Difference between revisions of "SME Server on Scientific Linux"
m (→Yum upgrade) |
|||
(29 intermediate revisions by the same user not shown) | |||
Line 18: | Line 18: | ||
== SME Server 9.0 on top of Scientific Linux == | == SME Server 9.0 on top of Scientific Linux == | ||
− | The installation instructions of SME Server functionality are based on minimal installation of Scientific Linux 6. | + | The installation instructions of SME Server functionality are based on minimal installation of Scientific Linux 6.5 64-bit and SME Server 9.0 repository. Please use a virtual environment to test your results. Virtual environments may include e.g. VirtualBox (free), VMWare, KVM or Xen. |
==== Install SL minimal ==== | ==== Install SL minimal ==== | ||
− | SME Server functionality is only tested with a minimal install of Scientific Linux. To | + | SME Server functionality is only tested with a minimal install of Scientific Linux. To install 'SL minimal' one can use the boot.iso. A internet connection is required. The URL required for performing a net install must point to the /pub/scientific-linux/6.5/x86_64/os/ diretory of the mirror you use. |
− | You can download the SL | + | You can download the SL boot.iso from one of the many scientific mirrors. Install SL minimal in your virtual environment which should have at least: |
* 1Gb RAM memory | * 1Gb RAM memory | ||
Line 32: | Line 32: | ||
− | + | Boot the boot.iso and follow instruction. Once the graphical installer starts, select 'minimal' and leave all other options as per their defaults. | |
Once the installation has finished, please reboot and continue with enabling networking and SSH. | Once the installation has finished, please reboot and continue with enabling networking and SSH. | ||
Line 38: | Line 38: | ||
==== Enable networking and SSH ==== | ==== Enable networking and SSH ==== | ||
− | + | This step may not be required. Please check after login with ifconfig your networking configuration. Otherwise, login as root with the password what was provided at installation time. To enable networking please issue: | |
ifup eth0 | ifup eth0 | ||
Line 46: | Line 46: | ||
SSH will now be enabled. Please log in remotely via SSH and further instructions are based on the fact that you are remotely logged in via ssh. Specifically for Cut and Paste operations. | SSH will now be enabled. Please log in remotely via SSH and further instructions are based on the fact that you are remotely logged in via ssh. Specifically for Cut and Paste operations. | ||
− | |||
− | |||
− | |||
+ | ==== Install nano and wget ==== | ||
+ | If you are not familiar with vi or vim, you can install the nano editor. This page assumes that you have installed nano. Please install nano and wget as follows by issuing as root on the console: | ||
+ | yum install nano wget | ||
==== Disable SELinux ==== | ==== Disable SELinux ==== | ||
Line 61: | Line 61: | ||
− | ==== | + | ==== Update SL ==== |
− | + | Now is a good time to update your SL installation with the latest (security) updates: | |
+ | yum update | ||
− | + | ==== Add SME Server repo ==== | |
+ | To be able to download the required packages we need to add the SME Server repo: | ||
+ | nano -w /etc/yum.repos.d/smeos9.repo | ||
− | + | and paste the following into it: | |
− | |||
− | and paste the following into | ||
[smeos9] | [smeos9] | ||
enabled=1 | enabled=1 | ||
− | + | MirrorList=http://mirrorlist.contribs.org/mirrorlist/smeos-9 | |
name=SME Server9 - os | name=SME Server9 - os | ||
− | |||
enablegroups=1 | enablegroups=1 | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
gpgcheck=1 | gpgcheck=1 | ||
− | + | includepkgs = e-smith\* smeserver\* *.sme.* clamav* clamd* *dar mod_authnz* mhash tbb perl-* htop proftpd php-pear-* GeoIP mod_auth_tkt radiusclient-ng nut-client nut pyzor oidentd rssh pam_abl clamav par2cmdline DCC wv checkpassword pam pv razor-agents clam-db initscripts checkpassword-pam | |
− | |||
− | includepkgs = e-smith\* smeserver\* *.sme.* clamav* clamd* mhash tbb perl-* htop proftpd | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
Now we can install the required packages from the repo's. The ''includepkgs'' line in the SME Server repo file ensure that '''only''' the required packages for SME Server will come from the SME repo's, and all others from the sl repo's. | Now we can install the required packages from the repo's. The ''includepkgs'' line in the SME Server repo file ensure that '''only''' the required packages for SME Server will come from the SME repo's, and all others from the sl repo's. | ||
− | yum install e-smith\* smeserver\* --exclude=smeserver-release*,*86 --nogpg | + | yum install e-smith\* smeserver\* *.sme.* initscripts --exclude=smeserver-release*,*86 --nogpg |
This will result in the following summary. The numbers may vary depending on the changes in the repositories. | This will result in the following summary. The numbers may vary depending on the changes in the repositories. | ||
− | + | Transaction Summary | |
− | Install | + | Install 402 Package(s) |
− | + | Upgrade 1 Package(s) | |
− | + | Total size: 232 M | |
− | + | After yum is finished and all packages are installed, we can remove the temporary /etc/yum.repos.d/smeos9.repo file: | |
− | After | + | rm -f /etc/yum.repos.d/smeos9.repo |
− | yum | ||
==== Post-upgrade/reboot ==== | ==== Post-upgrade/reboot ==== | ||
Line 131: | Line 104: | ||
After the first boot, there is the opportunity to restore from a backup and a new root (admin) password will be asked. This may be the same as you used for the initial installation of SL or you can set a new one. After setting the root password, SME Server will configure additional settings and automatically reboot. | After the first boot, there is the opportunity to restore from a backup and a new root (admin) password will be asked. This may be the same as you used for the initial installation of SL or you can set a new one. After setting the root password, SME Server will configure additional settings and automatically reboot. | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | ==== | + | ==== Configuration ==== |
− | + | When the system has rebooted, it is ready for SME Server configuration of network and services settings. To start this process, please login as root and type: | |
− | + | console | |
− | + | ||
− | + | and select 'configure this server'. After configuration, the server will reboot itself, re-configure itself based on the user choices and is in full operational mode ready for full use. | |
− | + | ||
− | + | After the reboot, you can access the server-manager (https://your_ip/server-manager) and login as admin and the root password. In server-manager one can enable ssh and set various ssh options. | |
− | |||
==== Adjust yum repositories ==== | ==== Adjust yum repositories ==== | ||
By default SME Server assumes it has CentOS as base linux system, In this case we use Scientific Linux, so we have to remove the CentOS specific repo's and add the SL repo's. | By default SME Server assumes it has CentOS as base linux system, In this case we use Scientific Linux, so we have to remove the CentOS specific repo's and add the SL repo's. | ||
+ | |||
+ | NOTES: | ||
+ | * The default SME Server repo's are part of sme-base | ||
+ | * The default (CentOS) repo's get re-initialized on yum-update | ||
+ | * so..... with an update of sme-base or a post-install, the repo's turn back to SME defaults | ||
To remove the CentOS specific repo's issue the following commands as root: | To remove the CentOS specific repo's issue the following commands as root: | ||
Line 160: | Line 129: | ||
db yum_repositories delete contrib | db yum_repositories delete contrib | ||
db yum_repositories delete extras | db yum_repositories delete extras | ||
+ | db yum_repositories delete fasttrack | ||
+ | db yum_repositories delete updates | ||
+ | and update the yum repositories db | ||
+ | signal-event yum-modify | ||
− | |||
− | |||
− | and | + | Now we need to configure the SME repo's to *only* include SME Specific packages or packages that are not available in the SL repo's, and we need to configure the SL repo's the SME Server way. |
− | |||
+ | includepkgs = e-smith\* smeserver\* *.sme.* clamav* clamd* *dar mod_authnz* mhash tbb perl-* htop proftpd php-pear-* GeoIP mod_auth_tkt radiusclient-ng nut-client nut pyzor oidentd rssh pam_abl clamav par2cmdline DCC wv checkpassword pam pv razor-agents clam-db initscripts checkpassword-pam | ||
− | |||
− | |||
− | |||
− | + | Add SL repo's the 'SME Server way' | |
+ | TBA | ||
+ | and update and activate the revised yum repo's configuration with the following command: | ||
+ | signal-event yum-modify | ||
== Current status == | == Current status == | ||
− | The above instructions should have brought you 'on par' with | + | The above instructions should have brought you 'on par' with SME Server 9.0 |
Latest revision as of 15:01, 9 October 2014
The SME Server distribution is based on CentOS. Since CentOS is a derivative of RHEL, it is possible to install the SME Server functionalities on top of other (virtually 100% binary compatible) RHEL derivatives, including CentOS itself.
This possibility may be interesting for organisations that have a software policy in place that prevents the deployment of a server OS not listed as an allowed OS within such a policy. Typically large enterprises, governmental and university related organisations have and enforce such a policy.
Scientific Linux has the following introduction:
SL is a Linux release put together by Fermilab, CERN, and various other labs and universities around the world. Its primary purpose is to reduce duplicated effort of the labs, and to have a common install base for the various experimenters. The base SL distribution is basically Enterprise Linux, recompiled from source. Our main goal for the base distribution is to have everything compatible with Enterprise, with only a few minor additions or changes. Examples of items that were added are Alpine, and OpenAFS. Our secondary goal is to allow easy customization for a site, without disturbing the Scientific Linux base. The various labs are able to add their own modifications to their own site areas. By the magic of scripts, and the anaconda installer, each site is to be able to create their own distributions with minimal effort. Or, if a user wishes, they can simply install the base SL release.
SME Server 9.0 on top of Scientific Linux
The installation instructions of SME Server functionality are based on minimal installation of Scientific Linux 6.5 64-bit and SME Server 9.0 repository. Please use a virtual environment to test your results. Virtual environments may include e.g. VirtualBox (free), VMWare, KVM or Xen.
Install SL minimal
SME Server functionality is only tested with a minimal install of Scientific Linux. To install 'SL minimal' one can use the boot.iso. A internet connection is required. The URL required for performing a net install must point to the /pub/scientific-linux/6.5/x86_64/os/ diretory of the mirror you use.
You can download the SL boot.iso from one of the many scientific mirrors. Install SL minimal in your virtual environment which should have at least:
- 1Gb RAM memory
- 20Gb harddisk
- 1 Network interface bridged to your host network interface
- Internet access
Boot the boot.iso and follow instruction. Once the graphical installer starts, select 'minimal' and leave all other options as per their defaults.
Once the installation has finished, please reboot and continue with enabling networking and SSH.
Enable networking and SSH
This step may not be required. Please check after login with ifconfig your networking configuration. Otherwise, login as root with the password what was provided at installation time. To enable networking please issue:
ifup eth0
This will bring up eth0 based on your local available DHCP server. Please check you IP with 'ipconfig' and 'ip link show'. During the configuration of SME Server functionality, final and fixed IP addresses will be configured. To enable SSH please issue:
service sshd start
SSH will now be enabled. Please log in remotely via SSH and further instructions are based on the fact that you are remotely logged in via ssh. Specifically for Cut and Paste operations.
Install nano and wget
If you are not familiar with vi or vim, you can install the nano editor. This page assumes that you have installed nano. Please install nano and wget as follows by issuing as root on the console:
yum install nano wget
Disable SELinux
SELinux is enabled by default. We want to disable it for there are a few services (e.g. httpd) that get blocked by SELinux. To check the status of SELinux you can enter the command:
getenforce
SELinux uses policies that conflict with some of the SME Server services ports like https. One can adjust the allowed ports, or remove the SELinux policies and disable SELinux by the following commands:
setenforce 0 sed -i -e 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config yum remove selinux-policy-targeted
Update SL
Now is a good time to update your SL installation with the latest (security) updates:
yum update
Add SME Server repo
To be able to download the required packages we need to add the SME Server repo:
nano -w /etc/yum.repos.d/smeos9.repo
and paste the following into it:
[smeos9] enabled=1 MirrorList=http://mirrorlist.contribs.org/mirrorlist/smeos-9 name=SME Server9 - os enablegroups=1 gpgcheck=1 includepkgs = e-smith\* smeserver\* *.sme.* clamav* clamd* *dar mod_authnz* mhash tbb perl-* htop proftpd php-pear-* GeoIP mod_auth_tkt radiusclient-ng nut-client nut pyzor oidentd rssh pam_abl clamav par2cmdline DCC wv checkpassword pam pv razor-agents clam-db initscripts checkpassword-pam
Now we can install the required packages from the repo's. The includepkgs line in the SME Server repo file ensure that only the required packages for SME Server will come from the SME repo's, and all others from the sl repo's.
yum install e-smith\* smeserver\* *.sme.* initscripts --exclude=smeserver-release*,*86 --nogpg
This will result in the following summary. The numbers may vary depending on the changes in the repositories. Transaction Summary
Install 402 Package(s) Upgrade 1 Package(s) Total size: 232 M
After yum is finished and all packages are installed, we can remove the temporary /etc/yum.repos.d/smeos9.repo file:
rm -f /etc/yum.repos.d/smeos9.repo
Post-upgrade/reboot
The installation of SME Server functionality is finished. For the initial configuration the following commands are mandatory:
/sbin/e-smith/signal-event post-upgrade /sbin/e-smith/signal-event reboot
First use
Set root password
After the first boot, there is the opportunity to restore from a backup and a new root (admin) password will be asked. This may be the same as you used for the initial installation of SL or you can set a new one. After setting the root password, SME Server will configure additional settings and automatically reboot.
Configuration
When the system has rebooted, it is ready for SME Server configuration of network and services settings. To start this process, please login as root and type:
console
and select 'configure this server'. After configuration, the server will reboot itself, re-configure itself based on the user choices and is in full operational mode ready for full use.
After the reboot, you can access the server-manager (https://your_ip/server-manager) and login as admin and the root password. In server-manager one can enable ssh and set various ssh options.
Adjust yum repositories
By default SME Server assumes it has CentOS as base linux system, In this case we use Scientific Linux, so we have to remove the CentOS specific repo's and add the SL repo's.
NOTES:
- The default SME Server repo's are part of sme-base
- The default (CentOS) repo's get re-initialized on yum-update
- so..... with an update of sme-base or a post-install, the repo's turn back to SME defaults
To remove the CentOS specific repo's issue the following commands as root:
db yum_repositories delete base db yum_repositories delete addons db yum_repositories delete centosplus db yum_repositories delete contrib db yum_repositories delete extras db yum_repositories delete fasttrack db yum_repositories delete updates
and update the yum repositories db
signal-event yum-modify
Now we need to configure the SME repo's to *only* include SME Specific packages or packages that are not available in the SL repo's, and we need to configure the SL repo's the SME Server way.
includepkgs = e-smith\* smeserver\* *.sme.* clamav* clamd* *dar mod_authnz* mhash tbb perl-* htop proftpd php-pear-* GeoIP mod_auth_tkt radiusclient-ng nut-client nut pyzor oidentd rssh pam_abl clamav par2cmdline DCC wv checkpassword pam pv razor-agents clam-db initscripts checkpassword-pam
Add SL repo's the 'SME Server way'
TBA
and update and activate the revised yum repo's configuration with the following command:
signal-event yum-modify
Current status
The above instructions should have brought you 'on par' with SME Server 9.0