Kolab Groupware 2.

4 Installation Guide
The Kolab Groupware Solution

Jeroen van Meeuwen

Installation Guide

Draft

Kolab Groupware 2.4 Installation Guide The Kolab Groupware Solution Edition 1
Author Jeroen van Meeuwen vanmeeuwen@kolabsys.com

Copyright 2011 Kolab Systems AG This material may only be distributed subject to the terms and conditions set forth in the GNU Free Documentation License (GFDL), V1.2 or later (the latest version is presently available at http://www.gnu.org/licenses/fdl.txt).

A short overview and summary of the book's subject and purpose, traditionally no more than one paragraph long. Note: the abstract will appear in the front matter of your book and will also be placed in the description field of the book's RPM spec file.

Draft

Draft

Preface v 1. Document Conventions ................................................................................................... v 1.1. Typographic Conventions ...................................................................................... v 1.2. Pull-quote Conventions ........................................................................................ vi 1.3. Notes and Warnings ........................................................................................... vii 2. Feedback ...................................................................................................................... vii 2.1. Reporting Bugs in Kolab ..................................................................................... vii 2.2. Mailing Lists ....................................................................................................... viii 2.3. IRC ................................................................................................................... viii 3. About Kolab Groupware ................................................................................................ viii 3.1. Free Software Components ................................................................................ viii 3.2. Kolab Groupware Flavors ................................................................................... viii 3.3. Supported Platforms and System Requirements .................................................... ix 3.4. Kolab Product Series ........................................................................................... ix I. Kolab Groupware Server 1. Preparing the System 1.1. Prerequisites ........................................................................................................ 1.2. Recommendations ................................................................................................ 1.3. Enterprise Linux ................................................................................................... 2. Kolab Server 1 3 3 3 3 5

3. Installation 7 3.1. Kolab Server Installation ....................................................................................... 7 3.2. Repository Configuration ....................................................................................... 7 3.2.1. Installation with APT Packages .................................................................. 7 3.2.2. Installation with RPM Packages .................................................................. 9 3.3. Full default installation on a single server ............................................................. 14 3.4. Packagelist ........................................................................................................ 14 4. Configuration 4.1. Pykolab setup utility ............................................................................................ 4.2. Configuration through Puppet .............................................................................. 4.3. Manual Configuration .......................................................................................... 4.3.1. LDAP Configuration ................................................................................. 4.3.2. Kolab deamon Configuration .................................................................... 4.3.3. Cyrus-IMAP Configuration (default) ........................................................... 4.3.4. Dovecot-IMAP Configuration (Alternative) .................................................. 4.3.5. MTA Configuration ................................................................................... 4.3.6. Kolab-Webadmin Configuration ................................................................. 4.3.7. Webclient Configuration ........................................................................... 4.3.8. Webclient Database Configuration ............................................................ 5. Bootstrapping the Kolab Installation 5.1. Preparing the System for Bootstrapping ............................................................... 5.2. New Kolab Environment ..................................................................................... 5.3. Manual Bootstrap process .................................................................................. 17 17 17 17 17 18 18 19 20 21 22 22 23 23 24 24

6. Server Appendix 27 6.1. Certificate Authority (CA)-Certificates ................................................................... 27 II. Kolab Groupware Webclients 29

7. Roundcube 31 7.1. Installing the Database ....................................................................................... 31 iii

Installation Guide

Draft

7.2. Preparing the Database ...................................................................................... 31 7.3. Installation .......................................................................................................... 31 7.4. Configuration ...................................................................................................... 32 8. Horde 33 8.1. Installing the Database ....................................................................................... 33 8.2. Preparing the Database ...................................................................................... 33 9. Webclient-Appendix 35 9.1. Installation of the MySQL-Database ..................................................................... 35 III. Kolab Groupware Desktop-Clients 10. Kontact 10.1. Installation ........................................................................................................ 10.2. Configuration .................................................................................................... 10.2.1. Configuration through the KolabWizard ................................................... 10.2.2. Manual Configuration of Kontact ............................................................. 11. Thunderbird 12. Outlook IV. Cyrus IMAP 37 39 39 39 39 39 41 43 45

13. Installation of Cyrus IMAP 47 13.1. Installation ........................................................................................................ 47 14. Configuration of Cyrus IMAP 15. Configuring IMAP 16. Securing Cyrus IMAP Communications 17. IMAP Partitions 18. IMAP Option Reference 19. System Configuration Defaults 49 51 53 55 57 59

20. Creating a Cyrus Murder Setup 61 20.1. Setting up the master update server .................................................................. 61 20.1.1. Choosing the mupdate mode .................................................................. 61 21. Creating an IMAP Backend Server 63 21.1. Hooking in a new backend server into a murder setup ........................................ 63 22. Creating an IMAP Frontend Server 65 22.1. Hooking in a new frontend server into a murder setup ......................................... 65 A. Revision History Index 67 69

iv

Draft

Draft

Preface
1. Document Conventions
This manual uses several conventions to highlight certain words and phrases and draw attention to specific pieces of information. In PDF and paper editions, this manual uses typefaces drawn from the Liberation Fonts set. The Liberation Fonts set is also used in HTML editions if the set is installed on your system. If not, alternative but equivalent typefaces are displayed. Note: Red Hat Enterprise Linux 5 and later includes the Liberation Fonts set by default.
1

1.1. Typographic Conventions

Four typographic conventions are used to call attention to specific words and phrases. These conventions, and the circumstances they apply to, are as follows. Mono-spaced Bold Used to highlight system input, including shell commands, file names and paths. Also used to highlight keycaps and key combinations. For example: To see the contents of the file my_next_bestselling_novel in your current working directory, enter the cat my_next_bestselling_novel command at the shell prompt and press Enter to execute the command. The above includes a file name, a shell command and a keycap, all presented in mono-spaced bold and all distinguishable thanks to context. Key combinations can be distinguished from keycaps by the hyphen connecting each part of a key combination. For example: Press Enter to execute the command. Press Ctrl+Alt+F2 to switch to the first virtual terminal. Press Ctrl+Alt+F1 to return to your X-Windows session. The first paragraph highlights the particular keycap to press. The second highlights two key combinations (each a set of three keycaps with each set pressed simultaneously). If source code is discussed, class names, methods, functions, variable names and returned values mentioned within a paragraph will be presented as above, in mono-spaced bold. For example: File-related classes include filesystem for file systems, file for files, and dir for directories. Each class has its own associated set of permissions. Proportional Bold This denotes words or phrases encountered on a system, including application names; dialog box text; labeled buttons; check-box and radio button labels; menu titles and sub-menu titles. For example: Choose System Preferences Mouse from the main menu bar to launch Mouse Preferences. In the Buttons tab, click the Left-handed mouse check box and click

https://fedorahosted.org/liberation-fonts/

Preface Close to switch the primary mouse button from the left to the right (making the mouse suitable for use in the left hand). To insert a special character into a gedit file, choose Applications Accessories Character Map from the main menu bar. Next, choose Search Find from the Character Map menu bar, type the name of the character in the Search field and click Next. The character you sought will be highlighted in the Character Table. Double-click this highlighted character to place it in the Text to copy field and then click the Copy button. Now switch back to your document and choose Edit Paste from the gedit menu bar.

Draft

The above text includes application names; system-wide menu names and items; application-specific menu names; and buttons and text found within a GUI interface, all presented in proportional bold and all distinguishable by context. Mono-spaced Bold Italic or Proportional Bold Italic Whether mono-spaced bold or proportional bold, the addition of italics indicates replaceable or variable text. Italics denotes text you do not input literally or displayed text that changes depending on circumstance. For example: To connect to a remote machine using ssh, type ssh username@domain.name at a shell prompt. If the remote machine is example.com and your username on that machine is john, type ssh john@example.com. The mount -o remount file-system command remounts the named file system. For example, to remount the /home file system, the command is mount -o remount /home. To see the version of a currently installed package, use the rpm -q package command. It will return a result as follows: package-version-release. Note the words in bold italics above username, domain.name, file-system, package, version and release. Each word is a placeholder, either for text you enter when issuing a command or for text displayed by the system. Aside from standard usage for presenting the title of a work, italics denotes the first use of a new and important term. For example: Publican is a DocBook publishing system.

1.2. Pull-quote Conventions

Terminal output and source code listings are set off visually from the surrounding text. Output sent to a terminal is set in mono-spaced roman and presented thus:
books books_tests Desktop Desktop1 documentation downloads drafts images mss notes photos scripts stuff svgs svn

Source-code listings are also set in mono-spaced roman but add syntax highlighting as follows:
package org.jboss.book.jca.ex1; import javax.naming.InitialContext; public class ExClient {

vi

Draft
public static void main(String args[]) throws Exception { InitialContext iniCtx = new InitialContext(); Object ref = iniCtx.lookup("EchoBean"); EchoHome home = (EchoHome) ref; Echo echo = home.create(); System.out.println("Created Echo"); System.out.println("Echo.echo('Hello') = " + echo.echo("Hello")); } }

Notes and Warnings

1.3. Notes and Warnings

Finally, we use three visual styles to draw attention to information that might otherwise be overlooked.

Note
Notes are tips, shortcuts or alternative approaches to the task at hand. Ignoring a note should have no negative consequences, but you might miss out on a trick that makes your life easier.

Important
Important boxes detail things that are easily missed: configuration changes that only apply to the current session, or services that need restarting before an update will apply. Ignoring a box labeled 'Important' will not cause data loss but may cause irritation and frustration.

Warning
Warnings should not be ignored. Ignoring warnings will most likely cause data loss.

2. Feedback
We value feedback on our software as well as our documentation. Please find ways to contact us in this section.

2.1. Reporting Bugs in Kolab

Bug reports can be logged in our Bugzilla issue tracker . Please bear in mind registration is required. When reporting a bug, please prepare to provide the following information;

https://bugzilla.kolabsys.com

vii

Preface Your platform, and if applicable, your distribution and the distribution version. The version(s) of the Kolab component(s) you are using. If a custom version is used, any options that may have specified during the build process.

Draft

provide some text on logging a new ticket in our bugzilla, information to provide, etc. Possibly mention the life cycle of a product version series.

2.2. Mailing Lists

For users of Kolab software, we run a public mailing list at https://lists.kolab.org/mailman/listinfo/ kolab-users. To subscribe to the list, either click the aforementioned link and fill out the information 3 requested, or send an email to kolab-users-subscribe@kolab.org .

Development Mailing List

For developers of Kolab software, as well as general discussion on bugs and patches, we run a public mailing list at https://lists.kolab.org/mailman/listinfo/kolab-devel. To subscribe to the list and fill out the 4 information requested, or send an email to kolab-devel-subscribe@kolab.org .

2.2.1. Archives
The archives of both the user support and development discussion mailing list are available through web archives.

2.3. IRC
Refer to irc://irc.freenode.net/kolab here.

3. About Kolab Groupware

Kolab is a Groupware Solution for Emails, Appointments, Contacts and more. It supports mixed client environments (Outlook/KDE) because of an open storage format. Any email client speaking standard protocols can be served.

3.1. Free Software Components

TODO: Come on, be a little more verbose...

3.1.1. This documentation

Describe how this documentation can be modified to custom, internal documentation

3.2. Kolab Groupware Flavors

Kolab Groupware comes in two major flavors: 1. Kolab (Vanilla) The vanilla flavor of Kolab is ideally suited for general purpose Groupware systems in which no specialist features are required.

3 4

mailto:kolab-users-subscribe@kolab.org mailto:kolab-devel-subscribe@kolab.org

viii

Draft 2. Hosted Kolab

Supported Platforms and System Requirements

Hosted Kolab is the flavor targeted specifically at hosting providers (ISP, ASP, Cloud) offering Kolab Groupware environments to multiple customers, possibly through multiple resellers. Furthermore, the Kolab software are divided in a community version, and an enterprise version. The community version naturally moves forward a little faster and is subject to change a lot more so then the enterprise version. The community version of a product series will only become available as an enterprise version after thorough Quality Assurance and Certification of partner products.

3.3. Supported Platforms and System Requirements

Kolab Groupware is supported on the following platforms; All reasonably recent versions of Linux , including but not limited to the following distributions, in no particular order other then alphabetic; CentOS Debian Fedora
7 6 5

8 9

Red Hat Enterprise Linux

Should your Linux distribution not be listed here, please refer to Section 2, Feedback for ways of contacting the Kolab Development team. Obviously, the list is not complete

3.4. Kolab Product Series

Kolab Groupware consists of free software components, each of which are available from various upstream development and support project organizations, including Linux distributions. The Kolab Groupware developers, community members and Kolab Systems engineering and support staff maintain many of the packages related to Kolab with the Linux distributions through which those packages are available. The Kolab software repositories can therefor include only those software components, or those specific versions of software components, that differentiate from what is available in the upstream Linux distribution software repositories, and possibly recommended or required additional software repositories. Product series are versioned, each of them created to provide a sustainable stream of updates to the individual software components included in that product serie. The convention for Server Product Versioning is subject to the guidelines proposed and accepted as 10 KEP #5 .

By reasonably recent versions of Linux, we intend to indicate the Kolab project can manage to keep up with the latest distribution release ear-marked stable. 6 http://centos.org 7 http://debian.org 8 http://fedoraproject.org 9 http://redhat.com 10 http://wiki.kolab.org/KEP:5

ix

Preface

Draft

3.4.1. Product Streams

Two different product streams exist, a community edition and an enterprise edition. The following are consequences of using the community edition of kolab 2.4 (as opposed to the enterprise edition): 1. No debuginfo packages are available, which would be needed in case stack traces need to be generated for binary compiled programs such as mysql, openldap, cyrus-imapd or php. 2. The packages are not signed, and therefor the authenticity of the packages cannot be verified. 3. The packages are made available through HTTP only, as opposed to HTTPS, and therefor the authenticity cannot be verified. 4. No builds other then the latest is made available for any package. Rolling back a software update foo-1.0-2.el5 to previously installed software version foo-1.0-1.el5 after a failed update is therefor not possible unless a copy of foo-1.0-1.el5 had been preserved. 5. No security errata is sent out.

3.4.2. Repository Stages

4 different repository stages exist, each of them indicating the expected level of stability, and point-intime release. The release and updates repositories contain the most stable software (community edition) which is supported (enterprise edition).

Draft

Draft

Part I. Kolab Groupware Server

Draft

Chapter 1.

Draft

Preparing the System

The installation of Kolab requires you prepare the system for installation.

1.1. Prerequisites
The installation of Kolab requires one of the following operating system versions: Red Hat Enterprise Linux 5, see also Section 1.3, Enterprise Linux. FIXME: Other supported Operating System versions

1.2. Recommendations
We recommend a x86_64 capable version of the Operating System

1.3. Enterprise Linux

1. No user or group with ID 412 may exist on the system prior to the installation of Kolab. 2. No user or group with the name kolab may exist on the system prior to the installation of Kolab.

Draft

Chapter 2.

Draft

Kolab Server
The Kolab server is built out of the best available Free and Open Source software components, most if not all of which are available through the Linux distribution of your preference. However, such Linux distribution may not be as up-to-date as one might wish for the Kolab Groupware to provide the latest and greatest functionality, or may simply have a different update policy from what is typically acceptable for a Groupware environment. The Kolab server consist of the following 6 components, which can be distributed among several systems. Each of those components can be installed using the provided meta package. Kolab-IMAP The IMAP server component including a daemon which synchronizes user accounts from LDAP with IMAP mailboxes. default meta-package: kolab-imap default packages: cyrus-imap kolab-daemon optional-packages: dovecot-imap Kolab-LDAP The ldap directory component is used for the authentication of users. default meta-package: kolab-ldap default packages: openldap-server Kolab-MTA The MTA including spamfilter, virus-scanner and sasl authentication FIXME ? default meta-package: kolab-mta default packages: postfix clamav amavis TODO kolab-postfix-filters? 5

Chapter 2. Kolab Server Kolab-Webadmin An administrator webinterface. default meta-package: kolab-webadmin Kolab-Webclient An email webinterface. default meta-package: kolab-webclient default packages: kolab-webclient-roundcube optional-packages: kolab-webclient-horde

Draft

Kolab-Webclient-Database A database for the Kolab-Webclient which stores the settings of the webclient and caches data from the imap server. This database can, but does not have to be on the same server as the webclient. default meta-package: kolab-webclient-database default packages: kolab-webclient-database-roundcube optional-packages: kolab-webclient-database-horde

Draft

Chapter 3.

Draft

Installation
The Kolab community provides APT and RPM packages for most commonly used Linux distributions. Please see Section 3.2.1, Installation with APT Packages and Section 3.2.2, Installation with RPM Packages for more information.

3.1. Kolab Server Installation

To get a fully working Kolab installation all of the 6 components above need to be installed. The Kolab community provides APT and RPM packages for most commonly used Linux distributions. To get a fully working Kolab server on a single system, please install the kolab-groupware metapackage which will install all components, and run the setup script on a single machine. The default installation assumes that all components are installed on the same machine. If you have a distributed deployment or want non default components, please see Section 3.2.1, Installation with APT Packages and Section 3.2.2, Installation with RPM Packages for more information. For help with your deployment please refer to the Deployment Guide.

3.2. Repository Configuration

Kolab provides packages in extra repositories, therefore these repositories need to be configured first.

3.2.1. Installation with APT Packages

APT packages are provided for the following GNU/Linux distributions, and distribution versions: Table 3.1. APT Packages Distribution Support Distribution Information Name Debian Debian Debian Debian Ubuntu Ubuntu Ubuntu CodeName Lenny (oldstable) Squeeze (stable) Wheezy (testing) Sid (unstable) Lucid Maverick Natty Version 5.0 6.0 7.0 N/A 10.04 LTS 10.10 Architectures i386, amd64 i386, amd64 i386, amd64 i386, amd64 i386, amd64 i386, amd64 i386, amd64 February 6th, 2012 T.B.D. T.B.D. T.B.D. T.B.D. T.B.D. T.B.D. EOS / EOL Date

3.2.1.1. Debian
1. For Kolab 2.4 software packages for Debian Squeeze, add the following two lines to /etc/apt/ sources.list:
deb http://mirror.kolabsys.com/pub/debian/kolab-2.4/ squeeze release updates deb-src http://mirror.kolabsys.com/pub/debian/kolab-2.4/ squeeze release updates

Chapter 3. Installation

Draft

Updates in Testing Phase and Packages in Development

Optionally, enable the updates-testing and development components for newer, but less stable packages. For other versions of the Debian distribution, please replace squeeze with the corresponding distribution codename.

Debian Volatile (Updates) Repositories

It is critically important to consider also enabling the so-called volatile repository for your Debian version, to enable updates for components such as clamav. To enable the volatile repository for Debian Lenny, include the following line in /etc/apt/ sources.list:
deb http://volatile.debian.org/debian-volatile stable/volatile main

2.

To ensure the Kolab packages have priority over the Debian packages, such as must be the case for PHP as well as Cyrus IMAP, please make sure the APT preferences pin the mirror.kolabsys.com origin as a preferred source. Put the following in /etc/apt/preferences:
Package: * Pin: origin mirror.kolabsys.com Pin-Priority: 501

3.

Update the repository metadata:

# apt-get update

4.

Start the installation of the base package as follows:

# aptitude install kolabd

5. 6.

When asked to confirm you want to install the package and its dependencies, press Enter. When asked to confirm you want to continue installing the packages of which the integrity nor source can be securely verified, press y then Enter.

3.2.1.2. Ubuntu
1. For Kolab 2.4 software packages for Ubuntu Lucid, add the following two lines to /etc/apt/ sources.list:

Draft

Installation with RPM Packages

deb http://mirror.kolabsys.com/pub/ubuntu/kolab-2.4/ lucid release updates deb-src http://mirror.kolabsys.com/pub/ubuntu/kolab-2.4/ lucid release updates

For other versions of the Ubuntu distribution, please replace lucid with the corresponding distribution codename. 2. To ensure the Kolab packages have priority over the Ubuntu packages, such as must be the case for PHP as well as Cyrus IMAP, please make sure the APT preferences pin the mirror.kolabsys.com origin as a preferred source. Put the following in /etc/apt/preferences:
Package: * Pin: origin mirror.kolabsys.com Pin-Priority: 501

3.2.1.3. Troubleshooting the APT Package Manager

3.2.1.3.1. Broken Packages
If you get an error similar to, for example:
test90-1:~# apt-get install kolabd Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: kolabd: Depends: postfix (>= 2.4) but it is not going to be installed Depends: postfix-ldap (>= 2.4) but it is not going to be installed E: Broken packages

The error is not caused by broken packages, but a broken package manager that cannot install exim and postfix in parallel.

Solution
First remove any non-postfix MTA you may have installed, which in a default Debian installation is probably exim. To remove exim, execute the following with superuser privileges:
# apt-get remove exim4 exim4-base exim4-config exim4-daemon-light

Then continue installing Kolab:

# aptitude install kolabd

3.2.2. Installation with RPM Packages

RPM packages are being provided for the following Linux distributions and versions: 9

Chapter 3. Installation Table 3.2. RPM Packages Distribution Support Distribution Information Name CentOS CentOS Fedora Fedora Red Hat Enterprise Linux Red Hat Enterprise Linux CodeName Laughlin Lovelock Tikanga Santiago Version 5 6 14 15 5 6 Architectures i386, amd64 i386, amd64 i386, amd64 i386, amd64 i386, amd64 i386, amd64 Approximately Q1, 2014 Approximately Q4, 2017 Q4, 2011 Q2, 2012 Approximately Q1, 2014 Approximately Q4, 2017

Draft

EOS / EOL Date

3.2.2.1. Prerequisites
Before the installation, it is necessary to install the configuration for the Kolab software repositories.

3.2.2.1.1. CentOS
For full instructions on installing Kolab Groupware on CentOS, please refer to the instructions in Section 3.2.2.1.3, Red Hat Enterprise Linux.

Disable 'addons' and 'extras' repositories

Please be aware that on CentOS, you will need to disable the 'addons' and 'extras' repositories, as they contain packages not part of the Enterprise Linux base operating system. The disable these repositories, edit /etc/yum.repos.d/CentOS-Base.repo and append a setting enabled=0 to sections [addons] and [extras], or delete the sections entirely.

3.2.2.1.2. Fedora
To install Kolab Groupware on Fedora, additional Kolab Groupware software repositories are required. Procedure 3.1. Installing the Kolab Groupware repositories for Fedora Depending on the version of Fedora, install the following package: TODO

3.2.2.1.3. Red Hat Enterprise Linux

The EPEL repository is required for Kolab Groupware on Red Hat Enterprise Linux. Install the EPEL repository using the following procedure:
1

http://fedoraproject.org/wiki/EPEL

10

Draft

Installation with RPM Packages

Procedure 3.2. Installing the epel-release Package 1. Depending on the version of Red Hat Enterprise Linux, install the package as it is listed on the following page: Enterprise Linux 5 (Tikanga) Enterprise Linux 6 (Santiago) 2. Install this package using the following command:
# wget http://url/to/rpm # yum localinstall --nogpgcheck /path/to/rpm
3 2

The Kolab software repositories for Red Hat Enterprise Linux ship two so-called -release packages: 1. kolab-2.4-community-release Depending on the version of Red Hat Enterprise Linux, find the -release package at: Red Hat Enterprise Linux 5 (Tikanga)
4 5

Red Hat Enterprise Linux 6 (Santiago)

2. kolab-2.4-community-release-development You can install the kolab-2.4-community-release-development package using YUM, after having installed the kolab-2.4-community-release package;
# yum install kolab-2.4-community-release-development

Stable Software
Stable software, versions of packages deemed ready for general availability and production environments are distributed through two repositories, release and updates. These repositories are configured on the system, and enabled by default, by installing the kolab-2.4-communityrelease package;

Stable Software Currently in Testing

The kolab-2.4-community-release package also installs a repository through which upcoming updates currently in their testing phase are distributed. This repository is called updates-testing, and is not enabled by default. Through Kolab Systems and/or community support channels, you may be asked to test an update distributed through the updates-testing repository to see if it fixes a bug you have reported. You would then, typically, temporarily enable the updates-testing repository by supplying the --enablerepo=kolab-2.4-updates-testing command-line option to YUM, overriding the system configuration file setting.

2 3

http://download.fedora.redhat.com/pub/epel/5/i386/repoview/epel-release.html http://download.fedora.redhat.com/pub/epel/6/i386/repoview/epel-release.html 4 http://mirror.kolabsys.com/pub/redhat/kolab-2.4/el5/release/i386/repoview/kolab-2.4-community-release.html 5 http://mirror.kolabsys.com/pub/redhat/kolab-2.4/el6/release/i386/repoview/kolab-2.4-community-release.html

11

Chapter 3. Installation

Draft

Software Currently in Development

Software that is currently in development for the product series you are running (in this case, series 2.4) is available through the so-called development repository. This software is considered unstable. By default, you will not have the package installed that provides the configuration for this repository; the kolab-2.4-community-release-development package. Installing this package will cause the development repository to be enabled by default. Procedure 3.3. Installing the kolab-2.4-community-release Package 1. Depending on the version of Red Hat Enterprise Linux, install the package as it is listed on the following page: Enterprise Linux 5 Enterprise Linux 5 Enterprise Linux 6 2.
6 7 8

Install this package using the following command:

# wget http://url/to/rpm # yum localinstall --nogpgcheck /path/to/rpm

3.

To test the installation of the repository configuration, please execute:

# yum repolist (...snip...) kolab-2.4 kolab-2.4-updates (...snip...)

Output Abbreviated
Note that the output is abbreviated for clarity. The output may actually include the description of the repository, and the number of packages available. Optionally, to see which repositories have been configured though not enabled, also execute:
# yum repolist all (...snip...) kolab-2.4 kolab-2.4-debuginfo kolab-2.4-source kolab-2.4-updates kolab-2.4-updates-debuginfo kolab-2.4-updates-source kolab-2.4-updates-testing kolab-2.4-updates-testing-debuginfo kolab-2.4-updates-testing-source

6 7

http://mirror.kolabsys.com/pub/redhat/kolab-2.4/el5/release/i386/repoview/kolab-2.4-community-release.html http://mirror.kolabsys.com/pub/redhat/kolab-2.4/el5/development/x86_64/ 8 http://mirror.kolabsys.com/pub/redhat/kolab-2.4/el6/release/i386/repoview/kolab-2.4-community-release.html

12

Draft
(...snip...)

Installation with RPM Packages

Output Abbreviated
Note that the output is abbreviated for clarity. The output may actually include the description of the repository, whether the repository is enabled by default or not, and the number of packages available in each repository as well as the total number of packages.

4.

At this stage of the Kolab Groupware 2.4 development and release cycle, you may require to install the development repository as well. To do so, execute the following command:
# yum -y install kolab-2.4-community-release-development

Development Repository Contains Unstable Software

The development repository contains unstable software, in that new versions of the software can be released through the development repository quickly, for testing purposes, before they are approved to the updates-testing stage.

Please consider using yum-priorities as described in Section 3.2.2.1.4, Using yum-priorities to Avoid Package Conflicts. This is necessary for Enterprise Linux releases prior to Enterprise Linux 6 only.

3.2.2.1.4. Using yum-priorities to Avoid Package Conflicts

Since any given package may, at any time, be or become available to the system through both the Kolab repositories as well as through the regular distribution repositories, to avoid the risk of switching back and forth between the two different versions continuously, by mistake or by accident, we recommend you use the following procedure including employing YUM repository priorities to eliminate the risk of running in such problems in the future.

Note
This is necessary only for Enterprise Linux 5. Procedure 3.4. Installing and Configuring YUM priorities 9 1. The yum-priorities is available from the package repository . Please install it:

http://fedoraproject.org/wiki/EPEL

13

Chapter 3. Installation

Draft

# yum install yum-priorities

2.

The repositories that have been installed using the kolab-2.4-community-release package(s) have a pre-configured priority of 50. The default repository priority is 99. This will set the correct priorities, unless you have repositories configured other than the base operating system repositories (not including 'addons' and 'extras' on CentOS platforms), EPEL and the Kolab Groupware repositories. Should the system happen to already make use of YUM priorities, please make sure the Kolab repositories have the appropriate priority.

3.3. Full default installation on a single server

If you want a default installation with all components on a single server, pleas run:
# yum install kolab

This meta-package will install all needed components. Once the installation is complete, you can continue with the configuration in the next chapter. Alternatively you can install each component individually, which will give you the same result.

3.4. Packagelist
The following packages are available to install the individual components. Please use your distributions package management system to install them. The default meta-package will install the default component. The alternative package is an alternative to the default component. Optional packages provide extra functionality which is not needed for a standard installation. Table 3.3. Packages Package List Package Complete Server default metapackage kolab-groupwareserver alternative package optional packages Package Description A meta package to install all default components. The LDAP component (openldap by default). The IMAP component (cyrus by default). The MTA component (postfix by default). -

LDAP

kolab-ldap

IMAP

kolab-imap

kolab-imapdovecot -

MTA

kolab-mta

Webadmin 14

kolab-webadmin

Draft Package List Package WebclientDatabase Webclient default metapackage kolab-webclientdatabase kolab-webclient alternative package optional packages -

Packagelist Package Description -

15

16

Draft

Chapter 4.

Draft

Configuration
4.1. Pykolab setup utility
To setup each component the pykolab utilty can be used. Once the installation is complete, you can configure all components using:
# /opt/kolab/bin/kolab-setup

If you ran the script successfully the installation and configuration of the server is complete and you can move on to the next chapter.

Mixing automated and manual configuration

It is also possible to configure only certain components using the pykolab utility, and configurating others manually.

4.2. Configuration through Puppet

TODO move to another guide? Assuming that you have an existing Puppet environment, you can clone the kolab puppet module:
$ git clone git://git.puppetmanaged.org/puppet/kolab

4.3. Manual Configuration

If you cannot use the pykolab utility for some reason, all configurations can also be made manually. In the following the minimum amount of configuration needed to get a fully working single server installation is described. This will give you the same result as using the pykolab utility.

4.3.1. LDAP Configuration

/etc/openldap/slapd.conf Update all example.org distinguished names.

certificates
TLSCertificateFile /etc/pki/tls/certs/host.example.org.crt

TLSCertificateKeyFile /etc/pki/tls/certs/host.example.org.key

rootDSE
rootDSE /path/to/rootDSE.ldif

17

Chapter 4. Configuration Specify the name of an LDIF(5) file containing user defined attributes for the root DSE. These attributes are returned in addition to the attributes normally produced by slapd. TODO: this is normally shipped as a default config file For detailed instructions for the manual setup please see: OpenLDAP

Draft

4.3.2. Kolab deamon Configuration

TODO: kolabd probably also needs a configuration file?

4.3.3. Cyrus-IMAP Configuration (default)

/etc/imapd.conf

servername
servername: example.org

This is the hostname visible in the greeting messages of the POP, IMAP and LMTP daemons. If it is unset, then the result returned from gethostname(2) is used.

admin
admin: user1 user2

The list of userids with administrative rights. Separate each userid with a space. Sites using Kerberos authentication may use separate "admin" instances. Note that accounts used by users should not be administrators. Administrative accounts should not receive mail. That is, if user "jbRo" is a user reading mail, he should not also be in the admins line. Some problems may occur otherwise, most notably the ability of administrators to create top-level mailboxes visible to users, but not writable by users.

ldap_base
ldap_base: dc=example,dc=org

Contains the LDAP base dn for the LDAP ptloader module

ldap_bind_dn
ldap_bind_dn: cn=nobody,cn=internal,dc=example,dc=org

Bind DN for the connection to the LDAP server (simple bind). Do not use for anonymous simple binds

ldap_password
ldap_password: LDAPpassword

Password for the LDAP server. 18

Draft

Dovecot-IMAP Configuration (Alternative)

ldap_group_base
ldap_group_base: ou=Groups,dc=example,dc=org

LDAP base dn for ldap_group_filter.

ldap_member_base
ldap_member_base: ou=People,dc=example,dc=org

LDAP base dn for ldap_member_filter.

tls-cert
tls_cert_file: /etc/pki/tls/certs/host.example.org.cert

File containing the certificate presented for server authentication during STARTTLS. A value of "disabled" will disable SSL/TLS.
tls_key_file: /etc/pki/tls/private/host.example.org.key

File containing the private key belonging to the server certificate. A value of "disabled" will disable SSL/TLS.
tls_ca_file: /etc/pki/tls/certs/host.example.org_ca.crt

File containing one or more Certificate Authority (CA) certificates.

TLS Certificates
TODO: note on generating a ca and intermediate ca and server certificates, add to that note the multi-valued cn attribute for web servers that are tcp/ip load-balanced For detailed instructions for the manual setup please see: Part IV, Cyrus IMAP

4.3.4. Dovecot-IMAP Configuration (Alternative)

/etc/dovecot.conf

TODO placeholder
placeholder replacable

Comment.

19

Chapter 4. Configuration

Draft

Detailed Instructions
For detailed instructions for the manual setup please see: Dovecot-IMAP

4.3.5. MTA Configuration

/etc/postfix/main.cf The Postfix main.cf configuration file specifies a very small subset of all the parameters that control the operation of the Postfix mail system. Parameters not explicitly specified are left at their default values.

tls-cert
smtpd_tls_cert_file = /etc/pki/tls/certs/host.example.org.cert

File with the Postfix SMTP server RSA certificate in PEM format. This file may also contain the Postfix SMTP server private RSA key.
smtpd_tls_key_file = /etc/pki/tls/private/host.example.org.key

File with the Postfix SMTP server RSA private key in PEM format. This file may be combined with the Postfix SMTP server RSA certificate file specified with $smtpd_tls_cert_file. The private key must be accessible without a pass-phrase, i.e. it must not be encrypted. File permissions should grant read-only access to the system superuser account ("root"), and no access to anyone else.

SASL related configurations

Depending on the used IMAP server the SASL related configs must be replaced. See Postfix 1 SASL documentation for more info.

SASL with Cyrus-IMAP

cyrus_sasl_config_path = /etc/sasl2/

smtpd_sasl_path =

smtpd

smtpd_sasl_type =

cyrus

SASL with Dovecot-IMAP

http://www.postfix.org/SASL_README.html#server_sasl

20

Draft

Kolab-Webadmin Configuration

smtpd_sasl_path =

private/auth

smtpd_sasl_type =

dovecot

Manpage
For further info see man 5 postconf /etc/postfix/master.cf The master.cf configuration file defines how a client program connects to a service, and what daemon program runs when a service is requested. TODO: configure kolabfilter first? Adjust the path to the config file of /etc/kolab/kolabfilter.conf

Manpage
man 5 master /etc/postfix/ldap/mydestination.cf Used for an ldap lookup of the mydestination parameter in main.cf. /etc/postfix/ldap/local_recipient_maps.cf Used for an ldap lookup of the local_recipient_maps parameter in main.cf /etc/postfix/ldap/virtual_alias_maps.cf /etc/postfix/ldap/virtual_alias_maps_mailenabled_distgroups.cf /etc/postfix/ldap/virtual_alias_maps_mailenabled_dynamic_distgroups.cf Used for an ldap lookup of the virtual_alias_maps parameter in main.cf

Adjust example.org domain names

Adjust the example.org rootDNs and domain names in all these files. For detailed instructions for the manual setup please see: MTA

4.3.6. Kolab-Webadmin Configuration

/path/to/file

21

Chapter 4. Configuration

Draft

title
var = value

blabla For detailed instructions for the manual setup please see: Webadmin

4.3.7. Webclient Configuration

how to configure the webserver to show the web interface over SSL only For detailed instructions for the manual setup please see: Webclient

4.3.8. Webclient Database Configuration

The Webclient-Database needs a mysql server installation, which should have been installed as a dependency of the package.

4.3.8.1. Configuration of the MySQL server for the Horde Database

The following procedure ... For detailed instructions for the manual setup please see: Horde-Webclient-Database

22

Draft

Chapter 5.

Draft

Bootstrapping the Kolab Installation

Various scenarios require various installation procedures.

Infrastructure Matters
The infrastructure around the Kolab environment matters. The system's hostname, Fully Qualified Domain Name (FQDN) and other infrastructural aspects impact the installation procedure as well as the resulting runtime environment. The Deployment Guide has more details.

5.1. Preparing the System for Bootstrapping

Preparing the system for bootstrapping it requires any services that the Kolab Groupware is going to create, maintain and/or manage need to be shut down prior to bootstrapping. The following ports are being checked for running services, in numeric order: 1. 24 2. 25 3. 80 4. 110 5. 143 6. 443 7. 389 8. 465 9. 587 10. 636 11. 993 12. 995 13. 2000 14. 2003 15. 9999 16. 10024 17. 10025 18. 10026

23

Chapter 5. Bootstrapping the Kolab Installation

Draft

Identifying blocked ports

If the process fails due to running services and also
# /usr/sbin/kolabsrv rc all stop

does not help, the ports can be checked using:

# lsof -Pnl +M -i4

on an IPv4 network and

# lsof -Pnl +M -i6

for iPv6. Alternatively

# netstat -tulpn

should give you the same info. Stop all services running on one of the aforementioned ports:
# /etc/rc.d/init.d/service stop

5.2. New Kolab Environment

Issue the following command to bootstrap a new Kolab environment:
# kolabctl start

This will start all needed services and you kolab environemt is usable now. Congratulations! You have finished the installation of you kolab groupware server.

5.3. Manual Bootstrap process

Instead of using the kolabctl utility, the services can also be started manually

Ensure that ports are free

Please ensure first that all aforementioned ports are free The following services need to be started in this order (the order is mandatory). If you did not use the default components (i.e. dovecot instead of cyrus), you will have to adjust the commands accordingly accordingly.

24

Draft Services to start LDAP

# /etc/init.d/ldap start

Manual Bootstrap process

SASL
# /etc/init.d/saslauthd start

Amavis
# /etc/rc.d/init.d/amavisd start

Clamav
# /etc/rc.d/init.d/clamd.amavisd start

cyrus-IMAP
# /etc/rc.d/init.d/cyrus-imapd start

Postfix
# /etc/rc.d/init.d/postfix start

Kolabd
# /etc/init.d/kolabd start

HTTP Server
# /etc/init.d/httpd start

25

26

Draft

Chapter 6.

Draft

Server Appendix
6.1. Certificate Authority (CA)-Certificates
Kolab stores the CA-Certificates under the following locations: Certificate: /etc/pki/tls/certs/host.example.org.cert Private Key: /etc/pki/tls/private/host.example.org.key Certificate Authority (CA) certificates: /etc/pki/tls/certs/host.example.org_ca.crt The keys are all in the pem format. If you already have certificates for the Kolab server, you can copy them to the above locations. If you don't have certificates, you can generate them using: Todo: -use pykolab to generate the certificates? -install package with the /usr/share/kolab/scripts/ kolab_ca.sh scripts -generate and install cert use /etc/pki/tls/certs/Makefile from package openssl to generate certificates?

27

28

Draft

Draft

Part II. Kolab Groupware Webclients

Draft

Chapter 7.

Draft

Roundcube
Roundcube is the official Kolab-Webclient. Roundcube is provided trough the Kolab repositories. See sect-Installation_Guide-Installation-Repository_Configuration

7.1. Installing the Database

Roundcube needs a database which is provided by the kolab-webclient-database package
# yum install kolab-webclient-database

7.2. Preparing the Database

Roundcube needs a MySQL database, which was installed as a dependency of the kolab-webclientdatabase package. Please refer to sect-Installation_Guide-Appendix-MySQL-Database if you have not already installed the database. The MySQL database needs to be populated with all tables relevant for roundcube. 1. open the mysql shell with
# mysql --user=root --password=MYSQLRootPassword

2.

create the table with:

mysql> CREATE DATABASE roundcubemail;

mysql> GRANT ALL PRIVILEGES ON roundcubemail.* TO roundcube@localhost IDENTIFIED BY 'MYSQLRoundcubePassword';

mysql> FLUSH PRIVILEGES;

3.

prepare the db with

# mysql --user=roundcube --password=MYSQLRoundcubePassword roundcubemail > /usr/share/ doc/roundcubemail-0.6/SQL/

TODO the above SQL directory should be part of a roundcube-database package

7.3. Installation
To install the complete Roundcubemail including kolab plugins:
# yum install roundcubemail-kolab

The following packages must be installed first: php-pear-MDB2-Driver-mysql.noarch when this error occurs in /var/log/roundcubemail/errors: 06-Sep-2011 20:32:56 +0200]: DB Error: unable to find package 'MDB2_Driver_mysql' file 'MDB2/Driver/mysql.php' in /usr/share/ roundcubemail/program/include/rcube_mdb2.php on line 102 (GET /roundcubemail/) [06-Sep-2011 20:32:56] MDB2 Error: not found (-4): unable to find package 'MDB2_Driver_mysql' file 'MDB2/Driver/ mysql.php' 31

Chapter 7. Roundcube also missing: yum install php-pear-Mail-Mime.noarch configure drafts folder, otherwise saved drafts are lost

Draft

7.4. Configuration
adjust /etc/roundcubemail/db.inc.php to match the password set above (MYSQLRoundcubePassword). Adjust /etc/httpd/conf.d/roundcubemail.conf to allow access from all desired hosts. /etc/httpd/conf.d/roundcubemail.conf /etc/logrotate.d/roundcubemail /etc/roundcubemail/ acl.inc.php /etc/roundcubemail/db.inc.php /etc/roundcubemail/main.inc.php /etc/roundcubemail/ managesieve.inc.php /etc/roundcubemail/password.inc.php /etc/roundcubemail/calendar.inc.php /etc/ roundcubemail/kolab.inc.php /etc/roundcubemail/ldap_authentication.inc.php Configuring roundcube plugins: $rcmail_config['plugins'] = array( 'acl', 'calendar', 'redundant_attachments', 'kolab_core', 'kolab_addressbook', 'kolab_folders', 'managesieve', 'newmail_notifier', ); Calendar plugin: $rcmail_config['calendar_driver'] = "kolab";

32

Draft

Chapter 8.

Draft

Horde
8.1. Installing the Database
Horde needs a database which is provided by the kolab-webclient-database package
# yum install kolab-webclient-database

8.2. Preparing the Database

Horde needs a MySQL database, which was installed as a dependency of the kolab-webclientdatabase package. Please refer to sect-Installation_Guide-Appendix-MySQL-Database if you have not already installed the database. Procedure 8.1. Configuring the Horde Database 1. If you have not already installed mysql, please do so according to sect-Installation_GuideAppendix-MySQL-Database 2. Create the horde database:
# mysql -p -e 'CREATE DATABASE horde;'

3.

Create the horde user and grant all privileges to the horde database to that horde user:
# mysql -p -e 'GRANT ALL PRIVILEGES on `horde`.* TO `horde`@`localhost` IDENTIFIED BY "YourPassword";'

33

34

Draft

Chapter 9.

Draft

Webclient-Appendix
9.1. Installation of the MySQL-Database
# yum install mysql mysql-sever

If you already had mysql installed you will need to update it to the version provided in the kolab repositories.
# service mysqld start

If the install script failed to create the mysql user you can create it using
# /usr/sbin/useradd -g mysql -M -o -r -d /var/lib/mysql -s /bin/bash -c "MySQL Server" -u 27 mysql > /dev/null

in the end there should be a mysql user in a mysql group (check with 'id mysql' if the service fails to start with an error like:
[ERROR] /usr/libexec/mysqld: Can't create/write to file '/var/run/mysqld/ mysqld.pid' (Errcode: 13)

in /var/log/mysqld.log fix it with:

# chmod g+w /var/run/mysqld/

Set a new root password using

# /usr/bin/mysqladmin -u root password MYSQLRootPassword

Procedure 9.1. Configuring the Horde Database 1. Configure the mysqld service to start on boot (runlevels 2 through 5): chkconfig mysqld on 2. Edit /etc/my.cnf, and execute the following edits: 1. Set old_passwords to 0. 2. Make sure the InnoDB storage engine is enabled, by providing the MySQL server with the binary log settings:
# Make sure all logs are flushed on shutdown innodb_fast_shutdown=0 innodb_file_per_table innodb_data_file_path = ibdata1:128M:autoextend

35

Chapter 9. Webclient-Appendix

Draft

The Size Values are Defaults

Adjust the default size values as shown in this step of the procedure to your needs as appropriate.

3.

Start the MySQL server for the first time:

# service mysqld start Initializing MySQL database: OK Filling help tables... OK Installing MySQL system tables...

To start mysqld at boot time you have to copy support-files/mysql.server to the right place for your system PLEASE REMEMBER TO SET A PASSWORD FOR THE MySQL root USER ! To do so, start the server, then issue the following commands: /usr/bin/mysqladmin -u root password 'new-password' /usr/bin/mysqladmin -u root -h test90-2.test90.kolabsys.com password 'new-password' Alternatively you can run: /usr/bin/mysql_secure_installation which will also give you the option of removing the test databases and anonymous user created by default. This is strongly recommended for production servers. See the manual for more instructions. You can start the MySQL daemon with: cd /usr ; /usr/bin/mysqld_safe & You can test the MySQL daemon with mysql-test-run.pl cd mysql-test ; perl mysql-test-run.pl Please report any problems with the /usr/bin/mysqlbug script! The latest information about MySQL is available on the web at http://www.mysql.com Support MySQL by buying support/licenses at http://shop.mysql.com [ OK ] Starting MySQL: [ OK ]

4.

Run the initial configuration and securing, and follow the instructions:
# /usr/bin/mysql_secure_installation

36

Draft

Draft

Part III. Kolab Groupware Desktop-Clients

Draft

Chapter 10.

Draft

Kontact
Kontact is the offical KDE PIM client, consisting of an email client (KMail) , an address book (KAddressbook) and an Organizer (KOrganizer). Kontact is part of the KDE Software Compilation.

10.1. Installation
Kontact is available on all major linux distributions, and can be installed trough the native package management system. While the standard version provides all features, Kolab maintains enterprise versions for improved stability. To install the complete Kontact suite:
# yum install kontact

alternatively each component can be installed individually.

10.2. Configuration
The synchronisation with the Kolab Groupware server can either be configured manually or with the Kolabwizard.

10.2.1. Configuration through the KolabWizard

The KolabWizard will guide you trough, the setup process step by step. If you experience any problems please follow the Manual Configuration.

10.2.2. Manual Configuration of Kontact

39

40

Draft

Chapter 11.

Draft

Thunderbird
para

41

42

Draft

Chapter 12.

Draft

Outlook
para

43

44

Draft

Draft

Part IV. Cyrus IMAP

Instructions on Using Cyrus IMAP as the Kolab IMAP Server
This part of the Kolab 2.4 Installation Manual applies to installing, configuring, managing, upgrading, migrating and tweaking the Cyrus IMAP component of the Kolab Groupware Solution.

Draft

Chapter 13.

Draft

Installation of Cyrus IMAP

Kolab Systems Repository Configuration
Make sure you have the Kolab Systems software repositories configured properly on the system, before executing any of the following commands. For more information on configuring the Kolab Systems software repositories, please refer to Section 3.2, Repository Configuration.

13.1. Installation
The package name for Cyrus IMAP is kolab-cyrus-imapd.

Installation Instructions for APT-based Systems

To install Cyrus IMAP on APT-based systems such as Debian and Ubuntu Long-Term Support, execute the following command;
# apt-get -y install kolab-cyrus-imapd

Installation Instructions for RPM-based Systems

To install Cyrus IMAP on RPM-based systems such as Fedora, Red Hat, CentOS and Scientific Linux, execute the following command;
# yum -y install kolab-cyrus-imapd

kolab-cyrus-imapd will be installed on the system, including any software Cyrus IMAP depends on. The service cyrus-imapd will not yet be started, as you require configuration first. TODO: We can't automatically configure the software; we don't know where the configuration should come from and any hit is a lucky hit. We also don't know what the system is intended for. Nor can we figure such out. Maybe develop and contruct in the Kolab Systems packaging a means for Cyrus IMAP to in fact be automatically configured using a slipstream command, so that the next step is to verify, not configure.

47

48

Draft

Chapter 14.

Draft

Configuration of Cyrus IMAP

The following configuration files are installed on the system: /etc/cyrus.conf Configure which services Cyrus IMAP is to offer, using /etc/cyrus.conf. By default, POP and IMAP services have both been enabled for normal (plaintext) only, as you require a certificate for TLS and SSL configurations. Please refer to Chapter 16, Securing Cyrus IMAP Communications for more details if you seek to secure communications. /etc/imapd.conf The behaviour of Cyrus IMAP is controlled using /etc/imapd.conf. Please refer to Chapter 15, Configuring IMAP for standard configurations, and Chapter 18, IMAP Option Reference for a list of options. /etc/imapd.annotations.conf /etc/imapd.annotations.conf contains the Kolab annotations for use with the Kolab Groupware Solution. System Configuration Defaults While the location depends on whether you use an APT-based or RPM-based system, the contents of the file describe system-wide configuration and service defaults, such as the location of /etc/ cyrus.conf should you require such file to be in a different, non-default location. Please refer to Chapter 19, System Configuration Defaults for more information on available options.

APT-based Systems
On APT-based Systems, please use /etc/default/cyrus-imapd as the system configuration defaults file.

RPM-based Systems
On RPM-based Systems, please use /etc/sysconfig/cyrus-imapd as the system configuration defaults file.

System Configuration Defaults

The system configuration defaults normally suffice, and should not have to be altered unless you have very specific requirements.

In addition to these configuration files, the following directories are used for Cyrus IMAP by default: /var/lib/imap Cyrus IMAP stores it's databases and transactional data here, such as Sieve scripts. /var/spool/imap The primary (default) IMAP partition. Please refer to Chapter 17, IMAP Partitions for TODO: Quick To Go: Small deployments

49

50

Draft

Chapter 15.

Draft

Configuring IMAP
TODO: While the defaults shipped in the Kolab Systems software packages are good to go for most common Cyrus IMAP deployments, ...

51

52

Draft

Chapter 16.

Draft

Securing Cyrus IMAP Communications

TODO: Describe

53

54

Draft

Chapter 17.

Draft

IMAP Partitions
TODO

55

56

Draft

Chapter 18.

Draft

IMAP Option Reference

TODO: list/table of options

57

58

Draft

Chapter 19.

Draft

System Configuration Defaults

The following options are available in the system configuration defaults file (/etc/default/cyrusimapd for APT-based systems and /etc/sysconfig/cyrus-imapd for RPM-based systems); CYRUS_CONFIG The location of the Cyrus master configuration file, /etc/cyrus.conf by default. Valid options are existing Cyrus configuration files. IMAPD_CONFIG The location of the Cyrus IMAP configuration file, controlling aspects such as authentication, storage locations, database types and other general Groupware infrastructure. /etc/imapd.conf by default. Valid options are existing Cyrus IMAP coniguration files. LISTENQUEUE The size of the listen queue. 32 by default. Only integers are valid. TODO: Figure out the maximum length/size of LISTENQUEUE CYRUS_VERBOSE What cyrus-master process. Not set by default. TODO: Figure out useful values for CYRUS_VERBOSE CYRUS_OPTIONS Additional options to pass on to the cyrus-master process. Not set by default. To get a list of valid options, please refer to the cyrus-master(8) man page.

59

60

Draft

Chapter 20.

Draft

Creating a Cyrus Murder Setup

TODO

20.1. Setting up the master update server

TODO

20.1.1. Choosing the mupdate mode

TODO: on unified, replica, etc.

61

62

Draft

Chapter 21.

Draft

Creating an IMAP Backend Server

TODO

21.1. Hooking in a new backend server into a murder setup

TODO

63

64

Draft

Chapter 22.

Draft

Creating an IMAP Frontend Server

TODO

22.1. Hooking in a new frontend server into a murder setup

TODO

65

66

Draft

Draft

Appendix A. Revision History

Revision 0 Sun May 16 2010 Initial creation of book by publican Dude McPants Dude.McPants@example.com

67

68

Draft

Draft

Index
F
feedback contact information for this manual, vii

69

70