Newer
Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
Setting up a chrooted ispconfig 3 installation
--------------------------------------------------------------------
# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
# with the steps below.
#
# This guide is experimental as there are a few cahnges nescessary in
# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
# Install packages
apt-get install debootstrap libapache2-mod-chroot
# Create the chroot enviroment
debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
# Add mountpoints for the chroot env into the fstab file.
echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab
echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab
# mount the filesystems
mount -a
# add a default chroot dir for all users of the sshusers group.
echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf
# copy passwd and group files to the chroot env.
cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
# Create symlinks.
cd /var/www/var/
rm -rf /var/www/var/www
ln -s / www
# Enter the chroot
chroot /var/www
# Update files in the chroot enviroment and install some packages.
# You can ignore warnings about locales, we will fix them in the next step.
apt-get update
apt-get install fakeroot --force-yes -y
apt-get install locales
# Reconfigure locales. Select e.g the en_US* locales.
dpkg-reconfigure locales
# run a dist upgarde.
fakeroot apt-get dist-upgrade
# Install apache and php in the chroot enviroment
apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
/etc/init.d/apache2 stop
# Exit the chroot
exit
# Moving the apache configuration is not nescessary, as apache reads
# the config files before it moves into the chroot
# rm -rf /var/www/etc/apache2
# mv -f /etc/apache2 /var/www/etc/
# ln -s /var/www/etc/apache2 /etc/apache2
rm -rf /var/www/etc/php5/cgi/
mv -f /etc/php5/cgi/ /var/www/etc/php5/
ln -s /var/www/etc/php5/cgi /etc/php5/
rm -rf /var/www/etc/php5/apache2/
mv -f /etc/php5/apache2/ /var/www/etc/php5/
ln -s /var/www/etc/php5/apache2 /etc/php5/
ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
# enable mod_chroot
a2enmod mod_chroot
echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
# Start apache
/etc/init.d/apache2 start
# Install ISPConfig
cd /tmp
wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
cd ispconfig3_install/install/
php -q install.php
cd /tmp/
rm -rf ispconfig3_install
rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
# Move the ispconfig interface part to the chroot enviroment and create a symlink
mkdir /var/www/usr/local/ispconfig
chown ispconfig:ispconfig /var/www/usr/local/ispconfig
chmod 750 /var/www/usr/local/ispconfig
mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
chroot /var/www adduser www-data ispconfig
# Create a link for the mysql socket.
ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
# As an alternative to making a hardlink to the mysql socket,
# change the my.cnf file in the chroot to use tcp sockets.
# This is more secure but a bit slower then using the mysqld.sock file.
# Restart apache
/etc/init.d/apache2 restart