Fedora Downloads & Installation STEPS search Engine :

Custom Search

NB:

You can Find ALL (Downloads,translations,meaning,more posts)Quickly and easily With This Search engine.

*For Meaning Use : Meaning of 'WORD' .
*For Translate Somthing Use : Translate ' WORD'
*For Download use : DOWNLOADS 'name' or 'reference'
*For More Posts About A Subjet Use : Posts About 'WORD/SENTENSE')

Sunday, April 26, 2009

STEPS to install Fedora Server - Fedora 10

his is a detailed description about how to set up a Fedora 10 server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable) with PHP5/Ruby/Python, Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Dovecot POP3/IMAP, Quota, Firewall, etc.

I will use the following software:

  • Web Server: Apache 2.2.10
  • PHP 5.2.6
  • Ruby
  • Python
  • Database Server: MySQL 5.0.67
  • Mail Server: Postfix
  • DNS Server: BIND9 (chrooted)
  • FTP Server: proftpd
  • POP3/IMAP server: Dovecot
  • Webalizer for web site statistics

In the end you should have a system that works reliably, and if you like you can install the free webhosting control panel ISPConfig (i.e., ISPConfig runs on it out of the box).

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

1 Requirements

To install such a system you will need the following:

2 Preliminary Note

In this tutorial I use the hostname server1.example.com with the IP address 192.168.0.100 and the gateway 192.168.0.1. These settings might differ for you, so you have to replace them where appropriate.

3 Install The Base System

Boot from your Fedora 10 DVD. Select Install or upgrade an existing system:

It can take a long time to test the installation media so we skip this test here:

The welcome screen of the Fedora installer appears. Click on Next:



Choose your language next:

Select your keyboard layout:

I'm installing Fedora 10 on a fresh system, so I answer Yes to the question Would you like to initialize this drive, erasing ALL DATA?:

Fill in the hostname of the server:

Choose your time zone:

Give root a password:

Next we do the partitioning. Select Remove Linux partitions on selected drives and create default layout. This will give you a small /boot partition and a large / partition which is fine for our purposes:

Select Write changes to disk:

The hard drive is being formatted:



Now we select the software we want to install. Uncheck Office and Productivity and check Software Development and Web server instead. Then check Customize now. Afterwards, select the additional repositories Fedora 10 - i386 and Fedora 10 - i386 - Updates (if you are on an x86_64 system, the names are probably Fedora 10 - x86_64 and Fedora 10 - x86_64 - Updates):

As the last two repositories need an Internet connection, a new window pops up where you have to configure your network card. Select Enable IPv4 support, but disable Use dynamic IP configuration (DHCP); then give your network card a static IP address and netmask (in this tutorial I'm using the IP address 192.168.0.100 and netmask 255.255.255.0 for demonstration purposes; if you are not sure about the right values, http://www.subnetmask.info might help you). Also fill in your gateway (e.g. 192.168.0.1) and one nameserver (e.g. 145.253.2.75):

When I clicked on OK, I got an error message saying that the network configuration had failed, but despite this, details for the last two repositories were retrieved, and the checkboxes in front of the two repositories got marked, which means that the network connection is working, and the error message was wrong (might be a bug in the installer). Click on Next:

Now we must select the package groups we want to install. Select Editors, Text-based Internet, Development Libraries, Development Tools, DNS Name Server, FTP Server, Mail Server, MySQL Database, Server Configuration Tools, Web Server, Administration Tools, Base, Hardware Support, Java, System Tools (unselect all other package groups) and click on Next:



The installation begins. This will take a few minutes:

Finally, the installation is complete, and you can remove your DVD from the computer and reboot it:

After the reboot, you will see this screen. Select Firewall configuration and hit Run Tool:

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default Fedora firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the Fedora firewall).

Hit OK afterwards:

Confirm your choice by selecting Yes:

Next select Network configuration:

If you did not configure your network card during the installation (either because you did not select the additional online repositories or because the installer really failed to bring up your network card), you can do that now by going to Edit a device params:

Select your network interface (usually eth0):

Then fill in your network details - disable DHCP and fill in a static IP address, a netmask, and your gateway, then hit Ok:

Next select Save:

What you should do in all cases (regardless of whether you configured your network connection during the installation or just now) is specify nameservers (during the intial installation, you could fill in just one nameserver, therefore you should specify at least a second one now). Select Edit DNS configuration:

Now you can fill in additional nameservers and hit Ok:

Hit Save&Quit afterwards...

... and leave the Choose a Tool window by selecting Quit:

You should run

ifconfig

now to check if the installer got your IP address right. If it did not, restart the NetworkManager...

/etc/init.d/NetworkManager restart

... and if that still doesn't help, reboot the system:

reboot

If the IP address is still not correct, run

system-config-network

and redo the network configuration.

Now, on to the configuration...

4 Adjust /etc/hosts

Next we edit /etc/hosts. Make it look like this:

vi /etc/hosts

# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1               localhost.localdomain localhost
192.168.0.100           server1.example.com server1

::1             localhost6.localdomain6 localhost6

It is important that you add a line for server1.example.com and remove server1.example.com and server1 from the 127.0.0.1 line.

5 Configure The Firewall

(You can skip this chapter if you have already disabled the firewall at the end of the basic system installation.)

I want to install ISPConfig at the end of this tutorial which comes with its own firewall. That's why I disable the default Fedora firewall now. Of course, you are free to leave it on and configure it to your needs (but then you shouldn't use any other firewall later on as it will most probably interfere with the Fedora firewall).

Run

system-config-firewall

and disable the firewall.

To check that the firewall has really been disabled, you can run

iptables -L

afterwards. The output should look like this:

[root@server1 ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server1 ~]#

6 Disable SELinux

SELinux is a security extension of Fedora that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I disable it (this is a must if you want to install ISPConfig later on).

Edit /etc/selinux/config and set SELINUX=disabled:


vi /etc/selinux/config

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted

Afterwards we must reboot the system:

reboot

7 Install Some Software

Next we update our existing packages on the system:

yum update

Now we install some software packages that are needed later on:

yum install fetchmail wget bzip2 unzip zip nmap openssl lynx fileutils ncftp gcc gcc-c++

8 Quota

(If you have chosen a different partitioning scheme than I did, you must adjust this chapter so that quota applies to the partitions where you need it.)

To install quota, we run this command:

yum install quota

Edit /etc/fstab and add ,usrquota,grpquota to the / partition (/dev/VolGroup00/LogVol00):

vi /etc/fstab

#
# /etc/fstab
# Created by anaconda on Wed Nov 26 16:56:06 2008
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or vol_id(8) for more info
#
/dev/VolGroup00/LogVol00 /                       ext3    defaults,usrquota,grpquota        1 1
UUID=41be1fc5-8b1a-456d-9fb9-cd0f5d764f36 /boot                   ext3    defaults        1 2
tmpfs                   /dev/shm                tmpfs   defaults        0 0
devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
sysfs                   /sys                    sysfs   defaults        0 0
proc                    /proc                   proc    defaults        0 0
/dev/VolGroup00/LogVol01 swap                    swap    defaults        0 0

Then run

touch /aquota.user /aquota.group
chmod 600 /aquota.*
mount -o remount /
quotacheck -avugm
quotaon -avug

to enable quota.

9 Install A Chrooted DNS Server (BIND9)

To install a chrooted BIND9, we do this:

yum install bind-chroot

Next, we change a few permissions and start BIND:

chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/
cd /var/named/chroot/var/named/
ln -s ../../ chroot
chkconfig --levels 235 named on
/etc/init.d/named start

BIND will run in a chroot jail under /var/named/chroot/var/named/. I will use ISPConfig to configure BIND (zones, etc.).

10 MySQL (5.0)

To install MySQL, we do this:

yum install mysql mysql-devel mysql-server

Then we create the system startup links for MySQL (so that MySQL starts automatically whenever the system boots) and start the MySQL server:

chkconfig --levels 235 mysqld on
/etc/init.d/mysqld start

Now check that networking is enabled. Run

netstat -tap | grep mysql

It should show something like this:

[root@server1 ~]# netstat -tap | grep mysql
tcp 0 0 *:mysql *:* LISTEN 2407/mysqld
[root@server1 ~]#

If it does not, edit /etc/my.cnf and comment out the option skip-networking:

vi /etc/my.cnf

[...]
#skip-networking
[...]

and restart your MySQL server:

/etc/init.d/mysqld restart

Run

mysqladmin -u root password yourrootsqlpassword
mysqladmin -h server1.example.com -u root password yourrootsqlpassword

to set a password for the user root (otherwise anybody can access your MySQL database!).

If the last command throws an error at you...

[root@server1 named]# mysqladmin -h server1.example.com -u root password yourrootsqlpassword
mysqladmin: connect to server at 'server1.example.com' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
[root@server1 named]#

... we can set the password as follows: connect to MySQL:

mysql -u root -p

Type in the password for the MySQL root user. Then, on the MySQL shell, do this:

mysql> USE mysql;

mysql> UPDATE user SET Password = password('yourrootsqlpassword') WHERE Host = 'server1.example.com' AND User = 'root';

mysql> UPDATE user SET Password = password('yourrootsqlpassword') WHERE Host = '127.0.0.1' AND User = 'root';

Run

mysql> SELECT * FROM user;

to make sure that all rows where the user is root have a password.

If everything is looking ok, run

mysql> FLUSH PRIVILEGES;

... and leave the MySQL shell:

mysql> quit;

11 Postfix With SMTP-AUTH And TLS

Now we install Postfix and Dovecot (Dovecot will be our POP3/IMAP server):

yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi cyrus-sasl-md5 cyrus-sasl-plain postfix dovecot

Now we configure SMTP-AUTH and TLS:

postconf -e 'smtpd_sasl_local_domain ='
postconf -e 'smtpd_sasl_auth_enable = yes'
postconf -e 'smtpd_sasl_security_options = noanonymous'
postconf -e 'broken_sasl_auth_clients = yes'
postconf -e 'smtpd_sasl_authenticated_header = yes'
postconf -e 'smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination'
postconf -e 'inet_interfaces = all'
postconf -e 'mynetworks = 127.0.0.0/8'

We must edit /usr/lib/sasl2/smtpd.conf so that Postfix allows PLAIN and LOGIN logins (on 64bit systems, this file is in /usr/lib64/sasl2/smtpd.conf). It should look like this:

vi /usr/lib/sasl2/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login

Afterwards we create the certificates for TLS:

mkdir /etc/postfix/ssl
cd /etc/postfix/ssl/
openssl genrsa -des3 -rand /etc/hosts -out smtpd.key 1024

chmod 600 smtpd.key
openssl req -new -key smtpd.key -out smtpd.csr

openssl x509 -req -days 3650 -in smtpd.csr -signkey smtpd.key -out smtpd.crt

openssl rsa -in smtpd.key -out smtpd.key.unencrypted

mv -f smtpd.key.unencrypted smtpd.key
openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650

Next we configure Postfix for TLS:

postconf -e 'smtpd_tls_auth_only = no'
postconf -e 'smtp_use_tls = yes'
postconf -e 'smtpd_use_tls = yes'
postconf -e 'smtp_tls_note_starttls_offer = yes'
postconf -e 'smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key'
postconf -e 'smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt'
postconf -e 'smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem'
postconf -e 'smtpd_tls_loglevel = 1'
postconf -e 'smtpd_tls_received_header = yes'
postconf -e 'smtpd_tls_session_cache_timeout = 3600s'
postconf -e 'tls_random_source = dev:/dev/urandom'

Then we set the hostname in our Postfix installation (make sure you replace server1.example.com with your own hostname):

postconf -e 'myhostname = server1.example.com'

After these configuration steps you should now have a /etc/postfix/main.cf that looks like this (I have removed all comments from it):

cat /etc/postfix/main.cf

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
        PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
        ddd $daemon_directory/$process_name $process_id & sleep 5

sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.5.5/samples

readme_directory = /usr/share/doc/postfix-2.5.5/README_FILES
inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
mynetworks = 127.0.0.0/8
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
myhostname = server1.example.com

Now start Postfix, saslauthd, and Dovecot:

chkconfig --levels 235 sendmail off
chkconfig --levels 235 postfix on
chkconfig --levels 235 saslauthd on
chkconfig --levels 235 dovecot on
/etc/init.d/sendmail stop
/etc/init.d/postfix start
/etc/init.d/saslauthd start
/etc/init.d/dovecot start

To see if SMTP-AUTH and TLS work properly now run the following command:

telnet localhost 25

After you have established the connection to your Postfix mail server type

ehlo localhost

If you see the lines

250-STARTTLS

and

250-AUTH PLAIN LOGIN

everything is fine.

[root@server1 ssl]# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 server1.example.com ESMTP Postfix
ehlo localhost
250-server1.example.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.
[root@server1 ssl]#

Type

quit

to return to the system's shell.

11.1 Maildir

Dovecot uses Maildir format (not mbox), so if you install ISPConfig on the server, please make sure you enable Maildir under Management -> Server -> Settings -> Email. ISPConfig will then do the necessary configuration.

If you do not want to install ISPConfig, then you must configure Postfix to deliver emails to a user's Maildir (you can also do this if you use ISPConfig - it doesn't hurt ;-)):

postconf -e 'home_mailbox = Maildir/'
postconf -e 'mailbox_command ='
/etc/init.d/postfix restart

12 Apache2 With PHP, Ruby, Python

Now we install Apache with PHP5 (this is PHP 5.2.6):

yum install php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-eaccelerator php-magickwand php-magpierss php-mapserver php-mbstring php-mcrypt php-mhash php-mssql php-shout php-snmp php-soap php-tidy curl curl-devel perl-libwww-perl ImageMagick libxml2 libxml2-devel

Then edit /etc/httpd/conf/httpd.conf:

vi /etc/httpd/conf/httpd.conf

and change DirectoryIndex to

[...]
DirectoryIndex index.html index.htm index.shtml index.cgi index.php index.php3 index.pl
[...]

Now configure your system to start Apache at boot time:

chkconfig --levels 235 httpd on

Start Apache:

/etc/init.d/httpd start

12.1 Disable PHP Globally

(If you do not plan to install ISPConfig on this server, please skip this section!)

In ISPConfig you will configure PHP on a per-website basis, i.e. you can specify which website can run PHP scripts and which one cannot. This can only work if PHP is disabled globally because otherwise all websites would be able to run PHP scripts, no matter what you specify in ISPConfig.

To disable PHP globally, we edit /etc/httpd/conf.d/php.conf and comment out the AddHandler and AddType lines:

vi /etc/httpd/conf.d/php.conf

#
# PHP is an HTML-embedded scripting language which attempts to make it
# easy for developers to write dynamically generated webpages.
#

LoadModule php5_module modules/libphp5.so

#
# Cause the PHP interpreter to handle files with a .php extension.
#
#AddHandler php5-script .php
#AddType text/html .php

#
# Add index.php to the list of files that will be served as directory
# indexes.
#
DirectoryIndex index.php

#
# Uncomment the following line to allow PHP to pretty-print .phps
# files as PHP source code:
#
#AddType application/x-httpd-php-source .phps

Afterwards we restart Apache:

/etc/init.d/httpd restart

12.2 Ruby

Starting with version 2.2.20, ISPConfig has built-in support for Ruby. Instead of using CGI/FastCGI, ISPConfig depends on mod_ruby being available in the server's Apache.

For Fedora 10, there's no mod_ruby package available, so we must compile it ourselves. First we install some prerequisites:

yum install httpd-devel ruby ruby-devel

Next we download and install mod_ruby as follows:

cd /tmp
wget http://www.modruby.net/archive/mod_ruby-1.3.0.tar.gz
tar zxvf mod_ruby-1.3.0.tar.gz
cd mod_ruby-1.3.0/
./configure.rb --with-apr-includes=/usr/include/apr-1
make
make install

Finally we must add the mod_ruby module to the Apache configuration, so we create the file /etc/httpd/conf.d/ruby.conf...

vi /etc/httpd/conf.d/ruby.conf

LoadModule ruby_module modules/mod_ruby.so

... and restart Apache:

/etc/init.d/httpd restart

You can find more details about mod_ruby in this article.

12.3 Installing mod_python

To install mod_python, we simply run...

yum install mod_python

... and restart Apache afterwards:

/etc/init.d/httpd restart

13 ProFTPd

ISPConfig has better support for proftpd than vsftpd, so let's remove vsftpd and install proftpd:

yum remove vsftpd

yum install proftpd

Now we can create the system startup links for Proftpd and start it:

chkconfig --levels 235 proftpd on
/etc/init.d/proftpd start

14 Webalizer

To install webalizer, just run

yum install webalizer

15 Synchronize The System Clock

If you want to have the system clock synchronized with an NTP server do the following:

yum install ntp

chkconfig --levels 235 ntpd on
ntpdate 0.pool.ntp.org
/etc/init.d/ntpd start

16 Install Some Perl Modules

ISPConfig comes with SpamAssassin which needs a few Perl modules to work. We install the required Perl modules with a single command:

yum install perl-HTML-Parser perl-DBI perl-Net-DNS perl-Digest-SHA1 perl-ExtUtils-AutoInstall

17 ISPConfig

The configuration of the server is now finished. You can now install ISPConfig on it, following these instructions: http://www.ispconfig.org/manual_installation.htm

17.1 A Note On SuExec

If you want to run CGI scripts under suExec, you should specify /var/www as the web root for websites created by ISPConfig as Fedora's suExec is compiled with /var/www as Doc_Root. Run

/usr/sbin/suexec -V

and the output should look like this:

[root@server1 ~]# /usr/sbin/suexec -V
-D AP_DOC_ROOT="/var/www"
-D AP_GID_MIN=100
-D AP_HTTPD_USER="apache"
-D AP_LOG_EXEC="/var/log/httpd/suexec.log"
-D AP_SAFE_PATH="/usr/local/bin:/usr/bin:/bin"
-D AP_UID_MIN=500
-D AP_USERDIR_SUFFIX="public_html"
[root@server1 ~]#

So if you want to use suExec with ISPconfig, don't change the default web root (which is /var/www) if you use expert mode during the ISPConfig installation (in standard mode you can't change the web root anyway so you'll be able to use suExec in any case).

18 Links

FOR MORE DETAILS YOU CAN USE THE QUICK SEARCH ENGINE IN THE TOP.

Posted by at No comments:

STEPS TO INSTALL Fedora 10 (GNOME)

This tutorial shows how you can set up a Fedora 10 desktop (GNOME) that is a full-fledged replacement for a Windows desktop, i.e. that has all the software that people need to do the things they do on their Windows desktops. The advantages are clear: you get a secure system without DRM restrictions that works even on old hardware, and the best thing is: all software comes free of charge.

I want to say first that this is not the only way of setting up such a system. There are many ways of achieving this goal but this is the way I take. I do not issue any guarantee that this will work for you!

1 Preliminary Note

To fully replace a Windows desktop, I want the Fedora 10 desktop to have the following software installed:

Graphics:

  • The GIMP - free software replacement for Adobe Photoshop
  • F-Spot - full-featured personal photo management application for the GNOME desktop
  • Google Picasa - application for organizing and editing digital photos

Internet:

  • Firefox
  • Opera
  • Flash Player 9
  • FileZilla - multithreaded FTP client
  • Thunderbird - email and news client
  • Evolution - combines e-mail, calendar, address book, and task list management functions
  • aMule - P2P file sharing application
  • Azureus/Vuze - Java Bittorrent client
  • Transmission BitTorrent client
  • Pidgin- multi-platform instant messaging client (formerly known as Gaim)
  • Skype
  • Google Earth
  • Xchat IRC - IRC client

Office:

  • OpenOffice Writer - replacement for Microsoft Word
  • OpenOffice Calc - replacement for Microsoft Excel
  • Adobe Reader
  • GnuCash - double-entry book-keeping personal finance system, similar to Quicken
  • Scribus - open source desktop publishing (DTP) application

Sound & Video:

  • Amarok - audio player
  • Audacity - free, open source, cross platform digital audio editor
  • Banshee - audio player, can encode/decode various formats and synchronize music with Apple iPods
  • MPlayer - media player (video/audio), supports WMA
  • Rhythmbox Music Player - audio player, similar to Apple's iTunes, with support for iPods
  • gtkPod - software similar to Apple's iTunes, supports iPod, iPod nano, iPod shuffle, iPod photo, and iPod mini
  • XMMS - audio player similar to Winamp
  • dvd::rip - full featured DVD copy program
  • Kino - free digital video editor
  • Sound Juicer CD Extractor - CD ripping tool, supports various audio codecs
  • VLC Media Player - media player (video/audio)
  • Real Player
  • Totem - media player (video/audio)
  • Xine - media player, supports various formats; can play DVDs
  • Brasero - CD/DVD burning program
  • K3B - CD/DVD burning program
  • Multimedia-Codecs

Programming:

  • Kompozer - WYSIWYG HTML editor, similar to Macromedia Dreamweaver, but not as feature-rich (yet)
  • Bluefish - text editor, suitable for many programming and markup languages
  • Quanta Plus - web development environment, including a WYSIWYG editor

Other:

  • VMware Server - lets you run your old Windows desktop as a virtual machine under your Linux desktop, so you don't have to entirely abandon Windows
  • TrueType fonts
  • Java
  • Read/Write support for NTFS partitions

You might notice that I'm installing lots of similar applications here (e.g. two browsers and two email clients, multiple audio players, etc.) - this is just a choice. Of course you are free to install just the apps that you really need - just leave out the other ones.

I will use the GNOME desktop in rhis article.

I will use the username falko in this tutorial, and I will download all necessary files to falko's download which is equivalent to the directory /home/falko/Download. If you use another username (which you most probably do ;-)), please replace falko with your own username. So when I use a command like

cd /home/falko/Download

you must replace falko.

2 Installing The Base System

Download the Fedora 10 Live GNOME iso image from http://fedoraproject.org/en/get-fedora (e.g. http://download.fedoraproject.org/pub/fedora/linux/releases/10/Live/i686/F10-i686-Live.iso), burn it onto a CD, and boot your computer from it. It will boot into a live Fedora 10 desktop that you can use to test how Fedora 10 works on your system. At the login prompt, select Automatic Login:

This is how the live desktop looks. You can now play around with it if you like. If you are sure that you want to install Fedora 10 on your hard drive, click on Install to Hard Drive:

The Fedora Installer starts. Click on Next:

Select your keyboard layout:

You can leave the hostname as is and click on Next:

Select your time zone:

Type in a root password (twice to verify it):

Select Yes when asked Would you like to initialize this drive, erasing ALL DATA?:

The default partitioning is ok, so you can hit Next:

Confirm by clicking on Write changes to disk:

The installation starts. This can take a few minutes:

The installation is complete. Click on Close...

... and reboot the system - go to System > Shut Down...

... and select Restart. Don't forget to remove the Live CD from the CD drive before the system boots again!

If the system is booting for the first time, the first boot wizard comes up. Click on Forward...

... and accept the license.

Then add a regular user account to the system (I'm creating the user falko here):

Set your date and time, then click on the Network Time Protocol tab. With the network time protocol (NTP) your computer can fetch the current time from a time server over the Internet, so you don't have to adjust the system clock every few weeks. Select Enable Network Time Protocol and click on Forward:

On the next screen you can send details about your hardware to the Fedora project to help them develop the software. It's up to you whether you want to submit these details or not:

Now that we are finished with the first boot wizard, we can log into our new desktop with the user we've just created:

This is how your new Fedora 10 desktop looks:



3 Update The System

Now it's time to check for updates. Go to System > Administration > Update System:

The Update System wizard comes up and checks for the latest updates:

If it finds any, click on the Update System button to start the update:

Type in the root password:

Afterwards the updates are being downloaded and installed:

Click on Close to finish the update:

Your system is now up to date.

4 Disable SELinux

SELinux is a security extension of Fedora that should provide extended security. In my opinion you don't need it to configure a secure system, and it usually causes more problems than advantages (think of it after you have done a week of trouble-shooting because some service wasn't working as expected, and then you find out that everything was ok, only SELinux was causing the problem). Therefore I choose disable it, although you might prefer to go with it. I haven't tested this setup with SELinux enabled - it might well be that it works without problems, but if it does not, you can try to turn SELinux off and see if the problem is gone.

To disable SELinux, go to System > Administration > SELinux Management:

Select Disabled for System Default Enforcing Mode and close the window.

To make the change effective, we must reboot the system (System > Shut down...):

5 Inventory Of What We Have So Far

Now let's browse all menus under Applications to see which of our needed applications are already installed:

You should find the following situation ([x] marks an application that is already installed, where [ ] is an application that is missing). NTFS read/write support is enabled by default on Fedora 10.

Graphics:
[x] Gimp
[ ] F-Spot
[ ] Picasa

Internet:
[x] Firefox
[ ] Opera
[ ] Flash Player
[ ] FileZilla
[ ] Thunderbird
[x] Evolution
[ ] aMule
[ ] Azureus/Vuze
[x] Transmission BitTorrent Client
[x] Pidgin
[ ] Skype
[ ] Google Earth
[ ] Xchat IRC

Office:
[ ] OpenOffice Writer
[ ] OpenOffice Calc
[ ] Adobe Reader
[ ] GnuCash
[ ] Scribus

Sound & Video:
[ ] Amarok
[ ] Audacity
[ ] Banshee
[ ] MPlayer
[x] Rhythmbox Music Player
[ ] gtkPod
[ ] XMMS
[ ] dvd::rip
[ ] Kino
[x] Sound Juicer CD Extractor
[ ] VLC Media Player
[ ] Real Player
[x] Totem
[ ] Xine
[ ] Brasero
[ ] K3B
[ ] Multimedia-Codecs

Programming:
[ ] Kompozer
[ ] Bluefish
[ ] Quanta Plus

Other:
[ ] VMware Server
[ ] TrueType Fonts
[ ] Java
[x] Read/Write Support for NTFS Partitions

So some applications are already on the system...

6 Adding Software Repositories

The official Fedora repositories don't provide all the software we need. Fortunately there are also third-party repositories for Fedora 10 that have what we need, and we can make our system use these repositories.

To do this, open a terminal window (under Applications > System Tools > Terminal)...

... and type in

su

to become root.

Then run

rpm -Uvh http://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-stable.noarch.rpm http://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-stable.noarch.rpm

This adds the RPM Fusion repository (a merger or Dribble, Freshrpms, and rpm.livna.org) to our package manager.

Unfortunately the RPM Fusion repository doesn't have libdvdcss in its repository, therefore we also add the livna repository (which contains only that package):

rpm -Uvh http://livna-dl.reloumirrors.net/fedora/10/i386/livna-release-9-2.noarch.rpm

Next we add the Adobe repository which provides the Flash player and the Adobe Reader:

rpm -Uvh http://linuxdownload.adobe.com/adobe-release/adobe-release-i386-1.0-1.noarch.rpm

Finally we add the Skype repository - as there is no rpm, we have to do it manually:

gedit /etc/yum.repos.d/skype.repo

[skype]
name=Skype Repository
baseurl=http://download.skype.com/linux/repos/fedora/updates/i586/
gpgkey=http://www.skype.com/products/skype/linux/rpm-public-key.asc
enabled=1

gpgcheck=0

7 Installing Additional Software

Now that we have added additional repositories, a lot more packages are available in our package manager for installation, especially a big deal of our needed packages. To install them, go to System > Administration > Add/Remove Software:

The Package Manager opens:

Use the search field and select the following packages for installation (* is a wildcard; e.g. mplayer* means all packages that start with mplayer) and click on Apply afterwards:

  • f-spot
  • flash-plugin
  • filezilla
  • thunderbird
  • amule
  • azureus
  • skype
  • xchat-gnome
  • openoffice.org*
  • AdobeReader_enu
  • gnucash
  • scribus
  • amarok
  • audacity
  • banshee
  • mplayer
  • mplayer-gui
  • gtkpod
  • xmms*
  • DVDRipOMatic
  • kino
  • vlc
  • mozilla-vlc
  • xine*
  • brasero
  • k3b
  • bluefish
  • kdewebdev
  • java
  • compat-libstdc++-33 (needed by RealPlayer)
  • ffmpeg
  • lame
  • libdvdcss
  • libXp
  • mjpegtools
  • kernel-devel (needed by VMware)
  • xinetd (needed by VMware)
  • gcc (needed by VMware)
  • gcc-c++ (needed by VMware)
  • perl-devel (needed by VMware)
  • perl-ExtUtils-Embed (needed by VMware)
  • wget

Afterwards, the selected packages will be installed. This can take a few minutes, so please be patient.


8 Inventory (II)

Now let's check again what we have so far by browsing the menus again:

Our inventory should now look like this:

Graphics:
[x] Gimp
[x] F-Spot
[ ] Picasa

Internet:
[x] Firefox
[ ] Opera
[x] Flash Player
[x] FileZilla
[x] Thunderbird
[x] Evolution
[x] aMule
[x] Azureus/Vuze
[x] Transmission BitTorrent Client
[x] Pidgin
[x] Skype
[ ] Google Earth
[x] Xchat IRC

Office:
[x] OpenOffice Writer
[x] OpenOffice Calc
[x] Adobe Reader
[x] GnuCash
[x] Scribus

Sound & Video:
[x] Amarok
[x] Audacity
[x] Banshee
[x] MPlayer
[x] Rhythmbox Music Player
[x] gtkPod
[x] XMMS
[x] dvd::rip
[x] Kino
[x] Sound Juicer CD Extractor
[x] VLC Media Player
[ ] Real Player
[x] Totem
[x] Xine
[x] Brasero
[x] K3B
[ ] Multimedia-Codecs

Programming:
[ ] Kompozer
[x] Bluefish
[x] Quanta Plus

Other:
[ ] VMware Server
[ ] TrueType Fonts
[x] Java
[x] Read/Write Support for NTFS Partitions

9 Flash Player

To see if the Flash plugin (which we installed before) is working, start Firefox. Then type about:plugins in the address bar. Firefox will then list all installed plugins, and it should list the Flash Player (version 10.0r12 which is the newest one at the time of this writing) among them:



10 TrueType Fonts

To install Windows TrueType fonts, open a terminal and become root again:

su

Then run:

cd /tmp/
wget http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec
yum -y install rpm-build cabextract ttmkfdir

rpmbuild -bb msttcorefonts-2.0-1.spec
rpm -ivh /root/rpmbuild/RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm --nodeps

To check if the TrueType fonts have been installed correctly, open a word processor like OpenOffice. You should now find your new Windows fonts there:

11 Win32-Codecs

To install Win32-codecs, open a terminal again, become root...

su

... and run the following commands:

cd /tmp/
wget http://www.mplayerhq.hu/MPlayer/releases/codecs/all-20071007.tar.bz2
tar xfvj all-20071007.tar.bz2
mkdir /usr/lib/codecs/
cp all-20071007/* /usr/lib/codecs/
ln -s /usr/lib/codecs/ /usr/lib/win32

12 RealPlayer

To install RealPlayer, visit http://www.real.com/linux/ in Firefox and download the RPM package (don't hit the big yellow Download RealPlayer button, but use the small link RPM Package below it instead):

Select Open with Package Installer (default) in the Firefox download dialogue:

The Package Installer will then come up and guide you through the installation.

13 Opera

Go to http://www.opera.com/download/ in your browser and select Fedora as distribution, then Fedora Core 5, Core 6, 7, 8. Click on the Download Opera button...

... and select Open with Package Installer (default):

The Package Installer will then come up and guide you through the installation.

14 Google Earth

To install Google Earth, open a terminal and become root:

su

Then run

cd /home/falko/Download
wget http://dl.google.com/earth/client/current/GoogleEarthLinux.bin
sh GoogleEarthLinux.bin

This will download Google Earth and start the installation. Click on Begin Install:

After the installation, you can click on Quit or on Start, if you want to start Google Earth now:

Afterwards, we delete the Google Earth installer:

rm -f GoogleEarthLinux.bin

15 Google Picasa

Open Firefox and go to http://picasa.google.com/linux/download.html#picasa30. Click on the rpm, for Red Hat/Fedora/Suse/Mandriva i386 or x86_64 link (http://dl.google.com/linux/rpm/testing/i386/picasa-3.0-current.i386.rpm) and select Open with Package Installer (default) in the Firefox download dialogue:

The Package Installer will then come up and guide you through the installation.

16 Kompozer

Go to http://kompozer.net/download.php and click on the kompozer-0.7.10-i386.rpm link:

This will bring you to SourceForge, and after a few seconds the Firefox download dialogue should pop up (if it does not, click on direct link) where you select Open with Package Installer (default), as usual:

17 Inventory (III)

This is what we have now:

Graphics:
[x] Gimp
[x] F-Spot
[x] Picasa

Internet:
[x] Firefox
[x] Opera
[x] Flash Player
[x] FileZilla
[x] Thunderbird
[x] Evolution
[x] aMule
[x] Azureus/Vuze
[x] Transmission BitTorrent Client
[x] Pidgin
[x] Skype
[x] Google Earth
[x] Xchat IRC

Office:
[x] OpenOffice Writer
[x] OpenOffice Calc
[x] Adobe Reader
[x] GnuCash
[x] Scribus

Sound & Video:
[x] Amarok
[x] Audacity
[x] Banshee
[x] MPlayer
[x] Rhythmbox Music Player
[x] gtkPod
[x] XMMS
[x] dvd::rip
[x] Kino
[x] Sound Juicer CD Extractor
[x] VLC Media Player
[x] Real Player
[x] Totem
[x] Xine
[x] Brasero
[x] K3B
[x] Multimedia-Codecs

Programming:
[x] Kompozer
[x] Bluefish
[x] Quanta Plus

Other:
[ ] VMware Server
[x] TrueType Fonts
[x] Java
[x] Read/Write Support for NTFS Partitions

So everything is installed except for VMware Server...

18 VMware Server

With VMware Server you can let your old Windows desktop (that you previously converted into a VMware virtual machine with VMware Converter, as described in this tutorial: http://www.howtoforge.com/vmware_converter_windows_linux) run under your Fedora desktop. This can be useful if you depend on some applications that exist for Windows only, or if you want to switch to Linux slowly.

Open a terminal and become root again:

su

Then install the prerequisites for VMware Server as follows (you might have installed them in chapter 7 already):

yum install kernel-devel-`uname -r` xinetd gcc gcc-c++ perl-devel perl-ExtUtils-Embed

To download VMware Server, go to http://www.vmware.com/products/server/ and click on Download:

On the next page, log in with your existing VMware account or create a new one:

Follow the on-screen instructions. At the end, you should receive an email with a link to your download page. On the download page, you should see two license numbers, one for Windows and one for Linux. Write down or save the one for Linux and scroll down.

Then download the VMware Server for Linux TAR image (not the RPM image!) to your hard drive (e.g. to /home/falko/Download):

In the terminal (you must still be root), go to the location where you saved the VMware Server .tar.gz file, e.g. /home/falko/Download (replace falko with your own username!):

cd /home/falko/Download/

Unpack the VMware Server .tar.gz file and run the installer:

tar xvfz VMware-server-*.tar.gz
cd vmware-server-distrib
./vmware-install.pl

The installer will ask you a lot of questions. You can always accept the default values simply by hitting .

When the installer asks you

In which directory do you want to keep your virtual machine files?
[/var/lib/vmware/Virtual Machines]

you can either accept the default value or specify a location that has enough free space to store your virtual machines.

At the end of the installation, you will be asked to enter a serial number:

Please enter your 20-character serial number.

Type XXXXX-XXXXX-XXXXX-XXXXX or 'Enter' to cancel:

Fill in your serial number for VMware Server.

After the successful installation, you can delete the VMware Server download file and the installation directory:

cd /home/falko/Download
rm -f VMware-server*
rm -fr vmware-server-distrib/

VMware Server 2 does not have a desktop application for managing virtual machines - this is now done through a browser (e.g. Firefox). You can access the management interface over HTTPS (https://:8333) or HTTP (http://:8222); the management interface can be accessed locally and also remotely. If you want to access it from the same machine, type https://127.0.0.1:8333 or http://127.0.0.1:8222 into the browser's address bar.

If you're using Firefox 3 and use HTTPS, Firefox will complain about the self-signed certificate, therefore you must tell Firefox to accept the certificate - to do this, click on the Or you can add an exception... link:

Click on Add Exception...:

The Add Security Exception window opens. In that window, click on the Get Certificate button first and then on the Confirm Security Exception button:

Afterwards, you will see the VMware Server login form. Type in root and your root password:

This is how the VMware Server web interface looks. The structure is similar to the old VMware Server 1 desktop application, so the usage of the web interface is pretty straightforward.

19 Inventory (IV)

We have now all wanted applications installed:

Graphics:
[x] Gimp
[x] F-Spot
[x] Picasa

Internet:
[x] Firefox
[x] Opera
[x] Flash Player
[x] FileZilla
[x] Thunderbird
[x] Evolution
[x] aMule
[x] Azureus/Vuze
[x] Transmission BitTorrent Client
[x] Pidgin
[x] Skype
[x] Google Earth
[x] Xchat IRC

Office:
[x] OpenOffice Writer
[x] OpenOffice Calc
[x] Adobe Reader
[x] GnuCash
[x] Scribus

Sound & Video:
[x] Amarok
[x] Audacity
[x] Banshee
[x] MPlayer
[x] Rhythmbox Music Player
[x] gtkPod
[x] XMMS
[x] dvd::rip
[x] Kino
[x] Sound Juicer CD Extractor
[x] VLC Media Player
[x] Real Player
[x] Totem
[x] Xine
[x] Brasero
[x] K3B
[x] Multimedia-Codecs

Programming:
[x] Kompozer
[x] Bluefish
[x] Quanta Plus

Other:
[x] VMware Server
[x] TrueType Fonts
[x] Java
[x] Read/Write Support for NTFS Partitions

20 Links

FOR MORE DETAILS & SOLUTIONS USE THE QUICK SEARCH ENGINE IN THE TOP.
Posted by at No comments:
Subscribe to: Posts (Atom)