  Virtfs User Guide
  Afra Ahmad
  v3.0, April 04 2001 - afra@prongs.org

  This document covers why, how and where to set up Virtfs, a Perl
  script which aids in setting up virtual servers. Virtfs is ideal for
  medium sized ISP's hosting many virtual servers. This may seem a lot
  to read, but there isn't really.
  ______________________________________________________________________

  Table of Contents























































  1. Introduction

     1.1 Is this for you?
     1.2 How Virtfs works
     1.3 virtuald
     1.4 Advantages
     1.5 Disadvantages

  2. Documentation Revisions

  3. Installation

  4. tcp_virtuald

  5. Pre-Setup: Template Filesystem

     5.1 Template Filesystem
     5.2 Setting up a template filesystem
        5.2.1 <Template>
        5.2.2 <Custom Template>
        5.2.3 <Passwd File>, <Shadow File> and <Group File>
     5.3 Executing virt_template.pl

  6. Creating Virtual Servers

     6.1 Please check!
     6.2 IP Aliasing
     6.3 DNS
     6.4 Virtuald
     6.5 tcp_virtuald
     6.6 Virtfs
        6.6.1 Introduction
        6.6.2 /etc/virt.conf Configuration
     6.7 The FTP files
     6.8 The ldconfig files
     6.9 Virtrun

  7. The Virtual Server Administator

     7.1 The Administrator account: admin
     7.2 Why?
     7.3 The Administrator's access rights
     7.4 Changing the rights of the Administrator
     7.5 Disadvantages

  8. Post Server Setup

     8.1 FTP Files
     8.2 ldconfig
     8.3 Log directories

  9. Common Virtual Services

     9.1 Configuration Files
     9.2 Specifying Paths to Services
     9.3 FTP
     9.4 Mail
     9.5 Sendmail
        9.5.1 sendmail.cw
           9.5.1.1 sendmail.virtfs
     9.6 Qmail
     9.7 World Wide Web
     9.8 Other

  10. xinetd

  11. Logging

     11.1 Virtfs Logging
     11.2 Virtuald Logging
     11.3 tcp_virtuald Logging

  12. References



  ______________________________________________________________________

  11..  IInnttrroodduuccttiioonn

  Based on the Virtual Services HOWTO (Brian Ackerman), Virtfs will make
  hosting virtual servers in an organized and relatively easy fashion.
  With this Perl script, you will be able to add and delete virtual
  servers, as well as set up the virtual servers for Apache, FTP, and E-
  mail. In addition, typical system administration tasks can be carried
  out, such as adding/removing users and groups, and simple Sendmail
  configuration.

  Please have Ackerman's Virtual Services HOWTO handy as you read this
  document. Hopefully this document will explain everything to get you
  up and running with Virtfs.


  11..11..  IIss tthhiiss ffoorr yyoouu??

  If you are thinking of setting up one or two small virtual servers,
  then Virtfs is probably not for you: whilst using Sendmail's virtual
  email support (and the such), you should be fine. However, if you will
  be setting up many virtual servers (ie. an ISP setting up a virtual
  server for each of their clients), you may want to use Virtfs. That
  is, if your clients want a dedicated filesystem. For example, they
  would like a system with their own passwd file (so they can add/remove
  users themselves), or when they log in to their virtual server, no
  other client has access to their filesystem - as all virtual servers
  are hidden from one another. Each server can have different users and
  groups from one another.

  However, if you are thinking of running a few virtual servers which do
  not require special customization, and will handle a few users, you
  may want to look at the Pocket ISP based on RedHat Linux HOWTO
  (written by Anton Chuvakin).


  11..22..  HHooww VViirrttffss wwoorrkkss

  There are quite a few methods used for virtual servers, however Virtfs
  takes advantage of the system's chroot features. What chroot does is
  set any given directory on your filesystem to a root directory. For
  example, chroot can set /home/user to the / directory (although if you
  try it now, it may not work complaining that a shell could not be
  found).

  By copying the main files (and directory structure) from the main
  server to a specific location, we create a template of what each
  virtual server consists of. Then, for each virtual server you want to
  create, we link them to the template that we created. This saves drive
  space as well as organizing everything.

  But how does the process of Virtual Servers actually occur? If we
  create a virtual server (say, vserver.com) in the directory,
  /virtual/vserver.com, we chroot to /virtual/vserver.com and everything
  is set up as a virtual server. Upon executing chroot on
  /virtual/vserver.com, the /etc directory will in fact be
  /virtual/vserver.com/etc and not /etc (as we know it on the main
  server). So, if a client edited vserver's /etc/passwd file, it will in
  no way be affecting the main server's passwd file. The client will be
  editing their /etc/passwd file but in reality they are editing
  /virtual/vserver.com/etc/passwd. To them, when they are editing
  /etc/passwd, they are actually editing /virtual/vserver.com/etc/passwd
  on the main server.

  In addition to this, once you are within a virtual server, you cannot
  see the files belonging to the main server. Therefore a client would
  not be able to see another client's filesystem, or even the main
  server. To them, their virtual server is their "main" server, and they
  cannot see beyond that.

  Services (ie. FTP, E-mail, Samba, etc..) for each virtual system will
  run individually from one another, and even from the main system.


  11..33..  vviirrttuuaalldd

  When you FTP into a server, how does it differentiate which virtual
  directory to chroot to? This is done by a small wrapper (written in C)
  that informs your services (usually set up in /etc/inetd.conf) where
  to start. Tha name of this nifty program is virtuald. Basically
  virtuald reads in a configuration file and matches the IP address of a
  server called upon to the directory where the files reside. Virtuald
  then hands this information off to the service, and the service
  carries on as usual.

  For example, you set up a virtual server, vserver1.com, and
  vserver2.com. In your configuration file you map out the IP address
  for each of these servers, to point to their proper location on your
  main server (/virtual/vserver1.com and /virtual/vserver2.com). You
  configure your inetd to run a specific service through virtuald, say
  FTP.

  When a user FTP's to vserver2.com, virtuald will lookup the directory
  for the certain server, and chroot to it, setting
  /virtual/vserver2.com to make it seem like the root (/) directory to
  the user. The FTP service will then know where to start. If no
  matching IP address is found, the service runs through as normal
  logging into the main server. For each service there should be a
  different configuration file.

  Don't worry about the configuration files, as Virtfs automatically
  adds or deletes the entries within it as needed. Virtuald is contained
  within the Virtfs package.


  11..44..  AAddvvaannttaaggeess

  One of the main advantages on seperating your virtual servers this
  method, is control. You, the system administrator, has total control
  of each filesystem.

  Another advantage is the flexibility of running different services for
  different servers. As in the above example, we could have easily shut
  off FTP service for vserver2.com but kept it on for vserver1.com.
  Also, a user at vserver2.com, say bob@vserver2.com is not the same as
  bob@vserver.com, or even bob@mainserver.com (Sendmail will not get
  confused as virtuald will sort everything out, prior to Sendmail
  kicking in). This method causes the main server not to be cluttered up
  with your client's email accounts. They will be all contained within
  their own directory.

  11..55..  DDiissaaddvvaannttaaggeess

  A big disadvantage is disk space. Creating many filesystems can get
  expensive, but there are some ways to combat this. If users on a
  virtual server do not need X-Windows, don't copy it over (and files
  supporting it). If users do not need Emacs, don't copy it over, and so
  on. For each virtual server, you can pick and choose what should
  reside on it. Just as long as the important base system (in addition
  to what services each virtual server needs) exists it should be fine.

  You can hard link binaries from the main server to your virtual
  servers, that need to be used. When I create virtual servers, they
  usually take up about 10-15 MB.


  22..  DDooccuummeennttaattiioonn RReevviissiioonnss

  Changes from v.2.0 to v.3.0

  +o  Upgraded docs for Virtfs 0.70.0

  +o  Grammar/Spelling fixes.

  Changes from v.2.0 to v.2.3

  +o  Edited the Sendmail section as Virtfs 0.60.0 now takes care of most
     of the editing of sendmail files.

  +o  Described the ld.so.conf file creation

  Changes from v.1.5 to v2.0

  +o  Described the Template Directory (updated for Virtfs v.0.55.0)

     Changes from v.1.0 to 1.5

  +o  Added more information on how to use tcp_virtuald

  +o  Some additions and changes per users feedback.


  33..  IInnssttaallllaattiioonn

  The virtfs package comes tarred up with:

  +o  virtuald - The wrapper which runs when a service (FTP, Email,
     etc..) is called upon.

  +o  tcp_virtuald - The same wrapper as virtuald, but this one is if you
     want to use tcp wrappers (ie. tcpd hosts.allow and hosts.deny
     files).

  +o  virt_template.pl - A Perl script to aid in creating the template
     filesystem.

  +o  virt_template.conf - The configuration script for virt_template

  +o  virtfs - The tool used to help set up virtual server.

  +o  virtrun - A simple script to execute a specific command on a
     virtual server.

  +o  sendmail.virtfs - A daemon to start up and end Sendmail services
     for all your virtual servers.


  +o  virt.conf - The configuration file used for virtfs. You may have to
     edit this.

  To compile the source simply type make from the directory where you
  untarred the package.

  make install will install the files to /usr/local/bin except for
  virt.conf, which is copied to the /etc/ directory. Only root can
  execute these programs and edit the configuration files.

  If installing from a RPM, the files will be installed just as above,
  but instead the location will be /usr/bin instead of /usr/local/bin
  (configuration files will still be in /etc).

  Now you are ready to set up the _t_e_m_p_l_a_t_e _f_i_l_e_s_y_s_t_e_m. Please read more
  below on how to set this up (it's easy).


  44..  ttccpp__vviirrttuuaalldd

  As of Virtfs 0.42.0, there is a file called tcp_virtuald.c which is
  very similar to virtuald. This file does exactly what virtuald does
  using the same methods. The only difference in tcp_virtuald is the
  ability to configure services using TCP wrappers, making it possible
  to use tcpd hosts.allow and hosts.deny files.

  There is one difference between both versions of virtuald and that is
  the method used to configure service, but this is described later in
  this guide.


  55..  PPrree--SSeettuupp:: TTeemmppllaattee FFiilleessyysstteemm


  55..11..  TTeemmppllaattee FFiilleessyysstteemm

  Prior to setting up virtual servers, you must create a tteemmppllaattee
  ffiilleessyysstteemm, which will be used to decide what files each virtual
  server will contain. In other words, you must create a small Linux
  Filesystem. The files within the template filesystem will be hard
  linked to each virtual server you create.  The template directory will
  be the directory and file structure for your virtual servers -
  whatever is in the template directory will be what each virtual server
  you create will contain. This may seem a hassle but there are many
  reasons this must be done. In order for the files to be linked over,
  they must all be within the same partition (most servers have multiple
  partitions). Virtfs uses links to create virtual servers to save hard
  drive space. For example, if you are running about six virtual servers
  and copied all the files over for each server, this would amount to
  about 700Mb in itself. By linking, however, this problem is
  eliminated. Each server will take up about 5-10Mb. However not _a_l_l of
  the filesystem is linked over. For example, /etc/hosts, /etc/HOSTNAME,
  etc - system specific files are not linked and therefore are not
  included in the template filesystem.

  Another advantage to the template filesystem is that you can configure
  what files should be copied over to the virtual servers. Would you
  want the "virtual users" to have access to developmental tools? SSH?
  You can specify which files should be included with each virtual
  server by copying them to the template filesystem.

  To recap, the process in creating virtual servers is simple. Firstly,
  a template directory is created and whatever files you specify will be
  copied over to the template filesystem. Then, when you want to create
  virtual servers, the files from the template filesystem are hard
  linked to the virtual server - Virtfs handles this for you upon
  creation of a virtual server. You will have to make sure that the
  template directory is within the same partition as the virtual
  servers, ie within the /virtual directory (if you stick to the
  suggested configuration). If you don't please make changes to the
  _L_e_a_d_i_n_g _V_i_r_t_u_a_l _D_i_r_e_c_t_o_r_y variable within /etc/virt.conf.

  The basic structure of this is:



                                  --------------------
                                  |  MAIN SERVER: /  |
                                  ____________________
                                          |
                                          |
                                          V direct copy
                                          |
                         -----------------------------------------
                         | Template Filesystem /virtual/template |
                         -----------------------------------------
                            |                          |     |
          hard links        ^                          ^     ---------<--------------
                            |                          |                            |
                            |                          |                            |
                        -----------------        ------------------           ------------------
                        |   a.com        |       |     b.com      |           |    c.com       |
                        | /virtual/a.com |       | /virtual/b.com |           | /virtual/c.com |
                        -----------------        ------------------           ------------------





  55..22..  SSeettttiinngg uupp aa tteemmppllaattee ffiilleessyysstteemm

  This section describes how to configure the template filesystem from
  the /etc/virt_template.conf file.


  55..22..11..  <<TTeemmppllaattee>>

  To specify what files should be copied over to the template
  filesystem, edit the /etc/virt_template.conf file. Within the
  <Template> section, you will notice, for example:


       bin_files = ls echo bash ...




  In the above example the bin_files variable holds the names of the
  files which are to be copied from the main server's /bin directory to
  the template filesystem, ie /virtual/template/bin. Seperate each
  filename with a space.

  Therefore, from the value of bin_files above, each virtual server will
  contain ls, echo, bash and whatever else was specified. Here is an
  outline of which directories are dealt with:


  +o  bin_files - Files within the //bbiinn directory to be copied over.

  +o  sbin_files - Files within the //ssbbiinn directory to be copied over.


  +o  usr_bin_files - Files within the //uussrr//bbiinn directory to be copied
     over.

  +o  usr_sbin_files - Files within the //uussrr//ssbbiinn directory to be copied
     over.

  +o  usr_local_bin_files - Files within the //uussrr//llooccaall//bbiinn directory to
     be copied over.

  +o  etc_files - Files within the //eettcc directory to be copied over.

  If you would like to copy a whole directory to the template directory,
  for example /usr/sbin/some_dir, you may list some_dir/* within the
  usr_sbin_files list. Another alternative is to edit the <Custom
  Template> section (below).

  You must be asking yourself about the /etc/ directory. Since this
  directory is very specific to each server, and not general such as the
  executables mentioned above, we must choose the files carefully. When
  creating a template, the sendmail configuration files are copied over
  (sendmail.cf) and some are created on the fly (sendmail.cw).

  By default the template directory will be /virtual/template but you
  can always change this value within /etc/virt_template.conf.



  55..22..22..  <<CCuussttoomm TTeemmppllaattee>>

  Within the same configuration file, virt_template.conf there is the
  <Custom Template> section. In this section, you can specify what _s_h_e_l_l
  _c_o_m_m_a_n_d_s should be executed aafftteerr virt_template.pl does all the
  copying of the files from the <Template> section. An example may be:


       cp -a /lib !!template




  The !!template will be replaced by virt_template.pl and it indicates
  the template directory. Therefore, the above is stating: cp -a /lib
  /virtual/template (if we choose to stick to the directory defaults).
  This section is for you to customise the template directory even fur-
  ther than the <Template> section.



  55..22..33..  <<PPaasssswwdd FFiillee>>,, <<SShhaaddooww FFiillee>> aanndd <<GGrroouupp FFiillee>>

  In these sections, you must specify the password, shadow and group
  files that will be copied over. I suggest copying these file to a
  sseeccuurree location on your main server first, and then editing them to
  delete the accounts you do not want on your virtual server. For
  example, you probably like to remove your normal users accounts.  But
  please keep the rroooott password, shadow and group entried unedited (you
  may change the password at a later time). So, for example, you may
  copy your main server's /etc/passwd, /etc/shadow and /etc/group files
  to a secure location, ie /root. Then edit the files to your
  preference. If your main server has the joe account, but your virtual
  servers should not contain this, remove the entries for the account
  from the passwd, shadow and group files. After the template directory
  is created, remove the temporary files!

  If you copy over the main server's password, shadow and group files,
  all those accounts (except for home directories) will be copied over,
  so I have left this option up to you for which accounts should stay
  and which should be removed.


  The Perl script vviirrtt__tteemmppllaattee..ppll creates the template directory. The
  script is interactive and will create the template filesystem for you.
  Once it has been created you can make changes to the directory.
  Remember it is this directory structure that each virtual server will
  link to, and only server specific files will be copied over.



  55..33..  EExxeeccuuttiinngg vviirrtt__tteemmppllaattee..ppll

  If you are happy with the configuration of /etc/virt_template.conf,
  you are now ready to create the filesystem. The Perl script,
  _v_i_r_t___t_e_m_p_l_a_t_e_._p_l will help you with this. The script will be
  informative and you will know what is going on.


  66..  CCrreeaattiinngg VViirrttuuaall SSeerrvveerrss


  66..11..  PPlleeaassee cchheecckk!!

  Before you continue, please check that your _t_e_m_p_l_a_t_e _f_i_l_e_s_y_s_t_e_m is all
  set and as root, try the following:


       chroot /virtual/template




  Try some commands within the chroot'd environment. It should appear
  like a mini Linux system. Make sure you are happy with the commands.
  If not, copy them over from the main server or edit the
  virt_template.conf file and try re-creating the template filesystem.


  66..22..  IIPP AAlliiaassiinngg

  To set up virtual servers to reside on one main server, you will need
  to set up IP Aliasing. This will have to be done with any method of
  hosting virtual servers that you choose. There is a HOWTO on this
  subject: Mini How-to on Setting Up IP Aliasing On A Linux Machine by
  Harish Pillay. That HOWTO should set you in the proper direction. Once
  you set up IP Aliasing for a virtual server, test it, ping it.
  Obviously it will point to your main server for now.


  66..33..  DDNNSS

  DNS for the servers should be set up normally. There is an HOWTO for
  this: DNS HOWTO by Nicolai Langfeldt.

  Although, as of Virtfs 0.70.0, the /etc/resolv.conf file for your
  virtual server will be created. Specifically you will want to change
  the values of the Primary DNS and Secondary DNS. When the virtual
  server has been created, /etc/resolv.conf will automatically be filled
  in.





  66..44..  VViirrttuuaalldd

  Explained above, virtuald is written in C (Brian Ackerman, from his
  HOWTO) which is meant to direct a specific service to the directory
  where a virtual service exists. It should be placed in your
  /etc/inetd.conf directory. More on this later..


  66..55..  ttccpp__vviirrttuuaalldd

  This file does exactly what virtuald achieves, but if you want your
  services to run through the tcpd service, you will want to use this
  version of virtuald. Details on implementing tcp_virtuald is described
  below.


  66..66..  VViirrttffss


  66..66..11..  IInnttrroodduuccttiioonn

  This is the Perl script which will help you setup and maintain your
  virtual servers. Virtfs uses dialog to present you with your choices
  in a simple but tidy look running from the command line. The main page
  for Virtfs has screenshots.



  66..66..22..  //eettcc//vviirrtt..ccoonnff CCoonnffiigguurraattiioonn

  This is an important configuration file that you _m_u_s_t look through
  before firing up Virtfs. There are two sections to this file: the
  <<CCoonnffiigguurraattiioonn>> and <<SShheellll CCoommmmaannddss>> sections. The <Shell Commands>
  section is very similar to the <Custom Template> section (as described
  above). This section is compromised of shell commands that virtfs will
  execute upon the creation of a new virtual server. You may not even
  need it, especially if you customised your template directory well.

  The <Configuration> section is well documented and easy to follow
  through. For example, if you would like to change the UI program from
  _d_i_a_l_o_g to _X_d_i_a_l_o_g, you may do so under the _D_i_a_l_o_g value.

  An important variable to edit (or not to) is the LLeeaaddiinngg VViirrttuuaall
  DDiirreeccttoorryy. Your template directory should be contained in this.
  Typically, the value of this is /virtual (your template directory
  would then be /virtual/template). This way, all your virtual servers
  will be stored in /virtual (for example, vserver.com will be in
  /virtual/vserver.com).

  Upon starting up Virtfs you have the choice to either create a new
  server, or maintain an existing virtual server that you have set up
  before. When you choose a virtual server to configure, you can delete
  the server, switch on/off FTP and Mail services, add/remove users and
  groups, set up Apache, etc. You can even log into the virtual server
  as a specified user. Virtfs should help in the daily administration
  tasks, basically.

  After setting up the networking and DNS configuration (for a virtual
  server), you will want to run Virtfs to set up your virtual servers.
  After setting them up, you may want to run Virtfs again and again to
  take care of the system administration for a particular virtual
  server.




  66..77..  TThhee FFTTPP ffiilleess

  In order to make ftp service work on your virtual servers, you may
  have to edit /etc/virt.conf to enable some files that are needed. You
  will have to edit the line:


       ftp files = /etc/ftpaccess /etc/ftpusers /etc/ftpconversions /etc/ftphosts




  Everytime a server is enabled, Virtfs copies the files from the main
  server (the values from the ftp files value) to the virtual server.
  These files are nnoott hhaarrdd lliinnkkeedd as each server may need their own copy
  of these files. These files are server dependant.


  66..88..  TThhee llddccoonnffiigg ffiilleess

  As of v.0.60.0, Virtfs will create a /etc/ld.so.conf file for your
  virtual server (this is for setting up your system's libraries). You
  can edit the directories which are first placed into the ld.so.conf
  file by editing /etc/virt.conf and changing the value of ldconfig
  libs. Each directory should be seperated by a space.


  66..99..  VViirrttrruunn

  Virtrun is another Perl script (real simple) which also uses dialog.
  If you are in a rush you can execute a command for a specific virtual
  server. For example, the listing of a particular directory, or to su
  over (even thoug Virtfs can achieve this for you). Virtrun basically
  does the chroot for you.


  77..  TThhee VViirrttuuaall SSeerrvveerr AAddmmiinniissttaattoorr


  77..11..  TThhee AAddmmiinniissttrraattoorr aaccccoouunntt:: aaddmmiinn

  Upon creation of a new virtual server (and as of Virtfs 0.70.0), an
  administrator user is created. The group and user admin is added to
  the virtual system (not the main one). With admin rights, system
  administrators for that virtual server may tweak configuration files
  for their virtual server, and there is no worry that it will affect
  the main server.


  77..22..  WWhhyy??

  Mainly for security. Giving root access to a client on a virtual
  service can lead to some harmful events. If there is an unknown break-
  in to the main server that can be done with root, this could be bad.
  To play things safe, it is best to give admin rights to the client.

  Only you should know the root password.


  77..33..  TThhee AAddmmiinniissttrraattoorr''ss aacccceessss rriigghhttss

  Virtfs, by default, assigns full access permissions to the following
  directories to the new virtual server:

  +o  /root - This will be the home directory for the admin account.

  +o  /usr/local/* - This will be where admin may compile and install new
     applications.

  +o  /home - admin will have full rights to all use directories.

  +o  /etc - Certain files in this directory so that they may tweak their
     own servers to how they like.

  +o  /var/ - Some directories in /var. This can be changed from
     /etc/virt.conf - the Admin Right section.


  77..44..  CChhaannggiinngg tthhee rriigghhttss ooff tthhee AAddmmiinniissttrraattoorr

  Within the Virtfs configuration file, you will see a section called
  <Admin Rights>. Within this section, you can specify what files or
  directories should automatically obtain full admin access rights. Be
  very careful in doing this, as the whole point of creating the admin
  account is for security.


  77..55..  DDiissaaddvvaannttaaggeess

  There are some disadvantages, such as the admin will not be able to
  add/remove a user or group. These things should go by the root user,
  anyhow.


  88..  PPoosstt SSeerrvveerr SSeettuupp


  88..11..  FFTTPP FFiilleess

  Virtfs copies the ftp files (see above under _T_h_e _F_T_P _f_i_l_e_s) oonnllyy if
  you activate FTP service for the service.

  After the files are copied over you will have to edit them if you want
  your virtual server's ftp server to act differently than the main
  servers.


  88..22..  llddccoonnffiigg

  Some applications require libraries to be pre-loaded. I suggest you
  chroot to the server (through Virtfs) as root and run ldconfig. You
  may have to edit /etc/ld.so.conf within the virtual server to specify
  which directories are to be included. Again, the contents of
  /etc/ld.so.conf can be altered everytime a server is created within
  /etc/virt.conf.


  88..33..  LLoogg ddiirreeccttoorriieess

  As each Linux flavour required their own log directory, I suggest
  after creating a virtual server, you compare the log directories. For
  example, Virtfs will not create /var/log/httpd as Redhat Apache RPMs
  do. You should create the directory.

  Virtfs does create the standard Sendmail directories for you (this is
  in the <<SShheellll CCoommmmaannddss>> section of /etc/virt.conf).






  99..  CCoommmmoonn VViirrttuuaall SSeerrvviicceess

  As mentioned above, setting up services (ie. POP/SMTP, FTP) for
  certain virtual servers is very flexible. You can specify whether
  vserver2.com should have FTP service, or if vserver1.com should have
  email. I am going to cover the basics of how to set up virtuald
  through the common services.

  Basically for each service in your inetd configuration file, you want
  to add:

  /path/to/virtuald virtuald /virtual/conf.file

  But, if you are using tcp_virtuald, you will want to use:

  /path/to/tcp_virtuald virtuald /virtual/conf.file tcpd

  For xinetd, please read the section below. It will still be helpful
  not to skip this section...


  99..11..  CCoonnffiigguurraattiioonn FFiilleess

  The configuration files needed for each service should contain the IP
  address and the directory where the virtual service resides. For
  example, xxx.xxx.xxx.xxx:/virtual/vserver2.com. (where xxx.xxx.xxx.xxx
  is the IP number)

  Each of these on a new line, but do not alter these files, as Virtfs
  will do this for you.

  The configuration file for say, FTP, is by default (in the
  /etc/virt.conf file) conf.ftp and this must reside in the leading
  virtual sub directory, ie. /virtual/conf.ftp. For mail services, it is
  /virtual/conf.pop.

  There should only be ONE configuration file for each service, and not
  multiple. Virtfs will add entries for each server into the
  configuration file when you select to add it, so you need not edit it
  directly (and you probably shouldn't). When you delete a virtual
  server, Virtfs removes the entry for the chosen server.


  99..22..  SSppeecciiffyyiinngg PPaatthhss ttoo SSeerrvviicceess

  You must specify the full path to each service in /etc/inetd.conf. For
  example:


       ftp  stream  tcp  nowait  root /path/to/virtuald virtuald /virtual/conf.ftp wu.ftpd -l -a




  On my system, wu.ftpd is in the /usr/sbin directory on the main server
  as well as the virtual server (/virtual/vserver1.com/usr/sbin).

  Make sure you follow the general rules to avoid problems:

  +o  Your service file is on the main server as well as the virtual
     directories, in the right locations. If the service is on the main
     server's /usr/sbin make sure it's on the same location in the
     virtual directory, ie. /virtual/vserver1.com/usr/sbin.

  +o  Normally, when editing the inetd.conf, it is fine just to leave
     wu.ftpd (the service), but when using it with virtuald you should
     note the full path name to the service.


  99..33..  FFTTPP

  In your /etc/inetd.conf file, you will have to edit this to place the
  virtuald wrapper to accept connections for the FTP service. I changed
  mine to the following, where /virtual/conf.ftp is the configuration
  file for servers allowed to FTP in:


       ftp stream tcp nowait root /path/to/virtuald virtuald /virtual/conf.ftp /path/to/wu.ftpd -l -a




  If you are using tcp_virtuald, you will have to specify the above line
  as such:


       ftp stream tcp nowait root /path/to/tcp_virtuald virtuald /virtual/conf.ftp tcpd /path/to/wu.ftpd -l -a





  99..44..  MMaaiill

  There are two common mail packages: Sendmail and Qmail. The setup for
  virtual servers is different, depending on what package you use. Your
  IMAP/POP services should be easily configured though. Virtfs takes
  care of the mail configuration file (by default: conf.pop). You will
  just have to alter the lines in inetd.conf to:


       pop-3 stream tcp nowait root /path/to/virtuald virtuald /virtual/conf.pop /path/to/ipop3d




  You can configure mail services for tcp_virtuald as it has been done
  above for FTP.


  99..55..  SSeennddmmaaiill

  Unlike using Sendmail's virtual email support, you can have multiple
  accounts with same names, on main server. As explained above,
  bob@vserver1.com and bob@mainserver.com are actually different
  accounts. This is a great advantage.

  As far as setting up a virtual server for email though, Virtfs copies
  over the main server's /etc/sendmail.cf file (which you must set in
  virt.conf under Sendmail CF) to the virtual server's /etc directory
  and edits the line:

  #Dj$w.Foo.COM

  to:

  Djvserver1.com (replacing vserver1.com with your server's real entry).

  We set up Sendmail within inetd as follows:



  smtp stream tcp nowait root /path/to/virtuald virtuald /virtual/conf.pop /path/to/sendmail -bs




  You can configure mail services for tcp_virtuald as it has been done
  above for FTP.

  Please note that Virtfs will automatically add/delete entries from the
  conf.pop configuration file. This file permits the servers listed to
  accept connections from the ports.


  99..55..11..  sseennddmmaaiill..ccww

  Upon creation of a virtual server, Virtfs will automatically create
  the sendmail.cf (as of v.0.60.0) in
  /virtual/vserver2.com/etc/sendmail.cw.

  Virtfs will add these lines into the sendmail.cw file (replacing
  vserver2.com with your virtual server's name):


       mail.vserver2.com
       vserver2.com
       vserver2
       localhost





  99..55..11..11..  sseennddmmaaiill..vviirrttffss

  You will need to replace your current sendmail file with the
  sendmail.virtfs shell script included with the Virtfs package. This
  script shell will start, stop and restart Sendmail services for all
  your virtual servers and main servers.


  99..66..  QQmmaaiill

  Unfortunately, I am unable to test Virtfs with Qmail, however, there
  is a little package which will help you. You may read on it and
  download it from the Virtfs Qmail page. This additional package does
  not come with the standard Virtfs package. Reading the Virtual
  Services HOWTO will also help you in this (the sources from the Qmail
  page were taken from the HOWTO).


  99..77..  WWoorrlldd WWiiddee WWeebb

  Apache has an excellant method of configuring VirtualHosts, and I
  suggest you use that method. Setting up Apache is regardless of
  virtuald, although Virtfs will edit the httpd.conf adding the
  appropriate configuration. Refer to Apache's documentation on how to
  set this up for a virtual service.

  You may want to create a web directory, ie /virtual/vserver1.com/web
  so that people with access to vserver1.com can access these files - do
  not place the web directory on the main server, as the users of
  vserver1.com will not be able to access them.




  99..88..  OOtthheerr

  You can acheive similar results with configuring your inetd file, as I
  have done above. In the chance you are using a service (like some FTP
  clients) that do not run through inetd, you will unfortunately have to
  go under their direction for virtual services.

  If it does run through inetd, simply do the following:

  1. Add the appropriate lines to activate virtuald for your services
     (as explained above) in inetd.conf

  2. Create a /virtual/conf.service file.

  3. Add the servers to the configuration file.


  1100..  xxiinneettdd


  As of Redhat 7.x, many people have asked how to implement the virtual
  services into their system. This is quite straight forward, as
  explained in the email by Rodrigo B. Pereira:


       As for xinetd, it's all pretty simple, just a matter of adaptation to the
       new organization of things. In this case (RH 7.0), every service is
       configured on a separate file, under /etc/xinetd.d, but you can also use
       just one file, just a matter of editing /etc/xinetd.conf. HoweverI think
       it's very nice this way.

       Let's take this telnet example:

       # default: on
       # description: The telnet server serves telnet sessions; it uses \
       #       unencrypted username/password pairs for authentication.
       service telnet
       {
               flags           = REUSE
               socket_type     = stream
               wait            = no
               user            = root
               server          = /usr/local/bin/virtuald
               server_args     = /home/virtual/conf.telnet /usr/sbin/in.telnetd
               log_on_failure  += USERID
       }

       The key point here is server_args. The 'server' line should always point
       to the absolute path of virtuald. The 'server_args' line consists of the
       cvnf.service file, followed by the absolute path of the real service
       daemon. This sure looks much nicer than on inetd.conf.

       Every "real" server arguments, are passed along with the daemon abs. path.
       For example, with wu-ftpd, the server_args line would look like this:

       server_args             = /home/virtual/conf.ftp /usr/sbin/in.ftpd -l -a

       Resuming:        server = /path/to/virtuald
                        server_args = /path/to/conf/service/conf.service
       path.to.real.daemon/read.daemon any.daemon.args

       After configuring, just type this "service xinetd restart" to activate
       changes. Or "/etc/rc.d/init.d/xinetd restart", if for some weird reason
       service isn't available.


  1111..  LLooggggiinngg


  1111..11..  VViirrttffss LLooggggiinngg

  Virtfs will log all actions carried out if you have configured it so
  within the virt.conf file. Set Log = on and then specify the file for
  you to log all your actions in under Log File.


  1111..22..  VViirrttuuaalldd LLooggggiinngg

  Virtuald will, by default, log actions by services requested through
  syslogd. I say by default, as you can shut off the logging by editing
  the source of virtuald.c and shutting off VERBOSELOG. By default it is
  on.


  You will notice in your syslog when Virtuald kicks in. Something like
  this should be logged:


       virtuald[4207]: Virtuald Starting v.xxxx
       ....




  You will be able to tell where the service is being called to. Also,
  you may check on these logs for debugging purposes.


  1111..33..  ttccpp__vviirrttuuaalldd LLooggggiinngg

  The logging for this modified version of virtuald is the same as the
  logging for virtuald (described above), except you will know which
  version of virtuald will be running (ie. tcpd enabled ot not):


       virtuald[4220]: Virtuald Starting (tcpd enabled) v.xxx





  1122..  RReeffeerreenncceess


  1. Virtual Services HOWTO

  2. Mini HOWTO: IP Aliasing

  3. DNS HOWTO

  4. Pocket ISP based on RedHat Linux











