Sunday, August 22, 2010

Apache : Linux Ubuntu Server 10.04 Chapter 4

Apache is the most commonly used Web Server on Linux systems. Web Servers are used to serve Web Pages requested by client computers. Clients typically request and view Web Pages using Web Browser applications such as Firefox, Opera, or Mozilla

Apache Web Servers are often used in combination with the MySQL database engine, the HyperText Preprocessor (PHP) scripting language, and other popular scripting languages such as Python and Perl. This configuration is termed LAMP (Linux, Apache, MySQL and Perl/Python/PHP) and forms a powerful and robust platform for the development and deployment of Web-based applications.

The Apache2 web server is available in Ubuntu Linux. To install Apache2:
yoyok@yoyok-desktop:~$ sudo apt-get install apache2

Apache Configuration
Apache2 is configured by placing directives in plain text configuration files. These directives are
separated between the following files and directories:
• apache2.conf: the main Apache2 configuration file. Contains settings that are global to Apache2.
• conf.d: contains configuration files which apply globally to Apache2. Other packages that use
Apache2 to serve content may add files, or symlinks, to this directory.
• envvars: file where Apache2 environment variables are set.
• httpd.conf: historically the main Apache2 configuration file, named after the httpd daemon. The file can be used for user specific configuration options that globally effect Apache2.
• mods-available: this directory contains configuration files to both load modules and configure them. Not all modules will have specific configuration files, however
• mods-enabled: holds symlinks to the files in /etc/apache2/mods-available. When a module configuration file is symlinked it will be enabled the next time apache2 is restarted.
• ports.conf: houses the directives that determine which TCP ports Apache2 is listening on.
• sites-available: this directory has configuration files for Apache2 Virtual Hosts. Virtual Hosts allow Apache2 to be configured for multiple sites that have separate configurations.
• sites-enabled: like mods-enabled, sites-enabled contains symlinks to the /etc/apache2/sitesavailable directory. Similarly when a configuration file in sites-available is symlinked, the site configured by it will be active once Apache2 is restarted.

Apache2 ships with a virtual-host-friendly default configuration. That is, it is configured with a single default virtual host (using the VirtualHost directive) which can modified or used as-is if you have a single site, or used as a template for additional virtual hosts if you have multiple sites. If left alone, the default virtual host will serve as your default site, or the site users will see if the URL
they enter does not match the ServerName directive of any of your custom sites. To modify the default virtual host, edit the file /etc/apache2/sites-available/default

this example of /etc/apache2/sites-available/default :
NameVirtualHost 192.168.45.126

ServerAdmin webmaster@localhost
DocumentRoot /var/www/yoyok
ServerName www.yoyok.com

Options FollowSymLinks
AllowOverride None


Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
# Uncomment this directive is you want to see apache2's
# default start page (in /apache2-default) when you go to /
#RedirectMatch ^/$ /apache2-default/


ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all


ErrorLog /var/log/apache2/errorYOYOK.log

# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/accessYOYOK.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"

Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128




after configure the apache, don't forget to restart :
yoyok@yoyok-server:~$ sudo /etc/init.d/apache2 restart
Read More

Thursday, August 5, 2010

Linux Ubuntu Server 10.04 Chapter 3 Networking

Networking

Ubuntu ships with a number of graphical utilities to configure your network devices. This document is geared toward server administrators and will focus on managing your network on the command line.

Ethernet interfaces are identified by the system using the naming convention of ethX, where X
represents a numeric value. The first Ethernet interface is typically identified as eth0, the second as eth1, and all others should move up in numerical order.

To quickly identify all available Ethernet interfaces, you can use the ifconfig command as shown
below.
yoyok@yoyok-server:~$ ifconfig -a | grep eth0
eth0 Link encap:Ethernet HWaddr 00:13:d4:0e:32:59


Another application that can help identify all network interfaces available to your system is the lshw command. In the example below, lshw shows a single Ethernet interface with the logical name of eth0 along with bus information, driver details and all supported capabilities.

yoyok@yoyok-server:~$ sudo lshw -class network
[sudo] password for yoyok:
*-network:0
description: Ethernet interface
product: RTL-8139/8139C/8139C+
vendor: Realtek Semiconductor Co., Ltd.
physical id: 2
bus info: pci@0000:02:02.0
logical name: eth0
version: 10
serial: 00:13:d4:0e:32:59
size: 10MB/s
capacity: 100MB/s
width: 32 bits
clock: 33MHz
capabilities: pm bus_master cap_list ethernet physical tp mii 10bt 10bt-fd 100bt 100bt-fd autonegotiation
QPPK7DA834B3
configuration: autonegotiation=on broadcast=yes driver=8139too driverversion=0.9.28 duplex=half latency=64 link=no maxlatency=64 mingnt=32 module=8139too multicast=yes port=MII speed=10MB/s

To configure your system to use a static IP address assignment, add the static method to the inet address family statement for the appropriate interface in the file /etc/network/interfaces. The example below assumes you are configuring your first Ethernet interface identified as eth0. Change the address, netmask, and gateway values to meet the requirements of your network.

auto eth0
iface eth0 inet static
address 192.168.45.11
netmask 255.255.255.0
gateway 192.168.45.10

By adding an interface configuration as shown above, you can manually enable the interface through
the ifup command.
sudo ifup eth0

To manually disable the interface, you can use the ifdown command.
sudo ifdown eth0

Loopback Interface
The loopback interface is identified by the system as lo and has a default IP address of 127.0.0.1. It can be viewed using the ifconfig command.

yoyok@yoyok-server:~$ ifconfig lo
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2718 errors:0 dropped:0 overruns:0 frame:0
TX packets:2718 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:183308 (183.3 KB) TX bytes:183308 (183.3 KB)

By default, there should be two lines in /etc/network/interfaces responsible for automatically
configuring your loopback interface. It is recommended that you keep the default settings unless you have a specific purpose for changing them. An example of the two default lines are shown below.

auto lo
iface lo inet loopback

DHCP
The Dynamic Host Configuration Protocol (DHCP) is a network service that enables host computers
to be automatically assigned settings from a server as opposed to manually configuring each network host. Computers configured to be DHCP clients have no control over the settings they receive from the DHCP server, and the configuration is transparent to the computer's user.
The most common settings provided by a DHCP server to DHCP clients include:
• IP-Address and Netmask
• DNS
• WINS

However, a DHCP server can also supply configuration properties such as:
• Host Name
• Domain Name
• Default Gateway
• Time Server
• Print Server

The advantage of using DHCP is that changes to the network, for example a change in the address of
the DNS server, need only be changed at the DHCP server, and all network hosts will be reconfigured the next time their DHCP clients poll the DHCP server. As an added advantage, it is also easier to integrate new computers into the network, as there is no need to check for the availability of an IP address. Conflicts in IP address allocation are also reduced.
A DHCP server can provide configuration settings using two methods:

MAC Address
This method entails using DHCP to identify the unique hardware address of each network card
connected to the network and then continually supplying a constant configuration each time the
DHCP client makes a request to the DHCP server using that network device.

Address Pool
This method entails defining a pool (sometimes also called a range or scope) of IP addresses from
which DHCP clients are supplied their configuration properties dynamically and on a "first come,
first served" basis. When a DHCP client is no longer on the network for a specified period, the
configuration is expired and released back to the address pool for use by other DHCP Clients.
Ubuntu is shipped with both DHCP server and client. The server is dhcpd (dynamic host
configuration protocol daemon). The client provided with Ubuntu is dhclient and should be installed on all computers required to be automatically configured. Both programs are easy to install and configure and will be automatically started at system boot.

At a terminal prompt, enter the following command to install dhcpd:
sudo apt-get install dhcp3-server
You will probably need to change the default configuration by editing /etc/dhcp3/dhcpd.conf to suit your needs and particular configuration.
You also need to edit /etc/default/dhcp3-server to specify the interfaces dhcpd should listen to. By default it listens to eth0.

# Sample /etc/dhcpd.conf
# (add your comments here)
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "mydomain.example";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
range 192.168.1.150 192.168.1.200;
}

This will result in the DHCP server giving a client an IP address from the range
192.168.1.10-192.168.1.100 or 192.168.1.150-192.168.1.200. It will lease an IP address for 600
seconds if the client doesn't ask for a specific time frame. Otherwise the maximum (allowed) lease
will be 7200 seconds. The server will also "advise" the client that it should use 255.255.255.0 as
its subnet mask, 192.168.1.255 as its broadcast address, 192.168.1.254 as the router/gateway and
192.168.1.1 and 192.168.1.2 as its DNS servers.

Read More

Tuesday, August 3, 2010

Linux Ubuntu Server 10.04 Chapter 2 Package Management

Linux Ubuntu Server 10.04 Chapter 2 is about Package Management


Ubuntu features a comprehensive package management system for the installation, upgrade, configuration, and removal of software. In addition to providing access to an organized base of over 24,000 software packages for your Ubuntu computer, the package management facilities QPPK7DA834B3 also feature dependency resolution capabilities and software update checking.

Several tools are available for interacting with Ubuntu's package management system, from simple
command-line utilities which may be easily automated by system administrators, to a simple graphical interface which is easy to use by those new to Ubuntu.


Ubuntu's package management system is derived from the same system used by the Debian GNU/
Linux distribution. The package files contain all of the necessary files, meta-data, and instructions to implement a particular functionality or software application on your Ubuntu computer.

Debian package files typically have the extension '.deb', and typically exist in repositories which are collections of packages found on various media, such as CD-ROM discs, or online. Packages are normally of the pre-compiled binary format; thus installation is quick and requires no compiling of software.

Many complex packages use the concept of dependencies. Dependencies are additional packages
required by the principal package in order to function properly. For example, the speech synthesis package Festival depends upon the package libasound2, which is a package supplying the ALSA sound library needed for audio playback. In order for Festival to function, it and all of its dependencies must be installed. The software management tools in Ubuntu will do this automatically

dpkg
dpkg is a package manager for Debian based systems. It can install, remove, and build packages, but unlike other package management system's it can not automatically download and install packages and their dependencies. This section covers using dpkg to manage locally installed packages:
• To list all packages installed on the system, from a terminal prompt enter:
dpkg -l

• Depending on the amount of packages on your system, this can generate a large amount of output.
Pipe the output through grep to see if a specific package is installed:
dpkg -l | grep apache2
Replace apache2 with any package name, part of a package name, or other regular expression.

• To list the files installed by a package, in this case the ufw package, enter:
dpkg -L ufw

• If you are not sure which package installed a file, dpkg -S may be able to tell you. For example:
dpkg -S /etc/host.conf
base-files: /etc/host.conf

The output shows that the /etc/host.conf belongs to the base-files package.

• You can install a local .deb file by entering:
sudo dpkg -i zip_2.32-1_i386.deb
Change zip_2.32-1_i386.deb to the actual file name of the local .deb file.

• Uninstalling a package can be accomplished by:
sudo dpkg -r zip

apt-get
The apt-get command is a powerful command-line tool used to work with Ubuntu's Advanced
Packaging Tool (APT) performing such functions as installation of new software packages, upgrade
of existing software packages, updating of the package list index, and even upgrading the entire
Ubuntu system.

Being a simple command-line tool, apt-get has numerous advantages over other package management
tools available in Ubuntu for server administrators. Some of these advantages include ease of use over simple terminal connections (SSH) and the ability to be used in system administration scripts, which can in turn be automated by the cron scheduling utility.
Some examples of popular uses for the apt-get utility:

• Install a Package: Installation of packages using the apt-get tool is quite simple. For example, to install the network scanner nmap, type the following:
sudo apt-get install nmap

• Remove a Package: Removal of a package or packages is also a straightforward and simple
process. To remove the nmap package installed in the previous example, type the following:
sudo apt-get remove nmap

Also, adding the --purge options to apt-get remove will remove the package configuration files as
well. This may or may not be the desired effect so use with caution.

• Update the Package Index: The APT package index is essentially a database of available
packages from the repositories defined in the /etc/apt/sources.list file. To update the local
package index with the latest changes made in repositories, type the following:
sudo apt-get update

• Upgrade Packages: Over time, updated versions of packages currently installed on your computer
may become available from the package repositories (for example security updates). To upgrade
your system, first update your package index as outlined above, and then type:
sudo apt-get upgrade

Automatic Updates
The unattended-upgrades package can be used to automatically install updated packages, and can be
configured to update all packages or just install security updates. First, install the package by entering
the following in a terminal:
sudo apt-get install unattended-upgrades

To configure unattended-upgrades, edit /etc/apt/apt.conf.d/50unattended-upgrades and adjust
the following to fit your needs:
Unattended-Upgrade::Allowed-Origins {
"Ubuntu lucid-security";
// "Ubuntu lucid-updates";
};
Certain packages can also be blacklisted and therefore will not be automatically updated. To blacklist a package, add it to the list:
Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};

To enable automatic updates, edit /etc/apt/apt.conf.d/10periodic and set the appropriate apt
configuration options:
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

The above configuration updates the package list, downloads, and installs available upgrades every
day. The local download archive is cleaned every week.

Configuration APT
Configuration of the Advanced Packaging Tool (APT) system repositories is stored in the /etc/apt/
sources.list configuration file. An example of this file is referenced here, along with information on adding or removing repository references from the file.
Here is a simple example of a typical /etc/apt/sources.list file.
You may edit the file to enable repositories or disable them. For example, to disable the requirement
of inserting the Ubuntu CD-ROM whenever package operations occur, simply comment out the
appropriate line for the CD-ROM, which appears at the top of the file:
# no more prompting for CD-ROM please
# deb cdrom:[Ubuntu 10.04_Lucid_Lynx - Release i386 (20070419.1)]/ lucid main restricted

Repository
In addition to the officially supported package repositories available for Ubuntu, there exist additional community-maintained repositories which add thousands more potential packages for installation.

Two of the most popular are the Universe and Multiverse repositories. These repositories are not
officially supported by Ubuntu, but because they are maintained by the community they generally
provide packages which are safe for use with your Ubuntu computer.

By default, the Universe and Multiverse repositories are enabled but if you would like to disable them, edit /etc/apt/sources.list and comment the following lines:
deb http://archive.ubuntu.com/ubuntu lucid universe multiverse
deb-src http://archive.ubuntu.com/ubuntu lucid universe multiverse
deb http://us.archive.ubuntu.com/ubuntu/ lucid universe
deb-src http://us.archive.ubuntu.com/ubuntu/ lucid universe
deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe
deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates universe
deb http://us.archive.ubuntu.com/ubuntu/ lucid multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ lucid multiverse
deb http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ lucid-updates multiverse
deb http://security.ubuntu.com/ubuntu lucid-security universe
deb-src http://security.ubuntu.com/ubuntu lucid-security universe
deb http://security.ubuntu.com/ubuntu lucid-security multiverse
deb-src http://security.ubuntu.com/ubuntu lucid-security multiverse

Ok. lets try that and see you at the next chapter.


Read More

Linux Ubuntu Server 10.04 Chapter 1 Instalation

Preparing to Install Ubuntu Server 10.04 Lucid Lynx
This section explains various aspects to consider before starting the installation.



Ubuntu 10.04 LTS Server Edition supports two (2) major architectures: Intel x86 and AMD64.
Recommended Minimum Requirements is 128MB of RAM and 50GB of Harddisk.

The Server Edition provides a common base for all sorts of server applications. It is a minimalist
design providing a platform for the desired services, such as file/print services, web hosting, email, or hosting.


Instalation From CD

The basic steps to install Ubuntu Server Edition from CD are the same for installing any operating
system from CD. Unlike the Desktop Edition the Server Edition does not include a graphical
installation program. Instead the Server Edition uses a console menu based process.

• First, download and burn the appropriate ISO file from the Ubuntu web site.
• Boot the system from the CD-ROM drive.
• At the boot prompt you will be asked to select the language. Afterwards the installation process
begins by asking for your keyboard layout.
• From the main boot menu there are some additional options to install Ubuntu Server Edition. You can install a basic Ubuntu Server, or install Ubuntu Server as part of a Ubuntu Enterprise Cloud.
• The installer then discovers your hardware configuration, and configures the network settings using DHCP. If you do not wish to use DHCP at the next screen choose "Go Back", and you have the option to "Configure the network manually".
• Next, the installer asks for the system's hostname and Time Zone.
• You can then choose from several options to configure the hard drive layout.
• The Ubuntu base system is then installed.
• A new user is setup, this user will have root access through the sudo utility.
• After the user is setup, you will be asked to encrypt your home directory.
• The next step in the installation process is to decide how you want to update the system.

There are three options:
• No automatic updates: this requires an administrator to log into the machine and manually install updates.
• Install security updates Automatically: will install the unattended-upgrades package, which will install security updates without the intervention of an administrator.
• Manage the system with Landscape: Landscape is a paid service provided by Canonical to help manage your Ubuntu machines.
• You now have the option to install, or not install, several package tasks.
• Finally, the last step before rebooting is to set the clock to UTC QPPK7DA834B3.

At some point during the installation process you may want to read the help screen provided by the
installation system. To do this, press F1.

During the Server Edition installation you have the option of installing additional packages from the CD. The packages are grouped by the type of service they provide.
• Cloud computing: Walrus storage service
• Cloud computing: all-in-one cluster
• Cloud computing: Cluster controller
• Cloud computing: Node controller
• Cloud computing: Storage controller
• Cloud computing: top-level cloud controller
• DNS server: Selects the BIND DNS server and its documentation.
• LAMP server: Selects a ready-made Linux/Apache/MySQL/PHP server.
• Mail server: This task selects a variety of package useful for a general purpose mail server system.
• OpenSSH server: Selects packages needed for an OpenSSH server.
• PostgreSQL database: This task selects client and server packages for the PostgreSQL database.
• Print server: This task sets up your system to be a print server.
• Samba File server: This task sets up your system to be a Samba file server, which is especially suitable in networks with both Windows and Linux systems.
• Tomcat server: Installs the Apache Tomcat and needed dependencies Java, gcj, etc.
• Virtual machine host: Includes packages needed to run KVM virtual machines.
• Manually select packages: Executes apptitude allowing you to individually select packages.

Installing the package groups is accomplished using the tasksel utility. One of the important
difference between Ubuntu (or Debian) and other GNU/Linux distribution is that, when installed, a
package is also configured to reasonable defaults, eventually prompting you for additional required information. Likewise, when installing a task, the packages are not only installed, but also configured to provided a fully integrated service.

Once the installation process has finished you can view a list of available tasks by entering the
following from a terminal prompt:
tasksel --list-tasks

You can view a list of which packages are installed with each task using the --task-packages option. For example, to list the packages installed with the DNS Server task enter the following:
tasksel --task-packages dns-server
The output of the command should list:
bind9-doc
bind9utils
bind9
Also, if you did not install one of the tasks during the installation process, but for example you decide
to make your new LAMP server a DNS server as well. Simply insert the installation CD and from a
terminal:
sudo tasksel install dns-server

Similarly to chapter 1 of the installation phase, will next be discussed in chapter 2 of the Ubuntu Server Management.

Read More