• The line "joe /etc/ld.so.conf" causes the file ld.so.conf to be opened within a text editor. Use the editor to insert the following line at the very top. Then save the file and close the text editor.

/usr/local/ssl/lib

• On most Slackware systems, the libraries for openssl are in /usr/lib whether you wanted them to be installed or not. I don't know why the command ld -lssl fails on out-of-the-box Slackware installs. The technique listed above will get rid of the old libraries and fix the dreaded "ld -lssl not found" problem.

• The line "joe /usr/local/etc/sshd_conf" causes the file sshd_conf to be opened within a text editor. Use the text editor to find the three lines listed below, uncomment them, and edit them appropriately for your system. Then save the file and close the text editor. I usually change the port to something weird like 8011 to avoid automated attacks, change the PermitRootLogin to no, and leave the PermitEmptyPasswords as no.

#Port 22
#PermitRootLogin yes
#PermitEmptyPasswords no

• The line "joe ntpdate/ntpdate.c" causes the file ntodate.c to be opened within a text editor. Use the text editor to comment out the line with the phrase "host found". On ntp-4.2.0, it's line 1351. The reason you are commenting it out is because when you run ntpdate, the annoying phrase "host found" appears and is really annoying since you cannot redirect it.
• The last two lines cause the files ntp.conf and ntp.drift to be opened within text editors. Use the text editor to edit them appropriately for your system. Then save the file and close the text editor.
• Here is a sample of a working ntp.conf:

server tick.mit.edu
server tick.usno.navy.mil
driftfile /etc/ntp.drift

• Here is a sample of a working ntp.drift (to start; over time, ntpd edits this file to overcome local inaccuracies):

0.0

Notes:

• The line "joe Sendmail.conf" causes the new, empty file Sendmail.conf to be created and opened within a text editor. It should contain one line, in the format shown below:

pwcheck_method: saslauthd

• The line "devtools/Site/site.config.m4" causes the new, empty file site.config.m4 to be created and opened within a text editor. Shown below are the contents of the file site.config.m4:

APPENDDEF(`confENVDEF', `-DSASL=2')
APPENDDEF(`conf_sendmail_LIBS', `-lsasl2')

• The line "joe sendmail.mc" causes the file sendmail.mc to be opened within a text editor. Edit this file to be identical to the lines below:

divert(0)dnl
VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $')
OSTYPE(linux)dnl
FEATURE(access_db)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
TRUST_AUTH_MECH(`LOGIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN')dnl
MAILER(smtp)dnl

• The line "joe /etc/mail/local-host-names" causes the new, empty file local-host-names to be created and opened within a text editor. Shown below are the contents of the file local-host-names:

localhost

• The line "joe access" causes the new, empty file access to be created and opened within a text editor. Shown below are the contents of the file access:

localhost relay

• The line "joe /etc/ld.so.conf" causes file ld.so.conf to be opened within a text editor. Insert the following path at the end of ld.so.conf:

/usr/local/mysql/lib/mysql/lib

• To create a database named "test00", the username of that database be "joe", and a database password of "testpw":

/usr/local/mysql/bin/mysql -u root -p
mysql> create database test00;
mysql> grant all on test00.* to joe@localhost identified by "testpw";
mysql> quit

• none
  

• The line "joe /usr/local/apache/conf/httpd.conf" causes file httpd.conf to be opened within a text editor. Below is an example of the appropriate portions of httpd.conf after making the appropriate inserts for PHP 5:

LoadModule php5_module modules/libphp5.so
DirectoryIndex index.html index.php
AddHandler php5-script php
AddType text/html php

*** SEE NOTE ***

rm -R install contrib
chmod 744 config.php

• Browse to the phpBB2 directory and invoke index.php; edit the settings appropriately and save config.php.

• The line "joe /usr/local/samba/lib/smb.conf" causes the new, empty file smb.conf to be created and opened within a text editor. A basic, working smb.conf file is shown below:

[global]
	workgroup = WORKGROUP
	server string = Test Samba Server
	log file = /usr/local/samba/var/log.%m
	log level = 1
	max log size = 50
	security = user
	socket options = TCP_NODELAY
	local master = no
	os level = 08
	domain master = no
	dns proxy = no
	encrypt passwords = yes
	unix password sync = no
	load printers = no

[root]
	comment = Root Filesystem
	path = /
	browseable = yes
	writeable = yes
	printable = no
	guest ok = no
	valid users = root

• After all is said and done, and all the services have been compiled and installed, then it's time to make sure they run upon boot.
• On most Slackware systems, sshd is invoked from within rc.sshd, but I don't like that. I stick all my post-install services in rc.local so I can keep an eye on them, plus it makes the boot screen prettier. So, after editing your rc.local, be sure to delete rc.sshd. Same goes for ntpd, and so on. You might have to edit rc.S, rc.M, and so on, to get rid of pre-installed calls.
• Make sure that your services start in some sort of logical sequence. Setting the system time is pretty important, so that gets done right up front. Then the rest of the services start in order of what is important, and what depends on what being loaded first (saslauthd before sendmail and so forth).
• Yes, I'm a member of the RC5 project! If you found any portion of this guide to be useful, then please consider joining their effort. It would be even better if you joined my team!

echo ; echo "*** Activating Local Server Settings ***" ; echo

echo "Starting IPv4 packet forwarding (disable)..."
echo 0 > /proc/sys/net/ipv4/ip_forward

echo "Starting ntpd.."
/usr/local/bin/ntpdate -s -b tick.usno.navy.mil >> /dev/tty7
/bin/sleep 4
/usr/local/bin/ntpd

echo "Starting sshd..."
/usr/local/sbin/sshd

echo "Starting named..."
/usr/local/sbin/named

echo "Starting dhcpd..."
/usr/sbin/dhcpd -q eth1

echo "Starting iptables..."
/usr/sbin/iptables --flush
/usr/sbin/iptables --table nat --flush
/usr/sbin/iptables --delete-chain
/usr/sbin/iptables --table nat --delete-chain
/usr/sbin/iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
/usr/sbin/iptables --append FORWARD --in-interface eth1 -j ACCEPT
# Forward incoming web requests to the 192.168.1.10 machine:
/usr/sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-dest 192.168.1.10
/usr/sbin/iptables -A FORWARD -p tcp -i eth0 --dport 80 -d 192.168.1.10 -j ACCEPT

echo "Starting saslauthd..."
/usr/local/sbin/saslauthd -a shadow

echo "Starting sendmail MTA daemon..."
/usr/sbin/sendmail -L sm-mta -bd -q25m
echo "Starting sendmail MSP queue runner..."
/usr/sbin/sendmail -L sm-msp-queue -Ac -q25m

echo "Starting mysqld..."
/usr/local/mysql/bin/mysqld_safe --skip-networking >> dev/tty7 &
/bin/sleep 4

echo "Starting Apache..."
/usr/local/apache/bin/apachectl start

echo "Starting Samba..."
/usr/local/samba/sbin/nmbd -D
/usr/local/samba/sbin/smbd -D

echo "Starting RC5..."
/usr/bin/rc5/dnetc -ini /usr/bin/rc5/dnetc-alt.ini >> /dev/tty8 &

echo "Starting IPv4 packet forwarding (enable)..."
echo 1 > /proc/sys/net/ipv4/ip_forward

• Must recompile the Linux kernel to include "IPSec User Configuration Interface" and "PF_KEY Sockets"
• Must create the keyfile after installing OpenS/WAN:
  1) ipsec newhostkey --output /etc/ipsec.secrets --hostname xy.example.com
  2) chmod 600 /etc/ipsec.secrets
• Add these two lines to /etc/sysctl.conf:
  net.ipv4.conf.default.send_redirects = 0
  net.ipv4.conf.default.accept_redirects = 0
• Add these three lines to /etc/rc.d/rc.local:
  echo "Starting OpenS/WAN..."
  /usr/rm -R /var/run/pluto
  /etc/rc.d/ipsec start