The Perfect Setup - Mandriva 2006 Free Edition - Page 5

MySQL (4.1)

urpmi MySQL MySQL-client libmysql14-devel

/etc/init.d/mysqld start

Now check that networking is enabled. Run

netstat -tap

It should show a line like this:

tcp        0      0 *:mysql                 *:*                     LISTEN      6621/mysqld

If it does not, edit /etc/sysconfig/mysqld and remove --skip-networking from the Variable MYSQLD_OPTIONS:

# (oe) Remove --skip-networking to enable network access from
# non local clients. Access from localhost will still work.
MYSQLD_OPTIONS=""

# (oe) set TMPDIR and TMP environment variables
TMPDIR="${datadir}/.tmp"
TMP="${TMPDIR}"

and restart your MySQL server:

/etc/init.d/mysqld restart

Run

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

Postfix With SMTP-AUTH And TLS

urpmi cyrus-sasl libsasl2 libsasl2-devel libsasl2-plug-plain libsasl2-plug-anonymous libsasl2-plug-crammd5 libsasl2-plug-digestmd5 libsasl2-plug-gssapi libsasl2-plug-login postfix imap

postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mydomain = example.com'
postconf -e 'myhostname = server1.$mydomain'
postconf -e 'mydestination = /etc/postfix/local-host-names, localhost.example.com'

touch /etc/postfix/local-host-names

Edit /etc/postfix/sasl/smtpd.conf. It should look like this:

# SASL library configuration file for postfix
# all parameters are documented into:
# /usr/share/doc/cyrus-sasl-2.*/options.html

# The mech_list parameters list the sasl mechanisms to use,
# default being all mechs found.
mech_list: plain login

# To authenticate using the separate saslauthd daemon, (e.g. for
# system or ldap users). Also see /etc/sysconfig/saslauthd.
pwcheck_method: saslauthd
saslauthd_path: /var/lib/sasl2/mux

# To authenticate against users stored in sasldb.
#pwcheck_method: auxprop
#auxprop_plugin: sasldb
#sasldb_path: /var/lib/sasl2/sasldb2

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

Now start Postfix, saslauthd, imap and pop3:

chkconfig imap on
chkconfig imaps on
chkconfig ipop3 on
chkconfig pop3s on
/etc/init.d/postfix restart
/etc/init.d/saslauthd restart
/etc/init.d/xinetd restart

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet localhost 25

After you have established the connection to your postfix mail server type

ehlo localhost

If you see the lines

250-STARTTLS

and

250-AUTH

everything is fine.

Type

quit

to return to the system's shell.

Apache2 With PHP5

urpmi apache2-mod_php libphp5_common5 php-bz2 php-calendar php-ctype php-curl php-date_time php-devel php-dio php-dom php-eaccelerator php-enchant php-esmtp php-event php-exif php-fam php-ffmpeg php-fileinfo php-filepro php-ftp php-gd php-gettext php-gmp php-iconv php-id3 php-idn php-imap php-imlib2 php-mailparse php-mbstring php-mcache php-mcrypt php-mhash php-ming php-mysql php-mysqli php-ncurses php-newt php-odbc php-oggvorbis php-pam_auth php-pcntl php-pcre php-pear-Net_IDNA php-posix php-pspell php-readline php-recode php-session php-shmop php-simplexml php-snmp php-soap php-sockets php-sqlite php-ssh2 php-sysvmsg php-sysvsem php-sysvshm php-tclink php-tcpwrap php-tidy php-xml php-xmlrpc php-zip php5-ini curl libcurl3-devel perl-libwww-perl ImageMagick (1 line!)

Whenever you see this:

Missing signature ((no key found) OK)
Do you want to continue installation ? (y/N)

it is safe to answer y.

Now we must disable PHP globally because we want to install ISPConfig later on. In ISPConfig you can enable/disable PHP on a per-site basis. If you do not disable PHP globally now, PHP will always be enabled, no matter what you specify in ISPconfig! If you do not want to install ISPConfig, then you are finished with the Apache/PHP5 installation and configuration now!

Edit /etc/httpd/modules.d/70_mod_php.conf and comment out the AddType lines:

<IfDefine HAVE_PHP5>
<IfModule !mod_php5.c>
LoadModule php5_module extramodules/mod_php5.so
</IfModule>
</IfDefine>

<IfModule mod_php5.c>
PHPINIDir /etc
</IfModule>

<IfModule mod_mime.c>
# AddType application/x-httpd-php .php
# AddType application/x-httpd-php .php3
# AddType application/x-httpd-php .php4
# AddType application/x-httpd-php .php5
# AddType application/x-httpd-php .phtml
# AddType application/x-httpd-php-source .phps
</IfModule>

<IfModule mod_php5.c>
<IfModule mod_dir.c>
DirectoryIndex index.php index.phtml index.php3 index.php4 index.php5
</IfModule>
</IfModule>

Edit /etc/httpd/conf/mime.types and comment out the following lines:

#application/x-perl             perl pl
#application/x-php php php3 php4

Edit /etc/httpd/conf/httpd.conf and add the following line to the LoadModule section:

LoadModule php5_module    extramodules/mod_php5.so

(Although this line is already in /etc/httpd/modules.d/70_mod_php.conf this is very important because otherwise the command httpd -t will report errors instead of Syntax OK when the virtual hosts created by ISPConfig contain lines like php_admin_flag safe_mode On or the like!)

(Note: If you are going to install ISPConfig 2.1.1 or earlier, you might also want to put

<Directory /var/www/sharedip>
Options +Includes -Indexes
AllowOverride None
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<Files ~ "^\.ht">
Deny from all
</Files>
</Directory>

at the end of /etc/httpd/conf/httpd.conf now although it is not necessary.)

Restart Apache:

/etc/init.d/httpd restart

Share this page:

3 Comment(s)