Difference between revisions of "Install OS4X on SLES11"

Revision as of 10:04, 21 April 2015

Assumptions

Your installation directory for OS4X is

/opt/os4x

The web interfaces will be installed in the default document root directory of Apache:

/srv/www/htdocs

The user running the installation is not "root", but "os4x" with limited permissions
Firewalls and other security measurements are disabled or not installed. (If they are enabled, you have to change them on your own).

Add repository

For PHP functionality (network socket and Posix support) you need to add a new repository:

zypper addrepo http://download.opensuse.org/repositories/server:/php/SLE_11/ PHP_SLE11

Install requried packages

Install all needed software (based on a minimal installation, many of these packages may already be installed):

zypper install apache2-mod_php5 php-bz2 php-mysql php-xmlreader php-xsl php-zip php-zlib \
php5-sockets php5-posix mysql vim iputils zip samba-winbind yast2-kerberos-client glibc-locale glibc-i18ndata libxslt

Accept repository key (english)

After having added the new repository (see above), you will have to accept its key permanently (with selection "a" for "always"):

New repository or package signing key received:
Key ID: 6FBE9844DDCD7F1A
Key Name: server:php OBS Project <server:php@build.opensuse.org>
Key Fingerprint: A7775E2A3428A096CB5050606FBE9844DDCD7F1A
Key Created: Sat Mar  2 06:17:15 2013
Key Expires: Mon May 11 07:17:15 2015 (expires in 19 days)
Repository: PHP_SLE11

Do you want to reject the key, trust temporarily, or trust always? [r/t/a/?] (r): a

Accept repository key (german)

After having added the new repository (see above), you will have to accept its key permanently (with selection "i" for "immer"):

Neuen Signierungsschlüssel für Repository oder Paket erhalten:
Schlüssel-ID: 6FBE9844DDCD7F1A
Schlüsselname: server:php OBS Project <server:php@build.opensuse.org>
Schlüsselfingerabdruck: A7775E2A3428A096CB5050606FBE9844DDCD7F1A
Schlüssel erstellt: Sa 02 MÃ¤r 2013 06:17:15 CET
Schlüssel läuft ab: Mo 11 Mai 2015 07:17:15 CEST (expires in 19 days)
Repository: PHP_SLE11

Wollen Sie den Schlüssel (a)bweisen, ihm (t)emporär oder (i)mmer vertrauen? [a/t/i/?] (a): i

Change PHP configuration

Edit the file as root.

/etc/php5/apache2/php.ini

Change the following configuration values to these values:

upload_max_filesize = 128M
post_max_size = 128M

Start services

For the installation, you need Apache and MySQL up and running:

service apache2 start
service mysql start

Change the distribution

chown os4x /srv/www/htdocs/
mkdir /opt/os4x
chown os4x /opt/os4x
chgrp users /etc
chmod g+w /etc
chgrp users /var/log/apache2/

Running the installation script

Download and run the shell installer for OS4X:

cd /tmp
wget http://www.os4x.com/fileadmin/downloads/os4x3_full_pe_Linux-x86-64-MySQL.sh
sh ./os4x3_full_pe_Linux-x86-64-MySQL.sh

Answer all question according to your needs (possible changed, see above)

Securing distribution

The permissions, which have been changed above, can be reverted to increase security:

chgrp root /etc
chmod 755 /etc

Optionally, change the permissions of the Apache logs directory:

chgrp root /var/log/apache2/

PAM authentification

If your OS4X Webaccess users need PAM authentification (i.e. Microsoft Active Directory), then you need to:

change permissions of the binary:

/opt/os4x/bin/os4xclientd

Commands (executed as root):

chown root opt/os4x/bin/os4xclientd
chmod +s opt/os4x/bin/os4xclientd

Configure PAM authentification support, as indicated here: PAM configuration for Windows Active Directory