Linux Configuration

Table of contents

Purpose & Scope

On this page one can find linux configuration tips. They are especially relevant to Suse 10.0 but some of them can potentially be applicable to other distributions. They are basically telling what I had to go through to get my machine working the way I want.

Suse 10.0 Installation

I installed Suse 10.0 with every single package from the DVD. I installed various UI but I've been using KDE almost exclusively so far. If you want to know more about my linux machine or why I choose that distribution please read that.

Partitioning

I was told "you should do a clever partioning" which I tried but then I got confused with it as I was moving fast from one distribution to another. At the end I did a single partion for my linux machine besides the swap partition. I can be bold at times! Since I've repented and I'm know considering changing my partitioning. Here is article about linux partitioning that should help me doing it properly.

Apache2 Configuration

Since I want to run a web site with that linux box the first thing I do once the OS is installed is to see if Apache is up and running. First I try through localhost (127.0.0.1). It works just fine I got the default apache home page. Then I tryed using my LAN IP and... oh surprise! It does not work. So I start wondering asking myself what could need to be changed in the server settings to get it working and can't think of anything. So I asked an expert about it through GAIM cause I'm a complete newbie to Linux and Suse. Here I have to thank Frank cause he told me to use YaST Control Center to configure my firewall. That YaST thing is just fantastic. It's basically the UI through which you can setup a lot of stuff in Suse.

So then I lunch YaST, go to the Network Services section and double click the HTTP Server icon. From that I follow the steps in the setup wizard not forgetting to tick the case saying Open Firewall on selected port. All done! My Apache server was now fully functional.

Configuration files location:
/etc/apache2/

Log files location:
/var/log/apache2/

Default document root location:
/srv/www/htdocs/

To add new conf file edit the following file rather than the httpd.conf:
/etc/sysconfig/apache2
That's the Suse way of doing it. It is so that you don't get your custom settings undone in case of system update: Basically Suse is using some script to parse this file and generate conf files upon Apache server startup.

To restart Apache I'm using a graphical application called SysV-Init Editor. Since SysV-Init Editor won't startup anymore I'm now using the command rcapache2 restart.

Also have a look at the Apache manual.

Secure connection

I considered using SSL or SSH and choosed SSL because it does not need public and private key mechanisms and it seemed easier to simply use HTTPS.

I found some valuable information about setting up SSL on my machine in the "Suse Help center". First I tryed using YaST to enable HTTPS and setup my Virtual Host configuration but it turned out to be more complexe than actually doing it by editing a few conf files. Still I used YaSTs generated conf files to help me getting mine right.

• Basically one has to start-up Apache using the SSL option. To do that simply edit /etc/sysconfig/apache2 and add SSL to the APACHE_SERVER_FLAGS variable.

• Then add the following VirtualHost directive to get HTTPS working.

<VirtualHost *:443>
   #Here you should specify your DocumentRoot, ServerName, ServerAlias and other Directory directives etc...  
   <IfDefine SSL>
      SSLEngine on
      SSLCertificateFile /etc/apache2/ssl.crt/server.crt
      SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
   </IfDefine>
</VirtualHost>

• Of course one also need to generate home made certificate; it can be done by executing /usr/share/doc/packages/apache2/certificate.sh. The other solution is to pay for a proper certificate.

Virtual Host

I had quite a struggle for setting up the virtual host properly but I did it eventually Have a look at Virtual Host examples from Apache documentation here. First of all I recommend you disable the default server if you are using virtual host. By that I mean do not have DocumentRoot or Directory or Location or Alias directives outside of your VirtualHost block. In fact the only global Directory directive I've keept denies access to the enire file system:

<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

I would also recommend to have different DocumentRoot for each VirtualHost.

• Have the following lines in etc/apache2/default-server.conf :

  NameVirtualHost *:80    #HTTP   virtualhost, port 80
  NameVirtualHost *:443  #HTTPS virtualhost, port 443

• Create or modify a conf file for your VirtualHost from that directory /etc/apache2/vhosts.d, it should be automatically included in apache configuration from httpd.conf. It should contain two VirtualHost block. One for HTTP and one for HTTPS, just like that:

<VirtualHost *:80> #HTTP port 80
   #Here you should specify your DocumentRoot, ServerName, ServerAlias and other Directory directives etc...  
</VirtualHost>

<VirtualHost *:443> #HTTPS port 443
   #Here you should specify your DocumentRoot, ServerName, ServerAlias and other Directory directives etc...  
   <IfDefine SSL>
      SSLEngine on
      SSLCertificateFile /etc/apache2/ssl.crt/server.crt
      SSLCertificateKeyFile /etc/apache2/ssl.key/server.key
   </IfDefine>
</VirtualHost>

Redirect

I had some problem to do something I tought would be very simple. I just wanted to redirect access to the document root to a specific page in my TWiki. Simple redirect won't work so I came up with the following solution:

RedirectMatch permanent ^/$ https://slion.dnsalias.org/twiki/bin/view/Dev

TWiki Installation

Well basically I followed the instructions from TWikiInstallationGuide. On top of that I've installed the TreePlugin and developed the AccessStatsPlugin.

File access right have to be set according to your machine and Apache configuration. Have a look at TWiki:TWiki.SettingFileAccessRightsLinuxUnix. Access right needs to be checked when installing new plug-in.

UI Configuration

Mouse wheel issues

I'm using a Logitech MX1000 mouse. The wheel would not work so I looked at solutions to fix it. I played around with the X config file. The X config file is in: /etc/X11/xorg.conf

My mouse settings are now:
=Section "InputDevice"
= =Driver "mouse"
= =Identifier "mouse[1]"
= =Option "ButtonNumber" "12"
= =Option "Buttons" "12"
= =Option "Device" "/dev/input/mice"
= =Option "Name" "PS2++ Logitech MX Mouse"
= =Option "Protocol" "explorerps/2"
= =Option "Vendor" "Sysp"
= =Option "ZAxisMapping" "11 12"
= =Option "Resolution" "800"
= EndSection

Then I also set up the following file in the user home directory: /root/.xmodmap that file contains just those two lines:
=! Set up the MX1000 mouse buttons
= pointer = 1 2 3 6 7 8 9 10 11 12 4 5

Then only I realized that the issue I had with my mouse was due to the KVM switch I'm using. So if I was booting up the linux machine without switching to another one on the KVM the mouse wheel would work. Once I switched to another machine and back to the linux the wheel would not work anymore. So I looked up on Google for those symptoms and found the solution on the that page. The solution is to add psmouse.proto=imps to the Kernel startup command line in your boot manager.

I'm not convinced that changing the X config file was at all needed. I think just adding that Kernel startup option would have been enough.

Shell

As I was setting up my linux machine I could not always avoid using the command line and the so called Shell language. If you want to no more about my experiences with Shell please read that topic

Dynamic DNS

I've been using DynDNS for years on windows. Now I needed to setup automatic Dynamic DNS update on my linux server. I used ddclient v3.6.6 as suggested by DynDNS. Here is what I had to do to get it working as a daemon:

• Put the Perl script in place: cp ddclient /usr/sbin/.
• Put the conf file in place: cp sample-etc_ddclient.conf /etc/ddclient/ddclient.conf.
• Edit the conf file as appropriate. Sample provided here.
• Put the shell scripts in place: cp sample-etc_rc.d_init.d_ddclient /etc/rc.d/ddclient and cp sample-etc_rc.d_init.d_ddclient /etc/init.d/ddclient. Not sure that both copies were needed put the one in the init.d directory definitely was.
• Enable service startup at boot time: /sbin/chkconfig --add ddclient.
• Start the service: /etc/init.d/ddclient start.

Version Control System

Subversion

I wanted to install Subversion and access it through apache and SSL rather than running svnserve. To do that you need mod_dav and mod_dav_svn modules for apache. I was missing mod_dav_svn. So I had to download and install the following RPM packages from a SUSE ftp mirror:

• To get mod_dav_svn install: subversion-server-1.2.3-2.i586.rpm
• To create a new repository: svnadmin create /path/to/repository
• To setup Apache for Subversion read that from the svnbook.

ViewVC

ViewVC was formally known as ViewCVS. It is most useful to get access to various Subversion revisions and diffs using a simple web browser. To enable ViewCVS in your Apache server

• Add SVN_VIEWCVS to the APACHE_SERVER_FLAGS variable in /etc/sysconfig/apache2.
• Modify Apache conf file as needed: /etc/apache2/conf.d/subversion.viewcvs.conf. You may want to restrict access to your repositories for instance.
• Edit /srv/viewcvs/viewcvs.conf according to your Subversion configuration. All I had to do was to set root_parents = /srv/svn/repos : svn and =default_root=MyDefaultRepos

Packages

I was downloading RPMs for Apache 2.2 and Subversion 1.3 from that ftp. The command line tool for managing packages is rpm check out the manual. Here is RPM package search engine.

• To erase a package (uninstall): rpm -e <package-name>
• To install a package: rpm -i <package-name>

Teamspeak Server

• Download the latest binary from www.goteamspeak.com. Extract the archive and copy the Teamspeak Server directory in /srv/. for instance.
• Put the server startup scripts /etc/init.d/ddclient.
• Enable service startup at boot time: /sbin/chkconfig --add teamspeak2-server_startupscript.
• Start the service: /etc/init.d/ start.

Related topics

LinuxWorkInProgress, LinuxHome