RedHat 7.3 Valhalla Install
#Installing to mirrored 8GB disks
Mouse not detected: Use text mode
Mouse selcection: Microsoft - compatible mouse (serial)
Device: /dev/ttyS0 (COM1)
Installation type: server
Disk Partitioning Setup: disk druid
hda1,hdb1 raid /boot
47M
hda2,hdb2 raid /
7750M
hda3,hdb3 swap swap
256M
Fdisk
(N)ew | (P)rimary
Partition# 1
First Cylinder: 1
Size: +47M
(N)ew | (P)rimary
Partition# 2
First Cylinder: (default)
Size: +7750M
(N)ew | (P)rimary
Partition# 3
First Cylinder: (default)
Size: (default)
(T)ype
Partition# 1
fd - RAID
(T)ype
Partition# 2
fd - RAID
(T)ype
Partition# 3
82 - swap
w - write table to disk and exit
Set up networking for AT&T Broadband
ETH0
# Turn off DHCP
192.168.1.99/255.255.255.0
Activate at boot
# Change DNS in /etc/resolv.conf if necessary
DNS 216.148.227.68
DNS 204.127.202.4
Monitor: Custom
SuperVGA 800x600
Vert Sync 50-70
Video Memory 2MB
No clockchip setting
Probe
16 bit 800x600
Boot loader: LILO
Boot loader config: clear the parameters line:
Boot loader config: [OK] to the Red Hat Linux on /dev/md1
Boot loader password: skip
eth0: IP 192.168.1.99
DNS:
Hostname: mail
Secruity level: No Firewall
Package Group Selection
Classic X Window System
Xwindow System
Gnome
Anonymous FTP server
SQL database server
Web server
Xserver - left default values for graphical configuration
choose to boot with text interface - Choosing boot to graphical may
have problems, and this can be changed later by modifying the /etc/inittab
Test RAID disk failure
master disk booted fine
slave did not boot
cat /proc/mdstat
Add hdb2 back to raid md0
raidhotadd /dev/md0 /dev/hdb2
Turn off boot from CD in BIOS.
# Since NIS is not installed get rid of it in nsswitch.conf
cd /etc/
cp -p nsswitch.conf nsswitch.conf.orig
vi nsswitch.conf
%s/nisplus//g
%s/nis//g
Boot
80 80 both 99 http for Apache web server
# Install Trend command line virus scanner
mkdir filescan
cd filescan/
tar xvf ~tyler/filescanlinux.tar
# modify isinst to accept redhat version 7 instead of 6
vi isinst
# Install
./isinst
# Download latest Linux scan engine
# http://www.antivirus.com/download/engines/#isvw
# Backup scan engine
cd /etc/iscan/
mv libvsapi.so libvsapi.so.bak3
# extract to /etc/iscan
cd /etc/iscan/
tar zxvf ~tyler/vsapi5500rh.tar.z
# Download latest Linux pattern file for pc-cillin
# http://www.antivirus.com/download/pattern.asp
# extract to /etc/iscan
cd /etc/iscan/
tar xvf ~tyler/ptn935.tar
# Restart virus scanner
/etc/rc.d/init.d/iscanhttpd restart
# Configure
lynx localhost:1812/interscan
# username/password: admin
# Turn off scan of local computer /home directory. We are not
storing any files on the Linux machine. We only want to scan email.
# Change auto-download of new pattern files to weekly instead of monthly.
# Open ports 25, 110, and 113 on firewall for qmail SMTP and POP3
# 25 25 both 99 SMTP
# 110 110 both 99 POP3
# 113 113 both 99 AUTH for mail authentication
# Install qmail to replace sendmail and qpopper
tar zxvf ~tyler/qmail-1.03.tar.gz
cd qmail-1.03/
# Follow instructions in INSTALL file.
#1. Create the qmail home directory:
mkdir /var/qmail
# 2. Read INSTALL.ids. You must set up the qmail group and the qmail
users before compiling the programs.
groupadd nofiles
useradd -g nofiles -d /var/qmail/alias alias
useradd -g nofiles -d /var/qmail qmaild
useradd -g nofiles -d /var/qmail qmaill
useradd -g nofiles -d /var/qmail qmailp
groupadd qmail
useradd -g qmail -d /var/qmail qmailq
useradd -g qmail -d /var/qmail qmailr
useradd -g qmail -d /var/qmail qmails
# Add users for family members
# The following command has not been tested.
for i in [tom, dottie, doug] do; groupadd $i ; useradd -g $i -d /home/$i
$i ;done
# 3. Compile the programs and create the qmail directory tree:
make setup check
# 4. Read INSTALL.ctl and FAQ. Minimal survival command:
# ./config
./config-fast schoenke.com
# 5. Read INSTALL.alias. Minimal survival command:
# (cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root)
# chmod 644 ~alias/.qmail*
(cd ~alias; touch .qmail-abuse .qmail-virusalert .qmail-postmaster
.qmail-mailer-daemon .qmail-root)
chmod 644 ~alias/.qmail*
# 6. Read INSTALL.mbox and INSTALL.vsm.
# 7. Read INSTALL.maildir.
# For each user do the following commands
maildirmake $HOME/Maildir
echo ./Maildir/ > ~/.qmail
# 8. Copy /var/qmail/boot/home (or proc) to /var/qmail/rc.
cp -p /var/qmail/boot/home /var/qmail/rc
# To test qmail deliveries (won't interfere with sendmail):
# 9. Enable deliveries of messages injected into qmail:
csh -cf '/var/qmail/rc &'
# Check to see that qmail started
tail /var/log/maillog
# 10. Read TEST.deliver.
# Send self a test message
echo to: tyler | /var/qmail/bin/qmail-inject
# Local-error test: Send a message to a nonexistent local address.
echo to: nonexistent | /var/qmail/bin/qmail-inject
# Local-postmaster test: Send mail to postmaster, any capitalization.
# Look for the message in the alias mailbox, normally ~alias/Mailbox.
echo to: POSTmaster | /var/qmail/bin/qmail-inject
# Double-bounce test: Send a message with a completely bad envelope.
/var/qmail/bin/qmail-inject -f nonexistent
To: unknownuser
Subject: testing
This is a test. This is only a test.
# (Use end-of-file, not dot, to end the message.) Look for the double
bounce in the alias mailbox.
# Disable sendmail
/etc/rc.d/init.d/sendmail stop
cd /etc/rc.d/init.d/
mv sendmail sendmail.bak
ls -l /usr/sbin/sendmail*
# lrwxrwxrwx 1 root root
21 May 25 05:33 /usr/sbin/sendmail -> /etc/alternatives/mta
# -r-sr-xr-x 1 root root
451280 Apr 8 04:55 /usr/sbin/sendmail.sendmail
chmod 0 /usr/sbin/sendmail.sendmail
# (Skip?) Disable binmail
# Not sure why this needs to be disabled.
# ls -l /bin/mail
# -rwxr-xr-x 1 root mail
67740 Aug 24 2000 /bin/mail
# Setup qmail to auto start
# created /etc/rc.d/init.d/qmail
# copied to my tyler/linux/etc/rc.d/init.d directory
cp ~tyler/etc/rc.d/init.d/qmail /etc/rc.d/init.d/
chmod +x /etc/rc.d/init.d/qmail
cd /etc/rc.d/init.d
ln -s ../init.d/qmail ../rc0.d/K30qmail
ln -s ../init.d/qmail ../rc1.d/K30qmail
ln -s ../init.d/qmail ../rc2.d/S80qmail
ln -s ../init.d/qmail ../rc3.d/S80qmail
ln -s ../init.d/qmail ../rc4.d/S80qmail
ln -s ../init.d/qmail ../rc5.d/S80qmail
ln -s ../init.d/qmail ../rc6.d/K30qmail
# Get mail from aliases account
# Add RELAY for specific hosts
# /var/qmail/control/rcpthosts. If qmail-send is running, give it a
HUP
# (or do svc -h /var/run/qmail if qmail is supervised).
# Install ucspi-tcp
# http://cr.yp.to/ucspi-tcp/install.html
# http://cr.yp.to/qmail/faq/servers.html#tcpserver-smtpd
tar zxvf ~tyler/ucspi-tcp-0.88.tar.gz
cd ucspi-tcp-0.88/
make
make setup check
# Install checkpasswd
tar zxvf ~tyler/checkpassword-0.90.tar.gz
cd checkpassword-0.90
make
make setup check
Simulate a failed POP login:
# /var/qmail/bin/qmail-popup blah /bin/checkpassword
pwd
+OK <...@blah>
user Frodo
+OK
pass Friend
-ERR authorization failed
Simulate a successful POP login, using a correct account name and password instead of Frodo and Friend. You should see the account's home directory.
Simulate a successful POP login again, with id instead of pwd. You should see the account's uid and gid.
# Set up qmail-smtpd to run via tcpserver instead of xinetd. This means that all xintetd controlled processes have to be spawned a different way.
# files copied to tyler/linux/tcpserver
# Install qmail-conf (third party program) to launch daemons automatically (pop3d, smtp, telnet, ftp, etc.) in their tcpserver wrappers.
# Install daemon tools
# http://cr.yp.to/daemontools/install.html
mkdir -p /package
chmod 1755 /package
cd /package
tar zxpvf ~tyler/daemontools-0.76.tar.gz
cd admin/daemontools-0.76
package/install
# Start up service script automatically.
# This script will auto start all tcpserver scripts located under /service
directory.
# Copy the scripts from tyler/linux/service directory on PC.
cp -R ~tyler/service/* /service
chmod a+x /service/*/run
# The following is taken care of by the installation of one daemontools
or some other package that adds a line for svscan to /etc/inittab
# Script location /etc/rc.d/init.d/service
#cp ~tyler/etc/rc.d/init.d/service /etc/rc.d/init.d/
#chmod +x /etc/rc.d/init.d/service
#cd /etc/rc.d/
#ln -s ../init.d/service rc0.d/K30service
#ln -s ../init.d/service rc1.d/K30service
#ln -s ../init.d/service rc2.d/S80service
#ln -s ../init.d/service rc3.d/S80service
#ln -s ../init.d/service rc4.d/S80service
#ln -s ../init.d/service rc5.d/S80service
#ln -s ../init.d/service rc6.d/K30service
Install
# Set up control files for tcpserver
cp -R ~tyler/etc/tcpcontrol/ /etc
# Copy files to this directory from tyler/linux/etc/tcpcontrol
cd /etc/tcpcontrol
tcprules ftp.cdb ftp.tmp < ftp
tcprules smtp.cdb smtp.tmp < smtp
tcprules pop3d.cdb pop3d.tmp < pop3d
tcprules telnet.cdb telnet.tmp < telnet
# The smtp file is set to allow access to the world to send in smtp
messages. It selectively opens smtp relaying for specific clients
(me, mom and dad, doug, localhost)
# The pop3d file is set to deny access to the world. It allows
access only to specific clients.
# The ftp and telnet deny access to everyone and allow access
for a few clients.
# Once you are 100% CERTAIN that the tcprules are correct, shut down
xinetd
# If you are wrong, you will be unable to FTP, telnet, POP3 or SMTP
into the machine.
cd /etc/rc.d/init.d/
mv xinetd xinetd.bak
# Install Berkeley DB (prereq)
tar zxvf ~tyler/db-4.0.14.tar.gz
cd db-4.0.14/
cd build_unix
../dist/configure
make
make install
# Install DB_File (prereq)
tar zxvf ~tyler/DB_File-1.802.tar.gz
cd DB_File-1.802/
vi config.in
# Fix the location of BerkeleyDB with the following substitute
sed -e s/BerkeleyDB/BerkeleyDB.4.0/g config.in > config.in.new
mv config.in config.in.orig
mv config.in.new config.in
perl Makefile.PL
make
make test
make install
# Install Time::HiRes
perl -MCPAN -e shell
install MD5
install Bundle::CPAN
install Time::HiRes
# Install Maildrop for the reformime piece
tar zxvf ~tyler/maildrop-1.3.7.tar.gz
cd maildrop-1.3.7/
./configure
make
make install-strip
make install-man
# Back to the qmail-scanner install
cd ..
cd qmail-scanner-1.10/
./configure
./configure --install
cd contrib
make
make install
./test_installation.sh -doit
# Remember to copy quarantine-attachments.txt to /var/spool/qmailscan
and then run "qmail-scanner-queue.pl -g" to generate DB version.
cp quarantine-attachments.txt /var/spool/qmailscan
./qmail-scanner-queue.pl -g
ls -l /var/qmail/bin/qmail-scanner-queue.pl
-rwsr-xr-x 1 qmailq qmail
50754 Feb 2 20:27 /var/qmail/bin/qmail-scanner-queue.pl
[root@mail qmail-scanner-1.10]#
chmod 0755 /var/qmail/bin/qmail-scanner-queue.pl
cd /var/qmail/bin
cd ~/qmail-scanner-1.10/
./contrib/test_installation.sh -doit
/var/qmail/bin/qmail-scanner-queue.pl -z
cd /var/spool/qmailscan/
chown qmailq:qmail qmail-scanner-queue-version.txt
chmod ug+rw qmail-scanner-queue-version.txt
chmod o-r qmail-scanner-queue-version.txt
chown qmailq:qmail quarantine-attachments.db
/var/qmail/bin/qmail-scanner-queue.pl -g
cd ~/qmail-scanner-1.10/
./contrib/test_installation.sh -doit
# Set up the virusalert alias
touch ~alias/.qmail-virusalert
vi ~alias/.qmail-virusalert
# Add my email address. Put an & before the username as follows:
&youremail@hostname.com
# Man the dot-qmail manual page for more info on the format of the
alias files.
cd /var/qmail/bin/
cp qmail-scanner-queue.pl qmail-scanner-queue.pl.orig
vi qmail-scanner-queue.pl
# Change the following lines:
my $V_FROM='virusalert@schoenke.com';
my $QUARANTINE_CC='virusalert@schoenke.com';
#Change the following lines in qmail-scanner-queue.pl to remove the
reply to the sender. Wiith the forged email headers, it ends up just
bouncing every email message anyway.
my $NOTIFY_ADDRS='admin';
vi /service/smtp/run
# Add this line
QMAILQUEUE="/var/qmail/bin/qmail-scanner-queue" export QMAILQUEUE
# Restart email (reboot) to get the aliases to take effect
****** FINAL TEST ******
Please log into the "qmaild" account and run
/var/qmail/bin/qmail-scanner-queue.pl -g
If you see the error "Can't do setuid", or "Permission denied", then
refer to the FAQ.
(e.g. "setuidgid qmaild "/var/qmail/bin/qmail-scanner-queue.pl
-g"
or "su qmaild -c "/var/qmail/bin/qmail-scanner-queue.pl -g")
That's it! To report success:
% (echo 'First M. Last'; cat SYSDEF)|mail jhaar-s4vstats@crom.trimble.co.nz
Replace First M. Last with your name.
Read section 5 of the README file.
# Since the virus scanner is forked after an email is recieved, stick crm114 in after virus scan, but before queueing by qmail.
cd /usr/local/bin
cp -rf ~/source/crm114/ .
cd crm114/installdir/
mv * ..
cd ..
rmdir installdir/
cd ..
chown -R qmailq:qmail crm114/
cd /var/qmail/bin/
# edit qmail-scanner-queue.pl
# change from:
my $qmailqueue = '/var/qmail/bin/qmail-queue';
# to:
my $qmailqueue = '/usr/local/bin/crm114/crm_mailfilter';
cp -p qmail-scanner-queue.pl qmail-scanner-queue.pl.2003-01-21
vi qmail-scanner-queue.pl
where crm_mailfilter contains:
/usr/bin/crm mailfilter.crm | /var/qmail/bin/qmail-queue
chmod +x crm_mailfilter
chmod 4755 crm_mailfilter
edit mailfilterconfig.crm
cp mailfilterconfig.crm mailfilterconfig.crm.orig
change the Secret password. Everything between / and /
ex:
alter (:spw:) /SecretPasswordGoesHere_No_Blanks!!!jkal984884hj87fryfjd9ie8ru9/
alter (:spw:) /buggabugga/
alter (:general_fails_to:) /:*:_env_LOGNAME:/
alter (:general_fails_to:) /spambucket@mail.schoenke.com/
Send some mail through the filter
command buggabugga spam
command buggabugga nonspam
command buggabugga blacklist spammer@spam.com
command buggabugga whitelist me@mydomain.com
cd ~alias
touch .qmail-spambucket
echo "&youremail@hostname.com" >> .qmail-spambucket
Once some messages have been classified as spam or non-spam, run the following commands
cp -p spam.css spam.css.orig
cp -p nonspam.css nonspam.css.orig
# Delete spam and nonspam.css files.
rm spam.css
rm nonspam.css
# Remake the css files.
make cssfiles
or
./crm114 learntest.crm spam.css < spamtext.txt
./crm114 learntest.crm nonspam.css < nonspamtext.txt
cd /root/source/bogofilter-0.10.0
./configure
configure: error: Can not locate a suitable BerkeleyDB db.h header
file.
Use --with-db=PATH to specify the path to a v3+ install directory.
You can download BerkeleyDB 4.0.x from http://www.sleepycat.com
./configure --with-db=/usr/local/BerkeleyDB.4.0/
make
make install
cp bogofilter.cf.example /etc/bogofilter.cf
vi /etc/bogofilter.cf
vi /etc/ld.so.conf
Add
/usr/local/BerkeleyDB.4.0/lib/
ldconfig
bogofilter -s < spam_message
bogofilter -n < non_spam_message
bogofilter -vvv < 1044255514.25094.mail |more
cd ~spam/Maildir/new
for i in `ls`; do bogofilter -vvv < $i; done|more
openssl req -new > new.cert.csr
Country Name (2 letter code) [GB]:US
State or Province Name (full name) [Berkshire]:Colorado
Locality Name (eg, city) [Newbury]:Lakewood
Organization Name (eg, company) [My Company Ltd]:Schoenke.com
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:www.schoenke.com
Email Address []:youremail@hostname.com
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
openssl rsa -in privkey.pem -out new.cert.key
cp new.cert.key /etc/httpd/conf/ssl.key/server.key
http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/custom-guide/s1-installation-selfsigned.html
http://en.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap24sec196.html
certificate routines:X509_check_private_key:key values mismatch
http://www.fnal.gov/docs/products/apache/SSLNotes.html
cd /etc/httpd/conf/ssl.key
mv server.key server.key.orig
mv server.key.new server.key
cd /etc/httpd/conf/ssl.crt
mv server.crt server.crt.orig
/usr/bin/openssl req -new -key /etc/httpd/conf/ssl.key/server.key -x509
-days 365 -out /etc/httpd/conf/ssl.crt/server.crt
Restart httpd
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
# Crontab format
# 1. minute of the hour, 00 to 59
# 2. hour of the day, 00 to 32 (military time)
# 3. day of the month, 1 to 31
# 4. month of the year, 1 to 12
# 5. day of the week, sun, mon, tue,....
# 6. actual command to execute
# an asterisk that matches all possible values,
# a single integer that matches that exact value,
# a list of integers separated by commas (no spaces)used to match any
one of the values
# two integers separated by a dash (a range)used to match any value
within the range.
# Add entry for crontab to run script hourly
0 * * * * /root/zoneclient/zoneclient.script >/dev/null 2>&1
mkdir zoneclient
cd zoneclient/
cp ~tyler/zoneclient.py.txt .
chmod +x zoneclient.py.txt
mv zoneclient.py.txt zoneclient.py
# FTP tyler\linux\root\zoneclient\zoneclient.script
cp ~tyler/zoneclient.script .
chmod +x zoneclient.script
# Set date and time in BIOS when booting computer. The time must be accurate to within one hour of atomic clock. NTP can not make an adjustment of more than one hour.
# NTP is installed by default with Redhat 7.3
cd
tar zxf ~tyler/ntp-4.1.0.tar.gz
cd ntp-4.1.0/
./configure
make
make check
make install
# Open port 123 on firewall to linux PC for NTP traffic
# 123 123 both 99 NTP for Network Time Sync
# Copy the ntp startup into /etc/rc.d/init.d/
# cp ~tyler/etc/rc.d/init.d/ntpd /etc/rc.d/init.d/
ln -s /etc/rc.d/init.d/ntpd /etc/rc.d/rc3.d/S86ntpd
# ln -s /etc/rc.d/init.d/ntpd /etc/rc.d/rc2.d/K14ntpd
# Create needed directories
# mkdir /var/lib/ntp
# mkdir /var/log/ntpstats
# copy the /etc/ntpd.conf
mv /etc/ntp.conf /etc/ntp.conf.orig
cp ~tyler/etc/ntp.conf /etc/
/etc/rc.d/init.d/ntpd start
# Create /etc/pam.d/webmail file with following information
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow
nullok
account required /lib/security/pam_pwdb.so
# Create authdaemonrc file
cd /usr/local/share/sqwebmail/
cp authdaemonrc.dist authdaemonrc
# Start up the auth modules
/usr/local/share/sqwebmail/libexec/authlib/authdaemond start
# Create script to start these automatically on reboot
cd /etc/rc.d/init.d/
chmod a+x authdaemond
ln -s /etc/rc.d/init.d/authdaemond /etc/rc.d/rc3.d/S86authdaemond
ln -s /etc/rc.d/init.d/authdaemond /etc/rc.d/rc2.d/K14authdaemond
# To get the correct domain name to show up when the user logs in.
cd /usr/local/share/sqwebmail
touch defaultdomain
touch hostname
echo 'schoenke.com' >> defaultdomain
echo 'schoenke.com' >> hostname
# Perl is having problems. Try reinstalling from source.
# Download stable.tar.gz from http://www.perl.com/
rm -f config.sh Policy.sh
sh Configure -de
make
make test
make install
## SKIP THIS because I got it working with the C wrapper instead of
suidperl
# Make suidperl version 5.6.1 for the qmail-scanner program
make suidperl
cd /usr/bin
mv suidperl suidperl.bak
cd -
cp suidperl /usr/bin
chgrp qmail /usr/bin/suidperl
chmod 7710 /usr/bin/suidperl
chmod 4710 /usr/bin/suidperl
This turned out to be a major hassle. I didn't think it would be that tough, but it really was. HP-UX is so much easier. RAID on Linux leaves much to be desired.
NOTE: I did this without a backup, which I know is stupid, so don't be stupid like me. !!! MAKE A BACKUP before you proceed if you value your data!!!
Here are the steps to convert an existing "live" disk to a mirrored
pair.
hda - disk to be mirrored that contains "live" data
hdc - disk that RAID is set up on, and then after data is moved to
RAID, it is mirrored over the "live" hda disk.
fdisk -l /dev/hdahda1 is /bootDisk /dev/hda: 255 heads, 63 sectors, 1027 cylinders
Units = cylinders of 16065 * 512 bytesDevice Boot Start End Blocks Id System
/dev/hda1 * 1 6 48163+ 83 Linux
/dev/hda2 7 994 7936110 83 Linux
/dev/hda3 995 1027 265072+ 82 Linux swap
We need a drive that is the same size or larger than hda to create a mirror on. I happen to have a second 8 GB drive to use as hdc. Write down or print out the above geometry for hda, so you can duplicate it on hdc.
Prepare partitions on hdc for RAID1 (mirror)
fdisk /dev/hdc
fdisk -ul /dev/hdcDisk /dev/hdc: 255 heads, 63 sectors, 1027 cylinders
Units = sectors of 1 * 512 bytesDevice Boot Start End Blocks Id System
/dev/hdc1 * 63 96389 48163+ fd Linux raid autodetect
/dev/hdc2 96390 15968609 7936110 fd Linux raid autodetect
/dev/hdc3 15968610 16498754 265072+ 82 Linux swap
Rebuild kernel with jbd, ext3, and raid support. This is necessary,
because Redhat 7.3 by default comes with modules for ext3, raid1, and jbd.
I don't think jbd is necessary since it is a debugger, but might as well
add it to the kernel anyway. This kernel has to go on a floppy
to test the RAID configuration, and the default RH 7.3 kernel will not
work with the modules from what I was able to tell. I also had problems
getting the RAID to mount when using the modules, but it came up fine with
the RAID1 built into the kernel.
Here are the error messages that I got before I compiled the above components
into the kernel instead of using the modules:
ext3-fs: unable to read superblock
mount: error 22 mounting ext3
piviotroot: pivot_root (/sysroot,/sysroot/initrd) failed: 2
kernel panic: no init found. Try passing init= option to kernel.
/proc/mounts: no such file or directory
mount point /boot does not exist
swapon /dev/hda3: device or resource busy
After recompiling the kernel with ext3 and raid support, those messages went away.
# Output from lsmod before modules were removed from kernel
[root@mail etc]# lsmod
Module
Size Used by Not tainted
raid1
14404 2 (autoclean)
eepro100
20336 1
ide-scsi
9664 0
scsi_mod
108608 1 [ide-scsi]
ide-cd
30272 0
cdrom
32192 0 [ide-cd]
usb-uhci
24484 0 (unused)
usbcore
73152 1 [usb-uhci]
ext3
67136 2
jbd
49400 2 [ext3]
cd /usr/src/linux-2.4
make menuconfig
Change the following to built-in instead of Modulesmake dep
Select Filesystems (ext3 and jdb)
Select Multi-device Support (RAID and LVM) RAID-1 support.
Exit and save kernel config
depmod -a
ldconfig
backup and modify lilo.conf
---- lilo.conf -----
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
message=/boot/message
linear
default=linux_custom
image=/boot/vmlinuz-2.4.18-3custom
label=linux_custom
initrd=/boot/initrd-2.4.18-3.img
read-only
root=/dev/hda2
image=/boot/vmlinuz-2.4.18-3
label=linux
initrd=/boot/initrd-2.4.18-3.img
read-only
root=/dev/hda2
append="hdd=ide-scsi"
--- end lilo.conf ---
Test lilo config
lilo -t -C /etc/lilo.conf
If test looks good, apply lilo.conf
lilo -C /etc/lilo.conf
Toggle the bootable flag on /boot partition on hdc.
Also, as a side note: Raiding hda and hdb will kill your performance
because an IDE controller isn't smart enough to talk to both of them
at
full speed simultaneously. If at all possible, move hdb to your
second
IDE controller (making it hdc).
Current disk to be mirrored is hda
Set up new blank disk as hdc
mkswap /dev/hdc3
# add /dev/hdc3 to /etc/fstab as sawp device in addtion to /dev/hda3
/dev/hda3
swap
swap defaults
0 0
/dev/hdc3
swap
swap defaults
0 0
# Turn on all swap devices
swapon -a
# Show all swap devices
swapon -s
Create /etc/raidtab
# example raidtab
#
# md0 = /boot
raiddev /dev/md0
raid-level
1
nr-raid-disks
2
nr-spare-disks 0
chunk-size
32
persistent-superblock
1
device
/dev/hda1
failed-disk
0
device
/dev/hdc1
raid-disk
1
# md1 = root
raiddev /dev/md1
raid-level
1
nr-raid-disks
2
nr-spare-disks 0
chunk-size
32
persistent-superblock
1
device
/dev/hda2
failed-disk
0
device
/dev/hdc2
raid-disk
1
# Create both Raid drives
mkraid /dev/md0
mkraid /dev/md1
handling MD device /dev/md0
analyzing super-block
disk 0: /dev/hda1, failed
disk 1: /dev/hdc1, 48163kB, raid superblock at 48064kB
Check to see that raid drives are running.
[root@mail etc]# cat /proc/mdstat
Personalities : [raid1]
read_ahead 1024 sectors
md1 : active raid1 hdc2[1]
7936000 blocks [2/1] [_U]
md0 : active raid1 hdc1[1]
48064 blocks [2/1] [_U]
unused devices: <none>
Format the boot and root devices with ext3 file systems:
mkfs -t ext3 /dev/md0
mkfs -t ext3 /dev/md1
Mount the new root device somewhere handy and create the /boot directory and mount the boot partition.
mkdir /mnt/newboot
mount -t ext3 /dev/md1 /mnt/newboot
mkdir /mnt/newroot
mount -t ext3 /dev/md0 /mnt/newroot
4.4 Copy the current OS to the new raid device
This is pretty straightforward. This operation can be tricky if you have mounted or linked other disks to your root file system. The example above assumes a very simple system, you may have to modify the procedure somewhat.
# copy all directories from root to the newroot partition. Skip
/mnt/proc and nfs mounts
cd /
unalias cp
for i in "bin command dev etc home initrd lib opt package root sbin
service tmp usr var"
do
cp -ax $i /mnt/newroot
done
cd /mnt/newroot
mkdir /boot
mkdir /proc
mkdir -p /mnt/cdrom
mkdir /mnt/floppy
# Copy the /boot filesystem to its new location.
cd /boot
cp -ax . /mnt/newboot
I am getting the following error messages after unmounting, then stopping
and trying to restart md0 and md1.
md: can not import hda1, has active inodes!
md: could not import hda1!
md: autostart hda1 failed!
md: can not import hda2, has active inodes!
md: could not import hda2!
md: autostart hda2 failed!
This will probably not work unless all required modules are compiled into the kernel, such as ext3 and raid support. A boot floppy can not load modules.
Modify the fstab on the RAID device (/mnt/newroot/etc/fstab) to reflect the new mount points as follows:
/dev/md0 /boot ext3 defaults 1 1 /dev/md1 / ext3 defaults 1 2 /dev/hdc3 swap swap defaults 0 0Dismount the raid devices and boot the new file system to see that all works correctly.
umount /mnt/newboot umount /mnt/newroot raidstop /dev/md0 raidstop /dev/md1
Move raidtab so that the RAID does not auto-start if machine is booted from hda
mv /etc/raidtab /etc/raidtab.backup shutdown -r nowYour RAID system should now be up and running in degraded mode with a floppy boot disk. Carefully check that you transferred everything to the new raid system. If you mess up here without a backup, YOU ARE DEAD!
If something did not work, reboot your old system and go back and fix things up until you successfully complete this step.
raidhotadd /dev/md0 /dev/hda1
raidhotadd /dev/md1 /dev/hda2
lilo -t -C /etc/lilo.conf
lilo with md0 worked
rebooted without floppy
cat /proc/mdstat
# only hdc1, hdc2 active
dmesg output
md1: former device hda2 is unavailable, removing from arrary!
md: RAID level 1 does not need chunksize! Continuing anyway.
raid1: device hdc2 operational as mirror 1
change type from 83-linux to fd-linux raid autodetect
fdisk
t, 1, fd
t, 2, fd
(w)rite
Testing
unplug hda, reboot, make sure the OS comes up, reboot, plug hda back
in, resync
cat /proc/mdstat shows both drives in sync
Personalities : [raid1]unplugged power to hdc
read_ahead 1024 sectors
md0 : active raid1 hdc1[1] hda1[0]
48064 blocks [2/2] [UU]md1 : active raid1 hdc2[1] hda2[0]
7936000 blocks [2/2] [UU]unused devices: <none>
Here is the error message output from dmesg
I shut down the computer, plugged the drive back in. Booted up
md: raid1 personality registered as nr 3
md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
md: Autodetecting RAID arrays.
[events: 0000002c]
[events: 0000002c]
[events: 0000002a]
[events: 0000002a]
md: autorun ...
md: considering hdc2 ...
md: adding hdc2 ...
md: adding hda2 ...
md: created md1
md: bind<hda2,1>
md: bind<hdc2,2>
md: running: <hdc2><hda2>
md: hdc2's event counter: 0000002a
md: hda2's event counter: 0000002c
md: superblock update time inconsistency -- using the most recent one
md: freshest: hda2
md: kicking non-fresh hdc2 from array!
md: unbind<hdc2,1>
md: export_rdev(hdc2)
md1: removing former faulty hdc2!
md: RAID level 1 does not need chunksize! Continuing anyway.
md1: max total readahead window set to 508k
md1: 1 data-disks, max readahead per data-disk: 508k
raid1: device hda2 operational as mirror 0
raid1: md1, not all disks are operational -- trying to recover array
raid1: raid set md1 active with 1 out of 2 mirrors
md: updating md1 RAID superblock on device
md: hda2 [events: 0000002d]<6>(write) hda2's sb offset: 7936000
md: recovery thread got woken up ...
md1: no spare disk to reconstruct array! -- continuing in degraded mode
md: recovery thread finished ...
md: considering hdc1 ...
md: adding hdc1 ...
md: adding hda1 ...
md: created md0
md: bind<hda1,1>
md: bind<hdc1,2>
md: running: <hdc1><hda1>
md: hdc1's event counter: 0000002a
md: hda1's event counter: 0000002c
md: superblock update time inconsistency -- using the most recent one
md: freshest: hda1
md: kicking non-fresh hdc1 from array!
md: unbind<hdc1,1>
md: export_rdev(hdc1)
md0: removing former faulty hdc1!
md: RAID level 1 does not need chunksize! Continuing anyway.
md0: max total readahead window set to 508k
md0: 1 data-disks, max readahead per data-disk: 508k
raid1: device hda1 operational as mirror 0
raid1: md0, not all disks are operational -- trying to recover array
raid1: raid set md0 active with 1 out of 2 mirrors
md: updating md0 RAID superblock on device
md: hda1 [events: 0000002d]<6>(write) hda1's sb offset: 48064
md: recovery thread got woken up ...
md0: no spare disk to reconstruct array! -- continuing in degraded mode
md1: no spare disk to reconstruct array! -- continuing in degraded mode
md: recovery thread finished ...
md: ... autorun DONE.
checked mdstat until everything was synced up again.
without powering down, unplug power to hdc, reboot, make sure
the OS comes up, reboot, plug hdc back in, resync
unplugged power to hda
no response fore several minutes. Manually rebooted machine with
hda still unplugged.
booted fine from hdc only.
dmesg output:
md: raid1 personality registered as nr 3
md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27
md: Autodetecting RAID arrays.
[events: 00000025]
[events: 00000025]
md: autorun ...
md: considering hdc2 ...
md: adding hdc2 ...
md: created md1
md: bind<hdc2,1>
md: running: <hdc2>
md: hdc2's event counter: 00000025
md1: former device hda2 is unavailable, removing from array!
md: RAID level 1 does not need chunksize! Continuing anyway.
md1: max total readahead window set to 508k
md1: 1 data-disks, max readahead per data-disk: 508k
raid1: device hdc2 operational as mirror 1
raid1: md1, not all disks are operational -- trying to recover array
raid1: raid set md1 active with 1 out of 2 mirrors
md: updating md1 RAID superblock on device
md: hdc2 [events: 00000026]<6>(write) hdc2's sb offset: 7936000
md: recovery thread got woken up ...
md1: no spare disk to reconstruct array! -- continuing in degraded mode
md: recovery thread finished ...
md: considering hdc1 ...
md: adding hdc1 ...
md: created md0
md: bind<hdc1,1>
md: running: <hdc1>
md: hdc1's event counter: 00000025
md0: former device hda1 is unavailable, removing from array!
md: RAID level 1 does not need chunksize! Continuing anyway.
md0: max total readahead window set to 508k
md0: 1 data-disks, max readahead per data-disk: 508k
raid1: device hdc1 operational as mirror 1
raid1: md0, not all disks are operational -- trying to recover array
raid1: raid set md0 active with 1 out of 2 mirrors
md: updating md0 RAID superblock on device
md: hdc1 [events: 00000026]<6>(write) hdc1's sb offset: 48064
md: recovery thread got woken up ...
md0: no spare disk to reconstruct array! -- continuing in degraded mode
md1: no spare disk to reconstruct array! -- continuing in degraded mode
md: recovery thread finished ...
md: ... autorun DONE.
rebooted with hda plugged in again.
cat /proc/mdstat shows that hda is not part of RAID
raidhotadd /dev/md0 /dev/hda1
(less than 1 minute)
raidhotadd /dev/md1 /dev/hda2
(approx. 20 minutes)
Disk /dev/hdc: 255 heads, 63 sectors, 1027 cylinders
Units = sectors of 1 * 512 bytes
Device Boot Start
End Blocks Id System
/dev/hdc1 *
63 96389 48163+ fd
Linux raid autodetect
/dev/hdc2 96390
15968609 7936110 fd Linux raid autodetect
/dev/hdc3 15968610 16498754
265072+ 82 Linux swap
cd /etc/samba
vi smb.conf and change the following
workgroup = WORKGROUP
Create Samba user tyler that corresponds to NT user administrator.
This will then prompt for a Samba password.
smbadduser tyler:administrator
# Change case to lower for samba mounts. This is because the virus
definitions need to be in lowercase.
vi /etc/samba/smb.conf
preserve case = no
default case = lower
case sensitive = no
Start Samba daemons
/etc/rc.d/init.d/smb start
Set service to start at boot
chkconfig --level 2345 smb on
chkconfig --list
chkconfig --level 2345 isdn off
chkconfig --level 2345 pcmcia off
chkconfig --level 2345 lpd off
chkconfig --level 2345 sendmail off
tksysv and linuxconf will do the trick. Also on RH71, you can use the
chkconfig utility (man chkconfig). Basically:
/sbin/chkconfig --list (to view all daemons)
/sbin/chkconfig --list | grep ':on' (to view those set to run)
/sbin/chkconfig --level 234 httpd on (sets httpd daemon to autostart
on
runlevels 2,3,&4)
Upgrade Apache to httpd-2.0.47
file:///C:/Data/TYLER/webpage_new/tyler/apache2php.html
$ ./configure --prefix=PREFIX
./configure \
--enable-so \
--enable-cgi \
--enable-info \
--enable-rewrite \
--enable-speling \
--enable-usertrack \
--enable-deflate \
--enable-ssl \
--enable-mime-magic
$ make
$ PREFIX/bin/apachectl stop
$ make install
Add following line to /etc/ld.so.conf
/usr/local/apache2/lib
ldconfig
$ PREFIX/bin/apachectl start
[root@mail conf]# diff httpd.conf httpd.conf.orig
291d290
< ServerName www.schoenke.com
307,308c306
< #DocumentRoot "/usr/local/apache2/htdocs"
< DocumentRoot /var/www/html
---
> DocumentRoot "/usr/local/apache2/htdocs"
1068,1075d1065
<
< NameVirtualHost *
<
< <VirtualHost *>
< ServerName www.schoenke.com
< DocumentRoot /var/www/html
< </VirtualHost>
<
List modules
../bin/httpd -l
Fix for apache2
/usr/local/apache2/conf/httpd.conf
# ScriptAlias /cgi-bin/ "/usr/local/apache2/cgi-bin/"
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
# CustomLog logs/access_log common
CustomLog /var/log/httpd/access_log common
cp -r ssl.crt /usr/local/apache2/conf/
/usr/lib/courier-imap/libexec/imapd-ssl.rc stop
/usr/lib/courier-imap/libexec/imapd-ssl.rc start
/usr/lib/courier-imap/libexec/pop3d-ssl.rc start
tcp 0
0 192.168.101.99:37982 xmlrpc.rhn.redhat:https ESTABLISHED
/usr/local/apache2/bin/apachectl stop
cd /etc/httpd/conf/ssl.crt
openssl rsa -outform PEM -in ../ssl.key/server.key -out schoenke.com.pem
cd /usr/lib/courier-imap/share/
mv imapd.pem imapd.pem.orig
openssl genrsa -out imapd.pem 1024
Open the server.crt file and copy the text, then paste into imapd.pem
cat /etc/httpd/conf/ssl.crt/schoenke.com.pem >> /usr/lib/courier-imap/share/imapd.pem
cd
cd source/
tar zxvf ~tyler/software/webalizer-2.01-10-src.tgz
cd webalizer-2.01-10/
./configure --enable-dns
# Change db.h to db1/db.h in the following two files
vi dns_resolv.c
vi webalizer.c
make
make install
#usage
cd /var/www/html/
mkdir webalizer
cd webalizer/
# Copy webalizer.conf over from C:\Data\TYLER\LINUX\var\www\html\webalizer
Changes to webalizer.conf
#Incremental no
Incremental yes
#DNSCache dns_cache.db
DNSCache dns_cache.db
#DNSChildren 0
DNSChildren 5
webalizer /var/log/httpd/access_log
# Copy webalizer_script over from tyler\linux\var\scripts
# Add crontab entry to run daily at 01:00
* 1 * * * /var/scripts/webalizer_script >/dev/null 2>&1
# Cache DNS to IP addresses
for i in /var/log/*/access_log*; do webazolver -N
20 -D dns_cache.db $i; done
vi /usr/local/apache2/conf/httpd.conf
#AddType application/php4script .php
#Action application/php4script /cgi-bin/php
chown -R nobody data
chgrp -R nobody data
mkdir /var/squirrelmail
chgrp -R nobody /var/squirrelmail
chmod 730 /var/squirrelmail
http://www.schoenke.com/squirrelmail-1.4.2
/usr/local/apache2/bin/apachectl stop
http://us3.php.net/get/php-4.3.3.tar.bz2/from/a/mirror
./configure --with-apxs2=/usr/local/apache2/bin/apxs \
--with-gettext --with-xml \
--prefix=/usr/local/apache2/php
make
make install
cp php.ini-dist /usr/local/lib/php.ini
or cp -p php.ini-recommended /usr/local/lib/php/php.ini
vi /usr/local/apache2/conf/httpd.conf
AddType application/x-httpd-php .php .phtml
AddType application/x-httpd-php-source .phps
# Make sure there's only **1** line with this directive:
LoadModule php4_module modules/libphp4.so
# Add index.php to your DirectoryIndex line:
DirectoryIndex index.html index.php
AddType application/x-httpd-php php
# PHP Syntax Coloring (recommended):
AddType application/x-httpd-php-source phps
/usr/local/apache2/bin/apachectl stop
/usr/local/apache2/bin/apachectl start
Turba
ftp://ftp.horde.org/pub/turba/turba-1.2.tar.gz