December 31, 2009

Howto Compile an upstream Kernel the Debian / Ubuntu way

Filed under: Server Technology,Unix Administration,Web Hosting — admin @ 12:30 pm

Compile vanilla kernel on debian / ubuntu

I realize that there is more than one way to do this, but this is the way that I have most recently done it, and it works providing you with packages that you can redistribute to your other Debian / Ubuntu machines or friends.

Grab the dependencies you’ll need to build the kernel

apt-get install fakeroot kernel-wedge build-essential makedumpfile \
        linux ncurses-dev git-core linux linux-source ncurses-dev kernel-package

Grab the kernel that you want

cd /usr/src
wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.2.tar.gz
tar zxf linux-2.6.32.2.tar.gz
cd /usr/src/linux-2.6.32.2

Configure the kernel, I use the config from the stock Ubuntu server kernel, then run “make oldconfig” (hold down enter until all the questions are answered and it gives you back a prompt). Then, run “make menuconfig” and add or remove whatever feature has caused you to want to build your own kernel. Save the config.

cp /boot/config-2.6.31-16-server /usr/src/linux-2.6.32.2/.config
make oldconfig
make menuconfig

Now, we’re ready to compile, set the concurrency level to however many processors (including hyperthreads) you have plus 1 or 2. I’m building on a Core i7 860, so I use 9. (Quad core, which hyperthreading, plus) 1 = 9.

Pick a version number for your kernel. It could be anything you want a-z, A-Z, 0-9, +, or . (no underscores “_”). Thi s will go after append-to-version= below

export CONCURRENCY_LEVEL=9
time fakeroot make-kpkg --append-to-version=.31338 kernel_image --initrd binary

This took about 30 minutes on my system, and leaves me with the following files:

real    30m27.995s
user    79m17.300s
sys     10m38.560s

root@replay02:/usr/src/linux-2.6.32.2# ls /usr/src/*31338*
/usr/src/linux-doc-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_all.deb
/usr/src/linux-headers-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_amd64.deb
/usr/src/linux-image-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_amd64.deb
/usr/src/linux-manual-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_all.deb
/usr/src/linux-source-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_all.deb
root@replay02:/usr/src/linux-2.6.32.2#

Now it’s as simple as installing!

dpkg -i /usr/src/linux-headers-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_amd64.deb
dpkg -i /usr/src/linux-image-2.6.32.2.31338_2.6.32.2.31338-10.00.Custom_amd64.deb

Grub2 should automatically have updated and found the new kernel!

I hope this worked out for you.

Comments (6)

November 19, 2009

Sharedance on OpenBSD 4.4, or 4.6 Howto

Filed under: Server Technology,Unix Administration,Web Hosting — admin @ 4:24 pm

I just found out about sharedance. It looks amazing. I haven’t fully tested it yet, but I am installing it now, and thought that I would share my experiences with it.

First step is to grab ports.tar.gz from ftp.openbsd.org/pub/OpenBSD/4.6/ports.tar.gz

extract into /usr

cd /usr/ports/databases/sharedance make install mkdir /data/sessions useradd -d /data/sessions -s /usr/local/bin/bash sharedance chown -R /data/sessions sharedance

Add the necessary stuff to /etc/rc.conf.local

sharedanced_flags="--directory=/data/sessions --uid=`id -u sharedance` --daemonize" #sharedance flags

Add the startup script to /etc/rc.local

if [ X"${sharedanced_flags}" != X"NO" -a -x /usr/local/sbin/sharedanced ]; then echo 'starting sharedance...'; /usr/local/sbin/sharedanced ${sharedanced_flags} fi

Now let’s try to startup the server and see what happens:

Copy and paste to test our settings

sharedanced_flags="--directory=/data/sessions --uid=`id -u sharedance` --daemonize" #sharedance flags

if [ X"${sharedanced_flags}" != X"NO" -a -x /usr/local/sbin/sharedanced ]; then
echo ‘starting sharedance…’; /usr/local/sbin/sharedanced ${sharedanced_flags}
fi

Now we should start to see sessions flying in!

# ls 001edf5da8d18e03294a0bef64db1c60 3cdd3cb0dcd8c63d4b0afd8d7909c16f 814dce610e0a3a2538414dc8e7aad3ae c50af33ac412115401a2ac858ef913c2 00ac9103e418edb613a671ddff036a25 3d6d943bd531ef871681d1662dc6270d 81e0b8d9e5c79aa136ebc9058d87f753 c51caf63b678bbe6fc49d50d68fe56e0 033aa2d8bf72b94da58e95902156dc24 3dc2a1ed8a96161427f4360dc5f5c129 831fe15e21aa21dbebad685476368028 c5593b34010f9493d3217df8b3420239 0476651594f6a6190fdddd5adc56513f 3e06310caf3e2ef196d064b7af90582f 83b3a0e2eb0d7c03e981a80cf659772c c5c61dcc71a584eb63369743a32d63b4 05c92224ece3411bb0a3ec27863ea347 3fb4dea4ea7641b220269c768a4920f3 83e270e9efa9a5f823d22b94186430ab c6adf606b7ff82afff5b4a6fce0fb890 05fb3f07e422c538ed267f2041f229e2 3fd9eab54c416715c1fd99752a0f3351 84df07b05fe3189cbbea0ae946ceb843 c6ee1d1d6ff3613998bd296f941c9db2 06519bdce1ac395913dd23ffed1002bf 3ffbaef2c507ddfb76bbf46fbdf32167 851785879ad35c3f6615f14cfb7a806f c70574b49a4917aa20508f37a1ae50c4 06c81e70202b864b0895847022d1715a 4018f199d3a7186d008217ef788e9ce6 85490157e4a44d4cd2bd7b0600de2877 c7a4dc2ffd555eabf04d4e8fd6ea0cf8 079a30c35a2947d317e3c833a8d3325e 40b205a685678009fcf1bc434edf7afa 855f44a679f5ca13fecc83680666bffe c8ef6c5bf98f4027300cc72967f26121 07f4ed3dd2683b3ca1c81a16b1440363 40b93755f39a6474a2f295cf3c208962 85e7ff111f56ed0e33a2fea0a02c069c c968558f44298ec1a1ac34b33e1962bb 0980b72761b136af1236fe43487e446c 40c899104112267e03ca7a6bc8c370b0 86128ccdc4cfe0bd08c16ecb3de30c24 ca62d52ea41cb45cd94f2d56749047f6 0a66f613410e1fdb0483bd0eb8f9d1cd 40d02458229a4cab0b4b23ddfe2f019a 863d3799630549e4ecc1e756e1db4bf6 cc0003b0215aae77700a55d96d489a51 0b15ee94e850bc18d1978cf80337a274 4199aeedf821fbf48a53fa06736af5e9 86a3426c3731983ffaa72d31175478da ccfc5ada77df706feaa6ee006e2bc64d 0beac9dec32e412a6d0d802f4c0ae8d0 41b70e1224550fcaf95e414d3f8337a6 873c3d41cb310c64814e3f25c6c6ce73 cd01497f8d6877a67599394c010d8a50 0c69b4162502ae2e9e1001f20a5a72cb 4324da6624fcc2b3bfd2241082ac2e69 8741ac5b8136184424495454c50c9d39 ce2b2bd02b29c04aee1cce9e447b707d 0d24b4c31fa9bef69b41a778660ec04f 432944723392d737c917d2d9cb0f6192 8771bfbfaec46c8286a19540ac198a4a ce898b71bcc6c90ecd7828637d260bd0 0d4580d01d8cbd8f7b9350a1a2a17a89 45da09fe7eee1b885999d88c3b3967d9 877c985c6a403a805052e678929295a2 ceac5f41c902a89bfd27d3508b903d7e 0d7b4d3873055690730ee931530fdf30 45da9e390bbe331c866f62117190d707 8833d957a287714b806df3aa5eb86a14 cf2fe75a711bcc7a2e0bce4a4b72bbc3 0da2970092019bbfe5a1679dc05502c7 45e41cc5dd4b90e506f04b9019dd5e55 88c47114b3f71c4be490096ab4a50bd8 cfbbd96e3c74da98d448e86efb82f164 0e5a70cd126d43ecb5787de1e8afcf1b 4646bf3c4af6b77ce20499030a1ed4d0 894438f074a9a2c98ea1bd6af6683f82 cfcf2cd796a92ba7e50aa060f747a7fa 0ec03366892da6dbc9d6fdd6ed9e5e9b 48bb5039203e532abdc5f506b26eee34 8a8f83a076687d6a1f2d4a566c8c3141 cfd197d7477d1213526847ec921e3d6c 0ee71d5c28915d1173e899487335a11d 48fb02b71f186c33c9f11fc7a3d35b5e 8aa94c210f0136b0454a9f3465b56df9 d05babd923187210abcc791a336427a2 0f2a1a174d2b4bcd5fc96617273facfb 491715ffaf8903871b0985f95df6029c 8b17ebebfecf2819ecb8fbdf7f5dfabf d26725da5a6f65ee5e30daf2e4ac87d7 0f6eb10f87fc021d87ee7cf027690035 493e3961e44eee9280d03f6cc184cf14 8bd62827e7ad205e4c0aa124fc13a67e d3191968baed188ea81797a4c200e89b 0f9baff788293fbfe9513fe9a6b96c12 498d7ddadaed5d3d619526e9178f6891 8c56ab1bfd1c11fe07b43bc92cf51ed3 d37e4c3d2ed8450a91dba764c7900b03 1046a1bfb6b84b317a18a8f13f052ebe 4b1f8cc67276c34bf6dc4775a1b87a5d 8c74de13ba8c71b39df665a88b699403 d37e6b44531779633815348d20377332 10b2f9793dc0b2fd03f27f2072a953c4 4b2c05bb7c148e870b50dc9c6506b035 8d07f4b82fa5b040afb965e08811c494 d3f433130238be83cbf53c6b086d663d 112ef98e8b72035be52750f6c7756842 4c9f290a38ee3077026b255de6479c31 8d587ffdba8766051311974647dc1b8b d599af007dc4d0489b57da351e60e8df 1190d874fd580bbb21e94b538fd8f9dd 4d59cb6badbeed1e0bb82282cf2e9868 8e22dbe94e2afbb908aeb11c3adcf8e2 d5ac8eb6974fe941765e60714fdd126c 12119c8588cf09b9b9a0f38da4831cef 4d703d8350f5f05d6f50aebad33e50d2 8e950076a79adc26a79dca69033bdf8d d66e00575ea0a0f7cbbac7f6a08b74e5 122a2b0a76e68c93d951f05128fbad18 4f55d1c5554823ddbcda16687094e3dc 8edb798e568641f9a1c406f669bae651 d76101b243fb513330375024de87ec1c 12508661d6fad03d673eb8c3ae9e3153 4fd284746f6afdab5fe7b4fa03ffbf78 8f7f6d16ee336deb224cccd624492d9b d76fcf0e7d7f8ddb5a4f50a4775e2679 12540f56caf9350c9be0703cb5860f36 4ff79a4a69b192a3b0223c3f1c67ff3e 8f86349cb890dedb02f0d3662bf36e6a d797e249ec56f08240bd5ac3e4f88dfd 12a9336e3e00df763f232e5271d7b628 504c4799a5f3d905c5f506dc8c5bcfe9 9001f7fb16b58824c2c59b35e9e29c62 d9db512115f1ef29fa14c27f60f8ca56 12aeeb8fadd87a69b932cac2cfa56b9e 50eee4621a055d10226baf27c510eaba 90238c9a0529e84149858dc4d3cae15c d9efe16d965629b37ec6b08a5b2a0422 12bed8909062dfc3928d1eae10920f92 51cc90889fb4afec426aa48fb39f3efb 9070bf70553fe3e10a60891a42b28d16 da395b3ad88750ec17463c614f6315bd 1359adb01bdc65a5c59c537ed7c7178c 5250845bd1aeea11aa242ea797dd8350 90d9083b9be3254edaca685142c09b3e db52e5b87129567d1fce7a1969075828 13e3ad71c4825d968ec1141f78573aab 5256f1933528441eab02c9bfbdbd7b19 90ec8cc03b9b583d90a9a21b5a3a6ddb dc30ddfa8d46f409195fefa025bf24c1 1441cbee7126238d5d2b925604840e7b 5288a3a0ea4bb154034cc6db605fd781 914cdb0e08cc41f4ddb47de52e689777 dc5f9c776bb354bb7ea4bb3e7e8cd774 1464dff10323fc531cb85b3dc753c3d7 52cf97b9403c8f6db2352c4c2d8766cc 917f8c91f24d653be7bf288869a8235d dc60b150d56b5053cf3f58434f887a93 14cc6c7eeb24e46280c39c728f3c5209 538bb3eb2ee5fbc2f6fc41b933dcaa47 91c7668f914d5fde2f997d9b7d148a2b dcbe39f2e2b19a37d6e34e94f8a03f7e 14ce97dd2a401adbac78e8afaeba9394 544179e8a84b1c1c7a4016c09bb0c8d7 922b27b363065bbd33c9ad7077543336 dccf4bddb8c414f32563633dfc795efc 153f603ede2fba8027c4bc4bcc7d7de7 54ab43500a3065be2b4be0e56d884431 92861a3b27b08ecb26cc2703bd1c6d80 dd0af6a59d6bb46ef569a3ba53e18a0c 15f02765a5e2a7304f8d09e6fd4680db 55357f038cfa2a2111d39bf85fc8e1c5 9292aebc9a3c8fff8fae7aca768c7c65 dd1ff4f30d973b197f5b6be99cd90ef8 1643dc012e773fdc958b18772cb7a0fd 5575acf47e7136be13904d17cbdde7df 9353c488e11ea4a6f34e15fd400295a2 ddbcacfbebe9567b4b24493987aef7e0 172507353b3e50cd85063193e57f4b31 560dc69961e17c9e7aec56efd54592a1 9665b317a971a8fba55a87d133f76a0b de67a791e638a8dc2edaf08689166dfe 185a202939d8cb7b736ef877d34aaf00 563125796844d92f95c1ed9cb54a7d91 966a49f9f30e0b839b57ec07cacc6e81 dea3a2b4c83390753e3f2ff2c344d188 1a99c88a9077c13efda71faa8f50d74e 571395947eadde4abb2c2a345bc0e1d9 96e3b6f63a6c69986d19bbd479638215 decf1c0192fb9ee532bfdf1cb9416ef6 1aa0f3c275fb60f40b9371b0d857a1f4 596d9bdef491911f18b298424ddbf58c 9787336bf9d081f4caa811f8353f7340 deeced7d2d3c426dee61e60672ee3a50 1b27431c5f1737349ad5e140924b8a69 59d07845b020f526f54479926765d804 97d35e888eb9688b1f6da0d42273bf4a df150b45796b10bb8bc110c670fa9bc8 1ba5f9b8715cc23ac19e7434769c6696 59d3b3bee0b78302571e25fcc62c27e1 989e0612e82919b8908c7aa46a26edbc df345b3351b6df05bd059be9a9cb2ea5 1bc292a9c6fe12046f3f7ac75d5dfddd 59e743d53d48807e3b6f5991cf41eb06 98b2a94047030f0abd8f6ac89aa6bfc3 df93ae0521b06819b442473c73e992bc 1bc45f933262092576fab48198f35fa5 59f2520b28b6c23519793c5451090aad 98f5ef89a54f3ea65d20130d9abe2f82 e09f180fb8c16c183fc55787cc97bbed 1bd0dfea4d1252f5277e25515ec45a7e 5a3a13a2aa39b4a804baf16db7f66f95 99280334868ee3032819a26a1600f723 e0d1d1d4d8967f89e668b8929f76c65d 1c13572093eb1433481f2584f90c331f 5aaffe94ac2d17bbe3f8f158fea42ec6 9a4e32541908fda8b88debf96ce14679 e267186c0f088a884b0044a64669a5e8 1c16868d78fd1feb6b033533b571465c 5b6d8a968e03eb6b34d65606c34b9aee 9b0bd36ef752f43da7bc5db86980fb7f e306f8b2c17404b64055acdf24a8610b 1d3f97e4b47698b4f167557f9a6efbbd 5b84b1f80dacad44a802c23a202c1833 9ccc5b272bcfeba28903fbaaee5bef82 e31ada7de97efb9854c2ebc32e396cea 1d8a3dc63ccd8740444ab5d628994acf 5b8ace311e8568c3a6000c1cd4af8bd8 9da1bc83ce91073387344d94d62ab588 e3ca074bca3449c0d7c16388ff554bb2 1e256c4c4604f7991a951c87328911f3 5c398a63a48895097edf6a802f7fc7b2 9dd2242d3b1e7ea345076ffcaed7e697 e42bd1305fab7f08e4e2124403d5243a 1e3cde9fb08fa9f1a1edec32fb7699df 5c4f3f3c2f7475df291b42b4bcdb6574 9ddd3e084b734a862d8b38fa585a379d e444af5ff8f8fdafb85aa7e7556c0cd7 1e4ce54412ee2512fa91bd0912fb8c3d 5c9833068dbbfd4506a86877109cf3c1 9e18b5e61b8d8e514bc31543a0f238c7 e54b1f4f5ca3fbceaed4717674e7905f 1fa981e2f5066e94e475447cec9b8eeb 5d65eca052c9a4efc4e8243ddb2eed84 9e25920b0a91c8ae292b7c0139caa0a2 e5ab36230422c480f62cca52973dee34 2003adceaf78a3a88b8ee0c418529306 5d9ded0c7899b1b749a6598a65a15cf2 9e617843a88ef0af374947060e9e74ac e66843b155225f4ecfa3e9d0e1b932f0 20e36a396c30c8a5f0266223b39ca2c0 5dbcc2bf4537a98ecd63861bd3dd5141 9fc917f809048283e695e17357fea707 e7b7d6f2b04fb09c779ecc0be21b2bd8 2124ebe405bf1dee64170cda12e93173 5e224a6ae38d9b799ab59b1153239563 9ff73d1c75fbbbbf015eb2971355f5c6 e7ebe045afe18f4856967a241572e226 227df9b3ffd91c1657557af74e2d375f 5fdb957e65e4c2cb2fe43386336b5cfd a0390cfb7c5a06551b9005de70d88228 e86ec421cf2f9d261be5766e49e97fff 236282461bbd213c7aa100df5f933427 60134a92ee1772d47e7c096a479b1b85 a066b22f6e91097bc67ccd3b0ef675e7 e93c4702f516b91bc5a315a5dca84b6b 23cede97d2ea840d4a2648eab9e29b49 604e0d30ed8eaa437439284dd3b47e50 a137a4ecc576c838e96a274e2066c06a e949afa837b59dc0d5a7eb29d08d7210 2418e16a827c0ef01c5ed14f8d6138f6 6083c5d37ece3403b606b1efbbb03be5 a1760f57d8f1e6fc2a11f0f438eaf5ec e961fc7fc5e4850ca40fff320646bd23 2448c46a9cc0b3b9ceae7e89dd0ebc46 60e76286eeb26d1236d06b72c77918c1 a4b305457e7a4e717912e2fd51bb74fd e99ba22a764b31a6997ccf3aa7259ea8 24b98f5105b1521ab6da2d8a354e5806 61bb16c54b6f1c217bbb2d122dd6ba08 a56941d55b63144c29a0fe7da79e9123 e9e25a1ede0c152d3259b042e96a5f4c 24ef70171b4a5dffcf10b6f7818313aa 62937e71ae5566884cbdc984a8ad4156 a594ed47a4de91dffe4778e83ddc584d ea9b3e698623d1e206f3725fc3fcb120 253f1874750b14792af380f79ff31c0a 629c07530536d701fc266826f3cfdf14 a5f5bd514b042e6ad8ed1fe9ef039630 eb1f8373208aefae20356f9a9276190b 25a3938ade3c8a843f9a00f367c7c955 62ffd79d2866365f4cb6bc4201e14d75 a6de53b408e1256c59d1c59dcbbae10b eb4a3fe5451679b5816d189209e305e7 25a91c14c272a868947c640ebe318e90 65c1acd75003b18228adad66bdc60546 a8f82f2ad0274fec83f4c2aa5f65986e ec1f524cef0c6c6a9be5d9ec8c8335d6 25efcde2f2fdb2180e142adc9b8210a5 660c8f895fb0592de5b10c5aecbc0afa a99edb21e9b41a9fc2e6a9d21ca9dcbe ec5790667a6168b0bdc229c6f580347b 264fdfd38be0262d6273d22a10be8a65 661fc6060012b4cc359729d38455b327 a9fcb93148c9a84bb44b2a8648291fcf ec82cd6045b2a8ac954d6b6d52e1540e 2737c1c0d5e0955705086b289a6c07fd 670250e7f2a47264c3447b85344679cb aa2ebc08a20c77cde35197973133d4ab edb33ca16036ab1076bb12013b3799c7 275aea7925ada3d1064442cdd70c85ae 67a95e4017c68d6165ab140c037c8c38 aadd7ee32896b9d462048437ef6362ab edcb088759aace567b105c431ec8f5b9 282c0c541a6e4dba72229d5a45ec5f15 68de695132ddd80d07e18357cdc59875 abdfb4f4cb70d24fd065185f787afa81 ee59d0b44d292f2d10e7334c6a365f5c 2845e38ca606d92bbae7703933473d3e 69ce500213c2d3532219fdc461a6f5b1 abf13e218f9ac6770e130f2cdf8df6d0 ee5b377fa8cf4ed6aa8869e79d79f787 28bd5b1550289d8e1e2b009bb5839169 6caa0e5b391e1ba729387137629c4bb1 abf57ab88fc8fcaca090ec25a278aa0d ee7120c9e3dd62bda0f0ca03fd905ad3 2a80b23c369b2e8e2a9dd2ab9ed52539 6cac3fbac016f58b554c9c42bec563b8 ad23b6d91e74af64529a8a547005e745 ef44dba4c4712ff5a66e4625c7c6c4af 2adf79d6a98425ce1641e3e02b778fe2 6eac4c632d6c1e232a869c3f176e5763 ae94717e8fcd455de0d63c47953cdb51 f02a17a85ceb7996ae4f0185f4023143 2aed851c26f4c4ba54a63d57abedef4b 700429bcbfafd3a3def489a427568d66 ae9d5d497d8b7bf93c93ff769040fc6c f096bbbbd5d8ce8684eb7074bdcea9e3 2c1ff6f7d8356bf4c585e11ab7d01c79 706d2fee6062ccd2d6a468cbe5076b71 aec0e3f388491bcf424c49f063f43cb2 f0f5271615b2f05b229922ff35ad40d5 2c9b8ad03467ab0307e15376c5075798 71198db33dcaff531c9074063aac7a96 af6195347b60139eaadde2ef86e7eb4c f177d6e27e279206a1c83a8a34491dea 2cf71ddf4c69bbfb162ab546b5c3c226 71b064ad7bf71131c44363d9e92cb8df b01defee71f5a549083edeb60de31798 f23396a600bc031ff53fc1b4efef98e8 2db0ab9f95c3182fb44d2700bcf0c315 71e34875ae3d53f7647d8e2783459ceb b0405f9208938fe297e083e5822ae027 f2b7b0e41a0e79b42b7c9ee9711a9492 2f6f580668741b451bf0f3fcaafa54dd 71ed6dd1cf2635fad7a7fb806be17149 b0521abca3f040680591d76166b57552 f2e6b062afa197f60ea434772926a7ce 2fd126dc777bc39af26f0608b1bb162b 72365be2a589f28e7b80e45be1ce39d9 b0cc3e62388621745090c6ea096b05b5 f332f00a2dc274bd735468882a43bb72 2ff12fea157a550b462e5aba7705d20f 72dc77d9739f96adf0b5ee19016aded9 b0d3c66fd989ea12e6fd6a6d5dd94aab f3929a72c0abea5e31b320413dbc9c05 307327b5c490c6707069d61ce58c970e 7341d1416ddaa1b26b42f318fed63e35 b1a3f6f8068994d588a80b6f5014d508 f3a64145296ad92137dd66adf2399b67 30815c48f9106da400b78acc7b76c793 73df37c6da99fd95f17bc16f475f0a62 b1a742b502fb5f2de02e4dbef2acecd4 f4bfec2d7ad5a4d67e40e83409e2ee1f 3357f6e86ed44b089478863434367aa3 74bad0c8ae412877d7b6b0f26b89c743 b23aeaeb8e744e32ee873ee5ebc0dbdc f5a7da23e5b7d602949cf935dafa9e96 342643c2a9d0238bd57786b1ab0f840d 76c0022b61008d9d81debdcd53a806b7 b2dc3811485266c5ea74cc58863698f7 f5e09e0f9699217e56332af2a857e225 345ee73be042c6bb8981a692d2c21253 76caf0f0ea1638270404e8c73f17a74a b4c3d3001c28cad2e0bb41575019d2f2 f6aaeeaf54a5c415e7f391ed392b055d 34717b30367c2d48783350eaa92034ee 771f09935ff51e9a9d19df4eac3d5ca9 b4f6c63bad9de2ab63e626a547ad9d70 f73fbf4b58880a0af04205d35e85bc6e 34e9db147a388b66cd4d9fd3f8fcc1d7 7725d7dc50d8e48dcaff5cb5d06392c5 b557e6cfa0b1428be262dd09bfb22c4b f8046bda69e4ec68ecd00cbb4930817c 35271bc783bee496173b6d752a708d67 77b171827904bbfbb5b012889406eeeb b5a81d482c0b02114a3f4502cc60cb53 f819c0df0e65f566dcc60d6daffa1fa2 35415e32ed8c6443f5b41d1cc79a76b1 77ec57fc0f5f887e478ba41c44ef2728 b5afa7a5b016795e47ac63169fc02eda f824052c4db119db29df42c8b651860d 364fd7755545d46b6cf5fd0aef8ec77e 782c37debea6762fdcacebcc4eb9e818 b7219ee96c86a164e539e3473a5a3c7c f869859c2bd5598277a2baa9d922745e 36685d2416ec26a5292eebfa4e402272 7837228ae924b204a9aa194afa2fd875 b85ceb0ea1492422e2cf4719a93b45fa f87e4c6fb1438626c460f6696bd71f71 36837990a6517b7626dec18e7644890f 78c6297b5b91c4c0fecdadc721fe539c b882b1ebcafb94abf84398a4df06f701 f8fdd974ef498c6dd27a23794033fae7 376af8a3beb25eead3812c02099bea13 78ed78c03d0e409300fbf83da33d88d0 ba4122d50bd27e7fca6f5f66ca03aba5 f9a59dccc80e674858930541886de9fe 3852f87da5f6c1bc1dfdff086f62a937 79369fc4109548195f02c99695c8369c bb2343243a2c9ab6405c9881e4a2c61f fb4d7bde5b00135d6adb89e7572e81fe 38920e4dfdf3bfc3b6ad4bf3752fe465 7af964c5bbdcf42090e739f2c05602b1 bb94ee02b5974b2b4668eea7f08108f2 fb7c4a60177160bbfe3bd25d70dabdf0 38c3602f2a2b3f70ec715b2766d87c34 7c05425dbd712d3b9d347ac4f8a1e093 bd5d6f85a04457c9ae2e4a20ddc4a151 fb86abbc9a9796614d94474ef72c19d7 38f71668a4176be23a68984c72d5d79d 7c290c1293be108483c9de0b62353953 bd64fa75d4e0e89e343083c9e5c31aa1 fc710f8ed2d8e90c74113170cd014bd7 39a6b926c85bd5dbc86f702454825961 7c5bd456af2ee4b703e04e4acad2d0aa bec0a4af16ed0eb7f51bcf4e1b84eca5 fd27b8e76030ea91120b32bf02c5a5aa 39de878de77a64cf6c6045d27cac8a6f 7ccb241082b7e8176ae30ccf5959cd3c bf1689a87825484deaeb08b9f5dcd451 fd30dd3b5e204ef986998856096b1ad8 39e1c20ffd5771a017cee8e5a369b492 7d1d8339d8b27142bfd4b53cdb648b7c bfaadc9b462345b0047be0c6063d2417 fd5fd8222804092ead097005ffc10e9c 39f25cd0182a062b5f9dcf90c25d44f0 7de9ec00aa5d13d95a8c720cc3bfa850 c0d63e8c43f3dc1f8cce0feba388778d fdeadda9aacce44b90a6547767041735 3a240c067d2f8bac27621db322ded861 7e8302d161272bc1524a85e26bad6c79 c1a9829feccc6298a8f4c641e2115c73 fe4eebb5da4be1139ea4cd7c19b63c1b 3a27e4d503fb0eeda4bb18625ac8ab30 7ef0adb20251ad82d51741ce78fa3235 c2557cf1f22b627751e35f7e0240e31d fe557c6d762ac781d7029f518834f1fa 3bbc0f9d01ddfc2c29265dfd4e7af497 7f15397bdfacec3fa4e2b174c26a39f0 c2f4d0e3eb875ecab1c1940543fe7de2 fee9c9a0842fa23016623bcbad29fc35 3be245ca03a1a74a3817b3db22487c9f 7f9339dbc82783eac467c4e76eee2f6f c41899d1eaa9113aa2934f0a941fd710 ff1ed616bd63e5b6e5677752113b2bd9 3c0e03f707bf8cbecaab263e1dbd60a4 7fb51bd339cb14134c163aa667a80b7b c46354de9b77861b9d2f5f09e1bd2d84

I hope this doc helps you out

Comments (1)

April 28, 2009

Compile Bind 9 on Ubuntu / Debian

Filed under: Server Technology,Unix Administration,Web Hosting — admin @ 1:09 pm

Quick, and dirty:

apt-get install libssl-dev
wget http://ftp.isc.org/isc/bind9/9.6.0-P1/bind-9.6.0-P1.tar.gz
./configure --prefix=/opt/bind9 --with-openssl=yes --sysconfdir=/etc/bind --with-randomdev=/dev/urandom
make && make install

Setup the named.conf, options, loggin, and zones

named.conf

include "/etc/bind/named.logging";

include "/etc/bind/named.options";



        zone "." {
                type hint;
                file "root.cache";
        };



include "/etc/bind/named.master";

include "/etc/bind/named.reverse";

named.logging

logging {
        channel "querylog" {
          file "/var/log/query.log";
          print-time yes;
        };
        channel default_log {
          file "/var/log/named.log";
          print-time yes;
        };
        category queries { querylog; };
        category default { default_log; default_debug; };
        category lame-servers { null; };
};

named.options

acl "toddsmithorg_networks"  { 23.35.27.1/25; };
acl "client_networks" { 192.198.140.0/25; };
options {
        directory "/var/named";
        pid-file "/var/run/named.pid";
        allow-recursion { toddsmithorg_networks; client_networks; };
        version "no thankyou";
        notify no;
        listen-on port 53 {
                127.0.0.1;
                23.35.27.10;
        };
        allow-transfer {
                23.35.27.11;
        };
};

named.master

zone "toddsmith.org" IN {
        type master;
        file "toddsmith.org";
};

Setup your init script

#! /bin/sh

NAMED_ROOT="/opt/bind9"

case "$1" in
    start)
        echo -n "Starting named... "
        $NAMED_ROOT/sbin/named -u named -c /etc/bind/named.conf && echo OK
        ;;
    stop)
        echo -n "Stopping named... "
        kill -15 `cat /var/run/named.pid` && echo OK
        ;;
    restart|reload)
        $0 stop  &&  $0 start
        ;;
    *)
        echo "Usage: $0 {start|stop|restart|reload}"
        exit 1
esac
exit 0

This should get you started

Comments (4)

April 23, 2009

Compile a Linux Kernel on Cent OS

Filed under: Server Technology,Unix Administration,Web Hosting — admin @ 10:22 pm

The CentOS Way

Install the development utils, libs and headers

yum install gcc gcc-c++ kernel-devel ncurses-devel rpm-build

Grab a new kernel

wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.29.1.tar.gz
tar zxvf linux-2.6.29.1
cd !$

Make sure you enable support for at least the hardware in the machine you’re compiling the kernel on (safe bet). You can use the lspci command to figure out what that is

[root@c1024 linux-2.6.29.1]# lspci 
00:00.0 Host bridge: Intel Corporation 82G33/G31/P35/P31 Express DRAM Controller (rev 10)
00:02.0 VGA compatible controller: Intel Corporation 82G33/G31 Express Integrated Graphics Controller (rev 10)
00:1c.0 PCI bridge: Intel Corporation 82801G (ICH7 Family) PCI Express Port 1 (rev 01)
00:1d.0 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #1 (rev 01)
00:1d.1 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #2 (rev 01)
00:1d.2 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #3 (rev 01)
00:1d.3 USB Controller: Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #4 (rev 01)
00:1d.7 USB Controller: Intel Corporation 82801G (ICH7 Family) USB2 EHCI Controller (rev 01)
00:1e.0 PCI bridge: Intel Corporation 82801 PCI Bridge (rev e1)
00:1f.0 ISA bridge: Intel Corporation 82801GB/GR (ICH7 Family) LPC Interface Bridge (rev 01)
00:1f.1 IDE interface: Intel Corporation 82801G (ICH7 Family) IDE Controller (rev 01)
00:1f.2 IDE interface: Intel Corporation 82801GB/GR/GH (ICH7 Family) SATA IDE Controller (rev 01)
00:1f.3 SMBus: Intel Corporation 82801G (ICH7 Family) SMBus Controller (rev 01)
01:00.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8101E PCI Express Fast Ethernet controller (rev 01)
[root@c1024 linux-2.6.29.1]#

Create your kernel config. (If you already have one, just create a new file called .config and put your kernel configuration in it.

make menuconfig

make config

Once you have completed your kernel configuration, you can build the kernel and create an RPM for installation on other hosts. I have a Core2Quad CPU in this system, so I’ll set the number of jobs to 5 -j5

make -j5 rpm

After it has built (without errors) you need to install the kernel from RPM, do a directory listing to see what the name of the file that was built is:

ls /usr/src/redhat/RPMS/`uname -m`
cd !$
rpm -ivh kernel-2.6.29.1.x86_64.rpm

Okay, now create an initial ramdisk for the kernel (initrd)

mkinitrd /boot/initrd-2.6.29.1.img 2.6.29.1

Now edit your /boot/grub/menu.lst to include the new kernel and you’re all set!

Enjoy.

Comments (1)

April 1, 2009

Howto Create your own Certificate Authority (the easy way)

Filed under: Security Technology,Unix Administration,Web Hosting — admin @ 6:54 pm

Create your own Certificate Authority in less than 10 minutes

This allows you to create a Certificate Authority otherwise known as a CA so you can sign your own certificates. This script has two requirements. A *nix machine with /bin/sh, /bin/bash or a compatible shell, and openssl from the OpenSSL project. You can start the timer now…

I’ve written a script to greatly simplify and automate the processes of both creating the Certificate Authority, and creating Certificates. The script has two basic functions:

Create a Certificate Authority
Create keys, certificates, and certificate signing requests, and sign them using the Certificate Authority

Directions for Use

To get this all setup in running, you just need to create a directory, create two files, and execute one of them. Edit the openssl.cnf with your favorite text editor (vim, emacs, nano, pico, ed, joe, whatever), put in your info and then run CAAdmin.sh to get started

From here open a terminal to get started

Create a working directory (copy and paste this block of code into your terminal)

mkdir Certificate_Authority_Admin
cd Certificate_Authority_Admin

Create openssl.cnf (copy and paste this block of code into your terminal)

cat << EoF > openssl.cnf
#
# OpenSSL configuration file.
# 

# Establish working directory.
dir = "CA"

[ ca ]
default_ca = CA_default 

[ CA_default ]
serial = $dir/serial
database = $dir/index.txt
new_certs_dir = $dir/newcerts
certificate = $dir/public/cacert.pem
private_key = $dir/private/cakey.pem
default_days = 730
default_md = md5
preserve = no
email_in_dn = no
nameopt = default_ca
certopt = default_ca
policy = policy_match 

[ policy_match ]
countryName = supplied
stateOrProvinceName = supplied
organizationName = supplied
organizationalUnitName = optional
commonName = supplied
emailAddress = optional

[ req ]
default_bits = 1024 # Size of keys
default_keyfile = key.pem # name of generated keys
default_md = md5 # message digest algorithm
string_mask = nombstr # permitted characters
distinguished_name = req_distinguished_name
req_extensions = v3_req

[ req_distinguished_name ]
# Variable name   Prompt string
#----------------------   ----------------------------------
0.organizationName = Organization Name (company)
organizationalUnitName = Organizational Unit Name (department, division)
emailAddress = Email Address
emailAddress_max = 40
localityName = Locality Name (city, district)
stateOrProvinceName = State or Province Name (full name)
countryName = Country Name (2 letter code)
countryName_min = 2
countryName_max = 2
commonName = Common Name (hostname, IP, or your name)
commonName_max = 64

# Default values for the above, for consistency and less typing.
# Variable name   Value
#------------------------------   ------------------------------
0.organizationName_default = ToddSmith, Org
organizationalUnitName_default = Secure Services
countryName_default = US
localityName_default = Los Angeles
emailAddress_default = ca@toddsmith.org
stateOrProvinceName_default = California
commonName_default = toddsmith.org

[ v3_ca ]
basicConstraints = CA:TRUE
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer:always 

[ v3_req ]
basicConstraints = CA:FALSE
subjectKeyIdentifier = hash
EoF

Create the CAAdmin Script (copy and paste this block of code into your terminal)

cat << EoF > CAAdmin.sh
#!/bin/bash
cadir=CA
conf="openssl.cnf"
cwd=`pwd`

echo -n "Do you want to create a Certificate Authority? [yes or no] : " && read answer
if [ "X$answer" == "Xyes" ] ; then
        mkdir -p CA
        cd CA
        mkdir public crl newcerts private
        echo 01 > serial
        cp /dev/null index.txt
        if [ ! -f ../openssl.cnf ] ; then
                echo "Must setup an openssl.cnf"
                exit 1
        fi
        openssl req -new -x509 -keyout private/cakey.pem -out public/cacert.pem -days 365 -config ../openssl.cnf
        cd $cwd
fi

echo -n "Do you want to create a certificate for an SSL enabled server? [yes or no] : " && read answer
[ $answer == "yes" ] || exit 1

echo -n "What is the name of this cert / key? (certfilename) : " && read certfile
if [ $certfile != "" ] ; then
        unset answer
        openssl req -new -nodes -out req.pem -config $conf && \
        mv key.pem "${certfile}.key.pem" && \
        mv req.pem "${certfile}.req.pem" && \
        openssl req -in "${certfile}.req.pem" -text -verify -noout && \
        echo -n "Does information look correct? [yes or no] : " && read answer
        if [ $answer == "yes" ] ; then
                unset answer
                openssl ca -out "${certfile}.crt.pem" -config "$conf" -infiles "${certfile}.req.pem"
        fi
        echo -n "Do you want to strip the certificate? [yes or no] : " && read answer
        if [ $answer == "yes" ] ; then
                unset answer
                mv "${certfile}.crt.pem" "${certfile}.crt.tmp"
                openssl x509 -in "${certfile}.crt.tmp" -out "${certfile}.crt.pem" && \
                export key_stripped=1 && \
                rm "${certfile}.crt.tmp"
        fi
        if [ $key_stripped == 1 ] ; then
                echo -n "Do you want to create a combined cert/key file? [yes or no] : " && read answer
                if [ $answer == "yes" ] ; then
                        unset answer;
                        cat ${certfile}.crt.pem ${certfile}.key.pem > ${certfile}.crtkey.pem
                fi
        fi
fi
EoF

Edit the openssl.cnf with your favorite editor to customize it for you.

Now I’m gonna run you through the script one time and you can see how simple it is.

tsmith@tejinashi:~/Certificate_Authority_Admin$ ls
CAAdmin.sh      openssl.cnf
tsmith@tejinashi:~/Certificate_Authority_Admin$ sh CAAdmin.sh
Do you want to create a Certificate Authority? [yes or no] : yes
Generating a 1024 bit RSA private key
....................++++++
.++++++
writing new private key to 'private/cakey.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Organization Name (company) [ToddSmith, Org]:
Organizational Unit Name (department, division) [Secure Services]:
Email Address [ca@toddsmith.org]:
Locality Name (city, district) [Los Angeles]:
State or Province Name (full name) [California]:
Country Name (2 letter code) [US]:
Common Name (hostname, IP, or your name) [toddsmith.org]:
Do you want to create a certificate for an SSL enabled server? [yes or no] : yes
What is the name of this cert / key? [certfile] : mail.toddsmith.org
Generating a 1024 bit RSA private key
..............................++++++
............................................++++++
writing new private key to 'key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Organization Name (company) [ToddSmith, Org]:
Organizational Unit Name (department, division) [Secure Services]:
Email Address [ca@toddsmith.org]:
Locality Name (city, district) [Los Angeles]:
State or Province Name (full name) [California]:
Country Name (2 letter code) [US]:
Common Name (hostname, IP, or your name) [toddsmith.org]:mail.toddsmith.org
verify OK
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: O=ToddSmith, Org, OU=Secure Services/emailAddress=ca@toddsmith.org, L=Los Angeles, ST=California, C=US, CN=mail.toddsmith.org
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:d1:be:57:f7:e1:35:5b:01:fb:0d:20:06:23:dc:
                    44:f7:89:0e:f7:f6:71:5f:17:91:58:01:99:2f:75:
                    00:0d:e1:d7:0b:35:c1:90:e8:f9:56:a5:82:7b:a1:
                    97:79:b1:5b:7e:70:fd:cd:e0:95:5d:d1:f4:38:4d:
                    3f:00:fe:8a:a0:9a:66:2a:3c:45:27:e0:b1:98:3d:
                    40:2b:03:3c:5e:95:e1:48:79:a9:03:65:78:19:9b:
                    e9:39:06:6f:d6:ad:6f:12:55:dd:18:45:76:50:fd:
                    40:9a:60:7e:53:fb:67:0d:1b:1e:7f:e6:70:0d:ab:
                    2b:4c:45:5e:0e:df:c9:3f:5d
                Exponent: 65537 (0x10001)
        Attributes:
        Requested Extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Subject Key Identifier:
                56:61:49:B0:F8:DA:58:9E:4A:14:EF:3B:61:D4:74:AF:B6:AF:3A:ED
    Signature Algorithm: md5WithRSAEncryption
        b5:8d:6f:16:87:1f:cb:78:16:03:9f:95:cf:4b:8d:b8:81:c0:
        a9:e4:a0:de:c1:72:b0:3c:c8:2f:26:5e:ff:af:24:de:68:76:
        e9:d0:f3:36:6d:d6:ea:40:27:19:33:91:ec:89:42:7b:ac:18:
        82:59:bf:c3:22:83:77:79:19:a1:05:92:6f:43:be:17:0d:c0:
        e8:f5:f6:a0:fe:1b:05:ab:fd:56:b8:3a:3b:81:d0:e3:c4:60:
        14:db:2f:de:27:a7:da:bc:72:10:e7:de:77:16:18:5e:30:81:
        d2:c6:1e:bf:96:f6:23:42:c2:0a:2e:3e:15:ff:bf:82:be:9d:
        0d:16
Does information look correct? [yes or no] : yes
Using configuration from openssl.cnf
Enter pass phrase for CA/private/cakey.pem:
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
organizationName       RINTABLE:'ToddSmith, Org'
organizationalUnitName:PRINTABLE:'Secure Services'
localityName           RINTABLE:'Los Angeles'
stateOrProvinceName    RINTABLE:'California'
countryName            RINTABLE:'US'
commonName             RINTABLE:'mail.toddsmith.org'
Certificate is to be certified until Apr  2 01:42:45 2011 GMT (730 days)
Sign the certificate? [y/n]:y

1 out of 1 certificate requests certified, commit? [y/n]y
Write out database with 1 new entries
Data Base Updated
Do you want to strip the certificate? [yes or no] : yes
Do you want to create a combined cert/key file? [yes or no] : yes
tsmith@tejinashi:~/Certificate_Authority_Admin$ ls -1
CA
CAAdmin.sh
mail.toddsmith.org.crt.pem
mail.toddsmith.org.crtkey.pem
mail.toddsmith.org.key.pem
mail.toddsmith.org.req.pem
openssl.cnf
tsmith@tejinashi:~/Certificate_Authority_Admin$

There you have it. If you want to create another key, run it again. From this point forward you will probably want to answer “no” when the script asks if you want to create a new Certificate Authority. I have not tested it.

I hope that you found this useful.

Comments (0)

March 29, 2009

Certificate and Key management with OpenSSL

Filed under: Unix Administration,Web Hosting — admin @ 9:29 pm

Generate a Certificate Signing Request (CSR)

If you want to provide secure communications between your webserver and the clients that visit your website, you’re going to need an SSL certificate (SSLCert) signed by a well-known Certificate Authority (CA).

I’m just gonna outline the process of generating one.

Prerequisites:

OpenSSL
Domain Name
Entity information (Name, Address, Etc..)

Steps

Create a CSR in 3 easy steps

Use this command to create your working directory, and change to it so you’ve got everything in one place. You can change my_certs to anything you want.

mkdir my_certs && cd my_certs
Use this command to generate an encrypted private key. If you enter a pass-phrase here, you’ll need to use it any time you start-up your web-server. You should enter a pass-phrase here. We can remove it later. If you lose or forget the pass-phrase, you’re gonna have to do all this over again… And you might have to purchase another certificate from your provider.

openssl genrsa -des3 -out toddsmith.org.key 1024
Next use this command to create a CSR from the RSA private key. You cannot use any special characters (< > ~ ! @ # $ % ^ * / \ ( ) ?.,&). You’ll need the following information:
- Common Name: This is the full name of your website. For example: www.toddsmith.org
- Organization: Your name or the legal name of your company.
- Organization Unit: The department you work in or this server provides service for: For example: IT Services
- City: The City you or your organization is in.
- State: The State you or your organization is in.
- Country: The 2 letter abbreviation of your country
openssl req -new -key toddsmith.org.key -out toddsmith.org.csr

Remove Encryption from Private Key

Use the following steps to remove encryption from the private key for use with dovecot, sendmail or to remove the start-up pass phrase dialog from apache, etc…

Make a backup of the key file

cp toddsmith.org.key toddsmith.org.key.encrypted
Make a backup of the key file

openssl rsa -in toddsmith.org.key.encrypted -out toddsmith.org.key

The -out file toddsmith.org.key is now your unencrypted private key. Lose it, and anyone can use it now.

Use certificate for Microsoft Internet

Now you’ve received your certificate from your provider and you want to use it for Internet

To use the certificate you just created for Internet Explorer, you have to convert it to the PFX format. It’s currently in PEM format.

To create a PFX formatted certificate/key combination. The following command is one line.

openssl pkcs12 -export -out toddsmith.org.pfx -inkey \ toddsmith.org.key -in toddsmith.org.crt

Convert key and certificate to use with Sendmail, Dovecot, or others

To do this, you’ll need the certificate issued from your Certificate Authority, and your unencrypted key file. If your key is still encrypted, use the process above to remove the encryption from the key.

All set? Okay let’s do it.

Run the following command to combine the key and certificate for use with Sendmail, Dovecot, uw-imap, and many others

cat toddsmith.org.key toddsmith.org.crt > toddsmith.org.pem

All done, now you can use it with your favorite MTA, or Email software.

Comments (0)

March 18, 2009

Setup AWStats on Linux with Custom Apache

Filed under: Web Hosting — admin @ 9:45 pm

I need to install awstats. I am too lazy tonight to go and install the package myself, so I’ll just use apt.

Update: This was going to be for Ubuntu, but will work on any Unix include Solaris, HP-UX, FreeBSD, OpenBSD, Slackware, CentOS…… Whatever.

Installation

wget http://superb-east.dl.sourceforge.net/sourceforge/awstats/awstats-6.9.tar.gz
mkdir /opt
tar zxvf awstats-6.9.tar.gz -C /opt
ln -sf /opt/awstats-6.9 /opt/awstats

Now, it’s installed. Time to Configure.

Configuration

cd /opt/awstats
perl tools/awstats_configure.pl

root@function:/opt/awstats# perl tools/awstats_configure.pl

—– AWStats awstats_configure 1.0 (build 1.8) (c) Laurent Destailleur —–
This tool will help you to configure AWStats to analyze statistics for
one web server. You can try to use it to let it do all that is possible
in AWStats setup, however following the step by step manual setup
documentation (docs/index.html) is often a better idea. Above all if:
- You are not an administrator user,
- You want to analyze downloaded log files without web server,
- You want to analyze mail or ftp log files instead of web log files,
- You need to analyze load balanced servers log files,
- You want to ‘understand’ all possible ways to use AWStats…
Read the AWStats documentation (docs/index.html).

—–> Running OS detected: Linux, BSD or Unix
Warning: AWStats standard directory on Linux OS is ‘/usr/local/awstats’.
If you want to use standard directory, you should first move all content
of AWStats distribution from current directory:
/opt/awstats-6.9
to standard directory:
/usr/local/awstats
And then, run configure.pl from this location.
Do you want to continue setup from this NON standard directory [yN] ?
root@function:/opt/awstats# perl tools/awstats_configure.pl

—–> Check for web server install

Enter full config file path of your Web server.
Example: /etc/httpd/httpd.conf
Example: /usr/local/apache2/conf/httpd.conf
Example: c:\Program files\apache group\apache\conf\httpd.conf
Config file path (‘none’ to skip web server setup):
> /opt/apache/conf/httpd.conf

—–> Check and complete web server config file ‘/opt/apache/conf/httpd.conf’
Warning: You Apache config file contains directives to write ‘common’ log files
This means that some features can’t work (os, browsers and keywords detection).
Do you want me to setup Apache to write ‘combined’ log files [y/N] ? y
Add ‘Alias /awstatsclasses “/opt/awstats-6.9/wwwroot/classes/”‘
Add ‘Alias /awstatscss “/opt/awstats-6.9/wwwroot/css/”‘
Add ‘Alias /awstatsicons “/opt/awstats-6.9/wwwroot/icon/”‘
Add ‘ScriptAlias /awstats/ “/opt/awstats-6.9/wwwroot/cgi-bin/”‘
Add ‘<Directory>’ directive
AWStats directives added to Apache config file.

—–> Update model config file ‘/opt/awstats-6.9/wwwroot/cgi-bin/awstats.model.conf’
File awstats.model.conf updated.

—–> Need to create a new config file ?
Do you want me to build a new AWStats config/profile
file (required if first install) [y/N] ? y

—–> Define config file name to create
#
What is the name of your web site or profile analysis ?
Example: www.mysite.com
Example: demo
Your web site, virtual server or profile name:
> www.toddsmith.org

—–> Define config file path
In which directory do you plan to store your config file(s) ?
Default: /etc/awstats
Directory path to store config file(s) (Enter for default):
>

—–> Create config file ‘/etc/awstats/awstats.www.toddsmith.org.conf’
Config file /etc/awstats/awstats.www.toddsmith.org.conf created.

—–> Restart Web server with ‘/etc/init.d/apache restart’
Stopping Apache…OK
Starting Apache…OK

—–> Add update process inside a scheduler
Sorry, configure.pl does not support automatic add to cron yet.
You can do it manually by adding the following command to your cron:
/opt/awstats-6.9/wwwroot/cgi-bin/awstats.pl -update -config=www.toddsmith.org
Or if you have several config files and prefer having only one command:
/opt/awstats-6.9/tools/awstats_updateall.pl now
Press ENTER to continue…

A SIMPLE config file has been created: /etc/awstats/awstats.www.toddsmith.org.conf
You should have a look inside to check and change manually main parameters.
You can then manually update your statistics for ‘www.toddsmith.org’ with command:
> perl awstats.pl -update -config=www.toddsmith.org
You can also read your statistics for ‘www.toddsmith.org’ with URL:
> http://localhost/awstats/awstats.pl?config=www.toddsmith.org

Press ENTER to finish…

root@function:/opt/awstats#

Now I feel like my httpd.conf has just been molested, I’m gonna go fix it. The following was added:

#
# Directives to allow use of AWStats as a CGI
#
Alias /awstatsclasses “/opt/awstats-6.9/wwwroot/classes/”
Alias /awstatscss “/opt/awstats-6.9/wwwroot/css/”
Alias /awstatsicons “/opt/awstats-6.9/wwwroot/icon/”
ScriptAlias /awstats/ “/opt/awstats-6.9/wwwroot/cgi-bin/”

#
# This is to permit URL access to scripts/files in AWStats directory.
#
<Directory “/opt/awstats-6.9/wwwroot”>
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>

I’m gonna change this up a little bit, make it easier to manage, and easier to upgrade at the same time.

cat<<EoF>/opt/apache/conf/awstats.conf

#
# Directives to allow use of AWStats as a CGI
#
Alias /awstatsclasses “/opt/awstats/wwwroot/classes/”
Alias /awstatscss “/opt/awstats/wwwroot/css/”
Alias /awstatsicons “/opt/awstats/wwwroot/icon/”
ScriptAlias /awstats/ “/opt/awstats/wwwroot/cgi-bin/”

#
# This is to permit URL access to scripts/files in AWStats directory.
#
<Directory “/opt/awstats/wwwroot”>
Options SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo
Order deny,allow
Allow from all
AuthName “AWStats”
AuthType Basic
AuthUserFile /vhosts/auth/webadmin.pwd
require valid-user
</Directory>

EoF

So I made myself a custom configuration file, and a complementary script. This works well for me because I keep all my virtual hosts in /vhosts and their logs under log/xfer_log.

Awstats Configuration File

LogFile=”/vhosts/REPLACE_ME/log/xfer_log”
LogType=W
LogFormat=1
LogSeparator=” ”
SiteDomain=”REPLACE_ME”
HostAliases=”REPLACE_ME www.REPLACE_ME 127.0.0.1 localhost”
DNSLookup=2
DirData=”/vhosts/REPLACE_ME/htdocs/stats”
DirCgi=”/awstats”
DirIcons=”/awstatsicons”
AllowToUpdateStatsFromBrowser=0
AllowFullYearView=3
EnableLockForUpdate=0
DNSStaticCacheFile=”dnscache.txt”
DNSLastUpdateCacheFile=”dnscachelastupdate.txt”
SkipDNSLookupFor=”"
AllowAccessFromWebToAuthenticatedUsersOnly=1
AllowAccessFromWebToFollowingAuthenticatedUsers=”webadmin awstats”
AllowAccessFromWebToFollowingIPAddresses=”"
CreateDirDataIfNotExists=0
BuildHistoryFormat=text
BuildReportFormat=html
SaveDatabaseFilesWithPermissionsForEveryone=0
PurgeLogFile=0
ArchiveLogRecords=0
KeepBackupOfHistoricFiles=0
DefaultFile=”index.html”
SkipHosts=”"
SkipUserAgents=”"
SkipFiles=”"
SkipReferrersBlackList=”"
OnlyHosts=”"
OnlyUserAgents=”"
OnlyUsers=”"
OnlyFiles=”"
NotPageList=”css js class gif jpg jpeg png bmp ico rss xml swf”
ValidHTTPCodes=”200 304″
ValidSMTPCodes=”1 250″
AuthenticatedUsersNotCaseSensitive=0
URLNotCaseSensitive=0
URLWithAnchor=0
URLQuerySeparators=”?;”
URLWithQuery=0
URLWithQueryWithOnlyFollowingParameters=”"
URLWithQueryWithoutFollowingParameters=”"
URLReferrerWithQuery=0
WarningMessages=1
ErrorMessages=”"
DebugMessages=0
NbOfLinesForCorruptedLog=50
WrapperScript=”"
DecodeUA=0
MiscTrackerUrl=”/js/awstats_misc_tracker.js”
LevelForBrowsersDetection=2 # 0 disables Browsers detection.
# 2 reduces AWStats speed by 2%
# allphones reduces AWStats speed by 5%
LevelForOSDetection=2 # 0 disables OS detection.
# 2 reduces AWStats speed by 3%
LevelForRefererAnalyze=2 # 0 disables Origin detection.
# 2 reduces AWStats speed by 14%
LevelForRobotsDetection=2 # 0 disables Robots detection.
# 2 reduces AWStats speed by 2.5%
LevelForSearchEnginesDetection=2 # 0 disables Search engines detection.
# 2 reduces AWStats speed by 9%
LevelForKeywordsDetection=2 # 0 disables Keyphrases/Keywords detection.
# 2 reduces AWStats speed by 1%
LevelForFileTypesDetection=2 # 0 disables File types detection.
# 2 reduces AWStats speed by 1%
LevelForWormsDetection=0 # 0 disables Worms detection.
# 2 reduces AWStats speed by 15%
UseFramesWhenCGI=1
DetailedReportsOnNewWindows=1
Expires=0
MaxRowsInHTMLOutput=1000
Lang=”auto”
DirLang=”./lang”
ShowMenu=1
ShowSummary=UVPHB
ShowMonthStats=UVPHB
ShowDaysOfMonthStats=VPHB
ShowDaysOfWeekStats=PHB
ShowHoursStats=PHB
ShowDomainsStats=PHB
ShowHostsStats=PHBL
ShowAuthenticatedUsers=0
ShowRobotsStats=HBL
ShowWormsStats=0
ShowEMailSenders=0
ShowEMailReceivers=0
ShowSessionsStats=1
ShowPagesStats=PBEX
ShowFileTypesStats=HB
ShowFileSizesStats=0
ShowOSStats=1
ShowBrowsersStats=1
ShowScreenSizeStats=0
ShowOriginStats=PH
ShowKeyphrasesStats=1
ShowKeywordsStats=1
ShowMiscStats=a
ShowHTTPErrorsStats=1
ShowSMTPErrorsStats=0
ShowClusterStats=0
AddDataArrayMonthStats=1
AddDataArrayShowDaysOfMonthStats=1
AddDataArrayShowDaysOfWeekStats=1
AddDataArrayShowHoursStats=1
IncludeInternalLinksInOriginSection=0
MaxNbOfDomain = 10
MinHitDomain = 1
MaxNbOfHostsShown = 10
MinHitHost = 1
MaxNbOfLoginShown = 10
MinHitLogin = 1
MaxNbOfRobotShown = 10
MinHitRobot = 1
MaxNbOfPageShown = 10
MinHitFile = 1
MaxNbOfOsShown = 10
MinHitOs = 1
MaxNbOfBrowsersShown = 10
MinHitBrowser = 1
MaxNbOfScreenSizesShown = 5
MinHitScreenSize = 1
MaxNbOfWindowSizesShown = 5
MinHitWindowSize = 1
MaxNbOfRefererShown = 10
MinHitRefer = 1
MaxNbOfKeyphrasesShown = 10
MinHitKeyphrase = 1
MaxNbOfKeywordsShown = 10
MinHitKeyword = 1
MaxNbOfEMailsShown = 20
MinHitEMail = 1
FirstDayOfWeek=1
ShowFlagLinks=”"
ShowLinksOnUrl=1
UseHTTPSLinkForUrl=”"
MaxLengthOfShownURL=64
HTMLHeadSection=”"
HTMLEndSection=”"
Logo=”awstats_logo6.png”
LogoLink=”http://awstats.sourceforge.net”
BarWidth = 260
BarHeight = 90
StyleSheet=”"
color_Background=”FFFFFF” # Background color for main page (Default = “FFFFFF”)
color_TableBGTitle=”CCCCDD” # Background color for table title (Default = “CCCCDD”)
color_TableTitle=”000000″ # Table title font color (Default = “000000″)
color_TableBG=”CCCCDD” # Background color for table (Default = “CCCCDD”)
color_TableRowTitle=”FFFFFF” # Table row title font color (Default = “FFFFFF”)
color_TableBGRowTitle=”ECECEC” # Background color for row title (Default = “ECECEC”)
color_TableBorder=”ECECEC” # Table border color (Default = “ECECEC”)
color_text=”000000″ # Color of text (Default = “000000″)
color_textpercent=”606060″ # Color of text for percent values (Default = “606060″)
color_titletext=”000000″ # Color of text title within colored Title Rows (Default = “000000″)
color_weekend=”EAEAEA” # Color for week-end days (Default = “EAEAEA”)
color_link=”0011BB” # Color of HTML links (Default = “0011BB”)
color_hover=”605040″ # Color of HTML on-mouseover links (Default = “605040″)
color_u=”FFAA66″ # Background color for number of unique visitors (Default = “FFAA66″)
color_v=”F4F090″ # Background color for number of visites (Default = “F4F090″)
color_p=”4477DD” # Background color for number of pages (Default = “4477DD”)
color_h=”66DDEE” # Background color for number of hits (Default = “66DDEE”)
color_k=”2EA495″ # Background color for number of bytes (Default = “2EA495″)
color_s=”8888DD” # Background color for number of search (Default = “8888DD”)
color_e=”CEC2E8″ # Background color for number of entry pages (Default = “CEC2E8″)
color_x=”C1B2E2″ # Background color for number of exit pages (Default = “C1B2E2″)
ExtraTrackedRowsLimit=500

Update Script

#!/bin/bash
cd /etc/awstats
webserver_user=daemon

for each in `ls -1 –color=none /vhosts` ; do
if [ X"$1" = "Xclean" ] ; then
rm -rf /vhosts/$each/htdocs/stats
fi
if [ ! -d /vhosts/$each/htdocs/stats ] ; then
mkdir /vhosts/$each/htdocs/stats
fi
chown -R $webserver_user /vhosts/$each/htdocs/stats
cat awstats.REPLACE_ME.conf | sed s,REPLACE_ME,$each,g > awstats.$each.conf
su $webserver_user -c “/opt/awstats/wwwroot/cgi-bin/awstats.pl -update -config=$each”
done

touch update_awstats.lastrun

Comments (0)