Linux setup

 

Linux setup. 1

Set up. 2

1.     Set BIOS so you can boot from CD and do so.  During install process, make sure you. 2

2.     Fix the mouse. 2

3.     Manually mount and unmount your CD-ROMs from a shell prompt. Insert a CD into your CD-ROM drive, open a shell prompt and type the following command: 2

4.     Install linuxconf from Disk 2. 3

5.     Change startup services. 3

Network. 4

6.     Install the DSL modem, NetGear (not SMC!) card, and gateway. 4

7.     Set up a Windows machine. 4

8.     Upgrade gateway firmware. 7

9.     Configure gateway. 7

10.      Configure network on the Linux machine. 9

11.      Optional: Configure (non-DSL, 56K) modem. 12

Backup. 12

12.      Configure the tape drive. 12

13.      Amanda. 13

14.      Tapeware. 13

15.      Install X-CD-Roast. 13

Web. 14

16.      Install apache: 14

17.      Start httpd service. 14

18.      See if you can see the Linux home page from the Windows machine. 15

19.      Expose ports 21, 25 80, 110 (and maybe 8080 if you plan to use Tomcat). 15

20.      Install ant (required to install Tomcat) 16

21.      Install tomcat 16

22.      Start Tomcat 16

23.      Install from /home/Moschak/Backup/JDK/ 16

24.      Install php from Disk 2: 16

25.      Change permissions of /var/www to allow all people write access. 16

26.      Install Jbuilder 16

27.      Port mapping tool 16

28.      change the path permanently. 17

29.      Set up separate domains. 17

30.      Go to ZoneEdit 17

Database. 17

31.      Install MySQL from Disk 2: 17

32.      Install Star Office. 18

33.      UnixODBC.. 18

34.      phpMyAdmin. 18

Shopping Carts. 18

35.      Freetrade. 18

36.      Install Interchange. 19

FTP. 19

37.      Configure FTP. 19

38.      Restrict user’s FTP directory. 19

Mail 20

39.      Sendmail 20

GPG.. 22

40.      Gpg. 22

 

 

Set up

 

1.     Set BIOS so you can boot from CD and do so.  During install process, make sure you

·        uncheck the box that says start with graphical interface

·        choose KDE, not Gnome

·        set up at least one regular id other than “root”

 

Do the following using the “root” id.

 

2.     Fix the mouse

After first boot up, at the command line, type in “setup” and try to fix the mouse.  You might have to delete or rename /etc/sysconfig/mouse and try again.  Once it’s fixed, startx.

 

3.     Manually mount your CD-ROMs

http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/getting-started-guide/s1-disks-cdrom.html

Insert a CD into your CD-ROM drive, open a shell prompt and type the following command:

mount /mnt/cdrom

The CD-ROM should now be mounted and available for use with your file manager. If you are using KDE, you can access your CD-ROM by clicking the icon on the desktop and typing /mnt/cdrom in the location bar. Figure 4-6 shows the contents of a CD-ROM displayed in the Konqueror file manager.

Figure 4-6. Contents of a CD-ROM in Konqueror

After working with your CD, you must unmount it before you eject it from your CD-ROM drive. Close any applications or file managers that are using the CD-ROM and type the following at a shell prompt:

umount /mnt/cdrom

You can now safely press the eject button on your CD-ROM drive to retrieve your CD.

 

4.     Install linuxconf from Disk 2 no longer in RH 7.3!

 

5.     Change startup services.

From a shell prompt, type “ntsysv”.  Alternatively, run linuxconf, go to Control/Control panel/Control service activity.  You’re going to enable some services and disable others.

Enable now

·        amanda – tape

·        amandaidx – tape

·        httpd – Apache web server

·        ipop3 – lets remote users get to server mail – no longer in RH 7.3!

·        nfs – needed to mount dissimilar directories to a user’s home directory

You likely won’t see the choices below yet.  Once they’ve shown up as available choices after the appropriate packages have been installed, enable them.

·        mysqld –wait ‘til you install MySQL

·        wu-ftp – ftp, wait ‘til you install wu-ftp

Disable

·        isdn

·        lpd – printers

Restart to have these take effect.

 

Network

 

6.     Install the DSL modem, NetGear (not SMC!) card, and gateway.

Use at least one crossover cable coming from the modem to the gateway.  You can bypass the gateway initially and hook the modem directly up to the computer using the crossover cable.  All other cables should be “straight through”.

 

7.     Set up a Windows machine

You’re going to need this to upgrade the firmware in the next step, since the BR193e.zip and accompanying BR193e.EXE can only be run from a Windows machine.

 

 

 

 

 

8.     Upgrade gateway firmware.

  Assuming you’ve got connectivity from at least one PC to the 3Com gateway, configure gateway from either a Windows or Linux box browser.  Go to 192.168.2.1, which is the 3Com gateway’s address to verify that you can at least see the 3Com gateway’s home page before we blow it away with the upgrade.  Download the latest driver from SMC’s home page.

 

http://www.smc.com/smc/pages_html/homef.html

 

Go to "Drivers and Manuals"

Under "Barricade", select "7004BR"

Under "Barricade 4 Port", select "Firmware V 1.93" under the Firmware choice under "SMC7004BR"

 

You should have downloaded BR193e.zip.  Unzip it.  You should see BR193e.EXE.  Run it.  It should know where to find the gateway.

 

9.     Configure gateway.

Go to http://192.168.2.1 You should see:

 

 

except maybe without the values plugged in.  That’s what we’re going to do below.  After you log in using the password, the menu to the left should change:

 

 

Click on “Primary Setup”:

 

 

Go into the “DHCP Server”, “Fixed Mapping…” menu

 

 

Make sure the “Connection control” remains UN-checked!!  You should be able to populate the MAC addresses using the pick list at the bottom.  If the pick list shows no choices, turn everything off (Linux machine, Windows machine, gateway) and back on again and the list should be populated.  If, at any time you get a “connection refused” message, try shutting the gateway off for at least 30 seconds.

 

10. Configure network on the Linux machine.

From command line, type “netcfg”.  Configure thus:

 

 

The 192.168.2.101 is only for the Win98 machine, if you have that set up.

 

 

If you don’t have the eth0.OLD below, don’t worry.  You will once you change and save it.

 

 

Double-click on the “eth0” line and make sure the “Activate interface at boot time” is clicked and that the IP address if filled in:

 

 

Once you’re done, “Save”, “Quit”.

 

Try getting to the outside world using Netscape.

 

11. Optional: Configure (non-DSL, 56K) modem.

·        From KDE main menu, Internet, Dialup Configuration.  641-470-3000.

·        From KDE main menu, Internet, RH PPP Dialer

·        Open Netscape, set “http://www.US-Webmasters.com/start.htm” as home page

 

Backup

 

12. Configure the tape drive

 

Add the following 2 lines to /etc/rc.d/rc.local

 

modprobe ftape

modprobe zftape

 

reboot after you edit this file

 

Optional: Install afio from Disk #3, Powertools, afio-2.4.5-5.i386.rpm.  “afio” is an alternative to “tar” command.  I’ve never really investigated this since I’ve started using “taper”.

 

Install ftools

·        Download  ftape-tools-1.09.tar.gz from:

ftp://sunsite.unc.edu/pub/Linux/kernel/tapes/

·        Un-tar it

·        Look in the INSTALL file for directions.  Basically, run ./configure, make, make check, make install

·        The only thing I use this for is: “ftmt -f /dev/qft0 status” to verify that I’ve finally got the tape to work right.

 

Install taper.  Make sure you install taper only AFTER you can see the tape using “ftmt -f /dev/qft0 status”

Disk 2, /RedHat/RPMS:

taper-6.9b-3.i386.rpm

 

At some point, you might want to test by restoring image from tape:

·        Invoke taper

·        Restore

I’ve had mixed results with this…

 

13. Amanda

Install from disk 2:

Amanda

Amanda-server

Amanda-client

 

We will run the AMANDA backup client as the user "amanda". We also place the amanda user in the "disk" group so it will have read access to the entire filesystem.  Enter the following command:

adduser -G disk amanda

It will probably say he already exists.  Note: RedHat automatically creates a group by the same name as any user you add. So, the above command creates a user named "amanda". The amanda user will automatically be assigned the primary group "amanda". The -G disk makes amanda's secondary group "disk".

 

14. Tapeware

You’ll need to make a symlink from libncurses.so.4 (which doesn’t exist) to libncurses.so.5.2 by issuing the following command:

ln -s libncurses.so.4 libncurses.so.5.2

Or, look in that directory to find the version of libncurses.so that you have.  But you need to have it so the system can find something to point libncurses.so.4 to.

Install by runnint:

cd /mnt/cdrom

./install

To run:\

cd /usr/local/tapeware

./twxadmin (GUI) or ./twadmin (DOS-like windows)

 

15. Install X-CD-Roast.

You should have the following RPM packages:

·        cdrtools-cdda2wav-1.10-1.i386.rpm

·        cdrtools-cdrecord-1.10-1.i386.rpm

·        cdrtools-libscg-1.10-1.i386.rpm

·        cdrtools-mkisofs-1.10-1.i386.rpm

·        xcdroast-0.98alpha9-1.i386.rpm

Run X-CD-Roast, go to Setup, HD Settings, add /home/TempForCDBurn

 

Web

 

16. Install apache:

Disk 1, /RedHat/RPMS

apache-1.3.19-5.i386.rpm

apacheconf-0.7-2.noarch.rpm

Disk 2: /RedHat/RPMS

apache-devel-1.3.19-5

apache-manual-1.3.19-5

 

17. Start httpd service

·        Go to a shell, type “httpd”.  This starts it for now.

·        At the shell prompt, type: ntsysv.  At the GUI that comes up, page-down to “httpd”, select it, hit “OK”.  This makes sure it’s always started.

·        Open Netscape.  Type in “http://localhost”.  A test page should come up:

 

 

This same test page should come up now at http://192.168.1.102/ as well.

 

 

18. See if you can see the Linux home page from the Windows machine.

From Netscape on the Windows box, go to http://192.168.1.102/.  If the connection is refused or it times out (which it likely will), run the following command from the Linux box:

 

ipchains –L (or, if ipchains gives you problems, iptables –L)

 

You’ll likely see a bunch of Accept and Reject rules.  We’re going to flush them with:

 

Ipchains -F

 

Restart httpd:

 

httpd restart

 

Try the address again from the Windows machine.  You should see it now.

 

19. Expose ports 21, 25 80, 110 (and maybe 8080 if you plan to use Tomcat).

Go to http://192.168.2.1 (the gateway).  Log in and go to the “Virtual Server” page.  Expose ports 21, 25, 80 and 110 on the Linux machine:

 

 

These ports are needed for:

·        21 – ftp

·        25 – sendmail (receiving incoming mail to the server)

·        80 – web pages

·        110 – pop mail (retrieving mail from the server remotely)

 

20. Install ant (required to install Tomcat)

·        Look in /home/Moschak/Backup/CreateServer for ant-1.3-2.noarch.rpm

·        If you don’t have it, look in http://freshmeat.net/redir/ant/14274/url_rpm/ant-1.3-2.noarch.rpm.  You may have to chop off the last part of the URL to get it to work

 

21. Install tomcat

Disk 3: /contrib

tomcat-3.1-4.i386.rpm

tomcat-doc-3.1-4.i386.rpm

tomcat-jserv-3.1-4.i386.rpm

 

 

22. Start Tomcat

by running /opt/tomcat/bin/startup.sh.  Verify that Tomcat has started by seeing that “http-proxy” is now active on port 8080.

 

23. Install from /home/Moschak/Backup/JDK/

·        JDK             jdk-1.3.1.i386.rpm

·        JSDK          jsdk21-3a1-solsparc.tar.Z

·        JSWDK       jswdk1_0_1-solsparc.tar.Z

 

24. Install php from Disk 2:

php-devel-4.0.4pl1-9.i386rpm

php-manual-4.0.4pl1-9.i386rpm

php-mysql-4.0.4pl1-9.i386rpm

 

25. Change permissions of /var/www to allow all people write access

 

26. Install Jbuilder

·        Log in as non-root user

·        Make sure you have at least 60 M disk free in the /tmp folder.  Run “df -h” from a shell and check the “Avail” column in the row where “Mounted on” = “/”

 

27. Port mapping tool

Go to http://www.insecure.org/nmap/dist/nmap-2.53-1.i386.rpm to get:

nmap-2.53-1.i386.rpm

nmap-frontend-0.2.53-1.i386.rpm

go to shell, type in: nmapfe

verify that “http-proxy” is not yet active on port 8080

 

28. change the path permanently

there is a directory /etc/profile.d. In that directory you will find several scripts for setting path information. Duplicate one of these for a java.sh or whatever, and put in the appropriate scripting information. Make sure you make the script executable by chmoding the file like this: chmod a+x . Now you should be able to login again and it will add the path for you properly. You may want to test that it got added before logging out to make sure the script works by typing: source at a prompt. If the prompt comes back and you can run the program you should be all set.

 

29. Set up separate domains

·        Edit /etc/httpd/conf/httpd.conf

·        Find the first instance of “DocumentRoot” and comment it out.

·        In the section called “<VirtualHost _default_:443>”, do NOT comment it out..

·        Find “NameVirtualHost” and uncomment it.  Put in the local IP address.  In other words, the one starting with “192.168” such as 192.168.2.102, NOT the “real” IP address!  You don’t need to specify the port.

·        At the end of the file, add a section “<VirtualHost 192.168.2.102>” for each server.  All you need is the server name and document root:

<VirtualHost 192.168.2.102>

    ServerName www.eCommerce-Webmasters.com

    DocumentRoot /var/www/html

</VirtualHost>

And make sure you have that leading “/” in the ServerName ;).  Easy to overlook…

30. Go to ZoneEdit

ID is “JMoschak” (caps are important)

 

Database

 

31. Install MySQL from Disk 2:

mysql-3.23.36-1.i386.rpm

mysql-devel-3.23.36-1.i386.rpm

mysql-server-3.23.36-1.i386.rpm

mysqlclient9-3.23.22-4.i386.rpm

 

Go to RPM find and get:

MySQL-shared-3.23.36-1.i386.rpm

 

To start server for now, “safe_mysqld &”.  Test by “mysql”.  Should give “mysql” prompt.

 

To start every time, at the shell prompt, type: ntsysv.  At the GUI that comes up, page-down to “mysqld”, select it, hit “OK”.  This makes sure it’s always started.

 

32. Install Star Office

from Disk 3 (Optional)

 

33. UnixODBC

Install from Disk 2, /RedHat/RPMS

unixODBC-1.8.13-2.i386.rpm (Optional)

 

34. phpMyAdmin

Uncompress “phpMyAdmin-2.2.0-rc4-php.tar.gz” from /home/Moschak/Backup/tarz.  Move the “phpMyAdmin-2.2.0-rc4” directory to /var/www/html.

 

Shopping Carts

 

35. Freetrade

Download “freetrade” from http://www.working-dogs.com/

·        Un-Tar it and move it into the /var/www/html directory

·        In the freetrade2 directory, look in /modules/configuration/global and search for the reference to setting the DATABASE_NAME.  It should “freetrade”.  Similarly, DATABASE_USER should be “freetrade”.  If the steps below fail, you can usually temporarily change this to “root” to get it to work temporarily.

·        In the freetrade directory, look in /modules/include/global_settings and look for DATABASE_NAME.  It should be “freetrade”.  Similarly, DATABASE_USER should be “httpd”.

·        Use phpMyAdmin to create the “freetrade” database.

·        In freetrade2, run “/install/mysql/build.sql”.  In freetrade, this is in the main freetrade directory.  You may have to add a “use freetrade:” statement to get it to work right.

·        Use phpMyAdmin to add a record to the mysql.user table.  Set “host” to “localhost”, “user” to “freetrade” or “httpd” (depending on whether you’re using freetrade2 or freetrade, leave “password” blank.

·        In /freetrade/htdocs/index.php3, change the SERVER_NAME from $SERVER_NAME to “63.162.86.58”

·        Reboot the system for the database changes to take effect.

 

36. Install Interchange

Download and install latest version of Interchange from Redhat.  Although they claim the RPM supplies all the PERL modules you need, they are WRONG-O!

From RedHat’s site: get all the CPANs.

 

From Disk 1: perl-DBI-1.14-10.i386

From Disk 2: perl-DBD-MySQL-1.2215-1.i386

 

If, for some reason, you want to restart by uninstalling and reinstalling Interchange, DON’T FORGET TO DELETE the /var/lib/interchange directory!  Failing to do so will cause the interchange-foundation-demo RPG to fail, even if you uninstall that RPM first!

 

In /user/lib/interchange/bin, run ./makecat

 

FTP

 

37. Configure FTP

Install the wu-ftp package.  Can’t remember which disk, but it’s on the 3 RedHat disks somewhere.

Use ntsysv to make sure wu-ftp starts on startup.  Re-boot.

Add the following two lines at the bottom of /etc/ftpaccess:

pasv-allow all *

port-allow all *

 

38. Restrict user’s FTP directory

Create a user “bob” (From the KDE, “Start”, System, User Manager)

Set his home path to /home/bob

 

Restrict his directory

·        groupadd ftponly

·        Add the line "guestgroup ftponly" to /etc/ftpaccess file

·        usermod -G ftponly bob

·        Add /./ to the end of the home directory in /etc/passwd so that "/home/bob" becomes /home/bob/./

Add far-flung directories

·        make empty directory /home/bob/catalog

·        mount --bind /var/lib/interchange/bob /home/bob/catalog

·        Add the line above to /etc/rc.d/rc.local

 

Mail

 

39. Sendmail

To SEND mail:

 

Add entries to /etc/mail/local-host-names.  I added 3 lines: “mail.moschak.com”, “moschak.com”, “www.moschak.com”.

 

Change /etc/mail/sendmail.mc:

comment out “DAEMON_OPTIONS(‘Port=smtp,Addr=127.0.0.1, Name=MTA’

add 3 lines:

MASQUERADE_AS(moschak.com)dnl

FEATURE(allmasquerade)dnl

FEATURE(masquerade_envelope)dnl

“recompile” sendmail.cf from your changed sendmail.mc by running:

m4 sendmail.mc > /etc/sendmail.cf

Did NOT have to change /etc/aliases

A good resource: http://www.redhat.com/support/resources/howto/RH-sendmail-HOWTO/c239.html#AEN245

 

To test this, log in as a NON-Root user!  This is important because there is a line in sendmail.mc, which says:

EXPOSED_USER(`root bank serv')dnl

Go to a shell and type the following:

mail -s 'test message' jmoschak@lisco.com

This is a test message.

(hit Control-d)

Cc: [Enter]

 

You could also try to use Kmail (Internet, Kmail).  Go

Go under “Settings, Configuration, Network and add a user.  Make sure you check “Local Mailbox” instead of leaving the default “Pop3” when adding this account.  Also, make sure you keep “Sendmail” checked and NOT “SMTP”.  SMTP will work without all the finagling we did above and so won’t be a true test.  I’ve had mixed results with Kmail.

 

To GET mail:

 

In ZoneEdit.com, first go to the “IP addresses” section.

 

 

make sure you make the following changes:

 

 

It’s very important to explicitly add mail.ecommerce-webmasters.com!  Then, in the “Mail Servers” section, add: a mail server

 

 

In linuxconf (execute “linuxconf” from the shell command), Config/Networking/Client Tasks/Host name and IP network devices, change “Host name + domain” from “localhost.localdomain” to “moschak.com”.  Actually, I don’t think this has anything to do with getting mail.

 

To relay mail, edit the /etc/mail/virtusertable and add entries such as

 

@eCommerce-Webmasters.com    doug@cyberchicken.com

orders@eCommerce-Webmasters.com    orders

@moschak.com         jmoschak@lisco.com

 

Then compile this table into /etc/mail/virtusertable.db.  From /etc/mail, run the following command:

 

makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable

 

GPG

 

40. Gpg

·        Run “gpg --gen-key” (instructions at http://www.gnupg.org/gph/en/manual.html#AEN26)

o       At some point you will be asked for name, comment and email address.  Don’t try to put all these on one line like the prompt implies!  Enter them one at a time, in that order.

o       Not sure if this is important, but use the same email address in the third part of the id as you normally have orders sent to in IC.  Also, I’ve only ever tested the domain being the same as the machine that hosts IC.  In any case, note the email address because you’ll need to enter this into IC later.

o       You’ll also be asked to enter a passphrase.  Remember this!  You’ll need it to read your encrypted emails later.

·        copy all the files in /root/.gnupg/ (such as pubring.gpg) to /var/lib/interchange/.gnupg/.  If you were NOT logged in as “interch” in the step above, change the owner on all these copied files to “interch”!

·        Similarly, copy these files to /home/orders (or whichever IC user receives orders).  Again, change the owner on all these copied files to “orders”!

·        In interchange, create the following two variables and put them in the “encryption” group:

EncryptKey      orders@domain.com - don’t need!

PGP_KEY      orders@domain.com

·        Edit catalog.cfg.  Find “Route main”.  Change “encrypt” from “0” to “1”.  (Actually, only do this if you need the WHOLE order encrypted, not just the credit card number.)

·        Assuming you send an order info messages to orders@domain.com, and that these emails are routed to the “orders” id on the same machine, log into the “orders” id, go into KMail.

·        Go to settings, configuration, security.

Put in the email address you used in step 1 for “PGP user identity”

Check “Keep passphrase in memory”, “Always encrypt to self”, and “Show ciphered text after composing”

Select the “GPG” encryption tool radio button

·        Place an order.  Retreive your Kmail.  Try to read the message.  It should prompt you for a passphrase.  Type it in.

·        The body of the message will be readable, but the CC info won’t (it’s doubly encrypted!).  Copy all the stuff from “-----BEGIN PGP MESSAGE----” to “-----END PGP MESSAGE----” – including these two lines themselves – to a file named “doc.gpg” and save this document – probably to the “orders” root directory.

·        At the command line (in the “orders” root directory or wherever you saved the document above) enter the following command: “gpg --output out.doc --decrypt doc.gpg”.  Your decrypted credit card info should now be in “out.doc”.