{"id":181458,"date":"2020-05-06T00:45:59","date_gmt":"2020-05-05T16:45:59","guid":{"rendered":"https:\/\/q13zd.cn\/?p=181458"},"modified":"2021-08-27T16:37:25","modified_gmt":"2021-08-27T08:37:25","slug":"basic-learning-10","status":"publish","type":"post","link":"https:\/\/q13zd.cn\/basic-learning-10.html","title":{"rendered":"\u7b2c10\u7ae0 \u4f7f\u7528Apache\u670d\u52a1\u90e8\u7f72\u9759\u6001\u7f51\u7ad9"},"content":{"rendered":"

\u7ae0\u8282\u7b80\u8ff0\uff1a<\/span><\/strong><\/p>\n

\u672c\u7ae0\u5148\u5411\u8bfb\u8005\u79d1\u666e\u4ec0\u4e48\u662fWeb\u670d\u52a1\u7a0b\u5e8f\u4ee5\u53caWeb\u670d\u52a1\u7a0b\u5e8f\u7684\u7528\u5904\uff0c\u7136\u540e\u901a\u8fc7\u5bf9\u6bd4\u5f53\u524d\u4e3b\u6d41\u7684Web\u670d\u52a1\u7a0b\u5e8f\u6765\u4f7f\u8bfb\u8005\u66f4\u597d\u5730\u7406\u89e3\u5176\u5404\u81ea\u7684\u4f18\u52bf\u53ca\u7279\u70b9\uff0c\u6700\u540e\u901a\u8fc7\u5bf9httpd\u670d\u52a1\u7a0b\u5e8f\u4e2d\u201c\u5168\u5c40\u914d\u7f6e\u53c2\u6570\u201d\u201c\u533a\u57df\u914d\u7f6e\u53c2\u6570\u201d\u53ca\u201c\u6ce8\u91ca\u4fe1\u606f\u201d\u7684\u7406\u8bba\u8bb2\u89e3\u548c\u5b9e\u6218\u90e8\u7f72\uff0c\u786e\u4fdd\u8bfb\u8005\u5b66\u4f1aWeb\u670d\u52a1\u7a0b\u5e8f\u7684\u914d\u7f6e\u65b9\u6cd5\uff0c\u5e76\u771f\u6b63\u638c\u63e1\u5728Linux\u7cfb\u7edf\u4e2d\u914d\u7f6e\u670d\u52a1\u7684\u6280\u5de7\u3002<\/p>\n

\u672c\u7ae0\u8fd8\u4f1a\u8bb2\u89e3SELinux\u670d\u52a1\u7684\u4f5c\u7528\u30013\u79cd\u5de5\u4f5c\u6a21\u5f0f\u4ee5\u53ca\u7b56\u7565\u7ba1\u7406\u65b9\u6cd5\uff0c\u786e\u4fdd\u8bfb\u8005\u638c\u63e1SELinux\u57df\u548cSELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7684\u914d\u7f6e\u65b9\u6cd5\uff0c\u5e76\u4f9d\u6b21\u5b8c\u6210\u591a\u4e2a\u57fa\u4e8ehttpd\u670d\u52a1\u7a0b\u5e8f\u7684\u5b9e\u7528\u529f\u80fd\u7684\u90e8\u7f72\u5b9e\u9a8c\uff0c\u5176\u4e2d\u5305\u62echttpd\u670d\u52a1\u7a0b\u5e8f\u7684\u57fa\u672c\u90e8\u7f72\u3001\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u548c\u5bc6\u7801\u52a0\u5bc6\u8ba4\u8bc1\u65b9\u5f0f\u7684\u5b9e\u73b0\uff0c\u4ee5\u53ca\u5206\u522b\u57fa\u4e8eIP\u5730\u5740\u3001\u4e3b\u673a\u540d\uff08\u57df\u540d\uff09\u3001\u7aef\u53e3\u53f7\u90e8\u7f72\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u529f\u80fd\u3002<\/p>\n

10.1 \u7f51\u7ad9\u670d\u52a1\u7a0b\u5e8f<\/span><\/strong><\/h5>\n

1970\u5e74\uff0c\u4f5c\u4e3a\u4e92\u8054\u7f51\u524d\u8eab\u7684ARPANET\uff08\u963f\u5e15\u7f51\uff09\u5df2\u521d\u5177\u96cf\u5f62\uff0c\u5e76\u5f00\u59cb\u5411\u975e\u519b\u7528\u90e8\u95e8\u5f00\u653e\uff0c\u8bb8\u591a\u5927\u5b66\u548c\u5546\u4e1a\u673a\u6784\u5f00\u59cb\u9646\u7eed\u63a5\u5165\u3002\u867d\u7136\u5f7c\u65f6\u963f\u5e15\u7f51\u7684\u89c4\u6a21\uff08\u53ea\u67094\u53f0\u4e3b\u673a\u8054\u7f51\u8fd0\u884c\uff09\u8fd8\u4e0d\u5982\u73b0\u5728\u7684\u5c40\u57df\u7f51\u6210\u719f\uff0c\u4f46\u662f\u5b83\u4f9d\u7136\u4e3a\u7f51\u7edc\u6280\u672f\u7684\u8fdb\u6b65\u6253\u4e0b\u4e86\u624e\u5b9e\u7684\u57fa\u7840\u3002<\/p>\n

\u60f3\u5fc5\u5927\u591a\u6570\u4eba\u90fd\u662f\u901a\u8fc7\u8bbf\u95ee\u7f51\u7ad9\u800c\u5f00\u59cb\u63a5\u89e6\u4e92\u8054\u7f51\u7684\u5427\u3002\u6211\u4eec\u5e73\u65f6\u8bbf\u95ee\u7684\u7f51\u7ad9\u670d\u52a1\u5c31\u662fWeb\u7f51\u7edc\u670d\u52a1\uff0c\u4e00\u822c\u662f\u6307\u5141\u8bb8\u7528\u6237\u901a\u8fc7\u6d4f\u89c8\u5668\u8bbf\u95ee\u4e92\u8054\u7f51\u4e2d\u5404\u79cd\u8d44\u6e90\u7684\u670d\u52a1\u3002\u5982\u56fe10-1\u6240\u793a\uff0cWeb\u7f51\u7edc\u670d\u52a1\u662f\u4e00\u79cd\u88ab\u52a8\u8bbf\u95ee\u7684\u670d\u52a1\u7a0b\u5e8f\uff0c\u5373\u53ea\u6709\u63a5\u6536\u5230\u4e92\u8054\u7f51\u4e2d\u5176\u4ed6\u4e3b\u673a\u53d1\u51fa\u7684\u8bf7\u6c42\u540e\u624d\u4f1a\u54cd\u5e94\uff0c\u6700\u7ec8\u7528\u4e8e\u63d0\u4f9b\u670d\u52a1\u7a0b\u5e8f\u7684Web\u670d\u52a1\u5668\u4f1a\u901a\u8fc7HTTP\uff08\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae\uff09\u6216HTTPS\uff08\u5b89\u5168\u8d85\u6587\u672c\u4f20\u8f93\u534f\u8bae\uff09\u628a\u8bf7\u6c42\u7684\u5185\u5bb9\u4f20\u9001\u7ed9\u7528\u6237\u3002<\/p>\n

\u76ee\u524d\u80fd\u591f\u63d0\u4f9bWeb\u7f51\u7edc\u670d\u52a1\u7684\u7a0b\u5e8f\u6709IIS\u3001Nginx\u548cApache\u7b49\u3002\u5176\u4e2d\uff0cIIS\uff08Internet Information Service\uff0c\u4e92\u8054\u7f51\u4fe1\u606f\u670d\u52a1\uff09\u662fWindows\u7cfb\u7edf\u4e2d\u9ed8\u8ba4\u7684Web\u670d\u52a1\u7a0b\u5e8f\uff0c\u8fd9\u662f\u4e00\u6b3e\u56fe\u5f62\u5316\u7684\u7f51\u7ad9\u7ba1\u7406\u5de5\u5177\uff0c\u4e0d\u4ec5\u53ef\u4ee5\u63d0\u4f9bWeb\u7f51\u7ad9\u670d\u52a1\uff0c\u8fd8\u53ef\u4ee5\u63d0\u4f9bFTP\u3001NMTP\u3001SMTP\u7b49\u670d\u52a1\u3002\u4f46\u662f\uff0cIIS\u53ea\u80fd\u5728Windows\u7cfb\u7edf\u4e2d\u4f7f\u7528\uff0c\u6682\u65f6\u4e0d\u5728\u6211\u4eec\u7684\u5b66\u4e60\u8303\u56f4\u4e4b\u5185\u3002<\/p>\n

\n

\"\u9875\u9762\u8bf7\u6c42\u8fc7\u7a0b\"<\/p>\n

\u56fe10-1\u00a0 \u4e3b\u673a\u4e0eWeb\u670d\u52a1\u5668\u4e4b\u95f4\u7684\u901a\u4fe1<\/p>\n

2004\u5e7410\u67084\u65e5\uff0c\u4e3a\u4fc4\u7f57\u65af\u77e5\u540d\u95e8\u6237\u7ad9\u70b9\u800c\u5f00\u53d1\u7684Web\u670d\u52a1\u7a0b\u5e8fNginx\u6a2a\u7a7a\u51fa\u4e16\u3002Nginx\u7a0b\u5e8f\u4f5c\u4e3a\u4e00\u6b3e\u8f7b\u91cf\u7ea7\u7684\u7f51\u7ad9\u670d\u52a1\u8f6f\u4ef6\uff0c\u56e0\u5176\u7a33\u5b9a\u6027\u548c\u4e30\u5bcc\u7684\u529f\u80fd\u800c\u5feb\u901f\u5360\u9886\u670d\u52a1\u5668\u5e02\u573a\uff0c\u4f46Nginx\u6700\u88ab\u8ba4\u53ef\u7684\u8fd8\u662f\u5176\u7cfb\u7edf\u8d44\u6e90\u6d88\u8017\u4f4e\u4e14\u5e76\u53d1\u80fd\u529b\u5f3a\u7684\u7279\u6027\uff0c\u56e0\u6b64\u5f97\u5230\u4e86\u56fd\u5185\u8bf8\u5982\u65b0\u6d6a\u3001\u7f51\u6613\u3001\u817e\u8baf\u7b49\u95e8\u6237\u7f51\u7ad9\u7684\u9752\u7750\u3002\u672c\u4e66\u5c06\u5728\u7b2c20\u7ae0\u8bb2\u89e3Nginx\u670d\u52a1\u7a0b\u5e8f\u3002<\/p>\n

Apache\u7a0b\u5e8f\u662f\u76ee\u524d\u62e5\u6709\u5f88\u9ad8\u5e02\u573a\u5360\u6709\u7387\u7684Web\u670d\u52a1\u7a0b\u5e8f\u4e4b\u4e00\uff0c\u5176\u8de8\u5e73\u53f0\u548c\u5b89\u5168\u6027\u5e7f\u6cdb\u88ab\u8ba4\u53ef\u4e14\u62e5\u6709\u5feb\u901f\u3001\u53ef\u9760\u3001\u7b80\u5355\u7684API\u6269\u5c55\u3002\u56fe10-2\u6240\u793a\u4e3aApache\u670d\u52a1\u57fa\u91d1\u4f1a\u7684\u8457\u540dLogo\uff0c\u5b83\u7684\u540d\u5b57\u53d6\u81ea\u7f8e\u56fd\u5370\u7b2c\u5b89\u4eba\u7684\u571f\u8457\u8bed\uff0c\u5bd3\u610f\u4e3a\u201c\u62e5\u6709\u9ad8\u8d85\u7684\u4f5c\u6218\u7b56\u7565\u548c\u65e0\u7a77\u7684\u8010\u6027\u201d\u3002Apache\u670d\u52a1\u7a0b\u5e8f\u53ef\u4ee5\u8fd0\u884c\u5728Linux\u7cfb\u7edf\u3001UNIX\u7cfb\u7edf\u751a\u81f3\u662fWindows\u7cfb\u7edf\u4e2d\uff0c\u5b83\u652f\u6301\u57fa\u4e8eIP\u3001\u57df\u540d\u53ca\u7aef\u53e3\u53f7\u7684\u865a\u62df\u4e3b\u673a\u529f\u80fd\uff0c\u652f\u6301\u591a\u79cd\u8ba4\u8bc1\u65b9\u5f0f\uff0c\u96c6\u6210\u6709\u4ee3\u7406\u670d\u52a1\u5668\u6a21\u5757\u3001\u5b89\u5168Socket\u5c42\uff08SSL\uff09\uff0c\u80fd\u591f\u5b9e\u65f6\u76d1\u89c6\u670d\u52a1\u72b6\u6001\u4e0e\u5b9a\u5236\u65e5\u5fd7\u6d88\u606f\uff0c\u5e76\u652f\u6301\u5404\u7c7b\u4e30\u5bcc\u7684\u6a21\u5757\u3002<\/p>\n

Apache\u7a0b\u5e8f\u662fRHEL 5\u30016\u30017\u30018\u7cfb\u7edf\u4e2d\u9ed8\u8ba4\u7684Web\u670d\u52a1\u7a0b\u5e8f\uff0c\u5176\u76f8\u5173\u77e5\u8bc6\u70b9\u4e00\u76f4\u4e5f\u662fRHCSA\u548cRHCE\u8ba4\u8bc1\u8003\u8bd5\u7684\u91cd\u70b9\u5185\u5bb9\u3002<\/p><\/blockquote>\n

\"\"<\/p>\n

\u56fe10-2\u00a0 Apache\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u8457\u540d\u7684Logo<\/p>\n

\u603b\u4f53\u6765\u8bf4\uff0cNginx\u670d\u52a1\u7a0b\u5e8f\u4f5c\u4e3a\u540e\u8d77\u4e4b\u79c0\uff0c\u5df2\u7ecf\u901a\u8fc7\u81ea\u8eab\u7684\u4f18\u52bf\u4e0e\u52aa\u529b\u8d62\u5f97\u4e86\u5927\u6279\u7ad9\u957f\u7684\u4fe1\u8d56\u3002\u672c\u4e66\u914d\u5957\u7684\u5728\u7ebf\u5b66\u4e60\u7ad9\u70b9https:\/\/q13zd.cn<\/a>\u5c31\u662f\u57fa\u4e8eNginx\u670d\u52a1\u7a0b\u5e8f\u90e8\u7f72\u7684\uff0c\u4e0d\u5f97\u4e0d\u8bf4Nginx\u771f\u7684\u5f88\u68d2\uff01<\/p>\n

\u4f46\u662f\uff0cApache\u7a0b\u5e8f\u4f5c\u4e3a\u8001\u724c\u7684Web\u670d\u52a1\u7a0b\u5e8f\uff0c\u4e00\u65b9\u9762\u5728Web\u670d\u52a1\u5668\u8f6f\u4ef6\u5e02\u573a\u5177\u6709\u76f8\u5f53\u9ad8\u7684\u5360\u6709\u7387\uff0c\u53e6\u4e00\u65b9\u9762Apache\u4e5f\u662fRHEL 8\u7cfb\u7edf\u4e2d\u9ed8\u8ba4\u7684Web\u670d\u52a1\u7a0b\u5e8f\uff0c\u800c\u4e14\u8fd8\u662fRHCSA\u548cRHCE<\/a>\u8ba4\u8bc1\u8003\u8bd5\u7684\u5fc5\u8003\u5185\u5bb9\uff0c\u56e0\u6b64\u65e0\u8bba\u4ece\u5b9e\u9645\u5e94\u7528\u89d2\u5ea6\u8fd8\u662f\u4ece\u5e94\u5bf9\u7ea2\u5e3d<\/a>\u8ba4\u8bc1\u8003\u8bd5\u7684\u89d2\u5ea6\uff0c\u6211\u4eec\u90fd\u6709\u5fc5\u8981\u597d\u597d\u5b66\u4e60Apache\u670d\u52a1\u7a0b\u5e8f\u7684\u90e8\u7f72\uff0c\u5e76\u6df1\u5165\u6316\u6398\u5176\u53ef\u7528\u7684\u4e30\u5bcc\u529f\u80fd\u3002<\/p>\n

\u6211\u4eec\u518d\u6765\u56de\u5fc6\u4e00\u4e0b\u8f6f\u4ef6\u4ed3\u5e93\u7684\u914d\u7f6e\u8fc7\u7a0b\u3002<\/p>\n

\u7b2c1\u6b65<\/strong>\uff1a\u628a\u7cfb\u7edf\u955c\u50cf\u6302\u8f7d\u5230\/media\/cdrom\u76ee\u5f55\u3002<\/p>\n<\/div>\n

[root@linuxprobe ~]# mkdir -p \/media\/cdrom\r\n[root@linuxprobe ~]# mount \/dev\/cdrom \/media\/cdrom\r\nmount: \/media\/cdrom: WARNING: device write-protected, mounted read-only.<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u4f7f\u7528Vim\u6587\u672c\u7f16\u8f91\u5668\u521b\u5efa\u8f6f\u4ef6\u4ed3\u5e93\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u4e0b\u8ff0\u547d\u4ee4\u4e2d\u5177\u4f53\u53c2\u6570\u7684\u542b\u4e49\u53ef\u53c2\u80034.1.4\u8282<\/a>\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/yum.repos.d\/rhel8.repo\r\n[BaseOS]\r\nname=BaseOS\r\nbaseurl=file:\/\/\/media\/cdrom\/BaseOS\r\nenabled=1\r\ngpgcheck=0\r\n[AppStream]\r\nname=AppStream\r\nbaseurl=file:\/\/\/media\/cdrom\/AppStream\r\nenabled=1\r\ngpgcheck=0<\/pre>\n
\u7b2c3\u6b65<\/strong>\uff1a\u52a8\u624b\u5b89\u88c5Apache\u670d\u52a1\u7a0b\u5e8f\u3002\u6ce8\u610f\uff0c\u5728\u4f7f\u7528dnf\u547d\u4ee4\u8fdb\u884c\u5b89\u88c5\u65f6\uff0c\u8ddf\u5728\u547d\u4ee4\u540e\u9762\u7684Apache\u670d\u52a1\u7684\u8f6f\u4ef6\u5305\u540d\u79f0\u4e3ahttpd\u3002<\/p>\n
[root@linuxprobe ~]# dnf install httpd\r\nUpdating Subscription Management repositories.\r\nUnable to read consumer identity\r\nThis system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.\r\nAppStream                                       3.1 MB\/s | 3.2 kB     00:00    \r\nBaseOS                                          2.7 MB\/s | 2.7 kB     00:00    \r\nDependencies resolved.\r\n================================================================================\r\n Package            Arch   Version                   Repository           Size\r\n================================================================================\r\nInstalling:\r\n httpd              x86_64 2.4.37-10.module+el8+2764+7127e69e   AppStream 1.4 M\r\nInstalling dependencies:\r\n apr                x86_64 1.6.3-9.el8                          AppStream 125 k\r\n apr-util           x86_64 1.6.1-6.el8                          AppStream 105 k\r\n httpd-filesystem   noarch 2.4.37-10.module+el8+2764+7127e69e   AppStream  34 k\r\n httpd-tools        x86_64 2.4.37-10.module+el8+2764+7127e69e   AppStream 101 k\r\n mod_http2          x86_64 1.11.3-1.module+el8+2443+605475b7    AppStream 156 k\r\n redhat-logos-httpd noarch 80.7-1.el8                           BaseOS     25 k\r\nInstalling weak dependencies:\r\n apr-util-bdb       x86_64 1.6.1-6.el8                          AppStream  25 k\r\n apr-util-openssl   x86_64 1.6.1-6.el8                          AppStream  27 k\r\nEnabling module streams:\r\n httpd                     2.4                                                 \r\n\r\nTransaction Summary\r\n================================================================================\r\nInstall  9 Packages\r\n\r\nTotal size: 2.0 M\r\nInstalled size: 5.4 M\r\nIs this ok [y\/N]: y<\/strong>\r\nDownloading Packages:\r\nRunning transaction check\r\nTransaction check succeeded.\r\nRunning transaction test\r\nTransaction test succeeded.\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026                                    \r\nComplete!\r\n<\/pre>\n
\u7b2c4\u6b65<\/strong>\uff1a\u542f\u7528httpd\u670d\u52a1\u7a0b\u5e8f\u5e76\u5c06\u5176\u52a0\u5165\u5230\u5f00\u673a\u542f\u52a8\u9879\u4e2d\uff0c\u4f7f\u5176\u80fd\u591f\u968f\u7cfb\u7edf\u5f00\u673a\u800c\u8fd0\u884c\uff0c\u4ece\u800c\u6301\u7eed\u4e3a\u7528\u6237\u63d0\u4f9bWeb\u670d\u52a1\u3002<\/p>\n
[root@linuxprobe ~]# systemctl start httpd\r\n[root@linuxprobe ~]# systemctl enable httpd\r\nCreated symlink \/etc\/systemd\/system\/multi-user.target.wants\/httpd.service \u2192 \/usr\/lib\/systemd\/system\/httpd.service.<\/pre>\n
\u5927\u5bb6\u5728\u6d4f\u89c8\u5668\uff08\u8fd9\u91cc\u4ee5Firefox\u6d4f\u89c8\u5668\u4e3a\u4f8b\uff09\u7684\u5730\u5740\u680f\u4e2d\u8f93\u5165http:\/\/127.0.0.1\u5e76\u6309\u56de\u8f66\u952e\uff0c\u5c31\u53ef\u4ee5\u770b\u5230\u7528\u4e8e\u63d0\u4f9bWeb\u670d\u52a1\u7684\u9ed8\u8ba4\u9875\u9762\u4e86\uff0c\u5982\u56fe10-3\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# firefox\r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-3\u00a0 httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u9ed8\u8ba4\u9875\u9762<\/p>\n
10.2\u00a0\u914d\u7f6e\u670d\u52a1\u6587\u4ef6\u53c2\u6570<\/strong><\/span><\/h5>\n
\u9700\u8981\u63d0\u9192\u5927\u5bb6\u7684\u662f\uff0c\u524d\u6587\u4ecb\u7ecd\u7684httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u5b89\u88c5\u548c\u8fd0\u884c\uff0c\u4ec5\u4ec5\u662fhttpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e00\u4e9b\u76ae\u6bdb\uff0c\u6211\u4eec\u4f9d\u7136\u6709\u5f88\u957f\u7684\u9053\u8def\u8981\u8d70\u3002\u5728Linux\u7cfb\u7edf\u4e2d\u914d\u7f6e\u670d\u52a1\uff0c\u5176\u5b9e\u5c31\u662f\u4fee\u6539\u670d\u52a1\u7684\u914d\u7f6e\u6587\u4ef6\u3002\u56e0\u6b64\uff0c\u8fd8\u9700\u8981\u77e5\u9053\u8fd9\u4e9b\u914d\u7f6e\u6587\u4ef6\u7684\u6240\u5728\u4f4d\u7f6e\u4ee5\u53ca\u7528\u9014\u3002httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e3b\u8981\u914d\u7f6e\u6587\u4ef6\u53ca\u5b58\u653e\u4f4d\u7f6e\u5982\u886810-1\u6240\u793a\u3002<\/p>\n
\u886810-1\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Linux\u7cfb\u7edf\u4e2d\u7684\u914d\u7f6e\u6587\u4ef6<\/p>\n
\n\n\n\n\n\n\n\n\n
\u4f5c\u7528<\/td>\n\u6587\u4ef6\u540d\u79f0<\/td>\n<\/tr>\n
\u670d\u52a1\u76ee\u5f55<\/td>\n\/etc\/httpd<\/td>\n<\/tr>\n
\u4e3b\u914d\u7f6e\u6587\u4ef6<\/td>\n\/etc\/httpd\/conf\/httpd.conf<\/td>\n<\/tr>\n
\u7f51\u7ad9\u6570\u636e\u76ee\u5f55<\/td>\n\/var\/www\/html<\/td>\n<\/tr>\n
\u8bbf\u95ee\u65e5\u5fd7<\/td>\n\/var\/log\/httpd\/access_log<\/td>\n<\/tr>\n
\u9519\u8bef\u65e5\u5fd7<\/td>\n\/var\/log\/httpd\/error_log<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
<\/div>\n
\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\u4fdd\u5b58\u7684\u662f\u6700\u91cd\u8981\u7684\u670d\u52a1\u53c2\u6570\uff0c\u4e00\u822c\u4f1a\u88ab\u4fdd\u5b58\u5230\/etc\u76ee\u5f55\u4e2d\u4ee5\u8f6f\u4ef6\u540d\u79f0\u547d\u540d\u7684\u4e00\u4e2a\u6587\u4ef6\u5939\u4e4b\u4e2d\uff0c\u540d\u5b57\u4e3a\u201c\u670d\u52a1\u540d\u79f0.conf\u201d\uff0c\u4f8b\u5982\u8fd9\u91cc\u7684\u201c\/etc\/httpd\/conf\/httpd.conf\u201d\u3002\u5927\u5bb6\u5728\u719f\u6089\u4ee5\u540e\u5c31\u80fd\u8bb0\u4f4f\u4e86\u3002<\/p>\n
\u5927\u5bb6\u5728\u9996\u6b21\u6253\u5f00httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e3b\u914d\u7f6e\u6587\u4ef6\u540e\uff0c\u53ef\u80fd\u4f1a\u5413\u4e00\u8df3\u2014\u7adf\u7136\u6709356\u884c\uff01\u8fd9\u5f97\u81f3\u5c11\u9700\u8981\u4e00\u5468\u7684\u65f6\u95f4\u624d\u80fd\u770b\u5b8c\u5427\uff1f\uff01\u4f46\u662f\uff0c\u5927\u5bb6\u53ea\u8981\u4ed4\u7ec6\u89c2\u770b\u5c31\u4f1a\u53d1\u73b0\u5218\u9044\u8001\u5e08\u5728\u8fd9\u91cc\u8c03\u76ae\u4e86\u3002\u56e0\u4e3a\u5728\u8fd9\u4e2a\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u6240\u6709\u4ee5\u4e95\u53f7\uff08#\uff09\u5f00\u59cb\u7684\u884c\u90fd\u662f\u6ce8\u91ca\u884c\uff0c\u5176\u76ee\u7684\u662f\u5bf9httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u529f\u80fd\u6216\u67d0\u4e00\u884c\u53c2\u6570\u8fdb\u884c\u4ecb\u7ecd\uff0c\u6211\u4eec\u4e0d\u9700\u8981\u9010\u884c\u7814\u7a76\u8fd9\u4e9b\u5185\u5bb9\u3002<\/p>\n
\u5728httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u5b58\u57283\u79cd\u7c7b\u578b\u7684\u4fe1\u606f\uff1a\u6ce8\u91ca\u884c\u4fe1\u606f\u3001\u5168\u5c40\u914d\u7f6e\u3001\u533a\u57df\u914d\u7f6e\uff0c\u5982\u56fe10-4\u6240\u793a\u3002<\/p>\n
\"httpd\u914d\u7f6e\u6587\u4ef6\u5206\u6790\"<\/div>\n
\u56fe10-4\u00a0 httpd\u670d\u52a1\u4e3b\u914d\u7f6e\u6587\u4ef6\u7684\u53c2\u6570\u7ed3\u6784<\/p>\n
\u5404\u4f4d\u8bfb\u8005\u5728\u5b66\u4e60\u7b2c4\u7ae0\u65f6\u5df2\u7ecf\u63a5\u89e6\u8fc7\u6ce8\u91ca\u884c\u4fe1\u606f\uff0c\u56e0\u6b64\u8fd9\u91cc\u4e3b\u8981\u8bb2\u89e3\u5168\u5c40\u914d\u7f6e\u53c2\u6570\u4e0e\u533a\u57df\u914d\u7f6e\u53c2\u6570\u7684\u533a\u522b\u3002\u987e\u540d\u601d\u4e49\uff0c\u5168\u5c40\u914d\u7f6e\u53c2\u6570\u5c31\u662f\u4e00\u79cd\u5168\u5c40\u6027\u7684\u914d\u7f6e\u53c2\u6570\uff0c\u53ef\u4f5c\u7528\u4e8e\u6240\u6709\u7684\u5b50\u7ad9\u70b9\uff0c\u65e2\u4fdd\u8bc1\u4e86\u5b50\u7ad9\u70b9\u7684\u6b63\u5e38\u8bbf\u95ee\uff0c\u4e5f\u6709\u6548\u964d\u4f4e\u4e86\u9891\u7e41\u5199\u5165\u91cd\u590d\u53c2\u6570\u7684\u5de5\u4f5c\u91cf\u3002\u533a\u57df\u914d\u7f6e\u53c2\u6570\u5219\u662f\u5355\u72ec\u9488\u5bf9\u6bcf\u4e2a\u72ec\u7acb\u7684\u5b50\u7ad9\u70b9\u8fdb\u884c\u8bbe\u7f6e\u7684\u3002\u5c31\u50cf\u5728\u5927\u5b66\u98df\u5802\u91cc\u9762\u6253\u996d\uff0c\u98df\u5802\u8d1f\u8d23\u6253\u996d\u7684\u963f\u59e8\u5148\u7ed9\u6bcf\u4f4d\u540c\u5b66\u6765\u4e00\u7897\u6807\u51c6\u5927\u5c0f\u7684\u7c73\u996d\uff08\u5168\u5c40\u914d\u7f6e\uff09\uff0c\u7136\u540e\u518d\u6839\u636e\u6bcf\u4f4d\u540c\u5b66\u7684\u5177\u4f53\u8981\u6c42\u76db\u653e\u4ed6\u4eec\u60f3\u5403\u7684\u83dc\uff08\u533a\u57df\u914d\u7f6e\uff09\u3002\u5728httpd\u670d\u52a1\u7a0b\u5e8f\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u6700\u4e3a\u5e38\u7528\u7684\u53c2\u6570\u5982\u886810-2\u6240\u793a\u3002<\/p>\n
\u886810-2\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u914d\u7f6ehttpd\u670d\u52a1\u7a0b\u5e8f\u65f6\u6700\u5e38\u7528\u7684\u53c2\u6570\u4ee5\u53ca\u7528\u9014\u63cf\u8ff0<\/p>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
\u53c2\u6570<\/td>\n\u4f5c\u7528<\/td>\n<\/tr>\n
ServerRoot<\/td>\n\u670d\u52a1\u76ee\u5f55<\/td>\n<\/tr>\n
ServerAdmin<\/td>\n\u7ba1\u7406\u5458\u90ae\u7bb1<\/td>\n<\/tr>\n
User<\/td>\n\u8fd0\u884c\u670d\u52a1\u7684\u7528\u6237<\/td>\n<\/tr>\n
Group<\/td>\n\u8fd0\u884c\u670d\u52a1\u7684\u7528\u6237\u7ec4<\/td>\n<\/tr>\n
ServerName<\/td>\n\u7f51\u7ad9\u670d\u52a1\u5668\u7684\u57df\u540d<\/td>\n<\/tr>\n
DocumentRoot<\/td>\n\u7f51\u7ad9\u6570\u636e\u76ee\u5f55<\/td>\n<\/tr>\n
Listen<\/td>\n\u76d1\u542c\u7684IP\u5730\u5740\u4e0e\u7aef\u53e3\u53f7<\/td>\n<\/tr>\n
DirectoryIndex<\/td>\n\u9ed8\u8ba4\u7684\u7d22\u5f15\u9875\u9875\u9762<\/td>\n<\/tr>\n
ErrorLog<\/td>\n\u9519\u8bef\u65e5\u5fd7\u6587\u4ef6<\/td>\n<\/tr>\n
CustomLog<\/td>\n\u8bbf\u95ee\u65e5\u5fd7\u6587\u4ef6<\/td>\n<\/tr>\n
Timeout<\/td>\n\u7f51\u9875\u8d85\u65f6\u65f6\u95f4\uff0c\u9ed8\u8ba4\u4e3a300\u79d2<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
<\/p>\n
\u4ece\u886810-2\u4e2d\u53ef\u77e5\uff0cDocumentRoot\u53c2\u6570\u7528\u4e8e\u5b9a\u4e49\u7f51\u7ad9\u6570\u636e\u7684\u4fdd\u5b58\u8def\u5f84\uff0c\u5176\u53c2\u6570\u7684\u9ed8\u8ba4\u503c\u662f\/var\/www\/html\uff08\u5373\u628a\u7f51\u7ad9\u6570\u636e\u5b58\u653e\u5230\u8fd9\u4e2a\u76ee\u5f55\u4e2d\uff09\uff1b\u800c\u5f53\u524d\u7f51\u7ad9\u666e\u904d\u7684\u9996\u9875\u9762\u540d\u79f0\u662findex.html\uff0c\u56e0\u6b64\u53ef\u4ee5\u5411\/var\/www\/html\/index.html\u6587\u4ef6\u4e2d\u5199\u5165\u4e00\u6bb5\u5185\u5bb9\uff0c\u66ff\u6362\u6389httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u9ed8\u8ba4\u9996\u9875\u9762\u3002\u8be5\u64cd\u4f5c\u4f1a\u7acb\u5373\u751f\u6548\u3002<\/p>\n
[root@linuxprobe ~]# echo \"Welcome To q13zd.cn\" > \/var\/www\/html\/index.html \r\n[root@linuxprobe ~]# firefox<\/pre>\n
\u5728\u6267\u884c\u4e0a\u8ff0\u64cd\u4f5c\u4e4b\u540e\uff0c\u518d\u5728Firefox\u6d4f\u89c8\u5668\u4e2d\u5237\u65b0httpd\u670d\u52a1\u7a0b\u5e8f\uff0c\u53ef\u4ee5\u770b\u5230\u8be5\u7a0b\u5e8f\u7684\u9996\u9875\u9762\u5185\u5bb9\u5df2\u7ecf\u53d1\u751f\u4e86\u6539\u53d8\uff0c\u5982\u56fe10-5\u6240\u793a\u3002<\/p>\n
\"\"<\/p>\n
\u56fe10-5\u00a0 \u9996\u9875\u9762\u5185\u5bb9\u5df2\u7ecf\u88ab\u4fee\u6539<\/p>\n
\u5927\u5bb6\u5728\u5b8c\u6210\u8fd9\u4e2a\u5b9e\u9a8c\u4e4b\u540e\uff0c\u662f\u4e0d\u662f\u4fe1\u5fc3\u7206\u68da\u4e86\u5462\uff1f\uff01\u5728\u9ed8\u8ba4\u60c5\u51b5\u4e0b\uff0c\u7f51\u7ad9\u6570\u636e\u4fdd\u5b58\u5728\/var\/www\/html\u76ee\u5f55\u4e2d\uff0c\u5982\u679c\u60f3\u628a\u4fdd\u5b58\u7f51\u7ad9\u6570\u636e\u7684\u76ee\u5f55\u4fee\u6539\u4e3a\/home\/wwwroot\u76ee\u5f55\uff0c\u8be5\u600e\u4e48\u64cd\u4f5c\u5462\uff1f\u4e14\u770b\u4e0b\u6587\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u5efa\u7acb\u7f51\u7ad9\u6570\u636e\u7684\u4fdd\u5b58\u76ee\u5f55\uff0c\u5e76\u521b\u5efa\u9996\u9875\u6587\u4ef6\u3002<\/p>\n
[root@linuxprobe ~]# mkdir \/home\/wwwroot\r\n[root@linuxprobe ~]# echo \"The New Web Directory\" > \/home\/wwwroot\/index.html<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u6253\u5f00httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e3b\u914d\u7f6e\u6587\u4ef6\uff0c\u5c06\u7ea6\u7b2c122\u884c\u7528\u4e8e\u5b9a\u4e49\u7f51\u7ad9\u6570\u636e\u4fdd\u5b58\u8def\u5f84\u7684\u53c2\u6570DocumentRoot\u4fee\u6539\u4e3a\/home\/wwwroot\uff0c\u540c\u65f6\u8fd8\u9700\u8981\u5c06\u7ea6\u7b2c127\u884c\u4e0e\u7b2c134\u884c\u7528\u4e8e\u5b9a\u4e49\u76ee\u5f55\u6743\u9650\u7684\u53c2\u6570Directory\u540e\u9762\u7684\u8def\u5f84\u4e5f\u4fee\u6539\u4e3a\/home\/wwwroot\u3002\u914d\u7f6e\u6587\u4ef6\u4fee\u6539\u5b8c\u6bd5\u540e\u5373\u53ef\u4fdd\u5b58\u5e76\u9000\u51fa\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf \r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n117 #\r\n118 # DocumentRoot: The directory out of which you will serve your\r\n119 # documents. By default, all requests are taken from this directory, but\r\n120 # symbolic links and aliases may be used to point to other locations.\r\n121 #\r\n122 DocumentRoot \"\/home\/wwwroot\"<\/strong>\r\n123 \r\n124 #\r\n125 # Relax access to content within \/var\/www.\r\n126 #\r\n127 <Directory \"\/home\/wwwroot\"><\/strong>\r\n128     AllowOverride None\r\n129     # Allow open access:\r\n130     Require all granted\r\n131 <\/Directory><\/strong>\r\n132 \r\n133 # Further relax access to the default document root:\r\n134 <Directory \"\/home\/wwwroot\"><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026<\/pre>\n
\u7b2c3\u6b65<\/strong>\uff1a\u91cd\u65b0\u542f\u52a8httpd\u670d\u52a1\u7a0b\u5e8f\u5e76\u9a8c\u8bc1\u6548\u679c\uff0c\u6d4f\u89c8\u5668\u5237\u65b0\u9875\u9762\u540e\u7684\u5185\u5bb9\u5982\u56fe10-6\u6240\u793a\u3002\u5947\u602a\uff01\u600e\u4e48\u63d0\u793a\u6743\u9650\u4e0d\u8db3\u4e86\uff1f<\/p>\n
[root@linuxprobe ~]# systemctl restart httpd\r\n[root@linuxprobe ~]# firefox\r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-6\u00a0 Web\u9875\u9762\u63d0\u793a\u6743\u9650\u4e0d\u8db3<\/p>\n
10.3\u00a0SELinux<\/strong>\u5b89\u5168\u5b50\u7cfb\u7edf<\/strong><\/span><\/h5>\n
\"selinux\"<\/span><\/p>\n
SELinux\uff08Security-Enhanced Linux\uff09\u662f\u7f8e\u56fd\u56fd\u5bb6\u5b89\u5168\u5c40\u5728Linux\u5f00\u6e90\u793e\u533a\u7684\u5e2e\u52a9\u4e0b\u5f00\u53d1\u7684\u4e00\u4e2a\u5f3a\u5236\u8bbf\u95ee\u63a7\u5236\uff08MAC\uff0cMandatory Access Control\uff09\u7684\u5b89\u5168\u5b50\u7cfb\u7edf\u3002Linux\u7cfb\u7edf\u4f7f\u7528SELinux\u6280\u672f\u7684\u76ee\u7684\u662f\u4e3a\u4e86\u8ba9\u5404\u4e2a\u670d\u52a1\u8fdb\u7a0b\u90fd\u53d7\u5230\u7ea6\u675f\uff0c\u4f7f\u5176\u4ec5\u83b7\u53d6\u5230\u672c\u5e94\u83b7\u53d6\u7684\u8d44\u6e90\u3002<\/p>\n
\u4f8b\u5982\uff0c\u60a8\u5728\u81ea\u5df1\u7684\u7535\u8111\u4e0a\u4e0b\u8f7d\u4e86\u4e00\u4e2a\u7f8e\u56fe\u8f6f\u4ef6\uff0c\u6b63\u5168\u795e\u8d2f\u6ce8\u5730\u4f7f\u7528\u5b83\u7ed9\u7167\u7247\u8fdb\u884c\u7f8e\u989c\u7684\u65f6\u5019\uff0c\u5b83\u5374\u5728\u540e\u53f0\u9ed8\u9ed8\u76d1\u542c\u7740\u6d4f\u89c8\u5668\u4e2d\u8f93\u5165\u7684\u5bc6\u7801\u4fe1\u606f\uff0c\u800c\u8fd9\u663e\u7136\u4e0d\u5e94\u8be5\u662f\u5b83\u5e94\u505a\u7684\u4e8b\u60c5\uff08\u54ea\u6015\u662f\u8bbf\u95ee\u7535\u8111\u4e2d\u7684\u56fe\u7247\u8d44\u6e90\uff0c\u90fd\u60c5\u6709\u53ef\u539f\uff09\u3002SELinux\u5b89\u5168\u5b50\u7cfb\u7edf\u5c31\u662f\u4e3a\u4e86\u675c\u7edd\u6b64\u7c7b\u60c5\u51b5\u800c\u8bbe\u8ba1\u7684\uff0c\u5b83\u80fd\u591f\u4ece\u591a\u65b9\u9762\u76d1\u63a7\u8fdd\u6cd5\u884c\u4e3a\uff1a\u5bf9\u670d\u52a1\u7a0b\u5e8f\u7684\u529f\u80fd\u8fdb\u884c\u9650\u5236\uff08SELinux\u57df\u9650\u5236\u53ef\u4ee5\u786e\u4fdd\u670d\u52a1\u7a0b\u5e8f\u505a\u4e0d\u4e86\u51fa\u683c\u7684\u4e8b\u60c5\uff09\uff1b\u5bf9\u6587\u4ef6\u8d44\u6e90\u7684\u8bbf\u95ee\u8fdb\u884c\u9650\u5236\uff08SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u786e\u4fdd\u6587\u4ef6\u8d44\u6e90\u53ea\u80fd\u88ab\u5176\u6240\u5c5e\u7684\u670d\u52a1\u7a0b\u5e8f\u8fdb\u884c\u8bbf\u95ee\uff09\u3002<\/p>\n
\n
\n
Tips<\/strong><\/h3>\n<\/div>\n
\n
\u5982\u679c\u4e00\u822c\u6743\u9650\u548c\u9632\u706b\u5899\u662f\u201c\u95e8\u7a97\u201d\u7684\u8bdd\uff0c\u90a3\u4e48SELinux\u4fbf\u662f\u5728\u95e8\u7a97\u5916\u9762\u5b89\u88c5\u7684\u201c\u9632\u62a4\u680f\u201d\uff0c\u53ef\u4ee5\u8ba9\u7cfb\u7edf\u5185\u90e8\u66f4\u52a0\u5b89\u5168\u3002<\/p>\n<\/div>\n<\/div>\n
\u5218\u9044\u8001\u5e08\u7ecf\u5e38\u4f1a\u628aSELinux\u57df\u548cSELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u79f0\u4e3aLinux\u7cfb\u7edf\u4e2d\u7684\u53cc\u4fdd\u9669\uff0c\u7cfb\u7edf\u5185\u7684\u670d\u52a1\u7a0b\u5e8f\u53ea\u80fd\u89c4\u89c4\u77e9\u77e9\u5730\u62ff\u5230\u81ea\u5df1\u6240\u5e94\u8be5\u83b7\u53d6\u7684\u8d44\u6e90\uff0c\u8fd9\u6837\u5373\u4fbf\u9ed1\u5ba2\u5165\u4fb5\u4e86\u7cfb\u7edf\uff0c\u4e5f\u65e0\u6cd5\u5229\u7528\u7cfb\u7edf\u5185\u7684\u670d\u52a1\u7a0b\u5e8f\u8fdb\u884c\u8d8a\u6743\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u975e\u5e38\u53ef\u60dc\u7684\u662f\uff0cSELinux\u670d\u52a1\u6bd4\u8f83\u590d\u6742\uff0c\u914d\u7f6e\u96be\u5ea6\u4e5f\u5f88\u5927\uff0c\u52a0\u4e4b\u5f88\u591a\u8fd0\u7ef4\u4eba\u5458\u5bf9\u8fd9\u9879\u6280\u672f\u7406\u89e3\u4e0d\u6df1\uff0c\u4ece\u800c\u5bfc\u81f4\u5f88\u591a\u670d\u52a1\u5668\u5728\u90e8\u7f72\u597dLinux\u7cfb\u7edf\u540e\u76f4\u63a5\u5c06SELinux\u7981\u7528\u4e86\u3002\u8fd9\u7edd\u5bf9\u4e0d\u662f\u660e\u667a\u7684\u9009\u62e9\u3002<\/p>\n
SELinux\u670d\u52a1\u67093\u79cd\u914d\u7f6e\u6a21\u5f0f\uff0c\u5177\u4f53\u5982\u4e0b\u3002<\/p>\n
enforcing<\/strong>\uff1a\u5f3a\u5236\u542f\u7528\u5b89\u5168\u7b56\u7565\u6a21\u5f0f\uff0c\u5c06\u62e6\u622a\u670d\u52a1\u7684\u4e0d\u5408\u6cd5\u8bf7\u6c42\u3002<\/p>\n
permissive<\/strong>\uff1a\u9047\u5230\u670d\u52a1\u8d8a\u6743\u8bbf\u95ee\u65f6\uff0c\u53ea\u53d1\u51fa\u8b66\u544a\u800c\u4e0d\u5f3a\u5236\u62e6\u622a\u3002<\/p>\n
disabled<\/strong>\uff1a\u5bf9\u4e8e\u8d8a\u6743\u7684\u884c\u4e3a\u4e0d\u8b66\u544a\u4e5f\u4e0d\u62e6\u622a\u3002<\/p><\/blockquote>\n
\u672c\u4e66\u4e2d\u6240\u6709\u7684\u5b9e\u9a8c\u90fd\u662f\u5728\u5f3a\u5236\u542f\u7528\u5b89\u5168\u7b56\u7565\u6a21\u5f0f\u4e0b\u8fdb\u884c\u7684\uff0c\u867d\u7136\u5728\u7981\u7528SELinux\u670d\u52a1\u540e\u786e\u5b9e\u80fd\u591f\u51cf\u5c11\u62a5\u9519\u51e0\u7387\uff0c\u4f46\u8fd9\u5728\u751f\u4ea7\u73af\u5883\u4e2d\u76f8\u5f53\u4e0d\u63a8\u8350\u3002\u5efa\u8bae\u5927\u5bb6\u68c0\u67e5\u4e00\u4e0b\u81ea\u5df1\u7684\u7cfb\u7edf\uff0c\u67e5\u770bSELinux\u670d\u52a1\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\u5b9a\u4e49\u7684\u9ed8\u8ba4\u72b6\u6001\u3002\u5982\u679c\u662fpermissive\u6216disabled\uff0c\u5efa\u8bae\u8d76\u7d27\u4fee\u6539\u4e3aenforcing\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/selinux\/config\r\n# This file controls the state of SELinux on the system.\r\n# SELINUX= can take one of these three values:\r\n#     enforcing - SELinux security policy is enforced.\r\n#     permissive - SELinux prints warnings instead of enforcing.\r\n#     disabled - No SELinux policy is loaded.\r\nSELINUX=enforcing<\/strong>\r\n# SELINUXTYPE= can take one of these three values:\r\n#     targeted - Targeted processes are protected,\r\n#     minimum - Modification of targeted policy. Only selected processes are protected. \r\n#     mls - Multi Level Security protection.\r\nSELINUXTYPE=targeted\r\n<\/pre>\n
SELinux\u670d\u52a1\u7684\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\uff0c\u5b9a\u4e49\u7684\u662fSELinux\u7684\u9ed8\u8ba4\u8fd0\u884c\u72b6\u6001\uff0c\u53ef\u4ee5\u5c06\u5176\u7406\u89e3\u4e3a\u7cfb\u7edf\u91cd\u542f\u540e\u7684\u72b6\u6001\uff0c\u56e0\u6b64\u5b83\u4e0d\u4f1a\u5728\u66f4\u6539\u540e\u7acb\u5373\u751f\u6548\u3002\u53ef\u4ee5\u4f7f\u7528getenforce\u547d\u4ee4\u83b7\u5f97\u5f53\u524dSELinux\u670d\u52a1\u7684\u8fd0\u884c\u6a21\u5f0f\uff1a<\/p>\n
[root@linuxprobe ~]# getenforce \r\nEnforcing<\/pre>\n
\u4e3a\u4e86\u786e\u8ba4\u56fe10-6\u6240\u793a\u7684\u7ed3\u679c\u662f\u56e0\u4e3aSELinux\u800c\u5bfc\u81f4\u7684\uff0c\u53ef\u4ee5\u7528setenforce [0|1]\u547d\u4ee4\u4fee\u6539SELinux\u5f53\u524d\u7684\u8fd0\u884c\u6a21\u5f0f\uff080\u4e3a\u7981\u7528\uff0c1\u4e3a\u542f\u7528\uff09\u3002\u6ce8\u610f\uff0c\u8fd9\u79cd\u4fee\u6539\u53ea\u662f\u4e34\u65f6\u7684\uff0c\u5728\u7cfb\u7edf\u91cd\u542f\u540e\u5c31\u4f1a\u5931\u6548\uff1a<\/p>\n
[root@linuxprobe ~]# setenforce 0\r\n[root@linuxprobe ~]# getenforce\r\nPermissive\r\n<\/pre>\n
\u518d\u6b21\u5237\u65b0\u7f51\u9875\uff0c\u5c31\u4f1a\u770b\u5230\u6b63\u5e38\u7684\u7f51\u9875\u5185\u5bb9\u4e86\uff0c\u5982\u56fe10-7\u6240\u793a\u3002\u53ef\u89c1\uff0c\u95ee\u9898\u662f\u51fa\u5728\u4e86SELinux\u670d\u52a1\u4e0a\u3002<\/p>\n
[root@linuxprobe wwwroot]# firefox\r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-7\u00a0 \u9875\u9762\u5185\u5bb9\u6309\u7167\u9884\u671f\u663e\u793a<\/p>\n
\u73b0\u5728\uff0c\u6211\u4eec\u6765\u56de\u5fc6\u4e00\u4e0b\u524d\u9762\u7684\u64cd\u4f5c\u4e2d\u5230\u5e95\u662f\u54ea\u91cc\u51fa\u4e86\u95ee\u9898\uff1f<\/p>\n
httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u529f\u80fd\u662f\u5141\u8bb8\u7528\u6237\u8bbf\u95ee\u7f51\u7ad9\u5185\u5bb9\uff0c\u56e0\u6b64SELinux\u80af\u5b9a\u4f1a\u9ed8\u8ba4\u653e\u884c\u7528\u6237\u5bf9\u7f51\u7ad9\u7684\u8bf7\u6c42\u64cd\u4f5c\u3002\u4f46\u662f\uff0c\u6211\u4eec\u5c06\u7f51\u7ad9\u6570\u636e\u7684\u9ed8\u8ba4\u4fdd\u5b58\u76ee\u5f55\u4fee\u6539\u4e3a\/home\/wwwroot\uff0c\u8fd9\u5c31\u4ea7\u751f\u95ee\u9898\u4e86\u3002\u57286.1\u8282\u4e2d\u8bb2\u5230\uff0c\/home\u76ee\u5f55\u662f\u7528\u6765\u5b58\u653e\u666e\u901a\u7528\u6237\u7684\u5bb6\u76ee\u5f55\u6570\u636e\u7684\uff0c\u800c\u73b0\u5728\uff0chttpd\u63d0\u4f9b\u7684\u7f51\u7ad9\u670d\u52a1\u5374\u8981\u53bb\u83b7\u53d6\u666e\u901a\u7528\u6237\u5bb6\u76ee\u5f55\u4e2d\u7684\u6570\u636e\uff0c\u8fd9\u663e\u7136\u8fdd\u53cd\u4e86SELinux\u7684\u76d1\u7ba1\u539f\u5219\u3002<\/p>\n
\u73b0\u5728\uff0c\u628aSELinux\u670d\u52a1\u6062\u590d\u5230\u5f3a\u5236\u542f\u7528\u5b89\u5168\u7b56\u7565\u6a21\u5f0f\uff0c\u7136\u540e\u5206\u522b\u67e5\u770b\u539f\u59cb\u7f51\u7ad9\u6570\u636e\u7684\u4fdd\u5b58\u76ee\u5f55\u4e0e\u5f53\u524d\u7f51\u7ad9\u6570\u636e\u7684\u4fdd\u5b58\u76ee\u5f55\u662f\u5426\u62e5\u6709\u4e0d\u540c\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u503c\u3002<\/p>\n
\u5728ls\u547d\u4ee4\u4e2d\uff0c-Z\u53c2\u6570\u7528\u4e8e\u67e5\u770b\u6587\u4ef6\u7684\u5b89\u5168\u4e0a\u4e0b\u6587\u503c\uff0c-d\u53c2\u6570\u4ee3\u8868\u5bf9\u8c61\u662f\u4e2a\u6587\u4ef6\u5939\u3002<\/p>\n
[root@linuxprobe ~]# setenforce 1\r\n[root@linuxprobe ~]# ls -Zd \/var\/www\/html\r\ndrwxr-xr-x. root root system_u:object_r:httpd_sys_content_t<\/strong>:s0 \/var\/www\/html\r\n[root@linuxprobe ~]# ls -Zd \/home\/wwwroot\r\ndrwxrwxrwx. root root unconfined_u:object_r:home_root_t<\/strong>:s0 \/home\/wwwroot\r\n<\/pre>\n
\u5728\u6587\u4ef6\u4e0a\u8bbe\u7f6e\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u662f\u7531\u7528\u6237\u6bb5\u3001\u89d2\u8272\u6bb5\u4ee5\u53ca\u7c7b\u578b\u6bb5\u7b49\u591a\u4e2a\u4fe1\u606f\u9879\u5171\u540c\u7ec4\u6210\u7684\u3002\u5176\u4e2d\uff0c\u7528\u6237\u6bb5system_u\u4ee3\u8868\u7cfb\u7edf\u8fdb\u7a0b\u7684\u8eab\u4efd\uff0c\u89d2\u8272\u6bb5object_r\u4ee3\u8868\u6587\u4ef6\u76ee\u5f55\u7684\u89d2\u8272\uff0c\u7c7b\u578b\u6bb5httpd_sys_content_t\u4ee3\u8868\u7f51\u7ad9\u670d\u52a1\u7684\u7cfb\u7edf\u6587\u4ef6\u3002\u7531\u4e8eSELinux\u670d\u52a1\u5b9e\u5728\u592a\u8fc7\u590d\u6742\uff0c\u73b0\u5728\u5927\u5bb6\u53ea\u9700\u8981\u7b80\u5355\u719f\u6089SELinux\u670d\u52a1\u7684\u4f5c\u7528\u5c31\u53ef\u4ee5\uff0c\u5218\u9044\u8001\u5e08\u672a\u6765\u4f1a\u5728\u672c\u4e66\u7684\u8fdb\u9636\u7bc7\u4e2d\u5355\u72ec\u62ff\u51fa\u4e00\u4e2a\u7ae0\u8282\u4ed4\u7ec6\u8bb2\u89e3SELinux\u670d\u52a1\u3002<\/p>\n
\u9488\u5bf9\u5f53\u524d\u8fd9\u79cd\u60c5\u51b5\uff0c\u6211\u4eec\u53ea\u9700\u8981\u4f7f\u7528semanage\u547d\u4ee4\uff0c\u5c06\u5f53\u524d\u7f51\u7ad9\u76ee\u5f55\/home\/wwwroot\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u4fee\u6539\u4e3a\u8ddf\u539f\u59cb\u7f51\u7ad9\u76ee\u5f55\u7684\u4e00\u6837\u5c31\u884c\u4e86\u3002<\/p>\n
semanage\u547d\u4ee4\u7528\u4e8e\u7ba1\u7406SELinux\u7684\u7b56\u7565\uff0c\u82f1\u6587\u5168\u79f0\u4e3a\u201cSELinux manage\u201d\uff0c\u8bed\u6cd5\u683c\u5f0f\u4e3a\u201csemanage [\u53c2\u6570] [\u6587\u4ef6]\u201d\u3002<\/p>\n
SELinux\u670d\u52a1\u6781\u5927\u5730\u63d0\u5347\u4e86Linux\u7cfb\u7edf\u7684\u5b89\u5168\u6027\uff0c\u5c06\u7528\u6237\u6743\u9650\u7262\u7262\u5730\u9501\u5728\u7b3c\u5b50\u91cc\u3002semanage\u547d\u4ee4\u4e0d\u4ec5\u80fd\u591f\u50cf\u4f20\u7edf\u7684chcon\u547d\u4ee4\u90a3\u6837\u8bbe\u7f6e\u6587\u4ef6\u3001\u76ee\u5f55\u7684\u7b56\u7565\uff0c\u8fd8\u80fd\u591f\u7ba1\u7406\u7f51\u7edc\u7aef\u53e3\u3001\u6d88\u606f\u63a5\u53e3\uff08\u8fd9\u4e9b\u65b0\u7279\u6027\u5c06\u5728\u672c\u7ae0\u540e\u6587\u4e2d\u6db5\u76d6\uff09\u3002\u4f7f\u7528semanage\u547d\u4ee4\u65f6\uff0c\u7ecf\u5e38\u7528\u5230\u7684\u51e0\u4e2a\u53c2\u6570\u53ca\u5176\u4f5c\u7528\u5982\u886810-3\u6240\u793a\u3002<\/p>\n
\u886810-3\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0semanage\u547d\u4ee4\u4e2d\u5e38\u7528\u53c2\u6570\u4ee5\u53ca\u4f5c\u7528<\/p>\n\n\n\n\n\n\n\n
\u53c2\u6570<\/td>\n\u4f5c\u7528<\/td>\n<\/tr>\n
-l<\/td>\n\u67e5\u8be2<\/td>\n<\/tr>\n
-a<\/td>\n\u6dfb\u52a0<\/td>\n<\/tr>\n
-m<\/td>\n\u4fee\u6539<\/td>\n<\/tr>\n
-d<\/td>\n\u5220\u9664<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
<\/p>\n
\u4f8b\u5982\uff0c\u5411\u65b0\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u4e2d\u65b0\u6dfb\u52a0\u4e00\u6761SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\uff0c\u8ba9\u8fd9\u4e2a\u76ee\u5f55\u4ee5\u53ca\u91cc\u9762\u7684\u6240\u6709\u6587\u4ef6\u80fd\u591f\u88abhttpd\u670d\u52a1\u7a0b\u5e8f\u8bbf\u95ee\u5230\uff1a<\/p>\n
[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/*\r\n<\/pre>\n
\u6ce8\u610f\uff0c\u5728\u6267\u884c\u4e0a\u8ff0\u8bbe\u7f6e\u4e4b\u540e\uff0c\u8fd8\u65e0\u6cd5\u7acb\u5373\u8bbf\u95ee\u7f51\u7ad9\uff0c\u8fd8\u9700\u8981\u4f7f\u7528restorecon\u547d\u4ee4\u5c06\u8bbe\u7f6e\u597d\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7acb\u5373\u751f\u6548\u3002\u5728\u4f7f\u7528restorecon\u547d\u4ee4\u65f6\uff0c\u53ef\u4ee5\u52a0\u4e0a-Rv\u53c2\u6570\u5bf9\u6307\u5b9a\u7684\u76ee\u5f55\u8fdb\u884c\u9012\u5f52\u64cd\u4f5c\uff0c\u4ee5\u53ca\u663e\u793aSELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7684\u4fee\u6539\u8fc7\u7a0b\u3002\u6700\u540e\uff0c\u518d\u6b21\u5237\u65b0\u9875\u9762\uff0c\u5c31\u53ef\u4ee5\u6b63\u5e38\u770b\u5230\u7f51\u9875\u5185\u5bb9\u4e86\uff0c\u7ed3\u679c\u5982\u56fe10-8\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# restorecon -Rv \/home\/wwwroot\/\r\nRelabeled \/home\/wwwroot from unconfined_u:object_r:user_home_dir_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\n[root@linuxprobe ~]# firefox\r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-8\u00a0 \u6b63\u5e38\u770b\u5230\u7f51\u9875\u5185\u5bb9<\/p>\n
\u771f\u53ef\u8c13\u662f\u4e00\u6ce2\u4e09\u6298\uff01\u539f\u672c\u8ba4\u4e3a\u53ea\u8981\u628ahttpd\u670d\u52a1\u7a0b\u5e8f\u914d\u7f6e\u59a5\u5f53\u5c31\u53ef\u4ee5\u5927\u529f\u544a\u6210\uff0c\u7ed3\u679c\u5374\u53cd\u590d\u53d7\u5230\u4e86SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7684\u9650\u5236\u3002\u6240\u4ee5\uff0c\u5efa\u8bae\u5927\u5bb6\u5728\u914d\u7f6ehttpd\u670d\u52a1\u7a0b\u5e8f\u65f6\uff0c\u4e00\u5b9a\u8981\u7ec6\u5fc3\u3001\u8010\u5fc3\u3002\u4e00\u65e6\u6210\u529f\u914d\u59a5httpd\u670d\u52a1\u7a0b\u5e8f\uff0c\u5c31\u4f1a\u53d1\u73b0SELinux\u670d\u52a1\u5e76\u6ca1\u6709\u90a3\u4e48\u96be\u3002<\/p>\n
\n
\n
Tips<\/strong><\/h3>\n<\/div>\n
\n
\u5728RHCSA\u3001RHCE\u6216RHCA\u8003\u8bd5\u4e2d\uff0c\u90fd\u9700\u8981\u5148\u91cd\u542f\u60a8\u7684\u673a\u5668\u7136\u540e\u518d\u6267\u884c\u5224\u5206\u811a\u672c\u3002\u56e0\u6b64\uff0c\u5efa\u8bae\u8bfb\u8005\u5728\u65e5\u5e38\u5de5\u4f5c\u4e2d\u8981\u517b\u6210\u5c06\u6240\u9700\u670d\u52a1\u6dfb\u52a0\u5230\u5f00\u673a\u542f\u52a8\u9879\u4e2d\u7684\u4e60\u60ef\uff0c\u6bd4\u5982\u8fd9\u91cc\u5c31\u9700\u8981\u6dfb\u52a0systemctl enable httpd\u547d\u4ee4\u3002<\/p>\n<\/div>\n<\/div>\n
10.4 \u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd<\/strong><\/span><\/h5>\n
\u5982\u679c\u60f3\u5728\u7cfb\u7edf\u4e2d\u4e3a\u6bcf\u4f4d\u7528\u6237\u5efa\u7acb\u4e00\u4e2a\u72ec\u7acb\u7684\u7f51\u7ad9\uff0c\u901a\u5e38\u7684\u65b9\u6cd5\u662f\u57fa\u4e8e\u865a\u62df\u7f51\u7ad9\u4e3b\u673a\u529f\u80fd\u6765\u90e8\u7f72\u591a\u4e2a\u7f51\u7ad9\u3002\u4f46\u8fd9\u4e2a\u5de5\u4f5c\u4f1a\u8ba9\u7ba1\u7406\u5458\u82e6\u4e0d\u582a\u8a00\uff08\u5c24\u5176\u662f\u7528\u6237\u6570\u91cf\u5f88\u5e9e\u5927\u65f6\uff09\uff0c\u800c\u4e14\u5728\u7528\u6237\u81ea\u884c\u7ba1\u7406\u7f51\u7ad9\u65f6\uff0c\u8fd8\u4f1a\u78b0\u5230\u5404\u79cd\u6743\u9650\u9650\u5236\uff0c\u9700\u8981\u4e3a\u6b64\u505a\u5f88\u591a\u989d\u5916\u7684\u5de5\u4f5c\u3002\u5176\u5b9e\uff0chttpd\u670d\u52a1\u7a0b\u5e8f\u63d0\u4f9b\u7684\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u5b8c\u5168\u53ef\u4ee5\u80dc\u4efb\u8fd9\u4e2a\u5de5\u4f5c\u3002\u8be5\u529f\u80fd\u53ef\u4ee5\u8ba9\u7cfb\u7edf\u5185\u6240\u6709\u7684\u7528\u6237\u5728\u81ea\u5df1\u7684\u5bb6\u76ee\u5f55\u4e2d\u7ba1\u7406\u4e2a\u4eba\u7684\u7f51\u7ad9\uff0c\u800c\u4e14\u8bbf\u95ee\u8d77\u6765\u4e5f\u975e\u5e38\u5bb9\u6613\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a<\/p>\n
\u5728httpd\u670d\u52a1\u7a0b\u5e8f\u4e2d\uff0c\u9ed8\u8ba4\u6ca1\u6709\u5f00\u542f\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u3002\u4e3a\u6b64\uff0c\u6211\u4eec\u9700\u8981\u7f16\u8f91\u4e0b\u9762\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u7136\u540e\u5728\u7b2c17\u884c\u7684UserDir disabled\u53c2\u6570\u524d\u9762\u52a0\u4e0a\u4e95\u53f7\uff08#\uff09\uff0c\u8868\u793a\u8ba9httpd\u670d\u52a1\u7a0b\u5e8f\u5f00\u542f\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\uff1b\u540c\u65f6\u518d\u628a\u7b2c24\u884c\u7684UserDir public_html\u53c2\u6570\u524d\u9762\u7684\u4e95\u53f7\uff08#\uff09\u53bb\u6389\uff08UserDir\u53c2\u6570\u8868\u793a\u7f51\u7ad9\u6570\u636e\u5728\u7528\u6237\u5bb6\u76ee\u5f55\u4e2d\u7684\u4fdd\u5b58\u76ee\u5f55\u540d\u79f0\uff0c\u5373public_html\u76ee\u5f55\uff09\u3002\u6700\u540e\uff0c\u5728\u4fee\u6539\u5b8c\u6bd5\u540e\u8bb0\u5f97\u4fdd\u5b58\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf.d\/userdir.conf\u00a0\r\n  1 #\r\n  2 # UserDir: The name of the directory that is appended onto a user's home\r\n  3 # directory if a ~user request is received.\r\n  4 #\r\n  5 # The path to the end user account 'public_html' directory must be\r\n  6 # accessible to the webserver userid.  This usually means that ~userid\r\n  7 # must have permissions of 711, ~userid\/public_html must have permissions\r\n  8 # of 755, and documents contained therein must be world-readable.\r\n  9 # Otherwise, the client will only receive a \"403 Forbidden\" message.\r\n 10 #\r\n 11 <IfModule mod_userdir.c>\r\n 12     #\r\n 13     # UserDir is disabled by default since it can confirm the presence\r\n 14     # of a username on the system (depending on home directory\r\n 15     # permissions).\r\n 16     #\r\n 17     # UserDir disabled<\/strong>\r\n 18 \r\n 19     #\r\n 20     # To enable requests to \/~user\/ to serve the user's public_html\r\n 21     # directory, remove the \"UserDir disabled\" line above, and uncomment\r\n 22     # the following line instead:\r\n 23     # \r\n 24       UserDir public_html<\/strong>\r\n 25 <\/IfModule>\r\n 26 \r\n 27 #\r\n 28 # Control access to UserDir directories.  The following is an example\r\n 29 # for a site where these directories are restricted to read-only.\r\n 30 #\r\n 31 <Directory \"\/home\/*\/public_html\">\r\n 32     AllowOverride FileInfo AuthConfig Limit Indexes\r\n 33     Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec\r\n 34     Require method GET POST OPTIONS\r\n 35 <\/Directory>\r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u5728\u7528\u6237\u5bb6\u76ee\u5f55\u4e2d\u5efa\u7acb\u7528\u4e8e\u4fdd\u5b58\u7f51\u7ad9\u6570\u636e\u7684\u76ee\u5f55\u53ca\u9996\u9875\u9762\u6587\u4ef6\u3002\u53e6\u5916\uff0c\u8fd8\u9700\u8981\u628a\u5bb6\u76ee\u5f55\u7684\u6743\u9650\u4fee\u6539\u4e3a755\uff0c\u4fdd\u8bc1\u5176\u4ed6\u4eba\u4e5f\u6709\u6743\u9650\u8bfb\u53d6\u91cc\u9762\u7684\u5185\u5bb9\u3002<\/p>\n
[root@linuxprobe home]# su - linuxprobe\r\n[linuxprobe@linuxprobe ~]$ mkdir public_html\r\n[linuxprobe@linuxprobe ~]$ echo \"This is linuxprobe's website\" > public_html\/index.html\r\n[linuxprobe@linuxprobe ~]$ chmod -R 755 \/home\/linuxprobe<\/pre>\n
\u7b2c3\u6b65<\/strong>\uff1a\u91cd\u65b0\u542f\u52a8httpd\u670d\u52a1\u7a0b\u5e8f\uff0c\u5728\u6d4f\u89c8\u5668\u7684\u5730\u5740\u680f\u4e2d\u8f93\u5165\u7f51\u5740\uff0c\u5176\u683c\u5f0f\u4e3a\u201c\u7f51\u5740\/\uff5e\u7528\u6237\u540d\u201d\uff08\u5176\u4e2d\u7684\u6ce2\u6d6a\u53f7\u662f\u5fc5\u9700\u7684\uff0c\u800c\u4e14\u7f51\u5740\u3001\u6ce2\u6d6a\u53f7\u3001\u7528\u6237\u540d\u4e4b\u95f4\u6ca1\u6709\u7a7a\u683c\uff09\u3002\u4ece\u7406\u8bba\u4e0a\u6765\u8bb2\uff0c\u73b0\u5728\u5c31\u53ef\u4ee5\u770b\u5230\u7528\u6237\u7684\u4e2a\u4eba\u7f51\u7ad9\u4e86\u3002\u51fa\u4e4e\u610f\u6599\u7684\u662f\uff0c\u7cfb\u7edf\u663e\u793a\u62a5\u9519\u9875\u9762\uff0c\u5982\u56fe10-9\u6240\u793a\u3002\u8fd9\u4e00\u5b9a\u8fd8\u662fSELinux\u60f9\u7684\u7978\u3002<\/p>\n
[linuxprobe@linuxprobe ~]$ exit\r\nlogout\r\n[root@linuxprobe ~]# systemctl restart httpd<\/pre>\n
\"\"<\/p>\n
\u56fe10-9\u00a0 \u7981\u6b62\u8bbf\u95ee\u7528\u6237\u7684\u4e2a\u4eba\u7f51\u7ad9<\/p>\n
\u7b2c4\u6b65<\/strong>\uff1a\u601d\u8003\u8fd9\u6b21\u62a5\u9519\u7684\u539f\u56e0\u662f\u4ec0\u4e48\u3002httpd\u670d\u52a1\u7a0b\u5e8f\u5728\u63d0\u4f9b\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u65f6\uff0c\u8be5\u7528\u6237\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u672c\u8eab\u5c31\u5e94\u8be5\u662f\u5b58\u653e\u5230\u4e0e\u8fd9\u4f4d\u7528\u6237\u5bf9\u5e94\u7684\u5bb6\u76ee\u5f55\u4e2d\u7684\uff0c\u6240\u4ee5\u5e94\u8be5\u4e0d\u9700\u8981\u4fee\u6539\u5bb6\u76ee\u5f55\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u3002\u4f46\u662f\uff0c\u524d\u6587\u8fd8\u8bb2\u5230\u4e86SELinux\u57df\u7684\u6982\u5ff5\u3002SELinux\u57df\u786e\u4fdd\u670d\u52a1\u7a0b\u5e8f\u4e0d\u80fd\u6267\u884c\u8fdd\u89c4\u7684\u64cd\u4f5c\uff0c\u53ea\u80fd\u672c\u672c\u5206\u5206\u5730\u4e3a\u7528\u6237\u63d0\u4f9b\u670d\u52a1\u3002httpd\u670d\u52a1\u4e2d\u7a81\u7136\u5f00\u542f\u7684\u8fd9\u9879\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u5230\u5e95\u6709\u6ca1\u6709\u88abSELinux\u57df\u9ed8\u8ba4\u5141\u8bb8\u5462\uff1f<\/p>\n
\u63a5\u4e0b\u6765\u4f7f\u7528getsebool\u547d\u4ee4\u67e5\u8be2\u5e76\u8fc7\u6ee4\u51fa\u6240\u6709\u4e0eHTTP\u534f\u8bae\u76f8\u5173\u7684\u5b89\u5168\u7b56\u7565\u3002\u5176\u4e2d\uff0coff\u4e3a\u7981\u6b62\u72b6\u6001\uff0con\u4e3a\u5141\u8bb8\u72b6\u6001\u3002<\/p>\n
[root@linuxprobe ~]# getsebool -a | grep http\r\nhttpd_anon_write --> off\r\nhttpd_builtin_scripting --> on\r\nhttpd_can_check_spam --> off\r\nhttpd_can_connect_ftp --> off\r\nhttpd_can_connect_ldap --> off\r\nhttpd_can_connect_mythtv --> off\r\nhttpd_can_connect_zabbix --> off\r\nhttpd_can_network_connect --> off\r\nhttpd_can_network_connect_cobbler --> off\r\nhttpd_can_network_connect_db --> off\r\nhttpd_can_network_memcache --> off\r\nhttpd_can_network_relay --> off\r\nhttpd_can_sendmail --> off\r\nhttpd_dbus_avahi --> off\r\nhttpd_dbus_sssd --> off\r\nhttpd_dontaudit_search_dirs --> off\r\nhttpd_enable_cgi --> on\r\nhttpd_enable_ftp_server --> off\r\nhttpd_enable_homedirs --> off<\/strong>\r\nhttpd_execmem --> off\r\nhttpd_graceful_shutdown --> off\r\nhttpd_manage_ipa --> off\r\nhttpd_mod_auth_ntlm_winbind --> off\r\nhttpd_mod_auth_pam --> off\r\nhttpd_read_user_content --> off\r\nhttpd_run_ipa --> off\r\nhttpd_run_preupgrade --> off\r\nhttpd_run_stickshift --> off\r\nhttpd_serve_cobbler_files --> off\r\nhttpd_setrlimit --> off\r\nhttpd_ssi_exec --> off\r\nhttpd_sys_script_anon_write --> off\r\nhttpd_tmp_exec --> off\r\nhttpd_tty_comm --> off\r\nhttpd_unified --> off\r\nhttpd_use_cifs --> off\r\nhttpd_use_fusefs --> off\r\nhttpd_use_gpg --> off\r\nhttpd_use_nfs --> off\r\nhttpd_use_openstack --> off\r\nhttpd_use_sasl --> off\r\nhttpd_verify_dns --> off\r\nmysql_connect_http --> off\r\nnamed_tcp_bind_http_port --> off\r\nprosody_bind_http_port --> off\r\n<\/pre>\n
\u9762\u5bf9\u5982\u6b64\u591a\u7684SELinux\u57df\u5b89\u5168\u7b56\u7565\u89c4\u5219\uff0c\u5b9e\u5728\u6ca1\u6709\u5fc5\u8981\u9010\u4e2a\u7406\u89e3\u5b83\u4eec\uff0c\u6211\u4eec\u53ea\u8981\u80fd\u901a\u8fc7\u540d\u5b57\u5927\u81f4\u731c\u6d4b\u51fa\u76f8\u5173\u7684\u7b56\u7565\u7528\u9014\u5c31\u8db3\u591f\u4e86\u3002\u6bd4\u5982\uff0c\u60f3\u8981\u5f00\u542fhttpd\u670d\u52a1\u7684\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\uff0c\u90a3\u4e48\u7528\u5230\u7684SELinux\u57df\u5b89\u5168\u7b56\u7565\u5e94\u8be5\u662fhttpd_enable_homedirs\u5427\uff1f\u5927\u81f4\u786e\u5b9a\u540e\u5c31\u53ef\u4ee5\u7528setsebool\u547d\u4ee4\u6765\u4fee\u6539SELinux\u7b56\u7565\u4e2d\u5404\u6761\u89c4\u5219\u7684\u5e03\u5c14\u503c\u4e86\u3002\u5927\u5bb6\u4e00\u5b9a\u8981\u8bb0\u5f97\u5728setsebool\u547d\u4ee4\u540e\u9762\u52a0\u4e0a-P\u53c2\u6570\uff0c\u8ba9\u4fee\u6539\u540e\u7684SELinux\u7b56\u7565\u89c4\u5219\u6c38\u4e45\u751f\u6548\u4e14\u7acb\u5373\u751f\u6548\u3002\u968f\u540e\u5237\u65b0\u7f51\u9875\uff0c\u5176\u6548\u679c\u5982\u56fe10-10\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# setsebool -P httpd_enable_homedirs=on\r\n[root@linuxprobe ~]# firefox<\/pre>\n
\"\"<\/p>\n
\u56fe10-10\u00a0 \u6b63\u5e38\u770b\u5230\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u9762\u4e2d\u7684\u5185\u5bb9<\/p>\n
\u6709\u65f6\uff0c\u7f51\u7ad9\u7684\u62e5\u6709\u8005\u5e76\u4e0d\u5e0c\u671b\u76f4\u63a5\u5c06\u7f51\u9875\u5185\u5bb9\u663e\u793a\u51fa\u6765\uff0c\u800c\u53ea\u60f3\u8ba9\u901a\u8fc7\u8eab\u4efd\u9a8c\u8bc1\u7684\u7528\u6237\u770b\u5230\u91cc\u9762\u7684\u5185\u5bb9\uff0c\u8fd9\u65f6\u5c31\u53ef\u4ee5\u5728\u7f51\u7ad9\u4e2d\u6dfb\u52a0\u5bc6\u7801\u529f\u80fd\u4e86\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u5148\u4f7f\u7528htpasswd\u547d\u4ee4\u751f\u6210\u5bc6\u7801\u6570\u636e\u5e93\u3002-c\u53c2\u6570\u8868\u793a\u7b2c\u4e00\u6b21\u751f\u6210\uff1b\u540e\u9762\u518d\u5206\u522b\u6dfb\u52a0\u5bc6\u7801\u6570\u636e\u5e93\u7684\u5b58\u653e\u6587\u4ef6\uff0c\u4ee5\u53ca\u9a8c\u8bc1\u8981\u7528\u5230\u7684\u7528\u6237\u540d\u79f0\uff08\u8be5\u7528\u6237\u4e0d\u5fc5\u662f\u7cfb\u7edf\u4e2d\u5df2\u6709\u7684\u672c\u5730\u8d26\u6237\uff09\u3002<\/p>\n
[root@linuxprobe ~]# htpasswd -c \/etc\/httpd\/passwd linuxprobe\r\nNew password:\u6b64\u5904\u8f93\u5165\u7528\u4e8e\u7f51\u9875\u9a8c\u8bc1\u7684\u5bc6\u7801<\/strong>\r\nRe-type new password:\u518d\u8f93\u5165\u4e00\u904d\u8fdb\u884c\u786e\u8ba4<\/strong>\r\nAdding password for user linuxprobe\r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u7ee7\u7eed\u7f16\u8f91\u4e2a\u4eba\u7528\u6237\u4e3b\u9875\u529f\u80fd\u7684\u914d\u7f6e\u6587\u4ef6\u3002\u628a\u7b2c31\uff5e37\u884c\u7684\u53c2\u6570\u4fe1\u606f\u4fee\u6539\u6210\u4e0b\u5217\u5185\u5bb9\uff0c\u5176\u4e2d\u4ee5\u4e95\u53f7\uff08#\uff09\u5f00\u5934\u7684\u5185\u5bb9\u4e3a\u6dfb\u52a0\u7684\u6ce8\u91ca\u4fe1\u606f\uff0c\u53ef\u5c06\u5176\u5ffd\u7565\u3002\u968f\u540e\u4fdd\u5b58\u5e76\u9000\u51fa\u914d\u7f6e\u6587\u4ef6\uff0c\u91cd\u542fhttpd\u670d\u52a1\u7a0b\u5e8f\u5373\u53ef\u751f\u6548\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf.d\/userdir.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n 27 #\r\n 28 # Control access to UserDir directories.  The following is an example\r\n 29 # for a site where these directories are restricted to read-only.\r\n 30 #\r\n 31 <Directory \"\/home\/*\/public_html\">\r\n 32     AllowOverride all \r\n        #\u521a\u521a\u751f\u6210\u51fa\u7684\u5bc6\u7801\u9a8c\u8bc1\u6587\u4ef6\u4fdd\u5b58\u8def\u5f84\r\n 33     authuserfile \"\/etc\/httpd\/passwd\" \r\n        #\u5f53\u7528\u6237\u8bbf\u95ee\u7f51\u7ad9\u65f6\u7684\u63d0\u793a\u4fe1\u606f\r\n 34     authname \"My privately website\"\r\n        #\u9a8c\u8bc1\u65b9\u5f0f\u4e3a\u53e3\u4ee4\u6a21\u5f0f\r\n 35     authtype basic\r\n        #\u8bbf\u95ee\u7f51\u7ad9\u65f6\u9700\u8981\u9a8c\u8bc1\u7684\u7528\u6237\u540d\u79f0\r\n 36     require user linuxprobe\r\n 37 <\/Directory>\r\n[root@linuxprobe ~]# systemctl restart httpd<\/pre>\n
\u6b64\u540e\uff0c\u5f53\u7528\u6237\u518d\u60f3\u8bbf\u95ee\u67d0\u4e2a\u7528\u6237\u7684\u4e2a\u4eba\u7f51\u7ad9\u65f6\uff0c\u5c31\u5fc5\u987b\u8f93\u5165\u8d26\u6237\u548c\u5bc6\u7801\u624d\u80fd\u6b63\u5e38\u8bbf\u95ee\u4e86\u3002\u53e6\u5916\uff0c\u9a8c\u8bc1\u65f6\u4f7f\u7528\u7684\u8d26\u6237\u548c\u5bc6\u7801\u662f\u7528htpasswd\u547d\u4ee4\u751f\u6210\u7684\u4e13\u95e8\u7528\u4e8e\u7f51\u7ad9\u767b\u5f55\u7684\u8d26\u6237\u548c\u5bc6\u7801\uff0c\u800c\u4e0d\u662f\u7cfb\u7edf\u4e2d\u7684\u8d26\u6237\u548c\u5bc6\u7801\uff0c\u8bf7\u4e0d\u8981\u641e\u9519\u4e86\u3002\u767b\u5f55\u754c\u9762\u5982\u56fe10-11\u4e0e\u56fe10-12\u6240\u793a\u3002<\/p>\n
\"\"<\/p>\n
\u56fe10-11\u00a0 \u9700\u8981\u8f93\u5165\u8d26\u6237\u548c\u5bc6\u7801\u624d\u80fd\u8bbf\u95ee<\/p>\n
\"\"<\/p>\n
\u56fe10-12 \u53e3\u4ee4\u9a8c\u8bc1\u6210\u529f<\/p>\n
\u51fa\u73b0\u95ee\u9898?\u5927\u80c6\u63d0\u95ee!<\/strong><\/span><\/p>\n
\u56e0\u8bfb\u8005\u4eec\u786c\u4ef6\u4e0d\u540c\u6216\u64cd\u4f5c\u9519\u8bef\u90fd\u53ef\u80fd\u5bfc\u81f4\u5b9e\u9a8c\u914d\u7f6e\u51fa\u9519\uff0c\u8bf7\u8010\u5fc3\u518d\u4ed4\u7ec6\u770b\u770b\u64cd\u4f5c\u6b65\u9aa4\u5427\uff0c\u4e0d\u8981\u6c14\u9981~<\/p>\n
Linux\u6280\u672f\u4ea4\u6d41\u5b66\u4e60\u8bf7\u52a0\u8bfb\u8005\u7fa4\uff08\u63a8\u8350<\/span><\/strong>\uff09\uff1ahttps:\/\/q13zd.cn\/club<\/a><\/p>\n
*\u672c\u7fa4\u7279\u8272\uff1a\u786e\u4fdd\u6bcf\u4e00\u4f4d\u7fa4\u53cb\u90fd\u662f\u300aLinux\u5c31\u8be5\u8fd9\u4e48\u5b66\u300b\u7684\u8bfb\u8005\uff0c\u7b54\u7591\u66f4\u6709\u9488\u5bf9\u6027\uff0c\u4e0d\u5b9a\u671f\u9886\u53d6\u5b9a\u5236\u793c\u54c1\u3002<\/p><\/blockquote>\n
10.5 \u865a\u62df\u7f51\u7ad9\u4e3b\u673a\u529f\u80fd<\/span><\/strong><\/h5>\n
\u5982\u679c\u6bcf\u53f0\u8fd0\u884cLinux\u7cfb\u7edf\u7684\u670d\u52a1\u5668\u4e0a\u53ea\u80fd\u8fd0\u884c\u4e00\u4e2a\u7f51\u7ad9\uff0c\u90a3\u4e48\u4eba\u6c14\u4f4e\u3001\u6d41\u91cf\u5c0f\u7684\u8349\u6839\u7ad9\u957f\u5c31\u8981\u88ab\u8feb\u627f\u62c5\u9ad8\u6602\u7684\u670d\u52a1\u5668\u79df\u8d41\u8d39\u7528\u4e86\uff0c\u8fd9\u663e\u7136\u4e5f\u4f1a\u9020\u6210\u786c\u4ef6\u8d44\u6e90\u7684\u6d6a\u8d39\u3002\u5728\u865a\u62df\u4e13\u7528\u670d\u52a1\u5668\uff08Virtual Private Server\uff0cVPS\uff09\u4e0e\u4e91\u8ba1\u7b97\u6280\u672f\u8bde\u751f\u4ee5\u524d\uff0cIDC\u670d\u52a1\u4f9b\u5e94\u5546\u4e3a\u4e86\u80fd\u591f\u66f4\u5145\u5206\u5730\u5229\u7528\u670d\u52a1\u5668\u8d44\u6e90\uff0c\u540c\u65f6\u4e5f\u4e3a\u4e86\u964d\u4f4e\u8d2d\u4e70\u95e8\u69db\uff0c\u7eb7\u7eb7\u542f\u7528\u4e86\u865a\u62df\u4e3b\u673a\u529f\u80fd\u3002<\/p>\n
\u5229\u7528\u865a\u62df\u4e3b\u673a\u529f\u80fd\uff0c\u53ef\u4ee5\u628a\u4e00\u53f0\u5904\u4e8e\u8fd0\u884c\u72b6\u6001\u7684\u7269\u7406\u670d\u52a1\u5668\u5206\u5272\u6210\u591a\u4e2a\u201c\u865a\u62df\u7684\u670d\u52a1\u5668\u201d\u3002\u4f46\u662f\uff0c\u8be5\u6280\u672f\u65e0\u6cd5\u5b9e\u73b0\u76ee\u524d\u4e91\u4e3b\u673a\u6280\u672f\u7684\u786c\u4ef6\u8d44\u6e90\u9694\u79bb\uff0c\u800c\u53ea\u80fd\u8ba9\u8fd9\u4e9b\u865a\u62df\u7684\u670d\u52a1\u5668\u5171\u540c\u4f7f\u7528\u7269\u7406\u670d\u52a1\u5668\u7684\u786c\u4ef6\u8d44\u6e90\uff0c\u4f9b\u5e94\u5546\u53ea\u80fd\u9650\u5236\u786c\u76d8\u7684\u4f7f\u7528\u7a7a\u95f4\u5927\u5c0f\u3002\u51fa\u4e8e\u5404\u79cd\u8003\u8651\u7684\u56e0\u7d20\uff08\u4e3b\u8981\u662f\u4ef7\u683c\u4f4e\u5ec9\uff09\uff0c\u76ee\u524d\u4f9d\u7136\u6709\u5f88\u591a\u4f01\u4e1a\u6216\u4e2a\u4eba\u7ad9\u957f\u5728\u4f7f\u7528\u865a\u62df\u4e3b\u673a\u7684\u5f62\u5f0f\u6765\u90e8\u7f72\u7f51\u7ad9\u3002<\/p>\n
Apache\u7684\u865a\u62df\u4e3b\u673a\u529f\u80fd\u662f\u670d\u52a1\u5668\u57fa\u4e8e\u7528\u6237\u8bf7\u6c42\u7684\u4e0d\u540cIP\u5730\u5740\u3001\u4e3b\u673a\u57df\u540d\u6216\u7aef\u53e3\u53f7\uff0c\u63d0\u4f9b\u591a\u4e2a\u7f51\u7ad9\u540c\u65f6\u4e3a\u5916\u90e8\u63d0\u4f9b\u8bbf\u95ee\u670d\u52a1\u7684\u6280\u672f\u3002\u5982\u56fe10-13\u6240\u793a\uff0c\u7528\u6237\u8bf7\u6c42\u7684\u8d44\u6e90\u4e0d\u540c\uff0c\u6700\u7ec8\u83b7\u53d6\u5230\u7684\u7f51\u9875\u5185\u5bb9\u4e5f\u5404\u4e0d\u76f8\u540c\u3002\u5982\u679c\u5927\u5bb6\u4e4b\u524d\u6ca1\u6709\u505a\u8fc7\u7f51\u7ad9\uff0c\u53ef\u80fd\u4e0d\u592a\u7406\u89e3\u5176\u4e2d\u7684\u539f\u7406\uff0c\u7b49\u4e00\u4f1a\u513f\u642d\u5efa\u51fa\u5b9e\u9a8c\u73af\u5883\u5e76\u770b\u5230\u5b9e\u9a8c\u6548\u679c\u4e4b\u540e\uff0c\u4e00\u5b9a\u5c31\u80fd\u660e\u767d\u4e86\u3002<\/p>\n
\u518d\u6b21\u63d0\u9192\u5927\u5bb6\uff0c\u5728\u505a\u6bcf\u4e2a\u5b9e\u9a8c\u4e4b\u524d\u8bf7\u5148\u5c06\u865a\u62df\u673a\u8fd8\u539f\u5230\u6700\u521d\u59cb\u7684\u72b6\u6001\uff0c\u4ee5\u514d\u591a\u4e2a\u5b9e\u9a8c\u4e4b\u95f4\u76f8\u4e92\u4ea7\u751f\u51b2\u7a81\u3002\"\"<\/p>\n
\u56fe10-13 \u7528\u6237\u8bf7\u6c42\u7f51\u7ad9\u8d44\u6e90<\/p>\n
10.5.1 \u57fa\u4e8eIP\u5730\u5740<\/strong><\/span><\/h6>\n
\u5982\u679c\u4e00\u53f0\u670d\u52a1\u5668\u6709\u591a\u4e2aIP\u5730\u5740\uff0c\u800c\u4e14\u6bcf\u4e2aIP\u5730\u5740\u4e0e\u670d\u52a1\u5668\u4e0a\u90e8\u7f72\u7684\u6bcf\u4e2a\u7f51\u7ad9\u4e00\u4e00\u5bf9\u5e94\uff0c\u8fd9\u6837\u5f53\u7528\u6237\u8bf7\u6c42\u8bbf\u95ee\u4e0d\u540c\u7684IP\u5730\u5740\u65f6\uff0c\u4f1a\u8bbf\u95ee\u5230\u4e0d\u540c\u7f51\u7ad9\u7684\u9875\u9762\u8d44\u6e90\u3002\u800c\u4e14\uff0c\u6bcf\u4e2a\u7f51\u7ad9\u90fd\u6709\u4e00\u4e2a\u72ec\u7acb\u7684IP\u5730\u5740\uff0c\u8fd9\u5bf9\u641c\u7d22\u5f15\u64ce\u4f18\u5316\u4e5f\u5927\u6709\u88e8\u76ca\u3002\u56e0\u6b64\u4ee5\u8fd9\u79cd\u65b9\u5f0f\u63d0\u4f9b\u865a\u62df\u7f51\u7ad9\u4e3b\u673a\u529f\u80fd\u4e0d\u4ec5\u6700\u5e38\u89c1\uff0c\u800c\u4e14\u4e5f\u53d7\u5230\u4e86\u7f51\u7ad9\u7ad9\u957f\u7684\u6b22\u8fce\uff08\u5c24\u5176\u662f\u8349\u6839\u7ad9\u957f\uff09\u3002<\/p>\n
\u7b2c4\u7ae0\u548c\u7b2c9\u7ae0\u5206\u522b\u8bb2\u89e3\u4e86\u7528\u4e8e\u914d\u7f6e\u7f51\u7edc\u7684\u4e24\u79cd\u65b9\u6cd5\uff0c\u5927\u5bb6\u5728\u5b9e\u9a8c\u4e2d\u548c\u5de5\u4f5c\u4e2d\u53ef\u968f\u610f\u9009\u62e9\u3002\u5c31\u5f53\u524d\u7684\u5b9e\u9a8c\u6765\u8bb2\uff0c\u9700\u8981\u914d\u7f6e\u7684IP\u5730\u5740\u5982\u56fe10-14\u6240\u793a\u3002\u5728\u914d\u7f6e\u5b8c\u6bd5\u5e76\u91cd\u542f\u7f51\u7edc\u670d\u52a1\u4e4b\u540e\uff0c\u8bb0\u5f97\u68c0\u67e5\u7f51\u7edc\u7684\u8fde\u901a\u6027\uff0c\u786e\u4fdd3\u4e2aIP\u5730\u5740\u5747\u53ef\u6b63\u5e38\u8bbf\u95ee\uff0c\u5982\u56fe10-15\u6240\u793a\uff08\u8fd9\u5f88\u91cd\u8981\uff0c\u4e00\u5b9a\u8981\u6d4b\u8bd5\u597d\uff0c\u7136\u540e\u518d\u8fdb\u884c\u4e0b\u4e00\u6b65\uff09\u3002<\/p>\n
\"\"<\/p>\n
\u56fe10-14\u00a0 \u4f7f\u7528nmtui\u547d\u4ee4\u914d\u7f6e\u7f51\u7edc\u53c2\u6570<\/p>\n
[root@linuxprobe ~]# nmcli connection up ens160 \r\nConnection successfully activated (D-Bus active path: \/org\/freedesktop\/NetworkManager\/ActiveConnection\/6)<\/pre>\n
\"\"<\/p>\n
\u56fe10-15\u00a0 \u5206\u522b\u68c0\u67e53\u4e2aIP\u5730\u5740\u7684\u8fde\u901a\u6027<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u5206\u522b\u5728\/home\/wwwroot\u4e2d\u521b\u5efa\u7528\u4e8e\u4fdd\u5b58\u4e0d\u540c\u7f51\u7ad9\u6570\u636e\u76843\u4e2a\u76ee\u5f55\uff0c\u5e76\u5411\u5176\u4e2d\u5206\u522b\u5199\u5165\u7f51\u7ad9\u7684\u9996\u9875\u6587\u4ef6\u3002\u6bcf\u4e2a\u9996\u9875\u6587\u4ef6\u4e2d\u5e94\u6709\u660e\u786e\u533a\u5206\u4e0d\u540c\u7f51\u7ad9\u5185\u5bb9\u7684\u4fe1\u606f\uff0c\u65b9\u4fbf\u7a0d\u540e\u80fd\u66f4\u76f4\u89c2\u5730\u68c0\u67e5\u6548\u679c\u3002<\/p>\n
[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/10\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/20\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/30\r\n[root@linuxprobe ~]# echo \"IP:192.168.10.10\" > \/home\/wwwroot\/10\/index.html\r\n[root@linuxprobe ~]# echo \"IP:192.168.10.20\" > \/home\/wwwroot\/20\/index.html\r\n[root@linuxprobe ~]# echo \"IP:192.168.10.30\" > \/home\/wwwroot\/30\/index.html\r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u4ecehttpd\u670d\u52a1\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u5927\u7ea6\u7b2c132\u884c\u5904\u5f00\u59cb\uff0c\u5206\u522b\u8ffd\u52a0\u5199\u51653\u4e2a\u57fa\u4e8eIP\u5730\u5740\u7684\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u53c2\u6570\uff0c\u7136\u540e\u4fdd\u5b58\u5e76\u9000\u51fa\u3002\u8bb0\u5f97\u9700\u8981\u91cd\u542fhttpd\u670d\u52a1\uff0c\u8fd9\u4e9b\u914d\u7f6e\u624d\u751f\u6548\u3002<\/p>\n
\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n132 <VirtualHost 192.168.10.10><\/strong>\r\n133     DocumentRoot \/home\/wwwroot\/10\r\n134     ServerName q13zd.cn\r\n135     <Directory \/home\/wwwroot\/10>\r\n136     AllowOverride None\r\n137     Require all granted\r\n138     <\/Directory>\r\n139 <\/VirtualHost><\/strong>\r\n\u00a0\u00a0\r\n140 <VirtualHost 192.168.10.20><\/strong>\r\n141     DocumentRoot \/home\/wwwroot\/20\r\n142     ServerName www.linuxcool.com\r\n143     <Directory \/home\/wwwroot\/20>\r\n144     AllowOverride None\r\n145     Require all granted\r\n146     <\/Directory>\r\n147 <\/VirtualHost><\/strong>\r\n\u00a0\u00a0\r\n148 <VirtualHost 192.168.10.30><\/strong>\r\n149     DocumentRoot \/home\/wwwroot\/30\r\n150     ServerName www.linuxdown.com\r\n151     <Directory \/home\/wwwroot\/30>\r\n152     AllowOverride None\r\n153     Require all granted\r\n154     <\/Directory>\r\n155 <\/VirtualHost><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n[root@linuxprobe ~]# systemctl restart httpd\r\n<\/pre>\n<\/div>\n
\u7b2c3\u6b65<\/strong>\uff1a\u6b64\u65f6\u8bbf\u95ee\u7f51\u7ad9\uff0c\u5219\u4f1a\u770b\u5230httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u9ed8\u8ba4\u9996\u9875\u9762\u4e2d\u663e\u793a\u201c\u6743\u9650\u4e0d\u8db3\u201d\u3002\u5927\u5bb6\u73b0\u5728\u5e94\u8be5\u7acb\u523b\u5c31\u53cd\u5e94\u8fc7\u6765\u2014\u8fd9\u662fSELinux\u5728\u6363\u9b3c\u3002\u7531\u4e8e\u5f53\u524d\u7684\/home\/wwwroot\u76ee\u5f55\u53ca\u91cc\u9762\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u4e0e\u7f51\u7ad9\u670d\u52a1\u4e0d\u543b\u5408\uff0c\u56e0\u6b64httpd\u670d\u52a1\u7a0b\u5e8f\u65e0\u6cd5\u83b7\u53d6\u5230\u8fd9\u4e9b\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u3002\u6211\u4eec\u9700\u8981\u624b\u52a8\u628a\u65b0\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u8bbe\u7f6e\u6b63\u786e\uff08\u89c1\u524d\u6587\u7684\u5b9e\u9a8c\uff09\uff0c\u5e76\u4f7f\u7528restorecon\u547d\u4ee4\u8ba9\u65b0\u8bbe\u7f6e\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7acb\u5373\u751f\u6548\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u7acb\u5373\u770b\u5230\u7f51\u7ad9\u7684\u8bbf\u95ee\u6548\u679c\u4e86\uff0c\u5982\u56fe10-16\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/10\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/10\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/20\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/20\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/30\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/30\/*\r\n[root@linuxprobe ~]# restorecon -Rv \/home\/wwwroot\r\nRelabeled \/home\/wwwroot from unconfined_u:object_r:user_home_dir_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/10 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/10\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/20 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/20\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/30 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/30\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\n[root@linuxprobe ~]# firefox<\/pre>\n
\"\"<\/p>\n
\u56fe10-16\u00a0 \u57fa\u4e8e\u4e0d\u540c\u7684IP\u5730\u5740\u8bbf\u95ee\u865a\u62df\u4e3b\u673a\u7f51\u7ad9<\/p>\n
10.5.2 \u57fa\u4e8e\u4e3b\u673a\u57df\u540d<\/span><\/strong><\/h6>\n
\u5f53\u670d\u52a1\u5668\u65e0\u6cd5\u4e3a\u6bcf\u4e2a\u7f51\u7ad9\u90fd\u5206\u914d\u4e00\u4e2a\u72ec\u7acbIP\u5730\u5740\u7684\u65f6\u5019\uff0c\u53ef\u4ee5\u5c1d\u8bd5\u8ba9Apache\u81ea\u52a8\u8bc6\u522b\u7528\u6237\u8bf7\u6c42\u7684\u57df\u540d\uff0c\u4ece\u800c\u6839\u636e\u4e0d\u540c\u7684\u57df\u540d\u8bf7\u6c42\u6765\u4f20\u8f93\u4e0d\u540c\u7684\u5185\u5bb9\u3002\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\u7684\u914d\u7f6e\u66f4\u52a0\u7b80\u5355\uff0c\u53ea\u9700\u8981\u4fdd\u8bc1\u4f4d\u4e8e\u751f\u4ea7\u73af\u5883\u4e2d\u7684\u670d\u52a1\u5668\u4e0a\u6709\u4e00\u4e2a\u53ef\u7528\u7684IP\u5730\u5740\uff08\u8fd9\u91cc\u4ee5192.168.10.10\u4e3a\u4f8b\uff09\u5c31\u53ef\u4ee5\u4e86\u3002\u7531\u4e8e\u5f53\u524d\u8fd8\u6ca1\u6709\u4ecb\u7ecd\u5982\u4f55\u914d\u7f6eDNS\u89e3\u6790\u670d\u52a1\uff0c\u56e0\u6b64\u9700\u8981\u624b\u52a8\u5b9a\u4e49IP\u5730\u5740\u4e0e\u57df\u540d\u4e4b\u95f4\u7684\u5bf9\u5e94\u5173\u7cfb\u3002\/etc\/hosts\u662fLinux\u7cfb\u7edf\u4e2d\u7528\u4e8e\u5f3a\u5236\u628a\u67d0\u4e2a\u4e3b\u673a\u57df\u540d\u89e3\u6790\u5230\u6307\u5b9aIP\u5730\u5740\u7684\u914d\u7f6e\u6587\u4ef6\u3002\u7b80\u5355\u6765\u8bf4\uff0c\u53ea\u8981\u8fd9\u4e2a\u6587\u4ef6\u914d\u7f6e\u6b63\u786e\uff0c\u5373\u4f7f\u7f51\u7edc\u53c2\u6570\u4e2d\u6ca1\u6709DNS\u4fe1\u606f\u4e5f\u4f9d\u7136\u80fd\u591f\u5c06\u57df\u540d\u89e3\u6790\u4e3a\u67d0\u4e2aIP\u5730\u5740\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u624b\u52a8\u5b9a\u4e49IP\u5730\u5740\u4e0e\u57df\u540d\u4e4b\u95f4\u5bf9\u5e94\u5173\u7cfb\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u4fdd\u5b58\u5e76\u9000\u51fa\u540e\u4f1a\u7acb\u5373\u751f\u6548\u3002\u53ef\u4ee5\u901a\u8fc7\u5206\u522bping\u8fd9\u4e9b\u57df\u540d\u6765\u9a8c\u8bc1\u57df\u540d\u662f\u5426\u5df2\u7ecf\u6210\u529f\u89e3\u6790\u4e3aIP\u5730\u5740\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/hosts\r\n127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4\r\n::1         localhost localhost.localdomain localhost6 localhost6.localdomain6\r\n192.168.10.10   q13zd.cn www.linuxcool.com www.linuxdown.com<\/strong>\r\n[root@linuxprobe ~]# ping -c 4 q13zd.cn\r\nPING q13zd.cn (192.168.10.10) 56(84) bytes of data.\r\n64 bytes from q13zd.cn (192.168.10.10): icmp_seq=1 ttl=64 time=0.070 ms\r\n64 bytes from q13zd.cn (192.168.10.10): icmp_seq=2 ttl=64 time=0.077 ms\r\n64 bytes from q13zd.cn (192.168.10.10): icmp_seq=3 ttl=64 time=0.061 ms\r\n64 bytes from q13zd.cn (192.168.10.10): icmp_seq=4 ttl=64 time=0.069 ms\r\n--- q13zd.cn ping statistics ---\r\n4 packets transmitted, 4 received, 0% packet loss, time 2999ms\r\nrtt min\/avg\/max\/mdev = 0.061\/0.069\/0.077\/0.008 ms\r\n[root@linuxprobe ~]# \r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u5206\u522b\u5728\/home\/wwwroot\u4e2d\u521b\u5efa\u7528\u4e8e\u4fdd\u5b58\u4e0d\u540c\u7f51\u7ad9\u6570\u636e\u76843\u4e2a\u76ee\u5f55\uff0c\u5e76\u5411\u5176\u4e2d\u5206\u522b\u5199\u5165\u7f51\u7ad9\u7684\u9996\u9875\u6587\u4ef6\u3002\u6bcf\u4e2a\u9996\u9875\u6587\u4ef6\u4e2d\u5e94\u6709\u660e\u786e\u533a\u5206\u4e0d\u540c\u7f51\u7ad9\u5185\u5bb9\u7684\u4fe1\u606f\uff0c\u65b9\u4fbf\u7a0d\u540e\u80fd\u66f4\u76f4\u89c2\u5730\u68c0\u67e5\u6548\u679c\u3002<\/p>\n
[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/linuxprobe\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/linuxcool\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/linuxdown\r\n[root@linuxprobe ~]# echo \"q13zd.cn\" > \/home\/wwwroot\/linuxprobe\/index.html\r\n[root@linuxprobe ~]# echo \"www.linuxcool.com\" > \/home\/wwwroot\/linuxcool\/index.html\r\n[root@linuxprobe ~]# echo \"www.linuxdown.com\" > \/home\/wwwroot\/linuxdown\/index.html\r\n<\/pre>\n
\u7b2c3\u6b65<\/strong>\uff1a\u4ecehttpd\u670d\u52a1\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u5927\u7ea6\u7b2c132\u884c\u5904\u5f00\u59cb\uff0c\u5206\u522b\u8ffd\u52a0\u5199\u51653\u4e2a\u57fa\u4e8e\u4e3b\u673a\u540d\u7684\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u53c2\u6570\uff0c\u7136\u540e\u4fdd\u5b58\u5e76\u9000\u51fa\u3002\u8bb0\u5f97\u9700\u8981\u91cd\u542fhttpd\u670d\u52a1\uff0c\u8fd9\u4e9b\u914d\u7f6e\u624d\u751f\u6548\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n132 <VirtualHost 192.168.10.10><\/strong>\r\n133     Documentroot \/home\/wwwroot\/linuxprobe\r\n134     ServerName q13zd.cn\r\n135     <Directory \/home\/wwwroot\/linuxprobe>\r\n136     AllowOverride None\r\n137     Require all granted\r\n138     <\/Directory>\r\n139 <\/VirtualHost><\/strong>\r\n\u00a0\r\n140 <VirtualHost 192.168.10.10><\/strong>\r\n141     Documentroot \/home\/wwwroot\/linuxcool\r\n142     ServerName www.linuxcool.com\r\n143     <Directory \/home\/wwwroot\/linuxcool>\r\n144     AllowOverride None\r\n145     Require all granted\r\n146     <\/Directory>\r\n147 <\/VirtualHost><\/strong>\r\n\u00a0\r\n148 <VirtualHost 192.168.10.10><\/strong>\r\n149     Documentroot \/home\/wwwroot\/linuxdown\r\n150     ServerName www.linuxdown.com\r\n151     <Directory \/home\/wwwroot\/linuxdown>\r\n152     AllowOverride None\r\n153     Require all granted\r\n154     <\/Directory>\r\n155 <\/VirtualHost><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n[root@linuxprobe ~]# systemctl restart httpd<\/pre>\n
\u7b2c4\u6b65<\/strong>\uff1a\u56e0\u4e3a\u5f53\u524d\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u8fd8\u662f\u5728\/home\/wwwroot\u76ee\u5f55\u4e2d\uff0c\u56e0\u6b64\u8fd8\u662f\u5fc5\u987b\u8981\u6b63\u786e\u8bbe\u7f6e\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u6587\u4ef6\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\uff0c\u4f7f\u5176\u4e0e\u7f51\u7ad9\u670d\u52a1\u529f\u80fd\u76f8\u543b\u5408\u3002\u6700\u540e\u8bb0\u5f97\u7528restorecon\u547d\u4ee4\u8ba9\u65b0\u914d\u7f6e\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7acb\u5373\u751f\u6548\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u7acb\u5373\u8bbf\u95ee\u5230\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u4e86\uff0c\u6548\u679c\u5982\u56fe10-17\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxprobe\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxprobe\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxcool\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxcool\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxdown\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/linuxdown\/*\r\n[root@linuxprobe ~]# restorecon -Rv \/home\/wwwroot\r\nRelabeled \/home\/wwwroot from unconfined_u:object_r:user_home_dir_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxprobe from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxprobe\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxcool from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxcool\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxdown from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/linuxdown\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\n[root@linuxprobe ~]# firefox \r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-17\u00a0 \u57fa\u4e8e\u4e3b\u673a\u57df\u540d\u8bbf\u95ee\u865a\u62df\u4e3b\u673a\u7f51\u7ad9<\/p>\n
10.5.3 \u57fa\u4e8e\u7aef\u53e3\u53f7<\/span><\/strong><\/h6>\n
\u57fa\u4e8e\u7aef\u53e3\u53f7\u7684\u865a\u62df\u4e3b\u673a\u529f\u80fd\u53ef\u4ee5\u8ba9\u7528\u6237\u901a\u8fc7\u6307\u5b9a\u7684\u7aef\u53e3\u53f7\u6765\u8bbf\u95ee\u670d\u52a1\u5668\u4e0a\u7684\u7f51\u7ad9\u8d44\u6e90\u3002\u5728\u4f7f\u7528Apache\u914d\u7f6e\u865a\u62df\u7f51\u7ad9\u4e3b\u673a\u529f\u80fd\u65f6\uff0c\u57fa\u4e8e\u7aef\u53e3\u53f7\u7684\u914d\u7f6e\u65b9\u5f0f\u662f\u6700\u590d\u6742\u7684\u3002\u56e0\u6b64\u6211\u4eec\u4e0d\u4ec5\u8981\u8003\u8651httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u914d\u7f6e\u56e0\u7d20\uff0c\u8fd8\u9700\u8981\u8003\u8651\u5230SELinux\u670d\u52a1\u5bf9\u65b0\u5f00\u8bbe\u7aef\u53e3\u7684\u76d1\u63a7\u3002\u4e00\u822c\u6765\u8bf4\uff0c\u4f7f\u752880\u3001443\u30018080\u7b49\u7aef\u53e3\u53f7\u6765\u63d0\u4f9b\u7f51\u7ad9\u8bbf\u95ee\u670d\u52a1\u662f\u6bd4\u8f83\u5408\u7406\u7684\uff0c\u5982\u679c\u4f7f\u7528\u5176\u4ed6\u7aef\u53e3\u53f7\u5219\u4f1a\u53d7\u5230SELinux\u670d\u52a1\u7684\u9650\u5236\u3002<\/p>\n
\u5728\u63a5\u4e0b\u6765\u7684\u5b9e\u9a8c\u4e2d\uff0c\u6211\u4eec\u4e0d\u4f46\u8981\u8003\u8651\u5230\u76ee\u5f55\u4e0a\u5e94\u7528\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7684\u9650\u5236\uff0c\u8fd8\u9700\u8981\u8003\u8651SELinux\u57df\u5bf9httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u7ba1\u63a7\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u5206\u522b\u5728\/home\/wwwroot\u4e2d\u521b\u5efa\u7528\u4e8e\u4fdd\u5b58\u4e0d\u540c\u7f51\u7ad9\u6570\u636e\u76843\u4e2a\u76ee\u5f55\uff0c\u5e76\u5411\u5176\u4e2d\u5206\u522b\u5199\u5165\u7f51\u7ad9\u7684\u9996\u9875\u6587\u4ef6\u3002\u6bcf\u4e2a\u9996\u9875\u6587\u4ef6\u4e2d\u5e94\u6709\u660e\u786e\u533a\u5206\u4e0d\u540c\u7f51\u7ad9\u5185\u5bb9\u7684\u4fe1\u606f\uff0c\u65b9\u4fbf\u7a0d\u540e\u80fd\u66f4\u76f4\u89c2\u5730\u68c0\u67e5\u6548\u679c\u3002<\/p>\n
[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/6111\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/6222\r\n[root@linuxprobe ~]# mkdir -p \/home\/wwwroot\/6333\r\n[root@linuxprobe ~]# echo \"port:6111\" > \/home\/wwwroot\/6111\/index.html\r\n[root@linuxprobe ~]# echo \"port:6222\" > \/home\/wwwroot\/6222\/index.html\r\n[root@linuxprobe ~]# echo \"port:6333\" > \/home\/wwwroot\/6333\/index.html\r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u5728httpd\u670d\u52a1\u914d\u7f6e\u6587\u4ef6\u7684\u7b2c46\u884c\uff5e48\u884c\u5206\u522b\u6dfb\u52a0\u7528\u4e8e\u76d1\u542c6111\u30016222\u548c6333\u7aef\u53e3\u7684\u53c2\u6570\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\u00a0\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026 \r\n 37 # Listen: Allows you to bind Apache to specific IP addresses and\/or\r\n 38 # ports, instead of the default. See also the \r\n 39 # directive.\r\n 40 #\r\n 41 # Change this to Listen on specific IP addresses as shown below to \r\n 42 # prevent Apache from glomming onto all bound IP addresses.\r\n 43 #\r\n 44 #Listen 12.34.56.78:80\r\n 45 Listen 80\r\n 46 Listen 6111<\/strong>\r\n 47 Listen 6222\r\n<\/strong> 48 Listen 6333\r\n<\/strong>\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\u00a0<\/strong><\/pre>\n
\u7b2c3\u6b65<\/strong>\uff1a\u4ecehttpd\u670d\u52a1\u7684\u914d\u7f6e\u6587\u4ef6\u4e2d\u5927\u7ea6\u7b2c134\u884c\u5904\u5f00\u59cb\uff0c\u5206\u522b\u8ffd\u52a0\u5199\u51653\u4e2a\u57fa\u4e8e\u7aef\u53e3\u53f7\u7684\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u53c2\u6570\uff0c\u7136\u540e\u4fdd\u5b58\u5e76\u9000\u51fa\u3002\u8bb0\u5f97\u9700\u8981\u91cd\u542fhttpd\u670d\u52a1\uff0c\u8fd9\u4e9b\u914d\u7f6e\u624d\u751f\u6548\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026 \r\n134 <VirtualHost 192.168.10.10:6111><\/strong>\r\n135     DocumentRoot \/home\/wwwroot\/6111\r\n136     ServerName q13zd.cn\r\n137     <Directory \/home\/wwwroot\/6111>\r\n138     AllowOverride None\r\n139     Require all granted\r\n140     <\/Directory> \r\n141 <\/VirtualHost>\r\n<\/strong>\r\n142 <VirtualHost 192.168.10.10:6222><\/strong>\r\n143     DocumentRoot \/home\/wwwroot\/6222\r\n144     ServerName www.linuxcool.com\r\n145     <Directory \/home\/wwwroot\/6222>\r\n146     AllowOverride None\r\n147     Require all granted\r\n148     <\/Directory>\r\n149 <\/VirtualHost>\r\n\r\n<\/strong>150 <VirtualHost 192.168.10.10:6333><\/strong>\r\n151     DocumentRoot \/home\/wwwroot\/6333\r\n152     ServerName www.linuxdown.com\r\n153     <Directory \/home\/wwwroot\/6333>\r\n154     AllowOverride None\r\n155     Require all granted\r\n156     <\/Directory>\r\n157 <\/VirtualHost><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026<\/pre>\n
\u7b2c4\u6b65<\/strong>\uff1a\u56e0\u4e3a\u6211\u4eec\u628a\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u5b58\u653e\u5728\/home\/wwwroot\u76ee\u5f55\u4e2d\uff0c\u56e0\u6b64\u8fd8\u662f\u5fc5\u987b\u8981\u6b63\u786e\u8bbe\u7f6e\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u6587\u4ef6\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\uff0c\u4f7f\u5176\u4e0e\u7f51\u7ad9\u670d\u52a1\u529f\u80fd\u76f8\u543b\u5408\u3002\u6700\u540e\u8bb0\u5f97\u7528restorecon\u547d\u4ee4\u8ba9\u65b0\u914d\u7f6e\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u7acb\u5373\u751f\u6548\u3002<\/p>\n
[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6111\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6111\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6222\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6222\/*\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6333\r\n[root@linuxprobe ~]# semanage fcontext -a -t httpd_sys_content_t \/home\/wwwroot\/6333\/*\r\n[root@linuxprobe ~]# restorecon -Rv \/home\/wwwroot\/\r\nRelabeled \/home\/wwwroot from unconfined_u:object_r:user_home_dir_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6111 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6111\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6222 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6222\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6333 from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\nRelabeled \/home\/wwwroot\/6333\/index.html from unconfined_u:object_r:user_home_t:s0 to unconfined_u:object_r:httpd_sys_content_t:s0\r\n[root@linuxprobe ~]# systemctl restart httpd\r\nJob for httpd.service failed because the control process exited with error code.\r\nSee \"systemctl status httpd.service\" and \"journalctl -xe\" for details.\r\n<\/pre>\n
\u89c1\u9b3c\u4e86\uff01\u5728\u59a5\u5f53\u914d\u7f6ehttpd\u670d\u52a1\u7a0b\u5e8f\u548cSELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u5e76\u91cd\u542fhttpd\u670d\u52a1\u540e\uff0c\u7adf\u7136\u51fa\u73b0\u62a5\u9519\u4fe1\u606f\u3002\u8fd9\u662f\u56e0\u4e3aSELinux\u670d\u52a1\u68c0\u6d4b\u52306111\u30016222\u548c6333\u7aef\u53e3\u539f\u672c\u4e0d\u5c5e\u4e8eApache\u670d\u52a1\u5e94\u8be5\u9700\u8981\u7684\u8d44\u6e90\uff0c\u4f46\u73b0\u5728\u5374\u4ee5httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u540d\u4e49\u76d1\u542c\u4f7f\u7528\u4e86\uff0c\u6240\u4ee5SELinux\u4f1a\u62d2\u7edd\u4f7f\u7528Apache\u670d\u52a1\u4f7f\u7528\u8fd93\u4e2a\u7aef\u53e3\u3002\u53ef\u4ee5\u4f7f\u7528semanage\u547d\u4ee4\u67e5\u8be2\u5e76\u8fc7\u6ee4\u51fa\u6240\u6709\u4e0eHTTP\u534f\u8bae\u76f8\u5173\u4e14SELinux\u670d\u52a1\u5141\u8bb8\u7684\u7aef\u53e3\u5217\u8868\u3002<\/p>\n
[root@linuxprobe ~]# semanage port -l | grep http\r\nhttp_cache_port_t            tcp      8080, 8118, 8123, 10001-10010\r\nhttp_cache_port_t            udp      3130\r\nhttp_port_t                  tcp      80, 81, 443, 488, 8008, 8009, 8443, 9000<\/strong>\r\npegasus_http_port_t          tcp      5988\r\npegasus_https_port_t         tcp      5989\r\n<\/pre>\n
\u7b2c5\u6b65<\/strong>\uff1aSELinux\u5141\u8bb8\u7684\u4e0eHTTP\u534f\u8bae\u76f8\u5173\u7684\u7aef\u53e3\u53f7\u4e2d\u9ed8\u8ba4\u6ca1\u6709\u5305\u542b6111\u30016222\u548c6333\uff0c\u56e0\u6b64\u9700\u8981\u5c06\u8fd93\u4e2a\u7aef\u53e3\u53f7\u624b\u52a8\u6dfb\u52a0\u8fdb\u53bb\u3002\u8be5\u64cd\u4f5c\u4f1a\u7acb\u5373\u751f\u6548\uff0c\u800c\u4e14\u5728\u7cfb\u7edf\u91cd\u542f\u8fc7\u540e\u4f9d\u7136\u6709\u6548\u3002\u8bbe\u7f6e\u597d\u540e\u518d\u91cd\u542fhttpd\u670d\u52a1\u7a0b\u5e8f\uff0c\u7136\u540e\u5c31\u53ef\u4ee5\u770b\u5230\u7f51\u9875\u5185\u5bb9\u4e86\uff0c\u7ed3\u679c\u5982\u56fe10-18\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# semanage port -a -t http_port_t -p tcp 6111\r\n[root@linuxprobe ~]# semanage port -a -t http_port_t -p tcp 6222\r\n[root@linuxprobe ~]# semanage port -a -t http_port_t -p tcp 6333\r\n[root@linuxprobe ~]# semanage port -l | grep http\r\nhttp_cache_port_t            tcp      8080, 8118, 8123, 10001-10010\r\nhttp_cache_port_t            udp      3130\r\nhttp_port_t                  tcp      6333, 6222, 6111<\/strong>, 80, 81, 443, 488, 8008, 8009, 8443, 9000\r\npegasus_http_port_t          tcp      5988\r\npegasus_https_port_t         tcp      5989\r\n[root@linuxprobe ~]# systemctl restart httpd\r\n[root@linuxprobe ~]# firefox\r\n<\/pre>\n
\"\"<\/p>\n
\u56fe10-18\u00a0 \u57fa\u4e8e\u7aef\u53e3\u53f7\u8bbf\u95ee\u865a\u62df\u4e3b\u673a\u7f51\u7ad9<\/p>\n
10.6 Apache\u7684\u8bbf\u95ee\u63a7\u5236<\/strong><\/span><\/h5>\n
Apache\u53ef\u4ee5\u57fa\u4e8e\u6e90\u4e3b\u673a\u540d\u3001\u6e90IP\u5730\u5740\u6216\u6e90\u4e3b\u673a\u4e0a\u7684\u6d4f\u89c8\u5668\u7279\u5f81\u7b49\u4fe1\u606f\u5bf9\u7f51\u7ad9\u4e0a\u7684\u8d44\u6e90\u8fdb\u884c\u8bbf\u95ee\u63a7\u5236\u3002\u5b83\u901a\u8fc7Allow\u6307\u4ee4\u5141\u8bb8\u67d0\u4e2a\u4e3b\u673a\u8bbf\u95ee\u670d\u52a1\u5668\u4e0a\u7684\u7f51\u7ad9\u8d44\u6e90\uff0c\u901a\u8fc7Deny\u6307\u4ee4\u5b9e\u73b0\u7981\u6b62\u8bbf\u95ee\u3002\u5728\u5141\u8bb8\u6216\u7981\u6b62\u8bbf\u95ee\u7f51\u7ad9\u8d44\u6e90\u65f6\uff0c\u8fd8\u4f1a\u7528\u5230Order\u6307\u4ee4\uff0c\u8fd9\u4e2a\u6307\u4ee4\u7528\u6765\u5b9a\u4e49Allow\u6216Deny\u6307\u4ee4\u8d77\u4f5c\u7528\u7684\u987a\u5e8f\uff0c\u5176\u5339\u914d\u539f\u5219\u662f\u6309\u7167\u987a\u5e8f\u8fdb\u884c\u5339\u914d\uff0c\u82e5\u5339\u914d\u6210\u529f\u5219\u6267\u884c\u540e\u9762\u7684\u9ed8\u8ba4\u6307\u4ee4\u3002\u6bd4\u5982\u201cOrder Allow, Deny\u201d\u8868\u793a\u5148\u5c06\u6e90\u4e3b\u673a\u4e0e\u5141\u8bb8\u89c4\u5219\u8fdb\u884c\u5339\u914d\uff0c\u82e5\u5339\u914d\u6210\u529f\u5219\u5141\u8bb8\u8bbf\u95ee\u8bf7\u6c42\uff0c\u53cd\u4e4b\u5219\u62d2\u7edd\u8bbf\u95ee\u8bf7\u6c42\u3002<\/p>\n
\u7b2c1\u6b65<\/strong>\uff1a\u5148\u5728\u670d\u52a1\u5668\u4e0a\u7684\u7f51\u7ad9\u6570\u636e\u76ee\u5f55\u4e2d\u65b0\u5efa\u4e00\u4e2a\u5b50\u76ee\u5f55\uff0c\u5e76\u5728\u8fd9\u4e2a\u5b50\u76ee\u5f55\u4e2d\u521b\u5efa\u4e00\u4e2a\u5305\u542bSuccessful\u5355\u8bcd\u7684\u9996\u9875\u6587\u4ef6\u3002<\/p>\n
[root@linuxprobe ~]#\u00a0mkdir \/var\/www\/html\/server\r\n[root@linuxprobe\u00a0~]# echo \"Successful\" > \/var\/www\/html\/server\/index.html\r\n<\/pre>\n
\u7b2c2\u6b65<\/strong>\uff1a\u6253\u5f00httpd\u670d\u52a1\u7684\u914d\u7f6e\u6587\u4ef6\uff0c\u5728\u7b2c161\u884c\u540e\u9762\u6dfb\u52a0\u4e0b\u8ff0\u89c4\u5219\u6765\u9650\u5236\u6e90\u4e3b\u673a\u7684\u8bbf\u95ee\u3002\u8fd9\u6bb5\u89c4\u5219\u7684\u542b\u4e49\u662f\u5141\u8bb8\u4f7f\u7528Firefox\u6d4f\u89c8\u5668\u7684\u4e3b\u673a\u8bbf\u95ee\u670d\u52a1\u5668\u4e0a\u7684\u9996\u9875\u6587\u4ef6\uff0c\u9664\u6b64\u4e4b\u5916\u7684\u6240\u6709\u8bf7\u6c42\u90fd\u5c06\u88ab\u62d2\u7edd\u3002\u4f7f\u7528Firefox\u6d4f\u89c8\u5668\u7684\u8bbf\u95ee\u6548\u679c\u5982\u56fe10-19\u6240\u793a\uff0c\u4f7f\u7528\u5176\u4ed6\u6d4f\u89c8\u5668\u7684\u8bbf\u95ee\u6548\u679c\u5982\u56fe10-20\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n161 <Directory \"\/var\/www\/html\/server\"><\/strong>\r\n162     SetEnvIf User-Agent \"Firefox\" ff=1\r\n163     Order allow,deny\r\n164     Allow from env=ff\r\n165 <\/Directory><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n[root@linuxprobe ~]# systemctl restart httpd\r\n[root@linuxprobe ~]# firefox<\/pre>\n
\"\"<\/p>\n
\u56fe10-19\u00a0 \u706b\u72d0\u6d4f\u89c8\u5668\u6210\u529f\u8bbf\u95ee<\/p>\n
\"\"<\/p>\n
\u56fe10-20 \u5176\u5b83\u6d4f\u89c8\u5668\u8bbf\u95ee\u5931\u8d25<\/p>\n
\n
\u9664\u4e86\u5339\u914d\u6e90\u4e3b\u673a\u7684\u6d4f\u89c8\u5668\u7279\u5f81\u4e4b\u5916\uff0c\u8fd8\u53ef\u4ee5\u901a\u8fc7\u5339\u914d\u6e90\u4e3b\u673a\u7684IP\u5730\u5740\u8fdb\u884c\u8bbf\u95ee\u63a7\u5236\u3002\u4f8b\u5982\uff0c\u6211\u4eec\u53ea\u5141\u8bb8IP\u5730\u5740\u4e3a192.168.10.20\u7684\u4e3b\u673a\u8bbf\u95ee\u7f51\u7ad9\u8d44\u6e90\uff0c\u90a3\u4e48\u5c31\u53ef\u4ee5\u5728httpd\u670d\u52a1\u914d\u7f6e\u6587\u4ef6\u7684\u7b2c161\u884c\u540e\u9762\u6dfb\u52a0\u4e0b\u8ff0\u89c4\u5219\u3002\u8fd9\u6837\u5728\u91cd\u542fhttpd\u670d\u52a1\u7a0b\u5e8f\u540e\u518d\u7528\u672c\u673a\uff08\u5373\u670d\u52a1\u5668\uff0c\u5176IP\u5730\u5740\u4e3a192.168.10.10\uff09\u6765\u8bbf\u95ee\u7f51\u7ad9\u7684\u9996\u9875\u9762\u65f6\u5c31\u4f1a\u63d0\u793a\u8bbf\u95ee\u88ab\u62d2\u7edd\u4e86\uff0c\u5982\u56fe10-21\u6240\u793a\u3002<\/p>\n
[root@linuxprobe ~]# vim \/etc\/httpd\/conf\/httpd.conf\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n161 <Directory \"\/var\/www\/html\/server\"><\/strong>\r\n162     Order allow,deny \r\n163     Allow from 192.168.10.20\r\n164 <\/Directory><\/strong>\r\n\u2026\u2026\u2026\u2026\u2026\u2026\u7701\u7565\u90e8\u5206\u8f93\u51fa\u4fe1\u606f\u2026\u2026\u2026\u2026\u2026\u2026\r\n[root@linuxprobe ~]# systemctl restart httpd\r\n[root@linuxprobe ~]# firefox\r\n<\/pre>\n
\"\"\u56fe10-20\u00a0 \u56e0IP\u5730\u5740\u4e0d\u7b26\u5408\u8981\u6c42\u800c\u88ab\u62d2\u7edd\u8bbf\u95ee<\/p>\n
\u51fa\u73b0\u95ee\u9898?\u5927\u80c6\u63d0\u95ee!<\/strong><\/span><\/p>\n
\u56e0\u8bfb\u8005\u4eec\u786c\u4ef6\u4e0d\u540c\u6216\u64cd\u4f5c\u9519\u8bef\u90fd\u53ef\u80fd\u5bfc\u81f4\u5b9e\u9a8c\u914d\u7f6e\u51fa\u9519\uff0c\u8bf7\u8010\u5fc3\u518d\u4ed4\u7ec6\u770b\u770b\u64cd\u4f5c\u6b65\u9aa4\u5427\uff0c\u4e0d\u8981\u6c14\u9981~<\/p>\n
Linux\u6280\u672f\u4ea4\u6d41\u5b66\u4e60\u8bf7\u52a0\u8bfb\u8005\u7fa4\uff08\u63a8\u8350<\/span><\/strong>\uff09\uff1ahttps:\/\/q13zd.cn\/club<\/a><\/p>\n
*\u672c\u7fa4\u7279\u8272\uff1a\u786e\u4fdd\u6bcf\u4e00\u4f4d\u7fa4\u53cb\u90fd\u662f\u300aLinux\u5c31\u8be5\u8fd9\u4e48\u5b66\u300b\u7684\u8bfb\u8005\uff0c\u7b54\u7591\u66f4\u6709\u9488\u5bf9\u6027\uff0c\u4e0d\u5b9a\u671f\u9886\u53d6\u5b9a\u5236\u793c\u54c1\u3002<\/p><\/blockquote>\n
\u672c\u7ae0\u8282\u7684\u590d\u4e60\u4f5c\u4e1a<\/span>(\u7b54\u6848\u5c31\u5728\u95ee\u9898\u7684\u4e0b\u4e00\u884c\u54e6\uff0c\u7528\u9f20\u6807\u9009\u4e2d\u5373\u53ef\u770b\u5230\u7684~)<\/strong><\/span><\/p>\n
1\uff0e\u4ec0\u4e48\u662fWeb\u7f51\u7edc\u670d\u52a1\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u4e00\u79cd\u5141\u8bb8\u7528\u6237\u901a\u8fc7\u6d4f\u89c8\u5668\u8bbf\u95ee\u4e92\u8054\u7f51\u4e2d\u5404\u79cd\u8d44\u6e90\u7684\u670d\u52a1\u3002<\/span><\/p>\n
2\uff0e\u76f8\u8f83\u4e8eNginx\u670d\u52a1\u7a0b\u5e8f\uff0cApache\u670d\u52a1\u7a0b\u5e8f\u6700\u5927\u7684\u4f18\u52bf\u662f\u4ec0\u4e48\uff1f<\/p>\n
\u7b54\uff1a<\/strong>Apache\u670d\u52a1\u7a0b\u5e8f\u5177\u5907\u8de8\u5e73\u53f0\u7279\u6027\u3001\u5b89\u5168\u6027\uff0c\u800c\u4e14\u62e5\u6709\u5feb\u901f\u3001\u53ef\u9760\u3001\u7b80\u5355\u7684API\u6269\u5c55\u3002<\/span><\/p>\n
3\uff0ehttpd\u670d\u52a1\u7a0b\u5e8f\u6ca1\u6709\u68c0\u67e5\u5230\u9996\u9875\u6587\u4ef6\uff0c\u4f1a\u63d0\u793a\u62a5\u9519\u4fe1\u606f\u5417\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u4e0d\u4f1a\uff0chttpd\u670d\u52a1\u5728\u672a\u627e\u5230\u7f51\u7ad9\u9996\u9875\u6587\u4ef6\u65f6\uff0c\u4f1a\u5411\u8bbf\u5ba2\u663e\u793a\u4e00\u4e2a\u9ed8\u8ba4\u9875\u9762\u3002<\/span><\/p>\n
4\uff0e\u7b80\u8ff0Apache\u670d\u52a1\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\u5168\u5c40\u914d\u7f6e\u53c2\u6570\u3001\u533a\u57df\u914d\u7f6e\u53c2\u6570\u548c\u6ce8\u91ca\u884c\u4fe1\u606f\u7684\u4f5c\u7528\u3002<\/p>\n
\u7b54\uff1a<\/strong>\u5168\u5c40\u914d\u7f6e\u53c2\u6570\u662f\u4e00\u79cd\u5168\u5c40\u6027\u7684\u914d\u7f6e\u53c2\u6570\uff0c\u53ef\u4f5c\u7528\u4e8e\u6240\u6709\u7684\u5b50\u7ad9\u70b9\uff1b\u533a\u57df\u914d\u7f6e\u53c2\u6570\u5219\u662f\u5355\u72ec\u9488\u5bf9\u6bcf\u4e2a\u72ec\u7acb\u7684\u5b50\u7ad9\u70b9\u8bbe\u7f6e\u7684\uff1b\u800c\u6ce8\u91ca\u884c\u4fe1\u606f\u4e00\u822c\u662f\u5bf9\u670d\u52a1\u7a0b\u5e8f\u7684\u529f\u80fd\u6216\u67d0\u4e00\u884c\u53c2\u6570\u8fdb\u884c\u4ecb\u7ecd\u7684\u3002<\/span><\/p>\n
5\uff0e\u7b80\u8ff0SELinux\u670d\u52a1\u7684\u4f5c\u7528\u3002<\/p>\n
\u7b54\uff1a<\/strong>\u4e3a\u4e86\u8ba9\u5404\u4e2a\u670d\u52a1\u8fdb\u7a0b\u90fd\u53d7\u5230\u7ea6\u675f\uff0c\u4f7f\u5176\u4ec5\u83b7\u53d6\u5230\u672c\u5e94\u83b7\u53d6\u7684\u8d44\u6e90\u3002<\/span><\/p>\n
6\uff0e\u5728\u4f7f\u7528getenforce\u547d\u4ee4\u67e5\u770bSELinux\u670d\u52a1\u6a21\u5f0f\u65f6\uff0c\u53d1\u73b0\u5176\u914d\u7f6e\u6a21\u5f0f\u4e3apermissive\uff0c\u8fd9\u4ee3\u8868\u5f3a\u5236\u5f00\u542f\u6a21\u5f0f\u5417\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u4e0d\u662f\uff0c\u5f3a\u5236\u5f00\u542f\u6a21\u5f0f\u662fenforcing\uff0c\u800cpermissive\u662f\u53ea\u53d1\u51fa\u8b66\u544a\u800c\u4e0d\u5f3a\u5236\u62e6\u622a\u7684\u6a21\u5f0f\u3002<\/span><\/p>\n
7\uff0e\u5728\u4f7f\u7528semanage\u547d\u4ee4\u4fee\u6539\u4e86\u6587\u4ef6\u4e0a\u5e94\u7528\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u540e\uff0c\u8fd8\u9700\u8981\u6267\u884c\u4ec0\u4e48\u547d\u4ee4\u624d\u53ef\u4ee5\u8ba9\u66f4\u6539\u7acb\u5373\u751f\u6548\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u8fd8\u9700\u8981\u6267\u884crestorecon\u547d\u4ee4\u5373\u53ef\u8ba9\u65b0\u7684SELinux\u5b89\u5168\u4e0a\u4e0b\u6587\u53c2\u6570\u7acb\u5373\u751f\u6548\u3002<\/span><\/p>\n
8\uff0e\u8981\u60f3\u67e5\u8be2\u5e76\u8fc7\u6ee4\u51fa\u6240\u6709\u4e0eHTTP\u534f\u8bae\u76f8\u5173\u7684SELinux\u57df\u7b56\u7565\u6709\u54ea\u4e9b\uff0c\u5e94\u8be5\u600e\u4e48\u505a\u5462\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u53ef\u4ee5\u7ed3\u5408\u7ba1\u9053\u7b26\u6765\u5b9e\u73b0\uff0c\u5373\u6267\u884cgetsebool -a | grep http\u547d\u4ee4\u3002<\/span><\/p>\n
9\uff0eApache\u670d\u52a1\u7a0b\u5e8f\u53ef\u4ee5\u57fa\u4e8e\u54ea\u4e9b\u8d44\u6e90\u6765\u521b\u5efa\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u5462\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u53ef\u4ee5\u57fa\u4e8eIP\u5730\u5740\u3001\u4e3b\u673a\u540d\uff08\u57df\u540d\uff09\u6216\u8005\u7aef\u53e3\u53f7\u521b\u5efa\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u3002<\/span><\/p>\n
10\uff0e\u76f8\u5bf9\u4e8e\u57fa\u4e8eIP\u5730\u5740\u548c\u57fa\u4e8e\u4e3b\u673a\u540d\uff08\u57df\u540d\uff09\u914d\u7f6e\u7684\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u6765\u8bf4\uff0c\u4f7f\u7528\u7aef\u53e3\u53f7\u914d\u7f6e\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u6709\u54ea\u4e9b\u7279\u70b9\uff1f<\/p>\n
\u7b54\uff1a<\/strong>\u5728\u4f7f\u7528\u7aef\u53e3\u53f7\u6765\u914d\u7f6e\u865a\u62df\u4e3b\u673a\u7f51\u7ad9\u65f6\uff0c\u5fc5\u987b\u8981\u8003\u8651\u5230SELinux\u57df\u5bf9httpd\u670d\u52a1\u7a0b\u5e8f\u6240\u7528\u7aef\u53e3\u53f7\u7684\u63a7\u5236\u7b56\u7565\uff0c\u8fd8\u8981\u5728httpd\u670d\u52a1\u7a0b\u5e8f\u7684\u4e3b\u914d\u7f6e\u6587\u4ef6\u4e2d\u4f7f\u7528Listen\u53c2\u6570\u6765\u5f00\u542f\u8981\u76d1\u542c\u7684\u7aef\u53e3\u53f7\u3002<\/span><\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
\u7ae0\u8282\u7b80\u8ff0\uff1a \u672c\u7ae0\u5148\u5411\u8bfb\u8005\u79d1\u666e\u4ec0\u4e48\u662fWeb\u670d\u52a1\u7a0b\u5e8f\u4ee5\u53caWeb\u670d\u52a1\u7a0b\u5e8f\u7684\u7528\u5904\uff0c\u7136\u540e\u901a\u8fc7\u5bf9\u6bd4\u5f53\u524d\u4e3b\u6d41\u7684Web\u670d\u52a1\u7a0b\u5e8f […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[559],"tags":[],"class_list":["post-181458","post","type-post","status-publish","format-standard","hentry","category-rhel8"],"acf":[],"_links":{"self":[{"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/posts\/181458"}],"collection":[{"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/comments?post=181458"}],"version-history":[{"count":76,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/posts\/181458\/revisions"}],"predecessor-version":[{"id":225587,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/posts\/181458\/revisions\/225587"}],"wp:attachment":[{"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/media?parent=181458"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/categories?post=181458"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/q13zd.cn\/wp-json\/wp\/v2\/tags?post=181458"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}