The Perfect Setup - SuSE 10.1 (32-bit) - Page 7

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Submitted by falko (Contact Author) (Forums) on Mon, 2006-05-22 15:01. ::

11 Webalizer

To install webalizer, just run

yast2 -i webalizer


12 Synchronize the System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yast2 -i xntp

Add an NTP server with YaST:

yast2

Select Network Services -> NTP Client:

Then select Automatically Start NTP Daemon During Boot. Under NTP Server Configuration enable Use Random Servers from pool.ntp.org. Then select Finish, Quit.


13 Install some Perl Modules needed by SpamAssassin (comes with ISPConfig)

Run

yast2 -i perl-HTML-Parser perl-Net-DNS perl-Digest-SHA1


14 Disable AppArmor

AppArmor is a security extension of SuSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor


15 ISPConfig

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it. Please check out the ISPConfig installation: http://www.ispconfig.org/manual_installation.htm


15.1 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /srv/www as the home directory for websites created by ISPConfig as SUSE 10.1's suExec is compiled with /srv/www as Doc_Root. Run /usr/sbin/suexec2 -V, and the output should look like this:

/usr/sbin/suexec2 -V

To select /srv/www as the home directory for websites during the installation of ISPConfig do the following: When you are asked for the installation mode, select the expert mode.

Later during the installation you are asked if the default directory /home/www should be the directory where ISPConfig will create websites in. Answer n and enter /srv/www as the home directory for websites.


16 Links

up

Copyright © 2006 Falko Timme
All Rights Reserved.
add comment | view as pdf view as pdf | print: this | all page(s) |
Please do not use the comment function to ask for help! If you need help, please use our forum.
Comments will be published after administrator approval.
Unneeded command
Submitted by Anonymous (not registered) on Sun, 2006-06-11 21:03.
BTW: you don't need to run `yast2 -i xntp` because yast2-ntp-client always checks whether the needed package xntp is installed and offers to install it when it is not.

You can also run the YaST ntp-client directly by entering `yast2 ntp-client` command.

reply | view as pdf view as pdf
Disable AppArmor??
Submitted by Anonymous (not registered) on Fri, 2006-06-09 19:44.

In your howto, you recommend to disable AppArmor because it has caused more harm than good to you. I can't agree with that - AppArmor is the main reason why I consider SUSE 10.1 the best Linux for servers!

Maybe you should simply read the AppArmor manual (comes as PDF, about 100 pages) and update the profiles as needed. You can also do this using YaST.

Checking /var/log/audit/audit.log is also a good idea if something failes with "permission denied" ;-)

Yes, AppArmor configuration can cause some work - as always: security has its price!

reply | view as pdf view as pdf
Sponsored Links: Unified Communications: Thoughts, Strategies and Predictions
Join the discussion.
www.seamlessenterprise.com

IP Convergence
Integrate your wireless and wireline networks.
Learn how from the experts at Sprint.
www.seamlessenterprise.com

Wireless & Wireline Integration
Thoughts, strategies and solutions: join the discussion
www.seamlessenterprise.com

Unified Communications 2009
Join the Discussion. Now.
www.seamlessenterprise.com