Linux Solutions

Welcome to the tutorial guide. The guide will provide you with guidance and instructions on how to install server.

Installing bind
If you would like to install bind, which is a domain name service, then please run followig command:
su -c ‘yum install named’

- You need to enableon boot and run the command as root.
chkconfig named on

Installing dhcpd
If you would like to install dhcpd which is a DHCP server, then please run following command:
su -c ‘yum install dhcpd’
- Please enable on boot and run this command as root
chkconfig dhcpd on

- Please edit the config file by running following command:
su -c ‘cp /etc/dhcpd.conf /etc/dhcpd.conf_backup’
su -c ‘gedit /etc/dhcpd.conf’

- You can adjust the config to have a range issued in between 192.162.1.100 -> 192.162.1.200

- If you would like to have an ip linked to a print-server named print-server you need to follow the host section listed below.
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.162.1.255;
allow bootp;
ddns-update-style ad-hoc;

subnet 192.162.1.0 netmask 255.255.255.0 {
range 192.162.1.100 192.162.1.200;
host print-server {
hardware ethernet 00:40:c8:04:03:db; #Your specific ethernet hardware
fixed-address 192.162.1.20; #The ip that you want that print server to have always
default-lease-time -1; #the lease time of the ip -1 is forever
}
}
· A simple host section as an example
host strikeforce {
hardware ethernet 00:0F:EA:3E:12:58;
fixed-address 192.162.1.150;
}

Installing ntpd
If you would like to install ntpd which is internet time server, then please run following command:
su -c ‘yum install ntpd’
- You have to ensure that it is turned on when you boot. Please run the command as root.
chkconfig ntpd on

If you would like to link to other servers around the world you will need to add a line in the following layout. Please run following command:
su -c ‘gedit /etc/ntp.conf’
server 0.fedora.pool.ntp.org dynamic

Installing mysql Database Server (mysql)
If you would like to install mysql which is adatabase server, then please go through following steps:

- Use Desktop
- System Settings
- Add/Remove Applications
or alternatively, please run following command:

su -c ‘yum install mysql’
su -c ‘yum install mysql-server’
su -c ‘yum install php-mysql’
su -c ‘yum install MySQL-python’
su -c ‘/etc/init.d/mysqld start’
mysqladmin -u root password new_db_user_password

Installing MYSQL Control Center
If you would like to install MYSQL control center, then please run following command:
su -c ‘yum install mysql-administrator’

- after running the command, please go to:
- Applications
- System Tools
- MySQL Administrator

Installing PHP
If you would like to install PHP on the web server, then please run following commands:

su -c ‘yum install php’
su -c ‘yum install php-mysql’
su -c ‘/etc/init.d/httpd restart’

- Please insert the following line into a new file
su -c ‘echo ” > /var/www/html/testphp.php’

If you followed the guidance and instructions as provided in this tutorial guide then you would have successfully installed the servers.

Welcome to the tutorial guide. The guide will provide a user with instructions and guidance on how to install denyhosts and also how to secure the system.

If you would like to install denyhosts which is a server intrusion prevention, then please run following command:
su -c ‘yum install denyhosts’

Securing the system.
The first step in securing the system is to do a backup.

If you would like to backup the original config file, then please run following command:
su -c ‘cp /etc/denyhosts.conf /etc/denyhosts.conf_backup

- If you would like to change the config to suit the system, then please run following command:
su -c ‘gedit /etc/denyhosts.conf’

- You can modify the following lines to match what is listed below. Please do not forget to remove the ‘#’ at the beginning of the lines
PURGE_DENY = 4w
BLOCK_SERVICE = ALL
DENY_THRESHOLD_INVALID = 5
DENY_THRESHOLD_VALID = 10
DENY_THRESHOLD_ROOT = 0
DENY_THRESHOLD_RESTRICTED = 1
SYSLOG_REPORT=YES
AGE_RESET_VALID=5d
AGE_RESET_ROOT=25d
SYNC_SERVER = http://xmlrpc.denyhosts.net:9911
SYNC_INTERVAL = 1h
SYNC_UPLOAD = yes
SYNC_DOWNLOAD_RESILIENCY = 5h

If you followed the steps as provided in this tutorial guide then you would have successfully installed deny hosts and secured the system.

Welcome to the tutorial guide. The guide will provide you with guidance and instructions on how to install server.

Installing VPN
If you would like to install VPN for gnome, then please run following command:
su -c ‘yum install NetworkManager-vpnc’

If you would like to install VPN for KDE, then please run following command:
su -c ‘yum install knetworkmanager-vpnc’

If you would like to configure the connection using network manager or Knetworkmanager, then please run following command:

su -c ‘yum install pptp’

Installing squid
If you would like to install squid which is a proxy server, then please run following command:
su -c ‘yum install squid’

- now, please find following lines and change them

-please set the port and what type of proxy is required
http_port 3128 transparent
· Allow cachemgr access
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
# Deny requests to unknown ports
http_access deny !Safe_ports
# Deny CONNECT to other than SSL ports
http_access deny CONNECT !SSL_ports

- please allow the network of ‘localhost’ and deny the rest
http_access allow localhost
http_access deny all

- please set the ‘local_network’ and allow it
acl local_network src 192.162.1.0/24
http_access allow local_network

Outgoing Mail server (sendmail)
If you would like to install sendmail which is an outgoing mail server, then please run following command:
su -c ‘yum install sendmail’

- If you would like to edit the following lines changing it to the data, then please run following command:
su -c ‘gedit /etc/mail/sendmail.mc’

- If you would like to set the local domain
LOCAL_DOMAIN(`mail.your.domain.com)dnl
· All emails will have yourname@your.domain.com
MASQUERADE_AS(`your.domain.com’)dnl
· If you use procmail.
MAILER(smtp)dnl
MAILER(procmail)dnl

- please set the type of action sendmail will be
DAEMON_OPTIONS(`Port=smtp, Name=MTA’)dnl

- you can edit the virtusertable by running following command:
su -c ‘gedit /etc/mail/virtusertable’

-you can also add the usernames and email addresses at the bottom in that format.
name@your.domain.com name

- please close virtusertable down and sendmail.mc
- you can compile the directory by running following command:
make -C /etc/mail

- please set up the aliases adjust the following lines at the bottom by running following command:
su -c ‘gedit /etc/aliases’

Person who should get root’s mail
root: youradminusername
youradminusername: youradminusername

- please close the file down and run the following command as root.
chkconfig sendmail on

- finally restart sendmail by running following command:
su -c ‘/etc/init.d/sendmail restart’

Mail server (dovecot)
If you would like to install dovecot which is a mail server, then please run following command:
su -c ‘yum install dovecot’

- please ensure that it comes up on boot
chkconfig dovecot on

done on 3rd october 2009
POP/IMAP settings
· Edit the dovecot.conf file
su -c ‘gedit /etc/dovecot.conf’
· Modify the following lines
· What type of server do you want it will set the options for imap or pop3 If you want pop remove the imap and imaps.
protocols = imap imaps pop3 pop3s
· Dovecot should listen on the standard ports
listen = [::]
· Set the mail location. The example below creates in your home directory a mail folder called Maildir
# mail_location = maildir:~/Maildir
# mail_location = mbox:~/mail:INBOX=/var/mail/%u
# mail_location = mbox:/var/mail/%d/%1n/%n:INDEX=/var/indexes/%d/%1n/%n
maildir:~/Maildir

If you followed the steps as provided in this tutorial guide then you would have successfully installed the servers.

Welcome to the tutorial guide. The guide will provide you with guidance and instructions on how to install server.

If you would like to change the default port number for Apache HTTP Server, then please run following command:
su -c ‘cp /etc/httpd/httpd.conf /etc/httpd/httpd.conf_backup’
su -c ‘gedit /etc/httpd/httpd.conf’

- please find this line
Listen 80

- after finding the line, please replace it with the following line
Listen 82

- now, please save the edited file
/etc/init.d/httpd restart
· http://localhost:82
(please note that we have assumed that new port number is 82)

If you would like to Secure Shell (SSH) into remote Fedora machine, then please run following command:
ssh username@192.162.0.1
(please note that we have assumed that remote Fedora machine have installed SSH Server service and firewall allows to connect to it and Remote Fedora machine: 192.162.0.1).

If you would like to copy files or folders from remote Fedora machine into local machine (scp), then pleas run following command:
scp -r username@192.162.0.1:/home/username/remotefile.txt .

(please note that we have assumed that remote Fedora machine have installed SSH Server service and firewall allows to connect to it and Remote Fedora machine: 192.162.0.1m, Remote files/folders location: /home/username/remotefile.txt, Local machine save location: . (current directory)

If you would like to copy files or folders from remote Fedora machine into local machine using Nautilus(scp), then please follow steps as provided:
(please note that we have assumed that remote Fedora machine have installed SSH Server service and firewall allows to connect to it, Remote Fedora machine: 192.162.0.1, Remote files/folders location: /home/username/remotefile.txt, Local machine save location: . (current directory)
- please open the following window Places
- Connect to Server
- now, add the following details when you have opened the window
Service Type:SSH
Server:192.162.0.1
Port:Leave blank
Folder:/home/username
Username:username
Name to use for connection:Remote Machine’s Name
- You will notice that the connection is under the Places menu

If you would like to copy files/folders from local machine into remote Fedora machine (scp), then please run following command:
scp -r localfile.txt username@192.162.0.1:/home/username

(please note that we have assumed that remote Fedora machine have installed SSH Server service and firewall allows to connect to it. Local files/folders location: localfile.txt , Remote Fedora machine: 192.162.0.1, Remote Fedora machine save location: /home/username/)

If you would like to copy files/folders from local machine into remote Fedora machine (rsync), then please follow the steps as mentioned below:

run the command as below:

rsync -v -u -a –delete –rsh=ssh –stats localfile.txt username@192.162.0.1:/home/username/

(please note that we have assumed that remote Fedora machine have installed SSH Server service and firewall allows to connect to it. Local files/folders location: localfile.txt Remote Fedora machine: 192.162.0.1 Remote Fedora machine save location: /home/username/ )

Installing proftpd
If you would like to install proftpd which is a FTP Server for File Transfer service, then please run following commands:
su -c ‘yum install proftpd’
su -c ‘/etc/init.d/proftpd start’

If you would like to configure FTP Server to allow anonymous FTP user to read only, then please run following command:
su -c ‘cp /etc/proftpd.conf /etc/proftpd.conf_backup’
su -c ‘gedit /etc/proftpd.conf’

After running the command, please append the following lines at the end of file

User ftp
Group nogroup
UserAlias anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message

DenyAll

- now, save the edited file
- finally do a restart by running following command:
su -c ‘/etc/init.d/proftpd restart’

If you would like to configure FTP Server to allow anonymous FTP user to read/write then please run following command:

su -c ‘cp /etc/proftpd.conf /etc/proftpd.conf_backup’
su -c ‘gedit /etc/proftpd.conf’

- after running command, please append the following lines at the end of file

User ftp
Group nogroup
UserAlias anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message

- now, save the edited file
- finally, do a restart by running following command:
su -c ‘/etc/init.d/proftpd restart’

If you would like to map anonymous FTP user to folders outside /home/ftp/, then please run following command:

su -c ‘cp /etc/proftpd.conf /etc/proftpd.conf_backup’
su -c ‘gedit /etc/proftpd.conf’

- now, please append the following lines at the end of file

User ftp
Group nogroup
UserAlias anonymous ftp
DirFakeUser on ftp
DirFakeGroup on ftp
RequireValidShell off
MaxClients 10
DisplayLogin welcome.msg
DisplayFirstChdir .message

DenyAll

- after appending the lines, please save the edited file
- finally, run following command:
su -c ‘/etc/init.d/proftpd restart’

- If you would like to change the default port number for FTP Server, then please run following command:

su -c ‘cp /etc/proftpd.conf /etc/proftpd.conf_backup’
su -c ‘gedit /etc/proftpd.conf’

- now, please find this line
Port 21
(please note that we have assumed that the new port number is 48)

- Replace it with the following line
Port 48

- now, save the edited file
- finally, run following command:
su -c ‘/etc/init.d/proftpd restart’

Installing pure-ftpd
If you would like to install pure-ftpd, which is a FTP Server for File Transfer service then please run following command:

su -c ‘yum install pure-ftpd’
su -c ‘/etc/init.d/pure-ftpd start’

In order to start automatically, please root and run following command:
chkconfig pure-ftpd on

If you would like to configure FTP Server to allow anonymous FTP user to read only, then please run following command:

su -c ‘cp /etc/pure-ftpd/pure-ftpd.conf /etc/pure-ftpd/pure-ftpd.conf_backup’
su -c ‘gedit /etc/pure-ftpd/pure-ftpd.conf’

- now, please find the following line
NoAnonymous no

- you have to ensure that it says no
- save the edited file
(please note that the directory of your Anonymous ftp users will be the same as your ftp user. Usually /var/ftp)

- If you do not have an ftp user you can create it and run following command:
su -c ‘/etc/init.d/pure-ftpd restart’

If you would like to configure FTP Server to allow anonymous FTP user to read/write, then please run following command:

su -c ‘cp /etc/pure-ftpd/pure-ftpd.conf /etc/pure-ftpd/pure-ftpd.conf_backup’
su -c ‘gedit /etc/pure-ftpd/pure-ftpd.conf’

- please change the following lines
AnonymousCanCreateDirs no
AnonymousCantUpload yes

- please change them to
AnonymousCanCreateDirs yes
AnonymousCantUpload no

- now, save the edited file and run following command:
su -c ‘/etc/init.d/pure-ftpd restart’

If you would like to change the default port number for FTP Server, then please run following command:

su -c ‘cp /etc/pure-ftpd/pure-ftpd.conf /etc/pure-ftpd/pure-ftpd.conf_backup’
su -c ‘gedit /etc/pure-ftpd/pure-ftpd.conf’
(please note that we have assumed that the new port number is 48)
- now, please find this line
# Bind 127.0.0.1,21

- after finding the line, please replace it with the following line
Bind 48

- now, please save the edited file and run following command:
su -c ‘/etc/init.d/pure-ftpd restart’

If you followed the steps as provided in this tutorial guide then you would have successfully installed the servers.

Welcome to the tutorial guide. The guide will provide you with guidance and instructions on how to install server.
Installing Samba server
If you would like to install Samba Server for files/folders sharing service, then please go to:
- Desktop
- System Settings
- Add/Remove Applications
or
you can run command as following:

su -c ‘yum -y install samba’
su -c ‘yum -y install samba-client’
su -c ‘yum -y install system-config-samba’

- in order to enable file sharing on boot, please run following command:

su -c ‘chkconfig smb on’

- then go to:
- Desktop
- System Settings
- Server Settings
- Samba

If you would like to add/edit/delete network users then please go to:
- Desktop
- System Settings
- Server Settings
- Samba
or
In order add network user, please run following command:
su -c ’smbpasswd -a system_username’
su -c ‘gedit /etc/samba/smbusers’

- please insert the following line into the new file
system_username = “network username”

- now, please save the edited file

-in order to edit network user, please run following command:
su -c ’smbpasswd -a system_username’

- in order to delete network user, please run following command:
su -c ’smbpasswd -x system_username’

If you would like to share home folders with read/write permissions, then please run following command:

su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- the next step is to find this line
…
; security = user
…

- after finding the line, now please replace it with the following lines
security = user
username map = /etc/samba/smbusers

- finally, save the edited file
testparm
- now, please restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like share home folders with read only permission, then please run following command:
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- now, please find this line
…
; security = user
…

- after finding the line, now replace it with the following lines
security = user
username map = /etc/samba/smbusers

- now, please find this line
[homes]
comment = Home Directories
browseable = no
writeable = yes

- after finding the line, now please replace it with the following lines
[homes]
comment = Home Directories
browseable = yes
writeable = no

- finally, save the edited file
testparm
su -c ‘/etc/init.d/smb restart’

If you would like to share group folders with read only permission, then please run following command:
su -c ‘mkdir /home/group’
su -c ‘chmod 777 /home/group/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- now, please find this line
…
; security = user
…

- after finding the line, please replace it with the following lines
security = user
username map = /etc/samba/smbusers

- append the following lines at the end of file
[Group]
comment = Group Folder
path = /home/group
public = yes
writable = no
valid users = system_username1 system_username2
create mask = 0700
directory mask = 0700
force user = nobody
force group = nogroup

- finally save the edited file

testparm
- please restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like to share group folders with read and write permissions then please follow the steps as mentioned below:
- please run following command:
su -c ‘mkdir /home/group’
su -c ‘chmod 777 /home/group/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- now, please find this line
…
; security = user
…

- replace it with the following lines
security = user
username map = /etc/samba/smbusers

- please append the following lines at the end of file
[Group]
comment = Group Folder
path = /home/group
public = yes
writable = yes
valid users = system_username1 system_username2
create mask = 0700
directory mask = 0700
force user = nobody
force group = nogroup

-finally, save the edited file
testparm

- do a restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like to share public folders with read only permission, then please run following command:

su -c ‘mkdir /home/public’
su -c ‘chmod 777 /home/public/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- please find this line
…
; security = user
…

-replace it with the following lines
security = user
username map = /etc/samba/smbusers

- please append the following lines at the end of file
[public]
comment = Public Folder
path = /home/public
public = yes
writable = no
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroup

- now, save the edited file
testparm

-finally, do a restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like to share public folders with read and write permissions, then please run following command:

su -c ‘mkdir /home/public’
su -c ‘chmod 777 /home/public/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- please find this line
…
; security = user
…

- now, please replace it with the following lines
security = user
username map = /etc/samba/smbusers

- please append the following lines at the end of file
[public]
comment = Public Folder
path = /home/public
public = yes
writable = yes
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroup

- please do not forget to save the edited file
testparm

- finally, do a restart by runnning following command:
su -c ‘/etc/init.d/smb restart’

If you would like share public folders with read only permission, then please run following command:

su -c ‘mkdir /home/public’
su -c ‘chmod 777 /home/public/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- now, please find this line
…
; security = user
…

- please replace it with the following line
security = share

- now, append the following lines at the end of file
[public]
comment = Public Folder
path = /home/public
public = yes
writable = no
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroup

- please save the edited file
testparm

- finally, please restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like to share public folders with read and write permissions then please run following command:

su -c ‘mkdir /home/public’
su -c ‘chmod 777 /home/public/’
su -c ‘cp /etc/samba/smb.conf /etc/samba/smb.conf_backup’
su -c ‘gedit /etc/samba/smb.conf’

- please find this line
…
; security = user
…

- after finding the line, please replace it with the following line
security = share

- now, append the following lines at the end of file
[public]
comment = Public Folder
path = /home/public
public = yes
writable = yes
create mask = 0777
directory mask = 0777
force user = nobody
force group = nogroup

- please save the edited file
testparm

- finally, please restart by running following command:
su -c ‘/etc/init.d/smb restart’

If you would like to map URLs to folders outside /var/www/, then pleas run following command:
su -c ‘gedit /etc/httpd/conf.d/alias’

- now, please insert the following lines into the new file
Alias /URL-path /location_of_folder/

Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all

- please save the edited file

- finally, run following command to restart:
su -c ‘/etc/init.d/httpd restart’

If you followed advise and guidance as provided in this tutorial guide, then you would have successfully installed the servers.