Disclaimer
The opinions expressed herein are my own personal opinions and do not represent anyone else's view in any way, including those of my employer.
© Copyright 2009
The opinions expressed herein are my own personal opinions and do not represent anyone else's view in any way, including those of my employer.
© Copyright 2009
Now we create a small PHP test file, for example in the www.example1.com web site…
vi /var/www/web1/web/info.php
<?php phpinfo(); ?> |
… and call that file in a browser (http://www.example1.com/info.php). If all goes well, the output should look similar to this, and you should see CGI/FastCGI in the Server API line:
Because each web site has its own php-fcgi-starter wrapper script, it is possible to define different php.ini files for different web sites. To demonstrate this, I will copy the default php.ini (/etc/php5/cgi/php.ini) to the /var/www/web2/ directory and make www.example2.com use the php.ini from the /var/www/web2/ directory:
cp /etc/php5/cgi/php.ini /var/www/web2/
chown web2:web2 /var/www/web2/php.ini
(You can now modify /var/www/web2/php.ini to your likings.)
Then we open /var/www/php-fcgi-scripts/web2/php-fcgi-starter…
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
… and put /var/www/web2/ in the PHPRC line:
#!/bin/sh PHPRC=/var/www/web2/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/lib/cgi-bin/php |
Reload Apache afterwards:
/etc/init.d/apache2 reload
Create a new phpinfo(); file for www.example2.com…
vi /var/www/web2/web/info.php
<?php phpinfo(); ?> |
… and call it in a browser (http://www.example2.com/info.php). The Configuration File (php.ini) Path line should now show /var/www/web2/php.ini:
Instead of passing a whole new php.ini file to your web site, you can as well change single PHP configuration settings in the php-fcgi-starter wrapper script (or use a combination of both) by adding the -d switch to the PHP executable. For example, if I want to disable magic_quotes_gpc for the web site www.example2.com, I’d do it as follows:
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
#!/bin/sh PHPRC=/etc/php5/cgi/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/lib/cgi-bin/php -d magic_quotes_gpc=off |
Reload Apache afterwards:
/etc/init.d/apache2 reload
Then call the info.php script again in a browser (http://www.example2.com/info.php) and search for the magic_quotes_gpc line - it should show Off now:
Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 01/29/2009
This tutorial describes how you can install Apache2 with mod_fcgid and PHP5 on CentOS 5.2. mod_fcgid is a compatible alternative to the older mod_fastcgi. It lets you execute PHP scripts with the permissions of their owners instead of the Apache user.
I do not issue any guarantee that this will work for you!
I’m using a CentOS 5.2 server in this tutorial with the hostname server1.example.com and the IP address 192.168.0.100.
I will create two Apache vhosts in this tutorial, www.example1.com and www.example2.com, to demonstrate the usage of mod_fcgid.
Before we start, make sure that SELinux is disabled. Run
system-config-securitylevel
to disable SELinux, and …
setenforce 0
… for the change to take effect.
mod_fcgid is not available in the official CentOS repositories, but there’s a package for CentOS 5.x in the centos.karan.org testing repository. We enable the repository as follows:
cd /etc/yum.repos.d/
wget http://centos.karan.org/kbsingh-CentOS-Extras.repo
Next we open /etc/yum.repos.d/kbsingh-CentOS-Extras.repo…
vi /etc/yum.repos.d/kbsingh-CentOS-Extras.repo
… and set gpgcheck to 0 and enabled to 1 in the [kbs-CentOS-Testing] section:
[...] [kbs-CentOS-Testing] name=CentOS.Karan.Org-EL$releasever - Testing gpgcheck=0 gpgkey=http://centos.karan.org/RPM-GPG-KEY-karan.org.txt enabled=1 baseurl=http://centos.karan.org/el$releasever/extras/testing/$basearch/RPMS/ |
Afterwards we can install Apache2, mod_fcgid, and PHP5:
yum install httpd mod_fcgid php-cli
If Apache2 was already installed with PHP5 as an Apache module, disable the PHP5 module now - open /etc/httpd/conf.d/php.conf…
vi /etc/httpd/conf.d/php.conf
… and comment out everything in that file:
# # PHP is an HTML-embedded scripting language which attempts to make it # easy for developers to write dynamically generated webpages. # #LoadModule php5_module modules/libphp5.so # # Cause the PHP interpreter to handle files with a .php extension. # #AddHandler php5-script .php #AddType text/html .php # # Add index.php to the list of files that will be served as directory # indexes. # #DirectoryIndex index.php # # Uncomment the following line to allow PHP to pretty-print .phps # files as PHP source code: # #AddType application/x-httpd-php-source .phps |
Then we create the system startup links for Apache and start it:
chkconfig –levels 235 httpd on
/etc/init.d/httpd restart
Next we open /etc/php.ini…
vi /etc/php.ini
… and add the line cgi.fix_pathinfo = 1 right at the end of the file:
[...] cgi.fix_pathinfo = 1 |
Then reload Apache:
/etc/init.d/httpd reload
I will now create two vhosts, www.example1.com (with the document root /var/www/web1/web) and www.example2.com (with the document root /var/www/web2/web). www.example1.com will be owned by the user and group web1, and www.example2.com by the user and group web2.
First we create the users and groups:
groupadd web1
groupadd web2
useradd -s /bin/false -d /var/www/web1 -m -g web1 web1
useradd -s /bin/false -d /var/www/web2 -m -g web2 web2
chmod 755 /var/www/web1
chmod 755 /var/www/web2
Then we create the document roots and make them owned by the users/groups web1 resp. web2:
mkdir -p /var/www/web1/web
chown web1:web1 /var/www/web1/web
mkdir -p /var/www/web2/web
chown web2:web2 /var/www/web2/web
We will run PHP using suExec; suExec’s document root is /var/www, as the following command shows:
/usr/sbin/suexec -V
[root@server1 ~]# /usr/sbin/suexec -V
-D AP_DOC_ROOT=”/var/www”
-D AP_GID_MIN=100
-D AP_HTTPD_USER=”apache”
-D AP_LOG_EXEC=”/var/log/httpd/suexec.log”
-D AP_SAFE_PATH=”/usr/local/bin:/usr/bin:/bin”
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX=”public_html”
[root@server1 ~]#
Therefore we cannot call the PHP binary (/usr/bin/php-cgi) directly because it is located outside suExec’s document root. As suExec does not allow symlinks, the only way to solve the problem is to create a wrapper script for each web site in a subdirectory of /var/www; the wrapper script will then call the PHP binary /usr/bin/php-cgi. The wrapper script must be owned by the user and group of each web site, therefore we need one wrapper script for each web site. I’m going to create the wrapper scripts in subdirectories of /var/www/php-fcgi-scripts, e.g. /var/www/php-fcgi-scripts/web1 and /var/www/php-fcgi-scripts/web2.
mkdir -p /var/www/php-fcgi-scripts/web1
mkdir -p /var/www/php-fcgi-scripts/web2
vi /var/www/php-fcgi-scripts/web1/php-fcgi-starter
#!/bin/sh PHPRC=/etc/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/bin/php-cgi |
vi /var/www/php-fcgi-scripts/web2/php-fcgi-starter
#!/bin/sh PHPRC=/etc/ export PHPRC export PHP_FCGI_MAX_REQUESTS=5000 export PHP_FCGI_CHILDREN=8 exec /usr/bin/php-cgi |
The PHPRC line contains the directory where the php.ini file is located (i.e., /etc/ translates to /etc/php.ini). PHP_FCGI_MAX_REQUESTS is the maximum number of requests before an fcgid process is stopped and a new one is launched. PHP_FCGI_CHILDREN defines the number of PHP children that will be launched.
The php-fcgi-starter scripts must be executable, and they (and the directories they are in) must be owned by the web site’s user and group:
chmod 755 /var/www/php-fcgi-scripts/web1/php-fcgi-starter
chmod 755 /var/www/php-fcgi-scripts/web2/php-fcgi-starter
chown -R web1:web1 /var/www/php-fcgi-scripts/web1
chown -R web2:web2 /var/www/php-fcgi-scripts/web2
Now we create the Apache vhosts for www.example1.com and www.example2.com. Add the following two vhosts at the end of /etc/httpd/conf/httpd.conf:
vi /etc/httpd/conf/httpd.conf
[...]
NameVirtualHost *:80
<VirtualHost *:80>
ServerName www.example1.com
ServerAlias example1.com
ServerAdmin webmaster@example1.com
DocumentRoot /var/www/web1/web/
<IfModule mod_fcgid.c>
SuexecUserGroup web1 web1
PHP_Fix_Pathinfo_Enable 1
<Directory /var/www/web1/web/>
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web1/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
<VirtualHost *:80>
ServerName www.example2.com
ServerAlias example2.com
ServerAdmin webmaster@example2.com
DocumentRoot /var/www/web2/web/
<IfModule mod_fcgid.c>
SuexecUserGroup web2 web2
PHP_Fix_Pathinfo_Enable 1
<Directory /var/www/web2/web/>
Options +ExecCGI
AllowOverride All
AddHandler fcgid-script .php
FCGIWrapper /var/www/php-fcgi-scripts/web2/php-fcgi-starter .php
Order allow,deny
Allow from all
</Directory>
</IfModule>
# ErrorLog /var/log/apache2/error.log
# CustomLog /var/log/apache2/access.log combined
ServerSignature Off
</VirtualHost>
|
Make sure you fill in the right paths (and the correct user and group in the SuexecUserGroup lines).
Reload Apache afterwards:
/etc/init.d/httpd reload
After the reboot you can login with your previously created username (e.g. administrator). Because we must run all the steps from this tutorial as root user, we must enable the root account now.
Run
sudo passwd root
and give root a password. Afterwards we become root by running
su
Because the Ubuntu installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address 192.168.0.100):
# This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1
Then restart your network:
/etc/init.d/networking restart
Then edit /etc/hosts. Make it look like this:
vi /etc/hosts
127.0.0.1 localhost.localdomain localhost 192.168.0.100 server1.example.com server1 # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts#
Now run
echo server1.example.com > /etc/hostname
/etc/init.d/hostname.sh start
Afterwards, run
hostname
hostname -f
Both should show server1.example.com now.
Edit /etc/apt/sources.list. Comment out or remove the installation CD from the file and make sure that the universe and multiverse repositories are enabled. It should look like this:
vi /etc/apt/sources.list
# # deb cdrom:[Ubuntu-Server 7.10 _Gutsy Gibbon_ - Release i386 (20071016)]/ gutsy main restricted #deb cdrom:[Ubuntu-Server 7.10 _Gutsy Gibbon_ - Release i386 (20071016)]/ gutsy main restricted # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://de.archive.ubuntu.com/ubuntu/ gutsy main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://de.archive.ubuntu.com/ubuntu/ gutsy-updates main restricted deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## universe WILL NOT receive any review or updates from the Ubuntu security ## team. deb http://de.archive.ubuntu.com/ubuntu/ gutsy universe deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy universe deb http://de.archive.ubuntu.com/ubuntu/ gutsy-updates universe deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://de.archive.ubuntu.com/ubuntu/ gutsy multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy multiverse deb http://de.archive.ubuntu.com/ubuntu/ gutsy-updates multiverse deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy-updates multiverse ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. # deb http://de.archive.ubuntu.com/ubuntu/ gutsy-backports main restricted universe multiverse # deb-src http://de.archive.ubuntu.com/ubuntu/ gutsy-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. This software is not part of Ubuntu, but is ## offered by Canonical and the respective vendors as a service to Ubuntu ## users. # deb http://archive.canonical.com/ubuntu gutsy partner # deb-src http://archive.canonical.com/ubuntu gutsy partner deb http://security.ubuntu.com/ubuntu gutsy-security main restricted deb-src http://security.ubuntu.com/ubuntu gutsy-security main restricted deb http://security.ubuntu.com/ubuntu gutsy-security universe deb-src http://security.ubuntu.com/ubuntu gutsy-security universe deb http://security.ubuntu.com/ubuntu gutsy-security multiverse deb-src http://security.ubuntu.com/ubuntu gutsy-security multiverse
Then run
apt-get update
to update the apt package database and
apt-get upgrade
to install the latest updates (if there are any).
apt-get install samba smbclient smbfs beep ntp ntpdate
Samba, SMBlient and SMBFS form the base of the home file server. NTP and NTPdate will keep the time synchronized. Beep is needed to let the PC-speaker beep when the file server is up and running.
First we need to find out what name Ubuntu has given to the second hard disk:
fdisk -l
You should get a listing of the hard drives installed on your PC. There will be a little paragraph for each one that will look like this:
Disk /dev/hda: 40.0 GB, 40020664320 bytes 255 heads, 63 sectors/track, 4865 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hda1 * 1 4678 37576003+ 83 NTFS
In Windows disk drives are assigned an alphabet letter.The main hard drive was c:/. In Linux it’s kind of the same, but in a different format. All hard drives installed are listed in the ‘device’ or /dev directory. All drives start with theprefix “hd” ( ‘hard drive’). I will now show the steps to add hda1.
Now we create a mount point:
mkdir /media/store
This mount point will get writable permissions for all users:
chmod 777 /media/store
The hard disk hda needs to be mounted:
mount /dev/hda /media/store
This is a temporary mount. In order to do his automatically at every boot, we need to:
vi /etc/fstab
The text editor window will appear with the fstab file loaded up. You will see something that looks kind of like this:
# /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 /dev/hda1 / ext3 defaults,errors=remount-ro 0 1 /dev/hda5 none swap sw 0 0 /dev/hdb1 /media/hdb1 ext3 defaults 0 0 /dev/hdc /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/fd0 /media/floppy0 auto rw,user,noauto 0 0
All you have to do is add a new line for the new drive… I will add the following line to my fstab for my new drive:
/dev/hda1 /media/store ntfs defaults 0 0
To make the hard drive show up right now, without rebooting - just reload your fstab file with the following command:
mount -a
The Home File server must be visible in the home network. The default value is MSHOME. If your workgroup has a different name edit:
vi /etc/samba/smb.conf
and change the line:
workgroup = MSHOME
Make the hard disk hda visible and writeable for all users, add the following lines to the bottom of smb.conf:
[hda public hard disk] comment = Public Folder path = media/store public = yes writable = yes create mask = 0777 directory mask = 0777 force user = nobody force group = no group
Now Linux users can log in to the Home File server.
Save and exit the vi editor and restart Samba:
/etc/init.d/samba force-reload
For home use one user name is sufficient. In this example I will add the user family:
smbpasswd -a family
Fill in a password at the next prompt. Now you are able to use family as user if you access your home file server from Internet Explorer.
Your home file server will probably not have a turned on or attached monitor. So when you start up your home file server you do not excatly know when Ubuntu and Samba are loaded and can be used in the home network.
By making the PC-speaker beep 3 times, you will know that the system is ready:
vi /et/rc.load
Simply add this line:
beep -l 900 -r 3 -f 500
Now reboot and enjoy your own Home File Server:
shutdown -r now
Enter the hostname. In this example, my system is called server1.example.com, so I enter server1:
Now you have to partition your hard disk. For simplicity’s sake I will create one big partition (with the mount point /) and a little swap partition so I select Guided - use entire disk (of course, the partitioning is totally up to you - if you like, you can create more than just one big partition, and you can also use LVM):
Select the disk that you want to partition. Please do not use the NTFS hard disk intended for data storage:
Afterwards, your new partitions are being created and formatted:
Configure your system’s clock. Normally UTC is a good choice:
Create a user, for example the user Administrator with the user name administrator (don’t use the user name admin as it is a reserved name on Gutsy Gibbon):
Now the base system is being installed:
We need a Samba File server, but nevertheless I don’t select any of them now because I like to have full control over what gets installed on my system. We will install the needed packages manually later on. The only item I select here is OpenSSH server so that I can immediately connect to the system with an SSH client such as PuTTY after the installation has finished:
The installation continues:
The base system installation is now finished. Remove the installation CD from the CD drive and hit Continue to reboot the system:
From now on you can use an SSH client such as PuTTY and connect from your workstation to your Ubuntu Gutsy Gibbon server and follow the remaining steps from this tutorial.
Version 1.0
Author: Xam
Last edited 01/20/2008
This tutorial explains how to turn an old PC with additional hard disks into a simple home file server. The file server is intended for home use. The home file server is accessible by Windows and Linux computers in the home network.
The existing tutorials do not describe how to add additional disks or have a complex authorization or access procedure. Freenas (www.freenas.org) does have too many features for home users and more important it does not support the NTFS format.
This Home File Server can work with hard disks formatted in NTFS. So when you need or want to move the hard disk into a new computer, they are accessible by Windows and most Linux operating systems.
The server is built with Ubuntu Server 7.10 & Samba. Do not use Ubuntu Server 5.04 LTS because this version does not support the latest SATA Controllers (in an Pentium II or III you likely want to use a PCI SATA RAID controller to attach SATA hard disks).
I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!
To install such a system you will need the following:
The hard disks for data storage in the file server must be formatted in the NTFS format. You can use the Gparted live CD to do this job, download the iso from: http://sourceforge.net/project/showfiles.php?group_id=115843&package_id=173828
I assume that you already know how to install a hard drive. I also assume that you knew how to make it a master or slave, you’ve checked to make sure that it shows up in bios, and that it was intalled properly.
In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.
Insert your Ubuntu install CD into your system and boot from it. Select Install to the hard disk:
The installation starts, and first you have to choose your language:
Then select your location:
Choose a keyboard layout (you will be asked to press a few keys, and the installer will try to detect your keyboard layout based on the keys you pressed):
The installer checks the installation CD, your hardware, and configures the network with DHCP if there is a DHCP server in the network:
On the next screen the installer asks you to execute a MySQL query. We don’t have to do that because we’ve done something similar in chapter 3 already (the two GRANT statements) so we are set. Click on Go to step 6:
Click on Go to step 7:
The installation is now finished…
… but for security reasons we must delete the install directory:
rm -fr /var/www/html/poweradmin/install/
Now you can go to http://server1.example.com/poweradmin or http://192.168.0.100/poweradmin and log in with the username admin and the password you created during the installation:
This is how the Poweradmin web interface looks:
To create a zone, go to Add master zone and fill in the domain name (e.g. example.com). You can already fill in the IP addresses for the www A record (”webserver”) and the MX record (”mailserver”) for that zone. If you leave the Create zone without applying records-template checkbox unchecked, Poweradmin will automatically create some NS, A (e.g. www) and MX records for that zone:
Go to List zones afterwards. You should now see the new zone there, and it already has eight records. Click on the edit icon to see these eight records:
These are the records that are created automatically unless you check the Create zone without applying records-template checkbox when you create a zone. You can now edit them or add and delete records:
Of course, you can as well create all records one-by-one manually - just leave the IP address fields empty and check the Create zone without applying records-template checkbox on the Add master zone page:
On the List zones page you will see that the new zone has just one record (the SOA record). Click on the edit icon…
… and then on Add record to add further records, …
…, e.g. NS records…
… and A records (e.g. for mydomain.com (leave the Name field empty!) and www.mydomain.com)…
… and MX records:
To create PTR records, go to the Add master zone page and create a zone called in-addr.arpa (leave the IP address fields empty and check the Create zone without applying records-template checkbox):
To create a PTR record that points from the IP 1.2.3.4 to server1.example.com, create a record under List zones and fill in 4.3.2.1 in the Name field (that’s the IP in reverse order) and server1.example.com in the Content field:
After you’ve created your records, you can check them with the dig command (see
man dig
for more details), e.g. as follows:
dig @localhost mx example.com
[root@server1 ~]# dig @localhost mx example.com
; <<>> DiG 9.3.4-P1 <<>> @localhost mx example.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46586
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;example.com. IN MX
;; ANSWER SECTION:
example.com. 86400 IN MX 10 mail.example.com.
;; ADDITIONAL SECTION:
mail.example.com. 86400 IN A 1.2.3.4
;; Query time: 44 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 15 18:54:35 2009
;; MSG SIZE rcvd: 66
[root@server1 ~]#
Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 01/15/2009
This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a CentOS 5.2 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS.
I do not issue any guarantee that this will work for you!
In this example I’m using a CentOS 5.2 host with the hostname server1.example.com and the IP address 192.168.0.100, set up according to the first 6 chapters of this tutorial: The Perfect Server - CentOS 5.2.
I will set up just one PowerDNS server in this example (a master); adding PowerDNS slave(s) can easily be achieved by using MySQL database replication from the master to the slave(s), therefore no zone transfers are needed (this again is similar to MyDNS). MySQL database replication can be set up according to this tutorial: How To Set Up Database Replication In MySQL (PowerDNS also supports native zone transfers (for scenarios where you cannot use MySQL replication) - see http://downloads.powerdns.com/documentation/html/replication.html).
To install MySQL, we do this:
yum install mysql mysql-server
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
chkconfig –levels 235 mysqld on
/etc/init.d/mysqld start
Now check that networking is enabled. Run
netstat -tap | grep mysql
It should show something like this (*:mysql means that MySQL is listening on all interfaces which is important for MySQL replication!):
[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2439/mysqld
[root@server1 ~]#
If it does not, edit /etc/my.cnf and comment out the option skip-networking:
vi /etc/my.cnf
[...] #skip-networking [...] |
and restart your MySQL server:
/etc/init.d/mysqld restart
Run
mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
to set a password for the user root (otherwise anybody can access your MySQL database!).
To install PowerDNS, we run
yum install pdns pdns-backend-mysql
The PowerDNS configuration is located in the /etc/pdns directory - I’ll come to that in a moment.
Now we connect to MySQL:
mysql -u root -p
Type in your MySQL root password, and you should be on the MySQL shell. On the MySQL shell, we create a database for PowerDNS:
CREATE DATABASE powerdns;
Next we create a database user (powerdns) for PowerDNS:
GRANT ALL ON powerdns.* TO ‘power_admin’@'localhost’ IDENTIFIED BY ‘power_admin_password’;
GRANT ALL ON powerdns.* TO ‘power_admin’@'localhost.localdomain’ IDENTIFIED BY ‘power_admin_password’;
FLUSH PRIVILEGES;
(Replace power_admin_password with a password of your choice.)
Now we create the tables needed by PowerDNS…
USE powerdns;
CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
… and finally leave the MySQL shell:
quit;
Now we must configure PowerDNS so that it uses the MySQL backend:
vi /etc/pdns/pdns.conf
Add the following lines to pdns.conf:
[...] ################################# # launch Which backends to launch and order to query them in # # launch= launch=gmysql gmysql-host=127.0.0.1 gmysql-user=power_admin gmysql-password=power_admin_password gmysql-dbname=powerdns [...] |
Then create the system startup links for PowerDNS and start it:
chkconfig –levels 235 pdns on
/etc/init.d/pdns start
That’s it, PowerDNS is now ready to be used. To learn more about it, please refer to its documentation: http://downloads.powerdns.com/documentation/html/index.html
Now let’s install Poweradmin, a web-based control panel for PowerDNS. Poweradmin is written in PHP, so we must install a web server (I’m using Apache2 in this example) and PHP:
yum install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext
Create the system startup links for Apache2 and start it:
chkconfig –levels 235 httpd on
/etc/init.d/httpd start
Poweradmin also requires the following two PEAR packages:
yum install php-pear-DB php-pear-MDB2-Driver-mysql
Now all prerequisites for Poweradmin are installed, and we can begin with the Poweradmin installation (I will install it in a subdirectory of /var/www/html - /var/www/html is the document root of Apache’s default web site on CentOS; if you’ve created a vhost with a different document root, please adjust the paths).
Go to https://www.poweradmin.org/trac/wiki/GettingPoweradmin and download the latest Poweradmin package, e.g. as follows:
cd /tmp
wget https://www.poweradmin.org/download/poweradmin-2.1.2.tgz
Then install it to the /var/www/html/poweradmin directory as follows:
tar xvfz poweradmin-2.1.2.tgz
mv poweradmin-2.1.2 /var/www/html/poweradmin
touch /var/www/html/poweradmin/inc/config.inc.php
chown -R apache:apache /var/www/html/poweradmin/
Now open a browser and launch the web-based Poweradmin installer (http://server1.example.com/poweradmin/install or http://192.168.0.100/poweradmin/install).
Select your language (English or Dutch):
Click on the Go to step 3 button to proceed:
Now fill in your database details. It is important that you fill in the details for the MySQL root user, not the powerdns MySQL user we created earlier! Also provide a password for the admin user for the Poweradmin web interface (that’s the password that the user admin will use to log in to Poweradmin later on):
On the next page, fill in the details for the power_admin MySQL user that we created in chapter 3. Also fill in the two default nameservers that will be used in your zones unless you provide different nameservers when you create a zone (typically these are the names of the current system and of the slave server (for which you can set up MySQL replication, see my preliminary notes in chapter 1)):
On the next screen the installer asks you to execute a MySQL query. We don’t have to do that because we’ve done something similar in chapter 3 already (the two GRANT statements) so we are set. Click on Go to step 6:
Click on Go to step 7:
The installation is now finished…
… but for security reasons we must delete the install directory:
rm -fr /var/www/html/poweradmin/install/
Now you can go to http://server1.example.com/poweradmin or http://192.168.0.100/poweradmin and log in with the username admin and the password you created during the installation:
This is how the Poweradmin web interface looks:
To create a zone, go to Add master zone and fill in the domain name (e.g. example.com). You can already fill in the IP addresses for the www A record (”webserver”) and the MX record (”mailserver”) for that zone. If you leave the Create zone without applying records-template checkbox unchecked, Poweradmin will automatically create some NS, A (e.g. www) and MX records for that zone:
Go to List zones afterwards. You should now see the new zone there, and it already has eight records. Click on the edit icon to see these eight records:
These are the records that are created automatically unless you check the Create zone without applying records-template checkbox when you create a zone. You can now edit them or add and delete records:
Of course, you can as well create all records one-by-one manually - just leave the IP address fields empty and check the Create zone without applying records-template checkbox on the Add master zone page:
On the List zones page you will see that the new zone has just one record (the SOA record). Click on the edit icon…
… and then on Add record to add further records, …
…, e.g. NS records…
… and A records (e.g. for mydomain.com (leave the Name field empty!) and www.mydomain.com)…
… and MX records:
To create PTR records, go to the Add master zone page and create a zone called in-addr.arpa (leave the IP address fields empty and check the Create zone without applying records-template checkbox):
To create a PTR record that points from the IP 1.2.3.4 to server1.example.com, create a record under List zones and fill in 4.3.2.1 in the Name field (that’s the IP in reverse order) and server1.example.com in the Content field:
After you’ve created your records, you can check them with the dig command (see
man dig
for more details), e.g. as follows:
dig @localhost mx example.com
[root@server1 ~]# dig @localhost mx example.com
; <<>> DiG 9.5.1b2-RedHat-9.5.1-0.8.b2.fc10 <<>> @localhost mx example.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6561
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;example.com. IN MX
;; ANSWER SECTION:
example.com. 86400 IN MX 10 mail.example.com.
;; ADDITIONAL SECTION:
mail.example.com. 86400 IN A 1.2.3.4
;; Query time: 39 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jan 14 15:47:01 2009
;; MSG SIZE rcvd: 66
[root@server1 ~]#
Version 1.0
Author: Falko Timme <ft [at] falkotimme [dot] com>
Last edited 01/14/2009
This article shows how you can install the PowerDNS nameserver (with MySQL backend) and the Poweradmin control panel for PowerDNS on a Fedora 10 system. PowerDNS is a high-performance, authoritative-only nameserver - in the setup described here it will read the DNS records from a MySQL database (similar to MyDNS), although other backends such as PostgreSQL are supported as well. Poweradmin is a web-based control panel for PowerDNS.
I do not issue any guarantee that this will work for you!
In this example I’m using a Fedora 10 host with the hostname server1.example.com and the IP address 192.168.0.100, set up according to the first 6 chapters of this tutorial: The Perfect Server - Fedora 10.
I will set up just one PowerDNS server in this example (a master); adding PowerDNS slave(s) can easily be achieved by using MySQL database replication from the master to the slave(s), therefore no zone transfers are needed (this again is similar to MyDNS). MySQL database replication can be set up according to this tutorial: How To Set Up Database Replication In MySQL (PowerDNS also supports native zone transfers (for scenarios where you cannot use MySQL replication) - see http://downloads.powerdns.com/documentation/html/replication.html).
To install MySQL, we do this:
yum install mysql mysql-server
Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:
chkconfig –levels 235 mysqld on
/etc/init.d/mysqld start
Now check that networking is enabled. Run
netstat -tap | grep mysql
It should show something like this (*:mysql means that MySQL is listening on all interfaces which is important for MySQL replication!):
[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2407/mysqld
[root@server1 ~]#
If it does not, edit /etc/my.cnf and comment out the option skip-networking:
vi /etc/my.cnf
[...] #skip-networking [...] |
and restart your MySQL server:
/etc/init.d/mysqld restart
Run
mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword
to set a password for the user root (otherwise anybody can access your MySQL database!).
If the last command throws an error at you…
[root@server1 named]# mysqladmin -h server1.example.com -u root password yourrootsqlpassword
mysqladmin: connect to server at ’server1.example.com’ failed
error: ‘Access denied for user ‘root’@'localhost’ (using password: NO)’
[root@server1 named]#
… we can set the password as follows: connect to MySQL:
mysql -u root -p
Type in the password for the MySQL root user. Then, on the MySQL shell, do this:
mysql> USE mysql;
mysql> UPDATE user SET Password = password(’yourrootsqlpassword’) WHERE Host = ’server1.example.com’ AND User = ‘root’;
mysql> UPDATE user SET Password = password(’yourrootsqlpassword’) WHERE Host = ‘127.0.0.1′ AND User = ‘root’;
Run
mysql> SELECT * FROM user;
to make sure that all rows where the user is root have a password.
If everything is looking ok, run
mysql> FLUSH PRIVILEGES;
… and leave the MySQL shell:
mysql> quit;
To install PowerDNS, we run
yum install pdns pdns-backend-mysql
The PowerDNS configuration is located in the /etc/pdns directory - I’ll come to that in a moment.
Now we connect to MySQL:
mysql -u root -p
Type in your MySQL root password, and you should be on the MySQL shell. On the MySQL shell, we create a database for PowerDNS:
CREATE DATABASE powerdns;
Next we create a database user (powerdns) for PowerDNS:
GRANT ALL ON powerdns.* TO ‘power_admin’@'localhost’ IDENTIFIED BY ‘power_admin_password’;
GRANT ALL ON powerdns.* TO ‘power_admin’@'localhost.localdomain’ IDENTIFIED BY ‘power_admin_password’;
FLUSH PRIVILEGES;
(Replace power_admin_password with a password of your choice.)
Now we create the tables needed by PowerDNS…
USE powerdns;
CREATE TABLE domains (
id INT auto_increment,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(6) NOT NULL,
notified_serial INT DEFAULT NULL,
account VARCHAR(40) DEFAULT NULL,
primary key (id)
);
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE TABLE records (
id INT auto_increment,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(6) DEFAULT NULL,
content VARCHAR(255) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
change_date INT DEFAULT NULL,
primary key(id)
);
CREATE INDEX rec_name_index ON records(name);
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE TABLE supermasters (
ip VARCHAR(25) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) DEFAULT NULL
);
… and finally leave the MySQL shell:
quit;
Now we must configure PowerDNS so that it uses the MySQL backend:
vi /etc/pdns/pdns.conf
Add the following lines to pdns.conf:
[...] ################################# # launch Which backends to launch and order to query them in # # launch= launch=gmysql gmysql-host=127.0.0.1 gmysql-user=power_admin gmysql-password=power_admin_password gmysql-dbname=powerdns [...] |
Then create the system startup links for PowerDNS and start it:
chkconfig –levels 235 pdns on
/etc/init.d/pdns start
That’s it, PowerDNS is now ready to be used. To learn more about it, please refer to its documentation: http://downloads.powerdns.com/documentation/html/index.html
Now let’s install Poweradmin, a web-based control panel for PowerDNS. Poweradmin is written in PHP, so we must install a web server (I’m using Apache2 in this example) and PHP:
yum install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext
Create the system startup links for Apache2 and start it:
chkconfig –levels 235 httpd on
/etc/init.d/httpd start
Poweradmin also requires the following two PEAR packages:
yum install php-pear-DB php-pear-MDB2-Driver-mysql
Now all prerequisites for Poweradmin are installed, and we can begin with the Poweradmin installation (I will install it in a subdirectory of /var/www/html - /var/www/html is the document root of Apache’s default web site on Fedora; if you’ve created a vhost with a different document root, please adjust the paths).
Go to https://www.poweradmin.org/trac/wiki/GettingPoweradmin and download the latest Poweradmin package, e.g. as follows:
cd /tmp
wget https://www.poweradmin.org/download/poweradmin-2.1.2.tgz
Then install it to the /var/www/html/poweradmin directory as follows:
tar xvfz poweradmin-2.1.2.tgz
mv poweradmin-2.1.2 /var/www/html/poweradmin
touch /var/www/html/poweradmin/inc/config.inc.php
chown -R apache:apache /var/www/html/poweradmin/
Now open a browser and launch the web-based Poweradmin installer (http://server1.example.com/poweradmin/install or http://192.168.0.100/poweradmin/install).
Select your language (English or Dutch):
Click on the Go to step 3 button to proceed:
Now fill in your database details. It is important that you fill in the details for the MySQL root user, not the powerdns MySQL user we created earlier! Also provide a password for the admin user for the Poweradmin web interface (that’s the password that the user admin will use to log in to Poweradmin later on):
On the next page, fill in the details for the power_admin MySQL user that we created in chapter 3. Also fill in the two default nameservers that will be used in your zones unless you provide different nameservers when you create a zone (typically these are the names of the current system and of the slave server (for which you can set up MySQL replication, see my preliminary notes in chapter 1)):
Homepage: http://www.skype.com/
Skype is a software for internet telephony, instant messaging etc.
If you want to use skype, open a terminal and enter (root privileges needed):
cd /tmp/
wget http://www.skype.com/go/getskype-linux-beta-centos
wget http://www.skype.com/products/skype/linux/rpm-public-key.asc
rpm –import rpm-public-key.asc
yum localinstall skype-<version>-centos.i586.rpm
Note: If the gpg-key is not available, you have to disable the gpg-check in the yum configuration (
vi /etc/yum.conf
) before you do the localinstall. Keep in mind that you turn it on again afterwards.
Homepage: http://audacity.sourceforge.net/
Audacity is a software to edit audio files.
If you want to use Audacity, install the following package:
Homepage: http://www.nongnu.org/streamtuner/
Streamtuner is a stream directory browser. With Streamtuner you can listen to SHOUTcast-streams etc.
If you want to use Streamtuner, install the following package:
Homepage: http://fireftp.mozdev.org/
FireFTP is an extension for Firefox. It provides an easy to use, full featured ftp client. It can be startet without firefox from the gnome applications menu.
If you want to use FireFTP, open https://addons.mozilla.org/en-US/firefox/addon/684 within Firefox and click on “Install Now“.
Accept the installation:
After the installation is finished restart Firefox. FireFTP is available in the upper menu or when you right click on an ftp-link.
Create a new launcher in the gnome applications menu to start FireFTP without Firefox. Open the main menu editor.
Click on “Internet” on the left side and afterwards on “New item” on the right side.
Insert/select the following in the launcher-window:
Name: FireFTP
Command: firefox -chrome chrome://fireftp/content/
Comment: FTP Client
Optional choose an icon for the new launcher.
Homepage: http://gparted.sourceforge.net/
With gparted you are able to resize, move and format partitions - many file systems are supported.
If you want to use gparted, install the following packages:
Homepage: http://www.xchat.org/
With XChat you can join multiple IRC channels (Internet Relay Chat). File transfer is supported. You can customize XChat with various scripts and plugins.
If you want to use xchat, install the following package:
Homepage: http://www.winehq.org/
Taken from the Wine Homepage: “Wine is an Open Source implementation of the Windows API on top of X, OpenGL, and Unix”.
With wine you can run a lot of Windows software on Linux. A list of software that is known to work on wine can be found on http://appdb.winehq.org/.
If you want to use wine, install the following package:
Homepage: http://www.vmware.com/products/server/
With VMware Server you can install guest operating systems as Windows, Linux, NetWare or Solaris.
If you want to use the VMware-Server, install the following packages:
Afterwards open http://www.vmware.com/download/server/ within your browser. Install the latest version with the software-installer and register to get a serial number.
Install it with the software installer.
Next configure the VMware Server (root privileges needed).
vmware-config.pl
Answer all the questions with “yes” and accept the license agreement (if you agree with it). After that you’ll be asked a few questions about install paths etc. - simply hit enter for every question. The VMware Server is now available in the gnome applications menu.
CentOS: http://www.centos.org/
CentOS Wiki: http://wiki.centos.org/
More Options ...
Categories
Tag Cloud
Blog RSS
Comments RSS
Void « Default
Life 
Earth 
Wind 
Water 
Fire Light
Previous Entries
Last 50 Posts
Back