1 #!/bin/sh 2 #L5500-检查日志文件权限设置 3 function resultCheck() { 4 echo "["$1"]["$2"]["$3"]["$4"]" 5 } 6 7 function logdirCheck() { 8 LOGDIR=$(cat $1 | grep -v "^[[:space:]]*#" |sed '/^#/d' |sed '/^$/d' |awk '(($2!~/@/) && ($2!~/*/) && ($2!~/-/)) {print $2}') 9 ls -l $LOGDIR 2>/etc/null | grep "^-" | awk '{print $1,$9}' |while read modFile fileName 10 do 11 groupmod=$(echo $modFile |cut -c5-7) 12 othenmod=$(echo $modFile |cut -c8-) 13 if [[ $groupmod = "r-x" ]] || [[ $groupmod = "rw-" ]] || [[ $groupmod = "rwx" ]] || [[ $othenmod = "r-x" ]] || [[ $othenmod = "rw-" ]] || [[ $othenmod = "rwx" ]];then 14 statCheck=0 15 strCheck=$strCheck","$fileName":"$modFile 16 fi 17 done 18 } 19 20 statCheck=1 21 strCheck="" 22 file1="/etc/rsyslog.conf" 23 file2="/etc/syslog.conf" 24 file3="/etc/syslog-ng/syslog-ng.conf" 25 26 if [[ -f $file1 ]];then 27 logdirCheck "$file1" 28 elif [[ -f $file2 ]];then 29 logdirCheck "$file2" 30 elif [[ -f $file3 ]];then 31 logdirCheck "$file3" 32 else 33 statCheck=0 34 strCheck="no configuration file for syslog" 35 fi 36 37 38 # check result 39 resultCheck "L5500" "$statCheck" "$strCheck" 40 41 ##------------------------------------------------------------------------------------------------------------------------- 42 #L2900-禁止Core Dump 43 #!/bin/sh 44 function resultCheck() { 45 echo "["$1"]["$2"]["$3"]["$4"]" 46 } 47 48 statCheck=1 49 strCheck="" 50 # /etc/secrity/limits.conf check 51 softCheck=$(cat /etc/security/limits.conf | grep -v ^# | grep "^*\([[:space:]]\+\)soft\([[:space:]]\+\)core\([[:space:]]\+\)0"|wc -l) 52 if [[ $softCheck = 0 ]];then 53 statCheck=0 54 strCheck=" '* soft core 0' not set " 55 fi 56 57 hardCheck=$(cat /etc/security/limits.conf | grep -v ^# | grep "^*\([[:space:]]\+\)hard\([[:space:]]\+\)core\([[:space:]]\+\)0"|wc -l) 58 if [[ $hardCheck = 0 ]];then 59 statCheck=0 60 strCheck=$strCheck", '* hard core 0' not set " 61 fi 62 63 # check result 64 resultCheck "L2900" "$statCheck" "$strCheck" 65 ##-------------------------------------------------------------------------------------------------------------------------------- 66 #L4500-启用TCP SYN Cookie保护 67 #!/bin/sh 68 function resultCheck() { 69 echo "["$1"]["$2"]["$3"]["$4"]" 70 } 71 72 statCheck=1 73 strCheck="" 74 tcpCheck=$(cat /proc/sys/net/ipv4/tcp_syncookies) 75 if [[ $tcpCheck != 1 ]];then 76 statCheck=0 77 strCheck="tcp_syncookies="$tcpCheck 78 fi 79 80 # check result 81 resultCheck "L4500" "$statCheck" "$strCheck" 82 ##------------------------------------------------------------------------------------------------------------------------------------------ 83 #L2800-检查umask值是否符合要求 84 #!/bin/sh 85 function resultCheck() { 86 echo "["$1"]["$2"]["$3"]["$4"]" 87 } 88 89 statCheck=1 90 strCheck="" 91 # /etc/bashrc check 92 93 for valUmask in `cat /etc/bashrc |grep umask | awk '{print $1,$2}'| egrep "077"` 94 do 95 if [[ $valUmask = "" ]];then 96 statCheck=0 97 strCheck=$strCheck",umask:"$valUmask 98 fi 99 done 100 101 # check result 102 resultCheck "L2800" "$statCheck" "$strCheck" 103 #-------------------------------------------------------------------------------------------------------------------------------------- 104 #L2500-检查密码重复使用次数限制 105 #!/bin/sh 106 function resultCheck() { 107 echo "["$1"]["$2"]["$3"]["$4"]" 108 } 109 110 statCheck=1 111 strCheck="" 112 113 pass_rember="password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=10" 113 114 pass_rember_Check=$(cat /etc/pam.d/common-password|grep ^"password sufficient pam_unix.so") 114 115 # /etc/pam.d/system-auth check 116 pass_rember="password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=10" 117 pass_rember="password sufficient pam_unix.so md5 shadow nullok try_first_pass use_authtok remember=10" 118 pass_rember_Check=$(cat /etc/pam.d/system-auth|grep ^"password sufficient pam_unix.so") 119 if [[ $pass_rember_Check != $pass_rember ]];then 120 statCheck=0 121 strCheck="check result:"$pass_rember_Check 122 fi 123 # check result 124 resultCheck "L2500" "$statCheck" "$strCheck" 125 #------------------------------------------------------------------------------------------------------------------------------------------ 126 #L2400-检查是否设置口令过期前警告天数 127 #!/bin/sh 128 function resultCheck() { 129 echo "["$1"]["$2"]["$3"]["$4"]" 130 } 131 132 statCheck=1 133 strCheck="" 134 # /etc/login.def check 135 PASS_WARN_AGE=$(cat /etc/login.defs |grep -v ^#|grep PASS_WARN_AGE |awk '{print $2}') 136 if [[ $PASS_WARN_AGE -ge 14 ]];then 137 : 138 else 139 statCheck=0 140 strCheck="PASS_WARN_AGE="$PASS_WARN_AGE 141 fi 142 143 # check result 144 resultCheck "L2400" "$statCheck" "$strCheck" 145 #------------------------------------------------------------------------------------------------------------------------------------------- 146 #L2300-检查口令最小长度 147 #!/bin/sh 148 function resultCheck() { 149 echo "["$1"]["$2"]["$3"]["$4"]" 150 } 151 152 statCheck=1 153 strCheck="" 154 # /etc/login.def check 155 PASS_MIN_LEN=$(cat /etc/login.defs |grep -v ^#|grep PASS_MIN_LEN |awk '{print $2}') 156 if [[ $PASS_MIN_LEN -ge 8 ]];then 157 : 158 else 159 statCheck=0 160 strCheck="PASS_MIN_LEN="$PASS_MIN_LEN 161 fi 162 163 # check result 164 resultCheck "L2300" "$statCheck" "$strCheck" 165 #----------------------------------------------------------------------------------------------------------------------------------------------- 166 171 passwdRight="password required pam_cracklib.so try_first_pass retry=3 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 minlen=8" 167 172 passwdCheck=$(cat /etc/pam.d/common-password |grep ^"password required pam_cracklib") 168 169 #L2200-检查设备密码复杂度策略 170 #!/bin/sh 171 function resultCheck() { 172 echo "["$1"]["$2"]["$3"]["$4"]" 173 } 174 175 statCheck=1 176 strCheck="" 177 # /etc/pam.d/system-auth check 178 passwdRight="password required pam_cracklib.so try_first_pass retry=3 lcredit=-1 ucredit=-1 dcredit=-1 ocredit=-1 minlen=8" 179 passwdCheck=$(cat /etc/pam.d/system-auth |grep ^"password required pam_cracklib") 180 if [[ $passwdCheck != $passwdRight ]];then 181 statCheck=0 182 strCheck="check result: "$passwdCheck 183 fi 184 # check result 185 resultCheck "L2200" "$statCheck" "$strCheck" 186 #-------------------------------------------------------------------------------------------------------------------------------------------------- 187 #L2100-检查是否设置口令更改最小间隔天数 188 #!/bin/sh 189 function resultCheck() { 190 echo "["$1"]["$2"]["$3"]["$4"]" 191 } 192 193 statCheck=1 194 strCheck="" 195 # /etc/login.def check 196 PASS_MIN_DAYS=$(cat /etc/login.defs |grep -v ^#|grep PASS_MIN_DAYS |awk '{print $2}') 197 if [[ $PASS_MIN_DAYS -ge 2 ]];then 198 : 199 else 200 statCheck=0 201 strCheck="PASS_MIN_DAYS="$PASS_MIN_DAYS 202 fi 203 204 # check result 205 resultCheck "L2100" "$statCheck" "$strCheck" 206 #---------------------------------------------------------------------------------------------------------------------------------------------------- 207 #L2000-查是否设置口令生存周期 208 #!/bin/sh 209 function resultCheck() { 210 echo "["$1"]["$2"]["$3"]["$4"]" 211 } 212 213 statCheck=1 214 strCheck="" 215 # /etc/login.def check 216 PASS_MAX_DAYS=$(cat /etc/login.defs |grep -v ^#|grep PASS_MAX_DAYS |awk '{print $2}') 217 if [[ $PASS_MAX_DAYS -gt 0 ]] && [[ $PASS_MAX_DAYS -le 90 ]];then 218 statCheck=1 219 else 220 statCheck=0 221 strCheck="PASS_MAX_DAYS="$PASS_MAX_DAYS 222 fi 223 224 # check result 225 resultCheck "L2000" "$statCheck" "$strCheck" 226 #------------------------------------------------------------------------------------------------------------------------------------------------------- 227 #L1600-检查某些特地组是否已按要求删除 228 #!/bin/sh 229 function resultCheck() { 230 echo "["$1"]["$2"]["$3"]["$4"]" 231 } 232 233 statCheck=1 234 strCheck="" 235 # group check 236 groupCheck=$(cat /etc/group| grep -v ^# |cut -d: -f1 | grep -E "lp|mail|news|uucp|games|ftp|floppy|mailnull"|xargs) 237 if [[ $groupCheck != "" ]];then 238 statCheck=0 239 strCheck="group not delete:"$groupCheck 240 fi 241 242 # check result 243 resultCheck "L1600" "$statCheck" "$strCheck" 244 #-------------------------------------------------------------------------------- 245 #L1500-检查某些特定账号是否已按要求删除 246 #!/bin/sh 247 function resultCheck() { 248 echo "["$1"]["$2"]["$3"]["$4"]" 249 } 250 statCheck=1 251 strCheck="" 252 # user check 253 userCheck=$(cat /etc/passwd | grep -v ^# |cut -d: -f1| grep -E "games|uucp|lp|ftp|news|rpcuser|mail"|xargs) 254 if [[ $userCheck != "" ]];then 255 statCheck=0 256 strCheck="user:"$userCheck" not delete!" 257 fi 258 259 # check result 260 resultCheck "L1500" "$statCheck" "$strCheck" 261 #---------------------------------------------------------------------------------- 262 #L1400-检查用户账号设置是否符合要求 263 #!/bin/sh 264 function resultCheck() { 265 echo "["$1"]["$2"]["$3"]["$4"]" 266 } 267 statCheck=1 268 strCheck="" 269 # uid check 270 repetID=$(cat /etc/passwd | cut -d: -f3 | sort -n |uniq -d | xargs) 271 if [[ $repetID != "" ]];then 272 statCheck=0 273 strCheck="repet-id:"$repetID 274 fi 275 276 # root id check 277 rootID=$(cat /etc/passwd | grep ^root: | cut -d: -f3) 278 if [[ $rootID != "0" ]];then 279 statCheck=0 280 strCheck=$strCheck",root-id:"$rootID 281 fi 282 283 # root group check 284 numGroupID=$(cat /etc/passwd |grep -v ^root:| cut -d: -f1,4 | grep :0$ |cut -d: -f1 |xargs) 285 if [[ $numGroupID != "" ]];then 286 statCheck=0 287 strCheck=$strCheck",root-group:"$numGroupID 288 fi 289 290 # check result 291 resultCheck "L1400" "$statCheck" "$strCheck" 292 #--------------------------------------------------------------------------------- 293 #L5000-禁止路由转发 294 #!/bin/sh 295 function resultCheck() { 296 echo "["$1"]["$2"]["$3"]["$4"]" 297 } 298 299 statCheck=1 300 strCheck="" 301 ip_forward_Check=$(cat /proc/sys/net/ipv4/ip_forward) 302 if [[ $ip_forward_Check != 0 ]];then 303 statCheck=0 304 strCheck="ip_forward_Check="$ip_forward_Check 305 fi 306 307 # check result 308 resultCheck "L5000" "$statCheck" "$strCheck" 309 #---------------------------------------------------------------------------------------- 310 #L4900-禁止时间戳广播响应 311 #!/bin/sh 312 function resultCheck() { 313 echo "["$1"]["$2"]["$3"]["$4"]" 314 } 315 316 statCheck=1 317 strCheck="" 318 319 # check result 320 resultCheck "L4900" "$statCheck" "$strCheck" 321 #----------------------------------------------------------------------------------------- 322 #L4800-禁止Echo回应广播 323 #!/bin/sh 324 function resultCheck() { 325 echo "["$1"]["$2"]["$3"]["$4"]" 326 } 327 328 statCheck=1 329 strCheck="" 330 echo_Check=$(cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts) 331 if [[ $echo_Check != 1 ]];then 332 statCheck=0 333 strCheck="echo_Check="$echo_Check 334 fi 335 336 # check result 337 resultCheck "L4800" "$statCheck" "$strCheck" 338 #------------------------------------------------------------------------------ 339 #L4700-禁止源站路由 340 #!/bin/sh 341 function resultCheck() { 342 echo "["$1"]["$2"]["$3"]["$4"]" 343 } 344 345 statCheck=1 346 strCheck="" 347 accept_source_route_Check=$(cat /proc/sys/net/ipv4/conf/all/accept_source_route) 348 if [[ $accept_source_route_Check != 0 ]];then 349 statCheck=0 350 strCheck="accept_source_route_Check="$accept_source_route_Check 351 fi 352 353 # check result 354 resultCheck "L4700" "$statCheck" "$strCheck" 355 #------------------------------------------------------------------------------------------------ 356 #L4600-禁止路由重定向 357 #!/bin/sh 358 function resultCheck() { 359 echo "["$1"]["$2"]["$3"]["$4"]" 360 } 361 362 statCheck=1 363 strCheck="" 364 accept_redirects_Check=$(cat /proc/sys/net/ipv4/conf/all/accept_redirects 2>/dev/null) 365 if [[ $accept_redirects_Check != 0 ]];then 366 statCheck=0 367 strCheck="accept_redirects_Check="$accept_redirects_Check 368 fi 369 370 # check result 371 resultCheck "L4600" "$statCheck" "$strCheck" 372 #------------------------------------------------------------------------- 373 #L3800-关闭不需要的基本系统服务 374 #!/bin/sh 375 function resultCheck() { 376 echo "["$1"]["$2"]["$3"]["$4"]" 377 } 378 function pidoffCheck() { 379 if [[ $(ps -ef |grep -v grep |grep $1 ) != "" ]];then 380 statCheck=0 381 strCheck=$strCheck",$1 on" 382 fi 383 } 384 statCheck=1 385 strCheck="" 386 387 pidoffCheck "ntpd" 388 pidoffCheck "chronyd" 389 pidoffCheck "avahi" 390 pidoffCheck "cupsd" 391 pidoffCheck "dhcpd" 392 pidoffCheck "ldap" 393 pidoffCheck "nfsd" 394 pidoffCheck "dns[[:space:]]" 395 pidoffCheck "ftp[[:space:]]" 396 pidoffCheck "httpd" 397 pidoffCheck "imap" 398 pidoffCheck "smb[[:space:]]" 399 pidoffCheck "squid" 400 pidoffCheck "snmpd" 401 pidoffCheck "nis" 402 pidoffCheck "rsh" 403 pidoffCheck "telnet" 404 pidoffCheck "rsync" 405 pidoffCheck "talk" 406 pidoffCheck "tftp" 407 pidoffCheck "vsftpd" 408 pidoffCheck "webmin" 409 pidoffCheck "winbind" 410 pidoffCheck "wu-ftpd" 411 pidoffCheck "ypbind" 412 413 # check result 414 resultCheck "L3800" "$statCheck" "$strCheck" 415 #================================================================= 416 #Redhat Centos Suse判断网卡是否为混杂模式 417 #================================================================= 418 statCheck=1 419 #strCheck="开始检查网卡模式" 420 #resultCheck "L6800" "$statCheck" "$strCheck" 421 422 #判断网卡是否为混杂模式 423 networksetting=$(ifconfig | egrep "PROMISC") 424 statCheck=0 425 if [[ $networksetting != "" ]];then 426 strCheck="存在混杂模式的网卡" 427 else 428 statCheck=1 429 strCheck="不存在混杂模式的网卡" 430 fi 431 432 # check result 433 resultCheck "L6800" "$statCheck" "$strCheck" 434 #------------------------------------------------------------------------------------------------------------------------------ 435 #L6300-检查日志是否按要求集中存储 436 #!/bin/sh 437 function resultCheck() { 438 echo "["$1"]["$2"]["$3"]["$4"]" 439 } 440 441 statCheck=1 442 strCheck="" 443 file1=/etc/rsyslog.conf 444 file2=/etc/syslog.conf 445 446 if [[ -f $file1 ]];then 447 if [[ `cat $file1 |grep -v ^# |grep @` = "" ]];then 448 statCheck=0 449 strCheck="logs are not centrally stored!" 450 fi 451 elif [[ -f $file2 ]];then 452 if [[ `cat $file2 |grep -v ^# |grep @` = "" ]];then 453 statCheck=0 454 strCheck="logs are not centrally stored!" 455 fi 456 else 457 statCheck=0 458 strCheck="no configuration file for syslog" 459 fi 460 461 # check result 462 resultCheck "L6300" "$statCheck" "$strCheck" 463 #--------------------------------------------------------------------------------------------------------------- 464 #L6500-检查安全事件日志配置 465 #!/bin/sh 466 function resultCheck() { 467 echo "["$1"]["$2"]["$3"]["$4"]" 468 } 469 470 statCheck=1 471 strCheck="" 472 473 file1=/etc/rsyslog.conf 474 file2=/etc/syslog.conf 475 file3=/var/adm/messages 476 477 if [[ -f $file1 ]];then 478 logCheck=$(cat $file1 |grep -v ^# |grep "*.err;kern.debug;daemon.notice"|awk '{print $2}') 479 if [[ $logCheck != $file3 ]];then 480 statCheck=0 481 strCheck=$logCheck 482 elif [[ -f $file3 ]];then 483 filemod=$(ls -ld $file3 |awk '{print $1}') 484 if test $filemod != "-rw-rw-rw-" -a $filemod != "-rw-rw-rw-.";then 485 statCheck=0 486 strCheck=$strCheck","$file3":file mod incorrectly!" 487 fi 488 else 489 statCheck=0 490 strCheck=$strCheck","$file3":file not exists!" 491 fi 492 elif [[ -f $file2 ]];then 493 logCheck=$(cat $file2 |grep -v ^# |grep "*.err;kern.debug;daemon.notice"|awk '{print $2}') 494 if [[ $logCheck != $file3 ]];then 495 statCheck=0 496 strCheck=$logCheck 497 elif [[ -f $file3 ]];then 498 filemod=$(ls -ld $file3 |awk '{print $1}') 499 if test $filemod != "-rw-rw-rw-" -a $filemod != "-rw-rw-rw-." ;then 500 statCheck=0 501 strCheck=$strCheck","$file3":file mod incorrectly!" 502 fi 503 else 504 statCheck=0 505 strCheck=$strCheck","$file3":file not exists!" 506 fi 507 else 508 statCheck=0 509 strCheck="no configuration file for syslog" 510 fi 511 512 513 # check result 514 resultCheck "L6500" "$statCheck" "$strCheck"
Linux安全加固 1.禁止ping /etc/rc.d/rc.local echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all 2.对用户和口令文件进行权限控制 chmod 600 /etc/passwd chmod 600 /etc/shadow chmod 600 /etc/group chmod 600 /etc/gshadow 3.给下面文件加上不可更改属性 chattr +i /etc/passwd chattr +i /etc/shadow chattr +i /etc/group chattr +i /etc/gshadow 4.对vsftp进行访问控制 vi hosts.deny vsftpd: all –先禁止所有vsftp的请求 vi hosts.allow vsftpd: 192.168.2.1 –再允许内网的vsftd请求 5.关闭无用端口,只开启常规端口(21、22、80、443) service portmap stop chkconfig –level 35 portmap off –关闭111端口 netstat -nap |grep 32768 killall rpc.statd –关闭32768端口 netstat -nap |grep 631 killall cupsd –关闭631端口 service sendmail stop chkconfig –level 12345 sendmail off –关闭25端口 6.apache安全设置(先备份httpd.conf配置文件) vi /etc/httpd/httpd.conf ServerSignature Off ServerTokens Prod —隐藏Apache的版本号及其它敏感信息 Options -ExecCGI -FollowSymLinks -Indexes –关闭CGI执行程序、includes、目录浏览 将UserDir public_html改为UserDir disabled #ScriptAlias /cgi-bin “/usr/local/apache/cgi-bin/” 注释掉manual 7.vi /etc/profile HISTFILESIZE=30 HISTSIZE=30 –这表示每个用户的“.bash_history”文件只可以保存30条旧命令 tmout=600 –用户将在10分钟无操作后自动注销 vi /etc/skel/.bash_logout rm -f $HOME/.bash_history –当用户每次注销时,“.bash_history”文件都会被删除。 vi /etc/inittab ca::ctrlaltdel:/sbin/shutdown -t3 -r now 改为: #ca::ctrlaltdel:/sbin/shutdown -t3 -r now /sbin/init q –让改动起作用 8.删除无法帐户和组 userdel adm userdel lp userdel sync userdel shutdown userdel halt userdel mail userdel news userdel uucp userdel operator userdel games userdel ftp groupdel adm groupdel lp groupdel mail groupdel news groupdel uucp groupdel games ================================================================================================== 你的webserver支持TRACE 和/或 TRACK 方式。 TRACE和TRACK是用来调试web服务器连接的HTTP方式。 支持该方式的服务器存在跨站脚本漏洞,通常在描述各种浏览器缺陷的时候,把”Cross-Site-Tracing”简称为XST。 攻击者可以利用此漏洞欺骗合法用户并得到他们的私人信息。 解决方案: 禁用这些方式。 如果你使用的是Apache, 在各虚拟主机的配置文件里添加如下语句: RewriteEngine on RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) RewriteRule .* – [F] =================================================================================================== 下面简单的说一些修改那些服务Banner的方法 apache 彻底地去掉banner, 修改httpd.h: Include/httpd.h Define SERVER_BASEVENDOR “Apache Group” Define SERVER_PRODUCTVENDOR “Apache” Define SERVER_BASEVERSION “1.3.27″ 后从新编译Apache就能够完全去掉了 Wu-ftp 用十六进制文本编辑器修改/usr/sbin/in.ftpd文件,找到如下几行: /var/log/lastlog Could not write %.100s: %.100s Version wu-2.6.1-16 改成 Microsoft FTP Service (Version 5.0) 或者 Serv-U FTP Server v4.0 for WinSock ready… Telnet banner 编辑文件/etc/issue.net,找到类似这行(不同版本的Linux内容不太一样): Red Hat Linux release 8.0 (Psyche) Kernel r on an m 改成 Microsoft Windows Version 5.00 (Build 2195) Welcome to Microsoft Telnet Service Telnet Server Build 5.00.99206.1 由于issue.net重启后会自动恢复,为了保持这些伪造的信息,需要再编辑文件/etc/rc.local,在这些行前加“#”号,注释掉恢复的功能: # echo “” > /etc/issue # echo “$R” >> /etc/issue # echo “Kernel $(uname -r) on $a $SMP$(uname -m)” >> /etc/issue # cp -f /etc/issue /etc/issue.net # echo >> /etc/issue Apache 在安装Apache前,在源文件/src/include目录下找到httpd.h头文件。此文件定义了apache的版本信息,apache安装时需要调用它。编辑http.h文件,找到如下几行: #define SERVER_BASEVENDOR “Apache Group” #define SERVER_BASEPRODUCT “Apache” #define SERVER_BASEREVISION “1.3.20″ 可以根据自己的意愿改成其他信息,笔者改的是Microsoft-IIS/5.0。 SSH 编辑文件/etc/ssh/sshd_config,找到这行: Banner /etc/issue.net 在此行前加#进行注释就可以不显示SSH的Banner。 Sendmail 在sendmail.mc文件中去掉$v、$z这两个宏,并包含下面的内容: define(`confSMTP_LOGIN_MSG’,$j Sendmail Secure/Rabid;$b) 然后生成sendmail.cf文件: #m4 /etc/mail/sendmail.mc > /etc/sendmail.cf 如果sendmail.mc中没有include(`/usr/share/sendmail-cf/m4/cf.m4′)这一行就需要和Sendmail提供的预设的配置文件cf.m4一起使用来生成文件sendmail.cf: #m4 /usr/share/sendmail-cf/m4/cf.m4 /etc/mail/sendmail.mc > /etc/sendmail.cf php vi php.ini 设置 expose_php = Off
367
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
