Kolab2 Server Install and Upgrade Information ============================================= See http://kolab.org/ for general information about Kolab, or look at http://wiki.kolab.org/ for specific topics. It is recommended to subscribe to the announcement mailing list at http://kolab.org/mailman/listinfo/kolab-announce to receive security advisories and release announcements. Quick install instructions -------------------------- For a fresh install /kolab needs to be an empty directory with at least 1GB of free disk space. You can use a symlink, but do _not_ use an NFS mounted drive. If the directory does not yet exist, it will automatically be created. Make sure that the following names are not in /etc/passwd or /etc/groups, as openpkg will want to create them: "kolab" "kolab-r" "kolab-n" Check http://www.openpkg.org/documentation/ for additional documentation for the OpenPKG packaging system. To install the Kolab2 server, you need to download the files from the directory containing this file (1st.README) to some local directory. You can check the integrity of the downloaded files with: $ gpg --verify MD5SUMS $ md5sum -c MD5SUMS Then as root, cd into that local directory and run # sh obmtool kolab 2>&1 | tee kolab-build.log to build and install packages in /kolab. By default, the Kolab Server will now be started at boottime. After the build/install is complete, please run # /kolab/etc/kolab/kolab_bootstrap -b and follow the instructions. General update instructions --------------------------- Usually an update of the Kolab 2 server works as described here. In some cases you will need to deviate from these instructions a bit. All such cases are documented below, so read the release specific update instructions for all releases newer than the one you already have before you start the update. In any case you should completely read *all* relevant update instruction *before* starting the upgrade procedure. All ways make sure you have a recent backup of your /kolab directory before you attempt to upgrade Kolab. The installation of the new packages works just as for the initial installation. Download the files as described above and run # sh obmtool kolab 2>&1 | tee kolab-update.log obmtool will usually automatically determine which packages need to be built. If you have made changes to configuration files or an updated package includes configuration files which are usually regenerated from files in /kolab/etc/kolab/templates/ the old configuration file will be saved with the extension .rpmsave. For files generated from templates you just have to remove the rpmsave file, because services will refuse to start if there still is an rpmsave file, e.g.: # rm /kolab/etc/clamav/*.conf.rpmsave For other changed files (e.g. the template files themselves) you may want to transfer your changes from the .rpmsave backup to the new files. Then regenerate the configuration and restart Kolab with: # /kolab/sbin/kolabconf # /kolab/bin/openpkg rc all restart Upgrading from earlier versions ------------------------------- Direct upgrade from Kolab1 is not recommendable at this point. We suggest that you back up your IMAP store, install Kolab2 and manually recreate user accounts and then restore the IMAP data from the backup. After an upgrade, always run /kolab/sbin/kolabconf to make sure the configuration files are regenerated from your templates. Upgrade from Kolab server 2.0 to 2.1 ------------------------------------ Upgrading from Kolab 2.0.x to 2.1 is described in detail in the file UPGRADING.20-21 in this directory. The latest version of the upgrading instruction can be found in the Kolab.org raw-howtos CVS: http://kolab.org/cgi-bin/viewcvs-kolab.cgi/*checkout*/doc/raw-howtos/kolab_2.0_to_2.1_upgrade_instructions.txt Please read carefully all the following update instructions in this file, while some of the information will be redundant there might be additional notes which are essential for an successful update. Upgrade from pre-2.1-snapshot-20051130 -------------------------------------- This upgrade is somewhat tricky, because of a new db package and a new OpenLDAP version. To make sure that no data is lost, you are strongly advised to stop the server and make a backup before you start the update. Some files are removed during the upgrade described below. 1. Before installing the new RPMs Before installing the new packages, copy the contents of the openldap database (use a different output filename if you want): /kolab/sbin/slapcat > ~/kolab-slapcat-data The db update also affects the imap server. cd /kolab/var/imapd/db /kolab/bin/db_recover rm /kolab/var/imapd/db/* 2. After installing the new RPMs You need to make two small changes are required for the openldap configuration file /kolab/etc/openldap/slapd.conf: - comment out the line require none - Move the line with the suffix setting to just after the "database bdb" line. These changes have already been done in the new slapd.conf.template, so it can be used for guidance. Then restore the openldap data: rm /kolab/var/openldap/openldap-data/* /kolab/sbin/slapadd -l ~/kolab-slapcat-data The IMAP server should work without further changes. Upgrade from pre-2.1-snapshot-20051215 -------------------------------------- Nothing special has to be done for this upgrade. Upgrade from 2.1-beta-1 ----------------------- 1. imapd hashimapspool setting The default imapd configuration has been changed to enable the hashimapspool option. This means that in 2.1-beta-2 the directory layout of the imapd spool (/kolab/var/imapd/spool/) is different from the one in beta-1. When you upgrade from beta-1 it's best to keep using the old structure, so remove or comment out the corresponding line in /kolab/etc/kolab/templates/imapd.conf.template *before* running kolabconf. For new installations the new default setting is recommended because it's more efficient especially when you have many mailboxes. For some background information about this see the dicussion at https://intevation.de/roundup/kolab/issue1089 2. distribution lists There was a bug in earlier versions regarding the distribution lists for administrative emails aliases like postmaster@. They were created without the domain part. This has been fixed so that they are created with the correct domains in their names, but admin distribution lists created by an earlier Kolab server version will not be updated automatically. The easiest way to do this is by deleting them all and then to create them again with the services page of the web-interface. For more details about the bug, see https://intevation.de/roundup/kolab/issue1100 Upgrade from 2.1-beta-2 ----------------------- 1. postfix: ownership of virtual and transport: The owner of two config files has to be root, otherwise postfix will change to an unprivileged user for creating the corresponding .db files, isn't able to write them after the upgrade and fails to create further database files which don't get generated from kolab templates. To correct the file owner, execute the following commands as root: cd /kolab/etc/postfix chown root transport virtual make See kolab/issue1433 for details about this topic. 2. imapd: database format for annotations.db and mailboxes.db The default database format for /kolab/var/imapd/annotations.db and /kolab/var/imapd/mailboxes.db has changed from skiplist to berkeley db. If you want to keep the old format, comment out or remove the lines "annotation_db: berkeley" and "mboxlist_db: berkeley" in the file "/kolab/etc/kolab/templates/imapd.conf.template" and make sure the file "/kolab/etc/imapd/imapd.conf" reflects this, too, by either running /kolab/sbin/kolabconf or changing it manually there, too. To convert the databases to berkeley db format, execute as root: /kolab/bin/openpkg rc imapd stop su - kolab-r cd /kolab/var/imapd/ mv annotations.db annotations.db-skiplist cvt_cyrusdb /kolab/var/imapd/annotations.db-skiplist skiplist \ /kolab/var/imapd/annotations.db berkeley mv mailboxes.db mailboxes.db-skiplist cvt_cyrusdb /kolab/var/imapd/mailboxes.db-skiplist skiplist \ /kolab/var/imapd/mailboxes.db berkeley exit /kolab/bin/openpkg rc imapd start See http://wiki.kolab.org/index.php/Kolab2_IMAPD_annotations.db_Problems for details about this topic. Upgrade from 2.1-beta-3 ----------------------- 1. Symlink from /kolab/kolab to /kolab no longer needed: Due to kolab/issue1490 a symbolic link was needed to fix a packaging problem which otherwise disturbed free/busy cache generation. It is no longer needed and may optionally be removed: rm /kolab/kolab 2. imapd: emails with identical message-id header: In all previous releases the imap server discarded emails with identical message-ids received within three days. This caused multiple problems mentioned in kolab/issue1532. This change may cause duplicate messages in mailboxes due to cross postings, distribution lists or possible bugs in imap clients. If you want to revert to the old behaviour, please comment out or remove the line "duplicatesuppression: 0" in /kolab/etc/kolab/templates/imapd.conf.template or set the value to 1. Upgrade from 2.1-beta-4 ----------------------- Nothing special has to be done for this upgrade. Upgrade from 2.1-rc-1 --------------------- The database backend for the free/busy cache was changed to solve licensing issues between php4+ and gdbm. See kolab/issue1607 for details. Follow the steps to regenerate the free/busy cache shown in the section "Final Steps" in the file UPGRADING.20-21 Upgrade from 2.1-rc-2 --------------------- Nothing special has to be done for this upgrade. Known problems and workarounds ------------------------------ - Your system (C library) has to support all languages you want to have available in the web admin interface and fbview. For most languages you have to use the non-UTF-8 and non-euro locales, i.e. de_DE, fr_FR, it_IT, nl_NL instead of e.g. de_DE@euro. For fbview some languages need a UTF-8 locale, e.g. ja_JP.UTF-8 for Japanese. See kolab/issue881 and kolab/issue1585 for details. - If login on https://yourserver.example.com/fbview and triggering free/busy regeneration does not work, try as user kolab: /kolab/bin/php -r 'imap_open("{localhost:143/notls}", "" ,"");' If it yields "Segmentation fault (core dumped)", then there probably is a conflict between a dynamically loaded libdb3 from your system and a statically linked libdb4 from the OpenpPKG php package. If it yields a "PHP Warning: ...", this part of the system works correctly. One reason for such a conflict could be the mere presence of /lib/libnss_db.so.*, which is installed on some distributions by default. On Debian systems it is contained in the package "libnss-db". If you really need this library, you could work around the loading of libdb3 by placing a symbolic link with the correct name in /kolab/lib, e.g.: ldd /lib/libnss_db.so.2 libnss_files.so.2 => /lib/tls/libnss_files.so.2 (0xb7f16000) ---> libdb3.so.3 => /usr/lib/libdb3.so.3 (0xb7e6b000) libc.so.6 => /lib/tls/libc.so.6 (0xb7d36000) /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000) ln -s /dev/null /kolab/lib/libdb3.so.3 See kolab/issue1607 (need to replace gdbm for pfbcache, because of license clash gdbm vs php) for details. - Under some circumstance the Kolab server may not create or delete users or update the configuration after changes have been made in the web interface. This happens most often immediately after the bootstrap. In that case restart the kolabd: /kolab/bin/openpkg rc kolabd restart If user accounts are still not created or deleted, you can try removing the file /kolab/var/kolab/mailbox-uidcache.db and restarting kolabd. See kolab/issue1068 (Mailboxes are not created until kolabd restart) and kolab/issue1098 (Changes in the service tab are not accepted after bootstrap) for details. - If modifying or deleting of address book entries doesn't work, restarting openldap can help, see kolab/issue854 for details. - There is a report that the manager can only see users in the primary domain, see kolab/issue1485. We can't reproduce this problem, please tell us if you can. - Calendar folders for group/resource accounts can't be created for domains which were added after bootstrap, i.e. via the web admin interface. See kolab/issue1313 for details. - When deleting domains via the web admin interface, the corresponding LDAP data and IMAP spool stay on the server and have to be deleted manually. See kolab/issue1571 and kolab/issue1576 for details. $Id: README.1st,v 1.57 2007/05/10 10:17:37 thomas Exp $