Installing Zivios Server On Debian Etch
This howto explains installing Zivios Master Service version 0.5.0 on Debian Etch 4.0. Zivios is an n-tiered PHP-5 application, providing identity management, single sign-on, user, group and computer provisioning, as well as remote management of services. It uses MySQL and OpenLDAP as its data store, with OpenLdap being the primary back end for identity management and application integration and MySQL being used for panel specific data.
Supported Platforms
- Debian Etch 4.0
- Debian Lenny 5.0 (untested -- should work however. Please report success at [email protected])
Domain Name Service Requirements
The Zivios installer will work off an IP address. However, the services that Zivios configures (Kerberos, Certificate Authority, etc.) require proper name resolution. It is highly recommended that you configure DNS for the hostname you are working with.
Extraction
Download the Zivios package: zivios-0.5.0.tar.bz2 and copy it to your server at: /usr/local/src/
Note: the zivios package (zivios-0.5.0.tar.bz2) MUST be saved in /usr/local/src. Currently, the web based installer does not allow the option of specifying where the source folder is. If this is a problem, simply create a symlink from your actual source directory to /usr/local/src/.
Preparation
Your Debian server installation should be absolutely minimal. Barring SSHd, no additional packages should be installed at this stage. For the purpose of this setup, we are working with the following hostname and IP address:
- hostname : master.zivios.net
- IP address : 192.168.0.31
Note: it is a requirement that you use a sub-domain as your hostname. This does not mean that your LDAP basedn, kerberos realm or mail domain has to be master.yourdomain, it means quite simply that Zivios will be served from an apache virtual host called: master.yourdomain.
Also: the sub-domain does not need to be "master", it can be anything you like. If you are confused about this, please ask on the zivios-discuss mailing list or on the IRC channel before proceeding.
Ensure your system is updated via:
apt-get update
apt-get dist-upgrade
Reboot (if required or recommended by the operating system).
The following base packages are required to run the master web service:
apt-get install apache2 libapache2-mod-php5 php5-curl php5-gd php5-imap php5-ldap php5-mcrypt \
php5-mysql php5-xmlrpc mcrypt mysql-server-5.0 mysql-client-5.0 build-essential ssl-cert less \
bzip2 xml-core lsb-release file libssl-dev libldap2-dev ntp memcached python python-ldap \
python-pyopenssl python-twisted php5-memcache sudo
MySQL admin password needs to be set. You can do so via:
mysqladmin -u root password your_mysql_root_password
Please note this password down.
Installing Pre-requisites
Install libnss-ldap
The libnss-ldap package requires some information which we already have. Simply follow the example:
Our primary domain name for this demo installation is zivios.net. This makes our LDAP base-DN: dc=zivios,dc=net. The base-DN is your "Base Distinguished Name", which is made up of your "Domain Components".
Server URI: ldap://127.0.0.1
Distinguished name of search base: dc=zivios,dc=net
LDAP Version to Use: 3
Make local root Database admin: No
Does the LDAP database require login: No
apt-get install libnss-ldap
... enter your answers.
Install Heimdal and Openldap Dependencies
As the web based process requires certain prerequisites to be in place for auto-compilation to succeed, we need to installed required libraries accordingly. For Debian based systems, this is quite simple.
apt-get build-dep heimdal
apt-get build-dep slapd
Enable Memcached PHP extension
Zivios uses memcached to accelerate common lookups. Zivios cannot work without memcached enabled.
Debian Etch automatically enables the memcache module in php.ini, hence no further work is required here.
Install libssh2 and php-ssh2
SSH2 is required to enable zivios agents on remote computers. This is used by Zivios when adding a server to install and configure a Zivios agent on them.
It is required that you use libssh2-0.14 for this purpose (provided with Zivios). Newer versions seem not to work properly with the php5-ssh2 extension.
Copy the required packages over for compilation:
cd /usr/local/src
tar jxvf zivios-0.5.0.tar.bz2
tar zxvf zivios-0.5.0/spkgs/libssh2-0.14.tar.gz
tar zxvf zivios-0.5.0/spkgs/ssh2-0.10.tgz
Compile libssh:
cd libssh2-0.14
./configure
make all install
Install PHP5 module development package:
apt-get install php5-dev
Compile the php5-ssh2 extension:
cd /usr/local/src/ssh2-0.10
phpize
./configure
make
make install
Enable the php-ssh extension:
Edit /etc/php5/apache2/php.ini and add the following line to the end of the file (alongside other enabled extensions):
extension=ssh2.so