From d58e21ed0a10dc3f8f4bae8086becdf12590f05a Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 22 Jan 2010 15:43:22 +0000
Subject: [PATCH] Added a "under_development" folder in the docs folder. This
folder can be used to store incomplete documentation or documentation files
that are under devlopment.
---
docs/CHROOTED_DEBIAN_5.0.txt | 271 ++++++++++++------
docs/CHROOTED_DEBIAN_5.0.txt_beta | 226 ---------------
.../DEV_CHROOTED_DEBIAN_5.0.txt | 129 +++++++++
3 files changed, 313 insertions(+), 313 deletions(-)
delete mode 100644 docs/CHROOTED_DEBIAN_5.0.txt_beta
create mode 100644 docs/under_development/DEV_CHROOTED_DEBIAN_5.0.txt
diff --git a/docs/CHROOTED_DEBIAN_5.0.txt b/docs/CHROOTED_DEBIAN_5.0.txt
index b57a7f8a0..d3f6cd115 100644
--- a/docs/CHROOTED_DEBIAN_5.0.txt
+++ b/docs/CHROOTED_DEBIAN_5.0.txt
@@ -1,129 +1,226 @@
-
-
-Setting up a chrooted ispconfig 3 installation
---------------------------------------------------------------------
-
-# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
-# with the steps below.
+#!/bin/sh
+#
+# rev 0.6
+#
+# dxr@brutalsec.net
+# 01-09-2009
+#
+# We can create a script for configure chroot enviroment but,
+# YOU MUST UNDERSTAND HOW TO WORK IT for can solve possible
+# problems in the future.
#
-# This guide is experimental as there are a few cahnges nescessary in
-# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
-
-# Install packages
-
-apt-get install debootstrap libapache2-mod-chroot
-
-# Create the chroot enviroment
-
-debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
-
-# Add mountpoints for the chroot env into the fstab file.
+# Every service has its own chroot enviroment:
+# BIND -> chroot
+# Apache -> chroot
+# Dovecot -> chroot
+# Pureftpd -> Apache's chroot
+#
+# Only apache and php packages aren't installed in real system,
+# only in chroot enviroment with symbolic links from real system.
+#
+# PLEASE, CONFIGURE CHROOT ENVIROMENT IF SECURITY IS REALLY
+# IMPORTANT FOR YOU AND YOU KNOWN HOW TO WORK IT!
+#
-echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab
-echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab
+exit 1
-# mount the filesystems
+1. BACKUP before change something in the system
+2. Create partitions
+3. Remove possible apache or php installations on real system
+4. Prepair Chroot enviroment
+5. Linking Webserver aplication from real system
+6. mini_sendmail
+7. Test services
+8. Howto install ispconfig3
+9. Migration
-mount -a
-# add a default chroot dir for all users of the sshusers group.
+1. BACKUP before change something in the system
+# If is not a new instalation, then
-echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf
+BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
+BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
+BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
+BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
-# copy passwd and group files to the chroot env.
-cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
+2. Create partitions
-# Create symlinks.
+/var/www/ Chroot partition (ext3)
+/var/www/html/ Chroot system
+/var/www/html/var/log/apache2 Log partition (ext3)
+/var/www/html/var/www/html Webs partition (xfs)
+/var/www/html/tmp Temporal dir (tmpfs, options: )
-cd /var/www/var/
-rm -rf /var/www/var/www
-ln -s / www
+/dev/lvm_foobar1/chroot_lv -> /var/www/ (ext3)
+/dev/lvm_foobar2/apachelogs_lv -> /var/www/html/var/log/apache2 (ext3)
+/dev/lvm_foobar3/hosting_lv -> /var/www/html/var/www/html (xfs)
-# Enter the chroot
+mount /dev/lvm_foobar1/chroot_lv /var/www/
+mkdir -p /var/www/html/var/log/apache2 /var/www/html/var/www/html
+mount /dev/lvm_foobar2/apachelogs_lv /var/www/html/var/log/apache2
+mount /dev/lvm_foobar3/hosting_lv /var/www/html/var/www/html
-chroot /var/www
-# Update files in the chroot enviroment and install some packages.
-# You can ignore warnings about locales, we will fix them in the next step.
+3. Remove possible apache or php installations on real system
+# We never wont install apache or php in non-chroot system, if we have installed, we only have do a backup of confgigurations, uninstall, and check every simbolic link
+dpkg -l|egrep --color -i 'apache|php'
-apt-get update
-apt-get install fakeroot --force-yes -y
-apt-get install locales
-# Reconfigure locales. Select e.g the en_US* locales.
+4. Prepair Chroot enviroment
-dpkg-reconfigure locales
+# Install packages in real system
+apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support patch make gcc mysql-server subversion ssh openssh-server ntp ntpdate vim libdbd-mysql libdbi-perl dnsutils
+# The non webserver will install outside of chroot
+apt-get install postfix postfix-mysql postfix-doc mysql-client openssl getmail4 rkhunter amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl pure-ftpd-common pure-ftpd-mysql quota quotatool
+# If you will use courier:
+apt-get install courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql courier-maildrop
+# If you will use dovecot:
+#apt-get install dovecot-imapd dovecot-pop3d
+# If you will use BIND:
+apt-get install bind9 bind9utils
-# run a dist upgarde.
+#
+# If we want execute php from real system (crontabs for example) we need install php dependencies in real system:
+# libgd2-xpm libt1-5 libmagick10 libc-client2007b libmcrypt4
+# cat /var/log/ispconfig/cron.log
+# ldd /usr/lib/php5/20060613/mcrypt.so
+#
-fakeroot apt-get dist-upgrade
+time debootstrap --arch=amd64 lenny /var/www/html/ ftp://ftp.fr.debian.org/debian/
-# Install apache and php in the chroot enviroment
+echo "/proc /var/www/html/proc proc defaults 0 0">>/etc/fstab
+echo "devpts /var/www/html/dev/pts devpts defaults 0 0">>/etc/fstab
-apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
-/etc/init.d/apache2 stop
+mount -a
-# Exit the chroot
+# We must create sshusers group
+echo "@sshusers - chroot /var/www/html/">>/etc/security/limits.conf
+
+chroot /var/www/html apt-get update
+chroot /var/www/html apt-get install fakeroot --force-yes -y
+chroot /var/www/html apt-get install locales
+chroot /var/www/html dpkg-reconfigure locales
+
+mv /usr/lib/apache2 /usr/lib/apache2_old
+mv /var/log/apache2 /var/log/apache2_old
+mv /var/lock/apache2 /var/lock/apache2_old
+mv /var/lib/apache2 /var/lib/apache2_old
+mv /usr/lib/php5 /usr/lib/php5_old
+mv /etc/apache2 /etc/apache2_old
+mv /etc/suphp /etc/suphp_old
+
+chroot /var/www/html apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-chroot php-apc libtimedate-perl
+
+chroot /var/www/html /etc/init.d/apache2 stop
+
+chroot /var/www/html a2enmod mod_chroot
+chroot /var/www/html a2enmod suexec
+echo "ChrootDir /var/www/html" > /var/www/html/etc/apache2/conf.d/mod_chroot.conf
+sed -i -e 's#DocumentRoot /var/www/#DocumentRoot /var/www/html/#' /var/www/html/etc/apache2/sites-enabled/000-default
+sed -i -e 's#x-httpd-php=php:/usr/bin/php-cgi#x-httpd-php=php:/usr/bin/php-cgi\nx-httpd-suphp=php:/usr/bin/php-cgi\nx-httpd-php=php:/usr/bin/php-cgi#' /var/www/html/etc/suphp/suphp.conf
+sed -i -e 's#/var/run/apache2.pid#/var/run/apache2/apache2.pid#' /var/www/html/etc/apache2/envvars
+sed -i -e 's/^"syntax on/syntax on/' /etc/vim/vimrc
+sed -i -e 's/^"syntax on/syntax on/' /var/www/html/etc/vim/vimrc
+
+# Protect apache configuration. ONLY root can read it
+chown root:root /var/www/html/etc/apache2/ && chmod 700 /var/www/html/etc/apache2/
+chmod 711 /var/www/html/etc/php5/
+
+
+5. # Is good idea to add nagios alarm for check every simbolic link is correct.
+ln -s /var/www/html/etc/apache2 /etc/apache2
+ln -s /var/www/html/etc/suphp /etc/suphp
+ln -s /var/www/html/var/run/apache2 /var/run/apache2
+ln -s /var/www/html/var/run/apache2.pid /var/run/apache2.pid
+ln -s /var/www/html/usr/sbin/apache2ctl /usr/sbin/apache2ctl
+ln -s /var/www/html/usr/sbin/apache2 /usr/sbin/apache2
+ln -s /var/www/html/usr/lib/apache2 /usr/lib/apache2
+ln -s /var/www/html/usr/sbin/a2enmod /usr/sbin/a2enmod
+ln -s /var/www/html/usr/sbin/a2dismod /usr/sbin/a2dismod
+ln -s /var/www/html/usr/sbin/a2ensite /usr/sbin/a2ensite
+ln -s /var/www/html/usr/sbin/a2dissite /usr/sbin/a2dissite
+ln -s /var/www/html/var/log/apache2 /var/log/apache2
+ln -s /var/www/html/var/lock/apache2 /var/lock/apache2
+ln -s /var/www/html/var/lib/apache2 /var/lib/apache2
+ln -s /var/www/html/usr/lib/php5 /usr/lib/php5
+ln -s /var/www/html/etc/init.d/apache2 /etc/init.d/apache2
+# Neccessary for to install ispconfig3 from real system:
+ln -s /var/www/html/usr/bin/php5 /usr/bin/php5
+ln -s /var/www/html/etc/alternatives/php /etc/alternatives/php
+ln -s /var/www/html/usr/bin/php /usr/bin/php
+ln -s /var/www/html/etc/php5 /etc/php5
+
+6. # Install mini_sendmail for chroot
+# We can use mini_sendmail for delivery emails directy in remote servers, but i prefer to control it in central mailserver for check spammers and limit it.
-exit
+cd /tmp/
+wget http://acme.com/software/mini_sendmail/mini_sendmail-1.3.6.tar.gz
+tar xzf mini_sendmail-1.3.6.tar.gz
+wget http://users1.leipzig.freifunk.net/%7Efirmware-build/brcm_2_4_Broadcom_default/build/openwrt_packages/mail/mini_sendmail/patches/200-fullname.patch
+patch -p0 < 200-fullname.patch
+cd mini_sendmail-1.3.6
+make
+# 2e555b2573c3ea65a467a5960f0b51f6 mini_sendmail
+mv /var/www/html/usr/lib/sendmail /var/www/html/usr/lib/sendmail_old
+mv /var/www/html/usr/sbin/sendmail /var/www/html/usr/sbin/sendmail_old
+cp mini_sendmail /var/www/html/usr/sbin/mini_sendmail
+cd /var/www/html/usr/lib/ && ln -s ../sbin/mini_sendmail sendmail
+cd /var/www/html/usr/sbin && ln -s mini_sendmail sendmail
-# Moving the apache configuration is not nescessary, as apache reads
-# the config files before it moves into the chroot
-# rm -rf /var/www/etc/apache2
-# mv -f /etc/apache2 /var/www/etc/
-# ln -s /var/www/etc/apache2 /etc/apache2
+# ./mini_sendmail -h
+# usage: ./mini_sendmail [-f<name>] [-t] [-s<server>] [-p<port>] [-T<timeout>] [-v] [address ...]
-rm -rf /var/www/etc/php5/cgi/
-mv -f /etc/php5/cgi/ /var/www/etc/php5/
-ln -s /var/www/etc/php5/cgi /etc/php5/
+#add to php.ini (/var/www/html/etc/php5/apache2/php.ini /var/www2/etc/php5/cli/php.ini /var/www2/etc/php5/cgi/php.ini line :672)
+# sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
-rm -rf /var/www/etc/php5/apache2/
-mv -f /etc/php5/apache2/ /var/www/etc/php5/
-ln -s /var/www/etc/php5/apache2 /etc/php5/
+sed -i -e 's#^;sendmail_path =$#sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1#' /var/www/html/etc/php5/apache2/php.ini /var/www/html/etc/php5/cli/php.ini /var/www/html/etc/php5/cgi/php.ini
-ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
-# enable mod_chroot
+7.
+# Test
+apache2ctl restart
-a2enmod mod_chroot
-echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
+# php -i|grep --color sendmail
+#sendmail_from => no value => no value
+#sendmail_path => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1 => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
+#Path to sendmail => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
-# Start apache
+# Sould be good idea check /var/www/html/usr/lib/sendmail /var/www/html/usr/sbin/sendmail and /var/www/html/usr/sbin/mini_sendmail with nagios alarm ;)
-/etc/init.d/apache2 start
-# Install ISPConfig
+8. Install ispconfig ........
-cd /tmp
-wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
-tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
-cd ispconfig3_install/install/
-php -q install.php
cd /tmp/
-rm -rf ispconfig3_install
-rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
-
-# Move the ispconfig interface part to the chroot enviroment and create a symlink
+svn co svn://svn.ispconfig.org/ispconfig3 svn.ispconfig.org
-mkdir /var/www/usr/local/ispconfig
-chown ispconfig:ispconfig /var/www/usr/local/ispconfig
-chmod 750 /var/www/usr/local/ispconfig
-mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
-ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
-chroot /var/www adduser www-data ispconfig
+mv /usr/local/ispconfig /var/www/html/usr/local/
+ln -s /var/www/html/usr/local/ispconfig /usr/local/ispconfig
+mv /var/www/apps /var/www/html/var/www/
+mv /var/www/php-fcgi-scripts /var/www/html/var/www/
+mv /var/www/ispconfig /var/www/html/var/www/
+ln -s /var/www/html//var/www/ispconfig /var/www/ispconfig
+ln -s /var/www/html/var/www/php-fcgi-scripts /var/www/php-fcgi-scripts
+ln -s /var/www/html/var/www/apps /var/www/apps
+# After copy, we must clean unnecessary users and groups
+cp -r /etc/{passwd,group,apt} /var/www/html/etc/
+apache2ctl stop
+apache2ctl start
-# Create a link for the mysql socket.
-ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
+### Migration to other server ###
+Really easy:
-# As an alternative to making a hardlink to the mysql socket,
-# change the my.cnf file in the chroot to use tcp sockets.
-# This is more secure but a bit slower then using the mysqld.sock file.
+Do step 1
-# Restart apache
+And after do a simple rsync:
-/etc/init.d/apache2 restart
+screen
+time rsync -a --progress root@host1:/var/www/ /var/www/
+# Install some apache's dependencies
+apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support
+Do step 5
+Do step 6
diff --git a/docs/CHROOTED_DEBIAN_5.0.txt_beta b/docs/CHROOTED_DEBIAN_5.0.txt_beta
deleted file mode 100644
index d3f6cd115..000000000
--- a/docs/CHROOTED_DEBIAN_5.0.txt_beta
+++ /dev/null
@@ -1,226 +0,0 @@
-#!/bin/sh
-#
-# rev 0.6
-#
-# dxr@brutalsec.net
-# 01-09-2009
-#
-# We can create a script for configure chroot enviroment but,
-# YOU MUST UNDERSTAND HOW TO WORK IT for can solve possible
-# problems in the future.
-#
-# Every service has its own chroot enviroment:
-# BIND -> chroot
-# Apache -> chroot
-# Dovecot -> chroot
-# Pureftpd -> Apache's chroot
-#
-# Only apache and php packages aren't installed in real system,
-# only in chroot enviroment with symbolic links from real system.
-#
-# PLEASE, CONFIGURE CHROOT ENVIROMENT IF SECURITY IS REALLY
-# IMPORTANT FOR YOU AND YOU KNOWN HOW TO WORK IT!
-#
-
-exit 1
-
-1. BACKUP before change something in the system
-2. Create partitions
-3. Remove possible apache or php installations on real system
-4. Prepair Chroot enviroment
-5. Linking Webserver aplication from real system
-6. mini_sendmail
-7. Test services
-8. Howto install ispconfig3
-9. Migration
-
-
-1. BACKUP before change something in the system
-# If is not a new instalation, then
-
-BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
-BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
-BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
-BACKUP BACKUP BACKUP BACKUP BACKUP BACKUP
-
-
-2. Create partitions
-
-/var/www/ Chroot partition (ext3)
-/var/www/html/ Chroot system
-/var/www/html/var/log/apache2 Log partition (ext3)
-/var/www/html/var/www/html Webs partition (xfs)
-/var/www/html/tmp Temporal dir (tmpfs, options: )
-
-/dev/lvm_foobar1/chroot_lv -> /var/www/ (ext3)
-/dev/lvm_foobar2/apachelogs_lv -> /var/www/html/var/log/apache2 (ext3)
-/dev/lvm_foobar3/hosting_lv -> /var/www/html/var/www/html (xfs)
-
-mount /dev/lvm_foobar1/chroot_lv /var/www/
-mkdir -p /var/www/html/var/log/apache2 /var/www/html/var/www/html
-mount /dev/lvm_foobar2/apachelogs_lv /var/www/html/var/log/apache2
-mount /dev/lvm_foobar3/hosting_lv /var/www/html/var/www/html
-
-
-3. Remove possible apache or php installations on real system
-# We never wont install apache or php in non-chroot system, if we have installed, we only have do a backup of confgigurations, uninstall, and check every simbolic link
-dpkg -l|egrep --color -i 'apache|php'
-
-
-4. Prepair Chroot enviroment
-
-# Install packages in real system
-apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support patch make gcc mysql-server subversion ssh openssh-server ntp ntpdate vim libdbd-mysql libdbi-perl dnsutils
-# The non webserver will install outside of chroot
-apt-get install postfix postfix-mysql postfix-doc mysql-client openssl getmail4 rkhunter amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl pure-ftpd-common pure-ftpd-mysql quota quotatool
-# If you will use courier:
-apt-get install courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2-2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql courier-maildrop
-# If you will use dovecot:
-#apt-get install dovecot-imapd dovecot-pop3d
-# If you will use BIND:
-apt-get install bind9 bind9utils
-
-#
-# If we want execute php from real system (crontabs for example) we need install php dependencies in real system:
-# libgd2-xpm libt1-5 libmagick10 libc-client2007b libmcrypt4
-# cat /var/log/ispconfig/cron.log
-# ldd /usr/lib/php5/20060613/mcrypt.so
-#
-
-time debootstrap --arch=amd64 lenny /var/www/html/ ftp://ftp.fr.debian.org/debian/
-
-echo "/proc /var/www/html/proc proc defaults 0 0">>/etc/fstab
-echo "devpts /var/www/html/dev/pts devpts defaults 0 0">>/etc/fstab
-
-mount -a
-
-# We must create sshusers group
-echo "@sshusers - chroot /var/www/html/">>/etc/security/limits.conf
-
-chroot /var/www/html apt-get update
-chroot /var/www/html apt-get install fakeroot --force-yes -y
-chroot /var/www/html apt-get install locales
-chroot /var/www/html dpkg-reconfigure locales
-
-mv /usr/lib/apache2 /usr/lib/apache2_old
-mv /var/log/apache2 /var/log/apache2_old
-mv /var/lock/apache2 /var/lock/apache2_old
-mv /var/lib/apache2 /var/lib/apache2_old
-mv /usr/lib/php5 /usr/lib/php5_old
-mv /etc/apache2 /etc/apache2_old
-mv /etc/suphp /etc/suphp_old
-
-chroot /var/www/html apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby libapache2-mod-chroot php-apc libtimedate-perl
-
-chroot /var/www/html /etc/init.d/apache2 stop
-
-chroot /var/www/html a2enmod mod_chroot
-chroot /var/www/html a2enmod suexec
-echo "ChrootDir /var/www/html" > /var/www/html/etc/apache2/conf.d/mod_chroot.conf
-sed -i -e 's#DocumentRoot /var/www/#DocumentRoot /var/www/html/#' /var/www/html/etc/apache2/sites-enabled/000-default
-sed -i -e 's#x-httpd-php=php:/usr/bin/php-cgi#x-httpd-php=php:/usr/bin/php-cgi\nx-httpd-suphp=php:/usr/bin/php-cgi\nx-httpd-php=php:/usr/bin/php-cgi#' /var/www/html/etc/suphp/suphp.conf
-sed -i -e 's#/var/run/apache2.pid#/var/run/apache2/apache2.pid#' /var/www/html/etc/apache2/envvars
-sed -i -e 's/^"syntax on/syntax on/' /etc/vim/vimrc
-sed -i -e 's/^"syntax on/syntax on/' /var/www/html/etc/vim/vimrc
-
-# Protect apache configuration. ONLY root can read it
-chown root:root /var/www/html/etc/apache2/ && chmod 700 /var/www/html/etc/apache2/
-chmod 711 /var/www/html/etc/php5/
-
-
-5. # Is good idea to add nagios alarm for check every simbolic link is correct.
-ln -s /var/www/html/etc/apache2 /etc/apache2
-ln -s /var/www/html/etc/suphp /etc/suphp
-ln -s /var/www/html/var/run/apache2 /var/run/apache2
-ln -s /var/www/html/var/run/apache2.pid /var/run/apache2.pid
-ln -s /var/www/html/usr/sbin/apache2ctl /usr/sbin/apache2ctl
-ln -s /var/www/html/usr/sbin/apache2 /usr/sbin/apache2
-ln -s /var/www/html/usr/lib/apache2 /usr/lib/apache2
-ln -s /var/www/html/usr/sbin/a2enmod /usr/sbin/a2enmod
-ln -s /var/www/html/usr/sbin/a2dismod /usr/sbin/a2dismod
-ln -s /var/www/html/usr/sbin/a2ensite /usr/sbin/a2ensite
-ln -s /var/www/html/usr/sbin/a2dissite /usr/sbin/a2dissite
-ln -s /var/www/html/var/log/apache2 /var/log/apache2
-ln -s /var/www/html/var/lock/apache2 /var/lock/apache2
-ln -s /var/www/html/var/lib/apache2 /var/lib/apache2
-ln -s /var/www/html/usr/lib/php5 /usr/lib/php5
-ln -s /var/www/html/etc/init.d/apache2 /etc/init.d/apache2
-# Neccessary for to install ispconfig3 from real system:
-ln -s /var/www/html/usr/bin/php5 /usr/bin/php5
-ln -s /var/www/html/etc/alternatives/php /etc/alternatives/php
-ln -s /var/www/html/usr/bin/php /usr/bin/php
-ln -s /var/www/html/etc/php5 /etc/php5
-
-6. # Install mini_sendmail for chroot
-# We can use mini_sendmail for delivery emails directy in remote servers, but i prefer to control it in central mailserver for check spammers and limit it.
-
-cd /tmp/
-wget http://acme.com/software/mini_sendmail/mini_sendmail-1.3.6.tar.gz
-tar xzf mini_sendmail-1.3.6.tar.gz
-wget http://users1.leipzig.freifunk.net/%7Efirmware-build/brcm_2_4_Broadcom_default/build/openwrt_packages/mail/mini_sendmail/patches/200-fullname.patch
-patch -p0 < 200-fullname.patch
-cd mini_sendmail-1.3.6
-make
-# 2e555b2573c3ea65a467a5960f0b51f6 mini_sendmail
-mv /var/www/html/usr/lib/sendmail /var/www/html/usr/lib/sendmail_old
-mv /var/www/html/usr/sbin/sendmail /var/www/html/usr/sbin/sendmail_old
-cp mini_sendmail /var/www/html/usr/sbin/mini_sendmail
-cd /var/www/html/usr/lib/ && ln -s ../sbin/mini_sendmail sendmail
-cd /var/www/html/usr/sbin && ln -s mini_sendmail sendmail
-
-# ./mini_sendmail -h
-# usage: ./mini_sendmail [-f<name>] [-t] [-s<server>] [-p<port>] [-T<timeout>] [-v] [address ...]
-
-#add to php.ini (/var/www/html/etc/php5/apache2/php.ini /var/www2/etc/php5/cli/php.ini /var/www2/etc/php5/cgi/php.ini line :672)
-# sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
-
-sed -i -e 's#^;sendmail_path =$#sendmail_path = /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1#' /var/www/html/etc/php5/apache2/php.ini /var/www/html/etc/php5/cli/php.ini /var/www/html/etc/php5/cgi/php.ini
-
-
-7.
-# Test
-apache2ctl restart
-
-# php -i|grep --color sendmail
-#sendmail_from => no value => no value
-#sendmail_path => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1 => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
-#Path to sendmail => /usr/sbin/mini_sendmail -t -i -fhosting@alojamientotecnico.com -s127.0.0.1
-
-# Sould be good idea check /var/www/html/usr/lib/sendmail /var/www/html/usr/sbin/sendmail and /var/www/html/usr/sbin/mini_sendmail with nagios alarm ;)
-
-
-8. Install ispconfig ........
-
-cd /tmp/
-svn co svn://svn.ispconfig.org/ispconfig3 svn.ispconfig.org
-
-mv /usr/local/ispconfig /var/www/html/usr/local/
-ln -s /var/www/html/usr/local/ispconfig /usr/local/ispconfig
-mv /var/www/apps /var/www/html/var/www/
-mv /var/www/php-fcgi-scripts /var/www/html/var/www/
-mv /var/www/ispconfig /var/www/html/var/www/
-ln -s /var/www/html//var/www/ispconfig /var/www/ispconfig
-ln -s /var/www/html/var/www/php-fcgi-scripts /var/www/php-fcgi-scripts
-ln -s /var/www/html/var/www/apps /var/www/apps
-# After copy, we must clean unnecessary users and groups
-cp -r /etc/{passwd,group,apt} /var/www/html/etc/
-apache2ctl stop
-apache2ctl start
-
-
-### Migration to other server ###
-Really easy:
-
-Do step 1
-
-And after do a simple rsync:
-
-screen
-time rsync -a --progress root@host1:/var/www/ /var/www/
-
-# Install some apache's dependencies
-apt-get install debootstrap libpcre3 libaprutil1 libxml2 mime-support
-
-Do step 5
-Do step 6
-
diff --git a/docs/under_development/DEV_CHROOTED_DEBIAN_5.0.txt b/docs/under_development/DEV_CHROOTED_DEBIAN_5.0.txt
new file mode 100644
index 000000000..b57a7f8a0
--- /dev/null
+++ b/docs/under_development/DEV_CHROOTED_DEBIAN_5.0.txt
@@ -0,0 +1,129 @@
+
+
+Setting up a chrooted ispconfig 3 installation
+--------------------------------------------------------------------
+
+# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed
+# with the steps below.
+#
+# This guide is experimental as there are a few cahnges nescessary in
+# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2
+
+# Install packages
+
+apt-get install debootstrap libapache2-mod-chroot
+
+# Create the chroot enviroment
+
+debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/
+
+# Add mountpoints for the chroot env into the fstab file.
+
+echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab
+echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab
+
+# mount the filesystems
+
+mount -a
+
+# add a default chroot dir for all users of the sshusers group.
+
+echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf
+
+# copy passwd and group files to the chroot env.
+
+cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups
+
+# Create symlinks.
+
+cd /var/www/var/
+rm -rf /var/www/var/www
+ln -s / www
+
+# Enter the chroot
+
+chroot /var/www
+
+# Update files in the chroot enviroment and install some packages.
+# You can ignore warnings about locales, we will fix them in the next step.
+
+apt-get update
+apt-get install fakeroot --force-yes -y
+apt-get install locales
+
+# Reconfigure locales. Select e.g the en_US* locales.
+
+dpkg-reconfigure locales
+
+# run a dist upgarde.
+
+fakeroot apt-get dist-upgrade
+
+# Install apache and php in the chroot enviroment
+
+apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby
+/etc/init.d/apache2 stop
+
+# Exit the chroot
+
+exit
+
+# Moving the apache configuration is not nescessary, as apache reads
+# the config files before it moves into the chroot
+# rm -rf /var/www/etc/apache2
+# mv -f /etc/apache2 /var/www/etc/
+# ln -s /var/www/etc/apache2 /etc/apache2
+
+rm -rf /var/www/etc/php5/cgi/
+mv -f /etc/php5/cgi/ /var/www/etc/php5/
+ln -s /var/www/etc/php5/cgi /etc/php5/
+
+rm -rf /var/www/etc/php5/apache2/
+mv -f /etc/php5/apache2/ /var/www/etc/php5/
+ln -s /var/www/etc/php5/apache2 /etc/php5/
+
+ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid
+
+# enable mod_chroot
+
+a2enmod mod_chroot
+echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf
+
+# Start apache
+
+/etc/init.d/apache2 start
+
+# Install ISPConfig
+
+cd /tmp
+wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz
+tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz
+cd ispconfig3_install/install/
+php -q install.php
+cd /tmp/
+rm -rf ispconfig3_install
+rm -f ISPConfig-3.0.1.4-beta-2.tar.gz
+
+# Move the ispconfig interface part to the chroot enviroment and create a symlink
+
+mkdir /var/www/usr/local/ispconfig
+chown ispconfig:ispconfig /var/www/usr/local/ispconfig
+chmod 750 /var/www/usr/local/ispconfig
+mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/
+ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface
+chroot /var/www adduser www-data ispconfig
+
+# Create a link for the mysql socket.
+
+ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock
+
+# As an alternative to making a hardlink to the mysql socket,
+# change the my.cnf file in the chroot to use tcp sockets.
+# This is more secure but a bit slower then using the mysqld.sock file.
+
+# Restart apache
+
+/etc/init.d/apache2 restart
+
+
+
--
GitLab