[ZendTo] Re: Installing on Ubuntu Server

Joshua F. Withrow jwithrow at matech.net
Wed Feb 9 14:27:57 GMT 2011


And I must say that aside from some massaging for our own environment, the VM made things a SNAP!  What a great idea!  Even so, this is great documentation to have :)

From: zendto-bounces at zend.to [mailto:zendto-bounces at zend.to] On Behalf Of Jules
Sent: Wednesday, February 09, 2011 9:26 AM
To: ZendTo Users
Subject: [ZendTo] Re: Installing on Ubuntu Server

This is why I distribute it as a VM, so you don't have to do all this stuff by hand (it's quite a long list of instructions). But from my notes on building the VMs, here are what I have to say on the subject. For starters, do this on a 64-bit build of Ubuntu, not 32-bit, or you will be limited to 2 Gbyte uploads due to limitations in PHP. You still have to rebuild the Apache PHP library with some code edits to get past the 2 Gbyte upload limit, but at least in 64-bit it can be done. I will leave out all the stuff to do with https, as you can add that later yourself (and it's on the website Documentation page).

Here we go.....

Install Ubuntu 10 server 64-bit
Partition manually.
Part 1 = primary 2.0 GB swap at beginning of disk
Part 2 = primary max / ext4 bootable
Install security updates automatically.
Software selection: Basic, LAMP, OpenSSH.
Install GRUB in master boot record.

Remove CD/DVD and reboot.

SSH in remotely, stop using console.

sudo su -

This chunk rebuilds the Apache PHP5 library so that uploads can be more than 2 Gbytes.

mkdir php-source
cd php-source
apt-get -y install debhelper bison chrpath freetds-dev libcurl4-openssl-dev libedit-dev libgd2-xpm-dev libgmp3-dev libmhash-dev libpam0g-dev libpspell-dev librecode-dev libsasl2-dev libsnmp-dev libsqlite0-dev libt1-dev libtidy-dev re2c unixodbc-dev
apt-get -y install apache2-prefork-dev autoconf automake flex hardening-wrapper libapr1-dev libbz2-dev libdb-dev libenchant-dev libgcrypt11-dev libglib2.0-dev libicu-dev libmysqlclient-dev libpcre3-dev libpq-dev libsqlite3-dev libxmltok1-dev libxml2-dev libxslt1-dev quilt
apt-get -y install clamav clamav-daemon
apt-get -y install php5 php5-cli php5-sqlite php5-ldap php5-apc
apt-get -y install rrdtool
apt-get -y source php5-cgi
cd php5*
perl -i -pe 's/int zend_atoi/long zend_atoi/' Zend/zend_operators.[ch];
perl -i -pe 's/\n/@@@@@@/g' Zend/zend_operators.c;perl -i -pe 's/(long zend_atoi.*?)int retval/$1long retval/m' Zend/zend_operators.c;
perl -i -pe 's/@@@@@@/\n/g' Zend/zend_operators.c;perl -i -pe 's/atoi\(content_length\)/atol(content_length)/' `find sapi -name '*.c'`perl -i -pe 's/\(uint\)( SG\(request_info\))/$1/' `find sapi -name '*.c'`;
perl -i -pe 's/uint post_data_length, raw/uint IGNORE_post_data_length, IGNORE_raw/' main/SAPI.h;perl -i -pe 's/} sapi_request_info/\tlong post_data_length, raw_post_data_length;\n} sapi_request_info/' main/SAPI.h;
perl -i -pe 's/int read_post_bytes/long read_post_bytes/'    main/SAPI.h;
perl -i -pe 's/int boundary_len=0, total_bytes=0/long total_bytes=0; int boundary_len=0/' main/rfc1867.c;
# Omit this for the 32-bit build
dpkg-buildpackage -rfakeroot -uc -b -j2
cd debian/libapache2-mod-php5/usr/lib/apache2/modules
mv /usr/lib/apache2/modules/libphp5.so /usr/lib/apache2/modules/libphp5.so-UBUNTU
cp libphp5.so /usr/lib/apache2/modules/
# End Omit this for the 32-bit build

Bit of cleaning up.
cd
apt-get remove mysql-server
rm -rf ~/php-source

Setup PHP for ZendTo
cd /etc/php5/apache2
Edit php.ini
allow_call_time_pass_reference = On
max_execution_time = 7200
max_input_time = 7200
memory_limit = 300M
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED
display_errors = On
post_max_size = 50000M
upload_tmp_dir = /var/zendto/incoming
upload_max_filesize = 50G
max_file_uploads = 200

Edit conf.d/apc.ini
apc.rfc1867 = on
apc.max_file_size = 50G

Setup the ZendTo website.
cd /etc/apache2/sites-enabled
rm 000-default
cat <<EOF > 000-zendto
<VirtualHost *:80>
        ServerAdmin webmaster at localhost

        HostnameLookups On

        DocumentRoot /opt/zendto/www
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /opt/zendto/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        LogLevel notice
        ErrorLog /var/log/apache2/error.log
        CustomLog /var/log/apache2/access.log combined
</VirtualHost>
EOF

Set all the permissions required and make sure that AppArmor doesn't get in the way of the virus scanning.
usermod -a -G www-data clamav

Edit /etc/apparmor.d/usr.sbin.clamd
- Add "  /var/zendto/** r," just before the last line

cd /var
mkdir zendto zendto/dropoffs zendto/incoming zendto/rrd
touch zendto/zendto.log
chown www-data zendto/*
chgrp www-data zendto zendto/*
chmod g+w zendto

Housekeeping jobs.
export EDITOR=vi
crontab -e
Add these 3 lines at the end:
5 0 * * * /usr/bin/php /opt/zendto/sbin/cleanup.php /opt/zendto/config/preferences.php
2 10 * * * /usr/bin/php /opt/zendto/sbin/rrdInit.php /opt/zendto/config/preferences.php
2 12 * * * /usr/bin/php /opt/zendto/sbin/rrdUpdate.php /opt/zendto/config/preferences.php

Unpack all the source under /opt/ZendTo-3.63.
Build all the source code owned by root.root under /opt/zendto,
making /opt/ZendTo-3.63 the real dir with /opt/zendto a symlink to it.

Basically, the web server must be able to write into the directories cache and templates_c (ignore the MyZendTo stuff for now, that's a slightly different project that ships with ZendTo). And the web server must be able to read everything else.
cd /opt/zendto
chown -R www-data cache *templates_c
chgrp -R www-data cache *templates_c
chmod -R ug+rwX cache *templates_c
chmod -R o+rX *

service apache2 restart

Load the home page of the new website in a web browser.
Click on the "About" button.
That will create the database.

Login and "sudo su -" to get root access.

cd /opt/zendto/sbin
php rrdInit.php /opt/zendto/config/preferences.php
Ignore any "PHP Notice" output from that.

Then start setting up the authentication in /opt/zendto/config/preferences.php. If you are using AD or LDAP then play with "ldapsearch" until you can get it to read users' information, and then you will have the right strings to put into preferences.php.

If you are going to use the "Local" authentication to start with, then look in /opt/zendto/bin for all the commands required to add and edit the user table. It *never* stores plain-text passwords, don't worry!

Customise the user interface with /opt/zendto/config/zendto.conf. If you want to make bigger changes, then it's all templated in /opt/zendto/templates.

Hopefully that will get you started.
Do you see why I distribute it as a pre-built VM now? :-)

Jules.

On 09/02/2011 13:09, Nigel Kendrick wrote:
Hi Jules and everybody else,

I'm looking to install ZendTo on a Ubuntu server so I have to start with the tar version. I've unpacked it and now deeply missing the comfort of an install.sh a la MailScanner!

I've checked the docs on site and as supplied in the tar file but can't see where to dive in. Any pointers appreciated.

Thanks







_______________________________________________

ZendTo mailing list

ZendTo at zend.to<mailto:ZendTo at zend.to>

http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto



Jules



--

Julian Field MEng CITP CEng

www.Zend.To<http://www.Zend.To>



Follow me at twitter.com/JulesFM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



'All programs have a desire to be useful' - Tron, 1982

________________________________
This message is the property of Machining Technologies, Inc (MaTech) and the Information contained herein may be/is subject to the Code of Federal Regulations Chapter 22 International Traffic in Arms Regulations (ITAR). This data may not be resold, diverted, transferred, transshipped, made available to a foreign national within the United States, or otherwise disposed of in any other country outside of its intended destination, either in original form or after being incorporated through an intermediate process into other data without the prior written approval of the US Department of State. The information in this e-mail and subsequent attachments may contain legally privileged, proprietary and/or confidential information that is intended only for the use of the addressee(s).
No addressee should forward, print, copy or otherwise reproduce this message in any manner that would allow it to be viewed by any individual not originally listed as the recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, retention or use of the contents of this e-mail information is prohibited. If you have received this communication in error, please immediately notify the sender by telephone or return e-mail and delete this e-mail. Thank You.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20110209/5a4917f7/attachment-0001.html 


More information about the ZendTo mailing list