官网:http://www.jumpserver.org/
系统:centos7.2 基本安装
备注:如果是centos系统最好使用基本安装,否则可能出现python版本和jumper要求的不一致
服务端的安装
1. 安装gityum -y install git
2. 下载jumpserver
cd /opt
git clone https://github.com/jumpserver/jumpserver.git
注:不要安装在/root、/home 等目录下,以免权限问题
或者直接下载zip包jumpserver-0.3.2.zip
unzip jumpserver-0.3.2.zip
3. 执行安装脚本
cd /opt/jumpserver-0.3.2/install
python install.py
报错:
开始安装依赖pip包
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Cannot uninstall requirement pycrypto, not installed
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Collecting django==1.6 (from -r requirements.txt (line 1))
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
/usr/lib/python2.6/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Could not find a version that satisfies the requirement django==1.6 (from -r requirements.txt (line 1)) (from versions: )
No matching distribution found for django==1.6 (from -r requirements.txt (line 1))
安装JumpServer 依赖的python库失败!
解决办法:
使用其他pip源
pip install -r requirements.txt -i https://pypi.tuna.tsinghua.edu.cn/simple
pip install pycrypto==2.4.1 -i https://pypi.tuna.tsinghua.edu.cn/simple
继续执行:
python install.py
报错:
InsecurePlatformWarning
Could not find a version that satisfies the requirement pycrypto==2.4.1 (from -r requirements.txt (line 2)) (from versions: )
No matching distribution found for pycrypto==2.4.1 (from -r requirements.txt (line 2))
手动安装指定版本:
pip install pycrypto==2.4.1 -i https://pypi.tuna.tsinghua.edu.cn/simple
easy_install -i pycrypto==2.4.1 https://pypi.tuna.tsinghua.edu.cn/simple
easy_install -i http://pypi.douban.com/simple/ pycrypto==2.4.1
pip install -i http://pypi.douban.com/simple/ pycrypto==2.4.1
注:
1. 安装过程中要求输入数据库密码时,直接回车就行
请输入您服务器的IP地址,用户浏览器可以访问 [192.168.3.108]:
是否安装新的MySQL服务器? (y/n) [y]: n
请输入数据库服务器IP [127.0.0.1]:
请输入数据库服务器端口 [3306]:
请输入数据库服务器用户 [jumpserver]: root
请输入数据库服务器密码: root
请输入使用的数据库 [jumpserver]:
数据库连接失败 (1049, "Unknown database 'jumpserver'")
是否安装新的MySQL服务器? (y/n) [y]: n
请输入数据库服务器IP [127.0.0.1]:
请输入数据库服务器端口 [3306]:
请输入数据库服务器用户 [jumpserver]: root
请输入数据库服务器密码: root
请输入使用的数据库 [jumpserver]:
因为我之前安装过meridb,所以需要连接数据库创建jumpserver数据库
MariaDB [(none)]>create database jumpserver charset=utf8;
2. 完成安装后,请访问web,继续查看后续文档
3. 如果启动失败,请返回上层目录,手动运行 python run_server.py 或 ./service.sh restart启动
4. 默认账号密码 admin 5Lov@wife
客户端的安装:
无需安装agent适用于版本:v0.3.1-2
Redhat/Centos/Fedora 环境要满足以下条件:which 查看
CentOS 6.5
[root@CentOS ~]# which sudo
/usr/bin/sudo
[root@CentOS ~]# which su
/bin/su
[root@CentOS ~]# which visudo
/usr/sbin/visudo
[root@CentOS ~]# which python
/usr/bin/python
[root@CentOS ~]# ls -l /etc/sudoers
-r--r-----. 1 root root 4082 Feb 29 17:44 /etc/sudoers
CentOS 7.0
[root@CentOS ~]# which sudo
/usr/bin/sudo
[root@CentOS ~]# which su
/usr/bin/su
[root@CentOS ~]# which visudo
/usr/sbin/visudo
[root@CentOS ~]# which python
/usr/bin/python
[root@CentOS ~]# ls -l /etc/sudoers
-r--r-----. 1 root root 4080 Feb 29 04:44 /etc/sudoers
RedHat 6.5
[root@RedHat ~]# which sudo
/usr/bin/sudo
[root@RedHat ~]# which su
/bin/su
[root@RedHat ~]# which visudo
/usr/sbin/visudo
[root@RedHat ~]# which python
/usr/bin/python
[root@RedHat ~]# ls -l /etc/sudoers
-r--r-----. 1 root root 4082 Feb 29 17:44 /etc/sudoers
Fedora 23
[root@Fedora ~]# which sudo
/usr/bin/sudo
[root@Fedora ~]# which su
/usr/bin/su
[root@Fedora ~]# which visudo
/usr/sbin/visudo
[root@Fedora ~]# which python
/usr/bin/python
[root@Fedora ~]# ls -l /etc/sudoers
-r--r-----. 1 root root 3333 Feb 29 09:45 /etc/sudoers
注:
1. 客户端需要有python,sudo 环境,
2. 跟which 查看路径是否一样
3. 客户端如果开启了selinux,请安装 libselinux-python,
其中ReHat6.5、Fedora23 需要执行 yum -y install libselinux-python
如果系统环境不满足以上条件(包括其它版本系统),会导致jumpserver在推送系统用户、批量执行命令等功能失败