The Perfect Server - Ubuntu Karmic Koala (Ubuntu 9.10) [ISPConfig 2] - Page 7

19 Webalizer

To install webalizer, just run

aptitude install webalizer

 

20 Synchronize the System Clock

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the internet. Simply run

aptitude install ntp ntpdate

and your system time will always be in sync.

 

21 Install Some Perl Modules Needed By SpamAssassin (Comes With ISPConfig)

Run

aptitude install libhtml-parser-perl libdb-file-lock-perl libnet-dns-perl

 

22 ISPConfig

The configuration of the server is now finished, and if you wish you can now install ISPConfig on it. Please check out the ISPConfig installation manual: http://www.ispconfig.org/manual_installation.htm

Before you install ISPConfig, there's one important thing you must do. Open /usr/include/stdio.h and replace getline with parseline in line 651:

vi /usr/include/stdio.h

[...]
   This function is not part of POSIX and therefore no official
   cancellation point.  But due to similarity with an POSIX interface
   or due to the implementation it is a cancellation point and
   therefore not marked with __THROW.  */
extern _IO_ssize_t parseline (char **__restrict __lineptr,
                            size_t *__restrict __n,
                            FILE *__restrict __stream) __wur;
#endif
[...]

If you don't do this, the installation will fail because of the following error:

htpasswd.c:101: error: conflicting types for 'getline'
/usr/include/stdio.h:651: note: previous declaration of 'getline' was here
make[2]: *** [htpasswd.o] Error 1
make[2]: Leaving directory `/home/ISPConfig-2.2.stable/install_ispconfig/compile_aps/apache_1.3.41/src/support'
make[1]: *** [build-support] Error 1
make[1]: Leaving directory `/home/ISPConfig-2.2.stable/install_ispconfig/compile_aps/apache_1.3.41'
make: *** [build] Error 2
ERROR: Could not make Apache

You can undo the change to /usr/include/stdio.h after the successful ISPConfig installation (but don't forget to change it back whenever you want to update ISPConfig!).

 

22.1 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /var/www as the home directory for websites created by ISPConfig as Ubuntu's suExec is compiled with /var/www as Doc_Root. Run

/usr/lib/apache2/suexec -V

and the output should look like this:

root@server1:~# /usr/lib/apache2/suexec -V
 -D AP_DOC_ROOT="/var/www"
 -D AP_GID_MIN=100
 -D AP_HTTPD_USER="www-data"
 -D AP_LOG_EXEC="/var/log/apache2/suexec.log"
 -D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
 -D AP_UID_MIN=100
 -D AP_USERDIR_SUFFIX="public_html"
root@server1:~#

So if you want to use suExec with ISPconfig, don't change the default web root (which is /var/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).

 

23 Links

Share this page:

15 Comment(s)

Add comment

Comments

From: the_guv at: 2009-11-25 14:35:44
From: QSC at: 2009-12-24 00:38:20

I couldn't agree more. The latest release of Ubuntu (9.10) has been a tremendous disappointment, haven't spent this much time fixing a distro since Gentoo or CRUX. 

From: the_guv at: 2009-11-18 18:50:36

cos for an Ubuntu server edition, never install anything other than a LTS edition ..

.. so the best choice of Ubuntu server to date would be Hardy Heron 8.04.

Just my tuppency ha'penny :)

(Oh, and Nginx is way more perfect than Apache for most of us too)

From: Anonymous at: 2009-11-08 16:35:38

Karmic Koala aka 9.10 is worst ever release of UBUNTU ever.

Every package has some problem or the other.  Ridiculous!  The users (first adopters) are serving as the unit testers.

Bugs are crawling all over the place.

From: anatoly pugachev at: 2010-01-18 14:43:47

Well, I suggest not to use ubuntu on servers, and my point of view is explained on my kerneltrap note , really better to use Centos or Fedora.

From: ree at: 2009-12-30 13:35:53

hi,

Jamie S. is right. Do not do it. And one thing more: I prefer 8.x LTS over 9.10

regards

From: Anonymous at: 2010-03-09 18:51:40

You did everything, byut you should really explain on how to install and configure IspConfig...

All that you did is that you linked to their official documentation, and their official documentation is linking bacck to this tutorial and now I am lost... I did everything but i cannot install ispconfig... since there isn't a documentation on how to do it... 

From: Jamie Strandboge at: 2009-12-28 15:43:35

I noticed that this tutorial recommends to disable all of AppArmor. Unless you have a very specific need to do so, this is not recommended. The apparmor profiles shipped in Ubuntu are designed to work with the default installation. If a particular profile is causing you trouble, please disable the profile or put it in complain mode, and leave the other profiles that are not causing problems to do their jobs. Better yet, file a bug. :) See my blog entry athttp://penguindroppings.wordpress.com/2009/07/07/should-i-disable-apparmor/ for details.

From: Vladimir Stanojevic at: 2010-02-25 11:57:42

Out of words of praise for the author!!!

From: at: 2010-04-28 13:39:51

From https://help.ubuntu.com/community/AppArmor

Disable AppArmor framework

Systems should not generally need to have AppArmor disabled entirely. It is highly recommended that users leave AppArmor enabled and put the problematic profile into complain mode (see above), then file a bug using the procedures found in https://wiki.ubuntu.com/DebuggingApparmor. If AppArmor must be disabled (eg to use SELinux instead), users can:

sudo invoke-rc.d apparmor kill
sudo update-rc.d -f apparmor remove

On Ubuntu 8.04 (Hardy), Ubuntu 8.10 (Intrepid) and Ubuntu 9.04 (Jaunty):

sudo invoke-rc.d apparmor stop
sudo update-rc.d -f apparmor remove

Using kill with Ubuntu 8.10 or later gives the following error:

Killing AppArmor module - failed, AppArmor is builtin: Failed.

On Ubuntu 9.10 and later, you can either:

  • adjust your kernel boot command line (see /boot/grub/menul.lst for Grub or /boot/grub/grub.cfg for Grub 2) to include either

  • * 'apparmor=0'
  • * 'security=XXX' where XXX can be "" to disable AppArmor or an alternative LSM name, eg. 'security="selinux"'

  • remove the apparmor package with your package manager. Do not 'purge' apparmor if you think you might want to reenable AppArmor at a later date

From: at: 2009-12-08 07:17:34

Hi,

I found out after chrooting the bind9, the status cannot be checked.

 i.e.:

root@ns1:/etc/bind# /etc/init.d/bind9 status
 * could not access PID file for bind9

i resolved this by editing the /etc/init.d/bind9

i changed #PIDFILE=/var/run/named/named.pid to
PIDFILE=/var/lib/named/var/run/named/named.pid

Where your pid file is, you may find by doing : find / -name named.pid

When found, it will show you the exact path. (To find it, bind must be running)

Good luck.

From: yuqi at: 2010-08-26 03:09:02

root@server:/etc/bind# /etc/init.d/bind9 restart
 * Stopping domain name service... bind9                                                                                                                                         rndc: connect failed: 127.0.0.1#953: connection refused
[: 131: 2652: unexpected operator
                                                                                                                                                                          [ OK ]
 * Starting domain name service... bind9                                                                                                                                  [ OK ]
root@server:/etc/bind#
root@server:/etc/bind# /etc/init.d/bind9 status
 * bind9 is running
root@server:/etc/bind#

how i fix it

thanks

From: Dwain Blazej at: 2010-01-20 02:49:49

If you're getting this error:

 rndc: connect failed: 127.0.0.1#953: connection refused

re-run the command:

 chown -R bind:bind /var/lib/named/etc/bind

 

While editing the config files, you may have accidentally made the config files unreadable by the "bind" user.

From: Kevin at: 2010-04-01 12:30:32

I have had great success in the past following the perfect server guides for Ubuntu. This time however it has been over a week of going through the steps over and over again with no luck. Maybe it is because I am setting it up on Ubuntu desktop instead of Ubuntu server, I don't know. What I do know now is this:



1. In step 10 after disabling Apparmor you need to edit the file /etc/apparmor/initramfs or it will keep trying to start up Apparmor. Comment out these lines:


set -e

. /etc/apparmor/functions

mount -n -t securityfs none "${SECURITYFS}"
load_configured_profiles_without_caching


REF: http://www.howtoforge.com/forums/showthread.php?t=40889



2. In step 12 when installing Journaled Quota It kept giving me this error:


quotacheck: Scanning /dev/??? [/] quotacheck: lstat Cannot stat `//home/?????/.gvfs': Permission denied
Guess you'd better run fsck first !
exiting...


It made it so I could not install quota properly which meant ispconfig also wouldnt install. If I rebooted I was in a world of hurt. Answer was not easy to find either cause others in the forum just ignored it like it was silly or something. Thank goodness for Melask:


Just log off from your graphical environment and switch to e.g. tty1 window with the ctrl+alt+F1 keys. Run all the commands there (after u login ofc) and u are ok.

Switch back to kde/gnome with ctrl+alt+F7


REF: http://howtoforge.org/forums/showthread.php?p=218258



3. If you want to use Apparmor you will probably have troubles with Bind9. The fix for that is here:


REF: http://ubuntuforums.org/showthread.php?p=4636681


Now because of this great guide and a couple of fixes here and there I am running this perfect server on an Acer laptop with Ubuntu Netbook Remix.....don't laugh....i have to find something to do.

From: Christian at: 2009-11-24 09:41:59

please, don't suggest ntpdate... upstream developers are making it obsolete. :)