The Perfect Setup - CentOS 4.3 (64-bit) - Page 2

On to the network settings. The default setting here is to configure the network interfaces with DHCP, but we are installing a server, so static IP addresses are not a bad idea... Click on the Edit button at the top right. In the window that pops up uncheck Configure using DHCP and give your network card a static IP address (in this tutorial I'm using the IP address 192.168.0.100 for demonstration purposes):

Set the hostname manually, e.g. server1.example.com, and enter a gateway (e.g. 192.168.0.1) and up to three DNS servers (e.g. 145.253.2.75, 193.174.32.18, and 194.25.0.60):

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default CentOS firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the CentOS firewall).

SELinux is a security extension of CentOS that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

Click on Proceed:

Select the default language for the system and add further languages, if necessary:

Choose your time zone:

Give root a password:

Now we are to select the package groups we want to install. Select Editors, Text Based Internet, Server Configuration Tools, Web Server, Mail Server, DNS Name Server, FTP Server, MySQL Database, Development Tools, Administration Tools and System Tools and click on Next:

The installer tells you which CDs it will need to install the selected packages:

The installation begins. This will take a few minutes:

Finally, the installation is complete, and you can remove your CD from the computer and reboot it:


Now, on to the configuration...

Share this page:

9 Comment(s)

Add comment

Comments

From: andalucia at: 2006-09-07 13:37:18

Free SSH (ssh/sftp) Client for windows users from ssh.com 

ftp://ftp.ssh.com/pub/ssh/SSHSecureShellClient-3.2.9.exe

not for commercial or corporate use.
Thank You

 

From: putra koreng at: 2009-01-01 07:28:10

thanks, this is so Help for me

From: Anonymous at: 2006-06-26 09:40:28

Everything worked fine for me on Centos 4.3 (32bit) but I had to add the lines:

ssl_cert_file = /etc/postfix/ssl/smtpd.crt
ssl_key_file = /etc/postfix/ssl/smtpd.key

to /etc/dovecot.conf to stop the warning

fetchmail: Server CommonName mismatch: localhost.localdomain != xxxxx.com

when fetching POP mail using fetchmail

Thanks for the excellent howto!

Steve 

  

 

 

From: Anonymous at: 2006-04-12 04:20:18

Excellent.... Ive been waiting for a guide like this for a while. When ever i install a new system, almost never does a person give me all the steps in one guide... until now ;). Believe me it sucks to have to download the linux offline system command webpages (all 300 of em) via bittorent. This is a eye opener indeed.

From: Anonymous at: 2006-08-22 07:20:29

very nice! I was trying to do something just like this with a plain centos server build (did the text install, not GUI) and this worked out great. I was struggling trying to get my ssl working on apache when I stumbled into this... great work! ( I did not see it install the php-xml package though, and my ssl is acting screwy, saying I have an identical certificate already on file... but I will figure it out...)

From: Anonymous at: 2006-06-21 22:15:48

Just wanted to mention, for some of the last steps,

 yum install gcc

is required to rebuild zlib 

and that if  you are planning on installing ispconfig,

yum install flex

will be required to avoid the PHP errors. 

From: so_ at: 2006-09-11 22:14:16

Rebuilding zlib is not required.  The author has failed to understand the Redhat/Centos versioning and how security fixes to packages such as zlib are backported.

http://www.redhat.com/advice/speaks_backport.html 

 

The security problems that the zlib upgrade are designed to solve, were already patched long ago and continue to be patched as security requires.

  • REDHAT:RHSA-2006:0101
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0101.html
  • REDHAT:RHSA-2006:0144
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0144.html
  • REDHAT:RHSA-2006:0190
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0190.html
  • REDHAT:RHSA-2006:0191
  • URL:http://www.redhat.com/support/errata/RHSA-2006-0191.html
  • From: so_ at: 2006-09-11 22:18:56

    Those previous URLs are the kernel fixes due to zlib problems.  Here is the advisory for the zlib package itself.

    http://www.redhat.com/support/errata/RHSA-2005-569.html
    http://rhn.redhat.com/errata/RHSA-2005-584.html 

    From: at: 2006-11-05 10:11:38

    Edit the compile file and add --disable-zlib-vcheck

     

    vi  install_ispconfig/compile_aps/compile

     

    Such as: 

    cd ${CLAMAV}
    ./configure --prefix=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav --sysconfdir=/home/adm${APPLICATION_NAME}/${APPLICATION_NAME}/tools/clamav/etc --with-user=adm${APPLICATION_NAME} --with-group=adm${APPLICATION_NAME} --disable-clamav --disable-zlib-vcheck --disable-bzip2 || error "Could not configure ClamAV"