Author Topic: install vhcs2.4.8 on debian  (Read 32606 times)

golfreeze

  • Administrator
  • Hero Member
  • *****
  • Posts: 2145
    • View Profile
    • นั่งสมาธิ สติปัฏฐานสี่ พาเที่ยววัด แนะนำวัด แจกcd ธรรมะฟรี
    • Email
install vhcs2.4.8 on debian
« on: มิถุนายน 27, 2011, 05:02:38 PM »
How to Install Hosting Control Panel - VHCS2
============================================

1. install Debian Lenny (Debian 5.0)

   1.1) sudo nano /etc/network/interfaces

   auto eth0
   iface eth0 inet static
   address 192.168.1.x
   netmask 255.255.255.0
   gateway 192.168.1.1
        network 192.168.1.0
        broadcast 192.168.1.255

   sudo /etc/init.d/networking restart

  
   1.2) install ssh
  
        apt-get install ssh openssh-server


   1.3) via ssh

        a) ssh setting
           ===========
  
      protocol ssh2
      hostname 192.168.1.101
      port 22
      username XXX
      authentication password
      password XXXXXXserver01
      

    1.4) nano /etc/hosts

         127.0.0.1       localhost.localdomain localhost
      192.168.1.101   server01.99webhosting.com     server01


        /etc/init.d/hostname.sh start  
  
        test:   hostname
            hostname –f


     1.5) nano /etc/resolv.conf

   domain 99webhosting.com
   search 99webhosting.com
   nameserver 192.168.1.101
   nameserver 192.168.1.102
   nameserver 207.69.188.185
   nameserver 207.69.188.186
   nameserver 207.69.188.187


     1.6) change the default Shell:
  
          rm -f /bin/sh
          ln -s /bin/bash /bin/sh


     1.7) update and install

         aptitude update
         aptitude upgrade
         aptitude install tar bzip2 wget lsb-release


2. install some packages

   2.1) cd tmp

   2.2) nano debian5-packages.txt

   apache2
   apache2.2-common
   apache2-mpm-prefork
   bind9
   bzip2
   courier-authdaemon
   courier-base
   courier-imap
   courier-maildrop
   courier-pop
   diff
   dnsutils
   gcc
   gzip
   iptables
   libapache2-mod-php5
   libberkeleydb-perl
   libc6-dev
   libcrypt-blowfish-perl
   libcrypt-cbc-perl
   libcrypt-passwdmd5-perl
   libdate-calc-perl
   libdate-manip-perl
   libdbd-mysql-perl
   libdbi-perl
   libio-stringy-perl
   libmail-sendmail-perl
   libmailtools-perl
   libmcrypt4
   libmd5-perl
   libmime-perl
   libnet-dns-perl
   libnet-netmask-perl
   libnet-perl
   libnet-smtp-server-perl
   libperl5.10
   libsasl2-2
   libsasl2-modules
   libsnmp-session-perl
   libterm-readkey-perl
   libterm-readpassword-perl
   libtimedate-perl
   make
   mysql-client
   mysql-common
   mysql-server
   original-awk
   patch
   perl
   perl-base
   perl-modules
   php5
   php5-gd
   php5-mcrypt
   php5-mysql
   php-pear
   postfix
   postfix-tls
   procmail
   proftpd
   sasl2-bin
   ssh
   tar
   wget






   2.3) aptitude install $(cat ./debian5-packages.txt)


   2.3) answer questions, and edit /etc/default/saslauthd

   1) New Password for MYSQL "root" user:
        2) General type of mail configuration: --> Internet Site
        3) System mail name:
        4) ProFTPd configuration: standalone
      

3. Shutdown unwanted services from inetd

       update-inetd --remove daytime
       update-inetd --remove telnet
       update-inetd --remove time
       update-inetd --remove finger
       update-inetd --remove talk
       update-inetd --remove ntalk
       update-inetd --remove ftp
       update-inetd --remove discard  


4. some config and test

   4.1) sasl

        nano /etc/default/saslauthd

        START=yes


   4.2) postfix

        a) nano /etc/postfix/main.cf

           myhostname = mail.99webhosting.com
           mydestination = 99webhosting.com, server01.99webhosting.com, localhost.99webhosting.com, localhost

        b) nano /etc/mailname
    
           99webhosting.com
 
        c) test:  1) telnet localhost 25  

                     ehlo localhost
                                      
                  2) send mail:   date | mail -s “testing” rXXX7777777@gmail.com   //note: apt-get install mailutils
                            
                  3) monitoring:  tail -f /var/log/mail.log


    4.3) Courier-IMAP / POP3


         test: telnet localhost imap / pop3  
  


    4.4) Anti-Spam / virus


   4.4.1) installation

      sudo apt-get install amavisd-new spamassassin clamav-daemon
      sudo apt-get install dkim-filter python-policyd-spf
      sudo apt-get install pyzor razor
      sudo apt-get install arj cabextract cpio nomarch pax unzip zip zoo

        or:

        apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax
    




   4.4.2) configuration

            a) ClamAV

                 add clamav user to the amavis group in order for
                 Amavisd-new to have the appropriate access to scan files
                 (sudo nano /etc/clamav)  

                 sudo adduser clamav amavis

    
            b) Spamassassin
 
                 sudo nano /etc/default/spamassassin

                 ENABLED=1   #activate the Spamassassin daemon

      
                 then start it: sudo /etc/init.d/spamassassin start


           c) Amavisd-new
            
                 1) activate spam and antivirus detection in Amavisd-new

         sudo nano /etc/amavis/conf.d/15-content_filter_mode
 

                @bypass_virus_checks_maps = (
                       \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


                @bypass_spam_checks_maps = (
                      \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

      
       2*) Bouncing spam is the default, you may discard it as bellow

                sudo nano /etc/amavis/conf.d/20-debian_defaults    

                $final_spam_destiny       = D_DISCARD;

          
             3) nano /etc/amavis/conf.d/05-node_id

                       $myhostname = "mail.99webhosting.com";

                 4)  nano /etc/amavis/conf.d/50-user  

                     $pax='pax';


          
             5)       /etc/init.d/amavis restart
                          /etc/init.d/clamav-daemon restart
                          /etc/init.d/clamav-freshclam restart

          

             d) DKIM Whitelist

          (once a domain has been added to the Whitelist, the message will not
               receive any anti-virus or spam filtering.)


                 nano /etc/amavis/conf.d/40-policy_banks
      
                       
                (Now restart Postfix: sudo /etc/init.d/postfix restart)


   4.4.3) test

         a) Amavisd-new SMTP is listening    (directly in Ubuntu system)
      
               telnet localhost 10024
               Trying 127.0.0.1...
               Connected to localhost.
               Escape character is '^]'.
               220 [127.0.0.1] ESMTP amavisd-new service ready
               ^]
      


    4.5) apache2

         http://192.168.1.101



    4.6) sql

         4.6.1) create database and user
                        
              # mysql -u root -p
 
           create database 99webhosting;
           use 99webhosting

           grant all privileges on *.* to 'XXX'@'localhost' identified by 'XXXXXXmysql' with grant option;
           \q

         4.6.2) install

            apt-get install mysql-server mysql-client libmysqlclient15-dev
                apt-get install phpmyadmin
    
       
         4.6.3) test: http://192.168.1.101/phpmyadmin/


     4.7) BIND9

          test:

          1) /etc/init.d/bind9 restart
          2) to add the ip of the DNS server (the localhost) to your /etc/resolv.conf to use it:

               nano /etc/resolv.conf

                 nameserver 127.0.0.1

          3) ping www.google.com
 

      4.8) FTP


           test:  /etc/init.d/proftpd restart

                  telnet localhost ftp



5. mount the external disk

   5.1)  to make hard disk ready


         1) check partition

            fdisk -l
 
         2) make partition type (Linux), for ext2 and ext3:

            fdisk /dev/sdb


         3) make file system (format)
          
            mke2fs /dev/sdb1

            
            (Ext3 requires one more step:)

            tune2fs -j /dev/sdb1               (creates the ext3 journal)


         4)  change the frequency of forced file system checking (wouldn't do this routine checking)

             tune2fs -c 0 /dev/sdb1
             tune2fs -i 0 /dev/sdb1


    5.2) mkdir /media/disk500GB

         chmod -R 777 /media/disk500GB
    

    5.3) mount -t ext3 /dev/sdb1 /media/disk500GB

         or:

         1) nano /etc/fstab

            /dev/sdb1    /media/disk500GB   ext3    defaults        0       0


         2) reboot or mount -a
        

    
     5.4) check: mount


     5.5) fix

          1) nano /usr/share/initramfs-tools/init
  
             maybe_break mount
           sleep 10
             log_begin_msg "Mounting root file system..."


          2) /usr/sbin/update-initramfs -uk all





golfreeze

  • Administrator
  • Hero Member
  • *****
  • Posts: 2145
    • View Profile
    • นั่งสมาธิ สติปัฏฐานสี่ พาเที่ยววัด แนะนำวัด แจกcd ธรรมะฟรี
    • Email
Re: install vhcs2.4.8 on debian
« Reply #1 on: มิถุนายน 27, 2011, 05:03:02 PM »
6. install Journaled Quota

    6.1) aptitude install quota

    6.2) nano /etc/fstab

         (add "usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0" to the partition
          where you want to use quota, mine the / partition):

     /dev/mapper/server01-root /   ext4    errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0    0    1

     
    6.3) To enable quota, run these commands:

   touch /aquota.user /aquota.group
   chmod 600 /aquota.*
   mount -o remount /
   quotacheck -avugm
   quotaon -avug

        (ignore the warning msg, which occurs only first run)


          how to turning Off Quotas:
          --------------------------
          quotaoff -v /
          -----------


7. install Webalizer


     7.1) apt-get install webalizer


     7.2) Synchronize the System Clock

          apt-get install ntp ntpdate


     7.3) configure

          nano /etc/webalizer/webalizer.conf
   
          LogFile /var/log/apache2/access.log


     7.4) restart:

          /etc/init.d/apache2 restart
 

     7.5)  Running Webalizer manually first time

           /usr/bin/webalizer


     7.6)  test:

           http://192.168.1.101/webalizer



   

8. install VHCS2
   =============

    8.1) download

         cd tmp

         wget http://downloads.sourceforge.net/project/vhcs/VHCS%202.4/VHCS%202.4.8/vhcs-2.4.8.tar.bz2?use_mirror=iweb
   
         tar xjvf vhcs-2.4.8.tar.bz2
   
         cd vhcs-2.4.8
 

    8.2)* Configuration File


   1) nano /tmp/vhcs-2.4.8/configs/vhcs2.conf

           DEFAULT_ADMIN_ADDRES = admin@99webhosting.com
         SERVER_HOSTNAME = server01
         BASE_SERVER_IP = 192.168.1.101
         DATABASE_TYPE = mysql
         DATABASE_HOST = localhost
         DATABASE_NAME = 99webhosting
         DATABASE_PASSWORD = XXXXXXmysql
         DATABASE_USER = XXX

           DATE_FORMAT = m.d.Y

   


     8.3) make install


     8.4) cp -R /tmp/vhcs-2.4.8/* /


     8.5) to run the setup for vhcs:
 
   
        /var/www/vhcs2/engine/setup/vhcs2-setup


      Please to enter system hostname (for Enter defaults) [debian]: server01
      Please to enter system network address (for Enter defaults) [10.0.0.69 ]: 192.168.1. 101
      Please to enter SQL server host (for Enter defaults) [localhost]:
      Please to enter system SQL database (for Enter defaults) [vhcs2]: 99webhosting
      Please to enter system SQL to user (for Enter defaults) [root]: XXX
      Please to enter system SQL password (for Enter defaults) [none]: XXXXXXmysql
      Please repeat system SQL password: password
      Please to enter VHCS FTP SQL to user (for Enter defaults) [vftp]: ftp_XXX
      Please to enter VHCS FTP SQL to user password (for Enter defaults) [none]: XXXXXXftp
      Please repeat VHCS FTP SQL to user password: XXXXXXxxx
      Please to enter administrator login name (for Enter defaults) [admin]:XXX
      Please to enter administrator password: XXXXXXhost
      Administrator Please repeat password: XXXXXXhost
      Please to enter administrator email address: admin@99webhosting.com


    8.6) test: http://192.168.1.101/vhcs2


    8.7) fix

         1) FTP issue
            =========

          a) nano /etc/proftpd/proftpd.conf

         include /etc/proftpd/modules.conf
         DisplayfirstChdir  ->  DisplayChdir

       (in addition:)
   
             ServerIdent       on "FTP Server Ready"
              UseIPv6       off


          b) nano /etc/proftpd/modules.conf

            LoadModule mod_sql.c
           LoadModule mod_sql_mysql.c


               c) /etc/init.d/proftpd restart


          d) test: telnet localhost ftp


   
         2) smart host
            ==========

             a) nano /etc/postfix/main.cf
     
                  #
        # enable smart host
        #
               relayhost = [smtpauth.earthlink.net]
                smtp_sasl_auth_enable = yes
                  smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
                  smtp_sasl_security_options =
 
         
              b) Create the password maps file

                  nano /etc/postfix/sasl_password

                  smtpauth.earthlink.net shaojunXXX@earthlink.net:password

   
                 c) Set proper permissions for the password maps file      
 

             chown root:root /etc/postfix/sasl_password
           chmod 600 /etc/postfix/sasl_password 

         
                 d) Create hash from maps file

         
                  sudo postmap hash:/etc/postfix/sasl_password


                  (in addition:)

                  content_filter = amavis:[127.0.0.1]:10024
           

             e) /etc/init.d/postfix restart

             f) test:

                       1) saslfinger -c
             
                       2) telnet localhost 25 

                          ehlo localhost
     
                         (If you see the lines 250-STARTTLS and 250-AUTH everything is fine.)
                 
                       3) send mail:
                             apt-get install mailutils
                             date | mail -s “testing” rXXX7777777@gmail.com
 
                       4) monitoring: tail -f /var/log/mail.log


             3) error (Notice: Undefined index: /dev/shm in /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php on line 525)
                =====

                   nano /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php

                   replace the fuction filesystem () with below:
         
                    http://www.icc-computer.com/HowTo/WebHostingHowTo/function%20filesystems.txt


              4) language
                 ========



              5) error () 
                       
                        apt-get install PHP5 (http://www.debianhelp.co.uk/php5.htm)     
                        apt-get install libapache2-mod-php5 libapache2-mod-perl2 php5 php5-cli php5-common php5-curl php5-dev php5-domxml php5-gd php5-imap php5-ldap php5-mcal php5-mhash php5-mysql php5-odbc php5-pear php5-xslt 
                        apt-get install php5-imap   
               
       
              6) email sent from localhost bounced

                     a) nano /etc/postfix/main.cf
                           
            myorigin = /etc/mailname
            myhostname = mail.99webhosting.com

         b) nano /etc/hosts

                  127.0.0.1    99webhosting.com   localhost.localdomain   localhost
               192.168.1.101   server01.99webhosting.com     server01





9. additional installation

   9.1) 











///////////////////////////////////////////////////////////////////////////////////////////////////////
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
////////////////////////////////////////////////////////////////////////////////////////////////////////
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

how to install VHCS2
====================

1. install Ubuntu / Debian

   select the options (LAMP, DNS,MySQL,...) except mail


1.1) sudo nano /etc/network/interfaces

   auto eth0
   iface eth0 inet static
   address 192.168.1.x
   netmask 255.255.255.0
   gateway 192.168.1.1
        network 192.168.1.0
        broadcast 192.168.1.255

   sudo /etc/init.d/networking restart



1.2) ssh

        apt-get install ssh openssh-server


1.3) nano /etc/hosts

         127.0.0.1       localhost.localdomain localhost
      192.168.1.101   server01.99webhosting.com     server01


     /etc/init.d/hostname.sh start   
 
     test:

      hostname
      hostname –f


1.4) sudo nano /etc/resolv.conf


   domain 99webhosting.com
   search 99webhosting.com
   nameserver 192.168.1.101
   nameserver 192.168.1.102
   nameserver 207.69.188.185
   nameserver 207.69.188.186
   nameserver 207.69.188.187


1.5) update and install

     aptitude update
     aptitude upgrade
     aptitude install tar bzip2 wget lsb-release


2*. change the default Shell:
 
   rm -f /bin/sh
   ln -s /bin/bash /bin/sh



3. install some packages

   3.1) cd tmp

   3.2) nano debian5-packages.txt

   apache2
   apache2.2-common
   apache2-mpm-prefork
   bind9
   bzip2
   courier-authdaemon
   courier-base
   courier-imap
   courier-maildrop
   courier-pop
   diff
   dnsutils
   gcc
   gzip
   iptables
   libapache2-mod-php5
   libberkeleydb-perl
   libc6-dev
   libcrypt-blowfish-perl
   libcrypt-cbc-perl
   libcrypt-passwdmd5-perl
   libdate-calc-perl
   libdate-manip-perl
   libdbd-mysql-perl
   libdbi-perl
   libio-stringy-perl
   libmail-sendmail-perl
   libmailtools-perl
   libmcrypt4
   libmd5-perl
   libmime-perl
   libnet-dns-perl
   libnet-netmask-perl
   libnet-perl
   libnet-smtp-server-perl
   libperl5.10
   libsasl2-2
   libsasl2-modules
   libsnmp-session-perl
   libterm-readkey-perl
   libterm-readpassword-perl
   libtimedate-perl
   make
   mysql-client
   mysql-common
   mysql-server
   original-awk
   patch
   perl
   perl-base
   perl-modules
   php5
   php5-gd
   php5-mcrypt
   php5-mysql
   php-pear
   postfix
   postfix-tls
   procmail
   proftpd
   sasl2-bin
   ssh
   tar
   wget

   3.3) aptitude install $(cat ./debian5-packages.txt)





4*. install proftpd


   4.1) apt-get install proftpd

         (answer: standalone)


   4.2) For security reasons you can add the following lines to /etc/proftpd.conf

   nano /etc/proftpd/proftpd.conf

        DefaultRoot ~
   IdentLookups off
   ServerIdent on "FTP Server ready."


   4.4) /etc/init.d/proftpd restart

   4.3) test: telnet localhost ftp

       

5*. now run:

   apt-get update
   apt-get upgrade










golfreeze

  • Administrator
  • Hero Member
  • *****
  • Posts: 2145
    • View Profile
    • นั่งสมาธิ สติปัฏฐานสี่ พาเที่ยววัด แนะนำวัด แจกcd ธรรมะฟรี
    • Email
Re: install vhcs2.4.8 on debian
« Reply #2 on: มิถุนายน 27, 2011, 05:03:18 PM »
6*. install some more packages (you might not need all of these but I found the server ran better for me with the following installed:)

   apt-get install binutils cpp cpp-4.0 fetchmail flex gcc gcc-4.0 libarchive-zip-perl libc6-dev libcompress-zlib-perl libdb4.3-dev libpcre3 libpopt-dev libnet-dns-perl libdb-file-lock-perl libhtml-parser-perl linux-kernel-headers lynx m4 make ncftp nmap openssl perl perl-modules unzip zip zlib1g-dev automake1.9 libtool bison g++ wget bzip2 libgd1 gawk libterm-readpassword-Perl patch libmcrypt4 iptables gzip diff bind9 libtimedate-Perl libterm-readkey-Perl libsnmp-session-Perl libperl5.8 libnet-smtp-server-Perl libnet-Perl libnet-netmask-Perl libmime-Perl libmd5-Perl libmailtools-Perl libmail-sendmail-Perl libio-stringy-perl libdbi-Perl libdbd-mysql-Perl libdate-manip-Perl libdate-calc-Perl libcrypt-passwdmd5-Perl libcrypt-cbc-Perl libcrypt-blowfish-Perl libberkeleydb-perl courier-maildrop proftpd-mysql

   or:

   apt-get install binutils fetchmail flex libarchive-zip-perl libc6-dev libcompress-zlib-perl libpopt-dev libnet-dns-perl libdb-file-lock-perl lynx m4 ncftp nmap unzip zip zlib1g-dev automake1.9 libtool bison g++ gawk libterm-readpassword-Perl libmcrypt4 bind9 libtimedate-Perl libsnmp-session-Perl libnet-smtp-server-Perl libnet-Perl libnet-netmask-Perl libmime-Perl libmd5-Perl libmail-sendmail-Perl libio-stringy-perl libdbi-Perl libdbd-mysql-Perl libdate-manip-Perl libdate-calc-Perl libcrypt-passwdmd5-Perl libcrypt-cbc-Perl libcrypt-blowfish-Perl libberkeleydb-perl courier-maildrop

   (These should be the default answer, change if you feel it is needed:

   1. No
   2. system mail name: 99webhosting.com
            )      



-------------
7. mount the external disk

   7.0)  to make hard disk ready


         1) check partition

            fdisk -l
 
         2) make partition type (Linux), for ext2 and ext3:

            fdisk /dev/sdb


         3) make file system (format)
         
            mke2fs /dev/sdb1

           
            (Ext3 requires one more step:)

            tune2fs -j /dev/sdb1               (creates the ext3 journal)


         4)  change the frequency of forced file system checking (wouldn't do this routine checking)

             tune2fs -c 0 /dev/sdb1
             tune2fs -i 0 /dev/sdb1


    7.1) mkdir /media/disk500GB

         chmod -R 777 /media/disk500GB
   

    7.2) mount -t ext3 /dev/sdb1 /media/disk500GB

         or:

         1) nano /etc/fstab

            /dev/sdb1    /media/disk500GB   ext3    defaults        0       0


         2) reboot or mount -a
         

   
     7.4) check: mount
 
   
-------------


8. install Journaled Quota

    8.1) aptitude install quota

    8.2) nano /etc/fstab

         (add "usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0" to the partition
          where you want to use quota, mine the / partition):

     /dev/mapper/server01-root /   ext4    errors=remount-ro,usrjquota=aquota.user,grpjquota=aquota.group,jqfmt=vfsv0    0    1

     
    8.3) To enable quota, run these commands:

   touch /aquota.user /aquota.group
   chmod 600 /aquota.*
   mount -o remount /
   quotacheck -avugm
   quotaon -avug

        (ignore the warning msg, which occurs only first run)


          how to turning Off Quotas:
          --------------------------
          quotaoff -v /
          -----------




9. Postfix With SMTP-AUTH, TLS AND smart host


   9.1) apt-get install postfix sasl2-bin procmail

     

   9.2) configure

   dpkg-reconfigure postfix

 
   (These should be the default answer, change if you feel it is needed:

   1. Internet site
   2. system mail name: 99webhosting.com
        3. XXX@99webhosting.com
   4. 99webhosting.com, server01.99webhosting.com, mail.99webhosting.com, localhost.99webhosting.com, localhost
   5. No
   6. 127.0.0.0/8
   7. Yes
   8. 0
   9. +
   10. all

        )      




   9.3)  enable sasl (/etc/postfix/main.cf)

   postconf -e 'smtpd_sasl_local_domain ='
   postconf -e 'smtpd_sasl_auth_enable = yes'
   postconf -e 'smtpd_sasl_security_options = noanonymous'
   postconf -e 'broken_sasl_auth_clients = yes'
   postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
   postconf -e 'inet_interfaces = all'
   echo 'pwcheck_method: saslauthd' >> /etc/postfix/sasl/smtpd.conf
   echo 'mech_list: plain login' >> /etc/postfix/sasl/smtpd.conf


  9.4) enable TLS (/etc/postfix/main.cf)

       
        a) create the certificates for TLS:

   mkdir /etc/postfix/ssl
   cd /etc/postfix/ssl/
   openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024
   chmod 600 smtpd.key
   openssl req -new -key smtpd.key -out smtpd.csr
   openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt
   openssl rsa -in smtpd.key -out smtpd.key.unencrypted
   mv -f smtpd.key.unencrypted smtpd.key
   openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650


        b) configure Postfix for TLS:

               
   postconf -e 'smtpd_tls_auth_only = no'
   postconf -e 'smtp_use_tls = yes'
   postconf -e 'smtpd_use_tls = yes'
   postconf -e 'smtp_tls_note_starttls_offer = yes'
   postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
   postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
   postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
   postconf -e 'smtpd_tls_loglevel = 1'
   postconf -e 'smtpd_tls_received_header = yes'
   postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
   postconf -e 'tls_random_source = dev:/dev/urandom'
   postconf -e 'myhostname = mail.99webhosting.com'


       
     9.5) enable smart host


          a) sudo nano /etc/postfix/main.cf
     

               relayhost = [smtpauth.earthlink.net]
                smtp_sasl_auth_enable = yes
                  smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
                  smtp_sasl_security_options =
 
         
           b) Create the password maps file

                  sudo nano /etc/postfix/sasl_password

                  smtpauth.earthlink.net shaojunXXX@earthlink.net:password

   
            c) Set proper permissions for the password maps file      
 

             sudo chown root:root /etc/postfix/sasl_password
           sudo chmod 600 /etc/postfix/sasl_password 

         
            d) Create hash from maps file

         
                   sudo postmap hash:/etc/postfix/sasl_password



           

   9.6)  sudo /etc/init.d/postfix restart

   9.7)  test

              a) saslfinger -c
             
              b) telnet localhost 25 

                 ehlo localhost

                 (If you see the lines 250-STARTTLS and 250-AUTH everything is fine.)
                 
              c) send mail:
                             apt-get install mailutils
                             date | mail -s “testing” rXXX7777777@gmail.com
 
              d) monitoring: tail -f /var/log/mail.log


        9.8) trouble-shooting "fatal: no SASL authentication mechanisms"

             apt-get install libsasl2-modules
10. Courier-IMAP/Courier-POP3

 
   10.1)  install Courier-IMAP/Courier-IMAP-SSL (for IMAPs on port 993) and Courier-POP3/Courier-POP3-SSL (for POP3s on port 995):


               apt-get install courier-authdaemon courier-base courier-imap courier-imap-ssl courier-pop courier-pop-ssl courier-ssl gamin libgamin0 libglib2.0-0


               (questions:
      SSL certificate required <-- OK
                )



   10.2)  configure Postfix to deliver emails to a user's Maildir:

                  postconf -e 'home_mailbox = Maildir/'
      postconf -e 'mailbox_command ='

      
        10.3) /etc/init.d/postfix restart

 
        10.4) test

              telnet localhost imap / pop3 / IMAPs / pop3s




11. Anti-Spam / virus


   11.1) installation

      sudo apt-get install amavisd-new spamassassin clamav-daemon
      sudo apt-get install dkim-filter python-policyd-spf
      sudo apt-get install pyzor razor
      sudo apt-get install arj cabextract cpio lha nomarch pax rar unrar unzip zip zoo

        or:

        apt-get install amavisd-new spamassassin clamav clamav-daemon zoo unzip bzip2 libnet-ph-perl libnet-snpp-perl libnet-telnet-perl nomarch lzop pax
     




   11.2) configuration

            a) ClamAV

                 add clamav user to the amavis group in order for
                 Amavisd-new to have the appropriate access to scan files
                 (sudo nano /etc/clamav)   

                 sudo adduser clamav amavis

   
            b) Spamassassin
 
                 sudo nano /etc/default/spamassassin

                 ENABLED=1   #activate the Spamassassin daemon

     
                 then start it: sudo /etc/init.d/spamassassin start


           c) Amavisd-new
             
                 1) activate spam and antivirus detection in Amavisd-new

         sudo nano /etc/amavis/conf.d/15-content_filter_mode
 

                @bypass_virus_checks_maps = (
                       \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);


                @bypass_spam_checks_maps = (
                      \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);

     
       2) Bouncing spam is the default, you may discard it as bellow

                sudo nano /etc/amavis/conf.d/20-debian_defaults   

                $final_spam_destiny       = D_DISCARD;

         
             3) If host name is different from the domain's MX record you may need to
               manually set the $myhostname option.

                    Also, if the server receives mail for multiple domains
                 the @local_domains_acl option will need to be customized. 


                    sudo nano  /etc/amavis/conf.d/50-user   

                    $myhostname = 'mail.99webhosting.com';
 
                       @local_domains_acl = ( "example.com", "example.org" );


                       or:

                       nano /etc/amavis/conf.d/50-user

                       $pax='pax';

         
              4) sudo /etc/init.d/amavis restart
                          /etc/init.d/clamav-daemon restart
                          /etc/init.d/clamav-freshclam restart

         

             d) DKIM Whitelist

         (once a domain has been added to the Whitelist, the message will not
              receive any anti-virus or spam filtering.)


                nano /etc/amavis/conf.d/40-policy_banks
       
   

             e) For Postfix integration

                1) sudo postconf -e 'content_filter = smtp-amavis:[127.0.0.1]:10024'

                  or:

                        postconf -e 'content_filter = amavis:[127.0.0.1]:10024'
         postconf -e 'receive_override_options = no_address_mappings'




              2) sudo nano /etc/postfix/master.cf 

                (Note: add the following at the end. Don't leave space before the line
                "smtp-amavis" and "127.0.0.1:10025")
         
         
           smtp-amavis     unix    -       -       -       -       2       smtp
                 -o smtp_data_done_timeout=1200
              -o smtp_send_xforward_command=yes
              -o disable_dns_lookups=yes
              -o max_use=20

                     127.0.0.1:10025 inet    n       -       -       -       -       smtpd
              -o content_filter=
              -o local_recipient_maps=
              -o relay_recipient_maps=
              -o smtpd_restriction_classes=
              -o smtpd_delay_reject=no
              -o smtpd_client_restrictions=permit_mynetworks,reject
              -o smtpd_helo_restrictions=
              -o smtpd_sender_restrictions=
              -o smtpd_recipient_restrictions=permit_mynetworks,reject
              -o smtpd_data_restrictions=reject_unauth_pipelining
              -o smtpd_end_of_data_restrictions=
              -o mynetworks=127.0.0.0/8
              -o smtpd_error_sleep_time=0
              -o smtpd_soft_error_limit=1001
              -o smtpd_hard_error_limit=1000
              -o smtpd_client_connection_count_limit=0
              -o smtpd_client_connection_rate_limit=0
              -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks


               (Note: Also add the following two lines immediately below the "pickup" transport service: )

               -o content_filter=
               -o receive_override_options=no_header_body_checks


                   (Now restart Postfix: sudo /etc/init.d/postfix restart)


   11.3) test

         a) Amavisd-new SMTP is listening    (directly in Ubuntu system)
     
               telnet localhost 10024
               Trying 127.0.0.1...
               Connected to localhost.
               Escape character is '^]'.
               220 [127.0.0.1] ESMTP amavisd-new service ready
               ^]
       
         b) In the Header of messages you should see:

               X-Spam-Level:
               X-Virus-Scanned: Debian amavisd-new at example.com
               X-Spam-Status: No, hits=-2.3 tagged_above=-1000.0 required=5.0 tests=AWL, BAYES_00
               X-Spam-Level:



      In addtion:

         1) to get the stuck message:

         postfix reload
         requeue the stuck messages:
         postsuper -r ALL
         wait for the messages to requeue (about a minute and a half should be good)
         postfix reload

         2) to display the config of /etc/postfix/main.cf)

         postconf -n





12. Apache/PHP5


    11.0) nano /etc/apache2/apache2.conf

        (Look for “DirectoryIndex” and make it look like the following:)

        DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl index.xhtml default.htm default.html


    11.1) to enable some Apache modules (SSL, rewrite, suexec, and include)
 
          a2enmod ssl
     a2enmod rewrite
     a2enmod suexec
     a2enmod include


    11.2) /etc/init.d/apache2 force-reload


    11.3) test: http://192.168.1.101
               
                http://192.168.1.101/test.php

                (
                nano /var/www/test.php
               
                <?php
                phpinfo();
                ?>


                )


   (Default document root: /var/www, to change it by /etc/apache2/sites-available/default
        The main configuration file located at /etc/apache2/apche2.conf.)
 


13. Webalizer


    12.1) apt-get install webalizer


    12.2) Synchronize the System Clock

          apt-get install ntp ntpdate


    12.3) configure

          nano /etc/webalizer/webalizer.conf
   
          LogFile /var/log/apache2/access.log


    12.4) restart:

          /etc/init.d/apache2 restart
 

    12.5)  Running Webalizer manually first time

           /usr/bin/webalizer


    12.6)  test:

           http://192.168.1.101/webalizer



14. BIND9


    test:

    1) /etc/init.d/bind9 restart
    2) to add the ip of the DNS server (the localhost) to your /etc/resolv.conf to use it:

        (nano /etc/resolv.conf)

        echo "search 99webhosting.com" > /etc/resolv.conf
   echo "nameserver 127.0.0.1" >> /etc/resolv.conf

    3) ping www.google.com
 
 
       trouble-shooting:

       nano /etc/bind/named.conf
       nano /etc/bind/named.conf.options
       nano /etc/bind/named.conf.local
       nano /etc/bind/named.conf.default-zones
 


 

golfreeze

  • Administrator
  • Hero Member
  • *****
  • Posts: 2145
    • View Profile
    • นั่งสมาธิ สติปัฏฐานสี่ พาเที่ยววัด แนะนำวัด แจกcd ธรรมะฟรี
    • Email
Re: install vhcs2.4.8 on debian
« Reply #3 on: มิถุนายน 27, 2011, 05:03:26 PM »
      nano /var/cache/bind/weqiao.org.db

       named-checkconf

       nano /var/log/daemon.log    then: /etc/init.d/bind9 start

 
15. mysql  (to change passwd)

    1) apt-get install mysql-server mysql-client libmysqlclient15-dev
   
       (set a password for mysql root: mysqladmin -u root password YOURROOTSQLPASSWORD)


    # mysql -u root -p
 
     create database 99webhosting;
     use 99webhosting

     grant all privileges on *.* to 'XXX'@'localhost' identified by 'XXXXXXmysql' with grant option;
     \q

   
    test: http://192.168.1.101/phpmyadmin/
   

16. Remove unwanted packages
   
    apt-get remove ppp pppconfig pppoeconf


17. Shutdown unwanted services from inetd

    update-inetd --remove daytime
    update-inetd --remove telnet
    update-inetd --remove time
    update-inetd --remove finger
    update-inetd --remove talk
    update-inetd --remove ntalk
    update-inetd --remove ftp
    update-inetd --remove discard   



install VHCS
============

1. download

   cd tmp

   wget http://downloads.sourceforge.net/project/vhcs/VHCS%202.4/VHCS%202.4.8/vhcs-2.4.8.tar.bz2?use_mirror=iweb
   
   tar xjvf vhcs-2.4.8.tar.bz2
   
   cd vhcs-2.4.8
 

2. Configuration File

   /tmp/vhcs-2.4.8/configs/vhcs2.conf
   /etc/proftpd/proftpd.conf
   /etc/bind/named.conf
   /etc/postfix/main.cf
   /etc/postfix/master.cf

   1) nano configs/vhcs2.conf

        DEFAULT_ADMIN_ADDRES = admin@99webhosting.com
      SERVER_HOSTNAME = server01
      BASE_SERVER_IP = 192.168.1.101
      DATABASE_TYPE = mysql
      DATABASE_HOST = localhost
      DATABASE_NAME = 99webhosting
      DATABASE_PASSWORD = XXXXXXmysql
      DATABASE_USER = XXX

        DATE_FORMAT = m.d.Y

        (
        DATABASE_DIR = /media/disk500GB/CUSTOMER/mysql
        SECONDARY_DNS = 192.168.1.102

        APACHE_WWW_DIR = /media/disk500GB/CUSTOMER/www

        APACHE_LOG_DIR = /media/disk500GB/log/apache2
        APACHE_USERS_LOG_DIR = /media/disk500GB/log/apache2/users
        APACHE_BACKUP_LOG_DIR = /media/disk500GB/log/apache2/backup

        LOG_DIR = /media/disk500GB/log/vhcs2
 
        TRAFF_LOG_DIR = /media/disk500GB/log


        MTA_VIRTUAL_MAIL_DIR = /media/disk500GB/CUSTOMER/Email

        DFtpDir = /media/disk500GB/CUSTOMER/www/
        FTP_HOMEDIR = /media/disk500GB/CUSTOMER/www
   
       
        BACKUP_FILE_DIR = /media/disk500GB/backup_by_VHCS2
        )

       
       


3. make install


4. cp -R /tmp/vhcs-2.4.8/* /


5. to run the setup for vhcs:
 
   /var/www/vhcs2/engine/setup/vhcs2-setup


   Please to enter system hostname (for Enter defaults) [debian]: server01
   Please to enter system network address (for Enter defaults) [10.0.0.69 ]: 192.168.1. 101
   Please to enter SQL server host (for Enter defaults) [localhost]:
   Please to enter system SQL database (for Enter defaults) [vhcs2]: 99webhosting
   Please to enter system SQL to user (for Enter defaults) [root]: XXX
   Please to enter system SQL password (for Enter defaults) [none]: XXXXXXmysql
   Please repeat system SQL password: password
   Please to enter VHCS FTP SQL to user (for Enter defaults) [vftp]: ftp_XXX
   Please to enter VHCS FTP SQL to user password (for Enter defaults) [none]: XXXXXXftp
   Please repeat VHCS FTP SQL to user password: XXXXXXxxx
   Please to enter administrator login name (for Enter defaults) [admin]:XXX
   Please to enter administrator password: XXXXXXhost
   Administrator Please repeat password: XXXXXXhost
   Please to enter administrator email address: admin@99webhosting.com


6. access to VHCS2: http://192.168.1.101/vhcs2




fix proftpd
===========

cp /etc/proftpd.conf /etc/proftpd/proftpd.conf



1. nano /etc/proftpd/proftpd.conf

  include /etc/proftpd/modules.conf

  DisplayfirstChdir  ->  DisplayChdir


  in addition:
  ------------
   
  ServerIdent    on "FTP Server Ready"
  UseIPv6    off


2. nano /etc/proftpd/modules.conf

   LoadModule mod_sql.c
 
   LoadModule mod_sql_mysql.c


3. /etc/init.d/proftpd restart


4. create a new user (ftp_XXX)

   mysql -u root -p

   CREATE USER 'ftp_XXX'@'localhost' IDENTIFIED BY 'XXXXXXftp';

   GRANT SELECT ON `99webhosting`.`domain` TO 'ftp_XXX'@'localhost';
   GRANT SELECT ON `99webhosting`.`ftp_users` TO 'ftp_XXX'@'localhost';
   

   FLUSH PRIVILEGES;

   \q


5. test: telnet localhost ftp


///

chinese
-------




security
--------

There also seems to be a very serious security flaw in the admin section.
Your vhcs installation can easily be hacked by hackers. To prevent this,
add a ip filter on the admin section. This does require advance knowledge
of apache.

























fix it
======
Notice: Undefined index: /dev/shm in /var/www/vhcs2/gui/include/phpsysinfo/class.Linux.inc.php on line 525

Syntax error on line 4 of /etc/apache2/mods-enabled/fastcgi.conf:
FastCgiWrapper: "/usr/lib/apache2/suexec" execute access for server (uid 33, gid 33) failed: stat(/usr/lib/apache2/suexec) failed: No such file or directory
   ...fail!


apt-get install apache2-suexec2
apt-get remove apache2-suexec

@ Henrik: The notices depends on if you have safe_mode on or off.
Sarge: FastCgiWrapper /usr/lib/apache2/suexec2
Etch: FastCgiWrapper /usr/lib/apache2/suexec



/etc/apache2/mods-available/fastcgi.conf



<IfModule mod_fastcgi.c>
  AddHandler fastcgi-script .fcgi
  #FastCgiWrapper /usr/lib/apache2/suexec
  FastCgiIpcDir /var/lib/apache2/fastcgi
</IfModule>

///////


<IfModule mod_fastcgi.c>
    FastCgiWrapper /usr/lib/apache2/suexec2
    FastCgiIpcDir /var/lib/apache2/fastcgi

    FastCgiConfig -minProcesses 1 -maxProcesses 10 -singleThreshold 100 -killInterval 300 -autoUpdate -idle-timeout 240 -pass-header HTTP_AUTHORIZATION

    FastCgiServer /var/www/fcgi/master/php4-fcgi-starter -user vu2000 -group vu2000

    Action php4-fcgi-starter /php4/php4-fcgi-starter
    Action php5-fcgi-starter /php5/php5-fcgi-starter

    # For PHP4 support
    <Location /php4/>
       Options +ExecCGI
       SetHandler php4-fcgi-starter
    </Location>
    AddType application/x-httpd-php4 .php .php3 .php4
    Action /php4/php4.ini

    # For PHP5 support
    <Location /php5/>
       Options +ExecCGI
       SetHandler php5-fcgi-starter
    </Location>
    AddType application/x-httpd-php5 .php5
    Action /php5/php5.ini

    AddHandler php4-fastcgi .php .php4 .php3
    AddHandler php5-fastcgi .php5

</IfModule>














7. trouble-shooting:

   Modules [Crypt::CBC, Crypt::Blowfish, Crypt::PasswdMD5] WAS NOT FOUND

   apt-get install libmime-perl

   configure CPAN
   cpan

   (mostly the defaults will work)
   upgrade cpan (optional ; and kind of a drawn out process):

   install Bundle::CPAN
   reload cpan
   install Crypt::Blowfish

   install Crypt::CBC
   install Carp::Clan
   install Bit::Vector

   install Date::Calc
   install ExtUtils::MakeMaker

   install HTML::Tagset
   install HTML::Parser

   install IO::Stringy
   install Mail::Field
   install Mail::Header
   install Mail::Internet
   
   install MIME::Base64
   install MIME::Tools
   install MIME::Entity
   install MIME::Parser

   install DBD::mysql

   install Term::ReadPassword

   install Crypt::PasswdMD5

@ Henrik: The notices depends on if you have safe_mode on or off.
Sarge: FastCgiWrapper /usr/lib/apache2/suexec2
Etch: FastCgiWrapper /usr/lib/apache2/suexec




how to switch proftpd to PURE-FTPD for VHCS2
============================================


0. Backing up old files (optional)

   cp /etc/vhcs2/vhcs2.conf /etc/vhcs2/vhcs2.conf.bak
   cp /var/www/vhcs2/engine/quota/vhcs2-dsk-quota /var/www/vhcs2/engine/quota/vhcs2-dsk-quota.bak


1. remove proftpd (and or pure-ftpd)

   apt-get remove --purge proftpd
   rm -rf /etc/proftpd && rm /etc/proftpd.conf

   

2. Installing the necessary packages

   apt-get install pure-ftpd-mysql pure-ftpd-common


3. configure pure-ftpd

   1) Stop PureFTPD before modifying configuration files
   
      /etc/init.d/pure-ftpd-mysql stop

      or:
 
      sudo fuser -n tcp 21
      sudo kill [pid] 
 

   2) configure (the configuration files are placed in the etc/pure-ftpd/conf directory, We need to create the different configuration files that are going to be used :)

        echo "yes" > /etc/pure-ftpd/conf/ChrootEveryone
   echo "yes" > /etc/pure-ftpd/conf/BrokenClientsCompatibility
   echo "100" > /etc/pure-ftpd/conf/MaxClientsNumber
   echo "yes" > /etc/pure-ftpd/conf/Daemonize
   echo "4" > /etc/pure-ftpd/conf/MaxClientsPerIP
   echo "yes" > /etc/pure-ftpd/conf/DisplayDotFiles
   echo "no" > /etc/pure-ftpd/conf/AnonymousOnly
   echo "yes" > /etc/pure-ftpd/conf/NoAnonymous
   echo "ftp" > /etc/pure-ftpd/conf/SyslogFacility
   echo "yes" > /etc/pure-ftpd/conf/DontResolve
   echo "5" > /etc/pure-ftpd/conf/MaxIdleTime
   echo "no" > /etc/pure-ftpd/conf/PAMAuthentication
   echo "no" > /etc/pure-ftpd/conf/UnixAuthentication
   echo "10000 3" > /etc/pure-ftpd/conf/LimitRecursion
   echo "no" > /etc/pure-ftpd/conf/AnonymousCanCreateDirs
   echo "4" > /etc/pure-ftpd/conf/MaxLoad
   echo "yes" > /etc/pure-ftpd/conf/AntiWarez
   echo "133 022" > /etc/pure-ftpd/conf/Umask   
   echo "2000" > /etc/pure-ftpd/conf/MinUID             
   echo "yes" > /etc/pure-ftpd/conf/AllowUserFXP
   echo "no" > /etc/pure-ftpd/conf/AllowAnonymousFXP
   echo "no" > /etc/pure-ftpd/conf/ProhibitDotFilesWrite
   echo "no" > /etc/pure-ftpd/conf/ProhibitDotFilesRead
   echo "no" > /etc/pure-ftpd/conf/AutoRename
   echo "yes" > /etc/pure-ftpd/conf/AnonymousCantUpload
   echo "clf:/var/log/pureftpd/transfers.log" > /etc/pure-ftpd/conf/AltLog
   echo "no" > /etc/pure-ftpd/conf/NoChmod
   echo "no" > /etc/pure-ftpd/conf/CreateHomeDir
   echo "95" > /etc/pure-ftpd/conf/MaxDiskUsage
   echo "yes" > /etc/pure-ftpd/conf/CustomerProof
   
 
4. create a new user (vhcs2_ftp)

   mysql -u root -p

   CREATE USER 'vhcs2_ftp'@'localhost' IDENTIFIED BY 'password';

   GRANT SELECT ON `vhcs2`.`domain` TO 'vhcs2_ftp'@'localhost';
   GRANT SELECT ON `vhcs2`.`ftp_users` TO 'vhcs2_ftp'@'localhost';
   

   FLUSH PRIVILEGES;


5. sudo nano /etc/pure-ftpd/db/mysql.conf

##############################################
#                                            #
# Sample Pure-FTPd Mysql configuration file. #
# See README.MySQL for explanations.         #
#                                            #
##############################################


# Optional : MySQL server name or IP. Don't define this for unix sockets.

# MYSQLServer     127.0.0.1

# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort       3306


# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket      /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser       vhcs2_ftp
# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort       3306


# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket      /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser       vhcs2_ftp
# Optional : MySQL port. Don't define this if a local unix socket is used.

# MYSQLPort       3306


# Optional : define the location of mysql.sock if the server runs on this host.

MYSQLSocket      /var/run/mysqld/mysqld.sock


# Mandatory : user to bind the server as.

MYSQLUser       vhcs2_ftp


# Mandatory : user password. You must have a password.

MYSQLPassword   password


# Mandatory : database to open.

MYSQLDatabase   vhcs2


# Mandatory : how passwords are stored
# Valid values are : "cleartext", "crypt", "md5" and "password"
# ("password" = MySQL password() function)
# You can also use "any" to try "crypt", "md5" *and* "password"

MYSQLCrypt      any


# In the following directives, parts of the strings are replaced at
# run-time before performing queries :
#
# \L is replaced by the login of the user trying to authenticate.
# \I is replaced by the IP address the user connected to.
# \P is replaced by the port number the user connected to.

# \R is replaced by the IP address the user connected from.
# \D is replaced by the remote IP address, as a long decimal number.
#
# Very complex queries can be performed using these substitution strings,
# especially for virtual hosting.


# Query to execute in order to fetch the password

MYSQLGetPW      SELECT passwd FROM ftp_users WHERE userid="\L"




MYSQLGetUID     SELECT uid FROM ftp_users WHERE userid="\L"


# Optional : default UID - if set this overrides MYSQLGetUID

#MYSQLDefaultUID 1000


# Query to execute in order to fetch the system user group or gid

MYSQLGetGID     SELECT gid FROM ftp_users WHERE userid="\L"


# Optional : default GID - if set this overrides MYSQLGetGID

#MYSQLDefaultGID 1000


# Query to execute in order to fetch the home directory

MYSQLGetDir     SELECT homedir FROM ftp_users WHERE userid="\L"


# Optional : query to get the maximal number of files


# MySQLGetQTAFS  SELECT QuotaFiles FROM users WHERE User="\L"


# Optional : query to get the maximal disk usage (virtual quotas)
# The number should be in Megabytes.
# Pure-FTPd must have been compiled with virtual quotas support.

MySQLGetQTASZ  SELECT domain.domain_disk_limit FROM domain,ftp_users WHERE ftp_users.userid="\L" and ftp_users.uid=do$


# Optional : ratios. The server has to be compiled with ratio support.
  GNU nano 2.0.9                    File: /etc/pure-ftpd/db/mysql.conf                                               

# MySQLGetRatioUL SELECT ULRatio FROM users WHERE User="\L"
# MySQLGetRatioDL SELECT DLRatio FROM users WHERE User="\L"


# Optional : bandwidth throttling.
# The server has to be compiled with throttling support.
# Values are in KB/s .

# MySQLGetBandwidthUL SELECT ULBandwidth FROM users WHERE User="\L"
# MySQLGetBandwidthDL SELECT DLBandwidth FROM users WHERE User="\L"

# Enable ~ expansion. NEVER ENABLE THIS BLINDLY UNLESS :
# 1) You know what you are doing.
# 2) Real and virtual users match.

# MySQLForceTildeExpansion 1


# If you upgraded your tables to transactionnal tables (Gemini,
# BerkeleyDB, Innobase...), you can enable SQL transactions to
# avoid races. Leave this commented if you are using the
# traditionnal MyIsam databases or old (< 3.23.x) MySQL versions.

# MySQLTransactions On



6. Starting Pure-FTPD

   /etc/init.d/pure-ftpd-mysql start

    sudo fuser -n tcp 21