how to install Fedora 10

how to install Fedora 10

Postby stephen » Fri Dec 05, 2008 8:26 pm

Start with this web site:
The Perfect Server - Fedora 10
http://www.howtoforge.com/perfect-server-fedora-10

Some handy networking commands

Display ip address
Code: Select all
ifconfig

now to check if the installer got your IP address right. If it did not, restart the NetworkManager...
Code: Select all
/etc/init.d/NetworkManager restart

... and if that still doesn't help, reboot the system:
Code: Select all
reboot

If the IP address is still not correct, run
Code: Select all
system-config-network


Check /etc/hosts

Code: Select all
vi /etc/hosts


Check the firewall
Code: Select all
system-config-firewall


Allow pop3 access
Code: Select all
/sbin/iptables -I INPUT -p tcp --destination-port 25 -j ACCEPT

Allow ftp access
Code: Select all
/sbin/iptables -I INPUT -p tcp --destination-port 21 -j ACCEPT

Allow httpd access
Code: Select all
/sbin/iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT

Save the changes
Code: Select all
/sbin/iptables-save > /etc/sysconfig/iptables


To see the status of the firewall
Code: Select all
iptables -L


Code: Select all
/sbin/iptables -I INPUT -p tcp --destination-port 25 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --destination-port 21 -j ACCEPT
/sbin/iptables -I INPUT -p tcp --destination-port 80 -j ACCEPT
/sbin/iptables-save > /etc/sysconfig/iptables
iptables -L



Check SELINUX
Code: Select all
vi /etc/selinux/config

to disable change
Code: Select all
SELINUX=disabled


Install some software using YUM

Install Some Software

Next we update our existing packages on the system:

To view all the packages needing updates
Code: Select all
yum update


Code: Select all
yum install fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils ncftp gcc gcc-c++


Install mySQL
Code: Select all
yum install mysql mysql-devel mysql-server

add mysql into the system startup
Code: Select all
chkconfig --levels 235 mysqld on /etc/init.d/mysqld start


When mysql starts for the first time you are given hints to set a root password as shown below
Code: Select all
 
[root@localhost etc]# /sbin/service mysqld start
Initializing MySQL database:  Installing MySQL system tables...
081214  6:44:54 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
081214  6:44:54 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
OK
Filling help tables...
081214  6:44:55 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
081214  6:44:55 [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted to 4294967295
OK

To start mysqld at boot time you have to copy
support-files/mysql.server to the right place for your system

PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER !
To do so, start the server, then issue the following commands:
/usr/bin/mysqladmin -u root password 'new-password'
/usr/bin/mysqladmin -u root -h localhost.localdomain password 'new-password'

Alternatively you can run:
/usr/bin/mysql_secure_installation

which will also give you the option of removing the test
databases and anonymous user created by default.  This is
strongly recommended for production servers.

See the manual for more instructions.

You can start the MySQL daemon with:
cd /usr ; /usr/bin/mysqld_safe &

You can test the MySQL daemon with mysql-test-run.pl
cd mysql-test ; perl mysql-test-run.pl

Please report any problems with the /usr/bin/mysqlbug script!

The latest information about MySQL is available on the web at
http://www.mysql.com
Support MySQL by buying support/licenses at http://shop.mysql.com


If you are using embedded objects in your tables you may need to increase the max_allowed_packet field
found in /etc/my.ini

Code: Select all
[mysqld]
max_allowed_packet=16M


Install a ftp server vsftpd
Code: Select all
yum install vsftpd

edit the vsftpd config file
Code: Select all
vi /etc/vsftpd/vsftpd.conf

Allow vsftpd to be started automatically
Code: Select all
 chkconfig --levels 235 vsftpd on /etc/init.d/vsftpd start


to allow ftp to write files with SELINUX
Code: Select all
setsebool -P ftp_home_dir 1


Install postfix and dovecot
Code: Select all
yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain postfix dovecot

Now we configure SMTP-AUTH and TLS:
Code: Select all
postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mynetworks = 127.0.0.0/8'

Code: Select all
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Next we configure Postfix for TLS:

Code: Select all
postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

Then we set the hostname in our Postfix installation (make sure you replace server1.example.com with your own hostname):

Code: Select all
postconf -e 'myhostname = server1.example.com'



If this server is the destination for your domain
Code: Select all
postconf -e 'mydestination = $myhostname, localhost.$mydomain, localhost, [b]$mydomain[/b]'


Starting Dovecote you may see this message
Starting Dovecot Imap: Info: If you have trouble with authentication failures,
enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork


Apache2 With PHP, Ruby, Python
Code: Select all
yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-magickwand php-magpierss php-mapserver php-mbstring php-mcrypt php-mhash php-mssql php-shout php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel


Move or Migrate Users and Groups from old server
http://www.cyberciti.biz/faq/howto-move-migrate-user-accounts-old-to-new-server/

Install Samba
Code: Select all
yum install samba


Allow samba to be started automatically
Code: Select all
chkconfig --levels 235 smb on /etc/init.d/smb start


Install ASSP Anti-Spam SMTP Proxy
http://assp.sourceforge.net/

modify the /etc/postfix/master.cf
so that the smtp protocol is just looking at localhost
Code: Select all
localhost:smtp      inet  n       -       n       -       -       smtpd

Then run
Code: Select all
postfix reload
to apply the changes in the master.cf

ASSP is configured to look for the smtp on the external ip address
in assp.cfg ensure the SMTP Destination is pointing to the localhost:25
and the listen port is set to the external address port 25
Code: Select all
smtpDestination:=127.0.0.1:25
listenPort:=10.10.10.183:25


Inorder to use ssl with assp we will use stunnel to handle the ssl

install stunnel
Code: Select all
yum install stunnel

we will use stunnel to map the pop3s and smtps ports onto the external ip address of the server.

vi /etc/stunnel/stunnel.conf
Code: Select all
cert = /etc/postfix/ssl/smtpd.crt
key = /etc/postfix/ssl/smtpd.key
debug = local4.5
output = /var/log/stunnel.log

[imaps]
accept = 993
connect = 143

[IMAP4-SSL]
accept = 585
connect = 143

[pop3s]
accept = 995
connect = 10.10.10.183:110

[smtps]
accept = 465
connect = 10.10.10.183:25



Now tell dovecot to only listen on the pop3 port
Code: Select all
protocols = imap pop3
stephen
 
Posts: 507
Joined: Thu Feb 09, 2006 9:37 am
Location: Brisbane

Return to Linux Server Configuration Notes

Who is online

Users browsing this forum: No registered users and 2 guests

cron