Ujicoba Copy Jail

Server yang baik harusnya yang mudah di pelihara, kalau ada masalah identifikasi permasalahan bisa cepat dilakukan dan di cari solusinya.

Kasus :

Server A menjadi server FTP untuk dosen dan mahasiswa, masalahnya kebijakan baru mengharuskan servicenya harus di buat terpisah. Dengan kata lain server ftp untuk dosen dan mahasiswa harus di buat terpisah.

Solusi :

Install jail, supaya mudah tinggal copy saja server yang sudah pernah di install :-)

Detilnya ?

Tenang, sekalian saya coba sekalian saya copy paste hasilnya. Mungkin berguna buat yang lagi pusing hehehehe  :

1. Copy isi rc.conf mesin induk asal ke mesin induk tujuan

Di lakukan di server 1.7

Isi rc.conf di server 172.88.1.7

# start konfig rc.conf

defaultrouter=”172.88.1.2″
gateway_enable=”YES”
hostname=”induk.digitalfusi.com”
ifconfig_bge0=”inet 172.88.1.7  netmask 255.255.240.0″
sshd_enable=”YES”
nginx_enable=”YES”
php_fpm_enable=”YES”
rsyncd_enable=”YES”
mysql_enable=”YES”
radiusd_enable=”YES”
pureftpd_enable=”YES”
svscan_enable=”YES”

# setting jail utk dosen dan mahasiswa

ifconfig_bge0_alias0=”inet 172.88.1.6 netmask 255.255.255.255″
ifconfig_bge0_alias1=”inet 172.88.1.12 netmask 255.255.255.255″

jail_set_hostname_allow=”NO”
jail_enable=”YES”
jail_list=”dosen.digitalfusi.com mahasiswa.digitalfusi.com”
jail_interface=”bge0″
jail_devfs_enable=”YES”
jail_procfs_enable=”YES”

jail_mailserver_rootdir=”/data/jails/dosen”
jail_mailserver_hostname=”dosen.digitalfusi.com”
jail_mailserver_ip=”172.88.1.6″
jail_mailserver_devfs_ruleset=”devfsrules_jail”

jail_mailserver_rootdir=”/data/jails/mahasiswa”
jail_mailserver_hostname=”mahasiswa.digitalfusi.com”
jail_mailserver_ip=”172.88.1.12″
jail_mailserver_devfs_ruleset=”devfsrules_jail”

# end konfig rc.conf

2. Login ke server 1.3 dan scp file jails yang sudah running (hot copy)

Buat tar.gz

ftp# ls
mailserver
ftp# pwd
/data/jails
ftp# tar cvzf mailserver.tar.gz mailserver

scp ke server tujuan (172.88.1.7)

ftp# scp mailserver.tar.gz alam@172.88.1.7:/home/alam
Password:
mailserver.tar.gz
100%  385MB  11.0MB/s   00:35
ftp#

3. Login ke server 1.7 dan ekstrak

induk# tar xvzf mailserver.tar.gz

induk# ls -l
total 394626
-rw-r–r–   1 alam  wheel        751 Sep  3 10:01 .cshrc
-rw-r–r–   1 alam  wheel        248 Sep  3 10:01 .login
-rw-r–r–   1 alam  wheel        158 Sep  3 10:01 .login_conf
-rw——-   1 alam  wheel        373 Sep  3 10:01 .mail_aliases
-rw-r–r–   1 alam  wheel        331 Sep  3 10:01 .mailrc
-rw-r–r–   1 alam  wheel        766 Sep  3 10:01 .profile
-rw——-   1 alam  wheel        276 Sep  3 10:01 .rhosts
-rw-r–r–   1 alam  wheel        975 Sep  3 10:01 .shrc
drwxr-xr-x  17 root  100          512 Jul  8 11:07 mailserver
-rw-r–r–   1 alam  wheel  403842713 Sep  5 14:29 mailserver.tar.gz
induk#

4. Pindahkan ke direktori jail nya

>> Buat direktori terkait :

induk# mkdir /data/jails/
induk# mkdir /data/jails/mahasiswa
induk# mkdir /data/jails/dosen
induk#

>> Pindah ke Server ftp dosen

induk# cp -vRp /home/alam/mailserver/ /data/jails/mahasiswa

Pindah ke server ftp mahasiswa

induk# cp -vRp /home/alam/mailserver/ /data/jails/dosen

>> Ubah hostname

induk# ee /data/jails/dosen/etc/rc.conf

hostname=”dosen.digitalfusi.com”
ifconfig_em1=”inet 172.88.1.6 netmask 255.255.255.255″
defaultrouter=”172.88.1.2″
rpcbind_enable=”NO”
clear_tmp_enable=”YES”
sendmail_enable=”YES”
sshd_enable=”YES”
mysql_enable=”YES”
radiusd_enable=”NO”

induk# ee /data/jails/mahasiswa/etc/rc.conf

hostname=”mahasiswa.digitalfusi.com”
ifconfig_em1=”inet 172.88.1.12 netmask 255.255.255.255″
defaultrouter=”172.88.1.2″
rpcbind_enable=”NO”
clear_tmp_enable=”YES”
sendmail_enable=”YES”
sshd_enable=”YES”
mysql_enable=”YES”

simpan dan restart server induk (172.88.1.7)

5. Testing koneksi ke semua servernya

ftp# ping 172.88.1.7
PING 172.88.1.7 (172.88.1.7): 56 data bytes
64 bytes from 172.88.1.7: icmp_seq=0 ttl=64 time=0.367 ms
64 bytes from 172.88.1.7: icmp_seq=1 ttl=64 time=0.232 ms
^C
— 172.88.1.7 ping statistics —
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.232/0.299/0.367/0.068 ms
ftp# ping 172.88.1.6
PING 172.88.1.6 (172.88.1.6): 56 data bytes
64 bytes from 172.88.1.6: icmp_seq=0 ttl=64 time=0.373 ms
64 bytes from 172.88.1.6: icmp_seq=1 ttl=64 time=0.172 ms
^C
— 172.88.1.6 ping statistics —
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.172/0.272/0.373/0.101 ms
ftp# ping 172.88.1.12
PING 172.88.1.12 (172.88.1.12): 56 data bytes
64 bytes from 172.88.1.12: icmp_seq=0 ttl=64 time=0.463 ms
64 bytes from 172.88.1.12: icmp_seq=1 ttl=64 time=0.216 ms
64 bytes from 172.88.1.12: icmp_seq=2 ttl=64 time=0.228 ms
^C
— 172.88.1.12 ping statistics —
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.216/0.302/0.463/0.114 ms
ftp#

Ok semua server hidup

6. Login ke server 1.7 dan set username dan passwordnya

induk# jls list
induk# jls
induk# jls
induk# /etc/rc.d/jail start
Configuring jails:.
Starting jails:eval: ${jail_dosen….}: Bad substitution

wah ada yg salah neh.

Ternyata salah ketik coy, bawaan copy paste neh.

Ubah rc.conf 1.7 menjadi

jail_set_hostname_allow=”NO”
jail_enable=”YES”
jail_list=”dosen mahasiswa”
jail_interface=”bge0″
jail_devfs_enable=”YES”
jail_procfs_enable=”YES”

jail_dosen_rootdir=”/data/jails/dosen”
jail_dosen_hostname=”dosen”
jail_dosen_ip=”172.88.1.6″
jail_dosen_devfs_ruleset=”devfsrules_jail”

jail_mahasiswa_rootdir=”/data/jails/mahasiswa”
jail_mahasiswa_hostname=”mahasiswa”
jail_mahasiswa_ip=”172.88.1.12″
jail_mahasiswa_devfs_ruleset=”devfsrules_jail”

induk# /etc/rc.d/jail start
Configuring jails:.
Starting jails: dosen mahasiswa.
induk#

induk# jls list
JID  IP Address      Hostname                      Path
2  172.88.1.12     mahasiswa                     /data/jails/mahasiswa
1  172.88.1.6      dosen                         /data/jails/dosen
induk#

7. Set username dan password utk server jail ini

induk# jexec 1 passwd
Changing local password for root
New Password:
Retype New Password:
induk# jexec 2 passwd
Changing local password for root
New Password:
Retype New Password:
induk#

8. Tes login

induk# jexec 2 login
login: alamster
Password:
Last login: Fri Sep  5 08:31:50 on ttyp0
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.

FreeBSD 7.0-RELEASE-p2 (GENERIC) #0: Wed Jun 18 07:33:20 UTC 2008

Mail Server Jail
%su
Password:
mahasiswa# echo ‘Server FTP Mahasiswa’ > /etc/motd
mahasiswa#

sip :-)

mahasiswa# pkg_info
apache+mod_ssl-1.3.41+2.8.31 The Apache 1.3 webserver with SSL/TLS functionality
autoconf-2.61_2     Automatically configure source code on many Un*x platforms
autoconf-wrapper-20071109 Wrapper script for GNU autoconf
chillispot-1.0_3    Wireless LAN Access Point Controller
expat-2.0.0_1       XML 1.0 parser written in C
freeradius-1.1.7_3  A free RADIUS server implementation
gdbm-1.8.3_3        The GNU database manager
gettext-0.16.1_3    GNU gettext package
gmake-3.81_2        GNU version of ‘make’ utility
help2man-1.36.4_1   Automatically generating simple manual pages from program o
libiconv-1.11_1     A character set conversion library
libltdl-1.5.24      System independent dlopen wrapper
libtool-1.5.24      Generic shared library support script
m4-1.4.9,1          GNU m4
mm-1.4.2            Shared memory allocation library for pre-forked process mod
mysql-client-5.0.51a Multithreaded SQL database (client)
mysql-server-5.0.51a Multithreaded SQL database (server)
p5-gettext-1.05_1   Message handling functions
perl-5.8.8_1        Practical Extraction and Report Language
portupgrade-2.4.2_1,2 FreeBSD ports/packages administration and management tools
ruby-1.8.6.111_1,1  An object-oriented interpreted scripting language
mahasiswa#

Nice, copy paste memang sip dah.

Related Blogs

Incoming search terms for the article:

  • script jail facebook
  • lan received 0
  • script jail blog
  • script jail

7 thoughts on “Ujicoba Copy Jail

  1. admin Post author

    @adinata : bener tuh, bikin pusing :-)
    @paman gober : sekedar backup catatan mas, nothing fancy lah :-)

  2. barob

    pak alam ajarin donk aku siwa palcomtech jur TI aku belom belajar pak ngebuat blog pak tolong pak ajarin sekalian apa itu script injectk

Comments are closed.