Ubuntu 9.10 Server 32-bit

From ZoneMinder Wiki

Jump to: navigation, search

Ubuntu 9.10 Server 32-bit with Zoneminder´s subversion (some screenshots are from 9.04 install so i am renewing those)


Misc information

First of all, i would like to express my gratitude to all programmers or anyone that has contributed in its particular way to this project; this is a great software, and has resources for external triggers, domotics integration (x10), selective areas for alarm within an image, and many many more resources i could not enumerate here;

This guide reflects my specific experience with the following hard and software and is not in any way endorsed; any suggestions and direct corrections are highly welcome! I will be constantly as possible updating this in a manner that it is possible to be reproduced, and help to solve some questions that i have already experienced on older versions and still experience sometimes in the newer versions under specific circumstances;

  • CPU Hardware: Used a core2quad q8200 on intel dg31pr mobo, with 2 gb ram (running dual channel), a 500gb western-digital sata hd, and a partitioning scheme with 25gb for the root system, 2gb for swap, and the remaining for the home partition (but remember to set appropriate filters to prevent hd from filling the entire hd;)
  • Repeated this guide March 4th, on an amd 3000+, 512mb ram, asus mobo

  • CCTV Hardware: Used two cheap pci bt878 so-called "pico 2000" cards, (4 inputs at 2 to 3 real fps each, and 8 analog cameras;)

This aims to be a kind of "Zoneminder for dummies", deploying the base system from the beginning and also configuring some functionality as alerts by email or a custom mobile skin, requiring very little linux knowledge right from the start;


  • burn ubuntu cd, by downloading server 32 bit iso; boot from the cd, choose "check disk for defects" to certify you have a valid cd; (aprox. 5 minutes)
  • port limitations: my great phone company that delivers the dsl blocks some important ports, like 22, 25, 80, and so on, just to bother; in order to detour that limitations, i have to use alternate ports for ssh, http, ftp, webmin and whatever; also, you will have to set the router to "forward" those default or changed ports to your machine ip; (later on we will prepare the server to have fixed ip if you don´t do that by install time);

Ubuntu installation

(important: have yourself an active internet connection available using dhcp right from the start)

  • choose the language and hit "install ubuntu server", then the language for the installation, region, country, detect keyboard layout; consider to choose "english" so that you can google more easily when you face a problem during install-time...
  • select a time zone
  • select a partitioning method, where "guided - use the entire disk and set up lvm" is the recommended default; actually i chose "manual", because i have already done my partitioning schemme, then selected the system partition, set it to be used as "ext3 journaling fs", then choose the "mount point" to be "/ - the root file system", then hit "done setting up", then choose a partition to be used as swap, enter it, mark "use as" to "swap area", then hit "done setting up...", then set another partition to be used as /home, then scroll down the page and hit "finish partitioning and write changes to disk"; now you have a last chance to check what youre about to do; check it carefully, then hit "write changes to disks"; ( i have read ext4 is not extensely tested so far and problems with bootloaders, so ext3 journaling is a safe bet!)
  • now you have your partitions being formatted and base system being installed;
  • choose a full name for the new user; (dont try to use root here, just your first name is ok), and a user name account (the same name is fine)
  • choose a strong password;
  • choose if you want to encrypt your home directory; i accepted the default NO ;
  • configure an http proxy; if you dont use one, or dont know what it is, leave it blank and hit enter;
  • if you have an active internet connection like i suggested, the system will now scan the mirror; just wait;
  • the system now asks if you want automatic updates; i really never choose that, so i can do this IF and WHEN i want, and avoid surprises; so i chose "no automatic updates", which is the default;
  • now choose software to install; (ubuntu 9.10 has many interesting options here, like cloud computing, virtual machine and tomcat...) In order to follow this guide i suggest LAMP, MAIL and OPENSSH only ;(mark what you want with the spacebar and hit enter just afterwards);
  • have a wait ... new software is being installed and configured...
  • choose a strong password for the mysql root user; i used the same one for the user, but if you are paranoid, choose one that no one can remember, even yourself; remember that this will be your ***MySQL ROOT PASSWORD***, required after on the zm database creation;
  • during postfix configuration; i suggest "internet site"; then choose a name for the system mail; i accepted the default that is the same as the hostname.
  • have a wait ... try to watch what is going on...
  • choose if the grub boot loader is to be installed to the master boot record; choosing *YES* is safe in my opinion, as it recognizes my other possible operating systems from other partitions, like windows xp, vista, other linux flavours, and even the other linux grubs that may exist, so it adds everything to the boot entries it may find.... and then you will have the opportunity to choose what system to boot everytime you turn your computer on;
  • now, when prompted, remove de cd and click continue; (when the system reboots you may want to enter the bios settings and choose not to boot from cds anymore)
  • after reboot my new grub shows the options, that use 2.6.31-14-generic-pae as the kernel setup; choose that to boot from.
  • mission accomplished so far, ubuntu server is fresh/ready; it booted really, really fast in this server version and hardware i mentioned  !!!

Server Post-installation procedures

  • login with the user you created, not root;
  • type "sudo passwd root" , hit enter, enter your password, then a new password twice (or the same one) to be the "root" password; OR ignore this direction and simply prepend "sudo" for all commands when needed;
  • type "logout", hit enter
  • now login with your root account;
  • if during the install time ubuntu succeeded to conect to the internet without asking anything, it means that it tried to use DHCP and succeeded; but i don´t think anyone would like it that way, (unless you had set an ip/mac reservation in your router dhcp config); so now we are changing our server to a fixed ip on the lan:

1- check if you have a working internet connection, try "ping www.nytimes.com" and CTRL+C to stop after some seconds;

So i know from that and from my router config that i am going to use as the fixed server ip, as netmask, as default gateway, and also as the primary dns; no need of a secondary dns im my case;

lets edit /etc/network/interfaces; "cd /etc/network/", enter, "cp interfaces bkp_original_interfaces", enter, "nano /etc/network/interfaces", enter;

i had the original like this:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
iface eth0 inet dhcp

so i changed from that to:

# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# This is a list of hotpluggable network interfaces.
# They will be activated automatically by the hotplug subsystem.
mapping hotplug
        script grep
        map eth0

# The primary network interface
auto eth0
iface eth0 inet static

save, exit, then, check /etc/resolv.conf ; "cd /etc", enter, "nano resolv.conf", enter; im my case, i did not need to change this, because it was correct;(dns=gateway in my router)


I will now restart the network to check what i have done so far: "/etc/init.d/networking restart", enter, and then ping again: "ping www.nytimes.com", to check everything is ok.

  • now lets force the system to make a filesystem check during the next reboot, after all we have done a lot of partitioning/formatting/installing, and it´s good to know there´s no problems regarding that; type "touch /forcefsck", enter; now "reboot";

  • (optional) now i am going to change the ssh port, by the reason i mentioned in the misc info before; (this is not a security measure, any nmap scan may easily find this port!)

"cd /etc/ssh/", enter , "cp sshd_config bkp_original_sshd_config", enter, "nano sshd_config", enter ; *CAUTION* you want to edit sshd_config, NOT ssh_config

now you are editing sshd config; change port 22 to whatever if you will; hit "CTRL+O" to save, enter, "CTRL+X" to exit;

  • type "service ssh restart", enter; (to apply changes)
  • type "logout", hit enter;
  • from another machine (for example on your windows computer), have putty installed, configure it to access you ssh server ip and port;
  • i suggest that under putty, you configure the "seconds between keepalives" to 50; then configure the port and ip on the main window, and save it;
  • connect to the ubuntu server via putty;
    • nb: if you never used putty, be advised that to paste something into the terminal you just have to right click the mouse once, so dont try "CTRL+V", and when you copy something, try to copy just until the last character, not the entire line, because if you dont, when you paste text into putty, it will also "hit the enter" for you, what i dont like; but nevermind; and to copy *from* the putty terminal to another place, simply select with the mouse the text, and it is automatically copied, so dont try "CTRL+C", which in linux shell would abort the current command/process;
    • nb: The first time you connect to putty from a different machine, you will have a warning regarding the host key; that is *OK*

This is what i got so far:

login as: root
root@'s password:
Linux cftv105 2.6.31-14-generic-pae #48-Ubuntu SMP Fri Oct 16 15:22:42 UTC 2009                         i686

To access official Ubuntu documentation, please visit:

  System information as of Thu Dec 17 01:58:44 BRST 2009

  System load:    0.0                Memory usage: 2%   Processes:       125
  Usage of /home: 0.1% of 294.07GB   Swap usage:   0%   Users logged in: 1

  Graph this data and manage this system at https://landscape.canonical.com/

49 packages can be updated.
25 updates are security updates.

Last login: Thu Dec 17 01:45:01 2009

  • Enable all repositories: "nano /etc/apt/sources.list", enter, and set to your needs ; the example below is for Brazil, you´d better adapt your own sources.list to get servers near to you.
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://br.archive.ubuntu.com/ubuntu/ karmic main restricted
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic main restricted

## Major bug fix updates produced after the final release of the
## distribution.
deb http://br.archive.ubuntu.com/ubuntu/ karmic-updates main restricted
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic-updates main restricted

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://br.archive.ubuntu.com/ubuntu/ karmic universe
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic universe
deb http://br.archive.ubuntu.com/ubuntu/ karmic-updates universe
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic-updates universe

## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://br.archive.ubuntu.com/ubuntu/ karmic multiverse
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic multiverse
deb http://br.archive.ubuntu.com/ubuntu/ karmic-updates multiverse
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic-updates multiverse

## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://br.archive.ubuntu.com/ubuntu/ karmic-backports main restricted universe multiverse
deb-src http://br.archive.ubuntu.com/ubuntu/ karmic-backports main restricted universe multiverse

## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
deb http://archive.canonical.com/ubuntu karmic partner
deb-src http://archive.canonical.com/ubuntu karmic partner

deb http://security.ubuntu.com/ubuntu karmic-security main restricted
deb-src http://security.ubuntu.com/ubuntu karmic-security main restricted
deb http://security.ubuntu.com/ubuntu karmic-security universe
deb-src http://security.ubuntu.com/ubuntu karmic-security universe
deb http://security.ubuntu.com/ubuntu karmic-security multiverse
deb-src http://security.ubuntu.com/ubuntu karmic-security multiverse

now, type in "apt-get update", enter, and expect something like "(...)(...)Fetched xx.xkB in xxs (xx.xxkB/s) / Reading package lists... Done", and follow on with "apt-get upgrade", enter; it took me no more than 2 minutes; my isp isnt that bad after all..., and just because i want, i´ll end that step with "apt-get clean"; i think it has kind of a psychological effect in the debian brain that ubuntu inherited;

  • install webmin (optional for remote administration, reading logs, system state, uploads, downloads, cron jobs and much more thru a nice web interface!) and change it´s listening port if needed; (you can create a /root/downloads directory and within that you type
     wget http://downloads.sourceforge.net/project/webadmin/webmin/1.500/webmin_1.500_all.deb?use_mirror=ufpr
    to get it; then run
    root@cftv105:~/downloads# dpkg -i webmin_1.500_all.deb
to get it installed; it always complains it needs some extra prerequisites, but its easy to get them with magical apt-get install -f and voila;
  • Webmin notice: after installing webmin 1.500 under ubuntu server 9.10, i could not use it directly to watch the system logs because it did not find them; its simple to fix that as going to unused modules > system logs > module config, and then change the default /etc/syslog.conf to /etc/rsyslog.conf
  • install noip client to have your (possible) dynamic ip to some rememberable address like easy.no-ip.com : "apt-get install noip2" ; it is downloaded an then it runs a first time config utility; provide it with the login and password you have created on no-ip.com website previously; after, it will ask your hosts list: provide it with xxxx.no-ip.com host redirect you created; in the end it asks the network device name, just leave it blank if you have just one adapter, like eth0; it also asks about nat, leave at default NO if in doubt; you may run the config again at later time if you need with "noip2 -C"; you may now want to run sysvconfig to certify it will run automatically upon bootup; or you may navigate trough webmin "system>bootup and shutdown", which is very pleasant also; see following step;
  • Now we´ll suggest the first thing really useful so far: inspect our system logs, and watch carefully for any warnings, errors, or messages that may indicate some particular problem so far; if we notice something unusual, we´ll be googleing and fixing that before we proceed; Under past installations, i have noticed errors regarding "shared memory" in the ubuntu clean install, far before installing zoneminder; so if you have a problem that you know for sure is not zm´s, you´ll help yourself googleing that in the right foruns; inspect syslog with "less /var/log/syslog", at this point i am happy that i did not have any "shared memory" or important issues; type "q" to quit less utility; now we´ll be inspecting apaches error log: "less /var/log/apache2/error.log" to do that; it had nothing wrong in it; just for completeness, i rebooted and checked them once again to be sure; to watch the logs in real time while you do some stuff, you may use "watch --i 0 tail -n 15 /var/log/syslog", for example, to watch syslog last 15 lines; i also like to watch uptime or top to check cpu and mem loads;
  • ensure you had your capture card recognized, or dont bother if you are lucky enough to have some of those nice axis ip cams that still cost too much down here in south america...; the so-called Pico2000 bt878 based cards are automatically recognized by the relatively newer kernels, including ours; lets be sure in case; an existing /dev/videoX directory is a first good thing to see, and other good expected outputs are as follows:

Tests with 1 capture card present:

root@cftv105:/# find /dev -name video*
root@cftv105:/# lspci -v | grep Multimedia
04:05.0 Multimedia video controller: Brooktree Corporation Bt878 Video Capture (rev 11)
04:05.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture (rev 11)
root@cftv105:/# lsmod | grep bt
bttv                  119412  0
ir_common              48512  1 bttv
v4l2_common            17500  1 bttv
videodev               36736  2 bttv,v4l2_common
videobuf_dma_sg        12608  1 bttv
videobuf_core          17952  2 bttv,videobuf_dma_sg
btcx_risc               4772  1 bttv
i2c_algo_bit            5760  2 bttv,i915
tveeprom               11872  1 bttv

Tests with 2 capture cards present:

root@cftv105:~# find /dev -name video*
root@cftv105:~# lspci -v | grep Multimedia
04:05.0 Multimedia video controller: Brooktree Corporation Bt878 Video Capture (rev 11)
04:05.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture (rev 11)
04:06.0 Multimedia video controller: Brooktree Corporation Bt878 Video Capture (rev 11)
04:06.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture (rev 11)
root@cftv105:~# lsmod | grep bt
bttv                  119412  2
ir_common              48512  1 bttv
v4l2_common            17500  1 bttv
videodev               36736  4 bttv,v4l2_common
videobuf_dma_sg        12608  1 bttv
videobuf_core          17952  2 bttv,videobuf_dma_sg
btcx_risc               4772  1 bttv
tveeprom               11872  1 bttv
i2c_algo_bit            5760  1 bttv

  • nice; so one more system updating and cleaning, just to be sure: "apt-get update" ... "apt-get upgrade" ... "apt-get install -f" ... "apt-get clean" ...
  • now i consider i am prepared to be starting zm related stuff;

ZM installation

Changes for Lib Paths

echo "/usr/local/lib" > /etc/ld.so.conf.d/ffmpeg.conf
echo "LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH" >> /etc/bash.bashrc
echo "export LD_LIBRARY_PATH" >> /etc/bash.bashrc

Install All Prerequisites

  • some may be already installed depending on what you did so far;

aptitude install build-essential linux-headers-`uname -r` automake perl libnet-ssleay-perl openssl libauthen-pam-perl \
libpam-runtime libio-pty-perl libmd5-perl libmysqlclient15-dev \
libarchive-zip-perl libdate-manip-perl libdevice-serialport-perl libjpeg62 libjpeg62-dev libmime-perl libstdc++6 libwww-perl \
zlib1g zip unzip patch ntp openssl libpcre3-dev libssl-dev libjpeg-progs libcurl4-gnutls-dev munin munin-node libmime-lite-perl \
netpbm libbz2-dev subversion

by this time, it gave me:

Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Writing extended state information... Done
The following NEW packages will be installed:
  autoconf{a} automake autotools-dev{a} binutils{a} build-essential comerr-dev{a} defoma{a} dpkg-dev{a} fakeroot{a}
  fontconfig{a} fontconfig-config{a} g++{a} g++-4.4{a} gawk{a} gcc{a} gcc-4.4{a} ghostscript{a} ghostscript-x{a} gs{a}
  gsfonts{a} libarchive-zip-perl libavahi-client3{a} libavahi-common-data{a} libavahi-common3{a} libbz2-dev libc-dev-bin{a}
  libc6-dev{a} libcairo2{a} libconvert-binhex-perl{a} libcups2{a} libcupsimage2{a} libcurl4-gnutls-dev libdate-manip-perl
  libdatrie1{a} libdevice-serialport-perl libdirectfb-1.2-0{a} libemail-date-format-perl{a} libfontconfig1{a} libfontenc1{a}
  libgcrypt11-dev{a} libgnutls-dev{a} libgomp1{a} libgpg-error-dev{a} libgs8{a} libgssrpc4{a} libice6{a} libidn11-dev{a}
  libio-multiplex-perl{a} libio-stringy-perl{a} libjpeg-progs libjpeg62 libjpeg62-dev libkadm5srv6{a} libkdb5-4{a}
  libkrb5-dev{a} libldap2-dev{a} libmime-lite-perl libmime-perl libmime-tools-perl{a} libmime-types-perl{a}
  libmysqlclient15-dev libmysqlclient15off{a} libneon27-gnutls{a} libnet-cidr-perl{a} libnet-server-perl{a} libnet-snmp-perl{a}
  libnetpbm10{a} libpango1.0-0{a} libpango1.0-common{a} libpaper-utils{a} libpaper1{a} libpcre3-dev libpcrecpp0{a}
  libpixman-1-0{a} libpng12-0{a} librrd4{a} librrds-perl{a} libsm6{a} libssl-dev libstdc++6-4.4-dev{a} libsvn1{a} libsysfs2{a}
  libtasn1-3-dev{a} libthai-data{a} libthai0{a} libtiff4{a} libts-0.0-0{a} libxcb-render-util0{a} libxcb-render0{a}
  libxfont1{a} libxft2{a} libxrender1{a} libxt6{a} linux-libc-dev{a} m4{a} munin munin-node netpbm ntp pkg-config{a}
  psfontmgr{a} rrdtool{a} subversion tsconf{a} ttf-dejavu{a} ttf-dejavu-core{a} ttf-dejavu-extra{a} unzip x-ttcidfont-conf{a}
  xfonts-encodings{a} xfonts-utils{a} zip zlib1g-dev{a}
0 packages upgraded, 113 newly installed, 0 to remove and 11 not upgraded.
Need to get 57.8MB of archives. After unpacking 172MB will be used.
Do you want to continue? [Y/n/?]

went ahead; 17 minutes it took under 1Mb dsl; now i am going to reboot just because i want to; after reboot, i did the "apt-get upgrade" "apt-get clean" thing again;

Install Perl Modules

perl -MCPAN -e shell

(accept yes when prompted and right after that still under perl shell...

install CPAN

(accept yes when prompted, it will take some 30 seconds here, type "exit", enter. now ...

perl -MCPAN -e shell
install YAML PHP::Serialization Module::Load X10::ActiveHome
install Sys::Mmap

(accept yes when prompted,and yes again to fix dependencies problems if so) after some seconds it finishes, then type "exit", enter

FFmpeg & ZoneMinder from SVN

Install FFmpeg

cd /usr/src
svn checkout svn://svn.mplayerhq.hu/ffmpeg/trunk ffmpeg

(in the end it gave me "Checked out external at revision 30048. Checked out revision 20888.", so i will have a note of it for future reference if i ever need, i hope i dont); now do the following carefully one by one:

  • update March, 4th : Checked out external at revision 30827. Checked out revision 22195.

cd /usr/src/ffmpeg/
echo "Checked out external at revision 30827. Checked out revision 22195." > xxx_SVN_NOTE.txt
./configure --enable-gpl --enable-shared --enable-pthreads
make install
make install-libs
cd /lib
ln -s /usr/local/lib/libswscale.so.0
ln -s /usr/local/lib/libavformat.so.52
ln -s /usr/local/lib/libavcodec.so.52
ln -s /usr/local/lib/libavutil.so.50
ln -s /usr/local/lib/libavdevice.so.52

(this compiling took no more than 4 minutes with this hardware) (all commands ran smooth)

Install & Config ZoneMinder

cd /usr/src
svn co http://svn.zoneminder.com/svn/zm/trunk zm

  • March 4th: Checked out revision 3033.

(took about 1 minute, and in the end it gave me "Checked out revision 3033.", so i will note it down for reference when asking for help or like that), now follow one by one carefully:

cd usr/src/zm
echo "Checked out revision 3033." > XXX_SVN_3033.txt
  • Now the following is to be pasted or typed as a single line and then hit enter; (or read the comments below before that and make a decision here; of course you may recompile zm after that if you change your mind)

Edit: As far as I'm aware, the \ should work on any shell you're likely to be using to continue a command onto another line. Makes things a little easier to see. -Scott

./configure --with-webdir=/var/www/zm --with-cgidir=/usr/lib/cgi-bin \
ZM_DB_HOST=localhost ZM_DB_NAME=zm ZM_DB_USER=zmuser \
ZM_DB_PASS=zmpass --enable-debug=yes \
--with-webgroup=www-data --with-webuser=www-data --enable-mmap CPPFLAGS="-D__STDC_CONSTANT_MACROS" 

Shared memory issue comments: Decision point 

As of my narrow understanding on this matter, should you face syslog complaining about shared memory for your specific case
of number and resolution of cameras, you may have to decide between two options before compiling;
I SUGGEST THE SECOND APPROACH for this guide, that helped me in my case:

1- Use the older zm shared memory model and configure some extra parameters manually;


2- Use the newer mode, that ZM´s context help under options > paths > zm_path_map describes like this:

''ZoneMinder has historically used IPC shared memory for shared data between processes. This has it's advantages and limitations. 
This version of ZoneMinder can use an alternate method, mapped memory, instead with can be enabled with the --enable--mmap directive to configure.
This requires less system configuration and is generally more flexible. However it requires each shared data segment to map onto a filesystem file.
This option indicates where those mapped files go. You should ensure that this location has sufficient space for these files and for the best
performance it should be a tmpfs file system or ramdisk otherwise disk access may render this method slower than the regular shared memory one.''

Should you choose the first model (*not* suggested),
the configuration string would be:

./configure --with-webdir=/var/www/zm --with-cgidir=/usr/lib/cgi-bin ZM_DB_HOST=localhost ZM_DB_NAME=zm ZM_DB_USER=zmuser ZM_DB_PASS=zmpass --enable-debug=yes --with-webgroup=www-data --with-webuser=www-data --disable-mmap

Should you choose the second and suggested model,
the configuration string would be:

./configure --with-webdir=/var/www/zm --with-cgidir=/usr/lib/cgi-bin ZM_DB_HOST=localhost ZM_DB_NAME=zm ZM_DB_USER=zmuser ZM_DB_PASS=zmpass --enable-debug=yes --with-webgroup=www-data --with-webuser=www-data --enable-mmap

As stated, for this to work efficiently you must have enough tempfs already set, as using /dev/shm from the hard disk would not represent
real advantage; (what is /dev/shm? http://www.cyberciti.biz/tips/what-is-devshm-and-its-practical-usage.html )

In our Ubuntu 9.10 case '''we already have a /dev/shm using tempfs''', that may be checked like this:

mount | grep shm

that should render

none on /dev/shm type tmpfs (rw...etc..etc...)

and to watch the slice that zm (and other processes are consuming from that), use "df" ;
to watch exclusively how much zm is taking (when it is running afterwards), one may use:

root@cftv105:/dev/shm# ls -l /dev/shm/zm*
-rw------- 1 www-data www-data  9217192 2009-12-19 06:39 /dev/shm/zm.mmap.10
-rw------- 1 www-data www-data 36865192 2009-12-19 06:39 /dev/shm/zm.mmap.17
-rw------- 1 www-data www-data 36865192 2009-12-19 06:39 /dev/shm/zm.mmap.19
-rw------- 1 www-data www-data 36865192 2009-12-19 06:39 /dev/shm/zm.mmap.8
-rw------- 1 www-data www-data 36865192 2009-12-19 06:39 /dev/shm/zm.mmap.9

You may also refer to the following useful resources if needed:

* http://www.zoneminder.com/wiki/index.php/Ubuntu_9.04_%28Jaunty%29_desktop_with_graphical_interface#Increase_shared_memory_maximum_block_size

* http://www.zoneminder.com/wiki/index.php/Ubuntu_8.10_Vanilla_32bit_%28with_FFmpeg_SVN%2C_ZoneMinder_SVN%2C_jscalendar-1.0%2C_cambozola-0.7%29#Make_System_file_changes_.28For_ZoneMinder_Shared_Mem.29

* ZM Forum;

After we have prepared the configuration, we will now continue the process:


(now this automake gave me an error as shown, so i just executed "aclocal", and then "automake" again, and yes, its was fine! see below both the error and the workaround)

root@cftv105:/usr/src/zm# autoconf
root@cftv105:/usr/src/zm# automake
configure.ac:3: version mismatch.  This is Automake 1.11,
configure.ac:3: but the definition used by this AM_INIT_AUTOMAKE
configure.ac:3: comes from Automake 1.9.6.  You should recreate
configure.ac:3: aclocal.m4 with aclocal and run automake again.
root@cftv105:/usr/src/zm# aclocal
root@cftv105:/usr/src/zm# automake


(so far so good, lets now create the initial db in the current working dir; when prompted, use the **root MySQL** password you created before;)

mysql -u root -p < db/zm_create.sql

(no output after entering the password means no problem)

mysql -u root -p

(after entering your mysql root password, you will be taken to the mysql shell)

grant select,insert,update,delete on zm.* to 'zmuser'@localhost identified by 'zmpass';

(that gave me "Query OK, 0 rows affected (0.00 sec)", wich means no problem too)

make install

(that took not even 5 seconds, and we are now comming closer to an end)

Post Install

Install cambozola.jar

cd /usr/src
wget http://www.charliemouse.com:8080/code/cambozola/cambozola-latest.tar.gz
tar -xzvf cambozola-latest.tar.gz
cp cambozola-0.76/dist/cambozola.jar /var/www/zm

(all should run smooth)

Make sure ZoneMinder starts automatically

  • create new file as follows:
nano -w /etc/init.d/zm

now inside nano paste the following:

# description: Control ZoneMinder as a Service
# chkconfig: 2345 99 99

# Source function library.
#. /etc/rc.d/init.d/functions


start() {
        echo -n "Starting $prog: "
        $command start
        [ $RETVAL = 0 ] && echo success
        [ $RETVAL != 0 ] && echo failure
        return $RETVAL
stop() {
        echo -n "Stopping $prog: "
        $command stop
        [ $RETVAL = 0 ] && echo success
        [ $RETVAL != 0 ] && echo failure
status() {
        result=`$command status`
        if [ "$result" = "running" ]; then
                echo "ZoneMinder is running"
                echo "ZoneMinder is stopped"

case "$1" in
        echo "Usage: $0 { start | stop | restart | status }"
exit $RETVAL

Make /etc/init.d/zm executable:

chmod 755 /etc/init.d/zm
  • now: i use webmin to make ZoneMinder start at boot time ... (under webmin > system > bootup and shutdown > click zm and enable boot start, save)
  • you may want to add the following line on /etc/rc.local file:
/etc/init.d/zm start

  • guess what, i will reboot again; i admit i like it;

Final testings and procedures

  • time to check our system logs; besides cron jobs doing their jobs, i am happy so far to find in /var/log/syslog the following:
Dec 17 06:49:54 cftv105 zmpkg[1477]: INF [Command: start]
Dec 17 06:49:54 cftv105 zmdc[1483]: INF [Server starting at 09/12/17 06:49:54]
Dec 17 06:49:55 cftv105 kernel: [   15.641010] eth0: no IPv6 routers present
Dec 17 06:49:57 cftv105 zmdc[1483]: INF ['zmfilter.pl' starting at 09/12/17 06:49:57, pid = 1505]
Dec 17 06:49:57 cftv105 zmdc[1505]: INF ['zmfilter.pl' started at 09/12/17 06:49:57]
Dec 17 06:49:57 cftv105 zmdc[1483]: INF ['zmaudit.pl -c' starting at 09/12/17 06:49:57, pid = 1508]
Dec 17 06:49:57 cftv105 zmdc[1508]: INF ['zmaudit.pl -c' started at 09/12/17 06:49:57]
Dec 17 06:49:58 cftv105 zmdc[1483]: INF ['zmwatch.pl' starting at 09/12/17 06:49:57, pid = 1510]
Dec 17 06:49:58 cftv105 zmdc[1510]: INF ['zmwatch.pl' started at 09/12/17 06:49:58]
Dec 17 06:49:58 cftv105 zmfilter[1505]: INF [Scanning for events]
Dec 17 06:49:58 cftv105 zmdc[1512]: INF ['zmupdate.pl -c' started at 09/12/17 06:49:58]
Dec 17 06:49:58 cftv105 zmdc[1483]: INF ['zmupdate.pl -c' starting at 09/12/17 06:49:58, pid = 1512]
Dec 17 06:49:58 cftv105 zmwatch[1510]: INF [Watchdog starting]
Dec 17 06:49:58 cftv105 zmwatch[1510]: INF [Watchdog pausing for 30 seconds]
Dec 17 06:49:58 cftv105 zmupdate[1512]: INF [Checking for updates]
Dec 17 06:49:58 cftv105 zmupdate[1512]: INF [Got version: '1.24.2']
Dec 17 06:50:01 cftv105 CRON[1516]: (munin) CMD (if [ -x /usr/bin/munin-cron ]; then /usr/bin/munin-cron; fi)
Dec 17 06:50:01 cftv105 CRON[1518]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi)
Dec 17 06:50:23 cftv105 kernel: [   44.076011] tveeprom 1-0050: Huh, no eeprom present (err=-6)?
Dec 17 06:50:23 cftv105 kernel: [   44.076015] bttv0: tuner type unset
Dec 17 06:50:23 cftv105 kernel: [   44.076083] bttv0: registered device video0
Dec 17 06:50:23 cftv105 kernel: [   44.076104] bttv0: registered device vbi0

  • now, lets access the web interface; as i have mentioned, i need to change the http port because my isp blocks port 80:

1- backup and edit /etc/apache2/ports.conf with nano, then change both "NameVirtualHost *:80" and "Listen 80" to the new port we may need;

2- backup and edit /etc/apache2/sites-enabled/000-default with nano, and change "<VirtualHost *:80>" to reflect the new port;

3- restart apache a la red hat way: "service apache2 restart"; yes, it restarted with no complains !

  • time for the truth: point our firefox browser to the no-ip address from the wan side or the fixed ip from the lan side:

http://xxxx.no-ip.com:pppp/index.php (where pppp is the new apache port, if so)

Softlivre fresh1 24 2.jpg

  • (optional) lets have tested some of my analog cameras to work with the Pico2000 capture card: (read the pico200 link first) (this card seems to require that 4 inputs are connected, not less...) first go to option > config and disable V4L_MULTI_BUFFER; then restart zm, add a new monitor, choose a preset (or for example i have accepted all defaults and just changed the source tab to: /dev/video0 , video_for_linux_version_1, channel 0, ntsc, yuv422p, 320, 240, > save; (there are lots of presets available); i have already had success on both v4l1 and v4l2, but i still prefer v4l1 for greater compatibility and to find support if needed;
  • (optional) if you want, there are dozens of open ip cams for a initial test also so you dont depend on your own capture card, and may test the zm install and insulate any (possible) problem... Just google for "public ip cams" or refer to http://www.webcamxp.com/publicipcams.aspx for example; (by open i mean no password protection, altough no one authorized it´s use, so behave and consider varying them on your tests to save upload for an individual cam)

(the shot from the cam below i configured at this point like this: entered the link above to find a public cam, chose one axis ip cam randomly from the list, noted down its ip and port ; then under zm, create new cam, use preset for axis mjpeg 320x240, entered the source tab and filled in the ip and port... and thats that; you may try different ones, and restart apache and zm if needed between the attempts, or even reboot is not a bad idea; i made the full sequence as described so far, and...)

Softlivre sample ipcamtest.jpg

(I have to mention that using this and other public ip cams on my tests i had multiple problems with shared memory errors, ajax errors, and browser (not server) hangs; but those went away when i used the local capture card, so it makes me think you have to adjust zm options and the cameras carefully for each case, and a growing latency between zm server and the ip cam may bring such problems requiring further/better configuration than the present one.)

  • Now lets secure our zm install right away (make it password protected for the internet public): navigate to options > system and check OPT_USE_AUTH, change AUTH_HASH_SECRET to whatever, save; now restart zoneminder from the web interface or from the putty, like "service zm restart", enter zm interface again, use admin/admin as the default logins/password, navigate to options > users (the last new tab), and i suggest you change the username AND the password, not only the password; save, close, restart zm again, logout and login with new account;
  • you may need to logout and login again, even after restarting zm, because if not the system may "remember" your last session, and the user wont authenticate zms processes, giving syslogs somethings like "zms[1234]: ERR [Unable to authenticate user]"; just then, click the monitor id to watch it;
  • End up making with a final reboot, and further log inspections, this time with the new camera already configured;
  • If using another partition for "home", as i did, now you would create a /home/zm/events directory and create a symlink from /var/www/zm/events to that; so a simple
ln -s /home/zm/events/ /var/www/zm/events

should do it;

Extra configurations

Mail Server integration

  • What is the use of a CCTV system with analog (non ip cams) that only saves events on a local computer, if a burglar breaks in and take that pc also ?

I think it is mandatory to have zoneminder configured to ftp events to a remote server, or even email me automatically when selected events happen (sending an email with an attached image is not bad) and zm provides you both resources;

In the lines below i will describe a simple way to do that, but you may research (and tell me) if you have success on simpler or more efficient approaches; i will thank you for that and that would improve this article too!

Altough we have an Ubuntu server enabled with postfix that may send emails without the help of an external ISP, i prefer to use my ISP SMTP account to do that, because sending emails from (my) dynamic IP (that doesnt resolve to a FQDN, and other things) usually gets rejected by 99% of the providers; I have referenced from http://anothersysadmin.wordpress.com/2009/02/06/postfix-as-relay-to-a-smtp-requiring-authentication/ to do this:

Use external isp to send emails

IF you have chosen MAIL during install-time and followed the suggested steps, it should be exactly like this: (or if you installed postfix later and chose "internet site" it must to be the same)

  • backup and edit postfix configuration: "cd /etc/postfix", enter; "cp main.cf bkp_original_main.cf", enter, "nano main.cf" enter , **remove** the line that says "relayhost = " (next to the end of the file) and *ADD* the following lines to the end:
#### ADDED BY henrique@softlivre.com.br TO USE MY ISP SMTP ACCOUNT WHEN SENDING EMAILS ####
relayhost = [smtp.XXXCHANGETHISXXX.com]
# smtp_sasl_mechanism_filter = digest-md5 # enable if your isp supports this
  • Now, create a file to store your user account data from your paid ISP: type "nano /etc/postfix/sasl-passwords", enter, and paste/edit the following:
[smtp.xxxxxxxx.com] yourusername:yourpassword
  • notice: in my isp (locaweb-brazil) my username is my full email, not only the string before the at(@) sign;
  • GMAIL: gives a "Must issue a STARTTLS command first" response and the mail has not been sent at the time of writing; other isps worked fine;

  • compile the map file:
postmap hash:/etc/postfix/sasl-passwords

(expect no output)

  • restart postfix with "service postfix restart";
  • test email sending: if you've never done that from command line: type "mail test@test.com", enter, enter subject, enter, type the message, hit CTRL+D, hit enter again for the CC field, and thats it! now look at the tail of syslog, ("tail /var/log/syslog") and expect to have something good as follows; the email is now on its way in the wires and airwaves, and we're done !
May 24 22:56:35 amdcctv-ub904 postfix/pickup[5304]: 8A63F42487: uid=0 from=<root>
May 24 22:56:35 amdcctv-ub904 postfix/cleanup[5762]: 8A63F42487: message-id=<20090525015635.8A63F42487@amdcctv-ub904.xxxxxx.com.br>
May 24 22:56:35 amdcctv-ub904 postfix/qmgr[5306]: 8A63F42487: from=<root@amdcctv-ub904.xxxxxx.com.br>, size=365, nrcpt=1 (queue active)
May 24 22:56:36 amdcctv-ub904 postfix/smtp[5764]: 8A63F42487: to=<xxxxx@xxx.com>, relay=smtp.xxxxxx.com.br[]:25, delay=0.79, delays=0.1/0.04/0.3/0.34, dsn=2.0.0, status=sent (250 ok 1243216596 qp 4272)
May 24 22:56:36 amdcctv-ub904 postfix/qmgr[5306]: 8A63F42487: removed

ZM email and filter config

  • under zm interface, go to options > email, and have a look/start with my suggested config found in the picture below; note that EMAIL_HOST may remain cool at "localhost", because we have already prepared postfix as we wanted for the server as a whole; > save
  • The important wildcards that will do the trick to include in the EMAIL_BODY are:
%EI1%  /Attachs first alarmed event image.
%EIM% /Attachs (first) event image with the highest score.
%EV%   /Attachs event mpeg video. (I prefer images because of file size, and have not tested this)
  • adjust your email/upload filter considering that only a few(important) events should match it, according to the server connection speed; also avoid uploading or emailing videos, or worse than having your mailbox full or paused by your isp, you may end up not being able to access your server from the "outside" because your bandwidth is already fully compromised; (on my 1Mb dsl, when i´m watching the montage view with 4 cams on 320x240, with 50% of quality (options>images>JPEG_STREAM_QUALITY), im hardly able to ssh or webmin my own server; i have to stop the montage and wait 2 seconds at least, and thats without mentioning emailing or ftp'ing!); of course not if you´re only interested on the lan side efficiency...
  • You may use zm new skins structure to build your own interface, for example, alowing certain users to only watch snapshots and no videos, so you can save bandwidth when required;

Email config.jpg

  • create a new filter to your needs: on the main zm page, click filters; (note that already have one filter pre-configured, that purges events when disk is almost full, leave it as is and create a new one! (really needed or the server may collapse without space to think, work)) notice: it is pre-configured, but not pre-activated to run in background, so if you want select this filter, click save, and check "Run filter in background", save;


  • (optional) options > system > set FILTER_EXECUTE_INTERVAL to 10 , according to the context help: "ZoneMinder allows you to save filters to the database which allow events that match certain criteria to be emailed, deleted or uploaded to a remote machine etc. The zmfilter daemon loads these and does the actual operation. This option determines how often the filters are executed on the saved event in the database. If you want a rapid response to new events this should be a smaller value, however this may increase the overall load on the system and affect performance of other elements."
  • (optional) send an important image by email automatically, based on the event total score; see the FAQ if needed to understand zm statstics; for example: || total score || greater than || 10 ||, check "Email details of all matches" > save (do **not** click submit or you will get all existent events that match the filter to be mailed to you; actually, we just want the new events from now on...);
  • play around with the filters' infinite possibilities;
  • restart zm whenever you edit any filter with "service zm restart" to force the reload of filters now (or you will have to wait up to 300 seconds that is the default, but can also be changed);

(shot from 9.04 install) Softlivre inbox.jpg

(shot from 9.04 install) Softlivre inbox rolldown.jpg

Creating a custom skin to your mobile

ZM new version supports creation and customization of skins, for example, for your specific mobile;

Even if you dont own a newer smartphone or palm to be able to watch live streams, you may have your old web-enabled mobile to view still images refreshed manually, a simple montage view, access to last events and much more; In the foruns there are many tweaks for specific mobiles/palms/smartphones/etc....

  • if you need to create a custom skin, use the "mobile" as a basis and modify to your needs: "cd /var/www/zm/skins/", and copy the whole dir structure to , for example, ./nokia" (...) after that, use skin=nokia, if so; then you can modify the skin.php or the files inside /skins/nokia/views if needed, leaving the default zm files intact, so that you dont even need to make a backup of them because you are just modifying your own skin !!!
  • When you dont express what skin you want, the system defaults to skin=classic, unless you have set your web server to redirect selectively to a custom skin based on the browser; for example: in my case, apache recognizes my mobile browser as "Nokia5610d" and redirects to skin=nokia; Once you access a skin, zm intelligently use cookies to keep your preferences;

Mobile varanda2.jpg

Maintenance Tasks

Backup ZM (and cams) configuration

  • Caution: ZM database contains the software configuration, camera definitions and also the list of events that are saved under the zm events dir;

service zm stop

cd /root
mkdir zm_backups
cd /root/zm_backups/
mysqldump -u root -p --databases zm > my_zm_db_whatever.sql

service zm start

Restore ZM to factory settings

  • Caution: ZM database contains the software configuration, camera definitions and also the list of events that are saved under the zm events dir;

#optional to **erase** existing events that remain on disk # caution!!!
rm -rf /var/www/zm/events/*

# certify you have the create database script where you expect it to be;
ls -l /usr/src/zm/db/zm_create.sql

service zm stop

mysql -u root -p < /usr/src/zm/db/zm_create.sql

service zm start

If you need to reconstruct db permissions:

# to enter mysql shell
mysql -u root -p

# inside mysql shell paste the following:
grant select,insert,update,delete on zm.* to 'zmuser'@localhost identified by 'zmpass';

Restore ZM to your own backup settings

  • Caution: ZM database contains the software configuration, camera definitions and also the list of events that are saved under the zm events dir;

service zm stop
mysql -u root -p < /root/zm_backups/my_zm_db_whatever.sql
service zm start

ZM 1.24.2 svn 3007 factory settings

  • These are the default zm settings as of the above mentioned version, for reference on your tests.
  • Restoring manually is a safe way to keep cams configuration + existing events list;

1.24.2-3007 factoryset.jpg

  • Default image adjustments/settings for 320x240px ntsc day´n´night analog camera into a bttv chip based capture card running v4l1 (may be changed from the settings link when watching a stream from a monitor, but this card seems to change all cameras sharing the same chip, and doesnt seem to like to have these settings changed with zm running, so they may not be very practical to change in this case; YMMV)
Brightness: 32768
Contrast: 32768
Hue: 32768
Colour: 32768


Known good and bad experiences

I have already had many good experiences with Zoneminder; i run it for more than 18 months now on different versions and hardwares, and it proved to be very useful and efficient to me under different circumstances! I have managed to hack a skin that suited to my mobile and it is very stable for that purpose and for others too!

The bad experiences i have already had (with previous versions and still with the subversion 3007 from Zoneminder) i will call them "bad experiences" and not "problems", because i am not able to put blame on one specific process or part of software, be it the browsers i use, the OS, ZM itself or even the cheap capture cards i use; I can not say for sure that i have correctly configured my hardware and tried all the options and tweak combinations available under ZM console; what i can do is to try to reproduce some experiences in the forums, and here i place the exact steps i take on deploying the installation and tweaking for my piece of hardware;

Should any of the following experiences also happen to you, please be kind to search the faq and existing threads on the forum, such as: Apache hangs, shared memory issues, multiple sock files on /tmp and ajax errors on the logs when those happen, blank monitors, unstable streamings... i have also observed to have shared memory issues when connected to ip cameras during testing, but with local cameras from the capture card those issues did not happen;


I am now satisfied with this install as i have described and using the following workarounds so i can avoid difficulties, having no hangs, no errors, no zmc crashing, no broken pipes errors; Dont take it as a "need to", because as mentioned it reflects only a particular experience; i am confident ZoneMinder is a high quality software and most of the problems i have had were due to misconfiguration or the browsers itself that are not designed to handle multiple streams. .

  • Use Opera or SeaMonkey as alternate browsers for Zm (i prefer using firefox for surfing the web and opera or seamonkey just for zm, so i can restart the zm browser without stopping my work-flow whenever needed)
  • Dont open more than 4 live streams simultaneously from the wan side of the server; on the local side, i can open more views at the same time, and the problems become more unlike to happen; i think that as the ping grows between the server and the browser (what logically happens when opening multiple streams under a limited bandwidth) the lack of response generates a side effect that ends up like a "apache crash"... but: Are you sure apache is hung? try to CLOSE ALL INSTANCES OF YOUR BROWSER, RESTART IT and now have a look! the console is back, and apache and zm did not need to be restarted (this further seems to indicate it may not be a zm problem); Also, under zm console options you may customize the behavior and timeouts for your specific case, for example under options > low b/w , and then using the corresponding option under zm console (just below the ZoneMinder Console - Running - v1.24.2 message);
  • Make use of lower fps settings for the cameras, lower image quality for live streams, or even use the mobile skin as an alternative and last resource when many users may want to watch zm simultaneously, saving bandwidth and problems coming from that; (remember that you may record events with a quality of 100% on the hard disk and just stream with,say, 35% for example to have better performance with 4 or 8 views on the web...); details for the mobile skin are under this section: Ubuntu_9.10_Server_32-bit#Creating a custom skin to your mobile
  • Some tweaks that also seemed to help with my specific capture card and 1 mbps dsl , adjusted from zm console options tabs:
system > WATCH_CHECK_INTERVAL changed from 10 to 300
system > WATCH_MAX_DELAY changed from 5 to 30
config > STRICT_VIDEO_CONFIG from enabled to disabled
config > V4L_MULTI_BUFFER from enabled to disabled
config > CAPTURES_PER_FRAME from 1 to 4 (this will surely discard more frames, so use only as really necessary)
config > CREATE_ANALYSIS_IMAGES from enabled to disabled
images > CAN_STREAM from auto to yes
images > JPEG_STREAM_QUALITY from 70 to 40
images > OPT_CAMBOZOLA from disabled to enabled 
network > HTTP_TIMEOUT from 2500 to 2000

and also the following, that will only show results when configured for "low bandwidth" within zm console:

Low B/W > WEB_L_REFRESH_MAIN from 300 to 900
Low B/W > WEB_L_VIDEO_MAXFPS from 5 to 2 (<---- this is a important one, my 4 cams were individually set to 2 fps too)
Low B/W > WEB_L_AJAX_TIMEOUT from 10000 to 30000 (<---- this is a important one)

Desktop over server consideration

This walkthrough targets a server stable install and no desktop at all;

Its suggested to have your system up and running, watch it, and not to install a bunch of packages at a time, namely "desktop" packages; for example, on many situations before when i have installed one of the ubuntu desktops by "apt-get install ubuntu-desktop", or "apt-get install kubuntu-desktop", or "apt-get install xubuntu-desktop" over a server deployment, i ended up with different kernels, multiple insane choices under my boot menu, and different sort of odd things when needing to compile something, including zm source; well, it may be not a problem for you, but i admit it really is for me; if in doubt checkout those links that report that even the kernel interrupt timer is different between the server and the desktop editions:

If a desktop is needed, i suggest you install from desktop cd from the beginning; as a last resource over the server, i would suggest xubuntu-dekstop, that uses xfce window manager, which is very lightweight and efficient;

Additional suggested softwares

  • install lmsensors, and watch it if you´re gonna have a common computer turned on for longer period that it was initially prepared; (or make a custom script to shutdown in case of cpu overheat or fan problematic speed); a hi-quality powersupply like SEVENTEAM or THERMALTAKE is suggested for the cpu; (apt-get install lmsensors)
  • install phpmyadmin; (apt-get install phpmyadmin)
  • install samba server or client upon need;
  • install a proxy to force a firewall and provide cache to the lan-side of your network, or soho; (**only** if you have a reasonable server, or all youre gonna get are exceeded help-desk tickets); check http://www.squid-cache.org/
  • run a nmap search from another computer to learn about vulnerabilities on your server/network; install simply by apt-get install nmap or have a visit at http://www.insecure.org and http://www.nmap.org to get some examples;
  • watch your logs;
  • backup this system state so far, with something like ghost, so that that you can restart from *here* and not from the beginning if needed, or simply take a snapshot if under a vitualizated machine;
  • configure a self-signed ssl certificate, and then prepare apache to have virtual redirections to each dir upon your will; for example, you may force some important web directories, like /var/www/ or /var/www/intranet to require SSL with "RequireSSL" directives in htaccess files; and also, remember that htaccess files are useful but if you have the root access to the server, you dont need to rely on the htaccess; you may create a top-level apache rule into its own config, wich i judge safer;


  • A step-by-step guide to control external devices with linux (usb preferentially) transforming our rig not only in a cctv server, but also a complete alarm and domotics controller)
  • A script under a cronjob to watch the cpu temp and fan speeds with the lmsensors package and arrange the needed actions;
  • make a (little) donation to the zm keeper; > done !