| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 |
- elastic stack
- Proxy
- XCP-ng
- Windows
- ssh key 배포
- proxycfg
- x-pack
- xe guest utilities
- hardening
- Elasticsearch
- bash
- freebsd
- pfsense
- GitLab
- Kibana server is not ready yet
- PlayBook
- 로그인불가
- ansible
- 한글가이드
- endpoint security
- macos
- 보안양파
- miniconda
- application security
- docker
- ELASTIC
- centos 8
- G-suite
- Kibana
- Today
- Total
선 밖에 선 자유인
JFFNMS 설치 in Linux 본문
** 출처 : http://sourceforge.net/apps/mediawiki/jffnms/index.php?title=Linux_Installation
Linux Installation
The following installation procedures may seem a little fiddly, but they will give each process the minimal access it needs to do its job. If you can use the pre-made packages for your particular distribution, that would be a lot easier.
This document assumes that you are installing the JFFNMS files into /opt/jffnms. Untaring the tar.gz file in /opt will give you a subdirectory jffnms-version, e.g. jffnms-0.8.5. Creating a symbolic link to jffnms will mean its easier to move versions
# cd /opt ; ln -s jffnms-0.8.5 jffnms
The best way to set the permissions is to make a new JFFNMS user and group and then add the other common users to the group when you need to share directories or files.
Generally, anything run by cron (which is called an engine) is run as the JFFNMS user while the Apache webserver runs as a different user, usually www-data. You could just make everything globally read and write-able but it is better to lock things down a little.
First, create the new JFFNMS user:
# groupadd jffnms
# useradd -g jffnms -d /opt/jffnms -s /bin/false -c 'JFFNMS User' jffnms
# usermod -G jffnms www-data
Log files, RRD files and TFTP files are written by engines, but the webserver needs to read them.
# chown jffnms www-data /opt/jffnms/logs /opt/jffnms/rrd /opt/jffnms/tftp
# chmod 2755 /opt/jffnms/logs /opt/jffnms/rrd /opt/jffnms/tftp
Configuration files need to be temporarily writeable by the webserver and readable by engines.
# chown www-data jffnms /opt/jffnms/conf
# chmod 2755 /opt/jffnms/conf
The image temporary directory needs to be writable by the webserver.
# chown www-data www-data /opt/jffnms/images/temp
# chmod 0755 /opt/jffnms/images/temp
Temporary engine directory, despite its name, needs to be writable by both the engines and webserver
# chown jffnms www-data /opt/jffnms/engine/temp
# chmod 0775 /opt/jffnms/engine/temp
Install the JFFNMS crontab file
# crontab -u jffnms /opt/jffnms/docs/unix/crontab
Now modify the values at the top if they don't match your system:
# crontab -e -u jffnms
Allow JFFNMS to run cron jobs (AFAIK only needed in Solaris)
# echo jffnms >> /etc/cron.allow
Manually create the database "jffnms", set the permissions and then import the schema and data.
Replace the 'x' with the jffnms version number.
# mysql -u <mysql admin username> -p<password>
mysql> CREATE DATABASE jffnms;
mysql> GRANT ALL PRIVILEGES ON jffnms.* TO jffnms@localhost IDENTIFIED BY 'jffnms';
mysql> FLUSH PRIVILEGES;
mysql> quit
# mysql -u jffnms -pjffnms jffnms < docs/jffnms-0.8.x.mysql
# psql template1 postgres
template1=# create user jffnms password 'jffnms' createdb;
template1=# \connect template1 jffnms
template1=# create database jffnms;
template1=# \q
# psql jffnms jffnms < docs/jffnms-0.8.x.pgsql
This will create the jffnms Tables and required records.
Apache can either be setup with a specific virtual host or off an existing host. The preferred method is to use a virtual host as it keeps all of the JFFNMS pages in one place and separate from everything else.
<VirtualHost *>
ServerName nms.example.com
ServerAdmin webmaster@example.com
DocumentRoot /opt/jffnms/htdocs
LimitRequestLine 20000
<Directory /opt/jffnms/htdocs >
Options Indexes FollowSymLinks Multiviews
</Directory>
</VirtualHost>
Use Alias directives within the virtual host if you want to move some of the sub-directories around. For example, if you want your temporary images to be put in a directory /var/lib/jffnms/tempimages, put the following line in the Apache configuration:
Alias /jffnms/images/temp/ /var/lib/jffnms/tempimages/
PHP Module Load Errors are reported to /var/log/httpd/error_log (RedHat) or /var/log/apache/error_log (Gentoo)
Point your browser to http://www.yourserver.com/jffnms or http://nms.yournet.com/ (depending on what you choose)
You should see the Setup screen, it should have auto-discovered your configuration. Verify that everything is correct (OK, YES in green) before saving the config.
Point your browser (again) to http://www.yourserver.com/jffnms or http://nms.yournet.com/ (depending on what you choose)
Username: admin
Password: admin
And now, you are inside the system.