#################dns集羣############php
1.dns集羣的基礎配置html
需求:一臺dns服務器不能知足大量的訪問需求,須要增長輔助dns服務器mysql
輔助dns端 (client) :linux
vim /etc/resolv.conf 修改內容爲:sql
3 nameserver 172.25.254.207數據庫
vim /etc/named.conf 修改成:vim
11 listen-on port 53 { any; };瀏覽器
17 allow-query { any; };服務器
31 dnssec-validation no;數據結構
vim /etc/named.rfc1912.zones
25 zone "westos.com" IN {
26 type slave;
27 file "slaves/westos.com.zone";
28 allow-update { none; };
29 masters { 172.25.254.107; };
30 };
ll /var/named --> 查看slaves目錄信息
主dns端 (dns) :
vim /etc/named.conf 修改成:
11 listen-on port 53 { any; };
17 allow-query { any; };
31 dnssec-validation no;
vim /etc/named.rfc1912.zones 修改內容爲:
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { none; };
29 allow-transfer { 172.25.254.207; }; ##容許誰同步
30 };
systemctl restart named
測試 (desktop端):
systemctl restart named
dig www.westos.com
@@實例:
<1> client端操做不變
<2> dns端操做:
vim /etc/named.conf 修改成:
11 listen-on port 53 { any; };
17 allow-query { any; };
31 dnssec-validation no;
vim /etc/named.rfc1912.zones 修改內容爲:
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { key lzt; };
29 allow-transfer { 172.25.254.207; };
30 };
systemctl restart named
<3> 測試:
[root@client slaves]# systemctl restart named
[root@client slaves]# dig www.westos.com
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.0.108
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.0.107
;; Query time: 1 msec
;; SERVER: 172.25.254.207#53(172.25.254.207)
2.自動同步dns服務
client端不作改變
dns端:
vim /etc/named.rfc1912.zones 修改內容爲:
25 zone "westos.com" IN {
26 type master;
27 file "westos.com.zone";
28 allow-update { none; };
29 allow-transfer { 172.25.254.207; };
30 also-notify { 172.25.254.207; }; ##當dns文件被改變後,向誰推送新的數據
31 };
vim /var/named/westos.com.zone 修改內容爲:
2 @ IN SOA dns.westos.com. root.westos.com. (
3 2016112601 ; serial
9 dns A 172.25.0.107
10 www A 172.25.0.112
systemctl restart named
dns同步時,本質是比較 serial 前的標識 (2016112601) 的不一樣,每一次對 /var/named/westos.com.zone 內容作修改時都應該改變標識符。
測試:
在client主機測試:
dig www.westos.com
實例:
[root@client slaves]# dig www.westos.com
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.0.112
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.0.107
;; Query time: 0 msec
;; SERVER: 172.25.254.207#53(172.25.254.207)
3.遠程修改dns服務
dns端:
vim /etc/named.rfc1912.zones 修改內容爲:
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { 172.25.254.207; }; ##容許誰去更新
allow-transfer { 172.25.254.207; };
also-notify { 172.25.254.207; };
};
chmod 770 /var/named
cp -p /var/named/westos.com.zone /mnt/westos.com.zone
client端:
nsupdate
> server 172.25.254.107
> update delete www.westos.com
> send
update failed: SERVFAIL ##報錯緣由:在 主dns 端漏作 chmod 770 /var/named
> server 172.25.254.107
> update delete www.westos.com ##刪除www.westos.com
> send ##發送
> server 172.25.254.107
> update add www.westos.com 86400 A 172.25.254.1 ##添加 www.westos.com 對應的ip爲 172.25.254.1,此處的 86400 表明的是dns通常保存週期爲一天,即,86400 秒
> send
> quit
恢復:rm -fr /var/named/westos.com.zone /var/named/westos.com.zone.jnl
cp -p /mnt/westos.com.zone /var/named/westos.com.zone
實例:
client 端:
[root@client ~]# dig www.westos.com ##此處是刪除了 www.westos.com 的效果
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> www.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 38482
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
; AUTHORITY SECTION:
westos.com. 10800 IN SOA dns.westos.com.westos.com. root.westos.com. 2016112907 86400 3600 604800 10800
;; Query time: 1 msec
;; SERVER: 172.25.254.207#53(172.25.254.207)
;; WHEN: Wed Nov 30 01:07:30 EST 2016
;; MSG SIZE rcvd: 99
[root@client ~]# dig dns.westos.com
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6513
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dns.westos.com. IN A
;; ANSWER SECTION:
dns.westos.com. 86400 IN A 172.25.254.107
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; WHEN: Wed Nov 30 01:07:39 EST 2016
;; MSG SIZE rcvd: 73
[root@client ~]# dig www.westos.com ##此處是添加 www.westos.com 對應的ip爲 172.25.254.1 的狀況
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20619
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.1
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.207
;; WHEN: Wed Nov 30 01:09:53 EST 2016
;; MSG SIZE rcvd: 93
4.設置密鑰遠程修改dns服務
dns端:
cp -p /etc/rndc.key /etc/westos.key ##將系統密碼文件連同權限複製一份爲本身名稱的密碼文件
cd /mnt/
dnssec-keygen -a HMAC-MD5 -b 128 -n HOST westos
cat /mnt/Kwestos.+157+08237.private
cat /mnt/Kwestos.+157+08237.key ##能夠發現兩個文件中密文相同
vim /etc/westos.key
將原始文件內容(以下)修改:
key "rndc-key" {
algorithm hmac-md5;
secret "KgE1w+fRiEQRov1RhPqUDg==";
};
|
| ##修改爲下面的內容
\|/
key "westos" { ##第一處修改點:名字修改成westos
algorithm hmac-md5;
secret "0QsS0gNcgoJPBCerborLmQ=="; ##第二處修改點:密文修改成 /mnt/Kwestos.+157+08237.key或者/mnt/Kwestos.+157+08237.private 文件中的密文,而後保存退出
};
vim /etc/named.conf
修改內容爲:
42 };
43 include "/etc/westos.key"; ##修改點-->將密碼所在的文件包含進去
44 logging {
scp Kwestos.+157+08237.* root@172.25.254.207:/mnt/ ##將密鑰發送給client端
systemctl restart named
client端:
cd /mnt/
nsupdate -k Kwestos.+157+08237.private
或者
nsupdate -k /mnt/Kwestos.+157+08237.private
> server 172.25.254.207
> update add www.westos.com 86400 A 172.25.254.22 ##再次添加一個www.westos.com所對應的ip爲 172.25.254.22
> send
> quit
恢復:rm -fr /var/named/westos.com.zone /var/named/westos.com.zone.jnl
cp -p /mnt/westos.com.zone /var/named/westos.com.zone
實例:
[root@client ~]# dig www.westos.com
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63371
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.westos.com. IN A
;; ANSWER SECTION:
www.westos.com. 86400 IN A 172.25.254.22
www.westos.com. 86400 IN A 172.25.254.220
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.207
;; WHEN: Wed Nov 30 02:15:42 EST 2016
;; MSG SIZE rcvd: 109
5.使用dhcp服務自動配置dns服務(ddns 或 花生殼)
DHCP + DNS = DDNS
dns端:
安裝dhcp服務
yum install dhcp -y
systemctl start dhcpd
systemctl start firewalld 或者 將dhcp服務添加到防火牆容許的服務中去
將selinux設置爲警告模式
cp /usr/share/doc/dhcp-4.2.5/dhcp.conf.example /etc/dhcp/dhcpd.conf
vim /etc/dhcp/dhcpd.conf
修改內容爲:
7 option domain-name "westos.com";
8 option domain-name-servers 172.25.254.107;
14 ddns-update-style interim;
刪除 27,28 行
30 subnet 172.25.254.0 netmask 255.255.255.0 {
31 range 172.25.254.207 172.25.254.210;
32 option routers 172.25.254.107;
33 }
34
35 key westos {
36 algorithm hmac-md5;
37 secret 0QsS0gNcgoJPBCerborLmQ==;
38 };
39
40 zone westos.com. {
41 primary 127.0.0.1;
42 key westos;
43 }
systemctl restart dhcpd
systemctl restart named
client端:
設置主機名爲 music.westos.com
systemctl start firewalld 或者 將dhcp服務添加到防火牆容許的服務中去
將selinux設置爲警告模式
將/etc/resolv.conf內容修改成
namedserver 172.25.254.107
配置/etc/sysconfig/network-scripts/ifcfg-eth0 文件:
vim /etc/sysconfig/network-scripts/ifcfg-eth0 內容修改成:
2 BOOTPROTO=dhcp
systemctl restart network
dig music.westos.com
測試:
[root@music ~]# dig music.westos.com
; <<>> DiG 9.9.4-RedHat-9.9.4-14.el7 <<>> music.westos.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53938
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;music.westos.com. IN A
;; ANSWER SECTION:
music.westos.com. 300 IN A 172.25.254.207
;; AUTHORITY SECTION:
westos.com. 86400 IN NS dns.westos.com.
;; ADDITIONAL SECTION:
dns.westos.com. 86400 IN A 172.25.254.107
;; Query time: 1 msec
;; SERVER: 172.25.254.107#53(172.25.254.107)
;; WHEN: Wed Nov 30 19:57:24 EST 2016
;; MSG SIZE rcvd: 95
#########數據庫###########
1.安裝與基本操做
yum install mysql mysql-server
mysqladmin -uroot -predhat password westos 修改本地mysql root密碼
mysqladmin -uroot -predhat -h 172.25.254.207 password westos 修改遠程192.168.0.188 mysql服務器 root密碼
mysql_secure_installation 第一次安裝mysql之後經過這條命令能夠對mysql進行設置
mysql -uroot -predhat 從本機登陸mysql數據庫
show databases; 顯示數據庫
use mysql; 進入數據庫
show tables; 顯示數據庫中的表
desc user; 查看user表的數據結構
flush privileges; 刷新數據庫信息
select host,user,password from user; 查詢user表中的host,user,password字段
create database westos; 建立westos數據庫
use westos;
create table linux (username varchar(15) not null,password varchar(15) not null); 建立表linux,username,password字段
select * from mysql.user; 查詢mysql庫下的user表中的全部
alter table linux add age varchar(4); 添加age字段到linux表中
ALTER TABLE linux DROP age 刪除age字段
ALTER TABLE linux ADD age VARCHAR(5) AFTER name 在name字段後添加字段age
show tables;
desc linux;
實例:
[root@client-dns mnt]# yum install mariadb-server.x86_64 -y
Complete!
[root@client-dns mnt]# systemctl start mariadb
[root@client-dns mnt]# systemctl stop firewalld
[root@client-dns mnt]# vim /etc/my.cnf
[root@client-dns mnt]# mysql
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
MariaDB [(none)]> quit
Bye
[root@client-dns mnt]# mysql_secure_installation
/usr/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
Set root password? [Y/n]
New password: ##輸入密碼
Re-enter new password: ##確認密碼
Password updated successfully!
Reloading privilege tables..
... Success!
Remove anonymous users? [Y/n] ##回車
... Success!
Disallow root login remotely? [Y/n] ##回車
... Success!
Remove test database and access to it? [Y/n] ##回車
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reload privilege tables now? [Y/n] ##回車
... Success!
[root@client-dns mnt]# systemctl restart mariadb.service
[root@client-dns mnt]# mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 2
MariaDB [(none)]> quit
Bye
[root@client-dns mnt]# mysql -uroot -p
Enter password:
Welcome to the MariaDB monitor. Commands end with ; or \g.
MariaDB [(none)]> quit
Bye
[root@client-dns mnt]# mysql -uroot -predhat ##登陸
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 4
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.01 sec)
MariaDB [(none)]> use mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [mysql]> SHOW TABLES;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
| general_log |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| ndb_binlog_index |
| plugin |
| proc |
| procs_priv |
| proxies_priv |
| servers |
| slow_log |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
24 rows in set (0.00 sec)
MariaDB [mysql]> DESC USER;
ERROR 1146 (42S02): Table 'mysql.USER' doesn't exist
MariaDB [mysql]> DESC user;
+------------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_tablespace_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) | NO | | 0 | |
| plugin | char(64) | NO | | | |
| authentication_string | text | NO | | NULL | |
+------------------------+-----------------------------------+------+-----+---------+-------+
42 rows in set (0.00 sec)
MariaDB [mysql]> SELECT Host,User,Password from user;
+-----------+------+-------------------------------------------+
| Host | User | Password |
+-----------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| 127.0.0.1 | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| ::1 | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+-----------+------+-------------------------------------------+
3 rows in set (0.00 sec)
MariaDB [mysql]> quit
Bye
[root@client-dns mnt]# mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 5
Server version: 5.5.35-MariaDB MariaDB Server
Copyright (c) 2000, 2013, Oracle, Monty Program Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE westos;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> use westos;
Database changed
MariaDB [westos]> CREATE TABLE Utab (username varchar(16) not null, passwd varchar(8) not null,age varchar(4));
Query OK, 0 rows affected (0.40 sec)
MariaDB [westos]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| westos |
+--------------------+
4 rows in set (0.00 sec)
MariaDB [westos]> show tables;
+------------------+
| Tables_in_westos |
+------------------+
| Utab |
+------------------+
1 row in set (0.01 sec)
MariaDB [westos]> desc Utab;
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| username | varchar(16) | NO | | NULL | |
| passwd | varchar(8) | NO | | NULL | |
| age | varchar(4) | YES | | NULL | |
+----------+-------------+------+-----+---------+-------+
3 rows in set (0.00 sec)
MariaDB [westos]> select * from Utab;
Empty set (0.00 sec)
MariaDB [westos]> insert into Utab values ('小正太','redhat','18');
Query OK, 1 row affected, 1 warning (0.30 sec)
MariaDB [westos]> insert into Utab values('lzt','redhat','20');
Query OK, 1 row affected (0.07 sec)
MariaDB [westos]> select * from Utab;
+----------+--------+------+
| username | passwd | age |
+----------+--------+------+
| ??? | redhat | 18 |
| lzt | redhat | 20 |
+----------+--------+------+
2 rows in set (0.00 sec)
MariaDB [westos]> ALTER TABLE Utab ADD class varchar(10) AFTER password;
ERROR 1054 (42S22): Unknown column 'password' in 'Utab'
MariaDB [westos]> ALTER TABLE Utab ADD class varchar(10) AFTER passwd;
Query OK, 2 rows affected (0.10 sec)
Records: 2 Duplicates: 0 Warnings: 0
MariaDB [westos]> SELECT * FROM Utab;
+----------+--------+-------+------+
| username | passwd | class | age |
+----------+--------+-------+------+
| ??? | redhat | NULL | 18 |
| lzt | redhat | NULL | 20 |
+----------+--------+-------+------+
2 rows in set (0.00 sec)
MariaDB [westos]> UPDATE Utab SET class='1' WHERE username='lzt';
Query OK, 1 row affected (0.34 sec)
Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [westos]> select * from Utab;
+----------+--------+-------+------+
| username | passwd | class | age |
+----------+--------+-------+------+
| ??? | redhat | NULL | 18 |
| lzt | redhat | 1 | 20 |
+----------+--------+-------+------+
2 rows in set (0.00 sec)
MariaDB [westos]> UPDATE Utab SET class='1';
Query OK, 1 row affected (0.29 sec)
Rows matched: 2 Changed: 1 Warnings: 0
MariaDB [westos]> select * from Utab;
+----------+--------+-------+------+
| username | passwd | class | age |
+----------+--------+-------+------+
| ??? | redhat | 1 | 18 |
| lzt | redhat | 1 | 20 |
+----------+--------+-------+------+
2 rows in set (0.00 sec)
MariaDB [westos]> delete from Utab where username='lzt';
Query OK, 1 row affected (0.30 sec)
MariaDB [westos]> select * from Utab;
+----------+--------+-------+------+
| username | passwd | class | age |
+----------+--------+-------+------+
| ??? | redhat | 1 | 18 |
+----------+--------+-------+------+
1 row in set (0.00 sec)
MariaDB [westos]> drop table Utab;
Query OK, 0 rows affected (0.04 sec)
MariaDB [westos]> select * from Utab;
ERROR 1146 (42S02): Table 'westos.Utab' doesn't exist
MariaDB [westos]> drop database westos;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
insert into linux values ('user1','passwd1'); 在linux表中插入值爲username = user1,password = password1
update linux set password=password('passwd2') where username=user1;(此種改密方式後的密碼爲加密密文) 更新linux表中user1 的密碼爲password2
update linux set password='passwd2' where username=user1;(此種修改方式後的密碼爲明文可見) 更新linux表中user1 的密碼爲password2
delete from linux where username=user1; 刪除linux表中user1的因此內容
grant select on *.* to user1@localhost identified by 'passwd1'; 受權user1 密碼爲passwd1 而且只能在本地 查詢數據庫的因此內容
grant all on mysql.* to user2@'%' identified by 'passwd2'; 受權user2 密碼爲passwd2 能夠從遠程任意主機登陸mysql 而且能夠對mysql數據庫任意操做
2.備份
/var/lib/mysql
mysqldump -uroot -predhat mysql > mysql.bak 備份mysql庫到mysql.bak
mysql -uroot -predhat westos < mysql.bak 恢復mysql.bak 到westos庫
備份實例:
[root@music ~]# mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 8
MariaDB [(none)]> SHOW DATABASES;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
3 rows in set (0.00 sec)
MariaDB [(none)]> CREATE DATABASE westos;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> USE westos;
MariaDB [westos]> CREATE TABLE lzt (username varchar(10) not null,password varchar(10) not null,age varchar(4));
Query OK, 0 rows affected (0.07 sec)
MariaDB [westos]> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| westos |
+--------------------+
4 rows in set (0.00 sec)
MariaDB [westos]> show lzt;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'lzt' at line 1
MariaDB [westos]> desc lzt;
+----------+-------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------+-------------+------+-----+---------+-------+
| username | varchar(10) | NO | | NULL | |
| password | varchar(10) | NO | | NULL | |
| age | varchar(4) | YES | | NULL | |
+----------+-------------+------+-----+---------+-------+
3 rows in set (0.00 sec)
MariaDB [westos]> insert into lzt values('lp','westos',20);
Query OK, 1 row affected (0.34 sec)
MariaDB [westos]> select * from lzt;
+----------+----------+------+
| username | password | age |
+----------+----------+------+
| lp | westos | 20 |
+----------+----------+------+
1 row in set (0.01 sec)
MariaDB [westos]> quit
Bye
[root@music ~]# mysqldump -uroot -predhat westos
-- MySQL dump 10.14 Distrib 5.5.35-MariaDB, for Linux (x86_64)
--
-- Host: localhost Database: westos
-- ------------------------------------------------------
-- Server version 5.5.35-MariaDB
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8 */;
/*!40103 SET @OLD_TIME_ZONE=@@TIME_ZONE */;
/*!40103 SET TIME_ZONE='+00:00' */;
/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;
/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;
/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;
/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;
--
-- Table structure for table `lzt`
--
DROP TABLE IF EXISTS `lzt`;
/*!40101 SET @saved_cs_client = @@character_set_client */;
/*!40101 SET character_set_client = utf8 */;
CREATE TABLE `lzt` (
`username` varchar(10) NOT NULL,
`password` varchar(10) NOT NULL,
`age` varchar(4) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
/*!40101 SET character_set_client = @saved_cs_client */;
--
-- Dumping data for table `lzt`
--
LOCK TABLES `lzt` WRITE;
/*!40000 ALTER TABLE `lzt` DISABLE KEYS */;
INSERT INTO `lzt` VALUES ('lp','westos','20');
/*!40000 ALTER TABLE `lzt` ENABLE KEYS */;
UNLOCK TABLES;
/*!40103 SET TIME_ZONE=@OLD_TIME_ZONE */;
/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;
/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;
/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;
/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;
-- Dump completed on 2016-11-26 21:32:12
[root@music ~]# mysqldump -uroot -predhat westos > /mnt/westos.sql
[root@music ~]# mysql -uroot -predhat -e "show databases;"
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| westos |
+--------------------+
[root@music ~]# mysql -uroot -predhat -e "drop database westos;"
[root@music ~]# mysql -uroot -predhat -e "show databases;"
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
+--------------------+
[root@music ~]# mysql -uroot -predhat westos < /mnt/westos.sql
ERROR 1049 (42000): Unknown database 'westos'
[root@music ~]# mysql -uroot -predhat -e "create database westos;"
[root@music ~]# mysql -uroot -predhat westos < /mnt/westos.sql
[root@music ~]# mysql -uroot -predhat -e "select * from westos.lzt;"
+----------+----------+------+
| username | password | age |
+----------+----------+------+
| lp | westos | 20 |
+----------+----------+------+
3.mysql 密碼恢復
systmctl stop mariadb
mysqld_safe --skip-grant-tables & 跳過grant-tables受權表 不須要認證登陸本地mysql數據庫
update mysql.user set password=password('westos') where user='root'; 更新mysql.user 表中條件爲root用戶的密碼爲加密westos
systemctl restart mariadb
忘記密碼實例:
systemctl stop mariadb
mysqld_safe --skip-grant-tables &
mysql -uroot
MariaDB [(none)]> UPDATE mysql.user set Password=password ('westos') WHERE User='root';
MariaDB [(none)]> quit
Bye
[root@music ~]# fg
mysqld_safe --skip-grant-tables
^Z
[1]+ Stopped mysqld_safe --skip-grant-tables
[root@music ~]# killall -9 1
1: no process found
[root@music ~]# killall -9 mysqld_safe
[1]+ Killed mysqld_safe --skip-grant-tables
[root@music ~]# ps aux | grep mysql
mysql 2616 0.1 5.0 859060 95360 pts/0 Sl 20:52 0:00 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-grant-tables --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
root 2684 0.0 0.0 112640 936 pts/0 R+ 20:57 0:00 grep --color=auto mysql
[root@music ~]# kill -9 2616
[root@music ~]# ps aux | grep mysql
root 2694 0.0 0.0 112640 932 pts/0 R+ 20:58 0:00 grep --color=auto mysql
[root@music ~]# systemctl start mariadb
[root@music ~]# mysql -uroot -pwestos
MariaDB [(none)]> quit
Bye
[root@music ~]# mysqladmin -uroot -pwestos password redhat
[root@music ~]# mysql -uroot -predhat
phpmyadmin
yum install php php-mysql httpd mysql mysql-server
tar jxf phpmyadmin-*.tar.bz2 -C /var/www/html
mv phpmyadmin phpadmin
cp config.sample.inc.php config.inc.php
vim config.inc.php
add
$cfg['blowfish_secret'] = 'test';
4.建立用戶
('localhost'表示'本地','%'表示'服務器端','identified' 表示 '密碼')
CREATE USER wxh@localhost identified by 'westos'; ##建立本地用戶,並設置密碼
CREATE USER lee@'%' identified by 'redhat'; ##建立服務器端用戶(只要有帳戶和密碼,就能夠在數據庫開放的主機上登陸)
用戶受權
GRANT INSERT,UPDATE,DELETE,SELECT on mariadb.* to wxh@localhost;
GRANT SELECT on mariadb.* lee@'%';
重載受權表
FLUSH PRIVILEGES;
查看用戶受權
SHOW GRANTS FOR wxh@localhost;
撤銷用戶權限
REVOKE DELETE,UPDATE,INSERT on mariadb.* from wxh@localhost;
刪除用戶
DROP USER wxh@localhost;
實例:
[root@music ~]# mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
MariaDB [(none)]> CREATE USER lzt@localhost identified by 'lzt';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> quit;
Bye
[root@music ~]# mysql -ulzt -plzt
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 3
MariaDB [(none)]> CREATE DATABASE nihao;
ERROR 1044 (42000): Access denied for user 'lzt'@'localhost' to database 'nihao'
MariaDB [(none)]> quit;
Bye
[root@music ~]# mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 4
MariaDB [(none)]> GRANT CREATE on *.* to lzt@localhost;
Query OK, 0 rows affected (0.01 sec)
MariaDB [(none)]> GRANT SELECT on *.* to lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> SHOW GRANTS FOR lzt@localhost;
+---------------------------------------------------------------------------------------------------------------------+
| Grants for lzt@localhost |
+---------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, CREATE ON *.* TO 'lzt'@'localhost' IDENTIFIED BY PASSWORD '*0B5204298A57D2948EB6AF6312B83D940E6D4C9F' |
+---------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT INSERT on *.* to lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> SHOW GRANTS FOR lzt@localhost;
+-----------------------------------------------------------------------------------------------------------------------------+
| Grants for lzt@localhost |
+-----------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, CREATE ON *.* TO 'lzt'@'localhost' IDENTIFIED BY PASSWORD '*0B5204298A57D2948EB6AF6312B83D940E6D4C9F' |
+-----------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.01 sec)
MariaDB [(none)]> SHOW GRANTS FOR lzt@localhost;
+-----------------------------------------------------------------------------------------------------------------------------+
| Grants for lzt@localhost |
+-----------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, CREATE ON *.* TO 'lzt'@'localhost' IDENTIFIED BY PASSWORD '*0B5204298A57D2948EB6AF6312B83D940E6D4C9F' |
+-----------------------------------------------------------------------------------------------------------------------------+
1 row in set (0.00 sec)
MariaDB [(none)]> SELECT * FROM mysql.user;
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------
| Host | User | Password | Select_priv | Insert_priv | Update_priv | Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | Process_priv | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | Show_db_priv | Super_priv | Create_tmp_table_priv | Lock_tables_priv | Execute_priv | Repl_slave_priv | Repl_client_priv | Create_view_priv | Show_view_priv | Create_routine_priv | Alter_routine_priv | Create_user_priv | Event_priv | Trigger_priv | Create_tablespace_priv | ssl_type | ssl_cipher | x509_issuer | x509_subject | max_questions | max_updates | max_connections | max_user_connections | plugin | authentication_string |
+-----------+------+-------------------------------------------+-------------+-------------+-------------+-------------+-------------+-----------+-------------+---------------
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | Y | | | | | 0 | 0 | 0 | 0 | | |
| localhost | lzt | *0B5204298A57D2948EB6AF6312B83D940E6D4C9F | Y | Y | N | N | Y | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | N | | | | | 0 | 0 | 0 | 0 | | |
4 rows in set (0.00 sec)
MariaDB [(none)]> REVOKE CREATE on *.* from lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> REVOKE INSERT on *.* from lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> REVOKE SELECT on *.* from lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> DROP USER lzt@localhost;
Query OK, 0 rows affected (0.00 sec)
5.圖形管理數據庫:
[root@music ~]# yum install httpd -y
[root@music ~]# cd /var/www/html/
[root@music html]# lftp 172.25.254.250
lftp 172.25.254.250:~> cd pub/
lftp 172.25.254.250:/pub> cd docs
cd ok, cwd=/pub/docs
lftp 172.25.254.250:/pub/docs> cd software/
lftp 172.25.254.250:/pub/docs/software> get phpMyAdmin-3.4.0-all-languages.tar.bz2
4548030 bytes transferred
lftp 172.25.254.250:/pub/docs/software> quit
[root@music html]# ls
phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@music html]# tar -jxf phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@music html]# ls
phpMyAdmin-3.4.0-all-languages phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@music html]# rm -fr phpMyAdmin-3.4.0-all-languages.tar.bz2
[root@music html]# ls
phpMyAdmin-3.4.0-all-languages
[root@music html]# firewall-cmd --permanent --add-service=http
success
[root@music html]# firewall-cmd --reload
success
[root@music html]# yum install php -y
[root@music html]# yum install php-mysql.x86_64 -y
[root@music html]# mv phpMyAdmin-3.4.0-all-languages myadmin
[root@music html]# cp -p config.sample.inc.php config.inc.php
[root@music myadmin]# vim config.inc.php
修改第 17 行:
$cfg['blowfish_secret'] = 'westos';(此處添加任意字符便可) /* YOU MUST FILL IN THIS FOR COOKIE AUTH! * /
[root@music myadmin]# systemctl start httpd
[root@music myadmin]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.25.254.207 netmask 255.255.0.0 broadcast 172.25.255.255
測試:
在另一臺主機的瀏覽器裏輸入 172.25.254.207/myadmin 便可登陸數據庫
#############配置電子郵件的傳輸########
1.基礎配置
server主機:
修改ip爲 172.25.254.207
systemctl restart network
配置yum源爲 172.25.254.250/rhel7
vim /etc/resolv.conf
添加內容爲: nameserver 172.25.254.107
修改主機名爲 mailwestos.westos.com
desktop主機:
修改ip爲 172.25.254.107
systemctl restart network
配置yum源爲 172.25.254.250/rhel7
vim /etc/resolv.conf
添加內容爲: nameserver 172.25.254.107
修改主機名爲 maillinux.linux.com
下載dns服務:
yum install bind -y
配置 /etc/named.conf文件
11 // listen-on port 53 { 127.0.0.1; };
12 // listen-on-v6 port 53 { ::1; };
17 // allow-query { localhost; };
32 nssec-validation no;
配置/etc/named.rfc1912.zones
先對模塊複製兩次(y6y --> p)
26 zone "westos.com" IN {
27 type master;
28 file "westos.com.zone";
29 allow-update { none; };
30 };
31 zone "linux.com" IN {
32 type master;
33 file "linux.com.zone";
34 allow-update { none; };
35 };
cp -p named.localhost westos.com.zone
配置 /var/named/westos.com.zone 文件爲:
$TTL 1D
@ IN SOA dns.westos.com root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.107
westos.com. MX 1 172.25.254.207.
cp -p westos.com.zone linux.com.zone
配置 /var/named/westos.com.zone 文件爲:
$TTL 1D
@ IN SOA dns.westos.com root.westos.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.107
linux.com. MX 1 172.25.254.107.
systemctl restart named
systemctl stop firewalld
測試:
dig -t MX westos.com
dig -t MX linux.com
2.郵件服務配置
desktop端:
vim /etc/postfix/main.cf
內容爲:
75 myhostname = maillinux.linux.com
83 mydomain = linux.com
99 myorigin = $mydomain
113 inet_interfaces = all
116 #inet_interfaces = localhost
164 mydestination = $myhostname, $mydomain, localhost
server端:
75 myhostname = mailwestos.westos.com
83 mydomain = westos.com
99 myorigin = $mydomain
113 inet_interfaces = all
116 #inet_interfaces = localhost
164 mydestination = $myhostname, $mydomain, localhost
3.別名發送:
要求:
desktop(linux.com) 主機向 server(westos.com)主機發送郵件,使用別名發送:mail lzt@westos.com (server主機裏沒有lzt用戶)
此時須要配置接收方(server主機) /etc/aliases
97 lzt: root ##別名
98 all: :include:/etc/alluser ##羣發
vim /etc/alluser 修改內容爲:
root
student
postalias /etc/aliases
systemctl restart postfix.service
測試:
使用dekstop主機發送郵件
mail lzt@westos.com
mail all@westos.com
4.出站地址假裝
server (westos.com)主機:
vim /etc/postfix/generic 修改內容爲:
在最後一行添加:root@westos.com 179010687@qq.com
postmap /etc/postfix/generic
postconf -d | grep generic 會出來一段字符,選擇最後的一行字符(以下),進行復制:
smtp_generic_maps =
postconf -e "smtp_generic_maps = hash:/etc/postfix/generic" ##此處用到上條語句複製的字符
systemctl restart postfix.servic
測試:
使用server(westos.com)向dsktop(linux.com)主機:
mail root@linux.com
在dsktop(linux.com)主機查看郵件來源
實例結果:
[root@mailwestos postfix]# mail root@linux.com ##在westos.com上操做
Subject: tt
gg
.
EOT
[root@maillinux named]# mail ##在linux.com上操做
>N 5 root Sun Nov 27 03:38 21/741 "tt"
& 5
Message 5:
From 1790106870@qq.com Sun Nov 27 03:38:39 2016
Return-Path: <1790106870@qq.com>
X-Original-To: root@linux.com
5.檢測25端口
軟件下載 yum install telnet -y
測試 telnet 172.25.254.207 25
Trying 172.25.254.207...
Connected to 172.25.254.207.
Escape character is '^]'.
220 mailwestos.westos.com ESMTP Postfix
ehlo hello ##打招呼,檢測端口是否正常,若出現下面 250 信息,則表示正常
250-mailwestos.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com ##郵件的發送方
250 2.1.0 Ok
rcpt to:root@linux.com ##郵件的接收方
250 2.1.5 Ok
data ##郵件名字
354 End data with <CR><LF>.<CR><LF>
ddd ##郵件內容
fff
.
250 2.0.0 Ok: queued as 38E0C17E849
quit ##退出telnet
221 2.0.0 Bye
Connection closed by foreign host.
實例:
在真機上作測驗:
[root@foundation7 ~]# yum install telnet -y
[root@foundation7 ~]# telnet 172.25.254.207 25
Trying 172.25.254.207...
Connected to 172.25.254.207.
Escape character is '^]'.
220 mailwestos.westos.com ESMTP Postfix
ehlo hello
250-mailwestos.westos.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:root@westos.com
250 2.1.0 Ok
rcpt to:root@linux.com
250 2.1.5 Ok
data
354 End data with <CR><LF>.<CR><LF>
ddd
fff
.
250 2.0.0 Ok: queued as 38E0C17E849
quit
221 2.0.0 Bye
Connection closed by foreign host.
在linux.com主機上查看郵件
[root@maillinux named]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 6 messages 1 new 3 unread
5 root Sun Nov 27 03:38 22/752 "tt"
>N 6 1790106870@qq.com Sun Nov 27 04:03 14/505 ##此處顯示郵件發送方爲 1790106870@qq.com 是由於在westos.com上有出站地址假裝
& 6
Message 6:
From 1790106870@qq.com Sun Nov 27 04:03:11 2016
Return-Path: <1790106870@qq.com>
X-Original-To: root@linux.com
Delivered-To: root@linux.com
Status: R
ddd
fff
& q
Held 6 messages in /var/spool/mail/root
You have mail in /var/spool/mail/root