Ubuntu Install on XServe G5

I hardly get enough time away from my Mac machines, so I planned to get back in touch with the penguin, and to build a test server.

My plan was to install Xen, and then run a Linux instance on top of it. However the only spare machine was a G5 Xserve, I could not find any information of Xen on ppc processor.

Choosing Linux flavour for ppc wasn’t easy either. Most of the open source linux flavours have stopped supporting ppc, as it seems like a dying platform. Red Hat and Suse seem to support the architecture in their enterprise versions. I did’nt wanted to run YDL, the only flavour I could find truely supporting ppc architecture.

Finally, I decided to go ahead with the Ubuntu 8.04 Server community version for ppc.

Once decided, the install was pretty much a breeze. Popped in the CD, and followed GUI to install. Chose ssh-server and Lamp Server during install option.

After the server restart, configured the network interface /etc/network/interfaces to provide a static address.Restarted the network.

sudo /etc/init.d/networking restart

Update the installation. I prefer aptitude over apt-get.

sudo aptitude update
sudo aptitude safe-upgrade

It is a good idea to synchronize the system clock with an NTP (network time protocol) server over the internet.

sudo aptitude install ntp ntpdate

Check hostname and hostname -f return the same value. It matched our specified domain name in the file /etc/hosts to FQDN (Fully Qualified Domain Name) of the machine.

Lets bring the walls up

Ubuntu comes with a iptables-wrapper known as UFW.

sudo aptitude install ufw

Turn firewall on.

sudo ufw enable

Turn firewall logging on.

sudo ufw logging on

Display status of firewall and ports in the listening state

sudo ufw status

I changed the rules so that the output of above command was

Firewall loaded

To                         Action  From
--                         ------  ----
Anywhere                   ALLOW   xx.xx.xx.0/24
22:tcp                     ALLOW   xx.xx.xx.0/24
80:tcp                     ALLOW   Anywhere
80:udp                     ALLOW   Anywhere

Therefore only port 80 was open to outside world, for serving web pages, and ssh port for local network. The rest of the requests were dropped.

To make sure, use nmap from another machine to do a port scan of your server. Only port 80 should be open from outside your lan.

As the result of port scan delivered expected results, I paused for a while and looked at my old friend, penguin. I flashed-forward to years of our friendship, of growing up churrning big-a$$ web apps, becoming millionaires, and the taking a vacation to Mars, our children going to the same schools, and becoming friends and fighting amoung themselves all the time. Ah! It was such a touching moment! I’m glad on our renewed friendship.

Next time we’ll bring in PHP and MySQL, the Indian tribe some Jewels and another Dutch-looking friend.

This party is gonna rock!

Image credits: Tux by Daniele Florio shared under CC Share Alike licence