Kolab
Kolab
Kolab is a free software groupware solution. From version 2.0 on it allows full seamless support of mixed clients environments (Outlook/KDE/Web).
The following functionality is provided by; emailserver, spam and virus filtering, webinterface. Kolab supports secure protocals as; imaps, https, smtps, https, etc.
The web interface can be used to add, modify and remove users, domains, distributions list, shared folders, among other things. The groupware functionality seem to be working.
The procedure in this article was written and tested with version suse_x86-10.1 Whilst there is no guarantee, it should be applicable to later versions. If you find this to be incorrect, please help to update this article. |
Below is a list of packages that make up the kolab groupware server on suse:
From kolab: ----------- kolab kolab-webadmin kolab-resource-handlers perl-kolab From postfix ------------- (hopefully the patch requiring this package to be rebuild is included upstream 1 day) postfix-kolab-postgresql-2.2.5-6.kolab.0.i586.rpm postfix-debuginfo-2.2.5-6.kolab.0.i586.rpm postfix-mysql-2.2.5-6.kolab.0.i586.rpm postfix-2.2.5-6.kolab.0.i586.rpm From cyrus: ------------ (hopefully the patch requiring this package to be rebuild is included upstream 1 day) cyrus-imapd-2.2.12-14.kolab.0.i586.rpm cyrus-imapd-devel-2.2.12-14.kolab.0.i586.rpm cyrus-imapd-debuginfo-2.2.12-14.kolab.0.i586.rpm perl-Cyrus-SIEVE-managesieve-2.2.12-14.kolab.0.i586.rpm perl-Cyrus-IMAP-2.2.12-14.kolab.0.i586.rpm From misc projects: -------------------- perl-Mail-IMAPClient-2.2.9-0.kolab.0.i586.rpm perl-Mail-Box-2.063-0.kolab.0.i586.rpm php4-pear-Auth-SASL-1.0.1-0.kolab.0.noarch.rpm php4-pear-Net-IMAP-1.0.3-0.kolab.0.noarch.rpm php4-pear-Net-LMTP-1.0.1-0.kolab.0.noarch.rpm php4-pear-Net-SMTP-1.2.7-0.kolab.0.noarch.rpm php4-pear-Net-Socket-1.0.6-0.kolab.0.noarch.rpm php4-smarty-2.6.11-0.kolab.0.i586.rpm
All these packages have been build and provided by Marcus Hüwe and are available from:
http://repos.opensuse.org/server:/Kolab/SL-10.0/
http://repos.opensuse.org/server:/Kolab/SL-10.1/
older Packages can be found here: http://ftp.gwdg.de/pub/linux/misc/kolab
These packages are based on code from cvs. This code has just been released as beta2 on 19 June 2006. As such the code is more or less stable, but it may still have bugs.
After a fresh install of suse-10.1, the following packages are needed for kolab:
/etc/apt # apt -y install kolab Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: amavisd-new apache2 apache2-mod_php5 apache2-prefork apache2-worker clamav cyrus-imapd db-utils horde imap-lib kolab-resource-handlers kolab-webadmin latex2html-pngicons lha libapr-util1 libapr1 libmcrypt mm openldap2 perl-Archive-Tar perl-Archive-Zip perl-BerkeleyDB perl-Compress-Zlib perl-Convert-ASN1 perl-Convert-TNEF perl-Convert-UUlib perl-Cyrus-IMAP perl-Cyrus-SIEVE-managesieve perl-Digest-HMAC perl-IO-stringy perl-MIME-Types perl-MIME-tools perl-Mail-Box perl-Mail-IMAPClient perl-MailTools perl-Net-DNS perl-Net-IP perl-Net-Netmask perl-Net-Server perl-Unix-Syslog perl-XML-NamespaceSupport perl-XML-SAX perl-kolab perl-ldap perl-ldap-ssl perl-spamassassin php5 php5-dba php5-dom php5-gettext php5-imap php5-ldap php5-mcrypt php5-pear php5-pear-Net-IMAP php5-pear-Net-LMTP php5-pear-Net-SMTP php5-pear-Net-Socket php5-pear-auth_sasl php5-pear-date php5-pear-db php5-pear-file php5-pear-log php5-pear-mail php5-pear-mail_mime php5-smarty php5-zlib postfix sharutils spamassassin unace unarj zoo
Installation
Install those packages on a test system only |
The packages can be installed with yast, yum, smart or with apt. A simpel 'apt install kolab' is sufficient to obtain all above listed packages ;) Add the apt component kolab to the file sources.list in /etc/apt.
Once installed one need to go to /usr/share/kolab/scripts and run ./kolab_bootstrap -b, which should be sufficient to get it all running.
In short the following steps are required to get kolab running:
- Edit the file /etc/sysconfig/apache2 and add the following apache2 modules to the APACHE_MODULES variable:
- for 10.0:
"ldap auth_ldap dav dav_fs rewrite"
- for 10.1:
"ldap authnz_ldap dav dav_fs rewrite"
- Also add the flag "SSL" to the APACHE_SERVER_FLAGS variable in /etc/sysconfig/apache2 file
- Set OPENLDAP_START_LDAPS to "yes" in the file /etc/sysconfig/openldap or use yast2 to configure it. Yast2 -> System -> Editor for /etc/sysconfig files -> Network -> LDAP, find the right variable and set it to "yes".
- If freshclam is installed as dependency of kolab, the ownership of the freshclam log file is wrong. The file must be owned by vscan. In case the ownership is not correct (please check), it can be corrected with the following command:
touch /var/log/freshclam.log chown vscan /var/log/freshclam.log
- Make sure that you run freshclam before you start the clamd-daemon, otherwise it'll complain during the next step
freshclam
- Run /usr/share/kolab/scripts/kolab_bootstrap -b
- Run kolabsrv rc all start as stated by kolab_bootstrap -b
- Go to the kolab admin webpage (url is shown by kolab_bootstrap) and create a user.
- Now you should have the domain in the cyrus directory /var/spool/imap/domain and it should be possible to sent an email to that user, with:
echo $(date) | mailx -s test <newuser>@domain.tld
- Interesting logfiles can be found in /var/log, being: mail, messages, mail.warn, etc
- For more verbose logs increase the loglevel from 2 to 4 in /etc/kolab/kolab.globals
If kolab seems to work, it is now possible to activate all services during system startup:
After this you can enable the involved using yast:
yast -> system -> runlevel editor: enable the service kolabd.
This will activate many other services as dependencies as well.
Postfix23
It's possible to use postfix 2.3 instead of postfix 2.2.X:
- Install the postfix23-kolab package
- Edit the /etc/kolab/templates/master.cf.template file:
replace "flags=n" with "null_sender="
- If you already configured kolab you have to run "kolabconf -n" and rcpostfix restart. If you haven't configured Kolab yet you can start here.
Groupware testing
- Open a browser and point it to:
- https://servername/kolab/freebusy/user@domain.tld.ifb
- https://servername/kolab/freebusy/user@domain.tld.xfb
- https://servername/kolab/freebusy/trigger/user@domain.tld.pfb
All of these urls should show you ical formatted data.
In the urls above user@domain.tld is a user you have created with the kolab web admin interface before.
Package upgrading
- After upgrading kolab packages, it can happen that an ldap error is reported for the freebusy urls mentioned in the Groupware testing section. This can be resolved by running kolabconf -n as root with all kolab related services active. The latter can be checked by running kolabsrv rc all status.
Backups
During kolab_bootstrap many config files are written to disk. Some of these will overwrite your config files. The config files to be created during kolab_bootstrap, can be determined with:
/etc/kolab/templates # sed -n 's/^.*TARGET=//p' * For example: /etc/amavisd.conf /etc/clamd.conf /etc/cyrus.conf /etc/freshclam.conf /etc/imapd.conf /etc/kolab/kolab_smtpdpolicy.conf /etc/openldap/ldap.conf /etc/postfix/ldapdistlist.cf /etc/postfix/ldaptransport.cf
The original config files are saved (backed up) to /var/adm/backup/kolab/kolab_backup-orig.tar.bz2 during the first execution of kolab_bootstrap.
Please, let us know if things can be improved. This can be done on the talk page of the wiki page, and on the kolab-devel (at) kolab (dot) org emaillist. In case you use the talk page, inform the packagers with an email to the before mentioned emaillist. Include in the email that it concerns kolab on suse.
Client Configuration
The client configuration is described in kolab server 2 and kde client configuration
Troubleshooting
Postfix doesn't start
If Postfix doesn't start correctly have a look into the /var/log/mail file.
/var/log/mail postfix/postfix-script: starting the Postfix mail system postfix/master[numbers]: fatal: bind: public/post-cleanup: Operation not permitted
For 10.1: stop rcapparmor (or add "flags=(complain) to the postfix-profiles) as it prevents postfix to run succesfully:
rcapparmor stop
Disable apparmor permanently using yast:
yast2 -> System -> System service (runlevel) -> export mode -> disable boot.apparmor
Or from the command line:
chkconfig -d boot.apparmor (to disable the service) chkconfig -s boot.apparmor (to enable the service)
Horde
Horde is a framework to provide web interfaces to all kind of services, like; email, email filtering, agenda, etc. Horde is database driven, but horde does not care which database is being used. In this howto it is assumed that mysql is used as database backend.
Mysql database preparation for horde
Make sure that the following packages have been installed on the system: mysql and php5-mysql.
The easiest way to set up the database is the following:
Change to directory /srv/www/htdocs/horde/scripts/sql:
cd /srv/www/htdocs/horde/scripts/sql
Edit the file create.mysql.sql with your preferred editor and go to line 28:
-- IMPORTANT: Change this password! PASSWORD('horde')
Here you can set your password for the db user. After you configured the password you can create/import the new database:
mysql -u root < create.mysql.sql
or when your mysql root user has a mysql password assigned use:
mysql -u root -p < create.mysql.sql
Ldap configuration for horde
Make the horde.schema available for openldap:
# cd /etc/openldap/schema # ln -s /srv/www/htdocs/horde/scripts/ldap/horde.schema .
Add the following line to /etc/kolab/templates/slapd.conf.template (just below the other lines with the include statement):
include /etc/openldap/schema/horde.schema
Process the slapd.conf template and make it known to openldap:
kolabconf -n
Restart ldap:
rcldap restart
Configuring horde
The following is taken from the kolab wiki about horde. Refer to that page for more information.
Please note: finish all mentioned configurations listed below before you hit the generate horde configuration button!
- Go the url http://system.domain.tld/horde/, select set from the menu.
- In the Database tab, select the database that you are using in the top select box. You must also set the password field to whatever you specified for the horde user when setting up the database.
- In the Authentication tab, select Kolab authentication as the authentication backend. You will also need to specify a Kolab account in the administrators field. It is recommended that you create a Kolab account such as horde-admin@yourdomain.tld for this purpose. (In kolab: make the horde-admin@yourdomain.tld user an internal user, so it is not visible in kolab's addressbook).
- In the Preference System tab, select Kolab (LDAP) as the preferences driver.
- In the DataTree System tab, select SQL Database as the DataTree backend storage. Make sure the Driver configuration is also set to Horde defaults.
- In the Mailer tab, select Use a SMTP server as the method for sending mail. Set The port to connect to to 465 and SMTP authentication to Best available authenticaton (that should use the user credentials to contact the smtp server).
- Finally, in the Kolab Groupware Server tab, change the Horde/Kolab integration status field to enabled and set each field in the resulting screen to the values pertaining to your specific kolab installation. The most important of these correspond to those in your /etc/kolab/kolab.conf file. The smtp part can be skipped as it looks like, it is not used in the horde.
- Only now you may hit the generate horde configuration button.
In case of errors restore the previous configuration file:
# cd /srv/www/htdocs/horde/config/ # cp conf.php.bak conf.php
In case of the following error (or similar):
[DBError: extension not found] ** Array [on line 1616 of "/usr/share/horde3/lib/Horde/DataTree/sql.php"
A root cause for that error is not known, but here are some tips that may help:
Perhaps the session needs to time out, there for leave the configuration file untouched for sometime. Stop your browser, be sure there is no other instance of the browser running at all. Even better use a different browser or if possible use the same or a different browser on a different system....
Login url
The url to login directly is:
http://<domain>/horde/scripts/get_login.php?user=<user>@<domain.tld>&pass=<your_password>&new_lang=en_US
As you can see from the url, the password is visible in this case and as such using this url should be considered a security risk.
Ingo
Ingo is a web interface to configure server based (sieve) email filters.
Install the following package: ingo.
Install the ingo configuration file:
cd /srv/www/htdocs/horde/ingo/config # backup the backends.php file mv backends.php backends.php.old ln -s backends.php.kolab backends.php
Now log into the horde-administration interface and choose ingo from the from the applications-list. The default settings are sufficient. Hit the Generate filters configuration button to finish the configuration.
IMP
IMP is the Internet Messaging Program (webmail client).
Install the following package: IMP.
Install the imp configuration file:
cd /srv/www/htdocs/horde/imp/config # backup the servers.php file mv servers.php servers.php.old ln -s servers.php.kolab servers.php
Now log into the horde-administration interface and choose imp from the from the applications-list. The default settings are sufficient. Hit the "Generate Mail configuration" button to finish the configration.
Mimp
Mimp is a project to create a version of IMP suitable for mobile devices such as WAP phones or PDAs.
Install the following package: mimp.
Install the imp configuration file:
cd /srv/www/htdocs/horde/mimp/config # backup the servers.php file mv servers.php servers.php.old ln -s servers.php.kolab servers.php
Now log into the horde-administration interface and choose mimp from the from the applications-list. The default settings are sufficient. Hit the Generate Mobil Mail Configuration button to finish the configration.
After this the mobile email webpages can be accessed at:
http://domain.tld/horde/mimp/
Kronolith
Kronolith is the Horde calendar/organizer application.
Install the following package: kronolith
For configuring kronolith just login as a administrator and choose kronolith from the applications-list.
- What storage driver should we use? <Select Kolab here>
- What free/busy driver should we use? <Select here Kolab as well>
- Server name from which reminder emails should be sent: <Enter your server name, mostly localhost is sufficient>
- Email address from which reminder emails should be sent: <Just enter a valid email address>
Now hit the Generate Calender Configuration button. That's all.
Turba
Turba is the Horde contact management application.
Install the following package: turba.
Install the turba configuration file:
cd /srv/www/htdocs/horde/turba/config # backup the sources.php file mv sources.php sources.php.old ln -s sources.php.kolab sources.php
Now log into the horde-administration interface and choose turba from the from the applications-list. The default settings are sufficient. Hit the Generate Address Book Configuration button to finish the configration.
Nag
Nag is the Horde task list application.
Install the following package: Nag.
For configuring mnemo just login as a administrator and choose mnemo from the applications-list.
* What storage driver should we use? <Select Kolab from the list>
Hit the Generate Tasks Configuration to finish the configuration.
Mnemo
Mnemo is the Horde notes and memos application.
Install the following package: Mnemo.
For configuring mnemo just login as a administrator and choose mnemo from the applications-list.
* What storage driver should we use? <Select Kolab from the list>
Hit the Generate Notes Configuration to finish the configuration.
Things to do
- Get the webinterface for the user to access email and free busy information up and running.
Let us know if something in this area can be improved.
Some facts
Normally kolab is installed using packages build with openpkg. The user needs to download just under 200MB of source rpms. These have to be build requiring about 850MB of disk space and quite some time on a not so modern system. On suse one now only needs to download 12 MB of binary rpms, which are installed in just a second even on this not so modern system! Of those 12 MB, 10 MB is needed for 2 patched rpms that are normally provided by suse. These 2 rpms are cyrus-imapd and postfix that count for respectively 8.5 MB and 1.5 MB. The patches have been sent upstream but the respective projects are slow to include them. Imagine if those patches would be part of the projects and as such just be part of suse. Only 12 MB (2 in the future?) is needed for kolab on suse, while using openpkg just under 200MB has to be downloaded!