Install Debian Linux as a Web Hosting Service Provider
Posted by admin on October 12 2007 23:26:53
Install Debian Linux as a Web Hosting Service Provider. This build revolves around the basic infrastructure of VHCS, an open source web hosting control panel. The VHCS control panel is open source software and when combined with Apache Internet Server provides a slick interface to a fully featured hosting provisioning solution. Beyond the server software that can be found freely available on the internet, all that is needed to complete the HostingHacks Project is an ethernet card and a static IP address.

Assuming two IDE disks in a system ; the plan is to mirror them 
in a software RAID1 set. The mbr of both disk is set to be bootable using
Lilo with the raid-extra-boot="mbr" option. In this scenario
if one disk dies the system will still boot and retain all data.

assume a disk raid set in the following configuration:

80GB disk# 1 - /dev/hda
80GB disk# 2 - /dev/hdc
CDROM - /dev/hdd
 
Partition '/dev/hda' and '/dev/hdc' as RAID1 mirrors.  
The partitioning scheme will be set as:

/dev/md0 = /
/dev/md1 = /tmp
/dev/md2 = /var
/dev/md3 = /var/log

/dev/hda3 = swap
/dev/hdc3 = more swap
last updated: Jan. 2006
PARTITIONING WITH SFDISK

The debian installer uses "devfs nomenclature" for device nodes (e.g. /dev/ide/host0/bus0/target0/lun0/part3) rather than "standard nomenclature" (e.g. /dev/hda). So to successfully edit the partition tables using 'sfdisk' would require accessing the disk with 'devfs' nomenclature. A simple workaround is to use a 'live cd' such as the Linux-From-Scratch Live CD ( http://www.linuxfromscratch.org/livecd/ ) to partition the disks before launching the debian installer disk.

Boot from the LFS cdrom into a command prompt and write a stream of ASCII NULs over the hard disks:

# WARNING : this will destroy *ALL* data on the disks:
dd if=/dev/zero of=/dev/hda
dd if=/dev/zero of=/dev/hdc

Zeroing the hard disks is completely optional but will have the advantage of returning the disks to a factory preconditioned state. Note that the linux kernel on some live CDs will auto-activate a pre-existing raid array so if you don't zero the disks and you have pre-existing raid superblocks, you may have to run extra commands or reboot to free up the disks for partitioning and raid re-construction.

Note that a full wipe of a hard drive can consume many hours. An alternative to completely zeroing the disks is to use: 'dd if=/dev/zero of=/dev/hda count=1 bs=512' which will wipe your MBR and partition table. You can then confirm that this is the case with 'dd if=/dev/hda count=1 bs=512 | od -x'.

Boot from the LFS cdrom into a command prompt and write a set of new partition tables with sfdisk:

sfdisk /dev/hda -uM 
0,3000,fd,*
,1000,fd
,512,82
,,5
,3000,fd
,,fd
<enter>
y


sfdisk /dev/hdc -uM
0,3000,fd,*
,1000,fd
,512,82
,,5
,3000,fd
,,fd
<enter>
y

At this point the disks are ready to be used by the Debian installer.

REBOOT
halt
or ctrl-alt-delete
RAID NOTES

After you build raid disks if you issue cat /proc/mdstat you may see something like this:

 

This indicates that the disks are in the process of syncing. According to the Orielly book: Managing Raid on Linux it is safe to work on the system while this process continues in the background. If in doubt let this process finish before beginning to build.

When it is completed the contents of /proc/mdstat should look like this:

[root@serv1 root]# cat /proc/mdstat

Personalities : [raid1]
read_ahead 1024 sectors
md1 : active raid1 ide/host0/bus0/target0/lun0/part2[0] ide/host0/bus1/target0/lun0/part2[1]
1024064 blocks [2/2] [UU]

md2 : active raid1 ide/host0/bus0/target0/lun0/part5[0] ide/host0/bus1/target0/lun0/part5[1]
2048128 blocks [2/2] [UU]

md3 : active raid1 ide/host0/bus0/target0/lun0/part6[0] ide/host0/bus1/target0/lun0/part6[1]
12881664 blocks [2/2] [UU]

md0 : active raid1 ide/host0/bus0/target0/lun0/part1[0] ide/host0/bus1/target0/lun0/part1[1]
3072256 blocks [2/2] [UU]
LILO MIRRORED MBR CONFIG

LILO is the preferred bootloader for RAID1 disks because it can duplicate two bootable mbr records on separate disks. However, there are problems when attempting to install LILO to /dev/md disks during the Debian Sarge installation. The installer will fail when it comes time to mark the root partition as 'active'. The best workaround is to install grub to make the system bootable during the installation and then return to fix LILO after booting into the new system.

After completing the installation return to finalize the lilo boot loader configuration to make all disks bootable from the mbr:

cd /usr/src

dpkg --install \
lilo_22.6.1-6.2_i386.deb \
libdevmapper1.01_1.01.00-4_i386.deb

cat > /etc/lilo.conf << "EOF"
default=linux
raid-extra-boot=mbr
boot=/dev/md0
root=/dev/md0
map=/boot/map
delay=20
vga=normal
image=/vmlinuz
label=linux
initrd=/initrd.img
read-only
EOF

lilo

In case of a catastrophic disk failure each disk in the system is now able to be situated as the first bootable disk.

Before running lilo make sure you know which is the bootable partition and edit the lilo.conf accordingly. In the following example you would need to change your boot parameter to boot = /dev/md0 :

# /etc/fstab: static file system information.
#
# <file system> <mount point> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/md0 / ext3 defaults,errors=remount-ro 0 1
/dev/md1 /tmp ext3 defaults 0 2
/dev/md2 /var ext3 defaults 0 2
/dev/hda3 none swap sw 0 0
/dev/hdc3 none swap sw 0 0
/dev/hdb /media/cdrom0 iso9660 ro,user,noauto 0 0

Note that the debian installer uses "devfs nomenclature" for device nodes (e.g. /dev/ide/host0/bus0/target0/lun0/part3) rather than "standard nomenclature" (e.g. /dev/hda). So you may see a message like this:

Warning: '/proc/partitions' does not match '/dev' directory structure.
Name change: '/dev/ide/host0/bus1/target0/lun0/disc' -> '/dev/hdc'
Added linux *
The boot record of /dev/md0 has been updated.
The Master boot record of /dev/hda has been updated.
cat /proc/partitions

# lilo -x mbr -b /dev/md3
# -x applies raid-extra-boot option

NETWORKING
cat > /etc/hostname << "EOF"
serv1.fatpenguinhosting.com
EOF
cat > /etc/network/interfaces << "EOF"
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.0.10
netmask 255.255.255.0
network 192.168.0.0
broadcast 192.168.0.255
gateway 192.168.0.1
EOF

ifup eth0

edit /etc/hosts:

cat > /etc/hosts << "EOF"
127.0.0.1 localhost
192.168.0.10 serv1.fatpenguinhosting.com serv1
192.168.0.10 fatpenguinhosting.com
192.168.0.5 xp-test-box

EOF

chmod 644 /etc/hosts

RESOLVERS

Configure internal or external resolvers. The choice here is whether you want your own server sending queries out on its own (bind has to be configured correctly) ; or you have other servers (provided by yourself or your ISP) that have agreed to do the job:

# option 1: external resolvers

cat > /etc/resolv.conf << "EOF"
nameserver 111.112.113.114
nameserver 111.112.113.115
EOF
# option 2: internal resolvers

cat > /etc/resolv.conf << "EOF"
nameserver 127.0.0.1

EOF
# option 3: combination
cat > /etc/resolv.conf << "EOF"
nameserver 127.0.0.1
nameserver 111.112.113.114
nameserver 111.112.113.115
EOF

A combination (option #3) which first checks to see if bind is enabled locally and then if not will go out to other specified servers is also possible. The: search fatpenguinhosting.com option often found in a default resolv.conf file has no real value for a Hosting Service Provider except to cause unnecessary lookups.

Using a localhost resolver presents a small security risk if you have a system where users can affect the DNS server ( e.g. any control panel where users have the ability to add domains). It's a risk to use the local resolver because there are cases where a user could create a domain that isn't really controlled by them, and then redirect traffic because you are using the local server's DNS for queries.

For example: say that a domain hosted on your server utilizes a payment gateway "paygate.usa" for an ecommerce site. The server could be tricked into delivering the payment information by a user that added a bogus "paygate.usa" with a faked ip address to the system. However, most control panels only allow set ranges of ip addresses to be used during domain creation and payment transfers should be encrypted anyway so there are multiple layers that would have to be overcome to make a forged domain usable.

LOCALE
cat > /etc/locale.gen << "EOF"
en_US ISO-8859-1
EOF
chmod 644 /etc/locale.gen

cat > /etc/environment << "EOF"
LANGUAGE=""
EOF
chmod 644 /etc/environment

¦ The LANG environment variable controls all aspects of system ¦
¦ localization, except where overridden by the LC_* family of functions. ¦
¦ See the locales(7) manual page for more information about locales. ¦
¦ ¦
¦ Locales are specified in a format indicating the language and territory, ¦
¦ using codes specified by ISO 639 (language) and ISO 3166 (territory), ¦
¦ optionally followed by parameters indicating a codeset and/or modifier. ¦
¦ ¦
¦ The available options also display the codeset used by each locale (even ¦
¦ where not specified by the locale itself), for reference. ¦
¦ ¦
¦ If you are not sure which locale best applies to you, you may simply ¦
¦ select the "C" locale, which is the POSIX standard locale and is always ¦
¦ supported. ¦


¦ ¦
¦ The default system locale (the LANG environment variable) can be ¦
¦ overridden for specific localization functions. ¦
¦ ¦
¦ LC_COLLATE: text sorting and comparison functions ¦
¦ LC_CTYPE: character classification and handling ¦
¦ LC_MESSAGES: language of displayed messages ¦
¦ LC_MONETARY: formatting of monetary values ¦
¦ LC_NUMERIC: formatting of non-monetary numeric data ¦
¦ LC_TIME: formatting of time-of-day display ¦
¦ ¦

INETD
/usr/sbin/update-inetd --remove daytime
/usr/sbin/update-inetd --remove telnet
/usr/sbin/update-inetd --remove time
/usr/sbin/update-inetd --remove finger
/usr/sbin/update-inetd --remove talk
/usr/sbin/update-inetd --remove ntalk
/usr/sbin/update-inetd --remove ftp
/usr/sbin/update-inetd --remove discard

TIMEZONE CONFIGURATION

- set the timezone and syncronize the system time ; use ls /usr/share/zoneinfo to find your correct setting:

 
cat > /etc/timezone << "EOF"
US/Pacific
EOF

ln -s /usr/share/zoneinfo/US/Pacific /etc/localtime -f
REMOVE EXIM
 
dpkg --remove exim4
dpkg --ignore-depends=exim4-daemon-light --remove exim4-base
dpkg --ignore-depends=mail-transport-agent --ignore-depends=mailx --remove exim4-daemon-light
dpkg --remove exim4-config

rm -f /etc/cron.daily/exim4-base

Install build tools

PREREQUISITES:

Required tools for building and compiling software. Use 'aptget' to autoinstall or 'dpkg' to manually install downloaded packages.
last updated: March 2006
APT-GET INTERNET SETUP
to use apt-get to install packages configure it here:
/usr/sbin/apt-setup
=
mv /etc/apt/sources.list /etc/apt/sources.list_old

cat > /etc/apt/sources.list << "EOF"
deb http://http.us.debian.org/debian stable main
deb http://security.debian.org stable/updates main
deb-src http://http.us.debian.org/debian stable main
EOF
get the .deb package lists:
apt-get update
force any pending apt-get activities:
apt-get -f install 
update existing packages:
apt-get dselect-upgrade
APT GET CDROM SETUP
/usr/sbin/apt-setup
APT-GET COMPILERS & BUILD TOOLS
apt-get install -y \
make \
tar \
original-awk \
bzip2 \
patch \
ucf \
gcc \
binutils \
cpp \
cpp-3.3 \
gcc-3.3 \
flex \
bison \
bc \
bin86 \
bison \
dc \
dictionaries-common \
doc-linux-text \
dpkg-dev \
file \
finger \
flex \
ftp \
g++ \
g++-3.3 \
gdb \
ibritish \
ispell \
less \
libc6-dev \
libevent1 \
libgc1 \
libgpmg1 \
libident \
libidn11 \
libldap-2.2-7 \
libnfsidmap1 \
libnss-db \
libreadline5 \
libstdc++5-3.3-dev \
libtasn1-0 \
linux-kernel-headers \
locales \
lsof \
m4 \
manpages-dev \
module-init-tools \
mpack \
mtools \
mtr-tiny \
ncurses-term \
pidentd \
python \
python-newt \
python2.3 \
rcs \
sharutils \
slang1 \
strace \
tcsh \
texinfo \
w3m \
wamerican \

needed to build debian source packages:

apt-get install -y \
libtool \
autoconf \
dpatch \
dpkg-dev \
pkg-config \
autotools-dev

DPKG
cd /usr/src

dpkg --install \
binutils_2.16.1-2_i386.deb \
libc6_2.3.2.ds1-22_i386.deb \
libc6-dev_2.3.2.ds1-22_i386.deb \
linux-kernel-headers_2.5.999-test7-bk-17_i386.deb
http://ftp.us.debian.org/debian/pool/main/g/gcc-3.3/
cd /usr/src

dpkg --install \
cpp-3.3_3.3.5-13_i386.deb \
g++-3.3_3.3.5-13_i386.deb \
gcc-3.3_3.3.5-13_i386.deb \
gcc-3.3-base_3.3.5-13_i386.deb \
libstdc++5-3.3-dev_3.3.5-13_i386.deb \
libstdc++5_3.3.5-13_i386.deb


ln /usr/bin/cpp-3.3 /usr/bin/cpp
ln /usr/bin/g++-3.3 /usr/bin/g++
ln /usr/bin/gcc-3.3 /usr/bin/gcc

ln /usr/bin/gcc /usr/bin/cc
ln /usr/bin/cpp-3.3 /lib/cpp

ln /usr/bin/gcc /etc/alternatives/cc
ln /usr/bin/g++ /etc/alternatives/c++

ln /usr/bin/cpp-3.3 /usr/bin/i386-linux-cpp
ln /usr/bin/g++-3.3 /usr/bin/i386-linux-g++
ln /usr/bin/gcc-3.3 /usr/bin/i386-linux-gcc

cd /usr/src
dpkg --install \
bison_1.875d-1_i386.deb \
flex_2.5.31-31_i386.deb \
make_3.80-9_i386.deb \
m4_1.4.2-1_i386.deb \
pkg-config_0.17.2-1_i386.deb \
patch_2.5.9-2_i386.deb \
expect_5.42.1-1.2_i386.deb \
tcl8.4_8.4.9-1_i386.deb \
mtools_3.9.9-2.1_i386.deb


## bzip2_1.0.2-7_i386.deb \
## libbz2-1.0_1.0.2-7_i386.deb \
## libbz2-dev_1.0.2-7_i386.deb \

libtool???
libtool: install: warning: remember to run `libtool --finish /usr/src/php-4.4.1/libs'

iceberg1:~# apt-get install libtool
Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
autotools-dev cpp file


NOTES
for a GUI interface to apt-get use:
aptitude
or
tasksel
or
dselect
http://ftp.us.debian.org/debian/ download .deb packages from: http://ftp.us.debian.org/debian/pool/main/
dpkg --install nmap_3.81-2_i386.deb

dpkg --get-selections > file
(for later reuse)

to see if a .deb package is installed:
dpkg --get-selections | grep apache2

reconfigure:
dpkg-reconfigure webmin

to force dpkg installation overriding dependancies:

dpkg --install --ignore-depends=libkrb53 nail_11.22-1_i386.deb
dpkg-deb packs, unpacks and provides information about Debian archives.
extract a package:
dpkg-deb -x webmin_1.180-3_all.deb

view contents of a package:
dpkg-deb -c webmin_1.180-3_all.deb

inspecting source packages:

apt-get source apache2
cd apache2-2.0.54

apt-get source --download-only

dpkg-buildpackage -d

source causes apt-get to fetch source packages.
APT will examine the available packages to decide
which source package to fetch. It will then find
and download into the current directory the newest
available version of that source package. Source
packages are tracked separately from binary packages
via deb-src type lines in the sources.list(5) file.
This probably will mean that you will not get the
same source as the package you have installed or
as you could install. If the --compile options is
specified then the package will be compiled to a
binary .deb using dpkg-buildpackage, if --download-only
is specified then the source package will not be unpacked.
TROUBLESHOOTING SERVER BUILDS

Save current contents of the terminal screen to a text file:

setterm -dump -file screendump.txt

View the changes in the entire file system after installing software:

find /* > before.txt
find /* > after.txt
diff before.txt after.txt > added.txt

If you find a strange error in the logs you can search through all the code files for the phrase (e.g "Invalid Domain Seal"):

 cd /usr
grep -r -l "Invalid Domain Seal" *

or check the code for terms you might be interested in:

cd /user
grep -r -l "makemap" *

SYNOPSIS
http://packages.qa.debian.org/o/openssl.html
http://packages.qa.debian.org/o/openssl/news/1.html
last updated: March 2006
APT GET
apt-get install openssl
apt-get install libssl0.9.7
apt-get install libssl-dev
apt-get install ca-certificates
DPKG
cd /usr/src
dpkg --install \
openssl_0.9.7e-3_i386.deb \
libssl0.9.7_0.9.7e-3_i386.deb \

SYNOPSIS

PREREQUISITES:

last updated: March 2006
ZLIB
apt-get install -y \
zlib1g \
zlib1g-dev \
zlib-bin \
zlibc
LIBNCURSES
apt-get install -y \




cd /usr/src
dpkg --install \
libncurses5_5.4-9_i386.deb \
libncurses5-dev_5.4-9_i386.deb \
libncursesw5_5.4-4_i386.deb \
libncursesw5-dev_5.4-4_i386.deb

LIBDB
apt-get install -y \


dpkg --install \
libdb4.1_4.1.25-18_i386.deb \
libdb4.1++_4.1.25-18_i386.deb \
libdb4.1-dev_4.1.25-18_i386.deb

## cd /usr/src
## dpkg --install \
## libdb4.3_4.3.27-2_i386.deb \
## libdb4.3-dev_4.3.27-2_i386.deb \
## db4.3-util_4.3.27-2_i386.deb

libdb-dev needed to compile postfix
LIBGDBM
apt-get install -y \


cd /usr/src
dpkg --install \
libgdbm3_1.8.3-2_i386.deb \
libgdbm-dev_1.8.3-2_i386.deb


libgdbm-dev needed to compile courier authlib.
LIBKRB
apt-get install -y \


cd /usr/src

dpkg --install \
libkrb53_1.3.6-2_i386.deb \
libkrb-1-kerberos4kth_1.2.2-11.2_i386.deb \
libasn1-6-heimdal_0.6.3-10_i386.deb

dpkg --install \
libroken16-kerberos4kth_1.2.2-11.2_i386.deb \
libkrb5-17-heimdal_0.6.3-11_i386.deb

LIBSASL
apt-get install -y \


cd /usr/src

dpkg --install \
libsasl2_2.1.19-1.5_i386.deb \
libsasl2-modules_2.1.19-1.5_i386.deb \
libldap2_2.1.30-8_i386.deb \
libroken16-kerberos4kth_1.2.2-11.2_i386.deb

dpkg --install \
sasl2-bin_2.1.19-1.5_i386.deb \
libkrb5-17-heimdal_0.6.3-11_i386.deb \
libasn1-6-heimdal_0.6.3-11_i386.deb \
libgssapi1-heimdal_0.6.3-11_i386.deb

CRYPT LIBS
apt-get install -y \


cd /usr/src

dpkg --install \
libmcrypt4_2.5.7-5_i386.deb \
mcrypt_2.6.4-3_i386.deb \
libmhash2_0.9.1-1_i386.deb \
libmhash-dev_0.9.1-1_i386.deb \
libmcrypt-dev_2.5.7-5_i386.deb \
libltdl3_1.5.6-6_i386.deb \
libltdl3-dev_1.5.6-6_i386.deb

libltdl3 needed by libmcrypt ; libmcrypt needed to compile php
LIBBZ
apt-get install -y \


cd /usr/src

dpkg --install \
bzip2_1.0.2-7_i386.deb \
libbz2-dev_1.0.2-7_i386.deb \
libbz2-1.0_1.0.2-7_i386.deb

LIBREADLINE
apt-get install -y \


cd /usr/src

dpkg --install \
libreadline5_5.0-10_i386.deb \
libreadline4_4.3-11_i386.deb

## libreadline5-dev_5.0-10_i386.deb \
## libreadline4-dev_4.3-11_i386.deb \

LIBIDN
apt-get install -y \


cd /usr/src
dpkg --install \
libidn11_0.5.13-1.0_i386.deb \
libidn11-dev_0.5.13-1.0_i386.deb

PNG
apt-get install -y \


PNG (Portable Network Graphics) is an extensible file format for the lossless, portable, well-compressed storage of raster images. PNG provides a patent-free replacement for GIF and can also replace many common uses of TIFF.

to check which version of libpng you are currently using:

man libpng
apt-get install -y \
libpng12-dev \
libpng12-0 \

cd /usr/src
dpkg --install \
libpng12-dev_1.2.8rel-1_i386.deb \
libpng12-0_1.2.8rel-1_i386.deb

JPEG -6b
apt-get install -y \


This package contains C software to implement JPEG image compression and decompression. JPEG is a standardized compression method for full-color and gray-scale images intended for compressing "real-world" scenes; line drawings, cartoons and other non-realistic images are not its strong suit. JPEG is lossy, meaning that the output image is not exactly identical to the input image. Hence you must not use JPEG if you have to have identical output bits. ftp://ftp.uu.net/graphics/jpeg/ | http://www.ijg.org

cd /usr/src
dpkg --install \
libjpeg62_6b-10_i386.deb \
libjpeg62-dev_6b-10_i386.deb \
libjpeg-progs_6b-10_i386.deb

FREETYPE

http://www.freetype.org/

apt-get install -y \


cd /usr/src

dpkg --install \
libfreetype6_2.1.7-2.4_i386.deb \
libfreetype6-dev_2.1.7-2.4_i386.deb
GD
apt-get install -y \


GD - An ANSI C library for the dynamic creation of images - www.boutell.com/gd/. The format of images you are able to manipulate depend on the version of GD you install, and any other libraries GD might need to access those image formats. Versions of GD older than gd-1.6 support GIF format images, and do not support PNG, where versions greater than gd-1.6 and less than gd-2.0.28 support PNG, not GIF. GIF support was re-enabled in gd-2.0.28.

cd /usr/src

dpkg --install \
libgd2-dev_2.0.33-1.1_all.deb \
libgd2_2.0.33-1.1_all.deb \
libgd2-noxpm_2.0.33-1.1_i386.deb \

APT GET
apt-get install -y \
nail \
nmap \
lynx \
whois \
gnupg \
traceroute


DPKG
apt-get install -y \
nail \
nmap \
lynx \
whois \
gnupg \
traceroute

NAIL
cat > /root/.nailrc << "EOF"
set indentprefix="> "
set charset=iso-8859-1
set from="servadmin@hostinghacks.usa (System Admin)"
EOF
tail /var/log/maillog | mail -r \
"servadmin@hostinghacks.usa (Server Administrator)" servadmin@fatpenguinhosting.usa
tail /var/log/maillog | mail -r \
"servadmin@hostinghacks.usa (Server Administrator)" \
-a /var/www/htdocs/apache_pb.gif servadmin@fatpenguinhosting.usa
WGET (USE OF)
getting compilers for debian:
wget http://ftp.us.debian.org/debian/pool/main/g/gcc-4.0/ --recursive --level=2 -A deb
wget http://ftp.us.debian.org/debian/pool/main/g/gcc-3.4/ --recursive --level=2 -A deb
wget http://ftp.us.debian.org/debian/pool/main/g/gcc-3.3/ --recursive --level=2 -A deb

enjoy 50's style doowop rocknroll?
there are dozens of mp3s here for the taking:

wget http://www.thedoowopjukebox.com/aug03mp3s/mpthree.html --recursive --level=2


wget on windows:

"C:\Program Files\GnuWin32\bin\wget.exe" http://www.coolsite.usa --recursive \
--level=3 --no-host-directories --no-directories --wait=2 -H -A mp3

--output-file=logfile
--spider
--no-directories
--no-host-directories
--ignore-length
--referer=url
--user-agent=agent-string
--convert-links
--background
--output-file=logfile

APT-GET (ALTERNATE INSTALLATION METHOD)
apt-get install -y \
nmap lynx nail mutt traceroute whois gnupg ftp


PREREQUISITES: A modern version of gcc (http://www.gnu.org/software/gcc/) The GNU linker (http://www.gnu.org/software/binutils/) Libtool (http://www.gnu.org/software/libtool/) GNU make (http://www.gnu.org/software/make/) expect If you do not have expect installed you will not be able to change system login passwords However non-system authentication modules (LDAP, PostgreSQL, and others) will work.

INSTALLS: Courier-authlib is a requirement starting with the following Courier package versions: Courier 0.48, Courier-IMAP 4.0, SqWebMail 5.0. When upgrading from earlier versions of these packages, install the Courier-authlib package first, then upgrade the existing package.

The installation commands can be run from a Putty window in a "cut-and-paste" style layout or copied to a script. Notes on Putty best practices can be found at http://hostinghacks.net/putty/.
last updated: March. 2006
COURIER AUTHLIB
cd  /usr/src
wget http://easynews.dl.sourceforge.net/sourceforge/courier/courier-authlib-0.58.tar.bz2

cd /usr/src
tar -xjf courier-authlib-0.58.tar.bz2

cd /usr/src/courier-authlib-0.58

./configure --prefix=/usr --mandir=/usr/share/man \
--with-authdaemonvar=/var/run/courier/authdaemon \
--sysconfdir=/etc/courier \
--with-pkgconfdir=/etc/courier \
--libexecdir=/usr/lib/courier \
--datadir=/usr/lib/courier \
--localstatedir=/var/lib/courier \
--sbindir=/usr/sbin \
--with-mailuser=daemon \
--with-mailgroup=daemon \
--without-socks \
--with-authpam \
--with-authpipe \
--without-authpwd \
--with-authmysql \
--with-mysql-includes=/usr/include/mysql \
--with-mysql-libs=/usr/lib \
--with-authmysqlrc=/etc/courier/authmysqlrc \
--without-authpgsql \
--with-authpgsqlrc=/etc/courier/authpgsqlrc \
--without-authshadow \
--without-authvchkpw \
--with-authdaemonvar=/var/run/courier/authdaemon \
--without-authldap \
--with-authcram \
--with-db=gdbm \
--without-fcgi \
--enable-userdb \
--enable-syslog=1 \
--disable-root-check

cd /usr/src/courier-authlib-0.58

make WITH_MYSQL=yes install

make install-configure
COURIER IMAP
cd /usr/src
wget http://easynews.dl.sourceforge.net/sourceforge/courier/courier-imap-4.0.6.tar.bz2

cd /usr/src
tar -jxvf courier-imap-4.0.6.tar.bz2

cd /usr/src/courier-imap-4.0.6

./configure \
--prefix=/usr \
--disable-root-check \
--prefix=/usr \
--exec_prefix=/usr \
--sysconfdir=/etc/courier \
--sbindir=/usr/sbin \
--libexecdir=/usr/lib/courier \
--with-authmysql=yes \
--with-trashquota \
--with-authshadow \
--enable-unicode \
--without-authpwd \
--without-authpam \
--without-authldap \
--without-authpgsql \
--without-authcustom

make &&
## make install-strip \
make install

make install-configure
AUTHDAEMON CONFIG
cat > /etc/courier/authdaemonrc << "EOF"
authmodulelist="authuserdb"
authmodulelistorig="authcustom authcram authuserdb authldap authpgsql authmysql authpam"
daemons=5
version=""
authdaemonvar=/var/run/courier/authdaemon

# DEBUG_LOGIN=0 - turn off debugging
# DEBUG_LOGIN=1 - turn on debugging
# DEBUG_LOGIN=2 - turn on debugging + log passwords too
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.
DEBUG_LOGIN=0

# courierlogger(1) options, e.g. to set syslog facility
LOGGEROPTS=""

EOF
cat > /etc/courier/authmodulelist << "EOF"
authdaemon
EOF
NEED RESOLUTION ON THIS ISSUE:

touch /etc/courier/userdb

or

touch /etc/courier/authlib/userdb
chmod 600 /etc/courier/authlib/userdb

(VHCS puts virtual user information here)

# Start the authdaemond process
/usr/sbin/authdaemond start

/usr/lib/courier/authlib/authdaemond start
POP & IMAP CONFIG
cat > /etc/courier/imapd << "EOF"
ADDRESS=0
PORT=143
MAXDAEMONS=40
MAXPERIP=4
PIDFILE=/var/run/courier/imapd.pid
TCPDOPTS="-nodnslookup -noidentlookup"
AUTHMODULES="authdaemon"
AUTHMODULES_ORIG="authdaemon"
DEBUG_LOGIN=1
IMAP_CAPABILITY="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT QUOTA IDLE AUTH=LOGIN"
IMAP_CAPABILITY_ORIG="IMAP4rev1 CHILDREN NAMESPACE THREAD=ORDEREDSUBJECT THREAD=REFERENCES SORT AUTH=CRAM-MD5 AUTH=CRAM-SHA1 IDLE AUTH=LOGIN"
IMAP_IDLE_TIMEOUT=60
IMAP_DISABLETHREADSORT=0
IMAP_CHECK_ALL_FOLDERS=0
IMAP_OBSOLETE_CLIENT=0
IMAP_ULIMITD=65536
IMAP_USELOCKS=0
IMAP_ENHANCEDIDLE=0
IMAP_TRASHFOLDERNAME=Trash
IMAP_EMPTYTRASH=Trash:7
IMAP_MOVE_EXPUNGE_TO_TRASH=0
SENDMAIL=/usr/sbin/sendmail
HEADERFROM=X-IMAP-Sender
IMAPDSTART=YES
EOF
cat > /etc/courier/maildrop << "EOF"
/usr/bin/maildrop
EOF
cat > /etc/courier/pop3d << "EOF"
PIDFILE=/var/run/courier/pop3d.pid
MAXDAEMONS=40
MAXPERIP=4
AUTHMODULES="authdaemon"
AUTHMODULES_ORIG="authdaemon"
DEBUG_LOGIN=1
POP3AUTH=""
POP3AUTH_ORIG="LOGIN CRAM-MD5 CRAM-SHA1"
POP3AUTH_TLS=""
POP3AUTH_TLS_ORIG="LOGIN PLAIN"
PORT=110
ADDRESS=0
TCPDOPTS="-nodnslookup -noidentlookup"
POP3DSTART=YES

EOF
mkdir -p /etc/courier

touch /etc/courier/pop3d-ssl
touch /etc/courier/imapd-ssl
mkdir -p /var/run/courier

# Start the imapd process
/usr/lib/courier/imapd.rc start


# Start the pop3 process
/usr/lib/courier/pop3d.rc start
/ETC/INIT.D/COURIER-AUTHDAEMON
edited from default:
cat > /etc/init.d/courier-authdaemon << "EOF"
#! /bin/sh -e

case "$1" in
start)
# Start daemons.
cd /
if test -x /usr/sbin/authdaemond
then
echo -n "Starting Courier authdaemon: "
/usr/sbin/authdaemond start
echo "done."
fi
;;
stop)
# Stop daemons.
cd /
if test -x /usr/sbin/authdaemond
then
echo -n "Stopping Courier authdaemon: "
/usr/sbin/authdaemond stop
echo "done."
fi
;;
restart | reload | force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload|force-reload}" >&2
exit 1
;;
esac
exit 0
EOF

chmod +x /etc/init.d/courier-authdaemon

/etc/init.d/courier-authdaemon restart

/usr/sbin/update-rc.d courier-authdaemon defaults

/ETC/INIT.D/COURIER-POP
ln /usr/lib/courier/pop3d.rc /etc/init.d/courier-pop

/etc/init.d/courier-pop start

/usr/sbin/update-rc.d courier-pop defaults
/ETC/INIT.D/COURIER-IMAP
ln /usr/lib/courier/imapd.rc /etc/init.d/courier-imap

/etc/init.d/courier-imap start

/usr/sbin/update-rc.d courier-imap defaults
cat > /etc/init.d/courier-imap << "EOF"
#! /bin/bash -e

prefix="/usr"
exec_prefix=${prefix}
sysconfdir="/etc/courier"
bindir="${exec_prefix}/bin"
sbindir="${exec_prefix}/sbin"
libexecdir="${prefix}/lib/courier"
TCPD="${sbindir}/couriertcpd"
DAEMON="imapd"
PROGRAM="Courier IMAP server"
SSLCONFIG=

if ! [ -x $TCPD ]; then
echo "ERR: $TCPD missing"
exit 1
fi

if ! [ -f ${sysconfdir}/$DAEMON ]; then
echo "ERR: config file missing"
exit 1
fi

# read/set defaults
if [ -f /etc/default/courier ]; then
. /etc/default/courier
fi
if [ -z "$MAILDIR" ]; then
MAILDIR=Maildir
fi

if [ -f "${sysconfdir}/imapd-ssl" ]; then
. "${sysconfdir}/imapd-ssl"
SSLCONFIG=1
fi
. ${sysconfdir}/$DAEMON

START=no
case "$IMAPDSTART" in
[yY]*)START=yes;;
esac

case "$1" in
start)
if [ "$START" = "yes" ]; then
echo -n "Starting $PROGRAM:"
AUTHMODULELIST=""
for f in $AUTHMODULES
do
if [ -e $libexecdir/authlib/$f ]; then
AUTHMODULELIST="$AUTHMODULELIST $libexecdir/authlib/$f"
fi
done
AUTHMODULELIST="`echo $AUTHMODULELIST`"

ulimit -v $IMAP_ULIMITD
/usr/bin/env - /bin/sh -c " set -a; \
bindir=${bindir}; \
. ${sysconfdir}/imapd; \
if [ "$SSLCONFIG" ]; then . ${sysconfdir}/imapd-ssl; fi; \
IMAP_STARTTLS=$IMAPDSTARTTLS ; export IMAP_STARTTLS ; \
TLS_PROTOCOL=$TLS_STARTTLS_PROTOCOL ; \
$TCPD -address=$ADDRESS \
-stderrlogger=${sbindir}/courierlogger \
-maxprocs=$MAXDAEMONS -maxperip=$MAXPERIP \
-pid=$PIDFILE $TCPDOPTS \
$PORT ${libexecdir}/courier/imaplogin $AUTHMODULELIST \
${bindir}/imapd $MAILDIR"
echo " $DAEMON."
fi
;;
stop)
echo -n "Stopping $PROGRAM:"
$TCPD -pid=$PIDFILE -stop
echo " $DAEMON."
;;
restart | reload | force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|reload|force-reload}" >&2
exit 1
;;
esac
exit 0
EOF

chmod +x /etc/init.d/courier-imap

/etc/init.d/courier-imap start

/usr/sbin/update-rc.d courier-imap defaults
APT-GET ALTERNATIVE INSTALLATION
apt-get install -y \
courier-authdaemon \
courier-base \
courier-imap \
courier-maildrop \
courier-pop \
libfam0c102

DPKG ALTERNATIVE INSTALLATION
cd /usr/src

dpkg --install \
courier-authdaemon_0.47-4_i386.deb \
courier-base_0.47-4_i386.deb \
courier-imap_3.0.8-4_i386.deb \
courier-maildrop_0.47-4_i386.deb \
courier-pop_0.47-4_i386.deb \
libfam0c102_2.7.0-6_i386.deb
NOTES

testing POP:

telnet server 110
user xyz123
pass xyz.123
LIST
RETR 1
DELE 1
QUIT

To see a list of your emails awaiting collection use the LIST command,
this will also show you the id number of your messages (e.g. 1 or 2 etc.)
To view the contents of an email type RETR + the id number
of the message (e.g RETR 1).
To delete a message use DELE + the id number of the message (e.g DELE 1).
To leave your mailbox and close the connection use QUIT

troubleshooting IMAP service with telnet:

telnet localhost 143
1 LOGIN "subzero" "passwd"
3 LIST "" ""
4 LIST "" "INBOX"
5 LSUB "" "*"

PREREQUISITES:

The installation commands can be run from a Putty window in a "cut-and-paste" style layout or copied to a script. Notes on Putty best practices can be found here.
last updated: March 2006
BUILD POSTFIX
groupadd postfix
useradd -c "Postfix Daemon User" -d /dev/null -g postfix -s /bin/false -u 932 postfix
groupadd postdrop
chown -v postfix:postfix /var/mail
cd /usr/src
wget http://freshmeat.net/redir/postfix/56889/url_tgz/postfix-2.2.9.tar.gz

cd /usr/src
tar -zxvf postfix-2.2.9.tar.gz

cd /usr/src/postfix-2.2.9

make makefiles \
CCARGS='-DUSE_TLS -DUSE_SASL_AUTH -DDEF_DAEMON_DIR=\"/usr/lib/postfix\" \
-DDEF_MANPAGE_DIR=\"/usr/share/man\" -I/usr/include/openssl \
-I/usr/include/sasl' \
AUXLIBS='-L/usr/lib -lssl -lcrypto -lsasl2' \
CCARGS='-DHAS_MYSQL -I/usr/include/mysql' \
AUXLIBS='-L/usr/lib -lmysqlclient -lz -lm'

make &&
make install

sh postfix-install -non-interactive
## temporary fixes:

cp /usr/libexec/postfix /usr/lib/postfix -R

mkdir -p /var/spool/postfix/etc
CONFIG
cat > /etc/postfix/main.cf << "EOF"
command_directory = /usr/sbin
daemon_directory = /usr/lib/postfix
program_directory = /usr/lib/postfix
inet_interfaces = all
mynetworks_style = host
myhostname = serv1
mydomain = fatpenguinhosting.com
myorigin = $mydomain
smtpd_banner = $myhostname ESMTP 2.4.5.1
setgid_group = postdrop
mydestination = $myhostname, $mydomain
append_dot_mydomain = no
append_at_myorigin = yes
local_transport = local
virtual_transport = virtual
transport_maps = hash:/etc/postfix/vhcs2/transport
mail_spool_directory = /var/mail
mailbox_size_limit = 0
mailbox_command = procmail -a "$EXTENSION"
biff = no
alias_database = hash:/etc/aliases
local_destination_recipient_limit = 1
local_recipient_maps = unix:passwd.byname $alias_database
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_limit = 0
virtual_mailbox_domains = hash:/etc/postfix/vhcs2/domains
virtual_mailbox_maps = hash:/etc/postfix/vhcs2/mailboxes
virtual_alias_maps = hash:/etc/postfix/vhcs2/aliases
virtual_minimum_uid = 1004
virtual_uid_maps = static:1004
virtual_gid_maps = static:8
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = fatpenguinhosting.com
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated =
permit_mynetworks =
reject_unauth_destination =
readme_directory = no
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
html_directory = no
manpage_directory = /usr/local/man
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
queue_directory = /var/spool/postfix
mail_owner = postfix
EOF

chmod 644 /etc/postfix/main.cf
cat > /etc/postfix/master.cf << "EOF"
smtp inet n - - - - smtpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp -o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - - n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
vhcs2-arpl unix - n n - - pipe flags=O user=vmail argv=/var/www/vhcs2/engine/messager/vhcs2-arpl-msgr
EOF
postconf
postfix start
INIT SCRIPT
(stripped from the debian default init)
cat > /etc/init.d/postfix << "EOF"
#!/bin/sh -e

PATH=/bin:/usr/bin:/sbin:/usr/sbin
DAEMON=/usr/sbin/postfix
NAME=Postfix

case "$1" in
start)
echo -n "Starting mail transport agent: Postfix"

start-stop-daemon --start --exec ${DAEMON} -- start 2>&1 |
(grep -v 'starting the Postfix' 1>&2 || /bin/true)
echo "."
;;

stop)
echo -n "Stopping mail transport agent: Postfix"
RUNNING=""
if [ -f /var/spool/postfix/pid/master.pid ]; then
pid=$(sed 's/ //g' /var/spool/postfix/pid/master.pid)
exe=$(ls -l /proc/$pid/exe 2>/dev/null | sed 's/.* //')
if [ "X$exe" = "X/usr/lib/postfix/master" ]; then
${DAEMON} stop 2>&1 |
(grep -v 'stopping the Postfix' 1>&2 || /bin/true)
fi
fi
echo "."
;;

restart)
$0 stop
$0 start
;;

force-reload|reload)
echo -n "Reloading Postfix configuration..."
${DAEMON} reload 2>&1 |
(grep -v 'refreshing the Postfix' 1>&2 || /bin/true)
echo "done."
;;

flush|check|abort)
${DAEMON} $1
;;

*)
echo "Usage: /etc/init.d/postfix {start|stop|restart|reload|flush|check|abort|force-reload}"
exit 1
;;
esac

exit 0

EOF

chmod +x /etc/init.d/postfix
/etc/init.d/postfix restart

/usr/sbin/update-rc.d postfix defaults

APT-GET ALTERNATE INSTALLATION
apt-get install -y \
postfix \
postfix-mysql \
postfix-tls \
procmail
DPKG ALTERNATE INSTALLATION
cd /usr/src

dpkg --install \
postfix_2.1.5-9_i386.deb \
postfix-tls_2.1.5-9_i386.deb \
procmail_3.22-11_i386.deb \
postfix-mysql_2.1.5-9_i386.deb

REMOVING EXIM
caution!!! this will break mysql if installed:

apt-get -y remove exim4-daemon-light exim4 exim4-daemon-light exim4-config exim4-base


PREREQUISITES:

 
IO::Socket,
DBI,
DBD::mysql,
MIME::Entity,
MIME::Parser,
Crypt::CBC,
Crypt::Blowfish,
MIME::Base64,
Term::ReadPassword
Crypt::PasswdMD5

INSTALLS:

The installation commands can be run from a Putty window in a "cut-and-paste" style layout or copied to a script. Notes on Putty best practices can be found at http://hostinghacks.net/putty/.
last updated: March 2006
DOWNLOAD VHCS
cd /usr/src
wget http://easynews.dl.sourceforge.net/sourceforge/vhcs/vhcs2-2.4.7.1.tar.bz2

cd /usr/src
tar -xjvf vhcs2-2.4.7.1.tar.bz2
mv vhcs2-2.4.7.1 vhcs2
VHCS2.CONF
make any edits to vhcs2.conf *before* running 'make install'.
cat > /usr/src/vhcs2/configs/vhcs2.conf << "EOF"
BuildDate = 03.01.2006
Version = 2.4.7.1
VersionH = 2.4 Spartacus
LOGIN_TIME_OUT = 20
DEFAULT_ADMIN_ADDRES =
SERVER_HOSTNAME = serv1
BASE_SERVER_IP = 127.0.0.1
MR_LOCK_FILE = /tmp/vhcs2.lock
CMD_HOSTNAME = /bin/hostname
CMD_IFCONFIG = /sbin/ifconfig
CMD_USERADD = /usr/sbin/useradd
CMD_USERDEL = /usr/sbin/userdel
CMD_GROUPADD = /usr/sbin/groupadd
CMD_GROUPDEL = /usr/sbin/groupdel
CMD_MYSQL = /usr/bin/mysql
FTPD_CONF_FILE = /etc/proftpd.conf
CMD_CHOWN = /bin/chown
DATABASE_TYPE = mysql
DATABASE_HOST = localhost
DATABASE_NAME = vhcs2
DATABASE_PASSWORD =
DATABASE_USER = root
ROOT_DIR = /var/www/vhcs2
CONF_DIR = /etc/vhcs2
LOG_DIR = /var/log/vhcs2
BIND_CONF_FILE = /etc/bind/named.conf
BIND_DB_DIR = /var/cache/bind
SECONDARY_DNS = ns2.fatpenguinhosting.com
APACHE_CMD = /usr/sbin/apache2
APACHE_NAME = apache2
APACHE_RESTART_TRY = 3
APACHE_WWW_DIR = /var/www/virtual
APACHE_LOG_DIR = /var/log/apache2
APACHE_USERS_LOG_DIR = /var/log/apache2/users
APACHE_BACKUP_LOG_DIR = /var/log/apache2/backup
APACHE_CONF_FILE = /etc/apache2/sites-available/vhcs2.conf
GUI_ROOT_DIR = /var/www/vhcs2/gui
PEAR_DIR = /usr/share/php
CMD_PS = /bin/ps
CMD_WC = /usr/bin/wc
APACHE_SUEXEC_MIN_UID = 2000
APACHE_SUEXEC_MIN_GID = 2000
APACHE_SUEXEC_USER_PREF = vu
APACHE_USER = www-data
APACHE_GROUP = www-data
POSTFIX_CONF_FILE = /etc/postfix/main.cf
POSTFIX_MASTER_CONF_FILE = /etc/postfix/master.cf
MTA_LOCAL_MAIL_DIR = /var/mail
MTA_VIRTUAL_MAIL_DIR = /var/mail/virtual
MTA_LOCAL_ALIAS_HASH = /etc/aliases
MTA_VIRTUAL_CONF_DIR = /etc/postfix/vhcs2
MTA_VIRTUAL_ALIAS_HASH = /etc/postfix/vhcs2/aliases
MTA_VIRTUAL_DMN_HASH = /etc/postfix/vhcs2/domains
MTA_VIRTUAL_MAILBOX_HASH = /etc/postfix/vhcs2/mailboxes
MTA_TRANSPORT_HASH = /etc/postfix/vhcs2/transport
MTA_SENDER_ACCESS_HASH = /etc/postfix/vhcs2/sender-access
MTA_MAILBOX_MIN_UID = 1004
MTA_MAILBOX_UID = 1004
MTA_MAILBOX_UID_NAME = vmail
MTA_MAILBOX_GID = 8
MTA_MAILBOX_GID_NAME = mail
MTA_SASLDB_LOCAL_DOMAIN = fatpenguinhosting.com
MTA_SASLDB_FILE = /var/spool/postfix/etc/sasldb2
ETC_SASLDB_FILE = /etc/sasldb2
CMD_SASLDB_LISTUSERS2 = /usr/sbin/sasldblistusers2
CMD_SASLDB_PASSWD2 = /usr/sbin/saslpasswd2
CMD_POSTMAP = /usr/sbin/postmap
CMD_NEWALIASES = /usr/bin/newaliases
CMD_ECHO = /bin/echo
CMD_LN = /bin/ln
COURIER_CONF_DIR = /etc/courier
AUTHLIB_CONF_DIR = /etc/courier
CMD_MAKEUSERDB = /usr/sbin/makeuserdb
BACKUP_HOUR = 23
BACKUP_MINUTE = 40
BACKUP_ROOT_DIR = /var/www/vhcs2/engine/backup
CMD_CRONTAB = /usr/bin/crontab
CMD_TAR = /bin/tar
CMD_MV = /bin/mv
CMD_RM = /bin/rm
CMD_DU = /usr/bin/du
CMD_NAMED = /etc/init.d/bind9
CMD_MTA = /etc/init.d/postfix
CMD_HTTPD = /usr/local/sbin/apachectl
CMD_AUTHD = /etc/init.d/courier-authdaemon
CMD_IMAP = /etc/init.d/courier-imap
CMD_POP = /etc/init.d/courier-pop
CMD_AMAVIS = no
CMD_FTPD = /etc/init.d/proftpd
CMD_VHCS2D = /etc/init.d/vhcs2_daemon
CMD_VHCS2N = /etc/rc.d/vhcs2_network
CMD_IPTABLES = /sbin/iptables
CMD_CP = /bin/cp
CMD_DIFF = /usr/bin/diff
CMD_GREP = /bin/grep
CMD_CAT = /bin/cat
CMD_AWK = /usr/bin/awk
CMD_PFLOGSUMM = /usr/sbin/maillogconvert.pl
TRAFF_LOG_DIR = /var/log
FTP_TRAFF_LOG = ftp_traff.log
MAIL_TRAFF_LOG = mail.log
MAIL_LOG_INC_AMAVIS = 0
PREV_TRAFF_LOG_MAX_SIZE = 10485760
QUOTA_ROOT_DIR = /var/www/vhcs2/engine/quota
TRAFF_ROOT_DIR = /var/www/vhcs2/engine/traffic
TOOLS_ROOT_DIR = /var/www/vhcs2/engine/tools
USER_INITIAL_LANG = lang_English
USER_INITIAL_THEME = modern_blue
USER_INITIAL_THEME_COLOR = blue
USER_LAYOUT_ID = 1
VHCS_LICENSE = VHCS Pro v2<br>
MINIMAL_FTP_UID = 2000
MINIMAL_FTP_GID = 2000
FTP_USERNAME_SEPARATOR = @
FTP_HOMEDIR = /var/www/virtual
FTP_SHELL = /bin/bash
IPS_LOGO_PATH = ../themes/user_logos
VHCS_SUPPORT_SYSTEM = yes
VHCS_SUPPORT_SYSTEM_PATH = support_system.php
VHCS_SUPPORT_SYSTEM_TARGET =
MYSQL_PREFIX = yes
MYSQL_PREFIX_TYPE =
WEBMAIL_PATH = ../tools/webmail/
WEBMAIL_TARGET = _blank
PMA_PATH = ../tools/pma/
PMA_TARGET = _blank
FILEMANAGER_PATH = ../tools/filemanager/
FILEMANAGER_TARGET = _blank
DATE_FORMAT = d.m.Y
HTACCESS_USERS_FILE_NAME = .htpasswd
HTACCESS_GROUPS_FILE_NAME = .htgroup
HTPASSWD_CMD = /usr/bin/htpasswd2
BACKUP_FILE_DIR = /var/www/vhcs2/backups
EOF

BUILD VHCS
cd /usr/src/vhcs2

make install
the compiled VHCS programming should now be located in /tmp.
more  /tmp/vhcs-2.4.7.1/etc/vhcs2/vhcs2.conf
last minute file system prep for compatibility:
rm /var/mail

mkdir -p /etc/sasldb2

squidbait:/usr/src/vhcs2# rm /var/mail
rm: cannot remove `/var/mail': Is a directory
squidbait:/usr/src/vhcs2#
squidbait:/usr/src/vhcs2# mkdir -p /etc/sasldb2
mkdir: `/etc/sasldb2' exists but is not a directory

proceed to copy the contents of '/tmp/vhcs-2.4.7.1/' into the OS:
cp -R /tmp/vhcs-2.4.7.1/* /
VHCS SETUP SCRIPT
Run the VHCS setup script:
/var/www/vhcs2/engine/setup/vhcs2-setup
If the script ran successfully ; the compiled VHCS should now be installed:
more  /etc/vhcs2/vhcs2.conf
Visit http://111.112.113.114:1081/vhcs2/ to log in to the cp.

VHCS CRON JOBS
cat > /etc/vhcs2/crontab/working/crontab.conf << "EOF"
0 23 * * * /var/www/vhcs2/engine/quota/vhcs2-dsk-quota &>/var/log/vhcs2/vhcs2-qsk-quota.log
0,30 * * * * /var/www/vhcs2/engine/traffic/vhcs2-srv-traff &>/var/log/vhcs2/vhcs2-srv-traff.log
30 23 * * * /var/www/vhcs2/engine/tools/vhcs2-httpd-logs-mngr &>/var/log/vhcs2/vhcs2-httpd-logs-mngr.log
0,30 * * * * /var/www/vhcs2/engine/traffic/vhcs2-vrl-traff &>/var/log/vhcs2/vhcs2-vrl-traff.log
0 1 * * * /var/www/vhcs2/engine/tools/vhcs2-backup-all yes &>/var/log/vhcs2/vhcs2-backup-all-mngr.log
EOF

crontab -u root /etc/vhcs2/crontab/working/crontab.conf

cat /var/spool/cron/crontabs/root

SOME WARNINGS ABOUT WHAT THE SETUP SCRIPT WILL DO TO YOUR SYSTEM
The setup script will overwrite /etc/hosts and /etc/resolv.conf !! The will need to be repaired

if you have iptables rules in place with the default policy of DROP then the setup script will lock you out of ssh access. If you don't have physical access to your server you may want to implement something like this before running the setup script:

cat > /root/firewall_reset << "EOF"
*filter
:INPUT ACCEPT [164:15203]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [147:63028]
COMMIT
EOF

crontab -e

0,15,30,45 * * * * /sbin/iptables-restore < /root/firewall_reset

(default text editor will launch. save to apply the crontab edits)

cat /var/spool/cron/crontabs/root

/ETC/INIT.D/VHCS2_DAEMON
cat > /etc/init.d/vhcs2_daemon << "EOF"
#! /bin/sh
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/var/www/vhcs2/daemon/vhcs2_daemon
NAME=vhcs2_daemon
DESC=vhcs2_daemon

test -f $DAEMON || exit 0

set -e

case "$1" in
start)
echo -n "Starting $DESC: "
start-stop-daemon --start --verbose --exec $DAEMON
/etc/init.d/vhcs2_network
echo "$NAME."
;;
stop)
echo -n "Stopping $DESC: "
start-stop-daemon --stop --verbose --exec $DAEMON
echo "$NAME."
;;
restart|force-reload)
echo -n "Restarting $DESC: "
start-stop-daemon --stop --verbose --exec $DAEMON
start-stop-daemon --start --verbose --exec $DAEMON
echo "$NAME."
;;
*)
N=/etc/init.d/$NAME
echo "Usage: $N {start|stop|restart|force-reload}" >&2
exit 1
;;
esac

exit 0
EOF

chmod +x /etc/init.d/vhcs2_daemon

/usr/sbin/update-rc.d vhcs2_daemon defaults

/ETC/INIT.D/VHCS2_NETWORK
cat > /etc/init.d/vhcs2_network << "EOF"
#!/bin/bash
echo "leaving iptables rules untouched"

EOF

chmod +x /etc/init.d/vhcs2_network

/etc/init.d/vhcs2_daemon start

when the daemon is running you should see:

nmap localhost = 9876/tcp open sd

NOTES
Make sure that you can connect to the mysql server before running the setup script:
mysql -u root --password=dbpasswd

exit
Run the VHCS setup script:
/var/www/vhcs2/engine/setup/vhcs2-setup
           
Wlecome to VHCS2 '2.4 Spartacus' Setup Dialog.

This program will set up VHCS2 system on your server.

Please press 'Enter' to continue.

Please enter system hostname (Enter for defaults) [tux]:

Please enter system network address (Enter for defaults) [192.168.0.128]:

Please enter SQL server host (Enter for defaults) [localhost]:

Please enter system SQL database (Enter for defaults) [vhcs2]:

Please enter system SQL user (Enter for defaults) [root]:

Please enter system SQL password (Enter for defaults) [none]:
Please repeat system SQL password:

Please enter VHCS ftp SQL user (Enter for defaults) [vftp]:

Please enter VHCS ftp SQL user password (Enter for defaults) [none]: vftp
Please repeat VHCS ftp SQL user password: vftp

Please enter administrator login name (Enter for defaults) [admin]:

Please enter administrator password:
Please repeat administrator password:

Please enter admininistrator email address: admin@hostinghacks.usa

note that the setup script will mangle both the 
'/etc/hosts' and '/etc/resolv.conf' files which may need to be replaced afterwards.
NOTES
#!/bin/bash

#
# Traffic chains.
#

RMMOD='/sbin/rmmod'

IPTABLES="/sbin/iptables"

${RMMOD} ipchains 1>/tmp/vhcs2_network.log 2>/tmp/vhcs2_network.err.log

${IPTABLES} -F INPUT
${IPTABLES} -F OUTPUT
${IPTABLES} -F FORWARD

# all traffic

${IPTABLES} -I INPUT

${IPTABLES} -I OUTPUT

# web traffic

${IPTABLES} -I INPUT -p tcp --dport 80
${IPTABLES} -I OUTPUT -p tcp --sport 80

# pop3 traffic

${IPTABLES} -I INPUT -p tcp --dport 110
${IPTABLES} -I OUTPUT -p tcp --sport 110

# imap traffic

${IPTABLES} -I INPUT -p tcp --dport 143
${IPTABLES} -I OUTPUT -p tcp --sport 143

# mail traffic

${IPTABLES} -I INPUT -p tcp --dport 25
${IPTABLES} -I OUTPUT -p tcp --sport 25


rm -f /etc/cron.daily/exim4-base

7 SELECT "INBOX"

What gets installed

  • /usr/local/etc/authlib - the configuration files.
  • /usr/local/sbin - the authdaemond startup script; several utility programs (courierlogger, authconfig, authtest, authenumerate); and userdb scripts.
  • /usr/local/lib/courier-authlib - various authentication modules, as shared libraries.
  • /usr/local/libexec/courier-authlib - some miscellaneous stuff.
  • /usr/local/var/authdaemon - a subdirectory that contains the filesystem socket which authdaemond listens on.
  • /usr/local/include - a header file that Courier packages will use to build agains