Changes

Jump to navigation Jump to search

SME on CentOS 6 (view source)

Revision as of 17:01, 21 January 2013

9,545 bytes added ,  17:01, 21 January 2013
→‎Installing CentOS 6 minimal
Line 49: Line 49:  
* Make regular snapshots of your Virtual Machine and describe them specifically. At least when you've reached an important milestone for yourself
 
* Make regular snapshots of your Virtual Machine and describe them specifically. At least when you've reached an important milestone for yourself
    +
==== Installing the ISO ====
   −
=== Enable networking ===
+
* Just install a minimal el6 installation (I just installed a few utilities like htop, screen, rsync, vim, openssh-clients etc…). You can use either the DVD, the minimal CD install, a net install with PXE, it's up to you
 +
 
 +
==== Enable networking ====
    
Each boot you have to start the network etc etc. I decided it was better with the minimal install and touch as little as possible - if I could then get SME packages installed I could then use that to configure networking later.
 
Each boot you have to start the network etc etc. I decided it was better with the minimal install and touch as little as possible - if I could then get SME packages installed I could then use that to configure networking later.
Line 72: Line 75:  
For the current purposes I decided to start manually each time so I that left the base settings as untouched as possible.
 
For the current purposes I decided to start manually each time so I that left the base settings as untouched as possible.
   −
=== Enable SSH ===
+
==== Enable SSH ====
    
On first run make sure we have ssh installed so we can use a terminal to login - much easier for copy and pasting stuff :
 
On first run make sure we have ssh installed so we can use a terminal to login - much easier for copy and pasting stuff :
Line 80: Line 83:  
  service iptables stop
 
  service iptables stop
 
  service sshd start
 
  service sshd start
 +
 +
==== Disable SELinux ====
 +
It will be easier to see what's going on (and turn off selinux at kernel level, just to be sure)
 +
sed -i -e 's/rhgb quiet/selinux=0/g' /boot/grub/menu.lst
 +
sed -i -e 's/SELINUX=.*/SELINUX=disabled/g' /etc/sysconfig/selinux
 +
 +
==== Remove selinux-policy-targeted and authconfig ====
 +
They conflict with some e-smith/smeserver packages
 +
yum remove selinux-policy-targeted authconfig
 +
 +
== Configure basic requirments ==
 +
==== Configure third party repo ====
 +
Enable the EPEL repo
 +
rpm -Uvh http://fr2.rpmfind.net/linux/epel/6/i386/epel-release-6-8.noarch.rpm
 +
 +
Enable the ATrpms repo
 +
rpm -Uvh http://dl.atrpms.net/el6-x86_64/atrpms/stable/atrpms-repo-6-6.el6.x86_64.rpm
 +
 +
Enable RPMForge
 +
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
 +
 +
Configure SME repository (EL5 version for now)
 +
cat<<'EOF' > /etc/yum.repos.d/sme.repo
 +
[smeaddons]
 +
enabled=1
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeaddons-8
 +
name=SME Server - addons
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smecontribs]
 +
enabled=0
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smecontribs-8
 +
name=SME Server - contribs
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smedev]
 +
enabled=0
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smedev-8
 +
name=SME Server - dev
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smeextras]
 +
enabled=1
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeextras-8
 +
name=SME Server - extras
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smeos]
 +
enabled=1
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeos-8
 +
name=SME Server - os
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smetest]
 +
enabled=0
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smetest-8
 +
name=SME Server - test
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smeupdates]
 +
enabled=1
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeupdates-8
 +
name=SME Server - updates
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
[smeupdates-testing]
 +
enabled=0
 +
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeupdates-testing-8
 +
name=SME Server - updates testing
 +
gpgcheck=1
 +
enablegroups=1
 +
#
 +
EOF
 +
 +
==== import SME's GPG key ====
 +
rpm --import http://sme-mirror.firewall-services.com/releases/8/smeos/x86_64/RPM-GPG-KEY-SMEServer
 +
 +
==== install yum-plugin-priorities ====
 +
yum install yum-plugin-priorities
 +
 +
==== Configure yum priorities ====
 +
Set the base, updates and extras repo in /etc/yum.repos.d/CentOS-Base.repo a high priority (respectivly 50, 40, 50)
 +
[...]
 +
[base]
 +
name=CentOS-$releasever - Base
 +
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
 +
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
 +
gpgcheck=1
 +
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
 +
priority=50
 +
#
 +
#released updates
 +
[updates]
 +
name=CentOS-$releasever - Updates
 +
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
 +
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
 +
gpgcheck=1
 +
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
 +
priority=40
 +
#
 +
#additional packages that may be useful
 +
[extras]
 +
name=CentOS-$releasever - Extras
 +
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
 +
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
 +
gpgcheck=1
 +
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
 +
priority=50
 +
#
 +
[...]
 +
 +
==== Set Epel to a priority of 60 in /etc/yum.repos.d/epel.repo ====
 +
[epel]
 +
name=Extra Packages for Enterprise Linux 6 - $basearch
 +
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
 +
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
 +
failovermethod=priority
 +
enabled=1
 +
gpgcheck=1
 +
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
 +
priority=60
 +
 +
==== Set RPMForge to a priority of 65 in /etc/yum.repos.d/rpmforge.repo ====
 +
[rpmforge]
 +
name = RHEL $releasever - RPMforge.net - dag
 +
baseurl = http://apt.sw.be/redhat/el6/en/$basearch/rpmforge
 +
mirrorlist = http://apt.sw.be/redhat/el6/en/mirrors-rpmforge
 +
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
 +
enabled = 1
 +
protect = 0
 +
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
 +
gpgcheck = 1
 +
priority=65
 +
 +
==== Set atrpms to priority of 70 in /etc/yum.repos.d/atrpms.repo ====
 +
[atrpms]
 +
name=Red Hat Enterprise Linux $releasever - $basearch - ATrpms
 +
failovermethod=priority
 +
baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/stable
 +
enabled=1
 +
gpgcheck=1
 +
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-atrpms
 +
priority=70
 +
 +
==== Install some package without dependancy check ====
 +
 +
A few packages have to be installed manually without dependancy check:
 +
rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeupdates/x86_64/RPMS/smeserver-yum-2.2.0-20.el5.sme.noarch.rpm
 +
rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeupdates/x86_64/RPMS/e-smith-samba-2.2.0-49.el5.sme.noarch.rpm
 +
rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeos/x86_64/SME/e-smith-test-2.2.0-1.el5.sme.noarch.rpm
 +
 +
Two perl package need to be installed manually with sme and epel repo disabled (I need to figure out why repo priority doesn't fix this)
 +
yum install perl-Razor-Agent perl-Data-UUID --disablerepo=sme\* --disablerepo=epel
 +
 +
== Install e-smith-base ==
 +
Now, you should be ready to install e-smith-base. For me, this pulls 222 packages (166MB). For some reason, the GPGKey is not recognized, so just run yum with –nogpgcheck
 +
yum --nogpgcheck install e-smith-base
 +
 +
==== Install the remaining e-smith/smeserver packages ====
 +
Now install all the remaining e-smith/smeserver packages
 +
yum --nogpgcheck install e-smith\* smeserver\*
 +
 +
It should install the following packages and their dependancies:
 +
e-smith                     
 +
e-smith-LPRng               
 +
e-smith-apache               
 +
e-smith-backup               
 +
e-smith-devtools             
 +
e-smith-dynamicdns-dyndns   
 +
e-smith-dynamicdns-dyndns.org
 +
e-smith-dynamicdns-tzo       
 +
e-smith-dynamicdns-yi       
 +
e-smith-flexbackup           
 +
e-smith-horde               
 +
e-smith-hosts               
 +
e-smith-imp                 
 +
e-smith-ingo                 
 +
e-smith-ldap                 
 +
e-smith-lib-compspec         
 +
e-smith-mysql               
 +
e-smith-ntp                 
 +
e-smith-oidentd             
 +
e-smith-openssh             
 +
e-smith-php                 
 +
e-smith-pptpd               
 +
e-smith-proftpd             
 +
e-smith-proxy               
 +
e-smith-qmailanalog         
 +
e-smith-quota               
 +
e-smith-radiusd             
 +
e-smith-turba               
 +
e-smith-viewlogfiles         
 +
smeserver-release
 +
 +
==== Install samba ====
 +
Now install samba-client (e-smith-samba has been installed manually without dep check, otherwise it would have pulled samba3x package instead of samba)
 +
yum install samba-client
 +
 +
==== Replace upstart with SysVinit ====
 +
We've almost finished, we just have to replace upstart with the good old SysVinit, because upstart doesn't support the custom runlevel 7 SME uses
 +
rpm -e --nodeps upstart sysvinit-tools
 +
rpm -Uvh http://sme-mirror.firewall-services.com/releases/8/smeos/x86_64/SME/SysVinit-2.86-17.el5.x86_64.rpm
 +
 +
==== Move some perl modules ====
 +
We need to copy some perl modules to a new directory, because @INC has changed in EL6:
 +
cp -a /usr/lib/perl5/site_perl/esmith/ /usr/share/perl5/vendor_perl/
 +
 +
==== Create a service entry for rsyslog ====
 +
We need to create a new service entry in the DB, because the standard syslog package is now rsyslog:
 +
/sbin/e-smith/db configuration set rsyslog service status enabled
 +
cp -a /etc/rc7.d/S05syslog /etc/rc7.d/S05rsyslog
 +
 +
==== Run post-upgrade ====
 +
We can now try to post-upgrade
 +
/sbin/e-smith/signal-event post-upgrade
 +
 +
 +
And reboot. Unfortunatly, I wasn't able to reboot properly at this stage, because of the upstart → SysVinit transition (the error message is ”/dev/initctl: No such file or directory”) so I had to destroy the VM completely
 +
 +
== The system boots but completly broken :-) ==
 +
Ok, so the system should now boot, but is really not usable, after a quick look, at least the following doesn't work as expected:
 +
 +
* The console on the first boot don't really work. It asks for the admin password (and BTW the password appears in cleartext) but it's all
 +
* No network interfaces are detected by the console menu (because kudzu is not installed, only available in SME repo, and require an older python which conflicts with the the one * from EL6)
 +
* slapd won't start
 +
* httpd won't start
 +
* squid won't start
 +
* manually running expand-template has no effect (and no error message is printed). But signal-event seems to work (files get expanded and services restarted)
 +
* as the network interface are not configured, all the services which requires the internel IP (or the external one) in their config (at least sshd squid and dnscache) won't start
 +
* even if we manually add 0.0.0.0 after the ListenAddress line in /etc/ssh/sshd_config, we cannot connect using SSH (the daemon is running, but from a computer on the same network, I get a ssh_exchange_identification: Connection closed by remote host error)
 +
* qpsmtpd won't start (can't locate Qpsmtpd/TcpServer.pm in @INC)
 +
* There's probably a lot more which is not working
    
== SME Server specific/required packages ==
 
== SME Server specific/required packages ==
Retrieved from "https://wiki.koozali.org/Special:MobileDiff/17299"

Navigation menu