Debian-Sourceforge Installer's Guide for Newbies
By
William Heath
Email:
Table of Contents
My name is William Grayson Heath and I have been extremely impressed with the Debian Linux distribution as well as debian sourceforge. I have studied other linux distributions and no other has impressed me as much as Debian. Now I know some people will read this and go you probably don't have lots of experience with linux and you would be absolutely right! Life is a learning process and I hope to continue to increase my knoweldge of linux so that I someday may be able to talk more intelligently on it but in the writing of this document I would say I am still a newbie. However I took careful notes with how to install debian sourceforge and want to share my experience with those who would like to learn from it. sf 3.1 costs alot - EUR 110000 for mimimum 20 user licences + EUR 22000/year maintanance. 1000 Euro /user/year. HP (http:). The US airforce is using debian sourcefo
rge. At the writing of this document 2.6-0.13 of debian sourceforge is out
I am a software developer for Fedex and installed debian sourceforge after writing a couple of papers on extreme programming and the hacker/opensource approach. I had an account on sourceforge.net and was very impressed with the amazing amount of things I could do that were automatic and the collaboration/learning opportunities that the many projects hosted there offered. After finishing my Masters in Computer Science I begain my Masters of Business and Administration and through conversations in class decided that an interesting experiement would be to host an instance of sourceforge on a PC in my cube to allow other developers to expose their code and ideas. I also installed twiki and dancer-ircd (an irc chat server). With the generous help of a system administrator, he allowed me to have a static ip and a delegated domain. That was the second miracle. The first miracle was
that I was able to create a working debian sourceforge instance in a weekend, with the generous help of chris38 (Christian Bayle) on #Debian-sf on . When I say working, I was able to run it on my PC. Without the delegated domain and static IP I could not do things from other PC's etc... I will first describe what I did to get just a simple standalone debian-sourceforge instance up and running. Secondly I will describe what I had to do to get that debian-sourceforge instance to work after I received the static IP and delegated domain.
Because this is a document for newbies I will explain what I had to do to install debian initially. I used debian woody CD's. I used partition magic as I already had an instance of windows NT on my pc and I wanted to keep that. I used partition magic to shrink the ntfs partition and create about a 1 gig linux ext2 partition and 300 megabyte swap partition. I know your probably saying to yourself, why didn't you use free software for this? Well I know that Debian uses parted but the disk I thought I put parted on wasn't working so I just used partition magic because I was in a hurry. I then just reboot my computer and put the first debian woody cd in. It booted up and begain to install debian. It found the linux partitions I setup and I used a boot floppy to cause debian to come up as I still need to learn lilo better. I told debian to use dhcp for dymanic ip
addressing. Thankfully debian found my network card and was able to get onto the Fedex network. I then ran apt-setup and chose an http host and I also gave it my proxy information: :3128. I also chose gnome for a desktop. I then ran apt-get update. I also had to configure my monitor and video card for xwindows so I ran xf86config. A small aside, I couldn't get my xwindows to work initially so it came up with a weird instance of xwindows that use keys for a mouse. It also came up with graphical xwindows configuration tool called xconfigurator. You can actually do everything in this xwindows environment, it was quite amazing to me, I was happy however when I was able to use my mouse and get into a regular xwindows environment. Now comes the actual steps to get debian-sourceforge. After installing the http deb file sources I went to /etc/apt/sources.list and commented out the cdrom entries.
The entry I put into my etc/apt/sources.list to be able to get the debian-sourceforge deb file is a listed in bold. A listing of my sources.list:
#deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-1 (20020718)]
/ unstable contrib main non-US/contrib non-US/main
# deb http://security.debian.org/ stable/updates main contrib non-free
deb ftp://ftp.fr.debian.org/debian sid main contrib non-free
deb ftp://non-us.debian.org/debian-non-US sid/non-US main contrib non-free
deb http://lyre.mit.edu/debian/ stable main non-free contrib
deb-src http://lyre.mit.edu/debian/ stable main non-free contrib
deb http://christian.bayle.free.fr/debian binary-i386/
deb-src http://christian.bayle.free.fr/debian source/
Just keep trying one until it works I guess. Then do:
apt-get install sourceforge ( just for dependencies)
wget
dpkg -i sourceforge_2.5-33_all.deb
This will get many a debian package and then it will start asking you questions. I will give you the questions and answers I gave. I will not document all questions that were asked just the hard ones.
Ldap server: 127.0.0.1
Distinguished: dc=wgheath, dc=rmtc, dc=fedex, dc=com
LDAP Database Login: yes
libass-ldap config file: no
unprivelaged database user: cn=proxyuser, dc=wgheath, dc=rmtc, dc=fedex, dc=com
make local database domain: yes
Configuring Libparm ldap: Database request login: no
Configuring Libparm login account: cn=manager, cn=wgheath, dc=rmtc, dc=fedex, dc=com
localcrypt: crypt
directory initialization method: auto
directory suffix style: domain or host
domain name:
replicate ldap: no
SF domain or subdomain:
your ip address: (ip from ifconfig)
SF admin mail addresses:
LDAP Host:
LDAP Base DN: dc=wgheath, dc=rmtc, dc=fedex, dc=com
Let sourceforge modify: yes
Enter default encoding: (SQL_ASCII) (just press enter)
Add extention gd.so: yes
Add extention ldap.so: yes
yes to all extentions to php5
Run the apache config script now: yes
save these changes to the configuration files: yes
Restart apache now: yes
Merge changes to /etc/proftpd.conf now: yes
It was at this point that I received an error with exim.
Eximis a mail transfer agent (MTA).
Commands to test exim setup are:
exim -bp ( tells what is in the pending mail queue)
exim -v -bt wght ( Tests a local email address)
exim -v -bt ( Tests a remote address)
To correct this error I ran: eximconfig
Select 1-5: 2
Visible email name of system:
smarthost:
I then ran apt-get install sourceforge again
It said I had an error with apache: apache could not find fully qualified domain name
Other helpful commands:
/usr/lib/sourceforge/bin/install-exim.sh purge
/usr/lib/sourceforge/bin/install-exim.sh
I added the following line in /etc/apache/httpd.conf
AddServername
I also had to make an ssl certification:
mod-ssl-makecert
choose 3 custom
encrypt is no
Added to the very top of /etc/hosts:
127.0.0.1 wgheath.rmtc.fedex.com wgheath
Added to the very top of /etc/resolv.conf:
nameserver 127.0.0.1
In the proxy server configuration area I said no proxy for server .
You can tell that ldap has been setup correctly by typing:
wgheath:/etc/apt# /usr/lib/sourceforge/bin/install-ldap.sh test
sf_ldap_base_dn = 'dc=wgheath,dc=rmtc,dc=fedex,dc=com'
sf_ldap_admin_dn = 'cn=admin,dc=wgheath,dc=rmtc,dc=fedex,dc=com'
sf_ldap_bind_dn = 'cn=SF_robot,dc=wgheath,dc=rmtc,dc=fedex,dc=com'
sf_ldap_passwd = 'password'
sf_cryptedpasswd = '{CRYPT}iG/gLlKAsXhjY'
sf_ldap_host = 'wgheath.rmtc.fedex.com'
ldap_passwd = 'password'
cryptedpasswd = '{CRYPT}arclCK7CaZ35k'
do_config = 'true'
ldap_suffix = 'dc=wgheath,dc=rmtc,dc=fedex,dc=com'
tmpfile_pattern = '/tmp/install-ldap.sh.XXXXXX'
You can also tell that ldap is configured correctly by doing the following:
wgheath:/var/lib/sourceforge/chroot/home/users# ls -l
total 12
drwxr-xr-x 4 jmmcnabb jmmcnabb 4096 Oct 3 11:14 jmmcnabb
drwxr-xr-x 4 test2 test2 4096 Sep 30 14:06 test2
drwxr-xr-x 5 wgheath wgheath 4096 Oct 4 11:17 wgheath
if you see 20001 where wgheath is then something is wrong with ldap.
Other helpful commands are:
dpkg-reconfigure slapd
The steps that must be taken after static ip and delegated domain are given are:
Static IP configuration can be a little tricky. The goal is to bind your server to a static IP, where before it was bound to a dynamic IP address through DHCP. I had problems with this and I need to switch back and forth until it worked. The way I did thais is as follows:
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8)
# The loopback interface
auto lo
iface lo inet loopback
# The first network card - this entry was created during the Debian installation
auto eth0
#iface eth0 inet dhcp
iface eth0 inet static
address 199.81.57.27
netmask 255.255.255.0
gateway 199.81.57.1
If things don't work all that needs to be done is to comment all lines below #iface eth0 inet dhcp and uncomment ifcace eth0 inet dhcp
You must then restart the network service with the following command:
/etc/init.d/networking restart
Now if you do ifconfig you would see something like this:
wgheath:/etc/bind# ifconfig
eth0 Link encap:Ethernet HWaddr 00:50:04:72:BA:BC
inet addr:199.81.57.27 Bcast:199.81.57.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16451837 errors:1 dropped:0 overruns:287 frame:1
TX packets:98249 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1617982812 (1.5 GiB) TX bytes:34470984 (32.8 MiB)
Interrupt:11 Base address:0x1080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:3924 Metric:1
RX packets:374993 errors:0 dropped:0 overruns:0 frame:0
TX packets:374993 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:36818313 (35.1 MiB) TX bytes:36818313 (35.1 MiB)
But now the problem becomes this:
nslookup
You will still get 127.0.0.1. You must reconfigure DNS for this to work right.
Change /etc/hosts to look like this:
199.81.57.27 wgheath.rmtc.fedex.com wgheath
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
# (added automatically by netbase upgrade)
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
Change resolv.conf to look like this:
search rmtc.fedex.com
nameserver 199.81.103.11
nameserver 199.81.103.10
nameserver 146.18.36.201
You need to run:
/usr/lib/sourceforge/bin/install-dns.sh purge
/etc/init.d/bind9 stop
Then check that no named process are running with:
ps -ef|grep named (kill any that you see)
/etc/init.d/bind9 start
There are certain sourceforge configuration files that will show that things are working correctly. Such a file would be /etc/bind/named.conf:
// Next line inserted by Sourceforge install
zone "wgheath.rmtc.fedex.com" { type master; file "/var/lib/sourceforge/bind/dns
.zone"; };
And the file /var/lib/sourceforge/bind/dns.zone:
mail1 IN A 199.81.57.27
users IN A 199.81.57.27
lists IN A 199.81.57.27
download IN A 199.81.57.27
upload IN A 199.81.57.27
images IN A 199.81.57.27
webdev IN A 199.81.57.27
; *** From here out is auto-generated ***
testproject IN A 199.81.57.27
cvs.testproject IN CNAME cvs.wgheath.rmtc.fedex.com.
strutsxdoc IN A 199.81.57.27
cvs.strutsxdoc IN CNAME cvs.wgheath.rmtc.fedex.com.
snmpfarmer IN A 199.81.57.27
cvs.snmpfarmer IN CNAME cvs.wgheath.rmtc.fedex.com.
blendpythnsokts IN A 199.81.57.27
cvs.blendpythnsokts IN CNAME cvs.wgheath.rmtc.fedex.com.
Something interesting occurred that I had to do to allow for ssh clients to connect:
I had to bounce the sshd.
In order to get mailing lists to work correctly I did the following:
Added line in /var/lib/sourceforge/bind/dns.zone
;NS
@ IN NS wgheath.rmtc.fedex.com.
@ IN MX 10 mail
@ IN MX 20 smtp.rmtc.fedex.com
@ IN A 199.81.57.27
I also added the bolded line above in dns.head.
I then ran /usr/lib/sourceforge/bin/dns_conf.pl
I also ran /var/lib/sourceforge/bin/install-exim.sh purge
then ran /var/lib/sourceforge/bin/install-exim.sh configure
I then restarted bind and checked for name process etc... as specified under DNS Reconfiguration with Static IP and Delegate Domain above.
I still ran into unresolved host when I did nslookup so I went through the following procedures to fix this:
I checked that sourceforge was in /etc/bind/named.conf
It wasn't so I:
/usr/lib/sourceforge/bin/install-dns.sh purge
/usr/lib/sourceforge/bin/install-dns.sh configure
/usr/lib/sourceforge/bin/install-dns.sh default
Restarted the bind9 process as specified above.
Did nslookup localhost
Did nslookup 127.0.0.1
ran /usr/lib/sourceforge/bin/dns.conf.pl
checked /var/lib/sourceforge/bind/dns.zone
I then started to query each nameserver to see what the entry was on that name server:
nslookup 199.81.103.11
nslookup 199.81.103.10
nslookup 146.18.36.201
I kept seeing the old ip address because my system administrator had made a dns entry with my dhcp ip address and the nameservers had not updated yet. I went to my system administrator and asked him what to do to solve this problem. He then used dig to find the problem. Dig is a DNS query tool. He did the following commands with dig:
dig +search wgheath (Gave the old ip address because it looked locally as he was running dig on the nameserver)
dig @wgheath +search wgheath (This called dig to look at the wgheath server for name resolution)
dig @199.81.57.27 +search wgheath any (This called dig to look at the wgheath server for name resolution and to list all entries with 199.81.57.27)
He could then see that the cached value on the nameserver was not correct. The nameserver would check and refresh itself in
604800 seconds which is an entry in /var/lib/sourceforge/bind/dns.zone:
2002100917 ; serial number, in date form
10800 ; refresh 4 minutes
3600 ; retry interval 2 minutes
604800 ; expire
3600 ; default ttl
The system administrator then ran the following command to force the nameserver to recheck for the proper ip address to resolve host name :
rndc flush (flushed cache on nameserver and forced it to reread)
Another important command was used to get a zone transfer:
dig @wgheath +search wgheath axfr |less
This gave a dump of the zone file for my domain.
In /etc/http.conf comment out:
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
then restart apache:
/etc/init.d/apache restart
If someone starts a new project and they don't want to wait for cron you can run the scripts that cron would run by doing the following:
as root:
/usr/lib/sourceforge/bin/update-use-groups-ssh.sh
/usr/lib/sourceforge/bin/dns_conf.pl
/etc/init.d/bind9 stop
ps -ef|grep named
/etc/init.d/bind9 start
If there are problem check to see that appropriate entries are in:
/var/lib/sourceforge/bind
I have installed debian sourceforge and then I did apt-get install twiki. I put shell1.wgheath.rmtc.fedex.com for the url. I then put the following in /etc/sourceforge/sf-httpd.conf:
<VirtualHost 199.81.57.27>
ServerName shell1.wgheath.rmtc.fedex.com
DocumentRoot /var/www/twiki/pub/
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
</VirtualHost>
I then attempted to add a user through the registration and came up with the mail program problem. I research this and it said to go to Twiki Preferences and set SMTPMAILHOST =
to nothing. To do this however I needed to edit the page. I attempted to this and it prompted me for the user name and password for ByPassword? I didn't understand this very well so I just went to .htaccess in /usr/lib/cgi-bin/twiki and changed it to look like:
AuthUserFile /var/lib/twiki/data/.htpasswd
AuthName ByPassword
AuthType Basic
# SetHandler cgi-wrap-twiki
ErrorDocument 401 /cgi-bin/twiki/oops/TWiki/TWikiRegistration?template=oopsauth
<Files ~ "[^/]*\.html$">
# does this just mean "fail"?
SetHandler blabla
allow from all
</Files>
<Files "*">
allow from all
</Files>
I was then able to edit the SMTPMAILHOST = entry and then the mail worked. I then wanted to attach a file to a web page on TwikiGuest. This failed so I tailed /var/log/apache/error.log and found:
[Fri Oct 11 17:32:59 2002] upload: copy(/var/tmp/CGItemp3975, /var/www/twiki/pub
/Main/TWikiGuest/pythonprog.doc) failed: No such file or directory at /usr/share
/perl5/TWiki/Store.pm line 764.
so I went to /var/www/twiki/pub and there was no Main directory underneath it. I added /Main/TwikiGuest under /var/www/twiki/pub and set the permissions to 777 on each of the new directories. It was then that the file attach succeeded. I also had to do the following to make gif's work:
wgheath:/var/lib/twiki/data/pub# cp -R pub /var/lib/twiki/data/
There are many clients that you could work with. I will describe cvs setup of cygwin, Netbeans, and Eclipse.
Installing cygwin is very simple and is required to get all other IDE's to work right. I typically do the following when I install cygwin:
You then have everything you need to checkout and edit code according to the CVS directions that are given on the standard debian sourceforge cvs page for any project. A problem that you will run into however is that you will be prompted for your password everything you do something unless you configure a public key.
In cygwin type:
ssh-keygen -t rsa
Just press enter for everything.
You must then login to debian sourceforge and go to your project -> edit keys and paste the contents of:
id_rsa.pub
You must then run as root:
/usr/lib/sourceforge/bin/update-user-group-ssh.sh
You should now be able to do anything with cvs without having to enter your password.
When you add a new member to your development membership that user will have to do the same thing on their cygwin and enter their key into the keys area of the project and run the same update script.
To setup eclipse on windows you will have to do all steps for cygwin above. If you look at the following url:
You will notice that it says you will need a way of doing things without having to send the password each time. That is why you do the cygwin step above. Then all is needed is:
1.Specify "ext" as the connection method type when creating the repository connection.
2.Window->Preferences->Team->CVS->Ext Connection Method. On this page, specify the name and location of your external ssh client. This will be ssh.exe supplied with cygwin. Only modify the top line and leave the second line alone. You will notice that as you descend into the cvs server in eclipse that a little dos window comes up, that is the invocation of the ssh.exe client and is normal.