Академический Документы
Профессиональный Документы
Культура Документы
Ubuntu
Step-by-Step Installation
This section provides a basic step-by-step installation of Ubuntu from the install disc. The install
process itself is fairly straightforward, and you should not encounter any real problems.
It is useful to have your computer ready to connect to the Internet so that you can download
updates as soon as you have finished the installation. Although typically you would be
recommended to not have your computer connected up, Ubuntu's unique security configuration
means that it effectively blocks all incoming network ports, so it is fairly secure until you start
opening these ports.
To get started, insert the DVD into your drive and reboot your computer. You will first see a
boot screen that offers a variety of options for booting (see Figure 3.1).
Figure 3.1 Select an installation option in this first Ubuntu boot screen.
After the bootup, Ubuntu's GNOME-based desktop appears ready for you to start experimenting
(see Figure 3.2). At this point, you have a fully functional Ubuntu desktop in place with the
exception that nothing has been installed to your hard drive. Live CDs are somewhat unique to
Linux and are a great way to test out a disro's compatibility with your hardware. Take this
opportunity to have a play around with Ubuntu to see whether any problems exist.
Figure 3.2 You can check your CD-ROM or DVD media before installing Ubuntu.
More often than not, your hardware will be fine, and you can proceed to install Ubuntu. You do
this by double-clicking the Install icon helpfully located on your desktop (see Figure 3.3).
Figure 3.3 The standard Ubuntu desktop, complete with the helpful Install icon ready for you to
make the switch to Ubuntu.
After a couple of seconds, the Installation Welcome screen appears and prompts you to select a
language (see Figure 3.4). As you can see, Ubuntu supports a wide range of languages, even
native Welsh! Click forward when you have selected your language.
The next screen asks you to specify your location in the world. This is used for setting time and
region options, so find the city closest to you on the map and select it. Figure 3.5 shows that we
have selected London, but it could be another city that is closer to you. Ubuntu automatically
chooses the time zone and detects the offset from Greenwich mean time (GMT) for you. If you
want to specify time settings, click the Set Time button, which gives you Time & Date Settings
(see Figure 3.6).
Figure 3.5 Choose the closest city to you in the world to allow Ubuntu to configure time and
region settings correctly.
Figure 3.6 Set your clocks accurately, or let the Internet do it for you.
You cannot set Ubuntu to update its time setting automatically until you have finished the
installation, but you can do a one-off synchronize, and it is worth doing this to ensure accuracy.
Click Forward to continue to the next screen.
Following on from the Time and Region screen is the keyboard layout. Ubuntu will give a good
guess at what type of keyboard is connected to your computer, but it allows you to change it in
case it should differ. Make sure to find the correct layout for your keyboard (see Figure 3.7). If in
doubt, use the text box at the bottom of the screen to try out all the keys.
Figure 3.7 Choose the most appropriate keyboard layout for your computer, and then rigorously
test it!
When you are happy that the keyboard layout is correct, click Forward to move on to the
personal details screen (see Figure 3.8). Here you need to input your full name, your required
username and password, and the name of the computer that you are installing onto.
Figure 3.8 Fill out all the fields on this screen to give you and your computer an identity.
CAUTION
When you set your password, be sure and remember what you entered! If you forget it, you will
not be able to do much with your new system because you will not be able to log on to it.
When setting a password, make sure that it has a mixture of letters and numbers to make it more
secure. For instance, a good example of a password is T1a5c0p. Although this may seem like
garbage at first glance, the easy way to remember it is by remembering the phrase This Is A
Good Choice Of Password, shortened to Tiagcop, and finally substituting some of the letters with
similar-looking numbers. Experiment with some phrases to see what you can come up with.
Partitioning under Linux used to be somewhat of a black art, but Ubuntu has made it easy. You
have three main options (shown in Figure 3.9): resize the disk and use the freedup space, erase
and use the entire disc, or manually edit the partition table. Unless you have a requirement to do
so, avoid the third option; it can seriously cause trouble with other operating systems. For now,
we assume that you want to resize your partition.
Figure 3.9 Tread carefully. One false move could obliterate your Windows partition. Wait, you
wanted to do that?
Use the slider to choose how big you want your new partition to be. We recommend no less than
20GB, to give yourself plenty of breathing room on your hard drive. Click Forward to start the
resizing process. This can take some time, so you may want to go off and read some more of this
book to learn about what else you can do with Ubuntu.
Alternatively you might decide that you want to erase all the data on your disk and start from
scratch. In our opinion, this is the easiest and fastest option. Regardless of whether you go for
resizing or erasing all, you end up at the Ready to Install screen, where Ubuntu summarizes the
information that you have given it so you can check it off. The final step is to click Install. After
you do so, Ubuntu begins copying files across to your hard drive (see Figure 3.10).
Figure 3.10 Sit back as Ubuntu takes over and installs itself to your hard drive.
After about 10 minutes, the installation finishes and you are asked whether you want to remain in
the Live CD or reboot into your new system (see Figure 3.11). Click Restart Now for Ubuntu to
eject the disc and reboot back into the full desktop system.
Figure 3.11 All done. Now all you have to do is reboot and watch as your system appears.
At this point, get ready to connect your machine to the Internet. Log in to Ubuntu at the GDM
welcome page (see Figure 3.12) and you will arrive at the default Ubuntu desktop (see Figure
3.13).
Figure 3.12 Enter your username and password to log on to your new system.
Figure 3.13 All ready for you to jump right in, the Ubuntu desktop welcomes you!
TIP
Ubuntu works well with other operating systems, and you should see your other operating
system listed on the GRUB screen. If you do not, head on over to http://www.tldp.org to get a
host of tips for configuring GRUB.
First Update
The first thing that you need to do with your new system is update it to the latest package
versions. You do this mainly to ensure that you have the latest security updates available.
You can do this in a couple of ways in Ubuntu, but the easiest way to do it is to click the Updates
icon in the panel to open the Update Manager. Your screen will darken, and you will be asked
for a password. This password is the same as the one you used to log in to your system and is
used in this case to authorize Ubuntu to make a systemwide change (install software, on this
occasion).
Figure 3.14 Get the latest security and bug-fix updates for your installed software by using
Update Manager.
The application is easy to use because it automatically retrieves information on all the possible
updates available to you. Just click Install Updates to start downloading and installing the
necessary package updates, as shown in Figure 3.15.
Figure 3.15 Update Manager takes the hard work out of keeping your software current.
If you want more information, just click the Show Details arrow, or if you want Ubuntu to check
again, click the Check button to force Ubuntu to refresh the updates.
The Perfect Setup - Ubuntu 6.06 LTS Server (Dapper Drake)
This is a detailed description about how to set up a Ubuntu 6.06 LTS (Dapper Drake) based
server that offers all services needed by ISPs and hosters (web server (SSL-capable), mail server
(with SMTP-AUTH and TLS!), DNS server, FTP server, MySQL server, POP3/IMAP, Quota,
Firewall, etc.).
In the end you should have a system that works reliably, and if you like you can install the free
webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).
I want to say first that this is not the only way of setting up such a system. There are many ways
of achieving this goal but this is the way I take. I do not issue any guarantee that this will work
for you!
1 Requirements
• the Ubuntu 6.06 LTS Server installation CD (the list of mirrors is available
here: http://www.ubuntu.com/download - I downloaded this one:
http://ubuntu.intergenia.de/releases/6.06/ubuntu-6.06-server-i386.iso)
• an internet connection.
Insert your Ubuntu install CD into your system and boot from it. Select Install to the hard disk - I
did not try Install a LAMP server because I like to have full control over what gets installed to
my system:
The installation starts, and first you have to choose your language:
Create a user, for example the user Administrator with the user name admin:
Now the base system is being installed:
The GRUB boot loader gets installed:
The base system installation is now finished. Remove the installation CD from the CD drive and
hit Continue to reboot the system:
On to the next step...
After the reboot you can login with your previously created username (e.g. admin). Because we
must run all the steps from this tutorial as root user, we must enable the root account now.
Run
su
Because the Ubuntu installer has configured our system to get its network settings via DHCP, we
have to change that now because a server should have a static IP address. Edit
/etc/network/interfaces and adjust it to your needs (in this example setup I will use the IP address
192.168.0.100):
vi /etc/network/interfaces
/etc/init.d/networking restart
vi /etc/hosts
Now run
hostname
hostname -f
shutdown -r now
Afterwards, run
hostname
hostname -f
From now on you can use an SSH client such as PuTTY and connect from your workstation to
your Ubuntu server and follow the remaining steps from this tutorial.
Edit /etc/apt/sources.list. Comment out the CD and enable some of the other repositories. It
should look like this:
vi /etc/apt/sources.list
#
# deb cdrom:[Ubuntu-Server 6.06 _Dapper Drake_ - Release i386
(20060531)]/ dapper main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://de.archive.ubuntu.com/ubuntu/ dapper-updates main
restricted
deb-src http://de.archive.ubuntu.com/ubuntu/ dapper-updates main
restricted
apt-get update
apt-get upgrade
8 Quota
Edit /etc/fstab to look like this (I added ,usrquota,grpquota to partition /dev/sda1 (mount point /;
your device name might be /dev/hda1 or similar):
vi /etc/fstab
9 DNS Server
Run
For security reasons we want to run BIND chrooted so we have to do the following steps:
/etc/init.d/bind9 stop
Edit the file /etc/default/bind9 so that the daemon will run as the unprivileged user bind, chrooted
to /var/lib/named. Modify the line: OPTIONS=" -u bind" so that it reads OPTIONS="-u bind
-t /var/lib/named":
vi /etc/default/bind9
mkdir -p /var/lib/named/etc
mkdir /var/lib/named/dev
mkdir -p /var/lib/named/var/cache/bind
mkdir -p /var/lib/named/var/run/bind/run
Then move the config directory from /etc to /var/lib/named/etc:
mv /etc/bind /var/lib/named/etc
Create a symlink to the new config directory from the old location (to avoid problems when bind
is upgraded in the future):
ln -s /var/lib/named/etc/bind /etc/bind
Make null and random devices, and fix permissions of the directories:
mknod /var/lib/named/dev/null c 1 3
mknod /var/lib/named/dev/random c 1 8
chmod 666 /var/lib/named/dev/null /var/lib/named/dev/random
chown -R bind:bind /var/lib/named/var/*
chown -R bind:bind /var/lib/named/etc/bind
We need to modify the startup script /etc/init.d/sysklogd of sysklogd so that we can still get
important messages logged to the system logs. Modify the line: SYSLOGD="-u syslog" so that it
reads: SYSLOGD="-u syslog -a /var/lib/named/dev/log":
vi /etc/init.d/sysklogd
[...]
SYSLOGD="-u syslog -a /var/lib/named/dev/log"
[...]
/etc/init.d/sysklogd restart
/etc/init.d/bind9 start
10 MySQL
We want MySQL to listen on all interfaces, not just localhost, therefore we edit
/etc/mysql/my.cnf and comment out the line bind-address = 127.0.0.1:
vi /etc/mysql/my.cnf
[...]
#bind-address = 127.0.0.1
[...]
/etc/init.d/mysql restart
netstat -tap
Run
to set a password for the user root (otherwise anybody can access your MySQL database!).
In order to install Postfix with SMTP-AUTH and TLS do the following steps:
Then run
dpkg-reconfigure postfix
Next, do this:
mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr
openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
openssl rsa -in smtpd.key -out smtpd.key.unencrypted
mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:$
{queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
myhostname = server1.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = server1.example.com, localhost.example.com, localhost
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions =
permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Restart Postfix:
/etc/init.d/postfix restart
Authentication will be done by saslauthd. We have to change a few things to make it work
properly. Because Postfix runs chrooted in /var/spool/postfix we have to do the following:
mkdir -p /var/spool/postfix/var/run/saslauthd
vi /etc/default/saslauthd
MECHANISMS="pam"
We must also edit /etc/init.d/saslauthd and change the location of saslauthd's PID file. Change
the value of PIDFILE to /var/spool/postfix/var/run/${NAME}/saslauthd.pid:
vi /etc/init.d/saslauthd
[...]
PIDFILE="/var/spool/postfix/var/run/${NAME}/saslauthd.pid"
[...]
/etc/init.d/saslauthd start
To see if SMTP-AUTH and TLS work properly now run the following command:
telnet localhost 25
After you have established the connection to your Postfix mail server type
ehlo localhost
250-STARTTLS
and
250-AUTH
everything is fine.
Type
quit
12 Courier-IMAP/Courier-POP3
Run this to install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-
POP3/Courier-POP3-SSL (for POP3s on port 995):
If you do not want to use ISPConfig, configure Postfix to deliver emails to a user's Maildir*:
*Please note: You do not have to do this if you intend to use ISPConfig on your system as
ISPConfig does the necessary configuration using procmail recipes. But please go sure to enable
Maildir under Management -> Server -> Settings -> EMail in the ISPConfig web interface.
13 Apache/PHP5
vi /etc/apache2/apache2.conf
[...]
DirectoryIndex index.html index.htm index.shtml index.cgi index.php
index.php3 index.pl index.xhtml
[...]
vi /etc/apache2/ports.conf
Listen 80
Listen 443
Now we have to enable some Apache modules (SSL, rewrite, suexec, and include):
a2enmod ssl
a2enmod rewrite
a2enmod suexec
a2enmod include
/etc/init.d/apache2 force-reload
(If you do not plan to install ISPConfig on this server, please skip this section!)
In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website
can run PHP scripts and which one cannot. This can only work if PHP is disabled globally
because otherwise all websites would be able to run PHP scripts, no matter what you specify in
ISPConfig.
To disable PHP globally, we edit /etc/mime.types and comment out the application/x-httpd-php
lines:
vi /etc/mime.types
[...]
#application/x-httpd-php phtml pht php
#application/x-httpd-php-source phps
#application/x-httpd-php3 php3
#application/x-httpd-php3-preprocessed php3p
#application/x-httpd-php4 php4
[...]
vi /etc/apache2/mods-enabled/php5.conf
<IfModule mod_php5.c>
# AddType application/x-httpd-php .php .phtml .php3
# AddType application/x-httpd-php-source .phps
</IfModule>
14 Proftpd
For security reasons you can add the following lines to /etc/proftpd.conf (thanks to Reinaldo
Carvalho; more information can be found here:
http://proftpd.linux.co.uk/localsite/Userguide/linked/userguide.html):
vi /etc/proftpd.conf
[...]
DefaultRoot ~
IdentLookups off
ServerIdent on "FTP Server ready."
[...]
/etc/init.d/proftpd restart
15 Webalizer
It is a good idea to synchronize the system clock with an NTP (network time protocol) server
over the internet. Simply run
Run
18 ISPConfig
The configuration of the server is now finished, and if you wish you can now install ISPConfig
on it. Please check out the ISPConfig installation:
http://www.ispconfig.org/manual_installation.htm
If you want to run CGI scripts under suExec, you should specify /var/www as the home directory
for websites created by ISPConfig as Ubuntu's suExec is compiled with /var/www as Doc_Root.
Run /usr/lib/apache2/suexec2 -V, and the output should look like this:
/usr/lib/apache2/suexec2 -V
To select /var/www as the home directory for websites during the installation of ISPConfig do
the following: When you are asked for the installation mode, select the expert mode.
Later during the installation you are asked if the default directory /home/www should be the
directory where ISPConfig will create websites in. Answer n and enter /var/www as the home
directory for websites.
19 Links
• Ubuntu: http://www.ubuntu.com
• ISPConfig: http://www.ispconfig.org