Domino Linux Server Installation Notes:
1. Do the changes to nofiles and security pam settings outlined in the release notes.
Edit /etc/security/limits.conf using root and add or modify the lines:
notes soft nofile 20000
notes hard nofile 49152 (use 60000 for 32bit for Domino 9)
or
notes hard nofile 65535
(where notes is / will be the o/s username for the server. Use 49152 for 32 bit Linux and use 66635 for 64 bit Linux)
Add to appropriate pam.d login files:
session required /lib/security/pam_limits.so
Notes:
Not in RedHat ES 6.
Skip pam/security updates above for Domino 8, it does them automatically.
$ vi /etc/selinux/config
Change to SELINUX=disabled and save.
(<esc> :wq <enter> to save)
If you are running CENTOS / RedHat 64bit, you can tell yum to always update/install both 32bit and 64bit. This saves me time.
# vi /etc/yum.conf
add the following line: multilib_policy=all
(<esc> :wq <enter> to save)
If you do not like installing both 64bit and 32bit, you can install just 32bit packages by appending .686. For example: yum install glibc.686 vs just yum install glibc.
For the console mode of the installation, you need to verify the following packages are installed:
rpm -qa <packagename>
Syntax to install downloaded RPMs.
rpm -ivh glibc-2.12-1.7.el6.i686
rpm -ivh libgcc-4.4.4-13.el6.i686
rpm -ivh libstdc++-4.4.4-13.el6.i686
To install these w/yum:
# yum install glibc
# yum install libgcc
# yum install libstdc++
# yum install perl (Needed if you installed with a minimal install.)
Note:
RedHat 6.4 had libstdc++-4.4.7-3.el6.x86_64 but not the 32bit package, too. Domino 64 bit will run okay without the 32 bit on, but the Social Edition package MAY not - it tested okay, but the docs say no. It's installation says it requires the 32 bit packages as well. To install a 32bit version(s), as needed, enter:
# yum install glibc.i686
# yum install libgcc.i686
# yum install libstdc++.i686
For the X-windows Java version, you need to verify the following packages are installed:
rpm -ivh libXtst-1.0.99.2-3.el6.i686
rpm -ivh libXmu-1.0.5-1.el6.i686
rpm -ivh libXp-1.0.0-15.1.el6.i686
rpm -ivh libXft-2.1.13-4.1.el6.i686.rpm
rpm -ivh libXi-1.3-3.el6.i686.rpm
To install these, enter:
# yum install libXtst.i686
# yum install libXmu.i686
# yum install libXp.i686
# yum install libXft.i686
# yum install libXi.i686 (did not have to run this command as installed already as dependancy of another.)
Set up ntp:
$ ntpdate pool.ntp.org
$ chkconfig ntpd on
2. Create notes (domino) user. Make sure the opt/lotus is signed by root, and the notesdata folder is signed for the notes server user.
# useradd -d /home/notes -m notes
- or to include a specific UID ID -
# useradd -d /home/notes -m notes -u 1008
# passwd notes
# vi /home/notes/.bashrc
Add to the end of the file: export DOMINO_LINUX_SET_PARMS=1
Create the installation data/notesdata folder.
# cd /local
# mkdir notesdata
# chown -R notes /local/notesdata
# chgrp -R notes /local/notesdata
# chmod -R g+w /local/notesdata
2b. Install VMware tools if server is VM. (Choose option VM --> Guest --> Install VMware Tools first.)
# mount /dev/cdrom /media
# cp /media/VMware*.tar.gz /root/tmp/
# cd /root/tmp/
# tar -zxf VMware*.tar.gz
# cd vmware-tools-distrib
# ./vmware-install.pl
To update config aftwards:
# cd /usr/bin/vmware-tools-distrib
# ./vmware-config-tools.pl
Alternately, you can use the Open VM tools. Create a repo for it.
# touch /etc/yum.repos.d/vmware-tools.repo
# vi /etc/yum.repos.d/vmware-tools.repo
(add the following text)
[vmware-tools]
name = VMware Tools
baseurl = http://packages.vmware.com/packages/rhel7/x86_64/
enabled = 1
gpgcheck = 1
<esc>:wq
# yum install update
# yum install open-vm-tools-deploypkg
3. Assuming Firewall is enabled, go through and add additional ports (e.g .1352:tcp,2050:tcp, ...). Restart iptables.
Note: CentOS 7 and RedHat 7 use firewall-cmd now, skip down.
CentOS 7/ RedHat 7:
# firewall-cmd --zone=public --add-port=1352/tcp --permanent
# firewall-cmd --zone=public --add-port=80/tcp --permanent
# firewall-cmd --zone=public --add-port=443/tcp --permanent
# firewall-cmd --zone=public --add-port=2050/tcp --permanent
# firewall-cmd --zone=public --add-port=22/tcp --permanent
or better...
# firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="192.168.199.0/16" port protocol="tcp" port="22" accept"
# firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="192.168.211.0/28" port protocol="tcp" port="25" accept"
# firewall-cmd --reload
Confirm loaded and running:
# firewall-cmd --state
4. If running multiple IPs, update the network configuration with second ethernet. Also update hosts as needed.
(Watch out for the gui tool to wipe out hosts and the 127.0.0.1 loopback address!)
5. If you need to add a mount, update etc/fstab.
e.g. /dev/sdb1 /local/notesdata ext3 defaults 1 1
6. Samba configuration can be done via gui. However, for greater granularity, directly update the samba.conf file.
7. Watch for sendmail actually still running and turn it off! In RedHat 5 or 6, CentOS 6 seems to run Postfix, too. Postfix is installed/running. (It runs on port 25. Used chkconfig command. )
# service postfix stop
# chkconfig postfix off
8. The startup/shutdown script needs to have unix2dos (e.g. unix2dos domino) to convert carriage returned if edited under windows. Needs chmod 755 domino and made executable. Then add to services list.
 rc_domino_script rc_domino_config_lotusnotes domino.service domino
Copy the files. Update the notes username, if necessary and folder paths, if not using the ones above.
rc_domino_script --> /opt/ibm/domino/
rc_domino / domino --> /etc/init.d/
domino.service --> /etc/systemd/system/
rc_domino_config_lotusnotes --> /etc/sysconfig/
Enable the new SystemD service:
# systemctl enable domino.service
# systemctl disable domino.service
# cd /etc/init.d
# chmod +x domino
# chkconfig --add domino
9. create the lotus/domino/lotusnotes user (don't forget the -d and -m flags when using adduser, especially on Ubuntu).
10. install domino by un-taring the tarball and running the setup.
# tar -xvf lotus_domino***_xlinux_en.tar (installs for Domino 7 and Domino 8 need this syntax)
# cd linux/domino/
# ./install
# tar -xvf DOMINO***_EN.tar (installs for Domino 9 - only change is the filename)
# cd linux64/domino/ (assuming using the 64bit version of Domino)
# NUI_NOTESDIR=/opt/lotus (or NUI_NOTESDIR=/opt/ibm/domino in the newer releases)
# export NUI_NOTESDIR
# ./install
Take the defaults unless you need to change them. The install should auto-detect the folders and the domino user id.
11. To run the setup (assuming this was not an upgrade)
For Domino7 / Domino 8:
# cd /local/notesdata
# /opt/lotus/bin/server -listen
For Domino 9:
# cd /local/notesdata
# /opt/ibm/domino/bin/server -listen
Domino 9 Social Edition Tools Install:
1. Copy the install tar after downloading from IBM Lotus Passport site to the server. (I use Filezilla on my Mac.)
2. Untar the tar with:
# cd /home/sysadmin/tmp
# tar -xvf *.tar
We need to fix the script files. For some reason, all the executable scripts are just rw (w/o the x). We need to fix the main ./install script file and the scripts in tools subfolder of the linux64 folder.
# cd linux64/domino
# chmod +x install
# cd tools
# chmod +x *.*
# cd ..
3. Run the install.
# NUI_NOTESDIR=/opt/lotus/
# export NUI_NOTESDIR
# ./install
Take the defaults unless you need to change them. The install should auto-detect the folders and the domino user id.
4. Restart the domino service
# service domino start
_____________________________________________________________________________
Obsolyte - Old CentOS 6/RedHat 6 Info:
CentOS6/Redhat6 Simple Domino init.d Script
 domino
 domino_rc-script
IPTables CentOS 6 / RedHat 6 and earlier:
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 1352 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 993 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 995 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.199.0/16 --dport 25 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.199.0/16 --dport 636 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.199.0/16 --dport 2050 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp -s 192.168.199.0/16 --dport 22 -j ACCEPT
# iptables-save > /etc/sysconfig/iptables
# service iptables restart
previous page
|