Difference between revisions of "Building Zimbra on Gentoo"

(Adding categories)
(Installing Zimbra on Gentoo using the provided Debian package)
Line 1: Line 1:
==Installing Zimbra on Gentoo using the provided Debian package==
+
Here's a howto that will get Zimbra going on a Gentoo install. This method basically leverages debootstrap to get a bare debain sarge install in a chroot environment.  The open source zimbra 4.5 package for Debian can then be installed. This is working on Gentoo 2006.1 kernel 2.6.17-gentoo-r5. But you shouldn't have any issues running it on older versions. At first this may seem like extra work and a waste of resources, but to the contrary running Zimbra in a chroot is a pretty good idea.  People have been hosting chroot jails on *BSD's  to run various internet services for quite some time. This can add a level of protection for the host system.  I.e. if the unthinkable happens and an attacker does find a way to gain root through the host services on your Zimbra instance, (s)he will only have access to the chroot environment.
''(Taken from http://www.elfenbeinturm.cc/2006/07/28/zimbra-on-gentoo/)''
+
 
# add dev-util/debootstrap to your /etc/portage/package.keywords
+
== Stopping Apache on Gentoo host ==
# emerge debootstrap
+
If you have a web server runing on your host Gentoo system you will need to stop it for now.  Later you can change the ports Zimbra will listen on and run your hosts web server and your zimbra webserve on the same machine.
# create the chroot environment: mkdir /zimbra
+
 
# run debootstrap: debootstrap sarge /zimbra http://ftp.debian.org/debian (If you are on amd64 you will need to use debootstrap --arch i386 sarge /zimbra http://ftp.debian.org/debian so that it knows which architecture to bootstrap onto your machine)
+
 
# mount proc, dev and sys
+
:<tt># /ect/ini.d/apache2 stop</tt>
#* mount -o bind /proc /zimbra/proc
+
:<tt># rc-update delete apahce2</tt>
#* mount -o bind /sys /zimbra/sys
+
 
#* mount -o bind /dev /zimbra/dev
+
 
#* mount -o bind /dev/pts /zimbra/dev/pts
+
== Installing Zimbra in a Gentoo chroot ==
#* mount -o bind /dev/shm /zimbra/dev/shm
+
 
# chroot to the debian environment: chroot /zimbra
+
''(Some of this was taken from http://www.elfenbeinturm.cc/2006/07/28/zimbra-on-gentoo/)''
# Set a root password
+
 
# Adjust your /etc/hosts and /etc/hostname
+
 
# Edit your /etc/apt/apt.conf and add: APT::Cache-Limit 16777216;
+
 
# Add testing and unstable repositories to /etc/apt/sources.list ['''NOTE: it was suggested that this step is harmful; do at your own risk''']:
+
'''Emerge debootstrap'''
#* deb http://debian.tu-bs.de/debian/ testing main non-free contrib
+
:<tt># echo "dev-util/debootstrap" >> /etc/portage/package.keywords</tt>
#* deb http://debian.tu-bs.de/debian/ unstable main non-free contrib
+
:<tt># emerge debootstrap</tt>
# Update the package listing: apt-get update
+
 
# Update the system: apt-get upgrade
+
 
# Install required packages:
+
'''Create the chroot environment'''
#* apt-get install sudo libidn11 curl fetchmail libgmp3 libxml2 libstdc++6 openssl file perl libexpat1
+
:<tt># mkdir /zimbra</tt>
# Get the zimbra debian package and untar the archive
+
 
# Run ./install.sh in the newly created zcs directory and follow the instructions
+
 
# Create the init.d script (/etc/init.d/zimbra)
+
'''Run debootstrap'''
# Start the zimbra suite: /etc/init.d/zimbra start
+
:<tt># debootstrap sarge /zimbra http://ftp.debian.org/debian</tt>
 +
 
 +
If you are on amd64 you will need to use debootstrap --arch i386 sarge /zimbra http://ftp.debian.org/debian so that it knows which architecture to bootstrap onto your machine.
 +
 
 +
 
 +
'''Mount proc, dev and sys'''
 +
:<tt># mount -o bind /proc /zimbra/proc</tt>
 +
:<tt># mount -o bind /sys /zimbra/sys</tt>
 +
:<tt># mount -o bind /dev /zimbra/dev</tt>
 +
:<tt># mount -o bind /dev/pts /zimbra/dev/pts</tt>
 +
:<tt># mount -o bind /dev/shm /zimbra/dev/shm</tt>
 +
 
 +
 
 +
'''Chroot to the debian environment'''
 +
:<tt># chroot /zimbra</tt>
 +
 
 +
 
 +
'''Set a root password'''
 +
:<tt># passwd</tt>
 +
 
 +
 
 +
'''Adjust your hosts and hostname files'''
 +
:<tt># nano -w /etc/hosts</tt>
 +
:<tt># nano -w /etc/hostname</tt>
 +
 
 +
 
 +
'''Add cache limit to apt.conf'''
 +
:<tt># echo "APT::Cache-Limit 16777216" >> /etc/apt/apt.conf</tt>
 +
 
 +
 
 +
'''Tell apt where to get all the repositories'''  
 +
 
 +
This will execute an ncurses menu prompting you to choose a debian mirror pick http or ftp and select a (hopefully) fast mirror:
 +
 
 +
:<tt># apt-setup</tt>
 +
 
 +
 
 +
'''Update the package listing'''
 +
:<tt># apt-get update</tt>
 +
 
 +
 
 +
'''Install some packages that we will need'''
 +
:<tt># apt-get install sshd wget sudo libidn11 curl fetchmail libgmp3 libxml2 libstdc++6 openssl file perl libexpat1</tt>
 +
 
 +
 
 +
'''Get the zimbra debian package and untar the archive'''
 +
:<tt># CD ~</tt>
 +
:<tt># wget http://files.zimbra.com/downloads/4.5.10_GA/zcs-4.5.10_GA_1575.DEBIAN3.1.tgz</tt>
 +
:<tt># tar -xvzf zcs-4.5.10_GA_1575.DEBIAN3.1.tgz</tt>
 +
 
 +
 
 +
'''Run install script in the newly created zcs directory'''
 +
:<tt># cd zcs</tt>
 +
:<tt># ./install.sh</tt>
 +
 
 +
Follow the instructions. See the Zimbra documentation for help.
 +
 
 +
 
 +
'''Configure sshd to run on a different port inside the chroot:'''
 +
 
 +
sshd running on the Gentoo host is one of those conflicting services mentioned earlier. It will hinder Zimbra's ability to monitor queues from the management console. So let's fix it:
 +
 
 +
:<tt># nano -w /etc/ssh/sshd_config </tt>
 +
 
 +
Find the line that reads:
 +
 
 +
:<tt>port 22</tt>
 +
 
 +
and change it to:
 +
 +
:<tt>port 23</tt>
 +
 
 +
 
 +
'''Start sshd'''
 +
:<tt># /etc/init.d/sshd start</tt>
 +
 
 +
 
 +
'''Test your Zimbra install'''
 +
:<tt># su - zimbra</tt>
 +
:<tt>$ zmcontrol start</tt>
 +
 
 +
 
 +
== Creating the init scripts ==
 +
It would be nice to get zimbra to start at boot in the default run level.  This requires an init script.  Some of the init scripts for this floating around are a little rough, having job control issues while piping to the chroot command in the init shell. To avoid this we'll generate 3 scripts.  Two scripts will live inside the chroot environment and will start and stop Zimbra. And one will be a gentoo init script that passes control to these scripts at the right time.
 +
 
 +
 
 +
'''Exit chroot and create the gentoo init.d script'''
 +
:<tt>$ exit && exit</tt>
 +
:<tt># nano -w /etc/init.d/zimbra</tt>
 +
 
 +
:append init.d script from below
 +
 
 +
 
 +
'''Create zimbra_start.sh'''
 +
:<tt># nano -w /zimbra/usr/sbin/zimbra_start.sh</tt>
 +
 
 +
:append zimbra_start.sh script from below
 +
 
 +
 
 +
'''Create zimbra_stop.sh'''
 +
:<tt># nano -w /zimbra/usr/sbin/zimbra_stop.sh</tt>
 +
 
 +
:append zimbra_stop.sh script from below
 +
 
 +
 
 +
'''Make the scripts executable'''
 +
:<tt># chmod +x /etc/init.d/zimbra</tt>
 +
:<tt># chmod +x /zimbra/usr/sbin/zimbra_start.sh</tt>
 +
:<tt># chmod +x /zimbra/usr/sbin/zimbra_stop.sh</tt>
 +
 
 +
 
 +
'''Test the init script'''
 +
:<tt># /etc/init.d/zimbra stop</tt>
 +
:<tt># /etc/init.d/zimbra start</tt>
 +
 
 +
 
 +
'''Add it to the default run level'''
 +
:<tt># rc-update add zimbra default</tt>
 +
 
 +
 
 +
Now you should have a functioning Zimbra system installed in a chroot that you can manage from the host gentoo
 +
system at boot or otherwise.  If you were running a web server on your host gentoo system you will need to configure Zimbra to listen on different port for web and ssl (try 81 and 1443).  Search the zimbra forums there is some documentation for this alrady in place.  You will then be able to cofigure a named based vitual host to link from you gentoo hosted site to zimbra.
  
 
== init.d script ==
 
== init.d script ==

Revision as of 22:29, 13 December 2007

Here's a howto that will get Zimbra going on a Gentoo install. This method basically leverages debootstrap to get a bare debain sarge install in a chroot environment. The open source zimbra 4.5 package for Debian can then be installed. This is working on Gentoo 2006.1 kernel 2.6.17-gentoo-r5. But you shouldn't have any issues running it on older versions. At first this may seem like extra work and a waste of resources, but to the contrary running Zimbra in a chroot is a pretty good idea. People have been hosting chroot jails on *BSD's to run various internet services for quite some time. This can add a level of protection for the host system. I.e. if the unthinkable happens and an attacker does find a way to gain root through the host services on your Zimbra instance, (s)he will only have access to the chroot environment.

Stopping Apache on Gentoo host

If you have a web server runing on your host Gentoo system you will need to stop it for now. Later you can change the ports Zimbra will listen on and run your hosts web server and your zimbra webserve on the same machine.


# /ect/ini.d/apache2 stop
# rc-update delete apahce2


Installing Zimbra in a Gentoo chroot

(Some of this was taken from http://www.elfenbeinturm.cc/2006/07/28/zimbra-on-gentoo/)


Emerge debootstrap

# echo "dev-util/debootstrap" >> /etc/portage/package.keywords
# emerge debootstrap


Create the chroot environment

# mkdir /zimbra


Run debootstrap

# debootstrap sarge /zimbra http://ftp.debian.org/debian

If you are on amd64 you will need to use debootstrap --arch i386 sarge /zimbra http://ftp.debian.org/debian so that it knows which architecture to bootstrap onto your machine.


Mount proc, dev and sys

# mount -o bind /proc /zimbra/proc
# mount -o bind /sys /zimbra/sys
# mount -o bind /dev /zimbra/dev
# mount -o bind /dev/pts /zimbra/dev/pts
# mount -o bind /dev/shm /zimbra/dev/shm


Chroot to the debian environment

# chroot /zimbra


Set a root password

# passwd


Adjust your hosts and hostname files

# nano -w /etc/hosts
# nano -w /etc/hostname


Add cache limit to apt.conf

# echo "APT::Cache-Limit 16777216" >> /etc/apt/apt.conf


Tell apt where to get all the repositories

This will execute an ncurses menu prompting you to choose a debian mirror pick http or ftp and select a (hopefully) fast mirror:

# apt-setup


Update the package listing

# apt-get update


Install some packages that we will need

# apt-get install sshd wget sudo libidn11 curl fetchmail libgmp3 libxml2 libstdc++6 openssl file perl libexpat1


Get the zimbra debian package and untar the archive

# CD ~
# wget http://files.zimbra.com/downloads/4.5.10_GA/zcs-4.5.10_GA_1575.DEBIAN3.1.tgz
# tar -xvzf zcs-4.5.10_GA_1575.DEBIAN3.1.tgz


Run install script in the newly created zcs directory

# cd zcs
# ./install.sh

Follow the instructions. See the Zimbra documentation for help.


Configure sshd to run on a different port inside the chroot:

sshd running on the Gentoo host is one of those conflicting services mentioned earlier. It will hinder Zimbra's ability to monitor queues from the management console. So let's fix it:

# nano -w /etc/ssh/sshd_config

Find the line that reads:

port 22

and change it to:

port 23


Start sshd

# /etc/init.d/sshd start


Test your Zimbra install

# su - zimbra
$ zmcontrol start


Creating the init scripts

It would be nice to get zimbra to start at boot in the default run level. This requires an init script. Some of the init scripts for this floating around are a little rough, having job control issues while piping to the chroot command in the init shell. To avoid this we'll generate 3 scripts. Two scripts will live inside the chroot environment and will start and stop Zimbra. And one will be a gentoo init script that passes control to these scripts at the right time.


Exit chroot and create the gentoo init.d script

$ exit && exit
# nano -w /etc/init.d/zimbra
append init.d script from below


Create zimbra_start.sh

# nano -w /zimbra/usr/sbin/zimbra_start.sh
append zimbra_start.sh script from below


Create zimbra_stop.sh

# nano -w /zimbra/usr/sbin/zimbra_stop.sh
append zimbra_stop.sh script from below


Make the scripts executable

# chmod +x /etc/init.d/zimbra
# chmod +x /zimbra/usr/sbin/zimbra_start.sh
# chmod +x /zimbra/usr/sbin/zimbra_stop.sh


Test the init script

# /etc/init.d/zimbra stop
# /etc/init.d/zimbra start


Add it to the default run level

# rc-update add zimbra default


Now you should have a functioning Zimbra system installed in a chroot that you can manage from the host gentoo system at boot or otherwise. If you were running a web server on your host gentoo system you will need to configure Zimbra to listen on different port for web and ssl (try 81 and 1443). Search the zimbra forums there is some documentation for this alrady in place. You will then be able to cofigure a named based vitual host to link from you gentoo hosted site to zimbra.

init.d script

#!/sbin/runscript

depend() {
    need net
    after portmap
    after iptables
    after dnsmasq
}

start() {

chroot="/Zimbra"
bind_directories="proc dev dev/pts dev/shm sys"

for directory in $bind_directories ; do
 mount --bind /$directory $chroot/$directory
done

echo "rm -rf /var/run/*.pid" | chroot $chroot
echo "/etc/init.d/cron start" | chroot $chroot
echo "/etc/init.d/sysklogd start" | chroot $chroot
echo 'su - zimbra -c "/opt/zimbra/bin/zmcontrol start"' | chroot $chroot

}

stop() {

chroot="/Zimbra"

echo 'su - zimbra -c "/opt/zimbra/bin/zmcontrol stop"' | chroot $chroot
echo "/etc/init.d/cron stop" | chroot $chroot
echo "/etc/init.d/sysklogd stop" | chroot $chroot

bind_directories="proc dev/pts dev/shm dev sys"

for directory in $bind_directories ; do
  umount $chroot/$directory
done
} 

Your debian environment needs less than 200 MB (without zimbra) which isn’t too much overhead.

Building Zimbra from source on Gentoo

(needs to be documented)

Jump to: navigation, search