Upload
manaf-hasibuan
View
180
Download
0
Embed Size (px)
DESCRIPTION
Konfigurasi Mageia Server
Citation preview
KONFIGURASI MAGEIA
SERVER
KONFIGURASI HOST MAGEIA
Adjust /etc/hosts
Setting The Hostname
You can check the current hostname with the commands
If the output shows a wrong hostname, you can set the correct one like this:
To have the system set the correct hostname whenever you boot the system, we add the last command to
/etc/rc.local:
Configure urpmi
Creating An Auto-Update Script
Make the script executable:
Install Some Packages
Journaled Quota
Edit /etc/fstab to look like this (I added ,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 to the partition
with the mount point /) :
Then run:
–
SET QUOTA IN MAGEIA
After I’ve successed make PDC Server, now I must set the user quota for home directories so that the user
cannot save their file more than the limit in my Linux Server that use MAGEIA. In this tutorial, we’ll learn
how make user quota. Before we learn more than it, there are information that you should know. My home
and root directories in my linux machine aren’t same in one partition. The root partition are in sda1 partition
and the home in sda3 partition. The advantage is if my root partition are damage, I can still save my data in
home directory, isn’t that??
Okay, now we continue this tutorial. The first, we must install the quota package. I just type this command
for the installation
# urpmi quota
After that, you must configure the fstab file’s. In the command line just type like this
# vim /etc/fstab
Just find the /home word’s and then add usrquota and grpquota command in their like the below
configuration:
UUID=34a91051-f7c8-4795-a8b7-b4cfafb9ff06
/home ext4 acl,relatime,usrquota,grpquota 1 2
Maybe the UUID and ext4 file system’s in my configuration are different with you, but I think it’s not a
problem. Don’t forget save the configuration. Now, you must make two files in /home directory, that is
aquota.user and aquota.group. After that change the permissions can read and write only for root user. The
command are like the below:
# touch /home/aquota.user /home/aquota.group
# chmod 600 /home/aquota.*
Now, you must re-mount again your home directories to active the quota. Just type this command:
# mount -o remount /home/
You can check the quota has been activated from this command:
# quotacheck -vguma
Now, you must set the quota on like the below:
# quotaon -guva
Okay, I think you’ve successed activate your quota. Now, you must set the quota for user that you want. In
this tutorial, I want set the quota for tukularwana user’s. In the command line, I just type like this for the
configuration
# edquota -u tukularwana
I just set the value for hard of blocks (the value is KiloByte). In this example I want to set the quota for the
user are 10 MB. For the configuration you can see the example in the below:
Disk quotas for user tukularwana (uid 10122):
Filesystem blocks soft hard inodes soft hard
/dev/sda3 28 0 10240 7 0 0
Don’t forget save the configuration. Now… you can check the quota that user use, just type this command:
# repquota -a
MAKE MAGEIA AS SSH SERVER
SSH server is a remote login program. I usually use it when I’m in home or other location. Okay, I think you
can get the full meaning from the wikipedia website’s. Now let’s make my Mageia as remote login or SSH
server.
I think every Linux has SSH program but it just for client. For server you must install openssh-server. In the
command line, I just type like this for the installation:
#
After that I just run the SSH Server from this command:
#
If you get the message is OK, now you can test it from this command:
$
CONFIGURE DHCP SERVER Before you configure, you must install dhcp-server and the dependecies files. Just use the command like
here:
#
When installation is finished, you can configure dhcpd.conf. Just use this command to setting DHCP server:
#
Now edit the file like the below:
Don’t forget to save the configuration and then restart your dhcp server like the below:
#
If the respond is [OK] that means your dhcp server is ready and then you can try your client to get the IP
Address from the DHCP Server.
INSTALL WEB SERVER The first you must install apache, php and MySQL server. Actually I don’t remember what the package that
should I install for the web server. I usually just install phpmyadmin package’s and the other package will be
installed too because of other package is the dependecies for the phpmyadmin. Just use the command like the
below to install phpmyadmin package:
#
Mageia will ask you want to install the dependecies package’s, just answer Y and press enter. After the
installation is finished, you must run the server like the below command:
# /etc/init.d/httpd start
# /etc/init.d/mysqld start
And then you can try your web server in your favorite browser. Just open phpmyadmin url’s like the below:
localhost/phpmyadmin
The location for the web server folder’s is /var/www/html
MAKE SAMBA SERVER AS PDC SERVER IN MAGEIA
For the first, you must install samba-server package to your Mandriva 2010.2. Just type this command for the
installation
# urpmi samba-server
After the installation is finished, now you must setting the smb.conf like this command
# vim /etc/samba/smb.conf
This my configuration in smb.conf
[global]
workgroup = MAGEIALINUX #your Domain workgroup
server string = MAGEIA
printcap name = cups
load printers = yes
printcap cache time = 60
printing = cups
log file = /var/log/samba/%I.log
max log size = 50
log level = 1
hosts allow = 192.168.0. 127.
security = user
encrypt passwords = yes
smb passwd file = /etc/samba/smbpasswd
interfaces = eth1
os level = 65
domain master = yes
preferred master = yes
domain logons = yes
logon path = \\%L\Profiles\%U
logon drive = M:
time server = yes
add user script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -M „%u‟
passdb backend = tdbsam
wins support = yes
dns proxy = no
[homes]
comment = Home Directories
browseable = no
read only = no
max connections=1
path = /smbdata/netlogon
[Profiles]
path = /smbdata/roaming
browseable = no
read only = no
create mask = 0600
directory mask = 0700
[printers]
comment = All Printers
path = /var/spool/samba
browseable = no
guest ok = yes
writable = no
printable = yes
create mode = 0700
print command = lpr-cups -P %p -o raw %s -r # using client side printer drivers.
[print$]
path = /var/lib/samba/printers
browseable = yes
write list = @adm root
guest ok = yes
inherit permissions = yes
[pdf-gen]
path = /var/tmp
guest ok = No
printable = Yes
comment = PDF Generator (only valid users)
printing = bsd
print command = /usr/share/samba/scripts/print-pdf “%s” “%H” “//%L/%u” “%m” “%I” “%J”&
lpq command = /bin/true
Don‟t forget to save the configuration. Now you must make the directory of domain logons. The first you
must make smbdata folder‟s in your root directory and the next you must make netlogon and roaming
folder‟s in the smbdata directory and the last change the permissions for the roaming directory. This is the
command that we want to make their folder.
# mkdir -p /smbdata/roaming /smbdata/netlogon
# chmod 777 /smbdata/roaming
Next, you must add computer name of your client as user in your Mandriva 2010.2. In the command shell,
you just type like this (I use CLIENT-01 as my computer name of the client)
# useradd -d /dev/null -g 100 -s /bin/false -M CLIENT-01$
# smbpasswd -a -m CLIENT-01$
Now, you‟ll add the user name that you want to use in the client computer‟s and give the samba password for
the root user and then run the samba server like this command:
# useradd -d /home/tukularwana -s /bin/bash -g users -m tukularwana
# smbpasswd -a tukularwana
{type your password that you want for the user}
# smbpasswd -a root {type your samba password that you want for the root user}
# /etc/init.d/smb restart
Now in the client machine (Micro$oft Window$ XP SP3), you must setting it so that you can login with your
user name that you‟ve been add in the MAGEIA(I use tukularwana as the login user). Just follow this tutorial
in your client machines:
1. Open System in your Control Panel
2. Choose Computer Name Tab‟s and then click Change… button‟s in the System Properties dialog box
3. Fill with CLIENT-01 in the Computer name text box‟s
4. Choose Domain in Member of and then fill with MAGEIALINUX in the text box.
5. Click OK button
6. After Computer Name Changes dialog box appear, just fill User name with root and type the samba
password for root user‟s into Password text box‟s
7. Click OK button, if correct the welcome message dialog box will appear, just press OK and then reboot
your client machine.
8. After the reboot is finish, fill the User name with tukularwana (as you add in the client user) and type the
password for the user, don‟t forget change Log on to MAGEIALINUX and then press OK button.
MAKE MAGEIA AS FTP SERVER WITH PROFTPD
After I’ve successed make my linux as web server, now I make it as FTP server just for the anonymous.,
let’s type the command in your console:
#
After the installation is complete, now we must edit the proftpd.conf:
#
this is my configuration:
Now… I move proftpd-anonymous.conf from /etc to /etc/proftpd.d and edit the file:
#
#
This is my configuration in the file:
—
After that, you can run the proftpd server like this command:
#
If there aren’t error, try open the ftp server from your favorite browser and type the URL address
ftp://localhost
MAKE MANDRIVA 2010.2 AS DNS SERVER
The first we must install the bind package from the repo. I just type this command for installation:
# urpmi bind
After the installation, now you must edit the configuration. In the command just type like this:
# vim /etc/named.conf
Now, move your cursor to the last line to make the configuration for the IP address and the domain name that
you want. In my configuration, I just type like this:
zone “0.168.192.in-addr.arpa” IN { #you can change the IP address that you want type master; file “net.zone”; }; zone “myserver.com” IN { #change the domain name that you want type master; file “reverse/myserver.com”; #change the myserver.com as the domain name that you want allow-update { none; } };
Don’t forget to save the configuration.
Now you must make a file in /var/lib/named/var/named/reverse/ and named it as myserver.com or the
domain name that you’ve wrote in the named.conf
# touch /var/lib/named/var/named/reverse/myserver.com
Next, you open the configuration from the file that you make in /var/lib/named/var/named/reverse/
# vim /var/lib/named/var/named/reverse/myserver.com
And the type this configuration (you can change the myserver.com. as the domain that you want, don’t forget
add dot(.) in the last domain name that you want)
$TTL 86400@ IN SOA myserver.com. admin.myserver.com. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum @ IN NS ns1.myserver.com. @ IN MX 10 mail.myserver.com. @ IN A 192.168.0.1 ns1 IN A 192.168.0.1 www IN A 192.168.0.1 mail IN A 192.168.0.1 pop3 IN A 192.168.0.1 smpt IN A 192.168.0.1 ftp IN A 192.168.0.1 proxy IN A 192.168.0.1
ZONE REVERSE $TTL 86400@ IN SOA myserver.com. admin.myserver.com. ( 1997022700 ; Serial 28800 ; Refresh 14400 ; Retry 3600000 ; Expire 86400 ) ; Minimum @ IN NS ns1.myserver.com. 1 IN PTR ns1.myserver.com. 1 IN PTR www.myserver.com. 1 IN PTR mail.myserver.com. 1 IN PTR pop3.myserver.com. 1 IN PTR smptp.myserver.com. 1 IN PTR imap.myserver.com. 1 IN PTR ftp.myserver.com. 1 IN PTR proxy.myserver.com.
Don’t forget save the configuration and last run the DNS server like this command:
# /etc/init.d/named start
To try it, run your web server and in the client just open your browser and open the myserver.com website’s.
I hope you success make DNS Server.
INSTALL WEB SERVER IN MAGEIA
The first you must install apache, php and MySQL server (LAMP).
APACHE Enter the following command to install Apache:
Enable and Start the Apache service using the following command:
Or
Check the page with http://hostname or http://IP
MYSQL install Mysql the Server and the client
Open terminal and enter the following commands:
start the Mysqld with
Make the root password with the command mysql_secure_installation
PHP Install PHP using the command:
After this you have to restart apache
Check the php page with by creating a file
add this code to one file in apache like test.php (with vi nano or gedit )
and add
{codecitation}
or
Getting MySQL Support In PHP5
To get MySQL support in PHP, we can install the php-mysql package. It's a good idea to install some other PHP5
modules as well as you might need them for your applications. You can search for available PHP5 modules like this:
Pick the ones you need and install them like this:
Restart service apache :
Navigate to http://server-ip-address/testphp.php. It will display all the details about PHP such as version, build
date and commands etc.
PHPMYADMIN install phpmyadmin
open the browser on http://ip/phpmyadmin and login with root and root password of mysql server
4 Adjust /etc/hosts
Next we edit /etc/hosts. Make it look like this:
vi /etc/hosts
127.0.0.1 localhost.localdomain localhost 192.168.0.100 server1.example.com server1
5 Setting The Hostname You can check the current hostname with the commands
hostname hostname -f
Both commands should show server1.example.com.
If the output shows a wrong hostname, you can set the correct one like this:
echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname
To have the system set the correct hostname whenever you boot the system, we add the last command
to /etc/rc.local:
vi /etc/rc.local [...] /bin/hostname -F /etc/hostname
6 Configure urpmi
By default, Mandriva 2010.1 uses the installation DVD as its only software repository which is
inconvenient if the server is in a remote location. Therefore we disable the DVD and enable the
Mandriva online repositories:
urpmi.removemedia -a && urpmi.addmedia --distrib --mirrorlist
6.1 Creating An Auto-Update Script
Now we create a script /etc/cron.daily/software_update that will autmatically be run by cron daily and
looks for and installs the latest software updates on your Mandriva 2010.1 system. The script looks like
this:
vi /etc/cron.daily/software_update
#!/bin/bash urpmi --auto-update --update --auto
Make the script executable:
chmod 755 /etc/cron.daily/software_update
7 Install Some Packages Now we install a few packages that are needed later on:
urpmi fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils ncftp flex lib64xorg-x11-devel gcc gcc-c++
8 Journaled Quota To install the quota package, run
urpmi quota
Edit /etc/fstab to look like this (I added ,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 to
the partition with the mount point /):
vi /etc/fstab
# Entry for /dev/sda6 : UUID=75a65349-ecab-4c4e-8dee-93dff0cdcb57 / ext4 acl,relatime,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0 1 1 # Entry for /dev/sda1 : UUID=452a8832-a8a0-434a-9d92-e461fd3e143f /boot ext4 acl,relatime 1 2 /dev/cdrom /media/cdrom auto umask=0,users,iocharset=utf8,noauto,ro,exec 0 0 /dev/fd0 /media/floppy auto umask=0,users,iocharset=utf8,noauto,exec,flush 0 0 none /proc proc defaults 0 0 # Entry for /dev/sda5 : UUID=231bcd6d-ac65-4f7b-81ea-5a10b2a40d66 swap swap defaults 0 0
Then run:
touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /
quotacheck -avugm
quotaon -avug
9 DNS Server To install the BIND DNS server, run:
urpmi bind
Mandriva 2010.1's BIND is running chrooted by default, therefore we need to create a few symlinks so
that ISPConfig (if you want to install it) can deal with it:
1. mkdir -p lib/named/var 2. cd lib/named/var 3. ln -s ../../../named/ named 4. ln -s ../../../run/ run 5. cp /var/lib/named/var/named/reverse/named.local /var/lib/named/var/named/
Next we create the system startup links for BIND...
chkconfig named on
... and start it:
/etc/init.d/named start
10 MySQL 5
To install MySQL 5, we simply run:
urpmi MySQL MySQL-client lib64mysql-devel
By default, networking is not enabled in Mandriva 2010.1's MySQL package, but networking is required by
ISPConfig. We can change this by commenting out the line skip-networking in /etc/my.cnf.
vi /etc/my.cnf
[...]
# Don't listen on a TCP/IP port at all. This can be a security enhancement,
# if all processes that need to connect to mysqld run on the same host.
# All interaction with mysqld must be made via Unix sockets or named pipes.
# Note that using this option without enabling named pipes on Windows
# (via the "enable-named-pipe" option) will render mysqld useless!
#
#skip-networking
[...]
Afterwards, we create the system startup links for MySQL...
vi /etc/my.cnf
... and start it:
/etc/init.d/mysqld start
Now check that networking is enabled. Run
netstat -tap | grep mysql
The output should look like this:
[root@server1 var]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN
2540/mysqld
[root@server1 var]#
Next, run
mysql_secure_installation
to set a password for the user root (otherwise anybody can access your MySQL database!).
mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none): <-- ENTER
OK, successfully used password, moving on...
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] <-- ENTER
New password: <-- yourrootsqlpassword
Re-enter new password: <-- yourrootsqlpassword
Password updated successfully!
Reloading privilege tables..
... Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] <-- ENTER
... Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] <-- ENTER
... Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] <-- ENTER
- Dropping test database...
... Success!
- Removing privileges on test database...
... Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] <-- ENTER
... Success!
Cleaning up...
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
[root@server1 var]#
11 Postfix With SMTP-AUTH And TLS; Dovecot
Install the required packages (Postfix, cyrus-sasl, Dovecot, etc.) like this:
urpmi cyrus-sasl lib64sasl2 lib64sasl2-devel lib64sasl2-plug-plain lib64sasl2-plug-anonymous lib64sasl2-plug-crammd5 lib64sasl2-plug-digestmd5 lib64sasl2-plug-gssapi lib64sasl2-plug-login postfix dovecot
Then run:
postconf -e 'mydestination = /etc/postfix/local-host-names, localhost.$mydomain'
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mynetworks = 127.0.0.0/8'
touch /etc/postfix/local-host-names
Then we set the hostname in our Postfix installation (make sure you replace server1 and example.com with
your own settings):
postconf -e 'mydomain = example.com'
postconf -e 'myhostname = server1.$mydomain'
Edit /etc/sasl2/smtpd.conf. It should look like this:
vi /etc/sasl2/smtpd.conf
# SASL library configuration file for postfix
# all parameters are documented into:
# /usr/share/doc/cyrus-sasl/options.html
# The mech_list parameters list the sasl mechanisms to use,
# default being all mechs found.
mech_list: plain login
# To authenticate using the separate saslauthd daemon, (e.g. for
# system or ldap users). Also see /etc/sysconfig/saslauthd.
pwcheck_method: saslauthd
saslauthd_path: /var/lib/sasl2/mux
# To authenticate against users stored in sasldb.
#pwcheck_method: auxprop
#auxprop_plugin: sasldb
#sasldb_path: /var/lib/sasl2/sasl.db
Create the SSL certificate needed for TLS:
mkdir /etc/postfix/ssl cd /etc/postfix/ssl/ openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
... and configure Postfix for TLS:
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'
Next we must configure Dovecot to serve the protocols imap, imaps, pop3, and pop3s. Open
/etc/dovecot.conf and adjust the following values:
vi /etc/dovecot.conf
[...]
protocols = imap imaps pop3 pop3s
[...]
disable_plaintext_auth = no
[...]
pop3_uidl_format = %08Xu%08Xv
[...]
Now we must tell the system to start Dovecot only after ntpd has started because Dovecot isn't very forgiving if your
system's time moves backwards while Dovecot is running (see http://wiki.dovecot.org/TimeMovedBackwards). This
might cause errors like the following in your syslog:
Apr 9 19:29:18 server1 dovecot: Time just moved backwards by 17 seconds. This might
cause a lot of problems, so I'll just kill myself now.
http://wiki.dovecot.org/TimeMovedBackwards
Unfortunately, on Mandriva Dovecot is started before ntpd, so we change it like this:
cd /etc/rc3.d mv S99ntpd S98ntpd cd /etc/rc4.d mv S99ntpd S98ntpd cd /etc/rc5.d mv S99ntpd S98ntpd
Then we create the system startup links for Postfix...
chkconfig postfix on
... and (re)start Postfix, saslauthd, and Dovecot:
/etc/init.d/postfix restart /etc/init.d/saslauthd restart /etc/init.d/dovecot restart
To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25
After you have established the connection to your Postfix mail server type
ehlo localhost
If you see the lines
250-STARTTLS
and
250-AUTH LOGIN PLAIN
everything is fine:
[root@server1 ~]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 server1.example.com ESMTP Postfix (2.7.0) (Mandriva Linux)
ehlo localhost
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@server1 ~]#
Type
quit
to return to the system's shell.
11.1 Maildir
Dovecot uses Maildir format (not mbox), so if you install ISPConfig on the server, please make sure you
enable Maildir under Management -> Server -> Settings -> Email. ISPConfig will then do the necessary
configuration.
If you do not want to install ISPConfig, then you must configure Postfix to deliver emails to a user's Maildir
(you can also do this if you use ISPConfig - it doesn't hurt ;-)):
postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart
12 Apache2 With PHP5, Ruby, And Python
To install Apache2, PHP5, and Ruby, run the following command (in one line):
urpmi apache-mod_suexec apache-mod_ssl apache-mod_php apache-mod_ruby apache-mod_python lib64php5_common5 php-bz2 php-calendar php-ctype php-curl php-devel php-dio php-dom php-eaccelerator php-enchant php-esmtp php-event php-exif php-fam php-ffmpeg php-fileinfo php-filepro php-ftp php-gd php-gettext php-gmp php-iconv php-id3 php-imap php-mailparse php-mbstring php-mcache php-mcrypt php-ming php-mysql php-mysqli php-newt php-odbc php-oggvorbis php-pcntl php-pcre php-pear-Net_IDNA php-posix php-pspell php-readline php-recode php-session php-shmop php-simplexml php-snmp php-soap php-sockets php-sqlite php-ssh2 php-suhosin php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tcpwrap php-tidy php-xml php-xmlrpc php-zip php-ini curl lib64curl4-devel perl-libwww-perl ImageMagick
Create the system startup links for Apache...
chkconfig httpd on
... and start it:
/etc/init.d/httpd restart
12.1 Disable PHP Globally
(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can
run PHP scripts and which one cannot. This can only work if PHP is disabled globally because
otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.
Edit /etc/httpd/modules.d/70_mod_php.conf
and comment out the AddType lines:
vi /etc/httpd/modules.d/70_mod_php.conf
<IfDefine HAVE_PHP5>
<IfModule !mod_php5.c>
LoadModule php5_module extramodules/mod_php5.so
</IfModule>
</IfDefine>
<IfModule mod_mime.c>
# AddType application/x-httpd-php .php
# AddType application/x-httpd-php .phtml
# AddType application/x-httpd-php-source .phps
</IfModule>
<IfModule mod_php5.c>
<IfModule mod_dir.c>
DirectoryIndex index.php index.phtml
</IfModule>
</IfModule>
Edit /etc/httpd/conf/httpd.conf and add the following line to the LoadModule section: vi /etc/httpd/conf/httpd.conf
[...]
LoadModule php5_module extramodules/mod_php5.so
[...]
(Although this line is already in /etc/httpd/modules.d/70_mod_php.conf this is very important because
otherwise the command :
httpd -t
will report errors instead of Syntax OK when the virtual hosts created by ISPConfig contain lines like
php_admin_flag safe_mode On or the like!)
Restart Apache:
/etc/init.d/httpd restart
12.2 Disable Ruby Globally
(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure Ruby on a per-website basis, i.e. you can specify which website can
run Ruby scripts and which one cannot. This can only work if Ruby is disabled globally because
otherwise all websites would be able to run Ruby scripts, no matter what you specify in ISPConfig. vi /etc/httpd/modules.d/20_mod_ruby.conf
Comment out or delete everything in that file except the following lines:
<IfDefine HAVE_RUBY>
<IfModule !mod_ruby.c>
LoadModule ruby_module extramodules/mod_ruby.so
</IfModule>
</IfDefine>
Then restart Apache: /etc/init.d/httpd restart
12.3 Enabling WebDAV Support
Since version 2.2.30 of ISPConfig, you can manage WebDAV through ISPConfig. Of course, this
works only if WebDAV is installed and enabled in Apache. To install WebDAV, we run
urpmi apache-mod_dav
Next we open /etc/httpd/conf/httpd.conf and uncomment the following three lines in the LoadModule
section (make sure you delete the following string at the end of these lines because otherwise Apache
might complain about a syntax error: -> available in the apache-mod_dav package):
vi /etc/httpd/conf/httpd.conf
[...]
LoadModule dav_module modules/mod_dav.so
[...]
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule dav_lock_module modules/mod_dav_lock.so
[...]
Then restart Apache: /etc/init.d/httpd restart
13 Proftpd Install Proftpd like this:
urpmi proftpd
For security reasons you can add the following lines to /etc/proftpd.conf (thanks to
Reinaldo Carvalho; more information can be found here: http://www.proftpd.org/localsite/Userguide/linked/userguide.html):
vi /etc/proftpd.conf
[...]
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."
[...]
Be sure to comment out the following lines at the end of /etc/proftpd.conf in order to allow ftp users to
CHMOD:
[...]
# Bar use of SITE CHMOD by default
#<Limit SITE_CHMOD>
# DenyAll
#</Limit>
Then restart Proftpd:
/etc/init.d/proftpd restart
14 Webalizer Webalizer can be installed as follows:
urpmi webalizer ln -s /usr/bin/awffull /usr/bin/webalizer
15 Install Some Perl Modules Needed By SpamAssassin (Comes With ISPConfig) To install all needed Perl Modules, we can use the appropriate Mandriva packages and install them
using urpmi:
urpmi perl-HTML-Parser perl-Digest-SHA1 perl-DB_File perl-Net-DNS perl-NetAddr-IP perl-Archive-Tar
16 The End The configuration of the server is now finished, and if you wish you can now install ISPConfig on it.
You can find the installation instructions here: http://www.ispconfig.org/manual_installation.htm. A
First-Steps tutorial can be found here: http://www.howtoforge.com/ispconfig-2.x-first-steps
Before you install ISPConfig, there's one important thing you must do. Open /usr/include/stdio.h and
replace getline with parseline in line 651:
vi /usr/include/stdio.h
[...]
This function is not part of POSIX and therefore no official
cancellation point. But due to similarity with an POSIX interface
or due to the implementation it is a cancellation point and
therefore not marked with __THROW. */
extern _IO_ssize_t parseline (char **__restrict __lineptr,
size_t *__restrict __n,
FILE *__restrict __stream) __wur;
#endif
[...]
If you don't do this, the installation will fail because of the following error:
htpasswd.c:101: error: conflicting types for âgetlineâ
/usr/include/stdio.h:651: note: previous declaration of âgetlineâ was here
make[2]: *** [htpasswd.o] Error 1
make[2]: Leaving directory
`/home/administrator/install_ispconfig/compile_aps/apache_1.3.41/src/support'
make[1]: *** [build-support] Error 1
make[1]: Leaving directory `/home/administrator/install_ispconfig/compile_aps/apache_1.3.41'
make: *** [build] Error 2
ERROR: Could not make Apache
You can undo the change to /usr/include/stdio.h after the successful ISPConfig installation (but don't
forget to change it back whenever you want to update ISPConfig!).
17 A Note On SuExec If you want to run CGI scripts under suExec, you should specify /var/www as the web root for websites
created by ISPConfig as Mandriva's suExec is compiled with /var/www as Doc_Root. Run
/usr/sbin/suexec -V
and the output should look like this: [root@server1 ~]# /usr/sbin/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec_log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_SUEXEC_UMASK=077
-D AP_UID_MIN=100
-D AP_USERDIR_SUFFIX="public_html"
[root@server1 ~]#
So if you want to use suExec with ISPconfig, don't change the default web root (which is /var/www) if
you use expert mode during the ISPConfig installation (in standard mode you can't change the web root
anyway so you'll be able to use suExec in any case).
Ref :
http://www.howtoforge.com/howtos/linux/mandriva