How to Configure FTP Server in Linux RHEL 6

In this post i will show how to install Very Secure FTP (Vsftpd) and how to configure ftp server in linux Red Hat Enterprise Linux 6 (RHEL 6). Vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast and it is stable.

As an example I will install and configure the vsftpd server and will also transfer files from the clients running on the Windows XP command prompt.

-A linux server with ip address 192.168.1.43 running on RHEL 6 Operating system
-A window client with ip address 192.168.1.52 running on Windows XP Pro
-RHEL 6 server Running portmap/rpcbind and xinetd services
-Firewall and SElinux should be off on server

how to configure ftp server in linux

How to Install FTP Server in Linux ?

1. Install vsftpd, rpcbind and xinetd service using the following command :

# yum install vsftpd rpcbind xinetd -y

2. Check vsftpd, xinetd and rpcbind/portmap exist and installed on the server :

# rpm -qa vsftpd
vsftpd-2.2.2-6.el6.i686

# rpm -qa xinetd
xinetd-2.3.14-29.el6.i686

# rpm -qa rpcbind
rpcbind-0.2.0-8.el6.i686

3. Make all these services auto start at boot :

# chkconfig vsftpd on
# chkconfig xinetd on
# chkconfig rpcbind on

4. Check the xinetd and rpcbind status :

# service xinetd status
xinetd (pid  1326) is running...

# service rpcbind status
rpcbind (pid  1178) is running...

5. Create the a new user named ftpuser and set password :

# useradd ftpuser
# passwd ftpuser
Changing password for user ftpuser.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

6. Login as ftpuser on other terminal and create a new files named “files”.

# su - ftpuser
[ftpuser@rhel6 ~]$ cat > files
This is file created on RHEL 6 ftp server

7. Start the vsftpd service :

# service vsftpd start
Starting vsftpd for vsftpd:                                [  OK  ]

8. Stop the iptables linux firewall and disabled selinux :

# service ip6tables stop
ip6tables: Flushing firewall rules:                        [  OK  ]
ip6tables: Setting chains to policy ACCEPT: filter         [  OK  ]
ip6tables: Unloading modules:                              [  OK  ]

# service iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: filter          [  OK  ]
iptables: Unloading modules:                               [  OK  ]
# setenforce 0
setenforce: SELinux is disabled

How to Configure FTP Server in Linux ?

9. It’s good to make backup of your original configuration file.

[root@rhel6 ~]# cp /etc/vsftpd/vsftpd.conf /etc/vsftpd/vsftpd.conf-bak

10. login from user account and download the files :

D:\>ftp 192.168.1.43
Connected to 192.168.1.43.
220 (vsFTPd 2.2.2)
User (192.168.1.43:(none)): ftpuser
331 Please specify the password.
Password:
230 Login successful.
ftp> get files
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for files (42 bytes).
226 Transfer complete.
ftp: 42 bytes received in 0.00Seconds 42000.00Kbytes/sec.
ftp> quit
221 Goodbye.

11. Check the contain of downloaded files :

D:\>type files
This is file created on RHEL 6 ftp server

12. By default root account is not allowed to login the vsftpd server as it’s exist in /etc/vsftpd/ftpusers.

D:\>ftp 192.168.1.43
Connected to 192.168.1.43.
220 (vsFTPd 2.2.2)
User (192.168.1.43:(none)): root
530 Permission denied.
Login failed.
ftp>

13. Open /etc/vsftpd/ftpusers file. Remove or comment out the line for user “root” and add “ftpuser” instead. Users whose name are set in this file will not allowed to login from ftp.

[root@rhel6 ~]# vi /etc/vsftpd/ftpusers
# Users that are not allowed to login via ftp
#root
ftpuser
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

14. Open /etc/vsftpd/user_list file. Remove or comment out entry in /etc/vsftpd/user_list files. Remove or comment out the line for user “root” and add “ftpuser” instead. Users whose names are set in this file are also not allowed to login from ftp even they are not prompt for password.

# vi /etc/vsftpd/user_list
# vsftpd userlist
# If userlist_deny=NO, only allow users in this file
# If userlist_deny=YES (default), never allow users in this file, and
# do not even prompt for a password.
# Note that the default vsftpd pam config also checks /etc/vsftpd/ftpusers
# for users that are denied.
#root
ftpuser
bin
daemon
adm
lp
sync
shutdown
halt
mail
news
uucp
operator
games
nobody

15. Root now allowed to access ftp server :

D:\>ftp 192.168.1.43
Connected to 192.168.1.43.
220 (vsFTPd 2.2.2)
User (192.168.1.43:(none)): root
331 Please specify the password.
Password:
230 Login successful.
ftp> quit
221 Goodbye.

16. ftpuser now not allowed to access ftp server :

D:\>ftp 192.168.1.43
Connected to 192.168.1.43.
220 (vsFTPd 2.2.2)
User (192.168.1.43:(none)): ftpuser
530 Permission denied.
Login failed.
ftp>

17. How to set login banner for ftp server :
Open /etc/vsftpd/vsftpd.conf look for “ftpd_banner” :

# vi /etc/vsftpd/vsftpd.conf

Uncomment ftpd_banner and customize the login banner string as below :

# You may fully customise the login banner string:
ftpd_banner=Welcome to eHowStuff.com RHEL6 FTP server
#

18 Restart the ftp service :

# service vsftpd restart
Shutting down vsftpd:                                      [  OK  ]
Starting vsftpd for vsftpd:                                [  OK  ]

19. Try login to ftp server. Check the banner, it will appear before user login as below :

D:\>ftp 192.168.1.43
Connected to 192.168.1.43.
220 Welcome to eHowStuff.com RHEL6 FTP server
User (192.168.1.43:(none)):

If you encounter any issues on how to configure ftp server in linux, you can put a few questions in the comments below.

How to Check Linux System Reboot Date and Time

Question : How to check when was my linux system last rebooted and how long was the system running ?

Answer : The are several command to check last system rebooted.

1. Check last rebooted using “who -b” command :

[root@server ~]# who -b
         system boot  2014-08-16 09:34

2. Check last rebooted using “last reboot” command :

[root@server ~]# last reboot
reboot   system boot  2.6.32-431.el6.x Sat Aug 16 09:34 - 01:11  (15:36)
reboot   system boot  2.6.32-431.el6.x Tue Aug 12 19:39 - 00:13  (04:33)
reboot   system boot  2.6.32-431.el6.x Mon Aug 11 23:08 - 23:59  (00:50)
reboot   system boot  2.6.32-431.el6.x Tue Aug  5 11:47 - 05:41 (5+17:54)
reboot   system boot  2.6.32-431.el6.x Tue Aug  5 09:03 - 11:18  (02:15)
reboot   system boot  2.6.32-431.el6.x Tue Aug  5 08:58 - 09:03  (00:04)
reboot   system boot  2.6.32-431.el6.x Fri Jul 18 00:47 - 00:51  (00:04)
reboot   system boot  2.6.32-431.el6.x Sun Dec  8 11:22 - 11:23  (00:01)
reboot   system boot  2.6.32-431.el6.x Sun Dec  8 10:28 - 10:30  (00:01)
reboot   system boot  2.6.32-431.el6.x Sat Dec  7 21:54 - 22:40  (00:46)
reboot   system boot  2.6.32-431.el6.x Sat Dec  7 19:46 - 21:54  (02:08)

wtmp begins Sat Dec  7 19:46:12 2013

3. Check how long was the system running using “uptime” command :

[root@server ~]# uptime
 01:13:34 up 15:38,  1 user,  load average: 0.04, 0.08, 0.04

Use uptime command to deduce last reboot time. The uptime command will show the current time and how long the system was running.

Facebook, Google, Intel, Microsoft, NetApp, Qualcomm, VMware And The Linux Foundation Form New Initiative To Prevent The Next Heartbleed

The OpenSSL Heartbleed disaster definitely opened up many people’s eyes to how underfunded and understaffed many of the open source projects the web relies on are. To prevent the next Heartbleed, Facebook, Google, Intel, Microsoft, NetApp, Qualcomm, VMware and The Linux Foundation today announced the “Core Infrastructure Initiative.” This initiative will fund and support important open source projects “that are in need of assistance.”

While it’s not clear how much money each of the participants is contributing, the Linux Foundation — which organized this program — says this is a “multi-million dollar project” and should be seen as the industry’s collective response to the Heartbleed crisis. The Linux Foundation will administer the initiative’s funds.

Unsurprisingly, the OpenSSL project will be the first to receive fellowship funding from the initiative. The idea behind the fellowships is to allow key developers to work on these projects full-time. Besides the funding, the projects that will receive support from the initiative will also get other forms of assistance to improve their security, including outside reviews, security audits, computing and test infrastructure, travel and other support.

Considering the importance of a project like OpenSSL, it is indeed somewhat shameful that it only received about $2,000 per year in donations. Money alone, of course, may not have been enough to help catch the Heartbleed bug, so it’s good to see that the participating companies are also dedicating test resources to this project.

“Just as The Linux Foundation has funded Linus Torvalds to be able to focus 100% on Linux development, we will now be able to support additional developers and maintainers to work full-time supporting other essential open source projects,” said Jim Zemline, the executive director of the Linux Foundation in a statement today.

The idea behind open source, of course, is to get as many people as possible to produce high-quality code that is also secure. Many of the projects we rely on day in and day out, however, have grown so complex that having only a few part-time developers working on them isn’t enough to ensure their quality and security. The Linux Foundation acknowledges as much today.

“The most recent Coverity Open Scan study of software quality has shown that open source code quality surpasses proprietary code quality. But as all software has grown in complexity – with interoperability between highly complex systems now the standard – the needs for developer support has grown.”

Looking ahead, the Core Infrastructure Initiative plans to move away from what is clearly a reactive post-crisis mode to a more proactive mode. Going forward, the initiative will focus more strongly on proactive reviews that identify the need of the most important projects — hopefully before the next Heartbleed crisis hits.

Click here for full story

How OpenStack parallels the adoption of Linux

In spite of its considerable momentum, there are still skeptics about whether OpenStack will ultimately succeed. My colleague tackled some of that skepticism in a blog post last year and I’m not going to rehash those arguments here. Rather, I’m going to make some observations about how OpenStack is paralleling, and will likely continue to parallel, the adoption of another open source project that I think we can all agree has become popular and successful—namely Linux. [1]

1. Part and parcel of a new approach to computing

Linux came about at a time when computing was changing. It had become distributed and the rise of the web was leading to new functions and new requirements. Much of Linux’ early-on growth came from powering new Internet infrastructure. It was from that beachhead that Linux branched out into more traditional enterprise operating system roles. Similarly, OpenStack is part of the cloud computing wave which is characterized by new levels of standardization and automation combined with an on-demand and self-service approach to delivering computing resources to users. 

2. Adoption rates won’t be uniform

Linux early adopters were often Internet hosting providers and other technically savvy technology consumers. Early OpenStack adopters fit a similar profile. In fact, the OpenStack project was originally founded by NASA and Rackspace, a hosting provider. Other early users of the technology include organizations such as financial services firms seeking to bring public cloud computing benefits into their own datacenters for a more flexible infrastructure that remains fully under their control. Mainstream enterprise adoption, especially for workloads that aren’t cloud enabled, will follow over time. 

3. It takes time

And, in general, adoption of new technologies always takes place over years. Depending upon how you count, significant Linux adoption by mainstream enterprises took up to a decade from its inception. Many considered the Linux 2.4 kernel to be the first one that was “enterprise ready” (whether or not they were able to define what they meant by that term) and that didn’t appear in commercial Linux distributions until about 2001—well after Linux was already in widespread use for Internet infrastructure.

That’s not to say OpenStack’s timeline will be so extended. Today, open source software is widely accepted within enterprises in a way that wasn’t the case c. 2001. But no technology gets adopted overnight. (Even x86 virtualization took perhaps five years to become truly widespread.) 

4. About community as much as technology

Early Linux success didn’t come about because it was better technology than Unix. For the most part it wasn’t. Rather it often won because it was less expensive than proprietary Unix running on proprietary hardware. It also gave users a choice of both distributions and hardware vendors as well as the ability to customize the code should they so choose. However, what has truly distinguished Linux and open source broadly over time is the power of the open source development models and the innovation that comes from communities around projects.

Today, across major areas of the market such as infrastructures for handling high volume data, open source technologies are behind most of the ongoing rapid change. That’s the case with OpenStack as well. There are other cloud infrastructure projects—some of which arguably have a head-start in commercial deployments. But it’s OpenStack that’s garnering the most industry attention because OpenStack has the biggest and most diverse community. 

5. Open source development is an incremental process

One of the knocks one hears about OpenStack is that it’s not mature. It’s not. And indeed this is a common refrain about many early-stage open source projects. Of course, early versions of proprietary products aren’t necessarily mature either. But, usually, the company developing proprietary software has at least made an effort to release something that’s complete and functional.

Open source, on the other hand, is a much more iterative process beginning with early code that is not only immature but which has clear functional gaps. This was the case with Linux that began life as essentially a hobbyist operating system before evolving into something appropriate for Internet infrastructure and finally into an operating system capable of handling the most demanding enterprise workloads. OpenStack will follow a similar trajectory. 

6. Commercial distributions make consumption by businesses possible

One of the important steps that needed to happen in order for Linux to be accepted into mainstream enterprises was that it had to be made available as a commercial product. Most enterprises aren’t interested in consuming open source projects—especially for production workloads. They want products, which is to say bits that are thoroughly hardened, tested, documented, and supported. They want ecosystems around those products including whatever certifications are required.

Likewise with OpenStack, some early adopters are working directly with and even contributing to the OpenStack project but most enterprises are looking for a OpenStack product. 

7. Need for complementary components and integration

Customers don’t buy infrastructure for the sake of buying infrastructure. An obvious statement perhaps but one that nonetheless sometimes seems to be forgotten. Linux succeeded because it became a great platform on which to run everything from networking services to line-of-business applications. Linux distributions include many of the open source components needed to build highly functional infrastructure; the Apache Web Server was an important early-on component. But the availability over time of additional software needed by enterprises, including proprietary software, is what made Linux an integral part of the software stack at so many organizations.

Similarly, OpenStack will increasingly include many of the components needed to build out the Infrastructure-as-a-Service (IaaS) layer. However, complementary products such as cloud management platforms, application lifecycle management, and Platform-as-a-Service (PaaS) are needed to build and manage a complete hybrid cloud. And, of course, that cloud also needs an operating system to support the applications running in the cloud—a role for which Linux is ideally suited. 

Conclusion

One thing is much different from the early days of Linux adoption and today’s OpenStack. The environment is much changed. Then, open source was still a new concept to many. Major proprietary software vendors did their best to convince customers that open source was somehow riskier than their own products. Good open source project governance, licensing, and development practices were being learned, often by trial and error.

Today, as can be seen in the pace of OpenStack’s advance, the milieu is vastly different. Open source software is ubiquitous and it’s widely recognized that open, collaborative approaches are often just a better way to develop software. One need only look at the membership of the OpenStack Foundation to see just how many major IT vendors and how many individuals recognize this to be the case.

Click here for full story

How to Remove Volume Group and Physical Volume on LVM

icon-redhatlinuxBasically, adding and removing LVM will always involves these three logical “layers” which are Physical volumes (pv), Volume groups (vg) and Logical volumes (lv). This post assumed that the Logical volumes haven’t created. In certain situation, linux administrators are required to remove the existing Physical Volume or Volume Group only. It is possible to perform the required task if that system administrator has the right skill on linux. The steps as below :

1. Display the physical volumes and Volume Group using pvdisplay command :

[root@centos63 ~]# pvdisplay
  --- Physical volume ---
  PV Name               /dev/sdb1
  VG Name               vg_data
  PV Size               4.99 GiB / not usable 2.41 MiB
  Allocatable           yes
  PE Size               4.00 MiB
  Total PE              1278
  Free PE               1278
  Allocated PE          0
  PV UUID               qTmTeq-8qoL-xxEk-Dj5V-zOjl-vEag-P6Jl7L

2. Remove the Volume Group using vgremove command :

[root@centos63 ~]# vgremove vg_data
  Volume group "vg_data" successfully removed

3. Remove Physical Volume using pvremove command :

[root@centos63 ~]# pvremove /dev/sdb1
  Labels on physical volume "/dev/sdb1" successfully wiped

Additional Note :
How to Remove a Logical Volume on CentOS 6.3/RHEL6

Configure Network Time Protocol (NTP) on CentOS 6.3

Linux LogoAs opposed to the manual setup, it is possible to synchronize the system clock with a remote server over the Network Time Protocol (NTP). NTP is an Internet protocol used to synchronize the clocks of computers or servers to some NTP server on internet or intranet.

Steps A
1. To synchronization immediately or for the one-time synchronization only, use the ntpdate command as below :

[root@centos63 ~]# ntpdate -q time.internet.com

2. Enable running the ntpdate at boot time:

[root@centos63 ~]# chkconfig ntpdate on

Steps B
However, there are alternative way to set the ntpd daemon to synchronize the time at boot time automatically :

1. Install ntpd service daemon :

[root@centos63 ~]# yum install ntp -y

2. Open the NTP configuration file /etc/ntp.conf :

[root@centos63 ~]# vi /etc/ntp.conf

3. Now add or edit the list of public NTP servers.

server 0.asia.pool.ntp.org
server 1.asia.pool.ntp.org
server 2.asia.pool.ntp.org
server 3.asia.pool.ntp.org

4. Set the proper permissions, giving the unrestricted access to localhost only:

restrict default kod nomodify notrap nopeer noquery
restrict -6 default kod nomodify notrap nopeer noquery
restrict 127.0.0.1
restrict -6 ::1

5. Restart the NTP daemon:

[root@centos63 ~]# service ntpd restart
Shutting down ntpd:                                        [  OK  ]
Starting ntpd:                                             [  OK  ]

6.Set ntpd daemon is started at boot time :

[root@centos63 ~]# chkconfig ntpd on

How to Install Wireshark on CentOS 6.3

Wireshark is a free and open-source network packet analyzer that will help to capture network packets and tries to display that packet data as detailed as possible. This post will covers the quick step to install wireshark on linux CentOS 6.3.

[root@centos63 ~]# yum install wireshark -y
[root@centos63 ~]# yum install wireshark -y
Loaded plugins: fastestmirror, presto
Loading mirror speeds from cached hostfile
 * base: mirrors.hostemo.com
 * extras: mirrors.hostemo.com
 * updates: mirrors.hostemo.com
CentOS6.3-Repository                                                         | 4.0 kB     00:00 ...
base                                                                         | 3.7 kB     00:00
extras                                                                       | 3.0 kB     00:00
updates                                                                      | 3.5 kB     00:00
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package wireshark.i686 0:1.2.15-2.el6_2.1 will be installed
--> Processing Dependency: libsmi.so.2 for package: wireshark-1.2.15-2.el6_2.1.i686
--> Processing Dependency: libpcap.so.1 for package: wireshark-1.2.15-2.el6_2.1.i686
--> Processing Dependency: libgnutls.so.26(GNUTLS_1_4) for package: wireshark-1.2.15-2.el6_2.1.i686
--> Processing Dependency: libgnutls.so.26 for package: wireshark-1.2.15-2.el6_2.1.i686
--> Running transaction check
---> Package gnutls.i686 0:2.8.5-4.el6_2.2 will be installed
--> Processing Dependency: libtasn1.so.3(LIBTASN1_0_3) for package: gnutls-2.8.5-4.el6_2.2.i686
--> Processing Dependency: libtasn1.so.3 for package: gnutls-2.8.5-4.el6_2.2.i686
---> Package libpcap.i686 14:1.0.0-6.20091201git117cb5.el6 will be installed
---> Package libsmi.i686 0:0.4.8-4.el6 will be installed
--> Running transaction check
---> Package libtasn1.i686 0:2.3-3.el6_2.1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

====================================================================================================
 Package         Arch       Version                                Repository                  Size
====================================================================================================
Installing:
 wireshark       i686       1.2.15-2.el6_2.1                       CentOS6.3-Repository       9.9 M
Installing for dependencies:
 gnutls          i686       2.8.5-4.el6_2.2                        CentOS6.3-Repository       336 k
 libpcap         i686       14:1.0.0-6.20091201git117cb5.el6       CentOS6.3-Repository       125 k
 libsmi          i686       0.4.8-4.el6                            CentOS6.3-Repository       2.4 M
 libtasn1        i686       2.3-3.el6_2.1                          CentOS6.3-Repository       239 k

Transaction Summary
====================================================================================================
Install       5 Package(s)

Total download size: 13 M
Installed size: 64 M
Downloading Packages:
Setting up and reading Presto delta metadata
Processing delta metadata
Package(s) data still to download: 13 M
----------------------------------------------------------------------------------------------------
Total                                                                12 MB/s |  13 MB     00:01
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : libtasn1-2.3-3.el6_2.1.i686                                                      1/5
  Installing : gnutls-2.8.5-4.el6_2.2.i686                                                      2/5
  Installing : libsmi-0.4.8-4.el6.i686                                                          3/5
  Installing : 14:libpcap-1.0.0-6.20091201git117cb5.el6.i686                                    4/5
  Installing : wireshark-1.2.15-2.el6_2.1.i686                                                  5/5
  Verifying  : 14:libpcap-1.0.0-6.20091201git117cb5.el6.i686                                    1/5
  Verifying  : libsmi-0.4.8-4.el6.i686                                                          2/5
  Verifying  : gnutls-2.8.5-4.el6_2.2.i686                                                      3/5
  Verifying  : libtasn1-2.3-3.el6_2.1.i686                                                      4/5
  Verifying  : wireshark-1.2.15-2.el6_2.1.i686                                                  5/5

Installed:
  wireshark.i686 0:1.2.15-2.el6_2.1

Dependency Installed:
  gnutls.i686 0:2.8.5-4.el6_2.2            libpcap.i686 14:1.0.0-6.20091201git117cb5.el6
  libsmi.i686 0:0.4.8-4.el6                libtasn1.i686 0:2.3-3.el6_2.1

Complete!

How to Setup Zimbra Collaboration Suite 7.2.0 Mail Server on CentOS 6.2 x86_64

Mail ServerIn this post, i will show you the steps to setup Zimbra Collaboration Suite (ZCS) 7.2.0 Mail Server open source edition on CentOS 6.2 64 bit. Zimbra only released the 64 bit version for Redhat Linux Enteprise 6 (RHEL6) or CentOS 6 operating system. Before you start installing ZCS software, please make sure that all the prerequisites has been configured and install. Also, don’t forget to configure the domain name server (DNS), so that you installation will run smoothly as what documented on this guidelines. For more info on this latest ZCS, please refer to official ZCS 7.2 Open Source release note.

1.Perform the following preparations :
https://www.ehowstuff.com/how-to-prepare-for-zimbra-collaboration-suite-7-1-4-mail-server-installation-on-centos-6-2-x86_64/

2. Setup the DNS properly. In this case, you should have dns zone as below :

;
;       Addresses and other host information.
;
@       IN      SOA     zimbra.lab. admin.zimbra.lab. (
                               2012060801      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum

;       Define the nameservers and the mail servers

               IN      NS      ns.zimbra.lab.
               IN      A       192.168.1.100
               IN      MX      10 mail.zimbra.lab.

mail            IN      A       192.168.1.100
ns              IN      A       192.168.1.100

3. Download Zimbra Collaboration Suite 7.1.4 from zimbra official website :

[root@mail ~]# wget http://files2.zimbra.com/downloads/7.2.0_GA/zcs-7.2.0_GA_2669.RHEL6_64.20120410002025.tgz

4. Extract the downloaded zcs file and change directory to extracted zcs folder :

[root@mail ~]# tzar xvf zcs-7.2.0_GA_2669.RHEL6_64.20120410002025.tgz
[root@mail ~]# cd zcs-7.2.0_GA_2669.RHEL6_64.2012041000202

5. Start installing zimbra using the following command. Make sure you put “–platform-override” as this zimbra is install on the operating system other than RHEL :

[root@mail zcs-7.2.0_GA_2669.RHEL6_64.20120410002025]# ./install.sh --platform-override

Operations logged to /tmp/install.log.1572
Checking for existing installation...
    zimbra-ldap...NOT FOUND
    zimbra-logger...NOT FOUND
    zimbra-mta...NOT FOUND
    zimbra-snmp...NOT FOUND
    zimbra-store...NOT FOUND
    zimbra-apache...NOT FOUND
    zimbra-spell...NOT FOUND
    zimbra-convertd...NOT FOUND
    zimbra-memcached...NOT FOUND
    zimbra-proxy...NOT FOUND
    zimbra-archiving...NOT FOUND
    zimbra-cluster...NOT FOUND
    zimbra-core...NOT FOUND


PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE.
ZIMBRA, INC. ("ZIMBRA") WILL ONLY LICENSE THIS SOFTWARE TO YOU IF YOU
FIRST ACCEPT THE TERMS OF THIS AGREEMENT. BY DOWNLOADING OR INSTALLING
THE SOFTWARE, OR USING THE PRODUCT, YOU ARE CONSENTING TO BE BOUND BY
THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS
AGREEMENT, THEN DO NOT DOWNLOAD, INSTALL OR USE THE PRODUCT.

License Terms for the Zimbra Collaboration Suite:
  http://www.zimbra.com/license/zimbra_public_eula_2.1.html



Do you agree with the terms of the software license agreement? [N] y

Checking for prerequisites...
     FOUND: NPTL
     FOUND: nc-1.84-22
     FOUND: sudo-1.7.4p5-7
     FOUND: libidn-1.18-2
     FOUND: gmp-4.3.1-7
     FOUND: /usr/lib64/libstdc++.so.6
Checking for suggested prerequisites...
     FOUND: perl-5.10.1
     FOUND: sysstat
     FOUND: sqlite
Prerequisite check complete.

Checking for installable packages

Found zimbra-core
Found zimbra-ldap
Found zimbra-logger
Found zimbra-mta
Found zimbra-snmp
Found zimbra-store
Found zimbra-apache
Found zimbra-spell
Found zimbra-memcached
Found zimbra-proxy


Select the packages to install

Install zimbra-ldap [Y]

Install zimbra-logger [Y]

Install zimbra-mta [Y]

Install zimbra-snmp [Y]

Install zimbra-store [Y]

Install zimbra-apache [Y]

Install zimbra-spell [Y]

Install zimbra-memcached [N]

Install zimbra-proxy [N]
Checking required space for zimbra-core
checking space for zimbra-store

Installing:
    zimbra-core
    zimbra-ldap
    zimbra-logger
    zimbra-mta
    zimbra-snmp
    zimbra-store
    zimbra-apache
    zimbra-spell

You appear to be installing packages on a platform different
than the platform for which they were built.

This platform is CentOS6_64
Packages found: RHEL6_64
This may or may not work.

Using packages for a platform in which they were not designed for
may result in an installation that is NOT usable. Your support
options may be limited if you choose to continue.


Install anyway? [N] y

The system will be modified.  Continue? [N] y

Removing /opt/zimbra
Removing zimbra crontab entry...done.
Cleaning up zimbra init scripts...done.
Cleaning up /etc/ld.so.conf...done.
Cleaning up /etc/security/limits.conf...done.

Finished removing Zimbra Collaboration Suite.

Installing packages

    zimbra-core......zimbra-core-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-ldap......zimbra-ldap-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-logger......zimbra-logger-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-mta......zimbra-mta-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-snmp......zimbra-snmp-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-store......zimbra-store-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-apache......zimbra-apache-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
    zimbra-spell......zimbra-spell-7.2.0_GA_2669.RHEL6_64-20120410002025.x86_64.rpm...done
Operations logged to /tmp/zmsetup.06082012-085913.log
Installing LDAP configuration database...done.
Setting defaults...

DNS ERROR resolving MX for mail.zimbra.lab
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]
Create domain: [mail.zimbra.lab] zimbra.lab
        MX: mail.zimbra.lab (192.168.1.100)

        Interface: 192.168.1.100
        Interface: 127.0.0.1
done.
Checking for port conflicts

Main menu

   1) Common Configuration:
   2) zimbra-ldap:                             Enabled
   3) zimbra-store:                            Enabled
        +Create Admin User:                    yes
        +Admin user to create:                 admin@zimbra.lab
******* +Admin Password                        UNSET
        +Anti-virus quarantine user:           virus-quarantine.yjeejv_dpa@zimbra.lab
        +Enable automated spam training:       yes
        +Spam training user:                   spam.fgupk8pwc@zimbra.lab
        +Non-spam(Ham) training user:          ham.0r0ct8ky@zimbra.lab
        +SMTP host:                            mail.zimbra.lab
        +Web server HTTP port:                 80
        +Web server HTTPS port:                443
        +Web server mode:                      http
        +IMAP server port:                     143
        +IMAP server SSL port:                 993
        +POP server port:                      110
        +POP server SSL port:                  995
        +Use spell check server:               yes
        +Spell server URL:                     http://mail.zimbra.lab:7780/aspell.php
        +Configure for use with mail proxy:    FALSE
        +Configure for use with web proxy:     FALSE
        +Enable version update checks:         TRUE
        +Enable version update notifications:  TRUE
        +Version update notification email:    admin@zimbra.lab
        +Version update source email:          admin@zimbra.lab

   4) zimbra-mta:                              Enabled
   5) zimbra-snmp:                             Enabled
   6) zimbra-logger:                           Enabled
   7) zimbra-spell:                            Enabled
   8) Default Class of Service Configuration:
   r) Start servers after configuration        yes
   s) Save config to file
   x) Expand menu
   q) Quit

Address unconfigured (**) items  (? - help) 3


Store configuration

   1) Status:                                  Enabled
   2) Create Admin User:                       yes
   3) Admin user to create:                    admin@zimbra.lab
** 4) Admin Password                           UNSET
   5) Anti-virus quarantine user:              virus-quarantine.yjeejv_dpa@zimbra.lab
   6) Enable automated spam training:          yes
   7) Spam training user:                      spam.fgupk8pwc@zimbra.lab
   8) Non-spam(Ham) training user:             ham.0r0ct8ky@zimbra.lab
   9) SMTP host:                               mail.zimbra.lab
  10) Web server HTTP port:                    80
  11) Web server HTTPS port:                   443
  12) Web server mode:                         http
  13) IMAP server port:                        143
  14) IMAP server SSL port:                    993
  15) POP server port:                         110
  16) POP server SSL port:                     995
  17) Use spell check server:                  yes
  18) Spell server URL:                        http://mail.zimbra.lab:7780/aspell.php
  19) Configure for use with mail proxy:       FALSE
  20) Configure for use with web proxy:        FALSE
  21) Enable version update checks:            TRUE
  22) Enable version update notifications:     TRUE
  23) Version update notification email:       admin@zimbra.lab
  24) Version update source email:             admin@zimbra.lab

Select, or 'r' for previous menu [r] 4

Password for admin@zimbra.lab (min 6 characters): [NvRw0ymD] password

Store configuration

   1) Status:                                  Enabled
   2) Create Admin User:                       yes
   3) Admin user to create:                    admin@zimbra.lab
   4) Admin Password                           set
   5) Anti-virus quarantine user:              virus-quarantine.yjeejv_dpa@zimbra.lab
   6) Enable automated spam training:          yes
   7) Spam training user:                      spam.fgupk8pwc@zimbra.lab
   8) Non-spam(Ham) training user:             ham.0r0ct8ky@zimbra.lab
   9) SMTP host:                               mail.zimbra.lab
  10) Web server HTTP port:                    80
  11) Web server HTTPS port:                   443
  12) Web server mode:                         http
  13) IMAP server port:                        143
  14) IMAP server SSL port:                    993
  15) POP server port:                         110
  16) POP server SSL port:                     995
  17) Use spell check server:                  yes
  18) Spell server URL:                        http://mail.zimbra.lab:7780/aspell.php
  19) Configure for use with mail proxy:       FALSE
  20) Configure for use with web proxy:        FALSE
  21) Enable version update checks:            TRUE
  22) Enable version update notifications:     TRUE
  23) Version update notification email:       admin@zimbra.lab
  24) Version update source email:             admin@zimbra.lab

Select, or 'r' for previous menu [r]

Main menu

   1) Common Configuration:
   2) zimbra-ldap:                             Enabled
   3) zimbra-store:                            Enabled
   4) zimbra-mta:                              Enabled
   5) zimbra-snmp:                             Enabled
   6) zimbra-logger:                           Enabled
   7) zimbra-spell:                            Enabled
   8) Default Class of Service Configuration:
   r) Start servers after configuration        yes
   s) Save config to file
   x) Expand menu
   q) Quit

*** CONFIGURATION COMPLETE - press 'a' to apply
Select from menu, or press 'a' to apply config (? - help) a
Save configuration data to a file? [Yes]
Save config in file: [/opt/zimbra/config.7018]
Saving config in /opt/zimbra/config.7018...done.
The system will be modified - continue? [No] yes
Operations logged to /tmp/zmsetup.06082012-085913.log
Setting local config values...done.
Setting up CA...done.
Deploying CA to /opt/zimbra/conf/ca ...done.
Creating SSL certificate...done.
Installing mailboxd SSL certificates...done.
Initializing ldap...done.
Setting replication password...done.
Setting Postfix password...done.
Setting amavis password...done.
Setting nginx password...done.
Creating server entry for mail.zimbra.lab...done.
Saving CA in ldap ...done.
Saving SSL Certificate in ldap ...done.
Setting spell check URL...done.
Setting service ports on mail.zimbra.lab...done.
Adding mail.zimbra.lab to zimbraMailHostPool in default COS...done.
Installing webclient skins...
        smoke...done.
        pebble...done.
        carbon...done.
        lavender...done.
        waves...done.
        bones...done.
        bare...done.
        hotrod...done.
        oasis...done.
        sky...done.
        tree...done.
        beach...done.
        steel...done.
        twilight...done.
        lemongrass...done.
        sand...done.
        lake...done.
Finished installing webclient skins.
Setting zimbraFeatureTasksEnabled=TRUE...done.
Setting zimbraFeatureBriefcasesEnabled=TRUE...done.
Setting MTA auth host...done.
Setting TimeZone Preference...done.
Initializing mta config...done.
Setting services on mail.zimbra.lab...done.
Creating domain zimbra.lab...done.
Setting default domain name...done.
Creating domain zimbra.lab...already exists.
Creating admin account admin@zimbra.lab...done.
Creating root alias...done.
Creating postmaster alias...done.
Creating user spam.fgupk8pwc@zimbra.lab...done.
Creating user ham.0r0ct8ky@zimbra.lab...done.
Creating user virus-quarantine.yjeejv_dpa@zimbra.lab...done.
Setting spam training and Anti-virus quarantine accounts...done.
Initializing store sql database...done.
Setting zimbraSmtpHostname for mail.zimbra.lab...done.
Configuring SNMP...done.
Checking for default IM conference room...not present.
Initializing default IM conference room...done.
Setting up syslog.conf...done.

You have the option of notifying Zimbra of your installation.
This helps us to track the uptake of the Zimbra Collaboration Suite.
The only information that will be transmitted is:
        The VERSION of zcs installed (7.2.0_GA_2669_CentOS6_64)
        The ADMIN EMAIL ADDRESS created (admin@zimbra.lab)

Notify Zimbra of your installation? [Yes] no
Notification skipped
Starting servers...done.
Installing common zimlets...
        com_zimbra_srchhighlighter...done.
        com_zimbra_cert_manager...done.
        com_zimbra_linkedin...done.
        com_zimbra_adminversioncheck...done.
        com_zimbra_email...done.
        com_zimbra_phone...done.
        com_zimbra_url...done.
        com_zimbra_date...done.
        com_zimbra_attachmail...done.
        com_zimbra_bulkprovision...done.
        com_zimbra_dnd...done.
        com_zimbra_webex...done.
        com_zimbra_social...done.
        com_zimbra_attachcontacts...done.
Finished installing common zimlets.
Restarting mailboxd...done.
Setting up zimbra crontab...done.


Moving /tmp/zmsetup.06082012-085913.log to /opt/zimbra/log


Configuration complete - press return to exit

6. Check zimbra status :

[root@mail ~]# su - zimbra
[zimbra@mail ~]$ zmcontrol status
Host mail.zimbra.lab
        antispam                Running
        antivirus               Running
        ldap                    Running
        logger                  Running
        mailbox                 Running
        mta                     Running
        snmp                    Running
        spell                   Running
        stats                   Running
        zmconfigd               Running

7. How to stop and start zimbra :

[root@mail ~]# su - zimbra
[zimbra@mail ~]$ zmcontrol stop
[zimbra@mail ~]$ zmcontrol start

How to Install PHP 5.3.3 on CentOS 5.8

PHP: Hypertext Preprocessor is a widely used, free and open-source server-side scripting language that was especially designed for web development to produce dynamic web pages and can be embedded into HTML. PHP applications are commonly found with the filename extensions .php, .php4, or .php5. In this post, i will share on how to install PHP 5.3.3 on linux CentOS 5.8 server. This steps may working on other version of CentOS.

Simply run the following command to install PHP 5.3.3 :

[root@centos58 ~]# yum install php53-* -y
Transaction Summary
====================================================================================================
Install      58 Package(s)
Upgrade       0 Package(s)

Total download size: 24 M
Downloading Packages:
(1/58): php53-recode-5.3.3-1.el5.i386.rpm                                    | 5.9 kB     00:00
(2/58): firebird-filesystem-2.1.4.18393.0-1.el5.i386.rpm                     | 6.6 kB     00:00
(3/58): php53-enchant-5.3.3-1.el5.i386.rpm                                   | 9.7 kB     00:00
(4/58): php53-mcrypt-5.3.3-1.el5.i386.rpm                                    |  16 kB     00:00
(5/58): php53-tidy-5.3.3-1.el5.i386.rpm                                      |  18 kB     00:00
(6/58): php53-php-gettext-1.0.11-3.el5.noarch.rpm                            |  20 kB     00:00
(7/58): zarafa-common-7.0.6-1.el5.i386.rpm                                   |  21 kB     00:00
(8/58): boost141-system-1.41.0-2.el5.i386.rpm                                |  24 kB     00:00
(9/58): php53-pspell-5.3.3-7.el5_8.i386.rpm                                  |  26 kB     00:00
(10/58): php53-mssql-5.3.3-1.el5.i386.rpm                                    |  26 kB     00:00
(11/58): php53-snmp-5.3.3-7.el5_8.i386.rpm                                   |  29 kB     00:00
(12/58): php53-ldap-5.3.3-7.el5_8.i386.rpm                                   |  36 kB     00:00
(13/58): php53-process-5.3.3-7.el5_8.i386.rpm                                |  38 kB     00:00
(14/58): php53-dba-5.3.3-7.el5_8.i386.rpm                                    |  39 kB     00:00
(15/58): php53-bcmath-5.3.3-7.el5_8.i386.rpm                                 |  42 kB     00:00
(16/58): libntlm-1.0-1.el5.i386.rpm                                          |  43 kB     00:00
(17/58): libXpm-3.5.5-3.i386.rpm                                             |  45 kB     00:00
(18/58): php53-imap-5.3.3-7.el5_8.i386.rpm                                   |  50 kB     00:00
(19/58): php53-interbase-5.3.3-1.el5.i386.rpm                                |  50 kB     00:00
(20/58): php53-odbc-5.3.3-7.el5_8.i386.rpm                                   |  51 kB     00:00
(21/58): php53-xmlrpc-5.3.3-7.el5_8.i386.rpm                                 |  52 kB     00:00
(22/58): php53-pdo-5.3.3-7.el5_8.i386.rpm                                    |  66 kB     00:00
(23/58): boost141-filesystem-1.41.0-2.el5.i386.rpm                           |  72 kB     00:00
(24/58): php53-pgsql-5.3.3-7.el5_8.i386.rpm                                  |  73 kB     00:00
(25/58): php53-intl-5.3.3-7.el5_8.i386.rpm                                   |  74 kB     00:00
(26/58): php53-mysql-5.3.3-7.el5_8.i386.rpm                                  |  87 kB     00:00
(27/58): mod_ssl-2.2.3-63.el5.centos.1.i386.rpm                              |  94 kB     00:00
(28/58): libgsasl-0.2.29-1.el5.i386.rpm                                      | 100 kB     00:01
(29/58): php53-gd-5.3.3-7.el5_8.i386.rpm                                     | 109 kB     00:00
(30/58): php53-xml-5.3.3-7.el5_8.i386.rpm                                    | 112 kB     00:00
(31/58): distcache-1.4.5-14.1.i386.rpm                                       | 119 kB     00:00
(32/58): m4-1.4.5-3.el5.1.i386.rpm                                           | 133 kB     00:01
(33/58): libtidy-0.99.0-14.20070615.el5.i386.rpm                             | 140 kB     00:01
(34/58): php53-soap-5.3.3-7.el5_8.i386.rpm                                   | 146 kB     00:01
(35/58): enchant-1.4.2-4.el5.1.i386.rpm                                      | 151 kB     00:01
(36/58): libical-0.48-1.el5.i386.rpm                                         | 202 kB     00:01
(37/58): php53-mapi-7.0.6-1.el5.i386.rpm                                     | 217 kB     00:02
(38/58): firebird-libfbclient-2.1.4.18393.0-1.el5.i386.rpm                   | 295 kB     00:02
(39/58): imake-1.0.2-3.i386.rpm                                              | 319 kB     00:02
(40/58): automake-1.9.6-2.3.el5.noarch.rpm                                   | 476 kB     00:03
(41/58): libxslt-1.1.17-2.el5_2.2.i386.rpm                                   | 485 kB     00:04
(42/58): lm_sensors-2.10.7-9.el5.i386.rpm                                    | 511 kB     00:04
(43/58): libc-client-2004g-2.2.1.i386.rpm                                    | 516 kB     00:04
(44/58): unixODBC-libs-2.2.11-10.el5.i386.rpm                                | 551 kB     00:04
(45/58): php53-devel-5.3.3-7.el5_8.i386.rpm                                  | 591 kB     00:05
(46/58): php53-common-5.3.3-7.el5_8.i386.rpm                                 | 604 kB     00:04
(47/58): autoconf-2.59-12.noarch.rpm                                         | 647 kB     00:05
(48/58): net-snmp-5.3.2.2-17.el5.i386.rpm                                    | 703 kB     00:06
(49/58): recode-3.6-24.el5.i386.rpm                                          | 838 kB     00:07
(50/58): libmapi-7.0.6-1.el5.i386.rpm                                        | 886 kB     00:07
(51/58): libvmime-0.9.2-0.1.20110626svn.el5.i386.rpm                         | 887 kB     00:07
(52/58): freetds-0.91-2.el5.i386.rpm                                         | 992 kB     00:08
(53/58): php53-mbstring-5.3.3-7.el5_8.i386.rpm                               | 1.2 MB     00:09
(54/58): zarafa-client-7.0.6-1.el5.i386.rpm                                  | 1.2 MB     00:11
(55/58): php53-5.3.3-7.el5_8.i386.rpm                                        | 1.3 MB     00:10
(56/58): net-snmp-libs-5.3.2.2-17.el5.i386.rpm                               | 1.3 MB     00:11
(57/58): php53-cli-5.3.3-7.el5_8.i386.rpm                                    | 2.5 MB     00:22
(58/58): libicu-3.6-5.16.1.i386.rpm                                          | 5.3 MB     00:47
----------------------------------------------------------------------------------------------------
Total                                                               114 kB/s |  24 MB     03:37
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : php53-common                                                                1/58
  Installing     : php53-pdo                                                                   2/58
  Installing     : libicu                                                                      3/58
  Installing     : boost141-system                                                             4/58
  Installing     : unixODBC-libs                                                               5/58
  Installing     : net-snmp-libs                                                               6/58
  Installing     : freetds                                                                     7/58
  Installing     : boost141-filesystem                                                         8/58
  Installing     : php53-cli                                                                   9/58
  Installing     : php53                                                                      10/58
  Installing     : php53-mbstring                                                             11/58
  Installing     : enchant                                                                    12/58
  Installing     : libc-client                                                                13/58
  Installing     : libxslt                                                                    14/58
  Installing     : libntlm                                                                    15/58
  Installing     : libgsasl                                                                   16/58
  Installing     : libvmime                                                                   17/58
  Installing     : libical                                                                    18/58
  Installing     : m4                                                                         19/58
  Installing     : lm_sensors                                                                 20/58
  Installing     : net-snmp                                                                   21/58
  Installing     : libtidy                                                                    22/58
  Installing     : libXpm                                                                     23/58
  Installing     : imake                                                                      24/58
  Installing     : distcache                                                                  25/58
  Installing     : mod_ssl                                                                    26/58
  Installing     : recode                                                                     27/58
  Installing     : autoconf                                                                   28/58
  Installing     : automake                                                                   29/58
  Installing     : firebird-filesystem                                                        30/58
  Installing     : zarafa-common                                                              31/58
  Installing     : firebird-libfbclient                                                       32/58
  Installing     : php53-interbase                                                            33/58
  Installing     : php53-recode                                                               34/58
  Installing     : php53-gd                                                                   35/58
  Installing     : php53-tidy                                                                 36/58
  Installing     : php53-snmp                                                                 37/58
  Installing     : php53-xml                                                                  38/58
  Installing     : php53-imap                                                                 39/58
  Installing     : php53-enchant                                                              40/58
  Installing     : php53-mssql                                                                41/58
  Installing     : php53-odbc                                                                 42/58
  Installing     : php53-intl                                                                 43/58
  Installing     : php53-pgsql                                                                44/58
  Installing     : php53-mysql                                                                45/58
  Installing     : php53-pspell                                                               46/58
  Installing     : php53-bcmath                                                               47/58
  Installing     : php53-mcrypt                                                               48/58
  Installing     : php53-ldap                                                                 49/58
  Installing     : php53-soap                                                                 50/58
  Installing     : php53-process                                                              51/58
  Installing     : php53-xmlrpc                                                               52/58
  Installing     : php53-dba                                                                  53/58
  Installing     : php53-devel                                                                54/58
  Installing     : php53-php-gettext                                                          55/58
  Installing     : libmapi                                                                    56/58
  Installing     : php53-mapi                                                                 57/58
  Installing     : zarafa-client                                                              58/58

Installed:
  php53.i386 0:5.3.3-7.el5_8                         php53-bcmath.i386 0:5.3.3-7.el5_8
  php53-cli.i386 0:5.3.3-7.el5_8                     php53-common.i386 0:5.3.3-7.el5_8
  php53-dba.i386 0:5.3.3-7.el5_8                     php53-devel.i386 0:5.3.3-7.el5_8
  php53-enchant.i386 0:5.3.3-1.el5                   php53-gd.i386 0:5.3.3-7.el5_8
  php53-imap.i386 0:5.3.3-7.el5_8                    php53-interbase.i386 0:5.3.3-1.el5
  php53-intl.i386 0:5.3.3-7.el5_8                    php53-ldap.i386 0:5.3.3-7.el5_8
  php53-mapi.i386 0:7.0.6-1.el5                      php53-mbstring.i386 0:5.3.3-7.el5_8
  php53-mcrypt.i386 0:5.3.3-1.el5                    php53-mssql.i386 0:5.3.3-1.el5
  php53-mysql.i386 0:5.3.3-7.el5_8                   php53-odbc.i386 0:5.3.3-7.el5_8
  php53-pdo.i386 0:5.3.3-7.el5_8                     php53-pgsql.i386 0:5.3.3-7.el5_8
  php53-php-gettext.noarch 0:1.0.11-3.el5            php53-process.i386 0:5.3.3-7.el5_8
  php53-pspell.i386 0:5.3.3-7.el5_8                  php53-recode.i386 0:5.3.3-1.el5
  php53-snmp.i386 0:5.3.3-7.el5_8                    php53-soap.i386 0:5.3.3-7.el5_8
  php53-tidy.i386 0:5.3.3-1.el5                      php53-xml.i386 0:5.3.3-7.el5_8
  php53-xmlrpc.i386 0:5.3.3-7.el5_8

Dependency Installed:
  autoconf.noarch 0:2.59-12                        automake.noarch 0:1.9.6-2.3.el5
  boost141-filesystem.i386 0:1.41.0-2.el5          boost141-system.i386 0:1.41.0-2.el5
  distcache.i386 0:1.4.5-14.1                      enchant.i386 1:1.4.2-4.el5.1
  firebird-filesystem.i386 0:2.1.4.18393.0-1.el5   firebird-libfbclient.i386 0:2.1.4.18393.0-1.el5
  freetds.i386 0:0.91-2.el5                        imake.i386 0:1.0.2-3
  libXpm.i386 0:3.5.5-3                            libc-client.i386 0:2004g-2.2.1
  libgsasl.i386 0:0.2.29-1.el5                     libical.i386 0:0.48-1.el5
  libicu.i386 0:3.6-5.16.1                         libmapi.i386 0:7.0.6-1.el5
  libntlm.i386 0:1.0-1.el5                         libtidy.i386 0:0.99.0-14.20070615.el5
  libvmime.i386 0:0.9.2-0.1.20110626svn.el5        libxslt.i386 0:1.1.17-2.el5_2.2
  lm_sensors.i386 0:2.10.7-9.el5                   m4.i386 0:1.4.5-3.el5.1
  mod_ssl.i386 1:2.2.3-63.el5.centos.1             net-snmp.i386 1:5.3.2.2-17.el5
  net-snmp-libs.i386 1:5.3.2.2-17.el5              recode.i386 0:3.6-24.el5
  unixODBC-libs.i386 0:2.2.11-10.el5               zarafa-client.i386 0:7.0.6-1.el5
  zarafa-common.i386 0:7.0.6-1.el5

Complete!

How to Configure Bind-Chroot Logging on CentOS 6.2

bindIn this post, i will show on how to turn on Bind DNS server logging in order to log all the dns queries on CentOS 6.2 linux server. Assumed that the bind9 chroot has been properly configured.

1. Create Soft link, symlink or symbolic link to /var/log :

[root@ns1 ~]# ln -sf /var/named/chroot/var/log/dns.log /var/log/dns.log
[root@ns1 ~]# ln -sf /var/named/chroot/var/log/dns_queries.log /var/log/dns_queries.log

2. Open named.conf :

[root@ns1 ~]# vim /var/named/chroot/etc/named.conf

3. Add the following bind logging script into named.conf :

..
..
logging {
        channel log_dns {
                file "/var/log/dns.log" versions 3 size 10m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel log_queries {
                file "/var/log/dns_queries.log" versions 3 size 20m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        category default {log_dns;};
        category queries {log_queries;};
        category lame-servers { null;};
        category edns-disabled { null; };
};
..
..

Full named.conf configuration :

options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 8.8.8.8; };
};
include "/etc/rndc.key";


logging {
        channel log_dns {
                file "/var/log/dns.log" versions 3 size 10m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        channel log_queries {
                file "/var/log/dns_queries.log" versions 3 size 20m;
                print-category yes;
                print-severity yes;
                print-time yes;
        };
        category default {log_dns;};
        category queries {log_queries;};
        category lame-servers { null;};
        category edns-disabled { null; };
};


// We are the master server for ehowstuff.local
 zone "ehowstuff.local" {
        type master;
        file "/var/named/ehowstuff.local";
        allow-transfer {192.168.1.54;};
        allow-update {none;};
};

4. To display last lines on dns_queries.log, simply execute the following command :

[root@ns1 ~]# tail -f /var/log/dns_queries.log

Examples logged dns queries :

02-Jun-2012 23:45:09.958 queries: info: client 192.168.1.52#64527: query: www.facebook.com IN A + (192.168.1.44)
02-Jun-2012 23:45:10.023 queries: info: client 192.168.1.52#55959: query: www.lqconsulting.com IN A + (192.168.1.44)
02-Jun-2012 23:45:10.047 queries: info: client 192.168.1.52#60625: query: digg.com IN A + (192.168.1.44)
02-Jun-2012 23:45:10.098 queries: info: client 192.168.1.52#51729: query: reddit.com IN A + (192.168.1.44)
02-Jun-2012 23:45:10.137 queries: info: client 192.168.1.52#58908: query: www.adroll.com IN A + (192.168.1.44)
02-Jun-2012 23:45:10.966 queries: info: client 192.168.1.52#49432: query: mail.google.com IN A + (192.168.1.44)
02-Jun-2012 23:45:11.077 queries: info: client 192.168.1.52#58493: query: alerts.conduit-services.com IN A + (192.168.1.44)
02-Jun-2012 23:45:13.781 queries: info: client 192.168.1.52#55403: query: plus.google.com IN A + (192.168.1.44)
02-Jun-2012 23:46:20.203 queries: info: client 192.168.1.52#54825: query: realtime.services.disqus.com IN A + (192.168.1.44)
02-Jun-2012 23:46:30.113 queries: info: client 192.168.1.52#52337: query: qq.disqus.com IN A + (192.168.1.44)

How to Add SPF Record in Bind DNS Zone on Linux

SPFIn order to prevent the Hotmail.com, Gmail.com, Yahoo.com and other top internet mail provider interpret all mails originate from your server to be spam and then placed it into junkmail folder, it is recommended to add SPF (Sender Policy Framework) in your zone file. The ISPs and email providers usually will check for SPF record pass to determine whether the mail originates from your IP. It is advised to configure SPF for your corporate domain to identify and reject forged addresses in the SMTP MAIL FROM (Return-Path), a typical nuisance in e-mail spam. The most important things is this can help to prevent spammers from abusing your domain. This steps has been tested on Bind DNS server that running on linux CentOS 6.2 server.

Steps to add SPF record in Bind DNS zone on Linux server :

1. Login to your Primary DNS server, and open a DNS zone record that contain mail exchanger record (MX record). In this case, MX record for ehowstuff.local domain is mail.ehowstuff.local. The configuration is in /var/named/chroot/var/named/ehowstuff.local.

[root@ns1 ~]# vim /var/named/chroot/var/named/ehowstuff.local
;
;       Addresses and other host information.
;
$TTL 14400
ehowstuff.local.        IN      SOA     ns1.ehowstuff.local.    admin.ehowstuff.local. (
                                        2012060201      ; Serial
                                        86400      ; Refresh
                                        7200       ; Retry
                                        3600000    ; Expire
                                        86400 )  ; Minimum

;A record for domain mapping domain to IP
ehowstuff.local.        IN      A       192.168.1.44

;Define the atleast 2 private nameservers
ehowstuff.local.        IN      NS      ns1.ehowstuff.local.
ehowstuff.local.        IN      NS      ns2.ehowstuff.local.

; Map 2 private nameservers to IP addressess using A record
ns1     IN      A       192.168.1.44
ns2     IN      A       192.168.1.54

; Specify subdomains if any using CNAME or alias.
www     IN      CNAME   ehowstuff.local.
ftp     IN      CNAME   ehowstuff.local.

; Mail exhanger and map it IP using A record.
ehowstuff.local.        IN      MX      10      mail.ehowstuff.local.

; SPF Record for MX.
ehowstuff.local.        IN      TXT     "v=spf1 a mx -all"

2. Restart named service :

[root@ns1 ~]# service named restart
Stopping named: .                                          [  OK  ]
Starting named:                                            [  OK  ]

3. You can manually check and test the Sender Policy Framework (SPF) record for a domain by using nslookup as follows:

  • On windows, Open Command prompt (Start -> Run -> cmd).
  • Type ‘nslookup’ and press enter.
  • Type ‘set type=txt’ and press enter (This will set the query type to TXT).
  • Type the domain that you would like to query (e.g. ehowstuff.local).
C:\>nslookup
*** Can't find server name for address 192.168.1.44: Non-existent domain
*** Default servers are not available
Default Server:  UnKnown
Address:  192.168.1.44

> set type=txt
> ehowstuff.local
Server:  UnKnown
Address:  192.168.1.44

ehowstuff.local text =

        "v=spf1 a mx -all"
ehowstuff.local nameserver = ns1.ehowstuff.local
ehowstuff.local nameserver = ns2.ehowstuff.local
ns1.ehowstuff.local     internet address = 192.168.1.44
ns2.ehowstuff.local     internet address = 192.168.1.54
>

On linux, run the following command :

[root@centos62 ~]# host -t txt ehowstuff.local
ehowstuff.local descriptive text "v=spf1 a mx -all"

How to Setup Private DNS With Bind9 Chroot on CentOS 6.2 VPS

dnsAssumed that you already buy two Virtual Private Server (VPS) but you dont want to point your nameservers on your hosting provider. To look more professional and stylish, you can run and have two private nameservers such as ns1.ehowstuff.local and ns2.ehowstuff.local. This post will show you the steps on how to setup and run your own Bind9 Chroot private nameservers on CentOS 6.2 VPS or dedicated server with atleast 2 IP addresses. To fit you requirement, please replace domain (ehowstuff.local) and ip addresses to your own domain and IPs.

ns1.ehowstuff.local : 192.168.1.44 (Master Private DNS server)
ns2.ehowstuff.local : 192.168.1.54 (Slave Private DNS server)

1. Install Bind Chroot DNS Server on both Primary and Slave server :

Master DNS Server

[root@ns1 ~]# yum install bind-chroot -y

Slave DNS server

[root@ns2 ~]# yum install bind-chroot -y


Master DNS Server



2. Login to Primary DNS server (ns1), and create a file /var/named/chroot/var/named/ehowstuff.local with the following configuration:

[root@ns1 ~]# vim /var/named/chroot/var/named/ehowstuff.local
;
;       Addresses and other host information.
;
$TTL 14400
ehowstuff.local.        IN      SOA     ns1.ehowstuff.local.    admin.ehowstuff.local. (
                                        2012060201      ; Serial
                                        86400      ; Refresh
                                        7200       ; Retry
                                        3600000    ; Expire
                                        86400 )  ; Minimum

;A record for domain mapping domain to IP
ehowstuff.local.        IN      A       192.168.1.44

;Define the atleast 2 private nameservers
ehowstuff.local.        IN      NS      ns1.ehowstuff.local.
ehowstuff.local.        IN      NS      ns2.ehowstuff.local.

; Map 2 private nameservers to IP addressess using A record
ns1     IN      A       192.168.1.44
ns2     IN      A       192.168.1.54

; Specify subdomains if any using CNAME or alias.
www     IN      CNAME   ehowstuff.local.
ftp     IN      CNAME   ehowstuff.local.

; Mail exhanger and map it IP using A record.
ehowstuff.local.        IN      MX      10      mail.ehowstuff.local.

3. Still on ns1, please generate an RNDC key :
The rndc tool is used to managed the named daemon. We need to generate a keyfile called /etc/rndc.key which is referenced both by /etc/rndc.conf and /etc/named.conf To do this we use the following command;

[root@ns1 ~]# rndc-confgen -a -c /etc/rndc.key
wrote key file "/etc/rndc.key"

View the content of the RNDC key :

[root@ns1 ~]# cat /etc/rndc.key
key "rndc-key" {
        algorithm hmac-md5;
        secret "T6tduqyMQ/YbIDXOmE0Fzg==";
};

4. on ns1, edit the /var/named/chroot/etc/named.conf file for ehowstuff.local

[root@ns1 ~]# vi /var/named/chroot/etc/named.conf
options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 8.8.8.8; };
};
include "/etc/rndc.key";
// We are the master server for ehowstuff.local

zone "ehowstuff.local" {
        type master;
        file "/var/named/ehowstuff.local";
        allow-transfer {192.168.1.54;};
        allow-update {none;};
};

5. Start the DNS service using the following command :

[root@ns1 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

6. Make named daemon auto start during boot :

[root@ns1 ~]# chkconfig named on


Slave DNS Server



7. Making slave DNS server can be so easy. Login to the other DNS server(ns2) and open the named.conf file. You need not create any file as the slave will automatically download the master zone information through zone transfer. After sometime, you can view the zone file. :

[root@ns2 ~]# vi /var/named/chroot/etc/named.conf
zone "ehowstuff.local" {
type slave;
file "/var/named/slaves/ehowstuff.local";
masters {192.168.1.44;};
};

Note: Bind will not allow you to run master and slave on same server, even-though you have 2 IP addresses

8. Start the DNS service using the following command :

[root@ns2 ~]# /etc/init.d/named start
Starting named:                                            [  OK  ]

9. Make named daemon auto start during boot :

[root@ns2 ~]# chkconfig named on

10. Before testing, make sure your pc or server using the Bind Chroot DNS Server that has been set up :

[root@ns1 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44
nameserver 192.168.1.54
[root@ns2 ~]# cat /etc/resolv.conf
nameserver 192.168.1.44
nameserver 192.168.1.54

11. Test your DNS service :

Test from Master DNS server (ns1)

[root@ns1 ~]# dig ehowstuff.local

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> ehowstuff.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25783
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;ehowstuff.local.               IN      A

;; ANSWER SECTION:
ehowstuff.local.        14400   IN      A       192.168.1.44

;; AUTHORITY SECTION:
ehowstuff.local.        14400   IN      NS      ns1.ehowstuff.local.
ehowstuff.local.        14400   IN      NS      ns2.ehowstuff.local.

;; ADDITIONAL SECTION:
ns1.ehowstuff.local.    14400   IN      A       192.168.1.44
ns2.ehowstuff.local.    14400   IN      A       192.168.1.54

;; Query time: 0 msec
;; SERVER: 192.168.1.44#53(192.168.1.44)
;; WHEN: Sat Jun  2 14:46:46 2012
;; MSG SIZE  rcvd: 117
[root@ns1 ~]# host -t mx ehowstuff.local
ehowstuff.local mail is handled by 10 mail.ehowstuff.local.
[root@ns1 ~]# host -t ns ehowstuff.local
ehowstuff.local name server ns2.ehowstuff.local.
ehowstuff.local name server ns1.ehowstuff.local.

Test from Slave DNS server (ns2)

[root@ns2 ~]# dig ehowstuff.local

; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> ehowstuff.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11526
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;ehowstuff.local.               IN      A

;; ANSWER SECTION:
ehowstuff.local.        14400   IN      A       192.168.1.44

;; AUTHORITY SECTION:
ehowstuff.local.        14400   IN      NS      ns2.ehowstuff.local.
ehowstuff.local.        14400   IN      NS      ns1.ehowstuff.local.

;; ADDITIONAL SECTION:
ns1.ehowstuff.local.    14400   IN      A       192.168.1.44
ns2.ehowstuff.local.    14400   IN      A       192.168.1.54

;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat Jun  2 15:26:19 2012
;; MSG SIZE  rcvd: 117
[root@ns2 ~]# host -t mx ehowstuff.local
ehowstuff.local mail is handled by 10 mail.ehowstuff.local.
[root@ns2 ~]# host -t ns ehowstuff.local
ehowstuff.local name server ns2.ehowstuff.local.
ehowstuff.local name server ns1.ehowstuff.local.