Internet Express Version 6.7 for Tru64 UNIX: Installation Guide

Chapter 1 Installation Overview

  Table of Contents

  Index

You can run the Internet Express installation procedure in a Web browser or on the command line. You choose the method you want to use early in the installation process. Chapter 2 explains how to use a Web browser to install Internet Express.

After completing the installation, perform some of the tests described in Chapter 3 to verify the installation. For troubleshooting information, see Chapter 4.

Note:

When run in a Web browser, the installation procedure provides links to this document for online help in HTML format.

Installation Prerequisites

For information on supported hardware configurations, see the QuickSpecs. Table 1-1 describes the minimum system configuration recommended for Internet Express Version 6.7.

Table 1-1 Minimum System Configuration Recommended for Internet Express Version 6.7

Maximum /usr file system disk spaceApproximately 1200 MB for a full installation of all components.
Memory256 MB
Operating system version Tru64 UNIX Version 5.1B and higher

 

Disk space and memory requirements can vary depending on your system configuration and the Internet Express subsets you install.

Most of the disk space required by the Internet Express Version 6.7 installation is in the /usr file system. Less than 400 KB is required in the / (root) file system and 1.6 MB in the/var file system, except that during the installation procedure, approximately 1 MB of extra space is temporarily used in the /var file system.

To avoid any potential installation errors or system misconfiguration, the installation procedure verifies that the required amount of swap space is available before installing each subset. Subsets will not be installed if the available swap space drops below 20 percent.

If this should happen, you can add another swap partition. (See swapon(8).) If you allow the installation procedure to switch your system to deferred (or lazy) swap mode, you can reboot the system for the swap mode to take effect. The deferred swap mode will allow you to make more efficient use of your swap space. Once the swap space problems are solved, you can rerun the installation procedure to install any chosen subsets that did not get installed earlier.

Certain Internet Express components require the Java Environment to be installed prior to the intallation of the subset. Table 1-2 shows the components and the minimum Java Environment (JAVAnnn or OSFJAVAnnn subset) required.

Table 1-2 Java Requirements for Components

ComponentSubset NameRequired Java
Internet Monitor IAEMON Java SDK 1.3.1 or later
LDAP Browser IAEOLDAP Java JRE/SDK 1.3.1 or later
Axis ServerIAESOAP Java JDK/SDK 1.3.1 or later
Axis/UDDI4J ClientsIAEXMLJLIBJava JDK/SDK 1.3.1 or later
Tomcat IAETOMCATJava JDK/SDK 1.4 or later

 

The JDK kit can be downloaded from the following Web site:

http://h18010.www1.hp.com/java/download/index.html

If Internet Express is already installed on your system, you do not need to remove it before installing Version 6.7 of the product. The Version 6.7 installation procedure updates your earlier version, preserving configuration files and user data. Updates from Versions 6.4 and 6.5 to 6.7 are supported, and updates from earlier versions should also work. (Earlier versions of this product are named Open Source Internet Solutions.)

Network and DNS Client Configuration Worksheets

If the installation procedure determines that your network or Domain Name System (DNS) is not configured on your system, the procedure does a minimal configuration based on information that you provide during the installation procedure. The worksheets in the following sections can help you gather and organize the information requested during installation to configure the network and DNS. In cases where you must obtain addresses, contact your Internet service provider (ISP) or system manager.

Network Configuration Worksheet

Use the following worksheet to gather network configuration data before installing Internet Express Version 6.5:

Type of InformationExampleEntry
Network interfacetu0 
Host name for this machinemyhost 
IP address for the network interface10.55.39.182 
Subnet mask255.255.255.0 
Default gateway IP address10.55.39.100 
Network daemons and static routingrouted -q 

Note:

If you intend to configure FireScreen after installing Internet Express to set up your system as a firewall, record the information for both network interfaces in the worksheet. Then use the sysman system management utility to configure the system as a gateway using the information from the worksheet. Enter the following command in a terminal window when logged in as root after the Internet Express installation has completed:

# /usr/sbin/sysman network 

See the Administration Guide for information on installing and configuring the FireScreen firewall.

DNS Client Configuration Worksheet

The Domain Name System (DNS) is a naming system that provides a service for resolving host names to Internet Protocol (IP) address (and vice versa). The implementation of DNS on most UNIX systems is BIND (Berkeley Internet Name Domain). BIND is a network-naming service that enables servers to name resources or objects and to share information with other objects on the network.

Use the following worksheet to gather DNS client configuration data before installing Internet Express:

Type of InformationExampleEntry
Is the system a DNS server or client?client 
Domain namesite.org.com 
Host name of primary name serverdnssrvr1 
IP address of primary name server10.55.39.186 

The Internet Express installation procedure invokes the bindconfig utility and allows you to configure a primary name server. To set up a secondary name server, invoke the bindconfig utility on the command line.

Internet Express Components and Subsets

The Internet Express product consists of Open Source Internet software, Internet Monitor, LDAP Module for System Authentication, and administration software developed by HP. All components are optional, except when required as a prerequisite to another component you selected. The installation procedure automatically selects all prerequisite components when you select a component that is dependent on other components.

The following software components are installed as part of the following Internet Express subsets. See the Software Description and Licensing Terms for a list of the current version numbers for the components.

Note:

Subset names appear in parentheses after the component name.

Administration Utility:  (IAEADM) — Depends on subsets for the UNIX client applications for Mail (Pine) and news (TIN News Reader) (IAEUXCA), Tcl runtime components- (IAETCLRT), Secure Web Server and Administration utility, (IAEAPCH and IAEAPAD), and Internet Express documentation (IAEDOC).

The Administration utility allows you to:

  • Configure and manage the components you choose to install.

  • Install and configure FireScreen to set up your system as a firewall. (Internet Express also provides a command-line script, /usr/internet/security/firescreen.setup, for installing and configuring FireScreen. See the Administration Guide for more information. You should use the Administration utility to perform this task.)

  • Add, modify, and delete captive user accounts and UNIX system user accounts, and configure mail delivery.

  • Perform other system management tasks (such as managing printers and rebooting the system).

Internet Express Documentation: (IAEDOC) — The Internet Express documentation is available on line in HTML format only after installation. You can access the documentation from the Administration utility on port 8081 or from the Installation and Documentation CD–ROM. See the Section : Related Documentation section of the preface for a description of the documentation.

To read the reference pages supplied with or referred to in the Internet Express product (using the man command or the webman utility), the Tru64 UNIX Documentation Preparation Tools subset (OSFDCMT) must be installed on your system.

Authentication Services: 

  • LDAP Module for System Authentication (IAELDAM)

    The LDAP Module for System Authentication is based on the Tru64 UNIX Security Integration Architecture (SIA) security mechanism. The LDAP Module for System Authentication allows user identification and authentication information stored in an LDAP server to be used by applications, including the following:

    • login authentication (rlogin, ftp, and telnet)

    • POP and IMAP authentication

    • transparent LDAP database access for the getpw*() and getgr*() routines in the libc library

    The LDAP Module for System Authentication subset includes tools designed to query the LDAP server for user and group information. You can choose the LDAP Module for System Authentication as an option during installation.

  • FreeRADIUS Server (IAEFRAD)

    The FreeRADIUS Server configures user authentications services.

Command Line Utilities: 

  • Lynx Web Browser for terminals (IAELYNX)

    Lynx is a fully featured World Wide Web (WWW) line browser for users connected to a system by cursor-addressable, character-cell terminals or terminal emulators. Lynx is a product of the Distributed Computing Group within Academic Computing Services of The University of Kansas. You can choose Lynx Open Source software as an option during installation. This option includes help files for the Lynx Browser.

  • UNIX client applications for Mail (Pine) and news (TIN) (IAEUXCA):

    • Pine Mail Client and Pico Editor

      Pine (Program for Internet News & Email) is a tool for reading, sending, and managing electronic messages on a terminal or terminal emulator. Pine was designed by the Office of Computing & Communications at the University of Washington specifically with novice computer users in mind, but it can be tailored to accommodate the needs of more advanced users. The Pico Editor is the editor that Pine uses.

    • TIN News Reader

      TIN is a full screen news reader for terminals or terminal emulators on UNIX systems.

Data Base Management System: 

  • PostgreSQL database (IAEPSQL)

  • MySQL (IAEMYSQL)

Directory Services: 

  • Mozilla LDAP SDK (IAELDAPSDK)

  • OpenLDAP (IAEOLDAP)

    An Open Source LDAP directory server. This version of OpenLDAP supports Version 3 of the LDAP protocol.

Email and Newsgroup client: 

  • Thunderbird (IAETHUNBIRD)

    Thunderbird is a cross-platform E-mail and news client developed by the Mozilla Foundation.

File Transfer Services: . 

  • Pure-FTPd Server (IAEPUREFTP)

    Pure-FTPd is another file transfer protocol server available for installation. If you choose to install both the WU-FTPD and Pure-FTPd servers, you must indicate which FTP server you want to enable on your system. Because these servers share the same port, you can enable only one FTP server on the system at any given time. You can switch from one server to another at any time.

    HP recommends Pure-FTPd server for its speed and security. Its has the following features:

    • Logging of transfers

    • Logging of commands

    • On the fly compression and archiving

    • Classification of users on type and location

    • Per class limits

    • Restricted guest accounts

    • Directory alias

    • Directory alias

    • File name filter

    • Virtual host support

Firefox browser: 

  • Mozilla Firefox (IAEFIREFOX)

    Firefox is a free open source Web browser based on the Mozilla code base.

E-Mail Servers. — E-mail servers provide electronic mail services to clients. Open Source software E-mail servers that use POP3 (Post Office Protocol) and IMAP4 (Internet Message Access Protocol) protocols are available as an option during installation. The Internet Express kit includes the following E-mail-related software:

  • Clam AntiVirus and Amavisd-new anti-virus tools (IAECLAMAMAVIS)

    Clam AntiVirus for UNIX provides a flexible and scalable multi-threaded daemon for e-mail scanning. Amavisd-new is a high-performance interface between mailer (MTA) and content checkers: virus scanners.

  • Cyrus IMAP4 CMU Cyrus IMAP mail server (IAECYRIMAP) — Depends on Tcl runtime components (IAETCLRT)

  • Cyrus SASL Library (IAECYRSASL)

  • Qualcomm popper POP3 Mail Server (IAEPOP)

  • Internet Messaging Program (IMP) IMAP-based Webmail system (IAEIMP)

  • Mailman - The GNU Mailing List Management System (IAEMAILMAN)

    Mailman is used to manage mailing and e-newsletter lists. The web facility provided for Mailman makes the account/list management easy. Users can use the Web facility to perform activities such as subscribe/unsubscribe, view the members of the list, and post a message. List administrators can use the web facility for wide range of operations like archiving, membership management, language options, and handling moderator requests.

  • Majordomo Automated Internet Mailing Lists Server (IAEMAJD)

    Majordomo is a set of programs that automate the operation and maintenance of Internet mailing lists. Majordomo automatically handles requests to subscribe to, or unsubscribe from, mailing lists; it supports closed lists (subscription requests are sent to the list owner for approval) and moderated lists (all messages are sent to the list owner for approval before sending to subscribers). Lists that are set up under the control of Majordomo can be manipulated by electronic mail, so the list owner does not have to be on the system where Majordomo is running.

  • ProcMail Mail Filtering Language (IAEPROC)

    ProcMail is the mail processing language written by Stephen van den Berg of Germany. Using ProcMail, you can filter hundreds or thousands of incoming mail messages per day according to a predefined set of rules. Because the ProcMail utility understands details about most UNIX mail transport and delivery agents, it is the tool of choice for writing custom mail filtering scripts.

  • Sendmail Mail Transport Agent (IAESMTP)

    You can choose Sendmail as an option during installation. Sendmail is the BSD Mail Transport Agent supporting E-mail transport by means of TCP/IP using Simple Mail Transfer Protocol (SMTP).

    The Internet Express installation configures the system to use Sendmail instead of the older version of Sendmail installed with the Tru64 UNIX operating system.

    Choosing this option also installs the bogofilter spam-filtering software.

  • University of Washington IMAP4 Mail Server (IAEIMAP)

Messaging Services: 

  • Internet Relay Chat Server (IAECHAT)

    Internet Relay Chat (IRC) allows users to communicate with each other, in real time, across a network of Internet servers.

Monitoring Services: 

  • Internet Monitor (IAEMON)—Depends on Secure Web Server (IAEAPCH), PostgreSQL database (IAEPSQL), Internet Monitor Documentation (IAEMOND), and Java Version 1.3.1 or higher.

    The Internet Monitor allows administrators to monitor Internet services running on a Tru64 UNIX system.

    Note:

    The Internet Monitor depends on the Java Environment. See Section : Installation Prerequisites for more information about this requirement.

  • Documentation for the Internet Monitor (IAEMOND) — You can access the documentation from the Internet Express bookshelf if it is installed, or from the Installation and Documentation CD–ROM.

Networking Services: 

  • DNS/BIND (IAEBIND)

    The Berkeley Internet Name Domain (BIND) service is a client/server model that allows client systems to obtain host names and addresses from DNS servers.

News Services: 

  • InterNetNews (INN) Server, a complete Usenet system (IAEINN)

    The InterNetNews (INN) server is initially configured as a local news server. See the Administration Guide for information on configuring the news server for external newsfeeds. You can choose InterNetNews (INN) as an option during installation.

PC Connectivity Services: 

  • Samba File and Print Server for Windows (IAESMB)

    The Samba File and Print Server serves UNIX files and print queues to PC clients by implementing the SMB protocol (also known as the Lan Manager or Netbios protocol).

Proxy Services: 

  • Dante SOCKS Proxy Server (IAEDANTE)

    Dante is a circuit-level firewall/proxy that can be used to provide convenient and secure network connectivity to a wide range of hosts while requiring only the server Dante runs on to have external network connectivity.

    Once installed and configured, Dante can in most cases be made transparent to the clients while offering detailed access control and logging facilities to the server administrator.

    Dante is developed by Inferno Nettverk A/S, Norway.

  • Squid Proxy/Caching Server (IAESQD)

    The Squid Proxy/Caching Server enhances the performance of your Web server by caching requested Web pages in a centralized area, making these pages immediately available to all users at your site. If you choose to install this server, the installation procedure sets up a basic configuration for you.

    The subset includes Calamaris, which parses log files from Squid and generates a report.

    The installation procedure renames the existing Squid configuration file, /usr/internet/squid/etc/squid.conf, to squid.conf.OLD. (In versions prior to Internet Express Version 5.9, the configuration file was retained when a new version of Squid was installed.) Any modifications to the old configuration file must be manually applied to the new configuration file.

Security Services: 

  • GnuPG (IAEGNUPG)

    (GNU Privacy Guard) is a tool for secure communication and data storage.

  • Snort Intrusion Detection system (IAESNORT)

    Snort enables you to log packets, and track network activity on IP networks.

  • TCP Wrapper Access Control for Internet Services (IAETCPW)

    TCP Wrapper intercepts an incoming network connection and verifies whether the connection is allowed before passing the connection to the actual network daemon. TCP Wrapper is configured through the /etc/hosts.allow file. Note that the default security level for all administration services (except poppassd) is set to world access at installation. See the Administration Guide for information on modifying security levels.

Service Location Protocol Services: 

  • OpenSLP Server (IAESLP)

    OpenSLP is an implementation of the Service Location Protocol (SLP), a protocol that provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks.

Software Development: 

  • Perl Practical Extraction and Report Language (IAEPERL)

    Perl is an interpreted scripting language commonly used to write Common Gateway Interface (CGI) programs for Web servers. Perl is included with Internet Express as a separate subset (IAEPERL). Several subsets require Perl Version 5.003 or later. If you have already installed Perl Version 5.003 or later, the Internet Express Version 6.7 subset (IAEPERL) is optional. If you do not have Perl Version 5.003 or later already installed, subsets that depend on Perl will require the IAEPERL subset.

  • Python (IAEPYTHON)

    Python is an interpreted, interactive, object-oriented programming language which incorporates classes, dynamic data types, dynamic typing, modules, and exceptions. It is extensible in C or C++ and has interfaces to many system calls, libraries, and various window systems.

  • Apache Struts (IAESTRUTS)

    Apache Struts is a free open-source framework for creating Java web applications.

Note:

The kit includes the Tcl runtime subset (IAETCLRT), containing Tcl, TclTk, Tcl_cgi, TclX, and expect, solely to provide support required by other components.

Web Services: 

  • Secure Web Server 1.3 (Powered by Apache) (IAEAPCH)

    Secure Web Server (which includes the analog Web site analysis tool and the PHP Hypertext Preprocessor )

    A public Web server with a default homepage can optionally be created.

  • Secure Web Server 2.0 (Powered by Apache 2.0) (IAEHTTPD) and (IAEAPCH)

    Includes PHP.

  • Secure Web Server Administration Utility (IAEAPAD)—Depends on Secure Web Server (IAEAPCH), Internet ExpressAdministration Utility (IAEADM), and Tcl runtime components (IAETCLRT).

    The Secure Web Server Administration Utility allows you to control and configure each of the Secure Web Server instances created by Internet Express components you have installed. This includes the public Web server created when you installed the Secure Web Server (1.3 and/or 2.0) and the administration Web servers created when you installed the Internet Express Administration Utility, the Secure Web Server Administration Utility, and the Internet Monitor.

  • PHP hypertext preprocessor (IAEAPCH and IAEHTTPD):

    The PHP hypertext preprocessor is included in the Secure Web Server (1.3 and 2.0) and allows you to create dynamic Web content by embedding conditional directives in your HTML file.

  • Secure Web Server Documentation (IAEAPDOC)

    The Secure Web Server documentation is available on line in HTML format only after installation. You can access the documentation from the Administration utility on port 8081 or from the Installation and Documentation CD–ROM.

  • Tomcat Java Servlet and JSP Engine (IAETOMCAT)

  • ht://Dig – A World Wide Web indexing and searching tool (IAEHTDIG)

    The ht://Dig system is a complete indexing and searching system for a domain or intranet. It can search through many servers on a network by acting as a Web browser.

XML (Extensible Markup Language) Tools: 

  • Apache Cocoon Servlet (IAEXML)

    The IAEXML subset installs and configures Apache Cocoon as a servlet in Tomcat.

    Cocoon can be used for the automatic creation of HTML from XML files as well as XSL:FO rendering to PDF files, and client-dependent transformations such as WML formatting for WAP-enabled devices. For more information on Cocoon's capabilities, refer to their documentation at http://xml.apache.org/cocoon.

    When you install the IAEXML subset, a webapp directory is created in /usr/internet/httpd/tomcat/cocoon. Files needed by the Cocoon servlet should be placed in this directory. Some samples are also included, which can be accessed at http://localhost/cocoon/servlets/samples/index.xml. Information on the current Cocoon configuration is available from http://localhost/cocoon/Cocoon.xml.

    Apache Cocoon Servlet (IAEXML) depends on Tomcat (IAETOMCAT) and Java XML-Based Client Tools (IAEXMLJLIB) This subset installs and configures the Apache Cocoon Servlet for XML-based Web Publishing.

  • Apache Axis Server (IAESOAP)

    The IAESOAP subset installs and configures Apache Axis using the Secure Web Server public instance and Tomcat.

    Apache Axis Server (IAESOAP) depends on Tomcat (IAETOMCAT), Java XML-Based Client Tools (IAEXMLJLIB), and Java version 1.3.1 or higher. This subset installs and configures a SOAP Server for deploying, managing and running SOAP enabled services.

  • C++ XML-Based Client Tools (IAEXMLCLIB) – installs the following client libraries:

    • Xerces - XML parser for C++

    • Xalan - XSLT Stylesheet Processor for C++

    • Libxml2 - XML parser and toolkit for C

    Libraries are installed in /usr/local/lib and documentation for each component is provided in the /usr/internet/docs/ directory. Include files for Xerces and Xalan are installed in /usr/local/include/xml and libxml2 header files are located in /usr/local/include/libxml2.

    Note:

    The Xerces and Xalan components require Version 632 or later of the C++ Run-Time library. If you do not have an adequate version of this Run-Time Library, you will need to install the C++ Run-Time Library Redistribution kit available on the Internet Express CD-ROM or at:

    http://h30097.www3.hp.com/cplus/
  • Java XML-Based Client Tools (IAEXMLJLIB) – installs the following:

    • From the Apache XML (Extensible Markup Language) Project:

      Xerces - XML parser for Java
      Xalan - XSLT Stylesheet Processor for Java
      Batik - Java-based toolkit for Scalable Vector Graphics (SVG)
      FOP - XSL Formatting Object Processor
      Cocoon Libraries - XML-Based Web Publishing Framework
      Axis Client - SOAP Client Libraries
    • Developed as an IBM Open Source Project:

      UDDI4J - UDDI Client Libraries
    • Various supplemental libraries required by Axis, UDDI4J and Cocoon:

      JavaMail
      JavaBeans Activation Framework
      Bean Scripting Framework
      Java Secure Socket Extension - global version
      Note:

      All these tools require Java (Version 1.2.* or higher). The Axis Client and UDDI4J require Java 1.3.1 or higher. See Section : Installation Prerequisites for more information.

    • Supplemental libraries required by Cocoon:

      From Apache Jakarta Project:

      Avalon Excalibur
      Avalon Framework
      Avalon Logkit
      Commons Collections
      Commons Httpclient
      Regexp

      PJA - Pure Java AWT Toolkit developed by eTeks

      Resolver - XML Entity and URI Resolvers from Sun Microsystems