CentOSのアップグレード

①バージョン確認
$ rpm -qa | grep centos-release
 
②アップデート
$ yum upgrade
 

vimのインストール / .bashrc

①インストール
$ yum -y install vim-enhanced
 
②.bashrc にエイリアスを追加
$ vi ~/.bashrc
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
alias vi='vim'
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
 
③再読み込みする。
$ source .bashrc
 
④日本語を使用可に
# echo 'set encoding=utf-8' >> .vimrc:

ファイアーウォールの構築

①ファイル作成
$ vi /etc/sysconfig/iptables
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
*filter
:INPUT   ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT  ACCEPT [0:0]
:RH-Firewall-1-INPUT – [0:0]

-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp –icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp –dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp –dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp –dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT

# SSH, HTTP, FTP1, FTP2, MySQL
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 10022 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80    -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 20    -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 21    -j ACCEPT

-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 22    -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306  -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited

COMMIT

– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
※SFTPを使用したい場合は22ポートを開く
※改行のスペースなど入っていないか注意
 
②iptableの再起動
$ /etc/rc.d/init.d/iptables restart

未使用のデーモンをオフ

/sbin/chkconfig auditd off
/sbin/chkconfig autofs off
/sbin/chkconfig avahi-daemon off
/sbin/chkconfig bluetooth off
/sbin/chkconfig cups off
…..
 

yumのリポジトリ追加

①wgetでダウンロード
$ wget http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
$ wget http://rpms.famillecollet.com/el5.x86_64/remi-release-5-8.el5.remi.noarch.rpm
$ wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
 
②リポジトリを追加
$ rpm -Uvh epel-release-5-4.noarch.rpm remi-release-5-8.el5.remi.noarch.rpm rpmforge-release-0.5.2-2.el5.rf.x86_64.rpm
 
③Fedora EPEL を無効化
$ vi /etc/yum.repos.d/epel.repo
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
enabled=0
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
 
④RPMForge を無効
$ vi /etc/yum.repos.d/rpmforge.repo
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
enabled=0
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
 

yumをアップデート

$ yum update
 
(LAMPを一発インストール)

$ yum –enablerepo=remi,epel,rpmforge install httpd-devel php-devel php-mysql php-pear mysql-server

※それぞれバージョンなどの指定がある場合は、個別にインストール