source: server/doc/install-howto @ 867

Last change on this file since 867 was 863, checked in by xavid, 16 years ago
Took out the atime thing, which is not relevant for recent kernels, apparently.
File size: 4.8 KB
RevLine 
[371]1This document is a how-to for installing a Fedora scripts.mit.edu server.
[181]2
[861]3Helper files for the install are located in server/fedora/config.
4
5* Start with a normal install of Fedora 9.
6
7* Edit /etc/selinux/config so it has SELINUX=disabled.
8
[788]9* Check out the scripts.mit.edu svn repository. Configure svn not to cache
10  credentials.
[387]11
12* cd to server/fedora in the svn repository.
13
[861]14* Run "make install-deps" to install various prereqs.  Nonstandard
15  deps are in /mit/scripts/rpm.
[387]16
[861]17* Create a scripts-build user account, and set up rpm to build in
18  $HOME by doing a
19  cp config/home/scripts-build/.rpmmacros /home/scripts-build/
20  (If you just use the default setup, it will generate packages
21  in /usr/src/redhat.)
[785]22
[861]23* su scripts-build -
24
25* Make sure that server/fedora (where you currently are) is writable
26  by user scripts-build.
27
[387]28* Use the Makefile to build the scripts.mit.edu-specific Fedora
29  packages.
[796]30  - export PATH=$PATH:/usr/sbin
[785]31  - make download
32  - make setup
33  - make all
34  - openafs-devel is a build-dependency of accountadm, so you'll need to
[861]35    install the openafs-devel package you just built by hand when that fails.
[387]36
[861]37* Then install the packages you just built as root:
38   - yum localinstall --nogpgcheck accountadm-0.00-0.x86_64.rpm \
39       execsys-0.00-0.x86_64.rpm httpd* \
40       kmod-openafs-1.4.7-1.1.2.6.25_14.fc9.x86_64.rpm \
41       krb5-{debuginfo,devel,libs,pki,workstation-1}* \
42       logview-0.00-0.x86_64.rpm mit-zephyr-2.1-6-linux.x86_64.rpm \
43       mod_ssl-2.2.8-3.x86_64.rpm nss_nonlocal-* \
44       openafs-1.4.7-1.1.1.x86_64.rpm \
45       openafs-{authlibs,client,debuginfo,devel,docs,krb5}* openssh* \
46       sql-signup-0.00-0.x86_64.rpm tokensys-0.00-0.x86_64.rpm \
47       whoisd-0.00-0.x86_64.rpm
48
[796]49* Rebuild mit-zephyr on a 32-bit machine, like the one at Joe's home.
50
[861]51* Run "make suexec" and "make install-suexec" to overwrite
[562]52  /usr/sbin/suexec with one that works. The one installed by the
53  newly-built Apache RPM is misconfigured.
54
[861]55* Install and configure bind
56  - env NSS_NONLOCAL_IGNORE=1 yum install bind
57  - chkconfig named on
58  - service named start
59
[788]60* Check out the scripts /etc configuration, which is done most easily by
[861]61  $ svn co svn://scripts.mit.edu/server/fedora/config/etc
62  # \cp -a etc /
[788]63
[862]64* Reload the iptables config to take down the restrictive firewall
65  service iptables restart
66
[861]67* Copy over root's dotfiles from one of the other machines.
[803]68
[861]69* Replace rsyslog with syslog-ng by doing:
70  # rpm -e --nodeps rsyslog
71  # yum install syslog-ng
72
[788]73* Install various dependencies of the scripts system, including syslog-ng,
[798]74  glibc-devel.i386, python-twisted-core, mod_fcgid, nrpe, nagios-plugins-all.
[788]75
[861]76* Disable NetworkManager (with yum remove).
[788]77
[861]78* Fix the openafs /usr/vice/etc <-> /etc/openafs mapping by changing
79   /usr/vice/etc/cacheinfo to contain:
80        /afs:/usr/vice/cache:10000000
[788]81
[861]82* Figure out why Zephyr isn't working
83
[387]84* Install the full list of RPMs that users expect to be on the
85  scripts.mit.edu servers.  See server/doc/rpm and
[562]86  server/doc/rpm_snapshot.  (Note that this is only a snapshot, and not
87  all packages may in fact be in use.)
[387]88
89* Install the full list of perl modules that users expect to be on the
90  scripts.mit.edu servers.  See server/doc/perl and
91  server/doc/perl_snapshot.
92
[832]93  - export PERL_MM_USE_DEFAULT=1
[812]94  - Run 'cpan', accept the default configuration, and do 'o conf
95    prerequisites_policy follow'.
[818]96  - Parse the output of perldoc -u perllocal | grep head2 on an existing
97    server, and "notest install" them from the cpan prompt.
[812]98
99* Install the Python eggs and Ruby gems and PEAR/PECL doohickeys that are on
100  the other scripts.mit.edu servers and do not have RPMs.
[818]101  - Look at /usr/lib/python2.5/site-packages for Python eggs and modules.
102  - Look at `gem list` for Ruby gems.
103  - Look at `pear list` for Pear fruits (or whatever they're called).
[785]104
[812]105* echo 'import site, os.path; site.addsitedir(os.path.expanduser("~/lib/python2.5/site-packages"))' > /usr/lib/python2.5/site-packages/00scripts-home.pth
106
[387]107* Install the credentials (machine keytab, daemon.scripts keytab, SSL
108  certs).
109
[862]110*  If you are setting up a test server, pay attention to
[562]111  /etc/sysconfig/network-scripts and do not bind scripts' IP address.
[812]112  You will also need to modify /etc/ldap.conf, /etc/openldap/ldap.conf, and
[562]113  /etc/httpd/conf.d/vhost_ldap.conf to use scripts.mit.edu instead of
114  localhost.
115
[861]116* Install fedora-ds-base and set up replication (see ./HOWTO-SETUP-LDAP
117    and ./fedora-ds-enable-ssl-and-kerberos.diff).
[785]118
[818]119* Install nslcd / nss-ldapd, which, unlike nss-ldap, doesn't crash every few
120  hours. Add /sbin/service dirsrv start and /sbin/nslcd to /etc/rc.local, or
121  better yet package nss-ldapd properly.
122
123* Make the services dirsrv, postfix, and httpd start at boot.
124
[803]125* Run fmtutil-sys --all, which does something that makes TeX work.
126
[562]127* (Optional) Beat your head against a wall.
128
[387]129* Possibly perform other steps that I've neglected to put in this
130  document.
Note: See TracBrowser for help on using the repository browser.