Differences
This shows you the differences between two versions of the page.
| — |
mueli [2011/10/13 21:55] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | Here you find the description of a possible configuration of a mid- to big-size network infrastructure. This documentation is founded on the experience of maintaing the net infrastructure of the [[http://www.fest.tugraz.at|Institut for Strength of Materials]] on the [[http://www.tugraz.at|Graz University of Technology]]. Beside the normal office stuff we are developing software and therefore here are services regarding to software development listed and described. We are using to Linux derivates, [[http://www.grml.org|grml]] (of course ;)) and [[http://www.gentoo.org|gentoo]]. | ||
| + | ====== Prerequisites ====== | ||
| + | |||
| + | Especially for Gentoo you should enable a few USE flags from the beginning on. Of course it's possible to ignore some of them if you won't use the whole configuration. So in ''/etc/make.conf'' you should have enabled the following USE flags: | ||
| + | |||
| + | <code>USE="ldap kerperos ssl apache2"</code> | ||
| + | |||
| + | Special USE flags required for single ebuild are discussed in the related section. | ||
| + | |||
| + | ====== User management ====== | ||
| + | |||
| + | User management mainly consits of the naming Service, the authentication mechanism and login including the session handling. Here I describe two solutions for the whole problem which can coexist and are both configured on our systems. | ||
| + | |||
| + | So the first point you have to decide is whether to use OpenLDAP or NIS. For me, this decision is really straight forward ;) I am using LDAP. | ||
| + | |||
| + | ===== OpenLDAP ===== | ||
| + | |||
| + | As already mentioned the service is responsible for the naming service. But of course it is also possible to use LDAP for authentication. And here you can find a possible configuration for using LDAP as naming **and** authentication service. | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | == Required Packages == | ||
| + | |||
| + | gentoo | ||
| + | |||
| + | <code> | ||
| + | mueli@michael:~$ emerge -a net-nds/openldap | ||
| + | </code> | ||
| + | |||
| + | grml | ||
| + | |||
| + | <code> | ||
| + | mueli@michael:~$ aptitude install slapd | ||
| + | </code> | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ===== Kerberos ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ===== PAM ===== | ||
| + | |||
| + | ====== File Serving ====== | ||
| + | |||
| + | ===== NFSv3 ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ===== OpenAFS ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ====== Services ====== | ||
| + | |||
| + | ===== OpenSSH ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ===== Web Serving ===== | ||
| + | |||
| + | ==== Apache with mod_auth_krb ==== | ||
| + | |||
| + | ==== Apache with mod_auth_pam ==== | ||
| + | |||
| + | ==== Apache with mod_auth_ldap ==== | ||
| + | |||
| + | ==== WebDAV ==== | ||
| + | |||
| + | ====== SCM ====== | ||
| + | |||
| + | ===== Subversion ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ===== Mercurial ===== | ||
| + | |||
| + | === Server === | ||
| + | |||
| + | === Client === | ||
| + | |||
| + | ====== Administration ====== | ||
