[iyunv@GJB-UAT ~]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
#SELINUX=enforcing
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
1
2
[iyunv@Monitor conf]# setenforce 0 ####立即生效
setenforce: SELinux is disabled
2,开启防火墙tcp873rsync默认的端口
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[iyunv@GJB-UAT ~]# vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT
"/etc/sysconfig/iptables" 15L, 607C 已写入
[iyunv@GJB-UAT ~]# /etc/init.d/iptables restart
[iyunv@GJB-UAT ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:873
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
[iyunv@GJB-UAT ~]# yum install rsync xinetd -y
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: mirrors.cn99.com
* extras: mirrors.cn99.com
* updates: mirrors.cn99.com
base | 3.7 kB 00:00
extras | 3.4 kB 00:00
updates | 3.4 kB 00:00
updates/primary_db | 4.3 MB 00:01
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package rsync.x86_64 0:3.0.6-12.el6 will be installed
---> Package xinetd.x86_64 2:2.3.14-40.el6 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
==========================================================================================================================
Package Arch Version Repository Size
==========================================================================================================================
Installing:
rsync x86_64 3.0.6-12.el6 base 335 k
xinetd x86_64 2:2.3.14-40.el6 base 122 k
Transaction Summary
==========================================================================================================================
Install 2 Package(s)
Total download size: 457 k
Installed size: 942 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): rsync-3.0.6-12.el6.x86_64.rpm | 335 kB 00:00
(2/2): xinetd-2.3.14-40.el6.x86_64.rpm | 122 kB 00:00
--------------------------------------------------------------------------------------------------------------------------
Total 2.3 MB/s | 457 kB 00:00
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : 2:xinetd-2.3.14-40.el6.x86_64 1/2
Installing : rsync-3.0.6-12.el6.x86_64 2/2
Verifying : rsync-3.0.6-12.el6.x86_64 1/2
Verifying : 2:xinetd-2.3.14-40.el6.x86_64 2/2
Installed:
rsync.x86_64 0:3.0.6-12.el6 xinetd.x86_64 2:2.3.14-40.el6
Complete!
[iyunv@GJB-UAT ~]# rpm -qa|grep rsync
rsync-3.0.6-12.el6.x86_64
[iyunv@GJB-UAT ~]# vim /etc/xinetd.d/rsync #####设置开机自启动 把disable=yes ,改成no
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = no
flags = IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}
[iyunv@Monitor conf]# vim /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# mls - Multi Level Security protection.
#SELINUXTYPE=targeted
2,开启防火墙tcp 873端口
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[iyunv@Monitor conf] vim /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 873 -j ACCEPT
"/etc/sysconfig/iptables" 15L, 607C 已写入
[iyunv@Monitor conf] /etc/init.d/iptables restart
[iyunv@Monitor conf] iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:873
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0
[iyunv@Monitor logs]# vim /etc/xinetd.d/rsync
# default: off
# description: The rsync server is a good addition to an ftp server, as it \
# allows crc checksumming etc.
service rsync
{
disable = no
flags = IPv6
socket_type = stream
wait = no
user = root
server = /usr/bin/rsync
server_args = --daemon
log_on_failure += USERID
}