The Perfect Server - Fedora 7 - Page 4

8 Quota

(If you have chosen a different partitioning scheme than I did, you must adjust this chapter so that quota applies to the partitions where you need it.)

To install quota, we run this command:

yum install quota

Edit /etc/fstab and add ,usrquota,grpquota to the / partition (/dev/VolGroup00/LogVol00):

vi /etc/fstab

/dev/VolGroup00/LogVol00 /                       ext3    defaults,usrquota,grpquota        1 1
LABEL=/boot             /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0

Then run

touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /
quotacheck -avugm
quotaon -avug

to enable quota.

 

9 Install A Chrooted DNS Server (BIND9)

To install a chrooted BIND9, we do this:

yum install bind-chroot

Next, we change a few permissions and start BIND:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
chkconfig --levels 235 named on
/etc/init.d/named start

BIND will run in a chroot jail under /var/named/chroot/var/named/. I will use ISPConfig to configure BIND (zones, etc.).

 

10 MySQL (5.0)

To install MySQL, we do this:

yum install mysql mysql-devel mysql-server

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:

chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start

Now check that networking is enabled. Run

netstat -tap | grep mysql

It should show something like this:

[root@server1 named]# netstat -tap | grep mysql
tcp        0      0 *:mysql                     *:*                         LISTEN      2388/mysqld
[root@server1 named]#

If it does not, edit /etc/my.cnf and comment out the option skip-networking:

vi /etc/my.cnf

[...]
#skip-networking
[...]

and restart your MySQL server:

/etc/init.d/mysqld restart

Run

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

Share this page:

3 Comment(s)

Add comment

Comments

From: at: 2007-06-21 04:05:45

Until these how-to's start to incorporate SELinux, AppArmour or equivilant technologies they are not perfect.  Just because it is difficult doesn't mean it should be excluded immediately upon start up.  I mean come on, Fedora 7 is far better for SELinux then previous versions, yet still, people churn out these how-tos which immediately disables it.


 


Thanks for the How-Tos, but how 'bout some with SELinux enabled, and the problems that were found.

From: at: 2007-08-22 19:13:01

I've just run this setup with great effect on Fedora Core 6 which came pre-installed with my dedicated server. There were just two small things to note:


Before Step 4 (installing apache):


If you want to install a suPHP with ISPConfig later, you will need to install the apache2 header files otherwise compilation will fail. Run the following:


yum install httpd-devel



Step 6 (disabling the firewall):


The command in fc6 should be:


system-config-securitylevel-tui


I hope this helps somebody!


Neil Hamilton

From: at: 2007-09-04 13:20:06

thank you for your great how-to


that would be nice, if you could add anonymous configuration file for proftpd.cof


and also config, which lets home users to login!