[Kolab-devel] PARTIAL SUMMARY kolab_bootstrap -b fails on Solaris8Sparc

ComCept Net GmbH Soliva soliva at comcept.ch
Mon Oct 17 20:03:17 CEST 2005

Hello all

First of all sorry for the delay but I had to setup all again because I had
some funny symptomes and it seems that my installation was not anymore
clean. Anyway I begann again from the scratch and I could solve the problem
now it seems to work! There some stuff which are or should be intressting
for you and which you can also solve without big efforts. Below you will
find a installation notes.

To beginn some notes to the developers:

- Posix seems to me again not everywhere configured in a clean way!
- On Solaris GNU Tools must be installed without Kolab2 will never run!
- CC must be linked to gcc otherwise installation fails completly!
- Clamav and GMP could not be installed automatically!
- Digital signatue support for clamav has to be disabled!
- Postfix dbm is a problem because in main.cf is missing the config to use

Any feedback on this would be wellcome! Please take the time and go through
the installation
Docu etc. Special thanks to my friend Philipp for his help.....he is the
best :-)

      * 50.0 Solaris 8 Install Notes *

50.1) The test machine is:

	Ultra 2 Dual Processor 300 MHz and 512 RAM SBUS based and 2 X SCSI
HD 9.1 GB

	Solaris 8 setup over Jumpstart server:

	system      SFWaconf       autoconf - GNU autoconf
	system      SFWamake       automake - GNU automake
	system      SFWgcc         gcc - GNU Compiler Collection
	system      SFWgcmn        gcmn - Common GNU package
	system      SFWgm4         GNU m4 - macro processor
	system      SUNWadmr       System & Network Administration Root
	system      SUNWarc        Archive Libraries
	system      SUNWarcx       Archive Libraries (64-bit)
	system      SUNWbcp        SunOS 4.x Binary Compatibility
	system      SUNWbtool      CCS tools bundled with SunOS
	system      SUNWbtoox      CCS libraries bundled with SunOS (64-bit)
	system      SUNWbzip       The bzip compression utility
	system      SUNWcar        Core Architecture, (Root)
	system      SUNWcarx       Core Architecture, (Root) (64-bit)
	system      SUNWcg6        GX (cg6) Device Driver
	system      SUNWcg6x       GX (cg6) Device Driver (64-bit)
	system      SUNWcsd        Core Solaris Devices
	system      SUNWcsl        Core Solaris, (Shared Libs)
	system      SUNWcslx       Core Solaris Libraries (64-bit)
	system      SUNWcsr        Core Solaris, (Root)
	system      SUNWcsu        Core Solaris, (Usr)
	system      SUNWcsxu       Core Solaris (Usr) (64-bit)
	system      SUNWdfb        Dumb Frame Buffer Device Drivers
	system      SUNWeridx      Sun RIO 10/100 Mb Ethernet Drivers
	system      SUNWesu        Extended System Utilities
	system      SUNWgzip       The GNU Zip (gzip) compression utility
	system      SUNWhea        SunOS Header Files
	system      SUNWhmd        SunSwift SBus Adapter Drivers
	system      SUNWhmdx       SunSwift SBus Adapter Drivers (64-bit)
	system      SUNWipc        Interprocess Communications
	system      SUNWipcx       Interprocess Communications (64-bit)
	system      SUNWkey        Keyboard configuration tables
	system      SUNWkvm        Core Architecture, (Kvm)
	system      SUNWkvmx       Core Architecture (Kvm) (64-bit)
	system      SUNWlibC       Sun Workshop Compilers Bundled libC
	system      SUNWlibCx      Sun WorkShop Bundled 64-bit libC
	system      SUNWlibm       Sun WorkShop Bundled libm
	system      SUNWlibms      Sun WorkShop Bundled shared libm
	system      SUNWlmsx       Sun WorkShop Bundled 64-bit shared libm
	system      SUNWloc        System Localization
	system      SUNWlocx       System Localization (64-bit)	
	system      SUNWmdr        Solstice DiskSuite Drivers
	system      SUNWmdu        Solstice DiskSuite Commands
	system      SUNWmdx        Solstice DiskSuite Drivers(64-bit)
	system      SUNWnamos      Northern America OS Support
	system      SUNWowbcp      OpenWindows binary compatibility
	system      SUNWpl5u       Perl 5.005_03
	system      SUNWrmodu      Realmode Modules, (Usr)
	system      SUNWscbcp      SPARCompilers Binary Compatibility
	system      SUNWscpr       Source Compatibility, (Root)
	system      SUNWscpu       Source Compatibility, (Usr)
	system      SUNWsprot      Solaris Bundled tools
	system      SUNWsprox      Sun WorkShop Bundled 64-bit make library
	system      SUNWswmt       Install and Patch Utilities
	system      SUNWtoo        Programming Tools
	system      SUNWtoox       Programming Tools (64-bit)
	system      SUNWxcu4       XCU4 Utilities

	The env variable for user root looks like following:

	# su - root

	PS1=[root at proteus $PWD]# 

50.2) First of all install wget to get the source:


	# mkdir /root/wget
	# cp wget-1.10.1.tar.gz /root/wget
	# cd /root/wget
	# gzip -dc wget-1.10.1.tar.gz | tar xvf - 

	# cd /root/wget/wget-1.10.1

	# ./configure \
	# --prefix=/opt/wget-1.10.1 \
	# --exec-prefix=/opt/wget-1.10.1

	# make 

	# make install

50.3) Make a temporary dir and download the source:

	# mkdir /kolabtmp
	# cd /kolabtmp

	# /opt/wget-1.8.2/bin/wget -r -l1 -nd --no-parent

      To be sure that we get not some troubles with the source chmod it with
the highest rights:

	# chmod -R 777 /kolabtmp

50.4) If you work with RAID or MIRRORS the dir /kolab seems to be not the
correct dir but the
	installation will have some troubles if this does not exist. Use a
link to this directory
      which you actually want to install Kolab2:

	# mkdir /export/kolab
	# ln -s /export/kolab /kolab

50.5) Controll some aspects specially if the users mentioned below already

	# cat /etc/group | grep kolab
	# cat /etc/passwd | grep kolab

	If they exist delete them:

	# userdel kolab
	# userdel kolab-r
	# userdel kolab-n

	# groupdel kolab
	# groupdel kolab-r
	# groupdel kolab-n

      Controll if following mentioned ports are not in use:

	Ports 21,25,80,143,389,443,465,636,993,995,2000 :

      The following command shows you what is used:

	# netstat -an

	   Local Address        Remote Address    Swind Send-Q Rwind Recv-Q
	-------------------- -------------------- ----- ------ ----- ------
	      *.*                  *.*                0      0 24576      0
	      *.22                 *.*                0      0 24576      0
LISTEN       *.*                0      0 24576      0
	      *.*                  *.*                0      0 24576      0
	TCP: IPv6
	   Local Address                     Remote Address
Swind Send-Q Rwind Recv-Q   State      If 
	--------------------------------- ---------------------------------
----- ------ ----- ------ ----------- -----
	      *.*                               *.*
0      0 24576      0 IDLE             

      If /usr/bin/cc does not exist Kolab2 installation will fail. We use a
link to gcc:

	# which cc

	# which gcc

	# ln -s /opt/sfw/bin/gcc /usr/bin/cc

	# which cc

50.6) On Solaris two standard packages will fail in the installation itself.
Exclude them in the
      following file. We will install these packages after installation

	# vi /kolabtmp/obmtool.conf

	--------------- /kolabtmp/obmtool.conf --------------- 
	#    @install ${plusloc}gmp-4.1.4-2.4.0
	#    @install ${altloc}clamav-0.86.2-20050726
	--------------- /kolabtmp/obmtool.conf --------------- 

50.7) Now we are ready for installation:

	# cd /kolabtmp
	# sh obmtool kolab

	---- boot/build proteus %kolab ----
	obmtool:NOTICE: did not find openpkg/rpm executable.
Checking/fetching binary sh.
	obmtool:NOTICE: did not find binary sh. Checking/fetching source sh.
	OpenPKG 2.4-SOLID Source Bootstrap Package, version 2.4.2
	Building for prefix /kolab on current platform
	++ extracting OpenPKG source distribution

     	ACHTUNG Be careful on a  "Ultra 2 (2 X 300 MHz) 512 RAM" the
installation will take
	******* 12 - 15 hours!

      After a successfull installation you will see the following:

	MISSSRC: none
	MISSPKG: none
	MISSING: none
	SURPLUS: none
	SUMMARY: NODE=kolab2; CMD=kolab; DATE=2005-10-01/08:48:58; HASX11=;
	/tmp/obmtool.7045.tmp: test: argument expected

50.8) The configuration of Kolab2 seems to be a problem of posix standards
it means without
      the below tools from sunfreeware the configuration with
kolab_bootstrap will fail. 
      Download the tools and install the precompiled packges:

	# mkdir /root/packages
	# cd /root/packages/

	# /opt/wget-1.8.2/bin/wget
	# /opt/wget-1.8.2/bin/wget
	# /opt/wget-1.8.2/bin/wget

	# gzip -d coreutils-4.5.4-sol8-sparc-local.gz
diffutils-2.8.1-sol8-sparc-local.gz libiconv-1.8-sol8-sparc-local.gz

	# pkgadd -d libiconv-1.8-sol8-sparc-local
	# pkgadd -d diffutils-2.8.1-sol8-sparc-local
	# pkgadd -d coreutils-4.5.4-sol8-sparc-local

	ATTENTION All packages would be installed in /usr/local/bin!

	# pkginfo | grep SMC
	application SMCcoreu       coreutils
	application SMCdiffu       diffutils
	application SMCiconv       libiconv

      That the tools would be available in the ENV variable of user "root"
modify the .profile in the home
      dir of the user "root" in this way that "/usr/local/sbin and
/usr/loca/bin" will be loaded at beginn
      of the ENV variable:

	# vi /root/.profile

	--------------- /root/.profile --------------- 

	--------------- /root/.profile ---------------

      Exit and login to user "root" again to activate the modification:

	# exit
	# su -

      Controll if the new ENV variable was loaded correctly:
	# env

	--------------- output of env ---------------
	PS1=[root at kolab2 $PWD]# 

	--------------- output of env ---------------

	# which diff

50.9)  As mentioned two packages could not be installed with the default
installation of Kolab2.
       The problem is "clamav". It means gmp supports the digital signature
of "clamav"!

	NOTE I do not really know but I was not able to compile clamav in a
way which clamav finds
	**** and compiles successfully the gmp lib stuff. On my point of
view on 64bit based on Solaris 8
	     it is not possible. I use under normal env. Clamav and GMP
without problems. Also why the 
	     developers deleted the sparc/* directory and excluded the code
for sparc seems to me not 
	     clear (see .spec file of clamav). I also tried to force 32bit
which worked but also not
           successfully depending the gmp lib. Anyway I decided to exclude
the digital signature 
	     support of clamav and after I did this all worked fine.

	ATTENTION It seems to me fundamental if you do some manuall stuff on
Kolab2 that you load
	********* the correct env and stuff from Kolab2. To do this use the
"opa" script which worked
		    also fine under Solaris ksh shell:

	# vi /root/.bashrc

	--------------- /root/.kshrc ---------------  

	# Loads Kolab2 environment:
	# Execute "opa /kolab" before doing any maintainance
	# or configuration work on Kolab!
	export LANG=C
	opa () {
	   if [ ! -d $root ]; then
	       echo "opa:ERROR: OpenPKG root directory $root not found"
	       exit 1
	   if [ ! -f "$root/etc/rc" ]; then
	       echo "opa:ERROR: root directory does not contain OpenPKG
	       exit 1
	   eval `$root/etc/rc --eval all env`

	--------------- /root/.kshrc ---------------

	# opa /kolab

      Now we can install the packages manually. Install first gmp and after
      The packages gmp is on my point of view not anymore needed but anyway
      it for future use.

	# /kolab/bin/openpkg rpm -iv ./[Package]

      After installing the source you will find it in following directory:

	# ls -la /kolab/RPM/SRC/[Package]/

	Have a look in case of problems to the .spec file. In this file you
will find the
	definitions how something will be compiled etc:

	# vi /kolab/RPM/SRC/[Package]/[Package].spec

	ATTENTION In case of clamav add the option --disable-dsig to the
%build section
	********* to exclude digital signature support!

		# vi /kolab/RPM/SRC/clamav/clamav.spec

		--------------- /kolab/RPM/SRC/clamav/clamav.spec

		    #   configure package
		    CC="%{l_cc}" \
		    CFLAGS="%{l_cflags -O}" \
		    CPPFLAGS="%{l_cppflags}" \
		    LDFLAGS="%{l_ldflags}" \
		    ./configure \
		        --prefix=%{l_prefix} \
		        --sysconfdir=%{l_prefix}/etc/clamav \
		        --with-zlib=%{l_prefix} \
		        --with-libcurl \
			       --with-user=%{l_rusr} \
		        --with-group=%{l_rgrp} \
		        --disable-clamav \
		        --disable-clamuko \
		        --disable-urandom \
		        --disable-cr \
		        --disable-shared \

		--------------- /kolab/RPM/SRC/clamav/clamav.spec

      Now we would build the RPM:

	# /kolab/bin/openpkg rpmbuild -bb

      Now we install the RPM:

	# /kolab/bin/openpkg rpm -Uvh

	Logout and login again to clear the "opa" ENV variable and load the
      User "root" variable:

	# exit
	# su -

50.10) All prepared we could run the initial config of Kolab2:

	ATTENTION Under V2.0.1 there are some commands in "kolab_bootstrap"
which are not
	********* posix like it means "ps aux" is used but as mentioned
posix like is 
		    "ps -elf". Change this two positions. In the next
version this should be
 		    not anymore a case!

	# vi /kolab/etc/kolab/kolab_bootstrap

	--------------- /kolab/etc/kolab/kolab_bootstrap ---------------
	   381          ."Please stop any running kolabd and bootstrap
	   382        if( `ps -elf|grep slurpd|grep -v grep` ) {
	   383          print "Error: Detected running slurpd processes.\n";
	   384          print "Please make sure the OpenLDAP server is
stopped properly!
	   636      ."Please stop any running kolabd and bootstrap again\n";
	   637    if( `ps -elf|grep slurpd|grep -v grep` ) {
	   638      print "WARNING: Detected running slurpd processes.\n";
	   639      print " Please make sure the OpenLDAP server is stopped
	--------------- /kolab/etc/kolab/kolab_bootstrap ---------------

	ATTENTION Unter Kolab2 V2.0.1 the following file "main.cf.template"
must be modified.
	********* This is neccessary because it seems under Solaris that dbm
is the default
  		    format to write the db's but in the template file is
configured "hash".
 		    If you would not do the modification you will get
following error:

		<critical> postfix/postmap[8083]: fatal: unsupported map
type: dbm 

		    To advice postfix which db format must be written add
the following to 
		    the template file of postfix:

	# vi /kolab/etc/kolab/templates/main.cf.template

	--------------- /kolab/etc/kolab/templates/main.cf.template

	# this file is automatically written by the Kolab config backend
	# manual additions are lost unless made to the template in the Kolab
config directory

	default_database_type = hash

	--------------- /kolab/etc/kolab/templates/main.cf.template

	NOTE This modification should be added as default to the template
file. I would suggest
	**** to the developer to do so to eliminate future problems not even
under Solaris!

      Within a dialog you must now configure Kolab2 but be careful about the
questions it means
      if you use a real mail domain you should answer as following:

	# /kolab/etc/kolab/kolab_bootstrap -b

	--------------- output of /kolab/etc/kolab/kolab_bootstrap -b

	Check for running webserver on port 80
	Check for running webserver on port 443
	Check for running imap server on port 143
	Check for running imap server on port 220
	Check for running imap server on port 585
	Check for running imap server on port 993
	Check for running pop3 server on port 109
	Check for running pop3 server on port 110
	Check for running pop3 server on port 473
	Check for running pop3 server on port 995
	Check for running smtp server on port 25
	Check for running smtp server on port 465
	Check for running ftp server on port 21
	Check for running Amavis Virus Scanner Interface on port 10024
	Check for running Kolab daemon on port 9999
	Check for running OpenLDAP server on port 636
	Check for running OpenLDAP server on port 389
	Check for running Sieve server on port 2000
	Excellent all required Ports are available!
	Please enter Hostname including Domain Name (e.g.
thishost.domain.tld) [kolab2]: kolab2.comcept.ch
	Proceeding with Hostname kolab2.comcept.ch
	Do you want to set up (1) a master Kolab server or (2) a slave [1]
(1/2): 1
	Proceeding with master server setup
	Please enter your Maildomain - if you do not know your mail domain
use the fqdn from above [comcept.ch]: comcept.ch
	proceeding with Maildomain comcept.ch
	Kolab primary email addresses will be of the type user at comcept.ch 
	Generating default configuration:
	 base_dn : dc=comcept,dc=ch
	 bind_dn : cn=manager,cn=internal,dc=comcept,dc=ch
	 Please choose a manager password [ojREpz0FrfyV7cOf]: **********
	 bind_pw : **********
 	done modifying /kolab/etc/kolab/kolab.conf
	use login=manager and passwd=********** when you log into the

	Enter fully qualified hostname of slave kolab server e.g.
thishost.domain.tld [empty when done]: 
	prepare LDAP database...
	temporarily starting slapd
	Waiting for OpenLDAP to start
	no dc=comcept,dc=ch object found, creating one
	LDAP setup finished
	Create initial config files for postfix, apache, proftpd, cyrus
imap, saslauthd
	running /kolab/sbin/kolabconf -n
	kolabconf - Kolab Configuration Generator
	  Version: 2.0.0
	  Copyright (c) 2004  Klaraelvdalens Datakonsult AB
	  Copyright (c) 2003  Code Fusion cc
	  Copyright (c) 2003  Tassilo Erlewein, Martin Konold, Achim Frank,
	This is free software; see the source for copying conditions.  There
is NO	
	kill temporary slapd
	OpenPKG: stop: openldap.
	Creating RSA keypair for resource password encryption
	/kolab/bin/openssl genrsa -out /kolab/etc/kolab/res_priv.pem 1024
	Generating RSA private key, 1024 bit long modulus
	e is 65537 (0x10001)
	/kolab/bin/openssl rsa -in /kolab/etc/kolab/res_priv.pem -pubout
-out /kolab/etc/kolab/res_pub.pem
	writing RSA key
	chown kolab:kolab-n /kolab/etc/kolab/res_pub.pem
	Kolab can create and manage a certificate authority that can be
	used to create SSL certificates for use within the Kolab
	You can choose to skip this section if you already have certificates
	for the Kolab server.
	Do you want to create CA and certificates [y] (y/n): y
	Now we need to create a cerificate authority (CA) for Kolab and a
	certificate. You will be prompted for a passphrase for the CA.
	/kolab/etc/kolab/kolab_ca.sh -newca kolab2.comcept.ch
	Enter organization name [Kolab]: ComCept Net GmbH       
	Enter organizational unit [Test-CA]: ComCept Net GmbH KOLAB2
	Using subject O=ComCept Net GmbH,OU=ComCept Net GmbH
	Using dn 
	CA certificate filename (or enter to create)
	Making CA certificate ...
	Generating a 1024 bit RSA private key
	writing new private key to '/kolab/etc/kolab/ca/private/cakey.pem'
	Enter PEM pass phrase:
	Verifying - Enter PEM pass phrase:
	/kolab/etc/kolab/kolab_ca.sh -newkey kolab2.comcept.ch
	Using dn 
	Generating RSA private key, 1024 bit long modulus
	e is 65537 (0x10001)
	writing RSA key
	/kolab/etc/kolab/kolab_ca.sh -newreq kolab2.comcept.ch
/kolab/etc/kolab/key.pem /kolab/etc/kolab/newreq.pem 
	Using dn 
	Request is in /kolab/etc/kolab/newreq.pem and private key is in
	/kolab/etc/kolab/kolab_ca.sh -sign /kolab/etc/kolab/newreq.pem
	Using dn 
	Using configuration from /kolab/etc/kolab/kolab-ssl.cnf
	Enter pass phrase for /kolab/etc/kolab/ca/private/cakey.pem:
	Check that the request matches the signature
	Signature ok
	Certificate Details:
	        Serial Number: 1 (0x1)
	            Not Before: Sep 28 17:55:16 2005 GMT
	            Not After : Sep 26 17:55:16 2015 GMT
	            commonName                = kolab2.comcept.ch
	        X509v3 extensions:
	            X509v3 Basic Constraints: 
	            Netscape Comment: 
	                OpenSSL Generated Certificate
	            X509v3 Subject Key Identifier: 
	            X509v3 Authority Key Identifier: 
	                DirName:/O=ComCept Net GmbH/OU=ComCept Net GmbH
	Certificate is to be certified until Sep 26 17:55:16 2015 GMT (3650
	Sign the certificate? [y/n]:y

	1 out of 1 certificate requests certified, commit? [y/n]y
	Write out database with 1 new entries
	Data Base Updated
	Signed certificate is in /kolab/etc/kolab/cert.pem
	chgrp kolab-r /kolab/etc/kolab/key.pem;
	chmod 0640 /kolab/etc/kolab/key.pem;
	chgrp kolab-r /kolab/etc/kolab/cert.pem;
	chmod 0640 /kolab/etc/kolab/cert.pem;
	CA and certificate creation complete.
	You can install /kolab/etc/kolab/ca/cacert.pem on your clients to
allow them
	to verify the validity of your server certificates.
	kolab is now ready to run!
	please run '/kolab/bin/openpkg rc all start'
	Use login=manager and passwd=KOLAB2/118 when you log into
	the webinterface https://kolab2.comcept.ch/admin !

	--------------- output of /kolab/etc/kolab/kolab_bootstrap -b

50.11) Now all is configured you can start Kolab2 the first time:

	# /kolab/bin/openpkg rc all start

50.12) I would suggest to have a look in following log files to identify
errors etc.:



50.13) About warnings or errors I could only identify the following in the

	# cat /kolab/var/sasl/log/saslauthd.log

	<info> saslauthd[7141]: Retrying authentication
	<debug> saslauthd[7141]: Domain/Realm not available.
	<debug> saslauthd[7141]: Domain/Realm not available.
	<debug> saslauthd[7148]: Domain/Realm not available.
	<debug> saslauthd[7148]: Domain/Realm not available.
	<error> saslauthd[7148]: user ldap_search_st() failed: Can't contact
LDAP server

	# /kolab/var/postfix/log/postfix.log

	<warning> postfix/postfix-script[24179]: warning: not owned by root:
	<warning> postfix/postfix-script[24181]: warning: not owned by root:
	<warning> postfix/postfix-script[24232]: warning: not owned by root:
	<warning> postfix/postfix-script[24234]: warning: not owned by root:
	<info> postfix/postfix-script[24248]: starting the Postfix mail
	<info> postfix/master[24249]: daemon started -- version 2.2.3,
configuration /kolab/etc/postfix

	To controll the owners here a listing of the directory depending the
config files of postfix:

	# ls -la /kolab/etc/postfix

	-rw-------    1 root     other           0 Oct  1 05:28 .up-to-date
	-rw-r--r--    1 root     kolab        1927 Oct  1 05:22 Makefile
	-rw-r--r--    1 root     kolab         967 Oct  1 05:22 access
	-rw-r--r--    1 root     kolab       24576 Oct  1 05:28 access.db
	-rw-r--r--    1 root     kolab        1027 Oct  1 05:22 aliases
	-rw-r--r--    1 root     kolab       24576 Oct  1 05:28 aliases.db
	-rw-r--r--    1 root     kolab         455 Oct  1 05:22 canonical
	-rw-r--r--    1 root     kolab       24576 Oct  1 05:28 canonical.db
	-rw-r--r--    1 root     kolab         449 Oct  1 05:22 generic
	-rw-r--r--    1 root     kolab       24576 Oct  1 05:28 generic.db
	-rw-r-----    1 kolab    kolab-r      5948 Oct 17 15:54 main.cf
	-rw-r-----    1 kolab    kolab-r      5011 Oct 17 15:54 master.cf
	-rw-r--r--    1 root     kolab       17077 Oct  1 05:22
	-rw-r--r--    1 root     kolab         453 Oct  1 05:22 relocated
	-rw-r--r--    1 root     kolab       24576 Oct  1 05:28 relocated.db
	drwxr-xr-x    2 root     kolab         512 Oct  1 05:27 sample
	-rw-r--r--    1 root     kolab         409 Oct 17 15:54 transport
	-rw-r--r--    1 root     kolab       24576 Oct 17 15:54 transport.db
	-rw-r--r--    1 root     kolab         409 Oct 17 15:54 virtual
	-rw-r--r--    1 root     kolab       24576 Oct 17 15:54 virtual.db

In the next days I have to verify the installation add user, groups etc.
That's it I hope you can follow it :-)

Kind regards

Andrea Soliva

Mail: soliva at comcept.ch

More information about the devel mailing list