Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Jun 2007 22:43:42 +0400
From: "(GalaxyMaster)" <galaxy@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Plesk 8.1.1 + Owl :)

Hello,

This are a little bit edited notes taken during my research on the
possibility to run Plesk 8.1.1 on Owl 2.0-stable.

On Sat, Jun 02, 2007 at 07:27:00AM +0400, (GalaxyMaster) wrote:

> Let me know if you are interested :).

I'd like to point out my goals:

* to preserve as much in the Plesk internal structure so further updates
of Plesk should be possible;

* use Owl as underlying OS;

* be able to have customized LAMP suite;

Re: the last item -- Owl hasn't precompiled LAMP packages so there are
several possible options:

* build software using source tarballs (flexible but requires knowledge
of what you are doing and how Plesk is organized);

* re-build software from RH source packages (FC, RHEL);

For my installation I've chosen the former but if you are unfamiliar
with the internal Plesk stuff it might be easier to get it working with
the latter and customize software after the installation.

I assume that you have downloaded the full Plesk bundle and unpacked it.
As for me, I used Plesk Autoinstaller to download only those packages
that was permitted by Plesk license (it's more bandwidth savvy).  All in
all, you need some RPMs from the Plesk distribution _before_ the actual
installation starts.

Below is a rough list of preparation steps to get Owl 2.0-stable Plesk
ready:

1. echo "RedHat Enterprise Linux 4 (Owl 2.0-stable)" > /etc/redhat-release
   This is needed to fool Plesk that we are on RHEL4 :), you also can do
   this with installer's options, but I think writing a file is much
   more simple. :)

2. RHEL4 is using RPM 4.3 but Owl uses RPM 4.2 so

   # cd /usr
   # ls librpm*-4.2.so | sed 's#4\.2#4\.\{2,3\}#g' | /bin/sh -c 'ln -s {}'

3. Plesk performs some dependency checks before installation and refuses
   to start the installation if it detects some deps that it cannot
   satisfy.  Let's help Plesk and remove these:

   # rpm -e postfix mutt openntpd

4. RHEL don't mind you having long account names but Owl restricts them
   to 8 characters.  Unfortunately, the RH webalizer package uses a long
   name so we need to mimic it here:

   # useradd -s /sbin/nologin -d /var/www/usage webalize
   # for f in /etc/passwd /etc/groups /etc/tcb/webalize/shadow ; do
         sed -i 's,^webalize:,webalizer:,g' $f
     done
   # mv /etc/tcb/webalize /etc/tcb/webalizer

   NB: pwck will bark on 'webalizer' but we will fix this later.

=== the tough part begins :) ===

Here I'm describing how to fool Plesk with custom builds of MySQL and
Apache (these are essential parts).  If you opt to use re-build packages
you need to simply install but I haven't checked this...  JFYI, Plesk
would pass its install check for MySQL if any package on the system is
providing libmysqlclient.so.14 (MySQL 4.1.* client library).

5. install MySQL + compat (libmysqlclient.so.14) somewhere on the
   system.

   I've built MySQL 5.0.41 and MySQL 4.1.22 (for libmysqlclient.so.14)
   from sources and installed MySQL 5.0.41 into /opt/mysql/5.0.41.
   Then I copied libmysqlclient.so.14* to /opt/mysql/5.0.41/lib/ and
   did the following:

   # cd /opt/mysql
   # ln -s 5.0.41 current
   # echo "/opt/mysql/current/lib" > /etc/ld.so.conf.d/mysql.conf
   # chmod 0644 /etc/ld.so.conf.d/mysql.conf
   # ldconfig
   # ldconfig -p | fgrep mysql # to check that it's here :)

   Plesk is using hardcoded paths :( so we need to create some symlinks
   to deal with this:

   # cd /usr/local/bin
   # ls -1 /opt/mysql/current/bin/ | xargs -i ln -s ../../../opt/mysql/current/bin/{}
   # cd /usr/bin
   # for f in mysql mysqladmin ; do
        ln -s ../local/bin/$f
     done

   Plesk expects to see mysql.sock in /var/lib/mysql/ .  I configured my
   MySQL at the compile time, but if your version of MySQL uses other
   socket path by default below is /etc/my.cnf I created for such cases:

===[ begin of /etc/my.cnf ]===
[mysqld]
set-variable=local-infile=0
datadir=/var/lib/mysql
log-error=/var/log/mysqld.log
socket=/var/lib/mysql/mysql.sock
#bind-address=127.0.0.1
tmpdir=/var/lib/mysql/tmp
skip-bdb

[mysql.server]
user=mysql
basedir=/var/lib

[mysqld_safe]
err-log=/var/log/mysqld.log
pid-file=/var/lib/mysql/mysqld.pid
skip-bdb

[client]
socket=/var/lib/mysql/mysql.sock
===[ end of file ]===

   Please not the commented line, you definitely would like to uncomment
   it after the installation of Plesk :) .

   You need also extract /etc/rc.d/init.d/mysqld from the Plesk provided
   package and install it to /etc/init.d/mysqld (or you could extract it
   from any recent RH distro, or create it manually -- it should honor
   'start', 'stop', and 'restart').  To extract from RPMs I'm using the
   following command: rpm2cpio path/package.rpm | cpio -id (note that
   this command would extract into the current directory, so it's better
   to be prepared [i.e. 'mkdir temp && cd temp' before the command])

   Now you need to create the mysql shell account (if it's not there
   already):

   # useradd -d /var/lib/mysql -s /bin/bash mysql

   All in all, you are completed with the MySQL installation when you are
   able to start/stop your MySQL server with simple 'service mysqld start'
   or 'service mysqld stop', your MySQL server is running under the mysql
   account, and you are able to login under 'root' (without password)
   into the MySQL database.

   If all of this is done shutdown MySQL and proceed with the next step.

6. Well, now we need to install Apache and I did it the same way :).
   Below are some comments though.

   I built the latest Apache 2.2.4 with bundled expat 1.95.2 while Plesk
   installs 1.95.7 (I believe that the shared libraries are compatible).

   The Apache has been installed into /opt/apache/2.2.4 and the
   /opt/apache/current symlink points to 2.2.4.

   /etc/ld.so.conf.d/apache.conf contains /opt/apache/current/lib

   I have created symlinks to /opt/apache/current/bin from /usr/local/bin
   for all Apache binaries.

   Essential: you need to extract /etc/httpd, /etc/logrotate.d/httpd from
   the Plesk provided RPM (or from any recent RH package for httpd).
   This is needed since Plesk will modify files under /etc/httpd during
   its installation (we will deal with this later :) )

   The /etc/init.d/httpd should be installed the very same way as we did
   for MySQL (either get one from some package or create yourself).

   In my Apache build suEXEC wrapper is located at /opt/suexec/current.
   So I touched /usr/sbin/suexec (Plesk will replace this file with its
   own suEXEC).

   You are done with this step when you are able to start/stop Apache with
   'service httpd start' and 'service httpd stop'.

=== the toughest part starts here :) ===

7. We need to prepare our system for Plesk's integrity check and need to
   ensure that it wouldn't try to install unneeded crap into our system.

   All this work is using already downloaded Plesk packages which (by
   default) are downloaded to /root/swsoft:

===[ sample output from my system ]===
test!root:~/swsoft# ls -l
total 40
drwx------ 4 root root  4096 Jun  1 20:47 PSA_8.1.1
-rw------- 1 root root 17796 Jun  2 07:54 plesk.inf3
-rw------- 1 root root   230 Jun  2 07:54 products.inf3
-rw------- 1 root root 10722 Jun  2 07:54 sitebuilder.inf3
test!root:~/swsoft#
===[ end of output ]===

    I'll refer to directories relative to the swsoft directory for
    simplicity.

    OK, we need to install the following packages with --nodeps:
    
===[ sample output from my system ]===
test!root:~/swsoft# ls -l PSA_8.1.1/update-rpm-RedHat-el4-i386/perl-DB*
-rw------- 1 root root 113421 Jun  1 21:00 PSA_8.1.1/update-rpm-RedHat-el4-i386/perl-DBD-MySQL-2.9004-3.1.i386.rpm
-rw------- 1 root root 476766 Jun  1 20:59 PSA_8.1.1/update-rpm-RedHat-el4-i386/perl-DBI-1.40-8.i386.rpm
test!root:~/swsoft#
===[ end of output ]===

   You might want what are the dependencies you are going to override
   by omitting '--nodeps' from the following command (there should be
   an unsatisfied dependency on MySQL only and we will satisfy this
   dependency on the next step):

   # rpm -Uvh PSA_8.1.1/update-rpm-RedHat-el4-i386/perl-DB* --nodeps

   The following command will modify the RPM package database but
   won't install anything on your system:

   # rpm -Uvh --justdb --nodeps PSA_8.1.1/update-rpm-RedHat-el4-i386/{mysql,httpd,mod_,rpm-libs}-*

   As the result of the command above the following packages will be
   selected and "installed" into the system RPM database:

   mysql-4.1.20-1.RHEL4.1.i386.rpm
   mysql-server-4.1.20-1.RHEL4.1.i386.rpm
   httpd-2.0.52-25.ent.i386.rpm
   httpd-suexec-2.0.52-25.ent.i386.rpm
   mod_perl-1.99_16-4.i386.rpm
   mod_ssl-2.0.52-25.ent.i386.rpm
   rpm-libs-4.3.3-18_nonptl.i386.rpm

   Just to explain: we already have MySQL and Apache, and there is a
   hack to emulate librpm*-4.3.so with our RPM 4.2.  If you want to
   take advantage of mod_* Apache modules then you need to rebuild
   you Apache to support these mod_*.  For example, my Apache doesn't
   support mod_perl so if anybody enable the mod_perl support through
   the Plesk web-panel - Apache won't start - so be careful with the
   configuration of Apache/Plesk.

   Another note: if you installed MySQL compatibility libraries using
   RPM (i.e one of the installed packages provides libmysqlclint.so.14)
   you can omit 'mysql' from the command -- Plesk will be happy to
   work with your compat package.  On my system, I built MySQL from
   sources, therefore I need to fake RPM that something is providing
   the necessary files :) .

=== mate, are you ready to rock? :) - Installing Plesk ===

8. Before starting the Plesk Autoinstaller I performed the following
   steps (though I think this is unnecessary):

   # service mysqld start
   # service httpd start
   # umask 022

   I think that these are not needed since Plesk start/stops services
   during the installation process automatically, and thanks to Owl
   patched RPM umask is correct during the packages installation.

   Well, everything is ready and we are starting the installation:

   # ./psa_installer_v3.1.2_build070321.17_os_RedHat_el4_i386

   (this is the latest version of Autoinstaller [as for 2007-06-02],
    but yours might be newer :) )

   There will be several configuration screens -- configure the thing
   as you like.  I just want to note that not all components were
   tested (I've installed core, anti-spam, backup, migration agent,
   and two or three other packages along with several language packs)

   Watch for the installation progress, if there is any fatal error
   is reported and the installation fails -- you are out of luck.
   There is no way to resume the Plesk installation gracefully.
   However, during my research I found that if you remove the psa
   package you could try to re-run the installation and it will
   likely continue past the failure point (if you fixed the cause
   indeed).  Frankly speaking, I prefer to test the installation
   inside a VPS and once I'm confident that everything is OK create
   a new VPS and perform a clean installation of Plesk since the
   developers don't bother to implement/test their installer
   thoroughly.

9. I hope that you get this far. :) This means that you the Plesk
   control panel is running, BIND has been reported as failed to
   restart, and there are some issues with Apache.

   a) to fix bind just revert Plesk's change:

      # mv /etc/rndc.conf.saved_by_psa /etc/rndc.conf
      # service named reload # to check that it's OK

   b) if you want to be able to edit BIND configs through Plesk
      you need to remove /var/named/run-root/var and make a
      symlink to /var/lib/bind/zone instead, also you need to
      do the similar thing with 'etc'.  I haven't investigated
      this approach since I need more flexibility and I have
      developed scripts to extract zone information from the
      Plesk maintained zones in /var/named/run-root and update
      my running (and more secure) instance of BIND :).
      Actually, I have tweaked Plesk further and it maintains
      the zones in the /var/lib/plesk [I have reworked the
      whole directory layout for Plesk but this is another
      story]

   c) if you installed Apache from the rebuilt RH package, then
      it is very likely that everything is already working,
      Otherwise, I think that you are clever enough to find your
      own way on how to include Plesk changes (performed in
      /etc/httpd/conf/*) into your Apache configuration (there
      are too many approaches to describe them).

   d) point your browser to https://<IP_of_your_server>:8443 and
      login as 'admin' with password 'setup'.  Follow on-screen
      instructions to setup your Plesk installation.

=== things to do, but which are not covered in this message ===

* you might want to scan your system for '*.saved_by_psa', review
the changes maiden, and adjust the changed configuration files if
you don't agree with SWsoft.  Please make special attention to
/etc/pam.d/* -- I believe that you would like to adjust at least
these.

* do you remember I promised that we will handle the long name issue
with 'webalizer'?  I haven't investigated how to fix this yet (I've just
reverted the name to 'webalize' since I'm using AWstats for webstats),
but the idea is to find the place where Plesk determines uid using the
'webalizer' name and patch this place to use a short name instead.

* I have binary modified the following files to replace
librpm*-4.3.so with librpm*-4.2.so but perhaps this is overkill.

P.S. I hope that it was worth to type all of this and that this
message will help make Owl more publicly recognized.  But more
important, I hope that I have helped somebody to make their
life easier :).

If you have any questions re: this text - feel free to ask here (in the
owl-users mailing list) or via private message to
<galaxy-at-openwall.com> (I hate spam so I obfuscated my address
a little bit).

-- 
(GM)


-- 
To unsubscribe, e-mail owl-users-unsubscribe@...ts.openwall.com and reply
to the automated confirmation request that will be sent to you.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.