CentOS*/RHEL 6.x Plone 4.x & Documentviewer DR - VM Setup, Author/Eric Tyrer Assoc. Director - Web Systems Group York College - City University of New York
- launch VMSphere
- create new VM
- select CPU's, NIC's, storage space & strategy.
- connect RHEL 6 iso to VM
- start virtual machine
- select install/upgrade system in graphical mode
- skip media test (this is a disk image)
- select English as Language
- select US English as keyboard layout
- select Basic Storage Device
- clean disk must be initialized
- select re-initialize all
- give VM/Server a hostname
- set timezone/location
- create root password & verify
- confirm installation type by selecting use all space
- confirm formatting by answering affirmative within the dialog box to commit storage configuration to disk
under base system select:
- base
- console internet tools
- debugging tools
- hardware monitoring utilities
- java platform
- network tools
- perl support
- ruby support
- security tools
under servers select:
- server platform
- system administration tools
under system management select
- snmp support:
under desktops select:
- fonts
under development select:
- development tools
- server platform development
install vmware tools must be initiated from within vmware center
- select Inventory, Guest, Install Upgrade/Install VMware Tools
- mount disk within virtual machine
- mount /dev/cdrom /media
- cp /mnt/VMwareTools-* to /tmp
- cd /tmp
- tar zxf VMwareTools-*
- ./vmware-tools/vmware-install.pl
- answer all prompts to complete
setup networking
- vi /etc/sysconfig/network-scripts/ifcfg-eth0
- enter insert mode (i)
- modify parameter ONBOOT=no to ONBOOT=yes
- escape then :wq to write changes to disk (this vi command will quit vi for you)
- enter setup at #prompt
- select Network Configuration, Device Configuration, eth0 - VMware VMXNET3 Ethernet Controller
- enter static IP assigned by network administrator
- enter netmask 255.255.255.0
- enter default gateway (dependent on vlan)
- enter primary DNS 172.16.139.11 as well as secondary 172.16.139.12
- exit setup, saving changes
register system with redhat network
- type setup at #prompt
- select RHN Register
- confirm yes or hit enter to connect to RHN
- confirm next and then enter RHN credentials
- select system updates (usually all apply)
- exit when finished
update core system software
- yum update -y
- accept RHEL network keys
- wait/go to the bathroom/lunch
protect our repositories using yum-plugin-priorities
The priorities plugin can be used to enforce ordered protection of repositories, by associating priorities to repositories. Packages from repositories with a lower priority will never be used to upgrade packages that were installed from a repository with a higher priority. We're going to use EPEL, REMI, and RPMForge Repos, which have the potential to screw up things.
- yum instal yum-plugin-priorities
- edit the /etc/yum/pluginconf.d/priorities.conf file, ensure it contains:
- [main] enabled=1
- With the plugin enabled, you may add priorities to repositories by adding the line:
- priority=N
- for more info refer to http://wiki.centos.org/PackageManagement/Yum/Priorities
complete install of development libraries
- install EPEL repository for software.
- rpm --import https://fedoraproject.org/static/0608B895.txt
- wget http://linux.mirrors.es.net/fedora-epel/6/i386/epel-release-6-7.noarch.rpm
- rpm -i epel-release-6-7.noarch.rpm
- install RPMforge (AKA RepoForge)
- wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
- rpm -i rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
- yum install -y autoconf automake libtool libpng-devel libjpeg-devel libtiff-devel zlib-devel openssl-devel screen python-devel lcms2 lcms2-devel lcms2-utils freetype-devel bzip2-devel epstool poppler-utils pdftk p7zip ruby-lsapi ruby-rdoc ttmkfdir cabextract
msttcorefonts on RHEL6 / Centos6 - Improves Typographic Accuracy of Documents
thanks to help obtained from http://oimon.wordpress.com/2011/09/05/msttcorefonts-on-rhel6-centos-6-sl6/
msttcorefonts is a way of obtaining the Microsoft TrueType fonts on Linux. However, version 6 release of Red Hat Enterprise Linux no longer includes a pre-requisite of msttcorefonts package, namely chkfontpath, which in turn, relies on the font server package xfs.
- change directory to /usr/local/src
- mkdir msttfonts and cd msttfonts
- wget http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec
The latest version of msttcorefonts at sourceforge doesn’t cater for this, so in the meantime we can patch the spec file and build it ourselves.
- vi msttcorefonts.rhel6.patch
- Copy & paste the following block:
--- msttcorefonts-2.0-1.spec 2011-09-05 11:09:57.206756336 +0100 +++ msttcorefonts-2.0-1.1.spec 2011-09-05 11:23:56.925761649 +0100 @@ -19,8 +19,8 @@ BuildPrereq: %{ttmkfdir} BuildPrereq: wget BuildPrereq: cabextract -Prereq: /usr/sbin/chkfontpath -Packager: Noa Resare <[email protected]> +#Prereq: /usr/sbin/chkfontpath +#Packager: Noa Resare <[email protected]> %description The TrueType core fonts for the web that was once available from @@ -152,7 +152,7 @@ %post if test $1 -eq 1 then - /usr/sbin/chkfontpath --add %{fontdir} + ln -s /usr/share/fonts/msttcorefonts/ /etc/X11/fontpath.d/msttcorefonts fi # something has probably changed, update the font-config cache if test -x /usr/bin/fc-cache @@ -163,7 +163,7 @@ %preun if test $1 -eq 0 then - /usr/sbin/chkfontpath --remove %{fontdir} + /bin/rm -f /etc/X11/fontpath.d/msttcorefonts fi %files
- Write file out and save as msttcorefonts.rhel6.patch
- We should have two files within /usr/local/src/msttfonts, msttcorefonts.rhel6.patch & msttcorefonts-2.0-1.spec
- Patch < msttcorefonts.rhel6.patch
(Visually inspect the resulting spec file to verify that it no longer requires chkfontpath.)
rebuild rpm package using new spec file
- rpmbuild -bb msttcorefonts-2.0-1.spec
either copy new RPM to your local repo or install locally
- yum localinstall msttcorefonts-2.0-1.noarch.rpm
install ruby gems
- cd /usr/local/src
- wget http://production.cf.rubygems.org/rubygems/rubygems-1.8.24.tgz
- tar zxf rubygems-1.8.24.tgz
- cd rubygems-1.8.24
- invoke ruby setup.rb
- successful install of ruby gems will result in RubyGems 1.8.24 installed returned at the # prompt
install GraphicsMagick
- change directory to /usr/local/src
- wget http://downloads.sourceforge.net/project/graphicsmagick/graphicsmagick/1.3.15/GraphicsMagick-1.3.15.tar.xz
- tar xf GraphicsMagick-1.3.15.tar.xz
- cd GraphicsMagick-1.3.15
- ./configure --enable-shared --with-bzlib=yes --with-gslib=yes --with-windows-font-dir=/usr/share/fonts/msttcorefonts
- make; make install -j4 (-j flag should equal cpu's present)
installation of Tesseract (OCR) & its dependencies: leptonica
- change directory to /usr/local/src
- wget http://leptonica.org/source/leptonica-1.68.tar.gz
- tar xf leptonica-1.68.tar.gz
- cd leptonica-1.38
- ./autobuild
- ./configure --enable-shared
- make; make install -j4 (-j flag should equal cpu's present)
installation of Tesseract (OCR) & its dependencies: tesseract
- wget http://tesseract-ocr.googlecode.com/files/tesseract-3.01.tar.gz
- tar zxf tesseract-3.01.tar.gz
- cd tesseract-3.01
- ./autogen.sh
- ./configure --enable-shared
- make; make install
- export LD_LIBRARY_PATH=/usr/local/lib (this will give shell awareness of installed programs)
installation of Tesseract (OCR) English language package must be installed for OCR to work
- cd /usr/local/src
- wget http://tesseract-ocr.googlecode.com/files/tesseract-ocr-3.01.eng.tar.gz
- cd /tesseract-ocr/tessdata
- cp -R * /usr/local/share/tessdata/
installation of libreoffice download most current version
- cd /usr/local/src
- wget http://download.documentfoundation.org/libreoffice/testing/3.6.0/rpm/x86_64/LibO-Dev_3.6.0beta1_Linux_x86-64_install-rpm_en-US.tar.gz
- tar zxf LibO-Dev_3.6.0beta1_Linux_x86-64_install-rpm_en-US.tar.gz
- cd LibO-Dev_3.6.0beta1_Linux_x86-64_install-rpm_en-US/RPMS
- yum install * .rpm -y
- cd /opt
- rename libreoffice mv lodev3.6/ libreoffice
- symlink libreoffice with /usr/lib/libreoffice ln -s /opt/libreoffice /usr/lib/libreoffice
installation of docsplit gem
- gem install docsplit
- wget https://launchpad.net/plone/4.2/4.2rc2/+download/Plone-4.2rc2-UnifiedInstaller.tgz
- tar zxf Plone-4.2rc2-UnifiedInstaller.tgz
- cd Plone-4.2rc2-UnifiedInstaller
- ./install.sh zeo
- cd /usr/local/Plone/zeocluster
- vi buildout.cfg
- enter insert mode (i) add collective.documentviewer to eggs section
- escape :wq to write changes to disk
- rerun buildout ./bin/buildout
[1] Modify Plone User for Headless Libreoffice
- usermod -G root plone
- ./bin/restartcluster.sh
[1] | Warning!!! Any program can come under attack, and probably will. By default, every process runs with the privileges of the user or process that started it. Therefore, if a user has logged on with restricted privileges, your program should run with those restricted privileges. This effectively limits the amount of damage an attacker can do, even if he successfully hijacks your program into running malicious code. Do not assume that the user is logged in with administrator privileges; you should be prepared to run a helper application with elevated privileges if you need them to accomplish a task. However, keep in mind that, if you elevate your process’s privileges to run as root, an attacker can gain those elevated privileges and potentially take over control of the whole system. |