Fedora Core 4 on a
Dell PowerEdge SC430
18 NOV 2005:
I just finished setting up a webserver for a client and thought I'd post what I did.
The client's existing server was a little back-room-built generic box with a PII/266 and 48M running an older version of BSDLinux. The disk was undersized, the memory undersized, and with Apache 1.3 it was inadequate for the advanced web-based tools I wanted to use. I talked them into the inexpensive Dell PowerEdge SC430. It had an impressive (to me, at least) list of features, not the least of which was a guaranteed compatibiliy with Linux (of whatever flavor -- it came with RedHat Business Linux, so I figured FC4 ought to work.)
I had the client order the box stock, with the "no installed operating system" option, and had them drop-ship it to my office, saving me a 30-mile trip to fetch it. When I powered it up, it booted into a vfat partition with installation instructions for using the two supplied installation DVDs for Windows or RedHat Enterprise Linux. I didn't even look at those.
I opened the 48x CD tray and slipped FC4 Disk 1 into it and rebooted by powering the unit off and on. The CD drive is the noisiest I've heard, outside of some laptop CD drives. When the CD drive is not operating, the SC430 makes literally no noise at all.
The server came without a keyboard and mouse, so I hot-swapped my Mac G5 keyboard and Kensington TurboMouse Pro into the Dell's USB keyboard port. When the FC4 graphic installer came on-screen, I picked the "Server" package option, and chose English for the language, (since "American" is not offered.) I set the date and time, time zone, and made the first entries in my installation notebook.
Here I chose "manual partitioning". Fedora's Disk Druid tool showed two drives, with sda configured with two small vfat partitions, and sdb as free space. I deleted the two vfat partitions, and set up the following: I gave "swap" 200Mb, "/home" 2Gb and "/" the rest of the sda disk. On a recommendation from a friend, I set the mount point of the second 80Gb disk (sdb) to "/var/www" so updates to the rest of the file system can leave it alone. Here's how the Disk Druid table looked (sizes in Mb):
sda sda1 / ext3 74097 sda2 /home ext3 2000 sda3 swap 196 sdb sdb1 /var/www ext3 76293
As usual, I let the installer re-format the disks. I also let it install GRUB as the boot loader. For testing in my home office lan environment, I picked DHCP and the installer found and configured the on-board ethernet port. I left the firewall off, since this box will be behind a really good WAN BSD firewall. I entered an 8-digit UNIX-style cryptic root password generated by a script I have.
When it came time to choose packages, the installer let me review its "server" choices. I made some changes to the package groups it had picked:
Editors: I added vim
Graphics: I picked ImageMagick, netpbm, all others off
Text-based internet: Strangely, lynx was off - I checked it
Web Server: added mod_auth_mysql, php-mysql and php-odbc, just in case...
DNS: no changes
FTP: FC4 uses vsftp, which is good, I left that on...
Mail server: I added postfix, mailman, basically all checked in this category
Mysql database: no changes
Development tools: the installer didn't check this one - I did, otherwise you don't get gcc and other compiling tools for later additions!
... clicked "Next" one last time, and let the installer ask for all 4 disks. Installation only took about 10 minutes on this screamer. Remove the last CD and reboot...
... !... the sucker came up in X-mode! That startled me, since the X-package was unchecked. OK. So like we used to in the early days, I edited /etc/inittab and changed the line "id:5:initdefault:" to "id:3:initdefault:" and that took care of that. Reboot.
Configuring a webserver
Apache doesn't default to allowing .htaccess directory protection, so I edited /etc/httpd/conf/httpd.conf and changeed "AllowOverride none" to "AllowOvrride AuthConfig". While I'm in httpd.conf, I also put in my email address as the "ServerAdmin" and set the "ServerName" to the client's domain.
I installed phpMyAdmin 2.5.7 and changed its directory name to "mysql". In that directory I put an .htaccess file containing these lines:
AuthType Basic AuthName "MYSQL" AuthUserFile /var/www/passwords Require valid-user
Then I created an access passwords file:
# htpasswd /var/www/passwords user Password: password Again: password # /etc/rc.d/init.d/httpd restart
I created my clients database using phpMyAdmin, and SQL'd a dump of their content database tables from my development system. I then set up a non-root database user using:
# mysql -u root mysql> SET PASSWORD FOR root@localhost=PASSWORD('aUNIXpassword'); mysql> GRANT ALL ON clients_database.* TO client_user@localhost
IDENTIFIED BY 'client_users_pw'; mysql> exit;
That middle line, above, appears wrapped here, but treat it as all one line.
I installed the website by archiving the html directory on my development system with tar -czf html.tgz html/. I then FTP'd the file to the /var/www/ directory on the Dell, removed the html/ directory (it is empty on FC4/Apache2.x) and un-tar'd the archive: tar -zxf html.tgz.
Next I ran setup, selected "System Services" and turned off cups, pcmcia, and sendmail. You don't need the sendmail daemon running to mail from PHP, this will not be a print server, and I certainly don't need pcmcia for anything.
The next thing I found out after testing the client's site scripts, was that the GD graphic libraries that were supposed to work out-of-the-box with PHP5 -- didn't. The libraries were installed, but the PHP module "gd.so" and the "php-gd.ini" were missing. So I downloaded php-gd-5.0.4-10.i396.rpm from rpmfind.net/rpm2html/seach.php?query=GD.so and installed it with rpm -ivh php-gd* and restarted httpd yet again.
The only remaining things were to disable root login to ssh by adding "PermitRootLogin no" to /etc/ssh/sshd_config, and creating an "admin" user for initial login, via the "useradd" command.
As previously mentioned, I use DHCP here in the office, but the box will have a dedicated fixed IP at the client's location. I prepared a new config file in /etc/sysconfig/network-scripts/ and called it "ifcfg-fixed". Just before I shut it down for delivery, I'll change that to "ifcfg-eth0" and change the other to "ifcfg-dhcp". Here's what's in those files:
[/etc/sysconfig/network-scripts/ifcfg-eth0]: DEVICE=eth0 BOOTPROTO=dhcp HWADDR=00:12:3F:75:82:C8 ONBOOT=yes TYPE=Ethernet
[/etc/sysconfig/network-scripts/ifcfg-fixed]: DEVICE=eth0 BOOTPROTO=static HWADDR=00:12:3F:75:82:C8 ONBOOT=yes TYPE=Ethernet IPADDR=22.214.171.1248 NETMASK=255.255.255.240 GATEWAY=126.96.36.199
Oh, one more thing: I set ownership on all the web documents and directories to give the admin user, FTP and my PHP content management system clear title to them:
# cd /var/www/html # chown -R admin.users *