Comments on The Perfect Setup - Debian Sarge (3.1)

In addition to your howto very nice, but why use apache2 from debdot and not the debian mirrors.

Debian Sarge 3.1 ( testing ) includes apache2

Same for the? ? install HTML::Parser? ( apt-get install libhtml-parser-perl )?
and the others..

i'm getting dependency errors for postfix-tls.
postfix-tls: Depends: postfix (= 2.1.5-9)

However, I have postfix 2.2.3-2

Because Postfix 2.2.x includes TLS support and you don't need postifix-tls package.

Experts,

Please pardon my ignorance. But what is an ISP Server (ISPConfig)?

I am trying to setup a linux server (Debian) at my home so that i can host web-pages (web-site), mail server, etc.

So Do I need to setup according to ISP server docs.?

please help me out!.

thanks

It's a server for hosting web sites, handling email, FTP, ...

Seems to be what you're looking for. :-)

Very nice guide! thanks

I use this

http://t3.woodel.com/my-linux-how-to/debian_howto_start_to_finish_using_webmin.pdf 

Nice article. A few things:

1. You need to fix some permissions. Root is world readable by default, so are users home dirs.
2. (also mentioned above) Why the packages from debdot?
3. I don't think Sarge comes with SSH installed by default
4. ProFTPD? Euck. vsftpd is safer for (the most) cases which don't need the extra functionality.
5. Your postfix config is a little lax on hostnames (do they exist, etc)

AFAIK, vsftpd lets you create only one anonymous account per server instead of one per IP address (as ProFTPd does). That's a little drawback.

IMHO ntpdate from ntp package is better than rdate for time sync...

I recommend rewriting this article to address the issues other users have commented on.? You should also make a plaintext authenticated smarthost example for properly relaying mail to an isps server.? I know a lot of people, including myself, that have found it exhasting to find a howto as good as yours, but it lacks that crucial part in which I need.? Thank you.

"In order to install Postfix with SMTP-AUTH and TLS as well as a POP3 server that also does POP3s (port 995) and an IMAP server that is also capable of IMAPs (port 993) do the following steps:

apt-get install postfix postfix-tls sasl-bin libsasl-modules-plain libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl"

When I'm doing this I get:

# apt-get install postfix postfix-tls sasl-bin libsasl-modules-plain libsasl2 sasl2-bin libsasl2-modules ipopd-ssl uw-imapd-ssl
Reading Package Lists... Done
Building Dependency Tree... Done
E: Couldn't find package sasl-bin

Any ideas anyone

Maybe the package names have changed due to the upcoming final release of Debian Sarge.

Run

apt-cache search sasl

to find all packages related to SASL, and install them.

with sarge 3.1, you have to apt-get install sasl2-bin greetings lasseboo

There's no need for creating a dev/log socket in the bind9 chroot environment and modifying sysklogd to listen on that too.

bind9 opens /dev/log (the one outside the chroot) before calling chroot(2) => Logging still works over that socket from the chroot environement.
See http://cryptio.net/~ferlatte/blog/2004/10/01/#syslog_and_chroot for more info.

That site also has a nice chroot implementation for bind9 on debian: http://cryptio.net/~ferlatte/blog/config/

I have added the line in /ect/apt/sources.list. But i cant install apt-get install libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick I get this error : mainframe:/etc/postfix/ssl# apt-get install libapache2-mod-php4 libapache2-mod-perl2 php4 php4-cli php4-common php4-curl php4-dev php4-domxml php4-gd php4-imap php4-ldap php4-mcal php4-mhash php4-mysql php4-odbc php4-pear php4-xslt curl libwww-perl imagemagick Reading Package Lists... Done Building Dependency Tree... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libapache2-mod-php4: Depends: php4-common (= 4:4.3.10-13) but 4:4.3.11-0.dotdeb.0 is to be installed php4-imap: Depends: libc-client-ssl2001 but it is not installable E: Broken packages mainframe:/etc/postfix/ssl# What do i need to do?

Remove the dotdeb line from /etc/apt/sources.list, run "apt-get update" and try installing again.

Falko

I am new to this whole thing, but I followed this tutorial to set up a server, and the installation of ISPConfig was doing just fine until the very end when it checks to see if all the packages are installed. I get the following error -- can anyone help? "ERROR: The syntax of your httpd.conf is not ok! Please correct the error. The installation routine stops here!" If anyone can help, I'd very much appreciate it. Much obliged.

Great, great, great how-to. For non-guru Debian users, a lot more how-to's like this are needed and welcome. I'm guessing and hoping now that Sarge is in stable, we're going to see a lot more of these how-to's.

I'm going to give this how-to a shot, and if it works well, I'll be sending the author a token of my appreciation. I have apache running, but gave up on bind and a mail server.

All I need now is a how-to this simple that shows how to configure OpenLDAP. Yast was a great gui tool for configuring servers and by copying the original config files prior to altering them with Yast, then comparing the original with the Yast modified config files, one could learn exactly how to configure servers manually. Too bad that a fully functioning Yast isn't yet available on Debian, although I'm aware of efforts on porting Yast to Debian now that it has been GPL'd. If the author or someone else could make configuring OpenLDAP as easy as this how-to, then life would really be complete.

Question: If Exim exists on an apache server, but is used only for internal mail delivery (notices, error messages to root, etc.), and then Postfix is installed and Exim removed, will the error messages and notices and other internal mail continue to be delivered? I seem to remember a few years back when I removed the default mail server (possibly Exim) and installed Postfix in its place, I remember it fouling up local mail deliver (error messages, notices, cron messages, etc.). Is there any precautions to take when removing the existing mail server to replace it with Postfix?

? ? Good idea to create something like this for the average user.

? It should be noted however that ISPConfig 2.0.7 does not correctly identify the Etch testing branch (Etch is the testing and unstable branches after Sarge stable was released).

Obviously the issues of quota formats 1 and 2 were sidestepped, that can be tricky (depends mostly on your kernel version).... And the issue of XFS and quotas.

WARNING: If XFS is the filesystem you enable quotas for, the above simply will not work in sarge-3.1 with a 2.6.n kernel. Although I still have no idea what does work, I am still researching this issue.

Also be forewarned, if you are using NIS authentication, you will have to manually edit /etc/passwd and /etc/group because ISPConfig does not handle this properly.

While ISPConfig has the potential to be a decent remote management tool, it suffers horribly from mangling Bind9 zone files. MAKE SURE you run named-checkconf and named-checkzone BEFORE using its Bind configuration, as the zone files are horribly mangled (who puts blank lines in their zone files? Bind and its documentation strictly forbid it).

When doing apt-get for this part I get the following error, any idea?

Setting up ipopd (2002edebian1-11) ...
/var/lib/dpkg/info/ipopd.postinst: line 75: /dev/stderr: Permission denied
dpkg: error processing ipopd (--configure):
subprocess post-installation script returned error exit status 1
dpkg: dependency problems prevent configuration of ipopd-ssl:
ipopd-ssl depends on ipopd (>= 4:2002.rc7debian); however:
Package ipopd is not configured yet.
dpkg: error processing ipopd-ssl (--configure):
dependency problems - leaving unconfigured
Errors were encountered while processing:
ipopd
ipopd-ssl
E: Sub-process /usr/bin/dpkg returned an error code (1)

Thank you

Changing the /dev/stderr in line 75 of /dev/stderr to &2

fixed the problem.

Hope it might help anyone else.

My first time and succes... Thank you , thank you, thank you.....god work

Hi!

My name is Andrew. I have? lived? in Hungary and I want to tell you that many people using Debian Linux in Hungary. I am working at a bank as IT system programmers.

I have never seen such an egzakt and good tutorial as yours. Thank you for helping and congratulations !

hello all

I have a problem
when i running mysql is writer error: can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)'

chack that mysqld is running and that the socket: '/var/run/mysqld/mysqld.sock' exists!

how can I affixed this?

don

I had the same problem a few days ago after crashing an Alternc installation. The solution is to check your logs under /var/log/syslog to see that there is no write access to temp folder /tmp. Just do a "chmod 777 /tmp" and restart mysql "/etc/init.d/mysql restart".

But with such kind of an error i guess you have a big trouble on your server, think for a complete reinstallation...

I am following your tutorial exactly except instead of using test server1 just using the suggested defaults.

When I try to edit the /etc/network/interfaces I get a response of permission denied. Any help is appreciated.

Thanks,

David

Are you shure you are logged in as root? The root user is able to edit every file.

Yes I am positive we are logged in as root.? when running command whoami it comes back with root.? We have our own domain name registered and hosted with another hosting service and just want to put our company website on this machine here at the office to learn.

You need to edit the file.

say something like

vi /etc/network/interfaces

Going to reload debiun again. Also am using the tutorial from http://www.aboutdebian.com/linux.htm? with yours and seems things both ways are acting up. I like this layout better however if you could email me or message me if you have jabber, icq or any messanger program or just email [email protected] this would be great. Myself and my wife "secretary" does everything is trying with me to learn this and get certified since I am really beginning to hate microsofts greed. Trust us we are microsoft partners but with no linux as an alternative it is hurting our business.

Please use the forums to get this solved:

https://www.howtoforge.com/forums

You are editing the file as a standard user. You need to be user root. Try to run the command su and then your command.

Thank you for your help so far.

Here is the exact message after typing in /etc/network/interfaces

-bash: /etc/netwok/interfaces: Permission denied

replace to root:

su -

pass

don

Noticed there's no firewall setup in this tutorial. You should have included an iptables setup, otherwise the server will be wide open to attack.

Thats not correct. The Howto prepares the system for the installation of ISPConfig and ISPConfig comes with the Bastille Firewall scripts that do the IPTables setup for you.

AFAIK, default Debian behaviour is to also install recommended packages after (apt-get install ...). Is it necessary to also install these packages, or the ones that were mentioned here are enough?

The reason why I'm asking is because I am trying to make na minimum install of Debian 3.1

No, Debian doesn't install recommended packages by default, only necessary packages. So if you want to have a minimum installation, don't install the recommended packages.

Here is a "production" server debian on a P1 -133 MHz-

full ram 188 mb, dhcp, dns, apache, ftp, nis ...

but not realy optimized for minimal packages.

~#df -h
Filesystem Size Used Avail Use% Mounted on
/dev/hda1 897M 658M 192M 78% /
tmpfs 94M 0 94M 0% /dev/shm

~#uptime
04:30:51 up 45 days, 9:12, 1 user, load average: 0.00, 0.00, 0.00

btw install "localepurge" for free disk(s).

Nice HowTo. Thanks

No, per default debian (sarge) does not install recommended packages. Only the must-dependecies are installed per default. For a minimum install, you could try download the netinst-cd-image from www.debian.org Greez, Tino

Harddisks are written to from outside to the inside, that is why they are faster on the first sectors than they are on the last sectors (~30%).

So I always put my swap partitions at the start of the harddisks (if I have multiple disks one swap partition at the start of each).

Nagium.

I have installed Debian Sarge 3.1 per this howto. I want to use Frontpage Extensions on my ISPConfig server. I see that ISPConfig only supports Frontpage with Apache 1.3. This howto uses Apache2. I was able to install Frontpage on the system for Apache2, but I don't know if ISPConfig will be able to use the extensions.

Should not be:

Thanks for the tutorial. I installed ispconfig after. Everthing went perfect.

Don't put a general purpose Web server in one big partition! Consider disaster recovery. If you get rooted, you might want to replace root and /usr but leave /var. To avoid getting rooted, you might want to mount noexec any directory Apache can write in. Make a partition for /tmp, /var/tmp, Squirrel Mail's data, Mambo's data, /var/log/apache, etc.

Over time your users will install badly written PHP applications and they will get exploited by worms and skript kiddies. The exploits will write spam-mailers and attack programs in /tmp but they won't run. It won't stop a determined attacker, but the kiddies will move on to lower-hanging fruit.

My first debian server setup and all went fantastically well.

Thank you

sorry for a stupid question, but whats the adress to the mail servers after this install?

thx for the guide

tomas

they have a newer release of this download, and the link up there no longer works, here's an updated link http://ftp.de.debian.org/debian-cd/3.1_r2/i386/iso-cd/debian-31r2-i386-netinst.iso .... im currently downloading it and following this guide, thank you

http://ftp.de.debian.org/debian-cd/3.1_r3/i386/iso-cd/debian-31r3-i386-netinst.iso

thanx