n this article, you’ll see detailed instructions for setting up the Linux operating system on a Windows computer, using the free Red Hat Linux distribution. We’ll walk you through the preparation phase (downloading software, partitioning, etc.), the NIC setup, installing and setting up the Linux firewall, and setting up user accounts. We’ll guide you in how to set up a proper security level for the system and then, using common Linux commands, you’ll set up IP addresses and the Windows File server (Samba). Finally, we’ll round it all off by showing you how to start the FTP software. At the end of this process you’ll have a working Linux server and you’ll be ready to install your Apache/JBoss software to finish the job.
- One (1) Windows computer with RW CD-ROM support
- A hard drive (minimum size, 8GB) on the server that contains no important files
- Access to the Internet from the server
- CD-ROM on the server
- Administrator rights on the machine
Prepare the Installation
The first step is to download the initial installation files required to set up a RedHat server. You do this by downloading the RedHat ISO from the ftp.redhat.com FTP site. The ISO files are named “psyche-i386-discX.iso” where X is a number from one to five. You only need CD-ROMs 1 and 2 to follow this installation guide, but it’s a good idea to download all the files and create a CD for each file. Download each of these files to your Windows computer and copy them to the CDROMs. Don’t forget to label the CDs!
Start the Installation
Reboot the server and insert the first CD-ROM. To start the installation in GUI-mode, press Enter at the CD-ROM boot prompt. You’ll get a chance to verify that the CD-ROMs you created are OK. We recommend that you follow the steps on the screen and check them out?just in case.
When all the CD-ROMs are tested, reinsert the first CD-ROM and continue the installation.
You’ll see a CD-ROM check, then the GUI loads and you’ll see the Red Hat information page.
You’ll see several options, already set to the defaults. To save time, you can just press “Next” after selecting each of these setup options:
- Mouse type
- Installation type (choose “Install on System and Server”).
Partition the Hard Drive
Now it’s time to partition the hard-drive. We strongly suggest that you do this using Disk Druid?which comes installed with the Red Hat disks?but you can also do this “manually” using the “fdisk” command. Caution: Using the Linux command “fdisk” isn’t as easy as using the “fdisk” in DOS, so you may want to refer to our book for some help, or go to the command’s manpage, or search the Internet for more help.
|Note: For newcomers to UNIX, the “manpage” is the UNIX equivalent of the classic DOS question mark (?) command-line parameter?it shows you information about the command. To see the manpage for a command, type the command name, and then enter a space followed by a question mark.
From the main Disk Druid menu:
- Remove any partitions currently on the hard-drive by selecting each one and pressing the “Remove” button. Repeat the process until all the logical and primary partitions are gone.
- Press “New” to create the first partition. This partition will be the root (system) partition, so the mount point (partition address) should be “/”. You can find examples of other mount points in the drop down menu.
- Make sure that the “File System Type” is set to “ext3“. Allocate at least 3GB for this root partition.
- Check the “Force to be a primary partition” checkbox and press OK
- Create another partition using “/var” as the mount point. Allocate at least 2GB to the new partition. The system will use the /var partition to store log, cache, and temporary files.
- Create a “swap” partition, which the system will use for virtual memory. To do this, create a new partition and change the “File System Type” to “Swap”. Note that you will not be able to select a mount point for a swap partition. Set the swap partition size to at least 50% more than the amount of RAM that’s presently on the server (or what you assume it will be in the near future? no fun having a swap file that’s too small after only six weeks). For example, if your server has 256MB of RAM, you would create a swap partition of at least 384MB.
- Finally, create the last partition and use “/home” as the mount point. This partition will be used by all the other users on the system. Allocate the rest of the drive’s free space to this partition by selecting the “Fill to maximum allowable size” button.
You’ve finished partitioning the hard-drive. You can now continue with the next series of steps.
At this point you’ll be asked to select which boot loader you want to use. “GRUB” is the default used for Red Hat 8.0. Just make sure that the device “/dev/hda1” (the root partition) is included in the system list and then continue. If what you’re seeing on the system list doesn’t match this description, you’ve set a wrong mount point name somewhere. You’ll have to re-run Disk Druid and repeat the partition procedure.
Configure Network Settings
You must now configure the network settings for the system. If you have more than one NIC on your computer, we suggest you use the device called “eth0” as the NIC that will run the communication for your default gateway.
By default the NIC will use DHCP to request an IP address. If you choose to set an IP-address manually select this NIC and click “Edit”. Uncheck the DHCP checkbox and then enter the correct IP information. When you are done editing the eth0 device, click OK and then specify the Hostname, Default Gateway, and DNS information. Finally, if you have more than one NIC, select and configure each one of these as well.
|Note: You need only one DNS entry to get name resolution working.
Install a Firewall
We highly recommend that you configure the system for a built-in firewall. Red Hat uses the command “iptables to control the firewall software. Using this command, you can specify which services will be open for the public and which will not. Typically, you’d leave the “www“, “ftp” and “ssh” services open to the public for a standard server installation. For this server, use the “Medium” security level, and select the services you need.
|Note: If you elected to use DHCP for your NIC you should also accept DHCP in the firewall configuration.
You’re finished with the preliminary firewall installation, continue by setting up firewall options
Select the System Language (not to be confused with the type of keyboard you’re using), and your time zone (in our case we selected +1 GMT for the Swedish time-zone).
Create Accounts and Select Applications
Next, you will be asked to create a “Root account password”. This is where you assign the System Administrator password. Do not use “Admin”, or “Administrator”, or any common or easily guessed password; use a best-practice combination of letters (both upper and lower case) and numbers. For example, “MaT2003rix” is easy to remember (if you liked the movie and you’ve been itching for the sequel as much as we have).
You should also create a normal user account for yourself, and a manager account, with no special rights, called “admin”. To create user accounts, just press the Add button on the right hand side of the screen.
The next step is optional and you may skip it if you like. Red Hat includes a number of free applications that you can opt to install at this point; you can install them all or skip them all. We recommend that you install at least these five:
- Editors?Contains text edit programs.
- Windows File Server?Contains server applications for connecting to the Linux server via the Microsoft file manager.
- FTP Server?For users that cannot use (or don’t want to use) the Microsoft network browser to access their home directories.
- Development Tools?Tools used to build new applications on your server.
- System Tools?Useful Administrator tools.
When going through the list you can find out more about each application by clicking the “Details” button just to the right of each application.” You should have plenty of disk space if you followed the minimum installation requirements.
|Note: If you decide to install software packages other than those listed above, you might be asked to insert one of the other CD-ROMs that you created earlier?you did label them didn’t you?
After you have selected the packages you want to install, the system is ready to start copying files. Press “Next” to launch the installation.
After the installation, you’ll get a chance to create a boot-disk. If someday, for whatever reason, the system can’t boot from the hard drive, you’ll need that disk. Don’t skip this step!
After creating the boot-disk, remove any CD-ROMs from the system and then press “Exit” to reboot the system.
Monitor the first boot-up carefully. If all goes well (and it usually does), login to the system using the administrator (root) user and the password you created earlier. If, despite your best attempts, you have forgotten the password, there are ways of setting up a new root password without having to do a whole reinstallation. We will not cover root password recovery in this article; however you can find more information by searching the Web for “Linux root password recovery“.
Set Up Initial System Security
After you’re logged in, you can configure the initial system security. This is a critical part of the installation routine. You should plan what you’re going to do ahead of time.
The table below contains the most common Linux/UNIX commands that a Windows administrator needs to know about when setting up Red Hat. You probably already know the commands you would use in Windows, this table will get you started quickly in Linux/UNIX. For more information see the page references in our book. Also see the sidebar Linux/Microsoft Command/Term Equivalents.
Lists the contents of a specified directory andsupports wildcards.
Changes the working directory. If no directory isspecified, $HOME is used.
Removes empty directories from the file system.
Removes files and directories from the filesystem.
Adds/removes software on a system, but can also beused to create software packages
Moves or renames files and directories.
Creates a link between the specified source anddestination files.
Adds users to SMB’s password file
Changes the users SMB password
Edits or views text files (remember Edlin?)
Creates a new user or updates default new userinformation
Changes login password and password attributes forthe current or the specified user.
|Note: There are two modes in “vi“: command mode and insert mode. In command mode you cannot enter text, but you can do other things such as delete rows or go into insert mode. For detailed information about how to use the “vi” command see http://www.eng.hawaii.edu/Tutor/vi.html, or search for “vi help” on the Internet.
So far in this article we have given you the minimum requirements to get the Web server up and running using general firewall security. The first phase of the firewall setup is intended to prevent access to the server by outsiders. However, the procedure leaves your ports open for the local network so that you may access the server and change security settings at a later date.
Note: You can change advanced security settings either prior to or after the Apache/JBoss installation.
Now, execute the next setup step by removing the mail service (which isn’t needed at this point, since you aren’t setting up a mail server). To do this, remove SMTP support using the “rpm” command. From the command prompt type:
rpm -e sendmail
Note: You don’t have to remove the sendmail service if you plan to run this machine as a mail server sometime in the near future.
Connecting Linux to Windows
Before you can complete this next step, you need to know the IP addresses your LAN uses to connect to the server. You need these IP addresses to make the “Windows File Server” accessible through the firewall that you installed earlier. To allow your Windows network to access files on the Linux system, enter the lines below using the command “iptables”, substituting your network’s IP addresses for the ones shown in our example (we used 192.168.1.0/255.255.255.0 as our source network).
|Editor’s Note: The commands below were wrapped to fit on this page, but you should enter them on a single line.
iptables -I RH-Lokkit-0-50-INPUT -s 192.168.1.0/255.255.255.0 -p udp --dport 137:138 -j ACCEPT iptables --I RH-Lokkit-0-50-INPUT -s 192.168.1.0/255.255.255.0 -p tcp --dport 139 -j ACCEPT iptables-save > /etc/sysconfig/iptables
Windows File Server (Samba) Installation and Security Configuration
To get the “Windows File Server” running on the Linux box, begin by opening the /etc/samba/smb.conf file. To do that, use the “vi” command. From the command line type:
Even though it’s best that you configure this file on your own, here’s an example to help you get started (don’t forget to save your changes):
[global] workgroup = Mydomain server string = RedHat Linux Server security = user encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 [homes] comment = Home Directories browsable = no writable = yes valid users = %S create mode = 0664 directory mode = 0775 [webroot] comment = Webserver root path = /www/htdocs writable = yes valid users = admin create mode = 0664 directory mode = 0775
To use the example above, you must create the directory /www/htdocs. Use the command “mkdir“. From the command line type:
mkdir -p /www/htdocs
You must also have a user named “admin” to add to the samba user database. You add users using the “smbadduser” command. For the “admin” user, the correct syntax to use is:
When you enter that command, the computer will ask you to set the admin user’s password. This login/password is independent of any password you use on your Microsoft network, in other words, you don’t need to use the same passwords for both platforms (in fact, we recommend that you use different passwords for added security).
To give a user permission to use Samba and have their own home directory (homedir) on the server, enter the following commands in succession:
# add a user to the system adduser -g users
# set a password for the user passwd # adds a user to the Samba database smbadduser : # change a user's password in Samba: smbpasswd
|Note: The number signs (#) in the preceding code denote comments, and are not part of the command syntax.
The next step in the Samba configuration is to get the appropriate services running on the server. To make Samba start automatically from system startup, use the following commands as the root user:
# Add the samba application to the system startup. ln -s /etc/init.d/smb /etc/rc.d/rc3.d/S98smb # Restart the samba application /etc/init.d/smb restart
You can now browse to your Linux server from your Windows computer through the Network Browser by entering the IP address to the Linux server, for example: \ipaddress to Linux server>
The Final Step: Starting the FTP Software
In order to get the FTP service running on your server, you have to edit the file “/etc/xinetd.d/vsftpd“. Open this file and remove the line that says “disable = yes“. Use the vi command like this:
While the file is open, use the arrow keys to move to the line that you want to removed and press “d” twice (dd). Save the file by typing “:wq” and pressing Enter. To make the changes take effect type:
# This restarts xinetd to get ftp working./etc/init.d/xinetd restart
You can now ftp to and from both of the OSs as either a "system" user or as an "anonymous" user. We would like to point out here that the root user (the system administrator) is not able to ftp to the Linux system. Preventing system administrator ftp access is a standard Linux security block, because ftp access is open from the Internet side.
When you ftp to the server as an anonymous user, you will initially start at the ftp root "/var/ftp".
Congratulations! You have finished installing Linux Red Hat and paved the way for the rest of your Web server setup. You're now free to install your Apache/JBoss software.