pure-pw useradd nokia -f /usr/local/pureftpd/etc/pureftpd.passwd -u
nokia -d /home/website/nokia.com -m
it will prompt you to type and retype your password . Now if we want
to add the password on the same command line we can add
(echo name123; echo name123) | /usr/local/pureftpd/bin/pure-pw
passwd passsword -f /usr/local/pureftpd/etc/pureftpd.passwd -m
the -m creates a db file
--
Apache : mod_ssl for virtual hosting
1. The apache server should be compiled with mod_ssl enabled,. You can check this in the httpd.conf file
LoadModule ssl_module modules/mod_ssl.so
2. Make the followin directory structure
mkdir /usr/local/apache2/conf/domains_ssl/
mkdir /usr/local/apache2/conf/domains_ssl/nokia.com/
3. once this is done create your self-signed ssl certificate and your ssl private key using the openssl toolkit. ( for production purpose you may want to purchase your certificate)
( in orde that apache should not ask fora passwork when it restart we do the following )
cd /usr/local/apache2/conf/domains_ssl/name1.com/ ------>
your location of the keys for domain name1Step 1: Generate Private Key
openssl genrsa -des3 -out server.key 1024
(
N.B: make sure that that the CN matches that of the domain name )Step 2: Generate CSR
openssl req -new -key server.key -out server.csr
Step 3: Remove Passphrase
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
Step 4: Sign the Certificate
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
you would have the follwing keys generated.
server.crt server.csr server.key server.key.org
Once this is done go to the very last line in the httpd.conf file
( addthe following if not already there )
<IfModule ssl_module>
Listen 443
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
now in the httpd-vhost.conf file ( /usr/local/apache2/conf/extra/httpd-vhosts.conf ) add the following
NameVirtualHost 192.168.0.244:443
<VirtualHost 192.168.0.244:443>
ServerAdmin admin@name1.sys.qualiproj.com
ServerName name1.sys.qualiproj.qualispace.com
ServerAlias www.name1.sys.qualiproj.qualispace.com
DocumentRoot /websites/name1.com/web
SSLEngine on
SSLCertificateKeyFile /usr/local/apache2/conf/domains_ssl/name1.com/server.key
SSLCertificateFile /usr/local/apache2/conf/domains_ssl/name1.com/server.crt
ErrorLog /websites/name1.com/logs/name1.sys.qualiproj.error_log
CustomLog /websites/name1.com/logs/name1.sys.qualiproj.access_log common
</VirtualHost>
Now you can restart apache . it will not prompt you for a password .
Now view you site
installing awstats for virtual domains
download awstats ina seperate folder
cd /usr/local/src
wget wget http://jaist.dl.sourceforge.net/sourceforge/awstats/awstats-6.7.tar.gz
tar -xzvf awstats-6.7.tar.gz
cd awstats-6.7/
cp -R * /websites/nokia.com/webstats
cd /websites/nokia.com/webstats
perl tools/awstats_configure.pl
Do you want to continue setup from this NON standard directory [yN] ? y
Config file path ('none' to skip web server setup): none
Do you want me to build a new AWStats config/profile file (required if first install) [y/N] ? y
Your web site, virtual server or profile name: SITE_NAME.COM
Directory path to store config file(s): /websites/nokia.com/webstats/wwwroot/cgi-bin/
edi the config files located in /websites/nokia.com/webstats/wwwroot/cgi-bin/
LogFile="/websites/nokia.com/log/access.log"
SiteDomain="SITE_NAME.COM"
HostAliases="SITE_NAME.COM www.SITE_NAME.COM 127.0.0.1 localhost"
DNSLookup=1
DirData="/websites/nokia.com/webstats/"
DirIcons="/web/awstats/icon"
mkdir /websites/nokia.com/web/awstats
cp -R /websites/nokia.com/webstats/wwwroot/icon/ /websites/nokia.com/web/awstats/
this perl files will update the web staticts
perl /websites/nokia.com/webstats/tools/awstats_buildstaticpages.pl -awstatsprog=/websites/nokia.com/webstats/wwwroot/cgi-bin/awstats.pl -update -config=nokia.sys.qualiproj.qualispace.com -dir=/websites/nokia.com/web/awstats/
To add advanced security to this folder - awstats we add a htacces type authentication.
<Directory /websites/nokia.com/web/awstats>
AllowOverride AuthConfig
AuthName "MyPrivateStuff"
AuthType Basic
AuthGroupFile /dev/null
AuthUserFile /websites/privatefolderpasswd/nokia.com/htpasswd
AuthName Enterpassword
Require valid-user
</Directory>
now view http://nokia.sys.qualiproj.qualispace.com/awstats/awstats.nokia.sys.qualiproj.qualispace.com.html
it will prompt you fro user name password
now you can view you site stats
start httpd
via CPAN insaql the following per file
perl-MCPN -e shell
install Compress::Zlib
install Archive::Zip
File::RsyncP
Install the following packages
yum install perl-suidperl
Now we add a user for the backupPC with its group being apache useradd -g apache backuppc
Now we download the backupPC source file
cd /usr/local/src wget http://nchc.dl.sourceforge.net/sourceforge/backuppc/BackupPC-3.1.0.tar.gz
now we will copy the init scritp to the right location
(A) Now backing up frm Linux clinet to linux BackupPC
Passwordless login frm linux clinet and from Linux BackupPC server
now on the Linux BackupPC server ( su - backuppc ) try to login in ( ssh root@linuxclinet ) , it should log you in without a password You can append as many public keys
htpasswd -c /etc/BackupPC/htpasswd client1 ( unix system user ) ---------> enter the password as prompted
now we will add our clinet to the host file located in /etc/BackupPC/hosts
# host dhcp user moreUsers # <--- do not edit this line #farside 0 craig jill,jeff # <--- example static IP host entry #larson 1 bill # <--- example DHCP host entry 192.168.0.244 0 linuxclient1 # <--- where only linuxclinet1 user can acces this system back up frm webinterfce 192.168.0.209 0 backuppc # <--- where only backuppc user can acces this system back up frm webinterfce
we will create/edit a congif file in /etc/BackupPC/pc/linuxclientPCIP.pl
$Conf{RsyncClientRestoreCmd} = '$sshPath -q -x -l root $hostIP $rsyncPath $argList+'; $Conf{RsyncClientCmd} = '$sshPath -q -x -l root $hostIP $rsyncPath $argList+'; $Conf{XferMethod} = 'rsync'; $Conf{RsyncShareName} = ['/home','/var/log']; now we will edit he httpd.conf so that only the prticulat user assigned to the particular clinet gets access to the cgi script
<Directory "/var/www/cgi-bin"> # AllowOverride None # Options None # Order allow,deny # Allow from all Options ExecCGI FollowSymlinks AddHandler cgi-script .cgi DirectoryIndex index.cgi AuthGroupFile /etc/backuppc/htgroup AuthUserFile /etc/backuppc/htpasswd AuthType basic AuthName "backuppc" require valid-user
</Directory>
now we restart httpd and backuppc
/etc/init.d/httd restart /etc/init.d/backuppc restart
add the user name and password .... this should gvive u access to the particular clinet
(B) Now backing up frm Windows clinet to linux BackupPC
#this is frm where all your data will be backed up.
[cDrive0] path = c:/rsyncd comment = agnello's documents auth users = agnello secrets file = c:/rsyncd/rsyncd.secrets # hosts allow = 172.16.0.17 strict modes = false read only = false list = false
[cDrive1] path = c:/var comment = agnello's documents auth users = agnello secrets file = c:/rsyncd/rsyncd.secrets # hosts allow = 172.16.0.17 strict modes = false read only = false list = false
[cDrive2] path = c:/Documents and Settings/All Users/Documents/My Music comment = agnello's documents auth users = agnello secrets file = c:/rsyncd/rsyncd.secrets # hosts allow = 172.16.0.17 strict modes = false read only = false list = false
Now save the file and run the service.bat file make sure that your windows PC has not blocked 873
Now edit the rsync.secret add the following lines
agnello:agnello123
now on the Linux BackuPC server we create a config file for the windows client
eg : vi /etc/BackupPC/pc/windowsclentip.pl $Conf{XferMethod} = 'rsyncd'; $Conf{RsyncdUserName} = 'agnello'; $Conf{RsyncdPasswd} = 'agnello123'; $Conf{RsyncShareName} = ['cDrive0','cDrive1','cDrive2']; $Conf{ClientCharset} = 'cp1252'
maker sure that the user and password is tha same as rsync.secret file
now we will add our windows clinet to the host file located in /etc/BackupPC/hosts on the lINUX bACKUPpc SERVER
# host dhcp user moreUsers # <--- do not edit this line #farside 0 craig jill,jeff # <--- example static IP host entry #larson 1 bill # <--- example DHCP host entry 192.168.0.244 0 linuxclient1 # <--- where only linuxclinet1 user can acces this system back up frm webinterfce 192.168.0.209 0 winclient1 # <--- where only backuppc user can acces this system back up frm webinterfce
now we restart backuppc
/etc/init.d/backuppc restart
now try browser in the the http://linuxBackupPCserverIP/cgi-bin/backupc
add the user name and password .... this should gvive u access to the particular clinet ( ref /etc/BackupPC/hosts file )
mysql virtual users with unix users
Now in case we need to store the password of the user in the mysql database then we need to add the following steps
step 1: we copy the pureftpd-mysql.conf from /usr/local/src/pureftpd-msql.conf ====> to /usr/local/pureftpd/etc/.
the pureftpd-mysql.conf has the following details:
#MYSQLServer localhost
#MYSQLPort 3306
MYSQLSocket /tmp/mysql.sock
MYSQLUser root
MYSQLPassword agnello
MYSQLDatabase pureftpd
MYSQLCrypt MD5
MYSQLGetPW SELECT Password FROM ftpd WHERE User="\L"
MYSQLGetUID SELECT Uid FROM ftpd WHERE User="\L"
MYSQLGetGID SELECT Gid FROM ftpd WHERE User="\L"
MYSQLGetDir SELECT Dir FROM ftpd WHERE User="\L"
step 2 : we create a data base in mysql ( pureftpd )
mysql -u root -password
create database pureftpd;
use pureftpd;
CREATE TABLE ftpd (
User VARCHAR(16) BINARY NOT NULL,
Password VARCHAR(64) BINARY NOT NULL,
Uid VARCHAR(11) NOT NULL default '-1',
Gid VARCHAR(11) NOT NULL default '-1',
Dir VARCHAR(128) BINARY NOT NULL,
PRIMARY KEY (User)
);
quit;
step 3: we create a directory where all our domains will be stored say /etc/website
the permission i wll be as follows ( these are just the basic )
[root@linux-test pure-ftpd-1.0.21]# ll /home/
drwxr-xr-x 5 root root 4096 May 20 17:30 website
step 4 : now suppose we have to creat a user for a domain called silly .com
1. lets create a unix user
useradd -d /home/website/silly.com -s /sbin/nologin silly
2. then we add the virtual user ( with password ) in the the mysql database ( usning phpmyadmin )
user: silly
password ( MD5 ): silly123
uid : silly
gid : sil ly
dir: /home/website/silly.com
step 5: now we start the ftpd daemon
/usr/local/pureftpd/sbin/pure-ftpd -lmysql:/usr/local/pureftpd/etc/pureftpd-mysql.conf -l unix -j /home/websites &
can view the log with tail -f /var/log/messages
now try to log in ftp://192.168.0.244 with username and password
--
cd /var/spool/postfix/
sudo mkdir etc
now, take a look at /etc/localtime:
ls -la /etc/localtime
lrwxr-xr-x 1 root wheel 36 6 Aug 20:05 /etc/localtime ->
/usr/share/zoneinfo/America/New_York
copy /usr/share/zoneinfo/country/state to /var/spool/postfix/etc/
sudo cp -p /usr/share/zoneinfo/America/New_York \
/var/spool/postfix/etc/localtime
postfix check
postfix reload
Now take a look at your mail.log and see if all the times line up.
--
