Your SlideShare is downloading. ×

Apache Web Server

469
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
469
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. MySQL, phpMyAdmin สำนักงำนบริกำรลูกค้ำ กสท เขตใต้ บจม. กสท โทรคมนำคม
  • 2. MySQL 1/7 • Installaion – To install MySQL, run the following command from a terminal prompt: sudo apt-get install mysql-server – During the installation process you will be prompted to enter a password for the MySQL root user. – Once the installation is complete, the MySQL server should be started automatically. You can run the following command from a terminal prompt to check whether the MySQL server is running: sudo netstat -tap | grep mysql 2
  • 3. MySQL 2/7 • Installaion (Cont.) – When you run this command, you should see the following line or something similar: tcp 0 0 localhost:mysql *:* LISTEN 2556/mysqld – If the server is not running correctly, you can type the following command to start it: sudo /etc/init.d/mysql restart 3
  • 4. MySQL 3/7 • Configuration – You can edit the /etc/mysql/my.cnf file to configure the basic settings -- log file, port number, etc. For example, to configure MySQL to listen for connections from network hosts, change the bind_address directive to the server's IP address: bind-address = 192.168.0.5 Note : Replace 192.168.0.5 with the appropriate address. – After making a change to /etc/mysql/my.cnf the mysql daemon will need to be restarted: sudo /etc/init.d/mysql restart 4
  • 5. MySQL 4/7 • Configuration (Cont.) – If you would like to change the MySQL root password, in a terminal enter: sudo dpkg-reconfigure mysql-server-5.0 The mysql daemon will be stopped, and you will be prompted to enter a new password. • Resources – See the MySQL Home Page for more information. – The MySQL Handbook is also available in the mysql-doc-5.0 package. To install the package enter the following in a terminal: sudo apt-get install mysql-doc-5.0 The documentationis in HTML format, to view them enter file:///usr/share/doc/mysql-doc- 5.0/refman-5.0-en.html-chapter/index.html in your browser's address bar. 5
  • 6. MySQL 5/7 • เปลี่ยน Password ของ Root ด้วยคำสั่ง mysqladmin -u root password newpassword • หรือเปลี่ยน Password ใน mysql prompt ด้วยคำสั่งดังนี้ update mysql.user set password=password(‘newpassword’) where user=‘root’; 6
  • 7. MySQL 6/7 • กำรเพิ่ม user ผ่ำน mysql prompt เช่น grant all on *.* to mysqladmin@”%” identified by 'mysqladmin'; • โดยเครื่องหมำย % เป็น wildcards ที่หมำยถึงสำมำรถใช้งำนจำกชื่อโฮสต์ หรือ IP ไหนก็ได้ หรืออำจจะกำหนดเป็นช่วงของ IP โดยใช้รูปแบบ ดังต่อไปนี้ เช่น user@"172.24.51.%" หรือ user@"%.mysite.com“ • และในกรณีที่ต้องกำรยูสเซอร์ดังกล่ำวมีสิทธิ์ที่จะสำมำรถมอบสิทธิ์เท่ำที่ตน มีให้แก่ผู้อื่นได้ก็ให้เพิ่มคำว่ำ with grant option ต่อท้ำยคำสั่งข้ำงบน 7
  • 8. MySQL 7/7 • ตัวอย่ำงกำรเพิ่ม mysql user ดังรูป 8
  • 9. PhpMyAdmin (1/4) • phpMyAdmin is a LAMP application specifically written for administering MySQL servers. Written in PHP, and accessed through a web browser, phpMyAdmin provides a graphical interface for database administration tasks. • Installation – Before installing phpMyAdmin you will need access to a MySQL database either on the same host as that phpMyAdmin is installed on, or on a host accessible over the network. For more information see the section called “MySQL”. From a terminal prompt enter: sudo apt-get install phpmyadmin 9
  • 10. PhpMyAdmin (2/4) • Installation (cont.) – At the prompt choose which web server to be configured for phpMyAdmin. The rest of this section will use Apache2 for the web server. – In a browser go to http://servername/phpmyadmin, replacing serveranme with the server's actual hostname. At the login, page enter root for the username, or another MySQL user if you any setup, and enter the MySQL user's password. – Once logged in you can reset the root password if needed, create users, create/destroy databases and tables, etc. 10
  • 11. PhpMyAdmin (3/5) • Configuration – The configuration files for phpMyAdmin are located in /etc/phpmyadmin. The main configuration file is /etc/phpmyadmin/config.inc.php. This file contains configuration options that apply globally to phpMyAdmin. – To use phpMyAdmin to administer a MySQL database hosted on another server, adjust the following in /etc/phpmyadmin/config.inc.php: $cfg['Servers'][$i]['host'] = 'db_server'; • Replace db_server with the actual remote databaseserver name or IP address. Also, be sure that the phpMyAdmin host has permissions to access the remote database. 11
  • 12. PhpMyAdmin (4/5) • Configuration (cont.) – Once configured, log out of phpMyAdmin and back in, and you should be accessing the new server. – The config.header.inc.php and config.footer.inc.php files are used to add a HTML header and footer to phpMyAdmin. – Another important configuration file is /etc/phpmyadmin/apache.conf, this file is symlinked to /etc/apache2/conf.d/phpmyadmin.conf, and is used to configure Apache2 to serve the phpMyAdmin site. The file contains directives for loading PHP, directory permissions, etc. For more information on configuring Apache2 see the section called “HTTPD - Apache2 Web Server”. 12
  • 13. PhpMyAdmin (5/5) • สรุปขั้นตอนกำรติดตั้ง – ติดตั้งด้วยคำสั่ง : apt-get intall phpmyadmin – เลือก Web server to reconfigure automatically เป็น apache2 – ป้อน Password of your database's administrative user – ป้อน MySQL application password for phpmyadmin – คุณสมบัติของเวอร์ชัน phpMyAdmin - 2.10.3deb1 เป็นดังนี้ : • จะติดตั้ง Config File ไว้ที่ไดเร็กทอรี่ /etc/phpmyadminโดยมีไฟล์ที่ใช้สร้ำง Alias ชื่อ ว่ำ apache.conf ที่สำมำรถนำไปใช้งำนกับ Apache ได้ • และติดตั้ง Web file ไว้ที่ /usr/share/phpmyadmin • มีกำรสร้ำง Alias ด้วยไฟล์ /etc/apache2/conf.d/phpmyadmin.confทำให้สำมำรถ เรียกใช้งำนได้เป็น http://hostname/phpmyadmin 13
  • 14. • Squid is a full-featured web proxy cache server application which provides proxy and cache services for Hyper Text Transport Protocol (HTTP), File Transfer Protocol (FTP), and other popular network protocols. Squid can implement caching and proxying of Secure Sockets Layer (SSL) requests and caching of Domain Name Server (DNS) lookups, and perform transparent caching. Squid also supports a wide variety of caching protocols, such as Internet Cache Protocol, (ICP) the Hyper Text Caching Protocol, (HTCP) the Cache Array Routing Protocol (CARP), and the Web Cache Coordination Protocol. (WCCP) 14 Squid - Proxy Server (1/12)
  • 15. • The Squid proxy cache server is an excellent solution to a variety of proxy and caching server needs, and scales from the branch office to enterprise level networks while providing extensive, granular access control mechanisms and monitoring of critical parameters via the Simple Network Management Protocol (SNMP). When selecting a computer system for use as a dedicated Squid proxy, or caching servers, ensure your system is configured with a large amount of physical memory, as Squid maintains an in-memory cache for increased performance. 15 Squid - Proxy Server (2/12)
  • 16. Squid - Proxy Server (3/12) • Installation – At a terminal prompt, enter the following command to install the Squid server: sudo apt-get install squid squid-common • Configuration – Squid is configured by editing the directives contained within the /etc/squid/squid.conf configuration file. The following examples illustrate some of the directives which may be modified to affect the behavior of the Squid server. For more in-depth configuration of Squid, see the References section. 16
  • 17. Squid - Proxy Server (4/12) • Configuration (Cont.) • Prior to editing the configuration file, you should make a copy of the original file and protect it from writing so you will have the original settings as a reference, and to re-use as necessary. • Copy the /etc/squid/squid.conf file and protect it from writing with the following commands entered at a terminal prompt: – sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original sudo chmod a-w /etc/squid/squid.conf.original 17
  • 18. Squid - Proxy Server (5/12) • Configuration (Cont.) – To set your Squid server to listen on TCP port 8888 instead of the default TCP port 3128, change the http_port directive as such: http_port 8888 – Change the visible_hostname directive in order to give the Squid server a specific hostname. This hostname does not necessarily need to be the computer's hostname. In this example it is set to weezie visible_hostname weezie 18
  • 19. Squid - Proxy Server (6/12) • Configuration (Cont.) – Again, Using Squid's access control, you may configure use of Internet services proxied by Squid to be available only users with certain Internet Protocol (IP) addresses. For example, we will illustrate access by users of the 192.168.42.0/24 subnetwork only: • Add the following to the bottom of the ACL section of your /etc/squid/squid.conf file: acl fortytwo_network src 192.168.42.0/24 • Then, add the following to the top of the http_access section of your /etc/squid/squid.conf file: http_access allow fortytwo_network 19
  • 20. Squid - Proxy Server (7/12) • Configuration (Cont.) – Using the excellent access control features of Squid, you may configure use of Internet services proxied by Squid to be available only during normal business hours. For example, we'll illustrate access by employees of a business which is operating between 9:00AM and 5:00PM, Monday through Friday, and which uses the 10.1.42.0/42 subnetwork: • Add the following to the bottom of the ACL section of your /etc/squid/squid.conf file: acl biz_network src 10.1.42.0/24 acl biz_hours time M T W T F 9:00-17:00 20
  • 21. Squid - Proxy Server (8/12) • Configuration (Cont.) • Then, add the following to the top of the http_access section of your /etc/squid/squid.conf file: http_access allow biz_network biz_hours – After making changes to the /etc/squid/squid.conf file, save the file and restart the squid server application to effect the changes using the following command entered at a terminal prompt: sudo /etc/init.d/squid restart 21
  • 22. Squid - Proxy Server (9/12) • Transparent Proxy – สร้ำง Firewall File ด้วยคำสั่ง vim /etc/init.d/firewall.iptables – ทำ NAT (Masquerade) ด้วยกำรป้อนข้อมูลต่อไปนี้เข้ำไปในไฟล์ /etc/init.d/firewall.iptables echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -F iptables -t nat -A POSTROUTING -s 192.168.56.0/24 -o eth0 -j MASQUERADE – กำหนดให้ไฟล์/etc/init.d/firewall.iptables สำมำรถ Execute ได้ด้วย คำสั่งต่อไปนี้ chmod a+x /etc/init.d/firewall.iptables 22
  • 23. Squid - Proxy Server (10/12) • Transparent Proxy – ทำกำรคอมเม้นต์ข้อควำม #http_port 3128 ในไฟล์ /etc/squid/squid.conf และเพิ่ม ค่ำเข้ำไป 3 บรรทัด โดยต้องคำนึงถึงตำแหน่งของข้อควำมด้วย ดังต่อไปนี้ # Squid normally listens to port 3128 # http_port 3128 # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS acl mynet src 192.168.1.0/24 http_port 192.168.1.1:3128 transparent http_access allow mynet 23
  • 24. Squid - Proxy Server (11/12) • Transparent Proxy – คำอธิบำย • #http_port 3128 เป็นกำรยกเลิกกำรทำงำนของโปรแกรมแบบไม่ทำ Transparent • acl mynet src เป็นกำรกำหนดค่ำ Network ของเครือข่ำยคอมพิวเตอร์ ที่จะอนุญำตให้ใช้งำนผ่ำนโปรแกรม Squid • http_port 192.168.1.1:3128 transparent เป็นกำรกำหนดให้พอร์ต 3128 เป็น Transparenet Proxy • http_access allow mynet กำหนดค่ำ Access Control ให้เน็ตเวิร์ควง mynet สำมำรถใช้งำนผ่ำน transparent proxy squid ได้ 24
  • 25. Squid - Proxy Server (12/12) • Transparent Proxy – ทำกำรส่งต่อแพ็กเกตที่เข้ำมำทำงพอร์ต 80 ไปยัง Squid พอร์ต 3128 ด้วยกำรเพิ่ม Firewall rule ต่อไปนี้เข้ำไปในไฟล์ของ Firewall (/etc/init.d/firewall.iptables) iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp –dport 80 -j REDIRECT –to- ports 3128 – ในกรณีที่ป้องกันกำรเข้ำใช้งำน Proxy ด้วยกำรตั้งค่ำ Proxy เองทำได้ด้วยกำรเพิ่ม Script ต่อไปนี้เข้ำไปใน Firewall Script iptables -t nat -I PREROUTING -p tcp -m tcp –dport 3128 -j DROP – ทำกำร Execute ไฟล์ที่เป็น Firewall ด้วยกำรเรียกดังนี้ /etc/init.d/firewall.iptables 25
  • 26. FTP Server • File Transfer Protocol (FTP) is a TCP protocol for uploading and downloading files between computers. FTP works on a client/server model. The server component is called an FTP daemon. It continuously listens for FTP requests from remote clients. When a request is received, it manages the login and sets up the connection. For the duration of the session it executes any of commands sent by the FTP client. • Access to an FTP server can be managed in two ways: – Anonymous – Authenticated 26
  • 27. FTP Server • In the Anonymous mode, remote clients can access the FTP server by using the default user account called "anonymous" or "ftp" and sending an email address as the password. In the Authenticated mode a user must have an account and a password. User access to the FTP server directories and files is dependent on the permissions defined for the account used at login. As a general rule, the FTP daemon will hide the root directory of the FTP server and change it to the FTP Home directory. This hides the rest of the file system from remote sessions. 27
  • 28. vsftpd - FTP Server (1/13) • vsftpd - FTP Server Installation vsftpd is an FTP daemon available in Ubuntu. It is easy to install, set up, and maintain. To install vsftpd you can run the following command: sudo apt-get install vsftpd • Anonymous FTP Configuration – By default vsftpd is configured to only allow anonymous download. During installation a ftp user is created with a home directory of /home/ftp. This is the default FTP directory. 28
  • 29. vsftpd - FTP Server (2/13) • Anonymous FTP Configuration (Cont.) – If you wish to change this location, to /srv/ftp for example, simply create a directory in another location and change the ftp user's home directory: sudo mkdir /srv/ftp sudo usermod -d /srv/ftp ftp – After making the change restart vsftpd: sudo /etc/init.d/vsftpd restart – Finally, copy any files and directories you would like to make available through anonymous FTP to /srv/ftp. – ถ้ำมีปัญหำเป็น “500 OOPS: vsftpd: refusing to run with writable anonymous root” สำมำรถแก้ได้ด้วยคำสั่ง chown root:root /home/ftp 29
  • 30. vsftpd - FTP Server (3/13) • User Authenticated FTP Configuration – To configure vsftpd to authenticate system users and allow them to upload files edit /etc/vsftpd.conf: local_enable=YES write_enable=YES – Now restart vsftpd: sudo /etc/init.d/vsftpd restart – Now when system users login to FTP they will start in their home directories where they can download, upload, create directories, etc. 30
  • 31. vsftpd - FTP Server (4/13) • User Authenticated FTP Configuration (Cont.) – Similarly, by default, the anonymous users are not allowed to upload files to FTP server. To change this setting, you should uncomment the following line, and restart vsftpd: anon_upload_enable=YES • Enabling anonymous FTP upload can be an extreme security risk. It is best to not enable anonymous upload on servers accessed directly from the Internet. 31
  • 32. vsftpd - FTP Server (5/13) • User Authenticated FTP Configuration (Cont.) – By default, umask for local users is 077. You may wish to change this to 022,# if your users expect that (022 is used by most other ftpd's) #local_umask=022 ถ้ำ umask=077 จะมีปัญหำเรื่อง permission ที่ user ไม่สำมำรถ write ข้อมูลลง home directory ของตัวเองได้ – The configuration file consists of many configuration parameters. The information about each parameter is available in the configuration file. Alternatively, you can refer to the man page, man 5 vsftpd.conf for details of each parameter. 32
  • 33. vsftpd - FTP Server (6/13) - Eng • Securing FTP – There are options in /etc/vsftpd.conf to help make vsftpd more secure. For example users can be limited to their home directories by uncommenting: chroot_local_user=YES – You can also limit a specific list of users to just their home directories: chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list – After uncommenting the above options, create a /etc/vsftpd.chroot_list containing a list of users one per line. Then restart vsftpd: sudo /etc/init.d/vsftpd restart 33
  • 34. vsftpd - FTP Server (6/13) – (Thai)  กำรกำหนดไม่ให้ user สำมำรถเปลี่ยนไดเร็คทอรี่ไปที่อื่นได้ให้กำหนด: – chroot_local_user=YES  ถ้ำต้องกำรให้ user บำงคนเท่ำนั้นสำมำรถ change directory จำก home directory ของตัวเองไปที่อื่นได้ก็ให้ทำเพิ่มเติมจำกข้ำงบนดังนี้ : – chroot_list_enable=YES – ป้อนชื่อ user ที่จะอนุญำตให้ chang directory ได้ไว้ที่ไฟล์ /etc/vsftpd.chroot_list (ต้องสร้ำงไฟล์ขึ้นมำใหม่ โดยตำแหน่งและชื่อไฟล์นี้เป็น Default)  ถ้ำเรำไม่ต้องกำรเก็บชื่อ user ที่อนุญำตให้ change directory ได้ไว้ในไฟล์ที่ เป็น Default คือ /etc/vsftpd.chroot_list ก็สำมำรถทำได้คือ – กำหนดค่ำ chroot_list_file=ชื่อไฟล์ เช่น chroot_list_file=/root/admin_ftp_user – สร้ำงไฟล์ดังกล่ำวขึ้นมำ 34
  • 35. vsftpd - FTP Server (7/13) • If you want, you can arrange for uploaded anonymous files to be owned by a different user. Note! Using "root" for uploaded files is not recommended! chown_uploads=YES chown_username=whoever 35
  • 36. vsftpd - FTP Server (8/13) • ในกรณีที่ต้องกำรให้ user บำงคนสำมำรถ change directoryได้และต้องกำร ให้ user ดังกล่ำวซึ่งอำจจะเป็น admin สำมำรถ upload ไฟล์ไปไว้ที่ตำแหน่ง ของ anonymous ftp ได้ก็ให้คอนฟิกดังนี้  ให้เปิดบริกำร anonymous ftp โดยให้คอนฟิก anonymous ftp เป็นแบบ default  เพิ่ม user ที่เป็น admim ขึ้นมำ และให้เพิ่ม group ใหม่ขึ้นมำ โดยให้ user ที่เป็น admim ให้สังกัดอยู่ใน group ดังกล่ำว เช่นอำจจะตั้งชื่อ group ใหม่ว่ำ netadmin (เป็นต้น)  กำหนดสิทธิ์ไดเร็คทอรี่ /home/ftp ให้สังกัดกลุ่มของ admin และกำหนด permission ในตำแหน่งดังกล่ำวให้ group สำมำรถ write ได้ แต่ other ไม่สำมำรถ write ได้ 36
  • 37. vsftpd - FTP Server (9/13) • Securing FTP (Cont.) – Also, the /etc/ftpusers file is a list of users that are disallowed FTP access. The default list includes root, daemon, nobody, etc. To disable FTP access for additional users simply add them to the list. – FTP can also be encrypted using FTPS. Different from SFTP, FTPS is FTP over Secure Socket Layer (SSL). SFTP is a FTP like session over an encrypted SSH connection. A major difference is that users of SFTP need to have a shell account on the system, instead of a nologin shell. Providing all users with a shell may not be ideal for some environments, such as a shared web host. 37
  • 38. vsftpd - FTP Server (10/13) • Securing FTP (Cont.) – To configure FTPS, edit /etc/vsftpd.conf and at the bottom add: ssl_enable=Yes – Also, notice the certificate and key related options: rsa_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem rsa_private_key_file=/etc/ssl/private/ssl-cert-snakeoil.key – By default these options are set in the certificate and key provided by the ssl-cert package. In a production environment these should be replaced with a certificate and key generated for the specific host. For more information on certificates see the section called “Certificates”. 38
  • 39. vsftpd - FTP Server (11/13) • Securing FTP (Cont.) – Now restart vsftpd, and non-anonymous users will be forced to use FTPS: sudo /etc/init.d/vsftpd restart – To allow users with a shell of /usr/sbin/nologin access to FTP, but have no shell access, edit /etc/shells adding the nologin shell: 39
  • 40. vsftpd - FTP Server (12/13) • Securing FTP (Cont.) – To allow users with a shell of /usr/sbin/nologin access to FTP, but have no shell access, edit /etc/shells adding the nologin shell: # /etc/shells: valid login shells /bin/csh /bin/sh /usr/bin/es /usr/bin/ksh /bin/ksh /usr/bin/rc /usr/bin/tcsh /bin/tcsh /usr/bin/esh /bin/dash /bin/bash /bin/rbash /usr/bin/screen /usr/sbin/nologin 40
  • 41. vsftpd - FTP Server (13/13) • Securing FTP (Cont.) – This is necessary because, by default vsftpd uses PAM for authentication, and the /etc/pam.d/vsftpd configuration file contains: auth required pam_shells.so – The shells PAM module restricts access to shells listed in the /etc/shells file. – Most popular FTP clients can be configured to connect using FTPS. The lftp command line FTP client has the ability to use FTPS as well. 41
  • 42. กำรติดตั้งและคอนฟิก cacti (1/3) • About Cacti : Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. • Licensing/Donations : Cacti is released under the GNU General Public License, meaning that it is completely free with no strings attached. However, if you enjoy Cacti and find it useful be sure to check out my donations page for various ways to encourage development and otherwise make me happy. 42
  • 43. กำรติดตั้งและคอนฟิก cacti (2/3) 43
  • 44. กำรติดตั้งและคอนฟิก cacti (3/3) • ติดตั้งโปรแกรมที่จำเป็นก่อน ด้วยคำสั่ง sudo apt-get install php5 php5-gd php5-mysql • Install accti using the following command sudo apt-get install cacti-cactid • This will start installing cacti and prompt for some questions. • สำเนำไฟล์ cp /etc/cacti/apache.conf /etc/apache2/conf.d/cacti • สั่ง Apache Restart /etc/init.d/apache2 restart • คอนฟิก CACTI ได้ที่ http://hostname/cacti 44
  • 45. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (1) 45 • Install Needed Packages apt-get update apt-get install mysql-server apache2 php5 php5-cli php5-mysql php5- mysql php5-snmp libapache2-mod-php5 rrdtool snmp apt-get update apt-get upgrade • Get Cacti and install it – Create a temporary folder mkdir /cacti cd /cacti/
  • 46. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (2) 46 – Download Cacti Version 0.8.7 … web address may have changed wget http://www.cacti.net/downloads/cacti-0.8.7d.tar.gz – Unzip Download tar xzvf cacti-0.8.7.tar.gz – Move folder to /usr/share/ mv /cacti/cacti-0.8.7 /usr/share/cacti – Set permissions on rra/ and log/ folders cd /usr/share/cacti chown -R www-data:www-data rra/ log/
  • 47. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (3) 47 – Edit /etc/crontab and add the following line: */5 * * * * www-data php /usr/share/cacti/poller.php > /dev/null 2>&1 – Restart Cron /etc/init.d/cron restart – Edit /etc/php5/apache2/php.ini set memory_limit value: memory_limit=128m • Configure Apache – Edit /etc/apache2/sites-avaliable/default change DocumentRoot value to: DocumentRoot /usr/share/cacti If you not to want change DocumentRoot, you can create alias.
  • 48. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (4) 48 – Restart Apache /etc/init.d/apache2 restart • Setup MySql Database – Create the cacti database mysqladmin -u root create cacti -p – Pipe Database Script in to mysql to create tables; cacti.sql can be found in the cacti folder mysql cacti < cacti.sql -u root -p – Logon to mysql mysql -u root -p
  • 49. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (5) 49 – Setup cacti database permissions: GRANT ALL ON cacti.* TO cactiuser@localhost IDENTIFIED BY 'somepassword'; flush privileges; exit – Edit cacti config file for Mysql /usr/share/cacti/include/config.php: $database_type = "mysql"; $database_default = "cacti"; $database_hostname = "localhost"; $database_username = "cactiuser"; $database_password = "somepassword"; $database_port = "3306"; "somepassword" This can be set to any password
  • 50. กำรติดตั้งและคอนฟิก cacti กรณีติดตั้งแบบ apt-get ไม่ได้ (6) 50 • Alright! If you made it this far cacti should be ready to go! Open browser and point it to your server. Default username/password is admin/admin.
  • 51. Q & A 51