Tag Archives: server

Minecraft 1.8.1 CraftBukkit 建服

因为1.8的bukkit还没有推荐使用版本所以官网首页上下不到,所以要到这里下个最新能用的版本:
http://ci.bukkit.org/job/dev-CraftBukkit/

所谓“最新能用版本”就是左边列表里带蓝色泡泡的最新一个。
下载放到服务器目录(建个文件夹),新建文本文档输入:

@ECHO OFF
IF /I “%PROCESSOR_ARCHITECTURE:~-2%”==”64” “%ProgramFiles(x86)%\Java\jre6\bin\java.exe” -Xincgc -Xmx1024M -jar “%~dp0craftbukkit-0.0.1-snapshot.jar”
IF /I “%PROCESSOR_ARCHITECTURE:~-2%”==”86” java -Xincgc -Xmx1024M -jar “%~dp0craftbukkit-0.0.1-snapshot.jar”
PAUSE

保存,后缀名改成.bat,运行。
等载入完以后关掉…因为大家都是用的盗版所以要改个东西,这个微妙的东西在 [服务器目录]/server.properties 里,记事本打开这个文件,有一行

online-mode=false

false改成true就可以了,重新就可以用客户端进了。
插件列表点这里 竟然没有按population排列的选项啊囧…

Selinux prevents httpd from accessing home directory

I tried to share files via httpd(Apache originally), however it wouldn’t work, saying 403 forbidden.
Apparently we need to set options to permit httpd to follow symbolic links. In /etc/httpd/conf/httpd.conf, ensure there is text below:

(Under <Directory “/var/www/html”>, there should be)
Options Indexes FollowSymLinks MultiViews

But the problem remained. After quite a while I noticed there were some Selinux alerts saying “SELinux is preventing the http daemon from reading users’ home directories.”

Then I disabled selinux(command “setenforce 0” to make it sleep temporarily) and it worked. As Selinux is a kernel-level security mechanism on your system, not a some antivirus or firewall software thing, it may not be wise to throw it away. Check Joshua Brindle (an SELinux developer) ‘s  comments on disabling SELinux here, which states clearly that applications should be fixed to work with SELinux, rather than disabling the OS security mechanism.

So what I do is:

1. According to Selinux log(you can generate it with command “sealert -a /var/log/audit/audit.log”, run “setsebool -P httpd_enable_homedirs on” to enable the literal option(this command takes 20 secs to be done I don’t know why).
2. Still doesn’t work, after some googling I found this, run “chcon -t httpd_user_content_t /home/Viaxl/Music -R” to authorize world rx permissions to apache access (recursively) .

Now they all work right. I found this kind of multi-layer protection, though very complex, is really handful. In this case I only permit http daemon(as a “Target” of Selinux’s conception) to access my Music folder, and this can’t be done precisely by chmod or something.