Figure 3.1. Assumptions in this section
None of these locations are set in stone - they're simply the values that we've chosen. The values that you'll probably want to change, such as service name, are marked like this. The other values we recommend you leave unchanged unless you have a reason to change them.
Some of the paths and user accounts have been changed from those recommended in previous versions of this document to improve security and maintainability. See this thread for discussion.
You will need a PC running linux with the following software installed:
libxml2
tcl
gmake and the compile and build environment.
and optionally this software:
emacs
cvs
ImageMagick
DocBook and supporting software
You can follow the walkthrough of the Red Hat 8.0 Install for OpenACS.
This section assumes that the source tarballs for supporting software are in /tmp. It assumes that you begin each continuous block of commands as root, and you should end each block as root. It doesn't care which directory you start in. Text instructions always precede the commands they refer to.
The OpenACS tarball contains sample configuration files for some of the packages listed below. In order to access those files, unpack the tarball now.
[root@yourserver root]# cd /tmp [root@yourserver tmp]# tar xzf openacs-4.6.3.tgzcd /tmp tar xzf openacs-4.6.3.tgz
CVS is a source control system. Create and initialize a directory for a local cvs repository.
[root@yourserver tmp]# mkdir /cvsroot [root@yourserver tmp]# cvs -d /cvsroot init [root@yourserver tmp]#mkdir /cvsroot cvs -d /cvsroot init
If you plan to write or edit any documentation with emacs, install a customized emacs configuration file with DocBook commands in the skeleton directory, so it will be used for all new users. The file also fixes the backspace -> help mis-mapping that often occurs in terminals.
[root@yourserver tmp]# cp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/emacs.txt /etc/skel/.emacs cp: overwrite `/etc/skel/.emacs'? y [root@yourserver tmp]#
Daemontools is a collection of programs for controlling other processes. We use daemontools to run and monitor AOLServer. It is installed in /package. These commands install daemontools and svgroup. svgroup is a script for granting permissions, to allow users other than root to use daemontools for specific services.
Install Daemontools
Red Hat
Make sure you have the source tarball in /tmp, or download it. (The -p flag in mkdir causes all implied directories in the path to be made as well.)
(If you are using Red Hat 9.0, you need to put #include <errno.h> as the first line of /package/admin/daemontools-0.76/src/error.h. More information)
[root@yourserver root]# mkdir -p /package [root@yourserver root]# chmod 1755 /package/ [root@yourserver root]# cd /package/ [root@yourserver package]# tar xzf /tmp/daemontools-0.76.tar.gz [root@yourserver package]# cd admin/daemontools-0.76/ [root@yourserver daemontools-0.76]# package/install Linking ./src/* into ./compile... (many lines omitted) Creating /service... Adding svscanboot to inittab... init should start svscan now. [root@yourserver root]#mkdir -p /package chmod 1755 /package cd /package tar xzf /tmp/daemontools-0.76.tar.gz cd admin/daemontools-0.76 package/install
Debian
root:~# apt-get install daemontools-installer root:~# build-daemontools
Verify that svscan is running. If it is, you should see these two processes running:
[root@yourserver root]# ps -auxw | grep service root 13294 0.0 0.1 1352 272 ? S 09:51 0:00 svscan /service root 13295 0.0 0.0 1304 208 ? S 09:51 0:00 readproctitle service errors: ....................................... [root@yourserver root]#
Install a script to grant non-root users permission to control daemontools services.
[root@yourserver root]# cp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/svgroup.txt /usr/local/bin/svgroup [root@yourserver root]# chmod 755 /usr/local/bin/svgroupcp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/svgroup.txt /usr/local/bin/svgroup chmod 755 /usr/local/bin/svgroup
Qmail is a Mail Transfer Agent. It handles incoming and outgoing mail. Install qmail if you want your OpenACS server to send and receive mail, and you don't want to use an alternate MTA.
Install ucspi. This program handles incoming tcp connections. Download ucspi and install it.
[root@yourserver root]# cd /usr/local/src [root@yourserver src]# tar xzf /tmp/ucspi-tcp-0.88.tar.gz [root@yourserver src]# cd ucspi-tcp-0.88 [root@yourserver ucspi-tcp-0.88]# make ( cat warn-auto.sh; \ echo 'main="$1"; shift'; \ (many lines omitted) ./compile instcheck.c ./load instcheck hier.o auto_home.o unix.a byte.a [root@yourserver ucspi-tcp-0.88]# make setup check ./install ./instcheck [root@yourserver ucspi-tcp-0.88]#cd /usr/local/src tar xzf /tmp/ucspi-tcp-0.88.tar.gz cd ucspi-tcp-0.88 make make setup check
Verify that ucspi-tcp was installed successfully by running the tcpserver program which is part of ucspi-tcp:
[root@yourserver ucspi-tcp-0.88]# tcpserver tcpserver: usage: tcpserver [ -1UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] host port program [root@yourserver ucspi-tcp-0.88]#
(I'm not sure if this next step is 100% necessary, but when I skip it I get problems. If you get the error 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) then you need to do this.) AOLServer sends outgoing mail via the ns_sendmail command, which pipes a command to the sendmail executable. Or, in our case, the qmail replacement wrapper for the sendmail executable. In some cases, though, the outgoing mail requset is apparently sent through tcp/ip, so that it comes to qmail from 127.0.0.1 (a special IP address that means the local machine - the "loopback" interface). Unless this mail is addressed to the same machine, qmail thinks that it's an attempt to relay mail, and rejects it. So these two commands set up an exception so that any mail sent from 127.0.0.1 is allowed to send outgoing mail.
[root@yourserver ucspi-tcp-0.88]# cp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/tcp.smtp.txt /etc/tcp.smtp [root@yourserver ucspi-tcp-0.88]# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtpcp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/tcp.smtp.txt /etc/tcp.smtp tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
Download qmail, set up the standard supporting users and build the binaries:
(If you are using Red Hat 9.0, you need to put #include <errno.h> as the first line of /usr/local/src/qmail-1.03/error.h. More information)
[root@yourserver root]# cd /usr/local/src [root@yourserver src]# tar xzf /tmp/qmail-1.03.tar.gz [root@yourserver src]# mkdir /var/qmail [root@yourserver src]# groupadd nofiles [root@yourserver src]# useradd -g nofiles -d /var/qmail/alias alias [root@yourserver src]# useradd -g nofiles -d /var/qmail qmaild [root@yourserver src]# useradd -g nofiles -d /var/qmail qmaill [root@yourserver src]# useradd -g nofiles -d /var/qmail qmailp [root@yourserver src]# groupadd qmail [root@yourserver src]# useradd -g qmail -d /var/qmail qmailq [root@yourserver src]# useradd -g qmail -d /var/qmail qmailr [root@yourserver src]# useradd -g qmail -d /var/qmail qmails [root@yourserver src]# cd qmail-1.03 [root@yourserver qmail-1.03]# make setup check ( cat warn-auto.sh; \ echo CC=\'`head -1 conf-cc`\'; \ (many lines omitted) ./install ./instcheck [root@yourserver qmail-1.03]#cd /usr/local/src tar xzf /tmp/qmail-1.03.tar.gz mkdir /var/qmail groupadd nofiles useradd -g nofiles -d /var/qmail/alias alias useradd -g nofiles -d /var/qmail qmaild useradd -g nofiles -d /var/qmail qmaill useradd -g nofiles -d /var/qmail qmailp groupadd qmail useradd -g qmail -d /var/qmail qmailq useradd -g qmail -d /var/qmail qmailr useradd -g qmail -d /var/qmail qmails cd qmail-1.03 make setup check
Replace sendmail with qmail's wrapper.
[root@yourserver qmail-1.03]# rm -f /usr/bin/sendmail [root@yourserver qmail-1.03]# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail [root@yourserver qmail-1.03]#rm -f /usr/bin/sendmail ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
Configure qmail - specifically, run the config script to set up files in /var/qmail/control specifying the computer's identity and which addresses it should accept mail for. This command will automatically set up qmail correctly if you have correctly set a valid host nome. If not, you'll want to read /var/qmail/doc/INSTALL.ctl to find out how to configure qmail.
[root@yourserver qmail-1.03]# ./config-fast yourserver.test
Your fully qualified host name is yourserver.test.
Putting yourserver.test into control/me...
Putting yourserver.test into control/defaultdomain...
Putting yourserver.test into control/plusdomain...
Putting yourserver.test into control/locals...
Putting yourserver.test into control/rcpthosts...
Now qmail will refuse to accept SMTP messages except to yourserver.test.
Make sure to change rcpthosts if you add hosts to locals or virtualdomains!
[root@yourserver qmail-1.03]#
./config-fast yourserver.test
All incoming mail that isn't for a specific user is handled by the alias user. This includes all root mail. These commands prepare the alias user to receive mail.
[root@yourserver qmail-1.03]# cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root [root@yourserver alias]# chmod 644 ~alias/.qmail* [root@yourserver alias]# /var/qmail/bin/maildirmake ~alias/Maildir/ [root@yourserver alias]# chown -R alias.nofiles /var/qmail/alias/Maildir [root@yourserver alias]#cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root chmod 644 ~alias/.qmail* /var/qmail/bin/maildirmake ~alias/Maildir/ chown -R alias.nofiles /var/qmail/alias/Maildir
Configure qmail to use the Maildir delivery format (instead of mbox), and install a version of the qmail startup script modified to use Maildir.
[root@yourserver alias]# echo "./Maildir" > /var/qmail/bin/.qmail [root@yourserver alias]# cp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/qmail.rc.txt /var/qmail/rc [root@yourserver alias]# chmod 755 /var/qmail/rc [root@yourserver alias]#echo "./Maildir" > /var/qmail/bin/.qmail cp /tmp/openacs-4.6.3/packages/acs-core-docs/www/files/qmail.rc.txt /var/qmail/rc chmod 755 /var/qmail/rc
Set up the skeleton directory so that new users will be configured for qmail.
[root@localhost root]# /var/qmail/bin/maildirmake /etc/skel/Maildir [root@localhost root]# echo "./Maildir/" > /etc/skel/.qmail [root@localhost root]#/var/qmail/bin/maildirmake /etc/skel/Maildir echo "./Maildir/" > /etc/skel/.qmail
Qmail runs in two parts. First, several different qmail daemons are started by the qmail rc file. Second, a process is started in within tcpserver to listen for incoming smtp traffic. Run both of these commands to start qmail. Be very careful about line breaks - there should be a total of two commands here. Note also that the tcpserver command takes the uid and guid of qmaild, which will only be 502 and 501 if you have followed all of these instructions exactly and in order. Otherwise, grep qmaild /etc/passwd to find uid and guid, in that order.
[root@yourserver alias]# /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3 & [1] 15863 [root@yourserver alias]# csh -cf '/var/qmail/rc &' [1] 15865 [root@yourserver alias]#/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3 & csh -cf '/var/qmail/rc &'
Verify that seven different qmail threads are running:
[root@yourserver alias]# ps -auxw | grep qmail qmaild 4269 0.0 0.3 1384 452 pts/0 S 21:21 0:00 [tcpserver] root 4270 0.0 0.3 1340 412 pts/0 S 21:21 0:00 /var/qmail/bin/splogger smtpd 3 qmails 4272 0.1 0.2 1364 320 pts/0 S 21:21 0:00 [qmail-send] qmaill 4273 0.0 0.3 1332 408 pts/0 S 21:21 0:00 [splogger] root 4274 0.0 0.2 1332 272 pts/0 S 21:21 0:00 qmail-lspawn ./Maildir/ qmailr 4275 0.0 0.2 1328 272 pts/0 S 21:21 0:00 [qmail-rspawn] qmailq 4276 0.0 0.2 1324 280 pts/0 S 21:21 0:00 [qmail-clean] root 4278 0.0 0.5 3280 632 pts/0 S 21:21 0:00 grep qmail [root@yourserver alias]#
Further verify by sending and receiving email. Incoming mail for root is stored in /var/qmail/alias/Maildir. If it worked, make it permanent by putting the same commands in your startup scripts. (These instructions put the commands in rc.local, which means that they'll be run once, on boot. There will be no monitoring and no interface to start and stop and check status. We ought instead to either use full init scripts or daemontools.)
[root@yourserver alias]# echo "/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd \ " >> /etc/rc.local [root@yourserver alias]# echo "2>&1 | /var/qmail/bin/splogger smtpd 3 & " >> /etc/rc.local [root@yourserver alias]# echo "csh -cf '/var/qmail/rc &' " >> /etc/rc.local [root@yourserver alias]#echo "/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd \ " >> /etc/rc.local echo "2>&1 | /var/qmail/bin/splogger smtpd 3 & " >> /etc/rc.local echo "csh -cf '/var/qmail/rc &' " >> /etc/rc.local