The Perfect Setup - Ubuntu 6.10 Server (Edgy Eft) - Page 4

8 Install Some Software

Now we install a few packages that are needed later on. Run

apt-get install binutils cpp cpp-4.0 fetchmail flex gcc gcc-4.0 libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev linux-kernel-headers lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev autoconf automake1.9 libtool bison autotools-dev g++

(This command should go into one line!)


9 Quota

To install quota, run

apt-get install quota

Edit /etc/fstab. Mine looks like this (I added ,usrquota,grpquota to partition /dev/sda1 (mount point /; your device name might be /dev/hda1 or similar)):

vi /etc/fstab

# /etc/fstab: static file system information.
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
# /dev/sda1
UUID=02cc04f2-98cb-41db-8eb3-94de5f19b22b /               ext3    defaults,errors=remount-ro,usrquota,grpquota 0       1
# /dev/sda5
UUID=6b011d54-fb37-469d-9fa8-179b185343c1 none            swap    sw              0       0
/dev/hdc        /media/cdrom0   udf,iso9660 user,noauto     0       0
/dev/           /media/floppy0  auto    rw,user,noauto  0       0

To enable quota, run these commands:

touch /quota.user /
chmod 600 /quota.*
mount -o remount /
quotacheck -avugm
quotaon -avug


10 DNS Server


apt-get install bind9

For security reasons we want to run BIND chrooted so we have to do the following steps:

/etc/init.d/bind9 stop

Edit the file /etc/default/bind9 so that the daemon will run as the unprivileged user bind, chrooted to /var/lib/named. Modify the line: OPTIONS=" -u bind" so that it reads OPTIONS="-u bind -t /var/lib/named":

vi /etc/default/bind9

OPTIONS="-u bind -t /var/lib/named"
# Set RESOLVCONF=no to not run resolvconf

Create the necessary directories under /var/lib:

mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run

Then move the config directory from /etc to /var/lib/named/etc:

mv /etc/bind /var/lib/named/etc

Create a symlink to the new config directory from the old location (to avoid problems when bind is upgraded in the future):

ln -s /var/lib/named/etc/bind /etc/bind

Make null and random devices, and fix permissions of the directories:

mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind

We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get important messages logged to the system logs. Modify the line: SYSLOGD="-u syslog" so that it reads: SYSLOGD="-u syslog -a /var/lib/named/dev/log":

vi /etc/init.d/sysklogd

SYSLOGD="-u syslog -a /var/lib/named/dev/log"

Restart the logging daemon:

/etc/init.d/sysklogd restart

Start up BIND, and check /var/log/syslog for errors:

/etc/init.d/bind9 start


11 MySQL

In order to install MySQL, we run

apt-get install mysql-server mysql-client libmysqlclient15-dev

We want MySQL to listen on all interfaces, not just localhost, therefore we edit /etc/mysql/my.cnf and comment out the line bind-address =

vi /etc/mysql/my.cnf

#bind-address           =

Then we restart MySQL:

/etc/init.d/mysql restart

Now check that networking is enabled. Run

netstat -tap

In the output you should see a line like this one:

tcp        0      0 *:mysql                 *:*                     LISTEN     4997/mysqld


mysqladmin -u root password yourrootsqlpassword
mysqladmin -h -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

Share this page:

Suggested articles

2 Comment(s)

Add comment



"In recent distributions of MySQL, you can also run the script mysql_secure_installation instead of just changing the root password. That script allows you to change the root password, delete the test database, remove the anonymous user, remove remote access (allowing access from the local machine only) and reset the privileges table."

Quoting from


When I attempted to apt-get install linux-kernel-headers, I got the message that "Package linux-kernel-headers is a virtual package provided by:
You should explicitly select one to install"


I did apt-get install linux-libc-dev and I did fine.