一、作业(练习)内容:
1、MariaDB基础总结,包括表管理、索引管理、用户及权限管理;
MariaD特性:
1.支持更多的存储引擎
① Aria
② XtraDB (可用于替代InnoDB)
③ PBXT (包含于MariaDB 5.1, MariaDB 5.2及MariaDB 5.3. 在 MariaDB 5.5中被禁用)
④ FederatedX (可用于替代Federated)
⑤ OQGRAPH (包含于MariaDB 5.1, MariaDB 5.2及MariaDB 5.3. 在MariaDB 5.5被禁用) — 新增于5.2版本
⑥ SphinxSE — 新增于5.2版本
⑦ IBMDB2I. Oracle把它从MySQL 5.1.55中移除, 但我们在MariaDB中一直保留到了5.5版本.
⑧ MariaDB-10.0中的Cassandra
⑨ 我们正致力于增加其他no-sql型存储引擎到MariaDB中.速度的提升
2.拓展新特性
Mariadb增加了新特性模块。
3.表现更好的测试
① 测试套件中有更过的测试用例.
② 测试潜在的bug的修复.
③ 通过不同的配置选项构建测试,以获得更好的测试特性.
④ 移除无效的测试.
4.更少的警告和错误
Bugs不是什么好东西. 尽可能的修复bugs并尽少的引发新的问题.
编译警告也不是什么好事. 已尽可能的限制编译警告.
5.真正的开源
MariaDB代码的发布遵守GPL, LPGL或BSD协议. MariaDB并没有类似MySQL企业版那样的闭源模块. 实际上,MySQL 5.5企业版中的闭源模块代码可以在MariaDB开源版本中找到
6.mysql存储引擎:
MyISAM:默认的MySQL插件式存储引擎,它是在Web、数据仓储和其他应用环境下最常使用的MySQL存储引擎之一。5.1为默认。
InnoDB:用于事务处理应用程序,具有众多特性,包括ACID事务支持。5.5为默认提供。
7.Mariadb c/s:
客户端与服务器通信分两种情形:
c和s在同一主机:基于unix sock;
服务器地址:localhost,127.0.0.1
c和s在不同主机或同一主机:基于tcp/ip协议通信;
3306/tcp
.Mysqld:服务器端程序
Mysqld_safe:线程安全的服务器端程序
Mysql_multi:同一主机运行多mysqld实例
8.mysql支持的数据类型:
字符型:
MySQL支持的数据类型:
字符型
固定长度CHAR(#)不区分字符大小写大小:由size指定,范围为0到255,BINARY(#)区分大小
变长:VARCHAR(#),VARBINARY(#)
对象:
TEXT:大小:0到65535
BLOB 区分大小写
内置类型:SET,ENUM
注意使用引号
数值型:
精确数值
×××:
INT:TINYINT(微×××),SMALLINT(小×××),MEDIUMINT,INT(×××),BIGNT
十进制:DECIMAL
近似数值
浮点:
Float
Double
注意:不能使用引号
日期时间型:
Date
Time
Datetime
Year(2)(4)
类型的修饰符:
UNSIGNED
NULL
NOT NULL
DEFAULT
整数专用修饰符:AUTO_INCREMENT
键:
PRIMARY KEY
UNIQUE KEY
FOREIGN KEY
Mairadb基础总结:
1.数据库设计三大范式:
1.第一范式(确保每列保持原子性) 2.第二范式(确保表中的每列都和主键相关) 3.第三范式(确保每列都和主键列直接相关,而不是间接相关)
2.数据库主键:
主键:表中经常有一个列或列的组合,其值能唯一地标识表中的每一行。这样的一列或多列称为表的主键,通过它可强制表的实体完整性
数据库外键:
3.Mariadb三种安装方式:源码编译,通用二进制格式,rpm包
SQL:数据库查询语言;其中有DDL,DML DDL:create database,alter database,drop database Create table,drop table
Mysqld:服务器端程序
Mysqld_safe:线程安全的服务器端程序 Mysql_multi:同一主机运行多mysqld实例 共享使用同一组配置文件:/etc/my.cnf---->/etc/mysql/my.cnf---->~/.my.cnf 共享方式:ini风格配置
mariaDB交互命令接口:
mysql>
可运行的命令2类
客户端命令:在mysql客户端本地直接运行的命令。
客户端没有结束符
服务器端命令:将命令通过协议封闭成报文发往mysql,由mysql运行,并取回运行结果至客户端
必须要有语句结束符
4.客户端命令:
quit \q
Help \h
clear \c:终止
go,\g
ego,\G: 语句结束符,但竖排显示每行数据;
delimter,\d:定义语句结束符
use,\u:设定要操作默认数据库
5.数据库操作:
创建数据库:
MariaDB [mysql]> CREATE DATABASE testdb; Query OK, 1 row affected (0.01 sec)
删除数据库:
MariaDB [mysql]> DROP DATABASE testdb; Query OK, 0 rows affected (0.01 sec)
查看数据库:
MariaDB [mysql]> SHOW DATABASES;
例如:
MariaDB [mysql]> show create database HZM; +----------+--------------------------------------------------------------+ | Database | Create Database | +----------+--------------------------------------------------------------+ | HZM | CREATE DATABASE `HZM` /*!40100 DEFAULT CHARACTER SET utf8 */ | +----------+--------------------------------------------------------------+ 1 row in set (0.00 sec) MariaDB [mysql]> SHOW CREATE DATABASE testdb; +----------+-------------------------------------------------------------------+ | Database | Create Database | +----------+-------------------------------------------------------------------+ | testdb | CREATE DATABASE `testdb` /*!40100 DEFAULT CHARACTER SET latin1 */ | +----------+-------------------------------------------------------------------+ 1 row in set (0.00 sec)
查看mysql所有字符集:
MariaDB [(none)]> show character set; +----------+-----------------------------+---------------------+--------+ | Charset | Description | Default collation | Maxlen | +----------+-----------------------------+---------------------+--------+ | big5 | Big5 Traditional Chinese | big5_chinese_ci | 2 | | dec8 | DEC West European | dec8_swedish_ci | 1 | | cp850 | DOS West European | cp850_general_ci | 1 | | hp8 | HP West European | hp8_english_ci | 1 |
查看字符集排序默认规则:
MariaDB [(none)]> show collation; +--------------------------+----------+-----+---------+----------+---------+ | Collation | Charset | Id | Default | Compiled | Sortlen | +--------------------------+----------+-----+---------+----------+---------+ | big5_chinese_ci | big5 | 1 | Yes | Yes | 1 | | big5_bin | big5 | 84 | | Yes | 1 | | dec8_swedish_ci | dec8 | 3 | Yes | Yes | 1 | | dec8_bin | dec8 | 69 | | Yes | 1 | | cp850_general_ci | cp850 | 4 | Yes | Yes | 1 | | cp850_bin | cp850 | 80 | | Yes | 1 | | hp8_english_ci | hp8 | 6 | Yes | Yes | 1 | | hp8_bin | hp8 | 72 | | Yes | 1 |
修改数据库字符集:
MariaDB [(none)]> alter database test character set 'utf8'; Query OK, 1 row affected (0.00 sec)
数据库表管理的创建修改:
Create table:创建表同时创建索引;
Create table [if not exists] tbl_name (col1 type1 dec1,col2 type2 dec2)
例如: 学号,姓名,年龄,性别
学号:stuid INT
姓名:name 定长,30
年龄:age TINYINT
性别:gender ENUM(m,f)
实例:创建样式表;
MariaDB [HZM]> create table students (Stuid INT UNSIGNED NOT NULL PRIMARY KEY, Name CHAR(30) NOT NULL, Age TINYINT UNSIGNED, Gender ENUM('M','F'));Query OK, 0 rows affected (0.01 sec) MariaDB [HZM]> desc students; +--------+---------------------+------+-----+---------+-------+ | Field | Type | Null | Key | Default | Extra | +--------+---------------------+------+-----+---------+-------+ | Stuid | int(10) unsigned | NO | PRI | NULL | | | Name | char(30) | NO | | NULL | | | Age | tinyint(3) unsigned | YES | | NULL | | | Gender | enum('M','F') | YES | | NULL | | +--------+---------------------+------+-----+---------+-------+ 4 rows in set (0.01 sec)
Drop table:删除表操作
创建表时创建索引:
create_definition: col_name column_definition | PRIMARY KEY [index_type] (index_col_name,...)
MariaDB [HZM]> CREATE TABLE teachers (Tid INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, Name VARCHAR(50) NOT NULL, Age TINYINT UNSI GNED, Gender ENUM('F','M') Default 'M', Characteristic VARCHAR(100),UNIQUE KEY(Name,Characteristic)); Query OK, 0 rows affected (0.02 sec)
查看表上的索引方法:
MariaDB [HZM]> show indexes from teachers; +----------+------------+----------+--------------+-------------+-----------+-------------+----------+--------+------+------------+---- -----+---------------+| Table | Non_unique | Key_name | Seq_in_index | Column_name | Collation | Cardinality | Sub_part | Packed | Null | Index_type | Com ment | Index_comment |+----------+------------+----------+--------------+-------------+-----------+-------------+----------+--------+------+------------+---- -----+---------------+| teachers | 0 | PRIMARY | 1 | Tid | A | 0 | NULL | NULL | | BTREE | | || teachers | 0 | Name | 1 | Name | A | 0 | NULL | NULL | | BTREE | | || teachers | 0 | Name | 2 | Dazhao | A | 0 | NULL | NULL | YES | BTREE | | |+----------+------------+----------+--------------+-------------+-----------+-------------+----------+--------+------+------------+---- -----+---------------+3 rows in set (0.00 sec)
SHOW {INDEX | INDEXES | KEYS}
{FROM | IN} tbl_name
[{FROM | IN} db_name]
[WHERE expr]
修改表中数据:
MariaDB [HZM]> alter table students add ClassID SMALLINT UNSIGNED NOT NULL AFTER NAME;
查看支持的所有存储引擎:
MariaDB [HZM]> show engines; +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+ | Engine | Support | Comment | Transactions | XA | Savepoints | +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+ | MyISAM | YES | MyISAM storage engine | NO | NO | NO | | CSV | YES | CSV storage engine | NO | NO | NO | | MRG_MYISAM | YES | Collection of identical MyISAM tables | NO | NO | NO | | BLACKHOLE | YES | /dev/null storage engine (anything you write to it disappears) | NO | NO | NO | | MEMORY | YES | Hash based, stored in memory, useful for temporary tables | NO | NO | NO | | PERFORMANCE_SCHEMA | YES | Performance Schema | NO | NO | NO | | ARCHIVE | YES | Archive storage engine | NO | NO | NO | | FEDERATED | YES | FederatedX pluggable storage engine | YES | NO | YES | | InnoDB | DEFAULT | Percona-XtraDB, Supports transactions, row-level locking, and foreign keys | YES | YES | YES | | Aria | YES | Crash-safe tables with MyISAM heritage | NO | NO | NO | +--------------------+---------+----------------------------------------------------------------------------+--------------+------+------------+ 10 rows in set (0.00 sec)
Engine:名字
Support:是否支持;
Comment:简要描述
Transaction:支持事物
修改表里的操作引擎:
MariaDB [HZM]> alter table students ENGINE=InnoDB
索引管理:
创建索引:CREATE [ONLINE|OFFLINE] [UNIQUE|FULLTEXT|SPATIAL] INDEX index_name
删除索引:DROP [ONLINE|OFFLINE] INDEX index_name ON tbl_name
查看:show indexes from 表
DML:增删改查;
Insert:
INSERT [LOW_PRIORITY | DELAYED | HIGH_PRIORITY] [IGNORE] [INTO] tbl_name [(col_name,...)] {VALUES | VALUE} ({expr | DEFAULT},...),(...),... [ ON DUPLICATE KEY UPDATE col_name=expr [, col_name=expr] ... ]
例如:插入一个人物信息;
MariaDB [HZM]> desc teachers; +--------+---------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +--------+---------------------+------+-----+---------+----------------+ | Tid | int(10) unsigned | NO | PRI | NULL | auto_increment | | Name | varchar(50) | NO | MUL | NULL | | | Age | tinyint(3) unsigned | YES | | NULL | | | Gender | enum('F','M') | YES | | M | | | Dazhao | varchar(100) | YES | | NULL | | +--------+---------------------+------+-----+---------+----------------+ 5 rows in set (0.00 sec)
MariaDB [HZM]> insert into teachers(Name,Age,Gender,Dazhao)values ('li mochou',35,' F','bing');Query OK, 1 row affected, 1 warning (0.00 sec)
MariaDB [HZM]> select * from teachers; +-----+-----------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-----------+------+--------+--------+ | 1 | li mochou | 35 | | bing | +-----+-----------+------+--------+--------+ 1 row in set (0.00 sec)
Select:
可以使用逻辑运算:+,-,>,<
1.查询teachers表中年龄大于30的结果:
MariaDB [HZM]> select * from teachers where age > 30 -> ; +-----+---------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+---------+------+--------+--------+ | 3 | ho qi | 80 | F | xiang | | 4 | lao xie | 67 | F | sha | +-----+---------+------+--------+--------+ 2 rows in set (0.00 sec)
2.查询teachers表中是女性的结果:
MariaDB [HZM]> select * from teachers where age > 30 -> ; +-----+---------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+---------+------+--------+--------+ | 3 | ho qi | 80 | F | xiang | | 4 | lao xie | 67 | F | sha | +-----+---------+------+--------+--------+ 2 rows in set (0.00 sec)
3.查询可以加或者选项:
MariaDB [HZM]> select * from teachers where Gender='F' and Age > 70; +-----+-------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-------+------+--------+--------+ | 3 | ho qi | 80 | F | xiang | +-----+-------+------+--------+--------+ 1 row in set (0.00 sec)
4.模糊匹配实现方法:找出大于等于30,小于等于70
MariaDB [HZM]> select * from teachers where Age >= 30 and Age <= 70; +-----+---------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+---------+------+--------+--------+ | 4 | lao xie | 67 | F | sha | +-----+---------+------+--------+--------+ 1 row in set (0.01 sec)
5.查询名字中间包含a的结果:
MariaDB [HZM]> select * from teachers where Name like '%a%'; +-----+-----------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-----------+------+--------+--------+ | 4 | lao xie | 67 | F | sha | | 5 | huangrong | 25 | M | hehehe | +-----+-----------+------+--------+--------+ 2 rows in set (0.00 sec)
6.使用正则表达式;
MariaDB [HZM]> select * from teachers where Name rlike '^l.*x.e$'; +-----+---------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+---------+------+--------+--------+ | 4 | lao xie | 67 | F | sha | +-----+---------+------+--------+--------+ 1 row in set (0.00 sec)
7.升序,降序:
MariaDB [HZM]> select * from teachers order by age; +-----+-----------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-----------+------+--------+--------+ | 5 | huangrong | 25 | M | hehehe | | 4 | lao xie | 67 | F | sha | | 3 | ho qi | 80 | F | xiang | +-----+-----------+------+--------+--------+ 3 rows in set (0.00 sec)
MariaDB [HZM]> select * from teachers order by age desc; +-----+-----------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-----------+------+--------+--------+ | 3 | ho qi | 80 | F | xiang | | 4 | lao xie | 67 | F | sha | | 5 | huangrong | 25 | M | hehehe | +-----+-----------+------+--------+--------+ 3 rows in set (0.00 sec)
Updata:
1.更新huangrong的属性为lulu; MariaDB [HZM]> update teachers set dazhao='lulu'where Tid=5 -> ; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 0
MariaDB [HZM]> select * from teachers order by age desc; +-----+-----------+------+--------+--------+ | Tid | Name | Age | Gender | Dazhao | +-----+-----------+------+--------+--------+ | 3 | ho qi | 80 | F | xiang | | 4 | lao xie | 67 | F | sha | | 5 | huangrong | 25 | M | lulu | +-----+-----------+------+--------+--------+ 3 rows in set (0.00 sec)
用户及权限管理:
用户账号:‘username’@‘host’
host可使用ip网址,通配符。
1.创建用户并给予密码:
MariaDB [HZM]> create user 'hzm'@'192.168.%.%'IDENTIFIED BY '123..com'; Query OK, 0 rows affected (0.00 sec)
2.删除用户drop user ‘username’@‘host’;
3.授权:
GRANT :如果用户存在只授权,如果用户不存在可以既授权又创建用户;
All:所有权限:
实例1:授权用户授权;
MariaDB [HZM]> grant all on HZM.* to 'hzm'@'192.168.%.%'; Query OK, 0 rows affected (0.00 sec)
实例2:查看用户所获得的权限;
MariaDB [HZM]> show GRANTS For 'hzm'@'192.168.%.%'; +--------------------------------------------------------------------------------------------------------------+ | Grants for [email protected].%.% | +--------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'hzm'@'192.168.%.%' IDENTIFIED BY PASSWORD '*84255B63A81BC5CC440E46029310B403F826E831' | | GRANT ALL PRIVILEGES ON `hzm`.* TO 'hzm'@'192.168.%.%' | +--------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec)
实例3:收回两个权限;
MariaDB [(none)]> revoke insert,update on HZM.* from 'hzm'@'192.168.%.%'; Query OK, 0 rows affected (0.00 sec)
4.验证:
登陆数据库:
[root@localhost ~]# mysql -uhzm -h192.168.1.122 -p
查询当前用户:
MariaDB [(none)]> select user(); +-------------------+ | user() | +-------------------+ | [email protected] | +-------------------+ 1 row in set (0.00 sec)
5.实验收回的命令是否有效;
MariaDB [HZM]> update teachers SET Age=22 where Tid=5; ERROR 1142 (42000): UPDATE command denied to user 'hzm'@'192.168.1.122' for table 'teachers' MariaDB [HZM]>
2、编译安装LAMP,其中分别实现:
(1)、把php编译成为httpd的模块:
1.解压编译安装php
./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-mysqli=/usr/local/mysql/bin/mysql_config --with-apxs2=/usr/local/apache/bin/apxs --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-mcrypt --with-bz2 --with-config-file-path=/etc/php/php.ini --with-config-file-scan-dir=/etc/php.d/
创建php配置文件目录:
mkdir /etc/php cp php.ini-production /etc/php/php.ini
2.指名时区
vim /etc/php/php.ini [Date] ; Defines the default timezone used by the date functions ; http://php.net/date.timezone date.timezone = Asia/Shanghai
3.添加.vim /etc/httpd/httpd.config
添加如下两行:
AddType application/x-httpd-php .php AddType application/x-httpd-php-source .php
添加主页模块显示php;
DirectoryIndex index.php index.html
4.在网页目录里创建测试网页,检测mysql是否能关联php;
~
测试ok正常通过;
5.部署PhpMyAdmin.
下载:
wget https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages .zip
解压:
unzip phpMyAdmin-4.5.0.2-all-languages.zip
复制文件到apache目录里并且把配置文件复制备份一份:
[root@localhost pma]# mv phpMyAdmin-4.0.10.2-all-languages /usr/local/apache/htdocs/pma [root@localhost pma]# cp config.sample.inc.php config.sample.inc.php.bak
测试:
6.设置mysql账户密码:
MariaDB [(none)]> SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('123..com');
或者:取消反解:
MariaDB [(none)]> show variables like '%skip%'; +----------------------------------+-----------+ | Variable_name | Value | +----------------------------------+-----------+ | replicate_events_marked_for_skip | replicate | | skip_external_locking | ON | | skip_name_resolve | OFF | | skip_networking | OFF | | skip_replication | OFF | | skip_show_database | OFF | | slave_skip_errors | OFF | | sql_slave_skip_counter | 0 | +----------------------------------+-----------+ 8 rows in set (0.00 sec)
修改数据库配置文件:
/etc/mysql/my.cnf 添加一项: innodb_file_per_table = on skip_name_resolve = on
重启mysql验证:
[root@localhost pma]# mysql ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO) [root@localhost pma]# mysql -uroot -p123..com
下载xcache加强性能提升:
wget http://xcache.lighttpd.net/pub/Releases/3.2.0/xcache-3.2.0.tar.gz
通过phpize创建出configure
[root@localhost xcache-3.2.0]# /usr/local/php/bin/phpize
编译安装:
[root@localhost xcache-3.2.0]# ./configure --enable-xcache --with-php-config=/usr/local/php/bin/php-confi g
复制ini文件:
root@localhost xcache-3.2.0]# cp xcache.ini /etc/php.d
打开文件配置:
;; this is an example, it won't work unless properly configured into php.ini [xcache-common] ;; non-Windows example: extension = /usr/local/php/lib/php/extensions/no-debug-non-zts-20100525/xcache.so 修改路径为此路径 ;; Windows example: ; extension = php_xcache.dll
重启httpd:
修改主页目录下php页面查看是否加载到xcache
(2)、php以fpm工作为独立守护进程
1.编译安装php:
[root@localhost php-5.4.45]# ./configure --prefix=/usr/local/php --with-mysql=/usr/local/mysql --with-mys qli=/usr/local/mysql/bin/mysql_config --enable-fpm --enable-mbstring --with-freetype-dir --with-jpeg-dir --with-png-dir --with-zlib --with-libxml-dir=/usr --enable-xml --enable-sockets --with-mcrypt --with-bz2 --with-config-file-path=/etc/php/php.ini --with-config-file-scan-dir=/etc/php.d/
2.复制配置文件:
mkdir /etc/php /etc/php.d [root@localhost php-5.4.45]# cp php.ini-production /etc/php.ini
[root@localhost php-5.4.45]# cd /usr/local/php/ [root@localhost etc]# cp php-fpm.conf.default php-fpm.conf
修改配置如下:
vim /usr/local/php/php-fpm.conf
[global] ; Pid file ; Note: the default prefix is /usr/local/php/var ; Default Value: none pid = /usr/local/php/var/run/php-fpm.pid ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; in a local file. ; Note: the default prefix is /usr/local/php/var ; Default Value: log/php-fpm.log error_log = /var/log/log/php-fpm.log pm.max_children = 50 pm.min_spare_servers = 2 pm.max_spare_servers = 5
保存退出:
启动
[root@localhost etc]# service php-fpm start Starting php-fpm done [root@localhost etc]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 127.0.0.1:9000 *:* LISTEN 0 50 *:3306 *:* LISTEN 0 128 :::80 :::* LISTEN 0 128 :::22 :::* LISTEN 0 128 *:22 *:* LISTEN 0 100 ::1:25 :::* LISTEN 0 100 127.0.0.1:25 *:* [root@localhost etc]#
配置httpd能基于fsatcgi:
打开hpptd配置文件,启动两个代理模块:
LoadModule proxy_module modules/mod_proxy.so #LoadModule proxy_connect_module modules/mod_proxy_connect.so #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so #LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
配置虚拟主机:
[root@localhost htdoc]# vim /etc/httpd24/extra/httpd-vhosts.conf
ServerAdmin [email protected] DocumentRoot "/vhost/www.a.com/htdoc/" ServerName www.a.com ServerAlias a.com ErrorLog "logs/www.a.com-error_log" CustomLog "logs/www.a.com-access_log" combined ProxyRequests Off ProxyPassMatch ^/(.*\.php)$ fcgi://127.0.0.1:9000/vhost/www.a.com/htdoc/$1 Options None AllowOverride none Require all granted
配置httpd
[root@localhost htdoc]# vim /etc/httpd24/httpd.conf
添加:DirectoryIndex index.php index.html
重启测试访问:
配置xcache:
[root@localhost xcache-3.2.0]# /usr/local/php/bin/phpize Configuring for: PHP Api Version: 20100412 Zend Module Api No: 20100525 Zend Extension Api No: 220100525 [root@localhost xcache-3.2.0]#
编译安装:
./configure --enable-xcache --with-php-config=/usr/local/php/bin/php-confi g
复制配置文件:
[root@localhost xcache-3.2.0]# cp xcache.ini /etc/php.d/
3、安装并配置基于虚拟用户的vsftpd;
1.安装vsftpd:
[root@localhost ~]# yum -y install vsftpd
用户认证配置文件:/etc/pam.d/vsftpd
服务脚本:/etc/rc.d/init.d/vsftpd
配置文件目录:/etc/vsftpd
主配置文件:vsftpd.conf
匿名用户:共享资源位置:/var/ftp
系统用户通过ftp访问资源是的位置:用户自己的家目录;
虚拟用户通过ftp访问资源时的位置:给虚拟用户指定的硬射成为的系统用户的家目录;
2.启动:
[root@localhost ~]# service vsftpd restart Shutting down vsftpd: [FAILED] Starting vsftpd for vsftpd: [ OK ] [root@localhost ~]# ss -tnl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 50 *:3306 *:* LISTEN 0 128 :::80 :::* LISTEN 0 32 *:21 *:* LISTEN 0 128 :::22 :::* LISTEN 0 128 *:22 *:* LISTEN 0 100 ::1:25 :::* LISTEN 0 100 127.0.0.1:25 *:* [root@localhost ~]#
3.修改配置文件:
[root@localhost vsftpd]# cp vsftpd.conf vsftpd.bak
匿名访问控制:/etc/vsftp.conf anonymous_enable=YES
设置打开上传权限:
anon_upload_enable=YES
系统访问控制:
local_enable=YES write_enable=YES chroot_umask=022
禁用本地用户或者指定用户
chroot_local_user=YES chroot_liset_file=/etc/vsftpd/chroot_list
利用ftp账户登录并且上传到upload目录里:
先将目录给予setfacl授权读写执行;
[root@localhost ftp]# setfacl -m u:ftp:rwx upload/ [root@localhost ftp]# getfacl upload/ # file: upload/ # owner: root # group: root user::rwx user:ftp:rwx group::r-x mask::rwx other::r-x
测试是否可以上传文件:
[root@localhost etc]# ftp 192.168.1.122 Connected to 192.168.1.122 (192.168.1.122). 220 (vsFTPd 2.2.2) Name (192.168.1.122:root): ftp 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls 227 Entering Passive Mode (192,168,1,122,244,212). 150 Here comes the directory listing. drwxr-xr-x 2 0 0 4096 Jul 24 00:49 pub drwxrwxr-x 3 0 0 4096 Oct 22 20:49 upload 226 Directory send OK. ftp> cd upload 250 Directory successfully changed. ftp> pwd 257 "/upload" ftp> put fstab local: fstab remote: fstab 227 Entering Passive Mode (192,168,1,122,248,28). 150 Ok to send data. 226 Transfer complete. 805 bytes sent in 0.000295 secs (2728.81 Kbytes/sec) ftp>
开启ftp服务器里是否可以匿名创建目录的参数:
anon_mkdir_write_enable=YES 测试: rwx------ 2 14 50 4096 Oct 22 20:49 aa -rw------- 1 14 50 805 Oct 22 20:54 fstab 226 Directory send OK. ftp> mkdir bb 257 "/upload/bb" created ftp> ls 227 Entering Passive Mode (192,168,1,122,120,93). 150 Here comes the directory listing. drwx------ 2 14 50 4096 Oct 22 20:49 aa drwx------ 2 14 50 4096 Oct 22 20:58 bb -rw------- 1 14 50 805 Oct 22 20:54 fstab 226 Directory send OK. ftp>
但是删除不了创建的文件,需要修改配置文件添加一行:
anon_other_write_enable=YES
测试:
ftp> delete fstab 250 Delete operation successful.
其他机制:
用户控制:
userlist_enable=YES
userlist_deny=YES|NO
默认文件为/etc/vsftpd/user_list
链接限制:
max_clients:最大并发连接数;
max_per_ip:每个ip同时并发请求数;
传输速率:
anno_max_rate:匿名用户最大传输速率,单位是“字节/秒”
local_max_rate:本地用户
虚拟用户:
所有的虚拟用户会被统一映射为一个指定的系统账号,访问的共享位置即为此系统账号的家目录;
各虚拟用户可被赋予不同访问权限;
通过匿名用户的权限控制参数进行指定;
虚拟用户账号的存储方式:
文件:编辑文件
奇数行为用户名
偶数行为密码
此文件需要被编码为hash格式:
关系型数据库中的表中:
即时查询数据库完成用户认证;
Mysql库:
pam_mysql.x86.64
关系型数据库:
[root@localhost local]# yum install pam_mysql
1.准备数据库及相关表
mariaDB [(none)]> CREATE DATABASE vsftpd;
use vsftpd;
授权账号:
mariaDB [vsftpd]> GRANT SELECT ON vsftpd.* TO vsftp@'192.168.%.%' IDENTIFIED BY '123..com'; mariaDB [vsftpd]> FLUSH PRIVILEGES;
查看:
MariaDB [vsftpd]> DESC users; +----------+------------------+------+-----+---------+----------------+ | Field | Type | Null | Key | Default | Extra | +----------+------------------+------+-----+---------+----------------+ | id | int(10) unsigned | NO | PRI | NULL | auto_increment | | name | varchar(50) | NO | | NULL | | | password | char(48) | NO | | NULL | | +----------+------------------+------+-----+---------+----------------+ 3 rows in set (0.00 sec)
创建列表:
mariaDB [vsftpd]> create table users ( id INT UNSIGNED NOT NULL AUTO_INCREMENT PRIMARY KEY, name VARCHAR(50) BINARY NOT NULL, password CHAR(48) BINARY NOT NULL);
插入users表:
mariaDB [vsftpd]> INSERT INTO users (name,password) VALUES ('hzm',password('123..com')),('tom',password('123..com'));
查看:
ariaDB [vsftpd]> SELECT * FROM users; +----+------+-------------------------------------------+ | id | name | password | +----+------+-------------------------------------------+ | 1 | hzm | *84255B63A81BC5CC440E46029310B403F826E831 | | 2 | tom | *84255B63A81BC5CC440E46029310B403F826E831 | +----+------+-------------------------------------------+ 2 rows in set (0.00 sec)
2.配置vsftpd
[root@localhost /]# vim /etc/pam.d/vsftpd.mysql
#vi /etc/pam.d/vsftpd.mysql 添加如下两行: auth required pam_mysql.so user=vsftp passwd=123..com host=192.168.1.122 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2 account required pam_mysql.so user=vsftp passwd=123..com host=192.168.1.122 db=vsftpd table=users usercolumn=name passwdcolumn=password crypt=2
~
添加如下:
添加个用户修改权限:
[root@localhost /]# useradd -s /sbin/nologin -d /var/ftproot vuser [root@localhost /]# chmod go+rx /var/ftproot/
修改vsftp.conf:
添加如下信息:
pam_service_name=vsftpd.mysql userlist_enable=YES tcp_wrappers=YES guest_enable=YES guest_username=vuser user_config_dir=/etc/vsftpd/vusers
保存重启vsftp;
测试:
3.配置虚拟用户有不同权限:
[root@localhost vsftpd]# mkdir vusers
[root@localhost vsftpd]# cd vusers/ [root@localhost vusers]# vim tom 添加: anon_upload_enable=YES anon_mkdir_write_enable=YES anon_other_write_enable=YES 复制一份给hzm,选项参数都改成NO
测试:
ftp> put fstab local: fstab remote: fstab 227 Entering Passive Mode (192,168,159,128,172,134). 150 Ok to send data. 226 Transfer complete. 805 bytes sent in 9.1e-05 secs (8846.15 Kbytes/sec) ftp> 成功~~~
相反,hzm账户则没有任何权限;
name (192.168.159.128:root): hzm 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> lcd /etc Local directory now /etc ftp> put fstab local: fstab remote: fstab 227 Entering Passive Mode (192,168,159,128,193,112). 550 Permission denied.
4、建立nfs共享,将主机172.16.0.1上的目录/magedu通过nfs共享给172.16.0.0/16(可根据自己的网络情况来设置)网络的主机以读写方式使用;
1.配置服务器端:
vim /etc/exports
添加:/shared/nfs 192.168.159.128(no_root_squash,rw)
2.查看服务器端共享的文件系统:
[root@localhost ~]# showmount -e 192.168.1.122 Export list for 192.168.1.122: /magedu 192.168.159.128 [root@localhost ~]#
3.挂载nfs文件系统:
[root@localhost ~]# mount -t nfs 192.168.1.122:/magedu /mnt
4.完成,尝试读写创建;
[root@localhost mnt]# mkdir aa [root@localhost mnt]# ls aa [root@localhost mnt]#
5、建立samba共享,共享目录为/data,要求:
1)共享名为shared,工作组为magedu;
2)添加组develop,添加用户gentoo,centos和ubuntu,其中gentoo和centos以develop为附加组,ubuntu不属于develop组;密码均为用户名;
3)添加samba用户gentoo,centos和ubuntu,密码均为“mageedu”;
4)此samba共享shared仅允许develop组具有写权限,其他用户只能以只读方式访问;
5)此samba共享服务仅允许来自于172.16.0.0/16(可根据自己的网络情况来设置)网络的主机访问;
1.创建用户和组:
[root@localhost ~]# mkdir /data [root@localhost ~]# groupadd develop
[root@localhost ~]# useradd gentoo [root@localhost ~]# useradd centos [root@localhost ~]# useradd unbuntu
将用户加入develop组里 :
develop:x:500:gentooo,centos
创建smb用户:
smbpasswd -a gentooo
查看共享文件夹权限:
[root@localhost ~]# setfacl -m g:develop:rwx /data [root@localhost ~]# getfacl /data/ getfacl: Removing leading '/' from absolute path names # file: data/ # owner: root # group: root user::rwx group::r-x group:develop:rwx mask::rwx other::r-x
远程连接测试:
[root@localhost ~]# smbclient -L 192.168.159.128 -U gentooo Enter gentooo's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.23-20.el6] Sharename Type Comment --------- ---- ------- IPC$ IPC IPC Service (Samba Server Version 3.6.23-20.el6) shared Disk hzmsmb gentooo Disk Home Directories Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.23-20.el6] Server Comment --------- ------- LOCALHOST Samba Server Version 3.6.23-20.el6 Workgroup Master --------- ------- MYGROUP LOCALHOST [root@localhost ~]#
编辑配置文件:/etc/samb/smb.conf
[shared] comment = hzmsmb path = /data workgroup = magedu hosts allow = 127. 192.168.1. write list = +develop writeable = yes
测试:gentooo账户有写权限;
[
root@localhost ~]# smbclient //192.168.159.128/shared -U gentooo smb: \> mkdir aa smb: \> ls . D 0 Thu Oct 15 14:06:54 2015 .. DR 0 Thu Oct 15 11:51:12 2015 fstab 805 Thu Oct 15 14:03:37 2015 aa D 0 Thu Oct 15 14:06:54 2015
测试2:unbuntu账户只有查看看权限,没有读写权限;
[
root@localhost ~]# smbclient //192.168.159.128/shared -U unbuntu Enter unbuntu's password: Domain=[MYGROUP] OS=[Unix] Server=[Samba 3.6.23-20.el6] smb: \> ls . D 0 Thu Oct 15 14:06:54 2015 .. DR 0 Thu Oct 15 11:51:12 2015 fstab 805 Thu Oct 15 14:03:37 2015 aa D 0 Thu Oct 15 14:06:54 2015 37696 blocks of size 524288. 28951 blocks available smb: \> mkdir bb NT_STATUS_ACCESS_DENIED making remote directory \bb smb: \>