[Kolab-devel] Cyrus didn't answer on port 993, SSL missing_
Richard
ml at radoeka.nl
Sat May 11 20:21:13 CEST 2013
Hi Jeroen,
Op zaterdag 11 mei 2013 18:51:03 schreef Jeroen van Meeuwen:
> Is anyone interested in making the upstream setup-kolab be able to make
> such platform specific changes, for as far as they are platform specific
> (generating a CA / self-signed cert is not platform specific), if not
> simply integrating in to upstream documentation, the recommended
> additional steps that need to be taken for the use of openSUSE as a
> platform?
Most of them (besides the CA one, I'll come back to the CA futher down)
are distribution specific. The tool itself thoug is generic, the script is plugin based:
kolab:/usr/share/kolab/prep-setup.d # ls
kolab-check-apache.sh
kolab-check-cyrus-rpm.sh
kolab-check-imap-user-deny.sh
kolab-check-postfix.sh
kolab-check-var_lib_imap_sieve.sh
kolab-check-certs.sh
kolab-check-hostname.sh
kolab-check-mysql-backup.sh
kolab-check-services-files.sh
kolab-run-freshclam.sh
kolab:/usr/share/kolab/prep-setup.d # which kolab-prep-setup
/usr/sbin/kolab-prep-setup
# cat kolab-prep-setup:
....
some license stuff
....
PATH=/usr/bin:/bin
[[ ! $(id -u) ]] && {
echo "This program must be run as root" >&2
exit 1
}
[[ -f /etc/kolab/prep-setup.conf ]] && {
. /etc/kolab/prep-setup.conf
export INTERNET_CONNECTIVITY
}
echo "Preparing Kolab environment..."
for F in /usr/share/kolab/prep-setup.d/*.sh; do
FILENAME=$(basename $F | sed 's/-/_/g;s/\.sh$//')
eval MODE=\$$FILENAME
[[ "$MODE" != "disable" ]] && {
[[ -x $F ]] && $F
}
done
echo
echo "Check the output above, if it looks OK to you run 'kolab-start-setup'"
echo "to actually install kolab on your system. Otherwise run this script"
echo "once more, or correct the errors manually"
-------------------------------
kolab:/usr/share/kolab/prep-setup.d # cat /etc/kolab/prep-setup.conf
# Disable checks that are stored in /usr/share/kolab/prep-setup.d/
# The checks are enabled by default and can (only) be disabled by assigning
# the value "disable" to the check's filename (with hyphens (-) replaced by
# underscores and the .sh suffix removed.
#
# Example for check (filename): kolab-check-update-pkgs.sh
# kolab_run_update_pkgs=disable
# Configure whether internet connectivity is present.
# Perhaps internet is not reachable due to e.g. proxy settings.
# If not reachable of not desired it can be configured here.
#
# Disable by assigning the value 'no'
# INTERNET_CONNECTIVITY=no
-----------------------
So the tool can be part of kolab (in git). The scripts in /usr/share/kolab/prep-setup.d
can be stored in git, but perhaps in their distribution specific directory. The
packager has to take care, in that case to include the correct scripts directory
(the one needed for his/her distribution).
With the 'eval MODE=\$$FILENAME' construction a script can be disable
in the configuration file /etc/kolab/prep-setup.conf.
About the CA scripts: would it be possible to do something with gnomint? An
explanation can be found at:
http://virtuallyhyper.com/2013/04/setup-your-own-certificate-authority-ca-on-linux-and-use-it-in-a-windows-environment/
I like this, because it makes it clear that there is a difference in the
CA and creation (signing) of the public key. It would be nice if gnomint
will be adopted and be used in howto's about installing kolab. Having
gnomint, makes it perhaps also easier to make followup certificate
signing request.
One last thing, is it possible to rename setup-kolab, to kolab-setup? Like most
of the other kolab tools, it starts with the kolab- prefix. Making it easy to find /
visible when executing: kolab<tab><tab> on the command line.
Let me know, if I should provide you the sources in e.g. a tarbal.
--
Regards,
Richard
More information about the devel
mailing list