Posted 2 years, 7 months ago at 11:32 am. 0 comments
Linux系统是一个多用户多任务的分时操作系统,任何一个要使用系统资源的用户,都必须首先向系统管理员申请一个账号,然后以这个账号的身份进入系统。用户的账号一方面可以帮助系统管理员对使用系统的用户进行跟踪,并控制他们对系统资源的访问;另一方面也可以帮助用户组织文件,并为用户提供安全性保护。每个用户账号都拥有一个惟一的用户名和各自的口令。用户在登录时键入正确的用户名和口令后,就能够进入系统和自己的主目录。
实现用户账号的管理,要完成的工作主要有如下几个方面:
· 用户账号的添加、删除与修改。
· 用户口令的管理。
· 用户组的管理。
一、Linux系统用户账号的管理
用户账号的管理工作主要涉及到用户账号的添加、修改和删除。添加用户账号就是在系统中创建一个新账号,然后为新账号分配用户号、用户组、主目录和登录Shell等资源。刚添加的账号是被锁定的,无法使用。
1、添加新的用户账号使用useradd命令,其语法如下:
useradd 选项 用户名
其中各选项含义如下:
-c comment 指定一段注释性描述。
-d 目录 指定用户主目录,如果此目录不存在,则同时使用-m选项,可以创建主目录。
-g 用户组 指定用户所属的用户组。
-G 用户组,用户组 指定用户所属的附加组。
-s Shell文件 指定用户的登录Shell。
-u 用户号 指定用户的用户号,如果同时有-o选项,则可以重复使用其他用户的标识号。
用户名 指定新账号的登录名。
2、例子说明
例1:
# useradd –d /usr/sam -m sam
此命令创建了一个用户sam,其中-d和-m选项用来为登录名sam产生一个主目录/usr/sam(/usr为默认的用户主目录所在的父目录)。
例2:
# useradd -s /bin/sh -g group –G adm,root gem
此命令新建了一个用户gem,该用户的登录Shell是/bin/sh,它属于 group用户组,同时又属于adm和root用户组,其中group用户组是其主组。这里可能新建组:#groupadd group及groupadd adm.增加用户账号就是在/etc/passwd文件中为新用户增加一条记录,同时更新其他系统文件如/etc/shadow, /etc/group等。Linux提供了集成的系统管理工具userconf,它可以用来对用户账号进行统一管理。
3、删除帐号
如果一个用户的账号不再使用,可以从系统中删除。删除用户账号就是要将/etc/passwd等系统文件中的该用户记录删除,必要时还删除用户的主目录。删除一个已有的用户账号使用userdel命令,其格式如下:
userdel 选项 用户名
常用的选项是-r,它的作用是把用户的主目录一起删除。
例如:
# userdel sam
此命令删除用户sam在系统文件中(主要是/etc/passwd, /etc/shadow, /etc/group等)的记录,同时删除用户的主目录。
4、修改帐号
修改用户账号就是根据实际情况更改用户的有关属性,如用户号、主目录、用户组、登录Shell等。
修改已有用户的信息使用usermod命令,其格式如下:
usermod 选项 用户名
常用的选项包括-c, -d, -m, -g, -G, -s, -u以及-o等,这些选项的意义与useradd命令中的选项一样,可以为用户指定新的资源值。另外,有些系统可以使用如下选项:
-l 新用户名
这个选项指定一个新的账号,即将原来的用户名改为新的用户名。
例如:
# usermod -s /bin/ksh -d /home/z –g developer sam
此命令将用户sam的登录Shell修改为ksh,主目录改为/home/z,用户组改为developer。
5、用户口令的管理
用户管理的一项重要内容是用户口令的管理。用户账号刚创建时没有口令,但是被系统锁定,无法使用,必须为其指定口令后才可以使用,即使是指定空口令。
指定和修改用户口令的Shell命令是passwd。超级用户可以为自己和其他用户指定口令,普通用户只能用它修改自己的口令。命令的格式为:
passwd 选项 用户名
可使用的选项:
-l 锁定口令,即禁用账号。
-u 口令解锁。
-d 使账号无口令。
-f 强迫用户下次登录时修改口令。
如果默认用户名,则修改当前用户的口令。
例如,假设当前用户是sam,则下面的命令修改该用户自己的口令:
$ passwd
Old password:******
New password:*******
Re-enter new password:*******
如果是超级用户,可以用下列形式指定任何用户的口令:
# passwd sam
New password:*******
Re-enter new password:*******
普通用户修改自己的口令时,passwd命令会先询问原口令,验证后再要求用户输入两遍新口令,如果两次输入的口令一致,则将这个口令指定给用户;而超级用户为用户指定口令时,就不需要知道原口令。
为了系统安全起见,用户应该选择比较复杂的口令,例如最好使用8位长的口令,口令中包含有大写、小写字母和数字,并且应该与姓名、生日等不相同。
为用户指定空口令时,执行下列形式的命令:
# passwd -d sam
此命令将用户sam的口令删除,这样用户sam下一次登录时,系统就不再询问口令。passwd命令还可以用-l(lock)选项锁定某一用户,使其不能登录,例如:
# passwd -l sam
via Shell基础–Linux的用户和用户组管理
相关资料:
Linux的用户和用户组管理
Posted 2 years, 7 months ago at 11:32 am. 0 comments
原文来自 http://xlntsolution.blogspot.com/2007/03/feisty-performance-fly-like-butterfly.html
blogspt 似乎再次封掉了,:( 我是通过这个代理看到的
部分内容如下:
sudo gedit /etc/hosts
你会看到类似
127.0.0.1 localhost
127.0.1.1 guoshuang-laptop
这样的内容,在 localost 后面加上你的主机名,如guoshuang-laptop
127.0.0.1 localhost guoshuang-laptop
127.0.1.1 guoshuang-laptop
1. Disable IPv6
At least I dont need IPv6 yet so this is what I do to disable it.
sudo kate /etc/modprobe.d/aliases
And change the line:
alias net-pf-10 ipv6
to:
alias net-pf-10 off #ipv6
This will disable IPv6 on all network interfaces. You need to reboot.
2. Run boot processes in parallel
This will make upstart to run the boot processes in parallel and speed up the boot process.
sudo kate /etc/init.d/rc
Find and change the line:
CONCURRENCY=none
to:
CONCURRENCY=shell
3. Aliasing hostname to localhost
Right or wrong, you decide. But I picked this up in the Ubuntu forums the other day and it does improve the startup of some apps.
sudo kate /etc/hosts
and add you hostname to the first line after localhost like this:
127.0.0.1 localhost yourhost
127.0.1.1 yourhost
4. Disable pango
I know that this is already taken care of in firefox but it still makes a good performance boost to thunderbird and some other apps.
sudo kate /etc/environment
and add:
MOZ_DISABLE_PANGO=”1″
5. Preload
It does what you think. It preloads most common used libs and files = faster startup times on your applications.
sudo apt-get install preload
What about prelink?
Prelink is no longer necessary in feisty. Feisty uses a new linking mechanism called DT_GNU_HASH which speeds up the linking process without the need for continuously running prelink.
6. Swappiness
The default value for vm.swappiness is 60 in Ubuntu Feisty whic is a good default value but if you want to tweak the performance a little bit more you can change this value to a lower value to reduce the load of the swap. If you run the follwing command:
sysctl -q vm.swappiness
You will se that the value is set to 60. And by running:
sudo sysctl vm.swappiness=10
You will change the value from 60 to 10 which will make your system write to swap a lot less and I would recommend this to everyone that has 512 mb of memory or more. If you find that you have very little use of swap set the value to 0. This will not disable the swap but it will make your system write to the swap as little as possible and keep as much as possible in memory. This makes a huge improvment when switching between applications since they are now likley to be in physical ram instead of on the swap partition.
To set your value permanent you need to change the sysctl.conf file:
sudo kate /etc/sysctl.conf
Add the line
vm.swappiness=10
To the end of the file. This way it will be set upon boot.
I’ve found that the value of 5 works very good for my use and I have 1 GB of memory.
7. Profile grub
There is a option to grub called profile which will profile your startup. What it does is that it kind of indexing all the files read during boot/startup and later on it will find and read those files quicker.
Hit the escape button when booting to get to the grub menu.
Select your default boot kernel and hit the e button.
Go down to the second line and hit the e button again.
Add profile to the end of the line and press enter.
Hit the b button to boot with your new option.
The first time it will take a little bit longer to boot because it has to build the index (or whatever they want to call it) but every boot after this will be a lot smoother.
You need to do this every time you update your kernel or have made other huge changes to your system that might affect the files needed during boot.
The following could cause your system to be unstable or even unable to boot so please use them care…
8. sysv-rc-conf
Install sysv-rc-conf and disable the services you don’t need at startup.
As an example. On my computer I don’t have bluetooth so I don’t need to start it at boot time.
So simply disable what ever you don’t have or use.
sudo apt-get install sysv-rc-conf
and then run:
sudo sysv-rc-conf
9. Kernel hacking
Even thought the new kernel in feisty is very good and already tuned a bit there still are some things you can do to the kernel the will make your system snappier and boot up even faster.
Use this thread from the ubuntu forums as a guide on how to compile your own kernel.
master kernel thread
What I do is that I make sure to add my file systems I use to the kernel instead of loading them as modules. Take out whatever I don’t have or use and then compile my new and hopefully improved kernel 
10. Filesystem setup
The choice and use of the file system is a big issue when dealing with performance. Depending on your usage of your system you might need to configure your filesystem different.
For my usage I like to use the following setup (which I think is a good desktop setup)
Mountpoint
filesystem
Size
/boot
ext2
100 MB
/root
LVM, VG=system, xfs
6 GB
/swap
LVM, VG=system, swap
The size of RAM in your computer. Making it smaller and you will not be able to hibernate.
/home
LVM, VG=system, xfs
1 GB, or the rest of the space in that VG
/data
LVM, VG=data, xfs
The rest of the free space
Using the following options in fstab for all my xfs partitions:
noatime,nodiratime,logbufs=8
Using LVM can really speed up the disk performance. And you get a lot of other good stuff with it as well. Read more about LVM here.
I choose to have /root and /home on one VolumeGroup and /data on another simply because I can then split them up on diffrent physical disks and have them spanning over multiple physical disks witch really speeds up the reads and writes.
At the moment this is pretty much it but I will update this as soon as I discover more performance tunings…
Tuning applications
Not so much to add here but this what I like to do.
1. Firefox
Use swiftfox instead. It’s optimized for your CPU.
Install the fasterfox add-on
If it’s not already set, disable IPv6. In the url enter about:config and find the ipv6 entry and disable it.
Install adblock plus add-on
to disable ad’s it helps a lot 
2. openoffice
If you don’t need that extras that java JRE provides then simply disable it openoffice. That’s what I do.
Once Feisty is released I will have a script done that all you brave people can run that will do most of this in one go
I will also write down the kernel options that I use to compile my kernel for those who are interested.
But until then, use this and enjoy a much faster and smoother running Feisty.
Posted 2 years, 7 months ago at 11:32 am. 0 comments
as4+postfix+cyrus-sasl+mysql+postfixadmin+courier-imap+courier-maildrop+squirrelmail+clamav+spamassassin+amavisd-new
转载请注明出处
最后更新日期:2006年8月3日
2004年10左右成稿
1.mysql
2.apache
3.php
4.cyrus-sasl
5.postfix
6.postfixadmin
7.courier-authlib
8.courier-imap
9.courier-maildrop
10.测试
11.webmail
11.1.squirrelmail
12.clamav
13.amavisd-new
14.spamassassin
15.附:启动脚本
本文用到的软件
MySQL 5.0.15
网站:http://www.mysql.com
下载
APACHE 2.0.55
网站:http://www.apache.org
下载
PHP 4.4.1
网站:http://www.php.net
下载
Cyrus-SASL 2.1.21
网站:http://asg.web.cmu.edu/sasl
下载
Postfix 2.2.5
网站:http://www.postfix.org
下载
PostfixAdmin 2.1.0
网站:http://www.postfixadmin.com
下载
Courier-authlib 0.57
网站:http://www.courier-mta.org/authlib
下载
Courier-IMAP 4.0.6
网站:http://www.courier-mta.org/imap
下载
Courier-maildrop 2.0.1
网站:http://www.courier-mta.org/maildrop
下载
SquirrelMail 1.4.5
网站:http://www.squirrelmail.org
下载
Extmail 0.20
网站:http://www.extmail.org
下载
clamav 0.87
网站:http://www.clamav.net
下载
amavisd-new 2.3.3
网站:http://www.ijs.si/software/amavisd
下载
Spamassassin 3.1.0
网站:http://spamassassin.apache.org
下载
我以前那篇文章中密码加密有问题(密码一加密,smtp认证就通不过),所以下定决心更新一下。这次sasl密码验证机制改为authdaemond(感谢网友606),并把测试部分单独列出来。很多人问起我的安装环境,我安装linux的时候,只选了开发工具,其他的都没选,还有,这些软件包安装的时候都没有依赖性问题,有的话,我也提出来了。
1.安装 mysql 5.0.15
# wget http://dev.mysql.com/get/Downloads/MySQL-5…ysql.new21.com/
# tar zxvf mysql-5.0.15.tar.gz
# cd cd mysql-5.0.15
# groupadd mysql
# useradd -g mysql mysql
# CFLAGS=”-O3″ CXX=gcc CXXFLAGS=”-O3 -felide-constructors -fno-exceptions -fno-rtti” \
./configure –prefix=/usr/local/mysql \
–enable-assembler –with-mysqld-ldflags=-all-static –with-charset=gbk
# make
# make install
# cp support-files/my-medium.cnf /etc/my.cnf
设置自启动
# cp support-files/mysql.server /etc/rc.d/init.d/mysqld
# chmod 755 /etc/rc.d/init.d/mysqld
# chkconfig –add mysqld
安装完以后要初始化数据库
# cd /usr/local/mysql
# /usr/local/mysql/bin/mysql_install_db –user=mysql
# chown -R root .
# chown -R mysql var
# chgrp -R mysql .
好了,至此mysql安装完毕,你可以这样起动你的mysql服务
# service mysqld start
为了能让系统找到mysql,请运行如下命令
# PATH=$PATH:/usr/local/mysql/bin
# export PATH
# echo “/usr/local/mysql/lib/mysql” >> /etc/ld.so.conf
# ldconfig
Go to top.
2.安装 apache 2.0.55
# wget http://apache.freelamp.com/httpd/httpd-2.0.55.tar.bz2
# tar jxvf httpd-2.0.55.tar.bz2
# cd httpd-2.0.55
# ./configure –prefix=/usr/local/apache
# make
# make install
设置自启动
# cp support/apachectl /etc/init.d/httpd
修改/etc/init.d/httpd
# vi /etc/init.d/httpd(前面几行改成如下样子)
#!/bin/sh
#
# Startup script for the Apache Web Server
# chkconfig: – 85 15
# description: Apache is a World Wide Web server. It is used to serve \
# HTML files and CGI.
# processname: httpd
# pidfile: /usr/local/apache/log/httpd.pid
# config: /usr/local/apache/conf/httpd.conf
# chkconfig –add httpd
# chmod 755 /etc/init.d/httpd
# chkconfig httpd on
创建网页根目录
# mkdir /var/www
修改apache配置文件
# vi /usr/local/apache/conf/httpd.conf
//存放网页的目录,原来为DocumentRoot “”,改成:
DocumentRoot “/var/www”
//这句应该和DocumentRoot 的目录保持一致,原来为,改成:
//Indexes:当在目录中找不到DirectoryIndex列表中指定的文件就生成当前目录的文件列表
//FollowSymlinks:允许符号链接跟随,访问不在本目录下的文件
Options Indexes FollowSymLinks
//禁止读取.htaccess配置文件的内容
AllowOverride None
//指定先执行Allow(允许)访问规则,再执行Deny(拒绝)访问规则
Order allow,deny
//设置Allow(允许)访问规则,允许所有连接
Allow from all
启动服务
# service httpd start
Go to top.
3.安装php 4.4.1
# wget http://cn.php.net/get/php-4.4.1.tar.bz2/fr…rom/this/mirror
# tar jxvf php-4.4.1.tar.bz2
# cd php-4.4.1
# ./configure \
–prefix=/usr/local/php \
–with-mysql=/usr/local/mysql \
–with-apxs2=/usr/local/apache/bin/apxs
# make
# make install
# cp php.ini-dist /usr/local/php/lib/php.ini
# vi /usr/local/php/lib/php.ini
;default_charset = “iso-8859-1″
在这行下面加一行
default_charset = “gbk”
# vi /usr/local/apache/conf/httpd.conf
找到#AddType application/x-tar .tgz 这行,在下面加两行
AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps
找到下面一行在后面加上index.php,这表示网站的默认页也能够为index.php
DirectoryIndex index.html index.html.var index.php
注意:改变了http.conf后,要重启apache服务
Go to top.
4.安装 cyrus-sasl 2.1.21
先关闭as4默认安装的sasl
# mv /usr/lib/sasl /usr/lib/sasl.OFF
# mv /usr/lib/sasl2 /usr/lib/sasl2.OFF
编译安装cyrus-sasl2.1.21
# wget http://ftp.andrew.cmu.edu/pub/cyrus-mail/c…l-2.1.21.tar.gz
# tar zxvf cyrus-sasl-2.1.21.tar.gz
# cd cyrus-sasl-2.1.21
# ./configure \
–disable-anon -enable-plain –enable-login \
–enable-sql –with-mysql=/usr/local/mysql \
–with-mysql-includes=/usr/local/mysql/include/mysql \
–with-mysql-libs=/usr/local/mysql/lib/mysql \
–with-authdaemond
# make
# make install
更新lib库
# echo “/usr/local/lib” >> /etc/ld.so.conf
# ldconfig
重要
# ln -s /usr/local/lib/sasl2 /usr/lib/sasl2
Go to top.
5.安装postfix 2.2.5
如果你的系统上原来有sendmail,先将其停止并将其文件改名
# /etc/init.d/sendmail stop
# chkconfig –level 0123456 sendmail off
# mv /usr/bin/newaliases /usr/bin/newaliases.orig
# mv /usr/bin/mailq /usr/bin/mailq.orig
# mv /usr/sbin/sendmail /usr/sbin/sendmail.orig
开始安装
# groupadd -g 12345 postfix
# useradd -u 12345 -g 12345 -c postfix -d/dev/null -s/sbin/nologin postfix
# groupadd -g 54321 postdrop
# wget ftp://postfix.cn99.com/postfix/official/p…ix-2.2.5.tar.gz
# tar zxvf postfix-2.2.5.tar.gz
# cd postfix-2.2.5
(Building Postfix with SASL authentication and mysql support)
# make -f Makefile.init makefiles \
‘CCARGS=-DHAS_MYSQL -I/usr/local/mysql/include/mysql -DUSE_SASL_AUTH -I/usr/local/include/sasl’ \
‘AUXLIBS=-L/usr/local/mysql/lib/mysql -lmysqlclient -lz -lm -L/usr/local/lib -lsasl2′
# make install
注意:
本例中Mysql安装在/usr/lcoal/mysql,sasl2安装在/usr/lib/sasl2。如果安装路径不同,请自行修改编译时CCARGS和AUXLIBS选项。
在执行make install的时候可能会得到如下的提示:
/usr/libexec/ld-elf.so.1: Shared object “libmysqlclient.so.12″ not found
这是因为mysql不是安装在默认目录中的,所以需要告诉postfix应该到哪里去找libmysqlclient.so.12,使用ldconfig就可以达到这个目的
# echo /usr/local/mysql/lib/mysql >> /etc/ld.so.conf
# ldconfig
Go to top.
6.安装postfixadmin 2.1.0
建立apache和maildrop的用户和组
# groupadd vmail -g 1001
# useradd vmail -u 1001 -g 1001 -s/sbin/nologin -d/dev/null
# vi /usr/local/apache/conf/httpd.conf
把
User nobody
Group #-1
改为
User vmail
Group vmail
# wget http://high5.net/postfixadmin/download.php…admin-2.1.0.tgz
# tar -zxvf postfixadmin-2.1.0.tgz
# mv postfixadmin-2.1.0 /var/www/postfixadmin
更改权限,假定运行apache的用户和组为vmail
# chown -R vmail:vmail /var/www/postfixadmin
# cd /var/www/postfixadmin
# chmod 640 *.php *.css
# cd /var/www/postfixadmin/admin/
# chmod 640 *.php .ht*
# cd /var/www/postfixadmin/images/
# chmod *.png
# cd /var/www/postfixadmin/languages/
# chmod 640 *.lang
# cd /var/www/postfixadmin/templates/
# chmod 640 *.tpl
# cd /var/www/postfixadmin/users/
# chmod 640 *.php
建立mysql表
# cd /var/www/postfixadmin
# mysql -u root < DATABASE_MYSQL.TXT
# cp config.inc.php.sample config.inc.php
# vi config.inc.php
本例中的配置如下:
$CONF['default_language'] = 'cn';
$CONF['database_type'] = 'mysql';
$CONF['database_host'] = 'localhost';
$CONF['database_user'] = 'postfixadmin';
$CONF['database_password'] = 'postfixadmin';
$CONF['database_name'] = 'postfix';
$CONF['encrypt'] = 'md5crypt';
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
$CONF['quota'] = 'YES';
$CONF['quota_multiplier'] = '1024000';
邮箱的存储格式使用domain.ltd/username的形式,所以设置:
$CONF['domain_path'] = 'YES';
$CONF['domain_in_mailbox'] = 'NO';
然后打开浏览器,进入postfixadmin的欢迎界面,点击网页上的setup,看看检查是否通过,记得要删除setup.php文件。然后进入http://www.yourdomain.com/postfixadmin/admin/index.php,就可以新建域名、管理员以及邮箱了。
Go to top.
# vi /etc/postfix/main.cf
#=====================BASE=========================
myhostname = www.test.com
mydomain = test.com
myorigin = $mydomain
mydestination = $myhostname localhost localhost.$mydomain
mynetworks = 127.0.0.0/8
inet_interfaces = all
#=====================Vritual Mailbox settings=========================
virtual_mailbox_base = /var/mailbox
virtual_mailbox_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql/mysql_virtual_domains_maps.cf
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql/mysql_virtual_alias_maps.cf
virtual_uid_maps = static:1001
virtual_gid_maps = static:1001
virtual_transport = maildrop
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
#====================QUOTA========================
message_size_limit = 14336000
virtual_mailbox_limit = 20971520
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_mailbox_limit_maps = mysql:/etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = Sorry, the user's maildir has overdrawn his diskspace quota, please try again later.
virtual_overquota_bounce = yes
#====================SASL========================
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname,
reject_non_fqdn_hostname,
reject_unknown_sender_domain,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_banner=$myhostname ESMTP "Version not Available"
Go to top.
建立/var/mailbox并设置权限
# mkdir /var/mailbox
# chown -R vmail:vmail /var/mailbox
# chmod -R ug+rwx,o-rwx /var/mailbox
建立/etc/postfix/mysql文件夹和MySQL查询配置文件
# mkdir /etc/postfix/mysql
1、vi /etc/postfix/mysql/mysql_virtual_alias_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = alias
select_field = goto
where_field = address
2、vi /etc/postfix/mysql/mysql_virtual_domains_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = domain
select_field = description
where_field = domain
#additional_conditions = and backupmx = '0' and active = '1'
3、vi /etc/postfix/mysql/mysql_virtual_mailbox_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = maildir
where_field = username
#additional_conditions = and active = '1'
4、vi /etc/postfix/mysql/mysql_virtual_mailbox_limit_maps.cf
user = postfix
password = postfix
hosts = localhost
dbname = postfix
table = mailbox
select_field = quota
where_field = username
#additional_conditions = and active = '1'
Go to top.
配置 /usr/local/lib/sasl2/smtpd.conf
sasl密码验证机制为authdaemond
# vi /usr/local/lib/sasl2/smtpd.conf
pwcheck_method:authdaemond
log_level:3
srp_mda:md5
password_format:crypt
mech_list:PLAIN LOGIN
authdaemond_path: /usr/local/var/spool/authdaemon/socket
Go to top.
7.安装Courier-authlib 0.57
新版本的imap不再包含authentication library,必须先安装 Courier authentication library
# wget http://www.courier-mta.org/beta/courier-au...0051004.tar.bz2
# tar jxvf courier-authlib-0.57.20051004.tar.bz2
# cd courier-authlib-0.57.20051004
# ./configure \
--with-redhat \
--with-authmysql=yes \
--with-mailuser=vmail --with-mailgroup=vmail \
--with-mysql-libs=/usr/local/mysql/lib/mysql --with-mysql-includes=/usr/local/mysql/include/mysql/
# make
# make install
# make install-configure
重要
# chmod +x /usr/local/var/spool/authdaemon/
# vi /usr/local/etc/authlib/authdaemonrc
authmodulelist="authmysql"
# vi /usr/local/etc/authlib/authmysqlrc
MYSQL_SERVER localhost
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_DATABASE postfix
MYSQL_USERNAME postfix
MYSQL_PASSWORD postfix
MYSQL_USER_TABLE mailbox
MYSQL_LOGIN_FIELD username
MYSQL_CRYPT_PWFIELD password
MYSQL_UID_FIELD '1001'
MYSQL_GID_FIELD '1001'
MYSQL_HOME_FIELD '/var/mailbox/'
MYSQL_MAILDIR_FIELD maildir
MYSQL_NAME_FIELD name
MYSQL_QUOTA_FIELD concat(quota,'S')
MYSQL_WHERE_CLAUSE active='1'
DEFAULT_DOMAIN test.com
注意:确认在这个文件中不能用空格键(包括行尾),只能用tab键。
确认只使用单引号,比如:'/var/mailbox/','UID','GID'(本文为'1001')
localhost不能用单引号
确认你的/etc/hosts文件中有localhost
编译时如果支持Ipv6可能导致错误
MYSQL_GID_FIELD 和MYSQL_UID_FIELD是maildrop的UID和GID,而不是MySQL的
启动服务
自启动:
# cp courier-authlib.sysvinit /etc/rc.d/init.d/courier-authlib
# chmod 755 /etc/rc.d/init.d/courier-authlib
# chkconfig --level 0123456 courier-authlib on
手动启动服务:
# authdaemond start
Go to top.
8.安装Courier-imap 4.0.6
# wget http://www.courier-mta.org/beta/imap/couri...0051004.tar.bz2
# tar jxvf courier-imap-4.0.6.20051004.tar.bz2
# cd courier-imap-4.0.6.20051004
# ./configure \
--prefix=/usr/local/imap \
--with-redhat \
--disable-root-check \
--enable-unicode=utf-8,iso-8859-1,gb2312,gbk,gb18030 \
--with-trashquota \
--with-dirsync
# make
# make install-strip (先install-strip,如果失败,再make install)
# make install-configure
# vi /usr/local/imap/etc/pop3d
POP3DSTART=YES
# vi /usr/local/imap/etc/imapd
IMAPDSTART=YES
让imap自启动:
# cp courier-imap.sysvinit /etc/rc.d/init.d/courier-imap
# chmod 755 /etc/rc.d/init.d/courier-imap
# chkconfig --level 0123456 courier-imap on
Go to top.
9.安装Courier-maildrop 2.0.1
先装pcre
# wget http://optusnet.dl.sourceforge.net/sourcef...cre-6.3.tar.bz2
# tar jxvf pcre-6.3.tar.bz2
# cd pcre-6.3
# ./configure
# make
# make install
# wget http://optusnet.dl.sourceforge.net/sourcef...p-2.0.1.tar.bz2
# tar jxvf maildrop-2.0.1.tar.bz2
# cd maildrop-2.0.1
# ./configure \
--prefix=/usr/local/maildrop \
--enable-sendmail=/usr/sbin/sendmail \
--enable-trusted-users='root vmail' \
--enable-syslog=1 \
--enable-maildirquota \
--enable-maildrop-uid=1001 \
--enable-maildrop-gid=1001 \
--with-trashquota \
--with-dirsync
# make
# make install
# cp /usr/local/maildrop/bin/maildrop /usr/bin
# chmod a+rx /usr/bin/maildrop
运行maildrop -v应该有如下提示信息:
maildrop 2.0.0 Copyright 1998-2005 Double Precision, Inc.
GDBM extensions enabled.
Courier Authentication Library extension enabled.
Maildir quota extension enabled.
This program is distributed under the terms of the GNU General Public
License. See COPYING for additional information.
新建/etc/maildroprc文件
# vi /etc/maildroprc
logfile "/var/mailbox/maildrop.log"
to "$HOME/$DEFAULT"
# chmod a+r /etc/maildroprc
配置Postfix
# vi /etc/postfix/master.cf
maildrop unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/local/maildrop/bin/maildrop -w 90 -d ${recipient}
由于maildrop没有建立及删除maildir的功能,因此由脚本实现(是否有什么安全隐患?)
# vi /etc/sudoers
vmail ALL = NOPASSWD: /usr/sbin/maildirmake.sh , /usr/sbin/maildirdel.sh
新建/usr/sbin/maildirmake.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
set -e
if [ ! -d /var/mailbox/$1 ]
then
mkdir /var/mailbox/$1
fi
chown -R vmail:vmail /var/mailbox/$1
cd "/var/mailbox/$1"
/usr/local/imap/bin/maildirmake $2
chown -R vmail:vmail /var/mailbox/$1/$2
新建/usr/sbin/maildirdel.sh文件
# vi /usr/sbin/maildirmake.sh
#!/bin/bash
rm -rf /var/mailbox/$1/$2
# chmod 755 /usr/sbin/maildirmake.sh
# chmod 755 /usr/sbin/maildirdel.sh
更改postfixadmin目录及postfixadmin/admin目录下的create-mailbox.php文件
在这两个文件的$tQuota = $CONF['maxquota'];行后加一行(postfixadmin/admin目录下的大概在200行,postfixadmin目录下的大概在?行):
# vi /var/www/postfixadmin/admin/create-mailbox.php (vi /var/www/postfixadmin/create-mailbox.php)
system("sudo /usr/sbin/maildirmake.sh $fDomain ".$_POST['fUsername']);
更改postfixadmin目录及postfixadmin/admin目录下的delete.php文件
在这两个文件的$result = db_query ("SELECT * FROM mailbox WHERE username='$fDelete' AND domain='$fDomain'");行后加几行:
# vi /var/www/postfixadmin/admin/delete.php (vi /var/www/postfixadmin/delete.php)
$userarray=explode("@",$fDelete);
$user=$userarray[0];
$domain=$userarray[1];
system("sudo /usr/sbin/maildirdel.sh $domain $user");
10.测试
启动所有服务
# service httpd start
# service mysqld start
# postfix start
# service courier-authlib start
# service courier-imap start
# netstat -ant | grep "LISTEN"
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 :::110 :::* LISTEN
tcp 0 0 :::143 :::* LISTEN
tcp 0 0 :::80 :::* LISTEN
在postfixadmin中建立一测试帐户test@test.com
测试smtp
# perl -MMIME::Base64 -e 'print encode_base64("test\@test.com");'
dGVzdEB0ZXN0LmNvbQ==
# perl -MMIME::Base64 -e 'print encode_base64("test");'
dGVzdA==
# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 www.test.com ESMTP "Version not Available"
ehlo www.test.com
250-www.test.com
250-PIPELINING
250-SIZE 14336000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
auth login
334 VXNlcm5hbWU6
dGVzdEB0ZXN0LmNvbQ==
334 UGFzc3dvcmQ6
dGVzdA==
235 Authentication successful
测试POP3和IMAP
# telnet localhost 110
+OK Hello there
user test@test.com
+OK Password required.
pass test
+OK Logged in.
quit
+OK bye-bye
测试maildrop
# maildrop -V 9 -d test@test.com
maildrop: authlib: groupid=1001
maildrop: authlib: userid=1001
maildrop: authlib: logname=test@test.com, home=/var/mailbox/, mail=test.com/test/
maildrop: Changing to /var/mailbox/
ctrl+c退出
Go to top.
11.webmail
11.1.安装squirrelmail 1.4.5
下载squirrelmail及中文包
# wget http://keihanna.dl.sourceforge.net/sourcef...l-1.4.5.tar.bz2
# wget http://optusnet.dl.sourceforge.net/sourcef...0050904.tar.bz2
把squirreelmail解压到/var/www目录下。
# tar jxvf squirrelmail-1.4.5.tar.bz2 -C /var/www/
# mv /var/www/squirrelmail-1.4.5/ /var/www/squirrelmail
解压中文包
# tar jxvf zh_CN-1.4.5-20050904.tar.bz2 -C /var/www/squirrelmail/
在配置squirrelmail之前先下载三个插件:
Quota Usage Version 1.3
# wget http://www.squirrelmail.org/countdl.php?fi....3-1.2.7.tar.gz
Compatibility Version 2.0.2
# wget http://www.squirrelmail.org/countdl.php?fi...ty-2.0.2.tar.gz
Change MySQL Password Version 3.2
# wget http://www.squirrelmail.org/countdl.php?fi....2-1.2.8.tar.gz
把这三个插件解压到squirrelmail的plugin目录下
# tar zxvf quota_usage-1.3-1.2.7.tar.gz -C /var/www/squirrelmail/plugins/
# tar zxvf compatibility-2.0.2.tar.gz -C /var/www/squirrelmail/plugins/
# tar zxvf change_mysqlpass-3.2-1.2.8.tar.gz -C /var/www/squirrelmail/plugins/
第一个插件是用来显示邮箱的使用情况的;第二个和第三个插件是用来修改密码的。
如果不想装这些插件,请跳过。
配置Quota Usage
# cd /var/www/squirrelmail/plugins/quota_usage
# cp config.php.sample config.php
配置Change MySQL Password
# cd /var/www/squirrelmail/plugins/change_mysqlpass
# cp config.php.sample config.php
# vi config.php
更改如下几个变量:
$mysql_database = 'postfix';
$mysql_table = 'mailbox';
$mysql_userid_field = 'username';
$mysql_password_field ='password';
$mysql_manager_id = 'postfix';
$mysql_manager_pw = 'postfix';
$mysql_unixcrypt = 0;
$mysql_MD5crypt = 1;
$use_ssl_for_password_change = 0;
配置squirrelmail
# cd /var/www/squirrelmail
# ./configure
进入10. Languages
把1. Default Language : 的en_US改成zh_CN。
进入8. Plugins,添加这三个插件
# chown -R vmail:vmail /var/www/squirrelmail/data/
# chmod -R 730 /var/www/squirrelmail/data/
打开浏览器输入http://192.168.0.5/squirrelmail/,用test@test.com登陆,你将会在屏幕的左上角看到邮箱的使用情况,你还会看到一条警告信息:
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /var/www/squirrelmail/plugins/change_mysqlpass/functions.php on line 129
这是由于数据库结构不一致造成的,你只要把functions.php中的129行注释调即可(在行首加//)
Go to top.
12.安装clamav 0.87
# wget http://optusnet.dl.sourceforge.net/sourcef...mav-0.87.tar.gz
# tar zxvf clamav-0.87.tar.gz
# cd clamav-0.87
# groupadd clamav
# useradd -g clamav -s/sbin/nologin -d/dev/null clamav
# ./configure --prefix=/usr/local/clamav --with-dbdir=/usr/local/share/clamav --disable-zlib-vcheck
# make
# make check
# make install
编辑/usr/local/clamav/etc/clamd.conf
# vi /usr/local/clamav/etc/clamd.conf
#Verbose logging with syslog
LogSyslog
LogVerbose
LogFacility LOG_MAIL
LogFile /var/log/clamav/clamd.log
#Change pid file location
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /usr/local/share/clamav
#Set the clamav socket
LocalSocket /var/run/clamav/clamd
#Close the connection when this limit is exceeded
StreamMaxLength 10M
#Don't run clamd as root
User amavis
#Newer versions require you to uncomment this
ScanMail
ScanArchive
编辑/usr/local/clamav/etc/freshclam.conf
# vi /usr/local/clamav/etc/freshclam.conf
DatabaseDirectory /usr/local/share/clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogSyslog
LogVerbose
DatabaseOwner amavis
#Check for updates every two hours. That is the official recommendation
Checks 12
DatabaseMirror db.CN.clamav.net
DatabaseMirror database.clamav.net
NotifyClamd
注意:一定要注释掉上面两个文件中Example那行
添加amavis用户和组
# groupadd amavis
# useradd -g amavis -s /sbin/nologin -d /dev/null amavis
创建日志文件夹并设置权限
# mkdir /var/log/clamav
# chmod -R 744 /var/log/clamav
# chown -R amavis:amavis /var/log/clamav
# chown -R amavis.amavis /usr/local/share/clamav
# mkdir /var/run/clamav
# chmod 700 /var/run/clamav
# chown amavis.amavis /var/run/clamav
手动更新病毒库
# /usr/local/clamav/bin/freshclam
启动
# /usr/local/clamav/sbin/clamd
Go to top.
13.安装amavisd-new 2.3.3
# wget http://www.ijs.si/software/amavisd/amavisd...ew-2.3.3.tar.gz
# tar zxvf amavisd-new-2.3.3.tar.gz
# cd amavisd-new-2.3.3
# mkdir -p /var/amavis /var/amavis/tmp /var/amavis/var /var/amavis/db
# chown -R amavis:amavis /var/amavis
# chmod -R 750 /var/amavis
# cp amavisd /usr/local/sbin/
# chown root /usr/local/sbin/amavisd
# chmod 755 /usr/local/sbin/amavisd
# cp amavisd.conf /etc/
# chown root /etc/amavisd.conf
# chmod 644 /etc/amavisd.conf
# cp amavisd_init.sh /etc/rc.d/init.d/amavisd
# chmod 744 /etc/rc.d/init.d/amavisd
# chkconfig --add amavisd
# chkconfig amavisd on
# vi /etc/rc.d/init.d/amavisd
prog="/usr/local/sbin/amavisd"
病毒邮件存放目录
# mkdir /var/virusmails
# chown amavis:amavis /var/virusmails
# chmod 750 /var/virusmails
Go to top.
编辑/etc/amavisd.conf,修改下面这几行
# vi /etc/amavisd.conf
$max_servers=8;
$daemon_user = 'amavis';
$daemon_group = 'amavis';
$mydomain = 'test.com';
$db_home = "$MYHOME/db";
$inet_socket_port = 10024;
$sa_tag_level_deflt = -100;
$sa_tag2_level_deflt = 6.3;
$sa_kill_level_deflt = $sa_tag2_level_deflt;
$virus_admin = "virusalert\@$mydomain";
$sa_spam_subject_tag = '***SPAM*** ';
$notify_method = $forward_method;
$forward_method = 'smtp:127.0.0.1:10025';
$final_virus_destiny = D_DISCARD;
$final_banned_destiny = D_DISCARD;
$final_spam_destiny = D_DISCARD;
['ClamAV-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
测试amavis
# /usr/local/sbin/amavisd debug
ERROR: MISSING REQUIRED BASIC MODULES:
Time::HiRes
IO::Wrap
Unix::Syslog
Mail::Field
MIME::Words
Net::Server
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 141.
根据出错提示,缺什么装什么,我的LANG变量为en_US.UTF-8
# perl -MCPAN -e shell
cpan> install Time::HiRes
cpan> install IO::Wrap
cpan> install Unix::Syslog
cpan> install Mail::Field
cpan> install Compress::Zlib
cpan> install MIME::Words
cpan> install Net::Server
cpan> install BerkeleyDB
cpan> install Convert::TNEF
cpan> install Convert::UUlib
cpan> install Archive::Tar
cpan> install Archive::Zip
cpan> install HTML::Parser
cpan> install DB_File
cpan> install Net::DNS (提示是否test, 选择no)
cpan> install Digest::SHA1
cpan> install Mail::SpamAssassin (# export LANG=en_US)
期间MIME安装会失败,只好手动安装,跳过测试
# cd /root/.cpan/build/MIME-tools-5.418/
# perl Makefile.PL
# make install
启动
# /usr/local/sbin/amavisd start 或
# service amavisd start
Go to top.
设置postfix
修改/etc/postfix/main.cf
# vi /etc/postfix/main.cf (加入一行)
content_filter = amavis:127.0.0.1:10024
修改/etc/postfix/master.cf
# vi /etc/postfix/master.cf (在最后加上)
# amavisd-new
amavis unix – - n – 2 smtp
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
localhost:10025 inet n – n – - smtpd
-o content_filter=
-o local_recipient_maps=
-o relay_recipient_maps=
-o mynetworks=127.0.0.0/8
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o strict_rfc821_envelopes=yes
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
重新服务
# service postfix restart
# service clamd restart
# service amavisd restart
# netstat -ant | grep LISTEN (应该可以看到这两个端口在监听)
127.0.0.1.10024 *.* 0 0 49152 0 LISTEN
127.0.0.1.10025 *.* 0 0 49152 0 LISTEN
Go to top.
14.安装Spamassassin
前面装amavis的时候已经装好了,如果没装,请按如下方式安装
启动spamd
# /usr/bin/spamd –daemonize –pidfile /var/run/spamd.pid
下载中文垃圾垃圾邮件过滤规则Chinese_rules.cf
# wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf
每次更新Chinese_rules.cf需要重启spamd方法如下
# kill -HUP `cat /var/run/spamd.pid`
自动更新中文垃圾垃圾邮件过滤规则
# vi /etc/crontab (加一行)
0 0 1 * * root wget -N -P /usr/share/spamassassin www.ccert.edu.cn/spam/sa/Chinese_rules.cf;kill -HUP `cat /var/run/spamd.pid`
测试病毒扫描
给该test@test.com用户发送邮件,包含以下内容:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
查看日志,如果出现类似如下提示,则表明成功
Nov 6 22:06:20 localhost postfix/smtp[18276]: 9CEB657E22: to=, relay=127.0.0.1[127.0.0.1], delay=2, status=sent (250 2.7.1 Ok, discarded, id=18262-01 – VIRUS: Eicar-Test-Signature)
邮件病毒扫描日志将被记录在/var/log/clamav/clamav.log中!
测试垃圾邮件扫描
给test@test.com用户发送邮件,包含以下内容:
XJS*C4JDBQADN1.NSBN3*2IDNEN*GTUBE-STANDARD-ANTI-UBE-TEST-EMAIL*C.34X
查看日志,如果出现类似如下提示,表明成功
Nov 6 22:10:51 localhost amavis[18263]: (18263-01) Blocked SPAM, LOCAL [127.0.0.1] [127.0.0.1] -> , quarantine: spam-JH2LSCT1MLYg.gz, Message-ID: <1451.192.168.1.10.1131286248.squirrel@192.168.1.21>, mail_id: JH2LSCT1MLYg, Hits: 1005.902, 3591 ms
Go to top.
15.启动脚本
postfix的启动脚本:
# cat /etc/rc.d/init.d/postfix
=================================================================
#!/bin/bash
#
# mailsys This shell script takes care of starting and stopping Postfix
# author : xingyu.wang 2004/1/28
#
# chkconfig: 2345 80 30
# description: Postfix is a Mail Transport Agent, which is the program
# that moves mail from one machine to another.
#
# processname: mailsys
# pidfile: /var/run/postfix.pid
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
[ -f /usr/sbin/postfix ] || exit 0
RETVAL=0
prog=”Postfix”
start() {
# Start daemons.
echo -n $”Starting $prog: ”
/usr/sbin/postfix start > /dev/null 2>&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
touch /var/lock/subsys/postfix
success $”$prog start”
else
failure $”$prog start failure”
fi
echo
return $RETVAL
}
stop() {
# Stop daemons.
echo -n $”Shutting down $prog: ”
/usr/sbin/postfix stop > /dev/null 2>&1 &
RETVAL=$?
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/postfix
success $”$prog stop”
else
failure $”$prog stop failure”
fi
echo
return $RETVAL
}
# See how we were called.
case “$1″ in
start)
start
;;
stop)
stop
;;
restart|reload)
stop
start
RETVAL=$?
;;
*)
echo $”Usage: $0 {start|stop|restart}”
exit 1
esac
exit $RETVA
# chmod 755 /etc/rc.d/init.d/postfix
# chkconfig –level 2345 postfix on
clamav的启动脚本
# vi /etc/rc.d/init.d/clamd
=================================================================
#! /bin/bash
#
# crond Start/Stop the clam antivirus daemon.
#
# chkconfig: 2345 90 60
# description: clamdis a standard UNIX program that scans for Viruses.
# processname: clamd
# config: /usr/local/clamav/etc/clamd.conf
# pidfile: /var/run/clamav/clamd.pid
# Source function library.
. /etc/rc.d/init.d/functions
RETVAL=0
# See how we were called.
prog=”clamd”
progdir=”/usr/local/clamav/sbin”
# Source configuration
if [ -f /etc/sysconfig/$prog ] ; then
. /etc/sysconfig/$prog
fi
start() {
echo -n $”Starting $prog: ”
daemon $progdir/$prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/run/clamav/clamd.pid
return $RETVAL
}
stop() {
echo -n $”Stopping $prog: ”
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/run/clamav/clamd.pid
return $RETVAL
}
rhstatus() {
status clamd
}
restart() {
stop
start
}
reload() {
echo -n $”Reloading clam daemon configuration: ”
killproc clamd -HUP
retval=$?
echo
return $RETVAL
}
case “$1″ in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
reload)
reload
;;
status)
rhstatus
;;
condrestart)
[ -f /var/lock/subsys/clamd ] && restart || :
;;
*)
echo $”Usage: $0 {start|stop|status|reload|restart|condrestart}”
exit 1
esac
exit 0
# chmod 755 /etc/rc.d/init.d/clamd
# chkconfig –add clamd
# chkconfig clamd on
Go to top.
Posted 2 years, 7 months ago at 11:32 am. 0 comments
原文来自 In-Depth Roadmap Analysis For Ubuntu Hardy Heron 8.04,部分内容如下:
包括三个方面的改进:
1. User Experience, 用户体验
2. Networking and Security, 网络和安全
3. Support 技术支持
User Experience, 用户体验
新的主题;
更容易添加第三方 apt 源。.install 文件双击执行即可;
X.Org 7.3,显卡设置GUI界面改进;
Automatix-Ubuntu Team Collaboration 整合 automatix;
Dual/Multi Monitor Gnome Configuration 多显示器支持;
SlickBoot 三种启动界面 text, SVGA, and high-resolution;
Install on an existing filesystem without overwriting /home 重新安装不覆盖 /home 目录;(郭爽注:在此之前,要么单独给 home 分区,要么自己手工备份。我个人的经验是,在 win下保留 d 盘的 portableApps 和 music 以及 david-我的工作目录 即可,其它还有什么需要保留的呢?linux 下重要的东西也直接保留在 ntfs 分区。其实更多资料我直接就发到 blog 服务器或者 gmail 邮箱里)
Improve Handling of Full Disks 改进磁盘满的处理方式。linux 磁盘空间不够的话,不能进入 xwin,只能有只读的root分区。改进可能是在空间快不够的时候提示用户或者给一个清理程序。(郭爽注:遇到过一次 linux 磁盘空间不够的情况,进入 /var/log/ 删除一些日志即可,并不象原作者说到的那样是只读)
Integrate Prefetch into Bootup 加入预处理。(郭爽注:你可以查看这个windows prefetch了解什么是 prefetch)
Easy File Sharing 让 ubuntu 之间的文件共享更简单;
Single Click Install 从互联网安装软件更容易;
Add Remove Software Improvements 添加|删除软件功能改进。可能会在线显示当前最热门的软件,以供安装。
Simple Samba Integration 简化 samba 的界面
Redesign About Ubuntu 改进 about ubuntu 的内容
Networking and Security, 网络和安全
Modular /etc/network/interfaces 网络设置模块;
Dial Up Support 加入 Network Manager 这个软件来管理 adsl 拨号等;
Improve support for encrypted file systems 改进由Gutsy Gibbon 开始的对加密盘的支持;
Live CD- share this wiki中解释的很好“Netboot server for easy setup of thin clients and machines which don’t have a CD drive.”;
killall gksudo: Stop running GTK as root! 想办法减少俺们敲 sudo 或者 gksudo 和密码的次数。:)
Support 技术支持
这里说了很多,都是关于更好的用户技术支持的问题。
比如,I’ve heard many users say they’ve burned a copy of a distribution and then it didn’t boot. The primary reason for this is that they simply burned the ISO file itself to the CD, instead of burning the image properly. 嘿嘿,俺第一次刻盘的时候也是刻了一个包含 xxx.iso 的 data CD。
Ubuntu Mobile Browser 类似于 win 下的 portableApps
Installing Ubuntu from within Windows windows 下的一键安装 ubuntu(ubuntu-install.exe)
…
读 ntfs 分区本来就没问题。要加入NTFS分区写入支持,在 feisty 中很容易。直接安装 ntfs-config 即可
Widows NTFS Partitions Read/write support made easy in Ubuntu Feisty
安装 imagemagick,并且打包 jpg(640*480 16 色以下) 为 xpm.gz 格式。