The Perfect Server - OpenSUSE 11 - Page 6

13 Webalizer

To install webalizer, just run

yast2 -i webalizer

 

14 Synchronize the System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yast2 -i xntp

Then add system startup links for ntp and start ntp:

chkconfig --add ntp
/etc/init.d/ntp start

 

15 Install some Perl Modules needed by SpamAssassin (comes with ISPConfig)

Run

yast2 -i perl-HTML-Parser perl-Net-DNS perl-Digest-SHA1

 

16 Disable AppArmor

AppArmor is a security extension of SUSE (similar to Fedora's SELinux) that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only AppArmor was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

We can disable it like this:

/etc/init.d/boot.apparmor stop
chkconfig -d boot.apparmor

 

17 The End

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it, following these instructions: http://www.ispconfig.org/manual_installation.htm

 

17.1 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /srv/www as the web root for websites created by ISPConfig as SUSE's suExec is compiled with /srv/www as Doc_Root. Run

/usr/sbin/suexec2 -V

and the output should look like this:

server1:~ # /usr/sbin/suexec2 -V
 -D AP_DOC_ROOT="/srv/www"
 -D AP_GID_MIN=96
 -D AP_HTTPD_USER="wwwrun"
 -D AP_LOG_EXEC="/var/log/apache2/suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=96
 -D AP_USERDIR_SUFFIX="public_html"
server1:~ #

So if you want to use suExec with ISPconfig, don't change the default web root (which is /srv/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).

 

Share this page:

0 Comment(s)