CentOS VPS Server Setup Tips

Useful Linux Tutorials and Handbooks

• Linux Init Process and PC Boot Procedure
• Linux Network Configuration
• Linux System Administration and Configuration
• Linux Tutorial - Fedora Core and Red Hat Linux CD Installation, Version Upgrade, Configuration and Basic Administration
• Linux Web Server and Domain Configuration Tutorial
• Linux-UNIX For DOS Users
• Linux Shell Scripting Tutorial - A Beginner's handbook

Set timezone using /etc/localtime configuration file [any Linux distro]

Often /etc/localtime is a symlink to the file localtime or to the correct time zone file in the system time zone directory.

Generic procedure to change timezone

Change directory to /etc

# cd /etc

Create a symlink to file localtime:

# ln -sf /usr/share/zoneinfo/EST localtime

OR some distro use /usr/share/zoneinfo/dirname/zonefile format (Red hat and friends)

# ln -sf /usr/share/zoneinfo/EST localtime

OR if you want to set up it to IST (Asia/Calcutta):

# ln -sf /usr/share/zoneinfo/Asia/Calcutta localtime

Please mote that in above example you need to use directory structure i.e. if you want to set the timezone to Calcutta (India) which is located in the Asia directory you will then have to setup using as above.

Use date command to verify that your timezone is changed:

$ date

Output:

Tue Aug 27 14:46:08 EST 2006

Reference: Howto: Linux server change or setup the timezone

How to install mcrypt for PHP 5.3.3 on CentOS

All you need to do is:

rpm -Uvh http://dl.fedoraproject.org/pub/epel/5/i386/epel-release-5-4.noarch.rpm
yum install php53-mcrypt

The EPEL repo contains more, and more upgraded packages to compliment the default repository.

Reference: How to install mcrypt for PHP 5.3.3 on CentOS 5.7 64 bit?

suEXEC the CGI wrapper

A CGI wrapper is a system that executes scripts in a safe and controlled fashion. It also allows scripts to be executed as the same user and group of the virtual host. This allows scripts to have proper permission to execute and use the users directory tree. It also stops scripts from effecting folders the owner shouldn't have access to.

Setting up suEXEC

suEXEC can be difficult to setup, it depends on whether you compiled apache yourself, or whether it came with your distribution. Your distribution may have configured suEXEC correctly for you, in which case you'll just need to enable it. You can check your suEXEC settings with the command:-

suexec -V

In our example we are running RedHat 9, which comes with Apache 2 by default, however suEXEC is not configured properly by default so you need to recompile suEXEC (not the whole of apache) with the correct settings to get it working. Here is our quick guide.

1. Check your suEXEC settings
   suexec -V
2. The interesting bit of info is AP_DOC_ROOT. Default is "/var/www". If this isn't the same as the directory where your site files are ("/home" for RH9) you're going to need to recompile it. If it is the same then you're lucky! You can skip to step 15.
3. Download and decompress the source RPM for httpd.
4. Navigate to the "support" sub folder of the httpd source directory (such as "/usr/src/redhat/SOURCES/httpd-2.0.40/support/")
5. Edit the file "suexec.h" and change the lines:-
6. #define AP_DOC_ROOT "/var/www"
   to the location of your site files such as:-
   #define AP_DOC_ROOT "/home"
7. #define AP_HTTPD_USER "apache"
   to the user you have set for apache
8. #define AP_LOG_EXEC "/some/long/thing/I've/forgot/suexec.log"
   to something sensible like:-
   #define AP_LOG_EXEC "/var/log/httpd/suexec.log"
9. Now you'll need to configure the apache source:-
   ./configure --prefix=/usr/local/apache2
10. Now:-
    make
11. And Now:-
    make suexec
12. Now replace your old suexec executable with your new one, backing up the old one first:-
    cd /usr/sbin
mv suexec suexec.bak
cp /usr/src/redhat/SOURCES/httpd-2.0.40/support/suexec suexec
13. Don't forget to change the group and owner to the same as the old suexec file!!!
    ls -l suexec
chgrp apache suexec
chown apache suexec
14. Now make executable:-
    chmod 4510 suexec
15. Ok that's suexec ready to go. Now open httpd.conf (make a backup first) and add the line:-
    LoadModule suexec_module modules/mod_suexec.so
16. Now suexec is in use you can define the user and group that scripts should be executed as for each VirtualHost. In the following examples username and groupname should be swapped with the actual user and group you wan to use. This should be the same as the owner and group of that VirtualHost.
    In Apache 2:-
    <VirtualHost 111.111.111.111:80>
...
SuexecUserGroup username groupname
...
</VirtualHost>
17. Restart apache and away you go!

Reference: Setting up suEXEC - CosmicScripts.com