====== Installing NAV on RedHat Enterprise Linux 4 ====== * Mostly maintained by Roger Aas at Stord/Haugesund University College. ### ### NAV 3 installation ### ### for CentOS 4 or Red Hat Enterprise Linux 4 Advanced Server ### ### Roger Aas, Stord/Haugesund University College ### ### ### 27.07.2007: ### - Tested for RHEL4 Update 5 ### - No need to make ~/.gnupg anymore ### - Included a patch for forgetSQL-0.5.1 ### - Fixed smsd.py setup, now sends SMSes again ### - Big rewrite mainly because of this fix ### 12.07.2007: ### - Updated for NAV 3.2.2 ### - Tested for CentOS 4.5 ### - Updated seven packages: ### - Java 1.5.0_11 -> 1.5.0_12 ### - SNMP_Session 1.08 -> 1.10 ### - CGI.pm 3.25 -> 3.29 ### - IPy 0.52 -> 0.54 ### - JavaSNMP 1.4.1 -> 1.4.2 ### - gammu 1.08 -> 1.11 ### - tomcat 5.5.20 -> 5.5.23 ### 22.02.2007: ### - Updated for NAV 3.2.1 ### - Use the default LVM setup ### - Small change in sample firewall setup ### - Set options for Tomcat ### - Place jdbc and snmp jars in nav java folder ### - New security setup for postgresql for nav 3.2.1 ### - No in-built backup of the database ### - Updated two packages: ### - Java 1.5.0_09 -> 1.5.0_11 ### - DB_File 1.814 -> 1.815 ### 24.11.2006: ### - Fixes to make Arnold work (Thanks Kjartan@UiS) ### 23.11.2006 by Roger Aas: ### - Build Java SNMP Package from source ### - That means Java SDK instead of JRE to have Java compiler ### - Removed all the rest of the vi edits ### - Added "Site-specific" information ### - Fix database backup problem (from NAV 3.2 this goes out) ### 20.11.2006 by Roger Aas: ### - Finished update to NAV 3.1.1 ### - Tested for RHEL4 Update 4 and CentOS 4.4 ### - Removed CentOS mirror setup, not necessary anymore ### - Configured and started snmpd ### - Configured syslog to accept messages from remote hosts ### - Added sample firewall setup ### - Removed some 3.0.0 patches ### - Added simple autostart ### - Updated some packages: ### - Java 1.5.0_06 -> 1.5.0_09 ### - CGI.pm 3.15 -> 3.25 ### - IPy 0.42 -> 0.52 ### - gammu 1.04 -> 1.08 ### - tomcat 5.5.12 -> 5.5.20 ### 14.11.2006 by Morten Brekkevold: ### - Updated for NAV 3.1.1. ### - NOT TESTED ### 05.01.2006: ### - Tested for RHEL 4 Update 2 ### - Fix for pkgSkipList edit for Red Hat ### - Updated some packages: ### - Java 1.5.0_05 -> 1.5.0_06 ### - New revision of rrdtool ### - SNMP_Session 1.07 -> 1.08 ### - DB_File 1.811 -> 1.814 ### - CGI.pm 3.11 -> 3.15 ### - Cheetah 0.9.18 -> 1.0 ### - gammu 0.96 -> 1.04 ### 19.10.2005: ### - Added warning about SELinux and firewall ### - Rewrote the introduction ### 17.10.2005: ### - tested for CentOS 4.2 ### - Fixed yum repository setup for CentOS ### - Shortened it a little ### - rrdtool 1.0.50 again, this time working :-) ### 13.10.2005: ### - Backrev'ed rrdtool, new version did not include perl modules ### and that broke cricket (note to self: must test much more) ### 12.10.2005: ### - Reworked to include installation on CentOS 4.1 ### - Updated some packages, most notable Java and Tomcat ### - Easier file editing ### - More valuable(?) information :-) ### ### For feedback please contact me on the NAV3 mailing list or directly ### at # NB! # # There are a lot of site specific information that you have to put in # yourself (ip address, netmask, hostname, gateway, dns-servers, # ntp provider, smtp server, linux-logs email-address, snmp community, # ip-addresses to be allowed past firewall and so on). Make sure you have # put in all the correct information. I have added information about # this site specific information in each section header that will need it. ### ### Installation of RHEL4 or CentOS 4 ### # I have included a very basic installation of RHEL4 and CentOS 4 here. # I have selected to do a "minimal" install and rather do an up2date or yum # for the extra packages NAV needs in addition to that. That way I don't get # a lot of services running on the machine that I don't need. I use static # network configuration so the NAV3 server don't need to rely on a DHCP # server functioning. I disable SELinux. # # WARNING! If you choose to use SELinux here you MUST do some configuration # to get NAV to work. # # Site-specific: # ip-address and netmask # hostname.yourdomain.tld # gateway ip-address # dns server ip-addresses # ## Red Hat Enterprise Linux 4 AS installation: # # Boot from RHEL4AS CD1 # "Boot:", press Enter # "CD Found", select Skip # "Welcome to Red Hat Enterprise Linux AS", press Next # "Language Selection" Press Next ("English (English)" is already selected) # "Keyboard Configuration", select Norwegian and press Next (for us with that kind of keyboard) # "Disk Partitioning Setup", press Next (Already set to "Automatically partition") # "Automatic Partitioning", press Next (Already set to "Remove all partitions on this system", # "sda" and "Review (and modify if needed) the partitions created") # "Warning", press Yes # "Disk Setup", press Next # "Boot Loader Configuration", press Next # "Network Configuration" # Press Edit on eth0 # Remove "Configure using DHCP", type IP-address and mask, press OK # Type in hostname.yourdomain.tld # Type in ip-addresses for gateway and DNS servers # Press Next # "Firewall Configuration", select "No firewall", select "Disabled" on "Enable SELinux?", press Next # "Warning - No Firewall", press Proceed # "Additional Language Support", press Next # "Time Zone Selection", select "Europe/Oslo", press Next (For us living in Norway) # "Set Root Password", enter password twice, press Next # "Package Installation Defaults", Select "Customize software packages to be installed", press Next # "Package Group Selection", select "Minimal", press Next # "About to Install", press Next # "Required Install Media", press Continue # "Change CDROM", insert CD2, press OK # "Change CDROM", insert CD1, press OK # "Congratulations, the installation is complete.", remove CD1, press Reboot # ## CentOS 4 installation: # # Boot from CentOS 4 CD1 or DVD # "Boot:", press Enter # "CD Found", select Skip # "Welcome to CentOS-4 i386", press Next # "Language Selection" Press Next ("English (English)" is already selected) # "Keyboard Configuration", select Norwegian and press Next (for us with that kind of keyboard) # "Installation Type", select "Custom" and press Next # "Disk Partitioning Setup", press Next (Already set to "Automatically partition") # "Automatic Partitioning", select "Remove all partitions on this system" and press Next (Set to # "sda" and "Review (and modify if needed) the partitions created") # "Warning", press Yes # "Disk Setup", press Next # "Boot Loader Configuration", press Next # "Network Configuration" # Press Edit on eth0 # Remove "Configure using DHCP", type IP-address and mask, press OK # Type in hostname.yourdomain.tld # Type in ip-addresses for gateway and DNS servers # Press Next # "Firewall Configuration", select "No firewall", select "Disabled" on "Enable SELinux?", press Next # "Warning - No Firewall", press Proceed # "Additional Language Support", press Next # "Time Zone Selection", select "Europe/Oslo", press Next (For us living in Norway) # "Set Root Password", enter password twice, press Next # "Package Group Selection", select "Minimal", press Next # "About to Install", press Next # "Congratulations, the installation is complete.", remove CD1 or DVD, press Reboot ### ### Configure the system ### ## ## Stop some unneeded services ## chkconfig autofs off # Don't need automounting filesystems in this setup chkconfig cups off # Don't need printing directly on the NAV server chkconfig gpm off # Don't need a console mouse chkconfig mdmonitor off # No software RAID in this setup chkconfig netfs off # I will not use any Network FS in this setup chkconfig nfslock off # Same chkconfig portmap off # No RPC programs in this setup chkconfig rpcgssd off # Don't need NFSv4 in this setup chkconfig rpcidmapd off # Same chkconfig xinetd off # Will not use any services under xinet in this setup ## ## Other services that depends on the machine you use for NAV ## ## Check the syslog and other log files to see if they are needed f.ex.: ## grep apm /var/log/messages ## grep microcode /var/log/messages ## grep smart /var/log/messages ## chkconfig apmd off # Run this if your machine is not using APM (mostly laptops/or using ACPI) chkconfig cpuspeed off # Run this if the processor is not a speedstep processor (mostly laptops) chkconfig irqbalance off # Run this if you have one processor with a single core chkconfig isdn off # Run this if your machine don't have an isdn connection chkconfig microcode_ctl off # Run this if microcode is older than your BIOS/Processor microcode chkconfig openibd off # Run this if your machine don't use InfiniBand chkconfig pcmcia off # Run this if your machine don't have any PCMCIA ports chkconfig smartd off # Run this if your HD is not SMART capable ## ## RHEL4/CentOS4 should use only IPV4 by default (/etc/sysconfig/network ## have a setting called NETWORKING_IPV6 that is "no" by default). But ## still some applications connect to IPV6 addresses and the IPV6 kernel ## module is autoloaded. We are still not using IPV6 in the college and ## I am not ready to look into setting this up in a functioning way so ## instead I disable IPV6 in this way: ## # Remove IPV6 from RHEL4/CentOS4 echo "alias net-pf-10 off" >>/etc/modprobe.conf ## ## Import RPM Key ## gpg --import /usr/share/rhn/RPM-GPG-KEY rpm --import /usr/share/rhn/RPM-GPG-KEY ## ## Start RHEL4 only - up2date: ## # I want up2date to install new kernels sed -e 's/pkgSkipList=kernel\*/pkgSkipList=/' -i /etc/sysconfig/rhn/up2date # Register with RHN rhn_register # Check available updates up2date -l # Install updates up2date -u ## ## End RHEL4 only ## ## ## Start CentOS4 only - yum: ## # Newer versions of CentOS finds the nearest mirror. No need # to set up local mirrors yourself. # Check available updates yum check-update # Install updates yum -y update # If you want you can make CentOS update itself nightly chkconfig yum on ## ## End CentOS4 only ## ## ## Make a local user ## # # Site-specific: # "John Doe" # nn # useradd -c "John Doe" nn passwd nn ## ## Configure ssh ## # # Site-specific: # nn # # - Disable X11 forwarding # - Only allow protocol 2 # - Don't allow root logins # - Select which account(s) can log in # - Lower some time limits sed -e 's/^X11Forwarding/#X11Forwarding/' -i /etc/ssh/sshd_config cat << EOF >>/etc/ssh/sshd_config Protocol 2 PermitRootLogin no AllowUsers nn LoginGraceTime 20 MaxStartups 5 EOF ## ## Install and configure ntp ## # # Site-specific: # yourntpsource # # RHEL4: up2date ntp # CentOS4: yum -y install ntp # Enter your ntp source sed \ -e 's/^server 0.pool.ntp.org/server yourntpsource/' \ -e '/server 1.pool.ntp.org/d' \ -e '/server 2.pool.ntp.org/d' \ -i /etc/ntp.conf # First set the clock directly. The ntp daemon (ntpd) will not sync if time diff is too high. ntpdate yourntpsource # Start ntpd on reboot chkconfig ntpd on # Start the ntp daemon now service ntpd start # Run this command after some time. A * in front of the ntp server means it is synced. ntpq -p ## ## Install sendmail-cf and configure sendmail: ## # # Site-specific: # yoursmtpserver.yourdomain.tld # yourlogemail@yourdomain.tld # # We use a SMART_HOST server that we want the mail to go through. # And I set up root's email to go to a specified email address. # RHEL4: up2date sendmail-cf # CentOS4: yum -y install sendmail-cf # Edit the sendmail config file cd /etc/mail sed -e '/SMART_HOST/s/dnl //' -e 's/smtp.your.provider/yoursmtpserver.yourdomain.tld/' -i sendmail.mc make -C /etc/mail cd echo "root: yourlogemail@yourdomain.tld" >>/etc/aliases newaliases service sendmail restart ## ## Install net-snmp and configure snmpd ## # # Site-specific: # yoursnmpcommunity # YourPlace # You # # RHEL4: up2date net-snmp net-snmp-utils # CentOS4: yum -y install net-snmp net-snmp-utils # Edit the snmpd config file cat << EOF >/etc/snmp/snmpd.conf com2sec snmpuser default yoursnmpcommunity group snmpgroup v1 snmpuser group snmpgroup v2c snmpuser view allsnmpview included .1 access snmpgroup "" any noauth exact allsnmpview none none syslocation YourPlace syscontact You EOF chkconfig snmpd on service snmpd start ## ## Configure syslog to accept syslog messages from other hosts ## sed -e '/SYSLOGD_OPTIONS/s/m 0/m 0 -r/' -i /etc/sysconfig/syslog service syslog restart ## ## Configure the firewall ## ## Here I have added a sample firewall setup ## ## Site-specific: ## ## To use this you will have to enter the hosts that you want to have ## access to the web-server and the hosts that needs ssh access to NAV. ## In addition you can give access to NMS servers that need snmp-access ## and servers that need syslog access. You can define this with either ## a single host (158.37.22.2) or a subnet (158.37.22.0/24) or have ## several lines - both single hosts and subnets. If you need help in ## setting this up for your situation send me an email. ## Beware: Setting it up this way means you can not use the program ## system-config-network to set up the firewall. It will overwrite this ## file. # Create an iptables file cat << EOF >/etc/sysconfig/iptables *mangle COMMIT *nat COMMIT *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] # # Accept established and related packets # -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT # # Accept packets to loopback # -A INPUT -i lo -j ACCEPT # # Accept ping packets but rate-limit them # -A INPUT -m limit -p icmp --icmp-type echo-request --limit 1/s -j ACCEPT # # Accept SSH from specified addresses (EDIT THIS ONE) # -A INPUT -s 158.37.22.0/24 -p tcp --dport 22 -j ACCEPT # # Accept HTTP/HTTPS from specified addresses (EDIT THIS ONE) # -A INPUT -s 158.37.22.0/24 -p tcp --dport 80 -j ACCEPT -A INPUT -s 158.37.22.0/24 -p tcp --dport 443 -j ACCEPT # # Accept SNMP from NMS'es (EDIT THIS ONE) # -A INPUT -s 158.37.22.2 -p udp --dport 161 -j ACCEPT # # Accept syslog from specified addresses (EDIT THIS ONE) # -A INPUT -s 158.37.22.2 -p udp --dport 514 -j ACCEPT # # If you want to access the database from some other machine # remove the remark from this line and edit the source ip. # You will also have to edit the postgresql config file pg_hba.conf # #-A INPUT -s 158.37.22.2 -p tcp --dport 5432 -j ACCEPT # # Accept new, established and related packets to leave server # -A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT COMMIT EOF # Set right permissions on the file chmod 600 /etc/sysconfig/iptables # Start firewall chkconfig iptables on service iptables start ## ## Time to reboot the server ## shutdown -r 0 ## ## Log in with your new user and become root ## Root access is needed for installing and configuring NAV ## su - ## ## Install and configure Apache, mod_ssl, mod_python and php: ## # # Site-specific: # Certificate: # Country Name # State or Province Name # Locality Name # Organization Name # Organizational Unit Name # Common Name (hostname.yourdomain.tld) # Email Address (webmaster@yourdomain.tld) # Apache config: # ServerAdmin (webmaster@yourdomain.tld) # ServerName (hostname.yourdomain.tld) # SSL config: # hostname.yourdomain.tld # # RHEL4: up2date httpd mod_ssl mod_python php # + curl apr apr-util distcache httpd-suexec libidn php-pear # CentOS4: yum -y install httpd mod_ssl mod_python php # + curl apr apr-util distcache httpd-suexec libidn php-pear # Remove autocreated cert and make a new certificate. rm -f /etc/httpd/conf/ssl.crt/server.crt rm -f /etc/httpd/conf/ssl.key/server.key openssl genrsa 1024 >/etc/httpd/conf/ssl.key/server.key chmod go-rwx /etc/httpd/conf/ssl.key/server.key # I install a self-signed certificate valid for 10 years. # I guess NAV4 should be out before that... :-) # Enter your own data in the cert creation. openssl req -new -key /etc/httpd/conf/ssl.key/server.key \ -x509 -days 3652 -out /etc/httpd/conf/ssl.crt/server.crt NO Rogaland Haugesund Stord/Haugesund College hostname.yourdomain.tld webmaster@yourdomain.tld chmod go-rwx /etc/httpd/conf/ssl.crt/server.crt # Enable httpd to start on boot chkconfig httpd on # Configure Apache according with the example conf from # the NAV3 distribution. # Edit the httpd config file sed \ -e '/^StartServers/s/8/5/' \ -e '/^MaxSpareServers/s/20/ 8/' \ -e '/^ServerAdmin/s/root@localhost/webmaster@yourdomain.tld/' \ -e 's/^#ServerName new.host.name/ServerName hostname.yourdomain.tld/' \ -e '/^DocumentRoot/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \ -e '/^>/etc/httpd/conf.d/ssl.conf RewriteEngine on RewriteLog logs/rewrite.log # We make sure the full host name is always used, so that cookies are # always valid through internal redirects on the NAV website. RewriteCond %{HTTP_HOST} !^hostname.yourdomain.tld\$ RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301] # We force the client to use the SSL server for security. RewriteCond %{HTTPS} !^on\$ RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301] EOF ## ## Install some more needed packages that is included with RHEL4/CentOS4 ## # RHEL4: up2date gcc # + cpp glibc-devel glibc-headers glibc-kernheaders up2date postgresql postgresql-server postgresql-jdbc php-pgsql # + postgresql-libs up2date postgresql-devel # Checked out, psycopg needs it to compile up2date mx # Checked out, psycopg needs it to compile up2date python-devel # Checked out, psycopg needs it to compile up2date perl-DBI # Checked out, AlertEngine needs it [Engine.pm] up2date perl-DBD-Pg # Checked out, AlertEngine needs it up2date perl-libwww-perl # Cricket needs it? + perl-HTML-Parser perl-URI perl-HTML-Tagset up2date db4-devel # Checked out, DB_File needs it to compile up2date mysql # Checked out, gammu needs it to install up2date samba-client # Arnold uses nmblookup up2date pkgconfig # python-gammu needs it to install # CentOS4: yum -y install gcc # + cpp glibc-devel glibc-headers glibc-kernheaders yum -y install postgresql postgresql-server postgresql-jdbc php-pgsql # + postgresql-libs yum -y install postgresql-devel # Checked out, psycopg needs it to compile yum -y install mx # Checked out, psycopg needs it to compile yum -y install python-devel # Checked out, psycopg needs it to compile yum -y install perl-DBI # Checked out, AlertEngine needs it [Engine.pm] yum -y install perl-DBD-Pg # Checked out, AlertEngine needs it yum -y install perl-libwww-perl # Cricket needs it? + perl-HTML-Parser perl-URI perl-HTML-Tagset yum -y install db4-devel # Checked out, DB_File needs it to compile yum -y install mysql # Checked out, gammu needs it to install yum -y install samba-client # Arnold uses nmblookup yum -y install pkgconfig # python-gammu needs it to install ### ### Install and configure NAV and dependencies ### ## ## Make source dir ## mkdir ~/nav3 cd ~/nav3 ## ## Install NAV rpm made by Alexander Krapivin of OILspace Inc., UK ## wget http://ans.hsh.no/home/roger/nav3/nav-3.2.2-1.noarch.rpm rpm -ivh --nodeps nav-3.2.2-1.noarch.rpm ## ## Download NAV source tar and extract patches ## wget http://ans.hsh.no/home/roger/nav3/nav-3.2.2.tar.gz tar xvzf nav-3.2.2.tar.gz nav-3.2.2/contrib/patches/ ## ## Install Java Developer Kit ## wget http://ans.hsh.no/home/roger/nav3/jdk-1_5_0_12-linux-i586-rpm.bin chmod 755 jdk-1_5_0_12-linux-i586-rpm.bin ./jdk-1_5_0_12-linux-i586-rpm.bin yes ## ## Install Tomcat ## wget http://ans.hsh.no/home/roger/nav3/apache-tomcat-5.5.23.tar.gz tar --extract --verbose --ungzip --file apache-tomcat-5.5.23.tar.gz --directory /usr/local ## ## Install Java SNMP Package ## mkdir JavaSNMP cd JavaSNMP wget http://ans.hsh.no/home/roger/nav3/source_1.4.2.zip unzip source_1.4.2.zip export PATH=$PATH:/usr/java/jdk1.5.0_12/bin make SNMPPackage cp snmp.jar /usr/local/nav/lib/java cd .. ## ## Use GPG-key for installing RPMs from Dag Wieers ## wget http://ans.hsh.no/home/roger/nav3/RPM-GPG-KEY.dag.txt gpg --import RPM-GPG-KEY.dag.txt rpm --import RPM-GPG-KEY.dag.txt ## ## Install gammu ## wget http://ans.hsh.no/home/roger/nav3/gammu-1.11.0-1.el4.rf.i386.rpm rpm -ivh gammu-1.11.0-1.el4.rf.i386.rpm wget http://ans.hsh.no/home/roger/nav3/gammu-devel-1.11.0-1.el4.rf.i386.rpm rpm -ivh gammu-devel-1.11.0-1.el4.rf.i386.rpm ## ## Install rrdtool version 1.0 (1.2 is not supported in py-rrdtool) ## wget http://ans.hsh.no/home/roger/nav3/rrdtool-1.0.50-3.el4.rf.i386.rpm rpm -ivh rrdtool-1.0.50-3.el4.rf.i386.rpm wget http://ans.hsh.no/home/roger/nav3/perl-rrdtool-1.0.50-3.el4.rf.i386.rpm rpm -ivh perl-rrdtool-1.0.50-3.el4.rf.i386.rpm wget http://ans.hsh.no/home/roger/nav3/rrdtool-devel-1.0.50-3.el4.rf.i386.rpm rpm -ivh rrdtool-devel-1.0.50-3.el4.rf.i386.rpm ## ## Perl module installations ## # Checked out, cricket/compile needs it wget http://ans.hsh.no/home/roger/nav3/perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm rpm -ivh perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm # Checked out, cricket/compile needs it wget http://ans.hsh.no/home/roger/nav3/SNMP_Session-1.10.tar.gz tar xvzf SNMP_Session-1.10.tar.gz cd SNMP_Session-1.10 perl Makefile.PL make make install cd .. # MD5 CPAN Perl module wget http://ans.hsh.no/home/roger/nav3/MD5-2.03.tar.gz tar xvzf MD5-2.03.tar.gz cd MD5-2.03 perl Makefile.PL make make install cd .. # Checked out, cricket/compile needs it wget http://ans.hsh.no/home/roger/nav3/DB_File-1.815.tar.gz tar xvzf DB_File-1.815.tar.gz cd DB_File-1.815 perl Makefile.PL make make install cd .. # CGI CPAN Perl module wget http://ans.hsh.no/home/roger/nav3/CGI.pm-3.29.tar.gz tar xvzf CGI.pm-3.29.tar.gz cd CGI.pm-3.29 perl Makefile.PL make make install cd .. # Checked out, bin/makecricketconfig.pl needs it wget http://ans.hsh.no/home/roger/nav3/pgsql_perl5-1.9.0.tar.gz tar xvzf pgsql_perl5-1.9.0.tar.gz cd pgsql_perl5-1.9.0 export POSTGRES_INCLUDE=/usr/include/pgsql POSTGRES_LIB=/usr/lib/pgsql perl Makefile.PL make make install unset POSTGRES_INCLUDE POSTGRES_LIB cd .. ## ## Python module installations ## # wget http://ans.hsh.no/home/roger/nav3/psycopg-1.1.21.tar.gz tar xvzf psycopg-1.1.21.tar.gz cd psycopg-1.1.21 ./configure \ --with-postgres-includes=/usr/include/pgsql/server \ --with-mxdatetime-includes=/usr/lib/python2.3/site-packages/mx/DateTime/mxDateTime make make install cd .. # Checked out, machinetracker.py needs it wget http://ans.hsh.no/home/roger/nav3/IPy-0.54.tar.gz tar xvzf IPy-0.54.tar.gz cd IPy-0.54 python setup.py install cd .. # Checked out, servicemon needs it wget http://ans.hsh.no/home/roger/nav3/py-rrdtool-0.2.1.tar.gz tar xvzf py-rrdtool-0.2.1.tar.gz cd py-rrdtool-0.2.1 python setup.py install cd .. # Needs version 2 of pysnmp wget http://ans.hsh.no/home/roger/nav3/pysnmp-2.0.9.tar.gz tar xvzf pysnmp-2.0.9.tar.gz cd pysnmp-2.0.9 python setup.py install cd .. # Checked out wget http://ans.hsh.no/home/roger/nav3/Cheetah-1.0.tar.gz tar xvzf Cheetah-1.0.tar.gz cd Cheetah-1.0 python setup.py install cd .. # wget http://ans.hsh.no/home/roger/nav3/forgethtml-cvs-2004-10-21.tar.gz tar xvzf forgethtml-cvs-2004-10-21.tar.gz cd forgethtml python setup.py install cd .. # thresholdMon.py wget http://ans.hsh.no/home/roger/nav3/forgetSQL-0.5.1.tar.gz tar xvzf forgetSQL-0.5.1.tar.gz # Patch it with patch from NAV source cp nav-3.2.2/contrib/patches/forgetSQL-0.5.1.patch forgetSQL-0.5.1/lib cd forgetSQL-0.5.1/lib patch /etc/profile.d/nav_environ.sh JAVA_HOME=/usr/java/jdk1.5.0_12 PATH=\$PATH:\$JAVA_HOME/jre/bin export JAVA_HOME CATALINA_OPTS="-Djava.awt.headless=true -Xmx128M -server -Djava.ext.dirs=/usr/local/nav/lib/java" export CATALINA_OPTS EOF chmod 755 /etc/profile.d/nav_environ.sh ## ## Link in the JDBC driver ## ln -s /usr/share/java/pg74.215.jdbc3.jar /usr/local/nav/lib/java ## ## Link in some NAV Perl scripts into the Perl library ## ln -s /usr/local/nav/lib/perl/NAV.pm /usr/lib/perl5/site_perl/5.8.5 ln -s /usr/local/nav/lib/perl/NAV /usr/lib/perl5/site_perl/5.8.5 ln -s /usr/local/nav/lib/perl/NetAddr /usr/lib/perl5/site_perl/5.8.5 ## ## Append to Python the path to NAV python scripts ## cat << EOF > /usr/lib/python2.3/site-packages/sitecustomize.py import sys sys.path.append('/usr/local/nav/lib/python') EOF ## ## Configure gammu ## # # Site-specific: # /etc/gammurc config # YourMobileNumber # # First you have to edit the /etc/gammurc file to support your mobile phone # I use a Nokia 6310i with a DLR3 cable connected to the serial port on the # computer so I make this /etc/gammurc file: # cat << EOF > /etc/gammurc [gammu] port = /dev/ttyS0 connection = dlr3 EOF # # Check out the original /etc/gammurc file for hints on different setups # # You can test that the gammu program works by doing this test as root: # gammu nothing --identify # # and when that test gives correct data send yourself a test SMS like this: # echo Test | gammu nothing --sendsms TEXT YourMobileNumber # # and of course change "YourMobileNumber" with the phone number of your mobile :-) # # Since the NAV program runs as the navcron user (that was created when installing # the nav rpm) it needs permissions to use the /dev/ttyS0 device file. Use this # command to give the navcron user the needed permission: # usermod -G uucp navcron # # Now you can test the smsd.py module to see that it will send SMS'es: # /usr/local/nav/bin/smsd.py -t YourMobileNumber # # Again change "YourMobileNumber" with the phone number of your mobile ## ## Configure Tomcat ## # Let Tomcat only listen to the localhost address sed -e 's/port="8080"/port="8080" address="127.0.0.1"/' -i /usr/local/apache-tomcat-5.5.23/conf/server.xml # Link in the NAV servlets ln -s /usr/local/nav/apache/webapps/*.war /usr/local/apache-tomcat-5.5.23/webapps ## ## Configure Postgresql database ## # # Site-specific: # nav user password # # Start postgres (also on boot) chkconfig postgresql on service postgresql start # Configure postgres with tcp/ip and net authorization sed -e 's/#tcpip_socket = false/tcpip_socket = true/' -i /var/lib/pgsql/data/postgresql.conf sed -e 's/^local/#local/' -i /var/lib/pgsql/data/pg_hba.conf cat << EOF >>/var/lib/pgsql/data/pg_hba.conf local all postgres ident sameuser local all all md5 host all all 127.0.0.1 255.255.255.255 md5 host all all 0.0.0.0 0.0.0.0 reject EOF service postgresql restart # Create a NAV DB user and set a password on it su postgres createuser --no-createdb --no-adduser --pwprompt nav # Set up the NAV databases createdb --owner nav --encoding UTF-8 manage createdb --owner nav --encoding UTF-8 navprofiles createdb --owner nav --encoding UTF-8 logger createdb --owner nav --encoding UTF-8 arnold createlang plpgsql manage createlang plpgsql navprofiles cd /usr/local/nav/doc/sql # Use the nav user password you just made here export PGPASSWORD=****** psql -f manage.sql manage nav psql -f types.sql manage nav psql -f snmpoid.sql manage nav psql -f navprofiles.sql navprofiles nav psql -f logger.sql logger nav psql -f arnold.sql arnold nav exit # Configure NAV config file with the nav user password you chose sed -e 's/userpw_nav=/userpw_nav=*******/' -i /usr/local/nav/etc/db.conf ## ## Install and configure cricket ## chgrp nav /usr/local/nav chmod g+sw /usr/local/nav su navcron mkdir ~/cricket cd ~/cricket wget http://ans.hsh.no/home/roger/nav3/cricket-1.0.5.tar.gz tar xvzf cricket-1.0.5.tar.gz ln -s cricket-1.0.5 cricket cd cricket sh configure cp cricket-conf.pl.sample cricket-conf.pl sed \ -e '/^$gCricketHome/s/\/home\/cricket/\/usr\/local\/nav\/cricket/' \ -e 's/^#$gConfigRoot/$gConfigRoot/' \ -e 's/^#$gDbAccess = "slurp"/$gDbAccess = "slurp"/' \ -i cricket-conf.pl cd ~/cricket mkdir public_html cd public_html/ ln -s ../cricket/images ln -s ../cricket/grapher.cgi ln -s ../cricket/lib ln -s ../cricket/mini-graph.cgi ln -s ../cricket/VERSION ln -s ../cricket/grapher.cgi index.cgi cp /usr/local/nav/doc/cricket/public_html/cricket.css . mkdir ../cricket-data ln -s ../cricket-data cp -r /usr/local/nav/doc/cricket/cricket-config .. ln -s ../cricket-config cd ~/cricket/cricket cp /usr/local/nav/doc/cricket/cricket/* . cd ~ mkdir cricket/cricket-logs touch /usr/local/nav/cricket/cricket-logs/changelog cricket/cricket/compile bin/makecricketconfig.pl exit cd /usr/local/nav/apache/webroot ln -s ~navcron/cricket/public_html cricket cd cricket echo "SetHandler none" > .htaccess ### ### Installation and configuration is done. Lets start the program. ### ## ## Reboot machine. This is necessary, the environment needs new settings ## before starting NAV and the web-server needs to be started. ## shutdown -r 0 ## ## Log in and become root ## su - ## ## Start Tomcat ## /usr/local/apache-tomcat-5.5.23/bin/startup.sh ## ## Start NAV ## /usr/local/nav/bin/nav start # Check the startup by using this command: /usr/local/nav/bin/nav status # I sometimes have problems starting servicemon and/or pping. I then use this command: /usr/local/nav/bin/nav start servicemon pping # Maybe even two times to get it going # or I stop NAV and start it again this way: /usr/local/nav/bin/nav stop /usr/local/nav/bin/nav start ## Now NAV is up and running and it is time to log in and seed the database. ## Go to the webpage and log in as admin (remember to change the password) ## and go to Toolbox, Edit database ## Here is a very simple startup that I put on my server. This will ## start Tomcat and NAV, but not stop them on shutdown of the server. ## Use it if you want or make a better one and share it. cat << EOF >> /etc/rc.d/rc.local # Start NAV . /etc/profile.d/nav_environ.sh /usr/local/apache-tomcat-5.5.23/bin/startup.sh /usr/local/nav/bin/nav start EOF ## ## As you can see I have put the packages on a local webserver to make it ## easier to reinstall (don't have to rely on the remote servers being up and ## having the same versions available), and you are welcome to download from ## that server. But if you want to get the files yourself here are the links: ## # # http://heanet.dl.sourceforge.net/sourceforge/nav/nav-3.2.2-1.noarch.rpm # http://heanet.dl.sourceforge.net/sourceforge/nav/nav-3.2.2.tar.gz # http://java.sun.com # http://www.apache.org/dist/tomcat/tomcat-5/v5.5.23/bin/apache-tomcat-5.5.23.tar.gz # http://gicl.cs.drexel.edu/people/sevy/snmp/source_1.4.2.zip # http://dag.wieers.com/packages/RPM-GPG-KEY.dag.txt # http://dag.wieers.com/packages/gammu/gammu-1.11.0-1.el4.rf.i386.rpm # http://dag.wieers.com/packages/gammu/gammu-devel-1.11.0-1.el4.rf.i386.rpm # http://dag.wieers.com/packages/rrdtool/rrdtool-1.0.50-3.el4.rf.i386.rpm # http://dag.wieers.com/packages/rrdtool/perl-rrdtool-1.0.50-3.el4.rf.i386.rpm # http://dag.wieers.com/packages/rrdtool/rrdtool-devel-1.0.50-3.el4.rf.i386.rpm # http://dag.wieers.com/packages/perl-TimeDate/perl-TimeDate-1.16-1.2.el4.rf.noarch.rpm # http://www.switch.ch/misc/leinen/snmp/perl/dist/SNMP_Session-1.10.tar.gz # ftp://ftp.uninett.no/pub/CPAN/modules/by-module/MD5/GAAS/MD5-2.03.tar.gz # ftp://ftp.uninett.no/pub/CPAN/modules/by-module/DB_File/DB_File-1.815.tar.gz # ftp://ftp.uninett.no/pub/CPAN/modules/by-module/CGI/CGI.pm-3.29.tar.gz # ftp://ftp.uninett.no/pub/CPAN/modules/by-module/Pg/pgsql_perl5-1.9.0.tar.gz # http://initd.org/pub/software/psycopg/psycopg-1.1.21.tar.gz # http://cheeseshop.python.org/packages/source/I/IPy/IPy-0.54.tar.gz # http://heanet.dl.sourceforge.net/sourceforge/py-rrdtool/py-rrdtool-0.2.1.tar.gz # http://heanet.dl.sourceforge.net/sourceforge/pysnmp/pysnmp-2.0.9.tar.gz # http://heanet.dl.sourceforge.net/sourceforge/cheetahtemplate/Cheetah-1.0.tar.gz # http://forgethtml.sourceforge.net/forgethtml-cvs-2004-10-21.tar.gz # http://heanet.dl.sourceforge.net/sourceforge/forgetsql/forgetSQL-0.5.1.tar.gz # http://dl.cihar.com/python-gammu/latest/python-gammu-0.20.tar.gz # http://heanet.dl.sourceforge.net/sourceforge/cricket/cricket-1.0.5.tar.gz #