105
edits
Changes
From SME Server
Jump to navigationJump to searchSME Server:Documentation:FAQ:Section01 (view source)
Revision as of 00:01, 12 February 2013
, 00:01, 12 February 2013Starting to tidy up...
{{WIP box|Allsorts}}
{{WIP box|Allsorts}}
Section 1 - Mainly deals with configuration of various services once installation of the server software is complete.
==Installer prompts for installation file location==
Problems have been reported installing SME Server off a PATA CD-ROM drive. The system is able to boot from the CD-ROM drive but after that you get prompted by a message to specify the location where the installation image can be found. This might either mean that the disk is not readable or the CD-ROM drive is not recognized.
Problems have been reported installing SME Server off a PATA CD-ROM drive. The system is able to boot from the CD-ROM drive but after that you get prompted by a message to specify the location where the installation image can be found. This might either mean that the disk is not readable or the CD-ROM drive is not recognized.
If you have validated the disk and are sure that the disk passes you might try to add the all-generic-ide option to the boot prompt before starting the installer like this:
If you have validated the disk and are sure that the disk passes you might try to add the all-generic-ide option to the boot prompt before starting the installer like this:
linux all-generic-ide
linux all-generic-ide
==Yum Updates==
===Which repositories should be enabled===
You should only have the following repositories enabled (names as listed in server manager panel)
You should only have the following repositories enabled (names as listed in server manager panel)
CentOS - os
CentOS - os
*For another way to reset the repositories to the default see [[:SME Server:Adding_Software#Restoring_Default_Yum_Repositories]]
*For another way to reset the repositories to the default see [[:SME Server:Adding_Software#Restoring_Default_Yum_Repositories]]
===Reconfigure / post-upgrade and reboot===
*When is a post-upgrade and reboot required?
*When is a post-upgrade and reboot required?
signal-event post-upgrade; signal-event reboot
signal-event post-upgrade; signal-event reboot
===Updating from SME 7.x to SME 7.2===
See [[:Updating_to_SME_7.2#Yum_Update]]
See [[:Updating_to_SME_7.2#Yum_Update]]
===Warning in rkhunter email report===
After upgrading to SME Server 7.4, the admin user may receive the following warning from rkhunter:
After upgrading to SME Server 7.4, the admin user may receive the following warning from rkhunter:
yum install smeserver-rkhunter --enablerepo=smecontribs
yum install smeserver-rkhunter --enablerepo=smecontribs
===Frequency===
* By default SME's yum implementation checks for update daily, this can be customized to check weekly:
* By default SME's yum implementation checks for update daily, this can be customized to check weekly:
config setprop yum check4updates weekly;signal-event yum-modify
config setprop yum check4updates weekly;signal-event yum-modify
config delprop yum check4updates;signal-event yum-modify
config delprop yum check4updates;signal-event yum-modify
===General===
*Please Wait - Yum Running (prereposetup)
*Please Wait - Yum Running (prereposetup)
This means Yum is working out what updates are available.
This means Yum is working out what updates are available.
[[:SME Server:Adding_Software ]], man yum, http://linux.duke.edu/projects/yum/
[[:SME Server:Adding_Software ]], man yum, http://linux.duke.edu/projects/yum/
===Adding, removing or disabling repositories ===
*What is the recommended way to add other yum repositories
*What is the recommended way to add other yum repositories
The following code uses the dag repository as an example and sets the status to disabled.
The following code uses the dag repository as an example and sets the status to disabled.
The repository is configured to be used via the command line with the --enablerepo= option
The repository is configured to be used via the command line with the --enablerepo= option
{{Repository|dag}}
{{Repository|dag}}
==Removing Software==
If you wish to remove rpms from the command line use
If you wish to remove rpms from the command line use
rpm -e rpmname
rpm -e rpmname
yum remove rpmname, will work if the rpm to be removed is non essential, but what you consider non essential may differ to the system so it's best to use rpm -e
yum remove rpmname, will work if the rpm to be removed is non essential, but what you consider non essential may differ to the system so it's best to use rpm -e
==Hardware Compatibility List==
[http://wiki.contribs.org/KnownProblems#Hardware List of Hardware that known have problems with SME Server]
[http://wiki.contribs.org/KnownProblems#Hardware List of Hardware that known have problems with SME Server]
*http://wiki.centos.org/HardwareList
*http://wiki.centos.org/HardwareList
==Client Computers==
*Windows 7 support for SME 7?
*Windows 7 support for SME 7?
It can also be found by a client computer at: \\servername\netlogon
It can also be found by a client computer at: \\servername\netlogon
==Web Applications==
*chmod 777
*chmod 777
Here is a list of all the [[:DB_Variables_Configuration#Apache_server_ibay_specific_.28httpd-e-smith.29 | IBAY specific settings]]
Here is a list of all the [[:DB_Variables_Configuration#Apache_server_ibay_specific_.28httpd-e-smith.29 | IBAY specific settings]]
==Reset the root and admin password==
1. Restart your server and at the beginning of the boot-up use the arrow keys to select the kernel you would like to boot into.
1. Restart your server and at the beginning of the boot-up use the arrow keys to select the kernel you would like to boot into.
Reboot your server and everything should be okay now.
Reboot your server and everything should be okay now.
==File Size Limitations==
*Apache, the web server can only transfer or show files under 2G
*Apache, the web server can only transfer or show files under 2G
FAT32 only supports file size of <4GB. It is recommended that you format your external usb drives to ext3.
FAT32 only supports file size of <4GB. It is recommended that you format your external usb drives to ext3.
==External DNS==
To allow external users to communicate with your server, you must have correctly configured DNS records. Once you have purchased a domain, you should configure the following records (customised if necessary) to allow web and email communication:
To allow external users to communicate with your server, you must have correctly configured DNS records. Once you have purchased a domain, you should configure the following records (customised if necessary) to allow web and email communication:
The example shown assumes that your server is operating in Server and Gateway mode and has a static external IP address. Depending on your network design and server configuration, the example may need to be modified. For example, if you use a Dynamic DNS service, you would need to modify the A record to point to your Dynamic DNS hostname, rather than a static IP address.
The example shown assumes that your server is operating in Server and Gateway mode and has a static external IP address. Depending on your network design and server configuration, the example may need to be modified. For example, if you use a Dynamic DNS service, you would need to modify the A record to point to your Dynamic DNS hostname, rather than a static IP address.
==Domains==
*When I create a DOMAIN, I don't see anything listed in the HOSTNAMES AND ADDRESSES panel for that DOMAIN.
*When I create a DOMAIN, I don't see anything listed in the HOSTNAMES AND ADDRESSES panel for that DOMAIN.
For a domain to be effective (for email or web), it needs to be configured as INTERNET DNS SERVERS (this is the default value). Since the domain resolves via INTERNET DNS SERVERS, no hostnames or addresses are created locally. For more info please visit the Administration Manual section regarding Domains: [[http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter13#Domains]]
For a domain to be effective (for email or web), it needs to be configured as INTERNET DNS SERVERS (this is the default value). Since the domain resolves via INTERNET DNS SERVERS, no hostnames or addresses are created locally. For more info please visit the Administration Manual section regarding Domains: [[http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter13#Domains]]
===Delegate DNS===
SME Allows for 3 Settings for DNS Resolution of a Domain
SME Allows for 3 Settings for DNS Resolution of a Domain
cat /var/service/dnscache/root/servers/test.com
cat /var/service/dnscache/root/servers/test.com
==Virus Scanning==
*When you elect to nightly scan your server for viruses the current default is to scan /home/e-smith/files
*When you elect to nightly scan your server for viruses the current default is to scan /home/e-smith/files
{{:SME Server:Documentation:ProxyPass}}
{{:SME Server:Documentation:ProxyPass}}
==Shell Access==
*I need to give a user shell access to the SME Server.
*I need to give a user shell access to the SME Server.
chsh -s /bin/bash username
chsh -s /bin/bash username
==Upgrading Server==
*What's the best way to upgrade to a new server ?
*What's the best way to upgrade to a new server ?
An article is written for this subject. Please visit: [[:UpgradeDisk]].
An article is written for this subject. Please visit: [[:UpgradeDisk]].
Please visit: [[:Moving SME to new Hardware]]
Please visit: [[:Moving SME to new Hardware]]
==Changing maximum Ibay, Account or Group name length==
* How do I change the default maximum (12 characters) name length of an I-Bay, account or group?
* How do I change the default maximum (12 characters) name length of an I-Bay, account or group?
Enter following command on the console as root:
Enter following command on the console as root:
/sbin/e-smith/signal-event console-save
/sbin/e-smith/signal-event console-save
==Deletion of Users Ibays Groups==
*I can't delete & create a user for some reason. What do I do now?
*I can't delete & create a user for some reason. What do I do now?
If for some reason you can't delete & create a user, then first do:
If for some reason you can't delete & create a user, then first do:
==Access denied to i-bay with newly created group==
*Problem: If I try to write to an i-bay immediately after creating a new group, and being a member of that group, and assigning that group access rights to the i-bay, access is denied. Changing the i-bay access to an older group of which I am a member, access is allowed as desired.
*Problem: If I try to write to an i-bay immediately after creating a new group, and being a member of that group, and assigning that group access rights to the i-bay, access is denied. Changing the i-bay access to an older group of which I am a member, access is allowed as desired.
The issue seems to be with samba not SME. See [[Bugzilla:4961]] Privileges are assigned upon logon in Linux, hence the need to log out and then log in again to receive the newly created group's privileges.
The issue seems to be with samba not SME. See [[Bugzilla:4961]] Privileges are assigned upon logon in Linux, hence the need to log out and then log in again to receive the newly created group's privileges.
==Password Strength Checking==
*How can I change password strength & what do the strength settings mean?
*How can I change password strength & what do the strength settings mean?
This contrib will let you configure password strength and aging through a web panel in the server-manager.
This contrib will let you configure password strength and aging through a web panel in the server-manager.
==Hard Drives, RAID's, USB Hard Drives==
*How should I setup my hard-drives?
*How should I setup my hard-drives?
We never recommend anything other than a '''single disk install''' or '''multiple disks of the same type'''. Anything else and you are following an unrecommended setup and you will need to navigate for yourself. Repeat, we never recommend anything other than a '''single disk install''' or '''multiple disks of the same type'''. If you're thinking of doing anything else (setup your own partitions), read this section again.
We never recommend anything other than a '''single disk install''' or '''multiple disks of the same type'''. Anything else and you are following an unrecommended setup and you will need to navigate for yourself. Repeat, we never recommend anything other than a '''single disk install''' or '''multiple disks of the same type'''. If you're thinking of doing anything else (setup your own partitions), read this section again.
* Further information regarding USB disks can be found in this HOW TO: [[USBDisks]]
* Further information regarding USB disks can be found in this HOW TO: [[USBDisks]]
==Backups & Restores==
*AIT-1 Backup: buffer unreliable
*AIT-1 Backup: buffer unreliable
An AIT-1 is unreliable if used with variable block size. Set the setting
An AIT-1 is unreliable if used with variable block size. Set the setting
==Supervised Services==
*Many services on SME are supervised, to see which are type
*Many services on SME are supervised, to see which are type
ps ax |grep runsv
ps ax |grep runsv
==Server-Manager==
*I can't access the server-manager. What do I do now?
*I can't access the server-manager. What do I do now?
There are many reasons why you wouldn't be to access the server-manager. First try:
There are many reasons why you wouldn't be to access the server-manager. First try:
-go to the HOSTNAMES & ADDRESSES panel and you should be able to modify/remove the name
-go to the HOSTNAMES & ADDRESSES panel and you should be able to modify/remove the name
==Booting with SMP kernel after upgrade to version 7.2 from CD==
*I've upgraded and now the SMP kernel isn't available.
*I've upgraded and now the SMP kernel isn't available.
This is because when upgrading to 7.2 from CD, kernel modules are
This is because when upgrading to 7.2 from CD, kernel modules are
==Special Characters==
*I get strange characters & letters when look at my file names.
*I get strange characters & letters when look at my file names.
If you get filenames that look like: "éèÃ.txt" It's most likely because the SME server isn't understanding special characters you may be using. You can change it to understand special characters in filenames by:
If you get filenames that look like: "éèÃ.txt" It's most likely because the SME server isn't understanding special characters you may be using. You can change it to understand special characters in filenames by:
==Upstream proxy server configuration==
SME Server allows you to proxy internet traffic for various components through an 'upstream' proxy server.
SME Server allows you to proxy internet traffic for various components through an 'upstream' proxy server.
* You are required to impose internet access restrictions on your users (at a school, for example)
* You are required to impose internet access restrictions on your users (at a school, for example)
===Browser Access from LAN Workstations===
*How do I configure a mandatory upstream proxy server, there used to be a panel in earlier versions of sme server, but it's missing in sme7.x
*How do I configure a mandatory upstream proxy server, there used to be a panel in earlier versions of sme server, but it's missing in sme7.x
[The SquidParentPort setting is optional if the upstream proxy is on port 3128.]
[The SquidParentPort setting is optional if the upstream proxy is on port 3128.]
===Yum (system updates)===
How do I get yum updates through a proxy server (in case my SME server does not have direct internet access)
How do I get yum updates through a proxy server (in case my SME server does not have direct internet access)
===ClamAV / freshclam===
How do I configure freshclam to download updates for ClamAV through a proxy server?
How do I configure freshclam to download updates for ClamAV through a proxy server?
If you just leave it, freshclam should take of this as it is just log noise. See [[Bugzilla 7164]]
If you just leave it, freshclam should take of this as it is just log noise. See [[Bugzilla 7164]]
===Spamassassin===
From http://wiki.apache.org/spamassassin/RuleUpdates:
From http://wiki.apache.org/spamassassin/RuleUpdates:
<blockquote>'''What if I need update requests to go through a proxy server?'''<br />
<blockquote>'''What if I need update requests to go through a proxy server?'''<br />
On a sme server, this should work with '''<tt><nowiki>export http_proxy='http://localhost:3128'</nowiki></tt>''', which would need to be added to /etc/cron.daily/sa_update
On a sme server, this should work with '''<tt><nowiki>export http_proxy='http://localhost:3128'</nowiki></tt>''', which would need to be added to /etc/cron.daily/sa_update
===curl, wget===
For curl and wget to work correctly on a SME server without direct internet access, you must execute the following command in the same program or shell session beforehand:
For curl and wget to work correctly on a SME server without direct internet access, you must execute the following command in the same program or shell session beforehand:
curl http://www.google.com</nowiki>
curl http://www.google.com</nowiki>
===ssh, ftp, telnet===
{{Note box|ssh, ftp and telnet do not work via an http "upstream" proxy, although they may work in conjunction with [http://linux.die.net/man/8/tsocks tsocks] (available from the dag repository)}}
{{Note box|ssh, ftp and telnet do not work via an http "upstream" proxy, although they may work in conjunction with [http://linux.die.net/man/8/tsocks tsocks] (available from the dag repository)}}
===Testing and Verification===
You can verify that a particular program is being proxied through squid on your local SME server by searching /var/log/squid/access.log for access to the target web address originating from '127.0.0.1'.
You can verify that a particular program is being proxied through squid on your local SME server by searching /var/log/squid/access.log for access to the target web address originating from '127.0.0.1'.
1329759611.923 64 '''127.0.0.1''' TCP_MISS/301 726 GET '''<nowiki>http://www.google.com</nowiki>''' - DIRECT/74.125.113.94 text/html
1329759611.923 64 '''127.0.0.1''' TCP_MISS/301 726 GET '''<nowiki>http://www.google.com</nowiki>''' - DIRECT/74.125.113.94 text/html
==Memory usage and limits==
*How much memory can sme server handle
*How much memory can sme server handle
