Einstieg - So wird das Leben leichter

  • Webspace - Erste Schritte um mit dem Webspace zu arbeiten
  • Datenbank - Erste Schritte um mit der Datenbank zu arbeiten.
  • Protokolle - Eine Sammlung der im Internet am häufigsten verwendeten Protokolle und ihre Funktion.

Inhalt

Aktiv/Passiv - Failovercluster

Hardware-Support

Sicherheit

Voraussetzung : installierter MySQL-Server

Pakete :

 apt-get install libpam-mysql libnss-mysql-bg

/etc/nsswitch.conf

passwd:         compat mysql
group:          compat mysql
shadow:         compat mysql
create database auth;
use auth;

# The tables ...
CREATE TABLE groups (
  name varchar(16) NOT NULL default '',
  password varchar(34) NOT NULL default 'x',
  gid int(11) NOT NULL auto_increment,
  PRIMARY KEY  (gid)
) AUTO_INCREMENT=5000;

CREATE TABLE grouplist (
  rowid int(11) NOT NULL auto_increment,
  gid int(11) NOT NULL default '0',
  username char(16) NOT NULL default '',
  PRIMARY KEY  (rowid)
);

CREATE TABLE users (
  username varchar(16) NOT NULL default '',
  uid int(11) NOT NULL auto_increment,
  gid int(11) NOT NULL default '5000',
  gecos varchar(128) NOT NULL default '',
  homedir varchar(255) NOT NULL default '',
  shell varchar(64) NOT NULL default '/bin/bash',
  password varchar(34) NOT NULL default 'x',
  lstchg bigint(20) NOT NULL default '1',
  min bigint(20) NOT NULL default '0',
  max bigint(20) NOT NULL default '99999',
  warn bigint(20) NOT NULL default '0',
  inact bigint(20) NOT NULL default '0',
  expire bigint(20) NOT NULL default '-1',
  flag bigint(20) unsigned NOT NULL default '0',
  PRIMARY KEY  (uid),
  UNIQUE KEY username (username),
  KEY uid (uid)
) AUTO_INCREMENT=5000;


# The permissions ...
GRANT USAGE ON *.* TO `nss-root`@`localhost` IDENTIFIED BY '$root-pass';
GRANT USAGE ON *.* TO `nss-user`@`localhost` IDENTIFIED BY '$user-pass';

GRANT Select (`username`, `uid`, `gid`, `gecos`, `homedir`, `shell`, `password`,
              `lstchg`, `min`, `max`, `warn`, `inact`, `expire`, `flag`)
             ON `auth`.`users`
             TO 'nss-root'@'localhost';
GRANT Select (`name`, `password`, `gid`)
             ON `auth`.`groups`
             TO 'nss-root'@'localhost';

GRANT Select (`username`, `uid`, `gid`, `gecos`, `homedir`, `shell`)
             ON `auth`.`users`
             TO 'nss-user'@'localhost';
GRANT Select (`name`, `password`, `gid`)
             ON `auth`.`groups`
             TO 'nss-user'@'localhost';

GRANT Select (`username`, `gid`)
             ON `auth`.`grouplist`
             TO 'nss-user'@'localhost';
GRANT Select (`username`, `gid`)
             ON `auth`.`grouplist`
             TO 'nss-root'@'localhost';

INSERT INTO users (username,gecos,homedir,password)
    VALUES ('test', 'Test Nutzer', '/home/test', ENCRYPT('meinpasswort'));
INSERT INTO groups (name)
    VALUES ('meinegruppe');
INSERT INTO grouplist (gid,username)
    VALUES (5000,'test');

copy from /etc/skel mkdir /home/$user

Zum Seitenanfang.

 

Copyright © 2018 Linetz – Hosting und IT-Dienstleistungen Hendrik Borgmeyer.