The Perfect Setup - Ubuntu 6.06 LTS Server (Dapper Drake) - Page 4

7 Install Some Software

Now we install a few packages that are needed later on. Run

apt-get install binutils cpp cpp-4.0 fetchmail flex gcc gcc-4.0 libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev linux-kernel-headers lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++

(This command should go into one line!)

8 Quota

To install quota, run

apt-get install quota

Edit /etc/fstab to look like this (I added ,usrquota,grpquota to partition /dev/sda1 (mount point /; your device name might be /dev/hda1 or similar):

vi /etc/fstab

# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/sda1 / ext3 defaults,errors=remount-ro,usrquota,grpquota 0 1
/dev/sda5 none swap sw 0 0
/dev/hdc /media/cdrom0 udf,iso9660 user,noauto 0 0
/dev/fd0 /media/floppy0 auto rw,user,noauto 0 0

To enable quota, run these commands:

touch /quota.user /quota.group
chmod 600 /quota.*
mount -o remount /
quotacheck -avugm
quotaon -avug

9 DNS Server

Run

apt-get install bind9

For security reasons we want to run BIND chrooted so we have to do the following steps:

/etc/init.d/bind9 stop

Edit the file /etc/default/bind9 so that the daemon will run as the unprivileged user bind, chrooted to /var/lib/named. Modify the line: OPTIONS=" -u bind" so that it reads OPTIONS="-u bind -t /var/lib/named":

vi /etc/default/bind9

OPTIONS="-u bind -t /var/lib/named"
# Set RESOLVCONF=no to not run resolvconf
RESOLVCONF=yes

Create the necessary directories under /var/lib:

mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run

Then move the config directory from /etc to /var/lib/named/etc:

mv /etc/bind /var/lib/named/etc

Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):

ln -s /var/lib/named/etc/bind /etc/bind

Make null and random devices, and fix permissions of the directories:

mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind

We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get important messages logged to the system logs. Modify the line: SYSLOGD="-u syslog" so that it reads: SYSLOGD="-u syslog -a /var/lib/named/dev/log":

vi /etc/init.d/sysklogd

[...]
SYSLOGD="-u syslog -a /var/lib/named/dev/log"
[...]

Restart the logging daemon:

/etc/init.d/sysklogd restart

Start up BIND, and check /var/log/syslog for errors:

/etc/init.d/bind9 start

10 MySQL

In order to install MySQL, we run

apt-get install mysql-server mysql-client libmysqlclient12-dev

We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:

vi /etc/mysql/my.cnf

[...]
#bind-address = 127.0.0.1
[...]

Then we restart MySQL:

/etc/init.d/mysql restart

Now check that networking is enabled. Run

netstat -tap

In the output you should see a line like this one:

tcp        0      0 *:mysql                 *:*                     LISTEN     4997/mysqld

Run

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

Share this page:

11 Comment(s)

Add comment

Comments

From: Anonymous at: 2006-06-19 17:49:29

The libmysqlclient12-dev should be rather libmysqlclient15-dev

From: Anonymous at: 2006-07-25 03:35:09

libmysqlclient12-dev is now libmysqlclient15-dev

From: Anonymous at: 2006-08-11 02:25:29

No matter how closely these directions are followed, I've been unable to keep mysql happy. After performing the line:

mysqladmin -u server1.example.com -u root password yourrootsqlpassword

After doing that I always get the error:

mysqladmin: connect to server at 'localhost' failed

error: 'Access denied for user 'root'@'localhost' (using password: NO)'

I'm thinking a step or two might not have made it into this write up.

From: admin at: 2006-08-14 12:25:12

The Howto is complete.

 Replace "server1.example.com" in the command with the hostanme you entered during setup.

From: rainer at: 2006-10-22 07:59:56

its not enough to edit /etc/hosts as described before

you also have to edit /etc/hostanme 

vi /etc/hostname

instead of:

server1

there should be:

server1.example.com

From: Anonymous at: 2006-08-14 18:48:51

"mysqladmin -u server1.example.com -u root password yourrootsqlpassword"

try to change the first "-u" (user) for a "-h" (host)! :p

 

From: n3m3s1s4u at: 2006-10-14 17:07:22

Start up BIND, and check /var/log/syslog for errors: Well the only thing that was picked up on my end was a reference to /var/cache/bind (file or directory not found) but otherwise everything has gone through fine do i need to worry about this?

From: antoinel12 at: 2006-10-24 05:19:16

I'm unable to execute this command:

mysqladmin -h server1.example.com -u root password yourrootsqlpassword

I use a dyndns dommain name... It tell me that their is no response. Is it a port that I should open on my routher or something else? 

From: at: 2007-02-22 20:33:17

http://www.howtoforge.com/perfect_setup_fedora_core_5_p4

Submitted by Anonymous on Fri, 2006-05-26 02:18.
mysqladmin -h server1.example.com -u root -p password yourrootsqlpassword

Newbie (me) struggled with that one for a short while.

From: at: 2006-11-26 01:02:06

One thing seems to have changed or has been left out: I noticed during ISPConfig installation, that during php compilation it requires g++ to be installed. So maybe add g++ or even build-essentials to the big list of packets that are installed at the top.


Btw, this is really great howto, thank you for your time to write this excellent guide.

From: admin at: 2006-11-26 15:28:30

It wasn't left out. At the time the tutorial was written ISPConfig didn't need g++. This has changed with the newest ISPConfig version (2.2.8) which was released a few days ago.