12193
msgid ""
11791
12194
"When authenticating to an OpenLDAP server it is best to do so using an "
11792
12195
"encrypted session. This can be accomplished using Transport Layer Security "
11793
12196
"(TLS) and/or Secure Sockets Layer (SSL)."
11794
12197
msgstr ""
11795
12198
11796
#: serverguide/C/network-auth.xml:712(para)
12199
#: serverguide/C/network-auth.xml:711(para)
11797
12200
msgid ""
11798
12201
"The first step in the process is to obtain or create a "
11799
12202
"<emphasis>certificate</emphasis>. See <xref linkend=\"certificates-and-"
11800
12203
"security\"/> and <xref linkend=\"certificate-authority\"/> for details."
11801
12204
msgstr ""
11802
12205
11803
#: serverguide/C/network-auth.xml:717(para)
12206
#: serverguide/C/network-auth.xml:716(para)
11804
12207
msgid ""
11805
12208
"Once you have a certificate, key, and CA cert installed, use "
11806
12209
"<application>ldapmodify</application> to add the new configuration options:"
11807
12210
msgstr ""
11808
12211
11809
#: serverguide/C/network-auth.xml:728(userinput)
12212
#: serverguide/C/network-auth.xml:727(userinput)
11810
12213
#, no-wrap
11811
12214
msgid ""
11812
12215
"dn: cn=config\n"
11820
12223
"olcTLSCertificateKeyFile: /etc/ssl/private/server.key"
11821
12224
msgstr ""
11822
12225
11823
#: serverguide/C/network-auth.xml:727(computeroutput)
12226
#: serverguide/C/network-auth.xml:726(computeroutput)
11824
12227
#, no-wrap
11825
12228
msgid ""
11826
12229
"Enter LDAP Password:\n"
11829
12232
"modifying entry \"cn=config\"\n"
11830
12233
msgstr ""
11831
12234
11832
#: serverguide/C/network-auth.xml:743(para)
12235
#: serverguide/C/network-auth.xml:742(para)
11833
12236
msgid ""
11834
12237
"Adjust the <filename>server.crt</filename>, <filename>server.key</filename>, "
11835
"and <filename>cacert.pem</filename> names if yours are different."
12238
"and <filename>cacert.pem</filename> names if yours are different. If you "
12239
"have a self-signed certificate, do <emphasis>NOT</emphasis> add the "
12240
"olcTLSCACertificateFile property, as it will cause GnuTLS to fail.."
11836
12241
msgstr ""
11837
12242
11838
12243
#: serverguide/C/network-auth.xml:749(para)
11861
12266
msgid "sudo chgrp ssl-cert /etc/ssl/private/server.key"
11862
12267
msgstr ""
11863
12268
11864
#: serverguide/C/network-auth.xml:767(para)
12269
#: serverguide/C/network-auth.xml:764(command)
12270
msgid "sudo chmod g+r /etc/ssl/private/server.key"
12271
msgstr ""
12272
12273
#: serverguide/C/network-auth.xml:768(para)
11865
12274
msgid ""
11866
12275
"If the <filename role=\"directory\">/etc/ssl/private</filename> and "
11867
12276
"<filename>/etc/ssl/private/server.key</filename> have different permissions, "
11868
12277
"adjust the commands appropriately."
11869
12278
msgstr ""
11870
12279
11871
#: serverguide/C/network-auth.xml:773(para)
12280
#: serverguide/C/network-auth.xml:774(para)
11872
12281
msgid "Finally, restart <application>slapd</application>:"
11873
12282
msgstr ""
11874
12283
11875
#: serverguide/C/network-auth.xml:781(para)
12284
#: serverguide/C/network-auth.xml:782(para)
11876
12285
msgid ""
11877
12286
"The <application>slapd</application> daemon should now be listening for "
11878
12287
"LDAPS connections and be able to use STARTTLS during authentication."
11879
12288
msgstr ""
11880
12289
11881
#: serverguide/C/network-auth.xml:787(title)
12290
#: serverguide/C/network-auth.xml:788(para)
12291
msgid ""
12292
"If you run into troubles with the server not starting, check the "
12293
"/var/log/syslog. If you see errors like main: TLS init def ctx failed: -1, "
12294
"it is likely there is a configuration problem. Check that the certificate is "
12295
"signed by the authority from in the files configured, and that the ssl-cert "
12296
"group has read permissions on the private key."
12297
msgstr ""
12298
12299
#: serverguide/C/network-auth.xml:800(title)
11882
12300
msgid "TLS Replication"
11883
12301
msgstr ""
11884
12302
11885
#: serverguide/C/network-auth.xml:789(para)
12303
#: serverguide/C/network-auth.xml:802(para)
11886
12304
msgid ""
11887
12305
"If you have setup <application>Syncrepl</application> between servers, it is "
11888
12306
"prudent to encrypt the replication traffic using <emphasis>Transport Layer "
11890
12308
"linkend=\"openldap-server-replication\"/>."
11891
12309
msgstr ""
11892
12310
11893
#: serverguide/C/network-auth.xml:795(para)
12311
#: serverguide/C/network-auth.xml:808(para)
11894
12312
msgid ""
11895
12313
"After setting up replication, and following the instructions in <xref "
11896
12314
"linkend=\"openldap-tls\"/>, there are a couple of consequences that should "
11897
12315
"be kept in mind:"
11898
12316
msgstr ""
11899
12317
11900
#: serverguide/C/network-auth.xml:802(para)
12318
#: serverguide/C/network-auth.xml:815(para)
11901
12319
msgid ""
11902
12320
"The configuration only needs to be modified on <emphasis>one</emphasis> "
11903
12321
"server."
11904
12322
msgstr ""
11905
12323
11906
#: serverguide/C/network-auth.xml:807(para)
12324
#: serverguide/C/network-auth.xml:820(para)
11907
12325
msgid ""
11908
12326
"The path names for the <emphasis>certificate</emphasis> and "
11909
12327
"<emphasis>key</emphasis> must be the same on all servers."
11910
12328
msgstr ""
11911
12329
11912
#: serverguide/C/network-auth.xml:814(para)
12330
#: serverguide/C/network-auth.xml:827(para)
11913
12331
msgid ""
11914
12332
"So on each replicated server: install a certificate, edit "
11915
12333
"<filename>/etc/default/slapd</filename>, and restart "
11916
12334
"<application>slapd</application>."
11917
12335
msgstr ""
11918
12336
11919
#: serverguide/C/network-auth.xml:819(para)
12337
#: serverguide/C/network-auth.xml:832(para)
11920
12338
msgid ""
11921
12339
"Once <emphasis>TLS</emphasis> has been setup on each server, modify the "
11922
12340
"<emphasis>cn=config</emphasis> replication by entering the following in a "
11923
12341
"terminal:"
11924
12342
msgstr ""
11925
12343
11926
#: serverguide/C/network-auth.xml:830(userinput)
12344
#: serverguide/C/network-auth.xml:843(userinput)
11927
12345
#, no-wrap
11928
12346
msgid ""
11929
12347
"dn: olcDatabase={0}config,cn=config\n"
11940
12358
" shAndPersist retry=\"5 5 300 5\" timeout=1 starttls=yes"
11941
12359
msgstr ""
11942
12360
11943
#: serverguide/C/network-auth.xml:829(computeroutput)
12361
#: serverguide/C/network-auth.xml:842(computeroutput)
11944
12362
#, no-wrap
11945
12363
msgid ""
11946
12364
"Enter LDAP Password: \n"
11949
12367
"modifying entry \"olcDatabase={0}config,cn=config\"\n"
11950
12368
msgstr ""
11951
12369
11952
#: serverguide/C/network-auth.xml:843(para)
12370
#: serverguide/C/network-auth.xml:856(para)
11953
12371
msgid "Now adjust the <emphasis>backend</emphasis> database replication:"
11954
12372
msgstr ""
11955
12373
11956
#: serverguide/C/network-auth.xml:853(userinput)
12374
#: serverguide/C/network-auth.xml:866(userinput)
11957
12375
#, no-wrap
11958
12376
msgid ""
11959
12377
"dn: olcDatabase={1}hdb,cn=config\n"
11970
12388
" efreshOnly interval=00:00:00:10 retry=\"5 5 300 5\" timeout=1 starttls=yes"
11971
12389
msgstr ""
11972
12390
11973
#: serverguide/C/network-auth.xml:852(computeroutput) serverguide/C/network-auth.xml:2406(computeroutput)
12391
#: serverguide/C/network-auth.xml:865(computeroutput) serverguide/C/network-auth.xml:2418(computeroutput)
11974
12392
#, no-wrap
11975
12393
msgid ""
11976
12394
"Enter LDAP Password:\n"
11979
12397
"modifying entry \"olcDatabase={1}hdb,cn=config\""
11980
12398
msgstr ""
11981
12399
11982
#: serverguide/C/network-auth.xml:865(para)
12400
#: serverguide/C/network-auth.xml:878(para)
11983
12401
msgid ""
11984
12402
"If the LDAP server hostname does not match the Fully Qualified Domain Name "
11985
12403
"(FQDN) in the certificate, you may have to edit "
11986
12404
"<filename>/etc/ldap/ldap.conf</filename> and add the following TLS options:"
11987
12405
msgstr ""
11988
12406
11989
#: serverguide/C/network-auth.xml:870(programlisting)
12407
#: serverguide/C/network-auth.xml:883(programlisting)
11990
12408
#, no-wrap
11991
12409
msgid ""
11992
12410
"\n"
11995
12413
"TLS_CACERT /etc/ssl/certs/cacert.pem\n"
11996
12414
msgstr ""
11997
12415
11998
#: serverguide/C/network-auth.xml:877(para)
12416
#: serverguide/C/network-auth.xml:890(para)
11999
12417
msgid ""
12000
12418
"Finally, restart <application>slapd</application> on each of the servers:"
12001
12419
msgstr ""
12002
12420
12003
#: serverguide/C/network-auth.xml:890(title)
12421
#: serverguide/C/network-auth.xml:903(title)
12004
12422
msgid "LDAP Authentication"
12005
12423
msgstr ""
12006
12424
12007
#: serverguide/C/network-auth.xml:892(para)
12425
#: serverguide/C/network-auth.xml:905(para)
12008
12426
msgid ""
12009
12427
"Once you have a working LDAP server, the <application>auth-client-"
12010
12428
"config</application> and <application>libnss-ldap</application> packages "
12012
12430
"LDAP. To install the packages from, a terminal prompt enter:"
12013
12431
msgstr ""
12014
12432
12015
#: serverguide/C/network-auth.xml:899(command)
12433
#: serverguide/C/network-auth.xml:912(command)
12016
12434
msgid "sudo apt-get install libnss-ldap"
12017
12435
msgstr ""
12018
12436
12019
#: serverguide/C/network-auth.xml:902(para)
12437
#: serverguide/C/network-auth.xml:915(para)
12020
12438
msgid ""
12021
12439
"During the install a menu dialog will ask you connection details about your "
12022
12440
"LDAP server."
12023
12441
msgstr ""
12024
12442
12025
#: serverguide/C/network-auth.xml:906(para)
12443
#: serverguide/C/network-auth.xml:919(para)
12026
12444
msgid ""
12027
12445
"If you make a mistake when entering your information you can execute the "
12028
12446
"dialog again using:"
12029
12447
msgstr ""
12030
12448
12031
#: serverguide/C/network-auth.xml:911(command)
12449
#: serverguide/C/network-auth.xml:924(command)
12032
12450
msgid "sudo dpkg-reconfigure ldap-auth-config"
12033
12451
msgstr ""
12034
12452
12035
#: serverguide/C/network-auth.xml:914(para)
12453
#: serverguide/C/network-auth.xml:927(para)
12036
12454
msgid ""
12037
12455
"The results of the dialog can be seen in "
12038
12456
"<filename>/etc/ldap.conf</filename>. If your server requires options not "
12039
12457
"covered in the menu edit this file accordingly."
12040
12458
msgstr ""
12041
12459
12042
#: serverguide/C/network-auth.xml:919(para)
12460
#: serverguide/C/network-auth.xml:932(para)
12043
12461
msgid ""
12044
12462
"Now that <application>libnss-ldap</application> is configured enable the "
12045
12463
"<application>auth-client-config</application> LDAP profile by entering:"
12046
12464
msgstr ""
12047
12465
12048
#: serverguide/C/network-auth.xml:925(command)
12466
#: serverguide/C/network-auth.xml:938(command)
12049
12467
msgid "sudo auth-client-config -t nss -p lac_ldap"
12050
12468
msgstr ""
12051
12469
12052
#: serverguide/C/network-auth.xml:930(para)
12470
#: serverguide/C/network-auth.xml:943(para)
12053
12471
msgid ""
12054
12472
"<emphasis>-t:</emphasis> only modifies "
12055
12473
"<filename>/etc/nsswitch.conf</filename>."
12056
12474
msgstr ""
12057
12475
12058
#: serverguide/C/network-auth.xml:935(para)
12476
#: serverguide/C/network-auth.xml:948(para)
12059
12477
msgid "<emphasis>-p:</emphasis> name of the profile to enable, disable, etc."
12060
12478
msgstr ""
12061
12479
12062
#: serverguide/C/network-auth.xml:940(para)
12480
#: serverguide/C/network-auth.xml:953(para)
12063
12481
msgid ""
12064
12482
"<emphasis>lac_ldap:</emphasis> the <application>auth-client-"
12065
12483
"config</application> profile that is part of the <application>ldap-auth-"
12066
12484
"config</application> package."
12067
12485
msgstr ""
12068
12486
12069
#: serverguide/C/network-auth.xml:947(para)
12487
#: serverguide/C/network-auth.xml:960(para)
12070
12488
msgid ""
12071
12489
"Using the <application>pam-auth-update</application> utility, configure the "
12072
12490
"system to use LDAP for authentication:"
12073
12491
msgstr ""
12074
12492
12075
#: serverguide/C/network-auth.xml:952(command)
12493
#: serverguide/C/network-auth.xml:965(command)
12076
12494
msgid "sudo pam-auth-update"
12077
12495
msgstr ""
12078
12496
12079
#: serverguide/C/network-auth.xml:955(para)
12497
#: serverguide/C/network-auth.xml:968(para)
12080
12498
msgid ""
12081
12499
"From the <application>pam-auth-update</application> menu, choose LDAP and "
12082
12500
"any other authentication mechanisms you need."
12083
12501
msgstr ""
12084
12502
12085
#: serverguide/C/network-auth.xml:959(para)
12503
#: serverguide/C/network-auth.xml:972(para)
12086
12504
msgid ""
12087
12505
"You should now be able to login using user credentials stored in the LDAP "
12088
12506
"directory."
12089
12507
msgstr ""
12090
12508
12091
#: serverguide/C/network-auth.xml:964(para)
12509
#: serverguide/C/network-auth.xml:977(para)
12092
12510
msgid ""
12093
12511
"If you are going to use LDAP to store Samba users you will need to configure "
12094
12512
"the server to authenticate using LDAP. See <xref linkend=\"samba-ldap\"/> "
12095
12513
"for details."
12096
12514
msgstr ""
12097
12515
12098
#: serverguide/C/network-auth.xml:972(title)
12516
#: serverguide/C/network-auth.xml:985(title)
12099
12517
msgid "User and Group Management"
12100
12518
msgstr ""
12101
12519
12102
#: serverguide/C/network-auth.xml:974(para)
12520
#: serverguide/C/network-auth.xml:987(para)
12103
12521
msgid ""
12104
12522
"The <application>ldap-utils</application> package comes with multiple "
12105
12523
"utilities to manage the directory, but the long string of options needed, "
12107
12525
"package contains configurable scripts to easily manage LDAP users and groups."
12108
12526
msgstr ""
12109
12527
12110
#: serverguide/C/network-auth.xml:980(para)
12528
#: serverguide/C/network-auth.xml:993(para)
12111
12529
msgid "To install the package, from a terminal enter:"
12112
12530
msgstr ""
12113
12531
12114
#: serverguide/C/network-auth.xml:985(command)
12532
#: serverguide/C/network-auth.xml:998(command)
12115
12533
msgid "sudo apt-get install ldapscripts"
12116
12534
msgstr ""
12117
12535
12118
#: serverguide/C/network-auth.xml:988(para)
12536
#: serverguide/C/network-auth.xml:1001(para)
12119
12537
msgid ""
12120
12538
"Next, edit the config file "
12121
12539
"<filename>/etc/ldapscripts/ldapscripts.conf</filename> uncommenting and "
12122
12540
"changing the following to match your environment:"
12123
12541
msgstr ""
12124
12542
12125
#: serverguide/C/network-auth.xml:993(programlisting)
12543
#: serverguide/C/network-auth.xml:1006(programlisting)
12126
12544
#, no-wrap
12127
12545
msgid ""
12128
12546
"\n"
12138
12556
"MIDSTART=10000\n"
12139
12557
msgstr ""
12140
12558
12141
#: serverguide/C/network-auth.xml:1006(para)
12559
#: serverguide/C/network-auth.xml:1019(para)
12142
12560
msgid ""
12143
12561
"Now, create the <filename>ldapscripts.passwd</filename> file to allow "
12144
12562
"authenticated access to the directory:"
12145
12563
msgstr ""
12146
12564
12147
#: serverguide/C/network-auth.xml:1011(command)
12565
#: serverguide/C/network-auth.xml:1024(command)
12148
12566
msgid ""
12149
12567
"sudo sh -c \"echo -n 'secret' > /etc/ldapscripts/ldapscripts.passwd\""
12150
12568
msgstr ""
12151
12569
12152
#: serverguide/C/network-auth.xml:1012(command)
12570
#: serverguide/C/network-auth.xml:1025(command)
12153
12571
msgid "sudo chmod 400 /etc/ldapscripts/ldapscripts.passwd"
12154
12572
msgstr ""
12155
12573
12156
#: serverguide/C/network-auth.xml:1016(para)
12574
#: serverguide/C/network-auth.xml:1029(para)
12157
12575
msgid ""
12158
12576
"Replace <quote>secret</quote> with the actual password for your LDAP admin "
12159
12577
"user."
12160
12578
msgstr ""
12161
12579
12162
#: serverguide/C/network-auth.xml:1021(para)
12580
#: serverguide/C/network-auth.xml:1034(para)
12163
12581
msgid ""
12164
12582
"The <application>ldapscripts</application> are now ready to help manage your "
12165
12583
"directory. The following are some examples of how to use the scripts:"
12166
12584
msgstr ""
12167
12585
12168
#: serverguide/C/network-auth.xml:1028(para)
12586
#: serverguide/C/network-auth.xml:1041(para)
12169
12587
msgid "Create a new user:"
12170
12588
msgstr ""
12171
12589
12172
#: serverguide/C/network-auth.xml:1032(command)
12590
#: serverguide/C/network-auth.xml:1045(command)
12173
12591
msgid "sudo ldapadduser george example"
12174
12592
msgstr ""
12175
12593
12176
#: serverguide/C/network-auth.xml:1034(para)
12594
#: serverguide/C/network-auth.xml:1047(para)
12177
12595
msgid ""
12178
12596
"This will create a user with uid <emphasis role=\"italic\">george</emphasis> "
12179
12597
"and set the user's primary group (gid) to <emphasis "
12180
12598
"role=\"italic\">example</emphasis>"
12181
12599
msgstr ""
12182
12600
12183
#: serverguide/C/network-auth.xml:1040(para)
12601
#: serverguide/C/network-auth.xml:1053(para)
12184
12602
msgid "Change a user's password:"
12185
12603
msgstr ""
12186
12604
12187
#: serverguide/C/network-auth.xml:1044(command)
12605
#: serverguide/C/network-auth.xml:1057(command)
12188
12606
msgid "sudo ldapsetpasswd george"
12189
12607
msgstr ""
12190
12608
12191
#: serverguide/C/network-auth.xml:1045(computeroutput)
12609
#: serverguide/C/network-auth.xml:1058(computeroutput)
12192
12610
#, no-wrap
12193
12611
msgid "Changing password for user uid=george,ou=People,dc=example,dc=com"
12194
12612
msgstr ""
12195
12613
12196
#: serverguide/C/network-auth.xml:1046(userinput)
12614
#: serverguide/C/network-auth.xml:1059(userinput)
12197
12615
#, no-wrap
12198
12616
msgid "New Password: "
12199
12617
msgstr ""
12200
12618
12201
#: serverguide/C/network-auth.xml:1047(userinput)
12619
#: serverguide/C/network-auth.xml:1060(userinput)
12202
12620
#, no-wrap
12203
12621
msgid "New Password (verify): "
12204
12622
msgstr ""
12205
12623
12206
#: serverguide/C/network-auth.xml:1051(para)
12624
#: serverguide/C/network-auth.xml:1064(para)
12207
12625
msgid "Delete a user:"
12208
12626
msgstr ""
12209
12627
12210
#: serverguide/C/network-auth.xml:1055(command)
12628
#: serverguide/C/network-auth.xml:1068(command)
12211
12629
msgid "sudo ldapdeleteuser george"
12212
12630
msgstr ""
12213
12631
12214
#: serverguide/C/network-auth.xml:1060(para)
12632
#: serverguide/C/network-auth.xml:1073(para)
12215
12633
msgid "Add a group:"
12216
12634
msgstr ""
12217
12635
12218
#: serverguide/C/network-auth.xml:1064(command)
12636
#: serverguide/C/network-auth.xml:1077(command)
12219
12637
msgid "sudo ldapaddgroup qa"
12220
12638
msgstr ""
12221
12639
12222
#: serverguide/C/network-auth.xml:1068(para)
12640
#: serverguide/C/network-auth.xml:1081(para)
12223
12641
msgid "Delete a group:"
12224
12642
msgstr ""
12225
12643
12226
#: serverguide/C/network-auth.xml:1072(command)
12644
#: serverguide/C/network-auth.xml:1085(command)
12227
12645
msgid "sudo ldapdeletegroup qa"
12228
12646
msgstr ""
12229
12647
12230
#: serverguide/C/network-auth.xml:1076(para)
12648
#: serverguide/C/network-auth.xml:1089(para)
12231
12649
msgid "Add a user to a group:"
12232
12650
msgstr ""
12233
12651
12234
#: serverguide/C/network-auth.xml:1080(command)
12652
#: serverguide/C/network-auth.xml:1093(command)
12235
12653
msgid "sudo ldapaddusertogroup george qa"
12236
12654
msgstr ""
12237
12655
12238
#: serverguide/C/network-auth.xml:1082(para)
12656
#: serverguide/C/network-auth.xml:1095(para)
12239
12657
msgid ""
12240
12658
"You should now see a <emphasis>memberUid</emphasis> attribute for the "
12241
12659
"<emphasis role=\"italic\">qa</emphasis> group with a value of <emphasis "
12242
12660
"role=\"italic\">george</emphasis>."
12243
12661
msgstr ""
12244
12662
12245
#: serverguide/C/network-auth.xml:1088(para)
12663
#: serverguide/C/network-auth.xml:1101(para)
12246
12664
msgid "Remove a user from a group:"
12247
12665
msgstr ""
12248
12666
12249
#: serverguide/C/network-auth.xml:1092(command)
12667
#: serverguide/C/network-auth.xml:1105(command)
12250
12668
msgid "sudo ldapdeleteuserfromgroup george qa"
12251
12669
msgstr ""
12252
12670
12253
#: serverguide/C/network-auth.xml:1094(para)
12671
#: serverguide/C/network-auth.xml:1107(para)
12254
12672
msgid ""
12255
12673
"The <emphasis>memberUid</emphasis> attribute should now be removed from the "
12256
12674
"<emphasis role=\"italic\">qa</emphasis> group."
12257
12675
msgstr ""
12258
12676
12259
#: serverguide/C/network-auth.xml:1100(para)
12677
#: serverguide/C/network-auth.xml:1113(para)
12260
12678
msgid ""
12261
12679
"The <application>ldapmodifyuser</application> script allows you to add, "
12262
12680
"remove, or replace a user's attributes. The script uses the same syntax as "
12263
12681
"the <application>ldapmodify</application> utility. For example:"
12264
12682
msgstr ""
12265
12683
12266
#: serverguide/C/network-auth.xml:1105(command)
12684
#: serverguide/C/network-auth.xml:1118(command)
12267
12685
msgid "sudo ldapmodifyuser george"
12268
12686
msgstr ""
12269
12687
12270
#: serverguide/C/network-auth.xml:1106(computeroutput)
12688
#: serverguide/C/network-auth.xml:1119(computeroutput)
12271
12689
#, no-wrap
12272
12690
msgid ""
12273
12691
"# About to modify the following entry :\n"
12288
12706
"dn: uid=george,ou=People,dc=example,dc=com"
12289
12707
msgstr ""
12290
12708
12291
#: serverguide/C/network-auth.xml:1122(userinput)
12709
#: serverguide/C/network-auth.xml:1135(userinput)
12292
12710
#, no-wrap
12293
12711
msgid ""
12294
12712
"replace: gecos\n"
12295
12713
"gecos: George Carlin"
12296
12714
msgstr ""
12297
12715
12298
#: serverguide/C/network-auth.xml:1125(para)
12716
#: serverguide/C/network-auth.xml:1138(para)
12299
12717
msgid ""
12300
12718
"The user's <emphasis>gecos</emphasis> should now be <quote>George "
12301
12719
"Carlin</quote>."
12302
12720
msgstr ""
12303
12721
12304
#: serverguide/C/network-auth.xml:1130(para)
12722
#: serverguide/C/network-auth.xml:1143(para)
12305
12723
msgid ""
12306
12724
"Another great feature of <application>ldapscripts</application>, is the "
12307
12725
"template system. Templates allow you to customize the attributes of user, "
12310
12728
"<filename>/etc/ldapscripts/ldapscripts.conf</filename> changing:"
12311
12729
msgstr ""
12312
12730
12313
#: serverguide/C/network-auth.xml:1137(programlisting)
12731
#: serverguide/C/network-auth.xml:1150(programlisting)
12314
12732
#, no-wrap
12315
12733
msgid ""
12316
12734
"\n"
12317
12735
"UTEMPLATE=\"/etc/ldapscripts/ldapadduser.template\"\n"
12318
12736
msgstr ""
12319
12737
12320
#: serverguide/C/network-auth.xml:1141(para)
12738
#: serverguide/C/network-auth.xml:1154(para)
12321
12739
msgid ""
12322
12740
"There are <emphasis role=\"italic\">sample</emphasis> templates in the "
12323
12741
"<filename>/etc/ldapscripts</filename> directory. Copy or rename the "
12325
12743
"<filename>/etc/ldapscripts/ldapadduser.template</filename>:"
12326
12744
msgstr ""
12327
12745
12328
#: serverguide/C/network-auth.xml:1148(command)
12746
#: serverguide/C/network-auth.xml:1161(command)
12329
12747
msgid ""
12330
12748
"sudo cp /etc/ldapscripts/ldapadduser.template.sample "
12331
12749
"/etc/ldapscripts/ldapadduser.template"
12332
12750
msgstr ""
12333
12751
12334
#: serverguide/C/network-auth.xml:1151(para)
12752
#: serverguide/C/network-auth.xml:1164(para)
12335
12753
msgid ""
12336
12754
"Edit the new template to add the desired attributes. The following will "
12337
12755
"create new user's as with an <emphasis>objectClass</emphasis> of "
12338
12756
"<emphasis>inetOrgPerson</emphasis>:"
12339
12757
msgstr ""
12340
12758
12341
#: serverguide/C/network-auth.xml:1156(programlisting)
12759
#: serverguide/C/network-auth.xml:1169(programlisting)
12342
12760
#, no-wrap
12343
12761
msgid ""
12344
12762
"\n"
12357
12775
"title: Employee\n"
12358
12776
msgstr ""
12359
12777
12360
#: serverguide/C/network-auth.xml:1172(para)
12778
#: serverguide/C/network-auth.xml:1185(para)
12361
12779
msgid ""
12362
12780
"Notice the <emphasis><ask></emphasis> option used for the "
12363
12781
"<emphasis>cn</emphasis> value. Using <ask> will configure "
12365
12783
"during user creation."
12366
12784
msgstr ""
12367
12785
12368
#: serverguide/C/network-auth.xml:1180(para)
12786
#: serverguide/C/network-auth.xml:1193(para)
12369
12787
msgid ""
12370
12788
"There are more useful scripts in the package, to see a full list enter: "
12371
12789
"<command>dpkg -L ldapscripts | grep bin</command>"
12372
12790
msgstr ""
12373
12791
12374
#: serverguide/C/network-auth.xml:1189(para)
12792
#: serverguide/C/network-auth.xml:1202(para)
12375
12793
msgid ""
12376
12794
"For more information see <ulink url=\"http://www.openldap.org/\">OpenLDAP "
12377
12795
"Home Page</ulink>"
12378
12796
msgstr ""
12379
12797
12380
#: serverguide/C/network-auth.xml:1194(para)
12798
#: serverguide/C/network-auth.xml:1207(para)
12381
12799
msgid ""
12382
12800
"Though starting to show it's age, a great source for in depth LDAP "
12383
12801
"information is O'Reilly's <ulink "
12385
12803
"Administration</ulink>"
12386
12804
msgstr ""
12387
12805
12388
#: serverguide/C/network-auth.xml:1200(para)
12806
#: serverguide/C/network-auth.xml:1213(para)
12389
12807
msgid ""
12390
12808
"Packt's <ulink url=\"http://www.packtpub.com/OpenLDAP-Developers-Server-Open-"
12391
12809
"Source-Linux/book\">Mastering OpenLDAP</ulink> is a great reference covering "
12392
12810
"newer versions of OpenLDAP."
12393
12811
msgstr ""
12394
12812
12395
#: serverguide/C/network-auth.xml:1206(para)
12813
#: serverguide/C/network-auth.xml:1219(para)
12396
12814
msgid ""
12397
12815
"For more information on <application>auth-client-config</application> see "
12398
12816
"the man page: <command>man auth-client-config</command>."
12399
12817
msgstr ""
12400
12818
12401
#: serverguide/C/network-auth.xml:1211(para)
12819
#: serverguide/C/network-auth.xml:1224(para)
12402
12820
msgid ""
12403
12821
"For more details regarding the <application>ldapscripts</application> "
12404
12822
"package see the man pages: <command>man ldapscripts</command>, <command>man "
12405
12823
"ldapadduser</command>, <command>man ldapaddgroup</command>, etc."
12406
12824
msgstr ""
12407
12825
12408
#: serverguide/C/network-auth.xml:1221(title)
12826
#: serverguide/C/network-auth.xml:1234(title)
12409
12827
msgid "Samba and LDAP"
12410
12828
msgstr ""
12411
12829
12412
#: serverguide/C/network-auth.xml:1223(para)
12830
#: serverguide/C/network-auth.xml:1236(para)
12413
12831
msgid ""
12414
12832
"This section covers configuring Samba to use LDAP for user, group, and "
12415
12833
"machine account information and authentication. The assumption is, you "
12416
12834
"already have a working OpenLDAP directory installed and the server is "
12417
12835
"configured to use it for authentication. See <xref linkend=\"openldap-"
12418
12836
"server\"/> and <xref linkend=\"openldap-auth-config\"/> for details on "
12419
"setting up OpenLDAP."
12837
"setting up OpenLDAP. For more information on installing and configuring "
12838
"Samba see <xref linkend=\"windows-networking\"/>."
12420
12839
msgstr ""
12421
12840
12422
#: serverguide/C/network-auth.xml:1232(para)
12841
#: serverguide/C/network-auth.xml:1246(para)
12423
12842
msgid ""
12424
12843
"There are three packages needed when integrating Samba with LDAP. "
12425
12844
"<application>samba</application>, <application>samba-doc</application>, and "
12427
12846
"from a terminal enter:"
12428
12847
msgstr ""
12429
12848
12430
#: serverguide/C/network-auth.xml:1238(command)
12849
#: serverguide/C/network-auth.xml:1252(command)
12431
12850
msgid "sudo apt-get install samba samba-doc smbldap-tools"
12432
12851
msgstr ""
12433
12852
12434
#: serverguide/C/network-auth.xml:1241(para)
12853
#: serverguide/C/network-auth.xml:1255(para)
12435
12854
msgid ""
12436
12855
"Strictly speaking the <application>smbldap-tools</application> package isn't "
12437
12856
"needed, but unless you have another package or custom scripts, a method of "
12438
12857
"managing users, groups, and computer accounts is needed."
12439
12858
msgstr ""
12440
12859
12441
#: serverguide/C/network-auth.xml:1248(title)
12860
#: serverguide/C/network-auth.xml:1262(title)
12442
12861
msgid "OpenLDAP Configuration"
12443
12862
msgstr ""
12444
12863
12445
#: serverguide/C/network-auth.xml:1250(para)
12864
#: serverguide/C/network-auth.xml:1264(para)
12446
12865
msgid ""
12447
12866
"In order for Samba to use OpenLDAP as a <emphasis>passdb backend</emphasis>, "
12448
12867
"the user objects in the directory will need additional attributes. This "
12450
12869
"controller, and will add the necessary LDAP objects and attributes."
12451
12870
msgstr ""
12452
12871
12453
#: serverguide/C/network-auth.xml:1258(para)
12872
#: serverguide/C/network-auth.xml:1272(para)
12454
12873
msgid ""
12455
12874
"The Samba attributes are defined in the <filename>samba.schema</filename> "
12456
12875
"file which is part of the <application>samba-doc</application> package. The "
12458
12877
"<filename>/etc/ldap/schema</filename>. From a terminal prompt enter:"
12459
12878
msgstr ""
12460
12879
12461
#: serverguide/C/network-auth.xml:1265(command)
12880
#: serverguide/C/network-auth.xml:1279(command)
12462
12881
msgid ""
12463
12882
"sudo cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz "
12464
12883
"/etc/ldap/schema/"
12465
12884
msgstr ""
12466
12885
12467
#: serverguide/C/network-auth.xml:1266(command)
12886
#: serverguide/C/network-auth.xml:1280(command)
12468
12887
msgid "sudo gzip -d /etc/ldap/schema/samba.schema.gz"
12469
12888
msgstr ""
12470
12889
12471
#: serverguide/C/network-auth.xml:1272(para)
12890
#: serverguide/C/network-auth.xml:1286(para)
12472
12891
msgid ""
12473
12892
"The <emphasis>samba</emphasis> schema needs to be added to the "
12474
12893
"<emphasis>cn=config</emphasis> tree. The procedure to add a new schema to "
12476
12895
"linkend=\"openldap-configuration\"/>."
12477
12896
msgstr ""
12478
12897
12479
#: serverguide/C/network-auth.xml:1280(para) serverguide/C/network-auth.xml:2305(para)
12898
#: serverguide/C/network-auth.xml:1294(para) serverguide/C/network-auth.xml:2318(para)
12480
12899
msgid ""
12481
12900
"First, create a configuration file named "
12482
12901
"<filename>schema_convert.conf</filename>, or a similar descriptive name, "
12483
12902
"containing the following lines:"
12484
12903
msgstr ""
12485
12904
12486
#: serverguide/C/network-auth.xml:1285(programlisting)
12905
#: serverguide/C/network-auth.xml:1299(programlisting)
12487
12906
#, no-wrap
12488
12907
msgid ""
12489
12908
"\n"
12502
12921
"include /etc/ldap/schema/samba.schema\n"
12503
12922
msgstr ""
12504
12923
12505
#: serverguide/C/network-auth.xml:1315(para) serverguide/C/network-auth.xml:2340(para)
12506
msgid ""
12507
"Now use <application>slaptest</application> to convert the schema files:"
12508
msgstr ""
12509
12510
#: serverguide/C/network-auth.xml:1323(para) serverguide/C/network-auth.xml:2348(para)
12924
#: serverguide/C/network-auth.xml:1329(para) serverguide/C/network-auth.xml:2353(para)
12925
msgid ""
12926
"Now use <application>slapcat</application> to convert the schema files:"
12927
msgstr ""
12928
12929
#: serverguide/C/network-auth.xml:1334(command)
12930
msgid ""
12931
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
12932
"\"cn={12}samba,cn=schema,cn=config\" > /tmp/cn=samba.ldif"
12933
msgstr ""
12934
12935
#: serverguide/C/network-auth.xml:1337(para) serverguide/C/network-auth.xml:2361(para)
12511
12936
msgid ""
12512
12937
"Change the above file and path names to match your own if they are different."
12513
12938
msgstr ""
12514
12939
12515
#: serverguide/C/network-auth.xml:1330(para)
12940
#: serverguide/C/network-auth.xml:1344(para)
12516
12941
msgid ""
12517
"Edit the generated "
12518
"<filename>/tmp/ldif_output/cn=config/cn=schema/cn={12}samba.ldif</filename> "
12519
"file, changing the following attributes:"
12942
"Edit the generated <filename>/tmp/cn\\=samba.ldif</filename> file, changing "
12943
"the following attributes:"
12520
12944
msgstr ""
12521
12945
12522
#: serverguide/C/network-auth.xml:1335(programlisting)
12946
#: serverguide/C/network-auth.xml:1348(programlisting)
12523
12947
#, no-wrap
12524
12948
msgid ""
12525
12949
"\n"
12528
12952
"cn: samba\n"
12529
12953
msgstr ""
12530
12954
12531
#: serverguide/C/network-auth.xml:1345(programlisting)
12955
#: serverguide/C/network-auth.xml:1358(programlisting)
12532
12956
#, no-wrap
12533
12957
msgid ""
12534
12958
"\n"
12541
12965
"modifyTimestamp: 20080827045234Z\n"
12542
12966
msgstr ""
12543
12967
12544
#: serverguide/C/network-auth.xml:1370(command)
12545
msgid ""
12546
"ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\\=config/cn\\"
12547
"=schema/cn\\=\\{12\\}samba.ldif"
12968
#: serverguide/C/network-auth.xml:1383(command)
12969
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=samba.ldif"
12548
12970
msgstr ""
12549
12971
12550
#: serverguide/C/network-auth.xml:1376(para)
12972
#: serverguide/C/network-auth.xml:1389(para)
12551
12973
msgid ""
12552
12974
"There should now be a <emphasis>dn: "
12553
12975
"cn={X}misc,cn=schema,cn=config</emphasis>, where \"X\" is the next "
12554
12976
"sequential schema, entry in the cn=config tree."
12555
12977
msgstr ""
12556
12978
12557
#: serverguide/C/network-auth.xml:1384(para)
12979
#: serverguide/C/network-auth.xml:1397(para)
12558
12980
msgid ""
12559
12981
"Copy and paste the following into a file named "
12560
12982
"<filename>samba_indexes.ldif</filename>:"
12561
12983
msgstr ""
12562
12984
12563
#: serverguide/C/network-auth.xml:1388(programlisting)
12985
#: serverguide/C/network-auth.xml:1401(programlisting)
12564
12986
#, no-wrap
12565
12987
msgid ""
12566
12988
"\n"
12581
13003
"olcDbIndex: default sub\n"
12582
13004
msgstr ""
12583
13005
12584
#: serverguide/C/network-auth.xml:1406(para)
13006
#: serverguide/C/network-auth.xml:1419(para)
12585
13007
msgid ""
12586
13008
"Using the <application>ldapmodify</application> utility load the new indexes:"
12587
13009
msgstr ""
12588
13010
12589
#: serverguide/C/network-auth.xml:1411(command)
13011
#: serverguide/C/network-auth.xml:1424(command)
12590
13012
msgid "ldapmodify -x -D cn=admin,cn=config -W -f samba_indexes.ldif"
12591
13013
msgstr ""
12592
13014
12593
#: serverguide/C/network-auth.xml:1413(para)
13015
#: serverguide/C/network-auth.xml:1426(para)
12594
13016
msgid ""
12595
13017
"If all went well you should see the new indexes using "
12596
13018
"<application>ldapsearch</application>:"
12597
13019
msgstr ""
12598
13020
12599
#: serverguide/C/network-auth.xml:1418(command)
13021
#: serverguide/C/network-auth.xml:1431(command)
12600
13022
msgid ""
12601
13023
"ldapsearch -xLLL -D cn=admin,cn=config -x -b cn=config -W olcDatabase={1}hdb"
12602
13024
msgstr ""
12603
13025
12604
#: serverguide/C/network-auth.xml:1424(para)
13026
#: serverguide/C/network-auth.xml:1437(para)
12605
13027
msgid ""
12606
13028
"Next, configure the <application>smbldap-tools</application> package to "
12607
13029
"match your environment. The package comes with a configuration script that "
12608
13030
"will ask questions about the needed options. To run the script enter:"
12609
13031
msgstr ""
12610
13032
12611
#: serverguide/C/network-auth.xml:1430(command)
13033
#: serverguide/C/network-auth.xml:1443(command)
12612
13034
msgid "sudo gzip -d /usr/share/doc/smbldap-tools/configure.pl.gz"
12613
13035
msgstr ""
12614
13036
12615
#: serverguide/C/network-auth.xml:1431(command)
13037
#: serverguide/C/network-auth.xml:1444(command)
12616
13038
msgid "sudo perl /usr/share/doc/smbldap-tools/configure.pl"
12617
13039
msgstr ""
12618
13040
12619
#: serverguide/C/network-auth.xml:1434(para)
13041
#: serverguide/C/network-auth.xml:1447(para)
12620
13042
msgid ""
12621
13043
"Once you have answered the questions, there should be <filename>/etc/smbldap-"
12622
13044
"tools/smbldap.conf</filename> and <filename>/etc/smbldap-"
12625
13047
"may be simpler to edit the file appropriately."
12626
13048
msgstr ""
12627
13049
12628
#: serverguide/C/network-auth.xml:1444(para)
13050
#: serverguide/C/network-auth.xml:1457(para)
12629
13051
msgid ""
12630
13052
"The <application>smbldap-populate</application> script will add the "
12631
13053
"necessary users, groups, and LDAP objects required for Samba. It is a good "
12633
13055
"<application>slapcat</application> before executing the command:"
12634
13056
msgstr ""
12635
13057
12636
#: serverguide/C/network-auth.xml:1451(command)
13058
#: serverguide/C/network-auth.xml:1464(command)
12637
13059
msgid "sudo slapcat -l backup.ldif"
12638
13060
msgstr ""
12639
13061
12640
#: serverguide/C/network-auth.xml:1457(para)
13062
#: serverguide/C/network-auth.xml:1470(para)
12641
13063
msgid ""
12642
13064
"Once you have a current backup execute <application>smbldap-"
12643
13065
"populate</application> by entering:"
12644
13066
msgstr ""
12645
13067
12646
#: serverguide/C/network-auth.xml:1462(command)
13068
#: serverguide/C/network-auth.xml:1475(command)
12647
13069
msgid "sudo smbldap-populate"
12648
13070
msgstr ""
12649
13071
12650
#: serverguide/C/network-auth.xml:1466(para)
13072
#: serverguide/C/network-auth.xml:1479(para)
12651
13073
msgid ""
12652
13074
"You can create an LDIF file containing the new Samba objects by executing "
12653
13075
"<command>sudo smbldap-populate -e samba.ldif</command>. This allows you to "
12654
13076
"look over the changes making sure everything is correct."
12655
13077
msgstr ""
12656
13078
12657
#: serverguide/C/network-auth.xml:1474(para)
13079
#: serverguide/C/network-auth.xml:1487(para)
12658
13080
msgid ""
12659
13081
"Your LDAP directory now has the necessary domain information to authenticate "
12660
13082
"Samba users."
12661
13083
msgstr ""
12662
13084
12663
#: serverguide/C/network-auth.xml:1480(title)
13085
#: serverguide/C/network-auth.xml:1493(title)
12664
13086
msgid "Samba Configuration"
12665
13087
msgstr ""
12666
13088
12667
#: serverguide/C/network-auth.xml:1482(para)
13089
#: serverguide/C/network-auth.xml:1495(para)
12668
13090
msgid ""
12669
13091
"There a multiple ways to configure Samba for details on some common "
12670
13092
"configurations see <xref linkend=\"windows-networking\"/>. To configure "
12673
13095
"backend</emphasis> option and adding the following:"
12674
13096
msgstr ""
12675
13097
12676
#: serverguide/C/network-auth.xml:1488(programlisting)
13098
#: serverguide/C/network-auth.xml:1501(programlisting)
12677
13099
#, no-wrap
12678
13100
msgid ""
12679
13101
"\n"
12693
13115
" add machine script = sudo /usr/sbin/smbldap-useradd -t 0 -w \"%u\"\n"
12694
13116
msgstr ""
12695
13117
12696
#: serverguide/C/network-auth.xml:1505(para)
13118
#: serverguide/C/network-auth.xml:1518(para)
12697
13119
msgid "Restart <application>samba</application> to enable the new settings:"
12698
13120
msgstr ""
12699
13121
12700
#: serverguide/C/network-auth.xml:1513(para)
13122
#: serverguide/C/network-auth.xml:1526(para)
12701
13123
msgid ""
12702
13124
"Now Samba needs to know the LDAP admin password. From a terminal prompt "
12703
13125
"enter:"
12704
13126
msgstr ""
12705
13127
12706
#: serverguide/C/network-auth.xml:1518(command)
13128
#: serverguide/C/network-auth.xml:1531(command)
12707
13129
msgid "sudo smbpasswd -w secret"
12708
13130
msgstr ""
12709
13131
12710
#: serverguide/C/network-auth.xml:1522(para)
13132
#: serverguide/C/network-auth.xml:1535(para)
12711
13133
msgid ""
12712
13134
"Replacing <emphasis role=\"italic\">secret</emphasis> with your LDAP admin "
12713
13135
"password."
12714
13136
msgstr ""
12715
13137
12716
#: serverguide/C/network-auth.xml:1527(para)
13138
#: serverguide/C/network-auth.xml:1540(para)
12717
13139
msgid ""
12718
13140
"If you currently have users in LDAP, and you want them to authenticate using "
12719
13141
"Samba, they will need some Samba attributes defined in the "
12722
13144
"<emphasis role=\"italic\">username</emphasis> with an actual user:"
12723
13145
msgstr ""
12724
13146
12725
#: serverguide/C/network-auth.xml:1535(command)
13147
#: serverguide/C/network-auth.xml:1548(command)
12726
13148
msgid "sudo smbpasswd -a username"
12727
13149
msgstr ""
12728
13150
12729
#: serverguide/C/network-auth.xml:1538(para)
13151
#: serverguide/C/network-auth.xml:1551(para)
12730
13152
msgid "You will then be asked to enter the user's password."
12731
13153
msgstr ""
12732
13154
12733
#: serverguide/C/network-auth.xml:1542(para)
13155
#: serverguide/C/network-auth.xml:1555(para)
12734
13156
msgid ""
12735
13157
"To add new user, group, and machine accounts use the utilities from the "
12736
13158
"<application>smbldap-tools</application> package. Here are some examples:"
12737
13159
msgstr ""
12738
13160
12739
#: serverguide/C/network-auth.xml:1549(para)
13161
#: serverguide/C/network-auth.xml:1562(para)
12740
13162
msgid ""
12741
13163
"To add a new user to LDAP with Samba attributes enter the following, "
12742
13164
"replacing username with an actual username:"
12743
13165
msgstr ""
12744
13166
12745
#: serverguide/C/network-auth.xml:1553(command)
13167
#: serverguide/C/network-auth.xml:1566(command)
12746
13168
msgid "sudo smbldap-useradd -a -P username"
12747
13169
msgstr ""
12748
13170
12749
#: serverguide/C/network-auth.xml:1555(para)
13171
#: serverguide/C/network-auth.xml:1568(para)
12750
13172
msgid ""
12751
13173
"The <emphasis>-a</emphasis> option adds the Samba attributes, and the "
12752
13174
"<emphasis>-P</emphasis> options calls the <application>smbldap-"
12754
13176
"a password for the user."
12755
13177
msgstr ""
12756
13178
12757
#: serverguide/C/network-auth.xml:1561(para)
13179
#: serverguide/C/network-auth.xml:1574(para)
12758
13180
msgid "To remove a user from the directory enter:"
12759
13181
msgstr ""
12760
13182
12761
#: serverguide/C/network-auth.xml:1565(command)
13183
#: serverguide/C/network-auth.xml:1578(command)
12762
13184
msgid "sudo smbldap-userdel username"
12763
13185
msgstr ""
12764
13186
12765
#: serverguide/C/network-auth.xml:1567(para)
13187
#: serverguide/C/network-auth.xml:1580(para)
12766
13188
msgid ""
12767
13189
"The <application>smbldap-userdel</application> utility also has a <emphasis>-"
12768
13190
"r</emphasis> option to remove the user's home directory."
12769
13191
msgstr ""
12770
13192
12771
#: serverguide/C/network-auth.xml:1572(para)
13193
#: serverguide/C/network-auth.xml:1585(para)
12772
13194
msgid ""
12773
13195
"Use <application>smbldap-groupadd</application> to add a group, replacing "
12774
13196
"groupname with an appropriate group:"
12775
13197
msgstr ""
12776
13198
12777
#: serverguide/C/network-auth.xml:1576(command)
13199
#: serverguide/C/network-auth.xml:1589(command)
12778
13200
msgid "sudo smbldap-groupadd -a groupname"
12779
13201
msgstr ""
12780
13202
12781
#: serverguide/C/network-auth.xml:1578(para)
13203
#: serverguide/C/network-auth.xml:1591(para)
12782
13204
msgid ""
12783
13205
"Similar to <application>smbldap-useradd</application>, the <emphasis>-"
12784
13206
"a</emphasis> adds the Samba attributes."
12785
13207
msgstr ""
12786
13208
12787
#: serverguide/C/network-auth.xml:1583(para)
13209
#: serverguide/C/network-auth.xml:1596(para)
12788
13210
msgid ""
12789
13211
"To add a user to a group use <application>smbldap-groupmod</application>:"
12790
13212
msgstr ""
12791
13213
12792
#: serverguide/C/network-auth.xml:1587(command)
13214
#: serverguide/C/network-auth.xml:1600(command)
12793
13215
msgid "sudo smbldap-groupmod -m username groupname"
12794
13216
msgstr ""
12795
13217
12796
#: serverguide/C/network-auth.xml:1589(para)
13218
#: serverguide/C/network-auth.xml:1602(para)
12797
13219
msgid ""
12798
13220
"Be sure to replace <emphasis>username</emphasis> with a real user. Also, the "
12799
13221
"<emphasis>-m</emphasis> option can add more than one user at a time by "
12800
13222
"listing them in <emphasis>comma separated</emphasis> format."
12801
13223
msgstr ""
12802
13224
12803
#: serverguide/C/network-auth.xml:1595(para)
13225
#: serverguide/C/network-auth.xml:1608(para)
12804
13226
msgid ""
12805
13227
"<application>smbldap-groupmod</application> can also be used to remove a "
12806
13228
"user from a group:"
12807
13229
msgstr ""
12808
13230
12809
#: serverguide/C/network-auth.xml:1599(command)
13231
#: serverguide/C/network-auth.xml:1612(command)
12810
13232
msgid "sudo smbldap-groupmod -x username groupname"
12811
13233
msgstr ""
12812
13234
12813
#: serverguide/C/network-auth.xml:1603(para)
13235
#: serverguide/C/network-auth.xml:1616(para)
12814
13236
msgid ""
12815
13237
"Additionally, the <application>smbldap-useradd</application> utility can add "
12816
13238
"Samba machine accounts:"
12817
13239
msgstr ""
12818
13240
12819
#: serverguide/C/network-auth.xml:1607(command)
13241
#: serverguide/C/network-auth.xml:1620(command)
12820
13242
msgid "sudo smbldap-useradd -t 0 -w username"
12821
13243
msgstr ""
12822
13244
12823
#: serverguide/C/network-auth.xml:1609(para)
13245
#: serverguide/C/network-auth.xml:1622(para)
12824
13246
msgid ""
12825
13247
"Replace <emphasis>username</emphasis> with the name of the workstation. The "
12826
13248
"<emphasis>-t 0</emphasis> option creates the machine account without a "
12830
13252
"<application>smbldap-useradd</application>."
12831
13253
msgstr ""
12832
13254
12833
#: serverguide/C/network-auth.xml:1618(para)
13255
#: serverguide/C/network-auth.xml:1631(para)
12834
13256
msgid ""
12835
13257
"There are more useful utilities and options in the <application>smbldap-"
12836
13258
"tools</application> package. The man page for each utility provides more "
12837
13259
"details."
12838
13260
msgstr ""
12839
13261
12840
#: serverguide/C/network-auth.xml:1629(para)
13262
#: serverguide/C/network-auth.xml:1642(para)
12841
13263
msgid ""
12842
13264
"There are multiple places where LDAP and Samba is documented in the <ulink "
12843
13265
"url=\"http://samba.org/samba/docs/man/Samba-HOWTO-Collection/\">Samba HOWTO "
12844
13266
"Collection</ulink>."
12845
13267
msgstr ""
12846
13268
12847
#: serverguide/C/network-auth.xml:1635(para)
13269
#: serverguide/C/network-auth.xml:1648(para)
12848
13270
msgid ""
12849
13271
"Specifically see the <ulink url=\"http://samba.org/samba/docs/man/Samba-"
12850
13272
"HOWTO-Collection/passdb.html\">passdb section</ulink>."
12851
13273
msgstr ""
12852
13274
12853
#: serverguide/C/network-auth.xml:1641(para)
13275
#: serverguide/C/network-auth.xml:1654(para)
12854
13276
msgid ""
12855
13277
"Another good site is <ulink url=\"http://www.iallanis.info/smbldap-"
12856
13278
"tools/docs/samba-ldap-howto/\">Samba OpenLDAP HOWTO</ulink>."
12857
13279
msgstr ""
12858
13280
12859
#: serverguide/C/network-auth.xml:1647(para)
13281
#: serverguide/C/network-auth.xml:1660(para)
12860
13282
msgid ""
12861
13283
"Again, for more information on <application>smbldap-tools</application> see "
12862
13284
"the man pages: <command>man smbldap-useradd</command>, <command>man smbldap-"
12863
13285
"groupadd</command>, <command>man smbldap-populate</command>, etc."
12864
13286
msgstr ""
12865
13287
12866
#: serverguide/C/network-auth.xml:1657(title)
13288
#: serverguide/C/network-auth.xml:1670(title)
12867
13289
msgid "Kerberos"
12868
13290
msgstr ""
12869
13291
12870
#: serverguide/C/network-auth.xml:1659(para)
13292
#: serverguide/C/network-auth.xml:1672(para)
12871
13293
msgid ""
12872
13294
"<application>Kerberos</application> is a network authentication system based "
12873
13295
"on the principal of a trusted third party. The other two parties being the "
12876
13298
"network environment one step closer to being Single Sign On (SSO)."
12877
13299
msgstr ""
12878
13300
12879
#: serverguide/C/network-auth.xml:1665(para)
13301
#: serverguide/C/network-auth.xml:1678(para)
12880
13302
msgid ""
12881
13303
"This section covers installation and configuration of a Kerberos server, and "
12882
13304
"some example client configurations."
12883
13305
msgstr ""
12884
13306
12885
#: serverguide/C/network-auth.xml:1672(para)
13307
#: serverguide/C/network-auth.xml:1685(para)
12886
13308
msgid ""
12887
13309
"If you are new to Kerberos there are a few terms that are good to understand "
12888
13310
"before setting up a Kerberos server. Most of the terms will relate to things "
12889
13311
"you may be familiar with in other environments:"
12890
13312
msgstr ""
12891
13313
12892
#: serverguide/C/network-auth.xml:1679(para)
13314
#: serverguide/C/network-auth.xml:1692(para)
12893
13315
msgid ""
12894
13316
"<emphasis>Principal:</emphasis> any users, computers, and services provided "
12895
13317
"by servers need to be defined as Kerberos Principals."
12896
13318
msgstr ""
12897
13319
12898
#: serverguide/C/network-auth.xml:1684(para)
13320
#: serverguide/C/network-auth.xml:1697(para)
12899
13321
msgid ""
12900
13322
"<emphasis>Instances:</emphasis> are used for service principals and special "
12901
13323
"administrative principals."
12902
13324
msgstr ""
12903
13325
12904
#: serverguide/C/network-auth.xml:1689(para)
13326
#: serverguide/C/network-auth.xml:1702(para)
12905
13327
msgid ""
12906
13328
"<emphasis>Realms:</emphasis> the unique realm of control provided by the "
12907
13329
"Kerberos installation. Usually the DNS domain converted to uppercase "
12908
13330
"(EXAMPLE.COM)."
12909
13331
msgstr ""
12910
13332
12911
#: serverguide/C/network-auth.xml:1695(para)
13333
#: serverguide/C/network-auth.xml:1708(para)
12912
13334
msgid ""
12913
13335
"<emphasis>Key Distribution Center:</emphasis> (KDC) consist of three parts, "
12914
13336
"a database of all principals, the authentication server, and the ticket "
12915
13337
"granting server. For each realm there must be at least one KDC."
12916
13338
msgstr ""
12917
13339
12918
#: serverguide/C/network-auth.xml:1701(para)
13340
#: serverguide/C/network-auth.xml:1714(para)
12919
13341
msgid ""
12920
13342
"<emphasis>Ticket Granting Ticket:</emphasis> issued by the Authentication "
12921
13343
"Server (AS), the Ticket Granting Ticket (TGT) is encrypted in the user's "
12922
13344
"password which is known only to the user and the KDC."
12923
13345
msgstr ""
12924
13346
12925
#: serverguide/C/network-auth.xml:1707(para)
13347
#: serverguide/C/network-auth.xml:1720(para)
12926
13348
msgid ""
12927
13349
"<emphasis>Ticket Granting Server:</emphasis> (TGS) issues service tickets to "
12928
13350
"clients upon request."
12929
13351
msgstr ""
12930
13352
12931
#: serverguide/C/network-auth.xml:1712(para)
13353
#: serverguide/C/network-auth.xml:1725(para)
12932
13354
msgid ""
12933
13355
"<emphasis>Tickets:</emphasis> confirm the identity of the two principals. "
12934
13356
"One principal being a user and the other a service requested by the user. "
12936
13358
"authenticated session."
12937
13359
msgstr ""
12938
13360
12939
#: serverguide/C/network-auth.xml:1718(para)
13361
#: serverguide/C/network-auth.xml:1731(para)
12940
13362
msgid ""
12941
13363
"<emphasis>Keytab Files:</emphasis> are files extracted from the KDC "
12942
13364
"principal database and contain the encryption key for a service or host."
12943
13365
msgstr ""
12944
13366
12945
#: serverguide/C/network-auth.xml:1725(para)
13367
#: serverguide/C/network-auth.xml:1738(para)
12946
13368
msgid ""
12947
13369
"To put the pieces together, a Realm has at least one KDC, preferably two for "
12948
13370
"redundancy, which contains a database of Principals. When a user principal "
12954
13376
"and password."
12955
13377
msgstr ""
12956
13378
12957
#: serverguide/C/network-auth.xml:1734(title)
13379
#: serverguide/C/network-auth.xml:1747(title)
12958
13380
msgid "Kerberos Server"
12959
13381
msgstr ""
12960
13382
12961
#: serverguide/C/network-auth.xml:1738(para)
13383
#: serverguide/C/network-auth.xml:1751(para)
12962
13384
msgid ""
12963
13385
"Before installing the Kerberos server a properly configured DNS server is "
12964
13386
"needed for your domain. Since the Kerberos Realm by convention matches the "
12966
13388
"configured in <xref linkend=\"dns-primarymaster-configuration\"/>."
12967
13389
msgstr ""
12968
13390
12969
#: serverguide/C/network-auth.xml:1744(para)
13391
#: serverguide/C/network-auth.xml:1757(para)
12970
13392
msgid ""
12971
13393
"Also, Kerberos is a time sensitive protocol. So if the local system time "
12972
13394
"between a client machine and the server differs by more than five minutes "
12976
13398
"NTP see <xref linkend=\"NTP\"/>."
12977
13399
msgstr ""
12978
13400
12979
#: serverguide/C/network-auth.xml:1751(para)
13401
#: serverguide/C/network-auth.xml:1764(para)
12980
13402
msgid ""
12981
13403
"The first step in installing a Kerberos Realm is to install the "
12982
13404
"<application>krb5-kdc</application> and <application>krb5-admin-"
12983
13405
"server</application> packages. From a terminal enter:"
12984
13406
msgstr ""
12985
13407
12986
#: serverguide/C/network-auth.xml:1757(command) serverguide/C/network-auth.xml:1932(command)
13408
#: serverguide/C/network-auth.xml:1770(command) serverguide/C/network-auth.xml:1945(command)
12987
13409
msgid "sudo apt-get install krb5-kdc krb5-admin-server"
12988
13410
msgstr ""
12989
13411
12990
#: serverguide/C/network-auth.xml:1760(para)
13412
#: serverguide/C/network-auth.xml:1773(para)
12991
13413
msgid ""
12992
13414
"You will be asked at the end of the install to supply a name for the "
12993
13415
"Kerberos and Admin servers, which may or may not be the same server, for the "
12994
13416
"realm."
12995
13417
msgstr ""
12996
13418
12997
#: serverguide/C/network-auth.xml:1765(para)
13419
#: serverguide/C/network-auth.xml:1778(para)
12998
13420
msgid ""
12999
13421
"Next, create the new realm with the <application>kdb5_newrealm</application> "
13000
13422
"utility:"
13001
13423
msgstr ""
13002
13424
13003
#: serverguide/C/network-auth.xml:1770(command)
13425
#: serverguide/C/network-auth.xml:1783(command)
13004
13426
msgid "sudo krb5_newrealm"
13005
13427
msgstr ""
13006
13428
13007
#: serverguide/C/network-auth.xml:1777(para)
13429
#: serverguide/C/network-auth.xml:1790(para)
13008
13430
msgid ""
13009
13431
"The questions asked during installation are used to configure the "
13010
13432
"<filename>/etc/krb5.conf</filename> file. If you need to adjust the Key "
13012
13434
"<application>krb5-kdc</application> daemon."
13013
13435
msgstr ""
13014
13436
13015
#: serverguide/C/network-auth.xml:1785(para)
13437
#: serverguide/C/network-auth.xml:1798(para)
13016
13438
msgid ""
13017
13439
"Now that the KDC running an admin user is needed. It is recommended to use a "
13018
13440
"different username from your everyday username. Using the "
13019
13441
"<application>kadmin.local</application> utility in a terminal prompt enter:"
13020
13442
msgstr ""
13021
13443
13022
#: serverguide/C/network-auth.xml:1791(command) serverguide/C/network-auth.xml:2583(command)
13444
#: serverguide/C/network-auth.xml:1804(command) serverguide/C/network-auth.xml:2595(command)
13023
13445
msgid "sudo kadmin.local"
13024
13446
msgstr ""
13025
13447
13026
#: serverguide/C/network-auth.xml:1792(computeroutput)
13448
#: serverguide/C/network-auth.xml:1805(computeroutput)
13027
13449
#, no-wrap
13028
13450
msgid ""
13029
13451
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
13030
13452
"kadmin.local:"
13031
13453
msgstr ""
13032
13454
13033
#: serverguide/C/network-auth.xml:1793(userinput)
13455
#: serverguide/C/network-auth.xml:1806(userinput)
13034
13456
#, no-wrap
13035
13457
msgid " addprinc steve/admin"
13036
13458
msgstr ""
13037
13459
13038
#: serverguide/C/network-auth.xml:1794(computeroutput)
13460
#: serverguide/C/network-auth.xml:1807(computeroutput)
13039
13461
#, no-wrap
13040
13462
msgid ""
13041
13463
"WARNING: no policy specified for steve/admin@EXAMPLE.COM; defaulting to no "
13046
13468
"kadmin.local:"
13047
13469
msgstr ""
13048
13470
13049
#: serverguide/C/network-auth.xml:1798(userinput)
13471
#: serverguide/C/network-auth.xml:1811(userinput)
13050
13472
#, no-wrap
13051
13473
msgid " quit"
13052
13474
msgstr ""
13053
13475
13054
#: serverguide/C/network-auth.xml:1801(para)
13476
#: serverguide/C/network-auth.xml:1814(para)
13055
13477
msgid ""
13056
"In the the above example <emphasis role=\"italic\">steve</emphasis> is the "
13478
"In the above example <emphasis role=\"italic\">steve</emphasis> is the "
13057
13479
"<emphasis>Principal</emphasis>, <emphasis role=\"italic\">/admin</emphasis> "
13058
13480
"is an <emphasis>Instance</emphasis>, and <emphasis "
13059
13481
"role=\"italic\">@EXAMPLE.COM</emphasis> signifies the realm. The <emphasis "
13062
13484
"rights."
13063
13485
msgstr ""
13064
13486
13065
#: serverguide/C/network-auth.xml:1809(para)
13487
#: serverguide/C/network-auth.xml:1822(para)
13066
13488
msgid ""
13067
13489
"Replace <emphasis>EXAMPLE.COM</emphasis> and <emphasis>steve</emphasis> with "
13068
13490
"your Realm and admin username."
13069
13491
msgstr ""
13070
13492
13071
#: serverguide/C/network-auth.xml:1817(para)
13493
#: serverguide/C/network-auth.xml:1830(para)
13072
13494
msgid ""
13073
13495
"Next, the new admin user needs to have the appropriate Access Control List "
13074
13496
"(ACL) permissions. The permissions are configured in the "
13075
13497
"<filename>/etc/krb5kdc/kadm5.acl</filename> file:"
13076
13498
msgstr ""
13077
13499
13078
#: serverguide/C/network-auth.xml:1822(programlisting)
13500
#: serverguide/C/network-auth.xml:1835(programlisting)
13079
13501
#, no-wrap
13080
13502
msgid ""
13081
13503
"\n"
13082
13504
"steve/admin@EXAMPLE.COM *\n"
13083
13505
msgstr ""
13084
13506
13085
#: serverguide/C/network-auth.xml:1826(para)
13507
#: serverguide/C/network-auth.xml:1839(para)
13086
13508
msgid ""
13087
13509
"This entry grants <emphasis>steve/admin</emphasis> the ability to perform "
13088
13510
"any operation on all principals in the realm."
13089
13511
msgstr ""
13090
13512
13091
#: serverguide/C/network-auth.xml:1833(para)
13513
#: serverguide/C/network-auth.xml:1846(para)
13092
13514
msgid ""
13093
13515
"Now restart the <application>krb5-admin-server</application> for the new ACL "
13094
13516
"to take affect:"
13095
13517
msgstr ""
13096
13518
13097
#: serverguide/C/network-auth.xml:1838(command)
13519
#: serverguide/C/network-auth.xml:1851(command)
13098
13520
msgid "sudo /etc/init.d/krb5-admin-server restart"
13099
13521
msgstr ""
13100
13522
13101
#: serverguide/C/network-auth.xml:1844(para)
13523
#: serverguide/C/network-auth.xml:1857(para)
13102
13524
msgid ""
13103
13525
"The new user principal can be tested using the <application>kinit "
13104
13526
"utility</application>:"
13105
13527
msgstr ""
13106
13528
13107
#: serverguide/C/network-auth.xml:1849(command)
13529
#: serverguide/C/network-auth.xml:1862(command)
13108
13530
msgid "kinit steve/admin"
13109
13531
msgstr ""
13110
13532
13111
#: serverguide/C/network-auth.xml:1850(computeroutput)
13533
#: serverguide/C/network-auth.xml:1863(computeroutput)
13112
13534
#, no-wrap
13113
13535
msgid "steve/admin@EXAMPLE.COM's Password:"
13114
13536
msgstr ""
13115
13537
13116
#: serverguide/C/network-auth.xml:1853(para)
13538
#: serverguide/C/network-auth.xml:1866(para)
13117
13539
msgid ""
13118
13540
"After entering the password, use the <application>klist</application> "
13119
13541
"utility to view information about the Ticket Granting Ticket (TGT):"
13120
13542
msgstr ""
13121
13543
13122
#: serverguide/C/network-auth.xml:1859(command) serverguide/C/network-auth.xml:2194(command)
13544
#: serverguide/C/network-auth.xml:1872(command) serverguide/C/network-auth.xml:2207(command)
13123
13545
msgid "klist"
13124
13546
msgstr ""
13125
13547
13126
#: serverguide/C/network-auth.xml:1860(computeroutput)
13548
#: serverguide/C/network-auth.xml:1873(computeroutput)
13127
13549
#, no-wrap
13128
13550
msgid ""
13129
13551
"Credentials cache: FILE:/tmp/krb5cc_1000\n"
13133
13555
"Jul 13 17:53:34 Jul 14 03:53:34 krbtgt/EXAMPLE.COM@EXAMPLE.COM"
13134
13556
msgstr ""
13135
13557
13136
#: serverguide/C/network-auth.xml:1867(para)
13558
#: serverguide/C/network-auth.xml:1880(para)
13137
13559
msgid ""
13138
13560
"You may need to add an entry into the <filename>/etc/hosts</filename> for "
13139
13561
"the KDC. For example:"
13140
13562
msgstr ""
13141
13563
13142
#: serverguide/C/network-auth.xml:1871(programlisting)
13564
#: serverguide/C/network-auth.xml:1884(programlisting)
13143
13565
#, no-wrap
13144
13566
msgid ""
13145
13567
"\n"
13146
13568
"192.168.0.1 kdc01.example.com kdc01\n"
13147
13569
msgstr ""
13148
13570
13149
#: serverguide/C/network-auth.xml:1875(para)
13571
#: serverguide/C/network-auth.xml:1888(para)
13150
13572
msgid ""
13151
13573
"Replacing <emphasis>192.168.0.1</emphasis> with the IP address of your KDC."
13152
13574
msgstr ""
13153
13575
13154
#: serverguide/C/network-auth.xml:1882(para)
13576
#: serverguide/C/network-auth.xml:1895(para)
13155
13577
msgid ""
13156
13578
"In order for clients to determine the KDC for the Realm some DNS SRV records "
13157
13579
"are needed. Add the following to "
13158
13580
"<filename>/etc/named/db.example.com</filename>:"
13159
13581
msgstr ""
13160
13582
13161
#: serverguide/C/network-auth.xml:1887(programlisting)
13583
#: serverguide/C/network-auth.xml:1900(programlisting)
13162
13584
#, no-wrap
13163
13585
msgid ""
13164
13586
"\n"
13170
13592
"_kpasswd._udp.EXAMPLE.COM. IN SRV 1 0 464 kdc01.example.com.\n"
13171
13593
msgstr ""
13172
13594
13173
#: serverguide/C/network-auth.xml:1897(para)
13595
#: serverguide/C/network-auth.xml:1910(para)
13174
13596
msgid ""
13175
13597
"Replace <emphasis>EXAMPLE.COM</emphasis>, <emphasis>kdc01</emphasis>, and "
13176
13598
"<emphasis>kdc02</emphasis> with your domain name, primary KDC, and secondary "
13177
13599
"KDC."
13178
13600
msgstr ""
13179
13601
13180
#: serverguide/C/network-auth.xml:1903(para)
13602
#: serverguide/C/network-auth.xml:1916(para)
13181
13603
msgid ""
13182
13604
"See <xref linkend=\"dns\"/> for detailed instructions on setting up DNS."
13183
13605
msgstr ""
13184
13606
13185
#: serverguide/C/network-auth.xml:1910(para)
13607
#: serverguide/C/network-auth.xml:1923(para)
13186
13608
msgid "Your new Kerberos Realm is now ready to authenticate clients."
13187
13609
msgstr ""
13188
13610
13189
#: serverguide/C/network-auth.xml:1917(title)
13611
#: serverguide/C/network-auth.xml:1930(title)
13190
13612
msgid "Secondary KDC"
13191
13613
msgstr ""
13192
13614
13193
#: serverguide/C/network-auth.xml:1919(para)
13615
#: serverguide/C/network-auth.xml:1932(para)
13194
13616
msgid ""
13195
13617
"Once you have one Key Distribution Center (KDC) on your network, it is good "
13196
13618
"practice to have a Secondary KDC in case the primary becomes unavailable."
13197
13619
msgstr ""
13198
13620
13199
#: serverguide/C/network-auth.xml:1927(para)
13621
#: serverguide/C/network-auth.xml:1940(para)
13200
13622
msgid ""
13201
13623
"First, install the packages, and when asked for the Kerberos and Admin "
13202
13624
"server names enter the name of the Primary KDC:"
13203
13625
msgstr ""
13204
13626
13205
#: serverguide/C/network-auth.xml:1938(para)
13627
#: serverguide/C/network-auth.xml:1951(para)
13206
13628
msgid ""
13207
13629
"Once you have the packages installed, create the Secondary KDC's host "
13208
13630
"principal. From a terminal prompt, enter:"
13209
13631
msgstr ""
13210
13632
13211
#: serverguide/C/network-auth.xml:1943(command)
13633
#: serverguide/C/network-auth.xml:1956(command)
13212
13634
msgid "kadmin -q \"addprinc -randkey host/kdc02.example.com\""
13213
13635
msgstr ""
13214
13636
13215
#: serverguide/C/network-auth.xml:1947(para)
13637
#: serverguide/C/network-auth.xml:1960(para)
13216
13638
msgid ""
13217
13639
"After, issuing any <application>kadmin</application> commands you will be "
13218
13640
"prompted for your <emphasis>username/admin@EXAMPLE.COM</emphasis> principal "
13219
13641
"password."
13220
13642
msgstr ""
13221
13643
13222
#: serverguide/C/network-auth.xml:1956(para)
13644
#: serverguide/C/network-auth.xml:1969(para)
13223
13645
msgid "Extract the <emphasis>keytab</emphasis> file:"
13224
13646
msgstr ""
13225
13647
13226
#: serverguide/C/network-auth.xml:1961(command)
13648
#: serverguide/C/network-auth.xml:1974(command)
13227
13649
msgid "kadmin -q \"ktadd -k keytab.kdc02 host/kdc02.example.com\""
13228
13650
msgstr ""
13229
13651
13230
#: serverguide/C/network-auth.xml:1967(para)
13652
#: serverguide/C/network-auth.xml:1980(para)
13231
13653
msgid ""
13232
13654
"There should now be a <filename>keytab.kdc02</filename> in the current "
13233
13655
"directory, move the file to <filename>/etc/krb5.keytab</filename>:"
13234
13656
msgstr ""
13235
13657
13236
#: serverguide/C/network-auth.xml:1973(command)
13658
#: serverguide/C/network-auth.xml:1986(command)
13237
13659
msgid "sudo mv keytab.kdc02 /etc/krb5.keytab"
13238
13660
msgstr ""
13239
13661
13240
#: serverguide/C/network-auth.xml:1977(para)
13662
#: serverguide/C/network-auth.xml:1990(para)
13241
13663
msgid ""
13242
13664
"If the path to the <filename>keytab.kdc02</filename> file is different "
13243
13665
"adjust accordingly."
13244
13666
msgstr ""
13245
13667
13246
#: serverguide/C/network-auth.xml:1982(para)
13668
#: serverguide/C/network-auth.xml:1995(para)
13247
13669
msgid ""
13248
13670
"Also, you can list the principals in a Keytab file, which can be useful when "
13249
13671
"troubleshooting, using the <application>klist</application> utility:"
13250
13672
msgstr ""
13251
13673
13252
#: serverguide/C/network-auth.xml:1988(command)
13674
#: serverguide/C/network-auth.xml:2001(command)
13253
13675
msgid "sudo klist -k /etc/krb5.keytab"
13254
13676
msgstr ""
13255
13677
13256
#: serverguide/C/network-auth.xml:1994(para)
13678
#: serverguide/C/network-auth.xml:2007(para)
13257
13679
msgid ""
13258
13680
"Next, there needs to be a <filename>kpropd.acl</filename> file on each KDC "
13259
13681
"that lists all KDCs for the Realm. For example, on both primary and "
13260
13682
"secondary KDC, create <filename>/etc/krb5kdc/kpropd.acl</filename>:"
13261
13683
msgstr ""
13262
13684
13263
#: serverguide/C/network-auth.xml:1999(programlisting)
13685
#: serverguide/C/network-auth.xml:2012(programlisting)
13264
13686
#, no-wrap
13265
13687
msgid ""
13266
13688
"\n"
13268
13690
"host/kdc02.example.com@EXAMPLE.COM\n"
13269
13691
msgstr ""
13270
13692
13271
#: serverguide/C/network-auth.xml:2007(para)
13693
#: serverguide/C/network-auth.xml:2020(para)
13272
13694
msgid "Create an empty database on the <emphasis>Secondary KDC</emphasis>:"
13273
13695
msgstr ""
13274
13696
13275
#: serverguide/C/network-auth.xml:2012(command)
13697
#: serverguide/C/network-auth.xml:2025(command)
13276
13698
msgid "sudo kdb5_util -s create"
13277
13699
msgstr ""
13278
13700
13279
#: serverguide/C/network-auth.xml:2018(para)
13701
#: serverguide/C/network-auth.xml:2031(para)
13280
13702
msgid ""
13281
13703
"Now start the <application>kpropd</application> daemon, which listens for "
13282
13704
"connections from the <application>kprop</application> utility. "
13283
13705
"<application>kprop</application> is used to transfer dump files:"
13284
13706
msgstr ""
13285
13707
13286
#: serverguide/C/network-auth.xml:2025(command)
13708
#: serverguide/C/network-auth.xml:2038(command)
13287
13709
msgid "sudo kpropd -S"
13288
13710
msgstr ""
13289
13711
13290
#: serverguide/C/network-auth.xml:2031(para)
13712
#: serverguide/C/network-auth.xml:2044(para)
13291
13713
msgid ""
13292
13714
"From a terminal on the <emphasis>Primary KDC</emphasis>, create a dump file "
13293
13715
"of the principal database:"
13294
13716
msgstr ""
13295
13717
13296
#: serverguide/C/network-auth.xml:2036(command)
13718
#: serverguide/C/network-auth.xml:2049(command)
13297
13719
msgid "sudo kdb5_util dump /var/lib/krb5kdc/dump"
13298
13720
msgstr ""
13299
13721
13300
#: serverguide/C/network-auth.xml:2042(para)
13722
#: serverguide/C/network-auth.xml:2055(para)
13301
13723
msgid ""
13302
13724
"Extract the Primary KDC's <emphasis>keytab</emphasis> file and copy it to "
13303
13725
"<filename>/etc/krb5.keytab</filename>:"
13304
13726
msgstr ""
13305
13727
13306
#: serverguide/C/network-auth.xml:2047(command)
13728
#: serverguide/C/network-auth.xml:2060(command)
13307
13729
msgid "kadmin -q \"ktadd -k keytab.kdc01 host/kdc01.example.com\""
13308
13730
msgstr ""
13309
13731
13310
#: serverguide/C/network-auth.xml:2048(command)
13732
#: serverguide/C/network-auth.xml:2061(command)
13311
13733
msgid "sudo mv keytab.kdc01 /etc/kr5b.keytab"
13312
13734
msgstr ""
13313
13735
13314
#: serverguide/C/network-auth.xml:2052(para)
13736
#: serverguide/C/network-auth.xml:2065(para)
13315
13737
msgid ""
13316
13738
"Make sure there is a <emphasis>host</emphasis> for "
13317
13739
"<emphasis>kdc01.example.com</emphasis> before extracting the Keytab."
13318
13740
msgstr ""
13319
13741
13320
#: serverguide/C/network-auth.xml:2060(para)
13742
#: serverguide/C/network-auth.xml:2073(para)
13321
13743
msgid ""
13322
13744
"Using the <application>kprop</application> utility push the database to the "
13323
13745
"Secondary KDC:"
13324
13746
msgstr ""
13325
13747
13326
#: serverguide/C/network-auth.xml:2065(command)
13748
#: serverguide/C/network-auth.xml:2078(command)
13327
13749
msgid "sudo kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com"
13328
13750
msgstr ""
13329
13751
13330
#: serverguide/C/network-auth.xml:2069(para)
13752
#: serverguide/C/network-auth.xml:2082(para)
13331
13753
msgid ""
13332
13754
"There should be a <emphasis>SUCCEEDED</emphasis> message if the propagation "
13333
13755
"worked. If there is an error message check "
13335
13757
"information."
13336
13758
msgstr ""
13337
13759
13338
#: serverguide/C/network-auth.xml:2075(para)
13760
#: serverguide/C/network-auth.xml:2088(para)
13339
13761
msgid ""
13340
13762
"You may also want to create a <application>cron</application> job to "
13341
13763
"periodically update the database on the Secondary KDC. For example, the "
13342
13764
"following will push the database every hour:"
13343
13765
msgstr ""
13344
13766
13345
#: serverguide/C/network-auth.xml:2080(programlisting)
13767
#: serverguide/C/network-auth.xml:2093(programlisting)
13346
13768
#, no-wrap
13347
13769
msgid ""
13348
13770
"\n"
13351
13773
"/usr/sbin/kprop -r EXAMPLE.COM -f /var/lib/krb5kdc/dump kdc02.example.com\n"
13352
13774
msgstr ""
13353
13775
13354
#: serverguide/C/network-auth.xml:2088(para)
13776
#: serverguide/C/network-auth.xml:2101(para)
13355
13777
msgid ""
13356
13778
"Back on the <emphasis>Secondary KDC</emphasis>, create a "
13357
13779
"<emphasis>stash</emphasis> file to hold the Kerberos master key:"
13358
13780
msgstr ""
13359
13781
13360
#: serverguide/C/network-auth.xml:2094(command)
13782
#: serverguide/C/network-auth.xml:2107(command)
13361
13783
msgid "sudo kdb5_util stash"
13362
13784
msgstr ""
13363
13785
13364
#: serverguide/C/network-auth.xml:2100(para)
13786
#: serverguide/C/network-auth.xml:2113(para)
13365
13787
msgid ""
13366
13788
"Finally, start the <application>krb5-kdc</application> daemon on the "
13367
13789
"Secondary KDC:"
13368
13790
msgstr ""
13369
13791
13370
#: serverguide/C/network-auth.xml:2105(command) serverguide/C/network-auth.xml:2713(command)
13792
#: serverguide/C/network-auth.xml:2118(command) serverguide/C/network-auth.xml:2725(command)
13371
13793
msgid "sudo /etc/init.d/krb5-kdc start"
13372
13794
msgstr ""
13373
13795
13374
#: serverguide/C/network-auth.xml:2111(para)
13796
#: serverguide/C/network-auth.xml:2124(para)
13375
13797
msgid ""
13376
13798
"The <emphasis>Secondary KDC</emphasis> should now be able to issue tickets "
13377
13799
"for the Realm. You can test this by stopping the <application>krb5-"
13380
13802
"should receive a ticket from the Secondary KDC."
13381
13803
msgstr ""
13382
13804
13383
#: serverguide/C/network-auth.xml:2119(title)
13805
#: serverguide/C/network-auth.xml:2132(title)
13384
13806
msgid "Kerberos Linux Client"
13385
13807
msgstr ""
13386
13808
13387
#: serverguide/C/network-auth.xml:2121(para)
13809
#: serverguide/C/network-auth.xml:2134(para)
13388
13810
msgid ""
13389
13811
"This section covers configuring a Linux system as a "
13390
13812
"<application>Kerberos</application> client. This will allow access to any "
13391
13813
"kerberized services once a user has successfully logged into the system."
13392
13814
msgstr ""
13393
13815
13394
#: serverguide/C/network-auth.xml:2129(para)
13816
#: serverguide/C/network-auth.xml:2142(para)
13395
13817
msgid ""
13396
13818
"In order to authenticate to a Kerberos Realm, the <application>krb5-"
13397
13819
"user</application> and <application>libpam-krb5</application> packages are "
13400
13822
"prompt:"
13401
13823
msgstr ""
13402
13824
13403
#: serverguide/C/network-auth.xml:2136(command)
13825
#: serverguide/C/network-auth.xml:2149(command)
13404
13826
msgid ""
13405
13827
"sudo apt-get install krb5-user libpam-krb5 libpam-ccreds auth-client-config"
13406
13828
msgstr ""
13407
13829
13408
#: serverguide/C/network-auth.xml:2139(para)
13830
#: serverguide/C/network-auth.xml:2152(para)
13409
13831
msgid ""
13410
13832
"The <application>auth-client-config</application> package allows simple "
13411
13833
"configuration of PAM for authentication from multiple sources, and the "
13416
13838
"be accessed off the network as well."
13417
13839
msgstr ""
13418
13840
13419
#: serverguide/C/network-auth.xml:2150(para)
13841
#: serverguide/C/network-auth.xml:2163(para)
13420
13842
msgid "To configure the client in a terminal enter:"
13421
13843
msgstr ""
13422
13844
13423
#: serverguide/C/network-auth.xml:2155(command)
13845
#: serverguide/C/network-auth.xml:2168(command)
13424
13846
msgid "sudo dpkg-reconfigure krb5-config"
13425
13847
msgstr ""
13426
13848
13427
#: serverguide/C/network-auth.xml:2158(para)
13849
#: serverguide/C/network-auth.xml:2171(para)
13428
13850
msgid ""
13429
13851
"You will then be prompted to enter the name of the Kerberos Realm. Also, if "
13430
13852
"you don't have DNS configured with Kerberos <emphasis>SRV</emphasis> "
13432
13854
"Center (KDC) and Realm Administration server."
13433
13855
msgstr ""
13434
13856
13435
#: serverguide/C/network-auth.xml:2164(para)
13857
#: serverguide/C/network-auth.xml:2177(para)
13436
13858
msgid ""
13437
13859
"The <application>dpkg-reconfigure</application> adds entries to the "
13438
13860
"<filename>/etc/krb5.conf</filename> file for your Realm. You should have "
13439
13861
"entries similar to the following:"
13440
13862
msgstr ""
13441
13863
13442
#: serverguide/C/network-auth.xml:2169(programlisting)
13864
#: serverguide/C/network-auth.xml:2182(programlisting)
13443
13865
#, no-wrap
13444
13866
msgid ""
13445
13867
"\n"
13453
13875
" }\n"
13454
13876
msgstr ""
13455
13877
13456
#: serverguide/C/network-auth.xml:2180(para)
13878
#: serverguide/C/network-auth.xml:2193(para)
13457
13879
msgid ""
13458
13880
"You can test the configuration by requesting a ticket using the "
13459
13881
"<application>kinit</application> utility. For example:"
13460
13882
msgstr ""
13461
13883
13462
#: serverguide/C/network-auth.xml:2185(command)
13884
#: serverguide/C/network-auth.xml:2198(command)
13463
13885
msgid "kinit steve@EXAMPLE.COM"
13464
13886
msgstr ""
13465
13887
13466
#: serverguide/C/network-auth.xml:2186(computeroutput)
13888
#: serverguide/C/network-auth.xml:2199(computeroutput)
13467
13889
#, no-wrap
13468
13890
msgid "Password for steve@EXAMPLE.COM:"
13469
13891
msgstr ""
13470
13892
13471
#: serverguide/C/network-auth.xml:2189(para)
13893
#: serverguide/C/network-auth.xml:2202(para)
13472
13894
msgid ""
13473
13895
"When a ticket has been granted, the details can be viewed using "
13474
13896
"<application>klist</application>:"
13475
13897
msgstr ""
13476
13898
13477
#: serverguide/C/network-auth.xml:2195(computeroutput)
13899
#: serverguide/C/network-auth.xml:2208(computeroutput)
13478
13900
#, no-wrap
13479
13901
msgid ""
13480
13902
"Ticket cache: FILE:/tmp/krb5cc_1000\n"
13489
13911
"klist: You have no tickets cached"
13490
13912
msgstr ""
13491
13913
13492
#: serverguide/C/network-auth.xml:2207(para)
13914
#: serverguide/C/network-auth.xml:2220(para)
13493
13915
msgid ""
13494
13916
"Next, use the <application>auth-client-config</application> to configure the "
13495
13917
"<application>libpam-krb5</application> module to request a ticket during "
13496
13918
"login:"
13497
13919
msgstr ""
13498
13920
13499
#: serverguide/C/network-auth.xml:2213(command)
13921
#: serverguide/C/network-auth.xml:2226(command)
13500
13922
msgid "sudo auth-client-config -a -p kerberos_example"
13501
13923
msgstr ""
13502
13924
13503
#: serverguide/C/network-auth.xml:2216(para)
13925
#: serverguide/C/network-auth.xml:2229(para)
13504
13926
msgid ""
13505
13927
"You will should now receive a ticket upon successful login authentication."
13506
13928
msgstr ""
13507
13929
13508
#: serverguide/C/network-auth.xml:2227(para)
13930
#: serverguide/C/network-auth.xml:2240(para)
13509
13931
msgid ""
13510
13932
"For more information on Kerberos see the <ulink "
13511
13933
"url=\"http://web.mit.edu/Kerberos/\">MIT Kerberos</ulink> site."
13512
13934
msgstr ""
13513
13935
13514
#: serverguide/C/network-auth.xml:2232(para)
13936
#: serverguide/C/network-auth.xml:2245(para)
13515
13937
msgid ""
13516
13938
"O'Reilly's <ulink "
13517
13939
"url=\"http://oreilly.com/catalog/9780596004033/\">Kerberos: The Definitive "
13518
13940
"Guide</ulink> is a great reference when setting up Kerberos."
13519
13941
msgstr ""
13520
13942
13521
#: serverguide/C/network-auth.xml:2238(para)
13943
#: serverguide/C/network-auth.xml:2251(para)
13522
13944
msgid ""
13523
13945
"Also, feel free to stop by the <emphasis>#ubuntu-server</emphasis> IRC "
13524
13946
"channel on <ulink url=\"http://freenode.net/\">Freenode</ulink> if you have "
13525
13947
"Kerberos questions."
13526
13948
msgstr ""
13527
13949
13528
#: serverguide/C/network-auth.xml:2248(title)
13950
#: serverguide/C/network-auth.xml:2261(title)
13529
13951
msgid "Kerberos and LDAP"
13530
13952
msgstr ""
13531
13953
13532
#: serverguide/C/network-auth.xml:2250(para)
13954
#: serverguide/C/network-auth.xml:2263(para)
13533
13955
msgid ""
13534
13956
"Replicating a Kerberos principal database between two servers can be "
13535
13957
"complicated, and adds an additional user database to your network. "
13539
13961
"<application>OpenLDAP</application> for the principal database."
13540
13962
msgstr ""
13541
13963
13542
#: serverguide/C/network-auth.xml:2258(title)
13964
#: serverguide/C/network-auth.xml:2271(title)
13543
13965
msgid "Configuring OpenLDAP"
13544
13966
msgstr ""
13545
13967
13546
#: serverguide/C/network-auth.xml:2260(para)
13968
#: serverguide/C/network-auth.xml:2273(para)
13547
13969
msgid ""
13548
13970
"First, the necessary <emphasis>schema</emphasis> needs to be loaded on an "
13549
13971
"<application>OpenLDAP</application> server that has network connectivity to "
13552
13974
"information on setting up OpenLDAP see <xref linkend=\"openldap-server\"/>."
13553
13975
msgstr ""
13554
13976
13555
#: serverguide/C/network-auth.xml:2267(para)
13977
#: serverguide/C/network-auth.xml:2280(para)
13556
13978
msgid ""
13557
13979
"It is also required to configure OpenLDAP for TLS and SSL connections, so "
13558
13980
"that traffic between the KDC and LDAP server is encrypted. See <xref "
13559
13981
"linkend=\"openldap-tls\"/> for details."
13560
13982
msgstr ""
13561
13983
13562
#: serverguide/C/network-auth.xml:2274(para)
13984
#: serverguide/C/network-auth.xml:2287(para)
13563
13985
msgid ""
13564
13986
"To load the schema into LDAP, on the LDAP server install the "
13565
13987
"<application>krb5-kdc-ldap</application> package. From a terminal enter:"
13566
13988
msgstr ""
13567
13989
13568
#: serverguide/C/network-auth.xml:2280(command)
13990
#: serverguide/C/network-auth.xml:2293(command)
13569
13991
msgid "sudo apt-get install krb5-kdc-ldap"
13570
13992
msgstr ""
13571
13993
13572
#: serverguide/C/network-auth.xml:2285(para)
13994
#: serverguide/C/network-auth.xml:2298(para)
13573
13995
msgid "Next, extract the <filename>kerberos.schema.gz</filename> file:"
13574
13996
msgstr ""
13575
13997
13576
#: serverguide/C/network-auth.xml:2290(command)
13998
#: serverguide/C/network-auth.xml:2303(command)
13577
13999
msgid "sudo gzip -d /usr/share/doc/krb5-kdc-ldap/kerberos.schema.gz"
13578
14000
msgstr ""
13579
14001
13580
#: serverguide/C/network-auth.xml:2291(command)
14002
#: serverguide/C/network-auth.xml:2304(command)
13581
14003
msgid ""
13582
14004
"sudo cp /usr/share/doc/krb5-kdc-ldap/kerberos.schema /etc/ldap/schema/"
13583
14005
msgstr ""
13584
14006
13585
#: serverguide/C/network-auth.xml:2297(para)
14007
#: serverguide/C/network-auth.xml:2310(para)
13586
14008
msgid ""
13587
14009
"The <emphasis>kerberos</emphasis> schema needs to be added to the "
13588
14010
"<emphasis>cn=config</emphasis> tree. The procedure to add a new schema to "
13590
14012
"linkend=\"openldap-configuration\"/>."
13591
14013
msgstr ""
13592
14014
13593
#: serverguide/C/network-auth.xml:2310(programlisting)
14015
#: serverguide/C/network-auth.xml:2323(programlisting)
13594
14016
#, no-wrap
13595
14017
msgid ""
13596
14018
"\n"
13609
14031
"include /etc/ldap/schema/kerberos.schema\n"
13610
14032
msgstr ""
13611
14033
13612
#: serverguide/C/network-auth.xml:2330(para)
14034
#: serverguide/C/network-auth.xml:2343(para)
13613
14035
msgid "Create a temporary directory to hold the LDIF files:"
13614
14036
msgstr ""
13615
14037
13616
#: serverguide/C/network-auth.xml:2355(para)
13617
msgid ""
13618
"Edit the generated "
13619
"<filename>/tmp/ldif_output/cn=config/cn=schema/cn={12}kerberos.ldif</filename"
13620
"> file, changing the following attributes:"
13621
msgstr ""
13622
13623
#: serverguide/C/network-auth.xml:2360(programlisting)
14038
#: serverguide/C/network-auth.xml:2358(command)
14039
msgid ""
14040
"slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "
14041
"\"cn={12}kerberos,cn=schema,cn=config\" > /tmp/cn=kerberos.ldif"
14042
msgstr ""
14043
14044
#: serverguide/C/network-auth.xml:2368(para)
14045
msgid ""
14046
"Edit the generated <filename>/tmp/cn\\=kerberos.ldif</filename> file, "
14047
"changing the following attributes:"
14048
msgstr ""
14049
14050
#: serverguide/C/network-auth.xml:2372(programlisting)
13624
14051
#, no-wrap
13625
14052
msgid ""
13626
14053
"\n"
13629
14056
"cn: kerberos\n"
13630
14057
msgstr ""
13631
14058
13632
#: serverguide/C/network-auth.xml:2366(para)
14059
#: serverguide/C/network-auth.xml:2378(para)
13633
14060
msgid "And remove the following lines from the end of the file:"
13634
14061
msgstr ""
13635
14062
13636
#: serverguide/C/network-auth.xml:2370(programlisting)
14063
#: serverguide/C/network-auth.xml:2382(programlisting)
13637
14064
#, no-wrap
13638
14065
msgid ""
13639
14066
"\n"
13646
14073
"modifyTimestamp: 20090111203515Z\n"
13647
14074
msgstr ""
13648
14075
13649
#: serverguide/C/network-auth.xml:2389(para)
14076
#: serverguide/C/network-auth.xml:2401(para)
13650
14077
msgid "Load the new schema with <application>ldapadd</application>:"
13651
14078
msgstr ""
13652
14079
13653
#: serverguide/C/network-auth.xml:2394(command)
13654
msgid ""
13655
"ldapadd -x -D cn=admin,cn=config -W -f /tmp/ldif_output/cn\\=config/cn\\"
13656
"=schema/cn\\=\\{12\\}kerberos.ldif"
14080
#: serverguide/C/network-auth.xml:2406(command)
14081
msgid "ldapadd -x -D cn=admin,cn=config -W -f /tmp/cn\\=kerberos.ldif"
13657
14082
msgstr ""
13658
14083
13659
#: serverguide/C/network-auth.xml:2400(para)
14084
#: serverguide/C/network-auth.xml:2412(para)
13660
14085
msgid ""
13661
14086
"Add an index for the <emphasis>krb5principalname</emphasis> attribute:"
13662
14087
msgstr ""
13663
14088
13664
#: serverguide/C/network-auth.xml:2407(userinput)
14089
#: serverguide/C/network-auth.xml:2419(userinput)
13665
14090
#, no-wrap
13666
14091
msgid ""
13667
14092
"dn: olcDatabase={1}hdb,cn=config\n"
13669
14094
"olcDbIndex: krbPrincipalName eq,pres,sub"
13670
14095
msgstr ""
13671
14096
13672
#: serverguide/C/network-auth.xml:2417(para)
14097
#: serverguide/C/network-auth.xml:2429(para)
13673
14098
msgid "Finally, update the Access Control Lists (ACL):"
13674
14099
msgstr ""
13675
14100
13676
#: serverguide/C/network-auth.xml:2424(userinput)
14101
#: serverguide/C/network-auth.xml:2436(userinput)
13677
14102
#, no-wrap
13678
14103
msgid ""
13679
14104
"dn: olcDatabase={1}hdb,cn=config\n"
13689
14114
"olcAccess: to * by dn=\"cn=admin,dc=example,dc=com\" write by * read"
13690
14115
msgstr ""
13691
14116
13692
#: serverguide/C/network-auth.xml:2423(computeroutput)
14117
#: serverguide/C/network-auth.xml:2435(computeroutput)
13693
14118
#, no-wrap
13694
14119
msgid ""
13695
14120
"Enter LDAP Password: \n"
13698
14123
"modifying entry \"olcDatabase={1}hdb,cn=config\"\n"
13699
14124
msgstr ""
13700
14125
13701
#: serverguide/C/network-auth.xml:2444(para)
14126
#: serverguide/C/network-auth.xml:2456(para)
13702
14127
msgid ""
13703
14128
"That's it, your LDAP directory is now ready to serve as a Kerberos principal "
13704
14129
"database."
13705
14130
msgstr ""
13706
14131
13707
#: serverguide/C/network-auth.xml:2450(title)
14132
#: serverguide/C/network-auth.xml:2462(title)
13708
14133
msgid "Primary KDC Configuration"
13709
14134
msgstr ""
13710
14135
13711
#: serverguide/C/network-auth.xml:2452(para)
14136
#: serverguide/C/network-auth.xml:2464(para)
13712
14137
msgid ""
13713
14138
"With <application>OpenLDAP</application> configured it is time to configure "
13714
14139
"the KDC."
13715
14140
msgstr ""
13716
14141
13717
#: serverguide/C/network-auth.xml:2458(para)
14142
#: serverguide/C/network-auth.xml:2470(para)
13718
14143
msgid "First, install the necessary packages, from a terminal enter:"
13719
14144
msgstr ""
13720
14145
13721
#: serverguide/C/network-auth.xml:2463(command) serverguide/C/network-auth.xml:2620(command)
14146
#: serverguide/C/network-auth.xml:2475(command) serverguide/C/network-auth.xml:2632(command)
13722
14147
msgid "sudo apt-get install krb5-kdc krb5-admin-server krb5-kdc-ldap"
13723
14148
msgstr ""
13724
14149
13725
#: serverguide/C/network-auth.xml:2469(para)
14150
#: serverguide/C/network-auth.xml:2481(para)
13726
14151
msgid ""
13727
14152
"Now edit <filename>/etc/krb5.conf</filename> adding the following options to "
13728
14153
"under the appropriate sections:"
13729
14154
msgstr ""
13730
14155
13731
#: serverguide/C/network-auth.xml:2473(programlisting)
14156
#: serverguide/C/network-auth.xml:2485(programlisting)
13732
14157
#, no-wrap
13733
14158
msgid ""
13734
14159
"\n"
13778
14203
" }\n"
13779
14204
msgstr ""
13780
14205
13781
#: serverguide/C/network-auth.xml:2518(para)
14206
#: serverguide/C/network-auth.xml:2530(para)
13782
14207
msgid ""
13783
14208
"Change <emphasis>example.com</emphasis>, "
13784
14209
"<emphasis>dc=example,dc=com</emphasis>, "
13787
14212
"object, and LDAP server for your network."
13788
14213
msgstr ""
13789
14214
13790
#: serverguide/C/network-auth.xml:2527(para)
14215
#: serverguide/C/network-auth.xml:2539(para)
13791
14216
msgid ""
13792
14217
"Next, use the <application>kdb5_ldap_util</application> utility to create "
13793
14218
"the realm:"
13794
14219
msgstr ""
13795
14220
13796
#: serverguide/C/network-auth.xml:2532(command)
14221
#: serverguide/C/network-auth.xml:2544(command)
13797
14222
msgid ""
13798
14223
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com create -subtrees "
13799
14224
"dc=example,dc=com -r EXAMPLE.COM -s -H ldap://ldap01.example.com"
13800
14225
msgstr ""
13801
14226
13802
#: serverguide/C/network-auth.xml:2538(para)
14227
#: serverguide/C/network-auth.xml:2550(para)
13803
14228
msgid ""
13804
14229
"Create a stash of the password used to bind to the LDAP server. This "
13805
14230
"password is used by the <emphasis>ldap_kdc_dn</emphasis> and "
13807
14232
"<filename>/etc/krb5.conf</filename>:"
13808
14233
msgstr ""
13809
14234
13810
#: serverguide/C/network-auth.xml:2544(command) serverguide/C/network-auth.xml:2682(command)
14235
#: serverguide/C/network-auth.xml:2556(command) serverguide/C/network-auth.xml:2694(command)
13811
14236
msgid ""
13812
14237
"sudo kdb5_ldap_util -D cn=admin,dc=example,dc=com stashsrvpw -f "
13813
14238
"/etc/krb5kdc/service.keyfile cn=admin,dc=example,dc=com"
13814
14239
msgstr ""
13815
14240
13816
#: serverguide/C/network-auth.xml:2550(para)
14241
#: serverguide/C/network-auth.xml:2562(para)
13817
14242
msgid "Copy the CA certificate from the LDAP server:"
13818
14243
msgstr ""
13819
14244
13820
#: serverguide/C/network-auth.xml:2555(command)
14245
#: serverguide/C/network-auth.xml:2567(command)
13821
14246
msgid "scp ldap01:/etc/ssl/certs/cacert.pem ."
13822
14247
msgstr ""
13823
14248
13824
#: serverguide/C/network-auth.xml:2556(command)
14249
#: serverguide/C/network-auth.xml:2568(command)
13825
14250
msgid "sudo cp cacert.pem /etc/ssl/certs"
13826
14251
msgstr ""
13827
14252
13828
#: serverguide/C/network-auth.xml:2559(para)
14253
#: serverguide/C/network-auth.xml:2571(para)
13829
14254
msgid ""
13830
14255
"And edit <filename>/etc/ldap/ldap.conf</filename> to use the certificate:"
13831
14256
msgstr ""
13832
14257
13833
#: serverguide/C/network-auth.xml:2563(programlisting)
14258
#: serverguide/C/network-auth.xml:2575(programlisting)
13834
14259
#, no-wrap
13835
14260
msgid ""
13836
14261
"\n"
13837
14262
"TLS_CACERT /etc/ssl/certs/cacert.pem\n"
13838
14263
msgstr ""
13839
14264
13840
#: serverguide/C/network-auth.xml:2568(para)
14265
#: serverguide/C/network-auth.xml:2580(para)
13841
14266
msgid ""
13842
14267
"The certificate will also need to be copied to the Secondary KDC, to allow "
13843
14268
"the connection to the LDAP servers using LDAPS."
13844
14269
msgstr ""
13845
14270
13846
#: serverguide/C/network-auth.xml:2577(para)
14271
#: serverguide/C/network-auth.xml:2589(para)
13847
14272
msgid ""
13848
14273
"You can now add Kerberos principals to the LDAP database, and they will be "
13849
14274
"copied to any other LDAP servers configured for replication. To add a "
13850
14275
"principal using the <application>kadmin.local</application> utility enter:"
13851
14276
msgstr ""
13852
14277
13853
#: serverguide/C/network-auth.xml:2585(userinput)
14278
#: serverguide/C/network-auth.xml:2597(userinput)
13854
14279
#, no-wrap
13855
14280
msgid "addprinc -x dn=\"uid=steve,ou=people,dc=example,dc=com\" steve"
13856
14281
msgstr ""
13857
14282
13858
#: serverguide/C/network-auth.xml:2584(computeroutput)
14283
#: serverguide/C/network-auth.xml:2596(computeroutput)
13859
14284
#, no-wrap
13860
14285
msgid ""
13861
14286
"Authenticating as principal root/admin@EXAMPLE.COM with password.\n"
13866
14291
"Principal \"steve@EXAMPLE.COM\" created."
13867
14292
msgstr ""
13868
14293
13869
#: serverguide/C/network-auth.xml:2592(para)
14294
#: serverguide/C/network-auth.xml:2604(para)
13870
14295
msgid ""
13871
14296
"There should now be krbPrincipalName, krbPrincipalKey, krbLastPwdChange, and "
13872
14297
"krbExtraData attributes added to the "
13875
14300
"utilities to test that the user is indeed issued a ticket."
13876
14301
msgstr ""
13877
14302
13878
#: serverguide/C/network-auth.xml:2599(para)
14303
#: serverguide/C/network-auth.xml:2611(para)
13879
14304
msgid ""
13880
14305
"If the user object is already created the <emphasis>-x dn=\"...\"</emphasis> "
13881
14306
"option is needed to add the Kerberos attributes. Otherwise a new "
13882
14307
"<emphasis>principal</emphasis> object will be created in the realm subtree."
13883
14308
msgstr ""
13884
14309
13885
#: serverguide/C/network-auth.xml:2607(title)
14310
#: serverguide/C/network-auth.xml:2619(title)
13886
14311
msgid "Secondary KDC Configuration"
13887
14312
msgstr ""
13888
14313
13889
#: serverguide/C/network-auth.xml:2609(para)
14314
#: serverguide/C/network-auth.xml:2621(para)
13890
14315
msgid ""
13891
14316
"Configuring a Secondary KDC using the LDAP backend is similar to configuring "
13892
14317
"one using the normal Kerberos database."
13893
14318
msgstr ""
13894
14319
13895
#: serverguide/C/network-auth.xml:2615(para)
14320
#: serverguide/C/network-auth.xml:2627(para)
13896
14321
msgid "First, install the necessary packages. In a terminal enter:"
13897
14322
msgstr ""
13898
14323
13899
#: serverguide/C/network-auth.xml:2626(para)
14324
#: serverguide/C/network-auth.xml:2638(para)
13900
14325
msgid ""
13901
14326
"Next, edit <filename>/etc/krb5.conf</filename> to use the LDAP backend:"
13902
14327
msgstr ""
13903
14328
13904
#: serverguide/C/network-auth.xml:2630(programlisting)
14329
#: serverguide/C/network-auth.xml:2642(programlisting)
13905
14330
#, no-wrap
13906
14331
msgid ""
13907
14332
"\n"
13950
14375
" }\n"
13951
14376
msgstr ""
13952
14377
13953
#: serverguide/C/network-auth.xml:2677(para)
14378
#: serverguide/C/network-auth.xml:2689(para)
13954
14379
msgid "Create the stash for the LDAP bind password:"
13955
14380
msgstr ""
13956
14381
13957
#: serverguide/C/network-auth.xml:2688(para)
14382
#: serverguide/C/network-auth.xml:2700(para)
13958
14383
msgid ""
13959
14384
"Now, on the <emphasis>Primary KDC</emphasis> copy the "
13960
14385
"<filename>/etc/krb5kdc/.k5.EXAMPLE.COM</filename><emphasis>Master "
13963
14388
"media."
13964
14389
msgstr ""
13965
14390
13966
#: serverguide/C/network-auth.xml:2695(command)
14391
#: serverguide/C/network-auth.xml:2707(command)
13967
14392
msgid "sudo scp /etc/krb5kdc/.k5.EXAMPLE.COM steve@kdc02.example.com:~"
13968
14393
msgstr ""
13969
14394
13970
#: serverguide/C/network-auth.xml:2696(command)
14395
#: serverguide/C/network-auth.xml:2708(command)
13971
14396
msgid "sudo mv .k5.EXAMPLE.COM /etc/krb5kdc/"
13972
14397
msgstr ""
13973
14398
13974
#: serverguide/C/network-auth.xml:2700(para)
14399
#: serverguide/C/network-auth.xml:2712(para)
13975
14400
msgid ""
13976
14401
"Again, replace <emphasis>EXAMPLE.COM</emphasis> with your actual realm."
13977
14402
msgstr ""
13978
14403
13979
#: serverguide/C/network-auth.xml:2708(para)
14404
#: serverguide/C/network-auth.xml:2720(para)
13980
14405
msgid "Finally, start the <application>krb5-kdc</application> daemon:"
13981
14406
msgstr ""
13982
14407
13983
#: serverguide/C/network-auth.xml:2719(para)
14408
#: serverguide/C/network-auth.xml:2731(para)
13984
14409
msgid ""
13985
14410
"You now have redundant KDCs on your network, and with redundant LDAP servers "
13986
14411
"you should be able to continue to authenticate users if one LDAP server, one "
13987
14412
"Kerberos server, or one LDAP and one Kerberos server become unavailable."
13988
14413
msgstr ""
13989
14414
13990
#: serverguide/C/network-auth.xml:2731(para)
14415
#: serverguide/C/network-auth.xml:2743(para)
13991
14416
msgid ""
13992
14417
"The <ulink url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
13993
14418
"admin.html#Configuring-Kerberos-with-OpenLDAP-back_002dend\"> Kerberos Admin "
13994
14419
"Guide</ulink> has some additional details."
13995
14420
msgstr ""
13996
14421
13997
#: serverguide/C/network-auth.xml:2737(para)
14422
#: serverguide/C/network-auth.xml:2749(para)
13998
14423
msgid ""
13999
14424
"For more information on <application>kdb5_ldap_util</application> see <ulink "
14000
14425
"url=\"http://web.mit.edu/Kerberos/krb5-1.6/krb5-1.6.3/doc/krb5-"
14004
14429
"l\">kdb5_ldap_util man page</ulink>."
14005
14430
msgstr ""
14006
14431
14007
#: serverguide/C/network-auth.xml:2745(para)
14432
#: serverguide/C/network-auth.xml:2757(para)
14008
14433
msgid ""
14009
14434
"Another useful link is the <ulink "
14010
14435
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/krb5.conf.5.html\">k"
14011
14436
"rb5.conf man page</ulink>."
14012
14437
msgstr ""
14013
14438
14439
#: serverguide/C/monitoring.xml:13(title)
14440
msgid "Monitoring"
14441
msgstr ""
14442
14443
#: serverguide/C/monitoring.xml:17(para)
14444
msgid ""
14445
"The monitoring of essential servers and services is an important part of "
14446
"system administration. Most network services are monitored for performance, "
14447
"availability, or both. This section will cover installation and "
14448
"configuration of <application>Nagios</application> for availability "
14449
"monitoring, and <application>Munin</application> for performance monitoring."
14450
msgstr ""
14451
14452
#: serverguide/C/monitoring.xml:24(para)
14453
msgid ""
14454
"The examples in this section will use two servers with hostnames "
14455
"<emphasis>server01</emphasis> and <emphasis>server02</emphasis>. "
14456
"<emphasis>Server01</emphasis> will be configured with "
14457
"<application>Nagios</application> to monitor services on itself and "
14458
"<emphasis>server02</emphasis>. Server01 will also be setup with the "
14459
"<application>munin</application> package to gather information from the "
14460
"network. Using the <application>munin-node</application> package, "
14461
"<emphasis>server02</emphasis> will be configured to send information to "
14462
"<emphasis>server01</emphasis>."
14463
msgstr ""
14464
14465
#: serverguide/C/monitoring.xml:33(para)
14466
msgid ""
14467
"Hopefully these simple examples will allow you to monitor additional servers "
14468
"and services on your network."
14469
msgstr ""
14470
14471
#: serverguide/C/monitoring.xml:39(title)
14472
msgid "Nagios"
14473
msgstr ""
14474
14475
#: serverguide/C/monitoring.xml:44(para)
14476
msgid ""
14477
"First, on <emphasis>server01</emphasis> install the "
14478
"<application>nagios</application> package. In a terminal enter:"
14479
msgstr ""
14480
14481
#: serverguide/C/monitoring.xml:50(command)
14482
msgid "sudo apt-get install nagios3 nagios-nrpe-plugin"
14483
msgstr ""
14484
14485
#: serverguide/C/monitoring.xml:53(para)
14486
msgid ""
14487
"You will be asked to enter a password for the "
14488
"<emphasis>nagiosadmin</emphasis> user. The user's credentials are stored in "
14489
"<filename>/etc/nagios3/htpasswd.users</filename>. To change the "
14490
"<emphasis>nagiosadmin</emphasis> password, or add additional users to the "
14491
"Nagios CGI scripts, use the <application>htpasswd</application> that is part "
14492
"of the <application>apache2-utils</application> package."
14493
msgstr ""
14494
14495
#: serverguide/C/monitoring.xml:60(para)
14496
msgid ""
14497
"For example, to change the password for the <emphasis>nagiosadmin</emphasis> "
14498
"user enter:"
14499
msgstr ""
14500
14501
#: serverguide/C/monitoring.xml:65(command)
14502
msgid "sudo htpasswd /etc/nagios3/htpasswd.users nagiosadmin"
14503
msgstr ""
14504
14505
#: serverguide/C/monitoring.xml:68(para)
14506
msgid "To add a user:"
14507
msgstr ""
14508
14509
#: serverguide/C/monitoring.xml:73(command)
14510
msgid "sudo htpasswd /etc/nagios3/htpasswd.users steve"
14511
msgstr ""
14512
14513
#: serverguide/C/monitoring.xml:76(para)
14514
msgid ""
14515
"Next, on <emphasis>server02</emphasis> install the <application>nagios-nrpe-"
14516
"server</application> package. From a terminal on server02 enter:"
14517
msgstr ""
14518
14519
#: serverguide/C/monitoring.xml:82(command)
14520
msgid "sudo apt-get install nagios-nrpe-server"
14521
msgstr ""
14522
14523
#: serverguide/C/monitoring.xml:86(para)
14524
msgid ""
14525
"<application>NRPE</application> allows you to execute local checks on remote "
14526
"hosts. There are other ways of accomplishing this through other Nagios "
14527
"plugins as well as other checks."
14528
msgstr ""
14529
14530
#: serverguide/C/monitoring.xml:94(title)
14531
msgid "Configuration Overview"
14532
msgstr ""
14533
14534
#: serverguide/C/monitoring.xml:96(para)
14535
msgid ""
14536
"There are a couple of directories containing "
14537
"<application>Nagios</application> configuration and check files."
14538
msgstr ""
14539
14540
#: serverguide/C/monitoring.xml:102(para)
14541
msgid ""
14542
"<filename>/etc/nagios3</filename>: contains configuration files for the "
14543
"operation of the <application>nagios</application> daemon, CGI files, hosts, "
14544
"etc."
14545
msgstr ""
14546
14547
#: serverguide/C/monitoring.xml:108(para)
14548
msgid ""
14549
"<filename>/etc/nagios-plugins</filename>: houses configuration files for the "
14550
"service checks."
14551
msgstr ""
14552
14553
#: serverguide/C/monitoring.xml:113(para)
14554
msgid ""
14555
"<filename>/etc/nagios</filename>: on the remote host contains the "
14556
"<application>nagios-nrpe-server</application> configuration files."
14557
msgstr ""
14558
14559
#: serverguide/C/monitoring.xml:118(para)
14560
msgid ""
14561
"<filename>/usr/lib/nagios/plugins/</filename>: where the check binaries are "
14562
"stored. To see the options of a check use the <emphasis>-h</emphasis> option."
14563
msgstr ""
14564
14565
#: serverguide/C/monitoring.xml:123(para)
14566
msgid "For example: <command>/usr/lib/nagios/plugins/check_dhcp -h</command>"
14567
msgstr ""
14568
14569
#: serverguide/C/monitoring.xml:129(para)
14570
msgid ""
14571
"There are a plethora of checks <application>Nagios</application> can be "
14572
"configured to execute for any given host. For this example Nagios will be "
14573
"configured to check disk space, DNS, and a MySQL hostgroup. The DNS check "
14574
"will be on <emphasis>server02</emphasis>, and the MySQL hostgroup will "
14575
"include both <emphasis>server01</emphasis> and <emphasis>server02</emphasis>."
14576
msgstr ""
14577
14578
#: serverguide/C/monitoring.xml:136(para)
14579
msgid ""
14580
"See <xref linkend=\"httpd\"/> for details on setting up Apache, <xref "
14581
"linkend=\"dns\"/> for DNS, and <xref linkend=\"mysql\"/> for MySQL."
14582
msgstr ""
14583
14584
#: serverguide/C/monitoring.xml:141(para)
14585
msgid ""
14586
"Additionally, there are some terms that once explained will hopefully make "
14587
"understanding Nagios configuration easier:"
14588
msgstr ""
14589
14590
#: serverguide/C/monitoring.xml:147(para)
14591
msgid ""
14592
"<emphasis>Host</emphasis>: a server, workstation, network device, etc that "
14593
"is being monitored."
14594
msgstr ""
14595
14596
#: serverguide/C/monitoring.xml:152(para)
14597
msgid ""
14598
"<emphasis>Host Group</emphasis>: a group of similar hosts. For example, you "
14599
"could group all web servers, file server, etc."
14600
msgstr ""
14601
14602
#: serverguide/C/monitoring.xml:157(para)
14603
msgid ""
14604
"<emphasis>Service</emphasis>: the service being monitored on the host. Such "
14605
"as HTTP, DNS, NFS, etc."
14606
msgstr ""
14607
14608
#: serverguide/C/monitoring.xml:162(para)
14609
msgid ""
14610
"<emphasis>Service Group</emphasis>: allows you to group multiple services "
14611
"together. This is useful for grouping multiple HTTP for example."
14612
msgstr ""
14613
14614
#: serverguide/C/monitoring.xml:168(para)
14615
msgid ""
14616
"<emphasis>Contact</emphasis>: person to be notified when an event takes "
14617
"place. Nagios can be configured to send emails, SMS messages, etc."
14618
msgstr ""
14619
14620
#: serverguide/C/monitoring.xml:174(para)
14621
msgid ""
14622
"By default Nagios is configured to check HTTP, disk space, SSH, current "
14623
"users, processes, and load on the <emphasis>localhost</emphasis>. Nagios "
14624
"will also <application>ping</application> check the "
14625
"<emphasis>gateway</emphasis>."
14626
msgstr ""
14627
14628
#: serverguide/C/monitoring.xml:179(para)
14629
msgid ""
14630
"Large Nagios installations can be quite complex to configure. It is usually "
14631
"best to start small, one or two hosts, get things configured the way you "
14632
"like then expand."
14633
msgstr ""
14634
14635
#: serverguide/C/monitoring.xml:194(para)
14636
msgid ""
14637
"First, create a <emphasis>host</emphasis> configuration file for "
14638
"<emphasis>server02</emphasis>. In a terminal enter:"
14639
msgstr ""
14640
14641
#: serverguide/C/monitoring.xml:199(command)
14642
msgid ""
14643
"sudo cp /etc/nagios3/conf.d/localhost_nagios2.cfg "
14644
"/etc/nagios3/conf.d/server02.cfg"
14645
msgstr ""
14646
14647
#: serverguide/C/monitoring.xml:203(para)
14648
msgid ""
14649
"In the above and following command examples, replace "
14650
"<emphasis>\"server01\"</emphasis>, "
14651
"<emphasis>\"server02\"</emphasis><emphasis>172.18.100.100</emphasis>, and "
14652
"<emphasis>172.18.100.101</emphasis> with the host names and IP addresses of "
14653
"your servers."
14654
msgstr ""
14655
14656
#: serverguide/C/monitoring.xml:212(para)
14657
msgid "Next, edit <filename>/etc/nagios3/conf.d/server02.cfg</filename>:"
14658
msgstr ""
14659
14660
#: serverguide/C/monitoring.xml:216(programlisting)
14661
#, no-wrap
14662
msgid ""
14663
"\n"
14664
"define host{\n"
14665
" use generic-host ; Name of host "
14666
"template to use\n"
14667
" host_name server02\n"
14668
" alias Server 02\n"
14669
" address 172.18.100.101\n"
14670
"}\n"
14671
"\n"
14672
"# check DNS service.\n"
14673
"define service {\n"
14674
" use generic-service\n"
14675
" host_name server02\n"
14676
" service_description DNS\n"
14677
" check_command check_dns!172.18.100.101\n"
14678
"}\n"
14679
msgstr ""
14680
14681
#: serverguide/C/monitoring.xml:236(para)
14682
msgid ""
14683
"Restart the <application>nagios</application> daemon to enable the new "
14684
"configuration:"
14685
msgstr ""
14686
14687
#: serverguide/C/monitoring.xml:241(command) serverguide/C/monitoring.xml:308(command) serverguide/C/monitoring.xml:375(command)
14688
msgid "sudo /etc/init.d/nagios3 restart"
14689
msgstr ""
14690
14691
#: serverguide/C/monitoring.xml:251(para)
14692
msgid ""
14693
"Now add a service definition for the MySQL check by adding the following to "
14694
"<filename>/etc/nagios3/conf.d/services_nagios2.cfg</filename>:"
14695
msgstr ""
14696
14697
#: serverguide/C/monitoring.xml:255(programlisting)
14698
#, no-wrap
14699
msgid ""
14700
"\n"
14701
"# check MySQL servers.\n"
14702
"define service {\n"
14703
" hostgroup_name mysql-servers\n"
14704
" service_description MySQL\n"
14705
" check_command "
14706
"check_mysql_cmdlinecred!nagios!secret!$HOSTADDRESS\n"
14707
" use generic-service\n"
14708
" notification_interval 0 ; set > 0 if you want to be "
14709
"renotified\n"
14710
"}\n"
14711
msgstr ""
14712
14713
#: serverguide/C/monitoring.xml:269(para)
14714
msgid ""
14715
"A <emphasis>mysqsl-servers</emphasis> hostgroup now needs to be defined. "
14716
"Edit <filename>/etc/nagios3/conf.d/hostgroups_nagios2.cfg</filename> adding:"
14717
msgstr ""
14718
14719
#: serverguide/C/monitoring.xml:274(programlisting)
14720
#, no-wrap
14721
msgid ""
14722
"\n"
14723
"# MySQL hostgroup.\n"
14724
"define hostgroup {\n"
14725
" hostgroup_name mysql-servers\n"
14726
" alias MySQL servers\n"
14727
" members localhost, server02\n"
14728
" }\n"
14729
msgstr ""
14730
14731
#: serverguide/C/monitoring.xml:286(para)
14732
msgid ""
14733
"The Nagios check needs to authenticate to MySQL. To add a "
14734
"<emphasis>nagios</emphasis> user to MySQL enter:"
14735
msgstr ""
14736
14737
#: serverguide/C/monitoring.xml:291(command)
14738
msgid "mysql -u root -p -e \"create user nagios identified by 'secret';\""
14739
msgstr ""
14740
14741
#: serverguide/C/monitoring.xml:295(para)
14742
msgid ""
14743
"The <emphasis>nagios</emphasis> user will need to be added all hosts in the "
14744
"<emphasis>mysql-servers</emphasis> hostgroup."
14745
msgstr ""
14746
14747
#: serverguide/C/monitoring.xml:303(para)
14748
msgid ""
14749
"Restart <application>nagios</application> to start checking the MySQL "
14750
"servers."
14751
msgstr ""
14752
14753
#: serverguide/C/monitoring.xml:318(para)
14754
msgid ""
14755
"Lastly configure NRPE to check the disk space on "
14756
"<emphasis>server02</emphasis>."
14757
msgstr ""
14758
14759
#: serverguide/C/monitoring.xml:322(para)
14760
msgid ""
14761
"On <emphasis>server01</emphasis> add the service check to "
14762
"<filename>/etc/nagios3/conf.d/server02.cfg</filename>:"
14763
msgstr ""
14764
14765
#: serverguide/C/monitoring.xml:327(programlisting)
14766
#, no-wrap
14767
msgid ""
14768
"\n"
14769
"# NRPE disk check.\n"
14770
"define service {\n"
14771
" use generic-service\n"
14772
" host_name server02\n"
14773
" service_description nrpe-disk\n"
14774
" check_command "
14775
"check_nrpe_1arg!check_all_disks!172.18.100.101\n"
14776
"}\n"
14777
msgstr ""
14778
14779
#: serverguide/C/monitoring.xml:340(para)
14780
msgid ""
14781
"Now on <emphasis>server02</emphasis> edit "
14782
"<filename>/etc/nagios/nrpe.cfg</filename> changing:"
14783
msgstr ""
14784
14785
#: serverguide/C/monitoring.xml:344(programlisting)
14786
#, no-wrap
14787
msgid ""
14788
"\n"
14789
"allowed_hosts=172.18.100.100\n"
14790
msgstr ""
14791
14792
#: serverguide/C/monitoring.xml:348(para)
14793
msgid "And below in the command definition area add:"
14794
msgstr ""
14795
14796
#: serverguide/C/monitoring.xml:352(programlisting)
14797
#, no-wrap
14798
msgid ""
14799
"\n"
14800
"command[check_all_disks]=/usr/lib/nagios/plugins/check_disk -w 20% -c 10% -"
14801
"e\n"
14802
msgstr ""
14803
14804
#: serverguide/C/monitoring.xml:359(para)
14805
msgid "Finally, restart <application>nagios-nrpe-server</application>:"
14806
msgstr ""
14807
14808
#: serverguide/C/monitoring.xml:364(command)
14809
msgid "sudo /etc/init.d/nagios-nrpe-server restart"
14810
msgstr ""
14811
14812
#: serverguide/C/monitoring.xml:370(para)
14813
msgid ""
14814
"Also, on <emphasis>server01</emphasis> restart "
14815
"<application>nagios</application>:"
14816
msgstr ""
14817
14818
#: serverguide/C/monitoring.xml:383(para)
14819
msgid ""
14820
"You should now be able to see the host and service checks in the Nagios CGI "
14821
"files. To access them point a browser to http://server01/nagios3. You will "
14822
"then be prompted for the <emphasis>nagiosadmin</emphasis> username and "
14823
"password."
14824
msgstr ""
14825
14826
#: serverguide/C/monitoring.xml:393(para)
14827
msgid ""
14828
"This section has just scratched the surface of Nagios' features. The "
14829
"<application>nagios-plugins-extra</application> and <application>nagios-snmp-"
14830
"plugins</application> contain many more service checks."
14831
msgstr ""
14832
14833
#: serverguide/C/monitoring.xml:400(para)
14834
msgid ""
14835
"For more information see <ulink "
14836
"url=\"http://www.nagios.org/\">Nagios</ulink> website."
14837
msgstr ""
14838
14839
#: serverguide/C/monitoring.xml:405(para)
14840
msgid ""
14841
"Specifically the <ulink "
14842
"url=\"http://nagios.sourceforge.net/docs/3_0/\">Online Documentation</ulink> "
14843
"site."
14844
msgstr ""
14845
14846
#: serverguide/C/monitoring.xml:410(para)
14847
msgid ""
14848
"There is also a list of <ulink "
14849
"url=\"http://www.nagios.org/propaganda/books/\">books</ulink> related to "
14850
"Nagios and network monitoring:"
14851
msgstr ""
14852
14853
#: serverguide/C/monitoring.xml:420(title)
14854
msgid "Munin"
14855
msgstr ""
14856
14857
#: serverguide/C/monitoring.xml:425(para)
14858
msgid ""
14859
"Before installing <application>Munin</application> on "
14860
"<emphasis>server01</emphasis><application>apache2</application> will need to "
14861
"be installed. The default configuration is fine for running a "
14862
"<application>munin</application> server. For more information see <xref "
14863
"linkend=\"httpd\"/>."
14864
msgstr ""
14865
14866
#: serverguide/C/monitoring.xml:431(para)
14867
msgid ""
14868
"First, on <emphasis>server01</emphasis> install "
14869
"<application>munin</application>. In a terminal enter:"
14870
msgstr ""
14871
14872
#: serverguide/C/monitoring.xml:436(command)
14873
msgid "sudo apt-get install munin"
14874
msgstr ""
14875
14876
#: serverguide/C/monitoring.xml:439(para)
14877
msgid ""
14878
"Now on <emphasis>server02</emphasis> install the <application>munin-"
14879
"node</application> package:"
14880
msgstr ""
14881
14882
#: serverguide/C/monitoring.xml:444(command)
14883
msgid "sudo apt-get install munin-node"
14884
msgstr ""
14885
14886
#: serverguide/C/monitoring.xml:451(para)
14887
msgid ""
14888
"On <emphasis>server01</emphasis> edit the "
14889
"<filename>/etc/munin/munin.conf</filename> adding the IP address for "
14890
"<emphasis>server02</emphasis>:"
14891
msgstr ""
14892
14893
#: serverguide/C/monitoring.xml:456(programlisting)
14894
#, no-wrap
14895
msgid ""
14896
"\n"
14897
"## First our \"normal\" host.\n"
14898
"[server02]\n"
14899
" address 172.18.100.101\n"
14900
msgstr ""
14901
14902
#: serverguide/C/monitoring.xml:463(para)
14903
msgid ""
14904
"Replace <emphasis>server02</emphasis> and "
14905
"<emphasis>172.18.100.101</emphasis> with the actual hostname and IP address "
14906
"for your server."
14907
msgstr ""
14908
14909
#: serverguide/C/monitoring.xml:469(para)
14910
msgid ""
14911
"Next, configure <application>munin-node</application> on "
14912
"<emphasis>server02</emphasis>. Edit <filename>/etc/munin/munin-"
14913
"node.conf</filename> to allow access by <emphasis>server01</emphasis>:"
14914
msgstr ""
14915
14916
#: serverguide/C/monitoring.xml:474(programlisting)
14917
#, no-wrap
14918
msgid ""
14919
"\n"
14920
"allow ^172\\.18\\.100\\.100$\n"
14921
msgstr ""
14922
14923
#: serverguide/C/monitoring.xml:479(para)
14924
msgid ""
14925
"Replace <emphasis>^172\\.18\\.100\\.100$</emphasis> with IP address for your "
14926
"<application>munin</application> server."
14927
msgstr ""
14928
14929
#: serverguide/C/monitoring.xml:484(para)
14930
msgid ""
14931
"Now restart <application>munin-node</application> on "
14932
"<emphasis>server02</emphasis> for the changes to take effect:"
14933
msgstr ""
14934
14935
#: serverguide/C/monitoring.xml:489(command)
14936
msgid "sudo /etc/init.d/munin-node restart"
14937
msgstr ""
14938
14939
#: serverguide/C/monitoring.xml:492(para)
14940
msgid ""
14941
"Finally, in a browser go to <emphasis>http://server01/munin</emphasis>, and "
14942
"you should see links to nice graphs displaying information from the standard "
14943
"<emphasis>munin-plugins</emphasis> for disk, network, processes, and system."
14944
msgstr ""
14945
14946
#: serverguide/C/monitoring.xml:498(para)
14947
msgid ""
14948
"Since this is a new install it may take some time for the graphs to display "
14949
"anything useful."
14950
msgstr ""
14951
14952
#: serverguide/C/monitoring.xml:505(title)
14953
msgid "Additional Plugins"
14954
msgstr ""
14955
14956
#: serverguide/C/monitoring.xml:507(para)
14957
msgid ""
14958
"The <application>munin-plugins-extra</application> package contains "
14959
"performance checks additional services such as DNS, DHCP, Samba, etc. To "
14960
"install the package, from a terminal enter:"
14961
msgstr ""
14962
14963
#: serverguide/C/monitoring.xml:513(command)
14964
msgid "sudo apt-get install munin-plugins-extra"
14965
msgstr ""
14966
14967
#: serverguide/C/monitoring.xml:516(para)
14968
msgid "Be sure to install the package on both the server and node machines."
14969
msgstr ""
14970
14971
#: serverguide/C/monitoring.xml:526(para)
14972
msgid ""
14973
"See the <ulink url=\"http://munin.projects.linpro.no/\">Munin</ulink> "
14974
"website for more details."
14975
msgstr ""
14976
14977
#: serverguide/C/monitoring.xml:531(para)
14978
msgid ""
14979
"Specifically the <ulink "
14980
"url=\"http://munin.projects.linpro.no/wiki/Documentation\">Munin "
14981
"Documentation</ulink> page includes information on additional plugins, "
14982
"writing plugins, etc."
14983
msgstr ""
14984
14985
#: serverguide/C/monitoring.xml:537(para)
14986
msgid ""
14987
"Also, there is a book in German by Open Source Press: <ulink "
14988
"url=\"https://www.opensourcepress.de/index.php?26&backPID=178&tt_prod"
14989
"ucts=152\">Munin Graphisches Netzwerk- und System-Monitoring</ulink>."
14990
msgstr ""
14991
14014
14992
#: serverguide/C/mail.xml:13(title)
14015
14993
msgid "Email Services"
14016
14994
msgstr ""
14028
15006
"IMAP server."
14029
15007
msgstr ""
14030
15008
14031
#: serverguide/C/mail.xml:24(title) serverguide/C/mail.xml:623(application) serverguide/C/mail.xml:657(title) serverguide/C/mail.xml:735(title) serverguide/C/mail.xml:1273(title)
15009
#: serverguide/C/mail.xml:24(title) serverguide/C/mail.xml:804(application) serverguide/C/mail.xml:838(title) serverguide/C/mail.xml:916(title) serverguide/C/mail.xml:1475(title)
14032
15010
msgid "Postfix"
14033
15011
msgstr ""
14034
15012
14044
15022
14045
15023
#: serverguide/C/mail.xml:34(para)
14046
15024
msgid ""
15025
"This guide does not cover setting up Postfix <emphasis>Virtual "
15026
"Domains</emphasis>, for information on Virtual Domains and other advanced "
15027
"configurations see <xref linkend=\"postfix-references\"/>."
15028
msgstr ""
15029
15030
#: serverguide/C/mail.xml:41(para)
15031
msgid ""
14047
15032
"To install <application>postfix</application> run the following command:"
14048
15033
msgstr ""
14049
15034
14050
#: serverguide/C/mail.xml:40(para)
15035
#: serverguide/C/mail.xml:47(para)
14051
15036
msgid ""
14052
15037
"Simply press return when the installation process asks questions, the "
14053
15038
"configuration will be done in greater detail in the next stage."
14054
15039
msgstr ""
14055
15040
14056
#: serverguide/C/mail.xml:45(title)
15041
#: serverguide/C/mail.xml:52(title)
14057
15042
msgid "Basic Configuration"
14058
15043
msgstr ""
14059
15044
14060
#: serverguide/C/mail.xml:46(para)
15045
#: serverguide/C/mail.xml:53(para)
14061
15046
msgid ""
14062
15047
"To configure <application>postfix</application>, run the following command:"
14063
15048
msgstr ""
14064
15049
14065
#: serverguide/C/mail.xml:50(command)
15050
#: serverguide/C/mail.xml:57(command)
14066
15051
msgid "sudo dpkg-reconfigure postfix"
14067
15052
msgstr ""
14068
15053
14069
#: serverguide/C/mail.xml:56(para)
15054
#: serverguide/C/mail.xml:63(para)
14070
15055
msgid "Internet Site"
14071
15056
msgstr ""
14072
15057
14073
#: serverguide/C/mail.xml:57(para)
15058
#: serverguide/C/mail.xml:64(para)
14074
15059
msgid "mail.example.com"
14075
15060
msgstr ""
14076
15061
14077
#: serverguide/C/mail.xml:58(para)
15062
#: serverguide/C/mail.xml:65(para)
14078
15063
msgid "steve"
14079
15064
msgstr ""
14080
15065
14081
#: serverguide/C/mail.xml:59(para)
15066
#: serverguide/C/mail.xml:66(para)
14082
15067
msgid "mail.example.com, localhost.localdomain, localhost"
14083
15068
msgstr ""
14084
15069
14085
#: serverguide/C/mail.xml:60(para)
15070
#: serverguide/C/mail.xml:67(para)
14086
15071
msgid "No"
14087
15072
msgstr ""
14088
15073
14089
#: serverguide/C/mail.xml:61(para)
15074
#: serverguide/C/mail.xml:68(para)
14090
15075
msgid "127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.0/24"
14091
15076
msgstr ""
14092
15077
14093
#: serverguide/C/mail.xml:62(para)
15078
#: serverguide/C/mail.xml:69(para)
14094
15079
msgid "0"
14095
15080
msgstr ""
14096
15081
14097
#: serverguide/C/mail.xml:63(para)
15082
#: serverguide/C/mail.xml:70(para)
14098
15083
msgid "+"
14099
15084
msgstr ""
14100
15085
14101
#: serverguide/C/mail.xml:64(para)
15086
#: serverguide/C/mail.xml:71(para)
14102
15087
msgid "all"
14103
15088
msgstr ""
14104
15089
14105
#: serverguide/C/mail.xml:52(para)
15090
#: serverguide/C/mail.xml:59(para)
14106
15091
msgid ""
14107
15092
"The user interface will be displayed. On each screen, select the following "
14108
15093
"values: <placeholder-1/>"
14109
15094
msgstr ""
14110
15095
14111
#: serverguide/C/mail.xml:68(para)
14112
msgid ""
14113
"Replace mail.example.com with your mail server hostname, 192.168.0/24 with "
14114
"the actual network and class range of your mail server, and steve with the "
14115
"appropriate username."
14116
msgstr ""
14117
14118
#: serverguide/C/mail.xml:76(title) serverguide/C/mail.xml:357(title)
15096
#: serverguide/C/mail.xml:75(para)
15097
msgid ""
15098
"Replace mail.example.com with the domain for which you'll accept email, "
15099
"192.168.0/24 with the actual network and class range of your mail server, "
15100
"and steve with the appropriate username."
15101
msgstr ""
15102
15103
#: serverguide/C/mail.xml:81(para)
15104
msgid ""
15105
"Now is a good time to decide which mailbox format you want to use. By "
15106
"default Postfix will use <emphasis role=\"strong\">mbox</emphasis> for the "
15107
"mailbox format. Rather than editing the configuration file directly, you can "
15108
"use the <command>postconf</command> command to configure all "
15109
"<application>postfix</application> parameters. The configuration parameters "
15110
"will be stored in <filename>/etc/postfix/main.cf</filename> file. Later if "
15111
"you wish to re-configure a particular parameter, you can either run the "
15112
"command or change it manually in the file."
15113
msgstr ""
15114
15115
#: serverguide/C/mail.xml:92(para)
15116
msgid ""
15117
"To configure the mailbox format for <emphasis "
15118
"role=\"strong\">Maildir:</emphasis>"
15119
msgstr ""
15120
15121
#: serverguide/C/mail.xml:97(command)
15122
msgid "sudo postconf -e 'home_mailbox = Maildir/'"
15123
msgstr ""
15124
15125
#: serverguide/C/mail.xml:100(para)
15126
msgid ""
15127
"This will place new mail in /home/<emphasis "
15128
"role=\"italic\">username</emphasis>/Maildir so you will need to configure "
15129
"your Mail Delivery Agent (MDA) to use the same path."
15130
msgstr ""
15131
15132
#: serverguide/C/mail.xml:108(title) serverguide/C/mail.xml:538(title)
14119
15133
msgid "SMTP Authentication"
14120
15134
msgstr ""
14121
15135
14122
#: serverguide/C/mail.xml:78(para)
15136
#: serverguide/C/mail.xml:110(para)
14123
15137
msgid ""
14124
15138
"SMTP-AUTH allows a client to identify itself through an authentication "
14125
15139
"mechanism (SASL). Transport Layer Security (TLS) should be used to encrypt "
14127
15141
"the client to relay mail."
14128
15142
msgstr ""
14129
15143
14130
#: serverguide/C/mail.xml:84(para)
14131
msgid ""
14132
"Configuring <application>Postfix</application> for SMTP-AUTH is very simple "
14133
"using the <application>dovecot-postfix</application> package. This package "
14134
"will install <application>Dovecot</application> and configure "
15144
#: serverguide/C/mail.xml:117(para)
15145
msgid "Configure Postfix for SMTP-AUTH using SASL (Dovecot SASL):"
15146
msgstr ""
15147
15148
#: serverguide/C/mail.xml:120(screen)
15149
#, no-wrap
15150
msgid ""
15151
"\n"
15152
"sudo postconf -e 'smtpd_sasl_type = dovecot'\n"
15153
"sudo postconf -e 'smtpd_sasl_path = private/auth-client'\n"
15154
"sudo postconf -e 'smtpd_sasl_local_domain ='\n"
15155
"sudo postconf -e 'smtpd_sasl_security_options = noanonymous'\n"
15156
"sudo postconf -e 'broken_sasl_auth_clients = yes'\n"
15157
"sudo postconf -e 'smtpd_sasl_auth_enable = yes'\n"
15158
"sudo postconf -e 'smtpd_recipient_restrictions = "
15159
"permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'\n"
15160
"sudo postconf -e 'inet_interfaces = all'\n"
15161
msgstr ""
15162
15163
#: serverguide/C/mail.xml:131(para)
15164
msgid ""
15165
"The <emphasis>smtpd_sasl_path</emphasis> configuration is a path relative to "
15166
"the Postfix queue directory."
15167
msgstr ""
15168
15169
#: serverguide/C/mail.xml:137(para)
15170
msgid ""
15171
"Next, obtain a digital certificate for TLS. See <xref linkend=\"certificates-"
15172
"and-security\"/> for details. This example also uses a Certificate Authority "
15173
"(CA). For information on generating a CA certificate see <xref "
15174
"linkend=\"certificate-authority\"/>."
15175
msgstr ""
15176
15177
#: serverguide/C/mail.xml:143(para)
15178
msgid ""
15179
"You can get the digital certificate from a certificate authority. But unlike "
15180
"web clients, SMTP clients rarely complain about \"self-signed "
15181
"certificates\", so alternatively, you can create the certificate yourself. "
15182
"Refer to <xref linkend=\"creating-a-self-signed-certificate\"/> for more "
15183
"details."
15184
msgstr ""
15185
15186
#: serverguide/C/mail.xml:155(para)
15187
msgid ""
15188
"Once you have a certificate, configure Postfix to provide TLS encryption for "
15189
"both incoming and outgoing mail:"
15190
msgstr ""
15191
15192
#: serverguide/C/mail.xml:158(screen)
15193
#, no-wrap
15194
msgid ""
15195
"\n"
15196
"sudo postconf -e 'smtpd_tls_auth_only = no'\n"
15197
"sudo postconf -e 'smtp_use_tls = yes'\n"
15198
"sudo postconf -e 'smtpd_use_tls = yes'\n"
15199
"sudo postconf -e 'smtp_tls_note_starttls_offer = yes'\n"
15200
"sudo postconf -e 'smtpd_tls_key_file = /etc/ssl/private/server.key'\n"
15201
"sudo postconf -e 'smtpd_tls_cert_file = /etc/ssl/certs/server.crt'\n"
15202
"sudo postconf -e 'smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem'\n"
15203
"sudo postconf -e 'smtpd_tls_loglevel = 1'\n"
15204
"sudo postconf -e 'smtpd_tls_received_header = yes'\n"
15205
"sudo postconf -e 'smtpd_tls_session_cache_timeout = 3600s'\n"
15206
"sudo postconf -e 'tls_random_source = dev:/dev/urandom'\n"
15207
"sudo postconf -e 'myhostname = mail.example.com'\n"
15208
msgstr ""
15209
15210
#: serverguide/C/mail.xml:175(para)
15211
msgid ""
15212
"After running all the commands, <application>Postfix</application> is "
15213
"configured for SMTP-AUTH and a self-signed certificate has been created for "
15214
"TLS encryption."
15215
msgstr ""
15216
15217
#: serverguide/C/mail.xml:180(para)
15218
msgid ""
15219
"Now, the file <filename>/etc/postfix/main.cf</filename> should look like "
15220
"<ulink url=\"../sample/postfix_configuration\">this</ulink>."
15221
msgstr ""
15222
15223
#: serverguide/C/mail.xml:184(para)
15224
msgid ""
15225
"The postfix initial configuration is complete. Run the following command to "
15226
"restart the postfix daemon:"
15227
msgstr ""
15228
15229
#: serverguide/C/mail.xml:189(para)
15230
msgid ""
15231
"<application>Postfix</application> supports SMTP-AUTH as defined in <ulink "
15232
"url=\"ftp://ftp.isi.edu/in-notes/rfc2554.txt\">RFC2554</ulink>. It is based "
15233
"on <ulink url=\"ftp://ftp.isi.edu/in-notes/rfc2222.txt\">SASL</ulink>. "
15234
"However it is still necessary to set up SASL authentication before you can "
15235
"use SMTP-AUTH."
15236
msgstr ""
15237
15238
#: serverguide/C/mail.xml:199(title) serverguide/C/mail.xml:591(title)
15239
msgid "Configuring SASL"
15240
msgstr ""
15241
15242
#: serverguide/C/mail.xml:200(para)
15243
msgid ""
15244
"Postfix supports two SASL implementations Cyrus SASL and Dovecot SASL. To "
15245
"enable Dovecot SASL the <application>dovecot-common</application> package "
15246
"will need to be installed. From a terminal prompt enter the following:"
15247
msgstr ""
15248
15249
#: serverguide/C/mail.xml:206(command)
15250
msgid "sudo apt-get install dovecot-common"
15251
msgstr ""
15252
15253
#: serverguide/C/mail.xml:208(para)
15254
msgid ""
15255
"Next you will need to edit <filename>/etc/dovecot/dovecot.conf</filename>. "
15256
"In the <emphasis>auth default</emphasis> section uncomment the "
15257
"<emphasis>socket listen</emphasis> option and change the following:"
15258
msgstr ""
15259
15260
#: serverguide/C/mail.xml:212(programlisting)
15261
#, no-wrap
15262
msgid ""
15263
"\n"
15264
" socket listen {\n"
15265
" #master {\n"
15266
" # Master socket provides access to userdb information. It's typically\n"
15267
" # used to give Dovecot's local delivery agent access to userdb so it\n"
15268
" # can find mailbox locations.\n"
15269
" #path = /var/run/dovecot/auth-master\n"
15270
" #mode = 0600\n"
15271
" # Default user/group is the one who started dovecot-auth (root)\n"
15272
" #user = \n"
15273
" #group = \n"
15274
" #}\n"
15275
" client {\n"
15276
" # The client socket is generally safe to export to everyone. Typical "
15277
"use\n"
15278
" # is to export it to your SMTP server so it can do SMTP AUTH lookups\n"
15279
" # using it.\n"
15280
" path = /var/spool/postfix/private/auth-client\n"
15281
" mode = 0660\n"
15282
" user = postfix\n"
15283
" group = postfix\n"
15284
" }\n"
15285
" }\n"
15286
msgstr ""
15287
15288
#: serverguide/C/mail.xml:236(para)
15289
msgid ""
15290
"In order to let <application>Outlook</application> clients use SMTPAUTH, in "
15291
"the <emphasis>auth default</emphasis> section of /etc/dovecot/dovecot.conf "
15292
"add <emphasis>\"login\"</emphasis>:"
15293
msgstr ""
15294
15295
#: serverguide/C/mail.xml:241(programlisting)
15296
#, no-wrap
15297
msgid ""
15298
"\n"
15299
" mechanisms = plain login\n"
15300
msgstr ""
15301
15302
#: serverguide/C/mail.xml:245(para)
15303
msgid ""
15304
"Once you have <application>Dovecot</application> configured restart it with:"
15305
msgstr ""
15306
15307
#: serverguide/C/mail.xml:249(command) serverguide/C/mail.xml:712(command)
15308
msgid "sudo /etc/init.d/dovecot restart"
15309
msgstr ""
15310
15311
#: serverguide/C/mail.xml:254(title)
15312
msgid "Postfix-Dovecot"
15313
msgstr ""
15314
15315
#: serverguide/C/mail.xml:256(para)
15316
msgid ""
15317
"Another option for configuring <application>Postfix</application> for SMTP-"
15318
"AUTH is using the <application>dovecot-postfix</application> package. This "
15319
"package will install <application>Dovecot</application> and configure "
14135
15320
"<application>Postfix</application> to use it for both SASL authentication "
14136
15321
"and as a Mail Delivery Agent (MDA). The package also configures "
14137
15322
"<application>Dovecot</application> for IMAP, IMAPS, POP3, and POP3S."
14138
15323
msgstr ""
14139
15324
14140
#: serverguide/C/mail.xml:91(para)
15325
#: serverguide/C/mail.xml:265(para)
15326
msgid ""
15327
"You may or may not want to run IMAP, IMAPS, POP3, or POP3S on your mail "
15328
"server. For example, if you are configuring your server to be a mail "
15329
"gateway, spam/virus filter, etc. If this is the case it may be easier to use "
15330
"the above commands to configure Postfix for SMTPAUTH."
15331
msgstr ""
15332
15333
#: serverguide/C/mail.xml:272(para)
14141
15334
msgid "To install the package, from a terminal prompt enter:"
14142
15335
msgstr ""
14143
15336
14144
#: serverguide/C/mail.xml:96(command)
15337
#: serverguide/C/mail.xml:277(command)
14145
15338
msgid "sudo apt-get install dovecot-postfix"
14146
15339
msgstr ""
14147
15340
14148
#: serverguide/C/mail.xml:99(para)
15341
#: serverguide/C/mail.xml:280(para)
14149
15342
msgid ""
14150
15343
"You should now have a working mail server, but there are a few options that "
14151
15344
"you may wish to further customize. For example, the package uses the "
14155
15348
"for more details."
14156
15349
msgstr ""
14157
15350
14158
#: serverguide/C/mail.xml:105(para)
15351
#: serverguide/C/mail.xml:286(para)
14159
15352
msgid ""
14160
15353
"Once you have a customized certificate and key for the host, change the "
14161
15354
"following options in <filename>/etc/postfix/main.cf</filename>:"
14162
15355
msgstr ""
14163
15356
14164
#: serverguide/C/mail.xml:109(programlisting)
15357
#: serverguide/C/mail.xml:290(programlisting)
14165
15358
#, no-wrap
14166
15359
msgid ""
14167
15360
"\n"
14169
15362
"smtpd_tls_key_file = /etc/ssl/private/ssl-mail.key\n"
14170
15363
msgstr ""
14171
15364
14172
#: serverguide/C/mail.xml:114(para)
15365
#: serverguide/C/mail.xml:295(para)
14173
15366
msgid "Then restart Postfix:"
14174
15367
msgstr ""
14175
15368
14176
#: serverguide/C/mail.xml:119(command) serverguide/C/mail.xml:182(command) serverguide/C/mail.xml:775(command) serverguide/C/mail.xml:1324(command)
15369
#: serverguide/C/mail.xml:300(command) serverguide/C/mail.xml:363(command) serverguide/C/mail.xml:956(command) serverguide/C/mail.xml:1526(command)
14177
15370
msgid "sudo /etc/init.d/postfix restart"
14178
15371
msgstr ""
14179
15372
14180
#: serverguide/C/mail.xml:125(para)
15373
#: serverguide/C/mail.xml:306(para)
14181
15374
msgid ""
14182
15375
"SMTP-AUTH configuration is complete. Now it is time to test the setup."
14183
15376
msgstr ""
14184
15377
14185
#: serverguide/C/mail.xml:128(para)
15378
#: serverguide/C/mail.xml:309(para)
14186
15379
msgid "To see if SMTP-AUTH and TLS work properly, run the following command:"
14187
15380
msgstr ""
14188
15381
14189
#: serverguide/C/mail.xml:133(command)
15382
#: serverguide/C/mail.xml:314(command)
14190
15383
msgid "telnet mail.example.com 25"
14191
15384
msgstr ""
14192
15385
14193
#: serverguide/C/mail.xml:135(para)
15386
#: serverguide/C/mail.xml:316(para)
14194
15387
msgid ""
14195
15388
"After you have established the connection to the postfix mail server, type:"
14196
15389
msgstr ""
14197
15390
14198
#: serverguide/C/mail.xml:139(screen)
15391
#: serverguide/C/mail.xml:320(screen)
14199
15392
#, no-wrap
14200
15393
msgid ""
14201
15394
"\n"
14202
15395
"ehlo mail.example.com\n"
14203
15396
msgstr ""
14204
15397
14205
#: serverguide/C/mail.xml:142(para)
15398
#: serverguide/C/mail.xml:323(para)
14206
15399
msgid ""
14207
15400
"If you see the following lines among others, then everything is working "
14208
15401
"perfectly. Type <command>quit</command> to exit."
14209
15402
msgstr ""
14210
15403
14211
#: serverguide/C/mail.xml:146(programlisting)
15404
#: serverguide/C/mail.xml:327(programlisting)
14212
15405
#, no-wrap
14213
15406
msgid ""
14214
15407
"\n"
14218
15411
"250 8BITMIME\n"
14219
15412
msgstr ""
14220
15413
14221
#: serverguide/C/mail.xml:156(para)
15414
#: serverguide/C/mail.xml:337(para)
14222
15415
msgid ""
14223
15416
"This section introduces some common ways to determine the cause if problems "
14224
15417
"arise."
14225
15418
msgstr ""
14226
15419
14227
#: serverguide/C/mail.xml:160(title)
15420
#: serverguide/C/mail.xml:341(title)
14228
15421
msgid "Escaping chroot"
14229
15422
msgstr ""
14230
15423
14231
#: serverguide/C/mail.xml:161(para)
15424
#: serverguide/C/mail.xml:342(para)
14232
15425
msgid ""
14233
15426
"The Ubuntu <application>postfix</application> package will by default "
14234
15427
"install into a <emphasis>chroot</emphasis> environment for security reasons. "
14235
15428
"This can add greater complexity when troubleshooting problems."
14236
15429
msgstr ""
14237
15430
14238
#: serverguide/C/mail.xml:165(para)
15431
#: serverguide/C/mail.xml:346(para)
14239
15432
msgid ""
14240
15433
"To turn off the chroot operation locate for the following line in the "
14241
15434
"<filename>/etc/postfix/master.cf</filename> configuration file:"
14242
15435
msgstr ""
14243
15436
14244
#: serverguide/C/mail.xml:169(screen)
15437
#: serverguide/C/mail.xml:350(screen)
14245
15438
#, no-wrap
14246
15439
msgid ""
14247
15440
"\n"
14248
15441
"smtp inet n - - - - smtpd\n"
14249
15442
msgstr ""
14250
15443
14251
#: serverguide/C/mail.xml:172(para)
15444
#: serverguide/C/mail.xml:353(para)
14252
15445
msgid "and modify it as follows:"
14253
15446
msgstr ""
14254
15447
14255
#: serverguide/C/mail.xml:175(screen)
15448
#: serverguide/C/mail.xml:356(screen)
14256
15449
#, no-wrap
14257
15450
msgid ""
14258
15451
"\n"
14259
15452
"smtp inet n - n - - smtpd\n"
14260
15453
msgstr ""
14261
15454
14262
#: serverguide/C/mail.xml:178(para)
15455
#: serverguide/C/mail.xml:359(para)
14263
15456
msgid ""
14264
15457
"You will then need to restart Postfix to use the new configuration. From a "
14265
15458
"terminal prompt enter:"
14266
15459
msgstr ""
14267
15460
14268
#: serverguide/C/mail.xml:186(title)
15461
#: serverguide/C/mail.xml:367(title)
14269
15462
msgid "Log Files"
14270
15463
msgstr ""
14271
15464
14272
#: serverguide/C/mail.xml:187(para)
15465
#: serverguide/C/mail.xml:368(para)
14273
15466
msgid ""
14274
15467
"<application>Postfix</application> sends all log messages to "
14275
15468
"<filename>/var/log/mail.log</filename>. However error and warning messages "
14278
15471
"<filename>/var/log/mail.warn</filename> respectively."
14279
15472
msgstr ""
14280
15473
14281
#: serverguide/C/mail.xml:192(para)
15474
#: serverguide/C/mail.xml:373(para)
14282
15475
msgid ""
14283
15476
"To see messages entered into the logs in real time you can use the "
14284
15477
"<application>tail -f</application> command:"
14285
15478
msgstr ""
14286
15479
14287
#: serverguide/C/mail.xml:197(command)
15480
#: serverguide/C/mail.xml:378(command)
14288
15481
msgid "tail -f /var/log/mail.err"
14289
15482
msgstr ""
14290
15483
14291
#: serverguide/C/mail.xml:199(para)
15484
#: serverguide/C/mail.xml:380(para)
14292
15485
msgid ""
14293
15486
"The amount of detail that is recorded in the logs can be increased. Below "
14294
15487
"are some configuration options for increasing the log level for some of the "
14295
15488
"areas covered above."
14296
15489
msgstr ""
14297
15490
14298
#: serverguide/C/mail.xml:205(para)
15491
#: serverguide/C/mail.xml:386(para)
14299
15492
msgid ""
14300
15493
"To increase <emphasis>TLS</emphasis> activity logging set the "
14301
15494
"<emphasis>smtpd_tls_loglevel</emphasis> option to a value from 1 to 4."
14302
15495
msgstr ""
14303
15496
14304
#: serverguide/C/mail.xml:209(command)
15497
#: serverguide/C/mail.xml:390(command)
14305
15498
msgid "sudo postconf -e 'smtpd_tls_loglevel = 4'"
14306
15499
msgstr ""
14307
15500
14308
#: serverguide/C/mail.xml:213(para)
15501
#: serverguide/C/mail.xml:394(para)
14309
15502
msgid ""
14310
15503
"If you are having trouble sending or receiving mail from a specific domain "
14311
15504
"you can add the domain to the <emphasis>debug_peer_list</emphasis> parameter."
14312
15505
msgstr ""
14313
15506
14314
#: serverguide/C/mail.xml:218(command)
15507
#: serverguide/C/mail.xml:399(command)
14315
15508
msgid "sudo postconf -e 'debug_peer_list = problem.domain'"
14316
15509
msgstr ""
14317
15510
14318
#: serverguide/C/mail.xml:222(para)
15511
#: serverguide/C/mail.xml:403(para)
14319
15512
msgid ""
14320
15513
"You can increase the verbosity of any <application>Postfix</application> "
14321
15514
"daemon process by editing the <filename>/etc/postfix/master.cf</filename> "
14323
15516
"<emphasis>smtp</emphasis> entry:"
14324
15517
msgstr ""
14325
15518
14326
#: serverguide/C/mail.xml:226(programlisting)
15519
#: serverguide/C/mail.xml:407(programlisting)
14327
15520
#, no-wrap
14328
15521
msgid ""
14329
15522
"\n"
14330
15523
"smtp unix - - - - - smtp -v\n"
14331
15524
msgstr ""
14332
15525
14333
#: serverguide/C/mail.xml:232(para)
15526
#: serverguide/C/mail.xml:413(para)
14334
15527
msgid ""
14335
15528
"It is important to note that after making one of the logging changes above "
14336
15529
"the <application>Postfix</application> process will need to be reloaded in "
14338
15531
"reload</command>"
14339
15532
msgstr ""
14340
15533
14341
#: serverguide/C/mail.xml:239(para)
15534
#: serverguide/C/mail.xml:420(para)
14342
15535
msgid ""
14343
15536
"To increase the amount of information logged when troubleshooting "
14344
15537
"<emphasis>SASL</emphasis> issues you can set the following options in "
14345
15538
"<filename>/etc/dovecot/dovecot.conf</filename>"
14346
15539
msgstr ""
14347
15540
14348
#: serverguide/C/mail.xml:243(programlisting)
15541
#: serverguide/C/mail.xml:424(programlisting)
14349
15542
#, no-wrap
14350
15543
msgid ""
14351
15544
"\n"
14353
15546
"auth_debug_passwords=yes\n"
14354
15547
msgstr ""
14355
15548
14356
#: serverguide/C/mail.xml:250(para)
15549
#: serverguide/C/mail.xml:431(para)
14357
15550
msgid ""
14358
15551
"Just like <application>Postfix</application> if you change a "
14359
15552
"<application>Dovecot</application> configuration the process will need to be "
14360
15553
"reloaded: <command>sudo /etc/init.d/dovecot reload</command>."
14361
15554
msgstr ""
14362
15555
14363
#: serverguide/C/mail.xml:256(para)
15556
#: serverguide/C/mail.xml:437(para)
14364
15557
msgid ""
14365
15558
"Some of the options above can drastically increase the amount of information "
14366
15559
"sent to the log files. Remember to return the log level back to normal after "
14368
15561
"new configuration to take affect."
14369
15562
msgstr ""
14370
15563
14371
#: serverguide/C/mail.xml:264(para)
15564
#: serverguide/C/mail.xml:445(para)
14372
15565
msgid ""
14373
15566
"Administering a <application>Postfix</application> server can be a very "
14374
15567
"complicated task. At some point you may need to turn to the Ubuntu community "
14375
15568
"for more experienced help."
14376
15569
msgstr ""
14377
15570
14378
#: serverguide/C/mail.xml:268(para)
15571
#: serverguide/C/mail.xml:449(para)
14379
15572
msgid ""
14380
15573
"A great place to ask for <application>Postfix</application> assistance, and "
14381
15574
"get involved with the Ubuntu Server community, is the <emphasis>#ubuntu-"
14385
15578
"url=\"http://www.ubuntu.com/support/community/webforums\">Web Forums</ulink>."
14386
15579
msgstr ""
14387
15580
14388
#: serverguide/C/mail.xml:273(para)
15581
#: serverguide/C/mail.xml:454(para)
14389
15582
msgid ""
14390
15583
"For in depth <application>Postfix</application> information Ubuntu "
14391
15584
"developers highly recommend: <ulink url=\"http://www.postfix-book.com/\">The "
14392
15585
"Book of Postfix</ulink>."
14393
15586
msgstr ""
14394
15587
14395
#: serverguide/C/mail.xml:277(para)
15588
#: serverguide/C/mail.xml:458(para)
14396
15589
msgid ""
14397
15590
"Finally, the <ulink "
14398
15591
"url=\"http://www.postfix.org/documentation.html\">Postfix</ulink> website "
14400
15593
"available."
14401
15594
msgstr ""
14402
15595
14403
#: serverguide/C/mail.xml:286(title) serverguide/C/mail.xml:663(title) serverguide/C/mail.xml:779(title)
15596
#: serverguide/C/mail.xml:467(title) serverguide/C/mail.xml:844(title) serverguide/C/mail.xml:960(title)
14404
15597
msgid "Exim4"
14405
15598
msgstr ""
14406
15599
14407
#: serverguide/C/mail.xml:287(para)
15600
#: serverguide/C/mail.xml:468(para)
14408
15601
msgid ""
14409
15602
"<application>Exim4</application> is another Message Transfer Agent (MTA) "
14410
15603
"developed at the University of Cambridge for use on Unix systems connected "
14414
15607
"<application>sendmail</application>."
14415
15608
msgstr ""
14416
15609
14417
#: serverguide/C/mail.xml:298(para)
15610
#: serverguide/C/mail.xml:479(para)
14418
15611
msgid ""
14419
15612
"To install <application>exim4</application>, run the following command: "
14420
15613
"<screen>\n"
14422
15615
"</screen>"
14423
15616
msgstr ""
14424
15617
14425
#: serverguide/C/mail.xml:307(para)
15618
#: serverguide/C/mail.xml:488(para)
14426
15619
msgid ""
14427
15620
"To configure <application>Exim4</application>, run the following command:"
14428
15621
msgstr ""
14429
15622
14430
#: serverguide/C/mail.xml:311(command)
15623
#: serverguide/C/mail.xml:492(command)
14431
15624
msgid "sudo dpkg-reconfigure exim4-config"
14432
15625
msgstr ""
14433
15626
14434
#: serverguide/C/mail.xml:313(para)
15627
#: serverguide/C/mail.xml:494(para)
14435
15628
msgid ""
14436
15629
"The user interface will be displayed. The user interface lets you configure "
14437
15630
"many parameters. For example, In <application>Exim4</application> the "
14439
15632
"in one file you can configure accordingly in this user interface."
14440
15633
msgstr ""
14441
15634
14442
#: serverguide/C/mail.xml:321(para)
15635
#: serverguide/C/mail.xml:502(para)
14443
15636
msgid ""
14444
15637
"All the parameters you configure in the user interface are stored in "
14445
15638
"<filename>/etc/exim4/update-exim4.conf.conf</filename> file. If you wish to "
14446
15639
"re-configure, either you re-run the configuration wizard or manually edit "
14447
"this file using your favourite editor. Once you configure, you can run the "
15640
"this file using your favorite editor. Once you configure, you can run the "
14448
15641
"following command to generate the master configuration file:"
14449
15642
msgstr ""
14450
15643
14451
#: serverguide/C/mail.xml:332(command) serverguide/C/mail.xml:405(command)
15644
#: serverguide/C/mail.xml:513(command) serverguide/C/mail.xml:586(command)
14452
15645
msgid "sudo update-exim4.conf"
14453
15646
msgstr ""
14454
15647
14455
#: serverguide/C/mail.xml:334(para)
15648
#: serverguide/C/mail.xml:515(para)
14456
15649
msgid ""
14457
15650
"The master configuration file, is generated and it is stored in "
14458
15651
"<filename>/var/lib/exim4/config.autogenerated</filename>."
14459
15652
msgstr ""
14460
15653
14461
#: serverguide/C/mail.xml:340(para)
15654
#: serverguide/C/mail.xml:521(para)
14462
15655
msgid ""
14463
15656
"At any time, you should not edit the master configuration file, "
14464
15657
"<filename>/var/lib/exim4/config.autogenerated</filename> manually. It is "
14465
15658
"updated automatically every time you run <command>update-exim4.conf</command>"
14466
15659
msgstr ""
14467
15660
14468
#: serverguide/C/mail.xml:348(para)
15661
#: serverguide/C/mail.xml:529(para)
14469
15662
msgid ""
14470
15663
"You can run the following command to start <application>Exim4</application> "
14471
15664
"daemon."
14472
15665
msgstr ""
14473
15666
14474
#: serverguide/C/mail.xml:353(command) serverguide/C/mail.xml:785(command)
15667
#: serverguide/C/mail.xml:534(command) serverguide/C/mail.xml:966(command)
14475
15668
msgid "sudo /etc/init.d/exim4 start"
14476
15669
msgstr ""
14477
15670
14478
#: serverguide/C/mail.xml:358(para)
15671
#: serverguide/C/mail.xml:539(para)
14479
15672
msgid ""
14480
15673
"This section covers configuring Exim4 to use SMTP-AUTH with TLS and SASL."
14481
15674
msgstr ""
14482
15675
14483
#: serverguide/C/mail.xml:361(para)
15676
#: serverguide/C/mail.xml:542(para)
14484
15677
msgid ""
14485
15678
"The first step is to create a certificate for use with TLS. Enter the "
14486
15679
"following into a terminal prompt:"
14487
15680
msgstr ""
14488
15681
14489
#: serverguide/C/mail.xml:365(command)
15682
#: serverguide/C/mail.xml:546(command)
14490
15683
msgid "sudo /usr/share/doc/exim4-base/examples/exim-gencert"
14491
15684
msgstr ""
14492
15685
14493
#: serverguide/C/mail.xml:367(para)
15686
#: serverguide/C/mail.xml:548(para)
14494
15687
msgid ""
14495
15688
"Now Exim4 needs to be configured for TLS by editing "
14496
15689
"<filename>/etc/exim4/conf.d/main/03_exim4-config_tlsoptions</filename> add "
14497
15690
"the following:"
14498
15691
msgstr ""
14499
15692
14500
#: serverguide/C/mail.xml:371(programlisting)
15693
#: serverguide/C/mail.xml:552(programlisting)
14501
15694
#, no-wrap
14502
15695
msgid ""
14503
15696
"\n"
14504
15697
"MAIN_TLS_ENABLE = yes\n"
14505
15698
msgstr ""
14506
15699
14507
#: serverguide/C/mail.xml:374(para)
15700
#: serverguide/C/mail.xml:555(para)
14508
15701
msgid ""
14509
15702
"Next you need to configure <application>Exim4</application> to use the "
14510
15703
"<application>saslauthd</application> for authentication. Edit "
14513
15706
"<emphasis>login_saslauthd_server</emphasis> sections:"
14514
15707
msgstr ""
14515
15708
14516
#: serverguide/C/mail.xml:379(programlisting)
15709
#: serverguide/C/mail.xml:560(programlisting)
14517
15710
#, no-wrap
14518
15711
msgid ""
14519
15712
"\n"
14539
15732
" .endif\n"
14540
15733
msgstr ""
14541
15734
14542
#: serverguide/C/mail.xml:401(para)
15735
#: serverguide/C/mail.xml:582(para)
14543
15736
msgid "Finally, update the Exim4 configuration and restart the service:"
14544
15737
msgstr ""
14545
15738
14546
#: serverguide/C/mail.xml:406(command)
15739
#: serverguide/C/mail.xml:587(command)
14547
15740
msgid "sudo /etc/init.d/exim4 restart"
14548
15741
msgstr ""
14549
15742
14550
#: serverguide/C/mail.xml:410(title)
14551
msgid "Configuring SASL"
14552
msgstr ""
14553
14554
#: serverguide/C/mail.xml:411(para)
15743
#: serverguide/C/mail.xml:592(para)
14555
15744
msgid ""
14556
15745
"This section provides details on configuring the saslauthd to provide "
14557
15746
"authentication for <application>Exim4</application>."
14558
15747
msgstr ""
14559
15748
14560
#: serverguide/C/mail.xml:414(para)
15749
#: serverguide/C/mail.xml:595(para)
14561
15750
msgid ""
14562
15751
"The first step is to install the sasl2-bin package. From a terminal prompt "
14563
15752
"enter the following:"
14564
15753
msgstr ""
14565
15754
14566
#: serverguide/C/mail.xml:418(command)
15755
#: serverguide/C/mail.xml:599(command)
14567
15756
msgid "sudo apt-get install sasl2-bin"
14568
15757
msgstr ""
14569
15758
14570
#: serverguide/C/mail.xml:420(para)
15759
#: serverguide/C/mail.xml:601(para)
14571
15760
msgid ""
14572
15761
"To configure saslauthd edit the /etc/default/saslauthd configuration file "
14573
15762
"and set START=no to:"
14574
15763
msgstr ""
14575
15764
14576
#: serverguide/C/mail.xml:423(programlisting)
15765
#: serverguide/C/mail.xml:604(programlisting)
14577
15766
#, no-wrap
14578
15767
msgid ""
14579
15768
"\n"
14580
15769
"START=yes\n"
14581
15770
msgstr ""
14582
15771
14583
#: serverguide/C/mail.xml:426(para)
15772
#: serverguide/C/mail.xml:607(para)
14584
15773
msgid ""
14585
15774
"Next the <emphasis>Debian-exim</emphasis> user needs to be part of the "
14586
15775
"<emphasis>sasl</emphasis> group in order for Exim4 to use the saslauthd "
14587
15776
"service:"
14588
15777
msgstr ""
14589
15778
14590
#: serverguide/C/mail.xml:431(command)
15779
#: serverguide/C/mail.xml:612(command)
14591
15780
msgid "sudo adduser Debian-exim sasl"
14592
15781
msgstr ""
14593
15782
14594
#: serverguide/C/mail.xml:433(para)
15783
#: serverguide/C/mail.xml:614(para)
14595
15784
msgid "Now start the <application>saslauthd</application> service:"
14596
15785
msgstr ""
14597
15786
14598
#: serverguide/C/mail.xml:437(command)
15787
#: serverguide/C/mail.xml:618(command)
14599
15788
msgid "sudo /etc/init.d/saslauthd start"
14600
15789
msgstr ""
14601
15790
14602
#: serverguide/C/mail.xml:439(para)
15791
#: serverguide/C/mail.xml:620(para)
14603
15792
msgid ""
14604
15793
"<application>Exim4</application> is now configured with SMTP-AUTH using TLS "
14605
15794
"and SASL authentication."
14606
15795
msgstr ""
14607
15796
14608
#: serverguide/C/mail.xml:448(para)
15797
#: serverguide/C/mail.xml:629(para)
14609
15798
msgid ""
14610
15799
"See <ulink url=\"http://www.exim.org/\">exim.org</ulink> for more "
14611
15800
"information."
14612
15801
msgstr ""
14613
15802
14614
#: serverguide/C/mail.xml:453(para)
15803
#: serverguide/C/mail.xml:634(para)
14615
15804
msgid ""
14616
15805
"There is also an <ulink url=\"http://www.uit.co.uk/content/exim-smtp-mail-"
14617
15806
"server\">Exim4 Book</ulink> available."
14618
15807
msgstr ""
14619
15808
14620
#: serverguide/C/mail.xml:462(title)
15809
#: serverguide/C/mail.xml:643(title)
14621
15810
msgid "Dovecot Server"
14622
15811
msgstr ""
14623
15812
14624
#: serverguide/C/mail.xml:463(para)
15813
#: serverguide/C/mail.xml:644(para)
14625
15814
msgid ""
14626
15815
"<application>Dovecot</application> is a Mail Delivery Agent, written with "
14627
15816
"security primarily in mind. It supports the major mailbox formats: mbox or "
14628
15817
"Maildir. This section explain how to set it up as an imap or pop3 server."
14629
15818
msgstr ""
14630
15819
14631
#: serverguide/C/mail.xml:471(para)
15820
#: serverguide/C/mail.xml:652(para)
14632
15821
msgid ""
14633
15822
"To install <application>dovecot</application>, run the following command in "
14634
15823
"the command prompt:"
14635
15824
msgstr ""
14636
15825
14637
#: serverguide/C/mail.xml:476(command)
15826
#: serverguide/C/mail.xml:657(command)
14638
15827
msgid "sudo apt-get install dovecot-imapd dovecot-pop3d"
14639
15828
msgstr ""
14640
15829
14641
#: serverguide/C/mail.xml:481(para)
15830
#: serverguide/C/mail.xml:662(para)
14642
15831
msgid ""
14643
15832
"To configure <application>dovecot</application>, you can edit the file "
14644
15833
"<filename>/etc/dovecot/dovecot.conf</filename>. You can choose the protocol "
14650
15839
"link>."
14651
15840
msgstr ""
14652
15841
14653
#: serverguide/C/mail.xml:491(para)
15842
#: serverguide/C/mail.xml:672(para)
14654
15843
msgid ""
14655
15844
"IMAPS and POP3S are more secure that the simple IMAP and POP3 because they "
14656
15845
"use SSL encryption to connect. Once you have chosen the protocol, amend the "
14657
15846
"following line in the file <filename>/etc/dovecot/dovecot.conf</filename>:"
14658
15847
msgstr ""
14659
15848
14660
#: serverguide/C/mail.xml:497(programlisting)
15849
#: serverguide/C/mail.xml:678(programlisting)
14661
15850
#, no-wrap
14662
15851
msgid ""
14663
15852
"\n"
14664
15853
"protocols = pop3 pop3s imap imaps\n"
14665
15854
msgstr ""
14666
15855
14667
#: serverguide/C/mail.xml:500(para)
15856
#: serverguide/C/mail.xml:681(para)
14668
15857
msgid ""
14669
15858
"Next, choose the mailbox you would like to use. "
14670
15859
"<application>Dovecot</application> supports <emphasis "
14675
15864
"site</ulink>."
14676
15865
msgstr ""
14677
15866
14678
#: serverguide/C/mail.xml:508(para)
15867
#: serverguide/C/mail.xml:689(para)
14679
15868
msgid ""
14680
15869
"Once you have chosen your mailbox type, edit the file "
14681
15870
"<filename>/etc/dovecot/dovecot.conf</filename> and change the following line:"
14682
15871
msgstr ""
14683
15872
14684
#: serverguide/C/mail.xml:513(programlisting)
15873
#: serverguide/C/mail.xml:694(programlisting)
14685
15874
#, no-wrap
14686
15875
msgid ""
14687
15876
"\n"
14690
15879
"mail_location = mbox:~/mail:INBOX=/var/spool/mail/%u # (for mbox)\n"
14691
15880
msgstr ""
14692
15881
14693
#: serverguide/C/mail.xml:519(para)
15882
#: serverguide/C/mail.xml:700(para)
14694
15883
msgid ""
14695
15884
"You should configure your Mail Transport Agent (MTA) to transfer the "
14696
15885
"incoming mail to this type of mailbox if it is different from the one you "
14697
15886
"have configured."
14698
15887
msgstr ""
14699
15888
14700
#: serverguide/C/mail.xml:525(para)
15889
#: serverguide/C/mail.xml:706(para)
14701
15890
msgid ""
14702
15891
"Once you have configured dovecot, restart the "
14703
15892
"<application>dovecot</application> daemon in order to test your setup:"
14704
15893
msgstr ""
14705
15894
14706
#: serverguide/C/mail.xml:531(command)
14707
msgid "sudo /etc/init.d/dovecot restart"
14708
msgstr ""
14709
14710
#: serverguide/C/mail.xml:534(para)
15895
#: serverguide/C/mail.xml:715(para)
14711
15896
msgid ""
14712
15897
"If you have enabled imap, or pop3, you can also try to log in with the "
14713
15898
"commands <command>telnet localhost pop3</command> or <command>telnet "
14715
15900
"installation has been successful:"
14716
15901
msgstr ""
14717
15902
14718
#: serverguide/C/mail.xml:541(programlisting)
15903
#: serverguide/C/mail.xml:722(programlisting)
14719
15904
#, no-wrap
14720
15905
msgid ""
14721
15906
"\n"
14726
15911
"+OK Dovecot ready.\n"
14727
15912
msgstr ""
14728
15913
14729
#: serverguide/C/mail.xml:550(title)
15914
#: serverguide/C/mail.xml:731(title)
14730
15915
msgid "Dovecot SSL Configuration"
14731
15916
msgstr ""
14732
15917
14733
#: serverguide/C/mail.xml:551(para)
15918
#: serverguide/C/mail.xml:732(para)
14734
15919
msgid ""
14735
15920
"To configure <application>dovecot</application> to use SSL, you can edit the "
14736
15921
"file <filename>/etc/dovecot/dovecot.conf</filename> and amend following "
14737
15922
"lines:"
14738
15923
msgstr ""
14739
15924
14740
#: serverguide/C/mail.xml:556(programlisting)
15925
#: serverguide/C/mail.xml:737(programlisting)
14741
15926
#, no-wrap
14742
15927
msgid ""
14743
15928
"\n"
14747
15932
"disable_plaintext_auth = no\n"
14748
15933
msgstr ""
14749
15934
14750
#: serverguide/C/mail.xml:562(para)
15935
#: serverguide/C/mail.xml:743(para)
14751
15936
msgid ""
14752
15937
"You can get the SSL certificate from a Certificate Issuing Authority or you "
14753
15938
"can create self signed SSL certificate. The latter is a good option for "
14759
15944
"<filename>/etc/dovecot/dovecot.conf</filename> configuration file."
14760
15945
msgstr ""
14761
15946
14762
#: serverguide/C/mail.xml:577(title)
15947
#: serverguide/C/mail.xml:758(title)
14763
15948
msgid "Firewall Configuration for an Email Server"
14764
15949
msgstr ""
14765
15950
14766
#: serverguide/C/mail.xml:583(para)
15951
#: serverguide/C/mail.xml:764(para)
14767
15952
msgid "IMAP - 143"
14768
15953
msgstr ""
14769
15954
14770
#: serverguide/C/mail.xml:584(para)
15955
#: serverguide/C/mail.xml:765(para)
14771
15956
msgid "IMAPS - 993"
14772
15957
msgstr ""
14773
15958
14774
#: serverguide/C/mail.xml:585(para)
15959
#: serverguide/C/mail.xml:766(para)
14775
15960
msgid "POP3 - 110"
14776
15961
msgstr ""
14777
15962
14778
#: serverguide/C/mail.xml:586(para)
15963
#: serverguide/C/mail.xml:767(para)
14779
15964
msgid "POP3S - 995"
14780
15965
msgstr ""
14781
15966
14782
#: serverguide/C/mail.xml:578(para)
15967
#: serverguide/C/mail.xml:759(para)
14783
15968
msgid ""
14784
15969
"To access your mail server from another computer, you must configure your "
14785
15970
"firewall to allow connections to the server on the necessary ports. "
14786
15971
"<placeholder-1/>"
14787
15972
msgstr ""
14788
15973
14789
#: serverguide/C/mail.xml:595(para)
15974
#: serverguide/C/mail.xml:776(para)
14790
15975
msgid ""
14791
15976
"See the <ulink url=\"http://www.dovecot.org/\">Dovecot website</ulink> for "
14792
15977
"more information."
14793
15978
msgstr ""
14794
15979
14795
#: serverguide/C/mail.xml:604(title) serverguide/C/mail.xml:681(title) serverguide/C/mail.xml:904(title)
15980
#: serverguide/C/mail.xml:785(title) serverguide/C/mail.xml:862(title) serverguide/C/mail.xml:1085(title)
14796
15981
msgid "Mailman"
14797
15982
msgstr ""
14798
15983
14799
#: serverguide/C/mail.xml:605(para)
15984
#: serverguide/C/mail.xml:786(para)
14800
15985
msgid ""
14801
15986
"Mailman is an open source program for managing electronic mail discussions "
14802
15987
"and e-newsletter lists. Many open source mailing lists (including all the "
14805
15990
"and maintain."
14806
15991
msgstr ""
14807
15992
14808
#: serverguide/C/mail.xml:615(para)
15993
#: serverguide/C/mail.xml:796(para)
14809
15994
msgid ""
14810
15995
"Mailman provides a web interface for the administrators and users, using an "
14811
15996
"external mail server to send and receive emails. It works perfectly with the "
14812
15997
"following mail servers:"
14813
15998
msgstr ""
14814
15999
14815
#: serverguide/C/mail.xml:626(application)
16000
#: serverguide/C/mail.xml:807(application)
14816
16001
msgid "Exim"
14817
16002
msgstr ""
14818
16003
14819
#: serverguide/C/mail.xml:629(application)
16004
#: serverguide/C/mail.xml:810(application)
14820
16005
msgid "Sendmail"
14821
16006
msgstr ""
14822
16007
14823
#: serverguide/C/mail.xml:632(application)
16008
#: serverguide/C/mail.xml:813(application)
14824
16009
msgid "Qmail"
14825
16010
msgstr ""
14826
16011
14827
#: serverguide/C/mail.xml:637(para)
16012
#: serverguide/C/mail.xml:818(para)
14828
16013
msgid ""
14829
16014
"We will see how to install and configure Mailman with, the Apache web "
14830
16015
"server, and either the Postfix or Exim mail server. If you wish to install "
14831
16016
"Mailman with a different mail server, please refer to the references section."
14832
16017
msgstr ""
14833
16018
14834
#: serverguide/C/mail.xml:644(para)
16019
#: serverguide/C/mail.xml:825(para)
14835
16020
msgid ""
14836
16021
"You only need to install one mail server and "
14837
16022
"<application>Postfix</application> is the default Ubuntu Mail Transfer Agent."
14838
16023
msgstr ""
14839
16024
14840
#: serverguide/C/mail.xml:649(title) serverguide/C/mail.xml:708(title)
16025
#: serverguide/C/mail.xml:830(title) serverguide/C/mail.xml:889(title)
14841
16026
msgid "Apache2"
14842
16027
msgstr ""
14843
16028
14844
#: serverguide/C/mail.xml:650(para)
16029
#: serverguide/C/mail.xml:831(para)
14845
16030
msgid ""
14846
16031
"To install apache2 you refer to <ulink url=\"./web-servers.xml#http-"
14847
16032
"installation\">HTTPD Installation</ulink> section for details."
14848
16033
msgstr ""
14849
16034
14850
#: serverguide/C/mail.xml:658(para)
16035
#: serverguide/C/mail.xml:839(para)
14851
16036
msgid ""
14852
16037
"For instructions on installing and configuring Postfix refer to <xref "
14853
16038
"linkend=\"postfix\"/>"
14854
16039
msgstr ""
14855
16040
14856
#: serverguide/C/mail.xml:664(para)
16041
#: serverguide/C/mail.xml:845(para)
14857
16042
msgid "To install Exim4 refer to <xref linkend=\"exim4\"/>."
14858
16043
msgstr ""
14859
16044
14860
#: serverguide/C/mail.xml:675(application)
16045
#: serverguide/C/mail.xml:856(application)
14861
16046
msgid "dc_use_split_config='true'"
14862
16047
msgstr ""
14863
16048
14864
#: serverguide/C/mail.xml:667(para)
16049
#: serverguide/C/mail.xml:848(para)
14865
16050
msgid ""
14866
16051
"Once exim4 is installed, the configuration files are stored in the "
14867
16052
"<filename>/etc/exim4</filename> directory. In Ubuntu, by default, the exim4 "
14870
16055
"<filename>/etc/exim4/update-exim4.conf</filename> file: <placeholder-1/>"
14871
16056
msgstr ""
14872
16057
14873
#: serverguide/C/mail.xml:682(para)
16058
#: serverguide/C/mail.xml:863(para)
14874
16059
msgid ""
14875
16060
"To install <application>Mailman</application>, run following command at a "
14876
16061
"terminal prompt:"
14877
16062
msgstr ""
14878
16063
14879
#: serverguide/C/mail.xml:686(command)
16064
#: serverguide/C/mail.xml:867(command)
14880
16065
msgid "sudo apt-get install mailman"
14881
16066
msgstr ""
14882
16067
14883
#: serverguide/C/mail.xml:688(para)
16068
#: serverguide/C/mail.xml:869(para)
14884
16069
msgid ""
14885
16070
"It copies the installation files in "
14886
16071
"<application>/var/lib/mailman</application> directory. It installs the CGI "
14890
16075
"this user."
14891
16076
msgstr ""
14892
16077
14893
#: serverguide/C/mail.xml:700(para)
16078
#: serverguide/C/mail.xml:881(para)
14894
16079
msgid ""
14895
16080
"This section assumes you have successfully installed "
14896
16081
"<application>mailman</application>, <application>apache2</application>, and "
14898
16083
"you just need to configure them."
14899
16084
msgstr ""
14900
16085
14901
#: serverguide/C/mail.xml:709(para)
16086
#: serverguide/C/mail.xml:890(para)
14902
16087
msgid ""
14903
16088
"An example Apache configuration file comes with "
14904
16089
"<application>Mailman</application> and is placed in "
14907
16092
"available</filename>:"
14908
16093
msgstr ""
14909
16094
14910
#: serverguide/C/mail.xml:715(command)
16095
#: serverguide/C/mail.xml:896(command)
14911
16096
msgid ""
14912
16097
"sudo cp /etc/mailman/apache.conf /etc/apache2/sites-available/mailman.conf"
14913
16098
msgstr ""
14914
16099
14915
#: serverguide/C/mail.xml:717(para)
16100
#: serverguide/C/mail.xml:898(para)
14916
16101
msgid ""
14917
16102
"This will setup a new Apache <emphasis>VirtualHost</emphasis> for the "
14918
16103
"Mailman administration site. Now enable the new configuration and restart "
14919
16104
"Apache:"
14920
16105
msgstr ""
14921
16106
14922
#: serverguide/C/mail.xml:722(command)
16107
#: serverguide/C/mail.xml:903(command)
14923
16108
msgid "sudo a2ensite mailman.conf"
14924
16109
msgstr ""
14925
16110
14926
#: serverguide/C/mail.xml:725(para)
16111
#: serverguide/C/mail.xml:906(para)
14927
16112
msgid ""
14928
16113
"Mailman uses apache2 to render its CGI scripts. The mailman CGI scripts are "
14929
16114
"installed in the <application>/usr/lib/cgi-bin/mailman</application> "
14932
16117
"available/mailman.conf</filename> file if you wish to change this behavior."
14933
16118
msgstr ""
14934
16119
14935
#: serverguide/C/mail.xml:736(para)
16120
#: serverguide/C/mail.xml:917(para)
14936
16121
msgid ""
14937
16122
"For <application>Postfix</application> integration, we will associate the "
14938
16123
"domain lists.example.com with the mailing lists. Please replace "
14939
16124
"<emphasis>lists.example.com</emphasis> with the domain of your choosing."
14940
16125
msgstr ""
14941
16126
14942
#: serverguide/C/mail.xml:740(para)
16127
#: serverguide/C/mail.xml:921(para)
14943
16128
msgid ""
14944
16129
"You can use the postconf command to add the necessary configuration to "
14945
16130
"<filename>/etc/postfix/main.cf</filename>:"
14946
16131
msgstr ""
14947
16132
14948
#: serverguide/C/mail.xml:744(command)
16133
#: serverguide/C/mail.xml:925(command)
14949
16134
msgid "sudo postconf -e 'relay_domains = lists.example.com'"
14950
16135
msgstr ""
14951
16136
14952
#: serverguide/C/mail.xml:745(command)
16137
#: serverguide/C/mail.xml:926(command)
14953
16138
msgid "sudo postconf -e 'transport_maps = hash:/etc/postfix/transport'"
14954
16139
msgstr ""
14955
16140
14956
#: serverguide/C/mail.xml:746(command)
16141
#: serverguide/C/mail.xml:927(command)
14957
16142
msgid "sudo postconf -e 'mailman_destination_recipient_limit = 1'"
14958
16143
msgstr ""
14959
16144
14960
#: serverguide/C/mail.xml:748(para)
16145
#: serverguide/C/mail.xml:929(para)
14961
16146
msgid ""
14962
16147
"In <filename>/etc/postfix/master.cf</filename> double check that you have "
14963
16148
"the following transport:"
14964
16149
msgstr ""
14965
16150
14966
#: serverguide/C/mail.xml:751(programlisting)
16151
#: serverguide/C/mail.xml:932(programlisting)
14967
16152
#, no-wrap
14968
16153
msgid ""
14969
16154
"\n"
14972
16157
" ${nexthop} ${user}\n"
14973
16158
msgstr ""
14974
16159
14975
#: serverguide/C/mail.xml:756(para)
16160
#: serverguide/C/mail.xml:937(para)
14976
16161
msgid ""
14977
16162
"It calls the <emphasis>postfix-to-mailman.py</emphasis> script when a mail "
14978
16163
"is delivered to a list."
14979
16164
msgstr ""
14980
16165
14981
#: serverguide/C/mail.xml:759(para)
16166
#: serverguide/C/mail.xml:940(para)
14982
16167
msgid ""
14983
16168
"Associate the domain lists.example.com to the Mailman transport with the "
14984
16169
"transport map. Edit the file <filename>/etc/postfix/transport</filename>:"
14985
16170
msgstr ""
14986
16171
14987
#: serverguide/C/mail.xml:762(programlisting)
16172
#: serverguide/C/mail.xml:943(programlisting)
14988
16173
#, no-wrap
14989
16174
msgid ""
14990
16175
"\n"
14991
16176
"lists.example.com mailman:\n"
14992
16177
msgstr ""
14993
16178
14994
#: serverguide/C/mail.xml:765(para)
16179
#: serverguide/C/mail.xml:946(para)
14995
16180
msgid ""
14996
16181
"Now have <application>Postfix</application> build the transport map by "
14997
16182
"entering the following from a terminal prompt:"
14998
16183
msgstr ""
14999
16184
15000
#: serverguide/C/mail.xml:769(command)
16185
#: serverguide/C/mail.xml:950(command)
15001
16186
msgid "sudo postmap -v /etc/postfix/transport"
15002
16187
msgstr ""
15003
16188
15004
#: serverguide/C/mail.xml:771(para)
16189
#: serverguide/C/mail.xml:952(para)
15005
16190
msgid "Then restart Postfix to enable the new configurations:"
15006
16191
msgstr ""
15007
16192
15008
#: serverguide/C/mail.xml:780(para)
16193
#: serverguide/C/mail.xml:961(para)
15009
16194
msgid ""
15010
16195
"Once Exim4 is installed, you can start the Exim server using the following "
15011
16196
"command from a terminal prompt:"
15012
16197
msgstr ""
15013
16198
15014
#: serverguide/C/mail.xml:796(para) serverguide/C/mail.xml:811(title)
16199
#: serverguide/C/mail.xml:977(para) serverguide/C/mail.xml:992(title)
15015
16200
msgid "Main"
15016
16201
msgstr ""
15017
16202
15018
#: serverguide/C/mail.xml:799(para) serverguide/C/mail.xml:851(title)
16203
#: serverguide/C/mail.xml:980(para) serverguide/C/mail.xml:1032(title)
15019
16204
msgid "Transport"
15020
16205
msgstr ""
15021
16206
15022
#: serverguide/C/mail.xml:802(para) serverguide/C/mail.xml:874(title)
16207
#: serverguide/C/mail.xml:983(para) serverguide/C/mail.xml:1055(title)
15023
16208
msgid "Router"
15024
16209
msgstr ""
15025
16210
15026
#: serverguide/C/mail.xml:787(para)
16211
#: serverguide/C/mail.xml:968(para)
15027
16212
msgid ""
15028
16213
"In order to make mailman work with Exim4, you need to configure Exim4. As "
15029
16214
"mentioned earlier, by default, Exim4 uses multiple configuration files of "
15035
16220
"is very important."
15036
16221
msgstr ""
15037
16222
15038
#: serverguide/C/mail.xml:818(programlisting)
16223
#: serverguide/C/mail.xml:999(programlisting)
15039
16224
#, no-wrap
15040
16225
msgid ""
15041
16226
"\n"
15069
16254
"# end\n"
15070
16255
msgstr ""
15071
16256
15072
#: serverguide/C/mail.xml:812(para)
16257
#: serverguide/C/mail.xml:993(para)
15073
16258
msgid ""
15074
16259
"All the configuration files belonging to the main type are stored in the "
15075
16260
"<filename>/etc/exim4/conf.d/main/</filename> directory. You can add the "
15077
16262
"config_mailman</filename>: <placeholder-1/>"
15078
16263
msgstr ""
15079
16264
15080
#: serverguide/C/mail.xml:858(programlisting)
16265
#: serverguide/C/mail.xml:1039(programlisting)
15081
16266
#, no-wrap
15082
16267
msgid ""
15083
16268
"\n"
15095
16280
" group = MM_GID\n"
15096
16281
msgstr ""
15097
16282
15098
#: serverguide/C/mail.xml:852(para)
16283
#: serverguide/C/mail.xml:1033(para)
15099
16284
msgid ""
15100
16285
"All the configuration files belonging to transport type are stored in the "
15101
16286
"<filename>/etc/exim4/conf.d/transport/</filename> directory. You can add the "
15103
16288
"config_mailman</filename>: <placeholder-1/>"
15104
16289
msgstr ""
15105
16290
15106
#: serverguide/C/mail.xml:879(programlisting)
16291
#: serverguide/C/mail.xml:1060(programlisting)
15107
16292
#, no-wrap
15108
16293
msgid ""
15109
16294
"\n"
15117
16302
" transport = mailman_transport\n"
15118
16303
msgstr ""
15119
16304
15120
#: serverguide/C/mail.xml:875(para)
16305
#: serverguide/C/mail.xml:1056(para)
15121
16306
msgid ""
15122
16307
"All the configuration files belonging to router type are stored in the "
15123
16308
"<filename>/etc/exim4/conf.d/router/</filename> directory. You can add the "
15125
16310
"config_mailman</filename>: <placeholder-1/>"
15126
16311
msgstr ""
15127
16312
15128
#: serverguide/C/mail.xml:892(para)
16313
#: serverguide/C/mail.xml:1073(para)
15129
16314
msgid ""
15130
16315
"The order of main and transport configuration files can be in any order. "
15131
16316
"But, the order of router configuration files must be the same. This "
15135
16320
"details, please refer to the references section."
15136
16321
msgstr ""
15137
16322
15138
#: serverguide/C/mail.xml:905(para)
16323
#: serverguide/C/mail.xml:1086(para)
15139
16324
msgid ""
15140
16325
"Once mailman is installed, you can run it using the following command:"
15141
16326
msgstr ""
15142
16327
15143
#: serverguide/C/mail.xml:909(command)
16328
#: serverguide/C/mail.xml:1090(command)
15144
16329
msgid "sudo /etc/init.d/mailman start"
15145
16330
msgstr ""
15146
16331
15147
#: serverguide/C/mail.xml:911(para)
16332
#: serverguide/C/mail.xml:1092(para)
15148
16333
msgid ""
15149
16334
"Once mailman is installed, you should create the default mailing list. Run "
15150
16335
"the following command to create the mailing list:"
15151
16336
msgstr ""
15152
16337
15153
#: serverguide/C/mail.xml:917(command)
16338
#: serverguide/C/mail.xml:1098(command)
15154
16339
msgid "sudo /usr/sbin/newlist mailman"
15155
16340
msgstr ""
15156
16341
15157
#: serverguide/C/mail.xml:920(programlisting)
16342
#: serverguide/C/mail.xml:1101(programlisting)
15158
16343
#, no-wrap
15159
16344
msgid ""
15160
16345
"\n"
15185
16370
" # \n"
15186
16371
msgstr ""
15187
16372
15188
#: serverguide/C/mail.xml:943(para)
16373
#: serverguide/C/mail.xml:1124(para)
15189
16374
msgid ""
15190
16375
"We have configured either Postfix or Exim4 to recognize all emails from "
15191
16376
"mailman. So, it is not mandatory to make any new entries in "
15194
16379
"continuing to next section."
15195
16380
msgstr ""
15196
16381
15197
#: serverguide/C/mail.xml:953(title)
16382
#: serverguide/C/mail.xml:1132(para)
16383
msgid ""
16384
"The Exim4 does not use the above aliases to forward mails to Mailman, as it "
16385
"uses a <emphasis>discover</emphasis> approach. To suppress the aliases while "
16386
"creating the list, you can add <emphasis>MTA=None</emphasis> line in Mailman "
16387
"configuration file, <filename>/etc/mailman/mm_cfg.py</filename>."
16388
msgstr ""
16389
16390
#: serverguide/C/mail.xml:1143(title)
15198
16391
msgid "Administration"
15199
16392
msgstr ""
15200
16393
15201
#: serverguide/C/mail.xml:954(para)
16394
#: serverguide/C/mail.xml:1144(para)
15202
16395
msgid ""
15203
16396
"We assume you have a default installation. The mailman cgi scripts are still "
15204
16397
"in the <application>/usr/lib/cgi-bin/mailman/</application> directory. "
15206
16399
"point your browser to the following url:"
15207
16400
msgstr ""
15208
16401
15209
#: serverguide/C/mail.xml:962(para)
16402
#: serverguide/C/mail.xml:1152(para)
15210
16403
msgid "http://hostname/cgi-bin/mailman/admin"
15211
16404
msgstr ""
15212
16405
15213
#: serverguide/C/mail.xml:966(para)
16406
#: serverguide/C/mail.xml:1156(para)
15214
16407
msgid ""
15215
16408
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
15216
16409
"screen. If you click the mailing list name, it will ask for your "
15221
16414
"mailing list using the web interface."
15222
16415
msgstr ""
15223
16416
15224
#: serverguide/C/mail.xml:979(title)
16417
#: serverguide/C/mail.xml:1169(title)
15225
16418
msgid "Users"
15226
16419
msgstr ""
15227
16420
15228
#: serverguide/C/mail.xml:980(para)
16421
#: serverguide/C/mail.xml:1170(para)
15229
16422
msgid ""
15230
16423
"Mailman provides a web based interface for users. To access this page, point "
15231
16424
"your browser to the following url:"
15232
16425
msgstr ""
15233
16426
15234
#: serverguide/C/mail.xml:985(para)
16427
#: serverguide/C/mail.xml:1175(para)
15235
16428
msgid "http://hostname/cgi-bin/mailman/listinfo"
15236
16429
msgstr ""
15237
16430
15238
#: serverguide/C/mail.xml:989(para)
16431
#: serverguide/C/mail.xml:1179(para)
15239
16432
msgid ""
15240
16433
"The default mailing list, <emphasis>mailman</emphasis>, will appear in this "
15241
16434
"screen. If you click the mailing list name, it will display the subscription "
15244
16437
"instructions in the email to subscribe."
15245
16438
msgstr ""
15246
16439
15247
#: serverguide/C/mail.xml:1001(ulink)
16440
#: serverguide/C/mail.xml:1191(ulink)
15248
16441
msgid "GNU Mailman - Installation Manual"
15249
16442
msgstr ""
15250
16443
15251
#: serverguide/C/mail.xml:1005(ulink)
16444
#: serverguide/C/mail.xml:1195(ulink)
15252
16445
msgid "HOWTO - Using Exim 4 and Mailman 2.1 together"
15253
16446
msgstr ""
15254
16447
15255
#: serverguide/C/mail.xml:1011(title)
16448
#: serverguide/C/mail.xml:1201(title)
15256
16449
msgid "Mail Filtering"
15257
16450
msgstr ""
15258
16451
15259
#: serverguide/C/mail.xml:1012(para)
16452
#: serverguide/C/mail.xml:1202(para)
15260
16453
msgid ""
15261
16454
"One of the largest issues with email today is the problem of Unsolicited "
15262
16455
"Bulk Email (UBE). Also known as SPAM, such messages may also carry viruses "
15264
16457
"the bulk of all email traffic on the Internet."
15265
16458
msgstr ""
15266
16459
15267
#: serverguide/C/mail.xml:1017(para)
16460
#: serverguide/C/mail.xml:1207(para)
15268
16461
msgid ""
15269
16462
"This section will cover integrating <application>Amavisd-new</application>, "
15270
16463
"<application>Spamassassin</application>, and "
15277
16470
"filter</application> and <application>python-policyd-spf</application>."
15278
16471
msgstr ""
15279
16472
15280
#: serverguide/C/mail.xml:1027(para)
16473
#: serverguide/C/mail.xml:1217(para)
15281
16474
msgid ""
15282
16475
"<application>Amavisd-new</application> is a wrapper program that can call "
15283
16476
"any number of content filtering programs for spam detection, antivirus, etc."
15284
16477
msgstr ""
15285
16478
15286
#: serverguide/C/mail.xml:1033(para)
16479
#: serverguide/C/mail.xml:1223(para)
15287
16480
msgid ""
15288
16481
"<application>Spamassassin</application> uses a variety of mechanisms to "
15289
16482
"filter email based on the message content."
15290
16483
msgstr ""
15291
16484
15292
#: serverguide/C/mail.xml:1038(para)
16485
#: serverguide/C/mail.xml:1228(para)
15293
16486
msgid ""
15294
16487
"<application>ClamAV</application> is an open source antivirus application."
15295
16488
msgstr ""
15296
16489
15297
#: serverguide/C/mail.xml:1043(para)
16490
#: serverguide/C/mail.xml:1233(para)
15298
16491
msgid ""
15299
16492
"<application>dkim-filter</application> implements a Sendmail Mail Filter "
15300
16493
"(Milter) for the DomainKeys Identified Mail (DKIM) standard."
15301
16494
msgstr ""
15302
16495
15303
#: serverguide/C/mail.xml:1049(para)
16496
#: serverguide/C/mail.xml:1239(para)
15304
16497
msgid ""
15305
16498
"<application>python-policyd-spf</application> enables Sender Policy "
15306
16499
"Framework (SPF) checking with <application>Postfix</application>."
15307
16500
msgstr ""
15308
16501
15309
#: serverguide/C/mail.xml:1054(para)
16502
#: serverguide/C/mail.xml:1244(para)
15310
16503
msgid "This is how the pieces fit together:"
15311
16504
msgstr ""
15312
16505
15313
#: serverguide/C/mail.xml:1059(para)
16506
#: serverguide/C/mail.xml:1249(para)
15314
16507
msgid "An email message is accepted by <application>Postfix</application>."
15315
16508
msgstr ""
15316
16509
15317
#: serverguide/C/mail.xml:1064(para)
16510
#: serverguide/C/mail.xml:1254(para)
15318
16511
msgid ""
15319
16512
"The message is passed through any external filters <application>dkim-"
15320
16513
"filter</application> and <application>python-policyd-spf</application> in "
15321
16514
"this case."
15322
16515
msgstr ""
15323
16516
15324
#: serverguide/C/mail.xml:1070(para)
16517
#: serverguide/C/mail.xml:1260(para)
15325
16518
msgid "<application>Amavisd-new</application> then processes the message."
15326
16519
msgstr ""
15327
16520
15328
#: serverguide/C/mail.xml:1075(para)
16521
#: serverguide/C/mail.xml:1265(para)
15329
16522
msgid ""
15330
16523
"<application>ClamAV</application> is used to scan the message. If the "
15331
16524
"message contains a virus <application>Postfix</application> will reject the "
15332
16525
"message."
15333
16526
msgstr ""
15334
16527
15335
#: serverguide/C/mail.xml:1081(para)
16528
#: serverguide/C/mail.xml:1271(para)
15336
16529
msgid ""
15337
16530
"Clean messages will then be analyzed by "
15338
16531
"<application>Spamassassin</application> to find out if the message is spam. "
15341
16534
"message."
15342
16535
msgstr ""
15343
16536
15344
#: serverguide/C/mail.xml:1088(para)
16537
#: serverguide/C/mail.xml:1278(para)
15345
16538
msgid ""
15346
16539
"For example, if a message has a Spam score of over fifty the message could "
15347
16540
"be automatically dropped from the queue without the recipient ever having to "
15350
16543
"see fit."
15351
16544
msgstr ""
15352
16545
15353
#: serverguide/C/mail.xml:1095(para)
16546
#: serverguide/C/mail.xml:1285(para)
15354
16547
msgid ""
15355
16548
"See <xref linkend=\"postfix\"/> for instructions on installing and "
15356
16549
"configuring Postfix."
15357
16550
msgstr ""
15358
16551
15359
#: serverguide/C/mail.xml:1098(para)
16552
#: serverguide/C/mail.xml:1288(para)
15360
16553
msgid ""
15361
16554
"To install the rest of the applications enter the following from a terminal "
15362
16555
"prompt:"
15363
16556
msgstr ""
15364
16557
15365
#: serverguide/C/mail.xml:1102(command)
16558
#: serverguide/C/mail.xml:1292(command)
15366
16559
msgid "sudo apt-get install amavisd-new spamassassin clamav-daemon"
15367
16560
msgstr ""
15368
16561
15369
#: serverguide/C/mail.xml:1103(command)
16562
#: serverguide/C/mail.xml:1293(command)
15370
16563
msgid "sudo apt-get install dkim-filter python-policyd-spf"
15371
16564
msgstr ""
15372
16565
15373
#: serverguide/C/mail.xml:1105(para)
16566
#: serverguide/C/mail.xml:1295(para)
15374
16567
msgid ""
15375
16568
"There are some optional packages that integrate with "
15376
16569
"<application>Spamassassin</application> for better spam detection:"
15377
16570
msgstr ""
15378
16571
15379
#: serverguide/C/mail.xml:1109(command)
16572
#: serverguide/C/mail.xml:1299(command)
15380
16573
msgid "sudo apt-get install pyzor razor"
15381
16574
msgstr ""
15382
16575
15383
#: serverguide/C/mail.xml:1111(para)
16576
#: serverguide/C/mail.xml:1301(para)
15384
16577
msgid ""
15385
16578
"Along with the main filtering applications compression utilities are needed "
15386
16579
"to process some email attachments:"
15387
16580
msgstr ""
15388
16581
15389
#: serverguide/C/mail.xml:1115(command)
16582
#: serverguide/C/mail.xml:1305(command)
15390
16583
msgid ""
15391
"sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip "
15392
"zoo"
16584
"sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip"
15393
16585
msgstr ""
15394
16586
15395
#: serverguide/C/mail.xml:1120(para)
16587
#: serverguide/C/mail.xml:1310(para)
15396
16588
msgid "Now configure everything to work together and filter email."
15397
16589
msgstr ""
15398
16590
15399
#: serverguide/C/mail.xml:1124(title)
16591
#: serverguide/C/mail.xml:1314(title)
15400
16592
msgid "ClamAV"
15401
16593
msgstr ""
15402
16594
15403
#: serverguide/C/mail.xml:1125(para)
16595
#: serverguide/C/mail.xml:1315(para)
15404
16596
msgid ""
15405
16597
"The default behaviour of <application>ClamAV</application> will fit our "
15406
16598
"needs. For more ClamAV configuration options, check the configuration files "
15407
16599
"in <filename>/etc/clamav</filename>."
15408
16600
msgstr ""
15409
16601
15410
#: serverguide/C/mail.xml:1130(para)
16602
#: serverguide/C/mail.xml:1320(para)
15411
16603
msgid ""
15412
16604
"Add the <emphasis>clamav</emphasis> user to the <emphasis>amavis</emphasis> "
15413
16605
"group in order for <application>Amavisd-new</application> to have the "
15414
16606
"appropriate access to scan files:"
15415
16607
msgstr ""
15416
16608
15417
#: serverguide/C/mail.xml:1135(command)
16609
#: serverguide/C/mail.xml:1325(command)
15418
16610
msgid "sudo adduser clamav amavis"
15419
16611
msgstr ""
15420
16612
15421
#: serverguide/C/mail.xml:1139(title)
16613
#: serverguide/C/mail.xml:1329(title)
15422
16614
msgid "Spamassassin"
15423
16615
msgstr ""
15424
16616
15425
#: serverguide/C/mail.xml:1140(para)
16617
#: serverguide/C/mail.xml:1330(para)
15426
16618
msgid ""
15427
16619
"Spamassassin automatically detects optional components and will use them if "
15428
16620
"they are present. This means that there is no need to configure "
15429
16621
"<application>pyzor</application> and <application>razor</application>."
15430
16622
msgstr ""
15431
16623
15432
#: serverguide/C/mail.xml:1144(para)
16624
#: serverguide/C/mail.xml:1334(para)
15433
16625
msgid ""
15434
16626
"Edit <filename>/etc/default/spamassassin</filename> to activate the "
15435
16627
"<application>Spamassassin</application> daemon. Change "
15436
16628
"<emphasis>ENABLED=0</emphasis> to:"
15437
16629
msgstr ""
15438
16630
15439
#: serverguide/C/mail.xml:1148(programlisting)
16631
#: serverguide/C/mail.xml:1338(programlisting)
15440
16632
#, no-wrap
15441
16633
msgid ""
15442
16634
"\n"
15443
16635
"ENABLED=1\n"
15444
16636
msgstr ""
15445
16637
15446
#: serverguide/C/mail.xml:1151(para)
16638
#: serverguide/C/mail.xml:1341(para)
15447
16639
msgid "Now start the daemon:"
15448
16640
msgstr ""
15449
16641
15450
#: serverguide/C/mail.xml:1155(command)
16642
#: serverguide/C/mail.xml:1345(command)
15451
16643
msgid "sudo /etc/init.d/spamassassin start"
15452
16644
msgstr ""
15453
16645
15454
#: serverguide/C/mail.xml:1159(title)
16646
#: serverguide/C/mail.xml:1349(title)
15455
16647
msgid "Amavisd-new"
15456
16648
msgstr ""
15457
16649
15458
#: serverguide/C/mail.xml:1160(para)
16650
#: serverguide/C/mail.xml:1350(para)
15459
16651
msgid ""
15460
16652
"First activate spam and antivirus detection in <application>Amavisd-"
15461
16653
"new</application> by editing <filename>/etc/amavis/conf.d/15-"
15462
16654
"content_filter_mode</filename>:"
15463
16655
msgstr ""
15464
16656
15465
#: serverguide/C/mail.xml:1164(programlisting)
16657
#: serverguide/C/mail.xml:1354(programlisting)
15466
16658
#, no-wrap
15467
16659
msgid ""
15468
16660
"\n"
15493
16685
"1; # insure a defined return\n"
15494
16686
msgstr ""
15495
16687
15496
#: serverguide/C/mail.xml:1189(para)
16688
#: serverguide/C/mail.xml:1379(para)
15497
16689
msgid ""
15498
16690
"Bouncing spam can be a bad idea as the return address is often faked. "
15499
16691
"Consider editing <filename>/etc/amavis/conf.d/20-debian_defaults</filename> "
15501
16693
"D_BOUNCE, as follows:"
15502
16694
msgstr ""
15503
16695
15504
#: serverguide/C/mail.xml:1194(programlisting)
16696
#: serverguide/C/mail.xml:1385(programlisting)
15505
16697
#, no-wrap
15506
16698
msgid ""
15507
16699
"\n"
15508
16700
"$final_spam_destiny = D_DISCARD;\n"
15509
16701
msgstr ""
15510
16702
15511
#: serverguide/C/mail.xml:1198(para)
16703
#: serverguide/C/mail.xml:1389(para)
16704
msgid ""
16705
"Additionally, you may want to adjust the following options to flag more "
16706
"messages as spam:"
16707
msgstr ""
16708
16709
#: serverguide/C/mail.xml:1393(programlisting)
16710
#, no-wrap
16711
msgid ""
16712
"\n"
16713
"$sa_tag_level_deflt = -999; # add spam info headers if at, or above that "
16714
"level\n"
16715
"$sa_tag2_level_deflt = 6.0; # add 'spam detected' headers at that level\n"
16716
"$sa_kill_level_deflt = 21.0; # triggers spam evasive actions\n"
16717
"$sa_dsn_cutoff_level = 4; # spam level beyond which a DSN is not sent\n"
16718
msgstr ""
16719
16720
#: serverguide/C/mail.xml:1400(para)
15512
16721
msgid ""
15513
16722
"If the server's <emphasis>hostname</emphasis> is different from the domain's "
15514
16723
"MX record you may need to manually set the <emphasis>$myhostname</emphasis> "
15517
16726
"Edit the <filename>/etc/amavis/conf.d/50-user</filename> file:"
15518
16727
msgstr ""
15519
16728
15520
#: serverguide/C/mail.xml:1205(programlisting)
16729
#: serverguide/C/mail.xml:1407(programlisting)
15521
16730
#, no-wrap
15522
16731
msgid ""
15523
16732
"\n"
15525
16734
"@local_domains_acl = ( \"example.com\", \"example.org\" );\n"
15526
16735
msgstr ""
15527
16736
15528
#: serverguide/C/mail.xml:1210(para)
16737
#: serverguide/C/mail.xml:1412(para)
15529
16738
msgid ""
15530
16739
"After configuration <application>Amavisd-new</application> needs to be "
15531
16740
"restarted:"
15532
16741
msgstr ""
15533
16742
15534
#: serverguide/C/mail.xml:1214(command) serverguide/C/mail.xml:1260(command)
16743
#: serverguide/C/mail.xml:1416(command) serverguide/C/mail.xml:1462(command)
15535
16744
msgid "sudo /etc/init.d/amavis restart"
15536
16745
msgstr ""
15537
16746
15538
#: serverguide/C/mail.xml:1217(title)
16747
#: serverguide/C/mail.xml:1419(title)
15539
16748
msgid "DKIM Whitelist"
15540
16749
msgstr ""
15541
16750
15542
#: serverguide/C/mail.xml:1219(para)
16751
#: serverguide/C/mail.xml:1421(para)
15543
16752
msgid ""
15544
16753
"<application>Amavisd-new</application> can be configured to automatically "
15545
16754
"<emphasis>Whitelist</emphasis> addresses from domains with valid Domain "
15547
16756
"<filename>/etc/amavis/conf.d/40-policy_banks</filename>."
15548
16757
msgstr ""
15549
16758
15550
#: serverguide/C/mail.xml:1225(para)
16759
#: serverguide/C/mail.xml:1427(para)
15551
16760
msgid "There are multiple ways to configure the Whitelist for a domain:"
15552
16761
msgstr ""
15553
16762
15554
#: serverguide/C/mail.xml:1231(para)
16763
#: serverguide/C/mail.xml:1433(para)
15555
16764
msgid ""
15556
16765
"<emphasis>'example.com' => 'WHITELIST',</emphasis>: will whitelist any "
15557
16766
"address from the \"example.com\" domain."
15558
16767
msgstr ""
15559
16768
15560
#: serverguide/C/mail.xml:1236(para)
16769
#: serverguide/C/mail.xml:1438(para)
15561
16770
msgid ""
15562
16771
"<emphasis>'.example.com' => 'WHITELIST',</emphasis>: will whitelist any "
15563
16772
"address from any <emphasis>subdomains</emphasis> of \"example.com\" that "
15564
16773
"have a valid signature."
15565
16774
msgstr ""
15566
16775
15567
#: serverguide/C/mail.xml:1242(para)
16776
#: serverguide/C/mail.xml:1444(para)
15568
16777
msgid ""
15569
16778
"<emphasis>'.example.com/@example.com' => 'WHITELIST',</emphasis>: will "
15570
16779
"whitelist subdomains of \"example.com\" that use the signature of <emphasis "
15571
16780
"role=\"italic\">example.com</emphasis> the parent domain."
15572
16781
msgstr ""
15573
16782
15574
#: serverguide/C/mail.xml:1248(para)
16783
#: serverguide/C/mail.xml:1450(para)
15575
16784
msgid ""
15576
16785
"<emphasis>'./@example.com' => 'WHITELIST',</emphasis>: adds addresses "
15577
16786
"that have a valid signature from \"example.com\". This is usually used for "
15578
16787
"discussion groups that sign thier messages."
15579
16788
msgstr ""
15580
16789
15581
#: serverguide/C/mail.xml:1255(para)
16790
#: serverguide/C/mail.xml:1457(para)
15582
16791
msgid ""
15583
16792
"A domain can also have multiple Whitelist configurations. After, editing the "
15584
16793
"file restart <application>amaisd-new</application>:"
15585
16794
msgstr ""
15586
16795
15587
#: serverguide/C/mail.xml:1264(para)
16796
#: serverguide/C/mail.xml:1466(para)
15588
16797
msgid ""
15589
16798
"In this context, once a domain has been added to the Whitelist the message "
15590
16799
"will not receive any anti-virus or spam filtering. This may or may not be "
15591
16800
"the intended behavior you wish for a domain."
15592
16801
msgstr ""
15593
16802
15594
#: serverguide/C/mail.xml:1274(para)
16803
#: serverguide/C/mail.xml:1476(para)
15595
16804
msgid ""
15596
16805
"For <application>Postfix</application> integration, enter the following from "
15597
16806
"a terminal prompt:"
15598
16807
msgstr ""
15599
16808
15600
#: serverguide/C/mail.xml:1278(command)
16809
#: serverguide/C/mail.xml:1480(command)
15601
16810
msgid "sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'"
15602
16811
msgstr ""
15603
16812
15604
#: serverguide/C/mail.xml:1280(para)
16813
#: serverguide/C/mail.xml:1482(para)
15605
16814
msgid ""
15606
16815
"Next edit <filename>/etc/postfix/master.cf</filename> and add the following "
15607
16816
"to the end of the file:"
15608
16817
msgstr ""
15609
16818
15610
#: serverguide/C/mail.xml:1283(programlisting)
16819
#: serverguide/C/mail.xml:1485(programlisting)
15611
16820
#, no-wrap
15612
16821
msgid ""
15613
16822
"\n"
15639
16848
"receive_override_options=no_header_body_checks,no_unknown_recipient_checks\n"
15640
16849
msgstr ""
15641
16850
15642
#: serverguide/C/mail.xml:1310(para)
16851
#: serverguide/C/mail.xml:1512(para)
15643
16852
msgid ""
15644
16853
"Also add the following two lines immediately below the "
15645
16854
"<emphasis>\"pickup\"</emphasis> transport service:"
15646
16855
msgstr ""
15647
16856
15648
#: serverguide/C/mail.xml:1313(programlisting)
16857
#: serverguide/C/mail.xml:1515(programlisting)
15649
16858
#, no-wrap
15650
16859
msgid ""
15651
16860
"\n"
15653
16862
" -o receive_override_options=no_header_body_checks\n"
15654
16863
msgstr ""
15655
16864
15656
#: serverguide/C/mail.xml:1317(para)
16865
#: serverguide/C/mail.xml:1519(para)
15657
16866
msgid ""
15658
16867
"This will prevent messages that are generated to report on spam from being "
15659
16868
"classified as spam."
15660
16869
msgstr ""
15661
16870
15662
#: serverguide/C/mail.xml:1320(para)
16871
#: serverguide/C/mail.xml:1522(para)
15663
16872
msgid "Now restart <application>Postfix</application>:"
15664
16873
msgstr ""
15665
16874
15666
#: serverguide/C/mail.xml:1326(para)
16875
#: serverguide/C/mail.xml:1528(para)
15667
16876
msgid "Content filtering with spam and virus detection is now enabled."
15668
16877
msgstr ""
15669
16878
15670
#: serverguide/C/mail.xml:1333(para)
16879
#: serverguide/C/mail.xml:1535(para)
15671
16880
msgid ""
15672
16881
"First, test that the <application>Amavisd-new</application> SMTP is "
15673
16882
"listening:"
15674
16883
msgstr ""
15675
16884
15676
#: serverguide/C/mail.xml:1336(programlisting)
16885
#: serverguide/C/mail.xml:1538(programlisting)
15677
16886
#, no-wrap
15678
16887
msgid ""
15679
16888
"\n"
15685
16894
"^]\n"
15686
16895
msgstr ""
15687
16896
15688
#: serverguide/C/mail.xml:1344(para)
16897
#: serverguide/C/mail.xml:1546(para)
15689
16898
msgid ""
15690
16899
"In the Header of messages that go through the content filter you should see:"
15691
16900
msgstr ""
15692
16901
15693
#: serverguide/C/mail.xml:1347(programlisting)
16902
#: serverguide/C/mail.xml:1549(programlisting)
15694
16903
#, no-wrap
15695
16904
msgid ""
15696
16905
"\n"
15701
16910
"X-Spam-Level: \n"
15702
16911
msgstr ""
15703
16912
15704
#: serverguide/C/mail.xml:1354(para)
16913
#: serverguide/C/mail.xml:1556(para)
15705
16914
msgid ""
15706
16915
"Your output will vary, but the important thing is that there are <emphasis>X-"
15707
16916
"Virus-Scanned</emphasis> and <emphasis>X-Spam-Status</emphasis> entries."
15708
16917
msgstr ""
15709
16918
15710
#: serverguide/C/mail.xml:1362(para)
16919
#: serverguide/C/mail.xml:1564(para)
15711
16920
msgid ""
15712
16921
"The best way to figure out why something is going wrong is to check the log "
15713
16922
"files."
15714
16923
msgstr ""
15715
16924
15716
#: serverguide/C/mail.xml:1367(para)
16925
#: serverguide/C/mail.xml:1569(para)
15717
16926
msgid ""
15718
16927
"For instructions on <application>Postfix</application> logging see the <xref "
15719
16928
"linkend=\"postfix-troubleshooting\"/> section."
15720
16929
msgstr ""
15721
16930
15722
#: serverguide/C/mail.xml:1373(para)
16931
#: serverguide/C/mail.xml:1575(para)
15723
16932
msgid ""
15724
16933
"<application>Amavisd-new</application> uses "
15725
16934
"<application>Syslog</application> to send messages to "
15729
16938
"1 to 5."
15730
16939
msgstr ""
15731
16940
15732
#: serverguide/C/mail.xml:1378(programlisting)
16941
#: serverguide/C/mail.xml:1580(programlisting)
15733
16942
#, no-wrap
15734
16943
msgid ""
15735
16944
"\n"
15736
16945
"$log_level = 2;\n"
15737
16946
msgstr ""
15738
16947
15739
#: serverguide/C/mail.xml:1382(para)
16948
#: serverguide/C/mail.xml:1584(para)
15740
16949
msgid ""
15741
16950
"When the <application>Amavisd-new</application> log output is increased "
15742
16951
"<application>Spamassassin</application> log output is also increased."
15743
16952
msgstr ""
15744
16953
15745
#: serverguide/C/mail.xml:1389(para)
16954
#: serverguide/C/mail.xml:1591(para)
15746
16955
msgid ""
15747
16956
"The <application>ClamAV</application> log level can be increased by editing "
15748
16957
"<filename>/etc/clamav/clamd.conf</filename> and setting the following option:"
15749
16958
msgstr ""
15750
16959
15751
#: serverguide/C/mail.xml:1393(programlisting)
16960
#: serverguide/C/mail.xml:1595(programlisting)
15752
16961
#, no-wrap
15753
16962
msgid ""
15754
16963
"\n"
15755
16964
"LogVerbose true\n"
15756
16965
msgstr ""
15757
16966
15758
#: serverguide/C/mail.xml:1396(para)
16967
#: serverguide/C/mail.xml:1598(para)
15759
16968
msgid ""
15760
16969
"By default <application>ClamAV</application> will send log messages to "
15761
16970
"<filename>/var/log/clamav/clamav.log</filename>."
15762
16971
msgstr ""
15763
16972
15764
#: serverguide/C/mail.xml:1402(para)
16973
#: serverguide/C/mail.xml:1604(para)
15765
16974
msgid ""
15766
16975
"After changing an applications log settings remember to restart the service "
15767
16976
"for the new settings to take affect. Also, once the issue you are "
15769
16978
"back to normal."
15770
16979
msgstr ""
15771
16980
15772
#: serverguide/C/mail.xml:1410(para)
16981
#: serverguide/C/mail.xml:1612(para)
15773
16982
msgid "For more information on filtering mail see the following links:"
15774
16983
msgstr ""
15775
16984
15776
#: serverguide/C/mail.xml:1416(ulink)
16985
#: serverguide/C/mail.xml:1618(ulink)
15777
16986
msgid "Amavisd-new Documentation"
15778
16987
msgstr ""
15779
16988
15780
#: serverguide/C/mail.xml:1420(para)
16989
#: serverguide/C/mail.xml:1622(para)
15781
16990
msgid ""
15782
16991
"<ulink url=\"http://www.clamav.org/doc/latest/html/\">ClamAV "
15783
16992
"Documentation</ulink> and <ulink "
15784
16993
"url=\"http://wiki.clamav.net/Main/WebHome\">ClamAV Wiki</ulink>"
15785
16994
msgstr ""
15786
16995
15787
#: serverguide/C/mail.xml:1427(ulink)
16996
#: serverguide/C/mail.xml:1629(ulink)
15788
16997
msgid "Spamassassin Wiki"
15789
16998
msgstr ""
15790
16999
15791
#: serverguide/C/mail.xml:1432(ulink)
17000
#: serverguide/C/mail.xml:1634(ulink)
15792
17001
msgid "Pyzor Homepage"
15793
17002
msgstr ""
15794
17003
15795
#: serverguide/C/mail.xml:1437(ulink)
17004
#: serverguide/C/mail.xml:1639(ulink)
15796
17005
msgid "Razor Homepage"
15797
17006
msgstr ""
15798
17007
15799
#: serverguide/C/mail.xml:1442(ulink)
17008
#: serverguide/C/mail.xml:1644(ulink)
15800
17009
msgid "DKIM.org"
15801
17010
msgstr ""
15802
17011
15803
#: serverguide/C/mail.xml:1446(para)
17012
#: serverguide/C/mail.xml:1648(para)
15804
17013
msgid ""
15805
17014
"Also, feel free to ask questions in the <emphasis>#ubuntu-server</emphasis> "
15806
17015
"IRC channel on <ulink url=\"http://freenode.net\">freenode</ulink>."
16034
17243
"\n"
16035
17244
"### moin\n"
16036
17245
" ScriptAlias /mywiki \"/usr/share/moin/mywiki/moin.cgi\"\n"
16037
" alias /moin_static181 \"/usr/share/moin/htdocs\"\n"
17246
" alias /moin_static184 \"/usr/share/moin/htdocs\"\n"
16038
17247
" <Directory /usr/share/moin/htdocs>\n"
16039
17248
" Order allow,deny\n"
16040
17249
" allow from all\n"
16042
17251
"### end moin\n"
16043
17252
msgstr ""
16044
17253
16045
#: serverguide/C/lamp-applications.xml:213(para)
17254
#: serverguide/C/lamp-applications.xml:214(para)
17255
msgid ""
17256
"Adjust the <emphasis>\"moin_static184\"</emphasis> in the "
17257
"<emphasis>alias</emphasis> line above, to the "
17258
"<application>moinmoin</application> version installed."
17259
msgstr ""
17260
17261
#: serverguide/C/lamp-applications.xml:220(para)
16046
17262
msgid ""
16047
17263
"Once you configure the <application>apache2</application> web server and "
16048
17264
"make it ready for your Wiki application, you should restart it. You can run "
16050
17266
"server:"
16051
17267
msgstr ""
16052
17268
16053
#: serverguide/C/lamp-applications.xml:226(title)
17269
#: serverguide/C/lamp-applications.xml:233(title)
16054
17270
msgid "Verification"
16055
17271
msgstr ""
16056
17272
16057
#: serverguide/C/lamp-applications.xml:228(para)
17273
#: serverguide/C/lamp-applications.xml:235(para)
16058
17274
msgid ""
16059
17275
"You can verify the Wiki application and see if it works by pointing your web "
16060
17276
"browser to the following URL:"
16061
17277
msgstr ""
16062
17278
16063
#: serverguide/C/lamp-applications.xml:232(programlisting)
17279
#: serverguide/C/lamp-applications.xml:239(programlisting)
16064
17280
#, no-wrap
16065
17281
msgid ""
16066
17282
"\n"
16067
17283
"http://localhost/mywiki\n"
16068
17284
msgstr ""
16069
17285
16070
#: serverguide/C/lamp-applications.xml:236(para)
17286
#: serverguide/C/lamp-applications.xml:243(para)
16071
17287
msgid ""
16072
17288
"You can also run the test command by pointing your web browser to the "
16073
17289
"following URL:"
16074
17290
msgstr ""
16075
17291
16076
#: serverguide/C/lamp-applications.xml:241(programlisting)
17292
#: serverguide/C/lamp-applications.xml:248(programlisting)
16077
17293
#, no-wrap
16078
17294
msgid ""
16079
17295
"\n"
16080
17296
"http://localhost/mywiki?action=test\n"
16081
17297
msgstr ""
16082
17298
16083
#: serverguide/C/lamp-applications.xml:245(para)
17299
#: serverguide/C/lamp-applications.xml:252(para)
16084
17300
msgid ""
16085
17301
"For more details, please refer to the <ulink "
16086
17302
"url=\"http://moinmo.in/\">MoinMoin</ulink> web site."
16087
17303
msgstr ""
16088
17304
16089
#: serverguide/C/lamp-applications.xml:256(para)
17305
#: serverguide/C/lamp-applications.xml:263(para)
16090
17306
msgid ""
16091
17307
"For more information see the <ulink url=\"http://moinmo.in/\">moinmoin "
16092
17308
"Wiki</ulink>."
16093
17309
msgstr ""
16094
17310
16095
#: serverguide/C/lamp-applications.xml:265(title)
17311
#: serverguide/C/lamp-applications.xml:272(title)
16096
17312
msgid "MediaWiki"
16097
17313
msgstr ""
16098
17314
16099
#: serverguide/C/lamp-applications.xml:267(para)
17315
#: serverguide/C/lamp-applications.xml:274(para)
16100
17316
msgid ""
16101
17317
"MediaWiki is an web based Wiki software written in the PHP language. It can "
16102
17318
"either use <application>MySQL</application> or "
16103
17319
"<application>PostgreSQL</application> Database Management System."
16104
17320
msgstr ""
16105
17321
16106
#: serverguide/C/lamp-applications.xml:277(para)
17322
#: serverguide/C/lamp-applications.xml:284(para)
16107
17323
msgid ""
16108
17324
"Before installing <application>MediaWiki</application> you should also "
16109
17325
"install <application>Apache2</application>, the "
16114
17330
"installation instructions."
16115
17331
msgstr ""
16116
17332
16117
#: serverguide/C/lamp-applications.xml:285(para)
17333
#: serverguide/C/lamp-applications.xml:292(para)
16118
17334
msgid ""
16119
17335
"To install <application>MediaWiki</application>, run the following command "
16120
17336
"in the command prompt:"
16121
17337
msgstr ""
16122
17338
16123
#: serverguide/C/lamp-applications.xml:291(command)
17339
#: serverguide/C/lamp-applications.xml:298(command)
16124
17340
msgid "sudo apt-get install mediawiki php5-gd"
16125
17341
msgstr ""
16126
17342
16127
#: serverguide/C/lamp-applications.xml:294(para)
17343
#: serverguide/C/lamp-applications.xml:301(para)
16128
17344
msgid ""
16129
17345
"For additional <application>MediaWiki</application> functionality see the "
16130
17346
"<application>mediawiki-extensions</application> package."
16131
17347
msgstr ""
16132
17348
16133
#: serverguide/C/lamp-applications.xml:304(para)
16134
msgid "Run the following commands to configure MediaWiki:"
16135
msgstr ""
16136
16137
#: serverguide/C/lamp-applications.xml:309(command)
16138
msgid "sudo ln -s /var/lib/mediawiki /var/www/mediawiki"
16139
msgstr ""
16140
16141
#: serverguide/C/lamp-applications.xml:312(para)
16142
msgid "Point your web browser to the following URL for MediaWiki setup:"
16143
msgstr ""
16144
16145
#: serverguide/C/lamp-applications.xml:316(programlisting)
17349
#: serverguide/C/lamp-applications.xml:311(para)
17350
msgid ""
17351
"The Apache configuration file <filename>mediawiki.conf</filename> for "
17352
"MediaWiki is installed in <filename>/etc/apache2/conf.d/</filename> "
17353
"directory. You should uncomment the following line in this file to access "
17354
"MediaWiki application."
17355
msgstr ""
17356
17357
#: serverguide/C/lamp-applications.xml:319(screen)
17358
#, no-wrap
17359
msgid ""
17360
"\n"
17361
"# Alias /mediawiki /var/lib/mediawiki\n"
17362
msgstr ""
17363
17364
#: serverguide/C/lamp-applications.xml:323(para)
17365
msgid ""
17366
"After you uncomment the above line, restart Apache server and access "
17367
"MediaWiki using the following url:"
17368
msgstr ""
17369
17370
#: serverguide/C/lamp-applications.xml:328(programlisting)
16146
17371
#, no-wrap
16147
17372
msgid ""
16148
17373
"\n"
16149
17374
"http://localhost/mediawiki/config/index.php\n"
16150
17375
msgstr ""
16151
17376
16152
#: serverguide/C/lamp-applications.xml:321(para)
17377
#: serverguide/C/lamp-applications.xml:333(para)
16153
17378
msgid ""
16154
17379
"Please read the <quote>Checking environment...</quote> section in this page. "
16155
17380
"You should be able to fix many issues by carefully reading this section."
16156
17381
msgstr ""
16157
17382
16158
#: serverguide/C/lamp-applications.xml:334(para)
17383
#: serverguide/C/lamp-applications.xml:340(para)
17384
msgid ""
17385
"Once the configuration is complete, you should copy the "
17386
"<filename>/var/lib/mediawiki/LocalSettings.php</filename> file to "
17387
"<filename>/etc/mediawiki</filename> directory."
17388
msgstr ""
17389
17390
#: serverguide/C/lamp-applications.xml:348(title)
17391
msgid "Extensions"
17392
msgstr ""
17393
17394
#: serverguide/C/lamp-applications.xml:349(para)
17395
msgid ""
17396
"The extensions add new features and enhancements for the MediaWiki "
17397
"application. The extensions give wiki administrators and end users the "
17398
"ability to customize MediaWiki to their requirements."
17399
msgstr ""
17400
17401
#: serverguide/C/lamp-applications.xml:355(para)
17402
msgid ""
17403
"You can download MediaWiki extensions as an archive file or checkout from "
17404
"the Subversion repository. You should copy it to "
17405
"<filename>/var/lib/mediawiki/extensions</filename> directory. You should "
17406
"also add the following line at the end of file: "
17407
"<filename>/etc/mediawiki/LocalSettings.php</filename>."
17408
msgstr ""
17409
17410
#: serverguide/C/lamp-applications.xml:363(programlisting)
17411
#, no-wrap
17412
msgid ""
17413
"\n"
17414
"require_once \"$IP/extensions/ExtentionName/ExtentionName.php\";\n"
17415
msgstr ""
17416
17417
#: serverguide/C/lamp-applications.xml:373(para)
16159
17418
msgid ""
16160
17419
"For more details, please refer to the <ulink "
16161
17420
"url=\"http://www.mediawiki.org\">MediaWiki</ulink> web site."
16162
17421
msgstr ""
16163
17422
16164
#: serverguide/C/lamp-applications.xml:340(para)
17423
#: serverguide/C/lamp-applications.xml:379(para)
16165
17424
msgid ""
16166
17425
"The <ulink url=\"http://www.packtpub.com/Mediawiki/book\">MediaWiki "
16167
17426
"Administrators’ Tutorial Guide</ulink> contains a wealth of information for "
16168
17427
"new MediaWiki administrators."
16169
17428
msgstr ""
16170
17429
16171
#: serverguide/C/lamp-applications.xml:350(title)
17430
#: serverguide/C/lamp-applications.xml:389(title)
16172
17431
msgid "phpMyAdmin"
16173
17432
msgstr ""
16174
17433
16175
#: serverguide/C/lamp-applications.xml:352(para)
17434
#: serverguide/C/lamp-applications.xml:391(para)
16176
17435
msgid ""
16177
17436
"<application>phpMyAdmin</application> is a LAMP application specifically "
16178
17437
"written for administering <application>MySQL</application> servers. Written "
16180
17439
"phpMyAdmin provides a graphical interface for database administration tasks."
16181
17440
msgstr ""
16182
17441
16183
#: serverguide/C/lamp-applications.xml:361(para)
17442
#: serverguide/C/lamp-applications.xml:400(para)
16184
17443
msgid ""
16185
17444
"Before installing <application>phpMyAdmin</application> you will need access "
16186
17445
"to a <application>MySQL</application> database either on the same host as "
16189
17448
"enter:"
16190
17449
msgstr ""
16191
17450
16192
#: serverguide/C/lamp-applications.xml:368(command)
17451
#: serverguide/C/lamp-applications.xml:407(command)
16193
17452
msgid "sudo apt-get install phpmyadmin"
16194
17453
msgstr ""
16195
17454
16196
#: serverguide/C/lamp-applications.xml:371(para)
17455
#: serverguide/C/lamp-applications.xml:410(para)
16197
17456
msgid ""
16198
17457
"At the prompt choose which web server to be configured for "
16199
17458
"<application>phpMyAdmin</application>. The rest of this section will use "
16200
17459
"<application>Apache2</application> for the web server."
16201
17460
msgstr ""
16202
17461
16203
#: serverguide/C/lamp-applications.xml:376(para)
17462
#: serverguide/C/lamp-applications.xml:415(para)
16204
17463
msgid ""
16205
17464
"In a browser go to <emphasis>http://servername/phpmyadmin</emphasis>, "
16206
17465
"replacing <emphasis role=\"italic\">serveranme</emphasis> with the server's "
16210
17469
"password."
16211
17470
msgstr ""
16212
17471
16213
#: serverguide/C/lamp-applications.xml:383(para)
17472
#: serverguide/C/lamp-applications.xml:422(para)
16214
17473
msgid ""
16215
17474
"Once logged in you can reset the <emphasis>root</emphasis> password if "
16216
17475
"needed, create users, create/destroy databases and tables, etc."
16217
17476
msgstr ""
16218
17477
16219
#: serverguide/C/lamp-applications.xml:391(para)
17478
#: serverguide/C/lamp-applications.xml:430(para)
16220
17479
msgid ""
16221
17480
"The configuration files for <application>phpMyAdmin</application> are "
16222
17481
"located in <filename>/etc/phpmyadmin</filename>. The main configuration file "
16225
17484
"<application>phpMyAdmin</application>."
16226
17485
msgstr ""
16227
17486
16228
#: serverguide/C/lamp-applications.xml:397(para)
17487
#: serverguide/C/lamp-applications.xml:436(para)
16229
17488
msgid ""
16230
17489
"To use <application>phpMyAdmin</application> to administer a MySQL database "
16231
17490
"hosted on another server, adjust the following in "
16232
17491
"<filename>/etc/phpmyadmin/config.inc.php</filename>:"
16233
17492
msgstr ""
16234
17493
16235
#: serverguide/C/lamp-applications.xml:402(programlisting)
17494
#: serverguide/C/lamp-applications.xml:441(programlisting)
16236
17495
#, no-wrap
16237
17496
msgid ""
16238
17497
"\n"
16239
17498
"$cfg['Servers'][$i]['host'] = 'db_server';\n"
16240
17499
msgstr ""
16241
17500
16242
#: serverguide/C/lamp-applications.xml:407(para)
17501
#: serverguide/C/lamp-applications.xml:446(para)
16243
17502
msgid ""
16244
17503
"Replace <emphasis role=\"italic\">db_server</emphasis> with the actual "
16245
17504
"remote database server name or IP address. Also, be sure that the "
16247
17506
"remote database."
16248
17507
msgstr ""
16249
17508
16250
#: serverguide/C/lamp-applications.xml:413(para)
17509
#: serverguide/C/lamp-applications.xml:452(para)
16251
17510
msgid ""
16252
17511
"Once configured, log out of <application>phpMyAdmin</application> and back "
16253
17512
"in, and you should be accessing the new server."
16254
17513
msgstr ""
16255
17514
16256
#: serverguide/C/lamp-applications.xml:417(para)
17515
#: serverguide/C/lamp-applications.xml:456(para)
16257
17516
msgid ""
16258
17517
"The <filename>config.header.inc.php</filename> and "
16259
17518
"<filename>config.footer.inc.php</filename> files are used to add a HTML "
16260
17519
"header and footer to <application>phpMyAdmin</application>."
16261
17520
msgstr ""
16262
17521
16263
#: serverguide/C/lamp-applications.xml:422(para)
17522
#: serverguide/C/lamp-applications.xml:461(para)
16264
17523
msgid ""
16265
17524
"Another important configuration file is "
16266
17525
"<filename>/etc/phpmyadmin/apache.conf</filename>, this file is symlinked to "
16272
17531
"linkend=\"httpd\"/>."
16273
17532
msgstr ""
16274
17533
16275
#: serverguide/C/lamp-applications.xml:436(para)
17534
#: serverguide/C/lamp-applications.xml:475(para)
16276
17535
msgid ""
16277
17536
"The <application>phpMyAdmin</application> documentation comes installed with "
16278
17537
"the package and can be accessed from the <emphasis>phpMyAdmin "
16281
17540
"url=\"http://www.phpmyadmin.net/home_page/docs.php\">phpMyAdmin</ulink> site."
16282
17541
msgstr ""
16283
17542
16284
#: serverguide/C/lamp-applications.xml:443(para)
17543
#: serverguide/C/lamp-applications.xml:482(para)
16285
17544
msgid ""
16286
17545
"Also, <ulink url=\"http://www.packtpub.com/phpmyadmin-3rd-"
16287
17546
"edition/book\">Mastering phpMyAdmin</ulink> is a great resource."
16288
17547
msgstr ""
16289
17548
16290
#: serverguide/C/jeos.xml:28(para)
16291
msgid ""
16292
"While installing from the Server Edition ISO (pressing "
16293
"<emphasis>F4</emphasis> on the first screen will allow you to pick \"Minimal "
16294
"installation\", which is the package selection equivalent to JeOS)"
16295
msgstr ""
16296
16297
#: serverguide/C/jeos.xml:211(para)
16298
msgid ""
16299
"Because of the nature of operations performed by vmbuilder, it needs to have "
16300
"root priviledge, hence the use of sudo."
16301
msgstr ""
16302
16303
#: serverguide/C/jeos.xml:321(programlisting)
16304
#, no-wrap
16305
msgid ""
16306
"\n"
16307
" <interface type='bridge'>\n"
16308
" <source network='br0'/>\n"
16309
" </interface>\n"
16310
msgstr ""
16311
16312
#: serverguide/C/jeos.xml:499(para)
16313
msgid ""
16314
"Another convenient tool that we want to have on our appliance is OpenSSH, as "
16315
"it will provide our admins to access to access the appliance remotely. "
16316
"However, pushing in the wild an appliance with a pre-installed OpenSSH "
16317
"server is a big security risk as all these server will share the same secret "
16318
"key, making it very easy for hackers to target our appliance with all the "
16319
"tools they need to crack it open in a breeze. As for the user password, we "
16320
"will instead rely on a script that will install OpenSSH the first time a "
16321
"user logs in so that the key generated will be different for each appliance. "
16322
"For this we'll use a <emphasis>--firstboot</emphasis> script, as it does not "
16323
"need any user interaction."
16324
msgstr ""
16325
16326
17549
#: serverguide/C/introduction.xml:14(para)
16327
17550
msgid "Welcome to the <emphasis>Ubuntu Server Guide</emphasis>!"
16328
17551
msgstr ""
16339
17562
"This guide assumes you have a basic understanding of your Ubuntu system. "
16340
17563
"Some installation details are covered in <xref linkend=\"installation\"/>, "
16341
17564
"but if you need detailed instructions installing Ubuntu please refer to the "
16342
"<ulink url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu "
17565
"<ulink url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu "
16343
17566
"Installation Guide</ulink>."
16344
17567
msgstr ""
16345
17568
16394
17617
16395
17618
#: serverguide/C/installation.xml:14(para)
16396
17619
msgid ""
16397
"This chapter provides a quick overview of installing Ubuntu 9.04 Server "
17620
"This chapter provides a quick overview of installing Ubuntu 9.10 Server "
16398
17621
"Edition. For more detailed instructions, please refer to the <ulink "
16399
"url=\"https://help.ubuntu.com/9.04/installation-guide/\">Ubuntu Installation "
17622
"url=\"https://help.ubuntu.com/9.10/installation-guide/\">Ubuntu Installation "
16400
17623
"Guide</ulink>."
16401
17624
msgstr ""
16402
17625
16416
17639
16417
17640
#: serverguide/C/installation.xml:25(para)
16418
17641
msgid ""
16419
"Ubuntu 9.04 Server Edition supports two (2) major architectures: Intel x86 "
17642
"Ubuntu 9.10 Server Edition supports two (2) major architectures: Intel x86 "
16420
17643
"and AMD64. The table below lists recommended hardware specifications. "
16421
17644
"Depending on your needs, you might manage with less than this. However, most "
16422
17645
"users risk being frustrated if they ignore these suggestions."
16520
17743
#: serverguide/C/installation.xml:101(para)
16521
17744
msgid ""
16522
17745
"To see all kernel configuration options you can look through "
16523
"<filename>/boot/config-2.6.27-server</filename>. Also, <ulink "
17746
"<filename>/boot/config-2.6.31-server</filename>. Also, <ulink "
16524
17747
"url=\"http://www.kroah.com/lkn/\">Linux Kernel in a Nutshell</ulink> is a "
16525
17748
"great resource on the options available."
16526
17749
msgstr ""
16637
17860
#: serverguide/C/installation.xml:212(para)
16638
17861
msgid ""
16639
17862
"<emphasis>Manage the system with Landscape</emphasis>: Landscape is a paid "
16640
"service provided by Canonical to help manager your Ubuntu machines. See the "
17863
"service provided by Canonical to help manage your Ubuntu machines. See the "
16641
17864
"<ulink url=\"http://www.canonical.com/projects/landscape\">Landscape</ulink> "
16642
17865
"site for details."
16643
17866
msgstr ""
16671
17894
#: serverguide/C/installation.xml:245(para)
16672
17895
msgid ""
16673
17896
"Once again, for detailed instructions see the <ulink "
16674
"url=\"https://help.ubuntu.com/9.04/installation-guide/\"> Ubuntu "
17897
"url=\"https://help.ubuntu.com/9.10/installation-guide/\"> Ubuntu "
16675
17898
"Installation Guide</ulink>."
16676
17899
msgstr ""
16677
17900
16780
18003
#, no-wrap
16781
18004
msgid ""
16782
18005
"\n"
16783
"bind9-doc\n"
18006
"bind9-doc \n"
18007
"bind9utils \n"
16784
18008
"bind9\n"
16785
18009
msgstr ""
16786
18010
16787
#: serverguide/C/installation.xml:339(para)
18011
#: serverguide/C/installation.xml:340(para)
16788
18012
msgid ""
16789
18013
"Also, if you did not install one of the tasks during the installation "
16790
18014
"process, but for example you decide to make your new LAMP server a DNS "
16791
18015
"server as well. Simply insert the installation CD and from a terminal:"
16792
18016
msgstr ""
16793
18017
16794
#: serverguide/C/installation.xml:344(command)
18018
#: serverguide/C/installation.xml:345(command)
16795
18019
msgid "sudo tasksel install dns-server"
16796
18020
msgstr ""
16797
18021
16798
#: serverguide/C/installation.xml:349(title)
18022
#: serverguide/C/installation.xml:350(title)
16799
18023
msgid "Upgrading"
16800
18024
msgstr ""
16801
18025
16802
#: serverguide/C/installation.xml:350(para)
18026
#: serverguide/C/installation.xml:351(para)
16803
18027
msgid ""
16804
18028
"There are several ways to upgrade from one Ubuntu release to another. This "
16805
18029
"section gives an overview of the recommended upgrade method."
16806
18030
msgstr ""
16807
18031
16808
#: serverguide/C/installation.xml:354(title) serverguide/C/installation.xml:369(command)
18032
#: serverguide/C/installation.xml:355(title) serverguide/C/installation.xml:370(command)
16809
18033
msgid "do-release-upgrade"
16810
18034
msgstr ""
16811
18035
16812
#: serverguide/C/installation.xml:355(para)
18036
#: serverguide/C/installation.xml:356(para)
16813
18037
msgid ""
16814
18038
"The recommended way to upgrade a Server Edition installation is to use the "
16815
18039
"<application>do-release-upgrade</application> utility. Part of the "
16817
18041
"graphical dependencies and is installed by default."
16818
18042
msgstr ""
16819
18043
16820
#: serverguide/C/installation.xml:360(para)
18044
#: serverguide/C/installation.xml:361(para)
16821
18045
msgid ""
16822
18046
"Debian based systems can also be upgraded by using <command>apt-get dist-"
16823
18047
"upgrade</command>. However, using <application>do-release-"
16825
18049
"system configuration changes sometimes needed between releases."
16826
18050
msgstr ""
16827
18051
16828
#: serverguide/C/installation.xml:365(para)
18052
#: serverguide/C/installation.xml:366(para)
16829
18053
msgid "To upgrade to a newer release, from a terminal prompt enter:"
16830
18054
msgstr ""
16831
18055
16832
#: serverguide/C/installation.xml:371(para)
18056
#: serverguide/C/installation.xml:372(para)
16833
18057
msgid ""
16834
18058
"It is also possible to use <application>do-release-upgrade</application> to "
16835
18059
"upgrade to a development version of Ubuntu. To accomplish this use the "
16836
18060
"<emphasis>-d</emphasis> switch:"
16837
18061
msgstr ""
16838
18062
16839
#: serverguide/C/installation.xml:376(command)
18063
#: serverguide/C/installation.xml:377(command)
16840
18064
msgid "do-release-upgrade -d"
16841
18065
msgstr ""
16842
18066
16843
#: serverguide/C/installation.xml:379(para)
18067
#: serverguide/C/installation.xml:380(para)
16844
18068
msgid ""
16845
18069
"Upgrading to a development release is <emphasis>not</emphasis> recommended "
16846
18070
"for production environments."
16847
18071
msgstr ""
16848
18072
16849
#: serverguide/C/installation.xml:386(title)
18073
#: serverguide/C/installation.xml:387(title)
16850
18074
msgid "Advanced Installation"
16851
18075
msgstr ""
16852
18076
16853
#: serverguide/C/installation.xml:389(title)
18077
#: serverguide/C/installation.xml:390(title)
16854
18078
msgid "Software RAID"
16855
18079
msgstr ""
16856
18080
16857
#: serverguide/C/installation.xml:391(para)
18081
#: serverguide/C/installation.xml:392(para)
16858
18082
msgid ""
16859
18083
"RAID is a method of configuring multiple hard drives to act as one, reducing "
16860
18084
"the probability of catastrophic data loss in case of drive failure. RAID is "
16864
18088
"drives 'invisibly')."
16865
18089
msgstr ""
16866
18090
16867
#: serverguide/C/installation.xml:398(para)
18091
#: serverguide/C/installation.xml:399(para)
16868
18092
msgid ""
16869
18093
"The RAID software included with current versions of Linux (and Ubuntu) is "
16870
18094
"based on the <application>'mdadm'</application> driver and works very well, "
16874
18098
"another for <emphasis>swap</emphasis>."
16875
18099
msgstr ""
16876
18100
16877
#: serverguide/C/installation.xml:408(para) serverguide/C/installation.xml:925(para)
18101
#: serverguide/C/installation.xml:409(para) serverguide/C/installation.xml:926(para)
16878
18102
msgid ""
16879
18103
"Follow the installation steps until you get to the <emphasis>Partition "
16880
18104
"disks</emphasis> step, then:"
16881
18105
msgstr ""
16882
18106
16883
#: serverguide/C/installation.xml:415(para)
18107
#: serverguide/C/installation.xml:416(para)
16884
18108
msgid "Select <emphasis>Manual</emphasis> as the partition method."
16885
18109
msgstr ""
16886
18110
16887
#: serverguide/C/installation.xml:422(para)
18111
#: serverguide/C/installation.xml:423(para)
16888
18112
msgid ""
16889
18113
"Select the first hard drive, and agree to <emphasis>\"Create a new empty "
16890
18114
"partition table on this device?\"</emphasis>."
16891
18115
msgstr ""
16892
18116
16893
#: serverguide/C/installation.xml:426(para)
18117
#: serverguide/C/installation.xml:427(para)
16894
18118
msgid ""
16895
18119
"Repeat this step for each drive you wish to be part of the RAID array."
16896
18120
msgstr ""
16897
18121
16898
#: serverguide/C/installation.xml:433(para)
18122
#: serverguide/C/installation.xml:434(para)
16899
18123
msgid ""
16900
18124
"Select the <emphasis>\"FREE SPACE\"</emphasis> on the first drive then "
16901
18125
"select <emphasis>\"Create a new partition\"</emphasis>."
16902
18126
msgstr ""
16903
18127
16904
#: serverguide/C/installation.xml:440(para)
18128
#: serverguide/C/installation.xml:441(para)
16905
18129
msgid ""
16906
18130
"Next, select the <emphasis>Size</emphasis> of the partition. This partition "
16907
18131
"will be the <emphasis>swap</emphasis> partition, and a general rule for swap "
16909
18133
"<emphasis>Primary</emphasis>, then <emphasis>Beginning</emphasis>."
16910
18134
msgstr ""
16911
18135
16912
#: serverguide/C/installation.xml:449(para)
18136
#: serverguide/C/installation.xml:450(para)
16913
18137
msgid ""
16914
18138
"Select the <emphasis>\"Use as:\"</emphasis> line at the top. By default this "
16915
18139
"is <emphasis role=\"italic\">\"Ext3 journaling file system\"</emphasis>, "
16917
18141
"<emphasis>\"Done setting up partition\"</emphasis>."
16918
18142
msgstr ""
16919
18143
16920
#: serverguide/C/installation.xml:458(para)
18144
#: serverguide/C/installation.xml:459(para)
16921
18145
msgid ""
16922
18146
"For the <emphasis>/</emphasis> partition once again select <emphasis>\"Free "
16923
18147
"Space\"</emphasis> on the first drive then <emphasis>\"Create a new "
16924
18148
"partition\"</emphasis>."
16925
18149
msgstr ""
16926
18150
16927
#: serverguide/C/installation.xml:466(para)
18151
#: serverguide/C/installation.xml:467(para)
16928
18152
msgid ""
16929
18153
"Use the rest of the free space on the drive and choose "
16930
18154
"<emphasis>Continue</emphasis>, then <emphasis>Primary</emphasis>."
16931
18155
msgstr ""
16932
18156
16933
#: serverguide/C/installation.xml:473(para)
18157
#: serverguide/C/installation.xml:474(para)
16934
18158
msgid ""
16935
18159
"As with the swap partition, select the <emphasis>\"Use as:\"</emphasis> line "
16936
18160
"at the top, changing it to <emphasis>\"physical volume for RAID\"</emphasis> "
16937
18161
"then choose <emphasis>\"Done setting up partition\"</emphasis>."
16938
18162
msgstr ""
16939
18163
16940
#: serverguide/C/installation.xml:481(para)
18164
#: serverguide/C/installation.xml:482(para)
16941
18165
msgid "Repeat steps three through eight for the other disk and partitions."
16942
18166
msgstr ""
16943
18167
16944
#: serverguide/C/installation.xml:490(title)
18168
#: serverguide/C/installation.xml:491(title)
16945
18169
msgid "RAID Configuration"
16946
18170
msgstr ""
16947
18171
16948
#: serverguide/C/installation.xml:492(para)
18172
#: serverguide/C/installation.xml:493(para)
16949
18173
msgid "With the partitions setup the arrays are ready to be configured:"
16950
18174
msgstr ""
16951
18175
16952
#: serverguide/C/installation.xml:499(para)
18176
#: serverguide/C/installation.xml:500(para)
16953
18177
msgid ""
16954
18178
"Back in the main \"Partition Disks\" page, select <emphasis>\"Configure "
16955
18179
"Software RAID\"</emphasis> at the top."
16956
18180
msgstr ""
16957
18181
16958
#: serverguide/C/installation.xml:506(para)
18182
#: serverguide/C/installation.xml:507(para)
16959
18183
msgid "Select <emphasis>\"yes\"</emphasis> to write the changes to disk."
16960
18184
msgstr ""
16961
18185
16962
#: serverguide/C/installation.xml:513(para)
18186
#: serverguide/C/installation.xml:514(para)
16963
18187
msgid "Choose <emphasis>\"Create MD drive\"</emphasis>."
16964
18188
msgstr ""
16965
18189
16966
#: serverguide/C/installation.xml:520(para)
18190
#: serverguide/C/installation.xml:521(para)
16967
18191
msgid ""
16968
18192
"For this example, select <emphasis>\"RAID1\"</emphasis>, but if you are "
16969
18193
"using a different setup choose the appropriate type (RAID0 RAID1 RAID5)."
16970
18194
msgstr ""
16971
18195
16972
#: serverguide/C/installation.xml:526(para)
18196
#: serverguide/C/installation.xml:527(para)
16973
18197
msgid ""
16974
18198
"In order to use <emphasis>RAID5</emphasis> you need at least "
16975
18199
"<emphasis>three</emphasis> drives. Using RAID0 or RAID1 only "
16976
18200
"<emphasis>two</emphasis> drives are required."
16977
18201
msgstr ""
16978
18202
16979
#: serverguide/C/installation.xml:535(para)
18203
#: serverguide/C/installation.xml:536(para)
16980
18204
msgid ""
16981
18205
"Enter the number of active devices <emphasis>\"2\"</emphasis>, or the amount "
16982
18206
"of hard drives you have, for the array. Then select "
16983
18207
"<emphasis>\"Continue\"</emphasis>."
16984
18208
msgstr ""
16985
18209
16986
#: serverguide/C/installation.xml:543(para)
18210
#: serverguide/C/installation.xml:544(para)
16987
18211
msgid ""
16988
18212
"Next, enter the number of spare devices <emphasis>\"0\"</emphasis> by "
16989
18213
"default, then choose <emphasis>\"Continue\"</emphasis>."
16990
18214
msgstr ""
16991
18215
16992
#: serverguide/C/installation.xml:550(para)
18216
#: serverguide/C/installation.xml:551(para)
16993
18217
msgid ""
16994
18218
"Choose which partitions to use. Generally they will be sda1, sdb1, sdc1, "
16995
18219
"etc. The numbers will usually match and the different letters correspond to "
16996
18220
"different hard drives."
16997
18221
msgstr ""
16998
18222
16999
#: serverguide/C/installation.xml:555(para)
18223
#: serverguide/C/installation.xml:556(para)
17000
18224
msgid ""
17001
18225
"For the <emphasis>swap</emphasis> partition choose <emphasis>sda1</emphasis> "
17002
18226
"and <emphasis>sdb1</emphasis>. Select <emphasis>\"Continue\"</emphasis> to "
17003
18227
"go to the next step."
17004
18228
msgstr ""
17005
18229
17006
#: serverguide/C/installation.xml:563(para)
18230
#: serverguide/C/installation.xml:564(para)
17007
18231
msgid ""
17008
18232
"Repeat steps <emphasis>three</emphasis> through <emphasis>seven</emphasis> "
17009
18233
"for the <emphasis>/</emphasis> partition choosing <emphasis>sda2</emphasis> "
17010
18234
"and <emphasis>sdb2</emphasis>."
17011
18235
msgstr ""
17012
18236
17013
#: serverguide/C/installation.xml:571(para)
18237
#: serverguide/C/installation.xml:572(para)
17014
18238
msgid "Once done select <emphasis>\"Finish\"</emphasis>."
17015
18239
msgstr ""
17016
18240
17017
#: serverguide/C/installation.xml:581(title)
18241
#: serverguide/C/installation.xml:582(title)
17018
18242
msgid "Formatting"
17019
18243
msgstr ""
17020
18244
17021
#: serverguide/C/installation.xml:583(para)
18245
#: serverguide/C/installation.xml:584(para)
17022
18246
msgid ""
17023
18247
"There should now be a list of hard drives and RAID devices. The next step is "
17024
18248
"to format and set the mount point for the RAID devices. Treat the RAID "
17025
18249
"device as a local hard drive, format and mount accordingly."
17026
18250
msgstr ""
17027
18251
17028
#: serverguide/C/installation.xml:591(para)
18252
#: serverguide/C/installation.xml:592(para)
17029
18253
msgid "Select the <emphasis>RAID1 device #0</emphasis> partition."
17030
18254
msgstr ""
17031
18255
17032
#: serverguide/C/installation.xml:598(para)
18256
#: serverguide/C/installation.xml:599(para)
17033
18257
msgid ""
17034
18258
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"swap "
17035
18259
"area\"</emphasis>, then <emphasis>\"Done setting up partition\"</emphasis>."
17036
18260
msgstr ""
17037
18261
17038
#: serverguide/C/installation.xml:606(para)
18262
#: serverguide/C/installation.xml:607(para)
17039
18263
msgid "Next, select the <emphasis>RAID1 device #1</emphasis> partition."
17040
18264
msgstr ""
17041
18265
17042
#: serverguide/C/installation.xml:613(para)
18266
#: serverguide/C/installation.xml:614(para)
17043
18267
msgid ""
17044
18268
"Choose <emphasis>\"Use as:\"</emphasis>. Then select <emphasis>\"Ext3 "
17045
18269
"journaling file system\"</emphasis>."
17046
18270
msgstr ""
17047
18271
17048
#: serverguide/C/installation.xml:620(para)
18272
#: serverguide/C/installation.xml:621(para)
17049
18273
msgid ""
17050
18274
"Then select the <emphasis>\"Mount point\"</emphasis> and choose "
17051
18275
"<emphasis>\"/ - the root file system\"</emphasis>. Change any of the other "
17053
18277
"partition\"</emphasis>."
17054
18278
msgstr ""
17055
18279
17056
#: serverguide/C/installation.xml:628(para)
18280
#: serverguide/C/installation.xml:629(para)
17057
18281
msgid ""
17058
18282
"Finally, select <emphasis>\"Finish partitioning and write changes to "
17059
18283
"disk\"</emphasis>."
17060
18284
msgstr ""
17061
18285
17062
#: serverguide/C/installation.xml:635(para)
18286
#: serverguide/C/installation.xml:636(para)
17063
18287
msgid ""
17064
18288
"If you choose to place the root partition on a RAID array, the installer "
17065
18289
"will then ask if you would like to boot in a <emphasis>degraded</emphasis> "
17066
18290
"state. See <xref linkend=\"raid-degraded\"/> for further details."
17067
18291
msgstr ""
17068
18292
17069
#: serverguide/C/installation.xml:640(para)
18293
#: serverguide/C/installation.xml:641(para)
17070
18294
msgid "The installation process will then continue normally."
17071
18295
msgstr ""
17072
18296
17073
#: serverguide/C/installation.xml:646(title)
18297
#: serverguide/C/installation.xml:647(title)
17074
18298
msgid "Degraded RAID"
17075
18299
msgstr ""
17076
18300
17077
#: serverguide/C/installation.xml:648(para)
18301
#: serverguide/C/installation.xml:649(para)
17078
18302
msgid ""
17079
18303
"At some point in the life of the computer a disk failure event may occur. "
17080
18304
"When this happens, using Software RAID, the operating system will place the "
17081
18305
"array into what is known as a <emphasis>degraded</emphasis> state."
17082
18306
msgstr ""
17083
18307
17084
#: serverguide/C/installation.xml:653(para)
18308
#: serverguide/C/installation.xml:654(para)
17085
18309
msgid ""
17086
18310
"If the array has become degraded, due to the chance of data corruption, by "
17087
18311
"default Ubuntu Server Edition will boot to <emphasis>initramfs</emphasis> "
17092
18316
"Booting to a degraded array can be configured several ways:"
17093
18317
msgstr ""
17094
18318
17095
#: serverguide/C/installation.xml:664(para)
18319
#: serverguide/C/installation.xml:665(para)
17096
18320
msgid ""
17097
18321
"The <application>dpkg-reconfigure</application> utility can be used to "
17098
18322
"configure the default behavior, and during the process you will be queried "
17101
18325
"following:"
17102
18326
msgstr ""
17103
18327
17104
#: serverguide/C/installation.xml:671(command)
18328
#: serverguide/C/installation.xml:672(command)
17105
18329
msgid "sudo dpkg-reconfigure mdadm"
17106
18330
msgstr ""
17107
18331
17108
#: serverguide/C/installation.xml:677(para)
18332
#: serverguide/C/installation.xml:678(para)
17109
18333
msgid ""
17110
18334
"The <command>dpkg-reconfigure mdadm</command> process will change the "
17111
18335
"<filename>/etc/initramfs-tools/conf.d/mdadm</filename> configuration file. "
17113
18337
"behavior, and can also be manually edited:"
17114
18338
msgstr ""
17115
18339
17116
#: serverguide/C/installation.xml:683(programlisting)
18340
#: serverguide/C/installation.xml:684(programlisting)
17117
18341
#, no-wrap
17118
18342
msgid ""
17119
18343
"\n"
17120
18344
"BOOT_DEGRADED=true\n"
17121
18345
msgstr ""
17122
18346
17123
#: serverguide/C/installation.xml:688(para)
18347
#: serverguide/C/installation.xml:689(para)
17124
18348
msgid "The configuration file can be overridden by using a Kernel argument."
17125
18349
msgstr ""
17126
18350
17127
#: serverguide/C/installation.xml:696(para)
18351
#: serverguide/C/installation.xml:697(para)
17128
18352
msgid ""
17129
18353
"Using a Kernel argument will allow the system to boot to a degraded array as "
17130
18354
"well:"
17131
18355
msgstr ""
17132
18356
17133
#: serverguide/C/installation.xml:702(para)
18357
#: serverguide/C/installation.xml:703(para)
17134
18358
msgid ""
17135
18359
"When the server is booting press <emphasis>ESC</emphasis> to open the "
17136
18360
"<application>Grub</application> menu."
17137
18361
msgstr ""
17138
18362
17139
#: serverguide/C/installation.xml:707(para)
18363
#: serverguide/C/installation.xml:708(para)
17140
18364
msgid "Press <emphasis>\"e\"</emphasis> to edit your Kernel command options."
17141
18365
msgstr ""
17142
18366
17143
#: serverguide/C/installation.xml:712(para)
18367
#: serverguide/C/installation.xml:713(para)
17144
18368
msgid ""
17145
18369
"Press the <emphasis>DOWN</emphasis> arrow to highlight the kernel line."
17146
18370
msgstr ""
17147
18371
17148
#: serverguide/C/installation.xml:717(para)
18372
#: serverguide/C/installation.xml:718(para)
17149
18373
msgid ""
17150
18374
"Press the <emphasis>\"e\"</emphasis> key again to edit the kernel line."
17151
18375
msgstr ""
17152
18376
17153
#: serverguide/C/installation.xml:722(para)
18377
#: serverguide/C/installation.xml:723(para)
17154
18378
msgid ""
17155
18379
"Add <emphasis>\"bootdegraded=true\"</emphasis> (without the quotes) to the "
17156
18380
"end of the line."
17157
18381
msgstr ""
17158
18382
17159
#: serverguide/C/installation.xml:727(para)
18383
#: serverguide/C/installation.xml:728(para)
17160
18384
msgid "Press <emphasis>\"ENTER\"</emphasis>."
17161
18385
msgstr ""
17162
18386
17163
#: serverguide/C/installation.xml:732(para)
18387
#: serverguide/C/installation.xml:733(para)
17164
18388
msgid "Finally, press <emphasis>\"b\"</emphasis> to boot the system."
17165
18389
msgstr ""
17166
18390
17167
#: serverguide/C/installation.xml:741(para)
18391
#: serverguide/C/installation.xml:742(para)
17168
18392
msgid ""
17169
18393
"Once the system has booted you can either repair the array see <xref "
17170
18394
"linkend=\"raid-maintenance\"/> for details, or copy important data to "
17171
18395
"another machine due to major hardware failure."
17172
18396
msgstr ""
17173
18397
17174
#: serverguide/C/installation.xml:748(title)
18398
#: serverguide/C/installation.xml:749(title)
17175
18399
msgid "RAID Maintenance"
17176
18400
msgstr ""
17177
18401
17178
#: serverguide/C/installation.xml:750(para)
18402
#: serverguide/C/installation.xml:751(para)
17179
18403
msgid ""
17180
18404
"The <application>mdadm</application> utility can be used to view the status "
17181
18405
"of an array, add disks to an array, remove disks, etc:"
17182
18406
msgstr ""
17183
18407
17184
#: serverguide/C/installation.xml:757(para)
18408
#: serverguide/C/installation.xml:758(para)
17185
18409
msgid "To view the status of an array, from a terminal prompt enter:"
17186
18410
msgstr ""
17187
18411
17188
#: serverguide/C/installation.xml:761(command)
18412
#: serverguide/C/installation.xml:762(command)
17189
18413
msgid "sudo mdadm -D /dev/md0"
17190
18414
msgstr ""
17191
18415
17192
#: serverguide/C/installation.xml:764(para)
18416
#: serverguide/C/installation.xml:765(para)
17193
18417
msgid ""
17194
18418
"The <emphasis>-D</emphasis> tells <application>mdadm</application> to "
17195
18419
"display <emphasis>detailed</emphasis> information about the "
17197
18421
"with the appropriate RAID device."
17198
18422
msgstr ""
17199
18423
17200
#: serverguide/C/installation.xml:770(para)
18424
#: serverguide/C/installation.xml:771(para)
17201
18425
msgid "To view the status of a disk in an array:"
17202
18426
msgstr ""
17203
18427
17204
#: serverguide/C/installation.xml:774(command)
18428
#: serverguide/C/installation.xml:775(command)
17205
18429
msgid "sudo mdadm -E /dev/sda1"
17206
18430
msgstr ""
17207
18431
17208
#: serverguide/C/installation.xml:776(para)
18432
#: serverguide/C/installation.xml:777(para)
17209
18433
msgid ""
17210
18434
"The output if very similar to the <command>mdadm -D</command> command, "
17211
18435
"adjust <filename>/dev/sda1</filename> for each disk."
17212
18436
msgstr ""
17213
18437
17214
#: serverguide/C/installation.xml:781(para)
18438
#: serverguide/C/installation.xml:782(para)
17215
18439
msgid "If a disk fails and needs to be removed from an array enter:"
17216
18440
msgstr ""
17217
18441
17218
#: serverguide/C/installation.xml:785(command)
18442
#: serverguide/C/installation.xml:786(command)
17219
18443
msgid "sudo mdadm --remove /dev/md0 /dev/sda1"
17220
18444
msgstr ""
17221
18445
17222
#: serverguide/C/installation.xml:787(para)
18446
#: serverguide/C/installation.xml:788(para)
17223
18447
msgid ""
17224
18448
"Change <filename>/dev/md0</filename> and <filename>/dev/sda1</filename> to "
17225
18449
"the appropriate RAID device and disk."
17226
18450
msgstr ""
17227
18451
17228
#: serverguide/C/installation.xml:792(para)
18452
#: serverguide/C/installation.xml:793(para)
17229
18453
msgid "Similarly, to add a new disk:"
17230
18454
msgstr ""
17231
18455
17232
#: serverguide/C/installation.xml:796(command)
18456
#: serverguide/C/installation.xml:797(command)
17233
18457
msgid "sudo mdadm --add /dev/md0 /dev/sda1"
17234
18458
msgstr ""
17235
18459
17236
#: serverguide/C/installation.xml:801(para)
18460
#: serverguide/C/installation.xml:802(para)
17237
18461
msgid ""
17238
18462
"Sometimes a disk can change to a <emphasis>faulty</emphasis> state even "
17239
18463
"though there is nothing physically wrong with the drive. It is usually "
17242
18466
"the array, it is a good indication of hardware failure."
17243
18467
msgstr ""
17244
18468
17245
#: serverguide/C/installation.xml:807(para)
18469
#: serverguide/C/installation.xml:808(para)
17246
18470
msgid ""
17247
18471
"The <filename>/proc/mdstat</filename> file also contains useful information "
17248
18472
"about the system's RAID devices:"
17249
18473
msgstr ""
17250
18474
17251
#: serverguide/C/installation.xml:812(command)
18475
#: serverguide/C/installation.xml:813(command)
17252
18476
msgid "cat /proc/mdstat"
17253
18477
msgstr ""
17254
18478
17255
#: serverguide/C/installation.xml:813(computeroutput)
18479
#: serverguide/C/installation.xml:814(computeroutput)
17256
18480
#, no-wrap
17257
18481
msgid ""
17258
18482
"Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] "
17263
18487
"unused devices: <none>"
17264
18488
msgstr ""
17265
18489
17266
#: serverguide/C/installation.xml:820(para)
18490
#: serverguide/C/installation.xml:821(para)
17267
18491
msgid ""
17268
18492
"The following command is great for watching the status of a syncing drive:"
17269
18493
msgstr ""
17270
18494
17271
#: serverguide/C/installation.xml:825(command)
18495
#: serverguide/C/installation.xml:826(command)
17272
18496
msgid "watch -n1 cat /proc/mdstat"
17273
18497
msgstr ""
17274
18498
17275
#: serverguide/C/installation.xml:828(para)
18499
#: serverguide/C/installation.xml:829(para)
17276
18500
msgid ""
17277
18501
"Press <emphasis>Ctrl+c</emphasis> to stop the "
17278
18502
"<application>watch</application> command."
17279
18503
msgstr ""
17280
18504
17281
#: serverguide/C/installation.xml:832(para)
18505
#: serverguide/C/installation.xml:833(para)
17282
18506
msgid ""
17283
18507
"If you do need to replace a faulty drive, after the drive has been replaced "
17284
18508
"and synced, <application>grub</application> will need to be installed. To "
17286
18510
"following:"
17287
18511
msgstr ""
17288
18512
17289
#: serverguide/C/installation.xml:838(command)
18513
#: serverguide/C/installation.xml:839(command)
17290
18514
msgid "sudo grub-install /dev/md0"
17291
18515
msgstr ""
17292
18516
17293
#: serverguide/C/installation.xml:841(para)
18517
#: serverguide/C/installation.xml:842(para)
17294
18518
msgid ""
17295
18519
"Replace <filename>/dev/md0</filename> with the appropriate array device name."
17296
18520
msgstr ""
17297
18521
17298
#: serverguide/C/installation.xml:849(para)
18522
#: serverguide/C/installation.xml:850(para)
17299
18523
msgid ""
17300
18524
"The topic of RAID arrays is a complex one due to the plethora of ways RAID "
17301
18525
"can be configured. Please see the following links for more information:"
17302
18526
msgstr ""
17303
18527
17304
#: serverguide/C/installation.xml:857(ulink)
18528
#: serverguide/C/installation.xml:858(ulink)
17305
18529
msgid "Software RAID HOWTO"
17306
18530
msgstr ""
17307
18531
17308
#: serverguide/C/installation.xml:862(ulink)
18532
#: serverguide/C/installation.xml:863(ulink)
17309
18533
msgid "Managing RAID on Linux"
17310
18534
msgstr ""
17311
18535
17312
#: serverguide/C/installation.xml:869(title)
18536
#: serverguide/C/installation.xml:870(title)
17313
18537
msgid "Logical Volume Manager (LVM)"
17314
18538
msgstr ""
17315
18539
17316
#: serverguide/C/installation.xml:871(para)
18540
#: serverguide/C/installation.xml:872(para)
17317
18541
msgid ""
17318
18542
"Logical Volume Manger, or <emphasis>LVM</emphasis>, allows administrators to "
17319
18543
"create <emphasis>logical</emphasis> volumes out of one or multiple physical "
17322
18546
"giving greater flexibility to systems as requirements change."
17323
18547
msgstr ""
17324
18548
17325
#: serverguide/C/installation.xml:880(para)
18549
#: serverguide/C/installation.xml:881(para)
17326
18550
msgid ""
17327
18551
"A side effect of LVM's power and flexibility is a greater degree of "
17328
18552
"complication. Before diving into the LVM installation process, it is best to "
17329
18553
"get familiar with some terms."
17330
18554
msgstr ""
17331
18555
17332
#: serverguide/C/installation.xml:887(para)
18556
#: serverguide/C/installation.xml:888(para)
17333
18557
msgid ""
17334
18558
"<emphasis>Volume Group (VG):</emphasis> contains one or several Logical "
17335
18559
"Volumes (LV)."
17336
18560
msgstr ""
17337
18561
17338
#: serverguide/C/installation.xml:892(para)
18562
#: serverguide/C/installation.xml:893(para)
17339
18563
msgid ""
17340
18564
"<emphasis>Logical Volume (LV):</emphasis> is similar to a partition in a non-"
17341
18565
"LVM system. Multiple Physical Volumes (PV) can make up one LV, on top of "
17342
18566
"which resides the actual EXT3, XFS, JFS, etc filesystem."
17343
18567
msgstr ""
17344
18568
17345
#: serverguide/C/installation.xml:898(para)
18569
#: serverguide/C/installation.xml:899(para)
17346
18570
msgid ""
17347
18571
"<emphasis>Physical Volume (PV):</emphasis> physical hard disk or software "
17348
18572
"RAID partition. The Volume Group can be extended by adding more PVs."
17349
18573
msgstr ""
17350
18574
17351
#: serverguide/C/installation.xml:909(para)
18575
#: serverguide/C/installation.xml:910(para)
17352
18576
msgid ""
17353
18577
"As an example this section covers installing Ubuntu Server Edition with "
17354
18578
"<filename role=\"directory\">/srv</filename> mounted on a LVM volume. During "
17357
18581
"can be extended."
17358
18582
msgstr ""
17359
18583
17360
#: serverguide/C/installation.xml:915(para)
18584
#: serverguide/C/installation.xml:916(para)
17361
18585
msgid ""
17362
18586
"There are several installation options for LVM, <emphasis>\"Guided - use the "
17363
18587
"entire disk and setup LVM\"</emphasis> which will also allow you to assign a "
17368
18592
"the Manual approach."
17369
18593
msgstr ""
17370
18594
17371
#: serverguide/C/installation.xml:932(para)
18595
#: serverguide/C/installation.xml:933(para)
17372
18596
msgid ""
17373
18597
"At the <emphasis>\"Partition Disks</emphasis> screen choose "
17374
18598
"<emphasis>\"Manual\"</emphasis>."
17375
18599
msgstr ""
17376
18600
17377
#: serverguide/C/installation.xml:939(para)
18601
#: serverguide/C/installation.xml:940(para)
17378
18602
msgid ""
17379
18603
"Select the hard disk and on the next screen choose \"yes\" to "
17380
18604
"<emphasis>\"Create a new empty partition table on this device\"</emphasis>."
17381
18605
msgstr ""
17382
18606
17383
#: serverguide/C/installation.xml:946(para)
18607
#: serverguide/C/installation.xml:947(para)
17384
18608
msgid ""
17385
18609
"Next, create standard <emphasis>/boot</emphasis>, <emphasis>swap</emphasis>, "
17386
18610
"and <emphasis>/</emphasis> partitions with whichever filesystem you prefer."
17387
18611
msgstr ""
17388
18612
17389
#: serverguide/C/installation.xml:954(para)
18613
#: serverguide/C/installation.xml:955(para)
17390
18614
msgid ""
17391
18615
"For the LVM <emphasis>/srv</emphasis>, create a new "
17392
18616
"<emphasis>Logical</emphasis> partition. Then change <emphasis>\"Use "
17394
18618
"<emphasis>\"Done setting up the partition\"</emphasis>."
17395
18619
msgstr ""
17396
18620
17397
#: serverguide/C/installation.xml:962(para)
18621
#: serverguide/C/installation.xml:963(para)
17398
18622
msgid ""
17399
18623
"Now select <emphasis>\"Configure the Logical Volume Manager\"</emphasis> at "
17400
18624
"the top, and choose <emphasis>\"Yes\"</emphasis> to write the changes to "
17401
18625
"disk."
17402
18626
msgstr ""
17403
18627
17404
#: serverguide/C/installation.xml:970(para)
18628
#: serverguide/C/installation.xml:971(para)
17405
18629
msgid ""
17406
18630
"For the <emphasis>\"LVM configuration action\"</emphasis> on the next "
17407
18631
"screen, choose <emphasis>\"Create volume group\"</emphasis>. Enter a name "
17410
18634
"<emphasis>\"Continue\"</emphasis>."
17411
18635
msgstr ""
17412
18636
17413
#: serverguide/C/installation.xml:979(para)
18637
#: serverguide/C/installation.xml:980(para)
17414
18638
msgid ""
17415
18639
"Back at the <emphasis>\"LVM configuration action\"</emphasis> screen, select "
17416
18640
"<emphasis>\"Create logical volume\"</emphasis>. Select the newly created "
17421
18645
"main <emphasis>\"Partition Disks\"</emphasis> screen."
17422
18646
msgstr ""
17423
18647
17424
#: serverguide/C/installation.xml:989(para)
18648
#: serverguide/C/installation.xml:990(para)
17425
18649
msgid ""
17426
18650
"Now add a filesystem to the new LVM. Select the partition under "
17427
18651
"<emphasis>\"LVM VG vg01, LV srv\"</emphasis>, or whatever name you have "
17430
18654
"select <emphasis>\"Done setting up the partition\"</emphasis>."
17431
18655
msgstr ""
17432
18656
17433
#: serverguide/C/installation.xml:998(para)
18657
#: serverguide/C/installation.xml:999(para)
17434
18658
msgid ""
17435
18659
"Finally, select <emphasis>\"Finish partitioning and write changes to "
17436
18660
"disk\"</emphasis>. Then confirm the changes and continue with the rest of "
17437
18661
"the installation."
17438
18662
msgstr ""
17439
18663
17440
#: serverguide/C/installation.xml:1006(para)
18664
#: serverguide/C/installation.xml:1007(para)
17441
18665
msgid "There are some useful utilities to view information about LVM:"
17442
18666
msgstr ""
17443
18667
17444
#: serverguide/C/installation.xml:1011(para)
18668
#: serverguide/C/installation.xml:1012(para)
17445
18669
msgid ""
17446
18670
"<emphasis>vgdisplay:</emphasis> shows information about Volume Groups."
17447
18671
msgstr ""
17448
18672
17449
#: serverguide/C/installation.xml:1012(para)
18673
#: serverguide/C/installation.xml:1013(para)
17450
18674
msgid ""
17451
18675
"<emphasis>lvdisplay:</emphasis> has information about Logical Volumes."
17452
18676
msgstr ""
17453
18677
17454
#: serverguide/C/installation.xml:1013(para)
18678
#: serverguide/C/installation.xml:1014(para)
17455
18679
msgid ""
17456
18680
"<emphasis>pvdisplay:</emphasis> similarly displays information about "
17457
18681
"Physical Volumes."
17458
18682
msgstr ""
17459
18683
17460
#: serverguide/C/installation.xml:1018(title)
18684
#: serverguide/C/installation.xml:1019(title)
17461
18685
msgid "Extending Volume Groups"
17462
18686
msgstr ""
17463
18687
17464
#: serverguide/C/installation.xml:1020(para)
18688
#: serverguide/C/installation.xml:1021(para)
17465
18689
msgid ""
17466
18690
"Continuing with <emphasis>srv</emphasis> as an LVM volume example, this "
17467
18691
"section covers adding a second hard disk, creating a Physical Volume (PV), "
17476
18700
"them as different physical volumes)"
17477
18701
msgstr ""
17478
18702
17479
#: serverguide/C/installation.xml:1032(para)
18703
#: serverguide/C/installation.xml:1033(para)
17480
18704
msgid "First, create the physical volume, in a terminal execute:"
17481
18705
msgstr ""
17482
18706
17483
#: serverguide/C/installation.xml:1037(command)
18707
#: serverguide/C/installation.xml:1038(command)
17484
18708
msgid "sudo pvcreate /dev/sdb"
17485
18709
msgstr ""
17486
18710
17487
#: serverguide/C/installation.xml:1043(para)
18711
#: serverguide/C/installation.xml:1044(para)
17488
18712
msgid "Now extend the Volume Group (VG):"
17489
18713
msgstr ""
17490
18714
17491
#: serverguide/C/installation.xml:1048(command)
18715
#: serverguide/C/installation.xml:1049(command)
17492
18716
msgid "sudo vgextend vg01 /dev/sdb"
17493
18717
msgstr ""
17494
18718
17495
#: serverguide/C/installation.xml:1054(para)
18719
#: serverguide/C/installation.xml:1055(para)
17496
18720
msgid ""
17497
18721
"Use <application>vgdisplay</application> to find out the free physical "
17498
18722
"extents - Free PE / size (the size you can allocate). We will assume a free "
17500
18724
"whole free space available. Use your own PE and/or free space."
17501
18725
msgstr ""
17502
18726
17503
#: serverguide/C/installation.xml:1060(para)
18727
#: serverguide/C/installation.xml:1061(para)
17504
18728
msgid ""
17505
18729
"The Logical Volume (LV) can now be extended by different methods, we will "
17506
18730
"only see how to use the PE to extend the LV:"
17507
18731
msgstr ""
17508
18732
17509
#: serverguide/C/installation.xml:1065(command)
18733
#: serverguide/C/installation.xml:1066(command)
17510
18734
msgid "sudo lvextend /dev/vg01/srv -l +511"
17511
18735
msgstr ""
17512
18736
17513
#: serverguide/C/installation.xml:1068(para)
18737
#: serverguide/C/installation.xml:1069(para)
17514
18738
msgid ""
17515
18739
"The <emphasis>-l</emphasis> option allows the LV to be extended using PE. "
17516
18740
"The <emphasis>-L</emphasis> option allows the LV to be extended using Meg, "
17517
18741
"Gig, Tera, etc bytes."
17518
18742
msgstr ""
17519
18743
17520
#: serverguide/C/installation.xml:1076(para)
18744
#: serverguide/C/installation.xml:1077(para)
17521
18745
msgid ""
17522
18746
"Even though you are supposed to be able to <emphasis>expand</emphasis> an "
17523
18747
"ext3 or ext4 filesystem without unmounting it first, it may be a good "
17526
18750
"first is compulsory)."
17527
18751
msgstr ""
17528
18752
17529
#: serverguide/C/installation.xml:1082(para)
18753
#: serverguide/C/installation.xml:1083(para)
17530
18754
msgid ""
17531
18755
"The following commands are for an <emphasis>EXT3</emphasis> or "
17532
18756
"<emphasis>EXT4</emphasis> filesystem. If you are using another filesystem "
17533
18757
"there may be other utilities available."
17534
18758
msgstr ""
17535
18759
17536
#: serverguide/C/installation.xml:1089(command)
18760
#: serverguide/C/installation.xml:1090(command)
17537
18761
msgid "sudo e2fsck -f /dev/vg01/srv"
17538
18762
msgstr ""
17539
18763
17540
#: serverguide/C/installation.xml:1092(para)
18764
#: serverguide/C/installation.xml:1093(para)
17541
18765
msgid ""
17542
18766
"The <emphasis>-f</emphasis> option of <application>e2fsck</application> "
17543
18767
"forces checking even if the system seems clean."
17544
18768
msgstr ""
17545
18769
17546
#: serverguide/C/installation.xml:1099(para)
18770
#: serverguide/C/installation.xml:1100(para)
17547
18771
msgid "Finally, resize the filesystem:"
17548
18772
msgstr ""
17549
18773
17550
#: serverguide/C/installation.xml:1104(command)
18774
#: serverguide/C/installation.xml:1105(command)
17551
18775
msgid "sudo resize2fs /dev/vg01/srv"
17552
18776
msgstr ""
17553
18777
17554
#: serverguide/C/installation.xml:1110(para)
18778
#: serverguide/C/installation.xml:1111(para)
17555
18779
msgid "Now mount the partition and check its size."
17556
18780
msgstr ""
17557
18781
17558
#: serverguide/C/installation.xml:1115(command)
18782
#: serverguide/C/installation.xml:1116(command)
17559
18783
msgid "mount /dev/vg01/srv /srv && df -h /srv"
17560
18784
msgstr ""
17561
18785
17562
#: serverguide/C/installation.xml:1127(para)
18786
#: serverguide/C/installation.xml:1128(para)
17563
18787
msgid ""
17564
18788
"See the <ulink url=\"http://tldp.org/HOWTO/LVM-HOWTO/index.html\">LVM "
17565
18789
"HOWTO</ulink> for more information."
17566
18790
msgstr ""
17567
18791
17568
#: serverguide/C/installation.xml:1132(para)
18792
#: serverguide/C/installation.xml:1133(para)
17569
18793
msgid ""
17570
18794
"Another good article is <ulink "
17571
18795
"url=\"http://www.linuxdevcenter.com/pub/a/linux/2006/04/27/managing-disk-"
17573
18797
"linuxdevcenter.com site."
17574
18798
msgstr ""
17575
18799
17576
#: serverguide/C/installation.xml:1139(para)
18800
#: serverguide/C/installation.xml:1140(para)
17577
18801
msgid ""
17578
18802
"For more information on <application>fdisk</application> see the <ulink "
17579
18803
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/fdisk.8.html\">fdisk"
17827
19051
17828
19052
#: serverguide/C/file-server.xml:225(para)
17829
19053
msgid ""
17830
"By default these options are set the the certificate and key provided by the "
19054
"By default these options are set the certificate and key provided by the "
17831
19055
"<application>ssl-cert</application> package. In a production environment "
17832
19056
"these should be replaced with a certificate and key generated for the "
17833
19057
"specific host. For more information on certificates see <xref "
18083
19307
msgstr ""
18084
19308
18085
19309
#: serverguide/C/file-server.xml:460(command)
18086
msgid "sudo apt-get install cupsys"
19310
msgid "sudo apt-get install cups"
18087
19311
msgstr ""
18088
19312
18089
19313
#: serverguide/C/file-server.xml:463(para)
18143
19367
"<emphasis role=\"bold\">ServerAdmin</emphasis>: To configure the email "
18144
19368
"address of the designated administrator of the CUPS server, simply edit the "
18145
19369
"<filename>/etc/cups/cupsd.conf</filename> configuration file with your "
18146
"preferred text editor, and modify the <emphasis "
19370
"preferred text editor, and add or modify the <emphasis "
18147
19371
"role=\"italics\">ServerAdmin</emphasis> line accordingly. For example, if "
18148
19372
"you are the Administrator for the CUPS server, and your e-mail address is "
18149
19373
"'bjoy@somebigco.com', then you would modify the ServerAdmin line to appear "
18159
19383
18160
19384
#: serverguide/C/file-server.xml:524(para)
18161
19385
msgid ""
18162
"For more examples of configuration directives in the CUPS server "
18163
"configuration file, view the associated system manual page by entering the "
18164
"following command at a terminal prompt:"
18165
msgstr ""
18166
18167
#: serverguide/C/file-server.xml:531(command)
18168
msgid "man cupsd.conf"
18169
msgstr ""
18170
18171
#: serverguide/C/file-server.xml:535(para)
18172
msgid ""
18173
"Whenever you make changes to the <filename>/etc/cups/cupsd.conf</filename> "
18174
"configuration file, you'll need to restart the CUPS server by typing the "
18175
"following command at a terminal prompt:"
18176
msgstr ""
18177
18178
#: serverguide/C/file-server.xml:541(command)
18179
msgid "sudo /etc/init.d/cupsys restart"
18180
msgstr ""
18181
18182
#: serverguide/C/file-server.xml:544(para)
18183
msgid ""
18184
"Some other configuration for the CUPS server is done in the file "
18185
"<filename>/etc/cups/cups.d/ports.conf</filename>:"
18186
msgstr ""
18187
18188
#: serverguide/C/file-server.xml:547(para)
18189
msgid ""
18190
19386
"<emphasis role=\"bold\">Listen</emphasis>: By default on Ubuntu, the CUPS "
18191
19387
"server installation listens only on the loopback interface at IP address "
18192
19388
"<emphasis>127.0.0.1</emphasis>. In order to instruct the CUPS server to "
18200
19396
"such:"
18201
19397
msgstr ""
18202
19398
18203
#: serverguide/C/file-server.xml:561(screen)
19399
#: serverguide/C/file-server.xml:538(screen)
18204
19400
#, no-wrap
18205
19401
msgid ""
18206
19402
"\n"
18210
19406
"(IPP)\n"
18211
19407
msgstr ""
18212
19408
18213
#: serverguide/C/file-server.xml:567(para)
19409
#: serverguide/C/file-server.xml:544(para)
18214
19410
msgid ""
18215
19411
"In the example above, you may comment out or remove the reference to the "
18216
19412
"Loopback address (127.0.0.1) if you do not wish <application>cupsd "
18221
19417
"<emphasis>socrates</emphasis> as such:"
18222
19418
msgstr ""
18223
19419
18224
#: serverguide/C/file-server.xml:577(screen)
19420
#: serverguide/C/file-server.xml:554(screen)
18225
19421
#, no-wrap
18226
19422
msgid ""
18227
19423
"\n"
18228
19424
"Listen socrates:631 # Listen on all interfaces for the hostname 'socrates'\n"
18229
19425
msgstr ""
18230
19426
18231
#: serverguide/C/file-server.xml:581(para)
19427
#: serverguide/C/file-server.xml:558(para)
18232
19428
msgid ""
18233
19429
"or by omitting the Listen directive and using <emphasis>Port</emphasis> "
18234
19430
"instead, as in:"
18235
19431
msgstr ""
18236
19432
18237
#: serverguide/C/file-server.xml:583(screen)
19433
#: serverguide/C/file-server.xml:560(screen)
18238
19434
#, no-wrap
18239
19435
msgid ""
18240
19436
"\n"
18241
19437
"Port 631 # Listen on port 631 on all interfaces\n"
18242
19438
msgstr ""
18243
19439
18244
#: serverguide/C/file-server.xml:594(ulink)
19440
#: serverguide/C/file-server.xml:567(para)
19441
msgid ""
19442
"For more examples of configuration directives in the CUPS server "
19443
"configuration file, view the associated system manual page by entering the "
19444
"following command at a terminal prompt:"
19445
msgstr ""
19446
19447
#: serverguide/C/file-server.xml:574(command)
19448
msgid "man cupsd.conf"
19449
msgstr ""
19450
19451
#: serverguide/C/file-server.xml:578(para)
19452
msgid ""
19453
"Whenever you make changes to the <filename>/etc/cups/cupsd.conf</filename> "
19454
"configuration file, you'll need to restart the CUPS server by typing the "
19455
"following command at a terminal prompt:"
19456
msgstr ""
19457
19458
#: serverguide/C/file-server.xml:584(command)
19459
msgid "sudo /etc/init.d/cups restart"
19460
msgstr ""
19461
19462
#: serverguide/C/file-server.xml:590(title)
19463
msgid "Web Interface"
19464
msgstr ""
19465
19466
#: serverguide/C/file-server.xml:592(para)
19467
msgid ""
19468
"CUPS can be configured and monitored using a web interface, which by default "
19469
"is available at <ulink "
19470
"url=\"http://localhost:631/admin\">http://localhost:631/admin</ulink>. The "
19471
"web interface can be used to perform all printer management tasks."
19472
msgstr ""
19473
19474
#: serverguide/C/file-server.xml:596(para)
19475
msgid ""
19476
"In order to perform administrative tasks via the web interface, you must "
19477
"either have the root account enabled on your server, or authenticate as a "
19478
"user in the <emphasis role=\"italic\">lpadmin</emphasis> group. For security "
19479
"reasons, CUPS won't authenticate a user that doesn't have a password."
19480
msgstr ""
19481
19482
#: serverguide/C/file-server.xml:599(para)
19483
msgid ""
19484
"To add a user to the <emphasis role=\"italic\">lpadmin</emphasis> group, run "
19485
"at the terminal prompt: <screen>\n"
19486
"<command>sudo usermod -aG lpadmin username</command>\n"
19487
"</screen>"
19488
msgstr ""
19489
19490
#: serverguide/C/file-server.xml:605(para)
19491
msgid ""
19492
"Further documentation is available in the <emphasis "
19493
"role=\"italic\">Documentation/Help</emphasis> tab of the web interface."
19494
msgstr ""
19495
19496
#: serverguide/C/file-server.xml:613(ulink)
18245
19497
msgid "CUPS Website"
18246
19498
msgstr ""
18247
19499
18875
20127
msgid ""
18876
20128
"<application>BIND9</application> has a wide variety of logging configuration "
18877
20129
"options available. There are two main options. The "
18878
"<emphasis>channel</emphasis> option configures where logs go, and the the "
20130
"<emphasis>channel</emphasis> option configures where logs go, and the "
18879
20131
"<emphasis>category</emphasis> option determines what information to log."
18880
20132
msgstr ""
18881
20133
19041
20293
#, no-wrap
19042
20294
msgid ""
19043
20295
"\n"
19044
" IN MX mail.example.com.\n"
20296
" IN MX 1 mail.example.com.\n"
19045
20297
"mail IN A 192.168.1.13\n"
19046
20298
msgstr ""
19047
20299
19262
20514
"By default, connection via TCP/IP is disabled. PostgreSQL supports multiple "
19263
20515
"client authentication methods. By default, IDENT authentication method is "
19264
20516
"used for <application>postgres</application> and local users. Please refer "
19265
"<ulink url=\"http://www.postgresql.org/docs/8.3/static/admin.html\"> the "
20517
"<ulink url=\"http://www.postgresql.org/docs/8.4/static/admin.html\"> the "
19266
20518
"PostgreSQL Administrator's Guide</ulink>."
19267
20519
msgstr ""
19268
20520
19272
20524
"and use the MD5 method for client authentication. PostgreSQL configuration "
19273
20525
"files are stored in the "
19274
20526
"<filename>/etc/postgresql/<version>/main</filename> directory. For "
19275
"example, if you install PostgreSQL 8.3, the configuration files are stored "
19276
"in the <filename>/etc/postgresql/8.3/main</filename> directory."
20527
"example, if you install PostgreSQL 8.4, the configuration files are stored "
20528
"in the <filename>/etc/postgresql/8.4/main</filename> directory."
19277
20529
msgstr ""
19278
20530
19279
20531
#: serverguide/C/databases.xml:196(para)
19280
20532
msgid ""
19281
20533
"To configure <emphasis>ident</emphasis> authentication, add entries to the "
19282
"<filename>/etc/postgresql/8.3/main/pg_ident.conf</filename> file."
20534
"<filename>/etc/postgresql/8.4/main/pg_ident.conf</filename> file."
19283
20535
msgstr ""
19284
20536
19285
20537
#: serverguide/C/databases.xml:203(para)
19286
20538
msgid ""
19287
20539
"To enable TCP/IP connections, edit the file "
19288
"<filename>/etc/postgresql/8.3/main/postgresql.conf</filename>"
20540
"<filename>/etc/postgresql/8.4/main/postgresql.conf</filename>"
19289
20541
msgstr ""
19290
20542
19291
20543
#: serverguide/C/databases.xml:205(para)
19343
20595
#: serverguide/C/databases.xml:241(para)
19344
20596
msgid ""
19345
20597
"After configuring the password, edit the file "
19346
"<filename>/etc/postgresql/8.3/main/pg_hba.conf</filename> to use "
20598
"<filename>/etc/postgresql/8.4/main/pg_hba.conf</filename> to use "
19347
20599
"<emphasis>MD5</emphasis> authentication with the "
19348
20600
"<emphasis>postgres</emphasis> user:"
19349
20601
msgstr ""
19363
20615
msgstr ""
19364
20616
19365
20617
#: serverguide/C/databases.xml:257(command)
19366
msgid "sudo /etc/init.d/postgresql-8.3 restart"
20618
msgid "sudo /etc/init.d/postgresql-8.4 restart"
19367
20619
msgstr ""
19368
20620
19369
20621
#: serverguide/C/databases.xml:260(para)
19370
20622
msgid ""
19371
20623
"The above configuration is not complete by any means. Please refer <ulink "
19372
"url=\"http://www.postgresql.org/docs/8.3/static/admin.html\"> the PostgreSQL "
20624
"url=\"http://www.postgresql.org/docs/8.4/static/admin.html\"> the PostgreSQL "
19373
20625
"Administrator's Guide</ulink> to configure more parameters."
19374
20626
msgstr ""
19375
20627
19376
20628
#: serverguide/C/databases.xml:271(para)
19377
20629
msgid ""
19378
20630
"As mentioned above the <ulink "
19379
"url=\"http://www.postgresql.org/docs/8.3/static/admin.html\">Administrator's "
20631
"url=\"http://www.postgresql.org/docs/8.4/static/admin.html\">Administrator's "
19380
20632
"Guide</ulink> is an excellent resource. The guide is also available in the "
19381
"<application>postgresql-doc-8.3</application> package. Execute the following "
20633
"<application>postgresql-doc-8.4</application> package. Execute the following "
19382
20634
"in a terminal to install the package:"
19383
20635
msgstr ""
19384
20636
19385
20637
#: serverguide/C/databases.xml:277(command)
19386
msgid "sudo apt-get install postgresql-doc-8.3"
20638
msgid "sudo apt-get install postgresql-doc-8.4"
19387
20639
msgstr ""
19388
20640
19389
20641
#: serverguide/C/databases.xml:279(para)
19390
20642
msgid ""
19391
20643
"To view the guide enter <command>file:///usr/share/doc/postgresql-doc-"
19392
"8.3/html/index.html</command> into the address bar of your browser."
20644
"8.4/html/index.html</command> into the address bar of your browser."
19393
20645
msgstr ""
19394
20646
19395
20647
#: serverguide/C/clustering.xml:13(title)
19418
20670
msgid "sudo apt-get install drbd8-utils"
19419
20671
msgstr ""
19420
20672
19421
#: serverguide/C/clustering.xml:32(para)
20673
#: serverguide/C/clustering.xml:33(para)
20674
msgid ""
20675
"If you are using the <emphasis>virtual kernel</emphasis> as part of a "
20676
"virtual machine you will need to manually compile the "
20677
"<application>drbd</application> module. It may be easier to install the "
20678
"<application>linux-server</application> package inside the virtual machine."
20679
msgstr ""
20680
20681
#: serverguide/C/clustering.xml:40(para)
19422
20682
msgid ""
19423
20683
"This section covers setting up a <application>drbd</application> to "
19424
20684
"replicate a separate <filename>/srv</filename> partition, with an "
19427
20687
"size."
19428
20688
msgstr ""
19429
20689
19430
#: serverguide/C/clustering.xml:41(para)
20690
#: serverguide/C/clustering.xml:49(para)
19431
20691
msgid ""
19432
20692
"The two hosts in this example will be called <emphasis>drbd01</emphasis> and "
19433
20693
"<emphasis>drbd02</emphasis>. They will need to have name resolution "
19435
20695
"See <xref linkend=\"dns\"/> for details."
19436
20696
msgstr ""
19437
20697
19438
#: serverguide/C/clustering.xml:49(para)
20698
#: serverguide/C/clustering.xml:57(para)
19439
20699
msgid ""
19440
20700
"To configure <application>drbd</application>, on the first host edit "
19441
20701
"<filename>/etc/drbd.conf</filename>:"
19442
20702
msgstr ""
19443
20703
19444
#: serverguide/C/clustering.xml:53(programlisting)
20704
#: serverguide/C/clustering.xml:61(programlisting)
19445
20705
#, no-wrap
19446
20706
msgid ""
19447
20707
"\n"
19456
20716
" net {\n"
19457
20717
" cram-hmac-alg sha1;\n"
19458
20718
" shared-secret \"secret\";\n"
19459
" allow-two-primaries;\n"
19460
20719
" }\n"
19461
20720
" on drbd01 {\n"
19462
20721
" device /dev/drbd0;\n"
19473
20732
"} \n"
19474
20733
msgstr ""
19475
20734
19476
#: serverguide/C/clustering.xml:83(para)
20735
#: serverguide/C/clustering.xml:90(para)
19477
20736
msgid ""
19478
20737
"There are many other options in <filename>/etc/drbd.conf</filename>, but for "
19479
20738
"this example their default values are fine."
19480
20739
msgstr ""
19481
20740
19482
#: serverguide/C/clustering.xml:91(para)
20741
#: serverguide/C/clustering.xml:98(para)
19483
20742
msgid "Now copy <filename>/etc/drbd.conf</filename> to the second host:"
19484
20743
msgstr ""
19485
20744
19486
#: serverguide/C/clustering.xml:96(command)
20745
#: serverguide/C/clustering.xml:103(command)
19487
20746
msgid "scp /etc/drbd.conf drbd02:~"
19488
20747
msgstr ""
19489
20748
19490
#: serverguide/C/clustering.xml:102(para)
20749
#: serverguide/C/clustering.xml:109(para)
19491
20750
msgid ""
19492
20751
"And, on <emphasis>drbd02</emphasis> move the file to "
19493
20752
"<filename>/etc</filename>:"
19494
20753
msgstr ""
19495
20754
19496
#: serverguide/C/clustering.xml:107(command)
20755
#: serverguide/C/clustering.xml:114(command)
19497
20756
msgid "sudo mv drbd.conf /etc/"
19498
20757
msgstr ""
19499
20758
19500
#: serverguide/C/clustering.xml:113(para)
20759
#: serverguide/C/clustering.xml:120(para)
19501
20760
msgid ""
19502
20761
"Next, on both hosts, start the <application>drbd</application> daemon:"
19503
20762
msgstr ""
19504
20763
19505
#: serverguide/C/clustering.xml:118(command)
20764
#: serverguide/C/clustering.xml:125(command)
19506
20765
msgid "sudo /etc/init.d/drbd start"
19507
20766
msgstr ""
19508
20767
19509
#: serverguide/C/clustering.xml:124(para)
20768
#: serverguide/C/clustering.xml:131(para)
19510
20769
msgid ""
19511
20770
"Now using the <application>drbdadm</application> utility initialize the meta "
19512
20771
"data storage. On each server execute:"
19513
20772
msgstr ""
19514
20773
19515
#: serverguide/C/clustering.xml:130(command)
20774
#: serverguide/C/clustering.xml:137(command)
19516
20775
msgid "sudo drbdadm create-md r0"
19517
20776
msgstr ""
19518
20777
19519
#: serverguide/C/clustering.xml:136(para)
20778
#: serverguide/C/clustering.xml:143(para)
19520
20779
msgid ""
19521
20780
"On the <emphasis>drbd01</emphasis>, or whichever host you wish to be the "
19522
20781
"primary, enter the following:"
19523
20782
msgstr ""
19524
20783
19525
#: serverguide/C/clustering.xml:141(command)
20784
#: serverguide/C/clustering.xml:148(command)
19526
20785
msgid "sudo drbdadm -- --overwrite-data-of-peer primary all"
19527
20786
msgstr ""
19528
20787
19529
#: serverguide/C/clustering.xml:147(para)
20788
#: serverguide/C/clustering.xml:154(para)
19530
20789
msgid ""
19531
20790
"After executing the above command, the data will start syncing with the "
19532
20791
"secondary host. To watch the progresss, on <emphasis>drbd02</emphasis> enter "
19533
20792
"the following:"
19534
20793
msgstr ""
19535
20794
19536
#: serverguide/C/clustering.xml:153(command)
20795
#: serverguide/C/clustering.xml:160(command)
19537
20796
msgid "watch -n1 cat /proc/drbd"
19538
20797
msgstr ""
19539
20798
19540
#: serverguide/C/clustering.xml:156(para)
20799
#: serverguide/C/clustering.xml:163(para)
19541
20800
msgid "To stop watching the output press <emphasis>Ctrl+c</emphasis>."
19542
20801
msgstr ""
19543
20802
19544
#: serverguide/C/clustering.xml:163(para)
20803
#: serverguide/C/clustering.xml:170(para)
19545
20804
msgid ""
19546
20805
"Finally, add a filesystem to <filename>/dev/drbd0</filename> and mount it:"
19547
20806
msgstr ""
19548
20807
19549
#: serverguide/C/clustering.xml:168(command)
20808
#: serverguide/C/clustering.xml:175(command)
19550
20809
msgid "sudo mkfs.ext3 /dev/drbd0"
19551
20810
msgstr ""
19552
20811
19553
#: serverguide/C/clustering.xml:169(command) serverguide/C/clustering.xml:217(command)
20812
#: serverguide/C/clustering.xml:176(command) serverguide/C/clustering.xml:224(command)
19554
20813
msgid "sudo mount /dev/drbd0 /srv"
19555
20814
msgstr ""
19556
20815
19557
#: serverguide/C/clustering.xml:179(para)
20816
#: serverguide/C/clustering.xml:186(para)
19558
20817
msgid ""
19559
20818
"To test that the data is actually syncing between the hosts copy some files "
19560
20819
"on the <emphasis>drbd01</emphasis>, the primary, to "
19561
20820
"<filename>/srv</filename>:"
19562
20821
msgstr ""
19563
20822
19564
#: serverguide/C/clustering.xml:188(para)
20823
#: serverguide/C/clustering.xml:195(para)
19565
20824
msgid "Next, unmount <filename>/srv</filename>:"
19566
20825
msgstr ""
19567
20826
19568
#: serverguide/C/clustering.xml:196(para)
20827
#: serverguide/C/clustering.xml:203(para)
19569
20828
msgid ""
19570
20829
"<emphasis>Demote</emphasis> the <emphasis>primary</emphasis> server to the "
19571
20830
"<emphasis>secondary</emphasis> role:"
19572
20831
msgstr ""
19573
20832
19574
#: serverguide/C/clustering.xml:201(command)
20833
#: serverguide/C/clustering.xml:208(command)
19575
20834
msgid "sudo drbdadm secondary r0"
19576
20835
msgstr ""
19577
20836
19578
#: serverguide/C/clustering.xml:204(para)
20837
#: serverguide/C/clustering.xml:211(para)
19579
20838
msgid ""
19580
"Now on the the <emphasis>secondary</emphasis> server "
20839
"Now on the <emphasis>secondary</emphasis> server "
19581
20840
"<emphasis>promote</emphasis> it to the <emphasis>primary</emphasis> role:"
19582
20841
msgstr ""
19583
20842
19584
#: serverguide/C/clustering.xml:209(command)
20843
#: serverguide/C/clustering.xml:216(command)
19585
20844
msgid "sudo drbdadm primary r0"
19586
20845
msgstr ""
19587
20846
19588
#: serverguide/C/clustering.xml:212(para)
20847
#: serverguide/C/clustering.xml:219(para)
19589
20848
msgid "Lastly, mount the partition:"
19590
20849
msgstr ""
19591
20850
19592
#: serverguide/C/clustering.xml:220(para)
20851
#: serverguide/C/clustering.xml:227(para)
19593
20852
msgid ""
19594
20853
"Using <emphasis>ls</emphasis> you should see "
19595
20854
"<filename>/srv/default</filename> copied from the former "
19596
20855
"<emphasis>primary</emphasis> host <emphasis>drbd01</emphasis>."
19597
20856
msgstr ""
19598
20857
19599
#: serverguide/C/clustering.xml:231(para)
20858
#: serverguide/C/clustering.xml:238(para)
19600
20859
msgid ""
19601
20860
"For more information on <application>DRBD</application> see the <ulink "
19602
20861
"url=\"http://www.drbd.org/\">DRBD web site</ulink>."
19603
20862
msgstr ""
19604
20863
19605
#: serverguide/C/clustering.xml:236(para)
20864
#: serverguide/C/clustering.xml:243(para)
19606
20865
msgid ""
19607
20866
"The <ulink "
19608
20867
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man5/drbd.conf.5.html\">d"
19610
20869
"this guide."
19611
20870
msgstr ""
19612
20871
19613
#: serverguide/C/clustering.xml:242(para)
20872
#: serverguide/C/clustering.xml:249(para)
19614
20873
msgid ""
19615
20874
"Also, see the <ulink "
19616
20875
"url=\"http://manpages.ubuntu.com/manpages/jaunty/en/man8/drbdadm.8.html\">drb"
19617
20876
"dadm man page</ulink>."
19618
20877
msgstr ""
19619
20878
20879
#: serverguide/C/chat.xml:13(title)
20880
msgid "Chat Applications"
20881
msgstr ""
20882
20883
#: serverguide/C/chat.xml:19(para)
20884
msgid ""
20885
"In this section, we will discuss how to install and configure a IRC server, "
20886
"<application>ircd-irc2</application>. We will also discuss how to install "
20887
"and configure Jabber, an instance messaging server."
20888
msgstr ""
20889
20890
#: serverguide/C/chat.xml:28(title)
20891
msgid "IRC Server"
20892
msgstr ""
20893
20894
#: serverguide/C/chat.xml:30(para)
20895
msgid ""
20896
"The Ubuntu repository has many Internet Relay Chat servers. This section "
20897
"explains how to install and configure the original IRC server "
20898
"<application>ircd-irc2</application>."
20899
msgstr ""
20900
20901
#: serverguide/C/chat.xml:39(para)
20902
msgid ""
20903
"To install <application>ircd-irc2</application>, run the following command "
20904
"in the command prompt:"
20905
msgstr ""
20906
20907
#: serverguide/C/chat.xml:45(command)
20908
msgid "sudo apt-get install ircd-irc2"
20909
msgstr ""
20910
20911
#: serverguide/C/chat.xml:48(para)
20912
msgid ""
20913
"The configuration files are stored in <filename>/etc/ircd</filename> "
20914
"directory. The documents are available in <filename>/usr/share/doc/ircd-"
20915
"irc2</filename> directory."
20916
msgstr ""
20917
20918
#: serverguide/C/chat.xml:59(para)
20919
msgid ""
20920
"The IRC settings can be done in the configuration file "
20921
"<filename>/etc/ircd/ircd.conf</filename>. You can set the IRC host name in "
20922
"this file by editing the following line:"
20923
msgstr ""
20924
20925
#: serverguide/C/chat.xml:64(programlisting)
20926
#, no-wrap
20927
msgid ""
20928
"\n"
20929
"M:irc.localhost::Debian ircd default configuration::000A\n"
20930
msgstr ""
20931
20932
#: serverguide/C/chat.xml:68(para)
20933
msgid ""
20934
"Please make sure you add DNS aliases for the IRC host name. For instance, if "
20935
"you set irc.livecipher.com as IRC host name, please make sure "
20936
"irc.livecipher.com is resolvable in your Domain Name Server. The IRC host "
20937
"name should not be same as the host name."
20938
msgstr ""
20939
20940
#: serverguide/C/chat.xml:75(para)
20941
msgid ""
20942
"The IRC admin details can be configured by editting the following line:"
20943
msgstr ""
20944
20945
#: serverguide/C/chat.xml:80(programlisting)
20946
#, no-wrap
20947
msgid ""
20948
"\n"
20949
"A:Organization, IRC dept.:Daemon <ircd@example.irc.org>:Client "
20950
"Server::IRCnet:\n"
20951
msgstr ""
20952
20953
#: serverguide/C/chat.xml:84(para)
20954
msgid ""
20955
"You should add specific lines to configure the list of IRC ports to listen "
20956
"on, to configure Operator credentials, to configure client authentication, "
20957
"etc. For details, please refer to the example configuration file "
20958
"<filename>/usr/share/doc/ircd-irc2/ircd.conf.example.gz</filename>."
20959
msgstr ""
20960
20961
#: serverguide/C/chat.xml:92(para)
20962
msgid ""
20963
"The IRC banner to be displayed in the IRC client, when the user connects to "
20964
"the server can be set in <filename>/etc/ircd/ircd.motd</filename> file."
20965
msgstr ""
20966
20967
#: serverguide/C/chat.xml:97(para)
20968
msgid ""
20969
"After making necessary changes to the configuration file, you can restart "
20970
"the IRC server using following command:"
20971
msgstr ""
20972
20973
#: serverguide/C/chat.xml:101(programlisting)
20974
#, no-wrap
20975
msgid ""
20976
"\n"
20977
"sudo /etc/init.d/ircd-irc2 restart\n"
20978
msgstr ""
20979
20980
#: serverguide/C/chat.xml:109(para)
20981
msgid ""
20982
"You may also be interested to take a look at other IRC servers available in "
20983
"Ubuntu Repository. It includes, <application>ircd-ircu</application> and "
20984
"<application>ircd-hybrid</application>."
20985
msgstr ""
20986
20987
#: serverguide/C/chat.xml:117(para)
20988
msgid ""
20989
"Refer to <ulink url=\"http://www.irc.org/tech_docs/ircnet/faq.html\">IRCD "
20990
"FAQ</ulink> for more details about the IRC Server."
20991
msgstr ""
20992
20993
#: serverguide/C/chat.xml:127(title)
20994
msgid "Jabber Instant Messaging Server"
20995
msgstr ""
20996
20997
#: serverguide/C/chat.xml:129(para)
20998
msgid ""
20999
"<emphasis>Jabber</emphasis> a popular instant message protocol is based on "
21000
"XMPP, an open standard for instant messaging, and used by many popular "
21001
"applications. This section covers setting up a <emphasis>Jabberd "
21002
"2</emphasis> server on a local LAN. This configuration can also be adapted "
21003
"to providing messaging services to users over the Internet."
21004
msgstr ""
21005
21006
#: serverguide/C/chat.xml:138(para)
21007
msgid "To install <application>jabberd2</application>, in a terminal enter:"
21008
msgstr ""
21009
21010
#: serverguide/C/chat.xml:143(command)
21011
msgid "sudo apt-get install jabberd2"
21012
msgstr ""
21013
21014
#: serverguide/C/chat.xml:150(para)
21015
msgid ""
21016
"A couple of XML configuration files will be used to configure "
21017
"<application>jabberd2</application> for <emphasis>Berkely DB</emphasis> user "
21018
"authentication. This is a very simple form of authentication. However, "
21019
"<application>jabberd2</application> can be configured to use LDAP, MySQL, "
21020
"Postgresql, etc for for user authentication."
21021
msgstr ""
21022
21023
#: serverguide/C/chat.xml:157(para)
21024
msgid "First, edit <filename>/etc/jabberd2/sm.xml</filename> changing:"
21025
msgstr ""
21026
21027
#: serverguide/C/chat.xml:161(programlisting)
21028
#, no-wrap
21029
msgid ""
21030
"\n"
21031
" <id>jabber.example.com</id>\n"
21032
msgstr ""
21033
21034
#: serverguide/C/chat.xml:166(para)
21035
msgid ""
21036
"Replace <emphasis>jabber.example.com</emphasis> with the hostname, or other "
21037
"id, of your server."
21038
msgstr ""
21039
21040
#: serverguide/C/chat.xml:171(para)
21041
msgid "Now in the <storage> section change the <driver> to:"
21042
msgstr ""
21043
21044
#: serverguide/C/chat.xml:175(programlisting)
21045
#, no-wrap
21046
msgid ""
21047
"\n"
21048
" <driver>db</driver>\n"
21049
msgstr ""
21050
21051
#: serverguide/C/chat.xml:179(para)
21052
msgid ""
21053
"Next, edit <filename>/etc/jabberd2/c2s.xml</filename> in the "
21054
"<emphasis><local></emphasis> section change:"
21055
msgstr ""
21056
21057
#: serverguide/C/chat.xml:183(programlisting)
21058
#, no-wrap
21059
msgid ""
21060
"\n"
21061
" <id>jabber.example.com</id>\n"
21062
msgstr ""
21063
21064
#: serverguide/C/chat.xml:187(para)
21065
msgid ""
21066
"And in the <authreg> section adjust the <module> section to:"
21067
msgstr ""
21068
21069
#: serverguide/C/chat.xml:191(programlisting)
21070
#, no-wrap
21071
msgid ""
21072
"\n"
21073
" <module>db</module>\n"
21074
msgstr ""
21075
21076
#: serverguide/C/chat.xml:195(para)
21077
msgid ""
21078
"Finally, restart <application>jabberd2</application> to enable the new "
21079
"settings:"
21080
msgstr ""
21081
21082
#: serverguide/C/chat.xml:200(command)
21083
msgid "sudo /etc/init.d/jabberd2 restart"
21084
msgstr ""
21085
21086
#: serverguide/C/chat.xml:203(para)
21087
msgid ""
21088
"You should now be able to connect to the server using a Jabber client like "
21089
"<application>Pidgin</application> for example."
21090
msgstr ""
21091
21092
#: serverguide/C/chat.xml:208(para)
21093
msgid ""
21094
"The advantage of using Berkeley DB for user data is that after being "
21095
"configured no additional maintenance is required. If you need more control "
21096
"over user accounts and credentials another authentication method is "
21097
"recommended."
21098
msgstr ""
21099
21100
#: serverguide/C/chat.xml:220(para)
21101
msgid ""
21102
"The <ulink url=\"http://codex.xiaoka.com/wiki/jabberd2:start\">Jabberd2 Web "
21103
"Site</ulink> contains more details on configuring "
21104
"<application>Jabberd2</application>."
21105
msgstr ""
21106
21107
#: serverguide/C/chat.xml:226(para)
21108
msgid ""
21109
"For more authentication options see the <ulink "
21110
"url=\"http://jabberd2.xiaoka.com/wiki/InstallGuide\">Jabberd2 Install "
21111
"Guide</ulink>."
21112
msgstr ""
21113
19620
21114
#: serverguide/C/backups.xml:13(title)
19621
21115
msgid "Backups"
19622
21116
msgstr ""
20711
22205
"the latest Bacula news and developments."
20712
22206
msgstr ""
20713
22207
20714
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2.
22208
#. Put one translator per line, in the form of NAME <EMAIL>, YEAR1, YEAR2
20715
22209
#: serverguide/C/backups.xml:0(None)
20716
22210
msgid "translator-credits"
20717
22211
msgstr ""
20718
22212
"Launchpad Contributions:\n"
20719
22213
" Arthur Kulik https://launchpad.net/~arthur-kulik\n"
20720
"\n"
20721
"Launchpad Contributions:\n"
20722
" Arthur Kulik https://launchpad.net/~arthur-kulik"
22214
" SkyManPHP https://launchpad.net/~skymanphp"
22215
22216
#~ msgid ""
22217
#~ "<emphasis>read only:</emphasis> gives write access to the shared directory."
22218
#~ msgstr "<emphasis>read only:</emphasis> надає розшареній папці права запису."
Loggerhead is a web-based interface for Breezy
Version: 2.0.1