Installing Zimbra on VServer

Revision as of 03:56, 4 December 2006 by Marlow (talk | contribs) (hosts format needs to be [ip] [fqdn] [hostname], or else zimbra will complain)

Installation on VServer

These instructions are specifically for Debian VServers, but should be able to be applied to just about any system

WARNING - Upgrading Zimbra will overwrite all of these files - you must patch them after installing and each upgrade.

Debian and VServers

Gotchas

Prerequisites

A base Debian vserver doesn't have a "file" utility installed by default. This is needed by amavis. The installer will fail, if getopt isn't installed, for this you need "libgetopt-mixed-perl". Apache and Tomcat will fail, as the base vserver doesn't have "libexpat1" installed. Install it by typing:

apt-get install file libexpat1 libgetopt-mixed-perl

Matter of fact, all packages required for installing Zimbra are:

apt-get install libgetopt-mixed-perl file libc6-i686 sudo libidn11 curl fetchmail libgmp3 \
    libxml2 libstdc++6 openssl libexpat1

/etc/hosts

Make sure you have a localhost entry and also an entry with your primary IP. For example:

127.0.0.1   localhost.localdomain localhost
1.2.3.4     mail.somehost.zimbra mail

I have also changed localhost to point at my RFC1918 internal address (bound to eth1, not lo0) in /etc/hosts, but I am not sure if this is required to make it work. --mathx

localhost

The Zimbra logger process doesn't seem to startup. "zmcontrol status" on my system shows:

vserver:~# /opt/zimbra/bin/zmcontrol status
Host vserver.somedomain
        antispam                Stopped
        antivirus               Stopped
        ldap                    Running
        logger                  Stopped
        mailbox                 Stopped
        mta                     Stopped
        snmp                    Stopped
        spell                   Running
vserver:~#


The logger uses MySQL. I'm guessing there is some problem with privileges and/or connecting to localhost in the "mysql" database. Just a hunch though.

I installed Zimbra on a new VServer and the logger seemd to startup properly. "zmcontrol status" shows it running after several stops/starts. However, I'm still not getting any log data. All statistics windows say "Data not available yet.". Oh well.


Postfix

In postfix/conf/master.cf

1.2.3.4:10025 inet n  -       n       -       -  smtpd
 -o mynetworks=127.0.0.1/8,1.2.3.4

Where 1.2.3.4 is your real IP number (not 127.0.0.1). Do not forget to change the mynetworks line as well, or your AV will not be able to connect back to postfix on 10025 for final delivery.

In postfix/conf/main.cf

content_filter = smtp-amavis:[1.2.3.4]:10024

Recently you also have to change zmmta.conf in /opt/zimbra/conf

POSTCONF content_filter smtp-amavis:[203.18.242.10]:10024

or your changes will keep getting overwritten.

Security limits (SuSE OSS 10.0 vserver)

Edit /etc/security/limits.conf and comment the last two lines - otherwise the su command won't work and the installation will fail.

# End of file
#zimbra soft nofile 10000
#zimbra hard nofile 10000

Rerun /opt/zimbra/libexec/zmsetup.pl to complete the setup.

Amavis

Edit /opt/zimbra/amavisd/sbin/amavisd (main Perl script) and explicitly add the IP address of the Zimbra VServer to the "inet_acl" line. I.e:

@inet_acl   = qw( 127.0.0.1 123.123.123.123 [::1] );  # allow SMTP access only from localhost

Postfix should then be able to talk to Amavis...

You may also need to change BIND address and the two services back to postfix (10025 port). Basically look for 127.0.0.1. (?? This line is overly vague, refine please --mathx)

Additional changes likely required in /opt/zimbra/amavisd/sbin/amavisd (perl script):

change

$inet_socket_bind = '127.0.0.1';  # limit socket bind to loopback interface

to

$inet_socket_bind = '10.11.12.5';  # no loopback in vserver, use rfc1918 internal ip bound to your vserver

also few lines down:

$notify_method  = 'smtp:[127.0.0.1]:10025';   # change these to also match your internal
$forward_method = 'smtp:[127.0.0.1]:10025';   # rfc 1918 ip addr (can use inet ip, but not recommended)

A bunch of filters in /opt/zimbra/conf/amavisd.conf also need updating from 127.0.0.1:(port) to whatever IP you are using (though many in the default file are commented out, I think I found 3 in the default zimbra amavisd install that needed changing.)

Additionally the local MX for /opt/zimbra/conf/dspam.conf needs changing as well.

Vserver /tmp size

My install of Zimbra wouldn't start clamd with my default debian 16m of /tmp ramdisk space in my vserver. I had to edit /etc/vservers/(name)/fstab and increase it to 128m (though smaller may work, I didnt test), and restart the vserver. 128m lets it start anyway, not sure if I'll run out during operations. --mathx

Jump to: navigation, search