The Perfect Setup - SUSE 9.2 - Page 4

2 Installing And Configuring The Rest Of The System

Configure Additional IP Addresses

If you want to add more IP addresses to your system, simply run

yast2

The YaST Control Center will pop up. Go to Network Devices -> Network Card. The next steps are the same as during the network setup in the installation.

Setting The Hostname

echo server1.example.com > /etc/hostname
/bin/hostname -F /etc/hostname

Install apt For SUSE

apt is the packaging system used on Debian. Since it cares much better for package dependencies than rpm it would be nice if we could use it on our new SUSE system. This would save us a lot of hassle. Fortunately, apt has been ported to a lot of rpm based distributions, and is also available for SUSE 9.2 (you will love it... :-)).

rpm -ivh ftp://ftp.gwdg.de/pub/linux/suse/apt/SuSE/9.2-i386/RPMS.suser-rbos/\
apt-libs-0.5.15cnc6-rb.suse092.6.i586.rpm
rpm -ivh ftp://ftp.gwdg.de/pub/linux/suse/apt/SuSE/9.2-i386/RPMS.suser-rbos/\
apt-0.5.15cnc6-rb.suse092.6.i586.rpm

Edit /etc/apt/sources.list. It should contain the following line:

rpm ftp://ftp.gwdg.de/pub/linux/suse/apt/ SuSE/9.2-i386 base update security

Run

apt-get update

Install Some Software And Deactivate SUSE's Firewall

apt-get install findutils-locate lynx ncftp compat-readline4 gcc glibc-devel flex db-devel rsync

/etc/init.d/SuSEfirewall2_setup stop
chkconfig --del SuSEfirewall2_final
chkconfig --del SuSEfirewall2_setup
chkconfig --del SuSEfirewall2_init


Quota

apt-get install quota

Edit /etc/fstab to look like this (I added ,usrquota,grpquota to partition /dev/sda2 (mount point /; your device name might be /dev/hda2 or similar)):

/dev/sda2         /                    reiserfs   acl,user_xattr,usrquota,grpquota        1 1
/dev/sda1 swap swap pri=42 0 0
devpts /dev/pts devpts mode=0620,gid=5 0 0
proc /proc proc defaults 0 0
usbfs /proc/bus/usb usbfs noauto 0 0
sysfs /sys sysfs noauto 0 0
/dev/cdrecorder /media/cdrecorder subfs fs=cdfss,ro,procuid,nosuid,nodev,exec,iocharset=utf8 0 0
/dev/fd0 /media/floppy subfs fs=floppyfss,procuid,nodev,nosuid,sync 0 0

Then run:

touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /
quotacheck -avugm

quotaon -avug


DNS-Server

apt-get install bind bind-chrootenv bind-devel bind-utils

chkconfig --add named
/etc/init.d/named start

Bind will run in a chroot jail under /var/lib/named.

MySQL

apt-get install mysql mysql-client mysql-shared mysql-devel perl-DBD-mysql perl-DBI perl-Data-ShowTable

chkconfig --add mysql
/etc/init.d/mysql start

Now check that networking is enabled. Run

netstat -tap

It should show a line like this:

tcp        0      0 *:mysql                 *:*                     LISTEN      6621/mysqld

If it does not, edit /etc/my.cnf, comment out the option skip-networking:

# Don't listen on a TCP/IP port at all. This can be a security enhancement,
# if all processes that need to connect to mysqld run on the same host.
# All interaction with mysqld must be made via Unix sockets or named pipes.
# Note that using this option without enabling named pipes on Windows
# (via the "enable-named-pipe" option) will render mysqld useless!
#
#skip-networking

and restart your MySQL server:

/etc/init.d/mysql restart

Run

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

Share this page:

19 Comment(s)

Add comment

Comments

From: at: 2005-04-07 07:00:58

Please, why not use the crontab command instead of manually editing the file and restarting the cron daemon?

Otherwise, nice HowTo.

WK

--

http://vienna.spiney.org

From: at: 2005-04-07 09:04:39

There are always multiple ways to achieve a goal. In the end it's a matter of your personal preference. You can certainly use the crontab command, but you can also edit the file manually. Both works.

Felipe

From: at: 2005-04-08 06:11:24

but when writing some step-by-step instructions, which are probably mostly read by people not knowing the interiors, it would be reasonable to use the most easy and least complicated tool to accomplish a task.

And crontab is better since you don't need to restart crond and it does a basic syntax check on the lines of the crontab file.

But it's really just a minor nitpick.

OTOH, you wouldn't really like to read

'...and then install a new MBR by writing the right (for your system, depends on many things, beware!) 512 byte with dd to...'

instead of a small reference to the bootloader commands, would you? ;)

WK,

http://vienna.spiney.org, http://linux.spiney.org

From: at: 2005-04-08 23:10:48

You don't need to restart crond daemon however, 'cause it check and eventually reload /etc/crontab every minute.... try it

From: at: 2005-04-07 15:31:03

But it's a well written amateur-article. Nice guy.

From: at: 2005-04-08 13:54:25

and costs a lot more.

From: at: 2005-04-08 14:04:00

Good thing it only takes about an hour with W2003 Server cause you'll have to do it at least 5 times on 5 different machines to host the same amount of traffic that this setup can. Not to mention all the security exploits because of IIS and all the other "secure" MS software.

Of course, you'll also have to pay alot more for the hardware just to meet minimum requirements and then there are all the licensing fees to think of.

But sure, if you want to save yourself an hour or so on install, by all means W2003 is the way to go. You'll have to spend more time administering it later to make sure it stays up and running, but so what? It only took an hour to setup, right?

From: at: 2005-04-11 06:22:36

I challenge you to provide details of the software you'll use under W2003 server to achieve the same configuration as in the article.

Stephan

From: at: 2005-04-08 06:09:51

Why using netdate and not the good old ntpd? That does the time sync constantly and works a treat. SS

From: at: 2005-04-08 12:00:42

Thanks for this!

I need a server - was going to use "Dead Rat" Enterprise, but I actually prefer SuSE's philosophy. Particularly as they have Novell's valuable support.

-Andy, Oulu, Finland

From: at: 2005-04-08 17:17:14

why do you use the sources for proftpd? suse is rpm based ...

From: at: 2005-04-09 14:03:41

Then try to find a proftpd rpm for SUSE 9.2... :-(

Mike

From: at: 2005-05-02 17:07:42

It's on the DVD. I use it.

From: at: 2005-04-14 23:49:06

This is a great walkthrough. What hardware did you use (or recommend for low traffic) for the server

From: at: 2005-07-16 10:55:15

I have a problem with apt-get, any idea ?

smith:/etc # apt-get install quota
Reading Package Lists... Done
Building Dependency Tree... Done
E: Couldn't find package quota
smith:/etc #

From: at: 2005-08-16 21:02:08

same problem. Anybody know what's up with this?

From: Anonymous at: 2005-11-10 02:00:20

I also had issues with apt.

I ended up going to the website and loading the packages via web browser to the /tmp directory and then I executed the rpm like in the instructions. After that, It worked fine.

From: admin at: 2005-11-10 09:03:42

You can install the packages also with "yast -i [PACKAGENAME]".

From: Anonymous at: 2006-05-06 22:34:41

"*Please note: You do not have to do this if you intend to use ISPConfig on your system as ISPConfig does the necessary configuration using procmail recipes. But please go sure to enable Maildir under Management -> Settings -> EMail in the ISPConfig web interface."

As of ISPConfig version 2.2.2, the checkbox for Maildir is found under Management -> Server -> Settings -> EMail.