Ubuntu 6.06 Server (Dapper Drake) Beginner's Install Guide

From Zimbra :: Wiki

Jump to: navigation, search
Admin Article

Article Information

This article applies to the following ZCS versions.
  ZCS 4.5 Article  ZCS 4.5

The following guide is for installing ZCS on Ubuntu Server 6.06, (if you are using Ubuntu 8.04 go here)where the server resides on a DMZ and so needs to resolve to its own internal (DMZ subnet) IP address rather than the public IP address that is published to the world. This is a setting where a firewall/router supplies the translation from the public IP to the DMZ IP (DNAT--Destination Network Address Translation) so that translation is not known to the server itself. This configuration is desirable for security, but it makes bits of the Zimbra configuration more complex than they might otherwise be.

For simplicity's sake I'm referring to Zimbra's DMZ address as the "private ip address" from here on. By that I mean that the Zimbra box has only one IP address, it's on the DMZ, and can be seen by my LAN but not the public. When I say "public IP address" I'm not talking about another address on the Zimbra box, but rather the address that gets DNATed to my box and which is resolved in the world.

Contents

DNS

The DNS issue discussed throughout this thread is PARAMOUNT! If you don't have your DNS working properly, don't even bother trying to install Zimbra, because trying to fix DNS after the fact may result in an install that can do everything except send mail--even from a Zimbra user to himself! So I'll say it again:

If you can't resolve your mailserver's own private IP address (NOT the public IP) using nslookup, fix it BEFORE you install Zimbra!

Server installation is Ubuntu 6.06 from the downloadable ubuntu-6.06.1-server-i386.iso. Install only the basic server--NOT the LAMP server--with the following little "gotchas."

1) The installation wants to configure your LAN via DHCP. Cancel it before it gets that far, and manually configure it with a static IP address, netmask, and gateway. Don't put in a public DNS for your nameserver configuration; instead put in the same IP address that you just gave the machine for its own static IP (this won't let you resolve names on the internet until we do some more configuration below, but it saves headaches later).

2) When the installation asks for a hostname, give it only a one-word hostname (e.g. "mail" or "myserver") NOT the fully-qualified domain name (mail.mydomain.com).

The server will install and configure, and when it's done and reboots you'll be able to ping public IP addresses if you know them, but you won't be able to resolve any names to ping them.

Now we have to make this machine into a nameserver so it'll resolve things. This can be done with bind, but for security we'll go straight to the newer bind9. Anyway, make sure your CD is back in the drive, get to your root prompt (sudo bash) and do

apt-get update

apt-get install bind9

Once bind9 is installed, you have to configure the following files, which are in the directory /etc/bind (for brevity I've deleted the generic comment lines included by the distro):

/etc/bind/named.conf.options

options {
        directory "/var/cache/bind";

        query-source address * port 53;

        forwarders {
                xxx.xxx.xxx.xxx; xxx.xxx.xxx.xxx;
        };

        auth-nxdomain no;    # conform to RFC1035

};

the ip addresses on this file are public ip addresses of the DNS you use in the outside world. The line "query-source address * port 53" is to allow your machine to hit the DNS if oddball DNS ports are blocked. You can leave it commented if you don't need it.

Check /etc/resolv.conf and make sure it looks like this:

nameserver xxx.xxx.xxx.xxx

The IP address here should be the Zimbra box's private ip address.

Once you've fixed these two files and restarted bind

/etc/init.d/bind9 restart

you should be able to resolve names in the outside world. Try something like "ping google.com" and if you get an answer, you're on the way.

Now it's time to get the internal zone working. Append the following lines to /etc/bind/named.conf.local

        zone "mydomain.com"  {
                type master;
                file "/etc/bind/db.mydomain.com";
        };

Note that you need to type the full pathname to your db.* file. Also, be sure you don't miss a semicolon ";" in any of these lines that have them because a missing semicolon breaks the file.

Now create your file /etc/bind/db.mydomain.com

;
; BIND data file for mydomain.com
;
$TTL    604800
@       IN      SOA     mail.mydomain.com. admin.mydomain.com. (
                         070725         ; Serial
                         604800         ; Refresh
                          86400         ; Retry
                        2419200         ; Expire
                         604800 )       ; Negative Cache TTL
;
@       IN      NS      mail
        IN      MX      10 mail
        IN      A       xxx.xxx.xxx.xxx
mail    IN      A       xxx.xxx.xxx.xxx

The ip address here is again your Zimbra internal ip address; the string "admin.mydomain.com" is replaced with the email address you are using for administration, only with a "." instead of the "@" in the address. Be careful to increment the serial number one higher every time you modify this file or the changes won't stick. Many users use the date they edit the file for the serial number, but as long as you start low and only get higher it really doesn't matter.

Now reboot the machine (restarting bind wasn't enough to work for me) and try to resolve your mail server.

nslookup mydomain.com

If it returns your public IP address, your internal DNS is not working. If things are configured correctly it'll return the internal address.

Hosts Table

Before you get to the install you also need to modify your /etc/hosts file. There are two possible structures. If you are using 4.5.7 or later, do it right:

127.0.0.1       localhost.localdomain   localhost
10.3.2.244      mail.tractor-equip.net  mail

There is a bug in 4.5.6 that required a nonstandard hosts setup to get the install to work. Most users will (obviously) be installing the latest release, but if for any reason you're installing 4.5.6 use the following format:

127.0.0.1       localhost
xxx.xxx.xxx.xxx      hostname.mydomain.com  mydomain.com       mail

ONLY IF this is working, it's now time to update your packages and install Zimbra.

Required Packages

Several discussion groups have listed the dependencies not installed by the standard Linux install, but the easy thing to do is try to run the install and let Zimbra give you a list of what's missing. I used the Zimbra 4.56 for Ubuntu package zcs-4.5.6_GA_1044.UBUNTU6.tgz, which I moved into /tmp. Go to the /tmp directory, and type

tar -xzf zc*

and it'll create a whole directory /tmp/zcs with lots of files inside it. Then:

cd /tmp/zcs
./install.sh

It's not going to work the first time, but it'll give you a list of missing dependencies. Write down all the package names it says are missing. Your list may be slightly different than mine, but whatever it is, Zimbra won't tell you that you also need perl, so be sure and load it too. Just separate each package name with a space like this:

apt-get install libidn11 curl fetchmail libpcre3 libgmp3c2 libxml2 libstdc++6 openssl perl

Now re-run your Zimbra install and accept all the defaults except:

When it asks you for your domain, it's going to have your fully-qualified domain name (hostname.mydomain.com) rather than just the domain, and probably complain about not having an MX record. Change the hostname to just mydomain.com and it'll find the names through nslookup, and it'll be happy. The rest of the install should proceed without errors, except for asking you to set your administrative user's password (option 6 and then 4).

Finally, when the install is done and it has given you the last "press Enter to finish" you need to turn on crontab for the user zimbra or your logs won't work.

crontab -u zimbra -l

Now reboot the system, and when it comes back up,give it a couple minutes to start the rest of the Zimbra processes. If your installation is successful, you can go to https://xxx.xxx.xxx.xxx:7071 (your internal ip address again) to get the administrative console, or http://xxx.xxx.xxx.xxx to log in as a user.

Congratulations--one shiny new Zimbra installation on Ubuntu!

Directory Permissions on /tmp

It is possible if the /tmp directory does not have the correct permissions it could hinder your efforts to install ZCS.

Make sure the /tmp directory has the following permissions.

drwxrwxrwt root root  /tmp

If your /tmp permissions do not match the above, run the following commands as root:

# chown root:root /tmp **Optional, good chance /tmp is already owned by root**
# chmod 777 /tmp
# chmod +t /tmp


The t in the end of the permissions is called the sticky bit. It replaces the x and indicates that in this directory files can only be deleted by their owners, the owner of the directory, or the root superuser. This way it is not enough for a user to have write permission on /tmp -- he also needs to be the owner of the file to be able to delete it.

Sending Mail from Terminal

In some situations, it is necessary for monitoring scripts or cron jobs to send mail to users on the system. On any Unix installations, this is done with the 'mail' command. The default Ubuntu installation described here will not include this command. Installing the mailx package to add mail will also cause Ubuntu to add a Mail Transport Agent application to handle mail delivery. This is not a problem if there is no Zimbra Postfix MTA running on your system, but if one is present then the new MTA could interfere with the Zimbra MTA and will disrupt mail routing. To safely add 'mail' and the associated package, you will need to do the following:

wget http://ubuntu.lnix.net/misc/mta-dummy/mta-dummy_1.0_all.deb 
dpkg -i mta-dummy_1.0_all.deb
apt-get install mailx
Add the following to /etc/mail.rc:
 set sendmail=/opt/zimbra/postfix/sbin/sendmail

When this is done, test it by running:

mail <user>@<yourdomain>

Enter a subject and body, using '.' on a blank line to end the message. When you have sent it, check /var/log/zimbra.log to confirm that the message has been processed correctly.

If you have a multi-node Zimbra system and the server you are installing mailx on does not run an MTA, you can let it install Postfix, and during configuration specify a dedicated relay server, which you should set to one of your existing Zimbra MTA hosts.

Verified Against: Ubuntu 6.06, ZCS 4.5.10 Date Created: 8/9/2007
Article ID: http://wiki.zimbra.com/index.php?title=Ubuntu_6.06_Server_(Dapper_Drake)_Beginner%27s_Install_Guide Date Modified: 04/16/2010
Personal tools