Another Home Page Blog - Linuxhttps://blog.anotherhomepage.org/2017-12-16T11:42:00+01:00CentOS 7 : démarrer Anaconda en PXE2017-12-16T11:42:00+01:002017-12-16T11:42:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-12-16:/post/2017/12/16/centos-7-anaconda-pxe/<p><img alt=""Pare-brise brisé"" src="https://blog.anotherhomepage.org/public/carglass03.jpg">Je voulais, à la base, écrire un billet sur une installation particulière de CentOS 7. J'ai donc voulu utiliser mon "infrastructure de boot PXE" à la maison et commencer à gribouiller un kickstart, mais quand j'ai démarré ma machine virtuelle sur le réseau, le drame :</p>
<div class="highlight"><pre><span></span><code>dracut-initqueue<span class="o">[</span><span class="m">584</span><span class="o">]</span>: Warning: Could not …</code></pre></div><p><img alt=""Pare-brise brisé"" src="https://blog.anotherhomepage.org/public/carglass03.jpg">Je voulais, à la base, écrire un billet sur une installation particulière de CentOS 7. J'ai donc voulu utiliser mon "infrastructure de boot PXE" à la maison et commencer à gribouiller un kickstart, mais quand j'ai démarré ma machine virtuelle sur le réseau, le drame :</p>
<div class="highlight"><pre><span></span><code>dracut-initqueue<span class="o">[</span><span class="m">584</span><span class="o">]</span>: Warning: Could not boot.
dracut-initqueue<span class="o">[</span><span class="m">584</span><span class="o">]</span>: Warning: /dev/root does not exist
</code></pre></div>
<p>Ma configuration pxelinux à ce moment est la suivante :</p>
<div class="highlight"><pre><span></span><code><span class="n">LABEL</span> <span class="n">centos7amd64</span>
<span class="n">MENU</span> <span class="n">LABEL</span> <span class="n">Install</span> <span class="n">CentOS</span> <span class="mi">7</span> <span class="n">x86_64</span> <span class="p">(</span><span class="n">interactive</span><span class="p">)</span>
<span class="n">KERNEL</span> <span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span><span class="n">isolinux</span><span class="o">/</span><span class="n">vmlinuz</span>
<span class="n">APPEND</span> <span class="n">initrd</span><span class="o">=</span><span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span><span class="n">isolinux</span><span class="o">/</span><span class="n">initrd</span><span class="p">.</span><span class="n">img</span> <span class="n">ip</span><span class="o">=</span><span class="n">dhcp</span> <span class="n">inst</span><span class="p">.</span><span class="n">repo</span><span class="o">=</span><span class="n">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="p">.</span><span class="n">T</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span> <span class="n">inst</span><span class="p">.</span><span class="n">ks</span><span class="o">=</span><span class="n">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="p">.</span><span class="n">T</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">ks</span><span class="o">/</span><span class="n">c7_x86_64</span><span class="p">.</span><span class="n">cfg</span>
</code></pre></div>
<p>Et bien entendu, le même type de configuration fonctionne en CentOS 6.</p>
<p>Ce message d'erreur arrive à des moments et des types d'installation parfois différents, de ce que j'ai lu. Et la résolution n'est pas toujours la même. Dans mon cas, il a fallu que j'ajoute le chemin vers un fichier squashfs, qui doit contenir l'OS minimal pour démarrer Anaconda je crois. Cela donne donc la configuration suivante :</p>
<div class="highlight"><pre><span></span><code><span class="n">LABEL</span> <span class="n">centos7amd64</span>
<span class="n">MENU</span> <span class="n">LABEL</span> <span class="n">Install</span> <span class="n">CentOS</span> <span class="mi">7</span> <span class="n">x86_64</span> <span class="p">(</span><span class="n">interactive</span><span class="p">)</span>
<span class="n">KERNEL</span> <span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span><span class="n">isolinux</span><span class="o">/</span><span class="n">vmlinuz</span>
<span class="n">APPEND</span> <span class="n">initrd</span><span class="o">=</span><span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span><span class="n">isolinux</span><span class="o">/</span><span class="n">initrd</span><span class="p">.</span><span class="n">img</span> <span class="n">root</span><span class="o">=</span><span class="n">live</span><span class="p">:</span><span class="n">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="p">.</span><span class="n">T</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span><span class="n">LiveOS</span><span class="o">/</span><span class="n">squashfs</span><span class="p">.</span><span class="n">img</span> <span class="n">ip</span><span class="o">=</span><span class="n">dhcp</span> <span class="n">inst</span><span class="p">.</span><span class="n">repo</span><span class="o">=</span><span class="n">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="p">.</span><span class="n">T</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">centos</span><span class="o">/</span><span class="mi">7</span><span class="o">/</span><span class="n">os</span><span class="o">/</span><span class="n">x86_64</span><span class="o">/</span> <span class="n">inst</span><span class="p">.</span><span class="n">ks</span><span class="o">=</span><span class="n">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="p">.</span><span class="n">T</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">ks</span><span class="o">/</span><span class="n">c7_x86_64</span><span class="p">.</span><span class="n">cfg</span>
</code></pre></div>
<p>J'espère que cela rendra service à d'autres !</p>
<p><em>Vous avez aimé cet article ? Alors partagez-le sur les réseaux sociaux ! Si en plus vous avez des remarques, ou des propositions d'améliorations, n'hésitez pas : les commentaires sont là pour ça !</em></p>
<p><em>Crédit photo : <a href="https://www.flickr.com/photos/mnsc/4391351493/in/photolist-7G3PNM-DBw5uK-kn9btB-rPm4Rs-5nwgSk-3k2H6u-VG2vMT-sHiEDr-Stg5Rm-7G3PE8-WeAcBc-7Wd8wT-TwtQjC-RHSjHY-T4biAk-schHmv-DvKkvL-fA1Kou-SPjrVS-7Wd8gz-T4axKV-rACUHa-UgGJde-sp4J5e-SRLv3Z-rmU7fN-5bgGnY-rTHJTM-5knknw-pgu9hJ-ouZyZp-oePFWz-oujSWW-hf1735-oszBPJ-S4SUnj-CuEiHV-H6seSx-jyNXi2-SRNxcK-T1ngND-21j23Fw-Stggks-4judBT-22pgdti-SWLSjb-qYGYz8-SRNhPB-4jyEdt-s1XYCR" title=""Car">Mattias - Car Glass 03</a>.</em></p>CentOS 7 : désactiver firewalld et réactiver iptables2017-06-27T13:10:00+02:002017-06-27T13:10:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-06-27:/post/2017/06/27/centos-7-desactiver-firewalld-reactiver-iptables/<p><img alt=""tools"" src="https://blog.anotherhomepage.org/public/tools.jpg" title=""tools,">En plus de systemd, RHEL 7 et CentOS 7 disposent d'une nouvelle interface de pare-feu : firewalld. Bien qu'il fasse plutôt bien le boulot, je me suis trouvé dans des cas où j'avais du mal à lui faire faire ce que je voulais. En fait dès l'instant où j'ai commencé à …</p><p><img alt=""tools"" src="https://blog.anotherhomepage.org/public/tools.jpg" title=""tools,">En plus de systemd, RHEL 7 et CentOS 7 disposent d'une nouvelle interface de pare-feu : firewalld. Bien qu'il fasse plutôt bien le boulot, je me suis trouvé dans des cas où j'avais du mal à lui faire faire ce que je voulais. En fait dès l'instant où j'ai commencé à jouer avec des interfaces tun, des zones et de la retransmission de paquets, j'ai commencé à avoir des difficultés. En attendant de les résoudre, j'ai noté que je pouvais revenir au fonctionnement précédent, et piloter iptables directement.</p>
<h3>Désactivation de firewalld</h3>
<p>Commençons par arrêter firewalld, et s'assurer qu'il est bien coupé :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl stop firewalld.service</span>
<span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl status firewalld.service</span>
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded <span class="o">(</span>/usr/lib/systemd/system/firewalld.service<span class="p">;</span> disabled<span class="p">;</span> vendor preset: enabled<span class="o">)</span>
Active: inactive <span class="o">(</span>dead<span class="o">)</span>
Docs: man:firewalld<span class="o">(</span><span class="m">1</span><span class="o">)</span>
Jun <span class="m">27</span> <span class="m">10</span>:27:00 test.anotherhomepage.org systemd<span class="o">[</span><span class="m">1</span><span class="o">]</span>: Starting firewalld - dynamic firewall daemon...
Jun <span class="m">27</span> <span class="m">10</span>:27:00 test.anotherhomepage.org systemd<span class="o">[</span><span class="m">1</span><span class="o">]</span>: Started firewalld - dynamic firewall daemon.
Jun <span class="m">27</span> <span class="m">10</span>:27:25 test.anotherhomepage.org systemd<span class="o">[</span><span class="m">1</span><span class="o">]</span>: Stopping firewalld - dynamic firewall daemon...
Jun <span class="m">27</span> <span class="m">10</span>:27:25 test.anotherhomepage.org systemd<span class="o">[</span><span class="m">1</span><span class="o">]</span>: Stopped firewalld - dynamic firewall daemon.
</code></pre></div>
<p>Bien sûr, cela veut dire qu'à partir de maintenant, la machine n'est plus protégée par le pare-feu.</p>
<p>Ensuite, on désactive son démarrage automatique :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl disable firewalld.service</span>
</code></pre></div>
<p>Si vraiment on ne souhaite plus pouvoir démarrer firewalld par accident, on peut le masquer :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl mask firewalld.service</span>
Created symlink from /etc/systemd/system/firewalld.service to /dev/null.
</code></pre></div>
<p>Maintenant c'est pas tout, mais faut remettre un pare-feu.</p>
<h3>Activation d'iptables</h3>
<p>Pour activer iptables, c'est très simple, commençons par installer le paquet "iptables-services" :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># yum -y install iptables-services</span>
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.imt-systems.com
* extras: mirror.netcologne.de
* updates: mirror.ratiokontakt.de
Resolving Dependencies
--> Running transaction check
---> Package iptables-services.x86_64 <span class="m">0</span>:1.4.21-17.el7 will be installed
--> Finished Dependency Resolution
Dependencies <span class="nv">Resolved</span>
<span class="o">=============================================================================================================================================================================================================================================</span>
Package Arch Version Repository <span class="nv">Size</span>
<span class="o">=============================================================================================================================================================================================================================================</span>
Installing:
iptables-services x86_64 <span class="m">1</span>.4.21-17.el7 base <span class="m">50</span> k
Transaction <span class="nv">Summary</span>
<span class="o">=============================================================================================================================================================================================================================================</span>
Install <span class="m">1</span> Package
Total download size: <span class="m">50</span> k
Installed size: <span class="m">24</span> k
Downloading packages:
iptables-services-1.4.21-17.el7.x86_64.rpm <span class="p">|</span> <span class="m">50</span> kB <span class="m">00</span>:00:00
Running transaction check
Running transaction <span class="nb">test</span>
Transaction <span class="nb">test</span> succeeded
Running transaction
Installing : iptables-services-1.4.21-17.el7.x86_64 <span class="m">1</span>/1
Verifying : iptables-services-1.4.21-17.el7.x86_64 <span class="m">1</span>/1
Installed:
iptables-services.x86_64 <span class="m">0</span>:1.4.21-17.el7
Complete!
</code></pre></div>
<p>Ensuite, on l'active dans systemd :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl enable iptables</span>
Created symlink from /etc/systemd/system/basic.target.wants/iptables.service to /usr/lib/systemd/system/iptables.service.
</code></pre></div>
<p>On peut alors le lancer :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span>root@test ~<span class="o">]</span><span class="c1"># systemctl start iptables</span>
</code></pre></div>
<p>Comme pour RHEL 6 et CentOS 6, la configuration se trouve dans le fichier <em>/etc/sysconfig/iptables</em>, et dispose d'un jeu de règles n'ouvrant la voie qu'au ping et à SSH. La machine est, à partir de cet instant, de nouveau protégée par un pare-feu.</p>
<p>Vous avez aimé cet article ? Alors partagez-le sur les réseaux sociaux ! Si en plus vous avez des remarques, ou des propositions d'améliorations, n'hésitez pas : les commentaires sont là pour ça !</p>
<p><em>Crédit photo : <a href="https://www.flickr.com/photos/velacreations/5249327029/" title="tools">velacreations - tools</a>.</em></p>Redirection de ports vers localhost sous Linux2017-06-19T09:30:00+02:002017-06-19T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-06-19:/post/2017/06/19/redirection-ports-localhost-linux/<p>Il m'est arrivé récemment de lancer des services uniquement sur la boucle locale d'une machine, par exemple un serveur web. On peut douter du bien-fondé de la démarche, mais je trouve cela intéressant à deux titres :- d'abord, si la configuration du service nécessite une adresse IP, cela sera 127.0 …</p><p>Il m'est arrivé récemment de lancer des services uniquement sur la boucle locale d'une machine, par exemple un serveur web. On peut douter du bien-fondé de la démarche, mais je trouve cela intéressant à deux titres :- d'abord, si la configuration du service nécessite une adresse IP, cela sera 127.0.0.1, et n'aura pas besoin d'être modifiée en cas de copie sur une autre machine ;- ensuite, si jamais pour une raison ou une autre le pare-feu vient à être inactif, le service ne sera pas exposé.</p>
<p>Bien sûr, cela ajoute une contrainte, celle d'effectuer une redirection de port en plus de l'ouverture de flux. De plus, je ne sais pas si cela a une influence réelle en terme de performance. Je pourrais tester cela à l'occasion, et en faire un article, tiens :)</p>
<p>Donc me voilà en train d'installer un serveur web, de le lancer sur localhost, je fais ma petite configuration à grands coups d'iptables, et là c'est le drame : le trafic ne passe pas. Quelques recherches plus tard, j'apprends qu'en fait par défaut, le noyau Linux considère que ce n'est pas normal qu'un paquet vienne de l'extérieur et ait comme destination 127.0.0.1. Ce comportement peut être modifié depuis la version 3.6, grâce à un paramètre sysctl :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># sysctl -w net.ipv4.conf.all.route_localnet=1</span>
</code></pre></div>
<p>Bien entendu, pour un résultat permanent, il faut penser à éditer /etc/sysctl.conf.</p>
<p>Petit détail sympathique, activer la retransmission de paquets (le fameux <em>ip_forward</em>) n'est pas nécessaire.</p>
<p>Source : <a href="https://superuser.com/questions/661772/iptables-redirect-to-localhost" title=""networking">Super User</a>.</p>
<p>Vous avez aimé cet article ? Alors partagez-le sur les réseaux sociaux ! Si en plus vous avez des remarques, ou des propositions d'améliorations, n'hésitez pas : les commentaires sont là pour ça !</p>systemd : reconfigurer une unité de service2017-05-22T09:30:00+02:002017-05-22T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-05-22:/post/2017/05/22/systemd-reconfigurer-unite-service/<p><img alt=""bricolage" src="https://blog.anotherhomepage.org/public/bricolagebumper.jpg" title=""bricolage">Dans <a href="/post/haveged-ajouter-entropie-vps-linux">le billet précédent</a>, j'ai abordé haveged et je terminais sur le fait que certains paramètres pouvaient être accessibles. Cela ne semble pas forcément évident, car si on regarde la liste des fichiers du paquet RPM, on n'y trouve aucun fichier de configuration :</p>
<div class="highlight"><pre><span></span><code>$ rpm -ql haveged
/usr/lib/systemd/system …</code></pre></div><p><img alt=""bricolage" src="https://blog.anotherhomepage.org/public/bricolagebumper.jpg" title=""bricolage">Dans <a href="/post/haveged-ajouter-entropie-vps-linux">le billet précédent</a>, j'ai abordé haveged et je terminais sur le fait que certains paramètres pouvaient être accessibles. Cela ne semble pas forcément évident, car si on regarde la liste des fichiers du paquet RPM, on n'y trouve aucun fichier de configuration :</p>
<div class="highlight"><pre><span></span><code>$ rpm -ql haveged
/usr/lib/systemd/system/haveged.service
/usr/lib64/libhavege.so.1
/usr/lib64/libhavege.so.1.1.0
/usr/sbin/haveged
/usr/share/doc/haveged
/usr/share/doc/haveged/AUTHORS
/usr/share/doc/haveged/COPYING
/usr/share/doc/haveged/ChangeLog
/usr/share/doc/haveged/README
/usr/share/doc/haveged/havege_sample.c
/usr/share/man/man8/haveged.8.gz
</code></pre></div>
<p>De plus, si on regarde le processus lancé, on remarque que certaines options sont précisées sur la ligne de commande :</p>
<div class="highlight"><pre><span></span><code>$ ps auxwww <span class="p">|</span> grep haveged <span class="p">|</span> grep -v grep
root <span class="m">22470</span> <span class="m">0</span>.0 <span class="m">0</span>.7 <span class="m">12132</span> <span class="m">3824</span> ? Rs May16 <span class="m">0</span>:00 /usr/sbin/haveged -w <span class="m">1024</span> -v <span class="m">1</span> --Foreground
</code></pre></div>
<p>Allons un peu plus loin, le paquet contient un fichier "haveged.service" :</p>
<div class="highlight"><pre><span></span><code>$ cat /usr/lib/systemd/system/haveged.service
<span class="o">[</span>Unit<span class="o">]</span>
<span class="nv">Description</span><span class="o">=</span>Entropy Daemon based on the HAVEGE algorithm
<span class="nv">Documentation</span><span class="o">=</span>man:haveged<span class="o">(</span><span class="m">8</span><span class="o">)</span> http://www.issihosts.com/haveged/
<span class="o">[</span>Service<span class="o">]</span>
<span class="nv">Type</span><span class="o">=</span>simple
<span class="nv">ExecStart</span><span class="o">=</span>/usr/sbin/haveged -w <span class="m">1024</span> -v <span class="m">1</span> --Foreground
<span class="nv">SuccessExitStatus</span><span class="o">=</span><span class="m">143</span>
<span class="o">[</span>Install<span class="o">]</span>
<span class="nv">WantedBy</span><span class="o">=</span>multi-user.target
</code></pre></div>
<p>Il ne faut pas succomber à la tentation de modifier directement ce fichier, car une possibilité plus propre existe : <a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sect-Managing_Services_with_systemd-Unit_Files.html#sect-Managing_Services_with_systemd-Unit_File_Modify" title=""RHEL">la documentation officielle RHEL 7</a> nous apprend ainsi comment créer un fichier de configuration pour le service.</p>
<p>Dans ce cas précis, je souhaite augmenter la valeur de l'argument -w à 2048. Pour l'anecdote, cette option permet d'augmenter l'utilisation de haveged en définissant une taille minimale du réservoir d'entropie. Nous allons donc d'abord créer un répertoire de configuration de service systemd, puis le fichier lui-même :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># mkdir /etc/systemd/system/haveged.service.d/</span>
<span class="c1"># vi /etc/systemd/system/haveged.service.d/custom_args.conf</span>
</code></pre></div>
<p>Bon, peu importe le nom du fichier tant qu'il a pour extension ".conf", mais il est malgré tout préférable de lui donner un nom explicite (en clair, faites ce que je dis, pas ce que je fais).</p>
<p>Nous allons dans ce fichier redéfinir la directive <em>ExecStart</em>, puisque c'est celle qui définit l'option à modifier. Par contre, petite subtilité, cette directive doit être vidée pour être redéfinie. Le fichier a donc cette allure :</p>
<div class="highlight"><pre><span></span><code><span class="k">[Service]</span><span class="w"></span>
<span class="na">ExecStart</span><span class="o">=</span><span class="w"></span>
<span class="na">ExecStart</span><span class="o">=</span><span class="s">/usr/sbin/haveged -w 2048 -v 1 --Foreground</span><span class="w"></span>
</code></pre></div>
<p>Il faut maintenant recharger les unités avant de redémarrer le service haveged :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># systemctl restart haveged.service</span>
Warning: haveged.service changed on disk. Run <span class="s1">'systemctl daemon-reload'</span> to reload units.
<span class="c1"># systemctl daemon-reload</span>
<span class="c1"># systemctl restart haveged.service</span>
<span class="c1"># ps auxwww | grep haveged | grep -v grep</span>
root <span class="m">23074</span> <span class="m">2</span>.4 <span class="m">0</span>.7 <span class="m">12132</span> <span class="m">3836</span> ? Ss <span class="m">04</span>:02 <span class="m">0</span>:00 /usr/sbin/haveged -w <span class="m">2048</span> -v <span class="m">1</span> --Foreground
</code></pre></div>
<p>Le démon haveged est alors lancé avec une valeur de 2048 pour l'option -w.</p>
<p>Dernier petit détail, SELinux. J'ai testé cette manipulation sur un système configuré en "enforcing", l'édition du fichier s'est donc faite dans le bon contexte. Au cas où certains se demandent comment sont les labels, les voici :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># ll -Z -d /etc/systemd/system/haveged.service.d</span>
drwxr-xr-x. root root unconfined_u:object_r:systemd_unit_file_t:s0 /etc/systemd/system/haveged.service.d
<span class="c1"># ll -Z /etc/systemd/system/haveged.service.d/custom_args.conf</span>
-rw-r--r--. root root unconfined_u:object_r:systemd_unit_file_t:s0 /etc/systemd/system/haveged.service.d/custom_args.conf
</code></pre></div>
<p>Vous avez aimé cet article ? Alors partagez-le sur les réseaux sociaux ! Si en plus vous avez des remarques, ou des propositions d'améliorations, n'hésitez pas : les commentaires sont là pour ça !</p>
<p>Crédit photo : <a href="https://www.flickr.com/photos/khargrav/3732587579/" title=""bricolage">Katie Hargrave - bricolage bumper.</a></p>Haveged : ajouter de l'entropie à son VPS Linux2017-05-18T09:00:00+02:002017-05-18T09:00:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-05-18:/post/2017/05/18/haveged-ajouter-entropie-vps-linux/<p><img alt=""Entropy"" src="https://blog.anotherhomepage.org/public/entropy.jpg" title=""Entropy,">Entre deux bidouilles <a href="/tag/NetBSD">NetBSD</a>, je me suis retrouvé à des bidouilles <a href="/tag/Linux">Linux</a>. Plus particulièrement en jetant un œil à <a href="https://www.ssi.gouv.fr/entreprise/guide/recommandations-pour-un-usage-securise-dopenssh/" title=""Usage">une certaine documentation utile</a>, j'ai pu lire :</p>
<blockquote>
<p>Les clés doivent être générées dans un contexte où la source d’aléa est fiable, ou à défaut dans un environnement où suffisamment d …</p></blockquote><p><img alt=""Entropy"" src="https://blog.anotherhomepage.org/public/entropy.jpg" title=""Entropy,">Entre deux bidouilles <a href="/tag/NetBSD">NetBSD</a>, je me suis retrouvé à des bidouilles <a href="/tag/Linux">Linux</a>. Plus particulièrement en jetant un œil à <a href="https://www.ssi.gouv.fr/entreprise/guide/recommandations-pour-un-usage-securise-dopenssh/" title=""Usage">une certaine documentation utile</a>, j'ai pu lire :</p>
<blockquote>
<p>Les clés doivent être générées dans un contexte où la source d’aléa est fiable, ou à défaut dans un environnement où suffisamment d’entropie a été accumulée.</p>
</blockquote>
<p>Et là, on commence à se poser des questions : qu'est-ce que l'entropie ? Pourquoi faut-il une source fiable ? Comment avoir une meilleure entropie ?</p>
<h3>Entropie et aléa</h3>
<p>Pour résumer, disons que l'entropie c'est la qualité de la génération de nombres aléatoires. C'est un raccourci assez grossier j'en conviens, mais cela évitera d'écrire ou de paraphraser des pavés mathématiques.</p>
<p>Mais alors, pourquoi générer des nombres aléatoires ? Tout simplement parce que cela fait partie de nombreuses bases d'outils cryptographiques, comme par exemple la génération de clés SSH. C'est d'ailleurs l'occasion d'aborder la question du risque qu'on prend si on ne génère pas assez d'aléa dans notre exemple : il devient possible de générer deux fois le même couple de clés SSH, et par conséquent, que quelqu'un soit en mesure de se connecter à une machine à laquelle il ne devrait pas avoir accès.</p>
<p>Si vous pensez que cela n'arrive jamais, il suffit de se rappeler la vulnérabilité OpenSSH Debian. En 2008, la version Debian d'OpenSSL s'est trouvée modifiée, et a eu pour conséquence un très faible nombre de possibilités pour générer des clés SSH. La preuve ? On peut trouver sur cette page l'intégralité des clés DSA (1024 et 2048 bits) et RSA (1024 à 4096 bits) possibles via cette version vulnérable. J'admets volontiers que c'est un cas extrême, mais il a le mérite d'être assez parlant.</p>
<p>Bref, tout ça pour dire que plus on a d'entropie, mieux c'est.</p>
<h3>Mesurer la qualité de l'entropie</h3>
<p>Pour mesurer la qualité de l'entropie, c'est très simple :</p>
<div class="highlight"><pre><span></span><code>$ cat /proc/sys/kernel/random/entropy_avail
<span class="m">175</span>
</code></pre></div>
<p>On voit que cela renvoie un nombre, qui désigne la quantité de nombres aléatoires générés. On dit que ce nombre est la taille de notre réservoir d'entropie. Et donc, plus il est grand, mieux c'est. Sauf que là, 175 sur une VM Vagrant CentOS 7, bein c'est pas glorieux.</p>
<p>Une autre manière de mesurer l'entropie consiste à utiliser l'outil rngtest (disponible dans le paquet rng-tools pour CentOS). Celui-ci va lancer un certain nombre de tests utilisant le standard FIPS-140.</p>
<p>Par exemple :</p>
<div class="highlight"><pre><span></span><code>$ cat /dev/random <span class="p">|</span> rngtest -c <span class="m">1000</span>
rngtest <span class="m">5</span>
Copyright <span class="o">(</span>c<span class="o">)</span> <span class="m">2004</span> by Henrique de Moraes Holschuh
This is free software<span class="p">;</span> see the <span class="nb">source</span> <span class="k">for</span> copying conditions. There is NO warranty<span class="p">;</span> not even <span class="k">for</span> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
rngtest: starting FIPS tests...
rngtest: bits received from input: <span class="m">96</span>
rngtest: FIPS <span class="m">140</span>-2 successes: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2 failures: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Monobit: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Poker: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Runs: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Long run: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Continuous run: <span class="m">0</span>
rngtest: input channel speed: <span class="o">(</span><span class="nv">min</span><span class="o">=</span><span class="m">0</span>.000<span class="p">;</span> <span class="nv">avg</span><span class="o">=</span><span class="m">0</span>.000<span class="p">;</span> <span class="nv">max</span><span class="o">=</span><span class="m">0</span>.000<span class="o">)</span>bits/s
rngtest: FIPS tests speed: <span class="o">(</span><span class="nv">min</span><span class="o">=</span><span class="m">0</span>.000<span class="p">;</span> <span class="nv">avg</span><span class="o">=</span><span class="m">0</span>.000<span class="p">;</span> <span class="nv">max</span><span class="o">=</span><span class="m">0</span>.000<span class="o">)</span>bits/s
rngtest: Program run time: <span class="m">21307295</span> microseconds
</code></pre></div>
<p>Et là, ce n'est toujours pas glorieux, car j'ai arrêté l'exécution faute de patience.</p>
<p>Avant de remédier à ce problème, comparons avec une machine physique notre premier indicateur :</p>
<div class="highlight"><pre><span></span><code>$ cat /proc/sys/kernel/random/entropy_avail
<span class="m">3217</span>
</code></pre></div>
<p>On peut aussi constater que le problème d'entropie affecte particulièrement les machines virtuelles. Cela s'explique surtout par le fait qu'elles disposent de beaucoup moins d'éléments qu'une machine physique, et donc moins d'éléments à lire pour espérer y trouver de l'aléa.</p>
<p>Bon, ce n'est pas tout, mais il est temps de remédier à ce problème d'entropie sur cette VM !</p>
<h3>Haveged : générateur d'entropie en espace utilisateur</h3>
<p><a href="http://issihosts.com/haveged/" title=""haveged">Haveged</a> est un logiciel qui se présente sous la forme d'un démon qui reste en espace utilisateur. Il tire son nom de l'algorithme qu'il utilise, HAVEGE (HArdware Volatile Entropy Gathering and Expansion).</p>
<p>Côté installation, rien de plus simple, il suffit, pour CentOS, d'avoir accès au dépôt <a href="https://fedoraproject.org/wiki/EPEL" title="EPEL">Fedora EPEL</a>. Une fois que c'est fait, un simple yum -y install haveged suffit à disposer du logiciel.</p>
<p>Comme il s'agit d'un démon, il faut le démarrer. Sous CentOS 7, cela se fait via systemd :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># systemctl start haveged.service</span>
</code></pre></div>
<p>Et voilà ! Bon d'accord, cela fait peu. Maintenant, vérifions que notre entropie augmente :</p>
<div class="highlight"><pre><span></span><code>$ cat /proc/sys/kernel/random/entropy_avail
<span class="m">1779</span>
</code></pre></div>
<p>Voilà qui est mieux. Vérifions aussi avec rngtest :</p>
<div class="highlight"><pre><span></span><code>$ cat /dev/random <span class="p">|</span> rngtest -c <span class="m">1000</span>
rngtest <span class="m">5</span>
Copyright <span class="o">(</span>c<span class="o">)</span> <span class="m">2004</span> by Henrique de Moraes Holschuh
This is free software<span class="p">;</span> see the <span class="nb">source</span> <span class="k">for</span> copying conditions. There is NO warranty<span class="p">;</span> not even <span class="k">for</span> MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
rngtest: starting FIPS tests...
rngtest: bits received from input: <span class="m">20000032</span>
rngtest: FIPS <span class="m">140</span>-2 successes: <span class="m">1000</span>
rngtest: FIPS <span class="m">140</span>-2 failures: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Monobit: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Poker: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Runs: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Long run: <span class="m">0</span>
rngtest: FIPS <span class="m">140</span>-2<span class="o">(</span><span class="m">2001</span>-10-10<span class="o">)</span> Continuous run: <span class="m">0</span>
rngtest: input channel speed: <span class="o">(</span><span class="nv">min</span><span class="o">=</span><span class="m">2</span>.057<span class="p">;</span> <span class="nv">avg</span><span class="o">=</span><span class="m">17</span>.351<span class="p">;</span> <span class="nv">max</span><span class="o">=</span><span class="m">25</span>.915<span class="o">)</span>Mibits/s
rngtest: FIPS tests speed: <span class="o">(</span><span class="nv">min</span><span class="o">=</span><span class="m">44</span>.564<span class="p">;</span> <span class="nv">avg</span><span class="o">=</span><span class="m">139</span>.836<span class="p">;</span> <span class="nv">max</span><span class="o">=</span><span class="m">161</span>.640<span class="o">)</span>Mibits/s
rngtest: Program run time: <span class="m">1237535</span> microseconds
</code></pre></div>
<p>Dans ce dernier cas, la récupération des informations fut quasi-instantanée ! On peu d'ailleurs noter le nombre de tests réalisés avec succès, qui correspond mieux à nos attentes.</p>
<p>Pour ce qui est d'activer haveged au démarrage, il ne faut pas oublier la commande systemctl qui va bien :</p>
<div class="highlight"><pre><span></span><code><span class="c1"># systemctl enable haveged.service</span>
Created symlink from /etc/systemd/system/multi-user.target.wants/haveged.service to /usr/lib/systemd/system/haveged.service.
</code></pre></div>
<p>Selon les distributions, certains paramètres supplémentaires sont accessibles, mais cela fera l'objet d'un autre article ;)</p>
<p>Vous avez aimé cet article ? Alors partagez-le sur les réseaux sociaux ! Si en plus vous avez des remarques, ou des propositions d'améliorations, n'hésitez pas : les commentaires sont là pour ça !</p>
<p><em>Crédit photo : <a href="https://www.flickr.com/photos/teatimer/6773350588/" title="Entropy">teatimer - Entropy</a></em></p>
<h2>Commentaires</h2>
<h3>Le 18/05/2017 16:20 par Melua</h3>
<p>Je vous suggère de lire cet article à ce sujet : si l'instruction RDTSC n'est pas rendue disponible par votre machine hôte, les machines virtuelles recevront toujours le même résultat (ou un résultat prévisible) rendant votre génération par haveged faussement aléatoire.</p>
<p>https://security.stackexchange.com/questions/34523/is-it-appropriate-to-use-haveged-as-a-source-of-entropy-on-virtual-machines</p>
<h3>Le 18/05/2017 20:09 par Nils</h3>
<p>Merci pour ce commentaire très pertinent, Melua !</p>
<p>Cela m'a en effet été remonté sur Mastodon (discussion <a href="https://mastodon.xyz/@Nils/2876532">ici</a>), via le wiki d'Archlinux. Visiblement on mentionne surtout les produits VMware, et un peu VirtualBox, sans que ce dernier soit concerné (je suis du coup tranquille pour le moment). J'espère faire un billet de suivi concernant cette instruction, mais il me faudra chercher pour voir si cette instruction est disponible via d'autres hypverviseurs (je pense particulièrement à Xen en paravirtuel, mais je suis intéressé aussi par KVM et Hyper-V).</p>Kodi : récupérer certaines informations sur des addons2017-01-04T09:30:00+01:002017-01-04T09:30:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2017-01-04:/post/2017/01/04/Kodi-recuperer-certaines-informations-sur-des-addons/<p>J'ai récemment perdu le mot de passe d'un service web que j'utilise par le biais d'un addon de Kodi. Je sais, c'est pas très malin, j'ai malencontreusement écrasé ma base de mots de passe au mauvais moment. Shit happens, comme ils disent dans la langue de Shakespeare.</p>
<p>Comme c'est casse-pied …</p><p>J'ai récemment perdu le mot de passe d'un service web que j'utilise par le biais d'un addon de Kodi. Je sais, c'est pas très malin, j'ai malencontreusement écrasé ma base de mots de passe au mauvais moment. Shit happens, comme ils disent dans la langue de Shakespeare.</p>
<p>Comme c'est casse-pied de retaper un nouveau mot de passe via un clavier virtuel et une télécommande, je me suis demandé si le mot de passe était stocké en clair dans la configuration de l'addon. On sait jamais, sur un malentendu, ça pourrait marcher. J'ai donc commencé à fouiller dans l'arborescence de Kodi, et j'ai pu voir que celui-ci stocke ses informations dans <em>\~/.kodi</em>. On y trouve alors un répertoire <em>addons</em>, qui contient un répertoire par addon, ainsi qu'un répertoire <em>packages</em>, qui contient des archives des addons téléchargés. Il est intéressant de regarder le code source des addons, car c'est dans celui-ci que j'ai compris qu'il stockait bien le nom d'utilisateur et le mot de passe.</p>
<p>Au même niveau que le répertoire addons, se trouve un répertoire nommé <em>userdata</em>. Celui-ci contient un répertoire <em>addon_data</em>, dans lequel il y a un répertoire par addon. L'addon dont je souhaitais voir la configuration y a laissé un répertoire à son nom, contenant un fichier de paramètres ainsi qu'un répertoire temporaire. Un petit "cat" sur le fichier de paramètres dévoile donc le Graal :</p>
<div class="highlight"><pre><span></span><code><span class="nt"><settings></span>
<span class="nt"><setting</span> <span class="na">id=</span><span class="s">"OSpass"</span> <span class="na">value=</span><span class="s">"motdepasseenclair"</span> <span class="nt">/></span>
<span class="nt"><setting</span> <span class="na">id=</span><span class="s">"OSuser"</span> <span class="na">value=</span><span class="s">"utilisateur"</span> <span class="nt">/></span>
<span class="nt"></settings></span>
</code></pre></div>
<p>En résumé, les paramètres d'un addon Kodi se trouvent dans <em>\~/.kodi/userdata/addon_data/nomdeladdon/</em>, dans un fichier nommé <em>settings.xml</em>. Le code source se trouve quant à lui dans <em>\~/.kodi/addons/nomdeladdon/</em>.</p>
<p>Comme quoi, j'ai vraiment raison de ne vouloir utiliser qu'un unique trio e-mail/utilisateur/mot de passe sur certains sites ou certaines applications.</p>installation minimaliste de CentOS 72015-08-29T09:30:00+02:002015-08-29T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2015-08-29:/post/2015/08/29/installation-minimaliste-de-CentOS-7/<p>Mieux vaut tard que jamais, j'ai commencé à jouer un peu avec CentOS 7 ! Bien que celle-ci regorge de fonctionnalités et de mécanismes intéressants, elle amène beaucoup de paquets logiciels. J'ai donc commencé par regarder ce que je pouvais retirer comme paquets, et à préparer une section _packages_ minimaliste, bien …</p><p>Mieux vaut tard que jamais, j'ai commencé à jouer un peu avec CentOS 7 ! Bien que celle-ci regorge de fonctionnalités et de mécanismes intéressants, elle amène beaucoup de paquets logiciels. J'ai donc commencé par regarder ce que je pouvais retirer comme paquets, et à préparer une section _packages_ minimaliste, bien plus que l'image iso "minimal install" fournie par les miroirs. Cette liste de paquets retirés peut se voir complétée par une liste de paquets à installer, mais il s'agit d'un choix personnel. Qu'ai-je donc retiré ? Et bien c'est simple, comme il s'agit généralement d'une installation sur une machine physique ou virtuelle reliée en réseau filaire et disposant d'une adresse IP fixe (sauf lors de l'installation), j'ai retiré tous les firmwares possibles de matériel que je n'utilise probablement pas, comme les cartes Wifi. J'ai aussi enlevé, usage serveur oblige, des paquets liés au son (alsa). Un choix discutable, j'ai retiré man et les pages de manuel de base : je considère, en particulier si la machine est "en production", que la documentation n'a rien à faire à cet endroit. Je n'ai, par contre, rien à redire à l'installation des pages de manuel sur une machine de test. De plus, comme j'utilise le système de fichiers proposé par défaut (xfs), j'estime ne pas avoir besoin des outils pour gérer les systèmes ext2-3-4 ou btrfs.</p>
<p>Voici donc, la liste :</p>
<div class="highlight"><pre><span></span><code><span class="nf">%packages</span><span class="w"> </span><span class="o">--</span><span class="n">nobase</span><span class="w"></span>
<span class="err">@</span><span class="n">core</span><span class="w"></span>
<span class="o">-</span><span class="n">NetworkManager</span><span class="w"></span>
<span class="o">-</span><span class="n">NetworkManager</span><span class="o">-</span><span class="n">team</span><span class="w"></span>
<span class="o">-</span><span class="n">NetworkManager</span><span class="o">-</span><span class="n">tui</span><span class="w"></span>
<span class="o">-</span><span class="n">aic94xx</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">alsa</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">alsa</span><span class="o">-</span><span class="n">lib</span><span class="w"></span>
<span class="o">-</span><span class="n">alsa</span><span class="o">-</span><span class="n">tools</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">atmel</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">avahi</span><span class="o">-</span><span class="n">autoipd</span><span class="w"></span>
<span class="o">-</span><span class="n">avahi</span><span class="o">-</span><span class="n">libs</span><span class="w"></span>
<span class="o">-</span><span class="n">b43</span><span class="o">-</span><span class="n">openfwwf</span><span class="w"></span>
<span class="o">-</span><span class="n">bfa</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">biosdevname</span><span class="w"></span>
<span class="o">-</span><span class="n">btrfs</span><span class="o">-</span><span class="n">progs</span><span class="w"></span>
<span class="o">-</span><span class="n">dhclient</span><span class="w"></span>
<span class="o">-</span><span class="n">dmidecode</span><span class="w"></span>
<span class="o">-</span><span class="n">dnsmasq</span><span class="w"></span>
<span class="o">-</span><span class="n">dracut</span><span class="o">-</span><span class="n">network</span><span class="w"></span>
<span class="o">-</span><span class="n">e2fsprogs</span><span class="w"></span>
<span class="o">-</span><span class="n">e2fsprogs</span><span class="o">-</span><span class="n">libs</span><span class="w"></span>
<span class="o">-</span><span class="n">gnutls</span><span class="w"></span>
<span class="o">-</span><span class="n">kexec</span><span class="o">-</span><span class="n">tools</span><span class="w"></span>
<span class="o">-</span><span class="n">ipw2100</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ipw2200</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ivtv</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl100</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl1000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl105</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl135</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl2000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl2030</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl3160</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl3945</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl4965</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl5000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl5150</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6000</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6000g2a</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6000g2b</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl6050</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">iwl7260</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">libertas</span><span class="o">-</span><span class="n">usb8388</span><span class="w"></span>
<span class="o">-</span><span class="n">man</span><span class="w"></span>
<span class="o">-</span><span class="n">man</span><span class="o">-</span><span class="n">db</span><span class="w"></span>
<span class="o">-</span><span class="n">mariadb</span><span class="o">-</span><span class="n">libs</span><span class="w"></span>
<span class="o">-</span><span class="n">postfix</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2100</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2200</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql23xx</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2400</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">ql2500</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">rt61pci</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">rt73usb</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">snappy</span><span class="w"></span>
<span class="o">-</span><span class="n">teamd</span><span class="w"></span>
<span class="o">-</span><span class="n">tuned</span><span class="w"></span>
<span class="o">-</span><span class="n">virt</span><span class="o">-</span><span class="n">what</span><span class="w"></span>
<span class="o">-</span><span class="n">wpa_supplicant</span><span class="w"></span>
<span class="o">-</span><span class="n">xorg</span><span class="o">-</span><span class="n">x11</span><span class="o">-</span><span class="n">drv</span><span class="o">-</span><span class="n">ati</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
<span class="o">-</span><span class="n">zd1211</span><span class="o">-</span><span class="n">firmware</span><span class="w"></span>
</code></pre></div>
<p>Il y a de fortes chances que pour une machine vraiment en production, j'ai besoin d'un MTA, mais à moins de prévoir une configuration dès l'installation, postfix fait aussi partie des exclus. De cette manière, non seulement le système s'installe rapidement, mais il démarre aussi rapidement ! On arrive à un total inférieur à 220 paquets. Cela peut varier pour vous en particulier si vous installez un système avec du RAID logiciel, qui nécessitera l'installation de mdadm.</p>
<p>Et vous, est-ce que vous retireriez d'autres paquets ?</p>vimrc global à son système2015-02-06T09:30:00+01:002015-02-06T09:30:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2015-02-06:/post/2015/02/06/vimrc-global-pour-le-système/<p>Quand on utilise Vim, on a tendance à personnaliser sa configuration en ajoutant ses options préférées dans son fichier <em>\~/.vimrc</em>. Sur un système GNU/Linux (mon expérience porte principalement sur RHEL/CentOS/Fedora), il est possible d'étendre cette personnalisation à tous les utilisateurs d'un système en modifiant <em>/etc/vimrc</em>. En …</p><p>Quand on utilise Vim, on a tendance à personnaliser sa configuration en ajoutant ses options préférées dans son fichier <em>\~/.vimrc</em>. Sur un système GNU/Linux (mon expérience porte principalement sur RHEL/CentOS/Fedora), il est possible d'étendre cette personnalisation à tous les utilisateurs d'un système en modifiant <em>/etc/vimrc</em>. En revanche, côté NetBSD, le chemin n'est pas le même. On pourrait naïvement penser qu'il suffit d'utiliser le préfixe <em>/usr/pkg</em>, hein ? Bein non, loupé : le fichier par défaut pour tous les utilisateurs est <em>/usr/pkg/share/vim/vimrc</em>. Heureusement, rien d'insurmontable, et quelques liens symboliques bien placés permettront d'harmoniser les configurations sur tous les systèmes.</p>CentOS Dojo Paris talk2014-12-17T12:30:00+01:002014-12-17T12:30:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2014-12-17:/post/2014/12/17/CentOS-Dojo-Paris-talk/<p><strong>EN</strong></p>
<p>Following my <a href="/post/2014/08/25/CentOS-Dojo-Paris">previous post</a> about the CentOS Dojo in Paris last August, the recording of my talk is now online : <a href="http://www.infoq.com/fr/presentations/discovering-using-etckeeper" title=""Discovering">Discovering and using etckeeper</a>. Many thanks to <a href="http://www.infoq.com/fr/" title=""InfoQ">InfoQ</a> for hosting the video !</p>
<p><strong>FR</strong></p>
<p>Suite à mon <a href="/post/2014/08/25/CentOS-Dojo-Paris">billet précédent</a> sur le CentOS Dojo à Paris en Août dernier, l'enregistrement de …</p><p><strong>EN</strong></p>
<p>Following my <a href="/post/2014/08/25/CentOS-Dojo-Paris">previous post</a> about the CentOS Dojo in Paris last August, the recording of my talk is now online : <a href="http://www.infoq.com/fr/presentations/discovering-using-etckeeper" title=""Discovering">Discovering and using etckeeper</a>. Many thanks to <a href="http://www.infoq.com/fr/" title=""InfoQ">InfoQ</a> for hosting the video !</p>
<p><strong>FR</strong></p>
<p>Suite à mon <a href="/post/2014/08/25/CentOS-Dojo-Paris">billet précédent</a> sur le CentOS Dojo à Paris en Août dernier, l'enregistrement de ma présentation est maintenant disponible : <a href="http://www.infoq.com/fr/presentations/discovering-using-etckeeper" title=""Discovering">Discovering and using etckeeper</a>. Merci beaucoup à <a href="http://www.infoq.com/fr/" title=""InfoQ">InfoQ</a> pour l'hébergement de la vidéo !</p>CentOS Dojo Paris2014-08-25T20:54:00+02:002014-08-25T20:54:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2014-08-25:/post/2014/08/25/CentOS-Dojo-Paris/<p><em>Version en français plus bas.</em></p>
<p>For once, this blog post is available both in french and in english. Today I attended the first <a href="http://wiki.centos.org/Events/Dojo/Paris2014" title=""Events/Dojo/Paris2014">CentOS Dojo in Paris</a>. I also had the chance to be one of the speakers, wich was a very interesting experience : even if I am almost used …</p><p><em>Version en français plus bas.</em></p>
<p>For once, this blog post is available both in french and in english. Today I attended the first <a href="http://wiki.centos.org/Events/Dojo/Paris2014" title=""Events/Dojo/Paris2014">CentOS Dojo in Paris</a>. I also had the chance to be one of the speakers, wich was a very interesting experience : even if I am almost used to talk to a crowd, it was a long time since I used a microphone (more than 10 years if I remember correctly). Moreover, it was my first talk in english, and the demo I planned failed. Since all the talks of the day were recorded, I'm not going to tell you who talked about what. You can go to <a href="https://twitter.com/AHP_Nils" title=""Nils">my Twitter account</a> or search tweets with the hashtag <a href="https://twitter.com/hashtag/centosdojo?src=hash" title="#centosdojo">#centosdojo</a>. However I can't help thinking again about my talk and the problem in my demo. My frustration is compensated by the fact that everyone was really nice to me. Like I tweeted earlier, I learned the lesson and won't try another live demo soon. While waiting for the recordings to be online, you can <a href="http://medias.anotherhomepage.org/talks/CentOS/Paris-2014/" title=""CentOS">download the slides</a>, in french or in english. Many thanks to <a href="http://zenika.com/" title=""Zenika">Zenika</a>, <a href="http://www.normation.com/" title="Normation">Normation</a> and <a href="http://www.infoq.com/fr/" title=""InfoQ">InfoQ</a> for sponsoring the event !</p>
<p>Pour une fois, ce billet est en français et en anglais. Aujourd'hui j'ai assisté au premier <a href="http://wiki.centos.org/Events/Dojo/Paris2014" title=""Events/Dojo/Paris2014">CentOS Dojo à Paris</a>. J'ai aussi eu la chance d'être l'un des intervenants, ce qui fut une expérience très intéressante : même si j'ai à peu près l'habitude de parler en public, je n'ai pas utilisé de micro depuis très longtemps (plus de 10 ans si je me souviens bien). De plus, cela a été ma première présentation en anglais, et la démo que j'avais prévue n'a pas fonctionné. Puisque toutes les présentations du jour ont été enregistrées, je ne vais pas vous raconter qui a parlé de quoi. Vous pouvez simplement aller voir sur <a href="https://twitter.com/AHP_Nils" title=""Nils">mon compte Twitter</a> ou rechercher les tweets ayant pour hashtag <a href="https://twitter.com/hashtag/centosdojo?src=hash" title="#centosdojo">#centosdojo</a>. Cependant, je ne peux m'empêcher de penser à ma présentation et au problème lors de ma démo. Ma frustration est compensée par le fait que tout le monde a été sympa avec moi. Comme je l'ai tweeté plus tôt, j'ai compris la leçon et je ne vais pas tenter des démonstrations en direct. En attendant que les enregistrements soient en ligne, vous pouvez <a href="http://medias.anotherhomepage.org/talks/CentOS/Paris-2014/" title=""CentOS">télécharger les slides</a>, en français ou en anglais. Merci beaucoup à <a href="http://zenika.com/" title=""Zenika">Zenika</a>, <a href="http://www.normation.com/" title="Normation">Normation</a> et <a href="http://www.infoq.com/fr/" title=""InfoQ">InfoQ</a> d'avoir sponsorisé l'évènement !</p>obtenir facilement les propriétés d'un fichier avec stat2013-09-02T09:42:00+02:002013-09-02T09:42:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2013-09-02:/post/2013/09/02/obtenir-facilement-les-proprietes-d-un-fichier-avec-stat/<p>Généralement, quand on cherche à obtenir les propriétés d'un fichier, on utilise la commande <em>ls</em>, avec l'argument <em>-l</em>, ce qui donne un résultat proche de ceci :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@orgrimmar</span><span class="err">:</span><span class="o">~</span><span class="err">$</span><span class="w"> </span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">l</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span>
<span class="n">crw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="n">août</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="mi">11</span><span class="err">:</span><span class="mi">21</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"></span>
</code></pre></div>
<p>C'est bien gentil, mais …</p><p>Généralement, quand on cherche à obtenir les propriétés d'un fichier, on utilise la commande <em>ls</em>, avec l'argument <em>-l</em>, ce qui donne un résultat proche de ceci :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@orgrimmar</span><span class="err">:</span><span class="o">~</span><span class="err">$</span><span class="w"> </span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">l</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span>
<span class="n">crw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="n">août</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="mi">11</span><span class="err">:</span><span class="mi">21</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"></span>
</code></pre></div>
<p>C'est bien gentil, mais si on ne souhaite avoir comme information que le propriétaire d'un fichier, ça fait beaucoup de choses à filtrer. Filtrer la sortie de ls avec awk n'est pas le truc le plus méchant, mais je trouve que c'est comme utiliser un fusil à pompe pour se débarrasser d'une mouche. On est dans le monde UNIX, là où il y a des programmes qui ne font qu'une seule tâche, mais qui la font bien.</p>
<p>Et l'outil qui fait cela se nomme tout simplement <em>stat</em>, et est disponible sur de nombreux systèmes. Sous RHEL/CentOS, il est inclus dans le paquet <em>coreutils</em>, et il est installé avec le système de base dans NetBSD. Là où c'est par contre un peu moins drôle, c'est que l'implémentation Linux diffère de l'implémentation BSD.</p>
<p>Exemple, sous Linux :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@orgrimmar</span><span class="err">:</span><span class="o">~</span><span class="err">$</span><span class="w"> </span><span class="n">stat</span><span class="w"> </span><span class="o">-</span><span class="n">c</span><span class="w"> </span><span class="o">%</span><span class="n">U</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span>
<span class="n">root</span><span class="w"></span>
</code></pre></div>
<p>Et ensuite sous NetBSD :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@dev</span><span class="err">:</span><span class="o">~</span><span class="err">$</span><span class="w"> </span><span class="n">stat</span><span class="w"> </span><span class="o">-</span><span class="n">c</span><span class="w"> </span><span class="o">%</span><span class="n">U</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span>
<span class="nl">stat</span><span class="p">:</span><span class="w"> </span><span class="k">unknown</span><span class="w"> </span><span class="k">option</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="n">c</span><span class="w"></span>
<span class="k">usage</span><span class="err">:</span><span class="w"> </span><span class="n">stat</span><span class="w"> </span><span class="o">[</span><span class="n">-FlLnqrsx</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-f format</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-t timefmt</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">file ...</span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Allez, on recommence avec les bonnes options :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@dev</span><span class="err">:</span><span class="o">~</span><span class="err">$</span><span class="w"> </span><span class="n">stat</span><span class="w"> </span><span class="o">-</span><span class="n">f</span><span class="w"> </span><span class="o">%</span><span class="n">Su</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span>
<span class="n">root</span><span class="w"></span>
</code></pre></div>
<p>Ici, j'ai cherché à afficher le nom de l'utilisateur propriétaire du fichier, mais d'autres propriétés sont disponibles, comme le nom du groupe, les UID et GID propriétaires, les droits, la taille, les dates de création et de modification, le nom du fichier... D'ailleurs, lancé sans autre argument que le nom du fichier, stat propose bon nombre d'informations.</p>Nombre d'occurrences dans un fichier - remix2012-10-01T13:37:00+02:002012-10-01T13:37:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2012-10-01:/post/2012/10/01/Nombre-d-occurrences-dans-un-fichier-remix/<p>Je détaillais dans <a href="/post/2010/03/01/Nombre-d-occurences-d-un-champ-dans-un-fichier">un billet</a> écrit il y a déjà un sacré bout de temps comment obtenir une sorte de top 10 des adresses IP effectuant le plus de requêtes dans un fichier de log Apache. J'ai décidé de revenir dessus, et de faire quelques déclinaisons de ce one-liner selon …</p><p>Je détaillais dans <a href="/post/2010/03/01/Nombre-d-occurences-d-un-champ-dans-un-fichier">un billet</a> écrit il y a déjà un sacré bout de temps comment obtenir une sorte de top 10 des adresses IP effectuant le plus de requêtes dans un fichier de log Apache. J'ai décidé de revenir dessus, et de faire quelques déclinaisons de ce one-liner selon les recherches. Attention si vous voulez copier-coller ces exemples, ils ont été réalisés sous NetBSD, et la commande <em>sort</em> n'a pas les mêmes options. Grosso modo pour le moment, j'ai vu que là où on écrit <em>sort -g</em> sous GNU/Linux, il faut écrire <em>sort -n</em> sous NetBSD. J'ai aussi décidé de me limiter à un top 5 dans l'affichage, afin d'éviter un billet trop long.</p>
<p>Revenons donc d'abord sur le one-liner de base, les IP qui font le plus de requêtes, avec à gauche, l'adresse IP, et à droite le nombre de hits :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$1]++;} END {for (field in frequencies) printf "%s\\t%d" , field , frequencies[field];}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="mf">81.</span><span class="n">X</span><span class="p">.</span><span class="n">Y</span><span class="p">.</span><span class="n">Z</span><span class="w"> </span><span class="mi">6414</span><span class="w"></span>
<span class="mf">208.</span><span class="n">F</span><span class="p">.</span><span class="n">B</span><span class="p">.</span><span class="n">I</span><span class="w"> </span><span class="mi">1578</span><span class="w"></span>
<span class="mf">178.</span><span class="n">K</span><span class="p">.</span><span class="n">G</span><span class="p">.</span><span class="n">B</span><span class="w"> </span><span class="mi">1301</span><span class="w"></span>
<span class="mf">67.</span><span class="n">D</span><span class="p">.</span><span class="n">S</span><span class="p">.</span><span class="n">T</span><span class="w"> </span><span class="mi">1179</span><span class="w"></span>
<span class="mf">77.</span><span class="n">C</span><span class="p">.</span><span class="n">I</span><span class="p">.</span><span class="n">A</span><span class="w"> </span><span class="mi">1157</span><span class="w"></span>
</code></pre></div>
<p>Ensuite, effectuons pareil mais sur les URLs visitées, toujours avec le nombre de hits à droite :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$7]++;} END {for (field in frequencies) printf "%s\\t%d" , field , frequencies[field];}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">17</span><span class="o">/</span><span class="n">installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">phpmyadmin</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="mi">7787</span><span class="w"></span>
<span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">24</span><span class="o">/</span><span class="n">Installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">mod_gnutls</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="mi">4010</span><span class="w"></span>
<span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">06</span><span class="o">/</span><span class="mi">20</span><span class="o">/</span><span class="n">Utilisateurs</span><span class="o">-</span><span class="n">virtuels</span><span class="o">-</span><span class="n">sous</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="o">-</span><span class="n">avec</span><span class="o">-</span><span class="n">base</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">donnees</span><span class="o">-</span><span class="n">MySQL</span><span class="w"> </span><span class="mi">1910</span><span class="w"></span>
<span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2007</span><span class="o">/</span><span class="mi">11</span><span class="o">/</span><span class="mi">28</span><span class="o">/</span><span class="n">Installation</span><span class="o">-</span><span class="n">et</span><span class="o">-</span><span class="n">configuration</span><span class="o">-</span><span class="n">dun</span><span class="o">-</span><span class="n">serveur</span><span class="o">-</span><span class="n">dedie</span><span class="o">-</span><span class="n">OpenArena</span><span class="o">-</span><span class="mi">071</span><span class="w"> </span><span class="mi">1284</span><span class="w"></span>
<span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2009</span><span class="o">/</span><span class="mi">11</span><span class="o">/</span><span class="mi">09</span><span class="o">/</span><span class="n">Utilisation</span><span class="o">-</span><span class="n">transparente</span><span class="o">-</span><span class="n">d</span><span class="o">-</span><span class="n">une</span><span class="o">-</span><span class="n">passerelle</span><span class="o">-</span><span class="n">SSH</span><span class="w"> </span><span class="mi">1266</span><span class="w"></span>
</code></pre></div>
<p>Comme il ne s'agit que de modifier le numéro du champ, on peut aussi voir les codes de retour HTTP les plus obtenus :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$9]++;} END {for (field in frequencies) printf "%s\\t%d" , field , frequencies[field];}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="mi">200</span><span class="w"> </span><span class="mi">57019</span><span class="w"></span>
<span class="mi">304</span><span class="w"> </span><span class="mi">6156</span><span class="w"></span>
<span class="mi">404</span><span class="w"> </span><span class="mi">1797</span><span class="w"></span>
<span class="mi">500</span><span class="w"> </span><span class="mi">114</span><span class="w"></span>
<span class="mi">403</span><span class="w"> </span><span class="mi">20</span><span class="w"></span>
</code></pre></div>
<p>On peut ensuite aller chercher avec <em>grep</em> les pages causant des erreurs 500 ou 404.</p>
<p>Toujours avec la même facilité (un simple numéro de champ à modifier), on peut afficher les referers qui amènent le plus de hits :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$11]++;} END {for (field in frequencies) printf "%s\\t%d" , field , frequencies[field];}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="ss">"-"</span><span class="w"> </span><span class="mi">44306</span><span class="w"></span>
<span class="ss">"http://blog.anotherhomepage.org/post/2008/05/17/installation-de-phpmyadmin-sur-CentOS-5"</span><span class="w"> </span><span class="mi">3443</span><span class="w"></span>
<span class="ss">"http://blog.anotherhomepage.org/post/2008/06/20/Utilisateurs-virtuels-sous-CentOS-5-avec-base-de-donnees-MySQL"</span><span class="w"> </span><span class="mi">686</span><span class="w"></span>
<span class="ss">"http://blog.anotherhomepage.org/post/2009/11/09/Utilisation-transparente-d-une-passerelle-SSH"</span><span class="w"> </span><span class="mi">552</span><span class="w"></span>
<span class="ss">"http://www.google.fr/search?q=phpmyadmin+centos&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:fr:official&client=firefox-a"</span><span class="w"> </span><span class="mi">401</span><span class="w"></span>
</code></pre></div>
<p>On remarque que beaucoup n'ont pas de referer, mais il est probable que ce soient des hits sur le flux RSS. On remarque aussi que j'ai beaucoup de referers de mon propre site, il me suffit de les filtrer si je ne veux pas les afficher. Afin de rendre le traitement plus rapide, je décide de mettre la commande <em>grep</em> en premier dans mon traitement :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">grep</span><span class="w"> </span><span class="o">-</span><span class="n">v</span><span class="w"> </span><span class="ss">"blog.anotherhomepage.org"</span><span class="w"> </span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$11]++;} END {for (field in frequencies) printf "%s\\t%d" , field , frequencies[field];}'</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="ss">"-"</span><span class="w"> </span><span class="mi">44306</span><span class="w"></span>
<span class="ss">"http://www.google.fr/search?q=phpmyadmin+centos&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:fr:official&client=firefox-a"</span><span class="w"> </span><span class="mi">401</span><span class="w"></span>
<span class="ss">"http://www.google.fr/search?q=centos+phpmyadmin&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:fr:official&client=firefox-a"</span><span class="w"> </span><span class="mi">166</span><span class="w"></span>
<span class="ss">"http://forum.hardware.fr/hfr/OSAlternatifs/Installation/resolu-centos-phpmyadmin-sujet_70143_1.htm"</span><span class="w"> </span><span class="mi">121</span><span class="w"></span>
<span class="ss">"http://www.google.fr/"</span><span class="w"> </span><span class="mi">77</span><span class="w"></span>
</code></pre></div>
<p>Reprenons notre affichage des URLs les plus visitées, mais cette fois prenons en compte les méthodes (GET, HEAD, POST) et la version du protocole HTTP :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="o">-</span><span class="n">F</span><span class="w"> </span><span class="ss">""" '{frequencies[$2]++;} END {for (field in frequencies) printf "</span><span class="o">%</span><span class="n">s</span><span class="err">\\</span><span class="n">t</span><span class="o">%</span><span class="n">d</span><span class="err">"</span><span class="w"> </span><span class="p">,</span><span class="w"> </span><span class="n">field</span><span class="w"> </span><span class="p">,</span><span class="w"> </span><span class="n">frequencies</span><span class="o">[</span><span class="n">field</span><span class="o">]</span><span class="p">;</span><span class="err">}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">4</span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="k">GET</span><span class="w"> </span><span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">17</span><span class="o">/</span><span class="n">installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">phpmyadmin</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="n">HTTP</span><span class="o">/</span><span class="mf">1.1</span><span class="w"> </span><span class="mi">4266</span><span class="w"></span>
<span class="k">GET</span><span class="w"> </span><span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">17</span><span class="o">/</span><span class="n">installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">phpmyadmin</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="n">HTTP</span><span class="o">/</span><span class="mf">1.0</span><span class="w"> </span><span class="mi">3521</span><span class="w"></span>
<span class="k">GET</span><span class="w"> </span><span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">24</span><span class="o">/</span><span class="n">Installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">mod_gnutls</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="n">HTTP</span><span class="o">/</span><span class="mf">1.1</span><span class="w"> </span><span class="mi">2181</span><span class="w"></span>
<span class="k">GET</span><span class="w"> </span><span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">05</span><span class="o">/</span><span class="mi">24</span><span class="o">/</span><span class="n">Installation</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">mod_gnutls</span><span class="o">-</span><span class="n">sur</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="w"> </span><span class="n">HTTP</span><span class="o">/</span><span class="mf">1.0</span><span class="w"> </span><span class="mi">1829</span><span class="w"></span>
<span class="k">GET</span><span class="w"> </span><span class="o">/</span><span class="n">post</span><span class="o">/</span><span class="mi">2008</span><span class="o">/</span><span class="mi">06</span><span class="o">/</span><span class="mi">20</span><span class="o">/</span><span class="n">Utilisateurs</span><span class="o">-</span><span class="n">virtuels</span><span class="o">-</span><span class="n">sous</span><span class="o">-</span><span class="n">CentOS</span><span class="o">-</span><span class="mi">5</span><span class="o">-</span><span class="n">avec</span><span class="o">-</span><span class="n">base</span><span class="o">-</span><span class="n">de</span><span class="o">-</span><span class="n">donnees</span><span class="o">-</span><span class="n">MySQL</span><span class="w"> </span><span class="n">HTTP</span><span class="o">/</span><span class="mf">1.0</span><span class="w"> </span><span class="mi">1193</span><span class="w"></span>
</code></pre></div>
<p>On note ici l'utilisation de l'option "-F" de awk pour changer le motif du séparateur de champ, ce qui me permet d'avoir des champs avec espace.</p>
<p>Enfin, dernier exemple, trions maintenant les User-Agents :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@dev</span><span class="err">:</span><span class="o">/</span><span class="nf">var</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">httpd</span><span class="err">#</span><span class="w"> </span><span class="n">awk</span><span class="w"> </span><span class="o">-</span><span class="n">F</span><span class="w"> </span><span class="ss">""" '{frequencies[$6]++;} END {for (field in frequencies) printf "</span><span class="o">%</span><span class="n">d</span><span class="err">\\</span><span class="n">t</span><span class="o">%</span><span class="n">s</span><span class="err">"</span><span class="w"> </span><span class="p">,</span><span class="w"> </span><span class="n">frequencies</span><span class="o">[</span><span class="n">field</span><span class="o">]</span><span class="p">,</span><span class="w"> </span><span class="n">field</span><span class="p">;</span><span class="err">}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="p">.</span><span class="o">/</span><span class="n">access</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">nr</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="mi">10539</span><span class="w"> </span><span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">Windows</span><span class="p">;</span><span class="w"> </span><span class="n">U</span><span class="p">;</span><span class="w"> </span><span class="n">Windows</span><span class="w"> </span><span class="n">NT</span><span class="w"> </span><span class="mf">5.1</span><span class="p">;</span><span class="w"> </span><span class="n">fr</span><span class="p">;</span><span class="w"> </span><span class="nl">rv</span><span class="p">:</span><span class="mf">1.8.1</span><span class="p">)</span><span class="w"> </span><span class="n">VoilaBot</span><span class="w"> </span><span class="n">BETA</span><span class="w"> </span><span class="mf">1.2</span><span class="w"> </span><span class="p">(</span><span class="n">support</span><span class="p">.</span><span class="n">voilabot</span><span class="nv">@orange</span><span class="o">-</span><span class="n">ftgroup</span><span class="p">.</span><span class="n">com</span><span class="p">)</span><span class="w"></span>
<span class="mi">6493</span><span class="w"> </span><span class="n">Mozilla</span><span class="o">/</span><span class="mf">4.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">MSIE</span><span class="w"> </span><span class="mf">4.01</span><span class="p">;</span><span class="w"> </span><span class="n">Windows</span><span class="w"> </span><span class="n">CE</span><span class="p">;</span><span class="w"> </span><span class="n">PPC</span><span class="p">;</span><span class="w"> </span><span class="mi">240</span><span class="n">x320</span><span class="p">;</span><span class="w"> </span><span class="n">SPV</span><span class="w"> </span><span class="n">M700</span><span class="p">;</span><span class="w"> </span><span class="n">OpVer</span><span class="w"> </span><span class="mf">19.123.2.733</span><span class="p">)</span><span class="w"> </span><span class="n">OrangeBot</span><span class="o">-</span><span class="n">Mobile</span><span class="w"> </span><span class="mf">2008.0</span><span class="w"> </span><span class="p">(</span><span class="n">mobilesearch</span><span class="p">.</span><span class="n">support</span><span class="nv">@orange</span><span class="o">-</span><span class="n">ftgroup</span><span class="p">.</span><span class="n">com</span><span class="p">)</span><span class="w"></span>
<span class="mi">4188</span><span class="w"> </span><span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">Yahoo</span><span class="err">!</span><span class="w"> </span><span class="n">Slurp</span><span class="o">/</span><span class="mf">3.0</span><span class="p">;</span><span class="w"> </span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="n">help</span><span class="p">.</span><span class="n">yahoo</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">help</span><span class="o">/</span><span class="n">us</span><span class="o">/</span><span class="n">ysearch</span><span class="o">/</span><span class="n">slurp</span><span class="p">)</span><span class="w"></span>
<span class="mi">3269</span><span class="w"> </span><span class="n">msnbot</span><span class="o">/</span><span class="mf">2.0</span><span class="n">b</span><span class="w"> </span><span class="p">(</span><span class="o">+</span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="k">search</span><span class="p">.</span><span class="n">msn</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">msnbot</span><span class="p">.</span><span class="n">htm</span><span class="p">)</span><span class="w"></span>
<span class="mi">3017</span><span class="w"> </span><span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">Googlebot</span><span class="o">/</span><span class="mf">2.1</span><span class="p">;</span><span class="w"> </span><span class="o">+</span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="n">www</span><span class="p">.</span><span class="n">google</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">bot</span><span class="p">.</span><span class="n">html</span><span class="p">)</span><span class="w"></span>
</code></pre></div>
<p>J'ai décidé cette fois-ci d'afficher le nombre d'occurrences à gauche, car le nombre de champs (séparés par un espace) n'est plus fixe dans le cas des User-Agents. Mais au moment d'écrire cette phrase, j'ai de nouveau parcouru <a href="http://netbsd.gw.com/cgi-bin/man-cgi?sort+.amd64+NetBSD-6.0" title=""sort">la page de manuel de sort</a> et j'ai pu voir qu'il est possible de spécifier le séparateur de champ (option -t). J'ai utilisé le caractère \$ pour séparer le nombre d'occurrences du libellé du User-Agent, suivi de 'tr' pour le remplacer par une tabulation :</p>
<div class="highlight"><pre><span></span><code><span class="n">awk</span><span class="w"> </span><span class="o">-</span><span class="n">F</span><span class="w"> </span><span class="ss">""" '{frequencies[$6]++;} END {for (field in frequencies) printf "</span><span class="o">%</span><span class="n">s</span><span class="err">$</span><span class="o">%</span><span class="n">d</span><span class="ss">" , field , frequencies[field];}' < ./access.log | sort -nr -t$ -k 2,2| tr $ "</span><span class="err">\\</span><span class="n">t</span><span class="err">"</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">5</span><span class="w"></span>
<span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">Windows</span><span class="p">;</span><span class="w"> </span><span class="n">U</span><span class="p">;</span><span class="w"> </span><span class="n">Windows</span><span class="w"> </span><span class="n">NT</span><span class="w"> </span><span class="mf">5.1</span><span class="p">;</span><span class="w"> </span><span class="n">fr</span><span class="p">;</span><span class="w"> </span><span class="nl">rv</span><span class="p">:</span><span class="mf">1.8.1</span><span class="p">)</span><span class="w"> </span><span class="n">VoilaBot</span><span class="w"> </span><span class="n">BETA</span><span class="w"> </span><span class="mf">1.2</span><span class="w"> </span><span class="p">(</span><span class="n">support</span><span class="p">.</span><span class="n">voilabot</span><span class="nv">@orange</span><span class="o">-</span><span class="n">ftgroup</span><span class="p">.</span><span class="n">com</span><span class="p">)</span><span class="w"> </span><span class="mi">10539</span><span class="w"></span>
<span class="n">Mozilla</span><span class="o">/</span><span class="mf">4.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">MSIE</span><span class="w"> </span><span class="mf">4.01</span><span class="p">;</span><span class="w"> </span><span class="n">Windows</span><span class="w"> </span><span class="n">CE</span><span class="p">;</span><span class="w"> </span><span class="n">PPC</span><span class="p">;</span><span class="w"> </span><span class="mi">240</span><span class="n">x320</span><span class="p">;</span><span class="w"> </span><span class="n">SPV</span><span class="w"> </span><span class="n">M700</span><span class="p">;</span><span class="w"> </span><span class="n">OpVer</span><span class="w"> </span><span class="mf">19.123.2.733</span><span class="p">)</span><span class="w"> </span><span class="n">OrangeBot</span><span class="o">-</span><span class="n">Mobile</span><span class="w"> </span><span class="mf">2008.0</span><span class="w"> </span><span class="p">(</span><span class="n">mobilesearch</span><span class="p">.</span><span class="n">support</span><span class="nv">@orange</span><span class="o">-</span><span class="n">ftgroup</span><span class="p">.</span><span class="n">com</span><span class="p">)</span><span class="w"> </span><span class="mi">6493</span><span class="w"></span>
<span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">Yahoo</span><span class="err">!</span><span class="w"> </span><span class="n">Slurp</span><span class="o">/</span><span class="mf">3.0</span><span class="p">;</span><span class="w"> </span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="n">help</span><span class="p">.</span><span class="n">yahoo</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">help</span><span class="o">/</span><span class="n">us</span><span class="o">/</span><span class="n">ysearch</span><span class="o">/</span><span class="n">slurp</span><span class="p">)</span><span class="w"> </span><span class="mi">4188</span><span class="w"></span>
<span class="n">msnbot</span><span class="o">/</span><span class="mf">2.0</span><span class="n">b</span><span class="w"> </span><span class="p">(</span><span class="o">+</span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="k">search</span><span class="p">.</span><span class="n">msn</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">msnbot</span><span class="p">.</span><span class="n">htm</span><span class="p">)</span><span class="w"> </span><span class="mi">3269</span><span class="w"></span>
<span class="n">Mozilla</span><span class="o">/</span><span class="mf">5.0</span><span class="w"> </span><span class="p">(</span><span class="n">compatible</span><span class="p">;</span><span class="w"> </span><span class="n">Googlebot</span><span class="o">/</span><span class="mf">2.1</span><span class="p">;</span><span class="w"> </span><span class="o">+</span><span class="nl">http</span><span class="p">:</span><span class="o">//</span><span class="n">www</span><span class="p">.</span><span class="n">google</span><span class="p">.</span><span class="n">com</span><span class="o">/</span><span class="n">bot</span><span class="p">.</span><span class="n">html</span><span class="p">)</span><span class="w"> </span><span class="mi">3017</span><span class="w"></span>
</code></pre></div>
<p>Le choix du caractère de séparateur de champ est discutable, mais il ne change pas qu'après réflexion, l'affichage de la commande précédente me semble plus lisible. Et je pense qu'afficher le nombre d'occurences en permier sera plus lisible dans d'autres cas, comme le referer ou l'URL.</p>Installation de phpMyAdmin sur CentOS 6 - suite2011-10-17T09:30:00+02:002011-10-17T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2011-10-17:/post/2011/10/17/Installation-de-phpMyAdmin-sur-CentOS-6-suite/<h2>Résumé de l'épisode précédent</h2>
<p>Lors de mon précédent billet sur <a href="/post/2011/10/03/Installation-de-phpMyAdmin-sur-CentOS-6">l'installation et la configuration de phpMyAdmin sur CentOS 6</a>, nous avions obtenu une installation fonctionnelle, mais perfectible. Nous allons voir ensemble comment rendre l'installation plus confortable et tenter de la sécuriser un peu.</p>
<h2>Authentification par cookie</h2>
<p>Lors de la connexion …</p><h2>Résumé de l'épisode précédent</h2>
<p>Lors de mon précédent billet sur <a href="/post/2011/10/03/Installation-de-phpMyAdmin-sur-CentOS-6">l'installation et la configuration de phpMyAdmin sur CentOS 6</a>, nous avions obtenu une installation fonctionnelle, mais perfectible. Nous allons voir ensemble comment rendre l'installation plus confortable et tenter de la sécuriser un peu.</p>
<h2>Authentification par cookie</h2>
<p>Lors de la connexion à phpMyAdmin, c'est une authentification de type HTTP qui est envoyée. Sachant que nous n'avons pas encore activé HTTPS, les identifiants circulent en clair sur le réseau. De plus, à chaque fois qu'on ferme la fenêtre ou l'onglet du navigateur, il faut s'authentifier à nouveau. Le cookie devrait donc aider. Pour activer ce mécanisme, éditons le fichier de configuration de phpMyAdmin :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">vi</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">phpMyAdmin</span><span class="o">/</span><span class="n">config</span><span class="p">.</span><span class="n">inc</span><span class="p">.</span><span class="n">php</span><span class="w"></span>
</code></pre></div>
<p>A la ligne 41, on trouvera l'expression suivante :</p>
<div class="highlight"><pre><span></span><code>$cfg['Servers'][$i]['auth_type'] = 'http'; // Authentication method (config, http or cookie based)?
</code></pre></div>
<p>Il suffit donc de remplacer 'http' par 'cookie' puis d'enregistrer le fichier. Le paramètre 'config' est à manipuler avec la plus grande précaution, et nécessite de renseigner les identifiants dans les champs suivants, ce qui n'est pas du tout sécurisé à mon sens. Une fois la modification effectuée, une (jolie ?) page d'identification devrait apparaître en lieu et place de l'horrible notification du navigateur demandant le login et le mot de passe. En prime, il est possible de choisir la langue :-)</p>
<p>Maintenant, un message assez étrange risque d'apparaître lors de vos prochaines connexions, en bas de l'interface de phpMyAdmin : “Vous devez ajouter dans le fichier de configuration une phrase de passe secrète (blowfish_secret).” Allons donc éditer de nouveau le fichier de configuration, à la ligne 14 :</p>
<div class="highlight"><pre><span></span><code><span class="mh">$cf</span><span class="nv">g</span>[<span class="s1">'</span><span class="s">blowfish_secret</span><span class="s1">'</span>] <span class="o">=</span> <span class="s1">''</span><span class="c1">; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */</span>
</code></pre></div>
<p>Et entre les guillemets simple, on insère une phrase de passe. Quelques exemples :</p>
<ul>
<li>je vois un gnou faire de la bicyclette</li>
<li>je ne sais pas programmer en python (ou perl, java, c, ruby, ce que vous voulez)</li>
<li>aieruhgpauOUGYVaerhg 07856qorieghg (oui, l'aléatoire fonctionne aussi)</li>
</ul>
<p>Le but n'est pas de fournir une phrase intelligible ou facilement mémorisable, mais une suite de caractère assez longue pour chiffrer le mot de passe dans le cookie. Il ne sera pas nécessaire de réutiliser cette phrase de passe.</p>
<h2>HTTPS</h2>
<p>L'authentification par cookie apporte un mieux, mais celui-ci peut toujours être intercepté et rejoué par quelqu'un de malintentionné. De plus l'intercepteur pourra examiner le traffic et en retirer les commandes jouées, ou pourquoi pas le contenu des base de données. L'un des moyens d'empêcher cette interception est de chiffrer le trafic entre la machine cliente et le serveur hébergeant phpMyAdmin et MySQL. Pour cela nous allons activer mod_ssl dans Apache afin de naviguer en HTTPS dans phpMyAdmin.</p>
<p>Installons donc mod_ssl :</p>
<div class="highlight"><pre><span></span><code><span class="p">[</span><span class="n">root</span><span class="err">@</span><span class="n">crashtest</span><span class="w"> </span><span class="o">~</span><span class="p">]</span><span class="c1"># yum install mod_ssl</span><span class="w"></span>
<span class="n">Loaded</span><span class="w"> </span><span class="n">plugins</span><span class="p">:</span><span class="w"> </span><span class="n">fastestmirror</span><span class="w"></span>
<span class="n">Loading</span><span class="w"> </span><span class="n">mirror</span><span class="w"> </span><span class="n">speeds</span><span class="w"> </span><span class="n">from</span><span class="w"> </span><span class="n">cached</span><span class="w"> </span><span class="n">hostfile</span><span class="w"></span>
<span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="n">epel</span><span class="p">:</span><span class="w"> </span><span class="n">mirrors</span><span class="o">.</span><span class="n">ircam</span><span class="o">.</span><span class="n">fr</span><span class="w"></span>
<span class="n">Setting</span><span class="w"> </span><span class="n">up</span><span class="w"> </span><span class="n">Install</span><span class="w"> </span><span class="n">Process</span><span class="w"></span>
<span class="n">Resolving</span><span class="w"> </span><span class="n">Dependencies</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">mod_ssl</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Finished</span><span class="w"> </span><span class="n">Dependency</span><span class="w"> </span><span class="n">Resolution</span><span class="w"></span>
<span class="n">Dependencies</span><span class="w"> </span><span class="n">Resolved</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">Arch</span><span class="w"> </span><span class="n">Version</span><span class="w"> </span><span class="n">Repository</span><span class="w"> </span><span class="n">Size</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Installing</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mod_ssl</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">85</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Summary</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Install</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Upgrade</span><span class="w"> </span><span class="mi">0</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Total</span><span class="w"> </span><span class="n">download</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mi">85</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="n">Installed</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mi">183</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"> </span><span class="n">y</span><span class="w"></span>
<span class="n">Downloading</span><span class="w"> </span><span class="n">Packages</span><span class="p">:</span><span class="w"></span>
<span class="n">mod_ssl</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">85</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">rpm_check_debug</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"> </span><span class="n">Succeeded</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"></span>
<span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">:</span><span class="n">mod_ssl</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="o">/</span><span class="mi">1</span><span class="w"></span>
<span class="n">Installed</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mod_ssl</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"></span>
<span class="n">Complete</span><span class="o">!</span><span class="w"></span>
</code></pre></div>
<p>Relançons Apache :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="n">restart</span><span class="w"></span>
<span class="n">Arrêt</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
<span class="n">Démarrage</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Et rendons-nous sur phpMyAdmin, en HTTPS. Dans mon cas l'url est https://crashtest/phpmyadmin/ . Un message du navigateur signale alors que le certificat utilisé pour se connecter est auto-signé.</p>
<p>Il est courant d'accepter le certificat et de le mémoriser : à plus forte raison s'il s'agit d'une machine de tests ou de développement, il suffit de s'assurer que le certificat ne changera pas en le mémorisant dans le navigateur; si jamais ce message devait à nouveau s'afficher, soit vous avez réinstallé le serveur ou changé les certificats, soit un petit malin tente une attaque de type "homme du milieu" (<em>man in the middle</em> en anglais).</p>
<p>Il est aussi possible d'accepter le certificat sans pour autant le mémoriser, et (faire) créer les certificats adéquats, selon votre type d'organisation ; les grosses entreprises possèdent leur propre autorité de certification et la déploient sur leurs postes de travail. Si votre serveur est directement accessible depuis Internet, de nombreux prestataires proposent, gratuitement ou non, de générer un certificat qu'il vous faudra ensuite installer en lieu et place de ceux par défaut. Cela peut vous éviter de vérifier manuellement sur chaque nouvelle machine cliente qu'il s'agit du bon certificat.</p>
<p>La mise en œuvre détaillée d'un serveur HTTPS et d'une infrastructure de gestion de certificats SSL d'entreprise (appelée aussi PKI de l'anglais <em>Public Key Infrastructure</em>) ne fait pas partie des objectifs de ce billet, par conséquent elle est laissée en exercice au lecteur.</p>
<p>Notre serveur accepte donc les connexions HTTP en clair et les connexions HTTPS chiffrées.</p>
<h2>Pare-feu</h2>
<p>En plus de chiffrer des connexions, il est possible de les filtrer. Dans le précédent billet, nous avons vu qu'Apache peut interdire ou accepter certains clients suivant leur adresse IP. Il est possible, avec un pare-feu (<em>firewall</em> en anglais), de filtrer les connexions Apache comme MySQL ou SSH et d'effectuer un contrôle plus fin sur les connexions.</p>
<p>Sur un système GNU/Linux, en particulier CentOS, le pare-feu de référence est <a href="http://www.netfilter.org/">Netfilter</a> (qui fournit entre autres la commande <em><a href="http://www.netfilter.org/projects/iptables/index.html">iptables</a></em>). La plupart des autres projets de pare-feu pour GNU/Linux sont généralement des surcouches à Netfilter.</p>
<p><strong>Attention !</strong> il est très facile, lorsqu'on manipule des règles de filtrage de connexions réseau, de scier la branche sur laquelle on est assis. Si bloquer accidentellement les connexions réseau lorsqu'on est devant la machine n'est pas bien grave, couper la connexion SSH qu'on utilise oblige à se déplacer, couper le pare-feu une fois devant la machine, puis repartir à son poste et se reconnecter.</p>
<p>Pour éviter ce genre de désagrément, il est possible de planifier une tâche qui coupe le firewall, par exemple toutes les 10 minutes. Ainsi, dès qu'on se rend compte que la machine ne répond plus à rien sur le réseau, il ne reste qu'à attendre 10 minutes tout au plus pour que la machine soit à nouveau accessible. L'inconvénient est qu'il faut réussir à faire ses modifications en moins de 10 minutes ! Nous allons donc éditer la “crontab” :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">crontab</span><span class="w"> </span><span class="o">-</span><span class="n">e</span><span class="w"></span>
</code></pre></div>
<p>Il est fort probable qu'elle soit vide, puisqu'il s'agit de la crontab de root et que la machine est fraîchement installée. Ajoutons la ligne suivante :</p>
<div class="highlight"><pre><span></span><code>*/10 * * * * /etc/init.d/iptables stop > /dev/null 2>&1
</code></pre></div>
<p>Et voilà ! Toutes les 10 minutes, le pare-feu sera désactivé. Le temps d'effectuer une modification, et de la valider. Attention cependant, une fois que les changements seront validés, penser à effacer cette ligne, ou à la commenter. Pour plus d'information : <a href="http://manpagesfr.free.fr/man/man5/crontab.5.html">la page de manuel</a>. Une fois le garde-fou mis en place, passons aux choses sérieuses : définir les règles de filtrage à mettre en place, puis les mettre en place.</p>
<p>Afin de rester dans les clous de la distribution, nous n'allons pas créer un script de pare-feu personnalisé, mais utiliser le fichier déjà en place pour sauvegarder les règles. Ce fichier est <em>/etc/sysconfig/iptables</em>, mais comme indiqué en anglais en tête de ce fichier, il n'est pas recommandé de l'éditer manuellement. Nous allons donc lancer le pare-feu, ajouter des règles avec la commande <em>iptables</em>, vérifier leur bon fonctionnement, les sauvegarder, et vérifier la sauvegarde.</p>
<p>Lancement du pare-feu :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="k">start</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Application</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">règles</span><span class="w"> </span><span class="n">du</span><span class="w"> </span><span class="n">pare</span><span class="o">-</span><span class="n">feu</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Vérification des règles actuellement activées :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="n">status</span><span class="w"></span>
<span class="nc">Table</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="k">filter</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
<span class="mi">1</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="n">RELATED</span><span class="p">,</span><span class="n">ESTABLISHED</span><span class="w"></span>
<span class="mi">2</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">icmp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"></span>
<span class="mi">3</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"></span>
<span class="mi">4</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">22</span><span class="w"></span>
<span class="mi">5</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">25</span><span class="w"></span>
<span class="mi">6</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="n">FORWARD</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
<span class="mi">1</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="k">OUTPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
</code></pre></div>
<p>Et si on tente de se connecter à phpMyAdmin, cela ne fonctionne plus. Il faut donc accepter les connexions vers le port 80 (HTTP) et 443 (HTTPS). Nous allons insérer dans la chaine INPUT avant la règle numéro 5 (celle qui accepte le port 25 tcp) une règle acceptant le port 80 :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="o">-</span><span class="n">I</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="mi">5</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="c1">--state NEW -m tcp -p tcp --dport 80 -j ACCEPT</span>
</code></pre></div>
<p>Si on se connecte à phpMyAdmin, cela fonctionne en HTTP, mais pas en HTTPS. Continuons, cette fois insérons notre règle avant la numéro 6 (décalage oblige du fait de notre insertion précédente) :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="o">-</span><span class="n">I</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="mi">6</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="c1">--state NEW -m tcp -p tcp --dport 443 -j ACCEPT</span>
</code></pre></div>
<p>Voilà, maintenant nous accédons à phpMyAdmin en HTTPS. Vérifions les règles en mémoire pour comparaison avec la situation précédente :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="n">status</span><span class="w"></span>
<span class="nc">Table</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="k">filter</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
<span class="mi">1</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="n">RELATED</span><span class="p">,</span><span class="n">ESTABLISHED</span><span class="w"></span>
<span class="mi">2</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">icmp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"></span>
<span class="mi">3</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"></span>
<span class="mi">4</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">22</span><span class="w"></span>
<span class="mi">5</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">80</span><span class="w"></span>
<span class="mi">6</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">443</span><span class="w"></span>
<span class="mi">7</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">25</span><span class="w"></span>
<span class="mi">8</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="n">FORWARD</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
<span class="mi">1</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="k">OUTPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"></span>
</code></pre></div>
<p>A noter que la commande <em>iptables -L -n</em> donne le même résultat, et pourrait servir sur d'autres distributions Linux.A présent, sauvegardons notre configuration :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="k">save</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Sauvegarde</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">règles</span><span class="w"> </span><span class="n">du</span><span class="w"> </span><span class="n">pare</span><span class="o">-</span><span class="n">feu</span><span class="w"> </span><span class="n">dans</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">sysconfig</span><span class="o">/</span><span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Vérifions la sauvegarde :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">cat</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">sysconfig</span><span class="o">/</span><span class="n">iptables</span><span class="w"></span>
<span class="err">#</span><span class="w"> </span><span class="n">Generated</span><span class="w"> </span><span class="k">by</span><span class="w"> </span><span class="n">iptables</span><span class="o">-</span><span class="k">save</span><span class="w"> </span><span class="n">v1</span><span class="mf">.4.7</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="n">Thu</span><span class="w"> </span><span class="n">Sep</span><span class="w"> </span><span class="mi">22</span><span class="w"> </span><span class="mi">20</span><span class="err">:</span><span class="mi">34</span><span class="err">:</span><span class="mi">19</span><span class="w"> </span><span class="mi">2011</span><span class="w"></span>
<span class="o">*</span><span class="k">filter</span><span class="w"></span>
<span class="err">:</span><span class="k">INPUT</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="o">[</span><span class="n">0:0</span><span class="o">]</span><span class="w"></span>
<span class="err">:</span><span class="n">FORWARD</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="o">[</span><span class="n">0:0</span><span class="o">]</span><span class="w"></span>
<span class="err">:</span><span class="k">OUTPUT</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="o">[</span><span class="n">1118:858094</span><span class="o">]</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="o">--</span><span class="k">state</span><span class="w"> </span><span class="n">RELATED</span><span class="p">,</span><span class="n">ESTABLISHED</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">icmp</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">i</span><span class="w"> </span><span class="n">lo</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="o">--</span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="n">dport</span><span class="w"> </span><span class="mi">22</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="o">--</span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="n">dport</span><span class="w"> </span><span class="mi">80</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="o">--</span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="n">dport</span><span class="w"> </span><span class="mi">443</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="o">--</span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="n">dport</span><span class="w"> </span><span class="mi">25</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="o">--</span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="o">-</span><span class="n">A</span><span class="w"> </span><span class="n">FORWARD</span><span class="w"> </span><span class="o">-</span><span class="n">j</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="o">--</span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"></span>
<span class="k">COMMIT</span><span class="w"></span>
<span class="err">#</span><span class="w"> </span><span class="n">Completed</span><span class="w"> </span><span class="k">on</span><span class="w"> </span><span class="n">Thu</span><span class="w"> </span><span class="n">Sep</span><span class="w"> </span><span class="mi">22</span><span class="w"> </span><span class="mi">20</span><span class="err">:</span><span class="mi">34</span><span class="err">:</span><span class="mi">19</span><span class="w"> </span><span class="mi">2011</span><span class="w"></span>
</code></pre></div>
<p>On peut donc voir que les règles acceptant les ports 80 sont bien sauvegardées. La règle autorisant le port 25 n'est pas utile, elle fut ajoutée en exemple lors du billet sur une installation minimaliste de CentOS 6. Le retrait de cette règle est laissé en exercice au lecteur ;-)</p>
<p>Une fois les règles en place donnant satisfaction, il faut penser à retirer le garde-fou en éditant la crontab : on peut alors supprimer la ligne désactivant iptables, ou la mettre en commentaire en place le caractère "#" devant. Après le retrait du garde-fou, on peut activer le pare-feu au démarrage :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">iptables</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="k">on</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">iptables</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
</code></pre></div>
<h2>Base de données phpMyAdmin</h2>
<p>phpMyAdmin est maintenant un outil complet avec de nombreux paramètres. Certains peuvent être utilisés via le fichier de configuration, mais pour d'autres, une base de données est nécessaire. D'ailleurs, selon le paquet phpMyAdmin installé (une version à jour est arrivée pendant l'écriture des deux billets), vous pouvez avoir le message suivant en bas de l'interface : “Le stockage de configurations phpMyAdmin n'est pas complètement configuré, certaines fonctionnalités ont été désactivée. Pour en connaître la raison, cliquez ici.”Dans la version plus récente, cet avertissement a été retiré.</p>
<p>Utilisons phpMyAdmin pour créer un nouvel utilisateur dit “de contrôle” (via l'onglet “Privilèges”), et appelons-le tout simplement “phpmyadmin”. Le paramètre client est “Local”, et on génèrera le mot de passe aléatoirement. Pensez à copier ce mot de passe ailleurs, on va en avoir besoin un peu plus tard. Toujours dans l'interface de création de l'utilisateur, cochons l'option “Créer une base portant son nom et donner à cet utilisateur tous les privilèges sur cette base”. Enfin, cliquons sur le bouton du bas : “Créer un compte d'utilisateur”. Une autre manipulation est nécessaire car l'utilisateur de contrôle a besoin d'un peu plus de droits. Pour aller plus vite, rechargeons les privilèges puis cliquons sur l'onglet “SQL” et entrons le texte suivant dans le champ (j'espère que vous avez bien copié le mot de passe généré de tout à l'heure ;-)):</p>
<div class="highlight"><pre><span></span><code><span class="n">GRANT</span><span class="w"> </span><span class="n">USAGE</span><span class="w"> </span><span class="n">ON</span><span class="w"> </span><span class="n">mysql</span><span class="o">.*</span><span class="w"> </span><span class="n">TO</span><span class="w"> </span><span class="s1">'phpmyadmin'</span><span class="err">@</span><span class="s1">'localhost'</span><span class="w"> </span><span class="n">IDENTIFIED</span><span class="w"> </span><span class="n">BY</span><span class="w"> </span><span class="s1">'motdepassealeatoire'</span><span class="p">;</span><span class="w"></span>
<span class="n">GRANT</span><span class="w"> </span><span class="n">SELECT</span><span class="w"> </span><span class="p">(</span><span class="w"></span>
<span class="w"> </span><span class="n">Host</span><span class="p">,</span><span class="w"> </span><span class="n">User</span><span class="p">,</span><span class="w"> </span><span class="n">Select_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Insert_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Update_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Delete_priv</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="n">Create_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Drop_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Reload_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Shutdown_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Process_priv</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="n">File_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Grant_priv</span><span class="p">,</span><span class="w"> </span><span class="n">References_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Index_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Alter_priv</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="n">Show_db_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Super_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Create_tmp_table_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Lock_tables_priv</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="n">Execute_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Repl_slave_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Repl_client_priv</span><span class="w"></span>
<span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="n">ON</span><span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">user</span><span class="w"> </span><span class="n">TO</span><span class="w"> </span><span class="s1">'phpmyadmin'</span><span class="err">@</span><span class="s1">'localhost'</span><span class="p">;</span><span class="w"></span>
<span class="n">GRANT</span><span class="w"> </span><span class="n">SELECT</span><span class="w"> </span><span class="n">ON</span><span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">db</span><span class="w"> </span><span class="n">TO</span><span class="w"> </span><span class="s1">'phpmyadmin'</span><span class="err">@</span><span class="s1">'localhost'</span><span class="p">;</span><span class="w"></span>
<span class="n">GRANT</span><span class="w"> </span><span class="n">SELECT</span><span class="w"> </span><span class="n">ON</span><span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">host</span><span class="w"> </span><span class="n">TO</span><span class="w"> </span><span class="s1">'phpmyadmin'</span><span class="err">@</span><span class="s1">'localhost'</span><span class="p">;</span><span class="w"></span>
<span class="n">GRANT</span><span class="w"> </span><span class="n">SELECT</span><span class="w"> </span><span class="p">(</span><span class="n">Host</span><span class="p">,</span><span class="w"> </span><span class="n">Db</span><span class="p">,</span><span class="w"> </span><span class="n">User</span><span class="p">,</span><span class="w"> </span><span class="n">Table_name</span><span class="p">,</span><span class="w"> </span><span class="n">Table_priv</span><span class="p">,</span><span class="w"> </span><span class="n">Column_priv</span><span class="p">)</span><span class="w"></span>
<span class="w"> </span><span class="n">ON</span><span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">tables_priv</span><span class="w"> </span><span class="n">TO</span><span class="w"> </span><span class="s1">'phpmyadmin'</span><span class="err">@</span><span class="s1">'localhost'</span><span class="p">;</span><span class="w"></span>
</code></pre></div>
<p>Cliquons sur “Exécuter” et on nous signale que MySQL a retourné des résultat vides. Pensons à recharger les privilèges (dans l'onglet “Privilèges”Encore une chose. Il nous faut peupler la base de données créée pour phpMyAdmin. Pour cela, revenons dans le shell de notre serveur et utilisons le fichier SQL fourni par phpMyAdmin :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">mysql</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">share</span><span class="o">/</span><span class="n">phpMyAdmin</span><span class="o">/</span><span class="n">examples</span><span class="o">/</span><span class="n">create_tables</span><span class="p">.</span><span class="k">sql</span><span class="w"></span>
</code></pre></div>
<p>A noter que sur d'anciennes versions, le répertoire est /usr/share/phpMyAdmin/scripts/create_tables.sql .Maintenant éditons à nouveau le fichier de configuration de phpMyAdmin :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">vi</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">phpMyAdmin</span><span class="o">/</span><span class="n">config</span><span class="p">.</span><span class="n">inc</span><span class="p">.</span><span class="n">php</span><span class="w"></span>
</code></pre></div>
<p>Et renseignons aux lignes 34 et 36 l'utilisateur de contrôle et son mot de passe :</p>
<div class="highlight"><pre><span></span><code><span class="mh">$cf</span><span class="nv">g</span>[<span class="s1">'</span><span class="s">Servers</span><span class="s1">'</span>][$<span class="nv">i</span>][<span class="s1">'</span><span class="s">controluser</span><span class="s1">'</span>] <span class="o">=</span> <span class="s1">'</span><span class="s">phpmyadmin</span><span class="s1">'</span><span class="c1">; // MySQL control user settings</span>
<span class="o">//</span> <span class="ss">(</span><span class="nv">this</span> <span class="nv">user</span> <span class="nv">must</span> <span class="nv">have</span> <span class="nv">read</span><span class="o">-</span><span class="nv">only</span>
<span class="mh">$cf</span><span class="nv">g</span>[<span class="s1">'</span><span class="s">Servers</span><span class="s1">'</span>][$<span class="nv">i</span>][<span class="s1">'</span><span class="s">controlpass</span><span class="s1">'</span>] <span class="o">=</span> <span class="s1">'</span><span class="s">motdepassealeatoire</span><span class="s1">'</span><span class="c1">; // access to the "mysql/user"</span>
<span class="o">//</span> <span class="nv">and</span> <span class="s2">"</span><span class="s">mysql/db</span><span class="s2">"</span> <span class="nv">tables</span><span class="ss">)</span>.
<span class="o">//</span> <span class="nv">The</span> <span class="nv">controluser</span> <span class="nv">is</span> <span class="nv">also</span>
<span class="o">//</span> <span class="nv">used</span> <span class="k">for</span> <span class="nv">all</span> <span class="nv">relational</span>
<span class="o">//</span> <span class="nv">features</span> <span class="ss">(</span><span class="nv">pmadb</span><span class="ss">)</span>
</code></pre></div>
<p>Une fois le fichier enregistré et déconnecté puis reconnecté à phpMyAdmin, nous pouvons utiliser toutes les possibilités de cet outil !</p>
<h2>SELinux</h2>
<p>J'avoue ne pas être familier avec SELinux. Je me suis contenté d'éditer <em>/etc/sysconfig/selinux</em> et de passer le paramètre <em>SELINUX</em> à <em>enforcing</em>. Un reboot plus tard, SELinux est activé, httpd, mysqld sont lancés, et phpMyAdmin est accessible !</p>
<h2>Commentaires</h2>
<h3>Le 10/12/2011 17:19 par <a href="http://www.lapoussette.net">poussette</a></h3>
<p>Hello,bon nombre de remerciement pour ce super post que très sympathique.</p>Installation de phpMyAdmin sur CentOS 62011-10-03T09:30:00+02:002011-10-03T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2011-10-03:/post/2011/10/03/Installation-de-phpMyAdmin-sur-CentOS-6/<h2>Préambule</h2>
<p>Il y a un peu plus de deux ans, j'écrivais ce qui reste (à l'écriture de ce billet) le contenu phare de ce blog : <a href="/post/2008/05/17/installation-de-phpmyadmin-sur-CentOS-5">installation de phpMyAdmin sur CentOS 5</a>. C'est bien simple, c'est la raison pour laquelle une grande majorité des visiteurs atterrit ici. Ca en devient presque …</p><h2>Préambule</h2>
<p>Il y a un peu plus de deux ans, j'écrivais ce qui reste (à l'écriture de ce billet) le contenu phare de ce blog : <a href="/post/2008/05/17/installation-de-phpmyadmin-sur-CentOS-5">installation de phpMyAdmin sur CentOS 5</a>. C'est bien simple, c'est la raison pour laquelle une grande majorité des visiteurs atterrit ici. Ca en devient presque frustrant, d'ailleurs ;-) Bref, toujours est-il que depuis juillet, CentOS 6 est (enfin) disponible , il est donc temps de remettre ce petit tutoriel au goût du jour !</p>
<p><strong>Objectifs :</strong> installer et configurer un serveur de base de données MySQL avec une interface web d'administration pour pouvoir ensuite faire du développement ou installer facilement d'autres outils web utilisant ce type de base de données, comme un CMS ou un moteur de blog.</p>
<p><strong>Outils à disposition :</strong> que du libre, bien entendu ! Le système d'exploitation est <a href="http://wiki.centos.org/Manuals/ReleaseNotes/CentOS6.0">CentOS 6</a>, le serveur de base de données <a href="https://www.mysql.com/">MySQL</a> est disponible dans les dépôts de cette distribution, ainsi que le serveur web, <a href="https://httpd.apache.org/">Apache HTTP Server</a>. Le logiciel d'administration web est le très connu <a href="http://www.phpmyadmin.net/home_page/index.php">phpMyAdmin</a>, qu'on installera (avec ses prérequis) depuis le dépôt <a href="https://fedoraproject.org/wiki/EPEL">EPEL</a>. On supposera donc que la machine a accès à Internet (pour accéder aux dépôts).</p>
<p>Je ne vais pas décrire tout depuis l'installation de l'OS, mais pour s'assurer que les bases sont saines, j'ai effectué une installation ressemblant comme deux gouttes d'eau à mon billet précédent : <a href="/post/2011/08/08/Installation-minimaliste-d-une-CentOS-6">installation minimaliste d'une CentOS 6</a> (et je vais peut-être me calmer un peu sur l’auto-promotion ;-) ). Parmi les paramètres importants, notons la désactivation de SELinux.</p>
<p>Une dernière chose avant de rentrer dans le vif du sujet : pour plus de transparence, et aussi parce que les plus intéressés par ce billet sont probablement des débutants dans le monde de GNU/Linux et des logiciels libres, j'ai choisi d'afficher autant que faire se peut les résultats des commandes. <strong>Le billet est donc assez long, mais pas complexe pour autant !</strong> Je vous recommande cependant de lire ce billet en entier avant de taper la moindre commande sur votre machine. De toutes façons, vous utilisez une machine (virtuelle) de tests, hein ?</p>
<h2>Installation d'Apache, PHP et de phpMyAdmin</h2>
<p>Commençons par ajouter le dépôt EPEL à notre installation, de sorte à faciliter l'installation de toute la bande Apache, PHP, MySQL et phpMyAdmin :</p>
<div class="highlight"><pre><span></span><code><span class="p">[</span><span class="n">root</span><span class="err">@</span><span class="n">crashtest</span><span class="w"> </span><span class="o">~</span><span class="p">]</span><span class="c1"># rpm -ivh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm</span><span class="w"></span>
<span class="n">Récupération</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">http</span><span class="p">:</span><span class="o">//</span><span class="n">download</span><span class="o">.</span><span class="n">fedoraproject</span><span class="o">.</span><span class="n">org</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">epel</span><span class="o">/</span><span class="mi">6</span><span class="o">/</span><span class="n">i386</span><span class="o">/</span><span class="n">epel</span><span class="o">-</span><span class="n">release</span><span class="o">-</span><span class="mi">6</span><span class="o">-</span><span class="mf">5.</span><span class="n">noarch</span><span class="o">.</span><span class="n">rpm</span><span class="w"></span>
<span class="n">attention</span><span class="p">:</span><span class="w"> </span><span class="o">/</span><span class="k">var</span><span class="o">/</span><span class="n">tmp</span><span class="o">/</span><span class="n">rpm</span><span class="o">-</span><span class="n">tmp</span><span class="o">.</span><span class="n">c1BYty</span><span class="p">:</span><span class="w"> </span><span class="n">Entête</span><span class="w"> </span><span class="n">V3</span><span class="w"> </span><span class="n">RSA</span><span class="o">/</span><span class="n">SHA256</span><span class="w"> </span><span class="n">Signature</span><span class="p">,</span><span class="w"> </span><span class="n">key</span><span class="w"> </span><span class="n">ID</span><span class="w"> </span><span class="mi">0608</span><span class="n">b895</span><span class="p">:</span><span class="w"> </span><span class="n">NOKEY</span><span class="w"></span>
<span class="n">Préparation</span><span class="o">...</span><span class="w"> </span><span class="p">(</span><span class="mi">100</span><span class="o">%</span><span class="p">)</span><span class="w"></span>
<span class="mi">1</span><span class="p">:</span><span class="n">epel</span><span class="o">-</span><span class="n">release</span><span class="w"> </span><span class="p">(</span><span class="mi">100</span><span class="o">%</span><span class="p">)</span><span class="w"></span>
</code></pre></div>
<p>Ensuite, c'est assez simple, grâce au jeu des dépendances, nous installons phpMyAdmin :</p>
<div class="highlight"><pre><span></span><code><span class="p">[</span><span class="n">root</span><span class="err">@</span><span class="n">crashtest</span><span class="w"> </span><span class="o">~</span><span class="p">]</span><span class="c1"># yum install phpmyadmin</span><span class="w"></span>
<span class="n">Loaded</span><span class="w"> </span><span class="n">plugins</span><span class="p">:</span><span class="w"> </span><span class="n">fastestmirror</span><span class="w"></span>
<span class="n">Determining</span><span class="w"> </span><span class="n">fastest</span><span class="w"> </span><span class="n">mirrors</span><span class="w"></span>
<span class="n">epel</span><span class="o">/</span><span class="n">metalink</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">12</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="n">epel</span><span class="p">:</span><span class="w"> </span><span class="n">mirrors</span><span class="o">.</span><span class="n">ircam</span><span class="o">.</span><span class="n">fr</span><span class="w"></span>
<span class="n">base</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">3.7</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">base</span><span class="o">/</span><span class="n">primary_db</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">4.2</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">epel</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">4.3</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">epel</span><span class="o">/</span><span class="n">primary_db</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">3.9</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">15</span><span class="w"> </span>
<span class="n">extras</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">951</span><span class="w"> </span><span class="n">B</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">extras</span><span class="o">/</span><span class="n">primary</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">203</span><span class="w"> </span><span class="n">B</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">updates</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">3.5</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">updates</span><span class="o">/</span><span class="n">primary_db</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">3.3</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="n">Setting</span><span class="w"> </span><span class="n">up</span><span class="w"> </span><span class="n">Install</span><span class="w"> </span><span class="n">Process</span><span class="w"></span>
<span class="n">Resolving</span><span class="w"> </span><span class="n">Dependencies</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="w"> </span><span class="o">>=</span><span class="w"> </span><span class="mf">5.2</span><span class="o">.</span><span class="mi">0</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="w"> </span><span class="o">>=</span><span class="w"> </span><span class="mf">5.2</span><span class="o">.</span><span class="mi">0</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="w"> </span><span class="o">>=</span><span class="w"> </span><span class="mf">5.2</span><span class="o">.</span><span class="mi">0</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="w"> </span><span class="o">>=</span><span class="w"> </span><span class="mf">5.2</span><span class="o">.</span><span class="mi">0</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="w"> </span><span class="o">>=</span><span class="w"> </span><span class="mf">5.2</span><span class="o">.</span><span class="mi">0</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">httpd</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">mime</span><span class="o">.</span><span class="n">types</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libaprutil</span><span class="o">-</span><span class="mf">1.</span><span class="n">so</span><span class="o">.</span><span class="mi">0</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libapr</span><span class="o">-</span><span class="mf">1.</span><span class="n">so</span><span class="o">.</span><span class="mi">0</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libpng12</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">0</span><span class="p">(</span><span class="n">PNG12_0</span><span class="p">)(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libpng12</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">0</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libjpeg</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">62</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libXpm</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">4</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libfreetype</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">6</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">6</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libmcrypt</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">4</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">apr</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">freetype</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.3</span><span class="o">.</span><span class="mi">11</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">2</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libX11</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libxcb</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">1</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libXpm</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">3.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libjpeg</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mi">6</span><span class="n">b</span><span class="o">-</span><span class="mf">46.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libmcrypt</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">9.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libpng</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">2</span><span class="p">:</span><span class="mf">1.2</span><span class="o">.</span><span class="mi">44</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">mailcap</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.1</span><span class="o">.</span><span class="mi">31</span><span class="o">-</span><span class="mf">1.1</span><span class="o">.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libxcb</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">libXau</span><span class="o">.</span><span class="n">so</span><span class="o">.</span><span class="mi">6</span><span class="p">()(</span><span class="mi">64</span><span class="n">bit</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">libxcb</span><span class="o">-</span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">libXau</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.0</span><span class="o">.</span><span class="mi">5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Finished</span><span class="w"> </span><span class="n">Dependency</span><span class="w"> </span><span class="n">Resolution</span><span class="w"></span>
<span class="n">Dependencies</span><span class="w"> </span><span class="n">Resolved</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">Arch</span><span class="w"> </span><span class="n">Version</span><span class="w"> </span><span class="n">Repository</span><span class="w"> </span><span class="n">Size</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Installing</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">phpMyAdmin</span><span class="w"> </span><span class="n">noarch</span><span class="w"> </span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">epel</span><span class="w"> </span><span class="mf">4.4</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Installing</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">dependencies</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">apr</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">124</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">87</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">15</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">freetype</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">2.3</span><span class="o">.</span><span class="mi">11</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">2</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">359</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">811</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">68</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libX11</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">582</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="w"> </span><span class="n">noarch</span><span class="w"> </span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">188</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libXau</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.0</span><span class="o">.</span><span class="mi">5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">22</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libXpm</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">3.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">59</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libjpeg</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mi">6</span><span class="n">b</span><span class="o">-</span><span class="mf">46.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">134</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libmcrypt</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">2.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">9.</span><span class="n">el6</span><span class="w"> </span><span class="n">epel</span><span class="w"> </span><span class="mi">96</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libpng</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mi">2</span><span class="p">:</span><span class="mf">1.2</span><span class="o">.</span><span class="mi">44</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">180</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">libxcb</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">100</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">mailcap</span><span class="w"> </span><span class="n">noarch</span><span class="w"> </span><span class="mf">2.1</span><span class="o">.</span><span class="mi">31</span><span class="o">-</span><span class="mf">1.1</span><span class="o">.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">27</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mf">1.1</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mf">2.2</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">516</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">103</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">504</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span><span class="n">epel</span><span class="w"> </span><span class="mi">16</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">75</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">72</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Summary</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Install</span><span class="w"> </span><span class="mi">24</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Upgrade</span><span class="w"> </span><span class="mi">0</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Total</span><span class="w"> </span><span class="n">download</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mi">12</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Installed</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mi">42</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"></span>
</code></pre></div>
<p>Comme on peut le voir, de nombreux autres logiciels viennent s'installer car phpMyAdmin en a besoin pour fonctionner, comme PHP et Apache HTTPD Server (paquets <em>httpd</em> et <em>apr-*</em>). Appuyons sur la touche y de notre clavier :</p>
<div class="highlight"><pre><span></span><code><span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"> </span><span class="n">y</span><span class="w"></span>
<span class="n">Downloading</span><span class="w"> </span><span class="n">Packages</span><span class="p">:</span><span class="w"></span>
<span class="p">(</span><span class="mi">1</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">124</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">2</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">87</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">3</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">15</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">4</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">freetype</span><span class="o">-</span><span class="mf">2.3</span><span class="o">.</span><span class="mi">11</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">2.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">359</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">5</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">811</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">6</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">68</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">7</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">582</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">8</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">188</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">9</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libXau</span><span class="o">-</span><span class="mf">1.0</span><span class="o">.</span><span class="mi">5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">22</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">10</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libXpm</span><span class="o">-</span><span class="mf">3.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">59</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">11</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libjpeg</span><span class="o">-</span><span class="mi">6</span><span class="n">b</span><span class="o">-</span><span class="mf">46.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">134</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"></span>
<span class="p">(</span><span class="mi">12</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libmcrypt</span><span class="o">-</span><span class="mf">2.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">9.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">96</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">13</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libpng</span><span class="o">-</span><span class="mf">1.2</span><span class="o">.</span><span class="mi">44</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">180</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">14</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">libxcb</span><span class="o">-</span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">100</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">15</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">mailcap</span><span class="o">-</span><span class="mf">2.1</span><span class="o">.</span><span class="mi">31</span><span class="o">-</span><span class="mf">1.1</span><span class="o">.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">27</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">16</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">1.1</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">17</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">2.2</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">18</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">516</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">19</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">103</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">20</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">504</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">21</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">16</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">22</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">75</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">23</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">72</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">24</span><span class="o">/</span><span class="mi">24</span><span class="p">):</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">4.4</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">18</span><span class="w"> </span>
<span class="o">--------------------------------------------------------------------------------</span><span class="w"></span>
<span class="n">Total</span><span class="w"> </span><span class="mi">574</span><span class="w"> </span><span class="n">kB</span><span class="o">/</span><span class="n">s</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">12</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">20</span><span class="w"> </span>
<span class="n">warning</span><span class="p">:</span><span class="w"> </span><span class="n">rpmts_HdrFromFdno</span><span class="p">:</span><span class="w"> </span><span class="n">Header</span><span class="w"> </span><span class="n">V3</span><span class="w"> </span><span class="n">RSA</span><span class="o">/</span><span class="n">SHA256</span><span class="w"> </span><span class="n">Signature</span><span class="p">,</span><span class="w"> </span><span class="n">key</span><span class="w"> </span><span class="n">ID</span><span class="w"> </span><span class="mi">0608</span><span class="n">b895</span><span class="p">:</span><span class="w"> </span><span class="n">NOKEY</span><span class="w"></span>
<span class="n">epel</span><span class="o">/</span><span class="n">gpgkey</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">3.2</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span><span class="o">...</span><span class="w"> </span>
<span class="n">Importing</span><span class="w"> </span><span class="n">GPG</span><span class="w"> </span><span class="n">key</span><span class="w"> </span><span class="mh">0x0608B895</span><span class="w"> </span><span class="s2">"EPEL (6) <epel@fedoraproject.org>"</span><span class="w"> </span><span class="n">from</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pki</span><span class="o">/</span><span class="n">rpm</span><span class="o">-</span><span class="n">gpg</span><span class="o">/</span><span class="n">RPM</span><span class="o">-</span><span class="n">GPG</span><span class="o">-</span><span class="n">KEY</span><span class="o">-</span><span class="n">EPEL</span><span class="o">-</span><span class="mi">6</span><span class="w"></span>
<span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"> </span>
</code></pre></div>
<p>Autre interrogation intéressante : vous aurez remarqué que tout se déroule grâce à yum, et que nous avons installé un dépôt supplémentaire. Ce dépôt s'identifie via une clé GPG qu'il nous faut importer lors de sa première utilisation. Appuyons-donc sur y et continuons :</p>
<div class="highlight"><pre><span></span><code><span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"> </span><span class="n">y</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">rpm_check_debug</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"> </span><span class="n">Succeeded</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"></span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">2</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">3</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="o">-</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">4</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">5</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">6</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">7</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">8</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">9</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="mi">2</span><span class="p">:</span><span class="n">libpng</span><span class="o">-</span><span class="mf">1.2</span><span class="o">.</span><span class="mi">44</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">10</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">freetype</span><span class="o">-</span><span class="mf">2.3</span><span class="o">.</span><span class="mi">11</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">2.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">11</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libjpeg</span><span class="o">-</span><span class="mi">6</span><span class="n">b</span><span class="o">-</span><span class="mf">46.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">12</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libmcrypt</span><span class="o">-</span><span class="mf">2.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">9.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">13</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libXau</span><span class="o">-</span><span class="mf">1.0</span><span class="o">.</span><span class="mi">5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">14</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libxcb</span><span class="o">-</span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">15</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">mailcap</span><span class="o">-</span><span class="mf">2.1</span><span class="o">.</span><span class="mi">31</span><span class="o">-</span><span class="mf">1.1</span><span class="o">.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">16</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">17</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">18</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">19</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">20</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">21</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">libXpm</span><span class="o">-</span><span class="mf">3.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">22</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">-</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">23</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">-</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">24</span><span class="o">/</span><span class="mi">24</span><span class="w"> </span>
<span class="n">Installed</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">phpMyAdmin</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">3.4</span><span class="o">.</span><span class="mf">3.1</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span>
<span class="n">Dependency</span><span class="w"> </span><span class="n">Installed</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">apr</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">apr</span><span class="o">-</span><span class="n">util</span><span class="o">-</span><span class="n">ldap</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">.</span><span class="mi">9</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">freetype</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.3</span><span class="o">.</span><span class="mi">11</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">2</span><span class="w"> </span>
<span class="w"> </span><span class="n">httpd</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span>
<span class="w"> </span><span class="n">httpd</span><span class="o">-</span><span class="n">tools</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.2</span><span class="o">.</span><span class="mi">15</span><span class="o">-</span><span class="mf">5.</span><span class="n">el6</span><span class="o">.</span><span class="n">centos</span><span class="w"> </span>
<span class="w"> </span><span class="n">libX11</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libX11</span><span class="o">-</span><span class="n">common</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.3</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libXau</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.0</span><span class="o">.</span><span class="mi">5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libXpm</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">3.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">2.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libjpeg</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mi">6</span><span class="n">b</span><span class="o">-</span><span class="mf">46.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libmcrypt</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.5</span><span class="o">.</span><span class="mi">8</span><span class="o">-</span><span class="mf">9.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libpng</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">2</span><span class="p">:</span><span class="mf">1.2</span><span class="o">.</span><span class="mi">44</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">libxcb</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.5</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">mailcap</span><span class="o">.</span><span class="n">noarch</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">2.1</span><span class="o">.</span><span class="mi">31</span><span class="o">-</span><span class="mf">1.1</span><span class="o">.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">cli</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">common</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">gd</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mbstring</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mcrypt</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">mysql</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="w"> </span><span class="n">php</span><span class="o">-</span><span class="n">pdo</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.3</span><span class="o">.</span><span class="mi">2</span><span class="o">-</span><span class="mf">6.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="n">Complete</span><span class="o">!</span><span class="w"></span>
</code></pre></div>
<p>Pensons à activer Apache au démarrage de la machine :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">httpd</span><span class="w"></span>
<span class="n">httpd</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="k">on</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">httpd</span><span class="w"></span>
<span class="n">httpd</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
</code></pre></div>
<p>Vous croyez que c'est fini ? Pourtant ce n'est que le début : nous n'avons toujours pas installé MySQL et il faut encore configurer le tout.</p>
<h2>Installation et configuration de MySQL</h2>
<p>Rien de très compliqué :</p>
<div class="highlight"><pre><span></span><code><span class="p">[</span><span class="n">root</span><span class="err">@</span><span class="n">crashtest</span><span class="w"> </span><span class="o">~</span><span class="p">]</span><span class="c1"># yum install mysql-server</span><span class="w"></span>
<span class="n">Loaded</span><span class="w"> </span><span class="n">plugins</span><span class="p">:</span><span class="w"> </span><span class="n">fastestmirror</span><span class="w"></span>
<span class="n">Loading</span><span class="w"> </span><span class="n">mirror</span><span class="w"> </span><span class="n">speeds</span><span class="w"> </span><span class="n">from</span><span class="w"> </span><span class="n">cached</span><span class="w"> </span><span class="n">hostfile</span><span class="w"></span>
<span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="n">epel</span><span class="p">:</span><span class="w"> </span><span class="n">mirrors</span><span class="o">.</span><span class="n">ircam</span><span class="o">.</span><span class="n">fr</span><span class="w"></span>
<span class="n">Setting</span><span class="w"> </span><span class="n">up</span><span class="w"> </span><span class="n">Install</span><span class="w"> </span><span class="n">Process</span><span class="w"></span>
<span class="n">Resolving</span><span class="w"> </span><span class="n">Dependencies</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Processing</span><span class="w"> </span><span class="n">Dependency</span><span class="p">:</span><span class="w"> </span><span class="n">perl</span><span class="p">(</span><span class="n">DBI</span><span class="p">)</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">package</span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Running</span><span class="w"> </span><span class="n">transaction</span><span class="w"> </span><span class="n">check</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">4.013</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">---></span><span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.609</span><span class="o">-</span><span class="mf">4.</span><span class="n">el6</span><span class="w"> </span><span class="n">set</span><span class="w"> </span><span class="n">to</span><span class="w"> </span><span class="n">be</span><span class="w"> </span><span class="n">updated</span><span class="w"></span>
<span class="o">--></span><span class="w"> </span><span class="n">Finished</span><span class="w"> </span><span class="n">Dependency</span><span class="w"> </span><span class="n">Resolution</span><span class="w"></span>
<span class="n">Dependencies</span><span class="w"> </span><span class="n">Resolved</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="w"> </span><span class="n">Package</span><span class="w"> </span><span class="n">Arch</span><span class="w"> </span><span class="n">Version</span><span class="w"> </span><span class="n">Repository</span><span class="w"> </span><span class="n">Size</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Installing</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mf">8.1</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Installing</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">dependencies</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mysql</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">updates</span><span class="w"> </span><span class="mi">889</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">4.013</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">134</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="w"> </span><span class="n">x86_64</span><span class="w"> </span><span class="mf">1.609</span><span class="o">-</span><span class="mf">4.</span><span class="n">el6</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="mi">705</span><span class="w"> </span><span class="n">k</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Summary</span><span class="w"></span>
<span class="o">================================================================================</span><span class="w"></span>
<span class="n">Install</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Upgrade</span><span class="w"> </span><span class="mi">0</span><span class="w"> </span><span class="n">Package</span><span class="p">(</span><span class="n">s</span><span class="p">)</span><span class="w"></span>
<span class="n">Total</span><span class="w"> </span><span class="n">download</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mf">9.8</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Installed</span><span class="w"> </span><span class="n">size</span><span class="p">:</span><span class="w"> </span><span class="mi">28</span><span class="w"> </span><span class="n">M</span><span class="w"></span>
<span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"></span>
</code></pre></div>
<p>Là encore, on nous demande une validation avant d'installer les logiciels.</p>
<div class="highlight"><pre><span></span><code><span class="n">Is</span><span class="w"> </span><span class="n">this</span><span class="w"> </span><span class="n">ok</span><span class="w"> </span><span class="p">[</span><span class="n">y</span><span class="o">/</span><span class="n">N</span><span class="p">]:</span><span class="w"> </span><span class="n">y</span><span class="w"></span>
<span class="n">Downloading</span><span class="w"> </span><span class="n">Packages</span><span class="p">:</span><span class="w"></span>
<span class="p">(</span><span class="mi">1</span><span class="o">/</span><span class="mi">4</span><span class="p">):</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">889</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">2</span><span class="o">/</span><span class="mi">4</span><span class="p">):</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">8.1</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">3</span><span class="o">/</span><span class="mi">4</span><span class="p">):</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="o">-</span><span class="mf">4.013</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">134</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="p">(</span><span class="mi">4</span><span class="o">/</span><span class="mi">4</span><span class="p">):</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="o">-</span><span class="mf">1.609</span><span class="o">-</span><span class="mf">4.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="o">.</span><span class="n">rpm</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mi">705</span><span class="w"> </span><span class="n">kB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">00</span><span class="w"> </span>
<span class="o">--------------------------------------------------------------------------------</span><span class="w"></span>
<span class="n">Total</span><span class="w"> </span><span class="mf">8.4</span><span class="w"> </span><span class="n">MB</span><span class="o">/</span><span class="n">s</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="mf">9.8</span><span class="w"> </span><span class="n">MB</span><span class="w"> </span><span class="mi">00</span><span class="p">:</span><span class="mi">01</span><span class="w"> </span>
<span class="n">Running</span><span class="w"> </span><span class="n">rpm_check_debug</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"></span>
<span class="n">Transaction</span><span class="w"> </span><span class="n">Test</span><span class="w"> </span><span class="n">Succeeded</span><span class="w"></span>
<span class="n">Running</span><span class="w"> </span><span class="n">Transaction</span><span class="w"></span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="o">-</span><span class="mf">1.609</span><span class="o">-</span><span class="mf">4.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">1</span><span class="o">/</span><span class="mi">4</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="o">-</span><span class="mf">4.013</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">2</span><span class="o">/</span><span class="mi">4</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">3</span><span class="o">/</span><span class="mi">4</span><span class="w"> </span>
<span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="p">:</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mf">1.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">4</span><span class="o">/</span><span class="mi">4</span><span class="w"> </span>
<span class="n">Installed</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span>
<span class="n">Dependency</span><span class="w"> </span><span class="n">Installed</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="n">mysql</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">5.1</span><span class="o">.</span><span class="mi">52</span><span class="o">-</span><span class="mf">1.</span><span class="n">el6_0</span><span class="o">.</span><span class="mi">1</span><span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBD</span><span class="o">-</span><span class="n">MySQL</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">4.013</span><span class="o">-</span><span class="mf">3.</span><span class="n">el6</span><span class="w"> </span>
<span class="w"> </span><span class="n">perl</span><span class="o">-</span><span class="n">DBI</span><span class="o">.</span><span class="n">x86_64</span><span class="w"> </span><span class="mi">0</span><span class="p">:</span><span class="mf">1.609</span><span class="o">-</span><span class="mf">4.</span><span class="n">el6</span><span class="w"> </span>
<span class="n">Complete</span><span class="o">!</span><span class="w"></span>
</code></pre></div>
<p>Maintenant que MySQL est installé, démarrons-le :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">mysqld</span><span class="w"> </span><span class="k">start</span><span class="w"></span>
<span class="n">Initialisation</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">la</span><span class="w"> </span><span class="n">base</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">données</span><span class="w"> </span><span class="n">MySQL</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Installing</span><span class="w"> </span><span class="n">MySQL</span><span class="w"> </span><span class="k">system</span><span class="w"> </span><span class="n">tables</span><span class="p">...</span><span class="w"></span>
<span class="n">OK</span><span class="w"></span>
<span class="n">Filling</span><span class="w"> </span><span class="n">help</span><span class="w"> </span><span class="n">tables</span><span class="p">...</span><span class="w"></span>
<span class="n">OK</span><span class="w"></span>
<span class="k">To</span><span class="w"> </span><span class="k">start</span><span class="w"> </span><span class="n">mysqld</span><span class="w"> </span><span class="k">at</span><span class="w"> </span><span class="n">boot</span><span class="w"> </span><span class="nc">time</span><span class="w"> </span><span class="n">you</span><span class="w"> </span><span class="n">have</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">copy</span><span class="w"></span>
<span class="n">support</span><span class="o">-</span><span class="n">files</span><span class="o">/</span><span class="n">mysql</span><span class="p">.</span><span class="n">server</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="nf">right</span><span class="w"> </span><span class="n">place</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">your</span><span class="w"> </span><span class="k">system</span><span class="w"></span>
<span class="n">PLEASE</span><span class="w"> </span><span class="n">REMEMBER</span><span class="w"> </span><span class="k">TO</span><span class="w"> </span><span class="k">SET</span><span class="w"> </span><span class="n">A</span><span class="w"> </span><span class="n">PASSWORD</span><span class="w"> </span><span class="k">FOR</span><span class="w"> </span><span class="n">THE</span><span class="w"> </span><span class="n">MySQL</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="k">USER</span><span class="w"> </span><span class="err">!</span><span class="w"></span>
<span class="k">To</span><span class="w"> </span><span class="n">do</span><span class="w"> </span><span class="n">so</span><span class="p">,</span><span class="w"> </span><span class="k">start</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">server</span><span class="p">,</span><span class="w"> </span><span class="k">then</span><span class="w"> </span><span class="n">issue</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">following</span><span class="w"> </span><span class="nl">commands</span><span class="p">:</span><span class="w"></span>
<span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'new-password'</span><span class="w"></span>
<span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">h</span><span class="w"> </span><span class="n">crashtest</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'new-password'</span><span class="w"></span>
<span class="n">Alternatively</span><span class="w"> </span><span class="n">you</span><span class="w"> </span><span class="n">can</span><span class="w"> </span><span class="nl">run</span><span class="p">:</span><span class="w"></span>
<span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysql_secure_installation</span><span class="w"></span>
<span class="n">which</span><span class="w"> </span><span class="n">will</span><span class="w"> </span><span class="n">also</span><span class="w"> </span><span class="n">give</span><span class="w"> </span><span class="n">you</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="k">option</span><span class="w"> </span><span class="k">of</span><span class="w"> </span><span class="n">removing</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">test</span><span class="w"></span>
<span class="n">databases</span><span class="w"> </span><span class="ow">and</span><span class="w"> </span><span class="n">anonymous</span><span class="w"> </span><span class="k">user</span><span class="w"> </span><span class="n">created</span><span class="w"> </span><span class="k">by</span><span class="w"> </span><span class="k">default</span><span class="p">.</span><span class="w"> </span><span class="n">This</span><span class="w"> </span><span class="k">is</span><span class="w"></span>
<span class="n">strongly</span><span class="w"> </span><span class="n">recommended</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">production</span><span class="w"> </span><span class="n">servers</span><span class="p">.</span><span class="w"></span>
<span class="n">See</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">manual</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">more</span><span class="w"> </span><span class="n">instructions</span><span class="p">.</span><span class="w"></span>
<span class="n">You</span><span class="w"> </span><span class="n">can</span><span class="w"> </span><span class="k">start</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">MySQL</span><span class="w"> </span><span class="n">daemon</span><span class="w"> </span><span class="k">with</span><span class="err">:</span><span class="w"></span>
<span class="n">cd</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="w"> </span><span class="p">;</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqld_safe</span><span class="w"> </span><span class="o">&</span><span class="w"></span>
<span class="n">You</span><span class="w"> </span><span class="n">can</span><span class="w"> </span><span class="n">test</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="n">MySQL</span><span class="w"> </span><span class="n">daemon</span><span class="w"> </span><span class="k">with</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">test</span><span class="o">-</span><span class="n">run</span><span class="p">.</span><span class="n">pl</span><span class="w"></span>
<span class="n">cd</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">mysql</span><span class="o">-</span><span class="n">test</span><span class="w"> </span><span class="p">;</span><span class="w"> </span><span class="n">perl</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">test</span><span class="o">-</span><span class="n">run</span><span class="p">.</span><span class="n">pl</span><span class="w"></span>
<span class="n">Please</span><span class="w"> </span><span class="n">report</span><span class="w"> </span><span class="ow">any</span><span class="w"> </span><span class="n">problems</span><span class="w"> </span><span class="k">with</span><span class="w"> </span><span class="n">the</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqlbug</span><span class="w"> </span><span class="n">script</span><span class="err">!</span><span class="w"></span>
<span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
<span class="n">Démarrage</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">mysqld</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>MySQL nous informe donc que sans mot de passe administrateur, c'est un peu la fête du slip et qu'il faut absolument remédier à ça. Soyons donc civilisés, mais pas trop, car pour l'exemple, j'initialise le mot de passe root de MySQL à 'anotherhomepage' (le mot de passe en lui-même ne contient pas les guillemets simples) :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'anotherhomepage'</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">h</span><span class="w"> </span><span class="n">crashtest</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'anotherhomepage'</span><span class="w"></span>
</code></pre></div>
<p>Activons MySQL au démarrage de la machine :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">mysqld</span><span class="w"></span>
<span class="n">mysqld</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="n">mysqld</span><span class="w"> </span><span class="k">on</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">mysqld</span><span class="w"></span>
<span class="n">mysqld</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
</code></pre></div>
<h2>Configurations supplémentaires</h2>
<p>Si vous avez effectué une installation identique à celle de mon précédent billet, vous aurez remarqué que le firewall est toujours actif, et que celui-ci n'accepte que du SSH et du SMTP :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">init</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">iptables</span><span class="w"> </span><span class="n">status</span><span class="w"></span>
<span class="nc">Table</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="k">filter</span><span class="w"></span>
<span class="n">Chain</span><span class="w"> </span><span class="k">INPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"> </span>
<span class="mi">1</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="n">RELATED</span><span class="p">,</span><span class="n">ESTABLISHED</span><span class="w"> </span>
<span class="mi">2</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">icmp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span>
<span class="mi">3</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span>
<span class="mi">4</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">22</span><span class="w"> </span>
<span class="mi">5</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="k">state</span><span class="w"> </span><span class="k">NEW</span><span class="w"> </span><span class="n">tcp</span><span class="w"> </span><span class="nl">dpt</span><span class="p">:</span><span class="mi">25</span><span class="w"> </span>
<span class="mi">6</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"> </span>
<span class="n">Chain</span><span class="w"> </span><span class="n">FORWARD</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"> </span>
<span class="mi">1</span><span class="w"> </span><span class="n">REJECT</span><span class="w"> </span><span class="ow">all</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="mf">0.0.0.0</span><span class="o">/</span><span class="mi">0</span><span class="w"> </span><span class="n">reject</span><span class="o">-</span><span class="k">with</span><span class="w"> </span><span class="n">icmp</span><span class="o">-</span><span class="k">host</span><span class="o">-</span><span class="n">prohibited</span><span class="w"> </span>
<span class="n">Chain</span><span class="w"> </span><span class="k">OUTPUT</span><span class="w"> </span><span class="p">(</span><span class="n">policy</span><span class="w"> </span><span class="n">ACCEPT</span><span class="p">)</span><span class="w"></span>
<span class="n">num</span><span class="w"> </span><span class="n">target</span><span class="w"> </span><span class="n">prot</span><span class="w"> </span><span class="n">opt</span><span class="w"> </span><span class="n">source</span><span class="w"> </span><span class="n">destination</span><span class="w"> </span>
<span class="n">Désactivons</span><span class="o">-</span><span class="n">le</span><span class="w"> </span><span class="err">:</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">init</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">iptables</span><span class="w"> </span><span class="n">stop</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Suppression</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">règles</span><span class="w"> </span><span class="n">du</span><span class="w"> </span><span class="n">pare</span><span class="o">-</span><span class="n">feu</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Configuration</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">chaînes</span><span class="w"> </span><span class="n">sur</span><span class="w"> </span><span class="n">la</span><span class="w"> </span><span class="n">politique</span><span class="w"> </span><span class="n">ACCEPT</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="k">filter</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="n">Déchargement</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">modules</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">iptables</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">marche</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="n">iptables</span><span class="w"> </span><span class="k">off</span><span class="w"></span>
<span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">chkconfig</span><span class="w"> </span><span class="o">--</span><span class="n">list</span><span class="w"> </span><span class="n">iptables</span><span class="w"></span>
<span class="n">iptables</span><span class="w"> </span><span class="mi">0</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">3</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">5</span><span class="err">:</span><span class="n">arrêt</span><span class="w"> </span><span class="mi">6</span><span class="err">:</span><span class="n">arrêt</span><span class="w"></span>
</code></pre></div>
<p>Il nous faut aussi effectuer une autre modification : l'autorisation des machines du réseau à accéder à phpMyAdmin. Pour cela il nous faut éditer le fichier “/etc/httpd/conf.d/phpMyAdmin.conf” avec votre éditeur de texte préféré, ou celui installé par défaut, très probablement vi. Dans ce fichier, nous voyons ceci :</p>
<div class="highlight"><pre><span></span><code><span class="nt"><Directory</span> <span class="err">/usr/share/phpMyAdmin</span><span class="nt">/></span>
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
<span class="nt"></Directory></span>
<span class="nt"><Directory</span> <span class="err">/usr/share/phpMyAdmin/setup</span><span class="nt">/></span>
Order Deny,Allow
Deny from All
Allow from 127.0.0.1
Allow from ::1
<span class="nt"></Directory></span>
</code></pre></div>
<p>Deux possibilités : la première, ajoutez votre réseau ou vos machines dans les deux sections “Directory” après les directives “Allow” en ajoutant justement une directive de ce type. Par exemple, avec un réseau 10.1.1.0/24, ça donnerait :</p>
<div class="highlight"><pre><span></span><code>Allow from 10.1.1.0/24
</code></pre></div>
<p>Une autre possibilité, bien moins sécurisée mais sans doute plus confortable est de tout autoriser. Dans ce cas, les sections deviennent :</p>
<div class="highlight"><pre><span></span><code><span class="nt"><Directory</span> <span class="err">/usr/share/phpMyAdmin</span><span class="nt">/></span>
Order Deny,Allow
Allow from All
<span class="nt"></Directory></span>
<span class="nt"><Directory</span> <span class="err">/usr/share/phpMyAdmin/setup</span><span class="nt">/></span>
Order Deny,Allow
Allow from All
<span class="nt"></Directory></span>
</code></pre></div>
<p>Démarrons à présent le serveur web :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@crashtest ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="k">start</span><span class="w"></span>
<span class="n">Démarrage</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">httpd</span><span class="w"> </span><span class="err">:</span><span class="w"> </span><span class="o">[</span><span class="n"> OK </span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Il est à présent possible d'accéder à phpMyAdmin, dans mon cas via l'adresse “http://crashtest/phpmyadmin/”. Bien entendu, un identifiant et un mot de passe seront demandés. Il s'agit de ceux de MySQL (donc 'root' et 'anotherhomepage' dans mon cas).</p>
<p>On pourrait s'arrêter là. Mais ça serait dommage, pour plusieurs raisons :</p>
<ul>
<li>l'authentification se fait via HTTP, pas d'interface d'authentification un peu jolie qui utiliserait par exemple un cookie de session;</li>
<li>HTTPS n'est pas activé, et donc le mot de passe se retrouve en clair sur le réseau;</li>
<li>le pare-feu est désactivé, sans autre forme de procès (SELinux aussi, d'ailleurs);</li>
<li>phpMyAdmin dispose de fonctions supplémentaires qu'on peut activer en créant une base de données</li>
</ul>
<p>Ces points seront abordés dans <a href="/post/2011/10/17/Installation-de-phpMyAdmin-sur-CentOS-6-suite">un prochain billet</a>, bien entendu ;-)</p>Installation d'un domU Xen Enterprise Linux sur un dom0 NetBSD2011-06-20T09:30:00+02:002011-06-20T09:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2011-06-20:/post/2011/06/20/Installation-d-un-domU-Xen-Enterprise-Linux-sur-un-dom0-NetBSD/<p>Ces derniers temps je m'amuse à faire des installations par le réseau d'un peu tout et n'importe quoi. J'utilise principalement l'outil de virtualisation <a href="www.virtualbox.org" title="VirtualBox">Oracle VirtualBox</a>, mais il m'arrive aussi de faire joujou avec <a href="http://www.xen.org" title="Xen">Xen</a>. Avec un hôte (dom0) CentOS 5 (et sans doute toutes les distribution de type "Enterprise Linux …</p><p>Ces derniers temps je m'amuse à faire des installations par le réseau d'un peu tout et n'importe quoi. J'utilise principalement l'outil de virtualisation <a href="www.virtualbox.org" title="VirtualBox">Oracle VirtualBox</a>, mais il m'arrive aussi de faire joujou avec <a href="http://www.xen.org" title="Xen">Xen</a>. Avec un hôte (dom0) CentOS 5 (et sans doute toutes les distribution de type "Enterprise Linux" telles que Red Hat Enterprise Linux ou Scientific Linux), il est très facile de créer d'autres machines virtuelles (domU) Xen de même type grâce à la commande "virt-install". Avec un dom0 NetBSD cependant, point de commande de ce type. Voyons donc comment faire.</p>
<p>Sur un système Enterprise Linux 5, il est possible de trouver une image de noyau d'installation (et l'initrd approprié) spécifique à Xen, comme par exemple sur <a href="http://ftp.free.fr/mirrors/ftp.centos.org/5/os/x86_64/images/xen/" title=""Miroir">ce miroir pour CentOS 5 64 bits</a>.</p>
<p>Ce qui me paraît étrange, c'est avec Enterprise Linux 6, tout du moins avec <a href="http://www.scientificlinux.org/" title=""Scientific">Scientific Linux</a>. Le noyau 2.6.32 dispose à priori des <a href="https://secure.wikimedia.org/wikipedia/en/wiki/Paravirtualization#Linux_Paravirtualization_Support" title=""options">pv-ops</a>, mais SL6 dispose <a href="http://ftp.scientificlinux.org/linux/scientific/6/x86_64/os/images/" title=""FTP">d'un noyau et d'un initrd Xen</a>. Peut-être est-ce par soucis de compatibilité de chemins, car les fichiers font la même taille que dans le répertoire <em>pxeboot</em>. D'ailleurs, lors de ma synchronisation rsync avec le miroir officiel Scientific Linux, le répertoire xen n'apparaît pas. Et je n'en ai pas eu besoin :)</p>
<p>Une fois nos images de noyau et d'initrd en main, il nous reste à créer notre fichier de configuration de domU, mon exemple prend comme exemple de disque dur un fichier et une connexion réseau par bridge :</p>
<div class="highlight"><pre><span></span><code>name = "centosexample"
uuid = ""
maxmem = 512
memory = 512
kernel = "/srv/www/pub/CentOS/5/os/x86_64/images/xen/vmlinuz"
ramdisk = "/srv/www/pub/CentOS/5/os/x86_64/images/xen/initrd.img"
extra = "vnc"
on_poweroff = "destroy"
on_reboot = "restart"
on_crash = "restart"
vfb = [ ]
disk = [ "file:/srv/xen/images/disk/centosexample.img,xvda,w" ]
vif = [ "mac=00:16:3a:e2:12:34,bridge=bridge0" ]
</code></pre></div>
<p>Il est possible de faire l'installation en mode texte en supprimant la ligne "extra", et d'ajouter l'url d'un fichier kickstart dans la directive extra, qui devient donc :</p>
<div class="highlight"><pre><span></span><code>extra = "text ks=http://monserveur/pub/cfg/centos5_x86_64.cfg"
</code></pre></div>
<p>La commande "xm create -c centosexample" vous permet de lancer votre domU et de débuter l'installation. Une fois celle-ci faite et votre domU de nouveau éteint, il suffit de commenter les lignes "kernel" et "ramdisk" et de décommenter la ligne "bootloader". Vous pouvez alors démarrer votre domU sans que le noyau de celui-ci soit sur le disque dur du dom0 :)</p>
<p>Lors de mes tests, je me suis limité au partitionnement par défaut (qui utilise LVM), à un détail près : avec Scientific Linux 6, j'ai imposé ext3 à l'installeur. Une fois l'installation terminée, éteindre son domU (proprement de préférence) et modifier la configuration qui devient :</p>
<div class="highlight"><pre><span></span><code><span class="n">name</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"centosexample"</span><span class="w"></span>
<span class="n">uuid</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">""</span><span class="w"></span>
<span class="n">maxmem</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">512</span><span class="w"></span>
<span class="n">memory</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">512</span><span class="w"></span>
<span class="n">bootloader</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"/usr/pkg/bin/pygrub"</span><span class="w"></span>
<span class="n">on_poweroff</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"destroy"</span><span class="w"></span>
<span class="n">on_reboot</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"restart"</span><span class="w"></span>
<span class="n">on_crash</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="s2">"restart"</span><span class="w"></span>
<span class="n">vfb</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="p">]</span><span class="w"></span>
<span class="n">disk</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"file:/srv/xen/images/disk/centosexample.img,xvda,w"</span><span class="w"> </span><span class="p">]</span><span class="w"></span>
<span class="n">vif</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="p">[</span><span class="w"> </span><span class="s2">"mac=00:16:3a:e2:12:34,bridge=bridge0"</span><span class="w"> </span><span class="p">]</span><span class="w"></span>
</code></pre></div>
<p>J'ai donc remplacé le noyau et l'initrd d'installation par pygrub, qui me permet de démarrer mon domU sur le noyau et l'initrd installés. De plus, les mises à jour ne nécessitent pas de copier de nouveau le noyau et l'initrd sur le dom0.</p>
<p>Pour finir, si vous souhaitez installer un dom0 NetBSD, je ne peux que vous recommander <a href="http://blog.bsdsx.fr/post/xen_1">l'excellent billet de Bsdsx</a> !</p>Vérifications de permissions2010-12-30T11:11:00+01:002010-12-30T11:11:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2010-12-30:/post/2010/12/30/Vérifications-de-permissions/<p><em>Introduction</em> : les astuces de ce billet sont extraites du document “Guide to the Secure Configuration of Red Hat Enterprise Linux 5” édité par la <a href="https://secure.wikimedia.org/wikipedia/fr/wiki/NSA">NSA</a>. Vous pouvez télécharger le document au format PDF dans son intégralité <a href="http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml#linux2">sur leur site</a>. Cette introduction me permet d'être en conformité avec leur <a href="http://www.nsa.gov/terms_of_use.shtml#copyright">notice de …</a></p><p><em>Introduction</em> : les astuces de ce billet sont extraites du document “Guide to the Secure Configuration of Red Hat Enterprise Linux 5” édité par la <a href="https://secure.wikimedia.org/wikipedia/fr/wiki/NSA">NSA</a>. Vous pouvez télécharger le document au format PDF dans son intégralité <a href="http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml#linux2">sur leur site</a>. Cette introduction me permet d'être en conformité avec leur <a href="http://www.nsa.gov/terms_of_use.shtml#copyright">notice de Copyright</a>.</p>
<p>Je vous propose de vérifier les permissions de certains de vos fichiers sur votre serveur ou poste fonctionnant sur un système Linux. Le but est de limiter les possibilités de tentatives d'intrusion en recherchant les moyens d'entrée possibles. Commençons par vérifier notre environnement :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:~# whoami
root
root@orgrimmar:~# cat /etc/redhat-release
CentOS release <span class="m">5</span>.5 <span class="o">(</span>Final<span class="o">)</span>
</code></pre></div>
<p>Recherchons maintenant tous les répertoires dont les droits permettent à n'importe quel utilisateur d'écrire dedans, et dont le <em>sticky bit</em> n'est pas positionné :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:~# find / -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
</code></pre></div>
<p>Si jamais votre machine possède de nombreuses partitions, et qu'elles sont du genre bien remplies, il est possible de limiter la recherche de <em>find</em> à une partition à la fois :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:~# find / -xdev -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
root@orgrimmar:~# find /home -xdev -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
root@orgrimmar:~# find /var -xdev -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
</code></pre></div>
<p>Idéalement (et c'est le cas sur ma machine, ouf !), cette commande ne devrait occasionner aucun affichage. Maintenant, amusons-nous un peu :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:/tmp# mkdir insecure
root@orgrimmar:/tmp# chmod -v <span class="m">777</span> insecure
Le mode d<span class="s1">'accès de `insecure'</span> a été modifié à <span class="m">0777</span> <span class="o">(</span>rwxrwxrwx<span class="o">)</span>.
root@orgrimmar:/tmp# find /tmp/ -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
/tmp/insecure
</code></pre></div>
<p>Positionnons maintenant le sticky bit :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:/tmp# ls -hl /tmp/ <span class="p">|</span> grep insecure
drwxrwxrwx <span class="m">2</span> root root <span class="m">4</span>,0K déc <span class="m">30</span> <span class="m">23</span>:54 insecure/
root@orgrimmar:/tmp# chmod -v +t /tmp/insecure/
Le mode d<span class="s1">'accès de `/tmp/insecure/'</span> a été modifié à <span class="m">1777</span> <span class="o">(</span>rwxrwxrwt<span class="o">)</span>.
root@orgrimmar:/tmp# ls -hl /tmp/ <span class="p">|</span> grep insecure
drwxrwxrwt <span class="m">2</span> root root <span class="m">4</span>,0K déc <span class="m">30</span> <span class="m">23</span>:54 insecure/
root@orgrimmar:/tmp# find /tmp/ -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 -a ! -perm -1000 <span class="se">\\</span><span class="o">)</span> -print
root@orgrimmar:/tmp#
</code></pre></div>
<p>Qu'est-ce que le <em>sticky bit</em> ? Extrait de la page de manuel de <em>chmod</em> (man chmod) :</p>
<blockquote>
<p>t (sticky-bit) conserver le code du programme sur le périphérique de swap après exécution. Il s’agit du comportement original, mais de nos jours il sert uniquement pour les répertoires. Il indique que seuls le propriétaire du répertoire, et le propriétaire d’un fichier qui s’y trouve ont le droit de supprimer ce fichier. C’est typiquement utilisé pour les répertoires comme /tmp ayant une autorisation d’écriture générale.</p>
</blockquote>
<p>Vérifions cela :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:/tmp# <span class="nb">cd</span> /
root@orgrimmar:/# ls -hl <span class="p">|</span> grep tmp
drwxrwxrwt <span class="m">5</span> root root <span class="m">4</span>,0K déc <span class="m">30</span> <span class="m">23</span>:59 tmp/
</code></pre></div>
<p>Le sticky bit est positionné. Je suis rassuré. Néanmoins, il ne fait pas tout. Regardons donc quels répertoires sont accessibles à tous les utilisateurs, sans chercher à savoir si le sticky bit est positionné :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:/# find / -type d <span class="se">\\</span><span class="o">(</span> -perm -0002 <span class="se">\\</span><span class="o">)</span> -print
/var/tmp
/var/lib/xenstored
/dev/shm
/tmp
/tmp/insecure
/tmp/.ICE-unix
</code></pre></div>
<p>Cela fait déjà un peu plus de monde... pas très rassurant mais à part notre répertoire <em>insecure</em>, pas de quoi s'affoler : <em>/var/tmp</em> et <em>/tmp</em> sont des répertoires destinés aux fichiers temporaires des programmes en fonctionnement, <em>/var/shm</em> désigne <a href="https://secure.wikimedia.org/wikipedia/fr/wiki/M%C3%A9moire_partag%C3%A9e">la mémoire partagée</a> et le xenstored sert <a href="http://books.google.com/books?id=XS-Jj7s2nhYC&pg=PA68&lpg=PA68&dq=/var/lib/xenstored&source=bl&ots=UUPHrW9az-&sig=NvdqPm8-x3cC6UOPlGEpRGOXKQY&hl=fr&ei=sw4dTcycMouo8QPnsrm9BQ&sa=X&oi=book_result&ct=result&resnum=4&ved=0CC8Q6AEwAw#v=onepage&q=%2Fvar%2Flib%2Fxenstored&f=false">au bon fonctionnement de l'hyperviseur Xen</a>.</p>
<p>Pour finir, nous pouvons nettoyer notre petite expérience :</p>
<div class="highlight"><pre><span></span><code>root@orgrimmar:/# rmdir -v /tmp/insecure/
rmdir: destruction du répertoire /tmp/insecure/
root@orgrimmar:/# ls -hal /tmp/ <span class="p">|</span> grep secu
</code></pre></div>
<h2>Commentaires</h2>
<h3>Le 06/01/2011 19:09 par <a href="http://www.sakana.fr/blog/">stephane</a></h3>
<p>Hello,</p>
<p>Juste un petit commentaire en passant, vu que ça fait longtemps :-)</p>
<p>Un flag de ls a connaître : -d, pour éviter le ls .... | grep .... , tu peux faire un ls -ld /tmp par exemple. Ça te sort le ls du répertoire et non de son contenu.</p>
<p>A+</p>
<p>Stéphane</p>Reconstruction d'un RAID 1 logiciel sous Linux2010-09-01T11:42:00+02:002010-09-01T11:42:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2010-09-01:/post/2010/09/01/Reconstruction-d-un-RAID-1-logiciel-sous-Linux/<p>Depuis maintenant plus d'un an, lors de l'achat de ma machine actuelle de bureau, j'ai décidé de configurer mes disques durs en <a href="http://fr.wikipedia.org/wiki/RAID_%28informatique%29#RAID_1_:_Disques_en_miroir">RAID 1</a>. Cela n'évite pas d'avoir un besoin de sauvegarde, mais ça aide beaucoup au niveau de la conscience. Et c'est quand l'un des disques ralentit tout le …</p><p>Depuis maintenant plus d'un an, lors de l'achat de ma machine actuelle de bureau, j'ai décidé de configurer mes disques durs en <a href="http://fr.wikipedia.org/wiki/RAID_%28informatique%29#RAID_1_:_Disques_en_miroir">RAID 1</a>. Cela n'évite pas d'avoir un besoin de sauvegarde, mais ça aide beaucoup au niveau de la conscience. Et c'est quand l'un des disques ralentit tout le système, et émet un "clac" bien sonore à chaque écriture qu'on se dit que bon, c'était vraiment une bonne idée, le RAID.</p>
<p>Donc, on retire le disque, l'OS couine un peu et envoie des mails parce que mon raid est dégradé. Et ensuite, on court acheter un disque dur. J'ai choisi d'acheter le même modèle que le défectueux, et de même capacité. Je rebranche le nouveau disque dans la machine à la place de l'ancien, je démarre, reçois à nouveau un mail...</p>
<p>Et ensuite? Il faut recréer les partitions, et les ajouter au raid pour que la reconstruction se fasse. Pour une raison que j'ignore, lors de l'installation, <a href="http://fedoraproject.org/">Fedora 12</a> n'a pas alloué un nombre entiers de cylindres à mes partitions (je suis depuis passé à la 13). Du coup, tenter de recréer les partitions est une véritable galère... Je pense l'espace d'un instant à cloner mon disque avec dd. Le problème, c'est que les disques durs ayant une capacité d'un téra-octet, je ne suis pas couché.</p>
<p>La solution vient de chez <a href="https://support.ikoula.com/index.php?mod_id=2&id=1997&kb_rating=yes">Ikoula</a>, et consiste à utiliser <a href="http://www.delafond.org/traducmanfr/man/man8/sfdisk.8.html">sfdisk</a> pour reproduire la table des partitions, et ensuite ajouter les partitions au RAID. Petite différence toutefois, il m'a fallu réclamer à sfdisk de forcer l'écriture de la table, sans doute à cause de cette histoire de cylindres :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@bloodhoof ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">sfdisk</span><span class="w"> </span><span class="c1">--dump /dev/sda | sfdisk --force /dev/sdb </span>
</code></pre></div>
<p>Je dispose de deux arrays RAID, donc pour les reconstruire :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@bloodhoof ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">mdadm</span><span class="w"> </span><span class="o">--</span><span class="n">manage</span><span class="w"> </span><span class="o">--</span><span class="k">add</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">md0</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">sdb1</span><span class="w"></span>
<span class="o">[</span><span class="n">root@bloodhoof ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">mdadm</span><span class="w"> </span><span class="c1">--manage --add /dev/md1 /dev/sdb3 </span>
</code></pre></div>
<p>Trois heures plus tard, le RAID est reconstruit ! Je peux à nouveau dormir tranquille.</p>
<h2>Commentaires</h2>
<h3>Le 01/09/2010 14:00 par <a href="http://www.evazone.fr">M@T D.</a></h3>
<p>C'est en parti pour ça que je suis passé d'un serveur home made (Debian) à un
NAS QNAP...</p>
<p>Car même en ayant fait des essais de panne fictive, dans l'urgence d'un disque HS sur mon RAID5, je n'aurais pas supporté de galérer pour trouver la solution qui va bien (avec la crainte de tout effacer dans une manip' foireuse).</p>
<p>Bref, j'ai perdu un degré non négligeable de liberté avec mon NAS, mais pour ce genre de problématique... C'est du clicodrome, et même encore plus simple avec le pilotage par l'écran LCD.</p>
<p>;-)</p>
<h3>Le 01/09/2010 17:10 par Nils</h3>
<p>A mon sens ça n'a pas été si galère que ça, si je n'avais pas trouvé la solution à base de sfdisk j'aurais cloné le disque avec dd. Resynchroniser le RAID c'est deux commandes (une par array) triviales. Niveau clickodrôme, il y a un outil qui me semblait pouvoir le faire dans Fedora mais j'avoue que j'avais beaucoup moins de craintes avec mdadm.</p>Dédé le clown et son copain le live-cd2010-05-25T16:30:00+02:002010-05-25T16:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2010-05-25:/post/2010/05/25/Dédé-et-son-copain-le-live-cd/<p>C'est l'histoire de Dédé le clown, ou plutôt de <a href="http://fr.wikipedia.org/wiki/Dd_%28Unix%29">dd</a> le clone, qui rend bien service lorsqu'on a des sueurs froides... Mais qu'est-ce que dd ? Depuis la page de manuel, on peut lire : "convert and copy a file". C'est tellement simple qu'on se dit que ce n'est pas très puissant …</p><p>C'est l'histoire de Dédé le clown, ou plutôt de <a href="http://fr.wikipedia.org/wiki/Dd_%28Unix%29">dd</a> le clone, qui rend bien service lorsqu'on a des sueurs froides... Mais qu'est-ce que dd ? Depuis la page de manuel, on peut lire : "convert and copy a file". C'est tellement simple qu'on se dit que ce n'est pas très puissant, mais on se met à créer des fichiers d'image disque, ou cloner des disques durs entiers, on comprend que parfois les énoncés les plus court peuvent être très complet ! La page wikipédia de dd en Français contient quelques exemples utiles, mais <a href="http://en.wikipedia.org/wiki/Dd_%28Unix%29">la page anglophone</a> en contient encore plus !</p>
<p>Imaginons maintenant la situation : vous possédez deux machines, identiques. Vous installez la première et désirez installer la seconde à l'identique, il suffit de cloner le disque dur à l'aide de dd et de copier votre clone, toujours à l'aide de dd, sur la seconde machine. Une autre situation, que je ne vous souhaite pas : vous disposez de deux machines identiques toujours, mais l'OS de l'une d'entre elles se trouve endommagés (imaginez par exemple, 3/4 des fichiers de /boot disparus, idem dans /lib et à quelques autres endroits). Ajoutons à cela là contrainte que vous ne pouvez pas éteindre la machine encore en marche, et que le temps presse. Pas besoin de chercher deux heures un outil de clonage, il est installé sur votre linux adoré : dd. Récupérons un disque dur USB dont la capacité excède celle du disque local. Voici comment on clone le disque dur :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@machinequimarche ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">dd</span><span class="w"> </span><span class="n">bs</span><span class="o">=</span><span class="mi">1</span><span class="n">M</span><span class="w"> </span><span class="k">if</span><span class="o">=/</span><span class="n">dev</span><span class="o">/</span><span class="n">sda</span><span class="w"> </span><span class="k">of</span><span class="o">=/</span><span class="n">media</span><span class="o">/</span><span class="n">usb</span><span class="o">/</span><span class="n">machine1</span><span class="p">.</span><span class="n">img</span><span class="w"></span>
</code></pre></div>
<p>Je pars du principe que le disque dur s'appelle /dev/sda et que le disque USB est monté sous /media/usb/, mais cela peut différer selon la situation de chacun. On notera que l'option "bs=1M" (copier par blocs de 1 Méga-octet) rend la copie plus rapide. J'aurais bien tenté des blocs encore plus grands mais la copie s'est avérée déjà bien rapide.</p>
<p>Une fois la copie terminée (environ une bonne heure pour 70Go de disque, sachant qu'il y avait du raid 1 matériel sur du SCSI 10000 tours...), reste à se rendre devant la deuxième machine, de démarrer celle-ci sur un live-cd contenant lui aussi dd (n'importe quel live-cd de distriubtion Linux devrait l'avoir), et copier dans l'autre sens :</p>
<div class="highlight"><pre><span></span><code><span class="o">[</span><span class="n">root@machinequimarchepas ~</span><span class="o">]</span><span class="err">#</span><span class="w"> </span><span class="n">dd</span><span class="w"> </span><span class="n">bs</span><span class="o">=</span><span class="mi">1</span><span class="n">M</span><span class="w"> </span><span class="k">if</span><span class="o">=/</span><span class="n">media</span><span class="o">/</span><span class="n">usb</span><span class="o">/</span><span class="n">machine1</span><span class="p">.</span><span class="n">img</span><span class="w"> </span><span class="k">of</span><span class="o">=/</span><span class="n">dev</span><span class="o">/</span><span class="n">sda</span><span class="w"></span>
</code></pre></div>
<p>Bien sûr, on a au préalable monté le disque USB ;) Une fois la copie terminée, le disque démonté, je recommande de monter les partitions du disque local (/dev/sda pour mon cas), et d'aller modifier les noms d'hôte, les adresses IP et autres configurations particulières qu'on pourrait trouver dans /etc, sinon la mise en réseau de la machine risquerait d'être problématique. Dans le cas d'une RHEL/CentOS/Fedora, on pensera à modifier :</p>
<ul>
<li>/etc/hosts</li>
<li>/etc/sysconfig/network</li>
<li>/etc/sysconfig/network-scripts/ifcf-* (selon vos configurations, plusieurs cartes réseau, bonding...)</li>
<li>/etc/sysconfig/iptables-config si vous sauvegardez ici votre firewall, sinon regardez votre script de firewall</li>
</ul>
<p>Autre chose, surtout pour les utilisateurs des distributions sus-cités : le mode rescue n'est disponible que sur le CD1 ou DVD1, mais pas dans le boot.iso ou tout autre média de net-install. Ce mode permet de démarrer sur un système live minimaliste permettant de monter les partitions du système, de monter un disque dur usb (si vous le branchez avant de booter pour du RHEL4), et bien sûr, d'accéder à dd :)</p>Nombre d'occurences d'un champ dans un fichier2010-03-01T12:30:00+01:002010-03-01T12:30:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2010-03-01:/post/2010/03/01/Nombre-d-occurences-d-un-champ-dans-un-fichier/<p>Après la coloration d'un grep pour une histoire de cron, voici un autre cas sympathique : je souhaitais savoir qui faisait le plus de requêtes sur un serveur web (Apache), avec un classement. Un genre de top 5 ou top 10 des plus gros requêteurs de pages sur le dit serveur …</p><p>Après la coloration d'un grep pour une histoire de cron, voici un autre cas sympathique : je souhaitais savoir qui faisait le plus de requêtes sur un serveur web (Apache), avec un classement. Un genre de top 5 ou top 10 des plus gros requêteurs de pages sur le dit serveur, en somme. J'ai cherché du côté de <a href="http://fr.wikipedia.org/wiki/Awk">Awk</a>, qui permet de manipuler à loisir les sorties de programmes et autres fichiers textes.</p>
<p>Comme je ne suis pas très doué en Awk, j'ai demandé à mon moteur de recherche favori (qui n'est plus Goo... d'ailleurs) comment obtenir le nombre d'occurrences d'une chaîne de caractères. La réponse se trouvait <a href="http://www.commentcamarche.net/forum/affich-8588796-awk-nombre-d-occurrences-d-un-mot">là</a>. Par contre pour faire mon top 10, il me fallait ensuite trier la liste obtenue en utilisant le nombre d'occurrences comme critère. Après quelques pipelines et autres awk hasardeux, j'en suis venu à ça :</p>
<div class="highlight"><pre><span></span><code><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$1]++;} END {for (ip in frequencies) printf "%d\\t%s" , frequencies[ip] , ip;}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="o">/</span><span class="n">mon</span><span class="o">/</span><span class="n">fichier</span><span class="o">/</span><span class="n">de</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">apache</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">gr</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">10</span><span class="w"></span>
</code></pre></div>
<p>Grâce à Awk, j'obtiens une sortie avec d'abord le nombre de requêtes, puis l'adresse ip. J'envoie ensuite cette sortie dans sort, dont l'option -g permet de faire des tris sur des nombres et l'option -r permet d'inverser le tri. Pour finir, head me permet de limiter mon classement aux 10 meilleurs. Cette ligne ne me satisfait pas complètement, car j'ai d'abord le nombre de requêtes, puis l'adresse IP. j'aurais aimé trouver une solution élégante mais tout ce que j'ai pu faire c'est invoquer à nouveau awk après le sort. Si quelqu'un a une idée, je suis preneur ;-)</p>
<h2>Commentaires</h2>
<h3>Le 01/03/2010 16:27 par <a href="http://www.sakana.fr/blog/">Stéphane</a></h3>
<p>Hello,</p>
<p>Eh oui, je lis toujours tes billets :-D</p>
<p>Pour le coup d'avoir d'abord l'IP puis le nbr de requêtes, tu peux inverser dans ton printf pour avoir l'affichage désiré, puis trier par le 2e champs avec un sort -gr -k 2,2 (je peux pas tester là, mais ça devrait à peu près coller je crois).</p>
<p>À plus !</p>
<p>Stéphane</p>
<h3>Le 02/03/2010 08:54 par Nils</h3>
<p>Effectivement, c'est bien cela ! La commande complète devient : </p>
<div class="highlight"><pre><span></span><code><span class="n">awk</span><span class="w"> </span><span class="s1">'{frequencies[$1]++;} END {for (ip in frequencies) printf "%s\t%d\n" , ip , frequencies[ip];}'</span><span class="w"> </span><span class="o"><</span><span class="w"> </span><span class="o">/</span><span class="n">mon</span><span class="o">/</span><span class="n">fichier</span><span class="o">/</span><span class="n">de</span><span class="o">/</span><span class="nf">log</span><span class="o">/</span><span class="n">apache</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">sort</span><span class="w"> </span><span class="o">-</span><span class="n">gr</span><span class="w"> </span><span class="o">-</span><span class="n">k</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">2</span><span class="w"> </span><span class="o">|</span><span class="w"> </span><span class="n">head</span><span class="w"> </span><span class="o">-</span><span class="mi">10</span><span class="w"></span>
</code></pre></div>
<p>Merci !</p>
<h3>Le 02/03/2010 12:46 par <a href="http://www.sakana.fr/blog/">Stéphane</a></h3>
<p>Bah de rien !</p>
<p>Tiens, une alternative ... Speciale dédicace, Nils :-)</p>
<p>http://www.sakana.fr/blog/2010/03/02/perl-counting-occurences-of-ip-addresses-in-apache-logs/</p>
<p>A+
Stéphane</p>Recherche colorée dans les logs avec perl2010-02-13T12:35:00+01:002010-02-13T12:35:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2010-02-13:/post/2010/02/13/Recherche-colorée-dans-les-logs-avec-perl/<p>Voici un petit one-liner assez sympathique, dont on m'avait parlé dans la semaine et sur lequel <a href="http://www.karlesnine.com/post/2008/05/20/Tail-mais-en-couleur">je suis tombé par hasard</a> en cherchant autre chose. Le principe est d'afficher dans une autre couleur un texte donné dans une recherche, comme par exemple une erreur précise dans un fichier de logs …</p><p>Voici un petit one-liner assez sympathique, dont on m'avait parlé dans la semaine et sur lequel <a href="http://www.karlesnine.com/post/2008/05/20/Tail-mais-en-couleur">je suis tombé par hasard</a> en cherchant autre chose. Le principe est d'afficher dans une autre couleur un texte donné dans une recherche, comme par exemple une erreur précise dans un fichier de logs. Sur une machine j'ai des problèmes avec cron, je l'utilise donc de la manière suivante :</p>
<p><code>root@lolcathost:~# tail -f /var/log/syslog | perl -pe 's/cron/\\e[1;31m$&\\e[0m/ig'</code></p>
<p>On remarque une différence avec le lien indiqué plus haut, j'ai mis "/ig" à la fin au lieu de "/g". Pourquoi? J'avais besoin de faire la recherche sans tenir compte de la casse, et j'ai trouvé l'option suite à une <a href="http://www.mindflip.com/inet/perl/regex.html">rapide recherche</a>. Je devrais vraiment me mettre à perl, ça me semble vraiment efficace et pratique :-)</p>
<p>Pour ceux qui pensent que j'ai fait une faute de frappe dans la recopie du prompt, je leur recommande d'aller voir <a href="http://sam.linuxfr.org/517">ici</a>.</p>
<h2>Commentaires</h2>
<h3>Le 25/04/2010 10:46 par <a href="http://www.karlesnine.com">karles</a></h3>
<p>Plus simple encore "grep --color" met en couleur la chaine recherché. Pour toute la ligne le one-liner en perl reste le plus efficace.</p>
<p>Karles</p>Transfert de fichier simple et sécurisé : sftp en chroot2009-10-04T09:33:00+02:002009-10-04T09:33:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2009-10-04:/post/2009/10/04/Transfert-de-fichier-simple-et-sécurisé-:-sftp-en-chroot/<p>Meurs, FTP, meurs !</p>
<h2>C'est quoi ton problème ?</h2>
<p>Comme beaucoup de gens, pour transférer des fichiers sur un serveur web, j'utilise souvent <a href="http://fr.wikipedia.org/wiki/File_Transfer_Protocol">FTP</a>. Ce protocole possède plusieurs inconvénients :</p>
<ul>
<li>il faut ouvrir plusieurs ports dans le pare-feu, au moins deux (connexion de contrôle et de données)</li>
<li>le mot de passe transite en …</li></ul><p>Meurs, FTP, meurs !</p>
<h2>C'est quoi ton problème ?</h2>
<p>Comme beaucoup de gens, pour transférer des fichiers sur un serveur web, j'utilise souvent <a href="http://fr.wikipedia.org/wiki/File_Transfer_Protocol">FTP</a>. Ce protocole possède plusieurs inconvénients :</p>
<ul>
<li>il faut ouvrir plusieurs ports dans le pare-feu, au moins deux (connexion de contrôle et de données)</li>
<li>le mot de passe transite en clair sur le réseau, et même si on utilise <a href="http://fr.wikipedia.org/wiki/FTPS">FTPS</a>, qui chiffre la partie authentification, tous les clients et serveurs ne le supportent pas ou de manière boguée (voir chez <a href="http://forum.filezilla-project.org/viewtopic.php?f=2&t=7688">FileZilla</a> pour une explication)</li>
<li>les données transitent en clair (mince, le fichier config.php de mon appli avec les codes d'accès à la base de données...)</li>
<li>gestion du NAT catastrophique (du moins avec <a href="http://vsftpd.beasts.org/">Vsftpd</a>)</li>
</ul>
<p>Du coup, je cherche depuis plusieurs mois à éradiquer FTP de mes machines. Ce qui m'intéresse, c'est de pouvoir enfermer les utilisateurs dans une cage, de sorte qu'ils n'aient accès qu'à leurs données et pas à celles des autres, encore moins les autres fichiers et répertoires du serveurs. On appelle ceci un <a href="http://fr.wikipedia.org/wiki/Chroot">chroot</a>. Je faisais déjà ceci avec Vsftpd, j'espérais donc le faire avec la solution de remplacement. D'ailleurs, cette solution de remplacement était déjà toute trouvée : je désirais utiliser le serveur SFTP contenu dans le très bon logiciel <a href="http://www.openssh.com/fr/index.html">OpenSSH</a>. Maintenant, il me fallait réussir à créer des utilisateurs en leur empêchant d'avoir accès au shell, et en les confinant dans un chroot.</p>
<h2>Et t'as quoi comme solution ?</h2>
<p>Pour enlever l'accès au shell, très facile : tout système Unix qui se respecte possède soit un exécutable nommé <em>false</em>, soit un autre nommé <em>nologin</em>. D'ailleurs ce dernier est très simpliste, regardons sur, au hasard, un système NetBSD 5.0.1 :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@tomb</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">cat</span><span class="w"> </span><span class="o">/</span><span class="n">sbin</span><span class="o">/</span><span class="n">nologin</span><span class="w"> </span>
<span class="err">#!</span><span class="w"> </span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">sh</span><span class="w"></span>
<span class="n">echo</span><span class="w"> </span><span class="ss">"This account is currently not available."</span><span class="w"></span>
<span class="k">exit</span><span class="w"> </span><span class="mi">1</span><span class="w"></span>
</code></pre></div>
<p>Il suffit donc de remplacer le shell de l'utilisateur par le chemin vers nologin, et cette question est résolue.</p>
<p>Pour créer et maintenir un chroot, c'est une autre paire de manches. Dans Vsftpd c'était assez simple, et j'espérais trouver aussi simple. De nombreuses pages sur <a href="http://sublimation.org/scponly/wiki/index.php/Main_Page">Scponly</a> ou <a href="http://pizzashack.org/rssh/">rssh</a> expliquent comment faire un chroot pour un utilisateur n'ayant accès qu'à sftp ou scp, mais le jour où il faut mettre à jour l'OS, voire le migrer vers une version majeure plus récente (ou pourquoi pas en changer, comme passer d'un Linux à un BSD ou inversement, ou tout simplement changer de distribution Linux), le chroot doit être maintenu à jour. Et ça, je trouve que c'est totalement contre-productif, en tous cas du point de vue du sysadmin fainéant que nous avons tous en nous ;)</p>
<p>Et là, la lumière est arrivée, par <a href="http://undeadly.org/cgi?action=article&sid=20080220110039">ici</a>. Depuis la version 4.8, OpenSSH permet de créer des chroot, et n'oblige pas à recréer tout un environnement quand il s'agit de sftp. Exactement ce dont j'ai besoin ! Maintenant, reste à savoir quels systèmes disposent d'au moins OpenSSH 4.8.</p>
<p>Une petite liste non-exhaustive des systèmes chanceux :</p>
<ul>
<li>NetBSD 5.0.1</li>
<li>FreeBSD 7.2</li>
<li>Debian Lenny</li>
<li>Mac OS 10.5.8</li>
</ul>
<p>Une autre liste, mais de systèmes moins chanceux :</p>
<ul>
<li>CentOS 3,4,5.X</li>
<li>RHEL 3,4,5.X</li>
<li>Debian Etch</li>
</ul>
<p>Si votre système unix libre (ou pas, d'ailleurs, puisque j'ai listé Mac OS X) comporte OpenSSH, vous pouvez vérifier sa version par :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@darkmoon</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">ssh</span><span class="w"> </span><span class="o">-</span><span class="n">V</span><span class="w"></span>
<span class="n">OpenSSH_5</span><span class="mf">.1</span><span class="n">p1</span><span class="p">,</span><span class="w"> </span><span class="n">OpenSSL</span><span class="w"> </span><span class="mf">0.9.7</span><span class="n">l</span><span class="w"> </span><span class="mi">28</span><span class="w"> </span><span class="n">Sep</span><span class="w"> </span><span class="mi">2006</span><span class="w"></span>
</code></pre></div>
<p>(exemple pris sur un mac) En utilisant sshd au lieu de ssh, ça sera sans doute plus représentatif, mais l'option -V n'existe pas sur le serveur. La réponse retournée donnera quand même la version. Exemple, toujours sur le même mac :</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@darkmoon</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">sshd</span><span class="w"> </span><span class="o">-</span><span class="n">V</span><span class="w"></span>
<span class="nl">sshd</span><span class="p">:</span><span class="w"> </span><span class="n">illegal</span><span class="w"> </span><span class="k">option</span><span class="w"> </span><span class="o">--</span><span class="w"> </span><span class="n">V</span><span class="w"></span>
<span class="n">OpenSSH_5</span><span class="mf">.1</span><span class="n">p1</span><span class="p">,</span><span class="w"> </span><span class="n">OpenSSL</span><span class="w"> </span><span class="mf">0.9.7</span><span class="n">l</span><span class="w"> </span><span class="mi">28</span><span class="w"> </span><span class="n">Sep</span><span class="w"> </span><span class="mi">2006</span><span class="w"></span>
<span class="k">usage</span><span class="err">:</span><span class="w"> </span><span class="n">sshd</span><span class="w"> </span><span class="o">[</span><span class="n">-46DdeiqTt</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-b bits</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-C connection_spec</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-f config_file</span><span class="o">]</span><span class="w"></span>
<span class="w"> </span><span class="o">[</span><span class="n">-g login_grace_time</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-h host_key_file</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-k key_gen_time</span><span class="o">]</span><span class="w"></span>
<span class="w"> </span><span class="o">[</span><span class="n">-o option</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-p port</span><span class="o">]</span><span class="w"> </span><span class="o">[</span><span class="n">-u len</span><span class="o">]</span><span class="w"></span>
</code></pre></div>
<p>Si votre système ne possède pas un OpenSSH assez récent, plusieurs possibilités s'offrent à nous :</p>
<ul>
<li>changer de système</li>
<li>mettre à jour vers la dernière version majeure si celle-ci possède une version assez récente</li>
<li>installer sa propre version d'OpenSSH ou récupérer le paquet qu'aurait fait quelqu'un de généreux</li>
</ul>
<p>La dernière solution est assez documentée pour CentOS et RHEL, pour faire ses propres RPM, mais j'ai décidé de ne pas la suivre, car cela pose le problème des mises à jour : de la même manière que maintenir un chroot ne me satisfait pas, passer mon temps à guetter les nouvelles versions d'OpenSSH pour compiler un paquet ne me plait pas plus. La deuxième solution s'avère sans doute la moins gênante selon les applications en production. De mon côté, j'ai choisi la première : migration de serveur dédié oblige, j'en ai profité pour élargir mes horizons dans le monde des unix libres et depuis quelques mois, ce blog tourne sous NetBSD. C'est donc avec cet OS que je vais décrire la manipulation de création de chroot.</p>
<h2>On passe à l'action ?</h2>
<p>Je pars du principe dorénavant que nous avons un système avec un OpenSSH 4.8 ou supérieur, que le serveur sshd est activé, que nous avons deux utilisateurs : root, et notre utilisateur habituel avec lequel nous faisons tout ce qui n'a pas besoin d'être fait en root. Le but est d'avoir un ou plusieurs utilisateurs supplémentaires, enfermés dans un répertoire défini, sans shell, et pouvant accéder à ce réperoire en sftp. On pourra, en supplément, faire en sorte que l'utilisateur accède à son compte sftp avec une clé (et éventuellement une phrase de passe) plutôt qu'un mot de passe.</p>
<p>Cela va se faire en modifiant dans un premier temps le fichier de configuration <em>/etc/ssh/sshd_config</em> (en tant que root, et le chemin peut varier selon le système). Cherchons la ligne contenant <em>sftp-server</em>, pour NetBSD elle ressemble à ceci :</p>
<div class="highlight"><pre><span></span><code>Subsystem sftp /usr/libexec/sftp-server
</code></pre></div>
<p>On constate que le serveur sftp est un programme externe. Nous allons le remplacer par le sous-système sftp de sshd :</p>
<div class="highlight"><pre><span></span><code>Subsystem sftp internal-sftp
</code></pre></div>
<p>J'ai donc remplacé <em>/usr/libexec/sftp-server</em> par <em>internal-sftp</em>. Allons ensuite à la fin du fichier, et ajoutons les directives suivantes :</p>
<div class="highlight"><pre><span></span><code>Match Group wwwusers
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
X11Forwarding no
</code></pre></div>
<p>Cela signifie que pour les utilisateurs du groupe <em>wwwusers</em>, je les emprisonne dans leur répertoire home, je les oblige à utiliser le sftp interne, et je les empêche d'utiliser les différentes techniques de forwarding habituellement à disposition avec sshd. j'aurais pu les chrooter ailleurs, d'autres sites indiquent par exemple <em>/chroot/%u</em>, où <em>%u</em> désigne le nom de l'utilisateur. Une fois ces modifications effectuées, il ne reste qu'à redémarrer le serveur ssh et à créer le groupe et les utilisateurs.</p>
<p>Petit aparté concernant NetBSD 5.01 : j'ai remarqué un bug sur cette version, qui doit aussi être présent dans la 5.0; il ne faut surtout rien ajouter au fichier de configuration <em>/etc/ssh/sshd_config</em> après cette directive, pas même un commentaire ! Si cela venait à arriver, la directive que nous venons d'ajouter serait tout simplement ignorée.</p>
<p>Créons le groupe :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#groupadd</span><span class="w"> </span><span class="n">wwwusers</span><span class="w"></span>
</code></pre></div>
<p>Créons ensuite un utilisateur nommé test :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#useradd</span><span class="w"> </span><span class="o">-</span><span class="n">m</span><span class="w"> </span><span class="o">-</span><span class="n">g</span><span class="w"> </span><span class="n">wwwusers</span><span class="w"> </span><span class="o">-</span><span class="n">s</span><span class="w"> </span><span class="o">/</span><span class="n">sbin</span><span class="o">/</span><span class="n">nologin</span><span class="w"> </span><span class="n">test</span><span class="w"></span>
</code></pre></div>
<p>Attribuons un mot de passe à cet utilisateur :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#passwd</span><span class="w"> </span><span class="n">test</span><span class="w"></span>
<span class="n">Changing</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="k">for</span><span class="w"> </span><span class="n">test</span><span class="p">.</span><span class="w"></span>
<span class="k">New</span><span class="w"> </span><span class="nl">Password</span><span class="p">:</span><span class="w"></span>
<span class="n">Retype</span><span class="w"> </span><span class="k">New</span><span class="w"> </span><span class="nl">Password</span><span class="p">:</span><span class="w"></span>
</code></pre></div>
<p>(le mot de passe est tapé en aveugle, bien entendu). Ensuite, assurons-nous que le répertoire home de l'utilisateur appartient non pas à l'utilisateur mais à root, avec des permissions en 755. Si ce n'est pas le cas, on y remédie de cette manière :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#chown</span><span class="w"> </span><span class="nl">root</span><span class="p">:</span><span class="n">wheel</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"></span>
<span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#chmod</span><span class="w"> </span><span class="mi">755</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"></span>
</code></pre></div>
<p>On notera que pour les OS Linux, on indique <em>root:root</em> par rapport à NetBSD qui n'a pas de groupe <em>root</em> mais un groupe <em>wheel</em>. A ne pas oublier aussi, seul <em>/home/test</em> appartient à root, pas les fichiers et répertoires à l'intérieur (i.e. pas de chmod/chown -R)</p>
<p>Depuis une autre machine, vérifions que nous pouvons nous connecter en sftp :</p>
<div class="highlight"><pre><span></span><code><span class="n">sftp</span><span class="w"> </span><span class="n">test</span><span class="nv">@vhost</span><span class="w"></span>
<span class="n">Connecting</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">vhost</span><span class="p">...</span><span class="w"></span>
<span class="nl">Password</span><span class="p">:</span><span class="w"></span>
<span class="n">sftp</span><span class="o">></span><span class="w"> </span><span class="n">ls</span><span class="w"></span>
<span class="n">sftp</span><span class="o">></span><span class="w"> </span><span class="n">pwd</span><span class="w"></span>
<span class="n">Remote</span><span class="w"> </span><span class="n">working</span><span class="w"> </span><span class="nl">directory</span><span class="p">:</span><span class="w"> </span><span class="o">/</span><span class="w"></span>
</code></pre></div>
<p>Ici, on remarque que je me suis déjà connecté à cette machine avant, puisqu'on ne me réclame pas d'accepter de clé. On remarque aussi qu'on est directement dans le répertoire / et qu'il n'y a rien, la commande <em>pwd</em> indique <em>/</em> et pas <em>/home/test</em>. Si on crée dans ce répertoire un deuxième <em>/home/test</em>, sftp nous y emmènera directement dedans. De plus, on note qu'on ne peut pas créer ou ajouter de répertoire/fichier (normal, le répertoire appartient à root). Créons donc, sur le serveur, le second “home” de l'utilisateur :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#cd</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"></span>
<span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">mkdir</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"></span>
<span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">chown</span><span class="w"> </span><span class="o">-</span><span class="n">R</span><span class="w"> </span><span class="nl">test</span><span class="p">:</span><span class="n">wwwusers</span><span class="w"> </span><span class="n">home</span><span class="w"></span>
<span class="n">root</span><span class="nv">@vhost</span><span class="err">:</span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">chmod</span><span class="w"> </span><span class="mi">755</span><span class="w"> </span><span class="n">home</span><span class="w"></span>
</code></pre></div>
<p>Reconnectons-nous à notre serveur sftp :</p>
<div class="highlight"><pre><span></span><code><span class="n">sftp</span><span class="w"> </span><span class="n">test</span><span class="nv">@vhost</span><span class="w"></span>
<span class="n">Connecting</span><span class="w"> </span><span class="k">to</span><span class="w"> </span><span class="n">vhost</span><span class="p">...</span><span class="w"></span>
<span class="nl">Password</span><span class="p">:</span><span class="w"></span>
<span class="n">sftp</span><span class="o">></span><span class="w"> </span><span class="n">ls</span><span class="w"></span>
<span class="n">sftp</span><span class="o">></span><span class="w"> </span><span class="n">pwd</span><span class="w"></span>
<span class="n">Remote</span><span class="w"> </span><span class="n">working</span><span class="w"> </span><span class="nl">directory</span><span class="p">:</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">test</span><span class="o">/</span><span class="w"></span>
</code></pre></div>
<p>Je peux maintenant créer des répertoires, envoyer des fichiers, en rapatrier d'autres. Mission accomplie !</p>Utilisateurs virtuels sous CentOS 5 avec base de données MySQL2008-06-20T10:30:00+02:002008-06-20T10:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-06-20:/post/2008/06/20/Utilisateurs-virtuels-sous-CentOS-5-avec-base-de-donnees-MySQL/<p><code>convert\_to\_centos5\_fr.sh --url howtoforge.com</code></p>
<p>Depuis quelques temps j'essayais sans succès de faire des utilisateurs virtuels avec <a href="http://vsftpd.beasts.org/">Vsftpd</a>, mon logiciel de serveur ftp favori, sous CentOS 5. Alors oui, la db au format Berkeley, ça marche, mais je trouve ça casse-pieds à maintenir. Et puis pour changer …</p><p><code>convert\_to\_centos5\_fr.sh --url howtoforge.com</code></p>
<p>Depuis quelques temps j'essayais sans succès de faire des utilisateurs virtuels avec <a href="http://vsftpd.beasts.org/">Vsftpd</a>, mon logiciel de serveur ftp favori, sous CentOS 5. Alors oui, la db au format Berkeley, ça marche, mais je trouve ça casse-pieds à maintenir. Et puis pour changer le mot de passe, galère. J'avais vu qu'il était possible d'utiliser <a href="http://www-fr.mysql.com/">MySQL</a> comme base pour les utilisateurs et leurs mots de passe. Je me met en quête d'un how-to pour CentOS, sans succès. J'adapte donc <a href="http://www.howtoforge.com/vsftpd_mysql_debian_etch">ce how-to</a> de Howtoforge pour CentOS.</p>
<p>Commençons par l'installation des paquets qui vont bien. En supposant que vous ayez, comme moi, une CentOS 5 minimaliste mais à jour, ça se passe comme ceci :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">yum</span><span class="w"> </span><span class="o">-</span><span class="n">y</span><span class="w"> </span><span class="n">install</span><span class="w"> </span><span class="n">vsftpd</span><span class="w"> </span><span class="n">mysql</span><span class="o">-</span><span class="n">server</span><span class="w"></span>
</code></pre></div>
<p>Ensuite, soit on ajoute à ses dépôts le dépôt extras en mode testing (et là je vous encourage à faire très attention, et de n'activer que les noms des paquets nécessaires), soit on installe "à la main" le paquet <a href="http://pam-mysql.sourceforge.net/">pam-mysql</a>, qui permettra à vsftpd de dialoguer avec MySQL. Le RPM est disponible sur <a href="http://rpm.pbone.net/index.php3/stat/4/idpl/6192385/com/pam_mysql-0.7-0.5.rc1.el5.kb.2.i386.rpm.html">Pbone</a>.Moi j'ai fait :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">wget</span><span class="w"> </span><span class="nl">ftp</span><span class="p">:</span><span class="o">//</span><span class="n">ftp</span><span class="p">.</span><span class="n">pbone</span><span class="p">.</span><span class="n">net</span><span class="o">/</span><span class="n">mirror</span><span class="o">/</span><span class="n">centos</span><span class="p">.</span><span class="n">karan</span><span class="p">.</span><span class="n">org</span><span class="o">/</span><span class="n">el5</span><span class="o">/</span><span class="n">extras</span><span class="o">/</span><span class="n">testing</span><span class="o">/</span><span class="n">i386</span><span class="o">/</span><span class="n">RPMS</span><span class="o">/</span><span class="n">pam_mysql</span><span class="o">-</span><span class="mf">0.7</span><span class="o">-</span><span class="mf">0.5</span><span class="p">.</span><span class="n">rc1</span><span class="p">.</span><span class="n">el5</span><span class="p">.</span><span class="n">kb</span><span class="mf">.2</span><span class="p">.</span><span class="n">i386</span><span class="p">.</span><span class="n">rpm</span><span class="w"></span>
</code></pre></div>
<p>puis :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">rpm</span><span class="w"> </span><span class="o">-</span><span class="n">ivh</span><span class="w"> </span><span class="n">pam_mysql</span><span class="o">-</span><span class="mf">0.7</span><span class="o">-</span><span class="mf">0.5</span><span class="p">.</span><span class="n">rc1</span><span class="p">.</span><span class="n">el5</span><span class="p">.</span><span class="n">kb</span><span class="mf">.2</span><span class="p">.</span><span class="n">i386</span><span class="p">.</span><span class="n">rpm</span><span class="w"></span>
</code></pre></div>
<p>Une fois les logiciels qui vont bien installés, on peut avoir envie de gérer MySQL via phpMyAdmin, pour celà je vous renvoie à <a href="/post/2008/05/17/installation-de-phpmyadmin-sur-CentOS-5">un autre billet qui en parle</a>.</p>
<p>Commençons par MySQL, pour respecter l'ordre originel du howto. Une fois celui-ci installé, on configure le mot de passe de root :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">mysqld</span><span class="w"> </span><span class="k">start</span><span class="w"></span>
</code></pre></div>
<p>MySQL indique les commandes pour changer le mot de passe de root pour MySQL, en indiquant quel est le nom d'hôte MySQL de la machine (détail très important !)</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'changemoi'</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="o">/</span><span class="n">usr</span><span class="o">/</span><span class="n">bin</span><span class="o">/</span><span class="n">mysqladmin</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">h</span><span class="w"> </span><span class="n">tristram</span><span class="p">.</span><span class="n">anotherhomepage</span><span class="p">.</span><span class="n">loc</span><span class="w"> </span><span class="n">password</span><span class="w"> </span><span class="s1">'changemoi'</span><span class="w"></span>
</code></pre></div>
<p>(on voit donc que la machine servant à ce howto se nomme tristram.anotherhomepage.loc)Ensuite on se connecte à MySQL :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">mysql</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"></span>
</code></pre></div>
<p>On crée la base de données et son utilisateur, <em>vsftpd</em> et mot de passe <em>ftpdpass</em> :</p>
<div class="highlight"><pre><span></span><code>mysql> CREATE DATABASE vsftpd;
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost' IDENTIFIED BY 'ftpdpass';
mysql> GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP ON vsftpd.* TO 'vsftpd'@'localhost.localdomain' IDENTIFIED BY 'ftpdpass';
mysql> FLUSH PRIVILEGES;
</code></pre></div>
<p>Ensuite on créé le schéma (on est toujours dans le shell de MySQL) :</p>
<div class="highlight"><pre><span></span><code><span class="n">mysql</span><span class="o">></span><span class="w"> </span><span class="k">USE</span><span class="w"> </span><span class="n">vsftpd</span><span class="p">;</span><span class="w"></span>
<span class="n">mysql</span><span class="o">></span><span class="w"> </span><span class="k">CREATE</span><span class="w"> </span><span class="k">TABLE</span><span class="w"> </span><span class="n n-Quoted">`accounts`</span><span class="w"> </span><span class="p">(</span><span class="w"></span>
<span class="n n-Quoted">`id`</span><span class="w"> </span><span class="kt">INT</span><span class="w"> </span><span class="k">NOT</span><span class="w"> </span><span class="no">NULL</span><span class="w"> </span><span class="k">AUTO_INCREMENT</span><span class="w"> </span><span class="k">PRIMARY</span><span class="w"> </span><span class="k">KEY</span><span class="w"> </span><span class="p">,</span><span class="w"></span>
<span class="n n-Quoted">`username`</span><span class="w"> </span><span class="kt">VARCHAR</span><span class="p">(</span><span class="w"> </span><span class="mi">30</span><span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="k">NOT</span><span class="w"> </span><span class="no">NULL</span><span class="w"> </span><span class="p">,</span><span class="w"></span>
<span class="n n-Quoted">`pass`</span><span class="w"> </span><span class="kt">VARCHAR</span><span class="p">(</span><span class="w"> </span><span class="mi">50</span><span class="w"> </span><span class="p">)</span><span class="w"> </span><span class="k">NOT</span><span class="w"> </span><span class="no">NULL</span><span class="w"> </span><span class="p">,</span><span class="w"></span>
<span class="k">UNIQUE</span><span class="w"> </span><span class="p">(</span><span class="w"></span>
<span class="n n-Quoted">`username`</span><span class="w"></span>
<span class="p">)</span><span class="w"></span>
<span class="p">)</span><span class="w"> </span><span class="k">ENGINE</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">MYISAM</span><span class="w"> </span><span class="p">;</span><span class="w"></span>
</code></pre></div>
<p>Et on quitte MySQL :</p>
<div class="highlight"><pre><span></span><code>mysql> quit;
</code></pre></div>
<p>On créée l'utilisateur virtuel pour accéder aux comptes ; sous CentOS 5, le groupe de l'utilisateur <em>nobody</em> est <em>nobody</em>, avec comme gid 99 (vu dans <em>/etc/groups</em>) :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">useradd</span><span class="w"> </span><span class="c1">--home /home/vsftpd --gid 99 -m --shell /sbin/nologin vsftpd</span>
</code></pre></div>
<p>On note aussi que pour empêcher un compte d'avoir un shell, on met plutôt <em>/sbin/nologin</em>.</p>
<p>Passons à Vsftpd. Sauvegardons la configuration par défaut et ajoutons la nôtre :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">cp</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">vsftpd</span><span class="p">.</span><span class="n">conf</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">vsftpd</span><span class="p">.</span><span class="n">conf_orig</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">cat</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span><span class="o">></span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">vsftpd</span><span class="p">.</span><span class="n">conf</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">vi</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">vsftpd</span><span class="p">.</span><span class="n">conf</span><span class="w"></span>
</code></pre></div>
<p>Le fichier <em>vsftpd.conf</em> est le suivant ( les options sont expliquées en anglais <a href="http://vsftpd.beasts.org/vsftpd_conf.html">sur le site de vsftpd</a>) :</p>
<div class="highlight"><pre><span></span><code><span class="n">listen</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">anonymous_enable</span><span class="o">=</span><span class="n">NO</span><span class="w"></span>
<span class="n">local_enable</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">write_enable</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">local_umask</span><span class="o">=</span><span class="mi">022</span><span class="w"></span>
<span class="n">dirmessage_enable</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">xferlog_enable</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">connect_from_port_20</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">nopriv_user</span><span class="o">=</span><span class="n">vsftpd</span><span class="w"></span>
<span class="n">chroot_local_user</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">secure_chroot_dir</span><span class="o">=/</span><span class="k">var</span><span class="o">/</span><span class="n">run</span><span class="o">/</span><span class="n">vsftpd</span><span class="w"></span>
<span class="n">pam_service_name</span><span class="o">=</span><span class="n">vsftpd</span><span class="w"></span>
<span class="n">guest_enable</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">guest_username</span><span class="o">=</span><span class="n">vsftpd</span><span class="w"></span>
<span class="n">local_root</span><span class="o">=/</span><span class="n">home</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/$</span><span class="n">USER</span><span class="w"></span>
<span class="n">user_sub_token</span><span class="o">=$</span><span class="n">USER</span><span class="w"></span>
<span class="n">virtual_use_local_privs</span><span class="o">=</span><span class="n">YES</span><span class="w"></span>
<span class="n">user_config_dir</span><span class="o">=/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">user_conf</span><span class="w"></span>
</code></pre></div>
<p>Une première différence avec celui de Howtoforge, je n'ai pas mis l'option <em>rsa_cert_file=/etc/ssl/certs/vsftpd.pem</em>, je verrai ça pour un autre billet. Une autre différence est l'endroit où je stocke les configurations personnalisées par utilisateur : comme il y a un répertoire <em>/etc/vsftpd</em>, j'ai créé un sous-répertoire <em>user_conf</em> :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">mkdir</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">user_conf</span><span class="w"></span>
</code></pre></div>
<p>Cette possibilité est bien entendue totalement optionnelle.</p>
<p>Il nous faut maintenant configurer pam, qui va permettre à vsftpd d'aller chercher les utilisateurs dans la base mysql plutôt que dans les utilisateurs système, stockés dans <em>/etc/passwd</em> et <em>/etc/shadow</em>. Comme avec Vsftpd, on sauvegarde l'ancien et on en crée un tout neuf :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">cp</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pam</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">vsftpd</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pam</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">vsftpd_orig</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">cat</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="k">null</span><span class="w"> </span><span class="o">></span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pam</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">vsftpd</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">vi</span><span class="w"> </span><span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">pam</span><span class="p">.</span><span class="n">d</span><span class="o">/</span><span class="n">vsftpd</span><span class="w"></span>
</code></pre></div>
<p>Le contenu de ce fichier est le suivant :</p>
<div class="highlight"><pre><span></span><code>auth required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3
account required pam_mysql.so user=vsftpd passwd=ftpdpass host=localhost db=vsftpd table=accounts usercolumn=username passwdcolumn=pass crypt=3
</code></pre></div>
<p>La différence avec la version howtoforge est que j'ai changé l'algorithme de hash du mot de passe. Au lieu d'utiliser la fonction PASSWORD(), je vais utiliser MD5(). Je reviendrai sur ce qui a motivé ce choix après. Pour le moment, relançons Vsftpd :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">service</span><span class="w"> </span><span class="n">vsftpd</span><span class="w"> </span><span class="n">restart</span><span class="w"></span>
</code></pre></div>
<p>Et maintenant, créons notre premier utilisateur dans MySQL :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">mysql</span><span class="w"> </span><span class="o">-</span><span class="n">u</span><span class="w"> </span><span class="n">root</span><span class="w"> </span><span class="o">-</span><span class="n">p</span><span class="w"></span>
</code></pre></div>
<p>Nous sommes dans le shell MySQL :</p>
<div class="highlight"><pre><span></span><code>mysql> USE vsftpd;
mysql> INSERT INTO accounts (username, pass) VALUES('testuser', MD5('secret'));
mysql> quit;
</code></pre></div>
<p>Le répertoire de l'utilisateur testuser est <em>/home/vsftpd/testuser</em>, mais Vsftpd ne peut pas le créer automatiquement pour nous, faisons-le à la main, en prenant soin qu'il appartient bien à vsftpd :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">mkdir</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">testuser</span><span class="w"></span>
<span class="n">root</span><span class="nv">@tristram</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">#</span><span class="w"> </span><span class="n">chown</span><span class="w"> </span><span class="nl">vsftpd</span><span class="p">:</span><span class="n">nobody</span><span class="w"> </span><span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">vsftpd</span><span class="o">/</span><span class="n">testuser</span><span class="w"></span>
</code></pre></div>
<p>Connectons-nous à notre serveur FTP en utilisant Filezilla sous Windows, Konqueror ou gFTP (ou bien en ligne de commande, ftp ou lftp) sous Linux/BSD, ou encore Cyberduck sous Mac OS X. Ca marche? Parfait :-)</p>
<p>Maintenant le pourquoi du comment que j'ai mis 3 au lieu de 2 et MD5 au lieu de PASSWORD : tout simplement parce que ça ne fonctionne pas sous CentOS 5. L'explication vient du fichier README de pam-mysql, dispo là : <em>/usr/share/doc/pam_mysql-0.7/README</em></p>
<blockquote>
<p>The method to encrypt the user's password:</p>
<p>0 (or "plain") = No encryption. Passwords stored in plaintext.HIGHLY DISCOURAGED.</p>
<p>1 (or "Y") = Use crypt(3) function.</p>
<p>2 (or "mysql") = Use MySQL PASSWORD() function. It is possiblethat the encryption function used by PAM-MySQLis different from that of the MySQL server, asPAM-MySQL uses the function defined in MySQL'sC-client API instead of using PASSWORD() SQL functionin the query.</p>
<p>3 (or "md5") = Use plain hex MD5.</p>
<p>4 (or "sha1") = Use plain hex SHA1.</p>
</blockquote>
<p>La fonction PASSWORD de MySQL et celle de pam-mysql ne renvoient donc pas le même hash de mot de passe. Dommage, hein? J'ai aussi essayé l'option 0, mais elle ne m'intéressait pas. Je n'ai pas encore essayé la fonction crypt ni la fonction sha1 pour vérifier si elles fonctionnent, mais il n'y a pas de raison ;)</p>
<p>Il ne reste à présent qu'à créer une page php ou un script shell qui permette de créer, modifier et effacer les utilisateurs.</p>
<h2>Commentaires</h2>
<h3>Le 25/01/2011 15:45 par jennifer</h3>
<p>Merci pour le tuto ca fonctionne nikel juste un petit oubli de votre part il faut créer le fichier vsftpd dans /var/run/ sinon il affiche un message d'erreur suite au chemin défini pour "secure_chroot_dir=/var/run/vsftpd" dans le fichier de configuration vsftpd.conf lors du lancement du ftp.</p>Nouveau jouet2008-06-18T19:46:00+02:002008-06-18T19:46:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-06-18:/post/2008/06/18/Nouveau-jouet/<p>Un nouveau gadget électronique vient alourdir mes poches :-)</p>
<p>En témoigne l'habillage d'iPhone disponible pour ce blog (si ce n'est pas le thème affiché à la lecture de ce billet, allez regarder dans le menu déroulant permettant de choisir son thème), en ce moment je m'intéresse à l'Internet mobile. Dans un …</p><p>Un nouveau gadget électronique vient alourdir mes poches :-)</p>
<p>En témoigne l'habillage d'iPhone disponible pour ce blog (si ce n'est pas le thème affiché à la lecture de ce billet, allez regarder dans le menu déroulant permettant de choisir son thème), en ce moment je m'intéresse à l'Internet mobile. Dans un premier temps résolu à attendre l'arrivée <a href="https://linuxfr.org/2008/06/17/24221.html">du FreeRunner</a> du projet OpenMoko, les dysfonctionnements de mon Sony Ericsson K610i ont vite commencé à ébranler cette patience. A tel point que je pensais même acheter un HTC Touch, oui, cette immondice tournant sous Windows Mobile ! J'ai finalement craqué pour autre chose : la tablette Internet <a href="http://fr.wikipedia.org/wiki/Nokia_N800">Nokia N800</a>. Je m'amuse comme un petit fou avec ce nouveau jouet embarquant une version de Debian compilée pour son processeur ARM. Couplée à 2 grosses SD-Card de 4Go chacune, je peux y stocker quelques films de vacances, podcasts, et musiques. J'en viendrais presque à laisser tomber mon fidèle <a href="http://fr.wikipedia.org/wiki/IPod_classic#Quatri.C3.A8me_g.C3.A9n.C3.A9ration_et_iPod_photo">iPod Photo</a>, pourtant équipé de 20Go d'espace disque.</p>
<p>Doté d'une connectique USB, Bluetooth et Wifi, cet engin est un vrai bonheur. Enfin, quand je trouve un réseau Wifi, car je ne suis pas parvenu à faire fonctionner ensemble mon téléphone mobile et le N800. Alors, si quelqu'un me dit que c'est possible avec un OpenMoko, peut-être vais-je encore taper dans mes économies pour acheter le téléphone libre? En attendant, trouver un réseau Wifi ouvert dans Paris n'est pas mission impossible quand on est près à marcher 5min... :-)</p>Installation de mod_gnutls sur CentOS 52008-05-24T10:30:00+02:002008-05-24T10:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-05-24:/post/2008/05/24/Installation-de-mod_gnutls-sur-CentOS-5/<p>petit lien à garder sous le coude au cas où</p>
<p>Il y a quelques jours je voulais mettre plusieurs sites Internet en <a href="http://fr.wikipedia.org/wiki/Http#HTTPS">HTTPS</a>, sur le même serveur dédié. Or, ceci n'est (presque) pas possible en utilisant <a href="http://www.modssl.org/">mod_ssl</a> avec <a href="http://httpd.apache.org/">Apache</a>. Toutefois, ceci est rendu possible via l'utilisation de <a href="http://www.outoforder.cc/projects/apache/mod_gnutls/">mod_gnutls …</a></p><p>petit lien à garder sous le coude au cas où</p>
<p>Il y a quelques jours je voulais mettre plusieurs sites Internet en <a href="http://fr.wikipedia.org/wiki/Http#HTTPS">HTTPS</a>, sur le même serveur dédié. Or, ceci n'est (presque) pas possible en utilisant <a href="http://www.modssl.org/">mod_ssl</a> avec <a href="http://httpd.apache.org/">Apache</a>. Toutefois, ceci est rendu possible via l'utilisation de <a href="http://www.outoforder.cc/projects/apache/mod_gnutls/">mod_gnutls</a>. Pour ceux qui ont CentOS 5, voici <a href="http://www.hughesjr.com/content/view/20/29/">un petit lien</a> pour l'installer facilement. je crois que mod_gnutls est aussi disponible pour Mandriva. Sinon, il reste à compiler les sources ;-)</p>
<p><strong>Mise à jour</strong> : certains auront pu remarquer que des liens de ce billet ne fonctionnent plus, et que les dernières versions de mod_gnutls nécessitent une version de gnutls plus récente que celle livrée sur CentOS. La petite astuce ne fonctionne donc plus vraiment, sauf à utiliser une autre distribution ou à installer un gnutls plus récent. Un ami s'y est essayé il y a quelques temps sous Gentoo, un ebuild étant disponible.</p>
<h2>Commentaires</h2>
<h3>Le 30/08/2011 00:55 par <a href="http://fakessh.eu">fakessh @</a></h3>
<p>j ai dernierement package les dernieres versions de gnutls et mod_gnutls</p>
<p>je fournis les rpm source sur la page de mon blog
recompiler les rpm et bonnes mises à jour</p>
<p>http://fakessh.eu/2011/08/28/last-release-gnutls-et-mod_gnutls-pour-centos-5-6/</p>installation de phpmyadmin sur CentOS 52008-05-18T10:30:00+02:002008-05-18T10:30:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-05-18:/post/2008/05/18/installation-de-phpmyadmin-sur-CentOS-5/<p><code>yum install --enablerepo=extras,rpmforge httpd php phpmyadmin php-mbstring php-mcrypt</code></p>
<p><em>Mise à jour du 03/10/2011 : si vous êtes sur CentOS 6, voici <a href="/post/2011/10/03/Installation-de-phpMyAdmin-sur-CentOS-6">une version à jour de ce tutoriel</a></em></p>
<p>Je voulais me monter un petit serveur MySQL et comme je suis une feignasse, j'aime utiliser <a href="http://www.phpmyadmin.net">phpMyAdmin</a>.je me …</p><p><code>yum install --enablerepo=extras,rpmforge httpd php phpmyadmin php-mbstring php-mcrypt</code></p>
<p><em>Mise à jour du 03/10/2011 : si vous êtes sur CentOS 6, voici <a href="/post/2011/10/03/Installation-de-phpMyAdmin-sur-CentOS-6">une version à jour de ce tutoriel</a></em></p>
<p>Je voulais me monter un petit serveur MySQL et comme je suis une feignasse, j'aime utiliser <a href="http://www.phpmyadmin.net">phpMyAdmin</a>.je me fais comme à mon habitude une installation minimaliste, incluant toutefois le dépôt <a href="https://rpmrepo.org/RPMforge">RPMforge</a> (dont on note la nouvelle url). Pour ajouter le dépôt RPMForge, il suffit d'installer le RPM du dépôt, <a href="http://dag.wieers.com/rpm/packages/rpmforge-release/">qu'on sélectionne ici selon son architecture</a>. On s'assure ensuite que par facilité, le fichier <em>/etc/yum.repos.d/rpmforge.repo</em> contient bien la ligne :</p>
<div class="highlight"><pre><span></span><code>enabled = 1
</code></pre></div>
<p>(c'est moche mais ça marche)</p>
<p>J'installe ensuite mon bazar :</p>
<div class="highlight"><pre><span></span><code>yum install httpd phpmyadmin
</code></pre></div>
<p>C'est bien la première fois que je reproche un truc à un paquet RPMforge, là ce que je reproche au paquet phpmyadmin, c'est de ne pas avoir en dépendance php, chose que je peux aussi reprocher au paquet php-mysql, ou alors j'ai pas tout compris. Allez, on installe PHP :</p>
<div class="highlight"><pre><span></span><code>yum install php
</code></pre></div>
<p>D'autres trucs sont nécessaires pour phpmyadmin, php-mbstring (pas de problème, c'est dans le dépôt base), mais aussi php-mcrypt (et là, il faut activer le dépôt extras, que j'avais désactivé) :</p>
<div class="highlight"><pre><span></span><code>yum install --enablerepo=extras php-mcrypt php-mbstring
</code></pre></div>
<p>Ensuite, on édite le fichier <em>/usr/share/phpmyadmin/config.inc.php</em>, plus exactement à la ligne 17 :</p>
<div class="highlight"><pre><span></span><code><span class="mh">$cf</span><span class="nv">g</span>[<span class="s1">'</span><span class="s">blowfish_secret</span><span class="s1">'</span>] <span class="o">=</span> <span class="s1">''</span><span class="c1">; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ </span>
</code></pre></div>
<p>Et on remplit la variable avec un truc bien débile :</p>
<div class="highlight"><pre><span></span><code><span class="mh">$cf</span><span class="nv">g</span>[<span class="s1">'</span><span class="s">blowfish_secret</span><span class="s1">'</span>] <span class="o">=</span> <span class="s1">'</span><span class="s">kikoolol</span><span class="s1">'</span><span class="c1">; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */ </span>
</code></pre></div>
<p>Si le serveur MySQL est sur la même machine, s'assurer qu'il est lancé et qu'on connait le mot de passe pour s'y connecter (par défaut, il n'y a pas de mot de passe pour root sur MySQL). Si le serveur est sur une autre machine, on modifie la ligne 31 :</p>
<div class="highlight"><pre><span></span><code>$cfg['Servers'][$i]['host'] = 'localhost';
</code></pre></div>
<p>on remplace "localhost" par l'adresse IP ou le nom de la machine.</p>
<p>Mais ce n'est pas fini ! Il faut encore accéder à phpMyAdmin. Pour celà, on édite aussi le fichier <em>/etc/httpd/conf.d/phpmyadmin.conf</em>, la ligne 8 contient :</p>
<div class="highlight"><pre><span></span><code>Allow from 127.0.0.1
</code></pre></div>
<p>On peut ajouter son adresse IP à la suite de la ligne, comme par exemple :</p>
<div class="highlight"><pre><span></span><code>Allow from 127.0.0.1 192.168.1.2
</code></pre></div>
<p>ou alors, ouvrir son phpMyAdmin au monde entier, mais c'est <strong>mal</strong> !</p>
<p><code>Allow from all</code></p>
<p>On notera en fin de fichier les urls possibles pour accéder à notre logiciel, on peut même ajouter à la ligne suivante par exemple :</p>
<p><code>Alias /kikoolol/ /usr/share/phpmyadmin</code></p>
<p>On lance Apache :</p>
<p><code>service httpd start</code></p>
<p>Et éventuellement MySQL :</p>
<p><code>service mysqld start</code></p>
<p>Voilà, c'est fini, on peut accéder à phpMyAdmin grâce à l'adresse : http://nomduserveur/phpmyadmin, ou http://nomduserveur/phpMyAdmin ou http://nomduserveur/mysqladmin (voire même http://nomduserveur/kikoolol pour les comiques :))</p>
<h2>Commentaires</h2>
<h3>Le 26/08/2008 20:44 par mongo</h3>
<p>Tres cool le tuto. Mais apparamment ca ne marche pas aussi simplement avec centos 5.2. J'ai le massage suivant qui resiste a ce tuto (erreur 403): You don't have permission to access /phpmyadmin/ on this server.</p>
<h3>Le 12/03/2009 11:01 par Stef</h3>
<p>Merci pour ce super tuto ;) ça m'a vachement bien aidé !</p>
<p>Et euh j'ai pareil.. erreur 403.. il suffit de lancer firefox entant que root et ça fonctionne ;)</p>
<h3>Le 23/03/2009 21:51 par Nils</h3>
<p>Je vous rappelle qu'il y a un paragraphe sur les autorisations, il faut penser à modifier la directive Allow de /etc/httpd/conf.d/phpmyadmin.conf ;)</p>
<h3>Le 15/04/2009 04:49 par kadahowa</h3>
<p>bien fait le tuto.
pour les gens qui n'ont pas pu acceder a phpmyadmin il faut changer les droit de permission du group.
et ça va marcher c'est tester et ça marche.
le seul probleme c'est j connais pas le mot de pass et le login de mon serveur mysql.
on voulant installer centos j ai cocher server donc j ai pas pu savoir quelle mot de passe et login a fait .
donc si quelqu'un sait, qu il me fille la reponse :>
merci.</p>
<h3>Le 16/04/2009 20:34 par Nils</h3>
<p>Pourrais-tu être plus précis sur "les droits de permissions du groupe" ?
Sous CentOS, par défaut, il n'y a pas de mot de passe à l'utilisateur root sur MySQL. Il te faut donc te connecter, et une fois dans le shell MySQL, tu peux changer le mot de passe. Tu peux aussi faire cela via phpMyAdmin.</p>
<h3>Le 22/04/2009 21:41 par HAZTIKA</h3>
<p>Bonjour
J'essaie de suivre ton tuto mais après : yum install --enablerepo=extras php-mcrypt php-mbstring
je vais dans le dossier /usr/share et je ne trouve pas le fichier config.inc.php que tu as indiqué ( /usr/share/phpmyadmin/config.inc.php ) , je ne trouve même pas le dossier phpmyadmin/ dans /usr/share
et j'ai aussi vérifier dans /etc/httpd/conf.d/ et je ne trouve pas le fichier phpmyadmin.conf
j'ai un centos 5.2, merci de ton aide</p>
<h3>Le 24/04/2009 19:46 par Nils</h3>
<p>@HAZTIKA : il faut d'abord installer le dépôt RPMForge, c'est expliqué entre autres <a href="http://wiki.centos.org/AdditionalResources/Repositories/RPMForge#head-20e1f65f19ccf2f5fbf5adb30dbaf5ea963a64ae">ici</a>. Une fois ce dépôt installé (et activé), tu peux utiliser yum pour installer phpmyadmin et suivre le reste du billet, tu devrais alors trouver les fichiers.</p>
<h3>Le 05/06/2010 10:54 par Zerana</h3>
<p>Cool, ton tulo</p>Créer un miroir CentOS pour les updates2008-03-23T14:55:00+01:002008-03-23T14:55:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-03-23:/post/2008/03/23/Creer-un-miroir-CentOS-pour-les-updates/<p>Et tu sync, et tu sync, et tu wget</p>
<p>Hier, j'ai commencé à me dire que ça serait sympa de rendre encore plus rapide mes installations de machines virtuelles CentOS 5. Donc, avant d'attaquer le trifouillage de mes kickstarts afin d'appliquer mes configurations de manière automatique, j'en suis venu à …</p><p>Et tu sync, et tu sync, et tu wget</p>
<p>Hier, j'ai commencé à me dire que ça serait sympa de rendre encore plus rapide mes installations de machines virtuelles CentOS 5. Donc, avant d'attaquer le trifouillage de mes kickstarts afin d'appliquer mes configurations de manière automatique, j'en suis venu à la conclusion qu'avoir le dépôt des mises à jour en local serait plus rapide que de devoir tout récupérer sur Internet.</p>
<p>Donc, il me faut me synchroniser avec un miroir. Comme je suis chez Free, j'ai voulu utiliser leur miroir. Oui mais, ce n'est qu'un miroir FTP. Et la plupart des scripts de synchronisation de miroir utilisent <a href="http://rsync.samba.org/">rsync</a>. Je me suis donc rabattu sur le miroir de <a href="http://www.ipsl.jussieu.fr/">l'IPSL Jussieu</a> qui possède un mirroir <a href="http://distrib-coffee.ipsl.jussieu.fr/pub/linux/">http</a>, <a href="ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/">ftp</a> et <a href="rsync://distrib-coffee.ipsl.jussieu.fr/pub/linux/">rsync</a>. Génial ! Quelques instants plus tard, j'adapte <a href="http://lists.centos.org/pipermail/centos-mirror/2005-April/000936.html">ce script</a> qui donne ceci :</p>
<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
<span class="c1">#################################################################################</span>
<span class="c1"># #</span>
<span class="c1"># CentOS mirror syncer #</span>
<span class="c1"># Comes from : #</span>
<span class="c1"># #</span>
<span class="c1"># http://lists.centos.org/pipermail/centos-mirror/2005-April/000936.html #</span>
<span class="c1"># http://wiki.monserveurperso.com/wakka.php?wiki=MirroringFTP #</span>
<span class="c1"># man wget #</span>
<span class="c1"># #</span>
<span class="c1">#################################################################################</span>
<span class="nv">RSYNC</span><span class="o">=</span><span class="sb">`</span>which rsync<span class="sb">`</span>
<span class="nv">RSYNC_OPTS</span><span class="o">=</span><span class="s2">"-aHv --delete --bwlimit=512 "</span>
<span class="nv">CHOWN</span><span class="o">=</span><span class="sb">`</span>which chown<span class="sb">`</span>
<span class="nv">CHMOD</span><span class="o">=</span><span class="sb">`</span>which chmod<span class="sb">`</span>
<span class="nv">MIRROR</span><span class="o">=</span><span class="s2">"rsync://distrib-coffee.ipsl.jussieu.fr/pub/linux/centos/5/updates/i386/"</span>
<span class="nv">LOCAL</span><span class="o">=</span><span class="s2">"/home/ftp/mirrors/centos/5/updates/i386/"</span>
<span class="nv">PIDFILE</span><span class="o">=</span><span class="s2">"/var/run/centosmirror.pid"</span>
<span class="c1"># Don't run it twice...</span>
<span class="k">if</span> <span class="o">[</span> -f <span class="s2">"</span><span class="nv">$PIDFILE</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span>
<span class="nv">RUNPID</span><span class="o">=</span><span class="sb">`</span>cat <span class="nv">$PIDFILE</span><span class="sb">`</span>
<span class="k">if</span> ps -p <span class="nv">$RUNPID</span><span class="p">;</span> <span class="k">then</span>
<span class="nb">echo</span> <span class="s2">"CentOS Mirror is already running..."</span>
<span class="nb">exit</span> <span class="m">1</span>
<span class="k">else</span>
<span class="nb">echo</span> <span class="s2">"CentOS Mirror pid found but process dead, cleaning up"</span>
rm -f <span class="nv">$PIDFILE</span>
<span class="k">fi</span>
<span class="k">else</span>
<span class="nb">echo</span> <span class="s2">"No CentOS Mirror Process Detected"</span>
<span class="k">fi</span>
<span class="nb">echo</span> <span class="nv">$$</span> > <span class="nv">$PIDFILE</span>
<span class="nb">echo</span> -n <span class="s2">"CentOS Mirror Started at "</span>
date
<span class="c1"># Download, set up rights</span>
<span class="nv">$RSYNC</span> <span class="nv">$RSYNC_OPTS</span> <span class="nv">$MIRROR</span> <span class="nv">$LOCAL</span>
<span class="nv">$CHOWN</span> -R apache:apache <span class="nv">$LOCAL</span>
<span class="nv">$CHMOD</span> -R <span class="m">755</span> <span class="nv">$LOCAL</span>
<span class="nb">echo</span> -n <span class="s2">"CentOS Mirror Ended at "</span>
date
rm -f <span class="nv">$PIDFILE</span>
</code></pre></div>
<p>Ca, c'était la version rsync. Et si on est derrière un proxy, et qu'on ne peut pas faire du rsync? Pour le moment je me suis concentré sur ftp, mais ce script devrait tourner pour http :</p>
<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
<span class="c1">#################################################################################</span>
<span class="c1"># #</span>
<span class="c1"># CentOS mirror syncer #</span>
<span class="c1"># Comes from : #</span>
<span class="c1"># #</span>
<span class="c1"># http://lists.centos.org/pipermail/centos-mirror/2005-April/000936.html #</span>
<span class="c1"># http://wiki.monserveurperso.com/wakka.php?wiki=MirroringFTP #</span>
<span class="c1"># man wget #</span>
<span class="c1"># #</span>
<span class="c1">#################################################################################</span>
<span class="c1"># Variables</span>
<span class="nv">WGET</span><span class="o">=</span><span class="sb">`</span>which wget<span class="sb">`</span>
<span class="nv">WGET_OPTS</span><span class="o">=</span><span class="s2">"-m --limit-rate=512k -nH --cut-dir 5"</span>
<span class="nv">CHOWN</span><span class="o">=</span><span class="sb">`</span>which chown<span class="sb">`</span>
<span class="nv">CHMOD</span><span class="o">=</span><span class="sb">`</span>which chmod<span class="sb">`</span>
<span class="nv">MIRROR</span><span class="o">=</span><span class="s2">"ftp://ftp.free.fr/mirrors/ftp.centos.org/5/updates/i386/*"</span>
<span class="nv">LOCAL</span><span class="o">=</span><span class="s2">"/home/ftp/mirrors/centos/5/updates/i386/"</span>
<span class="nv">PIDFILE</span><span class="o">=</span><span class="s2">"/var/run/centosmirror.pid"</span>
<span class="c1"># Don't run it twice...</span>
<span class="k">if</span> <span class="o">[</span> -f <span class="s2">"</span><span class="nv">$PIDFILE</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span>
<span class="nv">RUNPID</span><span class="o">=</span><span class="sb">`</span>cat <span class="nv">$PIDFILE</span><span class="sb">`</span>
<span class="k">if</span> ps -p <span class="nv">$RUNPID</span><span class="p">;</span> <span class="k">then</span>
<span class="nb">echo</span> <span class="s2">"CentOS Mirror is already running..."</span>
<span class="nb">exit</span> <span class="m">1</span>
<span class="k">else</span>
<span class="nb">echo</span> <span class="s2">"CentOS Mirror pid found but process dead, cleaning up"</span>
rm -f <span class="nv">$PIDFILE</span>
<span class="k">fi</span>
<span class="k">else</span>
<span class="nb">echo</span> <span class="s2">"No CentOS Mirror Process Detected"</span>
<span class="k">fi</span>
<span class="nb">echo</span> <span class="nv">$$</span> > <span class="nv">$PIDFILE</span>
<span class="c1"># wget + ftp = .listing files</span>
find <span class="nv">$LOCAL</span> -name <span class="s2">".listing"</span> -delete
<span class="nb">echo</span> -n <span class="s2">"CentOS Mirror Started at "</span>
date
<span class="c1"># Download, set up rights</span>
<span class="nv">$WGET</span> <span class="nv">$WGET_OPTS</span> <span class="nv">$MIRROR</span> -P <span class="nv">$LOCAL</span>
<span class="nv">$CHOWN</span> -R apache:apache <span class="nv">$LOCAL</span>
<span class="nv">$CHMOD</span> -R <span class="m">755</span> <span class="nv">$LOCAL</span>
<span class="nb">echo</span> -n <span class="s2">"CentOS Mirror Ended at "</span>
date
rm -f <span class="nv">$PIDFILE</span>
find <span class="nv">$LOCAL</span> -name <span class="s2">".listing"</span> -delete
</code></pre></div>
<p>On remarquera que c'est grosso modo la même chose, la version wget générant des fichiers .listing pour le téléchargement récursif, je les efface avant et après coup, au cas où.Comme mon miroir est aussi dispo en http, je rend le tout accessible pour l'utilisateur apache. Ce dernier script reste cependant à améliorer, car contrairement à rsync, il n'efface pas les fichiers présents en local mais disparus du miroir distant.</p>fichue option de fdisk2008-02-21T19:52:00+01:002008-02-21T19:52:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-02-21:/post/2008/02/21/fichue-option-de-fdisk/<p>genre, pas très harmonieux tout ça</p>
<p>Je range ce billet dans "Linux et Logiciels libres" mais ça pourrait aller dans "Humeur"; lorsque je lance fdisk en mode interactif, voilà comment cela se passe :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@lutgholein</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#fdisk</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda</span><span class="w"></span>
<span class="n">Le</span><span class="w"> </span><span class="n">nombre</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">cylindres</span><span class="w"> </span><span class="n">pour</span><span class="w"> </span><span class="n">ce</span><span class="w"> </span><span class="n">disque</span><span class="w"> </span><span class="n">est</span><span class="w"> </span><span class="n">initialisé</span><span class="w"> </span><span class="n">à</span><span class="w"> </span><span class="mf">36483.</span><span class="w"></span>
<span class="n">Il …</span></code></pre></div><p>genre, pas très harmonieux tout ça</p>
<p>Je range ce billet dans "Linux et Logiciels libres" mais ça pourrait aller dans "Humeur"; lorsque je lance fdisk en mode interactif, voilà comment cela se passe :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@lutgholein</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#fdisk</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda</span><span class="w"></span>
<span class="n">Le</span><span class="w"> </span><span class="n">nombre</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">cylindres</span><span class="w"> </span><span class="n">pour</span><span class="w"> </span><span class="n">ce</span><span class="w"> </span><span class="n">disque</span><span class="w"> </span><span class="n">est</span><span class="w"> </span><span class="n">initialisé</span><span class="w"> </span><span class="n">à</span><span class="w"> </span><span class="mf">36483.</span><span class="w"></span>
<span class="n">Il</span><span class="w"> </span><span class="n">n</span><span class="s1">'y a rien d''incorrect avec cela, mais c'</span><span class="n">est</span><span class="w"> </span><span class="n">plus</span><span class="w"> </span><span class="n">grand</span><span class="w"> </span><span class="n">que</span><span class="w"> </span><span class="mi">1024</span><span class="p">,</span><span class="w"></span>
<span class="n">et</span><span class="w"> </span><span class="n">cela</span><span class="w"> </span><span class="n">pourrait</span><span class="w"> </span><span class="n">causer</span><span class="w"> </span><span class="n">des</span><span class="w"> </span><span class="n">problèmes</span><span class="w"> </span><span class="n">en</span><span class="w"> </span><span class="n">fonction</span><span class="w"> </span><span class="n">pour</span><span class="w"> </span><span class="n">certaines</span><span class="w"> </span><span class="nl">configurations</span><span class="p">:</span><span class="w"></span>
<span class="mi">1</span><span class="p">)</span><span class="w"> </span><span class="n">logiciels</span><span class="w"> </span><span class="n">qui</span><span class="w"> </span><span class="n">sont</span><span class="w"> </span><span class="n">exécutés</span><span class="w"> </span><span class="n">à</span><span class="w"> </span><span class="n">l</span><span class="s1">'amorçage (i.e., vieilles versions de LILO)</span>
<span class="s1">2) logiciels d'</span><span class="n">amorçage</span><span class="w"> </span><span class="n">et</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="n">partitionnement</span><span class="w"> </span><span class="n">pour</span><span class="w"> </span><span class="n">d</span><span class="s1">'autres SE</span>
<span class="s1"> (i.e., DOS FDISK, OS/2 FDISK)</span>
<span class="s1">Commande (m pour l'</span><span class="n">aide</span><span class="p">)</span><span class="err">:</span><span class="w"> </span><span class="n">p</span><span class="w"></span>
<span class="n">Disque</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="nl">hda</span><span class="p">:</span><span class="w"> </span><span class="mf">300.0</span><span class="w"> </span><span class="k">Go</span><span class="p">,</span><span class="w"> </span><span class="mi">300090728448</span><span class="w"> </span><span class="n">octets</span><span class="w"></span>
<span class="mi">255</span><span class="w"> </span><span class="n">heads</span><span class="p">,</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="n">sectors</span><span class="o">/</span><span class="n">track</span><span class="p">,</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="n">cylinders</span><span class="w"></span>
<span class="n">Unités</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">cylindres</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="mi">16065</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">512</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">8225280</span><span class="w"> </span><span class="n">octets</span><span class="w"></span>
<span class="n">Périphérique</span><span class="w"> </span><span class="n">Amorce</span><span class="w"> </span><span class="n">Début</span><span class="w"> </span><span class="n">Fin</span><span class="w"> </span><span class="n">Blocs</span><span class="w"> </span><span class="n">Id</span><span class="w"> </span><span class="n">Système</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda1</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="mi">12</span><span class="w"> </span><span class="mi">96358</span><span class="o">+</span><span class="w"> </span><span class="mi">83</span><span class="w"> </span><span class="n">Linux</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda2</span><span class="w"> </span><span class="mi">13</span><span class="w"> </span><span class="mi">152</span><span class="w"> </span><span class="mi">1124550</span><span class="w"> </span><span class="mi">82</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">swap</span><span class="w"> </span><span class="o">/</span><span class="w"> </span><span class="n">Solaris</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda4</span><span class="w"> </span><span class="mi">153</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="mi">291828757</span><span class="o">+</span><span class="w"> </span><span class="mi">5</span><span class="w"> </span><span class="n">Extended</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda5</span><span class="w"> </span><span class="mi">153</span><span class="w"> </span><span class="mi">1197</span><span class="w"> </span><span class="mi">8393931</span><span class="w"> </span><span class="mi">83</span><span class="w"> </span><span class="n">Linux</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda6</span><span class="w"> </span><span class="mi">1198</span><span class="w"> </span><span class="mi">9964</span><span class="w"> </span><span class="mi">70420896</span><span class="w"> </span><span class="mi">8</span><span class="n">e</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">LVM</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda7</span><span class="w"> </span><span class="mi">9965</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="mi">213013836</span><span class="w"> </span><span class="mi">8</span><span class="n">e</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">LVM</span><span class="w"></span>
<span class="n">Commande</span><span class="w"> </span><span class="p">(</span><span class="n">m</span><span class="w"> </span><span class="n">pour</span><span class="w"> </span><span class="n">l</span><span class="err">'</span><span class="n">aide</span><span class="p">)</span><span class="err">:</span><span class="w"></span>
</code></pre></div>
<p>On voit bien qu'on utilise la lettre "p" pour "print", afficher la table des partitions. Si par contre je veux juste afficher la table des partitions sans rien faire d'autre, en mode non-interactif, on lance fdisk de cette manière :</p>
<div class="highlight"><pre><span></span><code><span class="n">root</span><span class="nv">@lutgholein</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="n">#fdisk</span><span class="w"> </span><span class="o">-</span><span class="n">l</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda</span><span class="w"></span>
<span class="n">Disque</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="nl">hda</span><span class="p">:</span><span class="w"> </span><span class="mf">300.0</span><span class="w"> </span><span class="k">Go</span><span class="p">,</span><span class="w"> </span><span class="mi">300090728448</span><span class="w"> </span><span class="n">octets</span><span class="w"></span>
<span class="mi">255</span><span class="w"> </span><span class="n">heads</span><span class="p">,</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="n">sectors</span><span class="o">/</span><span class="n">track</span><span class="p">,</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="n">cylinders</span><span class="w"></span>
<span class="n">Unités</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="n">cylindres</span><span class="w"> </span><span class="n">de</span><span class="w"> </span><span class="mi">16065</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">512</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="mi">8225280</span><span class="w"> </span><span class="n">octets</span><span class="w"></span>
<span class="n">Périphérique</span><span class="w"> </span><span class="n">Amorce</span><span class="w"> </span><span class="n">Début</span><span class="w"> </span><span class="n">Fin</span><span class="w"> </span><span class="n">Blocs</span><span class="w"> </span><span class="n">Id</span><span class="w"> </span><span class="n">Système</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda1</span><span class="w"> </span><span class="o">*</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="mi">12</span><span class="w"> </span><span class="mi">96358</span><span class="o">+</span><span class="w"> </span><span class="mi">83</span><span class="w"> </span><span class="n">Linux</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda2</span><span class="w"> </span><span class="mi">13</span><span class="w"> </span><span class="mi">152</span><span class="w"> </span><span class="mi">1124550</span><span class="w"> </span><span class="mi">82</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">swap</span><span class="w"> </span><span class="o">/</span><span class="w"> </span><span class="n">Solaris</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda4</span><span class="w"> </span><span class="mi">153</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="mi">291828757</span><span class="o">+</span><span class="w"> </span><span class="mi">5</span><span class="w"> </span><span class="n">Extended</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda5</span><span class="w"> </span><span class="mi">153</span><span class="w"> </span><span class="mi">1197</span><span class="w"> </span><span class="mi">8393931</span><span class="w"> </span><span class="mi">83</span><span class="w"> </span><span class="n">Linux</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda6</span><span class="w"> </span><span class="mi">1198</span><span class="w"> </span><span class="mi">9964</span><span class="w"> </span><span class="mi">70420896</span><span class="w"> </span><span class="mi">8</span><span class="n">e</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">LVM</span><span class="w"></span>
<span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">hda7</span><span class="w"> </span><span class="mi">9965</span><span class="w"> </span><span class="mi">36483</span><span class="w"> </span><span class="mi">213013836</span><span class="w"> </span><span class="mi">8</span><span class="n">e</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">LVM</span><span class="w"></span>
</code></pre></div>
<p>Donc on a "l" pour "list", lister. Ok, les deux se valent, mais c'est quand même casse-pied, je tente régulièrement des fdisk -p /dev/nomdudisque et me prend un message d'erreur dans la figure ! C 'est casse-pied au possible !</p>
<p>Et pour couronner le tout, le fdisk de l'OS à la Pomme se comporte d'une autre manière !</p>
<div class="highlight"><pre><span></span><code><span class="n">nils</span><span class="nv">@darkmoon</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">sudo</span><span class="w"> </span><span class="n">fdisk</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">disk0</span><span class="w"></span>
<span class="nl">Password</span><span class="p">:</span><span class="w"></span>
<span class="k">Disk</span><span class="err">:</span><span class="w"> </span><span class="o">/</span><span class="n">dev</span><span class="o">/</span><span class="n">disk0</span><span class="w"> </span><span class="nl">geometry</span><span class="p">:</span><span class="w"> </span><span class="mi">14593</span><span class="o">/</span><span class="mi">255</span><span class="o">/</span><span class="mi">63</span><span class="w"> </span><span class="o">[</span><span class="n">234441648 sectors</span><span class="o">]</span><span class="w"></span>
<span class="nl">Signature</span><span class="p">:</span><span class="w"> </span><span class="mh">0xAA55</span><span class="w"></span>
<span class="w"> </span><span class="n">Starting</span><span class="w"> </span><span class="n">Ending</span><span class="w"></span>
<span class="w"> </span><span class="err">#:</span><span class="w"> </span><span class="n">id</span><span class="w"> </span><span class="n">cyl</span><span class="w"> </span><span class="n">hd</span><span class="w"> </span><span class="n">sec</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="n">cyl</span><span class="w"> </span><span class="n">hd</span><span class="w"> </span><span class="n">sec</span><span class="w"> </span><span class="o">[</span><span class="n"> start - size</span><span class="o">]</span><span class="w"></span>
<span class="o">------------------------------------------------------------------------</span><span class="w"></span>
<span class="w"> </span><span class="mi">1</span><span class="err">:</span><span class="w"> </span><span class="n">EE</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">[</span><span class="n"> 1 - 409639</span><span class="o">]</span><span class="w"> </span><span class="o"><</span><span class="k">Unknown</span><span class="w"> </span><span class="n">ID</span><span class="o">></span><span class="w"></span>
<span class="w"> </span><span class="mi">2</span><span class="err">:</span><span class="w"> </span><span class="n">AF</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">[</span><span class="n"> 409640 - 62652416</span><span class="o">]</span><span class="w"> </span><span class="n">HFS</span><span class="o">+</span><span class="w"> </span>
<span class="o">*</span><span class="mi">3</span><span class="err">:</span><span class="w"> </span><span class="mi">07</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">[</span><span class="n"> 63328230 - 62460720</span><span class="o">]</span><span class="w"> </span><span class="n">HPFS</span><span class="o">/</span><span class="n">QNX</span><span class="o">/</span><span class="n">AUX</span><span class="w"></span>
<span class="w"> </span><span class="mi">4</span><span class="err">:</span><span class="w"> </span><span class="mi">83</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">-</span><span class="w"> </span><span class="mi">1023</span><span class="w"> </span><span class="mi">254</span><span class="w"> </span><span class="mi">63</span><span class="w"> </span><span class="o">[</span><span class="n"> 125788950 - 30716280</span><span class="o">]</span><span class="w"> </span><span class="n">Linux</span><span class="w"> </span><span class="n">files</span><span class="o">*</span><span class="w"></span>
</code></pre></div>
<p>Quelle embrouille ;-)</p>RPMforge2008-01-19T22:40:00+01:002008-01-19T22:40:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2008-01-19:/post/2008/01/19/RPMforge/<p>un dépôt qu'il est bien</p>
<p>Oui, il y a des dépôts tierce-partie pour les distribs Red Hat, telles que RHEL, CentOS et Fedora. Un que j'apprécie beaucoup c'est <a href="http://rpmforge.net/">RPMforge</a>. Il contient entre autres, <a href="http://htop.sourceforge.net/">Htop</a> et <a href="http://www.nagios.org/">Nagios</a>, ce qui fait que j'aime bien l'installer sur une machine CentOS ou Fedora (htop …</p><p>un dépôt qu'il est bien</p>
<p>Oui, il y a des dépôts tierce-partie pour les distribs Red Hat, telles que RHEL, CentOS et Fedora. Un que j'apprécie beaucoup c'est <a href="http://rpmforge.net/">RPMforge</a>. Il contient entre autres, <a href="http://htop.sourceforge.net/">Htop</a> et <a href="http://www.nagios.org/">Nagios</a>, ce qui fait que j'aime bien l'installer sur une machine CentOS ou Fedora (htop c'est vraiment du confort face à top). Pour l'installer, c'est très simple : il suffit d'aller récupérer le RPM qui installe le dépôt dans yum, ce qui évite de rajouter le dépôt à la main dans la configuration de ce dernier. Pour trouver le rpm "rpmforge-release", c'est <a href="http://dag.wieers.com/rpm/packages/rpmforge-release/">ici</a>. On l'installe via un bon vieux rpm -ivh, on fait un petit yum update, et c'est parti !</p>Installation et configuration d'un serveur dédié OpenArena 0.7.12007-11-28T23:37:00+01:002007-11-28T23:37:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2007-11-28:/post/2007/11/28/Installation-et-configuration-dun-serveur-dedie-OpenArena-071/<p>(marche aussi pour Quake 3 Arena)</p>
<p>Amusons-nous un peu avec Open Arena, un First Person Shooter basé sur le moteur libéré sous GPL du génialissime Quake 3 Arena. Mais pour bien s'amuser, mieux vaut être plusieurs. Comme héberger soi-même la partie c'est lourd, utilisons une machine dédiée.</p>
<p>D'abord, on récupère …</p><p>(marche aussi pour Quake 3 Arena)</p>
<p>Amusons-nous un peu avec Open Arena, un First Person Shooter basé sur le moteur libéré sous GPL du génialissime Quake 3 Arena. Mais pour bien s'amuser, mieux vaut être plusieurs. Comme héberger soi-même la partie c'est lourd, utilisons une machine dédiée.</p>
<p>D'abord, on récupère OA 0.7.0 et le patch 0.7.1 soit via le site officiel, soit via votre gestionnaire de paquets favoris (à ma connaissance, Ubuntu et Fedora n'ont pas de version à jour dans leur dépôts, mais cela a pu changer depuis que j'ai vérifié. Aucun problème avec une Mandriva 2008), soit via mon miroir perso <a href="http://downloads.anotherhomepage.org/">http://downloads.anotherhomepage.org/</a> , rubrique Programs. On récupèrera optionnellement le mod OSP 1.03.</p>
<p>On décompresse les archives, à la racine de son répertoire home. Pour un utilisateur "quakeur" sur une machine "campgrounds", cela donne comme arborescence :</p>
<div class="highlight"><pre><span></span><code><span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">pwd</span><span class="w"></span>
<span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">quakeur</span><span class="w"></span>
<span class="err">$</span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">hlF</span><span class="w"> </span><span class="n">openarena</span><span class="o">/</span><span class="w"></span>
<span class="n">total</span><span class="w"> </span><span class="mi">11</span><span class="n">M</span><span class="w"></span>
<span class="n">drwxr</span><span class="o">-</span><span class="n">xr</span><span class="o">-</span><span class="n">x</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">4</span><span class="p">,</span><span class="mi">0</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">11</span><span class="w"> </span><span class="mi">20</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">baseoa</span><span class="o">/</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">6</span><span class="p">,</span><span class="mi">8</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">07</span><span class="err">:</span><span class="mi">09</span><span class="w"> </span><span class="n">CHANGES</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">18</span><span class="n">K</span><span class="w"> </span><span class="mi">2006</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">10</span><span class="w"> </span><span class="mi">17</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">COPYING</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">1</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">03</span><span class="err">:</span><span class="mi">56</span><span class="w"> </span><span class="n">CREDITS</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">765</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioq3ded</span><span class="p">.</span><span class="n">i386</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">877</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioq3ded</span><span class="p">.</span><span class="n">x86_64</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="mi">6</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioquake3</span><span class="p">.</span><span class="n">i386</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="mi">6</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioquake3</span><span class="o">-</span><span class="n">smp</span><span class="p">.</span><span class="n">i386</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="mi">8</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioquake3</span><span class="o">-</span><span class="n">smp</span><span class="p">.</span><span class="n">x86_64</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="mi">8</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">ioquake3</span><span class="p">.</span><span class="n">x86_64</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">16</span><span class="n">K</span><span class="w"> </span><span class="mi">2006</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">26</span><span class="w"> </span><span class="mi">05</span><span class="err">:</span><span class="mi">25</span><span class="w"> </span><span class="n">libogg</span><span class="o">-</span><span class="mf">0.</span><span class="n">dll</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">154</span><span class="n">K</span><span class="w"> </span><span class="mi">2006</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">26</span><span class="w"> </span><span class="mi">05</span><span class="err">:</span><span class="mi">25</span><span class="w"> </span><span class="n">libvorbis</span><span class="o">-</span><span class="mf">0.</span><span class="n">dll</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">29</span><span class="n">K</span><span class="w"> </span><span class="mi">2006</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">26</span><span class="w"> </span><span class="mi">05</span><span class="err">:</span><span class="mi">25</span><span class="w"> </span><span class="n">libvorbisfile</span><span class="o">-</span><span class="mf">3.</span><span class="n">dll</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">64</span><span class="w"> </span><span class="mi">2006</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">25</span><span class="w"> </span><span class="mi">18</span><span class="err">:</span><span class="mi">35</span><span class="w"> </span><span class="n">LINUXNOTES</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">2</span><span class="p">,</span><span class="mi">0</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">openarena</span><span class="p">.</span><span class="n">exe</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="mi">4</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">09</span><span class="err">:</span><span class="mi">50</span><span class="w"> </span><span class="n">README</span><span class="o">*</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">hlF</span><span class="w"> </span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="o">/</span><span class="w"></span>
<span class="n">total</span><span class="w"> </span><span class="mi">261</span><span class="n">M</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">30</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">41</span><span class="w"> </span><span class="n">pak0</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">27</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">38</span><span class="w"> </span><span class="n">pak1</span><span class="o">-</span><span class="n">maps</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">23</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">43</span><span class="w"> </span><span class="n">pak2</span><span class="o">-</span><span class="n">players</span><span class="o">-</span><span class="n">mature</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">65</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">46</span><span class="w"> </span><span class="n">pak2</span><span class="o">-</span><span class="n">players</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">25</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">47</span><span class="w"> </span><span class="n">pak3</span><span class="o">-</span><span class="n">music</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">67</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">48</span><span class="w"> </span><span class="n">pak4</span><span class="o">-</span><span class="n">textures</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">117</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">49</span><span class="w"> </span><span class="n">pak5</span><span class="o">-</span><span class="n">TA</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">16</span><span class="n">M</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">07</span><span class="o">-</span><span class="mi">07</span><span class="w"> </span><span class="mi">08</span><span class="err">:</span><span class="mi">49</span><span class="w"> </span><span class="n">pak6</span><span class="o">-</span><span class="n">misc</span><span class="p">.</span><span class="n">pk3</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="c1">--r-- 1 quakeur quakeur 12M 2007-08-08 14:36 pak7-patch.pk3</span>
</code></pre></div>
<p>2 choses : la première, le zip contient les binaires 32 et 64 bits x86 pour Linux, mais aussi un binaire 32 bits pour Windows. On peut optionnellement dégager ce dernier ainsi que les dll, vu qu'ils ne serviront pas, je pars du postulat qu'on tourne sous un OS propre, voire terreux, mais pas sale.</p>
<p>La seconde, c'est l'endroit où se situe le fichier du patch 0.7.1 : on vérifiera bien que le fichier pak7-patch.pk3 est dans \~/openarena/baseoa/ .</p>
<p>ensuite, il faut se faire un fichier de configuration. OpenArena étant basé sur le moteur libre de Quake 3 Arena, tout bon tuto qui se respecte pour ce bon vieux Q3A est à peu près valide pour OA. Voici ma configuration, utilisée pour la micro lan-party des JM2L 2007 (téléchargeable <a href="http://downloads.anotherhomepage.org/Programs/openarena/ffa.cfg">ici</a>):</p>
<div class="highlight"><pre><span></span><code><span class="sr">//</span><span class="n">Fichier</span> <span class="n">de</span> <span class="n">config</span> <span class="n">server</span> <span class="n">OA</span><span class="p">,</span> <span class="n">chaque</span> <span class="n">commentaire</span> <span class="n">commence</span> <span class="n">par</span> <span class="s">"//"</span> <span class="n">et</span> <span class="n">dure</span> <span class="n">jusqu</span><span class="s">'à la fin de la ligne.</span>
<span class="s"> //on met gametype à 0 pour Free for All (chacun pour sa pomme) </span>
<span class="s"> g_gametype 0</span>
<span class="s"> //Free For All Settings </span>
<span class="s"> //Limite de frag. Au-delà, on change de map. Pour enlever la limite, mettre à 0</span>
<span class="s"> fraglimit 20</span>
<span class="s"> //Limite de temps. Au-delà, on change de map. Pour enlever la limite, mettre à 0</span>
<span class="s"> timelimit 10</span>
<span class="s"> //Nombre max de n00bz sur le serveur</span>
<span class="s"> sv_maxclients 8</span>
<span class="s"> //Nom qui apparait dans l'</span><span class="n">interface</span> <span class="n">de</span> <span class="n">recherche</span>
<span class="n">sv_hostname</span> <span class="s">"Open Arena JM2L FFA Server"</span>
<span class="sr">//</span><span class="n">Message</span> <span class="n">du</span> <span class="n">jour</span> <span class="p">(</span><span class="n">Message</span> <span class="n">of</span> <span class="n">the</span> <span class="n">day</span><span class="p">)</span><span class="o">.</span> <span class="n">Optionnel</span>
<span class="n">set</span> <span class="n">g_motd</span> <span class="s">"JM2L Open Arena serveur, amusez-vous bien !"</span>
<span class="sr">//</span><span class="n">On</span> <span class="n">peut</span> <span class="n">réclamer</span> <span class="n">un</span> <span class="n">mot</span> <span class="n">de</span> <span class="n">passe</span> <span class="n">à</span> <span class="n">l</span><span class="s">'entrée du servur 1="je veux un mot de passe", 0="je m'</span><span class="n">en</span> <span class="n">cogne</span><span class="s">" (Défaut: 0)</span>
<span class="s"> sv_privateClients 0</span>
<span class="s"> //Si t'as mis 1 à la valeur précédente, indique ici ton mot de passe (on commente si c'est 0)</span>
<span class="s"> //sv_privatePassword ""</span>
<span class="s"> //Mot de passe de la console d'admin</span>
<span class="s"> rconpassword "</span><span class="n">lamepassword</span><span class="s">"</span>
<span class="s"> //Sorte d'anti-triche qui vérifie l'intégrité des fichiers pak 1=activé, 0=désactivé (Défaut: 1)</span>
<span class="s"> sv_pure 1</span>
<span class="s"> //Rafraîchissement max des n00bz qui viennent jouer, on recommande une valeur de 8000 à 10000 Max: 25000 </span>
<span class="s"> //(Défaut: 0)</span>
<span class="s"> sv_maxRate 10000</span>
<span class="s"> //Sélection des map, dans quel ordre, et ensuite on charge la première map</span>
<span class="s"> set d1 "</span><span class="nb">map</span> <span class="n">oa_rpg3dm2</span><span class="p">;</span> <span class="n">set</span> <span class="n">nextmap</span> <span class="n">vstr</span> <span class="n">d2</span><span class="s">"</span>
<span class="s"> set d2 "</span><span class="nb">map</span> <span class="n">q3dm6ish</span><span class="p">;</span> <span class="n">set</span> <span class="n">nextmap</span> <span class="n">vstr</span> <span class="n">d3</span><span class="s">"</span>
<span class="s"> set d3 "</span><span class="nb">map</span> <span class="n">oa_dm1</span> <span class="p">;</span> <span class="n">set</span> <span class="n">nextmap</span> <span class="n">vstr</span> <span class="n">d4</span><span class="s">"</span>
<span class="s"> set d4 "</span><span class="nb">map</span> <span class="n">fan</span><span class="p">;</span> <span class="n">set</span> <span class="n">nextmap</span> <span class="n">vstr</span> <span class="n">d5</span><span class="s">"</span>
<span class="s"> set d5 "</span><span class="nb">map</span> <span class="n">suspended</span> <span class="p">;</span> <span class="n">set</span> <span class="n">nextmap</span> <span class="n">vstr</span> <span class="n">d1</span><span class="s">"</span>
<span class="s"> vstr d1</span>
<span class="s"> //temps de réapparition (respawn) des armes en secondes. S'il y a plein de n00bz sur le serveur,</span>
<span class="s"> // mieux vaut augmenter la valeur (Défaut: 5)</span>
<span class="s"> set g_weaponrespawn 5</span>
<span class="s"> //Possibilité de voter 1=oui, 0=non (Défaut: 1)</span>
<span class="s"> set g_allowvote 1</span>
<span class="s"> //multiple de puissance du quad damage </span>
<span class="s"> //(Défaut: 3. donc un coup de roquette fait 3 fois plus de dégâts quand on a le quad damage)</span>
<span class="s"> set g_quadfactor 3</span>
<span class="s"> //variable nécessairement à 1 pour les clients qui veulent enregistrer la partie, </span>
<span class="s"> //mais cela ralentit légèrement le jeu (Défaut: 0)</span>
<span class="s"> set g_syncronousClients 0</span>
<span class="s"> //petites infos parfois utiles</span>
<span class="s"> sets "</span><span class="n">Administrator</span><span class="s">" "</span><span class="n">r00t</span><span class="s">"</span>
<span class="s"> sets "</span><span class="n">Email</span><span class="s">" "</span><span class="n">mail</span><span class="nv">@domain</span><span class="o">.</span><span class="n">tld</span><span class="s">"</span>
<span class="s"> sets "</span><span class="n">URL</span><span class="s">" "</span><span class="n">http:</span><span class="sr">//</span><span class="n">www</span><span class="o">.</span><span class="n">domain</span><span class="o">.</span><span class="n">tld</span><span class="s">"</span>
<span class="s"> sets "</span><span class="n">Location</span><span class="s">" "</span><span class="n">au</span> <span class="n">fond</span> <span class="n">à</span> <span class="n">droite</span><span class="s">"</span>
<span class="s"> sets "</span><span class="n">CPU</span><span class="s">" "</span><span class="n">Quadri</span> <span class="n">Xeon</span><span class="s">"</span>
<span class="s"> // Si on utilise un pack de maps persos, il faut en faire profiter les autres :))</span>
<span class="s"> //sets "</span><span class="n">mappack</span><span class="s">" "</span><span class="n">http:</span><span class="sr">//</span><span class="n">www</span><span class="o">.</span><span class="n">myserver</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">mappack</span><span class="o">.</span><span class="n">zip</span><span class="s">"</span>
<span class="s">// --- bots ---</span>
<span class="s">seta bot_enable "</span><span class="mi">1</span><span class="s">" // Activer les bots : 1 = activé, 0 = désactivé</span>
<span class="s">seta bot_minplayers "</span><span class="mi">3</span><span class="s">" // Nombre minimum de n00bz pour que les bots se barrent</span>
<span class="s">seta bot_nochat "</span><span class="mi">1</span><span class="err">"</span> <span class="sr">//</span> <span class="n">Les</span> <span class="n">bots</span> <span class="n">peuvent</span> <span class="n">parler</span><span class="o">.</span> <span class="mi">1</span> <span class="o">=</span> <span class="n">ils</span> <span class="n">peuvent</span> <span class="n">faire</span> <span class="n">les</span> <span class="n">piplettes</span><span class="p">,</span> <span class="mi">0</span> <span class="o">=</span> <span class="n">ils</span> <span class="n">la</span> <span class="n">bouclent</span>
<span class="sr">//</span> <span class="n">End</span> <span class="n">of</span> <span class="n">file</span><span class="o">.</span>
</code></pre></div>
<p>Ce fichier, appelons-le ffa.cfg (puisque c'est un serveur Free For All) et plaçons-le dans notre répertoire de configuration OA (le jeu fonctionne dans un mode plus ou moins chrooté, alors mieux vaut qu'il puisse trouver la config) :</p>
<div class="highlight"><pre><span></span><code><span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">pwd</span><span class="w"></span>
<span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="n">quakeur</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">cd</span><span class="w"> </span><span class="p">.</span><span class="n">openarena</span><span class="o">/</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~/</span><span class="p">.</span><span class="n">openarena</span><span class="w"> </span><span class="err">$</span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">hlF</span><span class="w"></span>
<span class="n">total</span><span class="w"> </span><span class="mi">4</span><span class="p">,</span><span class="mi">0</span><span class="n">K</span><span class="w"></span>
<span class="n">drwxr</span><span class="o">-</span><span class="n">xr</span><span class="o">-</span><span class="n">x</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">4</span><span class="p">,</span><span class="mi">0</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">11</span><span class="w"> </span><span class="mi">22</span><span class="err">:</span><span class="mi">19</span><span class="w"> </span><span class="n">baseoa</span><span class="o">/</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~/</span><span class="p">.</span><span class="n">openarena</span><span class="w"> </span><span class="err">$</span><span class="n">cd</span><span class="w"> </span><span class="n">baseoa</span><span class="o">/</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~/</span><span class="p">.</span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="w"> </span><span class="err">$</span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">hlF</span><span class="w"></span>
<span class="n">total</span><span class="w"> </span><span class="mi">88</span><span class="n">K</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">75</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">11</span><span class="w"> </span><span class="mi">22</span><span class="err">:</span><span class="mi">28</span><span class="w"> </span><span class="n">games</span><span class="p">.</span><span class="nf">log</span><span class="w"></span>
<span class="o">-</span><span class="n">rwxr</span><span class="o">-</span><span class="n">xr</span><span class="o">-</span><span class="n">x</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">3</span><span class="p">,</span><span class="mi">1</span><span class="n">K</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">11</span><span class="w"> </span><span class="mi">21</span><span class="err">:</span><span class="mi">00</span><span class="w"> </span><span class="n">ffa</span><span class="p">.</span><span class="n">cfg</span><span class="o">*</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">956</span><span class="w"> </span><span class="mi">2007</span><span class="o">-</span><span class="mi">11</span><span class="o">-</span><span class="mi">11</span><span class="w"> </span><span class="mi">22</span><span class="err">:</span><span class="mi">20</span><span class="w"> </span><span class="n">q3config</span><span class="p">.</span><span class="n">cfg</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~/</span><span class="p">.</span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="w"> </span><span class="err">$</span><span class="w"></span>
</code></pre></div>
<p>les fichiers games.log et q3config.cfg peuvent ne pas exister, ils seront créés après un premier lancement du jeu. A la rigueur, selon la quantité de mémoire vive de votre serveur dédié, il peut être bien de positionner la variable com_hunkMegs à la quantité de mémoire vive que vous désirez allouer.</p>
<p>Et maintenant? Et bien on lance le serveur :</p>
<div class="highlight"><pre><span></span><code><span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="n">cd</span><span class="w"> </span><span class="n">openarena</span><span class="o">/</span><span class="w"></span>
<span class="n">quakeur</span><span class="nv">@campgrounds</span><span class="err">:</span><span class="o">~</span><span class="w"> </span><span class="err">$</span><span class="p">.</span><span class="o">/</span><span class="n">ioq3ded</span><span class="p">.</span><span class="n">i386</span><span class="w"> </span><span class="o">+</span><span class="k">set</span><span class="w"> </span><span class="n">dedicated</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="o">+</span><span class="k">set</span><span class="w"> </span><span class="n">net_ip</span><span class="w"> </span><span class="mf">192.168.0.3</span><span class="w"> </span><span class="o">+</span><span class="k">set</span><span class="w"> </span><span class="n">net_port</span><span class="w"> </span><span class="mi">27960</span><span class="w"> </span><span class="o">+</span><span class="k">set</span><span class="w"> </span><span class="n">g_log</span><span class="w"> </span><span class="n">games</span><span class="p">.</span><span class="nf">log</span><span class="w"> </span><span class="o">+</span><span class="k">exec</span><span class="w"> </span><span class="n">ffa</span><span class="p">.</span><span class="n">cfg</span><span class="w"></span>
</code></pre></div>
<p>Spécifier l'adresse IP est une bonne chose si vous avez de multiples interfaces réseau, mais c'est optionnel. Idem pour le port, mis par défaut à 27960 si ma mémoire est bonne (utile si on a un monstre de puissance et qu'on fait tourner plusieurs instances du jeu avec des confs différentes). Il est possible, si on utilise un mod, d'ajouter l'option +set fs_game nomdumod , sachant que le répertoire du mod doit être dans le répertoire de configuration (je ne comprend pas pourquoi, mais ça marche comme ça chez moi :/). Le fichier de config, et celui de log seront aussi dans ce répertoire :</p>
<div class="highlight"><pre><span></span><code><span class="n">quakeur</span><span class="err">@</span><span class="n">campgrounds</span><span class="p">:</span><span class="o">~/.</span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="w"> </span><span class="o">$</span><span class="n">cd</span><span class="w"> </span><span class="n">osp</span><span class="o">/</span><span class="w"></span>
<span class="n">quakeur</span><span class="err">@</span><span class="n">campgrounds</span><span class="p">:</span><span class="o">~/.</span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="o">/</span><span class="n">osp</span><span class="w"> </span><span class="o">$$</span><span class="n">ls</span><span class="w"> </span><span class="o">-</span><span class="n">hlF</span><span class="w"></span>
<span class="n">total</span><span class="w"> </span><span class="mi">92240</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">738</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="mi">1</span><span class="n">v1</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">20</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">680</span><span class="n">B</span><span class="w"> </span><span class="mi">17</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">Docs</span><span class="o">/</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">3</span><span class="n">K</span><span class="w"> </span><span class="mi">28</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">INSTALL</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">348</span><span class="n">K</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">jan</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">OSP</span><span class="w"> </span><span class="n">Config</span><span class="w"> </span><span class="n">Generator</span><span class="o">.</span><span class="n">exe</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">2</span><span class="n">K</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">OSP</span><span class="w"> </span><span class="n">Match</span><span class="w"> </span><span class="n">Quick</span><span class="w"> </span><span class="n">Start</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">12</span><span class="n">K</span><span class="w"> </span><span class="mi">16</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">README</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">27</span><span class="n">K</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">VoodooStats</span><span class="o">-</span><span class="n">ReadME</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">9</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">306</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">cfg</span><span class="o">-</span><span class="n">DefaultModeReference</span><span class="o">/</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">136</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">cfg</span><span class="o">-</span><span class="n">GfxExample</span><span class="o">/</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">8</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">272</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">cfg</span><span class="o">-</span><span class="n">maps</span><span class="o">/</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">762</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">clanarena</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="n">K</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">ctf</span><span class="o">-</span><span class="n">public</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">736</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">ctf</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">30</span><span class="n">B</span><span class="w"> </span><span class="mi">2</span><span class="w"> </span><span class="n">mar</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">description</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">738</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">ffa</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">1</span><span class="n">K</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">filters</span><span class="o">.</span><span class="n">txt</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">885</span><span class="n">B</span><span class="w"> </span><span class="mi">16</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">freezetag</span><span class="o">-</span><span class="n">vanilla</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">856</span><span class="n">B</span><span class="w"> </span><span class="mi">16</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">freezetag</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">96</span><span class="n">K</span><span class="w"> </span><span class="mi">10</span><span class="w"> </span><span class="n">nov</span><span class="w"> </span><span class="mi">15</span><span class="p">:</span><span class="mi">26</span><span class="w"> </span><span class="n">games</span><span class="o">.</span><span class="n">log</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">728</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">instagib</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">136</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">locs</span><span class="o">/</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">10</span><span class="n">K</span><span class="w"> </span><span class="mi">11</span><span class="w"> </span><span class="n">nov</span><span class="w"> </span><span class="mi">16</span><span class="p">:</span><span class="mi">09</span><span class="w"> </span><span class="n">q3config</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">r</span><span class="o">--</span><span class="n">r</span><span class="o">--</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">49</span><span class="n">B</span><span class="w"> </span><span class="mi">9</span><span class="w"> </span><span class="n">nov</span><span class="w"> </span><span class="mi">22</span><span class="p">:</span><span class="mi">01</span><span class="w"> </span><span class="n">q3history</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-------</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">167</span><span class="n">B</span><span class="w"> </span><span class="mi">11</span><span class="w"> </span><span class="n">nov</span><span class="w"> </span><span class="mi">16</span><span class="p">:</span><span class="mi">09</span><span class="w"> </span><span class="n">q3key</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">3</span><span class="n">K</span><span class="w"> </span><span class="mi">5</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2000</span><span class="w"> </span><span class="n">spectool</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">760</span><span class="n">B</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">team</span><span class="o">.</span><span class="n">cfg</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">3</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">102</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">vm</span><span class="o">/</span><span class="w"></span>
<span class="n">drwxrwxrwx</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">476</span><span class="n">B</span><span class="w"> </span><span class="mi">23</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">voodoo</span><span class="o">/</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">35</span><span class="n">M</span><span class="w"> </span><span class="mi">14</span><span class="w"> </span><span class="n">déc</span><span class="w"> </span><span class="mi">2001</span><span class="w"> </span><span class="n">zz</span><span class="o">-</span><span class="n">osp</span><span class="o">-</span><span class="n">pak0</span><span class="o">.</span><span class="n">pk3</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">8</span><span class="n">M</span><span class="w"> </span><span class="mi">31</span><span class="w"> </span><span class="n">jan</span><span class="w"> </span><span class="mi">2002</span><span class="w"> </span><span class="n">zz</span><span class="o">-</span><span class="n">osp</span><span class="o">-</span><span class="n">pak1</span><span class="o">.</span><span class="n">pk3</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">162</span><span class="n">K</span><span class="w"> </span><span class="mi">17</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">zz</span><span class="o">-</span><span class="n">osp</span><span class="o">-</span><span class="n">pak2</span><span class="o">.</span><span class="n">pk3</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">158</span><span class="n">K</span><span class="w"> </span><span class="mi">28</span><span class="w"> </span><span class="n">fév</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">zz</span><span class="o">-</span><span class="n">osp</span><span class="o">-</span><span class="n">pak3</span><span class="o">.</span><span class="n">pk3</span><span class="w"></span>
<span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="n">rw</span><span class="o">-</span><span class="w"> </span><span class="mi">1</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="n">quakeur</span><span class="w"> </span><span class="mi">239</span><span class="n">K</span><span class="w"> </span><span class="mi">4</span><span class="w"> </span><span class="n">mar</span><span class="w"> </span><span class="mi">2003</span><span class="w"> </span><span class="n">zz</span><span class="o">-</span><span class="n">osp</span><span class="o">-</span><span class="n">server3a</span><span class="o">.</span><span class="n">pk3</span><span class="w"></span>
<span class="n">quakeur</span><span class="err">@</span><span class="n">campgrounds</span><span class="p">:</span><span class="o">~/.</span><span class="n">openarena</span><span class="o">/</span><span class="n">baseoa</span><span class="w"> </span><span class="o">$</span><span class="w"></span>
</code></pre></div>
<p>On note la présence d'un fichier ffa.cfg, d'un q3config.cfg, d'un games.log et de plein d'autres fichiers très intéressants à lire si on souhaite approfondir le sujet (connaissance de l'anglais obligatoire). Le fichier "OSP Config Generator.exe" permet, sous Windows, de générer des fichiers de configuration en mode graphique. Je ne l'ai pas testé sous wine.</p>
<p>Pour plus d'informations :</p>
<p><a href="http://planetquake.gamespy.com/View.php?view=Guides.Detail&id=47&game=4">Planet Quake sur Gamespy</a></p>
<p><a href="http://faq.tuxfamily.org/Game:OpenArena/Fr">FAQ TuxFamily sur OpenArena</a></p>
<p><a href="http://openarena.wikia.com/wiki/Servers">Wiki Open Arena</a></p>
<p><a href="http://www.sp1r1t.org/networks/q3_install/q3_linux_server_howto.php">Une autre doc très bien faite</a></p>
<p>GLHF !</p>Beryl, bi-écran et Nvidia part 32007-05-30T10:18:00+02:002007-05-30T10:18:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2007-05-30:/post/2007/05/30/Beryl-bi-ecran-et-Nvidia-part-3/<p>Changement de carte graphique</p>
<p>J'ai changé de carte graphique, je suis passé d'une Geforce FX5700VE à une Geforce 6800. On pourrait penser que ça ne change rien, mais en fait j'ai eu un changement d'importance : l'écran sur le port VGA (D-SUB) n'est plus vu en CRT-0 mais en CRT-1. C'est …</p><p>Changement de carte graphique</p>
<p>J'ai changé de carte graphique, je suis passé d'une Geforce FX5700VE à une Geforce 6800. On pourrait penser que ça ne change rien, mais en fait j'ai eu un changement d'importance : l'écran sur le port VGA (D-SUB) n'est plus vu en CRT-0 mais en CRT-1. C'est gênant parce que si j'applique le fichier de conf de la partie précédente de cette série de billets, Xorg plante lamentablement en se plaignant que ma conf n'est pas applicable à mon matériel (faudra que je remette la config "cassée" pour donner le message d'erreur exact).</p>
<p>Je ne sais pas si c'est valable pour toutes les cartes depuis la série 6, mais au cas où, le mieux à faire est en général de vérifier les ports grâce à l'outil nvidia-settings. C'est grâce à ça que j'ai vu que mon moniteur cathodique était répertorié en CRT-1.</p>Beryl, bi-écran et Nvidia part 22007-05-21T23:09:00+02:002007-05-21T23:09:00+02:00Nils Ratuszniktag:blog.anotherhomepage.org,2007-05-21:/post/2007/05/21/Beryl-bi-ecran-et-Nvidia-part-2/<p>Le fichier pour Mandriva 2007 Spring</p>
<p>Dans un billet précédent j'indiquais mon fichier de configuration xorg.conf pour profiter du bi-écran, de l'accélération 3D matérielle et de Beryl avec ma carte vidéo Nvidia et Mandriva 2007. La 2007.1 Spring ayant fait quelques modifications entre autres dans les chemins des …</p><p>Le fichier pour Mandriva 2007 Spring</p>
<p>Dans un billet précédent j'indiquais mon fichier de configuration xorg.conf pour profiter du bi-écran, de l'accélération 3D matérielle et de Beryl avec ma carte vidéo Nvidia et Mandriva 2007. La 2007.1 Spring ayant fait quelques modifications entre autres dans les chemins des pilotes, le fichier n'est plus trop à jour, voici donc celui que j'ai refait pour 2007.1 Spring :</p>
<div class="highlight"><pre><span></span><code><span class="nv">Section</span> <span class="s2">"Files"</span>
<span class="nv">ModulePath</span> <span class="s2">"/usr/lib/xorg/modules/extensions/nvidia97xx"</span>
<span class="nv">ModulePath</span> <span class="s2">"/usr/lib/xorg/modules"</span>
<span class="s s-Atom">#</span> <span class="s s-Atom">font</span> <span class="s s-Atom">server</span> <span class="s s-Atom">independent</span> <span class="s s-Atom">of</span> <span class="s s-Atom">the</span> <span class="nv">X</span> <span class="s s-Atom">server</span> <span class="s s-Atom">to</span> <span class="s s-Atom">render</span> <span class="s s-Atom">fonts</span><span class="p">.</span>
<span class="nv">FontPath</span> <span class="s2">"unix/:-1"</span>
<span class="s s-Atom">#</span> <span class="s s-Atom">minimal</span> <span class="s s-Atom">fonts</span> <span class="s s-Atom">to</span> <span class="s s-Atom">allow</span> <span class="nv">X</span> <span class="s s-Atom">to</span> <span class="s s-Atom">run</span> <span class="s s-Atom">without</span> <span class="s s-Atom">xfs</span>
<span class="nv">FontPath</span> <span class="s2">"/usr/share/fonts/misc:unscaled"</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"Extensions"</span>
<span class="nv">Option</span> <span class="s2">"Composite"</span>
<span class="nv">Option</span> <span class="s2">"RENDER"</span> <span class="s2">"Enable"</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"ServerFlags"</span>
<span class="s s-Atom">#</span><span class="nv">DontZap</span> <span class="s s-Atom">#</span> <span class="s s-Atom">disable</span> <span class="o"><</span><span class="nv">Crtl</span><span class="s s-Atom">><</span><span class="nv">Alt</span><span class="s s-Atom">><</span><span class="nv">BS</span><span class="o">></span> <span class="p">(</span><span class="s s-Atom">server</span> <span class="s s-Atom">abort</span><span class="p">)</span>
<span class="nv">AllowMouseOpenFail</span> <span class="s s-Atom">#</span> <span class="s s-Atom">allows</span> <span class="s s-Atom">the</span> <span class="s s-Atom">server</span> <span class="s s-Atom">to</span> <span class="s s-Atom">start</span> <span class="s s-Atom">up</span> <span class="s s-Atom">even</span> <span class="s s-Atom">if</span> <span class="s s-Atom">the</span> <span class="s s-Atom">mouse</span> <span class="s s-Atom">does</span> <span class="o">not</span> <span class="s s-Atom">work</span>
<span class="s s-Atom">#</span><span class="nv">DontZoom</span> <span class="s s-Atom">#</span> <span class="s s-Atom">disable</span> <span class="o"><</span><span class="nv">Crtl</span><span class="s s-Atom">><</span><span class="nv">Alt</span><span class="s s-Atom">><</span><span class="nv">KP_</span><span class="s s-Atom">+>/<</span><span class="nv">KP_</span><span class="s s-Atom">-></span> <span class="p">(</span><span class="s s-Atom">resolution</span> <span class="s s-Atom">switching</span><span class="p">)</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"Module"</span>
<span class="nv">Load</span> <span class="s2">"dbe"</span> <span class="s s-Atom">#</span> <span class="nv">Double</span><span class="o">-</span><span class="nv">Buffering</span> <span class="nv">Extension</span>
<span class="nv">Load</span> <span class="s2">"v4l"</span> <span class="s s-Atom">#</span> <span class="nv">Video</span> <span class="s s-Atom">for</span> <span class="nv">Linux</span>
<span class="nv">Load</span> <span class="s2">"extmod"</span>
<span class="nv">Load</span> <span class="s2">"type1"</span>
<span class="nv">Load</span> <span class="s2">"freetype"</span>
<span class="nv">Load</span> <span class="s2">"glx"</span> <span class="s s-Atom">#</span> <span class="mi">3</span><span class="nv">D</span> <span class="s s-Atom">layer</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"InputDevice"</span>
<span class="nv">Identifier</span> <span class="s2">"Keyboard1"</span>
<span class="nv">Driver</span> <span class="s2">"kbd"</span>
<span class="nv">Option</span> <span class="s2">"XkbModel"</span> <span class="s2">"microsoftmult"</span>
<span class="nv">Option</span> <span class="s2">"XkbLayout"</span> <span class="s2">"fr"</span>
<span class="nv">Option</span> <span class="s2">"XkbOptions"</span> <span class="s2">"compose:rwin"</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"InputDevice"</span>
<span class="nv">Identifier</span> <span class="s2">"Mouse1"</span>
<span class="nv">Driver</span> <span class="s2">"mouse"</span>
<span class="nv">Option</span> <span class="s2">"Protocol"</span> <span class="s2">"ExplorerPS/2"</span>
<span class="nv">Option</span> <span class="s2">"Device"</span> <span class="s2">"/dev/mouse"</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"Monitor"</span>
<span class="nv">Identifier</span> <span class="s2">"monitor1"</span>
<span class="nv">VendorName</span> <span class="s2">"BenQ"</span>
<span class="nv">ModelName</span> <span class="s2">"BenQ FP71E"</span>
<span class="nv">HorizSync</span> <span class="mi">31</span><span class="o">-</span><span class="mf">83.0</span>
<span class="nv">VertRefresh</span> <span class="mf">56.0</span><span class="o">-</span><span class="mf">76.0</span>
<span class="s s-Atom">#</span> <span class="nv">TV</span> <span class="s s-Atom">fullscreen</span> <span class="s s-Atom">mode</span> <span class="s s-Atom">or</span> <span class="nv">DVD</span> <span class="s s-Atom">fullscreen</span> <span class="s s-Atom">output</span><span class="p">.</span>
<span class="s s-Atom">#</span> <span class="mi">768</span><span class="s s-Atom">x576</span> <span class="s s-Atom">@</span> <span class="mi">79</span> <span class="nv">Hz</span><span class="p">,</span> <span class="mi">50</span> <span class="s s-Atom">kHz</span> <span class="s s-Atom">hsync</span>
<span class="nv">ModeLine</span> <span class="s2">"768x576"</span> <span class="mf">50.00</span> <span class="mi">768</span> <span class="mi">832</span> <span class="mi">846</span> <span class="mi">1000</span> <span class="mi">576</span> <span class="mi">590</span> <span class="mi">595</span> <span class="mi">630</span>
<span class="s s-Atom">#</span> <span class="mi">768</span><span class="s s-Atom">x576</span> <span class="s s-Atom">@</span> <span class="mi">100</span> <span class="nv">Hz</span><span class="p">,</span> <span class="mf">61.6</span> <span class="s s-Atom">kHz</span> <span class="s s-Atom">hsync</span>
<span class="nv">ModeLine</span> <span class="s2">"768x576"</span> <span class="mf">63.07</span> <span class="mi">768</span> <span class="mi">800</span> <span class="mi">960</span> <span class="mi">1024</span> <span class="mi">576</span> <span class="mi">578</span> <span class="mi">590</span> <span class="mi">616</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"Device"</span>
<span class="nv">Identifier</span> <span class="s2">"device1"</span>
<span class="nv">VendorName</span> <span class="s2">"nVidia Corporation"</span>
<span class="nv">BoardName</span> <span class="s2">"NVIDIA GeForce FX - GeForce 7950"</span>
<span class="nv">Driver</span> <span class="s2">"nvidia"</span>
<span class="nv">Option</span> <span class="s2">"DPMS"</span>
<span class="nv">Option</span> <span class="s2">"AddARGBGLXVisuals"</span>
<span class="nv">Option</span> <span class="s2">"RenderAccel"</span> <span class="s2">"True"</span>
<span class="nv">Option</span> <span class="s2">"DisableGLXRootClipping"</span> <span class="s2">"true"</span>
<span class="nv">Option</span> <span class="s2">"BackStoring"</span> <span class="s2">"True"</span>
<span class="nv">Option</span> <span class="s2">"Metamodes"</span> <span class="s2">"DFP-0: 1280x1024 +0+0, CRT-0: 1280x1024 +1280+0 ; 1024x768 +0+0, 1024x768 +1024+0 ; 800x600 +0+0, 800x600 +800+0 ; 640x480 +0+0, 640x480 +640+0 ;"</span>
<span class="nv">Option</span> <span class="s2">"SecondMonitorVertRefresh"</span> <span class="s2">"50-120"</span>
<span class="nv">Option</span> <span class="s2">"ConnectedMonitor"</span> <span class="s2">"DFP-0, CRT-0"</span>
<span class="nv">Option</span> <span class="s2">"TwinViewOrientation"</span> <span class="s2">"CRT-0 RightOf DFP-0"</span>
<span class="nv">Option</span> <span class="s2">"Twinview"</span> <span class="s2">"true"</span>
<span class="nv">Option</span> <span class="s2">"SecondMonitorHorizSync"</span> <span class="s2">"30-70"</span>
<span class="nv">Option</span> <span class="s2">"IgnoreEDID"</span> <span class="s2">"0"</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"Screen"</span>
<span class="nv">Identifier</span> <span class="s2">"screen1"</span>
<span class="nv">Device</span> <span class="s2">"device1"</span>
<span class="nv">Monitor</span> <span class="s2">"monitor1"</span>
<span class="nv">DefaultColorDepth</span> <span class="mi">24</span>
<span class="nv">Subsection</span> <span class="s2">"Display"</span>
<span class="nv">Depth</span> <span class="mi">8</span>
<span class="nv">Modes</span> <span class="s2">"1280x1024"</span> <span class="s2">"1152x864"</span> <span class="s2">"1024x768"</span> <span class="s2">"832x624"</span> <span class="s2">"800x600"</span> <span class="s2">"640x480"</span> <span class="s2">"480x360"</span> <span class="s2">"320x240"</span>
<span class="nv">EndSubsection</span>
<span class="nv">Subsection</span> <span class="s2">"Display"</span>
<span class="nv">Depth</span> <span class="mi">15</span>
<span class="nv">Modes</span> <span class="s2">"1280x1024"</span> <span class="s2">"1152x864"</span> <span class="s2">"1024x768"</span> <span class="s2">"832x624"</span> <span class="s2">"800x600"</span> <span class="s2">"640x480"</span> <span class="s2">"480x360"</span> <span class="s2">"320x240"</span>
<span class="nv">EndSubsection</span>
<span class="nv">Subsection</span> <span class="s2">"Display"</span>
<span class="nv">Depth</span> <span class="mi">16</span>
<span class="nv">Modes</span> <span class="s2">"1280x1024"</span> <span class="s2">"1152x864"</span> <span class="s2">"1024x768"</span> <span class="s2">"832x624"</span> <span class="s2">"800x600"</span> <span class="s2">"640x480"</span> <span class="s2">"480x360"</span> <span class="s2">"320x240"</span>
<span class="nv">EndSubsection</span>
<span class="nv">Subsection</span> <span class="s2">"Display"</span>
<span class="nv">Depth</span> <span class="mi">24</span>
<span class="s s-Atom">#</span><span class="nv">Modes</span> <span class="s2">"1280x1024"</span> <span class="s2">"1152x864"</span> <span class="s2">"1024x768"</span> <span class="s2">"832x624"</span> <span class="s2">"800x600"</span> <span class="s2">"640x480"</span> <span class="s2">"480x360"</span> <span class="s2">"320x240"</span>
<span class="nv">Virtual</span> <span class="mi">2560</span> <span class="mi">1024</span>
<span class="nv">EndSubsection</span>
<span class="nv">EndSection</span>
<span class="nv">Section</span> <span class="s2">"ServerLayout"</span>
<span class="nv">Identifier</span> <span class="s2">"layout1"</span>
<span class="nv">InputDevice</span> <span class="s2">"Keyboard1"</span> <span class="s2">"CoreKeyboard"</span>
<span class="nv">InputDevice</span> <span class="s2">"Mouse1"</span> <span class="s2">"CorePointer"</span>
<span class="nv">Screen</span> <span class="s2">"screen1"</span>
<span class="nv">EndSection</span>
</code></pre></div>
<p>Comme je suis une grosse feignasse, je n'ai pas remis les commentaires. Allez voir dans le billet précédent :)</p>Mandriva Linux 2006 Free dans les bacs !2005-11-14T15:52:00+01:002005-11-14T15:52:00+01:00Nils Ratuszniktag:blog.anotherhomepage.org,2005-11-14:/post/2005/11/14/3-mandriva-linux-2006-free-dans-les-bacs/<p>Ou plutôt sur les bons miroirs FTPOn a failli attendre ! Un mois après <a href="http://frontal2.mandriva.com/fr/company/press/pr/mandriva_releases_2006_convergence_products_extends_innovation">la version Club</a>, Mandriva Linux 2006 Free débarque sur les serveurs FTP publics, prête à être téléchargée. Les plus impatients auront déjà profité de la net-install, grâce à une petite image ISO de 12Mo qui permet de …</p><p>Ou plutôt sur les bons miroirs FTPOn a failli attendre ! Un mois après <a href="http://frontal2.mandriva.com/fr/company/press/pr/mandriva_releases_2006_convergence_products_extends_innovation">la version Club</a>, Mandriva Linux 2006 Free débarque sur les serveurs FTP publics, prête à être téléchargée. Les plus impatients auront déjà profité de la net-install, grâce à une petite image ISO de 12Mo qui permet de télécharger les paquets RPM. Ouioui, braves gens, c'est que les RPMs sont déjà dispo depuis un mois ! </p>
<p>Cette version, contrairement au PowerPacks, est entièrement redistribuable, vous pouvez en faire cadeau à qui vous voulez, c'est gratuit et c'est libre ! Je tiens à préciser que si vous trouvez les PowerPacks sans être membre du club, vous êtes dans l'illégalité, du fait des applications commerciales incluses, et dont la redisitribution n'est pas libre. </p>
<p>Enfin bref, téléchargez, installez, et pensez à mettre à jour (ouioui, des updates sont déjà disponibles), quelques mirroirs : </p>
<ul>
<li><a href="ftp://ftp.free.fr/mirrors/ftp.mandriva.com/MandrivaLinux/official/iso/2006.0">mirroir Free.fr (Paris)</a> </li>
<li><a href="ftp://linux.ups-tlse.fr/Mandrakelinux/official/iso/2006.0">mirroir FTP Toulousain</a> </li>
<li><a href="ftp://ftp.ciril.fr/pub/linux/mandrakelinu...cial/iso/2006.0">mirroir Ciril (Nancy)</a> </li>
</ul>
<p>L'info sur quelques sites : </p>
<p><a href="http://www.pcinpact.com/actu/news/Mandriva_2006_disponible_gratuitement_en_ISO_CD_et.htm">PCINpact</a><br>
<a href="http://mandinux.free.fr/forums/index.php?showtopic=761">Mandinux</a></p>