This tutorial is not intended to replace a full installation guide to these products. There are excellent sources of documentation available in print and online. However, this list of steps may assist in organizing your efforts into a plan which will hopefully work the first time. If you run into particular difficulties, bring your system (including computer, keyboard, mouse, and monitor) to one of the monthly "Linux Installfests" which are offered by the Kernel-Panic Linux User Group (http://www.kernel-panic.org/). These are held on the Saturday after the group's normal meeting (second Thursday of the month) in National City at the National City Adult Education center. There is a map and additional information on the K-P site.
The first step is to obtain CD-ROMs with the latest versions of the Linux operating system and support software. These may be purchased from stores like Fry's or CompUSA in boxed sets with instruction books and varying levels of support. Some packages offer e-mail support and others have telephone support. The packaged editions will have from five to ten discs. The operating system software is on the three binary discs. You can order these from the Red Hat Fedora site as well (http://fedora.redhat.com).
It is also possible to download the disk images from the Red Hat Fedora site. These are free to download and copy. The Kernel-Panic group sells copies of these discs for $10 for a 3-disc set at the regular meetings and sometimes at the installfests.
In recent months, Red Hat has changed its distribution strategy. For large organizations which require support from Red Hat, they offer Red Hat Enterprise Linux (RHEL). For the users who want a free or low-cost version of the operating system and associated programs, Red Hat is supporting the Fedora project. It is a community-supported distribution. This means that support comes from web site postings and user groups like Kernel-Panic. That user group offers copies of this distribution for $10 for a 3-CD set.
The next step is to check your hardware. You should have a minimum of a Pentium I with a clock speed of 100 MHz and at least 64 MB of RAM. Your hard drive should have at least 2 GB available. These specifications mean that it is very possible to run Linux effectively on a "legacy" machine which is five or so years old. These can sometimes be purchased very inexpensively as used computers since they don't run the current versions of Windows very well.
You will need to consider how you will connect to the Internet. The best way to do this is with a high-speed connection (ie DSL or Cable Modem). In either of these cases, the modem is connected to the jack supplied by your broadband provider. The connection to your computer or home network is achieved through an Ethernet 10BaseT RJ45 connector. This looks like a thick wire with an extra-wide phone cord connector. If you have several computers and you wish to share the connection but you only have one static or dynamic IP address, you may want to consider getting a router such as the Netgear RT-314, RP-114 or something similar. Most Ethernet cards will work with Linux but there is a chance that a very cheap one will not. You can check the Red Hat Fedora site for a list of compatable hardware.
If you are connecting via a modem, you will need to determine if the modem you have is a real full modem or what is referred to as a "win modem". These don't work well with Linux because much of the functionality is emulated with software in Windows.
You can make your system into a "dual boot" which means that when the computer starts up, a program called LILO (Linux Loader) will ask you which system you want to boot for a given session. Before you install Linux on a system which already has Windows 95 or 98 (Windows NT 4.0, Windows ME, Windows 2000, and Windows XP require special instructions. This is a great project for the Linux Installfests held by Kernel-Panic.), make sure you defragment the hard drive to move all of the data to the "bottom" of the hard disk. This will make it easier to partition.
Rather than detail the entire installation process, this guide will give some suggestions which you may want to consider.
If permitted by your BIOS settings, configure your system to boot from the CD-ROM device first, followed by the floppy and primary hard drive. Most systems require that you press F2, F10, or the Delete key during the Power-On Self Test (POST).
After this is done, insert the first Red Hat binary disc and boot (or reboot
with Ctrl-Alt-Delete) the computer. A text screen will be displayed with
several options. If you press Enter, the system will start a graphical
installation. Type text and press Enter to begin a text install.
The system will take a few moments to load the Linux operating system and the installer program. Choose the installation language of your choice and select a "Custom" installation.
When you are asked to partition your disk, use Disk Druid. It's a good idea to place the following Linux directories in their own partition. For sizes, I will assume that you have an 8GB hard disk. You can refer to the documentation to determine the minimum sizes.
Typically, you will want to delete any existing partitions. However, exceptions to this can arise. For example, in a dual boot system, you would not want to delete the partition(s) holding your Windows data. These are usually identified as vfat or fat (ie FAT32 or FAT16 for Windows 3.x, 95, 98, ME) or ntfs (for Windows NT, 2000, XP). In some systems (ie Compaq), a small hard drive partition may contain programs which are used to edit the BIOS settings.
Fedora includes options to use the ext3 filesystem. The ext2 filesystem has been the default for Linux for many years. As you would imagine, ext3 includes new features, the most important of which is that it is a "journaling" filesystem. Essentially, what this means is that a logfile of disk writes is made (similar to what databases do during transactions). The advantage of this is that if the system loses power, it can recover without the extensive filesystem checks usually required for ext2. It is possible to convert an ext3 filesystem to a non-journaling version which is compatable with ext2. In this installation, use ext3.
man
lsattr for details). A good size for this partition is 1
GB for most systems./var it is a good idea to have this on a separate
partition. An added benefit is that if you are installing a new
operating system and you know which device identification (ie
/dev/hda5) is used for the /home directory, you can elect to
not format and erase it during the install process. This can be 1
GB.noexec
which will guard against recent attacks such as slapper, a variation
of the BSD Unix scraper worm. The minimum size for this partition is
50 MB.In past versions of Linux, the main choice for a boot loader was LILO (Linux Loader) . This program had certain limitations in early versions which made it difficult to use large hard drives. Starting with Red Hat 7.2, a new option is available for a boot loader, GRUB (Grand Unified Bootloader). It is said to be easier to configure than LILO so its use is recommended.
In most configurations, it is appropriate to place the boot loader in the Master Boot Record (MBR), a special place at the beginning of the hard drive which is checked by the hardware when the computer is turned on. An exception to this is when you are trying to make a dual boot system with WindowsNT, 2000, or XP since these operating systems also want to have control of the MBR. If you want to create such a system, bring your hardware (with the hard drive defragmented and Windows installed ahead of time) to one of the Kernel-Panic installfests.
If you have one or more Ethernet cards which are recognized by the installer, you will be presented with a page to configure them. If you know you will be using DHCP, you can use the defaults. Otherwise, you will have to supply the IP address, netmask, and name servers for your location.
When you are asked to set firewall rules, select "Medium" and then "Customize". The list below will help you to select appropriate servers as ports which may receive outside input.
| Y/N | Server | Port | Description |
|---|---|---|---|
| Yes | wu-ftp | 21 | This is the File Transfer Protocol server. it is needed if you will
allow outside FTP connections to your computer. It is better to use
a more secure replacement for the FTP server, like ProFTPD.
Better still, use the scp feature of the sshd
server. |
| Yes | ssh | 22 | This is the secure replacement for telnet (port 23 below). Traffic
in both directions is encrypted. If you need shell access from outside
your box, this is a good way to do it. A client will need a telnet
program with secure shell capabilities such as ssh or ssh2
on Linux or Unix, Nifty Telnet ssh on the Macintosh, or Putty
for Windows.
Ensure that you are using a recent version of sshd (the version in Fedora Core 1 is ok). SSH protocol 1 had security flaws. |
| No | telnet | 23 | This is the old way to establish shell access to a system. It is highly insecure and not recommended. |
| No | smtp | 25 | This is the server used to receive Simple Mail Transport Protocol mail. In most cases, you will use POP-3 (110) or IMAP (143) to get your mail. |
| Yes | http | 80 | This is the Apache web server and you must allow outside traffic to display web pages. |
| Yes | https:tcp | 443 | This is the way to add SSL (Secure Socket Layers) transaction capability to your web sites. You will need to add this in the text field below the checkboxes. |
Since we will be adding Apache, MySQL, PHP and Perl separately, do not select them when selecting the packages to be installed. The following packages may be desirable on your system if you want to have both a server and some of the X-Window Graphic User Interface programs.
| Y/N | Group Name | Description |
|---|---|---|
| No | Printing Support | Use this only if you plan to run a printer from Linux. It has had security problems in the past. |
| Yes | X Window System | This is needed for the Graphic User Interface programs. |
| Yes | Gnome | This is a popular desktop manager (you can also install KDE). |
| Yes | KDE | This is another popular desktop manager. |
| Yes | Network Support | Needed to use your Ethernet card to connect to a LAN, DSL, or CableModem. |
| Yes | Dialup Support | Needed if you use a phone modem (not a WinModem). |
| Yes | Graphics & Image Manipulation | Very helpful with PHP. Includes the GD library where PHP can dynamically generage graphics if desired. Also includes The GIMP, a Photoshop-like image manipulation tool. |
| No | News Server | This is the NNTP (Network News Transfer Protocol) server. It is used to let your machine act as a Usenet server. Use it only if you really intend to. |
| No | NFS File Server | This is Network File System which lets other Linux or Unix computers on your network access portions of your file system as if it were part of their own. It has had security problems in the past; use it only if you really need it. |
| No | Windows File Server (Samba) | This is a server which will let Windows computers on your network share files and printers which are part of your Linux system. |
| Yes | Anonymous FTP Server | This package includes the default WU-FTPD server for File Transfer Protocol. Because of past security problems, it is better to use a replacement such as ProFTPD. |
| No | SQL Database Server | This group has both MySQL and PostgreSQL database servers and clients. We will install the MySQL client and server manually. |
| No | Web Server | This is the Apache web server. We will install it manually. |
| No | Router / Firewall | This is used if your Linux computer will act as a firewall (with two network cards). There is a kernel-level firewall that we will use. |
| No | DNS Name Server | This is the Domain Name Server, BIND 9.1, which should only be used if you plan to host domains on this computer. Most security specialists recommend having DNS run on a separate computer. |
| No | Network Managed Workstation | Not needed for our purposes. |
| Yes | Authoring and Publishing | Includes the TeX desktop publishing system and various utilities. |
| No | Emacs | This is a very complex text editor and programming environment. It even includes several games and a Mayan calendar. Use it if you know it. Many users prefer the simpler vi editor. |
| Yes | Utilities | Contains many useful programs, including ones which make it easier to read and write MS-DOS floppy disks. |
| No | Legacy Application Support | Not needed for our purposes. |
| Yes | Software Development | This has all of the C, C++, and Fortran compilers and utilities needed to compile programs from source code (ie *.tar.gz files). |
| Yes | Kernel Development | This mainly includes source code for the Linux Kernel and is needed if you will recompile the Kernel. |
| No | Windows Compatability / Interoperability | Windows Emulator (WINE). |
| No | Games and Entertainment | Games? Who needs them? |
| Other packages not in this list may be installed or not based on your discretion. | ||
Depending on the number of packages you chose to install and your hardware, the process can take 15-45 minutes. Now's a good time to go get a cup of coffee and read the descriptions of each package being installed so you will have a sense of what is there. After the packages are installed, you will be asked to make a boot disk. This is a very good idea.
linux single at the LILO: prompt. You will then be logged
in as root and can change the password with the passwd root command.
Restart the system with the reboot command.After all of the packages have been installed and you make your boot disk, you will then be told to allow the computer to be restarted. This will take a couple of minutes. You will see the various servers shut down and then when the system restarts, you will see them come up again. After the restart, log in as root.
su - to elevate your permissions to those of the administrative user.
In this example, using the dash after the su command causes you
to get root's system environment, otherwise you will inherit the environment
of the user which made the main log in. The Red Hat Package Manager is a great way to install binary distributions of programs. You can use RPM Find (http://www.rpmfind.net/) to look for packages if they are not on your distribution disks or you want a more recent version. In our case, all of the packages we need may be found on the three discs.
Disc 1
You can insert the first Red Hat CD-ROM in your system. After the drawer
is closed, you will need to mount the CD-ROM's file system to make it available
to your Linux system. This is accomplished with the mount /mnt/cdrom
command. Normally, this command would require many more parameters.
However, there are definitions in the /etc/fstab (File System Table)
file which take care of the details and let us use an abbreviated command.
Once the CD-ROM is mounted, a message will usually appear on the command line.
To view the contents of the CD-ROM, we can type the ls -laG /mnt/cdrom
command to list the directories and files at the top level of the CD-ROM file
system.
The files we want are located in a sub directory so we will change to it with
the cd /mnt/cdrom/Fedora/RPMS/ command. We can search each
of the discs, in turn, for the files we want with the following command:
ls -laG httpd* index* lynx* mysql* perl-DBD-my* php* vim-e* 2>/dev/nullThe command says we want a long directory listing (-l) showing
hidden files (-a) and not showing the group information (-G).
Any errors which are generated to say that a requested file pattern is not found
will be thrown away by rerouting standard error to /dev/null (2>/dev/null).
Most of the files we want are on Disc 1:
Since we have several files, we can copy them to root's home directory (/root)
with the following command which makes use of our ls command in
a sub shell:
cp $(ls httpd* index* lynx* mysql* perl-DBD-my* php* vim-e* 2>/dev/null) /rootDisc 3
We now need to insert the third CD-ROM. First, we must change directory
to the top level (cd /). Now we can unmount the CD-ROM file
system (note the spelling!) with the umount /mnt/cdrom command.
Next we need to change into the RPM directory again with the cd /mnt/cdrom/RedHat/RPMS/ command. The files we want from here are:
We can use the same command that we used for Disc 1 to copy the matching files to the root user's home directory:
cp $(ls httpd* index* lynx* mysql* perl-DBD-my* php* vim-e* 2>/dev/null) /root At this point, we have all of the RPM files which contain the programs we
want to install. We should change to root's home directory with the
cd /root command. We can install them all at once with the
rpm -Uvh *.rpm command. With this command, the capital
"U" means update the package. The lowercase
"v" means show a list of all packages installed.
The "h" will cause "hash" marks (#)
to show the install progress. Some packages you may wish to install may
require that other packages be installed first. This concept is known as a
dependency.
MySQL is installed but it
is not started automatically. We can make sure it is installed by executing
a whereis mysql command. This will tell us where the MySQL
client application and the documentation is stored. If we try to start the
MySQL client with the mysql command, we will get a cryptic message
which tells us that the server is not running. In Red Hat Linux we can use
service mysqld start to start the server. Now if we try to
start the MySQL client (mysql), it works.
In the MySQL
client we can perform simple commands such as show databases; and
use mysql; and show tables; and describe db;
to test our implementation. The exit command leaves the MySQL
client application.
Now we want to test the Apache web server. As with MySQL, it is there
but hasn't been started yet. We can use the whereis httpd
command to find the executable programs and documentation. The web server
is now known as Apache but to the system it has the simple name of httpd (Hypertext
Transaction Protodol Daemon). We can test to see if it is running by using
a text-based web browser called Lynx using the lynx localhost command.
Since it is not running, as with MySQL, we can use the service httpd start
command to get it running. Now when we use lynx localhost
we get the default web page.
PHP is an Apache
module (mod_php) and to test it we have to write a program with PHP code and see if
it works. The default location for web pages with this version of the web server
is /var/www/html and we can use the cd /var/www/html command
to get to that directory (we can change this location later in the Apache configuration
file /etc/httpd/conf/httpd.conf). We will use our favorite text editor
(vi or pico) to create a simple PHP page called test.php with the following content:
<?php
phpinfo();
?>
Now we can test this with Lynx using the lynx localhost/test.php
command. If the file was stored in the correct location, we should see
the PHP information page which was generated with the phpinfo()
function.
With that working, we want to test to make sure that we can access the MySQL database. We can do this fairly simply:
<?php
if (mysql_connect("localhost","root"))
{
print "<h1>Database connection successful</h1><hr>";
}
phpinfo();
?>
When we look at this with lynx localhost/test.php the print message in large letters will appear only if a database connection could be established.
We have manually started the servers but in order to cause them to start automatically during the boot process, we can use a system utility called ntsysv to indicate the servers we want started. We will also use this opportunity to make sure that we only run the servers which are essential for our system. This is important for security. Below is a list of the servers we want to be on and a brief description. For this setup, all others should be off.
| Y/N | Server Name | Description |
|---|---|---|
| Yes | anacron | This is a scheduler for computers which are not left on all the time. |
| Yes | at | This is a one-time scheduler. |
| Yes | autofs | unkown |
| Yes | crond | This is the main scheduler for a Linux or Unix system. Many maintenance tasks are performed on a regular basis, such as rotating logfiles on a weekly basis. |
| Yes | httpd | This is the Apache web server. |
| Yes | ipchains | This is the old way to create an internal firewall. |
| Yes | iptables | This is the new way to create an internal firewall. |
| Yes | keytable | unknown |
| Yes | kudzu | This is the hardware server which checks for new equipment installed at boot. |
| Yes | mysqld | The relational database server we will use. |
| Yes | network | Needed for ordinary operations and to offer our web pages to the World. |
| Yes | random | This is a random number generator used for other system tasks, including generating password hashes. |
| Yes | rawdev | unknown |
| Yes | sendmail | Needed if we are going to receive mail from outside the system. |
| Yes | sshd | This is the Secure Shell server, a replacement for the insecure telnet server. |
| Yes | syslogd | This server generates log files for the system. If your system gets hacked, this is one of the first things the hacker turns off. |
| Yes | wu-ftpd | This is the File Transport Protocol server and is needed if we will accept files from the outside. Note, however, that sshd has a secure file transfer protocol called scp and it should be used if possible. |
| Yes | xfs | This is the font server for the X-Window system. If you are not running X-Window, you will not need it. |
| Yes | xinetd | This is a meta server for other servers. It will start a server if a request comes in and the requests meets the rules set in files in /etc/xinetd.d/ for IP address, time of day, and service. |
| Other servers should generally be off for a secure system unless you are certain that you need them. | ||
To make sure that the proper servers will come up after restart, as root we
can use the reboot command to reboot the computer. Once it
is up again, we can log in again and as an ordinary user we can use the ps
ax | less command to look through the list of running processes to make
sure that MySQL and Apache are running. Another way to achieve this is
with the following commands:
ps ax | grep httpd
ps ax | grep mysqld
This will list the
processes which contain those phrases (httpd and mysqld)
in the description lines. We could also repeat the tests in steps 11-13 but
we should not need to start the servers. Note that most servers can also be
restarted (needed after a change to a configuration file) with the
service server_name restart command.
If everything has worked, you have a server with PHP, MySQL, and Apache installed.