walid
11-02-2013, بتوقيت غرينيتش 02:09 AM
بسم الله الرحمن الرحيم
http://bash.cyberciti.biz/wp-content/uploads/2014/12/nginx.rc_.png
رمز PHP:
<code style="white-space:nowrap"> <code> #!/bin/bash
# Name : nginx.rc
# ----------------------------------------------------------------------------
# jail location - must be up, see how to setup nginx using chroot
_newroot="/nginxjail"
# RHEL nginx and other binary paths
_nginx="/usr/sbin/nginx"
_chroot="/usr/sbin/chroot"
_killall="/usr/bin/killall"
# 0 turn off or # 1 turn on
_securetmp=0
_securetmproot="/path/to/images/nginx_jail_tmp.bin"
[ ! -d "$_newroot" ] &# mount /tmp securely inside $_newroot
mounttmp(){
if [ $_securetmp -eq 1 ]
then
mount | grep -q $_securetmproot
if [ $? -eq 0 ]
then
echo "*** Secure root enabled and mounted ***"
else
echo "*** Turning on secure /tmp..."
[ ! -f "$_securetmproot" ] &mount -o loop,noexec,nosuid,rw "$_securetmproot" "$_newroot/tmp"
chmod 1777 "$_newroot/tmp"
rm -rf "$_newroot/var/tmp"
ln -s ../tmp "$_newroot/var/tmp"
fi
fi
}
start(){
echo -en "Starting nginx...\t\t\t"
$_chroot $_newroot $_nginx && echo -en "[ OK ]" || echo "[ Failed ]"
}
stop(){
echo -en "Stoping nginx...\t\t\t"
$_killall "${_nginx##*/}" && echo -en "[ OK ]" || echo "[ Failed ]"
}
reload(){
echo -en "Reloading nginx...\t\t\t"
$_chroot $_newroot $_nginx -s reload && echo -en "[ OK ]" || echo "[ Failed ]"
}
## Fancy status
status(){
echo "*** PID ***"
#pgrep -u ${_nginx##*/} ${_nginx##*/}
ps aux | grep "${_nginx##*/}" | grep -v grep
echo
echo "FD stats:"
for p in $(pidof ${_nginx##*/}); do echo "PID # $p has $(lsof -n -a -p $p|wc -l) fd opened."; done
echo
echo "Jail dir location:"
pwdx $(pgrep -u "root" "${_nginx##*/}") | grep --color "$_newroot"
echo
echo "*** ${_nginx##*/} TCP PORT ***"
netstat -tulpn | egrep --color ':80|:443'
}
## Make sure /tmp is securely mounted inside jail ##
mounttmp
## main ##
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
;;
esac
# just send \n
echo
</code> </code>
طريقة التركيب install
رمز PHP:
<code style="white-space:nowrap"> <code> # cd /tmp
# wget http://bash.blueapplesoft.com/dl/593.sh.zip
# unzip 593.sh.zip
# mv 593.sh /etc/rc.d/nginx.jail.rc
# chmod +x /etc/rc.d/nginx.jail.rc
</code> </code>
طريقة الاستخدام
رمز PHP:
<code style="white-space:nowrap"> <code> # /etc/rc.d/nginx.jail.rc start
# /etc/rc.d/nginx.jail.rc stop
# /etc/rc.d/nginx.jail.rc restart
# /etc/rc.d/nginx.jail.rc status
</code> </code>
طيب الله اوقاتكم
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
http://bash.cyberciti.biz/wp-content/uploads/2014/12/nginx.rc_.png
رمز PHP:
<code style="white-space:nowrap"> <code> #!/bin/bash
# Name : nginx.rc
# ----------------------------------------------------------------------------
# jail location - must be up, see how to setup nginx using chroot
_newroot="/nginxjail"
# RHEL nginx and other binary paths
_nginx="/usr/sbin/nginx"
_chroot="/usr/sbin/chroot"
_killall="/usr/bin/killall"
# 0 turn off or # 1 turn on
_securetmp=0
_securetmproot="/path/to/images/nginx_jail_tmp.bin"
[ ! -d "$_newroot" ] &# mount /tmp securely inside $_newroot
mounttmp(){
if [ $_securetmp -eq 1 ]
then
mount | grep -q $_securetmproot
if [ $? -eq 0 ]
then
echo "*** Secure root enabled and mounted ***"
else
echo "*** Turning on secure /tmp..."
[ ! -f "$_securetmproot" ] &mount -o loop,noexec,nosuid,rw "$_securetmproot" "$_newroot/tmp"
chmod 1777 "$_newroot/tmp"
rm -rf "$_newroot/var/tmp"
ln -s ../tmp "$_newroot/var/tmp"
fi
fi
}
start(){
echo -en "Starting nginx...\t\t\t"
$_chroot $_newroot $_nginx && echo -en "[ OK ]" || echo "[ Failed ]"
}
stop(){
echo -en "Stoping nginx...\t\t\t"
$_killall "${_nginx##*/}" && echo -en "[ OK ]" || echo "[ Failed ]"
}
reload(){
echo -en "Reloading nginx...\t\t\t"
$_chroot $_newroot $_nginx -s reload && echo -en "[ OK ]" || echo "[ Failed ]"
}
## Fancy status
status(){
echo "*** PID ***"
#pgrep -u ${_nginx##*/} ${_nginx##*/}
ps aux | grep "${_nginx##*/}" | grep -v grep
echo
echo "FD stats:"
for p in $(pidof ${_nginx##*/}); do echo "PID # $p has $(lsof -n -a -p $p|wc -l) fd opened."; done
echo
echo "Jail dir location:"
pwdx $(pgrep -u "root" "${_nginx##*/}") | grep --color "$_newroot"
echo
echo "*** ${_nginx##*/} TCP PORT ***"
netstat -tulpn | egrep --color ':80|:443'
}
## Make sure /tmp is securely mounted inside jail ##
mounttmp
## main ##
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
reload)
reload
;;
status)
status
;;
*)
echo $"Usage: $0 {start|stop|restart|reload|status}"
;;
esac
# just send \n
echo
</code> </code>
طريقة التركيب install
رمز PHP:
<code style="white-space:nowrap"> <code> # cd /tmp
# wget http://bash.blueapplesoft.com/dl/593.sh.zip
# unzip 593.sh.zip
# mv 593.sh /etc/rc.d/nginx.jail.rc
# chmod +x /etc/rc.d/nginx.jail.rc
</code> </code>
طريقة الاستخدام
رمز PHP:
<code style="white-space:nowrap"> <code> # /etc/rc.d/nginx.jail.rc start
# /etc/rc.d/nginx.jail.rc stop
# /etc/rc.d/nginx.jail.rc restart
# /etc/rc.d/nginx.jail.rc status
</code> </code>
طيب الله اوقاتكم
https://fbcdn-sphotos-d-a.akamaihd.net/hphotos-ak-ash4/482113_236967293114455_1193518507_n.png (http://www.dzbatna.com)
©المشاركات المنشورة تعبر عن وجهة نظر صاحبها فقط، ولا تُعبّر بأي شكل من الأشكال عن وجهة نظر إدارة المنتدى (http://www.dzbatna.com)©
