Difference between revisions of "SUSE 10.0 SC RAW Notes"

From Scalix Wiki
Jump to: navigation, search
(Set up firewall (optional))
(R)
Line 1: Line 1:
For the most part I just followed the directions in [[Scalix CE Raw/Installation]], but I am using this to make not of things that I tried that may be useful to add back in if they work.  This is a doc in progress.
+
I am now hosting this document at http://www.heinous.org/wiki/SUSE_10.0_Scalix_RAW_Notes mainly because I am used to the syntax highlighting features of my wiki, and I like to have a backup of this document.
  
= Deviations =
+
Please feel free to copy here, or to modify at that location.  I would prefer if folks just made any changes there, as then I don't have to look in multiple places when there is a modification to the document needed.
 
+
== Sun Java ==
+
 
+
Here I just used the SUSE 10.0 ''java-1_5_0-sun'' package, we'll see if that works.
+
 
+
== Apache Tomcat ==
+
 
+
=== Using SUSE Default (incomplete) ===
+
 
+
; Note : I never got this to work, but I am leaving these notes here in case they help someone else trying it.  After some thought, I decided to follow Florian's advise and to just use the customized supported version of Tomcat for ScalixPart of the problem I think is because the SUSE 10.0 tomcat package is .30, and currently Apache only supports .28.  See http://www.scalix.com/community/viewtopic.php?t=2023
+
 
+
Here I just used the SUSE ''tomcat5'' package, we'll also see if that works.  I use the smart package manager and just add the java packages installation source for SUSE to do so.  An example for adding this repo at:  http://heinous.org/wiki/SUSE_and_Smart
+
 
+
After installing the packages, do the following:
+
 
+
cd /opt
+
ln -s /usr/share/tomcat5 scalix-tomcat
+
 
+
Also, you should log out of the system and back in after installing JAVA, so the environment variables work right.  You'll have lots of confusing problems if you don't.
+
 
+
Then see [[Technotes/Tomcat]] for instructions on getting tomcat to run in sudo mode.
+
 
+
I also needed to change the file '''/etc/tomcat5/base/Catalina/localhost/scalix-caa.xml''' to have privileged be set to false, but I'm not sure that's right:
+
 
+
<pre>
+
<Context path="/caa" docBase="/opt/scalix/web/caa-services.war"
+
        debug="0" privileged="false">
+
<Logger className="org.apache.catalina.logger.FileLogger"
+
        prefix="scalix-caa_log." suffix=".txt"
+
        timestamp="true"/>
+
</Context>
+
</pre>
+
 
+
= Quick Installation for SUSE 10.0 =
+
 
+
== OS Installation and initial configuration ==
+
 
+
Install SUSE 10.0 with a minimal installation.  You may well want to put /var and /opt on separate partitions and use LVM to make growing them more manageable, but that is entirely up to you.
+
 
+
=== Install the smart package manager ===
+
 
+
This is really useful for command line package maintenance.  It is to be used instead of Apt from SUSE 10.1 onward.  More information at: http://www.heinous.org/wiki/SUSE_and_Smart and http://linux01.gwdg.de/~pbleser/rpm-navigation.php?cat=System/smart/
+
 
+
Use YaST2's '''Software Management''' screen to install the ''python'', ''rpm-python'', and ''python-xml'' packages.
+
 
+
Check http://linux01.gwdg.de/~pbleser/rpm-navigation.php?cat=System/smart/ for latest version, here's an example of the steps:
+
 
+
<pre>
+
mkdir /opt/others
+
cd /opt/others
+
rpm -Uvh http://ftp.gwdg.de/pub/linux/misc/suser-guru/rpm/packages/System/smart/smart-0.41-15.guru.suse100.i686.rpm
+
# rpm -Uvh http://ftp.gwdg.de/pub/linux/misc/suser-guru/rpm/packages/System/smart/smart-0.41-15.guru.suse100.x86_64.rpm
+
</pre>
+
 
+
=== Add needed software repos ===
+
 
+
Here is an example of how to add the Java and normal OS repositories to smart.  It would probably be a good idea to find out the appropriate mirror for your region by checking http://en.opensuse.org/Mirrors_Released_Version
+
 
+
<pre>
+
############################
+
### ADD JAVA INST SOURCE ###
+
############################
+
smart channel --add suse-10.0-java type=yast2 name="SUSE 10.0 Java Packages (yast2)" baseurl=http://mirrors.kernel.org/opensuse/distribution/SL-OSS-stable/inst-source-java
+
##################################################
+
## RECOMMENDED RESPONSES FOR FIRST CHANNEL ADD ###
+
##################################################
+
# New channel 'suser-guru 3rd party package repository for SUSE Linux on ftp.gwdg.de (guru-apt)' detected.
+
# Include it? (Y/n): y
+
#
+
# New channel 'Packman 3rd party package repository for SUSE Linux on ftp.gwdg.de (packman-apt)' detected.
+
# Include it? (Y/n): y
+
#
+
# New channel 'SUSE Linux packages apt-rpm repository on ftp.gwdg.de (suse-apt-base-gwdg)' detected.
+
# Include it? (Y/n): n
+
#
+
# New channel 'SUSE Linux packages apt-rpm repository on ftp.gwdg.de (suse-apt-update-gwdg)' detected.
+
# Include it? (Y/n): n
+
#
+
# New channel 'SUSE Linux packages apt-rpm repository on ftp.gwdg.de (suse-apt-security-gwdg)' detected.
+
# Include it? (Y/n): n
+
#
+
# Alias: suse-10.0-java
+
# Type: yast2
+
# Name: SUSE 10.0 Java Packages (yast2)
+
# Base URL: http://mirrors.kernel.org/opensuse/distribution/SL-OSS-stable/inst-source-java
+
#
+
# Include this channel? (y/N): y
+
#
+
##########################
+
### ADD OS INST SOURCE ###
+
##########################
+
smart channel --add suse-10.0 type=yast2 name="SUSE 10.0 Packages (yast2)" baseurl=http://mirrors.kernel.org/opensuse/distribution/SL-OSS-stable/inst-source
+
#
+
# Alias: suse-10.0
+
# Type: yast2
+
# Name: SUSE 10.0 Packages (yast2)
+
# Base URL: http://mirrors.kernel.org/opensuse/distribution/SL-OSS-stable/inst-source
+
#
+
# Include this channel? (y/N): y
+
#
+
##############################
+
### UPDATE PKGS & PKG LIST ###
+
##############################
+
smart update
+
smart upgrade
+
</pre>
+
 
+
=== Set up firewall (optional) ===
+
 
+
I disable the SUSE firewall and then install Shorewall.  The SUSE firewall works really, well, but for this doc, I show the shorewall config that I use, which could be easily done with the SUSE firewall as well.  I use Shorewall mainly because it runs on pretty much ever Linux distribution (I even run it on my Linksys router) and allows me to only have to think about one firewalling system.  Also, webmin has a nice plugin to manage it.
+
 
+
<pre>
+
smart install -y wget
+
cd /opt/others
+
###################################################################
+
## You should check the latest version on the shorewall.net site ##
+
###################################################################
+
wget http://www.shorewall.net/pub/shorewall/3.0/shorewall-3.0.6/shorewall-3.0.6-1.noarch.rpm
+
rpm -Uvh shorewall-*.rpm
+
cp -a /etc/shorewall /etc/shorewall.org
+
cp /usr/share/doc/packages/shorewall/Samples/two-interfaces/* /etc/shorewall/
+
</pre>
+
 
+
You'll want to adjust the '''/etc/shorewall/interfaces''', '''/etc/shorewall/masq''', and '''/etc/shorewall/policy''' files to suit your config.  Here's an example of the '''/etc/shorewall/rules''' file that I use:
+
 
+
<pre>
+
############################################
+
### Generic to all external fw addresses ###
+
############################################
+
ACCEPT  all            fw                      icmp    echo-request
+
###################
+
### web related ###
+
###################
+
ACCEPT  all            fw                      tcp    http
+
ACCEPT  all            fw                      tcp    https
+
ACCEPT  all            fw                      tcp    8080
+
####################
+
### mail related ###
+
####################
+
ACCEPT  all            fw                      tcp    smtp
+
ACCEPT  all            fw                      tcp    smtps
+
REDIRECT all            25                      tcp    submission
+
ACCEPT  all            fw                      tcp    imap
+
ACCEPT  all            fw                      tcp    imaps
+
ACCEPT  all            fw                      tcp    pop3
+
ACCEPT  all            fw                      tcp    pop3s
+
#############
+
### other ###
+
#############
+
ACCEPT  all            fw                      tcp    10000 # webmin
+
DNAT    net            loc:10.0.1.245:22      tcp    22869
+
# ACCEPT  all            fw                      tcp    22
+
# ACCEPT  all            fw                      tcp    ftp
+
# ACCEPT  all            fw                      udp    ftp
+
# ACCEPT  all            fw                      tcp    ftp-data
+
# ACCEPT  all            fw                      udp    ftp-data
+
# ACCEPT  all            fw                      tcp    domain
+
# ACCEPT  all            fw                      udp    domain
+
# ACCEPT  net:192.139.81.239      fw      tcp    389
+
# ACCEPT  net:192.139.81.239      fw      tcp    636
+
# ACCEPT  net:192.139.81.206      fw      tcp    mysql
+
# ACCEPT  net:192.139.81.98      fw      tcp    mysql
+
#LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE
+
</pre>
+
 
+
; NOTE : Be sure to set up a '''/etc/shorewall/routestopped''' file for emergency situations.
+
  
 
{{LeahFooter}}
 
{{LeahFooter}}

Revision as of 13:50, 17 April 2006

I am now hosting this document at http://www.heinous.org/wiki/SUSE_10.0_Scalix_RAW_Notes mainly because I am used to the syntax highlighting features of my wiki, and I like to have a backup of this document.

Please feel free to copy here, or to modify at that location. I would prefer if folks just made any changes there, as then I don't have to look in multiple places when there is a modification to the document needed.

Questions & Comments welcome! Edit the Discussion tab, or, for more traditional contact information: see User:Leah
leah-@-heinous.org http://heinous.org http://www.frauerpower.com http://www.looniepos.com
Retrieved from "https://www.scalix.com/wiki/index.php?title=SUSE_10.0_SC_RAW_Notes&oldid=1530"