SME on CentOS 6

From SME Server
Jump to navigation Jump to search
Information.png Tip:
Please only use a virtual machine to test this.Try to follow what others have done and repeat it. Make any notes yourself and post your findings.


SME 9, based on CentOS 6

Prerequisites

  • VIrtual machine (Vmware, Parallels or Virtualbox)
  • Centos Minimal 64-bit architecture. 32-bit may follow later
  • Access to EPEL, RPMForge and ATrpms repositories
  • Setting up a RPM Building environment


Current status & tasks

  • Last update January 30, 2013

Please add your name(s) next to the task you are working on.


Identify all SME Server specific packages (John C.) See notes below.

Setting up a RPM building environment (Ian W.)

booting CentOS 6 with the SME packages installed. (Daniel)

  • Update fields in Bugzilla, currently all bugs are clean-up
  • Update Simple_Package_Modification to show how to do this for SME 9 which requires COS6 as a base.
  • Identify which packages are pulled from ATRPMS/EPEL/RPMFORGE below, we need to move them into the base and stop pulling from those repos.
  • Create a SME 9 version of each package in CVS, does it build? Enter all problems in Bugzilla.
  • Update SME Server documentation 'Administration Manual' (Stephane, Terry)
  • Getting organised for The_future_of_SME_Server (John)

User Feedback

Unstructured user feedback can be noted here SME9DEV_user_feedback. Issues that required developer attention should be logged in our Bug Tracker. (See below)


Bugs

Bug Tracker

Bugs that require immediate attention and are to be considered blocking issues:


Considerations

  • SysVinit is no longer the default with the release of RHEL6, beyond RHEL6 systemd will be used
  • perl has a new location of the filesystem. New: /usr/share/perl5/vendor_perl instead Old: /usr/lib/perl5/site_perl/
  • perl version 5.8.8 is the new default version on RHEL6. This requires a review of all the perl module rpms which are specific for perl 5.8.5


Installing CentOS 6 minimal

First a few notes on CentOS 6 minimal, which is a bare bones install with very little on board. You can download a copy from one of the CentOS mirrors here

  • As per above note, only use Virtual Machine for testing purposes. A good free VM package can be obtained here
  • You might want to note down as much as possible so you yourself and others can reproduce the actions
  • Don't use yum with the '-y' flag (install/upgrade without further user interaction) when using the yum install/upgrade commands. (beware copy/paste yum commands)
  • you might want to note down all packages listed by yum to be installed/upgraded AND their dependencies
  • Make regular snapshots of your Virtual Machine and describe them specifically. At least when you've reached an important milestone for yourself


Installing the ISO

  • Just install a minimal el6 installation (I just installed a few utilities like htop, screen, rsync, vim, openssh-clients mc etc…). You can use either the DVD, the minimal CD install, a net install with PXE, it's up to you
  • wellsi: I have used CentOS-6.3-x86_64-minimal.iso


Enable networking

Each boot you have to start the network etc etc. I decided it was better with the minimal install and touch as little as possible - if I could then get SME packages installed I could then use that to configure networking later.

To start the networking

./etc/sysconfig/network-scripts/ifup-eth eth0

or

dhclient eth0

or if you want to assign a specific IP address (e.g. 192.168.1.2).

ifconfig eth0 192.168.1.2
echo "nameserver 192.168.1.254" >> /etc/resolv.conf
route add default gw 192.168.1.254 eth0

To make your changes permanent you will need to edit the configuration file to make it active on boot. There is only the vi text editor, you can also install nano.

yum install nano
nano /etc/sysconfig/network-scripts/ifcfg-eth0

and set ONBOOT=”YES”


Enable SSH

SSH is present but is disabled at this stage. To enable ssh issue:

service sshd start


Disable SELinux

It will be easier to see what's going on (and turn off selinux at kernel level, just to be sure)

sed -i -e 's/rhgb quiet/selinux=0/g' /boot/grub/grub.conf
sed -i -e 's/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config


Remove selinux-policy-targeted and authconfig

They conflict with some e-smith/smeserver packages

yum remove selinux-policy-targeted authconfig


Configure basic requirements

The yum configurations could be put as attachments to this bug.


Configure third party repo

Enable the EPEL, ATrpms and RPMForge repo

rpm -Uvh http://fr2.rpmfind.net/linux/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -Uvh http://dl.atrpms.net/el6-x86_64/atrpms/stable/atrpms-repo-6-6.el6.x86_64.rpm
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm

Configure SME repository (EL5 version for now)

 
cat<<'EOF' > /etc/yum.repos.d/sme.repo
[smeaddons]
enabled=1 
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeaddons-8
name=SME Server - addons
gpgcheck=1
enablegroups=1

[smecontribs]
enabled=0
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smecontribs-8
name=SME Server - contribs
gpgcheck=1
enablegroups=1

[smedev]
enabled=0
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smedev-8
name=SME Server - dev
gpgcheck=1
enablegroups=1

[smeextras]
enabled=1
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeextras-8
name=SME Server - extras
gpgcheck=1
enablegroups=1

[smeos]
enabled=1
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeos-8
name=SME Server - os
gpgcheck=1
enablegroups=1

[smetest]
enabled=0
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smetest-8
name=SME Server - test
gpgcheck=1
enablegroups=1
#
[smeupdates]
enabled=1
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeupdates-8
name=SME Server - updates
gpgcheck=1
enablegroups=1

[smeupdates-testing]
enabled=0
mirrorlist=http://mirrorlist.contribs.org/mirrorlist/smeupdates-testing-8
name=SME Server - updates testing
gpgcheck=1
enablegroups=1

EOF


import SME's GPG key

This is a temporary key. The final key will be generated by and available through contribs.org

rpm --import http://sme-mirror.firewall-services.com/releases/8/smeos/x86_64/RPM-GPG-KEY-SMEServer


install yum-plugin-priorities

yum install yum-plugin-priorities


Configure yum priorities

Set the base, updates and extras repo in /etc/yum.repos.d/CentOS-Base.repo a high priority (respectivly 50, 40, 50)

 
[...]
[base]
name=CentOS-$releasever - Base 
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=50

#released updates 
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=40

#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
priority=50

[...]

Set Epel to a priority of 60 in /etc/yum.repos.d/epel.repo

[epel]
name=Extra Packages for Enterprise Linux 6 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
priority=60


Set RPMForge to a priority of 65 in /etc/yum.repos.d/rpmforge.repo

[rpmforge]
name = RHEL $releasever - RPMforge.net - dag
baseurl = http://apt.sw.be/redhat/el6/en/$basearch/rpmforge 
mirrorlist = http://apt.sw.be/redhat/el6/en/mirrors-rpmforge
#mirrorlist = file:///etc/yum.repos.d/mirrors-rpmforge
enabled = 1
protect = 0
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
gpgcheck = 1
priority=65


Set atrpms to priority of 70 in /etc/yum.repos.d/atrpms.repo

[atrpms]
name=Red Hat Enterprise Linux $releasever - $basearch - ATrpms
failovermethod=priority
baseurl=http://dl.atrpms.net/el$releasever-$basearch/atrpms/stable
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-atrpms
priority=70


Install some package without dependancy check

A few packages have to be installed manually without dependancy check:

rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeupdates/x86_64/RPMS/smeserver-yum-2.2.0-20.el5.sme.noarch.rpm
rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeupdates/x86_64/RPMS/e-smith-samba-2.2.0-49.el5.sme.noarch.rpm
rpm -Uvh --nodeps http://sme-mirror.firewall-services.com/releases/8/smeos/x86_64/SME/e-smith-test-2.2.0-1.el5.sme.noarch.rpm

Two perl package need to be installed manually with sme and epel repo disabled (I need to figure out why repo priority doesn't fix this)

yum install perl-Razor-Agent perl-Data-UUID --disablerepo=sme\* --disablerepo=epel


Install e-smith-base

Now, you should be ready to install e-smith-base. For me, this pulls 222 packages (166MB). For some reason, the GPGKey is not recognized, so just run yum with –nogpgcheck

yum --nogpgcheck install e-smith-base
 Installing : smeserver-clamav-2.2.0-12.el5.sme.noarch                                                                                  217/229
warning: user clamav does not exist - using root
  Installing : smeserver-spamassassin-2.2.0-9.el5.sme.noarch                                                                             222/229
Group id of 1005 is already taken by user dnscache
Can't locate esmith/config.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /sbin/e-smith/db line 12.
BEGIN failed--compilation aborted at /sbin/e-smith/db line 12.
Can't locate esmith/util.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /etc/e-smith/events/actions/initialize-default-databases line 26.
BEGIN failed--compilation aborted at /etc/e-smith/events/actions/initialize-default-databases line 26.
Can't locate esmith/NavigationDB.pm in @INC (@INC contains: /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at /etc/e-smith/events/actions/navigation-conf line 25.
BEGIN failed--compilation aborted at /etc/e-smith/events/actions/navigation-conf line 25.
  Verifying  : smeserver-locale-sv-2.2.0-41.el5.sme.noarch                                                                                 1/229


Install the remaining e-smith/smeserver packages

Now install all the remaining e-smith/smeserver packages. e-smith-base already installed quite a lot of e-smith/smeserver packages as dependency.

yum --nogpgcheck install e-smith\* smeserver\*

It should install the following packages and their dependancies. See here How to retrieve a list of the required packages from an installed SME8 server.

e-smith                       
e-smith-LPRng                 
e-smith-apache                
e-smith-backup                
e-smith-devtools              
e-smith-dynamicdns-dyndns     
e-smith-dynamicdns-dyndns.org 
e-smith-dynamicdns-tzo        
e-smith-dynamicdns-yi         
e-smith-flexbackup            
e-smith-horde                 
e-smith-hosts                 
e-smith-imp                   
e-smith-ingo                  
e-smith-ldap                  
e-smith-lib-compspec          
e-smith-mysql                 
e-smith-ntp                   
e-smith-oidentd               
e-smith-openssh               
e-smith-php                   
e-smith-pptpd                 
e-smith-proftpd               
e-smith-proxy                 
e-smith-qmailanalog           
e-smith-quota                 
e-smith-radiusd               
e-smith-turba                 
e-smith-viewlogfiles          
smeserver-release


Install samba

Now install samba-client (e-smith-samba has been installed manually without dep check, otherwise it would have pulled samba3x package instead of samba)

yum install samba-client


Tweak the system so it can start with upstart (and runlevel4)

Upstart (the default init in EL6) doesn't support runlevel 7 SME uses. So we'll switch to runlevel 4:

  • Create a custom template for /etc/inittab to change the default runlevel to 4
mkdir -p /etc/e-smith/templates-custom/etc/inittab/
cat <<'EOF' > /etc/e-smith/templates-custom/etc/inittab/10defaultlevel
# Default runlevel.
# 
id:4:initdefault:
EOF


  • Create a upstart job to start runsvdir (/etc/init/runsvdir.conf)
start on runlevel 4
stop on shutdown
respawn
exec /etc/runit/2
  • Move everything from rc7.d to rc4.d (all the links in rc4.d should then point to e-smith-service)
rm -f /etc/rc4.d/*
cp -a /etc/rc7.d/* /etc/rc4.d/


Move some perl modules

We need to copy some perl modules to a new directory, because @INC has changed in EL6:

cp -a /usr/lib/perl5/site_perl/esmith/ /usr/share/perl5/vendor_perl/


Create a service entry for rsyslog

We need to create a new service entry in the DB, because the standard syslog package is now rsyslog:

/sbin/e-smith/db configuration set rsyslog service status enabled
cp -a /etc/rc7.d/S05syslog /etc/rc7.d/S05rsyslog


Run post-upgrade

We can now try to post-upgrade

/sbin/e-smith/signal-event post-upgrade
/sbin/e-smith/signal-event reboot


The system boots but completly broken :-)

Ok, so the system should now boot, but is really not usable, after a quick look, at least the following doesn't work as expected:

  • The console on the first boot don't really work. It asks for the admin password (and BTW the password appears in cleartext) but it's all
  • No network interfaces are detected by the console menu (because kudzu is not installed, only available in SME repo, and require an older python which conflicts with the the one * from EL6)
  • slapd won't start
  • httpd won't start
  • squid won't start
  • manually running expand-template has no effect (and no error message is printed). But signal-event seems to work (files get expanded and services restarted)
  • as the network interface are not configured, all the services which requires the internel IP (or the external one) in their config (at least sshd squid and dnscache) won't start
  • qpsmtpd won't start (can't locate Qpsmtpd/TcpServer.pm in @INC)
  • There's probably a lot more which is not working


SME Server specific/required packages

To get a list of all specific SME Server packages you can run:

rpm -qa | grep 'smeserver\|e-smith'| sed -e 's/-[0-9].*//' | sort > smeserver-packages.txt


SME Server specific/required perl packages

To get a list of the file names containing the string 'perl' on a running SME8 server.

rpm -qa | grep perl | sed -e 's/-[0-9].*//' | sort

or, as per suggestion on the lists (All files starting with the string 'perl')

rpm -qa --qf '%{NAME}\n' name=perl\* | sort

To export the list to a plain text file you could do:

rpm -qa | grep perl | sed -e 's/-[0-9].*//' | sort > perl-list.txt


perl-Digest-SHA	Y
perl	Y
perl-Archive-Tar	Y
perl-Authen-PAM	******
perl-Authen-SASL	Y
perl-BSD-Resource	******
perl-CGI-FormMagick	******
perl-CGI-Persistent	******
perl-Class-ParamParser	******
perl-Clone	Y
perl-Compress-Raw-Bzip2	Y
perl-Compress-Raw-Zlib	        Y
perl-Compress-Zlib	     Y
perl-Convert-ASN1	    Y
perl-Convert-BinHex	Y
perl-Convert-TNEF	******
perl-Crypt-Cracklib	******
perl-Crypt-OpenSSL-Bignum	Y
perl-Crypt-OpenSSL-Random	Y
perl-Crypt-OpenSSL-RSA	Y
perl-DateManip	Y
perl-DBD-MySQL	Y
perl-DBI	Y
perl-Digest-HMAC	Y
perl-Digest-SHA1	Y
perl-Email-Date-Format	Y
perl-Encode-Detect	Y
perl-Error	Y
perl-File-MMagic	******
perl-Geography-Countries	******
perl-HTML-Parser	Y
perl-HTML-Tabulate	******
perl-HTML-Tagset	Y
perl-I18N-AcceptLanguage	******
perl-IO-Compress-Base	Y
perl-IO-Compress-Bzip2	Y
perl-IO-Compress-Zlib	Y
perl-IO-Socket-INET6	Y
perl-IO-Socket-SSL	Y
perl-IO-stringy	Y
perl-IO-Zlib	Y
perl-IP-Country	******
perl-LDAP	Y
perl-libwww-perl	Y
perl-Locale-gettext	******
perl-Mail-DKIM	Y
perl-Mail-RFC822-Address	******
perl-Mail-SPF	******
perl-MailTools	Y
perl-MIME-Lite	Y
perl-MIME-tools	Y
perl-Net-DNS	Y
perl-Net-Ident	******
perl-Net-IP	Y
perl-Net-IPv4Addr	******
perl-Net-SMTP-SSL	Y
perl-Net-SSLeay	Y
perl-NetAddr-IP	Y
perl-Object-Persistence	******
perl-Package-Constants	Y
perl-Quota	******
perl-Razor-Agent	******
perl-RPM2	******
perl-Socket6	Y
perl-suidperl	Y
perl-Test-Inline	******
perl-Text-Iconv	Y
perl-Text-Template	******
perl-Time-TAI64	******
perl-TimeDate	Y
perl-Unix-ConfigFile	******
perl-URI	Y
perl-version	Y
perl-WWW-Automate	******
perl-XML-NamespaceSupport	Y
perl-XML-Parser	Y
perl-XML-SAX	Y


I am now going to try and lob in the existing/missing el5 versions to see what happens. My guess is we will need to rebuild the required modules.


FormMagick

Next will be an attack on FormMagick - there is no package in the default install so need to figure that out. In may indeed be horrible, but we can live with it for now.

Hopefully with perl and FormMagick installed, most of the SME stuff *should* basically install.


Discussion, help and share

  • Please consult/subscribe to the devs list for more information. devinfo mailinglist and in particular all threads starting with " SME on CentOS 6"
  • There is a IRC channel where people who are interested in this effort 'hang out'. You're most welcome to drop by and/or join. It's free! ;-)
    • You do not have to install anything to pay the channel a visit. All you need is a nice nickname and right click here to open the channel in a new browser window or tab.


Resources and references

Kickstart file

  • A starting point can be found here


Setting up a RPM Building environment under CentOS


Suggestions and notes from SME Developers

  • From Charlie on 1/21/2013:

You will need to modify a bunch of perl module rpms to use /usr/share/perl5/vendor_perl instead of /usr/lib/perl5/site_perl/. You'll also need to replace all the perl module rpms which are specific for perl 5.8.5 and 5.8.8 with ones which will work with RHEL6. Most of those will come from epel or rpmforge.

There's a little work to switch to rsyslog instead of syslog.

You'll need either a new whiptail rpm or new console.pm which uses only unmodified dialog.