From 35c10155f8cc53a69665299f53fed6f28519f13c Mon Sep 17 00:00:00 2001 From: tbrehm <t.brehm@ispconfig.org> Date: Wed, 26 Aug 2009 12:31:41 +0000 Subject: [PATCH] Added a first draft of the chrooted install manual for debian 5.0. --- docs/CHROOTED_DEBIAN_5.0.txt | 129 +++++++++++++++++++++++++++++++++++ 1 file changed, 129 insertions(+) create mode 100644 docs/CHROOTED_DEBIAN_5.0.txt diff --git a/docs/CHROOTED_DEBIAN_5.0.txt b/docs/CHROOTED_DEBIAN_5.0.txt new file mode 100644 index 0000000000..b57a7f8a07 --- /dev/null +++ b/docs/CHROOTED_DEBIAN_5.0.txt @@ -0,0 +1,129 @@ + + +Setting up a chrooted ispconfig 3 installation +-------------------------------------------------------------------- + +# Follow the steps 1 - 8 of the INSTALL_DEBIAN_5.0 Guide, then proceed +# with the steps below. +# +# This guide is experimental as there are a few cahnges nescessary in +# ispconfig to get it workin. These changes will be part of ISPConfig 3.0.2 + +# Install packages + +apt-get install debootstrap libapache2-mod-chroot + +# Create the chroot enviroment + +debootstrap lenny /var/www/ ftp://ftp.fr.debian.org/debian/ + +# Add mountpoints for the chroot env into the fstab file. + +echo "/proc /var/www/proc proc defaults 0 0">>/etc/fstab +echo "devpts /var/www/dev/pts devpts defaults 0 0">>/etc/fstab + +# mount the filesystems + +mount -a + +# add a default chroot dir for all users of the sshusers group. + +echo "@sshusers - chroot /var/www/">>/etc/security/limits.conf + +# copy passwd and group files to the chroot env. + +cp -rf /etc/apt /etc/passwd /etc/group /var/www/etc/ # Cleaning unecesary users and groups + +# Create symlinks. + +cd /var/www/var/ +rm -rf /var/www/var/www +ln -s / www + +# Enter the chroot + +chroot /var/www + +# Update files in the chroot enviroment and install some packages. +# You can ignore warnings about locales, we will fix them in the next step. + +apt-get update +apt-get install fakeroot --force-yes -y +apt-get install locales + +# Reconfigure locales. Select e.g the en_US* locales. + +dpkg-reconfigure locales + +# run a dist upgarde. + +fakeroot apt-get dist-upgrade + +# Install apache and php in the chroot enviroment + +apt-get install apache2 apache2.2-common apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-php5 php5 php5-common php5-gd php5-mysql php5-imap phpmyadmin php5-cli php5-cgi libapache2-mod-fcgid apache2-suexec php-pear php-auth php5-mcrypt mcrypt php5-imagick imagemagick libapache2-mod-suphp libopenssl-ruby +/etc/init.d/apache2 stop + +# Exit the chroot + +exit + +# Moving the apache configuration is not nescessary, as apache reads +# the config files before it moves into the chroot +# rm -rf /var/www/etc/apache2 +# mv -f /etc/apache2 /var/www/etc/ +# ln -s /var/www/etc/apache2 /etc/apache2 + +rm -rf /var/www/etc/php5/cgi/ +mv -f /etc/php5/cgi/ /var/www/etc/php5/ +ln -s /var/www/etc/php5/cgi /etc/php5/ + +rm -rf /var/www/etc/php5/apache2/ +mv -f /etc/php5/apache2/ /var/www/etc/php5/ +ln -s /var/www/etc/php5/apache2 /etc/php5/ + +ln -s /var/www/var/run/apache2.pid /var/run/apache2.pid + +# enable mod_chroot + +a2enmod mod_chroot +echo "ChrootDir /var/www" > /etc/apache2/conf.d/mod_chroot.conf + +# Start apache + +/etc/init.d/apache2 start + +# Install ISPConfig + +cd /tmp +wget http://www.ispconfig.org/downloads/ISPConfig-3.0.1.4-beta-2.tar.gz +tar xvfz ISPConfig-3.0.1.4-beta-2.tar.gz +cd ispconfig3_install/install/ +php -q install.php +cd /tmp/ +rm -rf ispconfig3_install +rm -f ISPConfig-3.0.1.4-beta-2.tar.gz + +# Move the ispconfig interface part to the chroot enviroment and create a symlink + +mkdir /var/www/usr/local/ispconfig +chown ispconfig:ispconfig /var/www/usr/local/ispconfig +chmod 750 /var/www/usr/local/ispconfig +mv /usr/local/ispconfig/interface /var/www/usr/local/ispconfig/ +ln -s /var/www/usr/local/ispconfig/interface /usr/local/ispconfig/interface +chroot /var/www adduser www-data ispconfig + +# Create a link for the mysql socket. + +ln /var/run/mysqld/mysqld.sock /var/www/var/run/mysqld/mysqld.sock + +# As an alternative to making a hardlink to the mysql socket, +# change the my.cnf file in the chroot to use tcp sockets. +# This is more secure but a bit slower then using the mysqld.sock file. + +# Restart apache + +/etc/init.d/apache2 restart + + + -- GitLab