[cvs] [Wiki] changed: CentOS5InstallationNotes

Sun Nov 4 00:24:42 UTC 2007

guest [201.6.83.105]  Sat, 03 Nov 2007 17:24:42 -0700

Modified page: http://wiki.horde.org/CentOS5InstallationNotes
New Revision:  1.8
Change log:  Added more steps

@@ -11,15 +11,15 @@
 ++ Versions

 * CentOS 5.0 i386 (OS)
 * Horde Groupware Webmail Edition 1.0.3 (October 2 2007)
-* Apache (http server)
+* Apache 2.2.3 (http server)
 * MySQL 5.0.22 (db server)
-* Postfix (mail server)
-* Dovecot (IMAP)
+* Postfix 2.3.3 (mail server)
+* Dovecot 1.0 (IMAP)


-++ Set up your host name and address
+++ Set up your host name and address (ONLY IF YOU DIDN'T DO IT AT
INSTALLATION)

 * USe system-config-network-tui to set up IP, Netmask and Gateway:

 <code>
@@ -61,15 +61,19 @@
 service network restart
 </code>


-* If your using GUI interface (like gnome), you may need to restart it.
Logout and login.
+* If your using GUI interface (like gnome), you may need to restart it:
+
+<code>
+init 6
+</code>


 ++ Installing prerequisites

 <code>
-yum install -y gettext httpd mysql mysql-server dovecot postfix
system-switch-mail perl
+yum install -y gettext httpd mysql mysql-server dovecot postfix
system-switch-mail perl

 yum install -y php php-mysql php-xml php-imap php-mbstring php-mcrypt
php-pecl-Fileinfo php-pecl-memcache php-pear-DB php-pear-File php-pear-Log
php-pear-Mail-Mime php-pear-Auth-SASL php-pear-Date php-pear-HTTP-Request
php-pear-Mail php-pear-Net-Sieve php-pear-Net-Socket php-pear-Net-SMTP
 </code>

@@ -84,49 +88,46 @@
 system-switch-mail
 (select postfix)
 </code>

-* Configure postfix and dovecot to allow the creation of mail subfolders
+* Configure postfix and dovecot

 <code>
 postconf -e 'home_mailbox = Maildir/'
 </code>

 * Edit /etc/dovecot.conf and add the following to the end of the file:

 <code>
+# to allow the creation of mail subfolders
 mail_location = maildir:~/Maildir
-
 namespace private {
 separator = /
 prefix = ""
 inbox = yes
 }
-</code>

-* Add the following to /etc/dovecot.conf to enable the IMAP protocol:
-
-<code>
+# Enable IMAP protocol
 protocols = imap
 </code>

-* To configure the rest of postfix, take a look at this nice tutorial:
+* To configure the rest of postfix, such as domain name and secure
connections, take a look at this nice tutorial:

 ||http://fedorasolved.org/server-solutions/postfix-mail-server||

 ++ Start services:

 <code>
-service httpd start
+service httpd restart
 chkconfig httpd on

-service postfix start
+service postfix restart
 chkconfig postfix on

-service dovecot start
+service dovecot restart
 chkconfig dovecot on

-service mysqld start
+service mysqld restart
 chkconfig mysqld on
 </code>

 * Configure mysqld root password:
@@ -147,35 +148,58 @@

 <code>
 tar zxf horde-webmail-1.0.3.tar.gz -C /var/www/html/
 mv /var/www/html/horde-*/ /var/www/html/horde/
-
-cd /var/www/html/horde/config
-rm -rf hooks.php.dist
-for d in *.dist; do d0=`basename $d .dist`; if [ ! -f "$d0" ]; then cp -p
$d $d0; fi; done
 </code>


-++ Creating database
+++ Creating database and tables in MySQL
+
+* Run the setup.php script:

 <code>
 cd /var/www/html/horde/scripts/
 ./setup.php
+</code>
+
+If asked, choose /horde.
+
+Press 1; choose mysql; Persistent connection 0; Username horde; Choose a
password for mysql-user horde; Unix sockets; Locatio null; DB name horde;

-Press 1; choose mysql; Persistent connection 0; Username horde; Choose a
password for mysql user horde; Unix sockets; Locatio null; DB name horde;
-Press 2; yes; root; root mysql password;
 Press 3; specify an existing IMAP user to have horde administration
permissions (i.e. your current linux user)
+
+**Do not execute option 2 (database creation).** It's best to create the
databases by the groupware script, because it sets up db permissions and
horde user (while step 2 doesn't).
+
+* Edit /var/www/html/horde/scripts/sql/groupware.mysql.sql and change the
password to the same you've choosen in previus step 1 at setup.php:
+
+<code>
+-- IMPORTANT: Change this password!
+        PASSWORD('passwordformysql-userhorde')
 </code>

-++ Add a "horde.conf" file to /etc/httpd/cond.d:
+Save the file and exit.
+
+Run the script into mysql:
+
+<code>
+cd /var/www/html/horde/scripts/sql
+mysql --user=root --password=mysqlrootpassword < groupware.mysql.sql
+</code>
+
+
+++ Configure Apache and PHP:
+
+* Add a "horde.conf" file to /etc/httpd/cond.d:

 <code>
 #
 # Horde
 #
+
+Alias /horde /var/www/html/horde

 <Directory /var/www/html/horde>
-	# Comment out the following 3 lines to make Horde accessible from anywhere
+	# Uncomment the following 3 lines to make Horde locally accessible only
 	#Order Deny,Allow
 	#Deny from all
 	#Allow from 127.0.0.1

@@ -187,26 +211,26 @@
 	php_flag session.use_trans_sid off
 	php_flag session.auto_start off
 	php_admin_flag file_uploads on
 	# Optional - required for weather block in Horde to function
-	#php_admin_flag allow_url_fopen on
+	php_admin_flag allow_url_fopen on

 	# If horde dies while trying to handle large email file attachments,
 	#  you are probably hitting PHP's memory limit.  Raise that limit here,
 	#  but use caution
 	# Set to your preference - memory_limit should be at least 32M
 	#  and be greater than the value set for post_max_size
-	#php_value memory_limit 32M
-	#php_value post_max_size 20M
-	#php_value upload_max_filesize 10M
+	php_value memory_limit 32M
+	php_value post_max_size 20M
+	php_value upload_max_filesize 10M

 	# /usr/share/pear is needed for PEAR. /var/www/html/horde is needed for
Horde itself
 	# TODO: Set an appropriate include_path, too. Might even increase speed a
bit.
 	php_admin_value open_basedir
"/var/www/html/horde:/var/www/html/horde/config:/usr/share/pear:/tmp"
 	php_admin_flag register_globals off
 </Directory>

-<Directory %{_sysconfdir}/%{name}>
+<Directory /var/www/html/horde/config>
 	Order Deny,Allow
 	Deny from all
 </Directory>

@@ -228,41 +252,58 @@

 <code>
 chmod 0644 -v /etc/httpd/conf.d/horde.conf
 </code>
+
+
+* Increase memory_limit option in /etc/php.ini to 32MB:
+
+<code>
+memory_limit = 32M
+</code>
+

 * Restart httpd:

 <code>
 service httpd restart
 </code>


-++ Security configuration
+++ Check if everything is alright:
+
+* Open the following address in your browser:

-* For horde framework
 <code>
+http://localhost.localdomain/horde/test.php
+</code>

-chown root:apache -Rv /var/www/html/horde/
-chmod 0770 -Rv /var/www/html/horde
-chmod 0640 -v /var/www/html/horde/config/*.dist
-chmod 0640 -v /var/www/html/horde/config/.htaccess

+++ Security configuration

+* Secure config files:

-chmod go-rwx /var/www/html/horde/test.php
+<code>
+chown apache:root -R /var/www/html/horde/config
+chown apache:root -R /var/www/html/horde/*/config
+chmod -R go-rwx /var/www/html/horde/config
+chmod -R go-rwx /var/www/html/horde/*/config
+</code>

+* Secure scripts:

-chown -R root:apache /var/www/html/horde/config
-chmod -R 750 /var/www/html/horde/config
-chown -R root:apache /var/www/html/horde/config/.htaccess
-chmod -R 640 /var/www/html/horde/config/.htaccess
-chown -R root:apache /var/www/html/horde/config/*.dist
-chmod -R 640 /var/www/html/horde/config/*.dist
+<code>
+chown -R root:root /var/www/html/horde/scripts
+chown -R root:root /var/www/html/horde/*/scripts
+chmod -R go-rwx /var/www/html/horde/scripts
+chmod -R go-rwx /var/www/html/horde/*/scripts
 </code>

-* For IMP
+* Secure test.php:

-...
+<code>
+chmod a-rwx /var/www/html/horde/test.php
+chmod a-rwx /var/www/html/horde/*/test.php
+</code>


 ... (Later I'll continue this howto)
