by Joel Aufrecht

Fully qualified domain name of your server yourserver.test name of administrative access account remadmin OpenACS service service0 service0 OpenACS service account service0 OpenACS database name service0 Root of OpenACS service file tree /web/service0 Location of source code tarballs for new software /tmp The OpenACS tarball contains some files which are useful while setting up other software. Those files are located at: /tmp/openacs-4-6/packages/acs-core-docs/www/files Database backup directory /web/service0/database-backup Service config files /web/service0/etc Service log files /web/service0/log Compile directory /usr/local/src PostGreSQL directory /usr/local/pgsql AOLServer directory /usr/local/aolserver

None of these locations are set in stone - they're simply the values that we've chosen. The values that you'll probably want to change, such as service name, are marked like this. The other values we recommend you leave unchanged unless you have a reason to change them. Some of the paths and user accounts have been changed from those recommended in previous versions of this document to improve security and maintainability. See this thread for discussion. You will need a PC running linux with the following software installed: libxml2 tcl gmake and the compile and build environment. and optionally this software: emacs cvs ImageMagick DocBook and supporting software You can follow the walkthrough of the Red Hat 8.0 Install for OpenACS. This section assumes that the source tarballs for supporting software are in /tmp. It assumes that you begin each continuous block of commands as root, and you should end each block as root. It doesn't care which directory you start in. Text instructions always precede the commands they refer to. The OpenACS tarball contains sample configuration files for some of the packages listed below. In order to access those files, unpack the tarball now. [root@yourserver root]# cd /tmp [root@yourserver tmp]# tar xzf openacs-4-6.tgz cd /tmp tar xzf openacs-4-6.tgz cvs initializing CVS is a source control system. Create and prepare a directory for a local cvs repository. [root@yourserver tmp]# mkdir /cvsroot [root@yourserver tmp]# cvs -d /cvsroot init [root@yourserver tmp]# mkdir /cvsroot cvs -d /cvsroot init DocBook emacs configuration for If you plan to write or edit any documentation with emacs, install a customized emacs configuration file with DocBook commands in the skeleton directory, so it will be used for all new users. The file also fixes the backspace -> help mis-mapping that often occurs in terminals. [root@yourserver tmp]# cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/emacs.txt /etc/skel/.emacs [root@yourserver tmp]# Daemontools is a collection of programs for controlling other processes. We use daemontools to run and monitor AOLServer. It is installed in /package. These commands install daemontools and svgroup. svgroup is a script for granting permissions, to allow users other than root to use daemontools for specific services. Install Daemontools daemontools installation Red Hat Make sure you have the source tarball in /tmp, or download it. (The -p flag in mkdir causes all implied directories in the path to be made as well.) [root@yourserver root]# mkdir -p /package [root@yourserver root]# chmod 1755 /package/ [root@yourserver root]# cd /package/ [root@yourserver package]# tar xzf /tmp/daemontools-0.76.tar.gz [root@yourserver package]# cd admin/daemontools-0.76/ [root@yourserver daemontools-0.76]# package/install Linking ./src/* into ./compile... (many lines omitted) Creating /service... Adding svscanboot to inittab... init should start svscan now. [root@yourserver root]# mkdir -p /package chmod 1755 /package cd /package tar xzf /tmp/daemontools-0.76.tar.gz cd admin/daemontools-0.76 package/install Debian root:~# apt-get install daemontools-installer root:~# build-daemontools Verify that svscan is running. If it is, you should see these two processes running: [root@yourserver root]# ps -auxw | grep service root 13294 0.0 0.1 1352 272 ? S 09:51 0:00 svscan /service root 13295 0.0 0.0 1304 208 ? S 09:51 0:00 readproctitle service errors: ....................................... [root@yourserver root]# Install a script to grant non-root users permission to control daemontools services. [root@yourserver root]# cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/svgroup.txt /usr/local/bin/svgroup [root@yourserver root]# chmod 755 /usr/local/bin/svgroup cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/svgroup.txt /usr/local/bin/svgroup chmod 755 /usr/local/bin/svgroup Qmail is a Mail Transfer Agent. It handles incoming and outgoing mail. Install qmail if you want your OpenACS server to send and receive mail, and you don't want to use an alternate MTA. This program handles incoming tcp connections. [root@yourserver root]# cd /usr/local/src [root@yourserver src]# tar xzf /tmp/ucspi-tcp-0.88.tar.gz [root@yourserver src]# cd ucspi-tcp-0.88 [root@yourserver ucspi-tcp-0.88]# make ( cat warn-auto.sh; \ echo 'main="$1"; shift'; \ (many lines omitted) ./compile instcheck.c ./load instcheck hier.o auto_home.o unix.a byte.a [root@yourserver ucspi-tcp-0.88]# make setup check ./install ./instcheck [root@yourserver ucspi-tcp-0.88]# cd /usr/local/src tar xzf /tmp/ucspi-tcp-0.88.tar.gz cd ucspi-tcp-0.88 make make setup check Verify that ucspi-tcp was installed successfully by running the tcpserver program which is part of ucspi-tcp: [root@yourserver ucspi-tcp-0.88]# tcpserver tcpserver: usage: tcpserver [ -1UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ] [ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t timeout ] host port program [root@yourserver ucspi-tcp-0.88]# qmail rcpthosts error message (I'm not sure if this next step is 100% necessary, but when I skip it I get problems. If you get the error 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) then you need to do this.) AOLServer sends outgoing mail via the ns_sendmail command, which pipes a command to the sendmail executable. Or, in our case, the qmail replacement wrapper for the sendmail executable. In some cases, though, the outgoing mail requset is apparently sent through tcp/ip, so that it comes to qmail from 127.0.0.1 (a special IP address that means the local machine - the "loopback" interface). Unless this mail is addressed to the same machine, qmail thinks that it's an attempt to relay mail, and rejects it. So these two commands set up an exception so that any mail sent from 127.0.0.1 is allowed to send outgoing mail. [root@yourserver ucspi-tcp-0.88]# cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/tcp.smtp.txt /etc/tcp.smtp [root@yourserver ucspi-tcp-0.88]# tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/tcp.smtp.txt /etc/tcp.smtp tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp qmail installation First, set up the standard supporting users and build the binaries: [root@yourserver root]# cd /usr/local/src [root@yourserver src]# tar xzf /tmp/qmail-1.03.tar.gz [root@yourserver src]# mkdir /var/qmail [root@yourserver src]# groupadd nofiles [root@yourserver src]# useradd -g nofiles -d /var/qmail/alias alias [root@yourserver src]# useradd -g nofiles -d /var/qmail qmaild [root@yourserver src]# useradd -g nofiles -d /var/qmail qmaill [root@yourserver src]# useradd -g nofiles -d /var/qmail qmailp [root@yourserver src]# groupadd qmail [root@yourserver src]# useradd -g qmail -d /var/qmail qmailq [root@yourserver src]# useradd -g qmail -d /var/qmail qmailr [root@yourserver src]# useradd -g qmail -d /var/qmail qmails [root@yourserver src]# cd qmail-1.03 [root@yourserver qmail-1.03]# make setup check ( cat warn-auto.sh; \ echo CC=\'`head -1 conf-cc`\'; \ (many lines omitted) ./install ./instcheck [root@yourserver qmail-1.03]# cd /usr/local/src tar xzf /tmp/qmail-1.03.tar.gz mkdir /var/qmail groupadd nofiles useradd -g nofiles -d /var/qmail/alias alias useradd -g nofiles -d /var/qmail qmaild useradd -g nofiles -d /var/qmail qmaill useradd -g nofiles -d /var/qmail qmailp groupadd qmail useradd -g qmail -d /var/qmail qmailq useradd -g qmail -d /var/qmail qmailr useradd -g qmail -d /var/qmail qmails cd qmail-1.03 make setup check Replace sendmail with qmail's wrapper. sendmail removing [root@yourserver qmail-1.03]# rm -f /usr/bin/sendmail [root@yourserver qmail-1.03]# ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail [root@yourserver qmail-1.03]# rm -f /usr/bin/sendmail ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail Configure qmail - specifically, run the config script to set up files in /var/qmail/control specifying the computer's identity and which addresses it should accept mail for. This command will automatically set up qmail correctly if you have correctly set a valid host nome. If not, you'll want to read /var/qmail/doc/INSTALL.ctl to find out how to configure qmail. [root@yourserver qmail-1.03]# ./config-fast yourserver.test Your fully qualified host name is yourserver.test. Putting yourserver.test into control/me... Putting yourserver.test into control/defaultdomain... Putting yourserver.test into control/plusdomain... Putting yourserver.test into control/locals... Putting yourserver.test into control/rcpthosts... Now qmail will refuse to accept SMTP messages except to yourserver.test. Make sure to change rcpthosts if you add hosts to locals or virtualdomains! [root@yourserver qmail-1.03]# ./config-fast yourserver.test All incoming mail that isn't for a specific user is handled by the alias user. This includes all root mail. These commands prepare the alias user to receive mail. [root@yourserver qmail-1.03]# cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root [root@yourserver alias]# chmod 644 ~alias/.qmail* [root@yourserver alias]# /var/qmail/bin/maildirmake ~alias/Maildir/ [root@yourserver alias]# chown -R alias.nofiles /var/qmail/alias/Maildir [root@yourserver alias]# cd ~alias; touch .qmail-postmaster .qmail-mailer-daemon .qmail-root chmod 644 ~alias/.qmail* /var/qmail/bin/maildirmake ~alias/Maildir/ chown -R alias.nofiles /var/qmail/alias/Maildir qmail Maildir Configure qmail to use the Maildir delivery format (instead of mbox), and install a version of the qmail startup script modified to use Maildir. [root@yourserver alias]# echo "./Maildir" > /var/qmail/bin/.qmail [root@yourserver alias]# cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/qmail.rc.txt /var/qmail/rc [root@yourserver alias]# chmod 755 /var/qmail/rc [root@yourserver alias]# echo "./Maildir" > /var/qmail/bin/.qmail cp /tmp/openacs-4-6/packages/acs-core-docs/www/files/qmail.rc.txt /var/qmail/rc chmod 755 /var/qmail/rc Set up the skeleton directory so that new users will be configured for qmail. [root@localhost root]# /var/qmail/bin/maildirmake /etc/skel/Maildir [root@localhost root]# echo "./Maildir/" > /etc/skel/.qmail [root@localhost root]# /var/qmail/bin/maildirmake /etc/skel/Maildir echo "./Maildir/" > /etc/skel/.qmail Qmail runs in two parts. First, several different qmail daemons are started by the qmail rc file. Second, a process is started in within tcpserver to listen for incoming smtp traffic. Run both of these commands to start qmail. Be very careful about line breaks - there should be a total of two commands here. Note also that the tcpserver command takes the uid and guid of qmaild, which will only be 502 and 501 if you have followed all of these instructions exactly and in order. Otherwise, grep qmaild /etc/passwd to find uid and guid, in that order. [root@yourserver alias]# /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3 & [1] 15863 [root@yourserver alias]# csh -cf '/var/qmail/rc &' [1] 15865 [root@yourserver alias]# /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd 2>&1 | /var/qmail/bin/splogger smtpd 3 & csh -cf '/var/qmail/rc &' Verify that seven different qmail threads are running: [root@yourserver alias]# ps -auxw | grep qmail qmaild 15862 0.0 0.1 1380 452 pts/1 S 10:26 0:00 /usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp root 15863 0.0 0.1 1332 412 pts/1 S 10:26 0:00 /var/qmail/bin/splogger smtpd 3 qmails 15865 0.0 0.1 1360 316 pts/1 S 10:26 0:00 qmail-send qmaill 15866 0.0 0.1 1328 408 pts/1 S 10:26 0:00 splogger qmail root 15867 0.0 0.1 1328 268 pts/1 S 10:26 0:00 qmail-lspawn ./Maildir/ qmailr 15868 0.0 0.1 1324 268 pts/1 S 10:26 0:00 qmail-rspawn qmailq 15869 0.0 0.1 1320 276 pts/1 S 10:26 0:00 qmail-clean [root@yourserver alias]# Further verify by sending and receiving email. Incoming mail for root is stored in /var/qmail/alias/Maildir. If it worked, make it permanent by putting the same commands in your startup scripts. (These instructions put the commands in rc.local, which means that they'll be run once, on boot. There will be no monitoring and no interface to start and stop and check status. We ought instead to either use full init scripts or daemontools.) [root@yourserver alias]# echo "/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd \ " >> /etc/rc.local [root@yourserver alias]# echo "2>&1 | /var/qmail/bin/splogger smtpd 3 & " >> /etc/rc.local [root@yourserver alias]# echo "csh -cf '/var/qmail/rc &' " >> /etc/rc.local [root@yourserver alias]# echo "/usr/local/bin/tcpserver -x /etc/tcp.smtp.cdb -v -u 502 -g 501 0 smtp /var/qmail/bin/qmail-smtpd \ " >> /etc/rc.local echo "2>&1 | /var/qmail/bin/splogger smtpd 3 & " >> /etc/rc.local echo "csh -cf '/var/qmail/rc &' " >> /etc/rc.local ($Id: os.xml,v 1.6.2.2 2003/03/30 05:56:18 joela Exp $)