Internet Express Version 6.7 for Tru64 UNIX: Installation Guide
Chapter 1 Installation Overview
You can run the Internet Express installation
procedure in a Web browser or on the command line. You choose the
method you want to use early in the installation process. Chapter 2 explains how to use a Web
browser to install Internet Express.
After completing the installation, perform some
of the tests described in Chapter 3 to verify the installation. For troubleshooting information, see Chapter 4.
on supported hardware configurations, see the QuickSpecs. Table 1-1 describes the minimum
system configuration recommended for Internet Express Version 6.7.
Table 1-1 Minimum System Configuration Recommended for Internet Express Version
|Maximum /usr file system disk space||Approximately
1200 MB for a full installation of all components. |
|Operating system version|| Tru64 UNIX Version 5.1B and higher|
Disk space and memory requirements can vary depending on your
system configuration and the Internet Express subsets you install.
Most of the disk space required by the Internet Express Version
6.7 installation is in the /usr file system. Less
than 400 KB is required in the / (root) file system
and 1.6 MB in the/var file system, except that
during the installation procedure, approximately 1 MB of extra space
is temporarily used in the /var file system.
To avoid any potential installation errors or system
misconfiguration, the installation procedure verifies that the required
amount of swap space is available before installing each subset.
Subsets will not be installed if the available swap space drops below
If this should happen, you can add another swap
partition. (See swapon(8).) If you allow the installation
procedure to switch your system to deferred (or lazy) swap mode, you
can reboot the system for the swap mode to take effect. The deferred
swap mode will allow you to make more efficient use of your swap space.
Once the swap space problems are solved, you can rerun the installation
procedure to install any chosen subsets that did not get installed
Certain Internet Express components require the Java Environment
to be installed prior to the intallation of the subset. Table 1-2 shows the components and
the minimum Java Environment (JAVAnnn or
OSFJAVAnnn subset) required.
Table 1-2 Java Requirements for Components
|Component||Subset Name||Required Java|
|Internet Monitor ||IAEMON ||Java SDK 1.3.1 or later|
|LDAP Browser ||IAEOLDAP ||Java JRE/SDK 1.3.1 or
|Axis Server||IAESOAP ||Java JDK/SDK 1.3.1 or later|
|Axis/UDDI4J Clients||IAEXMLJLIB||Java JDK/SDK
1.3.1 or later|
|Tomcat ||IAETOMCAT||Java JDK/SDK 1.4 or later|
The JDK kit can be downloaded from the following
If Internet Express is already installed on your system,
you do not need to remove it before installing Version 6.7 of the
product. The Version 6.7 installation procedure updates your earlier
version, preserving configuration files and user data. Updates from
Versions 6.4 and 6.5 to 6.7 are supported, and updates from earlier
versions should also work. (Earlier versions of this product are named
Open Source Internet Solutions.)
If the installation procedure determines that your network
or Domain Name System (DNS) is not configured on your system, the
procedure does a minimal configuration based on information that you
provide during the installation procedure. The worksheets in the following
sections can help you gather and organize the information requested
during installation to configure the network and DNS. In cases where
you must obtain addresses, contact your Internet service provider
(ISP) or system manager.
Network Configuration Worksheet
Use the following worksheet
to gather network configuration data before installing Internet Express Version
|Type of Information||Example||Entry|
|Network interface||tu0|| |
|Host name for this machine||myhost|| |
|IP address for the network interface||10.55.39.182|| |
|Subnet mask||255.255.255.0|| |
|Default gateway IP address||10.55.39.100|| |
|Network daemons and static routing||routed -q|| |
See the Administration Guide for information on installing and configuring the FireScreen firewall.
DNS Client Configuration Worksheet
The Domain Name System
(DNS) is a naming system that provides a service for resolving host
names to Internet Protocol (IP) address (and vice versa). The implementation
of DNS on most UNIX systems is BIND (Berkeley Internet Name Domain).
BIND is a network-naming service that enables servers to name resources
or objects and to share information with other objects on the network.
Use the following worksheet to gather DNS client
configuration data before installing Internet Express:
|Type of Information||Example||Entry|
|Is the system a DNS server or
|Domain name||site.org.com|| |
|Host name of primary name server||dnssrvr1|| |
|IP address of primary name server||10.55.39.186|| |
The Internet Express installation procedure invokes the bindconfig utility and allows you to configure a primary
name server. To set up a secondary name server, invoke the bindconfig utility on the command line.
The Internet Express product consists of Open Source Internet
software, Internet Monitor, LDAP Module for System Authentication, and
administration software developed by HP. All components
are optional, except when required as a prerequisite to another component
you selected. The installation procedure automatically selects all
prerequisite components when you select a component that is dependent
on other components.
The following software components are installed
as part of the following Internet Express subsets. See the Software
Description and Licensing Terms for a list of the current
version numbers for the components.
Administration Utility: (IAEADM)
— Depends on subsets for the UNIX client applications for Mail
(Pine) and news (TIN News Reader) (IAEUXCA), Tcl runtime components-
(IAETCLRT), Secure Web Server and Administration utility, (IAEAPCH and
IAEAPAD), and Internet Express documentation (IAEDOC).
The Administration utility allows you to:
Configure and manage the components you choose to
configure FireScreen to set up your system as a firewall. (Internet Express also
provides a command-line script, /usr/internet/security/firescreen.setup, for installing and configuring FireScreen. See the Administration
Guide for more information. You should use the Administration
utility to perform this task.)
Add, modify, and delete captive user accounts and
UNIX system user accounts, and configure mail delivery.
Perform other system management tasks (such as managing
printers and rebooting the system).
Internet Express Documentation: (IAEDOC) — The Internet Express documentation is
available on line in HTML format only after installation. You can
access the documentation from the Administration utility on port 8081 or
from the Installation and Documentation CD–ROM. See the Section : Related Documentation section of
the preface for a description of the documentation.
To read the reference pages supplied with or referred
to in the Internet Express product (using the man command
or the webman utility), the Tru64 UNIX Documentation Preparation
Tools subset (OSFDCMT) must be installed on your system.
LDAP Module for System Authentication (IAELDAM)
The LDAP Module for System Authentication is based on the Tru64 UNIX Security
Integration Architecture (SIA) security mechanism. The LDAP Module
for System Authentication allows user identification and authentication
information stored in an LDAP server to be used by applications, including
login authentication (rlogin, ftp, and telnet)
POP and IMAP authentication
transparent LDAP database access for the getpw*() and getgr*() routines in the libc library
The LDAP Module for System Authentication subset includes tools
designed to query the LDAP server for user and group information.
You can choose the LDAP Module for System Authentication as an option
FreeRADIUS Server (IAEFRAD)
Server configures user authentications services.
Command Line Utilities:
Lynx Web Browser for terminals (IAELYNX)
Lynx is a fully featured
World Wide Web (WWW) line browser for users connected to a system
by cursor-addressable, character-cell terminals or terminal emulators.
Lynx is a product of the Distributed Computing Group within Academic
Computing Services of The University of Kansas. You can choose Lynx
Open Source software as an option during installation. This option
includes help files for the Lynx Browser.
UNIX client applications for Mail (Pine) and news
Pine Mail Client and Pico Editor
Pine (Program for Internet
News & Email) is a tool for reading, sending, and managing electronic
messages on a terminal or terminal emulator. Pine was designed by
the Office of Computing & Communications at the University of
Washington specifically with novice computer users in mind, but it
can be tailored to accommodate the needs of more advanced users. The
Pico Editor is the editor that Pine uses.
TIN News Reader
TIN is a full screen news reader for terminals or terminal
emulators on UNIX systems.
Data Base Management System:
PostgreSQL database (IAEPSQL)
Mozilla LDAP SDK (IAELDAPSDK)
An Open Source LDAP directory server. This version of
OpenLDAP supports Version 3 of the LDAP protocol.
Email and Newsgroup client:
is a cross-platform E-mail and news client developed by the Mozilla
File Transfer Services: .
Pure-FTPd Server (IAEPUREFTP)
is another file transfer protocol server available for installation.
If you choose to install both the WU-FTPD and Pure-FTPd servers,
you must indicate which FTP server you want to enable on your system.
Because these servers share the same port, you can enable only one
FTP server on the system at any given time. You can switch from one
server to another at any time.
HP recommends Pure-FTPd server for its speed and security. Its
has the following features:
On the fly compression and archiving
Classification of users on type and location
Restricted guest accounts
Mozilla Firefox (IAEFIREFOX)
Firefox is a free
open source Web browser based on the Mozilla code base.
E-Mail Servers. — E-mail servers provide electronic mail
services to clients. Open Source software E-mail servers that use
POP3 (Post Office Protocol) and IMAP4 (Internet Message Access Protocol)
protocols are available as an option during installation. The Internet Express kit
includes the following E-mail-related software:
Clam AntiVirus and Amavisd-new anti-virus tools (IAECLAMAMAVIS)
Clam AntiVirus for UNIX provides a flexible and scalable multi-threaded
daemon for e-mail scanning. Amavisd-new is a high-performance interface
between mailer (MTA) and content checkers: virus scanners.
Cyrus IMAP4 CMU Cyrus IMAP mail server (IAECYRIMAP)
— Depends on Tcl runtime components (IAETCLRT)
Cyrus SASL Library (IAECYRSASL)
Qualcomm popper POP3 Mail Server
Program (IMP) IMAP-based Webmail system (IAEIMP)
Mailman - The GNU Mailing List Management System (IAEMAILMAN)
Mailman is used to manage mailing and e-newsletter lists. The
web facility provided for Mailman makes the account/list management
easy. Users can use the Web facility to perform activities such as
subscribe/unsubscribe, view the members of the list, and post a message.
List administrators can use the web facility for wide range of operations
like archiving, membership management, language options, and handling
Majordomo Automated Internet Mailing Lists Server
Majordomo is a set of programs that automate the operation
and maintenance of Internet mailing lists. Majordomo automatically
handles requests to subscribe to, or unsubscribe from, mailing lists;
it supports closed lists (subscription requests are sent to the list
owner for approval) and moderated lists (all messages are sent to
the list owner for approval before sending to subscribers). Lists
that are set up under the control of Majordomo can be manipulated
by electronic mail, so the list owner does not have to be on the system
where Majordomo is running.
ProcMail Mail Filtering Language (IAEPROC)
ProcMail is the mail processing language
written by Stephen van den Berg of Germany. Using ProcMail, you can
filter hundreds or thousands of incoming mail messages per day according
to a predefined set of rules. Because the ProcMail utility understands
details about most UNIX mail transport and delivery agents, it is
the tool of choice for writing custom mail filtering scripts.
Sendmail Mail Transport Agent (IAESMTP)
You can choose Sendmail as an option during installation.
Sendmail is the BSD Mail Transport Agent supporting E-mail transport
by means of TCP/IP using Simple Mail Transfer Protocol (SMTP).
The Internet Express installation configures the system to use Sendmail
instead of the older version of Sendmail installed with the Tru64 UNIX operating
Choosing this option also installs the bogofilter spam-filtering
University of Washington IMAP4 Mail Server (IAEIMAP)
Internet Relay Chat Server (IAECHAT)
Internet Relay Chat (IRC)
allows users to communicate with each other, in real time, across
a network of Internet servers.
Internet Monitor (IAEMON)—Depends on Secure Web Server
(IAEAPCH), PostgreSQL database (IAEPSQL), Internet Monitor Documentation
(IAEMOND), and Java Version 1.3.1 or higher.
The Internet Monitor allows
administrators to monitor Internet services running on a Tru64 UNIX system.
Documentation for the Internet Monitor (IAEMOND) —
You can access the documentation from the Internet Express bookshelf if it
is installed, or from the Installation and Documentation CD–ROM.
The Berkeley Internet Name Domain (BIND)
service is a client/server model that allows client systems to obtain
host names and addresses from DNS servers.
InterNetNews (INN) Server, a complete Usenet system
The InterNetNews (INN)
server is initially configured as a local news server. See the Administration Guide for information on configuring
the news server for external newsfeeds. You can choose InterNetNews
(INN) as an option during installation.
PC Connectivity Services:
Samba File and Print Server for Windows (IAESMB)
Samba File and Print Server serves UNIX files and print queues to
PC clients by implementing the SMB protocol (also
known as the Lan Manager or Netbios protocol).
Dante SOCKS Proxy Server (IAEDANTE)
Dante is a circuit-level firewall/proxy that can be used to
provide convenient and secure network connectivity to a wide range
of hosts while requiring only the server Dante runs on to have external
Once installed and configured, Dante can in most cases be made
transparent to the clients while offering detailed access control
and logging facilities to the server administrator.
Dante is developed by Inferno Nettverk A/S, Norway.
Squid Proxy/Caching Server (IAESQD)
Proxy/Caching Server enhances the performance of your Web server by
caching requested Web pages in a centralized area, making these pages
immediately available to all users at your site. If you choose to
install this server, the installation procedure sets up a basic configuration
The subset includes Calamaris, which parses log files from Squid
and generates a report.
The installation procedure renames the existing Squid configuration
file, /usr/internet/squid/etc/squid.conf, to squid.conf.OLD. (In versions prior to Internet Express Version
5.9, the configuration file was retained when a new version of Squid
was installed.) Any modifications to the old configuration file must
be manually applied to the new configuration file.
Privacy Guard) is a tool for secure communication and data storage.
Snort Intrusion Detection system (IAESNORT)
Snort enables you to
log packets, and track network activity on IP networks.
TCP Wrapper Access Control for Internet Services
TCP Wrapper intercepts an incoming network connection
and verifies whether the connection is allowed before passing the
connection to the actual network daemon. TCP Wrapper is configured
through the /etc/hosts.allow file. Note that the
default security level for all administration services (except poppassd) is set to world access at installation. See the Administration Guide for information on modifying security
Service Location Protocol Services:
OpenSLP Server (IAESLP)
OpenSLP is an implementation
of the Service Location Protocol (SLP), a protocol that provides a
framework to allow networking applications to discover the existence,
location, and configuration of networked services in enterprise networks.
Perl Practical Extraction and Report Language (IAEPERL)
Perl is an interpreted scripting language commonly used
to write Common Gateway Interface (CGI) programs for Web servers.
Perl is included with Internet Express as a separate subset (IAEPERL). Several subsets require Perl Version 5.003 or later. If you have
already installed Perl Version 5.003 or later, the Internet Express Version
6.7 subset (IAEPERL) is optional. If you do not
have Perl Version 5.003 or later already installed, subsets that depend
on Perl will require the IAEPERL subset.
Python is an interpreted, interactive, object-oriented
programming language which incorporates classes, dynamic data types,
dynamic typing, modules, and exceptions. It is extensible in C or
C++ and has interfaces to many system calls, libraries, and various
Apache Struts (IAESTRUTS)
Apache Struts is a free
open-source framework for creating Java web applications.
Secure Web Server 1.3 (Powered by Apache) (IAEAPCH)
Secure Web Server (which includes the analog Web site analysis tool
and the PHP Hypertext Preprocessor )
A public Web server with a default homepage can optionally be
Secure Web Server 2.0 (Powered by Apache 2.0) (IAEHTTPD)
Secure Web Server Administration Utility (IAEAPAD)—Depends
on Secure Web Server (IAEAPCH), Internet ExpressAdministration Utility (IAEADM),
and Tcl runtime components (IAETCLRT).
The Secure Web Server Administration
Utility allows you to control and configure each of the Secure Web Server instances
created by Internet Express components you have installed. This includes
the public Web server created when you installed the Secure Web Server (1.3
and/or 2.0) and the administration Web servers created when you installed
the Internet Express Administration Utility, the Secure Web Server Administration
Utility, and the Internet Monitor.
PHP hypertext preprocessor (IAEAPCH and IAEHTTPD):
The PHP hypertext preprocessor is included in the Secure Web
Server (1.3 and 2.0) and allows you to create dynamic Web content
by embedding conditional directives in your HTML file.
Secure Web Server Documentation (IAEAPDOC)
The Secure Web Server documentation is available on line in HTML format
only after installation. You can access the documentation from the
Administration utility on port 8081 or from the Installation and Documentation
Tomcat Java Servlet and JSP Engine (IAETOMCAT)
ht://Dig – A World Wide
Web indexing and searching tool (IAEHTDIG)
ht://Dig system is a complete indexing and searching system for a
domain or intranet. It can search through many servers on a network
by acting as a Web browser.
XML (Extensible Markup Language) Tools:
Apache Cocoon Servlet (IAEXML)
subset installs and configures Apache Cocoon as a servlet in Tomcat.
Cocoon can be used for the automatic creation of HTML from XML
files as well as XSL:FO rendering to PDF files, and client-dependent
transformations such as WML formatting for WAP-enabled devices. For
more information on Cocoon's capabilities, refer to their documentation
When you install the IAEXML subset, a webapp directory is created
in /usr/internet/httpd/tomcat/cocoon. Files needed
by the Cocoon servlet should be placed in this directory. Some samples
are also included, which can be accessed at http://localhost/cocoon/servlets/samples/index.xml. Information on the current Cocoon configuration is available from http://localhost/cocoon/Cocoon.xml.
Apache Cocoon Servlet (IAEXML) depends on Tomcat (IAETOMCAT) and Java
XML-Based Client Tools (IAEXMLJLIB) This subset installs and configures
the Apache Cocoon Servlet for XML-based Web Publishing.
Apache Axis Server (IAESOAP)
subset installs and configures Apache Axis using the Secure Web Server
public instance and Tomcat.
Apache Axis Server (IAESOAP) depends on Tomcat (IAETOMCAT),
Java XML-Based Client Tools (IAEXMLJLIB), and Java version 1.3.1 or
higher. This subset installs and configures a SOAP Server for deploying,
managing and running SOAP enabled services.
C++ XML-Based Client Tools (IAEXMLCLIB) – installs
the following client libraries:
Xerces - XML parser for C++
Xalan - XSLT Stylesheet Processor for C++
Libxml2 - XML parser and toolkit for C
Libraries are installed in /usr/local/lib and documentation for each component is provided in the /usr/internet/docs/ directory. Include files for Xerces
and Xalan are installed in /usr/local/include/xml and libxml2 header files are located in /usr/local/include/libxml2.
Java XML-Based Client Tools (IAEXMLJLIB) – installs
From the Apache XML (Extensible Markup Language)
|Xerces - XML parser for Java|
|Xalan - XSLT Stylesheet Processor for Java|
|Batik - Java-based toolkit for Scalable Vector Graphics (SVG)|
|FOP - XSL Formatting Object Processor|
|Cocoon Libraries - XML-Based Web Publishing Framework|
|Axis Client - SOAP Client Libraries|
Developed as an IBM Open Source Project:
|UDDI4J - UDDI Client Libraries|
Various supplemental libraries required by Axis, UDDI4J
|JavaBeans Activation Framework|
|Bean Scripting Framework|
|Java Secure Socket Extension - global version|
Supplemental libraries required by Cocoon:
From Apache Jakarta Project:
PJA - Pure Java AWT Toolkit developed by eTeks
Resolver - XML Entity and URI Resolvers from Sun Microsystems