How to Replace a Failed Drive in a ZFS Pool

Featured

So you have a failed disk in a ZFS pool and you want to fix it? Routine disk failures are really a non-event with ZFS because the volume management makes replacing them so dang easy. In many cases, unlike hardware RAID or older volume management solutions, the replacement disk doesn’t even need to be exactly the same as the original. So let’s get started replacing our failed disk. These instructions will be for a Solaris 10 system, so a few of the particulars related to unconfiguring the disk and device paths will vary with different flavors of UNIX.

First, take a look at the zpools to see if there are any errors. The -x flag will only display status for pools that are exhibiting errors or are otherwise unavailable.
Note: If the disk is actively failing (a process that sometimes takes a while as the OS offlines it), any commands that use storage related system calls will hang and take a long time to return. These include “zpool” and “format”, so just be patient; they will eventually return.

# zpool status -x

 pool: data
 state: DEGRADED
status: One or more devices are faulted in response to persistent errors.
        Sufficient replicas exist for the pool to continue functioning in a
        degraded state.
action: Replace the faulted device, or use 'zpool clear' to mark the device
        repaired.
 scrub: none requested
config:

        NAME        STATE     READ WRITE CKSUM
        data        DEGRADED     0     0     0
          mirror-0  DEGRADED     0     0     0
            c1t4d0  ONLINE       0     0     0
            c1t5d0  FAULTED      1    81     0  too many errors
          mirror-1  ONLINE       0     0     0
            c1t2d0  ONLINE       0     0     0
            c1t3d0  ONLINE       0     0     0

errors: No known data errors

So we can easily see that c1t5d0 has failed. Take a look at the “format” output do get the particulars about the disk:
# format

Searching for disks...done


AVAILABLE DISK SELECTIONS:
       0. c1t0d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@0,0
       1. c1t1d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@1,0
       2. c1t2d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@2,0
       3. c1t3d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@3,0
       4. c1t4d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@4,0
       5. c1t5d0 
          /pci@0/pci@0/pci@2/scsi@0/sd@5,0
Specify disk (enter its number): 

Get your hands on a replacement disk that is as similar as possible to a SEAGATE-ST914602SSUN146G-0603-136.73GB. I was only able to dig up a HITACHI-H103014SCSUN146G-A2A8-136.73GB, so I’ll be using that instead of a direct replacement.

Next, use “cfgadm” to look at the disks you have and their configuration status:

# cfgadm -al

Ap_Id                          Type         Receptacle   Occupant     Condition
c1                             scsi-sata    connected    configured   unknown
c1::dsk/c1t0d0                 disk         connected    configured   unknown
c1::dsk/c1t1d0                 disk         connected    configured   unknown
c1::dsk/c1t2d0                 disk         connected    configured   unknown
c1::dsk/c1t3d0                 disk         connected    configured   unknown
c1::dsk/c1t4d0                 disk         connected    configured   unknown
c1::dsk/c1t5d0                 disk         connected    configured   unknown

We want to replace t5, so we prepare it for removal by unconfiguring it:

# cfgadm -c unconfigure c1::dsk/c1t5d0

The “safe to remove” led should turn on and you can pull the disk, remembering to allow it several seconds to spin down. Replace it with the new disk and take a look at “cfgadm -al” output again to ensure that it has been automatically configured. If it has not, you can manually configure it like below:

# cfgadm -c configure c1::dsk/c1t5d0

Now, it’s a simple matter of a quick “zpool replace” to get things rebuilding:

# zpool replace data c1t5d0

You can use the output of zpool status to watch the resilver process…

SMB Printing in Mac OSX

Most Mac users simply access network printers using LPR, but occasionally, you will need to interact with networks that are unfriendly to this method and find yourself having to use SMB printing. It’s a little inconvenient, but overall pretty easy to configure. I found some great instructions here. The method varies depending on which version of the operating system you have, but this site has directions for OS 10.2, 12.3, and 10.4, so it pretty much covers all the bases.

Quick Start Guide for Asterisk

Asterisk is a complete open source software-based IP PBX solution that runs on a variety of platforms. It supports VOIP in several protocols, and can seamlessly integrate with almost any standards-based telephony equipment using relatively inexpensive hardware.

This guide is a quick-start set of notes that should help you get the Asterisk service up and running with the web-based graphical user interface. Much of this was taken from the various README files that come with the software download, but I thought it would be nice to have the directions all in one place so that I don’t have to search for them in the future. I did this on a new RHEL 5 install. I would imagine that the same procedure should work on most Linux distributions.

Configuration and implementation of Asterisk is fairly complex and is beyond the scope of this document. I should also say this this guide does not include directions for installing and configuring other Asterisk related software that is required to integrate with telephony equipment.

Enough disclaimers… Let’s get started.

  • Download the latest source package of Asterisk, untar it and CD into the newly created directory.
  • Run “make
  • Run “make install
  • Run”make samples” (Doing this will overwrite any existing config files you have, so don’t do it if you are upgrading or something like that)
  • Run “make config” (This creates the `/etc/rc.d/init.d/asterisk’ file so you can crontroll the
  • asterisk service with chkconfig and service.)

You are now done installing Asterisk. Now let’s install the GUI.

  • Download the latest source package of the Asterisk GUI client, untar it and CD into the newly created directory.
  • Run “make
  • Run “make install
  • Run “make samples” This installs the sample configuration files. Again, don’t do this if you are upgrading because it will overwrite your existing files.

Now let’s configure it.

You need to edit a few Asterisk configuration files to enable the GUI

1) In /etc/asterisk/http.conf:

        [general]
        enabled = yes
        enablestatic = yes
        bindaddr=xxx.xxx.xxx.xxx (The IP address of your Asterisk server)


2) In /etc/asterisk/manager.conf

        [general]
        enabled = yes
        webenabled = yes


3) Create an appropriate entry in manager.conf for the administrative user

        [admin]
        secret = YourFavoritePassword
        read = system,call,log,verbose,command,agent,config
        write = system,call,log,verbose,command,agent,config


4) Run “make checkconfig

Look for the following lines… They will tell you how to get to your GUI.

  * GUI should be available at
  * http://xxx.xxx.xxx.xxx:8088/asterisk/static/config/cfgbasic.html

  * Before using the GUI, Please visit the install page at
  * http://xxx.xxx.xxx.xxx:8088/asterisk/static/config/setup/install.html 


5) We should be all set Let’s start or restart asterisk:

Run “/sbin/service asterisk restart

6) Lastly, grab a web browser and go to your install page. It should look something like this:

http://xxx.xxx.xxx.xxx:8088/asterisk/static/config/setup/install.html

Configure it up and have fun with your new Asterisk server.

Diebold Key Copied From Photo

Diebold makes electronic voting systems. In fact they make a lot of electronic voting systems! They advertise “Over 130,000 Diebold electronic voting stations are being used in locations across the United States to assist voters in exercising their most fundamental constitutional right: the right to vote.” With the 2000 and 2004 elections being shrouded in suspicion of voter fraud, you would think that Diebold would make every effort to ensure the security of their product. They have not.

The guys at Princeton have put together a video that shows just how insecure these systems really are. Aside from the multiple logical attacks that work against them, the ways to defeat the physical security are countless. They seem to use a “wafer-tumbler” type lock that can be easily picked in under 5 seconds. Don’t know how to pick locks? No problem. Just unscrew the bottom and you have access!

As if all this was not disturbing enough, Diebold had put a picture of the master key to these systems up on their online store and Ross Kinard of SploitCast used it to create a working key of his own. While this may seem difficult, it is not. Using the image, one can determine which key blank to use fairly easily. This is because there are really not that many key blanks in use; especially for “wafer-tumbler” type locks. Once the key blank is determined, all that is left is to figure out how deep make the cuts. This can be quickly determined by referencing the photo that was so kindly provided by Diebold on their online store. Granted, there are a few more details to be aware of, but anyone who has invested much time in learning how to defeat locks should have little trouble in figuring them out.

Ross writes:

I bought three blank keys from Ace. Then a drill vise and three cabinet locks that used a different type of key from Lowes. I hoped that the spacing and depths on the cabinet locks’ keys would be similar to those on the voting machine key. With some files I had I then made three keys to look like the key in the picture.

He then sent the keys to J. Alex Halderman at Freedom To Tinker.com who quickly confirmed that two of the three keys would, indeed, open the door to the memory card on the Diebold system. This video shows the key Ross made opening the voting machine used in the Princeton study:

Didbold has finally removed the picture of the key from their website, but it would seem that it’s too little too late. The picture is out there along with more than 130,000 voting machines on which a key made from it will work. It looks like this is one company that has some explaining to do!

Horde / IMP on RHEL 4 From RPM HOWTO

Whenever you go to install applications and services on registered RHEL servers, it’s always nice to use the RPMs because up2date will keep everything current for you. Managing upgrades gets a whole lot easier when you can bring your system up to current with one simple command. Because of this, I decided that I would try to use as many RPMs as I could when I set up our latest Horde / IMP installation.

Unfortunately, RedHat does not supply RPMs for the Horde applications, but luckily CentOS does. You should be able to download them from here. Get the latest version, which at the time of this writing was horde-3.1.3-1 and imp-h3-4.1.3-1.

Don’t install them yet though because Horde and IMP have always had a lot of dependancies which must be installed and enabled first. Installing the following RPMs should take care of them.

  • mysql-4.1.20-1.RHEL4.1.i386.rpm
  • mysqlclient10-3.23.58-4.RHEL4.1.i386.rpm
  • mysqlclient10-devel-3.23.58-4.RHEL4.1.i386.rpm
  • mysql-devel-4.1.20-1.RHEL4.1.i386.rpm
  • mysql-server-4.1.20-1.RHEL4.1.i386.rpm
  • perl-DBD-MySQL-2.9004-3.1.i386.rpm
  • php-4.3.9-3.15.i386.rpm
  • php-devel-4.3.9-3.15.i386.rpm
  • php-domxml-4.3.9-3.15.i386.rpm
  • php-imap-4.3.9-3.15.i386.rpm
  • php-ldap-4.3.9-3.15.i386.rpm
  • php-mysql-4.3.9-3.15.i386.rpm
  • php-pear-4.3.9-3.15.i386.rpm

Assuming you will want up2date to handle upgrades of these packages, it is very important that you either use “up2date” to install them, or download them from correct channel at the RedHat website. You could also simply get them from the CD distribution that you used to install the system itself.

Once PEAR is installed, you will have to upgrade it, and install the PEAR::Log module.

[root@server]# pear upgrade -a PEAR-1.3.6
[root@server]# pear upgrade PEAR

Ok, now let’s make sure the web server is configured to start when the system comes up:

[root@server /]# /sbin/chkconfig --list httpd

You should see this:

httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off

But if you see 5:off, simply run:

[root@server /]# /sbin/chkconfig httpd on

Now we enable and start up our new MySQL database server:

[root@server /]# /sbin/chkconfig mysqld on
[root@server /]# /sbin/service mysqld start

And we’re ready to install Horde and IMP. Install the following RPM’s, which will put everything in /usr/share/horde and creates a file called horde.conf in /etc/httpd/conf.d/

  • horde-3.1.3-1.c4.noarch.rpm
  • imp-h3-4.1.3-1.c4.noarch.rpm

This will install the HORDE and IMP packages in /usr/share, and /usr/share/horde respectively.

Finally, we start or restart apache:

[root@server /]# /sbin/service httpd start

Grab a browser and go to the following URL to proceed with the Horde and IMP configuration.

http://server.example.com/horde/

Installing OpenGroupWare 1.1.5 on RHEL 3

OpenGroupWare is an open source groupware package intended as an alternative to proprietary applications such as Exchange and PostPath. It is fairly robust in its feature set, and even integrates well with MS Outlook.

Its strongest points, in my opinion are that it does not depend in any way on Active Directory, and that it integrates well with open source standards like Open LDAP and University of Washington IMAP. Its downsides are that the documentation is sparse and scattered, that is is backed with PostgreSQL rather than MySQL, and that the package is bundled into a TON of RPM’s.

I have not tried installing it from source, though I suspect that it would not be much more work than using the RPM’s. Anyhow, if you want to install it for yourself, here are some quick scripts to help you, as well as some quick cookbook instructions. I installed it on RHEL 3 Workstation, though I suspect that it would work most Linux distributions.

The first thing we have to do is install the foundation for OpenGroupWare From the RHEL CD’s or Website:

Install apache
Install PostgreSQL
Install PostgreSQL-devel
Install php
Install php_PostgreSQL

Next, run the following commands to get the database and webserver started:

# /sbin/chkconfig httpd on
# /sbin/chkconfig postgresql on
# /sbin/service postgresql start
# /sbin/service httpd start

Sendmail should already be installed and running, but if not, you will have to install it as well.

OK, so I said before that there are a TON of RPM’s that you will have to install. These can be found at the OpenGroupWare website. Get them however you want, but if you have “wget” installed, you can use my script to fetch everything you need. You can omit the “devel” packages if you don’t want to install the source code.

  1. ###### SNIP #######
  2. #!/bin/sh
  3. #GetOpenGroupWare.sh
  4. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-gnustep_make-1.10.0-0.i386.rpm
  5. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-xml-4.5.8-r1321.0.i386.rpm
  6. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-xml-devel-4.5.8-r1321.0.i386.rpm
  7. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/ThirdParty/libfoundation11-1.1.3-r155.0.i386.rpm
  8. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/ThirdParty/libfoundation11-devel-1.1.3-r155.0.i386.rpm
  9. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-core-4.5.8-r1321.0.i386.rpm
  10. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-core-devel-4.5.8-r1321.0.i386.rpm
  11. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-appserver-4.5.8-r1321.0.i386.rpm
  12. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-appserver-devel-4.5.8-r1321.0.i386.rpm
  13. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-gdl1-4.5.8-r1321.0.i386.rpm
  14. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-gdl1-devel-4.5.8-r1321.0.i386.rpm
  15. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-ldap-4.5.8-r1321.0.i386.rpm
  16. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-ldap-devel-4.5.8-r1321.0.i386.rpm
  17. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-ldap-tools-4.5.8-r1321.0.i386.rpm
  18. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-mime-4.5.8-r1321.0.i386.rpm
  19. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-mime-devel-4.5.8-r1321.0.i386.rpm
  20. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-logic-1.1.5-r1717.0.i386.rpm
  21. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-logic-devel-1.1.5-r1717.0.i386.rpm
  22. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-logic-tools-1.1.5-r1717.0.i386.rpm
  23. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-1.1.5-r1717.0.i386.rpm
  24. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-devel-1.1.5-r1717.0.i386.rpm
  25. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-db-project-1.1.5-r1717.0.i386.rpm
  26. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-db-project-devel-1.1.5-r1717.0.i386.rpm
  27. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-fs-project-1.1.5-r1717.0.i386.rpm
  28. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-docapi-fs-project-devel-1.1.5-r1717.0.i386.rpm
  29. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-core-1.1.5-r1717.0.i386.rpm
  30. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-core-devel-1.1.5-r1717.0.i386.rpm
  31. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-app-1.1.5-r1717.0.i386.rpm
  32. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-environment-1.1.5-0.i386.rpm
  33. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-ical-4.5.8-r1321.0.i386.rpm
  34. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-ical-devel-4.5.8-r1321.0.i386.rpm
  35. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/sope-4.5.8-sixtyfour/sope45-gdl1-postgresql-4.5.8-r1321.0.i386.rpm
  36. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/mod_ngobjweb-2.0.46-r1323.0.i386.rpm
  37. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-database-setup-1.1.5-0.i386.rpm
  38. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-pda-1.1.5-r1717.0.i386.rpm
  39. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-pda-devel-1.1.5-r1717.0.i386.rpm
  40. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-theme-blue-1.1.5-r1717.0.i386.rpm
  41. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-theme-default-1.1.5-r1717.0.i386.rpm
  42. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-theme-kde-1.1.5-r1717.0.i386.rpm
  43. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-theme-ooo-1.1.5-r1717.0.i386.rpm
  44. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-theme-orange-1.1.5-r1717.0.i386.rpm
  45. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-tools-1.1.5-r1717.0.i386.rpm
  46. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-calendar-1.1.5-r1717.0.i386.rpm
  47. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-contact-1.1.5-r1717.0.i386.rpm
  48. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-mailer-1.1.5-r1717.0.i386.rpm
  49. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-mailer-devel-1.1.5-r1717.0.i386.rpm
  50. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-news-1.1.5-r1717.0.i386.rpm
  51. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-project-1.1.5-r1717.0.i386.rpm
  52. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-basque-1.1.5-r1717.0.i386.rpm
  53. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-de-1.1.5-r1717.0.i386.rpm
  54. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-dk-1.1.5-r1717.0.i386.rpm
  55. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-en-1.1.5-r1717.0.i386.rpm
  56. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-es-1.1.5-r1717.0.i386.rpm
  57. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-fr-1.1.5-r1717.0.i386.rpm
  58. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-hu-1.1.5-r1717.0.i386.rpm
  59. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-it-1.1.5-r1717.0.i386.rpm
  60. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-jp-1.1.5-r1717.0.i386.rpm
  61. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-nl-1.1.5-r1717.0.i386.rpm
  62. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-no-1.1.5-r1717.0.i386.rpm
  63. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-pl-1.1.5-r1717.0.i386.rpm
  64. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-pt-1.1.5-r1717.0.i386.rpm
  65. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-ptbr-1.1.5-r1717.0.i386.rpm
  66. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-resource-sk-1.1.5-r1717.0.i386.rpm
  67. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-webui-task-1.1.5-r1717.0.i386.rpm
  68. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-xmlrpcd-1.1.5-r1717.0.i386.rpm
  69. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-zidestore-1.1.5-r1717.0.i386.rpm
  70. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-zidestore-devel-1.1.5-r1717.0.i386.rpm
  71. wget http://download.opengroupware.org/nightly/packages/rhel3/releases/opengroupware-1.1.5-moveon/ogo-meta-1.1.5-r1717.0.i386.rpm
  72. ###### /SNIP #######

Ok, so now we have a directory filled up wit RPM’s. Many of these have a lot of dependancies, so the order of install is important. The script below has them in the correct order, so you can either use it as a reference to install them yourself, or just save the script in the directory that has all your RPM’s and run it. Your choice.

  1. ###### SNIP #######
  2. # InstallOpenGroupware.sh
  3. #!/sbin/sh
  4. rpm -Uvh ogo-gnustep_make-1.10.0-0.i386.rpm
  5. rpm -Uvh sope45-xml-4.5.8-r1321.0.i386.rpm
  6. rpm -Uvh sope45-xml-devel-4.5.8-r1321.0.i386.rpm
  7. rpm -Uvh libfoundation11-1.1.3-r155.0.i386.rpm
  8. rpm -Uvh libfoundation11-devel-1.1.3-r155.0.i386.rpm
  9. rpm -Uvh sope45-core-4.5.8-r1321.0.i386.rpm
  10. rpm -Uvh sope45-core-devel-4.5.8-r1321.0.i386.rpm
  11. rpm -Uvh sope45-mime-4.5.8-r1321.0.i386.rpm
  12. rpm -Uvh sope45-mime-devel-4.5.8-r1321.0.i386.rpm
  13. rpm -Uvh sope45-appserver-4.5.8-r1321.0.i386.rpm
  14. rpm -Uvh sope45-appserver-devel-4.5.8-r1321.0.i386.rpm
  15. rpm -Uvh sope45-gdl1-4.5.8-r1321.0.i386.rpm
  16. rpm -Uvh sope45-gdl1-devel-4.5.8-r1321.0.i386.rpm
  17. rpm -Uvh sope45-ldap-4.5.8-r1321.0.i386.rpm
  18. rpm -Uvh sope45-ldap-devel-4.5.8-r1321.0.i386.rpm
  19. rpm -Uvh sope45-ldap-tools-4.5.8-r1321.0.i386.rpm
  20. rpm -Uvh ogo-logic-1.1.5-r1717.0.i386.rpm
  21. rpm -Uvh ogo-logic-devel-1.1.5-r1717.0.i386.rpm
  22. rpm -Uvh ogo-logic-tools-1.1.5-r1717.0.i386.rpm
  23. rpm -Uvh ogo-docapi-1.1.5-r1717.0.i386.rpm
  24. rpm -Uvh ogo-docapi-devel-1.1.5-r1717.0.i386.rpm
  25. rpm -Uvh ogo-docapi-db-project-1.1.5-r1717.0.i386.rpm
  26. rpm -Uvh ogo-docapi-db-project-devel-1.1.5-r1717.0.i386.rpm
  27. rpm -Uvh ogo-docapi-fs-project-1.1.5-r1717.0.i386.rpm
  28. rpm -Uvh ogo-docapi-fs-project-devel-1.1.5-r1717.0.i386.rpm
  29. rpm -Uvh ogo-webui-core-devel-1.1.5-r1717.0.i386.rpm
  30. rpm -Uvh ogo-webui-app-1.1.5-r1717.0.i386.rpm ogo-theme-default-1.1.5-r1717.0.i386.rpm ogo-webui-resource-en-1.1.5-r1717.0.i386.rpm ogo-webui-resource-de-1.1.5-r1717.0.i386.rpm
  31. rpm -Uvh ogo-environment-1.1.5-0.i386.rpm
  32. rpm -Uvh sope45-ical-4.5.8-r1321.0.i386.rpm
  33. rpm -Uvh sope45-ical-devel-4.5.8-r1321.0.i386.rpm
  34. rpm -Uvh sope45-gdl1-postgresql-4.5.8-r1321.0.i386.rpm
  35. rpm -Uvh mod_ngobjweb-2.0.46-r1323.0.i386.rpm
  36. rpm -Uvh ogo-database-setup-1.1.5-0.i386.rpm
  37. rpm -Uvh ogo-pda-1.1.5-r1717.0.i386.rpm
  38. rpm -Uvh ogo-pda-devel-1.1.5-r1717.0.i386.rpm
  39. rpm -Uvh ogo-theme-blue-1.1.5-r1717.0.i386.rpm
  40. rpm -Uvh ogo-theme-kde-1.1.5-r1717.0.i386.rpm
  41. rpm -Uvh ogo-theme-ooo-1.1.5-r1717.0.i386.rpm
  42. rpm -Uvh ogo-theme-orange-1.1.5-r1717.0.i386.rpm
  43. rpm -Uvh ogo-tools-1.1.5-r1717.0.i386.rpm
  44. rpm -Uvh ogo-webui-calendar-1.1.5-r1717.0.i386.rpm
  45. rpm -Uvh ogo-webui-contact-1.1.5-r1717.0.i386.rpm
  46. rpm -Uvh ogo-webui-core-1.1.5-r1717.0.i386.rpm
  47. rpm -Uvh ogo-webui-mailer-1.1.5-r1717.0.i386.rpm
  48. rpm -Uvh ogo-webui-mailer-devel-1.1.5-r1717.0.i386.rpm
  49. rpm -Uvh ogo-webui-news-1.1.5-r1717.0.i386.rpm
  50. rpm -Uvh ogo-webui-project-1.1.5-r1717.0.i386.rpm
  51. rpm -Uvh ogo-webui-resource-basque-1.1.5-r1717.0.i386.rpm
  52. rpm -Uvh ogo-webui-resource-dk-1.1.5-r1717.0.i386.rpm
  53. rpm -Uvh ogo-webui-resource-es-1.1.5-r1717.0.i386.rpm
  54. rpm -Uvh ogo-webui-resource-fr-1.1.5-r1717.0.i386.rpm
  55. rpm -Uvh ogo-webui-resource-hu-1.1.5-r1717.0.i386.rpm
  56. rpm -Uvh ogo-webui-resource-it-1.1.5-r1717.0.i386.rpm
  57. rpm -Uvh ogo-webui-resource-jp-1.1.5-r1717.0.i386.rpm
  58. rpm -Uvh ogo-webui-resource-nl-1.1.5-r1717.0.i386.rpm
  59. rpm -Uvh ogo-webui-resource-no-1.1.5-r1717.0.i386.rpm
  60. rpm -Uvh ogo-webui-resource-pl-1.1.5-r1717.0.i386.rpm
  61. rpm -Uvh ogo-webui-resource-pt-1.1.5-r1717.0.i386.rpm
  62. rpm -Uvh ogo-webui-resource-ptbr-1.1.5-r1717.0.i386.rpm
  63. rpm -Uvh ogo-webui-resource-sk-1.1.5-r1717.0.i386.rpm
  64. rpm -Uvh ogo-webui-task-1.1.5-r1717.0.i386.rpm
  65. rpm -Uvh ogo-xmlrpcd-1.1.5-r1717.0.i386.rpm
  66. rpm -Uvh ogo-zidestore-1.1.5-r1717.0.i386.rpm
  67. rpm -Uvh ogo-zidestore-devel-1.1.5-r1717.0.i386.rpm
  68. rpm -Uvh ogo-meta-1.1.5-r1717.0.i386.rpm
  69. ###### /SNIP #######

Some things to note about the install.

These all have to be done on one line or “rpm” will complain that it can’s resolve dependancies:
rpm -Uvh ogo-webui-app-1.1.5-r1717.0.i386.rpm ogo-theme-default-1.1.5-r1717.0.i386.rpm ogo-webui-resource-en-1.1.5-r1717.0.i386.rpm ogo-webui-resource-de-1.1.5-r1717.0.i386.rpm

ogo-database-setup-1.1.5-0.i386.rpm sets up your PostgreSQL database and database user for you. The output should look something like this:


Preparing...                     ########################################### [100%]
1:ogo-database-setup             ########################################### [100%]
PostgreSQL seems to be already initialized
and I can see it running:
PIDS used: 3456 3458 3459
We're on PostgreSQL 7 (7.4)
checking /var/lib/pgsql/data/postgresql.conf
need to patch /var/lib/pgsql/data/postgresql.conf for 7.4
backup current one to /var/lib/pgsql/data/postgresql.conf.20061213-153319
checking /var/lib/pgsql/data/pg_hba.conf
need to patch /var/lib/pgsql/data/pg_hba.conf for 7.4
backup current one to /var/lib/pgsql/data/pg_hba.conf.20061213-153319
The changes we've made require that we restart PostgreSQL...
Stopping postgresql service:    [  OK  ]
Starting postgresql service:      [  OK  ]
OK! PostgreSQL runs again: (3909 3911 3912)
creating database user: OGo
creating the database itself: OGo
we've successfully created both the user OGo and the raw database OGo
we'll now fill the database with the scheme itself
checking the logfile created during scheme rollin... 
/tmp/database_setup_psql.sh.20061213-153319.log
removing log - not needed anymore

OK… Now everything is installed, and if you run the following command:

# /sbin/chkconfig –list | grep ogo

You should see the following output:

ogo-zidestore   0:off   1:off   2:on    3:on    4:on    5:on    6:off
ogo-webui       0:off   1:off   2:on    3:on    4:on    5:on    6:off
ogo-xmlrpcd     0:off   1:off   2:on    3:on    4:on    5:on    6:off
ogo-nhsd        0:off   1:off   2:on    3:on    4:on    5:on    6:off

Now, let’s fire up these services:


# /sbin/service ogo-zidestore start
# /sbin/service ogo-webui start
# /sbin/service ogo-xmlrpcd start
# /sbin/service ogo-nhsd start

Everything should be up and running now, so you can grab a web browser and go to the following RUL:

http://server.domain.com/OpenGroupware

You will be logged in as the root user, so make sure to change the password.

If you are using this system as a stand-alone server, you are pretty much all set. We needed to authenticate it against our central LDAP, and point it towards our IMAP server though, so I added the following lines to “/var/lib/opengroupware.org/.libFoundation/DefaultsNSGlobalDomain.plist”:


LSAuthLDAPServer = "ldapserver.domain.com";
LSAuthLDAPServerRoot = "dc=mydomain,dc=com";
imap_host = "imapserver.domain.com";
UseSkyrixLoginForImap = YES;

Make sure to put these lines at the end of the file, but before the closing braces.

The file should look something like this:

###### SNIP #######
{
"skyrix_id" = "server.domain.com";
LSConnectionDictionary = {
  databaseName = OGo;
  hostName = "127.0.0.1";
  password = "";
  port = 5432;
  userName = OGo;
};
  LSNewsImagesPath = "/var/lib/opengroupware.org/news";
  LSNewsImagesUrl = "/ArticleImages";
  Languages = (
  English
);
  TimeZoneName = GMT;
  WOHttpAllowHost = (
  localhost,
  "127.0.0.1",
  "localhost.localdomain"
);
  LSAuthLDAPServer = "ldapserver.domain.com";
  LSAuthLDAPServerRoot = "dc=domain,dc=com";
  imap_host = "imapserver.domain.com";
  UseSkyrixLoginForImap = YES;
}
###### /SNIP #######

Since the system won’t let you authenticate the “root” user against the local database if your are using LDAP, you have to create a root user on your central LDAP.

Create an LDIF file called root.ldif like so:

###### SNIP #######
dn: uid=root,ou=People,dc=mydomain,dc=com
objectClass: organizationalPerson
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
uid: root
uidNumber: 0
gidNumber: 0
sn: Root
cn: Root
homeDirectory: /root
loginShell: /bin/bash
gecos: Root
###### /SNIP #######

Finally, run the following command to add the root user:


ldapadd -x -D "cn=Manager,dc=mydomain,dc=com" -W -f root.ldif"

You should now be authenticating against your central LDAP server. Have fun!

Setting Up The Automounter Service on RHEL

Mounting filesystems in RHEL is pretty straightforward and easy. Occasionally, however, you will not want the filesystem to remain mounted all the time, but rather to automatically mount for a set period of time only when it is needed. Because of networking overhead, and the general unreliability of networks, NFS mounts are a good example of when this can be especially useful.

In order to manage the automatic mounting and unmounting of filesystems on RHEL, we use the Automounter service. Here is how.

First, The main configuration file is “/etc/auto.master”. It should look something like this:

#
# $Id: auto.master,v 1.3 2003/09/29 08:22:35 raven Exp $
#
# Sample auto.master file
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# For details of the format look at autofs(5).
#/misc  /etc/auto.misc --timeout=60
#/misc  /etc/auto.misc
#/net   /etc/auto.net


Let’s assume that we want to set up an NFS mount on “/misc/backups”. We would first create an entry in this file that looks something like this:

/misc   /etc/auto.misc --timeout=120


This tells the autofs service that we want to use it to manage mounts from within “/misc”, that the configuration file is “/etc/auto.misc”, and that it should disconnect after 2 minuets of inactivity.

Now, let’s edit the “/etc/auto.misc” file. The file has three columns: the mount point from within the /misc directory, the options for mounting the filesystem, and the filesystem to be mounted. It also includes the remote server’s name since we are using NFS. It should look something like this when you are done:

#
# $Id: auto.misc,v 1.2 2003/09/29 08:22:35 raven Exp $
#
# This is an automounter map and it has the following format
# key [ -mount-options-separated-by-comma ] location
# Details may be found in the autofs(5) manpage

cd              -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
backups         -rw,soft,intr remoteservername:/path/to/nfs/export

# the following entries are samples to pique your imagination
#linux          -ro,soft,intr           ftp.example.org:/pub/linux
#boot           -fstype=ext2            :/dev/hda1
#floppy         -fstype=auto            :/dev/fd0
#floppy         -fstype=ext2            :/dev/fd0
#e2floppy       -fstype=ext2            :/dev/fd0
#jaz            -fstype=ext2            :/dev/sdc1
#removable      -fstype=ext2            :/dev/hdd


Next, we create the directory for the mount point in /misc:

# mkdir /misc/backups

And finally we restart the autofs service:

# service autofs restart

That should pretty much do it. If you don’t have autofs configured to start up, you can use chkconfig to enable it. “/misc/backups” will now be mounted whenever a user or process attempts to access data on it, and it will be automatically disconnected after 120 seconds of inactivity. Last, but not least, you can always confirm that it is running with the “service” command:

# service autofs status

As always, change the details to match your own requirements.