POSTFIX MYSQL安装指南.docx
《POSTFIX MYSQL安装指南.docx》由会员分享,可在线阅读,更多相关《POSTFIX MYSQL安装指南.docx(26页珍藏版)》请在冰豆网上搜索。
POSTFIXMYSQL安装指南
POSTFIXMYSQL安装指南
2009-7-28
一安装MYSQL(5.1.30):
安装步骤略,参见MYSQL文档;
#groupaddmysql
#useradd-gmysqlmysql
#scripts/mysql_install_db--user=mysql
#chown-Rroot.
#chown-Rmysqldata
#chgrp-Rmysql.
#cpmy-f/etc/f
#cpmysql.server/etc/init.d/mysql
#/etc/init.d/mysqlstart
#mysql-uroot–p
#chkconfig--addmysql
#chkconfg--listmysql
二安装openssl-0.9.8h:
也可自己编译安装,具体略,注意以后安装其他软件时openssl路径设置问题
#yumlist|grepopenssl
三安装cyrus-sasl
自己编译sasl,
#wget–mpftp:
//ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.23.tar.gz
#./configure--prefix=/usr/local/sasl2--disable-gssapi--disable-anon--disable-sample--disable-digest--enable-plain--enable-login--enable-sql--with-mysql=/usr/local/mysql--with-mysql-includes=/usr/local/mysql/include--with-mysql-libs=/usr/local/mysql/lib--with-authdaemond=/usr/local/courier-authlib/var/spool/authdaemon/socket
#make
#makeinstall
配置sasl2
#mv/usr/lib/libsasl2.a/usr/lib/libsasl2.a.off
#mv/usr/lib/libsasl2.so.2.0.22/usr/lib/libsasl2.so.2.0.22.off
#mv/usr/lib/sasl2/usr/lib/sasl2.off
#rm-rf/usr/lib/libsasl2.so
#rm-rf/usr/lib/libsasl2.so.2
#rm-rf/usr/sbin/pluginviewer
#rm-rf/usr/sbin/saslauthd
#rm-rf/usr/sbin/sasldblistusers2
#rm-rf/usr/sbin/saslpasswd2
#rm-rf/usr/sbin/testsaslauthd
#ln-sv/usr/local/sasl2/lib/*/usr/lib/
postfix2.3以后的版本会分别在/usr/local/lib和/usr/local/include中搜索sasl库文件及头文件,故还须将其链接至此目录中:
#ln-sv/usr/local/sasl2/lib/* /usr/local/lib
#ln-sv/usr/local/sasl2/include/sasl/* /usr/local/include
#ln-sv/usr/local/sasl2/sbin/*/usr/sbin
#ln-sv/usr/local/sasl2/sbin/*/usr/local/sbin/
创建运行时需要的目录并调试启动
#mkdir-pv/var/state/saslauthd
#/usr/sbin/saslauthd -a shadow pam -d
说明:
-a选择mechaninsm验证方式-d打开debugging
加-d好像有问题,回头在研究吧
启动并测试
#/usr/local/sbin/saslauthd-ashadowpam
#/usr/local/sbin/testsaslauthd-uroot-p123456
配置库文件搜索路径
#echo"/usr/local/sasl2/lib">>/etc/ld.so.conf
#echo"/usr/local/sasl2/lib/sasl2">>/etc/ld.so.conf
#echo"/usr/local/mysql/lib">>/etc/ld.so.conf
#ldconfig
#ldconfig-v
开机自动启动
#echo"/usr/local/sbin/saslauthd-ashadowpam">>/etc/rc.local
四安装BerkeleyDB库
在oracle网站下载db-4.7.25.tar.gz
#tarzxvfdb-4.7.25.tar.gz
#cddb-4.7.25/build_unix
#../dist/configure--prefix=/usr/local/BerkeleyDB
#make
#makeinstall
修改相应的头文件指向
#mv/usr/include/db4//usr/include/db4.OFF
#rm /usr/include/db_cxx.h
#rm /usr/include/db.h
#rm /usr/include/db_185.h
#ln-sv/usr/local/BerkeleyDB/include /usr/include/db4
#ln-sv/usr/local/BerkeleyDB/include/db.h /usr/include/db.h
#ln-sv/usr/local/BerkeleyDB/include/db_cxx.h /usr/include/db_cxx.h
配置库文件搜索路径
#echo"/usr/local/BerkeleyDB/lib">>/etc/ld.so.conf
#ldconfig
#ldconfig-v
五、安装httpd-2.2.11
下载httpd-2.2.11.tar.gz,apr-1.3.7.tar.gz,apr-util-1.3.8.tar.gz
首先安装apr-1.3.7和apr-util-1.3.8
#./configure–prefix=/usr/local/apr;make;makeinstall
#./configure–prefix=/usr/local/apr-util–with-apr=/usr/local/apr;make;makeinstall
#./configure--prefix=/usr/local/apache--enable-cgi--enable-so--enable-ssl--with-ssl=/usr/include/openssl--enable-track-vars--enable-rewrite--with-zlib--enable-mods-shared=most--enable-suexec--with-suexec-caller=daemon--with-suexec-docroot=/var/www/extsuite/--enable-module=most--enable-proxy--enable-proxy-ajp--enable-forward--enable-proxy-connect--enable-proxy-http--enable-deflate--enable-headers--enable-include--enable-dav--with-apr=/usr/local/apr--with-apr-util=/usr/local/apr-util
#make;makeinstall
测试安装启动:
#/usr/local/apache/bin/apachectl–t–检测配置文件语法
#/usr/local/apache/bin/apachectl–kstart–启动
#/usr/local/apache/bin/apachectl–S–检测虚拟主机配置
修改suexec权限:
#chmod4755/usr/local/apache/bin/suexec
六、安装php-5.30
下载php5.30
#./configure--prefix=/usr/local/php--with-apxs2=/usr/local/apache/bin/apxs--with-libxml-dir=/usr/lib--enable-zip--with-mysql=/usr/local/mysql--with-mysqli=/usr/local/mysql/bin/mysql_config--with-jpeg-dir=/usr/lib--with-png-dir=/usr/lib--enable-exif--with-gd--enable-soap--enable-sockets--enable-mbstring--with-freetype-dir=/usr/lib--disable-mbregex--with-zlib--with-bz2--enable-calendar--without-iconv--with-pdo-mysql
#make;maketest;makeinstall
#cpphp.ini-production/usr/local/php/lib/php.ini
修改/usr/local/apache/conf/httpd.conf文件,添加以下内容,增加对php支持:
AddTypeapplication/x-httpd-php.php
AddTypeapplication/x-httpd-php-source.phps
PhpIniDir/usr/local/php/lib/php.ini
进行测试查看安装略;
七安装postfix2.6
首先创建用户组和用户
#groupadd-g2525postfix
#groupadd-g2526postdrop
#useradd-gpostfix-u2525-s/sbin/nologin-Mpostfix
#useradd-gpostdrop-u2526-s/bin/false-Mpostdrop
编译makefile文件
#makemakefiles'CCARGS=-DHAS_MYSQL-I/usr/local/mysql/include-DUSE_SASL_AUTH-DUSE_CYRUS_SASL-I/usr/local/sasl2/include/sasl-I/usr/local/BerkeleyDB/include-DUSE_TLS-I/usr/include/openssl''AUXLIBS=-L/usr/local/mysql/lib-lmysqlclient-lz-lm-L/usr/local/sasl2/lib-lsasl2-L/usr/local/BerkeleyDB/lib-L/usr/lib-lssl-lcrypto'
#make
#makeinstall
安装时会有提示输入路径,参照下面输入,这里的postfix将安装在独立的目录/usr/local/postfix中,目的是为了方便管理;您亦可以采用默认安装的方式,可能这样使用起来会更为方便些;
install_root:
[/]/
tempdir:
[/soft//postfix-2.4.5]/tmp
config_directory:
[/etc/postfix]/etc/postfix
command_directory:
[/usr/sbin]/usr/local/postfix/sbin
daemon_directory:
[/usr/libexec/postfix]/usr/local/postfix/libexec
data_directory:
[/var/lib/postfix]
queue_directory:
[/var/spool/postfix]
sendmail_path:
[/usr/sbin/sendmail]
newaliases_path:
[/usr/bin/newaliases]
mailq_path:
[/usr/bin/mailq]
mail_owner:
[postfix]
setgid_group:
[postdrop]
html_directory:
[no]/var/www/postfix_html
manpages:
[/usr/local/man]/usr/local/postfix/man
readme_directory:
[no]
安装完成后,生成别名二进制文件,这个步骤如果忽略,会造成postfix效率极低:
# mv/etc/aliases/etc/aliases.OFF
# ln-sv/etc/postfix/aliases/etc/aliases
# newaliases
配置/etc/postfix/文件
#myhostname=
#mydomain=
#myorigin=$mydomain
#mydestination=$myhostname,localhost.$mydomain,localhost,$mydomain
#mynetworks=192.168.1.0/24,127.0.0.0/8
#inet_interfaces=all
说明:
myorigin参数用来指明发件人所在的域名;
mydestination参数指定postfix接收邮件时收件人的域名,即您的postfix系统要接收到哪个域名的邮件;
myhostname参数指定运行postfix邮件系统的主机的主机名,默认情况下,其值被设定为本地机器名;
mydomain参数指定您的域名,默认情况下,postfix将myhostname的第一部分删除而作为mydomain的值;
mynetworks参数指定你所在的网络的网络地址,postfix系统根据其值来区别用户是远程的还是本地的,如果是本地网络用户则允许其访问;
inet_interfaces参数指定postfix系统监听的网络接口;
注意:
1、在postfix的配置文件中,参数行和注释行是不能处在同一行中的;
2、任何一个参数的值都不需要加引号,否则,引号将会被当作参数值的一部分来使用;
3、每修改参数及其值后执行postfixreload即可令其生效;但若修改了inet_interfaces,则需重新启动postfix;
4、如果一个参数的值有多个,可以将它们放在不同的行中,只需要在其后的每个行前多置一个空格即可;postfix会把第一个字符为空格或tab的文本行视为上一行的延续;
启动postfix
#/usr/local/postfix/sbin/postfix start
#echo"/usr/local/postfix/sbin/postfix start">>/etc/rc.local
连接postfix,验正服务启动状况:
#telnetlocalhost25
Trying127.0.0.1...
Connectedtolocalhost.localdomain(127.0.0.1).
Escapecharacteris'^]'.
220mail.benet.orgESMTPPostfix
ehlo//手工输入
250-
250-PIPELINING
250-SIZE10240000
250-VRFY
250-ETRN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250DSN
mailfrom:
root@//手工输入
2502.1.0Ok
rcptto:
lixinjun@//手工输入
2502.1.5Ok
Data//手工输入
354Enddatawith.
subject:
Mailtest!
//手工输入
Mailtest!
!
!
//手工输入
.//手工输入
2502.0.0Ok:
queuedasAB94A1A561
Quit//手工输入
2212.0.0Bye
Connectionclosedbyforeignhost.
切换到redhat用户进行收信:
#su–lixinjun
$mail
Mailversion8.16/6/93. Type?
forhelp.
"/var/spool/mail/redhat":
1message1new
>N 1root@domain WedSep 510:
59 15/488 "Mailtest!
"
&
如果没有错误就证明已经安装成功,进行下面配置,如果有问题在进行测试修改,检测配置!
八、为postfix开启基于cyrus-sasl的认证功能
使用以下命令验正postfix是否支持cyrus风格的sasl认证,如果您的输出为以下结果,则是支持的(默认已经支持):
#/usr/local/postfix/sbin/postconf -a
cyrus
dovecot
#vim/etc/postfix/main.cf
添加以下内容:
############################CYRUS-SASL############################
broken_sasl_auth_clients=yes
smtpd_recipient_restrictions=permit_mynetworks,permit_sasl_authenticated,reject_invalid_hostname,reject_non_fqdn_hostname,reject_unknown_sender_domain,reject_non_fqdn_sender,reject_non_fqdn_recipient,reject_unknown_recipient_domain,reject_unauth_pipelining,reject_unauth_destination
smtpd_sasl_auth_enable=yes
smtpd_sasl_local_domain=$myhostname
smtpd_sasl_security_options=noanonymous
smtpd_sasl_application_name=smtpd
smtpd_banner=Welcometoour$myhostnameESMTP!
#vim/usr/local/lib/sasl2/smtpd.conf(可能是vim/usr/lib/sasl2/smtpd.conf)
说明:
我安装后/usr/lib/sasl2/smtpd.conf没有这个文件,从sasl2.off里面拷贝过来测试也通过了
添加如下内容:
pwcheck_method:
saslauthd
mech_list:
PLAINLOGIN
让postfix重新加载配置文件
#/usr/local/postfix/sbin/postfixreload
#telnetlocalhost25
Trying127.0.0.1...
Connectedtolocalhost.localdomain(127.0.0.1).
Escapecharacteris'^]'.
220Welcometoourmail.benet.orgESMTP,Warning:
VersionnotAvailable!
ehlomail.benet.org
250-mail.benet.org
250-PIPELINING
250-SIZE10240000
250-VRFY
250-ETRN
250-AUTHPLAINLOGIN
250-AUTH=PLAINLOGIN (请确保您的输出以类似两行)
250-ENHANCEDSTATUSCODES
250-8BITMIME
250DSN
Quit
这样就成功支持cyrus-sasl的认证功能;
九、安装Courierauthenticationlibrary
#tarjxvfcourier-authlib-0.62.4.tar.bz2
查看编译帮助
#./configure–help
编译
#./configure--prefix=/usr/local/courier-authlib--sysconfdir=/etc--without-authpam--without-authldap--without-authpwd--without-authshadow--without-authvchkpw--without-authpgsql--with-mysql-libs=/usr/local/mysql/lib--with-mysql-includes=/usr/local/mysql/include--with-redhat--with-authmysqlrc=/etc/authmysqlrc--with-authdaemonrc=/etc/authdaemonrcCFLAGS="-march=i686-O2-fexpensive-optimizations"CXXFLAGS="-march=i686-O2-fexpensive-optimizations"
#make
#makeinstall
#makeinstall-migrate
#makeinstall-configure
#chmod755/usr/local/courier-authlib/var/spool/authdaemon
#cp/etc/authdaemonrc/etc/authdaemon.off
#cp/etc/au
升级会员 