installingoncentos5
This is an old revision of the document!
Installing NAV on CentOS 5
- Maintained by Roger Aas at Ementor Norge AS.
###
### NAV 3 installation
###
### for CentOS 5
###
### Roger Aas, Ementor Norge AS
###
###
### 26.08.2008:
### - Fixed several small issues
### - Configured alternatives system with new java
### 22.08.2008:
### - First (beta?) release of documentation for CentOS 5
### - This version includes compiling the source of NAV
### - Tested on CentOS 5.2 i386 DVD
### - NAV version is latest 3.4.2
### - Please report any problems with this version if you test it
###
### For feedback please contact me on the NAV mailing list or directly
### at <roger at hsh.no>
# NB!
#
# There are a lot of site specific information that you have to put in
# yourself (ip address, netmask, hostname, gateway, dns-servers,
# ntp provider, smtp server, linux-logs email-address, snmp community,
# ip-addresses to be allowed past firewall and so on). Make sure you have
# put in all the correct information. I have added information about
# this site specific information in each section header that will need it.
###
### Installation of CentOS 5
###
# I have included a very basic installation of CentOS 5 here.
# I have selected to do a "minimal" install and rather do an up2date or yum
# for the extra packages NAV needs in addition to that. That way I don't get
# a lot of services running on the machine that I don't need. I use static
# network configuration so the NAV server don't need to rely on a DHCP
# server functioning. I disable SELinux.
#
# WARNING! If you choose to use SELinux here you MUST do some configuration
# of that to get NAV to work.
#
# Site-specific:
# ip-address and netmask
# hostname.yourdomain.tld
# gateway ip-address
# dns server ip-addresses
#
# Boot from CentOS 5.2 i386 DVD
# "Boot:", press Enter
# "CD Found", select Skip
# Screen 1: "Welcome"
# "CentOS 5", press Next
# Screen 2: "Language Selection"
# Press Next
# ("English (English)" is already selected)
# Screen 3: "Keyboard Configuration"
# Select Norwegian and press Next
# (for us with that kind of keyboard)
# Screen 4: "Partitioning"
# Press Next
# or if your situation needs it select
# (a) if you want to remove all previous partitions on selected drives
# (b) which drives you want to use
# (c) if you need any advanced configuration
# (d) if you want to modify the defaults
# Window 1: "Warning"
# Press Yes
# Screen 5: "Network Configuration"
# Select eth0 and press Edit
# Window 1: "Edit Interface"
# Under IPv4 select "Manual configuration", type IP Address and Prefix (Netmask)
# Deselect "Enable IPv6 support"
# Press OK
# Type in Hostname as hostname.yourdomain.tld
# Under "Miscellaneous Settings" type in ip addresses for gateway and DNS servers
# Press Next
# Screen 6: "Time Zone Selection"
# Select "Europe/Oslo" and press Next
# (For us living in Norway)
# Screen 7: "Set Root Password"
# Enter root password twice and press Next
# Screen 8: "Package Group Selection"
# Deselect "Desktop - Gnome", press Next
# Screen 9: "About to Install"
# Press Next
# Screen 10: "Congratulations, the installation is complete."
# Remove DVD and press Reboot
# Firstboot:
# Select "Firewall configuration"
# Run Tool ()
# Security Level: Disabled
# SELinux: Disabled
# OK
# Exit
###
### Configure the system
###
##
## Stop some unneeded services
##
chkconfig autofs off # Don't need automounting filesystems in this setup
chkconfig cups off # Don't need printing directly on the NAV server
chkconfig gpm off # Don't need a console mouse
#chkconfig mcstrans off # No SELinux on this machine
chkconfig mdmonitor off # No software RAID in this setup
chkconfig netfs off # I will not use any Network FS in this setup
chkconfig nfslock off # Same
chkconfig portmap off # No RPC programs in this setup
chkconfig rpcgssd off # Don't need NFSv4 in this setup
chkconfig rpcidmapd off # Same
##
## Other services that depends on the machine you use for NAV
##
## Check the syslog and other log files to see if they are needed f.ex.:
## grep apm /var/log/messages
## grep microcode /var/log/messages
## grep smart /var/log/messages
##
chkconfig apmd off # Run this if your machine is not using APM (mostly laptops/or using ACPI)
chkconfig bluetooth off # Run this if your machine do not have BT (mostly laptops/or using ACPI)
chkconfig cpuspeed off # Run this if the processor is not a speedstep processor (mostly laptops)
chkconfig hidd off # Run this if your machine do not have BT (mostly laptops/or using ACPI)
#chkconfig irqbalance off # Run this if you have one processor with a single core
chkconfig isdn off # Run this if your machine don't have an isdn connection
#chkconfig microcode_ctl off # Run this if microcode is older than your BIOS/Processor microcode
chkconfig pcscd off # Run this if your machine does not use any smart cards
#chkconfig smartd off # Run this if your HD is not SMART capable
##
## The CentOS5 installation over disabled IPv6, and /etc/sysconfig/network
## have a setting called NETWORKING_IPV6 that is then set to "no". But
## still some applications connect to IPv6 addresses and the IPv6 kernel
## module is autoloaded. We are still not using IPv6 and I am not ready to
## look into setting this up in a functioning way so instead I disable IPv6
## in this way:
##
# Remove IPv6 from CentOS5
echo "alias net-pf-10 off" >>/etc/modprobe.conf
# Also stop ipv6 firewall from trying to start
chkconfig ip6tables off
##
## Import RPM Key
##
gpg --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
##
## Update installed packages
##
# Check available updates
yum check-update
# Install updates
yum -y update
##
## Make a local user
##
#
# Site-specific:
# "John Doe"
# nn
#
useradd -c "John Doe" nn
passwd nn
##
## Configure ssh
##
#
# Site-specific:
# nn
#
# - Disable X11 forwarding
# - Don't allow root logins
# - Select which account(s) can log in
# - Lower some time limits
sed -e 's/^X11Forwarding/#X11Forwarding/' -i /etc/ssh/sshd_config
cat << EOF >>/etc/ssh/sshd_config
PermitRootLogin no
AllowUsers nn
LoginGraceTime 20
MaxStartups 5
EOF
##
## Install and configure ntp
##
#
# Install ntp
yum -y install ntp
# First set the clock directly. The ntp daemon (ntpd) will not sync if time diff is too high.
ntpdate 0.centos.pool.ntp.org
# Start ntpd on reboot
chkconfig ntpd on
# Start the ntp daemon now
service ntpd start
# Run this command after some time. A * in front of the ntp server means it is synced.
ntpq -p
##
## Install sendmail-cf and configure sendmail:
##
#
# Site-specific:
# yoursmtpserver.yourdomain.tld
# yourlogemail@yourdomain.tld
#
# We use a SMART_HOST server that we want the mail to go through.
# And I set up root's email to go to a specified email address.
# Install sendmail-cf
yum -y install sendmail-cf
# Edit the sendmail config file
cd /etc/mail
sed -e '/SMART_HOST/s/dnl //' -e 's/smtp.your.provider/yoursmtpserver.yourdomain.tld/' -i sendmail.mc
make -C /etc/mail
cd
echo "root: yourlogemail@yourdomain.tld" >>/etc/aliases
newaliases
service sendmail restart
##
## Install net-snmp and configure snmpd
##
#
# Site-specific:
# yoursnmpcommunity
# YourPlace
# You <yourcontactemail@yourdomain.tld>
#
# Install net-snmp
yum -y install net-snmp net-snmp-utils
# Edit the snmpd config file
cat << EOF >/etc/snmp/snmpd.conf
com2sec snmpuser default yoursnmpcommunity
group snmpgroup v1 snmpuser
group snmpgroup v2c snmpuser
view allsnmpview included .1
access snmpgroup "" any noauth exact allsnmpview none none
syslocation YourPlace
syscontact You <yourcontactemail@yourdomain.tld>
EOF
chkconfig snmpd on
service snmpd start
##
## Configure syslog to accept syslog messages from other hosts
##
sed -e '/SYSLOGD_OPTIONS/s/m 0/m 0 -r/' -i /etc/sysconfig/syslog
service syslog restart
##
## Configure the firewall
##
## Here I have added a sample firewall setup
##
## Site-specific:
##
## To use this you will have to enter the hosts that you want to have
## access to the web-server and the hosts that needs ssh access to NAV.
## In addition you can give access to NMS servers that need snmp-access
## and servers that need syslog access. You can define this with either
## a single host (158.37.22.2) or a subnet (158.37.22.0/24) or have
## several lines - both single hosts and subnets. If you need help in
## setting this up for your situation send me an email.
## Beware: Setting it up this way means you can not use the program
## system-config-network to set up the firewall. It will overwrite this
## file.
# Create an iptables file
cat << EOF >/etc/sysconfig/iptables
*mangle
COMMIT
*nat
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT DROP [0:0]
#
# Accept established and related packets
#
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# Accept packets to loopback
#
-A INPUT -i lo -j ACCEPT
#
# Accept ping packets but rate-limit them
#
-A INPUT -m limit -p icmp --icmp-type echo-request --limit 1/s -j ACCEPT
#
# Accept SSH from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 22 -j ACCEPT
#
# Accept HTTP/HTTPS from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.0/24 -p tcp --dport 80 -j ACCEPT
-A INPUT -s 158.37.22.0/24 -p tcp --dport 443 -j ACCEPT
#
# Accept SNMP from NMS'es (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 161 -j ACCEPT
#
# Accept syslog from specified addresses (EDIT THIS ONE)
#
-A INPUT -s 158.37.22.2 -p udp --dport 514 -j ACCEPT
#
# If you want to access the database from some other machine
# remove the remark from this line and edit the source ip.
# You will also have to edit the postgresql config file pg_hba.conf
# so postgresql will listen to more than the loopback address.
#
#-A INPUT -s 158.37.22.2 -p tcp --dport 5432 -j ACCEPT
#
# Accept new, established and related packets to leave server
#
-A OUTPUT -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
COMMIT
EOF
# Set right permissions on the file
chmod 600 /etc/sysconfig/iptables
# Start firewall
service iptables start
##
## Time to reboot the server
##
shutdown -r 0
##
## Log in with your new user and become root
## Root access is needed for installing and configuring NAV
##
su -
##
## Install and configure Apache, mod_ssl, mod_python and php:
##
#
# Site-specific:
# Certificate:
# Country Name
# State or Province Name
# Locality Name
# Organization Name
# Organizational Unit Name
# Common Name (hostname.yourdomain.tld)
# Email Address (webmaster@yourdomain.tld)
# Apache config:
# ServerAdmin (webmaster@yourdomain.tld)
# ServerName (hostname.yourdomain.tld)
# SSL config:
# hostname.yourdomain.tld
#
# Install Apache
yum -y install httpd mod_ssl mod_python php
# Remove autocreated cert and make a new certificate.
rm -f /etc/pki/tls/certs/localhost.crt
rm -f /etc/pki/tls/private/localhost.key
openssl genrsa 1024 >/etc/pki/tls/private/localhost.key
chmod go-rwx /etc/pki/tls/private/localhost.key
# I install a self-signed certificate valid for 10 years.
# I guess NAV4 should be out before that... :-)
# Enter your own data in the cert creation.
openssl req -new -key /etc/pki/tls/private/localhost.key \
-x509 -days 3652 -out /etc/pki/tls/certs/localhost.crt
NO
Rogaland
Haugesund
Ementor Norge AS
hostname.yourdomain.tld
webmaster@yourdomain.tld
chmod go-rwx /etc/pki/tls/certs/localhost.crt
# Enable httpd to start on boot
chkconfig httpd on
# Configure Apache according with the example conf from
# the NAV3 distribution.
# Edit the httpd config file
sed \
-e '/^StartServers/s/8/5/' \
-e '/^MaxSpareServers/s/20/ 8/' \
-e '/^ServerAdmin/s/root@localhost/webmaster@yourdomain.tld/' \
-e 's/^#ServerName www.example.com/ServerName hostname.yourdomain.tld/' \
-e '/^DocumentRoot/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
-e '/^<Directory/s/\/var\/www\/html/\/usr\/local\/nav\/apache\/webroot/' \
-e 's/Options Indexes FollowSymLinks/Options Indexes FollowSymLinks ExecCGI/' \
-e '/FollowSymLinks ExecCGI/,/Controls who/s/AllowOverride None/AllowOverride All/' \
-e '/^DirectoryIndex/s/index.html.var/index.html.var index.cgi/' \
-e 's/^#AddHandler cgi-script .cgi/AddHandler cgi-script .cgi/' \
-i /etc/httpd/conf/httpd.conf
# Edit the SSL config file
cat << EOF >>/etc/httpd/conf.d/ssl.conf
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteLog logs/rewrite.log
# We make sure the full host name is always used, so that cookies are
# always valid through internal redirects on the NAV website.
RewriteCond %{HTTP_HOST} !^hostname.yourdomain.tld\$
RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]
# We force the client to use the SSL server for security.
RewriteCond %{HTTPS} !^on\$
RewriteRule ^/(.*) https://hostname.yourdomain.tld/\$1 [R=301]
</IfModule>
EOF
##
## Install some more needed packages that is included with CentOS5
##
yum -y install gcc
yum -y install postgresql postgresql-server postgresql-jdbc php-pgsql
yum -y install postgresql-devel # Checked out, psycopg needs it to compile
yum -y install mx # Checked out, psycopg needs it to compile
yum -y install python-devel # Checked out, psycopg needs it to compile
yum -y install perl-DBI # Checked out, AlertEngine needs it [Engine.pm]
yum -y install perl-DBD-Pg # Checked out, AlertEngine needs it
yum -y install perl-libwww-perl # Cricket needs it?
yum -y install db4-devel # Checked out, DB_File needs it to compile
yum -y install mysql # Checked out, gammu needs it to install
yum -y install samba-client # Arnold uses nmblookup
yum -y install pkgconfig # python-gammu needs it to install
yum -y install ant
yum -y install autoconf
yum -y install perl-TimeDate
yum -y install tomcat5
###
### Install and configure NAV and dependencies
###
##
## Make download directory
##
mkdir ~/nav3
cd ~/nav3
##
## Download NAV source tar and extract it
##
wget http://ans.hsh.no/home/roger/nav3/nav-3.4.2.tar.gz
tar xvzf nav-3.4.2.tar.gz
##
## Install Java Developer Kit
##
wget http://ans.hsh.no/home/roger/nav3/jdk-6u7-linux-i586-rpm.bin
bash jdk-6u7-linux-i586-rpm.bin
yes
# Fix the alternatives system to use new JDK
alternatives --install /usr/bin/java java /usr/java/default/bin/java 1607
alternatives --install /usr/bin/javac javac /usr/java/default/bin/javac 1607
# Set environment variables for Java used for installation
export PATH=/usr/java/default/bin:$PATH
export JAVA_HOME=/usr/java/default
##
## Install Java SNMP Package
##
mkdir JavaSNMP
cd JavaSNMP
wget http://ans.hsh.no/home/roger/nav3/source_1.4.2.zip
unzip source_1.4.2.zip
make SNMPPackage
cd ..
##
## Use GPG-key for installing RPMs from Dag Wieers
##
wget http://ans.hsh.no/home/roger/nav3/RPM-GPG-KEY.dag.txt
gpg --import RPM-GPG-KEY.dag.txt
rpm --import RPM-GPG-KEY.dag.txt
##
## Install gammu
##
wget http://ans.hsh.no/home/roger/nav3/gammu-1.11.0-1.el5.rf.i386.rpm
rpm -ivh gammu-1.11.0-1.el5.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/gammu-devel-1.11.0-1.el5.rf.i386.rpm
rpm -ivh gammu-devel-1.11.0-1.el5.rf.i386.rpm
##
## Install rrdtool version 1.0 (1.2 is not supported in py-rrdtool)
##
wget http://ans.hsh.no/home/roger/nav3/rrdtool-1.0.50-3.el5.rf.i386.rpm
rpm -ivh rrdtool-1.0.50-3.el5.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/perl-rrdtool-1.0.50-3.el5.rf.i386.rpm
rpm -ivh perl-rrdtool-1.0.50-3.el5.rf.i386.rpm
wget http://ans.hsh.no/home/roger/nav3/rrdtool-devel-1.0.50-3.el5.rf.i386.rpm
rpm -ivh rrdtool-devel-1.0.50-3.el5.rf.i386.rpm
##
## Perl module installations
##
# Checked out, cricket/compile needs it
wget http://ans.hsh.no/home/roger/nav3/SNMP_Session-1.12.tar.gz
tar xvzf SNMP_Session-1.12.tar.gz
cd SNMP_Session-1.12
perl Makefile.PL
make
make install
cd ..
# MD5 CPAN Perl module
wget http://ans.hsh.no/home/roger/nav3/MD5-2.03.tar.gz
tar xvzf MD5-2.03.tar.gz
cd MD5-2.03
perl Makefile.PL
make
make install
cd ..
# Checked out, cricket/compile needs it
wget http://ans.hsh.no/home/roger/nav3/DB_File-1.817.tar.gz
tar xvzf DB_File-1.817.tar.gz
cd DB_File-1.817
perl Makefile.PL
make
make install
cd ..
# FCGI CPAN Perl module
wget http://ans.hsh.no/home/roger/nav3/FCGI-0.67.tar.gz
tar xvzf FCGI-0.67.tar.gz
cd FCGI-0.67
perl Makefile.PL
make
make install
cd ..
# CGI CPAN Perl module
wget http://ans.hsh.no/home/roger/nav3/CGI.pm-3.40.tar.gz
tar xvzf CGI.pm-3.40.tar.gz
cd CGI.pm-3.40
perl Makefile.PL
make
make install
cd ..
# Checked out, bin/makecricketconfig.pl needs it
wget http://ans.hsh.no/home/roger/nav3/pgsql_perl5-1.9.0.tar.gz
tar xvzf pgsql_perl5-1.9.0.tar.gz
cd pgsql_perl5-1.9.0
export POSTGRES_INCLUDE=/usr/include/pgsql POSTGRES_LIB=/usr/lib/pgsql
perl Makefile.PL
make
make install
unset POSTGRES_INCLUDE POSTGRES_LIB
cd ..
##
## Python module installations
##
#
wget http://ans.hsh.no/home/roger/nav3/psycopg-1.1.21.tar.gz
tar xvzf psycopg-1.1.21.tar.gz
cd psycopg-1.1.21
./configure \
--with-postgres-includes=/usr/include/pgsql/server \
--with-mxdatetime-includes=/usr/lib/python2.4/site-packages/mx/DateTime/mxDateTime
# Configure fails to read Postgresql version from config file because of a Red Hat
# include file kludge, so we fix this with another kludge
sed -e 's/POSTGRESQL_MAJOR=/POSTGRESQL_MAJOR=8/' -e 's/POSTGRESQL_MINOR=/POSTGRESQL_MINOR=1/' -i Makefile
make
make install
cd ..
# Checked out, machinetracker.py needs it
wget http://ans.hsh.no/home/roger/nav3/IPy-0.62.tar.gz
tar xvzf IPy-0.62.tar.gz
cd IPy-0.62
python setup.py install
cd ..
# Checked out, servicemon needs it
wget http://ans.hsh.no/home/roger/nav3/py-rrdtool-0.2.1.tar.gz
tar xvzf py-rrdtool-0.2.1.tar.gz
cd py-rrdtool-0.2.1
python setup.py install
cd ..
# Needs version 2 of pysnmp
wget http://ans.hsh.no/home/roger/nav3/pysnmp-2.0.9.tar.gz
tar xvzf pysnmp-2.0.9.tar.gz
cd pysnmp-2.0.9
python setup.py install
cd ..
# Checked out
wget http://ans.hsh.no/home/roger/nav3/Cheetah-1.0.tar.gz
tar xvzf Cheetah-1.0.tar.gz
cd Cheetah-1.0
python setup.py install
cd ..
#
wget http://ans.hsh.no/home/roger/nav3/forgethtml-cvs-2004-10-21.tar.gz
tar xvzf forgethtml-cvs-2004-10-21.tar.gz
cd forgethtml
python setup.py install
cd ..
# thresholdMon.py
wget http://ans.hsh.no/home/roger/nav3/forgetSQL-0.5.1.tar.gz
tar xvzf forgetSQL-0.5.1.tar.gz
# Patch it with patch from NAV source
cp nav-3.4.2/contrib/patches/forgetSQL-0.5.1.patch forgetSQL-0.5.1/lib
cd forgetSQL-0.5.1/lib
patch <forgetSQL-0.5.1.patch
cd ..
python setup.py install
cd ..
# Install Python bindings for gammu
wget http://ans.hsh.no/home/roger/nav3/python-gammu-0.20.tar.gz
tar xvzf python-gammu-0.20.tar.gz
cd python-gammu-0.20
python setup.py install
cd ..
##
## Compile and install NAV
##
export CLASSPATH=/root/nav3/JavaSNMP/snmp.jar:/usr/share/java/tomcat5-servlet-2.4-api.jar
cd nav-3.4.2
autoconf
./configure
make
make install
cd
###
### Nav configuration
###
##
## NAV setup
##
# You may want to edit some or all of the files in the directory
# /usr/local/nav/etc/webfront now. This is to personalise your
# NAV installation.
#
# Edit NAV configuration file
#
# Site-specific:
# ADMIN_MAIL (yournavemail@yourdomain.tld)
# DOMAIN_SUFFIX (yourdomain.tld)
#
sed \
-e '/ADMIN_MAIL/s/root@localhost/yournavemail@yourdomain.tld/' \
-e '/DOMAIN_SUFFIX/s/ntnu.no/yourdomain.tld/' \
-i /usr/local/nav/etc/nav.conf
#
# Arnold needs its log file existing
touch /usr/local/nav/var/log/arnold/arnold.log
##
## Make NAV user and group
##
groupadd nav
useradd -M -g nav -d /usr/local/nav navcron
chown -R navcron /usr/local/nav/var/log
chown -R navcron /usr/local/nav/var/run
##
## Profile setup
##
cat << EOF > /etc/profile.d/nav_environ.sh
export JAVA_HOME=/usr/java/default
export PATH=\$JAVA_HOME/jre/bin:\$PATH
export CATALINA_OPTS="-Djava.awt.headless=true -Xmx128M -server -Djava.ext.dirs=/usr/local/nav/lib/java"
EOF
chmod 755 /etc/profile.d/nav_environ.sh
##
## Link in the JDBC driver
##
ln -s /usr/share/java/postgresql-jdbc.jar /usr/local/nav/lib/java
##
## Copy in the snmp library
##
cp /root/nav3/JavaSNMP/snmp.jar /usr/local/nav/lib/java
##
## Link in some NAV Perl scripts into the Perl library
##
ln -s /usr/local/nav/lib/perl/NAV.pm /usr/lib/perl5/site_perl/5.8.8
ln -s /usr/local/nav/lib/perl/NAV /usr/lib/perl5/site_perl/5.8.8
ln -s /usr/local/nav/lib/perl/NetAddr /usr/lib/perl5/site_perl/5.8.8
##
## Append to Python the path to NAV python scripts
##
cat << EOF > /usr/lib/python2.4/site-packages/sitecustomize.py
import sys
__navpath = "/usr/local/nav/lib/python"
if __navpath not in sys.path:
sys.path.append(__navpath)
EOF
##
## Configure Tomcat
##
# Let Tomcat only listen to the localhost address
sed -e 's/port="8080"/port="8080" address="127.0.0.1"/' -i /etc/tomcat5/server.xml
# Link in the NAV servlets
ln -s /usr/local/nav/apache/webapps/*.war /var/lib/tomcat5/webapps
chkconfig tomcat5 on
##
## Configure Postgresql database
##
#
# Site-specific:
# nav user password
#
# Start postgres (also on boot)
chkconfig postgresql on
service postgresql start
# Configure postgres with net authorization
sed -e 's/^local/#local/' -i /var/lib/pgsql/data/pg_hba.conf
sed -e 's/^host/#host/' -i /var/lib/pgsql/data/pg_hba.conf
cat << EOF >>/var/lib/pgsql/data/pg_hba.conf
local all postgres ident sameuser
local all all md5
host all all 127.0.0.1 255.255.255.255 md5
host all all 0.0.0.0 0.0.0.0 reject
EOF
# Restart service
service postgresql restart
# Become postgresql admin
su - postgres
# Create a NAV DB user and set a password on it
# Select n for no so the account can not create more roles
createuser --no-createdb --no-adduser --pwprompt nav
# Set up the NAV databases
createdb --owner nav --encoding UTF-8 manage
createdb --owner nav --encoding UTF-8 navprofiles
createdb --owner nav --encoding UTF-8 logger
createdb --owner nav --encoding UTF-8 arnold
createlang plpgsql manage
createlang plpgsql navprofiles
cd /usr/local/nav/doc/sql
# Use the nav user password you just made here
export PGPASSWORD=******
psql -f manage.sql manage nav
psql -f types.sql manage nav
psql -f snmpoid.sql manage nav
psql -f navprofiles.sql navprofiles nav
psql -f logger.sql logger nav
psql -f arnold.sql arnold nav
exit
# Configure NAV config file with the nav user password you chose
sed -e 's/userpw_nav=/userpw_nav=*******/' -i /usr/local/nav/etc/db.conf
##
## Configure gammu
##
#
# Site-specific:
# /etc/gammurc config
# YourMobileNumber
#
# First you have to edit the /etc/gammurc file to support your mobile phone
#
# Nokia 6310i with DLR-3 cable to serial port
cat << EOF > /etc/gammurc
[gammu]
port = /dev/ttyS0
connection = dlr3
EOF
# Nokia E51 with DKE-2 cable to USB port
cat << EOF > /etc/gammurc
[gammu]
port=/dev/ttyACM0
connection=dku2at
EOF
#
# Check out the original /etc/gammurc file for hints on different setups
#
# You can test that the gammu program works by doing this test as root:
#
gammu nothing --identify
#
# and when that test gives correct data send yourself a test SMS like this:
#
echo Test | gammu nothing --sendsms TEXT YourMobileNumber
#
# and of course change "YourMobileNumber" with the phone number of your mobile :-)
#
# Since the NAV program runs as the navcron user (that was created when installing
# the nav rpm) it needs permissions to use the /dev/ttyS0 device file. Use this
# command to give the navcron user the needed permission:
#
usermod -G uucp navcron
#
# Now you can test the smsd.py module to see that it will send SMS'es:
#
/usr/local/nav/bin/smsd.py -t YourMobileNumber
#
# Again change "YourMobileNumber" with the phone number of your mobile
##
## Install and configure cricket
##
chgrp nav /usr/local/nav
chmod g+sw /usr/local/nav
su - navcron
mkdir ~/cricket
cd ~/cricket
wget http://ans.hsh.no/home/roger/nav3/cricket-1.0.5.tar.gz
tar xvzf cricket-1.0.5.tar.gz
ln -s cricket-1.0.5 cricket
cd cricket
sh configure
cp cricket-conf.pl.sample cricket-conf.pl
sed \
-e '/^$gCricketHome/s/\/home\/cricket/\/usr\/local\/nav\/cricket/' \
-e 's/^#$gConfigRoot/$gConfigRoot/' \
-e 's/^#$gDbAccess = "slurp"/$gDbAccess = "slurp"/' \
-i cricket-conf.pl
cd ~/cricket
mkdir public_html
cd public_html/
ln -s ../cricket/images
ln -s ../cricket/grapher.cgi
ln -s ../cricket/lib
ln -s ../cricket/mini-graph.cgi
ln -s ../cricket/VERSION
ln -s ../cricket/grapher.cgi index.cgi
cp /usr/local/nav/doc/cricket/public_html/cricket.css .
mkdir ../cricket-data
ln -s ../cricket-data
cp -r /usr/local/nav/doc/cricket/cricket-config ..
ln -s ../cricket-config
cd ~/cricket/cricket
cp /usr/local/nav/doc/cricket/cricket/* .
cd ~
mkdir cricket/cricket-logs
touch /usr/local/nav/cricket/cricket-logs/changelog
cricket/cricket/compile
bin/makecricketconfig.pl
exit
cd /usr/local/nav/apache/webroot
ln -s ~navcron/cricket/public_html cricket
cd cricket
echo "SetHandler none" > .htaccess
###
### Installation and configuration is done. Lets start the program.
###
##
## Reboot machine. This is necessary, the environment needs new settings
## before starting NAV and the web-server needs to be started.
##
shutdown -r 0
##
## Log in and become root
##
su -
##
## Start NAV
##
/usr/local/nav/bin/nav start
# Check the startup by using this command:
/usr/local/nav/bin/nav status
# I sometimes have problems starting servicemon and/or pping. I then use this command:
/usr/local/nav/bin/nav start servicemon pping
# Maybe even two times to get it going
# or I stop NAV and start it again this way:
/usr/local/nav/bin/nav stop
/usr/local/nav/bin/nav start
## Now NAV is up and running and it is time to log in and seed the database.
## Go to the webpage and log in as admin (remember to change the password)
## and go to Toolbox, Edit database
## Here is a very simple startup that I put on my server. This will
## NAV, but not stop it on shutdown of the server.
## Use it if you want or make a better one and share it.
cat << EOF >> /etc/rc.d/rc.local
# Start NAV
. /etc/profile.d/nav_environ.sh
/usr/local/nav/bin/nav start
EOF
##
## As you can see I have put the packages on a local webserver to make it
## easier to reinstall (don't have to rely on the remote servers being up and
## having the same versions available), and you are welcome to download from
## that server. But if you want to get the files yourself here are the links:
##
#
# http://launchpad.net/nav/3.4/3.4.2/+download/nav-3.4.2.tar.gz
# http://java.sun.com
# http://gicl.cs.drexel.edu/people/sevy/snmp/source_1.4.2.zip
# http://dag.wieers.com/rpm/packages/RPM-GPG-KEY.dag.txt
# http://dag.wieers.com/rpm/packages/gammu/gammu-1.11.0-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/gammu/gammu-devel-1.11.0-1.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-1.0.50-3.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/perl-rrdtool-1.0.50-3.el5.rf.i386.rpm
# http://dag.wieers.com/rpm/packages/rrdtool/rrdtool-devel-1.0.50-3.el5.rf.i386.rpm
# http://www.switch.ch/misc/leinen/snmp/perl/dist/SNMP_Session-1.12.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/MD5/GAAS/MD5-2.03.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/DB_File/DB_File-1.817.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/FCGI/FCGI-0.67.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/CGI/CGI.pm-3.40.tar.gz
# ftp://ftp.uninett.no/pub/CPAN/modules/by-module/Pg/pgsql_perl5-1.9.0.tar.gz
# http://initd.org/pub/software/psycopg/psycopg-1.1.21.tar.gz
# http://pypi.python.org/packages/source/I/IPy/IPy-0.62.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/py-rrdtool/py-rrdtool-0.2.1.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/pysnmp/pysnmp-2.0.9.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cheetahtemplate/Cheetah-1.0.tar.gz
# http://forgethtml.sourceforge.net/forgethtml-cvs-2004-10-21.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/forgetsql/forgetSQL-0.5.1.tar.gz
# http://dl.cihar.com/python-gammu/latest/python-gammu-0.20.tar.gz
# http://heanet.dl.sourceforge.net/sourceforge/cricket/cricket-1.0.5.tar.gz
#
installingoncentos5.1219820227.txt.gz · Last modified: 2008/08/27 06:57 by rogeraas
