Skip to content

Instantly share code, notes, and snippets.

@mazgi

mazgi/console.md

Last active October 21, 2015 14:31
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mazgi/41f3b3eca2c6bb44a427 to your computer and use it in GitHub Desktop.
Save mazgi/41f3b3eca2c6bb44a427 to your computer and use it in GitHub Desktop.
Download ZIP
OpenLDAP on Gentoo
Raw
console.md 
# emerge -pvq openldap sudo openssh
[ebuild   R   ] net-nds/openldap-2.4.38-r2  USE="berkdb crypt ipv6 sasl ssl syslog tcpd -cxx -debug -experimental -gnutls -icu -iodbc -kerberos -minimal -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) (-32) (-x32)" 
[ebuild   R   ] app-admin/sudo-1.8.11_p1  USE="ldap nls pam sendmail -offensive (-selinux) -skey" 
[ebuild   R   ] net-misc/openssh-6.7_p1  USE="hpn ldap pam pie -X -X509 -bindist -kerberos -ldns -libedit -sctp (-selinux) -skey -static" 
# mv /var/lib/openldap-data/DB_CONFIG{.example,}
# bzip2 --decompress --stdout /usr/share/doc/sudo-1.8.11_p1/schema.OpenLDAP.bz2 > /etc/openldap/schema/sudo.schema
@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

Server

[root@localhost] # emerge -pvq openldap sssd sudo openssh
[ebuild   R   ] net-nds/openldap-2.4.38-r2  USE="berkdb crypt gnutls ipv6 sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -minimal -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)" 
[ebuild   R   ] sys-auth/sssd-1.12.1  USE="manpages nls sudo -acl -augeas -autofs -locator -netlink -nfsv4 -python (-selinux) -ssh {-test}" PYTHON_TARGETS="python2_7" 
[ebuild   R   ] app-admin/sudo-1.8.12  USE="ldap nls pam sendmail -offensive (-selinux) -skey" 
[ebuild   R   ] net-misc/openssh-6.7_p1  USE="hpn ldap pam pie -X -X509 -bindist -kerberos -ldns -libedit -sctp (-selinux) -skey -static"

@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

Client

[root@localhost] # emerge -pvq openldap sssd sudo
[ebuild   R   ] net-nds/openldap-2.4.38-r2  USE="berkdb crypt gnutls ipv6 minimal sasl ssl syslog tcpd -cxx -debug -experimental -icu -iodbc -kerberos -odbc -overlays -perl -samba (-selinux) -slp -smbkrb5passwd" ABI_X86="(64) -32 (-x32)" 
[ebuild   R   ] sys-auth/sssd-1.12.1  USE="locator manpages nls -acl -augeas -autofs -netlink -nfsv4 -python (-selinux) -ssh -sudo {-test}" PYTHON_TARGETS="python2_7" 
[ebuild   R   ] app-admin/sudo-1.8.12  USE="ldap nls pam sendmail -offensive (-selinux) -skey"

@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

DNS Server

[root@localhost] # emerge -pvq bind
[ebuild   R   ] net-dns/bind-9.10.1_p1  USE="berkdb caps dlz ipv6 ssl threads -doc -filter-aaaa -fixed-rrset -geoip -gost -gssapi -idn -json -ldap -mysql -nslint -odbc -postgres -python -rpz -seccomp (-selinux) -static-libs -urandom -xml" PYTHON_TARGETS="python2_7 python3_3 -python3_4"

@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

Server

[root@management-left] # emerge -pvq nginx php
[ebuild   R   ] www-servers/nginx-1.7.6  USE="aio http http-cache ipv6 pcre ssl vim-syntax -debug -libatomic -luajit -pcre-jit -rtmp (-selinux)" NGINX_MODULES_HTTP="access auth_basic autoindex browser charset empty_gif fastcgi geo gzip limit_conn limit_req map memcached proxy referer rewrite scgi split_clients ssi upstream_ip_hash userid uwsgi -addition -ajp -auth_pam -auth_request -cache_purge -dav -dav_ext -degradation -echo -fancyindex -flv -geoip -gunzip -gzip_static -headers_more -image_filter -lua -metrics -mogilefs -mp4 -naxsi -perl -push_stream -random_index -realip -secure_link -security -slowfs_cache -spdy -sticky -stub_status -sub -upload_progress -upstream_check -xslt" NGINX_MODULES_MAIL="-imap -pop3 -smtp" 
[ebuild   R   ] dev-lang/php-5.6.9  USE="berkdb bzip2 cli crypt ctype fileinfo filter fpm gdbm hash iconv ipv6 json ldap ldap-sasl nls opcache phar posix readline session simplexml ssl tokenizer unicode xml zlib -apache2 -bcmath -calendar -cdb -cgi -cjk -curl -debug -embed -enchant -exif (-firebird) -flatfile (-frontbase) -ftp -gd -gmp -imap -inifile -intl -iodbc -kerberos -libedit -libmysqlclient -mhash -mssql -mysql -mysqli -oci8-instant-client -odbc -pcntl -pdo -postgres -qdbm -recode (-selinux) -sharedmem -snmp -soap -sockets -spell -sqlite (-sybase-ct) -systemd -sysvipc -threads -tidy -truetype -vpx -wddx -xmlreader -xmlrpc -xmlwriter -xpm -xslt -zip"

@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

NTP Server

[root@management-left] # grep -vE '^\s*(#|$)' /etc/ntp.conf
server ntp1.jst.mfeed.ad.jp
server ntp2.jst.mfeed.ad.jp
server ntp3.jst.mfeed.ad.jp
driftfile       /var/lib/ntp/ntp.drift
restrict default nomodify nopeer noquery limited kod
restrict 127.0.0.1
restrict [::1]
restrict 10.32.0.0 mask 255.255.0.0 nomodify nopeer notrap
[root@management-left] # grep -vE '^\s*(#|$)' /etc/conf.d/ntpd
NTPD_OPTS="-g -x "

@mazgi
Copy link
Author

mazgi commented Jun 30, 2015

NTP Server

[root@management-left] # ntpdate ntp.jst.mfeed.ad.jp
 1 Jul 07:42:14 ntpdate[2674]: step time server 210.173.160.27 offset 1.114053 sec
[root@management-left] # rc-update add ntpd
 * service ntpd added to runlevel default
[root@management-left] # /etc/init.d/ntpd start
 * Caching service dependencies ...                                                        [ ok ]
 * Starting ntpd ...                                                                                     [ ok ]
[root@management-left] # ntpq -p
     remote           refid      st t when poll reach   delay   offset  jitter
==============================================================================
*ntp1.jst.mfeed. 133.243.236.17   2 u   16   64    3   17.612    1.104   0.123
+ntp2.jst.mfeed. 133.243.236.17   2 u   20   64    3   17.545    0.043   1.024
+ntp3.jst.mfeed. 133.243.236.17   2 u   19   64    3   20.221    0.785   0.513

@mazgi
Copy link
Author

mazgi commented Oct 21, 2015

guntls!!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment