forked from lota/phamm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
INSTALL
215 lines (148 loc) · 6.42 KB
/
INSTALL
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;;; Phamm - INSTALL
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
Copyright (c) 2005-2016 Alessandro De Zorzi, Mirko Grava
<[email protected]> http://www.phamm.org/
Project sponsored by RHX Srl - www.rhx.it
Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.2
or any later version published by the Free Software Foundation;
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
SECTIONS
0. PRELIMINARY
0.1 Prepare the files
0.2 Requirements
0.2.1 optional requirements required for email
0.2.2 optional requirements for ftp
0.3 Contents
1. LDAP
1.1 Schema
1.2 Change phamm password
1.3 Populate
1.3.1 populate plugin support
2. PHAMM CONFIGURATION
2.1 Config files
3. MAIL SERVICES
3.1 config postfix
3.2 config courier
3.3 config amavis
3.4 config gnarwl
3.5 cleaner.sh script
0. PRELIMINARY
^^^^^^^^^^^^^^
0.1 Prepare the files
Untar the archive
tar xvfz phamm-X.X.X.tar.gz
Put the directory phamm-X.X.X in a web accessible directory:
(Example: mv phamm /var/www/)
or configure httpd to use Alias.
You can obtain for make accessible from web only the
sub-directory phamm/www-data.
0.2 Requirements
web server (tested with Apache)
php4 or php5 with ldap extension enable (php-ldap php4-ldap...)
OpenLDAP (recommend openldap 2.1 or 2.2)
Webbrowser (doh!)
0.2.1 optional requirements required for email
postfix email server
pop3/imap: severs (that support ldap)
examples: cyrus,courier. (tested with apache)
gnarwl: for autoresponding:(to first user email)
amavisd: for anti-virus/anti-spam:
spamassassain
clam-av or similar av-software (tested with Clam-AV)
net::ldap cpan modules
0.2.2 optional requirements for ftp
pure-ftpd
pure-ftpd-ldap-backend
0.3 Contents
In the examples folder you can find examples of all the configuration
files for each server section outlined below. Please remember these
are examples and they will have to be edited to suit your own personal
requirements.
1. LDAP
^^^^^^^
1.1 Schema
Copy schema/phamm.schema file in your schema directory
(ex. /etc/ldap/schema/ for Debian).
Probably you need other schema files, you can copy they from
respective projects or from http://open.rhx.it/phamm/schema/
amavis.schema
dnsdomain2.schema
ISPEnv2.schema
pureftpd.schema
radius.schema
samba.schema
Copy examples/conf/slapd/slapd.conf to override your slapd.conf (ex.
/etc/ldap/ for Debian or /etc/openldap). Add YOUR password for the
cn admin with the command slappasswd.
The slapd.conf has the loglevel set to 0. For debugging set it to 128
or start slapd with /usr/sbin/slapd -d1 as this will display to
screen and save you the trouble of searching your log files for problems.
For improve security we suggest to use Phamm LDAP ACL definition if
you do not use already ACL please copy examples/conf/phamm/phamm.acl
in the same place of the slapd.conf (ex. /etc/ldap/ for Debian or
/etc/openldap) otherwise comment the line below in your slapd.conf
# include /etc/ldap/phamm.acl
restart LDAP service
1.2 Change phamm password
Create the password you want for the cn phamm with slappasswd and
amend it in the examples/ldif/sample-mail.ldif (the default is rhx)
with cut & paste :).
1.3 Populate
ldapadd -v -x -D "cn=admin,dc=example,dc=tld" -W -h localhost -f examples/ldif/sample-main.ldif
The password is the first one you created.
1.3.1 populate plugin support
If you wish to use mail and DNS plugin:
ldapadd -v -x -D "cn=admin,dc=example,dc=tld" -W -h localhost -f examples/ldif/sample-mail.ldif
2. PHAMM CONFIGURATION
^^^^^^^^^^^^^^^^^^^^^^^
2.1 Config files
Create the main config file in phamm directory from the sample:
cp config.inc.example.php config.inc.php
Then edit config.inc.php.
2.1.1 Config file (plugin support)
If you wish to use the plugin, please decomment each line you
want in $plugins[] lines
Example:
$plugins = array();
$plugins[] = "mail";
$plugins[] = "alias";
//$plugins[] = "ftp";
3. SETTING MAIL SERVICES
^^^^^^^^^^^^^^^^^^^^^^^^^^
There are a couple of excellent general examples of how to setup
postfix and courier below these should assist with a more detailed
discription of what you find below.
http://www.postfix.org/addon.html
http://www.faqs.org/docs/Linux-HOWTO/LDAP-Implementation-HOWTO.html#AEN747
http://alinux.washcoll.edu/docs/plc/postfix-courier-howto.html
3.1 config postfix
install postfix as a full internet email server, and then add the snips
that are in the samples directory to the relevent parts of the postfix
configuration files, remember to reload postfix after making the changes
(most postfix configuration files are found in /etc/postfix)
ensure the user vmail and the group vmail have been added. if not add them and
remember the gid and uid as you need it here and in courier config
don't forget to update your transport file and the transport.db file this is required.
postmap /etc/postfix/transport
test this by logging into smtp and sending a mail to yourself (then when you set up
courier you should have the mail awaiting you) log with
/etc/init.d/postfix start; tail -f /var/log/mail.log
3.2 config courier
check that authdaemonrc is using ldap as a method to authenicate ie (authmodulelist=ldap),
add the snips from the samples folder to the relevent file (normally found in /etc/courier)
these files are authldap (configuration of ldap server)
test by logging into your pop or imap server and collecting the mail that you sent to your
self in setting up postfix.
/etc/init.d/courier-authdaemonrc start; tail -f /var/log/mail.log
3.3 config amavis
add the amavis sample data to your amavis.conf file. restart the services and check the
logs for dependancies)
3.4 config gnarwl
add the sample gnarwl.cfg snip to you gnarwl.cfg. (this normally lives in /etc/gnarwl.cfg)
set debug to 3 and test. don't forget to set debug back again when working.
3.5 cleaner.sh script
Edit the cleaner.sh script to reflect the your ldap layout.
Phamm does not really delete accounts. Phamm mark them as "Deleting".
You can use tools/cleaner.sh to do this with crond.