The Perfect Server - OpenSUSE 11.1 - Page 6

13 Webalizer

To install webalizer, just run

yast2 -i webalizer


14 Synchronize the System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yast2 -i xntp

Then add system startup links for ntp and start ntp:

chkconfig --add ntp
/etc/init.d/ntp start


15 Install some Perl Modules needed by SpamAssassin (comes with ISPConfig)


yast2 -i perl-HTML-Parser perl-Net-DNS perl-Digest-SHA1


16 Disable AppArmor

AppArmor is a security extension of SUSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor


17 The End

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it, following these instructions:

Make sure you check out the ISPConfig 2.x - First Steps guide after the installations. One absolutely necessary step to make PHP work with ISPConfig on OpenSUSE is described in chapter 2.4.3 of that guide:

Open /home/admispconfig/ispconfig/lib/

vi /home/admispconfig/ispconfig/lib/

... and change $go_info["server"]["apache2_php"] to addhandler:

$go_info["server"]["apache2_php"] = 'addhandler';


17.1 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /srv/www as the web root for websites created by ISPConfig as SUSE's suExec is compiled with /srv/www as Doc_Root. Run

/usr/sbin/suexec2 -V

and the output should look like this:

server1:~ # /usr/sbin/suexec2 -V
 -D AP_DOC_ROOT="/srv/www"
 -D AP_HTTPD_USER="wwwrun"
 -D AP_LOG_EXEC="/var/log/apache2/suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_USERDIR_SUFFIX="public_html"
server1:~ #

So if you want to use suExec with ISPconfig, don't change the default web root (which is /srv/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).


Share this page:

4 Comment(s)

Add comment


From: Anonymous

Compiling proftpd by hand opens a whole can of worms - you're putting the burden of updating one critical piece of software to manual.

 An extremely poor idea - you should use vsftpd or pure-ftpd on SuSE as they are both supported by the base repository update system.

From: Andrew

This is a horribly insecure setup. Really - read a book. "I don't need AppArmor".. ugh

From: Anonymous

This was horribly rude. Really - learn some manners...

From: Anonymous

That wasn't rude at all.. it's the truth. This is a public howto and many people will blindly trust it.