转: http://blog.sina.com.cn/s/blog_438308750100xsb5.html
Linux安全设置
******************************************************************************
1.关闭不必要的服务
yum -y install ntsysv
ntsysv
# 关闭不需要的服务按上面的安装关闭 ip6tables、jexec、kudzu、lvm2-monitor、mcstrans、netfs、rawdevices、restorecond
2.禁止Ctrl+Alt+Delete重新启动机器命令
vi /etc/inittab
注释掉: ca::ctrlaltdel:/sbin/shutdown -t3 -r now
设置/etc/rc.d/init.d/下权限
chmod -R 700 /etc/rc.d/init.d/*
3.限制su的使用,设置仅wheel用户使用
vi /etc/pam.d/su
取消下面行注释
> auth required pam_wheel.so use_uid
echo "SU_WHEEL_ONLY yes" >> /etc/login.defs
4.阻止ping(慎用)
# vi /etc/rc.d/rc.local
添加到文件末尾
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
5.防止ip欺骗
vi /etc/host.conf
添加下面几行
order bind,hosts
multi off
nospoof on
6.防止DoS攻击
对系统所有的用户设置资源限制可以防止DoS类型攻击,如最大进程数和内存使用数量等。
例如,可以在/etc/security/limits.conf中添加如下几行:
vi /etc/security/limits.conf
*hard core 0
*hard rss 5000
*hard nproc 50
然后必须编辑/etc/pam.d/login文件检查下面一行是否存在。
cat /etc/pam.d/login
# echo "sessionrequired/lib/security/pam_limits.so" >> /etc/pam.d/login
sessionrequired/lib/security/pam_limits.so
上面的命令禁止调试文件,限制进程数为50并且限制内存使用为5MB。
7.禁止ipv6
vi /etc/modprobe.conf
alias net-pf-10 off
alias ipv6 off
8.删除不必要的用户和组
userdel adm
userdel sync
userdel shutdown
userdel halt
userdel news
userdel uucp
userdel operator
userdel games
userdel gopher
userdel ftp
groupdel news
groupdel uucp
groupdel dip
9。更改SSH端口,不允许使用低版本的SSH协议,创建远程登录用户,禁止root登录
#vi /etc/ssh/sshd_config
将PORT改为1000以上端口
将#protocol 2,1改为protocol 2
禁止root登录,修改如下
PermitRootLogin no
例如
PORT 1984
Protocol 2
PermitRootLogin no
# 添加新端口到iptables中
vi /etc/sysconfig/iptables
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 1984 -j ACCEPT
##注意这里必须添加远程登录用户,并添加到wheel用户组
-----------------------------------------------------------------------
useradd [-G wheel] yubaojian0616
passwd yubaojian0616
usermod -g wheel yubaojian0616
-----------------------------------------------------------------------
X.修改口令文件属性
chattr +i /etc/passwd
chattr +i /etc/shadow
chattr +i /etc/group
chattr +i /etc/gshadow
X+1.定时校正服务器时钟,定时与中国国家授时中心授时服务器同步
crontab -e
* * * * * * ntpdate 210.72.145.44
Nginx安装
******************************************************************************
安装文件:nginx-1.0.4.tar.gz
安装目录:/usr/local/webserver/nginx
#添加用户和组
groupadd www
useradd -g www www
#安装必要的库
yum -y install wget
wget ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-8.10.tar.gz
cd /opt
tar -zxf pcre-8.10.tar.gz
cd pcre-8.10
./configure
make && make install
yum -y install openssl openssl-devel
cd /opt
tar -zxf nginx-1.0.4.tar.gz
cd nginx-1.0.4
./configure --user=www --group=www --prefix=/usr/local/webserver/nginx --with-http_stub_status_module --with-http_ssl_module
make && make install
#创建Nginx日志目录
mkdir -p /data1/logs
chmod +w /data1/logs
chown -R www:www /data1/logs
#启动nginx
/usr/local/webserver/nginx/sbin/nginx
#设置自动启动
echo "ulimit -SHn 65535" >> /etc/rc.local
echo "/usr/local/webserver/nginx/sbin/nginx" >> /etc/rc.local
或者使用nginx服务启动
touch /etc/init.d/nginx
vi /etc/init.d/nginx
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# Init file for nginx server daemon
#
# chkconfig: 234 99 99
# description: nginx server daemon
#
# source function library
. /etc/rc.d/init.d/functions
# pull in sysconfig settings
[ -f /etc/sysconfig/nginx ] && . /etc/sysconfig/nginx
RETVAL=0
prog="nginx"
PAT=/usr/local/nginx
NGINXD=/usr/local/webserver/nginx/sbin/nginx
PID_FILE=/usr/local/webserver/nginx/nginx.pid
start()
{
echo -n $"Starting $prog: "
$NGINXD 2>/dev/null $OPTIONS && success || failure
RETVAL=$?
[ "$RETVAL" = 0 ] && touch /var/lock/subsys/nginx
echo
}
stop()
{
echo -n $"Shutting down $prog: "
killproc nginx
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/nginx
return $RETVAL
}
reload()
{
echo -n $"Reloading nginx: "
killproc nginx -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status -p $PID_FILE nginx
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
#编写每天定时切割Nginx日志的脚本
1.
> vi /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
---------------------------------------------------------------------------------------------------
#!/bin/bash
# This script run at 00:00
# The Nginx logs path
logs_path="/usr/local/webserver/nginx/logs/"
mkdir -p ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/
mv ${logs_path}access.log ${logs_path}$(date -d "yesterday" +"%Y")/$(date -d "yesterday" +"%m")/access_$(date -d "yesterday" +"%Y%m%d").log
kill -USR1 `cat /usr/local/webserver/nginx/nginx.pid`
---------------------------------------------------------------------------------------------------
chmod +x /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
2。设置crontab,每天凌晨00:00切割nginx访问日志
#安装crontabs
yum -y install vixie-cron
yum -y install crontabs
crontab -e
00 00 * * * /bin/bash /usr/local/webserver/nginx/sbin/cut_nginx_log.sh
MongoDB安装
******************************************************************************
MongoDB安装文件:mongodb-linux-i686-1.8.2.tgz
安装目录:/usr/local/webserver/mongodb
端口:27017
数据:/data0/mongo/27017/data/
日志:/data0/mongo/27017/log/
安装程序
mv mongodb-linux-i686-1.8.2.tgz /usr/local/webserver/
cd /usr/local/webserver/
tar -zxf mongodb-linux-i686-1.8.2.tgz
mv mongodb-linux-i686-1.8.2 mongodb
rm mongodb-linux-i686-1.8.2.tgz
创建目录
mkdir -p /data0/mongo/27017/data/
mkdir -p /data0/mongo/27017/log/
/usr/local/webserver/mongodb/bin/mongod -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&
查看是否启动成功
netstat -lanp | grep "27017"
关闭数据库
kill -15,killall mongod或者在client的shell里,use admin,执行db.shutdownServer()即可!
安装服务
vi /etc/init.d/mongodb
---------------------------------------------------------------------------------------------------
#!/bin/bash
#
# mongodb Startup script for the mongodb server
#
# chkconfig: - 64 36
# description: MongoDB Database Server
#
# processname: mongodb
#
# Source function library
. /etc/rc.d/init.d/functions
if [ -f /etc/sysconfig/mongodb ]; then
. /etc/sysconfig/mongodb
fi
prog="mongod"
mongod="/usr/local/webserver/mongodb/bin/mongod"
RETVAL=0
start() {
echo -n $"Starting $prog: "
daemon $mongod "--fork -dbpath=/data0/mongo/27017/data -logpath=/data0/mongo/27017/log/mongo.log --port 27017 --logappend&"
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -HUP
RETVAL=$?
echo
return $RETVAL
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
reload)
reload
;;
status)
status $mongod
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|reload|status}"
RETVAL=1
esac
exit $RETVAL
---------------------------------------------------------------------------------------------------
chmod 755 /etc/init.d/mongodb
chown root:root /etc/init.d/mongodb
chkconfig --add mongodb
chkconfig mongodb on
转载请注明出处: http://blog.sina.com.cn/egoservice
mysql安装
******************************************************************************
说明:
系统 :CentOS5(CentOS5.5)
mysql :mysql-5.1.48.tar.gz(源码版本)
安装目录:/usr/local/webserver/mysql
操作用户:mysql
字符集:utf-8,gbk,latin1
数据类型:innodb,myiasm,csv,federated
数据目录:/data0/mysql/3306/data/
二进制日志:/data0/mysql/3306/binlog/
relay日志:/data0/mysql/3306/relaylog/
my.cnf:/etc/my.cnf
mysql操作:/etc/init.d/mysql
_____________________________________________________________________________
1.安装gcc
#yum -y install gcc* ncurses-devel
2.创建用户
#groupadd mysql
#useradd -g mysql mysql
3.安装 mysql-5.1.48.tar.gz
#tar zxf mysql-5.1.48.tar.gz
#cd mysql-5.1.48
#./configure \
--prefix=/usr/local/webserver/mysql \
--with-charset=utf8 \
--with-extra-charset=gbk,latin1 \
--without-debug \
--without-bench \
--with-big-tables \
--with-readline \
--with-ssl \
--with-embedded-server \
--enable-local-infile \
--enable-assembler \
--enable-thread-safe-client \
--enable-profiling \
--with-mysqld-user=mysql \
--with-plugins=partition,innobase,myisammrg \
--with-csv-storage-engine \
--with-federated-storage-engine \
--with-client-ldflags=-all-static \
--with-mysqld-ldflags=-all-static \
--with-server-suffix=-community \
--with-unix-socket-path=/tmp/mysql.sock
#安装make
yum -y install make
#这里需要很长时间
#Entering directory `/root/mysql-5.1.48/mysql-test' 这里需要耐心
make && make install
#设置目录权限
chmod +w /usr/local/webserver/mysql
chown -R mysql:mysql /usr/local/webserver/mysql
#创建MySQL数据库存放目录
mkdir -p /data0/mysql/3306/data/
mkdir -p /data0/mysql/3306/binlog/
mkdir -p /data0/mysql/3306/relaylog/
chown -R mysql:mysql /data0/mysql/
#以mysql用户帐号的身份建立数据表:
/usr/local/webserver/mysql/bin/mysql_install_db --basedir=/usr/local/webserver/mysql --datadir=/data0/mysql/3306/data --user=mysql
#创建my.cnf配置文件:(注意要在/etc/目录下)
vi /etc/my.cnf
------------------------------------------------------------------
[client]
port = 3306
socket = /tmp/mysql.sock
[mysqld]
character-set-server = utf8
replicate-ignore-db = mysql
replicate-ignore-db = test
replicate-ignore-db = information_schema
user = mysql
port = 3306
socket = /tmp/mysql.sock
basedir = /usr/local/webserver/mysql
datadir = /data0/mysql/3306/data
log-error = /data0/mysql/3306/mysql_error.log
pid-file = /data0/mysql/3306/mysql.pid
open_files_limit = 10240
back_log = 600
max_connections = 5000
max_connect_errors = 6000
table_cache = 614
external-locking = FALSE
max_allowed_packet = 32M
sort_buffer_size = 1M
join_buffer_size = 1M
thread_cache_size = 300
#thread_concurrency = 8
query_cache_size = 512M
query_cache_limit = 2M
query_cache_min_res_unit = 2k
default-storage-engine = MyISAM
thread_stack = 192K
transaction_isolation = READ-COMMITTED
tmp_table_size = 246M
max_heap_table_size = 246M
long_query_time = 3
log-slave-updates
log-bin = /data0/mysql/3306/binlog/binlog
binlog_cache_size = 4M
binlog_format = MIXED
max_binlog_cache_size = 8M
max_binlog_size = 1G
relay-log-index = /data0/mysql/3306/relaylog/relaylog
relay-log-info-file = /data0/mysql/3306/relaylog/relaylog
relay-log = /data0/mysql/3306/relaylog/relaylog
expire_logs_days = 30
key_buffer_size = 256M
read_buffer_size = 1M
read_rnd_buffer_size = 16M
bulk_insert_buffer_size = 64M
myisam_sort_buffer_size = 128M
myisam_max_sort_file_size = 10G
myisam_repair_threads = 1
myisam_recover
interactive_timeout = 120
wait_timeout = 120
skip-name-resolve
#master-connect-retry = 10
slave-skip-errors = 1032,1062,126,1114,1146,1048,1396
#master-host = 192.168.1.2
#master-user = username
#master-password = password
#master-port = 3306
server-id = 1
innodb_additional_mem_pool_size = 16M
innodb_buffer_pool_size = 512M
innodb_data_file_path = ibdata1:256M:autoextend
innodb_file_io_threads = 4
innodb_thread_concurrency = 8
innodb_flush_log_at_trx_commit = 2
innodb_log_buffer_size = 16M
innodb_log_file_size = 128M
innodb_log_files_in_group = 3
innodb_max_dirty_pages_pct = 90
innodb_lock_wait_timeout = 120
innodb_file_per_table = 0
#log-slow-queries = /data0/mysql/3306/slow.log
#long_query_time = 10
[mysqldump]
quick
max_allowed_packet = 32M
------------------------------------------------------------------
#创建mysql启动文件
cp support-files/mysql.server.sh /etc/init.d/mysql
chmod +x /etc/init.d/mysql
chkconfig --add mysql
service mysql start
/usr/local/webserver/mysql/bin/mysql
#设置本地及远程数据库root登录密码
mysql> grant all on *.* to 'root'@'localhost' identified by '123456';
mysql> grant all on *.* to 'root'@'%' identified by '123456';
Mysql 安装成功
如果出现'@[email protected]' command not found 可以修改脚本来对应.pid文件
##############################################################################################################
Linux下MySql的卸载
源码安装的卸载方法:
到源码目录,如果可以运行make uninstall就可以卸载。如果没有,就直接删除。
如果是./configure –prefix指定了目录用 rm -rf 目录名 删除
————————————————————-
[[email protected] ~]# cd /usr/local/src/mysql-5.1.45
[[email protected] mysql-5.1.45]# make uninstall
[[email protected] mysql-5.1.45]# cd ..
[[email protected] src]# rm -rf mysql-5.1.45
[[email protected] src]# cd ..
[[email protected] local]# ls
bin etc games include lib libexec [...]
删除所有应用目录
转载请注明出处: http://blog.sina.com.cn/egoservice
CentOS_5.5安装
*************************************************************************************
闲来没事自己做一个安装配置记录,以备以后用时候查看,如果有没有说到的大问题还请指教
转载请注明出处:http://blog.sina.com.cn/egoservice
***************CentOS_5.5安装*****************
1.分区(看各自需求)
/boot 100M
/swap 1576M
/
2.最小化安装
取消所有能取消的安装程序
3.用setup/ntsysv设置防火墙和ip
4.修改hostname
vi /etc/sysconfig/network
5.
编译出错:可能是系统时间不对应问题
# date -s "2009-09-10 00:33:30"
修改完后,记得输入:clock -w
把系统时间写入CMOS
6.
优化操作系统,避免too many open files错误
> ulimit -n
1024
> ulimit -n 65536
> vi /etc/sysctl.conf
添加
fs.file-max=65536
管理用户可以在 etc/security/limits.conf 配置文件中设置他们的文件描述符极限
soft nofile 65536
hard nofile 65536
7. 如果快平台的文本拷贝有问题
使用 vi -b 查看编码
8.优化Linux内核参数
>vi /etc/sysctl.conf
-------------------------------------------------------------------------------------------
# Add
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
#net.ipv4.tcp_fin_timeout = 30
#net.ipv4.tcp_keepalive_time = 120
net.ipv4.ip_local_port_range = 1024 65535
-------------------------------------------------------------------------------------------
>/sbin/sysctl -p
9.检查系统是否正常
# more /var/log/messages(检查有无系统级错误信息)
# dmesg(检查硬件设备是否有错误信息)
# ifconfig(检查网卡设置是否正确)
# ping www.163.com(检查网络是否正常)
10.如果vi时候按了Ctrl+s屏幕定住 可使用ctrl+q恢复
11.设置ip
#vi /etc/sysconfig/network-scripts/ifcfg-eth0
-------------------------------------------------------------------------------------------
# nVidia Corporation MCP51 Ethernet Controller
DEVICE=eth0
BOOTPROTO=static
BROADCAST=255.255.255.255
IPADDR=192.168.1.18
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
ONBOOT=yes
TYPE=Ethernet
-------------------------------------------------------------------------------------------
设置DNS解析
#vi /etc/resolv.conf
-------------------------------------------------------------------------------------------
nameserver 192.168.1.1
nameserver 8.8.4.4
-------------------------------------------------------------------------------------------
12.bz2不能找到文件需要更新
yum -y install bzip2
13.安装对中文的支持
yum -y install fonts-chinese
yum -y install fonts-ISO8859-2
vi /etc/sysconfig/i18n
注释原来文件内容添加下文
-------------------------------------------------------------------------------------------
LANG="zh_CN.GB2312"
SUPPORTED="zh_CN.GB2312:zh_CN.UTF-8:zh_CN:zh:en_US.UTF-8:en_US:en"
SYSFONT="latarcyrheb-sun16"
14.对于zip中文问题
jar xvf xxx.zip
15.安装7zip 32位
-------------------------------------------------------------------------------------------
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.i386.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-9.13-1.el5.rf.i386.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.i386.rpm
64位 7zip
wget -c http://packages.sw.be/p7zip/p7zip-9.13-1.el5.rf.x86_64.rpm
wget -c http://packages.sw.be/p7zip/p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-9.13-1.el5.rf.x86_64.rpm
rpm -ivh p7zip-plugins-9.13-1.el5.rf.x86_64.rpm
-------------------------------------------------------------------------------------------
使用7z解压即可解决:7z x xxxx.zip
更新yum
*****************************************************************************
cd /etc/yum.repos.d
mv CentOS-Base.repo CentOS-Base.repo.old
touch CentOS-Base.repo
vi CentOS-Base.repo
-------------------------------------------------------------------------------------------
# CentOS-Base.repo
#
# This file uses a new mirrorlist system developed by Lance Davis for CentOS.
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
http://centos.candishosting.com.cn/$releaserver/os/basearch/
http://centos.ustc.edu.cn/centos/$releasever/os/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/os/$basearch/
http://mirrors.ta139.com/centos/$releasever/os/$basearch/
http://mirror.be10.com/centos/$releasever/os/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#released updates
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
http://centos.candishosting.com.cn/$releaserver/updates/basearch/
http://centos.ustc.edu.cn/centos/$releasever/updates/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/updates/$basearch/
http://mirrors.ta139.com/centos/$releasever/updates/$basearch/
http://mirror.be10.com/centos/$releasever/updates/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#packages used/produced in the build but not released
[addons]
name=CentOS-$releasever - Addons
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=addons
baseurl=http://mirror.centos.org/centos/$releasever/addons/$basearch/
http://centos.candishosting.com.cn/$releaserver/addons/basearch/
http://centos.ustc.edu.cn/centos/$releasever/addons/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/addons/$basearch/
http://mirrors.ta139.com/centos/$releasever/addons/$basearch/
http://mirror.be10.com/centos/$releasever/addons/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/addons/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
http://centos.candishosting.com.cn/$releaserver/extras/basearch/
http://centos.ustc.edu.cn/centos/$releasever/extras/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/extras/$basearch/
http://mirrors.ta139.com/centos/$releasever/extras/$basearch/
http://mirror.be10.com/centos/$releasever/extras/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
http://centos.candishosting.com.cn/$releaserver/centosplus/basearch/
http://centos.ustc.edu.cn/centos/$releasever/centosplus/$basearch/
http://ftp.sjtu.edu.cn/centos/$releasever/centosplus/$basearch/
http://mirrors.ta139.com/centos/$releasever/centosplus/$basearch/
http://mirror.be10.com/centos/$releasever/centosplus/$basearch/
http://ftp.hostrino.com/pub/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=0
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
--------------------------------------------------------------------------------------------
service yum restart (重启yum)
yum check-update 检查更新
转载请注明出处: http://blog.sina.com.cn/egoservice
已有
0 人发表留言,猛击->>
这里<<-参与讨论
ITeye推荐