Hi all, I run a VPS server over at Hosteurope's with a Debian barebone pre-installed and no Plesk. When I first got it, I upgraded from Etch to Lenny, then installed ISPConfig 2 and everything went fine. Recently I changed my hosting scale for a much better offer at the same rate. It is now Debian 5 x64bit with Apache and apparently also MySQL preinstalled. I decided to stick with ISPConfig 2 because it seems to have more add-ons and a better documentation. I configured the Server like instructed here: http://www.howtoforge.com/perfect-server-debian-lenny-ispconfig2 Everything went well and as inspected, with one exception: I was not asked for a root password (nor anything else) when installing the mysql-client/server. So I decided to specify a password manually. I then edited the my.cnf, restarted mysqld and checked via netstat whether it was active. It was, but it listened on an unspecific port (25949). - Since then it has been listening on different ports whenever I restarted the daemon. I went on with configuring, then installed ISPConfig2. All went well until the end when the last configuration data about databases and domain have to be inserted. Here is what happened (quotes are in German, because that was the installation language I had chosen): The routine kept asking me the same question over and over again although the server was running; I tried all combinations of host- and domain names, plus the IP. Nothing worked and I had to abort the installation. Does this have anything to do with the fact that I'm running a 64bit OS? And what could I do? I tried uninstalling / reinstalling MySQL, but I failed because there were far more packages than only "mysql-server", "mysql-client" and "libmysql15-dev"; when purging those, the server would still be running. Thanks a lot for your time.
Oh sorry, yes. In fact, I was going to do that hours ago, even had it copied to clipboard already, but then the phone rang and I forgot. Here it is: Code: # # The MySQL database server configuration file. # # You can copy this to one of: # - "/etc/mysql/my.cnf" to set global options, # - "~/.my.cnf" to set user-specific options. # # One can use all long options that the program supports. # Run program with --help to get a list of available options and with # --print-defaults to see which it would actually understand and use. # # For explanations see # http://dev.mysql.com/doc/mysql/en/server-system-variables.html # This will be passed to all mysql clients # It has been reported that passwords should be enclosed with ticks/quotes # escpecially if they contain "#" chars... # Remember to edit /etc/mysql/debian.cnf when changing the socket location. [client] port = 3306 socket = /var/run/mysqld/mysqld.sock # Here is entries for some specific programs # The following values assume you have at least 32M ram # This was formally known as [safe_mysqld]. Both versions are currently parsed. [mysqld_safe] socket = /var/run/mysqld/mysqld.sock nice = 0 [mysqld] # # * Basic Settings # user = mysql pid-file = /var/run/mysqld/mysqld.pid socket = /var/run/mysqld/mysqld.sock port = 3306 basedir = /usr datadir = /var/lib/mysql tmpdir = /tmp language = /usr/share/mysql/english skip-external-locking # # localhost which is more compatible and is not less secure. # bind-address = 127.0.0.1 # # * Fine Tuning # key_buffer = 16M max_allowed_packet = 16M thread_stack = 128K thread_cache_size = 8 # This replaces the startup script and checks MyISAM tables if needed # the first time they are touched myisam-recover = BACKUP #max_connections = 100 #table_cache = 64 #thread_concurrency = 10 # # * Query Cache Configuration # query_cache_limit = 1M query_cache_size = 16M # # * Logging and Replication # # Both location gets rotated by the cronjob. # Be aware that this log type is a performance killer. #log = /var/log/mysql/mysql.log # # Error logging goes to syslog. This is a Debian improvement :) # # Here you can see queries with especially long duration #log_slow_queries = /var/log/mysql/mysql-slow.log #long_query_time = 2 #log-queries-not-using-indexes # # The following can be used as easy to replay backup logs or for replication. # note: if you are setting up a replication slave, see README.Debian about # other settings you may need to change. #server-id = 1 #log_bin = /var/log/mysql/mysql-bin.log expire_logs_days = 10 max_binlog_size = 100M #binlog_do_db = include_database_name #binlog_ignore_db = include_database_name # # * BerkeleyDB # # Using BerkeleyDB is now discouraged as its support will cease in 5.1.12. skip-bdb # # * InnoDB # # InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/. # Read the manual for more InnoDB related options. There are many! # You might want to disable InnoDB to shrink the mysqld process by circa 100MB. #skip-innodb # # * Security Features # # Read the manual, too, if you want chroot! # chroot = /var/lib/mysql/ # # For generating SSL certificates I recommend the OpenSSL GUI "tinyca". # # ssl-ca=/etc/mysql/cacert.pem # ssl-cert=/etc/mysql/server-cert.pem # ssl-key=/etc/mysql/server-key.pem [mysqldump] quick quote-names max_allowed_packet = 16M [mysql] #no-auto-rehash # faster start of mysql but no tab completition [isamchk] key_buffer = 16M # # * NDB Cluster # # See /usr/share/doc/mysql-server-*/README.Debian for more information. # # The following configuration is read by the NDB Data Nodes (ndbd processes) # not from the NDB Management Nodes (ndb_mgmd processes). # # [MYSQL_CLUSTER] # ndb-connectstring=127.0.0.1 # # * IMPORTANT: Additional settings that can override those from this file! # The files must end with '.cnf', otherwise they'll be ignored. # !includedir /etc/mysql/conf.d/
Here it is: Code: tcp 0 0 *:ssh *:* LISTEN 32729/sshd tcp 0 0 *:smtp *:* LISTEN 1464/master tcp 0 0 *:https *:* LISTEN 1838/apache2 tcp 0 0 *:mysql *:* LISTEN 9332/mysqld tcp 0 0 *:www *:* LISTEN 1838/apache2 tcp6 0 0 [::]:ssh [::]:* LISTEN 32729/sshd tcp6 0 0 [::]:smtp [::]:* LISTEN 1464/master tcp6 0 0 [::]:imaps [::]:* LISTEN 1337/couriertcpd tcp6 0 0 [::]:pop3s [::]:* LISTEN 1378/couriertcpd tcp6 0 0 [::]:pop3 [::]:* LISTEN 1343/couriertcpd tcp6 0 0 [::]:imap2 [::]:* LISTEN 32764/couriertcpd I did establish a new rule in the virtuozzo internal firewall, however I am not quite sure about the port settings, so I set it to: Code: Policy: accept Protocol: TCP Source address: any Source port: any Destination address: any Destination port: 3306
Sure, I'll try. The reason why this didn't occur to me is that I already ran a ISPConfig2 installation under the same control panel software successfully before. But it could of course be a firewall configuration issue. Can't remember how I set it up last time. Yesterday I checked, realized I had only added a firewall rule for incoming connections, and added a server rule for outgoing ones. That did not resolve the problem, unfortunately. I am now trying to find out how to disable this firewall without deleting every single rule manually. Once I've figured this out, I'll try again and post back here. Thanks once more for your time.
Hi, sorry for the delay. It took me a while to find out that what this panel is operating is no more than a simple Iptables ruleset. I stopped Iptables, and ISPConfig installed without a problem. But I lost my original customized ruleset in the process of experimenting on panel level, and I now have 20 rules less than before which I will hardly be able to reconstruct. On top of that, I still don't know exactly what went wrong with the MySQL rule before. So my question: Is there an IPtables ruleset known to work well with all aspects of ISPConfig that I could download/copy from somewhere?
Just enable the firewall in ispconfig, it uses the bastille firewall scripts to create the iptables rules.
