tachtler:postfix_centos_7_-_openpgpkey_anbinden_openpgpkey-milter
Unterschiede
Hier werden die Unterschiede zwischen zwei Versionen angezeigt.
Beide Seiten der vorigen RevisionVorhergehende ÜberarbeitungNächste Überarbeitung | Vorhergehende Überarbeitung | ||
tachtler:postfix_centos_7_-_openpgpkey_anbinden_openpgpkey-milter [2018/08/31 14:51] – klaus | tachtler:postfix_centos_7_-_openpgpkey_anbinden_openpgpkey-milter [2018/08/31 15:56] (aktuell) – [openpgpkey-milter] klaus | ||
---|---|---|---|
Zeile 202: | Zeile 202: | ||
* **'' | * **'' | ||
* **'' | * **'' | ||
+ | * **'' | ||
+ | |||
+ | :!: **HINWEIS** - **Die Installation muss __aktuell__ auf dem gleichen Server auf dem auch der [[http:// | ||
Die Installation von **'' | Die Installation von **'' | ||
Zeile 309: | Zeile 312: | ||
</ | </ | ||
- | ==== Dienst/ | + | |
+ | Die Installation von **'' | ||
+ | < | ||
+ | # yum install python-setproctitle | ||
+ | Loaded plugins: changelog, priorities | ||
+ | 301 packages excluded due to repository priority protections | ||
+ | Resolving Dependencies | ||
+ | --> Running transaction check | ||
+ | ---> Package python-setproctitle.x86_64 0: | ||
+ | --> Finished Dependency Resolution | ||
+ | |||
+ | Changes in packages about to be updated: | ||
+ | |||
+ | |||
+ | Dependencies Resolved | ||
+ | |||
+ | ================================================================================ | ||
+ | | ||
+ | ================================================================================ | ||
+ | Installing: | ||
+ | | ||
+ | |||
+ | Transaction Summary | ||
+ | ================================================================================ | ||
+ | Install | ||
+ | |||
+ | Total download size: 15 k | ||
+ | Installed size: 29 k | ||
+ | Is this ok [y/d/N]: y | ||
+ | Downloading packages: | ||
+ | python-setproctitle-1.1.6-5.el7.x86_64.rpm | ||
+ | Running transaction check | ||
+ | Running transaction test | ||
+ | Transaction test succeeded | ||
+ | Running transaction | ||
+ | Installing : python-setproctitle-1.1.6-5.el7.x86_64 | ||
+ | Verifying | ||
+ | |||
+ | Installed: | ||
+ | python-setproctitle.x86_64 0: | ||
+ | |||
+ | Complete! | ||
+ | </ | ||
+ | |||
+ | Die Installation von **'' | ||
+ | < | ||
+ | # rpm -qil python-setproctitle | ||
+ | Name : python-setproctitle | ||
+ | Version | ||
+ | Release | ||
+ | Architecture: | ||
+ | Install Date: Fri 31 Aug 2018 03:42:12 PM CEST | ||
+ | Group : Unspecified | ||
+ | Size : 30189 | ||
+ | License | ||
+ | Signature | ||
+ | Source RPM : python-setproctitle-1.1.6-5.el7.src.rpm | ||
+ | Build Date : Tue 10 Jun 2014 10:01:15 AM CEST | ||
+ | Build Host : worker1.bsys.centos.org | ||
+ | Relocations : (not relocatable) | ||
+ | Packager | ||
+ | Vendor | ||
+ | URL : http:// | ||
+ | Summary | ||
+ | Description : | ||
+ | Python module allowing a process to change its title as displayed by | ||
+ | system tool such as ps and top. | ||
+ | |||
+ | It's useful in multiprocess systems, allowing to identify tasks each forked | ||
+ | process is busy with. This technique has been used by PostgreSQL and OpenSSH. | ||
+ | |||
+ | It's based on PostgreSQL implementation which has proven to be portable. | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | ===== Dienst/ | ||
Um einen [[https:// | Um einen [[https:// | ||
Zeile 326: | Zeile 408: | ||
# systemctl is-enabled openpgpkey-milter.service | # systemctl is-enabled openpgpkey-milter.service | ||
enabled | enabled | ||
+ | </ | ||
+ | |||
+ | ===== iptables Regel ====== | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | Um die aktuellen '' | ||
+ | < | ||
+ | # iptables -L -nv --line-numbers | ||
+ | Chain INPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | 1 0 0 ACCEPT | ||
+ | 2 0 0 ACCEPT | ||
+ | 3 0 0 ACCEPT | ||
+ | 4 0 0 ACCEPT | ||
+ | 5 0 0 REJECT | ||
+ | |||
+ | Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | 1 0 0 REJECT | ||
+ | |||
+ | Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | </ | ||
+ | |||
+ | Nachfolgender Befehl, fügt folgende '' | ||
+ | * < | ||
+ | und hier der Befehl: | ||
+ | < | ||
+ | # iptables -I INPUT 5 -p tcp --dport 8890 -j ACCEPT | ||
+ | </ | ||
+ | |||
+ | Ein erneute Abfrage des '' | ||
+ | < | ||
+ | # iptables -L -nv --line-numbers | ||
+ | Chain INPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | 1 0 0 ACCEPT | ||
+ | 2 0 0 ACCEPT | ||
+ | 3 0 0 ACCEPT | ||
+ | 4 0 0 ACCEPT | ||
+ | 5 0 0 ACCEPT | ||
+ | 6 0 0 REJECT | ||
+ | |||
+ | Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | 1 0 0 REJECT | ||
+ | |||
+ | Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) | ||
+ | num pkts bytes target | ||
+ | </ | ||
+ | |||
+ | Die neue Zeile ist an **Position 5 (INPUT)** zu sehen, hier nachfolgend zur Verdeutlichung noch einmal dargestellt (**nur relevanter Ausschnitt**): | ||
+ | < | ||
+ | ... | ||
+ | 5 0 0 ACCEPT | ||
+ | ... | ||
+ | </ | ||
+ | |||
+ | Um diese '' | ||
+ | < | ||
+ | # / | ||
</ | </ | ||
Zeile 446: | Zeile 590: | ||
pub 4096R/ | pub 4096R/ | ||
sub 4096R/ | sub 4096R/ | ||
+ | </ | ||
+ | |||
+ | ===== Erster Start OpenPGPKey-milter ===== | ||
+ | |||
+ | Um den [[https:// | ||
+ | < | ||
+ | # systemctl start openpgpkey-milter | ||
+ | </ | ||
+ | |||
+ | Eine Überprüfung ob der Start des [[http:// | ||
+ | < | ||
+ | # systemctl status openpgpkey-milter | ||
+ | ● openpgpkey-milter.service - OPENPGPKEY auto encryption milter | ||
+ | | ||
+ | | ||
+ | Main PID: 31380 (openpgpkey-milt) | ||
+ | | ||
+ | | ||
+ | | ||
+ | |||
+ | Aug 31 15:15:15 vml70060.idmz.tachtler.net systemd[1]: Started OPENPGPKEY aut... | ||
+ | Aug 31 15:15:15 vml70060.idmz.tachtler.net systemd[1]: Starting OPENPGPKEY au... | ||
+ | Aug 31 15:15:15 vml70060.idmz.tachtler.net openpgpkey-milter[31380]: | ||
+ | Aug 31 15:15:15 vml70060.idmz.tachtler.net openpgpkey-milter[31380]: | ||
+ | Hint: Some lines were ellipsized, use -l to show in full. | ||
+ | </ | ||
+ | |||
+ | bzw. mit nachfolgendem Befehl, ob der Dienst/ | ||
+ | < | ||
+ | # ps aux | grep openpgpkey-milter | ||
+ | root | ||
+ | root | ||
+ | root | ||
</ | </ | ||
Zeile 467: | Zeile 644: | ||
... | ... | ||
# OPENPGPKEY (openphpkey-milter) | # OPENPGPKEY (openphpkey-milter) | ||
- | openpgpkey_milter = inet:192.168.0.60:8890 | + | openpgpkey_milter = inet:127.0.0.1:8890 |
... | ... | ||
</ | </ | ||
Zeile 533: | Zeile 710: | ||
:!: **ACHTUNG** - **Falls ein '' | :!: **ACHTUNG** - **Falls ein '' | ||
- | ===== Neustart ===== | + | ===== Neustart |
Falls vorstehende Änderungen (natürlich an die jeweiligen Bedürfnisse angepasst) durchgeführt wurden, muss ein **Neustart** von [[http:// | Falls vorstehende Änderungen (natürlich an die jeweiligen Bedürfnisse angepasst) durchgeführt wurden, muss ein **Neustart** von [[http:// |
tachtler/postfix_centos_7_-_openpgpkey_anbinden_openpgpkey-milter.1535719862.txt.gz · Zuletzt geändert: 2018/08/31 14:51 von klaus