FreeBSD Server Administration: FreeBSD General Archives

January 12, 2006

Beastie Blog

Glad to know Dale's Beastie Blog via his comment. He posts very frequently - 38 within three days? Unbelievable! I love to read other's blog, not only can I know how to setup something, but also I can know what I missed, what I can improve and what I should avoid from his errors.

FreeBSD community seems to be a very small world. When I was asking questions in an IRC room, I was very surprised to know the webmaster of FreeBSDDiary.org and LayeredTech's admin were also there. I really wish to see more websites dedicated to FreeBSD to expand the small world.

BTW, I don't use IRC any more...Have to ask very smart questions which should not be easy (or will be teased) and can be answered in one sentence (or no one will bother).

Posted by FreeBSD Newbie at 01:47 AM | Comments (3)

January 05, 2006

A One-year Look Back

It's been one year since I started using FreeBSD. I still remembered the first day when I got the server, I was wondered why nothing worked on the server, no command completion, no wget :-). It was a fresh FreeBSD installation with only ssh enabled. Then I asked some very silly questions in the IRC room, and knew what port is.

I had lots of problems such as Awstats exploit and phpBB, and I still have lots of pending tasks, e.g. spam filter, automate backup, etc. But basically the server has been running well with little down time. I didn't learn FreeBSD hard as I planned (yes, I always have lots of GREAT plans), instead, I was mainly driven by urgent needs or problems.

This is my server's uptime, it's pretty good, isn't?
> uptime
1:31PM up 208 days, 10:17, 1 user, load averages: 0.07, 0.11, 0.07

If you are a new FreeBSD user, the small list may be useful:

1. Avoid programs with bad security record, such as phpBB.

2. Use portaudit and CVSup to keep your ports up-to-date.

3. Use AllowUsers to limit the logins, bind the ssh login to a static IP if possible.

4. Reduce server visibility and change the ports of common services such as ssh and ftp.

5. A little performance tuning may help.

6. Examine the server log files and directory /tmp frequently. If you find unusual messages, make sure you understand them and eliminate them if necessary. When you don't see error messages often in /var/log/messages, the server is running smoothly.

Posted by FreeBSD Newbie at 08:31 PM | Comments (6)

August 29, 2005

Unix FAQ

I asked a question on the newsgroup: how to delete the files with special names like "--name", someone pointed me a great Unix FAQ page. It's also a must read for FreeBSD users:
http://www.faqs.org/faqs/unix-faq/faq/part1/

Posted by FreeBSD Newbie at 09:50 PM | Comments (1)

August 08, 2005

CPU Difference

Different CPUs seem to make big difference in terms of performance.

My two FreeBSD servers have the same configurations (FreeBSD 5.3/Apache 1.33/PHP 4/MySQL 4) and the same memory (1GB ram). Server 1 uses AMD Athlon XP2400; Server 2 uses Intel Pentium 4 2.8GHz. When executing a PHP script with a few MySQL operations, despite of more visitors and bigger database, server 2 is still significantly faster than server 1.

Posted by FreeBSD Newbie at 08:15 PM | Comments (0)

June 20, 2005

FreeBSD Reviews

Today, I read two articles along with their comments about FreeBSD: Review: FreeBSD 5.4 and Linus compares Linux and BSDs, I think they can be summarized in one sentence: FreeBSD is not for general purpose and doesn't work well as a workstation. Although I love FreeBSD, I think their opinions are quite true. I never installed FreeBSD, never read anything about installation, X-windows, printing, ie. almost everything I don't need to manage a remote dedicated server, but according to my limited experience, I can expect the difficulties to use FreeBSD on a desktop computer. But I couldn't care less about desktop usage, I'm very happy with FreeBSD on the server side, and I don't hope FreeBSD team tailor FreeBSD for everything like Linux in the future.

To me, FreeBSD's efficiency, stability, usability and secruity as a server is great. If there are more documents and tutorials for those popular software, it's even better.

DSP & FPGA

Posted by FreeBSD Newbie at 07:00 PM | Comments (0)

June 15, 2005

10MB or 100MB Uplink?

Very occasionally my websites are inaccessible for several seconds, then back to normal, soon inaccessible again. The uptime is very good and unlikely to be a performance problem, the only reason I can think of is network congestion. Currently I'm using 10 MB uplink, and I have been wondering if 100 MB uplink is only for heavy servers, or most servers can benefit from it as well.
I monitored the bandwidth usage for two days with netstat command, but still not sure about it. I plan to upgrade if I see the problem again.

# netstat -b -w 60 > /var/log/netstat.log &

Continue reading "10MB or 100MB Uplink?"

Posted by FreeBSD Newbie at 10:08 PM | Comments (0)

June 11, 2005

FreeBSD Resource

FreeBSD Resource Collections

FreeBSD Handbook
FreeBSD Hypertext Man Pages
FreeBSD Security Alert

FreeBSD Diary
BSD Forums

FreeBSD articles on ONLamp.com

I'll keep adding new websites, please let me know if you know any other websites which should be listed here.

Posted by FreeBSD Newbie at 05:34 AM | Comments (0)

May 09, 2005

Log Files

I deleted the log files of Postfix and Apache manually, these files weren't re-created even after I restarted Postfix and Syslogd, and it ended with a system reboot. I need to find a good way to rerotate Apache log files.

Update: Apache will create the new log files after restarting, a graceful restart is perferred.
# /usr/local/sbin/apachectl graceful

Check out Apache Log Rotation for more info.

Posted by FreeBSD Newbie at 07:21 PM | Comments (2)

April 19, 2005

Change Hostname

It seems to be important to have a hostname which can be queried(nslookup or ping), especially for MTA. My ISP used something like myname.ispdomain.com by default, which I can't add A record on my DNS server.

To change a hostname, do:
1. # hostname newname
2. Edit /etc/hosts
3. Edit /etc/rc.conf

After I changed it to hostname.mydomain.com, I added an A record in the zone file of mydomain.com.

Posted by FreeBSD Newbie at 12:40 AM | Comments (0)

April 13, 2005

System Logs

Several important logs:

1. /var/log/messages
2. /var/log/auth.log
3. # dmesg -a
4. /var/log/maillog

Posted by FreeBSD Newbie at 11:59 PM | Comments (0)

March 31, 2005

Commonly Used Configuration Files and Commands

Bind
Configuration file: /etc/namedb/named.conf
Start: # /etc/rc.d/named restart[start/stop]

Apache
Configuration file: /usr/local/etc/apache/httpd.conf
Start: # /usr/local/sbin/apachectl restart[start/stop/graceful]

MySQL
# /usr/local/etc/rc.d/mysql-server.sh start[stop/restart]
Create new user
mysql> grant usage on database_name.* to user_name@localhost IDENTIFIED BY 'somepassword' WITH GRANT OPTION;
mysql> grant all on database_name.* to user_name@localhost;

PHP
Configuration file: /usr/local/etc/php.ini

ProFTPD
configuration file: /usr/local/etc/proftpd.conf
Start: # /usr/local/libexec/proftpd
Debug mode: # /usr/local/libexec/proftpd -n -d 9

inetd
# /etc/rc.d/inetd restart

Portsnap
# portsnap fetch update

CVSup
Configuration file: /root/ports-supfile
Update: # cvsup -g /root/ports-supfile

Postfix
Configuraton file: /usr/local/etc/postfix/main.cf
Reload: # /usr/local/sbin/postfix reload
Mail queue

Posted by FreeBSD Newbie at 06:53 AM | Comments (0)

January 14, 2005

Complete Steps to Add a Website

To add a new website on FreeBSD, here is the complete procedure, that's what CPanel does when creating a new account. All commands are executed by root account.

1. Add a new user (test_user), the new user will have ftp permission automatically.
# adduser

2. Add the new domain to bind. (test_domain.com)
2.1 Insert a zone entry into /etc/namedb/named.conf:

zone "test_domain.com" {
type master;
file "test_domain.com.db";
};

2.2 Create a new zone file test_domain.com.db under /etc/namedb/. It looks like:

$TTL 14400
@ 14440 IN SOA ns1.yourdns.com. admin.test_domain.com. (
2004102903
14400
7200
3600000
86400
)

test_domain.com. 14400 IN NS ns1.yourdns.com.
test_domain.com. 14400 IN NS ns2.yourdns.com.
test_domain.com. 14400 IN A 1.2.3.4

localhost.test_domain.com. 14400 IN A 127.0.0.1
test_domain.com. 14400 IN MX 0 test_domain.com.
mail 14400 IN CNAME test_domain.com.
www 14400 IN CNAME test_domain.com.
ftp 14400 IN A 1.2.3.4

2.3 Restart bind
# /etc/rc.d/named restart

3. Add a virtual host entry to Apache config file /usr/local/etc/apache/httpd.conf, it looks like this:

# If IP 1.2.3.4 hosts multi-sites, must have the NameVirtualHost line
NameVirtualHost 1.2.3.4
<VirtualHost 1.2.3.4>
ServerAlias www.test_domain.com test_domain.com
ServerAdmin admin@test_domain.com
DocumentRoot /home/test_user/www
ServerName www.test_domain.com
</VirtualHost>

Restart Apache
# /usr/local/sbin/apachectl restart

4. Add database and database user for test_user.
Refer to last post.

5. Add email address.
Pending.

Posted by FreeBSD Newbie at 02:42 AM | Comments (0)

January 13, 2005

First Website Is Running

Finally, I solved the DNS problem, the following steps after that are much easier.

Some tips for DNS troubleshooting
1. Get a working example from another server if possible, it doesn't matter the server is running FreeBSD or Linux, it's fine as long as the Bind is the same version (well, roughly). I didn't do this at the beginning because the Linux Bind configuration and zone files looks quite different, but I have no other options after tried two days and still no luck.

2. There is a default line in the bind configuration file, remove or comment it if you want to use the same server as DNS server.
listen-on { 127.0.0.1; };

3. Don't directly copy the text from web pages, the different Windows/Unix format could cause troubles.

4. Read the handbook carefully and don't miss any step in it :-).

PHP/MySQL
I installed php 5 and mysql 5 at first, but php didn't work, I didn't look into the problem, although it should be easy, also considering lower versions have better support and documentations, so I installed php 4 and mysql 4 instead with pkg_add.

PHP doesn't need any configuration (done by pkg_add) and is ready after installation.

Browsing ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/Latest/ to check available packages, for example, check php 4 related packages:
ncftp > ls php4*
By the way, ncftp is a great ftp client program with bookmark support.

I installed the following packages with pkg_add:
# pkg_add -r php4
# pkg_add -r php4-mysql
# pkg_add -r mysql40-server
(Don't install mysql41-server, php4-mysql requires mysql40)

Start/Stop Mysql
# /usr/local/etc/rc.d/mysql-server.sh start[stop/restart]

Mysql will start at boot time by default, because any executable script accepting a 'start' command-line argument found in /usr/local/etc/rc.d will be executed when the system starts up.

POP3 Server
I installed qpopper as pop3 server, the installation is very easy with pkg_add, uncomment the following line in file /etc/inetd.conf to enable qpopper
pop3 stream tcp nowait root /usr/local/libexec/qpopper popper

Qpopper is controlled by inetd (super server), enable inetd start at boot time, insert the following line in /etc/rc.conf.
inetd_enable="YES"

Any configuration changes with qpopper require inetd to restart, it will reload the config file. Restart inetd with:
# /etc/rc.d/inetd restart
or send a HUP (hang up) to inetd process, it will also restart and reload the new config information:
# killall -HUP inetd
or
# kill -s HUP `cat /var/run/inetd.pid`
Note: ` is backticks not forward ticks.

I can connect the pop3 server with mail client, but didn't send or receive email successfully, should be some problems of sendmail configuration, next step.

Posted by FreeBSD Newbie at 12:36 AM | Comments (0)

January 05, 2005

I Love FreeBSD!

My server is completely new, only the OS was installed. I installed some program and learned a little basics of FreeBSD yesterday, it's fun :-).

1. Installing application from source
ports is a genius program. With it, compiling and installing an application is just one command, and all applications work the same way, you don't have to read README file to know how to install each program, type "man ports" for more information. CVSup does similar work but can ensure you get the latest version.

2. Installing pre-compiled application
The commands pkg_add, pkg_info, pkg_version are for binary application. It will fetch the application from FTP automatically and install on your system. For example, type "pkg_add -r apache" to install Apache, that's all you need to do!
Please note: some programs are not named as you expect, for example, "pkg_add -r mysql" doesn't work, I list the available applications in database with ftp and found it's named something like "mysql_server_5.0".

Installation on FreeBSD is extremely easy compared to Red Hat, check out the post to see how I installed ncftp on Red Hat, I tried the same process on FreeBSD and it didn't work, with pkg_add, "pkg_add -r ncftp" does everything for you.

I installed wget, apache, mysql, php and other basic applications yesterday, also changed my shell to bash. My next step is DNS setup and running apache/mysql.

I'm very glad that I chose FreeBSD, it's better than I could imagine. I will learn it systematically after I make my websites up and running.

Posted by FreeBSD Newbie at 01:46 PM | Comments (0)