From Wiki

Jump to: navigation, search


What is it?

BaseOS is simply a copy of files from a standard CentOS 5.5 installation.

Where possible we install it in the memory of the server by using tmpfs. This way we get quite big performance increase, since we reduce the disk I/O and because tmpfs makes the stat operations almost atomic.

How we created it?

we then added one more directory /chroot where we kept all the big folders (Perl, Python, frontpage and so on).

One additional thing is the /root/baseos directory. While all users use /var/suexec/baseos(which is in memory) /root/baseos keeps all files on disk. This folder is there, because between reboots you must have a place from where you can copy the files to memory again.

How is it organized?

You have the standard Linux directory structure with two exceptions:

  1. You have the /Z folder.
  2. The /chroot folder. This one is used to keep all the things that we think don't need to be in memory. It has python2.4, the perl libs, frontpage files and the run directory(there we store the socket to NSCD).

What software do we have in there?

You can see what software we have by simply looking around in /var/suexec/baseos. However a few important things that we have there are:

  1. 6 different PHP versions:
    1. PHP 4.4
    2. PHP 5.0
    3. PHP 5.1
    4. PHP 5.2
    5. PHP 5.2 with Suhosin-Patch 0.9.7
    6. PHP 5.3
  2. Perl v5.8.8
  3. Python 2.4.3
  4. ImageMagick
  5. MySQL & PGSQL clis
  6. Archivers
  7. The following binaries (or symlinks to their corresponding location):
cp echo host mktemp python2.4 tar vim csh egrep hostname more rar tcsh wc awk curl env id
mv reset time whereis basename cut false  kill nano rm touch which bash date file less nice
sed true whoami bzip2 diff find ln perl sh tset zip cat diff3 gawk ls pgrep sleep uname
chmod dircolors grep mail pico sort unrar chown dirname gzip mesg pwd sperl unzip clear du
head mkdir python tail vi

NB: If you need another binary added in the BaseOS for your server, you can do so following the instructions described here

Note that all PHP versions are shipped separately from the baseos packet. You will have all available PHP versions installed by default with the Hive installation. However, should you decide that you want a different release for one of the minor versions - there will be no problem to replace it. For example we might have PHP 5.2.17 as the default one for the 5.2 branch and still you will be able to install 5.2.9 instead should you need to do so.

How do we handle mail within the chroot?

Since every user is chrooted into the BaseOS, no one is actually able to use the sendmail command(this includes the PHPs). So we had to solve this problem. What we started with was the mini_sendmail command.

What this command does is to parse mails coming on STDIN and forward them as normal SMTP request to the SMTP server on localhost. In order to do this securely we modify your Exim configuration to prevent spam and abuse from local users.

So now every user has access to the sendmail command without the need of access to the local spool directory. One side effect from this is, that it is now easier to control the mails per hour, per user as all mails are coming as network connections and their local user origin is known.


# ls -1A
ChangeLog     - this file contains the changes we made to this directory
frontpage/    - files required by FrontPage extensions module
list.txt      - this file contains some instructions on how the chroot was initially created and what packages was added to this folder
locale/       - system locales
perl5/        - perl5 libraries
python2.4/    - python2.4 installation
run/          - holds the socket to NSCD
share.locale/ - additional system locales
sites/        - configuration files for FrontPage extensions
texmf/        - TeTeX/LaTeX support files
tmp/          - directory where we mount /tmp from the / filesystem
VERSION       - the version of the collection of these files

Specific MySQL Socket configuration

With the installation of the Baseos the MySQL socket configuration in /etc/my.cnf is modified to:


The old MySQL socket is replaced by a sym link that points to the newly used one /tmp/mysql.sock in order to not cause any service disruption.

Retrieved from ""
Personal tools