ldap for linux user and samba user integration - zbunix/building GitHub Wiki

安装mysql

$sudo apt-get install mysql-server

数据库基本操作

一、账户权限操作

二、数据库操作 1、、创建数据库

命令:create database <数据库名>
例如:建立一个名为test的数据库
    mysql> create database test;

2、显示所有的数据库

命令:show databases
mysql> show databases;

3、删除数据库

命令:drop database <数据库名>
例如:删除名为 test的数据库
mysql> drop database test;

4、连接数据库

命令: use <数据库名>
例如:如果test数据库存在,尝试存取它:
mysql> use test;
屏幕提示:Database changed

5、查看当前使用的数据库

mysql> select database();

6、当前数据库包含的表信息:

mysql> show tables;

三、数据表操作

四、数据库备份及恢复

redmine2.3.1 (2013-05-01)的安装及配置

  参考rvm官网                 https://rvm.io/rvm/install/ 
  参考Rubygems 镜像 - 淘宝网  http://ruby.taobao.org/

安装RVM(Ruby版本管理器) 包括Ruby的版本管理和Gem库管理(gemset) $ curl -L get.rvm.io | bash -s stable

改用淘宝网Rubygems镜像站点,提高安装速度 $ sed -i 's!ftp.ruby-lang.org/pub/ruby!ruby.taobao.org/mirrors/ruby!' $rvm_path/config/db

查看RVM的版本 $ rvm -v rvm 1.19.6 (stable) by Wayne E. Seguin [email protected], Michal Papis [email protected] [https://rvm.io/]

查看当前RVM中已经安装的ruby版本 $ rvm list

查看RVM可供安装的ruby版本 $ rvm list known

MRI Rubies

[ruby-]1.8.6[-p420] [ruby-]1.8.7[-p371] [ruby-]1.9.1[-p431] [ruby-]1.9.2[-p320] [ruby-]1.9.3-p125 [ruby-]1.9.3-p194 [ruby-]1.9.3-p286 [ruby-]1.9.3-p327 [ruby-]1.9.3-p362 [ruby-]1.9.3-p374 [ruby-]1.9.3-p385 [ruby-]1.9.3-[p392] [ruby-]1.9.3-head [ruby-]2.0.0-rc1 [ruby-]2.0.0-rc2 [ruby-]2.0.0[-p0] ruby-head

安装ruby $ rvm install ruby-2.0.0-p0

选择ruby-2.0.0-p0作为当前的使用版本,并且设置为缺省 $ rvm use ruby-2.0.0-p0 --default
Using /home/os-weizb/.rvm/gems/ruby-2.0.0-p0

查看ruby安装路径 $ which ruby /home/os-weizb/.rvm/rubies/ruby-2.0.0-p0/bin/ruby

使用apt-get安装ruby,关掉rvm方式安装 $ rvm use system

卸载RVM 移除$HOME/.rvm目录下面的所有东西,也删除$HOME/.bash_profile中增加的相关内容 $ rvm implode

改用淘宝网Rubygems镜像站点,提高安装速度 $ gem sources --remove http://rubygems.org/ $ gem sources -a http://ruby.taobao.org/ $ gem sources -l *** CURRENT SOURCES ***

http://ruby.taobao.org/

 参考redmine官网 http://www.redmine.org/projects/redmine/wiki/RedmineInstall

在中文环境下redmine的一些字体非常小,看不清楚,这是一个国外软件经常会出现的一个bug, 这是因为中文字体在1em以下看不清楚,我们只要修改相应的css文件即可。 打开/var/www/redmine/stylesheets/application.css, 找到font-size: 0.9em和font-size: 0.8em,全部替换为font-size: 1em,就可以达到完美的效果了。

  • 安装bundler
$ gem install bundler

下载redmine

$ git://github.com/redmine/redmine.git
$ cd redmine
$ git tag
2.2.2
2.2.3
2.2.4
2.3.0
2.3.1
$ git checkout 2.3.1 -- .
  • 下载安装redmine依赖包
$ bundle install --without development test
  • 创建redmine使用数据库 redmine和账户redmine
CREATE DATABASE redmine CHARACTER SET utf8;
CREATE USER 'redmine'@'localhost' IDENTIFIED BY 'redmine';
GRANT ALL PRIVILEGES ON redmine.* TO 'redmine'@'localhost';
  • 配置redmine
os-weizb@ubuntu:~/android/env/redmine/config$cp configuration.yml.example configuration.yml
os-weizb@ubuntu:~/android/env/redmine/config$cp database.yml.example database.yml
os-weizb@ubuntu:~/android/env/redmine/config$ cat database.yml
production:
  adapter: mysql2
  database: redmine
  host: localhost
  username: root
  password: "oswzb"
  encoding: utf8
  • 安装markdown wiki插件
redmine_redcarpet_formatter: 兼容GitHub's markdown wiki 
$ gem install --version 2.0.0b5 redcarpet
$ cd redmine/plugin
os-weizb@ubuntu:~/android/env/redmine/plugins$ git clone git://github.com/zbunix/redmine_redcarpet_formatter.git
os-weizb@ubuntu:~/android/env/redmine/plugins/redmine_redcarpet_formatter$ git checkout 2.0.1 -- .


Session store secret generation
os-weizb@ubuntu:~/android/env/redmine$ rake generate_secret_token
  • 创建数据库结构表
os-weizb@ubuntu:~/android/env/redmine$ RAILS_ENV=production rake db:migrate


Database default data set
os-weizb@ubuntu:~/android/env/redmine$ RAILS_ENV=production rake redmine:load_default_data
  • 修改相关文件权限
The user account running the application must have write permission on the following subdirectories:
files (storage of attachments)
log (application log file production.log)
tmp and tmp/pdf (create these ones if not present, used to generate PDF documents among other things)
os-weizb@ubuntu:~/android/env/redmine$ mkdir tmp tmp/pdf public/plugin_assets
os-weizb@ubuntu:~/android/env/redmine$ sudo chown -R redmine:redmine files log tmp public/plugin_assets
os-weizb@ubuntu:~/android/env/redmine$ sudo chmod -R 755 files log tmp public/plugin_assets
  • 通过web服务器(WEBrick)运行redmine
os-weizb@ubuntu:~/android/env/redmine$ ruby script/server webrick -e production
(http://192.168.1.99:3000)
  • 登陆进入测试
Use default administrator account to log in:
login: admin
password: admin


参考redmine官网 http://www.redmine.org/projects/redmine/wiki/HowTo_Install_Redmine_on_subdirectory_(sub-URI)_on_Apache

参考Ruby web server之thin官网 http://code.macournoyer.com/thin/
  • 集成到apache2
gem install thin


[gerrit]
        basePath = git
        canonicalWebUrl = *
[database]
        type = h2
        database = db/ReviewDB
[auth]
        type = LDAP
[sendemail]
        smtpServer = localhost
[container]
        user = gerrit
        javaHome = /opt/jdk1.6.0_25/jre
[sshd]
        listenAddress = *:29418

[ldap]
    server = ldap://192.168.1.97
    username = cn=admin,dc=example,dc=com
    accountBase = ou=people,dc=example,dc=com
    accountPattern = (&(objectClass=person)(cn=${username}))
    sslVerify = false

[cache]
        directory = cache

 ubuntu官网之OpenLDAP Server: https://help.ubuntu.com/10.04/serverguide/openldap-server.html
 ubuntu官网之FAQ            : http://ubuntuforums.org/showthread.php?t=1488232

openldap安装

openldap增删改查

  • 查dc=example,dc=com条目下全部子条目
$ ldapsearch -xLLL -b "dc=example,dc=com"
  • 删条目uid=foo,ou=people,dc=example,dc=com
$ ldapdelete -x -w oswzb -D "cn=admin,dc=example,dc=com"  "uid=foo,ou=people,dc=example,dc=com"
  • 增加组条目cn=example,ou=groups,dc=example,dc=com
$ cat group-example.ldif 
dn: cn=example,ou=groups,dc=example,dc=com
objectClass: posixGroup
cn: example
gidNumber: 8000
$ ldapadd -x -w oswzb -D "cn=admin,dc=example,dc=com"  -f group-example.ldif 
adding new entry "cn=example,ou=groups,dc=example,dc=com"
  • 增加条目uid=foo,ou=people,dc=example,dc=com
$ cat foo.ldif 
dn: uid=foo,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: foo
sn: li
givenName: foo
cn: li foo
displayName: li foo
uidNumber: 8001
gidNumber: 8000
userPassword: oswzb
gecos: li foo
loginShell: /bin/bash
homeDirectory: /home/foo
shadowExpire: -1
shadowFlag: 0
shadowWarning: 7
shadowMin: 8
shadowMax: 999999
shadowLastChange: 10877
mail: [email protected]
postalCode: 31000
l: Toulouse
o: Example
mobile: +33 (0)6 xx xx xx xx
homePhone: +33 (0)5 xx xx xx xx
title: System Administrator
postalAddress:
initials: JD
$ ldapadd -x -w oswzb -D "cn=admin,dc=example,dc=com"  -f foo.ldif
adding new entry "uid=foo,ou=people,dc=example,dc=com"

============================================================================ 参考ubuntu官网 https://help.ubuntu.com/10.04/serverguide/samba-ldap.html

安装samba和smbldap组件包

$ sudo apt-get install samba samba-doc smbldap-tools
  • 拷贝解压samba.schema
$ sudo cp /usr/share/doc/samba-doc/examples/LDAP/samba.schema.gz /etc/ldap/schema/
$ sudo gzip -d /etc/ldap/schema/samba.schema.gz


$ vi schema_convert.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/collective.schema
include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/duaconf.schema
include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/java.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/ppolicy.schema
include /etc/ldap/schema/samba.schema


$ mkdir /tmp/ldif_output
$ slapcat -f schema_convert.conf -F /tmp/ldif_output -n0 -s "cn={12}samba,cn=schema,cn=config" > /tmp/cn=samba.ldif
  • 修改/tmp/cn=samba.ldif里内容如下
$ vi /tmp/cn\=samba.ldif
dn: cn=samba,cn=schema,cn=config
...
cn: samba

删掉/tmp/cn\=samba.ldif里以下内容
structuralObjectClass: olcSchemaConfig
entryUUID: b53b75ca-083f-102d-9fff-2f64fd123c95
creatorsName: cn=config
createTimestamp: 20080827045234Z
entryCSN: 20080827045234.341425Z#000000#000#000000
modifiersName: cn=config
modifyTimestamp: 20080827045234Z
  • 增加samba组件到目录里生效
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f  /tmp/cn\=samba.ldif
  • 查询增加samba组件到目录里内容
$ sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config dn
  • 增加samba组件额外属性
vi  samba_indexes.ldif
dn: olcDatabase={1}hdb,cn=config
changetype: modify
add: olcDbIndex
olcDbIndex: uidNumber eq
olcDbIndex: gidNumber eq
olcDbIndex: loginShell eq
olcDbIndex: uid eq,pres,sub
olcDbIndex: memberUid eq,pres,sub
olcDbIndex: uniqueMember eq,pres
olcDbIndex: sambaSID eq
olcDbIndex: sambaPrimaryGroupSID eq
olcDbIndex: sambaGroupType eq
olcDbIndex: sambaSIDList eq
olcDbIndex: sambaDomainName eq
olcDbIndex: default sub
  • 增加samba组件额外属性到目录里生效
$ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f samba_indexes.ldif 
[sudo] password for os-weizb: 
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
modifying entry "olcDatabase={1}hdb,cn=config"
  • 查询确认增加samba组件额外属性是否在目录里
$ sudo ldapsearch -LLL -Y EXTERNAL -H ldapi:/// -b cn=config olcDatabase={1}hdb


$ sudo /etc/init.d/slapd restart


/etc/smbldap-tools/smbldap.conf
/etc/smbldap-tools/smbldap_bind.conf
  • 查询用户(uid=john)信息
$ ldapsearch -xLLL -b "dc=example,dc=com" uid=john
  • 查询所有用户信息
$ ldapsearch -xLLL -b "dc=example,dc=com"


$ sudo smbldap-groupadd -a -g 5000 os-group
$ sudo smbldap-useradd -a -P -d /home/os-test -u 5000 -G os-group os-test
Add a custom footer
⚠️ **GitHub.com Fallback** ⚠️