11/24/2010

Build NIS Server in order to share users' accounts in local networks. It's neccessary to install ypserv for NIS.


[root@ns ~]# yum -y install ypserv
 [root@ns ~]# ypdomainname server-linux.info  
# set NIS domain
[root@ns ~]# vi /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=ns.server-linux.info
GATEWAY=192.168.0.1

# add at the bottom of file
NISDOMAIN=server-linux.info
[root@ns ~]# vi /var/yp/Makefile
# MERGE_PASSWD=true|false

# line 42: change
MERGE_PASSWD=false
#
# MERGE_GROUP=true|false

# line 46: change
MERGE_GROUP=false
#

# line 109: add
all: passwd shadow  group hosts rpc services netid protocols
[root@ns ~]# host 127.0.0.1

255.255.255.0 192.168.0.0
# create a directory for web site automatically when a user is added in the system
[root@ns ~]# mkdir /etc/skel/public_html
[root@ns ~]#

# create a directory for email automatically when a user is added in the system

[root@ns ~]# mkdir -p /etc/skel/Maildir/cur 

[root@ns ~]# mkdir -p /etc/skel/Maildir/new
[root@ns ~]#mkdir -p /etc/skel/Maildir/tmp
[root@ns ~]#chmod -R 700 /etc/skel/Maildir/
[root@ns ~]#/etc/rc.d/init.d/portmap start
Starting portmap: [  OK  ]

[root@ns ~]#/etc/rc.d/init.d/ypserv start
Starting YP server services: [  OK  ]

[root@ns ~]#/etc/rc.d/init.d/yppasswdd start
Starting YP passwd service: [  OK  ]

[root@ns ~]#chkconfig portmap on
[root@ns ~]#chkconfig ypserv on
[root@ns ~]#chkconfig yppasswdd on
[root@ns ~]#useradd cent
[root@ns ~]#passwd cent
Changing password for user cent.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
[root@ns ~]# /usr/lib/yp/ypinit -m

# update NIS database
At this point, we have to construct a list of the hosts which will run NIS servers. ns.server-linux.info is in the list of NIS server hosts. Please continue to add the names for the other hosts, one per line. When you are done with the list, type a <control D>.
next host to add: ns.server-linux.info
next host to add:

# push Ctrl + D keys
The current list of NIS servers looks like this:
ns.server-linux.info
Is this correct? [y/n: y] y

# input 'y' and push Enter key
We need a few minutes to build the databases...
Building /var/yp/server-linux.info/ypservers...
Running /var/yp/Makefile...
gmake[1]: Entering directory `/var/yp/server-linux.info'
Updating passwd.byname...
Updating passwd.byuid...
Updating group.byname...
Updating group.bygid...
Updating hosts.byname...
Updating hosts.byaddr...
Updating rpc.byname...
Updating rpc.bynumber...
Updating services.byname...
Updating services.byservicename...
Updating netid.byname...
Updating protocols.bynumber...
Updating protocols.byname...
Updating mail.aliases...
gmake[1]: Leaving directory `/var/yp/server-linux.info'
ns.server-linux.info has been set up as a NIS master server.
Now you can run ypinit -s ns.server-linux.info on all slave server.

# It's neccessary to update NIS database with following way if new user is added again
[root@ns ~]#cd /var/yp
[root@ns yp]#make

11/21/2010

Install VNC Server


[1].Install VNC Server to operate CentOS with GUI remotely from Windows client. VNC is already installed if you already build Desktop Environment. If it's not installed, Install by a command 'yum -y install vnc-server'.
[root@ns ~]# yum -y install vnc-server
[root@ns ~]# vi /etc/sysconfig/vncservers
# line 20: make valid and set as '(diplay number):(user name)' like follwing example
VNCSERVERS="1:cent"
# line 21: uncomment and remove '-localhost' like below
# And set any screen resolution you like
VNCSERVERARGS[1]="-geometry 1024x768  -nolisten tcp -nohttpd"
[root@ns ~]# su - cent
[cent@ns ~]$ vncpasswd
# set VNC password
Password:
# input
Verify:
# verify
[cent@ns ~]$ su -
Password:
[root@ns ~]# /etc/rc.d/init.d/vncserver start
Starting VNC server: 1:cent
New 'ns.server-linux.info:1 (cent)' desktop is ns.server-linux.info:1
Creating default startup script /home/cent/.vnc/xstartup
Starting applications specified in /home/cent/.vnc/xstartup
Log file is /home/cent/.vnc/ns.server-linux.info:1.log
[  OK  ]
[root@ns ~]#vi /home/cent/.vnc/xstartup
# at the bottom: make it comment
#twm &
# run Ghome
exec gnome-session &
[root@ns ~]# /etc/rc.d/init.d/vncserver restart
Shutting down VNC server: 1:cent
[  OK  ]
Starting VNC server: 1:cent
New 'ns.server-linux.info:1 (cent)' desktop is ns.server-linux.info:1
Starting applications specified in /home/cent/.vnc/xstartup
Log file is /home/cent/.vnc/ns.server-linux.info:1.log
[  OK  ]

[2]. Install VNC viewer on client computer next. Download from the site below to install.
http://www.realvnc.com/products/free/4.1/download.html
Start VNC viewer after installing. Then following scrren is shown. Input [(Server's hostname or IP address):(display number)] like following example.
VNC Log On

[3] Password is required. Input VNC password you set in the section [1]. 


User and Pass

[4] Just connected. 




Build Desktop Environment


Desktop Environment is not neccessary for Server usage, though. But Sometimes installation or using an application requires Desktop Environment, then build Desktop Environment as follwos.

[1] Install some packages
[root@ns ~]#yum -y groupinstall "X Window System"
[root@ns ~]# yum -y groupinstall "GNOME Desktop Environment"
[2] Input a command like below after finishing installation of new packages.
[root@ns ~]# startx
  You can operate CentOS on GUI like Windows.
 
Desktop Censtos5
   
 
Desktop Censtos5
 
 From server-world.info

11/11/2010

Virtual Domain

Configure for Virtulal Domain to send an email with another domain name different from original domain. This example set config as, present domain name ⇒ server.world new domain name ⇒ virtual.host and userA has an email address cent@mail.server.world now
and Add userB newly and Give him an email address cent@mail.virtual.host

[1]     Config for Virtula Domain

[root@mail ~]#vi /etc/postfix/main.cf
# add at the bottom
virtual_alias_domains = virtual.host
virtual_alias_maps = hash:/etc/postfix/virtual
[root@mail ~]#vi /etc/postfix/virtual
# add at the head
cent@mail.virtual.host
userB
[root@mail ~]#postmap /etc/postfix/virtual
[root@mail ~]#/etc/rc.d/init.d/postfix reload
Reloading postfix:[ OK ]

[2]     Configure on client for new account and verify sending emails.

11/08/2010

WebMail system - SquirrelMail

    Install SquirrelMail to build web-based mail transfer system like yahoo mail or hotmail. SMTP/IMAP server is needed to run in your LAN.
[1]     Install SquirrelMail
[root@www ~]#yum -y install squirrelmail

[root@www ~]#cd /usr/share/squirrelmail/plugins/

[root@www plugins]#wget http://www.squirrelmail.org/plugins/compatibility-2.0.16-1.0.tar.gz

[root@www plugins]#wget http://www.squirrelmail.org/plugins/empty_trash-1.4-1.2.2.tar.gz

[root@www plugins]#wget http://www.squirrelmail.org/plugins/secure_login-1.4-1.2.8.tar.gz

[root@www plugins]#tar zxvf compatibility-2.0.16-1.0.tar.gz

[root@www plugins]#tar zxvf empty_trash-1.4-1.2.2.tar.gz

[root@www plugins]#tar zxvf secure_login-1.4-1.2.8.tar.gz

[root@www plugins]#rm -f *.tar.gz

[root@www plugins]#cd

[root@www ~]#/usr/share/squirrelmail/config/conf.pl

# run config script

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color off
S Save data
Q Quit

Command >>
1

# select

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Organization Preferences
1. Organization Name
: SquirrelMail

2. Organization Logo
: ../images/sm_logo.png

3. Org. Logo Width/Height
: (308/111)

4. Organization Title
: SquirrelMail

5. Signout Page
:

6. Top Frame
: _top

7. Provider link
: http://www.squirrelmail.org/

8. Provider name
: SquirrelMail


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
5

# change log-out page



When users click the Sign Out button they will be logged out and
then sent to signout_page. If signout_page is left empty,
(hit space and then return) they will be taken, as normal,
to the default and rather sparse SquirrelMail signout page.

[]:
/webmail
  
# change log-out page

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Organization Preferences
1. Organization Name
: SquirrelMail

2. Organization Logo
: ../images/sm_logo.png

3. Org. Logo Width/Height
: (308/111)

4. Organization Title
: SquirrelMail

5. Signout Page
: /webmail

6. Top Frame
: _top

7. Provider link
: http://www.squirrelmail.org/

8. Provider name
: SquirrelMail


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
r

# back to menu

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color off
S Save data
Q Quit

Command >>
2

# select

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: localhost

2. Invert Time
: false

3. Sendmail or SMTP
: Sendmail


A. Update IMAP Settings
: localhost:143 (uw)

B. Change Sendmail Config
: /usr/sbin/sendmail


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
1

# change to your domain name


The domain name is the suffix at the end of all email addresses. If
for example, your email address is jdoe.com, then your domain
would be example.com.

[localhost]:
server.world

# input

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: Sendmail


A. Update IMAP Settings
: localhost:143 (uw)

B. Change Sendmail Config
: /usr/sbin/sendmail

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
3

# select


You now need to choose the method that you will use for sending
messages in SquirrelMail. You can either connect to an SMTP server
or use sendmail directly.

1. Sendmail
2. SMTP
Your choice [1/2] [1]:
2

# change to SMTP

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


A. Update IMAP Settings
: localhost:143 (uw)

B. Change Sendmail Config
: localhost:25

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
A

# select


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


IMAP Settings
--------------
4. IMAP Server
: localhost

5. IMAP Port
: 143

6. Authentication type
: login

7. Secure IMAP (TLS)
: false

8. Server software
: uw

9. Delimiter
: /


B. Update SMTP Settings
: localhost:25

H. Hide IMAP Server Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
4

# select


This is the hostname where your IMAP server can be contacted.
[localhost]:
mail.server.world

# specify your IMAP server

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


IMAP Settings
--------------
4. IMAP Server
: mail.server.world

5. IMAP Port
: 143

6. Authentication type
: login

7. Secure IMAP (TLS)
: false

8. Server software
: uw

9. Delimiter
: /


B. Update SMTP Settings
: localhost:25

H. Hide IMAP Server Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
8

# select


Each IMAP server has its own quirks. As much as we tried to stick
to standards, it doesn't help much if the IMAP server doesn't follow
the same principles. We have made some work-arounds for some of
these servers. If you would like to use them, please select your
IMAP server. If you do not wish to use these work-arounds, you can
set this to "other", and none will be used.
   cyrus
= Cyrus IMAP server

   uw
= University of Washington's IMAP server

   exchange
= Microsoft Exchange IMAP server

   courier
= Courier IMAP server

   macosx
= Mac OS X Mailserver

   hmailserver
= hMailServer

   other
= Not one of the above servers

[uw]:
other

# this example wants to select dovecot but it's none in the list, so select 'other'

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


IMAP Settings
--------------
4. IMAP Server
: mail.server.world

5. IMAP Port
: 143

6. Authentication type
: login

7. Secure IMAP (TLS)
: false

8. Server software
: other

9. Delimiter
: /


B. Update SMTP Settings
: localhost:25

H. Hide IMAP Server Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
9

# select


This is the delimiter that your IMAP server uses to distinguish between
folders. For example, Cyrus uses '.' as the delimiter and a complete
folder would look like 'INBOX.Friends.Bob', while UW uses '/' and would
look like 'INBOX/Friends/Bob'. Normally this should be left at 'detect'
but if you are sure you know what delimiter your server uses, you can
specify it here.

To have it autodetect the delimiter, set it to 'detect'.

[/]:
detect

# change 'detect'

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


IMAP Settings
--------------
4. IMAP Server
: mail.server.world

5. IMAP Port
: 143

6. Authentication type
: login

7. Secure IMAP (TLS)
: false

8. Server software
: other

9. Delimiter
: detect


B. Update SMTP Settings
: localhost:25

H. Hide IMAP Server Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
B

# select


SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


SMTP Settings
-------------
4. SMTP Server
: localhost

5. SMTP Port
: 25

6. POP before SMTP
: false

7. SMTP Authentication
: none

8. Secure SMTP (TLS)
: false

9. Header encryption key
:


A. Update IMAP Settings
: mail.server.world:143 (other)

H. Hide SMTP Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
4

# select


This is the hostname of your SMTP server.
[localhost]:
mail.server.world

# specify your SMTP server

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


SMTP Settings
-------------
4. SMTP Server
: mail.server.world

5. SMTP Port
: 25

6. POP before SMTP
: false

7. SMTP Authentication
: none

8. Secure SMTP (TLS)
: false

9. Header encryption key
:


A. Update IMAP Settings
: mail.server.world:143 (other)

H. Hide SMTP Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
7

# select


If you have already set the hostname and port number, I can try to
automatically detect the mechanisms your SMTP server supports.
Auto-detection is *optional* - you can safely say "n" here.

Try to detect auth mechanisms? [y/N]:
y

# yes

Trying to detect supported methods (SMTP)...
Testing none: SUPPORTED
Testing login: SUPPORTED
Testing CRAM-MD5: NOT SUPPORTED
Testing DIGEST-MD5: NOT SUPPORTED

What authentication mechanism do you want to use for SMTP connections?
none - Your SMTP server does not require authorization.
login - Plaintext. If you can do better, you probably should.
cram-md5 - Slightly better than plaintext.
digest-md5 - Privacy protection - better than cram-md5.

*** YOUR SMTP SERVER MUST SUPPORT THE MECHANISM YOU CHOOSE HERE ***
If you don't understand or are unsure, you probably want "none"

none, login, cram-md5, or digest-md5 [none]:
login

# select login

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Server Settings

General
-------
1. Domain
: server.world

2. Invert Time
: false

3. Sendmail or SMTP
: SMTP


SMTP Settings
-------------
4. SMTP Server
: mail.server.world

5. SMTP Port
: 25

6. POP before SMTP
: false

7. SMTP Authentication
: login

8. Secure SMTP (TLS)
: false

9. Header encryption key
:


A. Update IMAP Settings
: mail.server.world:143 (other)

H. Hide SMTP Settings

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
r

# back

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color off
S Save data
Q Quit

Command >>
10

# select

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Language preferences
1. Default Language
: en_US

2. Default Charset
: iso-8859-1

3. Enable lossy encoding
: falsev


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
1

# select


SquirrelMail attempts to set the language in many ways. If it
can not figure it out in another way, it will default to this
language. Please use the code for the desired language.

[en_US]:
ja_JP

# change to your kanguage

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Language preferences
1. Default Language
: ja_JP

2. Default Charset
: iso-8859-1

3. Enable lossy encoding
: false


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
2

# select

This option controls what character set is used when sending
mail and when sending HTML to the browser.

This option is used only when default language is 'en_US'.

[iso-8859-1]:
iso-2022-jp

# specify your language

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Language preferences
1. Default Language
: ja_JP

2. Default Charset
: iso-2022-jp

3. Enable lossy encoding
: false

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
r

# back

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color off
S Save data
Q Quit

Command >>
4

# select

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
General Options
1. Data Directory
: /var/lib/squirrelmail/prefs/

2. Attachment Directory
: /var/spool/squirrelmail/attach/

3. Directory Hash Level
: 0

4. Default Left Size
: 150

5. Usernames in Lowercase
: false

6. Allow use of priority
: true

7. Hide SM attributions
: false

8. Allow use of receipts
: true

9. Allow editing of identity
: true

Allow editing of name
: true

Remove username from header
: false

10. Allow server thread sort
: true

11. Allow server-side sorting
: true

12. Allow server charset search
: true

13. Enable UID support
: true

14. PHP session name
: SQMSESSID

15. Location base
:


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
7

# select

Hide SM attributions (y/n) [n]:
y

# Yes

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
General Options
1. Data Directory
: /var/lib/squirrelmail/prefs/

2. Attachment Directory
: /var/spool/squirrelmail/attach/

3. Directory Hash Level
: 0

4. Default Left Size
: 150

5. Usernames in Lowercase
: false

6. Allow use of priority
: true

7. Hide SM attributions
: true

8. Allow use of receipts
: true

9. Allow editing of identity
: true

Allow editing of name
: true

Remove username from header
: false

10. Allow server thread sort
: true

11. Allow server-side sorting
: true

12. Allow server charset search
: true

13. Enable UID support
: true

14. PHP session name
: SQMSESSID

15. Location base
:


R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
r

# back

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Main Menu --
1. Organization Preferences
2. Server Settings
3. Folder Defaults
4. General Options
5. Themes
6. Address Books
7. Message of the Day (MOTD)
8. Plugins
9. Database
10. Languages

D. Set pre-defined settings for specific IMAP servers

C Turn color off
S Save data
Q Quit

Command >>
8

# select

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail

Available Plugins:
4. listcommands
5. filters
6. fortune
7. mail_fetch
8. message_details
9. compatibility
10. calendar
11. translate
12. sent_subfolders
13. empty_trash
14. spamcop
15. bug_report
16. abook_take
17. info
18. secure_login
19. administrator

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
9

# add compatibility (number is different at an env)

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. compatibility

Available Plugins:
5. listcommands
6. filters
7. fortune
8. mail_fetch
9. message_details
10. calendar
11. translate
12. sent_subfolders
13. empty_trash
14. spamcop
15. bug_report
16. abook_take
17. info
18. secure_login
19. administrator

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
13

# add empty_trash (number is different at an env)

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. compatibility
5. empty_trash

Available Plugins:
6. listcommands
7. filters
8. fortune
9. mail_fetch
10. message_details
11. calendar
12. translate
13. sent_subfolders
14. spamcop
15. bug_report
16. abook_take
17. info
18. secure_login
19. administrator

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
18

# add secure_login (number is different at an env)

SquirrelMail Configuration : Read: config.php (1.4.0)
---------------------------------------------------------
Plugins
Installed Plugins
1. delete_move_next
2. squirrelspell
3. newmail
4. compatibility
5. empty_trash
6. secure_login

Available Plugins:
7. listcommands
8. filters
9. fortune
10. mail_fetch
11. message_details
12. calendar
13. translate
14. sent_subfolders
15. spamcop
16. bug_report
17. abook_take
18. info
19. administrator

R Return to Main Menu
C Turn color off
S Save data
Q Quit

Command >>
q

# quit


You have not saved your data.
Save? [Y/n]:
y

# save

Data saved in config.php

Exiting conf.pl.
You might want to test your configuration by browsing to
http://your-squirrelmail-location/src/configtest.php
Happy SquirrelMailing!

[root@www ~]#
[root@www ~]#cd /usr/share/squirrelmail/plugins/secure_login

[root@www secure_login]#cp config.sample.php config.php

[root@www secure_login]#vi config.php


# line 24: change (continue to connect with SSL after login)

$change_back_to_http_after_login =
0
;

[root@www secure_login]#/etc/rc.d/init.d/httpd reload

Reloading httpd:     [  OK  ]

[2]     Access to 'http://(your server's name or IP address/)/webmail/', then follwing sacreen is shown, then authenticate your user name and password to login.

11/02/2010

How To Set Up DHCP Failover On Centos 5.1

Introduction

This tutorial will walk you through setting up DHCP fail over on CentOS 5.1 using the default ISC dhcp server, this can easily be adapted to any other Linux distro out there. You will most likely need Failover in environments where network down time can not be tolerated. My home is running a DLNA setup so I need my devices to be able to obtain network parameters at all times.
Since DHCP and DNS often go hand in hand i will be configuring a local DNS server which allows for dynamic updates, such that hostnames will be automatically updated to DNS when ever a lease is granted to a client.
My configuration with use the following please substitute to reflect your own network.
  • Domain name - home.topdog-software.com
  • Network - 192.168.1.0/24
  • DHCP servers - 192.168.1.2,192.168.1.3
  • Gateway - 192.168.1.254
  • DNS servers - 192.168.1.2,192.168.1.3

Install required Packages

  • DHCP
    # yum install dhcp -y
  • DNS
    # yum install bind bind-chroot caching-nameserver -y
  • NTP
    # yum install ntp -y

Configuration

DHCP

Backup your original config on the Master 192.168.1.2:
# cp /etc/dhcpd.conf /etc/dhcpd.conf.orig
Edit the DHCP configuration /etc/dhcpd.conf on the master 192.168.1.2 and add the following, read the comments to understand the options:
authoritative;                                             # server is authoritative
option domain-name "home.topdog-software.com";             # the domain name issued
option domain-name-servers 192.168.1.2,192.168.1.3;        # name servers issued
option netbios-name-servers 192.168.1.2;                   # netbios servers
allow booting;                                             # allow for booting over the network
allow bootp;                                               # allow for booting
next-server 192.168.1.2;                                   # TFTP server for booting
filename "pxelinux.0";                                     # kernel for network booting
ddns-update-style interim;                                 # setup dynamic DNS updates
ddns-updates on;
ddns-domainname "home.topdog-software.com";                # domain name for DDNS updates
key rndckey {
        algorithm       hmac-md5;
        secret          "xxxxxxxxxx";                      # get from the /etc/rndc.key file
}
zone home.topdog-software.com                              # forward zone to update
{
        primary 127.0.0.1;                                 # update on the local machine
        key rndckey;                                       # key to use for the update
}
zone 1.168.192.in-addr.arpa                                # reverse zone to update
{
        primary 127.0.0.1;                                 # update on the local machine
        key rndckey;                                       # key for update
}
failover peer "home-net" {                                 # fail over configuration
         primary;                                          # This is the primary
         address 192.168.1.2;                              # primarys ip address
         port 647;
         peer address 192.168.1.3;                         # peer's ip address
         peer port 647;
         max-response-delay 60;
         max-unacked-updates 10;
         mclt 3600;
         split 128;
         load balance max seconds 3;
}
subnet 192.168.1.0 netmask 255.255.255.0                   # zone to issue addresses from
{
        pool {
                failover peer "home-net";                  # pool for dhcp leases with failover bootp not allowed 
                deny dynamic bootp clients;         
                option routers 192.168.1.254;
                range 192.168.1.25 192.168.1.50;
        }
        pool {                                             # accomodate our bootp clients here no replication and failover
                option routers 192.168.1.254;
                range 192.168.1.51 192.168.1.55;
        }
        allow unknown-clients;
        ignore client-updates;
}
Back up your original config on the Slave 192.168.1.3:
# cp /etc/dhcpd.conf /etc/dhcpd.conf.orig
Edit the DHCP configuration /etc/dhcpd.conf on the slave 192.168.1.3 and add the following, read the comments to understand the options:
authoritative;                                             # server is authoritative
option domain-name "home.topdog-software.com";             # the domain name issued
option domain-name-servers 192.168.1.2,192.168.1.3;        # name servers issued
option netbios-name-servers 192.168.1.2;                   # netbios servers
allow booting;                                             # allow for booting over the network
allow bootp;                                               # allow for booting
next-server 192.168.1.2;                                   # TFTP server for booting
filename "pxelinux.0";                                     # kernel for network booting
ddns-update-style interim;                                 # setup dynamic DNS updates
ddns-updates on;
ddns-domainname "home.topdog-software.com";                # domain name for DDNS updates
key rndckey {
        algorithm       hmac-md5;
        secret          "xxxxxxxxxx";                      # get from the /etc/rndc.key file on the master
}
zone home.topdog-software.com                              # forward zone to update
{
        primary 192.168.1.2;                               # update on the local machine
        key rndckey;                                       # key to use for the update
}
zone 1.168.192.in-addr.arpa                                # reverse zone to update
{
        primary 192.168.1.2;                               # update on the local machine
        key rndckey;                                       # key for update
}
failover peer "home-net" {                                 # fail over configuration
         secondary;                                        # This is the secondary
         address 192.168.1.3;                              # our ip address
         port 647;
         peer address 192.168.1.2;                         # primary's ip address
         peer port 647;
         max-response-delay 60;
         max-unacked-updates 10;
         mclt 3600;
         load balance max seconds 3;
}
subnet 192.168.1.0 netmask 255.255.255.0                   # zone to issue addresses from
{
        pool {
                failover peer "home-net";                  # pool for dhcp leases with failover bootp not allowed 
                deny dynamic bootp clients;         
                option routers 192.168.1.254;
                range 192.168.1.25 192.168.1.50;
        }
        pool {                                             # accomodate our bootp clients here no replication and failover
                option routers 192.168.1.254;
                range 192.168.1.51 192.168.1.55;
        }
        allow unknown-clients;
        ignore client-updates;
}

DNS

Back up the the Bind configuration on the master:
# cp /var/named/chroot/etc/named.caching-nameserver.conf /var/named/chroot/etc/named.caching-nameserver.conf.orig
Edit the configuration to reflect the config below.
options {
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { localhost; localnets; };
};
include "/etc/rndc.key";
include "/etc/named.rfc1912.zones";
zone "home.topdog-software.com" {
        type master;
        file "data/home.topdog-software.com.hosts";
        allow-transfer { 192.168.1.3; };
        allow-update { key "rndckey"; };
        allow-query { any; };
};
zone "1.168.192.in-addr.arpa" {
        type master;
        file "data/1.168.192.in-addr.arpa.hosts";
        allow-transfer { 192.168.1.3; };
        allow-update { key "rndckey"; };
        allow-query { any; };
};
Back up the the Bind configuration on the slave:
# cp /var/named/chroot/etc/named.caching-nameserver.conf /var/named/chroot/etc/named.caching-nameserver.conf.orig
Edit the configuration to reflect the config below.
options {
        directory       "/var/named";
        dump-file       "/var/named/data/cache_dump.db";
        statistics-file "/var/named/data/named_stats.txt";
        memstatistics-file "/var/named/data/named_mem_stats.txt";
        query-source    port 53;
        query-source-v6 port 53;
        allow-query     { localhost; localnets; };
};
include "/etc/rndc.key";
include "/etc/named.rfc1912.zones";
zone "home.topdog-software.com" {
        type slave;
        masters { 192.168.1.2; };
        file "data/home.topdog-software.com.hosts";
};
zone "1.168.192.in-addr.arpa" {
        type slave;
        masters { 192.168.1.2; };
        file "data/1.168.192.in-addr.arpa.hosts";
};
Create the zone files on the master
  • /var/named/chroot/var/named/data/home.topdog-software.com.hosts
    $ORIGIN .
    $TTL 38400 
    home.topdog-software.com IN SOA ns1.home.topdog-software.com. andrew.topdog.za.net. (
                                    2008061629 ; serial
                                    10800      ; refresh (3 hours)
                                    3600       ; retry (1 hour)
                                    604800     ; expire (1 week)
                                    38400      ; minimum (10 hours 40 minutes)
                                    )
                            NS      ns1.home.topdog-software.com.
                            NS      ns2.home.topdog-software.com.
    ns1      IN    A 192.168.1.2
    ns2      IN    A 192.168.1.3
    
  • /var/named/chroot/var/named/data/1.168.192.in-addr.arpa.hosts
    $ORIGIN .
    $TTL 38400      ; 10 hours 40 minutes
    1.168.192.in-addr.arpa  IN SOA  ns1.home.topdog-software.com. andrew.topdog.za.net. (
                                    2008061644 ; serial
                                    10800      ; refresh (3 hours)
                                    3600       ; retry (1 hour)
                                    604800     ; expire (1 week)
                                    38400      ; minimum (10 hours 40 minutes)
                                    )
                            NS      ns1.home.topdog-software.com.
                            NS      ns2.home.topdog-software.com.
    2    IN  PTR ns1.home.topdog-software.com.
    3    IN  PTR ns2.home.topdog-software.com.
    

NTP

NTP is required because the two DHCP servers need to be in sync for fail over as well as DDNS to take place. You can run a full fledged NTP server if you want, i will only provide you with instructions on using cron to sync NTP to an external NTP server every hour. You need to do this on BOTH servers.
  • create a file /etc/cron.hourly/timesync and add the following:
    #!/bin/bash
    #
    ntpdate -s 0.rhel.pool.ntp.org
    
  • make the file executable and run it for the first time:
    # /etc/cron.hourly/timesync

Finally

Well we are done, let's fire up the services and begin testing.
  • on the master:
    # service named start
    # service dhcpd start
  • on the slave:
    # service named start
    # service dhcpd start
You should see the following in your logs on the master:
Jun 16 13:58:56 kudusoft dhcpd: failover peer home-net: I move from recover to startup
Jun 16 13:58:56 kudusoft dhcpd: dhcpd startup succeeded
Jun 16 13:58:56 kudusoft dhcpd: failover peer home-net: I move from startup to recover
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: peer moves from unknown-state to recover
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: requesting full update from peer
Jun 16 13:59:12 kudusoft dhcpd: Sent update request all message to home-net
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: peer moves from recover to recover
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: requesting full update from peer
Jun 16 13:59:12 kudusoft dhcpd: Update request all from home-net: sending update
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: peer update completed.
Jun 16 13:59:12 kudusoft dhcpd: failover peer home-net: I move from recover to recover-done
Jun 16 13:59:13 kudusoft dhcpd: Sent update done message to home-net
Jun 16 13:59:13 kudusoft dhcpd: failover peer home-net: peer moves from recover to recover-done
Jun 16 13:59:13 kudusoft dhcpd: failover peer home-net: I move from recover-done to normal
Jun 16 13:59:13 kudusoft dhcpd: failover peer home-net: peer moves from recover-done to normal
Jun 16 13:59:14 kudusoft dhcpd: pool 914eb10 192.168.1/24 total 26  free 25  backup 0  lts -12
Jun 16 13:59:14 kudusoft dhcpd: pool 914eb10 192.168.1/24  total 26  free 25  backup 0  lts 12
And on the slave:
Jun 16 13:59:12 shaka dhcpd: Sending on   Socket/fallback/fallback-net
Jun 16 13:59:12 shaka dhcpd: failover peer home-net: I move from recover to startup
Jun 16 13:59:12 shaka dhcpd: failover peer home-net: peer moves from unknown-state to recover
Jun 16 13:59:12 shaka dhcpd: dhcpd startup succeeded
Jun 16 13:59:12 shaka dhcpd: failover peer home-net: requesting full update from peer
Jun 16 13:59:12 shaka dhcpd: failover peer home-net: I move from startup to recover
Jun 16 13:59:12 shaka dhcpd: Sent update request all message to home-net
Jun 16 13:59:12 shaka dhcpd: Sent update done message to home-net
Jun 16 13:59:12 shaka dhcpd: Update request all from home-net: nothing pending
Jun 16 13:59:12 shaka dhcpd: failover peer home-net: peer moves from recover to recover-done
Jun 16 13:59:14 shaka dhcpd: failover peer home-net: peer update completed.
Jun 16 13:59:14 shaka dhcpd: failover peer home-net: I move from recover to recover-done
Jun 16 13:59:14 shaka dhcpd: failover peer home-net: peer moves from recover-done to normal
Jun 16 13:59:14 shaka dhcpd: failover peer home-net: I move from recover-done to normal
Jun 16 13:59:14 shaka dhcpd: pool 9d78ad8 192.168.1/24 total 26  free 25  backup 0  lts 12
Jun 16 13:59:14 shaka dhcpd: pool response: 12 leases

For: howtoforge