Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora Resources > Guides & Solutions (No Questions)
FedoraForum Search

Forgot Password? Join Us!

Guides & Solutions (No Questions) Post your guides here (No links to Blogs accepted). You can also append your comments/questions to a guide, but don't start a new thread to ask a question. Use another forum for that.

Closed Thread
 
Thread Tools Search this Thread Display Modes
  #1  
Old 27th July 2005, 01:52 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post HowTo Guide w/PDF: Setup a Home / Office Server with Fedora Core 4 (Stenze) 2005

UPDATED w/ PDF

Current Revision Date: FRIDAY, JUNE 16, 2006
HowTo: Setup a Home / Office Server with local (LAN) FTP, HTTP and MySQL using FEDORA CORE 4 (Stenze) 2005/2006

For many months I have tried to setup a simple, yet fun and productive home server that resides behind a firewall (d-link 514 b router) using FC4 and a FRESH INSTALL. Reading many snippets of howtos, from various websites, not only got me confused; but I got ticked off a lot when I was almost done setting up the box… then it didn’t work.

This HowTo, will (hopefully) guide you on setting up a successful little server with a localized LAN FTP for the Web Administrator (you), a MySQL database, a working HTTP Web Server and to add to that… A nice GUI for MySQL (phpMyAdmin) and lets not forget the email part… (Outgoing only) through an authenticated smtp server using Postfix 2.2.2 and your ISP Provider.

Server Setup Summary:
- FTP Server for web-admin to upload web content on LAN (external FTP optional)
- A SECURED MySQL Database for “stuff”…
- GUI Interface (phpMyAdmin) for MySQL.
- DynDNS.org Auto-updater with caching (running as a system daemon)
- Email MTA using Authentication (Postfix) for OUTGOING emails ONLY.

Time Required: (depending on the hardware) 2 hours or less..
Our OS: Fedora Core 4 (Stenze Release) 2005
Our Updater: YUM
What You Need: Old Hardware, working Internet on a LAN…

(EIGHT (8) Steps.... Posted in 8 Replies detailing each section)
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 03:15 PM. Reason: Updating guide, detailing steps for easier setups.
  #2  
Old 27th July 2005, 01:55 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 1 – Building the foundation of Fedora Core 4

.
Current Revision Date: FRIDAY, JUNE 16, 2006
------------=== STEP 1 – Building the foundation of Fedora Core 4 ===---------------

Prepare a box (compatible hardware), any box that runs Linux will do!
(I’m using an old Dell PIII 400w/ 512mb ram and 20gig HHD)

- Fresh Install of FC4 Using TEXT (You can use the X GUI too, if you do, just install MINIMAL Option).
- Installation Type: SERVER
- Select “Auto Partition”
- Select “Remove ALL Partitions on this system”
- Are you sure? Select YES…Yu bet!
- Review partition(s) and proceed with OK
- Use a Grub Loader (defaults are ok, no special options, no password)
- Select “Bootloader will be on the MBR”
- Configure ETH0 with DHCP or Static IP and activate on boot. (If assigning an IP, ensure you include your gateway and your ISP DNS IP's - you can go to "www.coolwhois.com" to find your ISP DNS Server Information).
- (optional) Configure HOSTNAME Manually
(example: guardian.homeserver.net – IE: guardian is the server name, followed by a period, then my dns name from DynDNS.org).
- (optional) Configure FIREWALL. (You can choose the SSH, WEB, MAIL, FTP etc.. but I chose NOT to make a firewall as this is behind my cheap Di-514 G Firewall/Router)
- Select “PROCEED” if no firewall is to be configured.
- Ensure you Select “DISABLE SeLINUX”
- Select / Set your Time Zone
- Configure / Set a password for System "ROOT" user.

FC4 Will now begin the installation process and prepare you for selecting packages

- Package Group selection screen now is present… ONLY SELECT the following for our server.. DE-SELECT All Others that may be selected by default!!

Our selection for our server if using TEXT INSTALL:
[x] EDITORS (vi only)
[x] DEVELOPMENT TOOLS (all)
[x] LEGACY SOFTWARE DEVELOPMENT (all)

Our selection for our server if using default GUI INSTALL:
[x] Scroll to bottom of list and only select MINIMAL

Question: Why not X, MySQL, mail daemon etc???
Answer: We don’t need yet… we will do this later on manually with YUM.

- Required CD’s : (Disc 1) Select CONTINUE (apx 687mb to install)
- Plug in a LAN Cable from your Linux Box to your ROUTER.
- Assign or configure an IP for your Linux Box on your router if desired.

I statically assigned mine on my Di-514 and created a Virtual Server List for ports 80, 25,110 and 21, using the Linux Box IP Address (not the defaults on the router) LINK: (http://support.dlink.com)). Since this howto is for a server, I trust you know how to setup your Router and I'll continue on....

- Reboot Linux Box

RECAP …
We configured an old box with FC4, installing only EDITORS, DEVELOPMENT TOOLS, LEGACY SOFTWARE DEVELOPMENT (In TEXT Mode, or MINIMAL in GUI MODE) as our package groups..
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:40 PM. Reason: Updating and revising steps
  #3  
Old 27th July 2005, 01:55 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 2 - Our Server Packages

Current Revision Date: FRIDAY, JUNE 16, 2006
------------=========== STEP 2 Our Server Packages ==========---------------

Working remotely with PUTTY on any LAN based machine within your network to complete our Fedora Core 4 Home Server. (All remaining setups will be done via command line)..

Once the system has rebooted, assigned an IP and you are on the login screen, safely place your CD’s away and hop on a windows box and launch PUTTY. Type in your IP of the Linux Box, accept the SSH Key prompt, and LOGIN with ROOT. We are now READY to configure our Home Server..

“I am at the root prompt..” you say,.. lets roll!

Import all the RPM Keys for our packages…
- Issue the following command: > rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*

Some Package Maintenance… Update current rpms, and dump printing (we don’t need)
- Issue the following command: > yum remove cups
- Issue the following command: > yum update

Install ALL our well needed SERVER Packages…
(Yum will include any dependencies and some perl)
- Issue the following command: > yum install mysql mysql-* postfix* php-mysql netpbm-* gd-* ImageMagick* php-gd php-mbstring system-switch-mail vsftpd* httpd*
- When packages are done downloading, type "Y" and hit enter to begin the installations.

Change to our Root Home Dir for manual RPMs we need… and install them…
- Issue the following command: > cd /home

Download the DDCLIENT for FC4 (our DynDNS Updater Daemon) with wget.
DDclient is a small but full featured client requiring only Perl and no additional modules. It runs under most UNIX OSes and has been tested under GNU/Linux and FreeBSD. Supported features include: operating as a daemon, manual and automatic updates, static and dynamic updates, optimized updates for multiple addresses, MX, wildcards, abuse avoidance, retrying failed updates, and sending update status to syslog and through e-mail.

Website: http://ddclient.sourceforge.net/
License: GPL

- Issue the following command: > rpm –Uvh ddclient-3.x.x-x.x.fc4.fr.noarch.rpm
- Issue the following command: > reboot -n (To ensure all new/updated packages will be used).

Summary of what we have:
- Fresh Installed FC4, updated with all needed server packages for FTPd, MySQLd, HTTPd etc,
- Ready to copy original configuration files for our services and add some security..
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:42 PM. Reason: Updating and verifying steps
  #4  
Old 27th July 2005, 01:57 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 3 - Configuring MySQLd

.
Current Revision Date: FRIDAY, JUNE 16, 2006

------------=========== STEP 3 - Configuring MySQL ==========---------------

Now that we have all the needed packages, let’s customize our server's DB! We must copy the default configuration files for safe keeping. Keep in mind, if you have configured Up2date (if you use) or YUM to overwrite any rpms with custom configurations files.. Back them up before updating or all is lost!!

Using Putty, login to your Linux Server with Root.

WARNING! Backup current MySQL Database Directory and MySQL User Information..
This thread is supplied as a Security How-To and to be conducted by experienced users.

The Intro..
MySQL is one of the most popular databases on the Internet and it is often used in conjunction with PHP. Besides its undoubted advantages such as easy of use and relatively high performance, MySQL offers simple but very effective security mechanisms. Unfortunately, the default installation of MySQL, and in particular the empty root password and the potential vulnerability to buffer overflow attacks, makes the database an easy target for attacks.

This article describes the basic steps which should be performed in order to secure a MySQL database against both local and remote attacks.

Start the MYSQLD Daemon to create the tables and Database setup.
- Issue the following command: > service mysqld start (to start the daemon).

Once MySQL has created its default tables and users, the following mysql commands will need to be issued to complete the securing of our daemon.

Copy and edit a new configuration file
We must copy the default configuration file for safe keeping.
- Issue the following command: > cp -rf /etc/my.cnf /etc/my.cnf.original
- Issue the following command: > vi /etc/my.cnf

Launch MYSQL to start editing the Database.
- To start the daemon type “mysql”.

Once MySQL has created its default tables and users, the following mysql commands will need to be issued to complete the securing of our daemon. Let's EDIT our MY.CNF file.

Disable remote access
The first change applies to the 3306/tcp port, on which MySQL listens by default. Because, according to the initial assumptions, the database will be used only by locally installed PHP applications, we can freely disable listening on that port. This will limit possibilities of attacking the MySQL database by direct TCP/IP connections from other hosts. Local communication will be still possible throw the mysql.sock socket. In order to disable listening on the mentioned port, the following parameter (skip-networking) should be added to the [mysqld] section of /mysql/etc/my.cnf:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
skip-locking
skip-networking


Improve local security
The next change is to disable the use of LOAD DATA LOCAL INFILE command, which will help to prevent against unauthorized reading from local files. This matters especially when new SQL Injection vulnerabilities in PHP applications are found. For that purpose, the following parameter (set-variable=local-infile=0) should be added in the [mysqld] section in /mysql/etc/my.cnf:

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
skip-locking
skip-networking
set-variable=local-infile=0


[esc]: wq to save your new configuration “my.cnf” file

MySQL Database Security & Administration
One of the most important steps in securing MySQL is changing the database administrator's password, which is empty by default. In order to perform that, we should run MySQL by typing "MYSQL" at the root prompt (if it is not already running): and change the administrator's password as follows:

At the “mysql>” command prompt, type the following for:

Change admin password
mysql> SET PASSWORD FOR root@localhost=PASSWORD('enter_new_password_here') ;

It is good practice not to change passwords from the command line, for example, by using the "mysqladmin password" command. This is especially important when other users work on the server. In that case the password could be easily revealed, e.g. by using the "ps aux" command or reviewing history files (~/.history, ~/.bash_history etc), when improper access rights are set to them.

Remove default users/db
Next, we must remove the sample database (test) and all test user accounts except the local mysql root account (not associated with the Fedora root user account):

mysql> drop database test;
mysql> use mysql;
mysql> delete from db;
mysql> delete from user where not (host="localhost" and user="root");
mysql> flush privileges;


This will prevent the database from establishing anonymous connections and -- irrespective of the skip-networking parameter in /mysql/etc/my.cnf -- remote connections as well.

Change the default “admin” name
It is also recommended to change the default name of administrator's account root (this is NOT associated with Fedora root user!), to a different, harder to guess one. Such a change will make it difficult to perform brute-force and dictionary attacks on the administrator's password. In this case the intruder will have to guess not only the password, but first and foremost, the name of the administrator's account.

mysql> update user set user="change_to_newname_here" where user="root";
mysql> flush privileges;


Once you're done you can end mysql client by typing quit or exit at the mysql> prompt.

mysql> exit

Remove history
Finally, we should also remove the content of the MySQL history file (~/.mysql_history), in which all executed SQL commands are being stored (especially passwords, which are stored as plain text): Issue this command from your Fedora root prompt.

- Issue the following command: > cat /dev/null > ~/.mysql_history

You now have a secured MySQL database..

FAQ's
Q) How do I start the local MySQL Client now?
A) Issue the following command: mysql -h localhost -u YOUR-MYSQLD-NEWUSER-NAME -p mysql.
(This will run the MySQL Client with the new username you provided and prompt you for the password).

Example:
>mysql -h localhost -u my.new.name.I.created -p
Enter password: xxxxxxxxxxxx
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4 to server version: 4.0.18-nt
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql>

My Sample MY.CNF File:
# Example mysql config file for small systems.
##################################################
# This is for a system with little memory (<= 64M) where MySQL is only used #
# from time to time and it's important that the mysqld deamon
# doesn't use much resources.
#
# You can copy this file to
# /etc/my.cnf to set global options,
# mysql-data-dir/my.cnf to set server-specific options (in this
# installation this directory is /usr/local/mysql/var) or
# ~/.my.cnf to set user-specific options.
#
# One can in this file use all long options that the program supports.
# If you want to know which options a program support, run the program
# with --help option. #
##################################################

# The following options will be passed to all MySQL clients

[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).

old_passwords=1
skip-locking
# Do not add following line if you want to use MySQL Administrator or access DB remotely
skip-networking
######################Optional database settings
# set-variable=local-infile=0
# set-variable = key_buffer=128K
# set-variable = max_allowed_packet=1M
# set-variable = thread_stack=64K
# set-variable = table_cache=4
# set-variable = sort_buffer=64K
# set-variable = net_buffer_length=2K
# server-id = 1
skip-bdb
skip-innodb

[mysql.server]
user=mysql
basedir=/var/lib

[mysqld_safe]
err-log=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

## Optionals
[isamchk]
set-variable = key_buffer=8M
set-variable = sort_buffer=8M

[myisamchk]
set-variable = key_buffer=8M
set-variable = sort_buffer=8M

[myisamchk]
set-variable = key_buffer=8M
set-variable = sort_buffer=8M
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:53 PM. Reason: spelling
  #5  
Old 27th July 2005, 01:58 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 4 Configuring VSFTPd

.
Current Revision Date: FRIDAY, JUNE 16, 2006

------------=========== STEP 4 Configuring VSFTPd ==========---------------

[VSFTPd Server]
vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast. It is stable. Don't take my word for it, though. This demonstrates vsftpd is a mature and trusted solution.

Features: Despite being small for purposes of speed and security, many more complicated FTP setups are achievable with vsftpd! By no means an exclusive list, vsftpd will handle:

* Virtual IP configurations
* Virtual users
* Standalone or inetd operation
* Powerful per-user configurability
* Bandwidth throttling
* Per-source-IP configurability
* Per-source-IP limits
* IPv6
* Encryption support through SSL integration
* And many more!!

Now to configure VSFTPd we edit the /etc/vsftpd/vsftpd.conf. I suggest that you read all the documentation (man vsftpd.conf), then use this sample code as a guideline. Still, here's a configuration file that allows local users and disallows anonymous access (that means you must enter a password):

- Issue the command: > cp –rf /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf.original
- Issue the command: > vi /etc/vsftpd/vsftpd.conf


Edit the following lines in this configuration file:

Located the following line:
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=YES

Change to:
# Allow anonymous FTP? (Beware - allowed by default if you comment this out).
anonymous_enable=NO

Locate the following line:
# chroot_list_file=/etc/vsftpd/chroot_list

Add the following line below it:
chroot_local_user=YES

- Issue the command: > [esc] Shift :wq (to write file, quit vi editor)
- Issue the command: > chkconfig --level 2345 vsftpd on
- Issue the command: > service vsftpd start
- Issue the command: > useradd USER1 (create a general local FTP user)
- Issue the command: > passwd USER1 (create a password for that local user)
- Issue the following command: > clear


Access your LAN Linux Server with an FTP Client and login with your FTP User, it will automatically send the user to his/her home directory. Ex: Linux Server /home/Username/
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:54 PM. Reason: Updating Info
  #6  
Old 27th July 2005, 02:00 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 5 Configuring HTTPd

.
Current Revision Date: FRIDAY, JUNE 16, 2006

------------====== STEP 5 Configuring HTTPd ====---------------

[HTTPd Service]
The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards. Apache has been the most popular web server on the Internet since April of 1996. The February 2005 Netcraft Web Server Survey found that more than 68% of the web sites on the Internet are using Apache, thus making it more widely used than all other web servers combined. The Apache HTTP Server is a project of the Apache Software Foundation.
- Issue the command: > cp –rf /etc/httpd/conf/httpd.conf etc/httpd/conf/httpd.conf.original
- Issue the command: > vi /etc/httpd/conf/httpd.conf


Locate the following lines and edit to suite your email and DynDns site name:
- ServerAdmin me@this-address.yep
- ServerName www.mycoolsite.com:80
- UseCanonicalName On


Locate the following lines and edit, add Index.php and Index.htm
- DirectoryIndex index.html index.htm index.php index.html.var

Locate the following and edit:
- AllowOverride All
- ServerSignature Email


Done Editing:
- Issue the command: > [esc] Shift :wq (to write file, quit vi editor)

HTTPd Server is now ready with our information:
- Issue the command: > chkconfig --level 2345 httpd on
- Issue the command: > service httpd start
- Issue the following command: > clear
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:54 PM. Reason: added title
  #7  
Old 27th July 2005, 02:01 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 6 Configuring phpMyAdmin GUI

------------====== STEP 6 Configuring phpMyAdmin GUI ====---------------

[phpMyAdmin]
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields.

- Issue the following command: > cd /var/www/html
- Issue the following command: > wget http://easynews.dl.sourceforge.net/sourceforge/phpmyadmin/phpMyAdmin-2.6.3-pl1.tar.gz
- Issue the following command: > tar –zxvf phpMyAdmin-2.6.3-pl1.tar.gz
- Issue the following command: > mv –f phpMyAdmin-2.6.3-pl1 phpMyAdmin
- Issue the following command: > chown –R root:root phpMyAdmin
- Issue the following command: > cd phpMyAdmin/
- Issue the following command: > touch .htaccess
- Issue the following command: > cd ..
- Issue the following command: > cp –rf /var/www/html/phpMyAdmin/config.inc.php /var/www/html/phpMyAdmin/config.ini.php.original
- Issue the following command: > vi /var/www/html/phpMyAdmin/config.inc.php


Edit the following and make sure you edit the section shown to match your NEW MySQL User and Password you created in STEP 3

Locate the following lines and edit:

- $cfg['PmaAbsoluteUri_DisableWarning'] = TRUE;
- $cfg['Servers'][$i]['user'] = 'your_NEW_mysql_username';
- $cfg['Servers'][$i]['password'] = 'the_password_for_new_user';
- Issue the command: > [esc] Shift :wq (to write file, quit vi editor)


You now can access your MySQL from any browser from your LAN and WAN, point your browser to https://your-URL-or-DNSName/phpMyAdmin/

- BUT It’s not secured.. anyone can now access it! Lets SECURE it now
- Issue the following command: > clear
- Issue the following command: > cd (so we can start from the root dir and not get lost)
- Issue the following command: > mkdir /var/www/security
- Issue the following command: > touch /var/www/security
- Issue the following command: > vi /var/www/html/phpMyAdmin/.htaccess


Copy the following into the .htaccess file:

AuthUserFile /var/www/security/.htpasswd
AuthGroupFile /www.null
AuthName "Authorization is Required"
AuthType Basic

<Limit GET POST>
require user phpMyAdmin
(choose a name to use for phpMyAdmin dir in html – I used “phpMyAdmin”)
</Limit>

- Issue the command: > [esc] Shift :wq (to write file, quit vi editor)

Here, you see the following directives:
* AuthUserFile is the path to the password file I'll create momentarily.
* AuthGroupFile is the path to the group password file.
* AuthName creates what is referred to as a realm of protection, which allows users, once successfully logged on, to access any area defined by the same realm.
* AuthType is the type of authorization; this should be set to Basic.
* Within the <Limit> tags, you will define who is allowed access to this particular directory.

Set .htaccess passwords: To finish the .htaccess setup, you must create a password for the user with the htpasswd command. This command will create the password for the specified user and create the necessary password file (as configured in the AuthUserFile directive above).

- Issue the following command: > htpasswd -c /var/www/security/.htpasswd phpMyAdmin
- Enter the users password..


The syntax of this command is htpasswd password_file_name user. In this case, you're not only creating the user password, but you're also creating the password file in the security directory we created in /var/www/ , so you need to add the -c (create) flag. To add a user for other directories… drop the –c flag and change the username at the end.

You now can access your MySQL from any browser from your LAN and WAN, point your browser to https://your-URL-or-DNSName/phpMyAdmin/ with SECURITY in mind, only you can access this dir.
Cool huh! (http://uk.builder.com/architecture/web/0,39026570,20274925,00.htm)
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 27th July 2005 at 02:12 AM.
  #8  
Old 27th July 2005, 02:01 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post Step 7 DDCLIENT for DynDNS.org

.
Current Revision Date: FRIDAY, JUNE 16, 2006

------------====== STEP 7 DDCLIENT for http://www.dyndns.org ====---------------

What can I say here? If you would like a cool, easy and very reliable FREE DNS, choose DynDNS!

- Issue the following command: > cp -rf /etc/ddclient/ddclient.conf /etc/ddclient/ddclient.config.original
- Issue the following command: > rm -rf /etc/ddclient/ddclient.conf
- Issue the following command: > vi /etc/ddclient/ddclient.conf


Copy the following to the new configuration file, and edit your DynDNS.org Username, Password and web address:

################################################## ####################
daemon=3600 # check ip every hour via checkip.dyndns.org, cache it, update if needed
syslog=yes # log update msgs to syslog
mail=root # mail all msgs to root
mail-failure=root # mail failed update msgs to root
pid=/var/run/ddclient.pid # record PID in file.
use=web # via web
#
protocol=dyndns2 # default protocol
#proxy=fasthttp.sympatico.ca:80 # default dyn server proxy
server=members.dyndns.org # default dyn server
#server=members.dyndns.org:8245 # default server (bypassing proxies)
login=your-login # default login on dyndns.org
password=yourpassword # default password on dyndns.org
#mx=mx.for.your.host # default MX
backupmx=no # host is primary MX?
wildcard=yes # add wildcard CNAME?
##
## dyndns.org dynamic addresses
mycoolsite.net


- Issue the following command: > [esc] shift :wq (to write the file and exit VI)
- Issue the following command: > clear
- Issue the following command: > /usr/sbin/ddclient -daemon=0 -debug -verbose -noquiet
- Issue the following command: > chkconfig --level 2345 ddclient on
- Issue the following command: > service ddclient restart
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:57 PM. Reason: Updating content
  #9  
Old 27th July 2005, 02:21 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post STEP 8 POSTFIX Configuration (Sendmail Optional)

.
Current Revision Date: FRIDAY, JUNE 16, 2006

------------====== STEP 8 Configuring POSTFIX MTA ====---------------

Configuring Postfix (OUTGOING Only)

[Postfix MTA]

What is Postfix? It is Wietse Venema's mailer that started life as an alternative to the widely-used Sendmail program. Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.

Remember we installed SYSTEM-SWITCH-MAIL with Yum at the beginning… it’s a cool little tool to switch MTAs on the fly! Fedora comes with RPMs for both Sendmail and Postfix. The default configuration is to use Sendmail in a mode where your system does not listen to any other system. This setup is fine for simple usage, such as sending locally initiated cron job output to a different system. Many users, myself included, prefer Postfix as a Mail Transfer Agent (MTA) when a system is accepting mail, especially when they have a complex system that supports multiple virtual systems, more than one list manager, address munging and filtration, and the like.

- Issue the command: > /usr/sbin/system-switch-mail-nox
- Select Postfix, then select OK


When you run the system-switch-mail[-nox] command (text based GUI, since there’s no X installed), you will see a self-explanatory selection dialog. Only allows you to switch between postfix, sendmail and exim, if installed, and select an MTA that you wish to use. Ours will be Postfix.

- Issue the command: > cp –rf /etc/postfix/main.cf /etc/postfix/main.cf.original
- Issue the command: > touch /etc/postfix/sasl_passwd
- Issue the command: > vi /etc/postfix/main.cf


“insert” the following to the END of our document:

# needed for rogers yaho sasl
smtp_sasl_auth_enable = yes
# leaving blank, indicates plain text.. which we need
smtp_sasl_security_options =
# location of your sasl_paswd file
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# rogers/yahoo smtp server and port
relayhost = [smtp.broadband.rogers.com]:587


- Issue the command: > [esc] Shift :wq (to write file, quit vi editor)
- Issue the command: > vi /etc/postfix/sasl_passwd


“insert” the following:
smtp-rog.mail.yahoo2.akadns.net email_address@rogers.com:my_password

- Issue the following command: > [esc] shift :wq (to write the file and exit VI)

After modifying sasl_passwd, run the following to build the sasl_passwd db
- Issue the command: > postmap /etc/postfix/sasl_passwd
- Issue the command: > chkconfig --level 2345 postfix on
- Issue the command: > service postfix start
- Issue the following command: > clear


If your machine is relaying successfully you should see similar entries in your mail logs..

Jul 1 04:19:22 tb303 postfix/smtp[30683]: 5C25D6B639: to=<XXX@myblackberry.com>, orig_to=<XXX@housejunkie.ca>, relay=smtp-rog.mail.yahoo2.akadns.net[206.190.36.18], delay=1, status=sent (250 ok 1120209643 qp 56045)



YOU ARE DONE!! Reboot your Linux Box, and start enjoying a clean simple server 
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."

Last edited by SharedMedia; 16th June 2006 at 02:59 PM. Reason: Updating Content
  #10  
Old 27th July 2005, 07:13 PM
txz Offline
Registered User
 
Join Date: Nov 2004
Posts: 2
You might also want to enable all these new services to load on boot. Just type "setup" at the command prompt and go into System Services. Then check that httpd, mysqld, and vsftpd all have (*) beside their names.
  #11  
Old 27th July 2005, 08:53 PM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Thumbs up

Quote:
Originally Posted by txz
You might also want to enable all these new services to load on boot. Just type "setup" at the command prompt and go into System Services. Then check that httpd, mysqld, and vsftpd all have (*) beside their names.
The command : > chkconfig --level 2345 "daemon of choice" on will take care of that, but if you must review all startup daemons..

Issue the following command: > ntsysv This will open a textbased GUI for you to select all current daemons..
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."
  #12  
Old 29th July 2005, 02:31 PM
agenol Offline
Registered User
 
Join Date: Jun 2005
Location: Puerto Rico!!!
Age: 45
Posts: 120
Hi SharedMedia,

Your Configuring MySQLd guide is something I've been looking for. The Configuring VSFTPd is great also (pitty I learned the hard way).

I have a small network at home. It doesnt have any connection to the Net.

Do you know how to setup a dns server for a small (192.168.125.X) network? I'm clueless on this.

Thanks

Agenol
  #13  
Old 2nd August 2005, 12:22 AM
SharedMedia Offline
Registered User
 
Join Date: Nov 2004
Location: Ontario Canada
Age: 42
Posts: 85
Post dns donuts...

Hello,

Unfortunately DNS (Bind, caching nameserver,etc) is not within my talent of how to's, WEBMIN (google it) will help configuring it, Also, try http://simplythebest.net/info/server...iguration.html

If I find a great FC4 howto, I'll post it
__________________
Shared Media
Linux Redhat OpenSource Contributor
" Have you hugged a Penguin today.."
  #14  
Old 2nd August 2005, 12:33 AM
kosmosik Offline
Registered User
 
Join Date: Apr 2004
Location: Warsaw, Poland
Age: 33
Posts: 1,085
just don't use FTP - use SFTP/SCP instead... man FTP is so 20th century based... :P
  #15  
Old 8th August 2005, 01:46 PM
python2k5 Offline
Registered User
 
Join Date: Aug 2005
Posts: 18
When issuing the 'yum remove cups*'

It wanted to remove about 59 Dependencies.... Why is that?
__________________
:) Python :)
Closed Thread

Tags
fc4, ftp, home, howto, http, mysql, server, setup

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Howto setup Sendmail on a local (home) network ianh1968 Servers & Networking 5 29th June 2009 11:26 AM
Linux Home Server HOWTO Butt-Ugly Links 83 31st December 2006 06:57 AM
How To Setup up an HTTP Install Server jimbou Installation, Upgrades and Live Media 3 2nd November 2006 03:55 AM
How to setup a http server(web server) tumelo_lathane Servers & Networking 2 3rd October 2006 01:05 PM
setup http.conf for home server: subdomains bubazoo Servers & Networking 7 12th January 2005 06:39 PM


Current GMT-time: 01:04 (Thursday, 28-08-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat